Move in-tree kernel modules to separate derivation output#423933
Move in-tree kernel modules to separate derivation output#423933jmbaur merged 3 commits intoNixOS:masterfrom
Conversation
nix-owners
bot
requested review from
K900,
Ma27,
NeQuissimus,
TredwellGit and
alyssais
nixpkgs-ci
bot
added
6.topic: nixos
nixpkgs-ci
bot
added
10.rebuild-linux: 501+
|
CC @emilazy |
|
I've tested this on a minimal kernel configuration, but this does not yet work with the full-blown NixOS kernel configs yet, still working through this issue: |
|
This seems like a sensible enough direction. Even better would be if we could if we could have one output per module, or even one derivation per module. But that might not be easy to achieve. I plan to split the outputs of the kernel images as part of my ongoing refactoring, but that shouldn’t conflict with this (semantically – diff‐wise, it probably will). |
That would be great! Would be amazing to build as many kernel image types for a given architecture as possible (like the ideas in #324419), to allow for the user to pick the one they want later without having to incur a rebuild. |
alyssais
left a comment
alyssais
left a comment
There was a problem hiding this comment.
Seems sensible enough to me but haven't tested. I guess there's not anything we can really do to make it backwards compatible without defeating the purpose by adding a reference…
nixpkgs-ci
bot
added
12.approvals: 1
|
Yeah I think it makes sense to batch this with my other target change since that will be (deliberately) breaking.
Right, yeah, that’s the idea, especially as it means we can more safely prefer compressed UEFI stub images on AArch64. Though |
So it appears somewhere in the kernel build system, the |
|
@ofborg test systemd-initrd-modprobe |
|
This is ready. I've tested locally with the |
|
We can avoid contorting the output name by just unsetting |
jmbaur
force-pushed
the
linux-outputs
branch
2 times, most recently
from
98829e9 to
59aba1f
Compare
Should be good now! |
|
BTW, this should be release noted as a breaking change. |
|
I appreciate that the fixes come very fast after reporting them, at least 😄 |
ghost
mentioned this pull request
Add a hack to fix Rust support broken by NixOS/nixpkgs#423933 See https://github.com/NixOS/nixpkgs/pulls/436245 for Nixpkgs upstream fix
Add a hack to fix Rust support broken by NixOS/nixpkgs#423933 See NixOS/nixpkgs#436245 for Nixpkgs upstream fix
The changes in NixOS#423933 caused previously working calls to `pkgs.makeModulesClosure` to produce empty outputs, when paired with `allowMissing = true;`. In turn, this broke boot in those systems, as instead of having kernel modules (as one would expect), instead there was nothing to load. This is not only a weird edge case, as due to how the options compose in the NixOS modules system, `allowMissing` is de-facto required in some use-cases. (See e.g. NixOS#154163 (comment) ) The choice of `allowEmpty` being set to `false` by default matches the default assumptions from `allowMissing`: something should be produced. This *may* break some builds, but it will break them at build time, rather than breaking boot. In this situation setting `allowEmpty` will be the solution to fix this issue. This is a tradeoff: break the usage of `makeModulesClosure` at build time for those that wanted an empty output, or break the usage of `makeModulesClosure` at boot for the others. The latter is much much much preferrable, since it prevents problematic situations where a remote system is stuck not booting, without remote hands. The former situation will only be groan-inducing. This change was tested with Mobile NixOS. Between NixOS#423933 and this change, it *will* produce broken stage-1 systems for modular kernels. With this change, it breaks the builds. ***This is as expected.*** This could be worked around within NixOS outright, by having the `makeModulesClosure` function check for `modules` output, but that might be a worse workaround, and may cause weirder breakage. It especially will make it much weirder to wrap one's head around `makeModulesClosure`. Signed-off-by: Samuel Dionne-Riel <samuel@dionne-riel.com>
|
FYI, this broke |
Instead of `$toplevel/kernel-modules/bzImage`, we use `$toplevel/kernel` to find the kernel image of a generation.
Fix in #437139 |
Nixpkgs changed the location of the kernel image in NixOS/nixpkgs#423933.
Since NixOS#423933 nixpkgs kernel have a seperate "modules" output for kernel. This check now acts similar to lib.getBin/lib.getLib etc.
|
Here is a proposal to make |
|
This pull request has been mentioned on NixOS Discourse. There might be relevant details there: https://discourse.nixos.org/t/patching-an-in-tree-linux-kernel-module/22137/3 |
9 participants
The kernel image takes up a significant amount of space in the derivation where kernel modules are installed (even more so on aarch64 where we install the uncompressed
Imagefile). Since the kernel image is not functionally needed in this derivation (by the time kernel modules would be of any use, we've already booted into our kernel), we can save some space by splitting out the modules into their own output. This change doesn't really do a lot for pure NixOS closures today, since the kernel image is still in the closure ofconfig.system.build.toplevel, however the linux kernel build recipe in nixpkgs is super useful for more than just NixOS use-cases anyways. Plus, it's not out of the realm of possibility for NixOS'stoplevelto remove the reference to the kernel image, which would be especially helpful in saving space on image-based systems where the ESP and/or boot partition is built and populated ahead of time and not part of the switch-to-configuration/bootloader-installation step.Things done
nix.conf? (See Nix manual)sandbox = relaxedsandbox = truenix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD". Note: all changes have to be committed, also see nixpkgs-review usage./result/bin/)Add a 👍 reaction to pull requests you find important.