Add kernel build process description

2026-06-06 18:20:10 +02:00
parent fff967e72a
commit d192b0208b
2 changed files with 90 additions and 31 deletions
--- a/_posts/sysadm/2026-02-08-custom-gentoo-linux-kernel.tl
+++ b/_posts/sysadm/2026-02-08-custom-gentoo-linux-kernel.tl
@@ -0,0 +1,90 @@
+---
+layout: default
+title: Custom Gentoo Linux kernel
+date: 2026-02-08 17:44 +0100
+tags: kernel Gentoo
+---
+
+h2. Upgrading kernel
+
+Fetch firmware distfiles to install missing firmware files after reboot (when
+network can be unavailable):
+
+{% highlight bash %}
+emerge -f linux-firmware intel-microcode
+{% endhighlight %}
+
+Install new kernel version and update config:
+
+{% highlight bash %}
+USE="symlink" emerge -av gentoo-sources
+cd /usr/src
+cp -a linux-OLD/.config linux/
+make oldconfig
+{% endhighlight %}
+
+Configure setup options in _/etc/genkernel.conf_. Most important are:
+* @INSTALL@ - install kernel to _/boot_ directory, equivalent to:
+{% highlight bash %}
+genkernel --install kernel
+{% endhighlight %}
+* @SAVE_CONFIG@ - store kernel config in _/etc/kernels/_,
+* @LVM@, @MDADM@, @MDADM_CONFIG@ - add _initramfs_ support for booting from
+LVM/mdadm device , equivalent to one of:
+{% highlight bash %}
+genkernel --lvm initramfs
+genkernel --mdadm --mdadm-config=/etc/mdadm.conf initramfs
+{% endhighlight %}
+* @FIRMWARE@, @ALLFIRMWARE@, @FIRMWARE_DIR@ - include all firmware files from
+_/lib/firmware_ in _initramfs_. This assumes:
+** _sys-kernel/linux-firmware_ is installed with @+savedconfig@ and
+_/etc/portage/savedconfig/sys-kernel/linux-firmware-<PV>_ contains list of selected
+firmware files,
+** _sys-firmware/intel-microcode_ is installed with @+hostonly@.
+Equivalent to:
+{% highlight bash %}
+genkernel --all-firmware initramfs
+{% endhighlight %}
+* @MODULEREBUILD@ - re-emerge packages containing kernel modules after new kernel
+has been built, equivalent to:
+{% highlight bash %}
+emerge @module-rebuild
+{% endhighlight %}
+* @COMPRESS_INITRD_TYPE@ - compression algorithm has to be enabled in kernel,
+e.g. _xz_ setting requires @RD_XZ@ kernel option,
+* @TMPDIR@ - _/var/tmp/portage/genkernel_
+
+then run:
+{% highlight bash %}
+genkernel all
+{% endhighlight %}
+
+Reboot. Check for missing firmware files and install as necessary:
+
+{% highlight bash %}
+dmesg | grep firmware | grep failure
+{% endhighlight %}
+
+
+h2. Noteworthy kernel options
+
+Option names and configuration symbols are based on Linux Kernel v6.12.
+
+h3. Bluetooth
+
+Sending files over interface using e.g. @blueman@:
+
+* RFCOMM protocol support (@BT_RFCOMM@)
+
+h3. Security hardening
+
+Control flow Enforcement Technology, used when @+cet@ USE flag is enabled for
+build toolchain:
+* Indirect Branch Tracking (@X86_KERNEL_IBT@)
+* X86 userspace shadow stack (@X86_USER_SHADOW_STACK@)
+
+h3. Wireguard
+
+* IP: policy routing (@IP_MULTIPLE_TABLES@)
+
+###. TODO: merge wiki kernel install
--- a/_posts/sysadm/2026-02-08-kernel-non-obvious-options-for-custom-build.tl
+++ b/_posts/sysadm/2026-02-08-kernel-non-obvious-options-for-custom-build.tl
@@ -1,31 +0,0 @@
---
-layout: default
-title: Kernel non-obvious options for custom build
-date: 2026-02-08 17:44 +0100
-tags: kernel
---
-Compiling a custom kernel typically involves removing everything deemed
-unnecessary. This ensures the fastest and most secure kernel, as there is no
-faster and safer code than nonexistent code. Unfortunately, it's easy to remove
-too much: non-obvious elements that are essential for everyday work.
-
-The option names and configuration symbols you might want to add are based on
-kernel v6.12.
-
-
-h2. Bluetooth
-
-Sending files over e.g. @blueman@:
-
-* RFCOMM protocol support (@BT_RFCOMM@)
-
-h2. Security hardening
-
-Control flow Enforcement Technology, used when @cet@ USE flag is enabled for
-build toolchain:
-* Indirect Branch Tracking (@X86_KERNEL_IBT@)
-* X86 userspace shadow stack (@X86_USER_SHADOW_STACK@)
-
-h2. Wireguard
-
-* IP: policy routing (@IP_MULTIPLE_TABLES@)