ecoppens/liminix
1
0
Fork 0
forked from DGNum/liminix
Code Pull requests Activity
liminix/pkgs/kernel/default.nix
Daniel Barlow b9c0d93670 build modules at same time as main kernel vmlinux 
This changes the practice for building kernel modules: now we expect
that the appropriate Kconfig symbols are set to =m in
config.kernel.config, and then use pkgs.kmodloader to create
a service that loads and unloads all the modules depended on by
a particular requirement.

Note that modules won't be installed on the target device just by
virue of having been built: only the modules that are referenced by a
kmodloader package will be in the closure.

An example may make this clearer: see modules/firewall/default.nix
in this commit.

Why?

If you have a compiled Linux kernel source tree and you change some
symbol from "is not set" to m and then run make modules, you cannot in
general expect that newly compiled module to work. This is because
there are places in the build of the main kernel where it looks to see
which modules _may_ be defined and uses that information to
accommodate them.

For example in an in-kernel build of

  https://github.com/torvalds/linux/blob/master/net/netfilter/core.c#L689

some symbols are defined only if CONFIG_NF_CONNTRACK is set, meaning
this code won't work if we have it unset initially then try later to
enable it and build modules only. Or see

  https://github.com/torvalds/linux/blob/master/include/linux/netdevice.h#L160
2024-02-11 23:47:11 +00:00

110 lines
3.3 KiB
Nix
Raw Blame History

{ stdenv
, buildPackages
, runCommand
, writeText
, lib
, config
, src
, version ? "0"
, extraPatchPhase ? "echo"
, targets ? ["vmlinux"]
} :
let
writeConfig = import ./write-kconfig.nix { inherit lib writeText; };
kconfigFile = writeConfig "kconfig" config;
arch = stdenv.hostPlatform.linuxArch;
targetNames = map baseNameOf targets;
inherit lib; in
stdenv.mkDerivation rec {
name = "kernel";
inherit src extraPatchPhase;
hardeningDisable = ["all"];
nativeBuildInputs = [buildPackages.stdenv.cc] ++
(with buildPackages.pkgs; [
rsync bc bison flex pkg-config
openssl ncurses.all perl
]);
CC = "${stdenv.cc.bintools.targetPrefix}gcc";
HOSTCC = with buildPackages.pkgs;
"gcc -I${openssl}/include -I${ncurses}/include";
HOST_EXTRACFLAGS = with buildPackages.pkgs;
"-I${openssl.dev}/include -L${openssl.out}/lib -L${ncurses.out}/lib";
PKG_CONFIG_PATH = "./pkgconfig";
CROSS_COMPILE = stdenv.cc.bintools.targetPrefix;
ARCH = arch;
KBUILD_BUILD_HOST = "liminix.builder";
dontStrip = true;
dontPatchELF = true;
outputs = ["out" "headers" "modulesupport"] ++ targetNames;
phases = [
"unpackPhase"
"butcherPkgconfig"
"extraPatchPhase"
"patchPhase"
"patchScripts"
"configurePhase"
"checkConfigurationPhase"
"buildPhase"
"installPhase"
];
patches = [
./cmdline-cookie.patch
./mips-malta-fdt-from-bootloader.patch
] ++ lib.optional (lib.versionOlder version "5.18.0")
./phram-allow-cached-mappings.patch;
# this is here to work around what I think is a bug in nixpkgs
# packaging of ncurses: it installs pkg-config data files which
# don't produce any -L options when queried with "pkg-config --lib
# ncurses". For a regular build you'll never even notice, this only
# becomes an issue if you do a nix-shell in this derivation and
# expect "make nconfig" to work.
butcherPkgconfig = ''
cp -r ${buildPackages.pkgs.ncurses.dev}/lib/pkgconfig .
chmod +w pkgconfig pkgconfig/*.pc
for i in pkgconfig/*.pc; do test -f $i && sed -i 's/^Libs:/Libs: -L''${libdir} /' $i;done
'';
patchScripts = ''
# Make kexec pass dtb in register when invoking new kernel. The
# code to do this is already present, but bracketed by UHI_BOOT
# which we can't enable.
sed -i arch/mips/kernel/machine_kexec.c -e 's/CONFIG_UHI_BOOT/CONFIG_MIPS/g'
patchShebangs scripts/
'';
configurePhase = ''
export KBUILD_OUTPUT=`pwd`
cp ${kconfigFile} .config
cp ${kconfigFile} .config.orig
make V=1 olddefconfig
'';
checkConfigurationPhase = ''
echo Checking required config items:
if comm -2 -3 <(grep 'CONFIG' ${kconfigFile} |sort) <(grep 'CONFIG' .config|sort) |grep '.' ; then
echo -e "^^^ Some configuration lost :-(\nPerhaps you have mutually incompatible settings, or have disabled options on which these depend.\n"
exit 0
fi
echo "OK"
'';
buildPhase = ''
make ${lib.concatStringsSep " " targetNames} modules_prepare -j$NIX_BUILD_CORES
'';
installPhase = ''
${CROSS_COMPILE}strip -d vmlinux
${lib.concatStringsSep "\n" (map (f: "cp ${f} \$${baseNameOf f}") targets)}
cp vmlinux $out
mkdir -p $headers
cp -a include .config $headers/
mkdir -p $modulesupport
make modules
cp -a . $modulesupport
'';
}
View git blame Copy permalink