slackware-current/source/k/kernel-source.SlackBuild
Patrick J Volkerding 5fd1151343 Thu Jan 26 00:34:41 UTC 2023
ap/cups-filters-1.28.17-x86_64-1.txz:  Upgraded.
ap/vim-9.0.1241-x86_64-1.txz:  Upgraded.
  Fixed a security issue:
  Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1225.
  Thanks to marav for the heads-up.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2023-0433
  (* Security fix *)
d/guile-3.0.9-x86_64-1.txz:  Upgraded.
d/poke-3.0-x86_64-1.txz:  Upgraded.
l/nodejs-19.5.0-x86_64-1.txz:  Upgraded.
n/bind-9.18.11-x86_64-1.txz:  Upgraded.
  This update fixes bugs and the following security issues:
  An UPDATE message flood could cause :iscman:`named` to exhaust all
  available memory. This flaw was addressed by adding a new
  :any:`update-quota` option that controls the maximum number of
  outstanding DNS UPDATE messages that :iscman:`named` can hold in a
  queue at any given time (default: 100).
  :iscman:`named` could crash with an assertion failure when an RRSIG
  query was received and :any:`stale-answer-client-timeout` was set to a
  non-zero value. This has been fixed.
  :iscman:`named` running as a resolver with the
  :any:`stale-answer-client-timeout` option set to any value greater
  than ``0`` could crash with an assertion failure, when the
  :any:`recursive-clients` soft quota was reached. This has been fixed.
  For more information, see:
    https://kb.isc.org/docs/cve-2022-3094
    https://kb.isc.org/docs/cve-2022-3736
    https://kb.isc.org/docs/cve-2022-3924
    https://www.cve.org/CVERecord?id=CVE-2022-3094
    https://www.cve.org/CVERecord?id=CVE-2022-3736
    https://www.cve.org/CVERecord?id=CVE-2022-3924
  (* Security fix *)
n/openvpn-2.6.0-x86_64-1.txz:  Upgraded.
xap/vim-gvim-9.0.1241-x86_64-1.txz:  Upgraded.
2023-01-26 02:33:14 +01:00

236 lines
11 KiB
Bash
Executable file

#!/bin/sh
# Copyright 2018, 2020, 2021, 2023 Patrick J. Volkerding, Sebeka, Minnesota, USA
# All rights reserved.
#
# Redistribution and use of this script, with or without modification, is
# permitted provided that the following conditions are met:
#
# 1. Redistributions of this script must retain the above copyright
# notice, this list of conditions and the following disclaimer.
#
# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO
# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
cd $(dirname $0) ; CWD=$(pwd)
PKGNAM=${PKGNAM:-kernel-source}
BUILD=${BUILD:-1}
NUMJOBS=${NUMJOBS:-" -j$(expr $(nproc) + 1) "}
TMP=${TMP:-/tmp}
PKG=$TMP/package-$PKGNAM
# If CONFIG_PREEMPT=y and CONFIG_PREEMPT_DYNAMIC=y, then set a default preempt
# mode (none, voluntary, or full):
CONFIG_PREEMPT_DEFAULT_MODE=${CONFIG_PREEMPT_DEFAULT_MODE:-voluntary}
# If a $VERSION is not passed to this script, use the newest linux-*.tar.xz
# found in this directory:
VERSION=${VERSION:-$(/bin/ls -t linux-*.tar.?z | head -n 1 | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
if ! /bin/ls linux-*.tar.?z 1> /dev/null 2> /dev/null ; then
echo "Error: kernel source not found. (/bin/ls linux-*.tar.?z)"
fi
# Automatically determine the architecture we're building on:
if [ -z "$ARCH" ]; then
case "$(uname -m)" in
# Use uname -m for all archs:
*) ARCH=$(uname -m) ;;
esac
fi
# This function will revert or apply patches that are present here.
# Directories that are currently supported:
# patches-revert-${VERSION} (revert patches from this directory if kernel version matches)
# patches-revert-${ARCH} (revert patches from this directory if $ARCH matches)
# patches-${VERSION} (apply patches from this directory if kernel version matches)
# patches-${ARCH} (apply patches from this directory if $ARCH matches)
# All the applied/reverted patches will be copied to the root of the kernel source tree.
apply_patches() {
# First do patches-revert:
if [ -d $CWD/patches-revert-${VERSION} ]; then
if [ "$1" = "VERBOSE" ]; then
echo "Reverting kernel patches in $CWD/patches-revert-${VERSION} and copying patches to $PKG/usr/src/linux-${VERSION}..."
zcat $CWD/patches-revert-${VERSION}/*.gz | patch -p1 -R --backup --suffix=.orig || exit 1
else
zcat $CWD/patches-revert-${VERSION}/*.gz | patch -p1 -R --backup --suffix=.orig 1> /dev/null 2> /dev/null || exit 1
fi
cp -a $CWD/patches-revert-${VERSION}/*.gz .
fi
if [ -d $CWD/patches-revert-${ARCH} ]; then
if [ "$1" = "VERBOSE" ]; then
echo "Reverting kernel patches in $CWD/patches-revert-${ARCH} and copying patches to $PKG/usr/src/linux-${VERSION}..."
zcat $CWD/patches-revert-${ARCH}/*.gz | patch -p1 -R --backup --suffix=.orig || exit 1
else
zcat $CWD/patches-revert-${ARCH}/*.gz | patch -p1 -R --backup --suffix=.orig 1> /dev/null 2> /dev/null || exit 1
fi
cp -a $CWD/patches-revert-${ARCH}/*.gz .
fi
# Then apply patches:
if [ -d $CWD/patches-${VERSION} ]; then
if [ "$1" = "VERBOSE" ]; then
echo "Applying kernel patches in $CWD/patches-${VERSION} and copying patches to $PKG/usr/src/linux-${VERSION}..."
zcat $CWD/patches-${VERSION}/*.gz | patch -p1 --backup --suffix=.orig || exit 1
else
zcat $CWD/patches-${VERSION}/*.gz | patch -p1 --backup --suffix=.orig 1> /dev/null 2> /dev/null || exit 1
fi
cp -a $CWD/patches-${VERSION}/*.gz .
fi
if [ -d $CWD/patches-${ARCH} ]; then
if [ "$1" = "VERBOSE" ]; then
echo "Applying kernel patches in $CWD/patches-${ARCH} and copying patches to $PKG/usr/src/linux-${VERSION}..."
zcat $CWD/patches-${ARCH}/*.gz | patch -p1 --backup --suffix=.orig || exit 1
else
zcat $CWD/patches-${ARCH}/*.gz | patch -p1 --backup --suffix=.orig 1> /dev/null 2> /dev/null || exit 1
fi
cp -a $CWD/patches-${ARCH}/*.gz .
fi
}
# Kernel extraversion, such as "-smp" on 32-bit. There's usually no need to set
# this unless you're using something unusual. We use it to find which .config
# file to use, but we'll then use whatever CONFIG_LOCALVERSION is set to
# inside the .config.
LOCALVERSION=${LOCALVERSION:-""}
# If KERNEL_CONFIG (name of kernel .config file in ./kernel-configs to use)
# has not been passed to this script, then we will select one. We will prefer
# to use a generic, SMP-supporting .config with a version number exactly
# matching the kernel sources. But if there's no exact version match, we will
# start with the newest .config we can find that's of the appropriate type.
if [ -z "${KERNEL_CONFIG}" ]; then # figure out the best matching .config
if [ "$ARCH" = "x86_64" ]; then
CONFIG_SUFFIX=".x64"
fi
if [ -z "${LOCALVERSION}" ]; then
if echo $ARCH | grep -q -E "i?86$" ; then
# Default to SMP extraversion on 32-bit:
LOCALVERSION="-smp"
fi
fi
if [ -r "$CWD/kernel-configs/config-generic${LOCALVERSION}-${VERSION}$LOCALVERSION${CONFIG_SUFFIX}" ]; then
# Exact match!
KERNEL_CONFIG="config-generic${LOCALVERSION}-${VERSION}${LOCALVERSION}${CONFIG_SUFFIX}"
else # no exact match, so find newest with the same name:
FIND_MATCH="$(/bin/ls -t $CWD/kernel-configs/config-generic${LOCALVERSION}-*${LOCALVERSION}${CONFIG_SUFFIX} 2> /dev/null | head -n 1)"
if [ -r "${FIND_MATCH}" ]; then
KERNEL_CONFIG="$(basename ${FIND_MATCH})"
unset FIND_MATCH
else
echo "Error: no matching .config file could be found for this kernel. Tried:"
echo " $CWD/kernel-configs/config-generic${LOCALVERSION}-${VERSION}${LOCALVERSION}${CONFIG_SUFFIX} (not found)"
exit 1
fi
fi
else # We were given a name to use:
if [ ! -r "$CWD/kernel-configs/${KERNEL_CONFIG}" ]; then
echo "Error: specified kernel .config $CWD/kernel-configs/${KERNEL_CONFIG} was not found."
exit 1
fi
fi
# Set LOCALVERSION to the value found inside the .config:
LOCALVERSION="$(cat $CWD/kernel-configs/${KERNEL_CONFIG} | grep CONFIG_LOCALVERSION= | cut -f 2 -d = | tr -d \")"
# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
# the name of the created package would be, and then exit. This information
# could be useful to other scripts.
if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
# We will have to extract and patch the kernel sources to find out the kernel version:
TEMPDIR=$(mktemp -d)
cd $TEMPDIR
tar xf $CWD/linux-${VERSION}.tar.?z || exit 1
cd linux*
apply_patches
PACKAGE_VERSION=$(grep "^VERSION = " Makefile | rev | cut -f 1 -d ' ' | rev).$(grep "^PATCHLEVEL = " Makefile | rev | cut -f 1 -d ' ' | rev).$(grep "^SUBLEVEL = " Makefile | rev | cut -f 1 -d ' ' | rev)$(grep "^EXTRAVERSION = " Makefile | rev | cut -f 1 -d ' ' | rev)
cd $CWD
rm -rf $TEMPDIR
echo "kernel-source-$(echo ${PACKAGE_VERSION} | tr - _)$(echo ${LOCALVERSION} | tr - _)-noarch-$BUILD.txz"
exit 0
fi
echo "Using kernel config: $CWD/kernel-configs/${KERNEL_CONFIG}"
rm -rf $PKG
mkdir -p $TMP $PKG
mkdir -p $PKG/usr/src
echo "Untarring $CWD/linux-${VERSION}.tar.?z in $PKG/usr/src..."
( cd $PKG/usr/src
tar xf $CWD/linux-${VERSION}.tar.?z || exit 1
echo "Making /usr/src/linux symlink..."
ln -sf linux-* linux
cd linux-*
apply_patches VERBOSE
echo "Copying $CWD/kernel-configs/${KERNEL_CONFIG} to .config..."
cp -a $CWD/kernel-configs/${KERNEL_CONFIG} .config
echo "Fixing permissions/ownership..."
chown -R root:root .
find . \
\( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \
-exec chmod 755 {} \+ -o \
\( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \
-exec chmod 644 {} \+
) || exit 1
# Kernel is now ready to configure. We will also build this kernel so that
# the installed kernel source package is fully configured, and building an
# out-of-tree module (such as the NVIDIA driver) won't require the user
# to build the kernel sources first.
( cd $PKG/usr/src/linux-${VERSION}
echo "Making oldconfig..."
make oldconfig
if [ ! -r $CWD/kernel-configs/config-generic${LOCALVERSION}-${VERSION}${LOCALVERSION}${CONFIG_SUFFIX} ]; then
echo "Saving new .config as: $CWD/kernel-configs/config-generic${LOCALVERSION}-${VERSION}${LOCALVERSION}${CONFIG_SUFFIX}"
cp -a .config $CWD/kernel-configs/config-generic${LOCALVERSION}-${VERSION}${LOCALVERSION}${CONFIG_SUFFIX}
fi
# If CONFIG_PREEMPT=y and CONFIG_PREEMPT_DYNAMIC=y, then set a default preempt
# mode (none, voluntary, or full):
if grep -wq CONFIG_PREEMPT=y .config ; then
if grep -wq CONFIG_PREEMPT_DYNAMIC=y .config ; then
# Sanity check:
if ! echo $CONFIG_PREEMPT_DEFAULT_MODE | grep -wq -e none -e voluntary -e full ; then
echo "ERROR: Invalid mode for CONFIG_PREEMPT_DEFAULT_MODE: $CONFIG_PREEMPT_DEFAULT_MODE"
exit 1
fi
echo "Setting default PREEMPT mode: $CONFIG_PREEMPT_DEFAULT_MODE"
sed -i "s/^int preempt_dynamic_mode = preempt_dynamic_.*;$/int preempt_dynamic_mode = preempt_dynamic_$CONFIG_PREEMPT_DEFAULT_MODE;/g" kernel/sched/core.c
fi
fi
echo "Building kernel and modules (needed before clean for building NVIDIA to work)..."
make ${NUMJOBS} || exit 1
make ${NUMJOBS} modules || exit 1
echo "Cleaning up..."
make clean
# Make sure header files aren't missing...
make prepare
# Don't package the kernel in the sources:
find . -name "*Image" -exec rm "{}" \+
# No need for these:
rm -f .config.old .version
find . -name "*.cmd" -exec rm -f "{}" \+
rm .*.d
# Still some dotfiles laying around... probably fine though
) || exit 1
cd $PKG/usr/src/linux-${VERSION}
# Use the version number found in the Makefile in the package name. This is not
# always the same as the version in the source tarball's filename. For example,
# linux-4.14.tar.xz will have 4.14.0 as the version in the Makefile:
PACKAGE_VERSION=$(grep "^VERSION = " Makefile | rev | cut -f 1 -d ' ' | rev).$(grep "^PATCHLEVEL = " Makefile | rev | cut -f 1 -d ' ' | rev).$(grep "^SUBLEVEL = " Makefile | rev | cut -f 1 -d ' ' | rev)$(grep "^EXTRAVERSION = " Makefile | rev | cut -f 1 -d ' ' | rev)
mkdir $PKG/install
cat $CWD/slack-desc/slack-desc.kernel-source > $PKG/install/slack-desc
# Make the package:
cd $PKG
/sbin/makepkg -l y -c n $TMP/kernel-source-$(echo ${PACKAGE_VERSION} | tr - _)$(echo ${LOCALVERSION} | tr - _)-noarch-$BUILD.txz