Raspi2-3_GenImage Commit - r472:1f2bf46a6d7c · Collaboration Tremplin des Sciences

Unknown -

r472:1f2bf46a6d7c

parent child

Context file:

r472:1f2bf46a6d7c

bootstrap.d/13-kernel.sh +9 -7

              #
              # Build and Setup RPi2/3 Kernel
              #
              # Load utility functions
              . ./functions.sh
              # Fetch and build latest raspberry kernel
              if [ "$BUILD_KERNEL" = true ] ; then
                # Setup source directory
                mkdir -p "${KERNEL_DIR}"
                # Copy existing kernel sources into chroot directory
                if [ -n "$KERNELSRC_DIR" ] && [ -d "$KERNELSRC_DIR" ] ; then
                  # Copy kernel sources and include hidden files
                  cp -r "${KERNELSRC_DIR}/". "${KERNEL_DIR}"
                  # Clean the kernel sources
                  if [ "$KERNELSRC_CLEAN" = true ] && [ "$KERNELSRC_PREBUILT" = false ] ; then
                    make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" mrproper
                  fi
                else # KERNELSRC_DIR=""
                  # Create temporary directory for kernel sources
                  temp_dir=$(as_nobody mktemp -d)
+             	# Use kali kernel src if nexmon is enabled
              	if [ "$ENABLE_NEXMON" = true ] ; then
-             	  NEXMON_URL
+             	  KERNEL_URL="${NEXMON_URL}"
+                 fi
+                 # Fetch current RPi2/3 kernel sources
+                 if [ -z "${KERNEL_BRANCH}" ] ; then
+                   as_nobody -H git -C "${temp_dir}" clone --depth=1 "${KERNEL_URL}" linux
                  else
-                   # Fetch current RPi2/3 kernel sources
-                   if [ -z "${KERNEL_BRANCH}" ] ; then
-                     as_nobody -H git -C "${temp_dir}" clone --depth=1 "${KERNEL_URL}" linux
-                   else
-                     as_nobody -H git -C "${temp_dir}" clone --depth=1 --branch "${KERNEL_BRANCH}" "${KERNEL_URL}" linux
-                   fi
+                   as_nobody -H git -C "${temp_dir}" clone --depth=1 --branch "${KERNEL_BRANCH}" "${KERNEL_URL}" linux
                  fi
                  # Copy downloaded kernel sources
                  cp -r "${temp_dir}/linux/"* "${KERNEL_DIR}"
                  # Remove temporary directory for kernel sources
                  rm -fr "${temp_dir}"
                  # Set permissions of the kernel sources
                  chown -R root:root "${R}/usr/src"
                fi
                # Calculate optimal number of kernel building threads
                if [ "$KERNEL_THREADS" = "1" ] && [ -r /proc/cpuinfo ] ; then
                  KERNEL_THREADS=$(grep -c processor /proc/cpuinfo)
                fi
                # Configure and build kernel
                if [ "$KERNELSRC_PREBUILT" = false ] ; then
                  # Remove device, network and filesystem drivers from kernel configuration
                  if [ "$KERNEL_REDUCE" = true ] ; then
                    make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" "${KERNEL_DEFCONFIG}"
                    sed -i\
                    -e "s/\(^CONFIG_SND.*\=\).*/\1n/"\
                    -e "s/\(^CONFIG_SOUND.*\=\).*/\1n/"\
                    -e "s/\(^CONFIG_AC97.*\=\).*/\1n/"\
                    -e "s/\(^CONFIG_VIDEO_.*\=\).*/\1n/"\
                    -e "s/\(^CONFIG_MEDIA_TUNER.*\=\).*/\1n/"\
                    -e "s/\(^CONFIG_DVB.*\=\)[ym]/\1n/"\
                    -e "s/\(^CONFIG_REISERFS.*\=\).*/\1n/"\
                    -e "s/\(^CONFIG_JFS.*\=\).*/\1n/"\
                    -e "s/\(^CONFIG_XFS.*\=\).*/\1n/"\
                    -e "s/\(^CONFIG_GFS2.*\=\).*/\1n/"\
                    -e "s/\(^CONFIG_OCFS2.*\=\).*/\1n/"\
                    -e "s/\(^CONFIG_BTRFS.*\=\).*/\1n/"\
                    -e "s/\(^CONFIG_HFS.*\=\).*/\1n/"\
                    -e "s/\(^CONFIG_JFFS2.*\=\)[ym]/\1n/"\
                    -e "s/\(^CONFIG_UBIFS.*\=\).*/\1n/"\
                    -e "s/\(^CONFIG_SQUASHFS.*\=\)[ym]/\1n/"\
                    -e "s/\(^CONFIG_W1.*\=\)[ym]/\1n/"\
                    -e "s/\(^CONFIG_HAMRADIO.*\=\).*/\1n/"\
                    -e "s/\(^CONFIG_CAN.*\=\).*/\1n/"\
                    -e "s/\(^CONFIG_IRDA.*\=\).*/\1n/"\
                    -e "s/\(^CONFIG_BT_.*\=\).*/\1n/"\
                    -e "s/\(^CONFIG_WIMAX.*\=\)[ym]/\1n/"\
                    -e "s/\(^CONFIG_6LOWPAN.*\=\).*/\1n/"\
                    -e "s/\(^CONFIG_IEEE802154.*\=\).*/\1n/"\
                    -e "s/\(^CONFIG_NFC.*\=\).*/\1n/"\
                    -e "s/\(^CONFIG_FB_TFT=.*\=\).*/\1n/"\
                    -e "s/\(^CONFIG_TOUCHSCREEN.*\=\).*/\1n/"\
                    -e "s/\(^CONFIG_USB_GSPCA_.*\=\).*/\1n/"\
                    -e "s/\(^CONFIG_DRM.*\=\).*/\1n/"\
                    "${KERNEL_DIR}/.config"
                  fi
                  if [ "$KERNELSRC_CONFIG" = true ] ; then
                    # Load default raspberry kernel configuration
                    make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" "${KERNEL_DEFCONFIG}"
                    #Switch to KERNELSRC_DIR so we can use set_kernel_config
                    cd "${KERNEL_DIR}" || exit
              	  # enable ZSWAP see https://askubuntu.com/a/472227 or https://wiki.archlinux.org/index.php/zswap
                    if [ "$KERNEL_ZSWAP" = true ] ; then
                      set_kernel_config CONFIG_ZPOOL y
                      set_kernel_config CONFIG_ZSWAP y
                      set_kernel_config CONFIG_ZBUD y
                      set_kernel_config CONFIG_Z3FOLD y
                      set_kernel_config CONFIG_ZSMALLOC y
                      set_kernel_config CONFIG_PGTABLE_MAPPING y
              	  fi
                    # enable basic KVM support; see https://www.raspberrypi.org/forums/viewtopic.php?f=63&t=210546&start=25#p1300453
              	  if [ "$KERNEL_VIRT" = true ] && { [ "$RPI_MODEL" = 2 ] || [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] ; } ; then
                      set_kernel_config CONFIG_VIRTUALIZATION y
                      set_kernel_config CONFIG_KVM y
                      set_kernel_config CONFIG_VHOST_NET m
                      set_kernel_config CONFIG_VHOST_CROSS_ENDIAN_LEGACY y
              	  fi
                    # Netfilter kernel support See https://github.com/raspberrypi/linux/issues/2177#issuecomment-354647406
              	  if [ "$KERNEL_NF" = true ] ; then
              		set_kernel_config CONFIG_IP_NF_TARGET_SYNPROXY m
              		set_kernel_config CONFIG_NETFILTER_XT_MATCH_CGROUP m
              		set_kernel_config CONFIG_NETFILTER_XT_MATCH_IPCOMP m
              		set_kernel_config CONFIG_NETFILTER_XT_MATCH_SOCKET m
              		set_kernel_config CONFIG_NFT_FIB_INET m
              		set_kernel_config CONFIG_NFT_FIB_IPV4 m
              		set_kernel_config CONFIG_NFT_FIB_IPV6 m
              		set_kernel_config CONFIG_NFT_FIB_NETDEV m
              		set_kernel_config CONFIG_NFT_OBJREF m
              		set_kernel_config CONFIG_NFT_RT m
              		set_kernel_config CONFIG_NFT_SET_BITMAP m
              		set_kernel_config CONFIG_NF_CONNTRACK_TIMEOUT y
              		set_kernel_config CONFIG_NF_LOG_ARP m
              		set_kernel_config CONFIG_NF_SOCKET_IPV4 m
              		set_kernel_config CONFIG_NF_SOCKET_IPV6 m
                      set_kernel_config CONFIG_BRIDGE_EBT_BROUTE m
                      set_kernel_config CONFIG_BRIDGE_EBT_T_FILTER m
                      set_kernel_config CONFIG_BRIDGE_NF_EBTABLES m
                      set_kernel_config CONFIG_IP6_NF_IPTABLES m
                      set_kernel_config CONFIG_IP6_NF_MATCH_AH m
                      set_kernel_config CONFIG_IP6_NF_MATCH_EUI64 m
                      set_kernel_config CONFIG_IP6_NF_NAT m
                      set_kernel_config CONFIG_IP6_NF_TARGET_MASQUERADE m
                      set_kernel_config CONFIG_IP6_NF_TARGET_NPT m
                      set_kernel_config CONFIG_IP_SET_BITMAP_IPMAC m
                      set_kernel_config CONFIG_IP_SET_BITMAP_PORT m
                      set_kernel_config CONFIG_IP_SET_HASH_IP m
                      set_kernel_config CONFIG_IP_SET_HASH_IPMARK m
                      set_kernel_config CONFIG_IP_SET_HASH_IPPORT m
                      set_kernel_config CONFIG_IP_SET_HASH_IPPORTIP m
                      set_kernel_config CONFIG_IP_SET_HASH_IPPORTNET m
                      set_kernel_config CONFIG_IP_SET_HASH_MAC m
                      set_kernel_config CONFIG_IP_SET_HASH_NET m
                      set_kernel_config CONFIG_IP_SET_HASH_NETIFACE m
                      set_kernel_config CONFIG_IP_SET_HASH_NETNET m
                      set_kernel_config CONFIG_IP_SET_HASH_NETPORT m
                      set_kernel_config CONFIG_IP_SET_HASH_NETPORTNET m
                      set_kernel_config CONFIG_IP_SET_LIST_SET m
                      set_kernel_config CONFIG_NETFILTER_XTABLES m
                      set_kernel_config CONFIG_NETFILTER_XTABLES m
                      set_kernel_config CONFIG_NFT_BRIDGE_META m
                      set_kernel_config CONFIG_NFT_BRIDGE_REJECT m
                      set_kernel_config CONFIG_NFT_CHAIN_NAT_IPV4 m
                      set_kernel_config CONFIG_NFT_CHAIN_NAT_IPV6 m
                      set_kernel_config CONFIG_NFT_CHAIN_ROUTE_IPV4 m
                      set_kernel_config CONFIG_NFT_CHAIN_ROUTE_IPV6 m
                      set_kernel_config CONFIG_NFT_COMPAT m
                      set_kernel_config CONFIG_NFT_COUNTER m
                      set_kernel_config CONFIG_NFT_CT m
                      set_kernel_config CONFIG_NFT_DUP_IPV4 m
                      set_kernel_config CONFIG_NFT_DUP_IPV6 m
                      set_kernel_config CONFIG_NFT_DUP_NETDEV m
                      set_kernel_config CONFIG_NFT_EXTHDR m
                      set_kernel_config CONFIG_NFT_FWD_NETDEV m
                      set_kernel_config CONFIG_NFT_HASH m
                      set_kernel_config CONFIG_NFT_LIMIT m
                      set_kernel_config CONFIG_NFT_LOG m
                      set_kernel_config CONFIG_NFT_MASQ m
                      set_kernel_config CONFIG_NFT_MASQ_IPV4 m
                      set_kernel_config CONFIG_NFT_MASQ_IPV6 m
                      set_kernel_config CONFIG_NFT_META m
                      set_kernel_config CONFIG_NFT_NAT m
                      set_kernel_config CONFIG_NFT_NUMGEN m
                      set_kernel_config CONFIG_NFT_QUEUE m
                      set_kernel_config CONFIG_NFT_QUOTA m
                      set_kernel_config CONFIG_NFT_REDIR m
                      set_kernel_config CONFIG_NFT_REDIR_IPV4 m
                      set_kernel_config CONFIG_NFT_REDIR_IPV6 m
                      set_kernel_config CONFIG_NFT_REJECT m
                      set_kernel_config CONFIG_NFT_REJECT_INET m
                      set_kernel_config CONFIG_NFT_REJECT_IPV4 m
                      set_kernel_config CONFIG_NFT_REJECT_IPV6 m
                      set_kernel_config CONFIG_NFT_SET_HASH m
                      set_kernel_config CONFIG_NFT_SET_RBTREE m
                      set_kernel_config CONFIG_NF_CONNTRACK_IPV4 m
                      set_kernel_config CONFIG_NF_CONNTRACK_IPV6 m
                      set_kernel_config CONFIG_NF_DEFRAG_IPV4 m
                      set_kernel_config CONFIG_NF_DEFRAG_IPV6 m
                      set_kernel_config CONFIG_NF_DUP_IPV4 m
                      set_kernel_config CONFIG_NF_DUP_IPV6 m
                      set_kernel_config CONFIG_NF_DUP_NETDEV m
                      set_kernel_config CONFIG_NF_LOG_BRIDGE m
                      set_kernel_config CONFIG_NF_LOG_IPV4 m
                      set_kernel_config CONFIG_NF_LOG_IPV6 m
                      set_kernel_config CONFIG_NF_NAT_IPV4 m
                      set_kernel_config CONFIG_NF_NAT_IPV6 m
                      set_kernel_config CONFIG_NF_NAT_MASQUERADE_IPV4 m
                      set_kernel_config CONFIG_NF_NAT_MASQUERADE_IPV6 m
                      set_kernel_config CONFIG_NF_NAT_PPTP m
                      set_kernel_config CONFIG_NF_NAT_PROTO_GRE m
                      set_kernel_config CONFIG_NF_NAT_REDIRECT m
                      set_kernel_config CONFIG_NF_NAT_SIP m
                      set_kernel_config CONFIG_NF_NAT_SNMP_BASIC m
                      set_kernel_config CONFIG_NF_NAT_TFTP m
                      set_kernel_config CONFIG_NF_REJECT_IPV4 m
                      set_kernel_config CONFIG_NF_REJECT_IPV6 m
                      set_kernel_config CONFIG_NF_TABLES m
                      set_kernel_config CONFIG_NF_TABLES_ARP m
                      set_kernel_config CONFIG_NF_TABLES_BRIDGE m
                      set_kernel_config CONFIG_NF_TABLES_INET m
                      set_kernel_config CONFIG_NF_TABLES_IPV4 m
                      set_kernel_config CONFIG_NF_TABLES_IPV6 m
                      set_kernel_config CONFIG_NF_TABLES_NETDEV m
                    fi
              	  # Enables BPF syscall for systemd-journald see https://github.com/torvalds/linux/blob/master/init/Kconfig#L848 or https://groups.google.com/forum/#!topic/linux.gentoo.user/_2aSc_ztGpA
              	  if [ "$KERNEL_BPF" = true ] ; then
                      set_kernel_config CONFIG_BPF_SYSCALL y
              		set_kernel_config CONFIG_BPF_EVENTS y
              		set_kernel_config CONFIG_BPF_STREAM_PARSER y
              	    set_kernel_config CONFIG_CGROUP_BPF y
              	  fi
              	  # KERNEL_DEFAULT_GOV was set by user
              	  if ! [ "$KERNEL_DEFAULT_GOV" = POWERSAVE ] && [ -n "$KERNEL_DEFAULT_GOV" ]; then
              	    # unset default governor
              	    unset_kernel_config CONFIG_CPU_FREQ_DEFAULT_GOV_POWERSAVE
              	    case "$KERNEL_DEFAULT_GOV" in
                        "PERFORMANCE")
              	        set_kernel_config CONFIG_CPU_FREQ_DEFAULT_GOV_PERFORMANCE y
                          ;;
                        "USERSPACE")
                          set_kernel_config CONFIG_CPU_FREQ_DEFAULT_GOV_USERSPACE y
                          ;;
                        "ONDEMAND")
              		    set_kernel_config CONFIG_CPU_FREQ_DEFAULT_GOV_ONDEMAND y
                          ;;
                        "CONSERVATIVE")
              		    set_kernel_config CONFIG_CPU_FREQ_DEFAULT_GOV_CONSERVATIVE y
              		    ;;
                        "CONSERVATIVE")
              		    set_kernel_config CONFIG_CPU_FREQ_DEFAULT_GOV_SCHEDUTIL y
                          ;;
                        *)
                          echo "error: unsupported default cpu governor"
                          exit 1
                          ;;
                      esac
              	  fi
              	  #Revert to previous directory
              	  cd "${WORKDIR}" || exit
                    # Set kernel configuration parameters to enable qemu emulation
                    if [ "$ENABLE_QEMU" = true ] ; then
                      echo "CONFIG_FHANDLE=y" >> "${KERNEL_DIR}"/.config
                      echo "CONFIG_LBDAF=y" >> "${KERNEL_DIR}"/.config
                      if [ "$ENABLE_CRYPTFS" = true ] ; then
                        {
                          echo "CONFIG_EMBEDDED=y"
                          echo "CONFIG_EXPERT=y"
                          echo "CONFIG_DAX=y"
                          echo "CONFIG_MD=y"
                          echo "CONFIG_BLK_DEV_MD=y"
                          echo "CONFIG_MD_AUTODETECT=y"
                          echo "CONFIG_BLK_DEV_DM=y"
                          echo "CONFIG_BLK_DEV_DM_BUILTIN=y"
                          echo "CONFIG_DM_CRYPT=y"
                          echo "CONFIG_CRYPTO_BLKCIPHER=y"
                          echo "CONFIG_CRYPTO_CBC=y"
                          echo "CONFIG_CRYPTO_XTS=y"
                          echo "CONFIG_CRYPTO_SHA512=y"
                          echo "CONFIG_CRYPTO_MANAGER=y"
                        } >> "${KERNEL_DIR}"/.config
                      fi
                    fi
                    # Copy custom kernel configuration file
                    if [ -n "$KERNELSRC_USRCONFIG" ] ; then
                      cp "$KERNELSRC_USRCONFIG" "${KERNEL_DIR}"/.config
                    fi
                    # Set kernel configuration parameters to their default values
                    if [ "$KERNEL_OLDDEFCONFIG" = true ] ; then
                      make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" olddefconfig
                    fi
                    # Start menu-driven kernel configuration (interactive)
                    if [ "$KERNEL_MENUCONFIG" = true ] ; then
                      make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" menuconfig
                    fi
              	# end if "$KERNELSRC_CONFIG" = true
                  fi
                  # Use ccache to cross compile the kernel
                  if [ "$KERNEL_CCACHE" = true ] ; then
                    cc="ccache ${CROSS_COMPILE}gcc"
                  else
                    cc="${CROSS_COMPILE}gcc"
                  fi
                  # Cross compile kernel and dtbs
                  make -C "${KERNEL_DIR}" -j"${KERNEL_THREADS}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" CC="${cc}" "${KERNEL_BIN_IMAGE}" dtbs
                  # Cross compile kernel modules
                  if grep -q "CONFIG_MODULES=y" "${KERNEL_DIR}/.config" ; then
                    make -C "${KERNEL_DIR}" -j"${KERNEL_THREADS}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" CC="${cc}" modules
                  fi
                # end if "$KERNELSRC_PREBUILT" = false
                fi
                # Check if kernel compilation was successful
                if [ ! -r "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/${KERNEL_BIN_IMAGE}" ] ; then
                  echo "error: kernel compilation failed! (kernel image not found)"
                  cleanup
                  exit 1
                fi
                # Install kernel modules
                if [ "$ENABLE_REDUCE" = true ] ; then
                  if grep -q "CONFIG_MODULES=y" "${KERNEL_DIR}/.config" ; then
                    make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_MOD_STRIP=1 INSTALL_MOD_PATH=../../.. modules_install
                  fi
                else
                  if grep -q "CONFIG_MODULES=y" "${KERNEL_DIR}/.config" ; then
                    make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_MOD_PATH=../../.. modules_install
                  fi
                  # Install kernel firmware
                  if grep -q "^firmware_install:" "${KERNEL_DIR}/Makefile" ; then
                    make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_FW_PATH=../../../lib firmware_install
                  fi
                fi
                # Install kernel headers
                if [ "$KERNEL_HEADERS" = true ] && [ "$KERNEL_REDUCE" = false ] ; then
                  make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_HDR_PATH=../.. headers_install
                fi
              # make tar.gz kernel package - missing os bzw. modules
              #** ** **  WARNING  ** ** **
              #Your architecture did not define any architecture-dependent files
              #to be placed into the tarball. Please add those to ./scripts/package/buildtar .
              #  make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" CC="${cc}" targz-pkg
                # Prepare boot (firmware) directory
                mkdir "${BOOT_DIR}"
                # Get kernel release version
                KERNEL_VERSION=$(cat "${KERNEL_DIR}/include/config/kernel.release")
                # Copy kernel configuration file to the boot directory
                install_readonly "${KERNEL_DIR}/.config" "${R}/boot/config-${KERNEL_VERSION}"
                # Prepare device tree directory
                mkdir "${BOOT_DIR}/overlays"
                # Ensure the proper .dtb is located
                if [ "$KERNEL_ARCH" = "arm" ] ; then
                  for dtb in "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/"*.dtb ; do
                    if [ -f "${dtb}" ] ; then
                      install_readonly "${dtb}" "${BOOT_DIR}/"
                    fi
                  done
                else
                  for dtb in "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/broadcom/"*.dtb ; do
                    if [ -f "${dtb}" ] ; then
                      install_readonly "${dtb}" "${BOOT_DIR}/"
                    fi
                  done
                fi
                # Copy compiled dtb device tree files
                if [ -d "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays" ] ; then
                  for dtb in "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays/"*.dtb ; do
                    if [ -f "${dtb}" ] ; then
                      install_readonly "${dtb}" "${BOOT_DIR}/overlays/"
                    fi
                  done
                  if [ -f "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays/README" ] ; then
                    install_readonly "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays/README" "${BOOT_DIR}/overlays/README"
                  fi
                fi
                if [ "$ENABLE_UBOOT" = false ] ; then
                  # Convert and copy kernel image to the boot directory
                  "${KERNEL_DIR}/scripts/mkknlimg" "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/${KERNEL_BIN_IMAGE}" "${BOOT_DIR}/${KERNEL_IMAGE}"
                else
                  # Copy kernel image to the boot directory
                  install_readonly "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/${KERNEL_BIN_IMAGE}" "${BOOT_DIR}/${KERNEL_IMAGE}"
                fi
                # Remove kernel sources
                if [ "$KERNEL_REMOVESRC" = true ] ; then
                  rm -fr "${KERNEL_DIR}"
                else
                  # Prepare compiled kernel modules
                  if grep -q "CONFIG_MODULES=y" "${KERNEL_DIR}/.config" ; then
                    if grep -q "^modules_prepare:" "${KERNEL_DIR}/Makefile" ; then
                      make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" modules_prepare
                    fi
                    # Create symlinks for kernel modules
                    chroot_exec ln -sf /usr/src/linux "/lib/modules/${KERNEL_VERSION}/build"
                    chroot_exec ln -sf /usr/src/linux "/lib/modules/${KERNEL_VERSION}/source"
                  fi
                fi
              else # BUILD_KERNEL=false
                #  echo Install precompiled kernel...
                #  echo error: not implemented
                if [ "$SET_ARCH" = 64 ] && { [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] ; } ; then
              	# Use Sakakis modified kernel if ZSWAP is active
                  if [ "$KERNEL_ZSWAP" = true ] || [ "$KERNEL_VIRT" = true ] || [ "$KERNEL_NF" = true ] || [ "$KERNEL_BPF" = true ] ; then
              	  RPI3_64_KERNEL_URL=RPI3_64_BIS_KERNEL_URL
              	fi
                  # Create temporary directory for dl
                  temp_dir=$(as_nobody mktemp -d)
                  # Fetch kernel dl
                  as_nobody wget -O "${temp_dir}"/kernel.tar.xz -c "$RPI3_64_KERNEL_URL"
                  #extract download
                  tar -xJf "${temp_dir}"/kernel.tar.xz -C "${temp_dir}"
                  #move extracted kernel to /boot/firmware
                  mkdir "${R}/boot/firmware"
                  cp "${temp_dir}"/boot/* "${R}"/boot/firmware/
                  cp -r "${temp_dir}"/lib/* "${R}"/lib/
                  # Remove temporary directory for kernel sources
                  rm -fr "${temp_dir}"
                  # Set permissions of the kernel sources
                  chown -R root:root "${R}/boot/firmware"
                  chown -R root:root "${R}/lib/modules"
                fi
                # INstall Kernel from hypriot comptabile with all Raspberry PI
                if [ "$SET_ARCH" = 32 ] ; then
                  # Create temporary directory for dl
                  temp_dir=$(as_nobody mktemp -d)
                  # Fetch kernel
                  as_nobody wget -O "${temp_dir}"/kernel.deb -c "$RPI_32_KERNEL_URL"
                  # Copy downloaded U-Boot sources
                  mv "${temp_dir}"/kernel.deb "${R}"/tmp/kernel.deb
                  # Set permissions
                  chown -R root:root "${R}"/tmp/kernel.deb
              	# Install kernel
              	chroot_exec dpkg -i /tmp/kernel.deb
              	# move /boot to /boot/firmware to fit script env.
              	#mkdir "${BOOT_DIR}"
              	mkdir "${temp_dir}"/firmware
              	mv  "${R}"/boot/* "${temp_dir}"/firmware/
              	mv "${temp_dir}"/firmware "${R}"/boot/
              	#same for kernel headers
              	if [ "$KERNEL_HEADERS" = true ] ; then
              	  # Fetch kernel header
              	  as_nobody wget -O "${temp_dir}"/kernel-header.deb -c "$RPI_32_KERNELHEADER_URL"
              	  mv "${temp_dir}"/kernel-header.deb "${R}"/tmp/kernel-header.deb
              	  chown -R root:root "${R}"/tmp/kernel-header.deb
              	  # Install kernel header
              	  chroot_exec dpkg -i /tmp/kernel-header.deb
              	  rm -f "${R}"/tmp/kernel-header.deb
              	fi
                  # Remove temporary directory and files
                  rm -fr "${temp_dir}"
              	rm -f "${R}"/tmp/kernel.deb
                fi
                # Check if kernel installation was successful
                KERNEL="$(ls -1 "${R}"/boot/firmware/kernel* | sort | tail -n 1)"
                if [ -z "$KERNEL" ] ; then
                  echo "error: kernel installation failed! (/boot/kernel* not found)"
                  cleanup
                  exit 1
                fi
              fi

rpi23-gen-image.sh +8 -6

              #!/bin/sh
              ########################################################################
              # rpi23-gen-image.sh					       2015-2017
              #
              # Advanced Debian "stretch" and "buster" bootstrap script for RPi2/3
              #
              # This program is free software; you can redistribute it and/or
              # modify it under the terms of the GNU General Public License
              # as published by the Free Software Foundation; either version 2
              # of the License, or (at your option) any later version.
              #
              # Copyright (C) 2015 Jan Wagner <mail@jwagner.eu>
              #
              # Big thanks for patches and enhancements by 20+ github contributors!
              ########################################################################
              # Are we running as root?
              if [ "$(id -u)" -ne "0" ] ; then
                echo "error: this script must be executed with root privileges!"
                exit 1
              fi
              # Check if ./functions.sh script exists
              if [ ! -r "./functions.sh" ] ; then
                echo "error: './functions.sh' required script not found!"
                exit 1
              fi
              # Load utility functions
              . ./functions.sh
              # Load parameters from configuration template file
              if [ -n "$CONFIG_TEMPLATE" ] ; then
                use_template
              fi
              # Introduce settings
              set -e
              echo -n -e "\n#\n# RPi2/3 Bootstrap Settings\n#\n"
              set -x
              # Raspberry Pi model configuration
              RPI_MODEL=${RPI_MODEL:=2}
              # Debian release
              RELEASE=${RELEASE:=buster}
              # Kernel Branch
              KERNEL_BRANCH=${KERNEL_BRANCH:=""}
              # URLs
              KERNEL_URL=${KERNEL_URL:=https://github.com/raspberrypi/linux}
              FIRMWARE_URL=${FIRMWARE_URL:=https://github.com/raspberrypi/firmware/raw/master/boot}
              WLAN_FIRMWARE_URL=${WLAN_FIRMWARE_URL:=https://github.com/RPi-Distro/firmware-nonfree/raw/master/brcm}
              COLLABORA_URL=${COLLABORA_URL:=https://repositories.collabora.co.uk/debian}
              FBTURBO_URL=${FBTURBO_URL:=https://github.com/ssvb/xf86-video-fbturbo.git}
              UBOOT_URL=${UBOOT_URL:=https://git.denx.de/u-boot.git}
              VIDEOCORE_URL=${VIDEOCORE_URL:=https://github.com/raspberrypi/userland}
-             #BIS= Kernel has KVM and zswap enabled
-             RPI3_64_BIS_KERNEL_URL=${RPI3_64_BIS_KERNEL_URL:=https://github.com/sakaki-/bcmrpi3-kernel-bis/releases/download/4.14.80.20181113/bcmrpi3-kernel-bis-4.14.80.20181113.tar.xz}
-             #default bcmrpi3_defconfig target kernel
-             RPI3_64_DEF_KERNEL_URL=${RPI3_64_DEF_KERNEL_URL:=https://github.com/sakaki-/bcmrpi3-kernel/releases/download/4.14.80.20181113/bcmrpi3-kernel-4.14.80.20181113.tar.xz}
-             #enhanced kernel
-             RPI3_64_KERNEL_URL=${RPI3_64_KERNEL_URL:=$RPI3_64_DEF_KERNEL_URL}
              BLUETOOTH_URL=${BLUETOOTH_URL:=https://github.com/RPi-Distro/pi-bluetooth.git}
              NEXMON_URL=${NEXMON_URL:=https://github.com/seemoo-lab/nexmon.git}
              SYSTEMDSWAP_URL=${SYSTEMDSWAP_URL:=https://github.com/Nefelim4ag/systemd-swap.git}
+             # Kernel deb packages for 32bit kernel
              RPI_32_KERNEL_URL=${RPI_32_KERNEL_URL:=https://github.com/hypriot/rpi-kernel/releases/download/v4.14.34/raspberrypi-kernel_20180422-141901_armhf.deb}
              RPI_32_KERNELHEADER_URL=${RPI_32_KERNELHEADER_URL:=https://github.com/hypriot/rpi-kernel/releases/download/v4.14.34/raspberrypi-kernel-headers_20180422-141901_armhf.deb}
+             # Kernel has KVM and zswap enabled - use if KERNEL_* parameters and precompiled kernel are used
+             RPI3_64_BIS_KERNEL_URL=${RPI3_64_BIS_KERNEL_URL:=https://github.com/sakaki-/bcmrpi3-kernel-bis/releases/download/4.14.80.20181113/bcmrpi3-kernel-bis-4.14.80.20181113.tar.xz}
+             # Default precompiled 64bit kernel
+             RPI3_64_DEF_KERNEL_URL=${RPI3_64_DEF_KERNEL_URL:=https://github.com/sakaki-/bcmrpi3-kernel/releases/download/4.14.80.20181113/bcmrpi3-kernel-4.14.80.20181113.tar.xz}
+             # Generic
+             RPI3_64_KERNEL_URL=${RPI3_64_KERNEL_URL:=$RPI3_64_DEF_KERNEL_URL}
              # Build directories
              WORKDIR=$(pwd)
              BASEDIR=${BASEDIR:=${WORKDIR}/images/${RELEASE}}
              BUILDDIR="${BASEDIR}/build"
              # Chroot directories
              R="${BUILDDIR}/chroot"
              ETC_DIR="${R}/etc"
              LIB_DIR="${R}/lib"
              BOOT_DIR="${R}/boot/firmware"
              KERNEL_DIR="${R}/usr/src/linux"
              WLAN_FIRMWARE_DIR="${LIB_DIR}/firmware/brcm"
              BLUETOOTH_FIRMWARE_DIR="${ETC_DIR}/firmware/bt"
              # Firmware directory: Blank if download from github
              RPI_FIRMWARE_DIR=${RPI_FIRMWARE_DIR:=""}
              # General settings
              SET_ARCH=${SET_ARCH:=32}
              HOSTNAME=${HOSTNAME:=rpi${RPI_MODEL}-${RELEASE}}
              PASSWORD=${PASSWORD:=raspberry}
              USER_PASSWORD=${USER_PASSWORD:=raspberry}
              DEFLOCAL=${DEFLOCAL:="en_US.UTF-8"}
              TIMEZONE=${TIMEZONE:="Europe/Berlin"}
              EXPANDROOT=${EXPANDROOT:=true}
              # Keyboard settings
              XKB_MODEL=${XKB_MODEL:=""}
              XKB_LAYOUT=${XKB_LAYOUT:=""}
              XKB_VARIANT=${XKB_VARIANT:=""}
              XKB_OPTIONS=${XKB_OPTIONS:=""}
              # Network settings (DHCP)
              ENABLE_DHCP=${ENABLE_DHCP:=true}
              # Network settings (static)
              NET_ADDRESS=${NET_ADDRESS:=""}
              NET_GATEWAY=${NET_GATEWAY:=""}
              NET_DNS_1=${NET_DNS_1:=""}
              NET_DNS_2=${NET_DNS_2:=""}
              NET_DNS_DOMAINS=${NET_DNS_DOMAINS:=""}
              NET_NTP_1=${NET_NTP_1:=""}
              NET_NTP_2=${NET_NTP_2:=""}
              # APT settings
              APT_PROXY=${APT_PROXY:=""}
              APT_SERVER=${APT_SERVER:="ftp.debian.org"}
              # Feature settings
              ENABLE_PRINTK=${ENABLE_PRINTK:=false}
              ENABLE_BLUETOOTH=${ENABLE_BLUETOOTH:=false}
              ENABLE_MINIUART_OVERLAY=${ENABLE_MINIUART_OVERLAY:=false}
              ENABLE_CONSOLE=${ENABLE_CONSOLE:=true}
              ENABLE_I2C=${ENABLE_I2C:=false}
              ENABLE_SPI=${ENABLE_SPI:=false}
              ENABLE_IPV6=${ENABLE_IPV6:=true}
              ENABLE_SSHD=${ENABLE_SSHD:=true}
              ENABLE_NONFREE=${ENABLE_NONFREE:=false}
              ENABLE_WIRELESS=${ENABLE_WIRELESS:=false}
              ENABLE_SOUND=${ENABLE_SOUND:=true}
              ENABLE_DBUS=${ENABLE_DBUS:=true}
              ENABLE_HWRANDOM=${ENABLE_HWRANDOM:=true}
              ENABLE_MINGPU=${ENABLE_MINGPU:=false}
              ENABLE_XORG=${ENABLE_XORG:=false}
              ENABLE_WM=${ENABLE_WM:=""}
              ENABLE_RSYSLOG=${ENABLE_RSYSLOG:=true}
              ENABLE_USER=${ENABLE_USER:=true}
              USER_NAME=${USER_NAME:="pi"}
              ENABLE_ROOT=${ENABLE_ROOT:=false}
              ENABLE_QEMU=${ENABLE_QEMU:=false}
              ENABLE_SYSVINIT=${ENABLE_SYSVINIT:=false}
              # SSH settings
              SSH_ENABLE_ROOT=${SSH_ENABLE_ROOT:=false}
              SSH_DISABLE_PASSWORD_AUTH=${SSH_DISABLE_PASSWORD_AUTH:=false}
              SSH_LIMIT_USERS=${SSH_LIMIT_USERS:=false}
              SSH_ROOT_PUB_KEY=${SSH_ROOT_PUB_KEY:=""}
              SSH_USER_PUB_KEY=${SSH_USER_PUB_KEY:=""}
              # Advanced settings
              ENABLE_SYSTEMDSWAP=${ENABLE_MINBASE:=false}
              ENABLE_MINBASE=${ENABLE_MINBASE:=false}
              ENABLE_REDUCE=${ENABLE_REDUCE:=false}
              ENABLE_UBOOT=${ENABLE_UBOOT:=false}
              UBOOTSRC_DIR=${UBOOTSRC_DIR:=""}
              ENABLE_UBOOTUSB=${ENABLE_UBOOTUSB=false}
              ENABLE_FBTURBO=${ENABLE_FBTURBO:=false}
              ENABLE_VIDEOCORE=${ENABLE_VIDEOCORE:=false}
              ENABLE_NEXMON=${ENABLE_NEXMON:=false}
              VIDEOCORESRC_DIR=${VIDEOCORESRC_DIR:=""}
              FBTURBOSRC_DIR=${FBTURBOSRC_DIR:=""}
              NEXMONSRC_DIR=${NEXMONSRC_DIR:=""}
              ENABLE_HARDNET=${ENABLE_HARDNET:=false}
              ENABLE_IPTABLES=${ENABLE_IPTABLES:=false}
              ENABLE_SPLITFS=${ENABLE_SPLITFS:=false}
              ENABLE_INITRAMFS=${ENABLE_INITRAMFS:=false}
              ENABLE_IFNAMES=${ENABLE_IFNAMES:=true}
              DISABLE_UNDERVOLT_WARNINGS=${DISABLE_UNDERVOLT_WARNINGS:=}
              # Kernel compilation settings
              BUILD_KERNEL=${BUILD_KERNEL:=true}
              KERNEL_REDUCE=${KERNEL_REDUCE:=false}
              KERNEL_THREADS=${KERNEL_THREADS:=1}
              KERNEL_HEADERS=${KERNEL_HEADERS:=true}
              KERNEL_MENUCONFIG=${KERNEL_MENUCONFIG:=false}
              KERNEL_REMOVESRC=${KERNEL_REMOVESRC:=true}
              KERNEL_OLDDEFCONFIG=${KERNEL_OLDDEFCONFIG:=false}
              KERNEL_CCACHE=${KERNEL_CCACHE:=false}
              KERNEL_ZSWAP=${KERNEL_ZSWAP:=false}
              KERNEL_VIRT=${KERNEL_VIRT:=false}
              KERNEL_BPF=${KERNEL_BPF:=false}
              KERNEL_DEFAULT_GOV=${KERNEL_DEFAULT_GOV:=POWERSAVE}
              # Kernel compilation from source directory settings
              KERNELSRC_DIR=${KERNELSRC_DIR:=""}
              KERNELSRC_CLEAN=${KERNELSRC_CLEAN:=false}
              KERNELSRC_CONFIG=${KERNELSRC_CONFIG:=true}
              KERNELSRC_PREBUILT=${KERNELSRC_PREBUILT:=false}
              # Reduce disk usage settings
              REDUCE_APT=${REDUCE_APT:=true}
              REDUCE_DOC=${REDUCE_DOC:=true}
              REDUCE_MAN=${REDUCE_MAN:=true}
              REDUCE_VIM=${REDUCE_VIM:=false}
              REDUCE_BASH=${REDUCE_BASH:=false}
              REDUCE_HWDB=${REDUCE_HWDB:=true}
              REDUCE_SSHD=${REDUCE_SSHD:=true}
              REDUCE_LOCALE=${REDUCE_LOCALE:=true}
              # Encrypted filesystem settings
              ENABLE_CRYPTFS=${ENABLE_CRYPTFS:=false}
              CRYPTFS_PASSWORD=${CRYPTFS_PASSWORD:=""}
              CRYPTFS_MAPPING=${CRYPTFS_MAPPING:="secure"}
              CRYPTFS_CIPHER=${CRYPTFS_CIPHER:="aes-xts-plain64:sha512"}
              CRYPTFS_XTSKEYSIZE=${CRYPTFS_XTSKEYSIZE:=512}
              #Dropbear-initramfs supports unlocking encrypted filesystem via SSH on bootup
              CRYPTFS_DROPBEAR=${CRYPTFS_DROPBEAR:=false}
              #Provide your own Dropbear Public RSA-OpenSSH Key otherwise it will be generated
              CRYPTFS_DROPBEAR_PUBKEY=${CRYPTFS_DROPBEAR_PUBKEY:=""}
              # Chroot scripts directory
              CHROOT_SCRIPTS=${CHROOT_SCRIPTS:=""}
              # Packages required in the chroot build environment
              APT_INCLUDES=${APT_INCLUDES:=""}
              APT_INCLUDES="${APT_INCLUDES},apt-transport-https,apt-utils,ca-certificates,debian-archive-keyring,dialog,sudo,systemd,sysvinit-utils,locales,keyboard-configuration,console-setup,libnss-systemd"
              #Packages to exclude from chroot build environment
              APT_EXCLUDES=${APT_EXCLUDES:=""}
              # Packages required for bootstrapping
              REQUIRED_PACKAGES="debootstrap debian-archive-keyring qemu-user-static binfmt-support dosfstools rsync bmap-tools whois git bc psmisc dbus sudo netselect-apt"
              MISSING_PACKAGES=""
              # Packages installed for c/c++ build environment in chroot (keep empty)
              COMPILER_PACKAGES=""
              #Check if apt-cacher-ng has port 3142 open and set APT_PROXY
              APT_CACHER_RUNNING=$(lsof -i :3142 | cut -d ' ' -f3 | uniq | sed '/^\s*$/d')
              if [ "${APT_CACHER_RUNNING}" = "apt-cacher-ng" ] ; then
                APT_PROXY=http://127.0.0.1:3142/
              fi
              #netselect-apt does not know buster yet
              if  [ "$RELEASE" = "buster" ] ; then
                RLS=testing
              else
                RLS="$RELEASE"
              fi
              if [ -f "$(pwd)/files/apt/sources.list" ] ; then
              rm "$(pwd)/files/apt/sources.list"
              fi
              if [ "$ENABLE_NONFREE" = true ] ; then
                netselect-apt --arch "$RELEASE_ARCH" -t 3 --sources --nonfree  --outfile "$(pwd)/files/apt/sources.list"  -d "$RLS"
              else
                netselect-apt --arch "$RELEASE_ARCH" -t 3 --sources --outfile "$(pwd)/files/apt/sources.list" -d "$RLS"
              fi
              #sed and cut the result string so we can use it as APT_SERVER
              APT_SERVER=$(grep -m 1 http files/apt/sources.list | sed "s|http://| |g" | cut -d ' ' -f 3 | sed 's|/$|''|')
              #make script easier and more stable to use with convenient setup switch. Just setup SET_ARCH and RPI_MODEL and your good to go!
              if [ -n "$SET_ARCH" ] ; then
                # 64 bit configuration
                if [ "$SET_ARCH" = 64 ] ; then
                  # General 64 bit depended settings
                  QEMU_BINARY=${QEMU_BINARY:=/usr/bin/qemu-aarch64-static}
                  KERNEL_ARCH=${KERNEL_ARCH:=arm64}
                  KERNEL_BIN_IMAGE=${KERNEL_BIN_IMAGE:="Image"}
                  # Board specific settings
                  if [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] ; then
                    REQUIRED_PACKAGES="${REQUIRED_PACKAGES} crossbuild-essential-arm64"
                    KERNEL_DEFCONFIG=${KERNEL_DEFCONFIG:=bcmrpi3_defconfig}
                    RELEASE_ARCH=${RELEASE_ARCH:=arm64}
                    KERNEL_IMAGE=${KERNEL_IMAGE:=kernel8.img}
                    CROSS_COMPILE=${CROSS_COMPILE:=aarch64-linux-gnu-}
                  else
                    echo "error: Only Raspberry PI 3 and 3B+ support 64 bit"
                    exit 1
                  fi
                fi
                # 32 bit configuration
                if [ "$SET_ARCH" = 32 ] ; then
                  # General 32 bit dependend settings
                  QEMU_BINARY=${QEMU_BINARY:=/usr/bin/qemu-arm-static}
                  KERNEL_ARCH=${KERNEL_ARCH:=arm}
                  KERNEL_BIN_IMAGE=${KERNEL_BIN_IMAGE:="zImage"}
                  # Hardware specific settings
                  if [ "$RPI_MODEL" = 0 ] || [ "$RPI_MODEL" = 1 ] || [ "$RPI_MODEL" = 1P ] ; then
                    REQUIRED_PACKAGES="${REQUIRED_PACKAGES} crossbuild-essential-armel"
                    KERNEL_DEFCONFIG=${KERNEL_DEFCONFIG:=bcmrpi_defconfig}
                    RELEASE_ARCH=${RELEASE_ARCH:=armel}
                    KERNEL_IMAGE=${KERNEL_IMAGE:=kernel.img}
                    CROSS_COMPILE=${CROSS_COMPILE:=arm-linux-gnueabi-}
                  fi
                  # Hardware specific settings
                  if [ "$RPI_MODEL" = 2 ] || [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] ; then
                    REQUIRED_PACKAGES="${REQUIRED_PACKAGES} crossbuild-essential-armhf"
                    KERNEL_DEFCONFIG=${KERNEL_DEFCONFIG:=bcm2709_defconfig}
                    RELEASE_ARCH=${RELEASE_ARCH:=armhf}
                    KERNEL_IMAGE=${KERNEL_IMAGE:=kernel7.img}
                    CROSS_COMPILE=${CROSS_COMPILE:=arm-linux-gnueabihf-}
                  fi
                fi
              #SET_ARCH not set
              else
                echo "error: Please set '32' or '64' as value for SET_ARCH"
                exit 1
              fi
              # Device specific configuration and U-Boot configuration
              case "$RPI_MODEL" in
 )
                  DTB_FILE=${DTB_FILE:=bcm2708-rpi-0-w.dtb}
                  UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_defconfig}
                  ;;
 )
                  DTB_FILE=${DTB_FILE:=bcm2708-rpi-b.dtb}
                  UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_defconfig}
                  ;;
 P)
                  DTB_FILE=${DTB_FILE:=bcm2708-rpi-b-plus.dtb}
                  UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_defconfig}
                  ;;
 )
                  DTB_FILE=${DTB_FILE:=bcm2709-rpi-2-b.dtb}
                  UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_2_defconfig}
                  ;;
 )
                  DTB_FILE=${DTB_FILE:=bcm2710-rpi-3-b.dtb}
                  UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_3_defconfig}
                  ;;
 P)
                  DTB_FILE=${DTB_FILE:=bcm2710-rpi-3-b.dtb}
                  UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_3_defconfig}
                  ;;
                *)
                  echo "error: Raspberry Pi model $RPI_MODEL is not supported!"
                  exit 1
                  ;;
              esac
              # Raspberry PI 0,3,3P with Bluetooth and Wifi onboard
              if [ "$RPI_MODEL" = 0 ] || [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] ; then
                # Include bluetooth packages on supported boards
                if [ "$ENABLE_BLUETOOTH" = true ] && [ "$ENABLE_CONSOLE" = false ]; then
                  APT_INCLUDES="${APT_INCLUDES},bluetooth,bluez"
                fi
              else # Raspberry PI 1,1P,2 without Wifi and bluetooth onboard
                # Check if the internal wireless interface is not supported by the RPi model
                if [ "$ENABLE_WIRELESS" = true ] || [ "$ENABLE_BLUETOOTH" = true ]; then
                  echo "error: The selected Raspberry Pi model has no integrated interface for wireless or bluetooth"
                  exit 1
                fi
              fi
              # Prepare date string for default image file name
              DATE="$(date +%Y-%m-%d)"
              if [ -z "$KERNEL_BRANCH" ] ; then
                IMAGE_NAME=${IMAGE_NAME:=${BASEDIR}/${DATE}-${KERNEL_ARCH}-CURRENT-rpi${RPI_MODEL}-${RELEASE}-${RELEASE_ARCH}}
              else
                IMAGE_NAME=${IMAGE_NAME:=${BASEDIR}/${DATE}-${KERNEL_ARCH}-${KERNEL_BRANCH}-rpi${RPI_MODEL}-${RELEASE}-${RELEASE_ARCH}}
              fi
              # Check if DISABLE_UNDERVOLT_WARNINGS parameter value is supported
              if [ -n "$DISABLE_UNDERVOLT_WARNINGS" ] ; then
                if [ "$DISABLE_UNDERVOLT_WARNINGS" != 1 ] && [ "$DISABLE_UNDERVOLT_WARNINGS" != 2 ] ; then
                  echo "error: DISABLE_UNDERVOLT_WARNINGS=${DISABLE_UNDERVOLT_WARNINGS} is not supported"
                  exit 1
                fi
              fi
              set +x
              # Add cmake to compile videocore sources
              if [ "$ENABLE_VIDEOCORE" = true ] ; then
                REQUIRED_PACKAGES="${REQUIRED_PACKAGES} cmake"
              fi
              # Add deps for nexmon
              if [ "$ENABLE_NEXMON" = true ] ; then
                REQUIRED_PACKAGES="${REQUIRED_PACKAGES},libgmp3-dev,gawk,qpdf,bison,flex,make,autoconf,automake,build-essential,libtool"
              fi
              # Add libncurses5 to enable kernel menuconfig
              if [ "$KERNEL_MENUCONFIG" = true ] ; then
                REQUIRED_PACKAGES="${REQUIRED_PACKAGES} libncurses-dev"
              fi
              # Add ccache compiler cache for (faster) kernel cross (re)compilation
              if [ "$KERNEL_CCACHE" = true ] ; then
                REQUIRED_PACKAGES="${REQUIRED_PACKAGES} ccache"
              fi
              # Add cryptsetup package to enable filesystem encryption
              if [ "$ENABLE_CRYPTFS" = true ]  && [ "$BUILD_KERNEL" = true ] ; then
                REQUIRED_PACKAGES="${REQUIRED_PACKAGES} cryptsetup"
                APT_INCLUDES="${APT_INCLUDES},cryptsetup,busybox,console-setup"
                #If cryptfs,dropbear and initramfs are enabled include dropbear-initramfs package
                if [ "$CRYPTFS_DROPBEAR" = true ] && [ "$ENABLE_INITRAMFS" = true ]; then
                  APT_INCLUDES="${APT_INCLUDES},dropbear-initramfs"
                fi
                if [ -z "$CRYPTFS_PASSWORD" ] ; then
                  echo "error: no password defined (CRYPTFS_PASSWORD)!"
                  exit 1
                fi
                ENABLE_INITRAMFS=true
              fi
              # Add initramfs generation tools
              if [ "$ENABLE_INITRAMFS" = true ] && [ "$BUILD_KERNEL" = true ] ; then
                APT_INCLUDES="${APT_INCLUDES},initramfs-tools"
              fi
              # Add device-tree-compiler required for building the U-Boot bootloader
              if [ "$ENABLE_UBOOT" = true ] ; then
                APT_INCLUDES="${APT_INCLUDES},device-tree-compiler,bison,flex,bc"
              else
                if [ "$ENABLE_UBOOTUSB" = true ] ; then
                  echo "error: Enabling UBOOTUSB requires u-boot to be enabled"
              	exit 1
                fi
              fi
              # Check if root SSH (v2) public key file exists
              if [ -n "$SSH_ROOT_PUB_KEY" ] ; then
                if [ ! -f "$SSH_ROOT_PUB_KEY" ] ; then
                  echo "error: '$SSH_ROOT_PUB_KEY' specified SSH public key file not found (SSH_ROOT_PUB_KEY)!"
                  exit 1
                fi
              fi
              # Check if $USER_NAME SSH (v2) public key file exists
              if [ -n "$SSH_USER_PUB_KEY" ] ; then
                if [ ! -f "$SSH_USER_PUB_KEY" ] ; then
                  echo "error: '$SSH_USER_PUB_KEY' specified SSH public key file not found (SSH_USER_PUB_KEY)!"
                  exit 1
                fi
              fi
              # Check if all required packages are installed on the build system
              for package in $REQUIRED_PACKAGES ; do
                if [ "$(dpkg-query -W -f='${Status}' "$package")" != "install ok installed" ] ; then
                  MISSING_PACKAGES="${MISSING_PACKAGES} $package"
                fi
              done
              # If there are missing packages ask confirmation for install, or exit
              if [ -n "$MISSING_PACKAGES" ] ; then
                echo "the following packages needed by this script are not installed:"
                echo "$MISSING_PACKAGES"
                printf "\ndo you want to install the missing packages right now? [y/n] "
                read -r confirm
                [ "$confirm" != "y" ] && exit 1
                # Make sure all missing required packages are installed
                apt-get -qq -y install "${MISSING_PACKAGES}"
              fi
              # Check if ./bootstrap.d directory exists
              if [ ! -d "./bootstrap.d/" ] ; then
                echo "error: './bootstrap.d' required directory not found!"
                exit 1
              fi
              # Check if ./files directory exists
              if [ ! -d "./files/" ] ; then
                echo "error: './files' required directory not found!"
                exit 1
              fi
              # Check if specified KERNELSRC_DIR directory exists
              if [ -n "$KERNELSRC_DIR" ] && [ ! -d "$KERNELSRC_DIR" ] ; then
                echo "error: '${KERNELSRC_DIR}' specified directory not found (KERNELSRC_DIR)!"
                exit 1
              fi
              # Check if specified UBOOTSRC_DIR directory exists
              if [ -n "$UBOOTSRC_DIR" ] && [ ! -d "$UBOOTSRC_DIR" ] ; then
                echo "error: '${UBOOTSRC_DIR}' specified directory not found (UBOOTSRC_DIR)!"
                exit 1
              fi
              # Check if specified VIDEOCORESRC_DIR directory exists
              if [ -n "$VIDEOCORESRC_DIR" ] && [ ! -d "$VIDEOCORESRC_DIR" ] ; then
                echo "error: '${VIDEOCORESRC_DIR}' specified directory not found (VIDEOCORESRC_DIR)!"
                exit 1
              fi
              # Check if specified FBTURBOSRC_DIR directory exists
              if [ -n "$FBTURBOSRC_DIR" ] && [ ! -d "$FBTURBOSRC_DIR" ] ; then
                echo "error: '${FBTURBOSRC_DIR}' specified directory not found (FBTURBOSRC_DIR)!"
                exit 1
              fi
              # Check if specified NEXMONSRC_DIR directory exists
              if [ -n "$NEXMONSRC_DIR" ] && [ ! -d "$NEXMONSRC_DIR" ] ; then
                echo "error: '${NEXMONSRC_DIR}' specified directory not found (NEXMONSRC_DIR)!"
                exit 1
              fi
              # Check if specified CHROOT_SCRIPTS directory exists
              if [ -n "$CHROOT_SCRIPTS" ] && [ ! -d "$CHROOT_SCRIPTS" ] ; then
                 echo "error: ${CHROOT_SCRIPTS} specified directory not found (CHROOT_SCRIPTS)!"
                 exit 1
              fi
              # Check if specified device mapping already exists (will be used by cryptsetup)
              if [ -r "/dev/mapping/${CRYPTFS_MAPPING}" ] ; then
                echo "error: mapping /dev/mapping/${CRYPTFS_MAPPING} already exists, not proceeding"
                exit 1
              fi
              # Don't clobber an old build
              if [ -e "$BUILDDIR" ] ; then
                echo "error: directory ${BUILDDIR} already exists, not proceeding"
                exit 1
              fi
              # Setup chroot directory
              mkdir -p "${R}"
              # Check if build directory has enough of free disk space >512MB
              if [ "$(df --output=avail "${BUILDDIR}" | sed "1d")" -le "524288" ] ; then
                echo "error: ${BUILDDIR} not enough space left to generate the output image!"
                exit 1
              fi
              set -x
              # Call "cleanup" function on various signals and errors
              trap cleanup 0 1 2 3 6
              # Add required packages for the minbase installation
              if [ "$ENABLE_MINBASE" = true ] ; then
                APT_INCLUDES="${APT_INCLUDES},vim-tiny,netbase,net-tools,ifupdown"
              fi
              # Add parted package, required to get partprobe utility
              if [ "$EXPANDROOT" = true ] ; then
                APT_INCLUDES="${APT_INCLUDES},parted"
              fi
              # Add dbus package, recommended if using systemd
              if [ "$ENABLE_DBUS" = true ] ; then
                APT_INCLUDES="${APT_INCLUDES},dbus"
              fi
              # Add iptables IPv4/IPv6 package
              if [ "$ENABLE_IPTABLES" = true ] ; then
                APT_INCLUDES="${APT_INCLUDES},iptables,iptables-persistent"
              fi
              # Add openssh server package
              if [ "$ENABLE_SSHD" = true ] ; then
                APT_INCLUDES="${APT_INCLUDES},openssh-server"
              fi
              # Add alsa-utils package
              if [ "$ENABLE_SOUND" = true ] ; then
                APT_INCLUDES="${APT_INCLUDES},alsa-utils"
              fi
              # Add rng-tools package
              if [ "$ENABLE_HWRANDOM" = true ] ; then
                APT_INCLUDES="${APT_INCLUDES},rng-tools"
              fi
              # Add fbturbo video driver
              if [ "$ENABLE_FBTURBO" = true ] ; then
                # Enable xorg package dependencies
                ENABLE_XORG=true
              fi
              # Add user defined window manager package
              if [ -n "$ENABLE_WM" ] ; then
                APT_INCLUDES="${APT_INCLUDES},${ENABLE_WM}"
                # Enable xorg package dependencies
                ENABLE_XORG=true
              fi
              # Add xorg package
              if [ "$ENABLE_XORG" = true ] ; then
                APT_INCLUDES="${APT_INCLUDES},xorg,dbus-x11"
              fi
              # Replace selected packages with smaller clones
              if [ "$ENABLE_REDUCE" = true ] ; then
                # Add levee package instead of vim-tiny
                if [ "$REDUCE_VIM" = true ] ; then
                  APT_INCLUDES="$(echo ${APT_INCLUDES} | sed "s/vim-tiny/levee/")"
                fi
                # Add dropbear package instead of openssh-server
                if [ "$REDUCE_SSHD" = true ] ; then
                  APT_INCLUDES="$(echo "${APT_INCLUDES}" | sed "s/openssh-server/dropbear/")"
                fi
              fi
              # Configure systemd-sysv exclude to make halt/reboot/shutdown scripts available
              if [ "$ENABLE_SYSVINIT" = false ] ; then
                APT_EXCLUDES="--exclude=${APT_EXCLUDES},init,systemd-sysv"
              fi
              # Configure kernel sources if no KERNELSRC_DIR
              if [ "$BUILD_KERNEL" = true ] && [ -z "$KERNELSRC_DIR" ] ; then
                KERNELSRC_CONFIG=true
              fi
              # Configure reduced kernel
              if [ "$KERNEL_REDUCE" = true ] ; then
                KERNELSRC_CONFIG=false
              fi
              # Configure qemu compatible kernel
              if [ "$ENABLE_QEMU" = true ] ; then
                DTB_FILE=vexpress-v2p-ca15_a7.dtb
                UBOOT_CONFIG=vexpress_ca15_tc2_defconfig
                KERNEL_DEFCONFIG="vexpress_defconfig"
                if [ "$KERNEL_MENUCONFIG" = false ] ; then
                  KERNEL_OLDDEFCONFIG=true
                fi
              fi
              # Execute bootstrap scripts
              for SCRIPT in bootstrap.d/*.sh; do
                head -n 3 "$SCRIPT"
                . "$SCRIPT"
              done
              ## Execute custom bootstrap scripts
              if [ -d "custom.d" ] ; then
                for SCRIPT in custom.d/*.sh; do
                  . "$SCRIPT"
                done
              fi
              # Execute custom scripts inside the chroot
              if [ -n "$CHROOT_SCRIPTS" ] && [ -d "$CHROOT_SCRIPTS" ] ; then
                cp -r "${CHROOT_SCRIPTS}" "${R}/chroot_scripts"
                chroot_exec /bin/bash -x <<'EOF'
              for SCRIPT in /chroot_scripts/* ; do
                if [ -f $SCRIPT -a -x $SCRIPT ] ; then
                  $SCRIPT
                fi
              done
              EOF
                rm -rf "${R}/chroot_scripts"
              fi
              # Remove c/c++ build environment from the chroot
              chroot_remove_cc
              # Generate required machine-id
              MACHINE_ID=$(dbus-uuidgen)
              echo -n "${MACHINE_ID}" > "${R}/var/lib/dbus/machine-id"
              echo -n "${MACHINE_ID}" > "${ETC_DIR}/machine-id"
              # APT Cleanup
              chroot_exec apt-get -y clean
              chroot_exec apt-get -y autoclean
              chroot_exec apt-get -y autoremove
              # Unmount mounted filesystems
              umount -l "${R}/proc"
              umount -l "${R}/sys"
              # Clean up directories
              rm -rf "${R}/run/*"
              rm -rf "${R}/tmp/*"
              # Clean up files
              rm -f "${ETC_DIR}/ssh/ssh_host_*"
              rm -f "${ETC_DIR}/dropbear/dropbear_*"
              rm -f "${ETC_DIR}/apt/sources.list.save"
              rm -f "${ETC_DIR}/resolvconf/resolv.conf.d/original"
              rm -f "${ETC_DIR}/*-"
              rm -f "${ETC_DIR}/apt/apt.conf.d/10proxy"
              rm -f "${ETC_DIR}/resolv.conf"
              rm -f "${R}/root/.bash_history"
              rm -f "${R}/var/lib/urandom/random-seed"
              rm -f "${R}/initrd.img"
              rm -f "${R}/vmlinuz"
              rm -f "${R}${QEMU_BINARY}"
              if [ "$ENABLE_QEMU" = true ] ; then
                # Setup QEMU directory
                mkdir "${BASEDIR}/qemu"
                # Copy kernel image to QEMU directory
                install_readonly "${BOOT_DIR}/${KERNEL_IMAGE}" "${BASEDIR}/qemu/${KERNEL_IMAGE}"
                # Copy kernel config to QEMU directory
                install_readonly "${R}/boot/config-${KERNEL_VERSION}" "${BASEDIR}/qemu/config-${KERNEL_VERSION}"
                # Copy kernel dtbs to QEMU directory
                for dtb in "${BOOT_DIR}/"*.dtb ; do
                  if [ -f "${dtb}" ] ; then
                    install_readonly "${dtb}" "${BASEDIR}/qemu/"
                  fi
                done
                # Copy kernel overlays to QEMU directory
                if [ -d "${BOOT_DIR}/overlays" ] ; then
                  # Setup overlays dtbs directory
                  mkdir "${BASEDIR}/qemu/overlays"
                  for dtb in "${BOOT_DIR}/overlays/"*.dtb ; do
                    if [ -f "${dtb}" ] ; then
                      install_readonly "${dtb}" "${BASEDIR}/qemu/overlays/"
                    fi
                  done
                fi
                # Copy u-boot files to QEMU directory
                if [ "$ENABLE_UBOOT" = true ] ; then
                  if [ -f "${BOOT_DIR}/u-boot.bin" ] ; then
                    install_readonly "${BOOT_DIR}/u-boot.bin" "${BASEDIR}/qemu/u-boot.bin"
                  fi
                  if [ -f "${BOOT_DIR}/uboot.mkimage" ] ; then
                    install_readonly "${BOOT_DIR}/uboot.mkimage" "${BASEDIR}/qemu/uboot.mkimage"
                  fi
                  if [ -f "${BOOT_DIR}/boot.scr" ] ; then
                    install_readonly "${BOOT_DIR}/boot.scr" "${BASEDIR}/qemu/boot.scr"
                  fi
                fi
                # Copy initramfs to QEMU directory
                if [ -f "${BOOT_DIR}/initramfs-${KERNEL_VERSION}" ] ; then
                  install_readonly "${BOOT_DIR}/initramfs-${KERNEL_VERSION}" "${BASEDIR}/qemu/initramfs-${KERNEL_VERSION}"
                fi
              fi
              # Calculate size of the chroot directory in KB
              CHROOT_SIZE=$(expr "$(du -s "${R}" | awk '{ print $1 }')")
              # Calculate the amount of needed 512 Byte sectors
              TABLE_SECTORS=$(expr 1 \* 1024 \* 1024 \/ 512)
              FRMW_SECTORS=$(expr 64 \* 1024 \* 1024 \/ 512)
              ROOT_OFFSET=$(expr "${TABLE_SECTORS}" + "${FRMW_SECTORS}")
              # The root partition is EXT4
              # This means more space than the actual used space of the chroot is used.
              # As overhead for journaling and reserved blocks 35% are added.
              ROOT_SECTORS=$(expr "$(expr "${CHROOT_SIZE}" + "${CHROOT_SIZE}" \/ 100 \* 35)" \* 1024 \/ 512)
              # Calculate required image size in 512 Byte sectors
              IMAGE_SECTORS=$(expr "${TABLE_SECTORS}" + "${FRMW_SECTORS}" + "${ROOT_SECTORS}")
              # Prepare image file
              if [ "$ENABLE_SPLITFS" = true ] ; then
                dd if=/dev/zero of="$IMAGE_NAME-frmw.img" bs=512 count="${TABLE_SECTORS}"
                dd if=/dev/zero of="$IMAGE_NAME-frmw.img" bs=512 count=0 seek="${FRMW_SECTORS}"
                dd if=/dev/zero of="$IMAGE_NAME-root.img" bs=512 count="${TABLE_SECTORS}"
                dd if=/dev/zero of="$IMAGE_NAME-root.img" bs=512 count=0 seek="${ROOT_SECTORS}"
                # Write firmware/boot partition tables
                sfdisk -q -L -uS -f "$IMAGE_NAME-frmw.img" 2> /dev/null <<EOM
              ${TABLE_SECTORS},${FRMW_SECTORS},c,*
              EOM
                # Write root partition table
                sfdisk -q -L -uS -f "$IMAGE_NAME-root.img" 2> /dev/null <<EOM
              ${TABLE_SECTORS},${ROOT_SECTORS},83
              EOM
                # Setup temporary loop devices
                FRMW_LOOP="$(losetup -o 1M --sizelimit 64M -f --show "$IMAGE_NAME"-frmw.img)"
                ROOT_LOOP="$(losetup -o 1M -f --show "$IMAGE_NAME"-root.img)"
              else # ENABLE_SPLITFS=false
                dd if=/dev/zero of="$IMAGE_NAME.img" bs=512 count="${TABLE_SECTORS}"
                dd if=/dev/zero of="$IMAGE_NAME.img" bs=512 count=0 seek="${IMAGE_SECTORS}"
                # Write partition table
                sfdisk -q -L -uS -f "$IMAGE_NAME.img" 2> /dev/null <<EOM
              ${TABLE_SECTORS},${FRMW_SECTORS},c,*
              ${ROOT_OFFSET},${ROOT_SECTORS},83
              EOM
                # Setup temporary loop devices
                FRMW_LOOP="$(losetup -o 1M --sizelimit 64M -f --show "$IMAGE_NAME".img)"
                ROOT_LOOP="$(losetup -o 65M -f --show "$IMAGE_NAME".img)"
              fi
              if [ "$ENABLE_CRYPTFS" = true ] ; then
                # Create dummy ext4 fs
                mkfs.ext4 "$ROOT_LOOP"
                # Setup password keyfile
                touch .password
                chmod 600 .password
                echo -n ${CRYPTFS_PASSWORD} > .password
                # Initialize encrypted partition
                echo "YES" | cryptsetup luksFormat "${ROOT_LOOP}" -c "${CRYPTFS_CIPHER}" -s "${CRYPTFS_XTSKEYSIZE}" .password
                # Open encrypted partition and setup mapping
                cryptsetup luksOpen "${ROOT_LOOP}" -d .password "${CRYPTFS_MAPPING}"
                # Secure delete password keyfile
                shred -zu .password
                # Update temporary loop device
                ROOT_LOOP="/dev/mapper/${CRYPTFS_MAPPING}"
                # Wipe encrypted partition (encryption cipher is used for randomness)
                dd if=/dev/zero of="${ROOT_LOOP}" bs=512 count="$(blockdev --getsz "${ROOT_LOOP}")"
              fi
              # Build filesystems
              mkfs.vfat "$FRMW_LOOP"
              mkfs.ext4 "$ROOT_LOOP"
              # Mount the temporary loop devices
              mkdir -p "$BUILDDIR/mount"
              mount "$ROOT_LOOP" "$BUILDDIR/mount"
              mkdir -p "$BUILDDIR/mount/boot/firmware"
              mount "$FRMW_LOOP" "$BUILDDIR/mount/boot/firmware"
              # Copy all files from the chroot to the loop device mount point directory
              rsync -a "${R}/" "$BUILDDIR/mount/"
              # Unmount all temporary loop devices and mount points
              cleanup
              # Create block map file(s) of image(s)
              if [ "$ENABLE_SPLITFS" = true ] ; then
                # Create block map files for "bmaptool"
                bmaptool create -o "$IMAGE_NAME-frmw.bmap" "$IMAGE_NAME-frmw.img"
                bmaptool create -o "$IMAGE_NAME-root.bmap" "$IMAGE_NAME-root.img"
                # Image was successfully created
                echo "$IMAGE_NAME-frmw.img ($(expr \( "${TABLE_SECTORS}" + "${FRMW_SECTORS}" \) \* 512 \/ 1024 \/ 1024)M)" ": successfully created"
                echo "$IMAGE_NAME-root.img ($(expr \( "${TABLE_SECTORS}" + "${ROOT_SECTORS}" \) \* 512 \/ 1024 \/ 1024)M)" ": successfully created"
              else
                # Create block map file for "bmaptool"
                bmaptool create -o "$IMAGE_NAME.bmap" "$IMAGE_NAME.img"
                # Image was successfully created
                echo "$IMAGE_NAME.img ($(expr \( "${TABLE_SECTORS}" + "${FRMW_SECTORS}" + "${ROOT_SECTORS}" \) \* 512 \/ 1024 \/ 1024)M)" ": successfully created"
                # Create qemu qcow2 image
                if [ "$ENABLE_QEMU" = true ] ; then
                  QEMU_IMAGE=${QEMU_IMAGE:=${BASEDIR}/qemu/${DATE}-${KERNEL_ARCH}-CURRENT-rpi${RPI_MODEL}-${RELEASE}-${RELEASE_ARCH}}
                  QEMU_SIZE=16G
                  qemu-img convert -f raw -O qcow2 "$IMAGE_NAME".img "$QEMU_IMAGE".qcow2
                  qemu-img resize "$QEMU_IMAGE".qcow2 $QEMU_SIZE
                  echo "$QEMU_IMAGE.qcow2 ($QEMU_SIZE)" ": successfully created"
                fi
              fi

General Comments 0

Écrire
Preview

Vous devez vous connecter pour laisser un commentaire. Se connecter maintenant

No TODOs yet

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Dépôts
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages