Build stable kernel package #123

Workflow file for this run

	name: Build stable kernel package

	on:
	workflow_dispatch:
	inputs:
	release:
	type: choice
	description: Release type
	options:
	- none
	- pre-release
	- release

	env:
	HOME: /home/runner
	KERNEL_STABLE_VER: 6.9.8
	PKGVER: 1
	LLVM_VER: 18.1.8

	jobs:
	apt:
	name: Setup dependencies
	runs-on: self-hosted
	steps:
	- run: \|
	sudo apt-get update \
	&& sudo apt-get install -y build-essential \
	bc kmod cpio flex libncurses-dev \
	libelf-dev libssl-dev dwarves bison \
	gawk openssl libssl-dev dkms libudev-dev \
	libpci-dev libiberty-dev autoconf \
	debhelper lz4 \
	&& if [ ! -d ~/llvm-${{ env.LLVM_VER }}-x86_64 ]; then
	curl -O https://mirrors.edge.kernel.org/pub/tools/llvm/files/llvm-${{ env.LLVM_VER }}-x86_64.tar.gz \
	&& tar avxf llvm-${{ env.LLVM_VER }}-x86_64.tar.gz -C ~/
	fi
	checkout:
	name: Checkout main repo
	needs: apt
	runs-on: self-hosted
	steps:
	- uses: actions/checkout@v4
	with:
	submodules: true

	download_source:
	name: Download linux kernel source
	needs: [apt, checkout]
	runs-on: self-hosted
	steps:
	- run: \|
	wget https://cdn.kernel.org/pub/linux/kernel/v6.x/linux-${{ env.KERNEL_STABLE_VER }}.tar.xz \
	&& tar xvf linux-${{ env.KERNEL_STABLE_VER }}.tar.xz

	apply_patch:
	name: Apply patches
	needs: [apt, checkout, download_source]
	runs-on: self-hosted
	steps:
	- working-directory: linux-${{ env.KERNEL_STABLE_VER }}
	run: \|
	patch -Np1 -i ../patches/kernel_compiler_patch/more-uarches-for-kernel-6.8-rc4+.patch
	for i in ../patches/xanmod/linux-6.9.y-xanmod/net/netfilter/FLOWOFFLOAD.patch \
	../patches/xanmod/linux-6.9.y-xanmod/net/tcp/bbr3/*.patch \
	../patches/xanmod/linux-6.9.y-xanmod/net/tcp/cloudflare/*.patch; do
	patch -Np1 -i ${i}
	done
	for i in $(grep '^Patch' ../patches/clearlinux/linux.spec \|\
	grep -Ev '^Patch0132\|^Patch0118\|^Patch0113\|^Patch0138\|^Patch0139\|^Patch0109\|^Patch0147\|^Patch0133' \| sed -n 's/.*: //p'); do
	if [ "${i}" == "0162-extra-optmization-flags.patch" ] ; then
	continue
	fi
	patch -Np1 -i "../patches/clearlinux/${i}"
	done
	patch -Np1 -i ../patches/cachy/6.9/0001-aes-crypto.patch
	patch -Np1 -i ../patches/cachy/6.9/0002-amd-pstate.patch
	patch -Np1 -i ../patches/cachy/6.9/0007-ksm.patch
	patch -Np1 -i ../patches/cachy/6.9/0010-zstd.patch
	patch -Np1 -i ../patches/tcp-brutal/0001-net-tcp_brutal-make-it-as-a-built-in-kernel-module.patch
	patch -Np1 -i ../patches/tcp-brutal/0002-net-tcp_brutal-use-div_u64-to-let-it-build-on-32-bit.patch
	patch -Np1 -i ../patches/bcm-fullcone/0001-netfilter-nat-add-brcm-fullcone-support.patch
	patch -Np1 -i ../patches/bcm-fullcone/0002-netfilter-nat-add-brcm-fullcone-nft-support.patch

	setup_config:
	name: Setup config
	needs: [apt, checkout, download_source, apply_patch]
	runs-on: self-hosted
	strategy:
	fail-fast: false
	max-parallel: 2
	matrix:
	config: [generic, cloud]
	steps:
	- working-directory: linux-${{ env.KERNEL_STABLE_VER }}
	run: \|
	scripts/config --file ../config.${{ matrix.config }} \
	--set-str LOCALVERSION "-egoist-${{ matrix.config }}"
	# Clang FULL-LTO
	scripts/config --file ../config.${{ matrix.config }} \
	-d LTO_NONE \
	-e LTO \
	-e LTO_CLANG \
	-e ARCH_SUPPORTS_LTO_CLANG \
	-e ARCH_SUPPORTS_LTO_CLANG_THIN \
	-e HAS_LTO_CLANG \
	-e LTO_CLANG_FULL \
	-e HAVE_GCC_PLUGINS
	# /proc/config.gz
	scripts/config --file ../config.${{ matrix.config }} \
	-e IKCONFIG \
	-e IKCONFIG_PROC
	# x86-64-v2
	scripts/config --file ../config.${{ matrix.config }} \
	-d GENERIC_CPU \
	-e GENERIC_CPU2
	# xt_FLOWOFFLOAD
	scripts/config --file ../config.${{ matrix.config }} \
	-e NETFILTER_XT_TARGET_FLOWOFFLOAD
	# BBR3
	scripts/config --file ../config.${{ matrix.config }} \
	-m TCP_CONG_CUBIC \
	-d DEFAULT_CUBIC \
	-e TCP_CONG_BBR \
	-e DEFAULT_BBR \
	--set-str DEFAULT_TCP_CONG bbr
	# BBR3 doesn't work properly with FQ_CODEL
	scripts/config --file ../config.${{ matrix.config }} \
	-m NET_SCH_FQ_CODEL \
	-e NET_SCH_FQ \
	-d DEFAULT_FQ_CODEL \
	-e DEFAULT_FQ \
	--set-str DEFAULT_NET_SCH fq
	# TCP Brutal
	scripts/config --file ../config.${{ matrix.config }} \
	-e TCP_CONG_BRUTAL
	# zswap
	scripts/config --file ../config.${{ matrix.config }} \
	-e ZPOOL \
	-e ZSWAP \
	-e ZSWAP_DEFAULT_ON \
	-d ZSWAP_COMPRESSOR_DEFAULT_LZO \
	-e ZSWAP_COMPRESSOR_DEFAULT_ZSTD \
	-e ZSWAP_ZPOOL_DEFAULT_ZSMALLOC \
	-e ZBUD \
	-m Z3FOLD \
	-e ZSMALLOC
	# NTFS3
	scripts/config --file ../config.${{ matrix.config }} \
	-m NTFS3_FS \
	-e NTFS3_LZX_XPRESS \
	-e NTFS3_FS_POSIX_ACL
	# SMB
	scripts/config --file ../config.${{ matrix.config }} \
	-m SMB_SERVER \
	-e SMB_SERVER_SMBDIRECT \
	-e SMB_SERVER_CHECK_CAP_NET_ADMIN \
	-e SMB_SERVER_KERBEROS5
	# Security
	scripts/config --file ../config.${{ matrix.config }} \
	-e SECURITY_SELINUX \
	-e SECURITY_SELINUX_BOOTPARAM \
	-e SECURITY_SMACK \
	-e SECURITY_SMACK_BRINGUP \
	-e SECURITY_SMACK_NETFILTER \
	-e SECURITY_SMACK_APPEND_SIGNALS \
	-e SECURITY_TOMOYO \
	-e SECURITY_APPARMOR \
	-e SECURITY_YAMA

	build_kernel:
	name: Build Kernel
	needs: [apt, checkout, download_source, apply_patch, setup_config]
	runs-on: self-hosted
	strategy:
	fail-fast: false
	max-parallel: 1
	matrix:
	config: [generic, cloud]
	steps:
	- working-directory: linux-${{ env.KERNEL_STABLE_VER }}
	env:
	DEBEMAIL: "love4taylor <[email protected]>"
	KDEB_COMPRESS: "xz"
	run: \|
	mkdir -p ../${{ matrix.config }}
	make \
	KBUILD_OUTPUT=../${{ matrix.config }} \
	KCONFIG_CONFIG=../config.${{ matrix.config }} \
	LLVM=~/llvm-${{ env.LLVM_VER }}-x86_64/bin/ \
	LLVM_IAS=1 \
	olddefconfig
	make \
	KBUILD_OUTPUT=../${{ matrix.config }} \
	KCONFIG_CONFIG=../config.${{ matrix.config }} \
	KDEB_PKGVERSION=$(make kernelversion)-${{ env.PKGVER }} \
	LLVM=~/llvm-${{ env.LLVM_VER }}-x86_64/bin/ \
	LLVM_IAS=1 \
	-j`nproc` \
	bindeb-pkg

	upload_config:
	name: Upload config
	needs: [apt, checkout, download_source, apply_patch, setup_config, build_kernel]
	runs-on: self-hosted
	strategy:
	fail-fast: false
	max-parallel: 2
	matrix:
	config: [generic, cloud]
	steps:
	- uses: actions/upload-artifact@v4
	with:
	name: config.${{ matrix.config }}
	path: config.${{ matrix.config }}

	upload_deb:
	name: Upload deb
	needs: [apt, checkout, download_source, apply_patch, setup_config, build_kernel]
	runs-on: self-hosted
	strategy:
	fail-fast: false
	max-parallel: 2
	matrix:
	config: [generic, cloud]
	steps:
	- uses: actions/upload-artifact@v4
	with:
	name: deb.${{ matrix.config }}
	path: \|
	linux-image-${{ env.KERNEL_STABLE_VER }}-egoist-${{ matrix.config }}_${{ env.KERNEL_STABLE_VER }}-${{ env.PKGVER }}_amd64.deb
	linux-headers-${{ env.KERNEL_STABLE_VER }}-egoist-${{ matrix.config }}_${{ env.KERNEL_STABLE_VER }}-${{ env.PKGVER }}_amd64.deb
	linux-libc-dev_${{ env.KERNEL_STABLE_VER }}-${{ env.PKGVER }}_amd64.deb
	compression-level: 0

	release:
	name: Release
	needs: [apt, checkout, download_source, apply_patch, setup_config, build_kernel]
	runs-on: self-hosted
	strategy:
	fail-fast: false
	matrix:
	config: [generic, cloud]
	steps:
	- if: ${{ github.event.inputs.release != 'none' }}
	uses: ncipollo/release-action@v1
	with:
	allowUpdates: true
	artifacts: \|
	linux-image-${{ env.KERNEL_STABLE_VER }}-egoist-${{ matrix.config }}_${{ env.KERNEL_STABLE_VER }}-${{ env.PKGVER }}_amd64.deb
	linux-headers-${{ env.KERNEL_STABLE_VER }}-egoist-${{ matrix.config }}_${{ env.KERNEL_STABLE_VER }}-${{ env.PKGVER }}_amd64.deb
	linux-libc-dev_${{ env.KERNEL_STABLE_VER }}-${{ env.PKGVER }}_amd64.deb
	prerelease: ${{ github.event.inputs.release == 'pre-release' }}
	makeLatest: ${{ github.event.inputs.release == 'release' }}
	tag: ${{ env.KERNEL_STABLE_VER }}-${{ env.PKGVER }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Build stable kernel package #123

Workflow file

Build stable kernel package #123

Jobs

Run details

Workflow file for this run