diff --git a/Scripts/Common/Functions.sh b/Scripts/Common/Functions.sh index edebb19a..1e96a74a 100644 --- a/Scripts/Common/Functions.sh +++ b/Scripts/Common/Functions.sh @@ -1,6 +1,6 @@ #!/bin/bash #DivestOS: A privacy focused mobile distribution -#Copyright (c) 2017-2020 Divested Computing Group +#Copyright (c) 2017-2021 Divested Computing Group # #This program is free software: you can redistribute it and/or modify #it under the terms of the GNU General Public License as published by @@ -804,19 +804,6 @@ hardenDefconfig() { sed -i 's/CONFIG_DEFAULT_MMAP_MIN_ADDR=4096/CONFIG_DEFAULT_MMAP_MIN_ADDR=32768/' $defconfigPath &>/dev/null || true; sed -i 's/CONFIG_LSM_MMAP_MIN_ADDR=4096/CONFIG_LSM_MMAP_MIN_ADDR=32768/' $defconfigPath &>/dev/null || true; - #Resurrect dm-verity XXX: This needs a better home - sed -i 's/^\treturn VERITY_STATE_DISABLE;//' drivers/md/dm-android-verity.c &>/dev/null || true; - #sed -i 's/#if 0/#if 1/' drivers/power/reset/msm-poweroff.c &>/dev/null || true; - - #Workaround broken MSM_DLOAD_MODE=y+PANIC_ON_OOPS=y for devices that oops on shutdown - #MSM_DLOAD_MODE can't be disabled as it breaks compile - sed -i 's/set_dload_mode(in_panic)/set_dload_mode(0)/' arch/arm/mach-msm/restart.c &>/dev/null || true; - - #Disable slub/slab merging - sed -i 's/static int slub_nomerge;/static int slub_nomerge = 1;/' mm/slub.c &>/dev/null || true; #2.6.22-3.17 - sed -i 's/static int slab_nomerge;/static int slab_nomerge = 1;/' mm/slab_common.c &>/dev/null || true; #3.18-4.12 - sed -i 's/static bool slab_nomerge = !IS_ENABLED(CONFIG_SLAB_MERGE_DEFAULT);/static bool slab_nomerge = true;/' mm/slab_common.c &>/dev/null || true; #4.13+ - editKernelLocalversion "-dos"; echo "Hardened defconfig for $1"; diff --git a/Scripts/Common/Post.sh b/Scripts/Common/Post.sh new file mode 100644 index 00000000..b49a29f0 --- /dev/null +++ b/Scripts/Common/Post.sh @@ -0,0 +1,29 @@ +#!/bin/bash +#DivestOS: A privacy focused mobile distribution +#Copyright (c) 2017-2021 Divested Computing Group +# +#This program is free software: you can redistribute it and/or modify +#it under the terms of the GNU General Public License as published by +#the Free Software Foundation, either version 3 of the License, or +#(at your option) any later version. +# +#This program is distributed in the hope that it will be useful, +#but WITHOUT ANY WARRANTY; without even the implied warranty of +#MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +#GNU General Public License for more details. +# +#You should have received a copy of the GNU General Public License +#along with this program. If not, see . + +#Resurrect dm-verity +sed -i 's/^\treturn VERITY_STATE_DISABLE;//' kernel/*/*/drivers/md/dm-android-verity.c &>/dev/null || true; +#sed -i 's/#if 0/#if 1/' kernel/*/*/drivers/power/reset/msm-poweroff.c &>/dev/null || true; + +#Workaround broken MSM_DLOAD_MODE=y+PANIC_ON_OOPS=y for devices that oops on shutdown +#MSM_DLOAD_MODE can't be disabled as it breaks compile +sed -i 's/set_dload_mode(in_panic)/set_dload_mode(0)/' kernel/*/*/arch/arm/mach-msm/restart.c &>/dev/null || true; + +#Disable slub/slab merging +sed -i 's/static int slub_nomerge;/static int slub_nomerge = 1;/' kernel/*/*/mm/slub.c &>/dev/null || true; #2.6.22-3.17 +sed -i 's/static int slab_nomerge;/static int slab_nomerge = 1;/' kernel/*/*/mm/slab_common.c &>/dev/null || true; #3.18-4.12 +sed -i 's/static bool slab_nomerge = !IS_ENABLED(CONFIG_SLAB_MERGE_DEFAULT);/static bool slab_nomerge = true;/' kernel/*/*/mm/slab_common.c &>/dev/null || true; #4.13+ diff --git a/Scripts/LineageOS-11.0/Functions.sh b/Scripts/LineageOS-11.0/Functions.sh index 4cc88b94..e6a206e9 100644 --- a/Scripts/LineageOS-11.0/Functions.sh +++ b/Scripts/LineageOS-11.0/Functions.sh @@ -71,6 +71,7 @@ patchWorkspace() { source "$DOS_SCRIPTS_COMMON/Optimize.sh"; source "$DOS_SCRIPTS_COMMON/Deblob.sh"; source "$DOS_SCRIPTS_COMMON/Patch_CVE.sh"; + source "$DOS_SCRIPTS_COMMON/Post.sh"; source build/envsetup.sh; } export -f patchWorkspace; diff --git a/Scripts/LineageOS-14.1/Functions.sh b/Scripts/LineageOS-14.1/Functions.sh index 09f77cd7..01f7118f 100644 --- a/Scripts/LineageOS-14.1/Functions.sh +++ b/Scripts/LineageOS-14.1/Functions.sh @@ -107,6 +107,7 @@ patchWorkspace() { source "$DOS_SCRIPTS_COMMON/Optimize.sh"; source "$DOS_SCRIPTS_COMMON/Deblob.sh"; source "$DOS_SCRIPTS_COMMON/Patch_CVE.sh"; + source "$DOS_SCRIPTS_COMMON/Post.sh"; source build/envsetup.sh; } export -f patchWorkspace; diff --git a/Scripts/LineageOS-15.1/Functions.sh b/Scripts/LineageOS-15.1/Functions.sh index 8d7b0ee9..2f8556b0 100644 --- a/Scripts/LineageOS-15.1/Functions.sh +++ b/Scripts/LineageOS-15.1/Functions.sh @@ -95,6 +95,7 @@ patchWorkspace() { source "$DOS_SCRIPTS_COMMON/Optimize.sh"; source "$DOS_SCRIPTS_COMMON/Deblob.sh"; source "$DOS_SCRIPTS_COMMON/Patch_CVE.sh"; + source "$DOS_SCRIPTS_COMMON/Post.sh"; source build/envsetup.sh; } export -f patchWorkspace; diff --git a/Scripts/LineageOS-16.0/Functions.sh b/Scripts/LineageOS-16.0/Functions.sh index d46f2c03..4e017940 100644 --- a/Scripts/LineageOS-16.0/Functions.sh +++ b/Scripts/LineageOS-16.0/Functions.sh @@ -84,6 +84,7 @@ patchWorkspace() { source "$DOS_SCRIPTS_COMMON/Optimize.sh"; source "$DOS_SCRIPTS_COMMON/Deblob.sh"; source "$DOS_SCRIPTS_COMMON/Patch_CVE.sh"; + source "$DOS_SCRIPTS_COMMON/Post.sh"; source build/envsetup.sh; } export -f patchWorkspace; diff --git a/Scripts/LineageOS-17.1/Functions.sh b/Scripts/LineageOS-17.1/Functions.sh index 32453704..96b95387 100644 --- a/Scripts/LineageOS-17.1/Functions.sh +++ b/Scripts/LineageOS-17.1/Functions.sh @@ -103,6 +103,7 @@ patchWorkspace() { source "$DOS_SCRIPTS_COMMON/Optimize.sh"; source "$DOS_SCRIPTS_COMMON/Deblob.sh"; source "$DOS_SCRIPTS_COMMON/Patch_CVE.sh"; + source "$DOS_SCRIPTS_COMMON/Post.sh"; source build/envsetup.sh; #Deblobbing fixes diff --git a/Scripts/LineageOS-18.1/Functions.sh b/Scripts/LineageOS-18.1/Functions.sh index 5ad39978..a0e11354 100644 --- a/Scripts/LineageOS-18.1/Functions.sh +++ b/Scripts/LineageOS-18.1/Functions.sh @@ -137,6 +137,7 @@ patchWorkspace() { source "$DOS_SCRIPTS_COMMON/Optimize.sh"; source "$DOS_SCRIPTS_COMMON/Deblob.sh"; source "$DOS_SCRIPTS_COMMON/Patch_CVE.sh"; + source "$DOS_SCRIPTS_COMMON/Post.sh"; source build/envsetup.sh; #Deblobbing fixes