Custom Kernel Configuration
Overview
Compile and configure custom kernels for specific hardware support, performance tuning, or security requirements.
Build Custom Kernel
Install Build Dependencies
# Install build tools
apt install build-essential git
# Install kernel build deps
apt build-dep linuxClone Kernel Source
# Clone Proxmox kernel
git clone https://github.com/proxmox/linux-proxmox.git
# Or use vanilla kernel
git clone https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitConfigure Kernel
# Change to source directory
cd linux-proxmox
# Use Proxmox config
cp /boot/config-$(uname -r) .config
# Or use menuconfig
make menuconfigBuild Kernel
# Build
make -j$(nproc) deb-pkg
# Install
dpkg -i ../linux-*.debKernel Parameters
GRUB Configuration
# Edit GRUB
nano /etc/default/grub
# Add parameters
GRUB_CMDLINE_LINUX_DEFAULT="quiet splash"
# Update GRUB
update-grubCommon Parameters
| Parameter | Description |
|---|---|
| intel_iommu=on | Enable IOMMU |
| amd_iommu=on | Enable AMD IOMMU |
| iommu=pt | IOMMU passthrough |
| hugepages=1024 | Huge pages |
| default_hugepagesz=2M | 2MB pages |
| transparent_hugepage=never | Disable THP |
| nosmt | Disable SMT |
Kernel Modules
Load at Boot
# Create config
nano /etc/modules
# Add modules
vfio
vfio_iommu_type1
vfio_pci
nvidia
nvidia_uvmBlacklist Modules
# Blacklist
nano /etc/modprobe.d/blacklist.conf
blacklist nouveau
blacklist nvidiaPerformance Tuning
CPU Governors
# Set governor
echo performance > /sys/devices/system/cpu/cpu0/cpufreq/scaling_governor
# Make persistent
apt install cpufrequtils
nano /etc/default/cpufrequtilsKernel Tuning
# Network buffer
net.core.rmem_max=16777216
net.core.wmem_max=16777216
# File system
fs.file-max=65536Security Hardening
Kernel Settings
# Disable unused features
echo 1 > /proc/sys/kernel/dmesg_restrict
# Disable core dumps
hard core 0
# Restrict sysrq
echo 1 > /proc/sys/kernel/sysrqKeywords
kernel compilation tuning performance security kernel-parameters