Git-Mirrors/DivestOS
1
0
Fork 0
mirror of https://github.com/Divested-Mobile/DivestOS-Build.git synced 2024-10-01 01:35:54 -04:00
Code Issues Packages Projects Releases Wiki Activity

Final fixups

Browse Source 
compile tested: h830, h850, rs988

Signed-off-by: Tad <tad@spotco.us>
This commit is contained in:
Tad 2023-11-07 22:23:11 -05:00
parent 4eed156d14
commit 0b102adb1d
No known key found for this signature in database
GPG Key ID: B286E9F57A07424B
3 changed files with 46 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
Patches/LineageOS-20.0/android_hardware_qcom_audio/0001-Unused-8996.patch
View File

@ -23,7 +23,7 @@ Change-Id: I694c683c9bfde60343f0f6ea8d806bc5e24437e6
2 files changed, 7 insertions(+)
diff --git a/hal/audio_extn/audio_extn.h b/hal/audio_extn/audio_extn.h
index 1187642d1..38ae1aed5 100644
index 1187642d1f..38ae1aed53 100644
--- a/hal/audio_extn/audio_extn.h
+++ b/hal/audio_extn/audio_extn.h
@@ -688,7 +688,12 @@ bool audio_extn_utils_is_dolby_format(audio_format_t format);
@ -40,7 +40,7 @@ index 1187642d1..38ae1aed5 100644
struct audio_usecase *usecase, int snd_device);
diff --git a/hal/audio_extn/utils.c b/hal/audio_extn/utils.c
index cd788542f..10f1eb216 100644
index cd788542f1..10f1eb2161 100644
--- a/hal/audio_extn/utils.c
+++ b/hal/audio_extn/utils.c
@@ -2520,6 +2520,7 @@ int audio_extn_utils_get_channels_from_string(const char *id_string)

37
Patches/LineageOS-20.0/android_system_sepolicy/0001-LGE_Fixes-New.patch Normal file
View File

@ -0,0 +1,37 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Tad <tad@spotco.us>
Date: Tue, 14 Apr 2020 17:16:42 -0400
Subject: [PATCH] Fix -user builds for many LGE devices
Change-Id: I3649cf211a356c57e129fbda1f5184a4bebc85af
---
private/domain.te | 1 +
public/domain.te | 3 +++
2 files changed, 4 insertions(+)
diff --git a/private/domain.te b/private/domain.te
index cb2140740..1ccd4fb08 100644
--- a/private/domain.te
+++ b/private/domain.te
@@ -133,6 +133,7 @@ neverallow {
-recovery
-ueventd
-mtectrl
+ -misc_block_device_exception
} misc_block_device:blk_file { append link relabelfrom rename write open read ioctl lock };
# Limit ability to ptrace or read sensitive /proc/pid files of processes
diff --git a/public/domain.te b/public/domain.te
index 7bed5e7ef..cde3782f4 100644
--- a/public/domain.te
+++ b/public/domain.te
@@ -610,6 +610,9 @@ neverallow {
-fastbootd
} metadata_block_device:blk_file { append link rename write open read ioctl lock };
+# Select devices have policies prevented by the following neverallow
+attribute misc_block_device_exception;
+
# No domain other than recovery, update_engine and fastbootd can write to system partition(s).
neverallow {
domain

8
Scripts/LineageOS-20.0/Patch.sh
View File

@ -236,6 +236,10 @@ if enterAndClear "hardware/qcom-caf/msm8953/audio"; then
applyPatch "$DOS_PATCHES/android_hardware_qcom_audio/0001-Unused-8998.patch"; #audio_extn: Fix unused parameter warning in utils.c (codeworkx)
fi;
if enterAndClear "hardware/qcom-caf/msm8996/audio"; then
applyPatch "$DOS_PATCHES/android_hardware_qcom_audio/0001-Unused-8996.patch"; #audio_extn: Fix unused parameter warning in utils.c (codeworkx)
fi;
if enterAndClear "hardware/qcom-caf/msm8998/audio"; then
applyPatch "$DOS_PATCHES/android_hardware_qcom_audio/0001-Unused-8998.patch"; #audio_extn: Fix unused parameter warning in utils.c (codeworkx)
fi;
@ -418,12 +422,14 @@ if enterAndClear "system/sepolicy"; then
applyPatch "$DOS_PATCHES/android_system_sepolicy/0002-protected_files.patch"; #Label protected_{fifos,regular} as proc_security (GrapheneOS)
applyPatch "$DOS_PATCHES/android_system_sepolicy/0003-ptrace_scope-1.patch"; #Allow init to control kernel.yama.ptrace_scope (GrapheneOS)
applyPatch "$DOS_PATCHES/android_system_sepolicy/0003-ptrace_scope-2.patch"; #Allow system to use persist.native_debug (GrapheneOS)
git am "$DOS_PATCHES/android_system_sepolicy/0001-LGE_Fixes-New.patch"; #Fix -user builds for LGE devices (DivestOS)
patch -p1 < "$DOS_PATCHES/android_system_sepolicy/0001-LGE_Fixes-New.patch" --directory="prebuilts/api/33.0";
patch -p1 < "$DOS_PATCHES/android_system_sepolicy/0001-LGE_Fixes.patch" --directory="prebuilts/api/32.0";
patch -p1 < "$DOS_PATCHES/android_system_sepolicy/0001-LGE_Fixes.patch" --directory="prebuilts/api/31.0";
patch -p1 < "$DOS_PATCHES/android_system_sepolicy/0001-LGE_Fixes.patch" --directory="prebuilts/api/30.0";
patch -p1 < "$DOS_PATCHES/android_system_sepolicy/0001-LGE_Fixes.patch" --directory="prebuilts/api/29.0";
patch -p1 < "$DOS_PATCHES/android_system_sepolicy/0001-LGE_Fixes.patch" --directory="prebuilts/api/28.0";
#awk -i inplace '!/true cannot be used in user builds/' Android.mk; #Allow ignoring neverallows under -user
awk -i inplace '!/true cannot be used in user builds/' Android.mk; #Allow ignoring neverallows under -user
awk -i inplace '!/domain=gmscore_app/' private/seapp_contexts prebuilts/api/*/private/seapp_contexts; #Disable unused gmscore_app domain (GrapheneOS)
fi;