.gitignore

@@ -1,4 +1 @@
-/
-!patches/
-!config
-!README.MD
+!patches/

PKGBUILD

@@ -1,7 +1,7 @@
 # Maintainer: Jan Alexander Steffens (heftig) <heftig@archlinux.org>
 pkgbase=linux-custom-ultimate
-pkgver=6.12.3.arch1
-pkgrel=1
+pkgver=6.9.8.arch1
+pkgrel=2
 pkgdesc='Linux'
 arch=(x86_64)
 license=(GPL-2.0-only)
@@ -32,21 +32,13 @@ _srctag=v${pkgver%.*}-${pkgver##*.}
 source=(
   https://cdn.kernel.org/pub/linux/kernel/v${pkgver%%.*}.x/${_srcname}.tar.xz
   config  # the main kernel config file
-  defaultmaxASLR.patch
 )
 # https://www.kernel.org/pub/linux/kernel/v6.x/sha256sums.asc
-md5sums=('59a4adb192e8a88cc6bdea7912c409c0'
-         '25a41237ef1f48123ac5657bdb77eb1f'
-         '7c0ac5bcdae16821cc24be558f18d144')
-sha1sums=('614c7d549be86d3eec547b069055d44c2ab955e1'
-          'cb11d29ef75d4dc8867902acfe03e20d1aa3787c'
-          'cd8e93c882a6a52e87a4c47caeaabd1261dc3a62')
-sha256sums=('c89809cc777d50f1ea484a118630281a26383707a0e752c96fd834f6e765deae'
-            '684f2140b501590203c7146baf5977e433cd3acd6401e61a6ad4640a44166b37'
-            '9f29efd7acf37d8e3015029216865fb590362d9589feb91dc84e68fee6dabff0')
-b2sums=('1caaf9aed83a69a0c8b17ca923a97848cbb3b042d023aaaa7462c24f66f0d1b8a4fa42e2f3b9248ab8c57000a0e68d185072b0c88be7bcd93175f3e88ac76955'
-        '222a85e27f9a353a40bd5169bda82d01402228f04a75a277742265f39526effacef6c5dbd7b5729a2c350e822b5c345130f4a34e50942bcd5d12ca00bba53f29'
-        '30f9ecc8011b67e89166a01cf15c6994ba72cb7277cf8cce3461db66c3f0dfa77f396976dc82b6b78c723845282ea721a07a8fb1f3baff43dbf46bee10940b1a')
+sha256sums=('f048267b7b88316c9ca708c68d15a9ae802dcfc943c3188c1273eb958c433281'
+            '254c531c49080ffb399a6246537a9c7b65718acdf1515b72f3570d23aa0a4fe6')
+b2sums=('3c3874b053d7076564936f2053ef666733d329c402999aac736cf64418cb74e471cf9d7ae62e8fab49e4e916f196c5b8317aa243691b1d18119a25196108dd06'
+        'ea46d444dcbec8d6edc761b84ee047b72d9d9d65802902c8fc01f0cef55adf4f16c35834c2c8c01ccb20b249efa8054f20ce851c7eb6cfd2eb2ee90ee8bf6ad5')
+
 export KBUILD_BUILD_HOST=archlinux
 export KBUILD_BUILD_USER=$pkgbase
 export KBUILD_BUILD_TIMESTAMP="$(date -Ru${SOURCE_DATE_EPOCH:+d @$SOURCE_DATE_EPOCH})"
@@ -69,10 +61,10 @@ prepare() {
   done
 
   echo "Setting config..."
-  cp ../config .config
   make oldconfig
+  cp ../config .config
 
-  diff -u ../config .config || :
+  #diff -u ../config .config || :
 
   make -s kernelrelease > version
   echo "Prepared $pkgbase version $(<version)"
@@ -80,6 +72,7 @@ prepare() {
 
 build() {
   cd $_srcname
+  make olddefconfig
   make all
   make -C tools/bpf/bpftool vmlinux.h feature-clang-bpf-co-re=1
 }

README.md

@@ -1,18 +1,11 @@
-My personal custom kernel
+patches folder contains all the patches. files shipped are already prepatched 
 
-I provide releases for and only for Arch Linux. See wiki on how to install.
-
-defaultmaxASLR.patch - increase security
-
-
-patches folder contains all the config patches. config shipped are already prepatched 
-
-config patch order:
+patch order:
 
 1. waydroid.patch
 2. security.patch
 
-config sources: 
+sources: 
 
 - waydroid.patch: https://wiki.archlinux.org/title/Waydroid
 - security.patch: selected from https://www.kicksecure.com/wiki/Hardened-kernel

defaultmaxASLR.patch

@@ -1,33 +0,0 @@
-From db70c38e74c8850174dcc09b302c41543583c980 Mon Sep 17 00:00:00 2001
-From: "Jan Alexander Steffens (heftig)" <heftig@archlinux.org>
-Date: Sat, 13 Jan 2024 15:29:25 +0100
-Subject: [PATCH] arch/Kconfig: Default to maximum amount of ASLR bits
-
-To mitigate https://zolutal.github.io/aslrnt/; do this with a patch to
-avoid having to enable `CONFIG_EXPERT`.
----
- arch/Kconfig | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/arch/Kconfig b/arch/Kconfig
-index 30f7930275d838..318a4e75058b3b 100644
---- a/arch/Kconfig
-+++ b/arch/Kconfig
-@@ -1033,7 +1033,7 @@ config ARCH_MMAP_RND_BITS
- 	int "Number of bits to use for ASLR of mmap base address" if EXPERT
- 	range ARCH_MMAP_RND_BITS_MIN ARCH_MMAP_RND_BITS_MAX
- 	default ARCH_MMAP_RND_BITS_DEFAULT if ARCH_MMAP_RND_BITS_DEFAULT
--	default ARCH_MMAP_RND_BITS_MIN
-+	default ARCH_MMAP_RND_BITS_MAX
- 	depends on HAVE_ARCH_MMAP_RND_BITS
- 	help
- 	  This value can be used to select the number of bits to use to
-@@ -1067,7 +1067,7 @@ config ARCH_MMAP_RND_COMPAT_BITS
- 	int "Number of bits to use for ASLR of mmap base address for compatible applications" if EXPERT
- 	range ARCH_MMAP_RND_COMPAT_BITS_MIN ARCH_MMAP_RND_COMPAT_BITS_MAX
- 	default ARCH_MMAP_RND_COMPAT_BITS_DEFAULT if ARCH_MMAP_RND_COMPAT_BITS_DEFAULT
--	default ARCH_MMAP_RND_COMPAT_BITS_MIN
-+	default ARCH_MMAP_RND_COMPAT_BITS_MAX
- 	depends on HAVE_ARCH_MMAP_RND_COMPAT_BITS
- 	help
- 	  This value can be used to select the number of bits to use to 

patches/NUMA.patch

@@ -1,22 +0,0 @@
-diff --git a/home/lihaowang/Downloads/confign b/home/lihaowang/Downloads/config
-index 85500aa..adc7bca 100644
---- a/home/lihaowang/Downloads/confign
-+++ b/home/lihaowang/Downloads/config
-@@ -1258,7 +1258,7 @@ CONFIG_LOCK_MM_AND_FIND_VMA=y
- CONFIG_IOMMU_MM_DATA=y
- CONFIG_EXECMEM=y
- CONFIG_NUMA_MEMBLKS=y
--# CONFIG_NUMA_EMU is not set
-+CONFIG_NUMA_EMU=y
- 
- #
- # Data Access Monitoring
-@@ -11536,7 +11536,7 @@ CONFIG_SWIOTLB=y
- CONFIG_DMA_NEED_SYNC=y
- CONFIG_DMA_COHERENT_POOL=y
- CONFIG_DMA_CMA=y
--# CONFIG_DMA_NUMA_CMA is not set
-+CONFIG_DMA_NUMA_CMA=y
- 
- #
- # Default contiguous memory area size:

patches/security.patch

@@ -34,7 +34,7 @@
  # CONFIG_DEBUG_VM_PGTABLE is not set
  CONFIG_ARCH_HAS_DEBUG_VIRTUAL=y
 -# CONFIG_DEBUG_VIRTUAL is not set
-+CONFIG_DEBUG_VIRTUAL=y
++CONFIG_DEBUG_VIRTUA=y
  CONFIG_DEBUG_MEMORY_INIT=y
  # CONFIG_DEBUG_PER_CPU_MAPS is not set
  CONFIG_ARCH_SUPPORTS_KMAP_LOCAL_FORCE_MAP=y

patches/waydroid.patch

@@ -5,8 +5,8 @@
  # Android
  #
 +CONFIG_ANDROID=y
-+CONFIG_ANDROID_BINDER_IPC=m
++CONFIG_ANDROID_BINDER_IPC=y
 +CONFIG_ANDROID_BINDERFS=n
 +CONFIG_ANDROID_BINDER_DEVICES="binder,hwbinder,vndbinder"
-# end of Android
+ # end of Android