diff options
Diffstat (limited to 'libre/linux-libre-hardened/PKGBUILD')
| -rw-r--r-- | libre/linux-libre-hardened/PKGBUILD | 365 |
1 files changed, 177 insertions, 188 deletions
diff --git a/libre/linux-libre-hardened/PKGBUILD b/libre/linux-libre-hardened/PKGBUILD index a17e4bedb..81533ff79 100644 --- a/libre/linux-libre-hardened/PKGBUILD +++ b/libre/linux-libre-hardened/PKGBUILD @@ -7,11 +7,12 @@ # Contributor: Luke Shumaker <lukeshu@sbcglobal.net> # Contributor: Luke R. <g4jc@openmailbox.org> -# Based on linux-hardened package +# Based on linux package +# NOTE: Not based on linux-hardened due to its low quality pkgbase=linux-libre-hardened _pkgbasever=4.14-gnu -_pkgver=4.14.3-gnu +_pkgver=4.14.12-gnu _hardenedver=a _replacesarchkernel=('linux%') # '%' gets replaced with _kernelname @@ -22,44 +23,51 @@ _srcname=linux-${_pkgbasever%-*} _archpkgver=${_pkgver%-*} pkgver=${_pkgver//-/_}.${_hardenedver} pkgrel=1 -rcnrel=armv7-x2 +rcnrel=armv7-x4 arch=('i686' 'x86_64' 'armv7h') url="https://jxself.org/git/?p=linux-libre-hardened.git" license=('GPL2') -makedepends=('xmlto' 'docbook-xsl' 'kmod' 'inetutils' 'bc' 'libelf') +makedepends=('kmod' 'inetutils' 'bc' 'libelf') makedepends_armv7h=('git') options=('!strip') -source=("https://linux-libre.fsfla.org/pub/linux-libre/releases/${_pkgbasever}/linux-libre-${_pkgbasever}.tar.xz"{,.sign} - "https://linux-libre.fsfla.org/pub/linux-libre/releases/${_pkgver}/patch-${_pkgbasever}-${_pkgver}.xz"{,.sign} - "https://github.com/copperhead/linux-hardened/releases/download/${_pkgver%-*}.${_hardenedver}/linux-hardened-${_pkgver%-*}.${_hardenedver}.patch"{,.sig} - "https://repo.parabola.nu/other/linux-libre/logos/logo_linux_clut224.ppm"{,.sig} - "https://repo.parabola.nu/other/linux-libre/logos/logo_linux_mono.pbm"{,.sig} - "https://repo.parabola.nu/other/linux-libre/logos/logo_linux_vga16.ppm"{,.sig} - # the main kernel config files - 'config.i686' 'config.x86_64' 'config.armv7h' - # pacman hooks for initramfs regeneration - '60-linux.hook' - '90-linux.hook' - # standard config files for mkinitcpio ramdisk - 'linux.preset' - '0001-usb-serial-gadget-no-TTY-hangup-on-USB-disconnect-WI.patch' - '0002-fix-Atmel-maXTouch-touchscreen-support.patch' - # armv7h patches - "https://repo.parabola.nu/other/rcn-libre/patches/${_pkgver%-*}/rcn-libre-${_pkgver%-*}-${rcnrel}.patch"{,.sig} - '0001-ARM-atags-add-support-for-Marvell-s-u-boot.patch' - '0002-ARM-atags-fdt-retrieve-MAC-addresses-from-Marvell-bo.patch' - '0003-SMILE-Plug-device-tree-file.patch' - '0004-fix-mvsdio-eMMC-timing.patch' - '0005-net-smsc95xx-Allow-mac-address-to-be-set-as-a-parame.patch' - '0006-set-default-cubietruck-led-triggers.patch' - '0007-exynos4412-odroid-set-higher-minimum-buck2-regulator.patch' - '0008-disable-USB3-port-on-ODROID-XU.patch' - '0009-ARM-dove-enable-ethernet-on-D3Plug.patch') +source=( + "https://linux-libre.fsfla.org/pub/linux-libre/releases/${_pkgbasever}/linux-libre-${_pkgbasever}.tar.xz"{,.sign} + "https://linux-libre.fsfla.org/pub/linux-libre/releases/${_pkgver}/patch-${_pkgbasever}-${_pkgver}.xz"{,.sign} + "https://github.com/copperhead/linux-hardened/releases/download/${_pkgver%-*}.${_hardenedver}/linux-hardened-${_pkgver%-*}.${_hardenedver}.patch"{,.sig} + "https://repo.parabola.nu/other/linux-libre/logos/logo_linux_clut224.ppm"{,.sig} + "https://repo.parabola.nu/other/linux-libre/logos/logo_linux_mono.pbm"{,.sig} + "https://repo.parabola.nu/other/linux-libre/logos/logo_linux_vga16.ppm"{,.sig} + # the main kernel config files + 'config.i686' 'config.x86_64' 'config.armv7h' + # pacman hooks for depmod and initramfs regeneration + '60-linux.hook' '90-linux.hook' + # standard config files for mkinitcpio ramdisk + 'linux.preset' + # armv7h patches + "https://repo.parabola.nu/other/rcn-libre/patches/${_pkgver%-*}/rcn-libre-${_pkgver%-*}-${rcnrel}.patch"{,.sig} + '0001-ARM-atags-add-support-for-Marvell-s-u-boot.patch' + '0002-ARM-atags-fdt-retrieve-MAC-addresses-from-Marvell-bo.patch' + '0003-SMILE-Plug-device-tree-file.patch' + '0004-fix-mvsdio-eMMC-timing.patch' + '0005-net-smsc95xx-Allow-mac-address-to-be-set-as-a-parame.patch' + '0006-set-default-cubietruck-led-triggers.patch' + '0007-exynos4412-odroid-set-higher-minimum-buck2-regulator.patch' + '0008-disable-USB3-port-on-ODROID-XU.patch' + '0009-ARM-dove-enable-ethernet-on-D3Plug.patch' + # other patches + '0001-usb-serial-gadget-no-TTY-hangup-on-USB-disconnect-WI.patch' + '0002-fix-Atmel-maXTouch-touchscreen-support.patch' + '0001-e1000e-Fix-e1000_check_for_copper_link_ich8lan-retur.patch' + '0002-dccp-CVE-2017-8824-use-after-free-in-DCCP-code.patch' + '0003-xfrm-Fix-stack-out-of-bounds-read-on-socket-policy-l.patch' + '0004-cgroup-fix-css_task_iter-crash-on-CSS_TASK_ITER_PROC.patch' + '0005-drm-i915-edp-Only-use-the-alternate-fixed-mode-if-it.patch' + ) sha512sums=('0d4b0b8ec1ffc39c59295adf56f6a2cccf77cad56d8a8bf8072624bbb52ba3e684147ebed91d1528d2685423dd784c5fca0f3650f874f2b93cfc6b7689b9a87f' 'SKIP' - 'efa3d7de4ce50cff18cbf53b482a1368450c6a395e401ff98e6f34da4bfeff63d5fc5bc56a17ce5fd041d818cf7767b2611270f4e1c7adc52063b6abadf0e70d' + '2e8abb699328db2b156890b6ab966ba0c8cefbf64c909d13290c92ca99419b5fb06a53d3d93ed83ed6bd28edb6eeba73bd996f3cb2bc150c3b8709b2e2bbea17' 'SKIP' - 'ff6b322039f1dda054cb18e6d681989c40f183d85e7ab68380d3c010345d15dc89e65a102e22fb175c20c33027496593db739348935305cdcf8c6a1ccb0db99c' + 'ca6e9e7efbdb62ddda3ee5529ab652f334095152b137c9d52f19289d3b978ef8b9a0e296a0ed195433eaa45f3533c9e81b41b731efd6410f0c7d6a348a56f12e' 'SKIP' '13cb5bc42542e7b8bb104d5f68253f6609e463b6799800418af33eb0272cc269aaa36163c3e6f0aacbdaaa1d05e2827a4a7c4a08a029238439ed08b89c564bb3' 'SKIP' @@ -67,29 +75,34 @@ sha512sums=('0d4b0b8ec1ffc39c59295adf56f6a2cccf77cad56d8a8bf8072624bbb52ba3e6841 'SKIP' '7a3716bfe3b9f546da309c7492f3e08f8f506813afeb1c737a474c83313d5c313cf4582b65215c2cfce3b74d9d1021c96e8badafe8f6e5b01fe28d2b5c61ae78' 'SKIP' - 'd4f82526711779b15ac21acab8f9bdec46569a9c2712ccda334afdd975ab4aa21162481576e5fc938a59a35ea2208d1053cdb08bf0e14954146d0fbcb2358851' - '915b339d4633bf31c2d3a2c953ad099173af58dd19369973adafe7f3d6fcfa430a86178757f87e28f064ee65249135628e2b5eaf541542838a0854966a98ddfc' - '2836a1f184033eb8a6abea1d620260b52b25fb989c67b7fc0614d6275457b4efa10ad6be40510c01868b7e1e4c505fad9ecb02dd2a9936d31d14f77439856b1b' + '71f8c531622f189dac540808356b688bf920385b164ec0f68d9975555aec37a2a8b56198a32a74b14ed70182de09096f83f38272ccab5e32138853629a1ba222' + '0dcaf48ca78562e1ef77b4d4b68d1d0c98a573a234e1d9d56d9e8adf9d29ecea3fc2ab9a39cc49d5b67698b59dc3f591d603952253e8b3af8ea9c8da06db1503' + 'a8a9631dd8813e0266f625f5b7ad8f13fea26d6fa267331adb028a2139f11da283a348e34ad6cb37c7767f228ca0663427e0212bbddf539f67f64c9bac3cc368' '7ad5be75ee422dda3b80edd2eb614d8a9181e2c8228cd68b3881e2fb95953bf2dea6cbe7900ce1013c9de89b2802574b7b24869fc5d7a95d3cc3112c4d27063a' '4a8b324aee4cccf3a512ad04ce1a272d14e5b05c8de90feb82075f55ea3845948d817e1b0c6f298f5816834ddd3e5ce0a0e2619866289f3c1ab8fd2f35f04f44' '2dc6b0ba8f7dbf19d2446c5c5f1823587de89f4e28e9595937dd51a87755099656f2acec50e3e2546ea633ad1bfd1c722e0c2b91eef1d609103d8abdc0a7cbaf' + '6a9a290f0fa71973f40a0335017b65bac0486fe719fa79d5cab9358d03c43613f796f5cfcf68bd89964fcb71e05dcead40516b28f78cd25ab9a841c05cbd5874' + 'SKIP' + '29c709ee6892a668c77945142ed9749cb8a3135575a4316f4a3cc85fbda41c09fdd65e32507b654c96aa438bd2aed08c09919bb162daee969643aafd053321c4' + '5b35ef2c675aed00ddf82b8a96a486230fad78f05b5a69c95a57632d6c7f428f026439f3ced72cf54156ffd4fd563e68d4285ba6f42428c00b966257951039c3' + 'e9544aa1f86328299e97e7ace9ef7997fc3e7ebc8ce906e5f87feee4cd716d75e46656c949dd103512fb13be2948db010c5aab233f2a8fc9cf49b2ae8d98a2fb' + '757f75a0a1b14b43bc9150718748952b6e11252611aadf32490dbb35864e78075b31aa9f19bb3d22c442451125852389b13920b29e58449ee82bff92c7854a21' + 'e882019d93cc95a379e9c46c1f72fc4df54507efa5fed498399424c0f0cc908d60ea94f422e1aefcfb2c4b6cfaa1c4d3de63b2cab09196c5147a36a07ab5ece8' + '23f21fb05188479fb2238229a88d1d45f30052e3d7dcbbf99c5b9a763493eac122795431cf6932e85bd6e091380179b62e986782fafe7e8c2bd53940199b925e' + '45a21f9dfec613c8f4dba284aaf80e307612440893536295a32ec805e11439272a0949921a22f12f67600df8415870aa27101b7e3d3869aea88ad3e1cb614086' + '6c93bc1e8d580af288921e10c456bdbda1dcb6d6f08c111cddaf9a32b43c2df41b50136bc09aaac1da9c3cae667bba6e075d590dcc465107ae6e2c3dcf7da657' + 'f813d51834cedc23fabbb6060709a24f29969fea5aeb963fdeddb79723014ffc0c6d34be45eea8419d5087a5a9c561a42a113d667f03625283f2f2fc68196545' '02af4dd2a007e41db0c63822c8ab3b80b5d25646af1906dc85d0ad9bb8bbf5236f8e381d7f91cf99ed4b0978c50aee37cb9567cdeef65b7ec3d91b882852b1af' 'b8fe56e14006ab866970ddbd501c054ae37186ddc065bb869cf7d18db8c0d455118d5bda3255fb66a0dde38b544655cfe9040ffe46e41d19830b47959b2fb168' - '258c3014fc3c4399c19e2385cdff6d28b5711ce4dfba5069199eac6c491ed34a98e693c78882aab87ae504e27f19b78a44255e55423505c96aa7f581fe336455' - 'SKIP' - '8da49af5cce12f0bf21f5985cf85d13624404bab76cc0fd7a04b3ee6c046b5dceb4ae0bb821e060405366310473042892e716f530f04d1dab9a21ca1f778dd6c' - '06f40e0f197b15dffc7c724aba9a41f2343c8528576700202f069d5cd00013e7e5e8d62153cf358d02c21e28d7cf2a66e3f5190677cb590ac07f36be58b43cab' - '9ebb57495958cfcd64f82c6dbfc823ea724d888ac6991bc983981b9a4791c0691a7aba3f7358ec8c853a4e06f098d674a7bd410beb653e0f3bb6c2cd9baad254' - '42e4c7235301c476c47e8fad82117773fe362fc7a037ab18f78cef808e6d7868aea4671e89ea95f7fe8ba84a42f7d5425c8f5cca1049327775a6a83db9ff7afb' - 'b02a0886168ff3b17ff3963b518e95c94a8ecb17409381a6e4f6ee06e6f352667f0b6f8d78e39509c54bacf4c29224f67eaf514b261625a951d35fcdd809d1f6' - '47643f83377377e7b878a78b42cb5c4261390d70912fff3e41fed8f4ec750077e62291451bde098032e199d152efb89cbe9058ffa341838f411df03e5b2cb9cb' - 'af61d42d03ae4624feee5b31e699f7f16596a2b5556a43a42e773d00ab35b72ed60777b17c75acfd690f590376fba4000efda310cb628e3788f30c970bcc7e10' - 'ef47eb4cbe69d1eab683c6b4f9ea17cc2e193e14e58e4d93da3f082401aedd8a3218a30a680a077724fda698f37389fa1a216781779b59e6bd17f44dfa569d3d' - '880f625458fe7d3f5cb7d5701f2c3e094a62a1965af2c9a1520724d0142d3535211f52bdbe1318c230e6fdb3fdfbf511a83bd81ba7e117ecbc7dcb87193286c1') + 'fd9bdc818326fa36c9f1813d0d1821de5e325b646e1c307c197ad38bada7f298d35b4bc1bbf1c2854689f3ba71144879e799a1123037caccd6e3f64edfc22d54' + '814517d08c35cc886fe3382619d41107d6139a703c27186d0ce58e187eaf4e84891572e58246750ac8602555794ed6f74d946565b98860787a0aa617fb946dda' + 'e6605e923c967b5f8db619868b15ea5b0d4254c62cf12bb920f38659933d6ca25a643d3e044c4915a8309071461f5f14c55d0aa0329c113bce4780d4fa3afbb7' + '0dec1482efe6e5d762a3061f365e43191484f055b738112452b8ca39e162b935d99cf16b25c0b253d6b532fabc54bde2f5c09be91887156ed6ae06d1558f94b9' + 'fcc40dc86dd432be76854e3c51889db488de0f1029ecc227b92c4f58c62ba928f7dc3b9515ac3ca0a08d6a0a72ca4a1a754d47c4fb274fe89f09a2a336088e7a') validpgpkeys=( - '474402C8C582DAFBE389C427BCB7CF877E7D47A7' # Alexandre Oliva - '65EEFE022108E2B708CBFCF7F9E712E59AF5F22A' # Daniel Micay - '6DB9C4B4F0D8C0DC432CF6E4227CA7C556B2BA78' # David P. + '474402C8C582DAFBE389C427BCB7CF877E7D47A7' # Alexandre Oliva + '65EEFE022108E2B708CBFCF7F9E712E59AF5F22A' # Daniel Micay + '6DB9C4B4F0D8C0DC432CF6E4227CA7C556B2BA78' # David P. ) _kernelname=${pkgbase#linux-libre} @@ -107,19 +120,20 @@ case "${CARCH}" in esac prepare() { - cd "${srcdir}/${_srcname}" + cd ${_srcname} # add upstream patch if [ "${_pkgbasever}" != "${_pkgver}" ]; then - patch -p1 -i "${srcdir}/patch-${_pkgbasever}-${_pkgver}" + patch -p1 -i ../patch-${_pkgbasever}-${_pkgver} fi + chmod +x tools/objtool/sync-check.sh # GNU patch doesn't support git-style file mode if [ "${CARCH}" = "armv7h" ]; then # RCN patch (CM3 firmware deblobbed and AUFS removed) # Note: For stability reasons, AUFS has been removed in the RCN patch. # We are supporting AUFS in linux-libre-pck through PCK patch. # See https://wiki.parabola.nu/PCK for further details. - git apply -v "${srcdir}/rcn-libre-hardened-${_pkgver%-*}-${rcnrel}.patch" + git apply -v "${srcdir}/rcn-libre-${_pkgver%-*}-${rcnrel}.patch" # ALARM patches patch -p1 -i "${srcdir}/0001-ARM-atags-add-support-for-Marvell-s-u-boot.patch" @@ -140,9 +154,26 @@ prepare() { install -m644 -t drivers/video/logo \ "${srcdir}/logo_linux_"{clut224.ppm,vga16.ppm,mono.pbm} + # security patches + # add latest fixes from stable queue, if needed # http://git.kernel.org/?p=linux/kernel/git/stable/stable-queue.git + # https://bugs.archlinux.org/task/56575 + patch -Np1 -i ../0001-e1000e-Fix-e1000_check_for_copper_link_ich8lan-retur.patch + + # https://nvd.nist.gov/vuln/detail/CVE-2017-8824 + patch -Np1 -i ../0002-dccp-CVE-2017-8824-use-after-free-in-DCCP-code.patch + + # https://bugs.archlinux.org/task/56605 + patch -Np1 -i ../0003-xfrm-Fix-stack-out-of-bounds-read-on-socket-policy-l.patch + + # https://bugs.archlinux.org/task/56846 + patch -Np1 -i ../0004-cgroup-fix-css_task_iter-crash-on-CSS_TASK_ITER_PROC.patch + + # https://bugs.archlinux.org/task/56711 + patch -Np1 -i ../0005-drm-i915-edp-Only-use-the-alternate-fixed-mode-if-it.patch + # maintain the TTY over USB disconnects # http://www.coreboot.org/EHCI_Gadget_Debug patch -p1 -i "${srcdir}/0001-usb-serial-gadget-no-TTY-hangup-on-USB-disconnect-WI.patch" @@ -152,8 +183,13 @@ prepare() { # http://www.fsfla.org/pipermail/linux-libre/2015-November/003202.html patch -p1 -i "${srcdir}/0002-fix-Atmel-maXTouch-touchscreen-support.patch" - cat "${srcdir}/config.${CARCH}" > ./.config + cp -Tf ../config.${CARCH} .config + if [ "${_kernelname}" != "" ]; then + sed -i "s|CONFIG_LOCALVERSION=.*|CONFIG_LOCALVERSION=\"${_kernelname}\"|g" ./.config + sed -i "s|CONFIG_LOCALVERSION_AUTO=.*|CONFIG_LOCALVERSION_AUTO=n|" ./.config + fi + # append pkgrel to extraversion sed -ri "s|^(EXTRAVERSION =.*\S).*|\1-${pkgrel}|" Makefile @@ -176,7 +212,7 @@ prepare() { } build() { - cd "${srcdir}/${_srcname}" + cd ${_srcname} if [ "${CARCH}" = "armv7h" ]; then make ${MAKEFLAGS} LOCALVERSION= zImage modules dtbs @@ -196,15 +232,15 @@ _package() { backup=("etc/mkinitcpio.d/${pkgbase}.preset") install=linux.install - cd "${srcdir}/${_srcname}" + cd ${_srcname} # get kernel version _kernver="$(make LOCALVERSION= kernelrelease)" _basekernel=${_kernver%%-*} _basekernel=${_basekernel%.*} - mkdir -p "${pkgdir}"/{boot,lib/{modules,firmware},usr} - make LOCALVERSION= INSTALL_MOD_PATH="${pkgdir}" modules_install + mkdir -p "${pkgdir}"/{boot,usr/lib/modules} + make LOCALVERSION= INSTALL_MOD_PATH="${pkgdir}/usr" modules_install if [ "${CARCH}" = "armv7h" ]; then make LOCALVERSION= INSTALL_DTBS_PATH="${pkgdir}/boot/dtbs/${pkgbase}" dtbs_install cp arch/$KARCH/boot/zImage "${pkgdir}/boot/vmlinuz-${pkgbase}" @@ -213,37 +249,39 @@ _package() { fi # make room for external modules - local _extramodules="extramodules-${_basekernel}${_kernelname:--ARCH}" - ln -s "../${_extramodules}" "${pkgdir}/lib/modules/${_kernver}/extramodules" + local _extramodules="extramodules-${_basekernel}${_kernelname}" + ln -s "../${_extramodules}" "${pkgdir}/usr/lib/modules/${_kernver}/extramodules" # add real version for building modules and running depmod from hook echo "${_kernver}" | - install -Dm644 /dev/stdin "${pkgdir}/lib/modules/${_extramodules}/version" - - # remove build and source links - rm -f "${pkgdir}"/lib/modules/${_kernver}/{source,build} + install -Dm644 /dev/stdin "${pkgdir}/usr/lib/modules/${_extramodules}/version" - # remove the firmware - rm -rf "${pkgdir}/lib/firmware" + # remove build and source links + rm "${pkgdir}"/usr/lib/modules/${_kernver}/{source,build} # now we call depmod... - depmod -b "${pkgdir}" -F System.map "${_kernver}" + depmod -b "${pkgdir}/usr" -F System.map "${_kernver}" if [ "${CARCH}" = "x86_64" ] || [ "${CARCH}" = "i686" ]; then # add vmlinux - install -Dt "${pkgdir}/lib/modules/${_kernver}/build" -m644 vmlinux + install -Dt "${pkgdir}/usr/lib/modules/${_kernver}/build" -m644 vmlinux fi - # move module tree /lib -> /usr/lib - mkdir -p "${pkgdir}/usr" - mv "${pkgdir}/lib" "${pkgdir}/usr/" - # sed expression for following substitutions + if [ "${CARCH}" = "armv7h" ]; then + local _subst=" + s|/boot/vmlinuz-%PKGBASE%|${_kernver}|g + s|%PKGBASE%|${pkgbase}|g + s|%KERNVER%|${_kernver}|g + s|%EXTRAMODULES%|${_extramodules}|g + " + elif [ "${CARCH}" = "x86_64" ] || [ "${CARCH}" = "i686" ]; then local _subst=" s|%PKGBASE%|${pkgbase}|g s|%KERNVER%|${_kernver}|g s|%EXTRAMODULES%|${_extramodules}|g " + fi # hack to allow specifying an initially nonexisting install file sed "${_subst}" "${startdir}/${install}" > "${startdir}/${install}.pkg" @@ -264,141 +302,93 @@ _package-headers() { pkgdesc="Header files and scripts for building modules for ${pkgbase^} kernel" provides=("${_replacesarchkernel[@]/%/-headers=${_archpkgver}}") conflicts=("${_replacesarchkernel[@]/%/-headers}" "${_replacesoldkernels[@]/%/-headers}") - replaces=("${_replacesarchkernel[@]/%/-headers}" "${_replacesoldkernels[@]/%/-headers}" "${_replacesarchgrsec[@]/%/-headers}" "${_replacesgrsec[@]/%/-headers}") - - install -dm755 "${pkgdir}/usr/lib/modules/${_kernver}" - - cd "${srcdir}/${_srcname}" - install -D -m644 Makefile \ - "${pkgdir}/usr/lib/modules/${_kernver}/build/Makefile" - install -D -m644 kernel/Makefile \ - "${pkgdir}/usr/lib/modules/${_kernver}/build/kernel/Makefile" - install -D -m644 .config \ - "${pkgdir}/usr/lib/modules/${_kernver}/build/.config" + replaces=("${_replacesarchkernel[@]/%/-headers}" "${_replacesoldkernels[@]/%/-headers}") - mkdir -p "${pkgdir}/usr/lib/modules/${_kernver}/build/include" - - for i in acpi asm-generic config crypto drm generated keys linux math-emu \ - media net pcmcia scsi soc sound trace uapi video xen; do - cp -a include/${i} "${pkgdir}/usr/lib/modules/${_kernver}/build/include/" - done - - # copy arch includes for external modules - mkdir -p "${pkgdir}/usr/lib/modules/${_kernver}/build/arch/${KARCH}" - cp -a arch/${KARCH}/include "${pkgdir}/usr/lib/modules/${_kernver}/build/arch/${KARCH}/" - if [ "${CARCH}" = "armv7h" ]; then - for i in dove exynos omap2; do - mkdir -p "${pkgdir}/usr/lib/modules/${_kernver}/build/arch/${KARCH}/mach-${i}" - cp -a arch/${KARCH}/mach-${i}/include "${pkgdir}/usr/lib/modules/${_kernver}/build/arch/${KARCH}/mach-${i}/" - done - for i in omap orion samsung versatile; do - mkdir -p "${pkgdir}/usr/lib/modules/${_kernver}/build/arch/${KARCH}/plat-${i}" - cp -a arch/${KARCH}/plat-${i}/include "${pkgdir}/usr/lib/modules/${_kernver}/build/arch/${KARCH}/plat-${i}/" - done - fi + cd ${_srcname} + local _builddir="${pkgdir}/usr/lib/modules/${_kernver}/build" - # copy files necessary for later builds - cp Module.symvers "${pkgdir}/usr/lib/modules/${_kernver}/build" - cp -a scripts "${pkgdir}/usr/lib/modules/${_kernver}/build" + install -Dt "${_builddir}" -m644 Makefile .config Module.symvers + install -Dt "${_builddir}/kernel" -m644 kernel/Makefile - # fix permissions on scripts dir - chmod og-w -R "${pkgdir}/usr/lib/modules/${_kernver}/build/scripts" - mkdir -p "${pkgdir}/usr/lib/modules/${_kernver}/build/.tmp_versions" + mkdir "${_builddir}/.tmp_versions" - mkdir -p "${pkgdir}/usr/lib/modules/${_kernver}/build/arch/${KARCH}/kernel" + cp -t "${_builddir}" -a include scripts - cp arch/${KARCH}/Makefile "${pkgdir}/usr/lib/modules/${_kernver}/build/arch/${KARCH}/" + install -Dt "${_builddir}/arch/${KARCH}" -m644 arch/${KARCH}/Makefile + install -Dt "${_builddir}/arch/${KARCH}/kernel" -m644 arch/${KARCH}/kernel/asm-offsets.s - if [ "${CARCH}" = "i686" ]; then - cp arch/${KARCH}/Makefile_32.cpu "${pkgdir}/usr/lib/modules/${_kernver}/build/arch/${KARCH}/" + if [[ ${CARCH} = i686 ]]; then + install -t "${_builddir}/arch/${KARCH}" -m644 arch/${KARCH}/Makefile_32.cpu fi - cp arch/${KARCH}/kernel/asm-offsets.s "${pkgdir}/usr/lib/modules/${_kernver}/build/arch/${KARCH}/kernel/" - - # add docbook makefile - #install -D -m644 Documentation/DocBook/Makefile \ - #"${pkgdir}/usr/lib/modules/${_kernver}/build/Documentation/DocBook/Makefile" - - # add dm headers - mkdir -p "${pkgdir}/usr/lib/modules/${_kernver}/build/drivers/md" - cp drivers/md/*.h "${pkgdir}/usr/lib/modules/${_kernver}/build/drivers/md" + cp -t "${_builddir}/arch/${KARCH}" -a arch/${KARCH}/include - # add inotify.h - mkdir -p "${pkgdir}/usr/lib/modules/${_kernver}/build/include/linux" - cp include/linux/inotify.h "${pkgdir}/usr/lib/modules/${_kernver}/build/include/linux/" + install -Dt "${_builddir}/drivers/md" -m644 drivers/md/*.h + install -Dt "${_builddir}/net/mac80211" -m644 net/mac80211/*.h - # add wireless headers - mkdir -p "${pkgdir}/usr/lib/modules/${_kernver}/build/net/mac80211/" - cp net/mac80211/*.h "${pkgdir}/usr/lib/modules/${_kernver}/build/net/mac80211/" - - # add dvb headers for external modules - # in reference to: # http://bugs.archlinux.org/task/9912 - mkdir -p "${pkgdir}/usr/lib/modules/${_kernver}/build/drivers/media/dvb-core" - cp drivers/media/dvb-core/*.h "${pkgdir}/usr/lib/modules/${_kernver}/build/drivers/media/dvb-core/" - # and... - # http://bugs.archlinux.org/task/11194 - mkdir -p "${pkgdir}/usr/lib/modules/${_kernver}/build/include/config/dvb/" - cp include/config/dvb/*.h "${pkgdir}/usr/lib/modules/${_kernver}/build/include/config/dvb/" - - # add dvb headers for http://mcentral.de/hg/~mrec/em28xx-new - # in reference to: + install -Dt "${_builddir}/drivers/media/dvb-core" -m644 drivers/media/dvb-core/*.h + # http://bugs.archlinux.org/task/13146 - mkdir -p "${pkgdir}/usr/lib/modules/${_kernver}/build/drivers/media/dvb-frontends/" - cp drivers/media/dvb-frontends/lgdt330x.h "${pkgdir}/usr/lib/modules/${_kernver}/build/drivers/media/dvb-frontends/" - mkdir -p "${pkgdir}/usr/lib/modules/${_kernver}/build/drivers/media/i2c/" - cp drivers/media/i2c/msp3400-driver.h "${pkgdir}/usr/lib/modules/${_kernver}/build/drivers/media/i2c/" + install -Dt "${_builddir}/drivers/media/i2c" -m644 drivers/media/i2c/msp3400-driver.h - # add dvb headers - # in reference to: # http://bugs.archlinux.org/task/20402 - mkdir -p "${pkgdir}/usr/lib/modules/${_kernver}/build/drivers/media/usb/dvb-usb" - cp drivers/media/usb/dvb-usb/*.h "${pkgdir}/usr/lib/modules/${_kernver}/build/drivers/media/usb/dvb-usb/" - mkdir -p "${pkgdir}/usr/lib/modules/${_kernver}/build/drivers/media/dvb-frontends" - cp drivers/media/dvb-frontends/*.h "${pkgdir}/usr/lib/modules/${_kernver}/build/drivers/media/dvb-frontends/" - mkdir -p "${pkgdir}/usr/lib/modules/${_kernver}/build/drivers/media/tuners" - cp drivers/media/tuners/*.h "${pkgdir}/usr/lib/modules/${_kernver}/build/drivers/media/tuners/" + install -Dt "${_builddir}/drivers/media/usb/dvb-usb" -m644 drivers/media/usb/dvb-usb/*.h + install -Dt "${_builddir}/drivers/media/dvb-frontends" -m644 drivers/media/dvb-frontends/*.h + install -Dt "${_builddir}/drivers/media/tuners" -m644 drivers/media/tuners/*.h # add xfs and shmem for aufs building - mkdir -p "${pkgdir}/usr/lib/modules/${_kernver}/build/fs/xfs" - mkdir -p "${pkgdir}/usr/lib/modules/${_kernver}/build/mm" - # removed in 3.17-gnu series - # cp fs/xfs/xfs_sb.h "${pkgdir}/usr/lib/modules/${_kernver}/build/fs/xfs/xfs_sb.h" + mkdir -p "${_builddir}"/{fs/xfs,mm} # copy in Kconfig files - for i in $(find . -name "Kconfig*"); do - mkdir -p "${pkgdir}"/usr/lib/modules/${_kernver}/build/`echo ${i} | sed 's|/Kconfig.*||'` - cp ${i} "${pkgdir}/usr/lib/modules/${_kernver}/build/${i}" - done + find . -name Kconfig\* -exec install -Dm644 {} "${_builddir}/{}" \; # add objtool for external module building and enabled VALIDATION_STACK option - if [ -f tools/objtool/objtool ]; then - mkdir -p "${pkgdir}/usr/lib/modules/${_kernver}/build/tools/objtool" - cp -a tools/objtool/objtool ${pkgdir}/usr/lib/modules/${_kernver}/build/tools/objtool/ + if [[ -e tools/objtool/objtool ]]; then + install -Dt "${_builddir}/tools/objtool" tools/objtool/objtool fi - chown -R root.root "${pkgdir}/usr/lib/modules/${_kernver}/build" - find "${pkgdir}/usr/lib/modules/${_kernver}/build" -type d -exec chmod 755 {} \; - - # strip scripts directory - find "${pkgdir}/usr/lib/modules/${_kernver}/build/scripts" -type f -perm -u+w 2>/dev/null | while read binary ; do - case "$(file -bi "${binary}")" in - *application/x-sharedlib*) # Libraries (.so) - /usr/bin/strip ${STRIP_SHARED} "${binary}";; - *application/x-archive*) # Libraries (.a) - /usr/bin/strip ${STRIP_STATIC} "${binary}";; - *application/x-executable*) # Binaries - /usr/bin/strip ${STRIP_BINARIES} "${binary}";; - esac + # remove unneeded architectures + local _arch + for _arch in "${_builddir}"/arch/*/; do + if [[ ${_arch} != */${KARCH}/ ]]; then + rm -r "${_arch}" + fi done - # remove unneeded architectures - find "${pkgdir}"/usr/lib/modules/${_kernver}/build/arch -mindepth 1 -maxdepth 1 -type d -not -name "$KARCH" -exec rm -rf {} + + # remove files already in linux-docs package + rm -r "${_builddir}/Documentation" - # remove files already in docs package - rm -f "${pkgdir}/usr/lib/modules/${_kernver}/build/Documentation/kbuild/Kconfig.recursion-issue-01" - rm -f "${pkgdir}/usr/lib/modules/${_kernver}/build/Documentation/kbuild/Kconfig.recursion-issue-02" - rm -f "${pkgdir}/usr/lib/modules/${_kernver}/build/Documentation/kbuild/Kconfig.select-break" + # parabola changes + # + # since we don't want to diverge too much from arch's pkgbuild, we'll + # start marking our changes as such + if [ "${CARCH}" = "armv7h" ]; then + for i in dove exynos omap2; do + mkdir -p "${pkgdir}/usr/lib/modules/${_kernver}/build/arch/${KARCH}/mach-${i}" + cp -a arch/${KARCH}/mach-${i}/include "${pkgdir}/usr/lib/modules/${_kernver}/build/arch/${KARCH}/mach-${i}/" + done + for i in omap orion samsung versatile; do + mkdir -p "${pkgdir}/usr/lib/modules/${_kernver}/build/arch/${KARCH}/plat-${i}" + cp -a arch/${KARCH}/plat-${i}/include "${pkgdir}/usr/lib/modules/${_kernver}/build/arch/${KARCH}/plat-${i}/" + done + fi + # end of parabola changes + + # Fix permissions + chmod -R u=rwX,go=rX "${_builddir}" + + # strip scripts directory + local _binary _strip + while read -rd '' _binary; do + case "$(file -bi "${_binary}")" in + *application/x-sharedlib*) _strip="${STRIP_SHARED}" ;; # Libraries (.so) + *application/x-archive*) _strip="${STRIP_STATIC}" ;; # Libraries (.a) + *application/x-executable*) _strip="${STRIP_BINARIES}" ;; # Binaries + *) continue ;; + esac + /usr/bin/strip ${_strip} "${_binary}" + done < <(find "${_builddir}/scripts" -type f -perm -u+w -print0 2>/dev/null) } _package-docs() { @@ -407,15 +397,14 @@ _package-docs() { conflicts=("${_replacesarchkernel[@]/%/-docs}" "${_replacesoldkernels[@]/%/-docs}") replaces=("${_replacesarchkernel[@]/%/-docs}" "${_replacesoldkernels[@]/%/-docs}" "${_replacesarchgrsec[@]/%/-docs}" "${_replacesgrsec[@]/%/-docs}") - cd "${srcdir}/${_srcname}" + cd ${_srcname} + local _builddir="${pkgdir}/usr/lib/modules/${_kernver}/build" - mkdir -p "${pkgdir}/usr/lib/modules/${_kernver}/build" - cp -al Documentation "${pkgdir}/usr/lib/modules/${_kernver}/build" - find "${pkgdir}" -type f -exec chmod 444 {} \; - find "${pkgdir}" -type d -exec chmod 755 {} \; + mkdir -p "${_builddir}" + cp -t "${_builddir}" -a Documentation - # remove a file already in kernel package - #rm -f "${pkgdir}/usr/lib/modules/${_kernver}/build/Documentation/DocBook/Makefile" + # Fix permissions + chmod -R u=rwX,go=rX "${_builddir}" } pkgname=("${pkgbase}" "${pkgbase}-headers" "${pkgbase}-docs") |