This repository has been archived on 2024-05-26. You can view files and clone it, but cannot push or open issues or pull requests.
server-kernel/PKGBUILD
2020-07-22 11:21:35 +02:00

364 lines
14 KiB
Bash

# Maintainer: Josip Ponjavic <josipponjavic at gmail dot com>
# Contributor:
### BUILD OPTIONS
# Set these variables to ANYTHING that is not null to enable them
# Tweak kernel options prior to a build via nconfig
_makenconfig=
_enable_gcc_more_v="y"
# Optionally select a sub architecture by number if building in a clean chroot
# Leaving this entry blank will require user interaction during the build
# which will cause a failure to build if using makechrootpkg. Note that the
# generic (default) option is 32.
#
# 1. AMD Opteron/Athlon64/Hammer/K8 (MK8)
# 2. AMD Opteron/Athlon64/Hammer/K8 with SSE3 (MK8SSE3)
# 3. AMD 61xx/7x50/PhenomX3/X4/II/K10 (MK10)
# 4. AMD Barcelona (MBARCELONA)
# 5. AMD Bobcat (MBOBCAT)
# 6. AMD Jaguar (MJAGUAR)
# 7. AMD Bulldozer (MBULLDOZER)
# 8. AMD Piledriver (MPILEDRIVER)
# 9. AMD Steamroller (MSTEAMROLLER)
# 10. AMD Excavator (MEXCAVATOR)
# 11. AMD Zen (MZEN)
# 12. AMD Zen 2 (MZEN2)
# 13. Intel P4 / older Netburst based Xeon (MPSC)
# 14. Intel Atom (MATOM)
# 15. Intel Core 2 (MCORE2)
# 16. Intel Nehalem (MNEHALEM)
# 17. Intel Westmere (MWESTMERE)
# 18. Intel Silvermont (MSILVERMONT)
# 19. Intel Goldmont (MGOLDMONT)
# 20. Intel Goldmont Plus (MGOLDMONTPLUS)
# 21. Intel Sandy Bridge (MSANDYBRIDGE)
# 22. Intel Ivy Bridge (MIVYBRIDGE)
# 23. Intel Haswell (MHASWELL)
# 24. Intel Broadwell (MBROADWELL)
# 25. Intel Skylake (MSKYLAKE)
# 26. Intel Skylake X (MSKYLAKEX)
# 27. Intel Cannon Lake (MCANNONLAKE)
# 28. Intel Ice Lake (MICELAKE)
# 29. Intel Cascade Lake (MCASCADELAKE)
# 30. Intel Cooper Lake (MCOOPERLAKE)
# 31. Intel Tiger Lake (MTIGERLAKE)
# 32. Generic-x86-64 (GENERIC_CPU)
# 33. Native optimizations autodetected by GCC (MNATIVE)
_subarch=33
# Compile ONLY used modules to VASTLY reduce the number of modules built
# and the build time.
#
# To keep track of which modules are needed for your specific system/hardware,
# give module_db script a try: https://aur.archlinux.org/packages/modprobed-db
# This PKGBUILD read the database kept if it exists
#
# More at this wiki page ---> https://wiki.archlinux.org/index.php/Modprobed-db
_localmodcfg=
# Use the current kernel's .config file
# Enabling this option will use the .config of the RUNNING kernel rather than
# the ARCH defaults. Useful when the package gets updated and you already went
# through the trouble of customizing your config options. NOT recommended when
# a new kernel is released, but again, convenient for package bumps.
_use_current=
### IMPORTANT: Do no edit below this line unless you know what you're doing
_major=5.7
_minor=10
_srcname=linux-${_major}
_clr=${_major}.9-970
pkgbase=linux-clear
pkgver=${_major}.${_minor}
pkgrel=1
pkgdesc='Clear Linux'
arch=('x86_64')
url="https://github.com/clearlinux-pkgs/linux"
license=('GPL2')
makedepends=('bc' 'cpio' 'git' 'kmod' 'libelf' 'xmlto')
options=('!strip')
_gcc_more_v='20200615'
source=(
"https://cdn.kernel.org/pub/linux/kernel/v5.x/linux-${_major}.tar.xz"
"https://cdn.kernel.org/pub/linux/kernel/v5.x/linux-${_major}.tar.sign"
"https://cdn.kernel.org/pub/linux/kernel/v5.x/patch-${pkgver}.xz"
"clearlinux::git+https://github.com/clearlinux-pkgs/linux.git#tag=${_clr}"
"enable_additional_cpu_optimizations-$_gcc_more_v.tar.gz::https://github.com/graysky2/kernel_gcc_patch/archive/$_gcc_more_v.tar.gz"
'pci-enable-overrides-for-missing-acs-capabilities.patch'
'0001-ZEN-Add-sysctl-and-CONFIG-to-disallow-unprivileged-C.patch'
)
export KBUILD_BUILD_HOST=archlinux
export KBUILD_BUILD_USER=$pkgbase
export KBUILD_BUILD_TIMESTAMP="$(date -Ru${SOURCE_DATE_EPOCH:+d @$SOURCE_DATE_EPOCH})"
prepare() {
cd ${_srcname}
### Add upstream patches
echo "Add upstream patches"
patch -Np1 -i ../patch-${pkgver}
### Setting version
echo "Setting version..."
scripts/setlocalversion --save-scmversion
echo "-$pkgrel" > localversion.10-pkgrel
echo "${pkgbase#linux}" > localversion.20-pkgname
### Add Clearlinux patches
for i in $(grep '^Patch' ${srcdir}/clearlinux/linux.spec | sed -n 's/.*: //p'); do
echo "Applying patch ${i}..."
patch -Np1 -i "$srcdir/clearlinux/${i}"
done
### Add acs patch
echo "Applying pci-enable-overrides-for-missing-acs-capabilities.patch ..."
patch -Np1 -i "$srcdir/pci-enable-overrides-for-missing-acs-capabilities.patch"
### disable USER_NS for non-root users by default
echo "Applying 0001-ZEN-Add-sysctl-and-CONFIG-to-disallow-unprivileged-C.patch ..."
patch -Np1 -i "$srcdir/0001-ZEN-Add-sysctl-and-CONFIG-to-disallow-unprivileged-C.patch"
### Setting config
echo "Setting config..."
cp -Tf $srcdir/clearlinux/config ./.config
### Enable extra stuff from arch kernel
echo "Enable extra stuff from arch kernel..."
# General setup
scripts/config --enable IKCONFIG \
--enable-after IKCONFIG IKCONFIG_PROC \
--undefine RT_GROUP_SCHED
# Power management and ACPI options
scripts/config --enable ACPI_REV_OVERRIDE_POSSIBLE \
--enable ACPI_TABLE_UPGRADE
# Enable loadable module support
scripts/config --undefine MODULE_SIG_FORCE \
--enable MODULE_COMPRESS \
--enable-after MODULE_COMPRESS MODULE_COMPRESS_XZ
# Networking support
scripts/config --enable NETFILTER_INGRESS \
--module NET_SCH_CAKE
# Device Drivers
scripts/config --enable FRAMEBUFFER_CONSOLE_DEFERRED_TAKEOVER \
--enable DELL_SMBIOS_SMM \
--module PATA_JMICRON \
--enable-after SOUND SOUND_OSS_CORE \
--enable SND_OSSEMUL \
--module-after SND_OSSEMUL SND_MIXER_OSS \
--module-after SND_MIXER_OSS SND_PCM_OSS \
--enable-after SND_PCM_OSS SND_PCM_OSS_PLUGINS
# Kernel hacking -> Compile-time checks and compiler options -> Make section mismatch errors non-fatal
scripts/config --enable SECTION_MISMATCH_WARN_ONLY
# Security options
scripts/config --enable SECURITY_SELINUX \
--enable-after SECURITY_SELINUX SECURITY_SELINUX_BOOTPARAM \
--enable SECURITY_SMACK \
--enable-after SECURITY_SMACK SECURITY_SMACK_BRINGUP \
--enable-after SECURITY_SMACK_BRINGUP SECURITY_SMACK_NETFILTER \
--enable-after SECURITY_SMACK_NETFILTER SECURITY_SMACK_APPEND_SIGNALS \
--enable SECURITY_TOMOYO \
--enable SECURITY_APPARMOR \
--enable SECURITY_YAMA
# Library routines
scripts/config --enable FONT_TER16x32
make olddefconfig
### Patch source to unlock additional gcc CPU optimizations
# https://github.com/graysky2/kernel_gcc_patch
if [ "${_enable_gcc_more_v}" = "y" ]; then
echo "Applying enable_additional_cpu_optimizations_for_gcc_v10.1+_kernel_v10.1+_kernel_v5.7+.patch ..."
patch -Np1 -i "$srcdir/kernel_gcc_patch-$_gcc_more_v/enable_additional_cpu_optimizations_for_gcc_v10.1+_kernel_v5.7+.patch"
fi
### Get kernel version
if [ "${_enable_gcc_more_v}" = "y" ] || [ -n "${_subarch}" ]; then
yes "$_subarch" | make oldconfig
else
make prepare
fi
### Prepared version
make -s kernelrelease > version
echo "Prepared $pkgbase version $(<version)"
### Optionally use running kernel's config
# code originally by nous; http://aur.archlinux.org/packages.php?ID=40191
if [ -n "$_use_current" ]; then
if [[ -s /proc/config.gz ]]; then
echo "Extracting config from /proc/config.gz..."
# modprobe configs
zcat /proc/config.gz > ./.config
else
warning "Your kernel was not compiled with IKCONFIG_PROC!"
warning "You cannot read the current config!"
warning "Aborting!"
exit
fi
fi
### Optionally load needed modules for the make localmodconfig
# See https://aur.archlinux.org/packages/modprobed-db
if [ -n "$_localmodcfg" ]; then
if [ -f $HOME/.config/modprobed.db ]; then
echo "Running Steven Rostedt's make localmodconfig now"
make LSMOD=$HOME/.config/modprobed.db localmodconfig
else
echo "No modprobed.db data found"
exit
fi
fi
### do not run `make olddefconfig` as it sets default options
yes "" | make config >/dev/null
### Running make nconfig
[[ -z "$_makenconfig" ]] || make nconfig
### Save configuration for later reuse
cp -Tf ./.config "${startdir}/config-${pkgver}-${pkgrel}${pkgbase#linux}"
}
build() {
cd ${_srcname}
make -j$(nproc) bzImage modules
}
_package() {
pkgdesc="The $pkgdesc kernel and modules"
depends=('coreutils' 'kmod' 'initramfs')
optdepends=('crda: to set the correct wireless channels of your country'
'linux-firmware: firmware images needed for some devices'
'modprobed-db: Keeps track of EVERY kernel module that has ever been probed - useful for those of us who make localmodconfig')
provides=(VIRTUALBOX-GUEST-MODULES WIREGUARD-MODULE)
install=linux.install
cd $_srcname
local kernver="$(<version)"
local modulesdir="$pkgdir/usr/lib/modules/$kernver"
echo "Installing boot image..."
# systemd expects to find the kernel here to allow hibernation
# https://github.com/systemd/systemd/commit/edda44605f06a41fb86b7ab8128dcf99161d2344
install -Dm644 "$(make -s image_name)" "$modulesdir/vmlinuz"
# Used by mkinitcpio to name the kernel
echo "$pkgbase" | install -Dm644 /dev/stdin "$modulesdir/pkgbase"
echo "Installing modules..."
make INSTALL_MOD_PATH="$pkgdir/usr" modules_install
# remove build and source links
rm "$modulesdir"/{source,build}
}
_package-headers() {
pkgdesc="Headers and scripts for building modules for the $pkgdesc kernel"
cd ${_srcname}
local builddir="$pkgdir/usr/lib/modules/$(<version)/build"
echo "Installing build files..."
install -Dt "$builddir" -m644 .config Makefile Module.symvers System.map \
localversion.* version vmlinux
install -Dt "$builddir/kernel" -m644 kernel/Makefile
install -Dt "$builddir/arch/x86" -m644 arch/x86/Makefile
cp -t "$builddir" -a scripts
# add objtool for external module building and enabled VALIDATION_STACK option
install -Dt "$builddir/tools/objtool" tools/objtool/objtool
# add xfs and shmem for aufs building
mkdir -p "$builddir"/{fs/xfs,mm}
echo "Installing headers..."
cp -t "$builddir" -a include
cp -t "$builddir/arch/x86" -a arch/x86/include
install -Dt "$builddir/arch/x86/kernel" -m644 arch/x86/kernel/asm-offsets.s
install -Dt "$builddir/drivers/md" -m644 drivers/md/*.h
install -Dt "$builddir/net/mac80211" -m644 net/mac80211/*.h
# http://bugs.archlinux.org/task/13146
install -Dt "$builddir/drivers/media/i2c" -m644 drivers/media/i2c/msp3400-driver.h
# http://bugs.archlinux.org/task/20402
install -Dt "$builddir/drivers/media/usb/dvb-usb" -m644 drivers/media/usb/dvb-usb/*.h
install -Dt "$builddir/drivers/media/dvb-frontends" -m644 drivers/media/dvb-frontends/*.h
install -Dt "$builddir/drivers/media/tuners" -m644 drivers/media/tuners/*.h
echo "Installing KConfig files..."
find . -name 'Kconfig*' -exec install -Dm644 {} "$builddir/{}" \;
echo "Removing unneeded architectures..."
local arch
for arch in "$builddir"/arch/*/; do
[[ $arch = */x86/ ]] && continue
echo "Removing $(basename "$arch")"
rm -r "$arch"
done
echo "Removing documentation..."
rm -r "$builddir/Documentation"
echo "Removing broken symlinks..."
find -L "$builddir" -type l -printf 'Removing %P\n' -delete
echo "Removing loose objects..."
find "$builddir" -type f -name '*.o' -printf 'Removing %P\n' -delete
echo "Stripping build tools..."
local file
while read -rd '' file; do
case "$(file -bi "$file")" in
application/x-sharedlib\;*) # Libraries (.so)
strip -v $STRIP_SHARED "$file" ;;
application/x-archive\;*) # Libraries (.a)
strip -v $STRIP_STATIC "$file" ;;
application/x-executable\;*) # Binaries
strip -v $STRIP_BINARIES "$file" ;;
application/x-pie-executable\;*) # Relocatable binaries
strip -v $STRIP_SHARED "$file" ;;
esac
done < <(find "$builddir" -type f -perm -u+x ! -name vmlinux -print0)
echo "Adding symlink..."
mkdir -p "$pkgdir/usr/src"
ln -sr "$builddir" "$pkgdir/usr/src/$pkgbase"
}
pkgname=("$pkgbase" "$pkgbase-headers")
for _p in "${pkgname[@]}"; do
eval "package_$_p() {
$(declare -f "_package${_p#$pkgbase}")
_package${_p#$pkgbase}
}"
done
sha256sums=('de8163bb62f822d84f7a3983574ec460060bf013a78ff79cd7c979ff1ec1d7e0'
'SKIP'
'a1335923da87515046aefd623290a4554321dff6bd9ac8fd637d1140958a1f47'
'SKIP'
'278fe9ffb29d92cc5220e7beac34a8e3a2006e714d16a21a0427069f9634af90'
'2c98de0814366b041aeee4cbf82b82620c7834bc33752d50f089e8bd7ea5cf5e'
'bdd05caf94135898bceac0a9d14ec6b1b458dba162d00efd46a292fe97f2679b')
validpgpkeys=(
'ABAF11C65A2970B130ABE3C479BE3E4300411886' # Linus Torvalds
'647F28654894E3BD457199BE38DBBDC86092693E' # Greg Kroah-Hartman
)