| @@ -8,6 +8,7 | |||||
| 8 | # Need to use kali kernel src if nexmon is enabled |
|
8 | # Need to use kali kernel src if nexmon is enabled | |
| 9 | if [ "$ENABLE_NEXMON" = true ] ; then |
|
9 | if [ "$ENABLE_NEXMON" = true ] ; then | |
| 10 | KERNEL_URL="${KALI_KERNEL_URL}" |
|
10 | KERNEL_URL="${KALI_KERNEL_URL}" | |
|
|
11 | # Clear Branch and KernelSRC_DIR if using nexmon. Everyone will forget to clone kali kernel instead of nomrla kernel | |||
| 11 | KERNEL_BRANCH="" |
|
12 | KERNEL_BRANCH="" | |
| 12 | KERNELSRC_DIR="" |
|
13 | KERNELSRC_DIR="" | |
| 13 | fi |
|
14 | fi | |
| @@ -93,7 +94,7 if [ "$BUILD_KERNEL" = true ] ; then | |||||
| 93 | if [ "$KERNELSRC_CONFIG" = true ] ; then |
|
94 | if [ "$KERNELSRC_CONFIG" = true ] ; then | |
| 94 | # Load default raspberry kernel configuration |
|
95 | # Load default raspberry kernel configuration | |
| 95 | make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" "${KERNEL_DEFCONFIG}" |
|
96 | make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" "${KERNEL_DEFCONFIG}" | |
| 96 |
|
97 | |||
| 97 | #Switch to KERNELSRC_DIR so we can use set_kernel_config |
|
98 | #Switch to KERNELSRC_DIR so we can use set_kernel_config | |
| 98 | cd "${KERNEL_DIR}" || exit |
|
99 | cd "${KERNEL_DIR}" || exit | |
| 99 |
|
100 | |||
| @@ -345,7 +346,6 if [ "$BUILD_KERNEL" = true ] ; then | |||||
| 345 | unset_kernel_config CONFIG_CPU_FREQ_DEFAULT_GOV_POWERSAVE |
|
346 | unset_kernel_config CONFIG_CPU_FREQ_DEFAULT_GOV_POWERSAVE | |
| 346 | fi |
|
347 | fi | |
| 347 |
|
348 | |||
| 348 |
|
||||
| 349 | #Revert to previous directory |
|
349 | #Revert to previous directory | |
| 350 | cd "${WORKDIR}" || exit |
|
350 | cd "${WORKDIR}" || exit | |
| 351 |
|
351 | |||
| @@ -435,11 +435,6 if [ "$BUILD_KERNEL" = true ] ; then | |||||
| 435 | if [ "$KERNEL_HEADERS" = true ] && [ "$KERNEL_REDUCE" = false ] ; then |
|
435 | if [ "$KERNEL_HEADERS" = true ] && [ "$KERNEL_REDUCE" = false ] ; then | |
| 436 | make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_HDR_PATH=../.. headers_install |
|
436 | make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_HDR_PATH=../.. headers_install | |
| 437 | fi |
|
437 | fi | |
| 438 | # make tar.gz kernel package - missing os bzw. modules |
|
|||
| 439 | #** ** ** WARNING ** ** ** |
|
|||
| 440 | #Your architecture did not define any architecture-dependent files |
|
|||
| 441 | #to be placed into the tarball. Please add those to ./scripts/package/buildtar . |
|
|||
| 442 | # make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" CC="${cc}" targz-pkg |
|
|||
| 443 |
|
|
438 | ||
| 444 | # Prepare boot (firmware) directory |
|
439 | # Prepare boot (firmware) directory | |
| 445 | mkdir "${BOOT_DIR}" |
|
440 | mkdir "${BOOT_DIR}" | |
| @@ -506,8 +501,6 if [ "$BUILD_KERNEL" = true ] ; then | |||||
| 506 | fi |
|
501 | fi | |
| 507 |
|
502 | |||
| 508 | else # BUILD_KERNEL=false |
|
503 | else # BUILD_KERNEL=false | |
| 509 | # echo Install precompiled kernel... |
|
|||
| 510 | # echo error: not implemented |
|
|||
| 511 | if [ "$SET_ARCH" = 64 ] && { [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] ; } ; then |
|
504 | if [ "$SET_ARCH" = 64 ] && { [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] ; } ; then | |
| 512 |
|
505 | |||
| 513 | # Use Sakakis modified kernel if ZSWAP is active |
|
506 | # Use Sakakis modified kernel if ZSWAP is active | |
| @@ -5,40 +5,38 | |||||
| 5 | # Load utility functions |
|
5 | # Load utility functions | |
| 6 | . ./functions.sh |
|
6 | . ./functions.sh | |
| 7 |
|
7 | |||
| 8 | #if [ "$BUILD_KERNEL" = true ] ; then |
|
8 | if [ -n "$RPI_FIRMWARE_DIR" ] && [ -d "$RPI_FIRMWARE_DIR" ] ; then | |
| 9 | if [ -n "$RPI_FIRMWARE_DIR" ] && [ -d "$RPI_FIRMWARE_DIR" ] ; then |
|
9 | # Install boot binaries from local directory | |
| 10 | # Install boot binaries from local directory |
|
10 | cp "${RPI_FIRMWARE_DIR}"/boot/bootcode.bin "${BOOT_DIR}"/bootcode.bin | |
| 11 |
|
|
11 | cp "${RPI_FIRMWARE_DIR}"/boot/fixup.dat "${BOOT_DIR}"/fixup.dat | |
| 12 |
|
|
12 | cp "${RPI_FIRMWARE_DIR}"/boot/fixup_cd.dat "${BOOT_DIR}"/fixup_cd.dat | |
| 13 |
|
|
13 | cp "${RPI_FIRMWARE_DIR}"/boot/fixup_x.dat "${BOOT_DIR}"/fixup_x.dat | |
| 14 |
|
|
14 | cp "${RPI_FIRMWARE_DIR}"/boot/start.elf "${BOOT_DIR}"/start.elf | |
| 15 |
|
|
15 | cp "${RPI_FIRMWARE_DIR}"/boot/start_cd.elf "${BOOT_DIR}"/start_cd.elf | |
| 16 |
|
|
16 | cp "${RPI_FIRMWARE_DIR}"/boot/start_x.elf "${BOOT_DIR}"/start_x.elf | |
| 17 | cp "${RPI_FIRMWARE_DIR}"/boot/start_x.elf "${BOOT_DIR}"/start_x.elf |
|
17 | else | |
| 18 | else |
|
18 | # Create temporary directory for boot binaries | |
| 19 | # Create temporary directory for boot binaries |
|
19 | temp_dir=$(as_nobody mktemp -d) | |
| 20 | temp_dir=$(as_nobody mktemp -d) |
|
|||
| 21 |
|
20 | |||
| 22 |
|
|
21 | # Install latest boot binaries from raspberry/firmware github | |
| 23 |
|
|
22 | as_nobody wget -q -O "${temp_dir}/bootcode.bin" "${FIRMWARE_URL}/bootcode.bin" | |
| 24 |
|
|
23 | as_nobody wget -q -O "${temp_dir}/fixup.dat" "${FIRMWARE_URL}/fixup.dat" | |
| 25 |
|
|
24 | as_nobody wget -q -O "${temp_dir}/fixup_cd.dat" "${FIRMWARE_URL}/fixup_cd.dat" | |
| 26 |
|
|
25 | as_nobody wget -q -O "${temp_dir}/fixup_x.dat" "${FIRMWARE_URL}/fixup_x.dat" | |
| 27 |
|
|
26 | as_nobody wget -q -O "${temp_dir}/start.elf" "${FIRMWARE_URL}/start.elf" | |
| 28 |
|
|
27 | as_nobody wget -q -O "${temp_dir}/start_cd.elf" "${FIRMWARE_URL}/start_cd.elf" | |
| 29 |
|
|
28 | as_nobody wget -q -O "${temp_dir}/start_x.elf" "${FIRMWARE_URL}/start_x.elf" | |
| 30 |
|
29 | |||
| 31 |
|
|
30 | # Move downloaded boot binaries | |
| 32 |
|
|
31 | mv "${temp_dir}/"* "${BOOT_DIR}/" | |
| 33 |
|
32 | |||
| 34 |
|
|
33 | # Remove temporary directory for boot binaries | |
| 35 |
|
|
34 | rm -fr "${temp_dir}" | |
| 36 |
|
35 | |||
| 37 |
|
|
36 | # Set permissions of the boot binaries | |
| 38 |
|
|
37 | chown -R root:root "${BOOT_DIR}" | |
| 39 |
|
|
38 | chmod -R 600 "${BOOT_DIR}" | |
| 40 |
|
|
39 | fi | |
| 41 | #fi |
|
|||
| 42 |
|
|
40 | ||
| 43 | # Setup firmware boot cmdline |
|
41 | # Setup firmware boot cmdline | |
| 44 | if [ "$ENABLE_UBOOTUSB" = true ] ; then |
|
42 | if [ "$ENABLE_UBOOTUSB" = true ] ; then | |
| @@ -164,7 +162,7 if [ "$ENABLE_CONSOLE" = true ] ; then | |||||
| 164 | CMDLINE="${CMDLINE} console=serial0,115200" |
|
162 | CMDLINE="${CMDLINE} console=serial0,115200" | |
| 165 |
|
163 | |||
| 166 | # Enable serial console systemd style |
|
164 | # Enable serial console systemd style | |
| 167 | chroot_exec systemctl enable serial-getty@serial0.service |
|
165 | chroot_exec systemctl enable serial-getty\@serial0.service | |
| 168 | else |
|
166 | else | |
| 169 | echo "enable_uart=0" >> "${BOOT_DIR}/config.txt" |
|
167 | echo "enable_uart=0" >> "${BOOT_DIR}/config.txt" | |
| 170 | fi |
|
168 | fi | |
| @@ -9,9 +9,10 if [ "$ENABLE_IPTABLES" = true ] ; then | |||||
| 9 | # Create iptables configuration directory |
|
9 | # Create iptables configuration directory | |
| 10 | mkdir -p "${ETC_DIR}/iptables" |
|
10 | mkdir -p "${ETC_DIR}/iptables" | |
| 11 |
|
11 | |||
| 12 | # make sure iptables-legacy is the used alternatives |
|
12 | if [ "$KERNEL_NF" = false ] ; then | |
| 13 | #iptables-save and -restore are slaves of iptables and thus are set accordingly |
|
13 | # iptables-save and -restore are slaves of iptables and thus are set accordingly | |
| 14 | chroot_exec update-alternatives --verbose --set iptables /usr/sbin/iptables-legacy |
|
14 | chroot_exec update-alternatives --verbose --set iptables /usr/sbin/iptables-legacy | |
|
|
15 | fi | |||
| 15 |
|
16 | |||
| 16 | # Install iptables systemd service |
|
17 | # Install iptables systemd service | |
| 17 | install_readonly files/iptables/iptables.service "${ETC_DIR}/systemd/system/iptables.service" |
|
18 | install_readonly files/iptables/iptables.service "${ETC_DIR}/systemd/system/iptables.service" | |
| @@ -27,9 +28,10 if [ "$ENABLE_IPTABLES" = true ] ; then | |||||
| 27 | chroot_exec systemctl enable iptables.service |
|
28 | chroot_exec systemctl enable iptables.service | |
| 28 |
|
29 | |||
| 29 | if [ "$ENABLE_IPV6" = true ] ; then |
|
30 | if [ "$ENABLE_IPV6" = true ] ; then | |
| 30 | # make sure ip6tables-legacy is the used alternatives |
|
31 | if [ "$KERNEL_NF" = false ] ; then | |
| 31 | chroot_exec update-alternatives --verbose --set ip6tables /usr/sbin/ip6tables-legacy |
|
32 | # iptables-save and -restore are slaves of iptables and thus are set accordingly | |
| 32 |
|
33 | chroot_exec update-alternatives --verbose --set ip6tables /usr/sbin/ip6tables-legacy | ||
|
|
34 | fi | |||
| 33 | # Install ip6tables systemd service |
|
35 | # Install ip6tables systemd service | |
| 34 | install_readonly files/iptables/ip6tables.service "${ETC_DIR}/systemd/system/ip6tables.service" |
|
36 | install_readonly files/iptables/ip6tables.service "${ETC_DIR}/systemd/system/ip6tables.service" | |
| 35 |
|
37 | |||
| @@ -8,6 +8,7 INITRAMFS_UBOOT="${INITRAMFS}.uboot" | |||||
| 8 | # Extract kernel arch |
|
8 | # Extract kernel arch | |
| 9 | case "${KERNEL_ARCH}" in |
|
9 | case "${KERNEL_ARCH}" in | |
| 10 | arm*) KERNEL_ARCH=arm ;; |
|
10 | arm*) KERNEL_ARCH=arm ;; | |
|
|
11 | aarch64) KERNEL_ARCH=arm64 ;; | |||
| 11 | esac |
|
12 | esac | |
| 12 |
|
13 | |||
| 13 | # Regenerate initramfs |
|
14 | # Regenerate initramfs | |
| @@ -186,6 +186,7 KERNEL_VIRT=${KERNEL_VIRT:=false} | |||||
| 186 | KERNEL_BPF=${KERNEL_BPF:=false} |
|
186 | KERNEL_BPF=${KERNEL_BPF:=false} | |
| 187 | KERNEL_DEFAULT_GOV=${KERNEL_DEFAULT_GOV:=powersave} |
|
187 | KERNEL_DEFAULT_GOV=${KERNEL_DEFAULT_GOV:=powersave} | |
| 188 | KERNEL_SECURITY=${KERNEL_SECURITY:=false} |
|
188 | KERNEL_SECURITY=${KERNEL_SECURITY:=false} | |
|
|
189 | KERNEL_NF=${KERNEL_NF:=false} | |||
| 189 |
|
190 | |||
| 190 | # Kernel compilation from source directory settings |
|
191 | # Kernel compilation from source directory settings | |
| 191 | KERNELSRC_DIR=${KERNELSRC_DIR:=""} |
|
192 | KERNELSRC_DIR=${KERNELSRC_DIR:=""} | |
| @@ -221,7 +222,7 CHROOT_SCRIPTS=${CHROOT_SCRIPTS:=""} | |||||
| 221 | APT_INCLUDES=${APT_INCLUDES:=""} |
|
222 | APT_INCLUDES=${APT_INCLUDES:=""} | |
| 222 | APT_INCLUDES="${APT_INCLUDES},apt-transport-https,apt-utils,ca-certificates,debian-archive-keyring,dialog,sudo,systemd,sysvinit-utils,locales,keyboard-configuration,console-setup,libnss-systemd" |
|
223 | APT_INCLUDES="${APT_INCLUDES},apt-transport-https,apt-utils,ca-certificates,debian-archive-keyring,dialog,sudo,systemd,sysvinit-utils,locales,keyboard-configuration,console-setup,libnss-systemd" | |
| 223 |
|
224 | |||
| 224 | #Packages to exclude from chroot build environment |
|
225 | # Packages to exclude from chroot build environment | |
| 225 | APT_EXCLUDES=${APT_EXCLUDES:=""} |
|
226 | APT_EXCLUDES=${APT_EXCLUDES:=""} | |
| 226 |
|
227 | |||
| 227 | # Packages required for bootstrapping |
|
228 | # Packages required for bootstrapping | |
General Comments 0
Vous devez vous connecter pour laisser un commentaire.
Se connecter maintenant
