##// END OF EJS Templates
Merge pull request #4 from drtyhlpr/master...
burnbabyburn -
r363:0f037155f0ec Fusion
parent child
Show More
@@ -0,0 +1,33
1 #
2 # Setup videocore - Raspberry Userland
3 #
4
5 # Load utility functions
6 . ./functions.sh
7
8 if [ "$ENABLE_VIDEOCORE" = true ] ; then
9 # Copy existing videocore sources into chroot directory
10 if [ -n "$VIDEOCORESRC_DIR" ] && [ -d "$VIDEOCORESRC_DIR" ] ; then
11 # Copy local U-Boot sources
12 cp -r "${VIDEOCORESRC_DIR}" "${R}/tmp"
13 else
14 # Create temporary directory for U-Boot sources
15 temp_dir=$(as_nobody mktemp -d)
16
17 # Fetch U-Boot sources
18 as_nobody git -C "${temp_dir}" clone "${VIDEOCORE_URL}"
19
20 # Copy downloaded U-Boot sources
21 mv "${temp_dir}/userland" "${R}/tmp/"
22
23 # Set permissions of the U-Boot sources
24 chown -R root:root "${R}/tmp/userland"
25
26 # Remove temporary directory for U-Boot sources
27 rm -fr "${temp_dir}"
28 fi
29
30 cmake -DCMAKE_SYSTEM_NAME=Linux -DCMAKE_BUILD_TYPE=release -DARM64=ON -DCMAKE_C_COMPILER=aarch64-linux-gnu-gcc -DCMAKE_CXX_COMPILER=aarch64-linux-gnu-g++ -DCMAKE_ASM_COMPILER=aarch64-linux-gnu-gcc -DVIDEOCORE_BUILD_DIR="${R}"/opt/vc
31 make -j "$(nproc)"
32 chroot_exec PATH="${PATH}":/opt/vc/bin
33 fi
@@ -224,6 +224,12 Install and enable the [hardware accelerated Xorg video driver](https://github.c
224 224 ##### `FBTURBOSRC_DIR`=""
225 225 Path to a directory (`xf86-video-fbturbo`) of [hardware accelerated Xorg video driver sources](https://github.com/ssvb/xf86-video-fbturbo) that will be copied, configured, build and installed inside the chroot.
226 226
227 ##### `ENABLE_VIDEOCORE`=false
228 Install and enable the [Source code for ARM side libraries for interfacing to Raspberry Pi GPU](https://github.com/raspberrypi/userland) `vcgencmd`. Please note that this driver is currently limited to hardware accelerated window moving and scrolling.
229
230 ##### `VIDEOCORESRC_DIR`=""
231 Path to a directory (`userland`) of [Source code for ARM side libraries for interfacing to Raspberry Pi GPU](https://github.com/raspberrypi/userland) that will be copied, configured, build and installed inside the chroot.
232
227 233 ##### `ENABLE_IPTABLES`=false
228 234 Enable iptables IPv4/IPv6 firewall. Simplified ruleset: Allow all outgoing connections. Block all incoming connections except to OpenSSH service.
229 235
@@ -19,7 +19,7 if [ "$ENABLE_MINBASE" = true ] ; then
19 19 fi
20 20
21 21 # Base debootstrap (unpack only)
22 http_proxy=${APT_PROXY} debootstrap ${APT_EXCLUDES} --arch="${RELEASE_ARCH}" --foreign ${VARIANT} --components="${COMPONENTS}" --include="${APT_INCLUDES}" "${RELEASE}" "${R}" "http://${APT_SERVER}/debian"
22 http_proxy=${APT_PROXY} debootstrap "${APT_EXCLUDES}" --arch="${RELEASE_ARCH}" --foreign ${VARIANT} --components="${COMPONENTS}" --include="${APT_INCLUDES}" "${RELEASE}" "${R}" "http://${APT_SERVER}/debian"
23 23
24 24 # Copy qemu emulator binary to chroot
25 25 install -m 755 -o root -g root "${QEMU_BINARY}" "${R}${QEMU_BINARY}"
@@ -41,13 +41,13 chroot_exec apt-get -qq -y update
41 41 chroot_exec apt-get -qq -y -u dist-upgrade
42 42
43 43 if [ "$APT_INCLUDES_LATE" ] ; then
44 chroot_exec apt-get -qq -y install $(echo $APT_INCLUDES_LATE |tr , ' ')
44 chroot_exec apt-get -qq -y install "$(echo "$APT_INCLUDES_LATE" |tr , ' ')"
45 45 fi
46 46
47 47 if [ -d packages ] ; then
48 48 for package in packages/*.deb ; do
49 cp $package ${R}/tmp
50 chroot_exec dpkg --unpack /tmp/$(basename $package)
49 cp "$package" "${R}"/tmp
50 chroot_exec dpkg --unpack /tmp/"$(basename "$package")"
51 51 done
52 52 fi
53 53 chroot_exec apt-get -qq -y -f install
@@ -6,11 +6,11
6 6 . ./functions.sh
7 7
8 8 # Install and setup timezone
9 echo ${TIMEZONE} > "${ETC_DIR}/timezone"
9 echo "${TIMEZONE}" > "${ETC_DIR}/timezone"
10 10 chroot_exec dpkg-reconfigure -f noninteractive tzdata
11 11
12 12 # Install and setup default locale and keyboard configuration
13 if [ $(echo "$APT_INCLUDES" | grep ",locales") ] ; then
13 if [ "$(echo "$APT_INCLUDES" | grep ",locales")" ] ; then
14 14 # Set locale choice in debconf db, even though dpkg-reconfigure ignores and overwrites them due to some bug
15 15 # https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=684134 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=685957
16 16 # ... so we have to set locales manually
@@ -8,12 +8,12
8 8 # Fetch and build latest raspberry kernel
9 9 if [ "$BUILD_KERNEL" = true ] ; then
10 10 # Setup source directory
11 mkdir -p "${R}/usr/src/linux"
11 mkdir -p "${KERNEL_DIR}"
12 12
13 13 # Copy existing kernel sources into chroot directory
14 14 if [ -n "$KERNELSRC_DIR" ] && [ -d "$KERNELSRC_DIR" ] ; then
15 15 # Copy kernel sources and include hidden files
16 cp -r "${KERNELSRC_DIR}/". "${R}/usr/src/linux"
16 cp -r "${KERNELSRC_DIR}/". "${KERNEL_DIR}"
17 17
18 18 # Clean the kernel sources
19 19 if [ "$KERNELSRC_CLEAN" = true ] && [ "$KERNELSRC_PREBUILT" = false ] ; then
@@ -31,7 +31,7 if [ "$BUILD_KERNEL" = true ] ; then
31 31 fi
32 32
33 33 # Copy downloaded kernel sources
34 cp -r "${temp_dir}/linux/"* "${R}/usr/src/linux/"
34 cp -r "${temp_dir}/linux/"* "${KERNEL_DIR}"
35 35
36 36 # Remove temporary directory for kernel sources
37 37 rm -fr "${temp_dir}"
@@ -89,30 +89,32 if [ "$BUILD_KERNEL" = true ] ; then
89 89
90 90 # Set kernel configuration parameters to enable qemu emulation
91 91 if [ "$ENABLE_QEMU" = true ] ; then
92 echo "CONFIG_FHANDLE=y" >> ${KERNEL_DIR}/.config
93 echo "CONFIG_LBDAF=y" >> ${KERNEL_DIR}/.config
92 echo "CONFIG_FHANDLE=y" >> "${KERNEL_DIR}"/.config
93 echo "CONFIG_LBDAF=y" >> "${KERNEL_DIR}"/.config
94 94
95 95 if [ "$ENABLE_CRYPTFS" = true ] ; then
96 echo "CONFIG_EMBEDDED=y" >> ${KERNEL_DIR}/.config
97 echo "CONFIG_EXPERT=y" >> ${KERNEL_DIR}/.config
98 echo "CONFIG_DAX=y" >> ${KERNEL_DIR}/.config
99 echo "CONFIG_MD=y" >> ${KERNEL_DIR}/.config
100 echo "CONFIG_BLK_DEV_MD=y" >> ${KERNEL_DIR}/.config
101 echo "CONFIG_MD_AUTODETECT=y" >> ${KERNEL_DIR}/.config
102 echo "CONFIG_BLK_DEV_DM=y" >> ${KERNEL_DIR}/.config
103 echo "CONFIG_BLK_DEV_DM_BUILTIN=y" >> ${KERNEL_DIR}/.config
104 echo "CONFIG_DM_CRYPT=y" >> ${KERNEL_DIR}/.config
105 echo "CONFIG_CRYPTO_BLKCIPHER=y" >> ${KERNEL_DIR}/.config
106 echo "CONFIG_CRYPTO_CBC=y" >> ${KERNEL_DIR}/.config
107 echo "CONFIG_CRYPTO_XTS=y" >> ${KERNEL_DIR}/.config
108 echo "CONFIG_CRYPTO_SHA512=y" >> ${KERNEL_DIR}/.config
109 echo "CONFIG_CRYPTO_MANAGER=y" >> ${KERNEL_DIR}/.config
96 {
97 echo "CONFIG_EMBEDDED=y"
98 echo "CONFIG_EXPERT=y"
99 echo "CONFIG_DAX=y"
100 echo "CONFIG_MD=y"
101 echo "CONFIG_BLK_DEV_MD=y"
102 echo "CONFIG_MD_AUTODETECT=y"
103 echo "CONFIG_BLK_DEV_DM=y"
104 echo "CONFIG_BLK_DEV_DM_BUILTIN=y"
105 echo "CONFIG_DM_CRYPT=y"
106 echo "CONFIG_CRYPTO_BLKCIPHER=y"
107 echo "CONFIG_CRYPTO_CBC=y"
108 echo "CONFIG_CRYPTO_XTS=y"
109 echo "CONFIG_CRYPTO_SHA512=y"
110 echo "CONFIG_CRYPTO_MANAGER=y"
111 } >> ${KERNEL_DIR}/.config
110 112 fi
111 113 fi
112 114
113 115 # Copy custom kernel configuration file
114 if [ ! -z "$KERNELSRC_USRCONFIG" ] ; then
115 cp $KERNELSRC_USRCONFIG ${KERNEL_DIR}/.config
116 if [ -n "$KERNELSRC_USRCONFIG" ] ; then
117 cp "$KERNELSRC_USRCONFIG" "${KERNEL_DIR}"/.config
116 118 fi
117 119
118 120 # Set kernel configuration parameters to their default values
@@ -134,11 +136,11 if [ "$BUILD_KERNEL" = true ] ; then
134 136 fi
135 137
136 138 # Cross compile kernel and dtbs
137 make -C "${KERNEL_DIR}" -j${KERNEL_THREADS} ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" CC="${cc}" "${KERNEL_BIN_IMAGE}" dtbs
139 make -C "${KERNEL_DIR}" -j"${KERNEL_THREADS}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" CC="${cc}" "${KERNEL_BIN_IMAGE}" dtbs
138 140
139 141 # Cross compile kernel modules
140 if [ $(grep "CONFIG_MODULES=y" "${KERNEL_DIR}/.config") ] ; then
141 make -C "${KERNEL_DIR}" -j${KERNEL_THREADS} ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" CC="${cc}" modules
142 if [ "$(grep "CONFIG_MODULES=y" "${KERNEL_DIR}/.config")" ] ; then
143 make -C "${KERNEL_DIR}" -j"${KERNEL_THREADS}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" CC="${cc}" modules
142 144 fi
143 145 fi
144 146
@@ -151,16 +153,16 if [ "$BUILD_KERNEL" = true ] ; then
151 153
152 154 # Install kernel modules
153 155 if [ "$ENABLE_REDUCE" = true ] ; then
154 if [ $(grep "CONFIG_MODULES=y" "${KERNEL_DIR}/.config") ] ; then
156 if [ "$(grep "CONFIG_MODULES=y" "${KERNEL_DIR}/.config")" ] ; then
155 157 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_MOD_STRIP=1 INSTALL_MOD_PATH=../../.. modules_install
156 158 fi
157 159 else
158 if [ $(grep "CONFIG_MODULES=y" "${KERNEL_DIR}/.config") ] ; then
160 if [ "$(grep "CONFIG_MODULES=y" "${KERNEL_DIR}/.config")" ] ; then
159 161 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_MOD_PATH=../../.. modules_install
160 162 fi
161 163
162 164 # Install kernel firmware
163 if [ $(grep "^firmware_install:" "${KERNEL_DIR}/Makefile") ] ; then
165 if [ "$(grep "^firmware_install:" "${KERNEL_DIR}/Makefile")" ] ; then
164 166 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_FW_PATH=../../../lib firmware_install
165 167 fi
166 168 fi
@@ -174,7 +176,7 if [ "$BUILD_KERNEL" = true ] ; then
174 176 mkdir "${BOOT_DIR}"
175 177
176 178 # Get kernel release version
177 KERNEL_VERSION=`cat "${KERNEL_DIR}/include/config/kernel.release"`
179 KERNEL_VERSION=$(cat "${KERNEL_DIR}/include/config/kernel.release")
178 180
179 181 # Copy kernel configuration file to the boot directory
180 182 install_readonly "${KERNEL_DIR}/.config" "${R}/boot/config-${KERNEL_VERSION}"
@@ -223,8 +225,8 if [ "$BUILD_KERNEL" = true ] ; then
223 225 rm -fr "${KERNEL_DIR}"
224 226 else
225 227 # Prepare compiled kernel modules
226 if [ $(grep "CONFIG_MODULES=y" "${KERNEL_DIR}/.config") ] ; then
227 if [ $(grep "^modules_prepare:" "${KERNEL_DIR}/Makefile") ] ; then
228 if [ "$(grep "CONFIG_MODULES=y" "${KERNEL_DIR}/.config")" ] ; then
229 if [ "$(grep "^modules_prepare:" "${KERNEL_DIR}/Makefile")" ] ; then
228 230 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" modules_prepare
229 231 fi
230 232
@@ -242,7 +244,7 else # BUILD_KERNEL=false
242 244 chroot_exec apt-get -qq -y install flash-kernel
243 245
244 246 # Check if kernel installation was successful
245 VMLINUZ="$(ls -1 ${R}/boot/vmlinuz-* | sort | tail -n 1)"
247 VMLINUZ="$(ls -1 "${R}"/boot/vmlinuz-* | sort | tail -n 1)"
246 248 if [ -z "$VMLINUZ" ] ; then
247 249 echo "error: kernel installation failed! (/boot/vmlinuz-* not found)"
248 250 cleanup
@@ -45,7 +45,7 if [ "$BUILD_KERNEL" = true ] && [ "$ENABLE_INITRAMFS" = true ] ; then
45 45 printf "#\n# CRYPTSETUP: [ y | n ]\n#\n\nCRYPTSETUP=y\n" >> "${ETC_DIR}/initramfs-tools/conf-hook"
46 46
47 47 # Dummy mapping required by mkinitramfs
48 echo "0 1 crypt $(echo ${CRYPTFS_CIPHER} | cut -d ':' -f 1) ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff 0 7:0 4096" | chroot_exec dmsetup create "${CRYPTFS_MAPPING}"
48 echo "0 1 crypt $(echo "${CRYPTFS_CIPHER}" | cut -d ':' -f 1) ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff 0 7:0 4096" | chroot_exec dmsetup create "${CRYPTFS_MAPPING}"
49 49
50 50 # Generate initramfs with encrypted root partition support
51 51 chroot_exec mkinitramfs -o "/boot/firmware/initramfs-${KERNEL_VERSION}" "${KERNEL_VERSION}"
@@ -8,13 +8,13
8 8 if [ "$BUILD_KERNEL" = true ] ; then
9 9 if [ -n "$RPI_FIRMWARE_DIR" ] && [ -d "$RPI_FIRMWARE_DIR" ] ; then
10 10 # Install boot binaries from local directory
11 cp ${RPI_FIRMWARE_DIR}/boot/bootcode.bin ${BOOT_DIR}/bootcode.bin
12 cp ${RPI_FIRMWARE_DIR}/boot/fixup.dat ${BOOT_DIR}/fixup.dat
13 cp ${RPI_FIRMWARE_DIR}/boot/fixup_cd.dat ${BOOT_DIR}/fixup_cd.dat
14 cp ${RPI_FIRMWARE_DIR}/boot/fixup_x.dat ${BOOT_DIR}/fixup_x.dat
15 cp ${RPI_FIRMWARE_DIR}/boot/start.elf ${BOOT_DIR}/start.elf
16 cp ${RPI_FIRMWARE_DIR}/boot/start_cd.elf ${BOOT_DIR}/start_cd.elf
17 cp ${RPI_FIRMWARE_DIR}/boot/start_x.elf ${BOOT_DIR}/start_x.elf
11 cp "${RPI_FIRMWARE_DIR}"/boot/bootcode.bin "${BOOT_DIR}"/bootcode.bin
12 cp "${RPI_FIRMWARE_DIR}"/boot/fixup.dat "${BOOT_DIR}"/fixup.dat
13 cp "${RPI_FIRMWARE_DIR}"/boot/fixup_cd.dat "${BOOT_DIR}"/fixup_cd.dat
14 cp "${RPI_FIRMWARE_DIR}"/boot/fixup_x.dat "${BOOT_DIR}"/fixup_x.dat
15 cp "${RPI_FIRMWARE_DIR}"/boot/start.elf "${BOOT_DIR}"/start.elf
16 cp "${RPI_FIRMWARE_DIR}"/boot/start_cd.elf "${BOOT_DIR}"/start_cd.elf
17 cp "${RPI_FIRMWARE_DIR}"/boot/start_x.elf "${BOOT_DIR}"/start_x.elf
18 18 else
19 19 # Create temporary directory for boot binaries
20 20 temp_dir=$(as_nobody mktemp -d)
@@ -50,9 +50,9 fi
50 50 # Add encrypted root partition to cmdline.txt
51 51 if [ "$ENABLE_CRYPTFS" = true ] ; then
52 52 if [ "$ENABLE_SPLITFS" = true ] ; then
53 CMDLINE=$(echo ${CMDLINE} | sed "s/sda1/mapper\/${CRYPTFS_MAPPING} cryptdevice=\/dev\/sda1:${CRYPTFS_MAPPING}/")
53 CMDLINE=$(echo "${CMDLINE}" | sed "s/sda1/mapper\/${CRYPTFS_MAPPING} cryptdevice=\/dev\/sda1:${CRYPTFS_MAPPING}/")
54 54 else
55 CMDLINE=$(echo ${CMDLINE} | sed "s/mmcblk0p2/mapper\/${CRYPTFS_MAPPING} cryptdevice=\/dev\/mmcblk0p2:${CRYPTFS_MAPPING}/")
55 CMDLINE=$(echo "${CMDLINE}" | sed "s/mmcblk0p2/mapper\/${CRYPTFS_MAPPING} cryptdevice=\/dev\/mmcblk0p2:${CRYPTFS_MAPPING}/")
56 56 fi
57 57 fi
58 58
@@ -139,7 +139,7 if [ "$ENABLE_SPI" = true ] ; then
139 139 fi
140 140
141 141 # Disable RPi2/3 under-voltage warnings
142 if [ ! -z "$DISABLE_UNDERVOLT_WARNINGS" ] ; then
142 if [ -n "$DISABLE_UNDERVOLT_WARNINGS" ] ; then
143 143 echo "avoid_warnings=${DISABLE_UNDERVOLT_WARNINGS}" >> "${BOOT_DIR}/config.txt"
144 144 fi
145 145
@@ -89,14 +89,14 if [ "$ENABLE_HARDNET" = true ] ; then
89 89 fi
90 90
91 91 # Enable time sync
92 if [ "NET_NTP_1" != "" ] ; then
92 if [ "$NET_NTP_1" != "" ] ; then
93 93 chroot_exec systemctl enable systemd-timesyncd.service
94 94 fi
95 95
96 96 # Download the firmware binary blob required to use the RPi3 wireless interface
97 97 if [ "$ENABLE_WIRELESS" = true ] ; then
98 if [ ! -d ${WLAN_FIRMWARE_DIR} ] ; then
99 mkdir -p ${WLAN_FIRMWARE_DIR}
98 if [ ! -d "${WLAN_FIRMWARE_DIR}" ] ; then
99 mkdir -p "${WLAN_FIRMWARE_DIR}"
100 100 fi
101 101
102 102 # Create temporary directory for firmware binary blob
@@ -9,10 +9,11 if [ "$ENABLE_IPTABLES" = true ] ; then
9 9 # Create iptables configuration directory
10 10 mkdir -p "${ETC_DIR}/iptables"
11 11
12 # make sure iptables-legacy,iptables-legacy-restore and iptables-legacy-save are the used alternatives
12 # make sure iptables-legacy is the used alternatives
13 #iptables-save and -restore are slaves of iptables and thus are set accordingly
14 if ! [ "$RELEASE" = jessie ] ; then
13 15 chroot_exec update-alternatives --verbose --set iptables /usr/sbin/iptables-legacy
14 chroot_exec update-alternatives --verbose --set iptables-save /usr/sbin/iptables-legacy-save
15 chroot_exec update-alternatives --verbose --set iptables-restore /usr/sbin/iptables-legacy-restore
16 fi
16 17
17 18 # Install iptables systemd service
18 19 install_readonly files/iptables/iptables.service "${ETC_DIR}/systemd/system/iptables.service"
@@ -6,8 +6,8
6 6 . ./functions.sh
7 7
8 8 # Generate crypt(3) password string
9 ENCRYPTED_PASSWORD=`mkpasswd -m sha-512 "${PASSWORD}"`
10 ENCRYPTED_USER_PASSWORD=`mkpasswd -m sha-512 "${USER_PASSWORD}"`
9 ENCRYPTED_PASSWORD=$(mkpasswd -m sha-512 "${PASSWORD}")
10 ENCRYPTED_USER_PASSWORD=$(mkpasswd -m sha-512 "${USER_PASSWORD}")
11 11
12 12 # Setup default user
13 13 if [ "$ENABLE_USER" = true ] ; then
@@ -28,7 +28,7 if [ "$ENABLE_SSHD" = true ] ; then
28 28 fi
29 29
30 30 # Add SSH (v2) public key for user root
31 if [ ! -z "$SSH_ROOT_PUB_KEY" ] ; then
31 if [ -n "$SSH_ROOT_PUB_KEY" ] ; then
32 32 # Create root SSH config directory
33 33 mkdir -p "${R}/root/.ssh"
34 34
@@ -52,20 +52,20 if [ "$ENABLE_SSHD" = true ] ; then
52 52
53 53 if [ "$ENABLE_USER" = true ] ; then
54 54 # Add SSH (v2) public key for user $USER_NAME
55 if [ ! -z "$SSH_USER_PUB_KEY" ] ; then
55 if [ -n "$SSH_USER_PUB_KEY" ] ; then
56 56 # Create $USER_NAME SSH config directory
57 57 mkdir -p "${R}/home/${USER_NAME}/.ssh"
58 58
59 59 # Set permissions of $USER_NAME SSH config directory
60 60 chroot_exec chmod 700 "/home/${USER_NAME}/.ssh"
61 chroot_exec chown ${USER_NAME}:${USER_NAME} "/home/${USER_NAME}/.ssh"
61 chroot_exec chown "${USER_NAME}":"${USER_NAME}" "/home/${USER_NAME}/.ssh"
62 62
63 63 # Add SSH (v2) public key(s) to authorized_keys file
64 64 cat "$SSH_USER_PUB_KEY" >> "${R}/home/${USER_NAME}/.ssh/authorized_keys"
65 65
66 66 # Set permissions of $USER_NAME SSH config directory
67 67 chroot_exec chmod 600 "/home/${USER_NAME}/.ssh/authorized_keys"
68 chroot_exec chown ${USER_NAME}:${USER_NAME} "/home/${USER_NAME}/.ssh/authorized_keys"
68 chroot_exec chown "${USER_NAME}":"${USER_NAME}" "/home/${USER_NAME}/.ssh/authorized_keys"
69 69
70 70 if [ "$ENABLE_REDUCE" = false ] || [ "$REDUCE_SSHD" = false ] ; then
71 71 # Allow SSH public key authentication
@@ -85,7 +85,7 if [ "$ENABLE_SSHD" = true ] ; then
85 85 allowed_users="${allowed_users} ${USER_NAME}"
86 86 fi
87 87
88 if [ ! -z "$allowed_users" ] ; then
88 if [ -n "$allowed_users" ] ; then
89 89 echo "AllowUsers ${allowed_users}" >> "${ETC_DIR}/ssh/sshd_config"
90 90 fi
91 91 fi
@@ -32,7 +32,7 if [ "$ENABLE_UBOOT" = true ] ; then
32 32 fi
33 33
34 34 # Build and install U-Boot inside chroot
35 chroot_exec make -j${KERNEL_THREADS} -C /tmp/u-boot/ ${UBOOT_CONFIG} all
35 chroot_exec make -j"${KERNEL_THREADS}" -C /tmp/u-boot/ "${UBOOT_CONFIG}" all
36 36
37 37 # Copy compiled bootloader binary and set config.txt to load it
38 38 install_exec "${R}/tmp/u-boot/tools/mkimage" "${R}/usr/sbin/mkimage"
@@ -66,6 +66,16 if [ "$ENABLE_UBOOT" = true ] ; then
66 66 fi
67 67 fi
68 68
69 if [ "$KERNEL_ARCH" = "arm64" ] ; then
70 echo "Setting up config.txt to boot 64bit uboot"
71
72 printf "\n# 64bit-mode" >> "${BOOT_DIR}/config.txt"
73 printf "\n# arm_control=0x200 is deprecated https://www.raspberrypi.org/documentation/configuration/config-txt/misc.md" >> "${BOOT_DIR}/config.txt"
74 printf "\narm_64bit=1" >> "${BOOT_DIR}/config.txt"
75 #in 64bit uboot booti is used instead of bootz [like in KERNEL_BIN_IMAGE=zImage (armv7)|| Image(armv8)]
76 sed -i "s|bootz|booti|g" "${BOOT_DIR}/uboot.mkimage"
77 fi
78
69 79 # Set mkfile to use the correct dtb file
70 80 sed -i "s/^\(setenv dtbfile \).*/\1${DTB_FILE}/" "${BOOT_DIR}/uboot.mkimage"
71 81
@@ -25,8 +25,8 if [ "$ENABLE_REDUCE" = true ] ; then
25 25
26 26 # Remove all doc files
27 27 if [ "$REDUCE_DOC" = true ] ; then
28 find "${R}/usr/share/doc" -depth -type f ! -name copyright | xargs rm || true
29 find "${R}/usr/share/doc" -empty | xargs rmdir || true
28 find "${R}/usr/share/doc" -depth -type f ! -name copyright -print0 | xargs -0 rm || true
29 find "${R}/usr/share/doc" -empty -print0 | xargs -0 rmdir || true
30 30 fi
31 31
32 32 # Remove all man pages and info files
@@ -36,7 +36,7 if [ "$ENABLE_REDUCE" = true ] ; then
36 36
37 37 # Remove all locale translation files
38 38 if [ "$REDUCE_LOCALE" = true ] ; then
39 find "${R}/usr/share/locale" -mindepth 1 -maxdepth 1 ! -name 'en' | xargs rm -r
39 find "${R}/usr/share/locale" -mindepth 1 -maxdepth 1 ! -name 'en' -print0 | xargs -0 rm -r
40 40 fi
41 41
42 42 # Remove hwdb PCI device classes (experimental)
@@ -8,6 +8,7 setenv machid 0x00000c42
8 8 saveenv
9 9
10 10 # Load the existing Linux kernel into RAM
11 mmc dev 0
11 12 fatload mmc 0:1 ${kernel_addr_r} kernel7.img
12 13 fatload mmc 0:1 ${fdt_addr_r} ${dtbfile}
13 14 fatload mmc 0:1 ${ramdisk_addr_r} ${initramfs}
@@ -31,7 +31,7 fi
31 31 . ./functions.sh
32 32
33 33 # Load parameters from configuration template file
34 if [ ! -z "$CONFIG_TEMPLATE" ] ; then
34 if [ -n "$CONFIG_TEMPLATE" ] ; then
35 35 use_template
36 36 fi
37 37
@@ -103,6 +103,7 WLAN_FIRMWARE_URL=${WLAN_FIRMWARE_URL:=https://github.com/RPi-Distro/firmware-no
103 103 COLLABORA_URL=${COLLABORA_URL:=https://repositories.collabora.co.uk/debian}
104 104 FBTURBO_URL=${FBTURBO_URL:=https://github.com/ssvb/xf86-video-fbturbo.git}
105 105 UBOOT_URL=${UBOOT_URL:=https://git.denx.de/u-boot.git}
106 VIDEOCORE_URL=${VIDEOCORE_URL=https://github.com/raspberrypi/userland}
106 107
107 108 # Build directories
108 109 BASEDIR=${BASEDIR:=$(pwd)/images/${RELEASE}}
@@ -122,7 +123,7 ETC_DIR="${R}/etc"
122 123 LIB_DIR="${R}/lib"
123 124 BOOT_DIR="${R}/boot/firmware"
124 125 KERNEL_DIR="${R}/usr/src/linux"
125 WLAN_FIRMWARE_DIR="${R}/lib/firmware/brcm"
126 WLAN_FIRMWARE_DIR="${LIB_DIR}/firmware/brcm"
126 127
127 128 # Firmware directory: Blank if download from github
128 129 RPI_FIRMWARE_DIR=${RPI_FIRMWARE_DIR:=""}
@@ -191,6 +192,8 ENABLE_REDUCE=${ENABLE_REDUCE:=false}
191 192 ENABLE_UBOOT=${ENABLE_UBOOT:=false}
192 193 UBOOTSRC_DIR=${UBOOTSRC_DIR:=""}
193 194 ENABLE_FBTURBO=${ENABLE_FBTURBO:=false}
195 ENABLE_VIDEOCORE=${ENABLE_VIDEOCORE:=true}
196 VIDEOCORESRC_DIR=${VIDEOCORESRC_DIR:=""}
194 197 FBTURBOSRC_DIR=${FBTURBOSRC_DIR:=""}
195 198 ENABLE_HARDNET=${ENABLE_HARDNET:=false}
196 199 ENABLE_IPTABLES=${ENABLE_IPTABLES:=false}
@@ -294,7 +297,7 if [ "$ENABLE_WIRELESS" = true ] && ([ "$RPI_MODEL" = 1 ] || [ "$RPI_MODEL" = 1P
294 297 fi
295 298
296 299 # Check if DISABLE_UNDERVOLT_WARNINGS parameter value is supported
297 if [ ! -z "$DISABLE_UNDERVOLT_WARNINGS" ] ; then
300 if [ -n "$DISABLE_UNDERVOLT_WARNINGS" ] ; then
298 301 if [ "$DISABLE_UNDERVOLT_WARNINGS" != 1 ] && [ "$DISABLE_UNDERVOLT_WARNINGS" != 2 ] ; then
299 302 echo "error: DISABLE_UNDERVOLT_WARNINGS=${DISABLE_UNDERVOLT_WARNINGS} is not supported"
300 303 exit 1
@@ -321,9 +324,13 if [ "$BUILD_KERNEL" = true ] ; then
321 324 fi
322 325 fi
323 326
327 if [ "$ENABLE_VIDEOCORE" = true ] ; then
328 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} cmake"
329 fi
330
324 331 # Add libncurses5 to enable kernel menuconfig
325 332 if [ "$KERNEL_MENUCONFIG" = true ] ; then
326 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} libncurses5-dev"
333 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} libncurses-dev"
327 334 fi
328 335
329 336 # Add ccache compiler cache for (faster) kernel cross (re)compilation
@@ -354,7 +361,7 if [ "$ENABLE_UBOOT" = true ] ; then
354 361 fi
355 362
356 363 # Check if root SSH (v2) public key file exists
357 if [ ! -z "$SSH_ROOT_PUB_KEY" ] ; then
364 if [ -n "$SSH_ROOT_PUB_KEY" ] ; then
358 365 if [ ! -f "$SSH_ROOT_PUB_KEY" ] ; then
359 366 echo "error: '$SSH_ROOT_PUB_KEY' specified SSH public key file not found (SSH_ROOT_PUB_KEY)!"
360 367 exit 1
@@ -362,7 +369,7 if [ ! -z "$SSH_ROOT_PUB_KEY" ] ; then
362 369 fi
363 370
364 371 # Check if $USER_NAME SSH (v2) public key file exists
365 if [ ! -z "$SSH_USER_PUB_KEY" ] ; then
372 if [ -n "$SSH_USER_PUB_KEY" ] ; then
366 373 if [ ! -f "$SSH_USER_PUB_KEY" ] ; then
367 374 echo "error: '$SSH_USER_PUB_KEY' specified SSH public key file not found (SSH_USER_PUB_KEY)!"
368 375 exit 1
@@ -371,7 +378,7 fi
371 378
372 379 # Check if all required packages are installed on the build system
373 380 for package in $REQUIRED_PACKAGES ; do
374 if [ "`dpkg-query -W -f='${Status}' $package`" != "install ok installed" ] ; then
381 if [ "$(dpkg-query -W -f='${Status}' $package)" != "install ok installed" ] ; then
375 382 MISSING_PACKAGES="${MISSING_PACKAGES} $package"
376 383 fi
377 384 done
@@ -381,12 +388,12 if [ -n "$MISSING_PACKAGES" ] ; then
381 388 echo "the following packages needed by this script are not installed:"
382 389 echo "$MISSING_PACKAGES"
383 390
384 echo -n "\ndo you want to install the missing packages right now? [y/n] "
385 read confirm
391 printf "\ndo you want to install the missing packages right now? [y/n] "
392 read -r confirm
386 393 [ "$confirm" != "y" ] && exit 1
387 394
388 395 # Make sure all missing required packages are installed
389 apt-get -qq -y install ${MISSING_PACKAGES}
396 apt-get -qq -y install "${MISSING_PACKAGES}"
390 397 fi
391 398
392 399 # Check if ./bootstrap.d directory exists
@@ -413,6 +420,12 if [ -n "$UBOOTSRC_DIR" ] && [ ! -d "$UBOOTSRC_DIR" ] ; then
413 420 exit 1
414 421 fi
415 422
423 # Check if specified VIDEOCORESRC_DIR directory exists
424 if [ -n "$VIDEOCORESRC_DIR" ] && [ ! -d "$VIDEOCORESRC_DIR" ] ; then
425 echo "error: '${VIDEOCORESRC_DIR}' specified directory not found (VIDEOCORESRC_DIR)!"
426 exit 1
427 fi
428
416 429 # Check if specified FBTURBOSRC_DIR directory exists
417 430 if [ -n "$FBTURBOSRC_DIR" ] && [ ! -d "$FBTURBOSRC_DIR" ] ; then
418 431 echo "error: '${FBTURBOSRC_DIR}' specified directory not found (FBTURBOSRC_DIR)!"
@@ -441,7 +454,7 fi
441 454 mkdir -p "${R}"
442 455
443 456 # Check if build directory has enough of free disk space >512MB
444 if [ "$(df --output=avail ${BUILDDIR} | sed "1d")" -le "524288" ] ; then
457 if [ "$(df --output=avail "${BUILDDIR}" | sed "1d")" -le "524288" ] ; then
445 458 echo "error: ${BUILDDIR} not enough space left to generate the output image!"
446 459 exit 1
447 460 fi
@@ -519,7 +532,7 if [ "$ENABLE_REDUCE" = true ] ; then
519 532
520 533 # Add dropbear package instead of openssh-server
521 534 if [ "$REDUCE_SSHD" = true ] ; then
522 APT_INCLUDES="$(echo ${APT_INCLUDES} | sed "s/openssh-server/dropbear/")"
535 APT_INCLUDES="$(echo "${APT_INCLUDES}" | sed "s/openssh-server/dropbear/")"
523 536 fi
524 537 fi
525 538
@@ -662,27 +675,27 if [ "$ENABLE_QEMU" = true ] ; then
662 675 fi
663 676
664 677 # Calculate size of the chroot directory in KB
665 CHROOT_SIZE=$(expr `du -s "${R}" | awk '{ print $1 }'`)
678 CHROOT_SIZE=$(expr "$(du -s "${R}" | awk '{ print $1 }')")
666 679
667 680 # Calculate the amount of needed 512 Byte sectors
668 681 TABLE_SECTORS=$(expr 1 \* 1024 \* 1024 \/ 512)
669 682 FRMW_SECTORS=$(expr 64 \* 1024 \* 1024 \/ 512)
670 ROOT_OFFSET=$(expr ${TABLE_SECTORS} + ${FRMW_SECTORS})
683 ROOT_OFFSET=$(expr "${TABLE_SECTORS}" + "${FRMW_SECTORS}")
671 684
672 685 # The root partition is EXT4
673 686 # This means more space than the actual used space of the chroot is used.
674 687 # As overhead for journaling and reserved blocks 35% are added.
675 ROOT_SECTORS=$(expr $(expr ${CHROOT_SIZE} + ${CHROOT_SIZE} \/ 100 \* 35) \* 1024 \/ 512)
688 ROOT_SECTORS=$(expr "$(expr "${CHROOT_SIZE}" + "${CHROOT_SIZE}" \/ 100 \* 35)" \* 1024 \/ 512)
676 689
677 690 # Calculate required image size in 512 Byte sectors
678 IMAGE_SECTORS=$(expr ${TABLE_SECTORS} + ${FRMW_SECTORS} + ${ROOT_SECTORS})
691 IMAGE_SECTORS=$(expr "${TABLE_SECTORS}" + "${FRMW_SECTORS}" + "${ROOT_SECTORS}")
679 692
680 693 # Prepare image file
681 694 if [ "$ENABLE_SPLITFS" = true ] ; then
682 dd if=/dev/zero of="$IMAGE_NAME-frmw.img" bs=512 count=${TABLE_SECTORS}
683 dd if=/dev/zero of="$IMAGE_NAME-frmw.img" bs=512 count=0 seek=${FRMW_SECTORS}
684 dd if=/dev/zero of="$IMAGE_NAME-root.img" bs=512 count=${TABLE_SECTORS}
685 dd if=/dev/zero of="$IMAGE_NAME-root.img" bs=512 count=0 seek=${ROOT_SECTORS}
695 dd if=/dev/zero of="$IMAGE_NAME-frmw.img" bs=512 count="${TABLE_SECTORS}"
696 dd if=/dev/zero of="$IMAGE_NAME-frmw.img" bs=512 count=0 seek="${FRMW_SECTORS}"
697 dd if=/dev/zero of="$IMAGE_NAME-root.img" bs=512 count="${TABLE_SECTORS}"
698 dd if=/dev/zero of="$IMAGE_NAME-root.img" bs=512 count=0 seek="${ROOT_SECTORS}"
686 699
687 700 # Write firmware/boot partition tables
688 701 sfdisk -q -L -uS -f "$IMAGE_NAME-frmw.img" 2> /dev/null <<EOM
@@ -695,11 +708,11 ${TABLE_SECTORS},${ROOT_SECTORS},83
695 708 EOM
696 709
697 710 # Setup temporary loop devices
698 FRMW_LOOP="$(losetup -o 1M --sizelimit 64M -f --show $IMAGE_NAME-frmw.img)"
699 ROOT_LOOP="$(losetup -o 1M -f --show $IMAGE_NAME-root.img)"
711 FRMW_LOOP="$(losetup -o 1M --sizelimit 64M -f --show "$IMAGE_NAME"-frmw.img)"
712 ROOT_LOOP="$(losetup -o 1M -f --show "$IMAGE_NAME"-root.img)"
700 713 else # ENABLE_SPLITFS=false
701 dd if=/dev/zero of="$IMAGE_NAME.img" bs=512 count=${TABLE_SECTORS}
702 dd if=/dev/zero of="$IMAGE_NAME.img" bs=512 count=0 seek=${IMAGE_SECTORS}
714 dd if=/dev/zero of="$IMAGE_NAME.img" bs=512 count="${TABLE_SECTORS}"
715 dd if=/dev/zero of="$IMAGE_NAME.img" bs=512 count=0 seek="${IMAGE_SECTORS}"
703 716
704 717 # Write partition table
705 718 sfdisk -q -L -uS -f "$IMAGE_NAME.img" 2> /dev/null <<EOM
@@ -708,8 +721,8 ${ROOT_OFFSET},${ROOT_SECTORS},83
708 721 EOM
709 722
710 723 # Setup temporary loop devices
711 FRMW_LOOP="$(losetup -o 1M --sizelimit 64M -f --show $IMAGE_NAME.img)"
712 ROOT_LOOP="$(losetup -o 65M -f --show $IMAGE_NAME.img)"
724 FRMW_LOOP="$(losetup -o 1M --sizelimit 64M -f --show "$IMAGE_NAME".img)"
725 ROOT_LOOP="$(losetup -o 65M -f --show "$IMAGE_NAME".img)"
713 726 fi
714 727
715 728 if [ "$ENABLE_CRYPTFS" = true ] ; then
@@ -734,7 +747,7 if [ "$ENABLE_CRYPTFS" = true ] ; then
734 747 ROOT_LOOP="/dev/mapper/${CRYPTFS_MAPPING}"
735 748
736 749 # Wipe encrypted partition (encryption cipher is used for randomness)
737 dd if=/dev/zero of="${ROOT_LOOP}" bs=512 count=$(blockdev --getsz "${ROOT_LOOP}")
750 dd if=/dev/zero of="${ROOT_LOOP}" bs=512 count="$(blockdev --getsz "${ROOT_LOOP}")"
738 751 fi
739 752
740 753 # Build filesystems
@@ -761,22 +774,22 if [ "$ENABLE_SPLITFS" = true ] ; then
761 774 bmaptool create -o "$IMAGE_NAME-root.bmap" "$IMAGE_NAME-root.img"
762 775
763 776 # Image was successfully created
764 echo "$IMAGE_NAME-frmw.img ($(expr \( ${TABLE_SECTORS} + ${FRMW_SECTORS} \) \* 512 \/ 1024 \/ 1024)M)" ": successfully created"
765 echo "$IMAGE_NAME-root.img ($(expr \( ${TABLE_SECTORS} + ${ROOT_SECTORS} \) \* 512 \/ 1024 \/ 1024)M)" ": successfully created"
777 echo "$IMAGE_NAME-frmw.img ($(expr \( "${TABLE_SECTORS}" + "${FRMW_SECTORS}" \) \* 512 \/ 1024 \/ 1024)M)" ": successfully created"
778 echo "$IMAGE_NAME-root.img ($(expr \( "${TABLE_SECTORS}" + "${ROOT_SECTORS}" \) \* 512 \/ 1024 \/ 1024)M)" ": successfully created"
766 779 else
767 780 # Create block map file for "bmaptool"
768 781 bmaptool create -o "$IMAGE_NAME.bmap" "$IMAGE_NAME.img"
769 782
770 783 # Image was successfully created
771 echo "$IMAGE_NAME.img ($(expr \( ${TABLE_SECTORS} + ${FRMW_SECTORS} + ${ROOT_SECTORS} \) \* 512 \/ 1024 \/ 1024)M)" ": successfully created"
784 echo "$IMAGE_NAME.img ($(expr \( "${TABLE_SECTORS}" + "${FRMW_SECTORS}" + "${ROOT_SECTORS}" \) \* 512 \/ 1024 \/ 1024)M)" ": successfully created"
772 785
773 786 # Create qemu qcow2 image
774 787 if [ "$ENABLE_QEMU" = true ] ; then
775 788 QEMU_IMAGE=${QEMU_IMAGE:=${BASEDIR}/qemu/${DATE}-${KERNEL_ARCH}-CURRENT-rpi${RPI_MODEL}-${RELEASE}-${RELEASE_ARCH}}
776 789 QEMU_SIZE=16G
777 790
778 qemu-img convert -f raw -O qcow2 $IMAGE_NAME.img $QEMU_IMAGE.qcow2
779 qemu-img resize $QEMU_IMAGE.qcow2 $QEMU_SIZE
791 qemu-img convert -f raw -O qcow2 "$IMAGE_NAME".img "$QEMU_IMAGE".qcow2
792 qemu-img resize "$QEMU_IMAGE".qcow2 $QEMU_SIZE
780 793
781 794 echo "$QEMU_IMAGE.qcow2 ($QEMU_SIZE)" ": successfully created"
782 795 fi
General Comments 0
Vous devez vous connecter pour laisser un commentaire. Se connecter maintenant