mirror of
https://github.com/Divested-Mobile/DivestOS-Build.git
synced 2024-06-26 14:42:13 +00:00
Minor fixes
This commit is contained in:
Tad
parent
61ee2e5757
commit
7223df543a
|
|
@ -1 +1 @@
|
|||
Subproject commit b1c4f69538a8b6899bc394207bc67007b13cc7d6
|
||||
Subproject commit 5e1c4c8893a5997ade460f37565637178a4b8d0b
|
||||
|
|
@ -254,7 +254,7 @@ hardenUserdata() {
|
|||
|
||||
#TODO: Ensure: noatime,nosuid,nodev
|
||||
sed -i '/\/data/{/discard/!s|nosuid|discard,nosuid|}' fstab.* root/fstab.* rootdir/fstab.* rootdir/*/fstab.* &>/dev/null || true;
|
||||
if [ "$1" != "device/samsung/tuna" ] && [ "$1" != "device/asus/grouper" ]; then #tuna needs first boot to init, grouper *extremely* slow
|
||||
if [ "$1" != "device/samsung/tuna" ]; then #tuna needs first boot to init
|
||||
sed -i 's|encryptable=/|forceencrypt=/|' fstab.* root/fstab.* rootdir/fstab.* rootdir/*/fstab.* &>/dev/null || true;
|
||||
fi;
|
||||
echo "Hardened /data for $1";
|
||||
|
|
|
|||
|
|
@ -30,7 +30,7 @@ export -f resetWorkspace;
|
|||
scanWorkspaceForMalware() {
|
||||
scanQueue="$DOS_BUILD_BASE/abi $DOS_BUILD_BASE/android $DOS_BUILD_BASE/bionic $DOS_BUILD_BASE/bootable $DOS_BUILD_BASE/build $DOS_BUILD_BASE/dalvik $DOS_BUILD_BASE/device $DOS_BUILD_BASE/hardware $DOS_BUILD_BASE/libcore $DOS_BUILD_BASE/libnativehelper $DOS_BUILD_BASE/ndk $DOS_BUILD_BASE/packages $DOS_BUILD_BASE/pdk $DOS_BUILD_BASE/sdk $DOS_BUILD_BASE/system";
|
||||
scanQueue=$scanQueue" $DOS_BUILD_BASE/vendor/cm $DOS_BUILD_BASE/vendor/cmsdk";
|
||||
scanForMalware true $scanQueue;
|
||||
scanForMalware true "$scanQueue";
|
||||
}
|
||||
export -f scanWorkspaceForMalware;
|
||||
|
||||
|
|
|
|||
|
|
@ -30,7 +30,7 @@ export -f resetWorkspace;
|
|||
scanWorkspaceForMalware() {
|
||||
scanQueue="$DOS_BUILD_BASE/abi $DOS_BUILD_BASE/android $DOS_BUILD_BASE/art $DOS_BUILD_BASE/bionic $DOS_BUILD_BASE/bootable $DOS_BUILD_BASE/build $DOS_BUILD_BASE/dalvik $DOS_BUILD_BASE/device $DOS_BUILD_BASE/hardware $DOS_BUILD_BASE/libcore $DOS_BUILD_BASE/libnativehelper $DOS_BUILD_BASE/ndk $DOS_BUILD_BASE/packages $DOS_BUILD_BASE/pdk $DOS_BUILD_BASE/platform_testing $DOS_BUILD_BASE/sdk $DOS_BUILD_BASE/system";
|
||||
scanQueue=$scanQueue" $DOS_BUILD_BASE/vendor/cm $DOS_BUILD_BASE/vendor/cmsdk";
|
||||
scanForMalware true $scanQueue;
|
||||
scanForMalware true "$scanQueue";
|
||||
}
|
||||
export -f scanWorkspaceForMalware;
|
||||
|
||||
|
|
|
|||
|
|
@ -30,7 +30,7 @@ export -f resetWorkspace;
|
|||
scanWorkspaceForMalware() {
|
||||
scanQueue="$DOS_BUILD_BASE/android $DOS_BUILD_BASE/art $DOS_BUILD_BASE/bionic $DOS_BUILD_BASE/bootable $DOS_BUILD_BASE/build $DOS_BUILD_BASE/compatibility $DOS_BUILD_BASE/dalvik $DOS_BUILD_BASE/device $DOS_BUILD_BASE/hardware $DOS_BUILD_BASE/libcore $DOS_BUILD_BASE/libnativehelper $DOS_BUILD_BASE/packages $DOS_BUILD_BASE/pdk $DOS_BUILD_BASE/platform_testing $DOS_BUILD_BASE/sdk $DOS_BUILD_BASE/system";
|
||||
scanQueue=$scanQueue" $DOS_BUILD_BASE/lineage-sdk $DOS_BUILD_BASE/vendor/lineage";
|
||||
scanForMalware true $scanQueue;
|
||||
scanForMalware true "$scanQueue";
|
||||
}
|
||||
export -f scanWorkspaceForMalware;
|
||||
|
||||
|
|
@ -84,10 +84,8 @@ export -f buildAll;
|
|||
patchWorkspace() {
|
||||
if [ "$DOS_MALWARE_SCAN_ENABLED" = true ]; then scanForMalware false "$DOS_PREBUILT_APPS $DOS_BUILD_BASE/build $DOS_BUILD_BASE/device $DOS_BUILD_BASE/vendor/lineage"; fi;
|
||||
|
||||
source build/envsetup.sh;
|
||||
#source build/envsetup.sh;
|
||||
#repopick 219020; #ab-neverallow-user
|
||||
#repopick -it bt-sbc-hd-dualchannel;
|
||||
repopick 244160; #ramdisk compression fix
|
||||
|
||||
source "$DOS_SCRIPTS/Patch.sh";
|
||||
source "$DOS_SCRIPTS/Defaults.sh";
|
||||
|
|
|
|||
|
|
@ -17,6 +17,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3857/ANY/0001.patch
|
|||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3894/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5829/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6753/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6791/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6828/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-7910/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-7915/ANY/0001.patch
|
||||
|
|
@ -30,9 +31,11 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-9793/ANY/0001.patch
|
|||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-9794/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0403/3.0-^3.18/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0404/^3.18/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0611/3.4/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0648/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0710/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0751/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0786/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11473/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13305/ANY/0001.patch
|
||||
|
|
@ -57,7 +60,11 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7184/ANY/0001.patch
|
|||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7184/ANY/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7308/ANY/0003.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7487/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8246/3.4/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8246/3.4/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8247/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8254/3.4/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8254/3.4/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8890/3.4/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9242/^4.11/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-1068/ANY/0001.patch
|
||||
|
|
@ -66,6 +73,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10879/3.4/0003.patch
|
|||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10880/3.4/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10882/3.4/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10883/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11832/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9389/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9416/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9516/ANY/0001.patch
|
||||
|
|
@ -80,5 +88,5 @@ git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/kernel.msm.git-7be3e08d7a5232
|
|||
git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/kernel.msm.git-9f34c6ebc016cd061ae5ec901221d15fa3d67e49.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000111/ANY/0001.patch
|
||||
editKernelLocalversion "-dos.p80"
|
||||
editKernelLocalversion "-dos.p88"
|
||||
cd "$DOS_BUILD_BASE"
|
||||
|
|
|
|||
|
|
@ -72,11 +72,12 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5865/ANY/0001.patch
|
|||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5897/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9415/ANY/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9515/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-1999/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-8912/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6693/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6696/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0610/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14883/ANY/0001.patch
|
||||
editKernelLocalversion "-dos.p78"
|
||||
editKernelLocalversion "-dos.p79"
|
||||
cd "$DOS_BUILD_BASE"
|
||||
|
|
|
|||
|
|
@ -47,9 +47,10 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10879/3.4/0003.patch
|
|||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10880/3.4/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10882/3.4/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10883/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2001/3.4/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-8912/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/Untracked-01/ANY/0008-nfsd-check-for-oversized-NFSv2-v3-arguments.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/kernel.msm.git-9f34c6ebc016cd061ae5ec901221d15fa3d67e49.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
|
||||
editKernelLocalversion "-dos.p51"
|
||||
editKernelLocalversion "-dos.p52"
|
||||
cd "$DOS_BUILD_BASE"
|
||||
|
|
|
|||
|
|
@ -30,7 +30,7 @@ export -f resetWorkspace;
|
|||
scanWorkspaceForMalware() {
|
||||
scanQueue="$DOS_BUILD_BASE/android $DOS_BUILD_BASE/art $DOS_BUILD_BASE/bionic $DOS_BUILD_BASE/bootable $DOS_BUILD_BASE/build $DOS_BUILD_BASE/compatibility $DOS_BUILD_BASE/dalvik $DOS_BUILD_BASE/device $DOS_BUILD_BASE/hardware $DOS_BUILD_BASE/libcore $DOS_BUILD_BASE/libnativehelper $DOS_BUILD_BASE/packages $DOS_BUILD_BASE/pdk $DOS_BUILD_BASE/platform_testing $DOS_BUILD_BASE/sdk $DOS_BUILD_BASE/system";
|
||||
scanQueue=$scanQueue" $DOS_BUILD_BASE/lineage-sdk $DOS_BUILD_BASE/vendor/lineage";
|
||||
scanForMalware true $scanQueue;
|
||||
scanForMalware true "$scanQueue";
|
||||
}
|
||||
export -f scanWorkspaceForMalware;
|
||||
|
||||
|
|
@ -66,6 +66,7 @@ patchWorkspace() {
|
|||
#repopick -it bt-sbc-hd-dualchannel-pie;
|
||||
repopick 244148; #log spam fix
|
||||
#repopick -it recovery-p;
|
||||
repopick 245252; #update webview
|
||||
|
||||
source "$DOS_SCRIPTS/Patch.sh";
|
||||
source "$DOS_SCRIPTS/Defaults.sh";
|
||||
|
|
|
|||
|
|
@ -89,6 +89,7 @@ gpgVerifyGitHead() {
|
|||
export -f gpgVerifyGitHead;
|
||||
|
||||
BUILD_WORKING_DIR=${PWD##*/};
|
||||
DOS_VERSION=$BUILD_WORKING_DIR;
|
||||
if [ -d ".repo" ]; then
|
||||
echo "Detected $BUILD_WORKING_DIR";
|
||||
else
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user