m/node: build Linux with modules
This introduces modules into our Linux build. I originally didn't want
to do this, this is why this wasn't done until now. But various things
in the kernel weren't set up for this, for example the AMD and Intel KVM
modules cannot both be loaded, only the first one loaded works. Also,
the Linux kernel cannot load firmware for built-in modules reliably as
the filesystem it tries to load it from is not always mounted first,
even if the kernel itself mounts it.
The firmware issue was brought up multiple times on LKML, but Linus is
of the opinion that the firmware should be next to the kernel module,
thus either built-in (not viable for licensing and size reasons) or the
modules need to be loadable and on the same filesystem as the firmware.
Thus unless we want to carry signifcant patches against the Kernel in a
deadlock-prone area, we are forced to adopt a design with loadable
modules (or ship everything twice in an initramfs which is also not
desirable).
The kernel config currently only has the modules as non-builtin which
require firmware, everything else has been left as-is. For boot-time
performance it would eventually be a good idea to move to a setup with
more modules once we're confident in the implementation and everything
can deal with late-loaded modules/devices.
As a drive-by fix this also moves the kernel builds to out-of-tree so
that we no longer pollute the source folder. Bazel protected us from
serious issues due to this, but it's still bad practice.
Change-Id: Iced8e12234565e5b7447e732716651e05e67d55b
Reviewed-on: https://review.monogon.dev/c/monogon/+/1791
Reviewed-by: Serge Bazanski <serge@monogon.tech>
Tested-by: Jenkins CI
diff --git a/third_party/linux/def.bzl b/third_party/linux/def.bzl
index b31b34b..2090ed9 100644
--- a/third_party/linux/def.bzl
+++ b/third_party/linux/def.bzl
@@ -73,8 +73,8 @@
# (image_name) is the name of the image that will be generated by this
# rule.
(target, image_source, image_name) = {
- 'vmlinux': ('vmlinux', 'vmlinux', 'vmlinux'),
- 'bzImage': ('all', 'arch/x86/boot/bzImage', 'bzImage'),
+ 'vmlinux': ('vmlinux modules', 'vmlinux', 'vmlinux'),
+ 'bzImage': ('all modules', 'arch/x86/boot/bzImage', 'bzImage'),
}[image_format]
# Root of the given Linux sources.
@@ -82,8 +82,9 @@
image = ctx.actions.declare_file(image_name)
modinfo = ctx.actions.declare_file("modules.builtin.modinfo")
+ modules = ctx.actions.declare_directory("modules")
ctx.actions.run_shell(
- outputs = [ image, modinfo ],
+ outputs = [ image, modinfo, modules ],
inputs = [ kernel_config ] + kernel_src,
command = '''
kconfig=$1
@@ -92,12 +93,20 @@
image=$4
root=$5
modinfo=$6
+ modules=$7
+
+ builddir=$(mktemp -d)
mkdir ${root}/.bin
- cp ${kconfig} ${root}/.config
- (cd ${root} && make -j $(nproc) ${target} >/dev/null)
- cp ${root}/${image_source} ${image}
- cp ${root}/modules.builtin.modinfo ${modinfo}
+ cp ${kconfig} ${builddir}/.config
+ (cd ${root} && KBUILD_OUTPUT="${builddir}" make -j $(nproc) ${target} >/dev/null)
+ cp "${builddir}"/${image_source} ${image}
+ cp "${builddir}"/modules.builtin.modinfo ${modinfo}
+ # Not using modules_install as it tries to run depmod and friends
+ for f in $(find "${builddir}" -name '*.ko' -type f -printf "%P\n" ); do
+ install -D "${builddir}/$f" "${modules}/$f"
+ done
+ rm -Rf "$builddir"
''',
arguments = [
kernel_config.path,
@@ -105,7 +114,8 @@
image_source,
image.path,
root,
- modinfo.path
+ modinfo.path,
+ modules.path,
],
use_default_shell_env = True,
)
@@ -116,7 +126,8 @@
runfiles=ctx.runfiles(files=[image])
),
OutputGroupInfo(
- modinfo = depset([modinfo])
+ modinfo = depset([modinfo]),
+ modules = depset([modules])
)
]
diff --git a/third_party/linux/linux-metropolis.config b/third_party/linux/linux-metropolis.config
index 5ecea4e..1e5e1ab 100644
--- a/third_party/linux/linux-metropolis.config
+++ b/third_party/linux/linux-metropolis.config
@@ -1,6 +1,6 @@
#
# Automatically generated file; DO NOT EDIT.
-# Linux/x86 5.15.104 Kernel Configuration
+# Linux/x86 5.15.112 Kernel Configuration
#
CONFIG_CC_VERSION_TEXT="gcc (Ubuntu 9.4.0-1ubuntu1~20.04.1) 9.4.0"
CONFIG_CC_IS_GCC=y
@@ -108,6 +108,7 @@
# BPF subsystem
#
# CONFIG_BPF_SYSCALL is not set
+# CONFIG_BPF_JIT is not set
# end of BPF subsystem
CONFIG_PREEMPT_NONE=y
@@ -632,8 +633,8 @@
CONFIG_HAVE_KVM_PM_NOTIFIER=y
CONFIG_VIRTUALIZATION=y
CONFIG_KVM=y
-CONFIG_KVM_INTEL=y
-CONFIG_KVM_AMD=y
+CONFIG_KVM_INTEL=m
+CONFIG_KVM_AMD=m
CONFIG_KVM_AMD_SEV=y
# CONFIG_KVM_XEN is not set
# CONFIG_KVM_MMU_AUDIT is not set
@@ -649,6 +650,7 @@
CONFIG_KEXEC_CORE=y
CONFIG_HOTPLUG_SMT=y
CONFIG_GENERIC_ENTRY=y
+# CONFIG_KPROBES is not set
CONFIG_JUMP_LABEL=y
# CONFIG_STATIC_KEYS_SELFTEST is not set
# CONFIG_STATIC_CALL_SELFTEST is not set
@@ -735,6 +737,7 @@
CONFIG_ARCH_HAS_STRICT_KERNEL_RWX=y
CONFIG_STRICT_KERNEL_RWX=y
CONFIG_ARCH_HAS_STRICT_MODULE_RWX=y
+CONFIG_STRICT_MODULE_RWX=y
CONFIG_HAVE_ARCH_PREL32_RELOCATIONS=y
CONFIG_ARCH_USE_MEMREMAP_PROT=y
# CONFIG_LOCK_EVENT_COUNTS is not set
@@ -760,7 +763,18 @@
CONFIG_RT_MUTEXES=y
CONFIG_BASE_SMALL=0
-# CONFIG_MODULES is not set
+CONFIG_MODULES=y
+# CONFIG_MODULE_FORCE_LOAD is not set
+# CONFIG_MODULE_UNLOAD is not set
+# CONFIG_MODVERSIONS is not set
+# CONFIG_MODULE_SRCVERSION_ALL is not set
+# CONFIG_MODULE_SIG is not set
+CONFIG_MODULE_COMPRESS_NONE=y
+# CONFIG_MODULE_COMPRESS_GZIP is not set
+# CONFIG_MODULE_COMPRESS_XZ is not set
+# CONFIG_MODULE_COMPRESS_ZSTD is not set
+# CONFIG_MODULE_ALLOW_MISSING_NAMESPACE_IMPORTS is not set
+CONFIG_MODPROBE_PATH="/sbin/modprobe"
CONFIG_MODULES_TREE_LOOKUP=y
CONFIG_BLOCK=y
CONFIG_BLK_DEV_BSG_COMMON=y
@@ -1377,6 +1391,7 @@
# CONFIG_DEBUG_DEVRES is not set
# CONFIG_DEBUG_TEST_DRIVER_REMOVE is not set
CONFIG_HMEM_REPORTING=y
+# CONFIG_TEST_ASYNC_DRIVER_PROBE is not set
CONFIG_SYS_HYPERVISOR=y
CONFIG_GENERIC_CPU_AUTOPROBE=y
CONFIG_GENERIC_CPU_VULNERABILITIES=y
@@ -1753,11 +1768,11 @@
CONFIG_NET_VENDOR_BROADCOM=y
# CONFIG_B44 is not set
# CONFIG_BCMGENET is not set
-CONFIG_BNX2=y
-CONFIG_CNIC=y
-CONFIG_TIGON3=y
+CONFIG_BNX2=m
+CONFIG_CNIC=m
+CONFIG_TIGON3=m
CONFIG_TIGON3_HWMON=y
-CONFIG_BNX2X=y
+CONFIG_BNX2X=m
# CONFIG_SYSTEMPORT is not set
CONFIG_BNXT=y
CONFIG_BNXT_FLOWER_OFFLOAD=y
@@ -1778,7 +1793,7 @@
CONFIG_NET_VENDOR_I825XX=y
CONFIG_NET_VENDOR_INTEL=y
# CONFIG_E100 is not set
-# CONFIG_E1000 is not set
+CONFIG_E1000=y
CONFIG_E1000E=y
CONFIG_E1000E_HWTS=y
CONFIG_IGB=y
@@ -1791,7 +1806,7 @@
CONFIG_I40E=y
CONFIG_IAVF=y
CONFIG_I40EVF=y
-CONFIG_ICE=y
+CONFIG_ICE=m
CONFIG_FM10K=y
CONFIG_IGC=y
# CONFIG_JME is not set
@@ -1817,7 +1832,7 @@
# CONFIG_NET_VENDOR_MICROSEMI is not set
CONFIG_NET_VENDOR_MICROSOFT=y
CONFIG_NET_VENDOR_MYRI=y
-CONFIG_MYRI10GE=y
+CONFIG_MYRI10GE=m
# CONFIG_FEALNX is not set
# CONFIG_NET_VENDOR_NI is not set
# CONFIG_NET_VENDOR_NATSEMI is not set
@@ -1825,7 +1840,7 @@
# CONFIG_S2IO is not set
# CONFIG_VXGE is not set
CONFIG_NET_VENDOR_NETRONOME=y
-CONFIG_NFP=y
+CONFIG_NFP=m
# CONFIG_NFP_DEBUG is not set
# CONFIG_NET_VENDOR_NVIDIA is not set
# CONFIG_NET_VENDOR_OKI is not set
@@ -1836,12 +1851,12 @@
# CONFIG_NET_VENDOR_PENSANDO is not set
CONFIG_NET_VENDOR_QLOGIC=y
CONFIG_QLA3XXX=y
-CONFIG_QLCNIC=y
+CONFIG_QLCNIC=m
CONFIG_QLCNIC_HWMON=y
# CONFIG_NETXEN_NIC is not set
# CONFIG_QED is not set
CONFIG_NET_VENDOR_BROCADE=y
-CONFIG_BNA=y
+CONFIG_BNA=m
CONFIG_NET_VENDOR_QUALCOMM=y
CONFIG_QCOM_EMAC=y
# CONFIG_RMNET is not set
@@ -1850,7 +1865,7 @@
CONFIG_NET_VENDOR_REALTEK=y
# CONFIG_8139CP is not set
# CONFIG_8139TOO is not set
-CONFIG_R8169=y
+CONFIG_R8169=m
CONFIG_NET_VENDOR_RENESAS=y
CONFIG_NET_VENDOR_ROCKER=y
CONFIG_NET_VENDOR_SAMSUNG=y
@@ -2226,6 +2241,7 @@
# CONFIG_I2C_VIRTIO is not set
# end of I2C Hardware Bus support
+# CONFIG_I2C_STUB is not set
# CONFIG_I2C_SLAVE is not set
# CONFIG_I2C_DEBUG_CORE is not set
# CONFIG_I2C_DEBUG_ALGO is not set
@@ -3612,11 +3628,7 @@
CONFIG_SECURITY_LOADPIN_ENFORCE=y
# CONFIG_SECURITY_YAMA is not set
# CONFIG_SECURITY_SAFESETID is not set
-CONFIG_SECURITY_LOCKDOWN_LSM=y
-# CONFIG_SECURITY_LOCKDOWN_LSM_EARLY is not set
-CONFIG_LOCK_DOWN_KERNEL_FORCE_NONE=y
-# CONFIG_LOCK_DOWN_KERNEL_FORCE_INTEGRITY is not set
-# CONFIG_LOCK_DOWN_KERNEL_FORCE_CONFIDENTIALITY is not set
+# CONFIG_SECURITY_LOCKDOWN_LSM is not set
CONFIG_SECURITY_LANDLOCK=y
CONFIG_INTEGRITY=y
# CONFIG_INTEGRITY_SIGNATURE is not set
@@ -3676,6 +3688,7 @@
CONFIG_CRYPTO_PCRYPT=y
CONFIG_CRYPTO_CRYPTD=y
CONFIG_CRYPTO_AUTHENC=y
+# CONFIG_CRYPTO_TEST is not set
CONFIG_CRYPTO_SIMD=y
CONFIG_CRYPTO_ENGINE=y
@@ -3824,7 +3837,7 @@
# CONFIG_CRYPTO_DEV_ATMEL_ECC is not set
# CONFIG_CRYPTO_DEV_ATMEL_SHA204A is not set
CONFIG_CRYPTO_DEV_CCP=y
-CONFIG_CRYPTO_DEV_CCP_DD=y
+CONFIG_CRYPTO_DEV_CCP_DD=m
CONFIG_CRYPTO_DEV_SP_PSP=y
# CONFIG_CRYPTO_DEV_QAT_DH895xCC is not set
# CONFIG_CRYPTO_DEV_QAT_C3XXX is not set
@@ -3916,7 +3929,7 @@
# CONFIG_CRC8 is not set
CONFIG_XXHASH=y
# CONFIG_RANDOM32_SELFTEST is not set
-CONFIG_ZLIB_INFLATE=y
+CONFIG_ZLIB_INFLATE=m
CONFIG_LZ4_COMPRESS=y
CONFIG_LZ4_DECOMPRESS=y
CONFIG_ZSTD_COMPRESS=y
@@ -4098,6 +4111,7 @@
CONFIG_BOOTPARAM_HUNG_TASK_PANIC=y
CONFIG_BOOTPARAM_HUNG_TASK_PANIC_VALUE=1
CONFIG_WQ_WATCHDOG=y
+# CONFIG_TEST_LOCKUP is not set
# end of Debug Oops, Lockups and Hangs
#
@@ -4223,6 +4237,7 @@
# CONFIG_FTRACE_STARTUP_TEST is not set
# CONFIG_RING_BUFFER_STARTUP_TEST is not set
# CONFIG_RING_BUFFER_VALIDATE_TIME_DELTAS is not set
+# CONFIG_PREEMPTIRQ_DELAY_TEST is not set
# CONFIG_PROVIDE_OHCI1394_DMA_INIT is not set
# CONFIG_SAMPLES is not set
CONFIG_ARCH_HAS_DEVMEM_IS_ALLOWED=y
@@ -4270,6 +4285,7 @@
# CONFIG_RBTREE_TEST is not set
# CONFIG_REED_SOLOMON_TEST is not set
# CONFIG_INTERVAL_TREE_TEST is not set
+# CONFIG_PERCPU_TEST is not set
# CONFIG_ATOMIC64_SELFTEST is not set
# CONFIG_TEST_HEXDUMP is not set
# CONFIG_STRING_SELFTEST is not set
@@ -4285,10 +4301,18 @@
# CONFIG_TEST_RHASHTABLE is not set
# CONFIG_TEST_HASH is not set
# CONFIG_TEST_IDA is not set
+# CONFIG_TEST_LKM is not set
+# CONFIG_TEST_BITOPS is not set
+# CONFIG_TEST_VMALLOC is not set
+# CONFIG_TEST_USER_COPY is not set
+# CONFIG_TEST_BPF is not set
+# CONFIG_TEST_BLACKHOLE_DEV is not set
# CONFIG_FIND_BIT_BENCHMARK is not set
# CONFIG_TEST_FIRMWARE is not set
# CONFIG_TEST_SYSCTL is not set
# CONFIG_TEST_UDELAY is not set
+# CONFIG_TEST_STATIC_KEYS is not set
+# CONFIG_TEST_KMOD is not set
# CONFIG_TEST_MEMCAT_P is not set
# CONFIG_TEST_STACKINIT is not set
# CONFIG_TEST_MEMINIT is not set