##// END OF EJS Templates
Merge pull request #9 from drtyhlpr/master...
burnbabyburn -
r477:96563fea2919 Fusion
parent child
Show More
@@ -0,0 +1,33
1 SUBSYSTEM=="input", GROUP="input", MODE="0660"
2 SUBSYSTEM=="i2c-dev", GROUP="i2c", MODE="0660"
3 SUBSYSTEM=="spidev", GROUP="spi", MODE="0660"
4 SUBSYSTEM=="bcm2835-gpiomem", GROUP="gpio", MODE="0660"
5
6 SUBSYSTEM=="gpio", GROUP="gpio", MODE="0660"
7 SUBSYSTEM=="gpio*", PROGRAM="/bin/sh -c '\
8 chown -R root:gpio /sys/class/gpio && chmod -R 770 /sys/class/gpio;\
9 chown -R root:gpio /sys/devices/virtual/gpio && chmod -R 770 /sys/devices/virtual/gpio;\
10 chown -R root:gpio /sys$devpath && chmod -R 770 /sys$devpath\
11 '"
12
13 KERNEL=="ttyAMA[01]", PROGRAM="/bin/sh -c '\
14 ALIASES=/proc/device-tree/aliases; \
15 if cmp -s $ALIASES/uart0 $ALIASES/serial0; then \
16 echo 0;\
17 elif cmp -s $ALIASES/uart0 $ALIASES/serial1; then \
18 echo 1; \
19 else \
20 exit 1; \
21 fi\
22 '", SYMLINK+="serial%c"
23
24 KERNEL=="ttyS0", PROGRAM="/bin/sh -c '\
25 ALIASES=/proc/device-tree/aliases; \
26 if cmp -s $ALIASES/uart1 $ALIASES/serial0; then \
27 echo 0; \
28 elif cmp -s $ALIASES/uart1 $ALIASES/serial1; then \
29 echo 1; \
30 else \
31 exit 1; \
32 fi \
33 '", SYMLINK+="serial%c"
@@ -0,0 +1,1
1 kernel.printk = 3 4 1 3 No newline at end of file
@@ -0,0 +1,5
1 # Configuration template file used by rpi23-gen-image.sh
2 RPI_MODEL=0
3 RELEASE=buster
4 BUILD_KERNEL=true
5 # ENABLE_BLUETOOTH=false
@@ -0,0 +1,5
1 # Configuration template file used by rpi23-gen-image.sh
2 RPI_MODEL=0
3 RELEASE=stretch
4 BUILD_KERNEL=true
5 # ENABLE_BLUETOOTH=false
@@ -0,0 +1,4
1 # Configuration template file used by rpi23-gen-image.sh
2 RPI_MODEL=1P
3 RELEASE=buster
4 BUILD_KERNEL=true
@@ -0,0 +1,4
1 # Configuration template file used by rpi23-gen-image.sh
2 RPI_MODEL=1P
3 RELEASE=stretch
4 BUILD_KERNEL=true
@@ -0,0 +1,4
1 # Configuration template file used by rpi23-gen-image.sh
2 RPI_MODEL=3
3 RELEASE=buster
4 BUILD_KERNEL=true
@@ -0,0 +1,4
1 # Configuration template file used by rpi23-gen-image.sh
2 RPI_MODEL=2
3 RELEASE=stretch
4 BUILD_KERNEL=true
@@ -0,0 +1,6
1 # Configuration template file used by rpi23-gen-image.sh
2 RPI_MODEL=3P
3 RELEASE=buster
4 BUILD_KERNEL=true
5 # ENABLE_WIRELESS=false
6 # ENABLE_BLUETOOTH=false
@@ -0,0 +1,6
1 # Configuration template file used by rpi23-gen-image.sh
2 RPI_MODEL=3P
3 RELEASE=stretch
4 BUILD_KERNEL=true
5 # ENABLE_WIRELESS=false
6 # ENABLE_BLUETOOTH=false
@@ -1,490 +1,500
1 1 # rpi23-gen-image
2 2 ## Introduction
3 `rpi23-gen-image.sh` is an advanced Debian Linux bootstrapping shell script for generating Debian OS images for Raspberry Pi 2 (RPi2) and Raspberry Pi 3 (RPi3) computers. The script at this time supports the bootstrapping of the Debian (armhf) releases `stretch` and `buster`. Raspberry Pi 3 images are generated for 32-bit mode only. Raspberry Pi 3 64-bit images can be generated using custom configuration parameters (```templates/rpi3-stretch-arm64-4.14.y```).
3 `rpi23-gen-image.sh` is an advanced Debian Linux bootstrapping shell script for generating Debian OS images for all Raspberry Pi computers. The script at this time supports the bootstrapping of the Debian (armhf/armel) releases `stretch` and `buster`. Raspberry Pi 0/1/2/3 images are generated for 32-bit mode only. Raspberry Pi 3 supports 64-bit images that can be generated using custom configuration parameters (```templates/rpi3-stretch-arm64-4.14.y```).
4 4
5 5 ## Build dependencies
6 6 The following list of Debian packages must be installed on the build system because they are essentially required for the bootstrapping process. The script will check if all required packages are installed and missing packages will be installed automatically if confirmed by the user.
7 7
8 8 ```debootstrap debian-archive-keyring qemu-user-static binfmt-support dosfstools rsync bmap-tools whois git bc psmisc dbus sudo```
9 9
10 It is recommended to configure the `rpi23-gen-image.sh` script to build and install the latest Raspberry Pi Linux kernel. For the RPi3 this is mandatory. Kernel compilation and linking will be performed on the build system using an ARM (armhf) cross-compiler toolchain.
10 It is recommended to configure the `rpi23-gen-image.sh` script to build and install the latest Raspberry Pi Linux kernel. For the Raspberry 3 this is mandatory. Kernel compilation and linking will be performed on the build system using an ARM (armhf/armel) cross-compiler toolchain.
11 11
12 The script has been tested using the default `crossbuild-essential-armhf` toolchain meta package on Debian Linux `stretch` build systems. Please check the [Debian CrossToolchains Wiki](https://wiki.debian.org/CrossToolchains) for further information.
12 The script has been tested using the default `crossbuild-essential-armhf` and `crossbuild-essential-armel` toolchain meta packages on Debian Linux `stretch` build systems. Please check the [Debian CrossToolchains Wiki](https://wiki.debian.org/CrossToolchains) for further information.
13 13
14 14 ## Command-line parameters
15 15 The script accepts certain command-line parameters to enable or disable specific OS features, services and configuration settings. These parameters are passed to the `rpi23-gen-image.sh` script via (simple) shell-variables. Unlike environment shell-variables (simple) shell-variables are defined at the beginning of the command-line call of the `rpi23-gen-image.sh` script.
16 16
17 17 ##### Command-line examples:
18 18 ```shell
19 19 ENABLE_UBOOT=true ./rpi23-gen-image.sh
20 20 ENABLE_CONSOLE=false ENABLE_IPV6=false ./rpi23-gen-image.sh
21 21 ENABLE_WM=xfce4 ENABLE_FBTURBO=true ENABLE_MINBASE=true ./rpi23-gen-image.sh
22 22 ENABLE_HARDNET=true ENABLE_IPTABLES=true /rpi23-gen-image.sh
23 23 APT_SERVER=ftp.de.debian.org APT_PROXY="http://127.0.0.1:3142/" ./rpi23-gen-image.sh
24 24 ENABLE_MINBASE=true ./rpi23-gen-image.sh
25 25 BUILD_KERNEL=true ENABLE_MINBASE=true ENABLE_IPV6=false ./rpi23-gen-image.sh
26 26 BUILD_KERNEL=true KERNELSRC_DIR=/tmp/linux ./rpi23-gen-image.sh
27 27 ENABLE_MINBASE=true ENABLE_REDUCE=true ENABLE_MINGPU=true BUILD_KERNEL=true ./rpi23-gen-image.sh
28 28 ENABLE_CRYPTFS=true CRYPTFS_PASSWORD=changeme EXPANDROOT=false ENABLE_MINBASE=true ENABLE_REDUCE=true ENABLE_MINGPU=true BUILD_KERNEL=true ./rpi23-gen-image.sh
29 29 RELEASE=stretch BUILD_KERNEL=true ./rpi23-gen-image.sh
30 30 RPI_MODEL=3 ENABLE_WIRELESS=true ENABLE_MINBASE=true BUILD_KERNEL=true ./rpi23-gen-image.sh
31 31 RELEASE=stretch RPI_MODEL=3 ENABLE_WIRELESS=true ENABLE_MINBASE=true BUILD_KERNEL=true ./rpi23-gen-image.sh
32 32 ```
33 33
34 34 ## Configuration template files
35 35 To avoid long lists of command-line parameters and to help to store the favourite parameter configurations the `rpi23-gen-image.sh` script supports so called configuration template files (`CONFIG_TEMPLATE`=template). These are simple text files located in the `./templates` directory that contain the list of configuration parameters that will be used. New configuration template files can be added to the `./templates` directory.
36 36
37 37 ##### Command-line examples:
38 38 ```shell
39 39 CONFIG_TEMPLATE=rpi3stretch ./rpi23-gen-image.sh
40 40 CONFIG_TEMPLATE=rpi2stretch ./rpi23-gen-image.sh
41 41 ```
42 42
43 43 ## Supported parameters and settings
44 44 #### APT settings:
45 45 ##### `APT_SERVER`="ftp.debian.org"
46 46 Set Debian packages server address. Choose a server from the list of Debian worldwide [mirror sites](https://www.debian.org/mirror/list). Using a nearby server will probably speed-up all required downloads within the bootstrapping process.
47 47
48 48 ##### `APT_PROXY`=""
49 49 Set Proxy server address. Using a local Proxy-Cache like `apt-cacher-ng` will speed-up the bootstrapping process because all required Debian packages will only be downloaded from the Debian mirror site once. If `apt-cacher-ng` is running on default `http://127.0.0.1:3142` it is autodetected and you don't need to set this.
50 50
51 51 ##### `APT_INCLUDES`=""
52 A comma separated list of additional packages to be installed by debootstrap during bootstrapping.
52 A comma-separated list of additional packages to be installed by debootstrap during bootstrapping.
53 53
54 54 ##### `APT_INCLUDES_LATE`=""
55 A comma separated list of additional packages to be installed by apt after bootstrapping and after APT sources are set up. This is useful for packages with pre-depends, which debootstrap do not handle well.
55 A comma-separated list of additional packages to be installed by apt after bootstrapping and after APT sources are set up. This is useful for packages with pre-depends, which debootstrap do not handle well.
56 56
57 57 ---
58 58
59 59 #### General system settings:
60 60 ##### `SET_ARCH`=32
61 Set Architecture to default 32bit. If you want to to compile 64bit (RPI3 or RPI3+) set it to `64`. This option will set every needed crosscompiler or boeard specific option for a successful build.
62 If you want to change e.g. cross-compiler -> Templates always override defaults
61 Set Architecture to default 32bit. If you want to compile 64-bit (RPI3 or RPI3+) set it to `64`. This option will set every needed cross-compiler or board specific option for a successful build.
63 62
64 63 ##### `RPI_MODEL`=2
65 Specifiy the target Raspberry Pi hardware model. The script at this time supports the following Raspberry Pi models:
66 `0` = Used for Raspberry Pi 0 and Raspberry Pi 0 W
67 `1` = Used for Pi 1 model A and B
68 `1P` = Used for Pi 1 model B+ and A+
69 `2` = Used for Pi 2 model B
70 `3` = Used for Pi 3 model B
71 `3P` = Used for Pi 3 model B+
72 `BUILD_KERNEL`=true will automatically be set if the Raspberry Pi model `3` or `3P` is used.
64 Specify the target Raspberry Pi hardware model. The script at this time supports the following Raspberry Pi models:
65 - `0` = Raspberry Pi 0 and Raspberry Pi 0 W
66 - `1` = Raspberry Pi 1 model A and B
67 - `1P` = Raspberry Pi 1 model B+ and A+
68 - `2` = Raspberry Pi 2 model B
69 - `3` = Raspberry Pi 3 model B
70 - `3P` = Raspberry Pi 3 model B+
73 71
74 72 ##### `RELEASE`="buster"
75 73 Set the desired Debian release name. The script at this time supports the bootstrapping of the Debian releases `stretch` and `buster`.
76 74
77 75 ##### `RELEASE_ARCH`="armhf"
78 76 Set the desired Debian release architecture.
79 77
80 78 ##### `HOSTNAME`="rpi$RPI_MODEL-$RELEASE"
81 79 Set system host name. It's recommended that the host name is unique in the corresponding subnet.
82 80
83 81 ##### `PASSWORD`="raspberry"
84 82 Set system `root` password. It's **STRONGLY** recommended that you choose a custom password.
85 83
86 84 ##### `USER_PASSWORD`="raspberry"
87 85 Set password for the created non-root user `USER_NAME`=pi. Ignored if `ENABLE_USER`=false. It's **STRONGLY** recommended that you choose a custom password.
88 86
89 87 ##### `DEFLOCAL`="en_US.UTF-8"
90 88 Set default system locale. This setting can also be changed inside the running OS using the `dpkg-reconfigure locales` command. Please note that on using this parameter the script will automatically install the required packages `locales`, `keyboard-configuration` and `console-setup`.
91 89
92 90 ##### `TIMEZONE`="Europe/Berlin"
93 91 Set default system timezone. All available timezones can be found in the `/usr/share/zoneinfo/` directory. This setting can also be changed inside the running OS using the `dpkg-reconfigure tzdata` command.
94 92
95 93 ##### `EXPANDROOT`=true
96 94 Expand the root partition and filesystem automatically on first boot.
97 95
98 96 ##### `ENABLE_QEMU`=false
99 97 Generate kernel (`vexpress_defconfig`), file system image (`qcow2`) and DTB files that can be used for QEMU full system emulation (`vexpress-A15`). The output files are stored in the `$(pwd)/images/qemu` directory. You can find more information about running the generated image in the QEMU section of this readme file.
100 98
101 99 ---
102 100
103 101 #### Keyboard settings:
104 102 These options are used to configure keyboard layout in `/etc/default/keyboard` for console and Xorg. These settings can also be changed inside the running OS using the `dpkg-reconfigure keyboard-configuration` command.
105 103
106 104 ##### `XKB_MODEL`=""
107 105 Set the name of the model of your keyboard type.
108 106
109 107 ##### `XKB_LAYOUT`=""
110 108 Set the supported keyboard layout(s).
111 109
112 110 ##### `XKB_VARIANT`=""
113 111 Set the supported variant(s) of the keyboard layout(s).
114 112
115 113 ##### `XKB_OPTIONS`=""
116 114 Set extra xkb configuration options.
117 115
118 116 ---
119 117
120 118 #### Networking settings (DHCP):
121 This parameter is used to set up networking auto configuration in `/etc/systemd/network/eth.network`. The default location of network configuration files in the Debian `stretch` release was changed to `/lib/systemd/network`.`
119 This parameter is used to set up networking auto-configuration in `/etc/systemd/network/eth.network`. The default location of network configuration files in the Debian `stretch` release was changed to `/lib/systemd/network`.`
122 120
123 121 ##### `ENABLE_DHCP`=true
124 122 Set the system to use DHCP. This requires an DHCP server.
125 123
126 124 ---
127 125
128 126 #### Networking settings (static):
129 127 These parameters are used to set up a static networking configuration in `/etc/systemd/network/eth.network`. The following static networking parameters are only supported if `ENABLE_DHCP` was set to `false`. The default location of network configuration files in the Debian `stretch` release was changed to `/lib/systemd/network`.
130 128
131 129 ##### `NET_ADDRESS`=""
132 130 Set a static IPv4 or IPv6 address and its prefix, separated by "/", eg. "192.169.0.3/24".
133 131
134 132 ##### `NET_GATEWAY`=""
135 133 Set the IP address for the default gateway.
136 134
137 135 ##### `NET_DNS_1`=""
138 136 Set the IP address for the first DNS server.
139 137
140 138 ##### `NET_DNS_2`=""
141 139 Set the IP address for the second DNS server.
142 140
143 141 ##### `NET_DNS_DOMAINS`=""
144 142 Set the default DNS search domains to use for non fully qualified host names.
145 143
146 144 ##### `NET_NTP_1`=""
147 145 Set the IP address for the first NTP server.
148 146
149 147 ##### `NET_NTP_2`=""
150 148 Set the IP address for the second NTP server.
151 149
152 150 ---
153 151
154 152 #### Basic system features:
155 153 ##### `ENABLE_CONSOLE`=true
156 Enable serial console interface. Recommended if no monitor or keyboard is connected to the RPi2/3. In case of problems fe. if the network (auto) configuration failed - the serial console can be used to access the system.
154 Enable serial console interface. Recommended if no monitor or keyboard is connected to the RPi2/3. In case of problems fe. if the network (auto) configuration failed - the serial console can be used to access the system. On RPI `0` `3` `3P` the CPU speed is locked at lowest speed.
155
156 ##### `ENABLE_PRINTK`=false
157 Enables printing kernel messages to konsole. printk is `3 4 1 3` as in raspbian.
158
159 ##### `ENABLE_BLUETOOTH`=false
160 Enable onboard Bluetooth interface on the RPi0/3/3P. See: [Configuring the GPIO serial port on Raspbian jessie and stretch](https://spellfoundry.com/2016/05/29/configuring-gpio-serial-port-raspbian-jessie-including-pi-3/).
161
162 ##### `ENABLE_MINIUART_OVERLAY`=false
163 Enable Bluetooth to use this. Adds overlay to swap UART0 with UART1. Enabling (slower) Bluetooth and full speed serial console. - RPI `0` `3` `3P` have a fast `hardware UART0` (ttyAMA0) and a `mini UART1` (ttyS0)! RPI `1` `1P` `2` only have a `hardware UART0`. `UART0` is considered better, because is faster and more stable than `mini UART1`. By default the Bluetooth modem is mapped to the `hardware UART0` and `mini UART` is used for console. The `mini UART` is a problem for the serial console, because its baudrate depends on the CPU frequency, which is changing on runtime. Resulting in a volatile baudrate and thus in an unusable serial console.
164
165 ##### `ENABLE_TURBO`=false
166 Enable Turbo mode. This setting locks cpu at the highest frequency. As setting ENABLE_CONSOLE=true locks RPI to lowest CPU speed, this is can be used additionally to lock cpu hat max speed. Need a good power supply and probably cooling for the Raspberry PI.
157 167
158 168 ##### `ENABLE_I2C`=false
159 Enable I2C interface on the RPi2/3. Please check the [RPi2/3 pinout diagrams](https://elinux.org/RPi_Low-level_peripherals) to connect the right GPIO pins.
169 Enable I2C interface on the RPi 0/1/2/3. Please check the [RPi 0/1/2/3 pinout diagrams](https://elinux.org/RPi_Low-level_peripherals) to connect the right GPIO pins.
160 170
161 171 ##### `ENABLE_SPI`=false
162 Enable SPI interface on the RPi2/3. Please check the [RPi2/3 pinout diagrams](https://elinux.org/RPi_Low-level_peripherals) to connect the right GPIO pins.
172 Enable SPI interface on the RPi 0/1/2/3. Please check the [RPi 0/1/2/3 pinout diagrams](https://elinux.org/RPi_Low-level_peripherals) to connect the right GPIO pins.
163 173
164 174 ##### `ENABLE_IPV6`=true
165 175 Enable IPv6 support. The network interface configuration is managed via systemd-networkd.
166 176
167 177 ##### `ENABLE_SSHD`=true
168 178 Install and enable OpenSSH service. The default configuration of the service doesn't allow `root` to login. Please use the user `pi` instead and `su -` or `sudo` to execute commands as root.
169 179
170 180 ##### `ENABLE_NONFREE`=false
171 181 Allow the installation of non-free Debian packages that do not comply with the DFSG. This is required to install closed-source firmware binary blobs.
172 182
173 183 ##### `ENABLE_WIRELESS`=false
174 184 Download and install the [closed-source firmware binary blob](https://github.com/RPi-Distro/firmware-nonfree/raw/master/brcm) that is required to run the internal wireless interface of the Raspberry Pi model `3`. This parameter is ignored if the specified `RPI_MODEL` is not `3`.
175 185
176 186 ##### `ENABLE_RSYSLOG`=true
177 If set to false, disable and uninstall rsyslog (so logs will be available only
178 in journal files)
187 If set to false, disable and uninstall rsyslog (so logs will be available only in journal files)
179 188
180 189 ##### `ENABLE_SOUND`=true
181 190 Enable sound hardware and install Advanced Linux Sound Architecture.
182 191
183 192 ##### `ENABLE_HWRANDOM`=true
184 Enable Hardware Random Number Generator. Strong random numbers are important for most network based communications that use encryption. It's recommended to be enabled.
193 Enable Hardware Random Number Generator. Strong random numbers are important for most network-based communications that use encryption. It's recommended to be enabled.
185 194
186 195 ##### `ENABLE_MINGPU`=false
187 196 Minimize the amount of shared memory reserved for the GPU. It doesn't seem to be possible to fully disable the GPU.
188 197
189 198 ##### `ENABLE_DBUS`=true
190 199 Install and enable D-Bus message bus. Please note that systemd should work without D-bus but it's recommended to be enabled.
191 200
192 201 ##### `ENABLE_XORG`=false
193 202 Install Xorg open-source X Window System.
194 203
195 204 ##### `ENABLE_WM`=""
196 Install a user defined window manager for the X Window System. To make sure all X related package dependencies are getting installed `ENABLE_XORG` will automatically get enabled if `ENABLE_WM` is used. The `rpi23-gen-image.sh` script has been tested with the following list of window managers: `blackbox`, `openbox`, `fluxbox`, `jwm`, `dwm`, `xfce4`, `awesome`.
205 Install a user-defined window manager for the X Window System. To make sure all X related package dependencies are getting installed `ENABLE_XORG` will automatically get enabled if `ENABLE_WM` is used. The `rpi23-gen-image.sh` script has been tested with the following list of window managers: `blackbox`, `openbox`, `fluxbox`, `jwm`, `dwm`, `xfce4`, `awesome`.
197 206
198 207 ##### `ENABLE_SYSVINIT`=false
199 208 Support for halt,init,poweroff,reboot,runlevel,shutdown,telinit commands
200 209
201 210 ---
202 211
203 212 #### Advanced system features:
204 213 ##### `ENABLE_MINBASE`=false
205 214 Use debootstrap script variant `minbase` which only includes essential packages and apt. This will reduce the disk usage by about 65 MB.
206 215
207 216 ##### `ENABLE_REDUCE`=false
208 217 Reduce the disk space usage by deleting packages and files. See `REDUCE_*` parameters for detailed information.
209 218
210 219 ##### `ENABLE_UBOOT`=false
211 Replace the default RPi2/3 second stage bootloader (bootcode.bin) with [U-Boot bootloader](https://git.denx.de/?p=u-boot.git;a=summary). U-Boot can boot images via the network using the BOOTP/TFTP protocol.
220 Replace the default RPi 0/1/2/3 second stage bootloader (bootcode.bin) with [U-Boot bootloader](https://git.denx.de/?p=u-boot.git;a=summary). U-Boot can boot images via the network using the BOOTP/TFTP protocol.
212 221
213 222 ##### `UBOOTSRC_DIR`=""
214 223 Path to a directory (`u-boot`) of [U-Boot bootloader sources](https://git.denx.de/?p=u-boot.git;a=summary) that will be copied, configured, build and installed inside the chroot.
215 224
216 225 ##### `ENABLE_FBTURBO`=false
217 226 Install and enable the [hardware accelerated Xorg video driver](https://github.com/ssvb/xf86-video-fbturbo) `fbturbo`. Please note that this driver is currently limited to hardware accelerated window moving and scrolling.
218 227
219 228 ##### `FBTURBOSRC_DIR`=""
220 229 Path to a directory (`xf86-video-fbturbo`) of [hardware accelerated Xorg video driver sources](https://github.com/ssvb/xf86-video-fbturbo) that will be copied, configured, build and installed inside the chroot.
221 230
222 231 ##### `ENABLE_VIDEOCORE`=false
223 Install and enable the [Source code for ARM side libraries for interfacing to Raspberry Pi GPU](https://github.com/raspberrypi/userland) `vcgencmd`. Please note that this driver is currently limited to hardware accelerated window moving and scrolling.
232 Install and enable the [ARM side libraries for interfacing to Raspberry Pi GPU](https://github.com/raspberrypi/userland) `vcgencmd`. Please note that this driver is currently limited to hardware accelerated window moving and scrolling.
224 233
225 234 ##### `VIDEOCORESRC_DIR`=""
226 Path to a directory (`userland`) of [Source code for ARM side libraries for interfacing to Raspberry Pi GPU](https://github.com/raspberrypi/userland) that will be copied, configured, build and installed inside the chroot.
235 Path to a directory (`userland`) of [ARM side libraries for interfacing to Raspberry Pi GPU](https://github.com/raspberrypi/userland) that will be copied, configured, build and installed inside the chroot.
227 236
228 237 ##### `ENABLE_IPTABLES`=false
229 238 Enable iptables IPv4/IPv6 firewall. Simplified ruleset: Allow all outgoing connections. Block all incoming connections except to OpenSSH service.
230 239
231 240 ##### `ENABLE_USER`=true
232 Create non-root user with password `USER_PASSWORD`=raspberry. Unless overridden with `USER_NAME`=user, username will be `pi`.
241 Create non-root user with password `USER_PASSWORD`=raspberry. Unless overridden with `USER_NAME`=user, the username will be `pi`.
233 242
234 243 ##### `USER_NAME`=pi
235 244 Non-root user to create. Ignored if `ENABLE_USER`=false
236 245
237 246 ##### `ENABLE_ROOT`=false
238 247 Set root user password so root login will be enabled
239 248
240 249 ##### `ENABLE_HARDNET`=false
241 250 Enable IPv4/IPv6 network stack hardening settings.
242 251
243 252 ##### `ENABLE_SPLITFS`=false
244 253 Enable having root partition on an USB drive by creating two image files: one for the `/boot/firmware` mount point, and another for `/`.
245 254
246 255 ##### `CHROOT_SCRIPTS`=""
247 256 Path to a directory with scripts that should be run in the chroot before the image is finally built. Every executable file in this directory is run in lexicographical order.
248 257
249 258 ##### `ENABLE_INITRAMFS`=false
250 259 Create an initramfs that that will be loaded during the Linux startup process. `ENABLE_INITRAMFS` will automatically get enabled if `ENABLE_CRYPTFS`=true. This parameter will be ignored if `BUILD_KERNEL`=false.
251 260
252 261 ##### `ENABLE_IFNAMES`=true
253 262 Enable automatic assignment of predictable, stable network interface names for all local Ethernet, WLAN interfaces. This might create complex and long interface names.
254 263
255 264 ##### `DISABLE_UNDERVOLT_WARNINGS`=
256 265 Disable RPi2/3 under-voltage warnings and overlays. Setting the parameter to `1` will disable the warning overlay. Setting it to `2` will additionally allow RPi2/3 turbo mode when low-voltage is present.
257 266
258 267 ---
259 268
260 269 #### SSH settings:
261 270 ##### `SSH_ENABLE_ROOT`=false
262 Enable password root login via SSH. This may be a security risk with default password, use only in trusted environments. `ENABLE_ROOT` must be set to `true`.
271 Enable password-based root login via SSH. This may be a security risk with the default password set, use only in trusted environments. `ENABLE_ROOT` must be set to `true`.
263 272
264 273 ##### `SSH_DISABLE_PASSWORD_AUTH`=false
265 Disable password based SSH authentication. Only public key based SSH (v2) authentication will be supported.
274 Disable password-based SSH authentication. Only public key based SSH (v2) authentication will be supported.
266 275
267 276 ##### `SSH_LIMIT_USERS`=false
268 277 Limit the users that are allowed to login via SSH. Only allow user `USER_NAME`=pi and root if `SSH_ENABLE_ROOT`=true to login. This parameter will be ignored if `dropbear` SSH is used (`REDUCE_SSHD`=true).
269 278
270 279 ##### `SSH_ROOT_PUB_KEY`=""
271 280 Add SSH (v2) public key(s) from specified file to `authorized_keys` file to enable public key based SSH (v2) authentication of user `root`. The specified file can also contain multiple SSH (v2) public keys. SSH protocol version 1 is not supported. `ENABLE_ROOT` **and** `SSH_ENABLE_ROOT` must be set to `true`.
272 281
273 282 ##### `SSH_USER_PUB_KEY`=""
274 283 Add SSH (v2) public key(s) from specified file to `authorized_keys` file to enable public key based SSH (v2) authentication of user `USER_NAME`=pi. The specified file can also contain multiple SSH (v2) public keys. SSH protocol version 1 is not supported.
275 284
276 285 ---
277 286
278 287 #### Kernel compilation:
279 288 ##### `BUILD_KERNEL`=true
280 Build and install the latest RPi2/3 Linux kernel. Currently only the default RPi2/3 kernel configuration is used.
289 Build and install the latest RPi 0/1/2/3 Linux kernel. Currently only the default RPi 0/1/2/3 kernel configuration is used.
281 290
282 291 ##### `CROSS_COMPILE`="arm-linux-gnueabihf-"
283 This sets the cross compile enviornment for the compiler.
292 This sets the cross-compile environment for the compiler.
284 293
285 294 ##### `KERNEL_ARCH`="arm"
286 295 This sets the kernel architecture for the compiler.
287 296
288 297 ##### `KERNEL_IMAGE`="kernel7.img"
289 298 Name of the image file in the boot partition. If not set, `KERNEL_IMAGE` will be set to "kernel8.img" automatically if building for arm64.
290 299
291 300 ##### `KERNEL_BRANCH`=""
292 301 Name of the requested branch from the GIT location for the RPi Kernel. Default is using the current default branch from the GIT site.
293 302
294 303 ##### `QEMU_BINARY`="/usr/bin/qemu-arm-static"
295 304 Sets the QEMU enviornment for the Debian archive. If not set, `QEMU_BINARY` will be set to "/usr/bin/qemu-aarch64-static" automatically if building for arm64.
296 305
297 306 ##### `KERNEL_DEFCONFIG`="bcm2709_defconfig"
298 307 Sets the default config for kernel compiling. If not set, `KERNEL_DEFCONFIG` will be set to "bcmrpi3\_defconfig" automatically if building for arm64.
299 308
300 309 ##### `KERNEL_REDUCE`=false
301 Reduce the size of the generated kernel by removing unwanted device, network and filesystem drivers (experimental).
310 Reduce the size of the generated kernel by removing unwanted devices, network and filesystem drivers (experimental).
302 311
303 312 ##### `KERNEL_THREADS`=1
304 313 Number of parallel kernel building threads. If the parameter is left untouched the script will automatically determine the number of CPU cores to set the number of parallel threads to speed the kernel compilation.
305 314
306 315 ##### `KERNEL_HEADERS`=true
307 Install kernel headers with built kernel.
316 Install kernel headers with the built kernel.
308 317
309 318 ##### `KERNEL_MENUCONFIG`=false
310 319 Start `make menuconfig` interactive menu-driven kernel configuration. The script will continue after `make menuconfig` was terminated.
311 320
312 321 ##### `KERNEL_OLDDEFCONFIG`=false
313 322 Run `make olddefconfig` to automatically set all new kernel configuration options to their recommended default values.
314 323
315 324 ##### `KERNEL_CCACHE`=false
316 325 Compile the kernel using ccache. This speeds up kernel recompilation by caching previous compilations and detecting when the same compilation is being done again.
317 326
318 327 ##### `KERNEL_REMOVESRC`=true
319 328 Remove all kernel sources from the generated OS image after it was built and installed.
320 329
321 330 ##### `KERNELSRC_DIR`=""
322 331 Path to a directory (`linux`) of [RaspberryPi Linux kernel sources](https://github.com/raspberrypi/linux) that will be copied, configured, build and installed inside the chroot.
323 332
324 333 ##### `KERNELSRC_CLEAN`=false
325 334 Clean the existing kernel sources directory `KERNELSRC_DIR` (using `make mrproper`) after it was copied to the chroot and before the compilation of the kernel has started. This parameter will be ignored if no `KERNELSRC_DIR` was specified or if `KERNELSRC_PREBUILT`=true.
326 335
327 336 ##### `KERNELSRC_CONFIG`=true
328 337 Run `make bcm2709_defconfig` (and optional `make menuconfig`) to configure the kernel sources before building. This parameter is automatically set to `true` if no existing kernel sources directory was specified using `KERNELSRC_DIR`. This parameter is ignored if `KERNELSRC_PREBUILT`=true.
329 338
330 339 ##### `KERNELSRC_USRCONFIG`=""
331 340 Copy own config file to kernel `.config`. If `KERNEL_MENUCONFIG`=true then running after copy.
332 341
333 342 ##### `KERNELSRC_PREBUILT`=false
334 343 With this parameter set to true the script expects the existing kernel sources directory to be already successfully cross-compiled. The parameters `KERNELSRC_CLEAN`, `KERNELSRC_CONFIG`, `KERNELSRC_USRCONFIG` and `KERNEL_MENUCONFIG` are ignored and no kernel compilation tasks are performed.
335 344
336 345 ##### `RPI_FIRMWARE_DIR`=""
337 346 The directory (`firmware`) containing a local copy of the firmware from the [RaspberryPi firmware project](https://github.com/raspberrypi/firmware). Default is to download the latest firmware directly from the project.
338 347
339 348 ---
340 349
341 350 #### Reduce disk usage:
342 351 The following list of parameters is ignored if `ENABLE_REDUCE`=false.
343 352
344 353 ##### `REDUCE_APT`=true
345 354 Configure APT to use compressed package repository lists and no package caching files.
346 355
347 356 ##### `REDUCE_DOC`=true
348 357 Remove all doc files (harsh). Configure APT to not include doc files on future `apt-get` package installations.
349 358
350 359 ##### `REDUCE_MAN`=true
351 360 Remove all man pages and info files (harsh). Configure APT to not include man pages on future `apt-get` package installations.
352 361
353 362 ##### `REDUCE_VIM`=false
354 363 Replace `vim-tiny` package by `levee` a tiny vim clone.
355 364
356 365 ##### `REDUCE_BASH`=false
357 366 Remove `bash` package and switch to `dash` shell (experimental).
358 367
359 368 ##### `REDUCE_HWDB`=true
360 369 Remove PCI related hwdb files (experimental).
361 370
362 371 ##### `REDUCE_SSHD`=true
363 372 Replace `openssh-server` with `dropbear`.
364 373
365 374 ##### `REDUCE_LOCALE`=true
366 375 Remove all `locale` translation files.
367 376
368 377 ---
369 378
370 379 #### Encrypted root partition:
371 380 ##### `ENABLE_CRYPTFS`=false
372 381 Enable full system encryption with dm-crypt. Setup a fully LUKS encrypted root partition (aes-xts-plain64:sha512) and generate required initramfs. The /boot directory will not be encrypted. This parameter will be ignored if `BUILD_KERNEL`=false. `ENABLE_CRYPTFS` is experimental. SSH-to-initramfs is currently not supported but will be soon - feel free to help.
373 382
374 383 ##### `CRYPTFS_PASSWORD`=""
375 384 Set password of the encrypted root partition. This parameter is mandatory if `ENABLE_CRYPTFS`=true.
376 385
377 386 ##### `CRYPTFS_MAPPING`="secure"
378 387 Set name of dm-crypt managed device-mapper mapping.
379 388
380 389 ##### `CRYPTFS_CIPHER`="aes-xts-plain64:sha512"
381 390 Set cipher specification string. `aes-xts*` ciphers are strongly recommended.
382 391
383 392 ##### `CRYPTFS_XTSKEYSIZE`=512
384 393 Sets key size in bits. The argument has to be a multiple of 8.
385 394
386 395 ---
387 396
388 397 #### Build settings:
389 398 ##### `BASEDIR`=$(pwd)/images/${RELEASE}
390 399 Set a path to a working directory used by the script to generate an image.
391 400
392 401 ##### `IMAGE_NAME`=${BASEDIR}/${DATE}-${KERNEL_ARCH}-${KERNEL_BRANCH}-rpi${RPI_MODEL}-${RELEASE}-${RELEASE_ARCH}
393 402 Set a filename for the output file(s). Note: the script will create $IMAGE_NAME.img if `ENABLE_SPLITFS`=false or $IMAGE_NAME-frmw.img and $IMAGE_NAME-root.img if `ENABLE_SPLITFS`=true. Note 2: If the KERNEL_BRANCH is not set, the word "CURRENT" is used.
394 403
395 404 ## Understanding the script
396 405 The functions of this script that are required for the different stages of the bootstrapping are split up into single files located inside the `bootstrap.d` directory. During the bootstrapping every script in this directory gets executed in lexicographical order:
397 406
398 407 | Script | Description |
399 408 | --- | --- |
400 409 | `10-bootstrap.sh` | Debootstrap basic system |
401 410 | `11-apt.sh` | Setup APT repositories |
402 411 | `12-locale.sh` | Setup Locales and keyboard settings |
403 | `13-kernel.sh` | Build and install RPi2/3 Kernel |
412 | `13-kernel.sh` | Build and install RPi 0/1/2/3 Kernel |
404 413 | `14-fstab.sh` | Setup fstab and initramfs |
405 | `15-rpi-config.sh` | Setup RPi2/3 config and cmdline |
414 | `15-rpi-config.sh` | Setup RPi 0/1/2/3 config and cmdline |
406 415 | `20-networking.sh` | Setup Networking |
407 416 | `21-firewall.sh` | Setup Firewall |
408 417 | `30-security.sh` | Setup Users and Security settings |
409 418 | `31-logging.sh` | Setup Logging |
410 419 | `32-sshd.sh` | Setup SSH and public keys |
411 420 | `41-uboot.sh` | Build and Setup U-Boot |
412 421 | `42-fbturbo.sh` | Build and Setup fbturbo Xorg driver |
422 | `43-videocore.sh` | Build and Setup videocore libraries |
413 423 | `50-firstboot.sh` | First boot actions |
414 424 | `99-reduce.sh` | Reduce the disk space usage |
415 425
416 426 All the required configuration files that will be copied to the generated OS image are located inside the `files` directory. It is not recommended to modify these configuration files manually.
417 427
418 428 | Directory | Description |
419 429 | --- | --- |
420 430 | `apt` | APT management configuration files |
421 | `boot` | Boot and RPi2/3 configuration files |
431 | `boot` | Boot and RPi 0/1/2/3 configuration files |
422 432 | `dpkg` | Package Manager configuration |
423 433 | `etc` | Configuration files and rc scripts |
424 434 | `firstboot` | Scripts that get executed on first boot |
425 435 | `initramfs` | Initramfs scripts |
426 436 | `iptables` | Firewall configuration files |
427 437 | `locales` | Locales configuration |
428 438 | `modules` | Kernel Modules configuration |
429 439 | `mount` | Fstab configuration |
430 440 | `network` | Networking configuration files |
431 441 | `sysctl.d` | Swapping and Network Hardening configuration |
432 442 | `xorg` | fbturbo Xorg driver configuration |
433 443
434 444 ## Custom packages and scripts
435 445 Debian custom packages, i.e. those not in the debian repositories, can be installed by placing them in the `packages` directory. They are installed immediately after packages from the repositories are installed. Any dependencies listed in the custom packages will be downloaded automatically from the repositories. Do not list these custom packages in `APT_INCLUDES`.
436 446
437 447 Scripts in the custom.d directory will be executed after all other installation is complete but before the image is created.
438 448
439 449 ## Logging of the bootstrapping process
440 450 All information related to the bootstrapping process and the commands executed by the `rpi23-gen-image.sh` script can easily be saved into a logfile. The common shell command `script` can be used for this purpose:
441 451
442 452 ```shell
443 453 script -c 'APT_SERVER=ftp.de.debian.org ./rpi23-gen-image.sh' ./build.log
444 454 ```
445 455
446 456 ## Flashing the image file
447 After the image file was successfully created by the `rpi23-gen-image.sh` script it can be copied to the microSD card that will be used by the RPi2/3 computer. This can be performed by using the tools `bmaptool` or `dd`. Using `bmaptool` will probably speed-up the copy process because `bmaptool` copies more wisely than `dd`.
457 After the image file was successfully created by the `rpi23-gen-image.sh` script it can be copied to the microSD card that will be used by the RPi 0/1/2/3 computer. This can be performed by using the tools `bmaptool` or `dd`. Using `bmaptool` will probably speed-up the copy process because `bmaptool` copies more wisely than `dd`.
448 458
449 459 ##### Flashing examples:
450 460 ```shell
451 461 bmaptool copy ./images/buster/2017-01-23-rpi3-buster.img /dev/mmcblk0
452 462 dd bs=4M if=./images/buster/2017-01-23-rpi3-buster.img of=/dev/mmcblk0
453 463 ```
454 464 If you have set `ENABLE_SPLITFS`, copy the `-frmw` image on the microSD card, then the `-root` one on the USB drive:
455 465 ```shell
456 466 bmaptool copy ./images/buster/2017-01-23-rpi3-buster-frmw.img /dev/mmcblk0
457 467 bmaptool copy ./images/buster/2017-01-23-rpi3-buster-root.img /dev/sdc
458 468 ```
459 469
460 470 ## QEMU emulation
461 471 Start QEMU full system emulation:
462 472 ```shell
463 473 qemu-system-arm -m 2048M -M vexpress-a15 -cpu cortex-a15 -kernel kernel7.img -no-reboot -dtb vexpress-v2p-ca15_a7.dtb -sd ${IMAGE_NAME}.qcow2 -append "root=/dev/mmcblk0p2 rw rootfstype=ext4 console=tty1"
464 474 ```
465 475
466 476 Start QEMU full system emulation and output to console:
467 477 ```shell
468 478 qemu-system-arm -m 2048M -M vexpress-a15 -cpu cortex-a15 -kernel kernel7.img -no-reboot -dtb vexpress-v2p-ca15_a7.dtb -sd ${IMAGE_NAME}.qcow2 -append "root=/dev/mmcblk0p2 rw rootfstype=ext4 console=ttyAMA0,115200 init=/bin/systemd" -serial stdio
469 479 ```
470 480
471 481 Start QEMU full system emulation with SMP and output to console:
472 482 ```shell
473 483 qemu-system-arm -m 2048M -M vexpress-a15 -cpu cortex-a15 -smp cpus=2,maxcpus=2 -kernel kernel7.img -no-reboot -dtb vexpress-v2p-ca15_a7.dtb -sd ${IMAGE_NAME}.qcow2 -append "root=/dev/mmcblk0p2 rw rootfstype=ext4 console=ttyAMA0,115200 init=/bin/systemd" -serial stdio
474 484 ```
475 485
476 486 Start QEMU full system emulation with cryptfs, initramfs and output to console:
477 487 ```shell
478 488 qemu-system-arm -m 2048M -M vexpress-a15 -cpu cortex-a15 -kernel kernel7.img -no-reboot -dtb vexpress-v2p-ca15_a7.dtb -sd ${IMAGE_NAME}.qcow2 -initrd "initramfs-${KERNEL_VERSION}" -append "root=/dev/mapper/secure cryptdevice=/dev/mmcblk0p2:secure rw rootfstype=ext4 console=ttyAMA0,115200 init=/bin/systemd" -serial stdio
479 489 ```
480 490
481 491 ## External links and references
482 492 * [Debian worldwide mirror sites](https://www.debian.org/mirror/list)
483 493 * [Debian Raspberry Pi 2 Wiki](https://wiki.debian.org/RaspberryPi2)
484 494 * [Debian CrossToolchains Wiki](https://wiki.debian.org/CrossToolchains)
485 495 * [Official Raspberry Pi Firmware on github](https://github.com/raspberrypi/firmware)
486 496 * [Official Raspberry Pi Kernel on github](https://github.com/raspberrypi/linux)
487 497 * [U-BOOT git repository](https://git.denx.de/?p=u-boot.git;a=summary)
488 498 * [Xorg DDX driver fbturbo](https://github.com/ssvb/xf86-video-fbturbo)
489 499 * [RPi3 Wireless interface firmware](https://github.com/RPi-Distro/firmware-nonfree/tree/master/brcm80211/brcm)
490 500 * [Collabora RPi2 Kernel precompiled](https://repositories.collabora.co.uk/debian/)
@@ -1,58 +1,58
1 1 #
2 2 # Setup Locales and keyboard settings
3 3 #
4 4
5 5 # Load utility functions
6 6 . ./functions.sh
7 7
8 8 # Install and setup timezone
9 9 echo "${TIMEZONE}" > "${ETC_DIR}/timezone"
10 10 chroot_exec dpkg-reconfigure -f noninteractive tzdata
11 11
12 12 # Install and setup default locale and keyboard configuration
13 13 if [ "$(echo "$APT_INCLUDES" | grep ",locales")" ] ; then
14 14 # Set locale choice in debconf db, even though dpkg-reconfigure ignores and overwrites them due to some bug
15 15 # https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=684134 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=685957
16 16 # ... so we have to set locales manually
17 17 if [ "$DEFLOCAL" = "en_US.UTF-8" ] ; then
18 18 chroot_exec echo "locales locales/locales_to_be_generated multiselect ${DEFLOCAL} UTF-8" | debconf-set-selections
19 19 else
20 20 # en_US.UTF-8 should be available anyway : https://www.debian.org/doc/manuals/debian-reference/ch08.en.html#_the_reconfiguration_of_the_locale
21 21 chroot_exec echo "locales locales/locales_to_be_generated multiselect en_US.UTF-8 UTF-8, ${DEFLOCAL} UTF-8" | debconf-set-selections
22 22 sed -i "/en_US.UTF-8/s/^#//" "${ETC_DIR}/locale.gen"
23 23 fi
24 24
25 25 sed -i "/${DEFLOCAL}/s/^#//" "${ETC_DIR}/locale.gen"
26 26 chroot_exec echo "locales locales/default_environment_locale select ${DEFLOCAL}" | debconf-set-selections
27 27 chroot_exec locale-gen
28 28 chroot_exec update-locale LANG="${DEFLOCAL}"
29 29
30 30 # Install and setup default keyboard configuration
31 if [ "$XKB_MODEL" != "pc105" ] ; then
31 if [ "$XKB_MODEL" != "" ] ; then
32 32 sed -i "s/^XKBMODEL.*/XKBMODEL=\"${XKB_MODEL}\"/" "${ETC_DIR}/default/keyboard"
33 33 fi
34 if [ "$XKB_LAYOUT" != "us" ] ; then
34 if [ "$XKB_LAYOUT" != "" ] ; then
35 35 sed -i "s/^XKBLAYOUT.*/XKBLAYOUT=\"${XKB_LAYOUT}\"/" "${ETC_DIR}/default/keyboard"
36 36 fi
37 37 if [ "$XKB_VARIANT" != "" ] ; then
38 38 sed -i "s/^XKBVARIANT.*/XKBVARIANT=\"${XKB_VARIANT}\"/" "${ETC_DIR}/default/keyboard"
39 39 fi
40 40 if [ "$XKB_OPTIONS" != "" ] ; then
41 41 sed -i "s/^XKBOPTIONS.*/XKBOPTIONS=\"${XKB_OPTIONS}\"/" "${ETC_DIR}/default/keyboard"
42 42 fi
43 43 chroot_exec dpkg-reconfigure -f noninteractive keyboard-configuration
44 44
45 45 # Install and setup font console
46 46 case "${DEFLOCAL}" in
47 47 *UTF-8)
48 48 sed -i 's/^CHARMAP.*/CHARMAP="UTF-8"/' "${ETC_DIR}/default/console-setup"
49 49 ;;
50 50 *)
51 51 sed -i 's/^CHARMAP.*/CHARMAP="guess"/' "${ETC_DIR}/default/console-setup"
52 52 ;;
53 53 esac
54 54 chroot_exec dpkg-reconfigure -f noninteractive console-setup
55 55 else # (no locales were installed)
56 56 # Install POSIX default locale
57 57 install_readonly files/locales/locale "${ETC_DIR}/default/locale"
58 58 fi
@@ -1,255 +1,255
1 1 #
2 2 # Build and Setup RPi2/3 Kernel
3 3 #
4 4
5 5 # Load utility functions
6 6 . ./functions.sh
7 7
8 8 # Fetch and build latest raspberry kernel
9 9 if [ "$BUILD_KERNEL" = true ] ; then
10 10 # Setup source directory
11 11 mkdir -p "${KERNEL_DIR}"
12 12
13 13 # Copy existing kernel sources into chroot directory
14 14 if [ -n "$KERNELSRC_DIR" ] && [ -d "$KERNELSRC_DIR" ] ; then
15 15 # Copy kernel sources and include hidden files
16 16 cp -r "${KERNELSRC_DIR}/". "${KERNEL_DIR}"
17 17
18 18 # Clean the kernel sources
19 19 if [ "$KERNELSRC_CLEAN" = true ] && [ "$KERNELSRC_PREBUILT" = false ] ; then
20 20 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" mrproper
21 21 fi
22 22 else # KERNELSRC_DIR=""
23 23 # Create temporary directory for kernel sources
24 24 temp_dir=$(as_nobody mktemp -d)
25 25
26 26 # Fetch current RPi2/3 kernel sources
27 27 if [ -z "${KERNEL_BRANCH}" ] ; then
28 28 as_nobody -H git -C "${temp_dir}" clone --depth=1 "${KERNEL_URL}" linux
29 29 else
30 30 as_nobody -H git -C "${temp_dir}" clone --depth=1 --branch "${KERNEL_BRANCH}" "${KERNEL_URL}" linux
31 31 fi
32 32
33 33 # Copy downloaded kernel sources
34 34 cp -r "${temp_dir}/linux/"* "${KERNEL_DIR}"
35 35
36 36 # Remove temporary directory for kernel sources
37 37 rm -fr "${temp_dir}"
38 38
39 39 # Set permissions of the kernel sources
40 40 chown -R root:root "${R}/usr/src"
41 41 fi
42 42
43 43 # Calculate optimal number of kernel building threads
44 44 if [ "$KERNEL_THREADS" = "1" ] && [ -r /proc/cpuinfo ] ; then
45 45 KERNEL_THREADS=$(grep -c processor /proc/cpuinfo)
46 46 fi
47 47
48 48 # Configure and build kernel
49 49 if [ "$KERNELSRC_PREBUILT" = false ] ; then
50 50 # Remove device, network and filesystem drivers from kernel configuration
51 51 if [ "$KERNEL_REDUCE" = true ] ; then
52 52 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" "${KERNEL_DEFCONFIG}"
53 53 sed -i\
54 54 -e "s/\(^CONFIG_SND.*\=\).*/\1n/"\
55 55 -e "s/\(^CONFIG_SOUND.*\=\).*/\1n/"\
56 56 -e "s/\(^CONFIG_AC97.*\=\).*/\1n/"\
57 57 -e "s/\(^CONFIG_VIDEO_.*\=\).*/\1n/"\
58 58 -e "s/\(^CONFIG_MEDIA_TUNER.*\=\).*/\1n/"\
59 59 -e "s/\(^CONFIG_DVB.*\=\)[ym]/\1n/"\
60 60 -e "s/\(^CONFIG_REISERFS.*\=\).*/\1n/"\
61 61 -e "s/\(^CONFIG_JFS.*\=\).*/\1n/"\
62 62 -e "s/\(^CONFIG_XFS.*\=\).*/\1n/"\
63 63 -e "s/\(^CONFIG_GFS2.*\=\).*/\1n/"\
64 64 -e "s/\(^CONFIG_OCFS2.*\=\).*/\1n/"\
65 65 -e "s/\(^CONFIG_BTRFS.*\=\).*/\1n/"\
66 66 -e "s/\(^CONFIG_HFS.*\=\).*/\1n/"\
67 67 -e "s/\(^CONFIG_JFFS2.*\=\)[ym]/\1n/"\
68 68 -e "s/\(^CONFIG_UBIFS.*\=\).*/\1n/"\
69 69 -e "s/\(^CONFIG_SQUASHFS.*\=\)[ym]/\1n/"\
70 70 -e "s/\(^CONFIG_W1.*\=\)[ym]/\1n/"\
71 71 -e "s/\(^CONFIG_HAMRADIO.*\=\).*/\1n/"\
72 72 -e "s/\(^CONFIG_CAN.*\=\).*/\1n/"\
73 73 -e "s/\(^CONFIG_IRDA.*\=\).*/\1n/"\
74 74 -e "s/\(^CONFIG_BT_.*\=\).*/\1n/"\
75 75 -e "s/\(^CONFIG_WIMAX.*\=\)[ym]/\1n/"\
76 76 -e "s/\(^CONFIG_6LOWPAN.*\=\).*/\1n/"\
77 77 -e "s/\(^CONFIG_IEEE802154.*\=\).*/\1n/"\
78 78 -e "s/\(^CONFIG_NFC.*\=\).*/\1n/"\
79 79 -e "s/\(^CONFIG_FB_TFT=.*\=\).*/\1n/"\
80 80 -e "s/\(^CONFIG_TOUCHSCREEN.*\=\).*/\1n/"\
81 81 -e "s/\(^CONFIG_USB_GSPCA_.*\=\).*/\1n/"\
82 82 -e "s/\(^CONFIG_DRM.*\=\).*/\1n/"\
83 83 "${KERNEL_DIR}/.config"
84 84 fi
85 85
86 86 if [ "$KERNELSRC_CONFIG" = true ] ; then
87 87 # Load default raspberry kernel configuration
88 88 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" "${KERNEL_DEFCONFIG}"
89 89
90 90 # Set kernel configuration parameters to enable qemu emulation
91 91 if [ "$ENABLE_QEMU" = true ] ; then
92 92 echo "CONFIG_FHANDLE=y" >> "${KERNEL_DIR}"/.config
93 93 echo "CONFIG_LBDAF=y" >> "${KERNEL_DIR}"/.config
94 94
95 95 if [ "$ENABLE_CRYPTFS" = true ] ; then
96 96 {
97 97 echo "CONFIG_EMBEDDED=y"
98 98 echo "CONFIG_EXPERT=y"
99 99 echo "CONFIG_DAX=y"
100 100 echo "CONFIG_MD=y"
101 101 echo "CONFIG_BLK_DEV_MD=y"
102 102 echo "CONFIG_MD_AUTODETECT=y"
103 103 echo "CONFIG_BLK_DEV_DM=y"
104 104 echo "CONFIG_BLK_DEV_DM_BUILTIN=y"
105 105 echo "CONFIG_DM_CRYPT=y"
106 106 echo "CONFIG_CRYPTO_BLKCIPHER=y"
107 107 echo "CONFIG_CRYPTO_CBC=y"
108 108 echo "CONFIG_CRYPTO_XTS=y"
109 109 echo "CONFIG_CRYPTO_SHA512=y"
110 110 echo "CONFIG_CRYPTO_MANAGER=y"
111 } >> ${KERNEL_DIR}/.config
111 } >> "${KERNEL_DIR}"/.config
112 112 fi
113 113 fi
114 114
115 115 # Copy custom kernel configuration file
116 116 if [ -n "$KERNELSRC_USRCONFIG" ] ; then
117 117 cp "$KERNELSRC_USRCONFIG" "${KERNEL_DIR}"/.config
118 118 fi
119 119
120 120 # Set kernel configuration parameters to their default values
121 121 if [ "$KERNEL_OLDDEFCONFIG" = true ] ; then
122 122 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" olddefconfig
123 123 fi
124 124
125 125 # Start menu-driven kernel configuration (interactive)
126 126 if [ "$KERNEL_MENUCONFIG" = true ] ; then
127 127 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" menuconfig
128 128 fi
129 129 fi
130 130
131 131 # Use ccache to cross compile the kernel
132 132 if [ "$KERNEL_CCACHE" = true ] ; then
133 133 cc="ccache ${CROSS_COMPILE}gcc"
134 134 else
135 135 cc="${CROSS_COMPILE}gcc"
136 136 fi
137 137
138 138 # Cross compile kernel and dtbs
139 139 make -C "${KERNEL_DIR}" -j"${KERNEL_THREADS}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" CC="${cc}" "${KERNEL_BIN_IMAGE}" dtbs
140 140
141 141 # Cross compile kernel modules
142 if [ "$(grep "CONFIG_MODULES=y" "${KERNEL_DIR}/.config")" ] ; then
142 if grep -q "CONFIG_MODULES=y" "${KERNEL_DIR}/.config" ; then
143 143 make -C "${KERNEL_DIR}" -j"${KERNEL_THREADS}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" CC="${cc}" modules
144 144 fi
145 145 fi
146 146
147 147 # Check if kernel compilation was successful
148 148 if [ ! -r "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/${KERNEL_BIN_IMAGE}" ] ; then
149 149 echo "error: kernel compilation failed! (kernel image not found)"
150 150 cleanup
151 151 exit 1
152 152 fi
153 153
154 154 # Install kernel modules
155 155 if [ "$ENABLE_REDUCE" = true ] ; then
156 if [ "$(grep "CONFIG_MODULES=y" "${KERNEL_DIR}/.config")" ] ; then
156 if grep -q "CONFIG_MODULES=y" "${KERNEL_DIR}/.config" ; then
157 157 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_MOD_STRIP=1 INSTALL_MOD_PATH=../../.. modules_install
158 158 fi
159 159 else
160 if [ "$(grep "CONFIG_MODULES=y" "${KERNEL_DIR}/.config")" ] ; then
160 if grep -q "CONFIG_MODULES=y" "${KERNEL_DIR}/.config" ; then
161 161 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_MOD_PATH=../../.. modules_install
162 162 fi
163 163
164 164 # Install kernel firmware
165 if [ "$(grep "^firmware_install:" "${KERNEL_DIR}/Makefile")" ] ; then
165 if grep -q "^firmware_install:" "${KERNEL_DIR}/Makefile" ; then
166 166 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_FW_PATH=../../../lib firmware_install
167 167 fi
168 168 fi
169 169
170 170 # Install kernel headers
171 171 if [ "$KERNEL_HEADERS" = true ] && [ "$KERNEL_REDUCE" = false ] ; then
172 172 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_HDR_PATH=../.. headers_install
173 173 fi
174 174
175 175 # Prepare boot (firmware) directory
176 176 mkdir "${BOOT_DIR}"
177 177
178 178 # Get kernel release version
179 179 KERNEL_VERSION=$(cat "${KERNEL_DIR}/include/config/kernel.release")
180 180
181 181 # Copy kernel configuration file to the boot directory
182 182 install_readonly "${KERNEL_DIR}/.config" "${R}/boot/config-${KERNEL_VERSION}"
183 183
184 184 # Prepare device tree directory
185 185 mkdir "${BOOT_DIR}/overlays"
186 186
187 187 # Ensure the proper .dtb is located
188 188 if [ "$KERNEL_ARCH" = "arm" ] ; then
189 189 for dtb in "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/"*.dtb ; do
190 190 if [ -f "${dtb}" ] ; then
191 191 install_readonly "${dtb}" "${BOOT_DIR}/"
192 192 fi
193 193 done
194 194 else
195 195 for dtb in "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/broadcom/"*.dtb ; do
196 196 if [ -f "${dtb}" ] ; then
197 197 install_readonly "${dtb}" "${BOOT_DIR}/"
198 198 fi
199 199 done
200 200 fi
201 201
202 202 # Copy compiled dtb device tree files
203 203 if [ -d "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays" ] ; then
204 204 for dtb in "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays/"*.dtb ; do
205 205 if [ -f "${dtb}" ] ; then
206 206 install_readonly "${dtb}" "${BOOT_DIR}/overlays/"
207 207 fi
208 208 done
209 209
210 210 if [ -f "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays/README" ] ; then
211 211 install_readonly "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays/README" "${BOOT_DIR}/overlays/README"
212 212 fi
213 213 fi
214 214
215 215 if [ "$ENABLE_UBOOT" = false ] ; then
216 216 # Convert and copy kernel image to the boot directory
217 217 "${KERNEL_DIR}/scripts/mkknlimg" "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/${KERNEL_BIN_IMAGE}" "${BOOT_DIR}/${KERNEL_IMAGE}"
218 218 else
219 219 # Copy kernel image to the boot directory
220 220 install_readonly "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/${KERNEL_BIN_IMAGE}" "${BOOT_DIR}/${KERNEL_IMAGE}"
221 221 fi
222 222
223 223 # Remove kernel sources
224 224 if [ "$KERNEL_REMOVESRC" = true ] ; then
225 225 rm -fr "${KERNEL_DIR}"
226 226 else
227 227 # Prepare compiled kernel modules
228 if [ "$(grep "CONFIG_MODULES=y" "${KERNEL_DIR}/.config")" ] ; then
229 if [ "$(grep "^modules_prepare:" "${KERNEL_DIR}/Makefile")" ] ; then
228 if grep -q "CONFIG_MODULES=y" "${KERNEL_DIR}/.config" ; then
229 if grep -q "^modules_prepare:" "${KERNEL_DIR}/Makefile" ; then
230 230 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" modules_prepare
231 231 fi
232 232
233 233 # Create symlinks for kernel modules
234 234 chroot_exec ln -sf /usr/src/linux "/lib/modules/${KERNEL_VERSION}/build"
235 235 chroot_exec ln -sf /usr/src/linux "/lib/modules/${KERNEL_VERSION}/source"
236 236 fi
237 237 fi
238 238
239 239 else # BUILD_KERNEL=false
240 240 # Kernel installation
241 241 chroot_exec apt-get -qq -y --no-install-recommends install linux-image-"${COLLABORA_KERNEL}" raspberrypi-bootloader-nokernel
242 242
243 243 # Install flash-kernel last so it doesn't try (and fail) to detect the platform in the chroot
244 244 chroot_exec apt-get -qq -y install flash-kernel
245 245
246 246 # Check if kernel installation was successful
247 247 VMLINUZ="$(ls -1 "${R}"/boot/vmlinuz-* | sort | tail -n 1)"
248 248 if [ -z "$VMLINUZ" ] ; then
249 249 echo "error: kernel installation failed! (/boot/vmlinuz-* not found)"
250 250 cleanup
251 251 exit 1
252 252 fi
253 253 # Copy vmlinuz kernel to the boot directory
254 254 install_readonly "${VMLINUZ}" "${BOOT_DIR}/${KERNEL_IMAGE}"
255 255 fi
@@ -1,174 +1,229
1 1 #
2 2 # Setup RPi2/3 config and cmdline
3 3 #
4 4
5 5 # Load utility functions
6 6 . ./functions.sh
7 7
8 8 if [ "$BUILD_KERNEL" = true ] ; then
9 9 if [ -n "$RPI_FIRMWARE_DIR" ] && [ -d "$RPI_FIRMWARE_DIR" ] ; then
10 10 # Install boot binaries from local directory
11 11 cp "${RPI_FIRMWARE_DIR}"/boot/bootcode.bin "${BOOT_DIR}"/bootcode.bin
12 12 cp "${RPI_FIRMWARE_DIR}"/boot/fixup.dat "${BOOT_DIR}"/fixup.dat
13 13 cp "${RPI_FIRMWARE_DIR}"/boot/fixup_cd.dat "${BOOT_DIR}"/fixup_cd.dat
14 14 cp "${RPI_FIRMWARE_DIR}"/boot/fixup_x.dat "${BOOT_DIR}"/fixup_x.dat
15 15 cp "${RPI_FIRMWARE_DIR}"/boot/start.elf "${BOOT_DIR}"/start.elf
16 16 cp "${RPI_FIRMWARE_DIR}"/boot/start_cd.elf "${BOOT_DIR}"/start_cd.elf
17 17 cp "${RPI_FIRMWARE_DIR}"/boot/start_x.elf "${BOOT_DIR}"/start_x.elf
18 18 else
19 19 # Create temporary directory for boot binaries
20 20 temp_dir=$(as_nobody mktemp -d)
21 21
22 22 # Install latest boot binaries from raspberry/firmware github
23 23 as_nobody wget -q -O "${temp_dir}/bootcode.bin" "${FIRMWARE_URL}/bootcode.bin"
24 24 as_nobody wget -q -O "${temp_dir}/fixup.dat" "${FIRMWARE_URL}/fixup.dat"
25 25 as_nobody wget -q -O "${temp_dir}/fixup_cd.dat" "${FIRMWARE_URL}/fixup_cd.dat"
26 26 as_nobody wget -q -O "${temp_dir}/fixup_x.dat" "${FIRMWARE_URL}/fixup_x.dat"
27 27 as_nobody wget -q -O "${temp_dir}/start.elf" "${FIRMWARE_URL}/start.elf"
28 28 as_nobody wget -q -O "${temp_dir}/start_cd.elf" "${FIRMWARE_URL}/start_cd.elf"
29 29 as_nobody wget -q -O "${temp_dir}/start_x.elf" "${FIRMWARE_URL}/start_x.elf"
30 30
31 31 # Move downloaded boot binaries
32 32 mv "${temp_dir}/"* "${BOOT_DIR}/"
33 33
34 34 # Remove temporary directory for boot binaries
35 35 rm -fr "${temp_dir}"
36 36
37 37 # Set permissions of the boot binaries
38 38 chown -R root:root "${BOOT_DIR}"
39 39 chmod -R 600 "${BOOT_DIR}"
40 40 fi
41 41 fi
42 42
43 43 # Setup firmware boot cmdline
44 44 if [ "$ENABLE_SPLITFS" = true ] ; then
45 45 CMDLINE="dwc_otg.lpm_enable=0 root=/dev/sda1 rootfstype=ext4 rootflags=commit=100,data=writeback elevator=deadline rootwait console=tty1 init=/bin/systemd"
46 46 else
47 47 CMDLINE="dwc_otg.lpm_enable=0 root=/dev/mmcblk0p2 rootfstype=ext4 rootflags=commit=100,data=writeback elevator=deadline rootwait console=tty1 init=/bin/systemd"
48 48 fi
49 49
50 50 # Add encrypted root partition to cmdline.txt
51 51 if [ "$ENABLE_CRYPTFS" = true ] ; then
52 52 if [ "$ENABLE_SPLITFS" = true ] ; then
53 53 CMDLINE=$(echo "${CMDLINE}" | sed "s/sda1/mapper\/${CRYPTFS_MAPPING} cryptdevice=\/dev\/sda1:${CRYPTFS_MAPPING}/")
54 54 else
55 55 CMDLINE=$(echo "${CMDLINE}" | sed "s/mmcblk0p2/mapper\/${CRYPTFS_MAPPING} cryptdevice=\/dev\/mmcblk0p2:${CRYPTFS_MAPPING}/")
56 56 fi
57 57 fi
58 58
59 # Add serial console support
60 if [ "$ENABLE_CONSOLE" = true ] ; then
61 CMDLINE="${CMDLINE} console=ttyAMA0,115200 kgdboc=ttyAMA0,115200"
59 #locks cpu at max frequency
60 if [ "$ENABLE_TURBO" = true ] ; then
61 echo "force_turbo=1" >> "${BOOT_DIR}/config.txt"
62 62 fi
63 63
64 # Remove IPv6 networking support
65 if [ "$ENABLE_IPV6" = false ] ; then
66 CMDLINE="${CMDLINE} ipv6.disable=1"
64 if [ "$ENABLE_PRINTK" = true ] ; then
65 install_readonly files/sysctl.d/83-rpi-printk.conf "${ETC_DIR}/sysctl.d/83-rpi-printk.conf"
67 66 fi
68 67
69 # Automatically assign predictable network interface names
70 if [ "$ENABLE_IFNAMES" = false ] ; then
71 CMDLINE="${CMDLINE} net.ifnames=0"
72 else
73 CMDLINE="${CMDLINE} net.ifnames=1"
74 fi
68 # Install udev rule for serial alias
69 install_readonly files/etc/99-com.rules "${LIB_DIR}/udev/rules.d/99-com.rules"
75 70
76 # Install firmware boot cmdline
77 echo "${CMDLINE}" > "${BOOT_DIR}/cmdline.txt"
78
79 # Install firmware config
80 install_readonly files/boot/config.txt "${BOOT_DIR}/config.txt"
71 if [ "$RPI_MODEL" = 0 ] || [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] ; then
81 72
82 # Setup minimal GPU memory allocation size: 16MB (no X)
83 if [ "$ENABLE_MINGPU" = true ] ; then
84 echo "gpu_mem=16" >> "${BOOT_DIR}/config.txt"
85 fi
73 # RPI0,3,3P Use default ttyS0 (mini-UART)as serial interface
74 SET_SERIAL="ttyS0"
86 75
87 # Setup boot with initramfs
88 if [ "$ENABLE_INITRAMFS" = true ] ; then
89 echo "initramfs initramfs-${KERNEL_VERSION} followkernel" >> "${BOOT_DIR}/config.txt"
90 fi
91
92 # Disable RPi3 Bluetooth and restore ttyAMA0 serial device
93 if [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] ; then
94 if [ "$ENABLE_CONSOLE" = true ] && [ "$ENABLE_UBOOT" = false ] ; then
95 echo "dtoverlay=pi3-disable-bt" >> "${BOOT_DIR}/config.txt"
96 echo "enable_uart=1" >> "${BOOT_DIR}/config.txt"
97 else
76 # Bluetooth enabled
77 if [ "$ENABLE_BLUETOOTH" = true ] ; then
98 78 # Create temporary directory for Bluetooth sources
99 79 temp_dir=$(as_nobody mktemp -d)
100 80
101 81 # Fetch Bluetooth sources
102 82 as_nobody git -C "${temp_dir}" clone "${BLUETOOTH_URL}"
103 83
104 84 # Copy downloaded sources
105 85 mv "${temp_dir}/pi-bluetooth" "${R}/tmp/"
106 86
87 # Bluetooth firmware from arch aur https://aur.archlinux.org/packages/pi-bluetooth/
88 as_nobody wget -q -O "${R}/tmp/pi-bluetooth/LICENCE.broadcom_bcm43xx" https://aur.archlinux.org/cgit/aur.git/plain/LICENCE.broadcom_bcm43xx?h=pi-bluetooth
89 as_nobody wget -q -O "${R}/tmp/pi-bluetooth/BCM43430A1.hcd" https://aur.archlinux.org/cgit/aur.git/plain/BCM43430A1.hcd?h=pi-bluetooth
90
107 91 # Set permissions
108 92 chown -R root:root "${R}/tmp/pi-bluetooth"
109 93
110 94 # Install tools
111 95 install_readonly "${R}/tmp/pi-bluetooth/usr/bin/btuart" "${R}/usr/bin/btuart"
112 96 install_readonly "${R}/tmp/pi-bluetooth/usr/bin/bthelper" "${R}/usr/bin/bthelper"
113 97
114 98 # Install bluetooth udev rule
115 99 install_readonly "${R}/tmp/pi-bluetooth/lib/udev/rules.d/90-pi-bluetooth.rules" "${LIB_DIR}/udev/rules.d/90-pi-bluetooth.rules"
116 100
117 101 # Install Firmware Flash file and apropiate licence
118 mkdir "${ETC_DIR}/firmware/"
102 mkdir -p "$BLUETOOTH_FIRMWARE_DIR"
103 install_readonly "${R}/tmp/pi-bluetooth/LICENCE.broadcom_bcm43xx" "${BLUETOOTH_FIRMWARE_DIR}/LICENCE.broadcom_bcm43xx"
104 install_readonly "${R}/tmp/pi-bluetooth/BCM43430A1.hcd" "${BLUETOOTH_FIRMWARE_DIR}/LICENCE.broadcom_bcm43xx"
105 install_readonly "${R}/tmp/pi-bluetooth/debian/pi-bluetooth.bthelper@.service" "${ETC_DIR}/systemd/system/pi-bluetooth.bthelper@.service"
106 install_readonly "${R}/tmp/pi-bluetooth/debian/pi-bluetooth.hciuart.service" "${ETC_DIR}/systemd/system/pi-bluetooth.hciuart.service"
107
108 # Remove temporary directory
109 rm -fr "${temp_dir}"
119 110
120 wget -O "${R}/tmp/pi-bluetooth/LICENCE.broadcom_bcm43xx" https://aur.archlinux.org/cgit/aur.git/plain/LICENCE.broadcom_bcm43xx?h=pi-bluetooth
121 wget -O "${R}/tmp/pi-bluetooth/BCM43430A1.hcd" https://aur.archlinux.org/cgit/aur.git/plain/BCM43430A1.hcd?h=pi-bluetooth
111 # Switch Pi3 Bluetooth function to use the mini-UART (ttyS0) and restore UART0/ttyAMA0 over GPIOs 14 & 15. Slow Bluetooth and slow cpu. Use /dev/ttyS0 instead of /dev/ttyAMA0
112 if [ "$ENABLE_MINIUART_OVERLAY" = true ] ; then
113 SET_SERIAL="ttyAMA0"
122 114
123 # Get /dev/serial back for compability
124 wget -O "${ETC_DIR}/udev/rules.d/99-com.rules" https://raw.githubusercontent.com/RPi-Distro/raspberrypi-sys-mods/master/etc.armhf/udev/rules.d/99-com.rules
115 # set overlay to swap ttyAMA0 and ttyS0
116 echo "dtoverlay=pi3-miniuart-bt" >> "${BOOT_DIR}/config.txt"
117
118 # if force_turbo didn't lock cpu at high speed, lock it at low speed (XOR logic) or miniuart will be broken
119 if [ "$ENABLE_TURBO" = false ] ; then
120 echo "core_freq=250" >> "${BOOT_DIR}/config.txt"
125 121 fi
122
123 # Activate services
124 chroot_exec systemctl enable pi-bluetooth.hciuart.service
125 #chroot_exec systemctl enable pi-bluetooth.bthelper@.service
126 else
127 chroot_exec systemctl enable pi-bluetooth.hciuart.service
128 #chroot_exec systemctl enable pi-bluetooth.bthelper@.service
129 fi
130
131 else # if ENABLE_BLUETOOTH = false
132 # set overlay to disable bluetooth
133 echo "dtoverlay=pi3-disable-bt" >> "${BOOT_DIR}/config.txt"
134 fi # ENABLE_BLUETOOTH end
135
136 else
137 # RPI1,1P,2 Use default ttyAMA0 (full UART) as serial interface
138 SET_SERIAL="ttyAMA0"
139 fi
140
141 # may need sudo systemctl disable hciuart
142 if [ "$ENABLE_CONSOLE" = true ] ; then
143 echo "enable_uart=1" >> "${BOOT_DIR}/config.txt"
144 # add string to cmdline
145 CMDLINE="${CMDLINE} console=serial0,115200"
146
147 # Enable serial console systemd style
148 chroot_exec systemctl enable serial-getty\@"$SET_SERIAL".service
149 else
150 echo "enable_uart=0" >> "${BOOT_DIR}/config.txt"
151 # disable serial console systemd style
152 chroot_exec systemctl disable serial-getty\@"$SET_SERIAL".service
153 fi
154
155 # Remove IPv6 networking support
156 if [ "$ENABLE_IPV6" = false ] ; then
157 CMDLINE="${CMDLINE} ipv6.disable=1"
158 fi
159
160 # Automatically assign predictable network interface names
161 if [ "$ENABLE_IFNAMES" = false ] ; then
162 CMDLINE="${CMDLINE} net.ifnames=0"
163 else
164 CMDLINE="${CMDLINE} net.ifnames=1"
165 fi
166
167 # Install firmware boot cmdline
168 echo "${CMDLINE}" > "${BOOT_DIR}/cmdline.txt"
169
170 # Install firmware config
171 install_readonly files/boot/config.txt "${BOOT_DIR}/config.txt"
172
173 # Setup minimal GPU memory allocation size: 16MB (no X)
174 if [ "$ENABLE_MINGPU" = true ] ; then
175 echo "gpu_mem=16" >> "${BOOT_DIR}/config.txt"
176 fi
177
178 # Setup boot with initramfs
179 if [ "$ENABLE_INITRAMFS" = true ] ; then
180 echo "initramfs initramfs-${KERNEL_VERSION} followkernel" >> "${BOOT_DIR}/config.txt"
126 181 fi
127 182
128 183 # Create firmware configuration and cmdline symlinks
129 184 ln -sf firmware/config.txt "${R}/boot/config.txt"
130 185 ln -sf firmware/cmdline.txt "${R}/boot/cmdline.txt"
131 186
132 187 # Install and setup kernel modules to load at boot
133 188 mkdir -p "${LIB_DIR}/modules-load.d/"
134 189 install_readonly files/modules/rpi2.conf "${LIB_DIR}/modules-load.d/rpi2.conf"
135 190
136 191 # Load hardware random module at boot
137 192 if [ "$ENABLE_HWRANDOM" = true ] && [ "$BUILD_KERNEL" = false ] ; then
138 193 sed -i "s/^# bcm2708_rng/bcm2708_rng/" "${LIB_DIR}/modules-load.d/rpi2.conf"
139 194 fi
140 195
141 196 # Load sound module at boot
142 197 if [ "$ENABLE_SOUND" = true ] ; then
143 198 sed -i "s/^# snd_bcm2835/snd_bcm2835/" "${LIB_DIR}/modules-load.d/rpi2.conf"
144 199 else
145 200 echo "dtparam=audio=off" >> "${BOOT_DIR}/config.txt"
146 201 fi
147 202
148 203 # Enable I2C interface
149 204 if [ "$ENABLE_I2C" = true ] ; then
150 205 echo "dtparam=i2c_arm=on" >> "${BOOT_DIR}/config.txt"
151 206 sed -i "s/^# i2c-bcm2708/i2c-bcm2708/" "${LIB_DIR}/modules-load.d/rpi2.conf"
152 207 sed -i "s/^# i2c-dev/i2c-dev/" "${LIB_DIR}/modules-load.d/rpi2.conf"
153 208 fi
154 209
155 210 # Enable SPI interface
156 211 if [ "$ENABLE_SPI" = true ] ; then
157 212 echo "dtparam=spi=on" >> "${BOOT_DIR}/config.txt"
158 213 echo "spi-bcm2708" >> "${LIB_DIR}/modules-load.d/rpi2.conf"
159 214 if [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ]; then
160 215 sed -i "s/spi-bcm2708/spi-bcm2835/" "${LIB_DIR}/modules-load.d/rpi2.conf"
161 216 fi
162 217 fi
163 218
164 219 # Disable RPi2/3 under-voltage warnings
165 220 if [ -n "$DISABLE_UNDERVOLT_WARNINGS" ] ; then
166 221 echo "avoid_warnings=${DISABLE_UNDERVOLT_WARNINGS}" >> "${BOOT_DIR}/config.txt"
167 222 fi
168 223
169 224 # Install kernel modules blacklist
170 225 mkdir -p "${ETC_DIR}/modprobe.d/"
171 226 install_readonly files/modules/raspi-blacklist.conf "${ETC_DIR}/modprobe.d/raspi-blacklist.conf"
172 227
173 228 # Install sysctl.d configuration files
174 229 install_readonly files/sysctl.d/81-rpi-vm.conf "${ETC_DIR}/sysctl.d/81-rpi-vm.conf"
@@ -1,134 +1,132
1 1 #
2 2 # Setup Networking
3 3 #
4 4
5 5 # Load utility functions
6 6 . ./functions.sh
7 7
8 8 # Install and setup hostname
9 9 install_readonly files/network/hostname "${ETC_DIR}/hostname"
10 10 sed -i "s/^RaspberryPI/${HOSTNAME}/" "${ETC_DIR}/hostname"
11 11
12 12 # Install and setup hosts
13 13 install_readonly files/network/hosts "${ETC_DIR}/hosts"
14 14 sed -i "s/RaspberryPI/${HOSTNAME}/" "${ETC_DIR}/hosts"
15 15
16 16 # Setup hostname entry with static IP
17 17 if [ "$NET_ADDRESS" != "" ] ; then
18 18 NET_IP=$(echo "${NET_ADDRESS}" | cut -f 1 -d'/')
19 19 sed -i "s/^127.0.1.1/${NET_IP}/" "${ETC_DIR}/hosts"
20 20 fi
21 21
22 22 # Remove IPv6 hosts
23 23 if [ "$ENABLE_IPV6" = false ] ; then
24 24 sed -i -e "/::[1-9]/d" -e "/^$/d" "${ETC_DIR}/hosts"
25 25 fi
26 26
27 27 # Install hint about network configuration
28 28 install_readonly files/network/interfaces "${ETC_DIR}/network/interfaces"
29 29
30 30 # Install configuration for interface eth0
31 31 install_readonly files/network/eth.network "${ETC_DIR}/systemd/network/eth.network"
32 32
33 33 # Install configuration for interface wl*
34 34 install_readonly files/network/wlan.network "${ETC_DIR}/systemd/network/wlan.network"
35 35
36 36 #always with dhcp since wpa_supplicant integration is missing
37 37 sed -i -e "s/DHCP=.*/DHCP=yes/" -e "/DHCP/q" "${ETC_DIR}/systemd/network/wlan.network"
38 38
39 39 if [ "$ENABLE_DHCP" = true ] ; then
40 40 # Enable DHCP configuration for interface eth0
41 41 sed -i -e "s/DHCP=.*/DHCP=yes/" -e "/DHCP/q" "${ETC_DIR}/systemd/network/eth.network"
42 42
43 43 # Set DHCP configuration to IPv4 only
44 44 if [ "$ENABLE_IPV6" = false ] ; then
45 45 sed -i "s/DHCP=.*/DHCP=v4/" "${ETC_DIR}/systemd/network/eth.network"
46 46 fi
47 47
48 48 else # ENABLE_DHCP=false
49 49 # Set static network configuration for interface eth0
50 50 sed -i\
51 51 -e "s|DHCP=.*|DHCP=no|"\
52 52 -e "s|Address=\$|Address=${NET_ADDRESS}|"\
53 53 -e "s|Gateway=\$|Gateway=${NET_GATEWAY}|"\
54 54 -e "0,/DNS=\$/ s|DNS=\$|DNS=${NET_DNS_1}|"\
55 55 -e "0,/DNS=\$/ s|DNS=\$|DNS=${NET_DNS_2}|"\
56 56 -e "s|Domains=\$|Domains=${NET_DNS_DOMAINS}|"\
57 57 -e "0,/NTP=\$/ s|NTP=\$|NTP=${NET_NTP_1}|"\
58 58 -e "0,/NTP=\$/ s|NTP=\$|NTP=${NET_NTP_2}|"\
59 59 "${ETC_DIR}/systemd/network/eth.network"
60 60 fi
61 61
62 62 # Remove empty settings from network configuration
63 63 sed -i "/.*=\$/d" "${ETC_DIR}/systemd/network/eth.network"
64 64 # Remove empty settings from wlan configuration
65 65 sed -i "/.*=\$/d" "${ETC_DIR}/systemd/network/wlan.network"
66 66
67 67 # Move systemd network configuration if required by Debian release
68 68 mv -v "${ETC_DIR}/systemd/network/eth.network" "${LIB_DIR}/systemd/network/10-eth.network"
69 69 # If WLAN is enabled copy wlan configuration too
70 70 if [ "$ENABLE_WIRELESS" = true ] ; then
71 71 mv -v "${ETC_DIR}/systemd/network/wlan.network" "${LIB_DIR}/systemd/network/11-wlan.network"
72 72 fi
73 73 rm -fr "${ETC_DIR}/systemd/network"
74 74
75 75 # Enable systemd-networkd service
76 76 chroot_exec systemctl enable systemd-networkd
77 77
78 78 # Install host.conf resolver configuration
79 79 install_readonly files/network/host.conf "${ETC_DIR}/host.conf"
80 80
81 81 # Enable network stack hardening
82 82 if [ "$ENABLE_HARDNET" = true ] ; then
83 83 # Install sysctl.d configuration files
84 84 install_readonly files/sysctl.d/82-rpi-net-hardening.conf "${ETC_DIR}/sysctl.d/82-rpi-net-hardening.conf"
85 85
86 86 # Setup resolver warnings about spoofed addresses
87 87 sed -i "s/^# spoof warn/spoof warn/" "${ETC_DIR}/host.conf"
88 88 fi
89 89
90 90 # Enable time sync
91 91 if [ "$NET_NTP_1" != "" ] ; then
92 92 chroot_exec systemctl enable systemd-timesyncd.service
93 93 fi
94 94
95 95 # Download the firmware binary blob required to use the RPi3 wireless interface
96 96 if [ "$ENABLE_WIRELESS" = true ] ; then
97 97 if [ ! -d "${WLAN_FIRMWARE_DIR}" ] ; then
98 98 mkdir -p "${WLAN_FIRMWARE_DIR}"
99 99 fi
100 100
101 101 # Create temporary directory for firmware binary blob
102 102 temp_dir=$(as_nobody mktemp -d)
103 103
104 104 # Fetch firmware binary blob for RPI3B+
105 105 if [ "$RPI_MODEL" = 3P ] ; then
106 106 # Fetch firmware binary blob for RPi3P
107 107 as_nobody wget -q -O "${temp_dir}/brcmfmac43455-sdio.bin" "${WLAN_FIRMWARE_URL}/brcmfmac43455-sdio.bin"
108 108 as_nobody wget -q -O "${temp_dir}/brcmfmac43455-sdio.txt" "${WLAN_FIRMWARE_URL}/brcmfmac43455-sdio.txt"
109 109 as_nobody wget -q -O "${temp_dir}/brcmfmac43455-sdio.clm_blob" "${WLAN_FIRMWARE_URL}/brcmfmac43455-sdio.clm_blob"
110
111 # Move downloaded firmware binary blob
112 mv "${temp_dir}/brcmfmac43455-sdio."* "${WLAN_FIRMWARE_DIR}/"
113
114 # Set permissions of the firmware binary blob
115 chown root:root "${WLAN_FIRMWARE_DIR}/brcmfmac43455-sdio."*
116 chmod 600 "${WLAN_FIRMWARE_DIR}/brcmfmac43455-sdio."*
110 117 elif [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 0 ] ; then
111 118 # Fetch firmware binary blob for RPi3
112 119 as_nobody wget -q -O "${temp_dir}/brcmfmac43430-sdio.bin" "${WLAN_FIRMWARE_URL}/brcmfmac43430-sdio.bin"
113 120 as_nobody wget -q -O "${temp_dir}/brcmfmac43430-sdio.txt" "${WLAN_FIRMWARE_URL}/brcmfmac43430-sdio.txt"
114 fi
115 121
116 122 # Move downloaded firmware binary blob
117 if [ "$RPI_MODEL" = 3P ] ; then
118 mv "${temp_dir}/brcmfmac43455-sdio."* "${WLAN_FIRMWARE_DIR}/"
119 elif [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 0 ] ; then
120 123 mv "${temp_dir}/brcmfmac43430-sdio."* "${WLAN_FIRMWARE_DIR}/"
121 fi
122
123 # Remove temporary directory for firmware binary blob
124 rm -fr "${temp_dir}"
125 124
126 125 # Set permissions of the firmware binary blob
127 if [ "$RPI_MODEL" = 3P ] ; then
128 chown root:root "${WLAN_FIRMWARE_DIR}/brcmfmac43455-sdio."*
129 chmod 600 "${WLAN_FIRMWARE_DIR}/brcmfmac43455-sdio."*
130 elif [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 0 ] ; then
131 126 chown root:root "${WLAN_FIRMWARE_DIR}/brcmfmac43430-sdio."*
132 127 chmod 600 "${WLAN_FIRMWARE_DIR}/brcmfmac43430-sdio."*
133 128 fi
129
130 # Remove temporary directory for firmware binary blob
131 rm -fr "${temp_dir}"
134 132 fi
@@ -1,29 +1,29
1 1 #
2 2 # Setup users and security settings
3 3 #
4 4
5 5 # Load utility functions
6 6 . ./functions.sh
7 7
8 8 # Generate crypt(3) password string
9 9 ENCRYPTED_PASSWORD=$(mkpasswd -m sha-512 "${PASSWORD}")
10 10 ENCRYPTED_USER_PASSWORD=$(mkpasswd -m sha-512 "${USER_PASSWORD}")
11 11
12 12 # Setup default user
13 13 if [ "$ENABLE_USER" = true ] ; then
14 chroot_exec adduser --gecos $USER_NAME --add_extra_groups --disabled-password $USER_NAME
15 chroot_exec usermod -a -G sudo -p "${ENCRYPTED_USER_PASSWORD}" $USER_NAME
14 chroot_exec adduser --gecos "$USER_NAME" --add_extra_groups --disabled-password "$USER_NAME"
15 chroot_exec usermod -a -G sudo -p "${ENCRYPTED_USER_PASSWORD}" "$USER_NAME"
16 16 fi
17 17
18 18 # Setup root password or not
19 19 if [ "$ENABLE_ROOT" = true ] ; then
20 20 chroot_exec usermod -p "${ENCRYPTED_PASSWORD}" root
21 21 else
22 22 # Set no root password to disable root login
23 23 chroot_exec usermod -p \'!\' root
24 24 fi
25 25
26 26 # Enable serial console systemd style
27 27 if [ "$ENABLE_CONSOLE" = true ] ; then
28 28 chroot_exec systemctl enable serial-getty\@ttyAMA0.service
29 29 fi
@@ -1,98 +1,100
1 1 #
2 2 # Build and Setup U-Boot
3 3 #
4 4
5 5 # Load utility functions
6 6 . ./functions.sh
7 7
8 8 # Fetch and build U-Boot bootloader
9 9 if [ "$ENABLE_UBOOT" = true ] ; then
10 10 # Install c/c++ build environment inside the chroot
11 11 chroot_install_cc
12 12
13 13 # Copy existing U-Boot sources into chroot directory
14 14 if [ -n "$UBOOTSRC_DIR" ] && [ -d "$UBOOTSRC_DIR" ] ; then
15 15 # Copy local U-Boot sources
16 16 cp -r "${UBOOTSRC_DIR}" "${R}/tmp"
17 17 else
18 18 # Create temporary directory for U-Boot sources
19 19 temp_dir=$(as_nobody mktemp -d)
20 20
21 21 # Fetch U-Boot sources
22 22 as_nobody git -C "${temp_dir}" clone "${UBOOT_URL}"
23 23
24 24 # Copy downloaded U-Boot sources
25 25 mv "${temp_dir}/u-boot" "${R}/tmp/"
26 26
27 27 # Set permissions of the U-Boot sources
28 28 chown -R root:root "${R}/tmp/u-boot"
29 29
30 30 # Remove temporary directory for U-Boot sources
31 31 rm -fr "${temp_dir}"
32 32 fi
33 33
34 34 # Build and install U-Boot inside chroot
35 35 chroot_exec make -j"${KERNEL_THREADS}" -C /tmp/u-boot/ "${UBOOT_CONFIG}" all
36 36
37 37 # Copy compiled bootloader binary and set config.txt to load it
38 38 install_exec "${R}/tmp/u-boot/tools/mkimage" "${R}/usr/sbin/mkimage"
39 39 install_readonly "${R}/tmp/u-boot/u-boot.bin" "${BOOT_DIR}/u-boot.bin"
40 40 printf "\n# boot u-boot kernel\nkernel=u-boot.bin\n" >> "${BOOT_DIR}/config.txt"
41 41
42 42 # Install and setup U-Boot command file
43 43 install_readonly files/boot/uboot.mkimage "${BOOT_DIR}/uboot.mkimage"
44 printf "# Set the kernel boot command line\nsetenv bootargs \"earlyprintk ${CMDLINE}\"\n\n$(cat ${BOOT_DIR}/uboot.mkimage)" > "${BOOT_DIR}/uboot.mkimage"
44 printf "# Set the kernel boot command line\nsetenv bootargs \"earlyprintk ${CMDLINE}\"\n\n$(cat "${BOOT_DIR}"/uboot.mkimage)" > "${BOOT_DIR}/uboot.mkimage"
45 45
46 46 if [ "$ENABLE_INITRAMFS" = true ] ; then
47 47 # Convert generated initramfs for U-Boot using mkimage
48 48 chroot_exec /usr/sbin/mkimage -A "${KERNEL_ARCH}" -T ramdisk -C none -n "initramfs-${KERNEL_VERSION}" -d "/boot/firmware/initramfs-${KERNEL_VERSION}" "/boot/firmware/initramfs-${KERNEL_VERSION}.uboot"
49 49
50 50 # Remove original initramfs file
51 51 rm -f "${BOOT_DIR}/initramfs-${KERNEL_VERSION}"
52 52
53 53 # Configure U-Boot to load generated initramfs
54 printf "# Set initramfs file\nsetenv initramfs initramfs-${KERNEL_VERSION}.uboot\n\n$(cat ${BOOT_DIR}/uboot.mkimage)" > "${BOOT_DIR}/uboot.mkimage"
54 printf "# Set initramfs file\nsetenv initramfs initramfs-${KERNEL_VERSION}.uboot\n\n$(cat "${BOOT_DIR}"/uboot.mkimage)" > "${BOOT_DIR}/uboot.mkimage"
55 55 printf "\nbootz \${kernel_addr_r} \${ramdisk_addr_r} \${fdt_addr_r}" >> "${BOOT_DIR}/uboot.mkimage"
56 56 else # ENABLE_INITRAMFS=false
57 57 # Remove initramfs from U-Boot mkfile
58 58 sed -i '/.*initramfs.*/d' "${BOOT_DIR}/uboot.mkimage"
59 59
60 60 if [ "$BUILD_KERNEL" = false ] ; then
61 61 # Remove dtbfile from U-Boot mkfile
62 62 sed -i '/.*dtbfile.*/d' "${BOOT_DIR}/uboot.mkimage"
63 63 printf "\nbootz \${kernel_addr_r}" >> "${BOOT_DIR}/uboot.mkimage"
64 64 else
65 65 printf "\nbootz \${kernel_addr_r} - \${fdt_addr_r}" >> "${BOOT_DIR}/uboot.mkimage"
66 66 fi
67 67 fi
68 68
69 if [ "$KERNEL_ARCH" = "arm64" ] ; then
69 if [ "$SET_ARCH" = 64 ] ; then
70 70 echo "Setting up config.txt to boot 64bit uboot"
71 {
72 printf "\n# 64bit-mode"
73 printf "\n# arm_control=0x200 is deprecated https://www.raspberrypi.org/documentation/configuration/config-txt/misc.md"
74 printf "\narm_64bit=1"
75 } >> "${BOOT_DIR}/config.txt"
71 76
72 printf "\n# 64bit-mode" >> "${BOOT_DIR}/config.txt"
73 printf "\n# arm_control=0x200 is deprecated https://www.raspberrypi.org/documentation/configuration/config-txt/misc.md" >> "${BOOT_DIR}/config.txt"
74 printf "\narm_64bit=1" >> "${BOOT_DIR}/config.txt"
75
77 #in 64bit uboot booti is used instead of bootz [like in KERNEL_BIN_IMAGE=zImage (armv7)|| Image(armv8)]
76 78 sed -i "s|bootz|booti|g" "${BOOT_DIR}/uboot.mkimage"
77 79 fi
78 80
79 81 # Set mkfile to use the correct dtb file
80 sed -i "s/^\(setenv dtbfile \).*/\1${DTB_FILE}/" "${BOOT_DIR}/uboot.mkimage"
82 sed -i "s|bcm2709-rpi-2-b.dtb|${DTB_FILE}|" "${BOOT_DIR}/uboot.mkimage"
81 83
82 84 # Set mkfile to use the correct mach id
83 85 if [ "$ENABLE_QEMU" = true ] ; then
84 86 sed -i "s/^\(setenv machid \).*/\10x000008e0/" "${BOOT_DIR}/uboot.mkimage"
85 87 fi
86 88
87 89 # Set mkfile to use kernel image
88 sed -i "s/^\(fatload mmc 0:1 \${kernel_addr_r} \).*/\1${KERNEL_IMAGE}/" "${BOOT_DIR}/uboot.mkimage"
90 sed -i "s|kernel7.img|${KERNEL_IMAGE}|" "${BOOT_DIR}/uboot.mkimage"
89 91
90 92 # Remove all leading blank lines
91 93 sed -i "/./,\$!d" "${BOOT_DIR}/uboot.mkimage"
92 94
93 95 # Generate U-Boot bootloader image
94 96 chroot_exec /usr/sbin/mkimage -A "${KERNEL_ARCH}" -O linux -T script -C none -a 0x00000000 -e 0x00000000 -n "RPi${RPI_MODEL}" -d /boot/firmware/uboot.mkimage /boot/firmware/boot.scr
95 97
96 98 # Remove U-Boot sources
97 99 rm -fr "${R}/tmp/u-boot"
98 100 fi
@@ -1,53 +1,53
1 1 #
2 2 # Setup videocore - Raspberry Userland
3 3 #
4 4
5 5 # Load utility functions
6 6 . ./functions.sh
7 7
8 8 if [ "$ENABLE_VIDEOCORE" = true ] ; then
9 9 # Copy existing videocore sources into chroot directory
10 10 if [ -n "$VIDEOCORESRC_DIR" ] && [ -d "$VIDEOCORESRC_DIR" ] ; then
11 # Copy local U-Boot sources
11 # Copy local videocore sources
12 12 cp -r "${VIDEOCORESRC_DIR}" "${R}/tmp/userland"
13 13 else
14 # Create temporary directory for U-Boot sources
14 # Create temporary directory for videocore sources
15 15 temp_dir=$(as_nobody mktemp -d)
16 16
17 # Fetch U-Boot sources
17 # Fetch videocore sources
18 18 as_nobody git -C "${temp_dir}" clone "${VIDEOCORE_URL}"
19 19
20 # Copy downloaded U-Boot sources
20 # Copy downloaded videocore sources
21 21 mv "${temp_dir}/userland" "${R}/tmp/"
22 22
23 23 # Set permissions of the U-Boot sources
24 24 chown -R root:root "${R}/tmp/userland"
25 25
26 26 # Remove temporary directory for U-Boot sources
27 27 rm -fr "${temp_dir}"
28 28 fi
29 29
30 30 # Create build dir
31 31 mkdir "${R}"/tmp/userland/build
32 32
33 33 # push us to build directory
34 pushd "${R}"/tmp/userland/build
34 cd "${R}"/tmp/userland/build
35 35
36 36 if [ "$RELEASE_ARCH" = "arm64" ] ; then
37 37 cmake -DCMAKE_SYSTEM_NAME=Linux -DCMAKE_BUILD_TYPE=release -DARM64=ON -DCMAKE_C_COMPILER=aarch64-linux-gnu-gcc -DCMAKE_CXX_COMPILER=aarch64-linux-gnu-g++ -DCMAKE_ASM_COMPILER=aarch64-linux-gnu-gcc -DCMAKE_C_FLAGS="${CMAKE_C_FLAGS} -U_FORTIFY_SOURCE" -DCMAKE_ASM_FLAGS="${CMAKE_ASM_FLAGS} -c" -DVIDEOCORE_BUILD_DIR="${R}" "${R}/tmp/userland"
38 38 fi
39 39
40 40 if [ "$RELEASE_ARCH" = "armel" ] ; then
41 41 cmake -DCMAKE_SYSTEM_NAME=Linux -DCMAKE_BUILD_TYPE=release -DCMAKE_C_COMPILER=arm-linux-gnueabi-gcc -DCMAKE_CXX_COMPILER=arm-linux-gnueabi-g++ -DCMAKE_ASM_COMPILER=arm-linux-gnueabi-gcc -DCMAKE_C_FLAGS="${CMAKE_C_FLAGS} -U_FORTIFY_SOURCE" -DCMAKE_ASM_FLAGS="${CMAKE_ASM_FLAGS} -c" -DCMAKE_SYSTEM_PROCESSOR="arm" -DVIDEOCORE_BUILD_DIR="${R}" "${R}/tmp/userland"
42 42 fi
43 43
44 44 if [ "$RELEASE_ARCH" = "armhf" ] ; then
45 45 cmake -DCMAKE_SYSTEM_NAME=Linux -DCMAKE_BUILD_TYPE=release -DCMAKE_TOOLCHAIN_FILE="${R}"/tmp/userland/makefiles/cmake/toolchains/arm-linux-gnueabihf.cmake -DVIDEOCORE_BUILD_DIR="${R}" "${R}/tmp/userland"
46 46 fi
47 47
48 48 #build userland
49 49 make -j "$(nproc)"
50 50
51 #pop us out of build dir
52 popd
51 #back to root of scriptdir
52 cd "${WORKDIR}"
53 53 fi
@@ -1,77 +1,77
1 1 # This file contains utility functions used by rpi23-gen-image.sh
2 2
3 3 cleanup (){
4 4 set +x
5 5 set +e
6 6
7 7 # Identify and kill all processes still using files
8 8 echo "killing processes using mount point ..."
9 9 fuser -k "${R}"
10 10 sleep 3
11 11 fuser -9 -k -v "${R}"
12 12
13 13 # Clean up temporary .password file
14 14 if [ -r ".password" ] ; then
15 15 shred -zu .password
16 16 fi
17 17
18 18 # Clean up all temporary mount points
19 19 echo "removing temporary mount points ..."
20 20 umount -l "${R}/proc" 2> /dev/null
21 21 umount -l "${R}/sys" 2> /dev/null
22 22 umount -l "${R}/dev/pts" 2> /dev/null
23 23 umount "$BUILDDIR/mount/boot/firmware" 2> /dev/null
24 24 umount "$BUILDDIR/mount" 2> /dev/null
25 25 cryptsetup close "${CRYPTFS_MAPPING}" 2> /dev/null
26 26 losetup -d "$ROOT_LOOP" 2> /dev/null
27 27 losetup -d "$FRMW_LOOP" 2> /dev/null
28 28 trap - 0 1 2 3 6
29 29 }
30 30
31 31 chroot_exec() {
32 32 # Exec command in chroot
33 LANG=C LC_ALL=C DEBIAN_FRONTEND=noninteractive chroot ${R} $*
33 LANG=C LC_ALL=C DEBIAN_FRONTEND=noninteractive chroot "${R}" "$@"
34 34 }
35 35
36 36 as_nobody() {
37 37 # Exec command as user nobody
38 sudo -E -u nobody LANG=C LC_ALL=C $*
38 sudo -E -u nobody LANG=C LC_ALL=C "$@"
39 39 }
40 40
41 41 install_readonly() {
42 42 # Install file with user read-only permissions
43 install -o root -g root -m 644 $*
43 install -o root -g root -m 644 "$@"
44 44 }
45 45
46 46 install_exec() {
47 47 # Install file with root exec permissions
48 install -o root -g root -m 744 $*
48 install -o root -g root -m 744 "$@"
49 49 }
50 50
51 51 use_template () {
52 52 # Test if configuration template file exists
53 53 if [ ! -r "./templates/${CONFIG_TEMPLATE}" ] ; then
54 54 echo "error: configuration template ${CONFIG_TEMPLATE} not found"
55 55 exit 1
56 56 fi
57 57
58 58 # Load template configuration parameters
59 59 . "./templates/${CONFIG_TEMPLATE}"
60 60 }
61 61
62 62 chroot_install_cc() {
63 63 # Install c/c++ build environment inside the chroot
64 64 if [ -z "${COMPILER_PACKAGES}" ] ; then
65 65 COMPILER_PACKAGES=$(chroot_exec apt-get -s install g++ make bc | grep "^Inst " | awk -v ORS=" " '{ print $2 }')
66 66 # Install COMPILER_PACKAGES in chroot
67 chroot_exec apt-get -q -y --allow-unauthenticated --no-install-recommends install ${COMPILER_PACKAGES}
67 chroot_exec apt-get -q -y --allow-unauthenticated --no-install-recommends install "${COMPILER_PACKAGES}"
68 68 fi
69 69 }
70 70
71 71 chroot_remove_cc() {
72 72 # Remove c/c++ build environment from the chroot
73 if [ ! -z "${COMPILER_PACKAGES}" ] ; then
74 chroot_exec apt-get -qq -y --auto-remove purge ${COMPILER_PACKAGES}
73 if [ -n "${COMPILER_PACKAGES}" ] ; then
74 chroot_exec apt-get -qq -y --auto-remove purge "${COMPILER_PACKAGES}"
75 75 COMPILER_PACKAGES=""
76 76 fi
77 77 }
@@ -1,784 +1,807
1 1 #!/bin/sh
2 2 ########################################################################
3 3 # rpi23-gen-image.sh 2015-2017
4 4 #
5 # Advanced Debian "stretch" and "buster" bootstrap script for RPi2/3
5 # Advanced Debian "stretch" and "buster" bootstrap script for Raspberry Pi
6 6 #
7 7 # This program is free software; you can redistribute it and/or
8 8 # modify it under the terms of the GNU General Public License
9 9 # as published by the Free Software Foundation; either version 2
10 10 # of the License, or (at your option) any later version.
11 11 #
12 12 # Copyright (C) 2015 Jan Wagner <mail@jwagner.eu>
13 13 #
14 14 # Big thanks for patches and enhancements by 20+ github contributors!
15 15 ########################################################################
16 16
17 17 # Are we running as root?
18 18 if [ "$(id -u)" -ne "0" ] ; then
19 19 echo "error: this script must be executed with root privileges!"
20 20 exit 1
21 21 fi
22 22
23 23 # Check if ./functions.sh script exists
24 24 if [ ! -r "./functions.sh" ] ; then
25 25 echo "error: './functions.sh' required script not found!"
26 26 exit 1
27 27 fi
28 28
29 29 # Load utility functions
30 30 . ./functions.sh
31 31
32 32 # Load parameters from configuration template file
33 33 if [ -n "$CONFIG_TEMPLATE" ] ; then
34 34 use_template
35 35 fi
36 36
37 37 # Introduce settings
38 38 set -e
39 echo -n -e "\n#\n# RPi2/3 Bootstrap Settings\n#\n"
39 echo -n -e "\n#\n# RPi 0/1/2/3 Bootstrap Settings\n#\n"
40 40 set -x
41 41
42 42 # Raspberry Pi model configuration
43 43 RPI_MODEL=${RPI_MODEL:=2}
44 44
45 45 # Debian release
46 46 RELEASE=${RELEASE:=buster}
47 47
48 48 # Kernel Branch
49 49 KERNEL_BRANCH=${KERNEL_BRANCH:=""}
50 50
51 51 # URLs
52 52 KERNEL_URL=${KERNEL_URL:=https://github.com/raspberrypi/linux}
53 53 FIRMWARE_URL=${FIRMWARE_URL:=https://github.com/raspberrypi/firmware/raw/master/boot}
54 54 WLAN_FIRMWARE_URL=${WLAN_FIRMWARE_URL:=https://github.com/RPi-Distro/firmware-nonfree/raw/master/brcm}
55 55 COLLABORA_URL=${COLLABORA_URL:=https://repositories.collabora.co.uk/debian}
56 56 FBTURBO_URL=${FBTURBO_URL:=https://github.com/ssvb/xf86-video-fbturbo.git}
57 57 UBOOT_URL=${UBOOT_URL:=https://git.denx.de/u-boot.git}
58 58 VIDEOCORE_URL=${VIDEOCORE_URL:=https://github.com/raspberrypi/userland}
59 59 BLUETOOTH_URL=${BLUETOOTH_URL:=https://github.com/RPi-Distro/pi-bluetooth.git}
60 60
61 61 # Build directories
62 BASEDIR=${BASEDIR:=$(pwd)/images/${RELEASE}}
62 WORKDIR=$(pwd)
63 BASEDIR=${BASEDIR:=${WORKDIR}/images/${RELEASE}}
63 64 BUILDDIR="${BASEDIR}/build"
64 65
65 66 # Chroot directories
66 67 R="${BUILDDIR}/chroot"
67 68 ETC_DIR="${R}/etc"
68 69 LIB_DIR="${R}/lib"
69 70 BOOT_DIR="${R}/boot/firmware"
70 71 KERNEL_DIR="${R}/usr/src/linux"
71 72 WLAN_FIRMWARE_DIR="${LIB_DIR}/firmware/brcm"
73 BLUETOOTH_FIRMWARE_DIR="${ETC_DIR}/firmware/bt"
72 74
73 75 # Firmware directory: Blank if download from github
74 76 RPI_FIRMWARE_DIR=${RPI_FIRMWARE_DIR:=""}
75 77
76 78 # General settings
77 79 SET_ARCH=${SET_ARCH:=32}
78 80 HOSTNAME=${HOSTNAME:=rpi${RPI_MODEL}-${RELEASE}}
79 81 PASSWORD=${PASSWORD:=raspberry}
80 82 USER_PASSWORD=${USER_PASSWORD:=raspberry}
81 83 DEFLOCAL=${DEFLOCAL:="en_US.UTF-8"}
82 84 TIMEZONE=${TIMEZONE:="Europe/Berlin"}
83 85 EXPANDROOT=${EXPANDROOT:=true}
84 86
85 87 # Keyboard settings
86 88 XKB_MODEL=${XKB_MODEL:=""}
87 89 XKB_LAYOUT=${XKB_LAYOUT:=""}
88 90 XKB_VARIANT=${XKB_VARIANT:=""}
89 91 XKB_OPTIONS=${XKB_OPTIONS:=""}
90 92
91 93 # Network settings (DHCP)
92 94 ENABLE_DHCP=${ENABLE_DHCP:=true}
93 95
94 96 # Network settings (static)
95 97 NET_ADDRESS=${NET_ADDRESS:=""}
96 98 NET_GATEWAY=${NET_GATEWAY:=""}
97 99 NET_DNS_1=${NET_DNS_1:=""}
98 100 NET_DNS_2=${NET_DNS_2:=""}
99 101 NET_DNS_DOMAINS=${NET_DNS_DOMAINS:=""}
100 102 NET_NTP_1=${NET_NTP_1:=""}
101 103 NET_NTP_2=${NET_NTP_2:=""}
102 104
103 105 # APT settings
104 106 APT_PROXY=${APT_PROXY:=""}
105 107 APT_SERVER=${APT_SERVER:="ftp.debian.org"}
106 108
107 109 # Feature settings
110 ENABLE_PRINTK=${ENABLE_PRINTK:=false}
111 ENABLE_BLUETOOTH=${ENABLE_BLUETOOTH:=false}
112 ENABLE_MINIUART_OVERLAY=${ENABLE_MINIUART_OVERLAY:=false}
108 113 ENABLE_CONSOLE=${ENABLE_CONSOLE:=true}
109 114 ENABLE_I2C=${ENABLE_I2C:=false}
110 115 ENABLE_SPI=${ENABLE_SPI:=false}
111 116 ENABLE_IPV6=${ENABLE_IPV6:=true}
112 117 ENABLE_SSHD=${ENABLE_SSHD:=true}
113 118 ENABLE_NONFREE=${ENABLE_NONFREE:=false}
114 119 ENABLE_WIRELESS=${ENABLE_WIRELESS:=false}
115 120 ENABLE_SOUND=${ENABLE_SOUND:=true}
116 121 ENABLE_DBUS=${ENABLE_DBUS:=true}
117 122 ENABLE_HWRANDOM=${ENABLE_HWRANDOM:=true}
118 123 ENABLE_MINGPU=${ENABLE_MINGPU:=false}
119 124 ENABLE_XORG=${ENABLE_XORG:=false}
120 125 ENABLE_WM=${ENABLE_WM:=""}
121 126 ENABLE_RSYSLOG=${ENABLE_RSYSLOG:=true}
122 127 ENABLE_USER=${ENABLE_USER:=true}
123 128 USER_NAME=${USER_NAME:="pi"}
124 129 ENABLE_ROOT=${ENABLE_ROOT:=false}
125 130 ENABLE_QEMU=${ENABLE_QEMU:=false}
126 131 ENABLE_SYSVINIT=${ENABLE_SYSVINIT:=false}
127 132
128 133 # SSH settings
129 134 SSH_ENABLE_ROOT=${SSH_ENABLE_ROOT:=false}
130 135 SSH_DISABLE_PASSWORD_AUTH=${SSH_DISABLE_PASSWORD_AUTH:=false}
131 136 SSH_LIMIT_USERS=${SSH_LIMIT_USERS:=false}
132 137 SSH_ROOT_PUB_KEY=${SSH_ROOT_PUB_KEY:=""}
133 138 SSH_USER_PUB_KEY=${SSH_USER_PUB_KEY:=""}
134 139
135 140 # Advanced settings
136 141 ENABLE_MINBASE=${ENABLE_MINBASE:=false}
137 142 ENABLE_REDUCE=${ENABLE_REDUCE:=false}
138 143 ENABLE_UBOOT=${ENABLE_UBOOT:=false}
139 144 UBOOTSRC_DIR=${UBOOTSRC_DIR:=""}
140 145 ENABLE_FBTURBO=${ENABLE_FBTURBO:=false}
141 146 ENABLE_VIDEOCORE=${ENABLE_VIDEOCORE:=false}
142 147 VIDEOCORESRC_DIR=${VIDEOCORESRC_DIR:=""}
143 148 FBTURBOSRC_DIR=${FBTURBOSRC_DIR:=""}
144 149 ENABLE_HARDNET=${ENABLE_HARDNET:=false}
145 150 ENABLE_IPTABLES=${ENABLE_IPTABLES:=false}
146 151 ENABLE_SPLITFS=${ENABLE_SPLITFS:=false}
147 152 ENABLE_INITRAMFS=${ENABLE_INITRAMFS:=false}
148 153 ENABLE_IFNAMES=${ENABLE_IFNAMES:=true}
149 154 DISABLE_UNDERVOLT_WARNINGS=${DISABLE_UNDERVOLT_WARNINGS:=}
150 155
151 156 # Kernel compilation settings
152 157 BUILD_KERNEL=${BUILD_KERNEL:=true}
153 158 KERNEL_REDUCE=${KERNEL_REDUCE:=false}
154 159 KERNEL_THREADS=${KERNEL_THREADS:=1}
155 160 KERNEL_HEADERS=${KERNEL_HEADERS:=true}
156 161 KERNEL_MENUCONFIG=${KERNEL_MENUCONFIG:=false}
157 162 KERNEL_REMOVESRC=${KERNEL_REMOVESRC:=true}
158 163 KERNEL_OLDDEFCONFIG=${KERNEL_OLDDEFCONFIG:=false}
159 164 KERNEL_CCACHE=${KERNEL_CCACHE:=false}
160 165
161 166 # Kernel compilation from source directory settings
162 167 KERNELSRC_DIR=${KERNELSRC_DIR:=""}
163 168 KERNELSRC_CLEAN=${KERNELSRC_CLEAN:=false}
164 169 KERNELSRC_CONFIG=${KERNELSRC_CONFIG:=true}
165 170 KERNELSRC_PREBUILT=${KERNELSRC_PREBUILT:=false}
166 171
167 172 # Reduce disk usage settings
168 173 REDUCE_APT=${REDUCE_APT:=true}
169 174 REDUCE_DOC=${REDUCE_DOC:=true}
170 175 REDUCE_MAN=${REDUCE_MAN:=true}
171 176 REDUCE_VIM=${REDUCE_VIM:=false}
172 177 REDUCE_BASH=${REDUCE_BASH:=false}
173 178 REDUCE_HWDB=${REDUCE_HWDB:=true}
174 179 REDUCE_SSHD=${REDUCE_SSHD:=true}
175 180 REDUCE_LOCALE=${REDUCE_LOCALE:=true}
176 181
177 182 # Encrypted filesystem settings
178 183 ENABLE_CRYPTFS=${ENABLE_CRYPTFS:=false}
179 184 CRYPTFS_PASSWORD=${CRYPTFS_PASSWORD:=""}
180 185 CRYPTFS_MAPPING=${CRYPTFS_MAPPING:="secure"}
181 186 CRYPTFS_CIPHER=${CRYPTFS_CIPHER:="aes-xts-plain64:sha512"}
182 187 CRYPTFS_XTSKEYSIZE=${CRYPTFS_XTSKEYSIZE:=512}
183 188
184 189 # Chroot scripts directory
185 190 CHROOT_SCRIPTS=${CHROOT_SCRIPTS:=""}
186 191
187 192 # Packages required in the chroot build environment
188 193 APT_INCLUDES=${APT_INCLUDES:=""}
189 APT_INCLUDES="${APT_INCLUDES},apt-transport-https,apt-utils,ca-certificates,debian-archive-keyring,dialog,sudo,systemd,sysvinit-utils,locales,keyboard-configuration,console-setup"
194 APT_INCLUDES="${APT_INCLUDES},apt-transport-https,apt-utils,ca-certificates,debian-archive-keyring,dialog,sudo,systemd,sysvinit-utils,locales,keyboard-configuration,console-setup,libnss-systemd"
190 195
191 196 # Packages to exclude from chroot build environment
192 197 APT_EXCLUDES=${APT_EXCLUDES:=""}
193 198
194 199 # Packages required for bootstrapping
195 200 REQUIRED_PACKAGES="debootstrap debian-archive-keyring qemu-user-static binfmt-support dosfstools rsync bmap-tools whois git bc psmisc dbus sudo"
196 201 MISSING_PACKAGES=""
197 202
198 203 # Packages installed for c/c++ build environment in chroot (keep empty)
199 204 COMPILER_PACKAGES=""
200 205
201 206 set +x
202 207
208 #Check if apt-cacher-ng has port 3142 open and set APT_PROXY
209 APT_CACHER_RUNNING=$(lsof -i :3142 | grep apt-cacher-ng | cut -d ' ' -f3 | uniq)
210 if [ -n "${APT_CACHER_RUNNING}" ] ; then
211 APT_PROXY=http://127.0.0.1:3142/
212 fi
213
203 214 # Setup architecture specific settings
204 215 if [ -n "$SET_ARCH" ] ; then
205 # 64 bit configuration
216 # 64-bit configuration
206 217 if [ "$SET_ARCH" = 64 ] ; then
207 # General 64 bit depended settings
218 # General 64-bit depended settings
208 219 QEMU_BINARY=${QEMU_BINARY:=/usr/bin/qemu-aarch64-static}
209 220 KERNEL_ARCH=${KERNEL_ARCH:=arm64}
210 221 KERNEL_BIN_IMAGE=${KERNEL_BIN_IMAGE:="Image"}
211 222
212 # Board specific settings
223 # Raspberry Pi model specific settings
213 224 if [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] ; then
214 225 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} crossbuild-essential-arm64"
215 226 KERNEL_DEFCONFIG=${KERNEL_DEFCONFIG:=bcmrpi3_defconfig}
216 227 RELEASE_ARCH=${RELEASE_ARCH:=arm64}
217 228 KERNEL_IMAGE=${KERNEL_IMAGE:=kernel8.img}
218 229 CROSS_COMPILE=${CROSS_COMPILE:=aarch64-linux-gnu-}
219 230 else
220 echo "error: Only Raspberry PI 3 and 3B+ support 64 bit"
231 echo "error: Only Raspberry PI 3 and 3B+ support 64-bit"
221 232 exit 1
222 233 fi
223 234 fi
224 235
225 # 32 bit configuration
236 # 32-bit configuration
226 237 if [ "$SET_ARCH" = 32 ] ; then
227 # General 32 bit dependend settings
238 # General 32-bit dependend settings
228 239 QEMU_BINARY=${QEMU_BINARY:=/usr/bin/qemu-arm-static}
229 240 KERNEL_ARCH=${KERNEL_ARCH:=arm}
230 241 KERNEL_BIN_IMAGE=${KERNEL_BIN_IMAGE:="zImage"}
231 242
232 # Hardware specific settings
243 # Raspberry Pi model specific settings
233 244 if [ "$RPI_MODEL" = 0 ] || [ "$RPI_MODEL" = 1 ] || [ "$RPI_MODEL" = 1P ] ; then
234 245 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} crossbuild-essential-armel"
235 246 KERNEL_DEFCONFIG=${KERNEL_DEFCONFIG:=bcmrpi_defconfig}
236 247 RELEASE_ARCH=${RELEASE_ARCH:=armel}
237 248 KERNEL_IMAGE=${KERNEL_IMAGE:=kernel.img}
238 249 CROSS_COMPILE=${CROSS_COMPILE:=arm-linux-gnueabi-}
239 250 fi
240 251
241 # Hardware specific settings
252 # Raspberry Pi model specific settings
242 253 if [ "$RPI_MODEL" = 2 ] || [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] ; then
243 254 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} crossbuild-essential-armhf"
244 255 KERNEL_DEFCONFIG=${KERNEL_DEFCONFIG:=bcm2709_defconfig}
245 256 RELEASE_ARCH=${RELEASE_ARCH:=armhf}
246 257 KERNEL_IMAGE=${KERNEL_IMAGE:=kernel7.img}
247 258 CROSS_COMPILE=${CROSS_COMPILE:=arm-linux-gnueabihf-}
248 259 fi
249 260 fi
250 261 #SET_ARCH not set
251 262 else
252 263 echo "error: Please set '32' or '64' as value for SET_ARCH"
253 264 exit 1
254 265 fi
255 266 # Device specific configuration and U-Boot configuration
256 267 case "$RPI_MODEL" in
257 268 0)
258 269 DTB_FILE=${DTB_FILE:=bcm2708-rpi-0-w.dtb}
259 270 UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_defconfig}
260 271 ;;
261 272 1)
262 273 DTB_FILE=${DTB_FILE:=bcm2708-rpi-b.dtb}
263 274 UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_defconfig}
264 275 ;;
265 276 1P)
266 277 DTB_FILE=${DTB_FILE:=bcm2708-rpi-b-plus.dtb}
267 278 UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_defconfig}
268 279 ;;
269 280 2)
270 281 DTB_FILE=${DTB_FILE:=bcm2709-rpi-2-b.dtb}
271 282 UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_2_defconfig}
272 283 ;;
273 284 3)
274 285 DTB_FILE=${DTB_FILE:=bcm2710-rpi-3-b.dtb}
275 286 UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_3_defconfig}
276 287 ;;
277 288 3P)
278 289 DTB_FILE=${DTB_FILE:=bcm2710-rpi-3-b.dtb}
279 290 UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_3_defconfig}
280 291 ;;
281 292 *)
282 293 echo "error: Raspberry Pi model $RPI_MODEL is not supported!"
283 294 exit 1
284 295 ;;
285 296 esac
286 297
298 # Raspberry PI 0,3,3P with Bluetooth and Wifi onboard
299 if [ "$RPI_MODEL" = 0 ] || [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] ; then
300 # Include bluetooth packages on supported boards
301 if [ "$ENABLE_BLUETOOTH" = true ] && [ "$ENABLE_CONSOLE" = false ]; then
302 APT_INCLUDES="${APT_INCLUDES},bluetooth,bluez"
303 fi
304 else # Raspberry PI 1,1P,2 without Wifi and bluetooth onboard
305 # Check if the internal wireless interface is not supported by the RPi model
306 if [ "$ENABLE_WIRELESS" = true ] || [ "$ENABLE_BLUETOOTH" = true ]; then
307 echo "error: The selected Raspberry Pi model has no integrated interface for wireless or bluetooth"
308 exit 1
309 fi
310 fi
311
287 312 # Prepare date string for default image file name
288 313 DATE="$(date +%Y-%m-%d)"
289 314 if [ -z "$KERNEL_BRANCH" ] ; then
290 315 IMAGE_NAME=${IMAGE_NAME:=${BASEDIR}/${DATE}-${KERNEL_ARCH}-CURRENT-rpi${RPI_MODEL}-${RELEASE}-${RELEASE_ARCH}}
291 316 else
292 317 IMAGE_NAME=${IMAGE_NAME:=${BASEDIR}/${DATE}-${KERNEL_ARCH}-${KERNEL_BRANCH}-rpi${RPI_MODEL}-${RELEASE}-${RELEASE_ARCH}}
293 318 fi
294 319
295 # Check if the internal wireless interface is supported by the RPi model
296 if [ "$ENABLE_WIRELESS" = true ] ; then
297 if [ "$RPI_MODEL" = 1 ] || [ "$RPI_MODEL" = 1P ] || [ "$RPI_MODEL" = 2 ] ; then
298 echo "error: The selected Raspberry Pi model has no internal wireless interface"
299 exit 1
300 else
301 echo "Raspberry Pi $RPI_MODEL has WIFI support"
302 fi
303 fi
304
305 320 # Check if DISABLE_UNDERVOLT_WARNINGS parameter value is supported
306 321 if [ -n "$DISABLE_UNDERVOLT_WARNINGS" ] ; then
307 322 if [ "$DISABLE_UNDERVOLT_WARNINGS" != 1 ] && [ "$DISABLE_UNDERVOLT_WARNINGS" != 2 ] ; then
308 323 echo "error: DISABLE_UNDERVOLT_WARNINGS=${DISABLE_UNDERVOLT_WARNINGS} is not supported"
309 324 exit 1
310 325 fi
311 326 fi
312 327
313 328 # Add cmake to compile videocore sources
314 329 if [ "$ENABLE_VIDEOCORE" = true ] ; then
315 330 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} cmake"
316 331 fi
317 332
318 333 # Add libncurses5 to enable kernel menuconfig
319 334 if [ "$KERNEL_MENUCONFIG" = true ] ; then
320 335 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} libncurses-dev"
321 336 fi
322 337
323 338 # Add ccache compiler cache for (faster) kernel cross (re)compilation
324 339 if [ "$KERNEL_CCACHE" = true ] ; then
325 340 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} ccache"
326 341 fi
327 342
328 343 # Add cryptsetup package to enable filesystem encryption
329 344 if [ "$ENABLE_CRYPTFS" = true ] && [ "$BUILD_KERNEL" = true ] ; then
330 345 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} cryptsetup"
331 346 APT_INCLUDES="${APT_INCLUDES},cryptsetup,busybox,console-setup"
332 347
333 348 if [ -z "$CRYPTFS_PASSWORD" ] ; then
334 349 echo "error: no password defined (CRYPTFS_PASSWORD)!"
335 350 exit 1
336 351 fi
337 352 ENABLE_INITRAMFS=true
338 353 fi
339 354
340 355 # Add initramfs generation tools
341 356 if [ "$ENABLE_INITRAMFS" = true ] && [ "$BUILD_KERNEL" = true ] ; then
342 357 APT_INCLUDES="${APT_INCLUDES},initramfs-tools"
343 358 fi
344 359
345 360 # Add device-tree-compiler required for building the U-Boot bootloader
346 361 if [ "$ENABLE_UBOOT" = true ] ; then
347 362 APT_INCLUDES="${APT_INCLUDES},device-tree-compiler,bison,flex,bc"
348 363 fi
349 364
365 if [ "$ENABLE_BLUETOOTH" = true ] ; then
366 if [ "$RPI_MODEL" = 0 ] || [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] ; then
367 if [ "$ENABLE_CONSOLE" = false ] ; then
368 APT_INCLUDES="${APT_INCLUDES},bluetooth,bluez"
369 fi
370 fi
371 fi
372
350 373 # Check if root SSH (v2) public key file exists
351 374 if [ -n "$SSH_ROOT_PUB_KEY" ] ; then
352 375 if [ ! -f "$SSH_ROOT_PUB_KEY" ] ; then
353 376 echo "error: '$SSH_ROOT_PUB_KEY' specified SSH public key file not found (SSH_ROOT_PUB_KEY)!"
354 377 exit 1
355 378 fi
356 379 fi
357 380
358 381 # Check if $USER_NAME SSH (v2) public key file exists
359 382 if [ -n "$SSH_USER_PUB_KEY" ] ; then
360 383 if [ ! -f "$SSH_USER_PUB_KEY" ] ; then
361 384 echo "error: '$SSH_USER_PUB_KEY' specified SSH public key file not found (SSH_USER_PUB_KEY)!"
362 385 exit 1
363 386 fi
364 387 fi
365 388
366 389 # Check if all required packages are installed on the build system
367 390 for package in $REQUIRED_PACKAGES ; do
368 if [ "$(dpkg-query -W -f='${Status}' $package)" != "install ok installed" ] ; then
391 if [ "$(dpkg-query -W -f='${Status}' "$package")" != "install ok installed" ] ; then
369 392 MISSING_PACKAGES="${MISSING_PACKAGES} $package"
370 393 fi
371 394 done
372 395
373 396 # If there are missing packages ask confirmation for install, or exit
374 397 if [ -n "$MISSING_PACKAGES" ] ; then
375 398 echo "the following packages needed by this script are not installed:"
376 399 echo "$MISSING_PACKAGES"
377 400
378 401 printf "\ndo you want to install the missing packages right now? [y/n] "
379 402 read -r confirm
380 403 [ "$confirm" != "y" ] && exit 1
381 404
382 405 # Make sure all missing required packages are installed
383 apt-get -qq -y install "${MISSING_PACKAGES}"
406 apt-get -qq -y install `echo "${MISSING_PACKAGES}" | sed "s/ //"`
384 407 fi
385 408
386 409 # Check if ./bootstrap.d directory exists
387 410 if [ ! -d "./bootstrap.d/" ] ; then
388 411 echo "error: './bootstrap.d' required directory not found!"
389 412 exit 1
390 413 fi
391 414
392 415 # Check if ./files directory exists
393 416 if [ ! -d "./files/" ] ; then
394 417 echo "error: './files' required directory not found!"
395 418 exit 1
396 419 fi
397 420
398 421 # Check if specified KERNELSRC_DIR directory exists
399 422 if [ -n "$KERNELSRC_DIR" ] && [ ! -d "$KERNELSRC_DIR" ] ; then
400 423 echo "error: '${KERNELSRC_DIR}' specified directory not found (KERNELSRC_DIR)!"
401 424 exit 1
402 425 fi
403 426
404 427 # Check if specified UBOOTSRC_DIR directory exists
405 428 if [ -n "$UBOOTSRC_DIR" ] && [ ! -d "$UBOOTSRC_DIR" ] ; then
406 429 echo "error: '${UBOOTSRC_DIR}' specified directory not found (UBOOTSRC_DIR)!"
407 430 exit 1
408 431 fi
409 432
410 433 # Check if specified VIDEOCORESRC_DIR directory exists
411 434 if [ -n "$VIDEOCORESRC_DIR" ] && [ ! -d "$VIDEOCORESRC_DIR" ] ; then
412 435 echo "error: '${VIDEOCORESRC_DIR}' specified directory not found (VIDEOCORESRC_DIR)!"
413 436 exit 1
414 437 fi
415 438
416 439 # Check if specified FBTURBOSRC_DIR directory exists
417 440 if [ -n "$FBTURBOSRC_DIR" ] && [ ! -d "$FBTURBOSRC_DIR" ] ; then
418 441 echo "error: '${FBTURBOSRC_DIR}' specified directory not found (FBTURBOSRC_DIR)!"
419 442 exit 1
420 443 fi
421 444
422 445 # Check if specified CHROOT_SCRIPTS directory exists
423 446 if [ -n "$CHROOT_SCRIPTS" ] && [ ! -d "$CHROOT_SCRIPTS" ] ; then
424 447 echo "error: ${CHROOT_SCRIPTS} specified directory not found (CHROOT_SCRIPTS)!"
425 448 exit 1
426 449 fi
427 450
428 451 # Check if specified device mapping already exists (will be used by cryptsetup)
429 452 if [ -r "/dev/mapping/${CRYPTFS_MAPPING}" ] ; then
430 453 echo "error: mapping /dev/mapping/${CRYPTFS_MAPPING} already exists, not proceeding"
431 454 exit 1
432 455 fi
433 456
434 457 # Don't clobber an old build
435 458 if [ -e "$BUILDDIR" ] ; then
436 459 echo "error: directory ${BUILDDIR} already exists, not proceeding"
437 460 exit 1
438 461 fi
439 462
440 463 # Setup chroot directory
441 464 mkdir -p "${R}"
442 465
443 466 # Check if build directory has enough of free disk space >512MB
444 467 if [ "$(df --output=avail "${BUILDDIR}" | sed "1d")" -le "524288" ] ; then
445 468 echo "error: ${BUILDDIR} not enough space left to generate the output image!"
446 469 exit 1
447 470 fi
448 471
449 472 set -x
450 473
451 474 # Call "cleanup" function on various signals and errors
452 475 trap cleanup 0 1 2 3 6
453 476
454 477 # Add required packages for the minbase installation
455 478 if [ "$ENABLE_MINBASE" = true ] ; then
456 479 APT_INCLUDES="${APT_INCLUDES},vim-tiny,netbase,net-tools,ifupdown"
457 480 fi
458 481
459 482 # Add parted package, required to get partprobe utility
460 483 if [ "$EXPANDROOT" = true ] ; then
461 484 APT_INCLUDES="${APT_INCLUDES},parted"
462 485 fi
463 486
464 487 # Add dbus package, recommended if using systemd
465 488 if [ "$ENABLE_DBUS" = true ] ; then
466 489 APT_INCLUDES="${APT_INCLUDES},dbus"
467 490 fi
468 491
469 492 # Add iptables IPv4/IPv6 package
470 493 if [ "$ENABLE_IPTABLES" = true ] ; then
471 494 APT_INCLUDES="${APT_INCLUDES},iptables,iptables-persistent"
472 495 fi
473 496
474 497 # Add openssh server package
475 498 if [ "$ENABLE_SSHD" = true ] ; then
476 499 APT_INCLUDES="${APT_INCLUDES},openssh-server"
477 500 fi
478 501
479 502 # Add alsa-utils package
480 503 if [ "$ENABLE_SOUND" = true ] ; then
481 504 APT_INCLUDES="${APT_INCLUDES},alsa-utils"
482 505 fi
483 506
484 507 # Add rng-tools package
485 508 if [ "$ENABLE_HWRANDOM" = true ] ; then
486 509 APT_INCLUDES="${APT_INCLUDES},rng-tools"
487 510 fi
488 511
489 512 # Add fbturbo video driver
490 513 if [ "$ENABLE_FBTURBO" = true ] ; then
491 514 # Enable xorg package dependencies
492 515 ENABLE_XORG=true
493 516 fi
494 517
495 518 # Add user defined window manager package
496 519 if [ -n "$ENABLE_WM" ] ; then
497 520 APT_INCLUDES="${APT_INCLUDES},${ENABLE_WM}"
498 521
499 522 # Enable xorg package dependencies
500 523 ENABLE_XORG=true
501 524 fi
502 525
503 526 # Add xorg package
504 527 if [ "$ENABLE_XORG" = true ] ; then
505 528 APT_INCLUDES="${APT_INCLUDES},xorg,dbus-x11"
506 529 fi
507 530
508 531 # Replace selected packages with smaller clones
509 532 if [ "$ENABLE_REDUCE" = true ] ; then
510 533 # Add levee package instead of vim-tiny
511 534 if [ "$REDUCE_VIM" = true ] ; then
512 535 APT_INCLUDES="$(echo ${APT_INCLUDES} | sed "s/vim-tiny/levee/")"
513 536 fi
514 537
515 538 # Add dropbear package instead of openssh-server
516 539 if [ "$REDUCE_SSHD" = true ] ; then
517 540 APT_INCLUDES="$(echo "${APT_INCLUDES}" | sed "s/openssh-server/dropbear/")"
518 541 fi
519 542 fi
520 543
521 544 # Configure systemd-sysv exclude to make halt/reboot/shutdown scripts available
522 545 if [ "$ENABLE_SYSVINIT" = false ] ; then
523 546 APT_EXCLUDES="--exclude=${APT_EXCLUDES},init,systemd-sysv"
524 547 fi
525 548
526 549 # Check if kernel is getting compiled
527 550 if [ "$BUILD_KERNEL" = false ] ; then
528 551 echo "Downloading precompiled kernel"
529 552 echo "error: not configured"
530 553 exit 1;
531 554 # BUILD_KERNEL=true
532 555 else
533 556 echo "No precompiled kernel repositories were added"
534 557 fi
535 558
536 559 # Configure kernel sources if no KERNELSRC_DIR
537 560 if [ "$BUILD_KERNEL" = true ] && [ -z "$KERNELSRC_DIR" ] ; then
538 561 KERNELSRC_CONFIG=true
539 562 fi
540 563
541 564 # Configure reduced kernel
542 565 if [ "$KERNEL_REDUCE" = true ] ; then
543 566 KERNELSRC_CONFIG=false
544 567 fi
545 568
546 569 # Configure qemu compatible kernel
547 570 if [ "$ENABLE_QEMU" = true ] ; then
548 571 DTB_FILE=vexpress-v2p-ca15_a7.dtb
549 572 UBOOT_CONFIG=vexpress_ca15_tc2_defconfig
550 573 KERNEL_DEFCONFIG="vexpress_defconfig"
551 574 if [ "$KERNEL_MENUCONFIG" = false ] ; then
552 575 KERNEL_OLDDEFCONFIG=true
553 576 fi
554 577 fi
555 578
556 579 # Execute bootstrap scripts
557 580 for SCRIPT in bootstrap.d/*.sh; do
558 581 head -n 3 "$SCRIPT"
559 582 . "$SCRIPT"
560 583 done
561 584
562 585 ## Execute custom bootstrap scripts
563 586 if [ -d "custom.d" ] ; then
564 587 for SCRIPT in custom.d/*.sh; do
565 588 . "$SCRIPT"
566 589 done
567 590 fi
568 591
569 592 # Execute custom scripts inside the chroot
570 593 if [ -n "$CHROOT_SCRIPTS" ] && [ -d "$CHROOT_SCRIPTS" ] ; then
571 594 cp -r "${CHROOT_SCRIPTS}" "${R}/chroot_scripts"
572 595 chroot_exec /bin/bash -x <<'EOF'
573 596 for SCRIPT in /chroot_scripts/* ; do
574 597 if [ -f $SCRIPT -a -x $SCRIPT ] ; then
575 598 $SCRIPT
576 599 fi
577 600 done
578 601 EOF
579 602 rm -rf "${R}/chroot_scripts"
580 603 fi
581 604
582 605 # Remove c/c++ build environment from the chroot
583 606 chroot_remove_cc
584 607
585 608 # Generate required machine-id
586 609 MACHINE_ID=$(dbus-uuidgen)
587 610 echo -n "${MACHINE_ID}" > "${R}/var/lib/dbus/machine-id"
588 611 echo -n "${MACHINE_ID}" > "${ETC_DIR}/machine-id"
589 612
590 613 # APT Cleanup
591 614 chroot_exec apt-get -y clean
592 615 chroot_exec apt-get -y autoclean
593 616 chroot_exec apt-get -y autoremove
594 617
595 618 # Unmount mounted filesystems
596 619 umount -l "${R}/proc"
597 620 umount -l "${R}/sys"
598 621
599 622 # Clean up directories
600 623 rm -rf "${R}/run/*"
601 624 rm -rf "${R}/tmp/*"
602 625
603 626 # Clean up files
604 627 rm -f "${ETC_DIR}/ssh/ssh_host_*"
605 628 rm -f "${ETC_DIR}/dropbear/dropbear_*"
606 629 rm -f "${ETC_DIR}/apt/sources.list.save"
607 630 rm -f "${ETC_DIR}/resolvconf/resolv.conf.d/original"
608 631 rm -f "${ETC_DIR}/*-"
609 632 rm -f "${ETC_DIR}/apt/apt.conf.d/10proxy"
610 633 rm -f "${ETC_DIR}/resolv.conf"
611 634 rm -f "${R}/root/.bash_history"
612 635 rm -f "${R}/var/lib/urandom/random-seed"
613 636 rm -f "${R}/initrd.img"
614 637 rm -f "${R}/vmlinuz"
615 638 rm -f "${R}${QEMU_BINARY}"
616 639
617 640 if [ "$ENABLE_QEMU" = true ] ; then
618 641 # Setup QEMU directory
619 642 mkdir "${BASEDIR}/qemu"
620 643
621 644 # Copy kernel image to QEMU directory
622 645 install_readonly "${BOOT_DIR}/${KERNEL_IMAGE}" "${BASEDIR}/qemu/${KERNEL_IMAGE}"
623 646
624 647 # Copy kernel config to QEMU directory
625 648 install_readonly "${R}/boot/config-${KERNEL_VERSION}" "${BASEDIR}/qemu/config-${KERNEL_VERSION}"
626 649
627 650 # Copy kernel dtbs to QEMU directory
628 651 for dtb in "${BOOT_DIR}/"*.dtb ; do
629 652 if [ -f "${dtb}" ] ; then
630 653 install_readonly "${dtb}" "${BASEDIR}/qemu/"
631 654 fi
632 655 done
633 656
634 657 # Copy kernel overlays to QEMU directory
635 658 if [ -d "${BOOT_DIR}/overlays" ] ; then
636 659 # Setup overlays dtbs directory
637 660 mkdir "${BASEDIR}/qemu/overlays"
638 661
639 662 for dtb in "${BOOT_DIR}/overlays/"*.dtb ; do
640 663 if [ -f "${dtb}" ] ; then
641 664 install_readonly "${dtb}" "${BASEDIR}/qemu/overlays/"
642 665 fi
643 666 done
644 667 fi
645 668
646 669 # Copy u-boot files to QEMU directory
647 670 if [ "$ENABLE_UBOOT" = true ] ; then
648 671 if [ -f "${BOOT_DIR}/u-boot.bin" ] ; then
649 672 install_readonly "${BOOT_DIR}/u-boot.bin" "${BASEDIR}/qemu/u-boot.bin"
650 673 fi
651 674 if [ -f "${BOOT_DIR}/uboot.mkimage" ] ; then
652 675 install_readonly "${BOOT_DIR}/uboot.mkimage" "${BASEDIR}/qemu/uboot.mkimage"
653 676 fi
654 677 if [ -f "${BOOT_DIR}/boot.scr" ] ; then
655 678 install_readonly "${BOOT_DIR}/boot.scr" "${BASEDIR}/qemu/boot.scr"
656 679 fi
657 680 fi
658 681
659 682 # Copy initramfs to QEMU directory
660 683 if [ -f "${BOOT_DIR}/initramfs-${KERNEL_VERSION}" ] ; then
661 684 install_readonly "${BOOT_DIR}/initramfs-${KERNEL_VERSION}" "${BASEDIR}/qemu/initramfs-${KERNEL_VERSION}"
662 685 fi
663 686 fi
664 687
665 688 # Calculate size of the chroot directory in KB
666 689 CHROOT_SIZE=$(expr "$(du -s "${R}" | awk '{ print $1 }')")
667 690
668 691 # Calculate the amount of needed 512 Byte sectors
669 692 TABLE_SECTORS=$(expr 1 \* 1024 \* 1024 \/ 512)
670 693 FRMW_SECTORS=$(expr 64 \* 1024 \* 1024 \/ 512)
671 694 ROOT_OFFSET=$(expr "${TABLE_SECTORS}" + "${FRMW_SECTORS}")
672 695
673 696 # The root partition is EXT4
674 697 # This means more space than the actual used space of the chroot is used.
675 698 # As overhead for journaling and reserved blocks 35% are added.
676 699 ROOT_SECTORS=$(expr "$(expr "${CHROOT_SIZE}" + "${CHROOT_SIZE}" \/ 100 \* 35)" \* 1024 \/ 512)
677 700
678 701 # Calculate required image size in 512 Byte sectors
679 702 IMAGE_SECTORS=$(expr "${TABLE_SECTORS}" + "${FRMW_SECTORS}" + "${ROOT_SECTORS}")
680 703
681 704 # Prepare image file
682 705 if [ "$ENABLE_SPLITFS" = true ] ; then
683 706 dd if=/dev/zero of="$IMAGE_NAME-frmw.img" bs=512 count="${TABLE_SECTORS}"
684 707 dd if=/dev/zero of="$IMAGE_NAME-frmw.img" bs=512 count=0 seek="${FRMW_SECTORS}"
685 708 dd if=/dev/zero of="$IMAGE_NAME-root.img" bs=512 count="${TABLE_SECTORS}"
686 709 dd if=/dev/zero of="$IMAGE_NAME-root.img" bs=512 count=0 seek="${ROOT_SECTORS}"
687 710
688 711 # Write firmware/boot partition tables
689 712 sfdisk -q -L -uS -f "$IMAGE_NAME-frmw.img" 2> /dev/null <<EOM
690 713 ${TABLE_SECTORS},${FRMW_SECTORS},c,*
691 714 EOM
692 715
693 716 # Write root partition table
694 717 sfdisk -q -L -uS -f "$IMAGE_NAME-root.img" 2> /dev/null <<EOM
695 718 ${TABLE_SECTORS},${ROOT_SECTORS},83
696 719 EOM
697 720
698 721 # Setup temporary loop devices
699 722 FRMW_LOOP="$(losetup -o 1M --sizelimit 64M -f --show "$IMAGE_NAME"-frmw.img)"
700 723 ROOT_LOOP="$(losetup -o 1M -f --show "$IMAGE_NAME"-root.img)"
701 724 else # ENABLE_SPLITFS=false
702 725 dd if=/dev/zero of="$IMAGE_NAME.img" bs=512 count="${TABLE_SECTORS}"
703 726 dd if=/dev/zero of="$IMAGE_NAME.img" bs=512 count=0 seek="${IMAGE_SECTORS}"
704 727
705 728 # Write partition table
706 729 sfdisk -q -L -uS -f "$IMAGE_NAME.img" 2> /dev/null <<EOM
707 730 ${TABLE_SECTORS},${FRMW_SECTORS},c,*
708 731 ${ROOT_OFFSET},${ROOT_SECTORS},83
709 732 EOM
710 733
711 734 # Setup temporary loop devices
712 735 FRMW_LOOP="$(losetup -o 1M --sizelimit 64M -f --show "$IMAGE_NAME".img)"
713 736 ROOT_LOOP="$(losetup -o 65M -f --show "$IMAGE_NAME".img)"
714 737 fi
715 738
716 739 if [ "$ENABLE_CRYPTFS" = true ] ; then
717 740 # Create dummy ext4 fs
718 741 mkfs.ext4 "$ROOT_LOOP"
719 742
720 743 # Setup password keyfile
721 744 touch .password
722 745 chmod 600 .password
723 746 echo -n ${CRYPTFS_PASSWORD} > .password
724 747
725 748 # Initialize encrypted partition
726 749 echo "YES" | cryptsetup luksFormat "${ROOT_LOOP}" -c "${CRYPTFS_CIPHER}" -s "${CRYPTFS_XTSKEYSIZE}" .password
727 750
728 751 # Open encrypted partition and setup mapping
729 752 cryptsetup luksOpen "${ROOT_LOOP}" -d .password "${CRYPTFS_MAPPING}"
730 753
731 754 # Secure delete password keyfile
732 755 shred -zu .password
733 756
734 757 # Update temporary loop device
735 758 ROOT_LOOP="/dev/mapper/${CRYPTFS_MAPPING}"
736 759
737 760 # Wipe encrypted partition (encryption cipher is used for randomness)
738 761 dd if=/dev/zero of="${ROOT_LOOP}" bs=512 count="$(blockdev --getsz "${ROOT_LOOP}")"
739 762 fi
740 763
741 764 # Build filesystems
742 765 mkfs.vfat "$FRMW_LOOP"
743 766 mkfs.ext4 "$ROOT_LOOP"
744 767
745 768 # Mount the temporary loop devices
746 769 mkdir -p "$BUILDDIR/mount"
747 770 mount "$ROOT_LOOP" "$BUILDDIR/mount"
748 771
749 772 mkdir -p "$BUILDDIR/mount/boot/firmware"
750 773 mount "$FRMW_LOOP" "$BUILDDIR/mount/boot/firmware"
751 774
752 775 # Copy all files from the chroot to the loop device mount point directory
753 776 rsync -a "${R}/" "$BUILDDIR/mount/"
754 777
755 778 # Unmount all temporary loop devices and mount points
756 779 cleanup
757 780
758 781 # Create block map file(s) of image(s)
759 782 if [ "$ENABLE_SPLITFS" = true ] ; then
760 783 # Create block map files for "bmaptool"
761 784 bmaptool create -o "$IMAGE_NAME-frmw.bmap" "$IMAGE_NAME-frmw.img"
762 785 bmaptool create -o "$IMAGE_NAME-root.bmap" "$IMAGE_NAME-root.img"
763 786
764 787 # Image was successfully created
765 788 echo "$IMAGE_NAME-frmw.img ($(expr \( "${TABLE_SECTORS}" + "${FRMW_SECTORS}" \) \* 512 \/ 1024 \/ 1024)M)" ": successfully created"
766 789 echo "$IMAGE_NAME-root.img ($(expr \( "${TABLE_SECTORS}" + "${ROOT_SECTORS}" \) \* 512 \/ 1024 \/ 1024)M)" ": successfully created"
767 790 else
768 791 # Create block map file for "bmaptool"
769 792 bmaptool create -o "$IMAGE_NAME.bmap" "$IMAGE_NAME.img"
770 793
771 794 # Image was successfully created
772 795 echo "$IMAGE_NAME.img ($(expr \( "${TABLE_SECTORS}" + "${FRMW_SECTORS}" + "${ROOT_SECTORS}" \) \* 512 \/ 1024 \/ 1024)M)" ": successfully created"
773 796
774 797 # Create qemu qcow2 image
775 798 if [ "$ENABLE_QEMU" = true ] ; then
776 799 QEMU_IMAGE=${QEMU_IMAGE:=${BASEDIR}/qemu/${DATE}-${KERNEL_ARCH}-CURRENT-rpi${RPI_MODEL}-${RELEASE}-${RELEASE_ARCH}}
777 800 QEMU_SIZE=16G
778 801
779 802 qemu-img convert -f raw -O qcow2 "$IMAGE_NAME".img "$QEMU_IMAGE".qcow2
780 803 qemu-img resize "$QEMU_IMAGE".qcow2 $QEMU_SIZE
781 804
782 805 echo "$QEMU_IMAGE.qcow2 ($QEMU_SIZE)" ": successfully created"
783 806 fi
784 807 fi
@@ -1,3 +1,4
1 1 # Configuration template file used by rpi23-gen-image.sh
2 RPI_MODEL=2
2 3 RELEASE=stretch
3 4 BUILD_KERNEL=true
@@ -1,4 +1,6
1 1 # Configuration template file used by rpi23-gen-image.sh
2 2 RPI_MODEL=3
3 3 RELEASE=buster
4 4 BUILD_KERNEL=true
5 # ENABLE_WIRELESS=false
6 # ENABLE_BLUETOOTH=false
@@ -1,4 +1,6
1 1 # Configuration template file used by rpi23-gen-image.sh
2 2 RPI_MODEL=3
3 3 RELEASE=stretch
4 4 BUILD_KERNEL=true
5 # ENABLE_WIRELESS=false
6 # ENABLE_BLUETOOTH=false
General Comments 0
Vous devez vous connecter pour laisser un commentaire. Se connecter maintenant