lineageos: support LineageOS 20

Author: Atemu

NEWS.md

@@ -8,6 +8,9 @@ changes occur which require user intervention / configuration changes.  These
 are highlights since the last update, and are not meant to be an exhaustive
 listing of changes. See the git commit log for additional details.
 
+# 2023-09-14
+- Support LineageOS version 20.0 (`androidVersion=13`)
+
 # 2022-02-10
 - Added LineageOS version 19.0. Use by setting `androidVersion=12` (thanks @Kranzes)
 - Updated vanilla flavor to 2022021005

default.nix

@@ -42,6 +42,7 @@ let
       ./modules/10
       ./modules/11
       ./modules/12
+      ./modules/13
       ./modules/9
       ./modules/apps/auditor.nix
       ./modules/apps/chromium.nix

flavors/lineageos/0001-Remove-LineageOS-keys-12.patch renamed to flavors/lineageos/0001-Remove-LineageOS-keys-19.patch

@@ -0,0 +1,33 @@
+From 0ba0ae56b5b7a4196f30b7c9cc899785797552bb Mon Sep 17 00:00:00 2001
+From: Daniel Fullmer <[email protected]>
+Date: Thu, 7 May 2020 17:52:03 -0400
+Subject: [PATCH] Remove LineageOS keys
+
+Signing target files would fail:
+extra recovery-only key(s): vendor/lineage/build/target/product/security/lineage.x509.pem
+However, that key is not available in our build environment. We don't
+want to include them anyway.
+---
+ config/common.mk | 4 ----
+ 1 file changed, 4 deletions(-)
+
+diff --git a/config/common.mk b/config/common.mk
+index 7048c9cb..25f4b197 100644
+--- a/config/common.mk
++++ b/config/common.mk
+@@ -207,12 +207,8 @@ PRODUCT_PACKAGES += \
+ PRODUCT_ENFORCE_RRO_EXCLUDED_OVERLAYS += vendor/crowdin/overlay
+ PRODUCT_PACKAGE_OVERLAYS += vendor/crowdin/overlay
+ 
+-PRODUCT_EXTRA_RECOVERY_KEYS += \
+-    vendor/lineage/build/target/product/security/lineage
+ 
+ include vendor/lineage/config/version.mk
+ 
+--include vendor/lineage-priv/keys/keys.mk
+-
+ -include $(WORKSPACE)/build_env/image-auto-bits.mk
+ -include vendor/lineage/config/partner_gms.mk
+-- 
+2.39.2
+

flavors/lineageos/0001-Remove-LineageOS-keys-20.patch

@@ -0,0 +1,32 @@
+From a0de58b8fdba9fd3725eb604dec0cdc92ccfb4a2 Mon Sep 17 00:00:00 2001
+From: Daniel Fullmer <[email protected]>
+Date: Sun, 10 May 2020 18:50:33 -0400
+Subject: [PATCH] kernel: Set constant kernel timestamp
+
+---
+ build/tasks/kernel.mk | 5 ++++-
+ 1 file changed, 4 insertions(+), 1 deletion(-)
+
+diff --git a/build/tasks/kernel.mk b/build/tasks/kernel.mk
+index 9189864d..0c98a91d 100644
+--- a/build/tasks/kernel.mk
++++ b/build/tasks/kernel.mk
+@@ -262,11 +262,14 @@ ifneq ($(TARGET_KERNEL_ADDITIONAL_FLAGS),)
+     KERNEL_MAKE_FLAGS += $(TARGET_KERNEL_ADDITIONAL_FLAGS)
+ endif
+ 
++# Use a constant timestamp
++KERNEL_TIMESTAMP := KBUILD_BUILD_TIMESTAMP="$(shell date -u -d @1)"
++
+ # Internal implementation of make-kernel-target
+ # $(1): output path (The value passed to O=)
+ # $(2): target to build (eg. defconfig, modules, dtbo.img)
+ define internal-make-kernel-target
+-$(PATH_OVERRIDE) $(KERNEL_MAKE_CMD) $(KERNEL_MAKE_FLAGS) -C $(KERNEL_SRC) O=$(KERNEL_BUILD_OUT_PREFIX)$(1) ARCH=$(KERNEL_ARCH) $(KERNEL_CROSS_COMPILE) $(KERNEL_CLANG_TRIPLE) $(KERNEL_CC) $(2)
++$(PATH_OVERRIDE) $(KERNEL_MAKE_CMD) $(KERNEL_MAKE_FLAGS) $(KERNEL_TIMESTAMP) -C $(KERNEL_SRC) O=$(KERNEL_BUILD_OUT_PREFIX)$(1) ARCH=$(KERNEL_ARCH) $(KERNEL_CROSS_COMPILE) $(KERNEL_CLANG_TRIPLE) $(KERNEL_CC) $(2)
+ endef
+ 
+ # Make an external module target
+-- 
+2.39.2
+

flavors/lineageos/0003-kernel-Set-constant-kernel-timestamp.patch renamed to flavors/lineageos/0003-kernel-Set-constant-kernel-timestamp-19.patch

@@ -5,15 +5,17 @@
 let
   inherit (lib)
     optional optionals optionalString optionalAttrs
-    elem mapAttrs mapAttrs' nameValuePair filterAttrs
+    elem filter
+    mapAttrs mapAttrs' nameValuePair filterAttrs
     attrNames getAttrs flatten remove
     mkIf mkMerge mkDefault mkForce
-    importJSON toLower hasPrefix removePrefix;
+    importJSON toLower hasPrefix removePrefix hasSuffix replaceStrings;
 
   androidVersionToLineageBranch = {
     "10" = "lineage-17.1";
     "11" = "lineage-18.1";
     "12" = "lineage-19.1";
+    "13" = "lineage-20.0";
   };
   lineageBranchToAndroidVersion = mapAttrs' (name: value: nameValuePair value name) androidVersionToLineageBranch;
 
@@ -92,15 +94,19 @@ in mkIf (config.flavor == "lineageos")
 
     {
       "vendor/lineage".patches = [
-        (if lib.versionAtLeast (toString config.androidVersion) "12"
-         then ./0001-Remove-LineageOS-keys-12.patch
-         else ./0001-Remove-LineageOS-keys.patch)
+        (if lib.versionAtLeast (toString config.androidVersion) "13"
+         then ./0001-Remove-LineageOS-keys-20.patch
+         else ./0001-Remove-LineageOS-keys-19.patch)
 
         (pkgs.substituteAll {
           src = ./0002-bootanimation-Reproducibility-fix.patch;
           inherit (pkgs) imagemagick;
         })
-        ./0003-kernel-Set-constant-kernel-timestamp.patch
+
+        (if lib.versionAtLeast (toString config.androidVersion) "13"
+         then ./0003-kernel-Set-constant-kernel-timestamp-20.patch
+         else ./0003-kernel-Set-constant-kernel-timestamp-19.patch)
+        
       ];
       "system/extras".patches = [
         # pkgutil.get_data() not working, probably because we don't use their compiled python
@@ -115,19 +121,26 @@ in mkIf (config.flavor == "lineageos")
       # So we'll just build chromium webview ourselves.
       "external/chromium-webview".enable = false;
     }
-  ] ++ optionals (deviceMetadata ? "${config.device}") [
+  ] ++ optionals (deviceMetadata ? "${config.device}") (let
     # Device-specific source dirs
-    (let
-      vendor = toLower deviceMetadata.${config.device}.vendor;
-      relpathWithDependencies = relpath: [ relpath ] ++ (flatten (map (p: relpathWithDependencies p) deviceDirs.${relpath}.deps));
-      relpaths = relpathWithDependencies "device/${vendor}/${config.device}";
-      filteredRelpaths = remove (attrNames repoDirs) relpaths; # Remove any repos that we're already including from repo json
-    in filterDirsAttrs (getAttrs filteredRelpaths deviceDirs))
-
+    vendor = toLower deviceMetadata.${config.device}.vendor;
+    relpathWithDependencies = relpath: [ relpath ] ++ (flatten (map (p: relpathWithDependencies p) deviceDirs.${relpath}.deps));
+    relpaths = relpathWithDependencies "device/${vendor}/${config.device}";
+    filteredRelpaths = remove (attrNames repoDirs) relpaths; # Remove any repos that we're already including from repo json
+
+    # Device-specific common vendor dirs
+    deviceDirsCommon = filter (path: hasPrefix "device/" path && hasSuffix "-common" path && !hasSuffix "xiaomi/sm8350-common" path) relpaths;
+    vendorDeviceDirs = map (replaceStrings [ "device/" ] [ "vendor/" ]) deviceDirsCommon;
+  in [
+    (filterDirsAttrs (getAttrs filteredRelpaths deviceDirs))
+    (filterDirsAttrs (getAttrs vendorDeviceDirs vendorDirs))
+  ]) ++ [
     # Vendor-specific source dirs
     (let
-      _vendor = toLower deviceMetadata.${config.device}.vendor;
-      vendor = if config.device == "shamu" then "motorola" else _vendor;
+      vendor = if config.androidVersion >= 13 then
+        deviceMetadata.${config.device}.vendor_dir_new
+      else
+        deviceMetadata.${config.device}.vendor_dir;
       relpath = "vendor/${vendor}";
     in filterDirsAttrs (getAttrs [relpath] vendorDirs))
   ] ++ optional (config.device == "bacon")

flavors/lineageos/0003-kernel-Set-constant-kernel-timestamp-20.patch

@@ -0,0 +1,12 @@
+diff --git a/config/Android.mk b/config/Android.mk
+--- a/config/Android.mk
++++ b/config/Android.mk
+@@ -28,6 +28,6 @@
+ 
+ $(_build-manifest_xml):
+ 	mkdir -p $(dir $@)
+-	python3 .repo/repo/repo manifest -o - -r | grep -Ev "proprietary_$(MANIFEST_EXCLUDES)" > $@
++	echo 'stubbed' > $@
+ 
+ include $(BUILD_SYSTEM)/base_rules.mk
+\ No newline at end of file

flavors/lineageos/default.nix

@@ -0,0 +1,98 @@
+From 8792b0028fe89540c95a5e66adc5557054a3e393 Mon Sep 17 00:00:00 2001
+From: Daniel Fullmer <[email protected]>
+Date: Sun, 17 May 2020 00:42:48 -0400
+Subject: [PATCH] Readonly source fix
+
+Have CopyFile just always set u+w on copied files. Fixes a bunch of
+issues that would be too difficult to track down otherwise. HACK
+
+Change-Id: Ic905ab7c3c41f013fc70c92b375f5dc41d5cf586
+---
+ core/Makefile            | 3 +++
+ core/definitions.mk      | 4 ++++
+ tools/libhost/CopyFile.c | 4 ++--
+ 3 files changed, 9 insertions(+), 2 deletions(-)
+
+diff --git a/core/Makefile b/core/Makefile
+index c4d5530aa6..c96367a163 100644
+--- a/core/Makefile
++++ b/core/Makefile
+@@ -1222,6 +1222,7 @@ INSTALLED_BOOTIMAGE_TARGET := $(PRODUCT_OUT)/boot.img
+ ifeq ($(BOARD_AVB_ENABLE),true)
+ $(INSTALLED_BOOTIMAGE_TARGET): $(INTERNAL_PREBUILT_BOOTIMAGE) $(AVBTOOL) $(BOARD_AVB_BOOT_KEY_PATH)
+ 	cp $(INTERNAL_PREBUILT_BOOTIMAGE) $@
++	chmod u+w $@
+ 	$(AVBTOOL) add_hash_footer \
+ 	    --image $@ \
+ 	    $(call get-partition-size-argument,$(BOARD_BOOTIMAGE_PARTITION_SIZE)) \
+@@ -4007,6 +4008,7 @@ INSTALLED_DTBOIMAGE_TARGET := $(PRODUCT_OUT)/dtbo.img
+ ifeq ($(BOARD_AVB_ENABLE),true)
+ $(INSTALLED_DTBOIMAGE_TARGET): $(BOARD_PREBUILT_DTBOIMAGE) $(AVBTOOL) $(BOARD_AVB_DTBO_KEY_PATH)
+ 	cp $(BOARD_PREBUILT_DTBOIMAGE) $@
++	chmod u+w $@
+ 	$(AVBTOOL) add_hash_footer \
+ 	    --image $@ \
+ 	    $(call get-partition-size-argument,$(BOARD_DTBOIMG_PARTITION_SIZE)) \
+@@ -4020,6 +4022,7 @@ UNMOUNTED_NOTICE_VENDOR_DEPS+= $(INSTALLED_DTBOIMAGE_TARGET)
+ else
+ $(INSTALLED_DTBOIMAGE_TARGET): $(BOARD_PREBUILT_DTBOIMAGE)
+ 	cp $(BOARD_PREBUILT_DTBOIMAGE) $@
++	chmod u+w $@
+ endif
+ 
+ endif # BOARD_PREBUILT_DTBOIMAGE
+diff --git a/core/definitions.mk b/core/definitions.mk
+index ce1248e2e9..4c5c3d51f3 100644
+--- a/core/definitions.mk
++++ b/core/definitions.mk
+@@ -3262,6 +3262,7 @@ define copy-file-to-target
+ @mkdir -p $(dir $@)
+ $(hide) rm -f $@
+ $(hide) cp "$<" "$@"
++$(hide) chmod u+w "$@"
+ endef
+ 
+ # Same as copy-file-to-target, but assume file is a licenes metadata file,
+@@ -3281,6 +3282,7 @@ define copy-file-to-target-with-cp
+ @mkdir -p $(dir $@)
+ $(hide) rm -f $@
+ $(hide) cp -p "$<" "$@"
++$(hide) chmod u+w "$@"
+ endef
+ 
+ # The same as copy-file-to-target, but strip out "# comment"-style
+@@ -3297,6 +3299,7 @@ define copy-file-to-new-target
+ @mkdir -p $(dir $@)
+ $(hide) rm -f $@
+ $(hide) cp $< $@
++$(hide) chmod u+w "$@"
+ endef
+ 
+ # The same as copy-file-to-new-target, but use the local
+@@ -3305,6 +3308,7 @@ define copy-file-to-new-target-with-cp
+ @mkdir -p $(dir $@)
+ $(hide) rm -f $@
+ $(hide) cp $< $@
++$(hide) chmod u+w "$@"
+ endef
+ 
+ # The same as copy-file-to-new-target, but preserve symlinks. Symlinks are
+diff --git a/tools/libhost/CopyFile.c b/tools/libhost/CopyFile.c
+index f9bda86fd1..44b36e4bdf 100644
+--- a/tools/libhost/CopyFile.c
++++ b/tools/libhost/CopyFile.c
+@@ -180,9 +180,9 @@ static int setPermissions(const char* dst, const struct stat* pSrcStat, unsigned
+         /*
+          * Set the permissions.
+          */
+-        if (chmod(dst, pSrcStat->st_mode & ~(S_IFMT)) != 0) {
++        if (chmod(dst, (pSrcStat->st_mode | S_IWUSR) & ~(S_IFMT)) != 0) {
+             DBUG(("---   unable to set perms on '%s' to 0%o: %s\n",
+-                dst, pSrcStat->st_mode & ~(S_IFMT), strerror(errno)));
++                dst, (pSrcStat->st_mode | S_IWUSR) & ~(S_IFMT), strerror(errno)));
+         }
+ #ifndef _WIN32
+         /*
+-- 
+2.39.2
+

flavors/lineageos/dont-run-repo-during-build.patch

@@ -0,0 +1,114 @@
+From 105e08518e96424d9a8deaead77290baea906f42 Mon Sep 17 00:00:00 2001
+From: Zhaofeng Li <[email protected]>
+Date: Sat, 6 Nov 2021 12:48:25 -0700
+Subject: [PATCH] Add option to include prebuilt images when signing target
+ files.
+
+Adapted from original CL from Greg Ross <[email protected]>:
+https://review.lineageos.org/c/LineageOS/android_build/+/277134
+
+When producing a signed build using sign_target_files_apks.py and a prebuilt
+vendor.img (or other prebuilt images that are to be included in the final zip)
+sign_target_files_apks.py must be told to include the prebuilt images or they
+will not be included in the final file.
+
+The build process uses the make configuration statements
+BOARD_PREBUILT_VENDORIMAGE and AB_OTA_PARTITIONS to inform the build process
+to add the image files, however since sign_target_files_apks.py is not part
+of the make system, it does not know about these configuration settings.
+
+This patch therefore adds a new command line option to the
+sign_target_files_apks.py script to allow the user to add one or more images
+to the signed-target_files.zip that is produced.
+
+The command line option has the following format:
+
+  --prebuilt_image <path to prebuilt image>
+      Specify a path to a prebuilt image file, to be added to the
+      signed_target-files.zip. This option may be repeated to add multiple
+      images.
+
+Change-Id: Id906b2e32797f95b0ee47859036ba31ea7975b64
+---
+ tools/releasetools/sign_target_files_apks.py | 30 ++++++++++++++++++++
+ 1 file changed, 30 insertions(+)
+
+diff --git a/tools/releasetools/sign_target_files_apks.py b/tools/releasetools/sign_target_files_apks.py
+index 0842af9018..b160a21c67 100755
+--- a/tools/releasetools/sign_target_files_apks.py
++++ b/tools/releasetools/sign_target_files_apks.py
+@@ -136,6 +136,11 @@ Usage:  sign_target_files_apks [flags] input_target_files output_target_files
+ 
+   --android_jar_path <path>
+       Path to the android.jar to repack the apex file.
++
++  --prebuilt_image <path to prebuilt image>
++      Specify a path to a prebuilt image file, to be added to the
++      signed_target-files.zip. This option may be repeated to add multiple
++      images.
+ """
+ 
+ from __future__ import print_function
+@@ -173,6 +178,7 @@ OPTIONS = common.OPTIONS
+ 
+ OPTIONS.extra_apks = {}
+ OPTIONS.extra_apex_payload_keys = {}
++OPTIONS.prebuilt_images = []
+ OPTIONS.skip_apks_with_path_prefix = set()
+ OPTIONS.key_map = {}
+ OPTIONS.rebuild_recovery = False
+@@ -1190,6 +1196,8 @@ def main(argv):
+       names = names.split(",")
+       for n in names:
+         OPTIONS.extra_apks[n] = key
++    elif o == "--prebuilt_image":
++      OPTIONS.prebuilt_images.append(a)
+     elif o == "--extra_apex_payload_key":
+       apex_name, key = a.split("=")
+       OPTIONS.extra_apex_payload_keys[apex_name] = key
+@@ -1339,6 +1347,7 @@ def main(argv):
+           "gki_signing_key=",
+           "gki_signing_algorithm=",
+           "gki_signing_extra_args=",
++          "prebuilt_image=",
+       ],
+       extra_option_handler=option_handler)
+ 
+@@ -1381,6 +1390,23 @@ def main(argv):
+                      platform_api_level, codename_to_api_level_map,
+                      compressed_extension)
+ 
++  if OPTIONS.prebuilt_images:
++    # Ugly Nix-specific HACK: The source file may be read-only
++    # ZipWrite really, really wants to chmod the file :(
++    # Delete all lines containing HACK
++    tempdir = tempfile.mkdtemp() # HACK
++
++    for prebuilt_image in OPTIONS.prebuilt_images:
++      image_name = os.path.basename(prebuilt_image)
++
++      temp = os.path.join(tempdir, image_name) # HACK
++      shutil.copy(prebuilt_image, temp) # HACK
++      prebuilt_image = temp # HACK
++
++      common.ZipWrite(output_zip, prebuilt_image, os.path.join("IMAGES/", image_name))
++
++    shutil.rmtree(tempdir) # HACK
++
+   common.ZipClose(input_zip)
+   common.ZipClose(output_zip)
+ 
+@@ -1390,6 +1416,10 @@ def main(argv):
+   # recovery patch is guaranteed to be regenerated there.
+   if OPTIONS.rebuild_recovery:
+     new_args.append("--rebuild_recovery")
++
++  if OPTIONS.prebuilt_images:
++    new_args.append("--add_missing")
++
+   new_args.append(args[1])
+   add_img_to_target_files.main(new_args)
+ 
+-- 
+2.33.0
+