From 9db9215d6b29a1c305fa7176cc53b54595082bc3 Mon Sep 17 00:00:00 2001 From: Tad Date: Mon, 29 Mar 2021 17:09:12 -0400 Subject: [PATCH] Small changes - Disable generation of unused OTA to reduce compile time - 17.1+: Disable APEX, breaks signing, and is also useless since no Play Store. - 18.1: Fixup signing --- .../android_build/0002-OTA_Keys.patch | 29 +++++++++++++++++++ Scripts/Common/Functions.sh | 9 +++++- Scripts/LineageOS-15.1/Functions.sh | 4 +-- Scripts/LineageOS-16.0/Functions.sh | 4 +-- Scripts/LineageOS-17.1/Functions.sh | 4 +-- Scripts/LineageOS-17.1/Patch.sh | 2 ++ Scripts/LineageOS-18.1/Functions.sh | 4 +-- Scripts/LineageOS-18.1/Patch.sh | 4 ++- 8 files changed, 50 insertions(+), 10 deletions(-) create mode 100644 Patches/LineageOS-18.1/android_build/0002-OTA_Keys.patch diff --git a/Patches/LineageOS-18.1/android_build/0002-OTA_Keys.patch b/Patches/LineageOS-18.1/android_build/0002-OTA_Keys.patch new file mode 100644 index 00000000..a6153692 --- /dev/null +++ b/Patches/LineageOS-18.1/android_build/0002-OTA_Keys.patch @@ -0,0 +1,29 @@ +From 7cea4afe3e17c1dc8910c8ae9ad551bf280173ea Mon Sep 17 00:00:00 2001 +From: Tad +Date: Wed, 31 Mar 2021 01:26:27 -0400 +Subject: [PATCH] Support OTA recovery key override + +Change-Id: I216c121a54331e9424dfc1543f85752b07229d9b +--- + core/product_config.mk | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/core/product_config.mk b/core/product_config.mk +index a16af05cf..0152a3543 100644 +--- a/core/product_config.mk ++++ b/core/product_config.mk +@@ -280,6 +280,11 @@ $(foreach pair,$(PRODUCT_UPDATABLE_BOOT_JARS), \ + ENFORCE_SYSTEM_CERTIFICATE := $(PRODUCT_ENFORCE_ARTIFACT_SYSTEM_CERTIFICATE_REQUIREMENT) + ENFORCE_SYSTEM_CERTIFICATE_ALLOW_LIST := $(PRODUCT_ARTIFACT_SYSTEM_CERTIFICATE_REQUIREMENT_ALLOW_LIST) + ++ifneq ($(OTA_KEY_OVERRIDE_DIR),) ++ OTA_PUBLIC_KEYS := $(OTA_KEY_OVERRIDE_DIR)/releasekey.x509.pem ++ PRODUCT_EXTRA_RECOVERY_KEYS := $(OTA_KEY_OVERRIDE_DIR)/extra ++endif ++ + PRODUCT_OTA_PUBLIC_KEYS := $(sort $(PRODUCT_OTA_PUBLIC_KEYS)) + PRODUCT_EXTRA_RECOVERY_KEYS := $(sort $(PRODUCT_EXTRA_RECOVERY_KEYS)) + +-- +2.30.2 + diff --git a/Scripts/Common/Functions.sh b/Scripts/Common/Functions.sh index 61265e00..617fbcda 100644 --- a/Scripts/Common/Functions.sh +++ b/Scripts/Common/Functions.sh @@ -157,7 +157,6 @@ processRelease() { local RELEASETOOLS_PREFIX="build/tools/releasetools/"; #XXX: FIXME 18REBASE if [[ "$DOS_VERSION" == "LineageOS-18.1" ]]; then local RELEASETOOLS_PREFIX=""; - make otatools; fi; echo -e "\e[0;32mProcessing release for $DEVICE\e[0m"; @@ -518,6 +517,14 @@ hardenBootArgs() { } export -f hardenBootArgs; +disableAPEX() { + cd "$DOS_BUILD_BASE$1"; + awk -i inplace '!/DEXPREOPT_GENERATE_APEX_IMAGE/' *.mk &>/dev/null || true; + awk -i inplace '!/updatable_apex.mk/' *.mk &>/dev/null || true; + cd "$DOS_BUILD_BASE"; +} +export -f disableAPEX; + enableStrongEncryption() { cd "$DOS_BUILD_BASE$1"; if [ -f BoardConfig.mk ]; then diff --git a/Scripts/LineageOS-15.1/Functions.sh b/Scripts/LineageOS-15.1/Functions.sh index 859e923a..e4518c06 100644 --- a/Scripts/LineageOS-15.1/Functions.sh +++ b/Scripts/LineageOS-15.1/Functions.sh @@ -37,14 +37,14 @@ export -f scanWorkspaceForMalware; buildDevice() { cd "$DOS_BUILD_BASE"; export OTA_KEY_OVERRIDE_DIR="$DOS_SIGNING_KEYS/$1"; - brunch "lineage_$1-user" && processRelease $1 true $2; + breakfast "lineage_$1-user" && mka target-files-package otatools && processRelease $1 true $2; } export -f buildDevice; buildDeviceUserDebug() { cd "$DOS_BUILD_BASE"; export OTA_KEY_OVERRIDE_DIR="$DOS_SIGNING_KEYS/$1"; - brunch "lineage_$1-userdebug" && processRelease $1 true $2; + breakfast "lineage_$1-userdebug" && mka target-files-package otatools && processRelease $1 true $2; } export -f buildDeviceUserDebug; diff --git a/Scripts/LineageOS-16.0/Functions.sh b/Scripts/LineageOS-16.0/Functions.sh index 555929f3..0b2e08e6 100644 --- a/Scripts/LineageOS-16.0/Functions.sh +++ b/Scripts/LineageOS-16.0/Functions.sh @@ -37,14 +37,14 @@ export -f scanWorkspaceForMalware; buildDevice() { cd "$DOS_BUILD_BASE"; export OTA_KEY_OVERRIDE_DIR="$DOS_SIGNING_KEYS/$1"; - brunch "lineage_$1-user" && processRelease $1 true $2; + breakfast "lineage_$1-user" && mka target-files-package otatools && processRelease $1 true $2; } export -f buildDevice; buildDeviceUserDebug() { cd "$DOS_BUILD_BASE"; export OTA_KEY_OVERRIDE_DIR="$DOS_SIGNING_KEYS/$1"; - brunch "lineage_$1-userdebug" && processRelease $1 true $2; + breakfast "lineage_$1-userdebug" && mka target-files-package otatools && processRelease $1 true $2; } export -f buildDeviceUserDebug; diff --git a/Scripts/LineageOS-17.1/Functions.sh b/Scripts/LineageOS-17.1/Functions.sh index c770a1e5..a85fdd67 100644 --- a/Scripts/LineageOS-17.1/Functions.sh +++ b/Scripts/LineageOS-17.1/Functions.sh @@ -37,14 +37,14 @@ export -f scanWorkspaceForMalware; buildDevice() { cd "$DOS_BUILD_BASE"; export OTA_KEY_OVERRIDE_DIR="$DOS_SIGNING_KEYS/$1"; - brunch "lineage_$1-user" && processRelease $1 true $2; + breakfast "lineage_$1-user" && mka target-files-package otatools && processRelease $1 true $2; } export -f buildDevice; buildDeviceUserDebug() { cd "$DOS_BUILD_BASE"; export OTA_KEY_OVERRIDE_DIR="$DOS_SIGNING_KEYS/$1"; - brunch "lineage_$1-userdebug" && processRelease $1 true $2; + breakfast "lineage_$1-userdebug" && mka target-files-package otatools && processRelease $1 true $2; } export -f buildDeviceUserDebug; diff --git a/Scripts/LineageOS-17.1/Patch.sh b/Scripts/LineageOS-17.1/Patch.sh index 5957bfd4..5035e6ff 100644 --- a/Scripts/LineageOS-17.1/Patch.sh +++ b/Scripts/LineageOS-17.1/Patch.sh @@ -70,6 +70,7 @@ patch -p1 < "$DOS_PATCHES_COMMON/android_build/0001-OTA_Keys.patch"; #add correc awk -i inplace '!/PRODUCT_EXTRA_RECOVERY_KEYS/' core/product.mk; sed -i '75i$(my_res_package): PRIVATE_AAPT_FLAGS += --auto-add-overlay' core/aapt2.mk; sed -i 's/messaging/Silence/' target/product/aosp_base_telephony.mk target/product/gsi_common.mk; #Switch to Silence +awk -i inplace '!/updatable_apex.mk/' target/product/mainline_system.mk; #Disable APEX enterAndClear "device/qcom/sepolicy-legacy"; patch -p1 < "$DOS_PATCHES/android_device_qcom_sepolicy-legacy/0001-Camera_Fix.patch"; #Fix camera on -user builds XXX: REMOVE THIS TRASH @@ -340,6 +341,7 @@ find "device" -maxdepth 2 -mindepth 2 -type d -print0 | xargs -0 -n 1 -P 8 -I {} find "device" -maxdepth 2 -mindepth 2 -type d -print0 | xargs -0 -n 1 -P 8 -I {} bash -c 'hardenUserdata "{}"'; find "device" -maxdepth 2 -mindepth 2 -type d -print0 | xargs -0 -n 1 -P 8 -I {} bash -c 'hardenBootArgs "{}"'; find "kernel" -maxdepth 2 -mindepth 2 -type d -print0 | xargs -0 -n 1 -P 4 -I {} bash -c 'hardenDefconfig "{}"'; +find "device" -maxdepth 2 -mindepth 2 -type d -print0 | xargs -0 -n 1 -P 8 -I {} bash -c 'disableAPEX "{}"'; cd "$DOS_BUILD_BASE"; deblobAudio; removeBuildFingerprints; diff --git a/Scripts/LineageOS-18.1/Functions.sh b/Scripts/LineageOS-18.1/Functions.sh index bfab475e..f2ab9932 100644 --- a/Scripts/LineageOS-18.1/Functions.sh +++ b/Scripts/LineageOS-18.1/Functions.sh @@ -37,14 +37,14 @@ export -f scanWorkspaceForMalware; buildDevice() { cd "$DOS_BUILD_BASE"; export OTA_KEY_OVERRIDE_DIR="$DOS_SIGNING_KEYS/$1"; - brunch "lineage_$1-user" && processRelease $1 true $2; + breakfast "lineage_$1-user" && mka target-files-package otatools && processRelease $1 true $2; } export -f buildDevice; buildDeviceUserDebug() { cd "$DOS_BUILD_BASE"; export OTA_KEY_OVERRIDE_DIR="$DOS_SIGNING_KEYS/$1"; - brunch "lineage_$1-userdebug" && processRelease $1 true $2; + breakfast "lineage_$1-userdebug" && mka target-files-package otatools && processRelease $1 true $2; } export -f buildDeviceUserDebug; diff --git a/Scripts/LineageOS-18.1/Patch.sh b/Scripts/LineageOS-18.1/Patch.sh index 40204095..cd7b14c2 100644 --- a/Scripts/LineageOS-18.1/Patch.sh +++ b/Scripts/LineageOS-18.1/Patch.sh @@ -62,10 +62,11 @@ patch -p1 < "$DOS_PATCHES/android_bootable_recovery/0001-No_SerialNum_Restrictio enterAndClear "build/make"; patch -p1 < "$DOS_PATCHES/android_build/0001-Restore_TTS.patch"; #Add back PicoTTS and language files -#patch -p1 < "$DOS_PATCHES/android_build/0001-OTA_Keys.patch"; #add correct keys to recovery for OTA verification #XXX 18REBASE +patch -p1 < "$DOS_PATCHES/android_build/0002-OTA_Keys.patch"; #add correct keys to recovery for OTA verification awk -i inplace '!/PRODUCT_EXTRA_RECOVERY_KEYS/' core/product.mk; sed -i '75i$(my_res_package): PRIVATE_AAPT_FLAGS += --auto-add-overlay' core/aapt2.mk; sed -i 's/messaging/Silence/' target/product/aosp_base_telephony.mk target/product/aosp_product.mk; #Switch to Silence +awk -i inplace '!/updatable_apex.mk/' target/product/mainline_system.mk; #Disable APEX enterAndClear "device/qcom/sepolicy-legacy"; patch -p1 < "$DOS_PATCHES/android_device_qcom_sepolicy-legacy/0001-Camera_Fix.patch"; #Fix camera on -user builds XXX: REMOVE THIS TRASH @@ -289,6 +290,7 @@ find "device" -maxdepth 2 -mindepth 2 -type d -print0 | xargs -0 -n 1 -P 8 -I {} find "device" -maxdepth 2 -mindepth 2 -type d -print0 | xargs -0 -n 1 -P 8 -I {} bash -c 'hardenUserdata "{}"'; find "device" -maxdepth 2 -mindepth 2 -type d -print0 | xargs -0 -n 1 -P 8 -I {} bash -c 'hardenBootArgs "{}"'; find "kernel" -maxdepth 2 -mindepth 2 -type d -print0 | xargs -0 -n 1 -P 4 -I {} bash -c 'hardenDefconfig "{}"'; +find "device" -maxdepth 2 -mindepth 2 -type d -print0 | xargs -0 -n 1 -P 8 -I {} bash -c 'disableAPEX "{}"'; cd "$DOS_BUILD_BASE"; deblobAudio; removeBuildFingerprints;