* Re: final call for Ubuntu 14.04 WireGuard support
2020-07-21 13:12 final call for Ubuntu 14.04 WireGuard support Jason A. Donenfeld
2020-07-22 15:03 ` Jason A. Donenfeld
@ 2020-10-07 11:15 ` Maykel Moya
2020-10-07 11:23 ` Jason A. Donenfeld
2 siblings, 0 replies; 5+ messages in thread
From: Maykel Moya @ 2020-10-07 11:15 UTC (permalink / raw)
To: wireguard
Hi, Jason
On 21/7/20 15:12, Jason A. Donenfeld wrote:
> If you _are_ using WireGuard on Ubuntu 14.04 or know somebody who is,
> this would be the time to pipe up, so that we don't leave anyone
> hanging. Feel free to respond to this thread regarding ongoing
> WireGuard+14.04 usage and why updating your operating system isn't
> convenient, or send me an email privately if public disclosure of your
> infrastructure isn't an option.
A little late to the party, but anyway...
I'm one of the users of Wireguard in a Ubuntu 14.04. The big red warning
in the postinst script lead me here.
Despite being on trusty, I'm using a 4.4.0 kernel provided trough
trusty-security[1], specifically package linux-image-4.4.0-148-generic
version 4.4.0-148.174~14.04.1.
Today I upgraded the wireguard version to the latest one available in
the PPA, 1.0.20200712-1ppa1~14.04.2 and the module failed to build with
the following error:
$ cat make.log
DKMS make.log for wireguard-1.0.20200712 for kernel 4.4.0-148-generic
(x86_64)
Wed Oct 7 10:28:06 UTC 2020
make: Entering directory `/usr/src/linux-headers-4.4.0-148-generic'
LD /var/lib/dkms/wireguard/1.0.20200712/build/built-in.o
CC [M] /var/lib/dkms/wireguard/1.0.20200712/build/main.o
CC [M] /var/lib/dkms/wireguard/1.0.20200712/build/noise.o
CC [M] /var/lib/dkms/wireguard/1.0.20200712/build/device.o
CC [M] /var/lib/dkms/wireguard/1.0.20200712/build/peer.o
CC [M] /var/lib/dkms/wireguard/1.0.20200712/build/timers.o
CC [M] /var/lib/dkms/wireguard/1.0.20200712/build/queueing.o
CC [M] /var/lib/dkms/wireguard/1.0.20200712/build/send.o
CC [M] /var/lib/dkms/wireguard/1.0.20200712/build/receive.o
CC [M] /var/lib/dkms/wireguard/1.0.20200712/build/socket.o
/var/lib/dkms/wireguard/1.0.20200712/build/socket.c: In function ‘send6’:
/var/lib/dkms/wireguard/1.0.20200712/build/socket.c:139:18: error:
‘const struct ipv6_stub’ has no member named ‘ipv6_dst_lookup_flow’
dst = ipv6_stub->ipv6_dst_lookup_flow(sock_net(sock), sock, &fl,
^
make[1]: *** [/var/lib/dkms/wireguard/1.0.20200712/build/socket.o] Error 1
make: *** [_module_/var/lib/dkms/wireguard/1.0.20200712/build] Error 2
make: Leaving directory `/usr/src/linux-headers-4.4.0-148-generic'
I saw the CI and latest wireguard-linux-compat is tested against 4.4.238.
This kernel is based on upstream 4.4.177
$ cat /proc/version_signature
Ubuntu 4.4.0-148.174~14.04.1-generic 4.4.177
Given that wireguard-linux-compat aims to support kernel versions 3.10
to 5.5, I'm writing with the hope to clarify if this bug is related to
compatibility with linux 4.4.x or something related to this specific
combination of distro provided kernel and unsupported distro.
I manage to make it work by forcing the compat definition of
ipv6_dst_lookup_flow with an ugly patch, just checking for
kernel_version 4.4.177.
--- compat.h.orig 2020-07-22 14:28:54.000000000 +0000
+++ compat.h 2020-10-07 11:00:04.385854751 +0000
@@ -94,7 +94,13 @@
#if LINUX_VERSION_CODE < KERNEL_VERSION(3, 17, 0) && LINUX_VERSION_CODE
>= KERNEL_VERSION(3, 16, 83)
#define ipv6_dst_lookup_flow(a, b, c, d) ipv6_dst_lookup_flow(b, c, d)
-#elif (LINUX_VERSION_CODE < KERNEL_VERSION(5, 4, 5) &&
LINUX_VERSION_CODE >= KERNEL_VERSION(5, 4, 0)) || (LINUX_VERSION_CODE <
KERNEL_VERSION(5, 3, 18) && LINUX_VERSION_CODE >= KERNEL_VERSION(4,
20, 0) && !defined(ISUBUNTU1904)) || (!defined(ISRHEL8) &&
!defined(ISDEBIAN) && !defined(ISUBUNTU1804) && LINUX_VERSION_CODE <
KERNEL_VERSION(4, 19, 119) && LINUX_VERSION_CODE >= KERNEL_VERSION(4
, 15, 0)) || (LINUX_VERSION_CODE < KERNEL_VERSION(4, 14, 181) &&
LINUX_VERSION_CODE >= KERNEL_VERSION(4, 10, 0)) || (LINUX_VERSION_CODE <
KERNEL_VERSION(4, 9, 224) && LINUX_VERSION_CODE >= KERNEL_
VERSION(4, 5, 0)) || (LINUX_VERSION_CODE < KERNEL_VERSION(4, 4, 224) &&
!defined(ISUBUNTU1604))
+#elif (LINUX_VERSION_CODE < KERNEL_VERSION(5, 4, 5) &&
LINUX_VERSION_CODE >= KERNEL_VERSION(5, 4, 0)) || \
+ (LINUX_VERSION_CODE < KERNEL_VERSION(5, 3, 18) &&
LINUX_VERSION_CODE >= KERNEL_VERSION(4, 20, 0) &&
!defined(ISUBUNTU1904)) || \
+ (LINUX_VERSION_CODE < KERNEL_VERSION(4, 19, 119) &&
LINUX_VERSION_CODE >= KERNEL_VERSION(4, 15, 0) && !defined(ISRHEL8) &&
!defined(ISDEBIAN) && !defined(ISUBUNTU1804)) || \
+ (LINUX_VERSION_CODE < KERNEL_VERSION(4, 14, 181) &&
LINUX_VERSION_CODE >= KERNEL_VERSION(4, 10, 0)) || \
+ (LINUX_VERSION_CODE < KERNEL_VERSION(4, 9, 224) &&
LINUX_VERSION_CODE >= KERNEL_VERSION(4, 5, 0)) || \
+ (LINUX_VERSION_CODE < KERNEL_VERSION(4, 4, 224) &&
!defined(ISUBUNTU1604)) || \
+ (LINUX_VERSION_CODE == KERNEL_VERSION(4, 4, 177))
#define ipv6_dst_lookup_flow(a, b, c, d) ipv6_dst_lookup(a, b, &dst, c)
+ (void *)0 ?: dst
#endif
Despite the outcome of this email, please consider aligning the
conditional clauses, they are much easier to read than having everything
in one line.
Given that Ubuntu defines in compat.h are solely based on kernel
versions and support for older releases will be dropped at some point, I
don't know if the decent fix for this is to change the latest clause from:
kernel_version < 4.4.224 && !ubuntu_1604
to just:
kernel_version < 4.4.224
Thanks for the great work,
maykel
[1]:
http://security.ubuntu.com/ubuntu/dists/trusty-security/main/binary-amd64/
^ permalink raw reply [flat|nested] 5+ messages in thread