summaryrefslogtreecommitdiff
path: root/kernels/linux-libre-rt
diff options
context:
space:
mode:
Diffstat (limited to 'kernels/linux-libre-rt')
-rw-r--r--kernels/linux-libre-rt/0001-ZEN-Add-sysctl-and-CONFIG-to-disallow-unprivileged-C.patch (renamed from kernels/linux-libre-rt/0001-add-sysctl-to-disallow-unprivileged-CLONE_NEWUSER-by.patch)69
-rw-r--r--kernels/linux-libre-rt/60-linux.hook12
-rw-r--r--kernels/linux-libre-rt/90-linux.hook11
-rw-r--r--kernels/linux-libre-rt/PKGBUILD488
-rw-r--r--kernels/linux-libre-rt/linux-armv7h.preset (renamed from kernels/linux-libre-rt/linux.preset)2
-rw-r--r--kernels/linux-libre-rt/linux.install12
6 files changed, 279 insertions, 315 deletions
diff --git a/kernels/linux-libre-rt/0001-add-sysctl-to-disallow-unprivileged-CLONE_NEWUSER-by.patch b/kernels/linux-libre-rt/0001-ZEN-Add-sysctl-and-CONFIG-to-disallow-unprivileged-C.patch
index 22e12e4b0..f93022e50 100644
--- a/kernels/linux-libre-rt/0001-add-sysctl-to-disallow-unprivileged-CLONE_NEWUSER-by.patch
+++ b/kernels/linux-libre-rt/0001-ZEN-Add-sysctl-and-CONFIG-to-disallow-unprivileged-C.patch
@@ -1,22 +1,49 @@
-From 1ce3e84fdf0b56f477d30acdc8797dedd7330e37 Mon Sep 17 00:00:00 2001
-From: Serge Hallyn <serge.hallyn@canonical.com>
-Date: Fri, 31 May 2013 19:12:12 +0100
-Subject: [PATCH] add sysctl to disallow unprivileged CLONE_NEWUSER by default
+From 6136ffb3d88e9f044260f8288d2d0a1edd64379e Mon Sep 17 00:00:00 2001
+From: "Jan Alexander Steffens (heftig)" <jan.steffens@gmail.com>
+Date: Mon, 16 Sep 2019 04:53:20 +0200
+Subject: [PATCH] ZEN: Add sysctl and CONFIG to disallow unprivileged
+ CLONE_NEWUSER
-Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
-[bwh: Remove unneeded binary sysctl bits]
-Signed-off-by: Daniel Micay <danielmicay@gmail.com>
+Our default behavior continues to match the vanilla kernel.
---
+ init/Kconfig | 16 ++++++++++++++++
kernel/fork.c | 15 +++++++++++++++
kernel/sysctl.c | 12 ++++++++++++
- kernel/user_namespace.c | 3 +++
- 3 files changed, 30 insertions(+)
+ kernel/user_namespace.c | 7 +++++++
+ 4 files changed, 50 insertions(+)
+diff --git a/init/Kconfig b/init/Kconfig
+index bd7d650d4a99..658f9c052151 100644
+--- a/init/Kconfig
++++ b/init/Kconfig
+@@ -1091,6 +1091,22 @@ config USER_NS
+
+ If unsure, say N.
+
++config USER_NS_UNPRIVILEGED
++ bool "Allow unprivileged users to create namespaces"
++ default y
++ depends on USER_NS
++ help
++ When disabled, unprivileged users will not be able to create
++ new namespaces. Allowing users to create their own namespaces
++ has been part of several recent local privilege escalation
++ exploits, so if you need user namespaces but are
++ paranoid^Wsecurity-conscious you want to disable this.
++
++ This setting can be overridden at runtime via the
++ kernel.unprivileged_userns_clone sysctl.
++
++ If unsure, say Y.
++
+ config PID_NS
+ bool "PID Namespaces"
+ default y
diff --git a/kernel/fork.c b/kernel/fork.c
-index f0b58479534f..8b2d927125c5 100644
+index 541fd805fb88..ffd57c812153 100644
--- a/kernel/fork.c
+++ b/kernel/fork.c
-@@ -103,6 +103,11 @@
+@@ -106,6 +106,11 @@
#define CREATE_TRACE_POINTS
#include <trace/events/task.h>
@@ -28,7 +55,7 @@ index f0b58479534f..8b2d927125c5 100644
/*
* Minimum number of threads to boot the kernel
-@@ -1649,6 +1654,10 @@ static __latent_entropy struct task_struct *copy_process(
+@@ -1788,6 +1793,10 @@ static __latent_entropy struct task_struct *copy_process(
if ((clone_flags & (CLONE_NEWUSER|CLONE_FS)) == (CLONE_NEWUSER|CLONE_FS))
return ERR_PTR(-EINVAL);
@@ -39,7 +66,7 @@ index f0b58479534f..8b2d927125c5 100644
/*
* Thread groups must share signals as well, and detached threads
* can only be started up within the thread group.
-@@ -2467,6 +2476,12 @@ int ksys_unshare(unsigned long unshare_flags)
+@@ -2819,6 +2828,12 @@ int ksys_unshare(unsigned long unshare_flags)
if (unshare_flags & CLONE_NEWNS)
unshare_flags |= CLONE_FS;
@@ -53,10 +80,10 @@ index f0b58479534f..8b2d927125c5 100644
if (err)
goto bad_unshare_out;
diff --git a/kernel/sysctl.c b/kernel/sysctl.c
-index cc02050fd0c4..ce2ad2b92897 100644
+index 078950d9605b..baead3605bbe 100644
--- a/kernel/sysctl.c
+++ b/kernel/sysctl.c
-@@ -105,6 +105,9 @@ extern int core_uses_pid;
+@@ -110,6 +110,9 @@ extern int core_uses_pid;
extern char core_pattern[];
extern unsigned int core_pipe_limit;
#endif
@@ -66,7 +93,7 @@ index cc02050fd0c4..ce2ad2b92897 100644
extern int pid_max;
extern int pid_max_min, pid_max_max;
extern int percpu_pagelist_fraction;
-@@ -514,6 +517,15 @@ static struct ctl_table kern_table[] = {
+@@ -545,6 +548,15 @@ static struct ctl_table kern_table[] = {
.proc_handler = proc_dointvec,
},
#endif
@@ -83,19 +110,23 @@ index cc02050fd0c4..ce2ad2b92897 100644
{
.procname = "tainted",
diff --git a/kernel/user_namespace.c b/kernel/user_namespace.c
-index 923414a246e9..6b9dbc257e34 100644
+index 8eadadc478f9..c36ecd19562c 100644
--- a/kernel/user_namespace.c
+++ b/kernel/user_namespace.c
-@@ -26,6 +26,9 @@
+@@ -21,6 +21,13 @@
#include <linux/bsearch.h>
#include <linux/sort.h>
+/* sysctl */
++#ifdef CONFIG_USER_NS_UNPRIVILEGED
++int unprivileged_userns_clone = 1;
++#else
+int unprivileged_userns_clone;
++#endif
+
static struct kmem_cache *user_ns_cachep __read_mostly;
static DEFINE_MUTEX(userns_state_mutex);
--
-2.19.1
+2.23.0
diff --git a/kernels/linux-libre-rt/60-linux.hook b/kernels/linux-libre-rt/60-linux.hook
deleted file mode 100644
index b33873c85..000000000
--- a/kernels/linux-libre-rt/60-linux.hook
+++ /dev/null
@@ -1,12 +0,0 @@
-[Trigger]
-Type = File
-Operation = Install
-Operation = Upgrade
-Operation = Remove
-Target = usr/lib/modules/%KERNVER%/*
-Target = usr/lib/modules/%EXTRAMODULES%/*
-
-[Action]
-Description = Updating %PKGBASE% module dependencies...
-When = PostTransaction
-Exec = /usr/bin/depmod %KERNVER%
diff --git a/kernels/linux-libre-rt/90-linux.hook b/kernels/linux-libre-rt/90-linux.hook
deleted file mode 100644
index be0d88653..000000000
--- a/kernels/linux-libre-rt/90-linux.hook
+++ /dev/null
@@ -1,11 +0,0 @@
-[Trigger]
-Type = File
-Operation = Install
-Operation = Upgrade
-Target = boot/vmlinuz-%PKGBASE%
-Target = usr/lib/initcpio/*
-
-[Action]
-Description = Updating %PKGBASE% initcpios...
-When = PostTransaction
-Exec = /usr/bin/mkinitcpio -p %PKGBASE%
diff --git a/kernels/linux-libre-rt/PKGBUILD b/kernels/linux-libre-rt/PKGBUILD
index 7cb4b95f8..d82adc551 100644
--- a/kernels/linux-libre-rt/PKGBUILD
+++ b/kernels/linux-libre-rt/PKGBUILD
@@ -1,46 +1,57 @@
# Maintainer: David P. <megver83@parabola.nu>
# Contributor: André Silva <emulatorman@hyperbola.info>
# Contributor: Márcio Silva <coadde@hyperbola.info>
-# Contributor: fauno <fauno@parabola.nu>
-# Contributor: Sorin-Mihai Vârgolici <smv@yobicore.org>
-# Contributor: Michał Masłowski <mtjm@mtjm.eu>
-# Contributor: Luke R. <g4jc@openmailbox.org>
-# Contributor: Andreas Grapentin <andreas@grapentin.org>
-# Based on linux-rt package
+_replacesarchkernel=('linux%') # '%' gets replaced with kernel suffix
+_replacesoldkernels=() # '%' gets replaced with kernel suffix
+_replacesoldmodules=() # '%' gets replaced with kernel suffix
pkgbase=linux-libre-rt
_srcbasever=4.19-gnu
_srcver=4.19.72-gnu
-_rtbasever=4.19
-_rtpatchver=rt25
-
-_replacesarchkernel=('linux%') # '%' gets replaced with _kernelname
-_replacesoldkernels=() # '%' gets replaced with _kernelname
-_replacesoldmodules=() # '%' gets replaced with _kernelname
-
+_rtpatchver=26
_srcname=linux-${_srcbasever%-*}
-_archpkgver=${_srcver%-*}_${_rtpatchver}
-pkgver=${_srcver//-/_}.${_rtpatchver}
+pkgver=${_srcver//-/.${_rtpatchver}_}
pkgrel=1
rcnver=4.19.72
-rcnrel=armv7-x39
-arch=('x86_64' 'i686' 'armv7h')
+rcnrel=armv7-x40
url='https://linux-libre.fsfla.org/'
-license=('GPL2')
-makedepends=('xmlto' 'kmod' 'inetutils' 'bc' 'libelf')
+arch=(i686 x86_64 armv7h)
+license=(GPL2)
+makedepends=(
+ xmlto kmod inetutils bc libelf
+ python-sphinx python-sphinx_rtd_theme graphviz imagemagick
+)
options=('!strip')
source=(
"https://linux-libre.fsfla.org/pub/linux-libre/releases/${_srcbasever}/linux-libre-${_srcbasever}.tar.xz"{,.sign}
"https://linux-libre.fsfla.org/pub/linux-libre/releases/${_srcver}/patch-${_srcbasever}-${_srcver}.xz"{,.sign}
- "https://www.kernel.org/pub/linux/kernel/projects/rt/${_rtbasever}/older/patch-${_srcver%-*}-${_rtpatchver}.patch"{.xz,.sign}
+ "https://www.kernel.org/pub/linux/kernel/projects/rt/${_srcbasever%-*}/older/patch-${_srcver%-*}-rt${_rtpatchver}.patch"{.xz,.sign}
"https://repo.parabola.nu/other/linux-libre/logos/logo_linux_"{clut224.ppm,vga16.ppm,mono.pbm}{,.sig}
config.i686 config.x86_64 config.armv7h # the main kernel config files
- 60-linux.hook # pacman hook for depmod
- 90-linux.hook # pacman hook for initramfs regeneration
- linux.preset # standard config files for mkinitcpio ramdisk
- # armv7h patches
- "https://repo.parabola.nu/other/rcn-libre/patches/${rcnver}/rcn-libre-${rcnver}-${rcnrel}.patch"{,.sig}
+ linux-armv7h.preset # armv7h preset file for mkinitcpio ramdisk
+
+ # maintain the TTY over USB disconnects
+ # http://www.coreboot.org/EHCI_Gadget_Debug
+ 0001-usb-serial-gadget-no-TTY-hangup-on-USB-disconnect-WI.patch
+ # fix Atmel maXTouch touchscreen support
+ # https://labs.parabola.nu/issues/877
+ # http://www.fsfla.org/pipermail/linux-libre/2015-November/003202.html
+ 0002-fix-Atmel-maXTouch-touchscreen-support.patch
+
+ # Arch's custom linux patches
+ 0001-ZEN-Add-sysctl-and-CONFIG-to-disallow-unprivileged-C.patch
+)
+source_armv7h=(
+ # armv7h patches, put in the source_armv7h variable just for a more comfortable loop patching
+
+ # RCN patch (CM3 firmware deblobbed and AUFS/WireGuard removed)
+ # Note: For stability reasons, AUFS has been removed in the RCN patch.
+ # We are supporting AUFS in linux-libre-pck through PCK patch.
+ # See https://wiki.parabola.nu/PCK for further details.
+ "https://repo.parabola.nu/other/rcn-libre/patches/${rcnver}/rcn-libre-${rcnver}-$rcnrel.patch"{,.sig}
+
+ # Arch Linux ARM patches
0001-ARM-atags-add-support-for-Marvell-s-u-boot.patch
0002-ARM-atags-fdt-retrieve-MAC-addresses-from-Marvell-bo.patch
0003-SMILE-Plug-device-tree-file.patch
@@ -50,10 +61,6 @@ source=(
0007-exynos4412-odroid-set-higher-minimum-buck2-regulator.patch
0008-ARM-dove-enable-ethernet-on-D3Plug.patch
0009-usb-dwc2-disable-power_down-on-rockchip-devices.patch
- # other patches
- 0001-usb-serial-gadget-no-TTY-hangup-on-USB-disconnect-WI.patch
- 0002-fix-Atmel-maXTouch-touchscreen-support.patch
- 0001-add-sysctl-to-disallow-unprivileged-CLONE_NEWUSER-by.patch
)
validpgpkeys=(
'474402C8C582DAFBE389C427BCB7CF877E7D47A7' # Alexandre Oliva
@@ -65,7 +72,7 @@ sha512sums=('5bc800b3beff43a8c15bd5515f4e0babe2beb5fa600491b7b37110e22d9b739d293
'SKIP'
'c126131bd561b1ca5515dc7e1c182c41a567639054b097213b3ad3424a092fe4a2e7f7e337df67e5dfb5b7f17a577e1d555c2dc16e09f56c26af934be5d80f36'
'SKIP'
- '5bca5ec414f8ec0a3ee58e2239d3c0f912ba5cfabbb4fb4f575b6a141725891fd8b533ba17d2d2dde9fa4e5a6654cae4e7a21184198ef672c0d7530af6eac036'
+ 'edf8ed9863abb7191df36736401b2ef92c91d82a5fe40f7da4b38fb73869b2ec3efe3bc5652ff7197bc5106ee03befcf7d71450568893e1b74acc1af1c5b5b26'
'SKIP'
'13cb5bc42542e7b8bb104d5f68253f6609e463b6799800418af33eb0272cc269aaa36163c3e6f0aacbdaaa1d05e2827a4a7c4a08a029238439ed08b89c564bb3'
'SKIP'
@@ -76,315 +83,276 @@ sha512sums=('5bc800b3beff43a8c15bd5515f4e0babe2beb5fa600491b7b37110e22d9b739d293
'07ac55667886190a69ce82d5d84fac0d21349ea1b75f2da8ff9045b207e9ac48813f9fe19c23ceb3d964e5d36bd0911029c1b1e8bc7f9805324f65c77e89da5d'
'19321e4ace9bd939ba225fdd1d70cffdf69aaa4c56da45528afed057a4104d8460052ec72d4794c9eb90f31b5cb70ed3447cc404fb4640a68bc9a8959450fd56'
'93c326dd7b5ca3f9808050928aeccc0c6335ac831d16abf8041b51370c7174d1add67d04443ca505561dbe62962b24b1c29b9b458b8ae627d3438f4961d083cb'
- '7ad5be75ee422dda3b80edd2eb614d8a9181e2c8228cd68b3881e2fb95953bf2dea6cbe7900ce1013c9de89b2802574b7b24869fc5d7a95d3cc3112c4d27063a'
- '4a8b324aee4cccf3a512ad04ce1a272d14e5b05c8de90feb82075f55ea3845948d817e1b0c6f298f5816834ddd3e5ce0a0e2619866289f3c1ab8fd2f35f04f44'
- '2dc6b0ba8f7dbf19d2446c5c5f1823587de89f4e28e9595937dd51a87755099656f2acec50e3e2546ea633ad1bfd1c722e0c2b91eef1d609103d8abdc0a7cbaf'
- 'c08532b4246ef2f4c25a5b3358ceb5dbf294fadd7ede5711de92d6f9d8fae5ab0238e0d902c821c7cdcee39332db229f6df943b27fe63e66a96bac296808c174'
- 'SKIP'
- '60aa432465eb3ac10f565799d3dfecea21aaf08e83909c1161d9359e932626edbd1353e712d616c3d785c65a0f699e9c45df35bd9e86365c25399c6b2d45b9e4'
- '86809feb5ae2759b449ec0cb7a6b3fb457874ed82a72dfda00607e8819c804a0714b5d6a17cbbba44996a36872224af42d1b85f1b3932f43bccb419041d25dc7'
- '746acff348d62b3ed4e62cd9976ddf0af47f87bd3cffda90cbb00a6b57d589ccb681fcd9541ee5bdd179d95dad71d57c77cb1a60faee1c6cef518e4055c3456f'
- 'c945e871fa456b521ced77cae9081bcdc47d836ecdabe6766e373681fe11fda3e5a7a3c16f70c586be64a1eb5c9136c43b0a44df897298940fd8703b50b0a543'
- '054e98a2d1ea83cece1fe55ae087b282f25593022f252c74612d4aeb2a547f84ea626e3d982098ca798271af55f3b733ac2aea2fc0d9cad031802d2901dfe4ca'
- '4433f9e780a72347313916c8a9cbcbce3a8c40e1b299e887dc748d257879fb5fab8f1683936339f73a4d4b4ef668b1ed6cc0d9a19ed4bd99039a1613ac08610e'
- 'd1361d23ae79599e3fa94cba206bd40764f9eee0c584e639af13828dabb7f0dfa361792c098b5afae0bb350407b2dc47a1d67580daeade7a4f3e3e55e42c8470'
- 'c1653f91067d31801a23450175e47968add147477caf20aec6092831739641312f4ad995af43c7e55545007279016b5f62a0720d31e4591b4421a65b8bd5b398'
- 'a123747792417d3760ca40d7f913c2cdd194da2ea5778352eedebc80097b7b8dce4428a8fe8bd75cab92972f599c25bcf18a740856fc2990351234b0d7ebf9f5'
+ 'aca591b5a2e838754e3c5fd2c0e50098ad54c2d0f990de5bf9cff8608e881daf0e37132294ed1a0e0a7b9e1c194c0b89f95da001d94febdb25a01c409060e3ac'
'02af4dd2a007e41db0c63822c8ab3b80b5d25646af1906dc85d0ad9bb8bbf5236f8e381d7f91cf99ed4b0978c50aee37cb9567cdeef65b7ec3d91b882852b1af'
'b8fe56e14006ab866970ddbd501c054ae37186ddc065bb869cf7d18db8c0d455118d5bda3255fb66a0dde38b544655cfe9040ffe46e41d19830b47959b2fb168'
- 'ba561ef861c56002de25ec6f63211e758f3d26eaa7ff0e4a16ffd096d5fe7019d9df343658adc0535684303888d022aa816fc0b282da27ac1ca29dfc0b0e2be0')
-
-_kernelname=${pkgbase#linux-libre}
-_replacesarchkernel=("${_replacesarchkernel[@]/\%/${_kernelname}}")
-_replacesoldkernels=("${_replacesoldkernels[@]/\%/${_kernelname}}")
-_replacesoldmodules=("${_replacesoldmodules[@]/\%/${_kernelname}}")
-
-case "${CARCH}" in
+ '5f196378d50dd737d727e424d8f31b7fa8a6b92ba88f0a1467ef79bc37a097160da1fc1fd5cfb4b8983f36f2afdf27eb229ec61b35a15ac2343d660eb416a230')
+sha512sums_armv7h=('326ba9a9275bb76deb5d8a4fc129d048e8a0f62bb526da58a084d3413ce79f17ba107f64b84664d73919dd67c4e1cbf01388ab71dae9cee5a36728f17fe77323'
+ 'SKIP'
+ '60aa432465eb3ac10f565799d3dfecea21aaf08e83909c1161d9359e932626edbd1353e712d616c3d785c65a0f699e9c45df35bd9e86365c25399c6b2d45b9e4'
+ '86809feb5ae2759b449ec0cb7a6b3fb457874ed82a72dfda00607e8819c804a0714b5d6a17cbbba44996a36872224af42d1b85f1b3932f43bccb419041d25dc7'
+ '746acff348d62b3ed4e62cd9976ddf0af47f87bd3cffda90cbb00a6b57d589ccb681fcd9541ee5bdd179d95dad71d57c77cb1a60faee1c6cef518e4055c3456f'
+ 'c945e871fa456b521ced77cae9081bcdc47d836ecdabe6766e373681fe11fda3e5a7a3c16f70c586be64a1eb5c9136c43b0a44df897298940fd8703b50b0a543'
+ '054e98a2d1ea83cece1fe55ae087b282f25593022f252c74612d4aeb2a547f84ea626e3d982098ca798271af55f3b733ac2aea2fc0d9cad031802d2901dfe4ca'
+ '4433f9e780a72347313916c8a9cbcbce3a8c40e1b299e887dc748d257879fb5fab8f1683936339f73a4d4b4ef668b1ed6cc0d9a19ed4bd99039a1613ac08610e'
+ 'd1361d23ae79599e3fa94cba206bd40764f9eee0c584e639af13828dabb7f0dfa361792c098b5afae0bb350407b2dc47a1d67580daeade7a4f3e3e55e42c8470'
+ 'c1653f91067d31801a23450175e47968add147477caf20aec6092831739641312f4ad995af43c7e55545007279016b5f62a0720d31e4591b4421a65b8bd5b398'
+ 'a123747792417d3760ca40d7f913c2cdd194da2ea5778352eedebc80097b7b8dce4428a8fe8bd75cab92972f599c25bcf18a740856fc2990351234b0d7ebf9f5')
+
+_replacesarchkernel=("${_replacesarchkernel[@]/\%/${pkgbase#linux-libre}}")
+_replacesoldkernels=("${_replacesoldkernels[@]/\%/${pkgbase#linux-libre}}")
+_replacesoldmodules=("${_replacesoldmodules[@]/\%/${pkgbase#linux-libre}}")
+
+case "$CARCH" in
i686|x86_64) KARCH=x86;;
armv7h) KARCH=arm;;
esac
+export KBUILD_BUILD_HOST=parabola
+export KBUILD_BUILD_USER=$pkgbase
+export KBUILD_BUILD_TIMESTAMP="@${SOURCE_DATE_EPOCH:-$(date +%s)}"
+
prepare() {
- cd ${_srcname}
+ cd $_srcname
# add upstream patch
- if [ "${_srcbasever}" != "${_srcver}" ]; then
- patch -p1 -i ../patch-${_srcbasever}-${_srcver}
- fi
- chmod +x tools/objtool/sync-check.sh # GNU patch doesn't support git-style file mode
-
- # add realtime patch
- patch -p1 -i ../patch-${_srcver%-*}-${_rtpatchver}.patch
- rm localversion-rt
-
- if [ "${CARCH}" = "armv7h" ]; then
- # RCN patch (CM3 firmware deblobbed and AUFS/WireGuard removed)
- # Note: For stability reasons, AUFS has been removed in the RCN patch.
- # We are supporting AUFS in linux-libre-pck through PCK patch.
- # See https://wiki.parabola.nu/PCK for further details.
- patch -p1 -i ../rcn-libre-${rcnver}-${rcnrel}.patch
-
- # ALARM patches
- patch -p1 -i ../0001-ARM-atags-add-support-for-Marvell-s-u-boot.patch
- patch -p1 -i ../0002-ARM-atags-fdt-retrieve-MAC-addresses-from-Marvell-bo.patch
- patch -p1 -i ../0003-SMILE-Plug-device-tree-file.patch
- patch -p1 -i ../0004-fix-mvsdio-eMMC-timing.patch
- patch -p1 -i ../0005-net-smsc95xx-Allow-mac-address-to-be-set-as-a-parame.patch
- patch -p1 -i ../0006-set-default-cubietruck-led-triggers.patch
- patch -p1 -i ../0007-exynos4412-odroid-set-higher-minimum-buck2-regulator.patch
- patch -p1 -i ../0008-ARM-dove-enable-ethernet-on-D3Plug.patch
- patch -p1 -i ../0009-usb-dwc2-disable-power_down-on-rockchip-devices.patch
+ if [ "$_srcbasever" != "$_srcver" ]; then
+ patch -p1 -i ../patch-$_srcbasever-$_srcver
fi
# add freedo as boot logo
install -m644 -t drivers/video/logo \
../logo_linux_{clut224.ppm,vga16.ppm,mono.pbm}
- # security patches
-
- # add latest fixes from stable queue, if needed
- # http://git.kernel.org/?p=linux/kernel/git/stable/stable-queue.git
-
- # disable USER_NS for non-root users by default
- patch -Np1 -i ../0001-add-sysctl-to-disallow-unprivileged-CLONE_NEWUSER-by.patch
-
- # maintain the TTY over USB disconnects
- # http://www.coreboot.org/EHCI_Gadget_Debug
- patch -p1 -i ../0001-usb-serial-gadget-no-TTY-hangup-on-USB-disconnect-WI.patch
-
- # fix Atmel maXTouch touchscreen support
- # https://labs.parabola.nu/issues/877
- # http://www.fsfla.org/pipermail/linux-libre/2015-November/003202.html
- patch -p1 -i ../0002-fix-Atmel-maXTouch-touchscreen-support.patch
-
- cp -Tf ../config.$CARCH .config
-
- if [ "${_kernelname}" != "" ]; then
- sed -i "s|CONFIG_LOCALVERSION=.*|CONFIG_LOCALVERSION=\"${_kernelname}\"|g" ./.config
- sed -i "s|CONFIG_LOCALVERSION_AUTO=.*|CONFIG_LOCALVERSION_AUTO=n|" ./.config
+ msg2 "Setting version..."
+ scripts/setlocalversion --save-scmversion
+ echo "-$pkgrel" > localversion.10-pkgrel
+ echo "${pkgbase#linux-libre}" > localversion.20-pkgname
+
+ if [ "$CARCH" = "armv7h" ]; then
+ local src_armv7h
+ for src_armv7h in "${source_armv7h[@]}"; do
+ src_armv7h="${src_armv7h%%::*}"
+ src_armv7h="${src_armv7h##*/}"
+ [[ $src_armv7h = *.patch ]] || continue
+ msg2 "Applying patch $src_armv7h..."
+ patch -Np1 < "../$src_armv7h"
+ done
fi
- # append pkgrel to extraversion
- sed -ri "s|^(EXTRAVERSION =.*\S).*|\1-${pkgrel}|" Makefile
-
- # don't run depmod on 'make install'. We'll do this ourselves in packaging
- sed -i '2iexit 0' scripts/depmod.sh
-
- # get kernel version
- make prepare
+ local src
+ for src in "${source[@]}"; do
+ src="${src%%::*}"
+ src="${src##*/}"
+ [[ $src = *.patch ]] || continue
+ msg2 "Applying patch $src..."
+ patch -Np1 < "../$src"
+ done
- # load configuration
- # Configure the kernel. Replace the line below with one of your choice.
- #make menuconfig # CLI menu for configuration
- #make nconfig # new CLI menu for configuration
- #make xconfig # X-based configuration
- #make oldconfig # using old config from previous kernel version
- # ... or manually edit .config
+ msg2 "Setting config..."
+ cp ../config.$CARCH .config
+ make olddefconfig
- # rewrite configuration
- yes "" | make config >/dev/null
+ make -s kernelrelease > version
+ msg2 "Prepared %s version %s" "$pkgbase" "$(<version)"
}
build() {
- cd ${_srcname}
-
- if [ "${CARCH}" = "armv7h" ]; then
- make ${MAKEFLAGS} LOCALVERSION= zImage modules dtbs
- elif [ "${CARCH}" = "x86_64" ] || [ "${CARCH}" = "i686" ]; then
- make ${MAKEFLAGS} LOCALVERSION= bzImage modules
+ cd $_srcname
+ if [ "$CARCH" = "armv7h" ]; then
+ make zImage modules htmldocs dtbs
+ else
+ make bzImage modules htmldocs
fi
}
_package() {
- pkgdesc="The ${pkgbase^} kernel and modules with realtime preemption"
- [ "${pkgbase}" = "linux-libre" ] && groups=('base' 'base-openrc')
- depends=('coreutils' 'linux-libre-firmware' 'kmod' 'mkinitcpio>=0.7')
- optdepends=('crda: to set the correct wireless channels of your country')
- provides=("${_replacesarchkernel[@]/%/=${_archpkgver}}" "LINUX-ABI_VERSION=${_srcver%%-*}")
+ pkgdesc="The ${pkgbase^} kernel and modules"
+ depends=(coreutils kmod initramfs)
+ optdepends=('crda: to set the correct wireless channels of your country'
+ 'linux-libre-firmware: firmware images needed for some devices')
+ provides=("${_replacesarchkernel[@]/%/=${_srcver%%-*}}" "LINUX-ABI_VERSION=${_srcver%%-*}")
conflicts=("${_replacesarchkernel[@]}" "${_replacesoldkernels[@]}" "${_replacesoldmodules[@]}")
replaces=("${_replacesarchkernel[@]}" "${_replacesoldkernels[@]}" "${_replacesoldmodules[@]}")
- backup=("etc/mkinitcpio.d/${pkgbase}.preset")
- install=linux.install
-
- cd ${_srcname}
-
- # get kernel version
- _kernver="$(make LOCALVERSION= kernelrelease)"
- _basekernel=${_kernver%%-*}
- _basekernel=${_basekernel%.*}
-
- mkdir -p "${pkgdir}"/{boot,usr/lib/modules}
- make LOCALVERSION= INSTALL_MOD_PATH="${pkgdir}/usr" modules_install
- if [ "${CARCH}" = "armv7h" ]; then
- make LOCALVERSION= INSTALL_DTBS_PATH="${pkgdir}/boot/dtbs/${pkgbase}" dtbs_install
- cp arch/$KARCH/boot/zImage "${pkgdir}/boot/vmlinuz-${pkgbase}"
- elif [ "${CARCH}" = "x86_64" ] || [ "${CARCH}" = "i686" ]; then
- cp arch/$KARCH/boot/bzImage "${pkgdir}/boot/vmlinuz-${pkgbase}"
- fi
+ cd $_srcname
+ local kernver="$(<version)"
+ local modulesdir="$pkgdir/usr/lib/modules/$kernver"
+
+ msg2 "Installing boot image..."
+ if [ "$CARCH" = "armv7h" ]; then
+ make INSTALL_DTBS_PATH="$pkgdir/boot/dtbs/$pkgbase" dtbs_install
+ fi
# systemd expects to find the kernel here to allow hibernation
# https://github.com/systemd/systemd/commit/edda44605f06a41fb86b7ab8128dcf99161d2344
- ln -sr "${pkgdir}/boot/vmlinuz-${pkgbase}" "${pkgdir}/usr/lib/modules/${_kernver}/vmlinuz"
+ install -Dm644 "$(make -s image_name)" "$modulesdir/vmlinuz"
- # make room for external modules
- local _extramodules="extramodules-${_basekernel}${_kernelname}"
- ln -s "../${_extramodules}" "${pkgdir}/usr/lib/modules/${_kernver}/extramodules"
+ # Used by mkinitcpio to name the kernel
+ echo "$pkgbase" | install -Dm644 /dev/stdin "$modulesdir/pkgbase"
- # add real version for building modules and running depmod from hook
- echo "${_kernver}" |
- install -Dm644 /dev/stdin "${pkgdir}/usr/lib/modules/${_extramodules}/version"
+ msg2 "Installing modules..."
+ make INSTALL_MOD_PATH="$pkgdir/usr" modules_install
- # remove build and source links
- rm "${pkgdir}"/usr/lib/modules/${_kernver}/{source,build}
-
- # now we call depmod...
- depmod -b "${pkgdir}/usr" -F System.map "${_kernver}"
-
- # add vmlinux
- install -Dt "${pkgdir}/usr/lib/modules/${_kernver}/build" -m644 vmlinux
-
- # sed expression for following substitutions
- if [ "${CARCH}" = "armv7h" ]; then
- local _subst="
- s|/boot/vmlinuz-%PKGBASE%|${_kernver}|g
- s|%PKGBASE%|${pkgbase}|g
- s|%KERNVER%|${_kernver}|g
- s|%EXTRAMODULES%|${_extramodules}|g
- "
- else
- local _subst="
- s|%PKGBASE%|${pkgbase}|g
- s|%KERNVER%|${_kernver}|g
- s|%EXTRAMODULES%|${_extramodules}|g
- "
- fi
+ # armv7h presets only work with ALL_kver=$kernver
+ if [ "$CARCH" = "armv7h" ]; then
+ backup=("etc/mkinitcpio.d/$pkgbase.preset")
- # hack to allow specifying an initially nonexisting install file
- sed "${_subst}" "${startdir}/${install}" > "${startdir}/${install}.pkg"
- true && install=${install}.pkg
+ msg2 "Installing mkinitcpio preset..."
+ sed "s|%PKGBASE%|$pkgbase|g;s|%KERNVER%|$kernver|g" ../linux-armv7h.preset \
+ | install -Dm644 /dev/stdin "$pkgdir/etc/mkinitcpio.d/$pkgbase.preset"
+ fi
- # install mkinitcpio preset file
- sed "${_subst}" ../linux.preset |
- install -Dm644 /dev/stdin "${pkgdir}/etc/mkinitcpio.d/${pkgbase}.preset"
+ # remove build and source links
+ rm "$modulesdir"/{source,build}
- # install pacman hooks
- sed "${_subst}" ../60-linux.hook |
- install -Dm644 /dev/stdin "${pkgdir}/usr/share/libalpm/hooks/60-${pkgbase}.hook"
- sed "${_subst}" ../90-linux.hook |
- install -Dm644 /dev/stdin "${pkgdir}/usr/share/libalpm/hooks/90-${pkgbase}.hook"
+ msg2 "Fixing permissions..."
+ chmod -Rc u=rwX,go=rX "$pkgdir"
}
_package-headers() {
pkgdesc="Header files and scripts for building modules for ${pkgbase^} kernel"
- provides=("${_replacesarchkernel[@]/%/-headers=${_archpkgver}}")
+ provides=("${_replacesarchkernel[@]/%/-headers=${_srcver%%-*}}")
conflicts=("${_replacesarchkernel[@]/%/-headers}" "${_replacesoldkernels[@]/%/-headers}")
replaces=("${_replacesarchkernel[@]/%/-headers}" "${_replacesoldkernels[@]/%/-headers}")
- cd ${_srcname}
- local _builddir="${pkgdir}/usr/lib/modules/${_kernver}/build"
+ cd $_srcname
+ local builddir="$pkgdir/usr/lib/modules/$(<version)/build"
- install -Dt "${_builddir}" -m644 Makefile .config Module.symvers
- install -Dt "${_builddir}/kernel" -m644 kernel/Makefile
+ msg2 "Installing build files..."
+ install -Dt "$builddir" -m644 .config Makefile Module.symvers System.map \
+ localversion.* version vmlinux
+ install -Dt "$builddir/kernel" -m644 kernel/Makefile
+ install -Dt "$builddir/arch/$KARCH" -m644 arch/$KARCH/Makefile
+ if [[ $CARCH = i686 ]]; then
+ install -Dt "$builddir/arch/$KARCH" -m644 arch/$KARCH/Makefile_32.cpu
+ fi
+ cp -t "$builddir" -a scripts
- mkdir "${_builddir}/.tmp_versions"
+ # add objtool for external module building and enabled VALIDATION_STACK option
+ if [[ -e tools/objtool/objtool ]]; then
+ install -Dt "$builddir/tools/objtool" tools/objtool/objtool
+ fi
- cp -t "${_builddir}" -a include scripts
+ # add xfs and shmem for aufs building
+ mkdir -p "$builddir"/{fs/xfs,mm}
- install -Dt "${_builddir}/arch/${KARCH}" -m644 arch/${KARCH}/Makefile
- if [[ ${CARCH} = i686 ]]; then
- install -t "${_builddir}/arch/${KARCH}" -m644 arch/${KARCH}/Makefile_32.cpu
- fi
- install -Dt "${_builddir}/arch/${KARCH}/kernel" -m644 arch/${KARCH}/kernel/asm-offsets.s
+ # this is gone in v5.3
+ mkdir "$builddir/.tmp_versions"
- cp -t "${_builddir}/arch/${KARCH}" -a arch/${KARCH}/include
+ msg2 "Installing headers..."
+ cp -t "$builddir" -a include
+ cp -t "$builddir/arch/$KARCH" -a arch/$KARCH/include
+ install -Dt "$builddir/arch/$KARCH/kernel" -m644 arch/$KARCH/kernel/asm-offsets.s
- install -Dt "${_builddir}/drivers/md" -m644 drivers/md/*.h
- install -Dt "${_builddir}/net/mac80211" -m644 net/mac80211/*.h
+ install -Dt "$builddir/drivers/md" -m644 drivers/md/*.h
+ install -Dt "$builddir/net/mac80211" -m644 net/mac80211/*.h
# http://bugs.archlinux.org/task/13146
- install -Dt "${_builddir}/drivers/media/i2c" -m644 drivers/media/i2c/msp3400-driver.h
+ install -Dt "$builddir/drivers/media/i2c" -m644 drivers/media/i2c/msp3400-driver.h
# http://bugs.archlinux.org/task/20402
- install -Dt "${_builddir}/drivers/media/usb/dvb-usb" -m644 drivers/media/usb/dvb-usb/*.h
- install -Dt "${_builddir}/drivers/media/dvb-frontends" -m644 drivers/media/dvb-frontends/*.h
- install -Dt "${_builddir}/drivers/media/tuners" -m644 drivers/media/tuners/*.h
-
- # add xfs and shmem for aufs building
- mkdir -p "${_builddir}"/{fs/xfs,mm}
-
- # copy in Kconfig files
- find . -name Kconfig\* -exec install -Dm644 {} "${_builddir}/{}" \;
-
- # add objtool for external module building and enabled VALIDATION_STACK option
- if [[ -e tools/objtool/objtool ]]; then
- install -Dt "${_builddir}/tools/objtool" tools/objtool/objtool
- fi
-
- # remove unneeded architectures
- local _arch
- for _arch in "${_builddir}"/arch/*/; do
- [[ ${_arch} == */${KARCH}/ ]] && continue
- rm -r "${_arch}"
+ install -Dt "$builddir/drivers/media/usb/dvb-usb" -m644 drivers/media/usb/dvb-usb/*.h
+ install -Dt "$builddir/drivers/media/dvb-frontends" -m644 drivers/media/dvb-frontends/*.h
+ install -Dt "$builddir/drivers/media/tuners" -m644 drivers/media/tuners/*.h
+
+ msg2 "Installing KConfig files..."
+ find . -name 'Kconfig*' -exec install -Dm644 {} "$builddir/{}" \;
+
+ msg2 "Removing unneeded architectures..."
+ local arch
+ for arch in "$builddir"/arch/*/; do
+ [[ $arch = */$KARCH/ ]] && continue
+ echo "Removing $(basename "$arch")"
+ rm -r "$arch"
done
- # remove files already in linux-docs package
- rm -r "${_builddir}/Documentation"
-
+ msg2 "Removing documentation..."
+ rm -r "$builddir/Documentation"
+
# Parabola changes
#
# since we don't want to diverge too much from Arch's PKGBUILD, we'll
# start marking our changes as such
- if [ "${CARCH}" = "armv7h" ]; then
+ if [ "$CARCH" = "armv7h" ]; then
for i in dove exynos omap2; do
- mkdir -p "${pkgdir}/usr/lib/modules/${_kernver}/build/arch/${KARCH}/mach-${i}"
- cp -a arch/${KARCH}/mach-${i}/include "${pkgdir}/usr/lib/modules/${_kernver}/build/arch/${KARCH}/mach-${i}/"
+ mkdir -p "$pkgdir/usr/lib/modules/$kernver/build/arch/$KARCH/mach-$i"
+ cp -a arch/$KARCH/mach-$i/include "$pkgdir/usr/lib/modules/$kernver/build/arch/$KARCH/mach-$i/"
done
for i in omap orion samsung versatile; do
- mkdir -p "${pkgdir}/usr/lib/modules/${_kernver}/build/arch/${KARCH}/plat-${i}"
- cp -a arch/${KARCH}/plat-${i}/include "${pkgdir}/usr/lib/modules/${_kernver}/build/arch/${KARCH}/plat-${i}/"
+ mkdir -p "$pkgdir/usr/lib/modules/$kernver/build/arch/$KARCH/plat-$i"
+ cp -a arch/$KARCH/plat-$i/include "$pkgdir/usr/lib/modules/$kernver/build/arch/$KARCH/plat-$i/"
done
fi
# end of Parabola changes
- # remove now broken symlinks
- find -L "${_builddir}" -type l -printf 'Removing %P\n' -delete
+ msg2 "Removing broken symlinks..."
+ find -L "$builddir" -type l -printf 'Removing %P\n' -delete
+
+ msg2 "Removing loose objects..."
+ find "$builddir" -type f -name '*.o' -printf 'Removing %P\n' -delete
+
+ msg2 "Stripping build tools..."
+ local file
+ while read -rd '' file; do
+ case "$(file -bi "$file")" in
+ application/x-sharedlib\;*) # Libraries (.so)
+ strip -v $STRIP_SHARED "$file" ;;
+ application/x-archive\;*) # Libraries (.a)
+ strip -v $STRIP_STATIC "$file" ;;
+ application/x-executable\;*) # Binaries
+ strip -v $STRIP_BINARIES "$file" ;;
+ application/x-pie-executable\;*) # Relocatable binaries
+ strip -v $STRIP_SHARED "$file" ;;
+ esac
+ done < <(find "$builddir" -type f -perm -u+x ! -name vmlinux -print0)
- # Fix permissions
- chmod -R u=rwX,go=rX "${_builddir}"
+ msg2 "Adding symlink..."
+ mkdir -p "$pkgdir/usr/src"
+ ln -sr "$builddir" "$pkgdir/usr/src/$pkgbase"
- # strip scripts directory
- local _binary _strip
- while read -rd '' _binary; do
- case "$(file -bi "${_binary}")" in
- *application/x-sharedlib*) _strip="${STRIP_SHARED}" ;; # Libraries (.so)
- *application/x-archive*) _strip="${STRIP_STATIC}" ;; # Libraries (.a)
- *application/x-executable*) _strip="${STRIP_BINARIES}" ;; # Binaries
- *) continue ;;
- esac
- /usr/bin/strip ${_strip} "${_binary}"
- done < <(find "${_builddir}/scripts" -type f -perm -u+w -print0 2>/dev/null)
+ msg2 "Fixing permissions..."
+ chmod -Rc u=rwX,go=rX "$pkgdir"
}
_package-docs() {
pkgdesc="Kernel hackers manual - HTML documentation that comes with the ${pkgbase^} kernel"
- provides=("${_replacesarchkernel[@]/%/-docs=${_archpkgver}}")
+ provides=("${_replacesarchkernel[@]/%/-docs=${_srcver%%-*}}")
conflicts=("${_replacesarchkernel[@]/%/-docs}" "${_replacesoldkernels[@]/%/-docs}")
replaces=("${_replacesarchkernel[@]/%/-docs}" "${_replacesoldkernels[@]/%/-docs}")
- cd ${_srcname}
- local _builddir="${pkgdir}/usr/lib/modules/${_kernver}/build"
+ cd $_srcname
+ local builddir="$pkgdir/usr/lib/modules/$(<version)/build"
- mkdir -p "${_builddir}"
- cp -t "${_builddir}" -a Documentation
+ msg2 "Installing documentation..."
+ mkdir -p "$builddir"
+ cp -t "$builddir" -a Documentation
- # Fix permissions
- chmod -R u=rwX,go=rX "${_builddir}"
+ msg2 "Removing doctrees..."
+ rm -r "$builddir/Documentation/output/.doctrees"
+
+ msg2 "Moving HTML docs..."
+ local src dst
+ while read -rd '' src; do
+ dst="$builddir/Documentation/${src#$builddir/Documentation/output/}"
+ mkdir -p "${dst%/*}"
+ mv "$src" "$dst"
+ rmdir -p --ignore-fail-on-non-empty "${src%/*}"
+ done < <(find "$builddir/Documentation/output" -type f -print0)
+
+ msg2 "Adding symlink..."
+ mkdir -p "$pkgdir/usr/share/doc"
+ ln -sr "$builddir/Documentation" "$pkgdir/usr/share/doc/$pkgbase"
+
+ msg2 "Fixing permissions..."
+ chmod -Rc u=rwX,go=rX "$pkgdir"
}
-pkgname=("${pkgbase}" "${pkgbase}-headers" "${pkgbase}-docs")
-for _p in ${pkgname[@]}; do
- eval "package_${_p}() {
- $(declare -f "_package${_p#${pkgbase}}")
- _package${_p#${pkgbase}}
+pkgname=("$pkgbase" "$pkgbase-headers" "$pkgbase-docs")
+for _p in "${pkgname[@]}"; do
+ eval "package_$_p() {
+ $(declare -f "_package${_p#$pkgbase}")
+ _package${_p#$pkgbase}
}"
done
+
+# vim:set ts=8 sts=2 sw=2 et:
diff --git a/kernels/linux-libre-rt/linux.preset b/kernels/linux-libre-rt/linux-armv7h.preset
index 66709a8c1..3cec18ca9 100644
--- a/kernels/linux-libre-rt/linux.preset
+++ b/kernels/linux-libre-rt/linux-armv7h.preset
@@ -1,7 +1,7 @@
# mkinitcpio preset file for the '%PKGBASE%' package
ALL_config="/etc/mkinitcpio.conf"
-ALL_kver="/boot/vmlinuz-%PKGBASE%"
+ALL_kver="%KERNVER%"
PRESETS=('default' 'fallback')
diff --git a/kernels/linux-libre-rt/linux.install b/kernels/linux-libre-rt/linux.install
deleted file mode 100644
index f1f033b4e..000000000
--- a/kernels/linux-libre-rt/linux.install
+++ /dev/null
@@ -1,12 +0,0 @@
-post_upgrade() {
- if [ "$(uname -m)" = "x86_64" ] || [ "$(uname -m)" = "i686" ]; then
- if findmnt --fstab -uno SOURCE /boot &>/dev/null && ! mountpoint -q /boot; then
- echo "WARNING: /boot appears to be a separate partition but is not mounted."
- fi
- fi
-}
-
-post_remove() {
- rm -f boot/initramfs-%PKGBASE%.img
- rm -f boot/initramfs-%PKGBASE%-fallback.img
-}