As part of a proposal to use a new toolchain consisting of LLVM and mold for building packages in postmarketOS, we have decided to go ahead with the first steps of the proposed plan to adopt this toolchain: migrating all kernel packages to build with LLVM where feasible.
Adopting LLVM for our kernel builds comes with several advantages. It will let us enable ThinLTO for improved performance without compromising too much on compile times and opens up the option to use clang-exclusive security features in the Linux kernel, such as control flow integrity checks (CFI), which can currently only be used in combination with LTO. In the long term, we would like to drop the GCC cross compiler packages we currently keep around in pmaports, which this would be a prerequisite for. This is made possible thanks to LLVM tools supporting all architectures in a single build, whereas GCC and GNU binutils must be built separately for every single target architecture.
Compiling the kernel with LLVM is extremely well tested, thanks to the awesome work of the Clang Built Linux project, which builds and tests hundreds of different combinations of kernel version, LLVM version and kernel configuration every day. In fact, it's so well tested that Google has been using LLVM with full LTO and CFI for Android kernels since kernel 5.4.
Our plan involves gradually changing all APKBUILD files for kernel packages in postmarketOS to use LLVM if feasible. It should easily be possible to backport the necessary kernel changes to downstream kernel versions as low as 4.4, we can build on previous work by Android distributions like LineageOS here. Any older versions will likely require a nontrivial amount of work, in which case we will attempt to compile them with GCC 4 or 6, and if that fails, we will archive the kernels.
Work has already started on converting most of the community kernels and some of the testing kernels. This is a very large undertaking that will require hundreds of merge requests (we currently package 415 kernels!). We will create merge requests updating the package definitions to use LLVM one package at a time. If you maintain a kernel package, you can help us out by creating such a merge request for your package and testing it. The necessary changes usually include adding clang, lld and llvm to makedepends and specifying LLVM=1 when building the kernel, removing any explicitly set CC option. Afterwards, you can run pmbootstrap kconfig migrate and it will automatically regenerate the kernel configuration with LLVM. See pmaports!7290 for an example.
Since we are making changes to every kernel package, it is unrealistic to expect that every maintainer will still be active or available to test the changes. Therefore, we have decided to give maintainers two weeks after a merge request is created for their kernel package to do one of the following:
a) approve the MR, it will be merged directly
b) reply that they want to do the upgrade themselves with the next kernel upgrade
c) do nothing, the MR will be merged after 2 weeks
We hope that everything in this transition will go smoothly. If you want to help out and run into compile errors in the process of updating your kernel package, please reach out to us at #devel:postmarketos.org, we're happy to help!