Gentoo Kernel build failed, No rule to make target

ian848uig · n00b Joined: 21 Sep 2023 Posts: 42 Location: Latin America

Hello everyone, Yesterday I started to do a new installation of gentoo with KDE Plasma + Gentoo Kernel manually compiled without Genkernel With SecureBoot, but when I try to compile sys-kernel/gentoo-kernel with make -j32 it fails.
I tried to pass information with make -j32 >> build.log but what was shown on the screen did not pass to the build.log. Even so, I was able to upload the information to Pastebin because I am in the middle of installing XUbuntu doing chroot (it is signed to boot with SecureBoot enabled) and I also want to do the functional installation with secureboot and with Shim.
Here is the problem:

xgivolari · Tux's lil' helper Joined: 26 Jul 2021 Posts: 102

Are you invoking make directly inside the source directory? gentoo-kernel is not supposed to be compiled like that. That method is meant for sys-kernel/*-sources. gentoo-kernel gets built via portage when you emerge it, just like any other source-based package. Check out the Kernel wiki page for more info.

Nowa · Posted: Wed May 29, 2024 1:32 pm Post subject:

As the previous poster already clarified, gentoo-kernel has already been built and installed by portage, make is not required. If you have enabled USE=secureboot, it is also already signed for you with the keys specified in make.conf.

You are far from the first person to try to 'make' a distribution kernel. Could you let us know which instructions made you try this so we can clarify the documentation?
_________________
OS: Gentoo 6.10.12-gentoo-dist, ~amd64, 23.0/desktop/plasma/systemd
MB: MSI Z370-A PRO
CPU: Intel Core i9-9900KS
GPU: Intel Arc A770 16GB & Intel UHD Graphics 630
SSD: Samsung 970 EVO Plus 2 TB
RAM: Crucial Ballistix 32GB DDR4-2400

ian848uig · n00b Joined: 21 Sep 2023 Posts: 42 Location: Latin America

I didn't know that, I think I confused the gentoo-source installation method with the gentoo-kernel.
I still want to configure the kernel, I use make menuconfig for that and what do I do with the .config? Also, after that I want to check that the secureboot thing is correct. I made the .pem with what was specified in the installation guide: https://wiki.gentoo.org/wiki/Handbook:AMD64/Installation/Kernel
_________________
I like everything that is Linux, free and open source software. I am a teenager

ian848uig · n00b Joined: 21 Sep 2023 Posts: 42 Location: Latin America

I also concentrated on signing the kernel, so that it is not blocked.
I won't reboot yet, I still need to finish the chroot installation
_________________
I like everything that is Linux, free and open source software. I am a teenager

Nowa · Posted: Wed May 29, 2024 7:57 pm Post subject:

To switch to the manual method, while keeping your config:
emerge gentoo-sources
cp /usr/src/linux-x.y.z-gentoo-dist/.config /usr/src/linux-x.y.z-gentoo/.config
emerge --depclean gentoo-kernel

And proceed with the steps as described in the handbook.

Note that for secureboot to be effictive you'll want to enable several config options to ensure that the verified kernel stays in a verified state. This is done automatically by gentoo-kernel when the secureboot flag is enabled. I'm actually not sure this is documented anywhere, but you can find the config snippet we apply here: https://github.com/projg2/gentoo-kernel-config/blob/master/secureboot.config
_________________
OS: Gentoo 6.10.12-gentoo-dist, ~amd64, 23.0/desktop/plasma/systemd
MB: MSI Z370-A PRO
CPU: Intel Core i9-9900KS
GPU: Intel Arc A770 16GB & Intel UHD Graphics 630
SSD: Samsung 970 EVO Plus 2 TB
RAM: Crucial Ballistix 32GB DDR4-2400

ian848uig · n00b Joined: 21 Sep 2023 Posts: 42 Location: Latin America

I planned this installation to be with gentoo-kernel instead of gentoo-sources, because it is tiring for me to update gentoo-source and have to reconfigure the entire .config, and if I don't want to update constantly, there are several kernels in /usr/src and I don't want /usr to be filled, so I want to be able to configure gentoo-kernel with the configurations of my preference and have the old kernels removed instead of filling /usr
_________________
I like everything that is Linux, free and open source software. I am a teenager

Nowa · Posted: Thu May 30, 2024 9:53 am Post subject:

ian848uig · n00b Joined: 21 Sep 2023 Posts: 42 Location: Latin America

Now I'm trying to make GRUB valid so that SecureBoot doesn't block it during boot.
But thanks for the suggestion
_________________
I like everything that is Linux, free and open source software. I am a teenager

ian848uig · n00b Joined: 21 Sep 2023 Posts: 42 Location: Latin America

In the end, even if I signed grubx64.efi, it always showed "Secure Boot Violation" and I used the .pem that I generated with OpenSSL.
For now I deactivated it, I will try again later.
_________________
I like everything that is Linux, free and open source software. I am a teenager

Nowa · Posted: Sat Jun 01, 2024 7:20 am Post subject:

ian848uig · n00b Joined: 21 Sep 2023 Posts: 42 Location: Latin America

First of all mokutil doesn't show anything in the terminal, and efibootmgr shows \EFI\Gentoo\grubx64.efi.
also the shimx64.efi is not there.
_________________
I like everything that is Linux, free and open source software. I am a teenager

Nowa · Posted: Sun Jun 02, 2024 9:30 am Post subject:

Well that explains why it doesn't work. To fix the problem:
- Copy shimx64.efi and mmx64.efi (from sys-boot/shim) into \EFI\Gentoo
- Create a new entry for shimx64.efi with efibootmgr
- mokutil --import <your der format key here>
- reboot and complete import process
- enable secure boot

The procedure is described in more detail in the bootloader section of the handbook
_________________
OS: Gentoo 6.10.12-gentoo-dist, ~amd64, 23.0/desktop/plasma/systemd
MB: MSI Z370-A PRO
CPU: Intel Core i9-9900KS
GPU: Intel Arc A770 16GB & Intel UHD Graphics 630
SSD: Samsung 970 EVO Plus 2 TB
RAM: Crucial Ballistix 32GB DDR4-2400

ian848uig · n00b Joined: 21 Sep 2023 Posts: 42 Location: Latin America

I find that in /usr/share/shim there is no shimx64.efi nor its variants for the other architectures, but there are BOOTX64.EFI, BOOTIA32.EFI, mmia32.efi and mmx64.efi
_________________
I like everything that is Linux, free and open source software. I am a teenager

Nowa · Posted: Sun Jun 02, 2024 5:22 pm Post subject:

ian848uig · n00b Joined: 21 Sep 2023 Posts: 42 Location: Latin America

Well, the official gentoo shim wiki doesn't name this what it tells me.
_________________
I like everything that is Linux, free and open source software. I am a teenager

ian848uig · n00b Joined: 21 Sep 2023 Posts: 42 Location: Latin America

I tried, but when I import the .der and restart and activate SecureBoot, shim semi-crashes GRUB showing the following message:

Nowa · Posted: Tue Jun 04, 2024 6:17 am Post subject:

GRUB is a modular bootloader, but it is not allowed to load modules when secure boot is enabled. Have you compiled all the modules you need into the grub efi executable so it does not have to load them at runtime? The procedure is described here: https://wiki.gentoo.org/wiki/Handbook:AMD64/Installation/Bootloader#Optional:_Secure_Boot

When using secure boot it is a lot easier to use systemd-boot or rEFInd, both packages implement the secureboot use flag so the bootloader will be signed automatically and there is no need to worry about modules. The procedure to boot both via shim is described on the respective wiki's.
_________________
OS: Gentoo 6.10.12-gentoo-dist, ~amd64, 23.0/desktop/plasma/systemd
MB: MSI Z370-A PRO
CPU: Intel Core i9-9900KS
GPU: Intel Arc A770 16GB & Intel UHD Graphics 630
SSD: Samsung 970 EVO Plus 2 TB
RAM: Crucial Ballistix 32GB DDR4-2400