diff options
| author | Silvino Silva <silvino@bk.ru> | 2017-08-02 01:04:50 +0100 |
|---|---|---|
| committer | Silvino Silva <silvino@bk.ru> | 2017-08-02 01:04:50 +0100 |
| commit | b1b5779493352c72cced0251625d0b850ebac5b8 (patch) | |
| tree | 0f40548a2b5c8eaf9bd99423e21b8baf63b83d65 /core/linux.html | |
| parent | ed23bb3344ec5be2893db8d8d838c38c9f2baacd (diff) | |
| parent | 65167272a3ba52dc4d032a1c60a9ff030408047d (diff) | |
| download | doc-b1b5779493352c72cced0251625d0b850ebac5b8.tar.gz | |
new release 0.3.1
Diffstat (limited to 'core/linux.html')
| -rw-r--r-- | core/linux.html | 309 |
1 files changed, 259 insertions, 50 deletions
diff --git a/core/linux.html b/core/linux.html index 53fc304..c52f9b8 100644 --- a/core/linux.html +++ b/core/linux.html @@ -2,12 +2,12 @@ <html dir="ltr" lang="en"> <head> <meta charset='utf-8'> - <title>2.3. Kernel Linux</title> + <title>2.1. Kernel Linux</title> </head> <body> <a href="index.html">Core OS Index</a> - <h1 id="kernel">2.3. Kernel Linux</h1> + <h1 id="kernel">2.1. Kernel Linux</h1> <p>Linux is a monolith kernel, a big one ! Visit <a href="http://www.fsfla.org/ikiwiki/selibre/linux-libre/">Linux Libre</a> @@ -15,58 +15,82 @@ <a href="https://www.kernel.org/">Linux Non-Libre</a> pages for more links and information.</p> - <h2 id="#linuxlibre">2.3.1. Port Linux Libre</h2> + <h2 id="#linuxlibre">2.1.1. Port Linux Libre</h2> - <p>Collection c9-ports have linux-libre port with default crux - configuration, this port depends on dracut and grub but is not - required to install them. To build and install this port using - prt-get;</p> + <p>Default crux configuration can be obtained from iso, + kernel port depends on dracut and grub but is not required + to install them. To build and install this port using prt-get;</p> <pre> $ prt-get depinst linux-libre </pre> - <h2 id="kinstall">2.3.2. Manual Install</h2> + <h2 id="kinstall">2.1.2. Manual Install</h2> <p>Download Linux Source from <a href="http://linux-libre.fsfla.org/pub/linux-libre/releases/">linux libre</a>, or using the port system;</p> + <p>Crux iso comes with config that is more generic than used on + linux-libre port, crux default is a good starting point to + personalize according to your needs (build default, detect modules + needed);</p> + <pre> - $ cd /usr/ports/c9-ports/linux-libre - $ sudo -u pkgmk pkgmk -do + $ mkdir ~/kernel + $ cd ~/kernel + $ tar xf /usr/ports/distfiles/linux-libre-4.9.12-grsec.tar.xz + $ cd linux-4.9.12/ </pre> - <p>Crux iso comes with config that is used in this port, is - a good starting point to personalize according to your needs;</p> + <p><a href="https://grsecurity.net">Grsecurity</a> patch for + <a href="https://grsecurity.net/test/grsecurity-3.1-4.9.12-201702231830.patch">4.9.12</a>. + Gcc <a href="https://github.com/graysky2/kernel_gcc_patch/">graysky2</a> kernel_gcc_patch (<a href="https://github.com/graysky2/kernel_gcc_patch/archive/master.zip">master.zip</a>) + that adds more cpu options (FLAGS native). + Check <a href="ports/linux-libre/Pkgfile">Pkgfile</a> + for instructions and more patches used on linux-libre port. + Read patching your kernel with + <a href="https://en.wikibooks.org/wiki/Grsecurity/Configuring_and_Installing_grsecurity#Patching_Your_Kernel_with_grsecurity">gresecurity</a>.</p> + + <p>Apply grsecurity patch;</p> <pre> - $ mkdir ~/kernel - $ cd ~/kernel - $ cp /usr/ports/c9-ports/linux-libre/linux-4.1.32.defconfig . - $ cp /usr/ports/distfiles/linux-libre-4.1.32-gnu.tar.xz . - $ tar xf linux-libre-4.1.32-gnu.tar.xz - $ cp linux-4.1.32.defconfig linux-4.1.32/.config + $ patch -p1 < ../grsecurity-3.1-4.9.12-201702231830.patch </pre> - <p>If you like <a href="https://github.com/graysky2/kernel_gcc_patch/">graysky2</a> kernel_gcc_patch (<a href="https://github.com/graysky2/kernel_gcc_patch/archive/master.zip">download master</a>) that adds more cpu options (FLAGS native)</p> + <p>Set correct version;</p> <pre> - $ cp /usr/ports/distfiles/enable_additional_cpu_optimizations_for_gcc_v4.9%2B_kernel_v3.15%2B.patch cpu_optimizations.patch + $ rm localversion-grsec </pre> + <p>Edit Makefile and replace EXTRAVERSION;</p> + <pre> - $ cd ~/linux-4.1.32/ - $ patch -p1 < ../cpu_optimizations.patch - patching file arch/x86/include/asm/module.h - patching file arch/x86/Kconfig.cpu - patching file arch/x86/Makefile - Hunk #1 succeeded at 85 with fuzz 1 (offset -9 lines). - patching file arch/x86/Makefile_32.cpu - $ + VERSION = 4 + PATCHLEVEL = 9 + SUBLEVEL = 12 + EXTRAVERSION = -grsec + NAME = Roaring Lionus </pre> - <p>Read <a href="https://en.wikibooks.org/wiki/Grsecurity/Configuring_and_Installing_grsecurity#Patching_Your_Kernel_with_grsecurity">Gresecurity</a>.</p> + <p>Change cpu optimization patch;</p> + + <pre> + depends on (MK8 || MK7 || MCORE2 || MPENTIUM4 || MPENTIUMM || MPENTIUMIII || MPENTIUMII || M686 || MVIAC3_2 || MVIAC7 || MCRUSOE || MEFFICEON || X86_64 || MATOM || MGEODE_LX) + </pre> + + <p>to;</p> + + <pre> + depends on (MK8 || MK7 || MCORE2 || MPSC || MPENTIUM4 || MPENTIUMM || MPENTIUMIII || MPENTIUMII || M686 || MVIAC3_2 || MVIAC7 || MCRUSOE || MEFFICEON || X86_64 || MATOM || MGEODE_LX) + </pre> + + <p>Apply additional cpu optimizations patch;</p> + + <pre> + $ patch -p1 < ../enable_additional_cpu_optimizations_for_gcc_v4.9%2B_kernel_v3.15%2B.patch + </pre> <p>Configure kernel according to your current kernel hardware support;</p> @@ -75,13 +99,9 @@ $ make localmodconfig </pre> - <p>This will disable all unloaded modules, - you can use localyesconfig mark all loaded - to be built in the kernel.</p> - - <p>To get information about your hardware, - for example information about which graphic - module (driver) is in use as root run;</p> + <p>Get information about your hardware, for example information + about which graphic module (driver) is in use + as root run;</p> <pre> # lspci -nnk | grep -i vga -A3 | grep 'in use' @@ -94,17 +114,165 @@ $ make nconfig </pre> + <p>Make targets;</p> + <pre> - $ make -j $(nproc) all - $ sudo make modules_install - $ sudo cp arch/x86/boot/bzImage /boot/vmlinuz-4.1.32-gnu_crux - $ sudo cp System.map /boot/System.map-4.1.32-gnu_crux + $ make help + Cleaning targets: + clean - Remove most generated files but keep the config and + enough build support to build external modules + mrproper - Remove all generated files + config + various backup files + distclean - mrproper + remove editor backup and patch files + + Configuration targets: + config - Update current config utilising a line-oriented program + nconfig - Update current config utilising a ncurses menu based + program + menuconfig - Update current config utilising a menu based program + xconfig - Update current config utilising a Qt based front-end + gconfig - Update current config utilising a GTK+ based front-end + oldconfig - Update current config utilising a provided .config as base + localmodconfig - Update current config disabling modules not loaded + localyesconfig - Update current config converting local mods to core + silentoldconfig - Same as oldconfig, but quietly, additionally update deps + defconfig - New config with default from ARCH supplied defconfig + savedefconfig - Save current config as ./defconfig (minimal config) + allnoconfig - New config where all options are answered with no + allyesconfig - New config where all options are accepted with yes + allmodconfig - New config selecting modules when possible + alldefconfig - New config with all symbols set to default + randconfig - New config with random answer to all options + listnewconfig - List new options + olddefconfig - Same as silentoldconfig but sets new symbols to their + default value + kvmconfig - Enable additional options for kvm guest kernel support + xenconfig - Enable additional options for xen dom0 and guest kernel support + tinyconfig - Configure the tiniest possible kernel + + Other generic targets: + all - Build all targets marked with [*] + * vmlinux - Build the bare kernel + * modules - Build all modules + modules_install - Install all modules to INSTALL_MOD_PATH (default: /) + firmware_install- Install all firmware to INSTALL_FW_PATH + (default: $(INSTALL_MOD_PATH)/lib/firmware) + dir/ - Build all files in dir and below + dir/file.[ois] - Build specified target only + dir/file.lst - Build specified mixed source/assembly target only + (requires a recent binutils and recent build (System.map)) + dir/file.ko - Build module including final link + modules_prepare - Set up for building external modules + tags/TAGS - Generate tags file for editors + cscope - Generate cscope index + gtags - Generate GNU GLOBAL index + kernelrelease - Output the release version string (use with make -s) + kernelversion - Output the version stored in Makefile (use with make -s) + image_name - Output the image name (use with make -s) + headers_install - Install sanitised kernel headers to INSTALL_HDR_PATH + (default: ./usr) + + Static analysers + checkstack - Generate a list of stack hogs + namespacecheck - Name space analysis on compiled kernel + versioncheck - Sanity check on version.h usage + includecheck - Check for duplicate included header files + export_report - List the usages of all exported symbols + headers_check - Sanity check on exported headers + headerdep - Detect inclusion cycles in headers + coccicheck - Check with Coccinelle. + + Kernel selftest + kselftest - Build and run kernel selftest (run as root) + Build, install, and boot kernel before + running kselftest on it + kselftest-clean - Remove all generated kselftest files + kselftest-merge - Merge all the config dependencies of kselftest to existed + .config. + + Kernel packaging: + rpm-pkg - Build both source and binary RPM kernel packages + binrpm-pkg - Build only the binary kernel RPM package + deb-pkg - Build both source and binary deb kernel packages + bindeb-pkg - Build only the binary kernel deb package + tar-pkg - Build the kernel as an uncompressed tarball + targz-pkg - Build the kernel as a gzip compressed tarball + tarbz2-pkg - Build the kernel as a bzip2 compressed tarball + tarxz-pkg - Build the kernel as a xz compressed tarball + perf-tar-src-pkg - Build perf-4.9.9-gnu.tar source tarball + perf-targz-src-pkg - Build perf-4.9.9-gnu.tar.gz source tarball + perf-tarbz2-src-pkg - Build perf-4.9.9-gnu.tar.bz2 source tarball + perf-tarxz-src-pkg - Build perf-4.9.9-gnu.tar.xz source tarball + + Documentation targets: + Linux kernel internal documentation in different formats (Sphinx): + htmldocs - HTML + latexdocs - LaTeX + pdfdocs - PDF + epubdocs - EPUB + xmldocs - XML + cleandocs - clean all generated files + + make SPHINXDIRS="s1 s2" [target] Generate only docs of folder s1, s2 + valid values for SPHINXDIRS are: development-process media gpu 80211 + + make SPHINX_CONF={conf-file} [target] use *additional* sphinx-build + configuration. This is e.g. useful to build with nit-picking config. + + Linux kernel internal documentation in different formats (DocBook): + htmldocs - HTML + pdfdocs - PDF + psdocs - Postscript + xmldocs - XML DocBook + mandocs - man pages + installmandocs - install man pages generated by mandocs + cleandocs - clean all generated DocBook files + + make DOCBOOKS="s1.xml s2.xml" [target] Generate only docs s1.xml s2.xml + valid values for DOCBOOKS are: z8530book.xml kernel-hacking.xml kernel-locking.xml deviceiobook.xml writing_usb_driver.xml networking.xml kernel-api.xml filesystems.xml lsm.xml usb.xml kgdb.xml gadget.xml libata.xml mtdnand.xml librs.xml rapidio.xml genericirq.xml s390-drivers.xml uio-howto.xml scsi.xml debugobjects.xml sh.xml regulator.xml alsa-driver-api.xml writing-an-alsa-driver.xml tracepoint.xml w1.xml writing_musb_glue_layer.xml crypto-API.xml iio.xml + + make DOCBOOKS="" [target] Don't generate docs from Docbook + This is useful to generate only the ReST docs (Sphinx) + + Architecture specific targets (x86): + * bzImage - Compressed kernel image (arch/x86/boot/bzImage) + install - Install kernel using + (your) ~/bin/installkernel or + (distribution) /sbin/installkernel or + install to $(INSTALL_PATH) and run lilo + fdimage - Create 1.4MB boot floppy image (arch/x86/boot/fdimage) + fdimage144 - Create 1.4MB boot floppy image (arch/x86/boot/fdimage) + fdimage288 - Create 2.8MB boot floppy image (arch/x86/boot/fdimage) + isoimage - Create a boot CD-ROM image (arch/x86/boot/image.iso) + bzdisk/fdimage*/isoimage also accept: + FDARGS="..." arguments for the booted kernel + FDINITRD=file initrd for the booted kernel + + i386_defconfig - Build for i386 + x86_64_defconfig - Build for x86_64 + + make V=0|1 [targets] 0 => quiet build (default), 1 => verbose build + make V=2 [targets] 2 => give reason for rebuild of target + make O=dir [targets] Locate all output files in "dir", including .config + make C=1 [targets] Check all c source with $CHECK (sparse by default) + make C=2 [targets] Force check of all c source with $CHECK + make RECORDMCOUNT_WARN=1 [targets] Warn about ignored mcount sections + make W=n [targets] Enable extra gcc checks, n=1,2,3 where + 1: warnings which may be relevant and do not occur too often + 2: warnings which occur quite often but may still be relevant + 3: more obscure warnings, can most likely be ignored + Multiple levels can be combined with W=12 or W=123 + + Execute "make" or "make all" to build all targets marked with [*] + For further info see the ./README file + $ </pre> - <p>Create dracut initramfs;</p> <pre> - $sudo dracut --fstab /boot/initramfs-4.1.32-gnu_crux.img 4.1.32-gnu_crux + $ make -j $(nproc) bzImage modules + $ sudo make modules_install + $ sudo cp arch/x86/boot/bzImage /boot/vmlinuz-4.9.12-grsec + $ sudo cp System.map /boot/System.map-4.9.12-grsec </pre> <p>Update grub;</p> @@ -113,20 +281,61 @@ # grub-mkconfig -o /boot/grub/grub.cfg </pre> - <h2 id="kuninstall">2.3.3. Manual Remove</h2> + <h2 id="kuninstall">2.1.3. Manual Remove</h2> + + <pre> + $ sudo rm -r /lib/modules/4.9.12-grsec + $ sudo rm /boot/vmlinuz-4.9.12-grsec + $ sudo rm /boot/System.map-4.9.12-grsec + </pre> + + <h2 id="dracut">2.1.4. Dracut</h2> + + <p>Install dracut;</p> + + <pre> + # cd /usr/ports/c9-ports/dracut + # pkgmk -d + # pkgadd /usr/ports/packages/dracut#044-2.pkg.tar.gz + </pre> + + <p>Review configuration file;</p> + + <pre> + # PUT YOUR CONFIG IN separate files + # in /etc/dracut.conf.d named "<name>.conf" + + # Equivalent to -H + hostonly="yes" + + # Mount / and /usr read-only by default. + ro_mnt="no" + + # Equivalent to -m "module module module" + dracutmodules+="dash kernel-modules rootfs-block udev-rules usrmount base fs-lib shutdown" + + # Equivalent to -a "module" + add_dracutmodules+="caps debug" + + # Equivalent to -o "module" + #omit_dracutmodules+="systemd systemd-bootchart systemd-networkd systemd-initrd" + + # SEE man dracut.conf(5) for options + </pre> + + <p>Run dracut to create init ram filesystem for + port linux-blob kernel;</p> <pre> - $ sudo rm -r /lib/modules/4.1.12-gnu_crux - $ sudo rm /boot/vmlinuz-4.1.12-gnu_crux - $ sudo rm /boot/System.map-4.1.12-gnu_crux + # dracut -v /boot/initramfs-4.9.11-blob.img 4.9.11-blob </pre> <a href="index.html">Core OS Index</a> <p>This is part of the c9-doc Manual. -Copyright (C) 2016 -c9 team. -See the file <a href="../fdl-1.3-standalone.html">Gnu Free Documentation License</a> -for copying conditions.</p> + Copyright (C) 2017 + c9 team. + See the file <a href="../fdl-1.3-standalone.html">Gnu Free Documentation License</a> + for copying conditions.</p> </body> </html> |