From ccdcaee17a4250198a431fedd3c6ae8329630225 Mon Sep 17 00:00:00 2001 From: Simone Caronni Date: Tue, 21 Oct 2025 14:20:44 +0200 Subject: [PATCH 1/3] Add build_environment --- dkms.8.in | 21 +++++++++++++++++++++ dkms.in | 10 +++++++--- dkms_framework.conf.in | 4 ++++ 3 files changed, 32 insertions(+), 3 deletions(-) diff --git a/dkms.8.in b/dkms.8.in index 16eb5aa4..9eae92a9 100644 --- a/dkms.8.in +++ b/dkms.8.in @@ -953,6 +953,27 @@ Run no more than this number of jobs in parallel. .B compress_gzip_opts, compress_xz_opts, compress_zstd_opts Control how modules are compressed. By default, the highest available level of compression is used. .TP +.B build_environment +If the directive is set to any non null-value, the content of the directive will be imported into the DKMS shell with the +.B source +command when building modules. + +Can be used to specify a custom +.B gcc +installed in a custom path; and the variable +.B $kernelver +can be used to represent the target kernel version. Some examples: + +Define a custom script to point to a specific GCC ( +.B CC=/opt/gcc12/bin/gcc +): +.B build_environment="/opt/gcc12/env" + +Enable the software collection +.B gcc-toolset-11 +and use it for building an UEK kernel on Oracle Linux: +.B build_environment="/opt/rh/gcc-toolset-11/enable" +.TP .B post_transaction If the directive is set to any non null-value, the content of the directive will be executed with any command that change the content of the kernel modules folder, that is .B dkms autoinstall, dkms install diff --git a/dkms.in b/dkms.in index 835f8bd3..45401295 100644 --- a/dkms.in +++ b/dkms.in @@ -103,8 +103,7 @@ show_deprecation_warnings=0 # All of the variables not related to signing we will accept from framework.conf. readonly dkms_framework_nonsigning_variables="source_tree dkms_tree install_tree tmp_location verbose symlink_modules autoinstall_all_kernels modprobe_on_install parallel_jobs - compress_gzip_opts compress_xz_opts compress_zstd_opts - post_transaction" + compress_gzip_opts compress_xz_opts compress_zstd_opts build_environment post_transaction" # All of the signing related variables we will accept from framework.conf. readonly dkms_framework_signing_variables="sign_file mok_signing_key mok_certificate" @@ -1381,6 +1380,12 @@ do_build() { [[ $kernelver && $arch ]] || die 16 "do_build: Empty \$kernelver or \$arch" + # Source build environment file if specified + if [[ -n "$build_environment" && -f "$build_environment" ]]; then + # shellcheck disable=SC1090 + source "$build_environment" + fi + # If the module has not been added, try to add it. if ! is_module_added "$module" "$module_version" ; then add_module @@ -3302,7 +3307,6 @@ addon_modules_dir="${ADDON_MODULES_DIR}" # Source in configuration not related to signing read_framework_conf "$dkms_framework_nonsigning_variables" - # Clear out command line argument variables module="" module_version="" diff --git a/dkms_framework.conf.in b/dkms_framework.conf.in index 73dd42d9..9f447f0e 100644 --- a/dkms_framework.conf.in +++ b/dkms_framework.conf.in @@ -56,6 +56,10 @@ # compress_xz_opts="--check=crc32 --lzma2=dict=1MiB -6" # compress_zstd_opts="-q --rm -T0 -3" +# Path to a file containing environment variables to be sourced by DKMS. +# This file will be sourced for the build command. +# build_environment="" + # Command to run at the end of every DKMS transaction, for example after a new # kernel has been installed on the system and all modules have been successfully # built and installed. From 699ec79a6bea13bed28a381d6a3f7dab64ea6f99 Mon Sep 17 00:00:00 2001 From: Simone Caronni Date: Tue, 21 Oct 2025 14:31:27 +0200 Subject: [PATCH 2/3] Add Oracle tests with UEK kernel and custom GCC --- .github/workflows/tests.yml | 25 ++++++++++++++++++++----- run_test.sh | 2 +- 2 files changed, 21 insertions(+), 6 deletions(-) diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index 9c9e1e3d..e4065188 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -38,6 +38,9 @@ jobs: - {name: "gentoo/stage3", tag: "latest"} - {name: "opensuse/tumbleweed", tag: "latest", variant: "-default", url: "registry.opensuse.org/"} - {name: "opensuse/leap", tag: "15.6", variant: "-default", url: "registry.opensuse.org/"} + - {name: "oraclelinux", tag: "10", uek: "ol10_UEKR8"} + - {name: "oraclelinux", tag: "9", uek: "ol9_UEKR8", gcc: "gcc-toolset-14"} + - {name: "oraclelinux", tag: "8", uek: "ol8_UEKR7", gcc: "gcc-toolset-11"} - {name: "ubuntu", tag: "25.04"} - {name: "ubuntu", tag: "24.04"} - {name: "ubuntu", tag: "22.04"} @@ -46,21 +49,33 @@ jobs: image: ${{ matrix.distro.url }}${{ matrix.distro.name }}:${{ matrix.distro.tag }} steps: - - name: Install git for checkout action - if: contains(matrix.distro.name, 'opensuse') + - name: Checkout + if: matrix.distro.name == 'opensuse/leap' && matrix.distro.tag == '15.6' + # openSUSE Leap 15.6 does not have tar in the base image run: | - zypper --non-interactive install git - + zypper --non-interactive install tar gzip - uses: actions/checkout@v5 - name: Install dependencies for Red Hat based distributions if: matrix.distro.name == 'almalinux' || matrix.distro.name == 'centos' || matrix.distro.name == 'fedora' - # Relax crypto policies on Fedora 43+ to allow RSA signatures + # Relax crypto policies to allow RSA signatures run: | dnf install -y gawk diffutils elfutils-libelf gcc kernel kernel-devel make openssl patch crypto-policies-scripts update-crypto-policies --set LEGACY make install-redhat + - name: Install dependencies for Oracle Linux + if: matrix.distro.name == 'oraclelinux' + # Relax crypto policies to allow RSA signatures + run: | + dnf config-manager --set-enabled ${{ matrix.distro.uek }} + dnf install -y gawk diffutils elfutils-libelf gcc kernel-uek kernel-uek-devel make openssl patch crypto-policies-scripts + update-crypto-policies --set LEGACY + make install-redhat + if [ -n "${{ matrix.distro.gcc }}" ]; then + echo "build_environment=\"/opt/rh/${{ matrix.distro.gcc }}/enable\"" >> /etc/dkms/framework.conf.d/uek.conf + fi + - name: Install Alpine dependencies if: matrix.distro.name == 'alpine' run: | diff --git a/run_test.sh b/run_test.sh index da711136..a41201a6 100755 --- a/run_test.sh +++ b/run_test.sh @@ -359,7 +359,7 @@ distro_sign_file_candidates= distro_modsigkey=/var/lib/dkms/mok.key distro_modsigcert=/var/lib/dkms/mok.pub case "${os_id}" in - centos | fedora | rhel | ovm | almalinux) + centos | fedora | rhel | ovm | almalinux | ol) expected_dest_loc=extra mod_compression_ext=.xz ;; From 75a1141065aa68d54816f581e65c54c57140458a Mon Sep 17 00:00:00 2001 From: Simone Caronni Date: Tue, 21 Oct 2025 18:27:11 +0200 Subject: [PATCH 3/3] Review fixes --- dkms.8.in | 8 ++++---- dkms.in | 12 ++++++------ dkms_framework.conf.in | 3 ++- 3 files changed, 12 insertions(+), 11 deletions(-) diff --git a/dkms.8.in b/dkms.8.in index 9eae92a9..6f31d363 100644 --- a/dkms.8.in +++ b/dkms.8.in @@ -954,18 +954,18 @@ Run no more than this number of jobs in parallel. Control how modules are compressed. By default, the highest available level of compression is used. .TP .B build_environment -If the directive is set to any non null-value, the content of the directive will be imported into the DKMS shell with the +If the directive is set to any non null-value, when building modules, the exported variables that are in the file will be imported into the DKMS shell with the .B source -command when building modules. +command. Can be used to specify a custom .B gcc installed in a custom path; and the variable .B $kernelver -can be used to represent the target kernel version. Some examples: +can be used inside the environment file to represent the target kernel version. Some examples: Define a custom script to point to a specific GCC ( -.B CC=/opt/gcc12/bin/gcc +.B export CC=/opt/gcc12/bin/gcc ): .B build_environment="/opt/gcc12/env" diff --git a/dkms.in b/dkms.in index 45401295..79ad3d54 100644 --- a/dkms.in +++ b/dkms.in @@ -1380,12 +1380,6 @@ do_build() { [[ $kernelver && $arch ]] || die 16 "do_build: Empty \$kernelver or \$arch" - # Source build environment file if specified - if [[ -n "$build_environment" && -f "$build_environment" ]]; then - # shellcheck disable=SC1090 - source "$build_environment" - fi - # If the module has not been added, try to add it. if ! is_module_added "$module" "$module_version" ; then add_module @@ -1479,6 +1473,12 @@ do_build() fi fi + # Source build environment file if specified + if [[ -n "$build_environment" && -f "$build_environment" ]]; then + # shellcheck disable=SC1090 + source <( (source "$build_environment" &>/dev/null; export -p) ) + fi + # Check for missing BUILD_DEPENDS bd_missing= # shellcheck disable=SC2153 diff --git a/dkms_framework.conf.in b/dkms_framework.conf.in index 9f447f0e..d749319e 100644 --- a/dkms_framework.conf.in +++ b/dkms_framework.conf.in @@ -57,7 +57,8 @@ # compress_zstd_opts="-q --rm -T0 -3" # Path to a file containing environment variables to be sourced by DKMS. -# This file will be sourced for the build command. +# This file will be sourced for the build command. $kernelver can be used in +# the environment file to represent the target kernel version. # build_environment="" # Command to run at the end of every DKMS transaction, for example after a new