Building XEN dom0 and domU Linux kernels

Introduction

dom0

Slackware current always tracks the latest longterm tagged kernel so you could simply use the sources provided from the K set. But let us get things staight with the very latest longterm.

We also eventually apply the latest available REISER4 patch – check it first to see what release it matches against.

domU only

Latest available TMEM kernel was 5.2.21.

Requirements

Slackware

slackpkg search elfutils
slackpkg search bc-1

eventually get rid of older and unused kernels

ls -lF /var/log/packages/kernel-*
#removepkg ...

however if you get rid of kernel headers too early you get

kernel "fatal error: linux/errno.h: No such file or directory"

TODO try this once again after you’ve build the new kernel and rebooted

Preparing

cd /usr/src/
screen -S kernel-build

eventually check what is the latest-available reiser kernel patch

then grab the latest stable kernel source tarball

ver=5.15.41

cd /usr/src/
wget https://cdn.kernel.org/pub/linux/kernel/v5.x/linux-$ver.tar.xz
wget https://cdn.kernel.org/pub/linux/kernel/v5.x/linux-$ver.tar.sign

and verify

#gunzip linux-5.13.19.tar.gz
unxz linux-5.13.19.tar.xz

#wget -q -O - https://git.kernel.org/pub/scm/docs/kernel/pgpkeys.git/plain/keys/79BE3E4300411886.asc | gpg --import -
wget -q -O - https://git.kernel.org/pub/scm/docs/kernel/pgpkeys.git/plain/keys/38DBBDC86092693E.asc | gpg --import -
gpg --verify linux-5.13.19.tar.sign
# 647F 2865 4894 E3BD 4571  99BE 38DB BDC8 6092 693E

Scripts

This guide has been replaced and implemented as scripts already.

Quick & dirty for a minimal working XEN environemnt

wget https://pub.nethence.com/bin/xen/build0.bash.txt
wget https://pub.nethence.com/bin/xen/buildU.bash.txt
mv build0.bash.txt build0.bash
mv buildU.bash.txt buildU.bash
chmod +x build0.bash buildU.bash

Full-blown kernel with many things incl. Docker and REISER4 support

wget https://pub.nethence.com/bin/xen/buildom0.ksh.txt
wget https://pub.nethence.com/bin/xen/buildomU.ksh.txt
mv buildom0.ksh.txt buildom0.ksh
mv buildomU.ksh.txt buildomU.ksh
chmod +x buildom0.ksh buildomU.ksh

You are now ready to build the kernel with those scripts

nice ./build0.bash linux-5.15.28.tar.xz
# 14m24.761s on bravo
# 7m2.971s on pmr2

echo $MAKEFLAGS
export MAKEFLAGS

nice ./buildom0.ksh linux-5.13.19.tar reiser4-for-5.13.patch.gz
# 26m on pro5s2
# 1h18m on xc

nice ./buildomU.ksh linux-5.13.19.tar reiser4-for-5.13.patch.gz
# 5m46.200s on pro5s1

DomU modules

as XEM_TMEM module keeps being a module, we need to deliver it to the guests to use TMEM

guest=GUEST

cd /data/guests/$guest/
fsck.ext4 $guest.ext4
mkdir lala/
mount -o loop,rw $guest.ext4 lala/

mkdir -p lala/lib/modules/
ls -alkF lala/lib/modules/
rm -rf lala/lib/modules/*
#for ball in `ls -1 /data/kernels/lib.modules.*.tar.gz`; do
#        echo -n $ball...
#        tar xzf $ball -C lala/lib/modules/ && echo done
#done; unset ball
tar xzf /data/kernels/lib.modules.$version.tar.gz -C lala/lib/modules/
ls -alkF lala/lib/modules/

cat lala/etc/modules
echo tmem >> lala/etc/modules

umount lala/
rmdir lala/
xl create $guest -c

and verify that everything works as expected onto a new guest, including TMEM and Docker,

zcat /proc/config.gz | grep TMEM
zcat /proc/config.gz | grep CLEANCACHE
lsmod | grep tmem
watch free -m

zcat /proc/config.gz | grep OVERLAY
docker ps -a

Dom0-only – enable at boot-time

You’re now good to handle booting with your boot-loader of choice

Ready to go

also make sure those are in place

ls -lF /lib/modules/`uname -r`/build
ls -lF /lib/modules/`uname -r`/source

==> should symlink against /usr/src/KERNEL

Resources

xen

Xen https://wiki.gentoo.org/wiki/Xen

Mainline Linux Kernel Configs https://wiki.xenproject.org/wiki/Mainline_Linux_Kernel_Configs

kernel config

Kernel/Traditional compilation https://wiki.archlinux.org/index.php/Kernels/Traditional_compilation

Complete Handbook/Building the Linux kernel https://wiki.gentoo.org/wiki/Complete_Handbook/Building_the_Linux_kernel

What exactly does Linux kernel’s make defconfig do? https://stackoverflow.com/questions/41885015/what-exactly-does-linux-kernels-make-defconfig-do

CONFIG_IKCONFIG: Kernel .config support https://cateee.net/lkddb/web-lkddb/IKCONFIG.html

Kernel/IKCONFIG Support https://wiki.gentoo.org/wiki/Kernel/IKCONFIG_Support

Chapter 8. Customizing a Kernel https://www.linuxtopia.org/online_books/linux_kernel/kernel_configuration/ch08s02.html

tools/make-kernel-config https://github.com/juergh/tools/blob/master/make-kernel-config

Kernel/Configuration https://wiki.gentoo.org/wiki/Kernel/Configuration

Universal TUN/TAP device driver. https://www.kernel.org/doc/Documentation/networking/tuntap.txt

Obtain kernel config from currently running Linux system? https://superuser.com/questions/287371/obtain-kernel-config-from-currently-running-linux-system

docker

Use the OverlayFS storage driver https://docs.docker.com/storage/storagedriver/overlayfs-driver/

Verify your Linux Kernel for Container Compatibility https://blog.hypriot.com/post/verify-kernel-container-compatibility/

kernel sig

BuildingKernelFromUpstreamSources https://wiki.debian.org/BuildingKernelFromUpstreamSources

Subject: Distributing kernel developer PGP keys via pgpkeys.git https://lore.kernel.org/lkml/20190830143027.cffqda2vzggrtiko@chatter.i7.local/

[SOLVED] Hello, verifying kernel source https://www.linuxquestions.org/questions/linux-kernel-70/hello-verifying-kernel-source-914748/

[SOLVED] question about gpg –verify https://www.linuxquestions.org/questions/linux-kernel-70/question-about-gpg-verify-4175670589/

gpg2 locate keys wont work (immediately returns) https://askubuntu.com/questions/1007287/gpg2-locate-keys-wont-work-immediately-returns

Are You Absolutely Certain That You Have The Real Source Code? https://blog.learningtree.com/absolutely-certain-real-source-code/

Failed to fetch the gpg key from keys.gnupg.net #3544 https://github.com/rvm/rvm/issues/3544

How to install gpg keys from behind a firewall? https://serverfault.com/questions/168826/how-to-install-gpg-keys-from-behind-a-firewall

Distributing keys https://www.gnupg.org/gph/en/manual/x457.html

Unable to add gpg key with apt-key behind a proxy https://unix.stackexchange.com/questions/361213/unable-to-add-gpg-key-with-apt-key-behind-a-proxy

key servers

Hockeypuck OpenPGP keyserver https://keyserver.ubuntu.com/

keys.openpgp.org https://keys.openpgp.org/about/usage

index : kernel/pgpkeys.git https://git.kernel.org/pub/scm/docs/kernel/pgpkeys.git/tree/keys


HOME | GUIDES | LECTURES | LAB | SMTP HEALTH | NU | HTML5
Copyright © 2022 Pierre-Philipp Braun