From e914ac961930fde6f88b09a410d74da9e6447973 Mon Sep 17 00:00:00 2001 From: Matt Knoop Date: Tue, 9 Dec 2025 17:17:07 -0700 Subject: [PATCH] changes to the initramfs. very specific changes to included kernel modules. --- config/build_containerfile | 1 + config/container_cmd.sh | 11 +---- config/filesystem_chroot_install.sh | 2 +- config/grub.cfg | 3 +- config/init.sh | 35 +++++++------ config/update_kernel_make_config.py | 77 +++++++++++++++++++++++++++++ scripts/boot_image.sh | 5 +- scripts/build_initramfs.sh | 10 ++-- scripts/build_kernel.sh | 2 +- 9 files changed, 113 insertions(+), 33 deletions(-) create mode 100644 config/update_kernel_make_config.py diff --git a/config/build_containerfile b/config/build_containerfile index a00eef2..d8e9052 100755 --- a/config/build_containerfile +++ b/config/build_containerfile @@ -4,5 +4,6 @@ run apt-get upgrade -y run apt-get install -y bison flex gcc make libncurses-dev git bc build-essential git libncurses5-dev lzop perl libssl-dev bison flex kmod device-tree-compiler dwarves libelf-dev libdwarf-dev libdw-dev python3 gawk zstd workdir /linux add ./config/container_cmd.sh / +add ./config/update_kernel_make_config.py / run chmod +x /container_cmd.sh cmd ["/usr/bin/bash","-c","/container_cmd.sh"] diff --git a/config/container_cmd.sh b/config/container_cmd.sh index 80fe24a..95ef707 100755 --- a/config/container_cmd.sh +++ b/config/container_cmd.sh @@ -3,14 +3,7 @@ cores=$(nproc) echo "${cores}" /usr/bin/make clean /usr/bin/make defconfig -sed -i 's/CONFIG_SYSTEM_TRUSTED_KEYS="\.\*"/CONFIG_SYSTEM_TRUSTED_KEYS=""/' ./.config -sed -i 's/CONFIG_SYSTEM_REVOCATION_KEYS="\.\*"/CONFIG_SYSTEM_REVOCATION_KEYS=""/' ./.config -list="CONFIG_VIRTIO_GUEST CONFIG_FB_EFI CONFIG_EFI CONFIG_SYSFB CONFIG_FB CONFIG_VIRTIO CONFIG_DRM_VIRTIO_GPU CONFIG_VIRTIO_PCI CONFIG_VIRTIO_BALLOON CONFIG_HW_RANDOM_VIRTIO CONFIG_PCI CONFIG_DRM CONFIG_VIRTIO_MEM CONFIG_VIRTIO_MMIO CONFIG_VIRTIO_IOMMU CONFIG_VIRTIO_VDPA CONFIG_BLK_MQ_VIRTIO CONFIG_VIRTIO_CONSOLE CONFIG_VIRTIO_BLK CONFIG_VIRTIO_VSOCKETS CONFIG_VIRTIO_VSOCKETS_COMMON CONFIG_RPMSG_VIRTIO CONFIG_VIRTIO_FS CONFIG_VIRTIO_INPUT CONFIG_VIRTIO_PCI_LIB CONFIG_VIRTIO_MMIO_CMDLINE_DEVICES CONFIG_VIRTIO_ANCHOR CONFIG_SCSI_VIRTIO CONFIG_VIRTIO_MENU CONFIG_HIGH_RES_TIMERS CONFIG_DEBUG_INFO CONFIG_KVM_GUEST CONFIG_PARAVIRT CONFIG_VIRTIO_NET CONFIG_KVM_CLOCK" - -for item in $list; do - echo $item - ./scripts/config --set-val $item y - ./scripts/config --state $item -done +cat ./.config | python3 /update_kernel_make_config.py +cat ./.config | python3 /update_kernel_make_config.py > ./.config /usr/bin/make olddefconfig /usr/bin/make -j ${cores} diff --git a/config/filesystem_chroot_install.sh b/config/filesystem_chroot_install.sh index 56836c1..e838dcb 100644 --- a/config/filesystem_chroot_install.sh +++ b/config/filesystem_chroot_install.sh @@ -15,7 +15,7 @@ echo "LANG=en_US.UTF-8" > /etc/default/locale #install base system packages apt install -y --no-install-recommends gnome-core apt install -y git curl flatpak systemd-resolved ufw nano htop ipset lm-sensors net-tools iputils-ping fish python3-bpfcc python3-pip bpfcc-tools gnome-shell-extension-ubuntu-dock gnome-shell-extension-ubuntu-tiling-assistant ffmpeg vlc -pip install --break-system-packages dnslib psutil +pip install --break-system-packages dnslib psutil autofs #add setuid for some applications chmod u+s /usr/bin/bwrap diff --git a/config/grub.cfg b/config/grub.cfg index aea260f..4dacf13 100755 --- a/config/grub.cfg +++ b/config/grub.cfg @@ -11,8 +11,7 @@ echo 'loading menu..' set root='(hd0,gpt1)' ls (hd0,gpt1)/EFI/patronage/ menuentry "PatronageOS" { - - linux /EFI/patronage/bzImage boot=/init + linux /EFI/patronage/bzImage quiet splash boot=/init echo 'loaded kernel...' initrd /EFI/patronage/initramfs.cpio.gz echo 'loaded initial ramdisk...' diff --git a/config/init.sh b/config/init.sh index 57f3a74..4090ebb 100755 --- a/config/init.sh +++ b/config/init.sh @@ -1,20 +1,23 @@ #!/bin/busybox sh -/bin/busybox echo 'mounting filesystems and devices..' -/bin/busybox mount -t devtmpfs devtmpfs /dev +set -e +/bin/busybox echo 'mounting /proc..' /bin/busybox mount -t proc proc /proc -/bin/busybox mount -t sysfs none /sys -/bin/busybox mount -t sysfs none /run +/bin/busybox echo 'mounting /sys..' +/bin/busybox mount -t sysfs sysfs /sys +/bin/busybox echo 'mounting /dev..' +/bin/busybox mount -t devtmpfs devtmpfs /dev +/bin/busybox echo 'creating root..' /bin/busybox mkdir -p /newroot -/bin/busybox mount /dev/sda2 /newroot -#/bin/busybox mount --move /sys /newroot -#/bin/busybox mount --move /dev /newroot -#/bin/busybox mount --move /proc /newroot - -#exec /bin/busybox sh - -#/bin/busybox ln -s "/lib/modules/" "/lib/modules/$(uname -r)" -#depmod -a -#/bin/busybox modprobe nbd max_part=2 -/bin/busybox echo 'switching root.' -exec switch_root /newroot /bin/systemd +/bin/busybox echo 'mounting root..' +/bin/busybox mount $(/bin/busybox findfs LABEL=ROOT) /newroot +#/bin/busybox echo 'moving /sys..' +#/bin/busybox mount --move /sys /newroot/sys +#/bin/busybox echo 'moving /dev..' +#/bin/busybox mount --move /dev /newroot/dev +#/bin/busybox echo 'moving /proc..' +#/bin/busybox mount --move /proc /newroot/proc +#/bin/busybox modprobe encryptfs +#/bin/busybox modprobe dm-crypt +/bin/busybox echo 'switching root..' +exec switch_root /newroot /lib/systemd/systemd --system diff --git a/config/update_kernel_make_config.py b/config/update_kernel_make_config.py new file mode 100644 index 0000000..3205822 --- /dev/null +++ b/config/update_kernel_make_config.py @@ -0,0 +1,77 @@ +# -*- coding: utf-8 -*- + + +import sys + +text = sys.stdin.readlines() + +config = {} + +for i in range(len(text)): + if '#' not in text[i] and len(str(text[i]).strip())>0: + key = str(text[i]).strip().split('=') + config[str(key[0])]=str(key[1]) + +changes = { +"CONFIG_UNIX":'y', +"CONFIG_TMPFS":'y', +"CONFIG_CGROUPS":'y', +"CONFIG_EXT4_FS":'y', +"CONFIG_BLK_DEV_LOOP":'y', +"CONFIG_BLK_DEV_RAM":'y', +"CONFIG_BLK_DEV":'y', +"CONFIG_BLOCK":'y', +"CONFIG_DEVTMPFS_MOUNT":'y', +"CONFIG_DEVTMPFS":'y', +"CONFIG_BLK_DEV_INITRD":'y', +"CONFIG_INITRAMFS_SOURCE":'y', +"CONFIG_SYSTEM_TRUSTED_KEYS":'', +"CONFIG_SYSTEM_REVOCATION_KEYS":'', +"CONFIG_EFI_STUB":'y', +"CONFIG_VIRTIO_GUEST":'y', +"CONFIG_FB_EFI":'y', +"CONFIG_EFI":'y', +"CONFIG_SYSFB":'y', +"CONFIG_FB":'y', +"CONFIG_VIRTIO":'y', +"CONFIG_DRM_VIRTIO_GPU":'y', +"CONFIG_VIRTIO_PCI":'y', +"CONFIG_VIRTIO_BALLOON":'y', +"CONFIG_HW_RANDOM_VIRTIO":'y', +"CONFIG_PCI":'y', +"CONFIG_DRM":'y', +"CONFIG_VIRTIO_MEM":'y', +"CONFIG_VIRTIO_MMIO":'y', +"CONFIG_VIRTIO_IOMMU":'y', +"CONFIG_VIRTIO_VDPA":'y', +"CONFIG_BLK_MQ_VIRTIO":'y', +"CONFIG_VIRTIO_CONSOLE":'y', +"CONFIG_VIRTIO_MENU":'y', +"CONFIG_VIRTIO_BLK":'y', +"CONFIG_VIRTIO_VSOCKETS":'y', +"CONFIG_VIRTIO_VSOCKETS_COMMON":'y', +"CONFIG_RPMSG_VIRTIO":'y', +"CONFIG_VIRTIO_FS":'y', +"CONFIG_VIRTIO_INPUT":'y', +"CONFIG_VIRTIO_PCI_LIB":'y', +"CONFIG_VIRTIO_MMIO_CMDLINE_DEVICES":'y', +"CONFIG_VIRTIO_ANCHOR CONFIG_SCSI_VIRTIO":'y', +"CONFIG_VIRTIO_MENU CONFIG_HIGH_RES_TIMERS":'y', +"CONFIG_DEBUG_INFO CONFIG_KVM_GUEST":'y', +"CONFIG_PARAVIRT":'y', +"CONFIG_VIRTIO_NET":'y', +"CONFIG_KVM_CLOCK":'y', +"CONFIG_ATA":'y', +"CONFIG_SCSI_SATA":'y', +"CONFIG_SCSI_VIRTIO":'y', +"CONFIG_SATA_AHCI":'y', +"CONFIG_SCSI_DISK":'y', +"CONFIG_SCSI":'y' +} + +for c in changes.keys(): + config[str(c)]=changes[str(c)] + +config_to_write = ['='.join([str(i),str(config[str(i)])]) for i in config.keys()] + +print('\n'.join(config_to_write)) diff --git a/scripts/boot_image.sh b/scripts/boot_image.sh index 67ecf10..ce1bc6f 100755 --- a/scripts/boot_image.sh +++ b/scripts/boot_image.sh @@ -2,4 +2,7 @@ cd "$(dirname "$0")" cd .. disk="./outputs/boot_image.img" -qemu-system-x86_64 -bios /usr/share/ovmf/OVMF.fd -drive format=raw,file=$disk -m 16G -smp 8 -vga none -usb -device usb-tablet --display gtk --device virtio-gpu-pci -enable-kvm -machine type=pc-q35-3.1,accel=kvm,kernel_irqchip=on + + +qemu-system-x86_64 -bios /usr/share/ovmf/OVMF.fd -drive if=none,format=raw,file=$disk,id=hd -device virtio-blk-pci,drive=hd -m 16G -smp 4 -vga none --display gtk,gl=off --device virtio-gpu -usb -device usb-tablet -enable-kvm -machine type=pc-q35-3.1 +#--display gtk,gl=off --device virtio-gpu diff --git a/scripts/build_initramfs.sh b/scripts/build_initramfs.sh index 071e61a..c15ed1b 100755 --- a/scripts/build_initramfs.sh +++ b/scripts/build_initramfs.sh @@ -15,12 +15,16 @@ mkdir -p ./dependencies/initram/lib/modules/ echo "installing busybox" cp ./busybox ./dependencies/initram/bin/ chmod +x ./dependencies/initram/bin/busybox +chmod 4755 ./dependencies/initram/bin/busybox ./dependencies/initram/bin/busybox --install -s "./dependencies/initram/bin/" + cp ./config/init.sh ./dependencies/initram/init chmod +x ./dependencies/initram/init +#chmod 4755 ./dependencies/initram/bin/init echo "copying kernel" -cp ./dependencies/linux/arch/x86_64/boot/bzImage ./outputs/bzImage.efi +cp ./dependencies/linux/arch/x86_64/boot/bzImage ./outputs/bzImage cd ./dependencies/initram/ -find . -type f -name "*" -exec chmod +x {} + -find . -print0 | cpio --null -ov --format=newc | gzip -9 > ../../outputs/initramfs.cpio.gz +find ./bin -type f -name "*" -exec chmod +x {} + + +find . -print0 | cpio --null -o --format=newc --owner root:root | zstd -19 > ../../outputs/initramfs.cpio.gz echo "created initramfs." diff --git a/scripts/build_kernel.sh b/scripts/build_kernel.sh index 67e83ff..fca2f41 100755 --- a/scripts/build_kernel.sh +++ b/scripts/build_kernel.sh @@ -6,7 +6,7 @@ mkdir -p ./dependencies rootdir=$(dirname "$0") dir=./$(dirname "$0") cd dependencies -[[ -d ./linux ]] || git clone --depth 1 https://github.com/torvalds/linux.git ./linux +[[ -d ./linux ]] || git clone --depth 5 https://github.com/gregkh/linux.git ./linux cd "$(dirname "$0")" cd .. echo $PWD