APKBUILD 6.88 KB
Newer Older
1
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
2

3
_flavor=grsec
4
pkgname=linux-${_flavor}
5 6
pkgver=3.8.2
_kernver=3.8
7
pkgrel=3
8 9
pkgdesc="Linux kernel with grsecurity"
url=http://grsecurity.net
10
depends="mkinitfs linux-firmware"
11
makedepends="perl installkernel bash gmp-dev"
12
options="!strip"
13
_config=${config:-kernelconfig.${CARCH}}
14
install=
15
source="http://ftp.kernel.org/pub/linux/kernel/v3.x/linux-$_kernver.tar.xz
16
	http://ftp.kernel.org/pub/linux/kernel/v3.x/patch-$pkgver.xz
17
	grsecurity-2.9.1-3.8.2-201303111845.patch
18

19
	0004-arp-flush-arp-cache-on-device-change.patch
20
	usb-ehci-revert-remove-ass-pss-polling-timeout.patch
21
	Revert-ip_gre-make-ipgre_tunnel_xmit-not-parse-network-header-as-IP-unconditionally.patch
22

23
	kernelconfig.x86
24
	kernelconfig.x86_64
25
	"
26
subpackages="$pkgname-dev"
27
arch="x86 x86_64 arm"
28
license="GPL-2"
29

30
_abi_release=${pkgver}-${pkgrel}-${_flavor}
31

32
prepare() {
33
	local _patch_failed=
34
	cd "$srcdir"/linux-$_kernver
35 36
	if [ "${pkgver%.0}" = "$pkgver" ]; then
		msg "Applying patch-$pkgver.xz"
37
		unxz -c < "$srcdir"/patch-$pkgver.xz | patch -p1 -N || return 1
38 39
	fi

40 41 42 43 44
	# first apply patches in specified order
	for i in $source; do
		case $i in
		*.patch)
			msg "Applying $i..."
45 46 47 48
			if ! patch -s -p1 -N -i "$srcdir"/$i; then
				echo $i >>failed
				_patch_failed=1
			fi
49 50
			;;
		esac
51 52
	done

53 54 55 56 57 58
	if ! [ -z "$_patch_failed" ]; then
		error "The following patches failed:"
		cat failed
		return 1
	fi

59 60
	echo "-$pkgrel" > localversion-alpine

61
	mkdir -p "$srcdir"/build
62
	cp "$srcdir"/$_config "$srcdir"/build/.config || return 1
63
	make -C "$srcdir"/linux-$_kernver O="$srcdir"/build HOSTCC="${CC:-gcc}" \
64
		silentoldconfig
65 66 67 68
}

# this is so we can do: 'abuild menuconfig' to reconfigure kernel
menuconfig() {
69
	cd "$srcdir"/build || return 1
70 71 72 73 74 75
	make menuconfig
	cp .config "$startdir"/$_config
}

build() {
	cd "$srcdir"/build
76
	export GCC_SPECS=/usr/share/gcc/hardenednopie.specs
77
	make CC="${CC:-gcc}" \
78 79
		KBUILD_BUILD_VERSION="$((pkgrel + 1 ))-Alpine" \
		|| return 1
80
}
81

82 83
package() {
	cd "$srcdir"/build
84
	mkdir -p "$pkgdir"/boot "$pkgdir"/lib/modules
85
	make -j1 modules_install firmware_install install \
86
		INSTALL_MOD_PATH="$pkgdir" \
87 88
		INSTALL_PATH="$pkgdir"/boot \
		|| return 1
89

90 91
	rm -f "$pkgdir"/lib/modules/${_abi_release}/build \
		"$pkgdir"/lib/modules/${_abi_release}/source
92 93
	rm -rf "$pkgdir"/lib/firmware

94
	install -D include/config/kernel.release \
95
		"$pkgdir"/usr/share/kernel/$_flavor/kernel.release
96 97
}

98 99 100 101 102
dev() {
	# copy the only the parts that we really need for build 3rd party
	# kernel modules and install those as /usr/src/linux-headers,
	# simlar to what ubuntu does
	#
103
	# this way you dont need to install the 300-400 kernel sources to
104 105
	# build a tiny kernel module
	#
106
	pkgdesc="Headers and script for third party modules for grsec kernel"
107
	depends="gmp-dev bash"
108
	local dir="$subpkgdir"/usr/src/linux-headers-${_abi_release}
109

110
	# first we import config, run prepare to set up for building
111
	# external modules, and create the scripts
112
	mkdir -p "$dir"
113
	cp "$srcdir"/$_config "$dir"/.config
114
	make -j1 -C "$srcdir"/linux-$_kernver O="$dir" HOSTCC="${CC:-gcc}" \
115
		silentoldconfig prepare modules_prepare scripts 
116

117 118
	# remove the stuff that poits to real sources. we want 3rd party
	# modules to believe this is the soruces
119 120
	rm "$dir"/Makefile "$dir"/source

121 122
	# copy the needed stuff from real sources
	#
123
	# this is taken from ubuntu kernel build script
124
	# http://kernel.ubuntu.com/git?p=ubuntu/ubuntu-jaunty.git;a=blob;f=debian/rules.d/3-binary-indep.mk;hb=HEAD
125 126 127 128 129 130 131 132 133 134 135
	cd "$srcdir"/linux-$_kernver
	find . -path './include/*' -prune -o -path './scripts/*' -prune \
		-o -type f \( -name 'Makefile*' -o -name 'Kconfig*' \
		-o -name 'Kbuild*' -o -name '*.sh' -o -name '*.pl' \
		-o -name '*.lds' \) | cpio -pdm "$dir"
	cp -a drivers/media/dvb/dvb-core/*.h "$dir"/drivers/media/dvb/dvb-core
	cp -a drivers/media/video/*.h "$dir"/drivers/media/video
	cp -a drivers/media/dvb/frontends/*.h "$dir"/drivers/media/dvb/frontends
	cp -a scripts include "$dir"
	find $(find arch -name include -type d -print) -type f \
		| cpio -pdm "$dir"
136 137 138

	install -Dm644 "$srcdir"/build/Module.symvers \
		"$dir"/Module.symvers
139 140 141 142

	mkdir -p "$subpkgdir"/lib/modules/${_abi_release}
	ln -sf /usr/src/linux-headers-${_abi_release} \
		"$subpkgdir"/lib/modules/${_abi_release}/build
143 144
}

145 146
md5sums="1c738edfc54e7c65faeb90c436104e2f  linux-3.8.tar.xz
e282fcff76e975e121e0636018e31a56  patch-3.8.2.xz
147
1bd92bea4325cafd07daa470810f1ea3  grsecurity-2.9.1-3.8.2-201303111845.patch
148
776adeeb5272093574f8836c5037dd7d  0004-arp-flush-arp-cache-on-device-change.patch
149
eb332f6769f785a1c6b54b1f49ffd01a  usb-ehci-revert-remove-ass-pss-polling-timeout.patch
150 151 152
dc52c70012b707fa8ebbfe9222960b1f  Revert-ip_gre-make-ipgre_tunnel_xmit-not-parse-network-header-as-IP-unconditionally.patch
2ae3dad7ae18b1d6aca01c433be78bf7  kernelconfig.x86
d9ae40bc906e3ab1968ce784d879419e  kernelconfig.x86_64"
153 154
sha256sums="e070d1bdfbded5676a4f374721c63565f1c969466c5a3e214004a136b583184b  linux-3.8.tar.xz
2bd1a39db4608a03250bfef11d3b7894ab1f0ebcb5316bafeeed23535822fd9c  patch-3.8.2.xz
155
c969b85daf641db52925344b66527d92395b50011c17b889cea36ce753e0f7a0  grsecurity-2.9.1-3.8.2-201303111845.patch
156
e2d2d1503f53572c6a2e21da729a13a430dd01f510405ffb3a33b29208860bde  0004-arp-flush-arp-cache-on-device-change.patch
157
949393b84740cfe8a0d72d391ca2a89d24aa425df27c031f121fec7f7f331eed  usb-ehci-revert-remove-ass-pss-polling-timeout.patch
158 159 160
82687b6a369370359bab20fcd00e7e6ca55221d9777843d6df857f7e808d9916  Revert-ip_gre-make-ipgre_tunnel_xmit-not-parse-network-header-as-IP-unconditionally.patch
07357ba122b72516fa8add2e549bc65fddb10df85a91a6f1a1f7db2f62eb4b98  kernelconfig.x86
ce5b69db73b452985d41aab188f1f5bf73c6b1ab633c264d72ba9289fe5e91cd  kernelconfig.x86_64"
161 162
sha512sums="10a7983391af907d8aec72bdb096d1cabd4911985715e9ea13d35ff09095c035db15d4ab08b92eda7c10026cc27348cb9728c212335f7fcdcda7c610856ec30f  linux-3.8.tar.xz
752a122646261461da9238feeacc61ab787bea9999f066b056226387ce718da57592e536eb1c6aa28b949f0a7ad1fa97cc97204fdc3e8f3939d9b0d3b9517d03  patch-3.8.2.xz
163
faff701455d4985cc7c54e4b41cb87a44382b567c5adaa0ffa5182c0e4a629660b08715205f982d668f12697550da8ce6ea07da4636d60789e8fc1833cce084a  grsecurity-2.9.1-3.8.2-201303111845.patch
164
b6fdf376009f0f0f3fa194cb11be97343e4d394cf5d3547de6cfca8ad619c5bd3f60719331fd8cfadc47f09d22be8376ba5f871b46b24887ea73fe47e233a54e  0004-arp-flush-arp-cache-on-device-change.patch
165
bb4576df6b5e029747975f5ed9d04c807d1bfd5e73f5418375f164a03342c15b2ca918e68bb6ff5bd0dc2fa8364e022aee18b254528210d2e24f8e06e6521609  usb-ehci-revert-remove-ass-pss-polling-timeout.patch
166 167 168
86658aab1274eb7b273dc13473e3bd21d2c8cc8253002adf175dd0e0fd3b407c0ec85546f018597bbf5ad1b47b426a03c3be7b7a5d19991c46c7bd5afddf9929  Revert-ip_gre-make-ipgre_tunnel_xmit-not-parse-network-header-as-IP-unconditionally.patch
cd55284606d7d6e4e643a35638e3f4db547c9eb23e5e030d7c722df24910e57749a21af245f9eee82f08daf3b3563ed6b366759cffd42e7d8926ca14a4f60b4e  kernelconfig.x86
88cce5dc8ec880b8ff48ea6f6dc5d41957717c4057e13bbfed75c921ad7a6061591ce23cce69f4c9816f56cafa59114bb8454a3d7d552fccd8eb3ddb81fe3e2c  kernelconfig.x86_64"