Context Navigation

source: chapter10/kernel.xml@ c49c1fb

Visit:

multilib

Last change on this file since c49c1fb was c49c1fb, checked in by Thomas Trepl (Moody) <thomas@…>, 20 months ago
Automatic merge of trunk into multilib
Property mode set to `100644`
File size: 22.0 KB

Line
1	<?xml version="1.0" encoding="ISO-8859-1"?>
2	<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3	"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4	<!ENTITY % general-entities SYSTEM "../general.ent">
5	%general-entities;
6	]>
7
8	<sect1 id="ch-bootable-kernel" role="wrap">
9	<?dbhtml filename="kernel.html"?>
10
11	<sect1info condition="script">
12	<productname>kernel</productname>
13	<productnumber>&linux-version;</productnumber>
14	<address>&linux-url;</address>
15	</sect1info>
16
17	<title>Linux-&linux-version;</title>
18
19	<indexterm zone="ch-bootable-kernel">
20	<primary sortas="a-Linux">Linux</primary>
21	</indexterm>
22
23	<sect2 role="package">
24	<title/>
25
26	<para>The Linux package contains the Linux kernel.</para>
27
28	<segmentedlist>
29	<segtitle>&buildtime;</segtitle>
30	<segtitle>&diskspace;</segtitle>
31
32	<seglistitem>
33	<seg>&linux-knl-sbu;</seg>
34	<seg>&linux-knl-du;</seg>
35	</seglistitem>
36	</segmentedlist>
37
38	</sect2>
39
40	<sect2 role="installation">
41	<title>Installation of the kernel</title>
42
43	<para>Building the kernel involves a few steps—configuration,
44	compilation, and installation. Read the <filename>README</filename> file
45	in the kernel source tree for alternative methods to the way this book
46	configures the kernel.</para>
47
48	<para>Prepare for compilation by running the following command:</para>
49
50	<screen><userinput remap="pre">make mrproper</userinput></screen>
51
52	<para>This ensures that the kernel tree is absolutely clean. The
53	kernel team recommends that this command be issued prior to each
54	kernel compilation. Do not rely on the source tree being clean after
55	un-tarring.</para>
56
57	<para>There are several ways to configure the kernel options. Usually,
58	This is done through a menu-driven interface, for example:</para>
59
60	<screen role="nodump"><userinput>make menuconfig</userinput></screen>
61
62	<variablelist>
63	<title>The meaning of optional make environment variables:</title>
64
65	<varlistentry>
66	<term><parameter>LANG=<host_LANG_value> LC_ALL=</parameter></term>
67	<listitem>
68	<para>This establishes the locale setting to the one used on the
69	host. This may be needed for a proper menuconfig ncurses interface
70	line drawing on a UTF-8 linux text console.</para>
71
72	<para>If used, be sure to replace
73	<replaceable><host_LANG_value></replaceable> by the value of
74	the <envar>$LANG</envar> variable from your host. You can
75	alternatively use instead the host's value of <envar>$LC_ALL</envar>
76	or <envar>$LC_CTYPE</envar>.</para>
77	</listitem>
78	</varlistentry>
79
80	<varlistentry>
81	<term><command>make menuconfig</command></term>
82	<listitem>
83	<para>This launches an ncurses menu-driven interface. For other
84	(graphical) interfaces, type <command>make help</command>.</para>
85	</listitem>
86	</varlistentry>
87	</variablelist>
88
89	<!-- Support for compiling a keymap into the kernel is deliberately removed -->
90
91	<para>For general information on kernel configuration see <ulink
92	url="&hints-root;kernel-configuration.txt"/>. BLFS has some information
93	regarding particular kernel configuration requirements of packages outside
94	of LFS at <ulink
95	url="&blfs-book;longindex.html#kernel-config-index"/>. Additional
96	information about configuring and building the kernel can be found at
97	<ulink url="http://www.kroah.com/lkn/"/> </para>
98
99	<note>
100	<para>A good starting place for setting up the kernel configuration is to
101	run <command>make defconfig</command>. This will set the base
102	configuration to a good state that takes your current system architecture
103	into account.</para>
104
105	<para>Be sure to enable/disable/set the following features or the system might
106	not work correctly or boot at all:</para>
107
108	<screen role="nodump" revision="sysv">Processor type and features --->
109	[*] Build a relocatable kernel [CONFIG_RELOCATABLE]
110	[*] Randomize the address of the kernel image (KASLR) [CONFIG_RANDOMIZE_BASE]
111	General setup --->
112	[ ] Compile the kernel with warnings as errors [CONFIG_WERROR]
113	< > Enable kernel headers through /sys/kernel/kheaders.tar.xz [CONFIG_IKHEADERS]
114	General architecture-dependent options --->
115	[*] Stack Protector buffer overflow detection [CONFIG_STACKPROTECTOR]
116	[*] Strong Stack Protector [CONFIG_STACKPROTECTOR_STRONG]
117	Device Drivers --->
118	Graphics support --->
119	Frame buffer Devices --->
120	[*] Support for frame buffer devices ----
121	Generic Driver Options --->
122	[ ] Support for uevent helper [CONFIG_UEVENT_HELPER]
123	[*] Maintain a devtmpfs filesystem to mount at /dev [CONFIG_DEVTMPFS]
124	[*] Automount devtmpfs at /dev, after the kernel mounted the rootfs [CONFIG_DEVTMPFS_MOUNT]</screen>
125
126	<screen role="nodump" revision="systemd">Processor type and features --->
127	[*] Build a relocatable kernel [CONFIG_RELOCATABLE]
128	[*] Randomize the address of the kernel image (KASLR) [CONFIG_RANDOMIZE_BASE]
129	General setup --->
130	[ ] Compile the kernel with warnings as errors [CONFIG_WERROR]
131	[ ] Auditing Support [CONFIG_AUDIT]
132	CPU/Task time and stats accounting --->
133	[*] Pressure stall information tracking [CONFIG_PSI]
134	< > Enable kernel headers through /sys/kernel/kheaders.tar.xz [CONFIG_IKHEADERS]
135	[*] Control Group support [CONFIG_CGROUPS] --->
136	[*] Memory controller [CONFIG_MEMCG]
137	[ ] Enable deprecated sysfs features to support old userspace tools [CONFIG_SYSFS_DEPRECATED]
138	[*] Configure standard kernel features (expert users) [CONFIG_EXPERT] --->
139	[*] open by fhandle syscalls [CONFIG_FHANDLE]
140	General architecture-dependent options --->
141	[*] Enable seccomp to safely compute untrusted bytecode [CONFIG_SECCOMP]
142	[*] Stack Protector buffer overflow detection [CONFIG_STACKPROTECTOR]
143	[*] Strong Stack Protector [CONFIG_STACKPROTECTOR_STRONG]
144	Networking support --->
145	Networking options --->
146	<*> The IPv6 protocol [CONFIG_IPV6]
147	Device Drivers --->
148	Generic Driver Options --->
149	[ ] Support for uevent helper [CONFIG_UEVENT_HELPER]
150	[*] Maintain a devtmpfs filesystem to mount at /dev [CONFIG_DEVTMPFS]
151	[*] Automount devtmpfs at /dev, after the kernel mounted the rootfs [CONFIG_DEVTMPFS_MOUNT]
152	Firmware Loader --->
153	[ ] Enable the firmware sysfs fallback mechanism [CONFIG_FW_LOADER_USER_HELPER]
154	Firmware Drivers --->
155	[*] Export DMI identification via sysfs to userspace [CONFIG_DMIID]
156	Graphics support --->
157	Frame buffer Devices --->
158	<*> Support for frame buffer devices --->
159	File systems --->
160	[*] Inotify support for userspace [CONFIG_INOTIFY_USER]
161	Pseudo filesystems --->
162	[*] Tmpfs POSIX Access Control Lists [CONFIG_TMPFS_POSIX_ACL]</screen>
163
164	<para>Enable some additional features if you are building a 64-bit
165	system. If you are using menuconfig, enable them in the order of
166	<parameter>CONFIG_PCI_MSI</parameter> first, then
167	<parameter>CONFIG_IRQ_REMAP</parameter>, at last
168	<parameter>CONFIG_X86_X2APIC</parameter> because an option only
169	shows up after its dependencies are selected.</para>
170
171	<screen role="nodump">Processor type and features --->
172	[*] Support x2apic [CONFIG_X86_X2APIC]
173	Device Drivers --->
174	[*] PCI Support ---> [CONFIG_PCI]
175	[*] Message Signaled Interrupts (MSI and MSI-X) [CONFIG_PCI_MSI]
176	[*] IOMMU Hardware Support ---> [CONFIG_IOMMU_SUPPORT]
177	[*] Support for Interrupt Remapping [CONFIG_IRQ_REMAP]</screen>
178	</note>
179
180	<note revision="systemd">
181	<para>While "The IPv6 Protocol" is not strictly
182	required, it is highly recommended by the systemd developers.</para>
183	</note>
184
185	<para revision="sysv">There are several other options that may be desired
186	depending on the requirements for the system. For a list of options needed
187	for BLFS packages, see the <ulink
188	url="&lfs-root;blfs/view/&short-version;/longindex.html#kernel-config-index">BLFS
189	Index of Kernel Settings</ulink>
190	(&lfs-root;blfs/view/&short-version;/longindex.html#kernel-config-index).</para>
191
192	<note>
193	<para>If your host hardware is using UEFI and you wish to boot the
194	LFS system with it, you should adjust some kernel configuration
195	following <ulink url="&blfs-book;postlfs/grub-setup.html#uefi-kernel">
196	the BLFS page</ulink>.</para>
197	</note>
198
199	<note arch="ml_32,ml_x32,ml_all">
200	<para>
201	The kernel on a multilib system needs to be able to
202	identify and start binaries compiled for different architectures
203	than the default.
204	</para>
205
206	<para arch="ml_32,ml_all">
207	If support for any 32bit ABI was built, make sure that the option
208	"IA32 Emulation" is selected. The option 'IA32 a.out support' is
209	optional.
210	</para>
211
212	<para arch="ml_x32,ml_all">
213	If support for the x32bit ABI was built, make sure that the option
214	"x32 ABI for 64-bit mode" is selected.
215	</para>
216
217	<screen arch="ml_32">Binary Emulations --->
218	[*] IA32 Emulation [CONFIG_IA32_EMULATION]
219	<M> IA32 a.out support [CONFIG_IA32_AOUT]
220	</screen>
221	<screen arch="ml_x32">Binary Emulations --->
222	[*] x32 ABI for 64-bit mode [CONFIG_X86_X32]
223	</screen>
224	<screen arch="ml_all">Binary Emulations --->
225	[*] IA32 Emulation [CONFIG_IA32_EMULATION]
226	<M> IA32 a.out support [CONFIG_IA32_AOUT]
227	[*] x32 ABI for 64-bit mode [CONFIG_X86_X32]
228	</screen>
229	</note>
230
231	<variablelist>
232	<title>The rationale for the above configuration items:</title>
233
234	<varlistentry>
235	<term><parameter>Randomize the address of the kernel image (KASLR)</parameter></term>
236	<listitem>
237	<para>Enable ASLR for kernel image, to mitigate some attacks based
238	on fixed addresses of sensitive data or code in the kernel.</para>
239	</listitem>
240	</varlistentry>
241
242	<varlistentry>
243	<term>
244	<parameter>
245	Compile the kernel with warnings as errors
246	</parameter>
247	</term>
248	<listitem>
249	<para>This may cause building failure if the compiler and/or
250	configuration are different from those of the kernel
251	developers.</para>
252	</listitem>
253	</varlistentry>
254
255	<varlistentry>
256	<term>
257	<parameter>
258	Enable kernel headers through /sys/kernel/kheaders.tar.xz
259	</parameter>
260	</term>
261	<listitem>
262	<para>This will require <command>cpio</command> building the kernel.
263	<command>cpio</command> is not installed by LFS.</para>
264	</listitem>
265	</varlistentry>
266
267	<varlistentry>
268	<term><parameter>Strong Stack Protector</parameter></term>
269	<listitem>
270	<para>Enable SSP for the kernel. We've enabled it for the entire
271	userspace with <parameter>--enable-default-ssp</parameter>
272	configuring GCC, but the kernel does not use GCC default setting
273	for SSP. We enable it explicitly here.</para>
274	</listitem>
275	</varlistentry>
276
277	<varlistentry>
278	<term><parameter>Support for uevent helper</parameter></term>
279	<listitem>
280	<para>Having this option set may interfere with device
281	management when using Udev/Eudev. </para>
282	</listitem>
283	</varlistentry>
284
285	<varlistentry>
286	<term><parameter>Maintain a devtmpfs</parameter></term>
287	<listitem>
288	<para>This will create automated device nodes which are populated by the
289	kernel, even without Udev running. Udev then runs on top of this,
290	managing permissions and adding symlinks. This configuration
291	item is required for all users of Udev/Eudev.</para>
292	</listitem>
293	</varlistentry>
294
295	<varlistentry>
296	<term><parameter>Automount devtmpfs at /dev</parameter></term>
297	<listitem>
298	<para>This will mount the kernel view of the devices on /dev
299	upon switching to root filesystem just before starting
300	init.</para>
301	</listitem>
302	</varlistentry>
303
304	<varlistentry>
305	<term><parameter>Support x2apic</parameter></term>
306	<listitem>
307	<para>Support running the interrupt controller of 64-bit x86
308	processors in x2APIC mode. x2APIC may be enabled by firmware on
309	64-bit x86 systems, and a kernel without this option enabled will
310	panic on boot if x2APIC is enabled by firmware. This option has
311	has no effect, but also does no harm if x2APIC is disabled by the
312	firmware.</para>
313	</listitem>
314	</varlistentry>
315
316	</variablelist>
317
318	<para>Alternatively, <command>make oldconfig</command> may be more
319	appropriate in some situations. See the <filename>README</filename>
320	file for more information.</para>
321
322	<para>If desired, skip kernel configuration by copying the kernel
323	config file, <filename>.config</filename>, from the host system
324	(assuming it is available) to the unpacked <filename
325	class="directory">linux-&linux-version;</filename> directory. However,
326	we do not recommend this option. It is often better to explore all the
327	configuration menus and create the kernel configuration from
328	scratch.</para>
329
330	<para>Compile the kernel image and modules:</para>
331
332	<screen><userinput remap="make">make</userinput></screen>
333
334	<para>If using kernel modules, module configuration in <filename
335	class="directory">/etc/modprobe.d</filename> may be required.
336	Information pertaining to modules and kernel configuration is
337	located in <xref linkend="ch-config-udev"/> and in the kernel
338	documentation in the <filename
339	class="directory">linux-&linux-version;/Documentation</filename> directory.
340	Also, <filename>modprobe.d(5)</filename> may be of interest.</para>
341
342	<para>Unless module support has been disabled in the kernel configuration,
343	install the modules with:</para>
344
345	<screen><userinput remap="install">make modules_install</userinput></screen>
346
347	<para>After kernel compilation is complete, additional steps are
348	required to complete the installation. Some files need to be copied to
349	the <filename class="directory">/boot</filename> directory.</para>
350
351	<caution>
352	<para>If the host system has a separate /boot partition, the files copied
353	below should go there. The easiest way to do that is to bind /boot on the
354	host (outside chroot) to /mnt/lfs/boot before proceeding. As the
355	&root; user in the <emphasis>host system</emphasis>:</para>
356
357	<screen role="nodump"><userinput>mount --bind /boot /mnt/lfs/boot</userinput></screen>
358	</caution>
359
360	<para>The path to the kernel image may vary depending on the platform being
361	used. The filename below can be changed to suit your taste, but the stem of
362	the filename should be <emphasis>vmlinuz</emphasis> to be compatible with
363	the automatic setup of the boot process described in the next section. The
364	following command assumes an x86 architecture:</para>
365
366	<screen><userinput remap="install">cp -iv arch/x86/boot/bzImage /boot/vmlinuz-&linux-version;-lfs-&version;</userinput></screen>
367
368	<para><filename>System.map</filename> is a symbol file for the kernel.
369	It maps the function entry points of every function in the kernel API,
370	as well as the addresses of the kernel data structures for the running
371	kernel. It is used as a resource when investigating kernel problems.
372	Issue the following command to install the map file:</para>
373
374	<screen><userinput remap="install">cp -iv System.map /boot/System.map-&linux-version;</userinput></screen>
375
376	<para>The kernel configuration file <filename>.config</filename>
377	produced by the <command>make menuconfig</command> step
378	above contains all the configuration selections for the kernel
379	that was just compiled. It is a good idea to keep this file for future
380	reference:</para>
381
382	<screen><userinput remap="install">cp -iv .config /boot/config-&linux-version;</userinput></screen>
383
384	<para>Install the documentation for the Linux kernel:</para>
385
386	<screen><userinput remap="install">install -d /usr/share/doc/linux-&linux-version;
387	cp -r Documentation/* /usr/share/doc/linux-&linux-version;</userinput></screen>
388
389	<para>It is important to note that the files in the kernel source
390	directory are not owned by <emphasis>root</emphasis>. Whenever a
391	package is unpacked as user <emphasis>root</emphasis> (like we did
392	inside chroot), the files have the user and group IDs of whatever
393	they were on the packager's computer. This is usually not a problem
394	for any other package to be installed because the source tree is
395	removed after the installation. However, the Linux source tree is
396	often retained for a long time. Because of this, there is a chance
397	that whatever user ID the packager used will be assigned to somebody
398	on the machine. That person would then have write access to the kernel
399	source.</para>
400
401	<note>
402	<para>In many cases, the configuration of the kernel will need to be
403	updated for packages that will be installed later in BLFS. Unlike
404	other packages, it is not necessary to remove the kernel source tree
405	after the newly built kernel is installed.</para>
406
407	<para>If the kernel source tree is going to be retained, run
408	<command>chown -R 0:0</command> on the <filename
409	class="directory">linux-&linux-version;</filename> directory to ensure
410	all files are owned by user <emphasis>root</emphasis>.</para>
411	</note>
412
413	<warning>
414	<para>Some kernel documentation recommends creating a symlink from
415	<filename class="symlink">/usr/src/linux</filename> pointing to the kernel
416	source directory. This is specific to kernels prior to the 2.6 series and
417	<emphasis>must not</emphasis> be created on an LFS system as it can cause
418	problems for packages you may wish to build once your base LFS system is
419	complete.</para>
420	</warning>
421
422	<warning>
423	<para>The headers in the system's <filename
424	class="directory">include</filename> directory (<filename
425	class="directory">/usr/include</filename>) should
426	<emphasis>always</emphasis> be the ones against which Glibc was compiled,
427	that is, the sanitised headers installed in <xref
428	linkend="ch-tools-linux-headers"/>. Therefore, they should
429	<emphasis>never</emphasis> be replaced by either the raw kernel headers
430	or any other kernel sanitized headers.</para>
431	</warning>
432
433	</sect2>
434
435	<sect2 id="conf-modprobe" role="configuration">
436	<title>Configuring Linux Module Load Order</title>
437
438	<indexterm zone="conf-modprobe">
439	<primary sortas="e-/etc/modprobe.d/usb.conf">/etc/modprobe.d/usb.conf</primary>
440	</indexterm>
441
442	<para>Most of the time Linux modules are loaded automatically, but
443	sometimes it needs some specific direction. The program that loads
444	modules, <command>modprobe</command> or <command>insmod</command>, uses
445	<filename>/etc/modprobe.d/usb.conf</filename> for this purpose. This file
446	needs to be created so that if the USB drivers (ehci_hcd, ohci_hcd and
447	uhci_hcd) have been built as modules, they will be loaded in the correct
448	order; ehci_hcd needs to be loaded prior to ohci_hcd and uhci_hcd in order
449	to avoid a warning being output at boot time.</para>
450
451	<para>Create a new file <filename>/etc/modprobe.d/usb.conf</filename> by running
452	the following:</para>
453
454	<screen><userinput>install -v -m755 -d /etc/modprobe.d
455	cat > /etc/modprobe.d/usb.conf << "EOF"
456	<literal># Begin /etc/modprobe.d/usb.conf
457
458	install ohci_hcd /sbin/modprobe ehci_hcd ; /sbin/modprobe -i ohci_hcd ; true
459	install uhci_hcd /sbin/modprobe ehci_hcd ; /sbin/modprobe -i uhci_hcd ; true
460
461	# End /etc/modprobe.d/usb.conf</literal>
462	EOF</userinput></screen>
463
464	</sect2>
465
466	<sect2 id="contents-kernel" role="content">
467	<title>Contents of Linux</title>
468
469	<segmentedlist>
470	<segtitle>Installed files</segtitle>
471	<segtitle>Installed directories</segtitle>
472
473	<seglistitem>
474	<seg>config-&linux-version;,
475	vmlinuz-&linux-version;-lfs-&version;,
476	and System.map-&linux-version;</seg>
477	<seg>/lib/modules, /usr/share/doc/linux-&linux-version;</seg>
478	</seglistitem>
479	</segmentedlist>
480
481	<variablelist>
482	<bridgehead renderas="sect3">Short Descriptions</bridgehead>
483	<?dbfo list-presentation="list"?>
484	<?dbhtml list-presentation="table"?>
485
486	<varlistentry id="config">
487	<term><filename>config-&linux-version;</filename></term>
488	<listitem>
489	<para>Contains all the configuration selections for the kernel</para>
490	<indexterm zone="ch-bootable-kernel config">
491	<primary sortas="e-/boot/config">/boot/config-&linux-version;</primary>
492	</indexterm>
493	</listitem>
494	</varlistentry>
495
496	<varlistentry id="lfskernel">
497	<term><filename>vmlinuz-&linux-version;-lfs-&version;</filename></term>
498	<listitem>
499	<para>The engine of the Linux system. When turning on the computer,
500	the kernel is the first part of the operating system that gets loaded.
501	It detects and initializes all components of the computer's hardware,
502	then makes these components available as a tree of files to the
503	software and turns a single CPU into a multitasking machine capable
504	of running scores of programs seemingly at the same time</para>
505	<indexterm zone="ch-bootable-kernel lfskernel">
506	<primary sortas="b-lfskernel">lfskernel-&linux-version;</primary>
507	</indexterm>
508	</listitem>
509	</varlistentry>
510
511	<varlistentry id="System.map">
512	<term><filename>System.map-&linux-version;</filename></term>
513	<listitem>
514	<para>A list of addresses and symbols; it maps the entry points and
515	addresses of all the functions and data structures in the
516	kernel</para>
517	<indexterm zone="ch-bootable-kernel System.map">
518	<primary sortas="e-/boot/System.map">/boot/System.map-&linux-version;</primary>
519	</indexterm>
520	</listitem>
521	</varlistentry>
522
523	</variablelist>
524
525	</sect2>
526
527	</sect1>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: