blob: c52f9b87959cec390659330a01bd69e7bea5685c (
plain) (
tree)
|
|
<!DOCTYPE html>
<html dir="ltr" lang="en">
<head>
<meta charset='utf-8'>
<title>2.1. Kernel Linux</title>
</head>
<body>
<a href="index.html">Core OS Index</a>
<h1 id="kernel">2.1. Kernel Linux</h1>
<p>Linux is a monolith kernel, a big one ! Visit
<a href="http://www.fsfla.org/ikiwiki/selibre/linux-libre/">Linux Libre</a>
and
<a href="https://www.kernel.org/">Linux Non-Libre</a> pages for more links
and information.</p>
<h2 id="#linuxlibre">2.1.1. Port Linux Libre</h2>
<p>Default crux configuration can be obtained from iso,
kernel port depends on dracut and grub but is not required
to install them. To build and install this port using prt-get;</p>
<pre>
$ prt-get depinst linux-libre
</pre>
<h2 id="kinstall">2.1.2. Manual Install</h2>
<p>Download Linux Source from
<a href="http://linux-libre.fsfla.org/pub/linux-libre/releases/">linux libre</a>,
or using the port system;</p>
<p>Crux iso comes with config that is more generic than used on
linux-libre port, crux default is a good starting point to
personalize according to your needs (build default, detect modules
needed);</p>
<pre>
$ mkdir ~/kernel
$ cd ~/kernel
$ tar xf /usr/ports/distfiles/linux-libre-4.9.12-grsec.tar.xz
$ cd linux-4.9.12/
</pre>
<p><a href="https://grsecurity.net">Grsecurity</a> patch for
<a href="https://grsecurity.net/test/grsecurity-3.1-4.9.12-201702231830.patch">4.9.12</a>.
Gcc <a href="https://github.com/graysky2/kernel_gcc_patch/">graysky2</a> kernel_gcc_patch (<a href="https://github.com/graysky2/kernel_gcc_patch/archive/master.zip">master.zip</a>)
that adds more cpu options (FLAGS native).
Check <a href="ports/linux-libre/Pkgfile">Pkgfile</a>
for instructions and more patches used on linux-libre port.
Read patching your kernel with
<a href="https://en.wikibooks.org/wiki/Grsecurity/Configuring_and_Installing_grsecurity#Patching_Your_Kernel_with_grsecurity">gresecurity</a>.</p>
<p>Apply grsecurity patch;</p>
<pre>
$ patch -p1 < ../grsecurity-3.1-4.9.12-201702231830.patch
</pre>
<p>Set correct version;</p>
<pre>
$ rm localversion-grsec
</pre>
<p>Edit Makefile and replace EXTRAVERSION;</p>
<pre>
VERSION = 4
PATCHLEVEL = 9
SUBLEVEL = 12
EXTRAVERSION = -grsec
NAME = Roaring Lionus
</pre>
<p>Change cpu optimization patch;</p>
<pre>
depends on (MK8 || MK7 || MCORE2 || MPENTIUM4 || MPENTIUMM || MPENTIUMIII || MPENTIUMII || M686 || MVIAC3_2 || MVIAC7 || MCRUSOE || MEFFICEON || X86_64 || MATOM || MGEODE_LX)
</pre>
<p>to;</p>
<pre>
depends on (MK8 || MK7 || MCORE2 || MPSC || MPENTIUM4 || MPENTIUMM || MPENTIUMIII || MPENTIUMII || M686 || MVIAC3_2 || MVIAC7 || MCRUSOE || MEFFICEON || X86_64 || MATOM || MGEODE_LX)
</pre>
<p>Apply additional cpu optimizations patch;</p>
<pre>
$ patch -p1 < ../enable_additional_cpu_optimizations_for_gcc_v4.9%2B_kernel_v3.15%2B.patch
</pre>
<p>Configure kernel according to your current kernel
hardware support;</p>
<pre>
$ make localmodconfig
</pre>
<p>Get information about your hardware, for example information
about which graphic module (driver) is in use
as root run;</p>
<pre>
# lspci -nnk | grep -i vga -A3 | grep 'in use'
Kernel driver in use: i915
</pre>
<p>Before start compiling check configuration;</p>
<pre>
$ make nconfig
</pre>
<p>Make targets;</p>
<pre>
$ make help
Cleaning targets:
clean - Remove most generated files but keep the config and
enough build support to build external modules
mrproper - Remove all generated files + config + various backup files
distclean - mrproper + remove editor backup and patch files
Configuration targets:
config - Update current config utilising a line-oriented program
nconfig - Update current config utilising a ncurses menu based
program
menuconfig - Update current config utilising a menu based program
xconfig - Update current config utilising a Qt based front-end
gconfig - Update current config utilising a GTK+ based front-end
oldconfig - Update current config utilising a provided .config as base
localmodconfig - Update current config disabling modules not loaded
localyesconfig - Update current config converting local mods to core
silentoldconfig - Same as oldconfig, but quietly, additionally update deps
defconfig - New config with default from ARCH supplied defconfig
savedefconfig - Save current config as ./defconfig (minimal config)
allnoconfig - New config where all options are answered with no
allyesconfig - New config where all options are accepted with yes
allmodconfig - New config selecting modules when possible
alldefconfig - New config with all symbols set to default
randconfig - New config with random answer to all options
listnewconfig - List new options
olddefconfig - Same as silentoldconfig but sets new symbols to their
default value
kvmconfig - Enable additional options for kvm guest kernel support
xenconfig - Enable additional options for xen dom0 and guest kernel support
tinyconfig - Configure the tiniest possible kernel
Other generic targets:
all - Build all targets marked with [*]
* vmlinux - Build the bare kernel
* modules - Build all modules
modules_install - Install all modules to INSTALL_MOD_PATH (default: /)
firmware_install- Install all firmware to INSTALL_FW_PATH
(default: $(INSTALL_MOD_PATH)/lib/firmware)
dir/ - Build all files in dir and below
dir/file.[ois] - Build specified target only
dir/file.lst - Build specified mixed source/assembly target only
(requires a recent binutils and recent build (System.map))
dir/file.ko - Build module including final link
modules_prepare - Set up for building external modules
tags/TAGS - Generate tags file for editors
cscope - Generate cscope index
gtags - Generate GNU GLOBAL index
kernelrelease - Output the release version string (use with make -s)
kernelversion - Output the version stored in Makefile (use with make -s)
image_name - Output the image name (use with make -s)
headers_install - Install sanitised kernel headers to INSTALL_HDR_PATH
(default: ./usr)
Static analysers
checkstack - Generate a list of stack hogs
namespacecheck - Name space analysis on compiled kernel
versioncheck - Sanity check on version.h usage
includecheck - Check for duplicate included header files
export_report - List the usages of all exported symbols
headers_check - Sanity check on exported headers
headerdep - Detect inclusion cycles in headers
coccicheck - Check with Coccinelle.
Kernel selftest
kselftest - Build and run kernel selftest (run as root)
Build, install, and boot kernel before
running kselftest on it
kselftest-clean - Remove all generated kselftest files
kselftest-merge - Merge all the config dependencies of kselftest to existed
.config.
Kernel packaging:
rpm-pkg - Build both source and binary RPM kernel packages
binrpm-pkg - Build only the binary kernel RPM package
deb-pkg - Build both source and binary deb kernel packages
bindeb-pkg - Build only the binary kernel deb package
tar-pkg - Build the kernel as an uncompressed tarball
targz-pkg - Build the kernel as a gzip compressed tarball
tarbz2-pkg - Build the kernel as a bzip2 compressed tarball
tarxz-pkg - Build the kernel as a xz compressed tarball
perf-tar-src-pkg - Build perf-4.9.9-gnu.tar source tarball
perf-targz-src-pkg - Build perf-4.9.9-gnu.tar.gz source tarball
perf-tarbz2-src-pkg - Build perf-4.9.9-gnu.tar.bz2 source tarball
perf-tarxz-src-pkg - Build perf-4.9.9-gnu.tar.xz source tarball
Documentation targets:
Linux kernel internal documentation in different formats (Sphinx):
htmldocs - HTML
latexdocs - LaTeX
pdfdocs - PDF
epubdocs - EPUB
xmldocs - XML
cleandocs - clean all generated files
make SPHINXDIRS="s1 s2" [target] Generate only docs of folder s1, s2
valid values for SPHINXDIRS are: development-process media gpu 80211
make SPHINX_CONF={conf-file} [target] use *additional* sphinx-build
configuration. This is e.g. useful to build with nit-picking config.
Linux kernel internal documentation in different formats (DocBook):
htmldocs - HTML
pdfdocs - PDF
psdocs - Postscript
xmldocs - XML DocBook
mandocs - man pages
installmandocs - install man pages generated by mandocs
cleandocs - clean all generated DocBook files
make DOCBOOKS="s1.xml s2.xml" [target] Generate only docs s1.xml s2.xml
valid values for DOCBOOKS are: z8530book.xml kernel-hacking.xml kernel-locking.xml deviceiobook.xml writing_usb_driver.xml networking.xml kernel-api.xml filesystems.xml lsm.xml usb.xml kgdb.xml gadget.xml libata.xml mtdnand.xml librs.xml rapidio.xml genericirq.xml s390-drivers.xml uio-howto.xml scsi.xml debugobjects.xml sh.xml regulator.xml alsa-driver-api.xml writing-an-alsa-driver.xml tracepoint.xml w1.xml writing_musb_glue_layer.xml crypto-API.xml iio.xml
make DOCBOOKS="" [target] Don't generate docs from Docbook
This is useful to generate only the ReST docs (Sphinx)
Architecture specific targets (x86):
* bzImage - Compressed kernel image (arch/x86/boot/bzImage)
install - Install kernel using
(your) ~/bin/installkernel or
(distribution) /sbin/installkernel or
install to $(INSTALL_PATH) and run lilo
fdimage - Create 1.4MB boot floppy image (arch/x86/boot/fdimage)
fdimage144 - Create 1.4MB boot floppy image (arch/x86/boot/fdimage)
fdimage288 - Create 2.8MB boot floppy image (arch/x86/boot/fdimage)
isoimage - Create a boot CD-ROM image (arch/x86/boot/image.iso)
bzdisk/fdimage*/isoimage also accept:
FDARGS="..." arguments for the booted kernel
FDINITRD=file initrd for the booted kernel
i386_defconfig - Build for i386
x86_64_defconfig - Build for x86_64
make V=0|1 [targets] 0 => quiet build (default), 1 => verbose build
make V=2 [targets] 2 => give reason for rebuild of target
make O=dir [targets] Locate all output files in "dir", including .config
make C=1 [targets] Check all c source with $CHECK (sparse by default)
make C=2 [targets] Force check of all c source with $CHECK
make RECORDMCOUNT_WARN=1 [targets] Warn about ignored mcount sections
make W=n [targets] Enable extra gcc checks, n=1,2,3 where
1: warnings which may be relevant and do not occur too often
2: warnings which occur quite often but may still be relevant
3: more obscure warnings, can most likely be ignored
Multiple levels can be combined with W=12 or W=123
Execute "make" or "make all" to build all targets marked with [*]
For further info see the ./README file
$
</pre>
<pre>
$ make -j $(nproc) bzImage modules
$ sudo make modules_install
$ sudo cp arch/x86/boot/bzImage /boot/vmlinuz-4.9.12-grsec
$ sudo cp System.map /boot/System.map-4.9.12-grsec
</pre>
<p>Update grub;</p>
<pre>
# grub-mkconfig -o /boot/grub/grub.cfg
</pre>
<h2 id="kuninstall">2.1.3. Manual Remove</h2>
<pre>
$ sudo rm -r /lib/modules/4.9.12-grsec
$ sudo rm /boot/vmlinuz-4.9.12-grsec
$ sudo rm /boot/System.map-4.9.12-grsec
</pre>
<h2 id="dracut">2.1.4. Dracut</h2>
<p>Install dracut;</p>
<pre>
# cd /usr/ports/c9-ports/dracut
# pkgmk -d
# pkgadd /usr/ports/packages/dracut#044-2.pkg.tar.gz
</pre>
<p>Review configuration file;</p>
<pre>
# PUT YOUR CONFIG IN separate files
# in /etc/dracut.conf.d named "<name>.conf"
# Equivalent to -H
hostonly="yes"
# Mount / and /usr read-only by default.
ro_mnt="no"
# Equivalent to -m "module module module"
dracutmodules+="dash kernel-modules rootfs-block udev-rules usrmount base fs-lib shutdown"
# Equivalent to -a "module"
add_dracutmodules+="caps debug"
# Equivalent to -o "module"
#omit_dracutmodules+="systemd systemd-bootchart systemd-networkd systemd-initrd"
# SEE man dracut.conf(5) for options
</pre>
<p>Run dracut to create init ram filesystem for
port linux-blob kernel;</p>
<pre>
# dracut -v /boot/initramfs-4.9.11-blob.img 4.9.11-blob
</pre>
<a href="index.html">Core OS Index</a>
<p>This is part of the c9-doc Manual.
Copyright (C) 2017
c9 team.
See the file <a href="../fdl-1.3-standalone.html">Gnu Free Documentation License</a>
for copying conditions.</p>
</body>
</html>
|