mirror of
https://github.com/Poltern/lfs-ru.git
synced 2024-10-18 20:00:21 +03:00
496 lines
21 KiB
XML
496 lines
21 KiB
XML
<?xml version="1.0" encoding="UTF-8"?>
|
|
<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
|
|
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
|
|
<!ENTITY % general-entities SYSTEM "../general.ent">
|
|
%general-entities;
|
|
]>
|
|
|
|
<sect1 id="ch-bootable-kernel" role="wrap">
|
|
<?dbhtml filename="kernel.html"?>
|
|
|
|
<sect1info condition="script">
|
|
<productname>kernel</productname>
|
|
<productnumber>&linux-version;</productnumber>
|
|
<address>&linux-url;</address>
|
|
</sect1info>
|
|
|
|
<title>Linux-&linux-version;</title>
|
|
|
|
<indexterm zone="ch-bootable-kernel">
|
|
<primary sortas="a-Linux">Linux</primary>
|
|
</indexterm>
|
|
|
|
<sect2 role="package">
|
|
<title/>
|
|
|
|
<para>The Linux package contains the Linux kernel.</para>
|
|
|
|
<segmentedlist>
|
|
<segtitle>&buildtime;</segtitle>
|
|
<segtitle>&diskspace;</segtitle>
|
|
|
|
<seglistitem>
|
|
<seg>&linux-knl-sbu;</seg>
|
|
<seg>&linux-knl-du;</seg>
|
|
</seglistitem>
|
|
</segmentedlist>
|
|
|
|
</sect2>
|
|
|
|
<sect2 role="installation">
|
|
<title>Installation of the kernel</title>
|
|
|
|
<para>Building the kernel involves a few steps—configuration,
|
|
compilation, and installation. Read the <filename>README</filename> file
|
|
in the kernel source tree for alternative methods to the way this book
|
|
configures the kernel.</para>
|
|
|
|
<para>Prepare for compilation by running the following command:</para>
|
|
|
|
<screen><userinput remap="pre">make mrproper</userinput></screen>
|
|
|
|
<para>This ensures that the kernel tree is absolutely clean. The
|
|
kernel team recommends that this command be issued prior to each
|
|
kernel compilation. Do not rely on the source tree being clean after
|
|
un-tarring.</para>
|
|
|
|
<para>There are several ways to configure the kernel options. Usually,
|
|
This is done through a menu-driven interface, for example:</para>
|
|
|
|
<screen role="nodump"><userinput>make menuconfig</userinput></screen>
|
|
|
|
<variablelist>
|
|
<title>The meaning of optional make environment variables:</title>
|
|
|
|
<varlistentry>
|
|
<term><parameter>LANG=<host_LANG_value> LC_ALL=</parameter></term>
|
|
<listitem>
|
|
<para>This establishes the locale setting to the one used on the
|
|
host. This may be needed for a proper menuconfig ncurses interface
|
|
line drawing on a UTF-8 linux text console.</para>
|
|
|
|
<para>If used, be sure to replace
|
|
<replaceable><host_LANG_value></replaceable> by the value of
|
|
the <envar>$LANG</envar> variable from your host. You can
|
|
alternatively use instead the host's value of <envar>$LC_ALL</envar>
|
|
or <envar>$LC_CTYPE</envar>.</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term><command>make menuconfig</command></term>
|
|
<listitem>
|
|
<para>This launches an ncurses menu-driven interface. For other
|
|
(graphical) interfaces, type <command>make help</command>.</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
</variablelist>
|
|
|
|
<!-- Support for compiling a keymap into the kernel is deliberately removed -->
|
|
|
|
<para>For general information on kernel configuration see <ulink
|
|
url="&hints-root;kernel-configuration.txt"/>. BLFS has some information
|
|
regarding particular kernel configuration requirements of packages outside
|
|
of LFS at <ulink
|
|
url="&blfs-book;longindex.html#kernel-config-index"/>. Additional
|
|
information about configuring and building the kernel can be found at
|
|
<ulink url="http://www.kroah.com/lkn/"/> </para>
|
|
|
|
<note>
|
|
<para>A good starting place for setting up the kernel configuration is to
|
|
run <command>make defconfig</command>. This will set the base
|
|
configuration to a good state that takes your current system architecture
|
|
into account.</para>
|
|
|
|
<para>Be sure to enable/disable/set the following features or the system might
|
|
not work correctly or boot at all:</para>
|
|
|
|
<screen role="nodump" revision="sysv">Processor type and features --->
|
|
[*] Build a relocatable kernel [CONFIG_RELOCATABLE]
|
|
[*] Randomize the address of the kernel image (KASLR) [CONFIG_RANDOMIZE_BASE]
|
|
General setup --->
|
|
[ ] Compile the kernel with warnings as errors [CONFIG_WERROR]
|
|
< > Enable kernel headers through /sys/kernel/kheaders.tar.xz [CONFIG_IKHEADERS]
|
|
General architecture-dependent options --->
|
|
[*] Stack Protector buffer overflow detection [CONFIG_STACKPROTECTOR]
|
|
[*] Strong Stack Protector [CONFIG_STACKPROTECTOR_STRONG]
|
|
Device Drivers --->
|
|
Graphics support --->
|
|
Frame buffer Devices --->
|
|
[*] Support for frame buffer devices ----
|
|
Generic Driver Options --->
|
|
[ ] Support for uevent helper [CONFIG_UEVENT_HELPER]
|
|
[*] Maintain a devtmpfs filesystem to mount at /dev [CONFIG_DEVTMPFS]
|
|
[*] Automount devtmpfs at /dev, after the kernel mounted the rootfs [CONFIG_DEVTMPFS_MOUNT]</screen>
|
|
|
|
<screen role="nodump" revision="systemd">Processor type and features --->
|
|
[*] Build a relocatable kernel [CONFIG_RELOCATABLE]
|
|
[*] Randomize the address of the kernel image (KASLR) [CONFIG_RANDOMIZE_BASE]
|
|
General setup --->
|
|
[ ] Compile the kernel with warnings as errors [CONFIG_WERROR]
|
|
[ ] Auditing Support [CONFIG_AUDIT]
|
|
CPU/Task time and stats accounting --->
|
|
[*] Pressure stall information tracking [CONFIG_PSI]
|
|
< > Enable kernel headers through /sys/kernel/kheaders.tar.xz [CONFIG_IKHEADERS]
|
|
[*] Control Group support [CONFIG_CGROUPS] --->
|
|
[*] Memory controller [CONFIG_MEMCG]
|
|
[ ] Enable deprecated sysfs features to support old userspace tools [CONFIG_SYSFS_DEPRECATED]
|
|
[*] Configure standard kernel features (expert users) [CONFIG_EXPERT] --->
|
|
[*] open by fhandle syscalls [CONFIG_FHANDLE]
|
|
General architecture-dependent options --->
|
|
[*] Enable seccomp to safely compute untrusted bytecode [CONFIG_SECCOMP]
|
|
[*] Stack Protector buffer overflow detection [CONFIG_STACKPROTECTOR]
|
|
[*] Strong Stack Protector [CONFIG_STACKPROTECTOR_STRONG]
|
|
Networking support --->
|
|
Networking options --->
|
|
<*> The IPv6 protocol [CONFIG_IPV6]
|
|
Device Drivers --->
|
|
Generic Driver Options --->
|
|
[ ] Support for uevent helper [CONFIG_UEVENT_HELPER]
|
|
[*] Maintain a devtmpfs filesystem to mount at /dev [CONFIG_DEVTMPFS]
|
|
[*] Automount devtmpfs at /dev, after the kernel mounted the rootfs [CONFIG_DEVTMPFS_MOUNT]
|
|
Firmware Loader --->
|
|
[ ] Enable the firmware sysfs fallback mechanism [CONFIG_FW_LOADER_USER_HELPER]
|
|
Firmware Drivers --->
|
|
[*] Export DMI identification via sysfs to userspace [CONFIG_DMIID]
|
|
Graphics support --->
|
|
Frame buffer Devices --->
|
|
<*> Support for frame buffer devices --->
|
|
File systems --->
|
|
[*] Inotify support for userspace [CONFIG_INOTIFY_USER]
|
|
Pseudo filesystems --->
|
|
[*] Tmpfs POSIX Access Control Lists [CONFIG_TMPFS_POSIX_ACL]</screen>
|
|
|
|
<para>Enable some additional features if you are building a 64-bit
|
|
system. If you are using menuconfig, enable them in the order of
|
|
<parameter>CONFIG_PCI_MSI</parameter> first, then
|
|
<parameter>CONFIG_IRQ_REMAP</parameter>, at last
|
|
<parameter>CONFIG_X86_X2APIC</parameter> because an option only
|
|
shows up after its dependencies are selected.</para>
|
|
|
|
<screen role="nodump">Processor type and features --->
|
|
[*] Support x2apic [CONFIG_X86_X2APIC]
|
|
Device Drivers --->
|
|
[*] PCI Support ---> [CONFIG_PCI]
|
|
[*] Message Signaled Interrupts (MSI and MSI-X) [CONFIG_PCI_MSI]
|
|
[*] IOMMU Hardware Support ---> [CONFIG_IOMMU_SUPPORT]
|
|
[*] Support for Interrupt Remapping [CONFIG_IRQ_REMAP]</screen>
|
|
</note>
|
|
|
|
<note revision="systemd">
|
|
<para>While "The IPv6 Protocol" is not strictly
|
|
required, it is highly recommended by the systemd developers.</para>
|
|
</note>
|
|
|
|
<para revision="sysv">There are several other options that may be desired
|
|
depending on the requirements for the system. For a list of options needed
|
|
for BLFS packages, see the <ulink
|
|
url="&lfs-root;blfs/view/&short-version;/longindex.html#kernel-config-index">BLFS
|
|
Index of Kernel Settings</ulink>
|
|
(&lfs-root;blfs/view/&short-version;/longindex.html#kernel-config-index).</para>
|
|
|
|
<note>
|
|
<para>If your host hardware is using UEFI and you wish to boot the
|
|
LFS system with it, you should adjust some kernel configuration
|
|
following <ulink url="&blfs-book;postlfs/grub-setup.html#uefi-kernel">
|
|
the BLFS page</ulink>.</para>
|
|
</note>
|
|
|
|
<variablelist>
|
|
<title>The rationale for the above configuration items:</title>
|
|
|
|
<varlistentry>
|
|
<term><parameter>Randomize the address of the kernel image (KASLR)</parameter></term>
|
|
<listitem>
|
|
<para>Enable ASLR for kernel image, to mitigate some attacks based
|
|
on fixed addresses of sensitive data or code in the kernel.</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term>
|
|
<parameter>
|
|
Compile the kernel with warnings as errors
|
|
</parameter>
|
|
</term>
|
|
<listitem>
|
|
<para>This may cause building failure if the compiler and/or
|
|
configuration are different from those of the kernel
|
|
developers.</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term>
|
|
<parameter>
|
|
Enable kernel headers through /sys/kernel/kheaders.tar.xz
|
|
</parameter>
|
|
</term>
|
|
<listitem>
|
|
<para>This will require <command>cpio</command> building the kernel.
|
|
<command>cpio</command> is not installed by LFS.</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term><parameter>Strong Stack Protector</parameter></term>
|
|
<listitem>
|
|
<para>Enable SSP for the kernel. We've enabled it for the entire
|
|
userspace with <parameter>--enable-default-ssp</parameter>
|
|
configuring GCC, but the kernel does not use GCC default setting
|
|
for SSP. We enable it explicitly here.</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term><parameter>Support for uevent helper</parameter></term>
|
|
<listitem>
|
|
<para>Having this option set may interfere with device
|
|
management when using Udev/Eudev. </para>
|
|
</listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term><parameter>Maintain a devtmpfs</parameter></term>
|
|
<listitem>
|
|
<para>This will create automated device nodes which are populated by the
|
|
kernel, even without Udev running. Udev then runs on top of this,
|
|
managing permissions and adding symlinks. This configuration
|
|
item is required for all users of Udev/Eudev.</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term><parameter>Automount devtmpfs at /dev</parameter></term>
|
|
<listitem>
|
|
<para>This will mount the kernel view of the devices on /dev
|
|
upon switching to root filesystem just before starting
|
|
init.</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term><parameter>Support x2apic</parameter></term>
|
|
<listitem>
|
|
<para>Support running the interrupt controller of 64-bit x86
|
|
processors in x2APIC mode. x2APIC may be enabled by firmware on
|
|
64-bit x86 systems, and a kernel without this option enabled will
|
|
panic on boot if x2APIC is enabled by firmware. This option has
|
|
has no effect, but also does no harm if x2APIC is disabled by the
|
|
firmware.</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
|
|
</variablelist>
|
|
|
|
<para>Alternatively, <command>make oldconfig</command> may be more
|
|
appropriate in some situations. See the <filename>README</filename>
|
|
file for more information.</para>
|
|
|
|
<para>If desired, skip kernel configuration by copying the kernel
|
|
config file, <filename>.config</filename>, from the host system
|
|
(assuming it is available) to the unpacked <filename
|
|
class="directory">linux-&linux-version;</filename> directory. However,
|
|
we do not recommend this option. It is often better to explore all the
|
|
configuration menus and create the kernel configuration from
|
|
scratch.</para>
|
|
|
|
<para>Compile the kernel image and modules:</para>
|
|
|
|
<screen><userinput remap="make">make</userinput></screen>
|
|
|
|
<para>If using kernel modules, module configuration in <filename
|
|
class="directory">/etc/modprobe.d</filename> may be required.
|
|
Information pertaining to modules and kernel configuration is
|
|
located in <xref linkend="ch-config-udev"/> and in the kernel
|
|
documentation in the <filename
|
|
class="directory">linux-&linux-version;/Documentation</filename> directory.
|
|
Also, <filename>modprobe.d(5)</filename> may be of interest.</para>
|
|
|
|
<para>Unless module support has been disabled in the kernel configuration,
|
|
install the modules with:</para>
|
|
|
|
<screen><userinput remap="install">make modules_install</userinput></screen>
|
|
|
|
<para>After kernel compilation is complete, additional steps are
|
|
required to complete the installation. Some files need to be copied to
|
|
the <filename class="directory">/boot</filename> directory.</para>
|
|
|
|
<caution>
|
|
<para>If the host system has a separate /boot partition, the files copied
|
|
below should go there. The easiest way to do that is to bind /boot on the
|
|
host (outside chroot) to /mnt/lfs/boot before proceeding. As the
|
|
&root; user in the <emphasis>host system</emphasis>:</para>
|
|
|
|
<screen role="nodump"><userinput>mount --bind /boot /mnt/lfs/boot</userinput></screen>
|
|
</caution>
|
|
|
|
<para>The path to the kernel image may vary depending on the platform being
|
|
used. The filename below can be changed to suit your taste, but the stem of
|
|
the filename should be <emphasis>vmlinuz</emphasis> to be compatible with
|
|
the automatic setup of the boot process described in the next section. The
|
|
following command assumes an x86 architecture:</para>
|
|
|
|
<screen><userinput remap="install">cp -iv arch/x86/boot/bzImage /boot/vmlinuz-&linux-version;-lfs-&version;</userinput></screen>
|
|
|
|
<para><filename>System.map</filename> is a symbol file for the kernel.
|
|
It maps the function entry points of every function in the kernel API,
|
|
as well as the addresses of the kernel data structures for the running
|
|
kernel. It is used as a resource when investigating kernel problems.
|
|
Issue the following command to install the map file:</para>
|
|
|
|
<screen><userinput remap="install">cp -iv System.map /boot/System.map-&linux-version;</userinput></screen>
|
|
|
|
<para>The kernel configuration file <filename>.config</filename>
|
|
produced by the <command>make menuconfig</command> step
|
|
above contains all the configuration selections for the kernel
|
|
that was just compiled. It is a good idea to keep this file for future
|
|
reference:</para>
|
|
|
|
<screen><userinput remap="install">cp -iv .config /boot/config-&linux-version;</userinput></screen>
|
|
|
|
<para>Install the documentation for the Linux kernel:</para>
|
|
|
|
<screen><userinput remap="install">install -d /usr/share/doc/linux-&linux-version;
|
|
cp -r Documentation/* /usr/share/doc/linux-&linux-version;</userinput></screen>
|
|
|
|
<para>It is important to note that the files in the kernel source
|
|
directory are not owned by <emphasis>root</emphasis>. Whenever a
|
|
package is unpacked as user <emphasis>root</emphasis> (like we did
|
|
inside chroot), the files have the user and group IDs of whatever
|
|
they were on the packager's computer. This is usually not a problem
|
|
for any other package to be installed because the source tree is
|
|
removed after the installation. However, the Linux source tree is
|
|
often retained for a long time. Because of this, there is a chance
|
|
that whatever user ID the packager used will be assigned to somebody
|
|
on the machine. That person would then have write access to the kernel
|
|
source.</para>
|
|
|
|
<note>
|
|
<para>In many cases, the configuration of the kernel will need to be
|
|
updated for packages that will be installed later in BLFS. Unlike
|
|
other packages, it is not necessary to remove the kernel source tree
|
|
after the newly built kernel is installed.</para>
|
|
|
|
<para>If the kernel source tree is going to be retained, run
|
|
<command>chown -R 0:0</command> on the <filename
|
|
class="directory">linux-&linux-version;</filename> directory to ensure
|
|
all files are owned by user <emphasis>root</emphasis>.</para>
|
|
</note>
|
|
|
|
<warning>
|
|
<para>Some kernel documentation recommends creating a symlink from
|
|
<filename class="symlink">/usr/src/linux</filename> pointing to the kernel
|
|
source directory. This is specific to kernels prior to the 2.6 series and
|
|
<emphasis>must not</emphasis> be created on an LFS system as it can cause
|
|
problems for packages you may wish to build once your base LFS system is
|
|
complete.</para>
|
|
</warning>
|
|
|
|
<warning>
|
|
<para>The headers in the system's <filename
|
|
class="directory">include</filename> directory (<filename
|
|
class="directory">/usr/include</filename>) should
|
|
<emphasis>always</emphasis> be the ones against which Glibc was compiled,
|
|
that is, the sanitised headers installed in <xref
|
|
linkend="ch-tools-linux-headers"/>. Therefore, they should
|
|
<emphasis>never</emphasis> be replaced by either the raw kernel headers
|
|
or any other kernel sanitized headers.</para>
|
|
</warning>
|
|
|
|
</sect2>
|
|
|
|
<sect2 id="conf-modprobe" role="configuration">
|
|
<title>Configuring Linux Module Load Order</title>
|
|
|
|
<indexterm zone="conf-modprobe">
|
|
<primary sortas="e-/etc/modprobe.d/usb.conf">/etc/modprobe.d/usb.conf</primary>
|
|
</indexterm>
|
|
|
|
<para>Most of the time Linux modules are loaded automatically, but
|
|
sometimes it needs some specific direction. The program that loads
|
|
modules, <command>modprobe</command> or <command>insmod</command>, uses
|
|
<filename>/etc/modprobe.d/usb.conf</filename> for this purpose. This file
|
|
needs to be created so that if the USB drivers (ehci_hcd, ohci_hcd and
|
|
uhci_hcd) have been built as modules, they will be loaded in the correct
|
|
order; ehci_hcd needs to be loaded prior to ohci_hcd and uhci_hcd in order
|
|
to avoid a warning being output at boot time.</para>
|
|
|
|
<para>Create a new file <filename>/etc/modprobe.d/usb.conf</filename> by running
|
|
the following:</para>
|
|
|
|
<screen><userinput>install -v -m755 -d /etc/modprobe.d
|
|
cat > /etc/modprobe.d/usb.conf << "EOF"
|
|
<literal># Begin /etc/modprobe.d/usb.conf
|
|
|
|
install ohci_hcd /sbin/modprobe ehci_hcd ; /sbin/modprobe -i ohci_hcd ; true
|
|
install uhci_hcd /sbin/modprobe ehci_hcd ; /sbin/modprobe -i uhci_hcd ; true
|
|
|
|
# End /etc/modprobe.d/usb.conf</literal>
|
|
EOF</userinput></screen>
|
|
|
|
</sect2>
|
|
|
|
<sect2 id="contents-kernel" role="content">
|
|
<title>Contents of Linux</title>
|
|
|
|
<segmentedlist>
|
|
<segtitle>Installed files</segtitle>
|
|
<segtitle>Installed directories</segtitle>
|
|
|
|
<seglistitem>
|
|
<seg>config-&linux-version;,
|
|
vmlinuz-&linux-version;-lfs-&version;,
|
|
and System.map-&linux-version;</seg>
|
|
<seg>/lib/modules, /usr/share/doc/linux-&linux-version;</seg>
|
|
</seglistitem>
|
|
</segmentedlist>
|
|
|
|
<variablelist>
|
|
<bridgehead renderas="sect3">Short Descriptions</bridgehead>
|
|
<?dbfo list-presentation="list"?>
|
|
<?dbhtml list-presentation="table"?>
|
|
|
|
<varlistentry id="config">
|
|
<term><filename>config-&linux-version;</filename></term>
|
|
<listitem>
|
|
<para>Contains all the configuration selections for the kernel</para>
|
|
<indexterm zone="ch-bootable-kernel config">
|
|
<primary sortas="e-/boot/config">/boot/config-&linux-version;</primary>
|
|
</indexterm>
|
|
</listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry id="lfskernel">
|
|
<term><filename>vmlinuz-&linux-version;-lfs-&version;</filename></term>
|
|
<listitem>
|
|
<para>The engine of the Linux system. When turning on the computer,
|
|
the kernel is the first part of the operating system that gets loaded.
|
|
It detects and initializes all components of the computer's hardware,
|
|
then makes these components available as a tree of files to the
|
|
software and turns a single CPU into a multitasking machine capable
|
|
of running scores of programs seemingly at the same time</para>
|
|
<indexterm zone="ch-bootable-kernel lfskernel">
|
|
<primary sortas="b-lfskernel">lfskernel-&linux-version;</primary>
|
|
</indexterm>
|
|
</listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry id="System.map">
|
|
<term><filename>System.map-&linux-version;</filename></term>
|
|
<listitem>
|
|
<para>A list of addresses and symbols; it maps the entry points and
|
|
addresses of all the functions and data structures in the
|
|
kernel</para>
|
|
<indexterm zone="ch-bootable-kernel System.map">
|
|
<primary sortas="e-/boot/System.map">/boot/System.map-&linux-version;</primary>
|
|
</indexterm>
|
|
</listitem>
|
|
</varlistentry>
|
|
|
|
</variablelist>
|
|
|
|
</sect2>
|
|
|
|
</sect1>
|