mirror of
https://github.com/Divested-Mobile/DivestOS-Build.git
synced 2024-12-25 07:29:24 -05:00
Minor tweaks
This commit is contained in:
parent
2aa65e6b16
commit
f5462dd23c
@ -75,7 +75,7 @@
|
|||||||
<project path="external/bson" name="LineageOS/android_external_bson" remote="github" />
|
<project path="external/bson" name="LineageOS/android_external_bson" remote="github" />
|
||||||
<project path="external/sony/boringssl-compat" name="LineageOS/android_external_sony_boringssl-compat" remote="github" />
|
<project path="external/sony/boringssl-compat" name="LineageOS/android_external_sony_boringssl-compat" remote="github" />
|
||||||
<project path="hardware/sony/thermanager" name="LineageOS/android_hardware_sony_thermanager" remote="github" />
|
<project path="hardware/sony/thermanager" name="LineageOS/android_hardware_sony_thermanager" remote="github" />
|
||||||
<project path="hardware/sony/timekeep" name="LineageOS/android_hardware_sony_timekeep" remote="github" />
|
<!--<project path="hardware/sony/timekeep" name="LineageOS/android_hardware_sony_timekeep" remote="github" />-->
|
||||||
<project path="kernel/google/msm" name="LineageOS/android_kernel_google_msm" remote="github" />
|
<project path="kernel/google/msm" name="LineageOS/android_kernel_google_msm" remote="github" />
|
||||||
|
|
||||||
<!-- Essential PH-1 (mata) -->
|
<!-- Essential PH-1 (mata) -->
|
||||||
|
@ -27,22 +27,24 @@ index 7a370596e..35bf44a7b 100755
|
|||||||
}
|
}
|
||||||
|
|
||||||
// We must have some place other than / to create the device nodes for
|
// We must have some place other than / to create the device nodes for
|
||||||
diff --git a/rootdir/init.rc b/rootdir/init.rc
|
|
||||||
index 498203c83..4875ff54b 100644
|
|
||||||
--- a/rootdir/init.rc
|
--- a/rootdir/init.rc
|
||||||
+++ b/rootdir/init.rc
|
+++ b/rootdir/init.rc
|
||||||
@@ -126,6 +126,14 @@ on init
|
@@ -126,7 +126,18 @@ on init
|
||||||
write /proc/sys/kernel/sched_child_runs_first 0
|
write /proc/sys/kernel/sched_child_runs_first 0
|
||||||
|
|
||||||
write /proc/sys/kernel/randomize_va_space 2
|
write /proc/sys/kernel/randomize_va_space 2
|
||||||
|
+ write /proc/sys/kernel/dmesg_restrict 1
|
||||||
+ write /proc/sys/fs/protected_hardlinks 1
|
+ write /proc/sys/fs/protected_hardlinks 1
|
||||||
+ write /proc/sys/fs/protected_symlinks 1
|
+ write /proc/sys/fs/protected_symlinks 1
|
||||||
+ write /proc/sys/fs/protected_fifos 1
|
+ write /proc/sys/fs/protected_fifos 1
|
||||||
+ write /proc/sys/fs/protected_regular 1
|
+ write /proc/sys/fs/protected_regular 1
|
||||||
+ write /proc/sys/net/ipv4/tcp_sack 0
|
+ write /proc/sys/net/ipv4/tcp_sack 0
|
||||||
+ write /proc/sys/net/ipv6/conf/all/use_tempaddr 2
|
+ write /proc/sys/net/ipv6/conf/all/use_tempaddr 2
|
||||||
|
+ write /proc/sys/net/ipv6/conf/all/max_addresses 128
|
||||||
|
+ write /proc/sys/net/ipv6/conf/all/temp_prefered_lft 21600
|
||||||
+ write /proc/sys/net/ipv6/conf/default/use_tempaddr 2
|
+ write /proc/sys/net/ipv6/conf/default/use_tempaddr 2
|
||||||
+ write /proc/sys/kernel/dmesg_restrict 1
|
+ write /proc/sys/net/ipv6/conf/default/max_addresses 128
|
||||||
|
+ write /proc/sys/net/ipv6/conf/default/temp_prefered_lft 21600
|
||||||
write /proc/sys/kernel/kptr_restrict 2
|
write /proc/sys/kernel/kptr_restrict 2
|
||||||
write /proc/sys/vm/mmap_min_addr 32768
|
write /proc/sys/vm/mmap_min_addr 32768
|
||||||
write /proc/sys/net/ipv4/ping_group_range "0 2147483647"
|
write /proc/sys/net/ipv4/ping_group_range "0 2147483647"
|
||||||
|
@ -31,23 +31,24 @@ index 35fc442d0..b65686f93 100644
|
|||||||
mount("selinuxfs", "/sys/fs/selinux", "selinuxfs", 0, NULL);
|
mount("selinuxfs", "/sys/fs/selinux", "selinuxfs", 0, NULL);
|
||||||
mknod("/dev/kmsg", S_IFCHR | 0600, makedev(1, 11));
|
mknod("/dev/kmsg", S_IFCHR | 0600, makedev(1, 11));
|
||||||
mknod("/dev/random", S_IFCHR | 0666, makedev(1, 8));
|
mknod("/dev/random", S_IFCHR | 0666, makedev(1, 8));
|
||||||
diff --git a/rootdir/init.rc b/rootdir/init.rc
|
|
||||||
index f9cb4a3ef..c3cea4eb6 100644
|
|
||||||
--- a/rootdir/init.rc
|
--- a/rootdir/init.rc
|
||||||
+++ b/rootdir/init.rc
|
+++ b/rootdir/init.rc
|
||||||
@@ -124,6 +124,15 @@ on init
|
@@ -124,6 +124,18 @@ on init
|
||||||
write /proc/sys/kernel/sched_wakeup_granularity_ns 2000000
|
write /proc/sys/kernel/sched_wakeup_granularity_ns 2000000
|
||||||
write /proc/sys/kernel/sched_child_runs_first 0
|
write /proc/sys/kernel/sched_child_runs_first 0
|
||||||
|
|
||||||
+ write /proc/sys/kernel/dmesg_restrict 1
|
+ write /proc/sys/kernel/dmesg_restrict 1
|
||||||
+ write /proc/sys/kernel/kptr_restrict 2
|
|
||||||
+ write /proc/sys/fs/protected_hardlinks 1
|
+ write /proc/sys/fs/protected_hardlinks 1
|
||||||
+ write /proc/sys/fs/protected_symlinks 1
|
+ write /proc/sys/fs/protected_symlinks 1
|
||||||
+ write /proc/sys/fs/protected_fifos 1
|
+ write /proc/sys/fs/protected_fifos 1
|
||||||
+ write /proc/sys/fs/protected_regular 1
|
+ write /proc/sys/fs/protected_regular 1
|
||||||
+ write /proc/sys/net/ipv4/tcp_sack 0
|
+ write /proc/sys/net/ipv4/tcp_sack 0
|
||||||
+ write /proc/sys/net/ipv6/conf/all/use_tempaddr 2
|
+ write /proc/sys/net/ipv6/conf/all/use_tempaddr 2
|
||||||
|
+ write /proc/sys/net/ipv6/conf/all/max_addresses 128
|
||||||
|
+ write /proc/sys/net/ipv6/conf/all/temp_prefered_lft 21600
|
||||||
+ write /proc/sys/net/ipv6/conf/default/use_tempaddr 2
|
+ write /proc/sys/net/ipv6/conf/default/use_tempaddr 2
|
||||||
|
+ write /proc/sys/net/ipv6/conf/default/max_addresses 128
|
||||||
|
+ write /proc/sys/net/ipv6/conf/default/temp_prefered_lft 21600
|
||||||
write /proc/sys/kernel/randomize_va_space 2
|
write /proc/sys/kernel/randomize_va_space 2
|
||||||
write /proc/sys/vm/mmap_min_addr 32768
|
write /proc/sys/vm/mmap_min_addr 32768
|
||||||
write /proc/sys/net/ipv4/ping_group_range "0 2147483647"
|
write /proc/sys/net/ipv4/ping_group_range "0 2147483647"
|
||||||
|
@ -31,23 +31,24 @@ index eb9dd755b..504a6d13e 100644
|
|||||||
mount("selinuxfs", "/sys/fs/selinux", "selinuxfs", 0, NULL);
|
mount("selinuxfs", "/sys/fs/selinux", "selinuxfs", 0, NULL);
|
||||||
|
|
||||||
mknod("/dev/kmsg", S_IFCHR | 0600, makedev(1, 11));
|
mknod("/dev/kmsg", S_IFCHR | 0600, makedev(1, 11));
|
||||||
diff --git a/rootdir/init.rc b/rootdir/init.rc
|
|
||||||
index 4a8a60a96..acd1d06d1 100644
|
|
||||||
--- a/rootdir/init.rc
|
--- a/rootdir/init.rc
|
||||||
+++ b/rootdir/init.rc
|
+++ b/rootdir/init.rc
|
||||||
@@ -121,6 +121,15 @@ on init
|
@@ -121,6 +121,18 @@ on init
|
||||||
write /proc/sys/kernel/sched_wakeup_granularity_ns 2000000
|
write /proc/sys/kernel/sched_wakeup_granularity_ns 2000000
|
||||||
write /proc/sys/kernel/sched_child_runs_first 0
|
write /proc/sys/kernel/sched_child_runs_first 0
|
||||||
|
|
||||||
+ write /proc/sys/kernel/dmesg_restrict 1
|
+ write /proc/sys/kernel/dmesg_restrict 1
|
||||||
+ write /proc/sys/kernel/kptr_restrict 2
|
|
||||||
+ write /proc/sys/fs/protected_hardlinks 1
|
+ write /proc/sys/fs/protected_hardlinks 1
|
||||||
+ write /proc/sys/fs/protected_symlinks 1
|
+ write /proc/sys/fs/protected_symlinks 1
|
||||||
+ write /proc/sys/fs/protected_fifos 1
|
+ write /proc/sys/fs/protected_fifos 1
|
||||||
+ write /proc/sys/fs/protected_regular 1
|
+ write /proc/sys/fs/protected_regular 1
|
||||||
+ write /proc/sys/net/ipv4/tcp_sack 0
|
+ write /proc/sys/net/ipv4/tcp_sack 0
|
||||||
+ write /proc/sys/net/ipv6/conf/all/use_tempaddr 2
|
+ write /proc/sys/net/ipv6/conf/all/use_tempaddr 2
|
||||||
|
+ write /proc/sys/net/ipv6/conf/all/max_addresses 128
|
||||||
|
+ write /proc/sys/net/ipv6/conf/all/temp_prefered_lft 21600
|
||||||
+ write /proc/sys/net/ipv6/conf/default/use_tempaddr 2
|
+ write /proc/sys/net/ipv6/conf/default/use_tempaddr 2
|
||||||
|
+ write /proc/sys/net/ipv6/conf/default/max_addresses 128
|
||||||
|
+ write /proc/sys/net/ipv6/conf/default/temp_prefered_lft 21600
|
||||||
write /proc/sys/kernel/randomize_va_space 2
|
write /proc/sys/kernel/randomize_va_space 2
|
||||||
write /proc/sys/vm/mmap_min_addr 32768
|
write /proc/sys/vm/mmap_min_addr 32768
|
||||||
write /proc/sys/net/ipv4/ping_group_range "0 2147483647"
|
write /proc/sys/net/ipv4/ping_group_range "0 2147483647"
|
||||||
|
@ -32,23 +32,24 @@ index 2b899408a..84c2735c2 100644
|
|||||||
CHECKCALL(mount("selinuxfs", "/sys/fs/selinux", "selinuxfs", 0, NULL));
|
CHECKCALL(mount("selinuxfs", "/sys/fs/selinux", "selinuxfs", 0, NULL));
|
||||||
|
|
||||||
CHECKCALL(mknod("/dev/kmsg", S_IFCHR | 0600, makedev(1, 11)));
|
CHECKCALL(mknod("/dev/kmsg", S_IFCHR | 0600, makedev(1, 11)));
|
||||||
diff --git a/rootdir/init.rc b/rootdir/init.rc
|
|
||||||
index 58a83e091..a28db476b 100644
|
|
||||||
--- a/rootdir/init.rc
|
--- a/rootdir/init.rc
|
||||||
+++ b/rootdir/init.rc
|
+++ b/rootdir/init.rc
|
||||||
@@ -140,6 +140,15 @@ on init
|
@@ -140,6 +140,18 @@ on init
|
||||||
write /proc/sys/kernel/sched_wakeup_granularity_ns 2000000
|
write /proc/sys/kernel/sched_wakeup_granularity_ns 2000000
|
||||||
write /proc/sys/kernel/sched_child_runs_first 0
|
write /proc/sys/kernel/sched_child_runs_first 0
|
||||||
|
|
||||||
+ write /proc/sys/kernel/dmesg_restrict 1
|
+ write /proc/sys/kernel/dmesg_restrict 1
|
||||||
+ write /proc/sys/kernel/kptr_restrict 2
|
|
||||||
+ write /proc/sys/fs/protected_hardlinks 1
|
+ write /proc/sys/fs/protected_hardlinks 1
|
||||||
+ write /proc/sys/fs/protected_symlinks 1
|
+ write /proc/sys/fs/protected_symlinks 1
|
||||||
+ write /proc/sys/fs/protected_fifos 1
|
+ write /proc/sys/fs/protected_fifos 1
|
||||||
+ write /proc/sys/fs/protected_regular 1
|
+ write /proc/sys/fs/protected_regular 1
|
||||||
+ write /proc/sys/net/ipv4/tcp_sack 0
|
+ write /proc/sys/net/ipv4/tcp_sack 0
|
||||||
+ write /proc/sys/net/ipv6/conf/all/use_tempaddr 2
|
+ write /proc/sys/net/ipv6/conf/all/use_tempaddr 2
|
||||||
|
+ write /proc/sys/net/ipv6/conf/all/max_addresses 128
|
||||||
|
+ write /proc/sys/net/ipv6/conf/all/temp_prefered_lft 21600
|
||||||
+ write /proc/sys/net/ipv6/conf/default/use_tempaddr 2
|
+ write /proc/sys/net/ipv6/conf/default/use_tempaddr 2
|
||||||
|
+ write /proc/sys/net/ipv6/conf/default/max_addresses 128
|
||||||
|
+ write /proc/sys/net/ipv6/conf/default/temp_prefered_lft 21600
|
||||||
write /proc/sys/kernel/randomize_va_space 2
|
write /proc/sys/kernel/randomize_va_space 2
|
||||||
write /proc/sys/vm/mmap_min_addr 32768
|
write /proc/sys/vm/mmap_min_addr 32768
|
||||||
write /proc/sys/net/ipv4/ping_group_range "0 2147483647"
|
write /proc/sys/net/ipv4/ping_group_range "0 2147483647"
|
||||||
|
@ -24,6 +24,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6187/^4.6.5/0001.patch
|
|||||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6693/ANY/0001.patch
|
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6693/ANY/0001.patch
|
||||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6696/ANY/0001.patch
|
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6696/ANY/0001.patch
|
||||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8394/ANY/0001.patch
|
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8394/ANY/0001.patch
|
||||||
|
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-9919/^4.8.12/0001.patch
|
||||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0610/ANY/0001.patch
|
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0610/ANY/0001.patch
|
||||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
|
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
|
||||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000252/^4.13.3/0001.patch
|
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000252/^4.13.3/0001.patch
|
||||||
@ -76,7 +77,6 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10614/ANY/0002.patch
|
|||||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10622/ANY/0002.patch
|
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10622/ANY/0002.patch
|
||||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12378/^5.1.5/0001.patch
|
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12378/^5.1.5/0001.patch
|
||||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12456/^5.1.5/0001.patch
|
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12456/^5.1.5/0001.patch
|
||||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14038/ANY/0001.patch
|
|
||||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14040/ANY/0001.patch
|
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14040/ANY/0001.patch
|
||||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14041/ANY/0001.patch
|
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14041/ANY/0001.patch
|
||||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-16994/^5.0/0001.patch
|
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-16994/^5.0/0001.patch
|
||||||
@ -89,10 +89,11 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2264/ANY/0001.patch
|
|||||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2333/ANY/0001.patch
|
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2333/ANY/0001.patch
|
||||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2341/ANY/0001.patch
|
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2341/ANY/0001.patch
|
||||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-8912/^4.20.11/0001.patch
|
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-8912/^4.20.11/0001.patch
|
||||||
|
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-8992/^5.5.3/0001.patch
|
||||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6693/ANY/0001.patch
|
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6693/ANY/0001.patch
|
||||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6696/ANY/0001.patch
|
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6696/ANY/0001.patch
|
||||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
|
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
|
||||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14875/ANY/0001.patch
|
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14875/ANY/0001.patch
|
||||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10622/ANY/0002.patch
|
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10622/ANY/0002.patch
|
||||||
editKernelLocalversion "-dos.p94"
|
editKernelLocalversion "-dos.p95"
|
||||||
cd "$DOS_BUILD_BASE"
|
cd "$DOS_BUILD_BASE"
|
||||||
|
@ -79,7 +79,7 @@ buildAll() {
|
|||||||
buildDevice cheryl;
|
buildDevice cheryl;
|
||||||
buildDevice mata verity;
|
buildDevice mata verity;
|
||||||
#SD660
|
#SD660
|
||||||
buildDevice Amber verity; #TimeKeep error
|
buildDevice Amber verity;
|
||||||
}
|
}
|
||||||
export -f buildAll;
|
export -f buildAll;
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user