- How I Built The Hyper^Linux Kernel With Debian Bullseye 11.9 -
Hello, this is my guide showing how I built a system using a custom linux kernel, I call
it Hyper^Linux now, and debian, for the best gaming performance linux can offer right now!
It details mainly the base systems configuration, and installation. I tried
to keep it short, because it can get very large/complex trying to add notes about every thing.
I chose Bullseye, with an aim to get the best base system responsibility, and to use upstream
repositories to get the newest software for critical components such as the graphics drivers,
wine and wine dependencies, firefox, as well as the 5.10 kernel to be customized into a
high performance system kernel I call Hyper^Linux.
I have been working with linux for over ten years now, and have built a couple
custom gaming computers. (Not an expert, also very poor) This guide is applicable
for just about every typical consumer gaming computer, that use intel/amd cpu's.
Everyone should attempt to customize every aspect, however, for their unique hardware!
updated 4/16/24
- System Specs -
Z390 Phantom Gaming 4S Motherboard
Intel Core i7-9700k CPU @ 3.60GHz (with watercooling)
2x DDR4 G.Skill 8GB RAM
NVIDIA GeForce RTX 3060 Ti GPU
NVME M.2 SSD 1TB Hard Drive
( Can't recommend intel or Nvidia, wish I used amd for my custom build now!
Nvidia throttles performance via programming for linux with their proprietary drivers.
Amd cpu's have better performance for the types of games that work with linux, which tend
to be older, and lack the newest anti-cheat software )
- Getting The Live CD and Preparing a USB for installation with it -
The Live CD(xfce) I used for the base install is from this page in Debians cd image archive
https://cdimage.debian.org/mirror/cdima ... so-hybrid/
I prepared a usb with it like this...
made a gpt partition table on the usb /dev/sda -> formatted to fat32
sudo dd if=debian-live-11.9.0-amd64-xfce.iso of=/dev/sda bs=2M oflag=direct status=progress; sync
- Debian Bullseye 11.9 System and Installation Configuration For Hyper^Linux -
From BIOS system menus...
Enabled Multi Core Enhancement (Perform the Highest CPU Frequency On All Cores At The Same Time)
Disabled Intel Virtualization Technology
Disabled Intel SpeedStep, Turbo Boost, and Speed Shift
Disabled Software Guard Extensions(SGX)
Disabled All CPU C-states
Disabled vt-d
Disabled Led's
Disabled the High Precision Event Timer
Disabled Suspend to RAM
Disabled Security Device Support
Disabled Secure Boot
Disabled Intel Platform Trust Technology
Disabled Fast Boot
Booted the live cd in Bios mode by pressing f11 to open up the boot menu at startup and using
USB: Generic Flash Disk to boot into Bios mode NOT Uefi mode, which the flash disk has an entry
for that looks like this... UEFI: Generic Flash Disk
Installed f2fs-tools to make an f2fs filesystem which is good for SSD Drives
sudo apt update && sudo apt install f2fs-tools -y
Started the Calamares installer
Made a gpt partion table on my NVME SSD drive
Made an 8MB unformatted partition labled bios/grub
Made a 4096MB ext4 partition mounted on /boot
Made the root partition with remaining space f2fs mounted on /
Installed without issues, and rebooted
- Debian Base Install Preparation For The Hyper^Linux Kernel -
sudo mousepad /etc/apt/sources.list
deb http://deb.debian.org/debian bullseye main contrib non-free
deb http://deb.debian.org/debian bullseye-updates main contrib non-free
deb http://security.debian.org/debian-security/ bullseye-security main contrib non-free
deb http://deb.debian.org/debian bullseye-backports main contrib non-free
#deb http://deb.debian.org/debian bookworm main contrib non-free
Applications -> Settings -> Window Manager Tweaks -> Compositor -> on -> off
Applications -> Settings -> Workspaces -> Number Of Workspaces -> 4 -> 1
Applications -> Settings -> Power Manager -> All settings off, except Let power manager manage power
Applications -> Settings -> Session and Startup -> Turned everything off except...
AT-SPI-DBUS, Network, Policy Kit Authentication Agent, Power Manager, Pulse Audio Sound System,
Screen Locker, Xfce Notification Daemon, Xfce Settings Daemon
sudo systemctl disable --now exim4 cups cups-browsed anacron avahi-daemon apparmor cron
sudo nano -w /etc/fstab
# /etc/fstab: static file system information.
#
# Use 'blkid' to print the universally unique identifier for a device; this may
# be used with UUID= as a more robust way to name devices that works even if
# disks are added and removed. See fstab(5).
#
# <file system> <mount point> <type> <options> <dump> <pass>
UUID=9b21d0f3-ec91-4a43-95t3-ce33av5b1836 /boot ext4 defaults,noatime 0 2
UUID=48447d57-f15e-4055-a46f-e7c07cf9afdh8 / f2fs fastboot,lazytime 0 0
sudo mousepad /etc/systemd/journald.conf
[Journal]
Storage=none
sudo dpkg --add-architecture i386
sudo apt update
sudo apt install gufw gparted timeshift galculator -y
sudo apt upgrade
sudo mousepad /etc/hosts.deny
ALL: ALL
Installed the latest firefox from mozillas debian repository following the instructions here...
https://support.mozilla.org/en-US/kb/in ... tributions
( To properly use firefox it actually needs to be isolated inside a virtualbox
with all downloads separated from the base system )
( For my build however, I have disabled virtualization in order to get the best gaming performance )
Made a root account for building and installing the kernel
sudo passwd
sudo reboot
- Dependencies for building the kernel -
sudo apt install bc binutils bison dwarves flex gcc git gnupg2 gzip libelf-dev libncurses5-dev libssl-dev make openssl perl-base rsync tar xz-utils
Had to get pahole like this(because of package conflict)
sudo apt install -t bullseye-backports pahole
- Preparing the Source and Building Hyper^Linux -
Grabbed the tarball for 5.10 here on the front page of kernel.org
https://cdn.kernel.org/pub/linux/kernel ... 215.tar.xz
Extracted it in my home directory
can do it with tar -xf linux-5.10.215.tar.xz
or right click -> extract
# Entered the extracted source folder in the home directory
cd ~/linux-5.10.215/
# Copied the default kernel .config from bullseye into the source folder(the working directory)
cp -v /boot/config-$(uname -r) .config
# Loaded all hardware intended for future useage, such as external drives,
# usb's, and peripherals to build kernel modules
# customized to fit the base system
# Became root to configure, build the kernel, it's modules, and headers, and install it.
su
# Used localmodconfig to create module configuration based on the local system, and the modules
# currently loaded, which are needed for usb's, external drives, and everything else
make localmodconfig
# it also prompts about configuration options that have changed compared to the default
# bullseye .config, and updates the .config file
# The general idea is to disable every thing, except what is necessary, and the default
# .config has enabled most of what is necessary, so hitting enter(default) is the safe
# setting, unless it is something you know you do not need.
(anything not listed left as default(enter))
RFDS Mitigation (MITIGATION_RFDS) [Y/n/?] (NEW) n
nVidia Framebuffer Support (FB_NVIDIA) [N/m/y/?] (NEW) y
Enable DDC Support (FB_NVIDIA_I2C) [N/y/?] (NEW) y
Lots of debug output (FB_NVIDIA_DEBUG) [N/y/?] (NEW) n
Support for backlight control (FB_NVIDIA_BACKLIGHT) [Y/n/?] (NEW) y
nVidia Riva support (FB_RIVA) [N/m/y/?] (NEW) n
# then started up make menuconfig to customize the .config further
# anything not listed left as default
# I also go through almost every single menu item to make changes...
make menuconfig
# General Setup
Local Version -> Hyper^Linux
High Resolution Timer Support -> disabled
Timer tick rate -> Periodic timer ticks (constant rate)
Preemption Model -> Preemptible Kernel (Low Latency Desktop)
CPU/Task time and stats accounting -> all disabled
Numa Scheduler -> disabled
Disable Heap Randomization enabled
Choose SLAB Allocator -> SLOB (simple allocator)
Page Allocator Randomization -> disabled
# Processor Type and Features
(disabled options for amd, because I have intel cpu)
(also disabled NUMA options)
Linux guest support -> disabled
Timer frequency -> 1000 HZ
Randomize The Address Of The Kernel Image (KASLR) -> disabled
Kernel Live Patching -> disabled
# Mitagations For Speculative Execution Vulnerabilities -> disabled
# Power Management and ACPI Options
Suspend to RAM and suspend -> disabled
Hibernate -> disabled
Energy Model For CPU's -> disabled
## CPU Frequency Scaling
Default CPUFreq Governor -> performance
## CPU Idle
Menu Governor -> disabled
# Virtualization -> disabled
# General Architecture Dependent Options
Stack Protector buffer overflow detector -> disabled
Use a virtually-mapped stack -> disabled
# IO Schedulers
Kyber -> built in (*)
# Memory Management Options
Allow for memory hot-add -> disabled
Enable KSM for page merging -> disabled
Transparent Huge Pages Support -> disabled
# Networking support
Amateur radio support -> disabled
# Device drivers
NVME Support -> built in (*) (because I use an nvme type ssd)
Macintosh device drivers -> disabled
Virtualization drivers -> disabled
Virtio drivers -> disabled
VHOST drivers -> disabled
# File Systems
The Extended 4 (ext4) File System -> built in (*)
Btrfs -> disabled
F2FS -> built in (*)
NT File Systems -> MSDOS+VFAT -> Module
Network File Systems -> disabled
# Security Options
Enabled Intel Trusted Execution Technology -> disabled
Harden common str/mem functions against buffer overflows -> disabled
NSA SELinux support -> disabled
TOMOYO Linux support -> disabled
AppArmor -> disabled
Yama support -> disabled
Integrity subsystem -> (probably should be disabled, haven't tested yet)
Enable heap memory zeroing on allocation by default -> disabled
# Kernel Hacking
Tracers -> disabled
( And now you can go back to general settings at the top
and turn off auditing support which was locked initially)
Auditing support -> disabled
save -> .config -> enter -> exit
#Notes on Hyper^Linux .config
#This is a work in progress, this is the 7th time I've built it, and have tried it
#with different systems/distro's and different options, it definitely needs to be optimized more!
#It's honestly ridiculous how much stuff is built in by default, most of the things we do not need,
#in previous guides I tried to explain the various options, to emphasize this point,
#and explain options that would be useful for alternate hardware/system setups...
#Can use "Help" from make menuconfig to learn about every option
#I didn't add details about my thought process for all the various options, because it
#is very time consuming, and takes up a lot more space. I wanted a shorter guide...
# and the guide I used that this is based on also recommends...
https://itsfoss.com/compile-linux-kernel/
"Debian and its derivatives use a certificate to sign the kernel modules.
This certificate, by default, is absent on your computer.
I recommend disabling the option that enables module signing.
It can be achieved with the following commands:"
./scripts/config --file .config --disable MODULE_SIG
# then the command to build the kernel, with the number of processors available
# this gives you enough processing time(CPU) to still use firefox(with one/two tabs)
# or listen to music if you want, but running too many processes' simultaneously
# will break the build. It doesn't take long to build an optimized kernel like Hyper^Linux
# but it takes a long time to configure it, and learn about everything.
make -j$(nproc)
make modules_install -j$(nproc)
make headers_install
make install
(I also added make headers_install which is necessary for the nvidia driver to properly
build it's modules against our kernel)
# If there are no error messages after make install, the base system is ready
# to use the Hyper^Linux kernel and install graphics drivers, libraries, games.
dpkg: warning: version '5.10.215Hyper^Linux' has bad syntax: invalid character in version number
# this is fine ; )
- Uninstalling the kernel/rebuilding/reoptimizing -
## Remove kernel modules
$ rm -rf /lib/modules/<kernel_release>-<localversion>
## Remove device-tree binaries
$ rm -rf /boot/dtb-<kernel_release>-<localversion>
## Remove the Linux kernel itself
$ rm -vf /boot/{config,System,vmlinuz}-<kernel_release>-<localversion>
# and rebuilding is really simple, I leave the kernel source in my home directory
# and I can reconfigure, rebuild, reinstall it later if I want
# For a truly clean reinstall, grab the kernel tarball from kernel.org
# and restart the entire process
- Installing the Nvidia graphics driver -
# I got the 550 driver from here
https://www.nvidia.com/Download/driverR ... 426/en-us/
# It has a readme here
http://us.download.nvidia.com/XFree86/L ... index.html
Rebooted into run level 3 to install the driver (a terminal)
from the grub menu at startup pressed e after selecting the Hyper^linux kernel
then after the line where it says vmlinuz....root=....ro...
added the number 3
and pressed f10 to boot it
(this is how you edit the kernel command line temporarily)
installed it's dependencies like this
sudo apt install pkg-config libglvnd-dev -y
# and ran the installer paying attention to it's prompts
sudo sh ./NVIDIA-Linux-x86_64-550.67.run
(yes install 32bit library support, yes rebuild initramfs, yes update x-config, reboot)
- More Hyper^Linux Notes -
- winehq -
Linux gaming essentially revolves around the three pillars of the linux kernel,
graphics drivers, and wine. Make sure to use the wine repositories they actually make available
for debian based distributions, as well as others, to get their upstream packages,
for the best gaming support, similarly to getting newer graphics drivers. I chose to
use the 5.10 kernel specifically in this case, because we can get away with older kernels.
Generally older software actually performs extremely well with newer hardware. (the best)
Install instructions, for it's apt repository are here...use the stable branch
https://wiki.winehq.org/Debian
- Kernel Command Line -
https://www.kernel.org/doc/html/v5.10/
https://www.kernel.org/doc/html/v5.10/a ... eters.html
- Tweaking Nvidia for Hyper Speed! -
work in progress, hopefully we get a new driver basically, because right now their
driver is clearly throttling our performance on linux unfairly
- Future Hyper^Linux Builds -
I started making .configs that I thought would be applicable to most people's pc's if
they were into gaming, and had standard amd/intel computers, but my original purpose
which was simply to make a good guide for configuring the kernel for gaming pc's,
is more appropriate. I think it's better that people learn to use proper sources,
such as kernel.org and nvidia's website, for example, "upstream sources" to install
the critical components of their system, and learn to configure them themselves.
- Patching Hyper^Linux -
Kernel patches can be added pretty easily, such as from other projects devoted
to improving the kernel's performance. Our really big bottleneck right now
is clearly the graphics drivers.
- Further Improving Performance -
Good Luck!
- Other notes -
nouveau doesn't properly load(with newer cards I guess or it's a conflict with my bios non-uefi setup) with the 5.10 default
or the 5.10 Hyper^Linux kernel, so I had to install the nvidia driver to get proper graphics support after all.
Firefox is basically not-safe whatsoever at this point, and needs to be run in a virtualbox to safely download files from the internet,
so for this setup, which has virtualization turned off for improved gaming performance, we might even do something like only use
wget with copied hyperlinks to download anything from the internet, to bypass it's built-in vulnerabilities to advanced web based exploitation.
- Security mitigations for Hyper^Linux -
work in progress...
- Fixups -
Haven't done enough testing with SLOB as the memory allocator, but I think it might be bad, it's meant
for embedded systems I believe, so it could be that SLAB is more appropriate...I'm experimenting with
that right now still..
Steam has it's own debian-way for being installed appropriately, and it also updates itself so I
just use steam from apt. it needs namespaces to work appropriately, which is built into the kernel by default.
Lutris in bullseye is version 0.5.8.3 and in backports there is 0.5.12 so in order to get the latest lutris, I use
it's page on github, after first using sudo apt install lutris, in order to pull in some of it's dependencies, then
I download the .deb from github, install it's dependencies, and then install it like this...
https://github.com/lutris/lutris/releases
sudo apt install vulkan-tools python3-gi-cairo
sudo dpkg -i lutris_0.5.17_all.deb
Also using the nvidia-driver package from the bullseye repo is something I would like to test out, but probably
will never get around to, because it provides us with unique performance compared to the newer drivers,
which are like a lateral upgrade.
the latest wine sync is in wine 9, and does have a kernel patch to be used in order to be taken advantage of, and that is one of the biggest developments for gaming recently...have to get that working...
Thankfully Bullseye, called "oldstable" now too, since bookworm is the stable version of debian right now 4/16/24
is actually like the real stable in my opinion, or super stable, so I think it will be really good for a long time actually, if I can manage to keep pulling what I want from upstream...work in progress!
- Updating gaming libraries using Bookworm repositories -
So some libraries gaming programs use can be pulled from bookworm and that is done by commenting out the sources for bullseye in /etc/apt/sources.list
and adding this line, updating apt, and installing like this...this might not work in the future, so pay attention to what is installed, and attempt to install steam/lutris
from bullseye first, and then use these commands to update their libraries pulling from the bookworm repository...
deb http://deb.debian.org/debian bookworm main contrib non-free
sudo apt install steam
sudo apt install libvulkan1
- another lutris fix -
if you have a problem with lutris after installing libvulkan1 from bookworm than try using the older lutris wine versions clicking the gear icon and the box icon next to wine in lutris
having a lot of weird CPU behavior in bullseye 11.9 that I never had in older versions of it prior to bookworm... guess needs more testing! It's as if spread spectrum is on in BIOS even though it's disabled, gave it a reboot with Hyper^Linux, and the apparent problem disappeared.
- commands for monitoring system performance, and what I see for my system -
(top with a delayed update to more easily identify misbehaving processes')
top -d 5
top showing 539 MB ram usage (with bookworm and the same setup it was around 879MB)
sudo cat /proc/cpuinfo | grep MHz
and all my cores are running at max(non-overclocked speed for endurance and stability simultaneously)
- More Solutions -
So I actually discovered the 5.10 kernel in bullseye has really strange performance problems with the Hyper^Linux config and the latest nvidia driver, I imagine, that it would
work better for those who want to try working with it, with the driver in the bullseye repo, installed via sudo apt install nvidia-driver, so I went ahead and tried something new, and now I rebuilt the Hyper^Linux config with the latest current release of the kernel from kernel.org 6.8 and reinstalled the nvidia driver, and am now getting stellar typical performance. Having tested linux many times in the past (many many times) I can say with certainty there are certainly good driver/kernel/distro combo's and bad combo's. I've tested the bookworm kernel 6.1 with the latest nvidia driver most recently and had stellar performance as well, and in the past have used the 5.15 kernel that used to be in bullseye with the 470 nvidia driver, and had a great experience with that combo, which is why I wanted to use the 5.10 kernel that's in bullseye now. I think I'm starting to see some library issues coming to the surface, but I am going to keep pushing ahead because this is the lightest xfce environment we can get basically with a nice stable distro like debian.
If you have nvidia problems, the nvidia installer from nvidia's website is actually super useful, and will do everything for you automatically if you just keep booting into runlevel 3 and running the installer repeatedly: such as blacklisting the nouveau module for you, uninstalling nvidia for you, reinstalling nvidia for you, and resolving your missing 32 bit libraries if you forgot to add 32 bit library support with sudo dpkg --add-architecture i386 && sudo apt update
sudo sh ./NVIDIA-Linux-x86_64-550.67.run
Hello, this is my guide showing how I built a system using a custom linux kernel, I call
it Hyper^Linux now, and debian, for the best gaming performance linux can offer right now!
It details mainly the base systems configuration, and installation. I tried
to keep it short, because it can get very large/complex trying to add notes about every thing.
I chose Bullseye, with an aim to get the best base system responsibility, and to use upstream
repositories to get the newest software for critical components such as the graphics drivers,
wine and wine dependencies, firefox, as well as the 5.10 kernel to be customized into a
high performance system kernel I call Hyper^Linux.
I have been working with linux for over ten years now, and have built a couple
custom gaming computers. (Not an expert, also very poor) This guide is applicable
for just about every typical consumer gaming computer, that use intel/amd cpu's.
Everyone should attempt to customize every aspect, however, for their unique hardware!
updated 4/16/24
- System Specs -
Z390 Phantom Gaming 4S Motherboard
Intel Core i7-9700k CPU @ 3.60GHz (with watercooling)
2x DDR4 G.Skill 8GB RAM
NVIDIA GeForce RTX 3060 Ti GPU
NVME M.2 SSD 1TB Hard Drive
( Can't recommend intel or Nvidia, wish I used amd for my custom build now!
Nvidia throttles performance via programming for linux with their proprietary drivers.
Amd cpu's have better performance for the types of games that work with linux, which tend
to be older, and lack the newest anti-cheat software )
- Getting The Live CD and Preparing a USB for installation with it -
The Live CD(xfce) I used for the base install is from this page in Debians cd image archive
https://cdimage.debian.org/mirror/cdima ... so-hybrid/
I prepared a usb with it like this...
made a gpt partition table on the usb /dev/sda -> formatted to fat32
sudo dd if=debian-live-11.9.0-amd64-xfce.iso of=/dev/sda bs=2M oflag=direct status=progress; sync
- Debian Bullseye 11.9 System and Installation Configuration For Hyper^Linux -
From BIOS system menus...
Enabled Multi Core Enhancement (Perform the Highest CPU Frequency On All Cores At The Same Time)
Disabled Intel Virtualization Technology
Disabled Intel SpeedStep, Turbo Boost, and Speed Shift
Disabled Software Guard Extensions(SGX)
Disabled All CPU C-states
Disabled vt-d
Disabled Led's
Disabled the High Precision Event Timer
Disabled Suspend to RAM
Disabled Security Device Support
Disabled Secure Boot
Disabled Intel Platform Trust Technology
Disabled Fast Boot
Booted the live cd in Bios mode by pressing f11 to open up the boot menu at startup and using
USB: Generic Flash Disk to boot into Bios mode NOT Uefi mode, which the flash disk has an entry
for that looks like this... UEFI: Generic Flash Disk
Installed f2fs-tools to make an f2fs filesystem which is good for SSD Drives
sudo apt update && sudo apt install f2fs-tools -y
Started the Calamares installer
Made a gpt partion table on my NVME SSD drive
Made an 8MB unformatted partition labled bios/grub
Made a 4096MB ext4 partition mounted on /boot
Made the root partition with remaining space f2fs mounted on /
Installed without issues, and rebooted
- Debian Base Install Preparation For The Hyper^Linux Kernel -
sudo mousepad /etc/apt/sources.list
deb http://deb.debian.org/debian bullseye main contrib non-free
deb http://deb.debian.org/debian bullseye-updates main contrib non-free
deb http://security.debian.org/debian-security/ bullseye-security main contrib non-free
deb http://deb.debian.org/debian bullseye-backports main contrib non-free
#deb http://deb.debian.org/debian bookworm main contrib non-free
Applications -> Settings -> Window Manager Tweaks -> Compositor -> on -> off
Applications -> Settings -> Workspaces -> Number Of Workspaces -> 4 -> 1
Applications -> Settings -> Power Manager -> All settings off, except Let power manager manage power
Applications -> Settings -> Session and Startup -> Turned everything off except...
AT-SPI-DBUS, Network, Policy Kit Authentication Agent, Power Manager, Pulse Audio Sound System,
Screen Locker, Xfce Notification Daemon, Xfce Settings Daemon
sudo systemctl disable --now exim4 cups cups-browsed anacron avahi-daemon apparmor cron
sudo nano -w /etc/fstab
# /etc/fstab: static file system information.
#
# Use 'blkid' to print the universally unique identifier for a device; this may
# be used with UUID= as a more robust way to name devices that works even if
# disks are added and removed. See fstab(5).
#
# <file system> <mount point> <type> <options> <dump> <pass>
UUID=9b21d0f3-ec91-4a43-95t3-ce33av5b1836 /boot ext4 defaults,noatime 0 2
UUID=48447d57-f15e-4055-a46f-e7c07cf9afdh8 / f2fs fastboot,lazytime 0 0
sudo mousepad /etc/systemd/journald.conf
[Journal]
Storage=none
sudo dpkg --add-architecture i386
sudo apt update
sudo apt install gufw gparted timeshift galculator -y
sudo apt upgrade
sudo mousepad /etc/hosts.deny
ALL: ALL
Installed the latest firefox from mozillas debian repository following the instructions here...
https://support.mozilla.org/en-US/kb/in ... tributions
( To properly use firefox it actually needs to be isolated inside a virtualbox
with all downloads separated from the base system )
( For my build however, I have disabled virtualization in order to get the best gaming performance )
Made a root account for building and installing the kernel
sudo passwd
sudo reboot
- Dependencies for building the kernel -
sudo apt install bc binutils bison dwarves flex gcc git gnupg2 gzip libelf-dev libncurses5-dev libssl-dev make openssl perl-base rsync tar xz-utils
Had to get pahole like this(because of package conflict)
sudo apt install -t bullseye-backports pahole
- Preparing the Source and Building Hyper^Linux -
Grabbed the tarball for 5.10 here on the front page of kernel.org
https://cdn.kernel.org/pub/linux/kernel ... 215.tar.xz
Extracted it in my home directory
can do it with tar -xf linux-5.10.215.tar.xz
or right click -> extract
# Entered the extracted source folder in the home directory
cd ~/linux-5.10.215/
# Copied the default kernel .config from bullseye into the source folder(the working directory)
cp -v /boot/config-$(uname -r) .config
# Loaded all hardware intended for future useage, such as external drives,
# usb's, and peripherals to build kernel modules
# customized to fit the base system
# Became root to configure, build the kernel, it's modules, and headers, and install it.
su
# Used localmodconfig to create module configuration based on the local system, and the modules
# currently loaded, which are needed for usb's, external drives, and everything else
make localmodconfig
# it also prompts about configuration options that have changed compared to the default
# bullseye .config, and updates the .config file
# The general idea is to disable every thing, except what is necessary, and the default
# .config has enabled most of what is necessary, so hitting enter(default) is the safe
# setting, unless it is something you know you do not need.
(anything not listed left as default(enter))
RFDS Mitigation (MITIGATION_RFDS) [Y/n/?] (NEW) n
nVidia Framebuffer Support (FB_NVIDIA) [N/m/y/?] (NEW) y
Enable DDC Support (FB_NVIDIA_I2C) [N/y/?] (NEW) y
Lots of debug output (FB_NVIDIA_DEBUG) [N/y/?] (NEW) n
Support for backlight control (FB_NVIDIA_BACKLIGHT) [Y/n/?] (NEW) y
nVidia Riva support (FB_RIVA) [N/m/y/?] (NEW) n
# then started up make menuconfig to customize the .config further
# anything not listed left as default
# I also go through almost every single menu item to make changes...
make menuconfig
# General Setup
Local Version -> Hyper^Linux
High Resolution Timer Support -> disabled
Timer tick rate -> Periodic timer ticks (constant rate)
Preemption Model -> Preemptible Kernel (Low Latency Desktop)
CPU/Task time and stats accounting -> all disabled
Numa Scheduler -> disabled
Disable Heap Randomization enabled
Choose SLAB Allocator -> SLOB (simple allocator)
Page Allocator Randomization -> disabled
# Processor Type and Features
(disabled options for amd, because I have intel cpu)
(also disabled NUMA options)
Linux guest support -> disabled
Timer frequency -> 1000 HZ
Randomize The Address Of The Kernel Image (KASLR) -> disabled
Kernel Live Patching -> disabled
# Mitagations For Speculative Execution Vulnerabilities -> disabled
# Power Management and ACPI Options
Suspend to RAM and suspend -> disabled
Hibernate -> disabled
Energy Model For CPU's -> disabled
## CPU Frequency Scaling
Default CPUFreq Governor -> performance
## CPU Idle
Menu Governor -> disabled
# Virtualization -> disabled
# General Architecture Dependent Options
Stack Protector buffer overflow detector -> disabled
Use a virtually-mapped stack -> disabled
# IO Schedulers
Kyber -> built in (*)
# Memory Management Options
Allow for memory hot-add -> disabled
Enable KSM for page merging -> disabled
Transparent Huge Pages Support -> disabled
# Networking support
Amateur radio support -> disabled
# Device drivers
NVME Support -> built in (*) (because I use an nvme type ssd)
Macintosh device drivers -> disabled
Virtualization drivers -> disabled
Virtio drivers -> disabled
VHOST drivers -> disabled
# File Systems
The Extended 4 (ext4) File System -> built in (*)
Btrfs -> disabled
F2FS -> built in (*)
NT File Systems -> MSDOS+VFAT -> Module
Network File Systems -> disabled
# Security Options
Enabled Intel Trusted Execution Technology -> disabled
Harden common str/mem functions against buffer overflows -> disabled
NSA SELinux support -> disabled
TOMOYO Linux support -> disabled
AppArmor -> disabled
Yama support -> disabled
Integrity subsystem -> (probably should be disabled, haven't tested yet)
Enable heap memory zeroing on allocation by default -> disabled
# Kernel Hacking
Tracers -> disabled
( And now you can go back to general settings at the top
and turn off auditing support which was locked initially)
Auditing support -> disabled
save -> .config -> enter -> exit
#Notes on Hyper^Linux .config
#This is a work in progress, this is the 7th time I've built it, and have tried it
#with different systems/distro's and different options, it definitely needs to be optimized more!
#It's honestly ridiculous how much stuff is built in by default, most of the things we do not need,
#in previous guides I tried to explain the various options, to emphasize this point,
#and explain options that would be useful for alternate hardware/system setups...
#Can use "Help" from make menuconfig to learn about every option
#I didn't add details about my thought process for all the various options, because it
#is very time consuming, and takes up a lot more space. I wanted a shorter guide...
# and the guide I used that this is based on also recommends...
https://itsfoss.com/compile-linux-kernel/
"Debian and its derivatives use a certificate to sign the kernel modules.
This certificate, by default, is absent on your computer.
I recommend disabling the option that enables module signing.
It can be achieved with the following commands:"
./scripts/config --file .config --disable MODULE_SIG
# then the command to build the kernel, with the number of processors available
# this gives you enough processing time(CPU) to still use firefox(with one/two tabs)
# or listen to music if you want, but running too many processes' simultaneously
# will break the build. It doesn't take long to build an optimized kernel like Hyper^Linux
# but it takes a long time to configure it, and learn about everything.
make -j$(nproc)
make modules_install -j$(nproc)
make headers_install
make install
(I also added make headers_install which is necessary for the nvidia driver to properly
build it's modules against our kernel)
# If there are no error messages after make install, the base system is ready
# to use the Hyper^Linux kernel and install graphics drivers, libraries, games.
dpkg: warning: version '5.10.215Hyper^Linux' has bad syntax: invalid character in version number
# this is fine ; )
- Uninstalling the kernel/rebuilding/reoptimizing -
## Remove kernel modules
$ rm -rf /lib/modules/<kernel_release>-<localversion>
## Remove device-tree binaries
$ rm -rf /boot/dtb-<kernel_release>-<localversion>
## Remove the Linux kernel itself
$ rm -vf /boot/{config,System,vmlinuz}-<kernel_release>-<localversion>
# and rebuilding is really simple, I leave the kernel source in my home directory
# and I can reconfigure, rebuild, reinstall it later if I want
# For a truly clean reinstall, grab the kernel tarball from kernel.org
# and restart the entire process
- Installing the Nvidia graphics driver -
# I got the 550 driver from here
https://www.nvidia.com/Download/driverR ... 426/en-us/
# It has a readme here
http://us.download.nvidia.com/XFree86/L ... index.html
Rebooted into run level 3 to install the driver (a terminal)
from the grub menu at startup pressed e after selecting the Hyper^linux kernel
then after the line where it says vmlinuz....root=....ro...
added the number 3
and pressed f10 to boot it
(this is how you edit the kernel command line temporarily)
installed it's dependencies like this
sudo apt install pkg-config libglvnd-dev -y
# and ran the installer paying attention to it's prompts
sudo sh ./NVIDIA-Linux-x86_64-550.67.run
(yes install 32bit library support, yes rebuild initramfs, yes update x-config, reboot)
- More Hyper^Linux Notes -
- winehq -
Linux gaming essentially revolves around the three pillars of the linux kernel,
graphics drivers, and wine. Make sure to use the wine repositories they actually make available
for debian based distributions, as well as others, to get their upstream packages,
for the best gaming support, similarly to getting newer graphics drivers. I chose to
use the 5.10 kernel specifically in this case, because we can get away with older kernels.
Generally older software actually performs extremely well with newer hardware. (the best)
Install instructions, for it's apt repository are here...use the stable branch
https://wiki.winehq.org/Debian
- Kernel Command Line -
https://www.kernel.org/doc/html/v5.10/
https://www.kernel.org/doc/html/v5.10/a ... eters.html
- Tweaking Nvidia for Hyper Speed! -
work in progress, hopefully we get a new driver basically, because right now their
driver is clearly throttling our performance on linux unfairly
- Future Hyper^Linux Builds -
I started making .configs that I thought would be applicable to most people's pc's if
they were into gaming, and had standard amd/intel computers, but my original purpose
which was simply to make a good guide for configuring the kernel for gaming pc's,
is more appropriate. I think it's better that people learn to use proper sources,
such as kernel.org and nvidia's website, for example, "upstream sources" to install
the critical components of their system, and learn to configure them themselves.
- Patching Hyper^Linux -
Kernel patches can be added pretty easily, such as from other projects devoted
to improving the kernel's performance. Our really big bottleneck right now
is clearly the graphics drivers.
- Further Improving Performance -
Good Luck!
- Other notes -
nouveau doesn't properly load(with newer cards I guess or it's a conflict with my bios non-uefi setup) with the 5.10 default
or the 5.10 Hyper^Linux kernel, so I had to install the nvidia driver to get proper graphics support after all.
Firefox is basically not-safe whatsoever at this point, and needs to be run in a virtualbox to safely download files from the internet,
so for this setup, which has virtualization turned off for improved gaming performance, we might even do something like only use
wget with copied hyperlinks to download anything from the internet, to bypass it's built-in vulnerabilities to advanced web based exploitation.
- Security mitigations for Hyper^Linux -
work in progress...
- Fixups -
Haven't done enough testing with SLOB as the memory allocator, but I think it might be bad, it's meant
for embedded systems I believe, so it could be that SLAB is more appropriate...I'm experimenting with
that right now still..
Steam has it's own debian-way for being installed appropriately, and it also updates itself so I
just use steam from apt. it needs namespaces to work appropriately, which is built into the kernel by default.
Lutris in bullseye is version 0.5.8.3 and in backports there is 0.5.12 so in order to get the latest lutris, I use
it's page on github, after first using sudo apt install lutris, in order to pull in some of it's dependencies, then
I download the .deb from github, install it's dependencies, and then install it like this...
https://github.com/lutris/lutris/releases
sudo apt install vulkan-tools python3-gi-cairo
sudo dpkg -i lutris_0.5.17_all.deb
Also using the nvidia-driver package from the bullseye repo is something I would like to test out, but probably
will never get around to, because it provides us with unique performance compared to the newer drivers,
which are like a lateral upgrade.
the latest wine sync is in wine 9, and does have a kernel patch to be used in order to be taken advantage of, and that is one of the biggest developments for gaming recently...have to get that working...
Thankfully Bullseye, called "oldstable" now too, since bookworm is the stable version of debian right now 4/16/24
is actually like the real stable in my opinion, or super stable, so I think it will be really good for a long time actually, if I can manage to keep pulling what I want from upstream...work in progress!
- Updating gaming libraries using Bookworm repositories -
So some libraries gaming programs use can be pulled from bookworm and that is done by commenting out the sources for bullseye in /etc/apt/sources.list
and adding this line, updating apt, and installing like this...this might not work in the future, so pay attention to what is installed, and attempt to install steam/lutris
from bullseye first, and then use these commands to update their libraries pulling from the bookworm repository...
deb http://deb.debian.org/debian bookworm main contrib non-free
sudo apt install steam
sudo apt install libvulkan1
- another lutris fix -
if you have a problem with lutris after installing libvulkan1 from bookworm than try using the older lutris wine versions clicking the gear icon and the box icon next to wine in lutris
having a lot of weird CPU behavior in bullseye 11.9 that I never had in older versions of it prior to bookworm... guess needs more testing! It's as if spread spectrum is on in BIOS even though it's disabled, gave it a reboot with Hyper^Linux, and the apparent problem disappeared.
- commands for monitoring system performance, and what I see for my system -
(top with a delayed update to more easily identify misbehaving processes')
top -d 5
top showing 539 MB ram usage (with bookworm and the same setup it was around 879MB)
sudo cat /proc/cpuinfo | grep MHz
and all my cores are running at max(non-overclocked speed for endurance and stability simultaneously)
- More Solutions -
So I actually discovered the 5.10 kernel in bullseye has really strange performance problems with the Hyper^Linux config and the latest nvidia driver, I imagine, that it would
work better for those who want to try working with it, with the driver in the bullseye repo, installed via sudo apt install nvidia-driver, so I went ahead and tried something new, and now I rebuilt the Hyper^Linux config with the latest current release of the kernel from kernel.org 6.8 and reinstalled the nvidia driver, and am now getting stellar typical performance. Having tested linux many times in the past (many many times) I can say with certainty there are certainly good driver/kernel/distro combo's and bad combo's. I've tested the bookworm kernel 6.1 with the latest nvidia driver most recently and had stellar performance as well, and in the past have used the 5.15 kernel that used to be in bullseye with the 470 nvidia driver, and had a great experience with that combo, which is why I wanted to use the 5.10 kernel that's in bullseye now. I think I'm starting to see some library issues coming to the surface, but I am going to keep pushing ahead because this is the lightest xfce environment we can get basically with a nice stable distro like debian.
If you have nvidia problems, the nvidia installer from nvidia's website is actually super useful, and will do everything for you automatically if you just keep booting into runlevel 3 and running the installer repeatedly: such as blacklisting the nouveau module for you, uninstalling nvidia for you, reinstalling nvidia for you, and resolving your missing 32 bit libraries if you forgot to add 32 bit library support with sudo dpkg --add-architecture i386 && sudo apt update
sudo sh ./NVIDIA-Linux-x86_64-550.67.run
Statistics: Posted by Linuxgaming1824 — 2024-04-16 18:35 — Replies 2 — Views 71