Last active
February 16, 2024 19:42
-
-
Save Linux4/ac16e6e109038763817eb54ce81a51b9 to your computer and use it in GitHub Desktop.
A script to create bootable "generic" system images from a pixel factory image package (Device must have /product and /system_ext in fstab)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| set -e | |
| SUPPORTED_VNDK_VERSIONS="34" | |
| FLASHABLE_PARTITIONS="product system system_ext" | |
| SUPPORTED_PARTITIONS="$FLASHABLE_PARTITIONS vendor" | |
| if [ $UID != 0 ]; then | |
| echo "$0: Must be run as root" | |
| exit 1 | |
| fi | |
| if [ -z "$1" ] || [ ! -e "$1" ]; then | |
| echo "Usage: $0 <factory image zip>" | |
| exit 1 | |
| fi | |
| ZIP="$1" | |
| IMAGES=$(zipinfo -1 "$ZIP" | grep /image-) | |
| if [ -z "$IMAGES" ]; then | |
| echo "This doesn't look like a pixel factory image zip!" | |
| exit 1 | |
| fi | |
| IMAGEZIP=$(basename "$IMAGES") | |
| shift | |
| SKIP_UNPACK= | |
| ADB_ROOT= | |
| INSECURE_ADB= | |
| while [ $# -gt 0 ]; do | |
| if [ "$1" = "skip_unpack" ]; then | |
| SKIP_UNPACK="1" | |
| elif [ "$1" = "adb_root" ]; then | |
| ADB_ROOT="1" | |
| elif [ "$1" = "insecure_adb" ]; then | |
| INSECURE_ADB="1" | |
| else | |
| echo "$0: Unknown option $1" | |
| exit 1 | |
| fi | |
| shift | |
| done | |
| if [ -z "$SKIP_UNPACK" ]; then | |
| unzip -p "$ZIP" "$IMAGES" > "$IMAGEZIP" | |
| for PARTITION in $SUPPORTED_PARTITIONS; do | |
| unzip -o "$IMAGEZIP" "$PARTITION".img | |
| dd if=/dev/zero bs=1M count=150 >> "$PARTITION".img | |
| /usr/sbin/resize2fs "$PARTITION".img | |
| /usr/sbin/e2fsck -E unshare_blocks "$PARTITION".img | |
| done | |
| fi | |
| mkdir -p root | |
| mount -o loop ./system.img ./root | |
| for PARTITION in $SUPPORTED_PARTITIONS; do | |
| if [ "$PARTITION" != "system" ]; then | |
| mount -o loop ./"$PARTITION".img root/"$PARTITION" | |
| fi | |
| done | |
| # Apply fixes | |
| # Set up vndk | |
| APEXDIR="root/system_ext/apex" | |
| if [ ! -d "$APEXDIR" ]; then | |
| APEXDIR="root/system/apex" | |
| fi | |
| for VNDK in $SUPPORTED_VNDK_VERSIONS; do | |
| cp com.android.vndk.v${VNDK}.apex "$APEXDIR"/ | |
| chcon u:object_r:system_file:s0 "$APEXDIR"/com.android.vndk.v${VNDK}.apex | |
| sed -i -e '/<vendor-ndk>/a\' -e " <version>$VNDK</version>" root/system_ext/etc/vintf/manifest.xml | |
| done | |
| chcon u:object_r:system_file:s0 root/system_ext/etc/vintf/manifest.xml | |
| # Copy current VNDK apex to system_ext, if needed | |
| if [ -f root/vendor/apex/com.android.vndk.current.on_vendor.apex ]; then | |
| cp -P root/vendor/apex/com.android.vndk.current.on_vendor.apex "$APEXDIR"/com.android.vndk.current.apex | |
| chcon u:object_r:system_file:s0 "$APEXDIR"/com.android.vndk.current.apex | |
| fi | |
| # Remove device framework compatibility matrix | |
| rm -f root/product/etc/vintf/compatibility_matrix*.xml | |
| # Remove device specific wifi overlay | |
| rm -rf root/product/overlay/WifiOverlay* | |
| # Remove google camera related stuff | |
| rm -rf root/product/priv-app/PixelCameraServices* | |
| rm -rf root/product/*app/GoogleCamera | |
| rm -rf root/product/etc/permissions/com.google*.camera.* | |
| rm -rf root/system_ext/etc/vintf/manifest/*camera* | |
| rm -rf root/system_ext/framework/com.google*.camera.* | |
| rm -rf root/system_ext/etc/permissions/com.google*.camera.* | |
| rm -rf root/system_ext/app/PersistentBackgroundCameraServices | |
| # Disable FUSE BPF | |
| sed -i '/ro.fuse.bpf.enabled=/d' root/product/etc/build.prop | |
| # Remove UWB | |
| rm -rf root/system_ext/priv-app/UwbVendorService | |
| rm -rf root/product/overlay/UwbOverlay* | |
| # Rooted ADB | |
| if [ ! -z "$ADB_ROOT" ]; then | |
| for PROP in "ro.debuggable=0/ro.debuggable=1" "ro.force.debuggable=0/ro.force.debuggable=1"; do | |
| sed -i "s/$PROP/g" root/system/build.prop | |
| done | |
| echo "persist.sys.usb.config=adb" >> root/system/build.prop | |
| chcon u:object_r:system_file:s0 root/system/build.prop | |
| # Patch sepolicy | |
| echo "(allow adbd self (process (setcurrent)))" >> root/system/etc/selinux/plat_sepolicy.cil | |
| echo "(allow adbd su (process (dyntransition)))" >> root/system/etc/selinux/plat_sepolicy.cil | |
| echo "(typepermissive su)" >> root/system/etc/selinux/plat_sepolicy.cil | |
| echo "(allow system_app logpersistd_logging_prop (property_service (set)))" >> root/system/etc/selinux/plat_sepolicy.cil | |
| echo "(allow system_app logpersistd_logging_prop (file (read getattr map open)))" >> root/system/etc/selinux/plat_sepolicy.cil | |
| SELINUX_MAPPING=$(ls -1 root/system/etc/selinux/mapping/ | sort | tail -n 1) | |
| cat root/system/etc/selinux/plat_sepolicy.cil root/system/etc/selinux/mapping/$SELINUX_MAPPING | sha256sum | cut -f1 -d ' ' > root/system/etc/selinux/plat_sepolicy_and_mapping.sha256 | |
| fi | |
| # Insecure ADB | |
| if [ ! -z "$INSECURE_ADB" ]; then | |
| for PROP in "ro.secure=1/ro.secure=0" "ro.adb.secure=1/ro.adb.secure=0"; do | |
| sed -i "s/$PROP/g" root/system/build.prop | |
| done | |
| if [ -z "$(grep persist.sys.usb.config=adb root/system/build.prop)" ]; then | |
| echo "persist.sys.usb.config=adb" >> root/system/build.prop | |
| fi | |
| chcon u:object_r:system_file:s0 root/system/build.prop | |
| fi | |
| for PARTITION in $SUPPORTED_PARTITIONS; do | |
| if [ "$PARTITION" != "system" ]; then | |
| umount root/"$PARTITION" | |
| fi | |
| done | |
| umount root | |
| RELEASEZIP=$(echo $IMAGEZIP | sed 's/^image/gsi/g') | |
| for PARTITION in $FLASHABLE_PARTITIONS; do | |
| zip "$RELEASEZIP" "$PARTITION".img | |
| done |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment