This updates the Linux kernel configuration, removing irrelevant
networking-related components, and switching framebuffer drivers to
the DRM-based ones. With this, we can finally bootstrap on systems
with newer NVIDIA cards, which would green screen with the nvidiafb
driver.
KVM is still disabled, see #443 - VIRTUALIZATION is also disabled,
as it's useless without KVM or any other suboption being enabled.
Additionally, we can now drop the bad-asm patch, since our newer
binutils has no problem supporting that syntax, and it doesn't look
quite innocuous to me, removing an offset from a memory access.
The kernel is now built in 2 stages: first, we build vmlinux only,
then, after cleaning up any intermediate .o files (except the ones
needed to build efistub), we convert it to a bzImage. This required
some creative use of the -o option to convince Make not to rebuild
all of the .o files we've just deleted as dependencies.
This is the last LTS version buildable using GCC 4.0.x. The next one,
version 4.19, requires at least GCC 4.6.
Fortunately, this is also the first version of the Linux kernel
without firmware blobs being included in /firmware, so the FSFLA
deblob scripts aren't needed anymore to ensure a fully auditable
kernel - the 3 remaining drivers that do include blobs masquerading
as source code are removed via a patch, avoiding all the other side
effects of the deblob scripts.
This doesn't compromise the trustworthiness of the bootstrapped
environment, since all the other drivers deblob would remove use
the firmware loader mechanism, which does nothing when the actual
firmware blobs aren't installed on the system separately. Features
dependent on firmware still won't work, but many drivers that load
firmware do so only optionally. This includes r8169, the driver for
the Realtek gigabit NICs found on many x86 motherboards.
This kernel is considerably larger than 4.9.10, and we build more
of it (including drivers that would previously get stripped away by
the deblob script, such as r8169), so to accommodate that, Fiwix
initrd size is increased by 64MiB, while lowering kexec space by
the same amount to ensure enough userspace memory available in Fiwix.
Fiwix's maximum open file count is also bumped from 1.5K to 2.5K.
The Documentation folder is deleted before build, to further save
space in the ramdisk.
* Enable additional hardware drivers in Linux for better bare metal
display, network & input device compatibility
* Disable ATA-over-Ethernet support, because it spams the network
with unnecessary packets, is basically useless for bootstrapping,
and may even be a security risk
* Increase Fiwix initrd size to 1280MB to fit a larger Linux build
* Make the Fiwix kexec size configurable the same way as initrd
(and reduce from 280MB to 256MB which is sufficient in my testing)
* Use a more conservative memory map for Fiwix & Linux
* Boot Linux with consoleblank=0 on bare metal, so the build won't
go blind after 5 minutes
* Support kexec-fiwix with interrupts disabled (will be useful later
when builder-hex0 is updated)
Linux's KBUILD doesn't follow SOURCE_DATE_EPOCH, but rather it
uses its own variable, KBUILD_BUILD_TIMESTAMP.
While we are at it, also update kexec-linux's checksum, which
didn't match either. (This one was reproducible, it was just
out of date.)
- This idea originates from very early in the project and was, at the
time, a very easy way to categorise things.
- Now, it doesn't really make much sense - it is fairly arbitary, often
occuring when there is a change in kernel, but not from builder-hex0
to fiwix, and sysb is in reality completely unnecessary.
- In short, the sys* stuff is a bit of a mess that makes the project
more difficult to understand.
- This puts everything down into one folder and has a manifest file that
is used to generate the build scripts on the fly rather than using
coded scripts.
- This is created in the "seed" stage.
stage0-posix -- (calls) --> seed -- (generates) --> main steps
Alongside this change there are a variety of other smaller fixups to the
general structure of the live-bootstrap rootfs.
- Creating a rootfs has become much simpler and is defined as code in
go.sh. The new structure, for an about-to-be booted system, is
/
-- /steps (direct copy of steps/)
-- /distfiles (direct copy of distfiles/)
-- all files from seed/*
-- all files from seed/stage0-posix/*
- There is no longer such a thing as /usr/include/musl, this didn't
really make any sense, as musl is the final libc used. Rather, to
separate musl and mes, we have /usr/include/mes, which is much easier
to work with.
- This also makes mes easier to blow away later.
- A few things that weren't properly in packages have been changed;
checksum-transcriber, simple-patch, kexec-fiwix have all been given
fully qualified package names.
- Highly breaking change, scripts now exist in their package directory
but NOT WITH THE packagename.sh. Rather, they use pass1.sh, pass2.sh,
etc. This avoids manual definition of passes.
- Ditto with patches; default directory is patches, but then any patch
series specific to a pass are named patches-passX.
Googulator
fosslinux
Andrius Štikonas
rick-masters
Eduardo Sánchez Muñoz