X-Git-Url: http://git.ipfire.org/?p=people%2Fteissler%2Fipfire-2.x.git;a=blobdiff_plain;f=lfs%2Flinux;h=6aaa60e78079f8a89a6c2092c5b4fb16bdd1b544;hp=371a600f120387a3575bad9bf91f34df0b37a30d;hb=2fff11756f9c81b3e8d861107e1b074695ff6dff;hpb=ff6f40b1f52970e0ba0c78942c1ae728b62e04bd

diff --git a/lfs/linux b/lfs/linux
index 371a600f1..6aaa60e78 100644
--- a/lfs/linux
+++ b/lfs/linux
@@ -1,7 +1,7 @@
 ###############################################################################
 #                                                                             #
 # IPFire.org - A linux based firewall                                         #
-# Copyright (C) 2007-2013  IPFire Team <info@ipfire.org>                      #
+# Copyright (C) 2007-2014  IPFire Team <info@ipfire.org>                      #
 #                                                                             #
 # This program is free software: you can redistribute it and/or modify        #
 # it under the terms of the GNU General Public License as published by        #
@@ -24,9 +24,10 @@
 
 include Config
 
-VER        = 3.10.11
+VER        = 3.10.30
 
-RPI_PATCHES = linux-3.10.10-c1af7c6
+RPI_PATCHES = linux-3.10.27-grsec-943b563
+GRS_PATCHES = grsecurity-2.9.1-3.10.30-ipfire1.patch.xz
 
 THISAPP    = linux-$(VER)
 DL_FILE    = linux-$(VER).tar.xz
@@ -35,7 +36,7 @@ DIR_APP    = $(DIR_SRC)/$(THISAPP)
 CFLAGS     =
 CXXFLAGS   =
 
-PAK_VER    = 31
+PAK_VER    = 35
 DEPS	   = ""
 
 VERSUFIX=ipfire$(KCFG)
@@ -65,15 +66,17 @@ endif
 # Top-level Rules
 ###############################################################################
 objects =$(DL_FILE) \
-	rpi-patches-$(RPI_PATCHES).patch.xz
+	rpi-patches-$(RPI_PATCHES).patch.xz \
+	$(GRS_PATCHES)
 
 
 $(DL_FILE)				= $(URL_IPFIRE)/$(DL_FILE)
 rpi-patches-$(RPI_PATCHES).patch.xz	= $(URL_IPFIRE)/rpi-patches-$(RPI_PATCHES).patch.xz
+$(GRS_PATCHES)				= $(URL_IPFIRE)/$(GRS_PATCHES)
 
-$(DL_FILE)_MD5				= 79e33380a4a74f35aabb6ae4713adab1
-rpi-patches-$(RPI_PATCHES).patch.xz_MD5	= ef9274b3ff5d05daaaa4bdbe86ad00fc
-
+$(DL_FILE)_MD5				= f48ca7dd9f2eb14a2903cb6a4fbe07ed
+rpi-patches-$(RPI_PATCHES).patch.xz_MD5	= 8cf81f48408306d93ccee59b58af2e92
+$(GRS_PATCHES)_MD5			= 044e29280d4717441e89e8d80abba563
 
 install : $(TARGET)
 
@@ -109,7 +112,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
 	ln -svf linux-$(VER) $(DIR_SRC)/linux
 
 	# Linux Intermediate Queueing Device
-	cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/imq_kernel3.10.patch
+	cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-3.10.30-imq.patch
 
 	# ipp2p 0.8.2-ipfire
 	cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-3.10-ipp2p-0.8.2-ipfire.patch
@@ -119,11 +122,9 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
 
 	# Grsecurity-patches
 ifneq "$(KCFG)" "-headers"
-ifneq "$(KCFG)" "-rpi"
-	cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/grsecurity-2.9.1-3.10.10-201308292131.patch
+	cd $(DIR_APP) && xz -c -d $(DIR_DL)/$(GRS_PATCHES) | patch -Np1
 	cd $(DIR_APP) && rm localversion-grsec
 	cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-3.7-disable-compat_vdso.patch
-endif
 endif
 
 	# Disable pcspeaker autoload
@@ -157,18 +158,41 @@ ifeq "$(KCFG)" "-kirkwood"
 	cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-3.10.10-mv_cesa_disable_failing_hmac_sha1.patch
 endif
 
-ifeq "$(MACHINE_TYPE)" "arm"
-#	cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-2.6.32.45_align_ssb_modtable_32bit_boundary.patch
-
-	# Reverse some asm optimizations that are incompatible with older gcc
-#	cd $(DIR_APP) && patch -p1 -R < $(DIR_SRC)/src/patches/linux-2.6-arm-asm-constraint.patch
-endif
-
-ifeq "$(KCFG)" "-omap"
-	cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-3.2-0001-panda-wlan-fix.patch
-	cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-3.2-0002-panda-i2c.patch
-	cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-3.2-panda-reboot.patch
-	cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-2.x-smsc95xx-add_mac_addr_param.patch
+ifeq "$(KCFG)" "-multi"
+	cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-3.10.27-fs-exec-atomic64-operand-requires-impossible-reload.patch
+#	cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-3.2-0001-panda-wlan-fix.patch
+#	cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-3.2-0002-panda-i2c.patch
+#	cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-3.2-panda-reboot.patch
+	cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-3.10-smsc95xx-add_mac_addr_param.patch
+
+	# Patchset for Wandboard.
+	cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/kernel/wandboard/dts/0001-imx6qdl-wandboard-dts-backport.patch
+	cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/kernel/wandboard/dts/0002-ARM-dts-imx6qdl-wandboard-add-gpio-lines-to-wandboar.patch
+	cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/kernel/wandboard/dts/0003-ARM-dts-imx6qdl-wandboard-Add-support-for-i2c1.patch
+	cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/kernel/wandboard/dts/0004-ARM-dts-wandboard-add-binding-for-wand-rfkill-driver.patch
+	cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/kernel/wandboard/dts/0005-ARM-dts-imx6qdl-add-pcie-device-node.patch
+
+	cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/kernel/wandboard/imx/0001-i2c-imx-retry-on-NAK.patch
+	cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/kernel/wandboard/imx/0002-i.MX6-Wandboard-add-CKO1-clock-output.patch
+	cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/kernel/wandboard/imx/0003-thermal-add-imx-thermal-driver-support.patch
+	cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/kernel/wandboard/imx/0004-ARM-i.MX6-Wandboard-add-wifi-bt-rfkill-driver.patch
+	cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/kernel/wandboard/imx/0005-Add-IMX6Q-AHCI-support.patch
+	cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/kernel/wandboard/imx/0006-imx-Add-IMX53-AHCI-support.patch
+	cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/kernel/wandboard/imx/0007-imx6-enable-sata-clk-if-SATA_AHCI_PLATFORM.patch
+	cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/kernel/wandboard/imx/0008-ARM-imx6q-update-the-sata-bits-definitions-of-gpr13.patch
+	cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/kernel/wandboard/imx/0009-ahci_imx-add-ahci-sata-support-on-imx-platforms.patch
+	cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/kernel/wandboard/imx/0010-ahci_imx-depend-on-CONFIG_MFD_SYSCON.patch
+	cd $(DIR_APP) && patch -Np0 < $(DIR_SRC)/src/patches/kernel/wandboard/imx/0011-add-pcie-designware.patch
+	cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/kernel/wandboard/imx/0012-pcie-backport-fixes.patch
+	cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/kernel/wandboard/imx/0013-of-pci-Provide-support-for-parsing-PCI-DT-ranges-pro.patch
+	cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/kernel/wandboard/imx/0014-ARM-imx6q-Add-PCIe-bits-to-GPR-syscon-definition.patch
+	cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/kernel/wandboard/imx/0015-PCI-imx6-Add-support-for-i.MX6-PCIe-controller.patch
+	cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/kernel/wandboard/imx/0016-imx6-pci-tweaks.patch
+	cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/kernel/wandboard/imx/0017-ARM-imx-Add-LVDS-general-purpose-clocks-to-i.MX6Q.patch
+	cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/kernel/wandboard/imx/0018-ARM-imx6q-clock-and-Kconfig-update-for-PCIe-support.patch
+
+	# Patchset for Compulab Utilite.
+	cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/kernel/utilite/linux-3.10-compulab-utilite-support.patch
 endif
 
 ifeq "$(KCFG)" "-rpi"
@@ -195,21 +219,21 @@ else
 	cd $(DIR_APP) && sed -i -e 's/EXTRAVERSION\ =.*/EXTRAVERSION\ =\ -$(VERSUFIX)/' Makefile
 
 ifeq "$(KCFG)" "-kirkwood"
-	cd $(DIR_APP) && make $(MAKETUNING) CC="$(KGCC)" uImage
+	cd $(DIR_APP) && make $(MAKETUNING) CC="$(KGCC)" uImage modules
 	cd $(DIR_APP) && cp -v arch/arm/boot/uImage /boot/vmlinuz-$(VER)-$(VERSUFIX)
 	cd $(DIR_APP) && cp -v arch/arm/boot/uImage /boot/uImage-$(VERSUFIX)
 else
-ifeq "$(KCFG)" "-omap"
-	cd $(DIR_APP) && make $(MAKETUNING) CC="$(KGCC)" uImage
-	cd $(DIR_APP) && cp -v arch/arm/boot/uImage /boot/vmlinuz-$(VER)-$(VERSUFIX)
-	cd $(DIR_APP) && cp -v arch/arm/boot/uImage /boot/uImage-$(VERSUFIX)
+ifeq "$(KCFG)" "-multi"
+	cd $(DIR_APP) && make $(MAKETUNING) CC="$(KGCC)" zImage modules
+	cd $(DIR_APP) && cp -v arch/arm/boot/zImage /boot/vmlinuz-$(VER)-$(VERSUFIX)
+	cd $(DIR_APP) && cp -v arch/arm/boot/zImage /boot/zImage-$(VERSUFIX)
 else
 ifeq "$(KCFG)" "-rpi"
-	cd $(DIR_APP) && make $(MAKETUNING) CC="$(KGCC)" zImage
+	cd $(DIR_APP) && make $(MAKETUNING) CC="$(KGCC)" zImage modules
 	cd $(DIR_APP) && cp -v arch/arm/boot/zImage /boot/vmlinuz-$(VER)-$(VERSUFIX)
 	cd $(DIR_APP) && cp -v arch/arm/boot/zImage /boot/kernel.img
 else
-	cd $(DIR_APP) && make $(MAKETUNING) CC="$(KGCC)" bzImage
+	cd $(DIR_APP) && make $(MAKETUNING) CC="$(KGCC)" bzImage modules
 	cd $(DIR_APP) && cp -v arch/i386/boot/bzImage /boot/vmlinuz-$(VER)-$(VERSUFIX)
 	ln -sf vmlinuz-$(VER)-$(VERSUFIX) /boot/vmlinuz-$(VERSUFIX)
 endif
@@ -218,39 +242,42 @@ endif
 	cd $(DIR_APP) && cp -v System.map /boot/System.map-$(VER)-$(VERSUFIX)
 	cd $(DIR_APP) && cp -v .config /boot/config-$(VER)-$(VERSUFIX)
 	ln -sf System.map-$(VER)-$(VERSUFIX) /boot/System.map-$(VERSUFIX)
-	cd $(DIR_APP) && make CC="$(KGCC)" $(MAKETUNING) modules
 	cd $(DIR_APP) && make CC="$(KGCC)" $(MAKETUNING) modules_install
 	cd $(DIR_APP) && make CC="$(KGCC)" $(MAKETUNING) firmware_install
 
+ifeq "$(MACHINE_TYPE)" "arm"
+	cd $(DIR_APP) && make CC="$(KGCC)" $(MAKETUNING) dtbs
+	cd $(DIR_APP) && for f in $$(find arch/arm/boot/dts/ -name *.dtb); do \
+				mkdir -p /boot/dtb-$(VER)-$(VERSUFIX) ; \
+				install -m 644 $$f /boot/dtb-$(VER)-$(VERSUFIX)/ ; \
+			done
+endif
+
 ifeq "$(LASTKERNEL)" "1"
 	# Only do this once
 	cd $(DIR_APP) && install -m 755 usr/gen_init_cpio /sbin/
 
 	# Blacklist matroxfb_base
-	echo "blacklist matroxfb_base" >> /etc/modprobe.d/framebuffer
+	echo "blacklist matroxfb_base" >> /etc/modprobe.d/framebuffer.conf
 	# Blacklist old framebuffer modules
 	for f in $$(find /lib/modules/$(VER)-$(VERSUFIX)/kernel/drivers/video -name *fb.ko); do \
-		echo "blacklist $$(basename $$f)" >> /etc/modprobe.d/framebuffer ; \
+		echo "blacklist $$(basename $$f)" >> /etc/modprobe.d/framebuffer.conf ; \
 	done
 	# Blacklist new drm framebuffer modules
 	for f in $$(ls -1 /lib/modules/$(VER)-$(VERSUFIX)/kernel/drivers/gpu/drm/*/*.ko); do \
-		echo "blacklist $$(basename $$f)" >> /etc/modprobe.d/framebuffer ; \
+		echo "blacklist $$(basename $$f)" >> /etc/modprobe.d/framebuffer.conf ; \
 	done
-	sed -i -e "s|.ko||g" /etc/modprobe.d/framebuffer
+	sed -i -e "s|.ko||g" /etc/modprobe.d/framebuffer.conf
 
 	# Blacklist isdn modules
 	for f in $$(find /lib/modules/$(VER)-$(VERSUFIX)/kernel/drivers/isdn -name *.ko); do \
-		echo "blacklist $$(basename $$f)" >> /etc/modprobe.d/isdn ; \
+		echo "blacklist $$(basename $$f)" >> /etc/modprobe.d/isdn.conf ; \
 	done
-	sed -i -e "s|.ko||g" /etc/modprobe.d/isdn
+	sed -i -e "s|.ko||g" /etc/modprobe.d/isdn.conf
 
 	# Disable ipv6 at runtime
-	echo "options ipv6 disable_ipv6=1" > /etc/modprobe.d/ipv6
+	echo "options ipv6 disable_ipv6=1" > /etc/modprobe.d/ipv6.conf
 endif
-
-	# Disable geode_aes modul if exist
-	-mv /lib/modules/$(VER)-$(VERSUFIX)/kernel/drivers/crypto/geode-aes.ko \
-           /lib/modules/$(VER)-$(VERSUFIX)/kernel/drivers/crypto/geode-aes.ko.off
 endif
 
 	@rm -rf $(DIR_SRC)/patch-o-matic* $(DIR_SRC)/iptables* $(DIR_SRC)/squashfs* $(DIR_SRC)/netfilter-layer7-*