Improvements and fixes

- 18.1: disable m8, thermanager is not yet ready
- 17.1: drop cheeseburger/dumpling, it is absolutely broken
- deblobber: remove euicc + others
- deblobber: hack to remove vintf fragments

Manifests/Manifest_LAOS-17.1.xml

@@ -196,14 +196,6 @@
 	<project path="device/oneplus/oneplus3" name="LineageOS/android_device_oneplus_oneplus3" remote="github" />
 	<project path="kernel/oneplus/msm8996" name="LineageOS/android_kernel_oneplus_msm8996" remote="github" />
 
-	<!-- OnePlus 5 (cheeseburger) -->
-	<project path="device/oneplus/cheeseburger" name="LineageOS/android_device_oneplus_cheeseburger" remote="github" />
-	<project path="device/oneplus/msm8998-common" name="LineageOS/android_device_oneplus_msm8998-common" remote="github" />
-	<project path="kernel/oneplus/msm8998" name="LineageOS/android_kernel_oneplus_msm8998" remote="github" />
-
-	<!-- OnePlus 5T (dumpling) -->
-	<project path="device/oneplus/dumpling" name="LineageOS/android_device_oneplus_dumpling" remote="github" />
-
 	<!-- OnePlus 6 (enchilada) -->
 	<project path="device/oneplus/common" name="LineageOS/android_device_oneplus_common" remote="github" />
 	<project path="device/oneplus/sdm845-common" name="LineageOS/android_device_oneplus_sdm845-common" remote="github" />

Manifests/Manifest_LAOS-18.1.xml

@@ -78,7 +78,7 @@
 	<project path="system/qcom" name="LineageOS/android_system_qcom" remote="github" />
 	<project path="external/bson" name="LineageOS/android_external_bson" remote="github" />
 	<project path="external/sony/boringssl-compat" name="LineageOS/android_external_sony_boringssl-compat" remote="github" />
-	<project path="hardware/sony/thermanager" name="LineageOS/android_hardware_sony_thermanager" remote="github" />
+	<!--<project path="hardware/sony/thermanager" name="LineageOS/android_hardware_sony_thermanager" remote="github" />-->
 	<project path="hardware/sony/timekeep" name="LineageOS/android_hardware_sony_timekeep" remote="github" />
 
 	<!-- Essential PH-1 (mata) -->

Scripts/Common/Deblob.sh

@@ -231,6 +231,12 @@ echo "Deblobbing...";
 	blobs=$blobs"|TetheringEntitlement.apk|CarrierLocation.apk|CarrierWifi.apk|CarrierSettings.apk";
 	blobs=$blobs"|HardwareInfo.apk";
 	blobs=$blobs"|SCONE.apk"; #???
+	blobs=$blobs"|DevicePersonalizationPrebuilt.*.apk"; #Live Captions?
+
+	#EUICC (Virtual SIM) [Google]
+	blobs=$blobs"|EuiccGoogle.apk|EuiccSupportPixel.apk"; #EUICC is useless without GMS
+	blobs=$blobs"|esim0.img|esim-v1.img|esim-full-v0.img";
+	makes=$makes"|android.hardware.telephony.euicc.*";
 
 	#Google Camera
 	blobs=$blobs"|com.google.android.camera.*";
@@ -760,12 +766,26 @@ deblobVendors() {
 }
 export -f deblobVendors;
 
-deblobVendor() {
+deblobVendorMk() {
 	local makefile="$1";
 	cd "$DOS_BUILD_BASE";
 	awk -i inplace '!/'$blobs'/' "$makefile"; #Remove all blob references from makefile
 }
-export -f deblobVendor;
+export -f deblobVendorMk;
+
+deblobVendorBp() {
+	local bpfile="$1";
+	cd "$DOS_BUILD_BASE";
+	#TODO: remove these lines instead
+	sed -i -E "s/apk.*("$blobs").*/apk: \"proprietary\/priv-app\/qcrilmsgtunnel\/qcrilmsgtunnel.apk\", enabled: false,/g" "$bpfile";
+	sed -i -E "s/jars.*("$blobs").*/jars: \[\"proprietary\/system\/framework\/qcrilhook.jar\"\], enabled: false,/g" "$bpfile";
+	sed -i -E "s/srcs.*("$blobs").*/srcs: \[\"proprietary\/vendor\/lib\/libtime_genoff.so\"\], enabled: false,/g" "$bpfile";
+	#TODO make this work for more then these two blobs
+	#Credit: https://stackoverflow.com/a/26053127
+	sed -i ':a;N;s/\n/&/3;Ta;/manifest_android.hardware.drm@1.3-service.widevine.xml/!{P;D};:b;N;s/\n/&/8;Tb;d' "$bpfile";
+	sed -i ':a;N;s/\n/&/3;Ta;/vendor.qti.hardware.radio.atcmdfwd@1.0.xml/!{P;D};:b;N;s/\n/&/8;Tb;d' "$bpfile";
+}
+export -f deblobVendorBp;
 #
 #END OF FUNCTIONS
 #
@@ -778,11 +798,8 @@ find build -name "*.mk" -type f -print0 | xargs -0 -n 1 -P 8 -I {} bash -c 'awk
 find device -maxdepth 2 -mindepth 2 -type d -exec bash -c 'deblobDevice "$0"' {} \;; #Deblob all device directories
 #find device -maxdepth 3 -mindepth 2 -type d -print0 | xargs -0 -n 1 -P 8 -I {} bash -c 'deblobSepolicy "{}"'; #Deblob all device sepolicy directories XXX: Breaks builds when other sepolicy files reference deleted ones
 #find kernel -maxdepth 2 -mindepth 2 -type d -print0 | xargs -0 -n 1 -P 8 -I {} bash -c 'deblobKernel "{}"'; #Deblob all kernel directories
-find vendor -name "*endor*.mk" -type f -print0 | xargs -0 -n 1 -P 8 -I {} bash -c 'deblobVendor "{}"'; #Deblob all makefiles
+find vendor -name "*endor*.mk" -type f -print0 | xargs -0 -n 1 -P 8 -I {} bash -c 'deblobVendorMk "{}"'; #Deblob all makefiles
-#TODO: XXX: Better Android.bp cleaning
+find vendor -name "Android.bp" -type f -print0 | xargs -0 -n 1 -P 8 -I {} bash -c 'deblobVendorBp "{}"'; #Deblob all makefiles
-find vendor -name "Android.bp" -type f -print0 | xargs -0 -n 1 -P 8 -I {} bash -c 'sed -i -E "s/apk.*("$blobs").*/apk: \"proprietary\/priv-app\/qcrilmsgtunnel\/qcrilmsgtunnel.apk\", enabled: false,/g" "{}"';
-find vendor -name "Android.bp" -type f -print0 | xargs -0 -n 1 -P 8 -I {} bash -c 'sed -i -E "s/jars.*("$blobs").*/jars: \[\"proprietary\/system\/framework\/qcrilhook.jar\"\], enabled: false,/g" "{}"';
-find vendor -name "Android.bp" -type f -print0 | xargs -0 -n 1 -P 8 -I {} bash -c 'sed -i -E "s/srcs.*("$blobs").*/srcs: \[\"proprietary\/vendor\/lib\/libtime_genoff.so\"\], enabled: false,/g" "{}"';
 deblobVendors; #Deblob entire vendor directory
 rm -rf frameworks/av/drm/mediadrm/plugins/clearkey; #Remove ClearKey
 rm -rf vendor/samsung/nodevice;

Scripts/Common/Functions.sh

@@ -535,6 +535,14 @@ enableStrongEncryption() {
 }
 export -f enableStrongEncryption;
 
+addAdbKey() {
+	if [ -f ~/.android/adbkey.pub ]; then
+		cp ~/.android/adbkey.pub "$DOS_BUILD_BASE/vendor/divested/";
+		echo "PRODUCT_ADB_KEYS := vendor/divested/adbkey.pub" >> "$DOS_BUILD_BASE/vendor/divested/divestos.mk";
+	fi;
+}
+export -f addAdbKey;
+
 changeDefaultDNS() {
 	local dnsPrimary="";
 	local dnsPrimaryV6="";

Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_oneplus_msm8998.sh

@@ -1,84 +0,0 @@
-#!/bin/bash
-cd "$DOS_BUILD_BASE""kernel/oneplus/msm8998"
-git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/4.4/4.4.0251-0252.patch --exclude=Makefile
-git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/4.4/4.4.0252-0253.patch --exclude=Makefile
-git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/4.4/4.4.0256-0257.patch --exclude=Makefile
-git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/4.4/4.4.0260-0261.patch --exclude=Makefile
-git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.10+/0016.patch
-git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.10+/0020.patch
-git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0002.patch
-git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0006.patch
-#git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0011.patch
-#git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0012.patch
-git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0013.patch
-#git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0014.patch
-git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0015.patch
-#git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0019.patch
-git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/ANY/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7837/ANY/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-1583/^4.6.3/0003.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6187/^4.6.5/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6693/ANY/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6696/ANY/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8394/ANY/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0006.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0009.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0610/ANY/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0627/4.4/0009.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0627/ANY/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9059/^4.11.1/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9211/^4.11.2/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13218/4.4/0019.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13693/^4.12.9/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13694/^4.12.9/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14875/ANY/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16644/4.4/0004.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18174/^4.7/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18204/4.4/0004.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000252/^4.13.3/0002.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5897/ANY/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9415/ANY/0005.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-16597/4.4/0002.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-8912/^4.20.11/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10494/ANY/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10622/ANY/0002.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12378/^5.1.5/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12456/^5.1.5/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14763/^4.16.4/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15291/4.4/0006.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-16232/4.4/0006.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-16994/^5.0/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19051/4.4/0012.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19060/4.4/0005.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19061/4.4/0005.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19068/4.4/0004.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-3625/ANY/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11160/ANY/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11608/4.4/0006.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11608/^5.6.1/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-12352/ANY/0011.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-14386/3.10-^4.4/0002.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-16119/^5.10/0002.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-27825/4.4/0004.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-29569/4.4/0007.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-0399/4.4/0002.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-20261/4.4/0002.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-26930/4.4/0004.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-26931/4.4/0010.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-26931/4.4/0011.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-26931/4.4/0012.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-26932/4.4/0016.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-26932/4.4/0017.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-26932/4.4/0018.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-26932/4.4/0019.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-26932/4.4/0020.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-27363/4.4/0004.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-27365/4.4/0007.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-27365/4.4/0008.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-28038/4.4/0007.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-28038/4.4/0008.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-28660/4.4/0004.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-28964/4.4/0004.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-28972/4.4/0004.patch
-editKernelLocalversion "-dos.p80"
-cd "$DOS_BUILD_BASE"

Scripts/LineageOS-17.1/Functions.sh

@@ -18,7 +18,7 @@
 #Last verified: 2020-04-14
 
 patchAllKernels() {
-	startPatcher "kernel_asus_fugu kernel_cyanogen_msm8916 kernel_fairphone_msm8974 kernel_fairphone_sdm632 kernel_fxtec_msm8998 kernel_google_coral kernel_google_marlin kernel_google_msm-4.9 kernel_google_wahoo kernel_google_yellowstone kernel_htc_msm8974 kernel_lge_g3 kernel_lge_mako kernel_lge_msm8974 kernel_lge_msm8996 kernel_moto_shamu kernel_motorola_msm8916 kernel_motorola_msm8974 kernel_motorola_msm8992 kernel_motorola_msm8996 kernel_nextbit_msm8992 kernel_oneplus_msm8994 kernel_oneplus_msm8996 kernel_oneplus_msm8998 kernel_oneplus_sdm845 kernel_oneplus_sm7250 kernel_oneplus_sm8150 kernel_razer_msm8998 kernel_samsung_jf kernel_xiaomi_sdm845 kernel_yandex_sdm660 kernel_zuk_msm8996";
+	startPatcher "kernel_asus_fugu kernel_cyanogen_msm8916 kernel_fairphone_msm8974 kernel_fairphone_sdm632 kernel_fxtec_msm8998 kernel_google_coral kernel_google_marlin kernel_google_msm-4.9 kernel_google_wahoo kernel_google_yellowstone kernel_htc_msm8974 kernel_lge_g3 kernel_lge_mako kernel_lge_msm8974 kernel_lge_msm8996 kernel_moto_shamu kernel_motorola_msm8916 kernel_motorola_msm8974 kernel_motorola_msm8992 kernel_motorola_msm8996 kernel_nextbit_msm8992 kernel_oneplus_msm8994 kernel_oneplus_msm8996 kernel_oneplus_sdm845 kernel_oneplus_sm7250 kernel_oneplus_sm8150 kernel_razer_msm8998 kernel_samsung_jf kernel_xiaomi_sdm845 kernel_yandex_sdm660 kernel_zuk_msm8996";
 }
 export -f patchAllKernels;
 
@@ -96,8 +96,6 @@ buildAll() {
 	buildDevice FP3 avb;
 	#SD835
 	buildDevice cheryl verity;
-	buildDevice cheeseburger verity; #needs manual patching - vendor common makefile + not booting
-	buildDevice dumpling verity;
 	buildDevice taimen avb;
 	buildDevice walleye avb;
 	#SD845

Scripts/LineageOS-17.1/Patch.sh

@@ -297,9 +297,6 @@ enableVerity; #Resurrect dm-verity
 enterAndClear "device/oneplus/oneplus2";
 sed -i 's|etc/permissions/qti_libpermissions.xml|vendor/etc/permissions/qti_libpermissions.xml|' proprietary-files.txt;
 
-enterAndClear "device/oneplus/msm8998-common";
-awk -i inplace '!/TARGET_RELEASETOOLS_EXTENSIONS/' BoardConfigCommon.mk; #disable releasetools to fix delta ota generation
-
 enterAndClear "device/oneplus/sm8150-common";
 enableVerity; #Resurrect dm-verity
 

Scripts/LineageOS-18.1/Functions.sh

@@ -69,7 +69,7 @@ buildAll() {
 	#SD801
 	buildDevice bacon;
 	buildDevice klte; #unb18
-	buildDevice m8; #unb18
+	#buildDevice m8; #unb18
 	buildDevice victara; #error: +out/target/product/victara/recovery.img too large (10522624 >= 10485760)
 	#SD805
 	buildDevice shamu verity;
@@ -83,8 +83,8 @@ buildAll() {
 	buildDevice oneplus3 verity;
 	#SD835
 	buildDevice cheryl verity;
-	buildDevice cheeseburger verity; #needs manual patching - vendor common makefile
+	#buildDevice cheeseburger verity; #needs manual patching - vendor common makefile
-	buildDevice dumpling verity;
+	#buildDevice dumpling verity;
 	buildDevice mata verity;
 	buildDevice taimen avb;
 	buildDevice walleye avb;

Scripts/LineageOS-18.1/Patch.sh

@@ -264,6 +264,7 @@ awk -i inplace '!/WfdCommon/' msm8996.mk; #fix breakage
 
 enterAndClear "device/oneplus/msm8998-common";
 awk -i inplace '!/TARGET_RELEASETOOLS_EXTENSIONS/' BoardConfigCommon.mk; #disable releasetools to fix delta ota generation
+awk -i inplace '!/hal_camera_default, sensors_dbg_prop/' sepolicy/vendor/hal_camera_default.te; #Remove a neverallow
 
 enterAndClear "device/oppo/common";
 awk -i inplace '!/TARGET_RELEASETOOLS_EXTENSIONS/' BoardConfigCommon.mk; #disable releasetools to fix delta ota generation

Scripts/LineageOS-18.1/TODO

@@ -1,3 +0,0 @@
-- Fix PicoTTS inclusion
-- Fix vintf in Android.bp deblobbing
-- Fix signing on newer devices