mirror of
https://github.com/Divested-Mobile/DivestOS-Build.git
synced 2024-12-24 15:09:34 -05:00
Move some changes into a new Post.sh
Signed-off-by: Tad <tad@spotco.us>
This commit is contained in:
parent
083e2048f8
commit
cf3a12cb5a
@ -1,6 +1,6 @@
|
||||
#!/bin/bash
|
||||
#DivestOS: A privacy focused mobile distribution
|
||||
#Copyright (c) 2017-2020 Divested Computing Group
|
||||
#Copyright (c) 2017-2021 Divested Computing Group
|
||||
#
|
||||
#This program is free software: you can redistribute it and/or modify
|
||||
#it under the terms of the GNU General Public License as published by
|
||||
@ -804,19 +804,6 @@ hardenDefconfig() {
|
||||
sed -i 's/CONFIG_DEFAULT_MMAP_MIN_ADDR=4096/CONFIG_DEFAULT_MMAP_MIN_ADDR=32768/' $defconfigPath &>/dev/null || true;
|
||||
sed -i 's/CONFIG_LSM_MMAP_MIN_ADDR=4096/CONFIG_LSM_MMAP_MIN_ADDR=32768/' $defconfigPath &>/dev/null || true;
|
||||
|
||||
#Resurrect dm-verity XXX: This needs a better home
|
||||
sed -i 's/^\treturn VERITY_STATE_DISABLE;//' drivers/md/dm-android-verity.c &>/dev/null || true;
|
||||
#sed -i 's/#if 0/#if 1/' drivers/power/reset/msm-poweroff.c &>/dev/null || true;
|
||||
|
||||
#Workaround broken MSM_DLOAD_MODE=y+PANIC_ON_OOPS=y for devices that oops on shutdown
|
||||
#MSM_DLOAD_MODE can't be disabled as it breaks compile
|
||||
sed -i 's/set_dload_mode(in_panic)/set_dload_mode(0)/' arch/arm/mach-msm/restart.c &>/dev/null || true;
|
||||
|
||||
#Disable slub/slab merging
|
||||
sed -i 's/static int slub_nomerge;/static int slub_nomerge = 1;/' mm/slub.c &>/dev/null || true; #2.6.22-3.17
|
||||
sed -i 's/static int slab_nomerge;/static int slab_nomerge = 1;/' mm/slab_common.c &>/dev/null || true; #3.18-4.12
|
||||
sed -i 's/static bool slab_nomerge = !IS_ENABLED(CONFIG_SLAB_MERGE_DEFAULT);/static bool slab_nomerge = true;/' mm/slab_common.c &>/dev/null || true; #4.13+
|
||||
|
||||
editKernelLocalversion "-dos";
|
||||
|
||||
echo "Hardened defconfig for $1";
|
||||
|
29
Scripts/Common/Post.sh
Normal file
29
Scripts/Common/Post.sh
Normal file
@ -0,0 +1,29 @@
|
||||
#!/bin/bash
|
||||
#DivestOS: A privacy focused mobile distribution
|
||||
#Copyright (c) 2017-2021 Divested Computing Group
|
||||
#
|
||||
#This program is free software: you can redistribute it and/or modify
|
||||
#it under the terms of the GNU General Public License as published by
|
||||
#the Free Software Foundation, either version 3 of the License, or
|
||||
#(at your option) any later version.
|
||||
#
|
||||
#This program is distributed in the hope that it will be useful,
|
||||
#but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
#MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
#GNU General Public License for more details.
|
||||
#
|
||||
#You should have received a copy of the GNU General Public License
|
||||
#along with this program. If not, see <https://www.gnu.org/licenses/>.
|
||||
|
||||
#Resurrect dm-verity
|
||||
sed -i 's/^\treturn VERITY_STATE_DISABLE;//' kernel/*/*/drivers/md/dm-android-verity.c &>/dev/null || true;
|
||||
#sed -i 's/#if 0/#if 1/' kernel/*/*/drivers/power/reset/msm-poweroff.c &>/dev/null || true;
|
||||
|
||||
#Workaround broken MSM_DLOAD_MODE=y+PANIC_ON_OOPS=y for devices that oops on shutdown
|
||||
#MSM_DLOAD_MODE can't be disabled as it breaks compile
|
||||
sed -i 's/set_dload_mode(in_panic)/set_dload_mode(0)/' kernel/*/*/arch/arm/mach-msm/restart.c &>/dev/null || true;
|
||||
|
||||
#Disable slub/slab merging
|
||||
sed -i 's/static int slub_nomerge;/static int slub_nomerge = 1;/' kernel/*/*/mm/slub.c &>/dev/null || true; #2.6.22-3.17
|
||||
sed -i 's/static int slab_nomerge;/static int slab_nomerge = 1;/' kernel/*/*/mm/slab_common.c &>/dev/null || true; #3.18-4.12
|
||||
sed -i 's/static bool slab_nomerge = !IS_ENABLED(CONFIG_SLAB_MERGE_DEFAULT);/static bool slab_nomerge = true;/' kernel/*/*/mm/slab_common.c &>/dev/null || true; #4.13+
|
@ -71,6 +71,7 @@ patchWorkspace() {
|
||||
source "$DOS_SCRIPTS_COMMON/Optimize.sh";
|
||||
source "$DOS_SCRIPTS_COMMON/Deblob.sh";
|
||||
source "$DOS_SCRIPTS_COMMON/Patch_CVE.sh";
|
||||
source "$DOS_SCRIPTS_COMMON/Post.sh";
|
||||
source build/envsetup.sh;
|
||||
}
|
||||
export -f patchWorkspace;
|
||||
|
@ -107,6 +107,7 @@ patchWorkspace() {
|
||||
source "$DOS_SCRIPTS_COMMON/Optimize.sh";
|
||||
source "$DOS_SCRIPTS_COMMON/Deblob.sh";
|
||||
source "$DOS_SCRIPTS_COMMON/Patch_CVE.sh";
|
||||
source "$DOS_SCRIPTS_COMMON/Post.sh";
|
||||
source build/envsetup.sh;
|
||||
}
|
||||
export -f patchWorkspace;
|
||||
|
@ -95,6 +95,7 @@ patchWorkspace() {
|
||||
source "$DOS_SCRIPTS_COMMON/Optimize.sh";
|
||||
source "$DOS_SCRIPTS_COMMON/Deblob.sh";
|
||||
source "$DOS_SCRIPTS_COMMON/Patch_CVE.sh";
|
||||
source "$DOS_SCRIPTS_COMMON/Post.sh";
|
||||
source build/envsetup.sh;
|
||||
}
|
||||
export -f patchWorkspace;
|
||||
|
@ -84,6 +84,7 @@ patchWorkspace() {
|
||||
source "$DOS_SCRIPTS_COMMON/Optimize.sh";
|
||||
source "$DOS_SCRIPTS_COMMON/Deblob.sh";
|
||||
source "$DOS_SCRIPTS_COMMON/Patch_CVE.sh";
|
||||
source "$DOS_SCRIPTS_COMMON/Post.sh";
|
||||
source build/envsetup.sh;
|
||||
}
|
||||
export -f patchWorkspace;
|
||||
|
@ -103,6 +103,7 @@ patchWorkspace() {
|
||||
source "$DOS_SCRIPTS_COMMON/Optimize.sh";
|
||||
source "$DOS_SCRIPTS_COMMON/Deblob.sh";
|
||||
source "$DOS_SCRIPTS_COMMON/Patch_CVE.sh";
|
||||
source "$DOS_SCRIPTS_COMMON/Post.sh";
|
||||
source build/envsetup.sh;
|
||||
|
||||
#Deblobbing fixes
|
||||
|
@ -137,6 +137,7 @@ patchWorkspace() {
|
||||
source "$DOS_SCRIPTS_COMMON/Optimize.sh";
|
||||
source "$DOS_SCRIPTS_COMMON/Deblob.sh";
|
||||
source "$DOS_SCRIPTS_COMMON/Patch_CVE.sh";
|
||||
source "$DOS_SCRIPTS_COMMON/Post.sh";
|
||||
source build/envsetup.sh;
|
||||
|
||||
#Deblobbing fixes
|
||||
|
Loading…
Reference in New Issue
Block a user