Building from source on Linux with kernel patch

From OpenHIP
Jump to: navigation, search

Main Page - Overview - Installation - Configuration - Usage - Contributing - Doxygen - Links

Note: This mode is no longer supported in OpenHIP as of release 0.9.

Building from source on Linux with kernel patch

Download the source tarball.

Kernel patch

Copy the kernel source tarball (for example, linux-2.6.13.5.tar.bz2) to a build area, normally /usr/src. Get the HIP kernel patch (for example, linux-2.6.13.5-hip.patch) and apply it to the kernel source. Configure the kernel (make xconfig) using the following options:

Device Drivers / Networking support / Networking options
   Boeing HIP Implementation (CONFIG_BOEING_HIP=y)
   PF_KEY sockets (CONFIG_NET_KEY=y)
   IP: AH transformation (CONFIG_INET_AH=y)
   IP: ESP transformation (CONFIG_INET_ESP=y)
   IPsec user configuration interface (CONFIG_XFRM_USER=y)

And for IPv6 support (do not compile as modules):

Code maturity level options
   Prompt for development and/or incomplete code/drivers (CONFIG_EXPERIMENTAL=y)
Device Drivers / Networking support / Networking options
   The IPv6 protocol (CONFIG_IPV6=y)
     IPv6: AH transformation (CONFIG_INET6_AH=y)
     IPv6: ESP transformation (CONFIG_INET6_ESP=y)

Also add desired cryptographic options:

Cryptographic options
   HMAC support
   Null algorithms (CONFIG_CRYPTO_NULL=y/m)
   MD5 digest algorithm (CONFIG_CRYPTO_MD5=y/m)
   SHA1 digest algorithm (CONFIG_CRYPTO_SHA1=y/m)
   DES and Triple DES EDE cipher algorithms (CONFIG_CRYPTO_DES=y/m)
   BLOWFISH cipher algorithm (CONFIG_CRYPTO_BLOWFISH=y/m)
   AES cipher algorithms (i586) (CONFIG_CRYPTO_AES_586=y/m)

If upgrading from a 2.4.x series kernel, we suggest compiling all the necessary drivers and options into the kernel rather than using the loadable module support; the 2.6 kernel modutils are incompatible with previous (2.4) kernels, so installing them may eliminate booting other kernels on your system. Compile the kernel, which can take quite a bit of time, and install the boot image into your boot loader.

su
cp /mnt/cdrom/packages/linux-2.6.13.5.tar.bz2 /usr/src
cp /mnt/cdrom/kernel/linux-2.6.13.5-hip.patch /usr/src
tar xjf linux-2.6.13.5.tar.bz2
mv linux-2.6.13.5 linux-2.6.13.5-hip
cd linux-2.6.13.5-hip
patch -p1 < ../linux-2.6.13.5-hip.patch
make xconfig

After selecting the appropriate options, build the kernel with:

make bzImage
make modules
make modules_install
make install

Or you can manually copy the kernel instead of running 'make install':

cp arch/i386/boot/bzImage /boot/vmlinuz-2.6.13.5-hip
cp System.map /boot/System.map-2.6.13.5-hip

On some systems it may be necessary to set the environment variable ARCH=i386, if the compiler produces errors about missing architecture directories. Make a symbolic link /usr/src/linux to the new kernel directory so that other packages will later build correctly:

ln -s /usr/src/linux-2.6.13.5-hip /usr/src/linux

If you ran 'make install' as shown above, an entry for the new HIP kernel should be already added to your bootloader. Two common bootloaders used in Linux are LILO and GRUB. For LILO, edit /etc/lilo.conf to add an entry for your new HIP kernel, and finally issue the command lilo before rebooting. Here is an example lilo.conf entry:

image=/boot/vmlinuz-2.6.13.5-hip
        label=HIP
        read-only
        append="hdc=ide-scsi root=LABEL=/"

For GRUB, edit /etc/grub.conf and add an entry for your new HIP kernel. Here is an example grub.conf entry:

title HIP (2.6.13.5-hip)
        root (hd0,5)
        kernel /vmlinuz-2.6.13.5-hip ro root=LABEL=/ hdc=ide-scsi

After making necessary changes to your bootloader, you are ready to reboot your machine and select the HIP kernel for booting. Note that it is a good idea to leave your existing kernel intact and leave its GRUB or LILO entry in place just in case there is a problem booting your new HIP kernel.

Libipsec patch

Please follow these instructions for patching IPsec tools.

Building hipd

The C source code for hipd and hitgen are provided in the src directory. Copy the source to a build area and use make to compile.

cd ~
tar xzvf hip-0.5.tgz
cd hip-0.5
./bootstrap.sh
./configure --enable-kernel-support
make

When building, the linker searches for the crypto, libxml2, and libipsec libraries. One requirement is that /usr/src/linux links to or contains the patched 2.6 kernel source:

ln -s /usr/src/linux-2.6.13.5-hip /usr/src/linux

A successful build results in the hitgen and hipd binaries. Please refer to the Configuration section to get HIP up and running.