Getting Your Customized openSUSE Kernel on OBS

Transcript

1. How to Maintaining a Linux Kernel Package on openSUSE's Open

   Build Service Getting Your Customized openSUSE Kernel on OBS Shung-Hsi Yu, SUSE @shunghsiyu @[email protected]

2. About me Shung-Hsi Yu SUSE Based in Taitung, Taiwan Kernel

   Engineer BPF Subsystem openSUSE SUSE Enterprise Linux

3. Agenda - Backgrounds - Problems & Rational - How to

   Customize (the Kernel) - Comparisons (of methods) - Takeaways

4. Backgrounds

5. Linux Kernel - Core of the system - Talks to

   hardware (w/ drivers) - Provide abstractions/features

6. Open Build Service (OBS) - Build Service - Produce RPM

   packages - Compile source code to binaries - Hosts RPM packages

7. Open Build Service (OBS) Interface - API - osc command-line

   tool - WebUI
8. None

9. Problems

10. Additional Feature You want additional security hardening with ABC feature,

    however due to performance impact it is disabled in openSUSE’s kernel # CONFIG_ABC is not set

11. Unsupported Hardware You have XZY device, but openSUSE’s kernel cannot

    use it because support is not enabled # CONFIG_XZY is not set

12. Unsupported Hardware You have XZY device, but openSUSE’s kernel cannot

    use it because the driver’s source code is not upstream

13. Distributing and Installation You have built a kernel on your

    laptop, now you need to have it installed on all your machines

14. Updating the Kernel There a critical security bug the was

    fixed, do you have to go through the same again?

15. Rational

16. Why Customize? - Missing features / hardware support - Disabled

    - Not available - Too many features / hardware support - Security - Size

17. Why NOT Customize? - Support on your own - Untested

18. Why use OBS? - Builds RPM packages for you -

    Make package distribution easy (and secure) - Works well with openSUSE distros - Support many architectures

19. How to Customize Overview

20. #1 - {patches,config}.addon - the “default” way to do customization

    - patch and config managed in OBS - OBS keeps it updated (w/ link)

21. #2 - kernel-$FLAVOR.spec - lightweight customization - single RPM specification

    file - repackaging of existing RPM

22. #3 - fork kernel-source.git - openSUSE/SUSE kernel team’s workflow -

    patches and config managed with git repository

23. How to Customize #1 - {patches,config}.addon

24. Setup Requirements - osc (cmdline) / web browser - tar

    & gzip bzip2 (cmdline) / GUI archiver - (optional) diff

25. Workflow (changing config) 1. Branch kernel-default project on OBS 2.

    Create config.addon.tar.bz2 3. Upload to your branched kernel-default OBS project

26. Config Modification $ tree config.addon/ config.addon/ ├── arm64 │ └──

    default └── x86_64 └── default

27. Config Modification $ cat config.addon/x86_64/default CONFIG_XYZ=y ...

28. Workflow (generating patches) 1. Download source code of kernel.git 2.

    Extract 3. Modify 4. diff

29. Workflow (adding patches) 1. Branch kernel-default project on OBS 2.

    Create patches.addon.tar.bz2 3. Upload to your branched kernel-default OBS project

30. Code Modification $ tree . 0001-support-XZY.patch series

31. Code Modification $ cat 0001-support-XZY.patch --- a/drivers/XYZ/main.c +++ b/drivers/XYZ/main.c @@

    -93,7 +93,7 @@ ... $ cat series 0001-support-XZY.patch

32. How to Customize #2 - kernel-$FLAVOR.spec

33. Setup Requirements - osc (cmdline) / web browser

34. Workflow (changing spec) 1. Branch kernel-default-base project on OBS 2.

    Modify kernel-default-base.spec 3. (optional) Rename spec file and project

35. Module Modification $ cat kernel-default-base.spec ... define filesystems autofs4 btrfs

    ext4 fuse vfat \ isofs jbd2 mbcache nfsv2 ... %define modules %usb_modules %net_drivers \ %scsi_modules %block_drivers hyperv_modules %virtio_modules %vmware_modules %xen_modules ...

36. How to Customize #3 - fork kernel-source.git

37. Setup Requirements - osc - git - quilt - diff

    - …

38. Workflow (adding patches) 1. Clone kernel-source.git 2. cd kernel-source 3.

    sequence-patch.sh 4. cd tmp/current 5. add new patch with quilt

39. Workflow (adding patches) 6. quilt edit 7. refresh_patch.sh 8. cd

    patches (kernel-source) 9. log 10. (optional) git push …

40. Workflow (upload) Push changes to OBS $OBS_BRANCH=home:$USER:branches:Leap:15.6:Update $FLAVOR=default scripts/tar-up.sh scripts/osc_wrapper

    upload --enable-debug "$OBS_BRANCH" ./kernel-source/kernel-default.spec

41. Comparisons

42. #1 - {config,patches}.addon The Good - good balance between easiness

    and flexibility The Bad - some chance of patch failing to apply

43. #2 - kernel-$FLAVOR.spec The Good - easy, super fast to

    build package - identical binaries - low maintenance The Bad - not flexible, can’t add feature / hardware support

44. #3 - fork kernel-source.git The Good - very flexible -

    remove existing patch and or add new upstream patch - scales very well - many collaborators & many custom patches / changes

45. #3 - fork kernel-source.git The Bad - needs to be

    updated manually - needs more resources / tooling - workflow is much more complex - uses command-line-only tools

46. Takeaways

47. Takeaways Sometimes you need to customize the Linux Kernel for

    feature Using openSUSE’s OBS to do so save you resources and makes distributing easy

48. Takeaways (cont.) Start with *.addon customization move to other method

    if it doesn’t work well

49. Appendix

50. Examples home:tiwai:kernel:sle15-sp6-kasan - customize kernel config with config.addon openSUSE:Leap:15.6:Update/kernel-default-base -

    customize kernel-default RPM with spec file home:tiwai:kernel:drm-tip - customize kernel config with kernel-source

51. References - How to maintain kernel-source packages on OBS? -

    How to Modify a Package in Open Build Service - openSUSE:Build Service Collaboration - openSUSE:Build Service Concept project linking - Open Build Service Beginnerʼs Guide - SUSE Kernel Site - kernel-source’s README.SUSE
52. None