Git-Mirrors/DivestOS
1
0
Fork 0
mirror of https://github.com/Divested-Mobile/DivestOS-Build.git synced 2024-09-27 19:56:32 +00:00
Code Issues Packages Projects Releases Wiki Activity

11.0: Initial restore

Browse Source 
I think this is like the 6th time I've done this.
I always remove it, wait a few months, pull out a device that I want to run it on
and then spend hours restoring and bringing it back. I always think to myself
do I really need to toy with this device? No, I don't, but I do it anyway. :)
This commit is contained in:
Tad 2018-12-18 15:39:55 -05:00
parent c6206ccd7e
commit 01be578137
17 changed files with 1494 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

94
Manifests/Manifest_LAOS-11.0.xml Normal file
View File

@ -0,0 +1,94 @@
<?xml version="1.0" encoding="UTF-8"?>
<manifest>
<!-- START OF UNNECESSARY REPO REMOVAL -->
<remove-project name="device/generic/mini-emulator-armv7-a-neon" />
<remove-project name="device/generic/mini-emulator-mips" />
<remove-project name="device/generic/mini-emulator-x86" />
<remove-project name="LineageOS/android_device_generic_mips" />
<remove-project name="LineageOS/android_device_generic_x86" />
<remove-project name="LineageOS/android_device_google_accessory_arduino" />
<remove-project name="LineageOS/android_device_google_accessory_demokit" />
<remove-project name="LineageOS/android_external_ant-wireless_ant_native" />
<remove-project name="LineageOS/android_external_ant-wireless_ant_service" />
<remove-project name="LineageOS/android_external_arduino" />
<remove-project name="LineageOS/android_external_bash" />
<remove-project name="LineageOS/android_external_openssh" />
<remove-project name="LineageOS/android_external_powertop" />
<remove-project name="LineageOS/android_external_unrar" />
<remove-project name="LineageOS/android_packages_apps_CMAccount" />
<remove-project name="LineageOS/android_packages_apps_CMBugreport" />
<remove-project name="LineageOS/android_packages_apps_LockClock" />
<remove-project name="LineageOS/android_packages_apps_Stk" />
<remove-project name="LineageOS/android_packages_apps_VideoEditor" />
<remove-project name="LineageOS/android_packages_apps_VoiceDialer" />
<remove-project name="LineageOS/android_packages_apps_VoicePlus" />
<remove-project name="LineageOS/android_packages_providers_PartnerBookmarksProvider" />
<remove-project name="LineageOS/android_packages_screensavers_Basic" />
<remove-project name="LineageOS/android_packages_screensavers_PhotoTable" />
<remove-project name="LineageOS/android_packages_screensavers_WebView" />
<remove-project name="LineageOS/android_packages_wallpapers_Basic" />
<remove-project name="LineageOS/android_packages_wallpapers_Galaxy4" />
<remove-project name="LineageOS/android_packages_wallpapers_HoloSpiral" />
<remove-project name="LineageOS/android_packages_wallpapers_MagicSmoke" />
<remove-project name="LineageOS/android_packages_wallpapers_MusicVisualization" />
<remove-project name="LineageOS/android_packages_wallpapers_NoiseField" />
<remove-project name="LineageOS/android_packages_wallpapers_PhaseBeam" />
<remove-project name="LineageOS/android_packages_wallpapers_PhotoPhase" />
<remove-project name="platform/cts" />
<remove-project name="platform/developers/build" />
<remove-project name="platform/developers/demos" />
<remove-project name="platform/developers/docs" />
<remove-project name="platform/developers/samples/android" />
<remove-project name="platform/docs/source.android.com" />
<remove-project name="platform/external/libssh2" />
<remove-project name="platform/prebuilts/clang/darwin-x86/3.1" />
<remove-project name="platform/prebuilts/clang/darwin-x86/3.2" />
<remove-project name="platform/prebuilts/clang/darwin-x86/arm/3.3" />
<remove-project name="platform/prebuilts/clang/darwin-x86/host/3.3" />
<remove-project name="platform/prebuilts/clang/darwin-x86/mips/3.3" />
<remove-project name="platform/prebuilts/clang/darwin-x86/x86/3.3" />
<remove-project name="platform/prebuilts/clang/linux-x86/mips/3.3" />
<remove-project name="platform/prebuilts/gcc/darwin-x86/arm/arm-eabi-4.6" />
<remove-project name="platform/prebuilts/gcc/darwin-x86/arm/arm-eabi-4.7" />
<remove-project name="platform/prebuilts/gcc/darwin-x86/arm/arm-linux-androideabi-4.6" />
<remove-project name="platform/prebuilts/gcc/darwin-x86/arm/arm-linux-androideabi-4.7" />
<remove-project name="platform/prebuilts/gcc/darwin-x86/host/headers" />
<remove-project name="platform/prebuilts/gcc/darwin-x86/host/i686-apple-darwin-4.2.1" />
<remove-project name="platform/prebuilts/gcc/darwin-x86/mips/mipsel-linux-android-4.6" />
<remove-project name="platform/prebuilts/gcc/darwin-x86/mips/mipsel-linux-android-4.7" />
<remove-project name="platform/prebuilts/gcc/darwin-x86/x86/i686-linux-android-4.6" />
<remove-project name="platform/prebuilts/gcc/darwin-x86/x86/i686-linux-android-4.7" />
<remove-project name="platform/prebuilts/gcc/darwin-x86/x86/x86_64-linux-android-4.7" />
<remove-project name="platform/prebuilts/gcc/linux-x86/mips/mipsel-linux-android-4.6" />
<remove-project name="platform/prebuilts/gcc/linux-x86/mips/mipsel-linux-android-4.7" />
<remove-project name="platform/prebuilts/python/darwin-x86/2.7.5" />
<remove-project name="platform/tools/emulator" />
<!-- END OF UNNECESSARY REPO REMOVAL -->
<!-- START OF ADDITIONAL REPOS -->
<project path="external/swiftshader" name="google/swiftshader" remote="github" revision="master" />
<!-- MicroG -->
<project path="packages/apps/GmsCore" name="microg/android_packages_apps_GmsCore" remote="github" revision="master" />
<project path="packages/apps/GsfProxy" name="microg/android_packages_apps_GsfProxy" remote="github" revision="master" />
<project path="packages/apps/FakeStore" name="microg/android_packages_apps_FakeStore" remote="github" revision="master" />
<!-- F-Droid -->
<remote name="fdroid" fetch="https://gitlab.com/fdroid/" />
<project path="packages/apps/FDroidPrivilegedExtension" name="privileged-extension.git" remote="fdroid" revision="master" />
<project path="packages/apps/FDroid" name="fdroidclient.git" remote="fdroid" revision="master" />
<!-- END OF ADDITIONAL REPOS -->
<!-- START OF DEVICE REPOS -->
<!-- ZTE AWE (n800) -->
<project path="device/zte/nex" name="spock1104/android_device_zte_nex" remote="github" revision="cm11_newkern" />
<project path="device/qcom/common" name="LineageOS/android_device_qcom_common" remote="github" revision="cm-11.0" />
<project path="kernel/zte/msm8930" name="spock1104/android_kernel_zte_msm8930" remote="github" revision="stockmod" />
<!-- Nexus 7 [2012] (grouper) -->
<project path="device/asus/grouper" name="LineageOS/android_device_asus_grouper" remote="github" />
<project path="kernel/asus/grouper" name="LineageOS/android_kernel_asus_grouper" remote="github" />
<!-- END OF DEVICE REPOS -->
</manifest>

27
Patches/LineageOS-11.0/android_external_sqlite/0001-Secure_Delete.patch Normal file
View File

@ -0,0 +1,27 @@
From de55e0158ad3a6f89718c1d9fb19d336dea34937 Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Tue, 10 Jul 2018 08:09:29 -0400
Subject: [PATCH] Enable secure_delete by default
Change-Id: Iad6cea9f6489759faee04926213163a56dab1b9b
---
dist/Android.mk | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/dist/Android.mk b/dist/Android.mk
index 96e3035..4692f3f 100644
--- a/dist/Android.mk
+++ b/dist/Android.mk
@@ -28,7 +28,8 @@ common_sqlite_flags := \
-DSQLITE_OMIT_COMPILEOPTION_DIAGS \
-DSQLITE_OMIT_LOAD_EXTENSION \
-DSQLITE_DEFAULT_FILE_PERMISSIONS=0600 \
- -Dfdatasync=fdatasync
+ -Dfdatasync=fdatasync \
+ -DSQLITE_SECURE_DELETE
common_src_files := sqlite3.c
--
2.18.0

66
Patches/LineageOS-11.0/android_frameworks_base/0001-Signature_Spoofing.patch Normal file
View File

@ -0,0 +1,66 @@
diff --git a/core/java/android/content/pm/PackageParser.java b/core/java/android/content/pm/PackageParser.java
index e6da288..66684d3 100644
--- a/core/java/android/content/pm/PackageParser.java
+++ b/core/java/android/content/pm/PackageParser.java
@@ -447,10 +447,23 @@ public class PackageParser {
}
}
if ((flags&PackageManager.GET_SIGNATURES) != 0) {
- int N = (p.mSignatures != null) ? p.mSignatures.length : 0;
- if (N > 0) {
- pi.signatures = new Signature[N];
- System.arraycopy(p.mSignatures, 0, pi.signatures, 0, N);
+ boolean handledFakeSignature = false;
+ try {
+ if (p.requestedPermissions.contains("android.permission.FAKE_PACKAGE_SIGNATURE") && p.mAppMetaData != null
+ && p.mAppMetaData.get("fake-signature") instanceof String) {
+ pi.signatures = new Signature[] {new Signature(p.mAppMetaData.getString("fake-signature"))};
+ handledFakeSignature = true;
+ }
+ } catch (Throwable t) {
+ // We should never die because of any failures, this is system code!
+ Log.w("PackageParser.FAKE_PACKAGE_SIGNATURE", t);
+ }
+ if (!handledFakeSignature) {
+ int N = (p.mSignatures != null) ? p.mSignatures.length : 0;
+ if (N > 0) {
+ pi.signatures = new Signature[N];
+ System.arraycopy(p.mSignatures, 0, pi.signatures, 0, N);
+ }
}
}
return pi;
diff --git a/core/res/AndroidManifest.xml b/core/res/AndroidManifest.xml
index 558a475..4e7aa65 100644
--- a/core/res/AndroidManifest.xml
+++ b/core/res/AndroidManifest.xml
@@ -1562,6 +1562,13 @@
android:label="@string/permlab_getPackageSize"
android:description="@string/permdesc_getPackageSize" />
+ <!-- Allows an application to change the package signature as seen by applications -->
+ <permission android:name="android.permission.FAKE_PACKAGE_SIGNATURE"
+ android:permissionGroup="android.permission-group.SYSTEM_TOOLS"
+ android:protectionLevel="dangerous"
+ android:label="@string/permlab_fakePackageSignature"
+ android:description="@string/permdesc_fakePackageSignature" />
+
<!-- @deprecated No longer useful, see
{@link android.content.pm.PackageManager#addPackageToPreferred}
for details. -->
diff --git a/core/res/res/values/strings.xml b/core/res/res/values/strings.xml
index 790e166..8e66470 100644
--- a/core/res/res/values/strings.xml
+++ b/core/res/res/values/strings.xml
@@ -1135,6 +1135,11 @@
<string name="permdesc_getPackageSize">Allows the app to retrieve its code, data, and cache sizes</string>
<!-- Title of an application permission, listed so the user can choose whether they want to allow the application to do this. -->
+ <string name="permlab_fakePackageSignature">mimic package signature</string>
+ <!-- Description of an application permission, listed so the user can choose whether they want to allow the application to do this. -->
+ <string name="permdesc_fakePackageSignature">Allows the app to use mimic another app\'s package signature.</string>
+
+ <!-- Title of an application permission, listed so the user can choose whether they want to allow the application to do this. -->
<string name="permlab_installPackages">directly install apps</string>
<!-- Description of an application permission, listed so the user can choose whether they want to allow the application to do this. -->
<string name="permdesc_installPackages">Allows the app to install new or updated

26
Patches/LineageOS-11.0/android_frameworks_base/0002-Harden_Sig_Spoofing.patch Normal file
View File

@ -0,0 +1,26 @@
From 79c65fa6741cecda0b38a4881a07ec54a4896b69 Mon Sep 17 00:00:00 2001
From: Tad <tad@spotco.us>
Date: Tue, 10 Jul 2018 08:13:23 -0400
Subject: [PATCH] Harden signature spoofing
Change-Id: Iad362df358cb9cdf6e2ce9d511f09ee6b77a90e2
---
core/res/AndroidManifest.xml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/core/res/AndroidManifest.xml b/core/res/AndroidManifest.xml
index 1e5a7ad1f9..224fea23c8 100644
--- a/core/res/AndroidManifest.xml
+++ b/core/res/AndroidManifest.xml
@@ -1598,7 +1598,7 @@
<!-- Allows an application to change the package signature as seen by applications -->
<permission android:name="android.permission.FAKE_PACKAGE_SIGNATURE"
android:permissionGroup="android.permission-group.SYSTEM_TOOLS"
- android:protectionLevel="dangerous"
+ android:protectionLevel="signature"
android:label="@string/permlab_fakePackageSignature"
android:description="@string/permdesc_fakePackageSignature" />
--
2.18.0

24
Patches/LineageOS-11.0/android_kernel_zte_msm8930/0001-MDP-Fix.patch Normal file
View File

@ -0,0 +1,24 @@
From f67900ad9370a7e7f0186b3f459dad2c74db7aae Mon Sep 17 00:00:00 2001
From: Tad <tad@spotco.us>
Date: Sun, 11 Dec 2016 23:15:20 -0500
Subject: [PATCH] Fixes
Change-Id: I55eb4f1af258b649ddc36bd822d9b28f9fd64ce9
---
include/linux/msm_mdp.h | 1 +
1 file changed, 1 insertion(+)
diff --git a/include/linux/msm_mdp.h b/include/linux/msm_mdp.h
index 8f829ef..cf6d3d0 100644
--- a/include/linux/msm_mdp.h
+++ b/include/linux/msm_mdp.h
@@ -574,6 +574,7 @@ struct mdp_buf_sync {
uint32_t acq_fen_fd_cnt;
int *acq_fen_fd;
int *rel_fen_fd;
+ int *retire_fen_fd;
};
struct mdp_buf_fence {
--
2.9.3

673
Patches/LineageOS-11.0/android_packages_apps_Settings/0001-CMStats.patch Normal file
View File

@ -0,0 +1,673 @@
From 587a8d5cfc2db51381303579b73854f06ef99d66 Mon Sep 17 00:00:00 2001
From: Tad <tad@spotco.us>
Date: Mon, 6 Nov 2017 19:01:08 -0500
Subject: [PATCH] Remove CMStats
Change-Id: I073b062a3e71c33dab4379c7c60a016595579562
---
AndroidManifest.xml | 8 --
res/xml/security_settings_cyanogenmod.xml | 30 -----
src/com/android/settings/Settings.java | 1 -
.../android/settings/cmstats/AnonymousStats.java | 127 ------------------
src/com/android/settings/cmstats/PreviewData.java | 49 -------
.../android/settings/cmstats/ReportingService.java | 149 ---------------------
.../settings/cmstats/ReportingServiceManager.java | 113 ----------------
src/com/android/settings/cmstats/Utilities.java | 99 --------------
.../settings/cyanogenmod/PrivacySettings.java | 1 -
9 files changed, 577 deletions(-)
delete mode 100644 res/xml/security_settings_cyanogenmod.xml
delete mode 100644 src/com/android/settings/cmstats/AnonymousStats.java
delete mode 100644 src/com/android/settings/cmstats/PreviewData.java
delete mode 100644 src/com/android/settings/cmstats/ReportingService.java
delete mode 100644 src/com/android/settings/cmstats/ReportingServiceManager.java
delete mode 100644 src/com/android/settings/cmstats/Utilities.java
diff --git a/AndroidManifest.xml b/AndroidManifest.xml
index 3f53b75d5..f0f89bec5 100644
--- a/AndroidManifest.xml
+++ b/AndroidManifest.xml
@@ -1871,14 +1871,6 @@
<activity android:name=".ApnEditor" />
- <activity android:name="Settings$AnonymousStatsActivity"
- android:label="@string/anonymous_statistics_title"
- android:configChanges="orientation|keyboardHidden|screenSize"
- android:clearTaskOnLaunch="true">
- <meta-data android:name="com.android.settings.FRAGMENT_CLASS"
- android:value="com.android.settings.cmstats.AnonymousStats" />
- </activity>
-
<activity android:name=".cyanogenmod.ChangeLog" />
<activity android:name=".cyanogenmod.ContributorsCloud" />
diff --git a/res/xml/security_settings_cyanogenmod.xml b/res/xml/security_settings_cyanogenmod.xml
deleted file mode 100644
index 68aba9510..000000000
--- a/res/xml/security_settings_cyanogenmod.xml
+++ /dev/null
@@ -1,30 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<!-- Copyright (C) 2013 The CyanogenMod Project
-
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
--->
-
-<PreferenceScreen
- xmlns:android="http://schemas.android.com/apk/res/android">
-
- <PreferenceCategory android:key="cmprivacy" android:title="@string/privacy_settings_cyanogenmod_category">
- <!-- Anonymous statistics - (CMStats) -->
- <PreferenceScreen
- android:key="cmstats"
- android:title="@string/anonymous_statistics_title"
- android:summary="@string/anonymous_statistics_summary"
- android:fragment="com.android.settings.cmstats.AnonymousStats" >
- </PreferenceScreen>
- </PreferenceCategory>
-
-</PreferenceScreen>
diff --git a/src/com/android/settings/Settings.java b/src/com/android/settings/Settings.java
index 81b8cf65e..464258166 100644
--- a/src/com/android/settings/Settings.java
+++ b/src/com/android/settings/Settings.java
@@ -1403,7 +1403,6 @@ public class Settings extends PreferenceActivity
public static class PaymentSettingsActivity extends Settings { /* empty */ }
public static class PrintSettingsActivity extends Settings { /* empty */ }
public static class PrintJobSettingsActivity extends Settings { /* empty */ }
- public static class AnonymousStatsActivity extends Settings { /* empty */ }
public static class ApnSettingsActivity extends Settings { /* empty */ }
public static class ApnEditorActivity extends Settings { /* empty */ }
public static class BlacklistSettingsActivity extends Settings { /* empty */ }
diff --git a/src/com/android/settings/cmstats/AnonymousStats.java b/src/com/android/settings/cmstats/AnonymousStats.java
deleted file mode 100644
index 2e6d016b7..000000000
--- a/src/com/android/settings/cmstats/AnonymousStats.java
+++ /dev/null
@@ -1,127 +0,0 @@
-/*
- * Copyright (C) 2012 The CyanogenMod Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package com.android.settings.cmstats;
-
-import android.app.AlertDialog;
-import android.app.Dialog;
-import android.content.Context;
-import android.content.DialogInterface;
-import android.content.Intent;
-import android.content.SharedPreferences;
-import android.net.Uri;
-import android.os.Bundle;
-import android.preference.CheckBoxPreference;
-import android.preference.Preference;
-import android.preference.PreferenceScreen;
-
-import android.provider.Settings;
-import com.android.settings.R;
-import com.android.settings.SettingsPreferenceFragment;
-
-public class AnonymousStats extends SettingsPreferenceFragment implements
- DialogInterface.OnClickListener, DialogInterface.OnDismissListener,
- Preference.OnPreferenceChangeListener {
- private static final String VIEW_STATS = "pref_view_stats";
-
- private static final String PREF_FILE_NAME = "CMStats";
- /* package */ static final String ANONYMOUS_OPT_IN = "pref_anonymous_opt_in";
- /* package */ static final String ANONYMOUS_LAST_CHECKED = "pref_anonymous_checked_in";
-
- private CheckBoxPreference mEnableReporting;
- private Preference mViewStats;
-
- private Dialog mOkDialog;
- private boolean mOkClicked;
-
- private SharedPreferences mPrefs;
-
- public static SharedPreferences getPreferences(Context context) {
- return context.getSharedPreferences(PREF_FILE_NAME, 0);
- }
-
- @Override
- public void onCreate(Bundle savedInstanceState) {
- super.onCreate(savedInstanceState);
-
- addPreferencesFromResource(R.xml.anonymous_stats);
-
- mPrefs = getPreferences(getActivity());
-
- PreferenceScreen prefSet = getPreferenceScreen();
- mEnableReporting = (CheckBoxPreference) prefSet.findPreference(ANONYMOUS_OPT_IN);
- mViewStats = (Preference) prefSet.findPreference(VIEW_STATS);
- }
-
- @Override
- public boolean onPreferenceTreeClick(PreferenceScreen preferenceScreen, Preference preference) {
- if (preference == mEnableReporting) {
- if (mEnableReporting.isChecked()) {
- // Display the confirmation dialog
- mOkClicked = false;
- if (mOkDialog != null) {
- mOkDialog.dismiss();
- }
- mOkDialog = new AlertDialog.Builder(getActivity())
- .setMessage(R.string.anonymous_statistics_warning)
- .setTitle(R.string.anonymous_statistics_warning_title)
- .setIconAttribute(android.R.attr.alertDialogIcon)
- .setPositiveButton(android.R.string.yes, this)
- .setNeutralButton(R.string.anonymous_learn_more, this)
- .setNegativeButton(android.R.string.no, this)
- .show();
- mOkDialog.setOnDismissListener(this);
- } else {
- // Disable reporting
- Utilities.setStatsCollectionEnabled(getActivity(), false);
- }
- } else if (preference == mViewStats) {
- // Display the stats page
- Uri uri = Uri.parse("http://stats.cyanogenmod.org");
- startActivity(new Intent(Intent.ACTION_VIEW, uri));
- } else {
- // If we didn't handle it, let preferences handle it.
- return super.onPreferenceTreeClick(preferenceScreen, preference);
- }
- return true;
- }
-
- @Override
- public boolean onPreferenceChange(Preference preference, Object newValue) {
- return false;
- }
-
- @Override
- public void onDismiss(DialogInterface dialog) {
- if (!mOkClicked) {
- mEnableReporting.setChecked(false);
- }
- }
-
- @Override
- public void onClick(DialogInterface dialog, int which) {
- if (which == DialogInterface.BUTTON_POSITIVE) {
- mOkClicked = true;
- Utilities.setStatsCollectionEnabled(getActivity(), true);
- ReportingServiceManager.launchService(getActivity());
- } else if (which == DialogInterface.BUTTON_NEGATIVE) {
- mEnableReporting.setChecked(false);
- } else {
- Uri uri = Uri.parse("http://www.cyanogenmod.org/blog/cmstats-what-it-is-and-why-you-should-opt-in");
- startActivity(new Intent(Intent.ACTION_VIEW, uri));
- }
- }
-}
diff --git a/src/com/android/settings/cmstats/PreviewData.java b/src/com/android/settings/cmstats/PreviewData.java
deleted file mode 100644
index 7a78aea51..000000000
--- a/src/com/android/settings/cmstats/PreviewData.java
+++ /dev/null
@@ -1,49 +0,0 @@
-/*
- * Copyright (C) 2012 The CyanogenMod Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package com.android.settings.cmstats;
-
-import android.content.Context;
-import android.os.Bundle;
-import android.preference.Preference;
-import android.preference.PreferenceScreen;
-
-import com.android.settings.R;
-import com.android.settings.SettingsPreferenceFragment;
-
-public class PreviewData extends SettingsPreferenceFragment {
- private static final String UNIQUE_ID = "preview_id";
- private static final String DEVICE = "preview_device";
- private static final String VERSION = "preview_version";
- private static final String COUNTRY = "preview_country";
- private static final String CARRIER = "preview_carrier";
-
- @Override
- public void onCreate(Bundle savedInstanceState) {
- super.onCreate(savedInstanceState);
-
- addPreferencesFromResource(R.xml.preview_data);
-
- final PreferenceScreen prefSet = getPreferenceScreen();
- final Context context = getActivity();
-
- prefSet.findPreference(UNIQUE_ID).setSummary(Utilities.getUniqueID(context));
- prefSet.findPreference(DEVICE).setSummary(Utilities.getDevice());
- prefSet.findPreference(VERSION).setSummary(Utilities.getModVersion());
- prefSet.findPreference(COUNTRY).setSummary(Utilities.getCountryCode(context));
- prefSet.findPreference(CARRIER).setSummary(Utilities.getCarrier(context));
- }
-}
diff --git a/src/com/android/settings/cmstats/ReportingService.java b/src/com/android/settings/cmstats/ReportingService.java
deleted file mode 100644
index 32db82011..000000000
--- a/src/com/android/settings/cmstats/ReportingService.java
+++ /dev/null
@@ -1,149 +0,0 @@
-/*
- * Copyright (C) 2012 The CyanogenMod Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package com.android.settings.cmstats;
-
-import android.app.Service;
-import android.content.Context;
-import android.content.Intent;
-import android.content.SharedPreferences;
-import android.os.AsyncTask;
-import android.os.IBinder;
-import android.util.Log;
-
-import com.android.settings.R;
-import com.android.settings.Settings;
-
-import com.google.analytics.tracking.android.GoogleAnalytics;
-import com.google.analytics.tracking.android.Tracker;
-
-import org.apache.http.NameValuePair;
-import org.apache.http.client.HttpClient;
-import org.apache.http.client.entity.UrlEncodedFormEntity;
-import org.apache.http.client.methods.HttpPost;
-import org.apache.http.impl.client.DefaultHttpClient;
-import org.apache.http.message.BasicNameValuePair;
-
-import java.io.IOException;
-import java.util.ArrayList;
-import java.util.List;
-
-public class ReportingService extends Service {
- /* package */ static final String TAG = "CMStats";
-
- private StatsUploadTask mTask;
-
- @Override
- public IBinder onBind(Intent intent) {
- return null;
- }
-
- @Override
- public int onStartCommand (Intent intent, int flags, int startId) {
- Log.d(TAG, "User has opted in -- reporting.");
-
- if (mTask == null || mTask.getStatus() == AsyncTask.Status.FINISHED) {
- mTask = new StatsUploadTask();
- mTask.execute();
- }
-
- return Service.START_REDELIVER_INTENT;
- }
-
- private class StatsUploadTask extends AsyncTask<Void, Void, Boolean> {
- @Override
- protected Boolean doInBackground(Void... params) {
- String deviceId = Utilities.getUniqueID(getApplicationContext());
- String deviceName = Utilities.getDevice();
- String deviceVersion = Utilities.getModVersion();
- String deviceCountry = Utilities.getCountryCode(getApplicationContext());
- String deviceCarrier = Utilities.getCarrier(getApplicationContext());
- String deviceCarrierId = Utilities.getCarrierId(getApplicationContext());
-
- Log.d(TAG, "SERVICE: Device ID=" + deviceId);
- Log.d(TAG, "SERVICE: Device Name=" + deviceName);
- Log.d(TAG, "SERVICE: Device Version=" + deviceVersion);
- Log.d(TAG, "SERVICE: Country=" + deviceCountry);
- Log.d(TAG, "SERVICE: Carrier=" + deviceCarrier);
- Log.d(TAG, "SERVICE: Carrier ID=" + deviceCarrierId);
-
- // report to google analytics
- GoogleAnalytics ga = GoogleAnalytics.getInstance(ReportingService.this);
- Tracker tracker = ga.getTracker(getString(R.string.ga_trackingId));
- tracker.sendEvent(deviceName, deviceVersion, deviceCountry, null);
-
- // this really should be set at build time...
- // format of version should be:
- // version[-date-type]-device
- String[] parts = deviceVersion.split("-");
- String deviceVersionNoDevice = null;
- if (parts.length == 2) {
- deviceVersionNoDevice = parts[0];
- } else if (parts.length == 4) {
- deviceVersionNoDevice = parts[0] + "-" + parts[2];
- }
-
- if (deviceVersionNoDevice != null) {
- tracker.sendEvent("checkin", deviceName, deviceVersionNoDevice, null);
- }
- tracker.close();
-
- // report to the cmstats service
- HttpClient httpClient = new DefaultHttpClient();
- HttpPost httpPost = new HttpPost("https://stats.cyanogenmod.org/submit");
- boolean success = false;
-
- try {
- List<NameValuePair> kv = new ArrayList<NameValuePair>(5);
- kv.add(new BasicNameValuePair("device_hash", deviceId));
- kv.add(new BasicNameValuePair("device_name", deviceName));
- kv.add(new BasicNameValuePair("device_version", deviceVersion));
- kv.add(new BasicNameValuePair("device_country", deviceCountry));
- kv.add(new BasicNameValuePair("device_carrier", deviceCarrier));
- kv.add(new BasicNameValuePair("device_carrier_id", deviceCarrierId));
-
- httpPost.setEntity(new UrlEncodedFormEntity(kv));
- httpClient.execute(httpPost);
-
- success = true;
- } catch (IOException e) {
- Log.w(TAG, "Could not upload stats checkin", e);
- }
-
- return success;
- }
-
- @Override
- protected void onPostExecute(Boolean result) {
- final Context context = ReportingService.this;
- long interval;
-
- if (result) {
- final SharedPreferences prefs = AnonymousStats.getPreferences(context);
- prefs.edit().putLong(AnonymousStats.ANONYMOUS_LAST_CHECKED,
- System.currentTimeMillis()).apply();
- // use set interval
- interval = 0;
- } else {
- // error, try again in 3 hours
- interval = 3L * 60L * 60L * 1000L;
- }
-
- ReportingServiceManager.setAlarm(context, interval);
- stopSelf();
- }
- }
-}
diff --git a/src/com/android/settings/cmstats/ReportingServiceManager.java b/src/com/android/settings/cmstats/ReportingServiceManager.java
deleted file mode 100644
index 540f55e4d..000000000
--- a/src/com/android/settings/cmstats/ReportingServiceManager.java
+++ /dev/null
@@ -1,113 +0,0 @@
-/*
- * Copyright (C) 2012 The CyanogenMod Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package com.android.settings.cmstats;
-
-import android.app.AlarmManager;
-import android.app.PendingIntent;
-import android.content.BroadcastReceiver;
-import android.content.Context;
-import android.content.Intent;
-import android.content.SharedPreferences;
-import android.net.ConnectivityManager;
-import android.net.NetworkInfo;
-import android.provider.Settings;
-import android.util.Log;
-
-public class ReportingServiceManager extends BroadcastReceiver {
- private static final long MILLIS_PER_HOUR = 60L * 60L * 1000L;
- private static final long MILLIS_PER_DAY = 24L * MILLIS_PER_HOUR;
- private static final long UPDATE_INTERVAL = 1L * MILLIS_PER_DAY;
-
- @Override
- public void onReceive(Context context, Intent intent) {
- if (intent.getAction().equals(Intent.ACTION_BOOT_COMPLETED)) {
- setAlarm(context, 0);
- } else {
- launchService(context);
- }
- }
-
- public static void setAlarm(Context context, long millisFromNow) {
- SharedPreferences prefs = AnonymousStats.getPreferences(context);
- if (prefs.contains(AnonymousStats.ANONYMOUS_OPT_IN)) {
- migrate(context, prefs);
- }
- if (!Utilities.isStatsCollectionEnabled(context)) {
- return;
- }
-
- if (millisFromNow <= 0) {
- long lastSynced = prefs.getLong(AnonymousStats.ANONYMOUS_LAST_CHECKED, 0);
- if (lastSynced == 0) {
- // never synced, so let's fake out that the last sync was just now.
- // this will allow the user tFrame time to opt out before it will start
- // sending up anonymous stats.
- lastSynced = System.currentTimeMillis();
- prefs.edit().putLong(AnonymousStats.ANONYMOUS_LAST_CHECKED, lastSynced).apply();
- Log.d(ReportingService.TAG, "Set alarm for first sync.");
- }
- millisFromNow = (lastSynced + UPDATE_INTERVAL) - System.currentTimeMillis();
- }
-
- Intent intent = new Intent(ConnectivityManager.CONNECTIVITY_ACTION);
- intent.setClass(context, ReportingServiceManager.class);
-
- AlarmManager alarmManager = (AlarmManager) context.getSystemService(Context.ALARM_SERVICE);
- alarmManager.set(AlarmManager.RTC_WAKEUP, System.currentTimeMillis() + millisFromNow,
- PendingIntent.getBroadcast(context, 0, intent, 0));
- Log.d(ReportingService.TAG, "Next sync attempt in : " + millisFromNow / MILLIS_PER_HOUR + " hours");
- }
-
- public static void launchService(Context context) {
- ConnectivityManager cm = (ConnectivityManager)
- context.getSystemService(Context.CONNECTIVITY_SERVICE);
-
- NetworkInfo networkInfo = cm.getActiveNetworkInfo();
- if (networkInfo == null || !networkInfo.isConnected()) {
- return;
- }
-
- SharedPreferences prefs = AnonymousStats.getPreferences(context);
-
- if (!Utilities.isStatsCollectionEnabled(context)) {
- return;
- }
-
- long lastSynced = prefs.getLong(AnonymousStats.ANONYMOUS_LAST_CHECKED, 0);
- if (lastSynced == 0) {
- setAlarm(context, 0);
- return;
- }
- long timeElapsed = System.currentTimeMillis() - lastSynced;
- if (timeElapsed < UPDATE_INTERVAL) {
- long timeLeft = UPDATE_INTERVAL - timeElapsed;
- Log.d(ReportingService.TAG, "Waiting for next sync : " + timeLeft / MILLIS_PER_HOUR + " hours");
- return;
- }
-
- Intent intent = new Intent();
- intent.setClass(context, ReportingService.class);
- context.startService(intent);
- }
-
- private static void migrate(Context context, SharedPreferences prefs) {
- Utilities.setStatsCollectionEnabled(context,
- prefs.getBoolean(AnonymousStats.ANONYMOUS_OPT_IN, true));
- prefs.edit().remove(AnonymousStats.ANONYMOUS_OPT_IN).commit();
- }
-
-}
diff --git a/src/com/android/settings/cmstats/Utilities.java b/src/com/android/settings/cmstats/Utilities.java
deleted file mode 100644
index 4d4ff48fa..000000000
--- a/src/com/android/settings/cmstats/Utilities.java
+++ /dev/null
@@ -1,99 +0,0 @@
-/*
- * Copyright (C) 2012 The CyanogenMod Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package com.android.settings.cmstats;
-
-import android.content.Context;
-import android.os.SystemProperties;
-import android.provider.Settings;
-import android.telephony.TelephonyManager;
-import android.text.TextUtils;
-
-import java.math.BigInteger;
-import java.net.NetworkInterface;
-import java.security.MessageDigest;
-
-public class Utilities {
- public static String getUniqueID(Context context) {
- final String id = Settings.Secure.getString(context.getContentResolver(), Settings.Secure.ANDROID_ID);
- return digest(context.getPackageName() + id);
- }
-
- public static String getCarrier(Context context) {
- TelephonyManager tm = (TelephonyManager) context.getSystemService(Context.TELEPHONY_SERVICE);
- String carrier = tm.getNetworkOperatorName();
- if (TextUtils.isEmpty(carrier)) {
- carrier = "Unknown";
- }
- return carrier;
- }
-
- public static String getCarrierId(Context context) {
- TelephonyManager tm = (TelephonyManager) context.getSystemService(Context.TELEPHONY_SERVICE);
- String carrierId = tm.getNetworkOperator();
- if (TextUtils.isEmpty(carrierId)) {
- carrierId = "0";
- }
- return carrierId;
- }
-
- public static String getCountryCode(Context context) {
- TelephonyManager tm = (TelephonyManager) context.getSystemService(Context.TELEPHONY_SERVICE);
- String countryCode = tm.getNetworkCountryIso();
- if (TextUtils.isEmpty(countryCode)) {
- countryCode = "Unknown";
- }
- return countryCode;
- }
-
- public static String getDevice() {
- return SystemProperties.get("ro.cm.device");
- }
-
- public static String getModVersion() {
- return SystemProperties.get("ro.cm.version");
- }
-
- public static String digest(String input) {
- try {
- MessageDigest md = MessageDigest.getInstance("MD5");
- return new BigInteger(1, md.digest(input.getBytes())).toString(16).toUpperCase();
- } catch (Exception e) {
- return null;
- }
- }
-
- /**
- * Check to see if global stats are enabled.
- * @param context
- * @return Whether or not stats collection is enabled.
- */
- public static boolean isStatsCollectionEnabled(Context context) {
- return Settings.System.getInt(context.getContentResolver(),
- Settings.System.STATS_COLLECTION, 1) != 0;
- }
-
- /**
- * Enabled or disable stats collection
- * @param context
- * @param enabled Boolean that sets collection being enabled.
- */
- public static void setStatsCollectionEnabled(Context context, boolean enabled) {
- int enable = (enabled) ? 1 : 0;
- Settings.System.putInt(context.getContentResolver(),
- Settings.System.STATS_COLLECTION, enable);
- }
-}
diff --git a/src/com/android/settings/cyanogenmod/PrivacySettings.java b/src/com/android/settings/cyanogenmod/PrivacySettings.java
index 49bc7b497..6c6021f76 100644
--- a/src/com/android/settings/cyanogenmod/PrivacySettings.java
+++ b/src/com/android/settings/cyanogenmod/PrivacySettings.java
@@ -54,7 +54,6 @@ public class PrivacySettings extends SettingsPreferenceFragment {
mBlacklist = null;
}
- addPreferencesFromResource(R.xml.security_settings_cyanogenmod);
}
@Override
--
2.15.0

30
Patches/LineageOS-11.0/android_system_core/0001-Harden_Mounts.patch Normal file
View File

@ -0,0 +1,30 @@
From f19ab3bce2115c6ddf24528885305c3ba038f29b Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Tue, 10 Jul 2018 08:22:08 -0400
Subject: [PATCH] Harden mounts
Change-Id: I2db94882224672cac3e54f7d8422d1e036828378
---
init/init.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/init/init.c b/init/init.c
index 53e0dae1..d022253b 100644
--- a/init/init.c
+++ b/init/init.c
@@ -1136,9 +1136,9 @@ int main(int argc, char **argv)
mount("tmpfs", "/dev", "tmpfs", MS_NOSUID, "mode=0755");
mkdir("/dev/pts", 0755);
mkdir("/dev/socket", 0755);
- mount("devpts", "/dev/pts", "devpts", 0, NULL);
- mount("proc", "/proc", "proc", 0, NULL);
- mount("sysfs", "/sys", "sysfs", 0, NULL);
+ mount("devpts", "/dev/pts", "devpts", MS_NOSUID|MS_NOEXEC, NULL);
+ mount("proc", "/proc", "proc", MS_NOSUID|MS_NODEV|MS_NOEXEC, NULL);
+ mount("sysfs", "/sys", "sysfs", MS_NOSUID|MS_NODEV|MS_NOEXEC, NULL);
/* indicate that booting is in progress to background fw loaders, etc */
close(open("/dev/.booting", O_WRONLY | O_CREAT, 0000));
--
2.18.0

0
Scripts/Common/Deblob.sh Executable file → Normal file
View File

75
Scripts/LineageOS-11.0/CVE_Patchers/android_kernel_asus_grouper.sh Normal file
View File

@ -0,0 +1,75 @@
#!/bin/bash
cd "$DOS_BUILD_BASE""kernel/asus/grouper"
git apply $DOS_PATCHES_LINUX_CVES/0014-GCC_Patches/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6689/^3.5/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6701/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6704/^3.5/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-2015/^3.8/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-1739/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-2523/^3.13/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-4656/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-9420/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-9683/^3.18/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-9715/^3.14/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-9895/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-9900/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-1534/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-2041/^3.19/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-2686/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7550/^4.3/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8215/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8944/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-0723/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-0821/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2185/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2186/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2384/^4.5/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2438/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2544/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2545/^4.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2546/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2549/^4.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3134/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3857/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-4569/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-4578/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-4578/ANY/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5829/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6753/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6828/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-7117/^4.5/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-7910/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-7915/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8399/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8406/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-9604/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-9793/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-9794/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0403/3.0-^3.18/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0404/^3.18/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0648/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0786/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000380/^4.11/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11090/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11473/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13080/ANY/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13215/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13246/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-15265/^4.14/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16526/^4.13/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16532/^4.13/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16533/^4.13/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16537/^4.13/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0005.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0006.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17806/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-6074/^4.9/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-6345/^4.9/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-6348/^4.9/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7308/ANY/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7487/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/Untracked/ANY/0008-nfsd-check-for-oversized-NFSv2-v3-arguments.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000111/ANY/0001.patch
editKernelLocalversion "-dos.p71"
cd "$DOS_BUILD_BASE"

136
Scripts/LineageOS-11.0/CVE_Patchers/android_kernel_zte_msm8930.sh Normal file
View File

@ -0,0 +1,136 @@
#!/bin/bash
cd "$DOS_BUILD_BASE""kernel/zte/msm8930"
git apply $DOS_PATCHES_LINUX_CVES/0012-Copperhead-Deny_USB/3.4/3.4-Backport.patch
git apply $DOS_PATCHES_LINUX_CVES/0013-syskaller-Misc/ANY/0008.patch
git apply $DOS_PATCHES_LINUX_CVES/0014-GCC_Patches/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6657/^3.5/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6701/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6703/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6703/ANY/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6704/^3.5/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-2015/^3.8/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-0196/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-1739/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-2523/^3.13/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-3153/ANY/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-3153/ANY/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-4323/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-4655/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-4656/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-7822/3.2-^3.16/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-7970/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-8709/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-9420/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-9683/^3.18/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-9715/^3.14/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-9870/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-9888/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-9900/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-1420/3.2-^3.19/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-1593/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-1805/3.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-2041/^3.19/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-2686/ANY/0001.patch
#git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-2922/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-3636/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7550/^4.3/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8215/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8937/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8939/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8944/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-0723/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-0774/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-0806/prima/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-0806/prima/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-0806/prima/0006.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-0806/prima/0007.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-0806/prima/0010.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-0821/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-10233/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2185/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2186/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2384/^4.5/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2438/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2544/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2545/^4.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2546/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2549/^4.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3134/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3138/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3854/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3857/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3865/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3894/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-4569/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-4578/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-4578/ANY/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-4805/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5829/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6672/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6728/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6753/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6791/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6828/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-7117/^4.5/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-7910/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-7915/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8399/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8404/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8406/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8463/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8650/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-9576/3.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-9604/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-9793/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-9794/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0403/3.0-^3.18/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0404/^3.18/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0524/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0611/3.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0648/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0710/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0751/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0786/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000251/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000380/^4.11/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11015/prima/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11015/prima/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11089/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11090/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11473/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-12153/3.2-^3.16/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13080/ANY/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13080-Extra/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13080-Extra/ANY/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13080-Extra/ANY/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13080-Extra/ANY/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13215/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13246/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-15265/^4.14/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16526/^4.13/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16532/^4.13/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16533/^4.13/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16535/^4.13/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16537/^4.13/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16650/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0005.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0006.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17806/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-2671/^4.10/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-6074/^4.9/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-6345/^4.9/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-6348/^4.9/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-6951/^3.14/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7308/ANY/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7487/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7533/3.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8246/3.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8246/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8254/3.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8254/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9242/^4.11/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/Untracked/ANY/0008-nfsd-check-for-oversized-NFSv2-v3-arguments.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000111/ANY/0001.patch
editKernelLocalversion "-dos.p132"
cd "$DOS_BUILD_BASE"

44
Scripts/LineageOS-11.0/Defaults.sh Normal file
View File

@ -0,0 +1,44 @@
#!/bin/bash
#DivestOS: A privacy oriented Android distribution
#Copyright (c) 2017-2018 Divested Computing, Inc.
#
#This program is free software: you can redistribute it and/or modify
#it under the terms of the GNU General Public License as published by
#the Free Software Foundation, either version 3 of the License, or
#(at your option) any later version.
#
#This program is distributed in the hope that it will be useful,
#but WITHOUT ANY WARRANTY; without even the implied warranty of
#MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
#GNU General Public License for more details.
#
#You should have received a copy of the GNU General Public License
#along with this program. If not, see <https://www.gnu.org/licenses/>.
#Changes various default settings
#Last verified: 2018-07-10
#Useful commands
#nano $(find . -name "config.xml" | grep "values/" | grep -v "device" | grep -v "tests")
#nano $(find . -name "defaults.xml" | grep "values/" | grep -v "device")
echo "Changing default settings...";
enter "packages/apps/Dialer";
sed -i 's/ENABLE_FORWARD_LOOKUP, 1)/ENABLE_FORWARD_LOOKUP, 0)/' src/com/android/dialer/*/LookupSettings*.java; #Disable FLP
sed -i 's/ENABLE_PEOPLE_LOOKUP, 1)/ENABLE_PEOPLE_LOOKUP, 0)/' src/com/android/dialer/*/LookupSettings*.java; #Disable PLP
sed -i 's/ENABLE_REVERSE_LOOKUP, 1)/ENABLE_REVERSE_LOOKUP, 0)/' src/com/android/dialer/*/LookupSettings*.java; #Disable RLP
enter "packages/apps/Nfc";
sed -i 's/boolean NFC_ON_DEFAULT = true;/boolean NFC_ON_DEFAULT = false;/' src/com/android/nfc/NfcService.java; #Disable NFC
sed -i 's/boolean NDEF_PUSH_ON_DEFAULT = true;/boolean NDEF_PUSH_ON_DEFAULT = false;/' src/com/android/nfc/NfcService.java; #Disable NDEF Push
enter "packages/apps/Settings";
sed -i 's/Float.parseFloat(newValue.toString()) : 1;/Float.parseFloat(newValue.toString()) : 0.5f;/' src/com/android/settings/DevelopmentSettings.java; #Always reset animation scales to 0.5
enter "vendor/cm";
sed -i 's/ro.config.notification_sound=Argon.ogg/ro.config.notification_sound=Pong.ogg/' config/common*.mk;
sed -i 's/ro.config.alarm_alert=Hassium.ogg/ro.config.alarm_alert=Alarm_Buzzer.ogg/' config/common*.mk;
cd "$DOS_BUILD_BASE";
echo "Default settings changed!";

70
Scripts/LineageOS-11.0/Functions.sh Normal file
View File

@ -0,0 +1,70 @@
#!/bin/bash
#DivestOS: A privacy oriented Android distribution
#Copyright (c) 2017-2018 Divested Computing, Inc.
#
#This program is free software: you can redistribute it and/or modify
#it under the terms of the GNU General Public License as published by
#the Free Software Foundation, either version 3 of the License, or
#(at your option) any later version.
#
#This program is distributed in the hope that it will be useful,
#but WITHOUT ANY WARRANTY; without even the implied warranty of
#MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
#GNU General Public License for more details.
#
#You should have received a copy of the GNU General Public License
#along with this program. If not, see <https://www.gnu.org/licenses/>.
#Last verified: 2018-07-10
patchAllKernels() {
startPatcher "kernel_asus_grouper kernel_zte_msm8930";
}
export -f patchAllKernels;
resetWorkspace() {
repo forall -c 'git add -A && git reset --hard' && rm -rf packages/apps/{FDroid,GmsCore} out && repo sync -j20 --force-sync;
}
export -f resetWorkspace;
scanWorkspaceForMalware() {
scanQueue="$DOS_BUILD_BASE/abi $DOS_BUILD_BASE/android $DOS_BUILD_BASE/bionic $DOS_BUILD_BASE/bootable $DOS_BUILD_BASE/build $DOS_BUILD_BASE/dalvik $DOS_BUILD_BASE/device $DOS_BUILD_BASE/hardware $DOS_BUILD_BASE/libcore $DOS_BUILD_BASE/libnativehelper $DOS_BUILD_BASE/ndk $DOS_BUILD_BASE/packages $DOS_BUILD_BASE/pdk $DOS_BUILD_BASE/sdk $DOS_BUILD_BASE/system";
scanQueue=$scanQueue" $DOS_BUILD_BASE/vendor/cm $DOS_BUILD_BASE/vendor/cmsdk";
scanForMalware true $scanQueue;
}
export -f scanWorkspaceForMalware;
buildDevice() {
brunch "cm_$1-user";
}
export -f buildDevice;
buildDeviceDebug() {
unset SIGNING_KEY_DIR;
unset OTA_PACKAGE_SIGNING_KEY;
brunch "cm_$1-eng";
}
export -f buildDeviceDebug;
buildAll() {
if [ "$DOS_MALWARE_SCAN_ENABLED" = true ]; then scanWorkspaceForMalware; fi;
#Select devices are userdebug due to SELinux policy issues
brunch lineage_grouper-userdebug;
brunch lineage_nex-userdebug;
}
export -f buildAll;
patchWorkspace() {
if [ "$DOS_MALWARE_SCAN_ENABLED" = true ]; then scanForMalware false "$DOS_PREBUILT_APPS $DOS_BUILD_BASE/build $DOS_BUILD_BASE/device $DOS_BUILD_BASE/vendor/cm"; fi;
#source build/envsetup.sh;
source "$DOS_SCRIPTS/Patch.sh";
source "$DOS_SCRIPTS/Defaults.sh";
source "$DOS_SCRIPTS/Rebrand.sh";
#if [ "$DOS_OVERCLOCKS_ENABLED" = true ]; then source "$DOS_SCRIPTS/Overclock.sh"; fi;
source "$DOS_SCRIPTS/Optimize.sh";
source "$DOS_SCRIPTS_COMMON/Deblob.sh";
source "$DOS_SCRIPTS_COMMON/Patch_CVE.sh";
source build/envsetup.sh;
}
export -f patchWorkspace;

27
Scripts/LineageOS-11.0/Optimize.sh Normal file
View File

@ -0,0 +1,27 @@
#!/bin/bash
#DivestOS: A privacy oriented Android distribution
#Copyright (c) 2017-2018 Divested Computing, Inc.
#
#This program is free software: you can redistribute it and/or modify
#it under the terms of the GNU General Public License as published by
#the Free Software Foundation, either version 3 of the License, or
#(at your option) any later version.
#
#This program is distributed in the hope that it will be useful,
#but WITHOUT ANY WARRANTY; without even the implied warranty of
#MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
#GNU General Public License for more details.
#
#You should have received a copy of the GNU General Public License
#along with this program. If not, see <https://www.gnu.org/licenses/>.
#Attempts to increase performance and battery life
#Last verified: 2018-07-10
echo "Optimizing...";
enter "kernel"
sed -i "s/#define VM_MAX_READAHEAD\t128/#define VM_MAX_READAHEAD\t512/" ./*/*/include/linux/mm.h; #Lee Susman <lsusman@codeaurora.org>: Change the VM_MAX_READAHEAD value from the default 128KB to 512KB. This will allow the readahead window to grow to a maximum size of 512KB, which greatly benefits to sequential read throughput.
cd "$DOS_BUILD_BASE";
echo "Optimizing complete!";

151
Scripts/LineageOS-11.0/Patch.sh Normal file
View File

@ -0,0 +1,151 @@
#!/bin/bash
#DivestOS: A privacy oriented Android distribution
#Copyright (c) 2015-2018 Divested Computing, Inc.
#
#This program is free software: you can redistribute it and/or modify
#it under the terms of the GNU General Public License as published by
#the Free Software Foundation, either version 3 of the License, or
#(at your option) any later version.
#
#This program is distributed in the hope that it will be useful,
#but WITHOUT ANY WARRANTY; without even the implied warranty of
#MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
#GNU General Public License for more details.
#
#You should have received a copy of the GNU General Public License
#along with this program. If not, see <https://www.gnu.org/licenses/>.
#Last verified: 2018-07-10
#Initialize aliases
#source ../../Scripts/init.sh
#Delete Everything and Sync
#resetWorkspace
#Apply all of our changes
#patchWorkspace
#Build!
#buildDevice [device]
#buildAll
#Generate an incremental
#./build/tools/releasetools/ota_from_target_files --block -t 8 -i old.zip new.zip update.zip
#Generate firmware deblobber
#mka firmware_deblobber
#
#START OF PREPRATION
#
#Download some (non-executable) out-of-tree files for use later on
cd "$DOS_TMP_DIR";
if [ "$DOS_HOSTS_BLOCKING" = true ]; then wget "$DOS_HOSTS_BLOCKING_LIST" -N; fi;
cd "$DOS_BUILD_BASE";
#Accept all SDK licences, not normally needed but Gradle managed apps fail without it
mkdir -p "$ANDROID_HOME/licenses";
echo -e "\n8933bad161af4178b1185d1a37fbf41ea5269c55\nd56f5187479451eabf01fb78af6dfcb131a6481e" > "$ANDROID_HOME/licenses/android-sdk-license";
echo -e "\n84831b9409646a918e30573bab4c9c91346d8abd" > "$ANDROID_HOME/licenses/android-sdk-preview-license";
#
#END OF PREPRATION
#
#
#START OF ROM CHANGES
#
#top dir
cp -r "$DOS_PREBUILT_APPS""Fennec_DOS-Shim" "$DOS_BUILD_BASE""packages/apps/"; #Add a shim to install Fennec DOS without actually including the large APK
gpgVerifyDirectory "$DOS_PREBUILT_APPS""android_vendor_FDroid_PrebuiltApps/packages";
cp -r "$DOS_PREBUILT_APPS""android_vendor_FDroid_PrebuiltApps/." "$DOS_BUILD_BASE""vendor/fdroid_prebuilt/"; #Add the prebuilt apps
cp -r "$DOS_PATCHES_COMMON""android_vendor_divested/." "$DOS_BUILD_BASE""vendor/divested/"; #Add our vendor files
enterAndClear "build";
#patch -p1 < "$DOS_PATCHES/android_build/0001-Automated_Build_Signing.patch"; #Automated build signing (CopperheadOS-13.0) #TODO
sed -i 's/Mms/Silence/' target/product/*.mk; #Replace AOSP Messaging app with Silence
sed -i '50i$(my_res_package): PRIVATE_AAPT_FLAGS += --auto-add-overlay' core/aapt2.mk; #TODO PR FIX ME
sed -i '296iLOCAL_AAPT_FLAGS += --auto-add-overlay' core/package_internal.mk;
enterAndClear "external/sqlite";
patch -p1 < "$DOS_PATCHES/android_external_sqlite/0001-Secure_Delete.patch"; #Enable secure_delete by default (CopperheadOS-13.0)
enterAndClear "frameworks/base";
sed -i 's/com.android.mms/org.smssecure.smssecure/' core/res/res/values/config.xml; #Change default SMS app to Silence
sed -i 's|db_default_journal_mode">PERSIST|db_default_journal_mode">TRUNCATE|' core/res/res/values/config.xml; #Mirror SQLite secure_delete
if [ "$DOS_MICROG_INCLUDED" = "FULL" ]; then patch -p1 < "$DOS_PATCHES/android_frameworks_base/0001-Signature_Spoofing.patch"; fi; #Allow packages to spoof their signature (microG)
if [ "$DOS_MICROG_INCLUDED" = "FULL" ]; then patch -p1 < "$DOS_PATCHES/android_frameworks_base/0002-Harden_Sig_Spoofing.patch"; fi; #Restrict signature spoofing to system apps signed with the platform key
changeDefaultDNS;
#patch -p1 < "$DOS_PATCHES/android_frameworks_base/0008-Disable_Analytics.patch"; #Disable/reduce functionality of various ad/analytics libraries #TODO
enterAndClear "packages/apps/Settings";
sed -i 's/private int mPasswordMaxLength = 16;/private int mPasswordMaxLength = 48;/' src/com/android/settings/ChooseLockPassword.java; #Increase max password length
if [ "$DOS_MICROG_INCLUDED" = "FULL" ]; then sed -i 's/GSETTINGS_PROVIDER = "com.google.settings";/GSETTINGS_PROVIDER = "com.google.oQuae4av";/' src/com/android/settings/PrivacySettings.java; fi; #microG doesn't support Backup, hide the options
#patch -p1 < "$DOS_PATCHES/android_packages_apps_Settings/0001-CMStats.patch"; #Remove CMStats #TOOD
enterAndClear "packages/apps/Trebuchet";
#cp -r "$DOS_PATCHES_COMMON/android_packages_apps_Trebuchet/default_workspace/." "res/xml/"; #TODO
sed -i 's/mCropView.setTouchEnabled(touchEnabled);/mCropView.setTouchEnabled(true);/' WallpaperPicker/src/com/android/launcher3/WallpaperCropActivity.java;
enterAndClear "system/core";
if [ "$DOS_HOSTS_BLOCKING" = true ]; then cat "$DOS_HOSTS_FILE" >> rootdir/etc/hosts; fi; #Merge in our HOSTS file
patch -p1 < "$DOS_PATCHES/android_system_core/0001-Harden_Mounts.patch"; #Harden mounts with nodev/noexec/nosuid (CopperheadOS-13.0)
enterAndClear "vendor/cm";
rm -rf terminal;
awk -i inplace '!/50-cm.sh/' config/common.mk; #Make sure our hosts is always used
if [ "$DOS_DEBLOBBER_REMOVE_AUDIOFX" = true ]; then
awk -i inplace '!/DSPManager/' config/common.mk;
fi;
if [ "$DOS_MICROG_INCLUDED" = "NLP" ]; then sed -i '/Google provider/!b;n;s/com.google.android.gms/org.microg.nlp/' overlay/common/frameworks/base/core/res/res/values/config.xml; fi;
sed -i 's/CM_BUILDTYPE := UNOFFICIAL/CM_BUILDTYPE := dos/' config/common.mk; #Change buildtype
if [ "$DOS_NON_COMMERCIAL_USE_PATCHES" = true ]; then sed -i 's/CM_BUILDTYPE := dos/CM_BUILDTYPE := dosNC/' config/common.mk; fi;
sed -i 's/Mms/Silence/' config/telephony.mk; #Replace AOSP Messaging app with Silence
echo 'include vendor/divested/divestos.mk' >> config/common.mk; #Include our customizations
enter "vendor/divested";
if [ "$DOS_MICROG_INCLUDED" = "FULL" ]; then echo "PRODUCT_PACKAGES += GmsCore GsfProxy FakeStore" >> packages.mk; fi;
if [ "$DOS_HOSTS_BLOCKING" = false ]; then echo "PRODUCT_PACKAGES += $DOS_HOSTS_BLOCKING_APP" >> packages.mk; fi;
#
#END OF ROM CHANGES
#
#
#START OF DEVICE CHANGES
#
enterAndClear "device/asus/grouper";
mv cm.mk lineage.mk;
sed -i 's/cm_/lineage_/' lineage.mk;
#In proprietary/Android.mk
# Remove widevine and tf_daemon
enterAndClear "device/zte/nex"
sed -i 's/ro.sf.lcd_density=240/ro.sf.lcd_density=180/' system.prop;
echo "TARGET_DISPLAY_USE_RETIRE_FENCE := true" >> BoardConfig.mk;
sed -i 's/libm libc/libm libc libutils/' charger/Android.mk;
mv cm.mk lineage.mk;
sed -i 's/cm_/lineage_/' lineage.mk vendorsetup.sh;
awk -i inplace '!/WCNSS_qcom_wlan_nv_2.bin/' proprietary-files.txt;
#In nex-vendor-blobs.mk
# "system/lib/libtime_genoff.so" -> "obj/lib/libtime_genoff.so"
enterAndClear "kernel/zte/msm8930"
patch -p1 < $patches"/android_kernel_zte_msm8930/0001-MDP-Fix.patch";
#Make changes to all devices
cd "$DOS_BUILD_BASE";
find "hardware/qcom/gps" -name "gps\.conf" -type f -exec bash -c 'hardenLocation "$0"' {} \;;
find "device" -name "gps\.conf" -type f -exec bash -c 'hardenLocation "$0"' {} \;;
find "device" -maxdepth 2 -mindepth 2 -type d -exec bash -c 'hardenUserdata "$0"' {} \;;
find "kernel" -maxdepth 2 -mindepth 2 -type d -exec bash -c 'hardenDefconfig "$0"' {} \;;
cd "$DOS_BUILD_BASE";
#Fixes
#Fix broken options enabled by hardenDefconfig()
#sed -i "s/CONFIG_DEBUG_RODATA=y/# CONFIG_DEBUG_RODATA is not set/" kernel/google/msm/arch/arm/configs/lineageos_*_defconfig;
sed -i "s/# CONFIG_COMPAT_BRK is not set/CONFIG_COMPAT_BRK=y/" kernel/zte/msm8930/arch/arm/configs/msm8960-nex_defconfig;
#
#END OF DEVICE CHANGES
#

51
Scripts/LineageOS-11.0/Rebrand.sh Normal file
View File

@ -0,0 +1,51 @@
#!/bin/bash
#DivestOS: A privacy oriented Android distribution
#Copyright (c) 2017-2018 Divested Computing, Inc.
#
#This program is free software: you can redistribute it and/or modify
#it under the terms of the GNU General Public License as published by
#the Free Software Foundation, either version 3 of the License, or
#(at your option) any later version.
#
#This program is distributed in the hope that it will be useful,
#but WITHOUT ANY WARRANTY; without even the implied warranty of
#MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
#GNU General Public License for more details.
#
#You should have received a copy of the GNU General Public License
#along with this program. If not, see <https://www.gnu.org/licenses/>.
#Updates select user facing strings
#Last verified: 2018-04-27
echo "Rebranding...";
enter "bootable/recovery-cm";
sed -i 's|CyanogenMod Simple Recovery|'"$DOS_BRANDING_NAME"' Recovery|' ./recovery.cpp;
enter "build";
sed -i 's|echo "ro.build.user=$USER"|echo "ro.build.user=emy"|' tools/buildinfo.sh; #Override build user
sed -i 's|echo "ro.build.host=`hostname`"|echo "ro.build.host=dosbm"|' tools/buildinfo.sh; #Override build host
sed -i '/CM_TARGET_PACKAGE/s/lineage/'"$DOS_BRANDING_ZIP_PREFIX"'/' core/Makefile;
enter "frameworks/base";
generateBootAnimationMask "$DOS_BRANDING_NAME" "$DOS_BRANDING_BOOTANIMATION_FONT" core/res/assets/images/android-logo-mask.png;
generateBootAnimationShine "$DOS_BRANDING_BOOTANIMATION_COLOR" "$DOS_BRANDING_BOOTANIMATION_STYLE" core/res/assets/images/android-logo-shine.png;
enter "packages/apps/Settings";
sed -i '/.*cmlicense_title/s/LineageOS/'"$DOS_BRANDING_NAME"'/' res/values*/cm_strings.xml
sed -i '/.*cmlicense_activity_title/s/LineageOS/'"$DOS_BRANDING_NAME"'/' res/values*/cm_strings.xml
sed -i '/.*cmupdate_settings_title/s/LineageOS/'"$DOS_BRANDING_NAME"'/' res/values*/cm_strings.xml
sed -i '/.*mod_version/s/LineageOS/'"$DOS_BRANDING_NAME"'/' res/values*/cm_strings.xml
sed -i '/.*privacy_settings_cyanogenmod_category/s/LineageOS/'"$DOS_BRANDING_NAME"'/' res/values*/cm_strings.xml
enter "packages/apps/CMUpdater";
sed -i 's|https://download.cyanogenmod.org/api|'"$DOS_BRANDING_SERVER_OTA"'|' res/values/config.xml;
enter "vendor/cm";
sed -i 's|https://lineageos.org/legal|'"$DOS_BRANDING_LINK_ABOUT"'|' config/common.mk;
sed -i '/.*ZIPPATH=/s/lineage/'"$DOS_BRANDING_ZIP_PREFIX"'/' build/envsetup.sh;
rm -rf bootanimation;
cd "$DOS_BUILD_BASE";
echo "Rebranding complete!";

1
Scripts/LineageOS-14.1/Patch.sh Executable file → Normal file
View File

@ -86,7 +86,6 @@ changeDefaultDNS;
#patch -p1 < "$DOS_PATCHES/android_frameworks_base/0007-Connectivity.patch"; #Change connectivity check URLs to ours
patch -p1 < "$DOS_PATCHES/android_frameworks_base/0008-Disable_Analytics.patch"; #Disable/reduce functionality of various ad/analytics libraries
rm -rf packages/PrintRecommendationService; #App that just creates popups to install proprietary print apps
rm -f core/res/res/*/*.orig;
if [ "$DOS_DEBLOBBER_REMOVE_IMS" = true ]; then
enterAndClear "frameworks/opt/net/ims";

3
Scripts/LineageOS-15.1/Patch.sh Executable file → Normal file
View File

@ -87,7 +87,6 @@ changeDefaultDNS;
#patch -p1 < "$DOS_PATCHES/android_frameworks_base/0005-Connectivity.patch"; #Change connectivity check URLs to ours
patch -p1 < "$DOS_PATCHES/android_frameworks_base/0006-Disable_Analytics.patch"; #Disable/reduce functionality of various ad/analytics libraries
rm -rf packages/PrintRecommendationService; #App that just creates popups to install proprietary print apps
rm -f core/res/res/*/*.orig;
if [ "$DOS_DEBLOBBER_REMOVE_IMS" = true ]; then
enterAndClear "frameworks/opt/net/ims";
@ -109,7 +108,6 @@ if [ "$DOS_DEBLOBBER_REMOVE_AUDIOFX" = true ]; then awk -i inplace '!/LineageAud
enterAndClear "packages/apps/LineageParts";
rm -rf src/org/lineageos/lineageparts/lineagestats/ res/xml/anonymous_stats.xml res/xml/preview_data.xml #Nuke part of the analytics
patch -p1 < "$DOS_PATCHES/android_packages_apps_LineageParts/0001-Remove_Analytics.patch"; #Remove analytics
rm -f AndroidManifest.xml.orig res/*/*.orig;
enterAndClear "packages/apps/Settings";
git revert a96df110e84123fe1273bff54feca3b4ca484dcd; #don't hide oem unlock
@ -117,7 +115,6 @@ patch -p1 < "$DOS_PATCHES/android_packages_apps_Settings/0001-Captive_Portal_Tog
patch -p1 < "$DOS_PATCHES/android_packages_apps_Settings/0004-PDB_Fixes.patch"; #Fix crashes when the PersistentDataBlockManager service isn't available
sed -i 's/private int mPasswordMaxLength = 16;/private int mPasswordMaxLength = 48;/' src/com/android/settings/password/ChooseLockPassword.java; #Increase max password length
if [ "$DOS_MICROG_INCLUDED" = "FULL" ]; then sed -i 's/GSETTINGS_PROVIDER = "com.google.settings";/GSETTINGS_PROVIDER = "com.google.oQuae4av";/' src/com/android/settings/PrivacySettings.java; fi; #microG doesn't support Backup, hide the options
rm -f res/*/*.orig;
enterAndClear "packages/apps/SetupWizard";
patch -p1 < "$DOS_PATCHES/android_packages_apps_SetupWizard/0001-Remove_Analytics.patch"; #Remove analytics