APKBUILD 8.05 KB
Newer Older
1
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
2

3
_flavor=grsec
4
pkgname=linux-${_flavor}
5
pkgver=3.6.11
6
_kernver=3.6
7
pkgrel=17
8
_al=5
9
10
pkgdesc="Linux kernel with grsecurity"
url=http://grsecurity.net
11
depends="mkinitfs linux-firmware"
Natanael Copa's avatar
Natanael Copa committed
12
makedepends="perl installkernel bash gmp-dev"
13
options="!strip"
Natanael Copa's avatar
Natanael Copa committed
14
_config=${config:-kernelconfig.${CARCH}}
15
install=
16
source="http://ftp.kernel.org/pub/linux/kernel/v3.x/linux-$_kernver.tar.xz
17
	http://ftp.kernel.org/pub/linux/kernel/v3.x/patch-$pkgver.xz
18
19
	patch-3.6.11-al${_al}.patch
	grsecurity-2.9.1-3.6.11-al${_al}-unofficial-0.patch
20

21
	0004-arp-flush-arp-cache-on-device-change.patch
22
	r8169-num-rx-desc.patch
23
	ipv4-remove-output-route-check-in-ipv4_mtu.patch
24
	r8169-fix-vlan-tag-reordering.patch
25

26
	xsa43-pvops.patch
27
	5-5-xfrm4-Invalidate-all-ipv4-routes-on-IPsec-pmtu-events.patch
28

29
	kernelconfig.x86
30
	kernelconfig.x86_64
31
	"
32
subpackages="$pkgname-dev"
33
arch="x86 x86_64 arm"
34
license="GPL-2"
Natanael Copa's avatar
Natanael Copa committed
35

36
37
_abi_release=${pkgver}-${_flavor}

38
prepare() {
39
	local _patch_failed=
40
	cd "$srcdir"/linux-$_kernver
41
42
	if [ "${pkgver%.0}" = "$pkgver" ]; then
		msg "Applying patch-$pkgver.xz"
43
		unxz -c < "$srcdir"/patch-$pkgver.xz | patch -p1 -N || return 1
44
45
	fi

46
47
48
49
50
	# first apply patches in specified order
	for i in $source; do
		case $i in
		*.patch)
			msg "Applying $i..."
51
52
53
54
			if ! patch -s -p1 -N -i "$srcdir"/$i; then
				echo $i >>failed
				_patch_failed=1
			fi
55
56
			;;
		esac
57
58
	done

59
60
61
62
63
64
	if ! [ -z "$_patch_failed" ]; then
		error "The following patches failed:"
		cat failed
		return 1
	fi

65
	mkdir -p "$srcdir"/build
66
	cp "$srcdir"/$_config "$srcdir"/build/.config || return 1
67
	make -C "$srcdir"/linux-$_kernver O="$srcdir"/build HOSTCC="${CC:-gcc}" \
68
		silentoldconfig
69
70
71
72
}

# this is so we can do: 'abuild menuconfig' to reconfigure kernel
menuconfig() {
73
	cd "$srcdir"/build || return 1
74
75
76
77
78
79
	make menuconfig
	cp .config "$startdir"/$_config
}

build() {
	cd "$srcdir"/build
80
	export GCC_SPECS=/usr/share/gcc/hardenednopie.specs
81
	make CC="${CC:-gcc}" \
82
83
		KBUILD_BUILD_VERSION="$((pkgrel + 1 ))-Alpine" \
		|| return 1
84
}
Natanael Copa's avatar
Natanael Copa committed
85

86
87
package() {
	cd "$srcdir"/build
88
	mkdir -p "$pkgdir"/boot "$pkgdir"/lib/modules
Natanael Copa's avatar
Natanael Copa committed
89
	make -j1 modules_install firmware_install install \
90
		INSTALL_MOD_PATH="$pkgdir" \
91
92
		INSTALL_PATH="$pkgdir"/boot \
		|| return 1
93

94
95
	rm -f "$pkgdir"/lib/modules/${_abi_release}/build \
		"$pkgdir"/lib/modules/${_abi_release}/source
96
97
	rm -rf "$pkgdir"/lib/firmware

98
	install -D include/config/kernel.release \
99
		"$pkgdir"/usr/share/kernel/$_flavor/kernel.release
Natanael Copa's avatar
Natanael Copa committed
100
101
}

102
103
104
105
106
dev() {
	# copy the only the parts that we really need for build 3rd party
	# kernel modules and install those as /usr/src/linux-headers,
	# simlar to what ubuntu does
	#
107
	# this way you dont need to install the 300-400 kernel sources to
108
109
	# build a tiny kernel module
	#
110
	pkgdesc="Headers and script for third party modules for grsec kernel"
111
	depends="gmp-dev bash"
112
	local dir="$subpkgdir"/usr/src/linux-headers-${_abi_release}
113

114
	# first we import config, run prepare to set up for building
115
	# external modules, and create the scripts
116
	mkdir -p "$dir"
117
	cp "$srcdir"/$_config "$dir"/.config
118
	make -j1 -C "$srcdir"/linux-$_kernver O="$dir" HOSTCC="${CC:-gcc}" \
119
		silentoldconfig prepare modules_prepare scripts 
120

121
122
	# remove the stuff that poits to real sources. we want 3rd party
	# modules to believe this is the soruces
123
124
	rm "$dir"/Makefile "$dir"/source

125
126
	# copy the needed stuff from real sources
	#
127
	# this is taken from ubuntu kernel build script
128
	# http://kernel.ubuntu.com/git?p=ubuntu/ubuntu-jaunty.git;a=blob;f=debian/rules.d/3-binary-indep.mk;hb=HEAD
129
130
131
132
133
134
135
136
137
138
139
	cd "$srcdir"/linux-$_kernver
	find . -path './include/*' -prune -o -path './scripts/*' -prune \
		-o -type f \( -name 'Makefile*' -o -name 'Kconfig*' \
		-o -name 'Kbuild*' -o -name '*.sh' -o -name '*.pl' \
		-o -name '*.lds' \) | cpio -pdm "$dir"
	cp -a drivers/media/dvb/dvb-core/*.h "$dir"/drivers/media/dvb/dvb-core
	cp -a drivers/media/video/*.h "$dir"/drivers/media/video
	cp -a drivers/media/dvb/frontends/*.h "$dir"/drivers/media/dvb/frontends
	cp -a scripts include "$dir"
	find $(find arch -name include -type d -print) -type f \
		| cpio -pdm "$dir"
140
141
142

	install -Dm644 "$srcdir"/build/Module.symvers \
		"$dir"/Module.symvers
143
144
145
146

	mkdir -p "$subpkgdir"/lib/modules/${_abi_release}
	ln -sf /usr/src/linux-headers-${_abi_release} \
		"$subpkgdir"/lib/modules/${_abi_release}/build
147
148
}

149
md5sums="1a1760420eac802c541a20ab51a093d1  linux-3.6.tar.xz
150
bd4bba74093405887d521309a74c19e9  patch-3.6.11.xz
151
820b19a4cb9b2d95b998a7096a0784f0  patch-3.6.11-al5.patch
152
5de38a21b1217b13326a862c7b88f1da  grsecurity-2.9.1-3.6.11-al5-unofficial-0.patch
153
776adeeb5272093574f8836c5037dd7d  0004-arp-flush-arp-cache-on-device-change.patch
154
daf2cbb558588c49c138fe9ca2482b64  r8169-num-rx-desc.patch
155
d9b4a528e722d10ba53034ebd440c31b  ipv4-remove-output-route-check-in-ipv4_mtu.patch
156
44a37e1289e1056300574848aea8bd31  r8169-fix-vlan-tag-reordering.patch
157
2399192c10ba600a086a4c946f1b72f2  xsa43-pvops.patch
158
3c84d36165b43f0f0f0bdde77c6f68c0  5-5-xfrm4-Invalidate-all-ipv4-routes-on-IPsec-pmtu-events.patch
159
160
02ed0c981afbf6a1fc81d5fa9b44e7df  kernelconfig.x86
4927251c008b2c2bf5648d732ec63f9d  kernelconfig.x86_64"
161
162
sha256sums="4ab9a6ef1c1735713f9f659d67f92efa7c1dfbffb2a2ad544005b30f9791784f  linux-3.6.tar.xz
4bdc3822571a4a765bf6f347aad8b899730acef549ae4236813fd17f254f4327  patch-3.6.11.xz
163
79d754deced2d975efeeb316354bf1577266d30442c2243971a279a8d8fcb292  patch-3.6.11-al5.patch
164
d44e17a36af283c2cfe2d07dc4e0325a110ccf9d29253f605d7f6793d3166ce4  grsecurity-2.9.1-3.6.11-al5-unofficial-0.patch
165
166
167
168
169
e2d2d1503f53572c6a2e21da729a13a430dd01f510405ffb3a33b29208860bde  0004-arp-flush-arp-cache-on-device-change.patch
fdce1143aa10a48582b5bb9cf441b75c6f52701a61f28139970f3110a170fb97  r8169-num-rx-desc.patch
c3673636d7604b7b3df665acc0fc0153a76ac6b7f36bb931d235ea1132ac1852  ipv4-remove-output-route-check-in-ipv4_mtu.patch
7ba9b10b04197d3009ad3facabd0bdb2cab870fabcc841716efb1041412a20cd  r8169-fix-vlan-tag-reordering.patch
6efe83c9951dcba20f18095814d19089e19230c6876bbdab32cc2f1165bb07c8  xsa43-pvops.patch
170
ea006140f59d820c61996290434ca6a16f66e6b175e33488b36b650af3592787  5-5-xfrm4-Invalidate-all-ipv4-routes-on-IPsec-pmtu-events.patch
171
172
173
174
c4236fa6150c9cba98280aadc2daccd917410148e06d2231cc8c5370d1735577  kernelconfig.x86
3afefde6d92e1c41f6487c2279c5b707ef42ce42e4f7fe9e37d482c3e24ec3b1  kernelconfig.x86_64"
sha512sums="6e3354184d1799228a2d33b92e4a6b743cc24352b8ccc1fd487fab07ab97be2aa03ba87b8406a177581692db1fd40674fbd4e213a782cbe0a6a969b10c4c17a1  linux-3.6.tar.xz
08423f145ee7aef49f50d95032595ee79250135b6ecfa72f802502a277f215b63c4dc04ed149fe4ed7cdaa5ef063b8003b7f72f41d8417e45efbe7e30e621387  patch-3.6.11.xz
175
92cad1b250ce10af0424148c41c4da8d90370d65b9821bbcf8de215eedaef4b8c7bd54c4bbea4a83a557489c3af81bc482d810783febf9c4aaa3b9f20a64fd37  patch-3.6.11-al5.patch
176
5cefb9bf53bf99a0173a6e1037427d75a4d926b3d9c66fff38355007efa48a07ed6be3e6796537c9e068eb3ea09085d3cf86df5833238318d201c95ca3ed9583  grsecurity-2.9.1-3.6.11-al5-unofficial-0.patch
177
178
179
180
181
b6fdf376009f0f0f3fa194cb11be97343e4d394cf5d3547de6cfca8ad619c5bd3f60719331fd8cfadc47f09d22be8376ba5f871b46b24887ea73fe47e233a54e  0004-arp-flush-arp-cache-on-device-change.patch
d9c91b57415c7c3c365add35565f72ba6225e48212f55abb209e1f426902206543edefb9fc01715357e445b69222a6fb94c3469d701e465450919bad3c83d874  r8169-num-rx-desc.patch
fbbaa9c940f70823f5672db04b78de71233ecdda83d0cbeaeac941d732b0e3b18be38a0ed85d7bd03818114d00d9fe00935532968bee5b4673e8fadfda8c0281  ipv4-remove-output-route-check-in-ipv4_mtu.patch
958f5dfb57b6760e92d39027e8ec8d0abc2d99f6b40ef3c108fe90acfe00f3d5fdc2ccebddeffbf70794f6d7a394d985adf40808c2d4c8f7d0591c589b88bbbc  r8169-fix-vlan-tag-reordering.patch
383c00a2520f0e27a4e51ef4e499cd8dc33f75ef4d3d5eab22944126c41de20dccf563d1d05cd557cae4091167de78f44ec5bfb76e33f503b36b5e3d756fcaed  xsa43-pvops.patch
182
7016cdac82e9969636920e5e8accafcf7b160fb5afa2ce79fc43ee0b0591afe825f047efa18c7e7b0b310085298221a8b751ff1dd51eee940fa262f0b7054813  5-5-xfrm4-Invalidate-all-ipv4-routes-on-IPsec-pmtu-events.patch
183
184
065fff74ab7f885a45d98a1cd2bc5aaf6cb9a08d830297aaab54b512b7c90d692e37101810ee36a1f26e757990f763b664788a858b3ab40d0b4821205b9d3995  kernelconfig.x86
ba9a0b035a97089e51e0a0b723c69148866dabb4baf74c870a005350f7bfd789ab47595c7bc7e218de6d7479d16279cb906aee2ffeda9a6b141ad43ecc26dd4f  kernelconfig.x86_64"