From 7c46fd73c7585caf482c4fb625f7ab197c068cce 2018-11-08 11:07:28
From: Gérard Vidal <g-vidal@users.noreply.github.com>
Date: 2018-11-08 11:07:28
Subject: [PATCH] Merge pull request #20 from drtyhlpr/master

update from master
---

diff --git a/README-CN.md b/README-CN.md
index cb07184..2c9f0d6 100644
--- a/README-CN.md
+++ b/README-CN.md
@@ -151,10 +151,10 @@ CONFIG_TEMPLATE=rpi2stretch ./rpi23-gen-image.sh
 允许串行控制台接口. 没有连接显示器键盘的树莓派推荐打开, 此时如果网络无法连接至树莓派, 可以使用串行控制台连至系统. 
 
 ##### `ENABLE_I2C`=false
-允许树莓派2/3的 I2C 接口. 请对照 [树莓派2/3 引脚示意图](http://elinux.org/RPi_Low-level_peripherals) 正确连接 GPIO 引脚.
+允许树莓派2/3的 I2C 接口. 请对照 [树莓派2/3 引脚示意图](https://elinux.org/RPi_Low-level_peripherals) 正确连接 GPIO 引脚.
 
 ##### `ENABLE_SPI`=false
-允许树莓派2/3的 SPI 接口. 请对照 [树莓派2/3 引脚示意图](http://elinux.org/RPi_Low-level_peripherals) 正确连接 GPIO 引脚.
+允许树莓派2/3的 SPI 接口. 请对照 [树莓派2/3 引脚示意图](https://elinux.org/RPi_Low-level_peripherals) 正确连接 GPIO 引脚.
 
 ##### `ENABLE_IPV6`=true
 允许 IPv6 . 通过 systemd-networkd 配置管理网络接口.
@@ -199,10 +199,10 @@ CONFIG_TEMPLATE=rpi2stretch ./rpi23-gen-image.sh
 卸载包、删除文件以减小体积 详情查看 `REDUCE_*` 参数.
 
 ##### `ENABLE_UBOOT`=false
-使用 [U-Boot 引导器](http://git.denx.de/?p=u-boot.git;a=summary) 替代树莓派2/3 默认的第二阶段引导器(bootcode.bin).  U-Boot 可以通过网络使用 BOOTP/TFTP 协议引导镜像文件.
+使用 [U-Boot 引导器](https://git.denx.de/?p=u-boot.git;a=summary) 替代树莓派2/3 默认的第二阶段引导器(bootcode.bin).  U-Boot 可以通过网络使用 BOOTP/TFTP 协议引导镜像文件.
 
 ##### `UBOOTSRC_DIR`=""
-存放已下载 [U-Boot 引导器源文件](http://git.denx.de/?p=u-boot.git;a=summary) 的目录(`u-boot`).
+存放已下载 [U-Boot 引导器源文件](https://git.denx.de/?p=u-boot.git;a=summary) 的目录(`u-boot`).
 
 ##### `ENABLE_FBTURBO`=false
 安装并且允许 [硬件加速的 Xorg 显卡驱动](https://github.com/ssvb/xf86-video-fbturbo) `fbturbo`. 当前仅支持窗口的移动和滚动的硬件加速.
@@ -444,7 +444,7 @@ bmaptool copy ./images/jessie/2017-01-23-rpi3-jessie-root.img /dev/sdc
 * [Debian 交叉工具链 Wiki](https://wiki.debian.org/CrossToolchains)
 * [Github上的树莓派官方固件](https://github.com/raspberrypi/firmware)
 * [Github上的树莓派官方内核](https://github.com/raspberrypi/linux)
-* [U-BOOT git 仓库](http://git.denx.de/?p=u-boot.git;a=summary)
+* [U-BOOT git 仓库](https://git.denx.de/?p=u-boot.git;a=summary)
 * [Xorg DDX fbturbo驱动](https://github.com/ssvb/xf86-video-fbturbo)
 * [树莓派3无线接口固件](https://github.com/RPi-Distro/firmware-nonfree/tree/master/brcm80211/brcm)
 * [Collabora 树莓派2预编译内核](https://repositories.collabora.co.uk/debian/)
diff --git a/README.md b/README.md
index d7c3af6..36d9ed3 100644
--- a/README.md
+++ b/README.md
@@ -68,7 +68,14 @@ A comma separated list of additional packages to be installed by apt after boots
 
 #### General system settings:
 ##### `RPI_MODEL`=2
-Specifiy the target Raspberry Pi hardware model. The script at this time supports the Raspberry Pi models `2` and `3`. `BUILD_KERNEL`=true will automatically be set if the Raspberry Pi model `3` is used.
+Specifiy the target Raspberry Pi hardware model. The script at this time supports the following Raspberry Pi models:
+`0`  = Used for Raspberry Pi 0 and Raspberry Pi 0 W
+`1`  = Used for Pi 1 model A and B
+`1P` = Used for Pi 1 model B+ and A+
+`2`  = Used for Pi 2 model B
+`3`  = Used for Pi 3 model B
+`3P` = Used for Pi 3 model B+
+`BUILD_KERNEL`=true will automatically be set if the Raspberry Pi model `3` or `3P` is used.
 
 ##### `RELEASE`="jessie"
 Set the desired Debian release name. The script at this time supports the bootstrapping of the Debian releases "jessie", "stretch" and "buster". `BUILD_KERNEL`=true will automatically be set if the Debian releases `stretch` or `buster` are used.
@@ -94,6 +101,9 @@ Set default system timezone. All available timezones can be found in the `/usr/s
 ##### `EXPANDROOT`=true
 Expand the root partition and filesystem automatically on first boot.
 
+##### `ENABLE_QEMU`=false
+Generate kernel (`vexpress_defconfig`), file system image (`qcow2`) and DTB files that can be used for QEMU full system emulation (`vexpress-A15`). The output files are stored in the `$(pwd)/images/qemu` directory. You can find more information about running the generated image in the QEMU section of this readme file.
+
 ---
 
 #### Keyboard settings:
@@ -152,10 +162,10 @@ Set the IP address for the second NTP server.
 Enable serial console interface. Recommended if no monitor or keyboard is connected to the RPi2/3. In case of problems fe. if the network (auto) configuration failed - the serial console can be used to access the system.
 
 ##### `ENABLE_I2C`=false
-Enable I2C interface on the RPi2/3. Please check the [RPi2/3 pinout diagrams](http://elinux.org/RPi_Low-level_peripherals) to connect the right GPIO pins.
+Enable I2C interface on the RPi2/3. Please check the [RPi2/3 pinout diagrams](https://elinux.org/RPi_Low-level_peripherals) to connect the right GPIO pins.
 
 ##### `ENABLE_SPI`=false
-Enable SPI interface on the RPi2/3. Please check the [RPi2/3 pinout diagrams](http://elinux.org/RPi_Low-level_peripherals) to connect the right GPIO pins.
+Enable SPI interface on the RPi2/3. Please check the [RPi2/3 pinout diagrams](https://elinux.org/RPi_Low-level_peripherals) to connect the right GPIO pins.
 
 ##### `ENABLE_IPV6`=true
 Enable IPv6 support. The network interface configuration is managed via systemd-networkd.
@@ -201,10 +211,10 @@ Use debootstrap script variant `minbase` which only includes essential packages 
 Reduce the disk space usage by deleting packages and files. See `REDUCE_*` parameters for detailed information.
 
 ##### `ENABLE_UBOOT`=false
-Replace the default RPi2/3 second stage bootloader (bootcode.bin) with [U-Boot bootloader](http://git.denx.de/?p=u-boot.git;a=summary). U-Boot can boot images via the network using the BOOTP/TFTP protocol.
+Replace the default RPi2/3 second stage bootloader (bootcode.bin) with [U-Boot bootloader](https://git.denx.de/?p=u-boot.git;a=summary). U-Boot can boot images via the network using the BOOTP/TFTP protocol.
 
 ##### `UBOOTSRC_DIR`=""
-Path to a directory (`u-boot`) of [U-Boot bootloader sources](http://git.denx.de/?p=u-boot.git;a=summary) that will be copied, configured, build and installed inside the chroot.
+Path to a directory (`u-boot`) of [U-Boot bootloader sources](https://git.denx.de/?p=u-boot.git;a=summary) that will be copied, configured, build and installed inside the chroot.
 
 ##### `ENABLE_FBTURBO`=false
 Install and enable the [hardware accelerated Xorg video driver](https://github.com/ssvb/xf86-video-fbturbo) `fbturbo`. Please note that this driver is currently limited to hardware accelerated window moving and scrolling.
@@ -296,6 +306,12 @@ Install kernel headers with built kernel.
 ##### `KERNEL_MENUCONFIG`=false
 Start `make menuconfig` interactive menu-driven kernel configuration. The script will continue after `make menuconfig` was terminated.
 
+##### `KERNEL_OLDDEFCONFIG`=false
+Run `make olddefconfig` to automatically set all new kernel configuration options to their recommended default values.
+
+##### `KERNEL_CCACHE`=false
+Compile the kernel using ccache. This speeds up kernel recompilation by caching previous compilations and detecting when the same compilation is being done again.
+
 ##### `KERNEL_REMOVESRC`=true
 Remove all kernel sources from the generated OS image after it was built and installed.
 
@@ -437,6 +453,28 @@ If you have set `ENABLE_SPLITFS`, copy the `-frmw` image on the microSD card, th
 bmaptool copy ./images/jessie/2017-01-23-rpi3-jessie-frmw.img /dev/mmcblk0
 bmaptool copy ./images/jessie/2017-01-23-rpi3-jessie-root.img /dev/sdc
 ```
+
+## QEMU emulation
+Start QEMU full system emulation:
+```shell
+qemu-system-arm -m 2048M -M vexpress-a15 -cpu cortex-a15 -kernel kernel7.img -no-reboot -dtb vexpress-v2p-ca15_a7.dtb -sd ${IMAGE_NAME}.qcow2 -append "root=/dev/mmcblk0p2 rw rootfstype=ext4 console=tty1"
+```
+
+Start QEMU full system emulation and output to console:
+```shell
+qemu-system-arm -m 2048M -M vexpress-a15 -cpu cortex-a15 -kernel kernel7.img -no-reboot -dtb vexpress-v2p-ca15_a7.dtb -sd ${IMAGE_NAME}.qcow2 -append "root=/dev/mmcblk0p2 rw rootfstype=ext4 console=ttyAMA0,115200 init=/bin/systemd" -serial stdio
+```
+
+Start QEMU full system emulation with SMP and output to console:
+```shell
+qemu-system-arm -m 2048M -M vexpress-a15 -cpu cortex-a15 -smp cpus=2,maxcpus=2 -kernel kernel7.img -no-reboot -dtb vexpress-v2p-ca15_a7.dtb -sd ${IMAGE_NAME}.qcow2 -append "root=/dev/mmcblk0p2 rw rootfstype=ext4 console=ttyAMA0,115200 init=/bin/systemd" -serial stdio
+```
+
+Start QEMU full system emulation with cryptfs, initramfs and output to console:
+```shell
+qemu-system-arm -m 2048M -M vexpress-a15 -cpu cortex-a15 -kernel kernel7.img -no-reboot -dtb vexpress-v2p-ca15_a7.dtb -sd ${IMAGE_NAME}.qcow2 -initrd "initramfs-${KERNEL_VERSION}" -append "root=/dev/mapper/secure cryptdevice=/dev/mmcblk0p2:secure rw rootfstype=ext4 console=ttyAMA0,115200 init=/bin/systemd" -serial stdio
+```
+
 ## Weekly image builds
 The image files are provided by JRWR'S I/O PORT and are built once a Sunday at midnight UTC!
 * [Debian Stretch Raspberry Pi2/3 Weekly Image Builds](https://jrwr.io/doku.php?id=projects:debianpi)
@@ -447,7 +485,7 @@ The image files are provided by JRWR'S I/O PORT and are built once a Sunday at m
 * [Debian CrossToolchains Wiki](https://wiki.debian.org/CrossToolchains)
 * [Official Raspberry Pi Firmware on github](https://github.com/raspberrypi/firmware)
 * [Official Raspberry Pi Kernel on github](https://github.com/raspberrypi/linux)
-* [U-BOOT git repository](http://git.denx.de/?p=u-boot.git;a=summary)
+* [U-BOOT git repository](https://git.denx.de/?p=u-boot.git;a=summary)
 * [Xorg DDX driver fbturbo](https://github.com/ssvb/xf86-video-fbturbo)
 * [RPi3 Wireless interface firmware](https://github.com/RPi-Distro/firmware-nonfree/tree/master/brcm80211/brcm)
 * [Collabora RPi2 Kernel precompiled](https://repositories.collabora.co.uk/debian/)
diff --git a/bootstrap.d/13-kernel.sh b/bootstrap.d/13-kernel.sh
index 45934be..a3c2e0c 100644
--- a/bootstrap.d/13-kernel.sh
+++ b/bootstrap.d/13-kernel.sh
@@ -25,9 +25,9 @@ if [ "$BUILD_KERNEL" = true ] ; then
 
     # Fetch current RPi2/3 kernel sources
     if [ -z "${KERNEL_BRANCH}" ] ; then
-      as_nobody git -C "${temp_dir}" clone --depth=1 "${KERNEL_URL}" linux
+      as_nobody -H git -C "${temp_dir}" clone --depth=1 "${KERNEL_URL}" linux
     else
-      as_nobody git -C "${temp_dir}" clone --depth=1 --branch "${KERNEL_BRANCH}" "${KERNEL_URL}" linux
+      as_nobody -H git -C "${temp_dir}" clone --depth=1 --branch "${KERNEL_BRANCH}" "${KERNEL_URL}" linux
    fi
     
     # Copy downloaded kernel sources
@@ -87,18 +87,59 @@ if [ "$BUILD_KERNEL" = true ] ; then
       # Load default raspberry kernel configuration
       make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" "${KERNEL_DEFCONFIG}"
 
+      # Set kernel configuration parameters to enable qemu emulation
+      if [ "$ENABLE_QEMU" = true ] ; then
+        echo "CONFIG_FHANDLE=y" >> ${KERNEL_DIR}/.config
+        echo "CONFIG_LBDAF=y" >> ${KERNEL_DIR}/.config
+
+        if [ "$ENABLE_CRYPTFS" = true ] ; then
+          echo "CONFIG_EMBEDDED=y" >> ${KERNEL_DIR}/.config
+          echo "CONFIG_EXPERT=y" >> ${KERNEL_DIR}/.config
+          echo "CONFIG_DAX=y" >> ${KERNEL_DIR}/.config
+          echo "CONFIG_MD=y" >> ${KERNEL_DIR}/.config
+          echo "CONFIG_BLK_DEV_MD=y" >> ${KERNEL_DIR}/.config
+          echo "CONFIG_MD_AUTODETECT=y" >> ${KERNEL_DIR}/.config
+          echo "CONFIG_BLK_DEV_DM=y" >> ${KERNEL_DIR}/.config
+          echo "CONFIG_BLK_DEV_DM_BUILTIN=y" >> ${KERNEL_DIR}/.config
+          echo "CONFIG_DM_CRYPT=y" >> ${KERNEL_DIR}/.config
+          echo "CONFIG_CRYPTO_BLKCIPHER=y" >> ${KERNEL_DIR}/.config
+          echo "CONFIG_CRYPTO_CBC=y" >> ${KERNEL_DIR}/.config
+          echo "CONFIG_CRYPTO_XTS=y" >> ${KERNEL_DIR}/.config
+          echo "CONFIG_CRYPTO_SHA512=y" >> ${KERNEL_DIR}/.config
+          echo "CONFIG_CRYPTO_MANAGER=y" >> ${KERNEL_DIR}/.config
+	fi
+      fi
+
+      # Copy custom kernel configuration file
       if [ ! -z "$KERNELSRC_USRCONFIG" ] ; then
         cp $KERNELSRC_USRCONFIG ${KERNEL_DIR}/.config
       fi
 
+      # Set kernel configuration parameters to their default values
+      if [ "$KERNEL_OLDDEFCONFIG" = true ] ; then
+        make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" olddefconfig
+      fi
+
       # Start menu-driven kernel configuration (interactive)
       if [ "$KERNEL_MENUCONFIG" = true ] ; then
         make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" menuconfig
       fi
     fi
 
-    # Cross compile kernel and modules
-    make -C "${KERNEL_DIR}" -j${KERNEL_THREADS} ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" "${KERNEL_BIN_IMAGE}" modules dtbs
+    # Use ccache to cross compile the kernel
+    if [ "$KERNEL_CCACHE" = true ] ; then
+      cc="ccache ${CROSS_COMPILE}gcc"
+    else
+      cc="${CROSS_COMPILE}gcc"
+    fi
+
+    # Cross compile kernel and dtbs
+    make -C "${KERNEL_DIR}" -j${KERNEL_THREADS} ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" CC="${cc}" "${KERNEL_BIN_IMAGE}" dtbs
+
+    # Cross compile kernel modules
+    if [ $(grep "CONFIG_MODULES=y" "${KERNEL_DIR}/.config") ] ; then
+      make -C "${KERNEL_DIR}" -j${KERNEL_THREADS} ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" CC="${cc}" modules
+    fi
   fi
 
   # Check if kernel compilation was successful
@@ -110,12 +151,16 @@ if [ "$BUILD_KERNEL" = true ] ; then
 
   # Install kernel modules
   if [ "$ENABLE_REDUCE" = true ] ; then
-    make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_MOD_STRIP=1 INSTALL_MOD_PATH=../../.. modules_install
+    if [ $(grep "CONFIG_MODULES=y" "${KERNEL_DIR}/.config") ] ; then
+      make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_MOD_STRIP=1 INSTALL_MOD_PATH=../../.. modules_install
+    fi
   else
-    make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_MOD_PATH=../../.. modules_install
+    if [ $(grep "CONFIG_MODULES=y" "${KERNEL_DIR}/.config") ] ; then
+      make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_MOD_PATH=../../.. modules_install
+    fi
 
     # Install kernel firmware
-    if [ $(cat ./Makefile | grep "^firmware_install:") ] ; then
+    if [ $(grep "^firmware_install:" "${KERNEL_DIR}/Makefile") ] ; then
       make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_FW_PATH=../../../lib firmware_install
     fi
   fi
@@ -134,18 +179,36 @@ if [ "$BUILD_KERNEL" = true ] ; then
   # Copy kernel configuration file to the boot directory
   install_readonly "${KERNEL_DIR}/.config" "${R}/boot/config-${KERNEL_VERSION}"
 
-  # Copy dts and dtb device tree sources and binaries
+  # Prepare device tree directory
   mkdir "${BOOT_DIR}/overlays"
   
   # Ensure the proper .dtb is located
   if [ "$KERNEL_ARCH" = "arm" ] ; then
-    install_readonly "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/"*.dtb "${BOOT_DIR}/"
+    for dtb in "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/"*.dtb ; do
+      if [ -f "${dtb}" ] ; then
+        install_readonly "${dtb}" "${BOOT_DIR}/"
+      fi
+    done
   else
-    install_readonly "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/broadcom/"*.dtb "${BOOT_DIR}/"
+    for dtb in "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/broadcom/"*.dtb ; do
+      if [ -f "${dtb}" ] ; then
+        install_readonly "${dtb}" "${BOOT_DIR}/"
+      fi
+    done
   fi
 
-  install_readonly "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays/"*.dtb* "${BOOT_DIR}/overlays/"
-  install_readonly "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays/README" "${BOOT_DIR}/overlays/README"
+  # Copy compiled dtb device tree files
+  if [ -d "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays" ] ; then
+    for dtb in "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays/"*.dtb ; do
+      if [ -f "${dtb}" ] ; then
+        install_readonly "${dtb}" "${BOOT_DIR}/overlays/"
+      fi
+    done
+
+    if [ -f "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays/README" ] ; then
+      install_readonly "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays/README" "${BOOT_DIR}/overlays/README"
+    fi
+  fi
 
   if [ "$ENABLE_UBOOT" = false ] ; then
     # Convert and copy kernel image to the boot directory
@@ -159,11 +222,16 @@ if [ "$BUILD_KERNEL" = true ] ; then
   if [ "$KERNEL_REMOVESRC" = true ] ; then
     rm -fr "${KERNEL_DIR}"
   else
-    make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" modules_prepare
+    # Prepare compiled kernel modules
+    if [ $(grep "CONFIG_MODULES=y" "${KERNEL_DIR}/.config") ] ; then
+      if [ $(grep "^modules_prepare:" "${KERNEL_DIR}/Makefile") ] ; then
+        make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" modules_prepare
+      fi
 
-    # Create symlinks for kernel modules
-    chroot_exec ln -sf /usr/src/linux "/lib/modules/${KERNEL_VERSION}/build"
-    chroot_exec ln -sf /usr/src/linux "/lib/modules/${KERNEL_VERSION}/source"
+      # Create symlinks for kernel modules
+      chroot_exec ln -sf /usr/src/linux "/lib/modules/${KERNEL_VERSION}/build"
+      chroot_exec ln -sf /usr/src/linux "/lib/modules/${KERNEL_VERSION}/source"
+    fi
   fi
 
 else # BUILD_KERNEL=false
diff --git a/bootstrap.d/14-fstab.sh b/bootstrap.d/14-fstab.sh
index c9c3ce3..0a8eb19 100644
--- a/bootstrap.d/14-fstab.sh
+++ b/bootstrap.d/14-fstab.sh
@@ -20,7 +20,7 @@ if [ "$ENABLE_CRYPTFS" = true ] ; then
 
   # Add encrypted partition to crypttab and fstab
   install_readonly files/mount/crypttab "${ETC_DIR}/crypttab"
-  echo "${CRYPTFS_MAPPING} /dev/mmcblk0p2 none luks" >> "${ETC_DIR}/crypttab"
+  echo "${CRYPTFS_MAPPING} /dev/mmcblk0p2 none luks,initramfs" >> "${ETC_DIR}/crypttab"
 
   if [ "$ENABLE_SPLITFS" = true ] ; then
     # Add usb/sda disk to crypttab
@@ -41,6 +41,9 @@ if [ "$BUILD_KERNEL" = true ] && [ "$ENABLE_INITRAMFS" = true ] ; then
     # Disable SSHD inside initramfs
     printf "#\n# DROPBEAR: [ y | n ]\n#\n\nDROPBEAR=n\n" >> "${ETC_DIR}/initramfs-tools/initramfs.conf"
 
+    # Add cryptsetup modules to initramfs
+    printf "#\n# CRYPTSETUP: [ y | n ]\n#\n\nCRYPTSETUP=y\n" >> "${ETC_DIR}/initramfs-tools/conf-hook"
+
     # Dummy mapping required by mkinitramfs
     echo "0 1 crypt $(echo ${CRYPTFS_CIPHER} | cut -d ':' -f 1) ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff 0 7:0 4096" | chroot_exec dmsetup create "${CRYPTFS_MAPPING}"
 
diff --git a/bootstrap.d/20-networking.sh b/bootstrap.d/20-networking.sh
index 2229d72..57c72de 100644
--- a/bootstrap.d/20-networking.sh
+++ b/bootstrap.d/20-networking.sh
@@ -30,10 +30,16 @@ install_readonly files/network/interfaces "${ETC_DIR}/network/interfaces"
 # Install configuration for interface eth0
 install_readonly files/network/eth.network "${ETC_DIR}/systemd/network/eth.network"
 
+# Install configuration for interface wl*
+install_readonly files/network/wlan.network "${ETC_DIR}/systemd/network/wlan.network"
+
+#always with dhcp since wpa_supplicant integration is missing
+sed -i -e "s/DHCP=.*/DHCP=yes/" -e "/DHCP/q" "${ETC_DIR}/systemd/network/wlan.network"
+
 if [ "$ENABLE_DHCP" = true ] ; then
   # Enable DHCP configuration for interface eth0
   sed -i -e "s/DHCP=.*/DHCP=yes/" -e "/DHCP/q" "${ETC_DIR}/systemd/network/eth.network"
-
+  
   # Set DHCP configuration to IPv4 only
   if [ "$ENABLE_IPV6" = false ] ; then
     sed -i "s/DHCP=.*/DHCP=v4/" "${ETC_DIR}/systemd/network/eth.network"
@@ -55,10 +61,15 @@ fi
 
 # Remove empty settings from network configuration
 sed -i "/.*=\$/d" "${ETC_DIR}/systemd/network/eth.network"
+# Remove empty settings from wlan configuration
+sed -i "/.*=\$/d" "${ETC_DIR}/systemd/network/wlan.network"
 
 # Move systemd network configuration if required by Debian release
 if [ "$RELEASE" = "stretch" ] || [ "$RELEASE" = "buster" ] ; then
   mv -v "${ETC_DIR}/systemd/network/eth.network" "${LIB_DIR}/systemd/network/10-eth.network"
+	if [ "$ENABLE_WIRELESS" = true ] ; then
+	mv -v "${ETC_DIR}/systemd/network/wlan.network" "${LIB_DIR}/systemd/network/11-wlan.network"
+	fi
   rm -fr "${ETC_DIR}/systemd/network"
 fi
 
@@ -85,23 +96,39 @@ fi
 # Download the firmware binary blob required to use the RPi3 wireless interface
 if [ "$ENABLE_WIRELESS" = true ] ; then
   if [ ! -d ${WLAN_FIRMWARE_DIR} ] ; then
-    mkdir -p ${WLAN_FIRMWARE_DIR}
+	mkdir -p ${WLAN_FIRMWARE_DIR}
   fi
 
   # Create temporary directory for firmware binary blob
   temp_dir=$(as_nobody mktemp -d)
 
-  # Fetch firmware binary blob
+  # Fetch firmware binary blob for RPI3B+
+  if [ "$RPI_MODEL" = 3P ] ; then
+  as_nobody wget -q -O "${temp_dir}/brcmfmac43455-sdio.bin" "${WLAN_FIRMWARE_URL}/brcmfmac43455-sdio.bin"
+  as_nobody wget -q -O "${temp_dir}/brcmfmac43455-sdio.txt" "${WLAN_FIRMWARE_URL}/brcmfmac43455-sdio.txt"
+  as_nobody wget -q -O "${temp_dir}/brcmfmac43455-sdio.clm_blob" "${WLAN_FIRMWARE_URL}/brcmfmac43455-sdio.clm_blob"
+  else
+  # Fetch firmware binary blob for RPI3
   as_nobody wget -q -O "${temp_dir}/brcmfmac43430-sdio.bin" "${WLAN_FIRMWARE_URL}/brcmfmac43430-sdio.bin"
   as_nobody wget -q -O "${temp_dir}/brcmfmac43430-sdio.txt" "${WLAN_FIRMWARE_URL}/brcmfmac43430-sdio.txt"
-
+  fi
+  
   # Move downloaded firmware binary blob
+  if [ "$RPI_MODEL" = 3P ] ; then
+  mv "${temp_dir}/brcmfmac43455-sdio."* "${WLAN_FIRMWARE_DIR}/"
+  else
   mv "${temp_dir}/brcmfmac43430-sdio."* "${WLAN_FIRMWARE_DIR}/"
-
+  fi
+  
   # Remove temporary directory for firmware binary blob
   rm -fr "${temp_dir}"
 
   # Set permissions of the firmware binary blob
+  if [ "$RPI_MODEL" = 3P ] ; then
+  chown root:root "${WLAN_FIRMWARE_DIR}/brcmfmac43455-sdio."*
+  chmod 600 "${WLAN_FIRMWARE_DIR}/brcmfmac43455-sdio."*  
+  else
   chown root:root "${WLAN_FIRMWARE_DIR}/brcmfmac43430-sdio."*
   chmod 600 "${WLAN_FIRMWARE_DIR}/brcmfmac43430-sdio."*
+  fi
 fi
diff --git a/bootstrap.d/41-uboot.sh b/bootstrap.d/41-uboot.sh
index cd9e67b..a7f4709 100644
--- a/bootstrap.d/41-uboot.sh
+++ b/bootstrap.d/41-uboot.sh
@@ -69,6 +69,11 @@ if [ "$ENABLE_UBOOT" = true ] ; then
   # Set mkfile to use the correct dtb file
   sed -i "s/^\(setenv dtbfile \).*/\1${DTB_FILE}/" "${BOOT_DIR}/uboot.mkimage"
 
+  # Set mkfile to use the correct mach id
+  if [ "$ENABLE_QEMU" = true ] ; then
+    sed -i "s/^\(setenv machid \).*/\10x000008e0/" "${BOOT_DIR}/uboot.mkimage"
+  fi
+
   # Set mkfile to use kernel image
   sed -i "s/^\(fatload mmc 0:1 \${kernel_addr_r} \).*/\1${KERNEL_IMAGE}/" "${BOOT_DIR}/uboot.mkimage"
 
diff --git a/files/initramfs/expand_encrypted_rootfs b/files/initramfs/expand_encrypted_rootfs
index e6896ba..c357b1a 100644
--- a/files/initramfs/expand_encrypted_rootfs
+++ b/files/initramfs/expand_encrypted_rootfs
@@ -60,15 +60,23 @@ if [ -z "$PART_START" ] ; then
   return 1
 fi
 
+# Get the current last sector of the root partition
+PART_END=$(parted /dev/${ROOT_DEV} -ms unit s p | grep "^${PART_NUM}" | cut -f 3 -d: | sed 's/[^0-9]//g')
+if [ -z "$PART_END" ] ; then
+  log_warning_msg "${ROOT_DEV} unable to get last sector of the partition"
+  return 1
+fi
+
 # Get the possible last sector for the root partition
 PART_LAST=$(fdisk -l /dev/${ROOT_DEV} | grep '^Disk.*sectors' | awk '{ print $7 - 1 }')
 if [ -z "$PART_LAST" ] ; then
-  log_warning_msg "${ROOT_DEV} unable to get last sector of the partition"
+  log_warning_msg "${ROOT_DEV} unable to get last possible sector of the partition"
   return 1
 fi
 
 ### Since rc.local is run with "sh -e", let's add "|| true" to prevent premature exit
-fdisk /dev/${ROOT_DEV} 2> /dev/null <<EOF2 || true
+if [ $PART_END != $PART_LAST ] ; then
+  fdisk /dev/${ROOT_DEV} 2> /dev/null <<EOF2 || true
 p
 d
 $PART_NUM
@@ -81,5 +89,8 @@ p
 w
 EOF2
 
-partprobe
-log_success_msg "Root partition successfully resized."
+  partprobe
+  log_success_msg "Root partition successfully resized."
+else
+  log_success_msg "Root partition already resized."
+fi
diff --git a/files/network/wlan.network b/files/network/wlan.network
new file mode 100644
index 0000000..5f252c3
--- /dev/null
+++ b/files/network/wlan.network
@@ -0,0 +1,12 @@
+[Match]
+Name=wlan0
+
+[Network]
+DHCP=no
+Address=
+Gateway=
+DNS=
+DNS=
+Domains=
+NTP=
+NTP=
diff --git a/rpi23-gen-image.sh b/rpi23-gen-image.sh
index 7a0adb3..d8d008a 100755
--- a/rpi23-gen-image.sh
+++ b/rpi23-gen-image.sh
@@ -42,11 +42,31 @@ set -x
 
 # Raspberry Pi model configuration
 RPI_MODEL=${RPI_MODEL:=2}
+
+#bcm2708-rpi-0-w.dtb (Used for Pi 0 and PI 0W)
+RPI0_DTB_FILE=${RPI0_DTB_FILE:=bcm2708-rpi-0-w.dtb}
+RPI0_UBOOT_CONFIG=${RPI0_UBOOT_CONFIG:=rpi_defconfig}
+
+#bcm2708-rpi-b.dtb (Used for Pi 1 model A and B)
+RPI1_DTB_FILE=${RPI1_DTB_FILE:=bcm2708-rpi-b.dtb}
+RPI1_UBOOT_CONFIG=${RPI1_UBOOT_CONFIG:=rpi_defconfig}
+
+#bcm2708-rpi-b-plus.dtb (Used for Pi 1 model B+ and A+)
+RPI1P_DTB_FILE=${RPI1P_DTB_FILE:=bcm2708-rpi-b-plus.dtb}
+RPI1P_UBOOT_CONFIG=${RPI1P_UBOOT_CONFIG:=rpi_defconfig}
+
+#bcm2709-rpi-2-b.dtb (Used for Pi 2 model B)
 RPI2_DTB_FILE=${RPI2_DTB_FILE:=bcm2709-rpi-2-b.dtb}
 RPI2_UBOOT_CONFIG=${RPI2_UBOOT_CONFIG:=rpi_2_defconfig}
+
+#bcm2710-rpi-3-b.dtb (Used for Pi 3 model B)
 RPI3_DTB_FILE=${RPI3_DTB_FILE:=bcm2710-rpi-3-b.dtb}
 RPI3_UBOOT_CONFIG=${RPI3_UBOOT_CONFIG:=rpi_3_32b_defconfig}
 
+#bcm2710-rpi-3-b-plus.dtb (Used for Pi 3 model B+)
+RPI3P_DTB_FILE=${RPI3P_DTB_FILE:=bcm2710-rpi-3-b-plus.dtb}
+RPI3P_UBOOT_CONFIG=${RPI3P_UBOOT_CONFIG:=rpi_3_32b_defconfig}
+
 # Debian release
 RELEASE=${RELEASE:=jessie}
 KERNEL_ARCH=${KERNEL_ARCH:=arm}
@@ -56,10 +76,19 @@ COLLABORA_KERNEL=${COLLABORA_KERNEL:=3.18.0-trunk-rpi2}
 if [ "$KERNEL_ARCH" = "arm64" ] ; then
   KERNEL_DEFCONFIG=${KERNEL_DEFCONFIG:=bcmrpi3_defconfig}
   KERNEL_IMAGE=${KERNEL_IMAGE:=kernel8.img}
+fi
+
+if [ "$RPI_MODEL" = 0 ] || [ "$RPI_MODEL" = 1 ] || [ "$RPI_MODEL" = 1P ] ; then
+#RASPBERRY PI 1, PI ZERO, PI ZERO W, AND COMPUTE MODULE DEFAULT Kernel BUILD CONFIGURATION
+  KERNEL_DEFCONFIG=${KERNEL_DEFCONFIG:=bcmrpi_defconfig}
+  KERNEL_IMAGE=${KERNEL_IMAGE:=kernel7.img}
 else
+#RASPBERRY PI 2, PI 3, PI 3+, AND COMPUTE MODULE 3 DEFAULT Kernel BUILD CONFIGURATION
+#https://www.raspberrypi.org/documentation/linux/kernel/building.md
   KERNEL_DEFCONFIG=${KERNEL_DEFCONFIG:=bcm2709_defconfig}
   KERNEL_IMAGE=${KERNEL_IMAGE:=kernel7.img}
 fi
+
 if [ "$RELEASE_ARCH" = "arm64" ] ; then
   QEMU_BINARY=${QEMU_BINARY:=/usr/bin/qemu-aarch64-static}
 else
@@ -73,7 +102,7 @@ FIRMWARE_URL=${FIRMWARE_URL:=https://github.com/raspberrypi/firmware/raw/master/
 WLAN_FIRMWARE_URL=${WLAN_FIRMWARE_URL:=https://github.com/RPi-Distro/firmware-nonfree/raw/master/brcm}
 COLLABORA_URL=${COLLABORA_URL:=https://repositories.collabora.co.uk/debian}
 FBTURBO_URL=${FBTURBO_URL:=https://github.com/ssvb/xf86-video-fbturbo.git}
-UBOOT_URL=${UBOOT_URL:=git://git.denx.de/u-boot.git}
+UBOOT_URL=${UBOOT_URL:=https://git.denx.de/u-boot.git}
 
 # Build directories
 BASEDIR=${BASEDIR:=$(pwd)/images/${RELEASE}}
@@ -146,6 +175,7 @@ ENABLE_RSYSLOG=${ENABLE_RSYSLOG:=true}
 ENABLE_USER=${ENABLE_USER:=true}
 USER_NAME=${USER_NAME:="pi"}
 ENABLE_ROOT=${ENABLE_ROOT:=false}
+ENABLE_QEMU=${ENABLE_QEMU:=false}
 
 # SSH settings
 SSH_ENABLE_ROOT=${SSH_ENABLE_ROOT:=false}
@@ -175,6 +205,9 @@ KERNEL_THREADS=${KERNEL_THREADS:=1}
 KERNEL_HEADERS=${KERNEL_HEADERS:=true}
 KERNEL_MENUCONFIG=${KERNEL_MENUCONFIG:=false}
 KERNEL_REMOVESRC=${KERNEL_REMOVESRC:=true}
+KERNEL_OLDDEFCONFIG=${KERNEL_OLDDEFCONFIG:=false}
+KERNEL_CCACHE=${KERNEL_CCACHE:=false}
+
 if [ "$KERNEL_ARCH" = "arm64" ] ; then
   KERNEL_BIN_IMAGE=${KERNEL_BIN_IMAGE:="Image"}
 else
@@ -204,9 +237,6 @@ CRYPTFS_MAPPING=${CRYPTFS_MAPPING:="secure"}
 CRYPTFS_CIPHER=${CRYPTFS_CIPHER:="aes-xts-plain64:sha512"}
 CRYPTFS_XTSKEYSIZE=${CRYPTFS_XTSKEYSIZE:=512}
 
-# Stop the Crypto Wars
-DISABLE_FBI=${DISABLE_FBI:=false}
-
 # Chroot scripts directory
 CHROOT_SCRIPTS=${CHROOT_SCRIPTS:=""}
 
@@ -224,23 +254,35 @@ COMPILER_PACKAGES=""
 set +x
 
 # Set Raspberry Pi model specific configuration
-if [ "$RPI_MODEL" = 2 ] ; then
+if [ "$RPI_MODEL" = 0 ] ; then
+  DTB_FILE=${RPI0_DTB_FILE}
+  UBOOT_CONFIG=${RPI0_UBOOT_CONFIG}
+elif [ "$RPI_MODEL" = 1 ] ; then
+  DTB_FILE=${RPI1_DTB_FILE}
+  UBOOT_CONFIG=${RPI1_UBOOT_CONFIG}
+elif [ "$RPI_MODEL" = 1P ] ; then
+  DTB_FILE=${RPI1P_DTB_FILE}
+  UBOOT_CONFIG=${RPI1P_UBOOT_CONFIG}
+elif [ "$RPI_MODEL" = 2 ] ; then
   DTB_FILE=${RPI2_DTB_FILE}
   UBOOT_CONFIG=${RPI2_UBOOT_CONFIG}
 elif [ "$RPI_MODEL" = 3 ] ; then
   DTB_FILE=${RPI3_DTB_FILE}
   UBOOT_CONFIG=${RPI3_UBOOT_CONFIG}
-  BUILD_KERNEL=true
+elif [ "$RPI_MODEL" = 3P ] ; then
+  DTB_FILE=${RPI3P_DTB_FILE}
+  UBOOT_CONFIG=${RPI3P_UBOOT_CONFIG}
 else
   echo "error: Raspberry Pi model ${RPI_MODEL} is not supported!"
   exit 1
 fi
 
 # Check if the internal wireless interface is supported by the RPi model
-if [ "$ENABLE_WIRELESS" = true ] && [ "$RPI_MODEL" != 3 ] ; then
+if [ "$ENABLE_WIRELESS" = true ] && ([ "$RPI_MODEL" = 1 ] || [ "$RPI_MODEL" = 1P ] || [ "$RPI_MODEL" = 2 ]); then
+
   echo "error: The selected Raspberry Pi model has no internal wireless interface"
   exit 1
-fi
+fi  
 
 # Check if DISABLE_UNDERVOLT_WARNINGS parameter value is supported
 if [ ! -z "$DISABLE_UNDERVOLT_WARNINGS" ] ; then
@@ -258,9 +300,15 @@ fi
 # Add packages required for kernel cross compilation
 if [ "$BUILD_KERNEL" = true ] ; then
   if [ "$KERNEL_ARCH" = "arm" ] ; then
-    REQUIRED_PACKAGES="${REQUIRED_PACKAGES} crossbuild-essential-armhf"
-  else
-    REQUIRED_PACKAGES="${REQUIRED_PACKAGES} crossbuild-essential-arm64"
+    if [ "$RELEASE_ARCH" = "armel" ]; then
+      REQUIRED_PACKAGES="${REQUIRED_PACKAGES} crossbuild-essential-armel"
+    fi
+    if [ "$RELEASE_ARCH" = "armhf" ]; then
+      REQUIRED_PACKAGES="${REQUIRED_PACKAGES} crossbuild-essential-armhf"
+    fi
+    if [ "$RELEASE_ARCH" = "arm64" ]; then
+      REQUIRED_PACKAGES="${REQUIRED_PACKAGES} crossbuild-essential-arm64"
+    fi
   fi
 fi
 
@@ -269,15 +317,15 @@ if [ "$KERNEL_MENUCONFIG" = true ] ; then
   REQUIRED_PACKAGES="${REQUIRED_PACKAGES} libncurses5-dev"
 fi
 
-# Stop the Crypto Wars
-if [ "$DISABLE_FBI" = true ] ; then
-  ENABLE_CRYPTFS=true
+# Add ccache compiler cache for (faster) kernel cross (re)compilation
+if [ "$KERNEL_CCACHE" = true ] ; then
+  REQUIRED_PACKAGES="${REQUIRED_PACKAGES} ccache"
 fi
 
 # Add cryptsetup package to enable filesystem encryption
 if [ "$ENABLE_CRYPTFS" = true ]  && [ "$BUILD_KERNEL" = true ] ; then
   REQUIRED_PACKAGES="${REQUIRED_PACKAGES} cryptsetup"
-  APT_INCLUDES="${APT_INCLUDES},cryptsetup"
+  APT_INCLUDES="${APT_INCLUDES},cryptsetup,busybox,console-setup"
 
   if [ -z "$CRYPTFS_PASSWORD" ] ; then
     echo "error: no password defined (CRYPTFS_PASSWORD)!"
@@ -293,7 +341,7 @@ fi
 
 # Add device-tree-compiler required for building the U-Boot bootloader
 if [ "$ENABLE_UBOOT" = true ] ; then
-  APT_INCLUDES="${APT_INCLUDES},device-tree-compiler"
+  APT_INCLUDES="${APT_INCLUDES},device-tree-compiler,bison,flex"
 fi
 
 # Check if root SSH (v2) public key file exists
@@ -480,6 +528,16 @@ if [ "$KERNEL_REDUCE" = true ] ; then
   KERNELSRC_CONFIG=false
 fi
 
+# Configure qemu compatible kernel
+if [ "$ENABLE_QEMU" = true ] ; then
+  DTB_FILE=vexpress-v2p-ca15_a7.dtb
+  UBOOT_CONFIG=vexpress_ca15_tc2_defconfig
+  KERNEL_DEFCONFIG="vexpress_defconfig"
+  if [ "$KERNEL_MENUCONFIG" = false ] ; then
+    KERNEL_OLDDEFCONFIG=true
+  fi
+fi
+
 # Execute bootstrap scripts
 for SCRIPT in bootstrap.d/*.sh; do
   head -n 3 "$SCRIPT"
@@ -546,6 +604,54 @@ rm -f "${R}/initrd.img"
 rm -f "${R}/vmlinuz"
 rm -f "${R}${QEMU_BINARY}"
 
+if [ "$ENABLE_QEMU" = true ] ; then
+  # Setup QEMU directory
+  mkdir "${BASEDIR}/qemu"
+
+  # Copy kernel image to QEMU directory
+  install_readonly "${BOOT_DIR}/${KERNEL_IMAGE}" "${BASEDIR}/qemu/${KERNEL_IMAGE}"
+
+  # Copy kernel config to QEMU directory
+  install_readonly "${R}/boot/config-${KERNEL_VERSION}" "${BASEDIR}/qemu/config-${KERNEL_VERSION}"
+
+  # Copy kernel dtbs to QEMU directory
+  for dtb in "${BOOT_DIR}/"*.dtb ; do
+    if [ -f "${dtb}" ] ; then
+      install_readonly "${dtb}" "${BASEDIR}/qemu/"
+    fi
+  done
+
+  # Copy kernel overlays to QEMU directory
+  if [ -d "${BOOT_DIR}/overlays" ] ; then
+    # Setup overlays dtbs directory
+    mkdir "${BASEDIR}/qemu/overlays"
+
+    for dtb in "${BOOT_DIR}/overlays/"*.dtb ; do
+      if [ -f "${dtb}" ] ; then
+        install_readonly "${dtb}" "${BASEDIR}/qemu/overlays/"
+      fi
+    done
+  fi
+
+  # Copy u-boot files to QEMU directory
+  if [ "$ENABLE_UBOOT" = true ] ; then
+    if [ -f "${BOOT_DIR}/u-boot.bin" ] ; then
+      install_readonly "${BOOT_DIR}/u-boot.bin" "${BASEDIR}/qemu/u-boot.bin"
+    fi
+    if [ -f "${BOOT_DIR}/uboot.mkimage" ] ; then
+      install_readonly "${BOOT_DIR}/uboot.mkimage" "${BASEDIR}/qemu/uboot.mkimage"
+    fi
+    if [ -f "${BOOT_DIR}/boot.scr" ] ; then
+      install_readonly "${BOOT_DIR}/boot.scr" "${BASEDIR}/qemu/boot.scr"
+    fi
+  fi
+
+  # Copy initramfs to QEMU directory
+  if [ -f "${BOOT_DIR}/initramfs-${KERNEL_VERSION}" ] ; then
+    install_readonly "${BOOT_DIR}/initramfs-${KERNEL_VERSION}" "${BASEDIR}/qemu/initramfs-${KERNEL_VERSION}"
+  fi
+fi
+
 # Calculate size of the chroot directory in KB
 CHROOT_SIZE=$(expr `du -s "${R}" | awk '{ print $1 }'`)
 
@@ -654,4 +760,15 @@ else
 
   # Image was successfully created
   echo "$IMAGE_NAME.img ($(expr \( ${TABLE_SECTORS} + ${FRMW_SECTORS} + ${ROOT_SECTORS} \) \* 512 \/ 1024 \/ 1024)M)" ": successfully created"
+
+  # Create qemu qcow2 image
+  if [ "$ENABLE_QEMU" = true ] ; then
+    QEMU_IMAGE=${QEMU_IMAGE:=${BASEDIR}/qemu/${DATE}-${KERNEL_ARCH}-CURRENT-rpi${RPI_MODEL}-${RELEASE}-${RELEASE_ARCH}}
+    QEMU_SIZE=16G
+
+    qemu-img convert -f raw -O qcow2 $IMAGE_NAME.img $QEMU_IMAGE.qcow2
+    qemu-img resize $QEMU_IMAGE.qcow2 $QEMU_SIZE
+
+    echo "$QEMU_IMAGE.qcow2 ($QEMU_SIZE)" ": successfully created"
+  fi
 fi