source: chapter08/kernel.xml@ f52ea4e

<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN" "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd" [
  <!ENTITY % general-entities SYSTEM "../general.ent">
  %general-entities;
]>
<sect1 id="ch-bootable-kernel" role="wrap">
<title>Linux-&linux-version;</title>
<?dbhtml filename="kernel.html"?>

<indexterm zone="ch-bootable-kernel"><primary sortas="a-Linux">Linux</primary></indexterm>

<sect2 role="package"><title/>
<para>The Linux package contains the kernel and the header files.</para>

<segmentedlist>
<segtitle>&buildtime;</segtitle>
<segtitle>&diskspace;</segtitle>
<seglistitem><seg>4.20 SBU</seg>
<seg>181 MB</seg></seglistitem>
</segmentedlist>

<segmentedlist>
<segtitle>Linux installation depends on</segtitle>
<seglistitem><seg>Bash, Binutils, Coreutils, Findutils,
GCC, Glibc, Grep, Gzip, Make, Modutils, Perl, and Sed</seg></seglistitem>
</segmentedlist>
</sect2>

<sect2 role="installation">
<title>Installation of the kernel</title>

<para>Building the kernel involves a few steps&mdash;configuration,
compilation, and installation. Read the <filename>README</filename>
file in the kernel source tree for alternate methods to the way this
book configures the kernel.</para>

<para>Kernel version 2.6.10 has a security vulnerability that will allow user
processes to gain root privledges upon loading of a kernel module.  See:
<ulink url="http://www.uwsg.iu.edu/hypermail/linux/kernel/0412.3/0679.html"/> for more information.  The following patch fixes this problem:</para>

<screen><userinput>patch -Np1 -i ../linux-&linux-version;-security_fix-1.patch</userinput></screen>

<para>Prepare for compilation by running the following command:</para>

<screen><userinput>make mrproper</userinput></screen>

<para>This ensures that the kernel tree is absolutely clean. The
kernel team recommends that this command be issued prior to each
kernel compilation. Do not rely on the source tree being clean after
un-tarring.</para>

<para>Also, ensure that the kernel does not attempt to pass
hotplugging events to userspace until userspace specifies that it is
ready:</para>

<screen><userinput>sed -i 's@/sbin/hotplug@/bin/true@' kernel/kmod.c</userinput></screen>

<para>If, in <xref linkend="ch-scripts-console" role=","/> it was decided to
compile the keymap into the kernel, issue the command below:</para>

<screen><userinput>loadkeys -m /usr/share/kbd/keymaps/<replaceable>[path to  keymap]</replaceable> &gt; \
    drivers/char/defkeymap.c</userinput></screen>

<para>For example, if using a Dutch keyboard, use
<phrase
condition="html"><filename>/usr/share/kbd/keymaps/i386/qwerty/nl.map.gz</filename></phrase><phrase
condition="pdf"><filename>/usr/share/kbd/keymaps/i386/
qwerty/nl.map.gz</filename></phrase>.</para>

<para>Configure the kernel via a menu-driven interface:</para>

<screen><userinput>make menuconfig</userinput></screen>

<para>Alternatively, <command>make oldconfig</command> may be more appropriate in some
situations. See the <filename>README</filename> file for more
information.</para>

<note><para>When configuring the kernel, be sure to enable the
<quote>Support for hot-pluggable devices</quote> option under the
<quote>General Setup</quote> menu. This enables hotplug events that
are used by <command>udev</command> to populate the <filename
class="directory">/dev</filename> directory with device
nodes.</para></note>

<para>If desired, skip kernel configuration by copying the kernel
config file, <filename>.config</filename>, from the host system
(assuming it is available) to the unpacked <filename
class="directory">linux-&linux-version;</filename> directory. However,
we do not recommend this option. It is often better to explore all the
configuration menus and create the kernel configuration from
scratch.</para>

<para>For POSIX-shared memory support, ensure that the kernel config
option <quote>Virtual memory file system support</quote> is enabled.
It resides within the <quote>File systems</quote> menu and is normally
enabled by default.</para>

<para>LFS bootscripts make the assumption that either both
<quote>Support for Host-side USB</quote> and <quote>USB device
filesystem</quote> have been compiled directly into the kernel, or
that neither is compiled at all.  Bootscripts will not work properly
if it is a module (usbcore.ko).</para>

<note><para>NPTL requires the kernel to be compiled with GCC 3.x, in
this case &gcc-version;. Compiling with 2.95.x is known to cause failures in
the glibc test suite, so it is not recommended to compile the kernel
with gcc 2.95.x.</para></note>

<para>Compile the kernel image and modules:</para>

<screen><userinput>make</userinput></screen>

<para>If using kernel modules, an
<filename>/etc/modprobe.conf</filename> file may be needed.
Information pertaining to modules and kernel configuration is
located in the kernel documentation in the <filename
class="directory">linux-&linux-version;/Documentation</filename>
directory. The <emphasis>modprobe.conf</emphasis> man page may also be
of interest.</para>

<para>Be very careful when reading other documentation because it
usually applies to 2.4.x kernels only. As far as we know, kernel
configuration issues specific to Hotplug and Udev are not documented.
The problem is that Udev will create a device node only if Hotplug or
a user-written script inserts the corresponding module into the
kernel, and not all modules are detectable by Hotplug. Note that
statements like the one below in the
<filename>/etc/modprobe.conf</filename> file do not work with
Udev:</para>

<para><screen>alias char-major-XXX some-module</screen></para>

<para>Because of the complications with Hotplug, Udev, and modules, we
strongly recommend starting with a completely non-modular kernel
configuration, especially if this is the first time using Udev.</para>

<para>Install the modules, if the kernel configuration uses them:</para>

<screen><userinput>make modules_install</userinput></screen>

<para>If there are many modules and very little space, consider
stripping and compressing the modules. For most users, such
compression is not worth the time, but if the system is pressed for
space, see <ulink
url="http://www.linux-mips.org/archives/linux-mips/2002-04/msg00031.html"/>.</para>

<para>After kernel compilation is complete, additional steps are
required to complete the installation. Some files need to be copied to
the <filename class="directory">/boot</filename> directory.</para>

<para>The path to the kernel image may vary depending on the platform
being used. Issue the following command to install the kernel:</para>

<screen><userinput>cp arch/i386/boot/bzImage /boot/lfskernel-&linux-version;</userinput></screen>

<para><filename>System.map</filename> is a symbol file for the kernel.
It maps the function entry points of every function in the kernel API,
as well as the addresses of the kernel data structures for the running
kernel. Issue the following command to install the map file:</para>

<screen><userinput>cp System.map /boot/System.map-&linux-version;</userinput></screen>

<para>The kernel configuration file <filename>.config</filename>
produced by the <command>make menuconfig</command> step
above contains all the configuration selections for the kernel
that was just compiled. It is a good idea to keep this file for future
reference:</para>

<screen><userinput>cp .config /boot/config-&linux-version;</userinput></screen>

<para>It is important to note that the files in the kernel source
directory are not owned by <emphasis>root</emphasis>. Whenever a
package is unpacked as user <emphasis>root</emphasis> (like we did
inside chroot), the files have the user and group IDs of whatever
they were on the packager's computer. This is usually not a problem
for any other package to be installed because the source tree is
removed after the installation. However, the Linux source tree is
often retained for a long time.  Because of this, there is a chance
that whatever user ID the packager used will be assigned to somebody
on the machine. That person would then have write access to the kernel
source.</para>

<para>If the kernel source tree is going to retained, run
<command>chown -R 0:0</command> on the <filename
class="directory">linux-&linux-version;</filename> directory to ensure
all files are owned by user <emphasis>root</emphasis>.</para>
</sect2>


<sect2 id="contents-kernel" role="content"><title>Contents of Linux</title>

<segmentedlist>
<segtitle>Installed files</segtitle>
<seglistitem><seg>kernel, kernel headers,
and System.map</seg></seglistitem>
</segmentedlist>

<variablelist><bridgehead renderas="sect3">Short Descriptions</bridgehead>
<?dbfo list-presentation="list"?>

<varlistentry id="kernel">
<term><filename>kernel</filename></term>
<listitem>
<para>The engine of the Linux system. When turning on the computer,
the kernel is the first part of the operating system that gets loaded.
It detects and initializes all components of the computer's hardware,
then makes these components available as a tree of files to the
software and turns a single CPU into a multitasking machine capable
of running scores of programs seemingly at the same time.</para>
<indexterm zone="ch-bootable-kernel kernel"><primary sortas="b-kernel">kernel</primary></indexterm>
</listitem>
</varlistentry>

<varlistentry id="kernel-headers">
<term><filename>kernel headers</filename></term>
<listitem>
<para>Defines the interface to the services that the kernel provides.
The headers in the system's <filename
class="directory">include</filename> directory should
<emphasis>always</emphasis> be the ones against which Glibc was
compiled and therefore, should <emphasis>not</emphasis> be replaced
when upgrading the kernel.</para>
<indexterm zone="ch-bootable-kernel kernel-headers"><primary sortas="e-kernel-headers">kernel headers</primary></indexterm>
</listitem>
</varlistentry>

<varlistentry id="System.map">
<term><filename>System.map</filename></term>
<listitem>
<para>A list of addresses and symbols; it maps the entry points and
addresses of all the functions and data structures in the
kernel</para>
<indexterm zone="ch-bootable-kernel System.map"><primary sortas="e-/boot/System.map">/boot/System.map</primary></indexterm>
</listitem>
</varlistentry>
</variablelist>

</sect2>

</sect1>