DivestOS/Patches/LineageOS-16.0/android_packages_apps_Settings/0014-microG_Toggle.patch

171 lines
7.1 KiB
Diff
Raw Normal View History

From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Tad <tad@spotco.us>
Date: Wed, 20 Apr 2022 01:04:27 -0400
Subject: [PATCH] Add a toggle for microG enablement
Copy and pasted from the GrapheneOS exec spawning toggle patch
Change-Id: Ibea6ea9bed1c2ae3491f403d9e5c17c1d1c403f1
Signed-off-by: Tad <tad@spotco.us>
---
res/values/strings.xml | 3 +
res/xml/security_dashboard_settings.xml | 6 +
.../settings/security/SecuritySettings.java | 1 +
.../SigSpoofPreferenceController.java | 106 ++++++++++++++++++
4 files changed, 116 insertions(+)
create mode 100644 src/com/android/settings/security/SigSpoofPreferenceController.java
diff --git a/res/values/strings.xml b/res/values/strings.xml
index 56f80e99c1..7c42eb79c9 100644
--- a/res/values/strings.xml
+++ b/res/values/strings.xml
@@ -10155,4 +10155,7 @@
<string name="hosts_disable_title">Disable DNS content blocker</string>
<string name="hosts_disable_summary">Disables use of the included /etc/hosts database for data collection and malware blocking.</string>
+
+ <string name="sig_spoof_title">Unprivileged microG enablement</string>
+ <string name="sig_spoof_summary">Allows official builds of microG apps to function. Not supported, not recommended. May break apps and/or degrade their security model. Notes: 1) microG connects directly to Google, 2) apps talking to microG do so using proprietary Google libraries, 3) microG can download/execute proprietary code from Google.</string>
</resources>
diff --git a/res/xml/security_dashboard_settings.xml b/res/xml/security_dashboard_settings.xml
index b7e7ff6d88..b146bc9b63 100644
--- a/res/xml/security_dashboard_settings.xml
+++ b/res/xml/security_dashboard_settings.xml
@@ -81,6 +81,12 @@
android:title="@string/hosts_disable_title"
android:summary="@string/hosts_disable_summary"
android:persistent="false" />
+
+ <SwitchPreference
+ android:key="sig_spoof"
+ android:title="@string/sig_spoof_title"
+ android:summary="@string/sig_spoof_summary"
+ android:persistent="false" />
</PreferenceCategory>
<!-- work profile security section -->
diff --git a/src/com/android/settings/security/SecuritySettings.java b/src/com/android/settings/security/SecuritySettings.java
index 60ea0d1e87..d3918919b1 100644
--- a/src/com/android/settings/security/SecuritySettings.java
+++ b/src/com/android/settings/security/SecuritySettings.java
@@ -132,6 +132,7 @@ public class SecuritySettings extends DashboardFragment {
securityPreferenceControllers.add(new ExecSpawnPreferenceController(context));
securityPreferenceControllers.add(new NativeDebugPreferenceController(context));
securityPreferenceControllers.add(new HostsPreferenceController(context));
+ securityPreferenceControllers.add(new SigSpoofPreferenceController(context));
controllers.add(new PreferenceCategoryController(context, SECURITY_CATEGORY)
.setChildren(securityPreferenceControllers));
controllers.addAll(securityPreferenceControllers);
diff --git a/src/com/android/settings/security/SigSpoofPreferenceController.java b/src/com/android/settings/security/SigSpoofPreferenceController.java
new file mode 100644
index 0000000000..258b59b0b0
--- /dev/null
+++ b/src/com/android/settings/security/SigSpoofPreferenceController.java
@@ -0,0 +1,106 @@
+/*
+ * Copyright (C) 2022 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+
+package com.android.settings.security;
+
+import android.content.Context;
+
+import android.os.UserHandle;
+import android.os.UserManager;
+import android.os.SystemProperties;
+
+import android.provider.Settings;
+
+import androidx.preference.Preference;
+import androidx.preference.PreferenceCategory;
+import androidx.preference.PreferenceGroup;
+import androidx.preference.PreferenceScreen;
+import androidx.preference.TwoStatePreference;
+import androidx.preference.SwitchPreference;
+
+import com.android.internal.widget.LockPatternUtils;
+import com.android.settings.core.PreferenceControllerMixin;
+import com.android.settingslib.core.AbstractPreferenceController;
+import com.android.settingslib.core.lifecycle.events.OnResume;
+
+public class SigSpoofPreferenceController extends AbstractPreferenceController
+ implements PreferenceControllerMixin, OnResume, Preference.OnPreferenceChangeListener {
+
+ private static final String SYS_KEY_SIG_SPOOF_ENABLE = "persist.security.sigspoof";
+ private static final String PREF_KEY_SIG_SPOOF_ENABLE = "sig_spoof";
+ private static final String PREF_KEY_SECURITY_CATEGORY = "security_category";
+
+ private PreferenceCategory mSecurityCategory;
+ private SwitchPreference mSigSpoofEnable;
+ private boolean mIsAdmin;
+ private UserManager mUm;
+
+ public SigSpoofPreferenceController(Context context) {
+ super(context);
+ mUm = UserManager.get(context);
+ }
+
+ @Override
+ public void displayPreference(PreferenceScreen screen) {
+ super.displayPreference(screen);
+ mSecurityCategory = screen.findPreference(PREF_KEY_SECURITY_CATEGORY);
+ updatePreferenceState();
+ }
+
+ @Override
+ public boolean isAvailable() {
+ mIsAdmin = mUm.isAdminUser();
+ return mIsAdmin;
+ }
+
+ @Override
+ public String getPreferenceKey() {
+ return PREF_KEY_SIG_SPOOF_ENABLE;
+ }
+
+ // TODO: should we use onCreatePreferences() instead?
+ private void updatePreferenceState() {
+ if (mSecurityCategory == null) {
+ return;
+ }
+
+ if (mIsAdmin) {
+ mSigSpoofEnable = (SwitchPreference) mSecurityCategory.findPreference(PREF_KEY_SIG_SPOOF_ENABLE);
+ mSigSpoofEnable.setChecked(SystemProperties.getInt(SYS_KEY_SIG_SPOOF_ENABLE, 0) == 1);
+ } else {
+ mSecurityCategory.removePreference(mSecurityCategory.findPreference(PREF_KEY_SIG_SPOOF_ENABLE));
+ }
+ }
+
+ @Override
+ public void onResume() {
+ updatePreferenceState();
+ if (mSigSpoofEnable != null) {
+ boolean mode = mSigSpoofEnable.isChecked();
+ SystemProperties.set(SYS_KEY_SIG_SPOOF_ENABLE, mode ? "1" : "0");
+ }
+ }
+
+ @Override
+ public boolean onPreferenceChange(Preference preference, Object value) {
+ final String key = preference.getKey();
+ if (PREF_KEY_SIG_SPOOF_ENABLE.equals(key)) {
+ final boolean mode = !mSigSpoofEnable.isChecked();
+ SystemProperties.set(SYS_KEY_SIG_SPOOF_ENABLE, mode ? "1" : "0");
+ }
+ return true;
+ }
+}