This repository has been archived by the owner on Jun 1, 2024. It is now read-only.
forked from crdroidandroid/android_kernel_oneplus_sdm845
-
Notifications
You must be signed in to change notification settings - Fork 3
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
3cdfe53
commit 70ace81
Showing
4 changed files
with
296 additions
and
5 deletions.
There are no files selected for viewing
Submodule KernelSU
updated
7 files
+1 −0 | .github/workflows/build-kernel-a13.yml | |
+116 −0 | .github/workflows/build-kernel-a14.yml | |
+8 −1 | .github/workflows/gki-kernel.yml | |
+9 −3 | kernel/core_hook.c | |
+17 −1 | kernel/selinux/selinux.c | |
+2 −0 | kernel/selinux/selinux.h | |
+8 −1 | website/docs/repos.json |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,287 @@ | ||
#!/bin/sh | ||
# SPDX-License-Identifier: LGPL-2.1+ | ||
|
||
export LC_ALL=C.UTF-8 | ||
export LANGUAGE=en | ||
|
||
# Allow environment variables to override config | ||
: "${CONFIG:=/proc/config.gz}" | ||
: "${MODNAME:=configs}" | ||
|
||
GREP="grep" | ||
|
||
if [ -t 1 ]; then | ||
SETCOLOR_SUCCESS="printf \\033[1;32m" | ||
SETCOLOR_FAILURE="printf \\033[1;31m" | ||
SETCOLOR_WARNING="printf \\033[1;33m" | ||
SETCOLOR_NORMAL="printf \\033[0;39m" | ||
else | ||
SETCOLOR_SUCCESS=":" | ||
SETCOLOR_FAILURE=":" | ||
SETCOLOR_WARNING=":" | ||
SETCOLOR_NORMAL=":" | ||
fi | ||
|
||
is_set() { | ||
$GREP -wm1 "^${1}=[y|m]" "${CONFIG}" > /dev/null | ||
return $? | ||
} | ||
|
||
show_enabled() { | ||
RES=$1 | ||
RET=1 | ||
if [ "$RES" -eq 0 ]; then | ||
$SETCOLOR_SUCCESS && printf "enabled" && $SETCOLOR_NORMAL | ||
RET=0 | ||
else | ||
if [ -n "$mandatory" ] && [ "$mandatory" = yes ]; then | ||
$SETCOLOR_FAILURE && printf "required" && $SETCOLOR_NORMAL | ||
else | ||
$SETCOLOR_WARNING && printf "missing" && $SETCOLOR_NORMAL | ||
fi | ||
fi | ||
return $RET | ||
} | ||
|
||
is_enabled() { | ||
mandatory=$2 | ||
|
||
is_set "$1" | ||
show_enabled $? | ||
} | ||
|
||
has_cgroup_ns() { | ||
mandatory=no | ||
|
||
if [ -f "/proc/self/ns/cgroup" ]; then | ||
show_enabled 0 | ||
else | ||
show_enabled 1 | ||
fi | ||
} | ||
|
||
is_probed() { | ||
if [ ! -f /proc/modules ]; then | ||
return | ||
fi | ||
if lsmod | grep -wm1 "^${1}" > /dev/null; then | ||
printf ", loaded" | ||
else | ||
printf ", not loaded" | ||
fi | ||
} | ||
|
||
if command -v lxc-start >/dev/null; then | ||
echo "LXC version $(lxc-start --version)" | ||
fi | ||
|
||
if [ ! -f $CONFIG ]; then | ||
echo "Kernel configuration not found at $CONFIG; searching..." | ||
KVER="$(uname -r)" | ||
HEADERS_CONFIG="/lib/modules/$KVER/build/.config" | ||
BOOT_CONFIG="/boot/config-$KVER" | ||
[ -f "${HEADERS_CONFIG}" ] && CONFIG=${HEADERS_CONFIG} | ||
[ -f "${BOOT_CONFIG}" ] && CONFIG=${BOOT_CONFIG} | ||
if [ ! -f "$CONFIG" ]; then | ||
MODULEFILE="$(modinfo -k "$KVER" -n "$MODNAME" 2> /dev/null)" | ||
# don't want to modprobe, so give user a hint | ||
# although scripts/extract-ikconfig could be used to extract contents without loading kernel module | ||
# http://svn.pld-linux.org/trac/svn/browser/geninitrd/trunk/geninitrd?rev=12696#L327 | ||
fi | ||
if [ ! -f "$CONFIG" ]; then | ||
echo "$(basename "$0"): unable to retrieve kernel configuration" >&2 | ||
echo >&2 | ||
if [ -f "$MODULEFILE" ]; then | ||
echo "Try modprobe $MODNAME module, or" >&2 | ||
fi | ||
echo "Try recompiling with IKCONFIG_PROC, installing the kernel headers," >&2 | ||
echo "or specifying the kernel configuration path with:" >&2 | ||
echo " CONFIG=<path> $(basename "$0")" >&2 | ||
exit 1 | ||
else | ||
echo "Kernel configuration found at $CONFIG" | ||
fi | ||
fi | ||
|
||
if gunzip -tq < "$CONFIG" 2>/dev/null; then | ||
GREP="zgrep" | ||
fi | ||
|
||
KVER_MAJOR="$($GREP -m1 '^# Linux.*Kernel Configuration' "${CONFIG}" | \ | ||
sed -r 's/.* ([0-9])\.[0-9]{1,2}\.[0-9]{1,3}.*/\1/')" | ||
if [ "$KVER_MAJOR" = "2" ]; then | ||
KVER_MINOR="$($GREP -m1 '^# Linux.*Kernel Configuration' "${CONFIG}" | \ | ||
sed -r 's/.* 2.6.([0-9]{2}).*/\1/')" | ||
else | ||
KVER_MINOR="$($GREP -m1 '^# Linux.*Kernel Configuration' "${CONFIG}" | \ | ||
sed -r 's/.* [0-9]\.([0-9]{1,3})\.[0-9]{1,3}.*/\1/')" | ||
fi | ||
|
||
if [ -z "${KVER_MAJOR}" ]; then | ||
echo "WARNING: Unable to detect version from configuration, assuming latest" | ||
echo | ||
KVER_MAJOR="100" | ||
KVER_MINOR="0" | ||
fi | ||
|
||
echo " | ||
--- Namespaces ---" | ||
printf "Namespaces: " && is_enabled CONFIG_NAMESPACES yes | ||
echo | ||
printf "Utsname namespace: " && is_enabled CONFIG_UTS_NS | ||
echo | ||
printf "Ipc namespace: " && is_enabled CONFIG_IPC_NS yes | ||
echo | ||
printf "Pid namespace: " && is_enabled CONFIG_PID_NS yes | ||
echo | ||
printf "User namespace: " && is_enabled CONFIG_USER_NS | ||
echo | ||
if is_set CONFIG_USER_NS; then | ||
if command -v newuidmap >/dev/null 2>&1; then | ||
f=$(command -v newuidmap) | ||
if [ ! -u "${f}" ]; then | ||
echo "Warning: newuidmap is not setuid-root" | ||
fi | ||
else | ||
echo "newuidmap is not installed" | ||
fi | ||
if command -v newgidmap >/dev/null 2>&1; then | ||
f=$(command -v newgidmap) | ||
if [ ! -u "${f}" ]; then | ||
echo "Warning: newgidmap is not setuid-root" | ||
fi | ||
else | ||
echo "newgidmap is not installed" | ||
fi | ||
fi | ||
printf "Network namespace: " && is_enabled CONFIG_NET_NS | ||
echo | ||
if [ $KVER_MAJOR -lt 4 ] || { [ $KVER_MAJOR -eq 4 ] && [ $KVER_MINOR -lt 7 ]; }; then | ||
printf "Multiple /dev/pts instances: " && is_enabled DEVPTS_MULTIPLE_INSTANCES | ||
echo | ||
fi | ||
|
||
echo " | ||
--- Control groups ---" | ||
printf "Cgroups: " && is_enabled CONFIG_CGROUPS | ||
echo | ||
printf "Cgroup namespace: " && has_cgroup_ns | ||
echo | ||
|
||
print_cgroups() { | ||
# print all mountpoints for cgroup filesystems | ||
awk '$1 !~ /#/ && $3 == mp { print $2; } ; END { exit(0); } ' "mp=$1" "$2" ; | ||
} | ||
CGROUP_V1_MNTS=$(print_cgroups cgroup /proc/self/mounts) | ||
CGROUP_V2_MNTS=$(print_cgroups cgroup2 /proc/self/mounts) | ||
|
||
echo "Cgroup v1 mount points: " | ||
for mnt in ${CGROUP_V1_MNTS}; do | ||
echo " - ${mnt}" | ||
done | ||
|
||
echo "Cgroup v2 mount points: " | ||
for mnt in ${CGROUP_V2_MNTS}; do | ||
echo " - ${mnt}" | ||
done | ||
|
||
if [ "${CGROUP_V2_MNTS}" != "/sys/fs/cgroup" ]; then | ||
CGROUP_SYSTEMD_MNTPT=$(echo "$CGROUP_V1_MNTS" | grep -F "/systemd") | ||
if [ -z "$CGROUP_SYSTEMD_MNTPT" ]; then | ||
printf "Cgroup v1 systemd controller: " | ||
$SETCOLOR_FAILURE && echo "missing" && $SETCOLOR_NORMAL | ||
fi | ||
|
||
CGROUP_FREEZER_MNTPT=$(echo "$CGROUP_V1_MNTS" | grep -F "/freezer") | ||
if [ -z "$CGROUP_FREEZER_MNTPT" ]; then | ||
printf "Cgroup v1 freezer controller: " | ||
$SETCOLOR_FAILURE && echo "missing" && $SETCOLOR_NORMAL | ||
fi | ||
|
||
CGROUP_MNT_PATH=$(echo "$CGROUP_V1_MNTS" | head -n 1) | ||
if [ -f "$CGROUP_MNT_PATH/cgroup.clone_children" ]; then | ||
printf "Cgroup v1 clone_children flag: " && | ||
$SETCOLOR_SUCCESS && echo "enabled" && $SETCOLOR_NORMAL | ||
fi | ||
fi | ||
|
||
printf "Cgroup device: " && is_enabled CONFIG_CGROUP_DEVICE | ||
echo | ||
|
||
printf "Cgroup sched: " && is_enabled CONFIG_CGROUP_SCHED | ||
echo | ||
|
||
printf "Cgroup cpu account: " && is_enabled CONFIG_CGROUP_CPUACCT | ||
echo | ||
|
||
printf "Cgroup memory controller: " | ||
if { [ $KVER_MAJOR -ge 3 ] && [ $KVER_MINOR -ge 6 ]; } || [ $KVER_MAJOR -gt 3 ]; then | ||
is_enabled CONFIG_MEMCG | ||
else | ||
is_enabled CONFIG_CGROUP_MEM_RES_CTLR | ||
fi | ||
echo | ||
|
||
is_set CONFIG_SMP && printf "Cgroup cpuset: " && is_enabled CONFIG_CPUSETS && echo | ||
|
||
echo " | ||
--- Misc ---" | ||
printf "Veth pair device: " && is_enabled CONFIG_VETH && is_probed veth | ||
echo | ||
printf "Macvlan: " && is_enabled CONFIG_MACVLAN && is_probed macvlan | ||
echo | ||
printf "Vlan: " && is_enabled CONFIG_VLAN_8021Q && is_probed 8021q | ||
echo | ||
printf "Bridges: " && is_enabled CONFIG_BRIDGE && is_probed bridge | ||
echo | ||
printf "Advanced netfilter: " && is_enabled CONFIG_NETFILTER_ADVANCED && is_probed nf_tables | ||
if { [ $KVER_MAJOR -gt 3 ] && [ $KVER_MINOR -gt 6 ]; } && [ $KVER_MAJOR -lt 5 ]; then | ||
echo | ||
printf "CONFIG_NF_NAT_IPV4: " && is_enabled CONFIG_NF_NAT_IPV4 && is_probed nf_nat_ipv4 | ||
echo | ||
printf "CONFIG_NF_NAT_IPV6: " && is_enabled CONFIG_NF_NAT_IPV6 && is_probed nf_nat_ipv6 | ||
fi | ||
echo | ||
printf "CONFIG_IP_NF_TARGET_MASQUERADE: " && is_enabled CONFIG_IP_NF_TARGET_MASQUERADE && is_probed nf_nat_masquerade_ipv4 | ||
echo | ||
printf "CONFIG_IP6_NF_TARGET_MASQUERADE: " && is_enabled CONFIG_IP6_NF_TARGET_MASQUERADE && is_probed nf_nat_masquerade_ipv6 | ||
echo | ||
printf "CONFIG_NETFILTER_XT_TARGET_CHECKSUM: " && is_enabled CONFIG_NETFILTER_XT_TARGET_CHECKSUM && is_probed xt_CHECKSUM | ||
echo | ||
printf "CONFIG_NETFILTER_XT_MATCH_COMMENT: " && is_enabled CONFIG_NETFILTER_XT_MATCH_COMMENT && is_probed xt_comment | ||
echo | ||
printf "FUSE (for use with lxcfs): " && is_enabled CONFIG_FUSE_FS && is_probed fuse | ||
echo | ||
|
||
echo " | ||
--- Checkpoint/Restore ---" | ||
printf "checkpoint restore: " && is_enabled CONFIG_CHECKPOINT_RESTORE | ||
echo | ||
printf "CONFIG_FHANDLE: " && is_enabled CONFIG_FHANDLE | ||
echo | ||
printf "CONFIG_EVENTFD: " && is_enabled CONFIG_EVENTFD | ||
echo | ||
printf "CONFIG_EPOLL: " && is_enabled CONFIG_EPOLL | ||
echo | ||
printf "CONFIG_UNIX_DIAG: " && is_enabled CONFIG_UNIX_DIAG | ||
echo | ||
printf "CONFIG_INET_DIAG: " && is_enabled CONFIG_INET_DIAG | ||
echo | ||
printf "CONFIG_PACKET_DIAG: " && is_enabled CONFIG_PACKET_DIAG | ||
echo | ||
printf "CONFIG_NETLINK_DIAG: " && is_enabled CONFIG_NETLINK_DIAG | ||
echo | ||
printf "File capabilities: " | ||
if [ "${KVER_MAJOR}" = 2 ] && [ ${KVER_MINOR} -lt 33 ]; then | ||
is_enabled CONFIG_SECURITY_FILE_CAPABILITIES | ||
echo | ||
else | ||
$SETCOLOR_SUCCESS && echo "enabled" && $SETCOLOR_NORMAL | ||
fi | ||
|
||
echo " | ||
Note: Before booting a new kernel, you can check its configuration with: | ||
CONFIG=/path/to/config $0 | ||
" |