|
| 1 | +#!/bin/bash |
| 2 | +# Copyright 2025 Amazon.com, Inc. or its affiliates. All Rights Reserved. |
| 3 | +# SPDX-License-Identifier: Apache-2.0 |
| 4 | + |
| 5 | +# We need sudo privilleges to install the kernel |
| 6 | +if [ "$(id -u)" -ne 0 ]; then |
| 7 | + echo "This script must be run as root or with sudo privileges" |
| 8 | + exit 1 |
| 9 | +fi |
| 10 | + |
| 11 | +# Currently this script only works on Ubuntu instances |
| 12 | +if ! grep -qi 'ubuntu' /etc/os-release; then |
| 13 | + echo "This script currently only works on Ubuntu." |
| 14 | + exit 1 |
| 15 | +fi |
| 16 | + |
| 17 | +confirm() { |
| 18 | + if [[ "$*" == *"-y"* ]]; then |
| 19 | + return 0 |
| 20 | + fi |
| 21 | + |
| 22 | + while true; do |
| 23 | + echo "This script will build and install a new kernel. Run this script at your own risk" |
| 24 | + read -p "Do you want to continue? (y/n) " yn |
| 25 | + case $yn in |
| 26 | + [Yy]*) return 0 ;; |
| 27 | + [Nn]*) |
| 28 | + echo "Exiting..." |
| 29 | + exit 1 |
| 30 | + ;; |
| 31 | + *) echo "Please answer yes or no." ;; |
| 32 | + esac |
| 33 | + done |
| 34 | +} |
| 35 | + |
| 36 | +# Make sure a user really wants to run this script |
| 37 | +confirm "$@" |
| 38 | + |
| 39 | +KERNEL_URL=$(cat kernel_url) |
| 40 | +KERNEL_COMMIT_HASH=$(cat kernel_commit_hash) |
| 41 | +KERNEL_VERSION=$(cat kernel_version) |
| 42 | +KERNEL_PATCHES_DIR=$(pwd)/patches |
| 43 | +KERNEL_CONFIG_OVERRIDES=$(pwd)/kernel_config_overrides |
| 44 | + |
| 45 | +TMP_BUILD_DIR=$(mktemp -d -t kernel-build-XXXX) |
| 46 | + |
| 47 | +pushd . |
| 48 | +cd $TMP_BUILD_DIR |
| 49 | + |
| 50 | +echo "Cloning kernel repository into" $TMP_BUILD_DIR |
| 51 | + |
| 52 | +# We checkout the repository that way to make it as |
| 53 | +# small and fast as possible |
| 54 | +git init |
| 55 | +git remote add origin $KERNEL_URL |
| 56 | +git fetch --depth 1 origin $KERNEL_COMMIT_HASH |
| 57 | +git checkout FETCH_HEAD |
| 58 | + |
| 59 | +# Apply our patches on top |
| 60 | +for PATCH in $KERNEL_PATCHES_DIR/*.patch; do |
| 61 | + echo "Applying patch:" $(basename $PATCH) |
| 62 | + git apply $PATCH |
| 63 | +done |
| 64 | + |
| 65 | +echo "Making kernel config ready for build" |
| 66 | +# We use olddefconfig to automatically pull in the |
| 67 | +# config from the AMI and update to the newest |
| 68 | +# defaults |
| 69 | +make olddefconfig |
| 70 | + |
| 71 | +# Disable the ubuntu keys |
| 72 | +scripts/config --disable SYSTEM_TRUSTED_KEYS |
| 73 | +scripts/config --disable SYSTEM_REVOCATION_KEYS |
| 74 | + |
| 75 | +# Apply our config overrides on top of the config |
| 76 | +scripts/kconfig/merge_config.sh .config $KERNEL_CONFIG_OVERRIDES |
| 77 | + |
| 78 | +# Finally run olddefconfig again to make sure any |
| 79 | +# new options are configured before build |
| 80 | +make olddefconfig |
| 81 | + |
| 82 | +echo "Building kernel this may take a while" |
| 83 | +make -j $(nproc) |
| 84 | +echo "Building kernel modules" |
| 85 | +make modules -j $(nproc) |
| 86 | +echo "Kernel build complete!" |
| 87 | + |
| 88 | +echo "Installing kernel modules..." |
| 89 | +make INSTALL_MOD_STRIP=1 modules_install |
| 90 | +echo "Installing kernel..." |
| 91 | +make INSTALL_MOD_STRIP=1 install |
| 92 | +echo "Update initramfs" |
| 93 | +update-initramfs -c -k $KERNEL_VERSION |
| 94 | +echo "Updating GRUB..." |
| 95 | +update-grub |
| 96 | + |
| 97 | +echo "Kernel built and installed successfully!" |
| 98 | + |
| 99 | +# Some cleanup after we are done |
| 100 | +popd |
| 101 | +rm -rf $TMP_BUILD_DIR |
0 commit comments