aboutsummaryrefslogtreecommitdiffstats
path: root/main/linux-vanilla/APKBUILD
blob: abab74e14f4735d5a22834c6a4c74fac218b7519 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186

# Maintainer: Natanael Copa <ncopa@alpinelinux.org>

_flavor=vanilla
pkgname=linux-${_flavor}
pkgver=4.1.39
case $pkgver in
	*.*.*)	_kernver=${pkgver%.*};;
	*.*) _kernver=$pkgver;;
esac
pkgrel=0
pkgdesc="Linux vanilla kernel"
url="http://kernel.org"
depends="mkinitfs linux-firmware"
makedepends="perl sed installkernel bash gmp-dev bc linux-headers"
options="!strip"
_config=${config:-config-vanilla.${CARCH}}
install=
source="https://cdn.kernel.org/pub/linux/kernel/v${pkgver%%.*}.x/linux-$_kernver.tar.xz
	CVE-2016-10229.patch

	config-vanilla.armhf
	config-vanilla.x86
	config-vanilla.x86_64
	"

if [ "${pkgver%.0}" = "$pkgver" ]; then
	source="$source
	http://ftp.kernel.org/pub/linux/kernel/v${pkgver%%.*}.x/patch-$pkgver.xz"
fi
subpackages="$pkgname-dev"
arch="all"
license="GPL2"

_abi_release=${pkgver}

# secfixes:             
#   4.1.39-r0:          
#   - CVE-2016-10229

prepare() {
	local _patch_failed=
	cd "$srcdir"/linux-$_kernver
	if [ "$_kernver" != "$pkgver" ]; then
		msg "Applying patch-$pkgver.xz"
		unxz -c < "$srcdir"/patch-$pkgver.xz | patch -p1 -N || return 1
	fi

	# first apply patches in specified order
	for i in $source; do
		case $i in
		*.patch)
			msg "Applying $i..."
			if ! patch -s -p1 -N -i "$srcdir"/$i; then
				echo $i >>failed
				_patch_failed=1
			fi
			;;
		esac
	done

	if ! [ -z "$_patch_failed" ]; then
		error "The following patches failed:"
		cat failed
		return 1
	fi

	mkdir -p "$srcdir"/build
	cp "$srcdir"/$_config "$srcdir"/build/.config || return 1
	make -C "$srcdir"/linux-$_kernver O="$srcdir"/build HOSTCC="${CC:-gcc}" \
		silentoldconfig
}

# this is so we can do: 'abuild menuconfig' to reconfigure kernel
menuconfig() {
	cd "$srcdir"/build || return 1
	make menuconfig
	cp .config "$startdir"/$_config
}

build() {
	cd "$srcdir"/build
	export GCC_SPECS=hardenednopie.specs
	make CC="${CC:-gcc}" \
		KBUILD_BUILD_VERSION="$((pkgrel + 1 ))-Alpine" \
		|| return 1
}

package() {
	cd "$srcdir"/build

	mkdir -p "$pkgdir"/boot "$pkgdir"/lib/modules

	local _install
	case "$CARCH" in
	arm*)
		local _dtbdir="$pkgdir"/usr/lib/linux-${_abi_release}
		mkdir -p "$_dtbdir"
		for i in arch/arm/boot/dts/*.dtb ; do
			install -m644 "$i" "$_dtbdir"
		done

		_install=zinstall
		;;
	*)
		_install=install
		;;
	esac

	make -j1 modules_install firmware_install $_install \
		INSTALL_MOD_PATH="$pkgdir" \
		INSTALL_PATH="$pkgdir"/boot \
		|| return 1

	rm -f "$pkgdir"/lib/modules/${_abi_release}/build \
		"$pkgdir"/lib/modules/${_abi_release}/source
	rm -rf "$pkgdir"/lib/firmware

	install -D include/config/kernel.release \
		"$pkgdir"/usr/share/kernel/$_flavor/kernel.release
}

dev() {
	# copy the only the parts that we really need for build 3rd party
	# kernel modules and install those as /usr/src/linux-headers,
	# simlar to what ubuntu does
	#
	# this way you dont need to install the 300-400 kernel sources to
	# build a tiny kernel module
	#
	pkgdesc="Headers and script for third party modules for grsec kernel"
	depends="gmp-dev"
	local dir="$subpkgdir"/usr/src/linux-headers-${_abi_release}

	# first we import config, run prepare to set up for building
	# external modules, and create the scripts
	mkdir -p "$dir"
	cp "$srcdir"/$_config "$dir"/.config
	make -j1 -C "$srcdir"/linux-$_kernver O="$dir" HOSTCC="${CC:-gcc}" \
		silentoldconfig prepare modules_prepare scripts 

	# remove the stuff that poits to real sources. we want 3rd party
	# modules to believe this is the soruces
	rm "$dir"/Makefile "$dir"/source

	# copy the needed stuff from real sources
	#
	# this is taken from ubuntu kernel build script
	# http://kernel.ubuntu.com/git?p=ubuntu/ubuntu-jaunty.git;a=blob;f=debian/rules.d/3-binary-indep.mk;hb=HEAD
	cd "$srcdir"/linux-$_kernver
	find . -path './include/*' -prune -o -path './scripts/*' -prune \
		-o -type f \( -name 'Makefile*' -o -name 'Kconfig*' \
		-o -name 'Kbuild*' -o -name '*.sh' -o -name '*.pl' \
		-o -name '*.lds' \) | cpio -pdm "$dir"
	cp -a drivers/media/dvb/dvb-core/*.h "$dir"/drivers/media/dvb/dvb-core
	cp -a drivers/media/video/*.h "$dir"/drivers/media/video
	cp -a drivers/media/dvb/frontends/*.h "$dir"/drivers/media/dvb/frontends
	cp -a scripts include "$dir"
	find $(find arch -name include -type d -print) -type f \
		| cpio -pdm "$dir"

	install -Dm644 "$srcdir"/build/Module.symvers \
		"$dir"/Module.symvers

	mkdir -p "$subpkgdir"/lib/modules/${_abi_release}
	ln -sf /usr/src/linux-headers-${_abi_release} \
		"$subpkgdir"/lib/modules/${_abi_release}/build
}

md5sums="fe9dc0f6729f36400ea81aa41d614c37  linux-4.1.tar.xz
8d81969d7c85cfb913e53f6cc83aba82  CVE-2016-10229.patch
e62cb3ba9b8ecf9570af15267564b792  config-vanilla.armhf
11febdc146c8b65d21f2c1876b3f8557  config-vanilla.x86
eb7b9e0627d3b31501e9e8341a0d4c3b  config-vanilla.x86_64
899a9b178d49c145de7df9712aaafefc  patch-4.1.39.xz"
sha256sums="caf51f085aac1e1cea4d00dbbf3093ead07b551fc07b31b2a989c05f8ea72d9f  linux-4.1.tar.xz
3963632b41220998b12efb7b20a7e8811af927758d3c3698f5ac55e691b24e49  CVE-2016-10229.patch
ee0a30271ac60670854ae79819982edfd55b5d9401b88683524f25c7a47d81d0  config-vanilla.armhf
b4e59eaeebdb5f38a9ab4ced0cf92d01fbd63eb1cc61771d64478e6af416eb47  config-vanilla.x86
d43b342a46cf6514b134b232a8724790c4973f40285de3bc817ed541a8044fcc  config-vanilla.x86_64
398c201891d4f7942458caab8c8af5d058c62e6a8f6058b06363fad462e83154  patch-4.1.39.xz"
sha512sums="168ef84a4e67619f9f53f3574e438542a5747f9b43443363cb83597fcdac9f40d201625c66e375a23226745eaada9176eb006ca023613cec089349e91751f3c0  linux-4.1.tar.xz
946bb48acc7d34056426ae171f73450b58b4a1288630e77168e317e0f5cb59141a7548f79ffd4e142cdb8978387e3c1f9bd372e996f2801ae39c6d32e11d0016  CVE-2016-10229.patch
03c2e0aac14271bab27350e2c9983d3a11d48f6898f1024ed0b95b218af139cc599eac62ef640a4e78b0d6b320dc19fc28f4ee11d1fef92616ceb0d3e43b2870  config-vanilla.armhf
5741d56ebe5f3055aabbd745d79304f7bd0ac8580121a8f069b6e347829ab4efe48f7eecbb1d348ec253702e9563fbe35c35b4858b9fe08907d872e39665208a  config-vanilla.x86
0611b3186ffe00d300e4193fe8fe81125435ecb2f1ea1f8ea7074eb47bc19a464a86a64539e9cff6044d1d01edfab696c3eb4bae703529a2d073ac1f1e5fa535  config-vanilla.x86_64
a5ed73e8a473f8b374d9762947e79efb83a9713af08d10869997a16ab51c357cac7c96f99f942496fad1ed0589051f2a5d97c8e72f4ab15648c12c1a5d6ff1f2  patch-4.1.39.xz"
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-09 00:48:20 +0000