There isn't really any reason to use gzip instead of bzip2 for the Linux
initramfs/kernel, since we have it!
Saves a few MB (~13MB as far as I can tell)
This is a continuation of the 4.14 series by the Open Enterprise Linux
Alliance, ostensibly to the same maintenance standards as the now
discontinued kernel.org LTS.
This code is primarily offered as a Git repository, with gz tarballs
also available, but no xz versions. Switching back to a gzipped version
of the kernel source code would introduce too much srcfs growth, so we
use the last kernel.org tar.xz release (4.14.336), and apply OpenELA's
changes using a patch generated from the Git repository.
This updates the Linux kernel configuration, removing irrelevant
networking-related components, and switching framebuffer drivers to
the DRM-based ones. With this, we can finally bootstrap on systems
with newer NVIDIA cards, which would green screen with the nvidiafb
driver.
KVM is still disabled, see #443 - VIRTUALIZATION is also disabled,
as it's useless without KVM or any other suboption being enabled.
Additionally, we can now drop the bad-asm patch, since our newer
binutils has no problem supporting that syntax, and it doesn't look
quite innocuous to me, removing an offset from a memory access.
The kernel is now built in 2 stages: first, we build vmlinux only,
then, after cleaning up any intermediate .o files (except the ones
needed to build efistub), we convert it to a bzImage. This required
some creative use of the -o option to convince Make not to rebuild
all of the .o files we've just deleted as dependencies.
This is the last LTS version buildable using GCC 4.0.x. The next one,
version 4.19, requires at least GCC 4.6.
Fortunately, this is also the first version of the Linux kernel
without firmware blobs being included in /firmware, so the FSFLA
deblob scripts aren't needed anymore to ensure a fully auditable
kernel - the 3 remaining drivers that do include blobs masquerading
as source code are removed via a patch, avoiding all the other side
effects of the deblob scripts.
This doesn't compromise the trustworthiness of the bootstrapped
environment, since all the other drivers deblob would remove use
the firmware loader mechanism, which does nothing when the actual
firmware blobs aren't installed on the system separately. Features
dependent on firmware still won't work, but many drivers that load
firmware do so only optionally. This includes r8169, the driver for
the Realtek gigabit NICs found on many x86 motherboards.
This kernel is considerably larger than 4.9.10, and we build more
of it (including drivers that would previously get stripped away by
the deblob script, such as r8169), so to accommodate that, Fiwix
initrd size is increased by 64MiB, while lowering kexec space by
the same amount to ensure enough userspace memory available in Fiwix.
Fiwix's maximum open file count is also bumped from 1.5K to 2.5K.
The Documentation folder is deleted before build, to further save
space in the ramdisk.
* Enable additional hardware drivers in Linux for better bare metal
display, network & input device compatibility
* Disable ATA-over-Ethernet support, because it spams the network
with unnecessary packets, is basically useless for bootstrapping,
and may even be a security risk
* Increase Fiwix initrd size to 1280MB to fit a larger Linux build
* Make the Fiwix kexec size configurable the same way as initrd
(and reduce from 280MB to 256MB which is sufficient in my testing)
* Use a more conservative memory map for Fiwix & Linux
* Boot Linux with consoleblank=0 on bare metal, so the build won't
go blind after 5 minutes
* Support kexec-fiwix with interrupts disabled (will be useful later
when builder-hex0 is updated)
Linux's KBUILD doesn't follow SOURCE_DATE_EPOCH, but rather it
uses its own variable, KBUILD_BUILD_TIMESTAMP.
While we are at it, also update kexec-linux's checksum, which
didn't match either. (This one was reproducible, it was just
out of date.)
