proper 5.4.y backport of wireguard
Jason A. Donenfeld
Jason at zx2c4.com
Wed Feb 24 21:31:37 UTC 2021
Hi,
This is a summary of a conversation with apw on IRC.
wireguard-linux-compat is ugly compat code. It gets the job done. But if
you have something better, you should use something better.
Fortunately, I've ported upstream's wireguard to 5.4.y in a Greg
KH-style commit-by-commit backport, following the stable kernel 1:1
conventions. It's in use by Oracle, SUSE, Google, and others, and
long-term will be better supported than wireguard-linux-compat. And it's
easier to maintain, since it's just a series of patches. So, apw and I
thought that switching to it for focal and for bionic-hwe would be
beneficial.
The backport lives at: https://git.zx2c4.com/wireguard-linux/log/?h=backport-5.4.y
This tree is rebased always on top of Greg KH's latest 5.4.y stable.
You currently are missing two patches from Greg's latest, so you apply
those, and then apply that backport. I've done a trial of it locally
with success. You can make yourself a functional WireGuard focal kernel
via:
$ git clone https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/focal
$ cd focal
$ git cherry-pick aa350dbe3a1ee5e062228f8f5ebd2ffb6e58709c b41352a93c163afafd29f56bb18fd3c0fef1120c
$ curl 'https://git.zx2c4.com/wireguard-linux/patch/?id2=gregkh/stable-5.4.y&id=backport-5.4.y' | git am -s
The whole series should apply cleanly. Afterwards, simply enable
CONFIG_WIREGUARD=y and you're good to go.
Applying: https://usercontent.irccloud-cdn.com/file/LDuAMzOz/easywgeeze.gif
Running the tests: https://usercontent.irccloud-cdn.com/file/nWpzQBDG/wgtestsuitebuntu.gif
Let me know if you have any questions.
Thanks,
Jason
More information about the kernel-team
mailing list