Skip to content

Instantly share code, notes, and snippets.

@ia

ia/chromebook-arm-exynos-kali.sh

Created September 4, 2018 01:06
Show Gist options
  • Save ia/c28e2c2c2156887cec315879fc1c419d to your computer and use it in GitHub Desktop.
Save ia/c28e2c2c2156887cec315879fc1c419d to your computer and use it in GitHub Desktop.
Download ZIP
build script for flashable image of gnulinux debian kali distro for arm-based exynos-enabled chromebooks
Raw
chromebook-arm-exynos-kali.sh
#!/bin/bash
# Kali-ARM-Build-Scripts
# ======================
#
# Offensive Security Kali Linux ARM build scripts. We use these to build our official Kali Linux ARM images,
# as can be found at http://www.kali.org/downloads/
#
# - These scripts have been tested on a Kali Linux 32 and 64 bit installations only, after making sure
# that all the dependencies have been installed.
# - Make sure you run the build-deps.sh script first, which installs all required dependencies.
#
# - You will need to use the cross compilers from our github account.
#
# armel images (RPi) will use https://github.com/offensive-security/gcc-arm-eabi-linaro-4.6.2
#
# armhf images will use https://github.com/offensive-security/gcc-arm-linux-gnueabihf-4.7
#
# arm64 images (ODROID-C2) will use https://releases.linaro.org/archive/14.09/components/toolchain/binaries/gcc-linaro-aarch64-linux-gnu-4.9-2014.09_linux.tar.xz
#
# A sample workflow would look similar to (armhf):
#
# mkdir ~/arm-stuff
# cd ~/arm-stuff
# git clone https://github.com/offensive-security/gcc-arm-linux-gnueabihf-4.7
# export PATH=${PATH}:/root/arm-stuff/gcc-arm-linux-gnueabihf-4.7/bin
# git clone https://github.com/offensive-security/kali-arm-build-scripts
# cd ~/arm-stuff/kali-arm-build-scripts
# ./build-deps.sh
# ./chromebook-arm-samsung.sh 1.0
#
# If you are on 32bit, after the script finishes running, you will have an image
# file located in ~/arm-stuff/kali-arm-build-scripts/chromebook-1.0/ called
# kali-1.0-chromebook.img and a sha1sum file for it. **_You will need to use your own
# preferred compression if you want to distribute it._**
#
# On 64bit systems, after the script finishes running, you will have 3 files
# located in ~/arm-stuff/kali-arm-build-scripts/chromebook-1.0; the sha1sum for
# the uncompressed image file, the image file compressed via xz, and the sha1sum
# file for the compressed image file.
#
# Last Updated : 8th June, 2018 21:12:35 UTC
#
# Source: https://github.com/offensive-security/kali-arm-build-scripts
# Download prebuilt image:
#
# wget https://images.offensive-security.com/arm-images/kali-linux-2018.3-exynos.img.xz.torrent
# aria2c --seed-time=0 kali-linux-2018.3-exynos.img.xz.torrent
#
# Source: https://www.offensive-security.com/kali-linux-arm-images/
# Flash prebuilt image:
#
# dd if=kali-chromebook.img of=/dev/sdb bs=512k
#
# Source: https://docs.kali.org/kali-on-arm/install-kali-hp-arm-chromebook
set -e
if [[ $EUID -ne 0 ]]; then
echo "This script must be run as root"
exit 1
fi
if [[ $# -eq 0 ]] ; then
echo "Please pass version number, e.g. $0 2.0"
exit 0
fi
basedir=`pwd`/exynos-$1
# Custom hostname variable
hostname=${2:-kali}
# Custom image file name variable - MUST NOT include .img at the end.
imagename=${3:-kali-linux-$1-exynos}
# Size of image in megabytes (Default is 7000=7GB)
size=7000
# Suite to use.
# Valid options are:
# kali-rolling, kali-dev, kali-bleeding-edge, kali-dev-only, kali-experimental, kali-last-snapshot
# A release is done against kali-last-snapshot, but if you're building your own, you'll probably want to build
# kali-rolling.
suite=kali-rolling
# Generate a random machine name to be used.
machine=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 16 | head -n 1)
# Make sure that the cross compiler can be found in the path before we do
# anything else, that way the builds don't fail half way through.
export CROSS_COMPILE=arm-linux-gnueabihf-
if [ $(compgen -c $CROSS_COMPILE | wc -l) -eq 0 ] ; then
echo "Missing cross compiler. Set up PATH according to the README"
exit 1
fi
# Unset CROSS_COMPILE so that if there is any native compiling needed it doesn't
# get cross compiled.
unset CROSS_COMPILE
# Package installations for various sections.
# This will build a minimal XFCE Kali system with a few tools.
# This is the section to edit if you would like to add more packages.
# See http://www.kali.org/new/kali-linux-metapackages/ for meta packages you can
# use. You can also install packages, using just the package name, but keep in
# mind that not all packages work on ARM! If you specify one of those, the
# script will throw an error, but will still continue on, and create an unusable
# image, keep that in mind.
arm="abootimg cgpt fake-hwclock ntpdate u-boot-tools vboot-utils vboot-kernel-utils"
base="apt-transport-https apt-utils console-setup e2fsprogs firmware-linux firmware-realtek firmware-atheros firmware-libertas firmware-samsung ifupdown initramfs-tools iw kali-defaults man-db mlocate netcat-traditional net-tools parted psmisc rfkill screen snmpd snmp sudo tftp tmux unrar usbutils vim wget zerofree"
desktop="kali-menu fonts-croscore fonts-crosextra-caladea fonts-crosextra-carlito gnome-theme-kali gtk3-engines-xfce kali-desktop-xfce kali-root-login lightdm network-manager network-manager-gnome xfce4 xserver-xorg-video-fbdev xserver-xorg-input-synaptics xserver-xorg-input-all xserver-xorg-input-libinput"
tools="aircrack-ng crunch cewl dnsrecon dnsutils ethtool exploitdb hydra john libnfc-bin medusa metasploit-framework mfoc ncrack nmap passing-the-hash proxychains recon-ng sqlmap tcpdump theharvester tor tshark usbutils whois windows-binaries winexe wpscan wireshark"
services="apache2 atftpd openssh-server openvpn tightvncserver"
extras="bluez bluez-firmware iceweasel xfce4-goodies xfce4-terminal wpasupplicant xfonts-terminus"
packages="${arm} ${base} ${services} ${extras}"
architecture="armhf"
# If you have your own preferred mirrors, set them here.
# After generating the rootfs, we set the sources.list to the default settings.
mirror=http.kali.org
kernel_release="R67-10575.B-chromeos-3.8"
# Set this to use an http proxy, like apt-cacher-ng, and uncomment further down
# to unset it.
#export http_proxy="http://localhost:3142/"
mkdir -p "${basedir}"
cd "${basedir}"
# create the rootfs - not much to modify here, except maybe throw in some more packages if you want.
debootstrap --foreign --keyring=/usr/share/keyrings/kali-archive-keyring.gpg --include=kali-archive-keyring --arch ${architecture} ${suite} kali-${architecture} http://${mirror}/kali
cp /usr/bin/qemu-arm-static kali-${architecture}/usr/bin/
LANG=C systemd-nspawn -M ${machine} -D kali-${architecture} /debootstrap/debootstrap --second-stage
mkdir -p kali-${architecture}/etc/apt/
cat << EOF > kali-${architecture}/etc/apt/sources.list
deb http://${mirror}/kali ${suite} main contrib non-free
EOF
# Set hostname
echo "${hostname}" > kali-${architecture}/etc/hostname
# So X doesn't complain, we add kali to hosts
cat << EOF > kali-${architecture}/etc/hosts
127.0.0.1 ${hostname} localhost
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
EOF
mkdir -p kali-${architecture}/etc/network/
cat << EOF > kali-${architecture}/etc/network/interfaces
auto lo
iface lo inet loopback
EOF
cat << EOF > kali-${architecture}/etc/resolv.conf
nameserver 8.8.8.8
EOF
export MALLOC_CHECK_=0 # workaround for LP: #520465
export LC_ALL=C
export DEBIAN_FRONTEND=noninteractive
#mount -t proc proc kali-$architecture/proc
#mount -o bind /dev/ kali-$architecture/dev/
#mount -o bind /dev/pts kali-$architecture/dev/pts
cat << EOF > kali-${architecture}/debconf.set
console-common console-data/keymap/policy select Select keymap from full list
console-common console-data/keymap/full select en-latin1-nodeadkeys
EOF
mkdir -p kali-${architecture}/lib/systemd/system/
cat << 'EOF' > kali-${architecture}/lib/systemd/system/regenerate_ssh_host_keys.service
[Unit]
Description=Regenerate SSH host keys
Before=ssh.service
[Service]
Type=oneshot
ExecStartPre=-/bin/dd if=/dev/hwrng of=/dev/urandom count=1 bs=4096
ExecStartPre=-/bin/sh -c "/bin/rm -f -v /etc/ssh/ssh_host_*_key*"
ExecStart=/usr/bin/ssh-keygen -A -v
ExecStartPost=/bin/sh -c "for i in /etc/ssh/ssh_host_*_key*; do actualsize=$(wc -c <\"$i\") ;if [ $actualsize -eq 0 ]; then echo size is 0 bytes ; exit 1 ; fi ; done ; /bin/systemctl disable regenerate_ssh_host_keys"
[Install]
WantedBy=multi-user.target
EOF
chmod 644 kali-${architecture}/lib/systemd/system/regenerate_ssh_host_keys.service
cat << EOF > kali-${architecture}/third-stage
#!/bin/bash
set -e
dpkg-divert --add --local --divert /usr/sbin/invoke-rc.d.chroot --rename /usr/sbin/invoke-rc.d
cp /bin/true /usr/sbin/invoke-rc.d
echo -e "#!/bin/sh\nexit 101" > /usr/sbin/policy-rc.d
chmod 755 /usr/sbin/policy-rc.d
apt-get update
apt-get --yes --allow-change-held-packages install locales-all
debconf-set-selections /debconf.set
rm -f /debconf.set
apt-get update
apt-get -y install git-core binutils ca-certificates initramfs-tools u-boot-tools
apt-get -y install locales console-common less nano git
echo "root:toor" | chpasswd
rm -f /etc/udev/rules.d/70-persistent-net.rules
export DEBIAN_FRONTEND=noninteractive
apt-get --yes --allow-change-held-packages install ${packages} || apt-get --yes --fix-broken install
apt-get --yes --allow-change-held-packages install ${desktop} ${tools} || apt-get --yes --fix-broken install
apt-get --yes --allow-change-held-packages dist-upgrade
apt-get --yes --allow-change-held-packages autoremove
# Generate SSH host keys on first run
systemctl enable regenerate_ssh_host_keys
systemctl enable ssh
# Copy over the default bashrc
cp /etc/skel/.bashrc /root/.bashrc
# Try and make the console a bit nicer
# Set the terminus font for a bit nicer display.
sed -i -e 's/FONTFACE=.*/FONTFACE="Terminus"/' /etc/default/console-setup
sed -i -e 's/FONTSIZE=.*/FONTSIZE="6x12"/' /etc/default/console-setup
rm -f /usr/sbin/policy-rc.d
rm -f /usr/sbin/invoke-rc.d
dpkg-divert --remove --rename /usr/sbin/invoke-rc.d
rm -f /third-stage
EOF
chmod 755 kali-${architecture}/third-stage
LANG=C systemd-nspawn -M ${machine} -D kali-${architecture} /third-stage
cat << EOF > kali-${architecture}/cleanup
#!/bin/bash
rm -rf /root/.bash_history
apt-get update
apt-get clean
rm -f /0
rm -f /hs_err*
rm -f cleanup
rm -f /usr/bin/qemu*
EOF
chmod 755 kali-${architecture}/cleanup
LANG=C systemd-nspawn -M ${machine} -D kali-${architecture} /cleanup
#umount kali-$architecture/proc/sys/fs/binfmt_misc
#umount kali-$architecture/dev/pts
#umount kali-$architecture/dev/
#umount kali-$architecture/proc
cat << EOF > "${basedir}"/kali-${architecture}/etc/apt/sources.list
deb http://http.kali.org/kali kali-rolling main contrib non-free
deb-src http://http.kali.org/kali kali-rolling main contrib non-free
EOF
# Uncomment this if you use apt-cacher-ng otherwise git clones will fail.
#unset http_proxy
# Pull in the gcc 4.7 cross compiler to build the kernel.
# Debian uses a 7.3 based kernel, and the chromebook kernel doesn't support
# that.
cd "${basedir}"
git clone https://github.com/offensive-security/gcc-arm-linux-gnueabihf-4.7
# Kernel section. If you want to use a custom kernel, or configuration, replace
# them in this section.
git clone --depth 1 https://chromium.googlesource.com/chromiumos/third_party/kernel -b release-${kernel_release} "${basedir}"/kali-${architecture}/usr/src/kernel
cd "${basedir}"/kali-${architecture}/usr/src/kernel
cp "${basedir}"/../kernel-configs/chromebook-3.8.config .config
cp "${basedir}"/../kernel-configs/chromebook-3.8.config ../exynos.config
cp "${basedir}"/../kernel-configs/chromebook-3.8_wireless-3.4.config exynos_wifi34.config
git rev-parse HEAD > "${basedir}"/kali-${architecture}/usr/src/kernel-at-commit
export ARCH=arm
# Edit the CROSS_COMPILE variable as needed.
export CROSS_COMPILE="${basedir}"/gcc-arm-linux-gnueabihf-4.7/bin/arm-linux-gnueabihf-
patch -p1 --no-backup-if-mismatch < "${basedir}"/../patches/mac80211.patch
patch -p1 --no-backup-if-mismatch < "${basedir}"/../patches/0001-exynos-drm-smem-start-len.patch
patch -p1 --no-backup-if-mismatch < "${basedir}"/../patches/0001-mwifiex-do-not-create-AP-and-P2P-interfaces-upon-dri.patch
patch -p1 --no-backup-if-mismatch < "${basedir}"/../patches/0001-Commented-out-pr_debug-line.patch
patch -p1 --no-backup-if-mismatch < "${basedir}"/../patches/0002-Fix-udl_connector-include.patch
make oldconfig || die "Kernel config options added"
make -j $(grep -c processor /proc/cpuinfo)
make dtbs
make modules_install INSTALL_MOD_PATH="${basedir}"/kali-${architecture}
cat << __EOF__ > "${basedir}"/kali-${architecture}/usr/src/kernel/arch/arm/boot/kernel-exynos.its
/dts-v1/;
/ {
description = "Chrome OS kernel image with one or more FDT blobs";
images {
kernel@1{
description = "kernel";
data = /incbin/("zImage");
type = "kernel_noload";
arch = "arm";
os = "linux";
compression = "none";
load = <0>;
entry = <0>;
};
fdt@1{
description = "exynos5250-skate.dtb";
data = /incbin/("dts/exynos5250-skate.dtb");
type = "flat_dt";
arch = "arm";
compression = "none";
hash@1{
algo = "sha1";
};
};
fdt@2{
description = "exynos5250-smdk5250.dtb";
data = /incbin/("dts/exynos5250-smdk5250.dtb");
type = "flat_dt";
arch = "arm";
compression = "none";
hash@1{
algo = "sha1";
};
};
fdt@3{
description = "exynos5250-snow-rev4.dtb";
data = /incbin/("dts/exynos5250-snow-rev4.dtb");
type = "flat_dt";
arch = "arm";
compression = "none";
hash@1{
algo = "sha1";
};
};
fdt@4{
description = "exynos5250-snow-rev5.dtb";
data = /incbin/("dts/exynos5250-snow-rev5.dtb");
type = "flat_dt";
arch = "arm";
compression = "none";
hash@1{
algo = "sha1";
};
};
fdt@5{
description = "exynos5250-spring.dtb";
data = /incbin/("dts/exynos5250-spring.dtb");
type = "flat_dt";
arch = "arm";
compression = "none";
hash@1{
algo = "sha1";
};
};
fdt@6{
description = "exynos5420-peach-kirby.dtb";
data = /incbin/("dts/exynos5420-peach-kirby.dtb");
type = "flat_dt";
arch = "arm";
compression = "none";
hash@1{
algo = "sha1";
};
};
fdt@7{
description = "exynos5420-peach-pit-rev3_5.dtb";
data = /incbin/("dts/exynos5420-peach-pit-rev3_5.dtb");
type = "flat_dt";
arch = "arm";
compression = "none";
hash@1{
algo = "sha1";
};
};
fdt@8{
description = "exynos5420-peach-pit-rev4.dtb";
data = /incbin/("dts/exynos5420-peach-pit-rev4.dtb");
type = "flat_dt";
arch = "arm";
compression = "none";
hash@1{
algo = "sha1";
};
};
fdt@9{
description = "exynos5420-peach-pit.dtb";
data = /incbin/("dts/exynos5420-peach-pit.dtb");
type = "flat_dt";
arch = "arm";
compression = "none";
hash@1{
algo = "sha1";
};
};
fdt@10{
description = "exynos5420-smdk5420.dtb";
data = /incbin/("dts/exynos5420-smdk5420.dtb");
type = "flat_dt";
arch = "arm";
compression = "none";
hash@1{
algo = "sha1";
};
};
fdt@11{
description = "exynos5420-smdk5420-evt0.dtb";
data = /incbin/("dts/exynos5420-smdk5420-evt0.dtb");
type = "flat_dt";
arch = "arm";
compression = "none";
hash@1{
algo = "sha1";
};
};
fdt@12{
description = "exynos5422-peach-pi.dtb";
data = /incbin/("dts/exynos5422-peach-pi.dtb");
type = "flat_dt";
arch = "arm";
compression = "none";
hash@1{
algo = "sha1";
};
};
fdt@13{
description = "exynos5440-ssdk5440.dtb";
data = /incbin/("dts/exynos5440-ssdk5440.dtb");
type = "flat_dt";
arch = "arm";
compression = "none";
hash@1{
algo = "sha1";
};
};
};
configurations {
default = "conf@1";
conf@1{
kernel = "kernel@1";
fdt = "fdt@1";
};
conf@2{
kernel = "kernel@1";
fdt = "fdt@2";
};
conf@3{
kernel = "kernel@1";
fdt = "fdt@3";
};
conf@4{
kernel = "kernel@1";
fdt = "fdt@4";
};
conf@5{
kernel = "kernel@1";
fdt = "fdt@5";
};
conf@6{
kernel = "kernel@1";
fdt = "fdt@6";
};
conf@7{
kernel = "kernel@1";
fdt = "fdt@7";
};
conf@8{
kernel = "kernel@1";
fdt = "fdt@8";
};
conf@9{
kernel = "kernel@1";
fdt = "fdt@9";
};
conf@10{
kernel = "kernel@1";
fdt = "fdt@10";
};
conf@11{
kernel = "kernel@1";
fdt = "fdt@11";
};
conf@12{
kernel = "kernel@1";
fdt = "fdt@12";
};
conf@13{
kernel = "kernel@1";
fdt = "fdt@13";
};
};
};
__EOF__
cd "${basedir}"/kali-${architecture}/usr/src/kernel/arch/arm/boot
mkimage -D "-I dts -O dtb -p 2048" -f kernel-exynos.its exynos-kernel
# microSD Card
echo 'noinitrd console=tty1 quiet root=PARTUUID=%U/PARTNROFF=1 rootwait rw lsm.module_locking=0 net.ifnames=0 rootfstype=ext4' > cmdline
# Pulled from ChromeOS, this is exactly what they do because there's no
# bootloader in the kernel partition on ARM.
dd if=/dev/zero of=bootloader.bin bs=512 count=1
vbutil_kernel --arch arm --pack "${basedir}"/kernel.bin --keyblock /usr/share/vboot/devkeys/kernel.keyblock --signprivate /usr/share/vboot/devkeys/kernel_data_key.vbprivk --version 1 --config cmdline --bootloader bootloader.bin --vmlinuz exynos-kernel
cd "${basedir}"/kali-${architecture}/usr/src/kernel/
make mrproper
cp ../exynos.config .config
make modules_prepare
cd "${basedir}"
# Fix up the symlink for building external modules
# kernver is used so we don't need to keep track of what the current compiled
# version is
kernver=$(ls "${basedir}"/kali-${architecture}/lib/modules/)
cd "${basedir}"/kali-${architecture}/lib/modules/${kernver}
rm build
rm source
ln -s /usr/src/kernel build
ln -s /usr/src/kernel source
cd "${basedir}"
# Bit of a hack to hide eMMC partitions from XFCE
cat << EOF > "${basedir}"/kali-${architecture}/etc/udev/rules.d/99-hide-emmc-partitions.rules
KERNEL=="mmcblk0*", ENV{UDISKS_IGNORE}="1"
EOF
# Disable uap0 and p2p0 interfaces in NetworkManager
printf '\n[keyfile]\nunmanaged-devices=interface-name:p2p0\n' >> "${basedir}"/kali-${architecture}/etc/NetworkManager/NetworkManager.conf
# Touchpad configuration
mkdir -p "${basedir}"/kali-${architecture}/etc/X11/xorg.conf.d
cat << EOF > "${basedir}"/kali-${architecture}/etc/X11/xorg.conf.d/10-synaptics-chromebook.conf
Section "InputClass"
Identifier "touchpad"
MatchIsTouchpad "on"
Driver "synaptics"
Option "TapButton1" "1"
Option "TapButton2" "3"
Option "TapButton3" "2"
Option "FingerLow" "15"
Option "FingerHigh" "20"
Option "FingerPress" "256"
EndSection
EOF
# Turn off Accel.
cat << EOF > "${basedir}"/kali-${architecture}/etc/X11/xorg.conf.d/20-modesetting.conf
Section "Driver"
Identifier "Exynos Video"
Driver "modesetting"
Option "AccelMethod" "none"
EndSection
EOF
# Mali GPU rules aka mali-rules package in ChromeOS
cat << EOF > "${basedir}"/kali-${architecture}/etc/udev/rules.d/50-mali.rules
KERNEL=="mali0", MODE="0660", GROUP="video"
EOF
# Video rules aka media-rules package in ChromeOS
cat << EOF > "${basedir}"/kali-${architecture}/etc/udev/rules.d/50-media.rules
ATTR{name}=="s5p-mfc-dec", SYMLINK+="video-dec"
ATTR{name}=="s5p-mfc-enc", SYMLINK+="video-enc"
ATTR{name}=="s5p-jpeg-dec", SYMLINK+="jpeg-dec"
ATTR{name}=="exynos-gsc.0*", SYMLINK+="image-proc0"
ATTR{name}=="exynos-gsc.1*", SYMLINK+="image-proc1"
ATTR{name}=="exynos-gsc.2*", SYMLINK+="image-proc2"
ATTR{name}=="exynos-gsc.3*", SYMLINK+="image-proc3"
ATTR{name}=="rk3288-vpu-dec", SYMLINK+="video-dec"
ATTR{name}=="rk3288-vpu-enc", SYMLINK+="video-enc"
ATTR{name}=="go2001-dec", SYMLINK+="video-dec"
ATTR{name}=="go2001-enc", SYMLINK+="video-enc"
ATTR{name}=="mt81xx-vcodec-dec", SYMLINK+="video-dec"
ATTR{name}=="mt81xx-vcodec-enc", SYMLINK+="video-enc"
ATTR{name}=="mt81xx-image-proc", SYMLINK+="image-proc0"
EOF
# This is for Peach - kinda a hack, never really worked properly they say.
# Ambient light sensor
cat << EOF > "${basedir}"/kali-${architecture}/lib/udev/light-sensor-set-multiplier.sh
#!/bin/sh
# Copyright (c) 2012 The Chromium OS Authors. All rights reserved.
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
# In iio/devices, find device0 on 3.0.x kernels and iio:device0 on 3.2 kernels.
for FILE in /sys/bus/iio/devices/*/in_illuminance0_calibscale; do
# Set the light sensor calibration value.
echo 5.102040 > \$FILE && break;
done
for FILE in /sys/bus/iio/devices/*/in_illuminance1_calibscale; do
# Set the IR compensation calibration value.
echo 0.053425 > \$FILE && break;
done
for FILE in /sys/bus/iio/devices/*/range; do
# Set the light sensor range value (max lux)
echo 16000 > \$FILE && break;
done
for FILE in /sys/bus/iio/devices/*/continuous; do
# Change the measurement mode to the continuous mode
echo als > \$FILE && break;
done
EOF
cat << EOF > "${basedir}"/kali-${architecture}/lib/udev/rules.d/99-light-sensor.rules
# Calibrate the light sensor when the isl29018 driver is installed.
ACTION=="add", SUBSYSTEM=="drivers", KERNEL=="isl29018", RUN+="light-sensor-set-multiplier.sh"
EOF
cp "${basedir}"/../misc/zram "${basedir}"/kali-${architecture}/etc/init.d/zram
chmod 755 "${basedir}"/kali-${architecture}/etc/init.d/zram
cd "${basedir}"
sed -i -e 's/^#PermitRootLogin.*/PermitRootLogin yes/' "${basedir}"/kali-${architecture}/etc/ssh/sshd_config
echo "Creating image file ${imagename}.img"
dd if=/dev/zero of="${basedir}"/${imagename}.img bs=1M count=${size}
parted ${imagename}.img --script -- mklabel gpt
cgpt create -z ${imagename}.img
cgpt create ${imagename}.img
cgpt add -i 1 -t kernel -b 8192 -s 32768 -l kernel -S 1 -T 5 -P 10 ${imagename}.img
cgpt add -i 2 -t data -b 40960 -s `expr $(cgpt show ${imagename}.img | grep 'Sec GPT table' | awk '{ print \$1 }') - 40960` -l Root ${imagename}.img
loopdevice=`losetup -f --show "${basedir}"/${imagename}.img`
device=`kpartx -va ${loopdevice} | sed 's/.*\(loop[0-9]\+\)p.*/\1/g' | head -1`
sleep 5
device="/dev/mapper/${device}"
bootp=${device}p1
rootp=${device}p2
mkfs.ext4 -O ^flex_bg -O ^metadata_csum -L rootfs ${rootp}
mkdir -p "${basedir}"/root
mount ${rootp} "${basedir}"/root
# We do this down here to get rid of the build system's resolv.conf after running through the build.
cat << EOF > kali-${architecture}/etc/resolv.conf
nameserver 8.8.8.8
EOF
echo "Rsyncing rootfs into image file"
rsync -HPavz -q "${basedir}"/kali-${architecture}/ "${basedir}"/root/
# Unmount partition
sync
umount ${rootp}
dd if="${basedir}"/kernel.bin of=${bootp}
cgpt repair ${loopdevice}
kpartx -dv ${loopdevice}
losetup -d ${loopdevice}
# Don't pixz on 32bit, there isn't enough memory to compress the images.
MACHINE_TYPE=`uname -m`
if [ ${MACHINE_TYPE} == 'x86_64' ]; then
echo "Compressing ${imagename}.img"
pixz "${basedir}"/${imagename}.img "${basedir}"/../${imagename}.img.xz
rm "${basedir}"/${imagename}.img
fi
# Clean up all the temporary build stuff and remove the directories.
# Comment this out to keep things around if you want to see what may have gone
# wrong.
echo "Removing temporary build files"
rm -rf "${basedir}"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment