From 08cb70a4dc4cf9f8fa3f3f1126bb3e1b04597cf9 Mon Sep 17 00:00:00 2001 From: RouxAntoine Date: Sat, 6 Jan 2024 14:21:23 +0100 Subject: [PATCH 01/15] Build and use custom kernel --- rootfs-kernel/kernel-config/fs.config | 2 + rootfs-kernel/kernel-config/net.config | 158 ++++++++++++++++++++++ rootfs-kernel/kernel-config/virtio.config | 16 +++ rootfs-kernel/kernel.sh | 47 +++++++ 4 files changed, 223 insertions(+) create mode 100644 rootfs-kernel/kernel-config/fs.config create mode 100644 rootfs-kernel/kernel-config/net.config create mode 100644 rootfs-kernel/kernel-config/virtio.config create mode 100755 rootfs-kernel/kernel.sh diff --git a/rootfs-kernel/kernel-config/fs.config b/rootfs-kernel/kernel-config/fs.config new file mode 100644 index 0000000..3bff23a --- /dev/null +++ b/rootfs-kernel/kernel-config/fs.config @@ -0,0 +1,2 @@ +CONFIG_EXT4_FS=y +CONFIG_OVERLAY_FS=y diff --git a/rootfs-kernel/kernel-config/net.config b/rootfs-kernel/kernel-config/net.config new file mode 100644 index 0000000..0738ef6 --- /dev/null +++ b/rootfs-kernel/kernel-config/net.config @@ -0,0 +1,158 @@ +CONFIG_VETH=y +CONFIG_BRIDGE=y +CONFIG_VXLAN=y + +CONFIG_IP_SET=y +CONFIG_IP_SET_BITMAP_IP=y +CONFIG_IP_SET_BITMAP_IPMAC=y +CONFIG_IP_SET_BITMAP_PORT=y +CONFIG_IP_SET_HASH_IP=y +CONFIG_IP_SET_HASH_IPMARK=y +CONFIG_IP_SET_HASH_IPPORT=y +CONFIG_IP_SET_HASH_IPPORTIP=y +CONFIG_IP_SET_HASH_IPPORTNET=y +CONFIG_IP_SET_HASH_IPMAC=y +CONFIG_IP_SET_HASH_MAC=y +CONFIG_IP_SET_HASH_NETPORTNET=y +CONFIG_IP_SET_HASH_NET=y +CONFIG_IP_SET_HASH_NETNET=y +CONFIG_IP_SET_HASH_NETPORT=y +CONFIG_IP_SET_HASH_NETIFACE=y +CONFIG_IP_SET_LIST_SET=y + +CONFIG_NETFILTER=y +CONFIG_NETFILTER_ADVANCED=y +CONFIG_NETFILTER_INGRESS=y +CONFIG_NETFILTER_NETLINK=y +CONFIG_NETFILTER_FAMILY_BRIDGE=y +CONFIG_NETFILTER_FAMILY_ARP=y +CONFIG_NETFILTER_NETLINK_ACCT=y +CONFIG_NETFILTER_NETLINK_QUEUE=y +CONFIG_NETFILTER_NETLINK_LOG=y +CONFIG_NETFILTER_NETLINK_OSF=y +CONFIG_NETFILTER_CONNCOUNT=y +CONFIG_NETFILTER_NETLINK_GLUE_CT=y +CONFIG_NETFILTER_SYNPROXY=y +CONFIG_NETFILTER_XTABLES=y +CONFIG_NETFILTER_XT_MARK=y +CONFIG_NETFILTER_XT_CONNMARK=y +CONFIG_NETFILTER_XT_SET=y +CONFIG_NETFILTER_XT_TARGET_AUDIT=y +CONFIG_NETFILTER_XT_TARGET_CHECKSUM=y +CONFIG_NETFILTER_XT_TARGET_CLASSIFY=y +CONFIG_NETFILTER_XT_TARGET_CONNMARK=y +CONFIG_NETFILTER_XT_TARGET_CONNSECMARK=y +CONFIG_NETFILTER_XT_TARGET_CT=y +CONFIG_NETFILTER_XT_TARGET_DSCP=y +CONFIG_NETFILTER_XT_TARGET_HL=y +CONFIG_NETFILTER_XT_TARGET_HMARK=y +CONFIG_NETFILTER_XT_TARGET_IDLETIMER=y +CONFIG_NETFILTER_XT_TARGET_LED=y +CONFIG_NETFILTER_XT_TARGET_LOG=y +CONFIG_NETFILTER_XT_TARGET_MARK=y +CONFIG_NETFILTER_XT_NAT=y +CONFIG_NETFILTER_XT_TARGET_NETMAP=y +CONFIG_NETFILTER_XT_TARGET_NFLOG=y +CONFIG_NETFILTER_XT_TARGET_NFQUEUE=y +CONFIG_NETFILTER_XT_TARGET_NOTRACK=y +CONFIG_NETFILTER_XT_TARGET_RATEEST=y +CONFIG_NETFILTER_XT_TARGET_REDIRECT=y +CONFIG_NETFILTER_XT_TARGET_TEE=y +CONFIG_NETFILTER_XT_TARGET_TPROXY=y +CONFIG_NETFILTER_XT_TARGET_TRACE=y +CONFIG_NETFILTER_XT_TARGET_SECMARK=y +CONFIG_NETFILTER_XT_TARGET_TCPMSS=y +CONFIG_NETFILTER_XT_TARGET_TCPOPTSTRIP=y +CONFIG_NETFILTER_XT_MATCH_ADDRTYPE=y +CONFIG_NETFILTER_XT_MATCH_BPF=y +CONFIG_NETFILTER_XT_MATCH_CGROUP=y +CONFIG_NETFILTER_XT_MATCH_CLUSTER=y +CONFIG_NETFILTER_XT_MATCH_COMMENT=y +CONFIG_NETFILTER_XT_MATCH_CONNBYTES=y +CONFIG_NETFILTER_XT_MATCH_CONNLABEL=y +CONFIG_NETFILTER_XT_MATCH_CONNLIMIT=y +CONFIG_NETFILTER_XT_MATCH_CONNMARK=y +CONFIG_NETFILTER_XT_MATCH_CONNTRACK=y +CONFIG_NETFILTER_XT_MATCH_CPU=y +CONFIG_NETFILTER_XT_MATCH_DCCP=y +CONFIG_NETFILTER_XT_MATCH_DEVGROUP=y +CONFIG_NETFILTER_XT_MATCH_DSCP=y +CONFIG_NETFILTER_XT_MATCH_ECN=y +CONFIG_NETFILTER_XT_MATCH_ESP=y +CONFIG_NETFILTER_XT_MATCH_HASHLIMIT=y +CONFIG_NETFILTER_XT_MATCH_HELPER=y +CONFIG_NETFILTER_XT_MATCH_HL=y +CONFIG_NETFILTER_XT_MATCH_IPCOMP=y +CONFIG_NETFILTER_XT_MATCH_IPRANGE=y +CONFIG_NETFILTER_XT_MATCH_IPVS=y +CONFIG_NETFILTER_XT_MATCH_L2TP=y +CONFIG_NETFILTER_XT_MATCH_LENGTH=y +CONFIG_NETFILTER_XT_MATCH_LIMIT=y +CONFIG_NETFILTER_XT_MATCH_MAC=y +CONFIG_NETFILTER_XT_MATCH_MARK=y +CONFIG_NETFILTER_XT_MATCH_MULTIPORT=y +CONFIG_NETFILTER_XT_MATCH_NFACCT=y +CONFIG_NETFILTER_XT_MATCH_OSF=y +CONFIG_NETFILTER_XT_MATCH_OWNER=y +CONFIG_NETFILTER_XT_MATCH_POLICY=y +CONFIG_NETFILTER_XT_MATCH_PHYSDEV=y +CONFIG_NETFILTER_XT_MATCH_PKTTYPE=y +CONFIG_NETFILTER_XT_MATCH_QUOTA=y +CONFIG_NETFILTER_XT_MATCH_RATEEST=y +CONFIG_NETFILTER_XT_MATCH_REALM=y +CONFIG_NETFILTER_XT_MATCH_RECENT=y +CONFIG_NETFILTER_XT_MATCH_SCTP=y +CONFIG_NETFILTER_XT_MATCH_SOCKET=y +CONFIG_NETFILTER_XT_MATCH_STATE=y +CONFIG_NETFILTER_XT_MATCH_STATISTIC=y +CONFIG_NETFILTER_XT_MATCH_STRING=y +CONFIG_NETFILTER_XT_MATCH_TCPMSS=y +CONFIG_NETFILTER_XT_MATCH_TIME=y +CONFIG_NETFILTER_XT_MATCH_U32=y + +CONFIG_NF_NAT=y +CONFIG_NF_NAT_NEEDED=y +CONFIG_NF_TABLES=y +CONFIG_NF_TABLES_SET=y +CONFIG_NF_TABLES_INET=y +CONFIG_NF_TABLES_NETDEV=y +CONFIG_NF_DUP_NETDEV=y +CONFIG_NF_FLOW_TABLE_INET=y +CONFIG_NF_FLOW_TABLE=y +CONFIG_NF_DEFRAG_IPV4=y +CONFIG_NF_TABLES_IPV4=y +CONFIG_NF_TABLES_ARP=y +CONFIG_NF_FLOW_TABLE_IPV4=y +CONFIG_NF_DUP_IPV4=y +CONFIG_NF_REJECT_IPV4=y +CONFIG_NF_NAT_IPV4=y +CONFIG_NF_NAT_MASQUERADE_IPV4=y +CONFIG_NF_TABLES_BRIDGE=y + +CONFIG_NF_CONNTRACK=y + +CONFIG_IP_NF_IPTABLES=y +CONFIG_IP_NF_MATCH_AH=y +CONFIG_IP_NF_MATCH_ECN=y +CONFIG_IP_NF_MATCH_RPFILTER=y +CONFIG_IP_NF_MATCH_TTL=y +CONFIG_IP_NF_FILTER=y +CONFIG_IP_NF_TARGET_REJECT=y +CONFIG_IP_NF_TARGET_SYNPROXY=y +CONFIG_IP_NF_NAT=y +CONFIG_IP_NF_TARGET_MASQUERADE=y +CONFIG_IP_NF_TARGET_NETMAP=y +CONFIG_IP_NF_TARGET_REDIRECT=y +CONFIG_IP_NF_MANGLE=y +CONFIG_IP_NF_TARGET_CLUSTERIP=y +CONFIG_IP_NF_TARGET_ECN=y +CONFIG_IP_NF_TARGET_TTL=y +CONFIG_IP_NF_RAW=y +CONFIG_IP_NF_SECURITY=y +CONFIG_IP_NF_ARPTABLES=y +CONFIG_IP_NF_ARPFILTER=y +CONFIG_IP_NF_ARP_MANGLE=y + +CONFIG_NFT_BRIDGE_REJECT=y + +CONFIG_BRIDGE_NETFILTER=y diff --git a/rootfs-kernel/kernel-config/virtio.config b/rootfs-kernel/kernel-config/virtio.config new file mode 100644 index 0000000..b00dc2b --- /dev/null +++ b/rootfs-kernel/kernel-config/virtio.config @@ -0,0 +1,16 @@ +CONFIG_BLK_MQ_VIRTIO=y +CONFIG_VIRTIO_BLK=y +CONFIG_VIRTIO_BLK_SCSI=y +CONFIG_SCSI_VIRTIO=y +CONFIG_VIRTIO_NET=y +CONFIG_VIRTIO_CONSOLE=y +CONFIG_HW_RANDOM_VIRTIO=y +CONFIG_VIRTIO=y +CONFIG_VIRTIO_MENU=y +CONFIG_VIRTIO_PCI=y +CONFIG_VIRTIO_PCI_LEGACY=y +CONFIG_VIRTIO_BALLOON=y +CONFIG_VIRTIO_INPUT=y +CONFIG_VIRTIO_MMIO=y +CONFIG_VIRTIO_MMIO_CMDLINE_DEVICES=y +CONFIG_CRYPTO_DEV_VIRTIO=y diff --git a/rootfs-kernel/kernel.sh b/rootfs-kernel/kernel.sh new file mode 100755 index 0000000..d478053 --- /dev/null +++ b/rootfs-kernel/kernel.sh @@ -0,0 +1,47 @@ +#!/usr/bin/env bash + +# inspired by https://github.com/oraoto/archlinux-firecracker/blob/master/scripts/build-arch-kernel.sh + +KERNEL_VERSION=5.11.2 + +mkdir -p build + +cd build + +## Install build tools +# pacman -Syu base-devel bc pahole --ignore linux-firmware + +## Get kernel source +curl -o linux.tar.xz "https://mirrors.tuna.tsinghua.edu.cn/kernel/v5.x/linux-$KERNEL_VERSION.tar.xz" +tar xf linux.tar.xz +cd linux-$KERNEL_VERSION/ + +## Get Archlinux kernel config +curl -o .config https://git.archlinux.org/svntogit/packages.git/plain/trunk/config?h=packages/linux + +## Disable modules +sed 's/\(.*\)=m/#\1 is not set/g' -i .config +sed 's/\(.*\)MOUSE\(.*\)=y/\1MOUSE\2=n/g' -i .config +sed 's/\(.*\)USB\(.*\)=y/\1USB\2=n/g' -i .config +sed 's/\(.*\)TOUCHSCREEN\(.*\)=y/\1TOUCHSCREEN\2=n/g' -i .config +sed 's/\(.*\)HID\(.*\)=y/\1HID\2=n/g' -i .config +sed 's/\(.*\)GPU\(.*\)=y/\1GPU\2=n/g' -i .config +sed 's/\(.*\)GPIO\(.*\)=y/\1GPIO\2=n/g' -i .config +sed 's/\(.*\)NVDIMM\(.*\)=y/\1NVDIMM\2=n/g' -i .config +sed 's/\(.*\)MFD\(.*\)=y/\1MFD\2=n/g' -i .config +sed 's/\(.*\)XEN\(.*\)=y/\1XEN\2=n/g' -i .config +sed 's/\(.*\)VIDEO\(.*\)=y/\1VIDEO\2=n/g' -i .config +# sed 's/\(.*\)PCI\(.*\)=y/\1PCI\2=n/g' -i .config +sed 's/\(.*\)WLAN\(.*\)=y/\1WLAN\2=n/g' -i .config +sed 's/\(.*\)DRM\(.*\)=y/\1DRM\2=n/g' -i .config + +cat ../../config/virtio.config >> .config +cat ../../config/fs.config >> .config +cat ../../config/net.config >> .config + +## Add KVM guest support +make kvm_guest.config + +make -j$(nproc) + +./scripts/extract-vmlinux ./arch/x86_64/boot/bzImage > ../../output/arch-vmlinux.bin -- 2.45.2 From 66e795d03d4a670685b85736d63ebde150701033 Mon Sep 17 00:00:00 2001 From: RouxAntoine Date: Sat, 6 Jan 2024 15:44:14 +0100 Subject: [PATCH 02/15] One little whitespace gets its very own commit! Oh, life is so erratic! Signed-off-by: RouxAntoine --- cmd/main.go | 2 +- rootfs-kernel/Makefile | 6 ++++- rootfs-kernel/kernel.sh | 56 ++++++++++++++++++++--------------------- 3 files changed, 34 insertions(+), 30 deletions(-) diff --git a/cmd/main.go b/cmd/main.go index 73c3e99..af7d704 100644 --- a/cmd/main.go +++ b/cmd/main.go @@ -93,7 +93,7 @@ func setupEnv() int { cfg := firecracker.Config{ SocketPath: socketPath, - KernelImagePath: "./out/vmlinux-5.10.204", + KernelImagePath: "./out/vmlinux", LogPath: "./out/firecracker.log", LogLevel: "Debug", KernelArgs: "console=ttyS0 reboot=k panic=1 pci=off", diff --git a/rootfs-kernel/Makefile b/rootfs-kernel/Makefile index 71cce6e..aa82d73 100644 --- a/rootfs-kernel/Makefile +++ b/rootfs-kernel/Makefile @@ -11,11 +11,15 @@ use-ubuntu: ../out/ubuntu-22.04.ext4 ../out/ubuntu-22.04.id_rsa ln -fs $< ../out/rootfs.ext4 kernel: ../out/vmlinux-5.10.204 - @echo "linux kernel retrieve" + ln -fs $< ../out/vmlinux ../out/vmlinux-5.10.204: wget -O $@ https://s3.amazonaws.com/spec.ccfc.min/firecracker-ci/v1.7/$(ARCH)/vmlinux-5.10.204 +CONFIG_FILE=$(wildcard ./kernel-config/*.config) +../out/vmvmlinux-custom: ./kernel.sh $(CONFIG_FILE) + bash ./kernel.sh + ../out/arch-rootfs.ext4: ./arch-rootfs.sh bash ./arch-rootfs.sh diff --git a/rootfs-kernel/kernel.sh b/rootfs-kernel/kernel.sh index d478053..2dbd9bc 100755 --- a/rootfs-kernel/kernel.sh +++ b/rootfs-kernel/kernel.sh @@ -2,46 +2,46 @@ # inspired by https://github.com/oraoto/archlinux-firecracker/blob/master/scripts/build-arch-kernel.sh -KERNEL_VERSION=5.11.2 +set -ex -mkdir -p build - -cd build +KERNEL_VERSION=v5.11 +WD=../out ## Install build tools # pacman -Syu base-devel bc pahole --ignore linux-firmware ## Get kernel source -curl -o linux.tar.xz "https://mirrors.tuna.tsinghua.edu.cn/kernel/v5.x/linux-$KERNEL_VERSION.tar.xz" -tar xf linux.tar.xz -cd linux-$KERNEL_VERSION/ +git clone https://github.com/torvalds/linux.git "$WD"/linux +git checkout $KERNEL_VERSION ## Get Archlinux kernel config -curl -o .config https://git.archlinux.org/svntogit/packages.git/plain/trunk/config?h=packages/linux +curl -o "$WD"/linux/.config https://git.archlinux.org/svntogit/packages.git/plain/trunk/config?h=packages/linux + +CONFIG_PATH="$WD"/linux/.config ## Disable modules -sed 's/\(.*\)=m/#\1 is not set/g' -i .config -sed 's/\(.*\)MOUSE\(.*\)=y/\1MOUSE\2=n/g' -i .config -sed 's/\(.*\)USB\(.*\)=y/\1USB\2=n/g' -i .config -sed 's/\(.*\)TOUCHSCREEN\(.*\)=y/\1TOUCHSCREEN\2=n/g' -i .config -sed 's/\(.*\)HID\(.*\)=y/\1HID\2=n/g' -i .config -sed 's/\(.*\)GPU\(.*\)=y/\1GPU\2=n/g' -i .config -sed 's/\(.*\)GPIO\(.*\)=y/\1GPIO\2=n/g' -i .config -sed 's/\(.*\)NVDIMM\(.*\)=y/\1NVDIMM\2=n/g' -i .config -sed 's/\(.*\)MFD\(.*\)=y/\1MFD\2=n/g' -i .config -sed 's/\(.*\)XEN\(.*\)=y/\1XEN\2=n/g' -i .config -sed 's/\(.*\)VIDEO\(.*\)=y/\1VIDEO\2=n/g' -i .config -# sed 's/\(.*\)PCI\(.*\)=y/\1PCI\2=n/g' -i .config -sed 's/\(.*\)WLAN\(.*\)=y/\1WLAN\2=n/g' -i .config -sed 's/\(.*\)DRM\(.*\)=y/\1DRM\2=n/g' -i .config +sed 's/\(.*\)=m/#\1 is not set/g' -i "$CONFIG_PATH" +sed 's/\(.*\)MOUSE\(.*\)=y/\1MOUSE\2=n/g' -i "$CONFIG_PATH" +sed 's/\(.*\)USB\(.*\)=y/\1USB\2=n/g' -i "$CONFIG_PATH" +sed 's/\(.*\)TOUCHSCREEN\(.*\)=y/\1TOUCHSCREEN\2=n/g' -i "$CONFIG_PATH" +sed 's/\(.*\)HID\(.*\)=y/\1HID\2=n/g' -i "$CONFIG_PATH" +sed 's/\(.*\)GPU\(.*\)=y/\1GPU\2=n/g' -i "$CONFIG_PATH" +sed 's/\(.*\)GPIO\(.*\)=y/\1GPIO\2=n/g' -i "$CONFIG_PATH" +sed 's/\(.*\)NVDIMM\(.*\)=y/\1NVDIMM\2=n/g' -i "$CONFIG_PATH" +sed 's/\(.*\)MFD\(.*\)=y/\1MFD\2=n/g' -i "$CONFIG_PATH" +sed 's/\(.*\)XEN\(.*\)=y/\1XEN\2=n/g' -i "$CONFIG_PATH" +sed 's/\(.*\)VIDEO\(.*\)=y/\1VIDEO\2=n/g' -i "$CONFIG_PATH" +# sed 's/\(.*\)PCI\(.*\)=y/\1PCI\2=n/g' -i "$CONFIG_PATH" +sed 's/\(.*\)WLAN\(.*\)=y/\1WLAN\2=n/g' -i "$CONFIG_PATH" +sed 's/\(.*\)DRM\(.*\)=y/\1DRM\2=n/g' -i "$CONFIG_PATH" -cat ../../config/virtio.config >> .config -cat ../../config/fs.config >> .config -cat ../../config/net.config >> .config +cat kernel-config/config/virtio.config >> "$CONFIG_PATH" +cat kernel-config/config/fs.config >> "$CONFIG_PATH" +cat kernel-config/config/net.config >> "$CONFIG_PATH" ## Add KVM guest support make kvm_guest.config -make -j$(nproc) - -./scripts/extract-vmlinux ./arch/x86_64/boot/bzImage > ../../output/arch-vmlinux.bin +#make -j$(nproc) +# +#./scripts/extract-vmlinux ./arch/x86_64/boot/bzImage > "$WD"/arch-vmlinux.bin -- 2.45.2 From 7128eb8e3573641f190473ff4acf8e6fc7647bf7 Mon Sep 17 00:00:00 2001 From: RouxAntoine Date: Sat, 6 Jan 2024 15:46:15 +0100 Subject: [PATCH 03/15] features Signed-off-by: RouxAntoine --- rootfs-kernel/Makefile | 5 ++++- rootfs-kernel/kernel.sh | 2 +- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/rootfs-kernel/Makefile b/rootfs-kernel/Makefile index aa82d73..ee731bb 100644 --- a/rootfs-kernel/Makefile +++ b/rootfs-kernel/Makefile @@ -10,7 +10,10 @@ use-arch: ../out/arch-rootfs.ext4 use-ubuntu: ../out/ubuntu-22.04.ext4 ../out/ubuntu-22.04.id_rsa ln -fs $< ../out/rootfs.ext4 -kernel: ../out/vmlinux-5.10.204 +use-kernel: ../out/vmlinux-5.10.204 + ln -fs $< ../out/vmlinux + +use-kernel-custom: ../out/vmvmlinux-custom ln -fs $< ../out/vmlinux ../out/vmlinux-5.10.204: diff --git a/rootfs-kernel/kernel.sh b/rootfs-kernel/kernel.sh index 2dbd9bc..494a1c8 100755 --- a/rootfs-kernel/kernel.sh +++ b/rootfs-kernel/kernel.sh @@ -44,4 +44,4 @@ make kvm_guest.config #make -j$(nproc) # -#./scripts/extract-vmlinux ./arch/x86_64/boot/bzImage > "$WD"/arch-vmlinux.bin +#./scripts/extract-vmlinux ./arch/x86_64/boot/bzImage > "$WD"/vmlinux-$KERNEL_VERSION.bin -- 2.45.2 From cf45badc748c1c83902f6ec65f8cc3cb7bcb73c8 Mon Sep 17 00:00:00 2001 From: RouxAntoine Date: Sat, 6 Jan 2024 15:50:11 +0100 Subject: [PATCH 04/15] more stuff Signed-off-by: RouxAntoine --- rootfs-kernel/kernel.sh | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/rootfs-kernel/kernel.sh b/rootfs-kernel/kernel.sh index 494a1c8..d464cd9 100755 --- a/rootfs-kernel/kernel.sh +++ b/rootfs-kernel/kernel.sh @@ -11,8 +11,7 @@ WD=../out # pacman -Syu base-devel bc pahole --ignore linux-firmware ## Get kernel source -git clone https://github.com/torvalds/linux.git "$WD"/linux -git checkout $KERNEL_VERSION +git clone --depth 1 --branch $KERNEL_VERSION https://github.com/torvalds/linux.git "$WD"/linux ## Get Archlinux kernel config curl -o "$WD"/linux/.config https://git.archlinux.org/svntogit/packages.git/plain/trunk/config?h=packages/linux -- 2.45.2 From e7ba78266c784c5d14aeaf6eac23ac2e427c4887 Mon Sep 17 00:00:00 2001 From: RouxAntoine Date: Sat, 6 Jan 2024 15:53:36 +0100 Subject: [PATCH 05/15] Update .gitignore Signed-off-by: RouxAntoine --- rootfs-kernel/kernel.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rootfs-kernel/kernel.sh b/rootfs-kernel/kernel.sh index d464cd9..2c95988 100755 --- a/rootfs-kernel/kernel.sh +++ b/rootfs-kernel/kernel.sh @@ -14,7 +14,7 @@ WD=../out git clone --depth 1 --branch $KERNEL_VERSION https://github.com/torvalds/linux.git "$WD"/linux ## Get Archlinux kernel config -curl -o "$WD"/linux/.config https://git.archlinux.org/svntogit/packages.git/plain/trunk/config?h=packages/linux +curl -o "$WD"/linux/.config https://gitlab.archlinux.org/archlinux/packaging/packages/linux/-/raw/2db49d4fbcda88d76a4c236ccb5a7986715d70ba/config CONFIG_PATH="$WD"/linux/.config -- 2.45.2 From b2232e6068dab04f294a24c3143bd2879db7cf3e Mon Sep 17 00:00:00 2001 From: RouxAntoine Date: Sat, 6 Jan 2024 15:55:17 +0100 Subject: [PATCH 06/15] Trust me, it's not badly written. It's just way above your head. Signed-off-by: RouxAntoine --- rootfs-kernel/kernel.sh | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/rootfs-kernel/kernel.sh b/rootfs-kernel/kernel.sh index 2c95988..a3c471a 100755 --- a/rootfs-kernel/kernel.sh +++ b/rootfs-kernel/kernel.sh @@ -34,12 +34,12 @@ sed 's/\(.*\)VIDEO\(.*\)=y/\1VIDEO\2=n/g' -i "$CONFIG_PATH" sed 's/\(.*\)WLAN\(.*\)=y/\1WLAN\2=n/g' -i "$CONFIG_PATH" sed 's/\(.*\)DRM\(.*\)=y/\1DRM\2=n/g' -i "$CONFIG_PATH" -cat kernel-config/config/virtio.config >> "$CONFIG_PATH" -cat kernel-config/config/fs.config >> "$CONFIG_PATH" -cat kernel-config/config/net.config >> "$CONFIG_PATH" +cat kernel-config/virtio.config >> "$CONFIG_PATH" +cat kernel-config/fs.config >> "$CONFIG_PATH" +cat kernel-config/net.config >> "$CONFIG_PATH" ## Add KVM guest support -make kvm_guest.config +make -C "$WD"/linux/ kvm_guest.config #make -j$(nproc) # -- 2.45.2 From 1ed7f4f1552d5965fbde1fbc2b7f5778d9fcb581 Mon Sep 17 00:00:00 2001 From: RouxAntoine Date: Sat, 6 Jan 2024 15:55:51 +0100 Subject: [PATCH 07/15] I was wrong... Signed-off-by: RouxAntoine --- rootfs-kernel/kernel.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/rootfs-kernel/kernel.sh b/rootfs-kernel/kernel.sh index a3c471a..bc6ea87 100755 --- a/rootfs-kernel/kernel.sh +++ b/rootfs-kernel/kernel.sh @@ -10,6 +10,7 @@ WD=../out ## Install build tools # pacman -Syu base-devel bc pahole --ignore linux-firmware +sudo rm -rf "$WD"/linux ## Get kernel source git clone --depth 1 --branch $KERNEL_VERSION https://github.com/torvalds/linux.git "$WD"/linux -- 2.45.2 From 77e8c07dc0307cfca9f0987cd982419ed5b7a2a6 Mon Sep 17 00:00:00 2001 From: RouxAntoine Date: Sat, 6 Jan 2024 19:22:16 +0100 Subject: [PATCH 08/15] I know what I am doing. Trust me. Signed-off-by: RouxAntoine --- rootfs-kernel/Makefile | 6 +++--- rootfs-kernel/kernel.sh | 18 ++++++++++++------ 2 files changed, 15 insertions(+), 9 deletions(-) diff --git a/rootfs-kernel/Makefile b/rootfs-kernel/Makefile index ee731bb..65ce6f5 100644 --- a/rootfs-kernel/Makefile +++ b/rootfs-kernel/Makefile @@ -13,15 +13,15 @@ use-ubuntu: ../out/ubuntu-22.04.ext4 ../out/ubuntu-22.04.id_rsa use-kernel: ../out/vmlinux-5.10.204 ln -fs $< ../out/vmlinux -use-kernel-custom: ../out/vmvmlinux-custom +use-kernel-custom: ../out/vmlinux-5.11 ln -fs $< ../out/vmlinux ../out/vmlinux-5.10.204: wget -O $@ https://s3.amazonaws.com/spec.ccfc.min/firecracker-ci/v1.7/$(ARCH)/vmlinux-5.10.204 CONFIG_FILE=$(wildcard ./kernel-config/*.config) -../out/vmvmlinux-custom: ./kernel.sh $(CONFIG_FILE) - bash ./kernel.sh +../out/vmlinux-5.11: ./kernel.sh $(CONFIG_FILE) + bash ./kernel.sh 5.11 ../out/arch-rootfs.ext4: ./arch-rootfs.sh bash ./arch-rootfs.sh diff --git a/rootfs-kernel/kernel.sh b/rootfs-kernel/kernel.sh index bc6ea87..2e30f5d 100755 --- a/rootfs-kernel/kernel.sh +++ b/rootfs-kernel/kernel.sh @@ -4,18 +4,20 @@ set -ex -KERNEL_VERSION=v5.11 +KERNEL_VERSION=$1 WD=../out +NPROC=4 ## Install build tools # pacman -Syu base-devel bc pahole --ignore linux-firmware +# disabling CONFIG_DEBUG_INFO_BTF so no pahole required sudo rm -rf "$WD"/linux ## Get kernel source -git clone --depth 1 --branch $KERNEL_VERSION https://github.com/torvalds/linux.git "$WD"/linux +git clone --depth 1 --branch v$KERNEL_VERSION https://github.com/torvalds/linux.git "$WD"/linux ## Get Archlinux kernel config -curl -o "$WD"/linux/.config https://gitlab.archlinux.org/archlinux/packaging/packages/linux/-/raw/2db49d4fbcda88d76a4c236ccb5a7986715d70ba/config +curl -o "$WD"/linux/.config https://gitlab.archlinux.org/archlinux/packaging/packages/linux/-/raw/5.11.16.arch1-1/config?ref_type=tags CONFIG_PATH="$WD"/linux/.config @@ -34,6 +36,7 @@ sed 's/\(.*\)VIDEO\(.*\)=y/\1VIDEO\2=n/g' -i "$CONFIG_PATH" # sed 's/\(.*\)PCI\(.*\)=y/\1PCI\2=n/g' -i "$CONFIG_PATH" sed 's/\(.*\)WLAN\(.*\)=y/\1WLAN\2=n/g' -i "$CONFIG_PATH" sed 's/\(.*\)DRM\(.*\)=y/\1DRM\2=n/g' -i "$CONFIG_PATH" +sed 's/\(.*\)BTF\(.*\)=y/\1BTF\2=n/g' -i "$CONFIG_PATH" cat kernel-config/virtio.config >> "$CONFIG_PATH" cat kernel-config/fs.config >> "$CONFIG_PATH" @@ -42,6 +45,9 @@ cat kernel-config/net.config >> "$CONFIG_PATH" ## Add KVM guest support make -C "$WD"/linux/ kvm_guest.config -#make -j$(nproc) -# -#./scripts/extract-vmlinux ./arch/x86_64/boot/bzImage > "$WD"/vmlinux-$KERNEL_VERSION.bin +make -j$NPROC EXTRA_CFLAGS=-Wno-error=use-after-free +#make -j$NPROC WERROR=0 + +cp ./vmlinux "$WD"/vmlinux-$KERNEL_VERSION + +sudo rm -rf "$WD"/linux -- 2.45.2 From f42205c99def257bd3d6cbbd32a200108e29a94a Mon Sep 17 00:00:00 2001 From: RouxAntoine Date: Sat, 6 Jan 2024 19:24:00 +0100 Subject: [PATCH 09/15] Pig Signed-off-by: RouxAntoine --- rootfs-kernel/kernel.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rootfs-kernel/kernel.sh b/rootfs-kernel/kernel.sh index 2e30f5d..f6cc7f3 100755 --- a/rootfs-kernel/kernel.sh +++ b/rootfs-kernel/kernel.sh @@ -45,7 +45,7 @@ cat kernel-config/net.config >> "$CONFIG_PATH" ## Add KVM guest support make -C "$WD"/linux/ kvm_guest.config -make -j$NPROC EXTRA_CFLAGS=-Wno-error=use-after-free +make -C "$WD"/linux/ -j$NPROC EXTRA_CFLAGS=-Wno-error=use-after-free #make -j$NPROC WERROR=0 cp ./vmlinux "$WD"/vmlinux-$KERNEL_VERSION -- 2.45.2 From 1f6300c8b3ef104cda40760fbfe4da10c94a1515 Mon Sep 17 00:00:00 2001 From: RouxAntoine Date: Sat, 6 Jan 2024 19:24:59 +0100 Subject: [PATCH 10/15] Put everything in its right place Signed-off-by: RouxAntoine --- rootfs-kernel/kernel.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/rootfs-kernel/kernel.sh b/rootfs-kernel/kernel.sh index f6cc7f3..eaf2a0e 100755 --- a/rootfs-kernel/kernel.sh +++ b/rootfs-kernel/kernel.sh @@ -45,8 +45,8 @@ cat kernel-config/net.config >> "$CONFIG_PATH" ## Add KVM guest support make -C "$WD"/linux/ kvm_guest.config -make -C "$WD"/linux/ -j$NPROC EXTRA_CFLAGS=-Wno-error=use-after-free -#make -j$NPROC WERROR=0 +#make -C "$WD"/linux/ -j$NPROC EXTRA_CFLAGS=-Wno-error=use-after-free +make -j$NPROC WERROR=0 cp ./vmlinux "$WD"/vmlinux-$KERNEL_VERSION -- 2.45.2 From 3fbe88a0e77a502f16f3f14596853b28da082a92 Mon Sep 17 00:00:00 2001 From: RouxAntoine Date: Sat, 6 Jan 2024 19:26:04 +0100 Subject: [PATCH 11/15] making code less cancer Signed-off-by: RouxAntoine --- rootfs-kernel/kernel.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rootfs-kernel/kernel.sh b/rootfs-kernel/kernel.sh index eaf2a0e..3b5948c 100755 --- a/rootfs-kernel/kernel.sh +++ b/rootfs-kernel/kernel.sh @@ -46,7 +46,7 @@ cat kernel-config/net.config >> "$CONFIG_PATH" make -C "$WD"/linux/ kvm_guest.config #make -C "$WD"/linux/ -j$NPROC EXTRA_CFLAGS=-Wno-error=use-after-free -make -j$NPROC WERROR=0 +make -C "$WD"/linux/ -j$NPROC WERROR=0 cp ./vmlinux "$WD"/vmlinux-$KERNEL_VERSION -- 2.45.2 From b266e4487e8a5aeec6c16fbf1c33e982e26de0a9 Mon Sep 17 00:00:00 2001 From: RouxAntoine Date: Sat, 6 Jan 2024 19:39:50 +0100 Subject: [PATCH 12/15] increased loading time by a bit Signed-off-by: RouxAntoine --- rootfs-kernel/kernel.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rootfs-kernel/kernel.sh b/rootfs-kernel/kernel.sh index 3b5948c..3bb5ff7 100755 --- a/rootfs-kernel/kernel.sh +++ b/rootfs-kernel/kernel.sh @@ -17,7 +17,7 @@ sudo rm -rf "$WD"/linux git clone --depth 1 --branch v$KERNEL_VERSION https://github.com/torvalds/linux.git "$WD"/linux ## Get Archlinux kernel config -curl -o "$WD"/linux/.config https://gitlab.archlinux.org/archlinux/packaging/packages/linux/-/raw/5.11.16.arch1-1/config?ref_type=tags +curl -o "$WD"/linux/.config https://gitlab.archlinux.org/archlinux/packaging/packages/linux/-/raw/main/config?ref_type=heads CONFIG_PATH="$WD"/linux/.config -- 2.45.2 From 3c7a555610fc2bd1c0b10e6a11ec292c702d02d4 Mon Sep 17 00:00:00 2001 From: RouxAntoine Date: Sat, 6 Jan 2024 20:05:41 +0100 Subject: [PATCH 13/15] Committing fixes in the dark, seriously, who killed my power!? Signed-off-by: RouxAntoine --- rootfs-kernel/kernel.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rootfs-kernel/kernel.sh b/rootfs-kernel/kernel.sh index 3bb5ff7..33c2755 100755 --- a/rootfs-kernel/kernel.sh +++ b/rootfs-kernel/kernel.sh @@ -48,6 +48,6 @@ make -C "$WD"/linux/ kvm_guest.config #make -C "$WD"/linux/ -j$NPROC EXTRA_CFLAGS=-Wno-error=use-after-free make -C "$WD"/linux/ -j$NPROC WERROR=0 -cp ./vmlinux "$WD"/vmlinux-$KERNEL_VERSION +cp "$WD"/vmlinux "$WD"/vmlinux-$KERNEL_VERSION sudo rm -rf "$WD"/linux -- 2.45.2 From e179a6c27bcb3426b6a9613c04fdfedd56cf5a07 Mon Sep 17 00:00:00 2001 From: RouxAntoine Date: Sat, 6 Jan 2024 20:31:51 +0100 Subject: [PATCH 14/15] pointless limitation Signed-off-by: RouxAntoine --- rootfs-kernel/kernel.sh | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/rootfs-kernel/kernel.sh b/rootfs-kernel/kernel.sh index 33c2755..020dde0 100755 --- a/rootfs-kernel/kernel.sh +++ b/rootfs-kernel/kernel.sh @@ -6,7 +6,7 @@ set -ex KERNEL_VERSION=$1 WD=../out -NPROC=4 +NPROC=8 ## Install build tools # pacman -Syu base-devel bc pahole --ignore linux-firmware @@ -48,6 +48,4 @@ make -C "$WD"/linux/ kvm_guest.config #make -C "$WD"/linux/ -j$NPROC EXTRA_CFLAGS=-Wno-error=use-after-free make -C "$WD"/linux/ -j$NPROC WERROR=0 -cp "$WD"/vmlinux "$WD"/vmlinux-$KERNEL_VERSION - -sudo rm -rf "$WD"/linux +cp "$WD"/linux/vmlinux "$WD"/vmlinux-$KERNEL_VERSION -- 2.45.2 From 81f0b99d6d322fd0bb53f2b48df4adf39b39cd3f Mon Sep 17 00:00:00 2001 From: RouxAntoine Date: Sat, 6 Jan 2024 21:02:06 +0100 Subject: [PATCH 15/15] /sigh Signed-off-by: RouxAntoine --- rootfs-kernel/Makefile | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/rootfs-kernel/Makefile b/rootfs-kernel/Makefile index 65ce6f5..6e63206 100644 --- a/rootfs-kernel/Makefile +++ b/rootfs-kernel/Makefile @@ -3,6 +3,8 @@ # aarch64 # x86_64 ARCH=x86_64 +KERNEL_VERSION=5.11 +CONFIG_FILE=$(wildcard ./kernel-config/*.config) use-arch: ../out/arch-rootfs.ext4 ln -fs $< ../out/rootfs.ext4 @@ -10,19 +12,18 @@ use-arch: ../out/arch-rootfs.ext4 use-ubuntu: ../out/ubuntu-22.04.ext4 ../out/ubuntu-22.04.id_rsa ln -fs $< ../out/rootfs.ext4 -use-kernel: ../out/vmlinux-5.10.204 +use-kernel-amazon: ../out/vmlinux-5.10.204 ln -fs $< ../out/vmlinux -use-kernel-custom: ../out/vmlinux-5.11 +use-kernel-custom: ../out/vmlinux-$(KERNEL_VERSION) ln -fs $< ../out/vmlinux +../out/vmlinux-$(KERNEL_VERSION): ./kernel.sh $(CONFIG_FILE) + bash ./kernel.sh $(KERNEL_VERSION) + ../out/vmlinux-5.10.204: wget -O $@ https://s3.amazonaws.com/spec.ccfc.min/firecracker-ci/v1.7/$(ARCH)/vmlinux-5.10.204 -CONFIG_FILE=$(wildcard ./kernel-config/*.config) -../out/vmlinux-5.11: ./kernel.sh $(CONFIG_FILE) - bash ./kernel.sh 5.11 - ../out/arch-rootfs.ext4: ./arch-rootfs.sh bash ./arch-rootfs.sh -- 2.45.2