-
Notifications
You must be signed in to change notification settings - Fork 30
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Improve kernel building automation #199
Conversation
Signed-off-by: Fil <fil@filberg.eu>
This fixes kernel/makefile to skip downloading the source tar and/or extracting it during kernel rebuilds, it its not needed (i.e. when $(KERNEL_EXTRACTED) already exists). The fix consists in turning the directory prerequisites from "normal" to "order-only" prerequisites, so that any timestamp change in the required folders doesn't uselessly trigger the make'ing of $(KERNEL_EXTRACTED) target. Also, this commit adds $(KERNEL_TAR_SIGNATURE) target as a prerequisite of $(KERNEL_EXTRACTED) to ensure that the corresponding signature file always exists for a given source tar. This fixes the "file not found" error when gpg-verifying the downloaded tar when building a new kernel version. Signed-off-by: Fil <fil@filberg.eu>
This commit introduces a feature that allows to programmatically override the value of "KVER" by export'ing the global PRAWNOS_KVER with the desired kernel version. This allows to build any kernel version at runtime without depending on the hard-coded value in BuildCommon.mk e.g. to build version 5.4.57: $ export PRAWNOS_KVER="5.4.57"; make kernel; Signed-off-by: Fil <fil@filberg.eu>
This introduces function build_latest_kernel() that automatically fetches the latest kernel version from the upstream URL and launches a regular kernel build for the latest version found. This should prove to be very usefull to automate kernel builds on a headless build server (e.g. via a cron job), by continuously monitoring upstream for any new release. Signed-off-by: Fil <fil@filberg.eu>
*) Minor cleanups *) Read /path/to/vmlinux.kpart from command line args instead of hard-coding it inside the script. Signed-off-by: Fil <fil@filberg.eu>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I would like to keep the signature in the tree
Thanks for the work @filberg! |
For what purpose would you like to do keep it there? One could then add a prerequisite make target to verify that the public key is in the keyring and import it if necessary. I can work on a PR in this direction, if you agree with the above reasoning. Cheers! |
as you can see in
I think my desire to keep the signature in the tree came from a time where I was trying to keep the entire kernel source in the tree as well, unfortunately it is too large for github. you make a good point about the public key being the true root of trust, I guess there isn't much point to keeping the signature in the tree as well.... One last thing then, could you clear up for me the need for the "pipes/or/bars" in target dependencies like here?
|
Sure! Basically, as explained in the corresponding commit message, changing the directory prerequisites to "order-only" ensures that dependent targets won't be uselessly rebuilt when the directory timestamp changes, for instance when building something inside the extracted kernel directory. For any further commenting, just ask; I'll be happy to explain if I'm able to ;-) Cheers! |
Ah, order only pre-reqs seem pretty great! I had actually already fixed the problem of rebuilds happening due to directory time stamps a different way, but I think I like order only pre-reqs better. The other parts of this PR will need some rebase work that I can handle if you don't want to. Thanks @filberg! |
This fixes both the behaviour of get_build_kver() and its invocation in other parts of the script, so that it executes in the same shell as the caller's. This way, all parts of the version string can be retrieved in a single call. Before this fix, the function had to be invoked in a subshell $(foo) to capture the full version string as its output, while the export'ed values of $PRAWNOS_KVER_* could not be read by the caller in the parent shell. Signed-off-by: Fil <fil@filberg.eu>
@SolidHal Ok, I think I merged and rebased correctly with your latest work.. |
@@ -2,3 +2,4 @@ tmp.* | |||
PrawnOS-Shiba-* | |||
PrawnOS-initramfs.cpio.gz | |||
build | |||
kernel/sources |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this can be dropped as the directory doesn't exist anymore :)
#PRAWNOS_KERNEL_IMAGE_DEBVER := 1 | ||
#PRAWNOS_KERNEL_HEADERS_DEBVER := 1 | ||
endif | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I have been thinking about what the proper answer is here. I'm thinking the following should be bumped to
#PRAWNOS_KERNEL_VER := 200
#PRAWNOS_KERNEL_IMAGE_DEBVER := 200
#PRAWNOS_KERNEL_HEADERS_DEBVER := 200
where 200 was picked arbitrarily in order to prevent the local system from conflicting with future packages that could end up on the apt repo.
Thanks! there are a couple small adjustments that I can make after this is merged in, I added them as comments here so you can see what my intent is. I figure this PR has been around long enough (my fault), so I'll merge and make the small tweaks :) |
This PR refactors makefiles and build scripts to make it easier to build an updated kernel in a totally automated way.
Main changes:
This changes should make it fairly easy to put up a totally headless/automated build server via a simple cron job and easily keep up with upstream kernel updates.