diff options
Diffstat (limited to 'packages/linux-kernel/patches')
4 files changed, 627 insertions, 0 deletions
diff --git a/packages/linux-kernel/patches/kernel/0001-VyOS-Add-linkstate-IP-device-attribute.patch b/packages/linux-kernel/patches/kernel/0001-VyOS-Add-linkstate-IP-device-attribute.patch new file mode 100644 index 00000000..c70a9f13 --- /dev/null +++ b/packages/linux-kernel/patches/kernel/0001-VyOS-Add-linkstate-IP-device-attribute.patch @@ -0,0 +1,165 @@ +From 81d38c4a32e059ad7835f7dc254e7627642afbe9 Mon Sep 17 00:00:00 2001 +From: Stephen Hemminger <stephen@networkplumber.org> +Date: Mon, 29 Apr 2013 18:50:15 -0700 +Subject: [PATCH] VyOS: Add linkstate IP device attribute + +Backport of earlier Vyatta patch. + +(cherry picked from commit 7c5a851086686be14ae937c80d6cee34814dbefc) + +--- + Documentation/networking/ip-sysctl.txt | 13 +++++++++++++ + include/linux/inetdevice.h | 1 + + include/linux/ipv6.h | 1 + + include/uapi/linux/ip.h | 1 + + include/uapi/linux/ipv6.h | 1 + + net/ipv4/devinet.c | 2 ++ + net/ipv6/addrconf.c | 9 +++++++++ + net/ipv6/route.c | 12 ++++++++++++ + 8 files changed, 40 insertions(+) + +diff --git a/Documentation/networking/ip-sysctl.txt b/Documentation/networking/ip-sysctl.txt +index 7eb9366422f5..b99d54a313a0 100644 +--- a/Documentation/networking/ip-sysctl.txt ++++ b/Documentation/networking/ip-sysctl.txt +@@ -1177,6 +1177,19 @@ rp_filter - INTEGER + Default value is 0. Note that some distributions enable it + in startup scripts. + ++link_filter - INTEGER ++ 0 - Allow packets to be received for the address on this interface ++ even if interface is disabled or no carrier. ++ ++ 1 - Ignore packets received if interface associated with the incoming ++ address is down. ++ ++ 2 - Ignore packets received if interface associated with the incoming ++ address is down or has no carrier. ++ ++ Default value is 0. Note that some distributions enable it ++ in startup scripts. ++ + arp_filter - BOOLEAN + 1 - Allows you to have multiple network interfaces on the same + subnet, and have the ARPs for each interface be answered +diff --git a/include/linux/inetdevice.h b/include/linux/inetdevice.h +index a64f21a97369..4014dd852bae 100644 +--- a/include/linux/inetdevice.h ++++ b/include/linux/inetdevice.h +@@ -133,6 +133,7 @@ static inline void ipv4_devconf_setall(struct in_device *in_dev) + #define IN_DEV_ARP_ANNOUNCE(in_dev) IN_DEV_MAXCONF((in_dev), ARP_ANNOUNCE) + #define IN_DEV_ARP_IGNORE(in_dev) IN_DEV_MAXCONF((in_dev), ARP_IGNORE) + #define IN_DEV_ARP_NOTIFY(in_dev) IN_DEV_MAXCONF((in_dev), ARP_NOTIFY) ++#define IN_DEV_LINKFILTER(in_dev) IN_DEV_MAXCONF((in_dev), LINKFILTER) + + struct in_ifaddr { + struct hlist_node hash; +diff --git a/include/linux/ipv6.h b/include/linux/ipv6.h +index 8415bf1a9776..80a0ada19c9a 100644 +--- a/include/linux/ipv6.h ++++ b/include/linux/ipv6.h +@@ -76,6 +76,7 @@ struct ipv6_devconf { + __s32 ndisc_tclass; + + struct ctl_table_header *sysctl_header; ++ __s32 link_filter; /* VyOS */ + }; + + struct ipv6_params { +diff --git a/include/uapi/linux/ip.h b/include/uapi/linux/ip.h +index e42d13b55cf3..baf8e77c201b 100644 +--- a/include/uapi/linux/ip.h ++++ b/include/uapi/linux/ip.h +@@ -169,6 +169,7 @@ enum + IPV4_DEVCONF_DROP_UNICAST_IN_L2_MULTICAST, + IPV4_DEVCONF_DROP_GRATUITOUS_ARP, + IPV4_DEVCONF_BC_FORWARDING, ++ IPV4_DEVCONF_LINKFILTER, /* VyOS only */ + __IPV4_DEVCONF_MAX + }; + +diff --git a/include/uapi/linux/ipv6.h b/include/uapi/linux/ipv6.h +index 9c0f4a92bcff..619edd130cfd 100644 +--- a/include/uapi/linux/ipv6.h ++++ b/include/uapi/linux/ipv6.h +@@ -187,6 +187,7 @@ enum { + DEVCONF_DISABLE_POLICY, + DEVCONF_ACCEPT_RA_RT_INFO_MIN_PLEN, + DEVCONF_NDISC_TCLASS, ++ DEVCONF_LINK_FILTER, + DEVCONF_MAX + }; + +diff --git a/net/ipv4/devinet.c b/net/ipv4/devinet.c +index a08d682ba676..17949eb57a5b 100644 +--- a/net/ipv4/devinet.c ++++ b/net/ipv4/devinet.c +@@ -2318,6 +2318,8 @@ static struct devinet_sysctl_table { + "route_localnet"), + DEVINET_SYSCTL_FLUSHING_ENTRY(DROP_UNICAST_IN_L2_MULTICAST, + "drop_unicast_in_l2_multicast"), ++ /* VyOS */ ++ DEVINET_SYSCTL_RW_ENTRY(LINKFILTER, "link_filter"), + }, + }; + +diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c +index 627cd24b7c0d..8c49eac27fd0 100644 +--- a/net/ipv6/addrconf.c ++++ b/net/ipv6/addrconf.c +@@ -5240,6 +5240,7 @@ static inline void ipv6_store_devconf(struct ipv6_devconf *cnf, + array[DEVCONF_ADDR_GEN_MODE] = cnf->addr_gen_mode; + array[DEVCONF_DISABLE_POLICY] = cnf->disable_policy; + array[DEVCONF_NDISC_TCLASS] = cnf->ndisc_tclass; ++ array[DEVCONF_LINK_FILTER] = cnf->link_filter; + } + + static inline size_t inet6_ifla6_size(void) +@@ -6561,6 +6562,14 @@ static const struct ctl_table addrconf_sysctl[] = { + .mode = 0644, + .proc_handler = addrconf_sysctl_disable_policy, + }, ++ /* VyOS */ ++ { ++ .procname = "link_filter", ++ .data = &ipv6_devconf.link_filter, ++ .maxlen = sizeof(int), ++ .mode = 0644, ++ .proc_handler = proc_dointvec ++ }, + { + .procname = "ndisc_tclass", + .data = &ipv6_devconf.ndisc_tclass, +diff --git a/net/ipv6/route.c b/net/ipv6/route.c +index dad35cd48807..1a2439c6a257 100644 +--- a/net/ipv6/route.c ++++ b/net/ipv6/route.c +@@ -595,6 +595,15 @@ static inline int rt6_check_dev(struct fib6_info *rt, int oif) + return 0; + } + ++static inline int rt6_link_filter(struct fib6_info *rt) ++{ ++ const struct net_device *dev = rt->fib6_nh.nh_dev; ++ int linkf = __in6_dev_get(dev)->cnf.link_filter; ++ ++ return (linkf && !netif_running(dev)) ++ || (linkf > 1 && !netif_carrier_ok(dev)); ++} ++ + static inline enum rt6_nud_state rt6_check_neigh(struct fib6_info *rt) + { + enum rt6_nud_state ret = RT6_NUD_FAIL_HARD; +@@ -634,6 +643,9 @@ static int rt6_score_route(struct fib6_info *rt, int oif, int strict) + m = rt6_check_dev(rt, oif); + if (!m && (strict & RT6_LOOKUP_F_IFACE)) + return RT6_NUD_FAIL_HARD; ++ if (rt6_link_filter(rt)) ++ return -1; ++ + #ifdef CONFIG_IPV6_ROUTER_PREF + m |= IPV6_DECODE_PREF(IPV6_EXTRACT_PREF(rt->fib6_flags)) << 2; + #endif +-- +2.20.1 + diff --git a/packages/linux-kernel/patches/kernel/0002-VyOS-add-inotify-support-for-stackable-filesystems-o.patch b/packages/linux-kernel/patches/kernel/0002-VyOS-add-inotify-support-for-stackable-filesystems-o.patch new file mode 100644 index 00000000..bf28f313 --- /dev/null +++ b/packages/linux-kernel/patches/kernel/0002-VyOS-add-inotify-support-for-stackable-filesystems-o.patch @@ -0,0 +1,299 @@ +From 1d625d2f745b61a718ce52cd1729f467c17defa6 Mon Sep 17 00:00:00 2001 +From: Alex Harpin <development@landsofshadow.co.uk> +Date: Wed, 31 Dec 2014 10:33:38 +0000 +Subject: [PATCH] VyOS: add inotify support for stackable filesystems + (overlayfs) + +As it stands at the moment, overlayfs doesn't have full support for +inotify, and as such anything that relies on inotify currently has +issues. The simplest method of demonstrating this is to tail a file +(so tail -f /var/log/messages) and see that it doesn't follow changes +in that file. This has been reported in a number of places, including +Bug #882147 in Ubuntu. This patch is based on the version proposed by +Li Jianguo in response to this bug, adding support for inotify in +stackable filesystems. + +This commit provides a complete fix for the workaround implemented +for bug #303, and will allow that commit to be reverted. + +Bug #425 http://bugzilla.vyos.net/show_bug.cgi?id=425 + +(cherry picked from commit a93f1128bc83b5a6628da242e71c18ef05e81ea2) + +--- + fs/notify/inotify/Kconfig | 9 +++ + fs/notify/inotify/inotify_user.c | 112 ++++++++++++++++++++++++++++++- + fs/overlayfs/super.c | 24 ++++++- + include/linux/inotify.h | 28 ++++++++ + 4 files changed, 170 insertions(+), 3 deletions(-) + +diff --git a/fs/notify/inotify/Kconfig b/fs/notify/inotify/Kconfig +index b981fc0c8379..b0b208bd584b 100644 +--- a/fs/notify/inotify/Kconfig ++++ b/fs/notify/inotify/Kconfig +@@ -15,3 +15,12 @@ config INOTIFY_USER + For more information, see <file:Documentation/filesystems/inotify.txt> + + If unsure, say Y. ++ ++config INOTIFY_STACKFS ++ bool "Inotify support for stackable filesystem" ++ select INOTIFY_USER ++ default y ++ ---help--- ++ Say Y here to enable inotify support for stackable filesystem. ++ ++ If unsure, say N. +diff --git a/fs/notify/inotify/inotify_user.c b/fs/notify/inotify/inotify_user.c +index 97a51690338e..0595de27e1b5 100644 +--- a/fs/notify/inotify/inotify_user.c ++++ b/fs/notify/inotify/inotify_user.c +@@ -24,6 +24,7 @@ + + #include <linux/file.h> + #include <linux/fs.h> /* struct inode */ ++#include <linux/mount.h> + #include <linux/fsnotify_backend.h> + #include <linux/idr.h> + #include <linux/init.h> /* fs_initcall */ +@@ -85,6 +86,94 @@ struct ctl_table inotify_table[] = { + }; + #endif /* CONFIG_SYSCTL */ + ++#ifdef CONFIG_INOTIFY_STACKFS ++ ++static DEFINE_RWLOCK(inotify_fs_lock); ++static LIST_HEAD(inotify_fs_list); ++ ++static inline struct file_system_type* peek_fs_type(struct path *path) ++{ ++ return path->mnt->mnt_sb->s_type; ++} ++ ++static struct inotify_stackfs* inotify_get_stackfs(struct path *path) ++{ ++ struct file_system_type *fs; ++ struct inotify_stackfs *fse, *ret = NULL; ++ ++ fs = peek_fs_type(path); ++ ++ read_lock(&inotify_fs_lock); ++ list_for_each_entry(fse, &inotify_fs_list, list) { ++ if (fse->fs_type == fs) { ++ ret = fse; ++ break; ++ } ++ } ++ read_unlock(&inotify_fs_lock); ++ ++ return ret; ++} ++ ++static inline void inotify_put_stackfs(struct inotify_stackfs *fs) ++{ ++} ++ ++int inotify_register_stackfs(struct inotify_stackfs *fs) ++{ ++ int ret = 0; ++ struct inotify_stackfs *fse; ++ ++ BUG_ON(IS_ERR_OR_NULL(fs->fs_type)); ++ BUG_ON(IS_ERR_OR_NULL(fs->func)); ++ ++ INIT_LIST_HEAD(&fs->list); ++ ++ write_lock(&inotify_fs_lock); ++ list_for_each_entry(fse, &inotify_fs_list, list) { ++ if (fse->fs_type == fs->fs_type) { ++ write_unlock(&inotify_fs_lock); ++ ret = -EBUSY; ++ goto out; ++ } ++ } ++ list_add_tail(&fs->list, &inotify_fs_list); ++ write_unlock(&inotify_fs_lock); ++ ++out: ++ return ret; ++} ++EXPORT_SYMBOL_GPL(inotify_register_stackfs); ++ ++void inotify_unregister_stackfs(struct inotify_stackfs *fs) ++{ ++ struct inotify_stackfs *fse, *n; ++ ++ write_lock(&inotify_fs_lock); ++ list_for_each_entry_safe(fse, n, &inotify_fs_list, list) { ++ if (fse == fs) { ++ list_del(&fse->list); ++ break; ++ } ++ } ++ write_unlock(&inotify_fs_lock); ++} ++EXPORT_SYMBOL_GPL(inotify_unregister_stackfs); ++ ++#else ++ ++static inline struct inotify_stackfs* inotify_get_stackfs(struct path *path) ++{ ++ return NULL; ++} ++ ++static inline void inotify_put_stackfs(struct inotify_stackfs *fs) ++{ ++} ++ ++#endif /* CONFIG_INOTIFY_STACKFS */ ++ ++ + static inline __u32 inotify_arg_to_mask(u32 arg) + { + __u32 mask; +@@ -342,7 +431,7 @@ static const struct file_operations inotify_fops = { + /* + * find_inode - resolve a user-given path to a specific inode + */ +-static int inotify_find_inode(const char __user *dirname, struct path *path, unsigned flags) ++static inline int __inotify_find_inode(const char __user *dirname, struct path *path, unsigned flags) + { + int error; + +@@ -356,6 +445,27 @@ static int inotify_find_inode(const char __user *dirname, struct path *path, uns + return error; + } + ++static int inotify_find_inode(const char __user *dirname, struct path *path, unsigned flags) ++{ ++ int ret; ++ struct path tpath; ++ struct inotify_stackfs *fse; ++ ++ ret = __inotify_find_inode(dirname, &tpath, flags); ++ if (ret) ++ return ret; ++ fse = inotify_get_stackfs(&tpath); ++ if (fse == NULL) { ++ *path = tpath; ++ return 0; ++ } ++ ret = fse->func(path, &tpath); ++ inotify_put_stackfs(fse); ++ path_put(&tpath); ++ ++ return ret; ++} ++ + static int inotify_add_to_idr(struct idr *idr, spinlock_t *idr_lock, + struct inotify_inode_mark *i_mark) + { +diff --git a/fs/overlayfs/super.c b/fs/overlayfs/super.c +index 127df4a85c8a..d6d41a328f9d 100644 +--- a/fs/overlayfs/super.c ++++ b/fs/overlayfs/super.c +@@ -18,6 +18,7 @@ + #include <linux/seq_file.h> + #include <linux/posix_acl_xattr.h> + #include <linux/exportfs.h> ++#include <linux/inotify.h> + #include "overlayfs.h" + + MODULE_AUTHOR("Miklos Szeredi <miklos@szeredi.hu>"); +@@ -1703,6 +1704,18 @@ static void ovl_inode_init_once(void *foo) + inode_init_once(&oi->vfs_inode); + } + ++static int ovl_inotify_path(struct path *dst, struct path *src) ++{ ++ ovl_path_real(src->dentry, dst); ++ path_get(dst); ++ return 0; ++} ++ ++static struct inotify_stackfs ovl_inotify = { ++ .fs_type = &ovl_fs_type, ++ .func = ovl_inotify_path, ++}; ++ + static int __init ovl_init(void) + { + int err; +@@ -1717,13 +1730,21 @@ static int __init ovl_init(void) + + err = register_filesystem(&ovl_fs_type); + if (err) +- kmem_cache_destroy(ovl_inode_cachep); ++ goto err; ++ err = inotify_register_stackfs(&ovl_inotify); ++ if (err) ++ goto err; ++ return err; + ++err: ++ kmem_cache_destroy(ovl_inode_cachep); ++ unregister_filesystem(&ovl_fs_type); + return err; + } + + static void __exit ovl_exit(void) + { ++ inotify_unregister_stackfs(&ovl_inotify); + unregister_filesystem(&ovl_fs_type); + + /* +@@ -1732,7 +1753,6 @@ static void __exit ovl_exit(void) + */ + rcu_barrier(); + kmem_cache_destroy(ovl_inode_cachep); +- + } + + module_init(ovl_init); +diff --git a/include/linux/inotify.h b/include/linux/inotify.h +index 6a24905f6e1e..248b1441ba83 100644 +--- a/include/linux/inotify.h ++++ b/include/linux/inotify.h +@@ -9,6 +9,8 @@ + + #include <linux/sysctl.h> + #include <uapi/linux/inotify.h> ++#include <linux/list.h> ++#include <linux/fs.h> + + extern struct ctl_table inotify_table[]; /* for sysctl */ + +@@ -20,4 +22,30 @@ extern struct ctl_table inotify_table[]; /* for sysctl */ + IN_DONT_FOLLOW | IN_EXCL_UNLINK | IN_MASK_ADD | \ + IN_MASK_CREATE | IN_ISDIR | IN_ONESHOT) + ++typedef int (*inotify_path_proc)(struct path *dst, struct path *src); ++ ++struct inotify_stackfs { ++ struct list_head list; /* entry in inotify_fs_list */ ++ struct file_system_type *fs_type; /* registed file_system_type */ ++ inotify_path_proc func; /* registed callback function */ ++}; ++ ++#ifdef CONFIG_INOTIFY_STACKFS ++ ++extern int inotify_register_stackfs(struct inotify_stackfs *fs); ++extern void inotify_unregister_stackfs(struct inotify_stackfs *fs); ++ ++#else ++ ++static inline int inotify_register_stackfs(struct inotify_stackfs *fs) ++{ ++ return 0; ++} ++ ++static inline void inotify_unregister_stackfs(struct inotify_stackfs *fs) ++{ ++} ++ ++#endif /* CONFIG_INOTIFY_STACKFS */ ++ + #endif /* _LINUX_INOTIFY_H */ +-- +2.20.1 + diff --git a/packages/linux-kernel/patches/kernel/0003-RFC-builddeb-add-linux-tools-package-with-perf.patch b/packages/linux-kernel/patches/kernel/0003-RFC-builddeb-add-linux-tools-package-with-perf.patch new file mode 100644 index 00000000..38d5b980 --- /dev/null +++ b/packages/linux-kernel/patches/kernel/0003-RFC-builddeb-add-linux-tools-package-with-perf.patch @@ -0,0 +1,93 @@ +From: Riku Voipio <riku.voipio@linaro.org> + +Perf is shipped in debian in linux-tools-$version package. Extend +the existing to builddeb script to build perf if BUILD_TOOLS=y +is added the make deb-pkg line + +Some features of this patch I'm uncomfortable with: + +1. Relative paths are resoved to absolute ones + Especially with separate O= buildd, perf build from tools/perf dir + fail. + +2. Unsetting LDFLAGS + make -> shell (builddeb) -> make expands variables. The LDFLAGS as + set by toplevel makefile are for kernel, so we just unset the flag + here. + +3. Replaces ubuntu/debian packages instead attempting to fit to + the linux-base/linux-tools-common frameworks. I think people who + want to run "make deb-pkg" for their kernels would rather keep this + simple. + +4. More tools than just perf could be built - unfortunately most + tools fail to have a working "install" target and/or else have + build process inconsistent with other tools. A topic for another + patch series. + +Signed-off-by: Riku Voipio <riku.voipio@linaro.org> +--- + scripts/package/builddeb | 31 ++++++++++++++++++++++++++++++- + 1 file changed, 30 insertions(+), 1 deletion(-) + +diff --git a/scripts/package/builddeb b/scripts/package/builddeb +index 0b31f4f1f92c..629144b4226b 100755 +--- a/scripts/package/builddeb ++++ b/scripts/package/builddeb +@@ -39,10 +39,12 @@ tmpdir="$objtree/debian/tmp" + kernel_headers_dir="$objtree/debian/hdrtmp" + libc_headers_dir="$objtree/debian/headertmp" + dbg_dir="$objtree/debian/dbgtmp" ++tools_dir="$objtree/debian/toolstmp" + packagename=linux-image-$version + kernel_headers_packagename=linux-headers-$version + libc_headers_packagename=linux-libc-dev + dbg_packagename=$packagename-dbg ++tools_packagename=linux-tools-$version + + if [ "$ARCH" = "um" ] ; then + packagename=user-mode-linux-$version +@@ -65,7 +67,7 @@ esac + BUILD_DEBUG="$(grep -s '^CONFIG_DEBUG_INFO=y' $KCONFIG_CONFIG || true)" + + # Setup the directory structure +-rm -rf "$tmpdir" "$kernel_headers_dir" "$libc_headers_dir" "$dbg_dir" $objtree/debian/files ++rm -rf "$tmpdir" "$kernel_headers_dir" "$libc_headers_dir" "$dbg_dir" "$tools_dir" $objtree/debian/files + mkdir -m 755 -p "$tmpdir/DEBIAN" + mkdir -p "$tmpdir/lib" "$tmpdir/boot" + mkdir -p "$kernel_headers_dir/lib/modules/$version/" +@@ -194,4 +196,31 @@ if [ -n "$BUILD_DEBUG" ] ; then + create_package "$dbg_packagename" "$dbg_dir" + fi + ++if [ -n "$BUILD_TOOLS" ] ++then ++ # HACK - change output dir from relative to absolute ++ mkdir -p $tools_dir ++ tools_dest=`readlink -f $tools_dir` ++ if [ -n "$O" ] ++ then ++ output=`readlink -f $objtree` ++ mkdir -p $output/tools/perf ++ output="O=$output/tools/perf" ++ fi ++ $MAKE -C $srctree/tools/perf $output LDFLAGS= srctree=$KBUILD_SRC prefix=$tools_dest/usr install ++ cat <<EOF >> debian/control ++ ++Package: $tools_packagename ++Architecture: any ++Replaces: linux-base, linux-tools-common ++Depends: \${shlibs:Depends} ++Description: Performance analysis tools for Linux $version ++ This package contains the 'perf' performance analysis tools for Linux ++ kernel version $version . ++EOF ++ ++ dpkg-shlibdeps $tools_dest/usr/bin/* $tools_dest/usr/lib*/traceevent/plugins/* ++ create_package "$tools_packagename" "$tools_dir" ++fi ++ + exit 0 +-- +2.20.1 + diff --git a/packages/linux-kernel/patches/wireguard-linux-compat/0001-Debian-build-WireGuard-module-package-instead-of-DKM.patch b/packages/linux-kernel/patches/wireguard-linux-compat/0001-Debian-build-WireGuard-module-package-instead-of-DKM.patch new file mode 100644 index 00000000..061d96c0 --- /dev/null +++ b/packages/linux-kernel/patches/wireguard-linux-compat/0001-Debian-build-WireGuard-module-package-instead-of-DKM.patch @@ -0,0 +1,70 @@ +VyOS requires a pre build binary of the WireGuard package over a DKMS +build. Change the build rules to produce the binary over the source +package for DKMS. + +--- + debian/control | 8 ++------ + debian/rules | 9 ++++----- + 2 files changed, 6 insertions(+), 11 deletions(-) + +diff --git a/debian/control b/debian/control +index 7b2af41..ae02be3 100644 +--- a/debian/control ++++ b/debian/control +@@ -6,14 +6,13 @@ Uploaders: + Unit 193 <unit193@debian.org>, + Build-Depends: + debhelper-compat (= 12), +- dkms, + Standards-Version: 4.5.0 + Homepage: https://www.wireguard.com + Vcs-Git: https://salsa.debian.org/debian/wireguard-linux-compat.git -b debian/buster-backports + Vcs-Browser: https://salsa.debian.org/debian/wireguard-linux-compat + Rules-Requires-Root: no + +-Package: wireguard-dkms ++Package: wireguard-modules + Architecture: all + Section: kernel + Depends: +@@ -23,7 +22,7 @@ Depends: + Recommends: + wireguard (>= 0.0.20191219), + wireguard-tools (>= 0.0.20191219), +-Description: fast, modern, secure kernel VPN tunnel (DKMS version) ++Description: fast, modern, secure kernel VPN tunnel (Kernel Module) + WireGuard is a novel VPN that runs inside the Linux Kernel and uses + state-of-the-art cryptography (the "Noise" protocol). It aims to be + faster, simpler, leaner, and more useful than IPSec, while avoiding +@@ -31,6 +30,3 @@ Description: fast, modern, secure kernel VPN tunnel (DKMS version) + than OpenVPN. WireGuard is designed as a general purpose VPN for + running on embedded interfaces and super computers alike, fit for + many different circumstances. It runs over UDP. +- . +- This package uses DKMS to automatically build the wireguard kernel +- module. +diff --git a/debian/rules b/debian/rules +index 4fbedc6..15ede39 100755 +--- a/debian/rules ++++ b/debian/rules +@@ -6,12 +6,11 @@ export DEB_BUILD_MAINT_OPTIONS = hardening=+all + export DEB_VERSION_UPSTREAM + + WIREGUARD_ARGS = V=1 ++KERNEL_VERSION := $(shell cat "${KERNELDIR}"/include/config/kernel.release) + + %: +- dh $@ --with dkms ++ dh $@ + + override_dh_auto_install-indep: +- $(MAKE) -C src DESTDIR=../debian/wireguard-dkms DKMSDIR=/usr/src/wireguard-$(DEB_VERSION_UPSTREAM) dkms-install +- +-override_dh_dkms: +- dh_dkms -p wireguard-dkms -- src/dkms.conf ++ $(MAKE) -C src module ++ echo "src/wireguard.ko /lib/modules/$(KERNEL_VERSION)/extra" > debian/wireguard-modules.install +\ No newline at end of file +-- +2.20.1 + |