From 50a715df41744b593bda395110e89e271f970468 Mon Sep 17 00:00:00 2001 From: Fabian Mastenbroek Date: Sun, 28 Mar 2021 15:01:15 +0200 Subject: [PATCH] Move kernel configuration to file This change moves the kernel build options to a separate file as opposed to encoding it directly in a file. --- Makefile | 5 +-- debian/compat | 2 +- debian/config/config.pve | 57 ++++++++++++++++++++++++++++++++ debian/rules | 71 +++++----------------------------------- 4 files changed, 68 insertions(+), 67 deletions(-) create mode 100644 debian/config/config.pve diff --git a/Makefile b/Makefile index e3d7ef8..81bd44d 100644 --- a/Makefile +++ b/Makefile @@ -103,11 +103,8 @@ ${KERNEL_SRC}.prepared: ${KERNEL_SRC_SUBMODULE} rm -rf ${BUILD_DIR}/${KERNEL_SRC} $@ mkdir -p ${BUILD_DIR} cp -a ${KERNEL_SRC_SUBMODULE} ${BUILD_DIR}/${KERNEL_SRC} -# TODO: split for archs, track and diff in our repository? - cat ${BUILD_DIR}/${KERNEL_SRC}/debian.master/config/config.common.ubuntu ${BUILD_DIR}/${KERNEL_SRC}/debian.master/config/${ARCH}/config.common.${ARCH} ${BUILD_DIR}/${KERNEL_SRC}/debian.master/config/${ARCH}/config.flavour.generic > ${KERNEL_CFG_ORG} - cp ${KERNEL_CFG_ORG} ${BUILD_DIR}/${KERNEL_SRC}/.config sed -i ${BUILD_DIR}/${KERNEL_SRC}/Makefile -e 's/^EXTRAVERSION.*$$/EXTRAVERSION=${EXTRAVERSION}/' - rm -rf ${BUILD_DIR}/${KERNEL_SRC}/debian ${BUILD_DIR}/${KERNEL_SRC}/debian.master + rm -rf ${BUILD_DIR}/${KERNEL_SRC}/debian set -e; cd ${BUILD_DIR}/${KERNEL_SRC}; for patch in ${PVE_PATCHES}; do echo "applying PVE patch '$$patch'" && patch -p1 < ../../$${patch}; done touch $@ diff --git a/debian/compat b/debian/compat index f599e28..b4de394 100644 --- a/debian/compat +++ b/debian/compat @@ -1 +1 @@ -10 +11 diff --git a/debian/config/config.pve b/debian/config/config.pve new file mode 100644 index 0000000..b84a00f --- /dev/null +++ b/debian/config/config.pve @@ -0,0 +1,57 @@ +CONFIG_DEBUG_INFO=n +CONFIG_INTEL_MEI_WDT=m +CONFIG_SND_PCM_OSS=n +CONFIG_TRANSPARENT_HUGEPAGE_MADVISE=y +CONFIG_TRANSPARENT_HUGEPAGE_ALWAYS=n +CONFIG_CEPH_FS=m +CONFIG_BLK_DEV_NBD=m +CONFIG_BLK_DEV_RBD=m +CONFIG_SND_PCSP=n +CONFIG_BCACHE=m +CONFIG_JFS_FS=m +CONFIG_HFS_FS=m +CONFIG_HFSPLUS_FS=m +CONFIG_CIFS_SMB_DIRECT=y +CONFIG_BRIDGE=y +CONFIG_BRIDGE_NETFILTER=y +CONFIG_BLK_DEV_SD=y +CONFIG_BLK_DEV_SR=y +CONFIG_BLK_DEV_DM=y +CONFIG_BLK_DEV_NVME=y +CONFIG_NLS_ISO8859_1=y +CONFIG_INPUT_EVBUG=n +CONFIG_CPU_FREQ_DEFAULT_GOV_ONDEMAND=n +CONFIG_CPU_FREQ_DEFAULT_GOV_PERFORMANCE=y +CONFIG_MODULE_SIG=n +CONFIG_MEMCG_DISABLED=n +CONFIG_MEMCG_SWAP_ENABLED=y +CONFIG_HYPERV=y +CONFIG_VFIO_IOMMU_TYPE1=m +CONFIG_VFIO_VIRQFD=m +CONFIG_VFIO=m +CONFIG_VFIO_PCI=m +CONFIG_USB_XHCI_HCD=m +CONFIG_USB_XHCI_PCI=m +CONFIG_USB_EHCI_HCD=m +CONFIG_USB_EHCI_PCI=m +CONFIG_USB_EHCI_HCD_PLATFORM=m +CONFIG_USB_OHCI_HCD=m +CONFIG_USB_OHCI_HCD_PCI=m +CONFIG_USB_OHCI_HCD_PLATFORM=m +CONFIG_USB_OHCI_HCD_SSB=n +CONFIG_USB_UHCI_HCD=m +CONFIG_USB_SL811_HCD_ISO=n +CONFIG_MEMCG_KMEM=y +CONFIG_DEFAULT_CFQ=n +CONFIG_DEFAULT_DEADLINE=y +CONFIG_MODVERSIONS=y +CONFIG_DEFAULT_SECURITY_DAC=n +CONFIG_DEFAULT_SECURITY_APPARMOR=y +CONFIG_DEFAULT_SECURITY=apparmor +CONFIG_UNWINDER_ORC=n +CONFIG_UNWINDER_GUESS=n +CONFIG_UNWINDER_FRAME_POINTER=y +CONFIG_SECURITY_LOCKDOWN_LSM=n +CONFIG_SECURITY_LOCKDOWN_LSM_EARLY=n +CONFIG_LSM="yama,integrity,apparmor" +CONFIG_PAGE_TABLE_ISOLATION=y diff --git a/debian/rules b/debian/rules index b45e658..49d44c9 100755 --- a/debian/rules +++ b/debian/rules @@ -22,66 +22,6 @@ KERNEL_SRC_COPY=${KERNEL_SRC}_tmp # If no custom compiler is specified, use the default PVE_BUILD_CC ?= ${CC} -# TODO: split for archs, move to files? -PVE_CONFIG_OPTS= \ --m INTEL_MEI_WDT \ --d CONFIG_SND_PCM_OSS \ --e CONFIG_TRANSPARENT_HUGEPAGE_MADVISE \ --d CONFIG_TRANSPARENT_HUGEPAGE_ALWAYS \ --m CONFIG_CEPH_FS \ --m CONFIG_BLK_DEV_NBD \ --m CONFIG_BLK_DEV_RBD \ --d CONFIG_SND_PCSP \ --m CONFIG_BCACHE \ --m CONFIG_JFS_FS \ --m CONFIG_HFS_FS \ --m CONFIG_HFSPLUS_FS \ --e CIFS_SMB_DIRECT \ --e CONFIG_BRIDGE \ --e CONFIG_BRIDGE_NETFILTER \ --e CONFIG_BLK_DEV_SD \ --e CONFIG_BLK_DEV_SR \ --e CONFIG_BLK_DEV_DM \ --e CONFIG_BLK_DEV_NVME \ --e CONFIG_NLS_ISO8859_1 \ --d CONFIG_INPUT_EVBUG \ --d CONFIG_CPU_FREQ_DEFAULT_GOV_ONDEMAND \ --e CONFIG_CPU_FREQ_DEFAULT_GOV_PERFORMANCE \ --d CONFIG_MODULE_SIG \ --d CONFIG_MEMCG_DISABLED \ --e CONFIG_MEMCG_SWAP_ENABLED \ --e CONFIG_HYPERV \ --m CONFIG_VFIO_IOMMU_TYPE1 \ --m CONFIG_VFIO_VIRQFD \ --m CONFIG_VFIO \ --m CONFIG_VFIO_PCI \ --m CONFIG_USB_XHCI_HCD \ --m CONFIG_USB_XHCI_PCI \ --m CONFIG_USB_EHCI_HCD \ --m CONFIG_USB_EHCI_PCI \ --m CONFIG_USB_EHCI_HCD_PLATFORM \ --m CONFIG_USB_OHCI_HCD \ --m CONFIG_USB_OHCI_HCD_PCI \ --m CONFIG_USB_OHCI_HCD_PLATFORM \ --d CONFIG_USB_OHCI_HCD_SSB \ --m CONFIG_USB_UHCI_HCD \ --d CONFIG_USB_SL811_HCD_ISO \ --e CONFIG_MEMCG_KMEM \ --d CONFIG_DEFAULT_CFQ \ --e CONFIG_DEFAULT_DEADLINE \ --e CONFIG_MODVERSIONS \ --d CONFIG_DEFAULT_SECURITY_DAC \ --e CONFIG_DEFAULT_SECURITY_APPARMOR \ ---set-str CONFIG_DEFAULT_SECURITY apparmor \ --d CONFIG_UNWINDER_ORC \ --d CONFIG_UNWINDER_GUESS \ --e CONFIG_UNWINDER_FRAME_POINTER \ ---set-str CONFIG_SYSTEM_TRUSTED_KEYS ""\ --d CONFIG_SECURITY_LOCKDOWN_LSM \ --d CONFIG_SECURITY_LOCKDOWN_LSM_EARLY \ ---set-str CONFIG_LSM yama,integrity,apparmor \ --e CONFIG_PAGE_TABLE_ISOLATION - debian/control: $(wildcard debian/*.in) sed -e 's/@@KVNAME@@/${KVNAME}/g' < debian/pve-kernel.prerm.in > debian/${PVE_KERNEL_PKG}.prerm sed -e 's/@@KVNAME@@/${KVNAME}/g' < debian/pve-kernel.postrm.in > debian/${PVE_KERNEL_PKG}.postrm @@ -113,9 +53,16 @@ binary: install dh_md5sums dh_builddeb -.config_mark: - cd ${KERNEL_SRC}; scripts/config ${PVE_CONFIG_OPTS} +${KERNEL_SRC}/.config: + ${KERNEL_SRC}/scripts/kconfig/merge_config.sh -m \ + -O ${KERNEL_SRC} \ + ${KERNEL_SRC}/debian.master/config/config.common.ubuntu \ + ${KERNEL_SRC}/debian.master/config/${DEB_BUILD_ARCH}/config.common.${DEB_BUILD_ARCH} \ + ${KERNEL_SRC}/debian.master/config/${DEB_BUILD_ARCH}/config.flavour.generic \ + debian/config/config.pve ${MAKE} -C ${KERNEL_SRC} CC=${PVE_BUILD_CC} oldconfig + +.config_mark: ${KERNEL_SRC}/.config touch $@ .compile_mark: .config_mark