#!/bin/ksh
set -e

# incl. docker

function bomb {
	echo error: $@
	exit 1
}

[[ -z $1 ]] && echo "${0##*/} <linux.tar> [reiser4-patch.gz]" && exit 1
linuxtar=$1
patch=$2

[[ ! -f $linuxtar ]] && print could not find $linuxtar && exit 1
linux=${linuxtar%\.tar}

[[ -z $MAKEFLAGS ]] && echo MAKEFLAGS not defined && exit 1
#j=$((`grep ^processor /proc/cpuinfo | tail -1 | awk '{print $3}'` + 1))
#lscpu | grep ^Thread

mem=`free -m | grep ^Mem | awk '{print $2}'`
(( mem < 4096 )) && print at least 4 GiB of RAM is recommended && exit 1
unset mem

print extracting $linuxtar ... \\c
rm -rf $linux/
tar xf $linuxtar && print done

cd $linux/

if [[ -n $patch ]]; then
	[[ ! -f ../$patch ]] && print could not find patch $patch && exit 1
	print applying $patch ... \\c
	zcat ../$patch | patch -p1 >/dev/null && print done
fi

mv -i Makefile Makefile.dist
sed 's/^EXTRAVERSION =/EXTRAVERSION = .domU/' Makefile.dist > Makefile

print x86_64_defconfig ... \\c
make x86_64_defconfig >/dev/null && print done

print disable x32
echo CONFIG_X86_X32=n >> .config
make olddefconfig >/dev/null && print done\\n

print xen config ... \\c
make xen.config >/dev/null && print done

echo

print disable kvm and xen dom0 but enable pvh
cat >> .config <<EOF9
CONFIG_KVM=n
CONFIG_XEN_DOM0=n
CONFIG_PVH=y
EOF9
make olddefconfig >/dev/null && print done\\n

print vmm optimizations and tmem if there is
cat >> .config <<EOF9
CONFIG_MEMORY_BALLOON=y
CONFIG_BALLOON_COMPACTION=y
CONFIG_NET_FAILOVER=y
CONFIG_PARAVIRT_SPINLOCKS=y
CONFIG_XEN_TMEM=y
CONFIG_CLEANCACHE=y
CONFIG_FRONTSWAP=y
CONFIG_SWAP=y
CONFIG_XEN_SELFBALLOONING=y
CONFIG_XEN_TMEM=y
CONFIG_TUN=y
EOF9
make olddefconfig && print done\\n

print base features and file-systems
cat >> .config <<EOF9
CONFIG_IKCONFIG=y
CONFIG_IKCONFIG_PROC=y
CONFIG_F2FS_CHECK_FS=y
CONFIG_F2FS_FS=y
CONFIG_F2FS_FS_COMPRESSION=y
CONFIG_F2FS_FS_LZ4=y
CONFIG_F2FS_FS_LZ4HC=y
CONFIG_REISER4_FS=y
CONFIG_BTRFS_FS=y
CONFIG_REISERFS_FS=y
CONFIG_XFS_FS=y
CONFIG_JFS_FS=y
CONFIG_GFS2_FS=y
EOF9
make olddefconfig >/dev/null && print done\\n
[[ -z `grep ^CONFIG_F2FS .config` ]] && bomb failed to setup F2FS

print enable network features
cat >> .config <<EOF9
CONFIG_BRIDGE=y
CONFIG_VLAN_8021Q=y
CONFIG_NFS_V4_1=y
CONFIG_NFS_V4_2=y
CONFIG_NFS_V4_1_MIGRATION=y
CONFIG_NFSD=y
CONFIG_NFSD_V3=y
CONFIG_NFSD_V4=y
CONFIG_CIFS=y
EOF9
make olddefconfig >/dev/null && print done\\n

print enable nftables and friends
cat >> .config <<EOF9
CONFIG_NF_TABLES=y
CONFIG_NFT_REJECT=y
CONFIG_NF_TABLES_IPV4=y
CONFIG_NFT_REJECT_IPV4=y
CONFIG_NF_TABLES_IPV6=y
CONFIG_NF_REJECT_IPV6=y
CONFIG_NF_TABLES_SET=y
CONFIG_NF_TABLES_INET=y
CONFIG_NF_TABLES_NETDEV=y
CONFIG_NF_TABLES_ARP=y
CONFIG_NF_TABLES_BRIDGE=y
CONFIG_NETFILTER_ADVANCED=y
CONFIG_NETFILTER_NETLINK_QUEUE=y
CONFIG_NFT_CT=y
CONFIG_NFT_COUNTER=y
CONFIG_NFT_LOG=y
CONFIG_NFT_LIMIT=y
CONFIG_NFT_MASQ=y
CONFIG_NFT_NAT=y
CONFIG_NFT_QUEUE=y
EOF9
make olddefconfig >/dev/null && print done\\n

print enable states tracker
cat >> .config <<EOF9
CONFIG_NF_CONNTRACK_EVENTS=y
EOF9
make olddefconfig >/dev/null && print done\\n
[[ -z `grep ^CONFIG_NF_CONNTRACK_EVENTS .config` ]] && bomb failed to setup NF_CONNTRACK_EVENTS

print grab check-config.sh ... \\c
wget -q -O - https://raw.githubusercontent.com/docker/docker/master/contrib/check-config.sh \
	> ../check-config.sh && echo done
chmod +x ../check-config.sh

print check for docker kernel features against $linux/.config
../check-config.sh .config \
	| grep missing \
	| sed -r 's/^[[:space:]]*- .*(CONFIG_[^:]+).*: .*missing.*/\1=y/' \
	| grep ^CONFIG >> .config
#rm -f ../check-config.sh
make olddefconfig >/dev/null && print done\\n

# https://lkml.org/lkml/2021/8/19/969
print more for docker
cat >> .config <<EOF9
CONFIG_BPF_SYSCALL=y
CONFIG_CGROUP_BPF=y
EOF9
make olddefconfig >/dev/null && print done\\n

print enable missing k8s kernel features
cat >> .config <<EOF9
CONFIG_NETFILTER_ADVANCED=y
CONFIG_IP_NF_TARGET_REDIRECT=y
CONFIG_NETFILTER_XT_MATCH_COMMENT=y
EOF9
make olddefconfig >/dev/null && print done\\n
#grep NETFILTER_ADVANCED .config
#grep IP_NF_TARGET_REDIRECT .config
#grep NETFILTER_XT_MATCH_COMMENT .config

print almost no modules
mv -f .config .config.m
sed 's/=m$/=y/' .config.m > .config
make olddefconfig && print done
grep =m$ .config || print OK NO MODULE AT ALL
print ''

[[ -n $patch && -z `grep ^CONFIG_REISER4_FS=y .config` ]] && bomb failed to setup REISER4
[[ -z `grep ^CONFIG_XEN_PVH=y .config` ]] && bomb failed to setup XEN_PVH

print ready?
read -r

print tail -F /usr/src/domU.log\\n
time make > ../domU.log && print BUILT || bomb build not successful
print ''

tail -1 ../domU.log
print ''

[[ ! -f arch/x86/boot/bzImage ]] && bomb cannot find arch/x86/boot/bzImage
fullversion=`file arch/x86/boot/bzImage | awk '{print $9}'`
echo VERSION IS $fullversion
[[ -z $fullversion ]] && print ERROR \$fullversion NOT DEFINED && exit 1
[[ -d /lib/modules/$fullversion/ ]] && rm -rf /lib/modules/$fullversion/ && echo cleaned-up

print modules_install... \\c
make modules_install >/dev/null && echo done

du -sh /lib/modules/$fullversion/ # domU 84K / 320K

cp arch/x86/boot/bzImage ../$fullversion.vmlinuz
cp .config ../$fullversion.config
tar czf ../$fullversion.modules.tar.gz -C /lib/modules/ $fullversion/
cd ../
tar czf $fullversion.src.tar.gz $linux/
echo

./check-config.sh 5.16.20.domU.config || true
echo

cat <<EOF
READY

	$fullversion.config
	$fullversion.modules.tar.gz # maybe empty
	$fullversion.src.tar.gz
	$fullversion.vmlinuz

	rm -rf $linux/

EOF