diff options
Diffstat (limited to 'kernels/linux-libre-xtreme/PKGBUILD')
-rw-r--r-- | kernels/linux-libre-xtreme/PKGBUILD | 89 |
1 files changed, 46 insertions, 43 deletions
diff --git a/kernels/linux-libre-xtreme/PKGBUILD b/kernels/linux-libre-xtreme/PKGBUILD index 7ba3c6be1..3f1de40b7 100644 --- a/kernels/linux-libre-xtreme/PKGBUILD +++ b/kernels/linux-libre-xtreme/PKGBUILD @@ -9,14 +9,12 @@ _replacesoldkernels=() # '%' gets replaced with kernel suffix _replacesoldmodules=() # '%' gets replaced with kernel suffix pkgbase=linux-libre-xtreme -_srcbasever=5.3-gnu -_srcver=5.3.8-gnu -_srcname=linux-${_srcbasever%-*} -_hardenedver=${_srcver%-*}.a -pkgver=${_srcver//-/_} +pkgver=5.3.13_gnu +_hrdedrel=a pkgrel=1 -rcnver=5.3.7 -rcnrel=armv7-x13 +pkgdesc='Security-Hardened Linux-libre (w/Apparmor by default)' +rcnver=5.3.10 +rcnrel=armv7-x15 url='https://wiki.parabola.nu/Xtreme' arch=(i686 x86_64 armv7h) license=(GPL2) @@ -25,15 +23,10 @@ makedepends=( python-sphinx python-sphinx_rtd_theme graphviz imagemagick ) options=('!strip') -_archpatches=( - # Arch's custom linux patches, here for loop patching - 0001-ZEN-Add-sysctl-and-CONFIG-to-disallow-unprivileged-C.patch - 0002-Bluetooth-hidp-Fix-assumptions-on-the-return-value-o.patch -) +_srcname=linux-5.3 source=( - "https://linux-libre.fsfla.org/pub/linux-libre/releases/$_srcbasever/linux-libre-$_srcbasever.tar.xz"{,.sign} - "https://linux-libre.fsfla.org/pub/linux-libre/releases/$_srcver/patch-$_srcbasever-$_srcver.xz"{,.sign} - "https://github.com/anthraxx/linux-hardened/releases/download/${_hardenedver}/linux-hardened-${_hardenedver}.patch"{,.sig} + "https://linux-libre.fsfla.org/pub/linux-libre/releases/${_srcname##*-}-gnu/linux-libre-${_srcname##*-}-gnu.tar.xz"{,.sign} + "https://linux-libre.fsfla.org/pub/linux-libre/releases/${pkgver%_*}-gnu/patch-${_srcname##*-}-gnu-${pkgver%_*}-gnu.xz"{,.sign} "https://repo.parabola.nu/other/linux-libre/logos/logo_linux_"{clut224.ppm,vga16.ppm,mono.pbm}{,.sig} config.i686 config.x86_64 config.armv7h # the main kernel config files linux-armv7h.preset # armv7h preset file for mkinitcpio ramdisk @@ -45,7 +38,10 @@ source=( # https://labs.parabola.nu/issues/877 # http://www.fsfla.org/pipermail/linux-libre/2015-November/003202.html 0002-fix-Atmel-maXTouch-touchscreen-support.patch - ${_archpatches[@]} + + # Arch's custom linux patches + 0001-ZEN-Add-sysctl-and-CONFIG-to-disallow-unprivileged-C.patch + 0002-Bluetooth-hidp-Fix-assumptions-on-the-return-value-o.patch ) source_armv7h=( # armv7h patches, put in the source_armv7h variable just for a more comfortable loop patching @@ -54,7 +50,7 @@ source_armv7h=( # Note: For stability reasons, AUFS has been removed in the RCN patch. # We are supporting AUFS in linux-libre-pck through PCK patch. # See https://wiki.parabola.nu/PCK for further details. - "https://repo.parabola.nu/other/rcn-libre/patches/${rcnver}/rcn-libre-${rcnver}-$rcnrel.patch"{,.sig} + "https://repo.parabola.nu/other/rcn-libre/patches/$rcnver/rcn-libre-$rcnver-$rcnrel.patch"{,.sig} # Arch Linux ARM patches 0001-ARM-atags-add-support-for-Marvell-s-u-boot.patch @@ -67,6 +63,7 @@ source_armv7h=( 0008-ARM-dove-enable-ethernet-on-D3Plug.patch 0009-USB-Armory-MkII-support.patch ) +source_x86_64=("https://github.com/anthraxx/linux-hardened/releases/download/${pkgver%_*}.$_hrdedrel/linux-hardened-${pkgver%_*}.$_hrdedrel.patch"{,.sig}) validpgpkeys=( '474402C8C582DAFBE389C427BCB7CF877E7D47A7' # Alexandre Oliva '65EEFE022108E2B708CBFCF7F9E712E59AF5F22A' # Daniel Micay @@ -75,9 +72,7 @@ validpgpkeys=( ) sha512sums=('85d83c973ef96ab414354414da70ab3e1c3df19c3088458498cec1594952878b7967a8988bd9e36d4e728cc573a36e6eac056dbcab2f9aa742f18cbb4fb3164f' 'SKIP' - 'eca168c4c460bf8d8fbf322e1aa9c6b509f205c7597142967648c09402de95c8438ae302b4920c8f120192b1a54286f0fb860955c66414f3a3c376e41f246391' - 'SKIP' - 'bfb66281d772b24741471e93ea265a9b6a15081fe2a2c1cd6bde9eef34b2943bcbe42f7908cb7335b97a92c189a8fceff2aa7b753c08447a913928f343eeb336' + '3e9c95825f6852a0721a940c80b01b9772c17ae1680c1ce5a151e4f5b577a4a50f030aa0f2fbbc2b53b898b081bf33e67bfdeb513fe5535f95c4b479452264c3' 'SKIP' '13cb5bc42542e7b8bb104d5f68253f6609e463b6799800418af33eb0272cc269aaa36163c3e6f0aacbdaaa1d05e2827a4a7c4a08a029238439ed08b89c564bb3' 'SKIP' @@ -85,15 +80,17 @@ sha512sums=('85d83c973ef96ab414354414da70ab3e1c3df19c3088458498cec1594952878b796 'SKIP' '267295aa0cea65684968420c68b32f1a66a22d018b9d2b2c1ef14267bcf4cb68aaf7099d073cbfefe6c25c8608bdcbbd45f7ac8893fdcecbf1e621abdfe9ecc1' 'SKIP' - 'e8faa7fd50830a6ea7f3a6e193b7c51beb92fc5ffd4fc4813b48cb09e12c11a2d9f13aeb8533eb44de04fb65ae25e89b18aa2883191bd0a8f518797416765cac' - '08e3e3bbe05b50c03023d9eb3cee7ea6fe9466d81afc458d21448a4edd73089574f9efa03ffc8b66167ed2c761fad21d85ef35dfc6bc1488eafa85236fe541ea' + '6a25d32719af8f068ab0002881290c30bc2ee859781dcf9e71e156ac4beb9fbb72e19a079b9e9378c43d3649e4722b8f26ad48f739321c5832131b1ad3d4a2ac' + 'b62e3a4dba0c4e0cd254641ed186a0ff3a214c0d0e0e81b7eccdcc8980d6ab5cbd88e1e1a2730830d0ff4a7eb80b4ea4934f786bab4a02e24c8ba134cca78926' 'e95afb5fad75b8d2fe31dc042c07b3b784f36e678cdb91ad7a5df79660c94cd74ad42ffd7ba5747db829eb5647fb56afa89bfda6022025e6c26b0dc0ebd5c4a0' - 'aca591b5a2e838754e3c5fd2c0e50098ad54c2d0f990de5bf9cff8608e881daf0e37132294ed1a0e0a7b9e1c194c0b89f95da001d94febdb25a01c409060e3ac' + 'f01e7925b262d2874a8a991b1f27d057356a2a384d2012b61be5a631d4e4d7cf87461c8fb9e7f183831f5a829ad204897f1f0545a52df6288a0e04a5c2e31b96' '02af4dd2a007e41db0c63822c8ab3b80b5d25646af1906dc85d0ad9bb8bbf5236f8e381d7f91cf99ed4b0978c50aee37cb9567cdeef65b7ec3d91b882852b1af' 'b8fe56e14006ab866970ddbd501c054ae37186ddc065bb869cf7d18db8c0d455118d5bda3255fb66a0dde38b544655cfe9040ffe46e41d19830b47959b2fb168' '5c48b0092ab6a31453e27e6345347fd2d066e1c306c4c8a9144260bf37d0d13879b5cfe688906a06627d39a40a37e229e5300a479b2c9159e93e05ea7adc6b0a' 'b07d84cac1c784f5652a4681efd54ef89ce9cb0778bd2a633709b7150f9fb59db978dc290b92bcb69b8d211471c22a0be2a81a129318cd7efff601a3c591483c') -sha512sums_armv7h=('f465d4229c82280040dbbe4f24a99bf0318298659218e66e1c05645d5921f01c74517eb9a4401928d6b1a221d2c09e360d270b08b0285864a8eaac022796ce0a' +sha512sums_x86_64=('4df1d7be2823df714f9a1f5480ff2d5476929c58910fc4a6b1af3e4d325a4519072850dc0dc218ec402b17aa7456bc1596f95409f2f92717dc7cac07cb42b0b6' + 'SKIP') +sha512sums_armv7h=('ffb94962db829fb1f86e3da3558f469dd51d12bb352f17a82daa67a03497b52409b2f53e52eb36569e7be8b3fa7460c3b3ce3ebe3589e8a202c45cbbde0d3162' 'SKIP' '9724026836feefa67acb9644acf3ee89d465734af50b6637b8232b705c6259035d485cd1a1f0f08d189921eb75ad095b3e1f7f7e5e0e52302352c453f03ac820' '41f9f7d58bb29311e09dd58105d173fb2e2a955c0e7d632bc8788c2f0a803a45281dfd2be1712d6ec93b58b9f440f3f8398f234bd7ded1c49b1c33b328478203' @@ -116,17 +113,17 @@ esac export KBUILD_BUILD_HOST=parabola export KBUILD_BUILD_USER=$pkgbase -export KBUILD_BUILD_TIMESTAMP="@${SOURCE_DATE_EPOCH:-$(date +%s)}" +export KBUILD_BUILD_TIMESTAMP="$(date -Ru${SOURCE_DATE_EPOCH:+d @$SOURCE_DATE_EPOCH})" prepare() { cd $_srcname - # add upstream patch - if [ "$_srcbasever" != "$_srcver" ]; then - patch -p1 -i ../patch-$_srcbasever-$_srcver + if [ "${_srcname##*-}" != "${pkgver%_*}" ]; then + msg2 "Applying upstream patch..." + patch -p1 -i ../patch-${_srcname##*-}-gnu-${pkgver%_*}-gnu fi - # add freedo as boot logo + msg2 "Adding freedo as boot logo..." install -m644 -t drivers/video/logo \ ../logo_linux_{clut224.ppm,vga16.ppm,mono.pbm} @@ -144,13 +141,20 @@ prepare() { msg2 "Applying patch $src_armv7h..." patch -Np1 < "../$src_armv7h" done + elif [ "$CARCH" = "x86_64" ]; then + local src_x86_64 + for src_x86_64 in "${source_x86_64[@]}"; do + src_x86_64="${src_x86_64%%::*}" + src_x86_64="${src_x86_64##*/}" + [[ src_x86_64 = *.patch ]] || continue + msg2 "Applying patch $src_x86_64..." + patch -Np1 < "../$src_x86_64" + done fi - if [ "$CARCH" = "x86_64" ]; then - patch -Np1 < ../linux-hardened-${_hardenedver}.patch - else + if ! [ "$CARCH" = "x86_64" ]; then local src - for src in "${_archpatches[@]}"; do + for src in "${source[@]}"; do src="${src%%::*}" src="${src##*/}" [[ $src = *.patch ]] || continue @@ -177,15 +181,14 @@ build() { } _package() { - pkgdesc="The ${pkgbase^} kernel and modules with all LSMs enabled, using AppArmor by default" - [ "$CARCH" = x86_64 ] && pkgdesc+=" and Linux-hardened patchset" + pkgdesc="The $pkgdesc kernel and modules" depends=(coreutils kmod initramfs) optdepends=('crda: to set the correct wireless channels of your country' 'linux-libre-firmware: firmware images needed for some devices' 'apparmor: to configure and enable mandatory access control for programs' 'tomoyo-tools: to manage tomoyo userspace tools') optdepends_x86_64=('usbctl: deny_new_usb control') - provides=("${_replacesarchkernel[@]/%/=${_srcver%%-*}}" "LINUX-ABI_VERSION=${_srcver%%-*}") + provides=("${_replacesarchkernel[@]/%/=${pkgver%%_*}}" "LINUX-ABI_VERSION=${pkgver%%_*}") conflicts=("${_replacesarchkernel[@]}" "${_replacesoldkernels[@]}" "${_replacesoldmodules[@]}") replaces=("${_replacesarchkernel[@]}" "${_replacesoldkernels[@]}" "${_replacesoldmodules[@]}") @@ -224,8 +227,8 @@ _package() { } _package-headers() { - pkgdesc="Header files and scripts for building modules for ${pkgbase^} kernel" - provides=("${_replacesarchkernel[@]/%/-headers=${_srcver%%-*}}") + pkgdesc="Header files and scripts for building modules for $pkgdesc kernel" + provides=("${_replacesarchkernel[@]/%/-headers=${pkgver%%_*}}") conflicts=("${_replacesarchkernel[@]/%/-headers}" "${_replacesoldkernels[@]/%/-headers}") replaces=("${_replacesarchkernel[@]/%/-headers}" "${_replacesoldkernels[@]/%/-headers}") @@ -326,11 +329,11 @@ _package-headers() { } _package-docs() { - pkgdesc="Kernel hackers manual - HTML documentation that comes with the ${pkgbase^} kernel" - provides=("${_replacesarchkernel[@]/%/-docs=${_srcver%%-*}}") + pkgdesc="Kernel hacker's manual for the $pkgdesc kernel" + provides=("${_replacesarchkernel[@]/%/-docs=${pkgver%%_*}}") conflicts=("${_replacesarchkernel[@]/%/-docs}" "${_replacesoldkernels[@]/%/-docs}") replaces=("${_replacesarchkernel[@]/%/-docs}" "${_replacesoldkernels[@]/%/-docs}") - + cd $_srcname local builddir="$pkgdir/usr/lib/modules/$(<version)/build" @@ -338,8 +341,8 @@ _package-docs() { mkdir -p "$builddir" cp -t "$builddir" -a Documentation - msg2 "Removing doctrees..." - rm -r "$builddir/Documentation/output/.doctrees" + msg2 "Removing unneeded files..." + rm -rv "$builddir"/Documentation/{,output/}.[^.]* msg2 "Moving HTML docs..." local src dst |