Kernel Vanilla Repositories

= kernel-vanilla packages for Fedora =

Overview
This page contains information about a set of package repositories on fedorapeople.org that contain RPMs of vanilla kernels built for Fedora. Vanilla in this scope means "unmodified", hence these packages do not contain any of those enhancements the Fedora developers integrate into the kernel packages that Fedora normally contains. Currently there is only one repository:


 * kernel-vanilla-stable for F16 (repo file) -- Latest kernel from the stable series (3.x.y)

There will be one more soon:


 * kernel-vanilla-mainline for F16 -- latest mainline development kernel (aka 3.x-rc series)

There is the rough idea for more:


 * kernel-vanilla-mainline for F17 -- latest mainline development kernel (aka 3.x-rc series)
 * kernel-vanilla-stable-testing for F16 -- 3.x.y-rc kernels could go here; might also be a good place to put new releases from the mainline (3.x) or stable series (3.x.y) here for a short while before moving them to kernel-vanilla-stable

To use those kernels download the repo file and put it in /etc/yum.repos.d/ and install the kernel you want with yum; the packages are signed with this key.

Please note a few important things:


 * none of the developers that maintain the Fedora kernel is involved in this effort
 * most systems work better and are run in a more secure manner with the official Fedora kernels
 * the usage instructions are brief on purpose; if you don't understand them, then you likely should not use these packages

For more information see the FAQ.

Who is behind this effort? Can we trust the people behind it?
Right now the kernel-vanilla repositories are maintained by Thorsten Leemhuis (aka "knurd") only. Hopefully a few other people join to help, that's why part of this text is written as if a team is keeping care of the repositories.

You have to decide yourself if you can trust the packages from these repositories. If it is any help: Some of those that use or contribute to Fedora since a while will know that Thorsten has quite a history of Fedora contributions, even if he was not that much active in the past two years. You can assume he has no interest in ruin his reputation quickly by providing crap in these repositories. On the other hand you should know that Thorsten started these repositories to learn more about the kernel and kernel development; so expect he'll make some mistakes along the way. And the vanilla kernels have some known downsides (see below)

What's the goal?
The main ideas is to help upstream development, which in the end will be of benefit for Fedora as well. With the packages from the mainline repositories it for example is quite easy to test kernels that are still under development and report bugs early. The kernels from the stable repositories on the other hand make it easy to check if a bug that happens with a kernel from Fedora is specific to it or also present in the newest vanilla kernel; if that is the case users can directly work with upstream on solutions for the problem and don't have to go through the overworked and quite busy developers that maintain the kernel packages in Fedora.

Are the kernels from the kernel-vanilla repositories as good as those Fedora provides?
No. There are several reasons for why not; the most important ones:


 * the developers that take care of the kernel package in Fedora are far more experienced in packaging kernels and kernel development than those that take care of the kernel-vanilla repositories
 * the kernels that get used in Fedora or released as proper update get a lot of testing; the kernels from the kernel-vanilla repositories get nearly no testing
 * some of the kernel-vanilla repositories contain kernels that are still under heavy development and sometimes are known to have serious bugs
 * the official Fedora kernels sometimes contain changes that fix security problems or other crucial bugs before they get upstream

But the non-development kernels found in the kernel-vanilla repositories should work fine for a lot of situations and often be round about as good as a self-compiled kernel.

Are the kernels safe to use?
Depends on your definition of "safe".

The Linux kernel is a complex piece of software which contains bugs. Those can lead to data loss or in very rare situations even lead to hardware defects. Those bugs might only show up under specific circumstances -- for example when a specific mix of hardware is used with a specific kernel version that was built with a specific configuration. It might be unlikely that such a bug is triggered by one of the non-development kernels from the kernel-vanilla repositories, but it's definitely possible. Self compiled kernels bear the same risk; chances of hitting serious bugs are lower for kernels that have undergone widespread testing already.

In other words: The kernels from the kernel-vanilla repositories will work just fine for most people. But use them on your own risk and have backups handy, as there is a small risk those kernels might damage your data or your system.

Should everything work with those kernels that works with the official Fedora kernels?
No. Vanilla kernels are not that different from the kernels Fedora provides, but the latter include a few enhancements. Each of them is there for a good reason.

When this text was written Fedora for example included utrace in their kernels to support userspace tracing with systemtap; that won't work with the kernels from the kernel-vanilla repositories. The kernels from Fedora sometimes include fresher drivers which some systems will require to work properly. And sometimes there are inter-dependencies between drivers in kernel and userland. The nouveau driver for graphics hardware from Nvidia is one such driver, as it has no stable API yet; that's why the DRM/KMS driver in the kernel is marked as "staging". The Mesa 3D or X.org drivers included in a particular Fedora release therefore might depend on the exact nouveau DRM/KMS driver which is part of the kernels Fedora ships for this release; thus the nouveau drivers for Mesa 3D and X.org that are part of a certain Fedora release might not work properly with kernels found in the kernel-vanilla repositories, as the latter might contain an older or newer nouveau DRM/KMS driver which are incompatible.

The non-development kernels found in the kernel-vanilla repositories therefore should work on a lot of systems, but on some systems they will be worse than the kernels Fedora provides.

Will this repository also ship updates userland components like drivers or udev that match the kernels in the repositories?
No, as there should be no need to, as the interfaces between the kernel and userland software should never change in an incompatible way; Linus Torvalds makes this pretty clear every now and then.

That is the long story short. There are a lot of situations where the world is more complicated:


 * above mentioned rule does not apply to staging drivers, so situations might arise where the vanilla kernels are not usable for people that need staging drivers for their system. Apart from the nouveau drivers that shouldn't bother to many people; and time will tell how bad the situation is for nouveau.
 * Fedora sometimes might contains software that depends on bits that are not upstream

And even with this rule sometimes a new mainline kernel versions brings changes that require updates userland software. Three examples:


 * the version number jump from 2.6.39 to 3.0 confused some software
 * in rare cases fixing security problems was only possible my changing the interfaces in an incompatible way
 * sometimes nobody notices early enough that interfaces have changed

It remains to be seen how often we hit such issues and how bad they are; how we deal with them will need to get discussed on a case by case basis. In some cases we might have to other solution then to add new versions of other software to the repositories. But the plan is to avoid this.

Do you plan to provide packages for "linux-next" or "linux-rt" as well?
For now: No. I know there is some interest in packages for them, but maintaining those will consume a lot of time regularly and we have not enough resources to do it properly right now.

The CCMA people also build RT kernels already and it might be the best for everyone to not compete with them and simply ignore RT here.

Packaging -next kernels might not be a good idea in general; it might be wise to leave -ext to people that hand build kernels.

But get in contact if you think investing time in these makes sense.

Do you plan to provide vanilla kernels for RHEL and derivatives like CentOS and SL?
Sounds like a good addition. But it will result in additional work, too; and we currently have no one that would regularly run such kernels. So for now we won't get our feet wet in that area. But if you want to step up and help, get in contact.

Do you plan to provide packages for longterm kernels
Unlikely. Mail goal of the kernel-vanilla repositories is to help upstream kernel development; but longterm kernels are a dead end and quite far away from mainline development, so they would not fit that well. But it might make sense for RHEL and derivatives, if those will ever be supported.

What configuration do those kernels use?
Basically the same configuration the Fedora kernels use. Maybe a few staging drivers might get turned on to help their development, but apart from it the plan is to stick closely to what Fedora does.

Why don't you put these kernels in Fedoras main repositories
I tend to think it's not a good idea, as that would make them more "official" and people might simply use those packages without knowing what their downsides are.

That's the long story rough and short. And sure, there are reasons why having vanilla kernels in the main repositories make sense. Feel free to start a discussion on Fedoras devel mailing list, we'll watch and might jump in.

Putting the kernels in a well know 3rd party add-on repository for Fedora might make sense, but some of the problems would be similar; and there are others problems,as then users might ask to build add-on modules for those kernels, too. In other words: Would need discussion and careful evaluation.

Are those kernels really unpatched?
No, they contain a handful of very small changes that are needed for packaging.

From time to time the packages might use patches that are neccessary temporary to make the kernel build or usable for most people; fixes like these will normally head upstream quickly and then get removed from the vanilla packages again. And this normally should only happen with mainline development kernels, not with stable versions.

How up2date will those repositories be?
Time will tell, but we do the work in our spare time. Sometimes the day job and this strange thing called "real life" leave not much time to work on these kernels, so there will be a lag.

Can you please include this patch?
No. Get your patch merged upstream, then the change you are interested in will automatically show up in these packages (and in Fedora, too)

Is there a Git tree somewhere?
Sure.

Let us know if we should do modifications to allow others to contribute to or benefit from this git tree better.

What Fedora versions will be supported
The plan is to support the most recent Fedora version for the stable and mainline repositories. The latter will also be provides for the distribution that is currently under development (rawhide on the first half of a devel cycle iteration or the alpha/beta/rcs in the second half)

Why are there no debug kernels and not even debuginfo packages
The space on repos.fedoraprople.org is limited, hence limiting the number of kernels we can provide. The debuginfo packages are also quite big, which makes them hard to handle. Hopefully in the short or medium timeframe solutions can be found to provide these packages.

Why don't you commit your changes to Fedora's kernel git repo on pkgs.fedoraproject.org?
Maybe that would make sense. But it bears the risk that a commit is done to a wrong branch and disturbs the work of the Fedora kernels maintainer. Further: Not all of those that contribute to Fedora can commit there. That's similar with the fedorapeople git repository, but the docs indicate others can be given access with the help of ACLs.

But whatever: Git is made for distributed development and it's likely not a big deal where the git repo lives.

Can I help
Of course. Talk to Thorsten; best if you come with some ideas what you can and want to do.

Do you plan to work together with those that take care of the kernel packages in Fedora?
Definitely. But it remains to be seen how it looks like in practice.

Please stop providing alternative kernel packages, they take attention away from the kernels Fedora provide and thus harm Fedora!
That's a valid concern, but I think the benefits outweigh the downsides.

That again is the long story short. Just to get a little bit deeper into it: Similar arguments could be used to argue that Fedora should stop shipping patched kernels, as those take attention away from the upstream kernel. Up to a point such an argument is valid, too, but there are good reasons why Fedora patches its kernels.

Maybe in the long term Fedora can ship vanilla kernels as regular kernel. That would be best for all, but a goal that is would take quite some effort to reach. Might be worth start a discussion on Fedoras devel mailing list how to get closer to that goal.

Why did you drop the "-vanilla" postfix that normally gets added to the "name" macro when you build a vanilla kernel RPM locally?
I've thought about dropping or leaving it for a while, as both schemes have various benefits and downsides. In the end I went for dropping it due to reasons like this:


 * nearly every other repository in Fedoraland that ships variants of a packages that is included in Fedora does not change the name
 * the postfix breaks things like "fedpkg srpm" on the git checkout
 * external solutions that heavily depend on the naming scheme fedora used (like the kmod stuff used in some external repositories) should just work
 * yum would not recognize kernel packages with a "-vanilla" postfix as "installonly" and thus would perform a regular update for vanilla packages instead of installing them parallel to the current one