# Maintainer: k1f0 # Contributor: Levente Polyak # Contributor: Daniel Micay # Contributor: Tobias Powalowski # Contributor: Thomas Baechler pkgbase=linux-hardened-cf pkgver=6.5.7.hardened1 pkgrel=1 pkgdesc='Security-Hardened Linux with Cloudflare Patches' url='https://github.com/anthraxx/linux-hardened' arch=(x86_64) license=(GPL2) makedepends=( bc cpio gettext git libelf pahole perl python tar xz unzip ) options=('!strip') _srcname=linux-${pkgver%.*} _srctag=${pkgver%.*}-${pkgver##*.} source=( https://cdn.kernel.org/pub/linux/kernel/v${pkgver%%.*}.x/${_srcname}.tar.{xz,sign} https://github.com/anthraxx/linux-hardened/releases/download/${_srctag}/linux-hardened-${_srctag}.patch{,.sig} https://github.com/cloudflare/linux/archive/refs/heads/master.zip config # the main kernel config file ) validpgpkeys=( ABAF11C65A2970B130ABE3C479BE3E4300411886 # Linus Torvalds 647F28654894E3BD457199BE38DBBDC86092693E # Greg Kroah-Hartman E240B57E2C4630BA768E2F26FC1B547C8D8172C8 # Levente Polyak ) b2sums=('a9bed9907bf4b22c08df8a8beaaf923648e4f0f1a4b00c11012871094e7c06a127e54bc1935edb8afc92999456c01ebabd04bc542a0e2fa16de0852a5f4be681' 'SKIP' 'ea5238fb1d9e9b028ac40de5a669ce3b413635a5229b9588166488ab97a3558ea9119d8bc540bee4c960da53195b85f4507d18fbe0f61de58f1629ae049ab85f' 'SKIP' '7fea99533b3d9dc06cac7f0f5ff62d659981a2430a59c489f15f1ac4f4cfe3aad21a9af25a80e972331cab4d8f84d0cb28b35a41c7c812735e6bde78a333d35d' 'eb5d106d6564c70170916c00bd5333a4fc624c426fc4ae3374fe9de55a93b3a0c28d7f9fd7a26d2280137f0e466565e7591062d86f6e4781f2ffd2c39bc431e4') export KBUILD_BUILD_HOST=archlinux export KBUILD_BUILD_USER=$pkgbase export KBUILD_BUILD_TIMESTAMP="$(date -Ru${SOURCE_DATE_EPOCH:+d @$SOURCE_DATE_EPOCH})" prepare() { cd $_srcname echo "Setting version..." echo "-$pkgrel" > localversion.10-pkgrel echo "${pkgbase#linux}" > localversion.20-pkgname local src for src in "${source[@]}"; do src="${src%%::*}" src="${src##*/}" [[ $src = *.patch ]] || continue echo "Applying patch $src..." patch -Np1 < "../$src" done # apply cloudflare patches CFSRC=$(ls ../linux-master/patches/0001*.patch) CFSRC="${CFSRC} $(ls ../linux-master/patches/0024*.patch)" for patch in $CFSRC; do echo "Applying Cloudflare patch $patch..." patch -Np1 < "$patch" done echo "Setting config..." cp ../config .config make -j$(nproc) olddefconfig diff -u ../config .config || : make -j$(nproc) -s kernelrelease > version echo "Prepared $pkgbase version $(