AI摘要:本文介绍了为oppor9s编译lxc-docker内核的过程。作者使用Debian 12系统进行环境搭建,并详细列出依赖安装、内核源码选择、配置文件修改及编译步骤。编译过程中,作者分享了多项配置调整和修补程序,最终成功打包内核并通过TWRP刷入手机。文章还提到在使用Docker时遇到的一些问题,如存储驱动选择和docker启动失败,并给出了相应的解决方案。
前言
手机有一个闲置的oppor9s,最近心血来潮想编译内核试试,结果吗真是瞎折腾一通,费心费力还没啥用。
环境搭建及准备
linux系统
我用的是debian12,编译这种老内核可能用ubuntu20.04好一点 
依赖安装及工具选择
sudo apt install bc bison build-essential ccache curl flex g++-multilib gcc-multilib git git-lfs gnupg gperf imagemagick lib32ncurses5-dev lib32readline-dev lib32z1-dev libelf-dev liblz4-tool libncurses5 libncurses5-dev libsdl1.2-dev libssl-dev libxml2 libxml2-utils lzop pngcrush rsync schedtool squashfs-tools xsltproc zip zlib1g-dev adb fastboot -y
编译工具使用android-ndk-r13b-linux-x86_64,python版本使用python2.7,新一点的linux可能需要编译安装了,具体请问ai
内核源码
源码使用android_kernel_oppo_msm8953的android-8.1.0分支
内核编译
下载一键脚本及anykernel
git clone https://github.com/tomxi1997/lxc-docker-support-for-android.git utils
git clone https://github.com/tomxi1997/AnyKernel3将 source "utils/Kconfig" 添加到根目录Kconfig
#
# For a description of the syntax of this configuration file,
# see Documentation/kbuild/kconfig-language.txt.
#
mainmenu "Linux/$ARCH $KERNELVERSION Kernel Configuration"
config SRCARCH
string
option env="SRCARCH"
source "utils/Kconfig"
source "arch/$SRCARCH/Kconfig"arch/arm64/configs/r9s_defconfig修改
# CONFIG_ANDROID_PARANOID_NETWORK is not set
CONFIG_DOCKER=y
CONFIG_OF_OVERLAY=y
CONFIG_OVERLAY_FS_REDIRECT_DIR=y
注意需要将CONFIG_PRONTO_WLAN的值由y修改为m,不然无法编译出wlan.ko文件
net/netfilter/xt_qtaguid.c补丁
--- net/netfilter/xt_qtaguid.c 2023-07-02 00:07:55.000000000 +0800
+++ net/netfilter/xt_qtaguid.c 2023-07-02 05:20:40.000000000 +0800
@@ -738,7 +738,7 @@ static int iface_stat_fmt_proc_show(stru
{
struct proc_iface_stat_fmt_info *p = m->private;
struct iface_stat *iface_entry;
- struct rtnl_link_stats64 dev_stats, *stats;
+ struct rtnl_link_stats64 *stats;
struct rtnl_link_stats64 no_dev_stats = {0};
@@ -747,12 +747,7 @@ static int iface_stat_fmt_proc_show(stru
iface_entry = list_entry(v, struct iface_stat, list);
- if (iface_entry->active) {
- stats = dev_get_stats(iface_entry->net_dev,
- &dev_stats);
- } else {
- stats = &no_dev_stats;
- }
+ stats = &no_dev_stats;
/*
* If the meaning of the data changes, then update the fmtX
* string.scripts/dtc/dtc-lexer.lex.c_shipped修改
文件640行由YYLTYPE yylloc;修改为extern YYLTYPE yylloc;
开始编译
export PATH=$PATH:~/kernel/android-ndk-r13b/toolchains/aarch64-linux-android-4.9/prebuilt/linux-x86_64/bin
export CROSS_COMPILE=aarch64-linux-android-
export ARCH=arm64
make O=out r9s_defconfig
make O=out -j4
工具路径根据实际情况来,脚本开的好像存在遗漏,可以自己用check-config.sh检查一遍,个人开完效果如下
info: reading kernel config from .config ...
Generally Necessary:
- cgroup hierarchy: cgroupv2
Controllers:
- cpu: available
- cpuset: available
- io: available
- memory: available
- pids: available
- apparmor: enabled and tools installed
- CONFIG_NAMESPACES: enabled
- CONFIG_NET_NS: enabled
- CONFIG_PID_NS: enabled
- CONFIG_IPC_NS: enabled
- CONFIG_UTS_NS: enabled
- CONFIG_CGROUPS: enabled
- CONFIG_CGROUP_CPUACCT: enabled
- CONFIG_CGROUP_DEVICE: enabled
- CONFIG_CGROUP_FREEZER: enabled
- CONFIG_CGROUP_SCHED: enabled
- CONFIG_CPUSETS: enabled
- CONFIG_MEMCG: enabled
- CONFIG_KEYS: enabled
- CONFIG_VETH: enabled
- CONFIG_BRIDGE: enabled
- CONFIG_BRIDGE_NETFILTER: enabled
- CONFIG_IP_NF_FILTER: enabled
- CONFIG_IP_NF_MANGLE: enabled
- CONFIG_IP_NF_TARGET_MASQUERADE: enabled
- CONFIG_IP6_NF_FILTER: enabled
- CONFIG_IP6_NF_MANGLE: enabled
- CONFIG_IP6_NF_TARGET_MASQUERADE: enabled
- CONFIG_NETFILTER_XT_MATCH_ADDRTYPE: enabled
- CONFIG_NETFILTER_XT_MATCH_CONNTRACK: enabled
- CONFIG_NETFILTER_XT_MATCH_IPVS: enabled
- CONFIG_NETFILTER_XT_MARK: enabled
- CONFIG_IP_NF_RAW: enabled
- CONFIG_IP_NF_NAT: enabled
- CONFIG_NF_NAT: enabled
- CONFIG_IP6_NF_RAW: enabled
- CONFIG_IP6_NF_NAT: enabled
- CONFIG_NF_NAT: enabled
- CONFIG_POSIX_MQUEUE: enabled
- CONFIG_CGROUP_BPF: missing
Optional Features:
- CONFIG_USER_NS: enabled
- CONFIG_SECCOMP: enabled
- CONFIG_SECCOMP_FILTER: enabled
- CONFIG_CGROUP_PIDS: missing
- CONFIG_MEMCG_SWAP: enabled
(cgroup swap accounting is currently enabled)
- CONFIG_BLK_CGROUP: enabled
- CONFIG_BLK_DEV_THROTTLING: enabled
- CONFIG_CGROUP_PERF: enabled
- CONFIG_CGROUP_HUGETLB: enabled
- CONFIG_NET_CLS_CGROUP: enabled
- CONFIG_CGROUP_NET_PRIO: enabled
- CONFIG_CFS_BANDWIDTH: enabled
- CONFIG_FAIR_GROUP_SCHED: enabled
- CONFIG_IP_NF_TARGET_REDIRECT: enabled
- CONFIG_IP_VS: enabled
- CONFIG_IP_VS_NFCT: enabled
- CONFIG_IP_VS_PROTO_TCP: enabled
- CONFIG_IP_VS_PROTO_UDP: enabled
- CONFIG_IP_VS_RR: enabled
- CONFIG_SECURITY_SELINUX: enabled
- CONFIG_SECURITY_APPARMOR: enabled
- CONFIG_EXT3_FS: enabled
- CONFIG_EXT3_FS_XATTR: enabled
- CONFIG_EXT3_FS_POSIX_ACL: enabled
- CONFIG_EXT3_FS_SECURITY: enabled
- CONFIG_EXT4_FS: enabled
- CONFIG_EXT4_FS_POSIX_ACL: enabled
- CONFIG_EXT4_FS_SECURITY: enabled
- Network Drivers:
- "overlay":
- CONFIG_VXLAN: enabled
- CONFIG_BRIDGE_VLAN_FILTERING: enabled
Optional (for encrypted networks):
- CONFIG_CRYPTO: enabled
- CONFIG_CRYPTO_AEAD: enabled
- CONFIG_CRYPTO_GCM: enabled
- CONFIG_CRYPTO_SEQIV: enabled
- CONFIG_CRYPTO_GHASH: enabled
- CONFIG_XFRM: enabled
- CONFIG_XFRM_USER: enabled
- CONFIG_XFRM_ALGO: enabled
- CONFIG_INET_ESP: enabled
- CONFIG_NETFILTER_XT_MATCH_BPF: enabled
- "ipvlan":
- CONFIG_IPVLAN: missing
- "macvlan":
- CONFIG_MACVLAN: enabled
- CONFIG_DUMMY: enabled
- "ftp,tftp client in container":
- CONFIG_NF_NAT_FTP: enabled
- CONFIG_NF_CONNTRACK_FTP: enabled
- CONFIG_NF_NAT_TFTP: enabled
- CONFIG_NF_CONNTRACK_TFTP: enabled
- Storage Drivers:
- "btrfs":
- CONFIG_BTRFS_FS: enabled
- CONFIG_BTRFS_FS_POSIX_ACL: enabled
- "overlay":
- CONFIG_OVERLAY_FS: enabled
- "zfs":
- /dev/zfs: missing
- zfs command: missing
- zpool command: missing
Limits:
- /proc/sys/kernel/keys/root_maxkeys: 1000000--- Namespaces ---
Namespaces: enabled
Utsname namespace: enabled
Ipc namespace: enabled
Pid namespace: enabled
User namespace: enabled
newuidmap is not installed
newgidmap is not installed
Network namespace: enabled
Multiple /dev/pts instances: missing
Namespace limits:
cgroup: 7828
ipc: 7828
mnt: 7828
net: 7828
pid: 7828
time: 7828
user: 7828
uts: 7828
--- Control groups ---
Cgroups: enabled
Cgroup namespace: enabled
Cgroup v1 mount points:
Cgroup v2 mount points:
- /sys/fs/cgroup
Cgroup device: enabled
Cgroup sched: enabled
Cgroup cpu account: enabled
Cgroup memory controller: enabled
Cgroup cpuset: enabled
--- Misc ---
Veth pair device: enabled, loaded
Macvlan: enabled, not loaded
Vlan: enabled, not loaded
Bridges: enabled, loaded
Advanced netfilter: enabled, loaded
CONFIG_IP_NF_TARGET_MASQUERADE: enabled, not loaded
CONFIG_IP6_NF_TARGET_MASQUERADE: enabled, not loaded
CONFIG_NETFILTER_XT_TARGET_CHECKSUM: enabled, not loaded
CONFIG_NETFILTER_XT_MATCH_COMMENT: enabled, not loaded
FUSE (for use with lxcfs): enabled, loaded
--- Checkpoint/Restore ---
checkpoint restore: enabled
CONFIG_FHANDLE: enabled
CONFIG_EVENTFD: enabled
CONFIG_EPOLL: enabled
CONFIG_UNIX_DIAG: enabled
CONFIG_INET_DIAG: enabled
CONFIG_PACKET_DIAG: enabled
CONFIG_NETLINK_DIAG: enabled
File capabilities: enabledanykernel3打包
sed -i 's/do.devicecheck=1/do.devicecheck=0/g' AnyKernel3/anykernel.sh
sed -i 's/do.modules=0/do.modules=1/g' AnyKernel3/anykernel.sh
sed -i 's!BLOCK=/dev/block/platform/omap/omap_hsmmc.0/by-name/boot;!BLOCK=auto;!g' AnyKernel3/anykernel.sh
sed -i 's/is_slot_device=0;/is_slot_device=auto;/g' AnyKernel3/anykernel.sh
cp android-kernel/out/arch/${{ env.ARCH }}/boot/${{ env.KERNEL_IMAGE_NAME }} AnyKernel3/
cp android-kernel/out/drivers/staging/prima/wlan.ko AnyKernel3/modules/system/lib/modules/
cd AnyKernel3
zip -r R9s-lxc-docker.zip *刷入手机
使用twrp直接刷入,如果开机之后wifi停用检查一下/system/lib/modules/wlan.ko是否被替换,如果没有手动将R9s-lxc-docker.zip文件中modules替换到系统中。
个人使用的是lineageos14.1,root使用的是supersu,lxc系统使用的是debian12
存在问题
第一次进入lxc容器会发现docker启动失败,修改/etc/docker/daemon.json文件,添加"storage-driver": "overlay"或者"storage-driver": "vfs",之后重启一下docker即可,试过overlay2一直启动不起来,然后deepseek告诉我不支持 
