APKBUILD 6.84 KB
Newer Older
1
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
2

3
_flavor=grsec
4
pkgname=linux-${_flavor}
5
pkgver=3.14.37
6 7 8 9
case $pkgver in
*.*.*)	_kernver=${pkgver%.*};;
*.*)	_kernver=${pkgver};;
esac
10
pkgrel=3
11 12
pkgdesc="Linux kernel with grsecurity"
url=http://grsecurity.net
13
depends="mkinitfs linux-firmware"
14
makedepends="perl sed installkernel bash gmp-dev bc"
15
options="!strip"
Natanael Copa's avatar
Natanael Copa committed
16
_config=${config:-kernelconfig.${CARCH}}
17
install=
18
source="http://ftp.kernel.org/pub/linux/kernel/v3.x/linux-$_kernver.tar.xz
19
	http://ftp.kernel.org/pub/linux/kernel/v3.x/patch-$pkgver.xz
20
	grsecurity-3.1-3.14.37-201504051405.patch
21

22
	fix-memory-map-for-PIE-applications.patch
23
	imx6q-no-unclocked-sleep.patch
24

25
	kernelconfig.x86
26
	kernelconfig.x86_64
27
	kernelconfig.armhf
28
	"
29
subpackages="$pkgname-dev"
30
arch="x86 x86_64 armhf"
31
license="GPL-2"
Natanael Copa's avatar
Natanael Copa committed
32

33
_abi_release=${pkgver}-${pkgrel}-${_flavor}
34

35
prepare() {
36
	local _patch_failed=
37
	cd "$srcdir"/linux-$_kernver
38 39
	if [ "${pkgver%.0}" = "$pkgver" ]; then
		msg "Applying patch-$pkgver.xz"
40
		unxz -c < "$srcdir"/patch-$pkgver.xz | patch -p1 -N || return 1
41 42
	fi

43 44 45 46 47
	# first apply patches in specified order
	for i in $source; do
		case $i in
		*.patch)
			msg "Applying $i..."
48 49 50 51
			if ! patch -s -p1 -N -i "$srcdir"/$i; then
				echo $i >>failed
				_patch_failed=1
			fi
52 53
			;;
		esac
54 55
	done

56 57 58 59 60 61
	if ! [ -z "$_patch_failed" ]; then
		error "The following patches failed:"
		cat failed
		return 1
	fi

62 63
	rm -f localversion*
	echo "-$pkgrel-$_flavor" > localversion-alpine
64

65
	mkdir -p "$srcdir"/build
66
	cp "$srcdir"/$_config "$srcdir"/build/.config || return 1
67
	make -C "$srcdir"/linux-$_kernver O="$srcdir"/build HOSTCC="${CC:-gcc}" \
68
		silentoldconfig
69 70 71 72
}

# this is so we can do: 'abuild menuconfig' to reconfigure kernel
menuconfig() {
73
	cd "$srcdir"/build || return 1
74 75 76 77 78 79
	make menuconfig
	cp .config "$startdir"/$_config
}

build() {
	cd "$srcdir"/build
80
	export GCC_SPECS=hardenednopie.specs
81
	make CC="${CC:-gcc}" \
82 83
		KBUILD_BUILD_VERSION="$((pkgrel + 1 ))-Alpine" \
		|| return 1
84
}
Natanael Copa's avatar
Natanael Copa committed
85

86 87
package() {
	cd "$srcdir"/build
88

89
	mkdir -p "$pkgdir"/boot "$pkgdir"/lib/modules
90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107

	local _install
	case "$CARCH" in
	arm*)
		local _dtbdir="$pkgdir"/usr/lib/linux-${_abi_release}
		mkdir -p "$_dtbdir"
		for i in arch/arm/boot/dts/*.dtb ; do
			install -m644 "$i" "$_dtbdir"
		done

		_install=zinstall
		;;
	*)
		_install=install
		;;
	esac

	make -j1 modules_install firmware_install $_install \
108
		INSTALL_MOD_PATH="$pkgdir" \
109 110
		INSTALL_PATH="$pkgdir"/boot \
		|| return 1
111

112 113
	rm -f "$pkgdir"/lib/modules/${_abi_release}/build \
		"$pkgdir"/lib/modules/${_abi_release}/source
114 115
	rm -rf "$pkgdir"/lib/firmware

116
	install -D include/config/kernel.release \
117
		"$pkgdir"/usr/share/kernel/$_flavor/kernel.release
Natanael Copa's avatar
Natanael Copa committed
118 119
}

120 121 122 123 124
dev() {
	# copy the only the parts that we really need for build 3rd party
	# kernel modules and install those as /usr/src/linux-headers,
	# simlar to what ubuntu does
	#
125
	# this way you dont need to install the 300-400 kernel sources to
126 127
	# build a tiny kernel module
	#
128
	pkgdesc="Headers and script for third party modules for grsec kernel"
129
	depends="gmp-dev bash"
130
	local dir="$subpkgdir"/usr/src/linux-headers-${_abi_release}
131

132
	# first we import config, run prepare to set up for building
133
	# external modules, and create the scripts
134
	mkdir -p "$dir"
135
	cp "$srcdir"/$_config "$dir"/.config
136
	make -j1 -C "$srcdir"/linux-$_kernver O="$dir" HOSTCC="${CC:-gcc}" \
137
		silentoldconfig prepare modules_prepare scripts
138

139 140
	# remove the stuff that poits to real sources. we want 3rd party
	# modules to believe this is the soruces
141 142
	rm "$dir"/Makefile "$dir"/source

143 144
	# copy the needed stuff from real sources
	#
145
	# this is taken from ubuntu kernel build script
146
	# http://kernel.ubuntu.com/git?p=ubuntu/ubuntu-jaunty.git;a=blob;f=debian/rules.d/3-binary-indep.mk;hb=HEAD
147 148 149 150 151 152 153 154 155 156 157
	cd "$srcdir"/linux-$_kernver
	find . -path './include/*' -prune -o -path './scripts/*' -prune \
		-o -type f \( -name 'Makefile*' -o -name 'Kconfig*' \
		-o -name 'Kbuild*' -o -name '*.sh' -o -name '*.pl' \
		-o -name '*.lds' \) | cpio -pdm "$dir"
	cp -a drivers/media/dvb/dvb-core/*.h "$dir"/drivers/media/dvb/dvb-core
	cp -a drivers/media/video/*.h "$dir"/drivers/media/video
	cp -a drivers/media/dvb/frontends/*.h "$dir"/drivers/media/dvb/frontends
	cp -a scripts include "$dir"
	find $(find arch -name include -type d -print) -type f \
		| cpio -pdm "$dir"
158 159 160

	install -Dm644 "$srcdir"/build/Module.symvers \
		"$dir"/Module.symvers
161 162 163 164

	mkdir -p "$subpkgdir"/lib/modules/${_abi_release}
	ln -sf /usr/src/linux-headers-${_abi_release} \
		"$subpkgdir"/lib/modules/${_abi_release}/build
165 166
}

167
md5sums="b621207b3f6ecbb67db18b13258f8ea8  linux-3.14.tar.xz
168
cbc19671d2c8bab0eaf18bf3afa54f7b  patch-3.14.37.xz
169
16c2185b59f85b66ba9679eb5f389104  grsecurity-3.1-3.14.37-201504051405.patch
170
c6a4ae7e8ca6159e1631545515805216  fix-memory-map-for-PIE-applications.patch
171
1a307fc1d63231bf01d22493a4f14378  imx6q-no-unclocked-sleep.patch
172
78060d5fe4d22f3ff8ebdad76f2a99f0  kernelconfig.x86
173
4abbaf506227daec9a0e5b53464e1642  kernelconfig.x86_64
174
2088fe977722158d7989f928084d52ca  kernelconfig.armhf"
175
sha256sums="61558aa490855f42b6340d1a1596be47454909629327c49a5e4e10268065dffa  linux-3.14.tar.xz
176
ae2c25e7c53bffaf4e6f951a56eaa8ca645e7125cd28f16f870b7dc8aaa66b49  patch-3.14.37.xz
177
43ffb9159085c7194a6f3e767cb9fcd6b7a99ec4a79e187714a2714e5ef93970  grsecurity-3.1-3.14.37-201504051405.patch
178
500f3577310be52e87b9fecdc2e9c4ca43210fd97d69089f9005d484563f74c7  fix-memory-map-for-PIE-applications.patch
179
21179fbb22a5b74af0a609350ae1a170e232908572b201d02e791d2ce0a685d3  imx6q-no-unclocked-sleep.patch
180
66196a945d55ce0a164dc5a4303db77c1f47641ab8bf7b53e87f3f39bf23f356  kernelconfig.x86
181
d96e12edb7d6421b26650e280c2d6c4645d5221549295d15b5f6d6daacf215fb  kernelconfig.x86_64
182
636419c6970c24ae6e02889f641aff606eb237c0ac1796efd992c545f77bc579  kernelconfig.armhf"
183
sha512sums="5730d83a7a81134c1e77c0bf89e42dee4f8251ad56c1ac2be20c59e26fdfaa7bea55f277e7af156b637f22e1584914a46089af85039177cb43485089c74ac26e  linux-3.14.tar.xz
184
40439c1262331ffd594a110bab6c2da04abd7718fb3f79661de46e0c7cd99d4d8e003bb412be2348df843d7d9abe310caf1e3cc1ec5343e4b92f0769b9cfada4  patch-3.14.37.xz
185
a5cd91d5aed495a34393fe0d4a944b4d8f7b7beabdf007c079711699f4d8b8dfa573827aa0358ad9efd4aef49192fa978567ec4f4de93982cf8afd63a90dec63  grsecurity-3.1-3.14.37-201504051405.patch
186
4665c56ae1bbac311f9205d64918e84ee8b01d47d6e2396ff6b8adfb10aada7f7254531ce62e31edbb65c2a54a830f09ad05d314dfcd75d6272f4068945ad7c7  fix-memory-map-for-PIE-applications.patch
187
87d1ad59732f265a5b0db54490dc1762c14ea4b868e7eb1aedc3ce57b48046de7bbc08cf5cfcf6f1380fa84063b0edb16ba3d5e3c5670be9bbb229275c88b221  imx6q-no-unclocked-sleep.patch
188
63b99a936f8ca561e42590ec639b2a86face1198c6a05d3450ff275ae3651f142e1a08795064562be7ad228097687f3fd745b19c1cdb0f48dcd1eeb2634fd46c  kernelconfig.x86
189
f3f86dea3732ce5179aa1b542cdcecbe764b52b1449f1e86dbcf4d2fc3f85df7198f58db9dadb7747c7fbc2a6dcdc914cb1110bc0b669874ebc7062b13dd2e8c  kernelconfig.x86_64
190
2b8d7afc769398b32eb03850069bde6ddb06ea54deea08d6c85356fb9c9d1d851ff3e72cf55d598aa2c56608efbf1b10e5051f1e07f0178dff5f1aa886fc843d  kernelconfig.armhf"