diff --git a/README.md b/README.md index 953ddba..f1df3e9 100644 --- a/README.md +++ b/README.md @@ -46,6 +46,7 @@ sudo bash kernel.sh 6.x 6.8.1 - Suppression du paramètre STEPS - Ajout du paramètre TARGET (afin de spécifier une distribution cible, ex: debian) - Cibles de compilation: debian, ubuntu +- + Corrections pour la compilation à destination d'Ubuntu ### 2024-04-26 diff --git a/certs/zogg.cnf b/certs/zogg.cnf new file mode 100644 index 0000000..1b30f3a --- /dev/null +++ b/certs/zogg.cnf @@ -0,0 +1,19 @@ +[ req ] +default_bits = 4096 +default_keyfile = zogg.pem +distinguished_name = req_distinguished_name +attributes = req_attributes +prompt = no +output_password = zoggzogg + +[ req_distinguished_name ] +C = FR +ST = Zogg +L = Zogg +O = Zogg +OU = Zogg +CN = zogg.fr +emailAddress = god@zogg + +[ req_attributes ] +challengePassword = zoggzogg diff --git a/kernel.sh b/kernel.sh index 75b2631..04328da 100644 --- a/kernel.sh +++ b/kernel.sh @@ -49,6 +49,21 @@ TESTING=0 # add testing options # diff --side-by-side --suppress-common-lines --ignore-tab-expansion --ignore-trailing-space --ignore-space-change --ignore-blank-lines --text CONFIG1 CONFIG2 # +# Ubuntu: +# sudo apt-get install linux-source +# In kernel sources folder: +# sudo openssl req -x509 -newkey rsa:4096 -keyout certs/mycert.pem -out certs/mycert.pem -nodes -days 3650 +# sudo nano .config +# CONFIG_MODULE_SIG_KEY="certs/mycert.pem" +# CONFIG_SYSTEM_TRUSTED_KEYRING=y +# CONFIG_SYSTEM_TRUSTED_KEYS="certs/mycert.pem" +# CONFIG_SYSTEM_EXTRA_CERTIFICATE=y +# CONFIG_SYSTEM_EXTRA_CERTIFICATE_SIZE=4096 +# CONFIG_SECONDARY_TRUSTED_KEYRING=y +# CONFIG_SYSTEM_BLACKLIST_KEYRING=y +# CONFIG_SYSTEM_BLACKLIST_HASH_LIST="" +# + doBuildSystem() { echo "v$UPDATED" } @@ -106,6 +121,7 @@ CURRENT=$CWD CONFIGS=$CURRENT/configs PATCHES=$CURRENT/patches OPTIONS=$CURRENT/options +CERTS=$CURRENT/certs BRANCH=$1 BRANCH="${BRANCH:=help}" @@ -118,13 +134,13 @@ WORKDIR="" cd $CURRENT # Perform specific distribution adjustments -doDistribution() { +doTarget() { case ${TARGET} in ubuntu) DISABLE=0 PATCHES=0 UARCH=0 - ARCH= + ARCH="native" CONFIGCLOUD=0 CONFIGMOD=0 CONFIGOLD=1 @@ -135,6 +151,32 @@ doDistribution() { esac } +# Perform adaptation bases on target specificity +doTargetAdapt() { + cd $WORKDIR + + doTargetName + case ${TARGET} in + ubuntu) + doEchoStep "Adaptation for: ${TARGETNAME}" + doEchoStep " - Certificates generation" + openssl req -x509 -newkey rsa:4096 -keyout certs/zogg.pem -out certs/zogg.pem -nodes -days 3650 -config $CERTS/zogg.cnf + doEchoStep " - Options override" + ./scripts/config --set-str CONFIG_MODULE_SIG_KEY "certs/zogg.pem" + ./scripts/config --enable CONFIG_SYSTEM_TRUSTED_KEYRING + ./scripts/config --set-str CONFIG_SYSTEM_TRUSTED_KEYS "certs/zogg.pem" + ./scripts/config --enable CONFIG_SYSTEM_EXTRA_CERTIFICATE + ./scripts/config --set-val CONFIG_SYSTEM_EXTRA_CERTIFICATE_SIZE 4096 + ./scripts/config --enable CONFIG_SECONDARY_TRUSTED_KEYRING + ./scripts/config --enable CONFIG_SYSTEM_BLACKLIST_KEYRING + ./scripts/config --set-str CONFIG_SYSTEM_BLACKLIST_HASH_LIST "" + export CC="x86_64-pc-linux-gnu" + ;; + *) + ;; + esac +} + # Force sync & flush doSync() { sync @@ -692,7 +734,7 @@ doCompile() { doKernel() { WORKDIR=$CURRENT/build/$BRANCH/$VERSION - doDistribution + doTarget doScratch if [ ! -d $WORKDIR ]; then @@ -715,6 +757,7 @@ doKernel() { doOldOne > >(tee -a $LOGFILE) 2>&1 doAllMods > >(tee -a $LOGFILE) 2>&1 doDefaults > >(tee -a $LOGFILE) 2>&1 + doTargetAdapt > >(tee -a $LOGFILE) 2>&1 doPermissions > >(tee -a $LOGFILE) 2>&1 doEditSettings