diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..567609b --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +build/ diff --git a/kernel.sh b/kernel.sh index f07edb1..a11d19c 100644 --- a/kernel.sh +++ b/kernel.sh @@ -1,9 +1,9 @@ #!/bin/bash -UPDATED="2024-03-16" +UPDATED="2024-03-19" DISABLE=1 # disable some options ENABLE=1 # enable some options -MITIGATIONS=0 # enable/disable all mitigations +SECURED=1 # enable/disable security UARCH=1 # apply more uarch patch FKH=0 # apply fast kernel headers patch CLANG=1 # use Clang compiler (if not, use GCC) @@ -1041,6 +1041,9 @@ doDefaultsEnable() { ./scripts/config --enable CONFIG_CRYPTO_LIB_CHACHA ./scripts/config --enable CONFIG_CRYPTO_LIB_CURVE25519 ./scripts/config --enable CONFIG_CRYPTO_LIB_POLY1305 + ./scripts/config --enable CONFIG_CORDIC + ./scripts/config --enable CONFIG_CRC7 + ./scripts/config --enable CONFIG_CRC8 ./scripts/config --enable CRYPTO_LIB_CHACHA20POLY1305 ./scripts/config --enable CONFIG_CRC4 ./scripts/config --enable CONFIG_NO_HZ_IDLE @@ -1124,15 +1127,15 @@ doDefaultMitigations() { if [ -f .config ]; then cp .config .config.mitigations.before fi - if [ $MITIGATIONS == 0 ]; then - doEchoStep "Options: mitigations OFF" + if [ $SECURED == 0 ]; then + doEchoStep "Options: secured OFF" ./scripts/config --disable CONFIG_SPECULATION_MITIGATIONS ./scripts/config --disable CONFIG_RETPOLINE ./scripts/config --disable CONFIG_CPU_IBRS_ENTRY ./scripts/config --disable CONFIG_SLS ./scripts/config --disable CONFIG_GDS_FORCE_MITIGATION else - doEchoStep "Options: mitigations ON" + doEchoStep "Options: secured ON" ./scripts/config --enable CONFIG_SPECULATION_MITIGATIONS ./scripts/config --enable CONFIG_RETPOLINE ./scripts/config --enable CONFIG_CPU_IBRS_ENTRY @@ -1200,7 +1203,7 @@ doEditSettings() { doGenerateUninstall() { # remove old files - READY=$CURRENT/$BRANCH/$VERSION/ready + READY=$CURRENT/build/$BRANCH/$VERSION/ready mkdir -p $READY rm -rf $READY/*.* @@ -1332,7 +1335,7 @@ doCompile() { # Proceed for Kernel build doKernel() { - WORKDIR=$CURRENT/$BRANCH/$VERSION + WORKDIR=$CURRENT/build/$BRANCH/$VERSION doScratch if [ ! -d $WORKDIR ]; then