##// END OF EJS Templates
zswap systemdswap
Unknown -
r460:63d5bd9df575
parent child
Show More
@@ -1,528 +1,531
1 # rpi23-gen-image
1 # rpi23-gen-image
2 ## Introduction
2 ## Introduction
3 `rpi23-gen-image.sh` is an advanced Debian Linux bootstrapping shell script for generating Debian OS images for Raspberry Pi 2 (RPi2) and Raspberry Pi 3 (RPi3) computers. The script at this time supports the bootstrapping of the Debian (armhf) releases `stretch` and `buster`. Raspberry Pi 3 images are generated for 32-bit mode only. Raspberry Pi 3 64-bit images can be generated using custom configuration parameters (```templates/rpi3-stretch-arm64-4.14.y```).
3 `rpi23-gen-image.sh` is an advanced Debian Linux bootstrapping shell script for generating Debian OS images for Raspberry Pi 2 (RPi2) and Raspberry Pi 3 (RPi3) computers. The script at this time supports the bootstrapping of the Debian (armhf) releases `stretch` and `buster`. Raspberry Pi 3 images are generated for 32-bit mode only. Raspberry Pi 3 64-bit images can be generated using custom configuration parameters (```templates/rpi3-stretch-arm64-4.14.y```).
4
4
5 ## Build dependencies
5 ## Build dependencies
6 The following list of Debian packages must be installed on the build system because they are essentially required for the bootstrapping process. The script will check if all required packages are installed and missing packages will be installed automatically if confirmed by the user.
6 The following list of Debian packages must be installed on the build system because they are essentially required for the bootstrapping process. The script will check if all required packages are installed and missing packages will be installed automatically if confirmed by the user.
7
7
8 ```debootstrap debian-archive-keyring qemu-user-static binfmt-support dosfstools rsync bmap-tools whois git bc psmisc dbus sudo```
8 ```debootstrap debian-archive-keyring qemu-user-static binfmt-support dosfstools rsync bmap-tools whois git bc psmisc dbus sudo```
9
9
10 It is recommended to configure the `rpi23-gen-image.sh` script to build and install the latest Raspberry Pi Linux kernel. For the RPi3 this is mandatory. Kernel compilation and linking will be performed on the build system using an ARM (armhf) cross-compiler toolchain.
10 It is recommended to configure the `rpi23-gen-image.sh` script to build and install the latest Raspberry Pi Linux kernel. For the RPi3 this is mandatory. Kernel compilation and linking will be performed on the build system using an ARM (armhf) cross-compiler toolchain.
11
11
12 The script has been tested using the default `crossbuild-essential-armhf` toolchain meta package on Debian Linux `stretch` build systems. Please check the [Debian CrossToolchains Wiki](https://wiki.debian.org/CrossToolchains) for further information.
12 The script has been tested using the default `crossbuild-essential-armhf` toolchain meta package on Debian Linux `stretch` build systems. Please check the [Debian CrossToolchains Wiki](https://wiki.debian.org/CrossToolchains) for further information.
13
13
14 ## Command-line parameters
14 ## Command-line parameters
15 The script accepts certain command-line parameters to enable or disable specific OS features, services and configuration settings. These parameters are passed to the `rpi23-gen-image.sh` script via (simple) shell-variables. Unlike environment shell-variables (simple) shell-variables are defined at the beginning of the command-line call of the `rpi23-gen-image.sh` script.
15 The script accepts certain command-line parameters to enable or disable specific OS features, services and configuration settings. These parameters are passed to the `rpi23-gen-image.sh` script via (simple) shell-variables. Unlike environment shell-variables (simple) shell-variables are defined at the beginning of the command-line call of the `rpi23-gen-image.sh` script.
16
16
17 ##### Command-line examples:
17 ##### Command-line examples:
18 ```shell
18 ```shell
19 ENABLE_UBOOT=true ./rpi23-gen-image.sh
19 ENABLE_UBOOT=true ./rpi23-gen-image.sh
20 ENABLE_CONSOLE=false ENABLE_IPV6=false ./rpi23-gen-image.sh
20 ENABLE_CONSOLE=false ENABLE_IPV6=false ./rpi23-gen-image.sh
21 ENABLE_WM=xfce4 ENABLE_FBTURBO=true ENABLE_MINBASE=true ./rpi23-gen-image.sh
21 ENABLE_WM=xfce4 ENABLE_FBTURBO=true ENABLE_MINBASE=true ./rpi23-gen-image.sh
22 ENABLE_HARDNET=true ENABLE_IPTABLES=true /rpi23-gen-image.sh
22 ENABLE_HARDNET=true ENABLE_IPTABLES=true /rpi23-gen-image.sh
23 APT_SERVER=ftp.de.debian.org APT_PROXY="http://127.0.0.1:3142/" ./rpi23-gen-image.sh
23 APT_SERVER=ftp.de.debian.org APT_PROXY="http://127.0.0.1:3142/" ./rpi23-gen-image.sh
24 ENABLE_MINBASE=true ./rpi23-gen-image.sh
24 ENABLE_MINBASE=true ./rpi23-gen-image.sh
25 BUILD_KERNEL=true ENABLE_MINBASE=true ENABLE_IPV6=false ./rpi23-gen-image.sh
25 BUILD_KERNEL=true ENABLE_MINBASE=true ENABLE_IPV6=false ./rpi23-gen-image.sh
26 BUILD_KERNEL=true KERNELSRC_DIR=/tmp/linux ./rpi23-gen-image.sh
26 BUILD_KERNEL=true KERNELSRC_DIR=/tmp/linux ./rpi23-gen-image.sh
27 ENABLE_MINBASE=true ENABLE_REDUCE=true ENABLE_MINGPU=true BUILD_KERNEL=true ./rpi23-gen-image.sh
27 ENABLE_MINBASE=true ENABLE_REDUCE=true ENABLE_MINGPU=true BUILD_KERNEL=true ./rpi23-gen-image.sh
28 ENABLE_CRYPTFS=true CRYPTFS_PASSWORD=changeme EXPANDROOT=false ENABLE_MINBASE=true ENABLE_REDUCE=true ENABLE_MINGPU=true BUILD_KERNEL=true ./rpi23-gen-image.sh
28 ENABLE_CRYPTFS=true CRYPTFS_PASSWORD=changeme EXPANDROOT=false ENABLE_MINBASE=true ENABLE_REDUCE=true ENABLE_MINGPU=true BUILD_KERNEL=true ./rpi23-gen-image.sh
29 RELEASE=stretch BUILD_KERNEL=true ./rpi23-gen-image.sh
29 RELEASE=stretch BUILD_KERNEL=true ./rpi23-gen-image.sh
30 RPI_MODEL=3 ENABLE_WIRELESS=true ENABLE_MINBASE=true BUILD_KERNEL=true ./rpi23-gen-image.sh
30 RPI_MODEL=3 ENABLE_WIRELESS=true ENABLE_MINBASE=true BUILD_KERNEL=true ./rpi23-gen-image.sh
31 RELEASE=stretch RPI_MODEL=3 ENABLE_WIRELESS=true ENABLE_MINBASE=true BUILD_KERNEL=true ./rpi23-gen-image.sh
31 RELEASE=stretch RPI_MODEL=3 ENABLE_WIRELESS=true ENABLE_MINBASE=true BUILD_KERNEL=true ./rpi23-gen-image.sh
32 ```
32 ```
33
33
34 ## Configuration template files
34 ## Configuration template files
35 To avoid long lists of command-line parameters and to help to store the favourite parameter configurations the `rpi23-gen-image.sh` script supports so called configuration template files (`CONFIG_TEMPLATE`=template). These are simple text files located in the `./templates` directory that contain the list of configuration parameters that will be used. New configuration template files can be added to the `./templates` directory.
35 To avoid long lists of command-line parameters and to help to store the favourite parameter configurations the `rpi23-gen-image.sh` script supports so called configuration template files (`CONFIG_TEMPLATE`=template). These are simple text files located in the `./templates` directory that contain the list of configuration parameters that will be used. New configuration template files can be added to the `./templates` directory.
36
36
37 ##### Command-line examples:
37 ##### Command-line examples:
38 ```shell
38 ```shell
39 CONFIG_TEMPLATE=rpi3stretch ./rpi23-gen-image.sh
39 CONFIG_TEMPLATE=rpi3stretch ./rpi23-gen-image.sh
40 CONFIG_TEMPLATE=rpi2stretch ./rpi23-gen-image.sh
40 CONFIG_TEMPLATE=rpi2stretch ./rpi23-gen-image.sh
41 ```
41 ```
42
42
43 ## Supported parameters and settings
43 ## Supported parameters and settings
44 #### APT settings:
44 #### APT settings:
45 ##### `APT_SERVER`="ftp.debian.org/debian"
45 ##### `APT_SERVER`="ftp.debian.org/debian"
46 Set Debian packages server address. Choose a server from the list of Debian worldwide [mirror sites](https://www.debian.org/mirror/list). Using a nearby server will probably speed-up all required downloads within the bootstrapping process.
46 Set Debian packages server address. Choose a server from the list of Debian worldwide [mirror sites](https://www.debian.org/mirror/list). Using a nearby server will probably speed-up all required downloads within the bootstrapping process.
47
47
48 ##### `APT_PROXY`=""
48 ##### `APT_PROXY`=""
49 Set Proxy server address. Using a local Proxy-Cache like `apt-cacher-ng` will speed-up the bootstrapping process because all required Debian packages will only be downloaded from the Debian mirror site once. If `apt-cacher-ng` is running on default `http://127.0.0.1:3142` it is autodetected and you don't need to set this.
49 Set Proxy server address. Using a local Proxy-Cache like `apt-cacher-ng` will speed-up the bootstrapping process because all required Debian packages will only be downloaded from the Debian mirror site once. If `apt-cacher-ng` is running on default `http://127.0.0.1:3142` it is autodetected and you don't need to set this.
50
50
51 ##### `APT_INCLUDES`=""
51 ##### `APT_INCLUDES`=""
52 A comma separated list of additional packages to be installed by debootstrap during bootstrapping.
52 A comma separated list of additional packages to be installed by debootstrap during bootstrapping.
53
53
54 ##### `APT_INCLUDES_LATE`=""
54 ##### `APT_INCLUDES_LATE`=""
55 A comma separated list of additional packages to be installed by apt after bootstrapping and after APT sources are set up. This is useful for packages with pre-depends, which debootstrap do not handle well.
55 A comma separated list of additional packages to be installed by apt after bootstrapping and after APT sources are set up. This is useful for packages with pre-depends, which debootstrap do not handle well.
56
56
57 ---
57 ---
58
58
59 #### General system settings:
59 #### General system settings:
60 ##### `SET_ARCH`=32
60 ##### `SET_ARCH`=32
61 Set Architecture to default 32bit. If you want to to compile 64bit (RPI3 or RPI3+) set it to `64`. This option will set every needed crosscompiler or boeard specific option for a successful build.
61 Set Architecture to default 32bit. If you want to to compile 64bit (RPI3 or RPI3+) set it to `64`. This option will set every needed crosscompiler or boeard specific option for a successful build.
62 If you want to change e.g. cross-compiler -> Templates always override defaults
62 If you want to change e.g. cross-compiler -> Templates always override defaults
63
63
64 ##### `RPI_MODEL`=2
64 ##### `RPI_MODEL`=2
65 Specifiy the target Raspberry Pi hardware model. The script at this time supports the following Raspberry Pi models:
65 Specifiy the target Raspberry Pi hardware model. The script at this time supports the following Raspberry Pi models:
66 - `0` = Used for Raspberry Pi 0 and Raspberry Pi 0 W
66 - `0` = Used for Raspberry Pi 0 and Raspberry Pi 0 W
67 - `1` = Used for Pi 1 model A and B
67 - `1` = Used for Pi 1 model A and B
68 - `1P` = Used for Pi 1 model B+ and A+
68 - `1P` = Used for Pi 1 model B+ and A+
69 - `2` = Used for Pi 2 model B
69 - `2` = Used for Pi 2 model B
70 - `3` = Used for Pi 3 model B
70 - `3` = Used for Pi 3 model B
71 - `3P` = Used for Pi 3 model B+
71 - `3P` = Used for Pi 3 model B+
72 - `BUILD_KERNEL`=true will automatically be set if the Raspberry Pi model `3` or `3P` is used.
72 - `BUILD_KERNEL`=true will automatically be set if the Raspberry Pi model `3` or `3P` is used.
73
73
74 ##### `RELEASE`="buster"
74 ##### `RELEASE`="buster"
75 Set the desired Debian release name. The script at this time supports the bootstrapping of the Debian releases `stretch` and `buster`.
75 Set the desired Debian release name. The script at this time supports the bootstrapping of the Debian releases `stretch` and `buster`.
76
76
77 ##### `RELEASE_ARCH`="armhf"
77 ##### `RELEASE_ARCH`="armhf"
78 Set the desired Debian release architecture.
78 Set the desired Debian release architecture.
79
79
80 ##### `HOSTNAME`="rpi$RPI_MODEL-$RELEASE"
80 ##### `HOSTNAME`="rpi$RPI_MODEL-$RELEASE"
81 Set system host name. It's recommended that the host name is unique in the corresponding subnet.
81 Set system host name. It's recommended that the host name is unique in the corresponding subnet.
82
82
83 ##### `PASSWORD`="raspberry"
83 ##### `PASSWORD`="raspberry"
84 Set system `root` password. It's **STRONGLY** recommended that you choose a custom password.
84 Set system `root` password. It's **STRONGLY** recommended that you choose a custom password.
85
85
86 ##### `USER_PASSWORD`="raspberry"
86 ##### `USER_PASSWORD`="raspberry"
87 Set password for the created non-root user `USER_NAME`=pi. Ignored if `ENABLE_USER`=false. It's **STRONGLY** recommended that you choose a custom password.
87 Set password for the created non-root user `USER_NAME`=pi. Ignored if `ENABLE_USER`=false. It's **STRONGLY** recommended that you choose a custom password.
88
88
89 ##### `DEFLOCAL`="en_US.UTF-8"
89 ##### `DEFLOCAL`="en_US.UTF-8"
90 Set default system locale. This setting can also be changed inside the running OS using the `dpkg-reconfigure locales` command. Please note that on using this parameter the script will automatically install the required packages `locales`, `keyboard-configuration` and `console-setup`.
90 Set default system locale. This setting can also be changed inside the running OS using the `dpkg-reconfigure locales` command. Please note that on using this parameter the script will automatically install the required packages `locales`, `keyboard-configuration` and `console-setup`.
91
91
92 ##### `TIMEZONE`="Europe/Berlin"
92 ##### `TIMEZONE`="Europe/Berlin"
93 Set default system timezone. All available timezones can be found in the `/usr/share/zoneinfo/` directory. This setting can also be changed inside the running OS using the `dpkg-reconfigure tzdata` command.
93 Set default system timezone. All available timezones can be found in the `/usr/share/zoneinfo/` directory. This setting can also be changed inside the running OS using the `dpkg-reconfigure tzdata` command.
94
94
95 ##### `EXPANDROOT`=true
95 ##### `EXPANDROOT`=true
96 Expand the root partition and filesystem automatically on first boot.
96 Expand the root partition and filesystem automatically on first boot.
97
97
98 ##### `ENABLE_QEMU`=false
98 ##### `ENABLE_QEMU`=false
99 Generate kernel (`vexpress_defconfig`), file system image (`qcow2`) and DTB files that can be used for QEMU full system emulation (`vexpress-A15`). The output files are stored in the `$(pwd)/images/qemu` directory. You can find more information about running the generated image in the QEMU section of this readme file.
99 Generate kernel (`vexpress_defconfig`), file system image (`qcow2`) and DTB files that can be used for QEMU full system emulation (`vexpress-A15`). The output files are stored in the `$(pwd)/images/qemu` directory. You can find more information about running the generated image in the QEMU section of this readme file.
100
100
101 ---
101 ---
102
102
103 #### Keyboard settings:
103 #### Keyboard settings:
104 These options are used to configure keyboard layout in `/etc/default/keyboard` for console and Xorg. These settings can also be changed inside the running OS using the `dpkg-reconfigure keyboard-configuration` command.
104 These options are used to configure keyboard layout in `/etc/default/keyboard` for console and Xorg. These settings can also be changed inside the running OS using the `dpkg-reconfigure keyboard-configuration` command.
105
105
106 ##### `XKB_MODEL`=""
106 ##### `XKB_MODEL`=""
107 Set the name of the model of your keyboard type.
107 Set the name of the model of your keyboard type.
108
108
109 ##### `XKB_LAYOUT`=""
109 ##### `XKB_LAYOUT`=""
110 Set the supported keyboard layout(s).
110 Set the supported keyboard layout(s).
111
111
112 ##### `XKB_VARIANT`=""
112 ##### `XKB_VARIANT`=""
113 Set the supported variant(s) of the keyboard layout(s).
113 Set the supported variant(s) of the keyboard layout(s).
114
114
115 ##### `XKB_OPTIONS`=""
115 ##### `XKB_OPTIONS`=""
116 Set extra xkb configuration options.
116 Set extra xkb configuration options.
117
117
118 ---
118 ---
119
119
120 #### Networking settings (DHCP):
120 #### Networking settings (DHCP):
121 This parameter is used to set up networking auto configuration in `/etc/systemd/network/eth.network`. The default location of network configuration files in the Debian `stretch` release was changed to `/lib/systemd/network`.`
121 This parameter is used to set up networking auto configuration in `/etc/systemd/network/eth.network`. The default location of network configuration files in the Debian `stretch` release was changed to `/lib/systemd/network`.`
122
122
123 ##### `ENABLE_DHCP`=true
123 ##### `ENABLE_DHCP`=true
124 Set the system to use DHCP. This requires an DHCP server.
124 Set the system to use DHCP. This requires an DHCP server.
125
125
126 ---
126 ---
127
127
128 #### Networking settings (static):
128 #### Networking settings (static):
129 These parameters are used to set up a static networking configuration in `/etc/systemd/network/eth.network`. The following static networking parameters are only supported if `ENABLE_DHCP` was set to `false`. The default location of network configuration files in the Debian `stretch` release was changed to `/lib/systemd/network`.
129 These parameters are used to set up a static networking configuration in `/etc/systemd/network/eth.network`. The following static networking parameters are only supported if `ENABLE_DHCP` was set to `false`. The default location of network configuration files in the Debian `stretch` release was changed to `/lib/systemd/network`.
130
130
131 ##### `NET_ADDRESS`=""
131 ##### `NET_ADDRESS`=""
132 Set a static IPv4 or IPv6 address and its prefix, separated by "/", eg. "192.169.0.3/24".
132 Set a static IPv4 or IPv6 address and its prefix, separated by "/", eg. "192.169.0.3/24".
133
133
134 ##### `NET_GATEWAY`=""
134 ##### `NET_GATEWAY`=""
135 Set the IP address for the default gateway.
135 Set the IP address for the default gateway.
136
136
137 ##### `NET_DNS_1`=""
137 ##### `NET_DNS_1`=""
138 Set the IP address for the first DNS server.
138 Set the IP address for the first DNS server.
139
139
140 ##### `NET_DNS_2`=""
140 ##### `NET_DNS_2`=""
141 Set the IP address for the second DNS server.
141 Set the IP address for the second DNS server.
142
142
143 ##### `NET_DNS_DOMAINS`=""
143 ##### `NET_DNS_DOMAINS`=""
144 Set the default DNS search domains to use for non fully qualified host names.
144 Set the default DNS search domains to use for non fully qualified host names.
145
145
146 ##### `NET_NTP_1`=""
146 ##### `NET_NTP_1`=""
147 Set the IP address for the first NTP server.
147 Set the IP address for the first NTP server.
148
148
149 ##### `NET_NTP_2`=""
149 ##### `NET_NTP_2`=""
150 Set the IP address for the second NTP server.
150 Set the IP address for the second NTP server.
151
151
152 ---
152 ---
153
153
154 #### Basic system features:
154 #### Basic system features:
155 ##### `ENABLE_CONSOLE`=true
155 ##### `ENABLE_CONSOLE`=true
156 Enable serial console interface. Recommended if no monitor or keyboard is connected to the RPi2/3. In case of problems fe. if the network (auto) configuration failed - the serial console can be used to access the system. On RPI `0` `3` `3P` the CPU speed is locked at lowest speed.
156 Enable serial console interface. Recommended if no monitor or keyboard is connected to the RPi2/3. In case of problems fe. if the network (auto) configuration failed - the serial console can be used to access the system. On RPI `0` `3` `3P` the CPU speed is locked at lowest speed.
157
157
158 ##### `ENABLE_PRINTK`=false
158 ##### `ENABLE_PRINTK`=false
159 Enables printing kernel messages to konsole. printk is `3 4 1 3` as in raspbian.
159 Enables printing kernel messages to konsole. printk is `3 4 1 3` as in raspbian.
160
160
161 ##### `ENABLE_BLUETOOTH`=false
161 ##### `ENABLE_BLUETOOTH`=false
162 Enable onboard Bluetooth interface on the RPi0/3/3P. See: https://spellfoundry.com/2016/05/29/configuring-gpio-serial-port-raspbian-jessie-including-pi-3/
162 Enable onboard Bluetooth interface on the RPi0/3/3P. See: https://spellfoundry.com/2016/05/29/configuring-gpio-serial-port-raspbian-jessie-including-pi-3/
163
163
164 ##### `ENABLE_MINIUART_OVERLAY`=false
164 ##### `ENABLE_MINIUART_OVERLAY`=false
165 Enable Bluetooth to use this. Adds overlay to swap UART0 with UART1. Enabling (slower) Bluetooth and full speed serial console. - RPI `0` `3` `3P` have a fast `hardware UART0` (ttyAMA0) and a `mini UART1` (ttyS0)! RPI `1` `1P` `2` only have a `hardware UART0`. `UART0` is considered better, because is faster and more stable than `mini UART1`. By default the Bluetooth modem is mapped to the `hardware UART0` and `mini UART` is used for console. The `mini UART` is a problem for the serial console, because its baudrate depends on the cpu frequency, which is changing on runtime. Resulting in a volatile baudrate and thus in an unusable serial console.
165 Enable Bluetooth to use this. Adds overlay to swap UART0 with UART1. Enabling (slower) Bluetooth and full speed serial console. - RPI `0` `3` `3P` have a fast `hardware UART0` (ttyAMA0) and a `mini UART1` (ttyS0)! RPI `1` `1P` `2` only have a `hardware UART0`. `UART0` is considered better, because is faster and more stable than `mini UART1`. By default the Bluetooth modem is mapped to the `hardware UART0` and `mini UART` is used for console. The `mini UART` is a problem for the serial console, because its baudrate depends on the cpu frequency, which is changing on runtime. Resulting in a volatile baudrate and thus in an unusable serial console.
166
166
167 ##### `ENABLE_TURBO`=false
167 ##### `ENABLE_TURBO`=false
168 VOIDS WARRANTY! Enable Turbo mode - NO overclocking. This setting locks cpu at highest frequency. As setting ENABLE_CONSOLE=true locks RPI to lowest CPU speed, this is can be used additionally to lock cpu hat max speed. Need a good power supply and probably cooling for the Raspberry PI.
168 VOIDS WARRANTY! Enable Turbo mode - NO overclocking. This setting locks cpu at highest frequency. As setting ENABLE_CONSOLE=true locks RPI to lowest CPU speed, this is can be used additionally to lock cpu hat max speed. Need a good power supply and probably cooling for the Raspberry PI.
169
169
170 ##### `ENABLE_I2C`=false
170 ##### `ENABLE_I2C`=false
171 Enable I2C interface on the RPi2/3. Please check the [RPi2/3 pinout diagrams](https://elinux.org/RPi_Low-level_peripherals) to connect the right GPIO pins.
171 Enable I2C interface on the RPi2/3. Please check the [RPi2/3 pinout diagrams](https://elinux.org/RPi_Low-level_peripherals) to connect the right GPIO pins.
172
172
173 ##### `ENABLE_SPI`=false
173 ##### `ENABLE_SPI`=false
174 Enable SPI interface on the RPi2/3. Please check the [RPi2/3 pinout diagrams](https://elinux.org/RPi_Low-level_peripherals) to connect the right GPIO pins.
174 Enable SPI interface on the RPi2/3. Please check the [RPi2/3 pinout diagrams](https://elinux.org/RPi_Low-level_peripherals) to connect the right GPIO pins.
175
175
176 ##### `ENABLE_IPV6`=true
176 ##### `ENABLE_IPV6`=true
177 Enable IPv6 support. The network interface configuration is managed via systemd-networkd.
177 Enable IPv6 support. The network interface configuration is managed via systemd-networkd.
178
178
179 ##### `ENABLE_SSHD`=true
179 ##### `ENABLE_SSHD`=true
180 Install and enable OpenSSH service. The default configuration of the service doesn't allow `root` to login. Please use the user `pi` instead and `su -` or `sudo` to execute commands as root.
180 Install and enable OpenSSH service. The default configuration of the service doesn't allow `root` to login. Please use the user `pi` instead and `su -` or `sudo` to execute commands as root.
181
181
182 ##### `ENABLE_NONFREE`=false
182 ##### `ENABLE_NONFREE`=false
183 Allow the installation of non-free Debian packages that do not comply with the DFSG. This is required to install closed-source firmware binary blobs.
183 Allow the installation of non-free Debian packages that do not comply with the DFSG. This is required to install closed-source firmware binary blobs.
184
184
185 ##### `ENABLE_WIRELESS`=false
185 ##### `ENABLE_WIRELESS`=false
186 Download and install the [closed-source firmware binary blob](https://github.com/RPi-Distro/firmware-nonfree/raw/master/brcm) that is required to run the internal wireless interface of the Raspberry Pi model `3`. This parameter is ignored if the specified `RPI_MODEL` is not `3`.
186 Download and install the [closed-source firmware binary blob](https://github.com/RPi-Distro/firmware-nonfree/raw/master/brcm) that is required to run the internal wireless interface of the Raspberry Pi model `3`. This parameter is ignored if the specified `RPI_MODEL` is not `3`.
187
187
188 ##### `ENABLE_RSYSLOG`=true
188 ##### `ENABLE_RSYSLOG`=true
189 If set to false, disable and uninstall rsyslog (so logs will be available only in journal files)
189 If set to false, disable and uninstall rsyslog (so logs will be available only in journal files)
190
190
191 ##### `ENABLE_SOUND`=true
191 ##### `ENABLE_SOUND`=true
192 Enable sound hardware and install Advanced Linux Sound Architecture.
192 Enable sound hardware and install Advanced Linux Sound Architecture.
193
193
194 ##### `ENABLE_HWRANDOM`=true
194 ##### `ENABLE_HWRANDOM`=true
195 Enable Hardware Random Number Generator. Strong random numbers are important for most network based communications that use encryption. It's recommended to be enabled.
195 Enable Hardware Random Number Generator. Strong random numbers are important for most network based communications that use encryption. It's recommended to be enabled.
196
196
197 ##### `ENABLE_MINGPU`=false
197 ##### `ENABLE_MINGPU`=false
198 Minimize the amount of shared memory reserved for the GPU. It doesn't seem to be possible to fully disable the GPU.
198 Minimize the amount of shared memory reserved for the GPU. It doesn't seem to be possible to fully disable the GPU.
199
199
200 ##### `ENABLE_DBUS`=true
200 ##### `ENABLE_DBUS`=true
201 Install and enable D-Bus message bus. Please note that systemd should work without D-bus but it's recommended to be enabled.
201 Install and enable D-Bus message bus. Please note that systemd should work without D-bus but it's recommended to be enabled.
202
202
203 ##### `ENABLE_XORG`=false
203 ##### `ENABLE_XORG`=false
204 Install Xorg open-source X Window System.
204 Install Xorg open-source X Window System.
205
205
206 ##### `ENABLE_WM`=""
206 ##### `ENABLE_WM`=""
207 Install a user defined window manager for the X Window System. To make sure all X related package dependencies are getting installed `ENABLE_XORG` will automatically get enabled if `ENABLE_WM` is used. The `rpi23-gen-image.sh` script has been tested with the following list of window managers: `blackbox`, `openbox`, `fluxbox`, `jwm`, `dwm`, `xfce4`, `awesome`.
207 Install a user defined window manager for the X Window System. To make sure all X related package dependencies are getting installed `ENABLE_XORG` will automatically get enabled if `ENABLE_WM` is used. The `rpi23-gen-image.sh` script has been tested with the following list of window managers: `blackbox`, `openbox`, `fluxbox`, `jwm`, `dwm`, `xfce4`, `awesome`.
208
208
209 ##### `ENABLE_SYSVINIT`=false
209 ##### `ENABLE_SYSVINIT`=false
210 Support for halt,init,poweroff,reboot,runlevel,shutdown,telinit commands
210 Support for halt,init,poweroff,reboot,runlevel,shutdown,telinit commands
211
211
212 ---
212 ---
213
213
214 #### Advanced system features:
214 #### Advanced system features:
215 ##### `ENABLE_SYSTEMDSWAP`=false
216 Enables [Systemd-swap service](https://github.com/Nefelim4ag/systemd-swap). Usefull if `KERNEL_ZSWAP` is enabled.
217
215 ##### `ENABLE_MINBASE`=false
218 ##### `ENABLE_MINBASE`=false
216 Use debootstrap script variant `minbase` which only includes essential packages and apt. This will reduce the disk usage by about 65 MB.
219 Use debootstrap script variant `minbase` which only includes essential packages and apt. This will reduce the disk usage by about 65 MB.
217
220
218 ##### `ENABLE_REDUCE`=false
221 ##### `ENABLE_REDUCE`=false
219 Reduce the disk space usage by deleting packages and files. See `REDUCE_*` parameters for detailed information.
222 Reduce the disk space usage by deleting packages and files. See `REDUCE_*` parameters for detailed information.
220
223
221 ##### `ENABLE_UBOOT`=false
224 ##### `ENABLE_UBOOT`=false
222 Replace the default RPi2/3 second stage bootloader (bootcode.bin) with [U-Boot bootloader](https://git.denx.de/?p=u-boot.git;a=summary). U-Boot can boot images via the network using the BOOTP/TFTP protocol.
225 Replace the default RPi2/3 second stage bootloader (bootcode.bin) with [U-Boot bootloader](https://git.denx.de/?p=u-boot.git;a=summary). U-Boot can boot images via the network using the BOOTP/TFTP protocol.
223
226
224 ##### `UBOOTSRC_DIR`=""
227 ##### `UBOOTSRC_DIR`=""
225 Path to a directory (`u-boot`) of [U-Boot bootloader sources](https://git.denx.de/?p=u-boot.git;a=summary) that will be copied, configured, build and installed inside the chroot.
228 Path to a directory (`u-boot`) of [U-Boot bootloader sources](https://git.denx.de/?p=u-boot.git;a=summary) that will be copied, configured, build and installed inside the chroot.
226
229
227 ##### `ENABLE_FBTURBO`=false
230 ##### `ENABLE_FBTURBO`=false
228 Install and enable the [hardware accelerated Xorg video driver](https://github.com/ssvb/xf86-video-fbturbo) `fbturbo`. Please note that this driver is currently limited to hardware accelerated window moving and scrolling.
231 Install and enable the [hardware accelerated Xorg video driver](https://github.com/ssvb/xf86-video-fbturbo) `fbturbo`. Please note that this driver is currently limited to hardware accelerated window moving and scrolling.
229
232
230 ##### `FBTURBOSRC_DIR`=""
233 ##### `FBTURBOSRC_DIR`=""
231 Path to a directory (`xf86-video-fbturbo`) of [hardware accelerated Xorg video driver sources](https://github.com/ssvb/xf86-video-fbturbo) that will be copied, configured, build and installed inside the chroot.
234 Path to a directory (`xf86-video-fbturbo`) of [hardware accelerated Xorg video driver sources](https://github.com/ssvb/xf86-video-fbturbo) that will be copied, configured, build and installed inside the chroot.
232
235
233 ##### `ENABLE_VIDEOCORE`=false
236 ##### `ENABLE_VIDEOCORE`=false
234 Install and enable the [Source code for ARM side libraries for interfacing to Raspberry Pi GPU](https://github.com/raspberrypi/userland) `vcgencmd`. Please note that this driver is currently limited to hardware accelerated window moving and scrolling.
237 Install and enable the [Source code for ARM side libraries for interfacing to Raspberry Pi GPU](https://github.com/raspberrypi/userland) `vcgencmd`. Please note that this driver is currently limited to hardware accelerated window moving and scrolling.
235
238
236 ##### `VIDEOCORESRC_DIR`=""
239 ##### `VIDEOCORESRC_DIR`=""
237 Path to a directory (`userland`) of [Source code for a C-based firmware patching framework for Broadcom/Cypress WiFi chips that enables you to write your own firmware patches, for example, to enable monitor mode with radiotap headers and frame injection](https://github.com/seemoo-lab/nexmon.git) that will be copied, configured, build and installed inside the chroot.
240 Path to a directory (`userland`) of [Source code for a C-based firmware patching framework for Broadcom/Cypress WiFi chips that enables you to write your own firmware patches, for example, to enable monitor mode with radiotap headers and frame injection](https://github.com/seemoo-lab/nexmon.git) that will be copied, configured, build and installed inside the chroot.
238
241
239 ##### `ENABLE_NEXMON`=false
242 ##### `ENABLE_NEXMON`=false
240 Install and enable the [Source code for a C-based firmware patching framework for Broadcom/Cypress WiFi chips that enables you to write your own firmware patches, for example, to enable monitor mode with radiotap headers and frame injection](https://github.com/seemoo-lab/nexmon.git).
243 Install and enable the [Source code for a C-based firmware patching framework for Broadcom/Cypress WiFi chips that enables you to write your own firmware patches, for example, to enable monitor mode with radiotap headers and frame injection](https://github.com/seemoo-lab/nexmon.git).
241
244
242 ##### `NEXMON_DIR`=""
245 ##### `NEXMON_DIR`=""
243 Path to a directory (`nexmon`) of [Source code for ARM side libraries for interfacing to Raspberry Pi GPU](https://github.com/raspberrypi/userland) that will be copied, configured, build and installed inside the chroot.
246 Path to a directory (`nexmon`) of [Source code for ARM side libraries for interfacing to Raspberry Pi GPU](https://github.com/raspberrypi/userland) that will be copied, configured, build and installed inside the chroot.
244
247
245 ##### `ENABLE_IPTABLES`=false
248 ##### `ENABLE_IPTABLES`=false
246 Enable iptables IPv4/IPv6 firewall. Simplified ruleset: Allow all outgoing connections. Block all incoming connections except to OpenSSH service.
249 Enable iptables IPv4/IPv6 firewall. Simplified ruleset: Allow all outgoing connections. Block all incoming connections except to OpenSSH service.
247
250
248 ##### `ENABLE_USER`=true
251 ##### `ENABLE_USER`=true
249 Create non-root user with password `USER_PASSWORD`=raspberry. Unless overridden with `USER_NAME`=user, username will be `pi`.
252 Create non-root user with password `USER_PASSWORD`=raspberry. Unless overridden with `USER_NAME`=user, username will be `pi`.
250
253
251 ##### `USER_NAME`=pi
254 ##### `USER_NAME`=pi
252 Non-root user to create. Ignored if `ENABLE_USER`=false
255 Non-root user to create. Ignored if `ENABLE_USER`=false
253
256
254 ##### `ENABLE_ROOT`=false
257 ##### `ENABLE_ROOT`=false
255 Set root user password so root login will be enabled
258 Set root user password so root login will be enabled
256
259
257 ##### `ENABLE_HARDNET`=false
260 ##### `ENABLE_HARDNET`=false
258 Enable IPv4/IPv6 network stack hardening settings.
261 Enable IPv4/IPv6 network stack hardening settings.
259
262
260 ##### `ENABLE_SPLITFS`=false
263 ##### `ENABLE_SPLITFS`=false
261 Enable having root partition on an USB drive by creating two image files: one for the `/boot/firmware` mount point, and another for `/`.
264 Enable having root partition on an USB drive by creating two image files: one for the `/boot/firmware` mount point, and another for `/`.
262
265
263 ##### `CHROOT_SCRIPTS`=""
266 ##### `CHROOT_SCRIPTS`=""
264 Path to a directory with scripts that should be run in the chroot before the image is finally built. Every executable file in this directory is run in lexicographical order.
267 Path to a directory with scripts that should be run in the chroot before the image is finally built. Every executable file in this directory is run in lexicographical order.
265
268
266 ##### `ENABLE_INITRAMFS`=false
269 ##### `ENABLE_INITRAMFS`=false
267 Create an initramfs that that will be loaded during the Linux startup process. `ENABLE_INITRAMFS` will automatically get enabled if `ENABLE_CRYPTFS`=true. This parameter will be ignored if `BUILD_KERNEL`=false.
270 Create an initramfs that that will be loaded during the Linux startup process. `ENABLE_INITRAMFS` will automatically get enabled if `ENABLE_CRYPTFS`=true. This parameter will be ignored if `BUILD_KERNEL`=false.
268
271
269 ##### `ENABLE_IFNAMES`=true
272 ##### `ENABLE_IFNAMES`=true
270 Enable automatic assignment of predictable, stable network interface names for all local Ethernet, WLAN interfaces. This might create complex and long interface names.
273 Enable automatic assignment of predictable, stable network interface names for all local Ethernet, WLAN interfaces. This might create complex and long interface names.
271
274
272 ##### `DISABLE_UNDERVOLT_WARNINGS`=
275 ##### `DISABLE_UNDERVOLT_WARNINGS`=
273 Disable RPi2/3 under-voltage warnings and overlays. Setting the parameter to `1` will disable the warning overlay. Setting it to `2` will additionally allow RPi2/3 turbo mode when low-voltage is present.
276 Disable RPi2/3 under-voltage warnings and overlays. Setting the parameter to `1` will disable the warning overlay. Setting it to `2` will additionally allow RPi2/3 turbo mode when low-voltage is present.
274
277
275 ---
278 ---
276
279
277 #### SSH settings:
280 #### SSH settings:
278 ##### `SSH_ENABLE_ROOT`=false
281 ##### `SSH_ENABLE_ROOT`=false
279 Enable password root login via SSH. This may be a security risk with default password, use only in trusted environments. `ENABLE_ROOT` must be set to `true`.
282 Enable password root login via SSH. This may be a security risk with default password, use only in trusted environments. `ENABLE_ROOT` must be set to `true`.
280
283
281 ##### `SSH_DISABLE_PASSWORD_AUTH`=false
284 ##### `SSH_DISABLE_PASSWORD_AUTH`=false
282 Disable password based SSH authentication. Only public key based SSH (v2) authentication will be supported.
285 Disable password based SSH authentication. Only public key based SSH (v2) authentication will be supported.
283
286
284 ##### `SSH_LIMIT_USERS`=false
287 ##### `SSH_LIMIT_USERS`=false
285 Limit the users that are allowed to login via SSH. Only allow user `USER_NAME`=pi and root if `SSH_ENABLE_ROOT`=true to login. This parameter will be ignored if `dropbear` SSH is used (`REDUCE_SSHD`=true).
288 Limit the users that are allowed to login via SSH. Only allow user `USER_NAME`=pi and root if `SSH_ENABLE_ROOT`=true to login. This parameter will be ignored if `dropbear` SSH is used (`REDUCE_SSHD`=true).
286
289
287 ##### `SSH_ROOT_PUB_KEY`=""
290 ##### `SSH_ROOT_PUB_KEY`=""
288 Add SSH (v2) public key(s) from specified file to `authorized_keys` file to enable public key based SSH (v2) authentication of user `root`. The specified file can also contain multiple SSH (v2) public keys. SSH protocol version 1 is not supported. `ENABLE_ROOT` **and** `SSH_ENABLE_ROOT` must be set to `true`.
291 Add SSH (v2) public key(s) from specified file to `authorized_keys` file to enable public key based SSH (v2) authentication of user `root`. The specified file can also contain multiple SSH (v2) public keys. SSH protocol version 1 is not supported. `ENABLE_ROOT` **and** `SSH_ENABLE_ROOT` must be set to `true`.
289
292
290 ##### `SSH_USER_PUB_KEY`=""
293 ##### `SSH_USER_PUB_KEY`=""
291 Add SSH (v2) public key(s) from specified file to `authorized_keys` file to enable public key based SSH (v2) authentication of user `USER_NAME`=pi. The specified file can also contain multiple SSH (v2) public keys. SSH protocol version 1 is not supported.
294 Add SSH (v2) public key(s) from specified file to `authorized_keys` file to enable public key based SSH (v2) authentication of user `USER_NAME`=pi. The specified file can also contain multiple SSH (v2) public keys. SSH protocol version 1 is not supported.
292
295
293 ---
296 ---
294
297
295 #### Kernel compilation:
298 #### Kernel compilation:
296 ##### `BUILD_KERNEL`=true
299 ##### `BUILD_KERNEL`=true
297 Build and install the latest RPi2/3 Linux kernel. Currently only the default RPi2/3 kernel configuration is used.
300 Build and install the latest RPi2/3 Linux kernel. Currently only the default RPi2/3 kernel configuration is used.
298
301
299 ##### `CROSS_COMPILE`="arm-linux-gnueabihf-"
302 ##### `CROSS_COMPILE`="arm-linux-gnueabihf-"
300 This sets the cross compile enviornment for the compiler.
303 This sets the cross compile enviornment for the compiler.
301
304
302 ##### `KERNEL_ARCH`="arm"
305 ##### `KERNEL_ARCH`="arm"
303 This sets the kernel architecture for the compiler.
306 This sets the kernel architecture for the compiler.
304
307
305 ##### `KERNEL_IMAGE`="kernel7.img"
308 ##### `KERNEL_IMAGE`="kernel7.img"
306 Name of the image file in the boot partition. If not set, `KERNEL_IMAGE` will be set to "kernel8.img" automatically if building for arm64.
309 Name of the image file in the boot partition. If not set, `KERNEL_IMAGE` will be set to "kernel8.img" automatically if building for arm64.
307
310
308 ##### `KERNEL_BRANCH`=""
311 ##### `KERNEL_BRANCH`=""
309 Name of the requested branch from the GIT location for the RPi Kernel. Default is using the current default branch from the GIT site.
312 Name of the requested branch from the GIT location for the RPi Kernel. Default is using the current default branch from the GIT site.
310
313
311 ##### `QEMU_BINARY`="/usr/bin/qemu-arm-static"
314 ##### `QEMU_BINARY`="/usr/bin/qemu-arm-static"
312 Sets the QEMU enviornment for the Debian archive. If not set, `QEMU_BINARY` will be set to "/usr/bin/qemu-aarch64-static" automatically if building for arm64.
315 Sets the QEMU enviornment for the Debian archive. If not set, `QEMU_BINARY` will be set to "/usr/bin/qemu-aarch64-static" automatically if building for arm64.
313
316
314 ##### `KERNEL_DEFCONFIG`="bcm2709_defconfig"
317 ##### `KERNEL_DEFCONFIG`="bcm2709_defconfig"
315 Sets the default config for kernel compiling. If not set, `KERNEL_DEFCONFIG` will be set to "bcmrpi3\_defconfig" automatically if building for arm64.
318 Sets the default config for kernel compiling. If not set, `KERNEL_DEFCONFIG` will be set to "bcmrpi3\_defconfig" automatically if building for arm64.
316
319
317 ##### `KERNEL_REDUCE`=false
320 ##### `KERNEL_REDUCE`=false
318 Reduce the size of the generated kernel by removing unwanted device, network and filesystem drivers (experimental).
321 Reduce the size of the generated kernel by removing unwanted device, network and filesystem drivers (experimental).
319
322
320 ##### `KERNEL_THREADS`=1
323 ##### `KERNEL_THREADS`=1
321 Number of parallel kernel building threads. If the parameter is left untouched the script will automatically determine the number of CPU cores to set the number of parallel threads to speed the kernel compilation.
324 Number of parallel kernel building threads. If the parameter is left untouched the script will automatically determine the number of CPU cores to set the number of parallel threads to speed the kernel compilation.
322
325
323 ##### `KERNEL_HEADERS`=true
326 ##### `KERNEL_HEADERS`=true
324 Install kernel headers with built kernel.
327 Install kernel headers with built kernel.
325
328
326 ##### `KERNEL_MENUCONFIG`=false
329 ##### `KERNEL_MENUCONFIG`=false
327 Start `make menuconfig` interactive menu-driven kernel configuration. The script will continue after `make menuconfig` was terminated.
330 Start `make menuconfig` interactive menu-driven kernel configuration. The script will continue after `make menuconfig` was terminated.
328
331
329 ##### `KERNEL_OLDDEFCONFIG`=false
332 ##### `KERNEL_OLDDEFCONFIG`=false
330 Run `make olddefconfig` to automatically set all new kernel configuration options to their recommended default values.
333 Run `make olddefconfig` to automatically set all new kernel configuration options to their recommended default values.
331
334
332 ##### `KERNEL_CCACHE`=false
335 ##### `KERNEL_CCACHE`=false
333 Compile the kernel using ccache. This speeds up kernel recompilation by caching previous compilations and detecting when the same compilation is being done again.
336 Compile the kernel using ccache. This speeds up kernel recompilation by caching previous compilations and detecting when the same compilation is being done again.
334
337
335 ##### `KERNEL_REMOVESRC`=true
338 ##### `KERNEL_REMOVESRC`=true
336 Remove all kernel sources from the generated OS image after it was built and installed.
339 Remove all kernel sources from the generated OS image after it was built and installed.
337
340
338 ##### `KERNELSRC_DIR`=""
341 ##### `KERNELSRC_DIR`=""
339 Path to a directory (`linux`) of [RaspberryPi Linux kernel sources](https://github.com/raspberrypi/linux) that will be copied, configured, build and installed inside the chroot.
342 Path to a directory (`linux`) of [RaspberryPi Linux kernel sources](https://github.com/raspberrypi/linux) that will be copied, configured, build and installed inside the chroot.
340
343
341 ##### `KERNELSRC_CLEAN`=false
344 ##### `KERNELSRC_CLEAN`=false
342 Clean the existing kernel sources directory `KERNELSRC_DIR` (using `make mrproper`) after it was copied to the chroot and before the compilation of the kernel has started. This parameter will be ignored if no `KERNELSRC_DIR` was specified or if `KERNELSRC_PREBUILT`=true.
345 Clean the existing kernel sources directory `KERNELSRC_DIR` (using `make mrproper`) after it was copied to the chroot and before the compilation of the kernel has started. This parameter will be ignored if no `KERNELSRC_DIR` was specified or if `KERNELSRC_PREBUILT`=true.
343
346
344 ##### `KERNELSRC_CONFIG`=true
347 ##### `KERNELSRC_CONFIG`=true
345 Run `make bcm2709_defconfig` (and optional `make menuconfig`) to configure the kernel sources before building. This parameter is automatically set to `true` if no existing kernel sources directory was specified using `KERNELSRC_DIR`. This parameter is ignored if `KERNELSRC_PREBUILT`=true.
348 Run `make bcm2709_defconfig` (and optional `make menuconfig`) to configure the kernel sources before building. This parameter is automatically set to `true` if no existing kernel sources directory was specified using `KERNELSRC_DIR`. This parameter is ignored if `KERNELSRC_PREBUILT`=true.
346
349
347 ##### `KERNELSRC_USRCONFIG`=""
350 ##### `KERNELSRC_USRCONFIG`=""
348 Copy own config file to kernel `.config`. If `KERNEL_MENUCONFIG`=true then running after copy.
351 Copy own config file to kernel `.config`. If `KERNEL_MENUCONFIG`=true then running after copy.
349
352
350 ##### `KERNELSRC_PREBUILT`=false
353 ##### `KERNELSRC_PREBUILT`=false
351 With this parameter set to true the script expects the existing kernel sources directory to be already successfully cross-compiled. The parameters `KERNELSRC_CLEAN`, `KERNELSRC_CONFIG`, `KERNELSRC_USRCONFIG` and `KERNEL_MENUCONFIG` are ignored and no kernel compilation tasks are performed.
354 With this parameter set to true the script expects the existing kernel sources directory to be already successfully cross-compiled. The parameters `KERNELSRC_CLEAN`, `KERNELSRC_CONFIG`, `KERNELSRC_USRCONFIG` and `KERNEL_MENUCONFIG` are ignored and no kernel compilation tasks are performed.
352
355
353 ##### `RPI_FIRMWARE_DIR`=""
356 ##### `RPI_FIRMWARE_DIR`=""
354 The directory (`firmware`) containing a local copy of the firmware from the [RaspberryPi firmware project](https://github.com/raspberrypi/firmware). Default is to download the latest firmware directly from the project.
357 The directory (`firmware`) containing a local copy of the firmware from the [RaspberryPi firmware project](https://github.com/raspberrypi/firmware). Default is to download the latest firmware directly from the project.
355
358
356 ##### `KERNEL_DEFAULT_GOV`="ONDEMAND"
359 ##### `KERNEL_DEFAULT_GOV`="ONDEMAND"
357 Set the default cpu governor at kernel compilation. Supported values are: PERFORMANCE POWERSAVE USERSPACE ONDEMAND CONSERVATIVE SCHEDUTIL
360 Set the default cpu governor at kernel compilation. Supported values are: PERFORMANCE POWERSAVE USERSPACE ONDEMAND CONSERVATIVE SCHEDUTIL
358
361
359 ##### `KERNEL_NF`=false
362 ##### `KERNEL_NF`=false
360 Enable Netfilter modules as kernel modules
363 Enable Netfilter modules as kernel modules
361
364
362 ##### `KERNEL_VIRT`=false
365 ##### `KERNEL_VIRT`=false
363 Enable Kernel KVM support (/dev/kvm)
366 Enable Kernel KVM support (/dev/kvm)
364
367
365 ##### `KERNEL_ZSWAP`=false
368 ##### `KERNEL_ZSWAP`=false
366 Enable Kernel Zswap support. Best use on high RAM load and mediocre CPU load usecases
369 Enable Kernel Zswap support. Best use on high RAM load and mediocre CPU load usecases
367
370
368 ##### `KERNEL_BPF`=true
371 ##### `KERNEL_BPF`=true
369 Allow attaching eBPF programs to a cgroup using the bpf syscall (CONFIG_BPF_SYSCALL CONFIG_CGROUP_BPF) [systemd compilations about it - File /lib/systemd/system/systemd-journald.server:36 configures an IP firewall (IPAddressDeny=all), but the local system does not support BPF/cgroup based firewalls]
372 Allow attaching eBPF programs to a cgroup using the bpf syscall (CONFIG_BPF_SYSCALL CONFIG_CGROUP_BPF) [systemd compilations about it - File /lib/systemd/system/systemd-journald.server:36 configures an IP firewall (IPAddressDeny=all), but the local system does not support BPF/cgroup based firewalls]
370
373
371 ---
374 ---
372
375
373 #### Reduce disk usage:
376 #### Reduce disk usage:
374 The following list of parameters is ignored if `ENABLE_REDUCE`=false.
377 The following list of parameters is ignored if `ENABLE_REDUCE`=false.
375
378
376 ##### `REDUCE_APT`=true
379 ##### `REDUCE_APT`=true
377 Configure APT to use compressed package repository lists and no package caching files.
380 Configure APT to use compressed package repository lists and no package caching files.
378
381
379 ##### `REDUCE_DOC`=true
382 ##### `REDUCE_DOC`=true
380 Remove all doc files (harsh). Configure APT to not include doc files on future `apt-get` package installations.
383 Remove all doc files (harsh). Configure APT to not include doc files on future `apt-get` package installations.
381
384
382 ##### `REDUCE_MAN`=true
385 ##### `REDUCE_MAN`=true
383 Remove all man pages and info files (harsh). Configure APT to not include man pages on future `apt-get` package installations.
386 Remove all man pages and info files (harsh). Configure APT to not include man pages on future `apt-get` package installations.
384
387
385 ##### `REDUCE_VIM`=false
388 ##### `REDUCE_VIM`=false
386 Replace `vim-tiny` package by `levee` a tiny vim clone.
389 Replace `vim-tiny` package by `levee` a tiny vim clone.
387
390
388 ##### `REDUCE_BASH`=false
391 ##### `REDUCE_BASH`=false
389 Remove `bash` package and switch to `dash` shell (experimental).
392 Remove `bash` package and switch to `dash` shell (experimental).
390
393
391 ##### `REDUCE_HWDB`=true
394 ##### `REDUCE_HWDB`=true
392 Remove PCI related hwdb files (experimental).
395 Remove PCI related hwdb files (experimental).
393
396
394 ##### `REDUCE_SSHD`=true
397 ##### `REDUCE_SSHD`=true
395 Replace `openssh-server` with `dropbear`.
398 Replace `openssh-server` with `dropbear`.
396
399
397 ##### `REDUCE_LOCALE`=true
400 ##### `REDUCE_LOCALE`=true
398 Remove all `locale` translation files.
401 Remove all `locale` translation files.
399
402
400 ---
403 ---
401
404
402 #### Encrypted root partition:
405 #### Encrypted root partition:
403 ##### `ENABLE_CRYPTFS`=false
406 ##### `ENABLE_CRYPTFS`=false
404 Enable full system encryption with dm-crypt. Setup a fully LUKS encrypted root partition (aes-xts-plain64:sha512) and generate required initramfs. The /boot directory will not be encrypted. This parameter will be ignored if `BUILD_KERNEL`=false. `ENABLE_CRYPTFS` is experimental. SSH-to-initramfs is currently not supported but will be soon - feel free to help.
407 Enable full system encryption with dm-crypt. Setup a fully LUKS encrypted root partition (aes-xts-plain64:sha512) and generate required initramfs. The /boot directory will not be encrypted. This parameter will be ignored if `BUILD_KERNEL`=false. `ENABLE_CRYPTFS` is experimental. SSH-to-initramfs is currently not supported but will be soon - feel free to help.
405
408
406 ##### `CRYPTFS_PASSWORD`=""
409 ##### `CRYPTFS_PASSWORD`=""
407 Set password of the encrypted root partition. This parameter is mandatory if `ENABLE_CRYPTFS`=true.
410 Set password of the encrypted root partition. This parameter is mandatory if `ENABLE_CRYPTFS`=true.
408
411
409 ##### `CRYPTFS_MAPPING`="secure"
412 ##### `CRYPTFS_MAPPING`="secure"
410 Set name of dm-crypt managed device-mapper mapping.
413 Set name of dm-crypt managed device-mapper mapping.
411
414
412 ##### `CRYPTFS_CIPHER`="aes-xts-plain64:sha512"
415 ##### `CRYPTFS_CIPHER`="aes-xts-plain64:sha512"
413 Set cipher specification string. `aes-xts*` ciphers are strongly recommended.
416 Set cipher specification string. `aes-xts*` ciphers are strongly recommended.
414
417
415 ##### `CRYPTFS_XTSKEYSIZE`=512
418 ##### `CRYPTFS_XTSKEYSIZE`=512
416 Sets key size in bits. The argument has to be a multiple of 8.
419 Sets key size in bits. The argument has to be a multiple of 8.
417
420
418 ##### `CRYPTFS_DROPBEAR`=false
421 ##### `CRYPTFS_DROPBEAR`=false
419 Enable Dropbear Initramfs support
422 Enable Dropbear Initramfs support
420
423
421 ##### `CRYPTFS_DROPBEAR_PUBKEY`=""
424 ##### `CRYPTFS_DROPBEAR_PUBKEY`=""
422 Provide path to dropbear Public RSA-OpenSSH Key
425 Provide path to dropbear Public RSA-OpenSSH Key
423
426
424 ---
427 ---
425
428
426 #### Build settings:
429 #### Build settings:
427 ##### `BASEDIR`=$(pwd)/images/${RELEASE}
430 ##### `BASEDIR`=$(pwd)/images/${RELEASE}
428 Set a path to a working directory used by the script to generate an image.
431 Set a path to a working directory used by the script to generate an image.
429
432
430 ##### `IMAGE_NAME`=${BASEDIR}/${DATE}-${KERNEL_ARCH}-${KERNEL_BRANCH}-rpi${RPI_MODEL}-${RELEASE}-${RELEASE_ARCH}
433 ##### `IMAGE_NAME`=${BASEDIR}/${DATE}-${KERNEL_ARCH}-${KERNEL_BRANCH}-rpi${RPI_MODEL}-${RELEASE}-${RELEASE_ARCH}
431 Set a filename for the output file(s). Note: the script will create $IMAGE_NAME.img if `ENABLE_SPLITFS`=false or $IMAGE_NAME-frmw.img and $IMAGE_NAME-root.img if `ENABLE_SPLITFS`=true. Note 2: If the KERNEL_BRANCH is not set, the word "CURRENT" is used.
434 Set a filename for the output file(s). Note: the script will create $IMAGE_NAME.img if `ENABLE_SPLITFS`=false or $IMAGE_NAME-frmw.img and $IMAGE_NAME-root.img if `ENABLE_SPLITFS`=true. Note 2: If the KERNEL_BRANCH is not set, the word "CURRENT" is used.
432
435
433 ## Understanding the script
436 ## Understanding the script
434 The functions of this script that are required for the different stages of the bootstrapping are split up into single files located inside the `bootstrap.d` directory. During the bootstrapping every script in this directory gets executed in lexicographical order:
437 The functions of this script that are required for the different stages of the bootstrapping are split up into single files located inside the `bootstrap.d` directory. During the bootstrapping every script in this directory gets executed in lexicographical order:
435
438
436 | Script | Description |
439 | Script | Description |
437 | --- | --- |
440 | --- | --- |
438 | `10-bootstrap.sh` | Debootstrap basic system |
441 | `10-bootstrap.sh` | Debootstrap basic system |
439 | `11-apt.sh` | Setup APT repositories |
442 | `11-apt.sh` | Setup APT repositories |
440 | `12-locale.sh` | Setup Locales and keyboard settings |
443 | `12-locale.sh` | Setup Locales and keyboard settings |
441 | `13-kernel.sh` | Build and install RPi2/3 Kernel |
444 | `13-kernel.sh` | Build and install RPi2/3 Kernel |
442 | `14-fstab.sh` | Setup fstab and initramfs |
445 | `14-fstab.sh` | Setup fstab and initramfs |
443 | `15-rpi-config.sh` | Setup RPi2/3 config and cmdline |
446 | `15-rpi-config.sh` | Setup RPi2/3 config and cmdline |
444 | `20-networking.sh` | Setup Networking |
447 | `20-networking.sh` | Setup Networking |
445 | `21-firewall.sh` | Setup Firewall |
448 | `21-firewall.sh` | Setup Firewall |
446 | `30-security.sh` | Setup Users and Security settings |
449 | `30-security.sh` | Setup Users and Security settings |
447 | `31-logging.sh` | Setup Logging |
450 | `31-logging.sh` | Setup Logging |
448 | `32-sshd.sh` | Setup SSH and public keys |
451 | `32-sshd.sh` | Setup SSH and public keys |
449 | `41-uboot.sh` | Build and Setup U-Boot |
452 | `41-uboot.sh` | Build and Setup U-Boot |
450 | `42-fbturbo.sh` | Build and Setup fbturbo Xorg driver |
453 | `42-fbturbo.sh` | Build and Setup fbturbo Xorg driver |
451 | `50-firstboot.sh` | First boot actions |
454 | `50-firstboot.sh` | First boot actions |
452 | `99-reduce.sh` | Reduce the disk space usage |
455 | `99-reduce.sh` | Reduce the disk space usage |
453
456
454 All the required configuration files that will be copied to the generated OS image are located inside the `files` directory. It is not recommended to modify these configuration files manually.
457 All the required configuration files that will be copied to the generated OS image are located inside the `files` directory. It is not recommended to modify these configuration files manually.
455
458
456 | Directory | Description |
459 | Directory | Description |
457 | --- | --- |
460 | --- | --- |
458 | `apt` | APT management configuration files |
461 | `apt` | APT management configuration files |
459 | `boot` | Boot and RPi2/3 configuration files |
462 | `boot` | Boot and RPi2/3 configuration files |
460 | `dpkg` | Package Manager configuration |
463 | `dpkg` | Package Manager configuration |
461 | `etc` | Configuration files and rc scripts |
464 | `etc` | Configuration files and rc scripts |
462 | `firstboot` | Scripts that get executed on first boot |
465 | `firstboot` | Scripts that get executed on first boot |
463 | `initramfs` | Initramfs scripts |
466 | `initramfs` | Initramfs scripts |
464 | `iptables` | Firewall configuration files |
467 | `iptables` | Firewall configuration files |
465 | `locales` | Locales configuration |
468 | `locales` | Locales configuration |
466 | `modules` | Kernel Modules configuration |
469 | `modules` | Kernel Modules configuration |
467 | `mount` | Fstab configuration |
470 | `mount` | Fstab configuration |
468 | `network` | Networking configuration files |
471 | `network` | Networking configuration files |
469 | `sysctl.d` | Swapping and Network Hardening configuration |
472 | `sysctl.d` | Swapping and Network Hardening configuration |
470 | `xorg` | fbturbo Xorg driver configuration |
473 | `xorg` | fbturbo Xorg driver configuration |
471
474
472 ## Custom packages and scripts
475 ## Custom packages and scripts
473 Debian custom packages, i.e. those not in the debian repositories, can be installed by placing them in the `packages` directory. They are installed immediately after packages from the repositories are installed. Any dependencies listed in the custom packages will be downloaded automatically from the repositories. Do not list these custom packages in `APT_INCLUDES`.
476 Debian custom packages, i.e. those not in the debian repositories, can be installed by placing them in the `packages` directory. They are installed immediately after packages from the repositories are installed. Any dependencies listed in the custom packages will be downloaded automatically from the repositories. Do not list these custom packages in `APT_INCLUDES`.
474
477
475 Scripts in the custom.d directory will be executed after all other installation is complete but before the image is created.
478 Scripts in the custom.d directory will be executed after all other installation is complete but before the image is created.
476
479
477 ## Logging of the bootstrapping process
480 ## Logging of the bootstrapping process
478 All information related to the bootstrapping process and the commands executed by the `rpi23-gen-image.sh` script can easily be saved into a logfile. The common shell command `script` can be used for this purpose:
481 All information related to the bootstrapping process and the commands executed by the `rpi23-gen-image.sh` script can easily be saved into a logfile. The common shell command `script` can be used for this purpose:
479
482
480 ```shell
483 ```shell
481 script -c 'APT_SERVER=ftp.de.debian.org ./rpi23-gen-image.sh' ./build.log
484 script -c 'APT_SERVER=ftp.de.debian.org ./rpi23-gen-image.sh' ./build.log
482 ```
485 ```
483
486
484 ## Flashing the image file
487 ## Flashing the image file
485 After the image file was successfully created by the `rpi23-gen-image.sh` script it can be copied to the microSD card that will be used by the RPi2/3 computer. This can be performed by using the tools `bmaptool` or `dd`. Using `bmaptool` will probably speed-up the copy process because `bmaptool` copies more wisely than `dd`.
488 After the image file was successfully created by the `rpi23-gen-image.sh` script it can be copied to the microSD card that will be used by the RPi2/3 computer. This can be performed by using the tools `bmaptool` or `dd`. Using `bmaptool` will probably speed-up the copy process because `bmaptool` copies more wisely than `dd`.
486
489
487 ##### Flashing examples:
490 ##### Flashing examples:
488 ```shell
491 ```shell
489 bmaptool copy ./images/buster/2017-01-23-rpi3-buster.img /dev/mmcblk0
492 bmaptool copy ./images/buster/2017-01-23-rpi3-buster.img /dev/mmcblk0
490 dd bs=4M if=./images/buster/2017-01-23-rpi3-buster.img of=/dev/mmcblk0
493 dd bs=4M if=./images/buster/2017-01-23-rpi3-buster.img of=/dev/mmcblk0
491 ```
494 ```
492 If you have set `ENABLE_SPLITFS`, copy the `-frmw` image on the microSD card, then the `-root` one on the USB drive:
495 If you have set `ENABLE_SPLITFS`, copy the `-frmw` image on the microSD card, then the `-root` one on the USB drive:
493 ```shell
496 ```shell
494 bmaptool copy ./images/buster/2017-01-23-rpi3-buster-frmw.img /dev/mmcblk0
497 bmaptool copy ./images/buster/2017-01-23-rpi3-buster-frmw.img /dev/mmcblk0
495 bmaptool copy ./images/buster/2017-01-23-rpi3-buster-root.img /dev/sdc
498 bmaptool copy ./images/buster/2017-01-23-rpi3-buster-root.img /dev/sdc
496 ```
499 ```
497
500
498 ## QEMU emulation
501 ## QEMU emulation
499 Start QEMU full system emulation:
502 Start QEMU full system emulation:
500 ```shell
503 ```shell
501 qemu-system-arm -m 2048M -M vexpress-a15 -cpu cortex-a15 -kernel kernel7.img -no-reboot -dtb vexpress-v2p-ca15_a7.dtb -sd ${IMAGE_NAME}.qcow2 -append "root=/dev/mmcblk0p2 rw rootfstype=ext4 console=tty1"
504 qemu-system-arm -m 2048M -M vexpress-a15 -cpu cortex-a15 -kernel kernel7.img -no-reboot -dtb vexpress-v2p-ca15_a7.dtb -sd ${IMAGE_NAME}.qcow2 -append "root=/dev/mmcblk0p2 rw rootfstype=ext4 console=tty1"
502 ```
505 ```
503
506
504 Start QEMU full system emulation and output to console:
507 Start QEMU full system emulation and output to console:
505 ```shell
508 ```shell
506 qemu-system-arm -m 2048M -M vexpress-a15 -cpu cortex-a15 -kernel kernel7.img -no-reboot -dtb vexpress-v2p-ca15_a7.dtb -sd ${IMAGE_NAME}.qcow2 -append "root=/dev/mmcblk0p2 rw rootfstype=ext4 console=ttyAMA0,115200 init=/bin/systemd" -serial stdio
509 qemu-system-arm -m 2048M -M vexpress-a15 -cpu cortex-a15 -kernel kernel7.img -no-reboot -dtb vexpress-v2p-ca15_a7.dtb -sd ${IMAGE_NAME}.qcow2 -append "root=/dev/mmcblk0p2 rw rootfstype=ext4 console=ttyAMA0,115200 init=/bin/systemd" -serial stdio
507 ```
510 ```
508
511
509 Start QEMU full system emulation with SMP and output to console:
512 Start QEMU full system emulation with SMP and output to console:
510 ```shell
513 ```shell
511 qemu-system-arm -m 2048M -M vexpress-a15 -cpu cortex-a15 -smp cpus=2,maxcpus=2 -kernel kernel7.img -no-reboot -dtb vexpress-v2p-ca15_a7.dtb -sd ${IMAGE_NAME}.qcow2 -append "root=/dev/mmcblk0p2 rw rootfstype=ext4 console=ttyAMA0,115200 init=/bin/systemd" -serial stdio
514 qemu-system-arm -m 2048M -M vexpress-a15 -cpu cortex-a15 -smp cpus=2,maxcpus=2 -kernel kernel7.img -no-reboot -dtb vexpress-v2p-ca15_a7.dtb -sd ${IMAGE_NAME}.qcow2 -append "root=/dev/mmcblk0p2 rw rootfstype=ext4 console=ttyAMA0,115200 init=/bin/systemd" -serial stdio
512 ```
515 ```
513
516
514 Start QEMU full system emulation with cryptfs, initramfs and output to console:
517 Start QEMU full system emulation with cryptfs, initramfs and output to console:
515 ```shell
518 ```shell
516 qemu-system-arm -m 2048M -M vexpress-a15 -cpu cortex-a15 -kernel kernel7.img -no-reboot -dtb vexpress-v2p-ca15_a7.dtb -sd ${IMAGE_NAME}.qcow2 -initrd "initramfs-${KERNEL_VERSION}" -append "root=/dev/mapper/secure cryptdevice=/dev/mmcblk0p2:secure rw rootfstype=ext4 console=ttyAMA0,115200 init=/bin/systemd" -serial stdio
519 qemu-system-arm -m 2048M -M vexpress-a15 -cpu cortex-a15 -kernel kernel7.img -no-reboot -dtb vexpress-v2p-ca15_a7.dtb -sd ${IMAGE_NAME}.qcow2 -initrd "initramfs-${KERNEL_VERSION}" -append "root=/dev/mapper/secure cryptdevice=/dev/mmcblk0p2:secure rw rootfstype=ext4 console=ttyAMA0,115200 init=/bin/systemd" -serial stdio
517 ```
520 ```
518
521
519 ## External links and references
522 ## External links and references
520 * [Debian worldwide mirror sites](https://www.debian.org/mirror/list)
523 * [Debian worldwide mirror sites](https://www.debian.org/mirror/list)
521 * [Debian Raspberry Pi 2 Wiki](https://wiki.debian.org/RaspberryPi2)
524 * [Debian Raspberry Pi 2 Wiki](https://wiki.debian.org/RaspberryPi2)
522 * [Debian CrossToolchains Wiki](https://wiki.debian.org/CrossToolchains)
525 * [Debian CrossToolchains Wiki](https://wiki.debian.org/CrossToolchains)
523 * [Official Raspberry Pi Firmware on github](https://github.com/raspberrypi/firmware)
526 * [Official Raspberry Pi Firmware on github](https://github.com/raspberrypi/firmware)
524 * [Official Raspberry Pi Kernel on github](https://github.com/raspberrypi/linux)
527 * [Official Raspberry Pi Kernel on github](https://github.com/raspberrypi/linux)
525 * [U-BOOT git repository](https://git.denx.de/?p=u-boot.git;a=summary)
528 * [U-BOOT git repository](https://git.denx.de/?p=u-boot.git;a=summary)
526 * [Xorg DDX driver fbturbo](https://github.com/ssvb/xf86-video-fbturbo)
529 * [Xorg DDX driver fbturbo](https://github.com/ssvb/xf86-video-fbturbo)
527 * [RPi3 Wireless interface firmware](https://github.com/RPi-Distro/firmware-nonfree/tree/master/brcm80211/brcm)
530 * [RPi3 Wireless interface firmware](https://github.com/RPi-Distro/firmware-nonfree/tree/master/brcm80211/brcm)
528 * [Collabora RPi2 Kernel precompiled](https://repositories.collabora.co.uk/debian/)
531 * [Collabora RPi2 Kernel precompiled](https://repositories.collabora.co.uk/debian/)
@@ -1,448 +1,472
1 #
1 #
2 # Build and Setup RPi2/3 Kernel
2 # Build and Setup RPi2/3 Kernel
3 #
3 #
4
4
5 # Load utility functions
5 # Load utility functions
6 . ./functions.sh
6 . ./functions.sh
7
7
8 # Fetch and build latest raspberry kernel
8 # Fetch and build latest raspberry kernel
9 if [ "$BUILD_KERNEL" = true ] ; then
9 if [ "$BUILD_KERNEL" = true ] ; then
10 # Setup source directory
10 # Setup source directory
11 mkdir -p "${KERNEL_DIR}"
11 mkdir -p "${KERNEL_DIR}"
12
12
13 # Copy existing kernel sources into chroot directory
13 # Copy existing kernel sources into chroot directory
14 if [ -n "$KERNELSRC_DIR" ] && [ -d "$KERNELSRC_DIR" ] ; then
14 if [ -n "$KERNELSRC_DIR" ] && [ -d "$KERNELSRC_DIR" ] ; then
15 # Copy kernel sources and include hidden files
15 # Copy kernel sources and include hidden files
16 cp -r "${KERNELSRC_DIR}/". "${KERNEL_DIR}"
16 cp -r "${KERNELSRC_DIR}/". "${KERNEL_DIR}"
17
17
18 # Clean the kernel sources
18 # Clean the kernel sources
19 if [ "$KERNELSRC_CLEAN" = true ] && [ "$KERNELSRC_PREBUILT" = false ] ; then
19 if [ "$KERNELSRC_CLEAN" = true ] && [ "$KERNELSRC_PREBUILT" = false ] ; then
20 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" mrproper
20 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" mrproper
21 fi
21 fi
22 else # KERNELSRC_DIR=""
22 else # KERNELSRC_DIR=""
23 # Create temporary directory for kernel sources
23 # Create temporary directory for kernel sources
24 temp_dir=$(as_nobody mktemp -d)
24 temp_dir=$(as_nobody mktemp -d)
25
25
26 # Fetch current RPi2/3 kernel sources
26 # Fetch current RPi2/3 kernel sources
27 if [ -z "${KERNEL_BRANCH}" ] ; then
27 if [ -z "${KERNEL_BRANCH}" ] ; then
28 as_nobody -H git -C "${temp_dir}" clone --depth=1 "${KERNEL_URL}" linux
28 as_nobody -H git -C "${temp_dir}" clone --depth=1 "${KERNEL_URL}" linux
29 else
29 else
30 as_nobody -H git -C "${temp_dir}" clone --depth=1 --branch "${KERNEL_BRANCH}" "${KERNEL_URL}" linux
30 as_nobody -H git -C "${temp_dir}" clone --depth=1 --branch "${KERNEL_BRANCH}" "${KERNEL_URL}" linux
31 fi
31 fi
32
32
33 # Copy downloaded kernel sources
33 # Copy downloaded kernel sources
34 cp -r "${temp_dir}/linux/"* "${KERNEL_DIR}"
34 cp -r "${temp_dir}/linux/"* "${KERNEL_DIR}"
35
35
36 # Remove temporary directory for kernel sources
36 # Remove temporary directory for kernel sources
37 rm -fr "${temp_dir}"
37 rm -fr "${temp_dir}"
38
38
39 # Set permissions of the kernel sources
39 # Set permissions of the kernel sources
40 chown -R root:root "${R}/usr/src"
40 chown -R root:root "${R}/usr/src"
41 fi
41 fi
42
42
43 # Calculate optimal number of kernel building threads
43 # Calculate optimal number of kernel building threads
44 if [ "$KERNEL_THREADS" = "1" ] && [ -r /proc/cpuinfo ] ; then
44 if [ "$KERNEL_THREADS" = "1" ] && [ -r /proc/cpuinfo ] ; then
45 KERNEL_THREADS=$(grep -c processor /proc/cpuinfo)
45 KERNEL_THREADS=$(grep -c processor /proc/cpuinfo)
46 fi
46 fi
47
47
48 # Configure and build kernel
48 # Configure and build kernel
49 if [ "$KERNELSRC_PREBUILT" = false ] ; then
49 if [ "$KERNELSRC_PREBUILT" = false ] ; then
50 # Remove device, network and filesystem drivers from kernel configuration
50 # Remove device, network and filesystem drivers from kernel configuration
51 if [ "$KERNEL_REDUCE" = true ] ; then
51 if [ "$KERNEL_REDUCE" = true ] ; then
52 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" "${KERNEL_DEFCONFIG}"
52 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" "${KERNEL_DEFCONFIG}"
53 sed -i\
53 sed -i\
54 -e "s/\(^CONFIG_SND.*\=\).*/\1n/"\
54 -e "s/\(^CONFIG_SND.*\=\).*/\1n/"\
55 -e "s/\(^CONFIG_SOUND.*\=\).*/\1n/"\
55 -e "s/\(^CONFIG_SOUND.*\=\).*/\1n/"\
56 -e "s/\(^CONFIG_AC97.*\=\).*/\1n/"\
56 -e "s/\(^CONFIG_AC97.*\=\).*/\1n/"\
57 -e "s/\(^CONFIG_VIDEO_.*\=\).*/\1n/"\
57 -e "s/\(^CONFIG_VIDEO_.*\=\).*/\1n/"\
58 -e "s/\(^CONFIG_MEDIA_TUNER.*\=\).*/\1n/"\
58 -e "s/\(^CONFIG_MEDIA_TUNER.*\=\).*/\1n/"\
59 -e "s/\(^CONFIG_DVB.*\=\)[ym]/\1n/"\
59 -e "s/\(^CONFIG_DVB.*\=\)[ym]/\1n/"\
60 -e "s/\(^CONFIG_REISERFS.*\=\).*/\1n/"\
60 -e "s/\(^CONFIG_REISERFS.*\=\).*/\1n/"\
61 -e "s/\(^CONFIG_JFS.*\=\).*/\1n/"\
61 -e "s/\(^CONFIG_JFS.*\=\).*/\1n/"\
62 -e "s/\(^CONFIG_XFS.*\=\).*/\1n/"\
62 -e "s/\(^CONFIG_XFS.*\=\).*/\1n/"\
63 -e "s/\(^CONFIG_GFS2.*\=\).*/\1n/"\
63 -e "s/\(^CONFIG_GFS2.*\=\).*/\1n/"\
64 -e "s/\(^CONFIG_OCFS2.*\=\).*/\1n/"\
64 -e "s/\(^CONFIG_OCFS2.*\=\).*/\1n/"\
65 -e "s/\(^CONFIG_BTRFS.*\=\).*/\1n/"\
65 -e "s/\(^CONFIG_BTRFS.*\=\).*/\1n/"\
66 -e "s/\(^CONFIG_HFS.*\=\).*/\1n/"\
66 -e "s/\(^CONFIG_HFS.*\=\).*/\1n/"\
67 -e "s/\(^CONFIG_JFFS2.*\=\)[ym]/\1n/"\
67 -e "s/\(^CONFIG_JFFS2.*\=\)[ym]/\1n/"\
68 -e "s/\(^CONFIG_UBIFS.*\=\).*/\1n/"\
68 -e "s/\(^CONFIG_UBIFS.*\=\).*/\1n/"\
69 -e "s/\(^CONFIG_SQUASHFS.*\=\)[ym]/\1n/"\
69 -e "s/\(^CONFIG_SQUASHFS.*\=\)[ym]/\1n/"\
70 -e "s/\(^CONFIG_W1.*\=\)[ym]/\1n/"\
70 -e "s/\(^CONFIG_W1.*\=\)[ym]/\1n/"\
71 -e "s/\(^CONFIG_HAMRADIO.*\=\).*/\1n/"\
71 -e "s/\(^CONFIG_HAMRADIO.*\=\).*/\1n/"\
72 -e "s/\(^CONFIG_CAN.*\=\).*/\1n/"\
72 -e "s/\(^CONFIG_CAN.*\=\).*/\1n/"\
73 -e "s/\(^CONFIG_IRDA.*\=\).*/\1n/"\
73 -e "s/\(^CONFIG_IRDA.*\=\).*/\1n/"\
74 -e "s/\(^CONFIG_BT_.*\=\).*/\1n/"\
74 -e "s/\(^CONFIG_BT_.*\=\).*/\1n/"\
75 -e "s/\(^CONFIG_WIMAX.*\=\)[ym]/\1n/"\
75 -e "s/\(^CONFIG_WIMAX.*\=\)[ym]/\1n/"\
76 -e "s/\(^CONFIG_6LOWPAN.*\=\).*/\1n/"\
76 -e "s/\(^CONFIG_6LOWPAN.*\=\).*/\1n/"\
77 -e "s/\(^CONFIG_IEEE802154.*\=\).*/\1n/"\
77 -e "s/\(^CONFIG_IEEE802154.*\=\).*/\1n/"\
78 -e "s/\(^CONFIG_NFC.*\=\).*/\1n/"\
78 -e "s/\(^CONFIG_NFC.*\=\).*/\1n/"\
79 -e "s/\(^CONFIG_FB_TFT=.*\=\).*/\1n/"\
79 -e "s/\(^CONFIG_FB_TFT=.*\=\).*/\1n/"\
80 -e "s/\(^CONFIG_TOUCHSCREEN.*\=\).*/\1n/"\
80 -e "s/\(^CONFIG_TOUCHSCREEN.*\=\).*/\1n/"\
81 -e "s/\(^CONFIG_USB_GSPCA_.*\=\).*/\1n/"\
81 -e "s/\(^CONFIG_USB_GSPCA_.*\=\).*/\1n/"\
82 -e "s/\(^CONFIG_DRM.*\=\).*/\1n/"\
82 -e "s/\(^CONFIG_DRM.*\=\).*/\1n/"\
83 "${KERNEL_DIR}/.config"
83 "${KERNEL_DIR}/.config"
84 fi
84 fi
85
85
86 if [ "$KERNELSRC_CONFIG" = true ] ; then
86 if [ "$KERNELSRC_CONFIG" = true ] ; then
87 # Load default raspberry kernel configuration
87 # Load default raspberry kernel configuration
88 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" "${KERNEL_DEFCONFIG}"
88 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" "${KERNEL_DEFCONFIG}"
89
89
90 #Switch to KERNELSRC_DIR so we can use set_kernel_config
90 #Switch to KERNELSRC_DIR so we can use set_kernel_config
91 cd "${KERNEL_DIR}" || exit
91 cd "${KERNEL_DIR}" || exit
92
92
93 # enable ZSWAP see https://askubuntu.com/a/472227 or https://wiki.archlinux.org/index.php/zswap
93 # enable ZSWAP see https://askubuntu.com/a/472227 or https://wiki.archlinux.org/index.php/zswap
94 if [ "$KERNEL_ZSWAP" = true ] ; then
94 if [ "$KERNEL_ZSWAP" = true ] ; then
95 set_kernel_config CONFIG_ZPOOL y
95 set_kernel_config CONFIG_ZPOOL y
96 set_kernel_config CONFIG_ZSWAP y
96 set_kernel_config CONFIG_ZSWAP y
97 set_kernel_config CONFIG_ZBUD y
97 set_kernel_config CONFIG_ZBUD y
98 set_kernel_config CONFIG_Z3FOLD y
98 set_kernel_config CONFIG_Z3FOLD y
99 set_kernel_config CONFIG_ZSMALLOC y
99 set_kernel_config CONFIG_ZSMALLOC y
100 set_kernel_config CONFIG_PGTABLE_MAPPING y
100 set_kernel_config CONFIG_PGTABLE_MAPPING y
101 fi
101 fi
102
102
103 # enable basic KVM support; see https://www.raspberrypi.org/forums/viewtopic.php?f=63&t=210546&start=25#p1300453
103 # enable basic KVM support; see https://www.raspberrypi.org/forums/viewtopic.php?f=63&t=210546&start=25#p1300453
104 if [ "$KERNEL_VIRT" = true ] && { [ "$RPI_MODEL" = 2 ] || [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] ; } ; then
104 if [ "$KERNEL_VIRT" = true ] && { [ "$RPI_MODEL" = 2 ] || [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] ; } ; then
105 set_kernel_config CONFIG_VIRTUALIZATION y
105 set_kernel_config CONFIG_VIRTUALIZATION y
106 set_kernel_config CONFIG_KVM y
106 set_kernel_config CONFIG_KVM y
107 set_kernel_config CONFIG_VHOST_NET m
107 set_kernel_config CONFIG_VHOST_NET m
108 set_kernel_config CONFIG_VHOST_CROSS_ENDIAN_LEGACY y
108 set_kernel_config CONFIG_VHOST_CROSS_ENDIAN_LEGACY y
109 fi
109 fi
110
110
111 # Netfilter kernel support See https://github.com/raspberrypi/linux/issues/2177#issuecomment-354647406
111 # Netfilter kernel support See https://github.com/raspberrypi/linux/issues/2177#issuecomment-354647406
112 if [ "$KERNEL_NF" = true ] ; then
112 if [ "$KERNEL_NF" = true ] ; then
113 set_kernel_config CONFIG_IP_NF_TARGET_SYNPROXY m
113 set_kernel_config CONFIG_IP_NF_TARGET_SYNPROXY m
114 set_kernel_config CONFIG_NETFILTER_XT_MATCH_CGROUP m
114 set_kernel_config CONFIG_NETFILTER_XT_MATCH_CGROUP m
115 set_kernel_config CONFIG_NETFILTER_XT_MATCH_IPCOMP m
115 set_kernel_config CONFIG_NETFILTER_XT_MATCH_IPCOMP m
116 set_kernel_config CONFIG_NETFILTER_XT_MATCH_SOCKET m
116 set_kernel_config CONFIG_NETFILTER_XT_MATCH_SOCKET m
117 set_kernel_config CONFIG_NFT_FIB_INET m
117 set_kernel_config CONFIG_NFT_FIB_INET m
118 set_kernel_config CONFIG_NFT_FIB_IPV4 m
118 set_kernel_config CONFIG_NFT_FIB_IPV4 m
119 set_kernel_config CONFIG_NFT_FIB_IPV6 m
119 set_kernel_config CONFIG_NFT_FIB_IPV6 m
120 set_kernel_config CONFIG_NFT_FIB_NETDEV m
120 set_kernel_config CONFIG_NFT_FIB_NETDEV m
121 set_kernel_config CONFIG_NFT_OBJREF m
121 set_kernel_config CONFIG_NFT_OBJREF m
122 set_kernel_config CONFIG_NFT_RT m
122 set_kernel_config CONFIG_NFT_RT m
123 set_kernel_config CONFIG_NFT_SET_BITMAP m
123 set_kernel_config CONFIG_NFT_SET_BITMAP m
124 set_kernel_config CONFIG_NF_CONNTRACK_TIMEOUT y
124 set_kernel_config CONFIG_NF_CONNTRACK_TIMEOUT y
125 set_kernel_config CONFIG_NF_LOG_ARP m
125 set_kernel_config CONFIG_NF_LOG_ARP m
126 set_kernel_config CONFIG_NF_SOCKET_IPV4 m
126 set_kernel_config CONFIG_NF_SOCKET_IPV4 m
127 set_kernel_config CONFIG_NF_SOCKET_IPV6 m
127 set_kernel_config CONFIG_NF_SOCKET_IPV6 m
128 set_kernel_config CONFIG_BRIDGE_EBT_BROUTE m
128 set_kernel_config CONFIG_BRIDGE_EBT_BROUTE m
129 set_kernel_config CONFIG_BRIDGE_EBT_T_FILTER m
129 set_kernel_config CONFIG_BRIDGE_EBT_T_FILTER m
130 set_kernel_config CONFIG_BRIDGE_NF_EBTABLES m
130 set_kernel_config CONFIG_BRIDGE_NF_EBTABLES m
131 set_kernel_config CONFIG_IP6_NF_IPTABLES m
131 set_kernel_config CONFIG_IP6_NF_IPTABLES m
132 set_kernel_config CONFIG_IP6_NF_MATCH_AH m
132 set_kernel_config CONFIG_IP6_NF_MATCH_AH m
133 set_kernel_config CONFIG_IP6_NF_MATCH_EUI64 m
133 set_kernel_config CONFIG_IP6_NF_MATCH_EUI64 m
134 set_kernel_config CONFIG_IP6_NF_NAT m
134 set_kernel_config CONFIG_IP6_NF_NAT m
135 set_kernel_config CONFIG_IP6_NF_TARGET_MASQUERADE m
135 set_kernel_config CONFIG_IP6_NF_TARGET_MASQUERADE m
136 set_kernel_config CONFIG_IP6_NF_TARGET_NPT m
136 set_kernel_config CONFIG_IP6_NF_TARGET_NPT m
137 set_kernel_config CONFIG_IP_SET_BITMAP_IPMAC m
137 set_kernel_config CONFIG_IP_SET_BITMAP_IPMAC m
138 set_kernel_config CONFIG_IP_SET_BITMAP_PORT m
138 set_kernel_config CONFIG_IP_SET_BITMAP_PORT m
139 set_kernel_config CONFIG_IP_SET_HASH_IP m
139 set_kernel_config CONFIG_IP_SET_HASH_IP m
140 set_kernel_config CONFIG_IP_SET_HASH_IPMARK m
140 set_kernel_config CONFIG_IP_SET_HASH_IPMARK m
141 set_kernel_config CONFIG_IP_SET_HASH_IPPORT m
141 set_kernel_config CONFIG_IP_SET_HASH_IPPORT m
142 set_kernel_config CONFIG_IP_SET_HASH_IPPORTIP m
142 set_kernel_config CONFIG_IP_SET_HASH_IPPORTIP m
143 set_kernel_config CONFIG_IP_SET_HASH_IPPORTNET m
143 set_kernel_config CONFIG_IP_SET_HASH_IPPORTNET m
144 set_kernel_config CONFIG_IP_SET_HASH_MAC m
144 set_kernel_config CONFIG_IP_SET_HASH_MAC m
145 set_kernel_config CONFIG_IP_SET_HASH_NET m
145 set_kernel_config CONFIG_IP_SET_HASH_NET m
146 set_kernel_config CONFIG_IP_SET_HASH_NETIFACE m
146 set_kernel_config CONFIG_IP_SET_HASH_NETIFACE m
147 set_kernel_config CONFIG_IP_SET_HASH_NETNET m
147 set_kernel_config CONFIG_IP_SET_HASH_NETNET m
148 set_kernel_config CONFIG_IP_SET_HASH_NETPORT m
148 set_kernel_config CONFIG_IP_SET_HASH_NETPORT m
149 set_kernel_config CONFIG_IP_SET_HASH_NETPORTNET m
149 set_kernel_config CONFIG_IP_SET_HASH_NETPORTNET m
150 set_kernel_config CONFIG_IP_SET_LIST_SET m
150 set_kernel_config CONFIG_IP_SET_LIST_SET m
151 set_kernel_config CONFIG_NETFILTER_XTABLES m
151 set_kernel_config CONFIG_NETFILTER_XTABLES m
152 set_kernel_config CONFIG_NETFILTER_XTABLES m
152 set_kernel_config CONFIG_NETFILTER_XTABLES m
153 set_kernel_config CONFIG_NFT_BRIDGE_META m
153 set_kernel_config CONFIG_NFT_BRIDGE_META m
154 set_kernel_config CONFIG_NFT_BRIDGE_REJECT m
154 set_kernel_config CONFIG_NFT_BRIDGE_REJECT m
155 set_kernel_config CONFIG_NFT_CHAIN_NAT_IPV4 m
155 set_kernel_config CONFIG_NFT_CHAIN_NAT_IPV4 m
156 set_kernel_config CONFIG_NFT_CHAIN_NAT_IPV6 m
156 set_kernel_config CONFIG_NFT_CHAIN_NAT_IPV6 m
157 set_kernel_config CONFIG_NFT_CHAIN_ROUTE_IPV4 m
157 set_kernel_config CONFIG_NFT_CHAIN_ROUTE_IPV4 m
158 set_kernel_config CONFIG_NFT_CHAIN_ROUTE_IPV6 m
158 set_kernel_config CONFIG_NFT_CHAIN_ROUTE_IPV6 m
159 set_kernel_config CONFIG_NFT_COMPAT m
159 set_kernel_config CONFIG_NFT_COMPAT m
160 set_kernel_config CONFIG_NFT_COUNTER m
160 set_kernel_config CONFIG_NFT_COUNTER m
161 set_kernel_config CONFIG_NFT_CT m
161 set_kernel_config CONFIG_NFT_CT m
162 set_kernel_config CONFIG_NFT_DUP_IPV4 m
162 set_kernel_config CONFIG_NFT_DUP_IPV4 m
163 set_kernel_config CONFIG_NFT_DUP_IPV6 m
163 set_kernel_config CONFIG_NFT_DUP_IPV6 m
164 set_kernel_config CONFIG_NFT_DUP_NETDEV m
164 set_kernel_config CONFIG_NFT_DUP_NETDEV m
165 set_kernel_config CONFIG_NFT_EXTHDR m
165 set_kernel_config CONFIG_NFT_EXTHDR m
166 set_kernel_config CONFIG_NFT_FWD_NETDEV m
166 set_kernel_config CONFIG_NFT_FWD_NETDEV m
167 set_kernel_config CONFIG_NFT_HASH m
167 set_kernel_config CONFIG_NFT_HASH m
168 set_kernel_config CONFIG_NFT_LIMIT m
168 set_kernel_config CONFIG_NFT_LIMIT m
169 set_kernel_config CONFIG_NFT_LOG m
169 set_kernel_config CONFIG_NFT_LOG m
170 set_kernel_config CONFIG_NFT_MASQ m
170 set_kernel_config CONFIG_NFT_MASQ m
171 set_kernel_config CONFIG_NFT_MASQ_IPV4 m
171 set_kernel_config CONFIG_NFT_MASQ_IPV4 m
172 set_kernel_config CONFIG_NFT_MASQ_IPV6 m
172 set_kernel_config CONFIG_NFT_MASQ_IPV6 m
173 set_kernel_config CONFIG_NFT_META m
173 set_kernel_config CONFIG_NFT_META m
174 set_kernel_config CONFIG_NFT_NAT m
174 set_kernel_config CONFIG_NFT_NAT m
175 set_kernel_config CONFIG_NFT_NUMGEN m
175 set_kernel_config CONFIG_NFT_NUMGEN m
176 set_kernel_config CONFIG_NFT_QUEUE m
176 set_kernel_config CONFIG_NFT_QUEUE m
177 set_kernel_config CONFIG_NFT_QUOTA m
177 set_kernel_config CONFIG_NFT_QUOTA m
178 set_kernel_config CONFIG_NFT_REDIR m
178 set_kernel_config CONFIG_NFT_REDIR m
179 set_kernel_config CONFIG_NFT_REDIR_IPV4 m
179 set_kernel_config CONFIG_NFT_REDIR_IPV4 m
180 set_kernel_config CONFIG_NFT_REDIR_IPV6 m
180 set_kernel_config CONFIG_NFT_REDIR_IPV6 m
181 set_kernel_config CONFIG_NFT_REJECT m
181 set_kernel_config CONFIG_NFT_REJECT m
182 set_kernel_config CONFIG_NFT_REJECT_INET m
182 set_kernel_config CONFIG_NFT_REJECT_INET m
183 set_kernel_config CONFIG_NFT_REJECT_IPV4 m
183 set_kernel_config CONFIG_NFT_REJECT_IPV4 m
184 set_kernel_config CONFIG_NFT_REJECT_IPV6 m
184 set_kernel_config CONFIG_NFT_REJECT_IPV6 m
185 set_kernel_config CONFIG_NFT_SET_HASH m
185 set_kernel_config CONFIG_NFT_SET_HASH m
186 set_kernel_config CONFIG_NFT_SET_RBTREE m
186 set_kernel_config CONFIG_NFT_SET_RBTREE m
187 set_kernel_config CONFIG_NF_CONNTRACK_IPV4 m
187 set_kernel_config CONFIG_NF_CONNTRACK_IPV4 m
188 set_kernel_config CONFIG_NF_CONNTRACK_IPV6 m
188 set_kernel_config CONFIG_NF_CONNTRACK_IPV6 m
189 set_kernel_config CONFIG_NF_DEFRAG_IPV4 m
189 set_kernel_config CONFIG_NF_DEFRAG_IPV4 m
190 set_kernel_config CONFIG_NF_DEFRAG_IPV6 m
190 set_kernel_config CONFIG_NF_DEFRAG_IPV6 m
191 set_kernel_config CONFIG_NF_DUP_IPV4 m
191 set_kernel_config CONFIG_NF_DUP_IPV4 m
192 set_kernel_config CONFIG_NF_DUP_IPV6 m
192 set_kernel_config CONFIG_NF_DUP_IPV6 m
193 set_kernel_config CONFIG_NF_DUP_NETDEV m
193 set_kernel_config CONFIG_NF_DUP_NETDEV m
194 set_kernel_config CONFIG_NF_LOG_BRIDGE m
194 set_kernel_config CONFIG_NF_LOG_BRIDGE m
195 set_kernel_config CONFIG_NF_LOG_IPV4 m
195 set_kernel_config CONFIG_NF_LOG_IPV4 m
196 set_kernel_config CONFIG_NF_LOG_IPV6 m
196 set_kernel_config CONFIG_NF_LOG_IPV6 m
197 set_kernel_config CONFIG_NF_NAT_IPV4 m
197 set_kernel_config CONFIG_NF_NAT_IPV4 m
198 set_kernel_config CONFIG_NF_NAT_IPV6 m
198 set_kernel_config CONFIG_NF_NAT_IPV6 m
199 set_kernel_config CONFIG_NF_NAT_MASQUERADE_IPV4 m
199 set_kernel_config CONFIG_NF_NAT_MASQUERADE_IPV4 m
200 set_kernel_config CONFIG_NF_NAT_MASQUERADE_IPV6 m
200 set_kernel_config CONFIG_NF_NAT_MASQUERADE_IPV6 m
201 set_kernel_config CONFIG_NF_NAT_PPTP m
201 set_kernel_config CONFIG_NF_NAT_PPTP m
202 set_kernel_config CONFIG_NF_NAT_PROTO_GRE m
202 set_kernel_config CONFIG_NF_NAT_PROTO_GRE m
203 set_kernel_config CONFIG_NF_NAT_REDIRECT m
203 set_kernel_config CONFIG_NF_NAT_REDIRECT m
204 set_kernel_config CONFIG_NF_NAT_SIP m
204 set_kernel_config CONFIG_NF_NAT_SIP m
205 set_kernel_config CONFIG_NF_NAT_SNMP_BASIC m
205 set_kernel_config CONFIG_NF_NAT_SNMP_BASIC m
206 set_kernel_config CONFIG_NF_NAT_TFTP m
206 set_kernel_config CONFIG_NF_NAT_TFTP m
207 set_kernel_config CONFIG_NF_REJECT_IPV4 m
207 set_kernel_config CONFIG_NF_REJECT_IPV4 m
208 set_kernel_config CONFIG_NF_REJECT_IPV6 m
208 set_kernel_config CONFIG_NF_REJECT_IPV6 m
209 set_kernel_config CONFIG_NF_TABLES m
209 set_kernel_config CONFIG_NF_TABLES m
210 set_kernel_config CONFIG_NF_TABLES_ARP m
210 set_kernel_config CONFIG_NF_TABLES_ARP m
211 set_kernel_config CONFIG_NF_TABLES_BRIDGE m
211 set_kernel_config CONFIG_NF_TABLES_BRIDGE m
212 set_kernel_config CONFIG_NF_TABLES_INET m
212 set_kernel_config CONFIG_NF_TABLES_INET m
213 set_kernel_config CONFIG_NF_TABLES_IPV4 m
213 set_kernel_config CONFIG_NF_TABLES_IPV4 m
214 set_kernel_config CONFIG_NF_TABLES_IPV6 m
214 set_kernel_config CONFIG_NF_TABLES_IPV6 m
215 set_kernel_config CONFIG_NF_TABLES_NETDEV m
215 set_kernel_config CONFIG_NF_TABLES_NETDEV m
216 fi
216 fi
217
217
218 # Enables BPF syscall for systemd-journald see https://github.com/torvalds/linux/blob/master/init/Kconfig#L848 or https://groups.google.com/forum/#!topic/linux.gentoo.user/_2aSc_ztGpA
218 # Enables BPF syscall for systemd-journald see https://github.com/torvalds/linux/blob/master/init/Kconfig#L848 or https://groups.google.com/forum/#!topic/linux.gentoo.user/_2aSc_ztGpA
219 if [ "$KERNEL_BPF" = true ] ; then
219 if [ "$KERNEL_BPF" = true ] ; then
220 set_kernel_config CONFIG_BPF_SYSCALL y
220 set_kernel_config CONFIG_BPF_SYSCALL y
221 set_kernel_config CONFIG_BPF_EVENTS y
221 set_kernel_config CONFIG_BPF_EVENTS y
222 set_kernel_config CONFIG_BPF_STREAM_PARSER y
222 set_kernel_config CONFIG_BPF_STREAM_PARSER y
223 set_kernel_config CONFIG_CGROUP_BPF y
223 set_kernel_config CONFIG_CGROUP_BPF y
224 fi
224 fi
225
225
226 # KERNEL_DEFAULT_GOV was set by user
226 # KERNEL_DEFAULT_GOV was set by user
227 if ! [ "$KERNEL_DEFAULT_GOV" = POWERSAVE ] && [ -n "$KERNEL_DEFAULT_GOV" ]; then
227 if ! [ "$KERNEL_DEFAULT_GOV" = POWERSAVE ] && [ -n "$KERNEL_DEFAULT_GOV" ]; then
228 # unset default governor
228 # unset default governor
229 unset_kernel_config CONFIG_CPU_FREQ_DEFAULT_GOV_POWERSAVE
229 unset_kernel_config CONFIG_CPU_FREQ_DEFAULT_GOV_POWERSAVE
230
230
231 case "$KERNEL_DEFAULT_GOV" in
231 case "$KERNEL_DEFAULT_GOV" in
232 "PERFORMANCE")
232 "PERFORMANCE")
233 set_kernel_config CONFIG_CPU_FREQ_DEFAULT_GOV_PERFORMANCE y
233 set_kernel_config CONFIG_CPU_FREQ_DEFAULT_GOV_PERFORMANCE y
234 ;;
234 ;;
235 "USERSPACE")
235 "USERSPACE")
236 set_kernel_config CONFIG_CPU_FREQ_DEFAULT_GOV_USERSPACE y
236 set_kernel_config CONFIG_CPU_FREQ_DEFAULT_GOV_USERSPACE y
237 ;;
237 ;;
238 "ONDEMAND")
238 "ONDEMAND")
239 set_kernel_config CONFIG_CPU_FREQ_DEFAULT_GOV_ONDEMAND y
239 set_kernel_config CONFIG_CPU_FREQ_DEFAULT_GOV_ONDEMAND y
240 ;;
240 ;;
241 "CONSERVATIVE")
241 "CONSERVATIVE")
242 set_kernel_config CONFIG_CPU_FREQ_DEFAULT_GOV_CONSERVATIVE y
242 set_kernel_config CONFIG_CPU_FREQ_DEFAULT_GOV_CONSERVATIVE y
243 ;;
243 ;;
244 "CONSERVATIVE")
244 "CONSERVATIVE")
245 set_kernel_config CONFIG_CPU_FREQ_DEFAULT_GOV_SCHEDUTIL y
245 set_kernel_config CONFIG_CPU_FREQ_DEFAULT_GOV_SCHEDUTIL y
246 ;;
246 ;;
247 *)
247 *)
248 echo "error: unsupported default cpu governor"
248 echo "error: unsupported default cpu governor"
249 exit 1
249 exit 1
250 ;;
250 ;;
251 esac
251 esac
252 fi
252 fi
253
253
254
254
255
255
256 #Revert to previous directory
256 #Revert to previous directory
257 cd "${WORKDIR}" || exit
257 cd "${WORKDIR}" || exit
258
258
259 # Set kernel configuration parameters to enable qemu emulation
259 # Set kernel configuration parameters to enable qemu emulation
260 if [ "$ENABLE_QEMU" = true ] ; then
260 if [ "$ENABLE_QEMU" = true ] ; then
261 echo "CONFIG_FHANDLE=y" >> "${KERNEL_DIR}"/.config
261 echo "CONFIG_FHANDLE=y" >> "${KERNEL_DIR}"/.config
262 echo "CONFIG_LBDAF=y" >> "${KERNEL_DIR}"/.config
262 echo "CONFIG_LBDAF=y" >> "${KERNEL_DIR}"/.config
263
263
264 if [ "$ENABLE_CRYPTFS" = true ] ; then
264 if [ "$ENABLE_CRYPTFS" = true ] ; then
265 {
265 {
266 echo "CONFIG_EMBEDDED=y"
266 echo "CONFIG_EMBEDDED=y"
267 echo "CONFIG_EXPERT=y"
267 echo "CONFIG_EXPERT=y"
268 echo "CONFIG_DAX=y"
268 echo "CONFIG_DAX=y"
269 echo "CONFIG_MD=y"
269 echo "CONFIG_MD=y"
270 echo "CONFIG_BLK_DEV_MD=y"
270 echo "CONFIG_BLK_DEV_MD=y"
271 echo "CONFIG_MD_AUTODETECT=y"
271 echo "CONFIG_MD_AUTODETECT=y"
272 echo "CONFIG_BLK_DEV_DM=y"
272 echo "CONFIG_BLK_DEV_DM=y"
273 echo "CONFIG_BLK_DEV_DM_BUILTIN=y"
273 echo "CONFIG_BLK_DEV_DM_BUILTIN=y"
274 echo "CONFIG_DM_CRYPT=y"
274 echo "CONFIG_DM_CRYPT=y"
275 echo "CONFIG_CRYPTO_BLKCIPHER=y"
275 echo "CONFIG_CRYPTO_BLKCIPHER=y"
276 echo "CONFIG_CRYPTO_CBC=y"
276 echo "CONFIG_CRYPTO_CBC=y"
277 echo "CONFIG_CRYPTO_XTS=y"
277 echo "CONFIG_CRYPTO_XTS=y"
278 echo "CONFIG_CRYPTO_SHA512=y"
278 echo "CONFIG_CRYPTO_SHA512=y"
279 echo "CONFIG_CRYPTO_MANAGER=y"
279 echo "CONFIG_CRYPTO_MANAGER=y"
280 } >> "${KERNEL_DIR}"/.config
280 } >> "${KERNEL_DIR}"/.config
281 fi
281 fi
282 fi
282 fi
283
283
284 # Copy custom kernel configuration file
284 # Copy custom kernel configuration file
285 if [ -n "$KERNELSRC_USRCONFIG" ] ; then
285 if [ -n "$KERNELSRC_USRCONFIG" ] ; then
286 cp "$KERNELSRC_USRCONFIG" "${KERNEL_DIR}"/.config
286 cp "$KERNELSRC_USRCONFIG" "${KERNEL_DIR}"/.config
287 fi
287 fi
288
288
289 # Set kernel configuration parameters to their default values
289 # Set kernel configuration parameters to their default values
290 if [ "$KERNEL_OLDDEFCONFIG" = true ] ; then
290 if [ "$KERNEL_OLDDEFCONFIG" = true ] ; then
291 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" olddefconfig
291 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" olddefconfig
292 fi
292 fi
293
293
294 # Start menu-driven kernel configuration (interactive)
294 # Start menu-driven kernel configuration (interactive)
295 if [ "$KERNEL_MENUCONFIG" = true ] ; then
295 if [ "$KERNEL_MENUCONFIG" = true ] ; then
296 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" menuconfig
296 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" menuconfig
297 fi
297 fi
298 # end if "$KERNELSRC_CONFIG" = true
298 # end if "$KERNELSRC_CONFIG" = true
299 fi
299 fi
300
300
301 # Use ccache to cross compile the kernel
301 # Use ccache to cross compile the kernel
302 if [ "$KERNEL_CCACHE" = true ] ; then
302 if [ "$KERNEL_CCACHE" = true ] ; then
303 cc="ccache ${CROSS_COMPILE}gcc"
303 cc="ccache ${CROSS_COMPILE}gcc"
304 else
304 else
305 cc="${CROSS_COMPILE}gcc"
305 cc="${CROSS_COMPILE}gcc"
306 fi
306 fi
307
307
308 # Cross compile kernel and dtbs
308 # Cross compile kernel and dtbs
309 make -C "${KERNEL_DIR}" -j"${KERNEL_THREADS}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" CC="${cc}" "${KERNEL_BIN_IMAGE}" dtbs
309 make -C "${KERNEL_DIR}" -j"${KERNEL_THREADS}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" CC="${cc}" "${KERNEL_BIN_IMAGE}" dtbs
310
310
311 # Cross compile kernel modules
311 # Cross compile kernel modules
312 if grep -q "CONFIG_MODULES=y" "${KERNEL_DIR}/.config" ; then
312 if grep -q "CONFIG_MODULES=y" "${KERNEL_DIR}/.config" ; then
313 make -C "${KERNEL_DIR}" -j"${KERNEL_THREADS}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" CC="${cc}" modules
313 make -C "${KERNEL_DIR}" -j"${KERNEL_THREADS}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" CC="${cc}" modules
314 fi
314 fi
315 # end if "$KERNELSRC_PREBUILT" = false
315 # end if "$KERNELSRC_PREBUILT" = false
316 fi
316 fi
317
317
318 # Check if kernel compilation was successful
318 # Check if kernel compilation was successful
319 if [ ! -r "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/${KERNEL_BIN_IMAGE}" ] ; then
319 if [ ! -r "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/${KERNEL_BIN_IMAGE}" ] ; then
320 echo "error: kernel compilation failed! (kernel image not found)"
320 echo "error: kernel compilation failed! (kernel image not found)"
321 cleanup
321 cleanup
322 exit 1
322 exit 1
323 fi
323 fi
324
324
325 # Install kernel modules
325 # Install kernel modules
326 if [ "$ENABLE_REDUCE" = true ] ; then
326 if [ "$ENABLE_REDUCE" = true ] ; then
327 if grep -q "CONFIG_MODULES=y" "${KERNEL_DIR}/.config" ; then
327 if grep -q "CONFIG_MODULES=y" "${KERNEL_DIR}/.config" ; then
328 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_MOD_STRIP=1 INSTALL_MOD_PATH=../../.. modules_install
328 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_MOD_STRIP=1 INSTALL_MOD_PATH=../../.. modules_install
329 fi
329 fi
330 else
330 else
331 if grep -q "CONFIG_MODULES=y" "${KERNEL_DIR}/.config" ; then
331 if grep -q "CONFIG_MODULES=y" "${KERNEL_DIR}/.config" ; then
332 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_MOD_PATH=../../.. modules_install
332 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_MOD_PATH=../../.. modules_install
333 fi
333 fi
334
334
335 # Install kernel firmware
335 # Install kernel firmware
336 if grep -q "^firmware_install:" "${KERNEL_DIR}/Makefile" ; then
336 if grep -q "^firmware_install:" "${KERNEL_DIR}/Makefile" ; then
337 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_FW_PATH=../../../lib firmware_install
337 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_FW_PATH=../../../lib firmware_install
338 fi
338 fi
339 fi
339 fi
340
340
341 # Install kernel headers
341 # Install kernel headers
342 if [ "$KERNEL_HEADERS" = true ] && [ "$KERNEL_REDUCE" = false ] ; then
342 if [ "$KERNEL_HEADERS" = true ] && [ "$KERNEL_REDUCE" = false ] ; then
343 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_HDR_PATH=../.. headers_install
343 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_HDR_PATH=../.. headers_install
344 fi
344 fi
345 # make tar.gz kernel package - missing os bzw. modules
345 # make tar.gz kernel package - missing os bzw. modules
346 #** ** ** WARNING ** ** **
346 #** ** ** WARNING ** ** **
347 #Your architecture did not define any architecture-dependent files
347 #Your architecture did not define any architecture-dependent files
348 #to be placed into the tarball. Please add those to ./scripts/package/buildtar .
348 #to be placed into the tarball. Please add those to ./scripts/package/buildtar .
349 # make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" CC="${cc}" targz-pkg
349 # make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" CC="${cc}" targz-pkg
350
350
351 # Prepare boot (firmware) directory
351 # Prepare boot (firmware) directory
352 mkdir "${BOOT_DIR}"
352 mkdir "${BOOT_DIR}"
353
353
354 # Get kernel release version
354 # Get kernel release version
355 KERNEL_VERSION=$(cat "${KERNEL_DIR}/include/config/kernel.release")
355 KERNEL_VERSION=$(cat "${KERNEL_DIR}/include/config/kernel.release")
356
356
357 # Copy kernel configuration file to the boot directory
357 # Copy kernel configuration file to the boot directory
358 install_readonly "${KERNEL_DIR}/.config" "${R}/boot/config-${KERNEL_VERSION}"
358 install_readonly "${KERNEL_DIR}/.config" "${R}/boot/config-${KERNEL_VERSION}"
359
359
360 # Prepare device tree directory
360 # Prepare device tree directory
361 mkdir "${BOOT_DIR}/overlays"
361 mkdir "${BOOT_DIR}/overlays"
362
362
363 # Ensure the proper .dtb is located
363 # Ensure the proper .dtb is located
364 if [ "$KERNEL_ARCH" = "arm" ] ; then
364 if [ "$KERNEL_ARCH" = "arm" ] ; then
365 for dtb in "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/"*.dtb ; do
365 for dtb in "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/"*.dtb ; do
366 if [ -f "${dtb}" ] ; then
366 if [ -f "${dtb}" ] ; then
367 install_readonly "${dtb}" "${BOOT_DIR}/"
367 install_readonly "${dtb}" "${BOOT_DIR}/"
368 fi
368 fi
369 done
369 done
370 else
370 else
371 for dtb in "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/broadcom/"*.dtb ; do
371 for dtb in "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/broadcom/"*.dtb ; do
372 if [ -f "${dtb}" ] ; then
372 if [ -f "${dtb}" ] ; then
373 install_readonly "${dtb}" "${BOOT_DIR}/"
373 install_readonly "${dtb}" "${BOOT_DIR}/"
374 fi
374 fi
375 done
375 done
376 fi
376 fi
377
377
378 # Copy compiled dtb device tree files
378 # Copy compiled dtb device tree files
379 if [ -d "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays" ] ; then
379 if [ -d "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays" ] ; then
380 for dtb in "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays/"*.dtb ; do
380 for dtb in "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays/"*.dtb ; do
381 if [ -f "${dtb}" ] ; then
381 if [ -f "${dtb}" ] ; then
382 install_readonly "${dtb}" "${BOOT_DIR}/overlays/"
382 install_readonly "${dtb}" "${BOOT_DIR}/overlays/"
383 fi
383 fi
384 done
384 done
385
385
386 if [ -f "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays/README" ] ; then
386 if [ -f "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays/README" ] ; then
387 install_readonly "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays/README" "${BOOT_DIR}/overlays/README"
387 install_readonly "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays/README" "${BOOT_DIR}/overlays/README"
388 fi
388 fi
389 fi
389 fi
390
390
391 if [ "$ENABLE_UBOOT" = false ] ; then
391 if [ "$ENABLE_UBOOT" = false ] ; then
392 # Convert and copy kernel image to the boot directory
392 # Convert and copy kernel image to the boot directory
393 "${KERNEL_DIR}/scripts/mkknlimg" "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/${KERNEL_BIN_IMAGE}" "${BOOT_DIR}/${KERNEL_IMAGE}"
393 "${KERNEL_DIR}/scripts/mkknlimg" "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/${KERNEL_BIN_IMAGE}" "${BOOT_DIR}/${KERNEL_IMAGE}"
394 else
394 else
395 # Copy kernel image to the boot directory
395 # Copy kernel image to the boot directory
396 install_readonly "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/${KERNEL_BIN_IMAGE}" "${BOOT_DIR}/${KERNEL_IMAGE}"
396 install_readonly "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/${KERNEL_BIN_IMAGE}" "${BOOT_DIR}/${KERNEL_IMAGE}"
397 fi
397 fi
398
398
399 # Remove kernel sources
399 # Remove kernel sources
400 if [ "$KERNEL_REMOVESRC" = true ] ; then
400 if [ "$KERNEL_REMOVESRC" = true ] ; then
401 rm -fr "${KERNEL_DIR}"
401 rm -fr "${KERNEL_DIR}"
402 else
402 else
403 # Prepare compiled kernel modules
403 # Prepare compiled kernel modules
404 if grep -q "CONFIG_MODULES=y" "${KERNEL_DIR}/.config" ; then
404 if grep -q "CONFIG_MODULES=y" "${KERNEL_DIR}/.config" ; then
405 if grep -q "^modules_prepare:" "${KERNEL_DIR}/Makefile" ; then
405 if grep -q "^modules_prepare:" "${KERNEL_DIR}/Makefile" ; then
406 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" modules_prepare
406 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" modules_prepare
407 fi
407 fi
408
408
409 # Create symlinks for kernel modules
409 # Create symlinks for kernel modules
410 chroot_exec ln -sf /usr/src/linux "/lib/modules/${KERNEL_VERSION}/build"
410 chroot_exec ln -sf /usr/src/linux "/lib/modules/${KERNEL_VERSION}/build"
411 chroot_exec ln -sf /usr/src/linux "/lib/modules/${KERNEL_VERSION}/source"
411 chroot_exec ln -sf /usr/src/linux "/lib/modules/${KERNEL_VERSION}/source"
412 fi
412 fi
413 fi
413 fi
414
414
415 else # BUILD_KERNEL=false
415 else # BUILD_KERNEL=false
416 # echo Install precompiled kernel...
416 # echo Install precompiled kernel...
417 # echo error: not implemented
417 # echo error: not implemented
418 if [ "$KERNEL_ARCH" = arm64 ] && { [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] ; } ; then
418 if [ "$SET_ARCH" = 64 ] && { [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] ; } ; then
419 if [ "$KERNEL_ZSWAP" = true ] ; then
420 RPI3_64_KERNEL_URL=RPI3_64_BIS_KERNEL_URL
421 fi
419 # Create temporary directory for dl
422 # Create temporary directory for dl
420 temp_dir=$(as_nobody mktemp -d)
423 temp_dir=$(as_nobody mktemp -d)
421
424
422 # Fetch kernel dl
425 # Fetch kernel dl
423 as_nobody wget -O "${temp_dir}"/kernel.tar.xz -c "$RPI3_64_KERNEL_URL"
426 as_nobody wget -O "${temp_dir}"/kernel.tar.xz -c "$RPI3_64_KERNEL_URL"
424 #extract download
427 #extract download
425 tar -xJf "${temp_dir}"/kernel.tar.xz -C "${temp_dir}"
428 tar -xJf "${temp_dir}"/kernel.tar.xz -C "${temp_dir}"
426
429
427 #move extracted kernel to /boot/firmware
430 #move extracted kernel to /boot/firmware
428 mkdir "${R}/boot/firmware"
431 mkdir "${R}/boot/firmware"
429 cp "${temp_dir}"/boot/* "${R}"/boot/firmware/
432 cp "${temp_dir}"/boot/* "${R}"/boot/firmware/
430 cp -r "${temp_dir}"/lib/* "${R}"/lib/
433 cp -r "${temp_dir}"/lib/* "${R}"/lib/
431
434
432 # Remove temporary directory for kernel sources
435 # Remove temporary directory for kernel sources
433 rm -fr "${temp_dir}"
436 rm -fr "${temp_dir}"
434 # Set permissions of the kernel sources
437 # Set permissions of the kernel sources
435 chown -R root:root "${R}/boot/firmware"
438 chown -R root:root "${R}/boot/firmware"
436 chown -R root:root "${R}/lib/modules"
439 chown -R root:root "${R}/lib/modules"
437 #Create cmdline.txt for 15-rpi-config.sh
440 #Create cmdline.txt for 15-rpi-config.sh
438 touch "${BOOT_DIR}/cmdline.txt"
441 touch "${BOOT_DIR}/cmdline.txt"
439 fi
442 fi
440
443
444 # INstall Kernel from hypriot comptabile with all Raspberry PI
445 if [ "$SET_ARCH" = 32 ] ; then
446 # Create temporary directory for dl
447 temp_dir=$(as_nobody mktemp -d)
448
449 # Fetch kernel
450 as_nobody wget -O "${temp_dir}"/kernel.deb -c "$RPI_32_KERNEL_URL"
451
452 # Fetch kernel header
453 as_nobody wget -O "${temp_dir}"/kernel-header.deb -c "$RPI_32_KERNELHEADER_URL"
454
455 # Install kernel
456 chroot_exec dpkg -i "${temp_dir}"/kernel.deb
457
458 # Install kernel header
459 chroot_exec dpkg -i "${temp_dir}"/kernel-header.deb
460
461 # Remove temporary directory for U-Boot sources
462 rm -fr "${temp_dir}"
463 fi
464
441 # Check if kernel installation was successful
465 # Check if kernel installation was successful
442 KERNEL="$(ls -1 "${R}"/boot/firmware/kernel* | sort | tail -n 1)"
466 KERNEL="$(ls -1 "${R}"/boot/firmware/kernel* | sort | tail -n 1)"
443 if [ -z "$KERNEL" ] ; then
467 if [ -z "$KERNEL" ] ; then
444 echo "error: kernel installation failed! (/boot/kernel* not found)"
468 echo "error: kernel installation failed! (/boot/kernel* not found)"
445 cleanup
469 cleanup
446 exit 1
470 exit 1
447 fi
471 fi
448 fi
472 fi
@@ -1,268 +1,281
1 #
1 #
2 # Setup RPi2/3 config and cmdline
2 # Setup RPi2/3 config and cmdline
3 #
3 #
4
4
5 # Load utility functions
5 # Load utility functions
6 . ./functions.sh
6 . ./functions.sh
7
7
8 if [ "$BUILD_KERNEL" = true ] ; then
8 if [ "$BUILD_KERNEL" = true ] ; then
9 if [ -n "$RPI_FIRMWARE_DIR" ] && [ -d "$RPI_FIRMWARE_DIR" ] ; then
9 if [ -n "$RPI_FIRMWARE_DIR" ] && [ -d "$RPI_FIRMWARE_DIR" ] ; then
10 # Install boot binaries from local directory
10 # Install boot binaries from local directory
11 cp "${RPI_FIRMWARE_DIR}"/boot/bootcode.bin "${BOOT_DIR}"/bootcode.bin
11 cp "${RPI_FIRMWARE_DIR}"/boot/bootcode.bin "${BOOT_DIR}"/bootcode.bin
12 cp "${RPI_FIRMWARE_DIR}"/boot/fixup.dat "${BOOT_DIR}"/fixup.dat
12 cp "${RPI_FIRMWARE_DIR}"/boot/fixup.dat "${BOOT_DIR}"/fixup.dat
13 cp "${RPI_FIRMWARE_DIR}"/boot/fixup_cd.dat "${BOOT_DIR}"/fixup_cd.dat
13 cp "${RPI_FIRMWARE_DIR}"/boot/fixup_cd.dat "${BOOT_DIR}"/fixup_cd.dat
14 cp "${RPI_FIRMWARE_DIR}"/boot/fixup_x.dat "${BOOT_DIR}"/fixup_x.dat
14 cp "${RPI_FIRMWARE_DIR}"/boot/fixup_x.dat "${BOOT_DIR}"/fixup_x.dat
15 cp "${RPI_FIRMWARE_DIR}"/boot/start.elf "${BOOT_DIR}"/start.elf
15 cp "${RPI_FIRMWARE_DIR}"/boot/start.elf "${BOOT_DIR}"/start.elf
16 cp "${RPI_FIRMWARE_DIR}"/boot/start_cd.elf "${BOOT_DIR}"/start_cd.elf
16 cp "${RPI_FIRMWARE_DIR}"/boot/start_cd.elf "${BOOT_DIR}"/start_cd.elf
17 cp "${RPI_FIRMWARE_DIR}"/boot/start_x.elf "${BOOT_DIR}"/start_x.elf
17 cp "${RPI_FIRMWARE_DIR}"/boot/start_x.elf "${BOOT_DIR}"/start_x.elf
18 else
18 else
19 # Create temporary directory for boot binaries
19 # Create temporary directory for boot binaries
20 temp_dir=$(as_nobody mktemp -d)
20 temp_dir=$(as_nobody mktemp -d)
21
21
22 # Install latest boot binaries from raspberry/firmware github
22 # Install latest boot binaries from raspberry/firmware github
23 as_nobody wget -q -O "${temp_dir}/bootcode.bin" "${FIRMWARE_URL}/bootcode.bin"
23 as_nobody wget -q -O "${temp_dir}/bootcode.bin" "${FIRMWARE_URL}/bootcode.bin"
24 as_nobody wget -q -O "${temp_dir}/fixup.dat" "${FIRMWARE_URL}/fixup.dat"
24 as_nobody wget -q -O "${temp_dir}/fixup.dat" "${FIRMWARE_URL}/fixup.dat"
25 as_nobody wget -q -O "${temp_dir}/fixup_cd.dat" "${FIRMWARE_URL}/fixup_cd.dat"
25 as_nobody wget -q -O "${temp_dir}/fixup_cd.dat" "${FIRMWARE_URL}/fixup_cd.dat"
26 as_nobody wget -q -O "${temp_dir}/fixup_x.dat" "${FIRMWARE_URL}/fixup_x.dat"
26 as_nobody wget -q -O "${temp_dir}/fixup_x.dat" "${FIRMWARE_URL}/fixup_x.dat"
27 as_nobody wget -q -O "${temp_dir}/start.elf" "${FIRMWARE_URL}/start.elf"
27 as_nobody wget -q -O "${temp_dir}/start.elf" "${FIRMWARE_URL}/start.elf"
28 as_nobody wget -q -O "${temp_dir}/start_cd.elf" "${FIRMWARE_URL}/start_cd.elf"
28 as_nobody wget -q -O "${temp_dir}/start_cd.elf" "${FIRMWARE_URL}/start_cd.elf"
29 as_nobody wget -q -O "${temp_dir}/start_x.elf" "${FIRMWARE_URL}/start_x.elf"
29 as_nobody wget -q -O "${temp_dir}/start_x.elf" "${FIRMWARE_URL}/start_x.elf"
30
30
31 # Move downloaded boot binaries
31 # Move downloaded boot binaries
32 mv "${temp_dir}/"* "${BOOT_DIR}/"
32 mv "${temp_dir}/"* "${BOOT_DIR}/"
33
33
34 # Remove temporary directory for boot binaries
34 # Remove temporary directory for boot binaries
35 rm -fr "${temp_dir}"
35 rm -fr "${temp_dir}"
36
36
37 # Set permissions of the boot binaries
37 # Set permissions of the boot binaries
38 chown -R root:root "${BOOT_DIR}"
38 chown -R root:root "${BOOT_DIR}"
39 chmod -R 600 "${BOOT_DIR}"
39 chmod -R 600 "${BOOT_DIR}"
40 fi
40 fi
41 fi
41 fi
42
42
43 # Setup firmware boot cmdline
43 # Setup firmware boot cmdline
44 if [ "$ENABLE_UBOOTUSB" = true ] ; then
44 if [ "$ENABLE_UBOOTUSB" = true ] ; then
45 CMDLINE="dwc_otg.lpm_enable=0 root=/dev/sda2 rootfstype=ext4 rootflags=commit=100,data=writeback elevator=deadline rootwait console=tty1 init=/bin/systemd"
45 CMDLINE="dwc_otg.lpm_enable=0 root=/dev/sda2 rootfstype=ext4 rootflags=commit=100,data=writeback elevator=deadline rootwait console=tty1 init=/bin/systemd"
46 else
46 else
47 if [ "$ENABLE_SPLITFS" = true ] ; then
47 if [ "$ENABLE_SPLITFS" = true ] ; then
48 CMDLINE="dwc_otg.lpm_enable=0 root=/dev/sda1 rootfstype=ext4 rootflags=commit=100,data=writeback elevator=deadline rootwait console=tty1 init=/bin/systemd"
48 CMDLINE="dwc_otg.lpm_enable=0 root=/dev/sda1 rootfstype=ext4 rootflags=commit=100,data=writeback elevator=deadline rootwait console=tty1 init=/bin/systemd"
49 else
49 else
50 CMDLINE="dwc_otg.lpm_enable=0 root=/dev/mmcblk0p2 rootfstype=ext4 rootflags=commit=100,data=writeback elevator=deadline rootwait console=tty1 init=/bin/systemd"
50 CMDLINE="dwc_otg.lpm_enable=0 root=/dev/mmcblk0p2 rootfstype=ext4 rootflags=commit=100,data=writeback elevator=deadline rootwait console=tty1 init=/bin/systemd"
51 fi
51 fi
52 fi
52 fi
53
53
54 # Add encrypted root partition to cmdline.txt
54 # Add encrypted root partition to cmdline.txt
55 if [ "$ENABLE_CRYPTFS" = true ] ; then
55 if [ "$ENABLE_CRYPTFS" = true ] ; then
56 if [ "$ENABLE_SPLITFS" = true ] ; then
56 if [ "$ENABLE_SPLITFS" = true ] ; then
57 CMDLINE=$(echo "${CMDLINE}" | sed "s/sda1/mapper\/${CRYPTFS_MAPPING} cryptdevice=\/dev\/sda1:${CRYPTFS_MAPPING}/")
57 CMDLINE=$(echo "${CMDLINE}" | sed "s/sda1/mapper\/${CRYPTFS_MAPPING} cryptdevice=\/dev\/sda1:${CRYPTFS_MAPPING}/")
58 else
58 else
59 if [ "$ENABLE_UBOOTUSB" = true ] ; then
59 if [ "$ENABLE_UBOOTUSB" = true ] ; then
60 CMDLINE=$(echo "${CMDLINE}" | sed "s/sda2/mapper\/${CRYPTFS_MAPPING} cryptdevice=\/dev\/sda2:${CRYPTFS_MAPPING}/")
60 CMDLINE=$(echo "${CMDLINE}" | sed "s/sda2/mapper\/${CRYPTFS_MAPPING} cryptdevice=\/dev\/sda2:${CRYPTFS_MAPPING}/")
61 else
61 else
62 CMDLINE=$(echo "${CMDLINE}" | sed "s/mmcblk0p2/mapper\/${CRYPTFS_MAPPING} cryptdevice=\/dev\/mmcblk0p2:${CRYPTFS_MAPPING}/")
62 CMDLINE=$(echo "${CMDLINE}" | sed "s/mmcblk0p2/mapper\/${CRYPTFS_MAPPING} cryptdevice=\/dev\/mmcblk0p2:${CRYPTFS_MAPPING}/")
63 fi
63 fi
64 fi
64 fi
65 fi
65 fi
66
66
67 if [ "$KERNEL_ZSWAP" = true ] ; then
68 # Create temporary directory for systemd-swap sources
69 temp_dir=$(as_nobody mktemp -d)
70
71 # Fetch systemd-swap sources
72 as_nobody git -C "${temp_dir}" clone "${ZSWAP_URL}"
73
74 # Copy downloaded systemd-swap sources
75 mv "${temp_dir}/systemd-swap" "${R}/tmp/"
76
77 # Set permissions of the systemd-swap sources
78 chown -R root:root "${R}/tmp/systemd-swap"
79
80 # Remove temporary directory for systemd-swap sources
81 rm -fr "${temp_dir}"
82
83 # Change into downloaded src dir
84 cd "${R}/tmp/systemd-swap" || exit
85
86 # Build package
87 . ./systemd-swap/package.sh debian
88
89 # Install package
90 chroot_exec dpkg -i /tmp/systemd-swap/systemd-swap-*any.deb
91
92 # Change back into script root dir
93 cd "${WORKDIR}" || exit
94 fi
95
96 #locks cpu at max frequency
67 #locks cpu at max frequency
97 if [ "$ENABLE_TURBO" = true ] ; then
68 if [ "$ENABLE_TURBO" = true ] ; then
98 echo "force_turbo=1" >> "${BOOT_DIR}/config.txt"
69 echo "force_turbo=1" >> "${BOOT_DIR}/config.txt"
99 # helps to avoid sdcard corruption when force_turbo is enabled.
70 # helps to avoid sdcard corruption when force_turbo is enabled.
100 echo "boot_delay=1" >> "${BOOT_DIR}/config.txt"
71 echo "boot_delay=1" >> "${BOOT_DIR}/config.txt"
101 fi
72 fi
102
73
103 if [ "$ENABLE_PRINTK" = true ] ; then
74 if [ "$ENABLE_PRINTK" = true ] ; then
104 install_readonly files/sysctl.d/83-rpi-printk.conf "${ETC_DIR}/sysctl.d/83-rpi-printk.conf"
75 install_readonly files/sysctl.d/83-rpi-printk.conf "${ETC_DIR}/sysctl.d/83-rpi-printk.conf"
105 fi
76 fi
106
77
107 # Install udev rule for serial alias
78 # Install udev rule for serial alias
108 install_readonly files/etc/99-com.rules "${LIB_DIR}/udev/rules.d/99-com.rules"
79 install_readonly files/etc/99-com.rules "${LIB_DIR}/udev/rules.d/99-com.rules"
109
80
110 if [ "$RPI_MODEL" = 0 ] || [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] ; then
81 if [ "$RPI_MODEL" = 0 ] || [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] ; then
111
82
112 # RPI0,3,3P Use default ttyS0 (mini-UART)as serial interface
83 # RPI0,3,3P Use default ttyS0 (mini-UART)as serial interface
113 SET_SERIAL="ttyS0"
84 SET_SERIAL="ttyS0"
114
85
115 # Bluetooth enabled
86 # Bluetooth enabled
116 if [ "$ENABLE_BLUETOOTH" = true ] ; then
87 if [ "$ENABLE_BLUETOOTH" = true ] ; then
117 # Create temporary directory for Bluetooth sources
88 # Create temporary directory for Bluetooth sources
118 temp_dir=$(as_nobody mktemp -d)
89 temp_dir=$(as_nobody mktemp -d)
119
90
120 # Fetch Bluetooth sources
91 # Fetch Bluetooth sources
121 as_nobody git -C "${temp_dir}" clone "${BLUETOOTH_URL}"
92 as_nobody git -C "${temp_dir}" clone "${BLUETOOTH_URL}"
122
93
123 # Copy downloaded sources
94 # Copy downloaded sources
124 mv "${temp_dir}/pi-bluetooth" "${R}/tmp/"
95 mv "${temp_dir}/pi-bluetooth" "${R}/tmp/"
125
96
126 # Bluetooth firmware from arch aur https://aur.archlinux.org/packages/pi-bluetooth/
97 # Bluetooth firmware from arch aur https://aur.archlinux.org/packages/pi-bluetooth/
127 as_nobody wget -q -O "${R}/tmp/pi-bluetooth/LICENCE.broadcom_bcm43xx" https://aur.archlinux.org/cgit/aur.git/plain/LICENCE.broadcom_bcm43xx?h=pi-bluetooth
98 as_nobody wget -q -O "${R}/tmp/pi-bluetooth/LICENCE.broadcom_bcm43xx" https://aur.archlinux.org/cgit/aur.git/plain/LICENCE.broadcom_bcm43xx?h=pi-bluetooth
128 as_nobody wget -q -O "${R}/tmp/pi-bluetooth/BCM43430A1.hcd" https://aur.archlinux.org/cgit/aur.git/plain/BCM43430A1.hcd?h=pi-bluetooth
99 as_nobody wget -q -O "${R}/tmp/pi-bluetooth/BCM43430A1.hcd" https://aur.archlinux.org/cgit/aur.git/plain/BCM43430A1.hcd?h=pi-bluetooth
129
100
130 # Set permissions
101 # Set permissions
131 chown -R root:root "${R}/tmp/pi-bluetooth"
102 chown -R root:root "${R}/tmp/pi-bluetooth"
132
103
133 # Install tools
104 # Install tools
134 install_readonly "${R}/tmp/pi-bluetooth/usr/bin/btuart" "${R}/usr/bin/btuart"
105 install_readonly "${R}/tmp/pi-bluetooth/usr/bin/btuart" "${R}/usr/bin/btuart"
135 install_readonly "${R}/tmp/pi-bluetooth/usr/bin/bthelper" "${R}/usr/bin/bthelper"
106 install_readonly "${R}/tmp/pi-bluetooth/usr/bin/bthelper" "${R}/usr/bin/bthelper"
136
107
137 # Install bluetooth udev rule
108 # Install bluetooth udev rule
138 install_readonly "${R}/tmp/pi-bluetooth/lib/udev/rules.d/90-pi-bluetooth.rules" "${LIB_DIR}/udev/rules.d/90-pi-bluetooth.rules"
109 install_readonly "${R}/tmp/pi-bluetooth/lib/udev/rules.d/90-pi-bluetooth.rules" "${LIB_DIR}/udev/rules.d/90-pi-bluetooth.rules"
139
110
140 # Install Firmware Flash file and apropiate licence
111 # Install Firmware Flash file and apropiate licence
141 mkdir -p "$BLUETOOTH_FIRMWARE_DIR"
112 mkdir -p "$BLUETOOTH_FIRMWARE_DIR"
142 install_readonly "${R}/tmp/pi-bluetooth/LICENCE.broadcom_bcm43xx" "${BLUETOOTH_FIRMWARE_DIR}/LICENCE.broadcom_bcm43xx"
113 install_readonly "${R}/tmp/pi-bluetooth/LICENCE.broadcom_bcm43xx" "${BLUETOOTH_FIRMWARE_DIR}/LICENCE.broadcom_bcm43xx"
143 install_readonly "${R}/tmp/pi-bluetooth/BCM43430A1.hcd" "${BLUETOOTH_FIRMWARE_DIR}/LICENCE.broadcom_bcm43xx"
114 install_readonly "${R}/tmp/pi-bluetooth/BCM43430A1.hcd" "${BLUETOOTH_FIRMWARE_DIR}/LICENCE.broadcom_bcm43xx"
144 install_readonly "${R}/tmp/pi-bluetooth/debian/pi-bluetooth.bthelper@.service" "${ETC_DIR}/systemd/system/pi-bluetooth.bthelper@.service"
115 install_readonly "${R}/tmp/pi-bluetooth/debian/pi-bluetooth.bthelper@.service" "${ETC_DIR}/systemd/system/pi-bluetooth.bthelper@.service"
145 install_readonly "${R}/tmp/pi-bluetooth/debian/pi-bluetooth.hciuart.service" "${ETC_DIR}/systemd/system/pi-bluetooth.hciuart.service"
116 install_readonly "${R}/tmp/pi-bluetooth/debian/pi-bluetooth.hciuart.service" "${ETC_DIR}/systemd/system/pi-bluetooth.hciuart.service"
146
117
147 # Remove temporary directory
118 # Remove temporary directory
148 rm -fr "${temp_dir}"
119 rm -fr "${temp_dir}"
149
120
150 # Switch Pi3 Bluetooth function to use the mini-UART (ttyS0) and restore UART0/ttyAMA0 over GPIOs 14 & 15. Slow Bluetooth and slow cpu. Use /dev/ttyS0 instead of /dev/ttyAMA0
121 # Switch Pi3 Bluetooth function to use the mini-UART (ttyS0) and restore UART0/ttyAMA0 over GPIOs 14 & 15. Slow Bluetooth and slow cpu. Use /dev/ttyS0 instead of /dev/ttyAMA0
151 if [ "$ENABLE_MINIUART_OVERLAY" = true ] ; then
122 if [ "$ENABLE_MINIUART_OVERLAY" = true ] ; then
152 SET_SERIAL="ttyAMA0"
123 SET_SERIAL="ttyAMA0"
153
124
154 # set overlay to swap ttyAMA0 and ttyS0
125 # set overlay to swap ttyAMA0 and ttyS0
155 echo "dtoverlay=pi3-miniuart-bt" >> "${BOOT_DIR}/config.txt"
126 echo "dtoverlay=pi3-miniuart-bt" >> "${BOOT_DIR}/config.txt"
156
127
157 # if force_turbo didn't lock cpu at high speed, lock it at low speed (XOR logic) or miniuart will be broken
128 # if force_turbo didn't lock cpu at high speed, lock it at low speed (XOR logic) or miniuart will be broken
158 if [ "$ENABLE_TURBO" = false ] ; then
129 if [ "$ENABLE_TURBO" = false ] ; then
159 echo "core_freq=250" >> "${BOOT_DIR}/config.txt"
130 echo "core_freq=250" >> "${BOOT_DIR}/config.txt"
160 fi
131 fi
161
132
162 # Activate services
133 # Activate services
163 chroot_exec systemctl enable pi-bluetooth.hciuart.service
134 chroot_exec systemctl enable pi-bluetooth.hciuart.service
164 #chroot_exec systemctl enable pi-bluetooth.bthelper@.service
135 #chroot_exec systemctl enable pi-bluetooth.bthelper@.service
165 else
136 else
166 chroot_exec systemctl enable pi-bluetooth.hciuart.service
137 chroot_exec systemctl enable pi-bluetooth.hciuart.service
167 #chroot_exec systemctl enable pi-bluetooth.bthelper@.service
138 #chroot_exec systemctl enable pi-bluetooth.bthelper@.service
168 fi
139 fi
169
140
170 else # if ENABLE_BLUETOOTH = false
141 else # if ENABLE_BLUETOOTH = false
171 # set overlay to disable bluetooth
142 # set overlay to disable bluetooth
172 echo "dtoverlay=pi3-disable-bt" >> "${BOOT_DIR}/config.txt"
143 echo "dtoverlay=pi3-disable-bt" >> "${BOOT_DIR}/config.txt"
173 fi # ENABLE_BLUETOOTH end
144 fi # ENABLE_BLUETOOTH end
174
145
175 else
146 else
176 # RPI1,1P,2 Use default ttyAMA0 (full UART) as serial interface
147 # RPI1,1P,2 Use default ttyAMA0 (full UART) as serial interface
177 SET_SERIAL="ttyAMA0"
148 SET_SERIAL="ttyAMA0"
178 fi
149 fi
179
150
180 # may need sudo systemctl disable hciuart
151 # may need sudo systemctl disable hciuart
181 if [ "$ENABLE_CONSOLE" = true ] ; then
152 if [ "$ENABLE_CONSOLE" = true ] ; then
182 echo "enable_uart=1" >> "${BOOT_DIR}/config.txt"
153 echo "enable_uart=1" >> "${BOOT_DIR}/config.txt"
183 # add string to cmdline
154 # add string to cmdline
184 CMDLINE="${CMDLINE} console=serial0,115200"
155 CMDLINE="${CMDLINE} console=serial0,115200"
185
156
186 # Enable serial console systemd style
157 # Enable serial console systemd style
187 chroot_exec systemctl enable serial-getty@"$SET_SERIAL".service
158 chroot_exec systemctl enable serial-getty@"$SET_SERIAL".service
188 else
159 else
189 echo "enable_uart=0" >> "${BOOT_DIR}/config.txt"
160 echo "enable_uart=0" >> "${BOOT_DIR}/config.txt"
190 # disable serial console systemd style
161 # disable serial console systemd style
191 chroot_exec systemctl disable serial-getty@"$SET_SERIAL".service
162 chroot_exec systemctl disable serial-getty@"$SET_SERIAL".service
192 fi
163 fi
193
164
165 # Remove cmdline.txt entry of starting zswap
166 if [ "$KERNEL_ZSWAP" = true ] ; then
167 CMDLINE="${CMDLINE} zswap.enabled=1 zswap.max_pool_percent=25 zswap.compressor=lz4"
168 fi
169
170 if [ "$ENABLE_SYSTEMDSWAP" = true ] ; then
171
172 # Remove cmdline.txt entry of starting zswap
173 if [ "$KERNEL_ZSWAP" = true ] ; then
174 sed -i 's|zswap.enabled=1 zswap.max_pool_percent=25 zswap.compressor=lz4||g'
175 fi
176 # Create temporary directory for systemd-swap sources
177 temp_dir=$(as_nobody mktemp -d)
178
179 # Fetch systemd-swap sources
180 as_nobody git -C "${temp_dir}" clone "${ZSWAP_URL}"
181
182 # Copy downloaded systemd-swap sources
183 mv "${temp_dir}/systemd-swap" "${R}/tmp/"
184
185 # Set permissions of the systemd-swap sources
186 chown -R root:root "${R}/tmp/systemd-swap"
187
188 # Remove temporary directory for systemd-swap sources
189 rm -fr "${temp_dir}"
190
191 # Change into downloaded src dir
192 cd "${R}/tmp/systemd-swap" || exit
193
194 # Build package
195 . ./systemd-swap/package.sh debian
196
197 # Install package
198 chroot_exec dpkg -i /tmp/systemd-swap/systemd-swap-*any.deb
199
200 # Enable service
201 chroot_exec systemctl enable systemd-swap
202
203 # Change back into script root dir
204 cd "${WORKDIR}" || exit
205 fi
206
194 # Remove IPv6 networking support
207 # Remove IPv6 networking support
195 if [ "$ENABLE_IPV6" = false ] ; then
208 if [ "$ENABLE_IPV6" = false ] ; then
196 CMDLINE="${CMDLINE} ipv6.disable=1"
209 CMDLINE="${CMDLINE} ipv6.disable=1"
197 fi
210 fi
198
211
199 # Automatically assign predictable network interface names
212 # Automatically assign predictable network interface names
200 if [ "$ENABLE_IFNAMES" = false ] ; then
213 if [ "$ENABLE_IFNAMES" = false ] ; then
201 CMDLINE="${CMDLINE} net.ifnames=0"
214 CMDLINE="${CMDLINE} net.ifnames=0"
202 else
215 else
203 CMDLINE="${CMDLINE} net.ifnames=1"
216 CMDLINE="${CMDLINE} net.ifnames=1"
204 fi
217 fi
205
218
206 # Install firmware boot cmdline
219 # Install firmware boot cmdline
207 echo "${CMDLINE}" > "${BOOT_DIR}/cmdline.txt"
220 echo "${CMDLINE}" > "${BOOT_DIR}/cmdline.txt"
208
221
209 # Install firmware config
222 # Install firmware config
210 install_readonly files/boot/config.txt "${BOOT_DIR}/config.txt"
223 install_readonly files/boot/config.txt "${BOOT_DIR}/config.txt"
211
224
212 # Setup minimal GPU memory allocation size: 16MB (no X)
225 # Setup minimal GPU memory allocation size: 16MB (no X)
213 if [ "$ENABLE_MINGPU" = true ] ; then
226 if [ "$ENABLE_MINGPU" = true ] ; then
214 echo "gpu_mem=16" >> "${BOOT_DIR}/config.txt"
227 echo "gpu_mem=16" >> "${BOOT_DIR}/config.txt"
215 fi
228 fi
216
229
217 # Setup boot with initramfs
230 # Setup boot with initramfs
218 if [ "$ENABLE_INITRAMFS" = true ] ; then
231 if [ "$ENABLE_INITRAMFS" = true ] ; then
219 echo "initramfs initramfs-${KERNEL_VERSION} followkernel" >> "${BOOT_DIR}/config.txt"
232 echo "initramfs initramfs-${KERNEL_VERSION} followkernel" >> "${BOOT_DIR}/config.txt"
220 fi
233 fi
221
234
222 # Create firmware configuration and cmdline symlinks
235 # Create firmware configuration and cmdline symlinks
223 ln -sf firmware/config.txt "${R}/boot/config.txt"
236 ln -sf firmware/config.txt "${R}/boot/config.txt"
224 ln -sf firmware/cmdline.txt "${R}/boot/cmdline.txt"
237 ln -sf firmware/cmdline.txt "${R}/boot/cmdline.txt"
225
238
226 # Install and setup kernel modules to load at boot
239 # Install and setup kernel modules to load at boot
227 mkdir -p "${LIB_DIR}/modules-load.d/"
240 mkdir -p "${LIB_DIR}/modules-load.d/"
228 install_readonly files/modules/rpi2.conf "${LIB_DIR}/modules-load.d/rpi2.conf"
241 install_readonly files/modules/rpi2.conf "${LIB_DIR}/modules-load.d/rpi2.conf"
229
242
230 # Load hardware random module at boot
243 # Load hardware random module at boot
231 if [ "$ENABLE_HWRANDOM" = true ] && [ "$BUILD_KERNEL" = false ] ; then
244 if [ "$ENABLE_HWRANDOM" = true ] && [ "$BUILD_KERNEL" = false ] ; then
232 sed -i "s/^# bcm2708_rng/bcm2708_rng/" "${LIB_DIR}/modules-load.d/rpi2.conf"
245 sed -i "s/^# bcm2708_rng/bcm2708_rng/" "${LIB_DIR}/modules-load.d/rpi2.conf"
233 fi
246 fi
234
247
235 # Load sound module at boot
248 # Load sound module at boot
236 if [ "$ENABLE_SOUND" = true ] ; then
249 if [ "$ENABLE_SOUND" = true ] ; then
237 sed -i "s/^# snd_bcm2835/snd_bcm2835/" "${LIB_DIR}/modules-load.d/rpi2.conf"
250 sed -i "s/^# snd_bcm2835/snd_bcm2835/" "${LIB_DIR}/modules-load.d/rpi2.conf"
238 else
251 else
239 echo "dtparam=audio=off" >> "${BOOT_DIR}/config.txt"
252 echo "dtparam=audio=off" >> "${BOOT_DIR}/config.txt"
240 fi
253 fi
241
254
242 # Enable I2C interface
255 # Enable I2C interface
243 if [ "$ENABLE_I2C" = true ] ; then
256 if [ "$ENABLE_I2C" = true ] ; then
244 echo "dtparam=i2c_arm=on" >> "${BOOT_DIR}/config.txt"
257 echo "dtparam=i2c_arm=on" >> "${BOOT_DIR}/config.txt"
245 sed -i "s/^# i2c-bcm2708/i2c-bcm2708/" "${LIB_DIR}/modules-load.d/rpi2.conf"
258 sed -i "s/^# i2c-bcm2708/i2c-bcm2708/" "${LIB_DIR}/modules-load.d/rpi2.conf"
246 sed -i "s/^# i2c-dev/i2c-dev/" "${LIB_DIR}/modules-load.d/rpi2.conf"
259 sed -i "s/^# i2c-dev/i2c-dev/" "${LIB_DIR}/modules-load.d/rpi2.conf"
247 fi
260 fi
248
261
249 # Enable SPI interface
262 # Enable SPI interface
250 if [ "$ENABLE_SPI" = true ] ; then
263 if [ "$ENABLE_SPI" = true ] ; then
251 echo "dtparam=spi=on" >> "${BOOT_DIR}/config.txt"
264 echo "dtparam=spi=on" >> "${BOOT_DIR}/config.txt"
252 echo "spi-bcm2708" >> "${LIB_DIR}/modules-load.d/rpi2.conf"
265 echo "spi-bcm2708" >> "${LIB_DIR}/modules-load.d/rpi2.conf"
253 if [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ]; then
266 if [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ]; then
254 sed -i "s/spi-bcm2708/spi-bcm2835/" "${LIB_DIR}/modules-load.d/rpi2.conf"
267 sed -i "s/spi-bcm2708/spi-bcm2835/" "${LIB_DIR}/modules-load.d/rpi2.conf"
255 fi
268 fi
256 fi
269 fi
257
270
258 # Disable RPi2/3 under-voltage warnings
271 # Disable RPi2/3 under-voltage warnings
259 if [ -n "$DISABLE_UNDERVOLT_WARNINGS" ] ; then
272 if [ -n "$DISABLE_UNDERVOLT_WARNINGS" ] ; then
260 echo "avoid_warnings=${DISABLE_UNDERVOLT_WARNINGS}" >> "${BOOT_DIR}/config.txt"
273 echo "avoid_warnings=${DISABLE_UNDERVOLT_WARNINGS}" >> "${BOOT_DIR}/config.txt"
261 fi
274 fi
262
275
263 # Install kernel modules blacklist
276 # Install kernel modules blacklist
264 mkdir -p "${ETC_DIR}/modprobe.d/"
277 mkdir -p "${ETC_DIR}/modprobe.d/"
265 install_readonly files/modules/raspi-blacklist.conf "${ETC_DIR}/modprobe.d/raspi-blacklist.conf"
278 install_readonly files/modules/raspi-blacklist.conf "${ETC_DIR}/modprobe.d/raspi-blacklist.conf"
266
279
267 # Install sysctl.d configuration files
280 # Install sysctl.d configuration files
268 install_readonly files/sysctl.d/81-rpi-vm.conf "${ETC_DIR}/sysctl.d/81-rpi-vm.conf"
281 install_readonly files/sysctl.d/81-rpi-vm.conf "${ETC_DIR}/sysctl.d/81-rpi-vm.conf"
@@ -1,845 +1,847
1 #!/bin/sh
1 #!/bin/sh
2 ########################################################################
2 ########################################################################
3 # rpi23-gen-image.sh 2015-2017
3 # rpi23-gen-image.sh 2015-2017
4 #
4 #
5 # Advanced Debian "stretch" and "buster" bootstrap script for RPi2/3
5 # Advanced Debian "stretch" and "buster" bootstrap script for RPi2/3
6 #
6 #
7 # This program is free software; you can redistribute it and/or
7 # This program is free software; you can redistribute it and/or
8 # modify it under the terms of the GNU General Public License
8 # modify it under the terms of the GNU General Public License
9 # as published by the Free Software Foundation; either version 2
9 # as published by the Free Software Foundation; either version 2
10 # of the License, or (at your option) any later version.
10 # of the License, or (at your option) any later version.
11 #
11 #
12 # Copyright (C) 2015 Jan Wagner <mail@jwagner.eu>
12 # Copyright (C) 2015 Jan Wagner <mail@jwagner.eu>
13 #
13 #
14 # Big thanks for patches and enhancements by 20+ github contributors!
14 # Big thanks for patches and enhancements by 20+ github contributors!
15 ########################################################################
15 ########################################################################
16
16
17 # Are we running as root?
17 # Are we running as root?
18 if [ "$(id -u)" -ne "0" ] ; then
18 if [ "$(id -u)" -ne "0" ] ; then
19 echo "error: this script must be executed with root privileges!"
19 echo "error: this script must be executed with root privileges!"
20 exit 1
20 exit 1
21 fi
21 fi
22
22
23 # Check if ./functions.sh script exists
23 # Check if ./functions.sh script exists
24 if [ ! -r "./functions.sh" ] ; then
24 if [ ! -r "./functions.sh" ] ; then
25 echo "error: './functions.sh' required script not found!"
25 echo "error: './functions.sh' required script not found!"
26 exit 1
26 exit 1
27 fi
27 fi
28
28
29 # Load utility functions
29 # Load utility functions
30 . ./functions.sh
30 . ./functions.sh
31
31
32 # Load parameters from configuration template file
32 # Load parameters from configuration template file
33 if [ -n "$CONFIG_TEMPLATE" ] ; then
33 if [ -n "$CONFIG_TEMPLATE" ] ; then
34 use_template
34 use_template
35 fi
35 fi
36
36
37 # Introduce settings
37 # Introduce settings
38 set -e
38 set -e
39 echo -n -e "\n#\n# RPi2/3 Bootstrap Settings\n#\n"
39 echo -n -e "\n#\n# RPi2/3 Bootstrap Settings\n#\n"
40 set -x
40 set -x
41
41
42 # Raspberry Pi model configuration
42 # Raspberry Pi model configuration
43 RPI_MODEL=${RPI_MODEL:=2}
43 RPI_MODEL=${RPI_MODEL:=2}
44
44
45 # Debian release
45 # Debian release
46 RELEASE=${RELEASE:=buster}
46 RELEASE=${RELEASE:=buster}
47
47
48 # Kernel Branch
48 # Kernel Branch
49 KERNEL_BRANCH=${KERNEL_BRANCH:=""}
49 KERNEL_BRANCH=${KERNEL_BRANCH:=""}
50
50
51 # URLs
51 # URLs
52 KERNEL_URL=${KERNEL_URL:=https://github.com/raspberrypi/linux}
52 KERNEL_URL=${KERNEL_URL:=https://github.com/raspberrypi/linux}
53 FIRMWARE_URL=${FIRMWARE_URL:=https://github.com/raspberrypi/firmware/raw/master/boot}
53 FIRMWARE_URL=${FIRMWARE_URL:=https://github.com/raspberrypi/firmware/raw/master/boot}
54 WLAN_FIRMWARE_URL=${WLAN_FIRMWARE_URL:=https://github.com/RPi-Distro/firmware-nonfree/raw/master/brcm}
54 WLAN_FIRMWARE_URL=${WLAN_FIRMWARE_URL:=https://github.com/RPi-Distro/firmware-nonfree/raw/master/brcm}
55 COLLABORA_URL=${COLLABORA_URL:=https://repositories.collabora.co.uk/debian}
55 COLLABORA_URL=${COLLABORA_URL:=https://repositories.collabora.co.uk/debian}
56 FBTURBO_URL=${FBTURBO_URL:=https://github.com/ssvb/xf86-video-fbturbo.git}
56 FBTURBO_URL=${FBTURBO_URL:=https://github.com/ssvb/xf86-video-fbturbo.git}
57 UBOOT_URL=${UBOOT_URL:=https://git.denx.de/u-boot.git}
57 UBOOT_URL=${UBOOT_URL:=https://git.denx.de/u-boot.git}
58 VIDEOCORE_URL=${VIDEOCORE_URL:=https://github.com/raspberrypi/userland}
58 VIDEOCORE_URL=${VIDEOCORE_URL:=https://github.com/raspberrypi/userland}
59 #BIS= Kernel has KVM and zswap enabled
59 #BIS= Kernel has KVM and zswap enabled
60 RPI3_64_BIS_KERNEL_URL=${RPI3_64_BIS_KERNEL_URL:=https://github.com/sakaki-/bcmrpi3-kernel-bis/releases/download/4.14.80.20181113/bcmrpi3-kernel-bis-4.14.80.20181113.tar.xz}
60 RPI3_64_BIS_KERNEL_URL=${RPI3_64_BIS_KERNEL_URL:=https://github.com/sakaki-/bcmrpi3-kernel-bis/releases/download/4.14.80.20181113/bcmrpi3-kernel-bis-4.14.80.20181113.tar.xz}
61 #default bcmrpi3_defconfig target kernel
61 #default bcmrpi3_defconfig target kernel
62 RPI3_64_DEF_KERNEL_URL=${RPI3_64_DEF_KERNEL_URL:=https://github.com/sakaki-/bcmrpi3-kernel/releases/download/4.14.80.20181113/bcmrpi3-kernel-4.14.80.20181113.tar.xz}
62 RPI3_64_DEF_KERNEL_URL=${RPI3_64_DEF_KERNEL_URL:=https://github.com/sakaki-/bcmrpi3-kernel/releases/download/4.14.80.20181113/bcmrpi3-kernel-4.14.80.20181113.tar.xz}
63 #enhanced kernel
63 #enhanced kernel
64 RPI3_64_KERNEL_URL=${RPI3_64_KERNEL_URL:=$RPI3_64_BIS_KERNEL_URL}
64 RPI3_64_KERNEL_URL=${RPI3_64_KERNEL_URL:=$RPI3_64_DEF_KERNEL_URL}
65 BLUETOOTH_URL=${BLUETOOTH_URL:=https://github.com/RPi-Distro/pi-bluetooth.git}
65 BLUETOOTH_URL=${BLUETOOTH_URL:=https://github.com/RPi-Distro/pi-bluetooth.git}
66 NEXMON_URL=${NEXMON_URL:=https://github.com/seemoo-lab/nexmon.git}
66 NEXMON_URL=${NEXMON_URL:=https://github.com/seemoo-lab/nexmon.git}
67 ZSWAP_URL=${ZSWAP_URL:=https://github.com/Nefelim4ag/systemd-swap.git}
67 SYSTEMDSWAP_URL=${SYSTEMDSWAP_URL:=https://github.com/Nefelim4ag/systemd-swap.git}
68
68 RPI_32_KERNEL_URL=${RPI_32_KERNEL_URL:=https://github.com/hypriot/rpi-kernel/releases/download/v4.14.34/raspberrypi-kernel_20180422-141901_armhf.deb}
69 RPI_32_KERNELHEADER_URL=${RPI_32_KERNELHEADER_URL:=https://github.com/hypriot/rpi-kernel/releases/download/v4.14.34/raspberrypi-kernel-headers_20180422-141901_armhf.deb}
69
70
70 # Build directories
71 # Build directories
71 WORKDIR=$(pwd)
72 WORKDIR=$(pwd)
72 BASEDIR=${BASEDIR:=${WORKDIR}/images/${RELEASE}}
73 BASEDIR=${BASEDIR:=${WORKDIR}/images/${RELEASE}}
73 BUILDDIR="${BASEDIR}/build"
74 BUILDDIR="${BASEDIR}/build"
74
75
75 # Chroot directories
76 # Chroot directories
76 R="${BUILDDIR}/chroot"
77 R="${BUILDDIR}/chroot"
77 ETC_DIR="${R}/etc"
78 ETC_DIR="${R}/etc"
78 LIB_DIR="${R}/lib"
79 LIB_DIR="${R}/lib"
79 BOOT_DIR="${R}/boot/firmware"
80 BOOT_DIR="${R}/boot/firmware"
80 KERNEL_DIR="${R}/usr/src/linux"
81 KERNEL_DIR="${R}/usr/src/linux"
81 WLAN_FIRMWARE_DIR="${LIB_DIR}/firmware/brcm"
82 WLAN_FIRMWARE_DIR="${LIB_DIR}/firmware/brcm"
82 BLUETOOTH_FIRMWARE_DIR="${ETC_DIR}/firmware/bt"
83 BLUETOOTH_FIRMWARE_DIR="${ETC_DIR}/firmware/bt"
83
84
84 # Firmware directory: Blank if download from github
85 # Firmware directory: Blank if download from github
85 RPI_FIRMWARE_DIR=${RPI_FIRMWARE_DIR:=""}
86 RPI_FIRMWARE_DIR=${RPI_FIRMWARE_DIR:=""}
86
87
87 # General settings
88 # General settings
88 SET_ARCH=${SET_ARCH:=32}
89 SET_ARCH=${SET_ARCH:=32}
89 HOSTNAME=${HOSTNAME:=rpi${RPI_MODEL}-${RELEASE}}
90 HOSTNAME=${HOSTNAME:=rpi${RPI_MODEL}-${RELEASE}}
90 PASSWORD=${PASSWORD:=raspberry}
91 PASSWORD=${PASSWORD:=raspberry}
91 USER_PASSWORD=${USER_PASSWORD:=raspberry}
92 USER_PASSWORD=${USER_PASSWORD:=raspberry}
92 DEFLOCAL=${DEFLOCAL:="en_US.UTF-8"}
93 DEFLOCAL=${DEFLOCAL:="en_US.UTF-8"}
93 TIMEZONE=${TIMEZONE:="Europe/Berlin"}
94 TIMEZONE=${TIMEZONE:="Europe/Berlin"}
94 EXPANDROOT=${EXPANDROOT:=true}
95 EXPANDROOT=${EXPANDROOT:=true}
95
96
96 # Keyboard settings
97 # Keyboard settings
97 XKB_MODEL=${XKB_MODEL:=""}
98 XKB_MODEL=${XKB_MODEL:=""}
98 XKB_LAYOUT=${XKB_LAYOUT:=""}
99 XKB_LAYOUT=${XKB_LAYOUT:=""}
99 XKB_VARIANT=${XKB_VARIANT:=""}
100 XKB_VARIANT=${XKB_VARIANT:=""}
100 XKB_OPTIONS=${XKB_OPTIONS:=""}
101 XKB_OPTIONS=${XKB_OPTIONS:=""}
101
102
102 # Network settings (DHCP)
103 # Network settings (DHCP)
103 ENABLE_DHCP=${ENABLE_DHCP:=true}
104 ENABLE_DHCP=${ENABLE_DHCP:=true}
104
105
105 # Network settings (static)
106 # Network settings (static)
106 NET_ADDRESS=${NET_ADDRESS:=""}
107 NET_ADDRESS=${NET_ADDRESS:=""}
107 NET_GATEWAY=${NET_GATEWAY:=""}
108 NET_GATEWAY=${NET_GATEWAY:=""}
108 NET_DNS_1=${NET_DNS_1:=""}
109 NET_DNS_1=${NET_DNS_1:=""}
109 NET_DNS_2=${NET_DNS_2:=""}
110 NET_DNS_2=${NET_DNS_2:=""}
110 NET_DNS_DOMAINS=${NET_DNS_DOMAINS:=""}
111 NET_DNS_DOMAINS=${NET_DNS_DOMAINS:=""}
111 NET_NTP_1=${NET_NTP_1:=""}
112 NET_NTP_1=${NET_NTP_1:=""}
112 NET_NTP_2=${NET_NTP_2:=""}
113 NET_NTP_2=${NET_NTP_2:=""}
113
114
114 # APT settings
115 # APT settings
115 APT_PROXY=${APT_PROXY:=""}
116 APT_PROXY=${APT_PROXY:=""}
116 APT_SERVER=${APT_SERVER:="ftp.debian.org"}
117 APT_SERVER=${APT_SERVER:="ftp.debian.org"}
117
118
118 # Feature settings
119 # Feature settings
119 ENABLE_PRINTK=${ENABLE_PRINTK:=false}
120 ENABLE_PRINTK=${ENABLE_PRINTK:=false}
120 ENABLE_BLUETOOTH=${ENABLE_BLUETOOTH:=false}
121 ENABLE_BLUETOOTH=${ENABLE_BLUETOOTH:=false}
121 ENABLE_MINIUART_OVERLAY=${ENABLE_MINIUART_OVERLAY:=false}
122 ENABLE_MINIUART_OVERLAY=${ENABLE_MINIUART_OVERLAY:=false}
122 ENABLE_CONSOLE=${ENABLE_CONSOLE:=true}
123 ENABLE_CONSOLE=${ENABLE_CONSOLE:=true}
123 ENABLE_I2C=${ENABLE_I2C:=false}
124 ENABLE_I2C=${ENABLE_I2C:=false}
124 ENABLE_SPI=${ENABLE_SPI:=false}
125 ENABLE_SPI=${ENABLE_SPI:=false}
125 ENABLE_IPV6=${ENABLE_IPV6:=true}
126 ENABLE_IPV6=${ENABLE_IPV6:=true}
126 ENABLE_SSHD=${ENABLE_SSHD:=true}
127 ENABLE_SSHD=${ENABLE_SSHD:=true}
127 ENABLE_NONFREE=${ENABLE_NONFREE:=false}
128 ENABLE_NONFREE=${ENABLE_NONFREE:=false}
128 ENABLE_WIRELESS=${ENABLE_WIRELESS:=false}
129 ENABLE_WIRELESS=${ENABLE_WIRELESS:=false}
129 ENABLE_SOUND=${ENABLE_SOUND:=true}
130 ENABLE_SOUND=${ENABLE_SOUND:=true}
130 ENABLE_DBUS=${ENABLE_DBUS:=true}
131 ENABLE_DBUS=${ENABLE_DBUS:=true}
131 ENABLE_HWRANDOM=${ENABLE_HWRANDOM:=true}
132 ENABLE_HWRANDOM=${ENABLE_HWRANDOM:=true}
132 ENABLE_MINGPU=${ENABLE_MINGPU:=false}
133 ENABLE_MINGPU=${ENABLE_MINGPU:=false}
133 ENABLE_XORG=${ENABLE_XORG:=false}
134 ENABLE_XORG=${ENABLE_XORG:=false}
134 ENABLE_WM=${ENABLE_WM:=""}
135 ENABLE_WM=${ENABLE_WM:=""}
135 ENABLE_RSYSLOG=${ENABLE_RSYSLOG:=true}
136 ENABLE_RSYSLOG=${ENABLE_RSYSLOG:=true}
136 ENABLE_USER=${ENABLE_USER:=true}
137 ENABLE_USER=${ENABLE_USER:=true}
137 USER_NAME=${USER_NAME:="pi"}
138 USER_NAME=${USER_NAME:="pi"}
138 ENABLE_ROOT=${ENABLE_ROOT:=false}
139 ENABLE_ROOT=${ENABLE_ROOT:=false}
139 ENABLE_QEMU=${ENABLE_QEMU:=false}
140 ENABLE_QEMU=${ENABLE_QEMU:=false}
140 ENABLE_SYSVINIT=${ENABLE_SYSVINIT:=false}
141 ENABLE_SYSVINIT=${ENABLE_SYSVINIT:=false}
141
142
142 # SSH settings
143 # SSH settings
143 SSH_ENABLE_ROOT=${SSH_ENABLE_ROOT:=false}
144 SSH_ENABLE_ROOT=${SSH_ENABLE_ROOT:=false}
144 SSH_DISABLE_PASSWORD_AUTH=${SSH_DISABLE_PASSWORD_AUTH:=false}
145 SSH_DISABLE_PASSWORD_AUTH=${SSH_DISABLE_PASSWORD_AUTH:=false}
145 SSH_LIMIT_USERS=${SSH_LIMIT_USERS:=false}
146 SSH_LIMIT_USERS=${SSH_LIMIT_USERS:=false}
146 SSH_ROOT_PUB_KEY=${SSH_ROOT_PUB_KEY:=""}
147 SSH_ROOT_PUB_KEY=${SSH_ROOT_PUB_KEY:=""}
147 SSH_USER_PUB_KEY=${SSH_USER_PUB_KEY:=""}
148 SSH_USER_PUB_KEY=${SSH_USER_PUB_KEY:=""}
148
149
149 # Advanced settings
150 # Advanced settings
151 ENABLE_SYSTEMDSWAP=${ENABLE_MINBASE:=false}
150 ENABLE_MINBASE=${ENABLE_MINBASE:=false}
152 ENABLE_MINBASE=${ENABLE_MINBASE:=false}
151 ENABLE_REDUCE=${ENABLE_REDUCE:=false}
153 ENABLE_REDUCE=${ENABLE_REDUCE:=false}
152 ENABLE_UBOOT=${ENABLE_UBOOT:=false}
154 ENABLE_UBOOT=${ENABLE_UBOOT:=false}
153 UBOOTSRC_DIR=${UBOOTSRC_DIR:=""}
155 UBOOTSRC_DIR=${UBOOTSRC_DIR:=""}
154 ENABLE_UBOOTUSB=${ENABLE_UBOOTUSB=false}
156 ENABLE_UBOOTUSB=${ENABLE_UBOOTUSB=false}
155 ENABLE_FBTURBO=${ENABLE_FBTURBO:=false}
157 ENABLE_FBTURBO=${ENABLE_FBTURBO:=false}
156 ENABLE_VIDEOCORE=${ENABLE_VIDEOCORE:=false}
158 ENABLE_VIDEOCORE=${ENABLE_VIDEOCORE:=false}
157 ENABLE_NEXMON=${ENABLE_NEXMON:="false"}
159 ENABLE_NEXMON=${ENABLE_NEXMON:="false"}
158 VIDEOCORESRC_DIR=${VIDEOCORESRC_DIR:=""}
160 VIDEOCORESRC_DIR=${VIDEOCORESRC_DIR:=""}
159 FBTURBOSRC_DIR=${FBTURBOSRC_DIR:=""}
161 FBTURBOSRC_DIR=${FBTURBOSRC_DIR:=""}
160 NEXMON_DIR=${NEXMON_DIR:=""}
162 NEXMON_DIR=${NEXMON_DIR:=""}
161 ENABLE_HARDNET=${ENABLE_HARDNET:=false}
163 ENABLE_HARDNET=${ENABLE_HARDNET:=false}
162 ENABLE_IPTABLES=${ENABLE_IPTABLES:=false}
164 ENABLE_IPTABLES=${ENABLE_IPTABLES:=false}
163 ENABLE_SPLITFS=${ENABLE_SPLITFS:=false}
165 ENABLE_SPLITFS=${ENABLE_SPLITFS:=false}
164 ENABLE_INITRAMFS=${ENABLE_INITRAMFS:=false}
166 ENABLE_INITRAMFS=${ENABLE_INITRAMFS:=false}
165 ENABLE_IFNAMES=${ENABLE_IFNAMES:=true}
167 ENABLE_IFNAMES=${ENABLE_IFNAMES:=true}
166 DISABLE_UNDERVOLT_WARNINGS=${DISABLE_UNDERVOLT_WARNINGS:=}
168 DISABLE_UNDERVOLT_WARNINGS=${DISABLE_UNDERVOLT_WARNINGS:=}
167
169
168 # Kernel compilation settings
170 # Kernel compilation settings
169 BUILD_KERNEL=${BUILD_KERNEL:=true}
171 BUILD_KERNEL=${BUILD_KERNEL:=true}
170 KERNEL_REDUCE=${KERNEL_REDUCE:=false}
172 KERNEL_REDUCE=${KERNEL_REDUCE:=false}
171 KERNEL_THREADS=${KERNEL_THREADS:=1}
173 KERNEL_THREADS=${KERNEL_THREADS:=1}
172 KERNEL_HEADERS=${KERNEL_HEADERS:=true}
174 KERNEL_HEADERS=${KERNEL_HEADERS:=true}
173 KERNEL_MENUCONFIG=${KERNEL_MENUCONFIG:=false}
175 KERNEL_MENUCONFIG=${KERNEL_MENUCONFIG:=false}
174 KERNEL_REMOVESRC=${KERNEL_REMOVESRC:=true}
176 KERNEL_REMOVESRC=${KERNEL_REMOVESRC:=true}
175 KERNEL_OLDDEFCONFIG=${KERNEL_OLDDEFCONFIG:=false}
177 KERNEL_OLDDEFCONFIG=${KERNEL_OLDDEFCONFIG:=false}
176 KERNEL_CCACHE=${KERNEL_CCACHE:=false}
178 KERNEL_CCACHE=${KERNEL_CCACHE:=false}
177 KERNEL_ZSWAP=${KERNEL_ZSWAP:=false}
179 KERNEL_ZSWAP=${KERNEL_ZSWAP:=false}
178 KERNEL_VIRT=${KERNEL_VIRT:=false}
180 KERNEL_VIRT=${KERNEL_VIRT:=false}
179 KERNEL_BPF=${KERNEL_BPF:=false}
181 KERNEL_BPF=${KERNEL_BPF:=false}
180 KERNEL_DEFAULT_GOV=${KERNEL_DEFAULT_GOV:=POWERSAVE}
182 KERNEL_DEFAULT_GOV=${KERNEL_DEFAULT_GOV:=POWERSAVE}
181
183
182 # Kernel compilation from source directory settings
184 # Kernel compilation from source directory settings
183 KERNELSRC_DIR=${KERNELSRC_DIR:=""}
185 KERNELSRC_DIR=${KERNELSRC_DIR:=""}
184 KERNELSRC_CLEAN=${KERNELSRC_CLEAN:=false}
186 KERNELSRC_CLEAN=${KERNELSRC_CLEAN:=false}
185 KERNELSRC_CONFIG=${KERNELSRC_CONFIG:=true}
187 KERNELSRC_CONFIG=${KERNELSRC_CONFIG:=true}
186 KERNELSRC_PREBUILT=${KERNELSRC_PREBUILT:=false}
188 KERNELSRC_PREBUILT=${KERNELSRC_PREBUILT:=false}
187
189
188 # Reduce disk usage settings
190 # Reduce disk usage settings
189 REDUCE_APT=${REDUCE_APT:=true}
191 REDUCE_APT=${REDUCE_APT:=true}
190 REDUCE_DOC=${REDUCE_DOC:=true}
192 REDUCE_DOC=${REDUCE_DOC:=true}
191 REDUCE_MAN=${REDUCE_MAN:=true}
193 REDUCE_MAN=${REDUCE_MAN:=true}
192 REDUCE_VIM=${REDUCE_VIM:=false}
194 REDUCE_VIM=${REDUCE_VIM:=false}
193 REDUCE_BASH=${REDUCE_BASH:=false}
195 REDUCE_BASH=${REDUCE_BASH:=false}
194 REDUCE_HWDB=${REDUCE_HWDB:=true}
196 REDUCE_HWDB=${REDUCE_HWDB:=true}
195 REDUCE_SSHD=${REDUCE_SSHD:=true}
197 REDUCE_SSHD=${REDUCE_SSHD:=true}
196 REDUCE_LOCALE=${REDUCE_LOCALE:=true}
198 REDUCE_LOCALE=${REDUCE_LOCALE:=true}
197
199
198 # Encrypted filesystem settings
200 # Encrypted filesystem settings
199 ENABLE_CRYPTFS=${ENABLE_CRYPTFS:=false}
201 ENABLE_CRYPTFS=${ENABLE_CRYPTFS:=false}
200 CRYPTFS_PASSWORD=${CRYPTFS_PASSWORD:=""}
202 CRYPTFS_PASSWORD=${CRYPTFS_PASSWORD:=""}
201 CRYPTFS_MAPPING=${CRYPTFS_MAPPING:="secure"}
203 CRYPTFS_MAPPING=${CRYPTFS_MAPPING:="secure"}
202 CRYPTFS_CIPHER=${CRYPTFS_CIPHER:="aes-xts-plain64:sha512"}
204 CRYPTFS_CIPHER=${CRYPTFS_CIPHER:="aes-xts-plain64:sha512"}
203 CRYPTFS_XTSKEYSIZE=${CRYPTFS_XTSKEYSIZE:=512}
205 CRYPTFS_XTSKEYSIZE=${CRYPTFS_XTSKEYSIZE:=512}
204 #Dropbear-initramfs supports unlocking encrypted filesystem via SSH on bootup
206 #Dropbear-initramfs supports unlocking encrypted filesystem via SSH on bootup
205 CRYPTFS_DROPBEAR=${CRYPTFS_DROPBEAR:=false}
207 CRYPTFS_DROPBEAR=${CRYPTFS_DROPBEAR:=false}
206 #Provide your own Dropbear Public RSA-OpenSSH Key otherwise it will be generated
208 #Provide your own Dropbear Public RSA-OpenSSH Key otherwise it will be generated
207 CRYPTFS_DROPBEAR_PUBKEY=${CRYPTFS_DROPBEAR_PUBKEY:=""}
209 CRYPTFS_DROPBEAR_PUBKEY=${CRYPTFS_DROPBEAR_PUBKEY:=""}
208
210
209 # Chroot scripts directory
211 # Chroot scripts directory
210 CHROOT_SCRIPTS=${CHROOT_SCRIPTS:=""}
212 CHROOT_SCRIPTS=${CHROOT_SCRIPTS:=""}
211
213
212 # Packages required in the chroot build environment
214 # Packages required in the chroot build environment
213 APT_INCLUDES=${APT_INCLUDES:=""}
215 APT_INCLUDES=${APT_INCLUDES:=""}
214 APT_INCLUDES="${APT_INCLUDES},apt-transport-https,apt-utils,ca-certificates,debian-archive-keyring,dialog,sudo,systemd,sysvinit-utils,locales,keyboard-configuration,console-setup,libnss-systemd"
216 APT_INCLUDES="${APT_INCLUDES},apt-transport-https,apt-utils,ca-certificates,debian-archive-keyring,dialog,sudo,systemd,sysvinit-utils,locales,keyboard-configuration,console-setup,libnss-systemd"
215
217
216 #Packages to exclude from chroot build environment
218 #Packages to exclude from chroot build environment
217 APT_EXCLUDES=${APT_EXCLUDES:=""}
219 APT_EXCLUDES=${APT_EXCLUDES:=""}
218
220
219 # Packages required for bootstrapping
221 # Packages required for bootstrapping
220 REQUIRED_PACKAGES="debootstrap debian-archive-keyring qemu-user-static binfmt-support dosfstools rsync bmap-tools whois git bc psmisc dbus sudo netselect-apt"
222 REQUIRED_PACKAGES="debootstrap debian-archive-keyring qemu-user-static binfmt-support dosfstools rsync bmap-tools whois git bc psmisc dbus sudo netselect-apt"
221 MISSING_PACKAGES=""
223 MISSING_PACKAGES=""
222
224
223 # Packages installed for c/c++ build environment in chroot (keep empty)
225 # Packages installed for c/c++ build environment in chroot (keep empty)
224 COMPILER_PACKAGES=""
226 COMPILER_PACKAGES=""
225
227
226 set +x
228 set +x
227
229
228 #Check if apt-cacher-ng has port 3142 open and set APT_PROXY
230 #Check if apt-cacher-ng has port 3142 open and set APT_PROXY
229 APT_CACHER_RUNNING=$(lsof -i :3142 | grep apt-cacher-ng | cut -d ' ' -f3 | uniq)
231 APT_CACHER_RUNNING=$(lsof -i :3142 | grep apt-cacher-ng | cut -d ' ' -f3 | uniq)
230 if [ -n "${APT_CACHER_RUNNING}" ] ; then
232 if [ -n "${APT_CACHER_RUNNING}" ] ; then
231 APT_PROXY=http://127.0.0.1:3142/
233 APT_PROXY=http://127.0.0.1:3142/
232 fi
234 fi
233
235
234 #netselect-apt does not know buster yet
236 #netselect-apt does not know buster yet
235 if [ "$RELEASE" = "buster" ] ; then
237 if [ "$RELEASE" = "buster" ] ; then
236 RLS=testing
238 RLS=testing
237 else
239 else
238 RLS="$RELEASE"
240 RLS="$RELEASE"
239 fi
241 fi
240
242
241 if [ -f "$(pwd)/files/apt/sources.list" ] ; then
243 if [ -f "$(pwd)/files/apt/sources.list" ] ; then
242 rm "$(pwd)/files/apt/sources.list"
244 rm "$(pwd)/files/apt/sources.list"
243 fi
245 fi
244
246
245 if [ "$ENABLE_NONFREE" = true ] ; then
247 if [ "$ENABLE_NONFREE" = true ] ; then
246 netselect-apt --arch "$RELEASE_ARCH" --tests 10 --sources --nonfree --outfile "$(pwd)/files/apt/sources.list" -d "$RLS"
248 netselect-apt --arch "$RELEASE_ARCH" --tests 10 --sources --nonfree --outfile "$(pwd)/files/apt/sources.list" -d "$RLS"
247 else
249 else
248 netselect-apt --arch "$RELEASE_ARCH" --tests 10 --sources --outfile "$(pwd)/files/apt/sources.list" -d "$RLS"
250 netselect-apt --arch "$RELEASE_ARCH" --tests 10 --sources --outfile "$(pwd)/files/apt/sources.list" -d "$RLS"
249 fi
251 fi
250
252
251 #sed and cut the result string so we can use it as APT_SERVER
253 #sed and cut the result string so we can use it as APT_SERVER
252 APT_SERVER=$(grep -m 1 http files/apt/sources.list | sed "s|http://| |g" | cut -d ' ' -f 3 | sed 's|/$|''|')
254 APT_SERVER=$(grep -m 1 http files/apt/sources.list | sed "s|http://| |g" | cut -d ' ' -f 3 | sed 's|/$|''|')
253
255
254 #make script easier and more stable to use with convenient setup switch. Just setup SET_ARCH and RPI_MODEL and your good to go!
256 #make script easier and more stable to use with convenient setup switch. Just setup SET_ARCH and RPI_MODEL and your good to go!
255 if [ -n "$SET_ARCH" ] ; then
257 if [ -n "$SET_ARCH" ] ; then
256 # 64 bit configuration
258 # 64 bit configuration
257 if [ "$SET_ARCH" = 64 ] ; then
259 if [ "$SET_ARCH" = 64 ] ; then
258 # General 64 bit depended settings
260 # General 64 bit depended settings
259 QEMU_BINARY=${QEMU_BINARY:=/usr/bin/qemu-aarch64-static}
261 QEMU_BINARY=${QEMU_BINARY:=/usr/bin/qemu-aarch64-static}
260 KERNEL_ARCH=${KERNEL_ARCH:=arm64}
262 KERNEL_ARCH=${KERNEL_ARCH:=arm64}
261 KERNEL_BIN_IMAGE=${KERNEL_BIN_IMAGE:="Image"}
263 KERNEL_BIN_IMAGE=${KERNEL_BIN_IMAGE:="Image"}
262
264
263 # Board specific settings
265 # Board specific settings
264 if [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] ; then
266 if [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] ; then
265 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} crossbuild-essential-arm64"
267 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} crossbuild-essential-arm64"
266 KERNEL_DEFCONFIG=${KERNEL_DEFCONFIG:=bcmrpi3_defconfig}
268 KERNEL_DEFCONFIG=${KERNEL_DEFCONFIG:=bcmrpi3_defconfig}
267 RELEASE_ARCH=${RELEASE_ARCH:=arm64}
269 RELEASE_ARCH=${RELEASE_ARCH:=arm64}
268 KERNEL_IMAGE=${KERNEL_IMAGE:=kernel8.img}
270 KERNEL_IMAGE=${KERNEL_IMAGE:=kernel8.img}
269 CROSS_COMPILE=${CROSS_COMPILE:=aarch64-linux-gnu-}
271 CROSS_COMPILE=${CROSS_COMPILE:=aarch64-linux-gnu-}
270 else
272 else
271 echo "error: Only Raspberry PI 3 and 3B+ support 64 bit"
273 echo "error: Only Raspberry PI 3 and 3B+ support 64 bit"
272 exit 1
274 exit 1
273 fi
275 fi
274 fi
276 fi
275
277
276 # 32 bit configuration
278 # 32 bit configuration
277 if [ "$SET_ARCH" = 32 ] ; then
279 if [ "$SET_ARCH" = 32 ] ; then
278 # General 32 bit dependend settings
280 # General 32 bit dependend settings
279 QEMU_BINARY=${QEMU_BINARY:=/usr/bin/qemu-arm-static}
281 QEMU_BINARY=${QEMU_BINARY:=/usr/bin/qemu-arm-static}
280 KERNEL_ARCH=${KERNEL_ARCH:=arm}
282 KERNEL_ARCH=${KERNEL_ARCH:=arm}
281 KERNEL_BIN_IMAGE=${KERNEL_BIN_IMAGE:="zImage"}
283 KERNEL_BIN_IMAGE=${KERNEL_BIN_IMAGE:="zImage"}
282
284
283 # Hardware specific settings
285 # Hardware specific settings
284 if [ "$RPI_MODEL" = 0 ] || [ "$RPI_MODEL" = 1 ] || [ "$RPI_MODEL" = 1P ] ; then
286 if [ "$RPI_MODEL" = 0 ] || [ "$RPI_MODEL" = 1 ] || [ "$RPI_MODEL" = 1P ] ; then
285 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} crossbuild-essential-armel"
287 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} crossbuild-essential-armel"
286 KERNEL_DEFCONFIG=${KERNEL_DEFCONFIG:=bcmrpi_defconfig}
288 KERNEL_DEFCONFIG=${KERNEL_DEFCONFIG:=bcmrpi_defconfig}
287 RELEASE_ARCH=${RELEASE_ARCH:=armel}
289 RELEASE_ARCH=${RELEASE_ARCH:=armel}
288 KERNEL_IMAGE=${KERNEL_IMAGE:=kernel.img}
290 KERNEL_IMAGE=${KERNEL_IMAGE:=kernel.img}
289 CROSS_COMPILE=${CROSS_COMPILE:=arm-linux-gnueabi-}
291 CROSS_COMPILE=${CROSS_COMPILE:=arm-linux-gnueabi-}
290 fi
292 fi
291
293
292 # Hardware specific settings
294 # Hardware specific settings
293 if [ "$RPI_MODEL" = 2 ] || [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] ; then
295 if [ "$RPI_MODEL" = 2 ] || [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] ; then
294 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} crossbuild-essential-armhf"
296 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} crossbuild-essential-armhf"
295 KERNEL_DEFCONFIG=${KERNEL_DEFCONFIG:=bcm2709_defconfig}
297 KERNEL_DEFCONFIG=${KERNEL_DEFCONFIG:=bcm2709_defconfig}
296 RELEASE_ARCH=${RELEASE_ARCH:=armhf}
298 RELEASE_ARCH=${RELEASE_ARCH:=armhf}
297 KERNEL_IMAGE=${KERNEL_IMAGE:=kernel7.img}
299 KERNEL_IMAGE=${KERNEL_IMAGE:=kernel7.img}
298 CROSS_COMPILE=${CROSS_COMPILE:=arm-linux-gnueabihf-}
300 CROSS_COMPILE=${CROSS_COMPILE:=arm-linux-gnueabihf-}
299 fi
301 fi
300 fi
302 fi
301 #SET_ARCH not set
303 #SET_ARCH not set
302 else
304 else
303 echo "error: Please set '32' or '64' as value for SET_ARCH"
305 echo "error: Please set '32' or '64' as value for SET_ARCH"
304 exit 1
306 exit 1
305 fi
307 fi
306 # Device specific configuration and U-Boot configuration
308 # Device specific configuration and U-Boot configuration
307 case "$RPI_MODEL" in
309 case "$RPI_MODEL" in
308 0)
310 0)
309 DTB_FILE=${DTB_FILE:=bcm2708-rpi-0-w.dtb}
311 DTB_FILE=${DTB_FILE:=bcm2708-rpi-0-w.dtb}
310 UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_defconfig}
312 UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_defconfig}
311 ;;
313 ;;
312 1)
314 1)
313 DTB_FILE=${DTB_FILE:=bcm2708-rpi-b.dtb}
315 DTB_FILE=${DTB_FILE:=bcm2708-rpi-b.dtb}
314 UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_defconfig}
316 UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_defconfig}
315 ;;
317 ;;
316 1P)
318 1P)
317 DTB_FILE=${DTB_FILE:=bcm2708-rpi-b-plus.dtb}
319 DTB_FILE=${DTB_FILE:=bcm2708-rpi-b-plus.dtb}
318 UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_defconfig}
320 UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_defconfig}
319 ;;
321 ;;
320 2)
322 2)
321 DTB_FILE=${DTB_FILE:=bcm2709-rpi-2-b.dtb}
323 DTB_FILE=${DTB_FILE:=bcm2709-rpi-2-b.dtb}
322 UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_2_defconfig}
324 UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_2_defconfig}
323 ;;
325 ;;
324 3)
326 3)
325 DTB_FILE=${DTB_FILE:=bcm2710-rpi-3-b.dtb}
327 DTB_FILE=${DTB_FILE:=bcm2710-rpi-3-b.dtb}
326 UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_3_defconfig}
328 UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_3_defconfig}
327 ;;
329 ;;
328 3P)
330 3P)
329 DTB_FILE=${DTB_FILE:=bcm2710-rpi-3-b.dtb}
331 DTB_FILE=${DTB_FILE:=bcm2710-rpi-3-b.dtb}
330 UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_3_defconfig}
332 UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_3_defconfig}
331 ;;
333 ;;
332 *)
334 *)
333 echo "error: Raspberry Pi model $RPI_MODEL is not supported!"
335 echo "error: Raspberry Pi model $RPI_MODEL is not supported!"
334 exit 1
336 exit 1
335 ;;
337 ;;
336 esac
338 esac
337
339
338 # Raspberry PI 0,3,3P with Bluetooth and Wifi onboard
340 # Raspberry PI 0,3,3P with Bluetooth and Wifi onboard
339 if [ "$RPI_MODEL" = 0 ] || [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] ; then
341 if [ "$RPI_MODEL" = 0 ] || [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] ; then
340 # Include bluetooth packages on supported boards
342 # Include bluetooth packages on supported boards
341 if [ "$ENABLE_BLUETOOTH" = true ] && [ "$ENABLE_CONSOLE" = false ]; then
343 if [ "$ENABLE_BLUETOOTH" = true ] && [ "$ENABLE_CONSOLE" = false ]; then
342 APT_INCLUDES="${APT_INCLUDES},bluetooth,bluez"
344 APT_INCLUDES="${APT_INCLUDES},bluetooth,bluez"
343 fi
345 fi
344 else # Raspberry PI 1,1P,2 without Wifi and bluetooth onboard
346 else # Raspberry PI 1,1P,2 without Wifi and bluetooth onboard
345 # Check if the internal wireless interface is not supported by the RPi model
347 # Check if the internal wireless interface is not supported by the RPi model
346 if [ "$ENABLE_WIRELESS" = true ] || [ "$ENABLE_BLUETOOTH" = true ]; then
348 if [ "$ENABLE_WIRELESS" = true ] || [ "$ENABLE_BLUETOOTH" = true ]; then
347 echo "error: The selected Raspberry Pi model has no integrated interface for wireless or bluetooth"
349 echo "error: The selected Raspberry Pi model has no integrated interface for wireless or bluetooth"
348 exit 1
350 exit 1
349 fi
351 fi
350 fi
352 fi
351
353
352 # Prepare date string for default image file name
354 # Prepare date string for default image file name
353 DATE="$(date +%Y-%m-%d)"
355 DATE="$(date +%Y-%m-%d)"
354 if [ -z "$KERNEL_BRANCH" ] ; then
356 if [ -z "$KERNEL_BRANCH" ] ; then
355 IMAGE_NAME=${IMAGE_NAME:=${BASEDIR}/${DATE}-${KERNEL_ARCH}-CURRENT-rpi${RPI_MODEL}-${RELEASE}-${RELEASE_ARCH}}
357 IMAGE_NAME=${IMAGE_NAME:=${BASEDIR}/${DATE}-${KERNEL_ARCH}-CURRENT-rpi${RPI_MODEL}-${RELEASE}-${RELEASE_ARCH}}
356 else
358 else
357 IMAGE_NAME=${IMAGE_NAME:=${BASEDIR}/${DATE}-${KERNEL_ARCH}-${KERNEL_BRANCH}-rpi${RPI_MODEL}-${RELEASE}-${RELEASE_ARCH}}
359 IMAGE_NAME=${IMAGE_NAME:=${BASEDIR}/${DATE}-${KERNEL_ARCH}-${KERNEL_BRANCH}-rpi${RPI_MODEL}-${RELEASE}-${RELEASE_ARCH}}
358 fi
360 fi
359
361
360 # Check if DISABLE_UNDERVOLT_WARNINGS parameter value is supported
362 # Check if DISABLE_UNDERVOLT_WARNINGS parameter value is supported
361 if [ -n "$DISABLE_UNDERVOLT_WARNINGS" ] ; then
363 if [ -n "$DISABLE_UNDERVOLT_WARNINGS" ] ; then
362 if [ "$DISABLE_UNDERVOLT_WARNINGS" != 1 ] && [ "$DISABLE_UNDERVOLT_WARNINGS" != 2 ] ; then
364 if [ "$DISABLE_UNDERVOLT_WARNINGS" != 1 ] && [ "$DISABLE_UNDERVOLT_WARNINGS" != 2 ] ; then
363 echo "error: DISABLE_UNDERVOLT_WARNINGS=${DISABLE_UNDERVOLT_WARNINGS} is not supported"
365 echo "error: DISABLE_UNDERVOLT_WARNINGS=${DISABLE_UNDERVOLT_WARNINGS} is not supported"
364 exit 1
366 exit 1
365 fi
367 fi
366 fi
368 fi
367
369
368 # Add cmake to compile videocore sources
370 # Add cmake to compile videocore sources
369 if [ "$ENABLE_VIDEOCORE" = true ] ; then
371 if [ "$ENABLE_VIDEOCORE" = true ] ; then
370 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} cmake"
372 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} cmake"
371 fi
373 fi
372
374
373 # Add libncurses5 to enable kernel menuconfig
375 # Add libncurses5 to enable kernel menuconfig
374 if [ "$KERNEL_MENUCONFIG" = true ] ; then
376 if [ "$KERNEL_MENUCONFIG" = true ] ; then
375 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} libncurses-dev"
377 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} libncurses-dev"
376 fi
378 fi
377
379
378 # Add ccache compiler cache for (faster) kernel cross (re)compilation
380 # Add ccache compiler cache for (faster) kernel cross (re)compilation
379 if [ "$KERNEL_CCACHE" = true ] ; then
381 if [ "$KERNEL_CCACHE" = true ] ; then
380 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} ccache"
382 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} ccache"
381 fi
383 fi
382
384
383 # Add cryptsetup package to enable filesystem encryption
385 # Add cryptsetup package to enable filesystem encryption
384 if [ "$ENABLE_CRYPTFS" = true ] && [ "$BUILD_KERNEL" = true ] ; then
386 if [ "$ENABLE_CRYPTFS" = true ] && [ "$BUILD_KERNEL" = true ] ; then
385 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} cryptsetup"
387 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} cryptsetup"
386 APT_INCLUDES="${APT_INCLUDES},cryptsetup,busybox,console-setup"
388 APT_INCLUDES="${APT_INCLUDES},cryptsetup,busybox,console-setup"
387
389
388 #If cryptfs,dropbear and initramfs are enabled include dropbear-initramfs package
390 #If cryptfs,dropbear and initramfs are enabled include dropbear-initramfs package
389 if [ "$CRYPTFS_DROPBEAR" = true ] && [ "$ENABLE_INITRAMFS" = true ]; then
391 if [ "$CRYPTFS_DROPBEAR" = true ] && [ "$ENABLE_INITRAMFS" = true ]; then
390 APT_INCLUDES="${APT_INCLUDES},dropbear-initramfs"
392 APT_INCLUDES="${APT_INCLUDES},dropbear-initramfs"
391 fi
393 fi
392
394
393 if [ -z "$CRYPTFS_PASSWORD" ] ; then
395 if [ -z "$CRYPTFS_PASSWORD" ] ; then
394 echo "error: no password defined (CRYPTFS_PASSWORD)!"
396 echo "error: no password defined (CRYPTFS_PASSWORD)!"
395 exit 1
397 exit 1
396 fi
398 fi
397 ENABLE_INITRAMFS=true
399 ENABLE_INITRAMFS=true
398 fi
400 fi
399
401
400 # Add initramfs generation tools
402 # Add initramfs generation tools
401 if [ "$ENABLE_INITRAMFS" = true ] && [ "$BUILD_KERNEL" = true ] ; then
403 if [ "$ENABLE_INITRAMFS" = true ] && [ "$BUILD_KERNEL" = true ] ; then
402 APT_INCLUDES="${APT_INCLUDES},initramfs-tools"
404 APT_INCLUDES="${APT_INCLUDES},initramfs-tools"
403 fi
405 fi
404
406
405 # Add device-tree-compiler required for building the U-Boot bootloader
407 # Add device-tree-compiler required for building the U-Boot bootloader
406 if [ "$ENABLE_UBOOT" = true ] ; then
408 if [ "$ENABLE_UBOOT" = true ] ; then
407 APT_INCLUDES="${APT_INCLUDES},device-tree-compiler,bison,flex,bc"
409 APT_INCLUDES="${APT_INCLUDES},device-tree-compiler,bison,flex,bc"
408 else
410 else
409 if [ "$ENABLE_UBOOTUSB" = true ] ; then
411 if [ "$ENABLE_UBOOTUSB" = true ] ; then
410 echo "error: Enabling UBOOTUSB requires u-boot to be enabled"
412 echo "error: Enabling UBOOTUSB requires u-boot to be enabled"
411 exit 1
413 exit 1
412 fi
414 fi
413 fi
415 fi
414
416
415 # Check if root SSH (v2) public key file exists
417 # Check if root SSH (v2) public key file exists
416 if [ -n "$SSH_ROOT_PUB_KEY" ] ; then
418 if [ -n "$SSH_ROOT_PUB_KEY" ] ; then
417 if [ ! -f "$SSH_ROOT_PUB_KEY" ] ; then
419 if [ ! -f "$SSH_ROOT_PUB_KEY" ] ; then
418 echo "error: '$SSH_ROOT_PUB_KEY' specified SSH public key file not found (SSH_ROOT_PUB_KEY)!"
420 echo "error: '$SSH_ROOT_PUB_KEY' specified SSH public key file not found (SSH_ROOT_PUB_KEY)!"
419 exit 1
421 exit 1
420 fi
422 fi
421 fi
423 fi
422
424
423 # Check if $USER_NAME SSH (v2) public key file exists
425 # Check if $USER_NAME SSH (v2) public key file exists
424 if [ -n "$SSH_USER_PUB_KEY" ] ; then
426 if [ -n "$SSH_USER_PUB_KEY" ] ; then
425 if [ ! -f "$SSH_USER_PUB_KEY" ] ; then
427 if [ ! -f "$SSH_USER_PUB_KEY" ] ; then
426 echo "error: '$SSH_USER_PUB_KEY' specified SSH public key file not found (SSH_USER_PUB_KEY)!"
428 echo "error: '$SSH_USER_PUB_KEY' specified SSH public key file not found (SSH_USER_PUB_KEY)!"
427 exit 1
429 exit 1
428 fi
430 fi
429 fi
431 fi
430
432
431 # Check if all required packages are installed on the build system
433 # Check if all required packages are installed on the build system
432 for package in $REQUIRED_PACKAGES ; do
434 for package in $REQUIRED_PACKAGES ; do
433 if [ "$(dpkg-query -W -f='${Status}' "$package")" != "install ok installed" ] ; then
435 if [ "$(dpkg-query -W -f='${Status}' "$package")" != "install ok installed" ] ; then
434 MISSING_PACKAGES="${MISSING_PACKAGES} $package"
436 MISSING_PACKAGES="${MISSING_PACKAGES} $package"
435 fi
437 fi
436 done
438 done
437
439
438 # If there are missing packages ask confirmation for install, or exit
440 # If there are missing packages ask confirmation for install, or exit
439 if [ -n "$MISSING_PACKAGES" ] ; then
441 if [ -n "$MISSING_PACKAGES" ] ; then
440 echo "the following packages needed by this script are not installed:"
442 echo "the following packages needed by this script are not installed:"
441 echo "$MISSING_PACKAGES"
443 echo "$MISSING_PACKAGES"
442
444
443 printf "\ndo you want to install the missing packages right now? [y/n] "
445 printf "\ndo you want to install the missing packages right now? [y/n] "
444 read -r confirm
446 read -r confirm
445 [ "$confirm" != "y" ] && exit 1
447 [ "$confirm" != "y" ] && exit 1
446
448
447 # Make sure all missing required packages are installed
449 # Make sure all missing required packages are installed
448 apt-get -qq -y install "${MISSING_PACKAGES}"
450 apt-get -qq -y install "${MISSING_PACKAGES}"
449 fi
451 fi
450
452
451 # Check if ./bootstrap.d directory exists
453 # Check if ./bootstrap.d directory exists
452 if [ ! -d "./bootstrap.d/" ] ; then
454 if [ ! -d "./bootstrap.d/" ] ; then
453 echo "error: './bootstrap.d' required directory not found!"
455 echo "error: './bootstrap.d' required directory not found!"
454 exit 1
456 exit 1
455 fi
457 fi
456
458
457 # Check if ./files directory exists
459 # Check if ./files directory exists
458 if [ ! -d "./files/" ] ; then
460 if [ ! -d "./files/" ] ; then
459 echo "error: './files' required directory not found!"
461 echo "error: './files' required directory not found!"
460 exit 1
462 exit 1
461 fi
463 fi
462
464
463 # Check if specified KERNELSRC_DIR directory exists
465 # Check if specified KERNELSRC_DIR directory exists
464 if [ -n "$KERNELSRC_DIR" ] && [ ! -d "$KERNELSRC_DIR" ] ; then
466 if [ -n "$KERNELSRC_DIR" ] && [ ! -d "$KERNELSRC_DIR" ] ; then
465 echo "error: '${KERNELSRC_DIR}' specified directory not found (KERNELSRC_DIR)!"
467 echo "error: '${KERNELSRC_DIR}' specified directory not found (KERNELSRC_DIR)!"
466 exit 1
468 exit 1
467 fi
469 fi
468
470
469 # Check if specified UBOOTSRC_DIR directory exists
471 # Check if specified UBOOTSRC_DIR directory exists
470 if [ -n "$UBOOTSRC_DIR" ] && [ ! -d "$UBOOTSRC_DIR" ] ; then
472 if [ -n "$UBOOTSRC_DIR" ] && [ ! -d "$UBOOTSRC_DIR" ] ; then
471 echo "error: '${UBOOTSRC_DIR}' specified directory not found (UBOOTSRC_DIR)!"
473 echo "error: '${UBOOTSRC_DIR}' specified directory not found (UBOOTSRC_DIR)!"
472 exit 1
474 exit 1
473 fi
475 fi
474
476
475 # Check if specified VIDEOCORESRC_DIR directory exists
477 # Check if specified VIDEOCORESRC_DIR directory exists
476 if [ -n "$VIDEOCORESRC_DIR" ] && [ ! -d "$VIDEOCORESRC_DIR" ] ; then
478 if [ -n "$VIDEOCORESRC_DIR" ] && [ ! -d "$VIDEOCORESRC_DIR" ] ; then
477 echo "error: '${VIDEOCORESRC_DIR}' specified directory not found (VIDEOCORESRC_DIR)!"
479 echo "error: '${VIDEOCORESRC_DIR}' specified directory not found (VIDEOCORESRC_DIR)!"
478 exit 1
480 exit 1
479 fi
481 fi
480
482
481 # Check if specified FBTURBOSRC_DIR directory exists
483 # Check if specified FBTURBOSRC_DIR directory exists
482 if [ -n "$FBTURBOSRC_DIR" ] && [ ! -d "$FBTURBOSRC_DIR" ] ; then
484 if [ -n "$FBTURBOSRC_DIR" ] && [ ! -d "$FBTURBOSRC_DIR" ] ; then
483 echo "error: '${FBTURBOSRC_DIR}' specified directory not found (FBTURBOSRC_DIR)!"
485 echo "error: '${FBTURBOSRC_DIR}' specified directory not found (FBTURBOSRC_DIR)!"
484 exit 1
486 exit 1
485 fi
487 fi
486
488
487 # Check if specified NEXMON_DIR directory exists
489 # Check if specified NEXMON_DIR directory exists
488 if [ -n "$NEXMON_DIR" ] && [ ! -d "$NEXMON_DIR" ] ; then
490 if [ -n "$NEXMON_DIR" ] && [ ! -d "$NEXMON_DIR" ] ; then
489 echo "error: '${NEXMON_DIR}' specified directory not found (NEXMON_DIR)!"
491 echo "error: '${NEXMON_DIR}' specified directory not found (NEXMON_DIR)!"
490 exit 1
492 exit 1
491 fi
493 fi
492
494
493 # Check if specified CHROOT_SCRIPTS directory exists
495 # Check if specified CHROOT_SCRIPTS directory exists
494 if [ -n "$CHROOT_SCRIPTS" ] && [ ! -d "$CHROOT_SCRIPTS" ] ; then
496 if [ -n "$CHROOT_SCRIPTS" ] && [ ! -d "$CHROOT_SCRIPTS" ] ; then
495 echo "error: ${CHROOT_SCRIPTS} specified directory not found (CHROOT_SCRIPTS)!"
497 echo "error: ${CHROOT_SCRIPTS} specified directory not found (CHROOT_SCRIPTS)!"
496 exit 1
498 exit 1
497 fi
499 fi
498
500
499 # Check if specified device mapping already exists (will be used by cryptsetup)
501 # Check if specified device mapping already exists (will be used by cryptsetup)
500 if [ -r "/dev/mapping/${CRYPTFS_MAPPING}" ] ; then
502 if [ -r "/dev/mapping/${CRYPTFS_MAPPING}" ] ; then
501 echo "error: mapping /dev/mapping/${CRYPTFS_MAPPING} already exists, not proceeding"
503 echo "error: mapping /dev/mapping/${CRYPTFS_MAPPING} already exists, not proceeding"
502 exit 1
504 exit 1
503 fi
505 fi
504
506
505 # Don't clobber an old build
507 # Don't clobber an old build
506 if [ -e "$BUILDDIR" ] ; then
508 if [ -e "$BUILDDIR" ] ; then
507 echo "error: directory ${BUILDDIR} already exists, not proceeding"
509 echo "error: directory ${BUILDDIR} already exists, not proceeding"
508 exit 1
510 exit 1
509 fi
511 fi
510
512
511 # Setup chroot directory
513 # Setup chroot directory
512 mkdir -p "${R}"
514 mkdir -p "${R}"
513
515
514 # Check if build directory has enough of free disk space >512MB
516 # Check if build directory has enough of free disk space >512MB
515 if [ "$(df --output=avail "${BUILDDIR}" | sed "1d")" -le "524288" ] ; then
517 if [ "$(df --output=avail "${BUILDDIR}" | sed "1d")" -le "524288" ] ; then
516 echo "error: ${BUILDDIR} not enough space left to generate the output image!"
518 echo "error: ${BUILDDIR} not enough space left to generate the output image!"
517 exit 1
519 exit 1
518 fi
520 fi
519
521
520 set -x
522 set -x
521
523
522 # Call "cleanup" function on various signals and errors
524 # Call "cleanup" function on various signals and errors
523 trap cleanup 0 1 2 3 6
525 trap cleanup 0 1 2 3 6
524
526
525 # Add required packages for the minbase installation
527 # Add required packages for the minbase installation
526 if [ "$ENABLE_MINBASE" = true ] ; then
528 if [ "$ENABLE_MINBASE" = true ] ; then
527 APT_INCLUDES="${APT_INCLUDES},vim-tiny,netbase,net-tools,ifupdown"
529 APT_INCLUDES="${APT_INCLUDES},vim-tiny,netbase,net-tools,ifupdown"
528 fi
530 fi
529
531
530 # Add parted package, required to get partprobe utility
532 # Add parted package, required to get partprobe utility
531 if [ "$EXPANDROOT" = true ] ; then
533 if [ "$EXPANDROOT" = true ] ; then
532 APT_INCLUDES="${APT_INCLUDES},parted"
534 APT_INCLUDES="${APT_INCLUDES},parted"
533 fi
535 fi
534
536
535 # Add dbus package, recommended if using systemd
537 # Add dbus package, recommended if using systemd
536 if [ "$ENABLE_DBUS" = true ] ; then
538 if [ "$ENABLE_DBUS" = true ] ; then
537 APT_INCLUDES="${APT_INCLUDES},dbus"
539 APT_INCLUDES="${APT_INCLUDES},dbus"
538 fi
540 fi
539
541
540 # Add iptables IPv4/IPv6 package
542 # Add iptables IPv4/IPv6 package
541 if [ "$ENABLE_IPTABLES" = true ] ; then
543 if [ "$ENABLE_IPTABLES" = true ] ; then
542 APT_INCLUDES="${APT_INCLUDES},iptables,iptables-persistent"
544 APT_INCLUDES="${APT_INCLUDES},iptables,iptables-persistent"
543 fi
545 fi
544
546
545 # Add openssh server package
547 # Add openssh server package
546 if [ "$ENABLE_SSHD" = true ] ; then
548 if [ "$ENABLE_SSHD" = true ] ; then
547 APT_INCLUDES="${APT_INCLUDES},openssh-server"
549 APT_INCLUDES="${APT_INCLUDES},openssh-server"
548 fi
550 fi
549
551
550 # Add alsa-utils package
552 # Add alsa-utils package
551 if [ "$ENABLE_SOUND" = true ] ; then
553 if [ "$ENABLE_SOUND" = true ] ; then
552 APT_INCLUDES="${APT_INCLUDES},alsa-utils"
554 APT_INCLUDES="${APT_INCLUDES},alsa-utils"
553 fi
555 fi
554
556
555 # Add rng-tools package
557 # Add rng-tools package
556 if [ "$ENABLE_HWRANDOM" = true ] ; then
558 if [ "$ENABLE_HWRANDOM" = true ] ; then
557 APT_INCLUDES="${APT_INCLUDES},rng-tools"
559 APT_INCLUDES="${APT_INCLUDES},rng-tools"
558 fi
560 fi
559
561
560 # Add fbturbo video driver
562 # Add fbturbo video driver
561 if [ "$ENABLE_FBTURBO" = true ] ; then
563 if [ "$ENABLE_FBTURBO" = true ] ; then
562 # Enable xorg package dependencies
564 # Enable xorg package dependencies
563 ENABLE_XORG=true
565 ENABLE_XORG=true
564 fi
566 fi
565
567
566 # Add user defined window manager package
568 # Add user defined window manager package
567 if [ -n "$ENABLE_WM" ] ; then
569 if [ -n "$ENABLE_WM" ] ; then
568 APT_INCLUDES="${APT_INCLUDES},${ENABLE_WM}"
570 APT_INCLUDES="${APT_INCLUDES},${ENABLE_WM}"
569
571
570 # Enable xorg package dependencies
572 # Enable xorg package dependencies
571 ENABLE_XORG=true
573 ENABLE_XORG=true
572 fi
574 fi
573
575
574 # Add xorg package
576 # Add xorg package
575 if [ "$ENABLE_XORG" = true ] ; then
577 if [ "$ENABLE_XORG" = true ] ; then
576 APT_INCLUDES="${APT_INCLUDES},xorg,dbus-x11"
578 APT_INCLUDES="${APT_INCLUDES},xorg,dbus-x11"
577 fi
579 fi
578
580
579 # Replace selected packages with smaller clones
581 # Replace selected packages with smaller clones
580 if [ "$ENABLE_REDUCE" = true ] ; then
582 if [ "$ENABLE_REDUCE" = true ] ; then
581 # Add levee package instead of vim-tiny
583 # Add levee package instead of vim-tiny
582 if [ "$REDUCE_VIM" = true ] ; then
584 if [ "$REDUCE_VIM" = true ] ; then
583 APT_INCLUDES="$(echo ${APT_INCLUDES} | sed "s/vim-tiny/levee/")"
585 APT_INCLUDES="$(echo ${APT_INCLUDES} | sed "s/vim-tiny/levee/")"
584 fi
586 fi
585
587
586 # Add dropbear package instead of openssh-server
588 # Add dropbear package instead of openssh-server
587 if [ "$REDUCE_SSHD" = true ] ; then
589 if [ "$REDUCE_SSHD" = true ] ; then
588 APT_INCLUDES="$(echo "${APT_INCLUDES}" | sed "s/openssh-server/dropbear/")"
590 APT_INCLUDES="$(echo "${APT_INCLUDES}" | sed "s/openssh-server/dropbear/")"
589 fi
591 fi
590 fi
592 fi
591
593
592 # Configure systemd-sysv exclude to make halt/reboot/shutdown scripts available
594 # Configure systemd-sysv exclude to make halt/reboot/shutdown scripts available
593 if [ "$ENABLE_SYSVINIT" = false ] ; then
595 if [ "$ENABLE_SYSVINIT" = false ] ; then
594 APT_EXCLUDES="--exclude=${APT_EXCLUDES},init,systemd-sysv"
596 APT_EXCLUDES="--exclude=${APT_EXCLUDES},init,systemd-sysv"
595 fi
597 fi
596
598
597 # Configure kernel sources if no KERNELSRC_DIR
599 # Configure kernel sources if no KERNELSRC_DIR
598 if [ "$BUILD_KERNEL" = true ] && [ -z "$KERNELSRC_DIR" ] ; then
600 if [ "$BUILD_KERNEL" = true ] && [ -z "$KERNELSRC_DIR" ] ; then
599 KERNELSRC_CONFIG=true
601 KERNELSRC_CONFIG=true
600 fi
602 fi
601
603
602 # Configure reduced kernel
604 # Configure reduced kernel
603 if [ "$KERNEL_REDUCE" = true ] ; then
605 if [ "$KERNEL_REDUCE" = true ] ; then
604 KERNELSRC_CONFIG=false
606 KERNELSRC_CONFIG=false
605 fi
607 fi
606
608
607 # Configure qemu compatible kernel
609 # Configure qemu compatible kernel
608 if [ "$ENABLE_QEMU" = true ] ; then
610 if [ "$ENABLE_QEMU" = true ] ; then
609 DTB_FILE=vexpress-v2p-ca15_a7.dtb
611 DTB_FILE=vexpress-v2p-ca15_a7.dtb
610 UBOOT_CONFIG=vexpress_ca15_tc2_defconfig
612 UBOOT_CONFIG=vexpress_ca15_tc2_defconfig
611 KERNEL_DEFCONFIG="vexpress_defconfig"
613 KERNEL_DEFCONFIG="vexpress_defconfig"
612 if [ "$KERNEL_MENUCONFIG" = false ] ; then
614 if [ "$KERNEL_MENUCONFIG" = false ] ; then
613 KERNEL_OLDDEFCONFIG=true
615 KERNEL_OLDDEFCONFIG=true
614 fi
616 fi
615 fi
617 fi
616
618
617 # Execute bootstrap scripts
619 # Execute bootstrap scripts
618 for SCRIPT in bootstrap.d/*.sh; do
620 for SCRIPT in bootstrap.d/*.sh; do
619 head -n 3 "$SCRIPT"
621 head -n 3 "$SCRIPT"
620 . "$SCRIPT"
622 . "$SCRIPT"
621 done
623 done
622
624
623 ## Execute custom bootstrap scripts
625 ## Execute custom bootstrap scripts
624 if [ -d "custom.d" ] ; then
626 if [ -d "custom.d" ] ; then
625 for SCRIPT in custom.d/*.sh; do
627 for SCRIPT in custom.d/*.sh; do
626 . "$SCRIPT"
628 . "$SCRIPT"
627 done
629 done
628 fi
630 fi
629
631
630 # Execute custom scripts inside the chroot
632 # Execute custom scripts inside the chroot
631 if [ -n "$CHROOT_SCRIPTS" ] && [ -d "$CHROOT_SCRIPTS" ] ; then
633 if [ -n "$CHROOT_SCRIPTS" ] && [ -d "$CHROOT_SCRIPTS" ] ; then
632 cp -r "${CHROOT_SCRIPTS}" "${R}/chroot_scripts"
634 cp -r "${CHROOT_SCRIPTS}" "${R}/chroot_scripts"
633 chroot_exec /bin/bash -x <<'EOF'
635 chroot_exec /bin/bash -x <<'EOF'
634 for SCRIPT in /chroot_scripts/* ; do
636 for SCRIPT in /chroot_scripts/* ; do
635 if [ -f $SCRIPT -a -x $SCRIPT ] ; then
637 if [ -f $SCRIPT -a -x $SCRIPT ] ; then
636 $SCRIPT
638 $SCRIPT
637 fi
639 fi
638 done
640 done
639 EOF
641 EOF
640 rm -rf "${R}/chroot_scripts"
642 rm -rf "${R}/chroot_scripts"
641 fi
643 fi
642
644
643 # Remove c/c++ build environment from the chroot
645 # Remove c/c++ build environment from the chroot
644 chroot_remove_cc
646 chroot_remove_cc
645
647
646 # Generate required machine-id
648 # Generate required machine-id
647 MACHINE_ID=$(dbus-uuidgen)
649 MACHINE_ID=$(dbus-uuidgen)
648 echo -n "${MACHINE_ID}" > "${R}/var/lib/dbus/machine-id"
650 echo -n "${MACHINE_ID}" > "${R}/var/lib/dbus/machine-id"
649 echo -n "${MACHINE_ID}" > "${ETC_DIR}/machine-id"
651 echo -n "${MACHINE_ID}" > "${ETC_DIR}/machine-id"
650
652
651 # APT Cleanup
653 # APT Cleanup
652 chroot_exec apt-get -y clean
654 chroot_exec apt-get -y clean
653 chroot_exec apt-get -y autoclean
655 chroot_exec apt-get -y autoclean
654 chroot_exec apt-get -y autoremove
656 chroot_exec apt-get -y autoremove
655
657
656 # Unmount mounted filesystems
658 # Unmount mounted filesystems
657 umount -l "${R}/proc"
659 umount -l "${R}/proc"
658 umount -l "${R}/sys"
660 umount -l "${R}/sys"
659
661
660 # Clean up directories
662 # Clean up directories
661 rm -rf "${R}/run/*"
663 rm -rf "${R}/run/*"
662 rm -rf "${R}/tmp/*"
664 rm -rf "${R}/tmp/*"
663
665
664 # Clean up files
666 # Clean up files
665 rm -f "${ETC_DIR}/ssh/ssh_host_*"
667 rm -f "${ETC_DIR}/ssh/ssh_host_*"
666 rm -f "${ETC_DIR}/dropbear/dropbear_*"
668 rm -f "${ETC_DIR}/dropbear/dropbear_*"
667 rm -f "${ETC_DIR}/apt/sources.list.save"
669 rm -f "${ETC_DIR}/apt/sources.list.save"
668 rm -f "${ETC_DIR}/resolvconf/resolv.conf.d/original"
670 rm -f "${ETC_DIR}/resolvconf/resolv.conf.d/original"
669 rm -f "${ETC_DIR}/*-"
671 rm -f "${ETC_DIR}/*-"
670 rm -f "${ETC_DIR}/apt/apt.conf.d/10proxy"
672 rm -f "${ETC_DIR}/apt/apt.conf.d/10proxy"
671 rm -f "${ETC_DIR}/resolv.conf"
673 rm -f "${ETC_DIR}/resolv.conf"
672 rm -f "${R}/root/.bash_history"
674 rm -f "${R}/root/.bash_history"
673 rm -f "${R}/var/lib/urandom/random-seed"
675 rm -f "${R}/var/lib/urandom/random-seed"
674 rm -f "${R}/initrd.img"
676 rm -f "${R}/initrd.img"
675 rm -f "${R}/vmlinuz"
677 rm -f "${R}/vmlinuz"
676 rm -f "${R}${QEMU_BINARY}"
678 rm -f "${R}${QEMU_BINARY}"
677
679
678 if [ "$ENABLE_QEMU" = true ] ; then
680 if [ "$ENABLE_QEMU" = true ] ; then
679 # Setup QEMU directory
681 # Setup QEMU directory
680 mkdir "${BASEDIR}/qemu"
682 mkdir "${BASEDIR}/qemu"
681
683
682 # Copy kernel image to QEMU directory
684 # Copy kernel image to QEMU directory
683 install_readonly "${BOOT_DIR}/${KERNEL_IMAGE}" "${BASEDIR}/qemu/${KERNEL_IMAGE}"
685 install_readonly "${BOOT_DIR}/${KERNEL_IMAGE}" "${BASEDIR}/qemu/${KERNEL_IMAGE}"
684
686
685 # Copy kernel config to QEMU directory
687 # Copy kernel config to QEMU directory
686 install_readonly "${R}/boot/config-${KERNEL_VERSION}" "${BASEDIR}/qemu/config-${KERNEL_VERSION}"
688 install_readonly "${R}/boot/config-${KERNEL_VERSION}" "${BASEDIR}/qemu/config-${KERNEL_VERSION}"
687
689
688 # Copy kernel dtbs to QEMU directory
690 # Copy kernel dtbs to QEMU directory
689 for dtb in "${BOOT_DIR}/"*.dtb ; do
691 for dtb in "${BOOT_DIR}/"*.dtb ; do
690 if [ -f "${dtb}" ] ; then
692 if [ -f "${dtb}" ] ; then
691 install_readonly "${dtb}" "${BASEDIR}/qemu/"
693 install_readonly "${dtb}" "${BASEDIR}/qemu/"
692 fi
694 fi
693 done
695 done
694
696
695 # Copy kernel overlays to QEMU directory
697 # Copy kernel overlays to QEMU directory
696 if [ -d "${BOOT_DIR}/overlays" ] ; then
698 if [ -d "${BOOT_DIR}/overlays" ] ; then
697 # Setup overlays dtbs directory
699 # Setup overlays dtbs directory
698 mkdir "${BASEDIR}/qemu/overlays"
700 mkdir "${BASEDIR}/qemu/overlays"
699
701
700 for dtb in "${BOOT_DIR}/overlays/"*.dtb ; do
702 for dtb in "${BOOT_DIR}/overlays/"*.dtb ; do
701 if [ -f "${dtb}" ] ; then
703 if [ -f "${dtb}" ] ; then
702 install_readonly "${dtb}" "${BASEDIR}/qemu/overlays/"
704 install_readonly "${dtb}" "${BASEDIR}/qemu/overlays/"
703 fi
705 fi
704 done
706 done
705 fi
707 fi
706
708
707 # Copy u-boot files to QEMU directory
709 # Copy u-boot files to QEMU directory
708 if [ "$ENABLE_UBOOT" = true ] ; then
710 if [ "$ENABLE_UBOOT" = true ] ; then
709 if [ -f "${BOOT_DIR}/u-boot.bin" ] ; then
711 if [ -f "${BOOT_DIR}/u-boot.bin" ] ; then
710 install_readonly "${BOOT_DIR}/u-boot.bin" "${BASEDIR}/qemu/u-boot.bin"
712 install_readonly "${BOOT_DIR}/u-boot.bin" "${BASEDIR}/qemu/u-boot.bin"
711 fi
713 fi
712 if [ -f "${BOOT_DIR}/uboot.mkimage" ] ; then
714 if [ -f "${BOOT_DIR}/uboot.mkimage" ] ; then
713 install_readonly "${BOOT_DIR}/uboot.mkimage" "${BASEDIR}/qemu/uboot.mkimage"
715 install_readonly "${BOOT_DIR}/uboot.mkimage" "${BASEDIR}/qemu/uboot.mkimage"
714 fi
716 fi
715 if [ -f "${BOOT_DIR}/boot.scr" ] ; then
717 if [ -f "${BOOT_DIR}/boot.scr" ] ; then
716 install_readonly "${BOOT_DIR}/boot.scr" "${BASEDIR}/qemu/boot.scr"
718 install_readonly "${BOOT_DIR}/boot.scr" "${BASEDIR}/qemu/boot.scr"
717 fi
719 fi
718 fi
720 fi
719
721
720 # Copy initramfs to QEMU directory
722 # Copy initramfs to QEMU directory
721 if [ -f "${BOOT_DIR}/initramfs-${KERNEL_VERSION}" ] ; then
723 if [ -f "${BOOT_DIR}/initramfs-${KERNEL_VERSION}" ] ; then
722 install_readonly "${BOOT_DIR}/initramfs-${KERNEL_VERSION}" "${BASEDIR}/qemu/initramfs-${KERNEL_VERSION}"
724 install_readonly "${BOOT_DIR}/initramfs-${KERNEL_VERSION}" "${BASEDIR}/qemu/initramfs-${KERNEL_VERSION}"
723 fi
725 fi
724 fi
726 fi
725
727
726 # Calculate size of the chroot directory in KB
728 # Calculate size of the chroot directory in KB
727 CHROOT_SIZE=$(expr "$(du -s "${R}" | awk '{ print $1 }')")
729 CHROOT_SIZE=$(expr "$(du -s "${R}" | awk '{ print $1 }')")
728
730
729 # Calculate the amount of needed 512 Byte sectors
731 # Calculate the amount of needed 512 Byte sectors
730 TABLE_SECTORS=$(expr 1 \* 1024 \* 1024 \/ 512)
732 TABLE_SECTORS=$(expr 1 \* 1024 \* 1024 \/ 512)
731 FRMW_SECTORS=$(expr 64 \* 1024 \* 1024 \/ 512)
733 FRMW_SECTORS=$(expr 64 \* 1024 \* 1024 \/ 512)
732 ROOT_OFFSET=$(expr "${TABLE_SECTORS}" + "${FRMW_SECTORS}")
734 ROOT_OFFSET=$(expr "${TABLE_SECTORS}" + "${FRMW_SECTORS}")
733
735
734 # The root partition is EXT4
736 # The root partition is EXT4
735 # This means more space than the actual used space of the chroot is used.
737 # This means more space than the actual used space of the chroot is used.
736 # As overhead for journaling and reserved blocks 35% are added.
738 # As overhead for journaling and reserved blocks 35% are added.
737 ROOT_SECTORS=$(expr "$(expr "${CHROOT_SIZE}" + "${CHROOT_SIZE}" \/ 100 \* 35)" \* 1024 \/ 512)
739 ROOT_SECTORS=$(expr "$(expr "${CHROOT_SIZE}" + "${CHROOT_SIZE}" \/ 100 \* 35)" \* 1024 \/ 512)
738
740
739 # Calculate required image size in 512 Byte sectors
741 # Calculate required image size in 512 Byte sectors
740 IMAGE_SECTORS=$(expr "${TABLE_SECTORS}" + "${FRMW_SECTORS}" + "${ROOT_SECTORS}")
742 IMAGE_SECTORS=$(expr "${TABLE_SECTORS}" + "${FRMW_SECTORS}" + "${ROOT_SECTORS}")
741
743
742 # Prepare image file
744 # Prepare image file
743 if [ "$ENABLE_SPLITFS" = true ] ; then
745 if [ "$ENABLE_SPLITFS" = true ] ; then
744 dd if=/dev/zero of="$IMAGE_NAME-frmw.img" bs=512 count="${TABLE_SECTORS}"
746 dd if=/dev/zero of="$IMAGE_NAME-frmw.img" bs=512 count="${TABLE_SECTORS}"
745 dd if=/dev/zero of="$IMAGE_NAME-frmw.img" bs=512 count=0 seek="${FRMW_SECTORS}"
747 dd if=/dev/zero of="$IMAGE_NAME-frmw.img" bs=512 count=0 seek="${FRMW_SECTORS}"
746 dd if=/dev/zero of="$IMAGE_NAME-root.img" bs=512 count="${TABLE_SECTORS}"
748 dd if=/dev/zero of="$IMAGE_NAME-root.img" bs=512 count="${TABLE_SECTORS}"
747 dd if=/dev/zero of="$IMAGE_NAME-root.img" bs=512 count=0 seek="${ROOT_SECTORS}"
749 dd if=/dev/zero of="$IMAGE_NAME-root.img" bs=512 count=0 seek="${ROOT_SECTORS}"
748
750
749 # Write firmware/boot partition tables
751 # Write firmware/boot partition tables
750 sfdisk -q -L -uS -f "$IMAGE_NAME-frmw.img" 2> /dev/null <<EOM
752 sfdisk -q -L -uS -f "$IMAGE_NAME-frmw.img" 2> /dev/null <<EOM
751 ${TABLE_SECTORS},${FRMW_SECTORS},c,*
753 ${TABLE_SECTORS},${FRMW_SECTORS},c,*
752 EOM
754 EOM
753
755
754 # Write root partition table
756 # Write root partition table
755 sfdisk -q -L -uS -f "$IMAGE_NAME-root.img" 2> /dev/null <<EOM
757 sfdisk -q -L -uS -f "$IMAGE_NAME-root.img" 2> /dev/null <<EOM
756 ${TABLE_SECTORS},${ROOT_SECTORS},83
758 ${TABLE_SECTORS},${ROOT_SECTORS},83
757 EOM
759 EOM
758
760
759 # Setup temporary loop devices
761 # Setup temporary loop devices
760 FRMW_LOOP="$(losetup -o 1M --sizelimit 64M -f --show "$IMAGE_NAME"-frmw.img)"
762 FRMW_LOOP="$(losetup -o 1M --sizelimit 64M -f --show "$IMAGE_NAME"-frmw.img)"
761 ROOT_LOOP="$(losetup -o 1M -f --show "$IMAGE_NAME"-root.img)"
763 ROOT_LOOP="$(losetup -o 1M -f --show "$IMAGE_NAME"-root.img)"
762 else # ENABLE_SPLITFS=false
764 else # ENABLE_SPLITFS=false
763 dd if=/dev/zero of="$IMAGE_NAME.img" bs=512 count="${TABLE_SECTORS}"
765 dd if=/dev/zero of="$IMAGE_NAME.img" bs=512 count="${TABLE_SECTORS}"
764 dd if=/dev/zero of="$IMAGE_NAME.img" bs=512 count=0 seek="${IMAGE_SECTORS}"
766 dd if=/dev/zero of="$IMAGE_NAME.img" bs=512 count=0 seek="${IMAGE_SECTORS}"
765
767
766 # Write partition table
768 # Write partition table
767 sfdisk -q -L -uS -f "$IMAGE_NAME.img" 2> /dev/null <<EOM
769 sfdisk -q -L -uS -f "$IMAGE_NAME.img" 2> /dev/null <<EOM
768 ${TABLE_SECTORS},${FRMW_SECTORS},c,*
770 ${TABLE_SECTORS},${FRMW_SECTORS},c,*
769 ${ROOT_OFFSET},${ROOT_SECTORS},83
771 ${ROOT_OFFSET},${ROOT_SECTORS},83
770 EOM
772 EOM
771
773
772 # Setup temporary loop devices
774 # Setup temporary loop devices
773 FRMW_LOOP="$(losetup -o 1M --sizelimit 64M -f --show "$IMAGE_NAME".img)"
775 FRMW_LOOP="$(losetup -o 1M --sizelimit 64M -f --show "$IMAGE_NAME".img)"
774 ROOT_LOOP="$(losetup -o 65M -f --show "$IMAGE_NAME".img)"
776 ROOT_LOOP="$(losetup -o 65M -f --show "$IMAGE_NAME".img)"
775 fi
777 fi
776
778
777 if [ "$ENABLE_CRYPTFS" = true ] ; then
779 if [ "$ENABLE_CRYPTFS" = true ] ; then
778 # Create dummy ext4 fs
780 # Create dummy ext4 fs
779 mkfs.ext4 "$ROOT_LOOP"
781 mkfs.ext4 "$ROOT_LOOP"
780
782
781 # Setup password keyfile
783 # Setup password keyfile
782 touch .password
784 touch .password
783 chmod 600 .password
785 chmod 600 .password
784 echo -n ${CRYPTFS_PASSWORD} > .password
786 echo -n ${CRYPTFS_PASSWORD} > .password
785
787
786 # Initialize encrypted partition
788 # Initialize encrypted partition
787 echo "YES" | cryptsetup luksFormat "${ROOT_LOOP}" -c "${CRYPTFS_CIPHER}" -s "${CRYPTFS_XTSKEYSIZE}" .password
789 echo "YES" | cryptsetup luksFormat "${ROOT_LOOP}" -c "${CRYPTFS_CIPHER}" -s "${CRYPTFS_XTSKEYSIZE}" .password
788
790
789 # Open encrypted partition and setup mapping
791 # Open encrypted partition and setup mapping
790 cryptsetup luksOpen "${ROOT_LOOP}" -d .password "${CRYPTFS_MAPPING}"
792 cryptsetup luksOpen "${ROOT_LOOP}" -d .password "${CRYPTFS_MAPPING}"
791
793
792 # Secure delete password keyfile
794 # Secure delete password keyfile
793 shred -zu .password
795 shred -zu .password
794
796
795 # Update temporary loop device
797 # Update temporary loop device
796 ROOT_LOOP="/dev/mapper/${CRYPTFS_MAPPING}"
798 ROOT_LOOP="/dev/mapper/${CRYPTFS_MAPPING}"
797
799
798 # Wipe encrypted partition (encryption cipher is used for randomness)
800 # Wipe encrypted partition (encryption cipher is used for randomness)
799 dd if=/dev/zero of="${ROOT_LOOP}" bs=512 count="$(blockdev --getsz "${ROOT_LOOP}")"
801 dd if=/dev/zero of="${ROOT_LOOP}" bs=512 count="$(blockdev --getsz "${ROOT_LOOP}")"
800 fi
802 fi
801
803
802 # Build filesystems
804 # Build filesystems
803 mkfs.vfat "$FRMW_LOOP"
805 mkfs.vfat "$FRMW_LOOP"
804 mkfs.ext4 "$ROOT_LOOP"
806 mkfs.ext4 "$ROOT_LOOP"
805
807
806 # Mount the temporary loop devices
808 # Mount the temporary loop devices
807 mkdir -p "$BUILDDIR/mount"
809 mkdir -p "$BUILDDIR/mount"
808 mount "$ROOT_LOOP" "$BUILDDIR/mount"
810 mount "$ROOT_LOOP" "$BUILDDIR/mount"
809
811
810 mkdir -p "$BUILDDIR/mount/boot/firmware"
812 mkdir -p "$BUILDDIR/mount/boot/firmware"
811 mount "$FRMW_LOOP" "$BUILDDIR/mount/boot/firmware"
813 mount "$FRMW_LOOP" "$BUILDDIR/mount/boot/firmware"
812
814
813 # Copy all files from the chroot to the loop device mount point directory
815 # Copy all files from the chroot to the loop device mount point directory
814 rsync -a "${R}/" "$BUILDDIR/mount/"
816 rsync -a "${R}/" "$BUILDDIR/mount/"
815
817
816 # Unmount all temporary loop devices and mount points
818 # Unmount all temporary loop devices and mount points
817 cleanup
819 cleanup
818
820
819 # Create block map file(s) of image(s)
821 # Create block map file(s) of image(s)
820 if [ "$ENABLE_SPLITFS" = true ] ; then
822 if [ "$ENABLE_SPLITFS" = true ] ; then
821 # Create block map files for "bmaptool"
823 # Create block map files for "bmaptool"
822 bmaptool create -o "$IMAGE_NAME-frmw.bmap" "$IMAGE_NAME-frmw.img"
824 bmaptool create -o "$IMAGE_NAME-frmw.bmap" "$IMAGE_NAME-frmw.img"
823 bmaptool create -o "$IMAGE_NAME-root.bmap" "$IMAGE_NAME-root.img"
825 bmaptool create -o "$IMAGE_NAME-root.bmap" "$IMAGE_NAME-root.img"
824
826
825 # Image was successfully created
827 # Image was successfully created
826 echo "$IMAGE_NAME-frmw.img ($(expr \( "${TABLE_SECTORS}" + "${FRMW_SECTORS}" \) \* 512 \/ 1024 \/ 1024)M)" ": successfully created"
828 echo "$IMAGE_NAME-frmw.img ($(expr \( "${TABLE_SECTORS}" + "${FRMW_SECTORS}" \) \* 512 \/ 1024 \/ 1024)M)" ": successfully created"
827 echo "$IMAGE_NAME-root.img ($(expr \( "${TABLE_SECTORS}" + "${ROOT_SECTORS}" \) \* 512 \/ 1024 \/ 1024)M)" ": successfully created"
829 echo "$IMAGE_NAME-root.img ($(expr \( "${TABLE_SECTORS}" + "${ROOT_SECTORS}" \) \* 512 \/ 1024 \/ 1024)M)" ": successfully created"
828 else
830 else
829 # Create block map file for "bmaptool"
831 # Create block map file for "bmaptool"
830 bmaptool create -o "$IMAGE_NAME.bmap" "$IMAGE_NAME.img"
832 bmaptool create -o "$IMAGE_NAME.bmap" "$IMAGE_NAME.img"
831
833
832 # Image was successfully created
834 # Image was successfully created
833 echo "$IMAGE_NAME.img ($(expr \( "${TABLE_SECTORS}" + "${FRMW_SECTORS}" + "${ROOT_SECTORS}" \) \* 512 \/ 1024 \/ 1024)M)" ": successfully created"
835 echo "$IMAGE_NAME.img ($(expr \( "${TABLE_SECTORS}" + "${FRMW_SECTORS}" + "${ROOT_SECTORS}" \) \* 512 \/ 1024 \/ 1024)M)" ": successfully created"
834
836
835 # Create qemu qcow2 image
837 # Create qemu qcow2 image
836 if [ "$ENABLE_QEMU" = true ] ; then
838 if [ "$ENABLE_QEMU" = true ] ; then
837 QEMU_IMAGE=${QEMU_IMAGE:=${BASEDIR}/qemu/${DATE}-${KERNEL_ARCH}-CURRENT-rpi${RPI_MODEL}-${RELEASE}-${RELEASE_ARCH}}
839 QEMU_IMAGE=${QEMU_IMAGE:=${BASEDIR}/qemu/${DATE}-${KERNEL_ARCH}-CURRENT-rpi${RPI_MODEL}-${RELEASE}-${RELEASE_ARCH}}
838 QEMU_SIZE=16G
840 QEMU_SIZE=16G
839
841
840 qemu-img convert -f raw -O qcow2 "$IMAGE_NAME".img "$QEMU_IMAGE".qcow2
842 qemu-img convert -f raw -O qcow2 "$IMAGE_NAME".img "$QEMU_IMAGE".qcow2
841 qemu-img resize "$QEMU_IMAGE".qcow2 $QEMU_SIZE
843 qemu-img resize "$QEMU_IMAGE".qcow2 $QEMU_SIZE
842
844
843 echo "$QEMU_IMAGE.qcow2 ($QEMU_SIZE)" ": successfully created"
845 echo "$QEMU_IMAGE.qcow2 ($QEMU_SIZE)" ": successfully created"
844 fi
846 fi
845 fi
847 fi
General Comments 0
Vous devez vous connecter pour laisser un commentaire. Se connecter maintenant