Re: [gentoo-dev] linux-info.eclass: check_extra_config requires a configured kernel
On Fri, Nov 04, 2011 at 09:16:13PM +, Robin H. Johnson wrote: > - Does the package _build_ kernel modules? > Yes: .config is required. > No: .config is NOT required. All options must have '~' prefix. > - Does the package use the options specified _during_ src_configure, > src_compile, src_test process? > (eg there's a testsuite that uses namespaces). > Yes: .config/config.gz may not be available, devise an actual test > that tries to use the option. > No: Just keep the ~ prefix on the option. I've just checked _every_ ebuild in the tree that: (used CONFIG_CHECK with non-~ arguments) AND (did not inherit linux-mod). I've fixed almost all of them. Testcase was building on a system with no /usr/src, no /proc/config*. I fixed one or more ebuilds in each of the following packages: app-emulation/spice-vdagent gnome-extra/nautilus-dropbox net-misc/iodine net-wireless/madwimax sys-block/open-iscsi I did NOT fix: www-client/chromium-16.0.912.15 (failed to build for unrelated reasons). TODO: - Look for ebuilds that call the check functions manually. - Check all ebuilds inheriting linux-mod, with USE=-modules. -- Robin Hugh Johnson Gentoo Linux: Developer, Trustee & Infrastructure Lead E-Mail : robb...@gentoo.org GnuPG FP : 11AC BA4F 4778 E3F6 E4ED F38E B27B 944E 3488 4E85
Re: [gentoo-dev] linux-info.eclass: check_extra_config requires a configured kernel
On Fri, Nov 4, 2011 at 11:12 PM, Robin H. Johnson wrote: > On Fri, Nov 04, 2011 at 11:02:18PM +0100, Fabio Erculiani wrote: >> > The ONLY time that kernel config checks are fatal is when you're >> > building kernel modules, and the module will fail to compile unless >> > there is a .config and suitable options set. >> And that is bad anyway, because it doesn't work as expected when the >> package is merged from tbz2, there are no kernel sources installed and >> multiple kernels are on the same system (and perhaps you are using a >> package manager that properly supports multiple installed kernel >> module packages). > I said when you're building. When you're merging from binpkg, you're not > building... Correct :-) > > -- > Robin Hugh Johnson > Gentoo Linux: Developer, Trustee & Infrastructure Lead > E-Mail : robb...@gentoo.org > GnuPG FP : 11AC BA4F 4778 E3F6 E4ED F38E B27B 944E 3488 4E85 > > -- Fabio Erculiani http://lxnay.com
Re: [gentoo-dev] linux-info.eclass: check_extra_config requires a configured kernel
On Fri, Nov 04, 2011 at 11:02:18PM +0100, Fabio Erculiani wrote: > > The ONLY time that kernel config checks are fatal is when you're > > building kernel modules, and the module will fail to compile unless > > there is a .config and suitable options set. > And that is bad anyway, because it doesn't work as expected when the > package is merged from tbz2, there are no kernel sources installed and > multiple kernels are on the same system (and perhaps you are using a > package manager that properly supports multiple installed kernel > module packages). I said when you're building. When you're merging from binpkg, you're not building... -- Robin Hugh Johnson Gentoo Linux: Developer, Trustee & Infrastructure Lead E-Mail : robb...@gentoo.org GnuPG FP : 11AC BA4F 4778 E3F6 E4ED F38E B27B 944E 3488 4E85
Re: [gentoo-dev] linux-info.eclass: check_extra_config requires a configured kernel
On Fri, Nov 4, 2011 at 10:18 PM, Robin H. Johnson wrote: > On Fri, Nov 04, 2011 at 04:11:42PM +0100, Fabio Erculiani wrote: >> On Fri, Nov 4, 2011 at 3:46 PM, Mike Gilbert wrote: >> > >> > It is good that we warn users about this when they install the package, >> > but I don't think the ebuild should die. >> >> I've always found ebuilds dying at kernel config checks really annoying. >> Checking kernel features at build time (if we die) is broken and >> should be banned IMO: > You're going off on a tangent. > > The ONLY time that kernel config checks are fatal is when you're > building kernel modules, and the module will fail to compile unless > there is a .config and suitable options set. And that is bad anyway, because it doesn't work as expected when the package is merged from tbz2, there are no kernel sources installed and multiple kernels are on the same system (and perhaps you are using a package manager that properly supports multiple installed kernel module packages). > > chromium is using the fatal mode of CONFIG_CHECK wrongly. > > -- > Robin Hugh Johnson > Gentoo Linux: Developer, Trustee & Infrastructure Lead > E-Mail : robb...@gentoo.org > GnuPG FP : 11AC BA4F 4778 E3F6 E4ED F38E B27B 944E 3488 4E85 > > -- Fabio Erculiani http://lxnay.com
Re: [gentoo-dev] linux-info.eclass: check_extra_config requires a configured kernel
On Fri, Nov 04, 2011 at 04:11:42PM +0100, Fabio Erculiani wrote: > On Fri, Nov 4, 2011 at 3:46 PM, Mike Gilbert wrote: > > > > It is good that we warn users about this when they install the package, > > but I don't think the ebuild should die. > > I've always found ebuilds dying at kernel config checks really annoying. > Checking kernel features at build time (if we die) is broken and > should be banned IMO: You're going off on a tangent. The ONLY time that kernel config checks are fatal is when you're building kernel modules, and the module will fail to compile unless there is a .config and suitable options set. chromium is using the fatal mode of CONFIG_CHECK wrongly. -- Robin Hugh Johnson Gentoo Linux: Developer, Trustee & Infrastructure Lead E-Mail : robb...@gentoo.org GnuPG FP : 11AC BA4F 4778 E3F6 E4ED F38E B27B 944E 3488 4E85
Re: [gentoo-dev] linux-info.eclass: check_extra_config requires a configured kernel
On Fri, Nov 04, 2011 at 01:59:14PM +0100, "Paweł Hajdan, Jr." wrote: > check_extra_config requires a configured kernel > (/usr/src/linux/.config), while I think it should also be satisfied by > /proc/config.gz (i.e. just a way to verify the config, not necessarily > kernel built locally). > > An example use case is www-client/chromium, which makes sure the kernel > will support its sandbox. It's generally a bad idea to run without full > sandboxing support (it can work without kernel support, just doesn't > prevent a compromised renderer from connecting to network or sending > signals to processes). chromium is using CONFIG_CHECK wrongly. It should be CONFIG_CHECK="~PID_NS ~NET_NS" - Does the package _build_ kernel modules? Yes: .config is required. No: .config is NOT required. All options must have '~' prefix. - Does the package use the options specified _during_ src_configure, src_compile, src_test process? (eg there's a testsuite that uses namespaces). Yes: .config/config.gz may not be available, devise an actual test that tries to use the option. No: Just keep the ~ prefix on the option. > # In the case where we don't require a .config, we can now bail out > # if the user has no .config as there is nothing to do. Otherwise > # code later will cause a failure due to missing .config. > if ! linux_config_exists; then [snip] > fi This will cause out-of-kernel module building to fail much later instead of correctly failing early when there is no .config. -- Robin Hugh Johnson Gentoo Linux: Developer, Trustee & Infrastructure Lead E-Mail : robb...@gentoo.org GnuPG FP : 11AC BA4F 4778 E3F6 E4ED F38E B27B 944E 3488 4E85
Re: [gentoo-dev] linux-info.eclass: check_extra_config requires a configured kernel
pkg_setup() is shared between binpkgs and srcpkgs, and often it ends
up containing stuff that should be rather placed into
src_{prepare,configure,whatever}.
--
Fabio Erculiani
http://lxnay.com
Re: [gentoo-dev] linux-info.eclass: check_extra_config requires a configured kernel
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 04/11/11 11:11 AM, Fabio Erculiani wrote: > On Fri, Nov 4, 2011 at 3:46 PM, Mike Gilbert wrote: >> >> It is good that we warn users about this when they install the package, >> but I don't think the ebuild should die. > > I've always found ebuilds dying at kernel config checks really annoying. > Checking kernel features at build time (if we die) is broken and > should be banned IMO: > > 1) in case of packages not needing kernel headers for building (but > just checking for a feature) > a) this breaks the compilation inside chroots on build servers where > the goal is to just build the package (hint: binpkgs) > b) it is anyway unable to reliably check if the feature is actually > available or not (/proc/config.gz might be unavailable, as well as > kernel sources or headers) As i think has already been mentioned, when building binpkgs or building for other systems, since the idea here is to ensure build-time requirements are met, things should be OK as long as you have a configured kernel for the target in place as well. And you probably should; if you're building packages for target systems you might as well configure and/or build their kernels too. Also as was mentioned, /proc/config.gz would never be appropriate in these cases since the running kernel probably has nothing to do with the target system's kernel. > > 2) in case of packages needing kernel headers (or sources) for building > a) doing the check in pkg_setup() breaks binpkgs support (the check > becomes part of a build time task, and not install time) .. so you're recommending the check be moved to pkg_preinst() ? Or perhaps duplicated into both pkg_setup/pkg_pretend and pkg_preinst ? That would be doable, wouldn't it? -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.17 (GNU/Linux) iF4EAREIAAYFAk60BMQACgkQAJxUfCtlWe17qwEAhh2udNzptIJZHeEyh8DJhTj3 HLbC/ZpIJUQTbpHueOEBAITcA3DasGAQIdSWGvn7E2xwYMFTS+U0UyDWJCesv5xR =U+gT -END PGP SIGNATURE-
Re: [gentoo-dev] linux-info.eclass: check_extra_config requires a configured kernel
On Fri, Nov 4, 2011 at 3:46 PM, Mike Gilbert wrote: > > It is good that we warn users about this when they install the package, > but I don't think the ebuild should die. I've always found ebuilds dying at kernel config checks really annoying. Checking kernel features at build time (if we die) is broken and should be banned IMO: 1) in case of packages not needing kernel headers for building (but just checking for a feature) a) this breaks the compilation inside chroots on build servers where the goal is to just build the package (hint: binpkgs) b) it is anyway unable to reliably check if the feature is actually available or not (/proc/config.gz might be unavailable, as well as kernel sources or headers) 2) in case of packages needing kernel headers (or sources) for building a) doing the check in pkg_setup() breaks binpkgs support (the check becomes part of a build time task, and not install time) I'm sure there are other reasons as well... -- Fabio Erculiani http://lxnay.com
Re: [gentoo-dev] linux-info.eclass: check_extra_config requires a configured kernel
On 11/4/2011 8:59 AM, "Paweł Hajdan, Jr." wrote: > Thoughts? > Shouldn't chromium be dealing with this at run-time where it actually matters? This would be better than doing it in the ebuild where we can only do it at build and/or install-time. It is good that we warn users about this when they install the package, but I don't think the ebuild should die. signature.asc Description: OpenPGP digital signature
Re: [gentoo-dev] linux-info.eclass: check_extra_config requires a configured kernel
On Fri, Nov 4, 2011 at 6:53 PM, Patrick Lauer wrote: > The running kernel is really irrelevant for those of us that build binpkgs. > /usr/src/linux is "more correct" in the case of binpkgs and most upgrade > scenarios where you don't reboot for a new kernel immediately. > Also, for out-of-kernel modules that need the kernel source for building, the build-time .config is much more relevant than the runtime config. -- ~Nirbheek Chauhan Gentoo GNOME+Mozilla Team
Re: [gentoo-dev] linux-info.eclass: check_extra_config requires a configured kernel
On 11/04/11 13:59, "Paweł Hajdan, Jr." wrote: check_extra_config requires a configured kernel (/usr/src/linux/.config), while I think it should also be satisfied by /proc/config.gz (i.e. just a way to verify the config, not necessarily kernel built locally). The running kernel is really irrelevant for those of us that build binpkgs. /usr/src/linux is "more correct" in the case of binpkgs and most upgrade scenarios where you don't reboot for a new kernel immediately. It's hard to find a solution that is correct and works for everyone - at least we've mostly got people to stop dying and only warn on a mismatch there.
Re: [gentoo-dev] linux-info.eclass: check_extra_config requires a configured kernel
Anything using /proc/config.gz is broken. For the following reasons: 1) could be not available (CONFIG not enabled) 2) doesn't reflect the kernel you're compiling against (chrooted env, multiple kernels on the system, etc) -- Fabio Erculiani
[gentoo-dev] linux-info.eclass: check_extra_config requires a configured kernel
check_extra_config requires a configured kernel
(/usr/src/linux/.config), while I think it should also be satisfied by
/proc/config.gz (i.e. just a way to verify the config, not necessarily
kernel built locally).
An example use case is www-client/chromium, which makes sure the kernel
will support its sandbox. It's generally a bad idea to run without full
sandboxing support (it can work without kernel support, just doesn't
prevent a compromised renderer from connecting to network or sending
signals to processes).
My suggestion is to replace the following code fregment:
if [[ ${config_required} == 0 ]]; then
# In the case where we don't require a .config, we can now bail out
# if the user has no .config as there is nothing to do. Otherwise
# code later will cause a failure due to missing .config.
if ! linux_config_exists; then
ewarn "Unable to check for the following kernel config options due"
ewarn "to absence of any configured kernel sources or compiled"
ewarn "config:"
for config in ${CONFIG_CHECK}; do
local_error="ERROR_${config#\~}"
msg="${!local_error}"
if [[ "x${msg}" == "x" ]]; then
local_error="WARNING_${config#\~}"
msg="${!local_error}"
fi
ewarn " - ${config#\~}${msg:+ - }${msg}"
done
ewarn "You're on your own to make sure they are set if needed."
export LINUX_CONFIG_EXISTS_DONE="${old_LINUX_CONFIG_EXISTS_DONE}"
return 0
fi
else
require_configured_kernel
fi
With something more like this:
# In the case where we don't require a .config, we can now bail out
# if the user has no .config as there is nothing to do. Otherwise
# code later will cause a failure due to missing .config.
if ! linux_config_exists; then
ewarn "Unable to check for the following kernel config options due"
ewarn "to absence of any configured kernel sources or compiled"
ewarn "config:"
for config in ${CONFIG_CHECK}; do
local_error="ERROR_${config#\~}"
msg="${!local_error}"
if [[ "x${msg}" == "x" ]]; then
local_error="WARNING_${config#\~}"
msg="${!local_error}"
fi
ewarn " - ${config#\~}${msg:+ - }${msg}"
done
ewarn "You're on your own to make sure they are set if needed."
export LINUX_CONFIG_EXISTS_DONE="${old_LINUX_CONFIG_EXISTS_DONE}"
if [[ ${config_required} == 0 ]]; then
return 0
else
die "unable to check for required kernel options"
fi
fi
Thoughts?
signature.asc
Description: OpenPGP digital signature
