APKBUILD 7.29 KB
Newer Older
1
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
2

3
_flavor=grsec
4
pkgname=linux-${_flavor}
5
pkgver=3.18.11
6 7 8 9
case $pkgver in
*.*.*)	_kernver=${pkgver%.*};;
*.*)	_kernver=${pkgver};;
esac
10
pkgrel=1
11 12
pkgdesc="Linux kernel with grsecurity"
url=http://grsecurity.net
13
depends="mkinitfs linux-firmware"
14
makedepends="perl sed installkernel bash gmp-dev bc linux-headers"
15
options="!strip"
Natanael Copa's avatar
Natanael Copa committed
16
_config=${config:-kernelconfig.${CARCH}}
17
install=
18
source="http://ftp.kernel.org/pub/linux/kernel/v3.x/linux-$_kernver.tar.xz
19
	http://ftp.kernel.org/pub/linux/kernel/v3.x/patch-$pkgver.xz
20
	http://dev.alpinelinux.org/~tteras/grsec/grsecurity-3.1-3.18.11-201504051405-alpine.patch
21

22
	fix-memory-map-for-PIE-applications.patch
23
	fix-spi-nor-namespace-clash.patch
24
	imx6q-no-unclocked-sleep.patch
25

26
	kernelconfig.x86
27
	kernelconfig.x86_64
28
	kernelconfig.armhf
29
	"
30
subpackages="$pkgname-dev"
31
arch="x86 x86_64 armhf"
32
license="GPL-2"
Natanael Copa's avatar
Natanael Copa committed
33

34
_abi_release=${pkgver}-${pkgrel}-${_flavor}
35

36
prepare() {
37
	local _patch_failed=
38
	cd "$srcdir"/linux-$_kernver
39 40
	if [ "${pkgver%.0}" = "$pkgver" ]; then
		msg "Applying patch-$pkgver.xz"
41
		unxz -c < "$srcdir"/patch-$pkgver.xz | patch -p1 -N || return 1
42 43
	fi

44 45 46 47 48
	# first apply patches in specified order
	for i in $source; do
		case $i in
		*.patch)
			msg "Applying $i..."
49
			if ! patch -s -p1 -N -i "$srcdir"/${i##*/}; then
50 51 52
				echo $i >>failed
				_patch_failed=1
			fi
53 54
			;;
		esac
55 56
	done

57 58 59 60 61 62
	if ! [ -z "$_patch_failed" ]; then
		error "The following patches failed:"
		cat failed
		return 1
	fi

63 64
	rm -f localversion*
	echo "-$pkgrel-$_flavor" > localversion-alpine
65

66
	mkdir -p "$srcdir"/build
67
	cp "$srcdir"/$_config "$srcdir"/build/.config || return 1
68
	make -C "$srcdir"/linux-$_kernver O="$srcdir"/build HOSTCC="${CC:-gcc}" \
69
		silentoldconfig
70 71 72 73
}

# this is so we can do: 'abuild menuconfig' to reconfigure kernel
menuconfig() {
74
	cd "$srcdir"/build || return 1
75 76 77 78 79 80
	make menuconfig
	cp .config "$startdir"/$_config
}

build() {
	cd "$srcdir"/build
81
	export GCC_SPECS=hardenednopie.specs
82
	make CC="${CC:-gcc}" \
83 84
		KBUILD_BUILD_VERSION="$((pkgrel + 1 ))-Alpine" \
		|| return 1
85
}
Natanael Copa's avatar
Natanael Copa committed
86

87 88
package() {
	cd "$srcdir"/build
89

90
	mkdir -p "$pkgdir"/boot "$pkgdir"/lib/modules
91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108

	local _install
	case "$CARCH" in
	arm*)
		local _dtbdir="$pkgdir"/usr/lib/linux-${_abi_release}
		mkdir -p "$_dtbdir"
		for i in arch/arm/boot/dts/*.dtb ; do
			install -m644 "$i" "$_dtbdir"
		done

		_install=zinstall
		;;
	*)
		_install=install
		;;
	esac

	make -j1 modules_install firmware_install $_install \
109
		INSTALL_MOD_PATH="$pkgdir" \
110 111
		INSTALL_PATH="$pkgdir"/boot \
		|| return 1
112

113 114
	rm -f "$pkgdir"/lib/modules/${_abi_release}/build \
		"$pkgdir"/lib/modules/${_abi_release}/source
115 116
	rm -rf "$pkgdir"/lib/firmware

117
	install -D include/config/kernel.release \
118
		"$pkgdir"/usr/share/kernel/$_flavor/kernel.release
Natanael Copa's avatar
Natanael Copa committed
119 120
}

121 122 123 124 125
dev() {
	# copy the only the parts that we really need for build 3rd party
	# kernel modules and install those as /usr/src/linux-headers,
	# simlar to what ubuntu does
	#
126
	# this way you dont need to install the 300-400 kernel sources to
127 128
	# build a tiny kernel module
	#
129
	pkgdesc="Headers and script for third party modules for grsec kernel"
130
	depends="gmp-dev bash"
131
	local dir="$subpkgdir"/usr/src/linux-headers-${_abi_release}
132

133
	# first we import config, run prepare to set up for building
134
	# external modules, and create the scripts
135
	mkdir -p "$dir"
136
	cp "$srcdir"/$_config "$dir"/.config
137
	make -j1 -C "$srcdir"/linux-$_kernver O="$dir" HOSTCC="${CC:-gcc}" \
138
		silentoldconfig prepare modules_prepare scripts
139

140 141
	# remove the stuff that poits to real sources. we want 3rd party
	# modules to believe this is the soruces
142 143
	rm "$dir"/Makefile "$dir"/source

144 145
	# copy the needed stuff from real sources
	#
146
	# this is taken from ubuntu kernel build script
147
	# http://kernel.ubuntu.com/git?p=ubuntu/ubuntu-jaunty.git;a=blob;f=debian/rules.d/3-binary-indep.mk;hb=HEAD
148 149 150 151 152 153 154 155 156 157 158
	cd "$srcdir"/linux-$_kernver
	find . -path './include/*' -prune -o -path './scripts/*' -prune \
		-o -type f \( -name 'Makefile*' -o -name 'Kconfig*' \
		-o -name 'Kbuild*' -o -name '*.sh' -o -name '*.pl' \
		-o -name '*.lds' \) | cpio -pdm "$dir"
	cp -a drivers/media/dvb/dvb-core/*.h "$dir"/drivers/media/dvb/dvb-core
	cp -a drivers/media/video/*.h "$dir"/drivers/media/video
	cp -a drivers/media/dvb/frontends/*.h "$dir"/drivers/media/dvb/frontends
	cp -a scripts include "$dir"
	find $(find arch -name include -type d -print) -type f \
		| cpio -pdm "$dir"
159 160 161

	install -Dm644 "$srcdir"/build/Module.symvers \
		"$dir"/Module.symvers
162 163 164 165

	mkdir -p "$subpkgdir"/lib/modules/${_abi_release}
	ln -sf /usr/src/linux-headers-${_abi_release} \
		"$subpkgdir"/lib/modules/${_abi_release}/build
166 167
}

168 169 170
md5sums="9e854df51ca3fef8bfe566dbd7b89241  linux-3.18.tar.xz
ac5c93edbc9385793ccc33f4ced85950  patch-3.18.11.xz
65f35409fb43e0dbceb991e4e35464d9  grsecurity-3.1-3.18.11-201504051405-alpine.patch
171
c6a4ae7e8ca6159e1631545515805216  fix-memory-map-for-PIE-applications.patch
172
b0337a2a9abed17c37eae5db332522d2  fix-spi-nor-namespace-clash.patch
173
1a307fc1d63231bf01d22493a4f14378  imx6q-no-unclocked-sleep.patch
174 175
d487c7dd7e28a7698367ff714b68bd67  kernelconfig.x86
688dd08f9922f808fc8ace62aa199ab7  kernelconfig.x86_64
176
b76320f7372e32f37e4f528922942aad  kernelconfig.armhf"
177 178 179
sha256sums="becc413cc9e6d7f5cc52a3ce66d65c3725bc1d1cc1001f4ce6c32b69eb188cbd  linux-3.18.tar.xz
e4c44f887f507b2470a5c2f1c286a38fec6e84c4d433c929981abab7b83f80d5  patch-3.18.11.xz
02b84adad6299db774013728dc4cffb95b31903b209c78fa88dcf8b1f60a0469  grsecurity-3.1-3.18.11-201504051405-alpine.patch
180
500f3577310be52e87b9fecdc2e9c4ca43210fd97d69089f9005d484563f74c7  fix-memory-map-for-PIE-applications.patch
181
01279cfb93273d99670c56e2465957ecde3d03693beeb929a743f03afa0b7bdc  fix-spi-nor-namespace-clash.patch
182
21179fbb22a5b74af0a609350ae1a170e232908572b201d02e791d2ce0a685d3  imx6q-no-unclocked-sleep.patch
183 184
3cdcbad352ac4e76e8802c6860fc87a168219bfbe3e2d5d475fb4171aaa5fd94  kernelconfig.x86
519a8c925216feeeaea2b2524297b07a2eab8f05e92d7506ced5d5e0ce60246b  kernelconfig.x86_64
185
1728a69d2dd8176eb6c491d728f17a6a157d2e329e09523c7c1931533e835ea6  kernelconfig.armhf"
186 187 188
sha512sums="2f0b72466e9bc538a675738aa416573d41bbbd7e3e2ffd5b5b127afde609ebc278cec5a3c37e73479607e957c13f1b4ed9782a3795e0dcc2cf8e550228594009  linux-3.18.tar.xz
cc4ac5d341ca4e9d71ef1ba45a839b18947e3e7ffdc7f7efe2c211c95483518a1983bc3637edd607e0631f14c1cc9bfb9164926261d2cf5c2bb2eb91206f43b9  patch-3.18.11.xz
0b9b265b5b633d99eef1adf0e8284e72ee9355d6348835b15bfb8661caf96ac82d37593ef3658a0ccd47b64520195bf6c93840c1edcbc92f8ef00a8524a08e4b  grsecurity-3.1-3.18.11-201504051405-alpine.patch
189
4665c56ae1bbac311f9205d64918e84ee8b01d47d6e2396ff6b8adfb10aada7f7254531ce62e31edbb65c2a54a830f09ad05d314dfcd75d6272f4068945ad7c7  fix-memory-map-for-PIE-applications.patch
190
4e3aeb70712f9838afea75fe9e6c1389414d833a89286ea55441d6a8d54ce74b0e39b565721e3153443af0a614bff57c767251b7e5b81faa5e0784eddfcd2164  fix-spi-nor-namespace-clash.patch
191
87d1ad59732f265a5b0db54490dc1762c14ea4b868e7eb1aedc3ce57b48046de7bbc08cf5cfcf6f1380fa84063b0edb16ba3d5e3c5670be9bbb229275c88b221  imx6q-no-unclocked-sleep.patch
192 193
fcc7c293643b543b594f0a8c039a779101f0b131c89303adffb69cfe33a88ba65bb0a25dfcf64a59cf69621320cf5c39c92144d81e4f8edd86c8b285eed8d0a7  kernelconfig.x86
056e84168b72a61b71447a4e601c356baa2215496344a2771f7fe38680288a22230730ac44c9f454dbcc8ab0b2a48c6dc3a7072bca3e50bed94e44cbe513e30e  kernelconfig.x86_64
194
001c1db7b95e9d024d49310df69ff68186e5aed04bb4643af4e29ffd0c8c43cc45316ecde6e6d92bdf5980804b650bd7cdc0793a50c78f3adfa98d30edc4380f  kernelconfig.armhf"