-
Notifications
You must be signed in to change notification settings - Fork 0
Framework for writing Out-of-Tree Kernel Modules #13
Comments
I'm assigning myself as well, as I need to show @ramwan how to use nix-shell and Nix to setup a relevant development environment for Haskell, C, Go and Kernel Development. |
We went through an example of creating a shell.nix for Haskell/Stack + Go development, and worked through an example of binding to C code, either from the standard library or via a shared object. Note that Haskell's RTS enables GHCi runtime linking. You have to use Shared object linking is fine, but I wish to get some documentation on static linking and linking configured by stack instead of using |
Notes on enabling Wireguard and IPVS on nixos:
|
IPVS is an "in-tree" kernel module, that's why it can just be enabled using Also the Later when wireguard gets merged and becomes an in-tree kernel module, you can just load it via |
It's important to understand this: https://stackoverflow.com/questions/22891705/whats-the-difference-between-insmod-and-modprobe Basically use If you try to use Another thing is that the Note that you don't actually need to run: |
From inspecting the netfilter code, we may need to write custom kernel modules to achieve some of our Relay or Emergence goals.
So here I've sketched out a skeleton for writing kernel modules. It is based on the Wireguard software.
The wireguard-tools is a package containing userspace tools which relies on the wireguard kernel module. In most packaging systems, these are separated. We would do something similar. However because wireguard is out-of-tree, the source code for both the userspace code and kernel space code is in the same location. Which makes it easier for us. That code is here: https://github.com/WireGuard/WireGuard/tree/master/src
In NixOS, the userspace tools derivation is here: https://github.com/NixOS/nixpkgs/blob/master/pkgs/tools/networking/wireguard-tools/default.nix while the kernel module derivation which uses
wireguard-tools
as a dependency (but only for it derivation attributes, not as a package dependency (remember this is important!)) is here: https://github.com/NixOS/nixpkgs/blob/master/pkgs/os-specific/linux/wireguard/default.nixFinally the wireguard kernel module is written using the DKMS framework. https://github.com/dell/dkms It appears to allow kernel modules to be recompiled when a new kernel is installed. I don't know if this is relevant when using NixOS, since we don't have this sort of automatic recompilation happening except via explicitly through the Nix evaluation system.
The text was updated successfully, but these errors were encountered: