* [Buildroot] [PATCH 1/1] package/connman: enable wireguard
@ 2020-03-08 7:07 James Hilliard
2020-03-08 13:47 ` Thomas Petazzoni
2020-03-26 20:46 ` Thomas Petazzoni
0 siblings, 2 replies; 10+ messages in thread
From: James Hilliard @ 2020-03-08 7:07 UTC (permalink / raw)
To: buildroot
We also need to select libmnl when building with wireguard support or
with nftables.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
---
package/connman/Config.in | 5 +++++
package/connman/connman.mk | 9 ++++++++-
2 files changed, 13 insertions(+), 1 deletion(-)
diff --git a/package/connman/Config.in b/package/connman/Config.in
index ac012dda54..614b826f96 100644
--- a/package/connman/Config.in
+++ b/package/connman/Config.in
@@ -33,6 +33,7 @@ config BR2_PACKAGE_CONNMAN_NFTABLES
bool "nftables"
depends on BR2_USE_WCHAR
depends on BR2_TOOLCHAIN_HEADERS_AT_LEAST_3_12
+ select BR2_PACKAGE_LIBMNL
select BR2_PACKAGE_NFTABLES
help
Use nftables as firewall.
@@ -51,6 +52,10 @@ config BR2_PACKAGE_CONNMAN_WIFI
setup). ConnMan detects the start of wpa_supplicant
automatically.
+config BR2_PACKAGE_CONNMAN_WIREGUARD
+ bool "enable wireguard support"
+ select BR2_PACKAGE_LIBMNL
+
config BR2_PACKAGE_CONNMAN_WISPR
bool "enable WISPr support"
depends on !BR2_STATIC_LIBS # gnutls
diff --git a/package/connman/connman.mk b/package/connman/connman.mk
index 701be8b59d..23e7cb7797 100644
--- a/package/connman/connman.mk
+++ b/package/connman/connman.mk
@@ -41,7 +41,7 @@ CONNMAN_CONF_OPTS += --with-firewall=iptables
CONNMAN_DEPENDENCIES += iptables
else ifeq ($(BR2_PACKAGE_CONNMAN_NFTABLES),y)
CONNMAN_CONF_OPTS += --with-firewall=nftables
-CONNMAN_DEPENDENCIES += nftables
+CONNMAN_DEPENDENCIES += libmnl nftables
endif
ifeq ($(BR2_PACKAGE_CONNMAN_LOOPBACK),y)
@@ -70,6 +70,13 @@ else
CONNMAN_CONF_OPTS += --disable-wifi
endif
+ifeq ($(BR2_PACKAGE_CONNMAN_WIREGUARD),y)
+CONNMAN_CONF_OPTS += --enable-wireguard
+CONNMAN_DEPENDENCIES += libmnl
+else
+CONNMAN_CONF_OPTS += --disable-wireguard
+endif
+
ifeq ($(BR2_PACKAGE_CONNMAN_WISPR),y)
CONNMAN_CONF_OPTS += --enable-wispr
CONNMAN_DEPENDENCIES += gnutls
--
2.20.1
^ permalink raw reply related [flat|nested] 10+ messages in thread
* [Buildroot] [PATCH 1/1] package/connman: enable wireguard
2020-03-08 7:07 [Buildroot] [PATCH 1/1] package/connman: enable wireguard James Hilliard
@ 2020-03-08 13:47 ` Thomas Petazzoni
2020-03-08 17:37 ` Petr Vorel
2020-03-26 20:46 ` Thomas Petazzoni
1 sibling, 1 reply; 10+ messages in thread
From: Thomas Petazzoni @ 2020-03-08 13:47 UTC (permalink / raw)
To: buildroot
Hello,
On Sun, 8 Mar 2020 00:07:41 -0700
James Hilliard <james.hilliard1@gmail.com> wrote:
> We also need to select libmnl when building with wireguard support or
> with nftables.
>
> Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
> ---
> package/connman/Config.in | 5 +++++
> package/connman/connman.mk | 9 ++++++++-
> 2 files changed, 13 insertions(+), 1 deletion(-)
>
> diff --git a/package/connman/Config.in b/package/connman/Config.in
> index ac012dda54..614b826f96 100644
> --- a/package/connman/Config.in
> +++ b/package/connman/Config.in
> @@ -33,6 +33,7 @@ config BR2_PACKAGE_CONNMAN_NFTABLES
> bool "nftables"
> depends on BR2_USE_WCHAR
> depends on BR2_TOOLCHAIN_HEADERS_AT_LEAST_3_12
> + select BR2_PACKAGE_LIBMNL
How is this related to wireguard support ?
> select BR2_PACKAGE_NFTABLES
> help
> Use nftables as firewall.
> @@ -51,6 +52,10 @@ config BR2_PACKAGE_CONNMAN_WIFI
> setup). ConnMan detects the start of wpa_supplicant
> automatically.
>
> +config BR2_PACKAGE_CONNMAN_WIREGUARD
> + bool "enable wireguard support"
> + select BR2_PACKAGE_LIBMNL
We already had a patch from Petr at
http://patchwork.ozlabs.org/patch/1246181/ to add Wireguard support,
but he was also selecting BR2_PACKAGE_WIREGUARD_TOOLS.
Could you or Petr clarify this ?
Best regards,
Thomas
--
Thomas Petazzoni, CTO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com
^ permalink raw reply [flat|nested] 10+ messages in thread
* [Buildroot] [PATCH 1/1] package/connman: enable wireguard
2020-03-08 13:47 ` Thomas Petazzoni
@ 2020-03-08 17:37 ` Petr Vorel
2020-03-08 18:17 ` Peter Korsgaard
2020-03-08 21:30 ` Thomas Petazzoni
0 siblings, 2 replies; 10+ messages in thread
From: Petr Vorel @ 2020-03-08 17:37 UTC (permalink / raw)
To: buildroot
Hi Thomas, James,
> On Sun, 8 Mar 2020 00:07:41 -0700
> James Hilliard <james.hilliard1@gmail.com> wrote:
> > We also need to select libmnl when building with wireguard support or
> > with nftables.
> > Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
> > ---
> > package/connman/Config.in | 5 +++++
> > package/connman/connman.mk | 9 ++++++++-
> > 2 files changed, 13 insertions(+), 1 deletion(-)
> > diff --git a/package/connman/Config.in b/package/connman/Config.in
> > index ac012dda54..614b826f96 100644
> > --- a/package/connman/Config.in
> > +++ b/package/connman/Config.in
> > @@ -33,6 +33,7 @@ config BR2_PACKAGE_CONNMAN_NFTABLES
> > bool "nftables"
> > depends on BR2_USE_WCHAR
> > depends on BR2_TOOLCHAIN_HEADERS_AT_LEAST_3_12
> > + select BR2_PACKAGE_LIBMNL
> How is this related to wireguard support ?
Yes.
> > select BR2_PACKAGE_NFTABLES
> > help
> > Use nftables as firewall.
> > @@ -51,6 +52,10 @@ config BR2_PACKAGE_CONNMAN_WIFI
> > setup). ConnMan detects the start of wpa_supplicant
> > automatically.
> > +config BR2_PACKAGE_CONNMAN_WIREGUARD
> > + bool "enable wireguard support"
> > + select BR2_PACKAGE_LIBMNL
> We already had a patch from Petr at
> http://patchwork.ozlabs.org/patch/1246181/ to add Wireguard support,
> but he was also selecting BR2_PACKAGE_WIREGUARD_TOOLS.
> Could you or Petr clarify this ?
configure.ac
found_libmnl="no"
if (test "${firewall_type}" = "nftables" -o \
"${enable_wireguard}" != "no"); then
PKG_CHECK_MODULES(LIBMNL, [libmnl >= 1.0.0], [found_libmnl="yes"],
AC_MSG_ERROR([libmnl >= 1.0.0 not found]))
AC_SUBST(LIBMNL_CFLAGS)
AC_SUBST(LIBMNL_LIBS)
fi
AM_CONDITIONAL(LIBMNL, test "${found_libmnl}" != "no")
IMHO this means that libmnl is required for nftables and wireguard.
Kind regards,
Petr
^ permalink raw reply [flat|nested] 10+ messages in thread
* [Buildroot] [PATCH 1/1] package/connman: enable wireguard
2020-03-08 17:37 ` Petr Vorel
@ 2020-03-08 18:17 ` Peter Korsgaard
2020-03-08 19:50 ` James Hilliard
2020-03-08 21:30 ` Thomas Petazzoni
1 sibling, 1 reply; 10+ messages in thread
From: Peter Korsgaard @ 2020-03-08 18:17 UTC (permalink / raw)
To: buildroot
>>>>> "Petr" == Petr Vorel <petr.vorel@gmail.com> writes:
Hi,
>> > +config BR2_PACKAGE_CONNMAN_WIREGUARD
>> > + bool "enable wireguard support"
>> > + select BR2_PACKAGE_LIBMNL
>> We already had a patch from Petr at
>> http://patchwork.ozlabs.org/patch/1246181/ to add Wireguard support,
>> but he was also selecting BR2_PACKAGE_WIREGUARD_TOOLS.
>> Could you or Petr clarify this ?
> configure.ac
> found_libmnl="no"
> if (test "${firewall_type}" = "nftables" -o \
> "${enable_wireguard}" != "no"); then
> PKG_CHECK_MODULES(LIBMNL, [libmnl >= 1.0.0], [found_libmnl="yes"],
> AC_MSG_ERROR([libmnl >= 1.0.0 not found]))
> AC_SUBST(LIBMNL_CFLAGS)
> AC_SUBST(LIBMNL_LIBS)
> fi
> AM_CONDITIONAL(LIBMNL, test "${found_libmnl}" != "no")
> IMHO this means that libmnl is required for nftables and wireguard.
Yes. What about wireguard-tools? Are they used by connman or does it
directly talk the netlink protocol? I guess the latter given the libmnl
dependency?
--
Bye, Peter Korsgaard
^ permalink raw reply [flat|nested] 10+ messages in thread
* [Buildroot] [PATCH 1/1] package/connman: enable wireguard
2020-03-08 18:17 ` Peter Korsgaard
@ 2020-03-08 19:50 ` James Hilliard
2020-03-08 20:17 ` Peter Korsgaard
0 siblings, 1 reply; 10+ messages in thread
From: James Hilliard @ 2020-03-08 19:50 UTC (permalink / raw)
To: buildroot
On Sun, Mar 8, 2020 at 12:17 PM Peter Korsgaard <peter@korsgaard.com> wrote:
>
> >>>>> "Petr" == Petr Vorel <petr.vorel@gmail.com> writes:
>
> Hi,
>
> >> > +config BR2_PACKAGE_CONNMAN_WIREGUARD
> >> > + bool "enable wireguard support"
> >> > + select BR2_PACKAGE_LIBMNL
>
> >> We already had a patch from Petr at
> >> http://patchwork.ozlabs.org/patch/1246181/ to add Wireguard support,
> >> but he was also selecting BR2_PACKAGE_WIREGUARD_TOOLS.
>
> >> Could you or Petr clarify this ?
> > configure.ac
> > found_libmnl="no"
> > if (test "${firewall_type}" = "nftables" -o \
> > "${enable_wireguard}" != "no"); then
> > PKG_CHECK_MODULES(LIBMNL, [libmnl >= 1.0.0], [found_libmnl="yes"],
> > AC_MSG_ERROR([libmnl >= 1.0.0 not found]))
> > AC_SUBST(LIBMNL_CFLAGS)
> > AC_SUBST(LIBMNL_LIBS)
> > fi
> > AM_CONDITIONAL(LIBMNL, test "${found_libmnl}" != "no")
>
> > IMHO this means that libmnl is required for nftables and wireguard.
>
> Yes. What about wireguard-tools? Are they used by connman or does it
> directly talk the netlink protocol? I guess the latter given the libmnl
> dependency?
Yeah, connman seemed to build fine with wireguard support without
wireguard-tools.
>
> --
> Bye, Peter Korsgaard
^ permalink raw reply [flat|nested] 10+ messages in thread
* [Buildroot] [PATCH 1/1] package/connman: enable wireguard
2020-03-08 19:50 ` James Hilliard
@ 2020-03-08 20:17 ` Peter Korsgaard
0 siblings, 0 replies; 10+ messages in thread
From: Peter Korsgaard @ 2020-03-08 20:17 UTC (permalink / raw)
To: buildroot
>>>>> "James" == James Hilliard <james.hilliard1@gmail.com> writes:
> On Sun, Mar 8, 2020 at 12:17 PM Peter Korsgaard <peter@korsgaard.com> wrote:
>>
>> >>>>> "Petr" == Petr Vorel <petr.vorel@gmail.com> writes:
>>
>> Hi,
>>
>> >> > +config BR2_PACKAGE_CONNMAN_WIREGUARD
>> >> > + bool "enable wireguard support"
>> >> > + select BR2_PACKAGE_LIBMNL
>>
>> >> We already had a patch from Petr at
>> >> http://patchwork.ozlabs.org/patch/1246181/ to add Wireguard support,
>> >> but he was also selecting BR2_PACKAGE_WIREGUARD_TOOLS.
>>
>> >> Could you or Petr clarify this ?
>> > configure.ac
>> > found_libmnl="no"
>> > if (test "${firewall_type}" = "nftables" -o \
>> > "${enable_wireguard}" != "no"); then
>> > PKG_CHECK_MODULES(LIBMNL, [libmnl >= 1.0.0], [found_libmnl="yes"],
>> > AC_MSG_ERROR([libmnl >= 1.0.0 not found]))
>> > AC_SUBST(LIBMNL_CFLAGS)
>> > AC_SUBST(LIBMNL_LIBS)
>> > fi
>> > AM_CONDITIONAL(LIBMNL, test "${found_libmnl}" != "no")
>>
>> > IMHO this means that libmnl is required for nftables and wireguard.
>>
>> Yes. What about wireguard-tools? Are they used by connman or does it
>> directly talk the netlink protocol? I guess the latter given the libmnl
>> dependency?
> Yeah, connman seemed to build fine with wireguard support without
> wireguard-tools.
Well, a wireguard-tools dependency issue would probably be visible at
runtime as it would then just call out to those binaries.
Looking at the code, I see that is not the case and connman directly
talks the netlink interface of the kernel driver:
https://git.kernel.org/pub/scm/network/connman/connman.git/tree/vpn/plugins/libwireguard.c
--
Bye, Peter Korsgaard
^ permalink raw reply [flat|nested] 10+ messages in thread
* [Buildroot] [PATCH 1/1] package/connman: enable wireguard
2020-03-08 17:37 ` Petr Vorel
2020-03-08 18:17 ` Peter Korsgaard
@ 2020-03-08 21:30 ` Thomas Petazzoni
2020-03-08 21:31 ` James Hilliard
1 sibling, 1 reply; 10+ messages in thread
From: Thomas Petazzoni @ 2020-03-08 21:30 UTC (permalink / raw)
To: buildroot
Hello,
On Sun, 8 Mar 2020 18:37:18 +0100
Petr Vorel <petr.vorel@gmail.com> wrote:
> > > diff --git a/package/connman/Config.in b/package/connman/Config.in
> > > index ac012dda54..614b826f96 100644
> > > --- a/package/connman/Config.in
> > > +++ b/package/connman/Config.in
> > > @@ -33,6 +33,7 @@ config BR2_PACKAGE_CONNMAN_NFTABLES
> > > bool "nftables"
> > > depends on BR2_USE_WCHAR
> > > depends on BR2_TOOLCHAIN_HEADERS_AT_LEAST_3_12
> > > + select BR2_PACKAGE_LIBMNL
>
> > How is this related to wireguard support ?
> Yes.
>
> > > select BR2_PACKAGE_NFTABLES
> > > help
> > > Use nftables as firewall.
> > > @@ -51,6 +52,10 @@ config BR2_PACKAGE_CONNMAN_WIFI
> > > setup). ConnMan detects the start of wpa_supplicant
> > > automatically.
>
> > > +config BR2_PACKAGE_CONNMAN_WIREGUARD
> > > + bool "enable wireguard support"
> > > + select BR2_PACKAGE_LIBMNL
>
> > We already had a patch from Petr at
> > http://patchwork.ozlabs.org/patch/1246181/ to add Wireguard support,
> > but he was also selecting BR2_PACKAGE_WIREGUARD_TOOLS.
>
> > Could you or Petr clarify this ?
> configure.ac
> found_libmnl="no"
> if (test "${firewall_type}" = "nftables" -o \
> "${enable_wireguard}" != "no"); then
> PKG_CHECK_MODULES(LIBMNL, [libmnl >= 1.0.0], [found_libmnl="yes"],
> AC_MSG_ERROR([libmnl >= 1.0.0 not found]))
> AC_SUBST(LIBMNL_CFLAGS)
> AC_SUBST(LIBMNL_LIBS)
> fi
> AM_CONDITIONAL(LIBMNL, test "${found_libmnl}" != "no")
Then the "select BR2_PACKAGE_LIBMNL" added to
BR2_PACKAGE_CONNMAN_NFTABLES is completely unrelated to wireguard
support. connman needs libmnl if nftables is used *or* if wireguard is
used.
So the missing select BR2_PACKAGE_LIBMNL in
BR2_PACKAGE_CONNMAN_NFTABLES should be added as a separate patch.
Thanks!
Thomas
--
Thomas Petazzoni, CTO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com
^ permalink raw reply [flat|nested] 10+ messages in thread
* [Buildroot] [PATCH 1/1] package/connman: enable wireguard
2020-03-08 21:30 ` Thomas Petazzoni
@ 2020-03-08 21:31 ` James Hilliard
2020-03-08 21:45 ` Petr Vorel
0 siblings, 1 reply; 10+ messages in thread
From: James Hilliard @ 2020-03-08 21:31 UTC (permalink / raw)
To: buildroot
On Sun, Mar 8, 2020 at 3:30 PM Thomas Petazzoni
<thomas.petazzoni@bootlin.com> wrote:
>
> Hello,
>
> On Sun, 8 Mar 2020 18:37:18 +0100
> Petr Vorel <petr.vorel@gmail.com> wrote:
>
> > > > diff --git a/package/connman/Config.in b/package/connman/Config.in
> > > > index ac012dda54..614b826f96 100644
> > > > --- a/package/connman/Config.in
> > > > +++ b/package/connman/Config.in
> > > > @@ -33,6 +33,7 @@ config BR2_PACKAGE_CONNMAN_NFTABLES
> > > > bool "nftables"
> > > > depends on BR2_USE_WCHAR
> > > > depends on BR2_TOOLCHAIN_HEADERS_AT_LEAST_3_12
> > > > + select BR2_PACKAGE_LIBMNL
> >
> > > How is this related to wireguard support ?
> > Yes.
> >
> > > > select BR2_PACKAGE_NFTABLES
> > > > help
> > > > Use nftables as firewall.
> > > > @@ -51,6 +52,10 @@ config BR2_PACKAGE_CONNMAN_WIFI
> > > > setup). ConnMan detects the start of wpa_supplicant
> > > > automatically.
> >
> > > > +config BR2_PACKAGE_CONNMAN_WIREGUARD
> > > > + bool "enable wireguard support"
> > > > + select BR2_PACKAGE_LIBMNL
> >
> > > We already had a patch from Petr at
> > > http://patchwork.ozlabs.org/patch/1246181/ to add Wireguard support,
> > > but he was also selecting BR2_PACKAGE_WIREGUARD_TOOLS.
> >
> > > Could you or Petr clarify this ?
> > configure.ac
> > found_libmnl="no"
> > if (test "${firewall_type}" = "nftables" -o \
> > "${enable_wireguard}" != "no"); then
> > PKG_CHECK_MODULES(LIBMNL, [libmnl >= 1.0.0], [found_libmnl="yes"],
> > AC_MSG_ERROR([libmnl >= 1.0.0 not found]))
> > AC_SUBST(LIBMNL_CFLAGS)
> > AC_SUBST(LIBMNL_LIBS)
> > fi
> > AM_CONDITIONAL(LIBMNL, test "${found_libmnl}" != "no")
>
> Then the "select BR2_PACKAGE_LIBMNL" added to
> BR2_PACKAGE_CONNMAN_NFTABLES is completely unrelated to wireguard
> support. connman needs libmnl if nftables is used *or* if wireguard is
> used.
>
> So the missing select BR2_PACKAGE_LIBMNL in
> BR2_PACKAGE_CONNMAN_NFTABLES should be added as a separate patch.
Sent here already: https://patchwork.ozlabs.org/patch/1251106/
>
> Thanks!
>
> Thomas
> --
> Thomas Petazzoni, CTO, Bootlin
> Embedded Linux and Kernel engineering
> https://bootlin.com
^ permalink raw reply [flat|nested] 10+ messages in thread
* [Buildroot] [PATCH 1/1] package/connman: enable wireguard
2020-03-08 21:31 ` James Hilliard
@ 2020-03-08 21:45 ` Petr Vorel
0 siblings, 0 replies; 10+ messages in thread
From: Petr Vorel @ 2020-03-08 21:45 UTC (permalink / raw)
To: buildroot
Hi,
> > Then the "select BR2_PACKAGE_LIBMNL" added to
> > BR2_PACKAGE_CONNMAN_NFTABLES is completely unrelated to wireguard
> > support. connman needs libmnl if nftables is used *or* if wireguard is
> > used.
> > So the missing select BR2_PACKAGE_LIBMNL in
> > BR2_PACKAGE_CONNMAN_NFTABLES should be added as a separate patch.
> Sent here already: https://patchwork.ozlabs.org/patch/1251106/
James, thanks for your fix!
(add my Reviewed-by: tag to it).
Sorry for wrong patch.
Kind regards,
Petr
^ permalink raw reply [flat|nested] 10+ messages in thread
* [Buildroot] [PATCH 1/1] package/connman: enable wireguard
2020-03-08 7:07 [Buildroot] [PATCH 1/1] package/connman: enable wireguard James Hilliard
2020-03-08 13:47 ` Thomas Petazzoni
@ 2020-03-26 20:46 ` Thomas Petazzoni
1 sibling, 0 replies; 10+ messages in thread
From: Thomas Petazzoni @ 2020-03-26 20:46 UTC (permalink / raw)
To: buildroot
On Sun, 8 Mar 2020 00:07:41 -0700
James Hilliard <james.hilliard1@gmail.com> wrote:
> We also need to select libmnl when building with wireguard support or
> with nftables.
>
> Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
> ---
> package/connman/Config.in | 5 +++++
> package/connman/connman.mk | 9 ++++++++-
> 2 files changed, 13 insertions(+), 1 deletion(-)
I've applied to master, but only the parts related to wireguard
support, as the rest was applied separately.
Thanks,
Thomas
--
Thomas Petazzoni, CTO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com
^ permalink raw reply [flat|nested] 10+ messages in thread
end of thread, other threads:[~2020-03-26 20:46 UTC | newest]
Thread overview: 10+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-03-08 7:07 [Buildroot] [PATCH 1/1] package/connman: enable wireguard James Hilliard
2020-03-08 13:47 ` Thomas Petazzoni
2020-03-08 17:37 ` Petr Vorel
2020-03-08 18:17 ` Peter Korsgaard
2020-03-08 19:50 ` James Hilliard
2020-03-08 20:17 ` Peter Korsgaard
2020-03-08 21:30 ` Thomas Petazzoni
2020-03-08 21:31 ` James Hilliard
2020-03-08 21:45 ` Petr Vorel
2020-03-26 20:46 ` Thomas Petazzoni
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.