mirror of
https://github.com/linuxkit/linuxkit.git
synced 2025-07-20 09:39:08 +00:00
Merge pull request #2458 from rn/kbuild2
Further improvements to the kernel build process
This commit is contained in:
Rolf Neugebauer
GitHub
commit
655aeab873
@ -16,7 +16,7 @@ image is tagged with the full kernel version (e.g.,
|
||||
hash of the files it was created from (git tree hash of the `./kernel`
|
||||
directory). For selected kernels (mostly the LTS kernels and latest
|
||||
stable kernels) we also compile/push kernels with additional debugging
|
||||
enabled. The hub images for these kernels have the `_dbg` suffix in
|
||||
enabled. The hub images for these kernels have the `-dbg` suffix in
|
||||
the tag. For some kernels, we also provide matching packages
|
||||
containing the `perf` utility for debugging and performance tracing.
|
||||
The perf package is called `kernel-perf` and is tagged the same way as
|
||||
@ -140,16 +140,27 @@ kernel:
|
||||
|
||||
If you have committed your local changes, the `-dirty` will not be
|
||||
appended. Then you can also override the Hub organisation to use the
|
||||
image elsewhere with:
|
||||
image elsewhere with (and also disable image signing):
|
||||
|
||||
```sh
|
||||
make ORG=<your hub org>
|
||||
make ORG=<your hub org> NOTRUST=1
|
||||
```
|
||||
|
||||
The image will be uploaded to Hub and can be use in a YAML file as
|
||||
`<your hub org>/kernel:4.9.33` or as `<your hub
|
||||
org>/kernel:4.9.33-<hash>`.
|
||||
|
||||
The kernel build system has some provision to allow local
|
||||
customisation to the build.
|
||||
|
||||
If you want to override/add some kernel config options, you can add a
|
||||
file called `kernel_config-foo` and then invoke the build with `make
|
||||
EXTRA=-foo build_4.9.x-foo` and this will build an image with the
|
||||
additional kernel config options enabled.
|
||||
|
||||
If you want additional patches being applied, just copy them to the
|
||||
`patches-4.X.x` and the build process will pick them up.
|
||||
|
||||
|
||||
## Working with Linux kernel patches for LinuxKit
|
||||
|
||||
|
||||
@ -24,15 +24,14 @@ RUN apk add \
|
||||
tar \
|
||||
xz \
|
||||
xz-dev \
|
||||
zlib-dev && \
|
||||
zlib-dev
|
||||
|
||||
# libunwind-dev pkg is missed from arm64 now, below statement will be removed if the pkg is available.
|
||||
if [ $(uname -m) == x86_64 ]; then \
|
||||
apk add libunwind-dev; \
|
||||
fi
|
||||
RUN [ $(uname -m) == x86_64 ] && apk add libunwind-dev || true
|
||||
|
||||
ARG KERNEL_VERSION
|
||||
ARG KERNEL_SERIES
|
||||
ARG DEBUG
|
||||
ARG EXTRA
|
||||
|
||||
ENV KERNEL_SOURCE=https://www.kernel.org/pub/linux/kernel/v4.x/linux-${KERNEL_VERSION}.tar.xz
|
||||
ENV KERNEL_SHA256_SUMS=https://www.kernel.org/pub/linux/kernel/v4.x/sha256sums.asc
|
||||
@ -67,8 +66,7 @@ RUN set -e && for patch in /patches/*.patch; do \
|
||||
done
|
||||
|
||||
# Kernel config
|
||||
COPY kernel_config-${KERNEL_SERIES}* /linux/
|
||||
COPY kernel_config.debug /linux/debug_config
|
||||
COPY kernel_config* /linux/
|
||||
|
||||
RUN case $(uname -m) in \
|
||||
x86_64) \
|
||||
@ -79,14 +77,17 @@ RUN case $(uname -m) in \
|
||||
;; \
|
||||
esac && \
|
||||
cp /linux/kernel_config-${KERNEL_SERIES}-$(uname -m) ${KERNEL_DEF_CONF}; \
|
||||
if [ -n "${DEBUG}" ]; then \
|
||||
sed -i 's/CONFIG_PANIC_ON_OOPS=y/# CONFIG_PANIC_ON_OOPS is not set/' ${KERNEL_DEF_CONF}; \
|
||||
cat /linux/debug_config >> ${KERNEL_DEF_CONF}; \
|
||||
if [ -n "${EXTRA}" ]; then \
|
||||
sed -i "s/CONFIG_LOCALVERSION=\"-linuxkit\"/CONFIG_LOCALVERSION=\"-linuxkit${EXTRA}\"/" ${KERNEL_DEF_CONF}; \
|
||||
if [ "${EXTRA}" = "-dbg" ]; then \
|
||||
sed -i 's/CONFIG_PANIC_ON_OOPS=y/# CONFIG_PANIC_ON_OOPS is not set/' ${KERNEL_DEF_CONF}; \
|
||||
fi && \
|
||||
cat /linux/kernel_config${EXTRA} >> ${KERNEL_DEF_CONF}; \
|
||||
fi && \
|
||||
rm /linux/kernel_config-${KERNEL_SERIES}* && \
|
||||
rm /linux/kernel_config* && \
|
||||
make defconfig && \
|
||||
make oldconfig && \
|
||||
if [ -z "${DEBUG}" ]; then diff .config ${KERNEL_DEF_CONF}; fi
|
||||
if [ -z "${EXTRA}" ]; then diff .config ${KERNEL_DEF_CONF}; fi
|
||||
|
||||
RUN mkdir /out
|
||||
|
||||
@ -101,7 +102,7 @@ RUN make -j "$(getconf _NPROCESSORS_ONLN)" KCFLAGS="-fno-pie" && \
|
||||
;; \
|
||||
esac && \
|
||||
cp System.map /out && \
|
||||
([ -n "${DEBUG}" ] && cp vmlinux /out || true)
|
||||
([ "${EXTRA}" = "-dbg" ] && cp vmlinux /out || true)
|
||||
|
||||
# WireGuard
|
||||
RUN curl -sSL -o /wireguard.tar.xz "${WIREGUARD_URL}" && \
|
||||
|
||||
@ -17,6 +17,11 @@ ORG?=linuxkit
|
||||
IMAGE:=kernel
|
||||
IMAGE_PERF:=kernel-perf
|
||||
|
||||
# You can specify an extra options for the Makefile. This will:
|
||||
# - append a kernel_config$(EXTRA) to the kernel config for your kernel/arch
|
||||
# - append $(EXTRA) to the CONFIG_LOCALVERSION of your kernel
|
||||
EXTRA?=
|
||||
|
||||
ifeq ($(HASH),)
|
||||
HASH_COMMIT?=HEAD # Setting this is only really useful with the show-tag target
|
||||
HASH?=$(shell git ls-tree --full-tree $(HASH_COMMIT) -- $(CURDIR) | awk '{print $$3}')
|
||||
@ -49,6 +54,12 @@ COMMIT_LABEL=--label org.opencontainers.image.revision=$(REPO_COMMIT)
|
||||
endif
|
||||
LABELS=$(REPO_LABEL) $(COMMIT_LABEL)
|
||||
|
||||
ifeq ($(DOCKER_CONTENT_TRUST),)
|
||||
ifndef NOTRUST
|
||||
export DOCKER_CONTENT_TRUST=1
|
||||
endif
|
||||
endif
|
||||
|
||||
KERNEL_VERSIONS=
|
||||
|
||||
.PHONY: check tag push
|
||||
@ -71,8 +82,8 @@ sources:
|
||||
# This defines targets like:
|
||||
# build_4.9.x and push_4.9.x and adds them as dependencies
|
||||
# to the global targets
|
||||
# Set $3 to "_dbg", to build debug kernels. This defines targets like
|
||||
# build_4.9.x_dbg and adds "_dbg" to the hub image name.
|
||||
# Set $3 to "-dbg", to build debug kernels. This defines targets like
|
||||
# build_4.9.x-dbg and adds "-dbg" to the hub image name.
|
||||
define kernel
|
||||
|
||||
ifeq ($(3),)
|
||||
@ -81,23 +92,23 @@ sources/linux-$(1).tar.xz: Makefile | sources
|
||||
KERNEL_VERSIONS+=$(1)
|
||||
endif
|
||||
|
||||
build_$(2)$(3): Dockerfile Makefile $(wildcard patches-$(2)/*) $(wildcard kernel_config-$(2)*) kernel_config.debug | sources
|
||||
build_$(2)$(3): Dockerfile Makefile $(wildcard patches-$(2)/*) $(wildcard kernel_config-$(2)*) kernel_config-dbg | sources
|
||||
docker pull $(ORG)/$(IMAGE):$(1)$(3)-$(TAG)$(SUFFIX) || \
|
||||
docker build \
|
||||
--build-arg KERNEL_VERSION=$(1) \
|
||||
--build-arg KERNEL_SERIES=$(2) \
|
||||
--build-arg DEBUG=$(3) \
|
||||
--build-arg EXTRA=$(3) \
|
||||
$(LABELS) \
|
||||
--no-cache -t $(ORG)/$(IMAGE):$(1)$(3)-$(TAG)$(SUFFIX) .
|
||||
|
||||
push_$(2)$(3): build_$(2)$(3)
|
||||
@if [ x"$(DIRTY)" != x ]; then echo "Your repository is not clean. Will not push image"; exit 1; fi
|
||||
DOCKER_CONTENT_TRUST=1 docker pull $(ORG)/$(IMAGE):$(1)$(3)-$(TAG)$(SUFFIX) || \
|
||||
(DOCKER_CONTENT_TRUST=1 docker push $(ORG)/$(IMAGE):$(1)$(3)-$(TAG)$(SUFFIX) && \
|
||||
docker pull $(ORG)/$(IMAGE):$(1)$(3)-$(TAG)$(SUFFIX) || \
|
||||
(docker push $(ORG)/$(IMAGE):$(1)$(3)-$(TAG)$(SUFFIX) && \
|
||||
docker tag $(ORG)/$(IMAGE):$(1)$(3)-$(TAG)$(SUFFIX) $(ORG)/$(IMAGE):$(1)$(3)$(SUFFIX) && \
|
||||
DOCKER_CONTENT_TRUST=1 docker push $(ORG)/$(IMAGE):$(1)$(3)$(SUFFIX) && \
|
||||
$(PUSH_MANIFEST) $(ORG)/$(IMAGE):$(1)$(3)-$(TAG) 1 && \
|
||||
$(PUSH_MANIFEST) $(ORG)/$(IMAGE):$(1)$(3) 1)
|
||||
docker push $(ORG)/$(IMAGE):$(1)$(3)$(SUFFIX) && \
|
||||
$(PUSH_MANIFEST) $(ORG)/$(IMAGE):$(1)$(3)-$(TAG) $(DOCKER_CONTENT_TRUST) && \
|
||||
$(PUSH_MANIFEST) $(ORG)/$(IMAGE):$(1)$(3) $(DOCKER_CONTENT_TRUST))
|
||||
|
||||
show-tag_$(2)$(3):
|
||||
@echo $(ORG)/$(IMAGE):$(1)$(3)-$(TAG)
|
||||
@ -116,12 +127,12 @@ build_perf_$(2)$(3): build_$(2)$(3)
|
||||
|
||||
push_perf_$(2)$(3): build_perf_$(2)$(3)
|
||||
@if [ x"$(DIRTY)" != x ]; then echo "Your repository is not clean. Will not push image"; exit 1; fi
|
||||
DOCKER_CONTENT_TRUST=1 docker pull $(ORG)/$(IMAGE_PERF):$(1)$(3)-$(TAG)$(SUFFIX) || \
|
||||
(DOCKER_CONTENT_TRUST=1 docker push $(ORG)/$(IMAGE_PERF):$(1)$(3)-$(TAG)$(SUFFIX) && \
|
||||
docker pull $(ORG)/$(IMAGE_PERF):$(1)$(3)-$(TAG)$(SUFFIX) || \
|
||||
(docker push $(ORG)/$(IMAGE_PERF):$(1)$(3)-$(TAG)$(SUFFIX) && \
|
||||
docker tag $(ORG)/$(IMAGE_PERF):$(1)$(3)-$(TAG)$(SUFFIX) $(ORG)/$(IMAGE_PERF):$(1)$(3)$(SUFFIX) && \
|
||||
DOCKER_CONTENT_TRUST=1 docker push $(ORG)/$(IMAGE_PERF):$(1)$(3)$(SUFFIX) && \
|
||||
$(PUSH_MANIFEST) $(ORG)/$(IMAGE_PERF):$(1)$(3)-$(TAG) 1 && \
|
||||
$(PUSH_MANIFEST) $(ORG)/$(IMAGE_PERF):$(1)$(3) 1)
|
||||
docker push $(ORG)/$(IMAGE_PERF):$(1)$(3)$(SUFFIX) && \
|
||||
$(PUSH_MANIFEST) $(ORG)/$(IMAGE_PERF):$(1)$(3)-$(TAG) $(DOCKER_CONTENT_TRUST) && \
|
||||
$(PUSH_MANIFEST) $(ORG)/$(IMAGE_PERF):$(1)$(3) $(DOCKER_CONTENT_TRUST))
|
||||
|
||||
build: build_perf_$(2)$(3)
|
||||
push: push_perf_$(2)$(3)
|
||||
@ -133,11 +144,11 @@ endef
|
||||
# Build Targets
|
||||
# Debug targets only for latest stable and LTS stable
|
||||
#
|
||||
$(eval $(call kernel,4.12.8,4.12.x))
|
||||
$(eval $(call kernel,4.12.8,4.12.x,_dbg))
|
||||
$(eval $(call kernel,4.9.44,4.9.x))
|
||||
$(eval $(call kernel,4.9.44,4.9.x,_dbg))
|
||||
$(eval $(call kernel,4.4.83,4.4.x))
|
||||
$(eval $(call kernel,4.12.8,4.12.x,$(EXTRA)))
|
||||
$(eval $(call kernel,4.12.8,4.12.x,-dbg))
|
||||
$(eval $(call kernel,4.9.44,4.9.x,$(EXTRA)))
|
||||
$(eval $(call kernel,4.9.44,4.9.x,-dbg))
|
||||
$(eval $(call kernel,4.4.83,4.4.x,$(EXTRA)))
|
||||
|
||||
# Target for kernel config
|
||||
kconfig: | sources
|
||||
|
||||
Loading…
Reference in New Issue
Block a user