Quartz64-A with legacy kernel 4.19.y

shelldweller · 12-18-2021, 08:40 AM

I have been testing out images for the Quartz64 Model A. I realize that this board is a work in progress and not everything is fully supported upstream. I am just starting this thread to document my progress with this board in a public forum.

First, I had to get a new monitor because my old VGA monitor was not receiving a full signal through the HDMI-to-VGA converter that had always worked with other boards. I am now using the legacy kernel (4.19.221 as I type this) because my new monitor's resolution is 1600x1200 and the next kernel cannot output video at this resolution. Also my monitor does not want to switch to a lower resolution for some reason. However, on the legacy kernel, my monitor works flawlessly at full resolution. Yay!

Then I noticed that LAN works fine before I log into a GUI session, but once X starts, it knocks out the Ethernet port for some reason. So I have been using a USB-Ethernet dongle, which is working fine for the moment.

The main thing I am focused on now is Wireguard support. I have tried building the legacy kernel both with and without the external wireguard patch, as well as building the wireguard-linux-compat package from slackbuilds.org. I have tried every combination of those options, and no matter what I do, I am getting this error when running wg-quick up myvpn.conf :

Code:

RTNETLINK answers: Operation not supported

I tried rebuilding the kernel with the config options from the Gentoo Wiki, which triggered a bunch more options during the compile stage. I answered either Y or M to all of those. It resulted in a working kernel, but I still get the same RTNETLINK error as above. I then turned on a bunch of NETLINK kernel configs, got a working kernel, and I STILL cannot get wireguard working.

For reference, it works fine on the Pinebook A64 with both a next and legacy kernels. So I know it is possible. Something is just missing on the Quartz64 kernels to make it work right.

Any ideas? All my searches bring up Debian posts where the solution is to upgrade the kernel headers, so the advice does not really apply here.

P.S. - The only other thing that has me stymied is SATA support. From what I can tell from the dev wiki it is supposed to be working. But I have an eSATA dock that the Quartz64 can only see through USB. If I boot it up with the SATA-to-eSATA cable attached, then it does not see it at all, with or without the USB cable. But this can be another post for another day, I am mostly focused on the Wireguard support at the moment.

Thanks much. It's nice to have our own distro forum!

sndwvs · 12-18-2021, 08:48 AM

Thanks shelldweller,

need logs dmesg, lsmod.

I tried it myself, the module is loaded, the interface is being created.

Code:

# name -a
Linux quartz64 4.19.220 #1 SMP Wed Dec 8 17:10:21 UTC 2021 aarch64 GNU/Linux

# touch /etc/wireguard/wl0.conf
# wg-quick up wl0
# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
    link/ether 82:7b:01:47:1b:b0 brd ff:ff:ff:ff:ff:ff
3: wl0: <POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1420 qdisc noqueue state UNKNOWN group default qlen 1000
    link/none

# lsmod
Module                  Size  Used by
wireguard             139264  0
ip6_udp_tunnel         16384  1 wireguard
udp_tunnel             16384  1 wireguard

# dmesg
[  319.315330] wireguard: WireGuard 1.0.20211208 loaded. See www.wireguard.com for information.
[  319.315342] wireguard: Copyright (C) 2015-2019 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.

shelldweller · 12-18-2021, 01:21 PM

Thanks sndwvs,

Ah, right, logs, those would help.

Here are all the logs.

I can reproduce your steps and get the same results with the module loading, etc...

Code:

root@quartz64:~# name -a
Linux quartz64.lan 4.19.221 #1 SMP Fri Dec 17 16:09:01 MST 2021 aarch64 GNU/Linux
root@quartz64:~# touch /etc/wireguard/wl0.conf                                                                                   
root@quartz64:~# wg-quick up wl0
[#] ip link add wl0 type wireguard                                                                                                                                  
[#] wg setconf wl0 /dev/fd/63                                                                                                                                       
[#] ip link set mtu 1420 up dev wl0                                                                                                                                 
root@quartz64:~# ip a                                                                                                                                               
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000                                                                                               
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00                                                                                                           
    inet 127.0.0.1/8 scope host lo                                                                                                                                  
       valid_lft forever preferred_lft forever                                                                                                                      
    inet6 ::1/128 scope host                                                                                                                                        
       valid_lft forever preferred_lft forever                                                                                                                      
2: eth0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000                                                             
    link/ether fe:7f:1c:63:7e:41 brd ff:ff:ff:ff:ff:ff                                                                                                              
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000                                                                                                                             
    link/ether 00:e0:4c:68:44:98 brd ff:ff:ff:ff:ff:ff                                                                                                              
    inet 192.168.10.109/24 brd 192.168.10.255 scope global dynamic noprefixroute eth1                                                                               
       valid_lft 43048sec preferred_lft 43048sec
    inet6 2601:8c3:4200:355::437/128 scope global dynamic noprefixroute 
       valid_lft 193332sec preferred_lft 193332sec
    inet6 fdd1:4bc0:3c2d::437/128 scope global noprefixroute 
       valid_lft forever preferred_lft forever
    inet6 fdd1:4bc0:3c2d:0:7118:179d:1782:bf03/64 scope global noprefixroute 
       valid_lft forever preferred_lft forever
    inet6 2601:8c3:4200:355:16f2:4db2:6370:c87c/64 scope global dynamic noprefixroute 
       valid_lft 193333sec preferred_lft 193333sec
    inet6 fe80::6957:51d2:8dfa:e8a1/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever
4: wl0: <POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1420 qdisc noqueue state UNKNOWN group default qlen 1000
    link/none 
root@quartz64:~# lsmod
Module                  Size  Used by
wireguard             139264  0
ip6_udp_tunnel         16384  1 wireguard
udp_tunnel             16384  1 wireguard
root@quartz64:~# dmesg | grep wireguard
[  149.605610] wireguard: WireGuard 1.0.20211208 loaded. See www.wireguard.com for information.
[  149.605621] wireguard: Copyright (C) 2015-2019 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
root@quartz64:~#

However, if I then try to follow the instructions for the free VPN from cryptostorm.is (free so easy to test), I then get this output (keys scrubbed):

Code:

root@quartz64:~# cd /etc/wireguard
root@quartz64:/etc/wireguard# ls
cs-free.conf  privatekey  publickey  wl0.conf
root@quartz64:/etc/wireguard# umask 077
root@quartz64:/etc/wireguard# wg genkey > privatekey
root@quartz64:/etc/wireguard# wg pubkey < privatekey > publickey
root@quartz64:/etc/wireguard# cat publickey
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
root@quartz64:/etc/wireguard# ls
cs-free.conf  privatekey  publickey  wl0.conf
root@quartz64:/etc/wireguard# nano cs-free.conf
root@quartz64:/etc/wireguard# cat privatekey
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
root@quartz64:/etc/wireguard# nano cs-free.conf
root@quartz64:/etc/wireguard# wg-quick up cs-free
[#] ip link add cs-free type wireguard
[#] wg setconf cs-free /dev/fd/63
[#] ip -4 address add 10.10.158.51 dev cs-free
[#] ip link set mtu 1420 up dev cs-free
[#] resolvconf -a cs-free -m 0 -x
[#] wg set cs-free fwmark 51820
[#] ip -6 route add ::/0 dev cs-free table 51820
[#] ip -6 rule add not fwmark 51820 table 51820
RTNETLINK answers: Operation not supported
[#] resolvconf -d cs-free -f
[#] ip link delete dev cs-free

Here is my cs-free.conf file (keys scrubbed):

Code:

[Interface]
PrivateKey = xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Address = 10.10.158.51
DNS = 10.31.33.7

[Peer]
Presharedkey = xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
PublicKey = 1RQkmVFsPFeYFNK1wE3/eznIcNasyLmTCWDnPSRNoD8=

Endpoint = cryptofree.cstorm.is:443
AllowedIPs = 0.0.0.0/0
PersistentKeepalive = 25

There are some IPV6 errors in dmesg about eth0, but I think they are unrelated. The dongle shows up as eth1.

The exact same sequence of commands and appropriate config file results in a secure connection on the Pinebook, for comparison. This worked with both the legacy and next kernel if I remember correctly. I never saw this problem on that device, in any case. The error message in bold (above) never shows up on Pinebook. I can post the Pinebook output here later if that would help.

I also have tried creating the connection via the NetworkManager applet, as this works on the Pinebook as well. If I try the same steps on the Quartz64, it just results in a dead connection and have to turn off the VPN to get network activity again.

I used the same Ethernet dongle on the Pinebook, so I doubt that is the issue. It also works on Pinebook over WLAN.

The only major difference I can think of is that the legacy kernel on Pinebook is 5.4.y, while Quartz64 has 4.19.y. The Wireguard patch is supposed to be good back to 3.6.y or something like that, so the kernel is new enough to support it in theory.

Anyway, more later, thanks....

shelldweller · 01-17-2022, 08:10 PM

Just a brief update..... I have not solved this yet, but I was able to connect to the same VPN using the openvpn method without any issues. Not a huge surprise, but it is nice to know there is an alternative method, at least. Next up, I will see what I can figure out about the SATA port. I will probably start a separate thread for that issue though.

If I can ever get wireguard working on this board, I will post an update here. But for now, it is not an urgent issue by any means.