#!/bin/bash
set -e
set -o pipefail

GRSEC_VERSION=3.1-4.4.5-201603142220

linux_next(){
	(
	cd /usr/src

	# check if we already have the source checked out
	if [[ -d linux ]]; then
		cd linux

		git checkout master

		git remote update
	else
		# clone the source files
		git clone https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

		# add the linux-next remote
		cd linux
		git remote add linux-next https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git

		# fetch linux-next and tags
		git fetch linux-next
		git fetch --tags linux-next
	fi

	git checkout -b next-$(date +%Y%m%d) next-$(date +%Y%m%d)

	if [[ ! -f .config ]] && [[ -f ../config ]]; then
		cp ../config .config
	fi

	nice -19 make -j$JOBS KDEB_PKGVERSION=$PKGVERSION INSTALL_MOD_STRIP=1 deb-pkg
	)
}

install_kernel(){
	local VERSION=$1
	local OPT=$2

	if [[ -z $VERSION ]]; then
		echo "Please specify a kernel version."
		exit 1
	elif [[ "$VERSION" == "next" ]]; then
		linux_next
		exit 0
	fi

	local MAJOR_VERSION=${VERSION:0:1}
	local V=( ${VERSION//./ } )
	local MAJOR_MINOR_VERSION="${V[0]}.${V[1]}"

	# get the kernel source
	if [[ "$VERSION" == *-rc* ]]; then
		[ -d /usr/src/linux-${VERSION} ] || curl -sSL https://kernel.org/pub/linux/kernel/v${MAJOR_VERSION}.x/testing/linux-${VERSION}.tar.xz | tar -v -C /usr/src -xJ

		MAJOR_MINOR_VERSION="${MAJOR_VERSION}.x-rcN"
	else
		[ -d /usr/src/linux-${VERSION} ] || curl -sSL https://cdn.kernel.org/pub/linux/kernel/v${MAJOR_VERSION}.x/linux-${VERSION}.tar.xz | tar -v -C /usr/src -xJ
	fi

	if [[ "$OPT" == "aufs" ]]; then
		# get the aufs standalone source
		aufsdir=/tmp/aufs4-standalone
		if [[ -d $aufsdir ]]; then
			rm -rf $aufsdir
		fi
		git clone --depth 1 --branch aufs${MAJOR_MINOR_VERSION} --single-branch https://github.com/sfjro/aufs4-standalone.git $aufsdir
	fi

	if [[ "$OPT" == "grsec" ]]; then
		# get the grsec patches
		grsecdir=/tmp/grsec
		if [[ -d $grsecdir ]]; then
			rm -rf $grsecdir
		fi
		mkdir -p $grsecdir
		curl -sSL -o "${grsecdir}/grsecurity.patch" "https://grsecurity.net/test/grsecurity-${GRSEC_VERSION}.patch"
		curl -sSL -o "${grsecdir}/grsecurity.patch.sig" "https://grsecurity.net/test/grsecurity-${GRSEC_VERSION}.patch.sig"
		# add the gpg key
		gpg --no-tty --keyserver pgp.mit.edu --recv-keys "DE94 52CE 46F4 2094 907F 108B 44D1 C0F8 2525 FE49"
		# verify the patch
		gpg --verify $grsecdir/grsecurity.patch.sig
	fi

	# apply the patches and compile the kernel
	cd /usr/src/linux-${VERSION}

	# apply the patches
	if [[ "$OPT" == "grsec" ]]; then
		patch -p1 < $grsecdir/grsecurity.patch || true
	fi
	if [[ "$OPT" == "aufs" ]]; then
		git apply $aufsdir/aufs4-kbuild.patch
		git apply $aufsdir/aufs4-base.patch
		git apply $aufsdir/aufs4-mmap.patch
		cp -r $aufsdir/{Documentation,fs} .
		cp $aufsdir/include/uapi/linux/aufs_type.h include/uapi/linux/
	fi

	if [[ "$OPT" == "aufs" ]]; then
		# remove aufs source
		rm -rf $aufsdir
	fi

	if [[ "$OPT" == "grsec" ]]; then
		# remove grsecdir
		rm -rf $grsecdir
	fi

	if [[ ! -f .config ]] && [[ -f ../config ]]; then
		cp ../config .config
		if [[ "$OPT" == "aufs" ]]; then
			echo "CONFIG_AUFS_FS=y" >> .config
		fi
	fi

	nice -19 make -j$JOBS KDEB_PKGVERSION=$PKGVERSION DISABLE_PAX_PLUGINS=y INSTALL_MOD_STRIP=1 deb-pkg
}

install_kernel $@