Kernel recompile on Asus EEE
I am the very proud owner of an Asus EEE! I can't even describe how happy even the default simple interface of this machine makes me. It's about 1/4 the size of my 15" MacBook Pro, but I've already set it up to do full-featured software development in Java and C - perfect for the airplane environment in which I often find myself developing software.
I had until yesterday two problems:
i) By default the Xandros kernel installed on the device doesn't support more than 1Gb of RAM.
ii) My work environment requires encryption of the filesystem, and because the device mapper isn't supported, I couldn't use dm-crypt and cryptsetup to access encrypted partitions.
So I had to compile a new kernel - woah!
Asus has made the kernel source for the stock hardware available so I downloaded and uncompressed it, installing it to /usr/src.
I got the original kernel configuration file from /boot/config-2.6.21.4-eeepc, and copied this to /usr/src/linux/.config, and ran:
I adjusted the following kernel settings:
i) High memory, currently set to 1GB to 4GB
ii) Device Mapping (in RAID and LVM) CONFIG_MD, and CONFIG_BLK_DEV_DM, CONFIG_DM_CRYPT as modules ('m' option).
and then compiled a new kernel in the usual way:
Note also that I DID NOT run 'make install' to put the kernel in /boot!
It turns out that Asus used something called unionfs - a filesystem that merges directories or disk partitions to appear as a single filesystem. Although this is terribly tricky, it turns out they did this to make it hard for someone to mess up their PC so badly they wouldn't be able to restore it to factory settings on their own. And this means that however hard you try, you can only make it look as if you installed a new kernel in /boot - it won't happen because you are looking only at the user partition of your filesystem, not the system partition, which contains the real /boot directory!
Anyway, what that means is that you need to find another way to install your new kernel. My way involved getting into single-user mode on your EEE PC - like this. Once I had done that, I edited the real /boot directory to add my new kernel and system map, and then edited /boot/grub/menu.lst to include the new kernel (in addition to adding the rescue mode entry, as detailed on the wiki link above). You could also build your kernel on another machine and put it on a USB drive to ship it to the EEE PC, but you'd still need to be in single-user mode to install it.
I booted to the new kernel, and started using cryptsetup to encrypt my USB disk!
Next I can look forward to breaking the warranty by putting "too much" memory in it...
I had until yesterday two problems:
i) By default the Xandros kernel installed on the device doesn't support more than 1Gb of RAM.
ii) My work environment requires encryption of the filesystem, and because the device mapper isn't supported, I couldn't use dm-crypt and cryptsetup to access encrypted partitions.
So I had to compile a new kernel - woah!
Asus has made the kernel source for the stock hardware available so I downloaded and uncompressed it, installing it to /usr/src.
I got the original kernel configuration file from /boot/config-2.6.21.4-eeepc, and copied this to /usr/src/linux/.config, and ran:
make oldconfigI then adjusted the CONFIG_LOCALVERSION in the config file to be -eeepc-HIGHMEM, and set the other variables via:
make prepare
make scripts
make config(as 'make menuconfig' didn't work for me).
I adjusted the following kernel settings:
i) High memory, currently set to 1GB to 4GB
ii) Device Mapping (in RAID and LVM) CONFIG_MD, and CONFIG_BLK_DEV_DM, CONFIG_DM_CRYPT as modules ('m' option).
and then compiled a new kernel in the usual way:
make bzImageNow crucially, because I changed the name of the "local version", the modules got copied to a new sub-directory of /lib/modules. If you don't change the name, and you use the stock source, your existing modules will be overwritten, and because you changed the memory settings, you will have weird events when you try to boot your old kernel that will try unsuccessfully to use the new modules.
make modules
make modules_install
Note also that I DID NOT run 'make install' to put the kernel in /boot!
It turns out that Asus used something called unionfs - a filesystem that merges directories or disk partitions to appear as a single filesystem. Although this is terribly tricky, it turns out they did this to make it hard for someone to mess up their PC so badly they wouldn't be able to restore it to factory settings on their own. And this means that however hard you try, you can only make it look as if you installed a new kernel in /boot - it won't happen because you are looking only at the user partition of your filesystem, not the system partition, which contains the real /boot directory!
Anyway, what that means is that you need to find another way to install your new kernel. My way involved getting into single-user mode on your EEE PC - like this. Once I had done that, I edited the real /boot directory to add my new kernel and system map, and then edited /boot/grub/menu.lst to include the new kernel (in addition to adding the rescue mode entry, as detailed on the wiki link above). You could also build your kernel on another machine and put it on a USB drive to ship it to the EEE PC, but you'd still need to be in single-user mode to install it.
I booted to the new kernel, and started using cryptsetup to encrypt my USB disk!
Next I can look forward to breaking the warranty by putting "too much" memory in it...
posted by John at 1:32 PM
3 Comments:
I was able to make menuconfig, by having 'apt-get install libncurses-dev' from debian repository first.
I find your info most useful.
I am trying to rebuild the eeepc kernel as well. My focus is trying to build the ip_table kernel modules as these are missing in current installation, and breaks iptables.
Thanks.
Hi, thanks for this interesting account. I was able to make a kernel following in these steps + a few hidden. For instance, in order to make an initramfs (initrd) for the new kernel, I had to install yaird from some added repositories, do that in the desktop, then copy it over to the system /boot in single mode. A little convoluted ;p
Now, finally, I can boot to my kernel but get a login screen where passwords are required. Although I can find passwd in single mode, I cannot get it to run from there. So, I ran it for both user and root in the desktop, then copied /etc/passwd from mnt-user to mnt-system in single mode. Not surprisingly, that didn't work.
If your Asus Eee support PAE and NX (check /proc/cpuinfo) you can enable CONFIG_HIGHMEM64G for increased security.
Post a Comment
<< Home