##// END OF EJS Templates
Raspi2-3_GenImage
RSS

Cloner depuis https://github.com/drtyhlpr/rpi23-gen-image.git

update from master
Unknown -
r403:c99e540b9c7c
parent child
Show More
Show file before | Show file after | Hide comments
@@ -0,0 +1,53
1 #
2 # Setup videocore - Raspberry Userland
3 #
4
5 # Load utility functions
6 . ./functions.sh
7
8 if [ "$ENABLE_VIDEOCORE" = true ] ; then
9 # Copy existing videocore sources into chroot directory
10 if [ -n "$VIDEOCORESRC_DIR" ] && [ -d "$VIDEOCORESRC_DIR" ] ; then
11 # Copy local U-Boot sources
12 cp -r "${VIDEOCORESRC_DIR}" "${R}/tmp/userland"
13 else
14 # Create temporary directory for U-Boot sources
15 temp_dir=$(as_nobody mktemp -d)
16
17 # Fetch U-Boot sources
18 as_nobody git -C "${temp_dir}" clone "${VIDEOCORE_URL}"
19
20 # Copy downloaded U-Boot sources
21 mv "${temp_dir}/userland" "${R}/tmp/"
22
23 # Set permissions of the U-Boot sources
24 chown -R root:root "${R}/tmp/userland"
25
26 # Remove temporary directory for U-Boot sources
27 rm -fr "${temp_dir}"
28 fi
29
30 # Create build dir
31 mkdir "${R}"/tmp/userland/build
32
33 # push us to build directory
34 pushd "${R}"/tmp/userland/build
35
36 if [ "$RELEASE_ARCH" = "arm64" ] ; then
37 cmake -DCMAKE_SYSTEM_NAME=Linux -DCMAKE_BUILD_TYPE=release -DARM64=ON -DCMAKE_C_COMPILER=aarch64-linux-gnu-gcc -DCMAKE_CXX_COMPILER=aarch64-linux-gnu-g++ -DCMAKE_ASM_COMPILER=aarch64-linux-gnu-gcc -DCMAKE_C_FLAGS="${CMAKE_C_FLAGS} -U_FORTIFY_SOURCE" -DCMAKE_ASM_FLAGS="${CMAKE_ASM_FLAGS} -c" -DVIDEOCORE_BUILD_DIR="${R}" "${R}/tmp/userland"
38 fi
39
40 if [ "$RELEASE_ARCH" = "armel" ] ; then
41 cmake -DCMAKE_SYSTEM_NAME=Linux -DCMAKE_BUILD_TYPE=release -DCMAKE_C_COMPILER=arm-linux-gnueabi-gcc -DCMAKE_CXX_COMPILER=arm-linux-gnueabi-g++ -DCMAKE_ASM_COMPILER=arm-linux-gnueabi-gcc -DCMAKE_C_FLAGS="${CMAKE_C_FLAGS} -U_FORTIFY_SOURCE" -DCMAKE_ASM_FLAGS="${CMAKE_ASM_FLAGS} -c" -DCMAKE_SYSTEM_PROCESSOR="arm" -DVIDEOCORE_BUILD_DIR="${R}" "${R}/tmp/userland"
42 fi
43
44 if [ "$RELEASE_ARCH" = "armhf" ] ; then
45 cmake -DCMAKE_SYSTEM_NAME=Linux -DCMAKE_BUILD_TYPE=release -DCMAKE_TOOLCHAIN_FILE="${R}"/tmp/userland/makefiles/cmake/toolchains/arm-linux-gnueabihf.cmake -DVIDEOCORE_BUILD_DIR="${R}" "${R}/tmp/userland"
46 fi
47
48 #build userland
49 make -j "$(nproc)"
50
51 #pop us out of build dir
52 popd
53 fi
Show file before | Show file after | Hide comments
@@ -0,0 +1,21
1 add table ip filter
2 add chain ip filter INPUT { type filter hook input priority 0; }
3 add chain ip filter FORWARD { type filter hook forward priority 0; }
4 add chain ip filter OUTPUT { type filter hook output priority 0; }
5 add chain ip filter TCP
6 add chain ip filter UDP
7 add chain ip filter SSH
8 add rule ip filter INPUT icmp type echo-request limit rate 30/minute burst 8 packets counter accept
9 add rule ip filter INPUT icmp type echo-request counter drop
10 add rule ip filter INPUT ct state related,established counter accept
11 add rule ip filter INPUT iifname lo counter accept
12 add rule ip filter INPUT ct state invalid counter drop
13 add rule ip filter INPUT tcp dport 22 ct state new counter jump SSH
14 # -t filter -A SSH -m recent --name sshbf --rttl --rcheck --hitcount 3 --seconds 10 -j DROP
15 # -t filter -A SSH -m recent --name sshbf --rttl --rcheck --hitcount 20 --seconds 1800 -j DROP
16 # -t filter -A SSH -m recent --name sshbf --set -j ACCEPT
17 add rule ip filter INPUT ip protocol udp ct state new counter jump UDP
18 add rule ip filter INPUT tcp flags & fin|syn|rst|ack == syn ct state new counter jump TCP
19 add rule ip filter INPUT ip protocol udp counter reject
20 add rule ip filter INPUT ip protocol tcp counter reject with tcp reset
21 add rule ip filter INPUT counter reject with icmp type prot-unreachable
Show file before | Show file after | Hide comments
@@ -0,0 +1,24
1 add table ip6 filter
2 add chain ip6 filter INPUT { type filter hook input priority 0; }
3 add chain ip6 filter FORWARD { type filter hook forward priority 0; }
4 add chain ip6 filter OUTPUT { type filter hook output priority 0; }
5 add chain ip6 filter TCP
6 add chain ip6 filter UDP
7 add chain ip6 filter SSH
8 add rule ip6 filter INPUT rt type 0 counter drop
9 add rule ip6 filter OUTPUT rt type 0 counter drop
10 add rule ip6 filter FORWARD rt type 0 counter drop
11 add rule ip6 filter INPUT meta l4proto ipv6-icmp icmpv6 type echo-request limit rate 30/minute burst 8 packets counter accept
12 add rule ip6 filter INPUT meta l4proto ipv6-icmp icmpv6 type echo-request counter drop
13 add rule ip6 filter INPUT ct state related,established counter accept
14 add rule ip6 filter INPUT iifname lo counter accept
15 add rule ip6 filter INPUT ct state invalid counter drop
16 add rule ip6 filter INPUT tcp dport 22 ct state new counter jump SSH
17 # -t filter -A SSH -m recent --name sshbf --rttl --rcheck --hitcount 3 --seconds 10 -j DROP
18 # -t filter -A SSH -m recent --name sshbf --rttl --rcheck --hitcount 20 --seconds 1800 -j DROP
19 # -t filter -A SSH -m recent --name sshbf --set -j ACCEPT
20 add rule ip6 filter INPUT meta l4proto udp ct state new counter jump UDP
21 add rule ip6 filter INPUT tcp flags & fin|syn|rst|ack == syn ct state new counter jump TCP
22 add rule ip6 filter INPUT meta l4proto udp counter reject with icmpv6 type admin-prohibited
23 add rule ip6 filter INPUT meta l4proto tcp counter reject with icmpv6 type admin-prohibited
24 add rule ip6 filter INPUT counter reject with icmpv6 type admin-prohibited
Show file before | Show file after | Hide comments
@@ -0,0 +1,15
1 # Configuration template file used by rpi23-gen-image.sh
2 # Debian Stretch using the Arm64 for kernel compilation and Debian distribution.
3
4 RPI_MODEL=3
5 RELEASE=stretch
6 BUILD_KERNEL=true
7 KERNEL_ARCH=arm64
8 RELEASE_ARCH=arm64
9 CROSS_COMPILE=aarch64-linux-gnu-
10 QEMU_BINARY=/usr/bin/qemu-aarch64-static
11 KERNEL_DEFCONFIG=bcmrpi3_defconfig
12 KERNEL_BIN_IMAGE=Image
13 KERNEL_IMAGE=kernel8.img
14 KERNEL_BRANCH=rpi-4.14.y
15 ENABLE_WIRELESS=true
Show file before | Show file after | Hide comments
@@ -11,29 +11,23 if [ -z "$APT_PROXY" ] ; then
11 sed -i "s/\"\"/\"${APT_PROXY}\"/" "${ETC_DIR}/apt/apt.conf.d/10proxy"
11 sed -i "s/\"\"/\"${APT_PROXY}\"/" "${ETC_DIR}/apt/apt.conf.d/10proxy"
12 fi
12 fi
13
13
14 #if [ "$BUILD_KERNEL" = false ] ; then
15 # echo "Downloading precompiled kernel"
16 # echo "error: not configured"
17 # exit 1;
18 # BUILD_KERNEL=true
19 #else
20 # echo "No precompiled kernel repositories were added"
21 #fi
22
23 # Upgrade package index and update all installed packages and changed dependencies
14 # Upgrade package index and update all installed packages and changed dependencies
24 chroot_exec apt-get -qq -y update
15 chroot_exec apt-get -qq -y update
25 chroot_exec apt-get -qq -y -u dist-upgrade
16 chroot_exec apt-get -qq -y -u dist-upgrade
26
17
18 # Install additional packages
27 if [ "$APT_INCLUDES_LATE" ] ; then
19 if [ "$APT_INCLUDES_LATE" ] ; then
28 chroot_exec apt-get -qq -y install "$(echo "$APT_INCLUDES_LATE" |tr , ' ')"
20 chroot_exec apt-get -qq -y install "$(echo "$APT_INCLUDES_LATE" |tr , ' ')"
29 fi
21 fi
30
22
23 # Install Debian custom packages
31 if [ -d packages ] ; then
24 if [ -d packages ] ; then
32 for package in packages/*.deb ; do
25 for package in packages/*.deb ; do
33 cp "$package" "${R}"/tmp
26 cp "$package" "${R}"/tmp
34 chroot_exec dpkg --unpack /tmp/"$(basename "$package")"
27 chroot_exec dpkg --unpack /tmp/"$(basename "$package")"
35 done
28 done
36 fi
29 fi
30
37 chroot_exec apt-get -qq -y -f install
31 chroot_exec apt-get -qq -y -f install
38
32
39 chroot_exec apt-get -qq -y check
33 chroot_exec apt-get -qq -y check
Show file before | Show file after | Hide comments
@@ -103,11 +103,12 if [ "$ENABLE_WIRELESS" = true ] ; then
103
103
104 # Fetch firmware binary blob for RPI3B+
104 # Fetch firmware binary blob for RPI3B+
105 if [ "$RPI_MODEL" = 3P ] ; then
105 if [ "$RPI_MODEL" = 3P ] ; then
106 # Fetch firmware binary blob for RPi3P
106 as_nobody wget -q -O "${temp_dir}/brcmfmac43455-sdio.bin" "${WLAN_FIRMWARE_URL}/brcmfmac43455-sdio.bin"
107 as_nobody wget -q -O "${temp_dir}/brcmfmac43455-sdio.bin" "${WLAN_FIRMWARE_URL}/brcmfmac43455-sdio.bin"
107 as_nobody wget -q -O "${temp_dir}/brcmfmac43455-sdio.txt" "${WLAN_FIRMWARE_URL}/brcmfmac43455-sdio.txt"
108 as_nobody wget -q -O "${temp_dir}/brcmfmac43455-sdio.txt" "${WLAN_FIRMWARE_URL}/brcmfmac43455-sdio.txt"
108 as_nobody wget -q -O "${temp_dir}/brcmfmac43455-sdio.clm_blob" "${WLAN_FIRMWARE_URL}/brcmfmac43455-sdio.clm_blob"
109 as_nobody wget -q -O "${temp_dir}/brcmfmac43455-sdio.clm_blob" "${WLAN_FIRMWARE_URL}/brcmfmac43455-sdio.clm_blob"
109 elif [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 0 ] ; then
110 elif [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 0 ] ; then
110 # Fetch firmware binary blob for RPI3
111 # Fetch firmware binary blob for RPi3
111 as_nobody wget -q -O "${temp_dir}/brcmfmac43430-sdio.bin" "${WLAN_FIRMWARE_URL}/brcmfmac43430-sdio.bin"
112 as_nobody wget -q -O "${temp_dir}/brcmfmac43430-sdio.bin" "${WLAN_FIRMWARE_URL}/brcmfmac43430-sdio.bin"
112 as_nobody wget -q -O "${temp_dir}/brcmfmac43430-sdio.txt" "${WLAN_FIRMWARE_URL}/brcmfmac43430-sdio.txt"
113 as_nobody wget -q -O "${temp_dir}/brcmfmac43430-sdio.txt" "${WLAN_FIRMWARE_URL}/brcmfmac43430-sdio.txt"
113 fi
114 fi
Show file before | Show file after | Hide comments
@@ -253,11 +253,12 if [ -n "$SET_ARCH" ] ; then
253 # 64 bit config
253 # 64 bit config
254 ##################################
254 ##################################
255 if [ "$SET_ARCH" = 64 ] ; then
255 if [ "$SET_ARCH" = 64 ] ; then
256 # 64 bit depended settings
256 # General 64 bit depended settings
257 QEMU_BINARY=${QEMU_BINARY:=/usr/bin/qemu-aarch64-static}
257 QEMU_BINARY=${QEMU_BINARY:=/usr/bin/qemu-aarch64-static}
258 KERNEL_ARCH=${KERNEL_ARCH:=arm64}
258 KERNEL_ARCH=${KERNEL_ARCH:=arm64}
259 KERNEL_BIN_IMAGE=${KERNEL_BIN_IMAGE:="Image"}
259 KERNEL_BIN_IMAGE=${KERNEL_BIN_IMAGE:="Image"}
260
260
261 # Board specific settings
261 if [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] ; then
262 if [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] ; then
262 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} crossbuild-essential-arm64"
263 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} crossbuild-essential-arm64"
263 KERNEL_DEFCONFIG=${KERNEL_DEFCONFIG:=bcmrpi3_defconfig}
264 KERNEL_DEFCONFIG=${KERNEL_DEFCONFIG:=bcmrpi3_defconfig}
@@ -270,16 +271,14 if [ -n "$SET_ARCH" ] ; then
270 fi
271 fi
271 fi
272 fi
272
273
273 ##################################
274 # 32 bit configuration
274 # 32 bit config
275 ##################################
276 if [ "$SET_ARCH" = 32 ] ; then
275 if [ "$SET_ARCH" = 32 ] ; then
277 #General 32bit configuration
276 # General 32 bit dependend settings
278 QEMU_BINARY=${QEMU_BINARY:=/usr/bin/qemu-arm-static}
277 QEMU_BINARY=${QEMU_BINARY:=/usr/bin/qemu-arm-static}
279 KERNEL_ARCH=${KERNEL_ARCH:=arm}
278 KERNEL_ARCH=${KERNEL_ARCH:=arm}
280 KERNEL_BIN_IMAGE=${KERNEL_BIN_IMAGE:="zImage"}
279 KERNEL_BIN_IMAGE=${KERNEL_BIN_IMAGE:="zImage"}
281
280
282 #Raspberry setting grouped by board compability
281 # Hardware specific settings
283 if [ "$RPI_MODEL" = 0 ] || [ "$RPI_MODEL" = 1 ] || [ "$RPI_MODEL" = 1P ] ; then
282 if [ "$RPI_MODEL" = 0 ] || [ "$RPI_MODEL" = 1 ] || [ "$RPI_MODEL" = 1P ] ; then
284 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} crossbuild-essential-armel"
283 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} crossbuild-essential-armel"
285 KERNEL_DEFCONFIG=${KERNEL_DEFCONFIG:=bcmrpi_defconfig}
284 KERNEL_DEFCONFIG=${KERNEL_DEFCONFIG:=bcmrpi_defconfig}
@@ -287,6 +286,8 if [ -n "$SET_ARCH" ] ; then
287 KERNEL_IMAGE=${KERNEL_IMAGE:=kernel.img}
286 KERNEL_IMAGE=${KERNEL_IMAGE:=kernel.img}
288 CROSS_COMPILE=${CROSS_COMPILE:=arm-linux-gnueabi-}
287 CROSS_COMPILE=${CROSS_COMPILE:=arm-linux-gnueabi-}
289 fi
288 fi
289
290 # Hardware specific settings
290 if [ "$RPI_MODEL" = 2 ] || [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] ; then
291 if [ "$RPI_MODEL" = 2 ] || [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] ; then
291 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} crossbuild-essential-armhf"
292 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} crossbuild-essential-armhf"
292 KERNEL_DEFCONFIG=${KERNEL_DEFCONFIG:=bcm2709_defconfig}
293 KERNEL_DEFCONFIG=${KERNEL_DEFCONFIG:=bcm2709_defconfig}
@@ -300,8 +301,7 else
300 echo "error: Please set '32' or '64' as value for SET_ARCH"
301 echo "error: Please set '32' or '64' as value for SET_ARCH"
301 exit 1
302 exit 1
302 fi
303 fi
303
304 # Device specific configuration and U-Boot configuration
304 #Device specific configuration
305 case "$RPI_MODEL" in
305 case "$RPI_MODEL" in
306 0)
306 0)
307 DTB_FILE=${DTB_FILE:=bcm2708-rpi-0-w.dtb}
307 DTB_FILE=${DTB_FILE:=bcm2708-rpi-0-w.dtb}
@@ -352,6 +352,7 if [ -n "$DISABLE_UNDERVOLT_WARNINGS" ] ; then
352 fi
352 fi
353 fi
353 fi
354
354
355 # Add cmake to compile videocore sources
355 if [ "$ENABLE_VIDEOCORE" = true ] ; then
356 if [ "$ENABLE_VIDEOCORE" = true ] ; then
356 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} cmake"
357 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} cmake"
357 fi
358 fi
@@ -564,6 +565,11 if [ "$ENABLE_REDUCE" = true ] ; then
564 fi
565 fi
565 fi
566 fi
566
567
568 # Configure systemd-sysv exclude to make halt/reboot/shutdown scripts available
569 if [ "$ENABLE_SYSVINIT" = false ] ; then
570 APT_EXCLUDES="--exclude=${APT_EXCLUDES},init,systemd-sysv"
571 fi
572
567 # Configure kernel sources if no KERNELSRC_DIR
573 # Configure kernel sources if no KERNELSRC_DIR
568 if [ "$BUILD_KERNEL" = true ] && [ -z "$KERNELSRC_DIR" ] ; then
574 if [ "$BUILD_KERNEL" = true ] && [ -z "$KERNELSRC_DIR" ] ; then
569 KERNELSRC_CONFIG=true
575 KERNELSRC_CONFIG=true
General Comments 0
Vous devez vous connecter pour laisser un commentaire. Se connecter maintenant