| 1 |
Many thanks for your reply. |
| 2 |
|
| 3 |
The reason for compiling a kernel in gentoo tailored for use in debian |
| 4 |
is as follows. |
| 5 |
|
| 6 |
A while ago when the first set of kernels were made with the patches |
| 7 |
for the meltdown and spectre vulnerabilities, I |
| 8 |
installed the latest kernels with these fixes as soon as they were |
| 9 |
released into my gentoo install. |
| 10 |
|
| 11 |
Then I thought to do the same thing in debian. |
| 12 |
|
| 13 |
But there was a problem. |
| 14 |
|
| 15 |
Debian only put out new kernels from time to time and no spectre |
| 16 |
enabled off the shelf kernel was available. |
| 17 |
|
| 18 |
So that meant I would have to compile a custom kernel in debian as I |
| 19 |
did in gentoo which would have the spectre fix in it. |
| 20 |
|
| 21 |
This turned out not to be an easy task. |
| 22 |
|
| 23 |
At the time you could only compile the spectre fix with gcc 8 and you |
| 24 |
could only install it if you were running debian unstable (sid). |
| 25 |
|
| 26 |
I ended up upgrading my debian stretch install to unstable and |
| 27 |
installed gcc 8 with some effort. |
| 28 |
|
| 29 |
I tried to configure and install a new kernel using the make kpkg |
| 30 |
command in debian but I could not make it work. |
| 31 |
|
| 32 |
It seemed to me that building kernels in gentoo was a lot easier than |
| 33 |
in debian at the time. |
| 34 |
|
| 35 |
Since then off the shelf kernels have been created in debian that |
| 36 |
contain the meltdown and spectre fixes but I notice there seem to be |
| 37 |
new vulnerability fixes |
| 38 |
in the pipeline in upcoming kernel releases. |
| 39 |
|
| 40 |
So I then began to wonder if I could make an extra kernel that would |
| 41 |
be made to be used in debian at the same time as I would make the |
| 42 |
gentoo one - both |
| 43 |
kernels being made in gentoo. The debian one would be ported to my |
| 44 |
debian install. |
| 45 |
|
| 46 |
I then posted this on to the gentoo kernel page on the forum site and |
| 47 |
Neddy Seagoon the site administrator and Hu the moderator both helped |
| 48 |
with some creative |
| 49 |
suggestions see here: |
| 50 |
|
| 51 |
https://forums.gentoo.org/viewtopic-t-1096872.html |
| 52 |
|
| 53 |
Neddy Seagoon suggested (at least) two useful things: |
| 54 |
|
| 55 |
1. make a new copy of the makefile for the current kernel and change |
| 56 |
the EXTRAVERSION parameter from -gentoo to -debian: |
| 57 |
e.g. |
| 58 |
# SPDX-License-Identifier: GPL-2.0 |
| 59 |
VERSION = 5 |
| 60 |
PATCHLEVEL = 1 |
| 61 |
SUBLEVEL = 1 |
| 62 |
EXTRAVERSION = -gentoo |
| 63 |
NAME = Shy Crocodile |
| 64 |
|
| 65 |
He then pointed out that the kernel make system has some useful targets in it: |
| 66 |
... |
| 67 |
Kernel packaging: |
| 68 |
rpm-pkg - Build both source and binary RPM kernel packages |
| 69 |
binrpm-pkg - Build only the binary kernel RPM package |
| 70 |
deb-pkg - Build both source and binary deb kernel packages |
| 71 |
bindeb-pkg - Build only the binary kernel deb package |
| 72 |
... |
| 73 |
|
| 74 |
2. He then said I would have to copy the kernel directory contents and |
| 75 |
compile the new kernel in it etc. |
| 76 |
|
| 77 |
We then had a discussion about the fact that copying the kernel |
| 78 |
directory was kind of untidy etc. |
| 79 |
|
| 80 |
Then Hu made a post saying there there were ways to build multiple |
| 81 |
kernels from a single tree by setting certain environment variables |
| 82 |
($KBUILD_OUTPUT, $INSTALL_PATH, $INSTALL_MOD_PATH) that would mean you |
| 83 |
could avoid copying the kernel. |
| 84 |
|
| 85 |
I found a script Hu had posted on this elsewhere on the gentoo forums: |
| 86 |
|
| 87 |
#!/bin/bash |
| 88 |
|
| 89 |
TDIR="$1"; shift |
| 90 |
if [ -z "${TDIR}" ]; then |
| 91 |
TDIR="$(uname -r)" |
| 92 |
echo 'No release specified. Defaulting to '"\"$TDIR\""'.' |
| 93 |
fi |
| 94 |
|
| 95 |
TKERN="${TDIR/*_}" |
| 96 |
BDIR="$HOME"/kernel/ |
| 97 |
KSRC="${1:-/usr/src/linux-"${TKERN}"}"; shift |
| 98 |
|
| 99 |
export KBUILD_OUTPUT="${BDIR}${TDIR}/" |
| 100 |
export INSTALL_PATH="${BDIR}install/${TDIR}/boot/" |
| 101 |
export INSTALL_MOD_PATH="${BDIR}install/${TDIR}/" |
| 102 |
|
| 103 |
if [ ! -d "$KSRC" ]; then |
| 104 |
echo 'Directory '"$KSRC"' does not exist.' >&2 |
| 105 |
exit 1 |
| 106 |
fi |
| 107 |
|
| 108 |
for a in "$KBUILD_OUTPUT" "$INSTALL_PATH"; do |
| 109 |
if [ ! -d "$a" ]; then |
| 110 |
mkdir -p "$a" || exit $? |
| 111 |
echo "Created $a" |
| 112 |
fi |
| 113 |
done |
| 114 |
|
| 115 |
echo KBUILD_OUTPUT="${KBUILD_OUTPUT}" |
| 116 |
echo INSTALL_PATH="${INSTALL_PATH}" |
| 117 |
echo INSTALL_MOD_PATH="${INSTALL_MOD_PATH}" |
| 118 |
|
| 119 |
cd "$KSRC" |
| 120 |
exec /bin/bash |
| 121 |
|
| 122 |
I had a go at running it. |
| 123 |
|
| 124 |
If you look toward the end of the gentoo forums thread you will see |
| 125 |
the problems i encountered trying to do this in practice. |
| 126 |
|
| 127 |
I had problems making the make deb-pkg and/or make bindeb-pkg command |
| 128 |
work in gentoo. |
| 129 |
|
| 130 |
Then I had the idea of installing gentoo prefix in debian itself and |
| 131 |
experimenting with the idea of getting the host debian install |
| 132 |
to make the deb packages that produce the debian kernel image files |
| 133 |
and doing the initramfs set up but still using the gentoo |
| 134 |
prefix and portage to compile and configure the kernel itself ready |
| 135 |
for debian to do the packaging that gentoo seemed to be poor at |
| 136 |
doing in practice. |
| 137 |
|
| 138 |
I also looked at the electron builder package a bit to see if it could |
| 139 |
help here. |
| 140 |
|
| 141 |
Comments appreciated. |
| 142 |
|
| 143 |
Regards |
| 144 |
|
| 145 |
MF |
Archives