rpi5: Initial 64-bit RaspberryPi 5 build script

bsp/xorg/99-vc4.conf

@@ -0,0 +1,6 @@
+Section "OutputClass"
+  Identifier "vc4"
+  MatchDriver "vc4"
+  Driver "modesetting"
+  Option "PrimaryGPU" "true"
+EndSection

patches/kali-wifi-injection-6.1.patch

@@ -0,0 +1,129 @@
+--- a/net/mac80211/cfg.c
++++ b/net/mac80211/cfg.c
+@@ -850,7 +850,8 @@ static int ieee80211_set_monitor_channel
+ 							 chandef,
+ 							 IEEE80211_CHANCTX_EXCLUSIVE);
+ 		}
+-	} else if (local->open_count == local->monitors) {
++       // Patch: Always allow channel change, even if a normal virtual interface is present
++       } else /*if (local->open_count == local->monitors)*/ {
+ 		local->_oper_chandef = *chandef;
+ 		ieee80211_hw_config(local, 0);
+ 	}
+--- a/net/mac80211/tx.c
++++ b/net/mac80211/tx.c
+@@ -804,11 +804,19 @@ ieee80211_tx_h_sequence(struct ieee80211
+ 
+ 	/*
+ 	 * Packet injection may want to control the sequence
+-	 * number, if we have no matching interface then we
+-	 * neither assign one ourselves nor ask the driver to.
++	 * number, so if an injected packet is found, skip
++	 * renumbering it. Also make the packet NO_ACK to avoid
++	 * excessive retries (ACKing and retrying should be
++	 * handled by the injecting application).
++	 * FIXME This may break hostapd and some other injectors.
++	 * This should be done using a radiotap flag.
+ 	 */
+-	if (unlikely(info->control.vif->type == NL80211_IFTYPE_MONITOR))
++	if (unlikely((info->flags & IEEE80211_TX_CTL_INJECTED) &&
++	   !(tx->sdata->u.mntr.flags & MONITOR_FLAG_COOK_FRAMES))) {
++		if (!ieee80211_has_morefrags(hdr->frame_control))
++			info->flags |= IEEE80211_TX_CTL_NO_ACK;
+ 		return TX_CONTINUE;
++	}
+ 
+ 	if (unlikely(ieee80211_is_ctl(hdr->frame_control)))
+ 		return TX_CONTINUE;
+@@ -2046,6 +2054,10 @@ void ieee80211_xmit(struct ieee80211_sub
+ 	}
+ 
+ 	ieee80211_set_qos_hdr(sdata, skb);
++	// Don't overwrite QoS header in monitor mode
++	if (likely(info->control.vif->type != NL80211_IFTYPE_MONITOR)) {
++	    ieee80211_set_qos_hdr(sdata, skb);
++	}
+ 	ieee80211_tx(sdata, sta, skb, false);
+ }
+ 
+--- a/net/wireless/chan.c
++++ b/net/wireless/chan.c
+@@ -1393,8 +1393,10 @@ int cfg80211_set_monitor_channel(struct
+ {
+ 	if (!rdev->ops->set_monitor_channel)
+ 		return -EOPNOTSUPP;
+-	if (!cfg80211_has_monitors_only(rdev))
+-		return -EBUSY;
++	// Always allow user to change channel, even if there is another normal
++	// virtual interface using the device.
++	//if (!cfg80211_has_monitors_only(rdev))
++	//	return -EBUSY;
+ 
+ 	return rdev_set_monitor_channel(rdev, chandef);
+ }
+--- a/drivers/net/wireless/zydas/zd1211rw/zd_mac.c
++++ b/drivers/net/wireless/zydas/zd1211rw/zd_mac.c
+@@ -229,14 +229,19 @@ void zd_mac_clear(struct zd_mac *mac)
+ static int set_rx_filter(struct zd_mac *mac)
+ {
+ 	unsigned long flags;
+-	u32 filter = STA_RX_FILTER;
++	struct zd_ioreq32 ioreqs[] = {
++		{CR_RX_FILTER, STA_RX_FILTER},
++		{ CR_SNIFFER_ON, 0U },
++	};
+ 
+ 	spin_lock_irqsave(&mac->lock, flags);
+-	if (mac->pass_ctrl)
+-		filter |= RX_FILTER_CTRL;
++	if (mac->pass_ctrl) {
++		ioreqs[0].value |= 0xFFFFFFFF;
++		ioreqs[1].value = 0x1;
++	}
+ 	spin_unlock_irqrestore(&mac->lock, flags);
+ 
+-	return zd_iowrite32(&mac->chip, CR_RX_FILTER, filter);
++	return zd_iowrite32a(&mac->chip, ioreqs, ARRAY_SIZE(ioreqs));
+ }
+ 
+ static int set_mac_and_bssid(struct zd_mac *mac)
+@@ -1042,7 +1047,8 @@ int zd_mac_rx(struct ieee80211_hw *hw, c
+ 	/* Caller has to ensure that length >= sizeof(struct rx_status). */
+ 	status = (struct rx_status *)
+ 		(buffer + (length - sizeof(struct rx_status)));
+-	if (status->frame_status & ZD_RX_ERROR) {
++	if ((status->frame_status & ZD_RX_ERROR) ||
++		(status->frame_status & ~0x21)) {
+ 		if (mac->pass_failed_fcs &&
+ 				(status->frame_status & ZD_RX_CRC32_ERROR)) {
+ 			stats.flag |= RX_FLAG_FAILED_FCS_CRC;
+@@ -1386,7 +1392,7 @@ struct ieee80211_hw *zd_mac_alloc_hw(str
+ 	ieee80211_hw_set(hw, MFP_CAPABLE);
+ 	ieee80211_hw_set(hw, HOST_BROADCAST_PS_BUFFERING);
+ 	ieee80211_hw_set(hw, RX_INCLUDES_FCS);
+-	ieee80211_hw_set(hw, SIGNAL_UNSPEC);
++	ieee80211_hw_set(hw, SIGNAL_DBM);
+ 
+ 	hw->wiphy->interface_modes =
+ 		BIT(NL80211_IFTYPE_MESH_POINT) |
+--- a/drivers/net/wireless/realtek/rtl818x/rtl8187/dev.c
++++ b/drivers/net/wireless/realtek/rtl818x/rtl8187/dev.c
+@@ -248,8 +248,17 @@ static void rtl8187_tx(struct ieee80211_
+ 	flags |= RTL818X_TX_DESC_FLAG_NO_ENC;
+ 
+ 	flags |= ieee80211_get_tx_rate(dev, info)->hw_value << 24;
++
++	// When this flag is set the firmware waits untill ALL fragments have
++	// reached the USB device. Then it sends the first fragment and waits
++	// for ACKS's. Of course in monitor mode it won't detect these ACK's.
+ 	if (ieee80211_has_morefrags(tx_hdr->frame_control))
+-		flags |= RTL818X_TX_DESC_FLAG_MOREFRAG;
++	{
++		// If info->control.vif is NULL it's most likely in monitor mode
++		if (likely(info->control.vif != NULL && info->control.vif->type != NL80211_IFTYPE_MONITOR)) {
++			flags |= RTL818X_TX_DESC_FLAG_MOREFRAG;
++		}
++	}
+ 
+ 	/* HW will perform RTS-CTS when only RTS flags is set.
+ 	 * HW will perform CTS-to-self when both RTS and CTS flags are set.

raspberry-pi-5.sh

@@ -0,0 +1,160 @@
+#!/usr/bin/env bash
+#
+# Kali Linux ARM build-script for Raspberry Pi 5 (64-bit)
+# Source: https://gitlab.com/kalilinux/build-scripts/kali-arm
+#
+# This is a supported device - which you can find pre-generated images on: https://www.kali.org/get-kali/
+# More information: https://www.kali.org/docs/arm/raspberry-pi-5/
+#
+
+# Hardware model
+hw_model=${hw_model:-"raspberry-pi-5"}
+
+# Architecture
+architecture=${architecture:-"arm64"}
+
+# Desktop manager (xfce, gnome, i3, kde, lxde, mate, e17 or none)
+desktop=${desktop:-"xfce"}
+
+# Load default base_image configs
+source ./common.d/base_image.sh
+
+# Network configs
+basic_network
+#add_interface eth0
+
+# Third stage
+cat <<EOF >> "${work_dir}"/third-stage
+status_stage3 'Copy rpi services'
+cp -p /bsp/services/rpi/*.service /etc/systemd/system/
+
+status_stage3 'Copy xorg config snippet'
+mkdir -p /etc/X11/xorg.conf.d/
+install -m644 /bsp/xorg/99-vc4.conf /etc/X11/xorg.conf.d/
+
+status_stage3 'Copy script for handling wpa_supplicant file'
+install -m755 /bsp/scripts/copy-user-wpasupplicant.sh /usr/bin/
+
+status_stage3 'Enable copying of user wpa_supplicant.conf file'
+systemctl enable copy-user-wpasupplicant
+
+status_stage3 'Enabling ssh by putting ssh or ssh.txt file in /boot'
+systemctl enable enable-ssh
+
+status_stage3 'Disable haveged daemon'
+systemctl disable haveged
+
+status_stage3 'Fixup wireless-regdb signature'
+update-alternatives --set regulatory.db /lib/firmware/regulatory.db-upstream
+
+#status_stage3 'Enable hciuart and bluetooth'
+#systemctl enable hciuart
+#systemctl enable bluetooth
+
+status_stage3 'Build RaspberryPi utils'
+git clone --quiet https://github.com/raspberrypi/utils /usr/src/utils
+cd /usr/src/utils/
+# Without gcc/make, this will fail on slim images.
+sudo apt install -y cmake device-tree-compiler libfdt-dev build-essential
+cmake .
+make
+make install
+EOF
+
+# Run third stage
+include third_stage
+
+# Kernel and bootloader installation
+status 'Clone bootloader'
+git clone --quiet --depth 1 https://github.com/raspberrypi/firmware.git "${work_dir}"/rpi-firmware
+cp -rf "${work_dir}"/rpi-firmware/boot/* "${work_dir}"/boot/
+
+status 'Clone and build kernel'
+git clone --quiet --depth 1 https://github.com/raspberrypi/linux -b rpi-6.1.y "${work_dir}"/usr/src/kernel
+cd "${work_dir}"/usr/src/kernel
+patch -p1 --no-backup-if-mismatch <${repo_dir}/patches/kali-wifi-injection-6.1.patch
+patch -p1 --no-backup-if-mismatch <${repo_dir}/patches/rpi5/0001-net-wireless-brcmfmac-Add-nexmon-support.patch
+make ARCH=arm64 CROSS_COMPILE=aarch64-linux-gnu- bcm2711_defconfig
+make ARCH=arm64 CROSS_COMPILE=aarch64-linux-gnu- -j$(nproc)
+make ARCH=arm64 CROSS_COMPILE=aarch64-linux-gnu- modules_install INSTALL_MOD_PATH="${work_dir}"
+mkdir -p "${work_dir}"/boot/overlays
+cp arch/arm64/boot/Image "${work_dir}"/boot/kernel8.img
+cp arch/arm/boot/dts/overlays/*.dtb* "${work_dir}"/boot/overlays/
+cp arch/arm/boot/dts/overlays/README "${work_dir}"/boot/overlays/
+make ARCH=arm64 CROSS_COMPILE=aarch64-linux-gnu- mrproper
+make ARCH=arm64 CROSS_COMPILE=aarch64-linux-gnu- bcm2711_defconfig
+
+# Fix up the symlink for building external modules
+# kernver is used so we don't need to keep track of what the current compiled
+# version is
+kernver=$(ls "${work_dir}"/lib/modules/)
+cd "${work_dir}"/lib/modules/"${kernver}"
+rm build
+rm source
+ln -s /usr/src/kernel build
+ln -s /usr/src/kernel source
+cd "${base_dir}"
+
+# Firmware needed for the wifi
+status 'Clone Wi-Fi/Bluetooth firmware'
+git clone --quiet --depth 1 https://github.com/rpi-distro/firmware-nonfree
+cd firmware-nonfree/debian/config/brcm80211
+rsync -HPaz brcm "${work_dir}"/lib/firmware/
+rsync -HPaz cypress "${work_dir}"/lib/firmware/
+cd "${work_dir}"/lib/firmware/cypress
+ln -sf cyfmac43455-sdio-standard.bin cyfmac43455-sdio.bin
+
+# bluetooth firmware
+wget -q 'https://github.com/RPi-Distro/bluez-firmware/raw/bookworm/debian/firmware/broadcom/BCM4345C0.hcd' -O "${work_dir}"/lib/firmware/brcm/BCM4345C0.hcd
+
+cd "${repo_dir}/"
+
+# Clean system
+include clean_system
+
+# Calculate the space to create the image and create
+make_image
+
+# Create the disk partitions
+status "Create the disk partitions"
+parted -s "${image_dir}/${image_name}.img" mklabel msdos
+parted -s "${image_dir}/${image_name}.img" mkpart primary fat32 1MiB "${bootsize}"MiB
+parted -s -a minimal "${image_dir}/${image_name}.img" mkpart primary "$fstype" "${bootsize}"MiB 100%
+
+# Set the partition variables
+make_loop
+
+# Create file systems
+mkfs_partitions
+
+# Make fstab
+make_fstab
+
+# Configure Raspberry Pi firmware (before rsync)
+include rpi_firmware
+
+# Create the dirs for the partitions and mount them
+status "Create the dirs for the partitions and mount them"
+mkdir -p "${base_dir}"/root/
+
+if [[ $fstype == ext4 ]]; then
+    mount -t ext4 -o noatime,data=writeback,barrier=0 "${rootp}" "${base_dir}"/root
+
+else
+    mount "${rootp}" "${base_dir}"/root
+
+fi
+
+mkdir -p "${base_dir}"/root/boot
+mount "${bootp}" "${base_dir}"/root/boot
+
+status "Rsyncing rootfs into image file"
+rsync -HPavz -q --exclude boot "${work_dir}"/ "${base_dir}"/root/
+sync
+
+status "Rsyncing boot into image file (/boot)"
+rsync -rtx -q "${work_dir}"/boot "${base_dir}"/root
+sync
+
+# Load default finish_image configs
+include finish_image