diff --git a/bazel/linux_headers.bzl b/bazel/linux_headers.bzl index 56c336e5aba..a7bd72a6b5a 100644 --- a/bazel/linux_headers.bzl +++ b/bazel/linux_headers.bzl @@ -28,19 +28,17 @@ def linux_headers(): http_file( name = "linux_headers_merged_x86_64_tar_gz", urls = [ - "https://github.com/pixie-io/dev-artifacts/releases/download/linux-headers%2Fpl7/linux-headers-merged-x86_64-pl7.tar.gz", - "https://storage.googleapis.com/pixie-dev-public/linux-headers/pl7/linux-headers-merged-x86_64-pl7.tar.gz", + "https://github.com/pixie-io/dev-artifacts/releases/download/linux-headers%2Fpl8/linux-headers-merged-x86_64-pl8.tar.gz", ], - sha256 = "e4635db60d7f4139a8fea1b0490a0d0159e1edb9f3272ba2bcf40f8ea933bf93", + sha256 = "07d0393aca727faadd41146585f92e3d9df239d91e2fa985ec55e50dc8526594", downloaded_file_path = "linux-headers-merged-x86_64.tar.gz", ) http_file( name = "linux_headers_merged_arm64_tar_gz", urls = [ - "https://github.com/pixie-io/dev-artifacts/releases/download/linux-headers%2Fpl7/linux-headers-merged-arm64-pl7.tar.gz", - "https://storage.googleapis.com/pixie-dev-public/linux-headers/pl7/linux-headers-merged-arm64-pl7.tar.gz", + "https://github.com/pixie-io/dev-artifacts/releases/download/linux-headers%2Fpl8/linux-headers-merged-arm64-pl8.tar.gz", ], - sha256 = "c2a99ad6462dd1211c4e2f54f7279b7cf526e73918148350ccba988b95ca6115", + sha256 = "75a05de508a7e83204e023ecdbdc2322b42fc812037a253de29c178871db7012", downloaded_file_path = "linux-headers-merged-arm64.tar.gz", ) diff --git a/tools/docker/Makefile b/tools/docker/Makefile index 7a478cb7f9d..c4f78951e31 100644 --- a/tools/docker/Makefile +++ b/tools/docker/Makefile @@ -72,36 +72,26 @@ SYSROOT_CREATOR_IMAGE_TAG := sysroot-creator-$(SYSROOT_REV) ## Linux image parameters LINUX_HEADER_BUILD_DIR := $(BUILD_DIR)/linux_headers LINUX_HEADER_ASSETS_BUILD_DIR := $(LINUX_HEADER_BUILD_DIR)/assets -LINUX_KERNEL_VERSIONS := 4.14.309 \ - 4.15.18 \ - 4.16.18 \ - 4.17.19 \ - 4.18.20 \ - 4.19.325 \ - 4.20.17 \ - 5.0.21 \ - 5.1.21 \ - 5.2.21 \ - 5.3.18 \ - 5.4.293 \ - 5.5.19 \ - 5.6.19 \ - 5.7.19 \ - 5.8.18 \ - 5.9.16 \ - 5.10.237 \ - 5.11.22 \ - 5.12.19 \ - 5.13.19 \ - 5.14.21 \ - 5.15.181 \ - 5.16.20 \ - 5.17.15 \ - 5.18.19 \ - 5.19.17 \ - 6.0.19 \ - 6.1.137 \ - 6.6.89 +# Kernel versions selected to cover major enterprise distros and recent mainline. +# Popular eBPF projects like cilium have moved to 5.10+ as their minimum +# supported kernel version, with an exception for RHEL. +# 4.18.20 - RHEL 8.10 +# 5.10.252 - Debian 11 / Amazon Linux 2 +# 5.14.21 - RHEL 9 +# 6.1.167 - Debian 12 / Amazon Linux 2023 +# 6.6.132 - Ubuntu 24.04 LTS +# 6.12.80 - latest LTS +# 6.18.21 - recent mainline +# 6.19.10 - latest mainline +LINUX_KERNEL_VERSIONS := 4.18.20 \ + 5.10.252 \ + 5.14.21 \ + 6.1.167 \ + 6.6.132 \ + 6.12.80 \ + 6.18.21 \ + 6.19.10 + LINUX_HEADER_TEMPLATE := linux-headers-%.tar.gz LINUX_HEADER_X86_64_TARGETS = $(addprefix $(LINUX_HEADER_ASSETS_BUILD_DIR)/, \ @@ -112,7 +102,6 @@ LINUX_HEADER_ARM64_TARGETS = $(addprefix $(LINUX_HEADER_ASSETS_BUILD_DIR)/, \ LINUX_HEADERS_X86_64_MERGED_FILE := $(LINUX_HEADER_BUILD_DIR)/linux-headers-merged-x86_64-$(LINUX_HEADERS_REV).tar.gz LINUX_HEADERS_ARM64_MERGED_FILE := $(LINUX_HEADER_BUILD_DIR)/linux-headers-merged-arm64-$(LINUX_HEADERS_REV).tar.gz -LINUX_HEADERS_GS_PATH := gs://pixie-dev-public/linux-headers/$(LINUX_HEADERS_REV) ## NATS image parameters. NATS_IMAGE_VERSION := 2.9.25 @@ -135,14 +124,13 @@ elasticsearch_image_tag := "gcr.io/pixie-oss/pixie-dev-public/elasticsearch:$(EL ## Linux kernel for qemu/BPF tests. KERNEL_BUILD_DIR := $(BUILD_DIR)/kernel_build -# 4.19.276, 4.14.304 are the correct versions here, but there is a bug with patch > 255. -KERNEL_BUILD_VERSIONS := 4.14.254 \ - 4.19.254 \ - 5.4.254 \ - 5.10.224 \ - 5.15.165 \ - 6.1.106 \ - 6.8.12 +KERNEL_BUILD_VERSIONS := 4.18.20 \ + 5.10.252 \ + 5.14.21 \ + 6.1.167 \ + 6.6.132 \ + 6.12.80 \ + 6.18.21 KERNEL_BUILD_TEMPLATE := linux-build-%.tar.gz KERNEL_BUILD_TARGETS = $(addprefix $(KERNEL_BUILD_DIR)/, $(patsubst %,$(KERNEL_BUILD_TEMPLATE), $(KERNEL_BUILD_VERSIONS))) @@ -251,7 +239,6 @@ $(LINUX_HEADERS_ARM64_MERGED_FILE): $(LINUX_HEADER_ARM64_TARGETS) .PHONY: upload_linux_headers upload_linux_headers: $(LINUX_HEADERS_X86_64_MERGED_FILE) $(LINUX_HEADERS_ARM64_MERGED_FILE) ## Target to build and upload linux headers image - gsutil cp $^ $(LINUX_HEADERS_GS_PATH) $(GH_RELEASE_UPLOAD) linux-headers $(LINUX_HEADERS_REV) $^ sha256sum $^ diff --git a/tools/docker/linux_headers_image/Dockerfile b/tools/docker/linux_headers_image/Dockerfile index 844e9632173..85bffb74d6f 100644 --- a/tools/docker/linux_headers_image/Dockerfile +++ b/tools/docker/linux_headers_image/Dockerfile @@ -31,14 +31,10 @@ RUN apt-get install -y -q build-essential \ libssl-dev \ flex \ bison \ - kmod \ - cpio \ rsync \ wget \ binutils-aarch64-linux-gnu \ gcc-aarch64-linux-gnu \ - dwarves \ - debhelper \ python3 WORKDIR /configs diff --git a/tools/docker/linux_headers_image/build_linux_headers.sh b/tools/docker/linux_headers_image/build_linux_headers.sh index 7f40674b657..74bbf260774 100644 --- a/tools/docker/linux_headers_image/build_linux_headers.sh +++ b/tools/docker/linux_headers_image/build_linux_headers.sh @@ -49,50 +49,48 @@ mkdir -p "${WORKSPACE}"/src pushd "${WORKSPACE}"/src || exit KERN_MAJ=$(echo "${KERN_VERSION}" | cut -d'.' -f1); -KERN_MIN=$(echo "${KERN_VERSION}" | cut -d'.' -f2); wget -nv http://mirrors.edge.kernel.org/pub/linux/kernel/v"${KERN_MAJ}".x/linux-"${KERN_VERSION}".tar.gz tar zxf linux-"${KERN_VERSION}".tar.gz pushd linux-"${KERN_VERSION}" || exit -cp /configs/"${ARCH}" .config -make ARCH="${ARCH}" olddefconfig -make ARCH="${ARCH}" clean - LOCALVERSION="-pl" -DEB_ARCH="${ARCH//x86_64/amd64}" -# binary builds are required for non git trees after linux v6.3 (inclusive). -# The .deb file suffix is also different. -TARGET='bindeb-pkg' -DEB_SUFFIX="-1_${DEB_ARCH}.deb" -if [ "${KERN_MAJ}" -lt 6 ] || { [ "${KERN_MAJ}" -le 6 ] && [ "${KERN_MIN}" -lt 3 ]; }; then - TARGET='deb-pkg' - DEB_SUFFIX="${LOCALVERSION}-1_${DEB_ARCH}.deb" -fi -echo "Building ${TARGET} for ${KERN_VERSION}${LOCALVERSION} (${ARCH})" +cp /configs/"${ARCH}" .config +make ARCH="${ARCH}" olddefconfig -make ARCH="${ARCH}" -j "$(nproc)" "${TARGET}" LOCALVERSION="${LOCALVERSION}" +# Only generate headers — no kernel or module compilation needed. +# 'make prepare' generates include/generated/ and arch/*/include/generated/ +# which are the only outputs we package. +echo "Generating headers for ${KERN_VERSION}${LOCALVERSION} (${ARCH})" +make ARCH="${ARCH}" prepare LOCALVERSION="${LOCALVERSION}" popd || exit popd || exit -# Extract headers into a tarball -dpkg -x src/linux-headers-"${KERN_VERSION}${LOCALVERSION}_${KERN_VERSION}${DEB_SUFFIX}" . +# Package headers into the same directory structure the old deb-pkg approach produced +# (usr/src/linux-headers-/{include,arch}). +KERNEL_ARCH="${ARCH//x86_64/x86}" +HEADERS_DIR="usr/src/linux-headers-${KERN_VERSION}${LOCALVERSION}" + +mkdir -p "${HEADERS_DIR}/arch" +cp -a "src/linux-${KERN_VERSION}/include" "${HEADERS_DIR}/" +cp -a "src/linux-${KERN_VERSION}/arch/${KERNEL_ARCH}" "${HEADERS_DIR}/arch/" # Remove broken symlinks -find usr/src/linux-headers-"${KERN_VERSION}${LOCALVERSION}" -xtype l -exec rm {} + - -# Remove uneeded files to reduce size -# Keep only: -# - usr/src/linux-headers-x.x.x-pl/include -# - usr/src/linux-headers-x.x.x-pl/arch/${ARCH} -# This reduces the size by a little over 2x. -rm -rf usr/share -find usr/src/linux-headers-"${KERN_VERSION}${LOCALVERSION}" -maxdepth 1 -mindepth 1 ! -name include ! -name arch -type d \ - -exec rm -rf {} + -find usr/src/linux-headers-"${KERN_VERSION}${LOCALVERSION}"/arch -maxdepth 1 -mindepth 1 ! -name "${ARCH//x86_64/x86}" -type d -exec rm -rf {} + +find "${HEADERS_DIR}" -xtype l -exec rm {} + + +# Remove non-header files from arch/ to reduce size. +# Only headers (.h), Makefiles, Kconfigs, and Kbuilds are needed. +find "${HEADERS_DIR}/arch" -type f \ + ! -name '*.h' \ + ! -name 'Makefile' \ + ! -name 'Kconfig*' \ + ! -name 'Kbuild*' \ + -delete +# Clean up empty directories left behind. +find "${HEADERS_DIR}/arch" -type d -empty -delete tar zcf linux-headers-"${ARCH}"-"${KERN_VERSION}".tar.gz usr