source: chapter10/kernel.xml@ 39d9ed8

Last change on this file since 39d9ed8 was 39d9ed8, checked in by Xi Ruoyao <xry111@…>, 6 months ago

Merge remote-tracking branch 'origin/trunk' into xry111/clfs-ng

  • Property mode set to 100644
File size: 24.2 KB
1<?xml version="1.0" encoding="ISO-8859-1"?>
2<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3 "" [
4 <!ENTITY % general-entities SYSTEM "../general.ent">
5 %general-entities;
8<sect1 id="ch-bootable-kernel" role="wrap">
9 <?dbhtml filename="kernel.html"?>
11 <sect1info condition="script">
12 <productname>kernel</productname>
13 <productnumber>&linux-version;</productnumber>
14 <address>&linux-url;</address>
15 </sect1info>
17 <title>Linux-&linux-version;</title>
19 <indexterm zone="ch-bootable-kernel">
20 <primary sortas="a-Linux">Linux</primary>
21 </indexterm>
23 <sect2 role="package">
24 <title/>
26 <para>The Linux package contains the Linux kernel.</para>
28 <segmentedlist>
29 <segtitle>&buildtime;</segtitle>
30 <segtitle>&diskspace;</segtitle>
32 <seglistitem>
33 <seg>&linux-knl-sbu;</seg>
34 <seg>&linux-knl-du;</seg>
35 </seglistitem>
36 </segmentedlist>
38 </sect2>
40 <sect2 role="installation">
41 <title>Installation of the kernel</title>
43 <para>Building the kernel involves a few steps&mdash;configuration,
44 compilation, and installation. Read the <filename>README</filename> file
45 in the kernel source tree for alternative methods to the way this book
46 configures the kernel.</para>
48 <important>
49 <para>
50 Building the linux kernel for the first time is one of the most
51 challenging tasks in LFS. Getting it right depends on the specific
52 hardware for the target system and your specific needs. There are
53 almost 12,000 configuration items that are available for the kernel
54 although only about a third of them are needed for most computers. The
55 LFS editors recommend that users not familiar with this process follow
56 the procedures below fairly closely. The objective is to get an
57 initial system to a point where you can log in at the command line when
58 you reboot later in <xref linkend="ch-finish-reboot"/>. At his point
59 optimization and customization is not a goal.
60 </para>
63 <para>
64 For general information on kernel configuration see <ulink
65 url="&hints-root;kernel-configuration.txt"/>. Additional information
66 about configuring and building the kernel can be found at <ulink
67 url="&anduin-sources;/kernel-nutshell/"/>.
68 These references are a bit
69 dated, but still give a reasonable overview of the process.
70 </para>
72 <para>
73 If all else fails, you can ask for help on the <ulink
74 url="">lfs-support</ulink>
75 mailing list. Note that subscribing is required in order for the list
76 to avoid spam.
77 </para>
78 </important>
80 <para>Prepare for compilation by running the following command:</para>
82<screen><userinput remap="pre">make mrproper</userinput></screen>
84 <para>This ensures that the kernel tree is absolutely clean. The
85 kernel team recommends that this command be issued prior to each
86 kernel compilation. Do not rely on the source tree being clean after
87 un-tarring.</para>
89 <para>There are several ways to configure the kernel options. Usually,
90 This is done through a menu-driven interface, for example:</para>
92<screen role="nodump"><userinput>make menuconfig</userinput></screen>
94 <variablelist>
95 <title>The meaning of optional make environment variables:</title>
97 <varlistentry>
98 <term><parameter>LANG=&lt;host_LANG_value&gt; LC_ALL=</parameter></term>
99 <listitem>
100 <para>This establishes the locale setting to the one used on the
101 host. This may be needed for a proper menuconfig ncurses interface
102 line drawing on a UTF-8 linux text console.</para>
104 <para>If used, be sure to replace
105 <replaceable>&lt;host_LANG_value&gt;</replaceable> by the value of
106 the <envar>$LANG</envar> variable from your host. You can
107 alternatively use instead the host's value of <envar>$LC_ALL</envar>
108 or <envar>$LC_CTYPE</envar>.</para>
109 </listitem>
110 </varlistentry>
112 <varlistentry>
113 <term><command>make menuconfig</command></term>
114 <listitem>
115 <para>This launches an ncurses menu-driven interface. For other
116 (graphical) interfaces, type <command>make help</command>.</para>
117 </listitem>
118 </varlistentry>
119 </variablelist>
121 <!-- Support for compiling a keymap into the kernel is deliberately removed -->
124 <note>
125 <para>A good starting place for setting up the kernel configuration is to
126 run <command>make defconfig</command>. This will set the base
127 configuration to a good state that takes your current system architecture
128 into account.</para>
130 <para>Be sure to enable/disable/set the following features or the system might
131 not work correctly or boot at all:</para>
133 <screen role="nodump" revision="sysv">Processor type and features ---&gt;
134 [*] Build a relocatable kernel [CONFIG_RELOCATABLE]
135 [*] Randomize the address of the kernel image (KASLR) [CONFIG_RANDOMIZE_BASE]
136General setup ---&gt;
137 [ ] Compile the kernel with warnings as errors [CONFIG_WERROR]
138 &lt; &gt; Enable kernel headers through /sys/kernel/kheaders.tar.xz [CONFIG_IKHEADERS]
139 [ ] Configure standard kernel features (expert users) [CONFIG_EXPERT]
140General architecture-dependent options ---&gt;
141 [*] Stack Protector buffer overflow detection [CONFIG_STACKPROTECTOR]
142 [*] Strong Stack Protector [CONFIG_STACKPROTECTOR_STRONG]
143Device Drivers ---&gt;
144 Graphics support ---&gt;
145 Frame buffer Devices ---&gt;
146 &lt;*&gt; Support for frame buffer devices ---&gt;
147 Console display driver support ---&gt;
148 [*] Framebuffer Console support [CONFIG_FRAMEBUFFER_CONSOLE]
149 Generic Driver Options ---&gt;
150 [ ] Support for uevent helper [CONFIG_UEVENT_HELPER]
151 [*] Maintain a devtmpfs filesystem to mount at /dev [CONFIG_DEVTMPFS]
152 [*] Automount devtmpfs at /dev, after the kernel mounted the rootfs [CONFIG_DEVTMPFS_MOUNT]</screen>
154 <screen role="nodump" revision="systemd">Processor type and features ---&gt;
155 [*] Build a relocatable kernel [CONFIG_RELOCATABLE]
156 [*] Randomize the address of the kernel image (KASLR) [CONFIG_RANDOMIZE_BASE]
157General setup ---&gt;
158 [ ] Compile the kernel with warnings as errors [CONFIG_WERROR]
159 [ ] Auditing Support [CONFIG_AUDIT]
160 CPU/Task time and stats accounting ---&gt;
161 [*] Pressure stall information tracking [CONFIG_PSI]
162 [ ] Require boot parameter to enable pressure stall information tracking [CONFIG_PSI_DEFAULT_DISABLED]
163 &lt; &gt; Enable kernel headers through /sys/kernel/kheaders.tar.xz [CONFIG_IKHEADERS]
164 [*] Control Group support [CONFIG_CGROUPS] ---&gt;
165 [*] Memory controller [CONFIG_MEMCG]
166 [ ] Enable deprecated sysfs features to support old userspace tools [CONFIG_SYSFS_DEPRECATED]
167 [ ] Configure standard kernel features (expert users) [CONFIG_EXPERT]
168General architecture-dependent options ---&gt;
169 [*] Enable seccomp to safely compute untrusted bytecode [CONFIG_SECCOMP]
170 [*] Stack Protector buffer overflow detection [CONFIG_STACKPROTECTOR]
171 [*] Strong Stack Protector [CONFIG_STACKPROTECTOR_STRONG]
172Networking support ---&gt;
173 Networking options ---&gt;
174 &lt;*&gt; The IPv6 protocol [CONFIG_IPV6]
175Device Drivers ---&gt;
176 Generic Driver Options ---&gt;
177 [ ] Support for uevent helper [CONFIG_UEVENT_HELPER]
178 [*] Maintain a devtmpfs filesystem to mount at /dev [CONFIG_DEVTMPFS]
179 [*] Automount devtmpfs at /dev, after the kernel mounted the rootfs [CONFIG_DEVTMPFS_MOUNT]
180 Firmware Loader ---&gt;
181 [ ] Enable the firmware sysfs fallback mechanism [CONFIG_FW_LOADER_USER_HELPER]
182 Firmware Drivers ---&gt;
183 [*] Export DMI identification via sysfs to userspace [CONFIG_DMIID]
184 Graphics support ---&gt;
185 Frame buffer Devices ---&gt;
186 &lt;*&gt; Support for frame buffer devices ---&gt;
187 Console display driver support ---&gt;
188 [*] Framebuffer Console support [CONFIG_FRAMEBUFFER_CONSOLE]
189File systems ---&gt;
190 [*] Inotify support for userspace [CONFIG_INOTIFY_USER]
191 Pseudo filesystems ---&gt;
192 [*] Tmpfs POSIX Access Control Lists [CONFIG_TMPFS_POSIX_ACL]</screen>
194 <para>Enable some additional features if you are building a 64-bit
195 system. If you are using menuconfig, enable them in the order of
196 <parameter>CONFIG_PCI_MSI</parameter> first, then
197 <parameter>CONFIG_IRQ_REMAP</parameter>, at last
198 <parameter>CONFIG_X86_X2APIC</parameter> because an option only
199 shows up after its dependencies are selected.</para>
201 <screen role="nodump">Processor type and features ---&gt;
202 [*] Support x2apic [CONFIG_X86_X2APIC]
203Device Drivers ---&gt;
204 [*] PCI Support ---&gt; [CONFIG_PCI]
205 [*] Message Signaled Interrupts (MSI and MSI-X) [CONFIG_PCI_MSI]
206 [*] IOMMU Hardware Support ---&gt; [CONFIG_IOMMU_SUPPORT]
207 [*] Support for Interrupt Remapping [CONFIG_IRQ_REMAP]</screen>
209 <para>If you are building a 32-bit system running on a hardware
210 with RAM more than 4GB, adjust the configuration so the kernel will
211 be able to use up to 64GB physical RAM:</para>
213 <screen role="nodump">Processor type and features ---&gt;
214 High Memory Support ---&gt;
215 (X) 64GB [CONFIG_HIGHMEM64G]</screen>
217 <para>If the partition for the LFS system is in a NVME SSD (i. e. the
218 device node for the partition is <filename>/dev/nvme*</filename>
219 instead of <filename>/dev/sd*</filename>), enable NVME support or
220 the LFS system won't boot:</para>
222 <screen role="nodump">Device Drivers ---&gt;
223 NVME Support ---&gt;
224 &lt;*&gt; NVM Express block device [CONFIG_BLK_DEV_NVME]</screen>
225 </note>
227 <note revision="systemd">
228 <para>While "The IPv6 Protocol" is not strictly
229 required, it is highly recommended by the systemd developers.</para>
230 </note>
232 <para>There are several other options that may be desired
233 depending on the requirements for the system. For a list of options needed
234 for BLFS packages, see the <ulink
235 url="&lfs-root;blfs/view/&short-version;/longindex.html#kernel-config-index">BLFS
236 Index of Kernel Settings</ulink>.</para>
238 <note>
239 <para>If your host hardware is using UEFI and you wish to boot the
240 LFS system with it, you should adjust some kernel configuration
241 following <ulink url="&blfs-book;postlfs/grub-setup.html#uefi-kernel">
242 the BLFS page</ulink> <emphasis role='bold'>even if you'll use the
243 UEFI bootloader from the host distro</emphasis>.</para>
244 </note>
246 <variablelist>
247 <title>The rationale for the above configuration items:</title>
249 <varlistentry>
250 <term><parameter>Randomize the address of the kernel image (KASLR)</parameter></term>
251 <listitem>
252 <para>Enable ASLR for kernel image, to mitigate some attacks based
253 on fixed addresses of sensitive data or code in the kernel.</para>
254 </listitem>
255 </varlistentry>
257 <varlistentry>
258 <term>
259 <parameter>
260 Compile the kernel with warnings as errors
261 </parameter>
262 </term>
263 <listitem>
264 <para>This may cause building failure if the compiler and/or
265 configuration are different from those of the kernel
266 developers.</para>
267 </listitem>
268 </varlistentry>
270 <varlistentry>
271 <term>
272 <parameter>
273 Enable kernel headers through /sys/kernel/kheaders.tar.xz
274 </parameter>
275 </term>
276 <listitem>
277 <para>This will require <command>cpio</command> building the kernel.
278 <command>cpio</command> is not installed by LFS.</para>
279 </listitem>
280 </varlistentry>
282 <varlistentry>
283 <term>
284 <parameter>
285 Configure standard kernel features (expert users)
286 </parameter>
287 </term>
288 <listitem>
289 <para>This will make some options show up in the configuration
290 interface but changing those options may be dangerous. Do not use
291 this unless you know what you are doing.</para>
292 </listitem>
293 </varlistentry>
295 <varlistentry>
296 <term><parameter>Strong Stack Protector</parameter></term>
297 <listitem>
298 <para>Enable SSP for the kernel. We've enabled it for the entire
299 userspace with <parameter>--enable-default-ssp</parameter>
300 configuring GCC, but the kernel does not use GCC default setting
301 for SSP. We enable it explicitly here.</para>
302 </listitem>
303 </varlistentry>
305 <varlistentry>
306 <term><parameter>Support for uevent helper</parameter></term>
307 <listitem>
308 <para>Having this option set may interfere with device
309 management when using Udev/Eudev. </para>
310 </listitem>
311 </varlistentry>
313 <varlistentry>
314 <term><parameter>Maintain a devtmpfs</parameter></term>
315 <listitem>
316 <para>This will create automated device nodes which are populated by the
317 kernel, even without Udev running. Udev then runs on top of this,
318 managing permissions and adding symlinks. This configuration
319 item is required for all users of Udev/Eudev.</para>
320 </listitem>
321 </varlistentry>
323 <varlistentry>
324 <term><parameter>Automount devtmpfs at /dev</parameter></term>
325 <listitem>
326 <para>This will mount the kernel view of the devices on /dev
327 upon switching to root filesystem just before starting
328 init.</para>
329 </listitem>
330 </varlistentry>
332 <varlistentry>
333 <term><parameter>Framebuffer Console support</parameter></term>
334 <listitem>
335 <para>This is needed to display the Linux console on a frame
336 buffer device. To allow the kernel to print debug messages at an
337 early boot stage, it shouldn't be built as a kernel module
338 unless an initramfs will be used. And, if
339 <option>CONFIG_DRM</option> (Direct Rendering Manager) is enabled,
340 it's likely <option>CONFIG_DRM_FBDEV_EMULATION</option> (Enable
341 legacy fbdev support for your modesetting driver) should be
342 enabled as well.</para>
343 </listitem>
344 </varlistentry>
346 <varlistentry>
347 <term><parameter>Support x2apic</parameter></term>
348 <listitem>
349 <para>Support running the interrupt controller of 64-bit x86
350 processors in x2APIC mode. x2APIC may be enabled by firmware on
351 64-bit x86 systems, and a kernel without this option enabled will
352 panic on boot if x2APIC is enabled by firmware. This option has
353 has no effect, but also does no harm if x2APIC is disabled by the
354 firmware.</para>
355 </listitem>
356 </varlistentry>
358 </variablelist>
360 <para>Alternatively, <command>make oldconfig</command> may be more
361 appropriate in some situations. See the <filename>README</filename>
362 file for more information.</para>
364 <para>If desired, skip kernel configuration by copying the kernel
365 config file, <filename>.config</filename>, from the host system
366 (assuming it is available) to the unpacked <filename
367 class="directory">linux-&linux-version;</filename> directory. However,
368 we do not recommend this option. It is often better to explore all the
369 configuration menus and create the kernel configuration from
370 scratch.</para>
372 <para>Compile the kernel image and modules:</para>
374<screen><userinput remap="make">make</userinput></screen>
376 <para>If using kernel modules, module configuration in <filename
377 class="directory">/etc/modprobe.d</filename> may be required.
378 Information pertaining to modules and kernel configuration is
379 located in <xref linkend="ch-config-udev"/> and in the kernel
380 documentation in the <filename
381 class="directory">linux-&linux-version;/Documentation</filename> directory.
382 Also, <filename>modprobe.d(5)</filename> may be of interest.</para>
384 <para>Unless module support has been disabled in the kernel configuration,
385 install the modules with:</para>
387<screen><userinput remap="install">make modules_install</userinput></screen>
389 <para>After kernel compilation is complete, additional steps are
390 required to complete the installation. Some files need to be copied to
391 the <filename class="directory">/boot</filename> directory.</para>
393 <caution>
394 <para>As the cross-built LFS system has a separate &boot-dir;
395 partition, the files copied below should go there. The easiest way to
396 do that is to create the entry for &boot-dir; in &fstab; first (read
397 the previous section for details), then issue the following command
398 as the &root; user:</para>
400<screen role="nodump"><userinput>mount /boot</userinput></screen>
402 <para>We don't need to specify the path to the device node, as it's
403 already given in <filename>/etc/fstab</filename>.</para>
404 </caution>
406 <para>The path to the kernel image may vary depending on the platform being
407 used. The filename below can be changed to suit your taste, but the stem of
408 the filename should be <emphasis>vmlinuz</emphasis> to be compatible with
409 the automatic setup of the boot process described in the next section. The
410 following command assumes an x86 architecture:</para>
412<screen><userinput remap="install">cp -iv arch/x86/boot/bzImage /boot/vmlinuz-&linux-version;-lfs-&version;</userinput></screen>
414 <para><filename></filename> is a symbol file for the kernel.
415 It maps the function entry points of every function in the kernel API,
416 as well as the addresses of the kernel data structures for the running
417 kernel. It is used as a resource when investigating kernel problems.
418 Issue the following command to install the map file:</para>
420<screen><userinput remap="install">cp -iv /boot/;</userinput></screen>
422 <para>The kernel configuration file <filename>.config</filename>
423 produced by the <command>make menuconfig</command> step
424 above contains all the configuration selections for the kernel
425 that was just compiled. It is a good idea to keep this file for future
426 reference:</para>
428<screen><userinput remap="install">cp -iv .config /boot/config-&linux-version;</userinput></screen>
430 <para>Install the documentation for the Linux kernel:</para>
432<screen><userinput remap="install">install -d /usr/share/doc/linux-&linux-version;
433cp -r Documentation/* /usr/share/doc/linux-&linux-version;</userinput></screen>
435 <para>It is important to note that the files in the kernel source
436 directory are not owned by <emphasis>root</emphasis>. Whenever a
437 package is unpacked as user <emphasis>root</emphasis> (like we did
438 inside chroot), the files have the user and group IDs of whatever
439 they were on the packager's computer. This is usually not a problem
440 for any other package to be installed because the source tree is
441 removed after the installation. However, the Linux source tree is
442 often retained for a long time. Because of this, there is a chance
443 that whatever user ID the packager used will be assigned to somebody
444 on the machine. That person would then have write access to the kernel
445 source.</para>
447 <note>
448 <para>In many cases, the configuration of the kernel will need to be
449 updated for packages that will be installed later in BLFS. Unlike
450 other packages, it is not necessary to remove the kernel source tree
451 after the newly built kernel is installed.</para>
453 <para>If the kernel source tree is going to be retained, run
454 <command>chown -R 0:0</command> on the <filename
455 class="directory">linux-&linux-version;</filename> directory to ensure
456 all files are owned by user <emphasis>root</emphasis>.</para>
457 </note>
459 <warning>
460 <para>Some kernel documentation recommends creating a symlink from
461 <filename class="symlink">/usr/src/linux</filename> pointing to the kernel
462 source directory. This is specific to kernels prior to the 2.6 series and
463 <emphasis>must not</emphasis> be created on an LFS system as it can cause
464 problems for packages you may wish to build once your base LFS system is
465 complete.</para>
466 </warning>
468 <warning>
469 <para>The headers in the system's <filename
470 class="directory">include</filename> directory (<filename
471 class="directory">/usr/include</filename>) should
472 <emphasis>always</emphasis> be the ones against which Glibc was compiled,
473 that is, the sanitised headers installed in <xref
474 linkend="ch-tools-linux-headers"/>. Therefore, they should
475 <emphasis>never</emphasis> be replaced by either the raw kernel headers
476 or any other kernel sanitized headers.</para>
477 </warning>
479 </sect2>
481 <sect2 id="conf-modprobe" role="configuration">
482 <title>Configuring Linux Module Load Order</title>
484 <indexterm zone="conf-modprobe">
485 <primary sortas="e-/etc/modprobe.d/usb.conf">/etc/modprobe.d/usb.conf</primary>
486 </indexterm>
488 <para>Most of the time Linux modules are loaded automatically, but
489 sometimes it needs some specific direction. The program that loads
490 modules, <command>modprobe</command> or <command>insmod</command>, uses
491 <filename>/etc/modprobe.d/usb.conf</filename> for this purpose. This file
492 needs to be created so that if the USB drivers (ehci_hcd, ohci_hcd and
493 uhci_hcd) have been built as modules, they will be loaded in the correct
494 order; ehci_hcd needs to be loaded prior to ohci_hcd and uhci_hcd in order
495 to avoid a warning being output at boot time.</para>
497 <para>Create a new file <filename>/etc/modprobe.d/usb.conf</filename> by running
498 the following:</para>
500<screen><userinput>install -v -m755 -d /etc/modprobe.d
501cat &gt; /etc/modprobe.d/usb.conf &lt;&lt; "EOF"
502<literal># Begin /etc/modprobe.d/usb.conf
504install ohci_hcd /sbin/modprobe ehci_hcd ; /sbin/modprobe -i ohci_hcd ; true
505install uhci_hcd /sbin/modprobe ehci_hcd ; /sbin/modprobe -i uhci_hcd ; true
507# End /etc/modprobe.d/usb.conf</literal>
510 </sect2>
512 <sect2 id="contents-kernel" role="content">
513 <title>Contents of Linux</title>
515 <segmentedlist>
516 <segtitle>Installed files</segtitle>
517 <segtitle>Installed directories</segtitle>
519 <seglistitem>
520 <seg>config-&linux-version;,
521 vmlinuz-&linux-version;-lfs-&version;,
522 and;</seg>
523 <seg>/lib/modules, /usr/share/doc/linux-&linux-version;</seg>
524 </seglistitem>
525 </segmentedlist>
527 <variablelist>
528 <bridgehead renderas="sect3">Short Descriptions</bridgehead>
529 <?dbfo list-presentation="list"?>
530 <?dbhtml list-presentation="table"?>
532 <varlistentry id="config">
533 <term><filename>config-&linux-version;</filename></term>
534 <listitem>
535 <para>Contains all the configuration selections for the kernel</para>
536 <indexterm zone="ch-bootable-kernel config">
537 <primary sortas="e-/boot/config">/boot/config-&linux-version;</primary>
538 </indexterm>
539 </listitem>
540 </varlistentry>
542 <varlistentry id="lfskernel">
543 <term><filename>vmlinuz-&linux-version;-lfs-&version;</filename></term>
544 <listitem>
545 <para>The engine of the Linux system. When turning on the computer,
546 the kernel is the first part of the operating system that gets loaded.
547 It detects and initializes all components of the computer's hardware,
548 then makes these components available as a tree of files to the
549 software and turns a single CPU into a multitasking machine capable
550 of running scores of programs seemingly at the same time</para>
551 <indexterm zone="ch-bootable-kernel lfskernel">
552 <primary sortas="b-lfskernel">lfskernel-&linux-version;</primary>
553 </indexterm>
554 </listitem>
555 </varlistentry>
557 <varlistentry id="">
558 <term><filename>;</filename></term>
559 <listitem>
560 <para>A list of addresses and symbols; it maps the entry points and
561 addresses of all the functions and data structures in the
562 kernel</para>
563 <indexterm zone="ch-bootable-kernel">
564 <primary sortas="e-/boot/">/boot/;</primary>
565 </indexterm>
566 </listitem>
567 </varlistentry>
569 </variablelist>
571 </sect2>
Note: See TracBrowser for help on using the repository browser.