kernel-handbook/0000750000000000000000000000000012013316226010776 5ustar kernel-handbook/version.ent0000660000000000000000000000011412013315004013163 0ustar kernel-handbook/chapter-source.sgml0000660000000000000000000000730012013314603014606 0ustar Debian kernel source Changes to the pristine kernel source

The kernels in Debian are distributed in binary form, built from the Debian kernel source. It is important to recognize that Debian kernel source may be (and in most cases is) different from the upstream (or "pristine") kernel source, distributed from and its mirrors. Due to licensing restrictions, unclear license information, or failure to comply with the Debian Free Software Guidelines (DFSG), parts of the kernel are removed in order to distribute the source in the main section of the Debian archive. Such removal produces linux_version.orig.tar.xz tarball, which serves as the original upstream source. version is the actual upstream version.

The guidelines for firmware removal were set by the General Resolution and the by the release managers. Even though these documents originally applied to the Etch release, there were no significant changes in the removal policy, so they were in effect for the Lenny release as well. As of version 2.6.31-1, all known sourceless firmware has been removed from the Debian package, but much of it is included in the package. Additional information about firmware licensing and removals may be found at the page .

Debian kernel patches

The source from which the Debian binary kernels are built is obtained by taking the source from linux_version.orig.tar.xz (that is, pristine kernel source with problematic parts removed) and applying a set of Debian patches. These patches typically implement essential fixes for serious bugs and security holes. The Debian version of the kernel packages has the form version-revision where version is the upstream version of the kernel (like 3.2.20) and revision determines the patchlevel. For example, the packages with version 3.2.20-1 are built from the linux_3.2.20.orig.tar.xz source, patched up to patchlevel 1. Certain packages include extra 'featuresets' not included in the upstream source, such as rt.

Policy for patch acceptance

The general policy of the Debian kernel team is that a patch must either fix a bug or add hardware support, and must be based on a change already accepted by the upstream kernel maintainers. The change does not need to have been included in an upstream release yet. This policy allows the team to drop most patches when moving to a new upstream version, rather than having to maintain an increasing series of Debian-specific patches. The recommended procedure for inclusion of patches introducing optional features is to submit to the upstream maintainer.

kernel-handbook/chapter-packaging.sgml0000660000000000000000000002101611764303276015252 0ustar Debian kernel packages Source package

To ensure that the latest kernel version, containing all the essential bug and security fixes is available on as many architectures as possible, starting with 2.6.12 the kernel team introduced a new packaging scheme. In it most of the kernel-related binary packages are built from a single source package linux (previously linux-2.6). The linux source package supports building of kernel images and headers for all currently supported architectures. Subsequent sections of this chapter document the naming and contents of the binary packages built from the linux source package.

Architecture-independent packages

linux-source-version This package contains the Debian kernel source tarball. The patchlevel of the source is determined by the Debian revision of the package, for example the version 3.2.19-1 of the package linux-source-3.2 contains the version 3.2.19 of the Debian kernel source patched to patchlevel 1. Once the package is installed, the source tarball is available at /usr/src/linux-source-version.tar.bz2. linux-manual-version This package contains the manual pages for the functions, constituting the kernel API. These pages are installed into /usr/share/man/man9/, and are accessible with the standard man command. Due to filename conflicts, only one linux-manual package may be installed at any given time. linux-doc-version This package contains the rest of the kernel documentation in various formats. It is installed in /usr/share/doc/linux-doc-version. linux-support-version-abiname This package contains the support files for building of out-of-tree modules for given version and abiname.

Architecture-dependent packages

The kind of hardware the particular kernel package is designed for is uniquely identified by the architecture, featureset, and flavour. Kernels for all architectures are built from the same Debian kernel source tree, which is obtained using the procedure described in . Each architecture usually has multiple flavours of the binary kernel images. Different flavours correspond to different kernel configuration files, used to build the binary images from the same kernel tree.

In order to build a working kernel with an extra featureset not provided by the upstream source, additional changes to the Debian kernel source are required. Again, multiple flavours of binary images may be built from the featureset tree. For example, the i386 architecture has a number of different flavours, such as 486, 686-pae and amd64, built from the common Debian kernel source. It also contains the rt featureset. The source tree for building the kernels for each of these featuresets is obtained by applying additional patches to the Debian kernel source. It may be used to build the rt-686-pae binary image flavours. The names of the Debian binary packages incorporate the name of the flavour and, if necessary, the name of the featureset (there is no need to worry about the name of the architecture, since Debian tools will only allow installation of the packages with "correct" architecture). If the arch does not have any featuresets, the featureset part is omitted from the name, as indicated by the square brackets below.

Package names also include the abiname, a small integer, which identifies the kernel's binary compatibility level. The kernels with different abinames are binary incompatible, so upgrading to a kernel with a different abiname will most likely require recompilation of third-party binary modules against the new kernel. The list of architecture-dependent packages together with a short description is given below.

linux-headers-version-abiname-common[-featureset] This package contains a common set of kernel headers for a particular featureset (or arch, if featureset is empty). Together with the flavour-specific linux-headers package it provides a full set of kernel headers, suitable for building of out-of-tree modules. This package should not normally be installed directly, but only as a dependency of the flavour-specific headers package (see next description). It unpacks into the /usr/src/linux-headers-version-abiname-common[-featureset] directory. linux-headers-version-abiname[-featureset]-flavour This package provides flavour-specific header files. It depends on the corresponding linux-headers-version-abiname-common[-featureset] package, and sets up symbolic links into its directory tree in such a way that the directory /usr/src/linux-headers-version-abiname[-featureset]-flavour appears to contain a full set of headers, required for building of out-of-tree kernel modules. For more information on this check out . A complete set of kernel headers matching the currently running official kernel may be installed with a command apt-get install linux-headers-$(uname -r) linux-image[-featureset]-flavour linux-headers[-featureset]-flavour

These virtual packages provide (via dependencies) the latest binary image and matching set of header files (respectively) for a particular flavour. Example: linux-image-rt-686-pae

In Debian 6.0 (squeeze) and earlier, the headers metapackages were named linux-headers-2.6[-featureset]-flavour.

linux-image-version-abiname[-featureset]-flavour

This package contains the binary kernel image and pre-built binary modules for a particular arch/featureset/flavour combination. Names of the files installed by this package are architecture-dependent. Typical locations of essential files for the i386 architecture are: /boot/vmlinuz-version-abiname[-featureset]-flavour The binary (compressed) kernel image. /boot/initrd.img-version-abiname[-featureset]-flavour Initial RAM filesystem (initramfs) image. Note, that this file is automatically generated in the installation process and is not shipped as a part of the package. See for more details. /boot/config-version-abiname[-featureset]-flavour The kernel configuration file used to build this particular kernel. May be used to rebuild the kernel from source, if necessary. /lib/modules/version-abiname[-featureset]-flavour/ Directory containing the pre-built binary kernel modules. linux-libc-dev

This package provides Linux kernel headers for use by userspace programs, such as GNU glibc and other system libraries.

kernel-handbook/chapter-common-tasks.sgml0000660000000000000000000004746012003025226015733 0ustar Common kernel-related tasks Obtaining the Debian kernel source

To get the Debian kernel source at the current maximum patchlevel, it is sufficient to install the latest linux-source-version package and unpack the source, for example: # apt-get install linux-source-3.2 $ tar jxf /usr/src/linux-source-3.2.tar.bz2 The unpacked source tree then will be available in linux-source-3.2 directory.

Rebuilding official Debian kernel packages

You can build all or selected kernel packages by following these instructions. You may be asked to do this in order to test a potential bug fix.

Preparation

For Debian 6.0 (squeeze) and earlier versions, substitute the source package name linux-2.6 for linux.

Run the following commands: $ apt-get source linux This will download and unpack the linux source package, making the tree available in the linux-version directory. As always, the revision part of the version of this package (for example, 1 in 3.2.19-1) will determine its patchlevel with respect to the original upstream kernel source. # apt-get install build-essential fakeroot # apt-get build-dep linux The last two commands will install the build dependencies required by the kernel build process. $ cd linux-version Enter the source directory.

Disk space requirements

Building binary packages for a single kernel flavour with debug info enabled (currently true for the 686-pae, amd64, rt-686-pae, rt-amd64 and s390x configurations) requires up to 10 GB space in the package directory and 300 MB in /tmp (or $TMPDIR).

Building with debug info disabled requires about 2 GB and 25 MB respectively. You can disable debug info by changing the value of debug-info to false in debian/config/arch/defines.

Building all binary packages for i386 or amd64 currently requires about 20 GB space in the package directory. Other architectures with no debug info or fewer drivers will require less space.

Simple patching and building

The source package includes a script to simplify the process of building with extra patches. You can use this by running commands such as: # apt-get install devscripts $ bash debian/bin/test-patches ../fix-bug123456.patch ../add-foo-driver.patch This script has options to control the flavour, featureset, etc. For a summary of the options, run: $ bash debian/bin/test-patches

You may then need to build the linux-base package as well: $ fakeroot make -f debian/rules.real install-linux-base

However, if you need to change the configuration or make other changes, you should not use this script and should follow the instructions below.

Applying patches or configuration changes

It is possible to apply extra patches to the source before starting the build. In the linux source package, the default (non-featureset) patches are automatically applied in the top level directory. If you are building the linux-2.6 source package or building with a featureset, you should first apply the existing patches by running: $ fakeroot debian/rules source The patched source appears in the following directories. linux default source: top level linux source with featureset: debian/build/source_featureset linux-2.6 default source: debian/build/source_arch_none linux-2.6 source with featureset: debian/build/source_arch_featureset You should apply the extra patches in the appropriate directory. In the linux source package you can use the quilt utility to do this.

To change the configuration before building, for example for the 686-pae flavour on i386, run the commands: $ fakeroot make -f debian/rules.gen setup_i386_none_686-pae $ make -C debian/build/build_i386_none_686-pae menuconfig

If the patches or configuration changes alter type definitions for the kernel, you may need to change the ABI name; see .

Building many packages

To build all possible packages for this architecture, run: $ fakeroot debian/rules binary To build all architecture-dependent packages, run: $ fakeroot debian/rules binary-arch To build all architecture-independent packages, run: $ fakeroot debian/rules binary-indep

Building packages for one flavour

For example, to build only the binary packages for 686-pae flavour on i386 architecture, use the following commands: $ fakeroot debian/rules source $ fakeroot make -f debian/rules.gen binary-arch_i386_none_686-pae The target in this command has the general form of target_arch_featureset_flavour. Replace the featureset with none if you do not want any of the extra featuresets. This command will build the linux image and kernel headers packages. You may also need the linux-headers-version-common binary package, which can be built using the commands: $ fakeroot debian/rules source $ fakeroot make -f debian/rules.gen binary-arch_i386_none_real The target in this command has the general form of target_arch_featureset_real

Building a development version of the Debian kernel package

For Debian 6.0 (squeeze) and earlier versions, substitute the source package name linux-2.6 for linux.

To build a kernel image based on the kernel team's unreleased development version: # apt-get install build-essential fakeroot rsync svn # apt-get build-dep linux The last two commands will install the build dependencies required by the kernel build process. $ svn co svn://anonscm.debian.org/svn/kernel/dists/dist/linux This will check out the Debian packaging. dist is normally the distribution codename such as wheezy or sid (unstable). For the very latest version, usually based on an upstream release candidate, use trunk. $ apt-get source -d linux This will download the linux upstream source (and the last released Debian patches). Depending on which version you are trying to build, you might need to override APT's version selection or download a tarball from instead. $ cd linux $ debian/rules orig This unpacks the upstream source and merges it with the Debian packaging. $ debian/rules debian/control This generates a Debian package control file based on the current definitions of the various kernel flavours which can be built. $ fakeroot debian/rules target Finally, build binary packages as explained in .

Generating orig tarball from newer upstream

First you must add a changelog entry for the new upstream version. If the new version is a release candidate, change the string -rc to ~rc. (In Debian package versions, a suffix beginning with ~ indicates a pre-release.)

The 'orig' tarball is generated by the genorig.py script. It takes either a tarball and optional patch from kernel.org, or a git repository. If you have a tarball, run a command such as: $ python debian/bin/genorig.py ../linux-3.4.tar.bz2 ../patch-3.5-rc1.bz2

If you have a git repository, pass the name of its directory: $ python debian/bin/genorig.py ~/src/linux

Either of these will generate a file such as ../orig/linux_3.5~rc1.orig.tar.xz. You can then combine this tarball with the Debian packaging by running: $ debian/rules orig

Building a custom kernel from Debian kernel source

This section describes the simplest possible procedure to build a custom kernel the "Debian way". It is assumed that user is somewhat familiar with kernel configuration and build process. If that's not the case, it is recommended to consult the kernel documentation and many excellent online resources dedicated to it.

The easiest way to build a custom kernel (the kernel with the configuration different from the one used in the official packages) from the Debian kernel source is to use the linux-source package and the make deb-pkg target. First, prepare the kernel tree: # apt-get install linux-source-3.2 $ tar xjf /usr/src/linux-source-3.2.tar.bz2 $ cd linux-source-3.2 The kernel now needs to be configured, that is you have to set the kernel options and select the drivers which are going to be included, either as built-in, or as external modules. The kernel build infrastructure offers a number of targets, which invoke different configuration frontends. For example, one can use console-based menu configuration by invoking the command $ make menuconfig Instead of menuconfig one can use config (text-based line-by-line configuration frontend) or xconfig (graphical configuration frontend). It is also possible to reuse your old configuration file by placing it as a .config file in the top-level directory and running one of the configuration targets (if you want to adjust something) or make oldconfig (to keep the same configuration). Note that different frontends may require different additional libraries and utilities to be installed to function properly. For example, the menuconfig frontend requires the ncurses library, which at time of writing is provided by the libncurses5-dev package.

The build will use less disk space if the CONFIG_DEBUG_INFO option is disabled (see ). Debuginfo is only needed if you plan to use binary object tools like crash, kgdb, and SystemTap on the kernel. $ scripts/config --disable DEBUG_INFO

After the configuration process is finished, the new or updated kernel configuration will be stored in .config file in the top-level directory. The build is started using the commands $ make clean $ make deb-pkg As a result of the build, a custom kernel package linux-image-3.2.19_3.2.19-1_i386.deb (name will reflect the version of the kernel and build number) will be created in the directory one level above the top of the tree. It may be installed using dpkg just as any other package: # dpkg -i ../linux-image-3.2.19_3.2.19-1_i386.deb This command will unpack the kernel, generate the initrd if necessary (see for details), and configure the bootloader to make the newly installed kernel the default one. If this command completed without any problems, you can reboot using the # shutdown -r now command to boot the new kernel.

For much more information about bootloaders and their configuration please check their documentation, which can be accessed using the commands man lilo, man lilo.conf, man grub, and so on. You can also look for documentation in the /usr/share/doc/package directories, with package being the name of the package involved.

Building a custom kernel from the "pristine" kernel source

Building a kernel from the "pristine" (also sometimes called "vanilla") kernel source, distributed from and its mirrors, may be occasionally useful for debugging or in the situations when a newer kernel version is desired. The procedure differs only in obtaining the kernel source: instead of unpacking the kernel source from Debian packages, the "pristine" source is downloaded using your favourite browser or using wget, as follows: $ wget http://kernel.org/pub/linux/kernel/v3.x/linux-3.4.tar.bz2 The integrity of the downloaded archive may be verified by fetching the corresponding cryptographic signature $ wget http://kernel.org/pub/linux/kernel/v3.x/linux-3.4.tar.bz2.sign and running this command (gnupg package must be installed): $ gpg --verify linux-3.4.tar.bz2.sign Successful verification results in output similar to the one below: gpg: Signature made Wed 29 Nov 2006 02:50:07 PM PST using DSA key ID 517D0F0E gpg: Good signature from "Linux Kernel Archives Verification Key <ftpadmin@kernel.org>" gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: C75D C40A 11D7 AF88 9981 ED5B C86B A06A 517D 0F0E After that the archive may be unpacked using $ tar xjf linux-3.4.tar.bz2 $ cd linux-3.4 The unpacked kernel tree (in linux-3.4 now has to be configured. The existing configuration file may be used as a starting point $ cp /boot/config-3.2.0-2-686-pae ./.config After the configuration with one of the configuration frontends (invoked by make oldconfig, make config, make menuconfig, etc) is completed, the build may be started using make deb-pkg target as described above. Building out-of-tree kernel modules

Some kernel modules are not included in the upstream or Debian kernel source, but are provided as third-party source packages. For some of the most popular out-of-tree modules, the binary Debian packages with modules built against the stock Debian kernels are provided. For example, if you are running stock Debian kernel 3.2.0-2-686-pae (use the uname -r command to verify the version) from the linux-image-3.2.0-2-686-pae package, and would like to use the squash filesystem, all you need to do is install squashfs-modules-3.2.0-2-686-pae binary package, which provides the neccessary binary kernel modules.

If you are not so lucky, and there are no binary module packages in the archive, there is a fair chance that the Debian archive contains the packaged source for the kernel modules. Names of such packages typically end in -source, for example squashfs-source, thinkpad-source, rt2x00-source and many others. These packages contain debianized source code of the kernel modules, suitable for building using the module-assistant (or m-a) script from the module-assistant package. Typical sequence to build a custom binary module package, matching a kernel 3.2.0-2-686-pae (as returned by uname -r) from the debianized source consists of the following steps:

Install a set of kernel headers, matching the kernel for which the modules are going to be built: # apt-get install linux-headers-3.2.0-2-686-pae Install the package containing the source: # apt-get install squashfs-source Invoke module-assistant (aka m-a) to do the heavy lifting: # m-a build squashfs As a result, a Debian package is going to be built and placed in /usr/src. It can be installed the usual way, using dpkg -i. Two last steps (building and installation) may be combined using the invocation # m-a auto-install squashfs Check out the module-assistant documentation (man module-assistant) for other options and much more information on how to use it.

Finally, in some rare circumstances, you might need to build the kernel modules from the upstream source packages. In that case, follow the documentation included with the package to build the modules. If the build process will require you to specify the directory with the kernel headers, matching the currently running kernel, for stock Debian kernels this directory is /usr/src/linux-headers-uname, provided by the linux-headers-uname package. Here uname is the output of the uname -r command. If you are building and running your own custom kernels, it is a good idea to keep the original build tree around, as it also can be used for out-of-tree module building.

kernel-handbook/chapter-initramfs.sgml0000660000000000000000000000620712002616311015306 0ustar Managing the initial ramfs (initramfs) archive

The booting in Debian is a two-stage process, involving the initial RAM filesystem (initramfs for short, sometimes it is also referred to as initrd, which stands for initial RAM disk). First, the bootloader loads the kernel and initramfs into memory, and passes the execution control to the kernel. After basic initialization the kernel extracts the initramfs archive and mounts it as a temporary root filesystem. initramfs contains kernel modules and userspace programs required to initialize the physical or logical device(s) containing the real root filesystem. The init script on the initramfs loads modules and performs other neccessary initialization steps. At the end of this stage run-init deletes the initramfs from memory, mounts the real root filesystem and passes control to the /sbin/init program on it.

Two major goals are achieved with such setup: the kernel size is kept under control by allowing most of the drivers to be compiled as modules (in a initramfs-less setup the drivers neccessary for the boot-time initialization of the root device must be compiled into it) and allow the setups which require initialization which cannot be done in-kernel, but is performed by userspace utilities.

Initramfs generation tools

Since initramfs usually needs to be customized for the particular hardware/device configuration and kernel version, they are not included as a part of any package, but are generated on the fly at kernel installation time. Currently there are two tools in Debian capable of generating an initramfs: update-initramfs provided by initramfs-tools (default) and dracut-update-initramfs provided by the dracut package (experimental).

Regenerating the initramfs

If changes are desired after the corresponding linux-image has been installed, the initramfs needs to be regenerated. This is achieved by the command # dpkg-reconfigure linux-image-3.2.0-2-686-pae where linux-image-3.2.0-2-686-pae is the name of the kernel package for which the initramfs regeneration is requested. Examining the initramfs contents

Occasionally it is useful to examine the contents of initramfs to diagnose a problem or for educational purposes. They are compressed cpio archives, which may be extracted using the command $ zcat /boot/initrd.img-3.2.0-2-686-pae | cpio -i It will unpack the contents of the initramfs into the current directory.

It is also possible to list the contents of an initramfs using the cpio -t option or the command $ lsinitramfs /boot/initrd.img-3.2.0-2-686-pae

kernel-handbook/chapter-scope.sgml0000660000000000000000000000442012002612446014423 0ustar About this handbook Scope

The main goal of this handbook is to serve as a single access point to all kernel-related documentation. It contains the information about the Debian packaging of Linux kernel for Debian 7.0 (wheezy). The latest released version is always available from . Note that this is a work in progress, and some information is inaccurate.

Some of the commands mentioned in the text must be executed with superuser priviliges, either by becoming the root user or by using sudo. To distinguish between commands which may be executed by an unprivileged user and those requiring superuser privileges, commands are prepended by $ or # respectively. This symbol is not a part of the command.

Authors and Contributors

This handbook is maintained within the project on . The SGML source of the book may be checked out from the Debian . It is intended as a community project, thus all proposals for improvements and contributions are welcome. The preferred way to submit a contribution is to send it to the kernel-handbook-general@lists.alioth.debian.org mailing list. When submitting a contribution please clearly identify its copyright holder and include the licensing statement. Note that to be accepted the contribution must be licensed under the same license as the rest of the document, namely GPL version 2 or later. Below is the list of current contributors: Jurij Smakov Sven Luther Andres Salomon Maximilian Attems Ben Hutchings

kernel-handbook/chapter-versions.sgml0000660000000000000000000001123311767261232015174 0ustar Version numbers and ABIs The different types of version

Upstream version The version that Linus or a stable series maintainer uses for a release. Currently Linus will use the version format: 3.x[-rcy]. Stable series maintainers use the version format: 3.x.y. Package version The version used in a Debian package. Following Debian policy, it should follow the format upstreamversion-debianrevision. However, for an upstream release candidate, the string '-rc' must be replaced with '~rc' so that it will be recognised as an earlier version than the following release. Kernel version This is the version that appears in kernel messages, filenames, package names and the output of 'uname -r'. In official kernel packages it follows the format upstreamversion[-abiname][-featureset]-flavour. It is not changed for every new package version. The abiname is changed as explained below.

Many programs parse the kernel version string reported by the uname system call or command and expect to find at least 3 version components separated by dots. For compatibility, the official kernel packages currently add '.0' to the upstream version, but this will be dropped in wheezy+1.

The kernel ABI

An ABI (Application Binary Interface) is an interface between two software components, considered at the level of register allocation and memory layout. The ABI between the kernel and user-space is generally maintained carefully, and is not a concern here. However, the ABI between the kernel and its modules is not. In order to support out-of-tree modules, the kernel version should be changed when the ABI between the kernel and modules changes.

The ABI name

In official kernel packages, we change the abiname part of the kernel version to mark ABI changes that aren't due to a new upstream version. This part comes from the abiname setting in debian/config/defines. We use either a number or 'trunk' (for experimental), but for a custom package it should be some other string.

Maintaining and updating the ABI

In order to avoid the need for users to rebuild out-of-tree modules frequently, we try to avoid changing the kernel ABI during updates to a Debian stable or oldstable release. Most importantly, we avoid making such changes without changing the ABI name, except where it appears that out-of-tree modules do not depend on that part of the ABI.

Bug fixes or configuration changes to the kernel may alter the ABI. If an exported function is conditional on CONFIG_FOO, or it uses a type whose definition depends on CONFIG_FOO, then turning CONFIG_FOO on or off changes the ABI of that function, and thus of the kernel as a whole. Enabling or changing the configuration of a single driver usually doesn't change the ABI, because most drivers don't export anything.

The kernel build process generates a 'symbol version' for each exported function or variable. This is a hash of the definitions that it depends on, and should change whenever the function's ABI changes. The kernel module loader detects incompatible modules by comparing symbol versions. The whole set of symbol versions represents the kernel ABI.

We collect the symbol versions for previously uploaded packages under the directory debian/abi and then compare the new kernel with those. If the ABI name is unchanged but the ABI itself is changed - except for additions, or changes that we have marked as acceptable - then the build is aborted.

If the kernel ABI has changed you must then change the ABI name in debian/config/defines. Then run the command $ fakeroot debian/rules debian/control-real to regenerate the package definitions for this ABI name.

kernel-handbook/chapter-update-hooks.sgml0000660000000000000000000001412111767260650015731 0ustar Package maintainer scripts and hooks

Kernel packages for Debian have historically had complex maintainer scripts which can invoke the initramfs builder and/or a boot loader, based on a mixture of file tests, explicit configuration through the file /etc/kernel-img.conf and debconf questions. Starting with Debian 6.0, this has been greatly simplified.

The following policy applies to Debian GNU/Linux 6.0 'squeeze' and later releases. Some parts may be applicable to kernels other than Linux, but this policy does not set any requirements for them.

Kernel hooks

The maintainer scripts in Linux kernel packages must use run-parts to invoke hook scripts in the corresponding subdirectory of /etc/kernel, e.g. the postinst script must invoke scripts in /etc/kernel/postinst.d.

The arguments given to all kernel hook scripts are the kernel ABI version (the string that uname -r reports) and, optionally, the absolute path to the kernel image. If the second argument is missing then the path is either /boot/vmlinuz-version or /boot/vmlinux-version, according to architecture convention. The environment variable DEB_MAINT_PARAMS will contain the arguments given to the kernel maintainer script, possibly single-quoted. In a shell script, this variable can be parsed using: eval set -- "$DEB_MAINT_PARAMS"

Kernel hook scripts may be run under debconf. In this case they must not use stdin and stdout, and should send all output to stderr (fd 2). A shell script can ensure that it does this using: exec </dev/null >&2

Kernel hooks required for boot loaders

Packages for boot loaders that need to be updated whenever the files they load are modified (i.e. those that store a block list) must install hook scripts in /etc/kernel/postinst.d and /etc/kernel/postrm.d.

Since these boot loaders should be updated as the last step during installation/upgrade and removal, hook scripts for boot loaders must be named using the prefix zz- and no other packages may use this prefix or one that sorts later by the rules used by run-parts. A postrm hook script should warn but exit with code 0 if the boot loader configuration file still refers to the kernel image that has been removed.

These boot loader packages must be installable on the filesystem in a disabled state where they will not write to the boot sector or other special storage. While a boot loader is disabled, any kernel hooks it includes must do nothing except (optionally) printing a warning that the boot loader is disabled, and must exit successfully.

Packages for boot loaders that can provide a menu of kernel versions should install kernel hook scripts in order to update that menu.

Initramfs hooks

Packages for boot loaders that need to be updated whenever the files they load are modified must also install hook scripts in /etc/initramfs/post-update.d. Initramfs builders must call these scripts using run-parts after they create, update or delete an initramfs. The arguments given to these hook scripts are the kernel ABI version and the absolute path to the initramfs image.

While a boot loader is disabled, any initramfs hook it includes must do nothing except (optionally) printing a warning that the boot loader is disabled, and must exit successfully.

Kernel hooks required for initramfs builders

Initramfs builders must install hook scripts in /etc/kernel/postinst.d and /etc/kernel/postrm.d, to create/update and delete the corresponding initramfs images. The postinst hook script must complete its work before returning.

Optimising boot loader updates

During a kernel package installation, upgrade or removal, various boot loader hooks may be invoked (in this order): A postinst_hook or postrm_hook command set by the user or the installer in /etc/kernel-img.conf A hook script in /etc/initramfs/post-update.d A hook script in /etc/kernel/postinst.d or .../postrm.d

To avoid unnecessary updates, the hooks invoked at steps 1 and 2 may check whether $DPKG_MAINTSCRIPT_PACKAGE begins with linux-image- and do nothing in this case.

Deprecated features

Kernel packages must not invoke boot loaders except via hooks. If /etc/kernel-img.conf contains do_bootloader = yes or equivalent, maintainer scripts that previously acted on this must warn that they are ignoring it. linux-base must also warn on upgrade that the default has changed. In Debian 7.0 'wheezy', this prohibition extends to initramfs builder packages.

Initial configuration by the installer

The installer must not define do_bootloader, postinst_hook or postrm_hook in /etc/kernel-img.conf.

kernel-handbook/debian/0000770000000000000000000000000012013314767012232 5ustar kernel-handbook/debian/changelog0000660000000000000000000000743612013314767014117 0ustar kernel-handbook (1.0.15) unstable; urgency=low [ Jonathan Nieder ] * Fix capitalization in "Applying patches or configuration changes" section * Add a reminder to disable CONFIG_DEBUG_INFO in 'make deb-pkg' examples [ Ben Hutchings ] * Work around debiandoc-sgml bug (#685046) to fix the 'current bug list' link in the 'Filing a bug against a kernel package' section -- Ben Hutchings Fri, 17 Aug 2012 02:10:14 +0100 kernel-handbook (1.0.14) unstable; urgency=low [ Ben Hutchings ] * Remove custom version from 'make deb-pkg' example (Closes: #627838) * Fix introduction to say the handbook describes wheezy (Closes: #651467) * Add a section on disk space requirements for the official'linux' package (Closes: #681550) * Add Vcs-Git control field (Closes: #638479) * Mark as capable of satisfying relations from foreign packages (Multi-Arch: foreign) (Closes: #679204) * Add example of using lsinitramfs command (Closes: #639846) * Fix reference to linux-2.6 in package description [ Jonathan Nieder ] * Explain how to narrow the regression window with "git bisect" when filing bugs (Closes: #627960) -- Ben Hutchings Sat, 21 Jul 2012 22:15:36 +0100 kernel-handbook (1.0.13) unstable; urgency=low * Note that removed firmware is still packaged; suggested by Karl Goetz * Remove documentation of linux-tree package, removed in squeeze * Remove documentation of linux-patch-debian package, obsoleted by packaging changes and redundant with snapshot.debian.org * Remove documentation of version-specific /etc/modules files, which are no longer supported * Use 3.x version numbers and current flavour and featureset names in examples * Refer to the linux source package rather than linux-2.6 * Remove outdated advice to try disabling ACPI and IRQ routing options * Remove an unnecessary version qualification * Update explanation of source directories for quilted linux package * Update example orig tarball names to indicate xz compression * Update hooks policy description - Debian 6.0 release is now in the past - initramfs-tools is no longer special - squeeze+1 has a name and number * Note that official Linux kernel packages will use only 2 version components in wheezy+1 -- Ben Hutchings Sun, 17 Jun 2012 06:03:58 +0100 kernel-handbook (1.0.12) unstable; urgency=low * Update reference to svn://svn.debian.org; the hostname for anonymous access is now anonscm.debian.org * Update the description of version formats for 3.x -- Ben Hutchings Wed, 28 Sep 2011 15:38:34 +0100 kernel-handbook (1.0.11) unstable; urgency=low * Remove description of yaird and comparison with initramfs-tools * Mention dracut as an experimental initramfs generator * Explain how to build a linux-headers-common package, thanks to Faheem Mitha * Reword a few paragraphs in common-tasks, thanks to Karl Goetz * Bump copyright year for 2011, thanks to Jonathan Nieder * Refer to git repository, replacing the old svn repository (Closes: #627835) -- Ben Hutchings Fri, 01 Jul 2011 05:01:59 +0100 kernel-handbook (1.0.10) unstable; urgency=low * Explain how to override official kernel configuration and change the ABI name, based in part on text by Faheem Mitha * Explain the differences between upstream versions, package versions and kernel versions * Move 'simplified patching and building' instructions up, since most users should be able to follow these -- Ben Hutchings Tue, 26 Apr 2011 14:51:12 +0100 kernel-handbook (1.0.9) unstable; urgency=low * Initial upload to Debian archive - closes: #604713 -- Ben Hutchings Tue, 23 Nov 2010 18:08:23 +0000 kernel-handbook/debian/copyright0000660000000000000000000000206211625206165014166 0ustar This work was packaged for Debian by: Ben Hutchings on Tue, 23 Nov 2010 18:08:23 +0000 Author(s): Jurij Smakov, Sven Luther, Andres Salomon, Maximilian Attems, Ben Hutchings Copyright: Copyright 2005-2011 Debian Kernel Handbook Project License: This package is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This package is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see On Debian systems, the complete text of the GNU General Public License version 2 can be found in "/usr/share/common-licenses/GPL-2". kernel-handbook/debian/control0000660000000000000000000000142212002616325013626 0ustar Source: kernel-handbook Section: doc Priority: extra Maintainer: Debian kernel team Uploaders: Ben Hutchings , maximilian attems Build-Depends: debhelper (>= 7.0.50~), debiandoc-sgml Standards-Version: 3.9.1 Vcs-Browser: http://anonscm.debian.org/gitweb/?p=kernel-handbook/kernel-handbook.git Vcs-Git: git://anonscm.debian.org/kernel-handbook/kernel-handbook.git Package: debian-kernel-handbook Architecture: all Multi-Arch: foreign Depends: ${misc:Depends} Recommends: www-browser Description: reference to Debian Linux kernel packages and development A reference manual for: . * Working on the linux package * Building custom kernels and modules * Working with initramfs images * Kernel team policies kernel-handbook/debian/compat0000660000000000000000000000000211625206165013431 0ustar 7 kernel-handbook/debian/source/0000770000000000000000000000000011625206165013532 5ustar kernel-handbook/debian/source/format0000660000000000000000000000001511625206165014742 0ustar 3.0 (native) kernel-handbook/debian/rules0000770000000000000000000000067211625206165013317 0ustar #!/usr/bin/make -f # -*- makefile -*- # Sample debian/rules that uses debhelper. # This file was originally written by Joey Hess and Craig Small. # As a special exception, when this file is copied by dh-make into a # dh-make output file, you may use that output file without restriction. # This special exception was added by Craig Small in version 0.37 of dh-make. # Uncomment this to turn on verbose mode. #export DH_VERBOSE=1 %: dh $@ kernel-handbook/debian/debian-kernel-handbook.docs0000660000000000000000000000002511625206165017365 0ustar kernel-handbook.html kernel-handbook/debian/debian-kernel-handbook.doc-base0000660000000000000000000000053611625206165020121 0ustar Document: debian-kernel-handbook Title: Debian Linux Kernel Handbook Author: Debian Kernel Handbook Project Abstract: reference to Debian kernel packages and development Section: Debian Format: HTML Index: /usr/share/doc/debian-kernel-handbook/kernel-handbook.html/index.html Files: /usr/share/doc/debian-kernel-handbook/kernel-handbook.html/*.html kernel-handbook/kernel-handbook.sgml0000660000000000000000000000434612013061122014727 0ustar %versiondata; ]> Debian Linux Kernel Handbook The Debian Kernel Handbook Project version &version;, &date; Copyright © 2005-2012 Debian Kernel Handbook Project

This handbook is free software; you may redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2, or (at your option) any later version.

This is distributed in the hope that it will be useful, but without any warranty; without even the implied warranty of merchantability or fitness for a particular purpose. See the GNU General Public License for more details.

A copy of the GNU General Public License is available as /usr/share/common-licenses/GPL in the Debian GNU/Linux distribution or on the World Wide Web at . You can also obtain it by writing to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.

&chapter-scope; &chapter-source; &chapter-packaging; &chapter-common-tasks; &chapter-versions; &chapter-modules; &chapter-initramfs; &chapter-update-hooks; &chapter-bugs; kernel-handbook/chapter-bugs.sgml0000660000000000000000000003712712013313755014267 0ustar Reporting and handling bugs Bug handling policy for the kernel team Required information

Submitters are expected to run reportbug or other tool that runs our bug script under the kernel version in question. The response to reports without this information should be a request to follow-up using reportbug. If we do not receive this information within a month of the request, the bug may be closed.

Exceptions: If the kernel does not boot or is very unstable, instead of the usual system information we need the console messages via , , or a photograph. If the report is relaying information about a bug acknowledged upstream, we do not need system information but we do need specific references (bugzilla.kernel.org or git commit id). If the bug is clearly not hardware-specific (e.g. packaging error), we do not need system information. If the bug is reported against a well-defined model, we may not need device listings.

Severities

Many submitters report bugs with the wrong severity. We interpret the criteria as follows and will adjust severity as appropriate: critical: makes unrelated software on the system (or the whole system) break... The bug must make the kernel unbootable or unstable on common hardware or all systems that a specific flavour is supposed to support. There is no 'unrelated software' since everything depends on the kernel. grave: makes the package in question unusable or mostly so... If the kernel is unusable, this already qualifies as critical. grave: ...or causes data loss... We exclude loss of data in memory due to a crash. Only corruption of data in storage or communication, or silent failure to write data, qualifies. important We include lack of support for new hardware that is generally available.

Tagging

We do not use user-tags. In order to aid bug triage we should make use of the standard tags and forwarded field defined by the BTS. In particular: Add moreinfo whenever we are waiting for a response from the submitter and remove it when we are not Do not add unreproducible to bugs that may be hardware-dependent

Analysis by maintainers

Generally we should not expect to be able to reproduce bugs without having similar hardware. We should consider: Searching (including closed bugs) or other relevant bug tracker Searching kernel mailing lists Of the many archives, seems to suck least Patches submitted to some lists are archived at Viewing git commit logs for relevant source files In case of a regression, from the known good to the bad version In other cases, from the bad version forwards, in case the bug has been fixed since Searching kerneloops.org for similar oopses Matching the machine code and registers in an 'oops' against the source and deducing how the impossible happened (this doesn't work that often but when it does you look like a genius ;-)

Testing by submitter

Depending on the technical sophistication of the submitter and the service requirements of the system in question (e.g. whether it's a production server) we can request one or more of the following: Gathering more information passively (e.g. further logging, reporting contents of files in procfs or sysfs) Upgrading to the current stable/stable-proposed-updates/stable-security version, if it includes a fix for a similar bug Adding debug or fallback options to the kernel command line or module parameters Installing the unstable or backports version temporarily Rebuilding and installing the kernel with a specific patch added (the script debian/bin/test-patches should make this easy) Using git bisect to find a specific upstream change that introduced the bug

When a bug occurs in what upstream considers the current or previous stable release, and we cannot fix it, we ask the submitter to report it upstream at bugzilla.kernel.org under a specific Product and Component, and to tell us the upstream bug number. We do not report bugs directly because follow-up questions from upstream need to go to the submitter, not to us. Given the upstream bug number, we mark the bug as forwarded. bts-link then updates its status.

Keeping bugs separate

Many submitters search for a characteristic error message and treat this as indicating a specific bug. This can lead to many 'me too' follow-ups where, for example, the message indicates a driver bug and the second submitter is using a different driver from the original submitter.

In order to avoid the report turning into a mess of conflicting information about two or more different bugs: We should try to respond to such a follow-up quickly, requesting a separate bug report We can use the BTS summary command to improve the description of the bug As a last resort, it may be necessary to open new bugs with the relevant information, set their submitters accordingly, and close the original report

Where the original report describes more than one bug ('...and other thing...'), we should clone it and deal with each separately.

Applying patches

Patches should normally be reviewed and accepted by the relevant upstream maintainer (aside from necessary adjustments for an older kernel version) before being applied.

Talking to submitters

We should always be polite to submitters. Not only is this implied by the , but it is likely to lead to a faster resolution of the bug. If a submitter overrated the severity, quietly downgrade it. If a submitter has done something stupid, request that they undo that and report back. 'Sorry' and 'please' make a big difference in tone.

We will maintain general advice to submitters at .

Filing a bug against a kernel package

Debian kernel team keeps track of the kernel package bugs in the Debian Bug Tracking System (BTS). For information on how to use the system see . You can also submit the bugs by using the reportbug command from the package with the same name. Please note that kernel bugs found in distributions derived from Debian (such as Knoppix, Mepis, Progeny, Ubuntu, Xandros, etc.) should not be reported to the Debian BTS (unless they can be also reproduced on a Debian system using official Debian kernel packages). Derived distributions have their own policies and procedures regarding kernel packaging, so the bugs found in them should be reported directly to their bug tracking systems or mailing lists.

Nothing in this chapter is intended to keep you from filing a bug against one of the Debian kernel packages. However, you should recognize that the resources of the Debian kernel team are limited, and efficient reaction to a bug is largely determined by the amount and quality of the information included in the bug report. Please help us to do a better job by using the following guidelines when preparing to file the bug against kernel packages: Do the research. Before filing the bug search the web for the particular error message or symptom you are getting. As it is highly unlikely that you are the only person experiencing a particular problem, there is always a chance that it has been discussed elsewhere, and a possible solution, patch, or workaround has been proposed. If such information exists, always include the references to it in your report. Check the to see whether something similar has been reported already. Collect the information. Please provide enough information with your report. At a minimum, it should contain the exact version of the official Debian kernel package, where the bug is encountered, and steps to reproduce it. Depending on the nature of the bug you are reporting, you might also want to include the output of dmesg (or portions thereof), output of the lspci -vn. reportbug will do this automatically. If applicable, include the information about the latest known kernel version where the bug is not present, and output of the above commands for the working kernel as well. Use common sense and include other relevant information, if you think that it might help in solving the problem. Try to reproduce the problem with "vanilla" kernel. If you have a chance, try to reproduce the problem by building the binary kernel image from the "vanilla" kernel source, available from or its mirrors, using the same configuration as the Debian stock kernels. For more information on how to do this, look at . If there is convincing evidence that the buggy behavior is caused by the Debian-specific changes to the kernel, the bug will usually be assigned higher priority by the kernel team. If the bug is not specific for Debian, check out the upstream to see if it has been reported there. If you are sure that it is an upstream problem, you can also report your bug there (but submit it to Debian BTS anyway, so that we can track it properly). Use the correct package to report the bug against. Please file bugs against the package containing the kernel version where the problem occurs (e.g. linux-image-3.2.0-2-686-pae), not a metapackage (e.g. linux-image-686-pae). Bugs involving tainted kernels. If a kernel crashes, it normally prints out some debugging information, indicating, among other things, whether the running kernel has been tainted. The kernel is referred to as tainted if at the time of the crash it had some binary third-party modules loaded. As kernel developers do not have access to the source code for such modules, problems involving them are notoriously difficult to debug. It is therefore strongly recommended to try and reproduce the problem with an untainted kernel (by preventing the loading of binary modules, for example). If the problem is due to the presence of such modules, there is not much the kernel community can do about it and it should be reported directly to their authors.

Bisecting (finding the upstream version that introduced a bug)

When a bug is easy to reproduce locally but hard to get developers to reproduce (as is often true of workflow- or hardware-dependent bugs), it can be useful to compile and test a few versions to narrow down what changes introduced the regression.

To start, recreate the problem with a vanilla kernel: # apt-get install git build-essential $ git clone git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git $ cd linux The above commands acquire a vanilla kernel. Configure, build and test a binary package as explained in : $ make localmodconfig; # minimal configuration $ scripts/config --disable DEBUG_INFO; # to keep the build reasonably small $ make deb-pkg # dpkg -i ../linux-image-3.5.0_3.5.0-1_i386.deb; # substitute package name from the previous command # reboot If the bug doesn't show up, try again with the official configuration file from /boot. (If it still doesn't show up after that, declare victory and celebrate.)

Initialize the bisection process by declaring which versions worked and did not work: $ cd linux $ git bisect start $ git bisect good v3.0; # or whichever was known to be good $ git bisect bad; # current version is bad Now git checks out a version half-way in between to test. Build it, reusing the prepared configuration. $ make silentoldconfig $ make deb-pkg

Install the package, reboot, and test. $ git bisect good; # if this version doesn't exhibit the bug $ git bisect bad; # if it does $ git bisect skip; # if some other bug makes it hard to test And on to the next iteration: $ make silentoldconfig $ make deb-pkg

At the end of the process, the name of the "first bad commit" is printed, which is very useful for tracking down the bug. Narrowing down the regression range with a few rounds is useful even if you don't get that far; in that case, run git bisect log to produce a log. If you are the visual sort of person, git bisect visualize with the gitk package installed can show what is happening between steps.

See Christian Couder's article "Fighting regressions with git bisect" from or for details.

kernel-handbook/Makefile0000660000000000000000000000116212013314565012445 0ustar version := $(shell dpkg-parsechangelog | sed -ne 's,^Version: *\(.*\)$$,\1,p') date := $(shell date) all: version.ent debiandoc2html kernel-handbook.sgml clean: rm -rf kernel-handbook.html version.ent: FORCE if [ "$(version)" != \ "$$(sed 's//\1/; t; d' $@)" ]; then \ rm -f $@ && \ echo "" >> $@ && \ echo "" >> $@; \ fi sync: rsync -v -e ssh --chmod=a+rX --times kernel-handbook.html/* alioth.debian.org:/var/lib/gforge/chroot/home/groups/kernel-handbook/htdocs/ .PHONY: all sync FORCE kernel-handbook/chapter-modules.sgml0000660000000000000000000000673711762713067015014 0ustar Managing the kernel modules

Linux device drivers come in the form of kernel modules - object files which may be loaded into the running kernel to extend its functionality. The list of currently loaded kernel modules can be obtained using the lsmod command, modules may be loaded using modprobe, and removed using modprobe -r. The depmod command may be used to regenerate the list of available modules (after installation of the new modules, for example), even though it is pretty unlikely that you will ever need to invoke it by hand.

Normally, the devices are detected and neccessary kernel modules are loaded by udev during boot time. Occasionally, one may need finer control over the loading of kernel modules, for example to pass the additional parameters to the module, force loading of some modules on startup, or prevent certain module(s) from being loaded.

If some modules are not loaded automatically by udev, but you would like them to be loaded during boot, it is possible to force it by listing the names of the modules in /etc/modules. This will be scanned for the names of the modules (one name per line), which will then be loaded using modprobe. You can also specify the arguments for the modules. For example, a typical /etc/modules might look like that loop max_int=32 sbp2 To find out what parameters are accepted by a given module, you can use the modinfo command, for example: # modinfo loop filename: /lib/modules/3.2.0-2-686-pae/kernel/drivers/block/loop.ko alias: devname:loop-control alias: char-major-10-237 alias: block-major-7-* license: GPL depends: intree: Y vermagic: 3.2.0-2-686-pae SMP mod_unload modversions 686 parm: max_loop:Maximum number of loop devices (int) parm: max_part:Maximum number of partitions per loop device (int)

To add custom arguments to the modules loaded by udev early in the boot process, you need to create a custom configuration file for modprobe, which udev uses to load the modules. For example, to pass an atapi_enabled=1 argument to the libata kernel module, create /etc/modprobe.d/local file with a following line: options libata atapi_enabled=1 You can choose arbitrary names for the configuration files in /etc/modprobe.d and put multiple options lines in the same file.

Sometimes two different modules claim support for the same device, usually because two slightly different versions of the device exist, requiring different kernel modules to operate. In such situation udev loads both kernel modules, with unpredictable results. To avoid this problem, you can prevent any module (let's say, tulip) from loading by creating an arbitrarily named file, containing a line blacklist tulip in /etc/modprobe.d directory. See the modprobe manual page (man modprobe) for much more information on configuring and using modprobe.