# Template file for 'linux3.2-grsec'
#
_grsecurity="2.9.1"
_grsecurity_date="201308052151"

pkgname=linux3.2-grsec
version=3.2.50
revision="${_grsecurity}.${_grsecurity_date}"
wrksrc="linux-${version}"
maintainer="Juan RP <xtraeme@gmail.com>"
homepage="http://www.kernel.org"
license="GPL-2"
short_desc="The Linux kernel and modules (3.2 series) (hardened kernel with grsec patch)"
distfiles="http://www.kernel.org/pub/linux//kernel/v3.x/linux-${version}.tar.xz"
checksum=c848e595ea6f7f42cffca8e586219db8c968e2cbb875dc31e8c92be8b519e979

only_for_archs="i686 x86_64"
makedepends="perl kmod>=11_2 openssl which elfutils"
_kernver="${version}-grsec_${revision}"

pre_configure() {
	local url="http://grsecurity.net/stable/grsecurity-${_grsecurity}-${version}-${_grsecurity_date}.patch"
	local _patch="$(basename ${url})"

	msg_normal "$pkgver: downloading grsecurity patch: ${_patch}\n"
	$XBPS_FETCH_CMD ${url}
	msg_normal "$pkgver: applying grsecurity patch: ${_patch}\n"
	patch -slNp1 -i ${_patch}
}

do_configure() {
	# If there's a file called <arch>-dotconfig, use it to
	# configure the kernel; otherwise use arch defaults and all stuff
	# as modules (defconfig+allmodconfig).
	local arch

	if [ "$XBPS_TARGET_MACHINE" != "x86_64" ]; then
		arch=i386
	else
		arch=x86_64
	fi

	if [ -f ${FILESDIR}/${arch}-dotconfig-custom ]; then
		msg_normal "Detected a custom .config file for your arch, using it.\n"
		cp -f ${FILESDIR}/${arch}-dotconfig-custom .config
		make ${makejobs} oldconfig
	elif [ -f ${FILESDIR}/${arch}-dotconfig ]; then
		msg_normal "Detected a .config file for your arch, using it.\n"
		cp -f ${FILESDIR}/${arch}-dotconfig .config
		make ${makejobs} oldconfig
	else
		msg_normal "Defaulting to 'defconfig and allmodconfig'.\n"
		make ${makejobs} defconfig && make ${makejobs} allmodconfig
	fi
	# Always use our revision to CONFIG_LOCALVERSION to match our pkg version.
	sed -i -e "s|^\(CONFIG_LOCALVERSION=\).*|\1\"_${revision}\"|" .config
}

do_build() {
	make ${makejobs} prepare
	make ${makejobs} bzImage modules
}

do_install() {
	local arch hdrdest

	if [ "$XBPS_TARGET_MACHINE" != "x86_64" ]; then
		arch=i386
	else
		arch=x86_64
	fi

	# Run depmod after compressing modules.
	sed -i '2iexit 0' scripts/depmod.sh

	# Install kernel, firmware and modules
	make INSTALL_MOD_PATH=${DESTDIR} modules_install

	hdrdest=${DESTDIR}/usr/src/kernel-headers-${_kernver}

	install -Dm644 .config ${DESTDIR}/boot/config-${_kernver}
	install -Dm644 arch/x86/boot/bzImage ${DESTDIR}/boot/vmlinuz-${_kernver}
	install -Dm644 System.map ${DESTDIR}/boot/System.map-${_kernver}

	# Switch to /usr.
	vmkdir usr
	mv ${DESTDIR}/lib ${DESTDIR}/usr

	cd ${DESTDIR}/usr/lib/modules/${_kernver}
	rm -f source build
	ln -sf ../../../src/kernel-headers-${_kernver} build

	cd ${wrksrc}
	# Install required headers to build external modules
	install -Dm644 Makefile ${hdrdest}/Makefile
	install -Dm644 kernel/Makefile ${hdrdest}/kernel/Makefile
	install -Dm644 .config ${hdrdest}/.config
	mkdir -p ${hdrdest}/include
	# Remove firmware stuff provided by the "linux-firmware" pkg.
	rm -rf ${DESTDIR}/usr/lib/firmware

	for i in acpi asm-generic config crypto drm generated linux math-emu \
		media net pcmcia scsi sound trace uapi video xen; do
		if [ -d include/$i ]; then
			cp -a include/$i ${hdrdest}/include
		fi
	done

	cd ${wrksrc}
	mkdir -p ${hdrdest}/arch/x86
	cp -a arch/x86/include ${hdrdest}/arch/x86

	# Copy files necessary for later builds, like nvidia and vmware
	cp Module.symvers ${hdrdest}
	cp -a scripts ${hdrdest}

	mkdir -p ${hdrdest}/arch/x86/kernel
	cp arch/x86/Makefile ${hdrdest}/arch/x86
	if [ "$arch" = "i386" ]; then
		cp arch/x86/Makefile_32.cpu ${hdrdest}/arch/x86
	fi
	cp arch/x86/kernel/asm-offsets.s ${hdrdest}/arch/x86/kernel

	# Add docbook makefile
	install -Dm644 Documentation/DocBook/Makefile \
		${hdrdest}/Documentation/DocBook/Makefile

	# Add md headers
	mkdir -p ${hdrdest}/drivers/md
	cp drivers/md/*.h ${hdrdest}/drivers/md

	# Add inotify.h
	mkdir -p ${hdrdest}/include/linux
	cp include/linux/inotify.h ${hdrdest}/include/linux

	# Add wireless headers
	mkdir -p ${hdrdest}/net/mac80211/
	cp net/mac80211/*.h ${hdrdest}/net/mac80211

	# add dvb headers for external modules
	mkdir -p ${hdrdest}/include/config/dvb/
	cp include/config/dvb/*.h ${hdrdest}/include/config/dvb/

	# Add xfs and shmem for aufs building
	mkdir -p ${hdrdest}/fs/xfs
	mkdir -p ${hdrdest}/mm
	cp fs/xfs/xfs_sb.h ${hdrdest}/fs/xfs/xfs_sb.h

	# Copy in Kconfig files
	for i in $(find . -name "Kconfig*"); do
		mkdir -p ${hdrdest}/$(echo $i | sed 's|/Kconfig.*||')
		cp $i ${hdrdest}/$i
	done

	# Remove unneeded architectures
	for arch in alpha arm* avr32 blackfin cris frv h8300 \
		ia64 m* p* s* um v850 xtensa; do
		rm -rf ${hdrdest}/arch/${arch}
	done

	# Compress all modules with xz to save a few MBs.
	msg_normal "$pkgver: compressing kernel modules with xz, please wait...\n"
	find ${DESTDIR} -name '*.ko' -exec xz -9 {} \;

	# ... and run depmod again.
	depmod -b ${DESTDIR}/usr -F System.map ${_kernver}
}

linux3.2-grsec-headers_package() {
	preserve=yes
	nostrip=yes
	noverifyrdeps=yes
	short_desc+=" - source headers for 3rd party modules"
	pkg_install() {
		vmove usr/src
		vmove usr/lib/modules/${_kernver}/build
	}
}

linux3.2-grsec_package() {
	nostrip=yes
	noverifyrdeps=yes
	preserve=yes
	triggers="kernel-hooks"
	kernel_hooks_version="${_kernver}"
	depends="dracut linux-firmware kmod>=11_2"
	# These files could be modified when an external module is built.
	mutable_files="
		/usr/lib/modules/${_kernver}/modules.dep
		/usr/lib/modules/${_kernver}/modules.dep.bin
		/usr/lib/modules/${_kernver}/modules.symbols
		/usr/lib/modules/${_kernver}/modules.symbols.bin
		/usr/lib/modules/${_kernver}/modules.alias
		/usr/lib/modules/${_kernver}/modules.alias.bin
		/usr/lib/modules/${_kernver}/modules.devname"
	pkg_install() {
		vmove all
	}
}