From f55cdef5b0dd70bf39fc042c9bf641ee04b28c89 Mon Sep 17 00:00:00 2001
From: Tad <tad@spotco.us>
Date: Thu, 19 Sep 2019 00:12:36 -0400
Subject: [PATCH] Minor tweaks

---
 Misc/16.0-recovery_audit2allow.txt | 27 ---------------------------
 PrebuiltApps                       |  2 +-
 Scripts/Common/Deblob.sh           |  2 +-
 Scripts/LineageOS-14.1/Patch.sh    |  6 +++---
 Scripts/LineageOS-15.1/Patch.sh    |  6 +++---
 Scripts/LineageOS-16.0/Patch.sh    | 12 ++++++------
 6 files changed, 14 insertions(+), 41 deletions(-)
 delete mode 100644 Misc/16.0-recovery_audit2allow.txt

diff --git a/Misc/16.0-recovery_audit2allow.txt b/Misc/16.0-recovery_audit2allow.txt
deleted file mode 100644
index 3d59167b..00000000
--- a/Misc/16.0-recovery_audit2allow.txt
+++ /dev/null
@@ -1,27 +0,0 @@
-#============= init ==============
-allow init rootfs:file create;
-allow init rootfs:lnk_file setattr;
-
-#============= recovery ==============
-allow recovery pstorefs:dir search;
-allow recovery pstorefs:file { open read };
-allow recovery selinuxfs:file write;
-allow recovery sysfs_devices_block:file { open write };
-allow recovery sysfs_scsi_devices_0000:file { open write };
-allow recovery sysfs_scsi_devices_other:file { open write };
-
-
-
-
-#============= init ==============
-allow init rootfs:file create;
-
-#============= recovery ==============
-allow recovery alarm_boot_prop:file { getattr open };
-allow recovery alarm_handled_prop:file { getattr open };
-allow recovery alarm_instance_prop:file { getattr open };
-allow recovery bg_boot_complete_prop:file open;
-allow recovery self:capability fsetid;
-allow recovery self:capability2 syslog;
-allow recovery selinuxfs:file write;
-allow recovery sysfs_io_sched_tuneable:dir { open read search }
diff --git a/PrebuiltApps b/PrebuiltApps
index a5f2067f..22eb7004 160000
--- a/PrebuiltApps
+++ b/PrebuiltApps
@@ -1 +1 @@
-Subproject commit a5f2067f2eb00ed51d42a6ced93ee6d25e552358
+Subproject commit 22eb7004cc4f6bf25b61de4793975f2053f38147
diff --git a/Scripts/Common/Deblob.sh b/Scripts/Common/Deblob.sh
index 2e814066..340c2334 100644
--- a/Scripts/Common/Deblob.sh
+++ b/Scripts/Common/Deblob.sh
@@ -648,7 +648,7 @@ find build -name "*.mk" -type f -print0 | xargs -0 -n 1 -P 8 -I {} bash -c 'awk
 find device -maxdepth 2 -mindepth 2 -type d -exec bash -c 'deblobDevice "$0"' {} \;; #Deblob all device directories
 #find device -maxdepth 3 -mindepth 2 -type d -print0 | xargs -0 -n 1 -P 4 -I {} bash -c 'deblobSepolicy "{}"'; #Deblob all device sepolicy directories XXX: Breaks builds when other sepolicy files reference deleted ones
 #find kernel -maxdepth 2 -mindepth 2 -type d -print0 | xargs -0 -n 1 -P 4 -I {} bash -c 'deblobKernel "{}"'; #Deblob all kernel directories
-find vendor -name "*vendor*.mk" -type f -print0 | xargs -0 -n 1 -P 8 -I {} bash -c 'deblobVendor "{}"'; #Deblob all makefiles
+find vendor -name "*endor*.mk" -type f -print0 | xargs -0 -n 1 -P 8 -I {} bash -c 'deblobVendor "{}"'; #Deblob all makefiles
 deblobVendors; #Deblob entire vendor directory
 rm -rf frameworks/av/drm/mediadrm/plugins/clearkey; #Remove ClearKey
 rm -rf vendor/samsung/nodevice;
diff --git a/Scripts/LineageOS-14.1/Patch.sh b/Scripts/LineageOS-14.1/Patch.sh
index 02404d41..8acf6ce5 100644
--- a/Scripts/LineageOS-14.1/Patch.sh
+++ b/Scripts/LineageOS-14.1/Patch.sh
@@ -272,9 +272,9 @@ find "kernel" -maxdepth 2 -mindepth 2 -type d -print0 | xargs -0 -n 1 -P 4 -I {}
 cd "$DOS_BUILD_BASE";
 
 #Verity
-cp "$DOS_SIGNING_KEYS/griffin/verifiedboot_relkeys.der.x509" "kernel/motorola/msm8996/verifiedboot_griffin_relkeys.der.x509";
-cp "$DOS_SIGNING_KEYS/marlin/verifiedboot_relkeys.der.x509" "kernel/google/marlin/verifiedboot_marlin_relkeys.der.x509";
-cp "$DOS_SIGNING_KEYS/sailfish/verifiedboot_relkeys.der.x509" "kernel/google/marlin/verifiedboot_sailfish_relkeys.der.x509";
+cp "$DOS_SIGNING_KEYS/griffin/verifiedboot_relkeys.der.x509" "kernel/motorola/msm8996/verifiedboot_griffin_dos_relkeys.der.x509";
+cp "$DOS_SIGNING_KEYS/marlin/verifiedboot_relkeys.der.x509" "kernel/google/marlin/verifiedboot_marlin_dos_relkeys.der.x509";
+cp "$DOS_SIGNING_KEYS/sailfish/verifiedboot_relkeys.der.x509" "kernel/google/marlin/verifiedboot_sailfish_dos_relkeys.der.x509";
 
 #Fixes
 #Fix broken options enabled by hardenDefconfig()
diff --git a/Scripts/LineageOS-15.1/Patch.sh b/Scripts/LineageOS-15.1/Patch.sh
index b45b0159..fd014fc5 100644
--- a/Scripts/LineageOS-15.1/Patch.sh
+++ b/Scripts/LineageOS-15.1/Patch.sh
@@ -243,9 +243,9 @@ find "kernel" -maxdepth 2 -mindepth 2 -type d -print0 | xargs -0 -n 1 -P 4 -I {}
 cd "$DOS_BUILD_BASE";
 
 #Verity
-cp "$DOS_SIGNING_KEYS/griffin/verifiedboot_relkeys.der.x509" "kernel/motorola/msm8996/verifiedboot_griffin_relkeys.der.x509";
-cp "$DOS_SIGNING_KEYS/marlin/verifiedboot_relkeys.der.x509" "kernel/google/marlin/verifiedboot_marlin_relkeys.der.x509";
-cp "$DOS_SIGNING_KEYS/sailfish/verifiedboot_relkeys.der.x509" "kernel/google/marlin/verifiedboot_sailfish_relkeys.der.x509";
+cp "$DOS_SIGNING_KEYS/griffin/verifiedboot_relkeys.der.x509" "kernel/motorola/msm8996/verifiedboot_griffin_dos_relkeys.der.x509";
+cp "$DOS_SIGNING_KEYS/marlin/verifiedboot_relkeys.der.x509" "kernel/google/marlin/verifiedboot_marlin_dos_relkeys.der.x509";
+cp "$DOS_SIGNING_KEYS/sailfish/verifiedboot_relkeys.der.x509" "kernel/google/marlin/verifiedboot_sailfish_dos_relkeys.der.x509";
 
 #Fix broken options enabled by hardenDefconfig()
 sed -i "s/CONFIG_DEBUG_RODATA=y/# CONFIG_DEBUG_RODATA is not set/" kernel/google/msm/arch/arm/configs/lineageos_*_defconfig; #Breaks on compile
diff --git a/Scripts/LineageOS-16.0/Patch.sh b/Scripts/LineageOS-16.0/Patch.sh
index c705ba11..0fe536c5 100644
--- a/Scripts/LineageOS-16.0/Patch.sh
+++ b/Scripts/LineageOS-16.0/Patch.sh
@@ -231,7 +231,7 @@ enterAndClear "device/oppo/msm8974-common";
 sed -i "s/TZ.BF.2.0-2.0.0134/TZ.BF.2.0-2.0.0134|TZ.BF.2.0-2.0.0137/" board-info.txt; #Suport new TZ firmware https://review.lineageos.org/#/c/178999/
 
 enterAndClear "kernel/google/marlin";
-git revert 568f99db3c9; #Resurrect dm-verity
+git revert 568f99db3c9a590912f533fa734c46cf7a25dcbd; #Resurrect dm-verity
 
 enter "vendor/google";
 echo "" > atv/atv-common.mk;
@@ -249,11 +249,11 @@ find "kernel" -maxdepth 2 -mindepth 2 -type d -print0 | xargs -0 -n 1 -P 4 -I {}
 cd "$DOS_BUILD_BASE";
 
 #Verity
-cp "$DOS_SIGNING_KEYS/cheryl/verifiedboot_relkeys.der.x509" "kernel/razer/msm8998/verifiedboot_cheryl_relkeys.der.x509";
-cp "$DOS_SIGNING_KEYS/griffin/verifiedboot_relkeys.der.x509" "kernel/motorola/msm8996/verifiedboot_griffin_relkeys.der.x509";
-cp "$DOS_SIGNING_KEYS/marlin/verifiedboot_relkeys.der.x509" "kernel/google/marlin/verifiedboot_marlin_relkeys.der.x509";
-cp "$DOS_SIGNING_KEYS/sailfish/verifiedboot_relkeys.der.x509" "kernel/google/marlin/verifiedboot_sailfish_relkeys.der.x509";
-cp "$DOS_SIGNING_KEYS/z2_plus/verifiedboot_relkeys.der.x509" "kernel/zuk/msm8996/verifiedboot_z2_plus_relkeys.der.x509";
+cp "$DOS_SIGNING_KEYS/cheryl/verifiedboot_relkeys.der.x509" "kernel/razer/msm8998/verifiedboot_cheryl_dos_relkeys.der.x509";
+cp "$DOS_SIGNING_KEYS/griffin/verifiedboot_relkeys.der.x509" "kernel/motorola/msm8996/verifiedboot_griffin_dos_relkeys.der.x509";
+cp "$DOS_SIGNING_KEYS/marlin/verifiedboot_relkeys.der.x509" "kernel/google/marlin/verifiedboot_marlin_dos_relkeys.der.x509";
+cp "$DOS_SIGNING_KEYS/sailfish/verifiedboot_relkeys.der.x509" "kernel/google/marlin/verifiedboot_sailfish_dos_relkeys.der.x509";
+cp "$DOS_SIGNING_KEYS/z2_plus/verifiedboot_relkeys.der.x509" "kernel/zuk/msm8996/verifiedboot_z2_plus_dos_relkeys.der.x509";
 
 #Fix broken options enabled by hardenDefconfig()
 sed -i "s/CONFIG_DEBUG_RODATA=y/# CONFIG_DEBUG_RODATA is not set/" kernel/google/msm/arch/arm/configs/lineageos_*_defconfig; #Breaks on compile