├── README.md ├── build ├── device-tarball.conf ├── make-device-tarball ├── pull-lp-bin.py └── replace-android-system ├── docker-buildenv └── Dockerfile └── kernel └── check-config /README.md: -------------------------------------------------------------------------------- 1 | # A set of scripts useful when adapting an Android source tree to work for Ubuntu phones. 2 | 3 | Short description of the contents 4 | 5 | + docker-buildenv: Docker setup of a build environment for Ubuntu phone Android trees. 6 | + kernel: Script that sets the required values for kernel config options in a given config file 7 | + build: scripts to create a device tarball from Android build images, and a script to replace the 8 | Android system.img on a phone without reflashing it entirely 9 | -------------------------------------------------------------------------------- /build/device-tarball.conf: -------------------------------------------------------------------------------- 1 | #Example configuration for make-device-tarball 2 | # 3 | #Device name (e.g mako) 4 | DEVICE=devname 5 | #Source name destination name pairs for the partition images to be flashed 6 | PARTITIONS=" 7 | recovery.img:recovery.img 8 | boot.img:boot.img 9 | lk.bin:uboot.img 10 | " 11 | #Optional path from where to copy files in the tarball's system/ dir 12 | #ROOTFSDIR=ubuntu/tools/system 13 | #Add unique git id and timestamp to the resulting tarball name 14 | DEVICE_BUILD_ID=true 15 | -------------------------------------------------------------------------------- /build/make-device-tarball: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # Make a device tarball from the Android build image and optionally 3 | # files for the Ubuntu root filesystem 4 | 5 | 6 | CONFFILE=${1:-ubuntu/tools/mktarball.conf} 7 | 8 | [ -f "$CONFFILE" ] || { 9 | echo "Config file $CONFFILE not found" 10 | exit 1 11 | } 12 | 13 | . $CONFFILE 14 | 15 | [ -n "$DEVICE" ] || { 16 | echo "Variable DEVICE not set in config file" 17 | exit 1 18 | } 19 | 20 | 21 | : ${PRODUCTDIR:=${PWD}/out/target/product/$DEVICE} 22 | 23 | [ -f $PRODUCTDIR/system.img ] || { 24 | echo "$PRODUCTDIR does not seem to contain the required Android img files" 25 | exit 1 26 | } 27 | 28 | TMPDEVICEDIR=$(mktemp -d) 29 | DEVICETARBALL=${PRODUCTDIR}/device_$DEVICE.tar.xz 30 | LXCPATH=${TMPDEVICEDIR}/system/var/lib/lxc/android 31 | 32 | # Ensure cleanup of temporary directory 33 | function onExit() { 34 | rm -Rf $TMPDEVICEDIR 35 | } 36 | 37 | trap onExit EXIT 38 | 39 | mkdir -p ${LXCPATH} 40 | 41 | # Unless system.img is already a non-sparse ext4, convert it 42 | if file $PRODUCTDIR/system.img | grep -v ": Linux rev 1.0 ext4" >/dev/null; then 43 | echo "Copying system.img into a proper EXT4 filesystem" 44 | simg2img $PRODUCTDIR/system.img tmp.img >/dev/null 45 | resize2fs -M tmp.img >/dev/null 2>&1 46 | mv tmp.img $LXCPATH/system.img 47 | else 48 | echo "Copying system.img which is already an EXT4 filesystem" 49 | cp $PRODUCTDIR/system.img /$LXCPATH 50 | fi 51 | 52 | # Optionally copy partition images 53 | if [ -n "$PARTITIONS" ]; then 54 | PDIR=${TMPDEVICEDIR}/partitions 55 | mkdir -p $PDIR 56 | 57 | for pair in $PARTITIONS;do 58 | IFS=':' read src dest <<< $pair 59 | echo "Copying partition $dest" 60 | cp ${PRODUCTDIR}/$src $PDIR/$dest 61 | done 62 | fi 63 | 64 | # Optionally copy files over the root filesystem 65 | if [ -d "$ROOTFSDIR" ]; then 66 | echo "Copying files over the root filesystem" 67 | cp -a $ROOTFSDIR/*/* ${TMPDEVICEDIR}/system/ 68 | fi 69 | 70 | # Optionally generate a build ID based on the date and latest git commit 71 | if [ "$DEVICE_BUILD_ID" == "true" ]; then 72 | mkdir -p ${TMPDEVICEDIR}/system/etc 73 | SERIAL="$(date +%Y%m%d)-$(git describe --tags --dirty --always)" 74 | echo "device-build: $SERIAL" 75 | echo $SERIAL >> ${TMPDEVICEDIR}/system/etc/device-build 76 | fi 77 | 78 | echo "Creating the tarball" 79 | 80 | if which pxz >/dev/null; then 81 | XZ=pxz 82 | echo "Using parallel XZ compression" 83 | else 84 | echo "Using single threaded XZ compression, you may want to install pxz" 85 | XZ=xz 86 | fi 87 | 88 | pushd $TMPDEVICEDIR >/dev/null 89 | tar --use-compress-program=$XZ -cf $DEVICETARBALL $(find * -type f) --owner=0 --group=0 90 | popd >/dev/null 91 | 92 | # Optionally create ASCII armored detached GPG signature for the tarball 93 | # KEYPATH should hold the signing keys. 94 | if [ -d "$KEYPATH" ]; then 95 | echo "Creating GPG signature for the device tarball" 96 | gpg --yes --homedir $KEYPATH -sba $DEVICETARBALL 97 | fi 98 | 99 | -------------------------------------------------------------------------------- /build/pull-lp-bin.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | # 3 | # pull-lp-bin -- pull a binary package from Launchpad 4 | # 5 | # Copyright (C) 2013, Canonical Ltd. 6 | # 7 | # Based on the pull-lp-source script (ubuntu-dev-tools) made by: 8 | # - Iain Lane 9 | # - Stefano Rivera 10 | # 11 | # This program is free software; you can redistribute it and/or 12 | # modify it under the terms of the GNU General Public License 13 | # as published by the Free Software Foundation; either version 3 14 | # of the License, or (at your option) any later version. 15 | # 16 | # This program is distributed in the hope that it will be useful, 17 | # but WITHOUT ANY WARRANTY; without even the implied warranty of 18 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 19 | # GNU General Public License for more details. 20 | # 21 | # See file /usr/share/common-licenses/GPL for more details. 22 | # 23 | # Author: Ricardo Salveti 24 | 25 | import os 26 | import sys 27 | import urllib2 28 | from optparse import OptionParser 29 | from launchpadlib.launchpad import Launchpad 30 | 31 | cachedir = "~/.launchpadlib/cache" 32 | 33 | def main(): 34 | usage = "Usage: %prog [-a|--arch ] [-o|--output ] [-d|--distro ] [-t|--team ] [-p|--ppa [release]" 35 | opt_parser = OptionParser(usage) 36 | opt_parser.add_option('-a', '--arch', default='armhf', dest='ubuntu_arch', 37 | help='Architecture for the binary package (default: armhf)') 38 | opt_parser.add_option('-o', '--output', 39 | help='Directory used to output the desired package') 40 | opt_parser.add_option('-d', '--distro', 41 | help='Distribution to use (default is ubuntu)', default='ubuntu') 42 | opt_parser.add_option('-t', '--team', 43 | help='Launchpad team that owns the PPA (to be used with --ppa)') 44 | opt_parser.add_option('-p', '--ppa', 45 | help='PPA used to look for the binary package') 46 | (options, args) = opt_parser.parse_args() 47 | if not args: 48 | opt_parser.error("Must specify a package name") 49 | 50 | package = str(args[0]).lower() 51 | 52 | # Login anonymously to LP 53 | lp = Launchpad.login_anonymously('pull-lp-bin', 'production', 54 | cachedir, version="devel") 55 | distro = lp.distributions[options.distro] 56 | 57 | if options.ppa and not options.team: 58 | print "To use a PPA you also need to provide a team (from Launchpad)" 59 | return 60 | 61 | if options.ppa: 62 | archive = lp.people[options.team].getPPAByName(name=options.ppa) 63 | else: 64 | archive = lp.distributions['ubuntu'].main_archive 65 | 66 | if len(args) > 1: 67 | release = str(args[1]) 68 | else: 69 | release = distro.current_series_link.split('/')[-1] 70 | 71 | pocket = 'Release' 72 | bin_url = None 73 | bpph = None 74 | 75 | series = distro.getSeries(name_or_version=release) 76 | arch_series = series.getDistroArchSeries(archtag=options.ubuntu_arch) 77 | bpph = archive.getPublishedBinaries(binary_name=package, 78 | distro_arch_series=arch_series, 79 | status="Published", pocket=pocket, 80 | exact_match=True) 81 | 82 | if bpph: 83 | version = bpph[0].binary_package_version 84 | bin_url = bpph[0].binaryFileUrls()[0] 85 | 86 | if bin_url: 87 | print 'Downloading %s version %s' % (package, version) 88 | url = urllib2.urlopen(bin_url) 89 | data = url.read() 90 | package_name = "%s_%s_%s.deb" % (package, version, options.ubuntu_arch) 91 | if options.output: 92 | target = "%s/%s" % (options.output, package_name) 93 | else: 94 | target = package_name 95 | with open(target, "wb") as package: 96 | package.write(data) 97 | else: 98 | print "Unable to find a published version of package %s (%s) at %s" % ( 99 | package, options.ubuntu_arch, release) 100 | 101 | if __name__ == '__main__': 102 | main() 103 | -------------------------------------------------------------------------------- /build/replace-android-system: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Wait until the adb shell is unavailable, meaning the device is rebooting 4 | wait_for_reboot() { 5 | while test -n "$(adb shell echo '1' 2>/dev/null)" 6 | do 7 | echo -n "."; 8 | sleep 3; 9 | done 10 | echo 11 | } 12 | 13 | #Wait until we get a working adb shell, meaning the device is in normal or recovery mode 14 | wait_for_device() { 15 | while test -z "$(adb shell echo '1' 2>/dev/null)" 16 | do 17 | echo -n "."; 18 | sleep 3; 19 | done 20 | echo 21 | } 22 | 23 | SYSTEM_IMAGE=$1 24 | 25 | if [ ! -f "$SYSTEM_IMAGE" ]; then 26 | echo "Usage: $0 system.img" 27 | exit 28 | fi 29 | 30 | echo "Rebooting to recovery" 31 | adb reboot recovery 32 | wait_for_device 33 | 34 | echo "Mounting system partition" 35 | adb shell "mkdir /a; if [ -e emmc@android ]; then mount emmc@android /a; else mount /data; mount /data/system.img /a; fi" 36 | 37 | if file $SYSTEM_IMAGE | grep -v ": Linux rev 1.0 ext4" >/dev/null; then 38 | echo "Converting from sparse ext4 image to mountable ext4 image" 39 | simg2img $SYSTEM_IMAGE tmp.img >/dev/null 40 | resize2fs -M tmp.img >/dev/null 2>&1 41 | mv tmp.img $SYSTEM_IMAGE 42 | fi 43 | 44 | echo Pushing android system image... 45 | adb push $SYSTEM_IMAGE /a/var/lib/lxc/android/system.img >/dev/null 2>&1 & 46 | 47 | SIZE=$(stat -t $SYSTEM_IMAGE |awk '{print $2}') 48 | S=0 49 | while test $S -lt $SIZE 50 | do 51 | sleep 1 52 | S=$(adb shell stat -t /a/var/lib/lxc/android/system.img | awk '{print $2}') 53 | printf "%0.2d%%\r" $[100*$S/$SIZE] 54 | done 55 | 56 | echo "Done, rebooting to Ubuntu" 57 | 58 | adb reboot 59 | 60 | # vim: expandtab: ts=4: sw=4 61 | -------------------------------------------------------------------------------- /docker-buildenv/Dockerfile: -------------------------------------------------------------------------------- 1 | # Set up an Ubuntu based environment suitable for building the Ubuntu Touch Android tree in 2 | # If you have squid-deb-proxy installed on your host, it will get used in the container 3 | # Build it and run it with your home dir bindmounted then run the build from your tree 4 | # docker build --rm -t yourimagename . 5 | # docker run -it -v /home/yourname/any/path:/home/developer yourimagename 6 | 7 | FROM ubuntu:13.10 8 | 9 | MAINTAINER Jani Monoses 10 | 11 | RUN /sbin/ip route | awk '/default/ { print "Acquire::http::Proxy \"http://"$3":8000\";" }' > /etc/apt/apt.conf.d/30proxy 12 | 13 | # Allow installing i386 debs required by some of the AOSP prebuilt tools 14 | 15 | RUN dpkg --add-architecture i386 16 | 17 | RUN apt-get update 18 | 19 | RUN DEBIAN_FRONTEND='noninteractive' apt-get install -y cpp-4.8 ccache gcc-4.8 g++-4.8 git gnupg flex bison gperf build-essential \ 20 | zip bzr curl libc6-dev libncurses5-dev:i386 x11proto-core-dev \ 21 | libx11-dev:i386 libreadline6-dev:i386 libgl1-mesa-glx:i386 \ 22 | libgl1-mesa-dev g++-multilib mingw32 ubuntu-dev-tools tofrodos \ 23 | python-markdown libxml2-utils xsltproc zlib1g-dev:i386 schedtool bsdiff bash-completion vim 24 | 25 | # Add default user 26 | RUN adduser --disabled-password --quiet --gecos Developer developer 27 | 28 | USER developer 29 | ENV HOME /home/developer 30 | WORKDIR /home/developer 31 | 32 | CMD ["/bin/bash"] 33 | -------------------------------------------------------------------------------- /kernel/check-config: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | FILE=$1 4 | 5 | [ -f "$FILE" ] || { 6 | echo "Provide a config file as argument" 7 | exit 8 | } 9 | 10 | write=false 11 | 12 | if [ "$2" = "-w" ]; then 13 | write=true 14 | fi 15 | 16 | CONFIGS_ON=" 17 | CONFIG_IKCONFIG 18 | CONFIG_IKCONFIG_PROC 19 | CONFIG_SYSVIPC 20 | CONFIG_CGROUPS 21 | CONFIG_CGROUP_FREEZER 22 | CONFIG_NAMESPACES 23 | CONFIG_UTS_NS 24 | CONFIG_IPC_NS 25 | CONFIG_USER_NS 26 | CONFIG_PID_NS 27 | CONFIG_NET_NS 28 | CONFIG_AUDIT 29 | CONFIG_AUDITSYSCALL 30 | CONFIG_AUDIT_TREE 31 | CONFIG_AUDIT_WATCH 32 | CONFIG_CC_STACKPROTECTOR 33 | CONFIG_DEBUG_RODATA 34 | CONFIG_DEVTMPFS 35 | CONFIG_DEVTMPFS_MOUNT 36 | CONFIG_DEVPTS_MULTIPLE_INSTANCES 37 | CONFIG_ECRYPT_FS 38 | CONFIG_ECRYPT_FS_MESSAGING 39 | CONFIG_ENCRYPTED_KEYS 40 | CONFIG_EXT4_FS_POSIX_ACL 41 | CONFIG_EXT4_FS_SECURITY 42 | CONFIG_FSNOTIFY 43 | CONFIG_DNOTIFY 44 | CONFIG_INOTIFY_USER 45 | CONFIG_FANOTIFY 46 | CONFIG_FANOTIFY_ACCESS_PERMISSIONS 47 | CONFIG_KEYS 48 | CONFIG_SWAP 49 | CONFIG_VT 50 | CONFIG_VT_CONSOLE 51 | CONFIG_SECCOMP 52 | CONFIG_SECURITY 53 | CONFIG_SECURITYFS 54 | CONFIG_SECURITY_NETWORK 55 | CONFIG_NETLABEL 56 | CONFIG_SECURITY_PATH 57 | CONFIG_SECURITY_SELINUX 58 | CONFIG_SECURITY_SELINUX_BOOTPARAM 59 | CONFIG_SECURITY_SELINUX_DISABLE 60 | CONFIG_SECURITY_SELINUX_DEVELOP 61 | CONFIG_SECURITY_SELINUX_AVC_STATS 62 | CONFIG_SECURITY_SMACK 63 | CONFIG_SECURITY_TOMOYO 64 | CONFIG_DEFAULT_SECURITY_APPARMOR 65 | CONFIG_SECURITY_APPARMOR 66 | CONFIG_SECURITY_APPARMOR_HASH 67 | CONFIG_SECURITY_APPARMOR_UNCONFINED_INIT 68 | CONFIG_SECURITY_YAMA 69 | CONFIG_SECURITY_YAMA_STACKED 70 | CONFIG_STRICT_DEVMEM 71 | CONFIG_SYN_COOKIES 72 | CONFIG_BT 73 | CONFIG_BT_RFCOMM 74 | CONFIG_BT_RFCOMM_TTY 75 | CONFIG_BT_BNEP 76 | CONFIG_BT_BNEP_MC_FILTER 77 | CONFIG_BT_BNEP_PROTO_FILTER 78 | CONFIG_BT_HIDP 79 | CONFIG_XFRM_USER 80 | CONFIG_NET_KEY 81 | CONFIG_INET 82 | CONFIG_IP_ADVANCED_ROUTER 83 | CONFIG_IP_MULTIPLE_TABLES 84 | CONFIG_INET_AH 85 | CONFIG_INET_ESP 86 | CONFIG_INET_IPCOMP 87 | CONFIG_INET_XFRM_MODE_TRANSPORT 88 | CONFIG_INET_XFRM_MODE_TUNNEL 89 | CONFIG_INET_XFRM_MODE_BEET 90 | CONFIG_IPV6 91 | CONFIG_INET6_AH 92 | CONFIG_INET6_ESP 93 | CONFIG_INET6_IPCOMP 94 | CONFIG_INET6_XFRM_MODE_TRANSPORT 95 | CONFIG_INET6_XFRM_MODE_TUNNEL 96 | CONFIG_INET6_XFRM_MODE_BEET 97 | CONFIG_IPV6_MULTIPLE_TABLES 98 | CONFIG_NETFILTER 99 | CONFIG_NETFILTER_ADVANCED 100 | CONFIG_NETFILTER_NETLINK 101 | CONFIG_NETFILTER_NETLINK_ACCT 102 | CONFIG_NETFILTER_NETLINK_LOG 103 | CONFIG_NETFILTER_NETLINK_QUEUE 104 | CONFIG_NETFILTER_TPROXY 105 | CONFIG_NETFILTER_XTABLES 106 | CONFIG_NETFILTER_XT_CONNMARK 107 | CONFIG_NETFILTER_XT_MARK 108 | CONFIG_NETFILTER_XT_MATCH_ADDRTYPE 109 | CONFIG_NETFILTER_XT_MATCH_CLUSTER 110 | CONFIG_NETFILTER_XT_MATCH_COMMENT 111 | CONFIG_NETFILTER_XT_MATCH_CONNBYTES 112 | CONFIG_NETFILTER_XT_MATCH_CONNLIMIT 113 | CONFIG_NETFILTER_XT_MATCH_CONNMARK 114 | CONFIG_NETFILTER_XT_MATCH_CONNTRACK 115 | CONFIG_NETFILTER_XT_MATCH_CPU 116 | CONFIG_NETFILTER_XT_MATCH_DCCP 117 | CONFIG_NETFILTER_XT_MATCH_DEVGROUP 118 | CONFIG_NETFILTER_XT_MATCH_DSCP 119 | CONFIG_NETFILTER_XT_MATCH_ECN 120 | CONFIG_NETFILTER_XT_MATCH_ESP 121 | CONFIG_NETFILTER_XT_MATCH_HASHLIMIT 122 | CONFIG_NETFILTER_XT_MATCH_HELPER 123 | CONFIG_NETFILTER_XT_MATCH_HL 124 | CONFIG_NETFILTER_XT_MATCH_IPRANGE 125 | CONFIG_NETFILTER_XT_MATCH_LENGTH 126 | CONFIG_NETFILTER_XT_MATCH_LIMIT 127 | CONFIG_NETFILTER_XT_MATCH_MAC 128 | CONFIG_NETFILTER_XT_MATCH_MARK 129 | CONFIG_NETFILTER_XT_MATCH_MULTIPORT 130 | CONFIG_NETFILTER_XT_MATCH_NFACCT 131 | CONFIG_NETFILTER_XT_MATCH_OSF 132 | CONFIG_NETFILTER_XT_MATCH_OWNER 133 | CONFIG_NETFILTER_XT_MATCH_PKTTYPE 134 | CONFIG_NETFILTER_XT_MATCH_POLICY 135 | CONFIG_NETFILTER_XT_MATCH_QUOTA 136 | CONFIG_NETFILTER_XT_MATCH_QUOTA2 137 | CONFIG_NETFILTER_XT_MATCH_RATEEST 138 | CONFIG_NETFILTER_XT_MATCH_REALM 139 | CONFIG_NETFILTER_XT_MATCH_RECENT 140 | CONFIG_NETFILTER_XT_MATCH_SCTP 141 | CONFIG_NETFILTER_XT_MATCH_SOCKET 142 | CONFIG_NETFILTER_XT_MATCH_STATE 143 | CONFIG_NETFILTER_XT_MATCH_STATISTIC 144 | CONFIG_NETFILTER_XT_MATCH_STRING 145 | CONFIG_NETFILTER_XT_MATCH_TCPMSS 146 | CONFIG_NETFILTER_XT_MATCH_TIME 147 | CONFIG_NETFILTER_XT_MATCH_U32 148 | CONFIG_NETFILTER_XT_TARGET_AUDIT 149 | CONFIG_NETFILTER_XT_TARGET_CHECKSUM 150 | CONFIG_NETFILTER_XT_TARGET_CLASSIFY 151 | CONFIG_NETFILTER_XT_TARGET_CONNMARK 152 | CONFIG_NETFILTER_XT_TARGET_CONNSECMARK 153 | CONFIG_NETFILTER_XT_TARGET_CT 154 | CONFIG_NETFILTER_XT_TARGET_DSCP 155 | CONFIG_NETFILTER_XT_TARGET_HL 156 | CONFIG_NETFILTER_XT_TARGET_IDLETIMER 157 | CONFIG_NETFILTER_XT_TARGET_LED 158 | CONFIG_NETFILTER_XT_TARGET_LOG 159 | CONFIG_NETFILTER_XT_TARGET_MARK 160 | CONFIG_NETFILTER_XT_TARGET_NFLOG 161 | CONFIG_NETFILTER_XT_TARGET_NFQUEUE 162 | CONFIG_NETFILTER_XT_TARGET_NOTRACK 163 | CONFIG_NETFILTER_XT_TARGET_RATEEST 164 | CONFIG_NETFILTER_XT_TARGET_SECMARK 165 | CONFIG_NETFILTER_XT_TARGET_TCPMSS 166 | CONFIG_NETFILTER_XT_TARGET_TCPOPTSTRIP 167 | CONFIG_NETFILTER_XT_TARGET_TEE 168 | CONFIG_NETFILTER_XT_TARGET_TPROXY 169 | CONFIG_NETFILTER_XT_TARGET_TRACE 170 | CONFIG_NF_CONNTRACK_ZONES 171 | CONFIG_IP6_NF_FILTER 172 | CONFIG_IP6_NF_IPTABLES 173 | CONFIG_IP6_NF_MANGLE 174 | CONFIG_IP6_NF_MATCH_AH 175 | CONFIG_IP6_NF_MATCH_EUI64 176 | CONFIG_IP6_NF_MATCH_FRAG 177 | CONFIG_IP6_NF_MATCH_HL 178 | CONFIG_IP6_NF_MATCH_IPV6HEADER 179 | CONFIG_IP6_NF_MATCH_MH 180 | CONFIG_IP6_NF_MATCH_OPTS 181 | CONFIG_IP6_NF_MATCH_RPFILTER 182 | CONFIG_IP6_NF_MATCH_RT 183 | CONFIG_IP6_NF_QUEUE 184 | CONFIG_IP6_NF_RAW 185 | CONFIG_IP6_NF_SECURITY 186 | CONFIG_IP6_NF_TARGET_HL 187 | CONFIG_IP6_NF_TARGET_REJECT 188 | CONFIG_IP6_NF_TARGET_REJECT_SKERR 189 | CONFIG_DNS_RESOLVER 190 | CONFIG_IOSCHED_DEADLINE 191 | CONFIG_SUSPEND_TIME 192 | CONFIG_CORE_DUMP_DEFAULT_ELF_HEADERS 193 | CONFIG_CONSOLE_TRANSLATIONS 194 | CONFIG_EVM 195 | CONFIG_INTEGRITY_SIGNATURE 196 | CONFIG_FHANDLE 197 | CONFIG_EPOLL 198 | CONFIG_SIGNALFD 199 | CONFIG_TIMERFD 200 | CONFIG_TMPFS_POSIX_ACL 201 | " 202 | 203 | CONFIGS_OFF=" 204 | CONFIG_ANDROID_PARANOID_NETWORK 205 | CONFIG_DEFAULT_SECURITY_DAC 206 | CONFIG_DEFAULT_SECURITY_SELINUX 207 | CONFIG_DEFAULT_SECURITY_TOMOYO 208 | CONFIG_DEFAULT_SECURITY_YAMA 209 | CONFIG_DEFAULT_SECURITY_SMACK 210 | CONFIG_SECURITY_APPARMOR_STATS 211 | CONFIG_SECURITY_SELINUX_POLICYDB_VERSION_MAX 212 | CONFIG_SECURITY_TOMOYO_OMIT_USERSPACE_LOADER 213 | CONFIG_BT_HCIBTUSB 214 | CONFIG_BT_HCIBTSDIO 215 | CONFIG_BT_HCIUART 216 | CONFIG_BT_HCIBCM203X 217 | CONFIG_BT_HCIBPA10X 218 | CONFIG_BT_HCIBFUSB 219 | CONFIG_BT_HCIVHCI 220 | CONFIG_BT_MRVL 221 | CONFIG_AF_RXRPC 222 | CONFIG_KEYS_DEBUG_PROC_KEYS 223 | CONFIG_XFRM_MIGRATE 224 | CONFIG_XFRM_STATISTICS 225 | CONFIG_XFRM_SUB_POLICY 226 | CONFIG_COMPAT_BRK 227 | CONFIG_DEVKMEM 228 | CONFIG_NETFILTER_DEBUG 229 | CONFIG_IP_SET 230 | CONFIG_IP_VS 231 | CONFIG_RT_GROUP_SCHED 232 | CONFIG_ARM_UNWIND 233 | CONFIG_VT_HW_CONSOLE_BINDING 234 | CONFIG_FRAMEBUFFER_CONSOLE 235 | CONFIG_SPEAKUP 236 | CONFIG_CIFS_UPCALL 237 | CONFIG_CIFS_DFS_UPCALL 238 | CONFIG_KGDB 239 | " 240 | CONFIGS_EQ=" 241 | CONFIG_DEFAULT_SECURITY=\"apparmor\" 242 | CONFIG_SECURITY_APPARMOR_BOOTPARAM_VALUE=1 243 | CONFIG_SECURITY_SELINUX_BOOTPARAM_VALUE=0 244 | CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE=1 245 | CONFIG_SECURITY_TOMOYO_MAX_ACCEPT_ENTRY=2048 246 | CONFIG_SECURITY_TOMOYO_MAX_AUDIT_LOG=1024 247 | CONFIG_SECURITY_TOMOYO_POLICY_LOADER=\"/sbin/tomoyo-init\" 248 | CONFIG_SECURITY_TOMOYO_ACTIVATION_TRIGGER=\"/sbin/init\" 249 | CONFIG_SECURITY_APPARMOR_BOOTPARAM_VALUE=1 250 | CONFIG_DEFAULT_MMAP_MIN_ADDR=32768 251 | CONFIG_DEFAULT_IOSCHED=\"deadline\" 252 | CONFIG_EVM_HMAC_VERSION=2 253 | " 254 | 255 | ered() { 256 | echo -e "\033[31m" $@ 257 | } 258 | 259 | egreen() { 260 | echo -e "\033[32m" $@ 261 | } 262 | 263 | ewhite() { 264 | echo -e "\033[37m" $@ 265 | } 266 | 267 | echo -e "\n\nChecking config file for Ubuntu Touch specific config options.\n\n" 268 | 269 | errors=0 270 | fixes=0 271 | 272 | for c in $CONFIGS_ON $CONFIGS_OFF;do 273 | cnt=`grep -w -c $c $FILE` 274 | if [ $cnt -gt 1 ];then 275 | ered "$c appears more than once in the config file, fix this" 276 | errors=$((errors+1)) 277 | fi 278 | 279 | if [ $cnt -eq 0 ];then 280 | if $write ; then 281 | ewhite "Creating $c" 282 | echo "# $c is not set" >> "$FILE" 283 | fixes=$((fixes+1)) 284 | else 285 | ered "$c is neither enabled nor disabled in the config file" 286 | errors=$((errors+1)) 287 | fi 288 | fi 289 | done 290 | 291 | for c in $CONFIGS_ON;do 292 | if grep "$c=y\|$c=m" "$FILE" >/dev/null;then 293 | egreen "$c is already set" 294 | else 295 | if $write ; then 296 | ewhite "Setting $c" 297 | sed -i "s,# $c is not set,$c=y," "$FILE" 298 | fixes=$((fixes+1)) 299 | else 300 | ered "$c is not set, set it" 301 | errors=$((errors+1)) 302 | fi 303 | fi 304 | done 305 | 306 | for c in $CONFIGS_EQ;do 307 | lhs=$(awk -F= '{ print $1 }' <(echo $c)) 308 | rhs=$(awk -F= '{ print $2 }' <(echo $c)) 309 | if grep "^$c" "$FILE" >/dev/null;then 310 | egreen "$c is already set correctly." 311 | continue 312 | elif grep "^$lhs" "$FILE" >/dev/null;then 313 | cur=$(awk -F= '{ print $2 }' <(grep "$lhs" "$FILE")) 314 | ered "$lhs is set, but to $cur not $rhs." 315 | if $write ; then 316 | egreen "Setting $c correctly" 317 | sed -i 's,^'"$lhs"'.*,# '"$lhs"' was '"$cur"'\n'"$c"',' "$FILE" 318 | fixes=$((fixes+1)) 319 | fi 320 | else 321 | if $write ; then 322 | ewhite "Setting $c" 323 | echo "$c" >> "$FILE" 324 | fixes=$((fixes+1)) 325 | else 326 | ered "$c is not set" 327 | errors=$((errors+1)) 328 | fi 329 | fi 330 | done 331 | 332 | for c in $CONFIGS_OFF;do 333 | if grep "$c=y\|$c=m" "$FILE" >/dev/null;then 334 | if $write ; then 335 | ewhite "Unsetting $c" 336 | sed -i "s,$c=.*,# $c is not set," $FILE 337 | fixes=$((fixes+1)) 338 | else 339 | ered "$c is set, unset it" 340 | errors=$((errors+1)) 341 | fi 342 | else 343 | egreen "$c is already unset" 344 | fi 345 | done 346 | 347 | if [ $errors -eq 0 ];then 348 | egreen "\n\nConfig file checked, found no errors.\n\n" 349 | else 350 | ered "\n\nConfig file checked, found $errors errors that I did not fix.\n\n" 351 | fi 352 | 353 | if [ $fixes -gt 0 ];then 354 | egreen "Made $fixes fixes.\n\n" 355 | fi 356 | 357 | ewhite " " 358 | --------------------------------------------------------------------------------