##// END OF EJS Templates
Raspi2-3_GenImage
RSS

Cloner depuis https://github.com/drtyhlpr/rpi23-gen-image.git

fix
Unknown -
r350:fa400b65d6ce
parent child
Show More
Show file before | Show file after | Hide comments
@@ -1,487 +1,499
1 1 # rpi23-gen-image
2 2 ## Introduction
3 3 `rpi23-gen-image.sh` is an advanced Debian Linux bootstrapping shell script for generating Debian OS images for Raspberry Pi 2 (RPi2) and Raspberry Pi 3 (RPi3) computers. The script at this time supports the bootstrapping of the Debian (armhf) releases `stretch` and `buster`. Raspberry Pi 3 images are generated for 32-bit mode only. Raspberry Pi 3 64-bit images can be generated using custom configuration parameters (```templates/rpi3-stretch-arm64-4.11.y```).
4 4
5 5 ## Build dependencies
6 6 The following list of Debian packages must be installed on the build system because they are essentially required for the bootstrapping process. The script will check if all required packages are installed and missing packages will be installed automatically if confirmed by the user.
7 7
8 8 ```debootstrap debian-archive-keyring qemu-user-static binfmt-support dosfstools rsync bmap-tools whois git bc psmisc dbus sudo```
9 9
10 10 It is recommended to configure the `rpi23-gen-image.sh` script to build and install the latest Raspberry Pi Linux kernel. For the RPi3 this is mandatory. Kernel compilation and linking will be performed on the build system using an ARM (armhf) cross-compiler toolchain.
11 11
12 12 The script has been tested using the default `crossbuild-essential-armhf` toolchain meta package on Debian Linux and `stretch` build systems. Please check the [Debian CrossToolchains Wiki](https://wiki.debian.org/CrossToolchains) for further information.
13 13
14 14 ## Command-line parameters
15 15 The script accepts certain command-line parameters to enable or disable specific OS features, services and configuration settings. These parameters are passed to the `rpi23-gen-image.sh` script via (simple) shell-variables. Unlike environment shell-variables (simple) shell-variables are defined at the beginning of the command-line call of the `rpi23-gen-image.sh` script.
16 16
17 17 ##### Command-line examples:
18 18 ```shell
19 19 ENABLE_UBOOT=true ./rpi23-gen-image.sh
20 20 ENABLE_CONSOLE=false ENABLE_IPV6=false ./rpi23-gen-image.sh
21 21 ENABLE_WM=xfce4 ENABLE_FBTURBO=true ENABLE_MINBASE=true ./rpi23-gen-image.sh
22 22 ENABLE_HARDNET=true ENABLE_IPTABLES=true /rpi23-gen-image.sh
23 23 APT_SERVER=ftp.de.debian.org APT_PROXY="http://127.0.0.1:3142/" ./rpi23-gen-image.sh
24 24 ENABLE_MINBASE=true ./rpi23-gen-image.sh
25 25 BUILD_KERNEL=true ENABLE_MINBASE=true ENABLE_IPV6=false ./rpi23-gen-image.sh
26 26 BUILD_KERNEL=true KERNELSRC_DIR=/tmp/linux ./rpi23-gen-image.sh
27 27 ENABLE_MINBASE=true ENABLE_REDUCE=true ENABLE_MINGPU=true BUILD_KERNEL=true ./rpi23-gen-image.sh
28 28 ENABLE_CRYPTFS=true CRYPTFS_PASSWORD=changeme EXPANDROOT=false ENABLE_MINBASE=true ENABLE_REDUCE=true ENABLE_MINGPU=true BUILD_KERNEL=true ./rpi23-gen-image.sh
29 29 RELEASE=stretch BUILD_KERNEL=true ./rpi23-gen-image.sh
30 30 RPI_MODEL=3 ENABLE_WIRELESS=true ENABLE_MINBASE=true BUILD_KERNEL=true ./rpi23-gen-image.sh
31 31 RELEASE=stretch RPI_MODEL=3 ENABLE_WIRELESS=true ENABLE_MINBASE=true BUILD_KERNEL=true ./rpi23-gen-image.sh
32 32 ```
33 33
34 34 ## Configuration template files
35 35 To avoid long lists of command-line parameters and to help to store the favourite parameter configurations the `rpi23-gen-image.sh` script supports so called configuration template files (`CONFIG_TEMPLATE`=template). These are simple text files located in the `./templates` directory that contain the list of configuration parameters that will be used. New configuration template files can be added to the `./templates` directory.
36 36
37 37 ##### Command-line examples:
38 38 ```shell
39 39 CONFIG_TEMPLATE=rpi3stretch ./rpi23-gen-image.sh
40 40 CONFIG_TEMPLATE=rpi2stretch ./rpi23-gen-image.sh
41 41 ```
42 42
43 43 ## Supported parameters and settings
44 44 #### APT settings:
45 45 ##### `APT_SERVER`="ftp.debian.org/debian"
46 46 Set Debian packages server address. Choose a server from the list of Debian worldwide [mirror sites](https://www.debian.org/mirror/list). Using a nearby server will probably speed-up all required downloads within the bootstrapping process.
47 47
48 48 ##### `APT_PROXY`=""
49 49 Set Proxy server address. Using a local Proxy-Cache like `apt-cacher-ng` will speed-up the bootstrapping process because all required Debian packages will only be downloaded from the Debian mirror site once. If `apt-cacher-ng` is running on default `http://127.0.0.1:3142` it is autodetected and you don't need to set this.
50 50
51 51 ##### `APT_INCLUDES`=""
52 52 A comma separated list of additional packages to be installed by debootstrap during bootstrapping.
53 53
54 54 ##### `APT_INCLUDES_LATE`=""
55 55 A comma separated list of additional packages to be installed by apt after bootstrapping and after APT sources are set up. This is useful for packages with pre-depends, which debootstrap do not handle well.
56 56
57 57 ---
58 58
59 59 #### General system settings:
60 60 ##### `RPI_MODEL`=2
61 61 Specifiy the target Raspberry Pi hardware model. The script at this time supports the following Raspberry Pi models:
62 62 `0` = Used for Raspberry Pi 0 and Raspberry Pi 0 W
63 63 `1` = Used for Pi 1 model A and B
64 64 `1P` = Used for Pi 1 model B+ and A+
65 65 `2` = Used for Pi 2 model B
66 66 `3` = Used for Pi 3 model B
67 67 `3P` = Used for Pi 3 model B+
68 68 `BUILD_KERNEL`=true will automatically be set if the Raspberry Pi model `3` or `3P` is used.
69 69
70 70 ##### `RELEASE`="buster"
71 71 Set the desired Debian release name. The script at this time supports the bootstrapping of the Debian releases "stretch" and "buster". `BUILD_KERNEL`=true will automatically be set if the Debian releases `stretch` or `buster` are used.
72 72
73 73 ##### `RELEASE_ARCH`="armhf"
74 74 Set the desired Debian release architecture.
75 75
76 76 ##### `HOSTNAME`="rpi$RPI_MODEL-$RELEASE"
77 77 Set system host name. It's recommended that the host name is unique in the corresponding subnet.
78 78
79 79 ##### `PASSWORD`="raspberry"
80 80 Set system `root` password. It's **STRONGLY** recommended that you choose a custom password.
81 81
82 82 ##### `USER_PASSWORD`="raspberry"
83 83 Set password for the created non-root user `USER_NAME`=pi. Ignored if `ENABLE_USER`=false. It's **STRONGLY** recommended that you choose a custom password.
84 84
85 85 ##### `DEFLOCAL`="en_US.UTF-8"
86 86 Set default system locale. This setting can also be changed inside the running OS using the `dpkg-reconfigure locales` command. Please note that on using this parameter the script will automatically install the required packages `locales`, `keyboard-configuration` and `console-setup`.
87 87
88 88 ##### `TIMEZONE`="Europe/Berlin"
89 89 Set default system timezone. All available timezones can be found in the `/usr/share/zoneinfo/` directory. This setting can also be changed inside the running OS using the `dpkg-reconfigure tzdata` command.
90 90
91 91 ##### `EXPANDROOT`=true
92 92 Expand the root partition and filesystem automatically on first boot.
93 93
94 94 ##### `ENABLE_QEMU`=false
95 95 Generate kernel (`vexpress_defconfig`), file system image (`qcow2`) and DTB files that can be used for QEMU full system emulation (`vexpress-A15`). The output files are stored in the `$(pwd)/images/qemu` directory. You can find more information about running the generated image in the QEMU section of this readme file.
96 96
97 97 ---
98 98
99 99 #### Keyboard settings:
100 100 These options are used to configure keyboard layout in `/etc/default/keyboard` for console and Xorg. These settings can also be changed inside the running OS using the `dpkg-reconfigure keyboard-configuration` command.
101 101
102 102 ##### `XKB_MODEL`=""
103 103 Set the name of the model of your keyboard type.
104 104
105 105 ##### `XKB_LAYOUT`=""
106 106 Set the supported keyboard layout(s).
107 107
108 108 ##### `XKB_VARIANT`=""
109 109 Set the supported variant(s) of the keyboard layout(s).
110 110
111 111 ##### `XKB_OPTIONS`=""
112 112 Set extra xkb configuration options.
113 113
114 114 ---
115 115
116 116 #### Networking settings (DHCP):
117 117 This parameter is used to set up networking auto configuration in `/etc/systemd/network/eth.network`. The default location of network configuration files in the Debian `stretch` release was changed to `/lib/systemd/network`.`
118 118
119 119 ##### `ENABLE_DHCP`=true
120 120 Set the system to use DHCP. This requires an DHCP server.
121 121
122 122 ---
123 123
124 124 #### Networking settings (static):
125 125 These parameters are used to set up a static networking configuration in `/etc/systemd/network/eth.network`. The following static networking parameters are only supported if `ENABLE_DHCP` was set to `false`. The default location of network configuration files in the Debian `stretch` release was changed to `/lib/systemd/network`.
126 126
127 127 ##### `NET_ADDRESS`=""
128 128 Set a static IPv4 or IPv6 address and its prefix, separated by "/", eg. "192.169.0.3/24".
129 129
130 130 ##### `NET_GATEWAY`=""
131 131 Set the IP address for the default gateway.
132 132
133 133 ##### `NET_DNS_1`=""
134 134 Set the IP address for the first DNS server.
135 135
136 136 ##### `NET_DNS_2`=""
137 137 Set the IP address for the second DNS server.
138 138
139 139 ##### `NET_DNS_DOMAINS`=""
140 140 Set the default DNS search domains to use for non fully qualified host names.
141 141
142 142 ##### `NET_NTP_1`=""
143 143 Set the IP address for the first NTP server.
144 144
145 145 ##### `NET_NTP_2`=""
146 146 Set the IP address for the second NTP server.
147 147
148 148 ---
149 149
150 150 #### Basic system features:
151 151 ##### `ENABLE_CONSOLE`=true
152 152 Enable serial console interface. Recommended if no monitor or keyboard is connected to the RPi2/3. In case of problems fe. if the network (auto) configuration failed - the serial console can be used to access the system.
153 153
154 154 ##### `ENABLE_I2C`=false
155 155 Enable I2C interface on the RPi2/3. Please check the [RPi2/3 pinout diagrams](https://elinux.org/RPi_Low-level_peripherals) to connect the right GPIO pins.
156 156
157 157 ##### `ENABLE_SPI`=false
158 158 Enable SPI interface on the RPi2/3. Please check the [RPi2/3 pinout diagrams](https://elinux.org/RPi_Low-level_peripherals) to connect the right GPIO pins.
159 159
160 160 ##### `ENABLE_IPV6`=true
161 161 Enable IPv6 support. The network interface configuration is managed via systemd-networkd.
162 162
163 163 ##### `ENABLE_SSHD`=true
164 164 Install and enable OpenSSH service. The default configuration of the service doesn't allow `root` to login. Please use the user `pi` instead and `su -` or `sudo` to execute commands as root.
165 165
166 166 ##### `ENABLE_NONFREE`=false
167 167 Allow the installation of non-free Debian packages that do not comply with the DFSG. This is required to install closed-source firmware binary blobs.
168 168
169 169 ##### `ENABLE_WIRELESS`=false
170 170 Download and install the [closed-source firmware binary blob](https://github.com/RPi-Distro/firmware-nonfree/raw/master/brcm) that is required to run the internal wireless interface of the Raspberry Pi model `3`. This parameter is ignored if the specified `RPI_MODEL` is not `3`.
171 171
172 172 ##### `ENABLE_RSYSLOG`=true
173 173 If set to false, disable and uninstall rsyslog (so logs will be available only
174 174 in journal files)
175 175
176 176 ##### `ENABLE_SOUND`=true
177 177 Enable sound hardware and install Advanced Linux Sound Architecture.
178 178
179 179 ##### `ENABLE_HWRANDOM`=true
180 180 Enable Hardware Random Number Generator. Strong random numbers are important for most network based communications that use encryption. It's recommended to be enabled.
181 181
182 182 ##### `ENABLE_MINGPU`=false
183 183 Minimize the amount of shared memory reserved for the GPU. It doesn't seem to be possible to fully disable the GPU.
184 184
185 185 ##### `ENABLE_DBUS`=true
186 186 Install and enable D-Bus message bus. Please note that systemd should work without D-bus but it's recommended to be enabled.
187 187
188 188 ##### `ENABLE_XORG`=false
189 189 Install Xorg open-source X Window System.
190 190
191 191 ##### `ENABLE_WM`=""
192 192 Install a user defined window manager for the X Window System. To make sure all X related package dependencies are getting installed `ENABLE_XORG` will automatically get enabled if `ENABLE_WM` is used. The `rpi23-gen-image.sh` script has been tested with the following list of window managers: `blackbox`, `openbox`, `fluxbox`, `jwm`, `dwm`, `xfce4`, `awesome`.
193 193
194 194 ---
195 195
196 196 #### Advanced system features:
197 197 ##### `ENABLE_MINBASE`=false
198 198 Use debootstrap script variant `minbase` which only includes essential packages and apt. This will reduce the disk usage by about 65 MB.
199 199
200 200 ##### `ENABLE_REDUCE`=false
201 201 Reduce the disk space usage by deleting packages and files. See `REDUCE_*` parameters for detailed information.
202 202
203 203 ##### `ENABLE_UBOOT`=false
204 204 Replace the default RPi2/3 second stage bootloader (bootcode.bin) with [U-Boot bootloader](https://git.denx.de/?p=u-boot.git;a=summary). U-Boot can boot images via the network using the BOOTP/TFTP protocol.
205 205
206 206 ##### `UBOOTSRC_DIR`=""
207 207 Path to a directory (`u-boot`) of [U-Boot bootloader sources](https://git.denx.de/?p=u-boot.git;a=summary) that will be copied, configured, build and installed inside the chroot.
208 208
209 209 ##### `ENABLE_FBTURBO`=false
210 210 Install and enable the [hardware accelerated Xorg video driver](https://github.com/ssvb/xf86-video-fbturbo) `fbturbo`. Please note that this driver is currently limited to hardware accelerated window moving and scrolling.
211 211
212 212 ##### `FBTURBOSRC_DIR`=""
213 213 Path to a directory (`xf86-video-fbturbo`) of [hardware accelerated Xorg video driver sources](https://github.com/ssvb/xf86-video-fbturbo) that will be copied, configured, build and installed inside the chroot.
214 214
215 215 ##### `ENABLE_VIDEOCORE`=false
216 216 Install and enable the [Source code for ARM side libraries for interfacing to Raspberry Pi GPU](https://github.com/raspberrypi/userland) `vcgencmd`. Please note that this driver is currently limited to hardware accelerated window moving and scrolling.
217 217
218 218 ##### `VIDEOCORESRC_DIR`=""
219 219 Path to a directory (`userland`) of [Source code for ARM side libraries for interfacing to Raspberry Pi GPU](https://github.com/raspberrypi/userland) that will be copied, configured, build and installed inside the chroot.
220 220
221 221 ##### `ENABLE_IPTABLES`=false
222 222 Enable iptables IPv4/IPv6 firewall. Simplified ruleset: Allow all outgoing connections. Block all incoming connections except to OpenSSH service.
223 223
224 224 ##### `ENABLE_USER`=true
225 225 Create non-root user with password `USER_PASSWORD`=raspberry. Unless overridden with `USER_NAME`=user, username will be `pi`.
226 226
227 227 ##### `USER_NAME`=pi
228 228 Non-root user to create. Ignored if `ENABLE_USER`=false
229 229
230 230 ##### `ENABLE_ROOT`=false
231 231 Set root user password so root login will be enabled
232 232
233 233 ##### `ENABLE_HARDNET`=false
234 234 Enable IPv4/IPv6 network stack hardening settings.
235 235
236 236 ##### `ENABLE_SPLITFS`=false
237 237 Enable having root partition on an USB drive by creating two image files: one for the `/boot/firmware` mount point, and another for `/`.
238 238
239 239 ##### `CHROOT_SCRIPTS`=""
240 240 Path to a directory with scripts that should be run in the chroot before the image is finally built. Every executable file in this directory is run in lexicographical order.
241 241
242 242 ##### `ENABLE_INITRAMFS`=false
243 243 Create an initramfs that that will be loaded during the Linux startup process. `ENABLE_INITRAMFS` will automatically get enabled if `ENABLE_CRYPTFS`=true. This parameter will be ignored if `BUILD_KERNEL`=false.
244 244
245 245 ##### `ENABLE_IFNAMES`=true
246 246 Enable automatic assignment of predictable, stable network interface names for all local Ethernet, WLAN interfaces. This might create complex and long interface names. This parameter is only supported if the Debian releases `stretch` or `buster` are used.
247 247
248 248 ##### `DISABLE_UNDERVOLT_WARNINGS`=
249 249 Disable RPi2/3 under-voltage warnings and overlays. Setting the parameter to `1` will disable the warning overlay. Setting it to `2` will additionally allow RPi2/3 turbo mode when low-voltage is present.
250 250
251 251 ---
252 252
253 253 #### SSH settings:
254 254 ##### `SSH_ENABLE_ROOT`=false
255 255 Enable password root login via SSH. This may be a security risk with default password, use only in trusted environments. `ENABLE_ROOT` must be set to `true`.
256 256
257 257 ##### `SSH_DISABLE_PASSWORD_AUTH`=false
258 258 Disable password based SSH authentication. Only public key based SSH (v2) authentication will be supported.
259 259
260 260 ##### `SSH_LIMIT_USERS`=false
261 261 Limit the users that are allowed to login via SSH. Only allow user `USER_NAME`=pi and root if `SSH_ENABLE_ROOT`=true to login. This parameter will be ignored if `dropbear` SSH is used (`REDUCE_SSHD`=true).
262 262
263 263 ##### `SSH_ROOT_PUB_KEY`=""
264 264 Add SSH (v2) public key(s) from specified file to `authorized_keys` file to enable public key based SSH (v2) authentication of user `root`. The specified file can also contain multiple SSH (v2) public keys. SSH protocol version 1 is not supported. `ENABLE_ROOT` **and** `SSH_ENABLE_ROOT` must be set to `true`.
265 265
266 266 ##### `SSH_USER_PUB_KEY`=""
267 267 Add SSH (v2) public key(s) from specified file to `authorized_keys` file to enable public key based SSH (v2) authentication of user `USER_NAME`=pi. The specified file can also contain multiple SSH (v2) public keys. SSH protocol version 1 is not supported.
268 268
269 269 ---
270 270
271 271 #### Kernel compilation:
272 272 ##### `BUILD_KERNEL`=false
273 273 Build and install the latest RPi2/3 Linux kernel. Currently only the default RPi2/3 kernel configuration is used. `BUILD_KERNEL`=true will automatically be set if the Raspberry Pi model `3` is used.
274 274
275 275 ##### `CROSS_COMPILE`="arm-linux-gnueabihf-"
276 276 This sets the cross compile enviornment for the compiler.
277 277
278 278 ##### `KERNEL_ARCH`="arm"
279 279 This sets the kernel architecture for the compiler.
280 280
281 281 ##### `KERNEL_IMAGE`="kernel7.img"
282 282 Name of the image file in the boot partition. If not set, `KERNEL_IMAGE` will be set to "kernel8.img" automatically if building for arm64.
283 283
284 284 ##### `KERNEL_BRANCH`=""
285 285 Name of the requested branch from the GIT location for the RPi Kernel. Default is using the current default branch from the GIT site.
286 286
287 287 ##### `QEMU_BINARY`="/usr/bin/qemu-arm-static"
288 288 Sets the QEMU enviornment for the Debian archive. If not set, `QEMU_BINARY` will be set to "/usr/bin/qemu-aarch64-static" automatically if building for arm64.
289 289
290 290 ##### `KERNEL_DEFCONFIG`="bcm2709_defconfig"
291 291 Sets the default config for kernel compiling. If not set, `KERNEL_DEFCONFIG` will be set to "bcmrpi3\_defconfig" automatically if building for arm64.
292 292
293 293 ##### `KERNEL_REDUCE`=false
294 294 Reduce the size of the generated kernel by removing unwanted device, network and filesystem drivers (experimental).
295 295
296 296 ##### `KERNEL_THREADS`=1
297 297 Number of parallel kernel building threads. If the parameter is left untouched the script will automatically determine the number of CPU cores to set the number of parallel threads to speed the kernel compilation.
298 298
299 299 ##### `KERNEL_HEADERS`=true
300 300 Install kernel headers with built kernel.
301 301
302 302 ##### `KERNEL_MENUCONFIG`=false
303 303 Start `make menuconfig` interactive menu-driven kernel configuration. The script will continue after `make menuconfig` was terminated.
304 304
305 305 ##### `KERNEL_OLDDEFCONFIG`=false
306 306 Run `make olddefconfig` to automatically set all new kernel configuration options to their recommended default values.
307 307
308 308 ##### `KERNEL_CCACHE`=false
309 309 Compile the kernel using ccache. This speeds up kernel recompilation by caching previous compilations and detecting when the same compilation is being done again.
310 310
311 311 ##### `KERNEL_REMOVESRC`=true
312 312 Remove all kernel sources from the generated OS image after it was built and installed.
313 313
314 314 ##### `KERNELSRC_DIR`=""
315 315 Path to a directory (`linux`) of [RaspberryPi Linux kernel sources](https://github.com/raspberrypi/linux) that will be copied, configured, build and installed inside the chroot.
316 316
317 317 ##### `KERNELSRC_CLEAN`=false
318 318 Clean the existing kernel sources directory `KERNELSRC_DIR` (using `make mrproper`) after it was copied to the chroot and before the compilation of the kernel has started. This parameter will be ignored if no `KERNELSRC_DIR` was specified or if `KERNELSRC_PREBUILT`=true.
319 319
320 320 ##### `KERNELSRC_CONFIG`=true
321 321 Run `make bcm2709_defconfig` (and optional `make menuconfig`) to configure the kernel sources before building. This parameter is automatically set to `true` if no existing kernel sources directory was specified using `KERNELSRC_DIR`. This parameter is ignored if `KERNELSRC_PREBUILT`=true.
322 322
323 323 ##### `KERNELSRC_USRCONFIG`=""
324 324 Copy own config file to kernel `.config`. If `KERNEL_MENUCONFIG`=true then running after copy.
325 325
326 326 ##### `KERNELSRC_PREBUILT`=false
327 327 With this parameter set to true the script expects the existing kernel sources directory to be already successfully cross-compiled. The parameters `KERNELSRC_CLEAN`, `KERNELSRC_CONFIG`, `KERNELSRC_USRCONFIG` and `KERNEL_MENUCONFIG` are ignored and no kernel compilation tasks are performed.
328 328
329 329 ##### `RPI_FIRMWARE_DIR`=""
330 330 The directory (`firmware`) containing a local copy of the firmware from the [RaspberryPi firmware project](https://github.com/raspberrypi/firmware). Default is to download the latest firmware directly from the project.
331 331
332 ##### `KERNEL_NF`=false
333 Enable Netfilter modules as kernel modules (systemd compilations about it (File /lib/systemd/system/systemd-journald.server:36 configures an IP firewall (IPAddressDeny=all), but the local system does not support BPF/cgroup based firewalls)
334
335 ##### `KERNEL_VIRT`=false
336 Enable Kernel KVM support (/dev/kvm)
337
338 ##### `KERNEL_ZSWAP`=false
339 Enable Kernel Zswap support. Best use on high RAM load and mediocre CPU load usecases
340
341
342
343
332 344 ---
333 345
334 346 #### Reduce disk usage:
335 347 The following list of parameters is ignored if `ENABLE_REDUCE`=false.
336 348
337 349 ##### `REDUCE_APT`=true
338 350 Configure APT to use compressed package repository lists and no package caching files.
339 351
340 352 ##### `REDUCE_DOC`=true
341 353 Remove all doc files (harsh). Configure APT to not include doc files on future `apt-get` package installations.
342 354
343 355 ##### `REDUCE_MAN`=true
344 356 Remove all man pages and info files (harsh). Configure APT to not include man pages on future `apt-get` package installations.
345 357
346 358 ##### `REDUCE_VIM`=false
347 359 Replace `vim-tiny` package by `levee` a tiny vim clone.
348 360
349 361 ##### `REDUCE_BASH`=false
350 362 Remove `bash` package and switch to `dash` shell (experimental).
351 363
352 364 ##### `REDUCE_HWDB`=true
353 365 Remove PCI related hwdb files (experimental).
354 366
355 367 ##### `REDUCE_SSHD`=true
356 368 Replace `openssh-server` with `dropbear`.
357 369
358 370 ##### `REDUCE_LOCALE`=true
359 371 Remove all `locale` translation files.
360 372
361 373 ---
362 374
363 375 #### Encrypted root partition:
364 376 ##### `ENABLE_CRYPTFS`=false
365 377 Enable full system encryption with dm-crypt. Setup a fully LUKS encrypted root partition (aes-xts-plain64:sha512) and generate required initramfs. The /boot directory will not be encrypted. This parameter will be ignored if `BUILD_KERNEL`=false. `ENABLE_CRYPTFS` is experimental. SSH-to-initramfs is currently not supported but will be soon - feel free to help.
366 378
367 379 ##### `CRYPTFS_PASSWORD`=""
368 380 Set password of the encrypted root partition. This parameter is mandatory if `ENABLE_CRYPTFS`=true.
369 381
370 382 ##### `CRYPTFS_MAPPING`="secure"
371 383 Set name of dm-crypt managed device-mapper mapping.
372 384
373 385 ##### `CRYPTFS_CIPHER`="aes-xts-plain64:sha512"
374 386 Set cipher specification string. `aes-xts*` ciphers are strongly recommended.
375 387
376 388 ##### `CRYPTFS_XTSKEYSIZE`=512
377 389 Sets key size in bits. The argument has to be a multiple of 8.
378 390
379 391 ---
380 392
381 393 #### Build settings:
382 394 ##### `BASEDIR`=$(pwd)/images/${RELEASE}
383 395 Set a path to a working directory used by the script to generate an image.
384 396
385 397 ##### `IMAGE_NAME`=${BASEDIR}/${DATE}-${KERNEL_ARCH}-${KERNEL_BRANCH}-rpi${RPI_MODEL}-${RELEASE}-${RELEASE_ARCH}
386 398 Set a filename for the output file(s). Note: the script will create $IMAGE_NAME.img if `ENABLE_SPLITFS`=false or $IMAGE_NAME-frmw.img and $IMAGE_NAME-root.img if `ENABLE_SPLITFS`=true. Note 2: If the KERNEL_BRANCH is not set, the word "CURRENT" is used.
387 399
388 400 ## Understanding the script
389 401 The functions of this script that are required for the different stages of the bootstrapping are split up into single files located inside the `bootstrap.d` directory. During the bootstrapping every script in this directory gets executed in lexicographical order:
390 402
391 403 | Script | Description |
392 404 | --- | --- |
393 405 | `10-bootstrap.sh` | Debootstrap basic system |
394 406 | `11-apt.sh` | Setup APT repositories |
395 407 | `12-locale.sh` | Setup Locales and keyboard settings |
396 408 | `13-kernel.sh` | Build and install RPi2/3 Kernel |
397 409 | `14-fstab.sh` | Setup fstab and initramfs |
398 410 | `15-rpi-config.sh` | Setup RPi2/3 config and cmdline |
399 411 | `20-networking.sh` | Setup Networking |
400 412 | `21-firewall.sh` | Setup Firewall |
401 413 | `30-security.sh` | Setup Users and Security settings |
402 414 | `31-logging.sh` | Setup Logging |
403 415 | `32-sshd.sh` | Setup SSH and public keys |
404 416 | `41-uboot.sh` | Build and Setup U-Boot |
405 417 | `42-fbturbo.sh` | Build and Setup fbturbo Xorg driver |
406 418 | `50-firstboot.sh` | First boot actions |
407 419 | `99-reduce.sh` | Reduce the disk space usage |
408 420
409 421 All the required configuration files that will be copied to the generated OS image are located inside the `files` directory. It is not recommended to modify these configuration files manually.
410 422
411 423 | Directory | Description |
412 424 | --- | --- |
413 425 | `apt` | APT management configuration files |
414 426 | `boot` | Boot and RPi2/3 configuration files |
415 427 | `dpkg` | Package Manager configuration |
416 428 | `etc` | Configuration files and rc scripts |
417 429 | `firstboot` | Scripts that get executed on first boot |
418 430 | `initramfs` | Initramfs scripts |
419 431 | `iptables` | Firewall configuration files |
420 432 | `locales` | Locales configuration |
421 433 | `modules` | Kernel Modules configuration |
422 434 | `mount` | Fstab configuration |
423 435 | `network` | Networking configuration files |
424 436 | `sysctl.d` | Swapping and Network Hardening configuration |
425 437 | `xorg` | fbturbo Xorg driver configuration |
426 438
427 439 ## Custom packages and scripts
428 440 Debian custom packages, i.e. those not in the debian repositories, can be installed by placing them in the `packages` directory. They are installed immediately after packages from the repositories are installed. Any dependencies listed in the custom packages will be downloaded automatically from the repositories. Do not list these custom packages in `APT_INCLUDES`.
429 441
430 442 Scripts in the custom.d directory will be executed after all other installation is complete but before the image is created.
431 443
432 444 ## Logging of the bootstrapping process
433 445 All information related to the bootstrapping process and the commands executed by the `rpi23-gen-image.sh` script can easily be saved into a logfile. The common shell command `script` can be used for this purpose:
434 446
435 447 ```shell
436 448 script -c 'APT_SERVER=ftp.de.debian.org ./rpi23-gen-image.sh' ./build.log
437 449 ```
438 450
439 451 ## Flashing the image file
440 452 After the image file was successfully created by the `rpi23-gen-image.sh` script it can be copied to the microSD card that will be used by the RPi2/3 computer. This can be performed by using the tools `bmaptool` or `dd`. Using `bmaptool` will probably speed-up the copy process because `bmaptool` copies more wisely than `dd`.
441 453
442 454 ##### Flashing examples:
443 455 ```shell
444 456 bmaptool copy ./images/jessie/2017-01-23-rpi3-jessie.img /dev/mmcblk0
445 457 dd bs=4M if=./images/jessie/2017-01-23-rpi3-jessie.img of=/dev/mmcblk0
446 458 ```
447 459 If you have set `ENABLE_SPLITFS`, copy the `-frmw` image on the microSD card, then the `-root` one on the USB drive:
448 460 ```shell
449 461 bmaptool copy ./images/jessie/2017-01-23-rpi3-jessie-frmw.img /dev/mmcblk0
450 462 bmaptool copy ./images/jessie/2017-01-23-rpi3-jessie-root.img /dev/sdc
451 463 ```
452 464
453 465 ## QEMU emulation
454 466 Start QEMU full system emulation:
455 467 ```shell
456 468 qemu-system-arm -m 2048M -M vexpress-a15 -cpu cortex-a15 -kernel kernel7.img -no-reboot -dtb vexpress-v2p-ca15_a7.dtb -sd ${IMAGE_NAME}.qcow2 -append "root=/dev/mmcblk0p2 rw rootfstype=ext4 console=tty1"
457 469 ```
458 470
459 471 Start QEMU full system emulation and output to console:
460 472 ```shell
461 473 qemu-system-arm -m 2048M -M vexpress-a15 -cpu cortex-a15 -kernel kernel7.img -no-reboot -dtb vexpress-v2p-ca15_a7.dtb -sd ${IMAGE_NAME}.qcow2 -append "root=/dev/mmcblk0p2 rw rootfstype=ext4 console=ttyAMA0,115200 init=/bin/systemd" -serial stdio
462 474 ```
463 475
464 476 Start QEMU full system emulation with SMP and output to console:
465 477 ```shell
466 478 qemu-system-arm -m 2048M -M vexpress-a15 -cpu cortex-a15 -smp cpus=2,maxcpus=2 -kernel kernel7.img -no-reboot -dtb vexpress-v2p-ca15_a7.dtb -sd ${IMAGE_NAME}.qcow2 -append "root=/dev/mmcblk0p2 rw rootfstype=ext4 console=ttyAMA0,115200 init=/bin/systemd" -serial stdio
467 479 ```
468 480
469 481 Start QEMU full system emulation with cryptfs, initramfs and output to console:
470 482 ```shell
471 483 qemu-system-arm -m 2048M -M vexpress-a15 -cpu cortex-a15 -kernel kernel7.img -no-reboot -dtb vexpress-v2p-ca15_a7.dtb -sd ${IMAGE_NAME}.qcow2 -initrd "initramfs-${KERNEL_VERSION}" -append "root=/dev/mapper/secure cryptdevice=/dev/mmcblk0p2:secure rw rootfstype=ext4 console=ttyAMA0,115200 init=/bin/systemd" -serial stdio
472 484 ```
473 485
474 486 ## Weekly image builds
475 487 The image files are provided by JRWR'S I/O PORT and are built once a Sunday at midnight UTC!
476 488 * [Debian Stretch Raspberry Pi2/3 Weekly Image Builds](https://jrwr.io/doku.php?id=projects:debianpi)
477 489
478 490 ## External links and references
479 491 * [Debian worldwide mirror sites](https://www.debian.org/mirror/list)
480 492 * [Debian Raspberry Pi 2 Wiki](https://wiki.debian.org/RaspberryPi2)
481 493 * [Debian CrossToolchains Wiki](https://wiki.debian.org/CrossToolchains)
482 494 * [Official Raspberry Pi Firmware on github](https://github.com/raspberrypi/firmware)
483 495 * [Official Raspberry Pi Kernel on github](https://github.com/raspberrypi/linux)
484 496 * [U-BOOT git repository](https://git.denx.de/?p=u-boot.git;a=summary)
485 497 * [Xorg DDX driver fbturbo](https://github.com/ssvb/xf86-video-fbturbo)
486 498 * [RPi3 Wireless interface firmware](https://github.com/RPi-Distro/firmware-nonfree/tree/master/brcm80211/brcm)
487 499 * [Collabora RPi2 Kernel precompiled](https://repositories.collabora.co.uk/debian/)
Show file before | Show file after | Hide comments
@@ -1,416 +1,412
1 1 #
2 2 # Build and Setup RPi2/3 Kernel
3 3 #
4 4
5 5 # Load utility functions
6 6 . ./functions.sh
7 7
8 8 # Fetch and build latest raspberry kernel
9 9 if [ "$BUILD_KERNEL" = true ] ; then
10 10 # Setup source directory
11 11 mkdir -p "${R}/usr/src/linux"
12 12
13 13 # Copy existing kernel sources into chroot directory
14 14 if [ -n "$KERNELSRC_DIR" ] && [ -d "$KERNELSRC_DIR" ] ; then
15 15 # Copy kernel sources and include hidden files
16 16 cp -r "${KERNELSRC_DIR}/". "${R}/usr/src/linux"
17 17
18 18 # Clean the kernel sources
19 19 if [ "$KERNELSRC_CLEAN" = true ] && [ "$KERNELSRC_PREBUILT" = false ] ; then
20 20 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" mrproper
21 21 fi
22 22 else # KERNELSRC_DIR=""
23 23 # Create temporary directory for kernel sources
24 24 temp_dir=$(as_nobody mktemp -d)
25 25
26 26 # Fetch current RPi2/3 kernel sources
27 27 if [ -z "${KERNEL_BRANCH}" ] ; then
28 28 as_nobody -H git -C "${temp_dir}" clone --depth=1 "${KERNEL_URL}" linux
29 29 else
30 30 as_nobody -H git -C "${temp_dir}" clone --depth=1 --branch "${KERNEL_BRANCH}" "${KERNEL_URL}" linux
31 31 fi
32 32
33 33 # Copy downloaded kernel sources
34 34 cp -r "${temp_dir}/linux/"* "${R}/usr/src/linux/"
35 35
36 36 # Remove temporary directory for kernel sources
37 37 rm -fr "${temp_dir}"
38 38
39 39 # Set permissions of the kernel sources
40 40 chown -R root:root "${R}/usr/src"
41 41 fi
42 42
43 43 # Calculate optimal number of kernel building threads
44 44 if [ "$KERNEL_THREADS" = "1" ] && [ -r /proc/cpuinfo ] ; then
45 45 KERNEL_THREADS=$(grep -c processor /proc/cpuinfo)
46 46 fi
47 47
48 48 # Configure and build kernel
49 49 if [ "$KERNELSRC_PREBUILT" = false ] ; then
50 50 # Remove device, network and filesystem drivers from kernel configuration
51 51 if [ "$KERNEL_REDUCE" = true ] ; then
52 52 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" "${KERNEL_DEFCONFIG}"
53 53 sed -i\
54 54 -e "s/\(^CONFIG_SND.*\=\).*/\1n/"\
55 55 -e "s/\(^CONFIG_SOUND.*\=\).*/\1n/"\
56 56 -e "s/\(^CONFIG_AC97.*\=\).*/\1n/"\
57 57 -e "s/\(^CONFIG_VIDEO_.*\=\).*/\1n/"\
58 58 -e "s/\(^CONFIG_MEDIA_TUNER.*\=\).*/\1n/"\
59 59 -e "s/\(^CONFIG_DVB.*\=\)[ym]/\1n/"\
60 60 -e "s/\(^CONFIG_REISERFS.*\=\).*/\1n/"\
61 61 -e "s/\(^CONFIG_JFS.*\=\).*/\1n/"\
62 62 -e "s/\(^CONFIG_XFS.*\=\).*/\1n/"\
63 63 -e "s/\(^CONFIG_GFS2.*\=\).*/\1n/"\
64 64 -e "s/\(^CONFIG_OCFS2.*\=\).*/\1n/"\
65 65 -e "s/\(^CONFIG_BTRFS.*\=\).*/\1n/"\
66 66 -e "s/\(^CONFIG_HFS.*\=\).*/\1n/"\
67 67 -e "s/\(^CONFIG_JFFS2.*\=\)[ym]/\1n/"\
68 68 -e "s/\(^CONFIG_UBIFS.*\=\).*/\1n/"\
69 69 -e "s/\(^CONFIG_SQUASHFS.*\=\)[ym]/\1n/"\
70 70 -e "s/\(^CONFIG_W1.*\=\)[ym]/\1n/"\
71 71 -e "s/\(^CONFIG_HAMRADIO.*\=\).*/\1n/"\
72 72 -e "s/\(^CONFIG_CAN.*\=\).*/\1n/"\
73 73 -e "s/\(^CONFIG_IRDA.*\=\).*/\1n/"\
74 74 -e "s/\(^CONFIG_BT_.*\=\).*/\1n/"\
75 75 -e "s/\(^CONFIG_WIMAX.*\=\)[ym]/\1n/"\
76 76 -e "s/\(^CONFIG_6LOWPAN.*\=\).*/\1n/"\
77 77 -e "s/\(^CONFIG_IEEE802154.*\=\).*/\1n/"\
78 78 -e "s/\(^CONFIG_NFC.*\=\).*/\1n/"\
79 79 -e "s/\(^CONFIG_FB_TFT=.*\=\).*/\1n/"\
80 80 -e "s/\(^CONFIG_TOUCHSCREEN.*\=\).*/\1n/"\
81 81 -e "s/\(^CONFIG_USB_GSPCA_.*\=\).*/\1n/"\
82 82 -e "s/\(^CONFIG_DRM.*\=\).*/\1n/"\
83 83 "${KERNEL_DIR}/.config"
84 84 fi
85 85
86 86 #Switch to KERNELSRC_DIR
87 87 pushd "${KERNELSRC_DIR}"
88 88
89 89 # GPL v2.0
90 90 #https://github.com/sakaki-/bcmrpi3-kernel-bis/blob/master/conform_config.sh
91 91 if [ "$KERNEL_ZSWAP" = true ] && ( [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] ) ; then
92 92 # enable ZSWAP support for better performance during large builds etc.
93 93 # requires activation via kernel parameter or sysfs
94 94 # see e.g. https://askubuntu.com/a/472227 for a summary of ZSWAP (vs ZRAM etc.)
95 95 # and e.g. https://wiki.archlinux.org/index.php/zswap for parameters etc.
96 96
97 97 set_kernel_config ZPOOL y
98 98 set_kernel_config ZSWAP y
99 99 set_kernel_config ZBUD y
100 100 set_kernel_config Z3FOLD y
101 101 set_kernel_config ZSMALLOC y
102 102 set_kernel_config PGTABLE_MAPPING y
103 103 fi
104 104
105 105 if [ "$KERNEL_VIRT" = true ] && ( [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] ) ; then
106 # Submit PRs with edits targeting the _bottom_ of this file
107 # Please set modules where possible, rather than building in, and
108 # provide a short rationale comment for the changes made
109
110 106 # enable basic KVM support; see e.g.
111 107 # https://www.raspberrypi.org/forums/viewtopic.php?f=63&t=210546&start=25#p1300453
112 108
113 109 set_kernel_config VIRTUALIZATION y
114 110 set_kernel_config KVM y
115 111 set_kernel_config VHOST_NET m
116 112 set_kernel_config VHOST_CROSS_ENDIAN_LEGACY y
117 113 fi
118 114
119 115 if [ "$KERNEL_NF" = true ] && ( [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] ) ; then
120 116 #See https://github.com/raspberrypi/linux/issues/2177#issuecomment-354647406
121 117 # Netfilter kernel support
122 118 # xtables
123 119 set_kernel_config NETFILTER_XTABLES m
124 120 # Netfilter nf_tables support
125 121 set_kernel_config NF_TABLES m
126 122
127 123 set_kernel_config CONFIG_NETFILTER_XTABLES m
128 124 set_kernel_config CONFIG_NF_TABLES_BRIDGE m
129 125
130 126 set_kernel_config CONFIG_NF_NAT_SIP m
131 127 set_kernel_config CONFIG_NF_NAT_TFTP m
132 128 set_kernel_config CONFIG_NF_NAT_REDIRECT m
133 129 set_kernel_config CONFIG_NF_TABLES_INET m
134 130 set_kernel_config CONFIG_NF_TABLES_NETDEV m
135 131 set_kernel_config CONFIG_NF_TABLES_ARP m
136 132 set_kernel_config CONFIG_NF_DUP_IPV4 m
137 133 set_kernel_config CONFIG_NF_LOG_IPV4 m
138 134 set_kernel_config CONFIG_NF_REJECT_IPV4 m
139 135 set_kernel_config CONFIG_NF_NAT_IPV4 m
140 136 set_kernel_config CONFIG_NF_DUP_NETDEV m
141 137 set_kernel_config CONFIG_NF_DEFRAG_IPV4 m
142 138 set_kernel_config CONFIG_NF_CONNTRACK_IPV4 m
143 139 set_kernel_config CONFIG_NF_TABLES_IPV4 m
144 140 set_kernel_config CONFIG_NF_NAT_MASQUERADE_IPV4 m
145 141 set_kernel_config CONFIG_NF_NAT_SNMP_BASIC m
146 142 set_kernel_config CONFIG_NF_NAT_PROTO_GRE m
147 143 set_kernel_config CONFIG_NF_NAT_PPTP m
148 144 set_kernel_config CONFIG_NF_DEFRAG_IPV6 m
149 145 set_kernel_config CONFIG_NF_CONNTRACK_IPV6 m
150 146 set_kernel_config CONFIG_NF_TABLES_IPV6 m
151 147 set_kernel_config CONFIG_NF_DUP_IPV6 m
152 148 set_kernel_config CONFIG_NF_REJECT_IPV6 m
153 149 set_kernel_config CONFIG_NF_LOG_IPV6 m
154 150 set_kernel_config CONFIG_NF_NAT_IPV6 m
155 151 set_kernel_config CONFIG_NF_NAT_MASQUERADE_IPV6 m
156 152
157 153 set_kernel_config CONFIG_NFT_EXTHDR m
158 154 set_kernel_config CONFIG_NFT_META m
159 155 set_kernel_config CONFIG_NFT_NUMGEN m
160 156 set_kernel_config CONFIG_NFT_CT m
161 157 set_kernel_config CONFIG_NFT_SET_RBTREE m
162 158 set_kernel_config CONFIG_NFT_SET_HASH m
163 159 set_kernel_config CONFIG_NFT_COUNTER m
164 160 set_kernel_config CONFIG_NFT_LOG m
165 161 set_kernel_config CONFIG_NFT_LIMIT m
166 162 set_kernel_config CONFIG_NFT_MASQ m
167 163 set_kernel_config CONFIG_NFT_REDIR m
168 164 set_kernel_config CONFIG_NFT_NAT m
169 165 set_kernel_config CONFIG_NFT_QUEUE m
170 166 set_kernel_config CONFIG_NFT_QUOTA m
171 167 set_kernel_config CONFIG_NFT_REJECT m
172 168 set_kernel_config CONFIG_NFT_REJECT_INET m
173 169 set_kernel_config CONFIG_NFT_COMPAT m
174 170 set_kernel_config CONFIG_NFT_HASH m
175 171 set_kernel_config CONFIG_NFT_DUP_NETDEV m
176 172 set_kernel_config CONFIG_NFT_FWD_NETDEV m
177 173 set_kernel_config CONFIG_NFT_CHAIN_ROUTE_IPV4 m
178 174 set_kernel_config CONFIG_NFT_REJECT_IPV4 m
179 175 set_kernel_config CONFIG_NFT_DUP_IPV4 m
180 176 set_kernel_config CONFIG_NFT_CHAIN_NAT_IPV4 m
181 177 set_kernel_config CONFIG_NFT_MASQ_IPV4 m
182 178 set_kernel_config CONFIG_NFT_REDIR_IPV4 m
183 179 set_kernel_config CONFIG_NFT_CHAIN_ROUTE_IPV6 m
184 180 set_kernel_config CONFIG_NFT_REJECT_IPV6 m
185 181 set_kernel_config CONFIG_NFT_DUP_IPV6 m
186 182 set_kernel_config CONFIG_NFT_CHAIN_NAT_IPV6 m
187 183 set_kernel_config CONFIG_NFT_MASQ_IPV6 m
188 184 set_kernel_config CONFIG_NFT_REDIR_IPV6 m
189 185 set_kernel_config CONFIG_NFT_BRIDGE_META m
190 186 set_kernel_config CONFIG_NFT_BRIDGE_REJECT m
191 187
192 188 set_kernel_config CONFIG_IP_SET_BITMAP_IPMAC m
193 189 set_kernel_config CONFIG_IP_SET_BITMAP_PORT m
194 190 set_kernel_config CONFIG_IP_SET_HASH_IP m
195 191 set_kernel_config CONFIG_IP_SET_HASH_IPMARK m
196 192 set_kernel_config CONFIG_IP_SET_HASH_IPPORT m
197 193 set_kernel_config CONFIG_IP_SET_HASH_IPPORTIP m
198 194 set_kernel_config CONFIG_IP_SET_HASH_IPPORTNET m
199 195 set_kernel_config CONFIG_IP_SET_HASH_MAC m
200 196 set_kernel_config CONFIG_IP_SET_HASH_NETPORTNET m
201 197 set_kernel_config CONFIG_IP_SET_HASH_NET m
202 198 set_kernel_config CONFIG_IP_SET_HASH_NETNET m
203 199 set_kernel_config CONFIG_IP_SET_HASH_NETPORT m
204 200 set_kernel_config CONFIG_IP_SET_HASH_NETIFACE m
205 201 set_kernel_config CONFIG_IP_SET_LIST_SET m
206 202
207 203 set_kernel_config CONFIG_IP6_NF_IPTABLES m
208 204 set_kernel_config CONFIG_IP6_NF_MATCH_AH m
209 205 set_kernel_config CONFIG_IP6_NF_MATCH_EUI64 m
210 206 set_kernel_config CONFIG_IP6_NF_NAT m
211 207 set_kernel_config CONFIG_IP6_NF_TARGET_MASQUERADE m
212 208 set_kernel_config CONFIG_IP6_NF_TARGET_NPT m
213 209
214 210 set_kernel_config CONFIG_NF_LOG_BRIDGE m
215 211 set_kernel_config CONFIG_BRIDGE_NF_EBTABLES m
216 212 set_kernel_config CONFIG_BRIDGE_EBT_BROUTE m
217 213 set_kernel_config CONFIG_BRIDGE_EBT_T_FILTER m
218 214 fi
219 215
220 216 popd
221 217
222 218 if [ "$KERNELSRC_CONFIG" = true ] ; then
223 219 # Load default raspberry kernel configuration
224 220 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" "${KERNEL_DEFCONFIG}"
225 221
226 222 # Set kernel configuration parameters to enable qemu emulation
227 223 if [ "$ENABLE_QEMU" = true ] ; then
228 224 echo "CONFIG_FHANDLE=y" >> "${KERNEL_DIR}"/.config
229 225 echo "CONFIG_LBDAF=y" >> "${KERNEL_DIR}"/.config
230 226
231 227 if [ "$ENABLE_CRYPTFS" = true ] ; then
232 228 {
233 229 echo "CONFIG_EMBEDDED=y"
234 230 echo "CONFIG_EXPERT=y"
235 231 echo "CONFIG_DAX=y"
236 232 echo "CONFIG_MD=y"
237 233 echo "CONFIG_BLK_DEV_MD=y"
238 234 echo "CONFIG_MD_AUTODETECT=y"
239 235 echo "CONFIG_BLK_DEV_DM=y"
240 236 echo "CONFIG_BLK_DEV_DM_BUILTIN=y"
241 237 echo "CONFIG_DM_CRYPT=y"
242 238 echo "CONFIG_CRYPTO_BLKCIPHER=y"
243 239 echo "CONFIG_CRYPTO_CBC=y"
244 240 echo "CONFIG_CRYPTO_XTS=y"
245 241 echo "CONFIG_CRYPTO_SHA512=y"
246 242 echo "CONFIG_CRYPTO_MANAGER=y"
247 243 } >> ${KERNEL_DIR}/.config
248 244 fi
249 245 fi
250 246
251 247 # Copy custom kernel configuration file
252 248 if [ -n "$KERNELSRC_USRCONFIG" ] ; then
253 249 cp "$KERNELSRC_USRCONFIG" "${KERNEL_DIR}"/.config
254 250 fi
255 251
256 252 # Set kernel configuration parameters to their default values
257 253 if [ "$KERNEL_OLDDEFCONFIG" = true ] ; then
258 254 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" olddefconfig
259 255 fi
260 256
261 257 # Start menu-driven kernel configuration (interactive)
262 258 if [ "$KERNEL_MENUCONFIG" = true ] ; then
263 259 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" menuconfig
264 260 fi
265 261 fi
266 262
267 263 # Use ccache to cross compile the kernel
268 264 if [ "$KERNEL_CCACHE" = true ] ; then
269 265 cc="ccache ${CROSS_COMPILE}gcc"
270 266 else
271 267 cc="${CROSS_COMPILE}gcc"
272 268 fi
273 269
274 270 # Cross compile kernel and dtbs
275 271 make -C "${KERNEL_DIR}" -j"${KERNEL_THREADS}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" CC="${cc}" "${KERNEL_BIN_IMAGE}" dtbs
276 272
277 273 # Cross compile kernel modules
278 274 if [ "$(grep "CONFIG_MODULES=y" "${KERNEL_DIR}/.config")" ] ; then
279 275 make -C "${KERNEL_DIR}" -j"${KERNEL_THREADS}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" CC="${cc}" modules
280 276 fi
281 277 fi
282 278
283 279 # Check if kernel compilation was successful
284 280 if [ ! -r "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/${KERNEL_BIN_IMAGE}" ] ; then
285 281 echo "error: kernel compilation failed! (kernel image not found)"
286 282 cleanup
287 283 exit 1
288 284 fi
289 285
290 286 # Install kernel modules
291 287 if [ "$ENABLE_REDUCE" = true ] ; then
292 288 if [ "$(grep "CONFIG_MODULES=y" "${KERNEL_DIR}/.config")" ] ; then
293 289 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_MOD_STRIP=1 INSTALL_MOD_PATH=../../.. modules_install
294 290 fi
295 291 else
296 292 if [ "$(grep "CONFIG_MODULES=y" "${KERNEL_DIR}/.config")" ] ; then
297 293 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_MOD_PATH=../../.. modules_install
298 294 fi
299 295
300 296 # Install kernel firmware
301 297 if [ "$(grep "^firmware_install:" "${KERNEL_DIR}/Makefile")" ] ; then
302 298 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_FW_PATH=../../../lib firmware_install
303 299 fi
304 300 fi
305 301
306 302 # Install kernel headers
307 303 if [ "$KERNEL_HEADERS" = true ] && [ "$KERNEL_REDUCE" = false ] ; then
308 304 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_HDR_PATH=../.. headers_install
309 305 fi
310 306 # make tar.gz kernel package - missing os bzw. modules
311 307 #** ** ** WARNING ** ** **
312 308 #Your architecture did not define any architecture-dependent files
313 309 #to be placed into the tarball. Please add those to ./scripts/package/buildtar .
314 310 # make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" CC="${cc}" targz-pkg
315 311
316 312 # Prepare boot (firmware) directory
317 313 mkdir "${BOOT_DIR}"
318 314
319 315 # Get kernel release version
320 316 KERNEL_VERSION=$(cat "${KERNEL_DIR}/include/config/kernel.release")
321 317
322 318 # Copy kernel configuration file to the boot directory
323 319 install_readonly "${KERNEL_DIR}/.config" "${R}/boot/config-${KERNEL_VERSION}"
324 320
325 321 # Prepare device tree directory
326 322 mkdir "${BOOT_DIR}/overlays"
327 323
328 324 # Ensure the proper .dtb is located
329 325 if [ "$KERNEL_ARCH" = "arm" ] ; then
330 326 for dtb in "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/"*.dtb ; do
331 327 if [ -f "${dtb}" ] ; then
332 328 install_readonly "${dtb}" "${BOOT_DIR}/"
333 329 fi
334 330 done
335 331 else
336 332 for dtb in "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/broadcom/"*.dtb ; do
337 333 if [ -f "${dtb}" ] ; then
338 334 install_readonly "${dtb}" "${BOOT_DIR}/"
339 335 fi
340 336 done
341 337 fi
342 338
343 339 # Copy compiled dtb device tree files
344 340 if [ -d "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays" ] ; then
345 341 for dtb in "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays/"*.dtb ; do
346 342 if [ -f "${dtb}" ] ; then
347 343 install_readonly "${dtb}" "${BOOT_DIR}/overlays/"
348 344 fi
349 345 done
350 346
351 347 if [ -f "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays/README" ] ; then
352 348 install_readonly "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays/README" "${BOOT_DIR}/overlays/README"
353 349 fi
354 350 fi
355 351
356 352 if [ "$ENABLE_UBOOT" = false ] ; then
357 353 # Convert and copy kernel image to the boot directory
358 354 "${KERNEL_DIR}/scripts/mkknlimg" "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/${KERNEL_BIN_IMAGE}" "${BOOT_DIR}/${KERNEL_IMAGE}"
359 355 else
360 356 # Copy kernel image to the boot directory
361 357 install_readonly "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/${KERNEL_BIN_IMAGE}" "${BOOT_DIR}/${KERNEL_IMAGE}"
362 358 fi
363 359
364 360 # Remove kernel sources
365 361 if [ "$KERNEL_REMOVESRC" = true ] ; then
366 362 rm -fr "${KERNEL_DIR}"
367 363 else
368 364 # Prepare compiled kernel modules
369 365 if [ "$(grep "CONFIG_MODULES=y" "${KERNEL_DIR}/.config")" ] ; then
370 366 if [ "$(grep "^modules_prepare:" "${KERNEL_DIR}/Makefile")" ] ; then
371 367 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" modules_prepare
372 368 fi
373 369
374 370 # Create symlinks for kernel modules
375 371 chroot_exec ln -sf /usr/src/linux "/lib/modules/${KERNEL_VERSION}/build"
376 372 chroot_exec ln -sf /usr/src/linux "/lib/modules/${KERNEL_VERSION}/source"
377 373 fi
378 374 fi
379 375
380 376 else # BUILD_KERNEL=false
381 377 # echo " Install precompiled kernel..."
382 378 # echo "error: not implemented"
383 379 if [ "$KERNEL_ARCH" = arm64 ] && ( [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] ) ; then
384 380 # Create temporary directory for dl
385 381 temp_dir=$(as_nobody mktemp -d)
386 382
387 383 # Fetch kernel dl
388 384 as_nobody wget -c "$RPI3_64_KERNEL_URL" "${temp_dir}"/kernel.tar.xz
389 385 #extract download
390 386 tar -xJf kernel.tar.xz -C "${R}"
391 387
392 388 # Remove temporary directory for kernel sources
393 389 rm -fr "${temp_dir}"
394 390
395 391 # Set permissions of the kernel sources
396 392 chown -R root:root "${R}/boot"
397 393 chown -R root:root "${R}/lib"
398 394 fi
399 395
400 396 # Check if kernel installation was successful
401 397 KERNEL="$(ls -1 "${R}"/boot/kernel* | sort | tail -n 1)"
402 398 if [ -z "$KERNEL" ] ; then
403 399 echo "error: kernel installation failed! (/boot/kernel* not found)"
404 400 cleanup
405 401 exit 1
406 402 fi
407 403
408 404 if [ "$SET_ARCH" = 64 ] ; then
409 405 echo "Using precompiled arm64 kernel"
410 406 else
411 407 echo "error: no precompiled arm64 (bcmrpi3) kernel found"
412 408 exit 1
413 409 # inset precompiled 64 bit kernel code here
414 410 fi
415 411 #fi build_kernel=true
416 412 fi
General Comments 0
Vous devez vous connecter pour laisser un commentaire. Se connecter maintenant