Ch 6.12.8 kernel 1.4

.github/workflows/release.yaml

@@ -1,22 +1,48 @@
 name: Cloud Hypervisor Linux Release
 on: [create]
 
+permissions:
+  contents: write
+
 jobs:
   release:
     if: github.event_name == 'create' && github.event.ref_type == 'tag'
     name: Release
-    runs-on: ubuntu-22.04
+    runs-on: [self-hosted, linux, x64, kvm]
+    env:
+      # Static link host tools so they don't depend on build host's glibc version
+      HOSTLDFLAGS: "-static -lz"
     steps:
      - name: Code checkout
        uses: actions/checkout@v4
        with:
         fetch-depth: 1
      - name: Install build tools
-       run: sudo apt install build-essential flex bison libssl-dev libelf-dev bc gcc-aarch64-linux-gnu gcc-riscv64-linux-gnu
+       run: sudo apt install -y build-essential flex bison libssl-dev libelf-dev zlib1g-dev bc gcc-aarch64-linux-gnu gcc-riscv64-linux-gnu
      - name: Configure (aarch64)
        run: ARCH=arm64 CROSS_COMPILE=aarch64-linux-gnu- make ch_defconfig
      - name: Build (aarch64)
        run: ARCH=arm64 CROSS_COMPILE=aarch64-linux-gnu- make Image.gz -j `nproc`
+     - name: Build kernel modules (aarch64)
+       run: ARCH=arm64 CROSS_COMPILE=aarch64-linux-gnu- make modules -j `nproc`
+     - name: Package kernel headers (aarch64)
+       run: |
+         KVER=$(ARCH=arm64 make -s kernelrelease)
+         HEADERS_DIR="$(pwd)/kernel-headers-arm64"
+
+         # Use the kernel's built-in script via make run-command to ensure proper env vars
+         mkdir -p "${HEADERS_DIR}"
+         ARCH=arm64 make run-command KBUILD_RUN_COMMAND="\${srctree}/scripts/package/install-extmod-build ${HEADERS_DIR}"
+
+         # Add System.map and .config
+         cp System.map "${HEADERS_DIR}/"
+         cp .config "${HEADERS_DIR}/"
+
+         # Package just the headers contents (flat structure)
+         tar czf kernel-headers-aarch64.tar.gz -C "${HEADERS_DIR}" .
+
+         echo "Kernel headers packaged for ${KVER} (aarch64):"
+         du -sh kernel-headers-aarch64.tar.gz
      - name: Configure (riscv64)
        run: ARCH=riscv CROSS_COMPILE=riscv64-linux-gnu- make ch_defconfig
      - name: Build (riscv64)
@@ -25,6 +51,48 @@ jobs:
        run: make ch_defconfig
      - name: Build kernel (x86-64)
        run: CFLAGS="-Wa,-mx86-used-note=no" make bzImage -j `nproc`
+     - name: Build kernel modules (x86-64)
+       run: make modules -j `nproc`
+     - name: Package kernel headers (x86-64)
+       run: |
+         KVER=$(make -s kernelrelease)
+         HEADERS_DIR="$(pwd)/kernel-headers-x86"
+
+         # Use the kernel's built-in script via make run-command to ensure proper env vars
+         mkdir -p "${HEADERS_DIR}"
+         make run-command KBUILD_RUN_COMMAND="\${srctree}/scripts/package/install-extmod-build ${HEADERS_DIR}"
+
+         # Add System.map and .config (useful for debugging and some build scenarios)
+         cp System.map "${HEADERS_DIR}/"
+         cp .config "${HEADERS_DIR}/"
+
+         # Package just the headers contents (flat structure)
+         tar czf kernel-headers-x86_64.tar.gz -C "${HEADERS_DIR}" .
+
+         echo "Kernel headers packaged for ${KVER}:"
+         du -sh kernel-headers-x86_64.tar.gz
+     - name: Verify tools are statically linked
+       run: |
+         echo "Checking that host tools are statically linked..."
+         FAILED=0
+         for tool in kernel-headers-x86/scripts/basic/fixdep \
+                     kernel-headers-x86/scripts/mod/modpost \
+                     kernel-headers-x86/tools/objtool/objtool; do
+           if [ -f "$tool" ]; then
+             if file "$tool" | grep -q "statically linked"; then
+               echo "✓ $tool: statically linked"
+             else
+               echo "✗ $tool: DYNAMICALLY LINKED - this will cause glibc compatibility issues!"
+               file "$tool"
+               FAILED=1
+             fi
+           fi
+         done
+         if [ $FAILED -eq 1 ]; then
+           echo "ERROR: Some tools are dynamically linked. Check HOSTLDFLAGS setting."
+           exit 1
+         fi
+         echo "All tools verified as statically linked."
      - name: Create release
        id: create_release
        uses: actions/create-release@v1
@@ -52,6 +120,24 @@ jobs:
          asset_path: vmlinux
          asset_name: vmlinux-x86_64
          asset_content_type: application/octet-stream
+     - name: Upload kernel headers for x86_64
+       uses: actions/upload-release-asset@v1
+       env:
+         GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+       with:
+         upload_url: ${{ steps.create_release.outputs.upload_url }}
+         asset_path: kernel-headers-x86_64.tar.gz
+         asset_name: kernel-headers-x86_64.tar.gz
+         asset_content_type: application/gzip
+     - name: Upload kernel headers for aarch64
+       uses: actions/upload-release-asset@v1
+       env:
+         GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+       with:
+         upload_url: ${{ steps.create_release.outputs.upload_url }}
+         asset_path: kernel-headers-aarch64.tar.gz
+         asset_name: kernel-headers-aarch64.tar.gz
+         asset_content_type: application/gzip
      - name: Upload Image.gz for aarch64
        uses: actions/upload-release-asset@v1
        env:

arch/arm64/configs/ch_defconfig

@@ -33,7 +33,7 @@ CONFIG_LOCALVERSION=""
 # CONFIG_LOCALVERSION_AUTO is not set
 CONFIG_BUILD_SALT=""
 CONFIG_DEFAULT_INIT=""
-CONFIG_DEFAULT_HOSTNAME="cloud-hypervisor"
+CONFIG_DEFAULT_HOSTNAME="hypeman"
 CONFIG_SYSVIPC=y
 CONFIG_SYSVIPC_SYSCTL=y
 CONFIG_POSIX_MQUEUE=y
@@ -137,7 +137,8 @@ CONFIG_RCU_STALL_COMMON=y
 CONFIG_RCU_NEED_SEGCBLIST=y
 # end of RCU Subsystem
 
-# CONFIG_IKCONFIG is not set
+CONFIG_IKCONFIG=y
+CONFIG_IKCONFIG_PROC=y
 # CONFIG_IKHEADERS is not set
 CONFIG_LOG_BUF_SHIFT=21
 CONFIG_LOG_CPU_MAX_BUF_SHIFT=12
@@ -215,7 +216,7 @@ CONFIG_LD_ORPHAN_WARN=y
 CONFIG_LD_ORPHAN_WARN_LEVEL="warn"
 CONFIG_SYSCTL=y
 CONFIG_SYSCTL_EXCEPTION_TRACE=y
-CONFIG_EXPERT=y
+# CONFIG_EXPERT is not set
 CONFIG_MULTIUSER=y
 CONFIG_SGETMASK_SYSCALL=y
 CONFIG_SYSFS_SYSCALL=y
@@ -793,7 +794,9 @@ CONFIG_FUNCTION_ALIGNMENT=4
 # end of General architecture-dependent options
 
 CONFIG_RT_MUTEXES=y
-# CONFIG_MODULES is not set
+CONFIG_MODULES=y
+CONFIG_MODULE_UNLOAD=y
+CONFIG_MODVERSIONS=y
 CONFIG_BLOCK=y
 CONFIG_BLOCK_LEGACY_AUTOLOAD=y
 CONFIG_BLK_CGROUP_RWSTAT=y
@@ -1117,14 +1120,19 @@ CONFIG_DEFAULT_TCP_CONG="cubic"
 # CONFIG_NETWORK_SECMARK is not set
 CONFIG_NET_PTP_CLASSIFY=y
 # CONFIG_NETWORK_PHY_TIMESTAMPING is not set
-# CONFIG_NETFILTER is not set
+CONFIG_NETFILTER=y
+CONFIG_NF_CONNTRACK=y
+CONFIG_NF_NAT=y
+CONFIG_IP_NF_IPTABLES=y
+CONFIG_IP_NF_NAT=y
+CONFIG_IP_NF_TARGET_MASQUERADE=y
 # CONFIG_IP_DCCP is not set
 # CONFIG_IP_SCTP is not set
 # CONFIG_RDS is not set
 # CONFIG_TIPC is not set
 # CONFIG_ATM is not set
 # CONFIG_L2TP is not set
-# CONFIG_BRIDGE is not set
+CONFIG_BRIDGE=y
 # CONFIG_NET_DSA is not set
 # CONFIG_VLAN_8021Q is not set
 # CONFIG_LLC2 is not set
@@ -1141,8 +1149,6 @@ CONFIG_NET_PTP_CLASSIFY=y
 CONFIG_VSOCKETS=y
 CONFIG_VSOCKETS_DIAG=y
 # CONFIG_VSOCKETS_LOOPBACK is not set
-CONFIG_VIRTIO_VSOCKETS=y
-CONFIG_VIRTIO_VSOCKETS_COMMON=y
 # CONFIG_NETLINK_DIAG is not set
 # CONFIG_MPLS is not set
 # CONFIG_NET_NSH is not set
@@ -2003,7 +2009,8 @@ CONFIG_BCMA_POSSIBLE=y
 #
 CONFIG_VIDEO=y
 # CONFIG_AUXDISPLAY is not set
-# CONFIG_DRM is not set
+CONFIG_DRM=y
+CONFIG_DRM_BOCHS=y
 
 #
 # Frame buffer Devices
@@ -2326,6 +2333,8 @@ CONFIG_VIRTIO_MEM=y
 CONFIG_VIRTIO_INPUT=y
 CONFIG_VIRTIO_MMIO=y
 CONFIG_VIRTIO_MMIO_CMDLINE_DEVICES=y
+CONFIG_VIRTIO_VSOCKETS=y
+CONFIG_VIRTIO_VSOCKETS_COMMON=y
 # CONFIG_VIRTIO_DEBUG is not set
 # CONFIG_VDPA is not set
 CONFIG_VHOST_MENU=y
@@ -2682,9 +2691,8 @@ CONFIG_VIRTIO_FS=y
 CONFIG_FUSE_DAX=y
 CONFIG_FUSE_PASSTHROUGH=y
 CONFIG_OVERLAY_FS=y
-# CONFIG_OVERLAY_FS_REDIRECT_DIR is not set
-CONFIG_OVERLAY_FS_REDIRECT_ALWAYS_FOLLOW=y
-# CONFIG_OVERLAY_FS_INDEX is not set
+CONFIG_OVERLAY_FS_REDIRECT_DIR=y
+CONFIG_OVERLAY_FS_INDEX=y
 # CONFIG_OVERLAY_FS_XINO_AUTO is not set
 # CONFIG_OVERLAY_FS_METACOPY is not set
 # CONFIG_OVERLAY_FS_DEBUG is not set
@@ -2777,7 +2785,12 @@ CONFIG_SQUASHFS_FRAGMENT_CACHE_SIZE=3
 # CONFIG_PSTORE is not set
 # CONFIG_SYSV_FS is not set
 # CONFIG_UFS_FS is not set
-# CONFIG_EROFS_FS is not set
+CONFIG_EROFS_FS=y
+CONFIG_EROFS_FS_XATTR=y
+CONFIG_EROFS_FS_POSIX_ACL=y
+CONFIG_EROFS_FS_SECURITY=y
+CONFIG_EROFS_FS_ZIP=y
+CONFIG_EROFS_FS_ZIP_LZMA=y
 # CONFIG_NETWORK_FILESYSTEMS is not set
 CONFIG_NLS=y
 CONFIG_NLS_DEFAULT="utf8"

arch/riscv/configs/ch_defconfig

@@ -50,7 +50,7 @@ CONFIG_KERNEL_GZIP=y
 # CONFIG_KERNEL_ZSTD is not set
 # CONFIG_KERNEL_UNCOMPRESSED is not set
 CONFIG_DEFAULT_INIT=""
-CONFIG_DEFAULT_HOSTNAME="cloud-hypervisor"
+CONFIG_DEFAULT_HOSTNAME="hypeman"
 CONFIG_SYSVIPC=y
 CONFIG_SYSVIPC_SYSCTL=y
 CONFIG_POSIX_MQUEUE=y
@@ -153,7 +153,8 @@ CONFIG_RCU_STALL_COMMON=y
 CONFIG_RCU_NEED_SEGCBLIST=y
 # end of RCU Subsystem
 
-# CONFIG_IKCONFIG is not set
+CONFIG_IKCONFIG=y
+CONFIG_IKCONFIG_PROC=y
 # CONFIG_IKHEADERS is not set
 CONFIG_LOG_BUF_SHIFT=21
 CONFIG_LOG_CPU_MAX_BUF_SHIFT=12
@@ -234,7 +235,7 @@ CONFIG_LD_ORPHAN_WARN_LEVEL="warn"
 CONFIG_SYSCTL=y
 CONFIG_SYSCTL_EXCEPTION_TRACE=y
 CONFIG_SYSCTL_ARCH_UNALIGN_ALLOW=y
-CONFIG_EXPERT=y
+# CONFIG_EXPERT is not set
 CONFIG_MULTIUSER=y
 CONFIG_SGETMASK_SYSCALL=y
 CONFIG_SYSFS_SYSCALL=y
@@ -654,7 +655,9 @@ CONFIG_FUNCTION_ALIGNMENT=0
 # end of General architecture-dependent options
 
 CONFIG_RT_MUTEXES=y
-# CONFIG_MODULES is not set
+CONFIG_MODULES=y
+CONFIG_MODULE_UNLOAD=y
+CONFIG_MODVERSIONS=y
 CONFIG_BLOCK=y
 CONFIG_BLOCK_LEGACY_AUTOLOAD=y
 CONFIG_BLK_CGROUP_RWSTAT=y
@@ -923,14 +926,19 @@ CONFIG_DEFAULT_TCP_CONG="cubic"
 # CONFIG_NETWORK_SECMARK is not set
 CONFIG_NET_PTP_CLASSIFY=y
 # CONFIG_NETWORK_PHY_TIMESTAMPING is not set
-# CONFIG_NETFILTER is not set
+CONFIG_NETFILTER=y
+CONFIG_NF_CONNTRACK=y
+CONFIG_NF_NAT=y
+CONFIG_IP_NF_IPTABLES=y
+CONFIG_IP_NF_NAT=y
+CONFIG_IP_NF_TARGET_MASQUERADE=y
 # CONFIG_IP_DCCP is not set
 # CONFIG_IP_SCTP is not set
 # CONFIG_RDS is not set
 # CONFIG_TIPC is not set
 # CONFIG_ATM is not set
 # CONFIG_L2TP is not set
-# CONFIG_BRIDGE is not set
+CONFIG_BRIDGE=y
 # CONFIG_NET_DSA is not set
 # CONFIG_VLAN_8021Q is not set
 # CONFIG_LLC2 is not set
@@ -947,8 +955,6 @@ CONFIG_NET_PTP_CLASSIFY=y
 CONFIG_VSOCKETS=y
 CONFIG_VSOCKETS_DIAG=y
 # CONFIG_VSOCKETS_LOOPBACK is not set
-CONFIG_VIRTIO_VSOCKETS=y
-CONFIG_VIRTIO_VSOCKETS_COMMON=y
 # CONFIG_NETLINK_DIAG is not set
 # CONFIG_MPLS is not set
 # CONFIG_NET_NSH is not set
@@ -1770,7 +1776,8 @@ CONFIG_BCMA_POSSIBLE=y
 #
 CONFIG_VIDEO=y
 # CONFIG_AUXDISPLAY is not set
-# CONFIG_DRM is not set
+CONFIG_DRM=y
+CONFIG_DRM_BOCHS=y
 
 #
 # Frame buffer Devices
@@ -2077,6 +2084,8 @@ CONFIG_VIRTIO_MEM=y
 CONFIG_VIRTIO_INPUT=y
 CONFIG_VIRTIO_MMIO=y
 CONFIG_VIRTIO_MMIO_CMDLINE_DEVICES=y
+CONFIG_VIRTIO_VSOCKETS=y
+CONFIG_VIRTIO_VSOCKETS_COMMON=y
 # CONFIG_VIRTIO_DEBUG is not set
 # CONFIG_VDPA is not set
 CONFIG_VHOST_MENU=y
@@ -2380,9 +2389,8 @@ CONFIG_VIRTIO_FS=y
 CONFIG_FUSE_DAX=y
 CONFIG_FUSE_PASSTHROUGH=y
 CONFIG_OVERLAY_FS=y
-# CONFIG_OVERLAY_FS_REDIRECT_DIR is not set
-CONFIG_OVERLAY_FS_REDIRECT_ALWAYS_FOLLOW=y
-# CONFIG_OVERLAY_FS_INDEX is not set
+CONFIG_OVERLAY_FS_REDIRECT_DIR=y
+CONFIG_OVERLAY_FS_INDEX=y
 # CONFIG_OVERLAY_FS_XINO_AUTO is not set
 # CONFIG_OVERLAY_FS_METACOPY is not set
 # CONFIG_OVERLAY_FS_DEBUG is not set
@@ -2477,7 +2485,12 @@ CONFIG_SQUASHFS_FRAGMENT_CACHE_SIZE=3
 # CONFIG_PSTORE is not set
 # CONFIG_SYSV_FS is not set
 # CONFIG_UFS_FS is not set
-# CONFIG_EROFS_FS is not set
+CONFIG_EROFS_FS=y
+CONFIG_EROFS_FS_XATTR=y
+CONFIG_EROFS_FS_POSIX_ACL=y
+CONFIG_EROFS_FS_SECURITY=y
+CONFIG_EROFS_FS_ZIP=y
+CONFIG_EROFS_FS_ZIP_LZMA=y
 # CONFIG_NETWORK_FILESYSTEMS is not set
 CONFIG_NLS=y
 CONFIG_NLS_DEFAULT="utf8"