-
Notifications
You must be signed in to change notification settings - Fork 1
/
Dockerfile
88 lines (78 loc) · 2.39 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
FROM alpine:3.20
ARG KERNEL_MAJOR
ARG KERNEL_VERSION
ARG KERNEL_SERIES
RUN set -ex \
&& apk add \
argp-standalone \
automake \
bash \
bc \
binutils-dev \
bison \
build-base \
curl \
diffutils \
findutils \
flex \
git \
gmp-dev \
gnupg \
installkernel \
kmod \
elfutils-dev \
linux-headers \
libunwind-dev \
lz4 \
mpc1-dev \
mpfr-dev \
ncurses-dev \
patch \
sed \
squashfs-tools \
tar \
xz \
xz-dev \
zlib-dev \
zstd
ENV KERNEL_SOURCE=https://www.kernel.org/pub/linux/kernel/${KERNEL_MAJOR}/linux-${KERNEL_VERSION}.tar.xz
ENV KERNEL_SHA256_SUMS=https://www.kernel.org/pub/linux/kernel/${KERNEL_MAJOR}/sha256sums.asc
ENV KERNEL_PGP2_SIGN=https://www.kernel.org/pub/linux/kernel/${KERNEL_MAJOR}/linux-${KERNEL_VERSION}.tar.sign
# tell xz decompressor to use as much threads as cpu cores
ENV XZ_OPT="--threads=0"
# We copy the entire directory. This copies some unneeded files, but
# allows us to check for the existence /patches-${KERNEL_SERIES} to
# build kernels without patches.
COPY / /
# Download and verify kernel
# PGP keys: 589DA6B1 ([email protected]) & 6092693E ([email protected]) & 00411886 ([email protected])
RUN set -ex \
&& curl -fsSLO ${KERNEL_SHA256_SUMS} \
&& gpg2 -q --import keys.asc \
&& gpg2 --verify sha256sums.asc \
&& KERNEL_SHA256=$(grep linux-${KERNEL_VERSION}.tar.xz sha256sums.asc | cut -d ' ' -f 1) \
&& [ -f linux-${KERNEL_VERSION}.tar.xz ] || curl -fsSLO ${KERNEL_SOURCE} \
&& echo "${KERNEL_SHA256} linux-${KERNEL_VERSION}.tar.xz" | sha256sum -c - \
&& xz -d linux-${KERNEL_VERSION}.tar.xz \
&& curl -fsSLO ${KERNEL_PGP2_SIGN} \
&& gpg2 --verify linux-${KERNEL_VERSION}.tar.sign linux-${KERNEL_VERSION}.tar \
&& tar --absolute-names -xf linux-${KERNEL_VERSION}.tar && mv /linux-${KERNEL_VERSION} /linux
WORKDIR /linux
# Kernel config
RUN set -ex \
&& KERNEL_DEF_CONF=/linux/arch/x86/configs/x86_64_defconfig \
&& cp /config-${KERNEL_SERIES}-$(uname -m) ${KERNEL_DEF_CONF} \
&& make clean \
&& make oldconfig \
&& make scripts \
&& make defconfig \
&& make oldconfig
# Patch kernel
RUN set -ex \
&& case "$KERNEL_VERSION" in 5.0*) \
patch -p1 < /0001-ipconfig-add-carrier_timeout-kernel-parameter.patch; \
esac
# Kernel
RUN set -ex \
&& make -j "$(getconf _NPROCESSORS_ONLN)" KCFLAGS="-fno-pie" \
&& mv arch/x86/boot/bzImage /metal-kernel