source: chapter10/kernel.xml@ 10262709

12.0 12.0-rc1 12.1 12.1-rc1 bdubbs/gcc13 multilib renodr/libudev-from-systemd trunk xry111/arm64 xry111/arm64-12.0 xry111/clfs-ng xry111/loongarch xry111/loongarch-12.0 xry111/loongarch-12.1 xry111/mips64el xry111/update-glibc
Last change on this file since 10262709 was 10262709, checked in by Xi Ruoyao <xry111@…>, 14 months ago

Revert "kernel: Use <caution> for make defconfig and..."

This reverts commit d0a9bda4e696f4be02499b87c2bd6d8f40a3d4a3.

"Don't change anything enabled by defconfig" seems too strong.
  • Property mode set to 100644
File size: 22.5 KB
Line 
1<?xml version="1.0" encoding="ISO-8859-1"?>
2<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3 "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4 <!ENTITY % general-entities SYSTEM "../general.ent">
5 %general-entities;
6]>
7
8<sect1 id="ch-bootable-kernel" role="wrap">
9 <?dbhtml filename="kernel.html"?>
10
11 <sect1info condition="script">
12 <productname>kernel</productname>
13 <productnumber>&linux-version;</productnumber>
14 <address>&linux-url;</address>
15 </sect1info>
16
17 <title>Linux-&linux-version;</title>
18
19 <indexterm zone="ch-bootable-kernel">
20 <primary sortas="a-Linux">Linux</primary>
21 </indexterm>
22
23 <sect2 role="package">
24 <title/>
25
26 <para>The Linux package contains the Linux kernel.</para>
27
28 <segmentedlist>
29 <segtitle>&buildtime;</segtitle>
30 <segtitle>&diskspace;</segtitle>
31
32 <seglistitem>
33 <seg>&linux-knl-sbu;</seg>
34 <seg>&linux-knl-du;</seg>
35 </seglistitem>
36 </segmentedlist>
37
38 </sect2>
39
40 <sect2 role="installation">
41 <title>Installation of the kernel</title>
42
43 <para>Building the kernel involves a few steps&mdash;configuration,
44 compilation, and installation. Read the <filename>README</filename> file
45 in the kernel source tree for alternative methods to the way this book
46 configures the kernel.</para>
47
48 <para>Prepare for compilation by running the following command:</para>
49
50<screen><userinput remap="pre">make mrproper</userinput></screen>
51
52 <para>This ensures that the kernel tree is absolutely clean. The
53 kernel team recommends that this command be issued prior to each
54 kernel compilation. Do not rely on the source tree being clean after
55 un-tarring.</para>
56
57 <para>There are several ways to configure the kernel options. Usually,
58 This is done through a menu-driven interface, for example:</para>
59
60<screen role="nodump"><userinput>make menuconfig</userinput></screen>
61
62 <variablelist>
63 <title>The meaning of optional make environment variables:</title>
64
65 <varlistentry>
66 <term><parameter>LANG=&lt;host_LANG_value&gt; LC_ALL=</parameter></term>
67 <listitem>
68 <para>This establishes the locale setting to the one used on the
69 host. This may be needed for a proper menuconfig ncurses interface
70 line drawing on a UTF-8 linux text console.</para>
71
72 <para>If used, be sure to replace
73 <replaceable>&lt;host_LANG_value&gt;</replaceable> by the value of
74 the <envar>$LANG</envar> variable from your host. You can
75 alternatively use instead the host's value of <envar>$LC_ALL</envar>
76 or <envar>$LC_CTYPE</envar>.</para>
77 </listitem>
78 </varlistentry>
79
80 <varlistentry>
81 <term><command>make menuconfig</command></term>
82 <listitem>
83 <para>This launches an ncurses menu-driven interface. For other
84 (graphical) interfaces, type <command>make help</command>.</para>
85 </listitem>
86 </varlistentry>
87 </variablelist>
88
89 <!-- Support for compiling a keymap into the kernel is deliberately removed -->
90
91 <para>For general information on kernel configuration see <ulink
92 url="&hints-root;kernel-configuration.txt"/>. BLFS has some information
93 regarding particular kernel configuration requirements of packages outside
94 of LFS at <ulink
95 url="&blfs-book;longindex.html#kernel-config-index"/>. Additional
96 information about configuring and building the kernel can be found at
97 <ulink url="http://www.kroah.com/lkn/"/> </para>
98
99 <note>
100 <para>A good starting place for setting up the kernel configuration is to
101 run <command>make defconfig</command>. This will set the base
102 configuration to a good state that takes your current system architecture
103 into account.</para>
104
105 <para>Be sure to enable/disable/set the following features or the system might
106 not work correctly or boot at all:</para>
107
108 <screen role="nodump" revision="sysv">Processor type and features ---&gt;
109 [*] Build a relocatable kernel [CONFIG_RELOCATABLE]
110 [*] Randomize the address of the kernel image (KASLR) [CONFIG_RANDOMIZE_BASE]
111General setup ---&gt;
112 [ ] Compile the kernel with warnings as errors [CONFIG_WERROR]
113 &lt; &gt; Enable kernel headers through /sys/kernel/kheaders.tar.xz [CONFIG_IKHEADERS]
114 [ ] Configure standard kernel features (expert users) [CONFIG_EXPERT]
115General architecture-dependent options ---&gt;
116 [*] Stack Protector buffer overflow detection [CONFIG_STACKPROTECTOR]
117 [*] Strong Stack Protector [CONFIG_STACKPROTECTOR_STRONG]
118Device Drivers ---&gt;
119 Graphics support ---&gt;
120 Frame buffer Devices ---&gt;
121 &lt;*&gt; Support for frame buffer devices ---&gt;
122 Console display driver support ---&gt;
123 [*] Framebuffer Console support [CONFIG_FRAMEBUFFER_CONSOLE]
124 Generic Driver Options ---&gt;
125 [ ] Support for uevent helper [CONFIG_UEVENT_HELPER]
126 [*] Maintain a devtmpfs filesystem to mount at /dev [CONFIG_DEVTMPFS]
127 [*] Automount devtmpfs at /dev, after the kernel mounted the rootfs [CONFIG_DEVTMPFS_MOUNT]</screen>
128
129 <screen role="nodump" revision="systemd">Processor type and features ---&gt;
130 [*] Build a relocatable kernel [CONFIG_RELOCATABLE]
131 [*] Randomize the address of the kernel image (KASLR) [CONFIG_RANDOMIZE_BASE]
132General setup ---&gt;
133 [ ] Compile the kernel with warnings as errors [CONFIG_WERROR]
134 [ ] Auditing Support [CONFIG_AUDIT]
135 CPU/Task time and stats accounting ---&gt;
136 [*] Pressure stall information tracking [CONFIG_PSI]
137 &lt; &gt; Enable kernel headers through /sys/kernel/kheaders.tar.xz [CONFIG_IKHEADERS]
138 [*] Control Group support [CONFIG_CGROUPS] ---&gt;
139 [*] Memory controller [CONFIG_MEMCG]
140 [ ] Enable deprecated sysfs features to support old userspace tools [CONFIG_SYSFS_DEPRECATED]
141 [ ] Configure standard kernel features (expert users) [CONFIG_EXPERT]
142General architecture-dependent options ---&gt;
143 [*] Enable seccomp to safely compute untrusted bytecode [CONFIG_SECCOMP]
144 [*] Stack Protector buffer overflow detection [CONFIG_STACKPROTECTOR]
145 [*] Strong Stack Protector [CONFIG_STACKPROTECTOR_STRONG]
146Networking support ---&gt;
147 Networking options ---&gt;
148 &lt;*&gt; The IPv6 protocol [CONFIG_IPV6]
149Device Drivers ---&gt;
150 Generic Driver Options ---&gt;
151 [ ] Support for uevent helper [CONFIG_UEVENT_HELPER]
152 [*] Maintain a devtmpfs filesystem to mount at /dev [CONFIG_DEVTMPFS]
153 [*] Automount devtmpfs at /dev, after the kernel mounted the rootfs [CONFIG_DEVTMPFS_MOUNT]
154 Firmware Loader ---&gt;
155 [ ] Enable the firmware sysfs fallback mechanism [CONFIG_FW_LOADER_USER_HELPER]
156 Firmware Drivers ---&gt;
157 [*] Export DMI identification via sysfs to userspace [CONFIG_DMIID]
158 Graphics support ---&gt;
159 Frame buffer Devices ---&gt;
160 &lt;*&gt; Support for frame buffer devices ---&gt;
161 Console display driver support ---&gt;
162 [*] Framebuffer Console support [CONFIG_FRAMEBUFFER_CONSOLE]
163File systems ---&gt;
164 [*] Inotify support for userspace [CONFIG_INOTIFY_USER]
165 Pseudo filesystems ---&gt;
166 [*] Tmpfs POSIX Access Control Lists [CONFIG_TMPFS_POSIX_ACL]</screen>
167
168 <para>Enable some additional features if you are building a 64-bit
169 system. If you are using menuconfig, enable them in the order of
170 <parameter>CONFIG_PCI_MSI</parameter> first, then
171 <parameter>CONFIG_IRQ_REMAP</parameter>, at last
172 <parameter>CONFIG_X86_X2APIC</parameter> because an option only
173 shows up after its dependencies are selected.</para>
174
175 <screen role="nodump">Processor type and features ---&gt;
176 [*] Support x2apic [CONFIG_X86_X2APIC]
177Device Drivers ---&gt;
178 [*] PCI Support ---&gt; [CONFIG_PCI]
179 [*] Message Signaled Interrupts (MSI and MSI-X) [CONFIG_PCI_MSI]
180 [*] IOMMU Hardware Support ---&gt; [CONFIG_IOMMU_SUPPORT]
181 [*] Support for Interrupt Remapping [CONFIG_IRQ_REMAP]</screen>
182 </note>
183
184 <note revision="systemd">
185 <para>While "The IPv6 Protocol" is not strictly
186 required, it is highly recommended by the systemd developers.</para>
187 </note>
188
189 <para revision="sysv">There are several other options that may be desired
190 depending on the requirements for the system. For a list of options needed
191 for BLFS packages, see the <ulink
192 url="&lfs-root;blfs/view/&short-version;/longindex.html#kernel-config-index">BLFS
193 Index of Kernel Settings</ulink>
194 (&lfs-root;blfs/view/&short-version;/longindex.html#kernel-config-index).</para>
195
196 <note>
197 <para>If your host hardware is using UEFI and you wish to boot the
198 LFS system with it, you should adjust some kernel configuration
199 following <ulink url="&blfs-book;postlfs/grub-setup.html#uefi-kernel">
200 the BLFS page</ulink>.</para>
201 </note>
202
203 <variablelist>
204 <title>The rationale for the above configuration items:</title>
205
206 <varlistentry>
207 <term><parameter>Randomize the address of the kernel image (KASLR)</parameter></term>
208 <listitem>
209 <para>Enable ASLR for kernel image, to mitigate some attacks based
210 on fixed addresses of sensitive data or code in the kernel.</para>
211 </listitem>
212 </varlistentry>
213
214 <varlistentry>
215 <term>
216 <parameter>
217 Compile the kernel with warnings as errors
218 </parameter>
219 </term>
220 <listitem>
221 <para>This may cause building failure if the compiler and/or
222 configuration are different from those of the kernel
223 developers.</para>
224 </listitem>
225 </varlistentry>
226
227 <varlistentry>
228 <term>
229 <parameter>
230 Enable kernel headers through /sys/kernel/kheaders.tar.xz
231 </parameter>
232 </term>
233 <listitem>
234 <para>This will require <command>cpio</command> building the kernel.
235 <command>cpio</command> is not installed by LFS.</para>
236 </listitem>
237 </varlistentry>
238
239 <varlistentry>
240 <term>
241 <parameter>
242 Configure standard kernel features (expert users)
243 </parameter>
244 </term>
245 <listitem>
246 <para>This will make some options show up in the configuration
247 interface but changing those options may be dangerous. Do not use
248 this unless you know what you are doing.</para>
249 </listitem>
250 </varlistentry>
251
252 <varlistentry>
253 <term><parameter>Strong Stack Protector</parameter></term>
254 <listitem>
255 <para>Enable SSP for the kernel. We've enabled it for the entire
256 userspace with <parameter>--enable-default-ssp</parameter>
257 configuring GCC, but the kernel does not use GCC default setting
258 for SSP. We enable it explicitly here.</para>
259 </listitem>
260 </varlistentry>
261
262 <varlistentry>
263 <term><parameter>Support for uevent helper</parameter></term>
264 <listitem>
265 <para>Having this option set may interfere with device
266 management when using Udev/Eudev. </para>
267 </listitem>
268 </varlistentry>
269
270 <varlistentry>
271 <term><parameter>Maintain a devtmpfs</parameter></term>
272 <listitem>
273 <para>This will create automated device nodes which are populated by the
274 kernel, even without Udev running. Udev then runs on top of this,
275 managing permissions and adding symlinks. This configuration
276 item is required for all users of Udev/Eudev.</para>
277 </listitem>
278 </varlistentry>
279
280 <varlistentry>
281 <term><parameter>Automount devtmpfs at /dev</parameter></term>
282 <listitem>
283 <para>This will mount the kernel view of the devices on /dev
284 upon switching to root filesystem just before starting
285 init.</para>
286 </listitem>
287 </varlistentry>
288
289 <varlistentry>
290 <term><parameter>Framebuffer Console support</parameter></term>
291 <listitem>
292 <para>This is needed to display the Linux console on a frame
293 buffer device. To allow the kernel to print debug messages at an
294 early boot stage, it shouldn't be built as a kernel module
295 unless an initramfs will be used. And, if
296 <option>CONFIG_DRM</option> (Direct Rendering Manager) is enabled,
297 it's likely <option>CONFIG_DRM_FBDEV_EMULATION</option> (Enable
298 legacy fbdev support for your modesetting driver) should be
299 enabled as well.</para>
300 </listitem>
301 </varlistentry>
302
303 <varlistentry>
304 <term><parameter>Support x2apic</parameter></term>
305 <listitem>
306 <para>Support running the interrupt controller of 64-bit x86
307 processors in x2APIC mode. x2APIC may be enabled by firmware on
308 64-bit x86 systems, and a kernel without this option enabled will
309 panic on boot if x2APIC is enabled by firmware. This option has
310 has no effect, but also does no harm if x2APIC is disabled by the
311 firmware.</para>
312 </listitem>
313 </varlistentry>
314
315 </variablelist>
316
317 <para>Alternatively, <command>make oldconfig</command> may be more
318 appropriate in some situations. See the <filename>README</filename>
319 file for more information.</para>
320
321 <para>If desired, skip kernel configuration by copying the kernel
322 config file, <filename>.config</filename>, from the host system
323 (assuming it is available) to the unpacked <filename
324 class="directory">linux-&linux-version;</filename> directory. However,
325 we do not recommend this option. It is often better to explore all the
326 configuration menus and create the kernel configuration from
327 scratch.</para>
328
329 <para>Compile the kernel image and modules:</para>
330
331<screen><userinput remap="make">make</userinput></screen>
332
333 <para>If using kernel modules, module configuration in <filename
334 class="directory">/etc/modprobe.d</filename> may be required.
335 Information pertaining to modules and kernel configuration is
336 located in <xref linkend="ch-config-udev"/> and in the kernel
337 documentation in the <filename
338 class="directory">linux-&linux-version;/Documentation</filename> directory.
339 Also, <filename>modprobe.d(5)</filename> may be of interest.</para>
340
341 <para>Unless module support has been disabled in the kernel configuration,
342 install the modules with:</para>
343
344<screen><userinput remap="install">make modules_install</userinput></screen>
345
346 <para>After kernel compilation is complete, additional steps are
347 required to complete the installation. Some files need to be copied to
348 the <filename class="directory">/boot</filename> directory.</para>
349
350 <caution>
351 <para>If you've decided to use a separate &boot-dir; partition for the
352 LFS system (maybe sharing a &boot-dir; partition with the host
353 distro) , the files copied below should go there. The easiest way to
354 do that is to create the entry for &boot-dir; in &fstab; first (read
355 the previous section for details), then issue the following command
356 as the &root; user in the
357 <emphasis>chroot environment</emphasis>:</para>
358
359<screen role="nodump"><userinput>mount /boot</userinput></screen>
360
361 <para>The path to the device node is omitted in the command because
362 <command>mount</command> can read it from &fstab;.</para>
363 </caution>
364
365 <para>The path to the kernel image may vary depending on the platform being
366 used. The filename below can be changed to suit your taste, but the stem of
367 the filename should be <emphasis>vmlinuz</emphasis> to be compatible with
368 the automatic setup of the boot process described in the next section. The
369 following command assumes an x86 architecture:</para>
370
371<screen><userinput remap="install">cp -iv arch/x86/boot/bzImage /boot/vmlinuz-&linux-version;-lfs-&version;</userinput></screen>
372
373 <para><filename>System.map</filename> is a symbol file for the kernel.
374 It maps the function entry points of every function in the kernel API,
375 as well as the addresses of the kernel data structures for the running
376 kernel. It is used as a resource when investigating kernel problems.
377 Issue the following command to install the map file:</para>
378
379<screen><userinput remap="install">cp -iv System.map /boot/System.map-&linux-version;</userinput></screen>
380
381 <para>The kernel configuration file <filename>.config</filename>
382 produced by the <command>make menuconfig</command> step
383 above contains all the configuration selections for the kernel
384 that was just compiled. It is a good idea to keep this file for future
385 reference:</para>
386
387<screen><userinput remap="install">cp -iv .config /boot/config-&linux-version;</userinput></screen>
388
389 <para>Install the documentation for the Linux kernel:</para>
390
391<screen><userinput remap="install">install -d /usr/share/doc/linux-&linux-version;
392cp -r Documentation/* /usr/share/doc/linux-&linux-version;</userinput></screen>
393
394 <para>It is important to note that the files in the kernel source
395 directory are not owned by <emphasis>root</emphasis>. Whenever a
396 package is unpacked as user <emphasis>root</emphasis> (like we did
397 inside chroot), the files have the user and group IDs of whatever
398 they were on the packager's computer. This is usually not a problem
399 for any other package to be installed because the source tree is
400 removed after the installation. However, the Linux source tree is
401 often retained for a long time. Because of this, there is a chance
402 that whatever user ID the packager used will be assigned to somebody
403 on the machine. That person would then have write access to the kernel
404 source.</para>
405
406 <note>
407 <para>In many cases, the configuration of the kernel will need to be
408 updated for packages that will be installed later in BLFS. Unlike
409 other packages, it is not necessary to remove the kernel source tree
410 after the newly built kernel is installed.</para>
411
412 <para>If the kernel source tree is going to be retained, run
413 <command>chown -R 0:0</command> on the <filename
414 class="directory">linux-&linux-version;</filename> directory to ensure
415 all files are owned by user <emphasis>root</emphasis>.</para>
416 </note>
417
418 <warning>
419 <para>Some kernel documentation recommends creating a symlink from
420 <filename class="symlink">/usr/src/linux</filename> pointing to the kernel
421 source directory. This is specific to kernels prior to the 2.6 series and
422 <emphasis>must not</emphasis> be created on an LFS system as it can cause
423 problems for packages you may wish to build once your base LFS system is
424 complete.</para>
425 </warning>
426
427 <warning>
428 <para>The headers in the system's <filename
429 class="directory">include</filename> directory (<filename
430 class="directory">/usr/include</filename>) should
431 <emphasis>always</emphasis> be the ones against which Glibc was compiled,
432 that is, the sanitised headers installed in <xref
433 linkend="ch-tools-linux-headers"/>. Therefore, they should
434 <emphasis>never</emphasis> be replaced by either the raw kernel headers
435 or any other kernel sanitized headers.</para>
436 </warning>
437
438 </sect2>
439
440 <sect2 id="conf-modprobe" role="configuration">
441 <title>Configuring Linux Module Load Order</title>
442
443 <indexterm zone="conf-modprobe">
444 <primary sortas="e-/etc/modprobe.d/usb.conf">/etc/modprobe.d/usb.conf</primary>
445 </indexterm>
446
447 <para>Most of the time Linux modules are loaded automatically, but
448 sometimes it needs some specific direction. The program that loads
449 modules, <command>modprobe</command> or <command>insmod</command>, uses
450 <filename>/etc/modprobe.d/usb.conf</filename> for this purpose. This file
451 needs to be created so that if the USB drivers (ehci_hcd, ohci_hcd and
452 uhci_hcd) have been built as modules, they will be loaded in the correct
453 order; ehci_hcd needs to be loaded prior to ohci_hcd and uhci_hcd in order
454 to avoid a warning being output at boot time.</para>
455
456 <para>Create a new file <filename>/etc/modprobe.d/usb.conf</filename> by running
457 the following:</para>
458
459<screen><userinput>install -v -m755 -d /etc/modprobe.d
460cat &gt; /etc/modprobe.d/usb.conf &lt;&lt; "EOF"
461<literal># Begin /etc/modprobe.d/usb.conf
462
463install ohci_hcd /sbin/modprobe ehci_hcd ; /sbin/modprobe -i ohci_hcd ; true
464install uhci_hcd /sbin/modprobe ehci_hcd ; /sbin/modprobe -i uhci_hcd ; true
465
466# End /etc/modprobe.d/usb.conf</literal>
467EOF</userinput></screen>
468
469 </sect2>
470
471 <sect2 id="contents-kernel" role="content">
472 <title>Contents of Linux</title>
473
474 <segmentedlist>
475 <segtitle>Installed files</segtitle>
476 <segtitle>Installed directories</segtitle>
477
478 <seglistitem>
479 <seg>config-&linux-version;,
480 vmlinuz-&linux-version;-lfs-&version;,
481 and System.map-&linux-version;</seg>
482 <seg>/lib/modules, /usr/share/doc/linux-&linux-version;</seg>
483 </seglistitem>
484 </segmentedlist>
485
486 <variablelist>
487 <bridgehead renderas="sect3">Short Descriptions</bridgehead>
488 <?dbfo list-presentation="list"?>
489 <?dbhtml list-presentation="table"?>
490
491 <varlistentry id="config">
492 <term><filename>config-&linux-version;</filename></term>
493 <listitem>
494 <para>Contains all the configuration selections for the kernel</para>
495 <indexterm zone="ch-bootable-kernel config">
496 <primary sortas="e-/boot/config">/boot/config-&linux-version;</primary>
497 </indexterm>
498 </listitem>
499 </varlistentry>
500
501 <varlistentry id="lfskernel">
502 <term><filename>vmlinuz-&linux-version;-lfs-&version;</filename></term>
503 <listitem>
504 <para>The engine of the Linux system. When turning on the computer,
505 the kernel is the first part of the operating system that gets loaded.
506 It detects and initializes all components of the computer's hardware,
507 then makes these components available as a tree of files to the
508 software and turns a single CPU into a multitasking machine capable
509 of running scores of programs seemingly at the same time</para>
510 <indexterm zone="ch-bootable-kernel lfskernel">
511 <primary sortas="b-lfskernel">lfskernel-&linux-version;</primary>
512 </indexterm>
513 </listitem>
514 </varlistentry>
515
516 <varlistentry id="System.map">
517 <term><filename>System.map-&linux-version;</filename></term>
518 <listitem>
519 <para>A list of addresses and symbols; it maps the entry points and
520 addresses of all the functions and data structures in the
521 kernel</para>
522 <indexterm zone="ch-bootable-kernel System.map">
523 <primary sortas="e-/boot/System.map">/boot/System.map-&linux-version;</primary>
524 </indexterm>
525 </listitem>
526 </varlistentry>
527
528 </variablelist>
529
530 </sect2>
531
532</sect1>
Note: See TracBrowser for help on using the repository browser.