ezxpro
commented
6 years ago @jwylder1 @awheeler-mmi @charleseb @motorolamobility @chenyt9
Closed ezxpro closed 4 years ago
ezxpro
commented
6 years ago @jwylder1 @awheeler-mmi @charleseb @motorolamobility @chenyt9
fernandobouchet
commented
6 years ago Where or how did you get the defconfig to build? You follow moto's readme? For wich device are you building?
ezxpro
commented
6 years ago I'm building for Cedric (Moto g5) and the defcinfig I'm using is the one found in the source code's subdirectory arch/arm/configs/. The only Readme that comes with the source code, as far as I know, is equal to upstream Linux's Readme, so it tells me nothing very useful.
fernandobouchet
commented
6 years ago You need your device specific defconfig, take a look at this instructions:
You can also extract the defconfig from stock boot.img
https://github.com/MotorolaMobilityLLC/kernel-msm/issues/73#issuecomment-228717810
ezxpro
commented
6 years ago @attack11 ok, I'll try that asap
ezxpro
commented
6 years ago @attack11 can't compile using that either. I'll ask for an updated readme file, the one you provided is wrong (it links some potter files into the defconfig, or it is for potter I guess) and the other one available for Cedric didn't achieve compilation of the latest kernel
Jleeblanch
commented
5 years ago @ezxpro If your running the stock firmware which has the kernel version your trying to build, you can pull the defconfig used from the device itself (located at /proc/config.gz).
It also appears that they released an updated readme file for the Moto G5 (Cedric) a day or so after your comments https://github.com/MotorolaMobilityLLC/readme/commit/93d1eafd09250bb1df7b7b88c589679eec9b656f
ezxpro
commented
5 years ago @Jleeblanch thanks, I managed to pull the defconfig from the location you informed (my device is on stock firmware, which has the same kernel version I intended to compile) and successfully compiled the kernel, but besides the zImage generated after compilation, I get 5 small dtb files (each sized about 220k, whereas the one packed in the boot image has about 1MB). Phone now gets stuck on boot screen :(
About the readme they posted, that seems to be an invalid file. Not only do they provide broken instructions (e.g a script that has incorrect/broken syntax), but the defconfig generated from Motorola's instructions misses no less than 4000 lines in comparison to the defconfig present in the device itself.
Apart of that, I doubt very much the version of the source code Motorola released is an exact match of the one they used to build the kernel themselves, I had to fix many wrong/missing header references in the source code before being able to compile the kernel using that defconfig you pointed, which leads me to think they have a significantly different source code at Motorola
fernandobouchet
commented
5 years ago @ezxpro you need to recreate the dtb with the dtb binary
https://github.com/xiaolu/mkbootimg_tools
But if you use anykernel to flash the kernel it "should" work or at least boot without the dtb,You are flashing in the correct partition?
ezxpro
commented
5 years ago @attack11 with anykernel I managed to boot the system, but it asked to decrypt data partition (partition was not encrypted before). I tried then formatting the partition, but upon doing it also gets stuck on bootlogo , and yes, I'm sure I'm flashing the correct partition since I used another Moto G5 kernel zip file as a template
artem
commented
5 years ago @ezxpro
the defconfig generated from Motorola's instructions misses no less than 4000 lines in comparison to the defconfig present in the device itself.
it's intended, make oldconfig automatically generates full defconfig from minified one
fernandobouchet
commented
5 years ago @ezxpro , I saw your sources, Why dont you cloned the repo? You are missing there all commits history,You need to revert this commit: https://github.com/MotorolaMobilityLLC/kernel-msm/commit/120b471489be6b832ee7a402e0027bb81c9e8c40
ezxpro
commented
5 years ago @attack11 I work from various computers so I have to clone this repo a lot. That's the reason I didn't clone the entire repo, I just initialized a new repo using the source code provided for my specific device. I'll also take a look into this commit, thanks.
Jleeblanch
commented
5 years ago @ezxpro As @attack11 mentioned, you need to disable verity on the /system and/or /vendor partitions before it'll boot. You can revert the commit he pointed out, or simply remove the verify flag in the dtsi file(s) relating to your specific device. Either way will work.
Also, unless you plan to generate a full boot.img, you don't need to do any more with the dtb files after compiling has completed.
ezxpro
commented
5 years ago @attack11 @Jleeblanch I successfully compiled it using motorola's instructions by commenting out the gcc-wrapper.py from the makefile AND concatenating the used configs myself (their perls script has broken syntax) Now I have to see if it boots.
ezxpro
commented
5 years ago Worked like a charm, now let's customize it :smile:
ezxpro
commented
5 years ago @ab123321 thanks for pointing that out.
Just a few remarks, before expanding the defconfig to the full one, it must be renamed to .config and must be within the kernel's root directory. Then you should first issue
make defoldconfig And just then make oldconfig . Issuing make oldconfig directly will generate an entirely new (and empty) defconfig.
boris-kolpackov
commented
4 years ago For anyone else trying to figure our why module signing is enable even though you've explicitly disabled it, CONFIG_SECURITY_LOCKDOWN_LSM=y forces it. So this seems to do the trick:
scripts/config --disable SECURITY_LOCKDOWN_LSM
scripts/config --disable MODULE_SIG
szylhh
commented
1 year ago 对于任何其他试图弄清楚为什么启用模块签名的人,即使您已明确禁用它,CONFIG_SECURITY_LOCKDOWN_LSM=y 也会强制执行它。所以这似乎可以解决问题:
scripts/config --disable SECURITY_LOCKDOWN_LSM scripts/config --disable MODULE_SIGHello, I also encountered the same problem. How can I solve it? Modified
`# CONFIG_MODVERSIONS is not set
but it will not take effect after compilation. How should I disable kernel module signing?
szylhh
commented
1 year ago 对于任何其他试图弄清楚为什么启用模块签名的人,即使您已明确禁用它,CONFIG_SECURITY_LOCKDOWN_LSM=y 也会强制执行它。所以这似乎可以解决问题:
scripts/config --disable SECURITY_LOCKDOWN_LSM scripts/config --disable MODULE_SIG
I want to disable kernel modules signature, but it seems to be forced on. I checked a lot of information and can't turn it off.
I tried with several toolchains, always get the same error
EDIT: I found out what's causing the problem, but can't sort it out. I grabbed the proper defconfig file
arch/arm/configs. The .config file generate afterwards has a pair of troublesome flags:CONFIG_SYSTEM_TRUSTED_KEYSCONFIG_MODULE_SIG_KEYThese flags (or one of them, can't remember right now because I'm on my smartphoe) points to a certain certificate file that apparently doesn't exist in the kernel tree, thus making the compilation fail. That happens because the flagCONFIG_MODULE_SIG- which enables the kernel to check the modules cryptographically for a certain signature - is enabled.There are several problems here, because as far as I know the Android kernel doesn't load modules by default. After that, I simply commented those lines out, but upon typing
make - j10I'm prompted for theCONFIG_MODULE_SIG_KEYpath, in other words,CONFIG_MODULE_SIGis enabled automatically even if I leave the fields in blank I'll get the same compilation error again.That also happens if I set these flag's values to n.
So in fact what happens is that regardless of those lines being marked as y, n or being commented out, this feature will be enabled anyways and compilation will always fail since the required certificate is not present in the kernel tree.