diff options
-rw-r--r-- | src/Kbuild | 5 | ||||
-rw-r--r-- | src/Kconfig | 2 | ||||
-rw-r--r-- | src/crypto/curve25519.c | 6 | ||||
-rw-r--r-- | src/tests/qemu/Makefile | 177 | ||||
-rw-r--r-- | src/tests/qemu/arch/aarch64.config | 4 | ||||
-rw-r--r-- | src/tests/qemu/arch/arm.config | 8 | ||||
-rw-r--r-- | src/tests/qemu/arch/i386.config | 4 | ||||
-rw-r--r-- | src/tests/qemu/arch/mips.config | 9 | ||||
-rw-r--r-- | src/tests/qemu/arch/mips64.config | 10 | ||||
-rw-r--r-- | src/tests/qemu/arch/mips64el.config | 11 | ||||
-rw-r--r-- | src/tests/qemu/arch/mipsel.config | 10 | ||||
-rw-r--r-- | src/tests/qemu/arch/x86_64.config | 4 | ||||
-rw-r--r-- | src/tests/qemu/init.c | 84 | ||||
-rw-r--r-- | src/tests/qemu/kernel.config | 13 |
14 files changed, 249 insertions, 98 deletions
@@ -21,7 +21,10 @@ ifeq ($(CONFIG_ARM64),y) wireguard-$(CONFIG_KERNEL_MODE_NEON) += crypto/chacha20-neon-arm64.o endif ifeq ($(CONFIG_ARM),y) - wireguard-$(CONFIG_KERNEL_MODE_NEON) += crypto/chacha20-neon-arm.o crypto/curve25519-neon-arm.o + wireguard-$(CONFIG_KERNEL_MODE_NEON) += crypto/chacha20-neon-arm.o + ifneq ($(CONFIG_CPU_THUMBONLY),y) + wireguard-$(CONFIG_KERNEL_MODE_NEON) += crypto/curve25519-neon-arm.o + endif endif ifneq ($(KBUILD_EXTMOD),) diff --git a/src/Kconfig b/src/Kconfig index e84aebb..811d1e2 100644 --- a/src/Kconfig +++ b/src/Kconfig @@ -3,6 +3,8 @@ config WIREGUARD depends on NET && INET select NET_UDP_TUNNEL select CRYPTO_BLKCIPHER + select VFP + select VFPv3 select NEON select KERNEL_MODE_NEON default m diff --git a/src/crypto/curve25519.c b/src/crypto/curve25519.c index a53841d..892da78 100644 --- a/src/crypto/curve25519.c +++ b/src/crypto/curve25519.c @@ -190,7 +190,7 @@ static void curve25519_sandy2x_base(u8 pub[CURVE25519_POINT_SIZE], const u8 secr memzero_explicit(x_51, sizeof(x_51)); memzero_explicit(z_51, sizeof(z_51)); } -#elif IS_ENABLED(CONFIG_KERNEL_MODE_NEON) && defined(CONFIG_ARM) +#elif IS_ENABLED(CONFIG_KERNEL_MODE_NEON) && defined(CONFIG_ARM) && !defined(CONFIG_CPU_THUMBONLY) #include <asm/hwcap.h> #include <asm/neon.h> #include <asm/simd.h> @@ -1416,7 +1416,7 @@ static void cmult(limb *resultx, limb *resultz, const u8 *n, const limb *q) bool curve25519(u8 mypublic[CURVE25519_POINT_SIZE], const u8 secret[CURVE25519_POINT_SIZE], const u8 basepoint[CURVE25519_POINT_SIZE]) { -#if IS_ENABLED(CONFIG_KERNEL_MODE_NEON) && defined(CONFIG_ARM) +#if IS_ENABLED(CONFIG_KERNEL_MODE_NEON) && defined(CONFIG_ARM) && !defined(CONFIG_CPU_THUMBONLY) if (curve25519_use_neon && may_use_simd()) { kernel_neon_begin(); curve25519_asm_neon(mypublic, secret, basepoint); @@ -1590,7 +1590,7 @@ static void cmult(struct other_stack *s, limb *resultx, limb *resultz, const u8 bool curve25519(u8 mypublic[CURVE25519_POINT_SIZE], const u8 secret[CURVE25519_POINT_SIZE], const u8 basepoint[CURVE25519_POINT_SIZE]) { -#if IS_ENABLED(CONFIG_KERNEL_MODE_NEON) && defined(CONFIG_ARM) +#if IS_ENABLED(CONFIG_KERNEL_MODE_NEON) && defined(CONFIG_ARM) && !defined(CONFIG_CPU_THUMBONLY) if (curve25519_use_neon && may_use_simd()) { kernel_neon_begin(); curve25519_asm_neon(mypublic, secret, basepoint); diff --git a/src/tests/qemu/Makefile b/src/tests/qemu/Makefile index 130ae6d..ae03f6a 100644 --- a/src/tests/qemu/Makefile +++ b/src/tests/qemu/Makefile @@ -1,8 +1,17 @@ PWD := $(shell pwd) +CHOST := $(shell gcc -dumpmachine) +ifneq (,$(ARCH)) +CBUILD := $(subst -gcc,,$(lastword $(subst /, ,$(firstword $(filter-out android,$(wildcard /usr/bin/$(ARCH)-*-gcc)))))) +endif +ifeq (,$(CBUILD)) +CBUILD := $(CHOST) +endif +ARCH := $(firstword $(subst -, ,$(CBUILD))) + # Set these from the environment to override -KERNEL_VERSION ?= 4.13.5 -BUILD_PATH ?= $(PWD)/../../../qemu-build +KERNEL_VERSION ?= 4.13.9 +BUILD_PATH ?= $(PWD)/../../../qemu-build/$(ARCH) DISTFILES_PATH ?= $(PWD)/distfiles DEBUG_KERNEL ?= no NR_CPUS ?= 2 @@ -11,8 +20,6 @@ DOWNLOAD := wget -O # DOWNLOAD := curl -f -o MIRROR := https://download.wireguard.com/qemu-test/distfiles/ -CHOST := $(shell gcc -dumpmachine) -ARCH := $(shell uname -m) WIREGUARD_SOURCES := $(wildcard ../../*.c ../../*.h ../../selftest/*.h ../../crypto/*.c ../../crypto/*.h ../../crypto/*.S ../../compat/*.h) TOOLS_SOURCES := $(wildcard ../../tools/*.c ../../tools/*.h ../../uapi/*.h) @@ -49,20 +56,107 @@ $(eval $(call tar_download,IPTABLES,iptables,1.6.1,.tar.bz2,http://ftp.netfilter $(eval $(call tar_download,NMAP,nmap,7.60,.tar.bz2,https://nmap.org/dist/)) $(eval $(call tar_download,IPUTILS,iputils,s20161105,.tar.gz,https://github.com/iputils/iputils/archive/s20161105.tar.gz/#)) +export CFLAGS ?= -O3 -pipe +export CPPFLAGS := -I$(BUILD_PATH)/include + +ifeq ($(CHOST),$(CBUILD)) +CROSS_COMPILE_FLAG := --host=$(CHOST) +CFLAGS += -march=native +else +$(info Cross compilation: building for $(CBUILD) using $(CHOST)) +CROSS_COMPILE_FLAG := --build=$(CBUILD) --host=$(CHOST) +export CROSS_COMPILE=$(CBUILD)- +endif ifeq ($(ARCH),aarch64) +QEMU_ARCH := aarch64 KERNEL_ARCH := arm64 KERNEL_BZIMAGE := $(KERNEL_PATH)/arch/arm64/boot/Image -QEMU_MACHINE := -machine virt,accel=kvm,gic_version=host +ifeq ($(CHOST),$(CBUILD)) +QEMU_MACHINE := -cpu host -machine virt,gic_version=host,accel=kvm +else +QEMU_MACHINE := -cpu cortex-a53 -machine virt +CFLAGS += -march=armv8-a -mtune=cortex-a53 +endif +else ifeq ($(ARCH),arm) +QEMU_ARCH := arm +KERNEL_ARCH := arm +KERNEL_BZIMAGE := $(KERNEL_PATH)/arch/arm/boot/zImage +ifeq ($(CHOST),$(CBUILD)) +QEMU_MACHINE := -cpu host -machine virt,gic_version=host,accel=kvm else -KERNEL_ARCH := $(ARCH) +QEMU_MACHINE := -cpu cortex-a15 -machine virt +CFLAGS += -march=armv7-a -mtune=cortex-a15 -mabi=aapcs-linux +endif +else ifeq ($(ARCH),x86_64) +QEMU_ARCH := x86_64 +KERNEL_ARCH := x86_64 KERNEL_BZIMAGE := $(KERNEL_PATH)/arch/x86/boot/bzImage -QEMU_MACHINE := -machine q35,accel=kvm +ifeq ($(CHOST),$(CBUILD)) +QEMU_MACHINE := -cpu host -machine q35,accel=kvm +else +QEMU_MACHINE := -cpu Skylake-Server -machine q35 +CFLAGS += -march=skylake-avx512 +endif +else ifeq ($(ARCH),i686) +QEMU_ARCH := i386 +KERNEL_ARCH := x86 +KERNEL_BZIMAGE := $(KERNEL_PATH)/arch/x86/boot/bzImage +ifeq ($(subst i686,x86_64,$(CBUILD)),$(CHOST)) +QEMU_MACHINE := -cpu host -machine q35,accel=kvm +else +QEMU_MACHINE := -cpu coreduo -machine q35 +CFLAGS += -march=prescott +endif +else ifeq ($(ARCH),mips64) +QEMU_ARCH := mips64 +KERNEL_ARCH := mips +KERNEL_BZIMAGE := $(KERNEL_PATH)/vmlinux +ifeq ($(CHOST),$(CBUILD)) +QEMU_MACHINE := -cpu host -machine malta,accel=kvm +CFLAGS += -EB +else +QEMU_MACHINE := -cpu 20Kc -machine malta -smp 1 +CFLAGS += -march=mips64r2 -EB +endif +else ifeq ($(ARCH),mips64el) +QEMU_ARCH := mips64el +KERNEL_ARCH := mips +KERNEL_BZIMAGE := $(KERNEL_PATH)/vmlinux +ifeq ($(CHOST),$(CBUILD)) +QEMU_MACHINE := -cpu host -machine malta,accel=kvm +CFLAGS += -EL +else +QEMU_MACHINE := -cpu 20Kc -machine malta -smp 1 +CFLAGS += -march=mips64r2 -EL +endif +else ifeq ($(ARCH),mips) +QEMU_ARCH := mips +KERNEL_ARCH := mips +KERNEL_BZIMAGE := $(KERNEL_PATH)/vmlinux +ifeq ($(CHOST),$(CBUILD)) +QEMU_MACHINE := -cpu host -machine malta,accel=kvm +CFLAGS += -EB +else +QEMU_MACHINE := -cpu 24Kf -machine malta -smp 1 +CFLAGS += -march=mips32r2 -EB +endif +else ifeq ($(ARCH),mipsel) +QEMU_ARCH := mipsel +KERNEL_ARCH := mips +KERNEL_BZIMAGE := $(KERNEL_PATH)/vmlinux +ifeq ($(CHOST),$(CBUILD)) +QEMU_MACHINE := -cpu host -machine malta,accel=kvm +CFLAGS += -EL +else +QEMU_MACHINE := -cpu 24Kf -machine malta -smp 1 +CFLAGS += -march=mips32r2 -EL +endif +else +$(error I only build: x86_64, i686, arm, aarch64, mips, mipsel, mips64, mips64el) endif -export CFLAGS ?= -O3 -march=native -pipe -export CPPFLAGS := -I$(BUILD_PATH)/include - -REAL_CC := $(CC) +STRIP := $(CBUILD)-strip +REAL_CC := $(CBUILD)-gcc MUSL_CC := $(BUILD_PATH)/musl-gcc export CC := $(MUSL_CC) USERSPACE_DEPS := $(MUSL_CC) $(BUILD_PATH)/include/.installed $(BUILD_PATH)/include/linux/.installed @@ -70,20 +164,14 @@ USERSPACE_DEPS := $(MUSL_CC) $(BUILD_PATH)/include/.installed $(BUILD_PATH)/incl build: $(KERNEL_BZIMAGE) qemu: $(KERNEL_BZIMAGE) rm -f $(BUILD_PATH)/result - qemu-system-$(ARCH) \ + qemu-system-$(QEMU_ARCH) \ -nodefaults \ -nographic \ - $(QEMU_MACHINE) \ - -cpu host \ -smp $(NR_CPUS) \ + $(QEMU_MACHINE) \ -m 192M \ - -object rng-random,id=rng0,filename=/dev/urandom \ - -device virtio-rng-pci,rng=rng0 \ - -device virtio-serial,max_ports=2 \ - -chardev stdio,id=stdio \ - -device virtconsole,chardev=stdio \ - -chardev file,id=status,path=$(BUILD_PATH)/result \ - -device virtserialport,chardev=status \ + -serial stdio \ + -serial file:$(BUILD_PATH)/result \ -no-reboot \ -monitor none \ -kernel $< @@ -118,27 +206,28 @@ $(KERNEL_PATH)/.installed: $(KERNEL_TAR) ln -sfT $(shell readlink -f ../..) $(KERNEL_PATH)/net/wireguard touch $@ -$(KERNEL_PATH)/.config: kernel.config | $(KERNEL_PATH)/.installed +$(KERNEL_PATH)/.config: kernel.config arch/$(QEMU_ARCH).config | $(KERNEL_PATH)/.installed cp kernel.config $(KERNEL_PATH)/minimal.config printf 'CONFIG_NR_CPUS=$(NR_CPUS)\nCONFIG_INITRAMFS_SOURCE="$(BUILD_PATH)/init-cpio-spec.txt"\n' >> $(KERNEL_PATH)/minimal.config + cat arch/$(QEMU_ARCH).config >> $(KERNEL_PATH)/minimal.config $(MAKE) -C $(KERNEL_PATH) ARCH=$(KERNEL_ARCH) allnoconfig - cd $(KERNEL_PATH) && scripts/kconfig/merge_config.sh -n .config minimal.config - -[ "$(DEBUG_KERNEL)" = "yes" ] && ( cd $(KERNEL_PATH) && scripts/kconfig/merge_config.sh -n .config $(PWD)/debug.config ) + export ARCH=$(KERNEL_ARCH); cd $(KERNEL_PATH) && scripts/kconfig/merge_config.sh -n .config minimal.config + [ "$(DEBUG_KERNEL)" != "yes" ] || ( export ARCH=$(KERNEL_ARCH); cd $(KERNEL_PATH) && scripts/kconfig/merge_config.sh -n .config $(PWD)/debug.config ) $(KERNEL_BZIMAGE): $(KERNEL_PATH)/.config $(BUILD_PATH)/init-cpio-spec.txt $(MUSL_PATH)/lib/libc.so $(IPERF_PATH)/src/iperf3 $(BUILD_PATH)/tools/wg $(IPUTILS_PATH)/ping $(BASH_PATH)/bash $(IPROUTE2_PATH)/misc/ss $(IPROUTE2_PATH)/ip/ip $(IPTABLES_PATH)/iptables/xtables-multi $(NMAP_PATH)/ncat/ncat $(BUILD_PATH)/init ../netns.sh $(WIREGUARD_SOURCES) $(TOOLS_SOURCES) - LOCALVERSION="" $(MAKE) -C $(KERNEL_PATH) + LOCALVERSION="" $(MAKE) -C $(KERNEL_PATH) ARCH=$(KERNEL_ARCH) CROSS_COMPILE=$(CROSS_COMPILE) $(BUILD_PATH)/include/linux/.installed: | $(KERNEL_PATH)/.config - LOCALVERSION="" $(MAKE) -C $(KERNEL_PATH) INSTALL_HDR_PATH=$(BUILD_PATH) headers_install + LOCALVERSION="" $(MAKE) -C $(KERNEL_PATH) INSTALL_HDR_PATH=$(BUILD_PATH) ARCH=$(KERNEL_ARCH) CROSS_COMPILE=$(CROSS_COMPILE) headers_install touch $@ $(MUSL_PATH)/lib/libc.so: $(MUSL_TAR) mkdir -p $(BUILD_PATH) flock -x $<.lock true tar -C $(BUILD_PATH) -xf $< - cd $(MUSL_PATH) && CC=$(REAL_CC) ./configure --prefix=/ --disable-static + cd $(MUSL_PATH) && CC=$(REAL_CC) ./configure --prefix=/ --disable-static --build=$(CBUILD) $(MAKE) -C $(MUSL_PATH) - strip -s $@ + $(STRIP) -s $@ $(BUILD_PATH)/include/.installed: $(MUSL_PATH)/lib/libc.so $(MAKE) -C $(MUSL_PATH) DESTDIR=$(BUILD_PATH) install-headers @@ -146,7 +235,7 @@ $(BUILD_PATH)/include/.installed: $(MUSL_PATH)/lib/libc.so $(MUSL_CC): $(MUSL_PATH)/lib/libc.so sh $(MUSL_PATH)/tools/musl-gcc.specs.sh $(BUILD_PATH)/include $(MUSL_PATH)/lib /lib/ld-linux.so.1 > $(BUILD_PATH)/musl-gcc.specs - printf '#!/bin/sh\nexec "$(REAL_CC)" "$$@" -specs "$(BUILD_PATH)/musl-gcc.specs" -no-pie\n' > $(BUILD_PATH)/musl-gcc + printf '#!/bin/sh\nexec "$(REAL_CC)" "$$@" -specs "$(BUILD_PATH)/musl-gcc.specs" -fno-stack-protector -no-pie\n' > $(BUILD_PATH)/musl-gcc chmod +x $(BUILD_PATH)/musl-gcc $(IPERF_PATH)/.installed: $(IPERF_TAR) @@ -158,9 +247,9 @@ $(IPERF_PATH)/.installed: $(IPERF_TAR) touch $@ $(IPERF_PATH)/src/iperf3: | $(IPERF_PATH)/.installed $(USERSPACE_DEPS) - cd $(IPERF_PATH) && CFLAGS="$(CFLAGS) -D_GNU_SOURCE" ./configure --prefix=/ --host=$(CHOST) --enable-static --disable-shared + cd $(IPERF_PATH) && CFLAGS="$(CFLAGS) -D_GNU_SOURCE" ./configure --prefix=/ $(CROSS_COMPILE_FLAG) --enable-static --disable-shared $(MAKE) -C $(IPERF_PATH) - strip -s $@ + $(STRIP) -s $@ $(LIBMNL_PATH)/.installed: $(LIBMNL_TAR) flock -x $<.lock true @@ -168,7 +257,7 @@ $(LIBMNL_PATH)/.installed: $(LIBMNL_TAR) touch $@ $(LIBMNL_PATH)/src/.libs/libmnl.a: | $(LIBMNL_PATH)/.installed $(USERSPACE_DEPS) - cd $(LIBMNL_PATH) && ./configure --prefix=/ --host=$(CHOST) --enable-static --disable-shared + cd $(LIBMNL_PATH) && ./configure --prefix=/ $(CROSS_COMPILE_FLAG) --enable-static --disable-shared $(MAKE) -C $(LIBMNL_PATH) sed -i 's:prefix=.*:prefix=$(LIBMNL_PATH):' $(LIBMNL_PATH)/libmnl.pc @@ -177,12 +266,12 @@ $(BUILD_PATH)/tools/wg: $(TOOLS_SOURCES) | $(LIBMNL_PATH)/src/.libs/libmnl.a $(U cp -pr ../../uapi ../../tools $(BUILD_PATH)/ $(MAKE) -C $(BUILD_PATH)/tools clean LDFLAGS="$(LDFLAGS) -L$(LIBMNL_PATH)/src/.libs" $(MAKE) -C $(BUILD_PATH)/tools LIBMNL_CFLAGS="-I$(LIBMNL_PATH)/include" LIBMNL_LDLIBS="-lmnl" wg - strip -s $@ + $(STRIP) -s $@ $(BUILD_PATH)/init: init.c | $(USERSPACE_DEPS) mkdir -p $(BUILD_PATH) - $(MUSL_CC) -o $@ -O3 -std=gnu11 $< - strip -s $@ + $(MUSL_CC) -o $@ $(CFLAGS) -std=gnu11 $< + $(STRIP) -s $@ $(IPUTILS_PATH)/.installed: $(IPUTILS_TAR) mkdir -p $(BUILD_PATH) @@ -192,7 +281,7 @@ $(IPUTILS_PATH)/.installed: $(IPUTILS_TAR) $(IPUTILS_PATH)/ping: | $(IPUTILS_PATH)/.installed $(USERSPACE_DEPS) $(MAKE) -C $(IPUTILS_PATH) USE_CAP=no USE_IDN=no USE_NETTLE=no USE_CRYPTO=no ping - strip -s $@ + $(STRIP) -s $@ $(BASH_PATH)/.installed: $(BASH_TAR) mkdir -p $(BUILD_PATH) @@ -201,9 +290,9 @@ $(BASH_PATH)/.installed: $(BASH_TAR) touch $@ $(BASH_PATH)/bash: | $(BASH_PATH)/.installed $(USERSPACE_DEPS) - cd $(BASH_PATH) && ./configure --prefix=/ --host=$(CHOST) --without-bash-malloc --disable-debugger --disable-help-builtin --disable-history --disable-multibyte --disable-progcomp --disable-readline --disable-mem-scramble + cd $(BASH_PATH) && ./configure --prefix=/ $(CROSS_COMPILE_FLAG) --without-bash-malloc --disable-debugger --disable-help-builtin --disable-history --disable-multibyte --disable-progcomp --disable-readline --disable-mem-scramble $(MAKE) -C $(BASH_PATH) - strip -s $@ + $(STRIP) -s $@ $(eval $(call file_download,271-uapi-libc-compat.h-do-not-rely-on-__GLIBC__.patch,https://raw.githubusercontent.com/lede-project/source/master/package/network/utils/iproute2/patches/)) $(eval $(call file_download,272-uapi-if_ether.h-prevent-redefinition-of-struct-ethhd.patch,https://raw.githubusercontent.com/lede-project/source/master/package/network/utils/iproute2/patches/)) @@ -220,11 +309,11 @@ $(IPROUTE2_PATH)/.installed: $(IPROUTE2_TAR) | $(DISTFILES_PATH)/271-uapi-libc-c $(IPROUTE2_PATH)/ip/ip: | $(IPROUTE2_PATH)/.installed $(LIBMNL_PATH)/src/.libs/libmnl.a $(USERSPACE_DEPS) LDFLAGS="$(LDFLAGS) -L$(LIBMNL_PATH)/src/.libs" PKG_CONFIG_LIBDIR="$(LIBMNL_PATH)" $(MAKE) -C $(IPROUTE2_PATH) PREFIX=/ ip/ip - strip -s $(IPROUTE2_PATH)/ip/ip + $(STRIP) -s $(IPROUTE2_PATH)/ip/ip $(IPROUTE2_PATH)/misc/ss: | $(IPROUTE2_PATH)/.installed $(LIBMNL_PATH)/src/.libs/libmnl.a $(USERSPACE_DEPS) LDFLAGS="$(LDFLAGS) -L$(LIBMNL_PATH)/src/.libs" PKG_CONFIG_LIBDIR="$(LIBMNL_PATH)" $(MAKE) -C $(IPROUTE2_PATH) PREFIX=/ misc/ss - strip -s $(IPROUTE2_PATH)/misc/ss + $(STRIP) -s $(IPROUTE2_PATH)/misc/ss $(IPTABLES_PATH)/.installed: $(IPTABLES_TAR) mkdir -p $(BUILD_PATH) @@ -234,9 +323,9 @@ $(IPTABLES_PATH)/.installed: $(IPTABLES_TAR) touch $@ $(IPTABLES_PATH)/iptables/xtables-multi: | $(IPTABLES_PATH)/.installed $(LIBMNL_PATH)/src/.libs/libmnl.a $(USERSPACE_DEPS) - cd $(IPTABLES_PATH) && PKG_CONFIG_LIBDIR="$(LIBMNL_PATH)" ./configure --prefix=/ --host=$(CHOST) --enable-static --disable-shared --disable-nftables --disable-bpf-compiler --disable-nfsynproxy --disable-libipq --with-kernel=$(BUILD_PATH)/include + cd $(IPTABLES_PATH) && PKG_CONFIG_LIBDIR="$(LIBMNL_PATH)" ./configure --prefix=/ $(CROSS_COMPILE_FLAG) --enable-static --disable-shared --disable-nftables --disable-bpf-compiler --disable-nfsynproxy --disable-libipq --with-kernel=$(BUILD_PATH)/include $(MAKE) -C $(IPTABLES_PATH) - strip -s $@ + $(STRIP) -s $@ $(NMAP_PATH)/.installed: $(NMAP_TAR) mkdir -p $(BUILD_PATH) @@ -245,9 +334,9 @@ $(NMAP_PATH)/.installed: $(NMAP_TAR) touch $@ $(NMAP_PATH)/ncat/ncat: | $(NMAP_PATH)/.installed $(USERSPACE_DEPS) - cd $(NMAP_PATH) && ./configure --prefix=/ --host=$(CHOST) --enable-static --disable-shared --without-ndiff --without-zenmap --without-nping --with-libpcap=included --with-libpcre=included --with-libdnet=included --without-liblua --with-liblinear=included --without-nmap-update --without-openssl --with-pcap=linux + cd $(NMAP_PATH) && ./configure --prefix=/ $(CROSS_COMPILE_FLAG) --enable-static --disable-shared --without-ndiff --without-zenmap --without-nping --with-libpcap=included --with-libpcre=included --with-libdnet=included --without-liblua --with-liblinear=included --without-nmap-update --without-openssl --with-pcap=linux $(MAKE) -C $(NMAP_PATH) build-ncat - strip -s $@ + $(STRIP) -s $@ clean: rm -rf $(BUILD_PATH) diff --git a/src/tests/qemu/arch/aarch64.config b/src/tests/qemu/arch/aarch64.config new file mode 100644 index 0000000..7f46172 --- /dev/null +++ b/src/tests/qemu/arch/aarch64.config @@ -0,0 +1,4 @@ +CONFIG_SERIAL_AMBA_PL011=y +CONFIG_SERIAL_AMBA_PL011_CONSOLE=y +CONFIG_CMDLINE_BOOL=y +CONFIG_CMDLINE="console=ttyAMA0 wg.success=ttyAMA1" diff --git a/src/tests/qemu/arch/arm.config b/src/tests/qemu/arch/arm.config new file mode 100644 index 0000000..0f39937 --- /dev/null +++ b/src/tests/qemu/arch/arm.config @@ -0,0 +1,8 @@ +CONFIG_MMU=y +CONFIG_ARCH_MULTI_V7=y +CONFIG_ARCH_VIRT=y +CONFIG_THUMB2_KERNEL=n +CONFIG_SERIAL_AMBA_PL011=y +CONFIG_SERIAL_AMBA_PL011_CONSOLE=y +CONFIG_CMDLINE_BOOL=y +CONFIG_CMDLINE="console=ttyAMA0 wg.success=ttyAMA1" diff --git a/src/tests/qemu/arch/i386.config b/src/tests/qemu/arch/i386.config new file mode 100644 index 0000000..ed1e701 --- /dev/null +++ b/src/tests/qemu/arch/i386.config @@ -0,0 +1,4 @@ +CONFIG_SERIAL_8250=y +CONFIG_SERIAL_8250_CONSOLE=y +CONFIG_CMDLINE_BOOL=y +CONFIG_CMDLINE="console=ttyS0 wg.success=ttyS1" diff --git a/src/tests/qemu/arch/mips.config b/src/tests/qemu/arch/mips.config new file mode 100644 index 0000000..f8c7a7f --- /dev/null +++ b/src/tests/qemu/arch/mips.config @@ -0,0 +1,9 @@ +CONFIG_CPU_MIPS32_R2=y +CONFIG_MIPS_MALTA=y +CONFIG_MIPS_CPS=y +CONFIG_POWER_RESET=y +CONFIG_POWER_RESET_SYSCON=y +CONFIG_SERIAL_8250=y +CONFIG_SERIAL_8250_CONSOLE=y +CONFIG_CMDLINE_BOOL=y +CONFIG_CMDLINE="console=ttyS0 wg.success=ttyS1" diff --git a/src/tests/qemu/arch/mips64.config b/src/tests/qemu/arch/mips64.config new file mode 100644 index 0000000..6fc6bc4 --- /dev/null +++ b/src/tests/qemu/arch/mips64.config @@ -0,0 +1,10 @@ +CONFIG_64BIT=y +CONFIG_CPU_MIPS64_R2=y +CONFIG_MIPS_MALTA=y +CONFIG_MIPS_CPS=y +CONFIG_POWER_RESET=y +CONFIG_POWER_RESET_SYSCON=y +CONFIG_SERIAL_8250=y +CONFIG_SERIAL_8250_CONSOLE=y +CONFIG_CMDLINE_BOOL=y +CONFIG_CMDLINE="console=ttyS0 wg.success=ttyS1" diff --git a/src/tests/qemu/arch/mips64el.config b/src/tests/qemu/arch/mips64el.config new file mode 100644 index 0000000..fc1e43a --- /dev/null +++ b/src/tests/qemu/arch/mips64el.config @@ -0,0 +1,11 @@ +CONFIG_64BIT=y +CONFIG_CPU_MIPS64_R2=y +CONFIG_MIPS_MALTA=y +CONFIG_CPU_LITTLE_ENDIAN=y +CONFIG_MIPS_CPS=y +CONFIG_POWER_RESET=y +CONFIG_POWER_RESET_SYSCON=y +CONFIG_SERIAL_8250=y +CONFIG_SERIAL_8250_CONSOLE=y +CONFIG_CMDLINE_BOOL=y +CONFIG_CMDLINE="console=ttyS0 wg.success=ttyS1" diff --git a/src/tests/qemu/arch/mipsel.config b/src/tests/qemu/arch/mipsel.config new file mode 100644 index 0000000..4759a65 --- /dev/null +++ b/src/tests/qemu/arch/mipsel.config @@ -0,0 +1,10 @@ +CONFIG_CPU_MIPS32_R2=y +CONFIG_MIPS_MALTA=y +CONFIG_CPU_LITTLE_ENDIAN=y +CONFIG_MIPS_CPS=y +CONFIG_POWER_RESET=y +CONFIG_POWER_RESET_SYSCON=y +CONFIG_SERIAL_8250=y +CONFIG_SERIAL_8250_CONSOLE=y +CONFIG_CMDLINE_BOOL=y +CONFIG_CMDLINE="console=ttyS0 wg.success=ttyS1" diff --git a/src/tests/qemu/arch/x86_64.config b/src/tests/qemu/arch/x86_64.config new file mode 100644 index 0000000..ed1e701 --- /dev/null +++ b/src/tests/qemu/arch/x86_64.config @@ -0,0 +1,4 @@ +CONFIG_SERIAL_8250=y +CONFIG_SERIAL_8250_CONSOLE=y +CONFIG_CMDLINE_BOOL=y +CONFIG_CMDLINE="console=ttyS0 wg.success=ttyS1" diff --git a/src/tests/qemu/init.c b/src/tests/qemu/init.c index 626ce6a..afbc611 100644 --- a/src/tests/qemu/init.c +++ b/src/tests/qemu/init.c @@ -38,36 +38,41 @@ static void panic(const char *what) #define pretty_message(msg) puts("\x1b[32m\x1b[1m" msg "\x1b[0m") -static void print_banner(const struct utsname *utsname) +static void print_banner(void) { - int len = strlen(" WireGuard Test Suite on ") + strlen(utsname->sysname) + strlen(utsname->release); - printf("\x1b[45m\x1b[33m\x1b[1m%*.s\x1b[0m\n\x1b[45m\x1b[33m\x1b[1m WireGuard Test Suite on %s %s \x1b[0m\n\x1b[45m\x1b[33m\x1b[1m%*.s\x1b[0m\n\n", len, "", utsname->sysname, utsname->release, len, ""); + struct utsname utsname; + int len; + + if (uname(&utsname) < 0) + panic("uname"); + + len = strlen(" WireGuard Test Suite on ") + strlen(utsname.sysname) + strlen(utsname.release) + strlen(utsname.machine); + printf("\x1b[45m\x1b[33m\x1b[1m%*.s\x1b[0m\n\x1b[45m\x1b[33m\x1b[1m WireGuard Test Suite on %s %s %s \x1b[0m\n\x1b[45m\x1b[33m\x1b[1m%*.s\x1b[0m\n\n", len, "", utsname.sysname, utsname.release, utsname.machine, len, ""); } static void seed_rng(void) { - int fd1, fd2, i; + int fd; struct { int entropy_count; int buffer_size; - unsigned char buffer[128]; + unsigned char buffer[256]; } entropy = { - .entropy_count = 128, - .buffer_size = 128 + .entropy_count = sizeof(entropy.buffer) * 8, + .buffer_size = sizeof(entropy.buffer), + .buffer = "Adding real entropy is not actually important for these tests. Don't try this at home, kids!" }; - pretty_message("[+] Ensuring RNG entropy..."); - fd1 = open("/dev/hwrng", O_RDONLY); - fd2 = open("/dev/urandom", O_WRONLY); - if (fd1 < 0 || fd2 < 0) - panic("open(hwrng,urandom)"); - for (i = 0; i < 4096; ++i) { - if (read(fd1, entropy.buffer, 128) != 128) - panic("read(hwrng)"); - if (ioctl(fd2, RNDADDENTROPY, &entropy) < 0) + + if (mknod("/dev/urandom", S_IFCHR | 0644, makedev(1, 9))) + panic("mknod(/dev/urandom)"); + fd = open("/dev/urandom", O_WRONLY); + if (fd < 0) + panic("open(urandom)"); + for (int i = 0; i < 256; ++i) { + if (ioctl(fd, RNDADDENTROPY, &entropy) < 0) panic("ioctl(urandom)"); } - close(fd1); - close(fd2); + close(fd); } static void mount_filesystems(void) @@ -142,8 +147,10 @@ static void kmod_selftests(void) static void launch_tests(void) { + char cmdline[4096], *success_dev; int status, fd; pid_t pid; + pretty_message("[+] Launching tests..."); pid = fork(); if (pid == -1) @@ -156,26 +163,32 @@ static void launch_tests(void) panic("waitpid"); if (WIFEXITED(status) && WEXITSTATUS(status) == 0) { pretty_message("[+] Tests successful! :-)"); - fd = open("/dev/vport1p1", O_WRONLY); + fd = open("/proc/cmdline", O_RDONLY); if (fd < 0) - panic("open(vport1p1)"); + panic("open(/proc/cmdline)"); + if (read(fd, cmdline, sizeof(cmdline) - 1) <= 0) + panic("read(/proc/cmdline)"); + cmdline[sizeof(cmdline) - 1] = '\0'; + for (success_dev = strtok(cmdline, " \n"); success_dev; success_dev = strtok(NULL, " \n")) { + if (strncmp(success_dev, "wg.success=", 11)) + continue; + memcpy(success_dev + 11 - 5, "/dev/", 5); + success_dev += 11 - 5; + break; + } + if (!success_dev || !strlen(success_dev)) + panic("Unable to find success device"); + + fd = open(success_dev, O_WRONLY); + if (fd < 0) + panic("open(success_dev)"); if (write(fd, "success\n", 8) != 8) - panic("write(success)"); + panic("write(success_dev)"); close(fd); } else puts("\x1b[31m\x1b[1m[-] Tests failed! :-(\x1b[0m"); } -static bool linux_4_8_or_higher(const struct utsname *utsname) -{ - unsigned int maj, min, rel; - if (strcmp(utsname->sysname, "Linux")) - return false; - if (sscanf(utsname->release, "%u.%u.%u", &maj, &min, &rel) != 3) - return false; - return KERNEL_VERSION(maj, min, rel) >= KERNEL_VERSION(4, 8, 0); -} - static void ensure_console(void) { for (unsigned int i = 0; i < 1000; ++i) { @@ -196,16 +209,11 @@ static void ensure_console(void) int main(int argc, char *argv[]) { - struct utsname utsname; - + seed_rng(); ensure_console(); - if (uname(&utsname) < 0) - panic("uname"); - print_banner(&utsname); + print_banner(); mount_filesystems(); kmod_selftests(); - if (!linux_4_8_or_higher(&utsname)) - seed_rng(); enable_logging(); launch_tests(); poweroff(); diff --git a/src/tests/qemu/kernel.config b/src/tests/qemu/kernel.config index 7b0b1e3..398ce71 100644 --- a/src/tests/qemu/kernel.config +++ b/src/tests/qemu/kernel.config @@ -22,21 +22,12 @@ CONFIG_IP_NF_NAT=y CONFIG_TTY=y CONFIG_BINFMT_ELF=y CONFIG_BINFMT_SCRIPT=y -CONFIG_PCI=y -CONFIG_PCI_MSI=y -CONFIG_PCI_HOST_COMMON=y -CONFIG_PCI_HOST_GENERIC=y +CONFIG_VDSO=y CONFIG_VIRTUALIZATION=y CONFIG_HYPERVISOR_GUEST=y CONFIG_PARAVIRT=y CONFIG_KVM_GUEST=y CONFIG_PARAVIRT_SPINLOCKS=y -CONFIG_VIRTIO=y -CONFIG_VIRTIO_PCI=y -CONFIG_VIRTIO_CONSOLE=y -CONFIG_VIRTIO_PCI_LEGACY=y -CONFIG_HW_RANDOM=y -CONFIG_HW_RANDOM_VIRTIO=y CONFIG_PRINTK=y CONFIG_KALLSYMS=y CONFIG_BUG=y @@ -83,7 +74,5 @@ CONFIG_BOOTPARAM_HUNG_TASK_PANIC=y CONFIG_PANIC_TIMEOUT=-1 CONFIG_STACKTRACE=y CONFIG_EARLY_PRINTK=y -CONFIG_CMDLINE_BOOL=y -CONFIG_CMDLINE="console=hvc0" CONFIG_WIREGUARD=y CONFIG_WIREGUARD_DEBUG=y |