You are not logged in.
Hi everyone,
I am trying to compile a custom linux-hardened kernel in order to allow hibernation. I am following the instructions provided in this page. After some googling, it seems that one simply has to uncomment the CONFIG_HIBERNATION line in the kernel config and pass the nokaslr flag to the kernel command line in /etc/default/grub (source).
So, I retrieved the linux-hardened PKGBUILD source, modified PKGBUILD (changed the name from "linux-hardened" to "linux-hardened-hibernate") and config (un-commented CONFIG_HIBERNATION). I then tried updating the checksums as described, but the command failed. I suspect this is because I changed the name. Also, I couldn't build with makepkg for the same reason. The error message:
==> ERROR: Failure while downloading https://github.com/anthraxx/linux-hardened-hibernate/releases/download/5.19.8-hardened2/linux-hardened-hibernate-5.19.8-hardened2.patch
Aborting...I would like to have my kernel named differently from linux-hardened (which is the one I currently use), so I can keep both images in /boot and switch back to the original if something goes wrong with my version (assuming this is the right approach: feel free to correct me, it's the first time I do something like this). I need some additional guidelines on how to compile my kernel, possibly avoiding conflicts with secureboot (which, from what I read online, might be an issue).
Thanks everyone ![]()
PS: there is a package in the AUR which presumably is the same as my goal, linux-hardened-hibernate. However, it seems to be broken as it fails upon gpg keys importing.
Last edited by shako (2022-09-12 15:45:52)
Offline
diff --git a/trunk/PKGBUILD b/trunk/PKGBUILD
index cd92940..707752a 100644
--- a/trunk/PKGBUILD
+++ b/trunk/PKGBUILD
@@ -3,7 +3,8 @@
# Contributor: Tobias Powalowski <tpowa@archlinux.org>
# Contributor: Thomas Baechler <thomas@archlinux.org>
-pkgbase=linux-hardened
+_pkgbase=linux-hardened
+pkgbase=linux-hardened-hibernate
pkgver=5.19.8.hardened2
pkgrel=1
pkgdesc='Security-Hardened Linux'
@@ -20,7 +21,7 @@ _srcname=linux-${pkgver%.*}
_srctag=${pkgver%.*}-${pkgver##*.}
source=(
https://www.kernel.org/pub/linux/kernel/v${pkgver%%.*}.x/${_srcname}.tar.{xz,sign}
- https://github.com/anthraxx/${pkgbase}/releases/download/${_srctag}/${pkgbase}-${_srctag}.patch{,.sig}
+ https://github.com/anthraxx/${_pkgbase}/releases/download/${_srctag}/${_pkgbase}-${_srctag}.patch{,.sig}
config # the main kernel config file
)
validpgpkeys=(Offline
Thank you very much @loqs! I applied the patch you provided (as well as my previous modifications), and I managed to update the checksums. Now the kernel is compiling!
Is there any additional precaution to take to avoid conflicts with secureboot? Is the kernel signed? (sorry for maybe asking noobish questions)
Last edited by shako (2022-09-13 11:30:27)
Offline
Is there any additional precaution to take to avoid conflicts with secureboot? Is the kernel signed? (sorry for maybe asking noobish questions)
The kernel is not signed. See Secure_Boot#Implementing_Secure_Boot if you wish to use SecureBoot.
Offline
Thanks a lot
Offline