##// END OF EJS Templates
missing quotes and fi
Unknown -
r670:c4edbe6fc8fe
parent child
Show More
@@ -1,865 +1,866
1 #
1 #
2 # Build and Setup RPi2/3 Kernel
2 # Build and Setup RPi2/3 Kernel
3 #
3 #
4
4
5 # Load utility functions
5 # Load utility functions
6 . ./functions.sh
6 . ./functions.sh
7
7
8 # Need to use kali kernel src if nexmon is enabled
8 # Need to use kali kernel src if nexmon is enabled
9 if [ "$ENABLE_NEXMON" = true ] ; then
9 if [ "$ENABLE_NEXMON" = true ] ; then
10 KERNEL_URL="${KALI_KERNEL_URL}"
10 KERNEL_URL="${KALI_KERNEL_URL}"
11 # Clear Branch and KernelSRC_DIR if using nexmon. Everyone will forget to clone kali kernel instead of nomrla kernel
11 # Clear Branch and KernelSRC_DIR if using nexmon. Everyone will forget to clone kali kernel instead of nomrla kernel
12 KERNEL_BRANCH=""
12 KERNEL_BRANCH=""
13 KERNELSRC_DIR=""
13 KERNELSRC_DIR=""
14 fi
14 fi
15
15
16 # Fetch and build latest raspberry kernel
16 # Fetch and build latest raspberry kernel
17 if [ "$BUILD_KERNEL" = true ] ; then
17 if [ "$BUILD_KERNEL" = true ] ; then
18 # Setup source directory
18 # Setup source directory
19 mkdir -p "${KERNEL_DIR}"
19 mkdir -p "${KERNEL_DIR}"
20
20
21 # Copy existing kernel sources into chroot directory
21 # Copy existing kernel sources into chroot directory
22 if [ -n "$KERNELSRC_DIR" ] && [ -d "$KERNELSRC_DIR" ] ; then
22 if [ -n "$KERNELSRC_DIR" ] && [ -d "$KERNELSRC_DIR" ] ; then
23 # Copy kernel sources and include hidden files
23 # Copy kernel sources and include hidden files
24 cp -r "${KERNELSRC_DIR}/". "${KERNEL_DIR}"
24 cp -r "${KERNELSRC_DIR}/". "${KERNEL_DIR}"
25
25
26 # Clean the kernel sources
26 # Clean the kernel sources
27 if [ "$KERNELSRC_CLEAN" = true ] && [ "$KERNELSRC_PREBUILT" = false ] ; then
27 if [ "$KERNELSRC_CLEAN" = true ] && [ "$KERNELSRC_PREBUILT" = false ] ; then
28 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" mrproper
28 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" mrproper
29 fi
29 fi
30 else # KERNELSRC_DIR=""
30 else # KERNELSRC_DIR=""
31 # Create temporary directory for kernel sources
31 # Create temporary directory for kernel sources
32 temp_dir=$(as_nobody mktemp -d)
32 temp_dir=$(as_nobody mktemp -d)
33
33
34 # Fetch current RPi2/3 kernel sources
34 # Fetch current RPi2/3 kernel sources
35 if [ -z "${KERNEL_BRANCH}" ] ; then
35 if [ -z "${KERNEL_BRANCH}" ] ; then
36 as_nobody -H git -C "${temp_dir}" clone --depth=1 "${KERNEL_URL}" linux
36 as_nobody -H git -C "${temp_dir}" clone --depth=1 "${KERNEL_URL}" linux
37 else
37 else
38 as_nobody -H git -C "${temp_dir}" clone --depth=1 --branch "${KERNEL_BRANCH}" "${KERNEL_URL}" linux
38 as_nobody -H git -C "${temp_dir}" clone --depth=1 --branch "${KERNEL_BRANCH}" "${KERNEL_URL}" linux
39 fi
39 fi
40
40
41 # Copy downloaded kernel sources
41 # Copy downloaded kernel sources
42 cp -r "${temp_dir}/linux/"* "${KERNEL_DIR}"
42 cp -r "${temp_dir}/linux/"* "${KERNEL_DIR}"
43
43
44 # Remove temporary directory for kernel sources
44 # Remove temporary directory for kernel sources
45 rm -fr "${temp_dir}"
45 rm -fr "${temp_dir}"
46
46
47 # Set permissions of the kernel sources
47 # Set permissions of the kernel sources
48 chown -R root:root "${R}/usr/src"
48 chown -R root:root "${R}/usr/src"
49 fi
49 fi
50
50
51 # Calculate optimal number of kernel building threads
51 # Calculate optimal number of kernel building threads
52 if [ "$KERNEL_THREADS" = "1" ] && [ -r /proc/cpuinfo ] ; then
52 if [ "$KERNEL_THREADS" = "1" ] && [ -r /proc/cpuinfo ] ; then
53 KERNEL_THREADS=$(grep -c processor /proc/cpuinfo)
53 KERNEL_THREADS=$(grep -c processor /proc/cpuinfo)
54 fi
54 fi
55
55
56 #Copy 32bit config to 64bit
56 #Copy 32bit config to 64bit
57 if [ "$ENABLE_QEMU" = true ] && [ "$KERNEL_ARCH" = arm64 ]; then
57 if [ "$ENABLE_QEMU" = true ] && [ "$KERNEL_ARCH" = arm64 ]; then
58 cp "${KERNEL_DIR}"/arch/arm/configs/vexpress_defconfig "${KERNEL_DIR}"/arch/arm64/configs/
58 cp "${KERNEL_DIR}"/arch/arm/configs/vexpress_defconfig "${KERNEL_DIR}"/arch/arm64/configs/
59 fi
59 fi
60
60
61 # Configure and build kernel
61 # Configure and build kernel
62 if [ "$KERNELSRC_PREBUILT" = false ] ; then
62 if [ "$KERNELSRC_PREBUILT" = false ] ; then
63 # Remove device, network and filesystem drivers from kernel configuration
63 # Remove device, network and filesystem drivers from kernel configuration
64 if [ "$KERNEL_REDUCE" = true ] ; then
64 if [ "$KERNEL_REDUCE" = true ] ; then
65 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" "${KERNEL_DEFCONFIG}"
65 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" "${KERNEL_DEFCONFIG}"
66 sed -i\
66 sed -i\
67 -e "s/\(^CONFIG_SND.*\=\).*/\1n/"\
67 -e "s/\(^CONFIG_SND.*\=\).*/\1n/"\
68 -e "s/\(^CONFIG_SOUND.*\=\).*/\1n/"\
68 -e "s/\(^CONFIG_SOUND.*\=\).*/\1n/"\
69 -e "s/\(^CONFIG_AC97.*\=\).*/\1n/"\
69 -e "s/\(^CONFIG_AC97.*\=\).*/\1n/"\
70 -e "s/\(^CONFIG_VIDEO_.*\=\).*/\1n/"\
70 -e "s/\(^CONFIG_VIDEO_.*\=\).*/\1n/"\
71 -e "s/\(^CONFIG_MEDIA_TUNER.*\=\).*/\1n/"\
71 -e "s/\(^CONFIG_MEDIA_TUNER.*\=\).*/\1n/"\
72 -e "s/\(^CONFIG_DVB.*\=\)[ym]/\1n/"\
72 -e "s/\(^CONFIG_DVB.*\=\)[ym]/\1n/"\
73 -e "s/\(^CONFIG_REISERFS.*\=\).*/\1n/"\
73 -e "s/\(^CONFIG_REISERFS.*\=\).*/\1n/"\
74 -e "s/\(^CONFIG_JFS.*\=\).*/\1n/"\
74 -e "s/\(^CONFIG_JFS.*\=\).*/\1n/"\
75 -e "s/\(^CONFIG_XFS.*\=\).*/\1n/"\
75 -e "s/\(^CONFIG_XFS.*\=\).*/\1n/"\
76 -e "s/\(^CONFIG_GFS2.*\=\).*/\1n/"\
76 -e "s/\(^CONFIG_GFS2.*\=\).*/\1n/"\
77 -e "s/\(^CONFIG_OCFS2.*\=\).*/\1n/"\
77 -e "s/\(^CONFIG_OCFS2.*\=\).*/\1n/"\
78 -e "s/\(^CONFIG_BTRFS.*\=\).*/\1n/"\
78 -e "s/\(^CONFIG_BTRFS.*\=\).*/\1n/"\
79 -e "s/\(^CONFIG_HFS.*\=\).*/\1n/"\
79 -e "s/\(^CONFIG_HFS.*\=\).*/\1n/"\
80 -e "s/\(^CONFIG_JFFS2.*\=\)[ym]/\1n/"\
80 -e "s/\(^CONFIG_JFFS2.*\=\)[ym]/\1n/"\
81 -e "s/\(^CONFIG_UBIFS.*\=\).*/\1n/"\
81 -e "s/\(^CONFIG_UBIFS.*\=\).*/\1n/"\
82 -e "s/\(^CONFIG_SQUASHFS.*\=\)[ym]/\1n/"\
82 -e "s/\(^CONFIG_SQUASHFS.*\=\)[ym]/\1n/"\
83 -e "s/\(^CONFIG_W1.*\=\)[ym]/\1n/"\
83 -e "s/\(^CONFIG_W1.*\=\)[ym]/\1n/"\
84 -e "s/\(^CONFIG_HAMRADIO.*\=\).*/\1n/"\
84 -e "s/\(^CONFIG_HAMRADIO.*\=\).*/\1n/"\
85 -e "s/\(^CONFIG_CAN.*\=\).*/\1n/"\
85 -e "s/\(^CONFIG_CAN.*\=\).*/\1n/"\
86 -e "s/\(^CONFIG_IRDA.*\=\).*/\1n/"\
86 -e "s/\(^CONFIG_IRDA.*\=\).*/\1n/"\
87 -e "s/\(^CONFIG_BT_.*\=\).*/\1n/"\
87 -e "s/\(^CONFIG_BT_.*\=\).*/\1n/"\
88 -e "s/\(^CONFIG_WIMAX.*\=\)[ym]/\1n/"\
88 -e "s/\(^CONFIG_WIMAX.*\=\)[ym]/\1n/"\
89 -e "s/\(^CONFIG_6LOWPAN.*\=\).*/\1n/"\
89 -e "s/\(^CONFIG_6LOWPAN.*\=\).*/\1n/"\
90 -e "s/\(^CONFIG_IEEE802154.*\=\).*/\1n/"\
90 -e "s/\(^CONFIG_IEEE802154.*\=\).*/\1n/"\
91 -e "s/\(^CONFIG_NFC.*\=\).*/\1n/"\
91 -e "s/\(^CONFIG_NFC.*\=\).*/\1n/"\
92 -e "s/\(^CONFIG_FB_TFT=.*\=\).*/\1n/"\
92 -e "s/\(^CONFIG_FB_TFT=.*\=\).*/\1n/"\
93 -e "s/\(^CONFIG_TOUCHSCREEN.*\=\).*/\1n/"\
93 -e "s/\(^CONFIG_TOUCHSCREEN.*\=\).*/\1n/"\
94 -e "s/\(^CONFIG_USB_GSPCA_.*\=\).*/\1n/"\
94 -e "s/\(^CONFIG_USB_GSPCA_.*\=\).*/\1n/"\
95 -e "s/\(^CONFIG_DRM.*\=\).*/\1n/"\
95 -e "s/\(^CONFIG_DRM.*\=\).*/\1n/"\
96 "${KERNEL_DIR}/.config"
96 "${KERNEL_DIR}/.config"
97 fi
97 fi
98
98
99 if [ "$KERNELSRC_CONFIG" = true ] ; then
99 if [ "$KERNELSRC_CONFIG" = true ] ; then
100 # Load default raspberry kernel configuration
100 # Load default raspberry kernel configuration
101 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" "${KERNEL_DEFCONFIG}"
101 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" "${KERNEL_DEFCONFIG}"
102
102
103 #Switch to KERNELSRC_DIR so we can use set_kernel_config
103 #Switch to KERNELSRC_DIR so we can use set_kernel_config
104 cd "${KERNEL_DIR}" || exit
104 cd "${KERNEL_DIR}" || exit
105
105
106 if [ "$KERNEL_ARCH" = arm64 ] ; then
106 if [ "$KERNEL_ARCH" = arm64 ] ; then
107 if [ "$KERNEL_ARCH" = arm64 ] && [ "$ENABLE_QEMU" = false ]; then
107 if [ "$KERNEL_ARCH" = arm64 ] && [ "$ENABLE_QEMU" = false ]; then
108 # Mask this temporarily during switch to rpi-4.19.y
108 # Mask this temporarily during switch to rpi-4.19.y
109 #Fix SD_DRIVER upstream and downstream mess in 64bit RPIdeb_config
109 #Fix SD_DRIVER upstream and downstream mess in 64bit RPIdeb_config
110 # use correct driver MMC_BCM2835_MMC instead of MMC_BCM2835_SDHOST - see https://www.raspberrypi.org/forums/viewtopic.php?t=210225
110 # use correct driver MMC_BCM2835_MMC instead of MMC_BCM2835_SDHOST - see https://www.raspberrypi.org/forums/viewtopic.php?t=210225
111 #set_kernel_config CONFIG_MMC_BCM2835 n
111 #set_kernel_config CONFIG_MMC_BCM2835 n
112 #set_kernel_config CONFIG_MMC_SDHCI_IPROC n
112 #set_kernel_config CONFIG_MMC_SDHCI_IPROC n
113 #set_kernel_config CONFIG_USB_DWC2 n
113 #set_kernel_config CONFIG_USB_DWC2 n
114 #sed -i "s|depends on MMC_BCM2835_MMC && MMC_BCM2835_DMA|depends on MMC_BCM2835_MMC|" "${KERNEL_DIR}"/drivers/mmc/host/Kconfig
114 #sed -i "s|depends on MMC_BCM2835_MMC && MMC_BCM2835_DMA|depends on MMC_BCM2835_MMC|" "${KERNEL_DIR}"/drivers/mmc/host/Kconfig
115
115
116 #VLAN got disabled without reason in arm64bit
116 #VLAN got disabled without reason in arm64bit
117 set_kernel_config CONFIG_IPVLAN m
117 set_kernel_config CONFIG_IPVLAN m
118 fi
118 fi
119
119
120 # enable ZSWAP see https://askubuntu.com/a/472227 or https://wiki.archlinux.org/index.php/zswap
120 # enable ZSWAP see https://askubuntu.com/a/472227 or https://wiki.archlinux.org/index.php/zswap
121 if [ "$KERNEL_ZSWAP" = true ] ; then
121 if [ "$KERNEL_ZSWAP" = true ] ; then
122 set_kernel_config CONFIG_ZPOOL y
122 set_kernel_config CONFIG_ZPOOL y
123 set_kernel_config CONFIG_ZSWAP y
123 set_kernel_config CONFIG_ZSWAP y
124 set_kernel_config CONFIG_ZBUD y
124 set_kernel_config CONFIG_ZBUD y
125 set_kernel_config CONFIG_Z3FOLD y
125 set_kernel_config CONFIG_Z3FOLD y
126 set_kernel_config CONFIG_ZSMALLOC y
126 set_kernel_config CONFIG_ZSMALLOC y
127 set_kernel_config CONFIG_PGTABLE_MAPPING y
127 set_kernel_config CONFIG_PGTABLE_MAPPING y
128 set_kernel_config CONFIG_LZO_COMPRESS y
128 set_kernel_config CONFIG_LZO_COMPRESS y
129 fi
129 fi
130
130
131 if [ RPI_MODEL = 4 ] ; then
131 if [ "$RPI_MODEL" = 4 ] ; then
132 # Following are set in current 32-bit LPAE kernel
132 # Following are set in current 32-bit LPAE kernel
133 set_kernel_config CONFIG_CGROUP_PIDS y
133 set_kernel_config CONFIG_CGROUP_PIDS y
134 set_kernel_config CONFIG_NET_IPVTI m
134 set_kernel_config CONFIG_NET_IPVTI m
135 set_kernel_config CONFIG_NF_TABLES_SET m
135 set_kernel_config CONFIG_NF_TABLES_SET m
136 set_kernel_config CONFIG_NF_TABLES_INET y
136 set_kernel_config CONFIG_NF_TABLES_INET y
137 set_kernel_config CONFIG_NF_TABLES_NETDEV y
137 set_kernel_config CONFIG_NF_TABLES_NETDEV y
138 set_kernel_config CONFIG_NF_FLOW_TABLE m
138 set_kernel_config CONFIG_NF_FLOW_TABLE m
139 set_kernel_config CONFIG_NFT_FLOW_OFFLOAD m
139 set_kernel_config CONFIG_NFT_FLOW_OFFLOAD m
140 set_kernel_config CONFIG_NFT_CONNLIMIT m
140 set_kernel_config CONFIG_NFT_CONNLIMIT m
141 set_kernel_config CONFIG_NFT_TUNNEL m
141 set_kernel_config CONFIG_NFT_TUNNEL m
142 set_kernel_config CONFIG_NFT_OBJREF m
142 set_kernel_config CONFIG_NFT_OBJREF m
143 set_kernel_config CONFIG_NFT_FIB_IPV4 m
143 set_kernel_config CONFIG_NFT_FIB_IPV4 m
144 set_kernel_config CONFIG_NFT_FIB_IPV6 m
144 set_kernel_config CONFIG_NFT_FIB_IPV6 m
145 set_kernel_config CONFIG_NFT_FIB_INET m
145 set_kernel_config CONFIG_NFT_FIB_INET m
146 set_kernel_config CONFIG_NFT_SOCKET m
146 set_kernel_config CONFIG_NFT_SOCKET m
147 set_kernel_config CONFIG_NFT_OSF m
147 set_kernel_config CONFIG_NFT_OSF m
148 set_kernel_config CONFIG_NFT_TPROXY m
148 set_kernel_config CONFIG_NFT_TPROXY m
149 set_kernel_config CONFIG_NF_DUP_NETDEV m
149 set_kernel_config CONFIG_NF_DUP_NETDEV m
150 set_kernel_config CONFIG_NFT_DUP_NETDEV m
150 set_kernel_config CONFIG_NFT_DUP_NETDEV m
151 set_kernel_config CONFIG_NFT_FWD_NETDEV m
151 set_kernel_config CONFIG_NFT_FWD_NETDEV m
152 set_kernel_config CONFIG_NFT_FIB_NETDEV m
152 set_kernel_config CONFIG_NFT_FIB_NETDEV m
153 set_kernel_config CONFIG_NF_FLOW_TABLE_INET m
153 set_kernel_config CONFIG_NF_FLOW_TABLE_INET m
154 set_kernel_config CONFIG_NF_FLOW_TABLE m
154 set_kernel_config CONFIG_NF_FLOW_TABLE m
155 set_kernel_config CONFIG_NETFILTER_XT_MATCH_SOCKET m
155 set_kernel_config CONFIG_NETFILTER_XT_MATCH_SOCKET m
156 set_kernel_config CONFIG_NFT_CHAIN_ROUTE_IPV6 m
156 set_kernel_config CONFIG_NFT_CHAIN_ROUTE_IPV6 m
157 set_kernel_config CONFIG_NFT_CHAIN_NAT_IPV6 m
157 set_kernel_config CONFIG_NFT_CHAIN_NAT_IPV6 m
158 set_kernel_config CONFIG_NFT_MASQ_IPV6 m
158 set_kernel_config CONFIG_NFT_MASQ_IPV6 m
159 set_kernel_config CONFIG_NFT_REDIR_IPV6 m
159 set_kernel_config CONFIG_NFT_REDIR_IPV6 m
160 set_kernel_config CONFIG_NFT_REJECT_IPV6 m
160 set_kernel_config CONFIG_NFT_REJECT_IPV6 m
161 set_kernel_config CONFIG_NFT_DUP_IPV6 m
161 set_kernel_config CONFIG_NFT_DUP_IPV6 m
162 set_kernel_config CONFIG_NFT_FIB_IPV6 m
162 set_kernel_config CONFIG_NFT_FIB_IPV6 m
163 set_kernel_config CONFIG_NF_FLOW_TABLE_IPV6 m
163 set_kernel_config CONFIG_NF_FLOW_TABLE_IPV6 m
164 set_kernel_config CONFIG_NF_TABLES_BRIDGE m
164 set_kernel_config CONFIG_NF_TABLES_BRIDGE m
165 set_kernel_config CONFIG_NFT_BRIDGE_REJECT m
165 set_kernel_config CONFIG_NFT_BRIDGE_REJECT m
166 set_kernel_config CONFIG_NF_LOG_BRIDGE m
166 set_kernel_config CONFIG_NF_LOG_BRIDGE m
167 set_kernel_config CONFIG_MT76_CORE m
167 set_kernel_config CONFIG_MT76_CORE m
168 set_kernel_config CONFIG_MT76_LEDS m
168 set_kernel_config CONFIG_MT76_LEDS m
169 set_kernel_config CONFIG_MT76_USB m
169 set_kernel_config CONFIG_MT76_USB m
170 set_kernel_config CONFIG_MT76x2_COMMON m
170 set_kernel_config CONFIG_MT76x2_COMMON m
171 set_kernel_config CONFIG_MT76x0U m
171 set_kernel_config CONFIG_MT76x0U m
172 set_kernel_config CONFIG_MT76x2U m
172 set_kernel_config CONFIG_MT76x2U m
173 set_kernel_config CONFIG_TOUCHSCREEN_ILI210X m
173 set_kernel_config CONFIG_TOUCHSCREEN_ILI210X m
174 set_kernel_config CONFIG_BCM_VC_SM m
174 set_kernel_config CONFIG_BCM_VC_SM m
175 set_kernel_config CONFIG_BCM2835_SMI_DEV m
175 set_kernel_config CONFIG_BCM2835_SMI_DEV m
176 set_kernel_config CONFIG_RPIVID_MEM m
176 set_kernel_config CONFIG_RPIVID_MEM m
177 set_kernel_config CONFIG_HW_RANDOM_BCM2835 y
177 set_kernel_config CONFIG_HW_RANDOM_BCM2835 y
178 set_kernel_config CONFIG_TCG_TPM m
178 set_kernel_config CONFIG_TCG_TPM m
179 set_kernel_config CONFIG_HW_RANDOM_TPM y
179 set_kernel_config CONFIG_HW_RANDOM_TPM y
180 set_kernel_config CONFIG_TCG_TIS m
180 set_kernel_config CONFIG_TCG_TIS m
181 set_kernel_config CONFIG_TCG_TIS_SPI m
181 set_kernel_config CONFIG_TCG_TIS_SPI m
182 set_kernel_config CONFIG_I2C_MUX m
182 set_kernel_config CONFIG_I2C_MUX m
183 set_kernel_config CONFIG_I2C_MUX_GPMUX m
183 set_kernel_config CONFIG_I2C_MUX_GPMUX m
184 set_kernel_config CONFIG_I2C_MUX_PCA954x m
184 set_kernel_config CONFIG_I2C_MUX_PCA954x m
185 set_kernel_config CONFIG_SPI_GPIO m
185 set_kernel_config CONFIG_SPI_GPIO m
186 set_kernel_config CONFIG_BATTERY_MAX17040 m
186 set_kernel_config CONFIG_BATTERY_MAX17040 m
187 set_kernel_config CONFIG_SENSORS_GPIO_FAN m
187 set_kernel_config CONFIG_SENSORS_GPIO_FAN m
188 set_kernel_config CONFIG_SENSORS_RASPBERRYPI_HWMON m
188 set_kernel_config CONFIG_SENSORS_RASPBERRYPI_HWMON m
189 set_kernel_config CONFIG_BCM2835_THERMAL y
189 set_kernel_config CONFIG_BCM2835_THERMAL y
190 set_kernel_config CONFIG_RC_CORE y
190 set_kernel_config CONFIG_RC_CORE y
191 set_kernel_config CONFIG_RC_MAP y
191 set_kernel_config CONFIG_RC_MAP y
192 set_kernel_config CONFIG_LIRC y
192 set_kernel_config CONFIG_LIRC y
193 set_kernel_config CONFIG_RC_DECODERS y
193 set_kernel_config CONFIG_RC_DECODERS y
194 set_kernel_config CONFIG_IR_NEC_DECODER m
194 set_kernel_config CONFIG_IR_NEC_DECODER m
195 set_kernel_config CONFIG_IR_RC5_DECODER m
195 set_kernel_config CONFIG_IR_RC5_DECODER m
196 set_kernel_config CONFIG_IR_RC6_DECODER m
196 set_kernel_config CONFIG_IR_RC6_DECODER m
197 set_kernel_config CONFIG_IR_JVC_DECODER m
197 set_kernel_config CONFIG_IR_JVC_DECODER m
198 set_kernel_config CONFIG_IR_SONY_DECODER m
198 set_kernel_config CONFIG_IR_SONY_DECODER m
199 set_kernel_config CONFIG_IR_SANYO_DECODER m
199 set_kernel_config CONFIG_IR_SANYO_DECODER m
200 set_kernel_config CONFIG_IR_SHARP_DECODER m
200 set_kernel_config CONFIG_IR_SHARP_DECODER m
201 set_kernel_config CONFIG_IR_MCE_KBD_DECODER m
201 set_kernel_config CONFIG_IR_MCE_KBD_DECODER m
202 set_kernel_config CONFIG_IR_XMP_DECODER m
202 set_kernel_config CONFIG_IR_XMP_DECODER m
203 set_kernel_config CONFIG_IR_IMON_DECODER m
203 set_kernel_config CONFIG_IR_IMON_DECODER m
204 set_kernel_config CONFIG_RC_DEVICES y
204 set_kernel_config CONFIG_RC_DEVICES y
205 set_kernel_config CONFIG_RC_ATI_REMOTE m
205 set_kernel_config CONFIG_RC_ATI_REMOTE m
206 set_kernel_config CONFIG_IR_IMON m
206 set_kernel_config CONFIG_IR_IMON m
207 set_kernel_config CONFIG_IR_MCEUSB m
207 set_kernel_config CONFIG_IR_MCEUSB m
208 set_kernel_config CONFIG_IR_REDRAT3 m
208 set_kernel_config CONFIG_IR_REDRAT3 m
209 set_kernel_config CONFIG_IR_STREAMZAP m
209 set_kernel_config CONFIG_IR_STREAMZAP m
210 set_kernel_config CONFIG_IR_IGUANA m
210 set_kernel_config CONFIG_IR_IGUANA m
211 set_kernel_config CONFIG_IR_TTUSBIR m
211 set_kernel_config CONFIG_IR_TTUSBIR m
212 set_kernel_config CONFIG_RC_LOOPBACK m
212 set_kernel_config CONFIG_RC_LOOPBACK m
213 set_kernel_config CONFIG_IR_GPIO_CIR m
213 set_kernel_config CONFIG_IR_GPIO_CIR m
214 set_kernel_config CONFIG_IR_GPIO_TX m
214 set_kernel_config CONFIG_IR_GPIO_TX m
215 set_kernel_config CONFIG_IR_PWM_TX m
215 set_kernel_config CONFIG_IR_PWM_TX m
216 set_kernel_config CONFIG_VIDEO_V4L2_SUBDEV_API y
216 set_kernel_config CONFIG_VIDEO_V4L2_SUBDEV_API y
217 set_kernel_config CONFIG_VIDEO_AU0828_RC y
217 set_kernel_config CONFIG_VIDEO_AU0828_RC y
218 set_kernel_config CONFIG_VIDEO_CX231XX m
218 set_kernel_config CONFIG_VIDEO_CX231XX m
219 set_kernel_config CONFIG_VIDEO_CX231XX_RC y
219 set_kernel_config CONFIG_VIDEO_CX231XX_RC y
220 set_kernel_config CONFIG_VIDEO_CX231XX_ALSA m
220 set_kernel_config CONFIG_VIDEO_CX231XX_ALSA m
221 set_kernel_config CONFIG_VIDEO_CX231XX_DVB m
221 set_kernel_config CONFIG_VIDEO_CX231XX_DVB m
222 set_kernel_config CONFIG_VIDEO_TM6000 m
222 set_kernel_config CONFIG_VIDEO_TM6000 m
223 set_kernel_config CONFIG_VIDEO_TM6000_ALSA m
223 set_kernel_config CONFIG_VIDEO_TM6000_ALSA m
224 set_kernel_config CONFIG_VIDEO_TM6000_DVB m
224 set_kernel_config CONFIG_VIDEO_TM6000_DVB m
225 set_kernel_config CONFIG_DVB_USB m
225 set_kernel_config CONFIG_DVB_USB m
226 set_kernel_config CONFIG_DVB_USB_DIB3000MC m
226 set_kernel_config CONFIG_DVB_USB_DIB3000MC m
227 set_kernel_config CONFIG_DVB_USB_A800 m
227 set_kernel_config CONFIG_DVB_USB_A800 m
228 set_kernel_config CONFIG_DVB_USB_DIBUSB_MB m
228 set_kernel_config CONFIG_DVB_USB_DIBUSB_MB m
229 set_kernel_config CONFIG_DVB_USB_DIBUSB_MB_FAULTY y
229 set_kernel_config CONFIG_DVB_USB_DIBUSB_MB_FAULTY y
230 set_kernel_config CONFIG_DVB_USB_DIBUSB_MC m
230 set_kernel_config CONFIG_DVB_USB_DIBUSB_MC m
231 set_kernel_config CONFIG_DVB_USB_DIB0700 m
231 set_kernel_config CONFIG_DVB_USB_DIB0700 m
232 set_kernel_config CONFIG_DVB_USB_UMT_010 m
232 set_kernel_config CONFIG_DVB_USB_UMT_010 m
233 set_kernel_config CONFIG_DVB_USB_CXUSB m
233 set_kernel_config CONFIG_DVB_USB_CXUSB m
234 set_kernel_config CONFIG_DVB_USB_M920X m
234 set_kernel_config CONFIG_DVB_USB_M920X m
235 set_kernel_config CONFIG_DVB_USB_DIGITV m
235 set_kernel_config CONFIG_DVB_USB_DIGITV m
236 set_kernel_config CONFIG_DVB_USB_VP7045 m
236 set_kernel_config CONFIG_DVB_USB_VP7045 m
237 set_kernel_config CONFIG_DVB_USB_VP702X m
237 set_kernel_config CONFIG_DVB_USB_VP702X m
238 set_kernel_config CONFIG_DVB_USB_GP8PSK m
238 set_kernel_config CONFIG_DVB_USB_GP8PSK m
239 set_kernel_config CONFIG_DVB_USB_NOVA_T_USB2 m
239 set_kernel_config CONFIG_DVB_USB_NOVA_T_USB2 m
240 set_kernel_config CONFIG_DVB_USB_TTUSB2 m
240 set_kernel_config CONFIG_DVB_USB_TTUSB2 m
241 set_kernel_config CONFIG_DVB_USB_DTT200U m
241 set_kernel_config CONFIG_DVB_USB_DTT200U m
242 set_kernel_config CONFIG_DVB_USB_OPERA1 m
242 set_kernel_config CONFIG_DVB_USB_OPERA1 m
243 set_kernel_config CONFIG_DVB_USB_AF9005 m
243 set_kernel_config CONFIG_DVB_USB_AF9005 m
244 set_kernel_config CONFIG_DVB_USB_AF9005_REMOTE m
244 set_kernel_config CONFIG_DVB_USB_AF9005_REMOTE m
245 set_kernel_config CONFIG_DVB_USB_PCTV452E m
245 set_kernel_config CONFIG_DVB_USB_PCTV452E m
246 set_kernel_config CONFIG_DVB_USB_DW2102 m
246 set_kernel_config CONFIG_DVB_USB_DW2102 m
247 set_kernel_config CONFIG_DVB_USB_CINERGY_T2 m
247 set_kernel_config CONFIG_DVB_USB_CINERGY_T2 m
248 set_kernel_config CONFIG_DVB_USB_DTV5100 m
248 set_kernel_config CONFIG_DVB_USB_DTV5100 m
249 set_kernel_config CONFIG_DVB_USB_AZ6027 m
249 set_kernel_config CONFIG_DVB_USB_AZ6027 m
250 set_kernel_config CONFIG_DVB_USB_TECHNISAT_USB2 m
250 set_kernel_config CONFIG_DVB_USB_TECHNISAT_USB2 m
251 set_kernel_config CONFIG_DVB_USB_AF9015 m
251 set_kernel_config CONFIG_DVB_USB_AF9015 m
252 set_kernel_config CONFIG_DVB_USB_LME2510 m
252 set_kernel_config CONFIG_DVB_USB_LME2510 m
253 set_kernel_config CONFIG_DVB_USB_RTL28XXU m
253 set_kernel_config CONFIG_DVB_USB_RTL28XXU m
254 set_kernel_config CONFIG_VIDEO_EM28XX_RC m
254 set_kernel_config CONFIG_VIDEO_EM28XX_RC m
255 set_kernel_config CONFIG_SMS_SIANO_RC m
255 set_kernel_config CONFIG_SMS_SIANO_RC m
256 set_kernel_config CONFIG_VIDEO_IR_I2C m
256 set_kernel_config CONFIG_VIDEO_IR_I2C m
257 set_kernel_config CONFIG_VIDEO_ADV7180 m
257 set_kernel_config CONFIG_VIDEO_ADV7180 m
258 set_kernel_config CONFIG_VIDEO_TC358743 m
258 set_kernel_config CONFIG_VIDEO_TC358743 m
259 set_kernel_config CONFIG_VIDEO_OV5647 m
259 set_kernel_config CONFIG_VIDEO_OV5647 m
260 set_kernel_config CONFIG_DVB_M88DS3103 m
260 set_kernel_config CONFIG_DVB_M88DS3103 m
261 set_kernel_config CONFIG_DVB_AF9013 m
261 set_kernel_config CONFIG_DVB_AF9013 m
262 set_kernel_config CONFIG_DVB_RTL2830 m
262 set_kernel_config CONFIG_DVB_RTL2830 m
263 set_kernel_config CONFIG_DVB_RTL2832 m
263 set_kernel_config CONFIG_DVB_RTL2832 m
264 set_kernel_config CONFIG_DVB_SI2168 m
264 set_kernel_config CONFIG_DVB_SI2168 m
265 set_kernel_config CONFIG_DVB_GP8PSK_FE m
265 set_kernel_config CONFIG_DVB_GP8PSK_FE m
266 set_kernel_config CONFIG_DVB_USB m
266 set_kernel_config CONFIG_DVB_USB m
267 set_kernel_config CONFIG_DVB_LGDT3306A m
267 set_kernel_config CONFIG_DVB_LGDT3306A m
268 set_kernel_config CONFIG_FB_SIMPLE y
268 set_kernel_config CONFIG_FB_SIMPLE y
269 set_kernel_config CONFIG_SND_BCM2708_SOC_IQAUDIO_CODEC m
269 set_kernel_config CONFIG_SND_BCM2708_SOC_IQAUDIO_CODEC m
270 set_kernel_config CONFIG_SND_BCM2708_SOC_I_SABRE_Q2M m
270 set_kernel_config CONFIG_SND_BCM2708_SOC_I_SABRE_Q2M m
271 set_kernel_config CONFIG_SND_AUDIOSENSE_PI m
271 set_kernel_config CONFIG_SND_AUDIOSENSE_PI m
272 set_kernel_config CONFIG_SND_SOC_AD193X m
272 set_kernel_config CONFIG_SND_SOC_AD193X m
273 set_kernel_config CONFIG_SND_SOC_AD193X_SPI m
273 set_kernel_config CONFIG_SND_SOC_AD193X_SPI m
274 set_kernel_config CONFIG_SND_SOC_AD193X_I2C m
274 set_kernel_config CONFIG_SND_SOC_AD193X_I2C m
275 set_kernel_config CONFIG_SND_SOC_CS4265 m
275 set_kernel_config CONFIG_SND_SOC_CS4265 m
276 set_kernel_config CONFIG_SND_SOC_DA7213 m
276 set_kernel_config CONFIG_SND_SOC_DA7213 m
277 set_kernel_config CONFIG_SND_SOC_ICS43432 m
277 set_kernel_config CONFIG_SND_SOC_ICS43432 m
278 set_kernel_config CONFIG_SND_SOC_TLV320AIC32X4 m
278 set_kernel_config CONFIG_SND_SOC_TLV320AIC32X4 m
279 set_kernel_config CONFIG_SND_SOC_TLV320AIC32X4_I2C m
279 set_kernel_config CONFIG_SND_SOC_TLV320AIC32X4_I2C m
280 set_kernel_config CONFIG_SND_SOC_I_SABRE_CODEC m
280 set_kernel_config CONFIG_SND_SOC_I_SABRE_CODEC m
281 set_kernel_config CONFIG_HID_BIGBEN_FF m
281 set_kernel_config CONFIG_HID_BIGBEN_FF m
282 #set_kernel_config CONFIG_USB_XHCI_PLATFORM y
282 #set_kernel_config CONFIG_USB_XHCI_PLATFORM y
283 set_kernel_config CONFIG_USB_TMC m
283 set_kernel_config CONFIG_USB_TMC m
284 set_kernel_config CONFIG_USB_UAS y
284 set_kernel_config CONFIG_USB_UAS y
285 set_kernel_config CONFIG_USBIP_VUDC m
285 set_kernel_config CONFIG_USBIP_VUDC m
286 set_kernel_config CONFIG_USB_CONFIGFS m
286 set_kernel_config CONFIG_USB_CONFIGFS m
287 set_kernel_config CONFIG_USB_CONFIGFS_SERIAL y
287 set_kernel_config CONFIG_USB_CONFIGFS_SERIAL y
288 set_kernel_config CONFIG_USB_CONFIGFS_ACM y
288 set_kernel_config CONFIG_USB_CONFIGFS_ACM y
289 set_kernel_config CONFIG_USB_CONFIGFS_OBEX y
289 set_kernel_config CONFIG_USB_CONFIGFS_OBEX y
290 set_kernel_config CONFIG_USB_CONFIGFS_NCM y
290 set_kernel_config CONFIG_USB_CONFIGFS_NCM y
291 set_kernel_config CONFIG_USB_CONFIGFS_ECM y
291 set_kernel_config CONFIG_USB_CONFIGFS_ECM y
292 set_kernel_config CONFIG_USB_CONFIGFS_ECM_SUBSET y
292 set_kernel_config CONFIG_USB_CONFIGFS_ECM_SUBSET y
293 set_kernel_config CONFIG_USB_CONFIGFS_RNDIS y
293 set_kernel_config CONFIG_USB_CONFIGFS_RNDIS y
294 set_kernel_config CONFIG_USB_CONFIGFS_EEM y
294 set_kernel_config CONFIG_USB_CONFIGFS_EEM y
295 set_kernel_config CONFIG_USB_CONFIGFS_MASS_STORAGE y
295 set_kernel_config CONFIG_USB_CONFIGFS_MASS_STORAGE y
296 set_kernel_config CONFIG_USB_CONFIGFS_F_LB_SS y
296 set_kernel_config CONFIG_USB_CONFIGFS_F_LB_SS y
297 set_kernel_config CONFIG_USB_CONFIGFS_F_FS y
297 set_kernel_config CONFIG_USB_CONFIGFS_F_FS y
298 set_kernel_config CONFIG_USB_CONFIGFS_F_UAC1 y
298 set_kernel_config CONFIG_USB_CONFIGFS_F_UAC1 y
299 set_kernel_config CONFIG_USB_CONFIGFS_F_UAC2 y
299 set_kernel_config CONFIG_USB_CONFIGFS_F_UAC2 y
300 set_kernel_config CONFIG_USB_CONFIGFS_F_MIDI y
300 set_kernel_config CONFIG_USB_CONFIGFS_F_MIDI y
301 set_kernel_config CONFIG_USB_CONFIGFS_F_HID y
301 set_kernel_config CONFIG_USB_CONFIGFS_F_HID y
302 set_kernel_config CONFIG_USB_CONFIGFS_F_UVC y
302 set_kernel_config CONFIG_USB_CONFIGFS_F_UVC y
303 set_kernel_config CONFIG_USB_CONFIGFS_F_PRINTER y
303 set_kernel_config CONFIG_USB_CONFIGFS_F_PRINTER y
304 set_kernel_config CONFIG_LEDS_PCA963X m
304 set_kernel_config CONFIG_LEDS_PCA963X m
305 set_kernel_config CONFIG_LEDS_IS31FL32XX m
305 set_kernel_config CONFIG_LEDS_IS31FL32XX m
306 set_kernel_config CONFIG_LEDS_TRIGGER_NETDEV m
306 set_kernel_config CONFIG_LEDS_TRIGGER_NETDEV m
307 set_kernel_config CONFIG_RTC_DRV_RV3028 m
307 set_kernel_config CONFIG_RTC_DRV_RV3028 m
308 set_kernel_config CONFIG_AUXDISPLAY y
308 set_kernel_config CONFIG_AUXDISPLAY y
309 set_kernel_config CONFIG_HD44780 m
309 set_kernel_config CONFIG_HD44780 m
310 set_kernel_config CONFIG_FB_TFT_SH1106 m
310 set_kernel_config CONFIG_FB_TFT_SH1106 m
311 set_kernel_config CONFIG_VIDEO_CODEC_BCM2835 m
311 set_kernel_config CONFIG_VIDEO_CODEC_BCM2835 m
312 set_kernel_config CONFIG_BCM2835_POWER y
312 set_kernel_config CONFIG_BCM2835_POWER y
313 set_kernel_config CONFIG_INV_MPU6050_IIO m
313 set_kernel_config CONFIG_INV_MPU6050_IIO m
314 set_kernel_config CONFIG_INV_MPU6050_I2C m
314 set_kernel_config CONFIG_INV_MPU6050_I2C m
315 set_kernel_config CONFIG_SECURITYFS y
315 set_kernel_config CONFIG_SECURITYFS y
316
316
317 # Safer to build this in
317 # Safer to build this in
318 set_kernel_config CONFIG_BINFMT_MISC y
318 set_kernel_config CONFIG_BINFMT_MISC y
319
319
320 # pulseaudio wants a buffer of at least this size
320 # pulseaudio wants a buffer of at least this size
321 set_kernel_config CONFIG_SND_HDA_PREALLOC_SIZE 2048
321 set_kernel_config CONFIG_SND_HDA_PREALLOC_SIZE 2048
322
322
323 # PR#3063: enable 3D acceleration with 64-bit kernel on RPi4
323 # PR#3063: enable 3D acceleration with 64-bit kernel on RPi4
324 # set the appropriate kernel configs unlocked by this PR
324 # set the appropriate kernel configs unlocked by this PR
325 set_kernel_config CONFIG_ARCH_BCM y
325 set_kernel_config CONFIG_ARCH_BCM y
326 set_kernel_config CONFIG_ARCH_BCM2835 y
326 set_kernel_config CONFIG_ARCH_BCM2835 y
327 set_kernel_config CONFIG_DRM_V3D m
327 set_kernel_config CONFIG_DRM_V3D m
328 set_kernel_config CONFIG_DRM_VC4 m
328 set_kernel_config CONFIG_DRM_VC4 m
329 set_kernel_config CONFIG_DRM_VC4_HDMI_CEC y
329 set_kernel_config CONFIG_DRM_VC4_HDMI_CEC y
330
330
331 # PR#3144: add arm64 pcie bounce buffers; enables 4GiB on RPi4
331 # PR#3144: add arm64 pcie bounce buffers; enables 4GiB on RPi4
332 # required by PR#3144; should already be applied, but just to be safe
332 # required by PR#3144; should already be applied, but just to be safe
333 set_kernel_config CONFIG_PCIE_BRCMSTB y
333 set_kernel_config CONFIG_PCIE_BRCMSTB y
334 set_kernel_config CONFIG_BCM2835_MMC y
334 set_kernel_config CONFIG_BCM2835_MMC y
335
335
336 # Snap needs squashfs. The ubuntu eoan-preinstalled-server image at
336 # Snap needs squashfs. The ubuntu eoan-preinstalled-server image at
337 # http://cdimage.ubuntu.com/ubuntu-server/daily-preinstalled/current/ uses snap
337 # http://cdimage.ubuntu.com/ubuntu-server/daily-preinstalled/current/ uses snap
338 # during cloud-init setup at first boot. Without this the login accounts are not
338 # during cloud-init setup at first boot. Without this the login accounts are not
339 # created and the user can not login.
339 # created and the user can not login.
340 set_kernel_config CONFIG_SQUASHFS y
340 set_kernel_config CONFIG_SQUASHFS y
341
341
342 # Ceph support for Block Device (RBD) and Filesystem (FS)
342 # Ceph support for Block Device (RBD) and Filesystem (FS)
343 # https://docs.ceph.com/docs/master/
343 # https://docs.ceph.com/docs/master/
344 set_kernel_config CONFIG_CEPH_LIB m
344 set_kernel_config CONFIG_CEPH_LIB m
345 set_kernel_config CONFIG_CEPH_LIB_USE_DNS_RESOLVER y
345 set_kernel_config CONFIG_CEPH_LIB_USE_DNS_RESOLVER y
346 set_kernel_config CONFIG_CEPH_FS m
346 set_kernel_config CONFIG_CEPH_FS m
347 set_kernel_config CONFIG_CEPH_FSCACHE y
347 set_kernel_config CONFIG_CEPH_FSCACHE y
348 set_kernel_config CONFIG_CEPH_FS_POSIX_ACL y
348 set_kernel_config CONFIG_CEPH_FS_POSIX_ACL y
349 set_kernel_config CONFIG_BLK_DEV_RBD m
349 set_kernel_config CONFIG_BLK_DEV_RBD m
350 fi
350
351
351 # enable basic KVM support; see https://www.raspberrypi.org/forums/viewtopic.php?f=63&t=210546&start=25#p1300453
352 # enable basic KVM support; see https://www.raspberrypi.org/forums/viewtopic.php?f=63&t=210546&start=25#p1300453
352 if [ "$KERNEL_VIRT" = true ] && { [ "$RPI_MODEL" = 2 ] || [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] || [ "$RPI_MODEL" = 4 ]; } ; then
353 if [ "$KERNEL_VIRT" = true ] && { [ "$RPI_MODEL" = 2 ] || [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] || [ "$RPI_MODEL" = 4 ]; } ; then
353 set_kernel_config CONFIG_HAVE_KVM y
354 set_kernel_config CONFIG_HAVE_KVM y
354 set_kernel_config CONFIG_HIGH_RES_TIMERS y
355 set_kernel_config CONFIG_HIGH_RES_TIMERS y
355 set_kernel_config CONFIG_HAVE_KVM_IRQCHIP y
356 set_kernel_config CONFIG_HAVE_KVM_IRQCHIP y
356 set_kernel_config CONFIG_HAVE_KVM_ARCH_TLB_FLUSH_ALL y
357 set_kernel_config CONFIG_HAVE_KVM_ARCH_TLB_FLUSH_ALL y
357 set_kernel_config CONFIG_HAVE_KVM_CPU_RELAX_INTERCEPT y
358 set_kernel_config CONFIG_HAVE_KVM_CPU_RELAX_INTERCEPT y
358 set_kernel_config CONFIG_HAVE_KVM_EVENTFD y
359 set_kernel_config CONFIG_HAVE_KVM_EVENTFD y
359 set_kernel_config CONFIG_HAVE_KVM_IRQFD y
360 set_kernel_config CONFIG_HAVE_KVM_IRQFD y
360 set_kernel_config CONFIG_HAVE_KVM_IRQ_ROUTING y
361 set_kernel_config CONFIG_HAVE_KVM_IRQ_ROUTING y
361 set_kernel_config CONFIG_HAVE_KVM_MSI y
362 set_kernel_config CONFIG_HAVE_KVM_MSI y
362 set_kernel_config CONFIG_KVM y
363 set_kernel_config CONFIG_KVM y
363 set_kernel_config CONFIG_KVM_ARM_HOST y
364 set_kernel_config CONFIG_KVM_ARM_HOST y
364 set_kernel_config CONFIG_KVM_ARM_PMU y
365 set_kernel_config CONFIG_KVM_ARM_PMU y
365 set_kernel_config CONFIG_KVM_COMPAT y
366 set_kernel_config CONFIG_KVM_COMPAT y
366 set_kernel_config CONFIG_KVM_GENERIC_DIRTYLOG_READ_PROTECT y
367 set_kernel_config CONFIG_KVM_GENERIC_DIRTYLOG_READ_PROTECT y
367 set_kernel_config CONFIG_KVM_MMIO y
368 set_kernel_config CONFIG_KVM_MMIO y
368 set_kernel_config CONFIG_KVM_VFIO y
369 set_kernel_config CONFIG_KVM_VFIO y
369 set_kernel_config CONFIG_KVM_MMU_AUDIT y
370 set_kernel_config CONFIG_KVM_MMU_AUDIT y
370 set_kernel_config CONFIG_VHOST m
371 set_kernel_config CONFIG_VHOST m
371 set_kernel_config CONFIG_VHOST_CROSS_ENDIAN_LEGACY y
372 set_kernel_config CONFIG_VHOST_CROSS_ENDIAN_LEGACY y
372 set_kernel_config CONFIG_VHOST_NET m
373 set_kernel_config CONFIG_VHOST_NET m
373 set_kernel_config CONFIG_VIRTUALIZATION y
374 set_kernel_config CONFIG_VIRTUALIZATION y
374 set_kernel_config CONFIG_SLAB_FREELIST_RANDOM=y
375 set_kernel_config CONFIG_SLAB_FREELIST_RANDOM=y
375 set_kernel_config CONFIG_SLAB_FREELIST_HARDENED=y
376 set_kernel_config CONFIG_SLAB_FREELIST_HARDENED=y
376 set_kernel_config CONFIG_MMU_NOTIFIER y
377 set_kernel_config CONFIG_MMU_NOTIFIER y
377
378
378 # erratum
379 # erratum
379 set_kernel_config ARM64_ERRATUM_834220 y
380 set_kernel_config ARM64_ERRATUM_834220 y
380
381
381 # https://sourceforge.net/p/kvm/mailman/message/18440797/
382 # https://sourceforge.net/p/kvm/mailman/message/18440797/
382 set_kernel_config CONFIG_PREEMPT_NOTIFIERS y
383 set_kernel_config CONFIG_PREEMPT_NOTIFIERS y
383 fi
384 fi
384
385
385 # enable apparmor,integrity audit,
386 # enable apparmor,integrity audit,
386 if [ "$KERNEL_SECURITY" = true ] ; then
387 if [ "$KERNEL_SECURITY" = true ] ; then
387
388
388 # security filesystem, security models and audit
389 # security filesystem, security models and audit
389 set_kernel_config CONFIG_SECURITYFS y
390 set_kernel_config CONFIG_SECURITYFS y
390 set_kernel_config CONFIG_SECURITY y
391 set_kernel_config CONFIG_SECURITY y
391 set_kernel_config CONFIG_AUDIT y
392 set_kernel_config CONFIG_AUDIT y
392
393
393 # harden strcpy and memcpy
394 # harden strcpy and memcpy
394 set_kernel_config CONFIG_HARDENED_USERCOPY y
395 set_kernel_config CONFIG_HARDENED_USERCOPY y
395 set_kernel_config CONFIG_HAVE_HARDENED_USERCOPY_ALLOCATOR y
396 set_kernel_config CONFIG_HAVE_HARDENED_USERCOPY_ALLOCATOR y
396 set_kernel_config CONFIG_FORTIFY_SOURCE y
397 set_kernel_config CONFIG_FORTIFY_SOURCE y
397
398
398 # integrity sub-system
399 # integrity sub-system
399 set_kernel_config CONFIG_INTEGRITY y
400 set_kernel_config CONFIG_INTEGRITY y
400 set_kernel_config CONFIG_INTEGRITY_ASYMMETRIC_KEYS y
401 set_kernel_config CONFIG_INTEGRITY_ASYMMETRIC_KEYS y
401 set_kernel_config CONFIG_INTEGRITY_AUDIT y
402 set_kernel_config CONFIG_INTEGRITY_AUDIT y
402 set_kernel_config CONFIG_INTEGRITY_SIGNATURE y
403 set_kernel_config CONFIG_INTEGRITY_SIGNATURE y
403 set_kernel_config CONFIG_INTEGRITY_TRUSTED_KEYRING y
404 set_kernel_config CONFIG_INTEGRITY_TRUSTED_KEYRING y
404
405
405 # This option provides support for retaining authentication tokens and access keys in the kernel.
406 # This option provides support for retaining authentication tokens and access keys in the kernel.
406 set_kernel_config CONFIG_KEYS y
407 set_kernel_config CONFIG_KEYS y
407 set_kernel_config CONFIG_KEYS_COMPAT y
408 set_kernel_config CONFIG_KEYS_COMPAT y
408
409
409 # Apparmor
410 # Apparmor
410 set_kernel_config CONFIG_SECURITY_APPARMOR_BOOTPARAM_VALUE 0
411 set_kernel_config CONFIG_SECURITY_APPARMOR_BOOTPARAM_VALUE 0
411 set_kernel_config CONFIG_SECURITY_APPARMOR_HASH_DEFAULT y
412 set_kernel_config CONFIG_SECURITY_APPARMOR_HASH_DEFAULT y
412 set_kernel_config CONFIG_DEFAULT_SECURITY_APPARMOR y
413 set_kernel_config CONFIG_DEFAULT_SECURITY_APPARMOR y
413 set_kernel_config CONFIG_SECURITY_APPARMOR y
414 set_kernel_config CONFIG_SECURITY_APPARMOR y
414 set_kernel_config CONFIG_SECURITY_APPARMOR_HASH y
415 set_kernel_config CONFIG_SECURITY_APPARMOR_HASH y
415 set_kernel_config CONFIG_DEFAULT_SECURITY "apparmor"
416 set_kernel_config CONFIG_DEFAULT_SECURITY "apparmor"
416
417
417 # restrictions on unprivileged users reading the kernel
418 # restrictions on unprivileged users reading the kernel
418 set_kernel_config CONFIG_SECURITY_DMESG_RESTRICT y
419 set_kernel_config CONFIG_SECURITY_DMESG_RESTRICT y
419
420
420 # network security hooks
421 # network security hooks
421 set_kernel_config CONFIG_SECURITY_NETWORK y
422 set_kernel_config CONFIG_SECURITY_NETWORK y
422 set_kernel_config CONFIG_SECURITY_NETWORK_XFRM y
423 set_kernel_config CONFIG_SECURITY_NETWORK_XFRM y
423 set_kernel_config CONFIG_SECURITY_PATH y
424 set_kernel_config CONFIG_SECURITY_PATH y
424 set_kernel_config CONFIG_SECURITY_YAMA n
425 set_kernel_config CONFIG_SECURITY_YAMA n
425
426
426 set_kernel_config CONFIG_SECURITY_SELINUX n
427 set_kernel_config CONFIG_SECURITY_SELINUX n
427 set_kernel_config CONFIG_SECURITY_SMACK n
428 set_kernel_config CONFIG_SECURITY_SMACK n
428 set_kernel_config CONFIG_SECURITY_TOMOYO n
429 set_kernel_config CONFIG_SECURITY_TOMOYO n
429 set_kernel_config CONFIG_SECURITY_APPARMOR_DEBUG n
430 set_kernel_config CONFIG_SECURITY_APPARMOR_DEBUG n
430 set_kernel_config CONFIG_SECURITY_LOADPIN n
431 set_kernel_config CONFIG_SECURITY_LOADPIN n
431 set_kernel_config CONFIG_HARDENED_USERCOPY_PAGESPAN n
432 set_kernel_config CONFIG_HARDENED_USERCOPY_PAGESPAN n
432 set_kernel_config CONFIG_IMA n
433 set_kernel_config CONFIG_IMA n
433 set_kernel_config CONFIG_EVM n
434 set_kernel_config CONFIG_EVM n
434 set_kernel_config CONFIG_FANOTIFY_ACCESS_PERMISSIONS y
435 set_kernel_config CONFIG_FANOTIFY_ACCESS_PERMISSIONS y
435 set_kernel_config CONFIG_NFSD_V4_SECURITY_LABEL y
436 set_kernel_config CONFIG_NFSD_V4_SECURITY_LABEL y
436 set_kernel_config CONFIG_PKCS7_MESSAGE_PARSER y
437 set_kernel_config CONFIG_PKCS7_MESSAGE_PARSER y
437 set_kernel_config CONFIG_SYSTEM_TRUSTED_KEYRING y
438 set_kernel_config CONFIG_SYSTEM_TRUSTED_KEYRING y
438 set_kernel_config CONFIG_SYSTEM_EXTRA_CERTIFICATE y
439 set_kernel_config CONFIG_SYSTEM_EXTRA_CERTIFICATE y
439 set_kernel_config CONFIG_SECONDARY_TRUSTED_KEYRING y
440 set_kernel_config CONFIG_SECONDARY_TRUSTED_KEYRING y
440 set_kernel_config CONFIG_IMA_KEYRINGS_PERMIT_SIGNED_BY_BUILTIN_OR_SECONDARY n
441 set_kernel_config CONFIG_IMA_KEYRINGS_PERMIT_SIGNED_BY_BUILTIN_OR_SECONDARY n
441 set_kernel_config CONFIG_SYSTEM_TRUSTED_KEYS m
442 set_kernel_config CONFIG_SYSTEM_TRUSTED_KEYS m
442 set_kernel_config CONFIG_SYSTEM_EXTRA_CERTIFICATE_SIZE 4096
443 set_kernel_config CONFIG_SYSTEM_EXTRA_CERTIFICATE_SIZE 4096
443
444
444 set_kernel_config CONFIG_ARM64_CRYPTO y
445 set_kernel_config CONFIG_ARM64_CRYPTO y
445 set_kernel_config CONFIG_CRYPTO_SHA256_ARM64 m
446 set_kernel_config CONFIG_CRYPTO_SHA256_ARM64 m
446 set_kernel_config CONFIG_CRYPTO_SHA512_ARM64 m
447 set_kernel_config CONFIG_CRYPTO_SHA512_ARM64 m
447 set_kernel_config CONFIG_CRYPTO_SHA1_ARM64_CE m
448 set_kernel_config CONFIG_CRYPTO_SHA1_ARM64_CE m
448 set_kernel_config CRYPTO_GHASH_ARM64_CE m
449 set_kernel_config CRYPTO_GHASH_ARM64_CE m
449 set_kernel_config CRYPTO_SHA2_ARM64_CE m
450 set_kernel_config CRYPTO_SHA2_ARM64_CE m
450 set_kernel_config CONFIG_CRYPTO_CRCT10DIF_ARM64_CE m
451 set_kernel_config CONFIG_CRYPTO_CRCT10DIF_ARM64_CE m
451 set_kernel_config CONFIG_CRYPTO_CRC32_ARM64_CE m
452 set_kernel_config CONFIG_CRYPTO_CRC32_ARM64_CE m
452 set_kernel_config CONFIG_CRYPTO_AES_ARM64 m
453 set_kernel_config CONFIG_CRYPTO_AES_ARM64 m
453 set_kernel_config CONFIG_CRYPTO_AES_ARM64_CE m
454 set_kernel_config CONFIG_CRYPTO_AES_ARM64_CE m
454 set_kernel_config CONFIG_CRYPTO_AES_ARM64_CE_CCM y
455 set_kernel_config CONFIG_CRYPTO_AES_ARM64_CE_CCM y
455 set_kernel_config CONFIG_CRYPTO_AES_ARM64_CE_BLK y
456 set_kernel_config CONFIG_CRYPTO_AES_ARM64_CE_BLK y
456 set_kernel_config CONFIG_CRYPTO_AES_ARM64_NEON_BLK m
457 set_kernel_config CONFIG_CRYPTO_AES_ARM64_NEON_BLK m
457 set_kernel_config CONFIG_CRYPTO_CHACHA20_NEON m
458 set_kernel_config CONFIG_CRYPTO_CHACHA20_NEON m
458 set_kernel_config CONFIG_CRYPTO_AES_ARM64_BS m
459 set_kernel_config CONFIG_CRYPTO_AES_ARM64_BS m
459 fi
460 fi
460
461
461 # Netfilter kernel support See https://github.com/raspberrypi/linux/issues/2177#issuecomment-354647406
462 # Netfilter kernel support See https://github.com/raspberrypi/linux/issues/2177#issuecomment-354647406
462 if [ "$KERNEL_NF" = true ] ; then
463 if [ "$KERNEL_NF" = true ] ; then
463 set_kernel_config CONFIG_IP_NF_SECURITY m
464 set_kernel_config CONFIG_IP_NF_SECURITY m
464 set_kernel_config CONFIG_NETLABEL y
465 set_kernel_config CONFIG_NETLABEL y
465 set_kernel_config CONFIG_IP6_NF_SECURITY m
466 set_kernel_config CONFIG_IP6_NF_SECURITY m
466 set_kernel_config CONFIG_IP_NF_TARGET_SYNPROXY m
467 set_kernel_config CONFIG_IP_NF_TARGET_SYNPROXY m
467 set_kernel_config CONFIG_NETFILTER_XT_TARGET_AUDIT m
468 set_kernel_config CONFIG_NETFILTER_XT_TARGET_AUDIT m
468 set_kernel_config CONFIG_NETFILTER_XT_MATCH_CGROUP m
469 set_kernel_config CONFIG_NETFILTER_XT_MATCH_CGROUP m
469 set_kernel_config CONFIG_NETFILTER_XT_MATCH_IPCOMP m
470 set_kernel_config CONFIG_NETFILTER_XT_MATCH_IPCOMP m
470 set_kernel_config CONFIG_NETFILTER_XT_MATCH_SOCKET m
471 set_kernel_config CONFIG_NETFILTER_XT_MATCH_SOCKET m
471 set_kernel_config CONFIG_NFT_FIB_INET m
472 set_kernel_config CONFIG_NFT_FIB_INET m
472 set_kernel_config CONFIG_NFT_FIB_IPV4 m
473 set_kernel_config CONFIG_NFT_FIB_IPV4 m
473 set_kernel_config CONFIG_NFT_FIB_IPV6 m
474 set_kernel_config CONFIG_NFT_FIB_IPV6 m
474 set_kernel_config CONFIG_NFT_FIB_NETDEV m
475 set_kernel_config CONFIG_NFT_FIB_NETDEV m
475 set_kernel_config CONFIG_NFT_OBJREF m
476 set_kernel_config CONFIG_NFT_OBJREF m
476 set_kernel_config CONFIG_NFT_RT m
477 set_kernel_config CONFIG_NFT_RT m
477 set_kernel_config CONFIG_NFT_SET_BITMAP m
478 set_kernel_config CONFIG_NFT_SET_BITMAP m
478 set_kernel_config CONFIG_NF_CONNTRACK_TIMEOUT y
479 set_kernel_config CONFIG_NF_CONNTRACK_TIMEOUT y
479 set_kernel_config CONFIG_NF_LOG_ARP m
480 set_kernel_config CONFIG_NF_LOG_ARP m
480 set_kernel_config CONFIG_NF_SOCKET_IPV4 m
481 set_kernel_config CONFIG_NF_SOCKET_IPV4 m
481 set_kernel_config CONFIG_NF_SOCKET_IPV6 m
482 set_kernel_config CONFIG_NF_SOCKET_IPV6 m
482 set_kernel_config CONFIG_BRIDGE_EBT_BROUTE m
483 set_kernel_config CONFIG_BRIDGE_EBT_BROUTE m
483 set_kernel_config CONFIG_BRIDGE_EBT_T_FILTER m
484 set_kernel_config CONFIG_BRIDGE_EBT_T_FILTER m
484 set_kernel_config CONFIG_BRIDGE_NF_EBTABLES m
485 set_kernel_config CONFIG_BRIDGE_NF_EBTABLES m
485 set_kernel_config CONFIG_IP6_NF_IPTABLES m
486 set_kernel_config CONFIG_IP6_NF_IPTABLES m
486 set_kernel_config CONFIG_IP6_NF_MATCH_AH m
487 set_kernel_config CONFIG_IP6_NF_MATCH_AH m
487 set_kernel_config CONFIG_IP6_NF_MATCH_EUI64 m
488 set_kernel_config CONFIG_IP6_NF_MATCH_EUI64 m
488 set_kernel_config CONFIG_IP6_NF_NAT m
489 set_kernel_config CONFIG_IP6_NF_NAT m
489 set_kernel_config CONFIG_IP6_NF_TARGET_MASQUERADE m
490 set_kernel_config CONFIG_IP6_NF_TARGET_MASQUERADE m
490 set_kernel_config CONFIG_IP6_NF_TARGET_NPT m
491 set_kernel_config CONFIG_IP6_NF_TARGET_NPT m
491 set_kernel_config CONFIG_IP_SET_BITMAP_IPMAC m
492 set_kernel_config CONFIG_IP_SET_BITMAP_IPMAC m
492 set_kernel_config CONFIG_IP_SET_BITMAP_PORT m
493 set_kernel_config CONFIG_IP_SET_BITMAP_PORT m
493 set_kernel_config CONFIG_IP_SET_HASH_IP m
494 set_kernel_config CONFIG_IP_SET_HASH_IP m
494 set_kernel_config CONFIG_IP_SET_HASH_IPMARK m
495 set_kernel_config CONFIG_IP_SET_HASH_IPMARK m
495 set_kernel_config CONFIG_IP_SET_HASH_IPPORT m
496 set_kernel_config CONFIG_IP_SET_HASH_IPPORT m
496 set_kernel_config CONFIG_IP_SET_HASH_IPPORTIP m
497 set_kernel_config CONFIG_IP_SET_HASH_IPPORTIP m
497 set_kernel_config CONFIG_IP_SET_HASH_IPPORTNET m
498 set_kernel_config CONFIG_IP_SET_HASH_IPPORTNET m
498 set_kernel_config CONFIG_IP_SET_HASH_MAC m
499 set_kernel_config CONFIG_IP_SET_HASH_MAC m
499 set_kernel_config CONFIG_IP_SET_HASH_NET m
500 set_kernel_config CONFIG_IP_SET_HASH_NET m
500 set_kernel_config CONFIG_IP_SET_HASH_NETIFACE m
501 set_kernel_config CONFIG_IP_SET_HASH_NETIFACE m
501 set_kernel_config CONFIG_IP_SET_HASH_NETNET m
502 set_kernel_config CONFIG_IP_SET_HASH_NETNET m
502 set_kernel_config CONFIG_IP_SET_HASH_NETPORT m
503 set_kernel_config CONFIG_IP_SET_HASH_NETPORT m
503 set_kernel_config CONFIG_IP_SET_HASH_NETPORTNET m
504 set_kernel_config CONFIG_IP_SET_HASH_NETPORTNET m
504 set_kernel_config CONFIG_IP_SET_LIST_SET m
505 set_kernel_config CONFIG_IP_SET_LIST_SET m
505 set_kernel_config CONFIG_NETFILTER_XTABLES m
506 set_kernel_config CONFIG_NETFILTER_XTABLES m
506 set_kernel_config CONFIG_NETFILTER_XTABLES m
507 set_kernel_config CONFIG_NETFILTER_XTABLES m
507 set_kernel_config CONFIG_NFT_BRIDGE_META m
508 set_kernel_config CONFIG_NFT_BRIDGE_META m
508 set_kernel_config CONFIG_NFT_BRIDGE_REJECT m
509 set_kernel_config CONFIG_NFT_BRIDGE_REJECT m
509 set_kernel_config CONFIG_NFT_CHAIN_NAT_IPV4 m
510 set_kernel_config CONFIG_NFT_CHAIN_NAT_IPV4 m
510 set_kernel_config CONFIG_NFT_CHAIN_NAT_IPV6 m
511 set_kernel_config CONFIG_NFT_CHAIN_NAT_IPV6 m
511 set_kernel_config CONFIG_NFT_CHAIN_ROUTE_IPV4 m
512 set_kernel_config CONFIG_NFT_CHAIN_ROUTE_IPV4 m
512 set_kernel_config CONFIG_NFT_CHAIN_ROUTE_IPV6 m
513 set_kernel_config CONFIG_NFT_CHAIN_ROUTE_IPV6 m
513 set_kernel_config CONFIG_NFT_COMPAT m
514 set_kernel_config CONFIG_NFT_COMPAT m
514 set_kernel_config CONFIG_NFT_COUNTER m
515 set_kernel_config CONFIG_NFT_COUNTER m
515 set_kernel_config CONFIG_NFT_CT m
516 set_kernel_config CONFIG_NFT_CT m
516 set_kernel_config CONFIG_NFT_DUP_IPV4 m
517 set_kernel_config CONFIG_NFT_DUP_IPV4 m
517 set_kernel_config CONFIG_NFT_DUP_IPV6 m
518 set_kernel_config CONFIG_NFT_DUP_IPV6 m
518 set_kernel_config CONFIG_NFT_DUP_NETDEV m
519 set_kernel_config CONFIG_NFT_DUP_NETDEV m
519 set_kernel_config CONFIG_NFT_EXTHDR m
520 set_kernel_config CONFIG_NFT_EXTHDR m
520 set_kernel_config CONFIG_NFT_FWD_NETDEV m
521 set_kernel_config CONFIG_NFT_FWD_NETDEV m
521 set_kernel_config CONFIG_NFT_HASH m
522 set_kernel_config CONFIG_NFT_HASH m
522 set_kernel_config CONFIG_NFT_LIMIT m
523 set_kernel_config CONFIG_NFT_LIMIT m
523 set_kernel_config CONFIG_NFT_LOG m
524 set_kernel_config CONFIG_NFT_LOG m
524 set_kernel_config CONFIG_NFT_MASQ m
525 set_kernel_config CONFIG_NFT_MASQ m
525 set_kernel_config CONFIG_NFT_MASQ_IPV4 m
526 set_kernel_config CONFIG_NFT_MASQ_IPV4 m
526 set_kernel_config CONFIG_NFT_MASQ_IPV6 m
527 set_kernel_config CONFIG_NFT_MASQ_IPV6 m
527 set_kernel_config CONFIG_NFT_META m
528 set_kernel_config CONFIG_NFT_META m
528 set_kernel_config CONFIG_NFT_NAT m
529 set_kernel_config CONFIG_NFT_NAT m
529 set_kernel_config CONFIG_NFT_NUMGEN m
530 set_kernel_config CONFIG_NFT_NUMGEN m
530 set_kernel_config CONFIG_NFT_QUEUE m
531 set_kernel_config CONFIG_NFT_QUEUE m
531 set_kernel_config CONFIG_NFT_QUOTA m
532 set_kernel_config CONFIG_NFT_QUOTA m
532 set_kernel_config CONFIG_NFT_REDIR m
533 set_kernel_config CONFIG_NFT_REDIR m
533 set_kernel_config CONFIG_NFT_REDIR_IPV4 m
534 set_kernel_config CONFIG_NFT_REDIR_IPV4 m
534 set_kernel_config CONFIG_NFT_REDIR_IPV6 m
535 set_kernel_config CONFIG_NFT_REDIR_IPV6 m
535 set_kernel_config CONFIG_NFT_REJECT m
536 set_kernel_config CONFIG_NFT_REJECT m
536 set_kernel_config CONFIG_NFT_REJECT_INET m
537 set_kernel_config CONFIG_NFT_REJECT_INET m
537 set_kernel_config CONFIG_NFT_REJECT_IPV4 m
538 set_kernel_config CONFIG_NFT_REJECT_IPV4 m
538 set_kernel_config CONFIG_NFT_REJECT_IPV6 m
539 set_kernel_config CONFIG_NFT_REJECT_IPV6 m
539 set_kernel_config CONFIG_NFT_SET_HASH m
540 set_kernel_config CONFIG_NFT_SET_HASH m
540 set_kernel_config CONFIG_NFT_SET_RBTREE m
541 set_kernel_config CONFIG_NFT_SET_RBTREE m
541 set_kernel_config CONFIG_NF_CONNTRACK_IPV4 m
542 set_kernel_config CONFIG_NF_CONNTRACK_IPV4 m
542 set_kernel_config CONFIG_NF_CONNTRACK_IPV6 m
543 set_kernel_config CONFIG_NF_CONNTRACK_IPV6 m
543 set_kernel_config CONFIG_NF_DEFRAG_IPV4 m
544 set_kernel_config CONFIG_NF_DEFRAG_IPV4 m
544 set_kernel_config CONFIG_NF_DEFRAG_IPV6 m
545 set_kernel_config CONFIG_NF_DEFRAG_IPV6 m
545 set_kernel_config CONFIG_NF_DUP_IPV4 m
546 set_kernel_config CONFIG_NF_DUP_IPV4 m
546 set_kernel_config CONFIG_NF_DUP_IPV6 m
547 set_kernel_config CONFIG_NF_DUP_IPV6 m
547 set_kernel_config CONFIG_NF_DUP_NETDEV m
548 set_kernel_config CONFIG_NF_DUP_NETDEV m
548 set_kernel_config CONFIG_NF_LOG_BRIDGE m
549 set_kernel_config CONFIG_NF_LOG_BRIDGE m
549 set_kernel_config CONFIG_NF_LOG_IPV4 m
550 set_kernel_config CONFIG_NF_LOG_IPV4 m
550 set_kernel_config CONFIG_NF_LOG_IPV6 m
551 set_kernel_config CONFIG_NF_LOG_IPV6 m
551 set_kernel_config CONFIG_NF_NAT_IPV4 m
552 set_kernel_config CONFIG_NF_NAT_IPV4 m
552 set_kernel_config CONFIG_NF_NAT_IPV6 m
553 set_kernel_config CONFIG_NF_NAT_IPV6 m
553 set_kernel_config CONFIG_NF_NAT_MASQUERADE_IPV4 y
554 set_kernel_config CONFIG_NF_NAT_MASQUERADE_IPV4 y
554 set_kernel_config CONFIG_NF_NAT_MASQUERADE_IPV6 y
555 set_kernel_config CONFIG_NF_NAT_MASQUERADE_IPV6 y
555 set_kernel_config CONFIG_NF_NAT_PPTP m
556 set_kernel_config CONFIG_NF_NAT_PPTP m
556 set_kernel_config CONFIG_NF_NAT_PROTO_GRE m
557 set_kernel_config CONFIG_NF_NAT_PROTO_GRE m
557 set_kernel_config CONFIG_NF_NAT_REDIRECT y
558 set_kernel_config CONFIG_NF_NAT_REDIRECT y
558 set_kernel_config CONFIG_NF_NAT_SIP m
559 set_kernel_config CONFIG_NF_NAT_SIP m
559 set_kernel_config CONFIG_NF_NAT_SNMP_BASIC m
560 set_kernel_config CONFIG_NF_NAT_SNMP_BASIC m
560 set_kernel_config CONFIG_NF_NAT_TFTP m
561 set_kernel_config CONFIG_NF_NAT_TFTP m
561 set_kernel_config CONFIG_NF_REJECT_IPV4 m
562 set_kernel_config CONFIG_NF_REJECT_IPV4 m
562 set_kernel_config CONFIG_NF_REJECT_IPV6 m
563 set_kernel_config CONFIG_NF_REJECT_IPV6 m
563 set_kernel_config CONFIG_NF_TABLES m
564 set_kernel_config CONFIG_NF_TABLES m
564 set_kernel_config CONFIG_NF_TABLES_ARP m
565 set_kernel_config CONFIG_NF_TABLES_ARP m
565 set_kernel_config CONFIG_NF_TABLES_BRIDGE m
566 set_kernel_config CONFIG_NF_TABLES_BRIDGE m
566 set_kernel_config CONFIG_NF_TABLES_INET m
567 set_kernel_config CONFIG_NF_TABLES_INET m
567 set_kernel_config CONFIG_NF_TABLES_IPV4 y
568 set_kernel_config CONFIG_NF_TABLES_IPV4 y
568 set_kernel_config CONFIG_NF_TABLES_IPV6 y
569 set_kernel_config CONFIG_NF_TABLES_IPV6 y
569 set_kernel_config CONFIG_NF_TABLES_NETDEV m
570 set_kernel_config CONFIG_NF_TABLES_NETDEV m
570 set_kernel_config CONFIG_NF_TABLES_SET m
571 set_kernel_config CONFIG_NF_TABLES_SET m
571 set_kernel_config CONFIG_NF_TABLES_INET y
572 set_kernel_config CONFIG_NF_TABLES_INET y
572 set_kernel_config CONFIG_NF_TABLES_NETDEV y
573 set_kernel_config CONFIG_NF_TABLES_NETDEV y
573 set_kernel_config CONFIG_NFT_CONNLIMIT m
574 set_kernel_config CONFIG_NFT_CONNLIMIT m
574 set_kernel_config CONFIG_NFT_TUNNEL m
575 set_kernel_config CONFIG_NFT_TUNNEL m
575 set_kernel_config CONFIG_NFT_SOCKET m
576 set_kernel_config CONFIG_NFT_SOCKET m
576 set_kernel_config CONFIG_NFT_TPROXY m
577 set_kernel_config CONFIG_NFT_TPROXY m
577 set_kernel_config CONFIG_NF_FLOW_TABLE m
578 set_kernel_config CONFIG_NF_FLOW_TABLE m
578 set_kernel_config CONFIG_NFT_FLOW_OFFLOAD m
579 set_kernel_config CONFIG_NFT_FLOW_OFFLOAD m
579 set_kernel_config CONFIG_NF_FLOW_TABLE_INET m
580 set_kernel_config CONFIG_NF_FLOW_TABLE_INET m
580 set_kernel_config CONFIG_NF_TABLES_ARP y
581 set_kernel_config CONFIG_NF_TABLES_ARP y
581 set_kernel_config CONFIG_NF_FLOW_TABLE_IPV4 y
582 set_kernel_config CONFIG_NF_FLOW_TABLE_IPV4 y
582 set_kernel_config CONFIG_NF_FLOW_TABLE_IPV6 y
583 set_kernel_config CONFIG_NF_FLOW_TABLE_IPV6 y
583 set_kernel_config CONFIG_NF_TABLES_BRIDGE y
584 set_kernel_config CONFIG_NF_TABLES_BRIDGE y
584 set_kernel_config CONFIG_NF_CT_NETLINK_TIMEOUT m
585 set_kernel_config CONFIG_NF_CT_NETLINK_TIMEOUT m
585 set_kernel_config CONFIG_NFT_OSF m
586 set_kernel_config CONFIG_NFT_OSF m
586
587
587 fi
588 fi
588
589
589 # Enables BPF syscall for systemd-journald see https://github.com/torvalds/linux/blob/master/init/Kconfig#L848 or https://groups.google.com/forum/#!topic/linux.gentoo.user/_2aSc_ztGpA
590 # Enables BPF syscall for systemd-journald see https://github.com/torvalds/linux/blob/master/init/Kconfig#L848 or https://groups.google.com/forum/#!topic/linux.gentoo.user/_2aSc_ztGpA
590 if [ "$KERNEL_BPF" = true ] ; then
591 if [ "$KERNEL_BPF" = true ] ; then
591 set_kernel_config CONFIG_BPF_SYSCALL y
592 set_kernel_config CONFIG_BPF_SYSCALL y
592 set_kernel_config CONFIG_BPF_EVENTS y
593 set_kernel_config CONFIG_BPF_EVENTS y
593 set_kernel_config CONFIG_BPF_STREAM_PARSER y
594 set_kernel_config CONFIG_BPF_STREAM_PARSER y
594 set_kernel_config CONFIG_CGROUP_BPF y
595 set_kernel_config CONFIG_CGROUP_BPF y
595 set_kernel_config CONFIG_XDP_SOCKETS y
596 set_kernel_config CONFIG_XDP_SOCKETS y
596 fi
597 fi
597
598
598 # KERNEL_DEFAULT_GOV was set by user
599 # KERNEL_DEFAULT_GOV was set by user
599 if [ "$KERNEL_DEFAULT_GOV" != powersave ] && [ -n "$KERNEL_DEFAULT_GOV" ] ; then
600 if [ "$KERNEL_DEFAULT_GOV" != powersave ] && [ -n "$KERNEL_DEFAULT_GOV" ] ; then
600
601
601 case "$KERNEL_DEFAULT_GOV" in
602 case "$KERNEL_DEFAULT_GOV" in
602 performance)
603 performance)
603 set_kernel_config CONFIG_CPU_FREQ_DEFAULT_GOV_PERFORMANCE y
604 set_kernel_config CONFIG_CPU_FREQ_DEFAULT_GOV_PERFORMANCE y
604 ;;
605 ;;
605 userspace)
606 userspace)
606 set_kernel_config CONFIG_CPU_FREQ_DEFAULT_GOV_USERSPACE y
607 set_kernel_config CONFIG_CPU_FREQ_DEFAULT_GOV_USERSPACE y
607 ;;
608 ;;
608 ondemand)
609 ondemand)
609 set_kernel_config CONFIG_CPU_FREQ_DEFAULT_GOV_ONDEMAND y
610 set_kernel_config CONFIG_CPU_FREQ_DEFAULT_GOV_ONDEMAND y
610 ;;
611 ;;
611 conservative)
612 conservative)
612 set_kernel_config CONFIG_CPU_FREQ_DEFAULT_GOV_CONSERVATIVE y
613 set_kernel_config CONFIG_CPU_FREQ_DEFAULT_GOV_CONSERVATIVE y
613 ;;
614 ;;
614 shedutil)
615 shedutil)
615 set_kernel_config CONFIG_CPU_FREQ_DEFAULT_GOV_SCHEDUTIL y
616 set_kernel_config CONFIG_CPU_FREQ_DEFAULT_GOV_SCHEDUTIL y
616 ;;
617 ;;
617 *)
618 *)
618 echo "error: unsupported default cpu governor"
619 echo "error: unsupported default cpu governor"
619 exit 1
620 exit 1
620 ;;
621 ;;
621 esac
622 esac
622
623
623 # unset previous default governor
624 # unset previous default governor
624 unset_kernel_config CONFIG_CPU_FREQ_DEFAULT_GOV_POWERSAVE
625 unset_kernel_config CONFIG_CPU_FREQ_DEFAULT_GOV_POWERSAVE
625 fi
626 fi
626
627
627 #Revert to previous directory
628 #Revert to previous directory
628 cd "${WORKDIR}" || exit
629 cd "${WORKDIR}" || exit
629
630
630 # Set kernel configuration parameters to enable qemu emulation
631 # Set kernel configuration parameters to enable qemu emulation
631 if [ "$ENABLE_QEMU" = true ] ; then
632 if [ "$ENABLE_QEMU" = true ] ; then
632 echo "CONFIG_FHANDLE=y" >> "${KERNEL_DIR}"/.config
633 echo "CONFIG_FHANDLE=y" >> "${KERNEL_DIR}"/.config
633 echo "CONFIG_LBDAF=y" >> "${KERNEL_DIR}"/.config
634 echo "CONFIG_LBDAF=y" >> "${KERNEL_DIR}"/.config
634
635
635 if [ "$ENABLE_CRYPTFS" = true ] ; then
636 if [ "$ENABLE_CRYPTFS" = true ] ; then
636 {
637 {
637 echo "CONFIG_EMBEDDED=y"
638 echo "CONFIG_EMBEDDED=y"
638 echo "CONFIG_EXPERT=y"
639 echo "CONFIG_EXPERT=y"
639 echo "CONFIG_DAX=y"
640 echo "CONFIG_DAX=y"
640 echo "CONFIG_MD=y"
641 echo "CONFIG_MD=y"
641 echo "CONFIG_BLK_DEV_MD=y"
642 echo "CONFIG_BLK_DEV_MD=y"
642 echo "CONFIG_MD_AUTODETECT=y"
643 echo "CONFIG_MD_AUTODETECT=y"
643 echo "CONFIG_BLK_DEV_DM=y"
644 echo "CONFIG_BLK_DEV_DM=y"
644 echo "CONFIG_BLK_DEV_DM_BUILTIN=y"
645 echo "CONFIG_BLK_DEV_DM_BUILTIN=y"
645 echo "CONFIG_DM_CRYPT=y"
646 echo "CONFIG_DM_CRYPT=y"
646 echo "CONFIG_CRYPTO_BLKCIPHER=y"
647 echo "CONFIG_CRYPTO_BLKCIPHER=y"
647 echo "CONFIG_CRYPTO_CBC=y"
648 echo "CONFIG_CRYPTO_CBC=y"
648 echo "CONFIG_CRYPTO_XTS=y"
649 echo "CONFIG_CRYPTO_XTS=y"
649 echo "CONFIG_CRYPTO_SHA512=y"
650 echo "CONFIG_CRYPTO_SHA512=y"
650 echo "CONFIG_CRYPTO_MANAGER=y"
651 echo "CONFIG_CRYPTO_MANAGER=y"
651 } >> "${KERNEL_DIR}"/.config
652 } >> "${KERNEL_DIR}"/.config
652 fi
653 fi
653 fi
654 fi
654
655
655 # Copy custom kernel configuration file
656 # Copy custom kernel configuration file
656 if [ -n "$KERNELSRC_USRCONFIG" ] ; then
657 if [ -n "$KERNELSRC_USRCONFIG" ] ; then
657 cp "$KERNELSRC_USRCONFIG" "${KERNEL_DIR}"/.config
658 cp "$KERNELSRC_USRCONFIG" "${KERNEL_DIR}"/.config
658 fi
659 fi
659
660
660 # Set kernel configuration parameters to their default values
661 # Set kernel configuration parameters to their default values
661 if [ "$KERNEL_OLDDEFCONFIG" = true ] ; then
662 if [ "$KERNEL_OLDDEFCONFIG" = true ] ; then
662 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" olddefconfig
663 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" olddefconfig
663 fi
664 fi
664
665
665 # Start menu-driven kernel configuration (interactive)
666 # Start menu-driven kernel configuration (interactive)
666 if [ "$KERNEL_MENUCONFIG" = true ] ; then
667 if [ "$KERNEL_MENUCONFIG" = true ] ; then
667 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" menuconfig
668 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" menuconfig
668 fi
669 fi
669 # end if "$KERNELSRC_CONFIG" = true
670 # end if "$KERNELSRC_CONFIG" = true
670 fi
671 fi
671
672
672 # Use ccache to cross compile the kernel
673 # Use ccache to cross compile the kernel
673 if [ "$KERNEL_CCACHE" = true ] ; then
674 if [ "$KERNEL_CCACHE" = true ] ; then
674 cc="ccache ${CROSS_COMPILE}gcc"
675 cc="ccache ${CROSS_COMPILE}gcc"
675 else
676 else
676 cc="${CROSS_COMPILE}gcc"
677 cc="${CROSS_COMPILE}gcc"
677 fi
678 fi
678
679
679 # Cross compile kernel and dtbs
680 # Cross compile kernel and dtbs
680 make -C "${KERNEL_DIR}" -j"${KERNEL_THREADS}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" CC="${cc}" "${KERNEL_BIN_IMAGE}" dtbs
681 make -C "${KERNEL_DIR}" -j"${KERNEL_THREADS}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" CC="${cc}" "${KERNEL_BIN_IMAGE}" dtbs
681
682
682 # Cross compile kernel modules
683 # Cross compile kernel modules
683 if grep -q "CONFIG_MODULES=y" "${KERNEL_DIR}/.config" ; then
684 if grep -q "CONFIG_MODULES=y" "${KERNEL_DIR}/.config" ; then
684 make -C "${KERNEL_DIR}" -j"${KERNEL_THREADS}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" CC="${cc}" modules
685 make -C "${KERNEL_DIR}" -j"${KERNEL_THREADS}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" CC="${cc}" modules
685 fi
686 fi
686 # end if "$KERNELSRC_PREBUILT" = false
687 # end if "$KERNELSRC_PREBUILT" = false
687 fi
688 fi
688
689
689 # Check if kernel compilation was successful
690 # Check if kernel compilation was successful
690 if [ ! -r "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/${KERNEL_BIN_IMAGE}" ] ; then
691 if [ ! -r "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/${KERNEL_BIN_IMAGE}" ] ; then
691 echo "error: kernel compilation failed! (kernel image not found)"
692 echo "error: kernel compilation failed! (kernel image not found)"
692 cleanup
693 cleanup
693 exit 1
694 exit 1
694 fi
695 fi
695
696
696 # Install kernel modules
697 # Install kernel modules
697 if [ "$ENABLE_REDUCE" = true ] ; then
698 if [ "$ENABLE_REDUCE" = true ] ; then
698 if grep -q "CONFIG_MODULES=y" "${KERNEL_DIR}/.config" ; then
699 if grep -q "CONFIG_MODULES=y" "${KERNEL_DIR}/.config" ; then
699 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_MOD_STRIP=1 INSTALL_MOD_PATH=../../.. modules_install
700 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_MOD_STRIP=1 INSTALL_MOD_PATH=../../.. modules_install
700 fi
701 fi
701 else
702 else
702 if grep -q "CONFIG_MODULES=y" "${KERNEL_DIR}/.config" ; then
703 if grep -q "CONFIG_MODULES=y" "${KERNEL_DIR}/.config" ; then
703 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_MOD_PATH=../../.. modules_install
704 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_MOD_PATH=../../.. modules_install
704 fi
705 fi
705
706
706 # Install kernel firmware
707 # Install kernel firmware
707 if grep -q "^firmware_install:" "${KERNEL_DIR}/Makefile" ; then
708 if grep -q "^firmware_install:" "${KERNEL_DIR}/Makefile" ; then
708 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_FW_PATH=../../../lib firmware_install
709 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_FW_PATH=../../../lib firmware_install
709 fi
710 fi
710 fi
711 fi
711
712
712 # Install kernel headers
713 # Install kernel headers
713 if [ "$KERNEL_HEADERS" = true ] && [ "$KERNEL_REDUCE" = false ] ; then
714 if [ "$KERNEL_HEADERS" = true ] && [ "$KERNEL_REDUCE" = false ] ; then
714 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_HDR_PATH=../.. headers_install
715 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_HDR_PATH=../.. headers_install
715 fi
716 fi
716
717
717 # Prepare boot (firmware) directory
718 # Prepare boot (firmware) directory
718 mkdir "${BOOT_DIR}"
719 mkdir "${BOOT_DIR}"
719
720
720 # Get kernel release version
721 # Get kernel release version
721 KERNEL_VERSION=$(cat "${KERNEL_DIR}/include/config/kernel.release")
722 KERNEL_VERSION=$(cat "${KERNEL_DIR}/include/config/kernel.release")
722
723
723 # Copy kernel configuration file to the boot directory
724 # Copy kernel configuration file to the boot directory
724 install_readonly "${KERNEL_DIR}/.config" "${R}/boot/config-${KERNEL_VERSION}"
725 install_readonly "${KERNEL_DIR}/.config" "${R}/boot/config-${KERNEL_VERSION}"
725
726
726 # Prepare device tree directory
727 # Prepare device tree directory
727 mkdir "${BOOT_DIR}/overlays"
728 mkdir "${BOOT_DIR}/overlays"
728
729
729 # Ensure the proper .dtb is located
730 # Ensure the proper .dtb is located
730 if [ "$KERNEL_ARCH" = "arm" ] ; then
731 if [ "$KERNEL_ARCH" = "arm" ] ; then
731 for dtb in "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/"*.dtb ; do
732 for dtb in "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/"*.dtb ; do
732 if [ -f "${dtb}" ] ; then
733 if [ -f "${dtb}" ] ; then
733 install_readonly "${dtb}" "${BOOT_DIR}/"
734 install_readonly "${dtb}" "${BOOT_DIR}/"
734 fi
735 fi
735 done
736 done
736 else
737 else
737 for dtb in "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/broadcom/"*.dtb ; do
738 for dtb in "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/broadcom/"*.dtb ; do
738 if [ -f "${dtb}" ] ; then
739 if [ -f "${dtb}" ] ; then
739 install_readonly "${dtb}" "${BOOT_DIR}/"
740 install_readonly "${dtb}" "${BOOT_DIR}/"
740 fi
741 fi
741 done
742 done
742 fi
743 fi
743
744
744 # Copy compiled dtb device tree files
745 # Copy compiled dtb device tree files
745 if [ -d "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays" ] ; then
746 if [ -d "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays" ] ; then
746 for dtb in "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays/"*.dtbo ; do
747 for dtb in "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays/"*.dtbo ; do
747 if [ -f "${dtb}" ] ; then
748 if [ -f "${dtb}" ] ; then
748 install_readonly "${dtb}" "${BOOT_DIR}/overlays/"
749 install_readonly "${dtb}" "${BOOT_DIR}/overlays/"
749 fi
750 fi
750 done
751 done
751
752
752 if [ -f "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays/README" ] ; then
753 if [ -f "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays/README" ] ; then
753 install_readonly "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays/README" "${BOOT_DIR}/overlays/README"
754 install_readonly "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays/README" "${BOOT_DIR}/overlays/README"
754 fi
755 fi
755 fi
756 fi
756
757
757 if [ "$ENABLE_UBOOT" = false ] ; then
758 if [ "$ENABLE_UBOOT" = false ] ; then
758 # Convert and copy kernel image to the boot directory
759 # Convert and copy kernel image to the boot directory
759 "${KERNEL_DIR}/scripts/mkknlimg" "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/${KERNEL_BIN_IMAGE}" "${BOOT_DIR}/${KERNEL_IMAGE}"
760 "${KERNEL_DIR}/scripts/mkknlimg" "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/${KERNEL_BIN_IMAGE}" "${BOOT_DIR}/${KERNEL_IMAGE}"
760 else
761 else
761 # Copy kernel image to the boot directory
762 # Copy kernel image to the boot directory
762 install_readonly "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/${KERNEL_BIN_IMAGE}" "${BOOT_DIR}/${KERNEL_IMAGE}"
763 install_readonly "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/${KERNEL_BIN_IMAGE}" "${BOOT_DIR}/${KERNEL_IMAGE}"
763 fi
764 fi
764
765
765 # Remove kernel sources
766 # Remove kernel sources
766 if [ "$KERNEL_REMOVESRC" = true ] ; then
767 if [ "$KERNEL_REMOVESRC" = true ] ; then
767 rm -fr "${KERNEL_DIR}"
768 rm -fr "${KERNEL_DIR}"
768 else
769 else
769 # Prepare compiled kernel modules
770 # Prepare compiled kernel modules
770 if grep -q "CONFIG_MODULES=y" "${KERNEL_DIR}/.config" ; then
771 if grep -q "CONFIG_MODULES=y" "${KERNEL_DIR}/.config" ; then
771 if grep -q "^modules_prepare:" "${KERNEL_DIR}/Makefile" ; then
772 if grep -q "^modules_prepare:" "${KERNEL_DIR}/Makefile" ; then
772 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" modules_prepare
773 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" modules_prepare
773 fi
774 fi
774
775
775 # Create symlinks for kernel modules
776 # Create symlinks for kernel modules
776 chroot_exec ln -sf /usr/src/linux "/lib/modules/${KERNEL_VERSION}/build"
777 chroot_exec ln -sf /usr/src/linux "/lib/modules/${KERNEL_VERSION}/build"
777 chroot_exec ln -sf /usr/src/linux "/lib/modules/${KERNEL_VERSION}/source"
778 chroot_exec ln -sf /usr/src/linux "/lib/modules/${KERNEL_VERSION}/source"
778 fi
779 fi
779 fi
780 fi
780
781
781 else # BUILD_KERNEL=false
782 else # BUILD_KERNEL=false
782 if [ "$SET_ARCH" = 64 ] ; then
783 if [ "$SET_ARCH" = 64 ] ; then
783 if [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] ; then
784 if [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] ; then
784 # Use Sakakis modified kernel if ZSWAP is active
785 # Use Sakakis modified kernel if ZSWAP is active
785 if [ "$KERNEL_ZSWAP" = true ] || [ "$KERNEL_VIRT" = true ] || [ "$KERNEL_NF" = true ] || [ "$KERNEL_BPF" = true ] ; then
786 if [ "$KERNEL_ZSWAP" = true ] || [ "$KERNEL_VIRT" = true ] || [ "$KERNEL_NF" = true ] || [ "$KERNEL_BPF" = true ] ; then
786 RPI3_64_KERNEL_URL="${RPI3_64_BIS_KERNEL_URL}"
787 RPI3_64_KERNEL_URL="${RPI3_64_BIS_KERNEL_URL}"
787 fi
788 fi
788
789
789 # Create temporary directory for dl
790 # Create temporary directory for dl
790 temp_dir=$(as_nobody mktemp -d)
791 temp_dir=$(as_nobody mktemp -d)
791
792
792 # Fetch kernel dl
793 # Fetch kernel dl
793 as_nobody wget -O "${temp_dir}"/kernel.tar.xz -c "$RPI3_64_KERNEL_URL"
794 as_nobody wget -O "${temp_dir}"/kernel.tar.xz -c "$RPI3_64_KERNEL_URL"
794 fi
795 fi
795 if [ "$SET_ARCH" = 64 ] && [ "$RPI_MODEL" = 4 ] ; then
796 if [ "$SET_ARCH" = 64 ] && [ "$RPI_MODEL" = 4 ] ; then
796 # Create temporary directory for dl
797 # Create temporary directory for dl
797 temp_dir=$(as_nobody mktemp -d)
798 temp_dir=$(as_nobody mktemp -d)
798
799
799 # Fetch kernel dl
800 # Fetch kernel dl
800 as_nobody wget -O "${temp_dir}"/kernel.tar.xz -c "$RPI4_64_KERNEL_URL"
801 as_nobody wget -O "${temp_dir}"/kernel.tar.xz -c "$RPI4_64_KERNEL_URL"
801 fi
802 fi
802
803
803 #extract download
804 #extract download
804 tar -xJf "${temp_dir}"/kernel.tar.xz -C "${temp_dir}"
805 tar -xJf "${temp_dir}"/kernel.tar.xz -C "${temp_dir}"
805
806
806 #move extracted kernel to /boot/firmware
807 #move extracted kernel to /boot/firmware
807 mkdir "${R}/boot/firmware"
808 mkdir "${R}/boot/firmware"
808 cp "${temp_dir}"/boot/* "${R}"/boot/firmware/
809 cp "${temp_dir}"/boot/* "${R}"/boot/firmware/
809 cp -r "${temp_dir}"/lib/* "${R}"/lib/
810 cp -r "${temp_dir}"/lib/* "${R}"/lib/
810
811
811 # Remove temporary directory for kernel sources
812 # Remove temporary directory for kernel sources
812 rm -fr "${temp_dir}"
813 rm -fr "${temp_dir}"
813
814
814 # Set permissions of the kernel sources
815 # Set permissions of the kernel sources
815 chown -R root:root "${R}/boot/firmware"
816 chown -R root:root "${R}/boot/firmware"
816 chown -R root:root "${R}/lib/modules"
817 chown -R root:root "${R}/lib/modules"
817 fi
818 fi
818
819
819 # Install Kernel from hypriot comptabile with all Raspberry PI (dunno if its compatible with RPI4 - better compile your own kernel)
820 # Install Kernel from hypriot comptabile with all Raspberry PI (dunno if its compatible with RPI4 - better compile your own kernel)
820 if [ "$SET_ARCH" = 32 ] && [ "$RPI_MODEL" != 4 ] ; then
821 if [ "$SET_ARCH" = 32 ] && [ "$RPI_MODEL" != 4 ] ; then
821 # Create temporary directory for dl
822 # Create temporary directory for dl
822 temp_dir=$(as_nobody mktemp -d)
823 temp_dir=$(as_nobody mktemp -d)
823
824
824 # Fetch kernel
825 # Fetch kernel
825 as_nobody wget -O "${temp_dir}"/kernel.deb -c "$RPI_32_KERNEL_URL"
826 as_nobody wget -O "${temp_dir}"/kernel.deb -c "$RPI_32_KERNEL_URL"
826
827
827 # Copy downloaded kernel package
828 # Copy downloaded kernel package
828 mv "${temp_dir}"/kernel.deb "${R}"/tmp/kernel.deb
829 mv "${temp_dir}"/kernel.deb "${R}"/tmp/kernel.deb
829
830
830 # Set permissions
831 # Set permissions
831 chown -R root:root "${R}"/tmp/kernel.deb
832 chown -R root:root "${R}"/tmp/kernel.deb
832
833
833 # Install kernel
834 # Install kernel
834 chroot_exec dpkg -i /tmp/kernel.deb
835 chroot_exec dpkg -i /tmp/kernel.deb
835
836
836 # move /boot to /boot/firmware to fit script env.
837 # move /boot to /boot/firmware to fit script env.
837 #mkdir "${BOOT_DIR}"
838 #mkdir "${BOOT_DIR}"
838 mkdir "${temp_dir}"/firmware
839 mkdir "${temp_dir}"/firmware
839 mv "${R}"/boot/* "${temp_dir}"/firmware/
840 mv "${R}"/boot/* "${temp_dir}"/firmware/
840 mv "${temp_dir}"/firmware "${R}"/boot/
841 mv "${temp_dir}"/firmware "${R}"/boot/
841
842
842 #same for kernel headers
843 #same for kernel headers
843 if [ "$KERNEL_HEADERS" = true ] ; then
844 if [ "$KERNEL_HEADERS" = true ] ; then
844 # Fetch kernel header
845 # Fetch kernel header
845 as_nobody wget -O "${temp_dir}"/kernel-header.deb -c "$RPI_32_KERNELHEADER_URL"
846 as_nobody wget -O "${temp_dir}"/kernel-header.deb -c "$RPI_32_KERNELHEADER_URL"
846 mv "${temp_dir}"/kernel-header.deb "${R}"/tmp/kernel-header.deb
847 mv "${temp_dir}"/kernel-header.deb "${R}"/tmp/kernel-header.deb
847 chown -R root:root "${R}"/tmp/kernel-header.deb
848 chown -R root:root "${R}"/tmp/kernel-header.deb
848 # Install kernel header
849 # Install kernel header
849 chroot_exec dpkg -i /tmp/kernel-header.deb
850 chroot_exec dpkg -i /tmp/kernel-header.deb
850 rm -f "${R}"/tmp/kernel-header.deb
851 rm -f "${R}"/tmp/kernel-header.deb
851 fi
852 fi
852
853
853 # Remove temporary directory and files
854 # Remove temporary directory and files
854 rm -fr "${temp_dir}"
855 rm -fr "${temp_dir}"
855 rm -f "${R}"/tmp/kernel.deb
856 rm -f "${R}"/tmp/kernel.deb
856 fi
857 fi
857
858
858 # Check if kernel installation was successful
859 # Check if kernel installation was successful
859 KERNEL="$(ls -1 "${R}"/boot/firmware/kernel* | sort | tail -n 1)"
860 KERNEL="$(ls -1 "${R}"/boot/firmware/kernel* | sort | tail -n 1)"
860 if [ -z "$KERNEL" ] ; then
861 if [ -z "$KERNEL" ] ; then
861 echo "error: kernel installation failed! (/boot/kernel* not found)"
862 echo "error: kernel installation failed! (/boot/kernel* not found)"
862 cleanup
863 cleanup
863 exit 1
864 exit 1
864 fi
865 fi
865 fi
866 fi
General Comments 0
Vous devez vous connecter pour laisser un commentaire. Se connecter maintenant