malhuda/KernelSU
1
0
Fork 0
mirror of https://github.com/tiann/KernelSU.git synced 2025-02-20 11:43:32 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

ci: common kernel build and embed ksud (#127)

Browse Source
This commit is contained in:
Ylarod 2023-01-28 12:24:43 +08:00 committed by GitHub
parent 0dae6ebaee
commit 905c041a76
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
10 changed files with 499 additions and 359 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

186
.github/workflows/build-kernel-5.10.yml vendored
View File

@ -1,186 +0,0 @@
name: Build Kernel 5.10
on:
push:
branches: [ "main" ]
paths:
- '.github/workflows/build-kernel-5.10.yml'
- 'kernel/**'
pull_request:
branches: [ "main" ]
paths:
- 'kernel/**'
jobs:
build:
strategy:
matrix:
include:
- version: android12-5.10-66
tag: android12-5.10-2021-11
os_version: 12.0.0
os_patch_level: 2021-11
- version: android12-5.10-81
tag: android12-5.10-2022-03
os_version: 12.0.0
os_patch_level: 2022-03
- version: android12-5.10-101
tag: android12-5.10-2022-05
os_version: 12.0.0
os_patch_level: 2022-05
- version: android12-5.10-110
tag: android12-5.10-2022-07
os_version: 12.0.0
os_patch_level: 2022-07
- version: android12-5.10-136
tag: android12-5.10-2022-11
os_version: 12.0.0
os_patch_level: 2022-11
name: Build aarch64-${{ matrix.version }}
runs-on: ubuntu-latest
env:
CCACHE_COMPILERCHECK: "%compiler% -dumpmachine; %compiler% -dumpversion"
CCACHE_NOHASHDIR: "true"
CCACHE_MAXSIZE: "2G"
CCACHE_HARDLINK: "true"
steps:
- uses: actions/checkout@v3
with:
path: KernelSU
fetch-depth: 0
- uses: hendrikmuhs/ccache-action@v1.2
with:
key: ccache-aarch64-${{ matrix.version }}
append-timestamp: false
save: ${{ github.event_name != 'pull_request' }}
- name: Setup need_upload
id: need_upload
run: |
if [ ! -z "${{ secrets.BOT_TOKEN }}" ]; then
echo "UPLOAD=true" >> $GITHUB_OUTPUT
else
echo "UPLOAD=false" >> $GITHUB_OUTPUT
fi
- name: Setup kernel source
run: |
cd $GITHUB_WORKSPACE
git clone https://gerrit.googlesource.com/git-repo
mkdir android-kernel && cd android-kernel
../git-repo/repo init --depth=1 --u https://android.googlesource.com/kernel/manifest -b common-${{ matrix.tag }}
../git-repo/repo sync -j$(nproc --all)
curl -Lo gki-kernel.zip https://dl.google.com/android/gki/gki-certified-boot-${{ matrix.tag }}_r1.zip
unzip gki-kernel.zip
tools/mkbootimg/unpack_bootimg.py --boot_img=$(find . -maxdepth 1 -name "*.img")
- name: Setup KernelSU
env:
PATCH_PATH: "5.10"
run: |
cd $GITHUB_WORKSPACE/android-kernel
echo "[+] KernelSU setup"
GKI_ROOT=$(pwd)
echo "[+] GKI_ROOT: $GKI_ROOT"
echo "[+] Copy kernel su driver to $GKI_ROOT/common/drivers"
ln -sf $GITHUB_WORKSPACE/KernelSU/kernel $GKI_ROOT/common/drivers/kernelsu
echo "[+] Add kernel su driver to Makefile"
DRIVER_MAKEFILE=$GKI_ROOT/common/drivers/Makefile
grep -q "kernelsu" $DRIVER_MAKEFILE || echo "obj-y += kernelsu/" >> $DRIVER_MAKEFILE
echo "[+] Apply KernelSU patches"
cd $GKI_ROOT/common/ && git apply $GITHUB_WORKSPACE/KernelSU/.github/patches/$PATCH_PATH/*.patch
cd -
echo "[+] KernelSU setup Done."
- name: Symbol magic
run: |
echo "[+] Export all symbol from abi_gki_aarch64.xml"
COMMON_ROOT=$GITHUB_WORKSPACE/android-kernel/common
KSU_ROOT=$GITHUB_WORKSPACE/KernelSU
ABI_XML=$COMMON_ROOT/android/abi_gki_aarch64.xml
SYMBOL_LIST=$COMMON_ROOT/android/abi_gki_aarch64
# python3 $KSU_ROOT/scripts/abi_gki_all.py $ABI_XML > $SYMBOL_LIST
echo "[+] Add KernelSU symbols"
cat $KSU_ROOT/kernel/export_symbol.txt | awk '{sub("[ \t]+","");print " "$0}' >> $SYMBOL_LIST
- name: Set boot sign key
if: ${{ ( github.event_name != 'pull_request' && github.ref == 'refs/heads/main' ) || github.ref_type == 'tag' }}
working-directory: android-kernel
env:
BOOT_SIGN_KEY: ${{ secrets.BOOT_SIGN_KEY }}
run: |
if [ ! -z "$BOOT_SIGN_KEY" ]; then
echo "$BOOT_SIGN_KEY" > prebuilts/kernel-build-tools/linux-x86/share/avb/testkey_rsa2048.pem
fi
- name: Build boot.img
working-directory: android-kernel
run: CCACHE="/usr/bin/ccache" BUILD_BOOT_IMG=1 SKIP_VENDOR_BOOT=1 KERNEL_BINARY=Image GKI_RAMDISK_PREBUILT_BINARY=out/ramdisk AVB_SIGN_BOOT_IMG=1 AVB_BOOT_PARTITION_SIZE=$((64*1024*1024)) AVB_BOOT_ALGORITHM=SHA256_RSA2048 AVB_BOOT_KEY=prebuilts/kernel-build-tools/linux-x86/share/avb/testkey_rsa2048.pem BOOT_IMAGE_HEADER_VERSION=4 LTO=thin BUILD_CONFIG=common/build.config.gki.aarch64 build/build.sh
- name: Build boot-lz4.img
working-directory: android-kernel
run: |
tools/mkbootimg/mkbootimg.py --header_version 4 --kernel ./out/android12-5.10/dist/Image.lz4 --ramdisk out/ramdisk --output ./out/android12-5.10/dist/boot-lz4.img --os_version ${{ matrix.os_version }} --os_patch_level ${{ matrix.os_patch_level }}
./build/build-tools/path/linux-x86/avbtool add_hash_footer --partition_name boot --partition_size $((64*1024*1024)) --image out/android12-5.10/dist/boot-lz4.img --algorithm SHA256_RSA2048 --key ./prebuilts/kernel-build-tools/linux-x86/share/avb/testkey_rsa2048.pem
- name: Build boot-gz.img
working-directory: android-kernel
run: |
cat out/android12-5.10/dist/Image | ./prebuilts/build-tools/path/linux-x86/gzip -n -f -9 > out/android12-5.10/dist/Image.gz
tools/mkbootimg/mkbootimg.py --header_version 4 --kernel ./out/android12-5.10/dist/Image.gz --ramdisk out/ramdisk --output ./out/android12-5.10/dist/boot-gz.img --os_version ${{ matrix.os_version }} --os_patch_level ${{ matrix.os_patch_level }}
./build/build-tools/path/linux-x86/avbtool add_hash_footer --partition_name boot --partition_size $((64*1024*1024)) --image out/android12-5.10/dist/boot-gz.img --algorithm SHA256_RSA2048 --key ./prebuilts/kernel-build-tools/linux-x86/share/avb/testkey_rsa2048.pem
- name: Upload Image.gz
uses: actions/upload-artifact@v3
with:
name: kernel-aarch64-${{ matrix.version }}-Image.gz
path: android-kernel/out/android12-5.10/dist/Image.gz
- name: Upload boot.img
uses: actions/upload-artifact@v3
with:
name: kernel-aarch64-${{ matrix.version }}-boot.img
path: android-kernel/out/android12-5.10/dist/boot.img
- name: Upload boot-lz4.img
uses: actions/upload-artifact@v3
with:
name: kernel-aarch64-${{ matrix.version }}-boot-lz4.img
path: android-kernel/out/android12-5.10/dist/boot-lz4.img
- name: Upload boot-gz.img
uses: actions/upload-artifact@v3
with:
name: kernel-aarch64-${{ matrix.version }}-boot-gz.img
path: android-kernel/out/android12-5.10/dist/boot-gz.img
- name: Setup mutex for uploading
if: github.event_name != 'pull_request' && steps.need_upload.outputs.UPLOAD == 'true'
uses: ben-z/gh-action-mutex@v1.0-alpha-7
- name: Upload to telegram
if: github.event_name != 'pull_request' && steps.need_upload.outputs.UPLOAD == 'true'
env:
CHAT_ID: ${{ secrets.CHAT_ID }}
CACHE_CHAT_ID: ${{ secrets.CACHE_CHAT_ID }}
BOT_TOKEN: ${{ secrets.BOT_TOKEN }}
MESSAGE_THREAD_ID: ${{ secrets.MESSAGE_THREAD_ID }}
COMMIT_MESSAGE: ${{ github.event.head_commit.message }}
COMMIT_URL: ${{ github.event.head_commit.url }}
RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
TITLE: kernel-aarch64-${{ matrix.version }}
run: |
if [ ! -z "${{ secrets.BOT_TOKEN }}" ]; then
cd $GITHUB_WORKSPACE/KernelSU
export VERSION=$(git rev-list --count HEAD)
cd -
OUTDIR=android-kernel/out/android12-5.10/dist
IMAGE_GZ=${{ matrix.version }}-Image.gz
BOOT=${{ matrix.version }}-boot.img.zip
BOOT_LZ4=${{ matrix.version }}-boot-lz4.img.zip
BOOT_GZ=${{ matrix.version }}-boot-gz.img.zip
mv $OUTDIR/Image.gz $IMAGE_GZ
zip $BOOT -j -r $OUTDIR/boot.img
zip $BOOT_LZ4 -j -r $OUTDIR/boot-lz4.img
zip $BOOT_GZ -j -r $OUTDIR/boot-gz.img
pip3 install python-telegram-bot
python3 $GITHUB_WORKSPACE/KernelSU/scripts/ksubot.py $IMAGE_GZ $BOOT $BOOT_LZ4 $BOOT_GZ
fi

137
.github/workflows/build-kernel-5.15.yml vendored
View File

@ -1,137 +0,0 @@
name: Build Kernel 5.15
on:
push:
branches: [ "main" ]
paths:
- '.github/workflows/build-kernel-5.15.yml'
- 'kernel/**'
pull_request:
branches: [ "main" ]
paths:
- 'kernel/**'
jobs:
build:
strategy:
matrix:
include:
- version: "android13-5.15-41"
tag: "android13-5.15-2022-11"
os_version: 13.0.0
os_version_level: "2022-11"
- version: "android13-5.15-74"
tag: "android13-5.15-2022-12"
os_version: 13.0.0
os_version_level: "2022-12"
name: Build aarch64-${{ matrix.version }}
runs-on: ubuntu-latest
env:
CCACHE_COMPILERCHECK: "%compiler% -dumpmachine; %compiler% -dumpversion"
CCACHE_NOHASHDIR: "true"
CCACHE_MAXSIZE: "2G"
CCACHE_HARDLINK: "true"
steps:
- uses: actions/checkout@v3
with:
path: KernelSU
fetch-depth: 0
- uses: hendrikmuhs/ccache-action@v1.2
with:
key: ccache-aarch64-${{ matrix.version }}
append-timestamp: false
save: ${{ github.event_name != 'pull_request' }}
- name: Setup need_upload
id: need_upload
run: |
if [ ! -z "${{ secrets.BOT_TOKEN }}" ]; then
echo "UPLOAD=true" >> $GITHUB_OUTPUT
else
echo "UPLOAD=false" >> $GITHUB_OUTPUT
fi
- name: Setup kernel source
run: |
cd $GITHUB_WORKSPACE
git clone https://gerrit.googlesource.com/git-repo
mkdir android-kernel && cd android-kernel
../git-repo/repo init --depth=1 --u https://android.googlesource.com/kernel/manifest -b common-${{ matrix.tag }}
../git-repo/repo sync -j$(nproc --all)
curl -Lo gki-kernel.zip https://dl.google.com/android/gki/gki-certified-boot-${{ matrix.tag }}_r1.zip
unzip gki-kernel.zip
tools/mkbootimg/unpack_bootimg.py --boot_img=$(find . -maxdepth 1 -name "*.img")
- name: Setup KernelSU
env:
PATCH_PATH: "5.15"
run: |
cd $GITHUB_WORKSPACE/android-kernel
echo "[+] KernelSU setup"
GKI_ROOT=$(pwd)
echo "[+] GKI_ROOT: $GKI_ROOT"
echo "[+] Copy kernel su driver to $GKI_ROOT/common/drivers"
ln -sf $GITHUB_WORKSPACE/KernelSU/kernel $GKI_ROOT/common/drivers/kernelsu
echo "[+] Add kernel su driver to Makefile"
DRIVER_MAKEFILE=$GKI_ROOT/common/drivers/Makefile
grep -q "kernelsu" $DRIVER_MAKEFILE || echo "obj-y += kernelsu/" >> $DRIVER_MAKEFILE
echo "[+] Apply KernelSU patches"
cd $GKI_ROOT/common/ && git apply $GITHUB_WORKSPACE/KernelSU/.github/patches/$PATCH_PATH/*.patch
cd -
echo "[+] KernelSU setup Done."
- name: Symbol magic
run: |
echo "[+] Export all symbol from abi_gki_aarch64.xml"
COMMON_ROOT=$GITHUB_WORKSPACE/android-kernel/common
KSU_ROOT=$GITHUB_WORKSPACE/KernelSU
ABI_XML=$COMMON_ROOT/android/abi_gki_aarch64.xml
SYMBOL_LIST=$COMMON_ROOT/android/abi_gki_aarch64
# python3 $KSU_ROOT/scripts/abi_gki_all.py $ABI_XML > $SYMBOL_LIST
echo "[+] Add KernelSU symbols"
cat $KSU_ROOT/kernel/export_symbol.txt | awk '{sub("[ \t]+","");print " "$0}' >> $SYMBOL_LIST
- name: Set boot sign key
if: ${{ ( github.event_name != 'pull_request' && github.ref == 'refs/heads/main' ) || github.ref_type == 'tag' }}
working-directory: android-kernel
env:
BOOT_SIGN_KEY: ${{ secrets.BOOT_SIGN_KEY }}
run: |
if [ ! -z "$BOOT_SIGN_KEY" ]; then
echo "$BOOT_SIGN_KEY" > prebuilts/kernel-build-tools/linux-x86/share/avb/testkey_rsa2048.pem
fi
- name: Build boot.img
working-directory: android-kernel
run: CCACHE="/usr/bin/ccache" BUILD_BOOT_IMG=1 SKIP_VENDOR_BOOT=1 KERNEL_BINARY=Image AVB_SIGN_BOOT_IMG=1 AVB_BOOT_PARTITION_SIZE=$((64*1024*1024)) AVB_BOOT_ALGORITHM=SHA256_RSA2048 AVB_BOOT_KEY=prebuilts/kernel-build-tools/linux-x86/share/avb/testkey_rsa2048.pem BOOT_IMAGE_HEADER_VERSION=4 LTO=thin BUILD_CONFIG=common/build.config.gki.aarch64 build/build.sh
- name: Upload boot.img
uses: actions/upload-artifact@v3
with:
name: kernel-aarch64-${{ matrix.version }}-boot.img
path: android-kernel/out/*/dist/boot.img
- name: Setup mutex for uploading
uses: ben-z/gh-action-mutex@v1.0-alpha-7
if: github.event_name != 'pull_request' && steps.need_upload.outputs.UPLOAD == 'true'
- name: Upload to telegram
if: github.event_name != 'pull_request' && steps.need_upload.outputs.UPLOAD == 'true'
env:
CHAT_ID: ${{ secrets.CHAT_ID }}
CACHE_CHAT_ID: ${{ secrets.CACHE_CHAT_ID }}
BOT_TOKEN: ${{ secrets.BOT_TOKEN }}
MESSAGE_THREAD_ID: ${{ secrets.MESSAGE_THREAD_ID }}
COMMIT_MESSAGE: ${{ github.event.head_commit.message }}
COMMIT_URL: ${{ github.event.head_commit.url }}
RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
TITLE: kernel-aarch64-${{ matrix.version }}
run: |
if [ ! -z "${{ secrets.BOT_TOKEN }}" ]; then
cd $GITHUB_WORKSPACE/KernelSU
export VERSION=$(git rev-list --count HEAD)
cd -
OUTDIR=android-kernel/out/android13-5.15/dist
BOOT=${{ matrix.version }}-boot.img.zip
zip $BOOT -j -r $OUTDIR/boot.img
pip3 install python-telegram-bot
python3 $GITHUB_WORKSPACE/KernelSU/scripts/ksubot.py $BOOT
fi

55
.github/workflows/build-kernel-a12.yml vendored Normal file
View File

@ -0,0 +1,55 @@
name: Build Kernel - Android 12
on:
push:
branches: ["main", "ci"]
paths:
- ".github/workflows/build-kernel-a12.yml"
- ".github/workflows/gki-kernel.yml"
- "kernel/**"
pull_request:
branches: ["main"]
paths:
- ".github/workflows/build-kernel-a12.yml"
- ".github/workflows/gki-kernel.yml"
- "kernel/**"
jobs:
build-ksud:
uses: ./.github/workflows/ksud.yml
with:
target: aarch64-linux-android
build-kernel:
needs: build-ksud
if: github.event_name != 'pull_request'
strategy:
matrix:
include:
- sub_level: 66
os_patch_level: 2021-11
- sub_level: 81
os_patch_level: 2022-03
- sub_level: 101
os_patch_level: 2022-05
- sub_level: 110
os_patch_level: 2022-07
- sub_level: 136
os_patch_level: 2022-11
uses: ./.github/workflows/gki-kernel.yml
secrets: inherit
with:
version: android12-5.10
version_name: android12-5.10.${{ matrix.sub_level }}
tag: android12-5.10-${{ matrix.os_patch_level }}
os_version: 12.0.0
os_patch_level: ${{ matrix.os_patch_level }}
patch_path: "5.10"
check-build-kernel:
needs: build-ksud
if: github.event_name == 'pull_request'
uses: ./.github/workflows/gki-kernel.yml
with:
version: android12-5.10
version_name: android12-5.10.101
tag: android12-5.10-2022-05
os_version: 12.0.0
os_patch_level: 2022-05
patch_path: "5.10"

63
.github/workflows/build-kernel-a13.yml vendored Normal file
View File

@ -0,0 +1,63 @@
name: Build Kernel - Android 13
on:
push:
branches: ["main", "ci"]
paths:
- ".github/workflows/build-kernel-a13.yml"
- ".github/workflows/gki-kernel.yml"
- "kernel/**"
pull_request:
branches: ["main"]
paths:
- ".github/workflows/build-kernel-a13.yml"
- ".github/workflows/gki-kernel.yml"
- "kernel/**"
jobs:
build-ksud:
uses: ./.github/workflows/ksud.yml
with:
target: aarch64-linux-android
build-kernel:
needs: build-ksud
if: github.event_name != 'pull_request'
strategy:
matrix:
include:
- version: "5.10"
sub_level: 107
os_patch_level: 2022-11
- version: "5.15"
sub_level: 41
os_patch_level: 2022-11
- version: "5.15"
sub_level: 74
os_patch_level: 2022-12
uses: ./.github/workflows/gki-kernel.yml
secrets: inherit
with:
version: android13-${{ matrix.version }}
version_name: android13-${{ matrix.version }}.${{ matrix.sub_level }}
tag: android13-${{ matrix.version }}-${{ matrix.os_patch_level }}
os_version: 13.0.0
os_patch_level: ${{ matrix.os_patch_level }}
patch_path: ${{ matrix.version }}
check-build-kernel:
needs: build-ksud
if: github.event_name == 'pull_request'
strategy:
matrix:
include:
- version: "5.10"
sub_level: 107
os_patch_level: 2022-11
- version: "5.15"
sub_level: 41
os_patch_level: 2022-11
uses: ./.github/workflows/gki-kernel.yml
with:
version: android13-${{ matrix.version }}
version_name: android13-${{ matrix.version }}.${{ matrix.sub_level }}
tag: android13-${{ matrix.version }}-${{ matrix.os_patch_level }}
os_version: 13.0.0
os_patch_level: ${{ matrix.os_patch_level }}
patch_path: ${{ matrix.version }}

41
.github/workflows/build-ksud.yml vendored
View File

@ -1,10 +1,10 @@
name: Build KSUD
on:
workflow_call:
push:
branches: [ "main" ]
branches: [ "main", "ci" ]
paths:
- '.github/workflows/build-ksud.yml'
- '.github/workflows/ksud.yml'
- 'userspace/ksud/**'
pull_request:
branches: [ "main" ]
@ -17,37 +17,6 @@ jobs:
include:
- target: aarch64-linux-android
- target: x86_64-linux-android
name: Build KSUD
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Set up cargo cache
uses: actions/cache@v3
continue-on-error: false
with:
path: |
~/.cargo/bin/
~/.cargo/registry/index/
~/.cargo/registry/cache/
~/.cargo/git/db/
key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }}
restore-keys: ${{ runner.os }}-cargo-
- name: Set up ksud build cache
uses: actions/cache@v3
continue-on-error: false
with:
path: ./userspace/ksud/target/
key: ${{ runner.os }}-ksud-${{ hashFiles('**/Cargo.lock') }}-${{ matrix.target }}
restore-keys: ${{ runner.os }}-ksud-
- name: Build ksud
uses: actions-rs/cargo@v1
with:
use-cross: true
command: build
args: --target ${{ matrix.target }} --release --manifest-path ./userspace/ksud/Cargo.toml
- name: Upload ksud artifact
uses: actions/upload-artifact@v3
with:
name: ksud-${{ matrix.target }}
path: ./userspace/ksud/target/**/release/ksud
uses: ./.github/workflows/ksud.yml
with:
target: ${{ matrix.target }}

267
.github/workflows/gki-kernel.yml vendored Normal file
View File

@ -0,0 +1,267 @@
name: GKI Kernel Build
on:
workflow_call:
inputs:
version:
required: true
type: string
description: >
Output directory of gki,
for example: android12-5.10
version_name:
required: true
type: string
description: >
With SUBLEVEL of kernel,
for example: android12-5.10.66
tag:
required: true
type: string
description: >
Part of branch name of common kernel manifest,
for example: android12-5.10-2021-11
os_version:
required: true
type: string
description: >
Android version,
for example: 12.0.0
os_patch_level:
required: true
type: string
description: >
Part of branch name of common kernel manifest,
for example: 2021-11
patch_path:
required: true
type: string
description: >
Directory name of .github/patches/<patch_path>
for example: 5.10
use_cache:
required: false
type: boolean
default: true
embed_ksud:
required: false
type: string
default: ksud-aarch64-linux-android
description: >
Artifact name of prebuilt ksud to be embedded
for example: 5.10
secrets:
BOOT_SIGN_KEY:
required: false
CHAT_ID:
required: false
CACHE_CHAT_ID:
required: false
BOT_TOKEN:
required: false
MESSAGE_THREAD_ID:
required: false
jobs:
build:
name: Build ${{ inputs.version_name }}
runs-on: ubuntu-latest
env:
CCACHE_COMPILERCHECK: "%compiler% -dumpmachine; %compiler% -dumpversion"
CCACHE_NOHASHDIR: "true"
CCACHE_MAXSIZE: "2G"
CCACHE_HARDLINK: "true"
OUTPUT_IMAGE_GZ: ${{ inputs.version_name }}-Image.gz
OUTPUT_BOOT: ${{ inputs.version_name }}-boot.img.zip
OUTPUT_BOOT_GZ: ${{ inputs.version_name }}-boot-gz.img.zip
OUTPUT_BOOT_LZ4_LG: ${{ inputs.version_name }}-boot-lz4_lg.img.zip
OUTPUT_BOOT_LZ4_LEGACY: ${{ inputs.version_name }}-boot-lz4_legacy.img.zip
steps:
- uses: actions/checkout@v3
with:
path: KernelSU
fetch-depth: 0
- uses: hendrikmuhs/ccache-action@v1.2
if: inputs.use_cache == true
with:
key: ccache-aarch64-${{ inputs.version_name }}
append-timestamp: false
save: ${{ github.event_name != 'pull_request' }}
- name: Setup need_upload
id: need_upload
run: |
if [ ! -z "${{ secrets.BOT_TOKEN }}" ]; then
echo "UPLOAD=true" >> $GITHUB_OUTPUT
else
echo "UPLOAD=false" >> $GITHUB_OUTPUT
fi
- name: Setup kernel source
run: |
cd $GITHUB_WORKSPACE
git clone https://gerrit.googlesource.com/git-repo
mkdir android-kernel && cd android-kernel
../git-repo/repo init --depth=1 --u https://android.googlesource.com/kernel/manifest -b common-${{ inputs.tag }}
../git-repo/repo sync -j$(nproc --all)
curl -Lo gki-kernel.zip https://dl.google.com/android/gki/gki-certified-boot-${{ inputs.tag }}_r1.zip
unzip gki-kernel.zip
tools/mkbootimg/unpack_bootimg.py --boot_img=$(find . -maxdepth 1 -name "*.img")
- name: Setup version related environment
working-directory: android-kernel
run: |
case ${{ inputs.version }} in
android12-5.10)
export AVBTOOL=./build/build-tools/path/linux-x86/avbtool
;;
android13-5.10 | android13-5.15 )
export AVBTOOL=./build/kernel/build-tools/path/linux-x86/avbtool
;;
*)
export AVBTOOL=$(find ./build -name "avbtool")
echo "find result: $AVBTOOL"
;;
esac
echo "AVBTOOL: $AVBTOOL"
if [ ! -f "$AVBTOOL" ]; then
echo "Don't find AVBTOOL, please fixup this script"
crash_this_workflow
fi
echo "AVBTOOL=$AVBTOOL" >> $GITHUB_ENV
- name: Download prebuilt ksud from artifacts
uses: actions/download-artifact@v3
with:
name: ${{ inputs.embed_ksud }}
path: .
- name: Setup KernelSU
env:
PATCH_PATH: ${{ inputs.patch_path }}
run: |
cd $GITHUB_WORKSPACE/android-kernel
echo "[+] KernelSU setup"
GKI_ROOT=$(pwd)
echo "[+] GKI_ROOT: $GKI_ROOT"
echo "[+] Copy KernelSU driver to $GKI_ROOT/common/drivers"
ln -sf $GITHUB_WORKSPACE/KernelSU/kernel $GKI_ROOT/common/drivers/kernelsu
echo "[+] Add KernelSU driver to Makefile"
DRIVER_MAKEFILE=$GKI_ROOT/common/drivers/Makefile
grep -q "kernelsu" $DRIVER_MAKEFILE || echo "obj-y += kernelsu/" >> $DRIVER_MAKEFILE
echo "[+] Apply KernelSU patches"
cd $GKI_ROOT/common/ && git apply $GITHUB_WORKSPACE/KernelSU/.github/patches/$PATCH_PATH/*.patch
cd $GITHUB_WORKSPACE
echo "[+] Build embed_ksud.c"
python3 ./KernelSU/scripts/bin2c.py ./aarch64-linux-android/release/ksud ksud > ./KernelSU/kernel/embed_ksud.c
echo "[+] KernelSU setup done."
- name: Symbol magic
run: |
echo "[+] Export all symbol from abi_gki_aarch64.xml"
COMMON_ROOT=$GITHUB_WORKSPACE/android-kernel/common
KSU_ROOT=$GITHUB_WORKSPACE/KernelSU
ABI_XML=$COMMON_ROOT/android/abi_gki_aarch64.xml
SYMBOL_LIST=$COMMON_ROOT/android/abi_gki_aarch64
# python3 $KSU_ROOT/scripts/abi_gki_all.py $ABI_XML > $SYMBOL_LIST
echo "[+] Add KernelSU symbols"
cat $KSU_ROOT/kernel/export_symbol.txt | awk '{sub("[ \t]+","");print " "$0}' >> $SYMBOL_LIST
- name: Setup boot sign key
if: ${{ ( github.event_name != 'pull_request' && github.ref == 'refs/heads/main' ) || github.ref_type == 'tag' }}
working-directory: android-kernel
env:
BOOT_SIGN_KEY: ${{ secrets.BOOT_SIGN_KEY }}
run: |
if [ ! -z "$BOOT_SIGN_KEY" ]; then
echo "$BOOT_SIGN_KEY" > prebuilts/kernel-build-tools/linux-x86/share/avb/testkey_rsa2048.pem
fi
- name: Build boot.img
working-directory: android-kernel
run: CCACHE="/usr/bin/ccache" BUILD_BOOT_IMG=1 SKIP_VENDOR_BOOT=1 KERNEL_BINARY=Image GKI_RAMDISK_PREBUILT_BINARY=out/ramdisk AVB_SIGN_BOOT_IMG=1 AVB_BOOT_PARTITION_SIZE=$((64*1024*1024)) AVB_BOOT_ALGORITHM=SHA256_RSA2048 AVB_BOOT_KEY=prebuilts/kernel-build-tools/linux-x86/share/avb/testkey_rsa2048.pem BOOT_IMAGE_HEADER_VERSION=4 LTO=thin BUILD_CONFIG=common/build.config.gki.aarch64 build/build.sh
- name: Build boot-gz.img
working-directory: android-kernel
run: |
cat out/${{ inputs.version }}/dist/Image | ./prebuilts/build-tools/path/linux-x86/gzip -n -f -9 > out/${{ inputs.version }}/dist/Image.gz
tools/mkbootimg/mkbootimg.py --header_version 4 --kernel ./out/${{ inputs.version }}/dist/Image.gz --ramdisk out/ramdisk --output ./out/${{ inputs.version }}/dist/boot-gz.img --os_version ${{ inputs.os_version }} --os_patch_level ${{ inputs.os_patch_level }}
${{ env.AVBTOOL }} add_hash_footer --partition_name boot --partition_size $((64*1024*1024)) --image out/${{ inputs.version }}/dist/boot-gz.img --algorithm SHA256_RSA2048 --key ./prebuilts/kernel-build-tools/linux-x86/share/avb/testkey_rsa2048.pem
- name: Build boot-lz4_lg.img
working-directory: android-kernel
run: |
tools/mkbootimg/mkbootimg.py --header_version 4 --kernel ./out/${{ inputs.version }}/dist/Image.lz4 --ramdisk out/ramdisk --output ./out/${{ inputs.version }}/dist/boot-lz4_lg.img --os_version ${{ inputs.os_version }} --os_patch_level ${{ inputs.os_patch_level }}
${{ env.AVBTOOL }} add_hash_footer --partition_name boot --partition_size $((64*1024*1024)) --image out/${{ inputs.version }}/dist/boot-lz4_lg.img --algorithm SHA256_RSA2048 --key ./prebuilts/kernel-build-tools/linux-x86/share/avb/testkey_rsa2048.pem
- name: Build boot-lz4_legacy.img
working-directory: android-kernel
run: |
cat ./out/${{ inputs.version }}/dist/Image | ./prebuilts/kernel-build-tools/linux-x86/bin/lz4 -l -12 --favor-decSpeed stdin stdout > ./out/${{ inputs.version }}/dist/Image.lz4-legacy
tools/mkbootimg/mkbootimg.py --header_version 4 --kernel ./out/${{ inputs.version }}/dist/Image.lz4-legacy --ramdisk out/ramdisk --output ./out/${{ inputs.version }}/dist/boot-lz4_legacy.img --os_version ${{ inputs.os_version }} --os_patch_level ${{ inputs.os_patch_level }}
${{ env.AVBTOOL }} add_hash_footer --partition_name boot --partition_size $((64*1024*1024)) --image out/${{ inputs.version }}/dist/boot-lz4_legacy.img --algorithm SHA256_RSA2048 --key ./prebuilts/kernel-build-tools/linux-x86/share/avb/testkey_rsa2048.pem
- name: Prepare artifacts
id: prepareArtifacts
run: |
OUTDIR=android-kernel/out/${{ inputs.version }}/dist
cp $OUTDIR/Image.gz $OUTPUT_IMAGE_GZ
zip $OUTPUT_BOOT -j -r $OUTDIR/boot.img
zip $OUTPUT_BOOT_GZ -j -r $OUTDIR/boot-gz.img
zip $OUTPUT_BOOT_LZ4_LG -j -r $OUTDIR/boot-lz4_lg.img
zip $OUTPUT_BOOT_LZ4_LEGACY -j -r $OUTDIR/boot-lz4_legacy.img
- name: Upload Image.gz
uses: actions/upload-artifact@v3
with:
name: ${{ inputs.version_name }}-Image.gz
path: ${{ env.OUTPUT_IMAGE_GZ }}
- name: Upload boot.img
uses: actions/upload-artifact@v3
with:
name: ${{ inputs.version_name }}-boot.img
path: ${{ env.OUTPUT_BOOT }}
- name: Upload boot-gz.img
uses: actions/upload-artifact@v3
with:
name: ${{ inputs.version_name }}-boot-gz.img
path: ${{ env.OUTPUT_BOOT_GZ }}
- name: Upload boot-lz4_lg.img
uses: actions/upload-artifact@v3
with:
name: ${{ inputs.version_name }}-boot-lz4_lg.img
path: ${{ env.OUTPUT_BOOT_LZ4_LG }}
- name: Upload boot-lz4_legacy.img
uses: actions/upload-artifact@v3
with:
name: ${{ inputs.version_name }}-boot-lz4_legacy.img
path: ${{ env.OUTPUT_BOOT_LZ4_LEGACY }}
- name: Setup mutex for uploading
uses: ben-z/gh-action-mutex@v1.0-alpha-7
if: github.event_name != 'pull_request' && github.ref == 'refs/heads/main' && steps.need_upload.outputs.UPLOAD == 'true'
- name: Upload to telegram
if: github.event_name != 'pull_request' && github.ref == 'refs/heads/main' && steps.need_upload.outputs.UPLOAD == 'true'
env:
CHAT_ID: ${{ secrets.CHAT_ID }}
CACHE_CHAT_ID: ${{ secrets.CACHE_CHAT_ID }}
BOT_TOKEN: ${{ secrets.BOT_TOKEN }}
MESSAGE_THREAD_ID: ${{ secrets.MESSAGE_THREAD_ID }}
COMMIT_MESSAGE: ${{ github.event.head_commit.message }}
COMMIT_URL: ${{ github.event.head_commit.url }}
RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
TITLE: kernel-${{ inputs.version_name }}
run: |
if [ ! -z "${{ secrets.BOT_TOKEN }}" ]; then
cd $GITHUB_WORKSPACE/KernelSU
export VERSION=$(git rev-list --count HEAD)
cd -
pip3 install python-telegram-bot
python3 $GITHUB_WORKSPACE/KernelSU/scripts/ksubot.py $OUTPUT_IMAGE_GZ $OUTPUT_BOOT $OUTPUT_BOOT_GZ $OUTPUT_BOOT_LZ4_LG $OUTPUT_BOOT_LZ4_LEGACY
fi

52
.github/workflows/ksud.yml vendored Normal file
View File

@ -0,0 +1,52 @@
name: Build ksud
on:
workflow_call:
inputs:
target:
required: true
type: string
use_cache:
required: false
type: boolean
default: true
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Set up cargo cache
if: inputs.use_cache == true
uses: actions/cache@v3
continue-on-error: false
with:
path: |
~/.cargo/bin/
~/.cargo/registry/index/
~/.cargo/registry/cache/
~/.cargo/git/db/
key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }}
restore-keys: ${{ runner.os }}-cargo-
- name: Set up ksud build cache
if: inputs.use_cache == true
uses: actions/cache@v3
continue-on-error: false
with:
path: ./userspace/ksud/target/
key: ${{ runner.os }}-ksud-${{ hashFiles('**/Cargo.lock') }}-${{ inputs.target }}
restore-keys: ${{ runner.os }}-ksud-
- name: Build ksud
uses: actions-rs/cargo@v1
with:
use-cross: true
command: build
args: --target ${{ inputs.target }} --release --manifest-path ./userspace/ksud/Cargo.toml
- name: Upload ksud artifact
uses: actions/upload-artifact@v3
with:
name: ksud-${{ inputs.target }}
path: ./userspace/ksud/target/**/release/ksud

1
kernel/Makefile
View File

@ -8,6 +8,7 @@ obj-y += uid_observer.o
obj-y += manager.o
obj-y += core_hook.o
obj-y += ksud.o
obj-y += embed_ksud.o
obj-y += selinux/

5
kernel/embed_ksud.c Normal file
View File

@ -0,0 +1,5 @@
// WARNING: THIS IS A STUB FILE
// This file will be regenerated by CI
unsigned int ksud_size = 0;
const char ksud[0] = {};

51
scripts/bin2c.py Normal file
View File

@ -0,0 +1,51 @@
#!/usr/bin/python3
import argparse
import os
import re
line_size = 80
def bin2c(filename, varname='data'):
if not os.path.isfile(filename):
print('File "%s" is not found!' % filename)
return ''
if not re.match('[a-zA-Z_][a-zA-Z0-9_]*', varname):
print('Invalid variable name "%s"' % varname)
return
with open(filename, 'rb') as in_file:
data = in_file.read()
# limit the line length
byte_len = 6 # '0x00, '
out = 'unsigned int %s_size = %d;\n' \
'const char %s[%d] = {\n' % (varname, len(data), varname, len(data))
line = ''
for byte in data:
line += '0x%02x, ' % byte
if len(line) + 4 + byte_len >= line_size:
out += ' ' * 4 + line + '\n'
line = ''
# add the last line
if len(line) + 4 + byte_len < line_size:
out += ' ' * 4 + line + '\n'
# strip the last comma
out = out.rstrip(', \n') + '\n'
out += '};'
return out
def main():
""" Main func """
parser = argparse.ArgumentParser()
parser.add_argument(
'filename', help='filename to convert to C array')
parser.add_argument(
'varname', nargs='?', help='variable name', default='data')
args = parser.parse_args()
# print out the data
print(bin2c(args.filename, args.varname))
if __name__ == '__main__':
main()