DivestOS/Scripts/init.sh

194 lines
10 KiB
Bash
Raw Normal View History

#!/bin/bash
2020-11-17 10:11:40 -05:00
#DivestOS: A privacy focused mobile distribution
#Copyright (c) 2017-2021 Divested Computing Group
2017-11-05 10:58:01 -05:00
#
#This program is free software: you can redistribute it and/or modify
#it under the terms of the GNU General Public License as published by
#the Free Software Foundation, either version 3 of the License, or
#(at your option) any later version.
#
#This program is distributed in the hope that it will be useful,
#but WITHOUT ANY WARRANTY; without even the implied warranty of
#MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
#GNU General Public License for more details.
#
#You should have received a copy of the GNU General Public License
#along with this program. If not, see <https://www.gnu.org/licenses/>.
#Sets settings used by all other scripts
#
2018-06-02 17:51:18 -04:00
#START OF USER CONFIGURABLE OPTIONS
#
#General
export ANDROID_HOME="/home/$USER/Android/Sdk";
2020-01-26 22:24:35 -05:00
export DOS_WORKSPACE_ROOT="/mnt/dos/"; #XXX: THIS MUST BE CORRECT TO BUILD!
#export DOS_BUILDS=$DOS_WORKSPACE_ROOT"Builds/";
2020-03-25 22:08:25 -04:00
export DOS_BUILDS="/mnt/backup-1/DOS/Builds/";
export DOS_SIGNING_KEYS=$DOS_WORKSPACE_ROOT"Signing_Keys/4096pro";
2020-06-17 13:18:16 -04:00
export DOS_SIGNING_GPG=$DOS_WORKSPACE_ROOT"Signing_Keys/gnupg";
#export USE_CCACHE=1;
#export CCACHE_DIR="";
2020-04-08 13:44:52 -04:00
export CCACHE_COMPRESS=1;
export CCACHE_COMPRESSLEVEL=1;
#export DOS_BINARY_PATCHER="";
export DOS_TOR_WRAPPER="";
#export DOS_TOR_WRAPPER="torsocks"; #Uncomment to perform select build operations over Tor
export DOS_MALWARE_SCAN_ENABLED=true; #Set true to perform a fast scan on patchWorkspace() and a through scan on buildAll()
export DOS_MALWARE_SCAN_SETTING="quick"; #buildAll() scan speed. Options: quick, extra, slow, full
export DOS_REFRESH_PATCHES=true; #Set true to refresh branch-specific patches on apply
2018-06-29 00:55:21 -04:00
#Deblobber
export DOS_DEBLOBBER_REMOVE_ACCESSORIES=true; #Set false to allow use of external accessories that depend on blobs
export DOS_DEBLOBBER_REMOVE_ATFWD=true; #Set true to remove basic ATFWD blobs
2018-06-29 00:55:21 -04:00
export DOS_DEBLOBBER_REMOVE_AUDIOFX=true; #Set true to remove AudioFX
export DOS_DEBLOBBER_REMOVE_APTX=true; #Set true to remove aptX Bluetooth codec
export DOS_DEBLOBBER_REMOVE_CNE=true; #Set true to remove all CNE blobs #XXX: Breaks Wi-Fi calling
export DOS_DEBLOBBER_REMOVE_DPM=true; #Set true to remove all DPM blobs
export DOS_DEBLOBBER_REMOVE_DPP=false; #Set true to remove all Display Post Processing blobs #XXX: Breaks boot on select devices
export DOS_DEBLOBBER_REMOVE_FP=false; #Set true to remove all fingerprint reader blobs
export DOS_DEBLOBBER_REMOVE_GRAPHICS=false; #Set true to remove all graphics blobs and use SwiftShader CPU renderer #TODO: Needs work
export DOS_DEBLOBBER_REMOVE_IMS=false; #Set true to remove all IMS blobs XXX: Carriers are phasing out 3G, making IMS mandatory for calls
2019-03-23 12:49:58 -04:00
export DOS_DEBLOBBER_REMOVE_IPA=false; #Set true to remove all IPA blobs
export DOS_DEBLOBBER_REMOVE_IR=false; #Set true to remove all IR blobs
export DOS_DEBLOBBER_REMOVE_RCS=true; #Set true to remove all RCS blobs
export DOS_DEBLOBBER_REMOVE_RENDERSCRIPT=false; #Set true to remove RenderScript blobs
2020-10-20 07:20:40 -04:00
export DOS_DEBLOBBER_REPLACE_TIME=false; #Set true to replace Qualcomm Time Services with the open source Sony TimeKeep reimplementation #TODO: Needs testing
#Features
export DOS_GPS_GLONASS_FORCED=false; #Enables GLONASS on all devices
export DOS_GRAPHENE_BIONIC=true; #Enables the bionic hardening patchset on 16.0+17.1+18.1
Add the JNINativeMethod table constification patchsets from GrapheneOS 11 https://github.com/GrapheneOS/platform_frameworks_base/commit/63b9f96a121648ce0815b4ff21a670af9d643203 11 https://github.com/GrapheneOS/platform_packages_apps_Bluetooth/commit/d8a62b5156007c507e6de4ced1e0db8c271504ee 11 https://github.com/GrapheneOS/platform_libcore/commit/e3a4d64f29c9a0cad11fe06af6ff378c9ea9dbea 11 https://github.com/GrapheneOS/platform_packages_apps_Nfc/commit/e41f1d7f8eee4f6af7ad1f9c0b6cbf1aef94f3cd 11 https://github.com/GrapheneOS/platform_frameworks_ex/commit/c34b037486b38bed7a45b26f736e9fe4a8c931f2 11 https://github.com/GrapheneOS/platform_external_conscrypt/commit/dce2d0f64f68739fed38483948095621506ca244 11 https://github.com/GrapheneOS/platform_art/commit/c99c35cb2a323896d64708fcae5d01f83f937d1e 10 https://github.com/GrapheneOS/platform_frameworks_base/commit/07071814db0786252ddcb6149c61ea78be22f858 10 https://github.com/GrapheneOS/platform_packages_apps_Bluetooth/commit/a48ba29b986ad67a5388f4a053080263ac4a438b 10 https://github.com/GrapheneOS/platform_libcore/commit/157fa7811544321cc61b9aae0218aaa5f13d4f6f 10 https://github.com/GrapheneOS/platform_frameworks_opt_net_wifi/commit/b914409e0582f093957b3f9f1d151fffdecc5136 10 https://github.com/GrapheneOS/platform_packages_apps_Nfc/commit/20a51f508b32b64cc60f2fc300372442a4ce0dc2 10 https://github.com/GrapheneOS/platform_external_conscrypt/commit/b8afb8af3773d630550354bd3da95da947fbb81e 10 https://github.com/GrapheneOS/platform_art/commit/e1b6653db794da9beaa0ea1f23ced5306e887fa9 9 https://github.com/GrapheneOS/platform_frameworks_base/commit/ff688b68a7df485c5628bda976bc5cc84999e81b 9 https://github.com/GrapheneOS/platform_packages_apps_Bluetooth/commit/866f0df315bb1172d73648b61999af01a1130971 9 https://github.com/GrapheneOS/platform_libcore/commit/77c9fa981a7b058ff66f5d19929c54ca7d298e4e 9 https://github.com/GrapheneOS/platform_frameworks_opt_net_wifi/commit/fbf620e59c16915a2a277ed934bc9a77fbcce4ac 9 https://github.com/GrapheneOS/platform_packages_apps_Nfc/commit/ceaf63c790b0ef23cf5f25d1b5c361aafd2925b5 9 https://github.com/GrapheneOS/platform_external_conscrypt/commit/253247fc3955ecf18ff42bf8b73d075134e8f1f2 9 https://github.com/GrapheneOS/platform_art/commit/76bf4c46f0090423ead013f02c6b0b4e58b33c95 Signed-off-by: Tad <tad@spotco.us>
2022-03-15 14:57:53 -04:00
export DOS_GRAPHENE_CONSTIFY=true; #Enables 'Constify JNINativeMethod tables' patchset on 16.0+17.1+18.1
export DOS_GRAPHENE_MALLOC=true; #Enables use of GrapheneOS' hardened memory allocator on 64-bit platforms on 16.0+17.1+18.1
export DOS_GRAPHENE_EXEC=true; #Enables use of GrapheneOS' exec spawning feature on 16.0+17.1+18.1
export DOS_GRAPHENE_PTRACE_SCOPE=true; #Enables the GrapheneOS ptrace_scope toggle patchset on 17.1+18.1
export DOS_GRAPHENE_NETWORK_PERM=true; #Enables use of GrapheneOS' NETWORK permission on 17.1+18.1
export DOS_GRAPHENE_RANDOM_MAC=true; #Enables the GrapheneOS always randomize Wi-Fi MAC patchset on 17.1+18.1
export DOS_TIMEOUTS=true; #Enables the GrapheneOS/CalyxOS patchset for automatic timeouts of reboot/Wi-Fi/Bluetooth on 17.1+18.1
export DOS_HOSTS_BLOCKING=true; #Set false to prevent inclusion of a HOSTS file
2020-08-22 10:13:25 -04:00
export DOS_HOSTS_BLOCKING_APP="DNS66"; #App installed when built-in blocking is disabled. Options: DNS66
export DOS_HOSTS_BLOCKING_LIST="https://divested.dev/hosts-wildcards"; #Must be in the format "127.0.0.1 bad.domain.tld"
export DOS_LOWRAM_ENABLED=false; #Set true to enable low_ram on all devices
export DOS_MICROG_INCLUDED="NLP"; #Determines inclusion of microG. Options: NONE, NLP, FULL
export DOS_NON_COMMERCIAL_USE_PATCHES=false; #Set true to allow inclusion of non-commercial use patches XXX: Unused, see 1dc9247
export DOS_OPTIMIZE_IMAGES=false; #Set true to apply lossless optimizations to image resources
export DOS_SILENCE_INCLUDED=true; #Set false to disable inclusion of Silence SMS app
export DOS_SENSORS_PERM=false; #Set true to provide a per-app sensors permission #XXX: can break things like camera
export DOS_SENSORS_PERM_NEW=true;
export DOS_STRONG_ENCRYPTION_ENABLED=false; #Set true to enable AES 256-bit FDE encryption on 14.1+15.1 XXX: THIS WILL **DESTROY** EXISTING INSTALLS!
export DOS_WEBVIEW_LFS=true; #Whether to `git lfs pull` in the WebView repository
#alias DOS_WEBVIEW_CHERRYPICK='git pull "https://github.com/LineageOS/android_external_chromium-webview" refs/changes/00/316600/2';
export DOS_AUTOVARINIT_KERNELS=('essential/msm8998' 'fxtec/msm8998' 'google/coral' 'google/msm-4.9' 'google/sunfish' 'google/wahoo' 'oneplus/msm8996' 'oneplus/msm8998' 'oneplus/sdm845' 'oneplus/sm7250' 'oneplus/sm8150' 'razer/msm8998' 'razer/sdm845' 'sony/sdm660' 'sony/sdm845' 'xiaomi/sdm660' 'xiaomi/sdm845' 'xiaomi/sm6150' 'xiaomi/sm8150' 'xiaomi/sm8250' 'zuk/msm8996'); #redbull already supports init_stack_all_zero
#Servers
2021-06-26 14:13:03 -04:00
export DOS_DEFAULT_DNS_PRESET="Quad9"; #Sets default DNS. Options: See changeDefaultDNS() in Scripts/Common/Functions.sh
export DOS_GPS_NTP_SERVER="2.android.pool.ntp.org"; #Options: Any NTP pool
export DOS_GPS_SUPL_HOST="supl.google.com"; #Options: supl.{google,vodafone,sonyericsson}.com
#Release Processing
export DOS_MALWARE_SCAN_BEFORE_SIGN=false; #Scan device files for malware before signing
export DOS_GENERATE_DELTAS=true; #Creates deltas from existing target_files in $DOS_BUILDS
export DOS_GENERATE_DELTAS_DEVICES=('akari' 'alioth' 'Amber' 'aura' 'aurora' 'avicii' 'blueline' 'bonito' 'bramble' 'cheryl' 'coral' 'crosshatch' 'davinci' 'discovery' 'enchilada' 'fajita' 'flame' 'FP3' 'guacamole' 'guacamoleb' 'hotdog' 'hotdogb' 'marlin' 'mata' 'pioneer' 'pro1' 'redfin' 'sailfish' 'sargo' 'sunfish' 'taimen' 'vayu' 'voyager' 'walleye' 'xz2c'); #List of devices deltas will be generated for
export DOS_AUTO_ARCHIVE_BUILDS=true; #Copies files to $DOS_BUILDS after signing
export DOS_REMOVE_AFTER=true; #Removes device OUT directory after complete to reclaim space. Requires AUTO_ARCHIVE_BUILDS=true
export DOS_REMOVE_AFTER_FULL=false; #Removes the entire OUT directory
2020-06-17 13:18:16 -04:00
export DOS_GPG_SIGNING=true;
export DOS_GPG_SIGNING_KEY="B8744D67F9F1E14E145DFD8E7F627E920F316994";
#Branding
2018-06-29 00:55:21 -04:00
export DOS_BRANDING_NAME="DivestOS";
export DOS_BRANDING_ZIP_PREFIX="divested";
2021-06-12 17:17:11 -04:00
export DOS_BRANDING_BOOTANIMATION_FONT="Fira-Sans-Heavy"; #Options: $ convert -list font
2018-06-29 00:55:21 -04:00
export DOS_BRANDING_BOOTANIMATION_STYLE="plasma"; #Options: gradient, plasma
#export DOS_BRANDING_BOOTANIMATION_COLOR="#FF5722-#FF8A65"; #gradient
export DOS_BRANDING_BOOTANIMATION_COLOR="#FF5722-#03A9F4"; #plasma
2019-05-23 11:34:26 -04:00
export DOS_BRANDING_LINK_ABOUT="https://divestos.org/index.php?page=about";
export DOS_BRANDING_LINK_PRIVACY="https://divestos.org/index.php?page=privacy_policy";
export DOS_BRANDING_SERVER_OTA="https://divestos.org/updater.php";
2020-12-30 10:13:15 -05:00
export DOS_BRANDING_SERVER_OTA_ONION=$DOS_BRANDING_SERVER_OTA; #TODO: need to handle allow cleartext
#Theme
2018-06-29 00:55:21 -04:00
export DOS_THEME_50="FFCA28"; #Amber 400
export DOS_THEME_100="FFC107"; #Amber 500
export DOS_THEME_200="FFA726"; #Orange 400
export DOS_THEME_300="FF9800"; #Orange 500
export DOS_THEME_500="FF5722"; #Deep Orange 500
export DOS_THEME_700="E64A19"; #Deep Orange 700
#
2018-06-02 17:51:18 -04:00
#END OF USER CONFIGURABLE OPTIONS
#
2018-06-02 17:51:18 -04:00
umask 0022;
gpgVerifyGitHead() {
if [ -r "$HOME/.gnupg" ]; then
if git -C $1 verify-commit HEAD; then
echo -e "\e[0;32mGPG Verified Git HEAD Successfully: $1\e[0m";
else
echo -e "\e[0;31mWARNING: GPG Verification of Git HEAD Failed: $1\e[0m";
sleep 60;
fi;
#git -C $1 log --show-signature -1;
else
echo -e "\e[0;33mWARNING: ~/.gnupg is unavailable, GPG verification of $1 will not be performed!\e[0m";
fi;
}
export -f gpgVerifyGitHead;
2018-06-02 17:51:18 -04:00
BUILD_WORKING_DIR=${PWD##*/};
2019-03-31 22:46:37 -04:00
DOS_VERSION=$BUILD_WORKING_DIR;
2018-06-03 08:02:43 -04:00
if [ -d ".repo" ]; then
echo "Detected $BUILD_WORKING_DIR";
else
echo "Not a valid workspace!";
return 1;
fi;
2018-06-29 00:55:21 -04:00
export DOS_BUILD_BASE=$DOS_WORKSPACE_ROOT"Build/$BUILD_WORKING_DIR/";
if [ ! -d "$DOS_BUILD_BASE" ]; then
2018-06-03 08:02:43 -04:00
echo "Path mismatch! Please update init.sh!";
return 1;
fi;
2017-11-05 14:30:15 -05:00
export DOS_TMP_DIR="/tmp/dos_tmp";
2018-12-18 21:34:32 -05:00
mkdir -p "$DOS_TMP_DIR";
2018-07-09 08:16:36 -04:00
export DOS_HOSTS_FILE="$DOS_TMP_DIR/hosts";
2018-06-29 00:55:21 -04:00
export DOS_PREBUILT_APPS=$DOS_WORKSPACE_ROOT"PrebuiltApps/";
export DOS_PATCHES_COMMON=$DOS_WORKSPACE_ROOT"Patches/Common/";
export DOS_PATCHES=$DOS_WORKSPACE_ROOT"Patches/$BUILD_WORKING_DIR/";
export DOS_PATCHES_LINUX_CVES=$DOS_WORKSPACE_ROOT"Patches/Linux/";
export DOS_WALLPAPERS=$DOS_WORKSPACE_ROOT"Patches/Wallpapers/";
2018-06-29 00:55:21 -04:00
export DOS_SCRIPTS_COMMON=$DOS_WORKSPACE_ROOT"Scripts/Common/";
export DOS_SCRIPTS=$DOS_WORKSPACE_ROOT"Scripts/$BUILD_WORKING_DIR/";
if [ ! -d "$DOS_SCRIPTS" ]; then
2018-06-03 08:02:43 -04:00
echo "$BUILD_WORKING_DIR is not supported!";
return 1;
fi;
2018-06-29 00:55:21 -04:00
export DOS_SCRIPTS_CVES=$DOS_SCRIPTS"CVE_Patchers/";
2018-04-23 08:59:18 -04:00
export KBUILD_BUILD_USER="emy";
export KBUILD_BUILD_HOST="dosbm";
export BUILD_USERNAME="emy";
export BUILD_HOSTNAME="dosbm";
export ANDROID_JACK_VM_ARGS="-Xmx6144m -Xms512m -Dfile.encoding=UTF-8 -XX:+TieredCompilation";
export JACK_SERVER_VM_ARGUMENTS="${ANDROID_JACK_VM_ARGS}";
2018-10-20 13:13:32 -04:00
export EXPERIMENTAL_USE_JAVA8=true;
2018-04-23 08:59:18 -04:00
export GRADLE_OPTS="-Xmx2048m";
2018-10-20 13:13:32 -04:00
export TZ=:/etc/localtime;
export LC_ALL=C;
export LANG=en_US.UTF-8;
#START OF VERIFICATION
#gpgVerifyGitHead $DOS_WORKSPACE_ROOT;
#gpgVerifyGitHead $DOS_PREBUILT_APPS;
#gpgVerifyGitHead $DOS_PATCHES_LINUX_CVES;
#gpgVerifyGitHead $DOS_WALLPAPERS;
#END OF VERIFICATION
source "$DOS_SCRIPTS_COMMON/Shell.sh";
2018-06-29 00:55:21 -04:00
source "$DOS_SCRIPTS_COMMON/Functions.sh";
source "$DOS_SCRIPTS/Functions.sh";