From: "Jason Donenfeld" <zx2c4@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Subject: [gentoo-commits] repo/gentoo:master commit in: net-vpn/wireguard/files/, net-vpn/wireguard/
Date: Thu, 1 Jun 2017 18:15:06 +0000 (UTC) [thread overview]
Message-ID: <1496340896.98de0b375822da3d946004d292a03c050dfaa72d.zx2c4@gentoo> (raw)
commit: 98de0b375822da3d946004d292a03c050dfaa72d
Author: Jason A. Donenfeld <zx2c4 <AT> gentoo <DOT> org>
AuthorDate: Thu Jun 1 18:14:43 2017 +0000
Commit: Jason Donenfeld <zx2c4 <AT> gentoo <DOT> org>
CommitDate: Thu Jun 1 18:14:56 2017 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=98de0b37
net-vpn/wireguard: work around hotplug+!padata
Package-Manager: Portage-2.3.6, Repoman-2.3.2
...eguard-0.0.20170531-remove-padata-hotplug.patch | 188 +++++++++++++++++++++
net-vpn/wireguard/wireguard-0.0.20170531-r1.ebuild | 115 +++++++++++++
2 files changed, 303 insertions(+)
diff --git a/net-vpn/wireguard/files/wireguard-0.0.20170531-remove-padata-hotplug.patch b/net-vpn/wireguard/files/wireguard-0.0.20170531-remove-padata-hotplug.patch
new file mode 100644
index 00000000000..a1f4b80d01d
--- /dev/null
+++ b/net-vpn/wireguard/files/wireguard-0.0.20170531-remove-padata-hotplug.patch
@@ -0,0 +1,188 @@
+From 1e0405942cecfd6de2a7707f3027f326d6f2fdb4 Mon Sep 17 00:00:00 2001
+From: "Jason A. Donenfeld" <Jason@zx2c4.com>
+Date: Thu, 1 Jun 2017 16:55:20 +0200
+Subject: compat: remove padata hotplug code
+
+It's different on different kernel versions, and we're not using it
+anyway, so it's easiest to just get rid of it, rather than having
+another ifdef maze.
+---
+ src/compat/padata/padata.c | 149 ---------------------------------------------
+ 1 file changed, 149 deletions(-)
+
+diff --git a/src/compat/padata/padata.c b/src/compat/padata/padata.c
+index 480c43f..25836db 100644
+--- a/src/compat/padata/padata.c
++++ b/src/compat/padata/padata.c
+@@ -677,131 +677,8 @@ void padata_stop(struct padata_instance *pinst)
+ mutex_unlock(&pinst->lock);
+ }
+
+-#ifdef CONFIG_HOTPLUG_CPU
+-
+-static int __padata_add_cpu(struct padata_instance *pinst, int cpu)
+-{
+- struct parallel_data *pd;
+-
+- if (cpumask_test_cpu(cpu, cpu_online_mask)) {
+- pd = padata_alloc_pd(pinst, pinst->cpumask.pcpu,
+- pinst->cpumask.cbcpu);
+- if (!pd)
+- return -ENOMEM;
+-
+- padata_replace(pinst, pd);
+-
+- if (padata_validate_cpumask(pinst, pinst->cpumask.pcpu) &&
+- padata_validate_cpumask(pinst, pinst->cpumask.cbcpu))
+- __padata_start(pinst);
+- }
+-
+- return 0;
+-}
+-
+-static int __padata_remove_cpu(struct padata_instance *pinst, int cpu)
+-{
+- struct parallel_data *pd = NULL;
+-
+- if (cpumask_test_cpu(cpu, cpu_online_mask)) {
+-
+- if (!padata_validate_cpumask(pinst, pinst->cpumask.pcpu) ||
+- !padata_validate_cpumask(pinst, pinst->cpumask.cbcpu))
+- __padata_stop(pinst);
+-
+- pd = padata_alloc_pd(pinst, pinst->cpumask.pcpu,
+- pinst->cpumask.cbcpu);
+- if (!pd)
+- return -ENOMEM;
+-
+- padata_replace(pinst, pd);
+-
+- cpumask_clear_cpu(cpu, pd->cpumask.cbcpu);
+- cpumask_clear_cpu(cpu, pd->cpumask.pcpu);
+- }
+-
+- return 0;
+-}
+-
+- /**
+- * padata_remove_cpu - remove a cpu from the one or both(serial and parallel)
+- * padata cpumasks.
+- *
+- * @pinst: padata instance
+- * @cpu: cpu to remove
+- * @mask: bitmask specifying from which cpumask @cpu should be removed
+- * The @mask may be any combination of the following flags:
+- * PADATA_CPU_SERIAL - serial cpumask
+- * PADATA_CPU_PARALLEL - parallel cpumask
+- */
+-int padata_remove_cpu(struct padata_instance *pinst, int cpu, int mask)
+-{
+- int err;
+-
+- if (!(mask & (PADATA_CPU_SERIAL | PADATA_CPU_PARALLEL)))
+- return -EINVAL;
+-
+- mutex_lock(&pinst->lock);
+-
+- get_online_cpus();
+- if (mask & PADATA_CPU_SERIAL)
+- cpumask_clear_cpu(cpu, pinst->cpumask.cbcpu);
+- if (mask & PADATA_CPU_PARALLEL)
+- cpumask_clear_cpu(cpu, pinst->cpumask.pcpu);
+-
+- err = __padata_remove_cpu(pinst, cpu);
+- put_online_cpus();
+-
+- mutex_unlock(&pinst->lock);
+-
+- return err;
+-}
+-
+-static inline int pinst_has_cpu(struct padata_instance *pinst, int cpu)
+-{
+- return cpumask_test_cpu(cpu, pinst->cpumask.pcpu) ||
+- cpumask_test_cpu(cpu, pinst->cpumask.cbcpu);
+-}
+-
+-static int padata_cpu_online(unsigned int cpu, struct hlist_node *node)
+-{
+- struct padata_instance *pinst;
+- int ret;
+-
+- pinst = hlist_entry_safe(node, struct padata_instance, node);
+- if (!pinst_has_cpu(pinst, cpu))
+- return 0;
+-
+- mutex_lock(&pinst->lock);
+- ret = __padata_add_cpu(pinst, cpu);
+- mutex_unlock(&pinst->lock);
+- return ret;
+-}
+-
+-static int padata_cpu_prep_down(unsigned int cpu, struct hlist_node *node)
+-{
+- struct padata_instance *pinst;
+- int ret;
+-
+- pinst = hlist_entry_safe(node, struct padata_instance, node);
+- if (!pinst_has_cpu(pinst, cpu))
+- return 0;
+-
+- mutex_lock(&pinst->lock);
+- ret = __padata_remove_cpu(pinst, cpu);
+- mutex_unlock(&pinst->lock);
+- return ret;
+-}
+-
+-static enum cpuhp_state hp_online;
+-#endif
+-
+ static void __padata_free(struct padata_instance *pinst)
+ {
+-#ifdef CONFIG_HOTPLUG_CPU
+- cpuhp_state_remove_instance_nocalls(hp_online, &pinst->node);
+-#endif
+-
+ padata_stop(pinst);
+ padata_free_pd(pinst->pd);
+ free_cpumask_var(pinst->cpumask.pcpu);
+@@ -995,9 +872,6 @@ struct padata_instance *padata_alloc(struct workqueue_struct *wq,
+ kobject_init(&pinst->kobj, &padata_attr_type);
+ mutex_init(&pinst->lock);
+
+-#ifdef CONFIG_HOTPLUG_CPU
+- cpuhp_state_add_instance_nocalls(hp_online, &pinst->node);
+-#endif
+ return pinst;
+
+ err_free_masks:
+@@ -1019,26 +893,3 @@ void padata_free(struct padata_instance *pinst)
+ {
+ kobject_put(&pinst->kobj);
+ }
+-
+-#ifdef CONFIG_HOTPLUG_CPU
+-
+-static __init int padata_driver_init(void)
+-{
+- int ret;
+-
+- ret = cpuhp_setup_state_multi(CPUHP_AP_ONLINE_DYN, "padata:online",
+- padata_cpu_online,
+- padata_cpu_prep_down);
+- if (ret < 0)
+- return ret;
+- hp_online = ret;
+- return 0;
+-}
+-module_init(padata_driver_init);
+-
+-static __exit void padata_driver_exit(void)
+-{
+- cpuhp_remove_multi_state(hp_online);
+-}
+-module_exit(padata_driver_exit);
+-#endif
+--
+cgit v1.1-9-ge9c1d
+
diff --git a/net-vpn/wireguard/wireguard-0.0.20170531-r1.ebuild b/net-vpn/wireguard/wireguard-0.0.20170531-r1.ebuild
new file mode 100644
index 00000000000..3d5b1b746f0
--- /dev/null
+++ b/net-vpn/wireguard/wireguard-0.0.20170531-r1.ebuild
@@ -0,0 +1,115 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+inherit linux-mod bash-completion-r1
+
+DESCRIPTION="Simple yet fast and modern VPN that utilizes state-of-the-art cryptography."
+HOMEPAGE="https://www.wireguard.io/"
+
+if [[ ${PV} == 9999 ]]; then
+ inherit git-r3
+ EGIT_REPO_URI="https://git.zx2c4.com/WireGuard"
+ KEYWORDS=""
+else
+ SRC_URI="https://git.zx2c4.com/WireGuard/snapshot/WireGuard-${PV}.tar.xz"
+ S="${WORKDIR}/WireGuard-${PV}"
+ KEYWORDS="~amd64 ~x86 ~mips ~arm ~arm64"
+fi
+
+LICENSE="GPL-2"
+SLOT="0"
+IUSE="debug +module +tools module-src"
+
+DEPEND="tools? ( net-libs/libmnl )"
+RDEPEND="${DEPEND}"
+
+MODULE_NAMES="wireguard(net:src)"
+BUILD_PARAMS="KERNELDIR=${KERNEL_DIR} V=1"
+BUILD_TARGETS="module"
+CONFIG_CHECK="NET INET NET_UDP_TUNNEL NF_CONNTRACK NETFILTER_XT_MATCH_HASHLIMIT CRYPTO_BLKCIPHER ~PADATA ~IP6_NF_IPTABLES"
+WARNING_PADATA="If you're running a multicore system you likely should enable CONFIG_PADATA for improved performance and parallel crypto."
+WARNING_IP6_NF_IPTABLES="If your kernel has CONFIG_IPV6, you need CONFIG_IP6_NF_IPTABLES; otherwise WireGuard will not insert."
+
+pkg_setup() {
+ if use module; then
+ linux-mod_pkg_setup
+ kernel_is -lt 3 10 0 && die "This version of ${PN} requires Linux >= 3.10"
+ fi
+}
+
+src_prepare() {
+ epatch "${FILESDIR}/${P}-remove-padata-hotplug.patch"
+ default
+}
+
+src_compile() {
+ use debug && BUILD_PARAMS="CONFIG_WIREGUARD_DEBUG=y ${BUILD_PARAMS}"
+ use module && linux-mod_src_compile
+ use tools && emake RUNSTATEDIR="${EPREFIX}/run" -C src/tools
+}
+
+src_install() {
+ use module && linux-mod_src_install
+ if use tools; then
+ dodoc README.md
+ dodoc -r contrib/examples
+ emake \
+ WITH_BASHCOMPLETION=yes \
+ WITH_SYSTEMDUNITS=yes \
+ WITH_WGQUICK=yes \
+ DESTDIR="${D}" \
+ BASHCOMPDIR="$(get_bashcompdir)" \
+ PREFIX="${EPREFIX}/usr" \
+ -C src/tools install
+ insinto /$(get_libdir)/netifrc/net
+ newins "${FILESDIR}"/wireguard-openrc.sh wireguard.sh
+ fi
+ use module-src && emake DESTDIR="${D}" PREFIX="${EPREFIX}/usr" -C src dkms-install
+}
+
+pkg_postinst() {
+ if use module-src && ! use module; then
+ einfo
+ einfo "You have enabled the module-src USE flag without the module USE"
+ einfo "flag. This means that sources are installed to"
+ einfo "${ROOT}usr/src/wireguard instead of having the"
+ einfo "kernel module compiled. You will need to compile the module"
+ einfo "yourself. Most likely, you don't want this USE flag, and should"
+ einfo "rather use USE=module"
+ einfo
+ fi
+ use module && linux-mod_pkg_postinst
+
+ ewarn
+ ewarn "This software is experimental and has not yet been released."
+ ewarn "As such, it may contain significant issues. Please do not file"
+ ewarn "bug reports with Gentoo, but rather direct them upstream to:"
+ ewarn
+ ewarn " team@wireguard.io security@wireguard.io"
+ ewarn
+
+ if use tools; then
+ einfo
+ einfo "After installing WireGuard, if you'd like to try sending some packets through"
+ einfo "WireGuard, you may use, for testing purposes only, the insecure client.sh"
+ einfo "test example script:"
+ einfo
+ einfo " \$ bzcat ${ROOT}usr/share/doc/${PF}/examples/ncat-client-server/client.sh.bz2 | sudo bash -"
+ einfo
+ einfo "This will automatically setup interface wg0, through a very insecure transport"
+ einfo "that is only suitable for demonstration purposes. You can then try loading the"
+ einfo "hidden website or sending pings:"
+ einfo
+ einfo " \$ chromium http://192.168.4.1"
+ einfo " \$ ping 192.168.4.1"
+ einfo
+ einfo "If you'd like to redirect your internet traffic, you can run it with the"
+ einfo "\"default-route\" argument. You may not use this server for any abusive or illegal"
+ einfo "purposes. It is for quick testing only."
+ einfo
+ einfo "More info on getting started can be found at: https://www.wireguard.io/quickstart/"
+ einfo
+ fi
+}
next reply other threads:[~2017-06-01 18:15 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-06-01 18:15 Jason Donenfeld [this message]
-- strict thread matches above, loose matches on Subject: below --
2017-06-07 12:26 [gentoo-commits] repo/gentoo:master commit in: net-vpn/wireguard/files/, net-vpn/wireguard/ Jason Donenfeld
2017-06-12 3:45 Jason Donenfeld
2017-06-12 22:27 Jason Donenfeld
2017-10-21 0:11 Jason Donenfeld
2017-10-31 17:35 Jason Donenfeld
2017-11-02 17:27 Jason Donenfeld
2017-11-11 3:41 Jason Donenfeld
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1496340896.98de0b375822da3d946004d292a03c050dfaa72d.zx2c4@gentoo \
--to=zx2c4@gentoo.org \
--cc=gentoo-commits@lists.gentoo.org \
--cc=gentoo-dev@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox