summaryrefslogtreecommitdiffstats
path: root/main/linux-grsec/APKBUILD
blob: dc1a47858fd7943bcba2827352e03ce6905ecb90 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>

_flavor=grsec
pkgname=linux-${_flavor}
pkgver=2.6.29.6
_kernver=2.6.29
pkgrel=1
pkgdesc="Linux kernel with grsecurity"
url=http://grsecurity.net
depends="mkinitfs"
makedepends="perl installkernel"
_config=${config:-kernelconfig}
install="$pkgname.post-install $pkgname.post-upgrade"
source="ftp://ftp.kernel.org/pub/linux/kernel/v2.6/linux-$_kernver.tar.bz2
	ftp://ftp.kernel.org/pub/linux/kernel/v2.6/patch-$pkgver.bz2
	grsecurity-2.1.14-2.6.29.6-200907122214.patch
	0001-linux-2.6.28.5-ipgre-strict-binding.patch
	0002-linux-2.6.28.5-ipgre-optimize-hash-lookup.patch
	net-next-2.6.git-5ef12d98a19254ee5dc851bd83e214b43ec1f725.patch
	$_config
	$install
	"
subpackages="$pkgname-dev"
license="GPL-2"

_abi_release=${pkgver}-${_flavor}

_prepare() {
	cd "$srcdir"/linux-$_kernver
	if [ "$_kernver" != "$pkgver" ]; then
		bunzip2 -c < ../patch-$pkgver.bz2 | patch -p1 || return 1
	fi

	for i in ../*.patch; do
		msg "Applying $i..."
		patch -p1 -N < $i || return 1
	done

	mkdir -p "$srcdir"/build
	cp "$srcdir"/$_config "$srcdir"/build/.config
	make -C "$srcdir"/linux-$_kernver O="$srcdir"/build HOSTCC="$CC" \
		silentoldconfig
}

# this is so we can do: 'abuild menuconfig' to reconfigure kernel
menuconfig() {
	_prepare
	cd "$srcdir"/build
	make menuconfig
	cp .config "$startdir"/$_config
}

build() {
	_prepare || return 1
	cd "$srcdir"/build
	make CC="$CC" || return 1

	mkdir -p "$pkgdir"/boot "$pkgdir"/lib/modules
	make modules_install install \
		INSTALL_MOD_PATH="$pkgdir" \
		INSTALL_PATH="$pkgdir"/boot

	ln -s vmlinuz-${_abi_release} "${pkgdir}"/boot/$_flavor

	rm -f "$pkgdir"/lib/modules/${_abi_release}/build \
		"$pkgdir"/lib/modules/${_abi_release}/source
}

dev() {
	# copy the only the parts that we really need for build 3rd party
	# kernel modules and install those as /usr/src/linux-headers,
	# simlar to what ubuntu does
	#
	# this way you dont need to install the 300-400 kernel sources to 
	# build a tiny kernel module
	#
	pkgdesc="Headers and script for third party modules for grsec kernel"
	local dir="$subpkgdir"/usr/src/linux-headers-${_abi_release}

	# first we import config, run prepare to set up for building 
	# external modules, and create the scripts
	mkdir -p "$dir"
	cp "$srcdir"/kernelconfig "$dir"/.config
	make -j1 -C "$srcdir"/linux-$_kernver O="$dir" HOSTCC="$CC" \
		silentoldconfig prepare scripts

	# remove the stuff that poits to real sources. we want 3rd party
	# modules to believe this is the soruces
	rm "$dir"/Makefile "$dir"/source

	# copy the needed stuff from real sources
	#
	# this is taken from ubuntu kernel build script
	# http://kernel.ubuntu.com/git?p=ubuntu/ubuntu-jaunty.git;a=blob;f=debian/rules.d/3-binary-indep.mk;hb=HEAD
	cd "$srcdir"/linux-$_kernver
	find . -path './include/*' -prune -o -path './scripts/*' -prune \
		-o -type f \( -name 'Makefile*' -o -name 'Kconfig*' \
		-o -name 'Kbuild*' -o -name '*.sh' -o -name '*.pl' \
		-o -name '*.lds' \) | cpio -pdm "$dir"
	cp -a drivers/media/dvb/dvb-core/*.h "$dir"/drivers/media/dvb/dvb-core
	cp -a drivers/media/video/*.h "$dir"/drivers/media/video
	cp -a drivers/media/dvb/frontends/*.h "$dir"/drivers/media/dvb/frontends
	cp -a scripts include "$dir"
	find $(find arch -name include -type d -print) -type f \
		| cpio -pdm "$dir"

	install -Dm644 "$srcdir"/build/Module.symvers \
		"$dir"/Module.symvers

	mkdir -p "$subpkgdir"/lib/modules/${_abi_release}
	ln -sf /usr/src/linux-headers-${_abi_release} \
		"$subpkgdir"/lib/modules/${_abi_release}/build
}

md5sums="64921b5ff5cdadbccfcd3820f03be7d8  linux-2.6.29.tar.bz2
0317760b52c9ac7a11de997da19a366e  patch-2.6.29.6.bz2
b08fb058667e8d5846cd4085de71eff2  grsecurity-2.1.14-2.6.29.6-200907122214.patch
7673b4521283ad41434a18ca18b16ad8  0001-linux-2.6.28.5-ipgre-strict-binding.patch
8f405c738b150c532c46eaad5390cca2  0002-linux-2.6.28.5-ipgre-optimize-hash-lookup.patch
ca05fd252783b82e01610e775cf56498  net-next-2.6.git-5ef12d98a19254ee5dc851bd83e214b43ec1f725.patch
c9443dcc46eb70267b4cfe6a6694f637  kernelconfig
2834240b15805b248ef2a973b1ad4416  linux-grsec.post-install
2834240b15805b248ef2a973b1ad4416  linux-grsec.post-upgrade"