Kernel
According to Wikipedia:
- The Linux kernel is an open-source monolithic Unix-like computer operating system kernel.
Arch Linux is based on the Linux kernel. There are various alternative Linux kernels available for Arch Linux in addition to the latest stable kernel. This article lists some of the options available in the repositories with a brief description of each. There is also a description of patches that can be applied to the system's kernel. The article ends with an overview of custom kernel compilation with links to various methods.
Kernel packages are installed under the /usr/lib/modules/
path and subsequently used to generate the vmlinuz executable image in /boot/
. [1] When installing a different kernel or switching between multiple kernels, you must configure your boot loader to reflect the changes.
Officially supported kernels
Community support on forum and bug reporting is available for officially supported kernels.
- Stable — Vanilla Linux kernel and modules, with a few patches applied.
- Hardened — A security-focused Linux kernel applying a set of hardening patches to mitigate kernel and userspace exploits. It also enables more upstream kernel hardening features than linux.
- Longterm — Long-term support (LTS) Linux kernel and modules with configuration options targeting usage in servers.
- Realtime kernel — Maintained by a small group of core developers led by Ingo Molnar. This patch allows nearly all of the kernel to be preempted, with the exception of a few very small regions of code ("raw_spinlock critical regions"). This is done by replacing most kernel spinlocks with mutexes that support priority inheritance, as well as moving all interrupt and software interrupts to kernel threads.
- https://wiki.linuxfoundation.org/realtime/start || linux-rt, linux-rt-lts
- Note: Real-time kernel support was merged into Linux 6.12
- Zen Kernel — Result of a collaborative effort of kernel hackers to provide the best Linux kernel possible for everyday systems. For more details see FAQ and Detailed Feature List.
Compilation
Following methods can be used to compile your own kernel:
- /Arch Build System
- Takes advantage of the high quality of existing linux PKGBUILD and the benefits of package management.
- /Traditional compilation
- Involves manually downloading a source tarball, and compiling in your home directory as a normal user.
- Using custom kernels may cause all kinds of stability and reliability issues, including data loss. Having backups is strongly advised.
- Arch Linux only has official support for #Officially supported kernels. When using a different kernel, please mention so in support requests.
- Best way to increase the speed of your system is to first tailor your kernel configuration to your architecture and processor type.
- You can reduce the size of your kernel (and therefore build time) by not including support for things you do not have or use. For example support for things like Bluetooth, video4linux, 1000Mbit Ethernet, etc.
config
files for the Arch kernel packages are in the Arch package source files (for example, [2] linked from linux). The config
file of your currently running kernel may also be available in your file system at /proc/config.gz
if the CONFIG_IKCONFIG_PROC
kernel option is enabled.Some of the listed packages may also be available as binary packages via Unofficial user repositories.
kernel.org kernels
- Git — Linux kernel and modules built using sources from Linus Torvalds' Git repository.
- Mainline — Kernels where all new features are introduced, released every 2-3 months.
- Next — Bleeding edge kernels with features pending to be merged into next mainline release.
- DRM — Linux kernel with bleeding-edge GPU drivers.
- Longterm 4.19 — Long-term support (LTS) Linux 4.19 kernel and modules.
- Longterm 5.4 — Long-term support (LTS) Linux 5.4 kernel and modules.
- Longterm 5.10 — Long-term support (LTS) Linux 5.10 kernel and modules.
- Longterm 5.15 — Long-term support (LTS) Linux 5.15 kernel and modules.
- Longterm 6.1 — Long-term support (LTS) Linux 6.1 kernel and modules.
Unofficial kernels
- Ck — Contains patches by Con Kolivas (including the MuQSS scheduler) designed to improve system responsiveness with specific emphasis on the desktop, but they are suitable to any workload.
- Clear — Patches from Intel's Clear Linux project. Provides performance and security optimizations.
- Libre — Without proprietary or obfuscated device drivers.
- Liquorix — Kernel replacement built using Debian-targeted configuration and the Zen kernel sources. Designed for desktop, multimedia, and gaming workloads, it is often used as a Debian Linux performance replacement kernel. Damentz, the maintainer of the Liquorix patchset, is a developer for the Zen patchset as well.
- pf-kernel — Provides a handful of awesome features which are not merged into a kernel mainline. Maintained by a kernel engineer. If the port for the included patch for new kernels was not released officially, the patchset provides and supports patch ports to new kernels. The current most prominent patches of linux-pf are UKSM, DDCCI, v4l2loopback and BBRv3.
-
https://pfkernel.natalenko.name || Packages:
- Repository, linux-pfAUR by pf-kernel developer post-factum
- Project C — Kernel with Alfred Chen's Project C patch set (BMQ and PDS schedulers).
- Nitrous — Modified Linux kernel optimized for Skylake and newer.
- tkg — A highly customizable kernel build system that provides a selection of patches and tweaks aiming for better desktop and gaming performance. It is maintained by Etienne Juvigny. Amongst other patches, it offers various CPU schedulers: CFS, Project C PDS, Project C BMQ, MuQSS and CacULE.
- https://github.com/Frogging-Family/linux-tkg || available in chaotic-aur.
- VFIO — The Linux kernel and a few patches written by Alex Williamson (acs override and i915) to enable the ability to do PCI Passthrough with KVM on some machines.
- XanMod — Aiming to take full advantage in high-performance workstations, gaming desktops, media centers and others and built to provide a more rock-solid, responsive and smooth desktop experience. This kernel uses the BFQ I/O scheduler, TCP BBRv3 congestion control, x86_64 advanced instruction set support, partial clear linux patchset, and other default changes.
- https://xanmod.org/ || linux-xanmodAUR, linux-xanmod-ltsAUR, linux-xanmod-rtAUR, linux-xanmod-boreAUR
- linux-cachyos — The Linux SCHED-EXT + BORE + Cachy Sauce Kernel by CachyOS with other patches and improvements kernel and modules
Troubleshooting
Kernel panics
A kernel panic occurs when the Linux kernel enters an unrecoverable failure state. The state typically originates from buggy hardware drivers resulting in the machine being deadlocked, non-responsive, and requiring a reboot. Just prior to deadlock, a diagnostic message is generated, consisting of: the machine state when the failure occurred, a call trace leading to the kernel function that recognized the failure, and a listing of currently loaded modules. Thankfully, kernel panics do not happen very often using mainline versions of the kernel--such as those supplied by the official repositories--but when they do happen, you need to know how to deal with them.
oops=panic
at boot or write 1
to /proc/sys/kernel/panic_on_oops
to force a recoverable oops to issue a panic instead. This is advisable if you are concerned about the small chance of system instability resulting from an oops recovery which may make future errors difficult to diagnose.Examine panic message
If a kernel panic occurs very early in the boot process, you may see a message on the console containing "Kernel panic - not syncing:", but once Systemd is running, kernel messages will typically be captured and written to the system log. However, when a panic occurs, the diagnostic message output by the kernel is almost never written to the log file on disk because the machine deadlocks before system-journald
gets the chance. Therefore, the only way to examine the panic message is to view it on the console as it happens (without resorting to setting up a kdump crashkernel). You can do this by booting with the following kernel parameters and attempting to reproduce the panic on tty1:
systemd.journald.forward_to_console=1 console=tty1
pause_on_oops=seconds
at boot.Example scenario: bad module
It is possible to make a best guess as to what subsystem or module is causing the panic using the information in the diagnostic message. In this scenario, we have a panic on some imaginary machine during boot. Pay attention to the lines highlighted in bold:
kernel: BUG: unable to handle kernel NULL pointer dereference at (null) 1 kernel: IP: fw_core_init+0x18/0x1000 [firewire_core] 2 kernel: PGD 718d00067 kernel: P4D 718d00067 kernel: PUD 7b3611067 kernel: PMD 0 kernel: kernel: Oops: 0002 [#1] PREEMPT SMP kernel: Modules linked in: firewire_core(+) crc_itu_t cfg80211 rfkill ipt_REJECT nf_reject_ipv4 nf_log_ipv4 nf_log_common xt_LOG nf_conntrack_ipv4 ... 3 kernel: CPU: 6 PID: 1438 Comm: modprobe Tainted: P O 4.13.3-1-ARCH #1 kernel: Hardware name: Gigabyte Technology Co., Ltd. H97-D3H/H97-D3H-CF, BIOS F5 06/26/2014 kernel: task: ffff9c667abd9e00 task.stack: ffffb53b8db34000 kernel: RIP: 0010:fw_core_init+0x18/0x1000 [firewire_core] kernel: RSP: 0018:ffffb53b8db37c68 EFLAGS: 00010246 kernel: RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 kernel: RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffffc16d3af4 kernel: RBP: ffffb53b8db37c70 R08: 0000000000000000 R09: ffffffffae113e95 kernel: R10: ffffe93edfdb9680 R11: 0000000000000000 R12: ffffffffc16d9000 kernel: R13: ffff9c6729bf8f60 R14: ffffffffc16d5710 R15: ffff9c6736e55840 kernel: FS: 00007f301fc80b80(0000) GS:ffff9c675dd80000(0000) knlGS:0000000000000000 kernel: CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 kernel: CR2: 0000000000000000 CR3: 00000007c6456000 CR4: 00000000001406e0 kernel: Call Trace: kernel: do_one_initcall+0x50/0x190 4 kernel: ? do_init_module+0x27/0x1f2 kernel: do_init_module+0x5f/0x1f2 kernel: load_module+0x23f3/0x2be0 kernel: SYSC_init_module+0x16b/0x1a0 kernel: ? SYSC_init_module+0x16b/0x1a0 kernel: SyS_init_module+0xe/0x10 kernel: entry_SYSCALL_64_fastpath+0x1a/0xa5 kernel: RIP: 0033:0x7f301f3a2a0a kernel: RSP: 002b:00007ffcabbd1998 EFLAGS: 00000246 ORIG_RAX: 00000000000000af kernel: RAX: ffffffffffffffda RBX: 0000000000c85a48 RCX: 00007f301f3a2a0a kernel: RDX: 000000000041aada RSI: 000000000001a738 RDI: 00007f301e7eb010 kernel: RBP: 0000000000c8a520 R08: 0000000000000001 R09: 0000000000000085 kernel: R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000c79208 kernel: R13: 0000000000c8b4d8 R14: 00007f301e7fffff R15: 0000000000000030 kernel: Code: <c7> 04 25 00 00 00 00 01 00 00 00 bb f4 ff ff ff e8 73 43 9c ec 48 kernel: RIP: fw_core_init+0x18/0x1000 [firewire_core] RSP: ffffb53b8db37c68 kernel: CR2: 0000000000000000 kernel: ---[ end trace 71f4306ea1238f17 ]--- kernel: Kernel panic - not syncing: Fatal exception 5 kernel: Kernel Offset: 0x80000000 from 0xffffffff810000000 (relocation range: 0xffffffff800000000-0xfffffffffbffffffff kernel: ---[ end Kernel panic - not syncing: Fatal exception
- Indicates the type of error that caused the panic. In this case it was a programmer bug.
- Indicates that the panic happened in a function called fw_core_init in module firewire_core.
- Indicates that firewire_core was the latest module to be loaded.
- Indicates that the function that called function fw_core_init was do_one_initcall.
- Indicates that this oops message is, in fact, a kernel panic and the system is now deadlocked.
We can surmise then, that the panic occurred during the initialization routine of module firewire_core as it was loaded. (We might assume then, that the machine's firewire hardware is incompatible with this version of the firewire driver module due to a programmer error, and will have to wait for a new release.) In the meantime, the easiest way to get the machine running again is to prevent the module from being loaded. We can do this in one of two ways:
- If the module is being loaded during the execution of the initramfs, reboot with the kernel parameter
rd.blacklist=firewire_core
. - Otherwise reboot with the kernel parameter
module_blacklist=firewire_core
.
Reboot into root shell and fix problem
You will need a root shell to make changes to the system so the panic no longer occurs. If the panic occurs on boot, there are several strategies to obtain a root shell before the machine deadlocks:
- Reboot with the kernel parameter
emergency
,rd.emergency
, or-b
to receive a prompt to login just after the root filesystem is mounted andsystemd
is started.
- Note: At this point, the root filesystem will be mounted read-only. Execute
mount -o remount,rw /
as the root user to make changes.
- Reboot with the kernel parameter
rescue
,rd.rescue
,single
,s
,S
, or1
to receive a prompt to login just after local filesystems are mounted. - Reboot with the kernel parameter
systemd.debug_shell
to obtain a very early root shell on tty9. Switch to it with by pressingCtrl+Alt+F9
. - Experiment by rebooting with different sets of kernel parameters to possibly disable the kernel feature that is causing the panic. Try the "old standbys"
acpi=off
andnolapic
.
- Tip: See kernel-parameters.html for all kernel parameters.
- As a last resort, boot with an Arch Linux installation medium and mount the root filesystem on
/mnt
then executearch-chroot /mnt
as the root user. - Disable the service or program that is causing the panic, roll-back a faulty update, or fix a configuration problem.
Debugging regressions
See General troubleshooting#Debugging regressions.
Try linux-mainlineAUR to check if the issue is already fixed upstream. The pinned comment also mentions a repository which contains already built kernels, so it may not be necessary to build it manually, which can take some time.
It may also be worth considering trying the LTS kernel (linux-lts) to debug issues which did not appear recently. Older versions of the LTS kernel can be found in the Arch Linux Archive.
If the issue still persists, bisect the linux-gitAUR kernel and report the bug in accordance to the kernel process for reporting regressions. Depending on the Bugtracker (B:
) entry in the MAINTAINERS
file this then entails opening an issue via the subsystems mailing lists, Kernel Bugzilla, or in other issue trackers like the DRM Gitlab. It is important to try the "vanilla" version without any patches to make sure it is not related to them. If a patch causes the issue, report it to the author of the patch.
Building a smaller kernel
You can shorten kernel build times by building only the modules required by the local system using modprobed-db, or by make localmodconfig
. Of course you can completely drop irrelevant drivers, for example sound drivers to debug a network problem.
See also
- O'Reilly - Linux Kernel in a Nutshell (free ebook)
- What stable kernel should I use? by Greg Kroah-Hartman
- Linux kernel documentation