aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorStefan Agner <stefan@agner.ch>2017-04-26 22:30:21 -0700
committerJoe MacDonald <joe_macdonald@mentor.com>2017-04-27 12:02:13 -0400
commit9867ffa48e2a4001fa743e5a0b9a96074da46ffb (patch)
tree8686ce446fbafc914b41759ae3d6bb329a85a80a
parent57d3b5c5c8e6b649f0b029ce5a2a4c51387e3882 (diff)
downloadmeta-openembedded-contrib-9867ffa48e2a4001fa743e5a0b9a96074da46ffb.tar.gz
wireguard: add WireGuard kernel module and tools
WireGuard is an extremely simple yet fast and modern VPN that utilizes state-of-the-art cryptography. It aims to be faster, simpler, leaner, and more useful than IPSec, while avoiding the massive headache. The recipes add the current experimental snapshot v0.0.20170421 out-of-tree kernel module and tools. The kernel module has some kernel configuration dependencies such as some configuration part of features/netfilter/netfilter.scc, hence netfilter.scc should be part of KERNEL_EXTRA_FEATURES (which is the case by default). Since wireguard-tools is TUNE_PKGARCH and depends on wireguard-module which is MACHINE_ARCH (like all kernel modules) we need to add this dependency to SIGGEN_EXCLUDE_SAFE_RECIPE_DEPS. Signed-off-by: Stefan Agner <stefan@agner.ch> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
-rw-r--r--meta-networking/conf/layer.conf4
-rw-r--r--meta-networking/recipes-kernel/wireguard/wireguard-module_0.0.20170421.bb13
-rw-r--r--meta-networking/recipes-kernel/wireguard/wireguard-tools_0.0.20170421.bb27
-rw-r--r--meta-networking/recipes-kernel/wireguard/wireguard.inc18
4 files changed, 62 insertions, 0 deletions
diff --git a/meta-networking/conf/layer.conf b/meta-networking/conf/layer.conf
index 85ad93bda3..b5aa1599b6 100644
--- a/meta-networking/conf/layer.conf
+++ b/meta-networking/conf/layer.conf
@@ -21,3 +21,7 @@ LICENSE_PATH += "${LAYERDIR}/licenses"
# Override security flags
require conf/distro/include/meta_networking_security_flags.inc
+
+SIGGEN_EXCLUDE_SAFE_RECIPE_DEPS += " \
+ wireguard-tools->wireguard-module \
+"
diff --git a/meta-networking/recipes-kernel/wireguard/wireguard-module_0.0.20170421.bb b/meta-networking/recipes-kernel/wireguard/wireguard-module_0.0.20170421.bb
new file mode 100644
index 0000000000..cb21bda933
--- /dev/null
+++ b/meta-networking/recipes-kernel/wireguard/wireguard-module_0.0.20170421.bb
@@ -0,0 +1,13 @@
+require wireguard.inc
+
+inherit module
+
+# This module requires Linux 3.10 higher and several networking related
+# configuration options. For exact kernel requirements visit:
+# https://www.wireguard.io/install/#kernel-requirements
+
+EXTRA_OEMAKE += "KERNELDIR=${STAGING_KERNEL_DIR}"
+MAKE_TARGETS = "module"
+MODULES_INSTALL_TARGET = "module-install"
+
+RRECOMMENDS_${PN} = "kernel-module-xt-hashlimit"
diff --git a/meta-networking/recipes-kernel/wireguard/wireguard-tools_0.0.20170421.bb b/meta-networking/recipes-kernel/wireguard/wireguard-tools_0.0.20170421.bb
new file mode 100644
index 0000000000..79d420f1a4
--- /dev/null
+++ b/meta-networking/recipes-kernel/wireguard/wireguard-tools_0.0.20170421.bb
@@ -0,0 +1,27 @@
+require wireguard.inc
+
+inherit bash-completion systemd pkgconfig
+
+DEPENDS = "wireguard-module libmnl"
+
+do_compile_prepend () {
+ cd ${S}/tools
+}
+
+do_install () {
+ cd ${S}/tools
+ oe_runmake DESTDIR="${D}" PREFIX="${prefix}" SYSCONFDIR="${sysconfdir}" \
+ SYSTEMDUNITDIR="${systemd_unitdir}" \
+ WITH_SYSTEMDUNITS=${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'yes', '', d)} \
+ WITH_BASHCOMPLETION=yes \
+ WITH_WGQUICK=yes \
+ install
+}
+
+FILES_${PN} = " \
+ ${sysconfdir} \
+ ${systemd_unitdir} \
+ ${bindir} \
+"
+
+RDEPENDS_${PN} = "wireguard-module"
diff --git a/meta-networking/recipes-kernel/wireguard/wireguard.inc b/meta-networking/recipes-kernel/wireguard/wireguard.inc
new file mode 100644
index 0000000000..46a9971f8d
--- /dev/null
+++ b/meta-networking/recipes-kernel/wireguard/wireguard.inc
@@ -0,0 +1,18 @@
+SUMMARY = "WireGuard is an extremely simple yet fast and modern VPN"
+DESCRIPTION="WireGuard is a secure network tunnel, operating at layer 3, \
+implemented as a kernel virtual network interface for Linux, which aims to \
+replace both IPsec for most use cases, as well as popular user space and/or \
+TLS-based solutions like OpenVPN, while being more secure, more performant, \
+and easier to use."
+SECTION = "networking"
+HOMEPAGE = "https://www.wireguard.io/"
+LICENSE = "GPLv2"
+
+LIC_FILES_CHKSUM = "file://../COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263"
+
+SRC_URI = "https://git.zx2c4.com/WireGuard/snapshot/WireGuard-${PV}.tar.xz"
+
+SRC_URI[md5sum] = "8e559f4fd672b15c38a15eb4d88cc84d"
+SRC_URI[sha256sum] = "03c82af774224cd171d000ee4a519b5e474cc6842ac04967773cf77b26750000"
+
+S = "${WORKDIR}/WireGuard-${PV}/src/"