Kali Linux: kernel build
In today's article we publish the translation of the next fragment of the book “ Kali Linux Revealed ”. From it, you will learn how to modify and build your own Linux kernel. This topic is devoted to the second section of the ninth chapter.
Standard Kali kernels include maximum features and all available driver sets. This is done so that the system can work on as many existing hardware configurations as possible. That is why some users prefer to recompile the kernel so that it contains only what they need. There are two reasons for this step. The first is the optimization of memory consumption, since all kernel code, even if it is not used, takes up physical memory. Since statically compiled kernel fragments never move to the paging space, a general decrease in system performance will occur due to the presence of built-in drivers and features that are never used. The second reason is that reducing the number of drivers and kernel mechanisms reduces the risk of security problems, since only a fraction of the available kernel code is used.
Recompiling the kernel is also necessary if you need to take advantage of certain features that are available only in the form of patches (and are not included in the standard version of the kernel).
')
Debian and Kali support the kernel in package form, which is not surprising, but it differs from the traditional approach to compiling and installing the kernel. Since the kernel is under the control of the package management system, it can be easily removed or deployed on several machines. Moreover, the scripts associated with these packages automate the interaction with the operating system loader and the
The official Linux source code contains everything you need to build a Debian kernel package, but first you need to install the
To install the above packages, use the following command:
Since the Linux kernel sources are available as a package, you can download them by installing the
Below we look at working with the Linux kernel version 4.9, but our examples, of course, can be adapted to the version of the kernel you need.
Citing this example, we assume that the
The next step is to configure the kernel according to your needs. The exact procedure depends on the goals of whoever builds the new kernel.
The build process depends on the kernel configuration file. In most cases, it makes sense to deviate as little as possible from the standard Kali configuration file, which, like in all Linux distributions, is installed in the
In addition, since there is a standard kernel configuration in
In the event that you do not need configuration changes, you can stop there and go to Section 9.2.4, “Compiling and Building a Package”. If you need to make changes, or you decide to reconfigure everything from scratch, then you will need to do the settings. In the source code folder there are special tools for configuring the kernel. To use them, you need a command like
The
Other tools have similar capabilities, but they are designed in the form of graphical applications. For example, the
After the kernel setup is complete, we need a simple
The
In order to use the assembled kernel, there is only one step left, which is to install the required packages using the
Today we talked about building your own kernel for Kali Linux. This process involves downloading the source code, making the necessary modifications, compiling, and, in fact, building. After that, the new kernel can be installed and used. Next time we will talk about creating Live images that can be used to boot the system from optical media and flash drives.
Dear readers! If you have been building your own Linux kernels, please share your experience.
Previous parts:
→ Part 1. Kali Linux: security policy, protecting computers and network services
→ Part 2. Kali Linux: filtering traffic using netfilter
→ Part 3. Kali Linux: monitoring and logging
→ Part 4. Kali Linux: system protection and monitoring exercises
→ Part 5. Kali Linux: System Security Assessment
→ Part 6. Kali Linux: types of information system checks
→ Part 7. Kali Linux: research formalization and attack types
→ Part 8. Kali Linux: security test questions
→ Part 9. Kali Linux: package modification
9.2. Recompiling the Linux kernel
Standard Kali kernels include maximum features and all available driver sets. This is done so that the system can work on as many existing hardware configurations as possible. That is why some users prefer to recompile the kernel so that it contains only what they need. There are two reasons for this step. The first is the optimization of memory consumption, since all kernel code, even if it is not used, takes up physical memory. Since statically compiled kernel fragments never move to the paging space, a general decrease in system performance will occur due to the presence of built-in drivers and features that are never used. The second reason is that reducing the number of drivers and kernel mechanisms reduces the risk of security problems, since only a fraction of the available kernel code is used.
▍ Building your own kernel and updating the system
If you decide to build your own kernel, you must understand that responsibility for the consequences falls on you. The Kali command cannot provide security updates for your kernel. When you work with the kernel provided by Kali, you also use the updates prepared in the framework of the Debian Project.
Recompiling the kernel is also necessary if you need to take advantage of certain features that are available only in the form of patches (and are not included in the standard version of the kernel).
')
▍About the Debian Kernel Handbook
The Debian kernel team keeps the The Debian Kernel Handbook up to date (it is also available as adebian-kernel-handbookpackage). This is detailed documentation describing most of the tasks related to the kernel and how official Debian kernel packages are supported. If you need details on building your own kernel, in The Debian Kernel Handbook you should take a look first.
9.2.1. Preparation and Prerequisites
Debian and Kali support the kernel in package form, which is not surprising, but it differs from the traditional approach to compiling and installing the kernel. Since the kernel is under the control of the package management system, it can be easily removed or deployed on several machines. Moreover, the scripts associated with these packages automate the interaction with the operating system loader and the
initrd generator.The official Linux source code contains everything you need to build a Debian kernel package, but first you need to install the
build-essential package in order to provide the tools to build Debian packages. Moreover, the kernel configuration requires the libncurses5-dev package. Finally, the fakeroot package allows you to create Debian packages without administrative privileges.To install the above packages, use the following command:
# apt install build-essential libncurses5-dev fakeroot 9.2.2. Download Source Code
Since the Linux kernel sources are available as a package, you can download them by installing the
linux-source-version package. Using the apt-cache search ^linux-source command, you can list the latest versions of the Kali kernel. Please note that the source code contained in these packages is different from what Linus Torvalds and kernel developers publish . Like all distributions, Debian and Kali use a number of patches that may or may not be present in the official version of Linux. These modifications include backports of patches, functions and drivers from newer kernel versions, new features that are not fully integrated into the official Linux code, and sometimes even changes specific to Debian and Kali.Below we look at working with the Linux kernel version 4.9, but our examples, of course, can be adapted to the version of the kernel you need.
Citing this example, we assume that the
linux-source-4.9 binary package is installed. Please note that we install a binary package containing the official source code, but do not download the package with the Kali source code, which is called linux. # apt install linux-source-4.9 Reading package lists... Done Building dependency tree Reading state information... Done The following additional packages will be installed: bc libreadline7 Suggested packages: libncurses-dev | ncurses-dev libqt4-dev The following NEW packages will be installed: bc libreadline7 linux-source-4.9 0 upgraded, 3 newly installed, 0 to remove and 0 not upgraded. Need to get 95.4 MB of archives. After this operation, 95.8 MB of additional disk space will be used. Do you want to continue? [Y/n] y [...] # ls /usr/src linux-config-4.9 linux-patch-4.9-rt.patch.xz linux-source-4.9.tar.xz 9.2.3. Kernel configuration
The next step is to configure the kernel according to your needs. The exact procedure depends on the goals of whoever builds the new kernel.
The build process depends on the kernel configuration file. In most cases, it makes sense to deviate as little as possible from the standard Kali configuration file, which, like in all Linux distributions, is installed in the
/boot directory. In this case, instead of reconfiguring everything from scratch, it’s enough to make a copy of the /boot/config-version file. The version should be exactly the same as the version of the kernel currently in use, which can be found out using the uname -r command. Place the copy in the .config file located in the directory containing the kernel source code. $ cp /boot/config-4.9.0-kali1-amd64 ~/kernel/linux-source-4.9/.config In addition, since there is a standard kernel configuration in
arch/arch/configs/*_defconfig , you can put the selected configuration where you need, using a command like make x86_64_defconfig (in the case of a 64-bit PC), or make i386_defconfig (for 32 -bit computer).In the event that you do not need configuration changes, you can stop there and go to Section 9.2.4, “Compiling and Building a Package”. If you need to make changes, or you decide to reconfigure everything from scratch, then you will need to do the settings. In the source code folder there are special tools for configuring the kernel. To use them, you need a command like
make target , where target — the name of one of the tools described below.The
make menuconfig command compiles and runs a text-based interface for configuring the kernel (this is where the libncurses5-dev package is needed), which gives access to a variety of kernel settings, presented in a hierarchical structure. Pressing the space bar allows you to change the value of the selected option. Enter key "press" the buttons that are selected at the bottom of the screen. The Select button at the bottom of the screen is used to go to the selected submenu. The Exit button closes the current screen and scrolls up the hierarchy. The Help button displays more detailed information about the selected option. The arrow keys allow you to move through the list of options and on-screen buttons. To exit the configuration program, select the Exit command from the main menu. Then the program will offer to save the changes, do it if everything suits you.Other tools have similar capabilities, but they are designed in the form of graphical applications. For example, the
make xconfig uses a Qt-based GUI, the make gconfig uses GTK +. The first of these two commands requires libqt4-dev , while the second depends on libglade2-dev and libgtk2.0-dev .▍Work with obsolete .config files
When you use a.configfile that is generated for a different (usually older) kernel version, you will need to update it too. This can be done using the commandmake oldconfig, which, in interactive mode, will ask a series of questions about the new configuration options. If you want to use the default answers to all questions, you can use themake olddefconfig. Themake oldnoconfigautomatically answers all questions negatively.
9.2.4. Compiling and building a package
▍Clear before rebuilding
If you have already compiled the kernel in the directory you are working with and want to rebuild everything from scratch (for example, because you have significantly changed the configuration of the kernel), you need to run the commandmake cleanin order to remove the compiled files. Themake distcleanremoves even more generated files, including the.configfile. Therefore, before cleaning, make a backup copy of this file just in case.
After the kernel setup is complete, we need a simple
make deb-pkg command. It allows you to generate up to five Debian packages in the standard .deb format. These are the following files:- The
linux-image-versionfile contains the kernel image and the corresponding modules. - The
linux-headers-versionfile contains the header files required for building external modules. - The
linux-firmware-image-versionfile includes the firmware files that some drivers need (this package may not be available if you build the kernel from sources from Debian or Kali). - The
linux-image-version-dbgfile contains debugging symbols for the kernel image and its modules. - The
linux-libc-devfile includes headers related to some user-space libraries, such as GNU C (glibc).
The
version value in file names is specified as a combination of the official version (as specified in the VERSION , PATCHLEVEL , SUBLEVEL , and EXTRAVERSION in the Makefile ), the LOCALVERSION configuration parameter LOCALVERSION and the LOCALVERSION environment LOCALVERSION . When generating a version of a package, the same version string is used with the revision number attached to it, which is regularly incremented (and stored in .version) , unless you have redefined this number using the KDEB_PKGVERSION environment KDEB_PKGVERSION . $ make deb-pkg LOCALVERSION=-custom KDEB_PKGVERSION=$(make kernelversion)-1 [...] $ ls ../*.deb ../linux-headers-4.9.0-kali1-custom_4.9.2-1_amd64.deb ../linux-image-4.9.0-kali1-custom_4.9.2-1_amd64.deb ../linux-image-4.9.0-kali1-custom-dbg_4.9.2-1_amd64.deb ../linux-libc-dev_4.9.2-1_amd64.deb In order to use the assembled kernel, there is only one step left, which is to install the required packages using the
dpkg -i file.deb . Here you need the linux-image package. If there are external kernel modules to build, you will need to install the linux-headers package. This happens if some packages *-dkms (you can check this with the dpkg -l "*-dkms" | grep ^ii ). Other packages are not needed in most cases.Results
Today we talked about building your own kernel for Kali Linux. This process involves downloading the source code, making the necessary modifications, compiling, and, in fact, building. After that, the new kernel can be installed and used. Next time we will talk about creating Live images that can be used to boot the system from optical media and flash drives.
Dear readers! If you have been building your own Linux kernels, please share your experience.
Previous parts:
→ Part 1. Kali Linux: security policy, protecting computers and network services
→ Part 2. Kali Linux: filtering traffic using netfilter
→ Part 3. Kali Linux: monitoring and logging
→ Part 4. Kali Linux: system protection and monitoring exercises
→ Part 5. Kali Linux: System Security Assessment
→ Part 6. Kali Linux: types of information system checks
→ Part 7. Kali Linux: research formalization and attack types
→ Part 8. Kali Linux: security test questions
→ Part 9. Kali Linux: package modification
Source: https://habr.com/ru/post/341428/
All Articles