jiang/kali-arm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
8df66aa7b84b27bbc9905d62ef3a8f865df253a4
kali-arm/chromebook-arm-acer.sh
Steev Klimaszewski 8df66aa7b8 Update rpi2 and formatting changes. 
While we don't release an rpi2 specific build, there are still people
out there that build their own because they don't want to use Nexmon.
This updates the rpi2 script to keep up with the changes for the rpi3
while leaving out nexmon/rpi3 bluetooth bits.

Also update chmod because we don't need it.
2018-06-22 20:38:19 -05:00

482 lines
16 KiB
Bash
Executable File
Raw Blame History

#!/bin/bash
if [[ $EUID -ne 0 ]]; then
echo "This script must be run as root"
exit 1
fi
if [[ $# -eq 0 ]] ; then
echo "Please pass version number, e.g. $0 2.0"
exit 0
fi
basedir=`pwd`/nyan-$1
# Make sure that the cross compiler can be found in the path before we do
# anything else, that way the builds don't fail half way through.
export CROSS_COMPILE=arm-linux-gnueabihf-
if [ $(compgen -c $CROSS_COMPILE | wc -l) -eq 0 ] ; then
echo "Missing cross compiler. Set up PATH according to the README"
exit 1
fi
# Unset CROSS_COMPILE so that if there is any native compiling needed it doesn't
# get cross compiled.
unset CROSS_COMPILE
# Package installations for various sections.
# This will build a minimal Gnome Kali system with the top 10 tools.
# This is the section to edit if you would like to add more packages.
# See http://www.kali.org/new/kali-linux-metapackages/ for meta packages you can
# use. You can also install packages, using just the package name, but keep in
# mind that not all packages work on ARM! If you specify one of those, the
# script will throw an error, but will still continue on, and create an unusable
# image, keep that in mind.
arm="abootimg cgpt fake-hwclock ntpdate u-boot-tools vboot-utils vboot-kernel-utils"
base="alsa-utils e2fsprogs initramfs-tools kali-defaults kali-menu laptop-mode-tools parted sudo usbutils"
desktop="fonts-croscore fonts-crosextra-caladea fonts-crosextra-carlito gnome-theme-kali gtk3-engines-xfce kali-desktop-xfce kali-root-login lightdm network-manager network-manager-gnome xfce4 xserver-xorg-video-fbdev xserver-xorg-input-synaptics xserver-xorg-input-all xserver-xorg-input-libinput"
tools="aircrack-ng ethtool hydra john libnfc-bin mfoc nmap passing-the-hash sqlmap usbutils winexe wireshark"
services="apache2 openssh-server"
extras="iceweasel xfce4-goodies xfce4-terminal wpasupplicant firmware-linux firmware-linux-nonfree firmware-libertas firmware-atheros"
packages="${arm} ${base} ${desktop} ${tools} ${services} ${extras}"
architecture="armhf"
# If you have your own preferred mirrors, set them here.
# After generating the rootfs, we set the sources.list to the default settings.
mirror=http.kali.org
kernel_release="R67-10575.B-chromeos-3.10"
# Set this to use an http proxy, like apt-cacher-ng, and uncomment further down
# to unset it.
#export http_proxy="http://localhost:3142/"
mkdir -p ${basedir}
cd ${basedir}
# create the rootfs - not much to modify here, except maybe the hostname.
debootstrap --foreign --arch $architecture kali-rolling kali-$architecture http://$mirror/kali
cp /usr/bin/qemu-arm-static kali-$architecture/usr/bin/
LANG=C systemd-nspawn -M nyan -D kali-$architecture /debootstrap/debootstrap --second-stage
# Create sources.list
cat << EOF > kali-$architecture/etc/apt/sources.list
deb http://$mirror/kali kali-rolling main contrib non-free
EOF
# Set hostname
echo "kali" > kali-$architecture/etc/hostname
# So X doesn't complain, we add kali to hosts
cat << EOF > kali-$architecture/etc/hosts
127.0.0.1 kali localhost
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
EOF
cat << EOF > kali-$architecture/etc/network/interfaces
auto lo
iface lo inet loopback
EOF
cat << EOF > kali-$architecture/etc/resolv.conf
nameserver 8.8.8.8
EOF
export MALLOC_CHECK_=0 # workaround for LP: #520465
export LC_ALL=C
export DEBIAN_FRONTEND=noninteractive
#mount -t proc proc kali-$architecture/proc
#mount -o bind /dev/ kali-$architecture/dev/
#mount -o bind /dev/pts kali-$architecture/dev/pts
cat << EOF > kali-$architecture/debconf.set
console-common console-data/keymap/policy select Select keymap from full list
console-common console-data/keymap/full select en-latin1-nodeadkeys
EOF
cat << EOF > kali-$architecture/third-stage
#!/bin/bash
dpkg-divert --add --local --divert /usr/sbin/invoke-rc.d.chroot --rename /usr/sbin/invoke-rc.d
cp /bin/true /usr/sbin/invoke-rc.d
echo -e "#!/bin/sh\nexit 101" > /usr/sbin/policy-rc.d
chmod 755 /usr/sbin/policy-rc.d
apt-get update
apt-get --yes --allow-change-held-packages install locales-all
debconf-set-selections /debconf.set
rm -f /debconf.set
apt-get update
apt-get -y install git-core binutils ca-certificates initramfs-tools u-boot-tools
apt-get -y install locales console-common less nano git
echo "root:toor" | chpasswd
sed -i -e 's/KERNEL\!=\"eth\*|/KERNEL\!=\"/' /lib/udev/rules.d/75-persistent-net-generator.rules
rm -f /etc/udev/rules.d/70-persistent-net.rules
export DEBIAN_FRONTEND=noninteractive
apt-get --yes --allow-change-held-packages install $packages
if [ $? > 0 ];
then
apt-get --yes --allow-change-held-packages --fix-broken install
fi
apt-get --yes --allow-change-held-packages dist-upgrade
apt-get --yes --allow-change-held-packages autoremove
rm -f /usr/sbin/policy-rc.d
rm -f /usr/sbin/invoke-rc.d
dpkg-divert --remove --rename /usr/sbin/invoke-rc.d
rm -f /third-stage
EOF
chmod 755 kali-$architecture/third-stage
LANG=C systemd-nspawn -M nyan -D kali-$architecture /third-stage
cat << EOF > kali-$architecture/cleanup
#!/bin/bash
rm -rf /root/.bash_history
apt-get update
apt-get clean
rm -f /0
rm -f /hs_err*
rm -f cleanup
rm -f /usr/bin/qemu*
EOF
chmod 755 kali-$architecture/cleanup
LANG=C systemd-nspawn -M nyan -D kali-$architecture /cleanup
#umount kali-$architecture/proc/sys/fs/binfmt_misc
#umount kali-$architecture/dev/pts
#umount kali-$architecture/dev/
#umount kali-$architecture/proc
echo "Creating image file for Acer Chromebook"
dd if=/dev/zero of=${basedir}/kali-linux-$1-acer.img bs=1M count=7000
parted kali-linux-$1-acer.img --script -- mklabel gpt
cgpt create -z kali-linux-$1-acer.img
cgpt create kali-linux-$1-acer.img
cgpt add -i 1 -t kernel -b 8192 -s 32768 -l kernel -S 1 -T 5 -P 10 kali-linux-$1-acer.img
cgpt add -i 2 -t data -b 40960 -s `expr $(cgpt show kali-linux-$1-acer.img | grep 'Sec GPT table' | awk '{ print \$1 }') - 40960` -l Root kali-linux-$1-acer.img
loopdevice=`losetup -f --show ${basedir}/kali-linux-$1-acer.img`
device=`kpartx -va $loopdevice| sed -E 's/.*(loop[0-9])p.*/\1/g' | head -1`
sleep 5
device="/dev/mapper/${device}"
bootp=${device}p1
rootp=${device}p2
mkfs.ext4 -O ^flex_bg -O ^metadata_csum -L rootfs $rootp
mkdir -p ${basedir}/root
mount $rootp ${basedir}/root
echo "Rsyncing rootfs into image file"
rsync -HPavz -q ${basedir}/kali-$architecture/ ${basedir}/root/
cat << EOF > ${basedir}/root/etc/apt/sources.list
deb http://http.kali.org/kali kali-rolling main contrib non-free
deb-src http://http.kali.org/kali kali-rolling main contrib non-free
EOF
# Uncomment this if you use apt-cacher-ng otherwise git clones will fail.
#unset http_proxy
# Pull in the gcc 5.3 cross compiler to build the kernel.
# Debian uses a 7.3 based kernel, and the chromebook kernel doesn't support
# that.
cd ${basedir}
git clone https://github.com/offensive-security/gcc-arm-linux-gnueabihf-4.7
# Kernel section. If you want to use a custom kernel, or configuration, replace
# them in this section.
cd ${basedir}
git clone --depth 1 https://chromium.googlesource.com/chromiumos/third_party/kernel -b release-${kernel_release} ${basedir}/root/usr/src/kernel
cd ${basedir}/root/usr/src/kernel
mkdir -p ${basedir}/root/usr/src/kernel/firmware/nvidia/tegra124/
cp ${basedir}/root/lib/firmware/nvidia/tegra124/xusb.bin firmware/nvidia/tegra124/
cp ${basedir}/../kernel-configs/chromebook-3.10.config .config
cp ${basedir}/../kernel-configs/chromebook-3.10.config ../nyan.config
git rev-parse HEAD > ../kernel-at-commit
export ARCH=arm
# Edit the CROSS_COMPILE variable as needed.
export CROSS_COMPILE=${basedir}/gcc-arm-linux-gnueabihf-4.7/bin/arm-linux-gnueabihf-
patch -p1 --no-backup-if-mismatch < ${basedir}/../patches/mac80211-3.8.patch
patch -p1 --no-backup-if-mismatch < ${basedir}/../patches/0001-mwifiex-do-not-create-AP-and-P2P-interfaces-upon-dri-3.8.patch
patch -p1 --no-backup-if-mismatch < ${basedir}/../patches/0001-Comment-out-a-pr_debug-print.patch
make WIFIVERSION="-3.8" -j $(grep -c processor /proc/cpuinfo)
make WIFIVERSION="-3.8" dtbs
make WIFIVERSION="-3.8" modules_install INSTALL_MOD_PATH=${basedir}/root
cat << __EOF__ > ${basedir}/root/usr/src/kernel/arch/arm/boot/kernel-nyan.its
/dts-v1/;
/ {
description = "Chrome OS kernel image with one or more FDT blobs";
#address-cells = <1>;
images {
kernel@1{
description = "kernel";
data = /incbin/("zImage");
type = "kernel_noload";
arch = "arm";
os = "linux";
compression = "none";
load = <0>;
entry = <0>;
};
fdt@1{
description = "tegra124-nyan-big-rev0_2.dtb";
data = /incbin/("dts/tegra124-nyan-big-rev0_2.dtb");
type = "flat_dt";
arch = "arm";
compression = "none";
hash@1{
algo = "sha1";
};
};
fdt@2{
description = "tegra124-nyan-big-rev3_7.dtb";
data = /incbin/("dts/tegra124-nyan-big-rev3_7.dtb");
type = "flat_dt";
arch = "arm";
compression = "none";
hash@1{
algo = "sha1";
};
};
fdt@3{
description = "tegra124-nyan-big-rev8_9.dtb";
data = /incbin/("dts/tegra124-nyan-big-rev8_9.dtb");
type = "flat_dt";
arch = "arm";
compression = "none";
hash@1{
algo = "sha1";
};
};
fdt@4{
description = "tegra124-nyan-blaze.dtb";
data = /incbin/("dts/tegra124-nyan-blaze.dtb");
type = "flat_dt";
arch = "arm";
compression = "none";
hash@1{
algo = "sha1";
};
};
fdt@5{
description = "tegra124-nyan-rev0.dtb";
data = /incbin/("dts/tegra124-nyan-rev0.dtb");
type = "flat_dt";
arch = "arm";
compression = "none";
hash@1{
algo = "sha1";
};
};
fdt@6{
description = "tegra124-nyan-rev1.dtb";
data = /incbin/("dts/tegra124-nyan-rev1.dtb");
type = "flat_dt";
arch = "arm";
compression = "none";
hash@1{
algo = "sha1";
};
};
fdt@7{
description = "tegra124-nyan-kitty-rev0_3.dtb";
data = /incbin/("dts/tegra124-nyan-kitty-rev0_3.dtb");
type = "flat_dt";
arch = "arm";
compression = "none";
hash@1{
algo = "sha1";
};
};
fdt@8{
description = "tegra124-nyan-kitty-rev8.dtb";
data = /incbin/("dts/tegra124-nyan-kitty-rev8.dtb");
type = "flat_dt";
arch = "arm";
compression = "none";
hash@1{
algo = "sha1";
};
};
};
configurations {
default = "conf@1";
conf@1{
kernel = "kernel@1";
fdt = "fdt@1";
};
conf@2{
kernel = "kernel@1";
fdt = "fdt@2";
};
conf@3{
kernel = "kernel@1";
fdt = "fdt@3";
};
conf@4{
kernel = "kernel@1";
fdt = "fdt@4";
};
conf@5{
kernel = "kernel@1";
fdt = "fdt@5";
};
conf@6{
kernel = "kernel@1";
fdt = "fdt@6";
};
conf@7{
kernel = "kernel@1";
fdt = "fdt@7";
};
conf@8{
kernel = "kernel@1";
fdt = "fdt@8";
};
};
};
__EOF__
cd ${basedir}/root/usr/src/kernel/arch/arm/boot
mkimage -f kernel-nyan.its nyan-big-kernel
# BEHOLD THE POWER OF PARTUUID/PARTNROFF
echo "noinitrd console=tty1 quiet root=PARTUUID=%U/PARTNROFF=1 rootwait rw lsm.module_locking=0 net.ifnames=0 rootfstype=ext4" > cmdline
# Pulled from ChromeOS, this is exactly what they do because there's no
# # bootloader in the kernel partition on ARM.
dd if=/dev/zero of=bootloader.bin bs=512 count=1
vbutil_kernel --arch arm --pack ${basedir}/kernel.bin --keyblock /usr/share/vboot/devkeys/kernel.keyblock --signprivate /usr/share/vboot/devkeys/kernel_data_key.vbprivk --version 1 --config cmdline --bootloader bootloader.bin --vmlinuz nyan-big-kernel
cd ${basedir}/root/usr/src/kernel
# Clean up our build of the kernel, then copy the config and run make
# modules_prepare so that users can more easily build kernel modules...
make WIFIVERSION="-3.8" mrproper
cp ../nyan.config .config
make WIFIVERSION="-3.8" modules_prepare
cd ${basedir}
# Fix up the symlink for building external modules
# kernver is used so we don't need to keep track of what the current compiled
# version is
kernver=$(ls ${basedir}/root/lib/modules/)
cd ${basedir}/root/lib/modules/$kernver
rm build
rm source
ln -s /usr/src/kernel build
ln -s /usr/src/kernel source
cd ${basedir}
# Lid switch
cat << EOF > ${basedir}/root/etc/udev/rules.d/99-tegra-lid-switch.rules
ACTION=="remove", GOTO="tegra_lid_switch_end"
SUBSYSTEM=="input", KERNEL=="event*", SUBSYSTEMS=="platform", KERNELS=="gpio-keys.4", TAG+="power-switch"
LABEL="tegra_lid_switch_end"
EOF
# Bit of a hack, this is so the eMMC doesn't show up on the desktop
cat << EOF > ${basedir}/root/etc/udev/rules.d/99-hide-emmc-partitions.rules
KERNEL=="mmcblk0*", ENV{UDISKS_IGNORE}="1"
EOF
# Disable uap0 and p2p0 interfaces in NetworkManager
printf '\n[keyfile]\nunmanaged-devices=interface-name:p2p0\n' >> ${basedir}/root/etc/NetworkManager/NetworkManager.conf
#nvidia device nodes
cat << EOF > ${basedir}/root/lib/udev/rules.d/51-nvrm.rules
KERNEL=="knvmap", GROUP="video", MODE="0660"
KERNEL=="nvhdcp1", GROUP="video", MODE="0660"
KERNEL=="nvhost-as-gpu", GROUP="video", MODE="0660"
KERNEL=="nvhost-ctrl", GROUP="video", MODE="0660"
KERNEL=="nvhost-ctrl-gpu", GROUP="video", MODE="0660"
KERNEL=="nvhost-dbg-gpu", GROUP="video", MODE="0660"
KERNEL=="nvhost-gpu", GROUP="video", MODE="0660"
KERNEL=="nvhost-msenc", GROUP="video", MODE=0660"
KERNEL=="nvhost-prof-gpu", GROUP="video", MODE=0660"
KERNEL=="nvhost-tsec", GROUP="video", MODE="0660"
KERNEL=="nvhost-vic", GROUP="video", MODE="0660"
KERNEL=="nvmap", GROUP="video", MODE="0660"
KERNEL=="tegra_dc_0", GROUP="video", MODE="0660"
KERNEL=="tegra_dc_1", GROUP="video", MODE="0660"
KERNEL=="tegra_dc_ctrl", GROUP="video", MODE="0660"
EOF
# Touchpad configuration
mkdir -p ${basedir}/root/etc/X11/xorg.conf.d
cat << EOF > ${basedir}/root/etc/X11/xorg.conf.d/10-synaptics-chromebook.conf
Section "InputClass"
Identifier "touchpad"
MatchIsTouchpad "on"
Driver "synaptics"
Option "TapButton1" "1"
Option "TapButton2" "3"
Option "TapButton3" "2"
Option "FingerLow" "15"
Option "FingerHigh" "20"
Option "FingerPress" "256"
EndSection
EOF
cd ${basedir}
# lp0 resume firmware...
# Check https://chromium.googlesource.com/chromiumos/overlays/chromiumos-overlay/+/master/sys-kernel/tegra_lp0_resume/
# to find the lastest commit to use (note: CROS_WORKON_COMMIT )
git clone https://chromium.googlesource.com/chromiumos/third_party/coreboot
cd ${basedir}/coreboot
git checkout acd9450a51da71c0ecc0415ed5b6589db714bfa3
make -C src/soc/nvidia/tegra124/lp0 GCC_PREFIX=arm-linux-gnueabihf-
mkdir -p ${basedir}/root/lib/firmware/tegra12x/
cp src/soc/nvidia/tegra124/lp0/tegra_lp0_resume.fw ${basedir}/root/lib/firmware/tegra12x/
cd ${basedir}
cp ${basedir}/../misc/zram ${basedir}/root/etc/init.d/zram
chmod 755 ${basedir}/root/etc/init.d/zram
sed -i -e 's/^#PermitRootLogin.*/PermitRootLogin yes/' ${basedir}/root/etc/ssh/sshd_config
# Unmount partitions
umount $rootp
dd if=${basedir}/kernel.bin of=$bootp
kpartx -dv $loopdevice
losetup -d $loopdevice
# If you're building an image for yourself, comment all of this out, as you
# don't need to compress the image, since you will be testing it
# soon.
# Don't pixz on 32bit, there isn't enough memory to compress the images.
MACHINE_TYPE=`uname -m`
if [ ${MACHINE_TYPE} == 'x86_64' ]; then
echo "Compressing kali-linux-$1-acer.img"
pixz ${basedir}/kali-linux-$1-acer.img ${basedir}/../kali-linux-$1-acer.img.xz
rm ${basedir}/kali-linux-$1-acer.img
fi
# Clean up all the temporary build stuff and remove the directories.
# Comment this out to keep things around if you want to see what may have gone
# wrong.
echo "Removing temporary build files"
rm -rf ${basedir}
Reference in New Issue View Git Blame Copy Permalink