2022-10-27 12:16:22 -04:00
|
|
|
#!/bin/bash
|
|
|
|
|
|
|
|
|
|
# Set VAR
|
2024-02-07 13:30:46 -05:00
|
|
|
KVER='6.6.15-hardened1'
|
2022-10-27 12:16:22 -04:00
|
|
|
#KVER='5.10.145-hardened1'
|
|
|
|
|
#KVER='5.15.74-hardened1'
|
|
|
|
|
|
|
|
|
|
# Dependencies
|
|
|
|
|
xbps-install -Sy make gcc xz elfutils elfutils-devel flex ncurses-devel openssl openssl-devel argp-standalone gcc-ada mpc libmpc-devel gmp-devel perl
|
|
|
|
|
|
|
|
|
|
# Staging w/ error handling
|
|
|
|
|
if [[ ! -f /usr/src/"$KVER".tar.gz ]]; then
|
|
|
|
|
/usr/bin/curl --verbose --tlsv1.3 --proto =https -L -O --url "https://github.com/anthraxx/linux-hardened/archive/refs/tags/$KVER.tar.gz"
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
if [[ ! -d /usr/src/linux-hardened-"$KVER" ]]; then
|
|
|
|
|
tar -xf "$KVER".tar.gz -C /usr/src/
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
cd /usr/src/linux-hardened-"$KVER"
|
2024-02-07 13:30:46 -05:00
|
|
|
wget https://0xacab.org/optout/plague-kernel/-/raw/main/5.10-hardened.config -O .config
|
2022-10-27 12:16:22 -04:00
|
|
|
|
|
|
|
|
|
|
|
|
|
# Address system and file timing for clock skew runtime compilation error
|
|
|
|
|
plague-time-sync
|
|
|
|
|
find . -type f | xargs -n 5 touch
|
|
|
|
|
make clean
|
|
|
|
|
|
|
|
|
|
# Compilation
|
|
|
|
|
make oldconfig
|
|
|
|
|
make menuconfig
|
2024-01-25 14:46:14 -05:00
|
|
|
|
2022-10-27 12:16:22 -04:00
|
|
|
echo "Compiling "$KVER""
|
2022-10-27 15:24:33 -04:00
|
|
|
make --jobs=$(nproc)
|
2022-10-27 12:16:22 -04:00
|
|
|
make modules_install
|
|
|
|
|
|
|
|
|
|
# Ensure /boot is rw
|
|
|
|
|
mount -o remount,rw /boot
|
|
|
|
|
cp ./arch/x86_64/boot/bzImage /boot/vmlinuz-"$KVER"_1
|
|
|
|
|
dracut --kver "$KVER"_1 --force
|
|
|
|
|
grub-mkconfig -o /boot/grub/grub.cfg
|
|
|
|
|
|
|
|
|
|
# remove sysmap/signing keys
|
|
|
|
|
rm /lib/modules/"$KVER"_1/source/certs/signing_key*
|
|
|
|
|
rm /lib/modules/"$KVER"_1/source/System.map
|
|
|
|
|
rm /lib/modules/"$KVER"_1/source
|
|
|
|
|
rm /lib/modules/"$KVER"_1/build
|
