seasharp/Rosenthal
1
0
Fork 0
mirror of https://codeberg.org/hako/Rosenthal.git synced 2025-04-14 18:14:31 +00:00
Code Issues Packages Projects Releases Wiki Activity

rosenthal: linux: Switch to customize-linux procedure.

Browse Source 
* rosenthal/packages/linux.scm: Define Linux kernel variants with
`customize-linux` procedure.
(linux-xanmod)[arguments]<#:phases>: Avoid input label usage.
(linux-rosenthal)[supported-systems]: Add field.
[description]: Adjusted accordingly.
(linux-hardened-patch,linux-hardened-source,linux-hardened)
(linux-rosenthal-source-deblobed): New variables.
(%xanmod-version): Rename to %linux-version.
(%xanmod-revision): Rename to %xanmod-version.
(%hardened-version): Rename to %hardened-version.
(doc-supported?): Deleted variable.
This commit is contained in:
Hilton Chain 2022-12-08 18:13:31 +08:00
parent 6e43046913
commit 302f06ca61
No known key found for this signature in database
GPG Key ID: 5E5AA665614917F7
1 changed files with 65 additions and 47 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

112
rosenthal/packages/linux.scm
View File

@ -33,9 +33,6 @@
(define deblob-scripts (define deblob-scripts
(@@ (gnu packages linux) deblob-scripts-6.0)) (@@ (gnu packages linux) deblob-scripts-6.0))
(define doc-supported?
(@@ (gnu packages linux) doc-supported?))
(define make-linux-libre-source (define make-linux-libre-source
(@@ (gnu packages linux) make-linux-libre-source)) (@@ (gnu packages linux) make-linux-libre-source))
@ -64,9 +61,9 @@
(define %ldflags "-Wl,-z,defs -Wl,-z,now -Wl,-z,relro -Wl,-pie") (define %ldflags "-Wl,-z,defs -Wl,-z,now -Wl,-z,relro -Wl,-pie")
(define %xanmod-version "6.0.10") (define %linux-version "6.0.10")
(define %xanmod-revision "xanmod1") (define %xanmod-version "xanmod1")
(define %hardened-revision "hardened1") (define %hardened-version "hardened1")
(define (extract-xanmod-patch version hash) (define (extract-xanmod-patch version hash)
(let ((patch (string-append "linux-" version ".patch")) (let ((patch (string-append "linux-" version ".patch"))
@ -97,43 +94,60 @@
(define linux-xanmod-patch (define linux-xanmod-patch
(extract-xanmod-patch (extract-xanmod-patch
(string-append %xanmod-version "-" %xanmod-revision) (string-append %linux-version "-" %xanmod-version)
(base32 "0ypvr7lp9bhlja3zp97vmfxa80144z1kplsrzqdj301xwrmiki37"))) (base32 "0ypvr7lp9bhlja3zp97vmfxa80144z1kplsrzqdj301xwrmiki37")))
(define linux-hardened-patch
(origin
(method url-fetch)
(uri (string-append
"https://github.com/anthraxx/linux-hardened/releases/download/"
%linux-version "-" %hardened-version "/linux-hardened-"
%linux-version "-" %hardened-version ".patch"))
(sha256
(base32 "1zbhqwhbzjc2jsmbrqk6y4w62b9drhzh2kb1p5bwgi3nd17f43jj"))))
(define linux-hardened-patch-for-xanmod (define linux-hardened-patch-for-xanmod
(origin (origin
(method url-fetch) (inherit linux-hardened-patch)
(uri (string-append "https://github.com/anthraxx/linux-hardened/releases/download/" (patches
%xanmod-version "-" %hardened-revision "/linux-hardened-" (list (local-file "patches/linux-hardened-xanmod-adaption.patch")))))
%xanmod-version "-" %hardened-revision ".patch"))
(patches (list (local-file "patches/linux-hardened-xanmod-adaption.patch")))
(sha256 (base32 "1zbhqwhbzjc2jsmbrqk6y4w62b9drhzh2kb1p5bwgi3nd17f43jj"))))
(define linux-xanmod-source (define linux-xanmod-source
(origin (origin
(inherit (%upstream-linux-source (inherit (%upstream-linux-source
"6.0" "6.0"
(base32 "13kqh7yhifwz5dmd3ky0b3mzbh9r0nmjfp5mxy42drcdafjl692w"))) (base32 "13kqh7yhifwz5dmd3ky0b3mzbh9r0nmjfp5mxy42drcdafjl692w")))
(patches (patches (list linux-xanmod-patch))))
(append (list linux-xanmod-patch
linux-hardened-patch-for-xanmod) (define linux-hardened-source
(if (doc-supported? %xanmod-version) (origin
(search-patches "linux-libre-infodocs-target.patch") (inherit (%upstream-linux-source
'()))))) %linux-version
(base32 "1l0xak4w7c16cg8lhracy8r18zzdl0x5s654w6ivyw6dhk6pzr9r")))
(patches (list linux-hardened-patch))))
(define linux-rosenthal-source (define linux-rosenthal-source
(origin
(inherit linux-xanmod-source)
(patches
(list linux-xanmod-patch
linux-hardened-patch-for-xanmod))))
(define linux-rosenthal-source-deblobed
(make-linux-libre-source (make-linux-libre-source
%xanmod-version %linux-version
linux-xanmod-source linux-rosenthal-source
linux-rosenthal-deblob-scripts)) linux-rosenthal-deblob-scripts))
(define-public linux-xanmod (define-public linux-xanmod
(let ((base linux-libre)) (let ((base (customize-linux #:name "linux-xanmod"
#:linux linux-libre
#:source linux-xanmod-source
#:extra-version %xanmod-version)))
(package (package
(inherit base) (inherit base)
(name "linux-xanmod") (version %linux-version)
(version %xanmod-version)
(source linux-xanmod-source)
(build-system (build-system
(build-system-with-c-toolchain (build-system-with-c-toolchain
(package-build-system base) (package-build-system base)
@ -157,17 +171,7 @@
;; However, LD_PRELOAD addresses this.... ;; However, LD_PRELOAD addresses this....
(setenv "LD_PRELOAD" (setenv "LD_PRELOAD"
(string-append #$gcc:lib "/lib/libgcc_s.so.1")))) (string-append #$gcc:lib "/lib/libgcc_s.so.1"))))))))
;; NOTE: As defined in `(make-linux-libre)`, `linux-libre` would
;; apply a few kernel configuration here, to workaround this
;; without defining `(make-linux-libre)` from scratch again,
;; simply replace `.config` with ours.
(add-after 'configure 'replace-kconfig
(lambda* (#:key inputs #:allow-other-keys)
(let ((config (assoc-ref inputs "kconfig")))
(copy-file config ".config")
(chmod ".config" #o666))))))))
(native-inputs (native-inputs
(modify-inputs (package-native-inputs base) (modify-inputs (package-native-inputs base)
(append clang-15 (append clang-15
@ -184,22 +188,36 @@
features. Built to provide a stable, responsive and smooth desktop features. Built to provide a stable, responsive and smooth desktop
experience.")))) experience."))))
(define-public linux-rosenthal (define-public linux-hardened
(let ((base linux-xanmod)) (let ((base (customize-linux #:name "linux-hardened"
#:linux linux-xanmod
#:source linux-hardened-source
#:extra-version %hardened-version)))
(package
(inherit base)
(home-page "https://github.com/anthraxx/linux-hardened")
(synopsis "The Security-Hardened Linux kernel and modules")
(description
"This package provides a Linux kernel with minimal supplement to
upstream Kernel Self Protection Project changes. Features already provided by
SELinux + Yama and archs other than multiarch arm64 / x86_64 aren't in scope.
"))))
(define-public linux-rosenthal
(let ((base (customize-linux #:name "linux-rosenthal"
#:linux linux-xanmod
#:source linux-rosenthal-source-deblobed
#:defconfig (local-file "aux-files/config.zen3-dorphine")
#:extra-version "rosenthal")))
(package (package
(inherit base) (inherit base)
(name "linux-rosenthal")
(source linux-rosenthal-source)
(native-inputs
(modify-inputs (package-native-inputs base)
(replace "kconfig"
(local-file "aux-files/config.zen3-dorphine"))))
(home-page "https://github.com/rakino/rosenthal/") (home-page "https://github.com/rakino/rosenthal/")
(supported-systems '("x86_64-linux"))
(synopsis "Custom Linux kernel") (synopsis "Custom Linux kernel")
(description (description
"Linux-Rosenthal is a custom Linux kernel based on @code{linux-xanmod}. "Linux-Rosenthal is a custom Linux kernel based on @code{linux-xanmod}
This kernel is partially deblobed, with some files necessary to drive specific and @code{linux-hardened}. This kernel is partially deblobed, with some files
hardwares kept.")))) necessary to drive specific hardwares kept."))))
(define-public kconfig-hardened-check-dev (define-public kconfig-hardened-check-dev
(let* ((base kconfig-hardened-check) (let* ((base kconfig-hardened-check)