mirror of
https://gitlab.alpinelinux.org/alpine/aports.git
synced 2025-12-29 21:32:22 +01:00
243 lines
8.3 KiB
Plaintext
243 lines
8.3 KiB
Plaintext
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
|
|
|
|
_mainflavor=grsec
|
|
pkgname=linux-$_mainflavor
|
|
pkgver=4.4.8
|
|
case $pkgver in
|
|
*.*.*) _kernver=${pkgver%.*};;
|
|
*.*) _kernver=${pkgver};;
|
|
esac
|
|
pkgrel=1
|
|
pkgdesc="Linux kernel with grsecurity"
|
|
url=http://grsecurity.net
|
|
depends="mkinitfs"
|
|
makedepends="perl sed installkernel bash gmp-dev bc linux-headers mpfr-dev
|
|
mpc1-dev"
|
|
options="!strip"
|
|
install=
|
|
source="http://ftp.kernel.org/pub/linux/kernel/v4.x/linux-$_kernver.tar.xz
|
|
http://ftp.kernel.org/pub/linux/kernel/v4.x/patch-$pkgver.xz
|
|
https://raw.githubusercontent.com/slashbeast/grsecurity-scrape/master/test/grsecurity-3.1-4.4.8-201604252206.patch
|
|
|
|
fix-spi-nor-namespace-clash.patch
|
|
imx6q-no-unclocked-sleep.patch
|
|
|
|
config-grsec.x86
|
|
config-grsec.x86_64
|
|
config-grsec.armhf
|
|
|
|
config-virtgrsec.x86
|
|
config-virtgrsec.x86_64
|
|
"
|
|
subpackages="$pkgname-dev linux-virtgrsec-dev"
|
|
_flavors=
|
|
for _i in $source; do
|
|
case $_i in
|
|
config-*.$CARCH)
|
|
_f=${_i%.$CARCH}
|
|
_f=${_f#config-}
|
|
_flavors="$_flavors ${_f}"
|
|
if [ "linux-$_f" != "$pkgname" ]; then
|
|
subpackages="$subpackages linux-${_f}"
|
|
fi
|
|
;;
|
|
esac
|
|
done
|
|
|
|
arch="x86 x86_64 armhf"
|
|
license="GPL2"
|
|
|
|
prepare() {
|
|
local _patch_failed=
|
|
cd "$srcdir"/linux-$_kernver
|
|
if [ "${pkgver%.0}" = "$pkgver" ]; then
|
|
msg "Applying patch-$pkgver.xz"
|
|
unxz -c < "$srcdir"/patch-$pkgver.xz | patch -p1 -N || return 1
|
|
fi
|
|
|
|
# first apply patches in specified order
|
|
for i in $source; do
|
|
local file=${i%::*}
|
|
case $file in
|
|
*.patch)
|
|
msg "Applying $file..."
|
|
if ! patch -s -p1 -N -i "$srcdir"/${file##*/}; then
|
|
echo $file >>failed
|
|
_patch_failed=1
|
|
fi
|
|
;;
|
|
esac
|
|
done
|
|
|
|
if ! [ -z "$_patch_failed" ]; then
|
|
error "The following patches failed:"
|
|
cat failed
|
|
return 1
|
|
fi
|
|
|
|
# remove localversion from patch if any
|
|
rm -f localversion*
|
|
|
|
for i in $_flavors; do
|
|
local _config=config-$i.${CARCH}
|
|
local _builddir="$srcdir"/build-$i
|
|
mkdir -p "$_builddir"
|
|
echo "-$pkgrel-$i" > "$srcdir"/build-$i/localversion-alpine \
|
|
|| return 1
|
|
|
|
cp "$srcdir"/$_config "$_builddir"/.config || return 1
|
|
make -C "$srcdir"/linux-$_kernver \
|
|
O="$_builddir" \
|
|
HOSTCC="${CC:-gcc}" \
|
|
silentoldconfig || return 1
|
|
done
|
|
}
|
|
|
|
build() {
|
|
export GCC_SPECS=hardenednopie.specs
|
|
for i in $_flavors; do
|
|
cd "$srcdir"/build-$i
|
|
make CC="${CC:-gcc}" \
|
|
KBUILD_BUILD_VERSION="$((pkgrel + 1 ))-Alpine" \
|
|
|| return 1
|
|
done
|
|
}
|
|
|
|
_package() {
|
|
local _buildflavor="$1" _outdir="$2"
|
|
local _abi_release=${pkgver}-${pkgrel}-${_buildflavor}
|
|
|
|
cd "$srcdir"/build-$_buildflavor || return 1
|
|
|
|
mkdir -p "$_outdir"/boot "$_outdir"/lib/modules
|
|
|
|
local _install
|
|
case "$CARCH" in
|
|
arm*)
|
|
local _dtbdir="$_outdir"/usr/lib/linux-${_abi_release}
|
|
mkdir -p "$_dtbdir"
|
|
for i in arch/arm/boot/dts/*.dtb ; do
|
|
install -m644 "$i" "$_dtbdir"
|
|
done
|
|
|
|
_install=zinstall
|
|
;;
|
|
*)
|
|
_install=install
|
|
;;
|
|
esac
|
|
|
|
make -j1 modules_install firmware_install $_install \
|
|
INSTALL_MOD_PATH="$_outdir" \
|
|
INSTALL_PATH="$_outdir"/boot \
|
|
|| return 1
|
|
|
|
rm -f "$_outdir"/lib/modules/${_abi_release}/build \
|
|
"$_outdir"/lib/modules/${_abi_release}/source
|
|
rm -rf "$_outdir"/lib/firmware
|
|
|
|
install -D include/config/kernel.release \
|
|
"$_outdir"/usr/share/kernel/$_buildflavor/kernel.release
|
|
}
|
|
|
|
# main flavor installs in $pkgdir
|
|
package() {
|
|
depends="$depends linux-firmware"
|
|
_package grsec "$pkgdir"
|
|
}
|
|
|
|
# subflavors install in $subpkgdir
|
|
virtgrsec() {
|
|
_package virtgrsec "$subpkgdir"
|
|
}
|
|
|
|
_dev() {
|
|
local _flavor="$1"
|
|
local _abi_release=${pkgver}-${pkgrel}-$_flavor
|
|
# copy the only the parts that we really need for build 3rd party
|
|
# kernel modules and install those as /usr/src/linux-headers,
|
|
# simlar to what ubuntu does
|
|
#
|
|
# this way you dont need to install the 300-400 kernel sources to
|
|
# build a tiny kernel module
|
|
#
|
|
pkgdesc="Headers and script for third party modules for $_flavor kernel"
|
|
depends="gmp-dev bash"
|
|
local dir="$subpkgdir"/usr/src/linux-headers-${_abi_release}
|
|
|
|
# first we import config, run prepare to set up for building
|
|
# external modules, and create the scripts
|
|
mkdir -p "$dir"
|
|
cp "$srcdir"/config-$_flavor.${CARCH} "$dir"/.config
|
|
echo "-$pkgrel-$_flavor" > "$dir"/localversion-alpine \
|
|
|| return 1
|
|
make -j1 -C "$srcdir"/linux-$_kernver O="$dir" HOSTCC="${CC:-gcc}" \
|
|
silentoldconfig prepare modules_prepare scripts
|
|
|
|
# remove the stuff that poits to real sources. we want 3rd party
|
|
# modules to believe this is the soruces
|
|
rm "$dir"/Makefile "$dir"/source
|
|
|
|
# copy the needed stuff from real sources
|
|
#
|
|
# this is taken from ubuntu kernel build script
|
|
# http://kernel.ubuntu.com/git?p=ubuntu/ubuntu-jaunty.git;a=blob;f=debian/rules.d/3-binary-indep.mk;hb=HEAD
|
|
cd "$srcdir"/linux-$_kernver
|
|
find . -path './include/*' -prune -o -path './scripts/*' -prune \
|
|
-o -type f \( -name 'Makefile*' -o -name 'Kconfig*' \
|
|
-o -name 'Kbuild*' -o -name '*.sh' -o -name '*.pl' \
|
|
-o -name '*.lds' \) | cpio -pdm "$dir"
|
|
cp -a drivers/media/dvb/dvb-core/*.h "$dir"/drivers/media/dvb/dvb-core
|
|
cp -a drivers/media/video/*.h "$dir"/drivers/media/video
|
|
cp -a drivers/media/dvb/frontends/*.h "$dir"/drivers/media/dvb/frontends
|
|
cp -a scripts include "$dir"
|
|
find $(find arch -name include -type d -print) -type f \
|
|
| cpio -pdm "$dir"
|
|
|
|
install -Dm644 "$srcdir"/build-$_flavor/Module.symvers \
|
|
"$dir"/Module.symvers
|
|
|
|
mkdir -p "$subpkgdir"/lib/modules/${_abi_release}
|
|
ln -sf /usr/src/linux-headers-${_abi_release} \
|
|
"$subpkgdir"/lib/modules/${_abi_release}/build
|
|
}
|
|
|
|
dev() {
|
|
_dev grsec
|
|
}
|
|
|
|
virtgrsec_dev() {
|
|
_dev virtgrsec
|
|
}
|
|
|
|
md5sums="9a78fa2eb6c68ca5a40ed5af08142599 linux-4.4.tar.xz
|
|
c1d8f46e5b2ee7c925fc38f20a3726d3 patch-4.4.8.xz
|
|
c2a6b88b18bc5b54d0d7122a1c692060 grsecurity-3.1-4.4.8-201604252206.patch
|
|
c32f1d7517a095a2645fc1c7dec5db8f fix-spi-nor-namespace-clash.patch
|
|
b11c29ee88f7f537973191036d48bee7 imx6q-no-unclocked-sleep.patch
|
|
af91f128ddf9407bb212cbaebca79354 config-grsec.x86
|
|
503656217c0cfb0c481b3804285f0166 config-grsec.x86_64
|
|
a453b5ddc5ce5b1ed487747ae785d615 config-grsec.armhf
|
|
ff753181afb1538d9d3d14fe65f834c8 config-virtgrsec.x86
|
|
807a5cc9253c26d96243cc3188f7ea8c config-virtgrsec.x86_64"
|
|
sha256sums="401d7c8fef594999a460d10c72c5a94e9c2e1022f16795ec51746b0d165418b2 linux-4.4.tar.xz
|
|
11ec99ae0600bd831ff8d71b77e64592f4b6918b7857fd9ff0284ea4cf267b4e patch-4.4.8.xz
|
|
b631b75cf38e08409812e9869f3a8b5b5b5085ba32ab62fd4c03d803f652a57f grsecurity-3.1-4.4.8-201604252206.patch
|
|
b8ce28c61663dbd92f7e1c862c042c88c4d0459ce15f6e6ea121e20705b66212 fix-spi-nor-namespace-clash.patch
|
|
7e8a954750139a421a76e414e19a3b57645c9ec70e6c14a6b7708a3fa0cfd5e4 imx6q-no-unclocked-sleep.patch
|
|
c247a003fb358f611d801277f89a13393d1620ad804553ada97433ef52a7706b config-grsec.x86
|
|
d2b771f67eecad71745956dc0dea40fc702f39e4caee195b11877307d5ab2622 config-grsec.x86_64
|
|
ac8407f225ff6cb6be9ccd69729262241e61455f816cdea3070e30ddf453f7db config-grsec.armhf
|
|
8b4a1927b831e94f65ec1b08f9e3bf3f64cea1e6e85e3b6b3dc1a8796e0f206d config-virtgrsec.x86
|
|
5d46d80c811d6d321569f3f4550769cd4f68b46b8fa5406e7b0f350e00eec1a6 config-virtgrsec.x86_64"
|
|
sha512sums="13c8459933a8b80608e226a1398e3d1848352ace84bcfb7e6a4a33cb230bbe1ab719d4b58e067283df91ce5311be6d2d595fc8c19e2ae6ecc652499415614b3e linux-4.4.tar.xz
|
|
d53d6950bc121107fecec91b4cd33473b0b18e7188bd387cd02f3ab4ece0f7dc6f1530ad9b7a44655afb7d823fb94ad8d8710902367c9b12911eb2247a12f2c7 patch-4.4.8.xz
|
|
49ec328ec1a5232af1f370101a64d9b7021bd2cb7744b3db181311d6aa4886ba1ef36457fbf22b97b21b0ad313fbea780c9441778e4d5bb9f8deae76dd6e499d grsecurity-3.1-4.4.8-201604252206.patch
|
|
410fe7dae27cb4998d17a441a5b2a19dd350636ead2de97d4ef5317501d9e82e2550bfca0f022c9be6296907c076c381e1e13060d1900ff26ee7d47f234fb104 fix-spi-nor-namespace-clash.patch
|
|
9980eb10f529bc5ce482ab0a0037febbc982b528c3e4d02fc4547e6dd45dc529a7b1711d0c89f942b1ae27842c3794b68a6b8959ef80f6fd00183d3a591cea07 imx6q-no-unclocked-sleep.patch
|
|
d7cb2b8600bd95c25aba5fc21f27a89eb1257d003c6e98bc81989a6027536c15c4c4abbcdc16fadd84383d3e29c6814ddf0c4f8524b53b69eed8763cc2c14e92 config-grsec.x86
|
|
900d18cb27b99ca91cb48fa8fc27a74f1b700eb826ef26fcfa18a379e9b7521ddac65edc57757de766e76d1c576a4d6e80a6778afc3c34394b165ab9a707cba0 config-grsec.x86_64
|
|
97de0656bbf99b66431587fda8c914aa08950c1865de018ed7a1b5f99b98f91e2e935d2341dbab44af1ca8c2370953fbbeca58c00e201f97e1b15bbec41d52d6 config-grsec.armhf
|
|
fdfdb0600ac79a08d1cd3bd54a70e0bb6ba714f9b1680336d51b64a8a007abae15adb3ce4f94ffc76f0744c4a8ffe553d0cc9a15c3e4e1629935ce50a533e798 config-virtgrsec.x86
|
|
815498782a00d2d3137390961dbf7bd2c0f06f110a4e593418b7edb5497a543a0ace225509cda90af6dd6ec1e9e4584c7a602fabd03e274bc29f27e176e5bb45 config-virtgrsec.x86_64"
|