]> git.ipfire.org Git - ipfire-2.x.git/blame - lfs/linux
kernel: update to 6.1.5
[ipfire-2.x.git] / lfs / linux
CommitLineData
df5e82b3 1###############################################################################
df5e82b3 2# #
70df8302 3# IPFire.org - A linux based firewall #
0e18e19a 4# Copyright (C) 2007-2023 IPFire Team <info@ipfire.org> #
70df8302
MT
5# #
6# This program is free software: you can redistribute it and/or modify #
df5e82b3 7# it under the terms of the GNU General Public License as published by #
70df8302 8# the Free Software Foundation, either version 3 of the License, or #
df5e82b3
MT
9# (at your option) any later version. #
10# #
70df8302 11# This program is distributed in the hope that it will be useful, #
df5e82b3
MT
12# but WITHOUT ANY WARRANTY; without even the implied warranty of #
13# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
14# GNU General Public License for more details. #
15# #
16# You should have received a copy of the GNU General Public License #
70df8302 17# along with this program. If not, see <http://www.gnu.org/licenses/>. #
df5e82b3 18# #
df5e82b3
MT
19###############################################################################
20
21###############################################################################
22# Definitions
23###############################################################################
24
25include Config
26
c35ec822 27VER = 6.1.5
65352552 28ARM_PATCHES = 6.1.y-ipfire0
df5e82b3
MT
29
30THISAPP = linux-$(VER)
79f94395 31DL_FILE = linux-$(VER).tar.xz
a2cb3a33 32DL_FROM = $(URL_IPFIRE)
df5e82b3
MT
33DIR_APP = $(DIR_SRC)/$(THISAPP)
34CFLAGS =
35CXXFLAGS =
36
347db51a 37HEADERS_ARCH = $(BUILD_PLATFORM)
7f841117
AF
38KERNEL_ARCH = $(BUILD_ARCH)
39KERNEL_TARGET = bzImage
347db51a 40
dc7d6b20
MT
41ifeq "$(BUILD_ARCH)" "aarch64"
42 HEADERS_ARCH = arm64
347db51a
MT
43 KERNEL_ARCH = arm64
44 KERNEL_TARGET = Image
45endif
46
aafdd71b 47ifeq "$(BUILD_ARCH)" "armv6l"
07664187 48 KERNEL_ARCH = arm
347db51a 49 KERNEL_TARGET = zImage
ba583892
MT
50endif
51
5c1a1094
MT
52ifeq "$(BUILD_ARCH)" "riscv64"
53 KERNEL_ARCH = riscv
54 KERNEL_TARGET = Image.gz
55endif
56
fdf0c7c1 57VERSUFIX=ipfire$(KCFG)
b0d0b681 58
991d11d7 59ifeq "$(TOOLCHAIN)" "1"
cc24c14b 60 TARGET = $(DIR_INFO)/linux-$(VER)-$(VERSUFIX)-tools
6c4cc7ea 61 HEADERS_PREFIX = $(TOOLS_DIR)
3c7ae787 62 EXTRAMAKE = CROSS_COMPILE=$(CROSSTARGET)-
51f9e7ac
MT
63else
64 TARGET = $(DIR_INFO)/linux-$(VER)-$(VERSUFIX)
cc24c14b 65 HEADERS_PREFIX = /usr
51f9e7ac
MT
66endif
67
bc8fe5ff
AF
68ifeq "$(KCFG)" ""
69LASTKERNEL=1
70endif
bc8fe5ff 71
df5e82b3
MT
72###############################################################################
73# Top-level Rules
74###############################################################################
75objects =$(DL_FILE) \
b69338e0 76 arm-multi-patches-$(ARM_PATCHES).patch.xz
e69f1bf2 77
932a34e5 78$(DL_FILE) = $(URL_IPFIRE)/$(DL_FILE)
b69338e0 79arm-multi-patches-$(ARM_PATCHES).patch.xz = $(URL_IPFIRE)/arm-multi-patches-$(ARM_PATCHES).patch.xz
e69f1bf2 80
c35ec822 81$(DL_FILE)_BLAKE2 = b3e47f1184171febcd563285b82682e15fff8d932c8f897157e528e1195ca926153659be2defaf3fe294999625757f6efd02b0a786536b7e7c695721be7144aa
65352552 82arm-multi-patches-$(ARM_PATCHES).patch.xz_BLAKE2 = 3ef9a778c5c41ee8bf2942a48f63b21228a632a2910d2123f01155bbf571592898cffffa61c387a5a6c817b62e458947b4c406c6591b23b5401faa47b020337f
bdf9df74 83
df5e82b3
MT
84install : $(TARGET)
85
86check : $(patsubst %,$(DIR_CHK)/%,$(objects))
87
88download :$(patsubst %,$(DIR_DL)/%,$(objects))
89
9a7e4d85 90b2 : $(subst %,%_BLAKE2,$(objects))
df5e82b3 91
f418a984
AF
92dist:
93 @$(PAK)
9a7e4d85 94
df5e82b3 95###############################################################################
9a7e4d85 96# Downloading, checking, b2sum
df5e82b3
MT
97###############################################################################
98
99$(patsubst %,$(DIR_CHK)/%,$(objects)) :
100 @$(CHECK)
101
102$(patsubst %,$(DIR_DL)/%,$(objects)) :
103 @$(LOAD)
104
9a7e4d85
PM
105$(subst %,%_BLAKE2,$(objects)) :
106 @$(B2SUM)
df5e82b3
MT
107
108###############################################################################
109# Installation Details
110###############################################################################
111
112$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
113 @$(PREBUILD)
fdecb907 114 @rm -rf $(DIR_APP) $(DIR_SRC)/linux && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE)
b0d0b681 115
51f9e7ac 116 ln -svf linux-$(VER) $(DIR_SRC)/linux
3a1019f6 117
3a1019f6 118 # Layer7-patch
65352552 119 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux/linux-6.1-layer7.patch
bb5f0bf8 120
e2b79cd1 121 # DVB Patches
e2b79cd1
AF
122 cd $(DIR_APP) && patch -Np2 < $(DIR_SRC)/src/patches/v4l-dvb_fix_tua6034_pll.patch
123
d33aa452 124 # Wlan Patches
3005eb22 125 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux/linux-4.14_ath_user_regd.patch
91648bd1 126 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux/linux-4.9.8-iwlwifi-noibss_only_on_radar_chan.patch
d33aa452 127
fcffac13 128 # Fix igb and e1000e crash
2e1fe3c8 129 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux/linux-4.14.1-igb-e1000e_fix_lock_at_update_stats.patch
d52f1169 130
1e67b3c3 131 # cs5535audio spams syslog if no ac97 was present (geos router)
91648bd1 132 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux/linux-4.9.8_cs5535audio_fix_logspam_on_geos.patch
1e67b3c3 133
87837787 134 # Fix uevent PHYSDEVDRIVER
91648bd1 135 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux/linux-2.6.32.27_mcs7830-fix-driver-name.patch
bd64e2a0 136
c062c770
AF
137 # fix Boot with enabled usercopy hardening
138 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux/linux-5.9-crypto_testmgr_allocate_buffers_with____GFP_COMP.patch
b923dd3d 139
400c4e8e
PM
140 # Patch performance monitoring restrictions to allow further hardening
141 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux/linux-5.15.17-security-perf-allow-further-restriction-of-perf_event_open.patch
f0a86e18
PM
142
143 # https://bugzilla.ipfire.org/show_bug.cgi?id=12760
144 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux/linux-5.15-NFQUEUE-Hold-RCU-read-lock-while-calling-nf_reinject.patch
0664b172 145
65352552
AF
146 # Fix external module compile
147 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux/linux-6.0-fix_external_module_build.patch
148
149 # Fix pmc compile dependency errors
150 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux/linux-6.0.7-platform-x86-amd-Fix-pmc-compile-dependency-errors.patch
400c4e8e 151
aafdd71b 152ifeq "$(BUILD_ARCH)" "armv6l"
0a21d63f 153 # Apply Arm-multiarch kernel patches.
5a27051f 154 cd $(DIR_APP) && xzcat $(DIR_DL)/arm-multi-patches-$(ARM_PATCHES).patch.xz | patch -Np1
c448474f 155endif
66a29eaa
AF
156ifeq "$(BUILD_ARCH)" "aarch64"
157 # Apply Arm-multiarch kernel patches.
5a27051f 158 cd $(DIR_APP) && xzcat $(DIR_DL)/arm-multi-patches-$(ARM_PATCHES).patch.xz | patch -Np1
fdecb907 159endif
0b4976e2
AF
160 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux/linux-3.14.79-amba-fix.patch
161
cee50e12 162ifeq "$(KCFG)" "-headers"
51f9e7ac 163 # Install the header files
3c7ae787 164 cd $(DIR_APP) && make ARCH=$(HEADERS_ARCH) $(EXTRAMAKE) headers
51f9e7ac 165 -mkdir -pv $(BUILDROOT)/$(HEADERS_PREFIX)/include
c062c770
AF
166 cd $(DIR_APP) && find usr/include -name '.*' -delete
167 cd $(DIR_APP) && rm usr/include/Makefile
168 cd $(DIR_APP) && cp -rv usr/include/* $(BUILDROOT)/$(HEADERS_PREFIX)/include
51f9e7ac
MT
169else
170
aa2049e5
MT
171 # Install ipfire logo
172 cd $(DIR_APP) && cp -vf $(DIR_SRC)/config/kernel/ipfire_logo.ppm \
173 drivers/video/logo/logo_linux_clut224.ppm
174
df5e82b3 175 # Cleanup kernel source
dc7d6b20 176 cp $(DIR_SRC)/config/kernel/kernel.config.$(BUILD_ARCH)-$(VERSUFIX) $(DIR_APP)/.config
6f67c28d
MT
177 cd $(DIR_APP) && make oldconfig
178 cd $(DIR_APP) && make clean
fdecb907 179 cd $(DIR_APP) && sed -i -e 's/EXTRAVERSION\ =.*/EXTRAVERSION\ =\ -$(VERSUFIX)/' Makefile
3a1019f6 180
831ff05d
AF
181 # Copy Module signing key configuration
182 cp -f $(DIR_SRC)/config/kernel/x509.genkey $(DIR_APP)/certs/x509.genkey
183
2e65d316
AF
184 # Remove modules folder if exists
185 rm -rf /lib/modules/$(VER)-$(VERSUFIX)
186
347db51a
MT
187 # Build the kernel
188 cd $(DIR_APP) && make $(MAKETUNING) $(KERNEL_TARGET) modules
a158cbbb 189
347db51a
MT
190 # Install the kernel
191 cd $(DIR_APP) && cp -v arch/$(KERNEL_ARCH)/boot/$(KERNEL_TARGET) /boot/vmlinuz-$(VER)-$(VERSUFIX)
2b2e03ed
AF
192 cd $(DIR_APP) && cp -v System.map /boot/System.map-$(VER)-$(VERSUFIX)
193 cd $(DIR_APP) && cp -v .config /boot/config-$(VER)-$(VERSUFIX)
6f67c28d 194 cd $(DIR_APP) && make $(MAKETUNING) modules_install
376e42ce 195
dc7d6b20 196ifeq "$(BUILD_PLATFORM)" "arm"
6f67c28d 197 cd $(DIR_APP) && make $(MAKETUNING) dtbs
5b17da41 198 mkdir -p /boot/dtb-$(VER)-$(VERSUFIX)
574a7117 199 cd $(DIR_APP)/arch/$(KERNEL_ARCH)/boot/dts && for f in $$(find -name "*.dtb"); do \
5b17da41
AF
200 cp -v --parents $$f /boot/dtb-$(VER)-$(VERSUFIX)/ ; \
201 chmod 644 /boot/dtb-$(VER)-$(VERSUFIX)/$$f ; \
7284262a
AF
202 done
203endif
204
0ad5f6a1
MT
205 # Recreate source and build links
206 rm -rf /lib/modules/$(VER)-$(VERSUFIX)/{build,source}
207 mkdir -p /lib/modules/$(VER)-$(VERSUFIX)/build
208 ln -sf build /lib/modules/$(VER)-$(VERSUFIX)/source
209
210 # Create dirs for extra modules
211 mkdir -p /lib/modules/$(VER)-$(VERSUFIX)/extra
212
213 cd $(DIR_APP) && cp --parents $$(find -type f -name "Makefile*" -o -name "Kconfig*") \
214 /lib/modules/$(VER)-$(VERSUFIX)/build
215 cd $(DIR_APP) && cp Module.symvers System.map /lib/modules/$(VER)-$(VERSUFIX)/build
216 rm -rf /lib/modules/$(VER)-$(VERSUFIX)/build/{Documentation,scripts,include}
217
218 cd $(DIR_APP) && cp .config /lib/modules/$(VER)-$(VERSUFIX)/build
219 cd $(DIR_APP) && cp -a scripts /lib/modules/$(VER)-$(VERSUFIX)/build
220 find /lib/modules/$(VER)-$(VERSUFIX)/build/scripts -name "*.o" -exec rm -vf {} \;
221
222 cd $(DIR_APP) && cp -a --parents arch/$(HEADERS_ARCH)/include /lib/modules/$(VER)-$(VERSUFIX)/build
223 cd $(DIR_APP) && cp -a include /lib/modules/$(VER)-$(VERSUFIX)/build/include
224
831ff05d
AF
225 # Copy module signing key for off tree modules
226 cd $(DIR_APP) && cp -f certs/signing_key.* /lib/modules/$(VER)-$(VERSUFIX)/build/certs/
227
0ad5f6a1 228 # Install objtool
c1e8c954
MT
229 cd $(DIR_APP) && cp -a tools/objtool/objtool \
230 /lib/modules/$(VER)-$(VERSUFIX)/build/tools/objtool/ || :
0ad5f6a1
MT
231 cd $(DIR_APP) && cp -a --parents tools/build/{Build,Build.include,fixdep.c} \
232 tools/scripts/utilities.mak /lib/modules/$(VER)-$(VERSUFIX)/build
233
234 # Make sure we can build external modules
235 touch -r /lib/modules/$(VER)-$(VERSUFIX)/build/Makefile \
3f60a1e1 236 /lib/modules/$(VER)-$(VERSUFIX)/build/include/generated/uapi/linux/version.h
0ad5f6a1
MT
237 touch -r /lib/modules/$(VER)-$(VERSUFIX)/build/.config \
238 /lib/modules/$(VER)-$(VERSUFIX)/build/autoconf.h
239 cp /lib/modules/$(VER)-$(VERSUFIX)/build/.config \
240 /lib/modules/$(VER)-$(VERSUFIX)/build/include/config/auto.conf
241
242 # Fix permissions
243 find /lib/modules/$(VER)-$(VERSUFIX) -name "modules.order" \
244 -exec chmod 644 {} \;
245
246 find /lib/modules/$(VER)-$(VERSUFIX) -name ".*.cmd" -exec rm -f {} \;
247
bc8fe5ff
AF
248ifeq "$(LASTKERNEL)" "1"
249 # Only do this once
81e974f3 250 cd $(DIR_APP) && install -m 755 usr/gen_init_cpio /sbin/
d644d86f 251
050479e9
AF
252 # disable drm by install drm to /bin/false because i915 ignore blacklisting
253 echo install drm /bin/false > /etc/modprobe.d/framebuffer.conf
254
aa1dd878 255 # Blacklist old framebuffer modules
4c76d08b 256 for f in $$(find /lib/modules/$(VER)-$(VERSUFIX)/kernel/drivers/video/fbdev/ -name *.ko.xz); do \
ba109afd 257 echo "blacklist $$(basename $$f)" >> /etc/modprobe.d/framebuffer.conf ; \
030a57c5 258 done
aa1dd878 259 # Blacklist new drm framebuffer modules
4c76d08b 260 for f in $$(find /lib/modules/$(VER)-$(VERSUFIX)/kernel/drivers/gpu/drm -name *.ko.xz); do \
ba109afd 261 echo "blacklist $$(basename $$f)" >> /etc/modprobe.d/framebuffer.conf ; \
66c36198 262 done
4c76d08b 263 sed -i -e "s|.ko.xz||g" /etc/modprobe.d/framebuffer.conf
e2e106be 264
78a51aaf 265 # Disable ipv6 at runtime
ba109afd 266 echo "options ipv6 disable_ipv6=1" > /etc/modprobe.d/ipv6.conf
26c1cc71 267endif
51f9e7ac 268endif
8885467f 269
22820bf2
AF
270 #force new build of external modules and initrd if the kernel was rebuild
271 -rm -f /usr/src/log/*-kmod-$(VER)-$(VERSUFIX)
272 -rm -f /usr/src/log/linux-initrd-$(VER)-$(VERSUFIX)
273
0ad5f6a1 274 @rm -rf $(DIR_APP) $(DIR_SRC)/linux
df5e82b3 275 @$(POSTBUILD)