Switch to 23.0 profiles

[krnowak]

CI: http://jenkins.infra.kinvolk.io:8080/job/container/job/sdk/1761/cldsv/

--

• switches to 23.0 profiles
  • also drops our systemd profile in favor of Gentoo's
  • we have already been using Gentoo's systemd profiles, so this drops our as it should be mostly redundant
• move sys-apps/kmod back to portage-stable
  • we also synced the package with Gentoo, but there was no change in package version

--

• Changelog entries added in the respective changelog/ directory (user-facing change, bug fix, security fix, update)
  • no changelog entry, it's not a user visible change
• Inspected CI output for image differences: /boot and /usr size, packages, list files for any missing binaries, kernel modules, config files, kernel modules, etc.

[krnowak]

CI passed.

[github-actions]

Build action triggered: https://github.com/flatcar/scripts/actions/runs/11145812491

[krnowak]

Rerun the CI, still works.

[krnowak]

This also gets rid of the long messages about using deprecated profiles everytime we call emerge.

[ader1990]

I see a smaller size of the initrd vs the current nightly, which is great. I do not have the actual comparison available as there is no github actions run, do you know what got axed?

[krnowak]

I see a smaller size of the initrd vs the current nightly, which is great. I do not have the actual comparison available as there is no github actions run, do you know what got axed?

My guess would be that this is unrelated to my PR, but rather to the kernel update that got merged too. But I checked the report, and it says:

BEGIN_REPORT:

All 0 newly added files:

All 0 just deleted files:

Top 10 grown in size files (of 283 files total):

./rootfs-0/usr/bin/mknod by 4168 bytes (4 kbytes) from 85096 bytes (83 kbytes) to 89264 bytes (87 kbytes)
./rootfs-0/usr/lib64/libjansson.so.4.14.0 by 4168 bytes (4 kbytes) from 59808 bytes (58 kbytes) to 63976 bytes (62 kbytes)
./rootfs-0/usr/lib/modules/a.b.c-flatcar/kernel/drivers/scsi/lpfc/lpfc.ko.xz by 2952 bytes (2 kbytes) from 499812 bytes (488 kbytes) to 502764 bytes (490 kbytes)
./rootfs-0/usr/lib/modules/a.b.c-flatcar/kernel/drivers/net/ethernet/broadcom/bnx2x/bnx2x.ko.xz by 2036 bytes (1 kbytes) from 345028 bytes (336 kbytes) to 347064 bytes (338 kbytes)
./rootfs-0/usr/lib/modules/a.b.c-flatcar/kernel/fs/xfs/xfs.ko.xz by 1544 bytes (1 kbytes) from 675020 bytes (659 kbytes) to 676564 bytes (660 kbytes)
./rootfs-0/usr/lib/modules/a.b.c-flatcar/kernel/drivers/infiniband/core/ib_cm.ko.xz by 1468 bytes (1 kbytes) from 49000 bytes (47 kbytes) to 50468 bytes (49 kbytes)
./rootfs-0/usr/lib/modules/a.b.c-flatcar/kernel/fs/btrfs/btrfs.ko.xz by 1300 bytes (1 kbytes) from 694472 bytes (678 kbytes) to 695772 bytes (679 kbytes)
./rootfs-0/usr/lib/modules/a.b.c-flatcar/kernel/drivers/scsi/qla4xxx/qla4xxx.ko.xz by 748 bytes from 140076 bytes (136 kbytes) to 140824 bytes (137 kbytes)
./rootfs-0/usr/lib/modules/a.b.c-flatcar/kernel/drivers/net/ethernet/qlogic/qed/qed.ko.xz by 588 bytes from 309504 bytes (302 kbytes) to 310092 bytes (302 kbytes)
./rootfs-0/usr/lib/modules/a.b.c-flatcar/kernel/drivers/net/ethernet/intel/i40e/i40e.ko.xz by 408 bytes from 227456 bytes (222 kbytes) to 227864 bytes (222 kbytes)

Top 10 shrunk in size files (of 244 files total):

./rootfs-0/usr/lib64/libcrypto.so.3 by 442288 bytes (431 kbytes) from 5343472 bytes (5218 kbytes, 5 mbytes) to 4901184 bytes (4786 kbytes, 4 mbytes)
./rootfs-0/usr/lib/systemd/libsystemd-shared-255.so by 102328 bytes (99 kbytes) from 3889840 bytes (3798 kbytes, 3 mbytes) to 3787512 bytes (3698 kbytes, 3 mbytes)
./rootfs-0/usr/lib/systemd/libsystemd-core-255.so by 102320 bytes (99 kbytes) from 2214128 bytes (2162 kbytes, 2 mbytes) to 2111808 bytes (2062 kbytes, 2 mbytes)
./rootfs-0/usr/lib64/libkrb5.so.3.3 by 69552 bytes (67 kbytes) from 871552 bytes (851 kbytes) to 802000 bytes (783 kbytes)
./rootfs-0/usr/bin/loadkeys by 69552 bytes (67 kbytes) from 220312 bytes (215 kbytes) to 150760 bytes (147 kbytes)
./rootfs-0/usr/lib64/libssl.so.3 by 65464 bytes (63 kbytes) from 968312 bytes (945 kbytes) to 902848 bytes (881 kbytes)
./rootfs-0/usr/bin/xfs_db by 57264 bytes (55 kbytes) from 824936 bytes (805 kbytes) to 767672 bytes (749 kbytes)
./rootfs-0/usr/lib/systemd/systemd-networkd by 53176 bytes (51 kbytes) from 1796504 bytes (1754 kbytes, 1 mbytes) to 1743328 bytes (1702 kbytes, 1 mbytes)
./rootfs-0/usr/bin/nvme by 49080 bytes (47 kbytes) from 1230160 bytes (1201 kbytes, 1 mbytes) to 1181080 bytes (1153 kbytes, 1 mbytes)
./rootfs-0/usr/bin/btrfs by 44976 bytes (43 kbytes) from 1215392 bytes (1186 kbytes, 1 mbytes) to 1170416 bytes (1142 kbytes, 1 mbytes)

Total size difference: decreased by 1820826 bytes (1778 kbytes, 1 mbytes)

Take the total size difference with a grain of salt as normally initrd is compressed, so the actual difference will be smaller.
To see the actual difference in size, see if there was a report for /boot/flatcar/vmlinuz-a.
Note that vmlinuz-a also contains the kernel code, which might have changed too, so the reported difference does not accurately describe the change in initrd.

END_REPORT

Pretty much random things…

[ader1990]

Interesting is that libsystemd-core/shared-255.so are smaller, we need to check if there are some flags removed from the build (make flags). I will give it a run to check the diff.
Latest stable systemd:

systemctl --version
systemd 255 (255)
+PAM +AUDIT +SELINUX -APPARMOR +IMA +SMACK +SECCOMP +GCRYPT -GNUTLS +OPENSSL -ACL +BLKID +CURL +ELFUTILS -FIDO2 +IDN2 -IDN +IPTC +KMOD +LIBCRYPTSETUP +LIBFDISK +PCRE2 -PWQUALITY -P11KIT -QRENCODE +TPM2 +BZIP2 +LZ4 +XZ +ZLIB +ZSTD -BPF_FRAMEWORK -XKBCOMMON +UTMP -SYSVINIT default-hierarchy=unified

[chewi]

It's not just systemd, OpenSSL is significantly smaller. That make me think it was a more global change, so I compared the profiles. This is new in 23.0 and is almost certainly the cause:

LDFLAGS="-Wl,-z,pack-relative-relocs"

From Gentoo #818376:

The SHT_RELR/DT_RELR format encodes relative relocations in a very efficient way (quite usually takes just 3% or smaller space). The size optimization can greatly decrease the virtual memory size of PIE and shared objects with many R_*_RELATIVE relocations.

Hurray! 🥳

[krnowak]

Interesting is that libsystemd-core/shared-255.so are smaller, we need to check if there are some flags removed from the build (make flags). I will give it a run to check the diff. Latest stable systemd:

systemctl --version
systemd 255 (255)
+PAM +AUDIT +SELINUX -APPARMOR +IMA +SMACK +SECCOMP +GCRYPT -GNUTLS +OPENSSL -ACL +BLKID +CURL +ELFUTILS -FIDO2 +IDN2 -IDN +IPTC +KMOD +LIBCRYPTSETUP +LIBFDISK +PCRE2 -PWQUALITY -P11KIT -QRENCODE +TPM2 +BZIP2 +LZ4 +XZ +ZLIB +ZSTD -BPF_FRAMEWORK -XKBCOMMON +UTMP -SYSVINIT default-hierarchy=unified

Same are on the new image, which you can download from https://bincache.flatcar-linux.net/images/amd64/4109.0.0+new-profile/. But Chewi's explanation makes sense. I should have done a better job of checking the actual differences between the old and new profiles.

[chewi]

I was about to give you some even better news, which is that you can also enable CONFIG_RELR and get a ~5% saving on the compressed kernel. Unfortunately, they have only added this for arm64. 😞

[krnowak]

I was about to give you some even better news, which is that you can also enable CONFIG_RELR and get a ~5% saving on the compressed kernel. Unfortunately, they have only added this for arm64. 😞

It's something to keep the eye on - I suppose it will eventually land for amd64 too. Or we could enable it now (in a separate PR though), and get the savings for arm64 now, and eventually for amd64.