Commit Graph

10 Commits

Author SHA1 Message Date
Maximilian Bosch
ccf0c5bd42
linux: make main update script slightly more robust
On #249636 I had to manually run the updaters for hardened & libre kernels.
The cause was that `update-rt.sh` suddenly broke. Because I didn't want to
inhibit other kernel updates because of a rather niche variant, I decided to
move forward temporarily and take care of it later.

One issue was that the script failed silently, i.e. I only saw that the
script terminated early from my prompt. This is fixed now by making each
niche kernel updater print its exit code code if it failed. Also, errors
are allowed, i.e. a broken `update-rt.sh` doesn't block
`hardened/update.py` etc..

The issue itself is rather simple. When I updated the kernels in #249636,
the sha256sums.asc for rt kernels[1] looked like this:

    199bbb0cdb97ead22732473b95c8b2e8da62dfd71bde2339163119fb537a2b7c  patch-6.1.38-rt13-rc1.patch.gz
    a1af54f6987e96de06cad0a3226c5b5a992b60df084a904b6b94ea247fb46027  patch-6.1.38-rt13-rc1.patch.xz
    7bb68561787e46e3c433d9b514373ce368d587ac459b91df41934e70280d008f  patches-6.1.38-rt13-rc1.tar.gz
    ee65336dd6ae0be398796e7b75291918811a23e10121dc09bd84b244b12402fa  patches-6.1.38-rt13-rc1.tar.xz

However, the script itself skips any RC versions of the realtime
patches, so no releases were usable and the script failed. It's probably
possible to use the overview over all releases instead[2], however
that'd complicate the script notably. Anyways, since RT kernels don't
bump to each patch-level release, I don't think it hurts too much if
such an update is slightly more delayed. However if we want to fix this, I'd prefer
this to be fixed by folks who care more about rt kernels than I do.

[1] https://kernel.org/pub/linux/kernel/projects/rt/6.1/sha256sums.asc
[2] https://mirrors.edge.kernel.org/pub/linux/kernel/projects/rt/6.1/older/sha256sums.asc
2023-08-19 14:03:08 +02:00
Orivej Desh
9d0d3a025f linux-rt: add update script 2020-09-02 02:51:06 +00:00
Emily
d6fe0a4e2d linux/hardened: move files into directory 2020-05-08 15:49:35 +01:00
Emily
0d4f35efd4 linux_*_hardened: use linux-hardened patch set
This is an updated version of the former upstream,
https://github.com/AndroidHardeningArchive/linux-hardened, and provides
a minimal set of additional hardening patches on top of upstream.

The patch already incorporates many of our hardened profile defaults,
and releases are timely (Linux 5.5.15 and 5.6.2 were released on
2020-04-02; linux-hardened patches for them came out on 2020-04-03 and
2020-04-04 respectively).
2020-04-17 16:13:39 +01:00
Will Dietz
84a6071bc7
kernel/update.sh: always use -e 2020-01-11 00:00:11 -06:00
Alyssa Ross
80a823eeca linux/update.sh: update linux-libre too
update-libre.sh doesn't commit by default so that it can be used as an
updateScript, where I don't think auto-committing is the norm.

The generated commit messages say "linux-libre_latest" rather than
"linux-libre", because even though linux-libre will also be rebuilt,
it's linux-libre_latest that is more likely to need it.
2019-12-16 16:30:22 +00:00
Tim Steinbach
922c07d2d2
linux: Fix update script
The script was wrecking `modDirVersion`, putting them back and
ensuring it will not break again.
2019-04-07 08:34:12 -04:00
Tim Steinbach
4d2c4387cc
linux: Update script commit 2019-04-06 12:51:14 -04:00
Matthieu Coudron
f620b1b693 kernel: buildLinux replaces import ./generic.nix
- defined buildLinux as generic.nix instead of manual-config.nix. This
makes kernel derivations a tad more similar to your typical derivations.
- moved $buildRoot to within the source folder, this way it doesn't have to be created before the unpackPhase
and make it easier to work on kernel source without running the unpackPhase
2018-02-07 10:07:13 +09:00
William A. Kennington III
6e91f53d87 kernel: Add update script 2014-10-30 14:37:22 -07:00