diff options
-rwxr-xr-x | bootstrap | 153 | ||||
-rwxr-xr-x | buildos | 10 |
2 files changed, 110 insertions, 53 deletions
@@ -28,8 +28,22 @@ # 5 - create footfs # 6 - create kernel image and initrd # +# --arch-variant +# Architecture variant, for example, m1 for aarch64-m1. +# +# --kernel-source +# Pre-configured Linux kernel source .tar.* archive. If unspecified, Debian +# source/configuration will be used. +# usage="usage: $0" +owd="$(pwd)" +trap "{ cd '$owd'; exit 1; }" ERR +set -o errtrace # Trap in functions. + +function info () { echo "$*" 1>&2; } +function error () { info "$*"; exit 1; } + id="$(id -un)" btrfs=/btrfs root="$btrfs/$id/buildos" @@ -98,15 +112,12 @@ esac extra_pkgs="" -owd="$(pwd)" -trap "{ cd '$owd'; exit 1; }" ERR -set -o errtrace # Trap in functions. - -function info () { echo "$*" 1>&2; } -function error () { info "$*"; exit 1; } - -stage="1" -stage_max="6" +# Options. +# +stage=1 +stage_max=6 +arch_variant= +kernel_source= while [ "$#" -gt 0 ]; do case "$1" in @@ -115,6 +126,16 @@ while [ "$#" -gt 0 ]; do stage="$1" shift ;; + --arch-variant) + shift + arch_variant="$1" + shift + ;; + --kernel-source) + shift + kernel_source="$1" + shift + ;; -*) error "unknown option: $1" ;; @@ -128,6 +149,11 @@ if [ "$stage" -lt "1" -o "$stage" -gt "$stage_max" ]; then error "invalid stage number $stage" fi +arch_with_variant="$arch" +if [ -n "$arch_variant" ]; then + arch_with_variant="$arch_with_variant-$arch_variant" +fi + # Extract version. # version="$(sed -n -re 's/^version: ([0-9]+\.[0-9]+\.[0-9]+).*$/\1/p' ./manifest)" @@ -410,6 +436,12 @@ EOF subvol_delete "$root-3-kernel" subvol_snapshot "$root" "$root-3-kernel" + # Copy custom kernel source. + # + if [ -n "$kernel_source" ]; then + sudo install -m 644 "$kernel_source" "$root-3-kernel/usr/src/" + fi + # Copy patches. # #sudo cp ./patches/tftp-hpa-partial-upload.patch "$root-3-kernel/bootstrap/" @@ -450,62 +482,73 @@ fi # kernel with adjusted configuration. Taken from the Debian Kernel Handbook. # apt-get update -apt-get install -y linux-source apt-get install -y bison flex apt-get install -y libelf-dev apt-get install -y libssl-dev apt-get install -y rsync apt-get install -y dwarves + cd /usr/src -tar xf linux-source-* -mv linux-source-*/ linux -xzcat linux-config-*/config.${debian_arch}_none_${debian_arch}.xz >linux/.config + +if [ -z "$kernel_source" ]; then + apt-get install -y linux-source + tar xf linux-source-* + mv linux-source-*/ linux + xzcat linux-config-*/config.${debian_arch}_none_${debian_arch}.xz >linux/.config +else + tar xf $kernel_source + mv \$(sed -re 's/(.+)\.tar\..+/\1/' <<<$kernel_source) linux +endif + cd linux # Adjust configuration. # -# Note that SECURITY_LOCKDOWN_LSM forces MODULE_SIG ('select' in Kconfig). -# -# Generally, if you disable an option but it still appears enabled after -# the kernel build, search for 'select XXX' in Kconfig* and also disable -# any found symbols. -# -scripts/config --disable KCSAN -scripts/config --disable SECURITY_LOCKDOWN_LSM -scripts/config --disable MODULE_SIG -scripts/config --set-str BUILD_SALT '' -scripts/config --set-str SYSTEM_TRUSTED_KEYS '' +if [ -z "$kernel_source" ]; then -scripts/config --enable INIT_STACK_NONE -scripts/config --disable INIT_STACK_ALL_PATTERN -scripts/config --disable INIT_STACK_ALL_ZERO + # Note that SECURITY_LOCKDOWN_LSM forces MODULE_SIG ('select' in Kconfig). + # + # Generally, if you disable an option but it still appears enabled after + # the kernel build, search for 'select XXX' in Kconfig* and also disable + # any found symbols. + # + scripts/config --disable KCSAN + scripts/config --disable SECURITY_LOCKDOWN_LSM + scripts/config --disable MODULE_SIG + scripts/config --set-str BUILD_SALT '' + scripts/config --set-str SYSTEM_TRUSTED_KEYS '' -scripts/config --enable DEBUG_INFO_NONE -scripts/config --disable DEBUG_INFO_DWARF_TOOLCHAIN_DEFAULT + scripts/config --enable INIT_STACK_NONE + scripts/config --disable INIT_STACK_ALL_PATTERN + scripts/config --disable INIT_STACK_ALL_ZERO -# aarch64/5.19 additions: -# -scripts/config --disable KCOV -scripts/config --disable SHADOW_CALL_STACK -scripts/config --disable VIDEO_ADV7511 + scripts/config --enable DEBUG_INFO_NONE + scripts/config --disable DEBUG_INFO_DWARF_TOOLCHAIN_DEFAULT -# Disable sound subsystem/drivers. -# -sed -i -re '/^CONFIG_SND_.+/d' .config -sed -i -re '/^CONFIG_SOUND_.+/d' .config -scripts/config --disable CONFIG_SOUND -scripts/config --disable CONFIG_SND + # aarch64/5.19 additions: + # + scripts/config --disable KCOV + scripts/config --disable SHADOW_CALL_STACK + scripts/config --disable VIDEO_ADV7511 -# Disable GPU subsystem/drivers. -# -# NOTE: this seems to have killed the high-resolution console. -# -sed -i -re '/^CONFIG_DRM_.+/d' .config -scripts/config --disable CONFIG_DRM + # Disable sound subsystem/drivers. + # + sed -i -re '/^CONFIG_SND_.+/d' .config + sed -i -re '/^CONFIG_SOUND_.+/d' .config + scripts/config --disable CONFIG_SOUND + scripts/config --disable CONFIG_SND -# Disable wireless network drivers. -# -scripts/config --disable CONFIG_WLAN + # Disable GPU subsystem/drivers. + # + # NOTE: this seems to have killed the high-resolution console. + # + sed -i -re '/^CONFIG_DRM_.+/d' .config + scripts/config --disable CONFIG_DRM + + # Disable wireless network drivers. + # + scripts/config --disable CONFIG_WLAN +fi # Adjust kernel command line size limit. # @@ -690,6 +733,11 @@ if [ "$stage" -le "6" ]; then sudo ln -sf "$root/usr/lib/systemd/system/buildos.service" \ "$root/etc/systemd/system/multi-user.target.wants/buildos.service" + # Patch in the arch variant. + # + sudo sed -i -e "s/^arch_variant=.*/arch_variant=$arch_variant/" \ + "$root/usr/sbin/buildos" + info "generating buildos-init.cpio.xz..." cd "$root" @@ -703,12 +751,13 @@ etc/systemd/system/multi-user.target.wants/buildos.service EOF cd "$owd" - cat buildos-rootfs.cpio.xz buildos-init.cpio.xz >"buildos-initrd-$arch" + cat buildos-rootfs.cpio.xz \ + buildos-init.cpio.xz >"buildos-initrd-$arch_with_variant" # Copy the kernel image next to the initramfs for convenience. # - cp "$root/vmlinuz" "buildos-image-$arch" - echo "$buildid" >"buildos-buildid-$arch" + cp "$root/vmlinuz" "buildos-image-$arch_with_variant" + echo "$buildid" >"buildos-buildid-$arch_with_variant" subvol_snapshot -r "$root" "$root-6" fi @@ -29,7 +29,15 @@ function error () exit 1 } +# Note: the arch variant is patched in by the bootstrap script. +# arch="$(uname -m)" +arch_variant= + +arch_with_variant="$arch" +if [ -n "$arch_variant" ]; then + arch_with_variant="$arch_with_variant-$arch_variant" +fi # Network timeouts: 60 seconds to connect, 10 minutes to complete, 4 retries # (5 attempts total). These are similar to bbot timeouts. Note that the @@ -125,7 +133,7 @@ function restart () } if [ -n "$buildid_url" ]; then - buildid_url="$buildid_url-$arch" + buildid_url="$buildid_url-$arch_with_variant" else info "no buildos.buildid_url specified, not monitoring for new os builds" fi |