KERNEL-BUILD.ECLASS

Section: eclass-manpages (5)
Updated: Jun 2024
Index Return to Main Contents

NAME

kernel-build.eclass - Build mechanics for Distribution Kernels

DESCRIPTION

This eclass provides the logic to build a Distribution Kernel from source and install it. Post-install and test logic is inherited from kernel-install.eclass.

The ebuild must take care of unpacking the kernel sources, copying an appropriate .config into them (e.g. in src_prepare()) and setting correct S. The eclass takes care of respecting savedconfig, building the kernel and installing it along with its modules and subset of sources needed to build external modules.

SUPPORTED EAPIS

8

TRANSITIVELY PROVIDED ECLASSES

kernel-install

FUNCTIONS

kernel-build_pkg_setup
Call python-any-r1 and secureboot pkg_setup
kernel-build_src_configure
Prepare the toolchain for building the kernel, get the default .config or restore savedconfig, and get build tree configured for modprep.
kernel-build_src_compile
Compile the kernel sources.
kernel-build_src_test
Test the built kernel via qemu. This just wraps the logic from kernel-install.eclass with the correct paths.
kernel-build_src_install
Install the built kernel along with subset of sources into /usr/src/linux-${PV}. Install the modules. Save the config.
kernel-build_pkg_postinst
Combine postinst from kernel-install and savedconfig eclasses.
kernel-build_merge_configs [distro.config...]
Merge the config files specified as arguments (if any) into the '.config' file in the current directory, then merge any user-supplied configs from ${BROOT}/etc/kernel/config.d/*.config. The '.config' file must exist already and contain the base configuration.

ECLASS VARIABLES

KERNEL_IUSE_MODULES_SIGN (SET BEFORE INHERIT)
If set to a non-null value, inherits secureboot.eclass, adds IUSE=modules-sign and required logic to manipulate the kernel config while respecting the MODULES_SIGN_HASH, MODULES_SIGN_CERT, and MODULES_SIGN_KEY user variables.
MODULES_SIGN_HASH (USER VARIABLE)
Used with USE=modules-sign. Can be set to hash algorithm to use during signature generation (CONFIG_MODULE_SIG_SHA256).

Valid values: sha512,sha384,sha256,sha224,sha1

Default if unset: sha512

MODULES_SIGN_KEY (USER VARIABLE)
Used with USE=modules-sign. Can be set to the path of the private key in PEM format to use, or a PKCS#11 URI (CONFIG_MODULE_SIG_KEY).

If path is relative (e.g. "certs/name.pem"), it is assumed to be relative to the kernel build directory being used.

If the key requires a passphrase or PIN, the used kernel sign-file utility recognizes the KBUILD_SIGN_PIN environment variable. Be warned that the package manager may store this value in binary packages, database files, temporary files, and possibly logs. This eclass unsets the variable after use to mitigate the issue (notably for shared binary packages), but use this with care.

Default if unset: certs/signing_key.pem

MODULES_SIGN_CERT (USER VARIABLE)
Used with USE=modules-sign. Can be set to the path of the public key in PEM format to use. Must be specified if MODULES_SIGN_KEY is set to a path of a file that only contains the private key.
KERNEL_GENERIC_UKI_CMDLINE ?= "root=/dev/gpt-auto-root ro" (USER VARIABLE)
If KERNEL_IUSE_GENERIC_UKI is set, this variable allows setting the built-in kernel command line for the UKI. If unset, the default is root=/dev/gpt-auto-root ro

AUTHORS

Michał Górny <mgorny@gentoo.org>

MAINTAINERS

Distribution Kernel Project <dist-kernel@gentoo.org>

REPORTING BUGS

Please report bugs via https://bugs.gentoo.org/

FILES

kernel-build.eclass

SEE ALSO

ebuild(5)
https://gitweb.gentoo.org/repo/gentoo.git/log/eclass/kernel-build.eclass


Index

NAME
DESCRIPTION
SUPPORTED EAPIS
TRANSITIVELY PROVIDED ECLASSES
FUNCTIONS
ECLASS VARIABLES
AUTHORS
MAINTAINERS
REPORTING BUGS
FILES
SEE ALSO

This document was created by man2html, using the manual pages.
Time: 03:27:01 GMT, June 23, 2024