source: chapter08/kernel.xml@ 1405c4a

10.0 10.0-rc1 10.1 10.1-rc1 11.0 11.0-rc1 11.0-rc2 11.0-rc3 ml-11.0 multilib old-trunk trunk xry111/git-transition xry111/glibc-2.34 xry111/tester-nohack xry111/usr-move
Last change on this file since 1405c4a was 1405c4a, checked in by Pierre Labastie <pieere@…>, 19 months ago

Fix kernel crash when using STACK_PROTECTOR_STRONG=y

git-svn-id: 4aa44e1e-78dd-0310-a6d2-fbcd4c07a689

  • Property mode set to 100644
File size: 17.4 KB
1<?xml version="1.0" encoding="ISO-8859-1"?>
2<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3 "" [
4 <!ENTITY % general-entities SYSTEM "../general.ent">
5 %general-entities;
8<sect1 id="ch-bootable-kernel" role="wrap">
9 <?dbhtml filename="kernel.html"?>
11 <sect1info condition="script">
12 <productname>kernel</productname>
13 <productnumber>&linux-version;</productnumber>
14 <address>&linux-url;</address>
15 </sect1info>
17 <title>Linux-&linux-version;</title>
19 <indexterm zone="ch-bootable-kernel">
20 <primary sortas="a-Linux">Linux</primary>
21 </indexterm>
23 <sect2 role="package">
24 <title/>
26 <para>The Linux package contains the Linux kernel.</para>
28 <segmentedlist>
29 <segtitle>&buildtime;</segtitle>
30 <segtitle>&diskspace;</segtitle>
32 <seglistitem>
33 <seg>&linux-ch8-sbu;</seg>
34 <seg>&linux-ch8-du;</seg>
35 </seglistitem>
36 </segmentedlist>
38 </sect2>
40 <sect2 role="installation">
41 <title>Installation of the kernel</title>
43 <para>Building the kernel involves a few steps&mdash;configuration,
44 compilation, and installation. Read the <filename>README</filename> file
45 in the kernel source tree for alternative methods to the way this book
46 configures the kernel.</para>
48 <para>Prepare for compilation by running the following command:</para>
50<screen><userinput remap="pre">make mrproper</userinput></screen>
52 <para>This ensures that the kernel tree is absolutely clean. The
53 kernel team recommends that this command be issued prior to each
54 kernel compilation. Do not rely on the source tree being clean after
55 un-tarring.</para>
57 <!-- The following paragraph and sed should be only necessary on the 5.6
58 series, but check when 5.7 is out. -->
59 <para>When using <envar>CONFIG_STACKPROTECTOR_STRONG=y</envar>, and
60 compiling with GCC 10 and later, the default optimization is too
61 aggressive, and generates a kernel panic when booting. This can be
62 fixed with:</para>
64<screen><userinput remap="pre">sed -e '/cpu_startup/a asm("");' \
65 -i arch/x86/{kernel/smpboot.c,xen/smp_pv.c}</userinput></screen>
67 <!-- Support for compiling a keymap into the kernel is deliberately removed -->
69 <para>Configure the kernel via a menu-driven interface. For general
70 information on kernel configuration see <ulink
71 url="&hints-root;kernel-configuration.txt"/>. BLFS has some information
72 regarding particular kernel configuration requirements of packages outside
73 of LFS at <ulink
74 url="&blfs-book;longindex.html#kernel-config-index"/>. Additional
75 information about configuring and building the kernel can be found at
76 <ulink url=""/> </para>
78 <note>
80 <para>A good starting place for setting up the kernel configuration is to
81 run <command>make defconfig</command>. This will set the base
82 configuration to a good state that takes your current system architecture
83 into account.</para>
85 <para>Be sure to enable/disable/set the following features or the system might
86 not work correctly or boot at all:</para>
88 <screen role="nodump" revision="sysv">
89Device Drivers ---&gt;
90 Generic Driver Options ---&gt;
91 [ ] Support for uevent helper [CONFIG_UEVENT_HELPER]
92 [*] Maintain a devtmpfs filesystem to mount at /dev [CONFIG_DEVTMPFS]
94Kernel hacking ---&gt;
95 Choose kernel unwinder (Frame pointer unwinder) ---&gt; [CONFIG_UNWINDER_FRAME_POINTER]</screen>
97 <screen role="nodump" revision="systemd">
98General setup -->
99 [*] Control Group support [CONFIG_CGROUPS]
100 [ ] Enable deprecated sysfs features to support old userspace tools [CONFIG_SYSFS_DEPRECATED]
101 [*] Configure standard kernel features (expert users) [CONFIG_EXPERT] ---&gt;
102 [*] open by fhandle syscalls [CONFIG_FHANDLE]
103 [ ] Auditing support [CONFIG_AUDIT]
104Processor type and features ---&gt;
105 [*] Enable seccomp to safely compute untrusted bytecode [CONFIG_SECCOMP]
106Firmware Drivers ---&gt;
107 [*] Export DMI identification via sysfs to userspace [CONFIG_DMIID]
108Networking support ---&gt;
109 Networking options ---&gt;
110 &lt;*&gt; The IPv6 protocol [CONFIG_IPV6]
111Device Drivers ---&gt;
112 Generic Driver Options ---&gt;
113 [ ] Support for uevent helper [CONFIG_UEVENT_HELPER]
114 [*] Maintain a devtmpfs filesystem to mount at /dev [CONFIG_DEVTMPFS]
115 Firmware Loader ---&gt;
116 [ ] Enable the firmware sysfs fallback mechanism [CONFIG_FW_LOADER_USER_HELPER]
117File systems ---&gt;
118 [*] Inotify support for userspace [CONFIG_INOTIFY_USER]
119 &lt;*&gt; Kernel automounter support (supports v3, v4, and v5) [CONFIG_AUTOFS_FS]
120 Pseudo filesystems ---&gt;
121 [*] Tmpfs POSIX Access Control Lists [CONFIG_TMPFS_POSIX_ACL]
122 [*] Tmpfs extended attributes [CONFIG_TMPFS_XATTR]</screen>
123 </note>
125 <note revision="systemd">
126 <para>While "The IPv6 Protocol" is not strictly
127 required, it is highly recommended by the systemd developers.</para>
128 </note>
130 <para revision="sysv">There are several other options that may be desired
131 depending on the requirements for the system. For a list of options needed
132 for BLFS packages, see the <ulink
133 url="&lfs-root;blfs/view/&short-version;/longindex.html#kernel-config-index">BLFS
134 Index of Kernel Settings</ulink>
135 (&lfs-root;blfs/view/&short-version;/longindex.html#kernel-config-index).</para>
137 <note>
138 <para>If your host hardware is using UEFI, then the 'make defconfig'
139 above should automatically add in some EFI-related kernel options.</para>
141 <para>In order to allow your LFS kernel to be booted from within your
142 host's UEFI boot environment, your kernel must have this option
143 selected:</para>
145<screen role="nodump">Processor type and features ---&gt;
146 [*] EFI stub support [CONFIG_EFI_STUB]</screen>
148 <para>A fuller description of managing UEFI environments from within LFS
149 is covered by the lfs-uefi.txt hint at
150 <ulink
151 url="&hints-root;lfs-uefi.txt"/>.
152 </para>
153 </note>
155 <variablelist>
156 <title>The rationale for the above configuration items:</title>
158 <varlistentry>
159 <term><parameter>Support for uevent helper</parameter></term>
160 <listitem>
161 <para>Having this option set may interfere with device
162 management when using Udev/Eudev. </para>
163 </listitem>
164 </varlistentry>
166 <varlistentry>
167 <term><parameter>Maintain a devtmpfs</parameter></term>
168 <listitem>
169 <para>This will create automated device nodes which are populated by the
170 kernel, even without Udev running. Udev then runs on top of this,
171 managing permissions and adding symlinks. This configuration
172 item is required for all users of Udev/Eudev.</para>
173 </listitem>
174 </varlistentry>
176 </variablelist>
178<screen role="nodump"><userinput>make menuconfig</userinput></screen>
180 <variablelist>
181 <title>The meaning of optional make environment variables:</title>
183 <varlistentry>
184 <term><parameter>LANG=&lt;host_LANG_value&gt; LC_ALL=</parameter></term>
185 <listitem>
186 <para>This establishes the locale setting to the one used on the
187 host. This may be needed for a proper menuconfig ncurses interface
188 line drawing on a UTF-8 linux text console.</para>
190 <para>If used, be sure to replace
191 <replaceable>&lt;host_LANG_value&gt;</replaceable> by the value of
192 the <envar>$LANG</envar> variable from your host. You can
193 alternatively use instead the host's value of <envar>$LC_ALL</envar>
194 or <envar>$LC_CTYPE</envar>.</para>
195 </listitem>
196 </varlistentry>
198 </variablelist>
200 <para>Alternatively, <command>make oldconfig</command> may be more
201 appropriate in some situations. See the <filename>README</filename>
202 file for more information.</para>
204 <para>If desired, skip kernel configuration by copying the kernel
205 config file, <filename>.config</filename>, from the host system
206 (assuming it is available) to the unpacked <filename
207 class="directory">linux-&linux-version;</filename> directory. However,
208 we do not recommend this option. It is often better to explore all the
209 configuration menus and create the kernel configuration from
210 scratch.</para>
212 <para>Compile the kernel image and modules:</para>
214<screen><userinput remap="make">make</userinput></screen>
216 <para>If using kernel modules, module configuration in <filename
217 class="directory">/etc/modprobe.d</filename> may be required.
218 Information pertaining to modules and kernel configuration is
219 located in <xref linkend="ch-config-udev"/> and in the kernel
220 documentation in the <filename
221 class="directory">linux-&linux-version;/Documentation</filename> directory.
222 Also, <filename>modprobe.d(5)</filename> may be of interest.</para>
224 <para>Unless module support has been disabled in the kernel configuration,
225 install the modules with:</para>
227<screen><userinput remap="install">make modules_install</userinput></screen>
229 <para>After kernel compilation is complete, additional steps are
230 required to complete the installation. Some files need to be copied to
231 the <filename class="directory">/boot</filename> directory.</para>
233 <caution>
234 <para>If the host system has a separate /boot partition, the files copied
235 below should go there. The easiest way to do that is to bind /boot on the
236 host (outside chroot) to /mnt/lfs/boot before proceeding. As the root
237 user in the <emphasis>host system</emphasis>:</para>
239<screen role="nodump"><userinput>mount --bind /boot /mnt/lfs/boot</userinput></screen>
240 </caution>
242 <para>The path to the kernel image may vary depending on the platform being
243 used. The filename below can be changed to suit your taste, but the stem of
244 the filename should be <emphasis>vmlinuz</emphasis> to be compatible with
245 the automatic setup of the boot process described in the next section. The
246 following command assumes an x86 architecture:</para>
248<screen revision="sysv"><userinput remap="install">cp -iv arch/x86/boot/bzImage /boot/vmlinuz-&linux-version;-lfs-&version;</userinput></screen>
250<screen revision="systemd"><userinput remap="install">cp -iv arch/x86/boot/bzImage /boot/vmlinuz-&linux-version;-lfs-&versiond;</userinput></screen>
252 <para><filename></filename> is a symbol file for the kernel.
253 It maps the function entry points of every function in the kernel API,
254 as well as the addresses of the kernel data structures for the running
255 kernel. It is used as a resource when investigating kernel problems.
256 Issue the following command to install the map file:</para>
258<screen><userinput remap="install">cp -iv /boot/;</userinput></screen>
260 <para>The kernel configuration file <filename>.config</filename>
261 produced by the <command>make menuconfig</command> step
262 above contains all the configuration selections for the kernel
263 that was just compiled. It is a good idea to keep this file for future
264 reference:</para>
266<screen><userinput remap="install">cp -iv .config /boot/config-&linux-version;</userinput></screen>
268 <para>Install the documentation for the Linux kernel:</para>
270<screen><userinput remap="install">install -d /usr/share/doc/linux-&linux-version;
271cp -r Documentation/* /usr/share/doc/linux-&linux-version;</userinput></screen>
273 <para>It is important to note that the files in the kernel source
274 directory are not owned by <emphasis>root</emphasis>. Whenever a
275 package is unpacked as user <emphasis>root</emphasis> (like we did
276 inside chroot), the files have the user and group IDs of whatever
277 they were on the packager's computer. This is usually not a problem
278 for any other package to be installed because the source tree is
279 removed after the installation. However, the Linux source tree is
280 often retained for a long time. Because of this, there is a chance
281 that whatever user ID the packager used will be assigned to somebody
282 on the machine. That person would then have write access to the kernel
283 source.</para>
285 <note>
286 <para>In many cases, the configuration of the kernel will need to be
287 updated for packages that will be installed later in BLFS. Unlike
288 other packages, it is not necessary to remove the kernel source tree
289 after the newly built kernel is installed.</para>
291 <para>If the kernel source tree is going to be retained, run
292 <command>chown -R 0:0</command> on the <filename
293 class="directory">linux-&linux-version;</filename> directory to ensure
294 all files are owned by user <emphasis>root</emphasis>.</para>
295 </note>
297 <warning>
298 <para>Some kernel documentation recommends creating a symlink from
299 <filename class="symlink">/usr/src/linux</filename> pointing to the kernel
300 source directory. This is specific to kernels prior to the 2.6 series and
301 <emphasis>must not</emphasis> be created on an LFS system as it can cause
302 problems for packages you may wish to build once your base LFS system is
303 complete.</para>
304 </warning>
306 <warning>
307 <para>The headers in the system's <filename
308 class="directory">include</filename> directory (<filename
309 class="directory">/usr/include</filename>) should
310 <emphasis>always</emphasis> be the ones against which Glibc was compiled,
311 that is, the sanitised headers installed in <xref
312 linkend="ch-system-linux-headers"/>. Therefore, they should
313 <emphasis>never</emphasis> be replaced by either the raw kernel headers
314 or any other kernel sanitized headers.</para>
315 </warning>
317 </sect2>
319 <sect2 id="conf-modprobe" role="configuration">
320 <title>Configuring Linux Module Load Order</title>
322 <indexterm zone="conf-modprobe">
323 <primary sortas="e-/etc/modprobe.d/usb.conf">/etc/modprobe.d/usb.conf</primary>
324 </indexterm>
326 <para>Most of the time Linux modules are loaded automatically, but
327 sometimes it needs some specific direction. The program that loads
328 modules, <command>modprobe</command> or <command>insmod</command>, uses
329 <filename>/etc/modprobe.d/usb.conf</filename> for this purpose. This file
330 needs to be created so that if the USB drivers (ehci_hcd, ohci_hcd and
331 uhci_hcd) have been built as modules, they will be loaded in the correct
332 order; ehci_hcd needs to be loaded prior to ohci_hcd and uhci_hcd in order
333 to avoid a warning being output at boot time.</para>
335 <para>Create a new file <filename>/etc/modprobe.d/usb.conf</filename> by running
336 the following:</para>
338<screen><userinput>install -v -m755 -d /etc/modprobe.d
339cat &gt; /etc/modprobe.d/usb.conf &lt;&lt; "EOF"
340<literal># Begin /etc/modprobe.d/usb.conf
342install ohci_hcd /sbin/modprobe ehci_hcd ; /sbin/modprobe -i ohci_hcd ; true
343install uhci_hcd /sbin/modprobe ehci_hcd ; /sbin/modprobe -i uhci_hcd ; true
345# End /etc/modprobe.d/usb.conf</literal>
348 </sect2>
350 <sect2 id="contents-kernel" role="content">
351 <title>Contents of Linux</title>
353 <segmentedlist>
354 <segtitle>Installed files</segtitle>
355 <segtitle>Installed directories</segtitle>
357 <seglistitem>
358 <seg>config-&linux-version;,
359 <phrase revision="sysv">vmlinuz-&linux-version;-lfs-&version;,</phrase>
360 <phrase revision="systemd">vmlinuz-&linux-version;-lfs-&versiond;,</phrase>
361 and;</seg>
362 <seg>/lib/modules, /usr/share/doc/linux-&linux-version;</seg>
363 </seglistitem>
364 </segmentedlist>
366 <variablelist>
367 <bridgehead renderas="sect3">Short Descriptions</bridgehead>
368 <?dbfo list-presentation="list"?>
369 <?dbhtml list-presentation="table"?>
371 <varlistentry id="config">
372 <term><filename>config-&linux-version;</filename></term>
373 <listitem>
374 <para>Contains all the configuration selections for the kernel</para>
375 <indexterm zone="ch-bootable-kernel config">
376 <primary sortas="e-/boot/config">/boot/config-&linux-version;</primary>
377 </indexterm>
378 </listitem>
379 </varlistentry>
381 <varlistentry id="lfskernel">
382 <term revision="sysv"><filename>vmlinuz-&linux-version;-lfs-&version;</filename></term>
383 <term revision="systemd"><filename>vmlinuz-&linux-version;-lfs-&versiond;</filename></term>
384 <listitem>
385 <para>The engine of the Linux system. When turning on the computer,
386 the kernel is the first part of the operating system that gets loaded.
387 It detects and initializes all components of the computer's hardware,
388 then makes these components available as a tree of files to the
389 software and turns a single CPU into a multitasking machine capable
390 of running scores of programs seemingly at the same time</para>
391 <indexterm zone="ch-bootable-kernel lfskernel">
392 <primary sortas="b-lfskernel">lfskernel-&linux-version;</primary>
393 </indexterm>
394 </listitem>
395 </varlistentry>
397 <varlistentry id="">
398 <term><filename>;</filename></term>
399 <listitem>
400 <para>A list of addresses and symbols; it maps the entry points and
401 addresses of all the functions and data structures in the
402 kernel</para>
403 <indexterm zone="ch-bootable-kernel">
404 <primary sortas="e-/boot/">/boot/;</primary>
405 </indexterm>
406 </listitem>
407 </varlistentry>
409 </variablelist>
411 </sect2>
Note: See TracBrowser for help on using the repository browser.