I'd like to build the 6.10 series of kernels for x86/64. I do not care about other targets. As I type this, the 6.10 series of kernels is current stable mainline so I would like to target that. I did find this thread.
What I have done so far is:
copy target/linux/x86/patches-6.6 to target/linux/x86/patches-6.10 and refresh them
copied the respective 6.6 files to 6.10: include/kernel-6.10target/linux/x86/64/config-6.10target/linux/x86/config-6.10
Edited target/linux/x86/Makefile
Is there a make target that will refresh the needed kernel configs ie make olddefconfig or something unique to the OpenWrt build system? Thanks for any tips.
You are trying to do a lot of work with apparently very small gain!?
So what have you found in 6.10 that is so important?
To change a kernel takes a couple of month just to get the kernel working with all patches and differences since last upgrade. It is like the software dev version of brain surgery.
And once you have a working buildable kernel the work to get it working with actual devices comes.
And this is not counting the dev time added if any dependable package has been changed that make the whole project go to a stand still until solved.
Maybe you haven’t noticed, but we don’t have a stable release for 2024 yet, and I can’t even say it will come one. The reason for that is because it was decided half way done to upgrade from 6.1 to 6.6 to get longer available LTS time.
The huge, layered, patch stacks (which wouldn't be necessary for x86_64, but are for pretty much all other targets) is what makes this endeavour difficult - identifying what has been merged meanwhile, what has been merged in a different way and needs changes elsewhere, what needs porting, what needs rebasing and fixing. The first target taking on this task is obviously the most difficult one (and for strange reasons, that is rarely x86_64). 'Sadly' (no, I do understand this, but it makes things difficult) a lot of patches have crept into 'generic', because they are wanted/ needed for multiple targets - so it's rather difficult to distinguish between patches that are necessary for OpenWrt to work properly (e.g. some sysctl changes the firewall relies upon), which are just there to support special hardware (as in not necessary for x86) for multiple targets that isn't supported mainline yet and which are just hacks to decrease kernel size, reduce unaligned accesses and similar optional cruft (which is necessary for extremely resource constrained devices, but just makes rebasing difficult).
As a result, porting OpenWrt to newer kernels is harder as it could/ should be, but sadly most of the common plastic routers really require those patches. Only few targets are (mostly) mainline ready, without needing extensive patches of some kind. Obviously there is a strong desire for upstream-first development in OpenWrt, to reduce these pains - but there sadly are many required patches that will need a long time cooking to become palatable to mainline developers (and for many of the old targets, where even more patching was required or the recent QCA based targets with large gaps in mainline support, this is rather wishful thinking - making this a question between wanting to get this hardware supported while it still matters or taking years of 'unusable' mainline development).
It would be great if OpenWrt were easier to push forward to newer kernels, but if it were - most of the primary targets would pretty much fall by the wayside (or would require a massive influx of new/ additional developer manpower to stay closer on top of mainline developments).
Thanks for the replies, all. I was thinking I would good to learn how to do the update, but see now that even for x86/64 that it isn’t trivial and for a non-LTS kernel, too much effort.
I am assuming that the answer to my question about the kernel config update is: it’s a manual process to add the new symbols to, generic, x86, and x86/64.
Unless I missed some magic bullet (very well possible), it was a fully manual process for me - symbol by symbol (wait for the the build to fail, add the new settings, rinse and repeat; yes, there is make kerneloldconfig, but that didn't catch everything).
you can always try * running openwrt in a container, it's actually pretty easy with systemd-nspawn. In a way it makes more sense to do that with a x86 target anyway, they typically exceed the requirements to run openwrt by a fair amount, especially in memory. This let you also use a single host to run multiple containers of openwrt, so for instance you can have an internet router, then a vpn router, different containers same host and from my experience it works well, but I haven't tried advanced things like SQM/QOS or advanced firewall rules the only limitation I see so far for me is the ntp server facilities don't work, but it seems like there are --capability arguments that can be used to grant access. Another thing I want to look into is limiting what cpus a container can run on, which appears to be possible, so then the routing performance won't be impacted as much if I do a heavy task like encoding or something in a nother container or the host.
I've been thinking about outlinining all the steps to do it, even to make things easier for myself next time I set things up.
* I realise it's unsupported and may not work as expected
It is explicitly unsupported, because it doesn't and can't work. In a container, OpenWrt can't load/ unload kernel modules, set sysctl configurations or get hardware (device) access, this doesn't work. Yes, you can get the webinterface, but the primary functionality is fundamentally broken and insecure (as settings the firewall depends on simply fail).
That is incorrect, but I'm not going to repeat this again. A lot of functionality required by OpenWrt is not just userspace based, but depends on kernel features and settings (among others, sysctl). Those things not working is dangerous, both in terms of things not working at all and more subtile security holes.
If the time isn’t working the encryption isn’t working and then TLS can get disconnected mostly depending on how much wrong time you have and if it is wrong before or after real time.
Encryption to begin with is hard to get it working on real hardware. To get meaningful entropy in virtual environments is just making it even harder.