mirror of
https://github.com/Divested-Mobile/DivestOS-Build.git
synced 2024-12-28 17:09:39 -05:00
processRelease features
- support removing device out after complete - support malware scan before sign - Update cherry picks
This commit is contained in:
parent
bffcd06644
commit
e13c6c7c9c
@ -174,6 +174,12 @@ processRelease() {
|
||||
echo -e "\e[0;32m\t+ Verified Boot 2.0\e[0m";
|
||||
fi;
|
||||
|
||||
#Malware Scan
|
||||
if [ "$DOS_MALWARE_SCAN_BEFORE_SIGN" = true ]; then
|
||||
echo -e "\e[0;32mScanning files for malware before signing\e[0m";
|
||||
scanForMalware false "$OUT_DIR/system";
|
||||
fi;
|
||||
|
||||
#Target Files
|
||||
echo -e "\e[0;32mSigning target files\e[0m";
|
||||
build/tools/releasetools/sign_target_files_apks -o -d "$KEY_DIR" \
|
||||
@ -228,7 +234,16 @@ processRelease() {
|
||||
cp -v $OUT_DIR/$PREFIX-fastboot.zip* $ARCHIVE/fastboot/ || true;
|
||||
cp -v $OUT_DIR/$PREFIX-ota.zip* $ARCHIVE/;
|
||||
cp -v $OUT_DIR/$PREFIX-incremental_*.zip* $ARCHIVE/incrementals/ || true;
|
||||
|
||||
#Remove to make space for next build
|
||||
if [ "$DOS_REMOVE_AFTER" = true ]; then
|
||||
echo -e "\e[0;32mRemoving to reclaim space\e[0m";
|
||||
#TODO: add a sanity check
|
||||
rm -rf "$OUT_DIR";
|
||||
fi;
|
||||
fi;
|
||||
|
||||
sync;
|
||||
echo -e "\e[0;32mRelease processing complete\e[0m";
|
||||
}
|
||||
export -f processRelease;
|
||||
|
@ -59,12 +59,14 @@ patchWorkspace() {
|
||||
source build/envsetup.sh;
|
||||
repopick -it asb-2018.09-cm11-qcom;
|
||||
repopick -i 230054 230392; #asb disclaimer
|
||||
repopick -it asb-2019.03-cm11;
|
||||
#repopick -it asb-2019.03-cm11;
|
||||
#repopick -it asb-2019.04-cm11 -e 246293;
|
||||
repopick -it asb-2019.05-cm11;
|
||||
repopick -it asb-2019.06-cm11;
|
||||
repopick -it asb-2019.07-cm11;
|
||||
repopick -it asb-2019.08-cm11;
|
||||
repopick -it asb-2019.09-cm11;
|
||||
repopick -it asb-2019.10-cm11;
|
||||
|
||||
source "$DOS_SCRIPTS/Patch.sh";
|
||||
source "$DOS_SCRIPTS/Defaults.sh";
|
||||
|
@ -100,9 +100,7 @@ export -f buildAll;
|
||||
patchWorkspace() {
|
||||
if [ "$DOS_MALWARE_SCAN_ENABLED" = true ]; then scanForMalware false "$DOS_PREBUILT_APPS $DOS_BUILD_BASE/build $DOS_BUILD_BASE/device $DOS_BUILD_BASE/vendor/lineage"; fi;
|
||||
|
||||
source build/envsetup.sh;
|
||||
repopick -it tzdata-2019c-o;
|
||||
repopick -it O_asb_2019-10;
|
||||
#source build/envsetup.sh;
|
||||
|
||||
export DOS_GRAPHENE_MALLOC=false; #patches apply, compile fails
|
||||
|
||||
|
@ -1,8 +1,5 @@
|
||||
#!/bin/bash
|
||||
cd "$DOS_BUILD_BASE""kernel/essential/msm8998"
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/4.4/4.4.0187-0188.patch --exclude=Makefile
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/4.4/4.4.0188-0189.patch --exclude=Makefile
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/4.4/4.4.0192-0193.patch --exclude=Makefile
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.10+/0016.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.10+/0020.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/ANY/0001.patch
|
||||
@ -60,13 +57,10 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13914/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13917/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13920/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-3597/ANY/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5831/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5857/4.4/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5858/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5896/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5897/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5897/ANY/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5898/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5905/ANY/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5906/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5908/4.4/0003.patch
|
||||
@ -75,7 +69,8 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5910/4.4/0003.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7273/^4.15.4/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-8043/^4.15.8/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9415/ANY/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10491/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10503/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10503/ANY/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10515/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10524/ANY/0003.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12378/^5.1.5/0001.patch
|
||||
@ -89,10 +84,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-17055/^5.3.2/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-17056/^5.3.2/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0011.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0012.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2181/4.4/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2264/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2323/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2331/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2333/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2341/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-8912/^4.20.11/0001.patch
|
||||
@ -100,6 +92,5 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6693/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6696/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14875/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11274/ANY/0001.patch
|
||||
editKernelLocalversion "-dos.p101"
|
||||
editKernelLocalversion "-dos.p92"
|
||||
cd "$DOS_BUILD_BASE"
|
||||
|
@ -113,9 +113,6 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11818/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11832/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11939/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11984/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11988/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11988/ANY/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-12011/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13094/^4.17.3/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-15594/^4.18.1/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-18690/^4.17/0001.patch
|
||||
@ -125,9 +122,6 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7273/^4.15.4/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-8043/^4.15.8/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9415/ANY/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10142/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10491/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10512/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10529/ANY/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10638/^4.1/0003.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11486/^5.0.8/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11833/^5.1.2/0001.patch
|
||||
@ -148,13 +142,8 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15807/^5.1.13/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15916/^5.0.1/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15926/^5.2.3/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-17052/^5.3.2/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2181/3.18/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2215/^3.18/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2263/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2290/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2331/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2341/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2345/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-3459/^5.1/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-3460/^5.1/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-8912/^4.20.11/0001.patch
|
||||
@ -166,5 +155,5 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6696/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0610/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14883/ANY/0001.patch
|
||||
editKernelLocalversion "-dos.p166"
|
||||
editKernelLocalversion "-dos.p155"
|
||||
cd "$DOS_BUILD_BASE"
|
||||
|
@ -112,8 +112,6 @@ patchWorkspace() {
|
||||
|
||||
source build/envsetup.sh;
|
||||
repopick -f 254249; #g3 nfc
|
||||
repopick -it tzdata-2019c-p;
|
||||
repopick -it P_asb_2019-10;
|
||||
|
||||
source "$DOS_SCRIPTS/Patch.sh";
|
||||
source "$DOS_SCRIPTS/Defaults.sh";
|
||||
|
@ -17,12 +17,21 @@
|
||||
|
||||
#Sets settings used by all other scripts
|
||||
|
||||
#
|
||||
#START OF USER CONFIGURABLE OPTIONS
|
||||
#
|
||||
#General
|
||||
export ANDROID_HOME="/home/$USER/Android/Sdk";
|
||||
export DOS_WORKSPACE_ROOT="/mnt/Drive-3/"; #XXX: THIS MUST BE CORRECT TO BUILD!
|
||||
export DOS_SIGNING_KEYS=$DOS_WORKSPACE_ROOT"Signing_Keys/4096";
|
||||
#export USE_CCACHE=1;
|
||||
#export CCACHE_DIR="";
|
||||
#export DOS_BINARY_PATCHER="";
|
||||
#export DOS_TOR_WRAPPER="torsocks"; #Uncomment to perform select build operations over Tor
|
||||
export DOS_MALWARE_SCAN_ENABLED=true; #Set true to perform a fast scan on patchWorkspace() and a through scan on buildAll()
|
||||
export DOS_MALWARE_SCAN_SETTING="quick"; #buildAll() scan speed. Options: quick, extra, slow, full
|
||||
|
||||
#Deblobber
|
||||
export DOS_DEBLOBBER_REMOVE_ACCESSORIES=true; #Set false to allow use of external accessories
|
||||
export DOS_DEBLOBBER_REMOVE_AUDIOFX=true; #Set true to remove AudioFX
|
||||
export DOS_DEBLOBBER_REMOVE_GRAPHICS=false; #Set true to remove all graphics blobs and use SwiftShader CPU renderer #TODO: Needs work
|
||||
@ -33,7 +42,7 @@ export DOS_DEBLOBBER_REMOVE_IPA=false; #Set true to remove all IPA blobs
|
||||
export DOS_DEBLOBBER_REMOVE_IR=false; #Set true to remove all IR blobs
|
||||
export DOS_DEBLOBBER_REPLACE_TIME=false; #Set true to replace Qualcomm Time Services with the open source Sony TimeKeep reimplementation #TODO: Needs work
|
||||
|
||||
export DOS_BUILDALL_SUPERSEDED=false; #Set true to build superseded devices when running buildAll()
|
||||
#Features
|
||||
export DOS_GPS_GLONASS_FORCED=true; #Enables GLONASS on all devices
|
||||
export DOS_GRAPHENE_MALLOC=true; #Enables use of GrapheneOS' hardened memory allocator on 64-bit platforms
|
||||
export DOS_GRAPHENE_EXEC=true; #Enables use of GrapheneOS' exec spawning feature
|
||||
@ -41,8 +50,6 @@ export DOS_HOSTS_BLOCKING=true; #Switch to false to prevent inclusion of our HOS
|
||||
export DOS_HOSTS_BLOCKING_APP="DNS66"; #App installed when built-in blocking is disabled. Options: Blokada, DNS66
|
||||
export DOS_HOSTS_BLOCKING_LIST="https://divestos.org/hosts"; #Must be in the format "127.0.0.1 bad.domain.tld"
|
||||
export DOS_LOWRAM_ENABLED=false; #Switch to true to enable low_ram on all devices
|
||||
export DOS_MALWARE_SCAN_ENABLED=true; #Set true to perform a fast scan on patchWorkspace() and a through scan on buildAll()
|
||||
export DOS_MALWARE_SCAN_SETTING="quick"; #buildAll() scan speed. Options: quick, extra, slow, full
|
||||
export DOS_MICROG_INCLUDED="NLP"; #Determines inclusion of microG. Options: NONE, NLP, FULL
|
||||
export DOS_NON_COMMERCIAL_USE_PATCHES=false; #Switch to false to prevent inclusion of non-commercial use patches XXX: Unused, see 1dc9247
|
||||
export DOS_OPTIMIZE_IMAGES=false; #Set true to apply lossless optimizations to image resources
|
||||
@ -50,13 +57,19 @@ export DOS_OVERCLOCKS_ENABLED=false; #Switch to false to disable overclocks #XXX
|
||||
export DOS_STRONG_ENCRYPTION_ENABLED=false; #Switch to true to enable AES-256bit encryption on 14.1+15.1 XXX: THIS WILL **DESTROY** EXISTING INSTALLS!
|
||||
export DOS_WIREGUARD_INCLUDED=false; #Switch to true to enable WireGuard kernel module inclusion
|
||||
|
||||
#Servers
|
||||
export DOS_DEFAULT_DNS_PRESET="OpenNIC"; #Sets default DNS. Options: CensurfriDNS, Cloudflare, OpenNIC, DNSWATCH, Google, Neustar(-NOBL), OpenDNS, Quad9(-NOBL), Verisign, Yandex(-NOBL)
|
||||
export DOS_GPS_NTP_SERVER="1.android.pool.ntp.org"; #Options: Any NTP pool
|
||||
export DOS_GPS_SUPL_HOST="supl.google.com"; #Options: supl.{google,vodafone,sonyericsson}.com
|
||||
|
||||
export DOS_AUTO_ARCHIVE_BUILDS=true; #Copies files to $DOS_BUILDS after signing
|
||||
#Release Processing
|
||||
export DOS_BUILDALL_SUPERSEDED=false; #Set true to build superseded devices when running buildAll()
|
||||
export DOS_MALWARE_SCAN_BEFORE_SIGN=false; #Scan device files for malware before signing
|
||||
export DOS_GENERATE_DELTAS=true; #Creates deltas from existing target_files in $DOS_BUILDS
|
||||
export DOS_AUTO_ARCHIVE_BUILDS=true; #Copies files to $DOS_BUILDS after signing
|
||||
export DOS_REMOVE_AFTER=true; #Removes device OUT directory after complete to reclaim space. Requires AUTO_ARCHIVE_BUILDS=true
|
||||
|
||||
#Branding
|
||||
export DOS_BRANDING_NAME="DivestOS";
|
||||
export DOS_BRANDING_ZIP_PREFIX="divested";
|
||||
export DOS_BRANDING_BOOTANIMATION_FONT="Fira-Sans-Bold"; #Options: $ convert -list font
|
||||
@ -68,17 +81,16 @@ export DOS_BRANDING_LINK_PRIVACY="https://divestos.org/index.php?page=privacy_po
|
||||
export DOS_BRANDING_SERVER_OTA="https://divestos.org/updater.php";
|
||||
export DOS_BRANDING_SERVER_OTA_ONION=$DOS_BRANDING_SERVER_OTA;
|
||||
|
||||
#Theme
|
||||
export DOS_THEME_50="FFCA28"; #Amber 400
|
||||
export DOS_THEME_100="FFC107"; #Amber 500
|
||||
export DOS_THEME_200="FFA726"; #Orange 400
|
||||
export DOS_THEME_300="FF9800"; #Orange 500
|
||||
export DOS_THEME_500="FF5722"; #Deep Orange 500
|
||||
export DOS_THEME_700="E64A19"; #Deep Orange 700
|
||||
|
||||
#export USE_CCACHE=1;
|
||||
#export CCACHE_DIR="";
|
||||
export ANDROID_HOME="/home/$USER/Android/Sdk";
|
||||
#
|
||||
#END OF USER CONFIGURABLE OPTIONS
|
||||
#
|
||||
|
||||
gpgVerifyGitHead() {
|
||||
if [ -r "$HOME/.gnupg" ]; then
|
||||
|
Loading…
Reference in New Issue
Block a user