projectmoon
/
projectmoon-overlay
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
projectmoon-overlay/docs/Libre-Kernel.md

4.4 KiB
Raw Permalink Blame History

The Linux-libre dist-kernel

This overlay provides a dist-kernel (based on sys-kernel/vanilla-kernel) using the Linux-libre kernel sources, and an accompanying updated version of virtual/dist-kernel. It is maintained and tested for my personal use on amd64. The Linux-libre kernel removes the ability for the Linux kernel to load firmware that is not Free Software. The ebuild roughly follows the current stable 5.15.x gentoo-kernel for amd64.

The libre kernel can be installed alongside other dist-kernels, and works with the dist-kernel and initramfs USE flags. The ebuild does NOT fail if non-free firmware (i.e. sys-kernel/linux-firmware with redistributable USE flag set) is installed, but it will warn you if this is the case. It will also warn you if the linux-firmware package is not found at all, like normal dist-kernel ebuilds.

The kernel installed by this ebuild has the version suffix -gnu-dist, making it easy to determine which kernel it is.

Quick Setup

This is a quick guide for setting up the system to properly install the Linux-libre Kernel. It assumes you have set up the overlay as described in the README.

In /etc/portage/package.use:

# Install only libre firmware
sys-kernel/linux-firmware -redistributable -unknown-license

# libre kernel with gentoo kernel patches applied
sys-kernel/libre-kernel verify-sig

# or, if you do not want gentoo patches applied
sys-kernel/libre-kernel verify-sig -gentoo

In /etc/portage/package.unmask:

sys-kernel/libre-kernel::projectmoon
virtual/dist-kernel::projectmoon
virtual/linux-sources::projectmoon
sec-keys/openpgp-keys-linux-libre::projectmoon

In /etc/portage/package.accept_keywords:

sys-kernel/librem-ec-acpi::projectmoon
sys-kernel/libre-kernel::projectmoon ~amd64
virtual/dist-kernel::projectmoon
virtual/linux-sources::projectmoon

In /etc/portage/package.mask:

# stay on libre kernel
sys-kernel/gentoo-kernel
sys-kernel/gentoo-kernel-bin
sys-kernel/vanilla-kernel
virtual/linux-sources::gentoo

Detailed Instructions

The rest of this documentation covers the quick steps above in detail, and extra information about the Linux firmware package, the Librem EC ACPI module, etc.

Signature Verification

It is recommended to enable GPG signature verification of sys-kenrel/libre-kernel by adding the USE flag to o/etc/portage/package.use:

sys-kernel/libre-kernel verify-sig

Keeping the Linux-libre Kernel Installed

Portage will sometimes try to install sys-kernel/gentoo-kernel or another dist-kernel if there is a newer stable version than sys-kernel/libre-kernel. This happens because of a version bump to virtual/dist-kernel before this overlay has updated its own copy of virtual/dist-kernel.

To prevent portage from attempting to install another dist-kernel instead of the Linux-libre kernel, you should mask other dist-kernels in /etc/portage/package.mask:

# stay on libre kernel
sys-kernel/gentoo-kernel
sys-kernel/gentoo-kernel-bin
sys-kernel/vanilla-kernel

Linux Firmware

Note: If you are running the Linux-libre kernel, it is unlikely (though not impossible) that you need to install sys-kernel/linux-firmware.

To install only the Linux firmware that meets the Free Software Definition, configure /etc/portage/package.use accordingly:

# Install only libre firmware
sys-kernel/linux-firmware -redistributable -unknown-license

You can also edit /etc/portage/profile/package.use.mask to prevent the linux-firmware package from ever installing the closed-source firmware by adding this line:

# forcibly stop non-free firmware installation
sys-kernel/linux-firmware redistributable unknown-license

Using the Librem EC ACPI kernel module

The Librem EC ACPI kernel module should install and be automatically available (via modprobe) after installation, using emerge sys-kernel/librem-ec-acpi. The module is currently installed to /lib/modules/<kernel>/librem/.

This ebuild supports the dist-kernel USE flag, and the module will automatically be rebuilt when installing a new dist-kernel if that flag is enabled.

If you are not using a dist-kernel, you will need to do emerge @modules-rebuild to install the module after you upgrade or install a new kernel.