##// END OF EJS Templates
Raspi2-3_GenImage
RSS

Cloner depuis https://github.com/drtyhlpr/rpi23-gen-image.git

a
Unknown -
r684:8c922e902a73
parent child
Show More
Show file before | Show file after | Hide comments
@@ -1,889 +1,889
1 1 #
2 2 # Build and Setup RPi2/3 Kernel
3 3 #
4 4
5 5 # Load utility functions
6 6 . ./functions.sh
7 7
8 8 # Need to use kali kernel src if nexmon is enabled
9 9 if [ "$ENABLE_NEXMON" = true ] ; then
10 10 KERNEL_URL="${KALI_KERNEL_URL}"
11 11 # Clear Branch and KernelSRC_DIR if using nexmon. Everyone will forget to clone kali kernel instead of nomrla kernel
12 12 KERNEL_BRANCH=""
13 13 KERNELSRC_DIR=""
14 14 fi
15 15
16 16 # Fetch and build latest raspberry kernel
17 17 if [ "$BUILD_KERNEL" = true ] ; then
18 18 # Setup source directory
19 19 mkdir -p "${KERNEL_DIR}"
20 20
21 21 # Copy existing kernel sources into chroot directory
22 22 if [ -n "$KERNELSRC_DIR" ] && [ -d "$KERNELSRC_DIR" ] ; then
23 23 # Copy kernel sources and include hidden files
24 24 cp -r "${KERNELSRC_DIR}/". "${KERNEL_DIR}"
25 25
26 26 # Clean the kernel sources
27 27 if [ "$KERNELSRC_CLEAN" = true ] && [ "$KERNELSRC_PREBUILT" = false ] ; then
28 28 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" mrproper
29 29 fi
30 30 else # KERNELSRC_DIR=""
31 31 # Create temporary directory for kernel sources
32 32 temp_dir=$(as_nobody mktemp -d)
33 33
34 34 # Fetch current RPi2/3 kernel sources
35 35 if [ -z "${KERNEL_BRANCH}" ] ; then
36 36 as_nobody -H git -C "${temp_dir}" clone --depth=1 "${KERNEL_URL}" linux
37 37 else
38 38 as_nobody -H git -C "${temp_dir}" clone --depth=1 --branch "${KERNEL_BRANCH}" "${KERNEL_URL}" linux
39 39 fi
40 40
41 41 # Copy downloaded kernel sources
42 42 cp -r "${temp_dir}/linux/"* "${KERNEL_DIR}"
43 43
44 44 # Remove temporary directory for kernel sources
45 45 rm -fr "${temp_dir}"
46 46
47 47 # Set permissions of the kernel sources
48 48 chown -R root:root "${R}/usr/src"
49 49 fi
50 50
51 51 # Calculate optimal number of kernel building threads
52 52 if [ "$KERNEL_THREADS" = "1" ] && [ -r /proc/cpuinfo ] ; then
53 53 KERNEL_THREADS=$(grep -c processor /proc/cpuinfo)
54 54 fi
55 55
56 56 #Copy 32bit config to 64bit
57 57 if [ "$ENABLE_QEMU" = true ] && [ "$KERNEL_ARCH" = arm64 ]; then
58 58 cp "${KERNEL_DIR}"/arch/arm/configs/vexpress_defconfig "${KERNEL_DIR}"/arch/arm64/configs/
59 59 fi
60 60
61 61 # Configure and build kernel
62 62 if [ "$KERNELSRC_PREBUILT" = false ] ; then
63 63 # Remove device, network and filesystem drivers from kernel configuration
64 64 if [ "$KERNEL_REDUCE" = true ] ; then
65 65 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" "${KERNEL_DEFCONFIG}"
66 66 sed -i\
67 67 -e "s/\(^CONFIG_SND.*\=\).*/\1n/"\
68 68 -e "s/\(^CONFIG_SOUND.*\=\).*/\1n/"\
69 69 -e "s/\(^CONFIG_AC97.*\=\).*/\1n/"\
70 70 -e "s/\(^CONFIG_VIDEO_.*\=\).*/\1n/"\
71 71 -e "s/\(^CONFIG_MEDIA_TUNER.*\=\).*/\1n/"\
72 72 -e "s/\(^CONFIG_DVB.*\=\)[ym]/\1n/"\
73 73 -e "s/\(^CONFIG_REISERFS.*\=\).*/\1n/"\
74 74 -e "s/\(^CONFIG_JFS.*\=\).*/\1n/"\
75 75 -e "s/\(^CONFIG_XFS.*\=\).*/\1n/"\
76 76 -e "s/\(^CONFIG_GFS2.*\=\).*/\1n/"\
77 77 -e "s/\(^CONFIG_OCFS2.*\=\).*/\1n/"\
78 78 -e "s/\(^CONFIG_BTRFS.*\=\).*/\1n/"\
79 79 -e "s/\(^CONFIG_HFS.*\=\).*/\1n/"\
80 80 -e "s/\(^CONFIG_JFFS2.*\=\)[ym]/\1n/"\
81 81 -e "s/\(^CONFIG_UBIFS.*\=\).*/\1n/"\
82 82 -e "s/\(^CONFIG_SQUASHFS.*\=\)[ym]/\1n/"\
83 83 -e "s/\(^CONFIG_W1.*\=\)[ym]/\1n/"\
84 84 -e "s/\(^CONFIG_HAMRADIO.*\=\).*/\1n/"\
85 85 -e "s/\(^CONFIG_CAN.*\=\).*/\1n/"\
86 86 -e "s/\(^CONFIG_IRDA.*\=\).*/\1n/"\
87 87 -e "s/\(^CONFIG_BT_.*\=\).*/\1n/"\
88 88 -e "s/\(^CONFIG_WIMAX.*\=\)[ym]/\1n/"\
89 89 -e "s/\(^CONFIG_6LOWPAN.*\=\).*/\1n/"\
90 90 -e "s/\(^CONFIG_IEEE802154.*\=\).*/\1n/"\
91 91 -e "s/\(^CONFIG_NFC.*\=\).*/\1n/"\
92 92 -e "s/\(^CONFIG_FB_TFT=.*\=\).*/\1n/"\
93 93 -e "s/\(^CONFIG_TOUCHSCREEN.*\=\).*/\1n/"\
94 94 -e "s/\(^CONFIG_USB_GSPCA_.*\=\).*/\1n/"\
95 95 -e "s/\(^CONFIG_DRM.*\=\).*/\1n/"\
96 96 "${KERNEL_DIR}/.config"
97 97 fi
98 98
99 99 if [ "$KERNELSRC_CONFIG" = true ] ; then
100 100 # Load default raspberry kernel configuration
101 101 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" "${KERNEL_DEFCONFIG}"
102 102
103 103 #Switch to KERNELSRC_DIR so we can use set_kernel_config
104 104 cd "${KERNEL_DIR}" || exit
105 105
106 106 # Enable RPI POE HAT fan
107 107 if [ "$KERNEL_POEHAT" = true ]; then
108 108 set_kernel_config CONFIG_SENSORS_RPI_POE_FAN m
109 109 fi
110 110
111 111 # Enable per-interface network priority control
112 112 # (for systemd-nspawn)
113 113 if [ "$KERNEL_NSPAN" = true ]; then
114 114 set_kernel_config CONFIG_CGROUP_NET_PRIO y
115 115 fi
116 116
117 117 # Compile in BTRFS
118 118 if [ "$KERNEL_BTRFS" = true ]; then
119 119 set_kernel_config CONFIG_BTRFS_FS y
120 120 set_kernel_config CONFIG_BTRFS_FS_POSIX_ACL y
121 121 set_kernel_config CONFIG_BTRFS_FS_REF_VERIFY y
122 122 fi
123 123
124 124 # Diffie-Hellman operations on retained keys
125 125 # (required for >keyutils-1.6)
126 126 if [ "$KERNEL_DHKEY" = true ]; then
127 127 set_kernel_config CONFIG_KEY_DH_OPERATIONS y
128 128 fi
129 129
130 130 if [ "$KERNEL_ARCH" = arm64 ] && [ "$ENABLE_QEMU" = false ]; then
131 131 # Mask this temporarily during switch to rpi-4.19.y
132 132 #Fix SD_DRIVER upstream and downstream mess in 64bit RPIdeb_config
133 133 # use correct driver MMC_BCM2835_MMC instead of MMC_BCM2835_SDHOST - see https://www.raspberrypi.org/forums/viewtopic.php?t=210225
134 134 #set_kernel_config CONFIG_MMC_BCM2835 n
135 135 #set_kernel_config CONFIG_MMC_SDHCI_IPROC n
136 136 #set_kernel_config CONFIG_USB_DWC2 n
137 137 #sed -i "s|depends on MMC_BCM2835_MMC && MMC_BCM2835_DMA|depends on MMC_BCM2835_MMC|" "${KERNEL_DIR}"/drivers/mmc/host/Kconfig
138 138
139 139 #VLAN got disabled without reason in arm64bit
140 140 set_kernel_config CONFIG_IPVLAN m
141 141 fi
142 142
143 143 # enable ZSWAP see https://askubuntu.com/a/472227 or https://wiki.archlinux.org/index.php/zswap
144 144 if [ "$KERNEL_ZSWAP" = true ] ; then
145 145 set_kernel_config CONFIG_ZPOOL y
146 146 set_kernel_config CONFIG_ZSWAP y
147 147 set_kernel_config CONFIG_ZBUD y
148 148 set_kernel_config CONFIG_Z3FOLD y
149 149 set_kernel_config CONFIG_ZSMALLOC y
150 150 set_kernel_config CONFIG_PGTABLE_MAPPING y
151 151 set_kernel_config CONFIG_LZO_COMPRESS y
152 152 fi
153 153
154 154 if [ "$RPI_MODEL" = 4 ] ; then
155 155 # Following are set in current 32-bit LPAE kernel
156 156 set_kernel_config CONFIG_CGROUP_PIDS y
157 157 set_kernel_config CONFIG_NET_IPVTI m
158 158 set_kernel_config CONFIG_NF_TABLES_SET m
159 159 set_kernel_config CONFIG_NF_TABLES_INET y
160 160 set_kernel_config CONFIG_NF_TABLES_NETDEV y
161 161 set_kernel_config CONFIG_NF_FLOW_TABLE m
162 162 set_kernel_config CONFIG_NFT_FLOW_OFFLOAD m
163 163 set_kernel_config CONFIG_NFT_CONNLIMIT m
164 164 set_kernel_config CONFIG_NFT_TUNNEL m
165 165 set_kernel_config CONFIG_NFT_OBJREF m
166 166 set_kernel_config CONFIG_NFT_FIB_IPV4 m
167 167 set_kernel_config CONFIG_NFT_FIB_IPV6 m
168 168 set_kernel_config CONFIG_NFT_FIB_INET m
169 169 set_kernel_config CONFIG_NFT_SOCKET m
170 170 set_kernel_config CONFIG_NFT_OSF m
171 171 set_kernel_config CONFIG_NFT_TPROXY m
172 172 set_kernel_config CONFIG_NF_DUP_NETDEV m
173 173 set_kernel_config CONFIG_NFT_DUP_NETDEV m
174 174 set_kernel_config CONFIG_NFT_FWD_NETDEV m
175 175 set_kernel_config CONFIG_NFT_FIB_NETDEV m
176 176 set_kernel_config CONFIG_NF_FLOW_TABLE_INET m
177 177 set_kernel_config CONFIG_NF_FLOW_TABLE m
178 178 set_kernel_config CONFIG_NETFILTER_XT_MATCH_SOCKET m
179 179 set_kernel_config CONFIG_NFT_CHAIN_ROUTE_IPV6 m
180 180 set_kernel_config CONFIG_NFT_CHAIN_NAT_IPV6 m
181 181 set_kernel_config CONFIG_NFT_MASQ_IPV6 m
182 182 set_kernel_config CONFIG_NFT_REDIR_IPV6 m
183 183 set_kernel_config CONFIG_NFT_REJECT_IPV6 m
184 184 set_kernel_config CONFIG_NFT_DUP_IPV6 m
185 185 set_kernel_config CONFIG_NFT_FIB_IPV6 m
186 186 set_kernel_config CONFIG_NF_FLOW_TABLE_IPV6 m
187 187 set_kernel_config CONFIG_NF_TABLES_BRIDGE m
188 188 set_kernel_config CONFIG_NFT_BRIDGE_REJECT m
189 189 set_kernel_config CONFIG_NF_LOG_BRIDGE m
190 190 set_kernel_config CONFIG_MT76_CORE m
191 191 set_kernel_config CONFIG_MT76_LEDS m
192 192 set_kernel_config CONFIG_MT76_USB m
193 193 set_kernel_config CONFIG_MT76x2_COMMON m
194 194 set_kernel_config CONFIG_MT76x0U m
195 195 set_kernel_config CONFIG_MT76x2U m
196 196 set_kernel_config CONFIG_TOUCHSCREEN_ILI210X m
197 197 set_kernel_config CONFIG_BCM_VC_SM m
198 198 set_kernel_config CONFIG_BCM2835_SMI_DEV m
199 199 set_kernel_config CONFIG_RPIVID_MEM m
200 200 set_kernel_config CONFIG_HW_RANDOM_BCM2835 y
201 201 set_kernel_config CONFIG_TCG_TPM m
202 202 set_kernel_config CONFIG_HW_RANDOM_TPM y
203 203 set_kernel_config CONFIG_TCG_TIS m
204 204 set_kernel_config CONFIG_TCG_TIS_SPI m
205 205 set_kernel_config CONFIG_I2C_MUX m
206 206 set_kernel_config CONFIG_I2C_MUX_GPMUX m
207 207 set_kernel_config CONFIG_I2C_MUX_PCA954x m
208 208 set_kernel_config CONFIG_SPI_GPIO m
209 209 set_kernel_config CONFIG_BATTERY_MAX17040 m
210 210 set_kernel_config CONFIG_SENSORS_GPIO_FAN m
211 211 set_kernel_config CONFIG_SENSORS_RASPBERRYPI_HWMON m
212 212 set_kernel_config CONFIG_BCM2835_THERMAL y
213 213 set_kernel_config CONFIG_RC_CORE y
214 214 set_kernel_config CONFIG_RC_MAP y
215 215 set_kernel_config CONFIG_LIRC y
216 216 set_kernel_config CONFIG_RC_DECODERS y
217 217 set_kernel_config CONFIG_IR_NEC_DECODER m
218 218 set_kernel_config CONFIG_IR_RC5_DECODER m
219 219 set_kernel_config CONFIG_IR_RC6_DECODER m
220 220 set_kernel_config CONFIG_IR_JVC_DECODER m
221 221 set_kernel_config CONFIG_IR_SONY_DECODER m
222 222 set_kernel_config CONFIG_IR_SANYO_DECODER m
223 223 set_kernel_config CONFIG_IR_SHARP_DECODER m
224 224 set_kernel_config CONFIG_IR_MCE_KBD_DECODER m
225 225 set_kernel_config CONFIG_IR_XMP_DECODER m
226 226 set_kernel_config CONFIG_IR_IMON_DECODER m
227 227 set_kernel_config CONFIG_RC_DEVICES y
228 228 set_kernel_config CONFIG_RC_ATI_REMOTE m
229 229 set_kernel_config CONFIG_IR_IMON m
230 230 set_kernel_config CONFIG_IR_MCEUSB m
231 231 set_kernel_config CONFIG_IR_REDRAT3 m
232 232 set_kernel_config CONFIG_IR_STREAMZAP m
233 233 set_kernel_config CONFIG_IR_IGUANA m
234 234 set_kernel_config CONFIG_IR_TTUSBIR m
235 235 set_kernel_config CONFIG_RC_LOOPBACK m
236 236 set_kernel_config CONFIG_IR_GPIO_CIR m
237 237 set_kernel_config CONFIG_IR_GPIO_TX m
238 238 set_kernel_config CONFIG_IR_PWM_TX m
239 239 set_kernel_config CONFIG_VIDEO_V4L2_SUBDEV_API y
240 240 set_kernel_config CONFIG_VIDEO_AU0828_RC y
241 241 set_kernel_config CONFIG_VIDEO_CX231XX m
242 242 set_kernel_config CONFIG_VIDEO_CX231XX_RC y
243 243 set_kernel_config CONFIG_VIDEO_CX231XX_ALSA m
244 244 set_kernel_config CONFIG_VIDEO_CX231XX_DVB m
245 245 set_kernel_config CONFIG_VIDEO_TM6000 m
246 246 set_kernel_config CONFIG_VIDEO_TM6000_ALSA m
247 247 set_kernel_config CONFIG_VIDEO_TM6000_DVB m
248 248 set_kernel_config CONFIG_DVB_USB m
249 249 set_kernel_config CONFIG_DVB_USB_DIB3000MC m
250 250 set_kernel_config CONFIG_DVB_USB_A800 m
251 251 set_kernel_config CONFIG_DVB_USB_DIBUSB_MB m
252 252 set_kernel_config CONFIG_DVB_USB_DIBUSB_MB_FAULTY y
253 253 set_kernel_config CONFIG_DVB_USB_DIBUSB_MC m
254 254 set_kernel_config CONFIG_DVB_USB_DIB0700 m
255 255 set_kernel_config CONFIG_DVB_USB_UMT_010 m
256 256 set_kernel_config CONFIG_DVB_USB_CXUSB m
257 257 set_kernel_config CONFIG_DVB_USB_M920X m
258 258 set_kernel_config CONFIG_DVB_USB_DIGITV m
259 259 set_kernel_config CONFIG_DVB_USB_VP7045 m
260 260 set_kernel_config CONFIG_DVB_USB_VP702X m
261 261 set_kernel_config CONFIG_DVB_USB_GP8PSK m
262 262 set_kernel_config CONFIG_DVB_USB_NOVA_T_USB2 m
263 263 set_kernel_config CONFIG_DVB_USB_TTUSB2 m
264 264 set_kernel_config CONFIG_DVB_USB_DTT200U m
265 265 set_kernel_config CONFIG_DVB_USB_OPERA1 m
266 266 set_kernel_config CONFIG_DVB_USB_AF9005 m
267 267 set_kernel_config CONFIG_DVB_USB_AF9005_REMOTE m
268 268 set_kernel_config CONFIG_DVB_USB_PCTV452E m
269 269 set_kernel_config CONFIG_DVB_USB_DW2102 m
270 270 set_kernel_config CONFIG_DVB_USB_CINERGY_T2 m
271 271 set_kernel_config CONFIG_DVB_USB_DTV5100 m
272 272 set_kernel_config CONFIG_DVB_USB_AZ6027 m
273 273 set_kernel_config CONFIG_DVB_USB_TECHNISAT_USB2 m
274 274 set_kernel_config CONFIG_DVB_USB_AF9015 m
275 275 set_kernel_config CONFIG_DVB_USB_LME2510 m
276 276 set_kernel_config CONFIG_DVB_USB_RTL28XXU m
277 277 set_kernel_config CONFIG_VIDEO_EM28XX_RC m
278 278 set_kernel_config CONFIG_SMS_SIANO_RC m
279 279 set_kernel_config CONFIG_VIDEO_IR_I2C m
280 280 set_kernel_config CONFIG_VIDEO_ADV7180 m
281 281 set_kernel_config CONFIG_VIDEO_TC358743 m
282 282 set_kernel_config CONFIG_VIDEO_OV5647 m
283 283 set_kernel_config CONFIG_DVB_M88DS3103 m
284 284 set_kernel_config CONFIG_DVB_AF9013 m
285 285 set_kernel_config CONFIG_DVB_RTL2830 m
286 286 set_kernel_config CONFIG_DVB_RTL2832 m
287 287 set_kernel_config CONFIG_DVB_SI2168 m
288 288 set_kernel_config CONFIG_DVB_GP8PSK_FE m
289 289 set_kernel_config CONFIG_DVB_USB m
290 290 set_kernel_config CONFIG_DVB_LGDT3306A m
291 291 set_kernel_config CONFIG_FB_SIMPLE y
292 292 set_kernel_config CONFIG_SND_BCM2708_SOC_IQAUDIO_CODEC m
293 293 set_kernel_config CONFIG_SND_BCM2708_SOC_I_SABRE_Q2M m
294 294 set_kernel_config CONFIG_SND_AUDIOSENSE_PI m
295 295 set_kernel_config CONFIG_SND_SOC_AD193X m
296 296 set_kernel_config CONFIG_SND_SOC_AD193X_SPI m
297 297 set_kernel_config CONFIG_SND_SOC_AD193X_I2C m
298 298 set_kernel_config CONFIG_SND_SOC_CS4265 m
299 299 set_kernel_config CONFIG_SND_SOC_DA7213 m
300 300 set_kernel_config CONFIG_SND_SOC_ICS43432 m
301 301 set_kernel_config CONFIG_SND_SOC_TLV320AIC32X4 m
302 302 set_kernel_config CONFIG_SND_SOC_TLV320AIC32X4_I2C m
303 303 set_kernel_config CONFIG_SND_SOC_I_SABRE_CODEC m
304 304 set_kernel_config CONFIG_HID_BIGBEN_FF m
305 305 #set_kernel_config CONFIG_USB_XHCI_PLATFORM y
306 306 set_kernel_config CONFIG_USB_TMC m
307 307 set_kernel_config CONFIG_USB_UAS y
308 308 set_kernel_config CONFIG_USBIP_VUDC m
309 309 set_kernel_config CONFIG_USB_CONFIGFS m
310 310 set_kernel_config CONFIG_USB_CONFIGFS_SERIAL y
311 311 set_kernel_config CONFIG_USB_CONFIGFS_ACM y
312 312 set_kernel_config CONFIG_USB_CONFIGFS_OBEX y
313 313 set_kernel_config CONFIG_USB_CONFIGFS_NCM y
314 314 set_kernel_config CONFIG_USB_CONFIGFS_ECM y
315 315 set_kernel_config CONFIG_USB_CONFIGFS_ECM_SUBSET y
316 316 set_kernel_config CONFIG_USB_CONFIGFS_RNDIS y
317 317 set_kernel_config CONFIG_USB_CONFIGFS_EEM y
318 318 set_kernel_config CONFIG_USB_CONFIGFS_MASS_STORAGE y
319 319 set_kernel_config CONFIG_USB_CONFIGFS_F_LB_SS y
320 320 set_kernel_config CONFIG_USB_CONFIGFS_F_FS y
321 321 set_kernel_config CONFIG_USB_CONFIGFS_F_UAC1 y
322 322 set_kernel_config CONFIG_USB_CONFIGFS_F_UAC2 y
323 323 set_kernel_config CONFIG_USB_CONFIGFS_F_MIDI y
324 324 set_kernel_config CONFIG_USB_CONFIGFS_F_HID y
325 325 set_kernel_config CONFIG_USB_CONFIGFS_F_UVC y
326 326 set_kernel_config CONFIG_USB_CONFIGFS_F_PRINTER y
327 327 set_kernel_config CONFIG_LEDS_PCA963X m
328 328 set_kernel_config CONFIG_LEDS_IS31FL32XX m
329 329 set_kernel_config CONFIG_LEDS_TRIGGER_NETDEV m
330 330 set_kernel_config CONFIG_RTC_DRV_RV3028 m
331 331 set_kernel_config CONFIG_AUXDISPLAY y
332 332 set_kernel_config CONFIG_HD44780 m
333 333 set_kernel_config CONFIG_FB_TFT_SH1106 m
334 334 set_kernel_config CONFIG_VIDEO_CODEC_BCM2835 m
335 335 set_kernel_config CONFIG_BCM2835_POWER y
336 336 set_kernel_config CONFIG_INV_MPU6050_IIO m
337 337 set_kernel_config CONFIG_INV_MPU6050_I2C m
338 338 set_kernel_config CONFIG_SECURITYFS y
339 339
340 340 # Safer to build this in
341 341 set_kernel_config CONFIG_BINFMT_MISC y
342 342
343 343 # pulseaudio wants a buffer of at least this size
344 344 set_kernel_config CONFIG_SND_HDA_PREALLOC_SIZE 2048
345 345
346 346 # PR#3063: enable 3D acceleration with 64-bit kernel on RPi4
347 347 # set the appropriate kernel configs unlocked by this PR
348 348 set_kernel_config CONFIG_ARCH_BCM y
349 349 set_kernel_config CONFIG_ARCH_BCM2835 y
350 350 set_kernel_config CONFIG_DRM_V3D m
351 351 set_kernel_config CONFIG_DRM_VC4 m
352 352 set_kernel_config CONFIG_DRM_VC4_HDMI_CEC y
353 353
354 354 # PR#3144: add arm64 pcie bounce buffers; enables 4GiB on RPi4
355 355 # required by PR#3144; should already be applied, but just to be safe
356 356 set_kernel_config CONFIG_PCIE_BRCMSTB y
357 357 set_kernel_config CONFIG_BCM2835_MMC y
358 358
359 359 # Snap needs squashfs. The ubuntu eoan-preinstalled-server image at
360 360 # http://cdimage.ubuntu.com/ubuntu-server/daily-preinstalled/current/ uses snap
361 361 # during cloud-init setup at first boot. Without this the login accounts are not
362 362 # created and the user can not login.
363 363 set_kernel_config CONFIG_SQUASHFS y
364 364
365 365 # Ceph support for Block Device (RBD) and Filesystem (FS)
366 366 # https://docs.ceph.com/docs/master/
367 367 set_kernel_config CONFIG_CEPH_LIB m
368 368 set_kernel_config CONFIG_CEPH_LIB_USE_DNS_RESOLVER y
369 369 set_kernel_config CONFIG_CEPH_FS m
370 370 set_kernel_config CONFIG_CEPH_FSCACHE y
371 371 set_kernel_config CONFIG_CEPH_FS_POSIX_ACL y
372 372 set_kernel_config CONFIG_BLK_DEV_RBD m
373 373 fi
374 374
375 375 # enable basic KVM support; see https://www.raspberrypi.org/forums/viewtopic.php?f=63&t=210546&start=25#p1300453
376 376 if [ "$KERNEL_VIRT" = true ] && { [ "$RPI_MODEL" = 2 ] || [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] || [ "$RPI_MODEL" = 4 ]; } ; then
377 377 set_kernel_config CONFIG_HAVE_KVM y
378 378 set_kernel_config CONFIG_HIGH_RES_TIMERS y
379 379 set_kernel_config CONFIG_HAVE_KVM_IRQCHIP y
380 380 set_kernel_config CONFIG_HAVE_KVM_ARCH_TLB_FLUSH_ALL y
381 381 set_kernel_config CONFIG_HAVE_KVM_CPU_RELAX_INTERCEPT y
382 382 set_kernel_config CONFIG_HAVE_KVM_EVENTFD y
383 383 set_kernel_config CONFIG_HAVE_KVM_IRQFD y
384 384 set_kernel_config CONFIG_HAVE_KVM_IRQ_ROUTING y
385 385 set_kernel_config CONFIG_HAVE_KVM_MSI y
386 386 set_kernel_config CONFIG_KVM y
387 387 set_kernel_config CONFIG_KVM_ARM_HOST y
388 388 set_kernel_config CONFIG_KVM_ARM_PMU y
389 389 set_kernel_config CONFIG_KVM_COMPAT y
390 390 set_kernel_config CONFIG_KVM_GENERIC_DIRTYLOG_READ_PROTECT y
391 391 set_kernel_config CONFIG_KVM_MMIO y
392 392 set_kernel_config CONFIG_KVM_VFIO y
393 393 set_kernel_config CONFIG_KVM_MMU_AUDIT y
394 394 set_kernel_config CONFIG_VHOST m
395 395 set_kernel_config CONFIG_VHOST_CROSS_ENDIAN_LEGACY y
396 396 set_kernel_config CONFIG_VHOST_NET m
397 397 set_kernel_config CONFIG_VIRTUALIZATION y
398 398 set_kernel_config CONFIG_SLAB_FREELIST_RANDOM=y
399 399 set_kernel_config CONFIG_SLAB_FREELIST_HARDENED=y
400 400 set_kernel_config CONFIG_MMU_NOTIFIER y
401 401
402 402 # erratum
403 403 set_kernel_config ARM64_ERRATUM_834220 y
404 404
405 405 # https://sourceforge.net/p/kvm/mailman/message/18440797/
406 406 set_kernel_config CONFIG_PREEMPT_NOTIFIERS y
407 407 fi
408 408
409 409 # enable apparmor,integrity audit,
410 410 if [ "$KERNEL_SECURITY" = true ] ; then
411 411
412 412 # security filesystem, security models and audit
413 413 set_kernel_config CONFIG_SECURITYFS y
414 414 set_kernel_config CONFIG_SECURITY y
415 415 set_kernel_config CONFIG_AUDIT y
416 416
417 417 # harden strcpy and memcpy
418 418 set_kernel_config CONFIG_HARDENED_USERCOPY y
419 419 set_kernel_config CONFIG_HAVE_HARDENED_USERCOPY_ALLOCATOR y
420 420 set_kernel_config CONFIG_FORTIFY_SOURCE y
421 421
422 422 # integrity sub-system
423 423 set_kernel_config CONFIG_INTEGRITY y
424 424 set_kernel_config CONFIG_INTEGRITY_ASYMMETRIC_KEYS y
425 425 set_kernel_config CONFIG_INTEGRITY_AUDIT y
426 426 set_kernel_config CONFIG_INTEGRITY_SIGNATURE y
427 427 set_kernel_config CONFIG_INTEGRITY_TRUSTED_KEYRING y
428 428
429 429 # This option provides support for retaining authentication tokens and access keys in the kernel.
430 430 set_kernel_config CONFIG_KEYS y
431 431 set_kernel_config CONFIG_KEYS_COMPAT y
432 432
433 433 # Apparmor
434 434 set_kernel_config CONFIG_SECURITY_APPARMOR_BOOTPARAM_VALUE 0
435 435 set_kernel_config CONFIG_SECURITY_APPARMOR_HASH_DEFAULT y
436 436 set_kernel_config CONFIG_DEFAULT_SECURITY_APPARMOR y
437 437 set_kernel_config CONFIG_SECURITY_APPARMOR y
438 438 set_kernel_config CONFIG_SECURITY_APPARMOR_HASH y
439 439 set_kernel_config CONFIG_DEFAULT_SECURITY "apparmor"
440 440
441 441 # restrictions on unprivileged users reading the kernel
442 442 set_kernel_config CONFIG_SECURITY_DMESG_RESTRICT y
443 443
444 444 # network security hooks
445 445 set_kernel_config CONFIG_SECURITY_NETWORK y
446 446 set_kernel_config CONFIG_SECURITY_NETWORK_XFRM y
447 447 set_kernel_config CONFIG_SECURITY_PATH y
448 448 set_kernel_config CONFIG_SECURITY_YAMA n
449 449
450 450 set_kernel_config CONFIG_SECURITY_SELINUX n
451 451 set_kernel_config CONFIG_SECURITY_SMACK n
452 452 set_kernel_config CONFIG_SECURITY_TOMOYO n
453 453 set_kernel_config CONFIG_SECURITY_APPARMOR_DEBUG n
454 454 set_kernel_config CONFIG_SECURITY_LOADPIN n
455 455 set_kernel_config CONFIG_HARDENED_USERCOPY_PAGESPAN n
456 456 set_kernel_config CONFIG_IMA n
457 457 set_kernel_config CONFIG_EVM n
458 458 set_kernel_config CONFIG_FANOTIFY_ACCESS_PERMISSIONS y
459 459 set_kernel_config CONFIG_NFSD_V4_SECURITY_LABEL y
460 460 set_kernel_config CONFIG_PKCS7_MESSAGE_PARSER y
461 461 set_kernel_config CONFIG_SYSTEM_TRUSTED_KEYRING y
462 462 set_kernel_config CONFIG_SYSTEM_EXTRA_CERTIFICATE y
463 463 set_kernel_config CONFIG_SECONDARY_TRUSTED_KEYRING y
464 464 set_kernel_config CONFIG_IMA_KEYRINGS_PERMIT_SIGNED_BY_BUILTIN_OR_SECONDARY n
465 465 set_kernel_config CONFIG_SYSTEM_TRUSTED_KEYS m
466 466 set_kernel_config CONFIG_SYSTEM_EXTRA_CERTIFICATE_SIZE 4096
467 467
468 468 set_kernel_config CONFIG_ARM64_CRYPTO y
469 469 set_kernel_config CONFIG_CRYPTO_SHA256_ARM64 m
470 470 set_kernel_config CONFIG_CRYPTO_SHA512_ARM64 m
471 471 set_kernel_config CONFIG_CRYPTO_SHA1_ARM64_CE m
472 472 set_kernel_config CRYPTO_GHASH_ARM64_CE m
473 473 set_kernel_config CRYPTO_SHA2_ARM64_CE m
474 474 set_kernel_config CONFIG_CRYPTO_CRCT10DIF_ARM64_CE m
475 475 set_kernel_config CONFIG_CRYPTO_CRC32_ARM64_CE m
476 476 set_kernel_config CONFIG_CRYPTO_AES_ARM64 m
477 477 set_kernel_config CONFIG_CRYPTO_AES_ARM64_CE m
478 478 set_kernel_config CONFIG_CRYPTO_AES_ARM64_CE_CCM y
479 479 set_kernel_config CONFIG_CRYPTO_AES_ARM64_CE_BLK y
480 480 set_kernel_config CONFIG_CRYPTO_AES_ARM64_NEON_BLK m
481 481 set_kernel_config CONFIG_CRYPTO_CHACHA20_NEON m
482 482 set_kernel_config CONFIG_CRYPTO_AES_ARM64_BS m
483 483 fi
484 484
485 485 # Netfilter kernel support See https://github.com/raspberrypi/linux/issues/2177#issuecomment-354647406
486 486 if [ "$KERNEL_NF" = true ] ; then
487 487 set_kernel_config CONFIG_IP_NF_SECURITY m
488 488 set_kernel_config CONFIG_NETLABEL y
489 489 set_kernel_config CONFIG_IP6_NF_SECURITY m
490 490 set_kernel_config CONFIG_IP_NF_TARGET_SYNPROXY m
491 491 set_kernel_config CONFIG_NETFILTER_XT_TARGET_AUDIT m
492 492 set_kernel_config CONFIG_NETFILTER_XT_MATCH_CGROUP m
493 493 set_kernel_config CONFIG_NETFILTER_XT_MATCH_IPCOMP m
494 494 set_kernel_config CONFIG_NETFILTER_XT_MATCH_SOCKET m
495 495 set_kernel_config CONFIG_NFT_FIB_INET m
496 496 set_kernel_config CONFIG_NFT_FIB_IPV4 m
497 497 set_kernel_config CONFIG_NFT_FIB_IPV6 m
498 498 set_kernel_config CONFIG_NFT_FIB_NETDEV m
499 499 set_kernel_config CONFIG_NFT_OBJREF m
500 500 set_kernel_config CONFIG_NFT_RT m
501 501 set_kernel_config CONFIG_NFT_SET_BITMAP m
502 502 set_kernel_config CONFIG_NF_CONNTRACK_TIMEOUT y
503 503 set_kernel_config CONFIG_NF_LOG_ARP m
504 504 set_kernel_config CONFIG_NF_SOCKET_IPV4 m
505 505 set_kernel_config CONFIG_NF_SOCKET_IPV6 m
506 506 set_kernel_config CONFIG_BRIDGE_EBT_BROUTE m
507 507 set_kernel_config CONFIG_BRIDGE_EBT_T_FILTER m
508 508 set_kernel_config CONFIG_BRIDGE_NF_EBTABLES m
509 509 set_kernel_config CONFIG_IP6_NF_IPTABLES m
510 510 set_kernel_config CONFIG_IP6_NF_MATCH_AH m
511 511 set_kernel_config CONFIG_IP6_NF_MATCH_EUI64 m
512 512 set_kernel_config CONFIG_IP6_NF_NAT m
513 513 set_kernel_config CONFIG_IP6_NF_TARGET_MASQUERADE m
514 514 set_kernel_config CONFIG_IP6_NF_TARGET_NPT m
515 515 set_kernel_config CONFIG_IP_SET_BITMAP_IPMAC m
516 516 set_kernel_config CONFIG_IP_SET_BITMAP_PORT m
517 517 set_kernel_config CONFIG_IP_SET_HASH_IP m
518 518 set_kernel_config CONFIG_IP_SET_HASH_IPMARK m
519 519 set_kernel_config CONFIG_IP_SET_HASH_IPPORT m
520 520 set_kernel_config CONFIG_IP_SET_HASH_IPPORTIP m
521 521 set_kernel_config CONFIG_IP_SET_HASH_IPPORTNET m
522 522 set_kernel_config CONFIG_IP_SET_HASH_MAC m
523 523 set_kernel_config CONFIG_IP_SET_HASH_NET m
524 524 set_kernel_config CONFIG_IP_SET_HASH_NETIFACE m
525 525 set_kernel_config CONFIG_IP_SET_HASH_NETNET m
526 526 set_kernel_config CONFIG_IP_SET_HASH_NETPORT m
527 527 set_kernel_config CONFIG_IP_SET_HASH_NETPORTNET m
528 528 set_kernel_config CONFIG_IP_SET_LIST_SET m
529 529 set_kernel_config CONFIG_NETFILTER_XTABLES m
530 530 set_kernel_config CONFIG_NETFILTER_XTABLES m
531 531 set_kernel_config CONFIG_NFT_BRIDGE_META m
532 532 set_kernel_config CONFIG_NFT_BRIDGE_REJECT m
533 533 set_kernel_config CONFIG_NFT_CHAIN_NAT_IPV4 m
534 534 set_kernel_config CONFIG_NFT_CHAIN_NAT_IPV6 m
535 535 set_kernel_config CONFIG_NFT_CHAIN_ROUTE_IPV4 m
536 536 set_kernel_config CONFIG_NFT_CHAIN_ROUTE_IPV6 m
537 537 set_kernel_config CONFIG_NFT_COMPAT m
538 538 set_kernel_config CONFIG_NFT_COUNTER m
539 539 set_kernel_config CONFIG_NFT_CT m
540 540 set_kernel_config CONFIG_NFT_DUP_IPV4 m
541 541 set_kernel_config CONFIG_NFT_DUP_IPV6 m
542 542 set_kernel_config CONFIG_NFT_DUP_NETDEV m
543 543 set_kernel_config CONFIG_NFT_EXTHDR m
544 544 set_kernel_config CONFIG_NFT_FWD_NETDEV m
545 545 set_kernel_config CONFIG_NFT_HASH m
546 546 set_kernel_config CONFIG_NFT_LIMIT m
547 547 set_kernel_config CONFIG_NFT_LOG m
548 548 set_kernel_config CONFIG_NFT_MASQ m
549 549 set_kernel_config CONFIG_NFT_MASQ_IPV4 m
550 550 set_kernel_config CONFIG_NFT_MASQ_IPV6 m
551 551 set_kernel_config CONFIG_NFT_META m
552 552 set_kernel_config CONFIG_NFT_NAT m
553 553 set_kernel_config CONFIG_NFT_NUMGEN m
554 554 set_kernel_config CONFIG_NFT_QUEUE m
555 555 set_kernel_config CONFIG_NFT_QUOTA m
556 556 set_kernel_config CONFIG_NFT_REDIR m
557 557 set_kernel_config CONFIG_NFT_REDIR_IPV4 m
558 558 set_kernel_config CONFIG_NFT_REDIR_IPV6 m
559 559 set_kernel_config CONFIG_NFT_REJECT m
560 560 set_kernel_config CONFIG_NFT_REJECT_INET m
561 561 set_kernel_config CONFIG_NFT_REJECT_IPV4 m
562 562 set_kernel_config CONFIG_NFT_REJECT_IPV6 m
563 563 set_kernel_config CONFIG_NFT_SET_HASH m
564 564 set_kernel_config CONFIG_NFT_SET_RBTREE m
565 565 set_kernel_config CONFIG_NF_CONNTRACK_IPV4 m
566 566 set_kernel_config CONFIG_NF_CONNTRACK_IPV6 m
567 567 set_kernel_config CONFIG_NF_DEFRAG_IPV4 m
568 568 set_kernel_config CONFIG_NF_DEFRAG_IPV6 m
569 569 set_kernel_config CONFIG_NF_DUP_IPV4 m
570 570 set_kernel_config CONFIG_NF_DUP_IPV6 m
571 571 set_kernel_config CONFIG_NF_DUP_NETDEV m
572 572 set_kernel_config CONFIG_NF_LOG_BRIDGE m
573 573 set_kernel_config CONFIG_NF_LOG_IPV4 m
574 574 set_kernel_config CONFIG_NF_LOG_IPV6 m
575 575 set_kernel_config CONFIG_NF_NAT_IPV4 m
576 576 set_kernel_config CONFIG_NF_NAT_IPV6 m
577 577 set_kernel_config CONFIG_NF_NAT_MASQUERADE_IPV4 y
578 578 set_kernel_config CONFIG_NF_NAT_MASQUERADE_IPV6 y
579 579 set_kernel_config CONFIG_NF_NAT_PPTP m
580 580 set_kernel_config CONFIG_NF_NAT_PROTO_GRE m
581 581 set_kernel_config CONFIG_NF_NAT_REDIRECT y
582 582 set_kernel_config CONFIG_NF_NAT_SIP m
583 583 set_kernel_config CONFIG_NF_NAT_SNMP_BASIC m
584 584 set_kernel_config CONFIG_NF_NAT_TFTP m
585 585 set_kernel_config CONFIG_NF_REJECT_IPV4 m
586 586 set_kernel_config CONFIG_NF_REJECT_IPV6 m
587 587 set_kernel_config CONFIG_NF_TABLES m
588 588 set_kernel_config CONFIG_NF_TABLES_ARP m
589 589 set_kernel_config CONFIG_NF_TABLES_BRIDGE m
590 590 set_kernel_config CONFIG_NF_TABLES_INET m
591 591 set_kernel_config CONFIG_NF_TABLES_IPV4 y
592 592 set_kernel_config CONFIG_NF_TABLES_IPV6 y
593 593 set_kernel_config CONFIG_NF_TABLES_NETDEV m
594 594 set_kernel_config CONFIG_NF_TABLES_SET m
595 595 set_kernel_config CONFIG_NF_TABLES_INET y
596 596 set_kernel_config CONFIG_NF_TABLES_NETDEV y
597 597 set_kernel_config CONFIG_NFT_CONNLIMIT m
598 598 set_kernel_config CONFIG_NFT_TUNNEL m
599 599 set_kernel_config CONFIG_NFT_SOCKET m
600 600 set_kernel_config CONFIG_NFT_TPROXY m
601 601 set_kernel_config CONFIG_NF_FLOW_TABLE m
602 602 set_kernel_config CONFIG_NFT_FLOW_OFFLOAD m
603 603 set_kernel_config CONFIG_NF_FLOW_TABLE_INET m
604 604 set_kernel_config CONFIG_NF_TABLES_ARP y
605 605 set_kernel_config CONFIG_NF_FLOW_TABLE_IPV4 y
606 606 set_kernel_config CONFIG_NF_FLOW_TABLE_IPV6 y
607 607 set_kernel_config CONFIG_NF_TABLES_BRIDGE y
608 608 set_kernel_config CONFIG_NF_CT_NETLINK_TIMEOUT m
609 609 set_kernel_config CONFIG_NFT_OSF m
610 610
611 611 fi
612 612
613 613 # Enables BPF syscall for systemd-journald see https://github.com/torvalds/linux/blob/master/init/Kconfig#L848 or https://groups.google.com/forum/#!topic/linux.gentoo.user/_2aSc_ztGpA
614 614 if [ "$KERNEL_BPF" = true ] ; then
615 615 set_kernel_config CONFIG_BPF_SYSCALL y
616 616 set_kernel_config CONFIG_BPF_EVENTS y
617 617 set_kernel_config CONFIG_BPF_STREAM_PARSER y
618 618 set_kernel_config CONFIG_CGROUP_BPF y
619 619 set_kernel_config CONFIG_XDP_SOCKETS y
620 620 fi
621 621
622 622 # KERNEL_DEFAULT_GOV was set by user
623 623 if [ "$KERNEL_DEFAULT_GOV" != powersave ] && [ -n "$KERNEL_DEFAULT_GOV" ] ; then
624 624
625 625 case "$KERNEL_DEFAULT_GOV" in
626 626 performance)
627 627 set_kernel_config CONFIG_CPU_FREQ_DEFAULT_GOV_PERFORMANCE y
628 628 ;;
629 629 userspace)
630 630 set_kernel_config CONFIG_CPU_FREQ_DEFAULT_GOV_USERSPACE y
631 631 ;;
632 632 ondemand)
633 633 set_kernel_config CONFIG_CPU_FREQ_DEFAULT_GOV_ONDEMAND y
634 634 ;;
635 635 conservative)
636 636 set_kernel_config CONFIG_CPU_FREQ_DEFAULT_GOV_CONSERVATIVE y
637 637 ;;
638 638 shedutil)
639 639 set_kernel_config CONFIG_CPU_FREQ_DEFAULT_GOV_SCHEDUTIL y
640 640 ;;
641 641 *)
642 642 echo "error: unsupported default cpu governor"
643 643 exit 1
644 644 ;;
645 645 esac
646 646
647 647 # unset previous default governor
648 648 unset_kernel_config CONFIG_CPU_FREQ_DEFAULT_GOV_POWERSAVE
649 649 fi
650 650
651 651 #Revert to previous directory
652 652 cd "${WORKDIR}" || exit
653 653
654 654 # Set kernel configuration parameters to enable qemu emulation
655 655 if [ "$ENABLE_QEMU" = true ] ; then
656 656 echo "CONFIG_FHANDLE=y" >> "${KERNEL_DIR}"/.config
657 657 echo "CONFIG_LBDAF=y" >> "${KERNEL_DIR}"/.config
658 658
659 if [ "$KERNEL_CRYPTFS" = true ] ; then
659 if [ "$ENABLE_CRYPTFS" = true ] ; then
660 660 {
661 661 echo "CONFIG_EMBEDDED=y"
662 662 echo "CONFIG_EXPERT=y"
663 663 echo "CONFIG_DAX=y"
664 664 echo "CONFIG_MD=y"
665 665 echo "CONFIG_BLK_DEV_MD=y"
666 666 echo "CONFIG_MD_AUTODETECT=y"
667 667 echo "CONFIG_BLK_DEV_DM=y"
668 668 echo "CONFIG_BLK_DEV_DM_BUILTIN=y"
669 669 echo "CONFIG_DM_CRYPT=y"
670 670 echo "CONFIG_CRYPTO_BLKCIPHER=y"
671 671 echo "CONFIG_CRYPTO_CBC=y"
672 672 echo "CONFIG_CRYPTO_XTS=y"
673 673 echo "CONFIG_CRYPTO_SHA512=y"
674 674 echo "CONFIG_CRYPTO_MANAGER=y"
675 675 } >> "${KERNEL_DIR}"/.config
676 676 fi
677 677 fi
678 678
679 679 # Copy custom kernel configuration file
680 680 if [ -n "$KERNELSRC_USRCONFIG" ] ; then
681 681 cp "$KERNELSRC_USRCONFIG" "${KERNEL_DIR}"/.config
682 682 fi
683 683
684 684 # Set kernel configuration parameters to their default values
685 685 if [ "$KERNEL_OLDDEFCONFIG" = true ] ; then
686 686 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" olddefconfig
687 687 fi
688 688
689 689 # Start menu-driven kernel configuration (interactive)
690 690 if [ "$KERNEL_MENUCONFIG" = true ] ; then
691 691 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" menuconfig
692 692 fi
693 693 # end if "$KERNELSRC_CONFIG" = true
694 694 fi
695 695
696 696 # Use ccache to cross compile the kernel
697 697 if [ "$KERNEL_CCACHE" = true ] ; then
698 698 cc="ccache ${CROSS_COMPILE}gcc"
699 699 else
700 700 cc="${CROSS_COMPILE}gcc"
701 701 fi
702 702
703 703 # Cross compile kernel and dtbs
704 704 make -C "${KERNEL_DIR}" -j"${KERNEL_THREADS}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" CC="${cc}" "${KERNEL_BIN_IMAGE}" dtbs
705 705
706 706 # Cross compile kernel modules
707 707 if grep -q "CONFIG_MODULES=y" "${KERNEL_DIR}/.config" ; then
708 708 make -C "${KERNEL_DIR}" -j"${KERNEL_THREADS}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" CC="${cc}" modules
709 709 fi
710 710 # end if "$KERNELSRC_PREBUILT" = false
711 711 fi
712 712
713 713 # Check if kernel compilation was successful
714 714 if [ ! -r "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/${KERNEL_BIN_IMAGE}" ] ; then
715 715 echo "error: kernel compilation failed! (kernel image not found)"
716 716 cleanup
717 717 exit 1
718 718 fi
719 719
720 720 # Install kernel modules
721 721 if [ "$ENABLE_REDUCE" = true ] ; then
722 722 if grep -q "CONFIG_MODULES=y" "${KERNEL_DIR}/.config" ; then
723 723 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_MOD_STRIP=1 INSTALL_MOD_PATH=../../.. modules_install
724 724 fi
725 725 else
726 726 if grep -q "CONFIG_MODULES=y" "${KERNEL_DIR}/.config" ; then
727 727 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_MOD_PATH=../../.. modules_install
728 728 fi
729 729
730 730 # Install kernel firmware
731 731 if grep -q "^firmware_install:" "${KERNEL_DIR}/Makefile" ; then
732 732 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_FW_PATH=../../../lib firmware_install
733 733 fi
734 734 fi
735 735
736 736 # Install kernel headers
737 737 if [ "$KERNEL_HEADERS" = true ] && [ "$KERNEL_REDUCE" = false ] ; then
738 738 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_HDR_PATH=../.. headers_install
739 739 fi
740 740
741 741 # Prepare boot (firmware) directory
742 742 mkdir "${BOOT_DIR}"
743 743
744 744 # Get kernel release version
745 745 KERNEL_VERSION=$(cat "${KERNEL_DIR}/include/config/kernel.release")
746 746
747 747 # Copy kernel configuration file to the boot directory
748 748 install_readonly "${KERNEL_DIR}/.config" "${R}/boot/config-${KERNEL_VERSION}"
749 749
750 750 # Prepare device tree directory
751 751 mkdir "${BOOT_DIR}/overlays"
752 752
753 753 # Ensure the proper .dtb is located
754 754 if [ "$KERNEL_ARCH" = "arm" ] ; then
755 755 for dtb in "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/"*.dtb ; do
756 756 if [ -f "${dtb}" ] ; then
757 757 install_readonly "${dtb}" "${BOOT_DIR}/"
758 758 fi
759 759 done
760 760 else
761 761 for dtb in "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/broadcom/"*.dtb ; do
762 762 if [ -f "${dtb}" ] ; then
763 763 install_readonly "${dtb}" "${BOOT_DIR}/"
764 764 fi
765 765 done
766 766 fi
767 767
768 768 # Copy compiled dtb device tree files
769 769 if [ -d "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays" ] ; then
770 770 for dtb in "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays/"*.dtbo ; do
771 771 if [ -f "${dtb}" ] ; then
772 772 install_readonly "${dtb}" "${BOOT_DIR}/overlays/"
773 773 fi
774 774 done
775 775
776 776 if [ -f "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays/README" ] ; then
777 777 install_readonly "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays/README" "${BOOT_DIR}/overlays/README"
778 778 fi
779 779 fi
780 780
781 781 if [ "$ENABLE_UBOOT" = false ] ; then
782 782 # Convert and copy kernel image to the boot directory
783 783 "${KERNEL_DIR}/scripts/mkknlimg" "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/${KERNEL_BIN_IMAGE}" "${BOOT_DIR}/${KERNEL_IMAGE}"
784 784 else
785 785 # Copy kernel image to the boot directory
786 786 install_readonly "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/${KERNEL_BIN_IMAGE}" "${BOOT_DIR}/${KERNEL_IMAGE}"
787 787 fi
788 788
789 789 # Remove kernel sources
790 790 if [ "$KERNEL_REMOVESRC" = true ] ; then
791 791 rm -fr "${KERNEL_DIR}"
792 792 else
793 793 # Prepare compiled kernel modules
794 794 if grep -q "CONFIG_MODULES=y" "${KERNEL_DIR}/.config" ; then
795 795 if grep -q "^modules_prepare:" "${KERNEL_DIR}/Makefile" ; then
796 796 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" modules_prepare
797 797 fi
798 798
799 799 # Create symlinks for kernel modules
800 800 chroot_exec ln -sf /usr/src/linux "/lib/modules/${KERNEL_VERSION}/build"
801 801 chroot_exec ln -sf /usr/src/linux "/lib/modules/${KERNEL_VERSION}/source"
802 802 fi
803 803 fi
804 804
805 805 else # BUILD_KERNEL=false
806 806 if [ "$SET_ARCH" = 64 ] ; then
807 807 if [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] ; then
808 808 # Use Sakakis modified kernel if ZSWAP is active
809 809 if [ "$KERNEL_ZSWAP" = true ] || [ "$KERNEL_VIRT" = true ] || [ "$KERNEL_NF" = true ] || [ "$KERNEL_BPF" = true ] ; then
810 810 RPI3_64_KERNEL_URL="${RPI3_64_BIS_KERNEL_URL}"
811 811 fi
812 812
813 813 # Create temporary directory for dl
814 814 temp_dir=$(as_nobody mktemp -d)
815 815
816 816 # Fetch kernel dl
817 817 as_nobody wget -O "${temp_dir}"/kernel.tar.xz -c "$RPI3_64_KERNEL_URL"
818 818 fi
819 819 if [ "$SET_ARCH" = 64 ] && [ "$RPI_MODEL" = 4 ] ; then
820 820 # Create temporary directory for dl
821 821 temp_dir=$(as_nobody mktemp -d)
822 822
823 823 # Fetch kernel dl
824 824 as_nobody wget -O "${temp_dir}"/kernel.tar.xz -c "$RPI4_64_KERNEL_URL"
825 825 fi
826 826
827 827 #extract download
828 828 tar -xJf "${temp_dir}"/kernel.tar.xz -C "${temp_dir}"
829 829
830 830 #move extracted kernel to /boot/firmware
831 831 mkdir "${R}/boot/firmware"
832 832 cp "${temp_dir}"/boot/* "${R}"/boot/firmware/
833 833 cp -r "${temp_dir}"/lib/* "${R}"/lib/
834 834
835 835 # Remove temporary directory for kernel sources
836 836 rm -fr "${temp_dir}"
837 837
838 838 # Set permissions of the kernel sources
839 839 chown -R root:root "${R}/boot/firmware"
840 840 chown -R root:root "${R}/lib/modules"
841 841 fi
842 842
843 843 # Install Kernel from hypriot comptabile with all Raspberry PI (dunno if its compatible with RPI4 - better compile your own kernel)
844 844 if [ "$SET_ARCH" = 32 ] && [ "$RPI_MODEL" != 4 ] ; then
845 845 # Create temporary directory for dl
846 846 temp_dir=$(as_nobody mktemp -d)
847 847
848 848 # Fetch kernel
849 849 as_nobody wget -O "${temp_dir}"/kernel.deb -c "$RPI_32_KERNEL_URL"
850 850
851 851 # Copy downloaded kernel package
852 852 mv "${temp_dir}"/kernel.deb "${R}"/tmp/kernel.deb
853 853
854 854 # Set permissions
855 855 chown -R root:root "${R}"/tmp/kernel.deb
856 856
857 857 # Install kernel
858 858 chroot_exec dpkg -i /tmp/kernel.deb
859 859
860 860 # move /boot to /boot/firmware to fit script env.
861 861 #mkdir "${BOOT_DIR}"
862 862 mkdir "${temp_dir}"/firmware
863 863 mv "${R}"/boot/* "${temp_dir}"/firmware/
864 864 mv "${temp_dir}"/firmware "${R}"/boot/
865 865
866 866 #same for kernel headers
867 867 if [ "$KERNEL_HEADERS" = true ] ; then
868 868 # Fetch kernel header
869 869 as_nobody wget -O "${temp_dir}"/kernel-header.deb -c "$RPI_32_KERNELHEADER_URL"
870 870 mv "${temp_dir}"/kernel-header.deb "${R}"/tmp/kernel-header.deb
871 871 chown -R root:root "${R}"/tmp/kernel-header.deb
872 872 # Install kernel header
873 873 chroot_exec dpkg -i /tmp/kernel-header.deb
874 874 rm -f "${R}"/tmp/kernel-header.deb
875 875 fi
876 876
877 877 # Remove temporary directory and files
878 878 rm -fr "${temp_dir}"
879 879 rm -f "${R}"/tmp/kernel.deb
880 880 fi
881 881
882 882 # Check if kernel installation was successful
883 883 KERNEL="$(ls -1 "${R}"/boot/firmware/kernel* | sort | tail -n 1)"
884 884 if [ -z "$KERNEL" ] ; then
885 885 echo "error: kernel installation failed! (/boot/kernel* not found)"
886 886 cleanup
887 887 exit 1
888 888 fi
889 889 fi
Show file before | Show file after | Hide comments
@@ -1,85 +1,87
1 1 SET_ARCH=64
2 2 RPI_MODEL=3P
3 3 RELEASE=buster
4 4
5 5 DEFLOCAL=de_DE.UTF-8
6 6 XKB_LAYOUT=de
7 7
8 8 BUILD_KERNEL=true
9 9 #KERNEL_BRANCH=rpi-4.14.y
10 10 KERNEL_CCACHE=true
11 11 KERNEL_ZSWAP=true
12 12 KERNEL_VIRT=false
13 13 KERNEL_NF=true
14 14 KERNEL_BPF=true
15 15 KERNEL_DEFAULT_GOV=ondemand
16 16 KERNEL_SECURITY=false
17 17
18 #ENABLE_CRYPTFS=false
19 #ENABLE_USBBOOT=true
20 #CRYPTFS_PASSWORD=
21 #CRYPTFS_DROPBEAR=false
22
23
18 ENABLE_CRYPTFS=true
19 ENABLE_USBBOOT=false
20 CRYPTFS_PASSWORD=Password123!
21 CRYPTFS_DROPBEAR=true
22 CRYPTFS_CIPHER="aes-xts-plain64
23 CRYPTFS_HASH=sha512
24 CRYPTFS_XTSKEYSIZE=512
25 #CRYPTFS_DROPBEAR_PUBKEY=pathtokey
24 26
25 27 HOSTNAME=RPI
26 28 USER_NAME=helge
27 USER_PASSWORD=helge
29 USER_PASSWORD=Password123!
28 30 PASSWORD=helge
29 31
30 32 ENABLE_DPHYSSWAP=false
31 33 ENABLE_SYSTEMDSWAP=true
32 34 ENABLE_CONSOLE=false
33 35 ENABLE_NEXMON=false
34 36 ENABLE_BLUETOOTH=true
35 37 ENABLE_MINIUART_OVERLAY=false
36 38 ENABLE_QEMU=false
37 39 ENABLE_VIDEOCORE=true
38 40 ENABLE_IPTABLES=true
39 41 ENABLE_I2C=true
40 42 ENABLE_SPI=true
41 43 ENABLE_NONFREE=true
42 44 ENABLE_WIRELESS=false
43 45 ENABLE_SOUND=true
44 46 ENABLE_MINGPU=false
45 47 ENABLE_DBUS=true
46 48 ENABLE_IFNAMES=false
47 49 ENABLE_UBOOT=false
48 50 ENABLE_SPLITFS=false
49 51 ENABLE_INITRAMFS=true
50 52 ENABLE_SYSVINIT=true
51 53 ENABLE_ROOT=false
52 54 ENABLE_MINBASE=false
53 55 ENABLE_XORG=false
54 56 ENABLE_RSYSLOG=true
55 57 ENABLE_HWRANDOM=true
56 58 ENABLE_IPV6=true
57 59 ENABLE_DHCP=false
58 60 ENABLE_KEYGEN=true
59 61
60 62 NET_ADDRESS=192.168.1.101/24
61 63 NET_GATEWAY=192.168.1.1
62 64 NET_DNS_1=192.168.1.3
63 65 #NET_DNS_2=192.168.1.1
64 66 NET_DNS_DOMAINS=
65 67 NTP=192.168.1.2
66 68
67 69 ENABLE_REDUCE=true
68 70 REDUCE_APT=true
69 71 REDUCE_DOC=true
70 72 REDUCE_MAN=true
71 73 REDUCE_VIM=false
72 74 REDUCE_BASH=false
73 75 REDUCE_HWDB=false
74 76 REDUCE_SSHD=false
75 77 REDUCE_LOCALE=false
76 78 SSH_LIMIT_USERS=true
77 79
78 80 #KERNELSRC_DIR=/home/helge/linux
79 81 #RPI_FIRMWARE_DIR=/home/helge/firmware
80 82 #UBOOTSRC_DIR=/home/helge/u-boot
81 83 #VIDEOCORESRC_DIR=/home/helge/userland
82 APT_INCLUDES=git,usbutils,hostapd,firmware-linux-free
84 APT_INCLUDES=git,usbutils,firmware-linux-free
83 85 APT_PROXY="http://127.0.0.1:3142/"
84 86 IMAGE_NAME=RPI-3P
85 87 #ENABLE_UBOOTUSB=true
General Comments 0
Vous devez vous connecter pour laisser un commentaire. Se connecter maintenant