As of kernel 4.14.3, The NPT patch is part of the default kernel shipped in Fedora 27 and so this guide is no longer relevant. This post will be left as guide to adding custom patches to packaged Fedora kernel.
If you’ve followed this guide to install the NPT or ACS patches, you’ll notice that it requires you to install the patched kernel manually. This isn’t usually an issue unless you also use things like the Nvidia driver, VirtualBox or other things that require a kernel module to be built in which case, the builds may fail with logs citing kernel-devel-uname-r package not found or similar.
This guide will show you how to build proper packages for your patched kernel. At least in Fedora.
STEP 1: Dependencies
In order to build the kernel, you need the right tools. Run these commands to install them:
sudo dnf groupinstall "Development Tools"
sudo dnf install rpmdevtools
sudo dnf build-dep kernel
This installed the tools needed to compile code, build RPM packages and other stuff needed to build the kernel.
Next, run:
rpmdev-setuptree
to create the environment to build RPM packages.
STEP 2: Get the sources
Can’t build a kernel without source code!
cd ~/rpmbuild/SOURCES
sudo dnf download --source kernel
rpm2cpio kernel-* | cpio -i --make-directories
mv kernel-*.src.rpm ../SRPMS
What these commands do is move you to the source directory for the kernel, download the source for the latest release kernel, extract the source and move the original source RPM into the source RPM folder.
Next, get the patches: [ACS patch] [NPT patch] Skip the ACS patch if you don’t need it.
For the ACS patch, create a file called linux-vfio.patch in your downloads folder and copy/paste the text into it.
Use these commands to move the patches into the sources directory if you’re lazy.
mv ~/Downloads/KVM-SVM-obey-guest-PAT.patch ~/rpmbiuld/SOURCES
mv ~/Downloads/linux-vfio.patch ~/rpmbuild/SOURCES
Now move the kernel.spec file into the SPECS folder and move to that folder yourself.
mv kernel.spec ../SPECS
cd ../SPECS
STEP 3: Editing stuff
Now. open the kernel.spec file in your favourite text editor and change the line:
# define buildid .local
to
%define buildid .patched
This should be at about line 26.
Now add out patches to the list. Scroll down and look for lines that look like: Patch000: This-is-a.patch and keep scrolling until you find # END OF PATCH DEFINITIONS.
Just above that line add:
Patch998: linux-vfio.patch
Patch999: KVM-SVM-obey-guest-PAT.patch
Skip the linux-vfio.patch line if you didn’t download the ACS patch.
Then save the file. Now onto the “fun” part.
STEP 4: Building
Depending on how fast you CPU is, this may take anywhere between 15 minutes to hours.
Run this command, sit back, and relax. Maybe watch the latest Level1News or something.
rpmbuild -ba kernel.spec
This is compiling the kernel and building the RPM packages for you to install.
STEP 5: Installing
Once that’s done, install the freshly built packages:
cd ../RPMS/x86_64
sudo dnf install kernel-core*.rpm kernel-devel*.rpm kernel-headers*.rpm kernel-modules*.rpm
Then reboot, select the patched kernel in the boot menu and enjoy.
Unfortunately, this will have to be re-done every time you want to update the kernel. Perhaps I should set up a copr repo or something to make this as pain-free as possible.
This guide can also be followed to add other patches to the kernel if you substitute the NPT and ACS patches with your own patches.
Good luck, and happy patching!