###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007-2021 IPFire Team <info@ipfire.org> #
+# Copyright (C) 2007-2022 IPFire Team <info@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
include Config
-VER = 5.10.13
-ARM_PATCHES = 4.14.212-ipfire0
+VER = 5.15.23
+ARM_PATCHES = 5.15-ipfire5
THISAPP = linux-$(VER)
DL_FILE = linux-$(VER).tar.xz
KERNEL_ARCH = $(BUILD_ARCH)
KERNEL_TARGET = bzImage
-ifeq "$(BUILD_ARCH)" "i586"
- KERNEL_ARCH = i386
-endif
-
ifeq "$(BUILD_ARCH)" "aarch64"
HEADERS_ARCH = arm64
KERNEL_ARCH = arm64
KERNEL_TARGET = Image
endif
-ifeq "$(BUILD_ARCH)" "armv5tel"
+ifeq "$(BUILD_ARCH)" "armv6l"
KERNEL_ARCH = arm
KERNEL_TARGET = zImage
endif
ifeq "$(TOOLCHAIN)" "1"
TARGET = $(DIR_INFO)/linux-$(VER)-$(VERSUFIX)-tools
HEADERS_PREFIX = $(TOOLS_DIR)
+ EXTRAMAKE = CROSS_COMPILE=$(CROSSTARGET)-
else
TARGET = $(DIR_INFO)/linux-$(VER)-$(VERSUFIX)
HEADERS_PREFIX = /usr
ifeq "$(KCFG)" ""
LASTKERNEL=1
endif
-ifeq "$(KCFG)" "-multi"
-LASTKERNEL=1
-endif
###############################################################################
# Top-level Rules
$(DL_FILE) = $(URL_IPFIRE)/$(DL_FILE)
arm-multi-patches-$(ARM_PATCHES).patch.xz = $(URL_IPFIRE)/arm-multi-patches-$(ARM_PATCHES).patch.xz
-$(DL_FILE)_MD5 = 2427bad3186737a954c2b713d53ec26d
-arm-multi-patches-$(ARM_PATCHES).patch.xz_MD5 = 2b0e8e3ebe9827b2bfed7397b043dbc5
+$(DL_FILE)_MD5 = 5e4405eabbf6b365fd5c9252f666ca60
+arm-multi-patches-$(ARM_PATCHES).patch.xz_MD5 = 5b588bcdf9d21cc7e8ce57c94b775195
install : $(TARGET)
ln -svf linux-$(VER) $(DIR_SRC)/linux
# Layer7-patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux/linux-5.10-layer7.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux/linux-5.15.17-layer7.patch
# DVB Patches
cd $(DIR_APP) && patch -Np2 < $(DIR_SRC)/src/patches/v4l-dvb_fix_tua6034_pll.patch
# fix Boot with enabled usercopy hardening
cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux/linux-5.9-crypto_testmgr_allocate_buffers_with____GFP_COMP.patch
-ifeq "$(KCFG)" "-multi"
+ifeq "$(BUILD_ARCH)" "armv6l"
# Apply Arm-multiarch kernel patches.
-# cd $(DIR_APP) && xzcat $(DIR_DL)/arm-multi-patches-$(ARM_PATCHES).patch.xz | patch -Np1
+ cd $(DIR_APP) && xzcat $(DIR_DL)/arm-multi-patches-$(ARM_PATCHES).patch.xz | patch -Np1
endif
ifeq "$(BUILD_ARCH)" "aarch64"
# Apply Arm-multiarch kernel patches.
-# cd $(DIR_APP) && xzcat $(DIR_DL)/arm-multi-patches-$(ARM_PATCHES).patch.xz | patch -Np1
+ cd $(DIR_APP) && xzcat $(DIR_DL)/arm-multi-patches-$(ARM_PATCHES).patch.xz | patch -Np1
endif
cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux/linux-3.14.79-amba-fix.patch
+ # Fix for CVE-2022-0847 aka Dirty Pipe
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/kernel-5.15-CVE-2022-0847.patch
+
ifeq "$(KCFG)" "-headers"
# Install the header files
- cd $(DIR_APP) && make ARCH=$(HEADERS_ARCH) headers
+ cd $(DIR_APP) && make ARCH=$(HEADERS_ARCH) $(EXTRAMAKE) headers
-mkdir -pv $(BUILDROOT)/$(HEADERS_PREFIX)/include
cd $(DIR_APP) && find usr/include -name '.*' -delete
cd $(DIR_APP) && rm usr/include/Makefile
projects / people / pmueller / ipfire-2.x.git / blobdiff