Initial configs and CI

.Dockerignore

@@ -0,0 +1,3 @@
+*
+!linux/*
+linux/.git

.github/workflows/build.yml

@@ -0,0 +1,54 @@
+name: Compile and release
+
+on:
+  push
+
+jobs:
+  build:
+    runs-on: panda-arc
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Build 
+        run: |
+          docker build -t kernel_builder .
+          docker run --rm -v $PWD:/app kernel_builder /app/build.sh
+          tar czvf kernels-latest.tar.gz binaries
+
+      - name: Save package
+        uses: actions/upload-artifact@v3
+        with:
+          name: kernels-latest.tar.gz
+          path: kernels-latest.tar.gz
+
+      - name: Create release
+        id: create_release
+        uses: actions/create-release@v1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          tag_name: release_${{ github.sha }}
+          release_name: Release ${{ github.ref }}
+          body: |
+            Release @${{ github.ref }}
+          draft: true
+          prerelease: false
+
+      - name: Upload release asset
+        uses: actions/upload-release-asset@v1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          upload_url: ${{ steps.create_release.outputs.upload_url }}
+          asset_path: ./kernels-latest.tar.gz
+          asset_name: kernels-latest.tar.gz
+          asset_content_type: application/gzip
+
+      - name: Publish release
+        uses: StuYarrow/[email protected]
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          id: ${{ steps.create_release.outputs.id }}

.github/workflows/tests.yml

@@ -0,0 +1,19 @@
+name: Check that the code compiles
+
+on:
+  pull_request:
+    branches:
+      - fd4.10
+      - 4.10_hc
+
+jobs:
+  build:
+    runs-on: panda-arc
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Build 
+        run: |
+          bash docker_build.sh

.gitignore

@@ -0,0 +1 @@
+.*.sw*

.gitmodules

@@ -0,0 +1,4 @@
+[submodule "linux"]
+	path = linux
+	url = https://github.com/panda-re/linux.git
+	branch = 4.10_min

Dockerfile

@@ -0,0 +1,55 @@
+FROM ubuntu:latest
+
+RUN apt-get update && \
+    apt-get -y  install --no-install-recommends\
+      bc \
+      build-essential \
+      ca-certificates \
+      gdb \
+      git \
+      golang-go \
+      libncurses-dev \
+      wget
+
+# Get panda for kernelinfo_gdb. Definitely a bit overkill to pull the whole repo.
+# Also get dwarf2json and build it
+RUN git clone --depth 1 https://github.com/panda-re/panda.git && \
+    git clone --depth 1 https://github.com/volatilityfoundation/dwarf2json.git && \
+    cd dwarf2json && \
+    go build 
+
+#Latest mips and mipsel toolchains break on building old kernels so we use these with gcc 5.3.0
+#mips64 toolchain built using https://github.com/richfelker/musl-cross-make
+#BINUTILS_VER = 2.25.1
+#GCC_VER = 6.5.0
+#MUSL_VER = git-v1.1.24
+#GMP_VER = 6.1.0
+#MPC_VER = 1.0.3
+#MPFR_VER = 3.1.4
+#GCC_CONFIG += --enable-languages=c
+#It's a bit nutty to symlink all of these, but easier to keep track of what's needed for the future
+
+# Download all our cross compilers and set up symlinks
+RUN mkdir -p /opt/cross && \
+    wget https://musl.cc/i686-linux-musl-cross.tgz -O - | tar -xz -C /opt/cross && \
+    ln -s /opt/cross/i686-linux-musl-cross /opt/cross/i686-linux-musl && \
+    wget https://musl.cc/x86_64-linux-musl-cross.tgz -O - | tar -xz -C /opt/cross && \
+    ln -s /opt/cross/x86_64-linux-musl-cross /opt/cross/x86_64-linux-musl && \
+    wget http://panda.re/secret/mipseb-linux-musl_gcc-5.3.0.tar.gz -O - | tar -xz -C /opt/cross && \
+    wget http://panda.re/secret/mipsel-linux-musl_gcc-5.3.0.tar.gz -O - | tar -xz -C /opt/cross && \
+    wget https://musl.cc/mips64el-linux-musl-cross.tgz -O -  | tar -xz -C /opt/cross && \
+    ln -s /opt/cross/mips64el-linux-musl-cross /opt/cross/mips64el-linux-musl  && \
+    wget https://musl.cc/arm-linux-musleabi-cross.tgz -O - | tar -xz -C /opt/cross && \
+    ln -s /opt/cross/arm-linux-musleabi-cross /opt/cross/arm-linux-musleabi && \
+    wget https://musl.cc/aarch64-linux-musl-cross.tgz -O - | tar -xz -C /opt/cross && \
+    ln -s /opt/cross/aarch64-linux-musl-cross /opt/cross/aarch64-linux-musl && \
+    wget http://panda.re/secret/mips64-linux-musl-cross_gcc-6.5.0.tar.gz -O - | tar -xz -C /opt/cross && \
+    ln -s /opt/cross/mips64-linux-musl-cross /opt/cross/mips64eb-linux-musl && \ 
+    ln -s /opt/cross/mips64eb-linux-musl/bin/mips64-linux-musl-gcc /opt/cross/mips64eb-linux-musl/bin/mips64eb-linux-musl-gcc && \
+    ln -s /opt/cross/mips64eb-linux-musl/bin/mips64-linux-musl-ld /opt/cross/mips64eb-linux-musl/bin/mips64eb-linux-musl-ld && \
+    ln -s /opt/cross/mips64eb-linux-musl/bin/mips64-linux-musl-objdump /opt/cross/mips64eb-linux-musl/bin/mips64eb-linux-musl-objdump && \
+    ln -s /opt/cross/mips64eb-linux-musl/bin/mips64-linux-musl-objcopy /opt/cross/mips64eb-linux-musl/bin/mips64eb-linux-musl-objcopy && \
+    ln -s /opt/cross/mips64eb-linux-musl/bin/mips64-linux-musl-ar /opt/cross/mips64eb-linux-musl/bin/mips64eb-linux-musl-ar && \
+    ln -s /opt/cross/mips64eb-linux-musl/bin/mips64-linux-musl-nm /opt/cross/mips64eb-linux-musl/bin/mips64eb-linux-musl-nm
+
+COPY . /app

build.sh

@@ -0,0 +1,80 @@
+#!/bin/bash
+
+set -eux
+
+# We want to build linux for each of our targets using the config files. Linux is in /app/linux
+# while our configs are at config.[arch]. We need to set the ARCH and CROSS_COMPILE variables
+# and put the binaries in /app/binaries
+
+# COMPILER PATHS:
+#/opt/cross/i686-linux-musl
+#/opt/cross/x86_64-linux-musl
+#/opt/cross/mips64el-linux-musl
+#/opt/cross/arm-linux-musleabi
+#/opt/cross/aarch64-linux-musl
+
+mkdir /out
+
+TARGET_LIST="armel mipsel mipseb"
+for TARGET in $TARGET_LIST; do
+	BUILD_TARGETS="vmlinux"
+    if [ $TARGET == "armel" ]; then
+        export ARCH=arm
+        export CROSS_COMPILE=/opt/cross/arm-linux-musleabi/bin/arm-linux-musleabi-
+		BUILD_TARGETS="vmlinux zImage"
+    elif [ $TARGET == "armeb" ]; then
+		export CFLAGS="-mbig-endian"
+		export KCFLAGS="-mbig-endian"
+		export ARCH=arm
+		export CROSS_COMPILE=/opt/cross/arm-linux-musleabi/bin/arm-linux-musleabi-
+		BUILD_TARGETS="vmlinux zImage"
+    elif [ $TARGET == "mipsel" ]; then
+        export ARCH=mips
+		export CROSS_COMPILE=/opt/cross/mipsel-linux-musl/bin/mipsel-linux-musl-
+    elif [ $TARGET == "mipseb" ]; then
+        export ARCH=mips
+		export CROSS_COMPILE=/opt/cross/mips64eb-linux-musl/bin/mips64eb-linux-musl-
+	else
+		echo "Unknown target $TARGET"
+		exit 1
+    fi
+    echo "Building $BUILD_TARGETS for $TARGET"
+
+	if [ ! -f "/app/config.${TARGET}" ]; then
+		echo "No config for $TARGET"
+		exit 1
+	fi
+	mkdir -p "/tmp/build/${TARGET}"
+    cp "/app/config.${TARGET}" "/tmp/build/${TARGET}/.config"
+
+ 	# Actually build
+	echo "Building kernel for $TARGET"
+	make -C /app/linux O=/tmp/build/${TARGET}/ olddefconfig #>> /app/build.log
+	make -C /app/linux O=/tmp/build/${TARGET}/ $BUILD_TARGETS -j$(nproc) #>> /app/build.log
+
+	# On error cat the log
+	if [ $? -ne 0 ]; then
+		echo "ERROR BUILDING KERNEL"
+		tail -n30 /app/build.log
+		exit 1
+	fi
+
+	# Copy out zImage (if present) and vmlinux (always)
+	if [ -f "/tmp/build/${TARGET}/arch/${ARCH}/boot/zImage" ]; then
+		cp "/tmp/build/${TARGET}/arch/${ARCH}/boot/zImage" /out/zImage.${TARGET}
+	fi
+	cp /tmp/build/${TARGET}/vmlinux /out/vmlinux.${TARGET}
+
+	# Generate OSI profile
+	/panda/panda/plugins/osi_linux/utils/kernelinfo_gdb/run.sh \
+		/out/vmlinux.${TARGET} /tmp/panda_profile.${TARGET}
+ 	echo "[${TARGET}]" >> /out/firmadyne_profiles.conf
+	cat /tmp/panda_profile.${TARGET} /out/firmadyne_profiles.conf
+
+    /dwarf2json/dwarf2json linux --elf /out/vmlinux.${TARGET} \
+		| xz - > /out//vmlinux.${TARGET}.json.xz
+done
+
+tar cvfz /app/kernels-latest.tar.gz /out
+
+echo "Built by linux_builder on $(date)" > /out/README.txt