Recompiling Photon OS Linux Kernel - dcasota/photonos-scripts GitHub Wiki
By default, the Photon OS Linux kernel allows only specific connectivity. Photon OS is hardened and for example usb connectivity isn't reasonable for cloud-native purposes. In the VMware communities forum here and in the Github forum here this topic has been discussed.
The extra mile by recompiling the Linux kernel to make specific interoperability eligible is a barrier to protect users, to maintain functionality and provide safety. This means do not use Photon OS as yet another common-purpose Linux distro because it never was intended for that.
As a Linux developer, you must have learned how to make build packages and how to maintain them, resolve package dependencies, taking into account of different cpu architectures and different flavors, etc.
For this kind of maintenance, the best way for Photon OS actually is to start with docs Building Package or Kernel Modules Using a Script | (vmware.github.io). However, recompiling the Linux kernel and Kernel Live patching aren't documented yet in the meaning as official tutorial.
The following recipe and output are the same as in the Photon OS Github forum.
# Naming scheme VMware By Broadcom ESXi optimized: linux-esx
# Naming scheme generic : linux
# variables
InstalledKernelReleaseName=""
KernelRelease=""
KernelReleaseNumber=""
DownloadUrl=""
NamingScheme=""
# get installed Linux Kernel Release
tdnf install -y awk
InstalledKernelReleaseName=`uname -a | awk '{print $3}'`
# 5.10.210-3.ph4-esx
KernelRelease=`tdnf list linux-api-headers | grep photon-updates | awk '{ print $2}'`
# 5.10.210-1.ph4
KernelReleaseNumber=`echo $KernelRelease | awk -F "-" '{print $1}'`
# 5.10.210
# Assemble DownloadUrl for Linux Kernel srpm
DownloadUrl=""
NamingScheme=""
if [[ $InstalledKernelReleaseName == *"-esx"* ]]; then
DownloadUrl="https://packages.vmware.com/photon/4.0/photon_srpms_4.0_x86_64/linux-esx-$KernelRelease.src.rpm"
NamingScheme="linux-esx"
else
DownloadUrl="https://packages.vmware.com/photon/4.0/photon_srpms_4.0_x86_64/linux-$KernelRelease.src.rpm"
NamingScheme="linux"
fi
# https://packages.vmware.com/photon/4.0/photon_srpms_4.0_x86_64/linux-esx-5.10.210-1.ph4.src.rpm
# Download and configure source rpm of Linux Kernel
tdnf install -y wget rpm-build
cd /usr/local/src
mkdir -p $PWD/{RPMS,SRPMS,SOURCES,SPECS,LOGS,BUILD,BUILDROOT}
cd SOURCES
rpm2cpio $DownloadUrl | cpio -idm
# prepare for menuconfig
export TERM=linux
tdnf install -y tar build-essential ncurses ncurses-devel openssl-devel
tar xf linux-$KernelReleaseNumber.tar.xz
cd linux-$KernelReleaseNumber/
make clean
# start menuconfig and configure (enable CONFIG_MODULES!), save configuration and exit.
make menuconfig
# or copy your own .config
# cp .config .config.old
# cp <your path>/.config .config
## make
chmod 777 .config
make -j$(nproc) KCONFIG_CONFIG=.config
make modules_install -j$(nproc)
make install -j$(nproc)
cd ..
# exchange with a new tar
mv linux-$KernelReleaseNumber.tar.xz linux-$KernelReleaseNumber.tar.xz.old
tar -czf linux-$KernelReleaseNumber.tar.xz linux-$KernelReleaseNumber/*
rm -r -f linux-$KernelReleaseNumber/
rm linux-$KernelReleaseNumber.tar.xz.old
cd ..
## rpmbuild
cp SOURCES/$NamingScheme.spec SPECS/$NamingScheme.spec
# workaround for: rpmbuild fails with
# `error: Unable to open /usr/src/photon/SOURCES/modify_kernel_configs.inc: No such file or directory` `error: line 469: Unclosed %if`
ln -s -d /usr/local/src /usr/src/photon
# solve package dependencies for SPECS/$NamingScheme.spec
# Linux-PAM-devel is needed by linux-esx-5.10.210-1.x86_64
# elfutils-libelf-devel is needed by linux-esx-5.10.210-1.x86_64
# gdb is needed by linux-esx-5.10.210-1.x86_64
# glib-devel is needed by linux-esx-5.10.210-1.x86_64
# kmod-devel is needed by linux-esx-5.10.210-1.x86_64
# libdnet-devel is needed by linux-esx-5.10.210-1.x86_64
# libmspack-devel is needed by linux-esx-5.10.210-1.x86_64
# procps-ng-devel is needed by linux-esx-5.10.210-1.x86_64
# xerces-c-devel is needed by linux-esx-5.10.210-1.x86_64
# xml-security-c-devel is needed by linux-esx-5.10.210-1.x86_64
tdnf install -y linux-PAM-devel elfutils-libelf-devel gdb glib-devel kmod-devel libdnet-devel libmspack-devel procps-ng-devel xerces-c-devel xml-security-c-devel
rpmbuild -bb SPECS/$NamingScheme.spec
rpmbuild takes a while.
See output in /usr/local/src/RPMS/x86_64.
-rw-r----- 1 root root 15771428 Mar 18 13:10 linux-esx-5.10.210-1.x86_64.rpm
-rw-r----- 1 root root 365321243 Mar 18 13:10 linux-esx-debuginfo-5.10.210-1.x86_64.rpm
-rw-r----- 1 root root 13965485 Mar 18 13:10 linux-esx-devel-5.10.210-1.x86_64.rpm
-rw-r----- 1 root root 10286334 Mar 18 13:10 linux-esx-docs-5.10.210-1.x86_64.rpm
Keep in mind that packages standalone are rubbish without quality assurance, testing modules, limitations to avoid sha/naming/numbering mismatch, etc.