Public bug reported: [Impact]
In older kernels, like focal, Wireguard used to be maintained as an external module (wireguard-linux-compat dkms). This dkms is not maintained anymore, but upstream maintainer periodically provides backported patches for older kernels (like 5.4) in this git repository https://git.zx2c4.com/wireguard-linux. In order to properly support Wireguard with all the recent security updates, fixes, etc. it would be more efficient for us to apply the backported patch set officially provided by the upstream maintainer, instead of maintaining these changes in a separate dkms. [Test case] We need to figure out a proper test case to verify that wireguard is applied and it's working correctly. [Fix] Apply the backported wireguard patch set provided by the upstream maintainer as UBUNTU SAUCE patches. [Where things could go wrong] We don't have a precise plan to keep the patches updated after some SRU patches are applied to our kernel. A quick and dirty solution could be to revert the wireguard patch set entirely, apply the SRU patches, then re-apply the latest wireguard patch set on top. But we probably need to figure out a better workflow. Also this patch set is probably going to conflict with wireguard-linux- compat dkms, but that is the whole point, we want to deprecate this dkms and merge wireguard into our kernel directly. ** Affects: linux (Ubuntu) Importance: Undecided Status: Incomplete ** Affects: linux (Ubuntu Focal) Importance: Undecided Status: Incomplete ** Also affects: linux (Ubuntu Focal) Importance: Undecided Status: New -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1998902 Title: merge wireguard into the kernel Status in linux package in Ubuntu: Incomplete Status in linux source package in Focal: Incomplete Bug description: [Impact] In older kernels, like focal, Wireguard used to be maintained as an external module (wireguard-linux-compat dkms). This dkms is not maintained anymore, but upstream maintainer periodically provides backported patches for older kernels (like 5.4) in this git repository https://git.zx2c4.com/wireguard-linux. In order to properly support Wireguard with all the recent security updates, fixes, etc. it would be more efficient for us to apply the backported patch set officially provided by the upstream maintainer, instead of maintaining these changes in a separate dkms. [Test case] We need to figure out a proper test case to verify that wireguard is applied and it's working correctly. [Fix] Apply the backported wireguard patch set provided by the upstream maintainer as UBUNTU SAUCE patches. [Where things could go wrong] We don't have a precise plan to keep the patches updated after some SRU patches are applied to our kernel. A quick and dirty solution could be to revert the wireguard patch set entirely, apply the SRU patches, then re-apply the latest wireguard patch set on top. But we probably need to figure out a better workflow. Also this patch set is probably going to conflict with wireguard- linux-compat dkms, but that is the whole point, we want to deprecate this dkms and merge wireguard into our kernel directly. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1998902/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
