DivestOS/Scripts/LineageOS-14.1/Functions.sh
Tad 902239e2b5 Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2022-03-08 23:20:43 -05:00

162 lines
5.9 KiB
Bash

#!/bin/bash
#DivestOS: A privacy focused mobile distribution
#Copyright (c) 2017-2021 Divested Computing Group
#
#This program is free software: you can redistribute it and/or modify
#it under the terms of the GNU General Public License as published by
#the Free Software Foundation, either version 3 of the License, or
#(at your option) any later version.
#
#This program is distributed in the hope that it will be useful,
#but WITHOUT ANY WARRANTY; without even the implied warranty of
#MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
#GNU General Public License for more details.
#
#You should have received a copy of the GNU General Public License
#along with this program. If not, see <https://www.gnu.org/licenses/>.
umask 0022;
#Last verified: 2021-10-16
patchAllKernels() {
startPatcher "kernel_amazon_hdx-common kernel_asus_grouper kernel_htc_msm8960 kernel_htc_msm8994 kernel_lge_msm8992 kernel_motorola_msm8992 kernel_samsung_exynos5420 kernel_samsung_manta kernel_samsung_smdk4412 kernel_samsung_tuna kernel_samsung_universal8890";
}
export -f patchAllKernels;
resetWorkspace() {
umask 0022;
repo forall -c 'git add -A && git reset --hard' && rm -rf out DOS_PATCHED_FLAG && repo sync -j8 --force-sync --detach;
}
export -f resetWorkspace;
scanWorkspaceForMalware() {
local scanQueue="$DOS_BUILD_BASE/abi $DOS_BUILD_BASE/android $DOS_BUILD_BASE/art $DOS_BUILD_BASE/bionic $DOS_BUILD_BASE/bootable $DOS_BUILD_BASE/build $DOS_BUILD_BASE/dalvik $DOS_BUILD_BASE/device $DOS_BUILD_BASE/hardware $DOS_BUILD_BASE/libcore $DOS_BUILD_BASE/libnativehelper $DOS_BUILD_BASE/ndk $DOS_BUILD_BASE/packages $DOS_BUILD_BASE/pdk $DOS_BUILD_BASE/platform_testing $DOS_BUILD_BASE/sdk $DOS_BUILD_BASE/system";
scanQueue=$scanQueue" $DOS_BUILD_BASE/vendor/cm $DOS_BUILD_BASE/vendor/cmsdk";
scanForMalware true "$scanQueue";
}
export -f scanWorkspaceForMalware;
buildDevice() {
cd "$DOS_BUILD_BASE";
export OTA_KEY_OVERRIDE_DIR="$DOS_SIGNING_KEYS/$1";
breakfast "lineage_$1-user" && mka target-files-package otatools && processRelease $1 true $2;
}
export -f buildDevice;
buildDeviceUserDebug() {
cd "$DOS_BUILD_BASE";
export OTA_KEY_OVERRIDE_DIR="$DOS_SIGNING_KEYS/$1";
breakfast "lineage_$1-userdebug" && mka target-files-package otatools && processRelease $1 true $2;
}
export -f buildDeviceUserDebug;
buildDeviceDebug() {
cd "$DOS_BUILD_BASE";
unset OTA_KEY_OVERRIDE_DIR;
brunch "lineage_$1-eng";
}
export -f buildDeviceDebug;
buildAll() {
umask 0022;
cd "$DOS_BUILD_BASE";
if [ "$DOS_MALWARE_SCAN_ENABLED" = true ]; then scanWorkspaceForMalware; fi;
if [ "$DOS_OPTIMIZE_IMAGES" = true ]; then optimizeImagesRecursive "$DOS_BUILD_BASE"; fi;
#Select devices are userdebug due to SELinux policy issues
#SD600
buildDeviceUserDebug m7;
#SD801
buildDeviceUserDebug thor; #broken encryption
buildDeviceUserDebug apollo;
#SD808
buildDevice clark; #Last version with working IMS
buildDevice h815;
#SD810
buildDevice himaul;
#Exynos
buildDevice manta;
buildDevice n7100; #broken sepolicy
buildDeviceUserDebug i9100;
buildDeviceUserDebug i9300;
buildDeviceUserDebug i9305;
buildDevice n5110;
buildDevice v1awifi;
buildDevice herolte;
#OMAP
buildDevice maguro;
buildDevice toro;
buildDevice toroplus;
#Tegra
buildDevice grouper; #needs manual patching - one-repo vendor blob patch
#MediaTek
buildDeviceUserDebug jellypro; #XXX: blob kernel and permissive selinux
}
export -f buildAll;
patchWorkspace() {
umask 0022;
cd "$DOS_BUILD_BASE$1";
touch DOS_PATCHED_FLAG;
if [ "$DOS_MALWARE_SCAN_ENABLED" = true ]; then scanForMalware false "$DOS_PREBUILT_APPS $DOS_BUILD_BASE/build $DOS_BUILD_BASE/device $DOS_BUILD_BASE/vendor/cm"; fi;
source build/envsetup.sh;
#repopick -it bt-sbc-hd-dualchannel-nougat;
repopick -i 315718; #CVE-2021-1957
repopick -it n-asb-2021-09;
repopick -it n-asb-2021-10;
repopick -it tzdb2021c_N;
repopick -it n-asb-2021-11;
repopick -it n-asb-2021-12;
repopick -it n-asb-2022-01;
repopick -it n-asb-2022-02;
repopick -it n-asb-2022-03;
sh "$DOS_SCRIPTS/Patch.sh";
sh "$DOS_SCRIPTS_COMMON/Enable_Verity.sh";
sh "$DOS_SCRIPTS_COMMON/Copy_Keys.sh";
sh "$DOS_SCRIPTS/Defaults.sh";
sh "$DOS_SCRIPTS/Rebrand.sh";
sh "$DOS_SCRIPTS/Theme.sh";
sh "$DOS_SCRIPTS_COMMON/Optimize.sh";
sh "$DOS_SCRIPTS_COMMON/Deblob.sh";
sh "$DOS_SCRIPTS_COMMON/Patch_CVE.sh";
sh "$DOS_SCRIPTS_COMMON/Post.sh";
source build/envsetup.sh;
}
export -f patchWorkspace;
enableDexPreOpt() {
cd "$DOS_BUILD_BASE$1";
#Some devices won't compile, or have too small of a /system partition, or Wi-Fi breaks
if [ "$1" != "device/amazon/thor" ] && [ "$1" != "device/amazon/apollo" ] && [ "$1" != "device/asus/grouper" ] && [ "$1" != "device/samsung/i9100" ] && [ "$1" != "device/samsung/maguro" ] && [ "$1" != "device/samsung/manta" ] && [ "$1" != "device/samsung/toro" ] && [ "$1" != "device/samsung/toroplus" ] && [ "$1" != "device/samsung/tuna" ]; then
if [ -f BoardConfig.mk ]; then
echo "WITH_DEXPREOPT := true" >> BoardConfig.mk;
echo "WITH_DEXPREOPT_PIC := true" >> BoardConfig.mk;
echo "WITH_DEXPREOPT_BOOT_IMG_ONLY := true" >> BoardConfig.mk;
echo "WITH_DEXPREOPT_DEBUG_INFO := false" >> BoardConfig.mk;
echo "Enabled dexpreopt for $1";
fi;
fi;
cd "$DOS_BUILD_BASE";
}
export -f enableDexPreOpt;
enableDexPreOptFull() {
cd "$DOS_BUILD_BASE$1";
if [ -f BoardConfig.mk ]; then
sed -i "s/WITH_DEXPREOPT_BOOT_IMG_ONLY := true/WITH_DEXPREOPT_BOOT_IMG_ONLY := false/" BoardConfig.mk;
echo "Enabled full dexpreopt for $1";
fi;
cd "$DOS_BUILD_BASE";
}
export -f enableDexPreOptFull;
enableLowRam() {
cd "$DOS_BUILD_BASE$1";
if [ -f lineage.mk ]; then echo -e '\n$(call inherit-product, vendor/divested/build/target/product/lowram.mk)' >> lineage.mk; fi;
if [ -f BoardConfig.mk ]; then echo 'MALLOC_SVELTE := true' >> BoardConfig.mk; fi;
if [ -f BoardConfigCommon.mk ]; then echo 'MALLOC_SVELTE := true' >> BoardConfigCommon.mk; fi;
echo "Enabled lowram for $1";
cd "$DOS_BUILD_BASE";
}
export -f enableLowRam;