#!/bin/bash set -e GRSEC_VERSION=3.1-4.4.5-201603142220 linux_next(){ ( cd /usr/src # check if we already have the source checked out if [[ -d linux ]]; then cd linux git checkout master git remote update else # clone the source files git clone https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git # add the linux-next remote cd linux git remote add linux-next https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git # fetch linux-next and tags git fetch linux-next git fetch --tags linux-next fi git checkout -b next-$(date +%Y%m%d) next-$(date +%Y%m%d) if [[ ! -f .config ]] && [[ -f ../config ]]; then cp ../config .config fi nice -19 make -j$JOBS KDEB_PKGVERSION=$PKGVERSION INSTALL_MOD_STRIP=1 deb-pkg ) } install_kernel(){ local VERSION=$1 local OPT=$2 if [[ -z $VERSION ]]; then echo "Please specify a kernel version." exit 1 elif [[ "$VERSION" == "next" ]]; then linux_next exit 0 fi local MAJOR_VERSION=${VERSION:0:1} local V=( ${VERSION//./ } ) local MAJOR_MINOR_VERSION="${V[0]}.${V[1]}" # get the kernel source if [[ "$VERSION" == *-rc* ]]; then [ -d /usr/src/linux-${VERSION} ] || curl -sSL https://kernel.org/pub/linux/kernel/v${MAJOR_VERSION}.x/testing/linux-${VERSION}.tar.xz | tar -v -C /usr/src -xJ MAJOR_MINOR_VERSION="${MAJOR_VERSION}.x-rcN" else [ -d /usr/src/linux-${VERSION} ] || curl -sSL https://cdn.kernel.org/pub/linux/kernel/v${MAJOR_VERSION}.x/linux-${VERSION}.tar.xz | tar -v -C /usr/src -xJ fi if [[ "$OPT" == "aufs" ]]; then # get the aufs standalone source aufsdir=/tmp/aufs4-standalone if [[ -d $aufsdir ]]; then rm -rf $aufsdir fi git clone -b aufs${MAJOR_MINOR_VERSION} --single-branch --depth 1 https://github.com/sfjro/aufs4-standalone.git $aufsdir fi if [[ "$OPT" == "grsec" ]]; then # get the grsec patches grsecdir=/tmp/grsec if [[ -d $grsecdir ]]; then rm -rf $grsecdir fi mkdir -p $grsecdir curl -sSL -o "${grsecdir}/grsecurity.patch" "https://grsecurity.net/test/grsecurity-${GRSEC_VERSION}.patch" curl -sSL -o "${grsecdir}/grsecurity.patch.sig" "https://grsecurity.net/test/grsecurity-${GRSEC_VERSION}.patch.sig" # add the gpg key gpg --keyserver pgp.mit.edu --recv-keys "DE94 52CE 46F4 2094 907F 108B 44D1 C0F8 2525 FE49" # verify the patch gpg --verify $grsecdir/grsecurity.patch.sig fi # apply the patches and compile the kernel cd /usr/src/linux-${VERSION} # apply the patches if [[ "$OPT" == "grsec" ]]; then patch -p1 < $grsecdir/grsecurity.patch || true fi if [[ "$OPT" == "aufs" ]]; then git apply $aufsdir/aufs4-kbuild.patch git apply $aufsdir/aufs4-base.patch git apply $aufsdir/aufs4-mmap.patch cp -r $aufsdir/{Documentation,fs} . cp $aufsdir/include/uapi/linux/aufs_type.h include/uapi/linux/ fi if [[ "$OPT" == "aufs" ]]; then # remove aufs source rm -rf $aufsdir fi if [[ "$OPT" == "grsec" ]]; then # remove grsecdir rm -rf $grsecdir fi if [[ ! -f .config ]] && [[ -f ../config ]]; then cp ../config .config if [[ "$OPT" == "aufs" ]]; then echo "CONFIG_AUFS_FS=y" >> .config fi fi nice -19 make -j$JOBS KDEB_PKGVERSION=$PKGVERSION DISABLE_PAX_PLUGINS=y INSTALL_MOD_STRIP=1 deb-pkg } install_kernel $@