source: chapter10/kernel.xml@ 1b61cd1

xry111/arm64 xry111/arm64-12.0
Last change on this file since 1b61cd1 was 1b61cd1, checked in by Xi Ruoyao <xry111@…>, 13 months ago

Merge remote-tracking branch 'origin/trunk' into xry111/arm64
  • Property mode set to 100644
File size: 23.4 KB
Line 
1<?xml version="1.0" encoding="ISO-8859-1"?>
2<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3 "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4 <!ENTITY % general-entities SYSTEM "../general.ent">
5 %general-entities;
6]>
7
8<sect1 id="ch-bootable-kernel" role="wrap">
9 <?dbhtml filename="kernel.html"?>
10
11 <sect1info condition="script">
12 <productname>kernel</productname>
13 <productnumber>&linux-version;</productnumber>
14 <address>&linux-url;</address>
15 </sect1info>
16
17 <title>Linux-&linux-version;</title>
18
19 <indexterm zone="ch-bootable-kernel">
20 <primary sortas="a-Linux">Linux</primary>
21 </indexterm>
22
23 <sect2 role="package">
24 <title/>
25
26 <para>The Linux package contains the Linux kernel.</para>
27
28 <segmentedlist>
29 <segtitle>&buildtime;</segtitle>
30 <segtitle>&diskspace;</segtitle>
31
32 <seglistitem>
33 <seg>&linux-knl-sbu;</seg>
34 <seg>&linux-knl-du;</seg>
35 </seglistitem>
36 </segmentedlist>
37
38 </sect2>
39
40 <sect2 role="installation">
41 <title>Installation of the kernel</title>
42
43 <para>Building the kernel involves a few steps&mdash;configuration,
44 compilation, and installation. Read the <filename>README</filename> file
45 in the kernel source tree for alternative methods to the way this book
46 configures the kernel.</para>
47
48 <important>
49 <para>
50 Building the linux kernel for the first time is one of the most
51 challenging tasks in LFS. Getting it right depends on the specific
52 hardware for the target system and your specific needs. There are
53 almost 12,000 configuration items that are available for the kernel
54 although only about a third of them are needed for most computers. The
55 LFS editors recommend that users not familiar with this process follow
56 the procedures below fairly closely. The objective is to get an
57 initial system to a point where you can log in at the command line when
58 you reboot later in <xref linkend="ch-finish-reboot"/>. At his point
59 optimization and customization is not a goal.
60 </para>
61
62
63 <para>
64 For general information on kernel configuration see <ulink
65 url="&hints-root;kernel-configuration.txt"/>. Additional information
66 about configuring and building the kernel can be found at <ulink
67 url="&anduin-sources;/kernel-nutshell/"/>.
68 These references are a bit
69 dated, but still give a reasonable overview of the process.
70 </para>
71
72 <para>
73 If all else fails, you can ask for help on the <ulink
74 url="https://www.linuxfromscratch.org/mail.html">lfs-support</ulink>
75 mailing list. Note that subscribing is required in order for the list
76 to avoid spam.
77 </para>
78 </important>
79
80 <para>Prepare for compilation by running the following command:</para>
81
82<screen><userinput remap="pre">make mrproper</userinput></screen>
83
84 <para>This ensures that the kernel tree is absolutely clean. The
85 kernel team recommends that this command be issued prior to each
86 kernel compilation. Do not rely on the source tree being clean after
87 un-tarring.</para>
88
89 <para>There are several ways to configure the kernel options. Usually,
90 This is done through a menu-driven interface, for example:</para>
91
92<screen role="nodump"><userinput>make menuconfig</userinput></screen>
93
94 <variablelist>
95 <title>The meaning of optional make environment variables:</title>
96
97 <varlistentry>
98 <term><parameter>LANG=&lt;host_LANG_value&gt; LC_ALL=</parameter></term>
99 <listitem>
100 <para>This establishes the locale setting to the one used on the
101 host. This may be needed for a proper menuconfig ncurses interface
102 line drawing on a UTF-8 linux text console.</para>
103
104 <para>If used, be sure to replace
105 <replaceable>&lt;host_LANG_value&gt;</replaceable> by the value of
106 the <envar>$LANG</envar> variable from your host. You can
107 alternatively use instead the host's value of <envar>$LC_ALL</envar>
108 or <envar>$LC_CTYPE</envar>.</para>
109 </listitem>
110 </varlistentry>
111
112 <varlistentry>
113 <term><command>make menuconfig</command></term>
114 <listitem>
115 <para>This launches an ncurses menu-driven interface. For other
116 (graphical) interfaces, type <command>make help</command>.</para>
117 </listitem>
118 </varlistentry>
119 </variablelist>
120
121 <!-- Support for compiling a keymap into the kernel is deliberately removed -->
122
123
124 <note>
125 <para>A good starting place for setting up the kernel configuration is to
126 run <command>make defconfig</command>. This will set the base
127 configuration to a good state that takes your current system architecture
128 into account.</para>
129
130 <para>Be sure to enable/disable/set the following features or the system might
131 not work correctly or boot at all:</para>
132
133 <screen role="nodump" revision="sysv">Processor type and features ---&gt;
134 [*] Build a relocatable kernel [CONFIG_RELOCATABLE]
135 [*] Randomize the address of the kernel image (KASLR) [CONFIG_RANDOMIZE_BASE]
136General setup ---&gt;
137 [ ] Compile the kernel with warnings as errors [CONFIG_WERROR]
138 &lt; &gt; Enable kernel headers through /sys/kernel/kheaders.tar.xz [CONFIG_IKHEADERS]
139 [ ] Configure standard kernel features (expert users) [CONFIG_EXPERT]
140General architecture-dependent options ---&gt;
141 [*] Stack Protector buffer overflow detection [CONFIG_STACKPROTECTOR]
142 [*] Strong Stack Protector [CONFIG_STACKPROTECTOR_STRONG]
143Device Drivers ---&gt;
144 Firmware Drivers ---&gt;
145 EFI (Extensible Firmware Interface) Support ---&gt;
146 [*] Enable the generic EFI decompressor [CONFIG_EFI_ZBOOT]
147 Graphics support ---&gt;
148 Frame buffer Devices ---&gt;
149 &lt;*&gt; Support for frame buffer devices ---&gt;
150 Console display driver support ---&gt;
151 [*] Framebuffer Console support [CONFIG_FRAMEBUFFER_CONSOLE]
152 Generic Driver Options ---&gt;
153 [ ] Support for uevent helper [CONFIG_UEVENT_HELPER]
154 [*] Maintain a devtmpfs filesystem to mount at /dev [CONFIG_DEVTMPFS]
155 [*] Automount devtmpfs at /dev, after the kernel mounted the rootfs [CONFIG_DEVTMPFS_MOUNT]</screen>
156
157 <screen role="nodump" revision="systemd">Processor type and features ---&gt;
158 [*] Build a relocatable kernel [CONFIG_RELOCATABLE]
159 [*] Randomize the address of the kernel image (KASLR) [CONFIG_RANDOMIZE_BASE]
160General setup ---&gt;
161 [ ] Compile the kernel with warnings as errors [CONFIG_WERROR]
162 [ ] Auditing Support [CONFIG_AUDIT]
163 CPU/Task time and stats accounting ---&gt;
164 [*] Pressure stall information tracking [CONFIG_PSI]
165 [ ] Require boot parameter to enable pressure stall information tracking [CONFIG_PSI_DEFAULT_DISABLED]
166 &lt; &gt; Enable kernel headers through /sys/kernel/kheaders.tar.xz [CONFIG_IKHEADERS]
167 [*] Control Group support [CONFIG_CGROUPS] ---&gt;
168 [*] Memory controller [CONFIG_MEMCG]
169 [ ] Enable deprecated sysfs features to support old userspace tools [CONFIG_SYSFS_DEPRECATED]
170 [ ] Configure standard kernel features (expert users) [CONFIG_EXPERT]
171General architecture-dependent options ---&gt;
172 [*] Enable seccomp to safely compute untrusted bytecode [CONFIG_SECCOMP]
173 [*] Stack Protector buffer overflow detection [CONFIG_STACKPROTECTOR]
174 [*] Strong Stack Protector [CONFIG_STACKPROTECTOR_STRONG]
175Networking support ---&gt;
176 Networking options ---&gt;
177 &lt;*&gt; The IPv6 protocol [CONFIG_IPV6]
178Device Drivers ---&gt;
179 Generic Driver Options ---&gt;
180 [ ] Support for uevent helper [CONFIG_UEVENT_HELPER]
181 [*] Maintain a devtmpfs filesystem to mount at /dev [CONFIG_DEVTMPFS]
182 [*] Automount devtmpfs at /dev, after the kernel mounted the rootfs [CONFIG_DEVTMPFS_MOUNT]
183 Firmware Loader ---&gt;
184 [ ] Enable the firmware sysfs fallback mechanism [CONFIG_FW_LOADER_USER_HELPER]
185 Firmware Drivers ---&gt;
186 [*] Export DMI identification via sysfs to userspace [CONFIG_DMIID]
187 EFI (Extensible Firmware Interface) Support ---&gt;
188 [*] Enable the generic EFI decompressor [CONFIG_EFI_ZBOOT]
189 Graphics support ---&gt;
190 Frame buffer Devices ---&gt;
191 &lt;*&gt; Support for frame buffer devices ---&gt;
192 Console display driver support ---&gt;
193 [*] Framebuffer Console support [CONFIG_FRAMEBUFFER_CONSOLE]
194File systems ---&gt;
195 [*] Inotify support for userspace [CONFIG_INOTIFY_USER]
196 Pseudo filesystems ---&gt;
197 [*] Tmpfs POSIX Access Control Lists [CONFIG_TMPFS_POSIX_ACL]</screen>
198
199 <para>If the partition for the LFS system is in a NVME SSD (i. e. the
200 device node for the partition is <filename>/dev/nvme*</filename>
201 instead of <filename>/dev/sd*</filename>), enable NVME support or
202 the LFS system won't boot:</para>
203
204 <screen role="nodump">Device Drivers ---&gt;
205 NVME Support ---&gt;
206 &lt;*&gt; NVM Express block device [CONFIG_BLK_DEV_NVME]</screen>
207 </note>
208
209 <note revision="systemd">
210 <para>While "The IPv6 Protocol" is not strictly
211 required, it is highly recommended by the systemd developers.</para>
212 </note>
213
214 <para>There are several other options that may be desired
215 depending on the requirements for the system. For a list of options needed
216 for BLFS packages, see the <ulink
217 url="&lfs-root;blfs/view/&short-version;/longindex.html#kernel-config-index">BLFS
218 Index of Kernel Settings</ulink>.</para>
219
220 <note>
221 <para>If your host hardware is using UEFI and you wish to boot the
222 LFS system with it, you should adjust some kernel configuration
223 following <ulink url="&blfs-book;postlfs/grub-setup.html#uefi-kernel">
224 the BLFS page</ulink> <emphasis role='bold'>even if you'll use the
225 UEFI bootloader from the host distro</emphasis>.</para>
226 </note>
227
228 <variablelist>
229 <title>The rationale for the above configuration items:</title>
230
231 <varlistentry>
232 <term><parameter>Randomize the address of the kernel image (KASLR)</parameter></term>
233 <listitem>
234 <para>Enable ASLR for kernel image, to mitigate some attacks based
235 on fixed addresses of sensitive data or code in the kernel.</para>
236 </listitem>
237 </varlistentry>
238
239 <varlistentry>
240 <term>
241 <parameter>
242 Compile the kernel with warnings as errors
243 </parameter>
244 </term>
245 <listitem>
246 <para>This may cause building failure if the compiler and/or
247 configuration are different from those of the kernel
248 developers.</para>
249 </listitem>
250 </varlistentry>
251
252 <varlistentry>
253 <term>
254 <parameter>
255 Enable kernel headers through /sys/kernel/kheaders.tar.xz
256 </parameter>
257 </term>
258 <listitem>
259 <para>This will require <command>cpio</command> building the kernel.
260 <command>cpio</command> is not installed by LFS.</para>
261 </listitem>
262 </varlistentry>
263
264 <varlistentry>
265 <term>
266 <parameter>
267 Configure standard kernel features (expert users)
268 </parameter>
269 </term>
270 <listitem>
271 <para>This will make some options show up in the configuration
272 interface but changing those options may be dangerous. Do not use
273 this unless you know what you are doing.</para>
274 </listitem>
275 </varlistentry>
276
277 <varlistentry>
278 <term><parameter>Strong Stack Protector</parameter></term>
279 <listitem>
280 <para>Enable SSP for the kernel. We've enabled it for the entire
281 userspace with <parameter>--enable-default-ssp</parameter>
282 configuring GCC, but the kernel does not use GCC default setting
283 for SSP. We enable it explicitly here.</para>
284 </listitem>
285 </varlistentry>
286
287 <varlistentry>
288 <term><parameter>Support for uevent helper</parameter></term>
289 <listitem>
290 <para>Having this option set may interfere with device
291 management when using Udev/Eudev. </para>
292 </listitem>
293 </varlistentry>
294
295 <varlistentry>
296 <term><parameter>Maintain a devtmpfs</parameter></term>
297 <listitem>
298 <para>This will create automated device nodes which are populated by the
299 kernel, even without Udev running. Udev then runs on top of this,
300 managing permissions and adding symlinks. This configuration
301 item is required for all users of Udev/Eudev.</para>
302 </listitem>
303 </varlistentry>
304
305 <varlistentry>
306 <term><parameter>Automount devtmpfs at /dev</parameter></term>
307 <listitem>
308 <para>This will mount the kernel view of the devices on /dev
309 upon switching to root filesystem just before starting
310 init.</para>
311 </listitem>
312 </varlistentry>
313
314 <varlistentry>
315 <term><parameter>Enable the generic EFI decompressor</parameter></term>
316 <listitem>
317 <para>Create the bootable image as an EFI application that carries
318 the actual kernel image in compressed form. It can make the
319 bootable image 50% smaller.</para>
320 </listitem>
321 </varlistentry>
322
323 <varlistentry>
324 <term><parameter>Framebuffer Console support</parameter></term>
325 <listitem>
326 <para>This is needed to display the Linux console on a frame
327 buffer device. To allow the kernel to print debug messages at an
328 early boot stage, it shouldn't be built as a kernel module
329 unless an initramfs will be used. And, if
330 <option>CONFIG_DRM</option> (Direct Rendering Manager) is enabled,
331 it's likely <option>CONFIG_DRM_FBDEV_EMULATION</option> (Enable
332 legacy fbdev support for your modesetting driver) should be
333 enabled as well.</para>
334 </listitem>
335 </varlistentry>
336
337 </variablelist>
338
339 <para>Alternatively, <command>make oldconfig</command> may be more
340 appropriate in some situations. See the <filename>README</filename>
341 file for more information.</para>
342
343 <para>If desired, skip kernel configuration by copying the kernel
344 config file, <filename>.config</filename>, from the host system
345 (assuming it is available) to the unpacked <filename
346 class="directory">linux-&linux-version;</filename> directory. However,
347 we do not recommend this option. It is often better to explore all the
348 configuration menus and create the kernel configuration from
349 scratch.</para>
350
351 <para>Compile the kernel image and modules:</para>
352
353<screen><userinput remap="make">make</userinput></screen>
354
355 <para>If using kernel modules, module configuration in <filename
356 class="directory">/etc/modprobe.d</filename> may be required.
357 Information pertaining to modules and kernel configuration is
358 located in <xref linkend="ch-config-udev"/> and in the kernel
359 documentation in the <filename
360 class="directory">linux-&linux-version;/Documentation</filename> directory.
361 Also, <filename>modprobe.d(5)</filename> may be of interest.</para>
362
363 <para>Unless module support has been disabled in the kernel configuration,
364 install the modules with:</para>
365
366<screen><userinput remap="install">make modules_install</userinput></screen>
367
368 <para>After kernel compilation is complete, additional steps are
369 required to complete the installation. Some files need to be copied to
370 the <filename class="directory">/boot</filename> directory.</para>
371
372 <caution>
373 <para>If you've decided to use a separate &boot-dir; partition for the
374 LFS system (maybe sharing a &boot-dir; partition with the host
375 distro) , the files copied below should go there. The easiest way to
376 do that is to create the entry for &boot-dir; in &fstab; first (read
377 the previous section for details), then issue the following command
378 as the &root; user in the
379 <emphasis>chroot environment</emphasis>:</para>
380
381<screen role="nodump"><userinput>mount /boot</userinput></screen>
382
383 <para>The path to the device node is omitted in the command because
384 <command>mount</command> can read it from &fstab;.</para>
385 </caution>
386
387 <para>The path to the kernel image may vary depending on the platform being
388 used. The filename below can be changed to suit your taste, but the stem of
389 the filename should be <emphasis>vmlinuz</emphasis> to be compatible with
390 the automatic setup of the boot process described in the next section. The
391 following command assumes an ARM64 architecture with an EFI boot loader
392 (for example, GRUB built in &ch-final;):</para>
393
394<screen><userinput remap="install">cp -iv arch/arm64/boot/vmlinuz.efi /boot/vmlinuz-&linux-version;-lfs-&version;</userinput></screen>
395
396 <para><filename>System.map</filename> is a symbol file for the kernel.
397 It maps the function entry points of every function in the kernel API,
398 as well as the addresses of the kernel data structures for the running
399 kernel. It is used as a resource when investigating kernel problems.
400 Issue the following command to install the map file:</para>
401
402<screen><userinput remap="install">cp -iv System.map /boot/System.map-&linux-version;</userinput></screen>
403
404 <para>The kernel configuration file <filename>.config</filename>
405 produced by the <command>make menuconfig</command> step
406 above contains all the configuration selections for the kernel
407 that was just compiled. It is a good idea to keep this file for future
408 reference:</para>
409
410<screen><userinput remap="install">cp -iv .config /boot/config-&linux-version;</userinput></screen>
411
412 <para>Install the documentation for the Linux kernel:</para>
413
414<screen><userinput remap="install">install -d /usr/share/doc/linux-&linux-version;
415cp -r Documentation/* /usr/share/doc/linux-&linux-version;</userinput></screen>
416
417 <para>It is important to note that the files in the kernel source
418 directory are not owned by <emphasis>root</emphasis>. Whenever a
419 package is unpacked as user <emphasis>root</emphasis> (like we did
420 inside chroot), the files have the user and group IDs of whatever
421 they were on the packager's computer. This is usually not a problem
422 for any other package to be installed because the source tree is
423 removed after the installation. However, the Linux source tree is
424 often retained for a long time. Because of this, there is a chance
425 that whatever user ID the packager used will be assigned to somebody
426 on the machine. That person would then have write access to the kernel
427 source.</para>
428
429 <note>
430 <para>In many cases, the configuration of the kernel will need to be
431 updated for packages that will be installed later in BLFS. Unlike
432 other packages, it is not necessary to remove the kernel source tree
433 after the newly built kernel is installed.</para>
434
435 <para>If the kernel source tree is going to be retained, run
436 <command>chown -R 0:0</command> on the <filename
437 class="directory">linux-&linux-version;</filename> directory to ensure
438 all files are owned by user <emphasis>root</emphasis>.</para>
439 </note>
440
441 <warning>
442 <para>Some kernel documentation recommends creating a symlink from
443 <filename class="symlink">/usr/src/linux</filename> pointing to the kernel
444 source directory. This is specific to kernels prior to the 2.6 series and
445 <emphasis>must not</emphasis> be created on an LFS system as it can cause
446 problems for packages you may wish to build once your base LFS system is
447 complete.</para>
448 </warning>
449
450 <warning>
451 <para>The headers in the system's <filename
452 class="directory">include</filename> directory (<filename
453 class="directory">/usr/include</filename>) should
454 <emphasis>always</emphasis> be the ones against which Glibc was compiled,
455 that is, the sanitised headers installed in <xref
456 linkend="ch-tools-linux-headers"/>. Therefore, they should
457 <emphasis>never</emphasis> be replaced by either the raw kernel headers
458 or any other kernel sanitized headers.</para>
459 </warning>
460
461 </sect2>
462
463 <sect2 id="conf-modprobe" role="configuration">
464 <title>Configuring Linux Module Load Order</title>
465
466 <indexterm zone="conf-modprobe">
467 <primary sortas="e-/etc/modprobe.d/usb.conf">/etc/modprobe.d/usb.conf</primary>
468 </indexterm>
469
470 <para>Most of the time Linux modules are loaded automatically, but
471 sometimes it needs some specific direction. The program that loads
472 modules, <command>modprobe</command> or <command>insmod</command>, uses
473 <filename>/etc/modprobe.d/usb.conf</filename> for this purpose. This file
474 needs to be created so that if the USB drivers (ehci_hcd, ohci_hcd and
475 uhci_hcd) have been built as modules, they will be loaded in the correct
476 order; ehci_hcd needs to be loaded prior to ohci_hcd and uhci_hcd in order
477 to avoid a warning being output at boot time.</para>
478
479 <para>Create a new file <filename>/etc/modprobe.d/usb.conf</filename> by running
480 the following:</para>
481
482<screen><userinput>install -v -m755 -d /etc/modprobe.d
483cat &gt; /etc/modprobe.d/usb.conf &lt;&lt; "EOF"
484<literal># Begin /etc/modprobe.d/usb.conf
485
486install ohci_hcd /sbin/modprobe ehci_hcd ; /sbin/modprobe -i ohci_hcd ; true
487install uhci_hcd /sbin/modprobe ehci_hcd ; /sbin/modprobe -i uhci_hcd ; true
488
489# End /etc/modprobe.d/usb.conf</literal>
490EOF</userinput></screen>
491
492 </sect2>
493
494 <sect2 id="contents-kernel" role="content">
495 <title>Contents of Linux</title>
496
497 <segmentedlist>
498 <segtitle>Installed files</segtitle>
499 <segtitle>Installed directories</segtitle>
500
501 <seglistitem>
502 <seg>config-&linux-version;,
503 vmlinuz-&linux-version;-lfs-&version;,
504 and System.map-&linux-version;</seg>
505 <seg>/lib/modules, /usr/share/doc/linux-&linux-version;</seg>
506 </seglistitem>
507 </segmentedlist>
508
509 <variablelist>
510 <bridgehead renderas="sect3">Short Descriptions</bridgehead>
511 <?dbfo list-presentation="list"?>
512 <?dbhtml list-presentation="table"?>
513
514 <varlistentry id="config">
515 <term><filename>config-&linux-version;</filename></term>
516 <listitem>
517 <para>Contains all the configuration selections for the kernel</para>
518 <indexterm zone="ch-bootable-kernel config">
519 <primary sortas="e-/boot/config">/boot/config-&linux-version;</primary>
520 </indexterm>
521 </listitem>
522 </varlistentry>
523
524 <varlistentry id="lfskernel">
525 <term><filename>vmlinuz-&linux-version;-lfs-&version;</filename></term>
526 <listitem>
527 <para>The engine of the Linux system. When turning on the computer,
528 the kernel is the first part of the operating system that gets loaded.
529 It detects and initializes all components of the computer's hardware,
530 then makes these components available as a tree of files to the
531 software and turns a single CPU into a multitasking machine capable
532 of running scores of programs seemingly at the same time</para>
533 <indexterm zone="ch-bootable-kernel lfskernel">
534 <primary sortas="b-lfskernel">lfskernel-&linux-version;</primary>
535 </indexterm>
536 </listitem>
537 </varlistentry>
538
539 <varlistentry id="System.map">
540 <term><filename>System.map-&linux-version;</filename></term>
541 <listitem>
542 <para>A list of addresses and symbols; it maps the entry points and
543 addresses of all the functions and data structures in the
544 kernel</para>
545 <indexterm zone="ch-bootable-kernel System.map">
546 <primary sortas="e-/boot/System.map">/boot/System.map-&linux-version;</primary>
547 </indexterm>
548 </listitem>
549 </varlistentry>
550
551 </variablelist>
552
553 </sect2>
554
555</sect1>
Note: See TracBrowser for help on using the repository browser.