kraoc/kernel
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Corrections, updates and improved error handling

Browse Source
This commit is contained in:
Olivier
2025-04-15 14:57:05 +02:00
parent 967309123c
commit 7bef4aa309
3 changed files with 122 additions and 98 deletions
Download Patch File Download Diff File Expand all files Collapse all files

205
kernel.sh
View File

@ -1,12 +1,10 @@
#!/bin/bash
UPDATED="2025-04-12"
UPDATED="2025-04-15"
DISABLE=1 # disable some options
ENABLE=1 # enable some options
SECURED=1 # enable/disable security
DISABLE=1 # disable options
ENABLE=1 # enable options
PATCHES=1 # enable/disable patch apply
UARCH=0 # apply more uarch patch
CLANG=0 # use Clang compiler (if not, use GCC)
O3=1 # use -O3 vs -O2 (optimisation)
ARCH="native" # target architecture (uarch patch)
CONFIGCLOUD=1 # enable cloud 'from' config
@ -15,8 +13,11 @@ CONFIGMOD=0 # enable all mod config
SCRATCH=0 # perform from scratch (remove preexisting content)
UNCOMPRESS=1 # perform uncompress if already exist
CLEANUP=1 # perform folder cleanup
SECURED=1 # enable/disable security
CLANG=0 # use Clang compiler (if not, use GCC)
O3=1 # use -O3 vs -O2 (optimisation)
ARCH="native" # target architecture (uarch patch)
TESTING=0 # add testing options
NVIDIA=1 # add support for nvidia
#
# Sources:
@ -110,6 +111,16 @@ if [ "$(id -u)" != "0" ]; then
exit 1
fi
# Exit fail with message
doFail() {
result=$1
msg=$2
if [ ! result==0 ]; then
echo ">>> Error in download!"
exit 1
fi
}
LOGNAME=kernel
LOGEXT=log
LOGFILE=""
@ -160,17 +171,36 @@ doTargetAdapt() {
case ${TARGET} in
ubuntu)
doEchoStep "Adaptation for: ${TARGETNAME}"
doEchoStep " - Certificates generation"
openssl req -x509 -newkey rsa:4096 -keyout certs/zogg.pem -out certs/zogg.pem -nodes -days 3650 -config $CERTS/zogg.cnf
result=$? && doFail $result ">>> Error in openssl!"
doEchoStep " - Options override"
./scripts/config --set-str CONFIG_MODULE_SIG_KEY "certs/zogg.pem"
result=$? && doFail $result ">>> Error in script-config!"
./scripts/config --enable CONFIG_SYSTEM_TRUSTED_KEYRING
result=$? && doFail $result ">>> Error in script-config!"
./scripts/config --set-str CONFIG_SYSTEM_TRUSTED_KEYS "certs/zogg.pem"
result=$? && doFail $result ">>> Error in script-config!"
./scripts/config --enable CONFIG_SYSTEM_EXTRA_CERTIFICATE
result=$? && doFail $result ">>> Error in script-config!"
./scripts/config --set-val CONFIG_SYSTEM_EXTRA_CERTIFICATE_SIZE 4096
result=$? && doFail $result ">>> Error in script-config!"
./scripts/config --enable CONFIG_SECONDARY_TRUSTED_KEYRING
result=$? && doFail $result ">>> Error in script-config!"
./scripts/config --enable CONFIG_SYSTEM_BLACKLIST_KEYRING
result=$? && doFail $result ">>> Error in script-config!"
./scripts/config --set-str CONFIG_SYSTEM_BLACKLIST_HASH_LIST ""
result=$? && doFail $result ">>> Error in script-config!"
export CC="x86_64-pc-linux-gnu"
;;
*) ;;
@ -220,6 +250,7 @@ doScratch() {
if [ -d $WORKDIR ]; then
doEchoStep "Scratch: remove existing content"
rm -rf $WORKDIR
result=$? && doFail $result ">>> Error!"
else
doEchoStep "Scratch: existing previous content not found"
fi
@ -235,15 +266,14 @@ doDownload() {
cd $WORKDIR
doEchoStep "Download branch '$BRANCH' version '$VERSION'"
wget --compression=auto --show-progress --no-verbose --inet4-only https://cdn.kernel.org/pub/linux/kernel/v$BRANCH/linux-$VERSION.tar.sign
wget --compression=auto --show-progress --no-verbose --inet4-only https://cdn.kernel.org/pub/linux/kernel/v$BRANCH/linux-$VERSION.tar.xz
doSync
result=$?
if [ ! result==0 ]; then
echo ">>> Error in download!"
exit 1
fi
wget --compression=auto --show-progress --no-verbose --inet4-only https://cdn.kernel.org/pub/linux/kernel/v$BRANCH/linux-$VERSION.tar.sign
result=$? && doFail $result ">>> Error in download (sign)!"
wget --compression=auto --show-progress --no-verbose --inet4-only https://cdn.kernel.org/pub/linux/kernel/v$BRANCH/linux-$VERSION.tar.xz
result=$? && doFail $result ">>> Error in download (kernel)!"
doSync
fi
}
@ -253,13 +283,9 @@ doPerformUncompress() {
doEchoStep "Uncompress"
rm -rf linux-$VERSION
tar -xaf linux-$VERSION.tar.xz
result=$?
if [ ! result==0 ]; then
echo ">>> Error in uncompress!"
exit 1
fi
tar -xaf linux-$VERSION.tar.xz
result=$? && doFail $result ">>> Error in uncompress!"
}
doUncompress() {
if [ -d $WORKDIR ]; then
@ -283,14 +309,10 @@ doCleanup() {
if [ "$CLANG" == "1" ]; then
make -j${NPROC} LLVM=1 CC="ccache clang" distclean
result=$? && doFail $result ">>> Error in cleanup!"
else
make -j${NPROC} CC="ccache gcc" distclean
fi
result=$?
if [ ! result==0 ]; then
echo ">>> Error in cleanup!"
exit 1
result=$? && doFail $result ">>> Error in cleanup!"
fi
fi
}
@ -303,14 +325,11 @@ doConfigCloud() {
if [ -f .config ]; then
cp .config .config.cloud.before
result=$? && doFail $result ">>> Error .config copy (before)!"
fi
cp $CONFIGS/cloud-amd64 .config
result=$?
if [ ! result==0 ]; then
echo ">>> Error in cloud kernel .config copy!"
exit 1
fi
cp $CONFIGS/cloud-amd64 .config
result=$? && doFail $result ">>> Error .config copy!"
cp .config .config.cloud.after
fi
@ -324,17 +343,15 @@ doOldOne() {
if [ -f .config ]; then
cp .config .config.old.before
fi
if [ "$CLANG" == "1" ]; then
make -j${NPROC} LLVM=1 CC="ccache clang" olddefconfig
else
make -j${NPROC} CC="ccache gcc" olddefconfig
result=$? && doFail $result ">>> Error .config copy (before)!"
fi
result=$?
if [ ! result==0 ]; then
echo ">>> Error in generate .config!"
exit 1
if [ "$CLANG" == "1" ]; then
make -j${NPROC} LLVM=1 CC="ccache clang" olddefconfig
result=$? && doFail $result ">>> Error in generate .config!"
else
make -j${NPROC} CC="ccache gcc" olddefconfig
result=$? && doFail $result ">>> Error in generate .config!"
fi
cp .config .config.old.after
@ -349,17 +366,15 @@ doAllMods() {
if [ -f .config ]; then
cp .config .config.mod.before
fi
if [ "$CLANG" == "1" ]; then
make -j${NPROC} LLVM=1 CC="ccache clang" allmodconfig
else
make -j${NPROC} CC="ccache gcc" allmodconfig
result=$? && doFail $result ">>> Error .config copy (before)!"
fi
result=$?
if [ ! result==0 ]; then
echo ">>> Error in set all modules not in kernel!"
exit 1
if [ "$CLANG" == "1" ]; then
make -j${NPROC} LLVM=1 CC="ccache clang" allmodconfig
result=$? && doFail $result ">>> Error in set all modules not in kernel!"
else
make -j${NPROC} CC="ccache gcc" allmodconfig
result=$? && doFail $result ">>> Error in set all modules not in kernel!"
fi
cp .config .config.mod.after
@ -371,13 +386,9 @@ doPermissions() {
cd $WORKDIR
doEchoStep "Define user/group"
chown -R 1000:1000 $CURRENT/build/$BRANCH/$VERSION/.
result=$?
if [ ! result==0 ]; then
echo ">>> Error in chown!"
exit 1
fi
# chown -R 1000:1000 $CURRENT/build/$BRANCH/$VERSION/.
chown -R 1000:1000 $CURRENT/build
result=$? && doFail $result ">>> Error in chown!"
doSync
}
@ -389,18 +400,20 @@ doStripSig() {
if [ -f .config ]; then
cp .config .config.stripsig.before
result=$? && doFail $result ">>> Error .config stripsig (before)!"
fi
./scripts/config --disable MODULE_SIG_ALL
./scripts/config --set-str CONFIG_MODULE_SIG_KEY ""
./scripts/config --set-str CONFIG_SYSTEM_TRUSTED_KEY ""
./scripts/config --set-str CONFIG_SYSTEM_REVOCATION_KEYS ""
result=$? && doFail $result ">>> Error in script-config!"
result=$?
if [ ! result==0 ]; then
echo ">>> Error in chown!"
exit 1
fi
./scripts/config --set-str CONFIG_MODULE_SIG_KEY ""
result=$? && doFail $result ">>> Error in script-config!"
./scripts/config --set-str CONFIG_SYSTEM_TRUSTED_KEY ""
result=$? && doFail $result ">>> Error in script-config!"
./scripts/config --set-str CONFIG_SYSTEM_REVOCATION_KEYS ""
result=$? && doFail $result ">>> Error in script-config!"
cp .config .config.stripsig.after
}
@ -412,16 +425,14 @@ doStripDebug() {
if [ -f .config ]; then
cp .config .config.stripdebug.before
result=$? && doFail $result ">>> Error .config copy (before)!"
fi
./scripts/config --disable DEBUG_INFO
./scripts/config --enable DEBUG_INFO_NONE
result=$? && doFail $result ">>> Error in script-config!"
result=$?
if [ ! result==0 ]; then
echo ">>> Error in chown!"
exit 1
fi
./scripts/config --enable DEBUG_INFO_NONE
result=$? && doFail $result ">>> Error in script-config!"
cp .config .config.stripdebug.after
}
@ -436,14 +447,10 @@ doApplyPatches() {
if [ -f .config ]; then
cp .config .config.uarches.before
result=$? && doFail $result ">>> Error .config copy (before)!"
fi
patch -p1 <$PATCHES/more-uarches.patch
result=$?
if [ ! result==0 ]; then
echo ">>> Error in 'uarches'!"
exit 1
fi
result=$? && doFail $result ">>> Error in 'uarches'!"
cp .config .config.uarches.after
fi
@ -464,6 +471,7 @@ doScriptsConfigFile() {
# skip when starting with ';' (comment)
./scripts/config --${SWITCH} $option
result=$? && doFail $result ">>> Error in script-config!"
fi
done <"$FILE"
}
@ -475,6 +483,7 @@ doDefaultsDisable() {
if [ -f .config ]; then
cp .config .config.disable.before
result=$? && doFail $result ">>> Error .config copy (before)!"
fi
doScriptsConfigFile disable $OPTIONS/disable/disable.txt
@ -489,7 +498,9 @@ doDefaultsEnable() {
if [ -f .config ]; then
cp .config .config.enable.before
result=$? && doFail $result ">>> Error .config copy (before)!"
fi
if [ "$CLANG" == "1" ]; then
doScriptsConfigFile enable $OPTIONS/enable/clang.txt
fi
@ -498,12 +509,15 @@ doDefaultsEnable() {
case ${ARCH} in
"x86-64-v2")
./scripts/config --enable CONFIG_GENERIC_CPU2
result=$? && doFail $result ">>> Error in script-config!"
;;
"x86-64-v3")
./scripts/config --enable CONFIG_GENERIC_CPU3
result=$? && doFail $result ">>> Error in script-config!"
;;
"x86-64-v4")
./scripts/config --enable CONFIG_GENERIC_CPU4
result=$? && doFail $result ">>> Error in script-config!"
;;
esac
@ -515,6 +529,7 @@ doDefaultsEnable() {
doDefaultMitigations() {
if [ -f .config ]; then
cp .config .config.mitigations.before
result=$? && doFail $result ">>> Error .config copy (before)!"
fi
if [ $SECURED == 0 ]; then
@ -535,8 +550,11 @@ doDefaultsTesting() {
if [ -f .config ]; then
cp .config .config.testing.before
result=$? && doFail $result ">>> Error .config copy (before)!"
fi
./scripts/config --set-str CONFIG_LOCALVERSION '-test'
result=$? && doFail $result ">>> Error in script-config!"
cp .config .config.testing.after
fi
@ -549,6 +567,7 @@ doDefaultsNvidia() {
if [ -f .config ]; then
cp .config .config.nvidia.before
result=$? && doFail $result ">>> Error .config copy (before)!"
fi
doEchoStep "Options: NVIDIA disable"
@ -564,6 +583,7 @@ doDefaults() {
if [ -f .config ]; then
cp .config .config.default.before
result=$? && doFail $result ">>> Error .config copy (before)!"
fi
doApplyPatches
@ -576,8 +596,10 @@ doDefaults() {
doEchoStep "Define options"
if [ "$CLANG" == "1" ]; then
./scripts/config --set-str CONFIG_LOCALVERSION "${SEC}-clang"
result=$? && doFail $result ">>> Error in script-config!"
else
./scripts/config --set-str CONFIG_LOCALVERSION "${SEC}-gcc"
result=$? && doFail $result ">>> Error in script-config!"
fi
doDefaultsDisable
@ -596,17 +618,15 @@ doEditSettings() {
if [ -f .config ]; then
cp .config .config.edit.before
fi
if [ "$CLANG" == "1" ]; then
make -j${NPROC} LLVM=1 CC="ccache clang" menuconfig
else
make -j${NPROC} CC="ccache gcc" menuconfig
result=$? && doFail $result ">>> Error .config copy (before)!"
fi
result=$?
if [ ! result==0 ]; then
echo ">>> Error in settings edit!"
exit 1
if [ "$CLANG" == "1" ]; then
make -j${NPROC} LLVM=1 CC="ccache clang" menuconfig
result=$? && doFail $result ">>> Error in settings edit!"
else
make -j${NPROC} CC="ccache gcc" menuconfig
result=$? && doFail $result ">>> Error in settings edit!"
fi
cp .config .config.edit.after
@ -649,6 +669,7 @@ apt remove --purge ${PACKAGES}
sudo sync
exit 0
EOF
result=$? && doFail $result ">>> Error generate uninstall.sh!"
# generate install script
cat <<-EOF >${READY}/install.sh
@ -659,9 +680,11 @@ sudo dpkg -i *.deb
sudo sync
exit 0
EOF
result=$? && doFail $result ">>> Error generate install.sh!"
# Set execution attribute
chmod +x $READY/*.sh
result=$? && doFail $result ">>> Error chmod!"
else
echo ">>> No packages have been created!"
@ -670,6 +693,7 @@ EOF
# setup execution rights on packages
chown -R root:root $READY/.
result=$? && doFail $result ">>> Error chown!"
}
# Print compilation end informations
@ -739,6 +763,7 @@ doCompile() {
bindeb-pkg \
LOCALVERSION=-"$(dpkg --print-architecture)" \
KDEB_PKGVERSION="$(make kernelversion)-${REVISION}"
result=$? && doFail $result ">>> Error in 'make bindeb-pkg'!"
else
make \
-j${NPROC} \
@ -746,13 +771,7 @@ doCompile() {
bindeb-pkg \
LOCALVERSION=-"$(dpkg --print-architecture)" \
KDEB_PKGVERSION="$(make kernelversion)-${REVISION}"
fi
result=$?
doEchoStep "make bindeb-pkg: $result"
if [ ! result==0 ]; then
echo ">>> Error in 'make bindeb-pkg'!"
exit 1
result=$? && doFail $result ">>> Error in 'make bindeb-pkg'!"
fi
doGenerateUninstall