dockerfiles/kernel-builder/install_kernel

125 lines
3.2 KiB
Plaintext
Raw Normal View History

#!/bin/bash
set -e
GRSEC_VERSION=3.1-4.4.5-201603142220
linux_next(){
(
cd /usr/src
# check if we already have the source checked out
if [[ -d linux ]]; then
cd linux
git checkout master
git remote update
else
# clone the source files
git clone https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
# add the linux-next remote
cd linux
git remote add linux-next https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git
# fetch linux-next and tags
git fetch linux-next
git fetch --tags linux-next
fi
git checkout -b next-$(date +%Y%m%d) next-$(date +%Y%m%d)
if [[ ! -f .config ]] && [[ -f ../config ]]; then
cp ../config .config
fi
nice -19 make -j$JOBS KDEB_PKGVERSION=$PKGVERSION INSTALL_MOD_STRIP=1 deb-pkg
)
}
install_kernel(){
local VERSION=$1
local OPT=$2
if [[ -z $VERSION ]]; then
echo "Please specify a kernel version."
exit 1
elif [[ "$VERSION" == "next" ]]; then
linux_next
exit 0
fi
local MAJOR_VERSION=${VERSION:0:1}
local V=( ${VERSION//./ } )
local MAJOR_MINOR_VERSION="${V[0]}.${V[1]}"
# get the kernel source
if [[ "$VERSION" == *-rc* ]]; then
[ -d /usr/src/linux-${VERSION} ] || curl -sSL https://kernel.org/pub/linux/kernel/v${MAJOR_VERSION}.x/testing/linux-${VERSION}.tar.xz | tar -v -C /usr/src -xJ
MAJOR_MINOR_VERSION="${MAJOR_VERSION}.x-rcN"
else
[ -d /usr/src/linux-${VERSION} ] || curl -sSL https://cdn.kernel.org/pub/linux/kernel/v${MAJOR_VERSION}.x/linux-${VERSION}.tar.xz | tar -v -C /usr/src -xJ
fi
if [[ "$OPT" == "aufs" ]]; then
# get the aufs standalone source
aufsdir=/tmp/aufs4-standalone
if [[ -d $aufsdir ]]; then
rm -rf $aufsdir
fi
git clone -b aufs${MAJOR_MINOR_VERSION} --single-branch --depth 1 https://github.com/sfjro/aufs4-standalone.git $aufsdir
fi
if [[ "$OPT" == "grsec" ]]; then
# get the grsec patches
grsecdir=/tmp/grsec
if [[ -d $grsecdir ]]; then
rm -rf $grsecdir
fi
mkdir -p $grsecdir
curl -sSL -o "${grsecdir}/grsecurity.patch" "https://grsecurity.net/test/grsecurity-${GRSEC_VERSION}.patch"
curl -sSL -o "${grsecdir}/grsecurity.patch.sig" "https://grsecurity.net/test/grsecurity-${GRSEC_VERSION}.patch.sig"
# add the gpg key
gpg --keyserver pgp.mit.edu --recv-keys "DE94 52CE 46F4 2094 907F 108B 44D1 C0F8 2525 FE49"
# verify the patch
gpg --verify $grsecdir/grsecurity.patch.sig
fi
# apply the patches and compile the kernel
cd /usr/src/linux-${VERSION}
# apply the patches
if [[ "$OPT" == "grsec" ]]; then
patch -p1 < $grsecdir/grsecurity.patch || true
fi
if [[ "$OPT" == "aufs" ]]; then
git apply $aufsdir/aufs4-kbuild.patch
git apply $aufsdir/aufs4-base.patch
git apply $aufsdir/aufs4-mmap.patch
cp -r $aufsdir/{Documentation,fs} .
cp $aufsdir/include/uapi/linux/aufs_type.h include/uapi/linux/
fi
if [[ "$OPT" == "aufs" ]]; then
# remove aufs source
rm -rf $aufsdir
fi
if [[ "$OPT" == "grsec" ]]; then
# remove grsecdir
rm -rf $grsecdir
fi
if [[ ! -f .config ]] && [[ -f ../config ]]; then
cp ../config .config
if [[ "$OPT" == "aufs" ]]; then
echo "CONFIG_AUFS_FS=y" >> .config
fi
fi
nice -19 make -j$JOBS KDEB_PKGVERSION=$PKGVERSION DISABLE_PAX_PLUGINS=y INSTALL_MOD_STRIP=1 deb-pkg
}
install_kernel $@