Git-Mirrors/DivestOS
1
0
Fork 0
mirror of https://github.com/Divested-Mobile/DivestOS-Build.git synced 2024-06-25 22:22:19 +00:00
Code Issues Packages Projects Releases Wiki Activity

Robustness improvements

Browse Source 
Signed-off-by: Tad <tad@spotco.us>
This commit is contained in:
Tad 2023-03-08 00:22:01 -05:00
parent 6ba784ac33
commit 5d0ab40f0b
No known key found for this signature in database
GPG Key ID: B286E9F57A07424B
23 changed files with 276 additions and 316 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

244
Scripts/Common/Copy_Keys.sh
View File

@ -18,152 +18,104 @@ umask 0022;
set -uo pipefail;
source "$DOS_SCRIPTS_COMMON/Shell.sh";
if [ -d "$DOS_SIGNING_KEYS" ]; then
echo "Copying verity/avb public keys to kernels...";
cat "$DOS_SIGNING_KEYS/akari/verity.x509.pem" >> "kernel/sony/sdm845/certs/verity.x509.pem";
cat "$DOS_SIGNING_KEYS/alioth/verity.x509.pem" >> "kernel/xiaomi/sm8250/certs/verity.x509.pem";
cat "$DOS_SIGNING_KEYS/Amber/verity.x509.pem" >> "kernel/yandex/sdm660/certs/verity.x509.pem";
cat "$DOS_SIGNING_KEYS/angler/verity.x509.pem" >> "kernel/huawei/angler/certs/verity.x509.pem";
cat "$DOS_SIGNING_KEYS/aura/verity.x509.pem" >> "kernel/razer/sdm845/certs/verity.x509.pem";
cat "$DOS_SIGNING_KEYS/aurora/verity.x509.pem" >> "kernel/sony/sdm845/certs/verity.x509.pem";
cat "$DOS_SIGNING_KEYS/avicii/verity.x509.pem" >> "kernel/oneplus/sm7250/certs/verity.x509.pem";
cat "$DOS_SIGNING_KEYS/barbet/verity.x509.pem" >> "kernel/google/redbull/certs/verity.x509.pem";
cat "$DOS_SIGNING_KEYS/beryllium/verity.x509.pem" >> "kernel/xiaomi/sdm845/certs/verity.x509.pem";
cat "$DOS_SIGNING_KEYS/bluejay/verity.x509.pem" >> "kernel/google/bluejay/certs/verity.x509.pem";
cat "$DOS_SIGNING_KEYS/bluejay/verity.x509.pem" >> "kernel/google/gs101/private/gs-google/certs/verity.x509.pem";
cat "$DOS_SIGNING_KEYS/blueline/verity.x509.pem" >> "kernel/google/crosshatch/certs/verity.x509.pem";
cat "$DOS_SIGNING_KEYS/blueline/verity.x509.pem" >> "kernel/google/msm-4.9/certs/verity.x509.pem";
cat "$DOS_SIGNING_KEYS/bonito/verity.x509.pem" >> "kernel/google/bonito/certs/verity.x509.pem";
cat "$DOS_SIGNING_KEYS/bonito/verity.x509.pem" >> "kernel/google/msm-4.9/certs/verity.x509.pem";
cat "$DOS_SIGNING_KEYS/bramble/verity.x509.pem" >> "kernel/google/redbull/certs/verity.x509.pem";
cat "$DOS_SIGNING_KEYS/bullhead/verity.x509.pem" >> "kernel/lge/bullhead/certs/verity.x509.pem";
cat "$DOS_SIGNING_KEYS/cheeseburger/verity.x509.pem" >> "kernel/oneplus/msm8998/certs/verity.x509.pem";
cat "$DOS_SIGNING_KEYS/cheetah/verity.x509.pem" >> "kernel/google/gs201/private/gs-google/certs/verity.x509.pem";
cat "$DOS_SIGNING_KEYS/cheryl/verity.x509.pem" >> "kernel/razer/msm8998/certs/verity.x509.pem";
cat "$DOS_SIGNING_KEYS/coral/verity.x509.pem" >> "kernel/google/coral/certs/verity.x509.pem";
cat "$DOS_SIGNING_KEYS/crosshatch/verity.x509.pem" >> "kernel/google/crosshatch/certs/verity.x509.pem";
cat "$DOS_SIGNING_KEYS/crosshatch/verity.x509.pem" >> "kernel/google/msm-4.9/certs/verity.x509.pem";
cat "$DOS_SIGNING_KEYS/davinci/verity.x509.pem" >> "kernel/xiaomi/sm6150/certs/verity.x509.pem";
cat "$DOS_SIGNING_KEYS/discovery/verity.x509.pem" >> "kernel/sony/sdm660/certs/verity.x509.pem";
cat "$DOS_SIGNING_KEYS/dragon/verity.x509.pem" >> "kernel/google/dragon/certs/verity.x509.pem";
cat "$DOS_SIGNING_KEYS/dumpling/verity.x509.pem" >> "kernel/oneplus/msm8998/certs/verity.x509.pem";
cat "$DOS_SIGNING_KEYS/enchilada/verity.x509.pem" >> "kernel/oneplus/sdm845/certs/verity.x509.pem";
cat "$DOS_SIGNING_KEYS/fajita/verity.x509.pem" >> "kernel/oneplus/sdm845/certs/verity.x509.pem";
cat "$DOS_SIGNING_KEYS/flame/verity.x509.pem" >> "kernel/google/coral/certs/verity.x509.pem";
cat "$DOS_SIGNING_KEYS/flounder/verity.x509.pem" >> "kernel/htc/flounder/certs/verity.x509.pem";
cat "$DOS_SIGNING_KEYS/FP3/verity.x509.pem" >> "kernel/fairphone/sdm632/certs/verity.x509.pem";
cat "$DOS_SIGNING_KEYS/FP4/verity.x509.pem" >> "kernel/fairphone/sm7225/certs/verity.x509.pem";
cat "$DOS_SIGNING_KEYS/griffin/verity.x509.pem" >> "kernel/motorola/msm8996/certs/verity.x509.pem";
cat "$DOS_SIGNING_KEYS/guacamoleb/verity.x509.pem" >> "kernel/oneplus/sm8150/certs/verity.x509.pem";
cat "$DOS_SIGNING_KEYS/guacamole/verity.x509.pem" >> "kernel/oneplus/sm8150/certs/verity.x509.pem";
cat "$DOS_SIGNING_KEYS/hotdogb/verity.x509.pem" >> "kernel/oneplus/sm8150/certs/verity.x509.pem";
cat "$DOS_SIGNING_KEYS/hotdog/verity.x509.pem" >> "kernel/oneplus/sm8150/certs/verity.x509.pem";
cat "$DOS_SIGNING_KEYS/instantnoodlep/verity.x509.pem" >> "kernel/oneplus/sm8250/certs/verity.x509.pem";
cat "$DOS_SIGNING_KEYS/instantnoodle/verity.x509.pem" >> "kernel/oneplus/sm8250/certs/verity.x509.pem";
cat "$DOS_SIGNING_KEYS/kebab/verity.x509.pem" >> "kernel/oneplus/sm8250/certs/verity.x509.pem";
cat "$DOS_SIGNING_KEYS/lavender/verity.x509.pem" >> "kernel/xiaomi/sdm660/certs/verity.x509.pem";
cat "$DOS_SIGNING_KEYS/lemonadep/verity.x509.pem" >> "kernel/oneplus/sm8350/certs/verity.x509.pem";
cat "$DOS_SIGNING_KEYS/lemonade/verity.x509.pem" >> "kernel/oneplus/sm8350/certs/verity.x509.pem";
cat "$DOS_SIGNING_KEYS/lmi/verity.x509.pem" >> "kernel/xiaomi/sm8250/certs/verity.x509.pem";
cat "$DOS_SIGNING_KEYS/marlin/verity.x509.pem" >> "kernel/google/marlin/certs/verity.x509.pem";
cat "$DOS_SIGNING_KEYS/mata/verity.x509.pem" >> "kernel/essential/msm8998/certs/verity.x509.pem";
cat "$DOS_SIGNING_KEYS/oneplus3/verity.x509.pem" >> "kernel/oneplus3/msm8996/certs/verity.x509.pem";
cat "$DOS_SIGNING_KEYS/oriole/verity.x509.pem" >> "kernel/google/gs101/private/gs-google/certs/verity.x509.pem";
cat "$DOS_SIGNING_KEYS/oriole/verity.x509.pem" >> "kernel/google/raviole/certs/verity.x509.pem";
cat "$DOS_SIGNING_KEYS/panther/verity.x509.pem" >> "kernel/google/gs201/private/gs-google/certs/verity.x509.pem";
cat "$DOS_SIGNING_KEYS/pioneer/verity.x509.pem" >> "kernel/sony/sdm660/certs/verity.x509.pem";
cat "$DOS_SIGNING_KEYS/pro1/verity.x509.pem" >> "kernel/fxtec/msm8998/certs/verity.x509.pem";
cat "$DOS_SIGNING_KEYS/raphael/verity.x509.pem" >> "kernel/xiaomi/sm8150/certs/verity.x509.pem";
cat "$DOS_SIGNING_KEYS/raven/verity.x509.pem" >> "kernel/google/gs101/private/gs-google/certs/verity.x509.pem";
cat "$DOS_SIGNING_KEYS/raven/verity.x509.pem" >> "kernel/google/raviole/certs/verity.x509.pem";
cat "$DOS_SIGNING_KEYS/redfin/verity.x509.pem" >> "kernel/google/redbull/certs/verity.x509.pem";
cat "$DOS_SIGNING_KEYS/sailfish/verity.x509.pem" >> "kernel/google/marlin/certs/verity.x509.pem";
cat "$DOS_SIGNING_KEYS/sargo/verity.x509.pem" >> "kernel/google/bonito/certs/verity.x509.pem";
cat "$DOS_SIGNING_KEYS/sargo/verity.x509.pem" >> "kernel/google/msm-4.9/certs/verity.x509.pem";
cat "$DOS_SIGNING_KEYS/shamu/verity.x509.pem" >> "kernel/moto/shamu/certs/verity.x509.pem";
cat "$DOS_SIGNING_KEYS/star2lte/verity.x509.pem" >> "kernel/samsung/universal9810/certs/verity.x509.pem";
cat "$DOS_SIGNING_KEYS/starlte/verity.x509.pem" >> "kernel/samsung/universal9810/certs/verity.x509.pem";
cat "$DOS_SIGNING_KEYS/sunfish/verity.x509.pem" >> "kernel/google/sunfish/certs/verity.x509.pem";
cat "$DOS_SIGNING_KEYS/taimen/verity.x509.pem" >> "kernel/google/wahoo/certs/verity.x509.pem";
cat "$DOS_SIGNING_KEYS/vayu/verity.x509.pem" >> "kernel/xiaomi/sm8150/certs/verity.x509.pem";
cat "$DOS_SIGNING_KEYS/voyager/verity.x509.pem" >> "kernel/sony/sdm660/certs/verity.x509.pem";
cat "$DOS_SIGNING_KEYS/walleye/verity.x509.pem" >> "kernel/google/wahoo/certs/verity.x509.pem";
cat "$DOS_SIGNING_KEYS/xz2c/verity.x509.pem" >> "kernel/sony/sdm845/certs/verity.x509.pem";
cat "$DOS_SIGNING_KEYS/z2_plus/verity.x509.pem" >> "kernel/zuk/msm8996/certs/verity.x509.pem";
cat "$DOS_SIGNING_KEYS/zenfone3/verity.x509.pem" >> "kernel/asus/msm8953/certs/verity.x509.pem";
copyKey() {
if [[ -f "$DOS_SIGNING_KEYS/$1/verifiedboot_relkeys.der.x509" ]] && [[ -d "$DOS_BUILD_BASE/$2" ]]; then
if cp "$DOS_SIGNING_KEYS/$1/verifiedboot_relkeys.der.x509" "$DOS_BUILD_BASE/$2/verifiedboot_$1_dos_relkeys.der.x509"; then
echo -e "\e[0;32mCopied verifiedboot keys for $1 to $2\e[0m";
else
echo -e "\e[0;33mCould not copy verifiedboot keys for $1\e[0m";
fi;
else
echo -e "\e[0;33mCould not copy verifiedboot keys for $1\e[0m";
fi;
cp -v "$DOS_SIGNING_KEYS/akari/verifiedboot_relkeys.der.x509" "kernel/sony/sdm845/verifiedboot_akari_dos_relkeys.der.x509";
cp -v "$DOS_SIGNING_KEYS/alioth/verifiedboot_relkeys.der.x509" "kernel/xiaomi/sm8250/verifiedboot_alioth_dos_relkeys.der.x509";
cp -v "$DOS_SIGNING_KEYS/Amber/verifiedboot_relkeys.der.x509" "kernel/yandex/sdm660/verifiedboot_Amber_dos_relkeys.der.x509";
cp -v "$DOS_SIGNING_KEYS/angler/verifiedboot_relkeys.der.x509" "kernel/huawei/angler/verifiedboot_angler_dos_relkeys.der.x509";
cp -v "$DOS_SIGNING_KEYS/aura/verifiedboot_relkeys.der.x509" "kernel/razer/sdm845/verifiedboot_aura_dos_relkeys.der.x509";
cp -v "$DOS_SIGNING_KEYS/aurora/verifiedboot_relkeys.der.x509" "kernel/sony/sdm845/verifiedboot_aurora_dos_relkeys.der.x509";
cp -v "$DOS_SIGNING_KEYS/avicii/verifiedboot_relkeys.der.x509" "kernel/oneplus/sm7250/verifiedboot_avicii_dos_relkeys.der.x509";
cp -v "$DOS_SIGNING_KEYS/barbet/verifiedboot_relkeys.der.x509" "kernel/google/redbull/verifiedboot_barbet_dos_relkeys.der.x509";
cp -v "$DOS_SIGNING_KEYS/beryllium/verifiedboot_relkeys.der.x509" "kernel/xiaomi/sdm845/verifiedboot_beryllium_dos_relkeys.der.x509";
cp -v "$DOS_SIGNING_KEYS/bluejay/verifiedboot_relkeys.der.x509" "kernel/google/bluejay/verifiedboot_bluejay_dos_relkeys.der.x509";
cp -v "$DOS_SIGNING_KEYS/bluejay/verifiedboot_relkeys.der.x509" "kernel/google/gs101/private/gs-google/verifiedboot_bluejay_dos_relkeys.der.x509";
cp -v "$DOS_SIGNING_KEYS/blueline/verifiedboot_relkeys.der.x509" "kernel/google/crosshatch/verifiedboot_blueline_dos_relkeys.der.x509";
cp -v "$DOS_SIGNING_KEYS/blueline/verifiedboot_relkeys.der.x509" "kernel/google/msm-4.9/verifiedboot_blueline_dos_relkeys.der.x509";
cp -v "$DOS_SIGNING_KEYS/bonito/verifiedboot_relkeys.der.x509" "kernel/google/bonito/verifiedboot_bonito_dos_relkeys.der.x509";
cp -v "$DOS_SIGNING_KEYS/bonito/verifiedboot_relkeys.der.x509" "kernel/google/msm-4.9/verifiedboot_bonito_dos_relkeys.der.x509";
cp -v "$DOS_SIGNING_KEYS/bramble/verifiedboot_relkeys.der.x509" "kernel/google/redbull/verifiedboot_bramble_dos_relkeys.der.x509";
cp -v "$DOS_SIGNING_KEYS/bullhead/verifiedboot_relkeys.der.x509" "kernel/lge/bullhead/verifiedboot_bullhead_dos_relkeys.der.x509";
cp -v "$DOS_SIGNING_KEYS/cheeseburger/verifiedboot_relkeys.der.x509" "kernel/oneplus/msm8998/verifiedboot_cheeseburger_dos_relkeys.der.x509";
cp -v "$DOS_SIGNING_KEYS/cheetah/verifiedboot_relkeys.der.x509" "kernel/google/gs201/private/gs-google/verifiedboot_cheetah_dos_relkeys.der.x509";
cp -v "$DOS_SIGNING_KEYS/cheryl/verifiedboot_relkeys.der.x509" "kernel/razer/msm8998/verifiedboot_cheryl_dos_relkeys.der.x509";
cp -v "$DOS_SIGNING_KEYS/coral/verifiedboot_relkeys.der.x509" "kernel/google/coral/verifiedboot_coral_dos_relkeys.der.x509";
cp -v "$DOS_SIGNING_KEYS/crosshatch/verifiedboot_relkeys.der.x509" "kernel/google/crosshatch/verifiedboot_crosshatch_dos_relkeys.der.x509";
cp -v "$DOS_SIGNING_KEYS/crosshatch/verifiedboot_relkeys.der.x509" "kernel/google/msm-4.9/verifiedboot_crosshatch_dos_relkeys.der.x509";
cp -v "$DOS_SIGNING_KEYS/davinci/verifiedboot_relkeys.der.x509" "kernel/xiaomi/sm6150/verifiedboot_davinci_dos_relkeys.der.x509";
cp -v "$DOS_SIGNING_KEYS/discovery/verifiedboot_relkeys.der.x509" "kernel/sony/sdm660/verifiedboot_discovery_dos_relkeys.der.x509";
cp -v "$DOS_SIGNING_KEYS/dragon/verifiedboot_relkeys.der.x509" "kernel/google/dragon/verifiedboot_dragon_dos_relkeys.der.x509";
cp -v "$DOS_SIGNING_KEYS/dumpling/verifiedboot_relkeys.der.x509" "kernel/oneplus/msm8998/verifiedboot_dumpling_dos_relkeys.der.x509";
cp -v "$DOS_SIGNING_KEYS/enchilada/verifiedboot_relkeys.der.x509" "kernel/oneplus/sdm845/verifiedboot_enchilada_dos_relkeys.der.x509";
cp -v "$DOS_SIGNING_KEYS/fajita/verifiedboot_relkeys.der.x509" "kernel/oneplus/sdm845/verifiedboot_fajita_dos_relkeys.der.x509";
cp -v "$DOS_SIGNING_KEYS/flame/verifiedboot_relkeys.der.x509" "kernel/google/coral/verifiedboot_flame_dos_relkeys.der.x509";
cp -v "$DOS_SIGNING_KEYS/flounder/verifiedboot_relkeys.der.x509" "kernel/htc/flounder/verifiedboot_flounder_dos_relkeys.der.x509";
cp -v "$DOS_SIGNING_KEYS/FP3/verifiedboot_relkeys.der.x509" "kernel/fairphone/sdm632/verifiedboot_FP3_dos_relkeys.der.x509";
cp -v "$DOS_SIGNING_KEYS/FP4/verifiedboot_relkeys.der.x509" "kernel/fairphone/sm7225/verifiedboot_FP4_dos_relkeys.der.x509";
cp -v "$DOS_SIGNING_KEYS/griffin/verifiedboot_relkeys.der.x509" "kernel/motorola/msm8996/verifiedboot_griffin_dos_relkeys.der.x509";
cp -v "$DOS_SIGNING_KEYS/guacamoleb/verifiedboot_relkeys.der.x509" "kernel/oneplus/sm8150/verifiedboot_guacamoleb_dos_relkeys.der.x509";
cp -v "$DOS_SIGNING_KEYS/guacamole/verifiedboot_relkeys.der.x509" "kernel/oneplus/sm8150/verifiedboot_guacamole_dos_relkeys.der.x509";
cp -v "$DOS_SIGNING_KEYS/hotdogb/verifiedboot_relkeys.der.x509" "kernel/oneplus/sm8150/verifiedboot_hotdogb_dos_relkeys.der.x509";
cp -v "$DOS_SIGNING_KEYS/hotdog/verifiedboot_relkeys.der.x509" "kernel/oneplus/sm8150/verifiedboot_hotdog_dos_relkeys.der.x509";
cp -v "$DOS_SIGNING_KEYS/instantnoodlep/verifiedboot_relkeys.der.x509" "kernel/oneplus/sm8250/verifiedboot_instantnoodlep_dos_relkeys.der.x509";
cp -v "$DOS_SIGNING_KEYS/instantnoodle/verifiedboot_relkeys.der.x509" "kernel/oneplus/sm8250/verifiedboot_instantnoodle_dos_relkeys.der.x509";
cp -v "$DOS_SIGNING_KEYS/kebab/verifiedboot_relkeys.der.x509" "kernel/oneplus/sm8250/verifiedboot_kebab_dos_relkeys.der.x509";
cp -v "$DOS_SIGNING_KEYS/lavender/verifiedboot_relkeys.der.x509" "kernel/xiaomi/sdm660/verifiedboot_lavender_dos_relkeys.der.x509";
cp -v "$DOS_SIGNING_KEYS/lemonadep/verifiedboot_relkeys.der.x509" "kernel/oneplus/sm8350/verifiedboot_lemonadep_dos_relkeys.der.x509";
cp -v "$DOS_SIGNING_KEYS/lemonade/verifiedboot_relkeys.der.x509" "kernel/oneplus/sm8350/verifiedboot_lemonade_dos_relkeys.der.x509";
cp -v "$DOS_SIGNING_KEYS/lmi/verifiedboot_relkeys.der.x509" "kernel/xiaomi/sm8250/verifiedboot_lmi_dos_relkeys.der.x509";
cp -v "$DOS_SIGNING_KEYS/marlin/verifiedboot_relkeys.der.x509" "kernel/google/marlin/verifiedboot_marlin_dos_relkeys.der.x509";
cp -v "$DOS_SIGNING_KEYS/mata/verifiedboot_relkeys.der.x509" "kernel/essential/msm8998/verifiedboot_mata_dos_relkeys.der.x509";
cp -v "$DOS_SIGNING_KEYS/oneplus3/verifiedboot_relkeys.der.x509" "kernel/oneplus/msm8996/verifiedboot_oneplus3_dos_relkeys.der.x509";
cp -v "$DOS_SIGNING_KEYS/oriole/verifiedboot_relkeys.der.x509" "kernel/google/gs101/private/gs-google/verifiedboot_oriole_dos_relkeys.der.x509";
cp -v "$DOS_SIGNING_KEYS/oriole/verifiedboot_relkeys.der.x509" "kernel/google/raviole/verifiedboot_oriole_dos_relkeys.der.x509";
cp -v "$DOS_SIGNING_KEYS/panther/verifiedboot_relkeys.der.x509" "kernel/google/gs201/private/gs-google/verifiedboot_panther_dos_relkeys.der.x509";
cp -v "$DOS_SIGNING_KEYS/pioneer/verifiedboot_relkeys.der.x509" "kernel/sony/sdm660/verifiedboot_pioneer_dos_relkeys.der.x509";
cp -v "$DOS_SIGNING_KEYS/pro1/verifiedboot_relkeys.der.x509" "kernel/fxtec/msm8998/verifiedboot_pro1_dos_relkeys.der.x509";
cp -v "$DOS_SIGNING_KEYS/raphael/verifiedboot_relkeys.der.x509" "kernel/xiaomi/sm8150/verifiedboot_raphael_dos_relkeys.der.x509";
cp -v "$DOS_SIGNING_KEYS/raven/verifiedboot_relkeys.der.x509" "kernel/google/gs101/private/gs-google/verifiedboot_raven_dos_relkeys.der.x509";
cp -v "$DOS_SIGNING_KEYS/raven/verifiedboot_relkeys.der.x509" "kernel/google/raviole/verifiedboot_raven_dos_relkeys.der.x509";
cp -v "$DOS_SIGNING_KEYS/redfin/verifiedboot_relkeys.der.x509" "kernel/google/redbull/verifiedboot_redfin_dos_relkeys.der.x509";
cp -v "$DOS_SIGNING_KEYS/sailfish/verifiedboot_relkeys.der.x509" "kernel/google/marlin/verifiedboot_sailfish_dos_relkeys.der.x509";
cp -v "$DOS_SIGNING_KEYS/sargo/verifiedboot_relkeys.der.x509" "kernel/google/bonito/verifiedboot_sargo_dos_relkeys.der.x509";
cp -v "$DOS_SIGNING_KEYS/sargo/verifiedboot_relkeys.der.x509" "kernel/google/msm-4.9/verifiedboot_sargo_dos_relkeys.der.x509";
cp -v "$DOS_SIGNING_KEYS/shamu/verifiedboot_relkeys.der.x509" "kernel/moto/shamu/verifiedboot_shamu_dos_relkeys.der.x509";
cp -v "$DOS_SIGNING_KEYS/star2lte/verifiedboot_relkeys.der.x509" "kernel/samsung/universal9810/verifiedboot_star2lte_dos_relkeys.der.x509";
cp -v "$DOS_SIGNING_KEYS/starlte/verifiedboot_relkeys.der.x509" "kernel/samsung/universal9810/verifiedboot_starlte_dos_relkeys.der.x509";
cp -v "$DOS_SIGNING_KEYS/sunfish/verifiedboot_relkeys.der.x509" "kernel/google/sunfish/verifiedboot_sunfish_dos_relkeys.der.x509";
cp -v "$DOS_SIGNING_KEYS/taimen/verifiedboot_relkeys.der.x509" "kernel/google/wahoo/verifiedboot_taimen_dos_relkeys.der.x509";
cp -v "$DOS_SIGNING_KEYS/vayu/verifiedboot_relkeys.der.x509" "kernel/xiaomi/sm8150/verifiedboot_vayu_dos_relkeys.der.x509";
cp -v "$DOS_SIGNING_KEYS/voyager/verifiedboot_relkeys.der.x509" "kernel/sony/sdm660/verifiedboot_voyager_dos_relkeys.der.x509";
cp -v "$DOS_SIGNING_KEYS/walleye/verifiedboot_relkeys.der.x509" "kernel/google/wahoo/verifiedboot_walleye_dos_relkeys.der.x509";
cp -v "$DOS_SIGNING_KEYS/xz2c/verifiedboot_relkeys.der.x509" "kernel/sony/sdm845/verifiedboot_xz2c_dos_relkeys.der.x509";
cp -v "$DOS_SIGNING_KEYS/z2_plus/verifiedboot_relkeys.der.x509" "kernel/zuk/msm8996/verifiedboot_z2_plus_dos_relkeys.der.x509";
cp -v "$DOS_SIGNING_KEYS/zenfone3/verifiedboot_relkeys.der.x509" "kernel/asus/msm8953/verifiedboot_zenfone3_dos_relkeys.der.x509";
echo -e "\e[0;32m[SCRIPT COMPLETE] Copied keys to kernels\e[0m";
if [[ -f "$DOS_SIGNING_KEYS/$1/verity.x509.pem" ]] && [[ -d "$DOS_BUILD_BASE/$2/certs" ]]; then
if cat "$DOS_SIGNING_KEYS/$1/verity.x509.pem" >> "$DOS_BUILD_BASE/$2/certs/verity.x509.pem"; then
echo -e "\e[0;32mAppended verity keys for $1 to $2\e[0m";
else
echo -e "\e[0;33mCould not append verity keys for $1\e[0m";
fi;
else
echo -e "\e[0;33mCould not append verity keys for $1\e[0m";
fi;
}
if [ -d "$DOS_SIGNING_KEYS" ]; then
echo "Copying verity/avb public keys to kernels...";
copyKey "akari" "kernel/sony/sdm845";
copyKey "alioth" "kernel/xiaomi/sm8250";
copyKey "Amber" "kernel/yandex/sdm660";
copyKey "angler" "kernel/huawei/angler";
copyKey "aura" "kernel/razer/sdm845";
copyKey "aurora" "kernel/sony/sdm845";
copyKey "avicii" "kernel/oneplus/sm7250";
copyKey "barbet" "kernel/google/redbull";
copyKey "beryllium" "kernel/xiaomi/sdm845";
copyKey "bluejay" "kernel/google/bluejay";
copyKey "bluejay" "kernel/google/gs101/private/gs-google";
copyKey "blueline" "kernel/google/crosshatch";
copyKey "blueline" "kernel/google/msm-4.9";
copyKey "bonito" "kernel/google/bonito";
copyKey "bonito" "kernel/google/msm-4.9";
copyKey "bramble" "kernel/google/redbull";
copyKey "bullhead" "kernel/lge/bullhead";
copyKey "cheeseburger" "kernel/oneplus/msm8998";
copyKey "cheetah" "kernel/google/gs201/private/gs-google";
copyKey "cheryl" "kernel/razer/msm8998";
copyKey "coral" "kernel/google/coral";
copyKey "crosshatch" "kernel/google/crosshatch";
copyKey "crosshatch" "kernel/google/msm-4.9";
copyKey "davinci" "kernel/xiaomi/sm6150";
copyKey "discovery" "kernel/sony/sdm660";
copyKey "dragon" "kernel/google/dragon";
copyKey "dumpling" "kernel/oneplus/msm8998";
copyKey "enchilada" "kernel/oneplus/sdm845";
copyKey "fajita" "kernel/oneplus/sdm845";
copyKey "flame" "kernel/google/coral";
copyKey "flounder" "kernel/htc/flounder";
copyKey "FP3" "kernel/fairphone/sdm632";
copyKey "FP4" "kernel/fairphone/sm7225";
copyKey "griffin" "kernel/motorola/msm8996";
copyKey "guacamoleb" "kernel/oneplus/sm8150";
copyKey "guacamole" "kernel/oneplus/sm8150";
copyKey "hotdogb" "kernel/oneplus/sm8150";
copyKey "hotdog" "kernel/oneplus/sm8150";
copyKey "instantnoodle" "kernel/oneplus/sm8250";
copyKey "instantnoodlep" "kernel/oneplus/sm8250";
copyKey "kebab" "kernel/oneplus/sm8250";
copyKey "lavender" "kernel/xiaomi/sdm660";
copyKey "lemonade" "kernel/oneplus/sm8350";
copyKey "lemonadep" "kernel/oneplus/sm8350";
copyKey "lmi" "kernel/xiaomi/sm8250";
copyKey "marlin" "kernel/google/marlin";
copyKey "mata" "kernel/essential/msm8998";
copyKey "oneplus3" "kernel/oneplus/msm8996";
copyKey "oriole" "kernel/google/gs101/private/gs-google";
copyKey "oriole" "kernel/google/raviole";
copyKey "panther" "kernel/google/gs201/private/gs-google";
copyKey "pioneer" "kernel/sony/sdm660";
copyKey "pro1" "kernel/fxtec/msm8998";
copyKey "raphael" "kernel/xiaomi/sm8150";
copyKey "raven" "kernel/google/gs101/private/gs-google";
copyKey "raven" "kernel/google/raviole";
copyKey "redfin" "kernel/google/redbull";
copyKey "sailfish" "kernel/google/marlin";
copyKey "sargo" "kernel/google/bonito";
copyKey "sargo" "kernel/google/msm-4.9";
copyKey "shamu" "kernel/moto/shamu";
copyKey "star2lte" "kernel/samsung/universal9810";
copyKey "starlte" "kernel/samsung/universal9810";
copyKey "sunfish" "kernel/google/sunfish";
copyKey "taimen" "kernel/google/wahoo";
copyKey "vayu" "kernel/xiaomi/sm8150";
copyKey "voyager" "kernel/sony/sdm660";
copyKey "walleye" "kernel/google/wahoo";
copyKey "xz2c" "kernel/sony/sdm845";
copyKey "z2_plus" "kernel/zuk/msm8996";
copyKey "zenfone3" "kernel/asus/msm8953";
echo -e "\e[0;32m[SCRIPT COMPLETE] Copied keys to kernels\e[0m";
else
echo -e "\e[0;31mSigning keys unavailable, NOT copying public keys to kernels\e[0m";
echo -e "\e[0;31mSigning keys unavailable, NOT copying public keys to kernels\e[0m";
fi;

10
Scripts/Common/Deblob.sh
View File

@ -654,7 +654,7 @@ echo "Deblobbing...";
#
deblobDevice() {
local devicePath="$1";
cd "$DOS_BUILD_BASE$devicePath";
cd "$DOS_BUILD_BASE/$devicePath";
if [ "$DOS_DEBLOBBER_REPLACE_TIME" = false ]; then local replaceTime="false"; fi; #Disable Time replacement
if ! grep -qi "qcom" BoardConfig*.mk; then local replaceTime="false"; fi; #Disable Time Replacement
if [ -f Android.mk ]; then
@ -823,7 +823,7 @@ deblobDevice() {
awk -i inplace '!/'$blobs'/' ./*proprietary*.txt &>/dev/null || true; #Remove all blob references from blob manifest
awk -i inplace '!/'$blobs'/' ./*/*proprietary*.txt &>/dev/null || true; #Remove all blob references from blob manifest location in subdirectory
if [ -f setup-makefiles.sh ]; then
bash -c "cd $DOS_BUILD_BASE$devicePath && ./setup-makefiles.sh" || true; #Update the makefiles
bash -c "cd $DOS_BUILD_BASE/$devicePath && ./setup-makefiles.sh" || true; #Update the makefiles
fi;
cd "$DOS_BUILD_BASE";
}
@ -831,7 +831,7 @@ export -f deblobDevice;
deblobKernel() {
local kernelPath="$1";
cd "$DOS_BUILD_BASE$kernelPath";
cd "$DOS_BUILD_BASE/$kernelPath";
rm -rf $kernels;
cd "$DOS_BUILD_BASE";
}
@ -839,7 +839,7 @@ export -f deblobKernel;
deblobSepolicy() {
local sepolicyPath="$1";
cd "$DOS_BUILD_BASE$sepolicyPath";
cd "$DOS_BUILD_BASE/$sepolicyPath";
if [ -d sepolicy ]; then
cd sepolicy;
rm -f $sepolicy;
@ -900,7 +900,7 @@ fi;
deblobVendors; #Deblob entire vendor directory
rm -rf frameworks/av/drm/mediadrm/plugins/clearkey; #Remove ClearKey
#rm -rf frameworks/av/drm/mediacas/plugins/clearkey; #XXX: breaks protobuf inclusion
rm -rf vendor/samsung/nodevice;
[[ -d vendor/samsung/nodevice ]] && rm -rf vendor/samsung/nodevice;
#
#END OF DEBLOBBING
#

78
Scripts/Common/Enable_Verity.sh
View File

@ -159,13 +159,13 @@ enableAVB "device/xiaomi/sm8250-common";
enableAVB "device/xiaomi/vayu";
#Kernel Changes
sed -i 's/slotselect/slotselect,verify/' kernel/essential/msm8998/arch/arm64/boot/dts/essential/msm8998-mata-lineage.dtsi &>/dev/null || true; #/vendor
#sed -i 's/wait/wait,verify/g' kernel/htc/flounder/arch/arm64/boot/dts/tegra132.dtsi &>/dev/null || true; #/system #XXX: no boot
sed -i 's/wait/wait,verify/g' kernel/moto/shamu/arch/arm/boot/dts/qcom/apq8084.dtsi &>/dev/null || true; #/system
sed -i 's/wait/wait,verify/g' kernel/oneplus/msm8996/arch/arm/boot/dts/qcom/15801/msm8996-mtp.dtsi &>/dev/null || true; #/system
sed -i 's/wait/wait,verify/g' kernel/oneplus/msm8998/arch/arm/boot/dts/qcom/cheeseburger.dtsi &>/dev/null || true; #/system and /vendor
sed -i 's/wait/wait,verify/g' kernel/oneplus/msm8998/arch/arm/boot/dts/qcom/dumpling.dtsi &>/dev/null || true; #/system and /vendor
sed -i 's/wait/wait,verify/g' kernel/zuk/msm8996/arch/arm/boot/dts/qcom/zuk/common.dtsi &>/dev/null || true; #/system and /vendor
[[ -d kernel/essential/msm8998 ]] && sed -i 's/slotselect/slotselect,verify/' kernel/essential/msm8998/arch/arm64/boot/dts/essential/msm8998-mata-lineage.dtsi &>/dev/null; #/vendor
#[[ -d kernel/htc/flounder ]] && sed -i 's/wait/wait,verify/g' kernel/htc/flounder/arch/arm64/boot/dts/tegra132.dtsi &>/dev/null; #/system #XXX: no boot
[[ -d kernel/moto/shamu ]] && sed -i 's/wait/wait,verify/g' kernel/moto/shamu/arch/arm/boot/dts/qcom/apq8084.dtsi &>/dev/null; #/system
[[ -d kernel/oneplus/msm8996 ]] && sed -i 's/wait/wait,verify/g' kernel/oneplus/msm8996/arch/arm/boot/dts/qcom/15801/msm8996-mtp.dtsi &>/dev/null; #/system
[[ -d kernel/oneplus/msm8998 ]] && sed -i 's/wait/wait,verify/g' kernel/oneplus/msm8998/arch/arm/boot/dts/qcom/cheeseburger.dtsi &>/dev/null; #/system and /vendor
[[ -d kernel/oneplus/msm8998 ]] && sed -i 's/wait/wait,verify/g' kernel/oneplus/msm8998/arch/arm/boot/dts/qcom/dumpling.dtsi &>/dev/null; #/system and /vendor
[[ -d kernel/zuk/msm8996 ]] && sed -i 's/wait/wait,verify/g' kernel/zuk/msm8996/arch/arm/boot/dts/qcom/zuk/common.dtsi &>/dev/null; #/system and /vendor
#not used
#sed -i 's/wait/wait,verify/g' kernel/cyanogen/msm8916/arch/arm/boot/dts/qcom/msm8916.dtsi &>/dev/null || true; #/system
#sed -i 's/wait/wait,verify/g' kernel/cyanogen/msm8974/arch/arm/boot/dts/msm8974.dtsi &>/dev/null || true; #/system
@ -192,38 +192,38 @@ sed -i 's/^\treturn VERITY_STATE_DISABLE;//' kernel/*/*/drivers/md/dm-android-ve
#sed -i 's/#if 0/#if 1/' kernel/*/*/drivers/power/reset/msm-poweroff.c &>/dev/null || true; #TODO: needs refinement
#Ensure OEM unlocking toggle is always available
sed -zi '/ro.oem_unlock_supported=1/!s/$/\nro.oem_unlock_supported=1/' device/essential/mata/system.prop &>/dev/null || true;
sed -zi '/ro.oem_unlock_supported=1/!s/$/\nro.oem_unlock_supported=1/' device/fairphone/FP3/system.prop &>/dev/null || true;
sed -zi '/ro.oem_unlock_supported=1/!s/$/\nro.oem_unlock_supported=1/' device/fairphone/FP4/system.prop &>/dev/null || true;
sed -zi '/ro.oem_unlock_supported=1/!s/$/\nro.oem_unlock_supported=1/' device/fxtec/pro1/system.prop &>/dev/null || true;
sed -zi '/ro.oem_unlock_supported=1/!s/$/\nro.oem_unlock_supported=1/' device/google/bluejay/vendor.prop &>/dev/null || true;
sed -zi '/ro.oem_unlock_supported=1/!s/$/\nro.oem_unlock_supported=1/' device/google/bonito/vendor.prop &>/dev/null || true;
sed -zi '/ro.oem_unlock_supported=1/!s/$/\nro.oem_unlock_supported=1/' device/google/coral/vendor.prop &>/dev/null || true;
sed -zi '/ro.oem_unlock_supported=1/!s/$/\nro.oem_unlock_supported=1/' device/google/crosshatch/product.prop &>/dev/null || true;
sed -zi '/ro.oem_unlock_supported=1/!s/$/\nro.oem_unlock_supported=1/' device/google/crosshatch/vendor.prop &>/dev/null || true;
sed -zi '/ro.oem_unlock_supported=1/!s/$/\nro.oem_unlock_supported=1/' device/google/dragon/system.prop &>/dev/null || true;
sed -zi '/ro.oem_unlock_supported=1/!s/$/\nro.oem_unlock_supported=1/' device/google/marlin/system.prop &>/dev/null || true;
sed -zi '/ro.oem_unlock_supported=1/!s/$/\nro.oem_unlock_supported=1/' device/google/pantah/vendor.prop &>/dev/null || true;
sed -zi '/ro.oem_unlock_supported=1/!s/$/\nro.oem_unlock_supported=1/' device/google/raviole/vendor.prop &>/dev/null || true;
sed -zi '/ro.oem_unlock_supported=1/!s/$/\nro.oem_unlock_supported=1/' device/google/redbull/vendor.prop &>/dev/null || true;
sed -zi '/ro.oem_unlock_supported=1/!s/$/\nro.oem_unlock_supported=1/' device/google/sunfish/vendor.prop &>/dev/null || true;
sed -zi '/ro.oem_unlock_supported=1/!s/$/\nro.oem_unlock_supported=1/' device/google/wahoo/system.prop &>/dev/null || true;
#sed -zi '/ro.oem_unlock_supported=1/!s/$/\nro.oem_unlock_supported=1/' device/google/yellowstone/system.prop &>/dev/null || true;
sed -zi '/ro.oem_unlock_supported=1/!s/$/\nro.oem_unlock_supported=1/' device/huawei/angler/system.prop &>/dev/null || true;
sed -zi '/ro.oem_unlock_supported=1/!s/$/\nro.oem_unlock_supported=1/' device/lge/bullhead/system.prop &>/dev/null || true;
sed -zi '/ro.oem_unlock_supported=1/!s/$/\nro.oem_unlock_supported=1/' device/moto/shamu/system.prop &>/dev/null || true;
sed -zi '/ro.oem_unlock_supported=1/!s/$/\nro.oem_unlock_supported=1/' device/nextbit/ether/system.prop &>/dev/null || true;
sed -zi '/ro.oem_unlock_supported=1/!s/$/\nro.oem_unlock_supported=1/' device/oneplus/avicii/system.prop &>/dev/null || true;
sed -zi '/ro.oem_unlock_supported=1/!s/$/\nro.oem_unlock_supported=1/' device/oneplus/msm8998-common/system.prop &>/dev/null || true;
sed -zi '/ro.oem_unlock_supported=1/!s/$/\nro.oem_unlock_supported=1/' device/oneplus/oneplus2/system.prop &>/dev/null || true;
sed -zi '/ro.oem_unlock_supported=1/!s/$/\nro.oem_unlock_supported=1/' device/oneplus/oneplus3/system.prop &>/dev/null || true;
sed -zi '/ro.oem_unlock_supported=1/!s/$/\nro.oem_unlock_supported=1/' device/oneplus/sdm845-common/system.prop &>/dev/null || true;
sed -zi '/ro.oem_unlock_supported=1/!s/$/\nro.oem_unlock_supported=1/' device/oneplus/sm8150-common/system.prop &>/dev/null || true;
sed -zi '/ro.oem_unlock_supported=1/!s/$/\nro.oem_unlock_supported=1/' device/oneplus/sm8250-common/system.prop &>/dev/null || true;
sed -zi '/ro.oem_unlock_supported=1/!s/$/\nro.oem_unlock_supported=1/' device/oneplus/sm8350-common/system.prop &>/dev/null || true;
sed -zi '/ro.oem_unlock_supported=1/!s/$/\nro.oem_unlock_supported=1/' device/razer/aura/system.prop &>/dev/null || true;
sed -zi '/ro.oem_unlock_supported=1/!s/$/\nro.oem_unlock_supported=1/' device/razer/cheryl/system.prop &>/dev/null || true;
#sed -zi '/ro.oem_unlock_supported=1/!s/$/\nro.oem_unlock_supported=1/' device/yandex/Amber/system.prop &>/dev/null || true;
[[ -d device/essential/mata ]] && sed -zi '/ro.oem_unlock_supported=1/!s/$/\nro.oem_unlock_supported=1/' device/essential/mata/system.prop &>/dev/null || true;
[[ -d device/fairphone/FP3 ]] && sed -zi '/ro.oem_unlock_supported=1/!s/$/\nro.oem_unlock_supported=1/' device/fairphone/FP3/system.prop &>/dev/null || true;
[[ -d device/fairphone/FP4 ]] && sed -zi '/ro.oem_unlock_supported=1/!s/$/\nro.oem_unlock_supported=1/' device/fairphone/FP4/system.prop &>/dev/null || true;
[[ -d device/fxtec/pro1 ]] && sed -zi '/ro.oem_unlock_supported=1/!s/$/\nro.oem_unlock_supported=1/' device/fxtec/pro1/system.prop &>/dev/null || true;
[[ -d device/google/bluejay ]] && sed -zi '/ro.oem_unlock_supported=1/!s/$/\nro.oem_unlock_supported=1/' device/google/bluejay/vendor.prop &>/dev/null || true;
[[ -d device/google/bonito ]] && sed -zi '/ro.oem_unlock_supported=1/!s/$/\nro.oem_unlock_supported=1/' device/google/bonito/vendor.prop &>/dev/null || true;
[[ -d device/google/coral ]] && sed -zi '/ro.oem_unlock_supported=1/!s/$/\nro.oem_unlock_supported=1/' device/google/coral/vendor.prop &>/dev/null || true;
[[ -d device/google/crosshatch ]] && sed -zi '/ro.oem_unlock_supported=1/!s/$/\nro.oem_unlock_supported=1/' device/google/crosshatch/product.prop &>/dev/null || true;
[[ -d device/google/crosshatch ]] && sed -zi '/ro.oem_unlock_supported=1/!s/$/\nro.oem_unlock_supported=1/' device/google/crosshatch/vendor.prop &>/dev/null || true;
[[ -d device/google/dragon ]] && sed -zi '/ro.oem_unlock_supported=1/!s/$/\nro.oem_unlock_supported=1/' device/google/dragon/system.prop &>/dev/null || true;
[[ -d device/google/marlin ]] && sed -zi '/ro.oem_unlock_supported=1/!s/$/\nro.oem_unlock_supported=1/' device/google/marlin/system.prop &>/dev/null || true;
[[ -d device/google/pantah ]] && sed -zi '/ro.oem_unlock_supported=1/!s/$/\nro.oem_unlock_supported=1/' device/google/pantah/vendor.prop &>/dev/null || true;
[[ -d device/google/raviole ]] && sed -zi '/ro.oem_unlock_supported=1/!s/$/\nro.oem_unlock_supported=1/' device/google/raviole/vendor.prop &>/dev/null || true;
[[ -d device/google/redbull ]] && sed -zi '/ro.oem_unlock_supported=1/!s/$/\nro.oem_unlock_supported=1/' device/google/redbull/vendor.prop &>/dev/null || true;
[[ -d device/google/sunfish ]] && sed -zi '/ro.oem_unlock_supported=1/!s/$/\nro.oem_unlock_supported=1/' device/google/sunfish/vendor.prop &>/dev/null || true;
[[ -d device/google/wahoo ]] && sed -zi '/ro.oem_unlock_supported=1/!s/$/\nro.oem_unlock_supported=1/' device/google/wahoo/system.prop &>/dev/null || true;
#[[ -d device/google/yellowstone ]] && sed -zi '/ro.oem_unlock_supported=1/!s/$/\nro.oem_unlock_supported=1/' device/google/yellowstone/system.prop &>/dev/null || true;
[[ -d device/huawei/angler ]] && sed -zi '/ro.oem_unlock_supported=1/!s/$/\nro.oem_unlock_supported=1/' device/huawei/angler/system.prop &>/dev/null || true;
[[ -d device/lge/bullhead ]] && sed -zi '/ro.oem_unlock_supported=1/!s/$/\nro.oem_unlock_supported=1/' device/lge/bullhead/system.prop &>/dev/null || true;
[[ -d device/moto/shamu ]] && sed -zi '/ro.oem_unlock_supported=1/!s/$/\nro.oem_unlock_supported=1/' device/moto/shamu/system.prop &>/dev/null || true;
[[ -d device/nextbit/ether ]] && sed -zi '/ro.oem_unlock_supported=1/!s/$/\nro.oem_unlock_supported=1/' device/nextbit/ether/system.prop &>/dev/null || true;
[[ -d device/oneplus/avicii ]] && sed -zi '/ro.oem_unlock_supported=1/!s/$/\nro.oem_unlock_supported=1/' device/oneplus/avicii/system.prop &>/dev/null || true;
[[ -d device/oneplus/msm8998-common ]] && sed -zi '/ro.oem_unlock_supported=1/!s/$/\nro.oem_unlock_supported=1/' device/oneplus/msm8998-common/system.prop &>/dev/null || true;
[[ -d device/oneplus/oneplus2 ]] && sed -zi '/ro.oem_unlock_supported=1/!s/$/\nro.oem_unlock_supported=1/' device/oneplus/oneplus2/system.prop &>/dev/null || true;
[[ -d device/oneplus/oneplus3 ]] && sed -zi '/ro.oem_unlock_supported=1/!s/$/\nro.oem_unlock_supported=1/' device/oneplus/oneplus3/system.prop &>/dev/null || true;
[[ -d device/oneplus/sdm845-common ]] && sed -zi '/ro.oem_unlock_supported=1/!s/$/\nro.oem_unlock_supported=1/' device/oneplus/sdm845-common/system.prop &>/dev/null || true;
[[ -d device/oneplus/sm8150-common ]] && sed -zi '/ro.oem_unlock_supported=1/!s/$/\nro.oem_unlock_supported=1/' device/oneplus/sm8150-common/system.prop &>/dev/null || true;
[[ -d device/oneplus/sm8250-common ]] && sed -zi '/ro.oem_unlock_supported=1/!s/$/\nro.oem_unlock_supported=1/' device/oneplus/sm8250-common/system.prop &>/dev/null || true;
[[ -d device/oneplus/sm8350-common ]] && sed -zi '/ro.oem_unlock_supported=1/!s/$/\nro.oem_unlock_supported=1/' device/oneplus/sm8350-common/system.prop &>/dev/null || true;
[[ -d device/razer/aura ]] && sed -zi '/ro.oem_unlock_supported=1/!s/$/\nro.oem_unlock_supported=1/' device/razer/aura/system.prop &>/dev/null || true;
[[ -d device/razer/cheryl ]] && sed -zi '/ro.oem_unlock_supported=1/!s/$/\nro.oem_unlock_supported=1/' device/razer/cheryl/system.prop &>/dev/null || true;
#[[ -d device/yandex/Amber ]] && sed -zi '/ro.oem_unlock_supported=1/!s/$/\nro.oem_unlock_supported=1/' device/yandex/Amber/system.prop &>/dev/null || true;
cd "$DOS_BUILD_BASE";
echo -e "\e[0;32m[SCRIPT COMPLETE] Verity enablement complete\e[0m";

19
Scripts/Common/Functions.sh
View File

@ -35,7 +35,7 @@ export -f verifyAllPlatformTags;
enter() {
echo "================================================================================================"
local dir="$1";
local dirReal="$DOS_BUILD_BASE$dir";
local dirReal="$DOS_BUILD_BASE/$dir";
umask 0022;
if [ -d "$dirReal" ]; then
cd "$dirReal";
@ -176,7 +176,7 @@ generateBootAnimationShine() {
export -f generateBootAnimationShine;
audit2allowCurrent() {
adb logcat -b all -d | audit2allow -p "$OUT"/root/sepolicy;
adb logcat -b all -d | audit2allow -p "$OUT/root/sepolicy";
}
export -f audit2allowCurrent;
@ -421,6 +421,7 @@ processRelease() {
export -f processRelease;
pushToServer() {
#Examples
rsync -Pau --no-perms --no-owner --no-group incrementals/divested-*-dos-$1-*.zip* root@divestos.org:/var/www/divestos.org/builds/LineageOS/$1/incrementals/ || true;
rsync -Pau --no-perms --no-owner --no-group divested-*-dos-$1.zip* root@divestos.org:/var/www/divestos.org/builds/LineageOS/$1/ || true;
rsync -Pau --no-perms --no-owner --no-group divested-*-dos-$1-recovery.img root@divestos.org:/var/www/divestos.org/builds/LineageOS/$1/ || true;
@ -467,7 +468,7 @@ deblobAudio() {
export -f deblobAudio;
volteOverride() {
cd "$DOS_BUILD_BASE$1";
cd "$DOS_BUILD_BASE/$1";
if grep -sq "config_device_volte_available" "overlay/frameworks/base/core/res/res/values/config.xml"; then
if [ -f vendor.prop ] && ! grep -sq "volte_avail_ovr" "vendor.prop"; then
echo -e 'persist.dbg.volte_avail_ovr=1\npersist.dbg.vt_avail_ovr=1' >> vendor.prop;
@ -550,7 +551,7 @@ hardenLocationFWB() {
export -f hardenLocationFWB;
hardenUserdata() {
cd "$DOS_BUILD_BASE$1";
cd "$DOS_BUILD_BASE/$1";
#awk -i inplace '!/f2fs/' *fstab* */*fstab* */*/*fstab* &>/dev/null || true;
@ -610,7 +611,7 @@ enableAutoVarInit() {
export -f enableAutoVarInit;
updateRegDb() {
cd "$DOS_BUILD_BASE$1";
cd "$DOS_BUILD_BASE/$1";
#Latest database cannot be used due to differing flags, only update supported kernels
#md5sum Build/*/kernel/*/*/net/wireless/genregdb.awk | sort
if echo "d9ef5910b573c634fa7845bb6511ba89 net/wireless/genregdb.awk" | md5sum --check --quiet &>/dev/null; then
@ -639,7 +640,7 @@ fixupCarrierConfigs() {
export -f fixupCarrierConfigs;
disableEnforceRRO() {
cd "$DOS_BUILD_BASE$1";
cd "$DOS_BUILD_BASE/$1";
awk -i inplace '!/PRODUCT_ENFORCE_RRO_TARGETS .= framework-res/' *.mk &>/dev/null || true;
awk -i inplace '!/PRODUCT_ENFORCE_RRO_TARGETS .= \*/' *.mk &>/dev/null || true;
sed -i '/PRODUCT_ENFORCE_RRO_TARGETS .= \\/,+1 d' *.mk &>/dev/null || true;
@ -649,7 +650,7 @@ disableEnforceRRO() {
export -f disableEnforceRRO;
disableAPEX() {
cd "$DOS_BUILD_BASE$1";
cd "$DOS_BUILD_BASE/$1";
if [[ "$1" != *"device/google/gs101"* ]] && [[ "$1" != *"device/google/gs201"* ]] && [[ "$1" != *"device/google/oriole"* ]] && [[ "$1" != *"device/google/raven"* ]] && [[ "$1" != *"device/google/raviole"* ]] && [[ "$1" != *"device/google/bluejay"* ]] && [[ "$1" != *"device/google/panther"* ]] && [[ "$1" != *"device/google/cheetah"* ]] && [[ "$1" != *"device/google/pantah"* ]]; then
awk -i inplace '!/DEXPREOPT_GENERATE_APEX_IMAGE/' *.mk &>/dev/null || true;
awk -i inplace '!/updatable_apex.mk/' *.mk &>/dev/null || true;
@ -662,7 +663,7 @@ disableAPEX() {
export -f disableAPEX;
enableStrongEncryption() {
cd "$DOS_BUILD_BASE$1";
cd "$DOS_BUILD_BASE/$1";
if [ -f BoardConfig.mk ]; then
echo "TARGET_WANTS_STRONG_ENCRYPTION := true" >> BoardConfig.mk;
echo "Enabled AES-256 encryption for $1";
@ -821,7 +822,7 @@ getDefconfig() {
export -f getDefconfig;
hardenDefconfig() {
cd "$DOS_BUILD_BASE$1";
cd "$DOS_BUILD_BASE/$1";
#Attempts to enable/disable supported options to increase security
#See https://kernsec.org/wiki/index.php/Kernel_Self_Protection_Project/Recommended_Settings

2
Scripts/Common/Post.sh
View File

@ -35,7 +35,7 @@ sed -i 's/static bool slab_nomerge __ro_after_init = !IS_ENABLED(CONFIG_SLAB_MER
#sed -i 's/= IS_ENABLED(CONFIG_PAGE_POISONING_ENABLE_DEFAULT);/= true;/' kernel/*/*/mm/page_poison.c &>/dev/null || true; #4.4+ #XXX: shouldn't be enabled past 5.3
#Build speedup
sed -i 's/flags.Tidy = true/flags.Tidy = false/' build/soong/cc/tidy.go &>/dev/null || true; #Disable clang-tidy (kdrag0n)
[[ -f build/soong/cc/tidy.go ]] && sed -i 's/flags.Tidy = true/flags.Tidy = false/' build/soong/cc/tidy.go; #Disable clang-tidy (kdrag0n)
#Reduce memory usage
awk -i inplace '!/persist.device_config.runtime_native.usap_pool_enabled=true/' device/*/*/*.prop &>/dev/null || true;

2
Scripts/Common/Tag_Verifier.sh
View File

@ -40,7 +40,7 @@ export -f gpgVerifyGitHead;
verifyTagIfPlatform() {
if [[ "$1" == "platform/"* ]]; then
gpgVerifyGitTag "$DOS_BUILD_BASE$2";
gpgVerifyGitTag "$DOS_BUILD_BASE/$2";
fi;
}
export -f verifyTagIfPlatform;

56
Scripts/Generate_Signing_Keys.sh
View File

@ -25,34 +25,40 @@ type='rsa'; #Options: rsa, ec
#source build/envsetup.sh && breakfast lineage_sailfish-user && make -j20 generate_verity_key otatools;
#source ../../Scripts/Generate_Signing_Keys.sh $device;
cd "$DOS_SIGNING_KEYS/NEW";
mkdir $1; cd $1;
if [[ -d "$DOS_SIGNING_KEYS" ]]; then
mkdir -p "$DOS_SIGNING_KEYS/NEW";
cd "$DOS_SIGNING_KEYS/NEW";
mkdir $1; cd $1;
desc="/O=Divested Computing Group/CN=DivestOS for $1/emailAddress=support@divestos.org";
desc="/O=Divested Computing Group/CN=DivestOS for $1/emailAddress=support@divestos.org";
sed -i '/blank for none/,+1 d' "$DOS_BUILD_BASE"/development/tools/make_key;
sed -i '/blank for none/,+1 d' "$DOS_BUILD_BASE"/development/tools/make_key;
sed -i 's/4096/2048/' "$DOS_BUILD_BASE"/development/tools/make_key;
"$DOS_BUILD_BASE"/development/tools/make_key releasekey "$desc" "$type";
sed -i 's/2048/4096/' "$DOS_BUILD_BASE"/development/tools/make_key;
"$DOS_BUILD_BASE"/development/tools/make_key extra "$desc" "$type";
"$DOS_BUILD_BASE"/development/tools/make_key bluetooth "$desc" "$type";
"$DOS_BUILD_BASE"/development/tools/make_key sdk_sandbox "$desc" "$type";
"$DOS_BUILD_BASE"/development/tools/make_key future-1 "$desc" "$type";
"$DOS_BUILD_BASE"/development/tools/make_key future-2 "$desc" "$type";
"$DOS_BUILD_BASE"/development/tools/make_key future-3 "$desc" "$type";
"$DOS_BUILD_BASE"/development/tools/make_key future-4 "$desc" "$type";
"$DOS_BUILD_BASE"/development/tools/make_key media "$desc" "$type";
"$DOS_BUILD_BASE"/development/tools/make_key networkstack "$desc" "$type";
"$DOS_BUILD_BASE"/development/tools/make_key platform "$desc" "$type";
"$DOS_BUILD_BASE"/development/tools/make_key shared "$desc" "$type";
sed -i 's/4096/2048/' "$DOS_BUILD_BASE"/development/tools/make_key;
"$DOS_BUILD_BASE"/development/tools/make_key releasekey "$desc" "$type";
sed -i 's/2048/4096/' "$DOS_BUILD_BASE"/development/tools/make_key;
"$DOS_BUILD_BASE"/development/tools/make_key extra "$desc" "$type";
"$DOS_BUILD_BASE"/development/tools/make_key bluetooth "$desc" "$type";
"$DOS_BUILD_BASE"/development/tools/make_key sdk_sandbox "$desc" "$type";
"$DOS_BUILD_BASE"/development/tools/make_key future-1 "$desc" "$type";
"$DOS_BUILD_BASE"/development/tools/make_key future-2 "$desc" "$type";
"$DOS_BUILD_BASE"/development/tools/make_key future-3 "$desc" "$type";
"$DOS_BUILD_BASE"/development/tools/make_key future-4 "$desc" "$type";
"$DOS_BUILD_BASE"/development/tools/make_key media "$desc" "$type";
"$DOS_BUILD_BASE"/development/tools/make_key networkstack "$desc" "$type";
"$DOS_BUILD_BASE"/development/tools/make_key platform "$desc" "$type";
"$DOS_BUILD_BASE"/development/tools/make_key shared "$desc" "$type";
sed -i 's/4096/2048/' "$DOS_BUILD_BASE"/development/tools/make_key;
"$DOS_BUILD_BASE"/development/tools/make_key verity "$desc" "$type";
"$DOS_BUILD_BASE"/out/host/linux-x86/bin/generate_verity_key -convert verity.x509.pem verity_key;
openssl x509 -outform der -in verity.x509.pem -out verifiedboot_relkeys.der.x509;
sed -i 's/4096/2048/' "$DOS_BUILD_BASE"/development/tools/make_key;
"$DOS_BUILD_BASE"/development/tools/make_key verity "$desc" "$type";
"$DOS_BUILD_BASE"/out/host/linux-x86/bin/generate_verity_key -convert verity.x509.pem verity_key;
openssl x509 -outform der -in verity.x509.pem -out verifiedboot_relkeys.der.x509;
openssl genrsa -out avb.pem 4096;
"$DOS_BUILD_BASE"/external/avb/avbtool extract_public_key --key avb.pem --output avb_pkmd.bin;
openssl genrsa -out avb.pem 4096;
"$DOS_BUILD_BASE"/external/avb/avbtool extract_public_key --key avb.pem --output avb_pkmd.bin;
cd "$DOS_BUILD_BASE";
cd "$DOS_BUILD_BASE";
echo "Be sure to move your new $1 keys into place (out of NEW)!";
else
echo "Signing key directory does not exist!"
fi;

12
Scripts/Generate_Supporting_Files.sh
View File

@ -18,6 +18,8 @@
umask 0022;
set -uo pipefail;
export copyPartsZip="/mnt/backup-1/DOS/Builds/Extras/copy-partitions-20210323_1922-cleaned.zip"; #XXX: ADJUST ME
export repoDir="/mnt/backup-1/DOS/Builds/Supporting_Files/";
mkdir -p $repoDir;
@ -25,10 +27,10 @@ devicesCopy=(akari alioth Amber aura aurora avicii barbet bluejay blueline bonit
for device in "${devicesCopy[@]}"
do
if [ -d "/mnt/dos/Signing_Keys/4096pro/$device/" ]; then
if [ -d "$DOS_SIGNING_KEYS/$device/" ]; then
mkdir -p "$repoDir/$device";
./build/tools/releasetools/sign_zip.py -k "/mnt/dos/Signing_Keys/4096pro/$device/releasekey" "/mnt/backup-1/DOS/Builds/Extras/copy-partitions-20210323_1922-cleaned.zip" "$repoDir/$device/copy-partitions-$device-release.zip";
./build/tools/releasetools/sign_zip.py -k "/mnt/dos/Signing_Keys/4096pro/$device/extra" "/mnt/backup-1/DOS/Builds/Extras/copy-partitions-20210323_1922-cleaned.zip" "$repoDir/$device/copy-partitions-$device-extra.zip";
./build/tools/releasetools/sign_zip.py -k "$DOS_SIGNING_KEYS/$device/releasekey" "$copyPartsZip" "$repoDir/$device/copy-partitions-$device-release.zip";
./build/tools/releasetools/sign_zip.py -k "$DOS_SIGNING_KEYS/$device/extra" "$copyPartsZip" "$repoDir/$device/copy-partitions-$device-extra.zip";
fi;
done;
@ -36,8 +38,8 @@ devicesAVB=(akari alioth Amber aura aurora avicii barbet beryllium bluejay bluel
for device in "${devicesAVB[@]}"
do
if [ -d "/mnt/dos/Signing_Keys/4096pro/$device/" ]; then
if [ -d "$DOS_SIGNING_KEYS/$device/" ]; then
mkdir -p "$repoDir/$device";
cp "/mnt/dos/Signing_Keys/4096pro/$device/avb_pkmd.bin" "$repoDir/$device/avb_pkmd-$device.bin";
cp "$DOS_SIGNING_KEYS/$device/avb_pkmd.bin" "$repoDir/$device/avb_pkmd-$device.bin";
fi;
done;

10
Scripts/LineageOS-14.1/Functions.sh
View File

@ -97,7 +97,7 @@ export -f buildAll;
patchWorkspace() {
umask 0022;
cd "$DOS_BUILD_BASE$1";
cd "$DOS_BUILD_BASE/$1";
touch DOS_PATCHED_FLAG;
if [ "$DOS_MALWARE_SCAN_ENABLED" = true ]; then scanForMalware false "$DOS_PREBUILT_APPS $DOS_BUILD_BASE/build $DOS_BUILD_BASE/device $DOS_BUILD_BASE/vendor/cm"; fi;
verifyAllPlatformTags;
@ -121,7 +121,7 @@ patchWorkspace() {
export -f patchWorkspace;
enableDexPreOpt() {
cd "$DOS_BUILD_BASE$1";
cd "$DOS_BUILD_BASE/$1";
#Some devices won't compile, or have too small of a /system partition, or Wi-Fi breaks
if [ "$1" != "device/amazon/thor" ] && [ "$1" != "device/amazon/apollo" ] && [ "$1" != "device/asus/grouper" ] && [ "$1" != "device/samsung/i9100" ] && [ "$1" != "device/samsung/maguro" ] && [ "$1" != "device/samsung/manta" ] && [ "$1" != "device/samsung/toro" ] && [ "$1" != "device/samsung/toroplus" ] && [ "$1" != "device/samsung/tuna" ]; then
if [ -f BoardConfig.mk ]; then
@ -137,7 +137,7 @@ enableDexPreOpt() {
export -f enableDexPreOpt;
enableDexPreOptFull() {
cd "$DOS_BUILD_BASE$1";
cd "$DOS_BUILD_BASE/$1";
if [ -f BoardConfig.mk ]; then
sed -i "s/WITH_DEXPREOPT_BOOT_IMG_ONLY := true/WITH_DEXPREOPT_BOOT_IMG_ONLY := false/" BoardConfig.mk;
echo "Enabled full dexpreopt for $1";
@ -147,8 +147,8 @@ enableDexPreOptFull() {
export -f enableDexPreOptFull;
enableLowRam() {
if [ -d "$DOS_BUILD_BASE$1" ]; then
cd "$DOS_BUILD_BASE$1";
if [ -d "$DOS_BUILD_BASE/$1" ]; then
cd "$DOS_BUILD_BASE/$1";
if [ -f lineage.mk ]; then echo -e '\n$(call inherit-product, vendor/divested/build/target/product/lowram.mk)' >> lineage.mk; fi;
if [ -f BoardConfig.mk ]; then echo 'MALLOC_SVELTE := true' >> BoardConfig.mk; fi;
if [ -f BoardConfigCommon.mk ]; then echo 'MALLOC_SVELTE := true' >> BoardConfigCommon.mk; fi;

10
Scripts/LineageOS-14.1/Patch.sh
View File

@ -49,11 +49,11 @@ cd "$DOS_BUILD_BASE";
#
#top dir
cp -r "$DOS_PREBUILT_APPS""Fennec_DOS-Shim" "$DOS_BUILD_BASE""packages/apps/"; #Add a shim to install Fennec DOS without actually including the large APK
cp -r "$DOS_PREBUILT_APPS""SupportDivestOS" "$DOS_BUILD_BASE""packages/apps/"; #Add the Support app
gpgVerifyDirectory "$DOS_PREBUILT_APPS""android_vendor_FDroid_PrebuiltApps/packages";
cp -r "$DOS_PREBUILT_APPS""android_vendor_FDroid_PrebuiltApps/." "$DOS_BUILD_BASE""vendor/fdroid_prebuilt/"; #Add the prebuilt apps
cp -r "$DOS_PATCHES_COMMON""android_vendor_divested/." "$DOS_BUILD_BASE""vendor/divested/"; #Add our vendor files
cp -r "$DOS_PREBUILT_APPS/Fennec_DOS-Shim" "$DOS_BUILD_BASE/packages/apps/"; #Add a shim to install Fennec DOS without actually including the large APK
cp -r "$DOS_PREBUILT_APPS/SupportDivestOS" "$DOS_BUILD_BASE/packages/apps/"; #Add the Support app
gpgVerifyDirectory "$DOS_PREBUILT_APPS/android_vendor_FDroid_PrebuiltApps/packages";
cp -r "$DOS_PREBUILT_APPS/android_vendor_FDroid_PrebuiltApps/." "$DOS_BUILD_BASE/vendor/fdroid_prebuilt/"; #Add the prebuilt apps
cp -r "$DOS_PATCHES_COMMON/android_vendor_divested/." "$DOS_BUILD_BASE/vendor/divested/"; #Add our vendor files
if enterAndClear "art"; then
applyPatch "$DOS_PATCHES_COMMON/android_art/0001-mmap_fix.patch"; #Workaround for mmap error when building (AOSP)

8
Scripts/LineageOS-15.1/Functions.sh
View File

@ -76,7 +76,7 @@ export -f buildAll;
patchWorkspace() {
umask 0022;
cd "$DOS_BUILD_BASE$1";
cd "$DOS_BUILD_BASE/$1";
touch DOS_PATCHED_FLAG;
if [ "$DOS_MALWARE_SCAN_ENABLED" = true ]; then scanForMalware false "$DOS_PREBUILT_APPS $DOS_BUILD_BASE/build $DOS_BUILD_BASE/device $DOS_BUILD_BASE/vendor/lineage"; fi;
verifyAllPlatformTags;
@ -98,7 +98,7 @@ patchWorkspace() {
export -f patchWorkspace;
enableDexPreOpt() {
cd "$DOS_BUILD_BASE$1";
cd "$DOS_BUILD_BASE/$1";
if [ -f BoardConfig.mk ]; then
echo "WITH_DEXPREOPT := true" >> BoardConfig.mk;
echo "WITH_DEXPREOPT_DEBUG_INFO := false" >> BoardConfig.mk;
@ -116,8 +116,8 @@ enableDexPreOpt() {
export -f enableDexPreOpt;
enableLowRam() {
if [ -d "$DOS_BUILD_BASE$1" ]; then
cd "$DOS_BUILD_BASE$1";
if [ -d "$DOS_BUILD_BASE/$1" ]; then
cd "$DOS_BUILD_BASE/$1";
if [ -f lineage.mk ]; then echo -e '\n$(call inherit-product, vendor/divested/build/target/product/lowram.mk)' >> lineage.mk; fi;
if [ -f BoardConfig.mk ]; then echo 'MALLOC_SVELTE := true' >> BoardConfig.mk; fi;
if [ -f BoardConfigCommon.mk ]; then echo 'MALLOC_SVELTE := true' >> BoardConfigCommon.mk; fi;

10
Scripts/LineageOS-15.1/Patch.sh
View File

@ -49,11 +49,11 @@ cd "$DOS_BUILD_BASE";
#
#top dir
cp -r "$DOS_PREBUILT_APPS""Fennec_DOS-Shim" "$DOS_BUILD_BASE""packages/apps/"; #Add a shim to install Fennec DOS without actually including the large APK
cp -r "$DOS_PREBUILT_APPS""SupportDivestOS" "$DOS_BUILD_BASE""packages/apps/"; #Add the Support app
gpgVerifyDirectory "$DOS_PREBUILT_APPS""android_vendor_FDroid_PrebuiltApps/packages";
cp -r "$DOS_PREBUILT_APPS""android_vendor_FDroid_PrebuiltApps/." "$DOS_BUILD_BASE""vendor/fdroid_prebuilt/"; #Add the prebuilt apps
cp -r "$DOS_PATCHES_COMMON""android_vendor_divested/." "$DOS_BUILD_BASE""vendor/divested/"; #Add our vendor files
cp -r "$DOS_PREBUILT_APPS/Fennec_DOS-Shim" "$DOS_BUILD_BASE/packages/apps/"; #Add a shim to install Fennec DOS without actually including the large APK
cp -r "$DOS_PREBUILT_APPS/SupportDivestOS" "$DOS_BUILD_BASE/packages/apps/"; #Add the Support app
gpgVerifyDirectory "$DOS_PREBUILT_APPS/android_vendor_FDroid_PrebuiltApps/packages";
cp -r "$DOS_PREBUILT_APPS/android_vendor_FDroid_PrebuiltApps/." "$DOS_BUILD_BASE/vendor/fdroid_prebuilt/"; #Add the prebuilt apps
cp -r "$DOS_PATCHES_COMMON/android_vendor_divested/." "$DOS_BUILD_BASE/vendor/divested/"; #Add our vendor files
if enterAndClear "bionic"; then
applyPatch "$DOS_PATCHES_COMMON/android_bionic/0001-Wildcard_Hosts.patch"; #Support wildcards in cached hosts file (backport from 16.0+) (tdm)

8
Scripts/LineageOS-16.0/Functions.sh
View File

@ -68,7 +68,7 @@ export -f buildAll;
patchWorkspace() {
umask 0022;
cd "$DOS_BUILD_BASE$1";
cd "$DOS_BUILD_BASE/$1";
touch DOS_PATCHED_FLAG;
if [ "$DOS_MALWARE_SCAN_ENABLED" = true ]; then scanForMalware false "$DOS_PREBUILT_APPS $DOS_BUILD_BASE/build $DOS_BUILD_BASE/device $DOS_BUILD_BASE/vendor/lineage"; fi;
verifyAllPlatformTags;
@ -103,7 +103,7 @@ patchWorkspace() {
export -f patchWorkspace;
enableDexPreOpt() {
cd "$DOS_BUILD_BASE$1";
cd "$DOS_BUILD_BASE/$1";
if [ -f BoardConfig.mk ]; then
echo "WITH_DEXPREOPT := true" >> BoardConfig.mk;
echo "WITH_DEXPREOPT_DEBUG_INFO := false" >> BoardConfig.mk;
@ -120,8 +120,8 @@ enableDexPreOpt() {
export -f enableDexPreOpt;
enableLowRam() {
if [ -d "$DOS_BUILD_BASE$1" ]; then
cd "$DOS_BUILD_BASE$1";
if [ -d "$DOS_BUILD_BASE/$1" ]; then
cd "$DOS_BUILD_BASE/$1";
if [ -f lineage_$2.mk ]; then echo -e '\n$(call inherit-product, vendor/divested/build/target/product/lowram.mk)' >> lineage_$2.mk; fi;
if [ -f BoardConfig.mk ]; then echo 'MALLOC_SVELTE := true' >> BoardConfig.mk; fi;
if [ -f BoardConfigCommon.mk ]; then echo 'MALLOC_SVELTE := true' >> BoardConfigCommon.mk; fi;

10
Scripts/LineageOS-16.0/Patch.sh
View File

@ -49,11 +49,11 @@ cd "$DOS_BUILD_BASE";
#
#top dir
cp -r "$DOS_PREBUILT_APPS""Fennec_DOS-Shim" "$DOS_BUILD_BASE""packages/apps/"; #Add a shim to install Fennec DOS without actually including the large APK
cp -r "$DOS_PREBUILT_APPS""SupportDivestOS" "$DOS_BUILD_BASE""packages/apps/"; #Add the Support app
gpgVerifyDirectory "$DOS_PREBUILT_APPS""android_vendor_FDroid_PrebuiltApps/packages";
cp -r "$DOS_PREBUILT_APPS""android_vendor_FDroid_PrebuiltApps/." "$DOS_BUILD_BASE""vendor/fdroid_prebuilt/"; #Add the prebuilt apps
cp -r "$DOS_PATCHES_COMMON""android_vendor_divested/." "$DOS_BUILD_BASE""vendor/divested/"; #Add our vendor files
cp -r "$DOS_PREBUILT_APPS/Fennec_DOS-Shim" "$DOS_BUILD_BASE/packages/apps/"; #Add a shim to install Fennec DOS without actually including the large APK
cp -r "$DOS_PREBUILT_APPS/SupportDivestOS" "$DOS_BUILD_BASE/packages/apps/"; #Add the Support app
gpgVerifyDirectory "$DOS_PREBUILT_APPS/android_vendor_FDroid_PrebuiltApps/packages";
cp -r "$DOS_PREBUILT_APPS/android_vendor_FDroid_PrebuiltApps/." "$DOS_BUILD_BASE/vendor/fdroid_prebuilt/"; #Add the prebuilt apps
cp -r "$DOS_PATCHES_COMMON/android_vendor_divested/." "$DOS_BUILD_BASE/vendor/divested/"; #Add our vendor files
if enterAndClear "art"; then
if [ "$DOS_GRAPHENE_CONSTIFY" = true ]; then applyPatch "$DOS_PATCHES/android_art/0001-constify_JNINativeMethod.patch"; fi; #Constify JNINativeMethod tables (GrapheneOS)

8
Scripts/LineageOS-17.1/Functions.sh
View File

@ -74,7 +74,7 @@ export -f buildAll;
patchWorkspace() {
umask 0022;
cd "$DOS_BUILD_BASE$1";
cd "$DOS_BUILD_BASE/$1";
touch DOS_PATCHED_FLAG;
if [ "$DOS_MALWARE_SCAN_ENABLED" = true ]; then scanForMalware false "$DOS_PREBUILT_APPS $DOS_BUILD_BASE/build $DOS_BUILD_BASE/device $DOS_BUILD_BASE/vendor/lineage"; fi;
verifyAllPlatformTags;
@ -97,7 +97,7 @@ patchWorkspace() {
export -f patchWorkspace;
enableDexPreOpt() {
cd "$DOS_BUILD_BASE$1";
cd "$DOS_BUILD_BASE/$1";
if [ -f BoardConfig.mk ]; then
echo "WITH_DEXPREOPT := true" >> BoardConfig.mk;
echo "WITH_DEXPREOPT_DEBUG_INFO := false" >> BoardConfig.mk;
@ -114,8 +114,8 @@ enableDexPreOpt() {
export -f enableDexPreOpt;
enableLowRam() {
if [ -d "$DOS_BUILD_BASE$1" ]; then
cd "$DOS_BUILD_BASE$1";
if [ -d "$DOS_BUILD_BASE/$1" ]; then
cd "$DOS_BUILD_BASE/$1";
if [ -f lineage_$2.mk ]; then echo -e '\n$(call inherit-product, vendor/divested/build/target/product/lowram.mk)' >> lineage_$2.mk; fi;
if [ -f BoardConfig.mk ]; then echo 'MALLOC_SVELTE := true' >> BoardConfig.mk; fi;
if [ -f BoardConfigCommon.mk ]; then echo 'MALLOC_SVELTE := true' >> BoardConfigCommon.mk; fi;

10
Scripts/LineageOS-17.1/Patch.sh
View File

@ -49,11 +49,11 @@ cd "$DOS_BUILD_BASE";
#
#top dir
cp -r "$DOS_PREBUILT_APPS""Fennec_DOS-Shim" "$DOS_BUILD_BASE""packages/apps/"; #Add a shim to install Fennec DOS without actually including the large APK
cp -r "$DOS_PREBUILT_APPS""SupportDivestOS" "$DOS_BUILD_BASE""packages/apps/"; #Add the Support app
gpgVerifyDirectory "$DOS_PREBUILT_APPS""android_vendor_FDroid_PrebuiltApps/packages";
cp -r "$DOS_PREBUILT_APPS""android_vendor_FDroid_PrebuiltApps/." "$DOS_BUILD_BASE""vendor/fdroid_prebuilt/"; #Add the prebuilt apps
cp -r "$DOS_PATCHES_COMMON""android_vendor_divested/." "$DOS_BUILD_BASE""vendor/divested/"; #Add our vendor files
cp -r "$DOS_PREBUILT_APPS/Fennec_DOS-Shim" "$DOS_BUILD_BASE/packages/apps/"; #Add a shim to install Fennec DOS without actually including the large APK
cp -r "$DOS_PREBUILT_APPS/SupportDivestOS" "$DOS_BUILD_BASE/packages/apps/"; #Add the Support app
gpgVerifyDirectory "$DOS_PREBUILT_APPS/android_vendor_FDroid_PrebuiltApps/packages";
cp -r "$DOS_PREBUILT_APPS/android_vendor_FDroid_PrebuiltApps/." "$DOS_BUILD_BASE/vendor/fdroid_prebuilt/"; #Add the prebuilt apps
cp -r "$DOS_PATCHES_COMMON/android_vendor_divested/." "$DOS_BUILD_BASE/vendor/divested/"; #Add our vendor files
if enterAndClear "art"; then
if [ "$DOS_GRAPHENE_CONSTIFY" = true ]; then applyPatch "$DOS_PATCHES/android_art/0001-constify_JNINativeMethod.patch"; fi; #Constify JNINativeMethod tables (GrapheneOS)

8
Scripts/LineageOS-18.1/Functions.sh
View File

@ -103,7 +103,7 @@ export -f buildAll;
patchWorkspace() {
umask 0022;
cd "$DOS_BUILD_BASE$1";
cd "$DOS_BUILD_BASE/$1";
touch DOS_PATCHED_FLAG;
if [ "$DOS_MALWARE_SCAN_ENABLED" = true ]; then scanForMalware false "$DOS_PREBUILT_APPS $DOS_BUILD_BASE/build $DOS_BUILD_BASE/device $DOS_BUILD_BASE/vendor/lineage"; fi;
verifyAllPlatformTags;
@ -133,7 +133,7 @@ patchWorkspace() {
export -f patchWorkspace;
enableDexPreOpt() {
cd "$DOS_BUILD_BASE$1";
cd "$DOS_BUILD_BASE/$1";
if [ -f BoardConfig.mk ]; then
echo "WITH_DEXPREOPT := true" >> BoardConfig.mk;
echo "WITH_DEXPREOPT_DEBUG_INFO := false" >> BoardConfig.mk;
@ -151,8 +151,8 @@ enableDexPreOpt() {
export -f enableDexPreOpt;
enableLowRam() {
if [ -d "$DOS_BUILD_BASE$1" ]; then
cd "$DOS_BUILD_BASE$1";
if [ -d "$DOS_BUILD_BASE/$1" ]; then
cd "$DOS_BUILD_BASE/$1";
if [ -f lineage_$2.mk ]; then echo -e '\n$(call inherit-product, vendor/divested/build/target/product/lowram.mk)' >> lineage_$2.mk; fi;
echo "Enabled lowram for $1";
cd "$DOS_BUILD_BASE";

10
Scripts/LineageOS-18.1/Patch.sh
View File

@ -49,11 +49,11 @@ cd "$DOS_BUILD_BASE";
#
#top dir
cp -r "$DOS_PREBUILT_APPS""Fennec_DOS-Shim" "$DOS_BUILD_BASE""packages/apps/"; #Add a shim to install Fennec DOS without actually including the large APK
cp -r "$DOS_PREBUILT_APPS""SupportDivestOS" "$DOS_BUILD_BASE""packages/apps/"; #Add the Support app
gpgVerifyDirectory "$DOS_PREBUILT_APPS""android_vendor_FDroid_PrebuiltApps/packages";
cp -r "$DOS_PREBUILT_APPS""android_vendor_FDroid_PrebuiltApps/." "$DOS_BUILD_BASE""vendor/fdroid_prebuilt/"; #Add the prebuilt apps
cp -r "$DOS_PATCHES_COMMON""android_vendor_divested/." "$DOS_BUILD_BASE""vendor/divested/"; #Add our vendor files
cp -r "$DOS_PREBUILT_APPS/Fennec_DOS-Shim" "$DOS_BUILD_BASE/packages/apps/"; #Add a shim to install Fennec DOS without actually including the large APK
cp -r "$DOS_PREBUILT_APPS/SupportDivestOS" "$DOS_BUILD_BASE/packages/apps/"; #Add the Support app
gpgVerifyDirectory "$DOS_PREBUILT_APPS/android_vendor_FDroid_PrebuiltApps/packages";
cp -r "$DOS_PREBUILT_APPS/android_vendor_FDroid_PrebuiltApps/." "$DOS_BUILD_BASE/vendor/fdroid_prebuilt/"; #Add the prebuilt apps
cp -r "$DOS_PATCHES_COMMON/android_vendor_divested/." "$DOS_BUILD_BASE/vendor/divested/"; #Add our vendor files
if enterAndClear "art"; then
if [ "$DOS_GRAPHENE_CONSTIFY" = true ]; then applyPatch "$DOS_PATCHES/android_art/0001-constify_JNINativeMethod.patch"; fi; #Constify JNINativeMethod tables (GrapheneOS)

8
Scripts/LineageOS-19.1/Functions.sh
View File

@ -68,7 +68,7 @@ export -f buildAll;
patchWorkspace() {
umask 0022;
cd "$DOS_BUILD_BASE$1";
cd "$DOS_BUILD_BASE/$1";
touch DOS_PATCHED_FLAG;
if [ "$DOS_MALWARE_SCAN_ENABLED" = true ]; then scanForMalware false "$DOS_PREBUILT_APPS $DOS_BUILD_BASE/build $DOS_BUILD_BASE/device $DOS_BUILD_BASE/vendor/lineage"; fi;
verifyAllPlatformTags;
@ -97,7 +97,7 @@ patchWorkspace() {
export -f patchWorkspace;
enableDexPreOpt() {
cd "$DOS_BUILD_BASE$1";
cd "$DOS_BUILD_BASE/$1";
if [ -f BoardConfig.mk ]; then
echo "WITH_DEXPREOPT := true" >> BoardConfig.mk;
echo "WITH_DEXPREOPT_DEBUG_INFO := false" >> BoardConfig.mk;
@ -114,8 +114,8 @@ enableDexPreOpt() {
export -f enableDexPreOpt;
enableLowRam() {
if [ -d "$DOS_BUILD_BASE$1" ]; then
cd "$DOS_BUILD_BASE$1";
if [ -d "$DOS_BUILD_BASE/$1" ]; then
cd "$DOS_BUILD_BASE/$1";
if [ -f lineage_$2.mk ]; then echo -e '\n$(call inherit-product, vendor/divested/build/target/product/lowram.mk)' >> lineage_$2.mk; fi;
echo "Enabled lowram for $1";
cd "$DOS_BUILD_BASE";

10
Scripts/LineageOS-19.1/Patch.sh
View File

@ -49,11 +49,11 @@ cd "$DOS_BUILD_BASE";
#
#top dir
cp -r "$DOS_PREBUILT_APPS""Fennec_DOS-Shim" "$DOS_BUILD_BASE""packages/apps/"; #Add a shim to install Fennec DOS without actually including the large APK
cp -r "$DOS_PREBUILT_APPS""SupportDivestOS" "$DOS_BUILD_BASE""packages/apps/"; #Add the Support app
gpgVerifyDirectory "$DOS_PREBUILT_APPS""android_vendor_FDroid_PrebuiltApps/packages";
cp -r "$DOS_PREBUILT_APPS""android_vendor_FDroid_PrebuiltApps/." "$DOS_BUILD_BASE""vendor/fdroid_prebuilt/"; #Add the prebuilt apps
cp -r "$DOS_PATCHES_COMMON""android_vendor_divested/." "$DOS_BUILD_BASE""vendor/divested/"; #Add our vendor files
cp -r "$DOS_PREBUILT_APPS/Fennec_DOS-Shim" "$DOS_BUILD_BASE/packages/apps/"; #Add a shim to install Fennec DOS without actually including the large APK
cp -r "$DOS_PREBUILT_APPS/SupportDivestOS" "$DOS_BUILD_BASE/packages/apps/"; #Add the Support app
gpgVerifyDirectory "$DOS_PREBUILT_APPS/android_vendor_FDroid_PrebuiltApps/packages";
cp -r "$DOS_PREBUILT_APPS/android_vendor_FDroid_PrebuiltApps/." "$DOS_BUILD_BASE/vendor/fdroid_prebuilt/"; #Add the prebuilt apps
cp -r "$DOS_PATCHES_COMMON/android_vendor_divested/." "$DOS_BUILD_BASE/vendor/divested/"; #Add our vendor files
if enterAndClear "art"; then
if [ "$DOS_GRAPHENE_CONSTIFY" = true ]; then applyPatch "$DOS_PATCHES/android_art/0001-constify_JNINativeMethod.patch"; fi; #Constify JNINativeMethod tables (GrapheneOS)

8
Scripts/LineageOS-20.0/Functions.sh
View File

@ -104,7 +104,7 @@ export -f buildAll;
patchWorkspace() {
umask 0022;
cd "$DOS_BUILD_BASE$1";
cd "$DOS_BUILD_BASE/$1";
touch DOS_PATCHED_FLAG;
if [ "$DOS_MALWARE_SCAN_ENABLED" = true ]; then scanForMalware false "$DOS_PREBUILT_APPS $DOS_BUILD_BASE/build $DOS_BUILD_BASE/device $DOS_BUILD_BASE/vendor/lineage"; fi;
verifyAllPlatformTags;
@ -130,7 +130,7 @@ patchWorkspace() {
export -f patchWorkspace;
enableDexPreOpt() {
cd "$DOS_BUILD_BASE$1";
cd "$DOS_BUILD_BASE/$1";
if [ -f BoardConfig.mk ]; then
echo "WITH_DEXPREOPT := true" >> BoardConfig.mk;
echo "WITH_DEXPREOPT_DEBUG_INFO := false" >> BoardConfig.mk;
@ -147,8 +147,8 @@ enableDexPreOpt() {
export -f enableDexPreOpt;
enableLowRam() {
if [ -d "$DOS_BUILD_BASE$1" ]; then
cd "$DOS_BUILD_BASE$1";
if [ -d "$DOS_BUILD_BASE/$1" ]; then
cd "$DOS_BUILD_BASE/$1";
if [ -f lineage_$2.mk ]; then echo -e '\n$(call inherit-product, vendor/divested/build/target/product/lowram.mk)' >> lineage_$2.mk; fi;
echo "Enabled lowram for $1";
cd "$DOS_BUILD_BASE";

10
Scripts/LineageOS-20.0/Patch.sh
View File

@ -49,11 +49,11 @@ cd "$DOS_BUILD_BASE";
#
#top dir
cp -r "$DOS_PREBUILT_APPS""Fennec_DOS-Shim" "$DOS_BUILD_BASE""packages/apps/"; #Add a shim to install Fennec DOS without actually including the large APK
cp -r "$DOS_PREBUILT_APPS""SupportDivestOS" "$DOS_BUILD_BASE""packages/apps/"; #Add the Support app
gpgVerifyDirectory "$DOS_PREBUILT_APPS""android_vendor_FDroid_PrebuiltApps/packages";
cp -r "$DOS_PREBUILT_APPS""android_vendor_FDroid_PrebuiltApps/." "$DOS_BUILD_BASE""vendor/fdroid_prebuilt/"; #Add the prebuilt apps
cp -r "$DOS_PATCHES_COMMON""android_vendor_divested/." "$DOS_BUILD_BASE""vendor/divested/"; #Add our vendor files
cp -r "$DOS_PREBUILT_APPS/Fennec_DOS-Shim" "$DOS_BUILD_BASE/packages/apps/"; #Add a shim to install Fennec DOS without actually including the large APK
cp -r "$DOS_PREBUILT_APPS/SupportDivestOS" "$DOS_BUILD_BASE/packages/apps/"; #Add the Support app
gpgVerifyDirectory "$DOS_PREBUILT_APPS/android_vendor_FDroid_PrebuiltApps/packages";
cp -r "$DOS_PREBUILT_APPS/android_vendor_FDroid_PrebuiltApps/." "$DOS_BUILD_BASE/vendor/fdroid_prebuilt/"; #Add the prebuilt apps
cp -r "$DOS_PATCHES_COMMON/android_vendor_divested/." "$DOS_BUILD_BASE/vendor/divested/"; #Add our vendor files
if enterAndClear "art"; then
if [ "$DOS_GRAPHENE_CONSTIFY" = true ]; then applyPatch "$DOS_PATCHES/android_art/0001-constify_JNINativeMethod.patch"; fi; #Constify JNINativeMethod tables (GrapheneOS)

41
Scripts/init.sh
View File

@ -21,12 +21,11 @@
#START OF USER CONFIGURABLE OPTIONS
#
#General
export ANDROID_HOME="/home/$USER/Android/Sdk";
export DOS_WORKSPACE_ROOT="/mnt/dos/"; #XXX: THIS MUST BE CORRECT TO BUILD!
#export DOS_BUILDS=$DOS_WORKSPACE_ROOT"Builds/";
export DOS_BUILDS="/mnt/Drive-4/DOS/Builds/";
export DOS_SIGNING_KEYS=$DOS_WORKSPACE_ROOT"Signing_Keys/4096pro";
export DOS_SIGNING_GPG=$DOS_WORKSPACE_ROOT"Signing_Keys/gnupg";
export DOS_BUILDS="/mnt/Drive-4/DOS/Builds/"; #XXX: THIS MUST BE CORRECT TO BUILD!
export DOS_SIGNING_KEYS="$DOS_WORKSPACE_ROOT/Signing_Keys/4096pro";
export DOS_SIGNING_GPG="$DOS_WORKSPACE_ROOT/Signing_Keys/gnupg";
#export USE_CCACHE=1;
#export CCACHE_DIR="";
export CCACHE_COMPRESS=1;
@ -95,7 +94,7 @@ export DOS_BRANDING_BOOTANIMATION_COLOR="#FF5722-#03A9F4"; #plasma
export DOS_BRANDING_LINK_ABOUT="https://divestos.org/index.php?page=about";
export DOS_BRANDING_LINK_PRIVACY="https://divestos.org/index.php?page=privacy_policy";
export DOS_BRANDING_SERVER_OTA="https://divestos.org/updater.php";
export DOS_BRANDING_SERVER_OTA_ONION=$DOS_BRANDING_SERVER_OTA; #TODO: need to handle allow cleartext
export DOS_BRANDING_SERVER_OTA_ONION="$DOS_BRANDING_SERVER_OTA"; #TODO: need to handle allow cleartext
#Theme
export DOS_THEME_50="FFCA28"; #Amber 400
@ -126,7 +125,7 @@ gpgVerifyGitHead() {
export -f gpgVerifyGitHead;
BUILD_WORKING_DIR=${PWD##*/};
export DOS_VERSION=$BUILD_WORKING_DIR;
export DOS_VERSION="$BUILD_WORKING_DIR";
if [ -d ".repo" ]; then
echo "Detected $BUILD_WORKING_DIR";
else
@ -134,7 +133,7 @@ else
return 1;
fi;
export DOS_BUILD_BASE=$DOS_WORKSPACE_ROOT"Build/$BUILD_WORKING_DIR/";
export DOS_BUILD_BASE="$DOS_WORKSPACE_ROOT/Build/$BUILD_WORKING_DIR/";
if [ ! -d "$DOS_BUILD_BASE" ]; then
echo "Path mismatch! Please update init.sh!";
return 1;
@ -147,22 +146,22 @@ export DOS_TMP_GNUPG="$DOS_TMP_DIR/gnupg-$RANDOM";
mkdir -p "$DOS_TMP_GNUPG";
export GNUPGHOME="$DOS_TMP_GNUPG";
chmod 700 "$DOS_TMP_GNUPG";
export DOS_VERIFICATION_KEYRING=$DOS_WORKSPACE_ROOT"Misc/pubring.kbx";
export DOS_VERIFICATION_KEYRING="$DOS_WORKSPACE_ROOT/Misc/pubring.kbx";
cp "$DOS_VERIFICATION_KEYRING" "$DOS_TMP_GNUPG/";
export DOS_PREBUILT_APPS=$DOS_WORKSPACE_ROOT"PrebuiltApps/";
export DOS_PATCHES_COMMON=$DOS_WORKSPACE_ROOT"Patches/Common/";
export DOS_PATCHES=$DOS_WORKSPACE_ROOT"Patches/$BUILD_WORKING_DIR/";
export DOS_PATCHES_LINUX_CVES=$DOS_WORKSPACE_ROOT"Patches/Linux/";
export DOS_WALLPAPERS=$DOS_WORKSPACE_ROOT"Patches/Wallpapers/";
export DOS_PREBUILT_APPS="$DOS_WORKSPACE_ROOT/PrebuiltApps/";
export DOS_PATCHES_COMMON="$DOS_WORKSPACE_ROOT/Patches/Common/";
export DOS_PATCHES="$DOS_WORKSPACE_ROOT/Patches/$BUILD_WORKING_DIR/";
export DOS_PATCHES_LINUX_CVES="$DOS_WORKSPACE_ROOT/Patches/Linux/";
export DOS_WALLPAPERS="$DOS_WORKSPACE_ROOT/Patches/Wallpapers/";
export DOS_SCRIPTS_COMMON=$DOS_WORKSPACE_ROOT"Scripts/Common/";
export DOS_SCRIPTS=$DOS_WORKSPACE_ROOT"Scripts/$BUILD_WORKING_DIR/";
export DOS_SCRIPTS_COMMON="$DOS_WORKSPACE_ROOT/Scripts/Common/";
export DOS_SCRIPTS="$DOS_WORKSPACE_ROOT/Scripts/$BUILD_WORKING_DIR/";
if [ ! -d "$DOS_SCRIPTS" ]; then
echo "$BUILD_WORKING_DIR is not supported!";
return 1;
fi;
export DOS_SCRIPTS_CVES=$DOS_SCRIPTS"CVE_Patchers/";
export DOS_SCRIPTS_CVES="$DOS_SCRIPTS/CVE_Patchers/";
export KBUILD_BUILD_USER="emy";
export KBUILD_BUILD_HOST="dosbm";
@ -175,13 +174,13 @@ export EXPERIMENTAL_USE_JAVA8=true;
export GRADLE_OPTS="-Xmx2048m";
export TZ=:/etc/localtime;
export LC_ALL=C;
export LANG=en_US.UTF-8;
export LANG=C.UTF-8;
#START OF VERIFICATION
gpgVerifyGitHead $DOS_WORKSPACE_ROOT;
gpgVerifyGitHead $DOS_PREBUILT_APPS;
gpgVerifyGitHead $DOS_PATCHES_LINUX_CVES;
gpgVerifyGitHead $DOS_WALLPAPERS;
gpgVerifyGitHead "$DOS_WORKSPACE_ROOT";
gpgVerifyGitHead "$DOS_PREBUILT_APPS";
gpgVerifyGitHead "$DOS_PATCHES_LINUX_CVES";
gpgVerifyGitHead "$DOS_WALLPAPERS";
#END OF VERIFICATION
source "$DOS_SCRIPTS_COMMON/Shell.sh";