From Fedora Project Wiki

No edit summary
Line 144: Line 144:
== Where is the code from which the packages are built? ==
== Where is the code from which the packages are built? ==


The code can be found [https://gitlab.com/knurd42/linux/ at gitlab.com/knurd42/linux/] in branches whose names start with ‘ark-vanilla-. They are called that, as they generate the SRPMs later built using the [https://gitlab.com/cki-project/kernel-ark kernel-ark infrastructure], just like the regular kernel SRPMs in Fedora are.
The packages in the kernel vanilla repositories for Fedora Linux are built using the [https://gitlab.com/cki-project/kernel-ark kernel-ark infrastructure], just like the regular kernel SRPMs in Fedora Linux are.
 
The code can be found in various branches [https://gitlab.com/knurd42/linux/ at gitlab.com/knurd42/linux/]:
 
* branches like `ark-infra-os-build` and `ark-infra-fedora-6.2` are forks of the [https://gitlab.com/cki-project/kernel-ark kernel-ark] branches like os-build and fedora-6.2, but with modifications for vanilla builds. These branches are normally not rebased, unless kernel-ark does rebase their branches.
 
* branches like `ark-patches-mainline` or `ark-patches-stable-6.2` are tracking the Linux upstream trees; they when needed hold patches to avoid known build-problems that otherwise would prevent vanilla builds. Such situations are rare, these branches thus most of the time are identical to upstream. These branches are rebased before each build.
 
* the vanilla packages are build from branches like `ark-vanilla-mainline` or `ark-vanilla-stable-6.2`. They are rebased for every build, as they get generated on-the-fly by taking a patches branch (say `ark-patches-mainline`) as new base and importing the ark-infra from one of the ark-infra branches (`ark-infra-os-build` for next and mainline; branches like `ark-infra-fedora-6.2` for stable-rc, stable, and fedora).
 
With this git can easily merge the latest ark-infra changes from the kernel-ark repo into branches that hold changes for vanilla builds.
 
All these branches are maintained with the help of [https://gitlab.com/knurd42/helpers-ark-vanilla some scripts]. They watch out for changes to the kernel-ark infra, new Linux releases, and kick of new builds automatically or on request.


== Can I help? ==
== Can I help? ==

Revision as of 06:20, 23 March 2023

Frequently asked questions about the kernel vanilla repositories for Fedora.

FAQ for users

What is the goal of these repositories?

The main idea is to help upstream development, which in the end will benefit Fedora as well:

  • With the packages from the @kernel-vanilla/mainline repository it for example is quite easy to test code early that at some point will land in Fedora Linux. In other words: the repository thus allows people to find, report, and eliminate bugs so that they never even hit Fedora. The packages also make it easy to check if a particular bug you encountered is already fixed upstream, as all bug-fixes have to land in mainline before they are considered for backporting to stable and longterm kernels.
  • The situation with @kernel-vanilla/stable repository is similar to the @kernel-vanilla/mainline, you are just not that much ahead of Fedora’s kernels, as they often follow stable quite closely.
  • The kernels from the @kernel-vanilla/fedora repository allow you to check if a bug happening with Fedora’s kernel is present upstream or caused by one of the patches Fedora applied.

In general, these kernels make it simple to directly interact with upstream developers. That way users don't have to bother Fedora’s kernel maintainers, who often are buried in work and lack the manpower to look into issues that only happen in certain, not that common environments (for example only on a single Laptop).

Are the kernels from the kernel vanilla repositories as good as those Fedora provides?

For many people they just as fine, but in the end they are not as good:

  • The kernels shipped in the official Fedora repositories are tested by many people before they reach regular users; the kernels from the kernel vanilla repositories see no testing before being uploaded to the repositories.
  • The official Fedora kernels don’t require you to turn off UEFI Secure Boot.
  • The developers that take care of the kernel package in Fedora are far more experienced developers than the maintainers of the kernel vanilla repositories.
  • The official Fedora kernels sometimes contain fixes for security vulnerabilities or other crucial bugs before the problem is fixed upstream; on the other hand, you often will receive fixes a bit quicker by using these repositories if they are applied upstream first.

In the end though, using kernels from the kernel vanilla repositories is not any more dangerous than installing a Linux version using the sources from kernel.org yourself.

Why so many repos? This looks stupid and over-engineered!

Yes, it might look over-engineered at the first sight, but allows us to serve multiple use-cases with nearly no overhead. And once you look closer you'll notice that most of the time those four repositories contain only two Linux kernel versions per Fedora release.

Kernel.org frontpage on 2018-04-09

To explain this a bit more lets for example take a look April 9th, 2018. Back then…

  • Linux 4.17 had one week into development, thus Linux 4.17-rc1 was still one week away.
  • Linux 4.16 was one week old and the first stable release 4.16.1 had just been released.
  • Linux 4.15.y was still supported upstream and 4.15.16 had just been released.

At the same time…

  • Fedora 29 was prepared in Rawhide, which contained a mainline snapshot (4.17-pre-rc1).
  • Fedora 28 was in Beta and contained 4.16.y.
  • Fedora 27 and 26 were the current releases and contained a kernel based on Linux 4.15.y.

In this particular point in time there were…

  • users that wanted the latest mainline snapshots (4.17-pre-rc1)
  • users that normally wanted the latest mainline snapshots, except during the busy merge window when most of the changes happen, as the risk of bad bugs is a bit bigger in those two weeks; those users thus wanted the latest stable release (4.16.1)
  • users that just wanted to use the latest Linux stable release (4.16.1)
  • users that wanted to check if a problem they face with a Fedora kernel might be due to a patch that Fedora applied to their kernels (4.15.16 for Fedora 27 and 26)
Kernel vanilla repositories on 20180409

And that's why there are four repositories, to serve each of those users what they wanted:

  • @kernel-vanilla/mainline shipped a mainline snapshot (4.17-pre-rc1).
  • @kernel-vanilla/mainline-wo-mergew shipped the latest stable release (4.16.1, but will jump to 4.17-rc1 once it's released).
  • @kernel-vanilla/stable also shipped the latest stable release (4.16.1)
  • @kernel-vanilla/fedora shipped a vanilla build of the kernel version that release is using; hence F29/rawhide had a mainline snapshot (4.17-pre-rc1), F28 had the lastest stable release (4.16.1) and F27 and F26 had the stable release from the previous version line (4.15.16).

Two or three weeks later F26 and F27 had made the jump to 4.16 and the merge window was over. Then @kernel-vanilla/mainline and @kernel-vanilla/mainline-wo-mergew both provided a 4.17 prerelease; @kernel-vanilla/stable, @kernel-vanilla/stable-rc, and @kernel-vanilla/fedora all provided the same 4.16.x kernel.

Can we trust the people behind the kernel vanilla repositories?

You have to decide for yourself.

If it is any help: some people that have used or contributed to Fedora regularly will know that Thorsten (the main maintainer for these repositories) has quite a history of Fedora contributions, even if he is not very active in Fedora these days. You can assume he has no interest in ruining his reputation quickly by providing crappy packages in these repositories. On the other hand you should know that Thorsten is not a real kernel developer, so expect an occasional mistake along the way. And be reminded that using vanilla kernels has some known downsides and risks (see below).

Are the vanilla kernels tested before publication?

No, as they are built with Fedora’s Copr infrastructure, which doesn’t offer a simple way to test newly built packages before their publication. But all kernels shortly afterwards are booted in a virtual machine to rule out any packaging issues (but those are extremely rare anyway). Thorsten also regularly uses the x86_64 builds from the @kernel-vanilla/mainline-wo-mergew repository, either on the latest Fedora release or a pre-release of the next one; but he doesn't reboot every day and hence won’t give each of the builds a try run.

Are the kernels safe to use?

That depends on your definition of 'safe'.

The Linux kernel is a complex piece of software and thus contains bugs. Those bugs in the past led to data loss a few times; in extremely rare situations they even damaged hardware. Bugs like that often only show up under specific circumstances, as they otherwise likely would have been found and fixed earlier already. Specific circumstances for example can be a specific mix of hardware used in combinations with a specific kernel version built with a particular set of configuration options. Nevertheless, in the end it is unlikely that such a bug makes it into one of the non-development kernels from the kernel vanilla repositories, but there is still a very small chance for that to happen.

Note that self compiled kernels bear exactly the same risk; chances of hitting serious bugs are lower for kernels that have undergone widespread testing already, as those found in the official Fedora repositories.

In other words: The kernels from the kernel vanilla repositories will work just fine for most people. But use them at your own risk and have current backups at hand, as you always should.

Will everything continue to work with these kernels as it does with the official Fedora kernels?

Most of the time yes, but in a few not that common situations it might not. That’s for example the case if Fedora’s kernels include a fix for an issue not yet fixed upstream. This is not that common, but within the cards; you on the other hand sometimes get bugfixed earlier with the kernels from these repositories.

Where to report bugs

If the Linux kernels in the packages from these repositories show any bugs please report them upstream to the Linux kernel developers, just as you would after installing a Linux kernel yourself using the sources available at kernel.org; that way all the bug reports go to the place where the people hang out that know how to fix them.

In case there are bugs in the packaging sent a mail to Thorsten Leemhuis (aka "knurd").

How can I avoid switching back and forth between vanilla kernels and Fedora kernels ?

This normally shouldn’t happen, as the kernel vanilla repositories typically contain packages package managers will consider as newer than the Fedora kernel. And if they nevertheless lag behind that’s likely because the maintainers of the kernel vanilla repositories are inactive for some good or bad reason – hence it might be wise to temporarily switch back to the Fedora kernel. If you nevertheless want to avoid that, add 'exclude=kernel*' to the first section of the following files in /etc/yum.repos.d/: fedora.repo, fedora-updates.repo, fedora-updates-testing.repo

Will this repository also ship updated userland components like drivers or udev that match the kernels in the repositories?

No, as there should be no need to, as the interfaces between the kernel and userland software should never change in incompatible ways; Linus Torvalds makes this pretty clear every so often.

Nevertheless in very rare situations there might be a strong reason to include such a package to avoid breakage for many users; in that case these repositories might include a package to prevent those issues.

Do you plan to provide packages for longterm (aka LTS) kernels

That’s very unlikely, as using a Linux kernel version from a series older than the one used by the particular Fedora release can lead to issues. Providing such kernels hence would not provide a good user-experience, unless Fedora itself starts to ship longterm kernels.

Additionally, the main goal of the kernel vanilla repositories for Fedora is to help upstream kernel development – longterm kernels don’t line up well with that, as they are quite a bit away from mainline development and a dead end.

Are debug features enabled in the vanilla builds?

Only those that Fedora enables in their stock kernels – hence, there are none enabled that are known to have a significant performance overhead.

Do you plan to provide packages for "linux-rt" as well?

Maybe. It depends on the interest and how hard setup and maintenance would be. Get in contact if you think investing time in these areas makes sense – or might want to help with the work.

Do you plan to provide vanilla kernels for RHEL and its derivatives?

For now it was decided to stay out of that business, even if it sounds like a good addition. There are several reasons for that. There for example are people more familiar with these distributions provide such packages already. It would mean additional work for the maintainers of this repository, too.

What configuration do those kernels use?

The configuration is pretty close to Fedora’s kernels. Which config exactly depends on the repo and branch; the kernels in @kernel-vanilla/fedora use a config that is basically identical to the kernel in the latest stable Fedora release, while those in @kernel-vanilla/mainline will be based on the config from Fedora’s rawhide kernel.

Why don't you put these kernels in Fedora’s main repositories?

The idea is not new, but the consensus in the Fedora project as far as we can see is this: that's not a good idea, as it divides the user base; it also would make the vanilla Linux kernels more 'official' and people might simply use them without knowing their downsides. Putting the kernels in a well known and widely used external add-on repository for Fedora might make sense, but some problems would be similar.

That's the long story, rough and short. And sure, there are reasons why having vanilla kernels in the main repositories would make sense. Feel free to start a discussion on the Fedora devel and the Fedora kernel mailing list, we'll watch and might jump in.

But in the end the best approach would be to reduce the number of patches the Fedora kernel developers include to zero or something very close to that, as then some of the repos this effort provides wouldn’t be necessary at all.

Are those kernels really unpatched?

Yes, apart from a handful of very small changes that are needed for packaging.

That being said: in very rare situations we might include a patch to fix build problems. That normally only happens for mainline builds; those fixes often head upstream quickly and hence vanish from the vanilla packages pretty soon again.

How up2date will those repositories be?

Most of the time they are quite up to date. But the maintainers of the kernel vanilla repositories do the work in their spare time. Sometimes the day job and this strange thing called 'real life' leaves not much time to work on these repositories, which will lead to a bigger lag.

FAQ for contributors and developers

Can you please include the patch found at <URL>?

No. Convince upstream to merge that patch, then the change you are interested in will automatically show up in these packages. And even better: it will automatically get into Fedora and other distributions, too!

Where is the code from which the packages are built?

The packages in the kernel vanilla repositories for Fedora Linux are built using the kernel-ark infrastructure, just like the regular kernel SRPMs in Fedora Linux are.

The code can be found in various branches at gitlab.com/knurd42/linux/:

  • branches like ark-infra-os-build and ark-infra-fedora-6.2 are forks of the kernel-ark branches like os-build and fedora-6.2, but with modifications for vanilla builds. These branches are normally not rebased, unless kernel-ark does rebase their branches.
  • branches like ark-patches-mainline or ark-patches-stable-6.2 are tracking the Linux upstream trees; they when needed hold patches to avoid known build-problems that otherwise would prevent vanilla builds. Such situations are rare, these branches thus most of the time are identical to upstream. These branches are rebased before each build.
  • the vanilla packages are build from branches like ark-vanilla-mainline or ark-vanilla-stable-6.2. They are rebased for every build, as they get generated on-the-fly by taking a patches branch (say ark-patches-mainline) as new base and importing the ark-infra from one of the ark-infra branches (ark-infra-os-build for next and mainline; branches like ark-infra-fedora-6.2 for stable-rc, stable, and fedora).

With this git can easily merge the latest ark-infra changes from the kernel-ark repo into branches that hold changes for vanilla builds.

All these branches are maintained with the help of some scripts. They watch out for changes to the kernel-ark infra, new Linux releases, and kick of new builds automatically or on request.

Can I help?

Of course. Talk to Thorsten; best if you come with some ideas what you can and want to do.

Do you work together with the developers that maintain Fedora's kernel packages?

We know about each other and talk occasionally..

Please stop providing alternative kernel packages, they take attention away from the kernel packages Fedora provides and thus harm Fedora!

That's a valid concern, but we think the benefits outweigh the downsides.

That again is the long story short. Just to get a little deeper into it and show a different view on the matter at hand: similar arguments could be used to argue that Fedora should stop shipping patched kernels, as they take attention away from the upstream kernel. Up to a point such an argument is valid, too, but there are good reasons why Fedora patches its kernels.