blob: 5c67e02ba6e4a3bf7aef29be180e3141887cc3ef (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
|
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
_flavor=grsec
pkgname=linux-${_flavor}
pkgver=3.6.11
_kernver=3.6
pkgrel=16
_al=5
pkgdesc="Linux kernel with grsecurity"
url=http://grsecurity.net
depends="mkinitfs linux-firmware"
makedepends="perl installkernel bash gmp-dev"
options="!strip"
_config=${config:-kernelconfig.${CARCH}}
install=
source="http://ftp.kernel.org/pub/linux/kernel/v3.x/linux-$_kernver.tar.xz
http://ftp.kernel.org/pub/linux/kernel/v3.x/patch-$pkgver.xz
patch-3.6.11-al${_al}.patch
grsecurity-2.9.1-3.6.11-al${_al}-unofficial-0.patch
0004-arp-flush-arp-cache-on-device-change.patch
r8169-num-rx-desc.patch
ipv4-remove-output-route-check-in-ipv4_mtu.patch
r8169-fix-vlan-tag-reordering.patch
xsa43-pvops.patch
5-5-xfrm4-Invalidate-all-ipv4-routes-on-IPsec-pmtu-events.patch
kernelconfig.x86
kernelconfig.x86_64
"
subpackages="$pkgname-dev"
arch="x86 x86_64 arm"
license="GPL-2"
_abi_release=${pkgver}-${_flavor}
prepare() {
local _patch_failed=
cd "$srcdir"/linux-$_kernver
if [ "${pkgver%.0}" = "$pkgver" ]; then
msg "Applying patch-$pkgver.xz"
unxz -c < "$srcdir"/patch-$pkgver.xz | patch -p1 -N || return 1
fi
# first apply patches in specified order
for i in $source; do
case $i in
*.patch)
msg "Applying $i..."
if ! patch -s -p1 -N -i "$srcdir"/$i; then
echo $i >>failed
_patch_failed=1
fi
;;
esac
done
if ! [ -z "$_patch_failed" ]; then
error "The following patches failed:"
cat failed
return 1
fi
mkdir -p "$srcdir"/build
cp "$srcdir"/$_config "$srcdir"/build/.config || return 1
make -C "$srcdir"/linux-$_kernver O="$srcdir"/build HOSTCC="${CC:-gcc}" \
silentoldconfig
}
# this is so we can do: 'abuild menuconfig' to reconfigure kernel
menuconfig() {
cd "$srcdir"/build || return 1
make menuconfig
cp .config "$startdir"/$_config
}
build() {
cd "$srcdir"/build
export GCC_SPECS=/usr/share/gcc/hardenednopie.specs
make CC="${CC:-gcc}" \
KBUILD_BUILD_VERSION="$((pkgrel + 1 ))-Alpine" \
|| return 1
}
package() {
cd "$srcdir"/build
mkdir -p "$pkgdir"/boot "$pkgdir"/lib/modules
make -j1 modules_install firmware_install install \
INSTALL_MOD_PATH="$pkgdir" \
INSTALL_PATH="$pkgdir"/boot \
|| return 1
rm -f "$pkgdir"/lib/modules/${_abi_release}/build \
"$pkgdir"/lib/modules/${_abi_release}/source
rm -rf "$pkgdir"/lib/firmware
install -D include/config/kernel.release \
"$pkgdir"/usr/share/kernel/$_flavor/kernel.release
}
dev() {
# copy the only the parts that we really need for build 3rd party
# kernel modules and install those as /usr/src/linux-headers,
# simlar to what ubuntu does
#
# this way you dont need to install the 300-400 kernel sources to
# build a tiny kernel module
#
pkgdesc="Headers and script for third party modules for grsec kernel"
depends="gmp-dev bash"
local dir="$subpkgdir"/usr/src/linux-headers-${_abi_release}
# first we import config, run prepare to set up for building
# external modules, and create the scripts
mkdir -p "$dir"
cp "$srcdir"/$_config "$dir"/.config
make -j1 -C "$srcdir"/linux-$_kernver O="$dir" HOSTCC="${CC:-gcc}" \
silentoldconfig prepare modules_prepare scripts
# remove the stuff that poits to real sources. we want 3rd party
# modules to believe this is the soruces
rm "$dir"/Makefile "$dir"/source
# copy the needed stuff from real sources
#
# this is taken from ubuntu kernel build script
# http://kernel.ubuntu.com/git?p=ubuntu/ubuntu-jaunty.git;a=blob;f=debian/rules.d/3-binary-indep.mk;hb=HEAD
cd "$srcdir"/linux-$_kernver
find . -path './include/*' -prune -o -path './scripts/*' -prune \
-o -type f \( -name 'Makefile*' -o -name 'Kconfig*' \
-o -name 'Kbuild*' -o -name '*.sh' -o -name '*.pl' \
-o -name '*.lds' \) | cpio -pdm "$dir"
cp -a drivers/media/dvb/dvb-core/*.h "$dir"/drivers/media/dvb/dvb-core
cp -a drivers/media/video/*.h "$dir"/drivers/media/video
cp -a drivers/media/dvb/frontends/*.h "$dir"/drivers/media/dvb/frontends
cp -a scripts include "$dir"
find $(find arch -name include -type d -print) -type f \
| cpio -pdm "$dir"
install -Dm644 "$srcdir"/build/Module.symvers \
"$dir"/Module.symvers
mkdir -p "$subpkgdir"/lib/modules/${_abi_release}
ln -sf /usr/src/linux-headers-${_abi_release} \
"$subpkgdir"/lib/modules/${_abi_release}/build
}
md5sums="1a1760420eac802c541a20ab51a093d1 linux-3.6.tar.xz
bd4bba74093405887d521309a74c19e9 patch-3.6.11.xz
bc5dd29ae16718a7bdf3241313999122 patch-3.6.11-al5.patch
5de38a21b1217b13326a862c7b88f1da grsecurity-2.9.1-3.6.11-al5-unofficial-0.patch
776adeeb5272093574f8836c5037dd7d 0004-arp-flush-arp-cache-on-device-change.patch
daf2cbb558588c49c138fe9ca2482b64 r8169-num-rx-desc.patch
d9b4a528e722d10ba53034ebd440c31b ipv4-remove-output-route-check-in-ipv4_mtu.patch
44a37e1289e1056300574848aea8bd31 r8169-fix-vlan-tag-reordering.patch
2399192c10ba600a086a4c946f1b72f2 xsa43-pvops.patch
3c84d36165b43f0f0f0bdde77c6f68c0 5-5-xfrm4-Invalidate-all-ipv4-routes-on-IPsec-pmtu-events.patch
02ed0c981afbf6a1fc81d5fa9b44e7df kernelconfig.x86
4927251c008b2c2bf5648d732ec63f9d kernelconfig.x86_64"
sha256sums="4ab9a6ef1c1735713f9f659d67f92efa7c1dfbffb2a2ad544005b30f9791784f linux-3.6.tar.xz
4bdc3822571a4a765bf6f347aad8b899730acef549ae4236813fd17f254f4327 patch-3.6.11.xz
7b06dc536709a68cd03918231a8c9c59d236ab7ae898fd80f042413422e6e210 patch-3.6.11-al5.patch
d44e17a36af283c2cfe2d07dc4e0325a110ccf9d29253f605d7f6793d3166ce4 grsecurity-2.9.1-3.6.11-al5-unofficial-0.patch
e2d2d1503f53572c6a2e21da729a13a430dd01f510405ffb3a33b29208860bde 0004-arp-flush-arp-cache-on-device-change.patch
fdce1143aa10a48582b5bb9cf441b75c6f52701a61f28139970f3110a170fb97 r8169-num-rx-desc.patch
c3673636d7604b7b3df665acc0fc0153a76ac6b7f36bb931d235ea1132ac1852 ipv4-remove-output-route-check-in-ipv4_mtu.patch
7ba9b10b04197d3009ad3facabd0bdb2cab870fabcc841716efb1041412a20cd r8169-fix-vlan-tag-reordering.patch
6efe83c9951dcba20f18095814d19089e19230c6876bbdab32cc2f1165bb07c8 xsa43-pvops.patch
ea006140f59d820c61996290434ca6a16f66e6b175e33488b36b650af3592787 5-5-xfrm4-Invalidate-all-ipv4-routes-on-IPsec-pmtu-events.patch
c4236fa6150c9cba98280aadc2daccd917410148e06d2231cc8c5370d1735577 kernelconfig.x86
3afefde6d92e1c41f6487c2279c5b707ef42ce42e4f7fe9e37d482c3e24ec3b1 kernelconfig.x86_64"
sha512sums="6e3354184d1799228a2d33b92e4a6b743cc24352b8ccc1fd487fab07ab97be2aa03ba87b8406a177581692db1fd40674fbd4e213a782cbe0a6a969b10c4c17a1 linux-3.6.tar.xz
08423f145ee7aef49f50d95032595ee79250135b6ecfa72f802502a277f215b63c4dc04ed149fe4ed7cdaa5ef063b8003b7f72f41d8417e45efbe7e30e621387 patch-3.6.11.xz
1aaae390ee31a77bd4fa8acc4563ed4a438c6143074364853dcf5126d973d6ad5d39713e76086f36cf06c9027df676b30332f02cfc0de607f4b89e1d3f2ed21f patch-3.6.11-al5.patch
5cefb9bf53bf99a0173a6e1037427d75a4d926b3d9c66fff38355007efa48a07ed6be3e6796537c9e068eb3ea09085d3cf86df5833238318d201c95ca3ed9583 grsecurity-2.9.1-3.6.11-al5-unofficial-0.patch
b6fdf376009f0f0f3fa194cb11be97343e4d394cf5d3547de6cfca8ad619c5bd3f60719331fd8cfadc47f09d22be8376ba5f871b46b24887ea73fe47e233a54e 0004-arp-flush-arp-cache-on-device-change.patch
d9c91b57415c7c3c365add35565f72ba6225e48212f55abb209e1f426902206543edefb9fc01715357e445b69222a6fb94c3469d701e465450919bad3c83d874 r8169-num-rx-desc.patch
fbbaa9c940f70823f5672db04b78de71233ecdda83d0cbeaeac941d732b0e3b18be38a0ed85d7bd03818114d00d9fe00935532968bee5b4673e8fadfda8c0281 ipv4-remove-output-route-check-in-ipv4_mtu.patch
958f5dfb57b6760e92d39027e8ec8d0abc2d99f6b40ef3c108fe90acfe00f3d5fdc2ccebddeffbf70794f6d7a394d985adf40808c2d4c8f7d0591c589b88bbbc r8169-fix-vlan-tag-reordering.patch
383c00a2520f0e27a4e51ef4e499cd8dc33f75ef4d3d5eab22944126c41de20dccf563d1d05cd557cae4091167de78f44ec5bfb76e33f503b36b5e3d756fcaed xsa43-pvops.patch
7016cdac82e9969636920e5e8accafcf7b160fb5afa2ce79fc43ee0b0591afe825f047efa18c7e7b0b310085298221a8b751ff1dd51eee940fa262f0b7054813 5-5-xfrm4-Invalidate-all-ipv4-routes-on-IPsec-pmtu-events.patch
065fff74ab7f885a45d98a1cd2bc5aaf6cb9a08d830297aaab54b512b7c90d692e37101810ee36a1f26e757990f763b664788a858b3ab40d0b4821205b9d3995 kernelconfig.x86
ba9a0b035a97089e51e0a0b723c69148866dabb4baf74c870a005350f7bfd789ab47595c7bc7e218de6d7479d16279cb906aee2ffeda9a6b141ad43ecc26dd4f kernelconfig.x86_64"
|
