Improvements and fixes

- 18.1: disable m8, thermanager is not yet ready
- 17.1: drop cheeseburger/dumpling, it is absolutely broken
- deblobber: remove euicc + others
- deblobber: hack to remove vintf fragments
This commit is contained in:
Tad 2021-04-04 17:06:47 -04:00
parent 2a0e74864b
commit ad178961e4
10 changed files with 38 additions and 112 deletions

View File

@ -196,14 +196,6 @@
<project path="device/oneplus/oneplus3" name="LineageOS/android_device_oneplus_oneplus3" remote="github" />
<project path="kernel/oneplus/msm8996" name="LineageOS/android_kernel_oneplus_msm8996" remote="github" />
<!-- OnePlus 5 (cheeseburger) -->
<project path="device/oneplus/cheeseburger" name="LineageOS/android_device_oneplus_cheeseburger" remote="github" />
<project path="device/oneplus/msm8998-common" name="LineageOS/android_device_oneplus_msm8998-common" remote="github" />
<project path="kernel/oneplus/msm8998" name="LineageOS/android_kernel_oneplus_msm8998" remote="github" />
<!-- OnePlus 5T (dumpling) -->
<project path="device/oneplus/dumpling" name="LineageOS/android_device_oneplus_dumpling" remote="github" />
<!-- OnePlus 6 (enchilada) -->
<project path="device/oneplus/common" name="LineageOS/android_device_oneplus_common" remote="github" />
<project path="device/oneplus/sdm845-common" name="LineageOS/android_device_oneplus_sdm845-common" remote="github" />

View File

@ -78,7 +78,7 @@
<project path="system/qcom" name="LineageOS/android_system_qcom" remote="github" />
<project path="external/bson" name="LineageOS/android_external_bson" remote="github" />
<project path="external/sony/boringssl-compat" name="LineageOS/android_external_sony_boringssl-compat" remote="github" />
<project path="hardware/sony/thermanager" name="LineageOS/android_hardware_sony_thermanager" remote="github" />
<!--<project path="hardware/sony/thermanager" name="LineageOS/android_hardware_sony_thermanager" remote="github" />-->
<project path="hardware/sony/timekeep" name="LineageOS/android_hardware_sony_timekeep" remote="github" />
<!-- Essential PH-1 (mata) -->

View File

@ -231,6 +231,12 @@ echo "Deblobbing...";
blobs=$blobs"|TetheringEntitlement.apk|CarrierLocation.apk|CarrierWifi.apk|CarrierSettings.apk";
blobs=$blobs"|HardwareInfo.apk";
blobs=$blobs"|SCONE.apk"; #???
blobs=$blobs"|DevicePersonalizationPrebuilt.*.apk"; #Live Captions?
#EUICC (Virtual SIM) [Google]
blobs=$blobs"|EuiccGoogle.apk|EuiccSupportPixel.apk"; #EUICC is useless without GMS
blobs=$blobs"|esim0.img|esim-v1.img|esim-full-v0.img";
makes=$makes"|android.hardware.telephony.euicc.*";
#Google Camera
blobs=$blobs"|com.google.android.camera.*";
@ -760,12 +766,26 @@ deblobVendors() {
}
export -f deblobVendors;
deblobVendor() {
deblobVendorMk() {
local makefile="$1";
cd "$DOS_BUILD_BASE";
awk -i inplace '!/'$blobs'/' "$makefile"; #Remove all blob references from makefile
}
export -f deblobVendor;
export -f deblobVendorMk;
deblobVendorBp() {
local bpfile="$1";
cd "$DOS_BUILD_BASE";
#TODO: remove these lines instead
sed -i -E "s/apk.*("$blobs").*/apk: \"proprietary\/priv-app\/qcrilmsgtunnel\/qcrilmsgtunnel.apk\", enabled: false,/g" "$bpfile";
sed -i -E "s/jars.*("$blobs").*/jars: \[\"proprietary\/system\/framework\/qcrilhook.jar\"\], enabled: false,/g" "$bpfile";
sed -i -E "s/srcs.*("$blobs").*/srcs: \[\"proprietary\/vendor\/lib\/libtime_genoff.so\"\], enabled: false,/g" "$bpfile";
#TODO make this work for more then these two blobs
#Credit: https://stackoverflow.com/a/26053127
sed -i ':a;N;s/\n/&/3;Ta;/manifest_android.hardware.drm@1.3-service.widevine.xml/!{P;D};:b;N;s/\n/&/8;Tb;d' "$bpfile";
sed -i ':a;N;s/\n/&/3;Ta;/vendor.qti.hardware.radio.atcmdfwd@1.0.xml/!{P;D};:b;N;s/\n/&/8;Tb;d' "$bpfile";
}
export -f deblobVendorBp;
#
#END OF FUNCTIONS
#
@ -778,11 +798,8 @@ find build -name "*.mk" -type f -print0 | xargs -0 -n 1 -P 8 -I {} bash -c 'awk
find device -maxdepth 2 -mindepth 2 -type d -exec bash -c 'deblobDevice "$0"' {} \;; #Deblob all device directories
#find device -maxdepth 3 -mindepth 2 -type d -print0 | xargs -0 -n 1 -P 8 -I {} bash -c 'deblobSepolicy "{}"'; #Deblob all device sepolicy directories XXX: Breaks builds when other sepolicy files reference deleted ones
#find kernel -maxdepth 2 -mindepth 2 -type d -print0 | xargs -0 -n 1 -P 8 -I {} bash -c 'deblobKernel "{}"'; #Deblob all kernel directories
find vendor -name "*endor*.mk" -type f -print0 | xargs -0 -n 1 -P 8 -I {} bash -c 'deblobVendor "{}"'; #Deblob all makefiles
#TODO: XXX: Better Android.bp cleaning
find vendor -name "Android.bp" -type f -print0 | xargs -0 -n 1 -P 8 -I {} bash -c 'sed -i -E "s/apk.*("$blobs").*/apk: \"proprietary\/priv-app\/qcrilmsgtunnel\/qcrilmsgtunnel.apk\", enabled: false,/g" "{}"';
find vendor -name "Android.bp" -type f -print0 | xargs -0 -n 1 -P 8 -I {} bash -c 'sed -i -E "s/jars.*("$blobs").*/jars: \[\"proprietary\/system\/framework\/qcrilhook.jar\"\], enabled: false,/g" "{}"';
find vendor -name "Android.bp" -type f -print0 | xargs -0 -n 1 -P 8 -I {} bash -c 'sed -i -E "s/srcs.*("$blobs").*/srcs: \[\"proprietary\/vendor\/lib\/libtime_genoff.so\"\], enabled: false,/g" "{}"';
find vendor -name "*endor*.mk" -type f -print0 | xargs -0 -n 1 -P 8 -I {} bash -c 'deblobVendorMk "{}"'; #Deblob all makefiles
find vendor -name "Android.bp" -type f -print0 | xargs -0 -n 1 -P 8 -I {} bash -c 'deblobVendorBp "{}"'; #Deblob all makefiles
deblobVendors; #Deblob entire vendor directory
rm -rf frameworks/av/drm/mediadrm/plugins/clearkey; #Remove ClearKey
rm -rf vendor/samsung/nodevice;

View File

@ -535,6 +535,14 @@ enableStrongEncryption() {
}
export -f enableStrongEncryption;
addAdbKey() {
if [ -f ~/.android/adbkey.pub ]; then
cp ~/.android/adbkey.pub "$DOS_BUILD_BASE/vendor/divested/";
echo "PRODUCT_ADB_KEYS := vendor/divested/adbkey.pub" >> "$DOS_BUILD_BASE/vendor/divested/divestos.mk";
fi;
}
export -f addAdbKey;
changeDefaultDNS() {
local dnsPrimary="";
local dnsPrimaryV6="";

View File

@ -1,84 +0,0 @@
#!/bin/bash
cd "$DOS_BUILD_BASE""kernel/oneplus/msm8998"
git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/4.4/4.4.0251-0252.patch --exclude=Makefile
git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/4.4/4.4.0252-0253.patch --exclude=Makefile
git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/4.4/4.4.0256-0257.patch --exclude=Makefile
git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/4.4/4.4.0260-0261.patch --exclude=Makefile
git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.10+/0016.patch
git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.10+/0020.patch
git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0006.patch
#git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0011.patch
#git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0012.patch
git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0013.patch
#git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0014.patch
git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0015.patch
#git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0019.patch
git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7837/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-1583/^4.6.3/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6187/^4.6.5/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6693/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6696/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8394/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0006.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0009.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0610/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0627/4.4/0009.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0627/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9059/^4.11.1/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9211/^4.11.2/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13218/4.4/0019.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13693/^4.12.9/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13694/^4.12.9/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14875/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16644/4.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18174/^4.7/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18204/4.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000252/^4.13.3/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5897/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9415/ANY/0005.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-16597/4.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-8912/^4.20.11/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10494/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10622/ANY/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12378/^5.1.5/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12456/^5.1.5/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14763/^4.16.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15291/4.4/0006.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-16232/4.4/0006.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-16994/^5.0/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19051/4.4/0012.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19060/4.4/0005.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19061/4.4/0005.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19068/4.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-3625/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11160/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11608/4.4/0006.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11608/^5.6.1/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-12352/ANY/0011.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-14386/3.10-^4.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-16119/^5.10/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-27825/4.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-29569/4.4/0007.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-0399/4.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-20261/4.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-26930/4.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-26931/4.4/0010.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-26931/4.4/0011.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-26931/4.4/0012.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-26932/4.4/0016.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-26932/4.4/0017.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-26932/4.4/0018.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-26932/4.4/0019.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-26932/4.4/0020.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-27363/4.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-27365/4.4/0007.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-27365/4.4/0008.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-28038/4.4/0007.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-28038/4.4/0008.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-28660/4.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-28964/4.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-28972/4.4/0004.patch
editKernelLocalversion "-dos.p80"
cd "$DOS_BUILD_BASE"

View File

@ -18,7 +18,7 @@
#Last verified: 2020-04-14
patchAllKernels() {
startPatcher "kernel_asus_fugu kernel_cyanogen_msm8916 kernel_fairphone_msm8974 kernel_fairphone_sdm632 kernel_fxtec_msm8998 kernel_google_coral kernel_google_marlin kernel_google_msm-4.9 kernel_google_wahoo kernel_google_yellowstone kernel_htc_msm8974 kernel_lge_g3 kernel_lge_mako kernel_lge_msm8974 kernel_lge_msm8996 kernel_moto_shamu kernel_motorola_msm8916 kernel_motorola_msm8974 kernel_motorola_msm8992 kernel_motorola_msm8996 kernel_nextbit_msm8992 kernel_oneplus_msm8994 kernel_oneplus_msm8996 kernel_oneplus_msm8998 kernel_oneplus_sdm845 kernel_oneplus_sm7250 kernel_oneplus_sm8150 kernel_razer_msm8998 kernel_samsung_jf kernel_xiaomi_sdm845 kernel_yandex_sdm660 kernel_zuk_msm8996";
startPatcher "kernel_asus_fugu kernel_cyanogen_msm8916 kernel_fairphone_msm8974 kernel_fairphone_sdm632 kernel_fxtec_msm8998 kernel_google_coral kernel_google_marlin kernel_google_msm-4.9 kernel_google_wahoo kernel_google_yellowstone kernel_htc_msm8974 kernel_lge_g3 kernel_lge_mako kernel_lge_msm8974 kernel_lge_msm8996 kernel_moto_shamu kernel_motorola_msm8916 kernel_motorola_msm8974 kernel_motorola_msm8992 kernel_motorola_msm8996 kernel_nextbit_msm8992 kernel_oneplus_msm8994 kernel_oneplus_msm8996 kernel_oneplus_sdm845 kernel_oneplus_sm7250 kernel_oneplus_sm8150 kernel_razer_msm8998 kernel_samsung_jf kernel_xiaomi_sdm845 kernel_yandex_sdm660 kernel_zuk_msm8996";
}
export -f patchAllKernels;
@ -96,8 +96,6 @@ buildAll() {
buildDevice FP3 avb;
#SD835
buildDevice cheryl verity;
buildDevice cheeseburger verity; #needs manual patching - vendor common makefile + not booting
buildDevice dumpling verity;
buildDevice taimen avb;
buildDevice walleye avb;
#SD845

View File

@ -297,9 +297,6 @@ enableVerity; #Resurrect dm-verity
enterAndClear "device/oneplus/oneplus2";
sed -i 's|etc/permissions/qti_libpermissions.xml|vendor/etc/permissions/qti_libpermissions.xml|' proprietary-files.txt;
enterAndClear "device/oneplus/msm8998-common";
awk -i inplace '!/TARGET_RELEASETOOLS_EXTENSIONS/' BoardConfigCommon.mk; #disable releasetools to fix delta ota generation
enterAndClear "device/oneplus/sm8150-common";
enableVerity; #Resurrect dm-verity

View File

@ -69,7 +69,7 @@ buildAll() {
#SD801
buildDevice bacon;
buildDevice klte; #unb18
buildDevice m8; #unb18
#buildDevice m8; #unb18
buildDevice victara; #error: +out/target/product/victara/recovery.img too large (10522624 >= 10485760)
#SD805
buildDevice shamu verity;
@ -83,8 +83,8 @@ buildAll() {
buildDevice oneplus3 verity;
#SD835
buildDevice cheryl verity;
buildDevice cheeseburger verity; #needs manual patching - vendor common makefile
buildDevice dumpling verity;
#buildDevice cheeseburger verity; #needs manual patching - vendor common makefile
#buildDevice dumpling verity;
buildDevice mata verity;
buildDevice taimen avb;
buildDevice walleye avb;

View File

@ -264,6 +264,7 @@ awk -i inplace '!/WfdCommon/' msm8996.mk; #fix breakage
enterAndClear "device/oneplus/msm8998-common";
awk -i inplace '!/TARGET_RELEASETOOLS_EXTENSIONS/' BoardConfigCommon.mk; #disable releasetools to fix delta ota generation
awk -i inplace '!/hal_camera_default, sensors_dbg_prop/' sepolicy/vendor/hal_camera_default.te; #Remove a neverallow
enterAndClear "device/oppo/common";
awk -i inplace '!/TARGET_RELEASETOOLS_EXTENSIONS/' BoardConfigCommon.mk; #disable releasetools to fix delta ota generation

View File

@ -1,3 +0,0 @@
- Fix PicoTTS inclusion
- Fix vintf in Android.bp deblobbing
- Fix signing on newer devices