Git-Mirrors/DivestOS
1
0
Fork 0
mirror of https://github.com/Divested-Mobile/DivestOS-Build.git synced 2025-03-08 22:26:10 -05:00
Code Issues Packages Projects Releases Wiki Activity

19.1: Initial bringup

Browse Source 
TODO:
- manifest
- devices
- a few small patches to rebase

Signed-off-by: Tad <tad@spotco.us>
This commit is contained in:
Tad 2022-04-04 21:48:14 -04:00
parent b464106cc5
commit 1705545d22
109 changed files with 9579 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

414
Patches/LineageOS-19.1/android_art/0001-constify_JNINativeMethod.patch Normal file
View File

@ -0,0 +1,414 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Sun, 10 Oct 2021 16:45:59 -0400
Subject: [PATCH] constify JNINativeMethod tables
---
runtime/native/dalvik_system_BaseDexClassLoader.cc | 2 +-
runtime/native/dalvik_system_DexFile.cc | 2 +-
runtime/native/dalvik_system_VMDebug.cc | 2 +-
runtime/native/dalvik_system_VMRuntime.cc | 2 +-
runtime/native/dalvik_system_VMStack.cc | 2 +-
runtime/native/dalvik_system_ZygoteHooks.cc | 2 +-
runtime/native/java_lang_Class.cc | 2 +-
runtime/native/java_lang_Object.cc | 2 +-
runtime/native/java_lang_String.cc | 2 +-
runtime/native/java_lang_StringFactory.cc | 2 +-
runtime/native/java_lang_System.cc | 2 +-
runtime/native/java_lang_Thread.cc | 2 +-
runtime/native/java_lang_Throwable.cc | 2 +-
runtime/native/java_lang_VMClassLoader.cc | 2 +-
runtime/native/java_lang_invoke_MethodHandleImpl.cc | 2 +-
runtime/native/java_lang_ref_FinalizerReference.cc | 2 +-
runtime/native/java_lang_ref_Reference.cc | 2 +-
runtime/native/java_lang_reflect_Array.cc | 2 +-
runtime/native/java_lang_reflect_Constructor.cc | 2 +-
runtime/native/java_lang_reflect_Executable.cc | 2 +-
runtime/native/java_lang_reflect_Field.cc | 2 +-
runtime/native/java_lang_reflect_Method.cc | 2 +-
runtime/native/java_lang_reflect_Parameter.cc | 2 +-
runtime/native/java_lang_reflect_Proxy.cc | 2 +-
runtime/native/java_util_concurrent_atomic_AtomicLong.cc | 2 +-
runtime/native/libcore_util_CharsetUtils.cc | 2 +-
runtime/native/org_apache_harmony_dalvik_ddmc_DdmServer.cc | 2 +-
runtime/native/org_apache_harmony_dalvik_ddmc_DdmVmInternal.cc | 2 +-
runtime/native/sun_misc_Unsafe.cc | 2 +-
29 files changed, 29 insertions(+), 29 deletions(-)
diff --git a/runtime/native/dalvik_system_BaseDexClassLoader.cc b/runtime/native/dalvik_system_BaseDexClassLoader.cc
index 607395d308..f3d84e57a8 100644
--- a/runtime/native/dalvik_system_BaseDexClassLoader.cc
+++ b/runtime/native/dalvik_system_BaseDexClassLoader.cc
@@ -58,7 +58,7 @@ static jobjectArray BaseDexClassLoader_computeClassLoaderContextsNative(JNIEnv*
return result;
}
-static JNINativeMethod gMethods[] = {
+static const JNINativeMethod gMethods[] = {
NATIVE_METHOD(BaseDexClassLoader, computeClassLoaderContextsNative,
"()[Ljava/lang/String;"),
};
diff --git a/runtime/native/dalvik_system_DexFile.cc b/runtime/native/dalvik_system_DexFile.cc
index f8ad7f1b7a..b0f7cd8f17 100644
--- a/runtime/native/dalvik_system_DexFile.cc
+++ b/runtime/native/dalvik_system_DexFile.cc
@@ -913,7 +913,7 @@ static void DexFile_setTrusted(JNIEnv* env, jclass, jobject j_cookie) {
}
}
-static JNINativeMethod gMethods[] = {
+static const JNINativeMethod gMethods[] = {
NATIVE_METHOD(DexFile, closeDexFile, "(Ljava/lang/Object;)Z"),
NATIVE_METHOD(DexFile,
defineClassNative,
diff --git a/runtime/native/dalvik_system_VMDebug.cc b/runtime/native/dalvik_system_VMDebug.cc
index 5c8bd8431a..fdd0ad079d 100644
--- a/runtime/native/dalvik_system_VMDebug.cc
+++ b/runtime/native/dalvik_system_VMDebug.cc
@@ -489,7 +489,7 @@ static void VMDebug_setAllocTrackerStackDepth(JNIEnv* env, jclass, jint stack_de
}
}
-static JNINativeMethod gMethods[] = {
+static const JNINativeMethod gMethods[] = {
NATIVE_METHOD(VMDebug, countInstancesOfClass, "(Ljava/lang/Class;Z)J"),
NATIVE_METHOD(VMDebug, countInstancesOfClasses, "([Ljava/lang/Class;Z)[J"),
NATIVE_METHOD(VMDebug, dumpHprofData, "(Ljava/lang/String;I)V"),
diff --git a/runtime/native/dalvik_system_VMRuntime.cc b/runtime/native/dalvik_system_VMRuntime.cc
index 842590408d..8283f30995 100644
--- a/runtime/native/dalvik_system_VMRuntime.cc
+++ b/runtime/native/dalvik_system_VMRuntime.cc
@@ -506,7 +506,7 @@ static jboolean VMRuntime_isValidClassLoaderContext(JNIEnv* env,
return ClassLoaderContext::IsValidEncoding(encoded_class_loader_context.c_str());
}
-static JNINativeMethod gMethods[] = {
+static const JNINativeMethod gMethods[] = {
FAST_NATIVE_METHOD(VMRuntime, addressOf, "(Ljava/lang/Object;)J"),
NATIVE_METHOD(VMRuntime, bootClassPath, "()Ljava/lang/String;"),
NATIVE_METHOD(VMRuntime, clampGrowthLimit, "()V"),
diff --git a/runtime/native/dalvik_system_VMStack.cc b/runtime/native/dalvik_system_VMStack.cc
index e88516e248..58e40f6e8a 100644
--- a/runtime/native/dalvik_system_VMStack.cc
+++ b/runtime/native/dalvik_system_VMStack.cc
@@ -168,7 +168,7 @@ static jobjectArray VMStack_getAnnotatedThreadStackTrace(JNIEnv* env, jclass, jo
return GetThreadStack(soa, javaThread, fn);
}
-static JNINativeMethod gMethods[] = {
+static const JNINativeMethod gMethods[] = {
FAST_NATIVE_METHOD(VMStack, fillStackTraceElements, "(Ljava/lang/Thread;[Ljava/lang/StackTraceElement;)I"),
FAST_NATIVE_METHOD(VMStack, getCallingClassLoader, "()Ljava/lang/ClassLoader;"),
FAST_NATIVE_METHOD(VMStack, getClosestUserClassLoader, "()Ljava/lang/ClassLoader;"),
diff --git a/runtime/native/dalvik_system_ZygoteHooks.cc b/runtime/native/dalvik_system_ZygoteHooks.cc
index 050233dac5..37551d049b 100644
--- a/runtime/native/dalvik_system_ZygoteHooks.cc
+++ b/runtime/native/dalvik_system_ZygoteHooks.cc
@@ -456,7 +456,7 @@ static jboolean ZygoteHooks_nativeZygoteLongSuspendOk(JNIEnv* env ATTRIBUTE_UNUS
}
-static JNINativeMethod gMethods[] = {
+static const JNINativeMethod gMethods[] = {
NATIVE_METHOD(ZygoteHooks, nativePreFork, "()J"),
NATIVE_METHOD(ZygoteHooks, nativePostZygoteFork, "()V"),
NATIVE_METHOD(ZygoteHooks, nativePostForkSystemServer, "(I)V"),
diff --git a/runtime/native/java_lang_Class.cc b/runtime/native/java_lang_Class.cc
index 776b14f735..bdf3ea92ec 100644
--- a/runtime/native/java_lang_Class.cc
+++ b/runtime/native/java_lang_Class.cc
@@ -981,7 +981,7 @@ static jobject Class_newInstance(JNIEnv* env, jobject javaThis) {
return soa.AddLocalReference<jobject>(receiver.Get());
}
-static JNINativeMethod gMethods[] = {
+static const JNINativeMethod gMethods[] = {
FAST_NATIVE_METHOD(Class, classForName,
"(Ljava/lang/String;ZLjava/lang/ClassLoader;)Ljava/lang/Class;"),
FAST_NATIVE_METHOD(Class, getDeclaredAnnotation,
diff --git a/runtime/native/java_lang_Object.cc b/runtime/native/java_lang_Object.cc
index 8fc10d1114..8740755199 100644
--- a/runtime/native/java_lang_Object.cc
+++ b/runtime/native/java_lang_Object.cc
@@ -54,7 +54,7 @@ static jint Object_identityHashCodeNative(JNIEnv* env, jclass, jobject javaObjec
return static_cast<jint>(o->IdentityHashCode());
}
-static JNINativeMethod gMethods[] = {
+static const JNINativeMethod gMethods[] = {
FAST_NATIVE_METHOD(Object, internalClone, "()Ljava/lang/Object;"),
FAST_NATIVE_METHOD(Object, notify, "()V"),
FAST_NATIVE_METHOD(Object, notifyAll, "()V"),
diff --git a/runtime/native/java_lang_String.cc b/runtime/native/java_lang_String.cc
index 86f93299d9..ec4b8a9025 100644
--- a/runtime/native/java_lang_String.cc
+++ b/runtime/native/java_lang_String.cc
@@ -109,7 +109,7 @@ static jcharArray String_toCharArray(JNIEnv* env, jobject java_this) {
return soa.AddLocalReference<jcharArray>(mirror::String::ToCharArray(s, soa.Self()));
}
-static JNINativeMethod gMethods[] = {
+static const JNINativeMethod gMethods[] = {
FAST_NATIVE_METHOD(String, charAt, "(I)C"),
FAST_NATIVE_METHOD(String, compareTo, "(Ljava/lang/String;)I"),
FAST_NATIVE_METHOD(String, concat, "(Ljava/lang/String;)Ljava/lang/String;"),
diff --git a/runtime/native/java_lang_StringFactory.cc b/runtime/native/java_lang_StringFactory.cc
index 9086ee932d..de0a81e9a5 100644
--- a/runtime/native/java_lang_StringFactory.cc
+++ b/runtime/native/java_lang_StringFactory.cc
@@ -264,7 +264,7 @@ static jstring StringFactory_newStringFromUtf8Bytes(JNIEnv* env, jclass, jbyteAr
return soa.AddLocalReference<jstring>(result);
}
-static JNINativeMethod gMethods[] = {
+static const JNINativeMethod gMethods[] = {
FAST_NATIVE_METHOD(StringFactory, newStringFromBytes, "([BIII)Ljava/lang/String;"),
FAST_NATIVE_METHOD(StringFactory, newStringFromChars, "(II[C)Ljava/lang/String;"),
FAST_NATIVE_METHOD(StringFactory, newStringFromString, "(Ljava/lang/String;)Ljava/lang/String;"),
diff --git a/runtime/native/java_lang_System.cc b/runtime/native/java_lang_System.cc
index 63cbd2c815..e7b3894aad 100644
--- a/runtime/native/java_lang_System.cc
+++ b/runtime/native/java_lang_System.cc
@@ -239,7 +239,7 @@ static void System_arraycopyBooleanUnchecked(JNIEnv* env,
javaDst, dstPos, count);
}
-static JNINativeMethod gMethods[] = {
+static const JNINativeMethod gMethods[] = {
FAST_NATIVE_METHOD(System, arraycopy, "(Ljava/lang/Object;ILjava/lang/Object;II)V"),
FAST_NATIVE_METHOD(System, arraycopyCharUnchecked, "([CI[CII)V"),
FAST_NATIVE_METHOD(System, arraycopyByteUnchecked, "([BI[BII)V"),
diff --git a/runtime/native/java_lang_Thread.cc b/runtime/native/java_lang_Thread.cc
index c3b4fe09de..8ff4e02605 100644
--- a/runtime/native/java_lang_Thread.cc
+++ b/runtime/native/java_lang_Thread.cc
@@ -193,7 +193,7 @@ static void Thread_yield(JNIEnv*, jobject) {
sched_yield();
}
-static JNINativeMethod gMethods[] = {
+static const JNINativeMethod gMethods[] = {
FAST_NATIVE_METHOD(Thread, currentThread, "()Ljava/lang/Thread;"),
FAST_NATIVE_METHOD(Thread, interrupted, "()Z"),
FAST_NATIVE_METHOD(Thread, isInterrupted, "()Z"),
diff --git a/runtime/native/java_lang_Throwable.cc b/runtime/native/java_lang_Throwable.cc
index b89e287481..5cdd70c513 100644
--- a/runtime/native/java_lang_Throwable.cc
+++ b/runtime/native/java_lang_Throwable.cc
@@ -38,7 +38,7 @@ static jobjectArray Throwable_nativeGetStackTrace(JNIEnv* env, jclass, jobject j
return Thread::InternalStackTraceToStackTraceElementArray(soa, javaStackState);
}
-static JNINativeMethod gMethods[] = {
+static const JNINativeMethod gMethods[] = {
FAST_NATIVE_METHOD(Throwable, nativeFillInStackTrace, "()Ljava/lang/Object;"),
FAST_NATIVE_METHOD(Throwable, nativeGetStackTrace, "(Ljava/lang/Object;)[Ljava/lang/StackTraceElement;"),
};
diff --git a/runtime/native/java_lang_VMClassLoader.cc b/runtime/native/java_lang_VMClassLoader.cc
index 11e02a2ce4..ce37a33086 100644
--- a/runtime/native/java_lang_VMClassLoader.cc
+++ b/runtime/native/java_lang_VMClassLoader.cc
@@ -155,7 +155,7 @@ static jobjectArray VMClassLoader_getBootClassPathEntries(JNIEnv* env, jclass) {
return array;
}
-static JNINativeMethod gMethods[] = {
+static const JNINativeMethod gMethods[] = {
FAST_NATIVE_METHOD(VMClassLoader, findLoadedClass, "(Ljava/lang/ClassLoader;Ljava/lang/String;)Ljava/lang/Class;"),
NATIVE_METHOD(VMClassLoader, getBootClassPathEntries, "()[Ljava/lang/String;"),
};
diff --git a/runtime/native/java_lang_invoke_MethodHandleImpl.cc b/runtime/native/java_lang_invoke_MethodHandleImpl.cc
index 45d9a8abef..afeaa94ec5 100644
--- a/runtime/native/java_lang_invoke_MethodHandleImpl.cc
+++ b/runtime/native/java_lang_invoke_MethodHandleImpl.cc
@@ -63,7 +63,7 @@ static jobject MethodHandleImpl_getMemberInternal(JNIEnv* env, jobject thiz) {
return soa.AddLocalReference<jobject>(h_object.Get());
}
-static JNINativeMethod gMethods[] = {
+static const JNINativeMethod gMethods[] = {
NATIVE_METHOD(MethodHandleImpl, getMemberInternal, "()Ljava/lang/reflect/Member;"),
};
diff --git a/runtime/native/java_lang_ref_FinalizerReference.cc b/runtime/native/java_lang_ref_FinalizerReference.cc
index 535b243411..0a8dfb6c09 100644
--- a/runtime/native/java_lang_ref_FinalizerReference.cc
+++ b/runtime/native/java_lang_ref_FinalizerReference.cc
@@ -42,7 +42,7 @@ static jobject FinalizerReference_getReferent(JNIEnv* env, jobject javaThis) {
return soa.AddLocalReference<jobject>(referent);
}
-static JNINativeMethod gMethods[] = {
+static const JNINativeMethod gMethods[] = {
FAST_NATIVE_METHOD(FinalizerReference, makeCircularListIfUnenqueued, "()Z"),
FAST_NATIVE_METHOD(FinalizerReference, getReferent, "()Ljava/lang/Object;"),
};
diff --git a/runtime/native/java_lang_ref_Reference.cc b/runtime/native/java_lang_ref_Reference.cc
index f23010bf48..e36287154f 100644
--- a/runtime/native/java_lang_ref_Reference.cc
+++ b/runtime/native/java_lang_ref_Reference.cc
@@ -73,7 +73,7 @@ static void Reference_clearReferent(JNIEnv* env, jobject javaThis) {
Runtime::Current()->GetHeap()->GetReferenceProcessor()->ClearReferent(ref);
}
-static JNINativeMethod gMethods[] = {
+static const JNINativeMethod gMethods[] = {
FAST_NATIVE_METHOD(Reference, getReferent, "()Ljava/lang/Object;"),
FAST_NATIVE_METHOD(Reference, clearReferent, "()V"),
FAST_NATIVE_METHOD(Reference, refersTo0, "(Ljava/lang/Object;)Z"),
diff --git a/runtime/native/java_lang_reflect_Array.cc b/runtime/native/java_lang_reflect_Array.cc
index ff94593cdf..e359e7d8a8 100644
--- a/runtime/native/java_lang_reflect_Array.cc
+++ b/runtime/native/java_lang_reflect_Array.cc
@@ -74,7 +74,7 @@ static jobject Array_createObjectArray(JNIEnv* env, jclass, jclass javaElementCl
return soa.AddLocalReference<jobject>(new_array);
}
-static JNINativeMethod gMethods[] = {
+static const JNINativeMethod gMethods[] = {
FAST_NATIVE_METHOD(Array, createMultiArray, "(Ljava/lang/Class;[I)Ljava/lang/Object;"),
FAST_NATIVE_METHOD(Array, createObjectArray, "(Ljava/lang/Class;I)Ljava/lang/Object;"),
};
diff --git a/runtime/native/java_lang_reflect_Constructor.cc b/runtime/native/java_lang_reflect_Constructor.cc
index 1d362c0302..16f5dedb44 100644
--- a/runtime/native/java_lang_reflect_Constructor.cc
+++ b/runtime/native/java_lang_reflect_Constructor.cc
@@ -128,7 +128,7 @@ static jobject Constructor_newInstanceFromSerialization(JNIEnv* env, jclass unus
return env->NewObject(allocClass, ctor);
}
-static JNINativeMethod gMethods[] = {
+static const JNINativeMethod gMethods[] = {
FAST_NATIVE_METHOD(Constructor, getExceptionTypes, "()[Ljava/lang/Class;"),
FAST_NATIVE_METHOD(Constructor, newInstance0, "([Ljava/lang/Object;)Ljava/lang/Object;"),
FAST_NATIVE_METHOD(Constructor, newInstanceFromSerialization, "(Ljava/lang/Class;Ljava/lang/Class;)Ljava/lang/Object;"),
diff --git a/runtime/native/java_lang_reflect_Executable.cc b/runtime/native/java_lang_reflect_Executable.cc
index fef16b9099..1acce4e5d3 100644
--- a/runtime/native/java_lang_reflect_Executable.cc
+++ b/runtime/native/java_lang_reflect_Executable.cc
@@ -383,7 +383,7 @@ static jint Executable_getParameterCountInternal(JNIEnv* env, jobject javaMethod
}
-static JNINativeMethod gMethods[] = {
+static const JNINativeMethod gMethods[] = {
FAST_NATIVE_METHOD(Executable, compareMethodParametersInternal,
"(Ljava/lang/reflect/Method;)I"),
FAST_NATIVE_METHOD(Executable, getAnnotationNative,
diff --git a/runtime/native/java_lang_reflect_Field.cc b/runtime/native/java_lang_reflect_Field.cc
index cfc4a292ba..7bbff9ba36 100644
--- a/runtime/native/java_lang_reflect_Field.cc
+++ b/runtime/native/java_lang_reflect_Field.cc
@@ -521,7 +521,7 @@ static jboolean Field_isAnnotationPresentNative(JNIEnv* env,
return annotations::IsFieldAnnotationPresent(field, klass);
}
-static JNINativeMethod gMethods[] = {
+static const JNINativeMethod gMethods[] = {
FAST_NATIVE_METHOD(Field, get, "(Ljava/lang/Object;)Ljava/lang/Object;"),
FAST_NATIVE_METHOD(Field, getBoolean, "(Ljava/lang/Object;)Z"),
FAST_NATIVE_METHOD(Field, getByte, "(Ljava/lang/Object;)B"),
diff --git a/runtime/native/java_lang_reflect_Method.cc b/runtime/native/java_lang_reflect_Method.cc
index 2c0dd806e1..e052ba9b2c 100644
--- a/runtime/native/java_lang_reflect_Method.cc
+++ b/runtime/native/java_lang_reflect_Method.cc
@@ -86,7 +86,7 @@ static jobject Method_invoke(JNIEnv* env, jobject javaMethod, jobject javaReceiv
return InvokeMethod<kRuntimePointerSize>(soa, javaMethod, javaReceiver, javaArgs);
}
-static JNINativeMethod gMethods[] = {
+static const JNINativeMethod gMethods[] = {
FAST_NATIVE_METHOD(Method, getDefaultValue, "()Ljava/lang/Object;"),
FAST_NATIVE_METHOD(Method, getExceptionTypes, "()[Ljava/lang/Class;"),
FAST_NATIVE_METHOD(Method, invoke, "(Ljava/lang/Object;[Ljava/lang/Object;)Ljava/lang/Object;"),
diff --git a/runtime/native/java_lang_reflect_Parameter.cc b/runtime/native/java_lang_reflect_Parameter.cc
index 263a56796f..92bf9078a4 100644
--- a/runtime/native/java_lang_reflect_Parameter.cc
+++ b/runtime/native/java_lang_reflect_Parameter.cc
@@ -98,7 +98,7 @@ static jobject Parameter_getAnnotationNative(JNIEnv* env,
annotations::GetAnnotationForMethodParameter(method, parameterIndex, klass));
}
-static JNINativeMethod gMethods[] = {
+static const JNINativeMethod gMethods[] = {
FAST_NATIVE_METHOD(
Parameter,
getAnnotationNative,
diff --git a/runtime/native/java_lang_reflect_Proxy.cc b/runtime/native/java_lang_reflect_Proxy.cc
index f723ed223d..c2b533de5d 100644
--- a/runtime/native/java_lang_reflect_Proxy.cc
+++ b/runtime/native/java_lang_reflect_Proxy.cc
@@ -37,7 +37,7 @@ static jclass Proxy_generateProxy(JNIEnv* env, jclass, jstring name, jobjectArra
soa, name, interfaces, loader, methods, throws));
}
-static JNINativeMethod gMethods[] = {
+static const JNINativeMethod gMethods[] = {
FAST_NATIVE_METHOD(Proxy, generateProxy, "(Ljava/lang/String;[Ljava/lang/Class;Ljava/lang/ClassLoader;[Ljava/lang/reflect/Method;[[Ljava/lang/Class;)Ljava/lang/Class;"),
};
diff --git a/runtime/native/java_util_concurrent_atomic_AtomicLong.cc b/runtime/native/java_util_concurrent_atomic_AtomicLong.cc
index fa288edcb8..299ac5a61d 100644
--- a/runtime/native/java_util_concurrent_atomic_AtomicLong.cc
+++ b/runtime/native/java_util_concurrent_atomic_AtomicLong.cc
@@ -30,7 +30,7 @@ static jboolean AtomicLong_VMSupportsCS8(JNIEnv*, jclass) {
return QuasiAtomic::LongAtomicsUseMutexes(kRuntimeISA) ? JNI_FALSE : JNI_TRUE;
}
-static JNINativeMethod gMethods[] = {
+static const JNINativeMethod gMethods[] = {
NATIVE_METHOD(AtomicLong, VMSupportsCS8, "()Z"),
};
diff --git a/runtime/native/libcore_util_CharsetUtils.cc b/runtime/native/libcore_util_CharsetUtils.cc
index f0764f1d74..d9303a9b93 100644
--- a/runtime/native/libcore_util_CharsetUtils.cc
+++ b/runtime/native/libcore_util_CharsetUtils.cc
@@ -183,7 +183,7 @@ static jbyteArray CharsetUtils_toUtf8Bytes(JNIEnv* env, jclass, jstring java_str
return soa.AddLocalReference<jbyteArray>(result);
}
-static JNINativeMethod gMethods[] = {
+static const JNINativeMethod gMethods[] = {
FAST_NATIVE_METHOD(CharsetUtils, asciiBytesToChars, "([BII[C)V"),
FAST_NATIVE_METHOD(CharsetUtils, isoLatin1BytesToChars, "([BII[C)V"),
FAST_NATIVE_METHOD(CharsetUtils, toAsciiBytes, "(Ljava/lang/String;II)[B"),
diff --git a/runtime/native/org_apache_harmony_dalvik_ddmc_DdmServer.cc b/runtime/native/org_apache_harmony_dalvik_ddmc_DdmServer.cc
index 419aed8578..ccbef4f3f4 100644
--- a/runtime/native/org_apache_harmony_dalvik_ddmc_DdmServer.cc
+++ b/runtime/native/org_apache_harmony_dalvik_ddmc_DdmServer.cc
@@ -38,7 +38,7 @@ static void DdmServer_nativeSendChunk(JNIEnv* env, jclass, jint type,
Runtime::Current()->GetRuntimeCallbacks()->DdmPublishChunk(static_cast<uint32_t>(type), chunk);
}
-static JNINativeMethod gMethods[] = {
+static const JNINativeMethod gMethods[] = {
FAST_NATIVE_METHOD(DdmServer, nativeSendChunk, "(I[BII)V"),
};
diff --git a/runtime/native/org_apache_harmony_dalvik_ddmc_DdmVmInternal.cc b/runtime/native/org_apache_harmony_dalvik_ddmc_DdmVmInternal.cc
index f74e1206f5..044364cc45 100644
--- a/runtime/native/org_apache_harmony_dalvik_ddmc_DdmVmInternal.cc
+++ b/runtime/native/org_apache_harmony_dalvik_ddmc_DdmVmInternal.cc
@@ -209,7 +209,7 @@ static jbyteArray DdmVmInternal_getThreadStats(JNIEnv* env, jclass) {
return result;
}
-static JNINativeMethod gMethods[] = {
+static const JNINativeMethod gMethods[] = {
NATIVE_METHOD(DdmVmInternal, setRecentAllocationsTrackingEnabled, "(Z)V"),
NATIVE_METHOD(DdmVmInternal, setThreadNotifyEnabled, "(Z)V"),
NATIVE_METHOD(DdmVmInternal, getStackTraceById, "(I)[Ljava/lang/StackTraceElement;"),
diff --git a/runtime/native/sun_misc_Unsafe.cc b/runtime/native/sun_misc_Unsafe.cc
index 5014f340cd..bb9226d1fa 100644
--- a/runtime/native/sun_misc_Unsafe.cc
+++ b/runtime/native/sun_misc_Unsafe.cc
@@ -541,7 +541,7 @@ static void Unsafe_unpark(JNIEnv* env, jobject, jobject jthread) {
}
}
-static JNINativeMethod gMethods[] = {
+static const JNINativeMethod gMethods[] = {
FAST_NATIVE_METHOD(Unsafe, compareAndSwapInt, "(Ljava/lang/Object;JII)Z"),
FAST_NATIVE_METHOD(Unsafe, compareAndSwapLong, "(Ljava/lang/Object;JJJ)Z"),
FAST_NATIVE_METHOD(Unsafe, compareAndSwapObject, "(Ljava/lang/Object;JLjava/lang/Object;Ljava/lang/Object;)Z"),

168
Patches/LineageOS-19.1/android_bionic/0001-HM-Use_HM.patch Normal file
View File

@ -0,0 +1,168 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Wed, 5 Dec 2018 01:51:56 -0500
Subject: [PATCH] use Scudo on 32-bit and hardened_malloc on 64-bit
Co-authored-by: anupritaisno1 <www.anuprita804@gmail.com>
Signed-off-by: anupritaisno1 <www.anuprita804@gmail.com>
---
libc/Android.bp | 39 +++++++++++-------------
libc/bionic/h_malloc_wrapper.cpp | 51 ++++++++++++++++++++++++++++++++
libc/bionic/malloc_common.h | 8 +++++
3 files changed, 77 insertions(+), 21 deletions(-)
create mode 100644 libc/bionic/h_malloc_wrapper.cpp
diff --git a/libc/Android.bp b/libc/Android.bp
index 98b878151..75b06f58c 100644
--- a/libc/Android.bp
+++ b/libc/Android.bp
@@ -68,6 +68,8 @@ libc_common_flags = [
// GWP-ASan requires platform TLS.
"-fno-emulated-tls",
+
+ "-DH_MALLOC_PREFIX",
]
// Define some common cflags
@@ -113,33 +115,20 @@ cc_defaults {
ldflags: ["-Wl,-z,muldefs"],
multilib: {
- lib64: {
- product_variables: {
- malloc_zero_contents: {
- cflags: ["-DSCUDO_ZERO_CONTENTS"],
- },
- malloc_pattern_fill_contents: {
- cflags: ["-DSCUDO_PATTERN_FILL_CONTENTS"],
- },
- malloc_not_svelte: {
- cflags: ["-DUSE_SCUDO"],
- },
- },
- },
lib32: {
product_variables: {
malloc_zero_contents: {
cflags: ["-DSCUDO_ZERO_CONTENTS"],
},
malloc_pattern_fill_contents: {
- cflags: ["-DSCUDO_PATTERN_FILL_CONTENTS"],
+ cflags: ["-DSCUDO_PATTERN_FILL_CONTENTS"],
},
malloc_not_svelte_libc32: {
- cflags: ["-DUSE_SCUDO"],
+ cflags: ["-DUSE_SCUDO"],
},
},
- },
- },
+ }
+ }
}
libc_scudo_product_variables = {
@@ -194,12 +183,20 @@ cc_defaults {
cc_library_static {
name: "libc_jemalloc_wrapper",
defaults: ["libc_defaults"],
- srcs: ["bionic/jemalloc_wrapper.cpp"],
+ multilib: {
+ lib32: {
+ // Used to pull in the jemalloc/hardened_malloc include directory so that if the
+ // library is removed, the include directory is also removed.
+ srcs: ["bionic/jemalloc_wrapper.cpp"],
+ static_libs: ["libjemalloc5"],
+ },
+ lib64: {
+ srcs: ["bionic/h_malloc_wrapper.cpp"],
+ static_libs: ["libhardened_malloc"],
+ },
+ },
cflags: ["-fvisibility=hidden"],
- // Used to pull in the jemalloc include directory so that if the
- // library is removed, the include directory is also removed.
- static_libs: ["libjemalloc5"],
}
// ========================================================
diff --git a/libc/bionic/h_malloc_wrapper.cpp b/libc/bionic/h_malloc_wrapper.cpp
new file mode 100644
index 000000000..5fb0968c2
--- /dev/null
+++ b/libc/bionic/h_malloc_wrapper.cpp
@@ -0,0 +1,51 @@
+#include <errno.h>
+#include <malloc.h>
+#include <sys/param.h>
+#include <unistd.h>
+
+#include <private/MallocXmlElem.h>
+
+#include "h_malloc.h"
+
+__BEGIN_DECLS
+int h_malloc_info(int options, FILE* fp);
+__END_DECLS
+
+int h_malloc_info(int options, FILE* fp) {
+ if (options != 0) {
+ errno = EINVAL;
+ return -1;
+ }
+
+ fflush(fp);
+ int fd = fileno(fp);
+ MallocXmlElem root(fd, "malloc", "version=\"jemalloc-1\"");
+
+ // Dump all of the large allocations in the arenas.
+ for (size_t i = 0; i < h_mallinfo_narenas(); i++) {
+ struct mallinfo mi = h_mallinfo_arena_info(i);
+ if (mi.hblkhd != 0) {
+ MallocXmlElem arena_elem(fd, "heap", "nr=\"%d\"", i);
+ {
+ MallocXmlElem(fd, "allocated-large").Contents("%zu", mi.ordblks);
+ MallocXmlElem(fd, "allocated-huge").Contents("%zu", mi.uordblks);
+ MallocXmlElem(fd, "allocated-bins").Contents("%zu", mi.fsmblks);
+
+ size_t total = 0;
+ for (size_t j = 0; j < h_mallinfo_nbins(); j++) {
+ struct mallinfo mi = h_mallinfo_bin_info(i, j);
+ if (mi.ordblks != 0) {
+ MallocXmlElem bin_elem(fd, "bin", "nr=\"%d\"", j);
+ MallocXmlElem(fd, "allocated").Contents("%zu", mi.ordblks);
+ MallocXmlElem(fd, "nmalloc").Contents("%zu", mi.uordblks);
+ MallocXmlElem(fd, "ndalloc").Contents("%zu", mi.fordblks);
+ total += mi.ordblks;
+ }
+ }
+ MallocXmlElem(fd, "bins-total").Contents("%zu", total);
+ }
+ }
+ }
+
+ return 0;
+}
diff --git a/libc/bionic/malloc_common.h b/libc/bionic/malloc_common.h
index 4afcc4a8d..cca9e5202 100644
--- a/libc/bionic/malloc_common.h
+++ b/libc/bionic/malloc_common.h
@@ -67,8 +67,16 @@ __END_DECLS
#else
+#ifdef __LP64__
+#include "h_malloc.h"
+#define Malloc(function) h_ ## function
+__BEGIN_DECLS
+int h_malloc_info(int options, FILE* fp);
+__END_DECLS
+#else
#include "jemalloc.h"
#define Malloc(function) je_ ## function
+#endif
#endif

89
Patches/LineageOS-19.1/android_bionic/0002-Graphene_Bionic_Hardening-1.patch Normal file
View File

@ -0,0 +1,89 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: anupritaisno1 <www.anuprita804@gmail.com>
Date: Wed, 13 Oct 2021 15:00:25 +0530
Subject: [PATCH] add a real explicit_bzero implementation
Clang, GCC and other compilers special-case standard C functions like
memset. Calls to memset will be optimized out.
OpenBSD provides explicit_bzero to work around this but Android simply
defines it as memset so nothing prevents it from being optimized away.
This implementation uses a memory read constraint via empty inline
assembly rather than something that may be broken via link-time
optimization in the future.
Signed-off-by: anupritaisno1 <www.anuprita804@gmail.com>
Change-Id: Ia021e30f86ee4b998d541fbf7262110f9d1d6fbf
Signed-off-by: anupritaisno1 <www.anuprita804@gmail.com>
---
libc/Android.bp | 1 +
libc/bionic/explicit_bzero.cpp | 7 +++++++
libc/include/string.h | 1 +
libc/libc.map.txt | 1 +
libc/upstream-openbsd/android/include/openbsd-compat.h | 2 --
5 files changed, 10 insertions(+), 2 deletions(-)
create mode 100644 libc/bionic/explicit_bzero.cpp
diff --git a/libc/Android.bp b/libc/Android.bp
index 75b06f58c..cae5d8776 100644
--- a/libc/Android.bp
+++ b/libc/Android.bp
@@ -1084,6 +1084,7 @@ cc_library_static {
"bionic/error.cpp",
"bionic/eventfd.cpp",
"bionic/exec.cpp",
+ "bionic/explicit_bzero.cpp",
"bionic/faccessat.cpp",
"bionic/fchmod.cpp",
"bionic/fchmodat.cpp",
diff --git a/libc/bionic/explicit_bzero.cpp b/libc/bionic/explicit_bzero.cpp
new file mode 100644
index 000000000..b06daa138
--- /dev/null
+++ b/libc/bionic/explicit_bzero.cpp
@@ -0,0 +1,7 @@
+#include <string.h>
+
+void* explicit_bzero(void* s, size_t n) {
+ void *ptr = memset(s, 0, n);
+ __asm__ __volatile__("" : : "r"(ptr) : "memory");
+ return ptr;
+}
diff --git a/libc/include/string.h b/libc/include/string.h
index 0cc5611aa..befffd082 100644
--- a/libc/include/string.h
+++ b/libc/include/string.h
@@ -56,6 +56,7 @@ void* mempcpy(void* __dst, const void* __src, size_t __n) __INTRODUCED_IN(23);
#endif
void* memmove(void* __dst, const void* __src, size_t __n);
void* memset(void* __dst, int __ch, size_t __n);
+void* explicit_bzero(void *s, size_t n);
void* memmem(const void* __haystack, size_t __haystack_size, const void* __needle, size_t __needle_size) __attribute_pure__;
char* strchr(const char* __s, int __ch) __attribute_pure__;
diff --git a/libc/libc.map.txt b/libc/libc.map.txt
index c31e30681..cab7c1363 100644
--- a/libc/libc.map.txt
+++ b/libc/libc.map.txt
@@ -332,6 +332,7 @@ LIBC {
execvp;
execvpe; # introduced=21
exit;
+ explicit_bzero; # introduced=31
faccessat;
fallocate; # introduced=21
fallocate64; # introduced=21
diff --git a/libc/upstream-openbsd/android/include/openbsd-compat.h b/libc/upstream-openbsd/android/include/openbsd-compat.h
index 6c21c5b49..49d98c3d2 100644
--- a/libc/upstream-openbsd/android/include/openbsd-compat.h
+++ b/libc/upstream-openbsd/android/include/openbsd-compat.h
@@ -57,8 +57,6 @@ extern const char* __progname;
/* OpenBSD has this, but we can't really implement it correctly on Linux. */
#define issetugid() 0
-#define explicit_bzero(p, s) memset(p, 0, s)
-
/* OpenBSD has this in paths.h. But this directory doesn't normally exist.
* Even when it does exist, only the 'shell' user has permissions.
*/

84
Patches/LineageOS-19.1/android_bionic/0002-Graphene_Bionic_Hardening-10.patch Normal file
View File

@ -0,0 +1,84 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Wed, 2 Dec 2015 23:37:28 -0500
Subject: [PATCH] switch pthread_atfork handler allocation to mmap
Signed-off-by: anupritaisno1 <www.anuprita804@gmail.com>
---
libc/bionic/pthread_atfork.cpp | 35 ++++++++++++++++++++++++++++------
1 file changed, 29 insertions(+), 6 deletions(-)
diff --git a/libc/bionic/pthread_atfork.cpp b/libc/bionic/pthread_atfork.cpp
index 0dcabdfb2..6306052ee 100644
--- a/libc/bionic/pthread_atfork.cpp
+++ b/libc/bionic/pthread_atfork.cpp
@@ -29,6 +29,9 @@
#include <errno.h>
#include <pthread.h>
#include <stdlib.h>
+#include <sys/mman.h>
+#include <sys/prctl.h>
+#include <unistd.h>
#include "platform/bionic/macros.h"
@@ -43,6 +46,8 @@ struct atfork_t {
void* dso_handle;
};
+static atfork_t* pool;
+
class atfork_list_t {
public:
constexpr atfork_list_t() : first_(nullptr), last_(nullptr) {}
@@ -101,7 +106,8 @@ class atfork_list_t {
last_ = entry->prev;
}
- free(entry);
+ entry->next = pool;
+ pool = entry;
}
atfork_t* first_;
@@ -154,18 +160,35 @@ void __bionic_atfork_run_parent() {
// __register_atfork is the name used by glibc
extern "C" int __register_atfork(void (*prepare)(void), void (*parent)(void),
void(*child)(void), void* dso) {
- atfork_t* entry = reinterpret_cast<atfork_t*>(malloc(sizeof(atfork_t)));
- if (entry == nullptr) {
- return ENOMEM;
+ pthread_mutex_lock(&g_atfork_list_mutex);
+
+ if (!pool) {
+ size_t page_size = getpagesize();
+ char* page = static_cast<char*>(mmap(NULL, page_size, PROT_READ|PROT_WRITE,
+ MAP_ANONYMOUS|MAP_PRIVATE, -1, 0));
+ if (page == MAP_FAILED) {
+ pthread_mutex_unlock(&g_atfork_list_mutex);
+ return ENOMEM;
+ }
+
+ prctl(PR_SET_VMA, PR_SET_VMA_ANON_NAME, page, page_size,
+ "atfork handlers");
+
+ for (char* it = page; it < page + page_size - sizeof(atfork_t); it += sizeof(atfork_t)) {
+ atfork_t* node = reinterpret_cast<atfork_t*>(it);
+ node->next = pool;
+ pool = node;
+ }
}
+ atfork_t* entry = pool;
+ pool = entry->next;
+
entry->prepare = prepare;
entry->parent = parent;
entry->child = child;
entry->dso_handle = dso;
- pthread_mutex_lock(&g_atfork_list_mutex);
-
g_atfork_list.push_back(entry);
pthread_mutex_unlock(&g_atfork_list_mutex);

95
Patches/LineageOS-19.1/android_bionic/0002-Graphene_Bionic_Hardening-11.patch Normal file
View File

@ -0,0 +1,95 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Thu, 3 Dec 2015 12:58:31 -0500
Subject: [PATCH] add memory protection for pthread_atfork handlers
Signed-off-by: anupritaisno1 <www.anuprita804@gmail.com>
---
libc/bionic/pthread_atfork.cpp | 34 ++++++++++++++++++++++++++++++++--
1 file changed, 32 insertions(+), 2 deletions(-)
diff --git a/libc/bionic/pthread_atfork.cpp b/libc/bionic/pthread_atfork.cpp
index 6306052ee..d59f3ae54 100644
--- a/libc/bionic/pthread_atfork.cpp
+++ b/libc/bionic/pthread_atfork.cpp
@@ -47,6 +47,7 @@ struct atfork_t {
};
static atfork_t* pool;
+static atfork_t* page_list;
class atfork_list_t {
public:
@@ -160,13 +161,22 @@ void __bionic_atfork_run_parent() {
// __register_atfork is the name used by glibc
extern "C" int __register_atfork(void (*prepare)(void), void (*parent)(void),
void(*child)(void), void* dso) {
+ size_t page_size = getpagesize();
+
pthread_mutex_lock(&g_atfork_list_mutex);
+ for (atfork_t* page_it = page_list; page_it; page_it = page_it->next) {
+ mprotect(page_it, page_size, PROT_READ|PROT_WRITE);
+ }
+
if (!pool) {
- size_t page_size = getpagesize();
char* page = static_cast<char*>(mmap(NULL, page_size, PROT_READ|PROT_WRITE,
MAP_ANONYMOUS|MAP_PRIVATE, -1, 0));
if (page == MAP_FAILED) {
+ for (atfork_t* page_it = page_list; page_it; page_it = page_it->next) {
+ mprotect(page_it, page_size, PROT_READ);
+ }
+
pthread_mutex_unlock(&g_atfork_list_mutex);
return ENOMEM;
}
@@ -174,11 +184,15 @@ extern "C" int __register_atfork(void (*prepare)(void), void (*parent)(void),
prctl(PR_SET_VMA, PR_SET_VMA_ANON_NAME, page, page_size,
"atfork handlers");
- for (char* it = page; it < page + page_size - sizeof(atfork_t); it += sizeof(atfork_t)) {
+ for (char* it = page + sizeof(atfork_t); it < page + page_size - sizeof(atfork_t); it += sizeof(atfork_t)) {
atfork_t* node = reinterpret_cast<atfork_t*>(it);
node->next = pool;
pool = node;
}
+
+ atfork_t* page_node = reinterpret_cast<atfork_t*>(page);
+ page_node->next = page_list;
+ page_list = page_node;
}
atfork_t* entry = pool;
@@ -191,6 +205,10 @@ extern "C" int __register_atfork(void (*prepare)(void), void (*parent)(void),
g_atfork_list.push_back(entry);
+ for (atfork_t* page_it = page_list; page_it; page_it = page_it->next) {
+ mprotect(page_it, page_size, PROT_READ);
+ }
+
pthread_mutex_unlock(&g_atfork_list_mutex);
return 0;
@@ -198,8 +216,20 @@ extern "C" int __register_atfork(void (*prepare)(void), void (*parent)(void),
extern "C" __LIBC_HIDDEN__ void __unregister_atfork(void* dso) {
pthread_mutex_lock(&g_atfork_list_mutex);
+
+ size_t page_size = getpagesize();
+
+ for (atfork_t* page_it = page_list; page_it; page_it = page_it->next) {
+ mprotect(page_it, page_size, PROT_READ|PROT_WRITE);
+ }
+
g_atfork_list.remove_if([&](const atfork_t* entry) {
return entry->dso_handle == dso;
});
+
+ for (atfork_t* page_it = page_list; page_it; page_it = page_it->next) {
+ mprotect(page_it, page_size, PROT_READ);
+ }
+
pthread_mutex_unlock(&g_atfork_list_mutex);
}

85
Patches/LineageOS-19.1/android_bionic/0002-Graphene_Bionic_Hardening-12.patch Normal file
View File

@ -0,0 +1,85 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Wed, 27 Jan 2016 18:02:15 -0500
Subject: [PATCH] add XOR mangling mitigation for thread-local dtors
Signed-off-by: anupritaisno1 <www.anuprita804@gmail.com>
---
libc/bionic/__cxa_thread_atexit_impl.cpp | 8 +++++---
libc/bionic/libc_init_common.cpp | 2 ++
libc/private/bionic_globals.h | 1 +
3 files changed, 8 insertions(+), 3 deletions(-)
diff --git a/libc/bionic/__cxa_thread_atexit_impl.cpp b/libc/bionic/__cxa_thread_atexit_impl.cpp
index 99077c101..74608513e 100644
--- a/libc/bionic/__cxa_thread_atexit_impl.cpp
+++ b/libc/bionic/__cxa_thread_atexit_impl.cpp
@@ -13,15 +13,17 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
+#include <stdint.h>
#include <sys/cdefs.h>
#include <private/bionic_defs.h>
+#include <private/bionic_globals.h>
#include "pthread_internal.h"
class thread_local_dtor {
public:
- void (*func) (void *);
+ uintptr_t func;
void *arg;
void *dso_handle; // unused...
thread_local_dtor* next;
@@ -35,7 +37,7 @@ __BIONIC_WEAK_FOR_NATIVE_BRIDGE
int __cxa_thread_atexit_impl(void (*func) (void *), void *arg, void *dso_handle) {
thread_local_dtor* dtor = new thread_local_dtor();
- dtor->func = func;
+ dtor->func = __libc_globals->dtor_cookie ^ reinterpret_cast<uintptr_t>(func);
dtor->arg = arg;
dtor->dso_handle = dso_handle;
@@ -54,7 +56,7 @@ extern "C" __LIBC_HIDDEN__ void __cxa_thread_finalize() {
thread_local_dtor* current = thread->thread_local_dtors;
thread->thread_local_dtors = current->next;
- current->func(current->arg);
+ (reinterpret_cast<void (*)(void*)>(__libc_globals->dtor_cookie ^ current->func))(current->arg);
if (__loader_remove_thread_local_dtor != nullptr) {
__loader_remove_thread_local_dtor(current->dso_handle);
}
diff --git a/libc/bionic/libc_init_common.cpp b/libc/bionic/libc_init_common.cpp
index dd623a529..ddad1b8ad 100644
--- a/libc/bionic/libc_init_common.cpp
+++ b/libc/bionic/libc_init_common.cpp
@@ -45,6 +45,7 @@
#include <async_safe/log.h>
#include "private/WriteProtected.h"
+#include "private/bionic_arc4random.h"
#include "private/bionic_defs.h"
#include "private/bionic_globals.h"
#include "private/bionic_tls.h"
@@ -69,6 +70,7 @@ void __libc_init_globals() {
__libc_globals.mutate([](libc_globals* globals) {
__libc_init_vdso(globals);
__libc_init_setjmp_cookie(globals);
+ arc4random_buf(&globals->dtor_cookie, sizeof(globals->dtor_cookie));
});
}
diff --git a/libc/private/bionic_globals.h b/libc/private/bionic_globals.h
index e105c18d9..ce05936b0 100644
--- a/libc/private/bionic_globals.h
+++ b/libc/private/bionic_globals.h
@@ -45,6 +45,7 @@
struct libc_globals {
vdso_entry vdso[VDSO_END];
+ long dtor_cookie;
long setjmp_cookie;
uintptr_t heap_pointer_tag;

25
Patches/LineageOS-19.1/android_bionic/0002-Graphene_Bionic_Hardening-13.patch Normal file
View File

@ -0,0 +1,25 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Fri, 29 Jan 2016 20:20:09 -0500
Subject: [PATCH] use a better pthread_attr junk filling pattern
Guarantee that junk filled pointers will fault, at least on pure 64-bit.
Signed-off-by: anupritaisno1 <www.anuprita804@gmail.com>
---
libc/bionic/pthread_attr.cpp | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libc/bionic/pthread_attr.cpp b/libc/bionic/pthread_attr.cpp
index 89aa28966..08e237f9f 100644
--- a/libc/bionic/pthread_attr.cpp
+++ b/libc/bionic/pthread_attr.cpp
@@ -53,7 +53,7 @@ int pthread_attr_init(pthread_attr_t* attr) {
__BIONIC_WEAK_FOR_NATIVE_BRIDGE
int pthread_attr_destroy(pthread_attr_t* attr) {
- memset(attr, 0x42, sizeof(pthread_attr_t));
+ memset(attr, 0xdf, sizeof(pthread_attr_t));
return 0;
}

76
Patches/LineageOS-19.1/android_bionic/0002-Graphene_Bionic_Hardening-14.patch Normal file
View File

@ -0,0 +1,76 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Renlord <me@renlord.com>
Date: Thu, 12 Sep 2019 14:51:51 +1000
Subject: [PATCH] add guard page(s) between static_tls and stack
Signed-off-by: anupritaisno1 <www.anuprita804@gmail.com>
---
libc/bionic/pthread_create.cpp | 29 +++++++++++++++++++----------
1 file changed, 19 insertions(+), 10 deletions(-)
diff --git a/libc/bionic/pthread_create.cpp b/libc/bionic/pthread_create.cpp
index 121b26f82..31c553e25 100644
--- a/libc/bionic/pthread_create.cpp
+++ b/libc/bionic/pthread_create.cpp
@@ -201,9 +201,10 @@ int __init_thread(pthread_internal_t* thread) {
ThreadMapping __allocate_thread_mapping(size_t stack_size, size_t stack_guard_size) {
const StaticTlsLayout& layout = __libc_shared_globals()->static_tls_layout;
- // Allocate in order: stack guard, stack, static TLS, guard page.
+ // Allocate in order: stack guard, stack, guard page, static TLS, guard page.
size_t mmap_size;
if (__builtin_add_overflow(stack_size, stack_guard_size, &mmap_size)) return {};
+ if (__builtin_add_overflow(mmap_size, PTHREAD_GUARD_SIZE, &mmap_size)) return {};
if (__builtin_add_overflow(mmap_size, layout.size(), &mmap_size)) return {};
if (__builtin_add_overflow(mmap_size, PTHREAD_GUARD_SIZE, &mmap_size)) return {};
@@ -212,8 +213,8 @@ ThreadMapping __allocate_thread_mapping(size_t stack_size, size_t stack_guard_si
mmap_size = __BIONIC_ALIGN(mmap_size, PAGE_SIZE);
if (mmap_size < unaligned_size) return {};
- // Create a new private anonymous map. Make the entire mapping PROT_NONE, then carve out a
- // read+write area in the middle.
+ // Create a new private anonymous map. Make the entire mapping PROT_NONE, then carve out
+ // read+write areas for the stack and static TLS
const int flags = MAP_PRIVATE | MAP_ANONYMOUS | MAP_NORESERVE;
char* const space = static_cast<char*>(mmap(nullptr, mmap_size, PROT_NONE, flags, -1, 0));
if (space == MAP_FAILED) {
@@ -223,13 +224,21 @@ ThreadMapping __allocate_thread_mapping(size_t stack_size, size_t stack_guard_si
mmap_size, strerror(errno));
return {};
}
- const size_t writable_size = mmap_size - stack_guard_size - PTHREAD_GUARD_SIZE;
- if (mprotect(space + stack_guard_size,
- writable_size,
- PROT_READ | PROT_WRITE) != 0) {
+
+ if (mprotect(space + stack_guard_size, stack_size, PROT_READ | PROT_WRITE) != 0) {
async_safe_format_log(ANDROID_LOG_WARN, "libc",
"pthread_create failed: couldn't mprotect R+W %zu-byte thread mapping region: %s",
- writable_size, strerror(errno));
+ stack_size, strerror(errno));
+ munmap(space, mmap_size);
+ return {};
+ }
+
+ char* const static_tls_space = space + stack_guard_size + stack_size + PTHREAD_GUARD_SIZE;
+
+ if (mprotect(static_tls_space, layout.size(), PROT_READ | PROT_WRITE) != 0) {
+ async_safe_format_log(ANDROID_LOG_WARN, "libc",
+ "pthread_create failed: couldn't mprotect R+W %zu-byte static TLS mapping region: %s",
+ layout.size(), strerror(errno));
munmap(space, mmap_size);
return {};
}
@@ -239,9 +248,9 @@ ThreadMapping __allocate_thread_mapping(size_t stack_size, size_t stack_guard_si
result.mmap_size = mmap_size;
result.mmap_base_unguarded = space + stack_guard_size;
result.mmap_size_unguarded = mmap_size - stack_guard_size - PTHREAD_GUARD_SIZE;
- result.static_tls = space + mmap_size - PTHREAD_GUARD_SIZE - layout.size();
+ result.static_tls = static_tls_space;
result.stack_base = space;
- result.stack_top = result.static_tls;
+ result.stack_top = space + stack_guard_size + stack_size;
return result;
}

58
Patches/LineageOS-19.1/android_bionic/0002-Graphene_Bionic_Hardening-15.patch Normal file
View File

@ -0,0 +1,58 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Thu, 10 Oct 2019 22:52:49 -0400
Subject: [PATCH] move pthread_internal_t behind guard page
Signed-off-by: anupritaisno1 <www.anuprita804@gmail.com>
---
libc/bionic/pthread_create.cpp | 19 +++++++++----------
1 file changed, 9 insertions(+), 10 deletions(-)
diff --git a/libc/bionic/pthread_create.cpp b/libc/bionic/pthread_create.cpp
index 31c553e25..627fbb25b 100644
--- a/libc/bionic/pthread_create.cpp
+++ b/libc/bionic/pthread_create.cpp
@@ -201,10 +201,13 @@ int __init_thread(pthread_internal_t* thread) {
ThreadMapping __allocate_thread_mapping(size_t stack_size, size_t stack_guard_size) {
const StaticTlsLayout& layout = __libc_shared_globals()->static_tls_layout;
- // Allocate in order: stack guard, stack, guard page, static TLS, guard page.
+ size_t thread_page_size = __BIONIC_ALIGN(sizeof(pthread_internal_t), PAGE_SIZE);
+
+ // Allocate in order: stack guard, stack, guard page, pthread_internal_t, static TLS, guard page.
size_t mmap_size;
if (__builtin_add_overflow(stack_size, stack_guard_size, &mmap_size)) return {};
if (__builtin_add_overflow(mmap_size, PTHREAD_GUARD_SIZE, &mmap_size)) return {};
+ if (__builtin_add_overflow(mmap_size, thread_page_size, &mmap_size)) return {};
if (__builtin_add_overflow(mmap_size, layout.size(), &mmap_size)) return {};
if (__builtin_add_overflow(mmap_size, PTHREAD_GUARD_SIZE, &mmap_size)) return {};
@@ -233,9 +236,10 @@ ThreadMapping __allocate_thread_mapping(size_t stack_size, size_t stack_guard_si
return {};
}
- char* const static_tls_space = space + stack_guard_size + stack_size + PTHREAD_GUARD_SIZE;
+ char* const thread = space + stack_guard_size + stack_size + PTHREAD_GUARD_SIZE;
+ char* const static_tls_space = thread + thread_page_size;
- if (mprotect(static_tls_space, layout.size(), PROT_READ | PROT_WRITE) != 0) {
+ if (mprotect(thread, thread_page_size + layout.size(), PROT_READ | PROT_WRITE) != 0) {
async_safe_format_log(ANDROID_LOG_WARN, "libc",
"pthread_create failed: couldn't mprotect R+W %zu-byte static TLS mapping region: %s",
layout.size(), strerror(errno));
@@ -280,13 +284,8 @@ static int __allocate_thread(pthread_attr_t* attr, bionic_tcb** tcbp, void** chi
stack_top = static_cast<char*>(attr->stack_base) + attr->stack_size;
}
- // Carve out space from the stack for the thread's pthread_internal_t. This
- // memory isn't counted in pthread_attr_getstacksize.
-
- // To safely access the pthread_internal_t and thread stack, we need to find a 16-byte aligned boundary.
- stack_top = align_down(stack_top - sizeof(pthread_internal_t), 16);
-
- pthread_internal_t* thread = reinterpret_cast<pthread_internal_t*>(stack_top);
+ pthread_internal_t* thread = reinterpret_cast<pthread_internal_t*>(
+ mapping.static_tls - __BIONIC_ALIGN(sizeof(pthread_internal_t), PAGE_SIZE));
if (!stack_clean) {
// If thread was not allocated by mmap(), it may not have been cleared to zero.
// So assume the worst and zero it.

98
Patches/LineageOS-19.1/android_bionic/0002-Graphene_Bionic_Hardening-16.patch Normal file
View File

@ -0,0 +1,98 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Renlord <me@renlord.com>
Date: Sun, 20 Oct 2019 08:17:11 +1100
Subject: [PATCH] add secondary stack randomization
Signed-off-by: anupritaisno1 <www.anuprita804@gmail.com>
---
libc/bionic/pthread_create.cpp | 32 +++++++++++++++++++++++++++-----
libc/include/sys/cdefs.h | 1 +
2 files changed, 28 insertions(+), 5 deletions(-)
diff --git a/libc/bionic/pthread_create.cpp b/libc/bionic/pthread_create.cpp
index 627fbb25b..1dc32be32 100644
--- a/libc/bionic/pthread_create.cpp
+++ b/libc/bionic/pthread_create.cpp
@@ -29,6 +29,7 @@
#include <pthread.h>
#include <errno.h>
+#include <stdlib.h>
#include <string.h>
#include <sys/auxv.h>
#include <sys/mman.h>
@@ -201,12 +202,24 @@ int __init_thread(pthread_internal_t* thread) {
ThreadMapping __allocate_thread_mapping(size_t stack_size, size_t stack_guard_size) {
const StaticTlsLayout& layout = __libc_shared_globals()->static_tls_layout;
+ // round up if the given stack size is not in multiples of PAGE_SIZE
+ stack_size = __BIONIC_ALIGN(stack_size, PAGE_SIZE);
size_t thread_page_size = __BIONIC_ALIGN(sizeof(pthread_internal_t), PAGE_SIZE);
- // Allocate in order: stack guard, stack, guard page, pthread_internal_t, static TLS, guard page.
+ // Place a randomly sized gap above the stack, up to 10% as large as the stack
+ // on 32-bit and 50% on 64-bit where virtual memory is plentiful.
+#if __LP64__
+ size_t max_gap_size = stack_size / 2;
+#else
+ size_t max_gap_size = stack_size / 10;
+#endif
+ // Make sure random stack top guard size are multiples of PAGE_SIZE.
+ size_t gap_size = __BIONIC_ALIGN(arc4random_uniform(max_gap_size), PAGE_SIZE);
+
+ // Allocate in order: stack guard, stack, (random) guard page(s), pthread_internal_t, static TLS, guard page.
size_t mmap_size;
if (__builtin_add_overflow(stack_size, stack_guard_size, &mmap_size)) return {};
- if (__builtin_add_overflow(mmap_size, PTHREAD_GUARD_SIZE, &mmap_size)) return {};
+ if (__builtin_add_overflow(mmap_size, gap_size, &mmap_size)) return {};
if (__builtin_add_overflow(mmap_size, thread_page_size, &mmap_size)) return {};
if (__builtin_add_overflow(mmap_size, layout.size(), &mmap_size)) return {};
if (__builtin_add_overflow(mmap_size, PTHREAD_GUARD_SIZE, &mmap_size)) return {};
@@ -228,15 +241,21 @@ ThreadMapping __allocate_thread_mapping(size_t stack_size, size_t stack_guard_si
return {};
}
- if (mprotect(space + stack_guard_size, stack_size, PROT_READ | PROT_WRITE) != 0) {
+ // Stack is at the lower end of mapped space, stack guard region is at the lower end of stack.
+ // Make the usable portion of the stack between the guard region and random gap readable and
+ // writable.
+ if (mprotect((space + stack_guard_size), stack_size, PROT_READ | PROT_WRITE) == -1) {
async_safe_format_log(ANDROID_LOG_WARN, "libc",
"pthread_create failed: couldn't mprotect R+W %zu-byte thread mapping region: %s",
stack_size, strerror(errno));
munmap(space, mmap_size);
return {};
}
+ prctl(PR_SET_VMA, PR_SET_VMA_ANON_NAME, space, stack_guard_size, "stack guard");
+ char* const stack_top_guard = space + stack_guard_size + stack_size;
+ prctl(PR_SET_VMA, PR_SET_VMA_ANON_NAME, stack_top_guard, gap_size, "stack top guard");
- char* const thread = space + stack_guard_size + stack_size + PTHREAD_GUARD_SIZE;
+ char* const thread = space + stack_guard_size + stack_size + gap_size;
char* const static_tls_space = thread + thread_page_size;
if (mprotect(thread, thread_page_size + layout.size(), PROT_READ | PROT_WRITE) != 0) {
@@ -254,7 +273,10 @@ ThreadMapping __allocate_thread_mapping(size_t stack_size, size_t stack_guard_si
result.mmap_size_unguarded = mmap_size - stack_guard_size - PTHREAD_GUARD_SIZE;
result.static_tls = static_tls_space;
result.stack_base = space;
- result.stack_top = space + stack_guard_size + stack_size;
+ // Choose a random base within the first page of the stack. Waste no more
+ // than the space originally wasted by pthread_internal_t for compatibility.
+ result.stack_top = space + stack_guard_size + stack_size - arc4random_uniform(sizeof(pthread_internal_t));
+ result.stack_top = reinterpret_cast<char*>(__BIONIC_ALIGN_DOWN(reinterpret_cast<size_t>(result.stack_top), 16));
return result;
}
diff --git a/libc/include/sys/cdefs.h b/libc/include/sys/cdefs.h
index 2556d1183..1863bb70f 100644
--- a/libc/include/sys/cdefs.h
+++ b/libc/include/sys/cdefs.h
@@ -61,6 +61,7 @@
#endif
#define __BIONIC_ALIGN(__value, __alignment) (((__value) + (__alignment)-1) & ~((__alignment)-1))
+#define __BIONIC_ALIGN_DOWN(value, alignment) ((value) & ~((alignment) - 1))
/*
* The __CONCAT macro is used to concatenate parts of symbol names, e.g.

76
Patches/LineageOS-19.1/android_bionic/0002-Graphene_Bionic_Hardening-2.patch Normal file
View File

@ -0,0 +1,76 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Sun, 8 Feb 2015 01:18:54 -0500
Subject: [PATCH] replace brk and sbrk with stubs
Pretend that there is never room to grow the heap in order to prevent
usage of these unsafe legacy functions. There are likely no users of
these in practice as it is inherently broken to use them outside of
malloc.
Signed-off-by: anupritaisno1 <www.anuprita804@gmail.com>
---
libc/bionic/brk.cpp | 48 ++++++++-------------------------------------
1 file changed, 8 insertions(+), 40 deletions(-)
diff --git a/libc/bionic/brk.cpp b/libc/bionic/brk.cpp
index 566c33a7a..ef9305513 100644
--- a/libc/bionic/brk.cpp
+++ b/libc/bionic/brk.cpp
@@ -29,48 +29,16 @@
#include <errno.h>
#include <unistd.h>
-#if defined(__LP64__)
-static void* __bionic_brk;
-#else
-void* __bionic_brk; // Accidentally exported by the NDK.
+#if !defined(__LP64__)
+void* __bionic_brk = reinterpret_cast<void*>(-1); // Accidentally exported by the NDK.
#endif
-extern "C" void* __brk(void* __addr);
-
-int brk(void* end_data) {
- __bionic_brk = __brk(end_data);
- if (__bionic_brk < end_data) {
- errno = ENOMEM;
- return -1;
- }
- return 0;
+int brk(void*) {
+ errno = ENOMEM;
+ return -1;
}
-void* sbrk(ptrdiff_t increment) {
- // Initialize __bionic_brk if necessary.
- if (__bionic_brk == nullptr) {
- __bionic_brk = __brk(nullptr);
- }
-
- // Don't ask the kernel if we already know the answer.
- if (increment == 0) {
- return __bionic_brk;
- }
-
- // Avoid overflow.
- uintptr_t old_brk = reinterpret_cast<uintptr_t>(__bionic_brk);
- if ((increment > 0 && static_cast<uintptr_t>(increment) > (UINTPTR_MAX - old_brk)) ||
- (increment < 0 && static_cast<uintptr_t>(-increment) > old_brk)) {
- errno = ENOMEM;
- return reinterpret_cast<void*>(-1);
- }
-
- void* desired_brk = reinterpret_cast<void*>(old_brk + increment);
- __bionic_brk = __brk(desired_brk);
- if (__bionic_brk < desired_brk) {
- errno = ENOMEM;
- return reinterpret_cast<void*>(-1);
- }
-
- return reinterpret_cast<void*>(old_brk);
+void* sbrk(ptrdiff_t) {
+ errno = ENOMEM;
+ return reinterpret_cast<void*>(-1);
}

57
Patches/LineageOS-19.1/android_bionic/0002-Graphene_Bionic_Hardening-3.patch Normal file
View File

@ -0,0 +1,57 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Mon, 4 Mar 2019 04:26:04 -0500
Subject: [PATCH] use blocking getrandom and avoid urandom fallback
Signed-off-by: anupritaisno1 <www.anuprita804@gmail.com>
---
libc/bionic/getentropy.cpp | 28 +++-------------------------
1 file changed, 3 insertions(+), 25 deletions(-)
diff --git a/libc/bionic/getentropy.cpp b/libc/bionic/getentropy.cpp
index 9c93e713b..c9438ad2b 100644
--- a/libc/bionic/getentropy.cpp
+++ b/libc/bionic/getentropy.cpp
@@ -33,22 +33,6 @@
#include "private/ScopedFd.h"
-static int getentropy_urandom(void* buffer, size_t buffer_size, int saved_errno) {
- ScopedFd fd(TEMP_FAILURE_RETRY(open("/dev/urandom", O_RDONLY | O_NOFOLLOW | O_CLOEXEC, 0)));
- if (fd.get() == -1) return -1;
-
- size_t collected = 0;
- while (collected < buffer_size) {
- ssize_t count = TEMP_FAILURE_RETRY(read(fd.get(), static_cast<char*>(buffer) + collected,
- buffer_size - collected));
- if (count == -1) return -1;
- collected += count;
- }
-
- errno = saved_errno;
- return 0;
-}
-
int getentropy(void* buffer, size_t buffer_size) {
if (buffer_size > 256) {
errno = EIO;
@@ -59,16 +43,10 @@ int getentropy(void* buffer, size_t buffer_size) {
size_t collected = 0;
while (collected < buffer_size) {
- long count = TEMP_FAILURE_RETRY(getrandom(static_cast<char*>(buffer) + collected,
- buffer_size - collected, GRND_NONBLOCK));
+ long count = TEMP_FAILURE_RETRY(
+ getrandom(static_cast<char*>(buffer) + collected, buffer_size - collected, 0));
if (count == -1) {
- // EAGAIN: there isn't enough entropy right now.
- // ENOSYS/EINVAL: getrandom(2) or GRND_NONBLOCK isn't supported.
- // EFAULT: `buffer` is invalid.
- // Try /dev/urandom regardless because it can't hurt,
- // and we don't need to optimize the EFAULT case.
- // See http://b/33059407 and http://b/67015565.
- return getentropy_urandom(buffer, buffer_size, saved_errno);
+ return -1;
}
collected += count;
}

26
Patches/LineageOS-19.1/android_bionic/0002-Graphene_Bionic_Hardening-4.patch Normal file
View File

@ -0,0 +1,26 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Mon, 19 Sep 2016 07:57:43 -0400
Subject: [PATCH] fix undefined out-of-bounds accesses in sched.h
Signed-off-by: anupritaisno1 <www.anuprita804@gmail.com>
---
libc/include/sched.h | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/libc/include/sched.h b/libc/include/sched.h
index 3260231cf..00c2a4a45 100644
--- a/libc/include/sched.h
+++ b/libc/include/sched.h
@@ -70,7 +70,10 @@ int setns(int __fd, int __ns_type) __INTRODUCED_IN(21);
#define __CPU_MASK(x) ((__CPU_BITTYPE)1 << ((x) & (__CPU_BITS - 1)))
typedef struct {
- __CPU_BITTYPE __bits[ CPU_SETSIZE / __CPU_BITS ];
+ union {
+ __CPU_BITTYPE __bits_minimum[ CPU_SETSIZE / __CPU_BITS ];
+ __CPU_BITTYPE __bits[0];
+ };
} cpu_set_t;
int sched_setaffinity(pid_t __pid, size_t __set_size, const cpu_set_t* __set);

47
Patches/LineageOS-19.1/android_bionic/0002-Graphene_Bionic_Hardening-5.patch Normal file
View File

@ -0,0 +1,47 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Sat, 19 Nov 2016 09:56:14 -0500
Subject: [PATCH] stop implicitly marking mappings as mergeable
Signed-off-by: anupritaisno1 <www.anuprita804@gmail.com>
---
libc/bionic/mmap.cpp | 19 +------------------
1 file changed, 1 insertion(+), 18 deletions(-)
diff --git a/libc/bionic/mmap.cpp b/libc/bionic/mmap.cpp
index 9aad0b315..6bf0ecfd1 100644
--- a/libc/bionic/mmap.cpp
+++ b/libc/bionic/mmap.cpp
@@ -39,8 +39,6 @@ extern "C" void* __mmap2(void*, size_t, int, int, int, size_t);
#define MMAP2_SHIFT 12 // 2**12 == 4096
-static bool kernel_has_MADV_MERGEABLE = true;
-
void* mmap64(void* addr, size_t size, int prot, int flags, int fd, off64_t offset) {
if (offset < 0 || (offset & ((1UL << MMAP2_SHIFT)-1)) != 0) {
errno = EINVAL;
@@ -54,22 +52,7 @@ void* mmap64(void* addr, size_t size, int prot, int flags, int fd, off64_t offse
return MAP_FAILED;
}
- bool is_private_anonymous =
- (flags & (MAP_PRIVATE | MAP_ANONYMOUS)) == (MAP_PRIVATE | MAP_ANONYMOUS);
- bool is_stack_or_grows_down = (flags & (MAP_STACK | MAP_GROWSDOWN)) != 0;
-
- void* result = __mmap2(addr, size, prot, flags, fd, offset >> MMAP2_SHIFT);
-
- if (result != MAP_FAILED && kernel_has_MADV_MERGEABLE &&
- is_private_anonymous && !is_stack_or_grows_down) {
- ErrnoRestorer errno_restorer;
- int rc = madvise(result, size, MADV_MERGEABLE);
- if (rc == -1 && errno == EINVAL) {
- kernel_has_MADV_MERGEABLE = false;
- }
- }
-
- return result;
+ return __mmap2(addr, size, prot, flags, fd, offset >> MMAP2_SHIFT);
}
void* mmap(void* addr, size_t size, int prot, int flags, int fd, off_t offset) {

40
Patches/LineageOS-19.1/android_bionic/0002-Graphene_Bionic_Hardening-6.patch Normal file
View File

@ -0,0 +1,40 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Sat, 16 Jul 2016 23:55:16 -0400
Subject: [PATCH] replace VLA formatting with dprintf-like function
Signed-off-by: anupritaisno1 <www.anuprita804@gmail.com>
---
libc/bionic/bionic_systrace.cpp | 10 +---------
1 file changed, 1 insertion(+), 9 deletions(-)
diff --git a/libc/bionic/bionic_systrace.cpp b/libc/bionic/bionic_systrace.cpp
index fd9771298..acd9b7681 100644
--- a/libc/bionic/bionic_systrace.cpp
+++ b/libc/bionic/bionic_systrace.cpp
@@ -27,8 +27,6 @@
#include <async_safe/log.h>
#include <cutils/trace.h> // For ATRACE_TAG_BIONIC.
-#define WRITE_OFFSET 32
-
static Lock g_lock;
static CachedProperty g_debug_atrace_tags_enableflags("debug.atrace.tags.enableflags");
static uint64_t g_tags;
@@ -65,15 +63,9 @@ void bionic_trace_begin(const char* message) {
return;
}
- // If bionic tracing has been enabled, then write the message to the
- // kernel trace_marker.
- int length = strlen(message);
- char buf[length + WRITE_OFFSET];
- size_t len = async_safe_format_buffer(buf, length + WRITE_OFFSET, "B|%d|%s", getpid(), message);
-
// Tracing may stop just after checking property and before writing the message.
// So the write is acceptable to fail. See b/20666100.
- TEMP_FAILURE_RETRY(write(trace_marker_fd, buf, len));
+ async_safe_format_fd(trace_marker_fd, "B|%d|%s", getpid(), message);
}
void bionic_trace_end() {

26
Patches/LineageOS-19.1/android_bionic/0002-Graphene_Bionic_Hardening-7.patch Normal file
View File

@ -0,0 +1,26 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Fri, 17 Jul 2015 21:32:05 -0400
Subject: [PATCH] increase default pthread stack to 8MiB on 64-bit
Signed-off-by: anupritaisno1 <www.anuprita804@gmail.com>
---
libc/bionic/pthread_internal.h | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/libc/bionic/pthread_internal.h b/libc/bionic/pthread_internal.h
index 071a5bcb3..ab71e2a17 100644
--- a/libc/bionic/pthread_internal.h
+++ b/libc/bionic/pthread_internal.h
@@ -238,7 +238,11 @@ __LIBC_HIDDEN__ void pthread_key_clean_all(void);
// stack overflows, we subtracted the same amount we were using there
// from the default thread stack size. This should keep memory usage
// roughly constant.
+#ifdef __LP64__
+#define PTHREAD_STACK_SIZE_DEFAULT ((8 * 1024 * 1024) - SIGNAL_STACK_SIZE_WITHOUT_GUARD)
+#else
#define PTHREAD_STACK_SIZE_DEFAULT ((1 * 1024 * 1024) - SIGNAL_STACK_SIZE_WITHOUT_GUARD)
+#endif
// Leave room for a guard page in the internally created signal stacks.
#define SIGNAL_STACK_SIZE (SIGNAL_STACK_SIZE_WITHOUT_GUARD + PTHREAD_GUARD_SIZE)

59
Patches/LineageOS-19.1/android_bionic/0002-Graphene_Bionic_Hardening-8.patch Normal file
View File

@ -0,0 +1,59 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Sat, 1 Oct 2016 05:11:44 -0400
Subject: [PATCH] make __stack_chk_guard read-only at runtime
Signed-off-by: anupritaisno1 <www.anuprita804@gmail.com>
---
libc/bionic/__libc_init_main_thread.cpp | 15 ++++++++++++---
1 file changed, 12 insertions(+), 3 deletions(-)
diff --git a/libc/bionic/__libc_init_main_thread.cpp b/libc/bionic/__libc_init_main_thread.cpp
index 95f46e9fa..7e1e7cbcb 100644
--- a/libc/bionic/__libc_init_main_thread.cpp
+++ b/libc/bionic/__libc_init_main_thread.cpp
@@ -28,6 +28,9 @@
#include "libc_init_common.h"
+#include <limits.h>
+#include <sys/mman.h>
+
#include <async_safe/log.h>
#include "private/KernelArgumentBlock.h"
@@ -35,14 +38,14 @@
#include "private/bionic_defs.h"
#include "private/bionic_elf_tls.h"
#include "private/bionic_globals.h"
-#include "private/bionic_ssp.h"
#include "pthread_internal.h"
extern "C" pid_t __getpid();
extern "C" int __set_tid_address(int* tid_address);
// Declared in "private/bionic_ssp.h".
-uintptr_t __stack_chk_guard = 0;
+__attribute__((aligned(PAGE_SIZE)))
+uintptr_t __stack_chk_guard[PAGE_SIZE / sizeof(uintptr_t)] = {0};
static pthread_internal_t main_thread;
@@ -107,10 +110,16 @@ void __init_tcb_dtv(bionic_tcb* tcb) {
// Note in particular that it is not possible to return from any existing
// stack frame with stack protector enabled after this function is called.
extern "C" void android_reset_stack_guards() {
+ if (mprotect(__stack_chk_guard, sizeof(__stack_chk_guard), PROT_READ|PROT_WRITE) == -1) {
+ async_safe_fatal("mprotect __stack_chk_guard: %s", strerror(errno));
+ }
// The TLS stack guard is set from the global, so ensure that we've initialized the global
// before we initialize the TLS. Dynamic executables will initialize their copy of the global
// stack protector from the one in the main thread's TLS.
- __libc_safe_arc4random_buf(&__stack_chk_guard, sizeof(__stack_chk_guard));
+ __libc_safe_arc4random_buf(&__stack_chk_guard[0], sizeof(__stack_chk_guard[0]));
+ if (mprotect(__stack_chk_guard, sizeof(__stack_chk_guard), PROT_READ) == -1) {
+ async_safe_fatal("mprotect __stack_chk_guard: %s", strerror(errno));
+ }
__init_tcb_stack_guard(__get_bionic_tcb());
}

41
Patches/LineageOS-19.1/android_bionic/0002-Graphene_Bionic_Hardening-9.patch Normal file
View File

@ -0,0 +1,41 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Sun, 12 Mar 2017 17:49:13 -0400
Subject: [PATCH] on 64-bit, zero the leading stack canary byte
This reduces entropy of the canary from 64-bit to 56-bit in exchange for
mitigating non-terminated C string overflows.
Signed-off-by: anupritaisno1 <www.anuprita804@gmail.com>
---
libc/bionic/__libc_init_main_thread.cpp | 10 ++++++++++
1 file changed, 10 insertions(+)
diff --git a/libc/bionic/__libc_init_main_thread.cpp b/libc/bionic/__libc_init_main_thread.cpp
index 7e1e7cbcb..5bdf61d2c 100644
--- a/libc/bionic/__libc_init_main_thread.cpp
+++ b/libc/bionic/__libc_init_main_thread.cpp
@@ -49,6 +49,12 @@ uintptr_t __stack_chk_guard[PAGE_SIZE / sizeof(uintptr_t)] = {0};
static pthread_internal_t main_thread;
+#if __LP64__
+static const uintptr_t canary_mask = __BYTE_ORDER__ == __ORDER_LITTLE_ENDIAN__ ?
+ 0xffffffffffffff00UL :
+ 0x00ffffffffffffffUL;
+#endif
+
// Setup for the main thread. For dynamic executables, this is called by the
// linker _before_ libc is mapped in memory. This means that all writes to
// globals from this function will apply to linker-private copies and will not
@@ -117,6 +123,10 @@ extern "C" void android_reset_stack_guards() {
// before we initialize the TLS. Dynamic executables will initialize their copy of the global
// stack protector from the one in the main thread's TLS.
__libc_safe_arc4random_buf(&__stack_chk_guard[0], sizeof(__stack_chk_guard[0]));
+#if __LP64__
+ // Sacrifice 8 bits of entropy on 64-bit to mitigate non-terminated C string overflows
+ __stack_chk_guard[0] &= canary_mask;
+#endif
if (mprotect(__stack_chk_guard, sizeof(__stack_chk_guard), PROT_READ) == -1) {
async_safe_fatal("mprotect __stack_chk_guard: %s", strerror(errno));
}

38
Patches/LineageOS-19.1/android_bootable_recovery/0001-No_SerialNum_Restrictions.patch Normal file
View File

@ -0,0 +1,38 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Wed, 19 Aug 2020 09:31:04 -0400
Subject: [PATCH] reject updates with serialno constraints
---
install/install.cpp | 16 ++--------------
1 file changed, 2 insertions(+), 14 deletions(-)
diff --git a/install/install.cpp b/install/install.cpp
index d4f069d8..374f0cdc 100644
--- a/install/install.cpp
+++ b/install/install.cpp
@@ -221,22 +221,10 @@ bool CheckPackageMetadata(const std::map<std::string, std::string>& metadata, Ot
return false;
}
- // We allow the package to not have any serialno; and we also allow it to carry multiple serial
- // numbers split by "|"; e.g. serialno=serialno1|serialno2|serialno3 ... We will fail the
- // verification if the device's serialno doesn't match any of these carried numbers.
auto pkg_serial_no = get_value(metadata, "serialno");
if (!pkg_serial_no.empty()) {
- auto device_serial_no = android::base::GetProperty("ro.serialno", "");
- bool serial_number_match = false;
- for (const auto& number : android::base::Split(pkg_serial_no, "|")) {
- if (device_serial_no == android::base::Trim(number)) {
- serial_number_match = true;
- }
- }
- if (!serial_number_match) {
- LOG(ERROR) << "Package is for serial " << pkg_serial_no;
- return false;
- }
+ LOG(ERROR) << "Serial number constraint not permitted: " << pkg_serial_no;
+ return INSTALL_ERROR;
}
if (ota_type == OtaType::AB) {

24
Patches/LineageOS-19.1/android_build/0001-Enable_fwrapv.patch Normal file
View File

@ -0,0 +1,24 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Tue, 13 Sep 2016 22:05:56 -0400
Subject: [PATCH] use -fwrapv when signed overflow checking is off
Signed-off-by: anupritaisno1 <www.anuprita804@gmail.com>
---
core/config_sanitizers.mk | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/core/config_sanitizers.mk b/core/config_sanitizers.mk
index 46f7f2477b..017aa23822 100644
--- a/core/config_sanitizers.mk
+++ b/core/config_sanitizers.mk
@@ -508,3 +508,9 @@ ifneq ($(findstring fsanitize,$(my_cflags)),)
endif
endif
endif
+
+ifeq ($(filter signed-integer-overflow integer undefined,$(my_sanitize)),)
+ ifeq ($(filter -ftrapv,$(my_cflags)),)
+ my_cflags += -fwrapv
+ endif
+endif

69
Patches/LineageOS-19.1/android_build/0002-OTA_Keys.patch Normal file
View File

@ -0,0 +1,69 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Tad <tad@spotco.us>
Date: Tue, 6 Apr 2021 05:04:32 -0400
Subject: [PATCH] Allow setting OTA public keys from environment variable
Change-Id: Ib2a00de63b0c7a8790640462d13a84daf2076fa7
---
core/product_config.mk | 5 +++++
target/product/security/Android.mk | 21 +++++++++++++++++----
2 files changed, 22 insertions(+), 4 deletions(-)
diff --git a/core/product_config.mk b/core/product_config.mk
index 4b4ba3ccb8..dac79d1ff7 100644
--- a/core/product_config.mk
+++ b/core/product_config.mk
@@ -314,6 +314,11 @@ ENFORCE_SYSTEM_CERTIFICATE_ALLOW_LIST := $(PRODUCT_ARTIFACT_SYSTEM_CERTIFICATE_R
PRODUCT_OTA_PUBLIC_KEYS := $(sort $(PRODUCT_OTA_PUBLIC_KEYS))
PRODUCT_EXTRA_RECOVERY_KEYS := $(sort $(PRODUCT_EXTRA_RECOVERY_KEYS))
+ifneq ($(OTA_KEY_OVERRIDE_DIR),)
+ PRODUCT_OTA_PUBLIC_KEYS := $(OTA_KEY_OVERRIDE_DIR)/releasekey.x509.pem
+ PRODUCT_EXTRA_RECOVERY_KEYS := $(OTA_KEY_OVERRIDE_DIR)/extra
+endif
+
# Resolve and setup per-module dex-preopt configs.
DEXPREOPT_DISABLED_MODULES :=
# If a module has multiple setups, the first takes precedence.
diff --git a/target/product/security/Android.mk b/target/product/security/Android.mk
index cedad5b490..7eea027506 100644
--- a/target/product/security/Android.mk
+++ b/target/product/security/Android.mk
@@ -63,8 +63,15 @@ LOCAL_MODULE_CLASS := ETC
LOCAL_MODULE_STEM := otacerts.zip
LOCAL_MODULE_PATH := $(TARGET_OUT_ETC)/security
include $(BUILD_SYSTEM)/base_rules.mk
-$(LOCAL_BUILT_MODULE): PRIVATE_CERT := $(DEFAULT_SYSTEM_DEV_CERTIFICATE).x509.pem
-$(LOCAL_BUILT_MODULE): $(SOONG_ZIP) $(DEFAULT_SYSTEM_DEV_CERTIFICATE).x509.pem
+
+OTA_PUBLIC_KEYS := $(DEFAULT_SYSTEM_DEV_CERTIFICATE).x509.pem
+
+ifneq ($(OTA_KEY_OVERRIDE_DIR),)
+ OTA_PUBLIC_KEYS := $(OTA_KEY_OVERRIDE_DIR)/releasekey.x509.pem
+endif
+
+$(LOCAL_BUILT_MODULE): PRIVATE_CERT := $(OTA_PUBLIC_KEYS)
+$(LOCAL_BUILT_MODULE): $(SOONG_ZIP) $(OTA_PUBLIC_KEYS)
$(SOONG_ZIP) -o $@ -j -symlinks=false -f $(PRIVATE_CERT)
@@ -82,11 +89,17 @@ include $(BUILD_SYSTEM)/base_rules.mk
extra_recovery_keys := $(patsubst %,%.x509.pem,$(PRODUCT_EXTRA_RECOVERY_KEYS))
-$(LOCAL_BUILT_MODULE): PRIVATE_CERT := $(DEFAULT_SYSTEM_DEV_CERTIFICATE).x509.pem
++OTA_PUBLIC_KEYS := $(DEFAULT_SYSTEM_DEV_CERTIFICATE).x509.pem
++
+ifneq ($(OTA_KEY_OVERRIDE_DIR),)
+ OTA_PUBLIC_KEYS := $(OTA_KEY_OVERRIDE_DIR)/releasekey.x509.pem
+endif
+
+$(LOCAL_BUILT_MODULE): PRIVATE_CERT := $(OTA_PUBLIC_KEYS)
$(LOCAL_BUILT_MODULE): PRIVATE_EXTRA_RECOVERY_KEYS := $(extra_recovery_keys)
$(LOCAL_BUILT_MODULE): \
$(SOONG_ZIP) \
- $(DEFAULT_SYSTEM_DEV_CERTIFICATE).x509.pem \
+ $(OTA_PUBLIC_KEYS) \
$(extra_recovery_keys)
$(SOONG_ZIP) -o $@ -j -symlinks=false \
$(foreach key_file, $(PRIVATE_CERT) $(PRIVATE_EXTRA_RECOVERY_KEYS), -f $(key_file))

28
Patches/LineageOS-19.1/android_build/0003-Exec_Based_Spawning.patch Normal file
View File

@ -0,0 +1,28 @@
From 8e01dd93f29aba79e15a211084582afd9681e8ab Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Thu, 17 Sep 2020 10:53:00 -0400
Subject: [PATCH] disable enforce RRO for mainline devices
This is currently incompatible with exec-based spawning. This also
impacts the wrapper spawning model for the stock OS which is available
by default, making it an upstream bug rather than a missing feature for
exec-based spawning in GrapheneOS.
Signed-off-by: anupritaisno1 <www.anuprita804@gmail.com>
---
target/product/generic_system.mk | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/target/product/generic_system.mk b/target/product/generic_system.mk
index d930957dfb..f0a9400b86 100644
--- a/target/product/generic_system.mk
+++ b/target/product/generic_system.mk
@@ -113,7 +113,7 @@ PRODUCT_COPY_FILES += \
# Enable dynamic partition size
PRODUCT_USE_DYNAMIC_PARTITION_SIZE := true
-PRODUCT_ENFORCE_RRO_TARGETS := *
+#PRODUCT_ENFORCE_RRO_TARGETS := *
PRODUCT_NAME := generic_system
PRODUCT_BRAND := generic

50
Patches/LineageOS-19.1/android_build_soong/0001-Enable_fwrapv.patch Normal file
View File

@ -0,0 +1,50 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Wed, 23 Aug 2017 20:28:03 -0400
Subject: [PATCH] use -fwrapv when signed overflow checking is off
Signed-off-by: anupritaisno1 <www.anuprita804@gmail.com>
---
cc/cc.go | 2 ++
cc/sanitize.go | 12 ++++++++++++
2 files changed, 14 insertions(+)
diff --git a/cc/cc.go b/cc/cc.go
index 619acf96b..02ec906a0 100644
--- a/cc/cc.go
+++ b/cc/cc.go
@@ -1710,6 +1710,8 @@ func (c *Module) GenerateAndroidBuildActions(actx android.ModuleContext) {
}
if c.sanitize != nil {
flags = c.sanitize.flags(ctx, flags)
+ } else {
+ flags.Local.CFlags = append(flags.Local.CFlags, "-fwrapv")
}
if c.coverage != nil {
flags, deps = c.coverage.flags(ctx, flags, deps)
diff --git a/cc/sanitize.go b/cc/sanitize.go
index 941a955e5..694a3659f 100644
--- a/cc/sanitize.go
+++ b/cc/sanitize.go
@@ -556,9 +556,21 @@ func (sanitize *sanitize) flags(ctx ModuleContext, flags Flags) Flags {
}
if !sanitize.Properties.SanitizerEnabled && !sanitize.Properties.UbsanRuntimeDep {
+ flags.Local.CFlags = append(flags.Local.CFlags, "-fwrapv")
return flags
}
+ wrapv := true
+ for _, element := range sanitize.Properties.Sanitizers {
+ if (element == "signed-integer-overflow" || element == "integer" || element == "undefined") {
+ wrapv = false
+ break
+ }
+ }
+ if wrapv {
+ flags.Local.CFlags = append(flags.Local.CFlags, "-fwrapv")
+ }
+
if Bool(sanitize.Properties.Sanitize.Address) {
if ctx.Arch().ArchType == android.Arm {
// Frame pointer based unwinder in ASan requires ARM frame setup.

21
Patches/LineageOS-19.1/android_build_soong/0002-hm_apex.patch Normal file
View File

@ -0,0 +1,21 @@
From cc973e807d440a2cfe7bed420fbf7ae25985ddc1 Mon Sep 17 00:00:00 2001
From: anupritaisno1 <www.anuprita804@gmail.com>
Date: Sun, 13 Sep 2020 09:35:41 +0000
Subject: [PATCH] make hardened malloc available to apexes
---
apex/apex.go | 1 +
1 file changed, 1 insertion(+)
diff --git a/apex/apex.go b/apex/apex.go
index 77854074b..d7ae35c3d 100644
--- a/apex/apex.go
+++ b/apex/apex.go
@@ -2899,6 +2899,7 @@ func makeApexAvailableBaseline() map[string][]string {
"libdebuggerd_handler_fallback",
"libdl_static",
"libjemalloc5",
+ "libhardened_malloc",
"liblinker_main",
"liblinker_malloc",
"liblz4",

22
Patches/LineageOS-19.1/android_external_conscrypt/0001-constify_JNINativeMethod.patch Normal file
View File

@ -0,0 +1,22 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Wed, 18 Nov 2020 14:28:24 -0500
Subject: [PATCH] constify JNINativeMethod table
---
common/src/jni/main/cpp/conscrypt/native_crypto.cc | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/common/src/jni/main/cpp/conscrypt/native_crypto.cc b/common/src/jni/main/cpp/conscrypt/native_crypto.cc
index 5b0acf0d..f8142151 100644
--- a/common/src/jni/main/cpp/conscrypt/native_crypto.cc
+++ b/common/src/jni/main/cpp/conscrypt/native_crypto.cc
@@ -10354,7 +10354,7 @@ static jlong NativeCrypto_SSL_get1_session(JNIEnv* env, jclass, jlong ssl_addres
#define REF_X509_CRL "L" TO_STRING(JNI_JARJAR_PREFIX) "org/conscrypt/OpenSSLX509CRL;"
#define REF_SSL "L" TO_STRING(JNI_JARJAR_PREFIX) "org/conscrypt/NativeSsl;"
#define REF_SSL_CTX "L" TO_STRING(JNI_JARJAR_PREFIX) "org/conscrypt/AbstractSessionContext;"
-static JNINativeMethod sNativeCryptoMethods[] = {
+static const JNINativeMethod sNativeCryptoMethods[] = {
CONSCRYPT_NATIVE_METHOD(clinit, "()V"),
CONSCRYPT_NATIVE_METHOD(CMAC_CTX_new, "()J"),
CONSCRYPT_NATIVE_METHOD(CMAC_CTX_free, "(J)V"),

35
Patches/LineageOS-19.1/android_frameworks_base/0003-SUPL_No_IMSI.patch Normal file
View File

@ -0,0 +1,35 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: MSe1969 <mse1969@posteo.de>
Date: Mon, 29 Oct 2018 12:14:17 +0100
Subject: [PATCH] SUPL: Don't send IMSI / Phone number to SUPL server
Change-Id: I5ccc4d61e52ac11ef33f44618d0e610089885b87
---
.../android/server/location/gnss/GnssLocationProvider.java | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/services/core/java/com/android/server/location/gnss/GnssLocationProvider.java b/services/core/java/com/android/server/location/gnss/GnssLocationProvider.java
index 9956da274263..65f5b836bfcf 100644
--- a/services/core/java/com/android/server/location/gnss/GnssLocationProvider.java
+++ b/services/core/java/com/android/server/location/gnss/GnssLocationProvider.java
@@ -1601,6 +1601,11 @@ public class GnssLocationProvider extends AbstractLocationProvider implements
int type = AGPS_SETID_TYPE_NONE;
String setId = null;
+ /*
+ * We don't want to tell Google our IMSI or phone number to spy on us!
+ * As devices w/o SIM card also have working GPS, providing this data does
+ * not seem to add a lot of value, at least not for the device holder
+ *
int ddSubId = SubscriptionManager.getDefaultDataSubscriptionId();
if (SubscriptionManager.isValidSubscriptionId(ddSubId)) {
phone = phone.createForSubscriptionId(ddSubId);
@@ -1617,7 +1622,7 @@ public class GnssLocationProvider extends AbstractLocationProvider implements
// This means the framework has the SIM card.
type = AGPS_SETID_TYPE_MSISDN;
}
- }
+ } */
mGnssNative.setAgpsSetId(type, (setId == null) ? "" : setId);
}

23
Patches/LineageOS-19.1/android_frameworks_base/0004-Fingerprint_Lockout.patch Normal file
View File

@ -0,0 +1,23 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Tue, 12 Sep 2017 01:52:11 -0400
Subject: [PATCH] use permanent fingerprint lockout immediately
Signed-off-by: anupritaisno1 <www.anuprita804@gmail.com>
---
.../sensors/fingerprint/hidl/LockoutFrameworkImpl.java | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/services/core/java/com/android/server/biometrics/sensors/fingerprint/hidl/LockoutFrameworkImpl.java b/services/core/java/com/android/server/biometrics/sensors/fingerprint/hidl/LockoutFrameworkImpl.java
index dc5dace98825..efee4843aa99 100644
--- a/services/core/java/com/android/server/biometrics/sensors/fingerprint/hidl/LockoutFrameworkImpl.java
+++ b/services/core/java/com/android/server/biometrics/sensors/fingerprint/hidl/LockoutFrameworkImpl.java
@@ -41,7 +41,7 @@ public class LockoutFrameworkImpl implements LockoutTracker {
private static final String ACTION_LOCKOUT_RESET =
"com.android.server.biometrics.sensors.fingerprint.ACTION_LOCKOUT_RESET";
private static final int MAX_FAILED_ATTEMPTS_LOCKOUT_TIMED = 5;
- private static final int MAX_FAILED_ATTEMPTS_LOCKOUT_PERMANENT = 20;
+ private static final int MAX_FAILED_ATTEMPTS_LOCKOUT_PERMANENT = 3;
private static final long FAIL_LOCKOUT_TIMEOUT_MS = 30 * 1000;
private static final String KEY_LOCKOUT_RESET_USER = "lockout_reset_user";

42
Patches/LineageOS-19.1/android_frameworks_base/0005-User_Logout.patch Normal file
View File

@ -0,0 +1,42 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: flawedworld <flawedworld@flawed.world>
Date: Fri, 15 Oct 2021 17:07:13 +0100
Subject: [PATCH] enable secondary user logout support by default
Ported from 11, 12 moved the isLogoutEnabled boolean to ActiveAdmin.java
---
.../java/com/android/server/devicepolicy/ActiveAdmin.java | 2 +-
.../server/devicepolicy/DevicePolicyManagerService.java | 4 ++--
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/ActiveAdmin.java b/services/devicepolicy/java/com/android/server/devicepolicy/ActiveAdmin.java
index 37a84f3698c1..0ae88276ebda 100644
--- a/services/devicepolicy/java/com/android/server/devicepolicy/ActiveAdmin.java
+++ b/services/devicepolicy/java/com/android/server/devicepolicy/ActiveAdmin.java
@@ -197,7 +197,7 @@ class ActiveAdmin {
boolean requireAutoTime = false;
boolean forceEphemeralUsers = false;
boolean isNetworkLoggingEnabled = false;
- boolean isLogoutEnabled = false;
+ boolean isLogoutEnabled = true;
// one notification after enabling + one more after reboots
static final int DEF_MAXIMUM_NETWORK_LOGGING_NOTIFICATIONS_SHOWN = 2;
diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
index dbbbd41ceeb3..5f66da8d8431 100644
--- a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
+++ b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
@@ -15796,11 +15796,11 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {
@Override
public boolean isLogoutEnabled() {
if (!mHasFeature) {
- return false;
+ return true;
}
synchronized (getLockObject()) {
ActiveAdmin deviceOwner = getDeviceOwnerAdminLocked();
- return (deviceOwner != null) && deviceOwner.isLogoutEnabled;
+ return (deviceOwner == null) || deviceOwner.isLogoutEnabled;
}
}

29
Patches/LineageOS-19.1/android_frameworks_base/0007-Always_Restict_Serial.patch Normal file
View File

@ -0,0 +1,29 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Wed, 6 Sep 2017 21:40:48 -0400
Subject: [PATCH] always set deprecated Build.SERIAL to UNKNOWN
Only support fetching the serial number via the new Build.getSerial()
requiring the READ_PHONE_STATE permission.
---
.../java/com/android/server/am/ActivityManagerService.java | 7 +------
1 file changed, 1 insertion(+), 6 deletions(-)
diff --git a/services/core/java/com/android/server/am/ActivityManagerService.java b/services/core/java/com/android/server/am/ActivityManagerService.java
index 330d2ddc0a94..77521e64d603 100644
--- a/services/core/java/com/android/server/am/ActivityManagerService.java
+++ b/services/core/java/com/android/server/am/ActivityManagerService.java
@@ -4478,12 +4478,7 @@ public class ActivityManagerService extends IActivityManager.Stub
ProfilerInfo profilerInfo = mAppProfiler.setupProfilerInfoLocked(thread, app, instr);
- // We deprecated Build.SERIAL and it is not accessible to
- // Instant Apps and target APIs higher than O MR1. Since access to the serial
- // is now behind a permission we push down the value.
- final String buildSerial = (!appInfo.isInstantApp()
- && appInfo.targetSdkVersion < Build.VERSION_CODES.P)
- ? sTheRealBuildSerial : Build.UNKNOWN;
+ final String buildSerial = Build.UNKNOWN;
// Figure out whether the app needs to run in autofill compat mode.
AutofillOptions autofillOptions = null;

33
Patches/LineageOS-19.1/android_frameworks_base/0008-Browser_No_Location.patch Normal file
View File

@ -0,0 +1,33 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Sun, 17 Mar 2019 19:54:30 -0400
Subject: [PATCH] stop auto-granting location to system browsers
---
.../pm/permission/DefaultPermissionGrantPolicy.java | 13 -------------
1 file changed, 13 deletions(-)
diff --git a/services/core/java/com/android/server/pm/permission/DefaultPermissionGrantPolicy.java b/services/core/java/com/android/server/pm/permission/DefaultPermissionGrantPolicy.java
index cb28637e8c10..77ae50533f42 100644
--- a/services/core/java/com/android/server/pm/permission/DefaultPermissionGrantPolicy.java
+++ b/services/core/java/com/android/server/pm/permission/DefaultPermissionGrantPolicy.java
@@ -706,19 +706,6 @@ final class DefaultPermissionGrantPolicy {
Intent.CATEGORY_APP_EMAIL, userId),
userId, CONTACTS_PERMISSIONS, CALENDAR_PERMISSIONS);
- // Browser
- String browserPackage = ArrayUtils.firstOrNull(getKnownPackages(
- PackageManagerInternal.PACKAGE_BROWSER, userId));
- if (browserPackage == null) {
- browserPackage = getDefaultSystemHandlerActivityPackageForCategory(pm,
- Intent.CATEGORY_APP_BROWSER, userId);
- if (!pm.isSystemPackage(browserPackage)) {
- browserPackage = null;
- }
- }
- grantPermissionsToPackage(pm, browserPackage, userId, false /* ignoreSystemPackage */,
- true /*whitelistRestrictedPermissions*/, FOREGROUND_LOCATION_PERMISSIONS);
-
// Voice interaction
if (voiceInteractPackageNames != null) {
for (String voiceInteractPackageName : voiceInteractPackageNames) {

22
Patches/LineageOS-19.1/android_frameworks_base/0009-SystemUI_No_Permission_Review.patch Normal file
View File

@ -0,0 +1,22 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Tue, 18 Dec 2018 08:48:14 -0500
Subject: [PATCH] allow SystemUI to directly manage Bluetooth/WiFi
---
packages/SystemUI/AndroidManifest.xml | 2 ++
1 file changed, 2 insertions(+)
diff --git a/packages/SystemUI/AndroidManifest.xml b/packages/SystemUI/AndroidManifest.xml
index 6cf77882019c..5797aa01bfc0 100644
--- a/packages/SystemUI/AndroidManifest.xml
+++ b/packages/SystemUI/AndroidManifest.xml
@@ -84,6 +84,8 @@
<uses-permission android:name="android.permission.CONTROL_VPN" />
<uses-permission android:name="android.permission.PEERS_MAC_ADDRESS"/>
<uses-permission android:name="android.permission.READ_WIFI_CREDENTIAL"/>
+ <uses-permission android:name="android.permission.MANAGE_BLUETOOTH_WHEN_PERMISSION_REVIEW_REQUIRED" />
+ <uses-permission android:name="android.permission.MANAGE_WIFI_WHEN_PERMISSION_REVIEW_REQUIRED" />
<!-- Physical hardware -->
<uses-permission android:name="android.permission.MANAGE_USB" />
<uses-permission android:name="android.permission.CONTROL_DISPLAY_BRIGHTNESS" />

37
Patches/LineageOS-19.1/android_frameworks_base/0013-Network_Permission-1.patch Normal file
View File

@ -0,0 +1,37 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Sun, 17 Mar 2019 11:59:15 -0400
Subject: [PATCH] make INTERNET into a special runtime permission
Ported from 10: 5e2898e9d21dd6802bb0b0139e7e496c41e1cd80
---
core/res/AndroidManifest.xml | 2 +-
.../android/server/pm/permission/PermissionManagerService.java | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/core/res/AndroidManifest.xml b/core/res/AndroidManifest.xml
index 030310406949..7c4a046fda7b 100644
--- a/core/res/AndroidManifest.xml
+++ b/core/res/AndroidManifest.xml
@@ -1735,7 +1735,7 @@
<permission android:name="android.permission.INTERNET"
android:description="@string/permdesc_createNetworkSockets"
android:label="@string/permlab_createNetworkSockets"
- android:protectionLevel="normal|instant" />
+ android:protectionLevel="dangerous|instant" />
<!-- Allows applications to access information about networks.
<p>Protection level: normal
diff --git a/services/core/java/com/android/server/pm/permission/PermissionManagerService.java b/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
index 41b43e3c38bd..22d3fd41ea64 100644
--- a/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
+++ b/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
@@ -2592,7 +2592,7 @@ public class PermissionManagerService extends IPermissionManager.Stub {
}
public static boolean isSpecialRuntimePermission(final String permission) {
- return false;
+ return Manifest.permission.INTERNET.equals(permission);
}
/**

69
Patches/LineageOS-19.1/android_frameworks_base/0013-Network_Permission-2.patch Normal file
View File

@ -0,0 +1,69 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Fri, 21 Jul 2017 11:23:07 -0400
Subject: [PATCH] add a NETWORK permission group for INTERNET
Ported from 10: b5c9f9407d5f5407686ea8c02fa67573ddc07824
Changes from 10:
- Needed to run `m api-stubs-docs-non-updatable-update-current-api`
to fix the "You have tried to change the API from what has been
previously approved" errors.
---
core/api/current.txt | 2 ++
core/res/AndroidManifest.xml | 8 ++++++++
core/res/res/values/strings.xml | 5 +++++
3 files changed, 15 insertions(+)
diff --git a/core/api/current.txt b/core/api/current.txt
index 1dd401d04e2b..8d0391a80193 100644
--- a/core/api/current.txt
+++ b/core/api/current.txt
@@ -203,6 +203,8 @@ package android {
field public static final String LOCATION = "android.permission-group.LOCATION";
field public static final String MICROPHONE = "android.permission-group.MICROPHONE";
field public static final String NEARBY_DEVICES = "android.permission-group.NEARBY_DEVICES";
+ field public static final String NETWORK = "android.permission-group.NETWORK";
+ field public static final String OTHER_SENSORS = "android.permission-group.OTHER_SENSORS";
field public static final String PHONE = "android.permission-group.PHONE";
field public static final String SENSORS = "android.permission-group.SENSORS";
field public static final String SMS = "android.permission-group.SMS";
diff --git a/core/res/AndroidManifest.xml b/core/res/AndroidManifest.xml
index 7c4a046fda7b..76811630410d 100644
--- a/core/res/AndroidManifest.xml
+++ b/core/res/AndroidManifest.xml
@@ -1729,10 +1729,18 @@
<!-- ======================================= -->
<eat-comment />
+ <!-- Network access -->
+ <permission-group android:name="android.permission-group.NETWORK"
+ android:icon="@drawable/perm_group_network"
+ android:label="@string/permgrouplab_network"
+ android:description="@string/permgroupdesc_network"
+ android:priority="900" />
+
<!-- Allows applications to open network sockets.
<p>Protection level: normal
-->
<permission android:name="android.permission.INTERNET"
+ android:permissionGroup="android.permission-group.UNDEFINED"
android:description="@string/permdesc_createNetworkSockets"
android:label="@string/permlab_createNetworkSockets"
android:protectionLevel="dangerous|instant" />
diff --git a/core/res/res/values/strings.xml b/core/res/res/values/strings.xml
index 166d6abd1809..27c9026c863a 100644
--- a/core/res/res/values/strings.xml
+++ b/core/res/res/values/strings.xml
@@ -837,6 +837,11 @@
<!-- Description of a category of application permissions, listed so the user can choose whether they want to allow the application to do this. -->
<string name="permgroupdesc_sensors">access sensor data about your vital signs</string>
+ <!-- Title of a category of application permissions, listed so the user can choose whether they want to allow the application to do this. -->
+ <string name="permgrouplab_network">Network</string>
+ <!-- Description of a category of application permissions, listed so the user can choose whether they want to allow the application to do this. -->
+ <string name="permgroupdesc_network">access the network</string>
+
<!-- Title for the capability of an accessibility service to retrieve window content. -->
<string name="capability_title_canRetrieveWindowContent">Retrieve window content</string>
<!-- Description for the capability of an accessibility service to retrieve window content. -->

49
Patches/LineageOS-19.1/android_frameworks_base/0013-Network_Permission-3.patch Normal file
View File

@ -0,0 +1,49 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Danny Lin <danny@kdrag0n.dev>
Date: Tue, 5 Oct 2021 16:27:43 -0700
Subject: [PATCH] net: Notify ConnectivityService of runtime permission changes
ConnectivityService needs permission change events in order to enforce
INTERNET permission updates correctly at runtime.
Change-Id: I74b0b8a5aa70f0794b4f3d72c70167dbe2aae88d
---
.../server/net/NetworkPolicyManagerService.java | 11 +++++++++++
1 file changed, 11 insertions(+)
diff --git a/services/core/java/com/android/server/net/NetworkPolicyManagerService.java b/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
index 0a85854b2af8..236dd19e0982 100644
--- a/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
+++ b/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
@@ -182,6 +182,7 @@ import android.content.pm.IPackageManager;
import android.content.pm.PackageInfo;
import android.content.pm.PackageManager;
import android.content.pm.PackageManager.NameNotFoundException;
+import android.content.pm.PackageManagerInternal;
import android.content.pm.UserInfo;
import android.content.res.Resources;
import android.database.ContentObserver;
@@ -282,6 +283,7 @@ import com.android.server.LocalServices;
import com.android.server.ServiceThread;
import com.android.server.SystemConfig;
import com.android.server.connectivity.MultipathPolicyTracker;
+import com.android.server.pm.permission.PermissionManagerServiceInternal;
import com.android.server.usage.AppStandbyInternal;
import com.android.server.usage.AppStandbyInternal.AppIdleStateChangeListener;
@@ -797,6 +799,15 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub {
public void bindConnectivityManager() {
mConnManager = Objects.requireNonNull(mContext.getSystemService(ConnectivityManager.class),
"missing ConnectivityManager");
+
+ // Listen for permission changes and forward to ConnectivityService
+ PermissionManagerServiceInternal pm = LocalServices.getService(
+ PermissionManagerServiceInternal.class);
+ PackageManagerInternal pmi = LocalServices.getService(PackageManagerInternal.class);
+ pm.addOnRuntimePermissionStateChangedListener((packageName, userId) -> {
+ int uid = pmi.getPackageUid(packageName, PackageManager.GET_PERMISSIONS, userId);
+ mConnManager.onPackagePermissionChanged(uid);
+ });
}
@GuardedBy("mUidRulesFirstLock")

113
Patches/LineageOS-19.1/android_frameworks_base/0013-Sensors_Permission.patch Normal file
View File

@ -0,0 +1,113 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Sat, 7 Oct 2017 15:54:42 -0400
Subject: [PATCH] add special runtime permission for other sensors
This covers sensors not included in the existing runtime permission for
body sensors.
Ported from 10: 9ec9f7f521323552fa658b46862c8408f1a7b41b
Changes from 10:
- Needed to run `m api-stubs-docs-non-updatable-update-current-api`
to fix the "You have tried to change the API from what has been
previously approved" errors.
---
core/api/current.txt | 1 +
core/java/android/content/pm/PackageParser.java | 2 ++
core/res/AndroidManifest.xml | 12 ++++++++++++
core/res/res/values/strings.xml | 12 ++++++++++++
.../pm/permission/PermissionManagerService.java | 2 +-
5 files changed, 28 insertions(+), 1 deletion(-)
diff --git a/core/api/current.txt b/core/api/current.txt
index 8d0391a80193..57f4821bb631 100644
--- a/core/api/current.txt
+++ b/core/api/current.txt
@@ -116,6 +116,7 @@ package android {
field public static final String NFC = "android.permission.NFC";
field public static final String NFC_PREFERRED_PAYMENT_INFO = "android.permission.NFC_PREFERRED_PAYMENT_INFO";
field public static final String NFC_TRANSACTION_EVENT = "android.permission.NFC_TRANSACTION_EVENT";
+ field public static final String OTHER_SENSORS = "android.permission.OTHER_SENSORS";
field public static final String PACKAGE_USAGE_STATS = "android.permission.PACKAGE_USAGE_STATS";
field @Deprecated public static final String PERSISTENT_ACTIVITY = "android.permission.PERSISTENT_ACTIVITY";
field @Deprecated public static final String PROCESS_OUTGOING_CALLS = "android.permission.PROCESS_OUTGOING_CALLS";
diff --git a/core/java/android/content/pm/PackageParser.java b/core/java/android/content/pm/PackageParser.java
index 86fef5d9df19..5edc8d35082e 100644
--- a/core/java/android/content/pm/PackageParser.java
+++ b/core/java/android/content/pm/PackageParser.java
@@ -283,6 +283,8 @@ public class PackageParser {
@UnsupportedAppUsage
public static final PackageParser.NewPermissionInfo NEW_PERMISSIONS[] =
new PackageParser.NewPermissionInfo[] {
+ new PackageParser.NewPermissionInfo(android.Manifest.permission.OTHER_SENSORS,
+ android.os.Build.VERSION_CODES.CUR_DEVELOPMENT + 1, 0),
new PackageParser.NewPermissionInfo(android.Manifest.permission.WRITE_EXTERNAL_STORAGE,
android.os.Build.VERSION_CODES.DONUT, 0),
new PackageParser.NewPermissionInfo(android.Manifest.permission.READ_PHONE_STATE,
diff --git a/core/res/AndroidManifest.xml b/core/res/AndroidManifest.xml
index 76811630410d..3053eb4e1e16 100644
--- a/core/res/AndroidManifest.xml
+++ b/core/res/AndroidManifest.xml
@@ -1498,6 +1498,18 @@
android:description="@string/permdesc_useBiometric"
android:protectionLevel="normal" />
+ <permission-group android:name="android.permission-group.OTHER_SENSORS"
+ android:icon="@drawable/perm_group_location"
+ android:label="@string/permgrouplab_otherSensors"
+ android:description="@string/permgroupdesc_otherSensors"
+ android:priority="1000" />
+
+ <permission android:name="android.permission.OTHER_SENSORS"
+ android:permissionGroup="android.permission-group.UNDEFINED"
+ android:label="@string/permlab_otherSensors"
+ android:description="@string/permdesc_otherSensors"
+ android:protectionLevel="dangerous" />
+
<!-- ====================================================================== -->
<!-- REMOVED PERMISSIONS -->
<!-- ====================================================================== -->
diff --git a/core/res/res/values/strings.xml b/core/res/res/values/strings.xml
index 27c9026c863a..4a8624222ae8 100644
--- a/core/res/res/values/strings.xml
+++ b/core/res/res/values/strings.xml
@@ -837,6 +837,11 @@
<!-- Description of a category of application permissions, listed so the user can choose whether they want to allow the application to do this. -->
<string name="permgroupdesc_sensors">access sensor data about your vital signs</string>
+ <!-- Title of a category of application permissions, listed so the user can choose whether they want to allow the application to do this. -->
+ <string name="permgrouplab_otherSensors">Sensors</string>
+ <!-- Description of a category of application permissions, listed so the user can choose whether they want to allow the application to do this. -->
+ <string name="permgroupdesc_otherSensors">access sensor data about orientation, movement, etc.</string>
+
<!-- Title of a category of application permissions, listed so the user can choose whether they want to allow the application to do this. -->
<string name="permgrouplab_network">Network</string>
<!-- Description of a category of application permissions, listed so the user can choose whether they want to allow the application to do this. -->
@@ -1165,6 +1170,13 @@
<string name="permdesc_bodySensors" product="default">Allows the app to access data from sensors
that monitor your physical condition, such as your heart rate.</string>
+ <!-- Title of the sensors permission, listed so the user can decide whether to allow the application to access sensor data. [CHAR LIMIT=80] -->
+ <string name="permlab_otherSensors">access sensors (like the compass)
+ </string>
+ <!-- Description of the sensors permission, listed so the user can decide whether to allow the application to access data from sensors. [CHAR LIMIT=NONE] -->
+ <string name="permdesc_otherSensors" product="default">Allows the app to access data from sensors
+ monitoring orientation, movement, vibration (including low frequency sound) and environmental data</string>
+
<!-- Title of an application permission, listed so the user can choose whether they want to allow the application to do this. -->
<string name="permlab_readCalendar">Read calendar events and details</string>
<!-- Description of an application permission, listed so the user can choose whether they want to allow the application to do this. -->
diff --git a/services/core/java/com/android/server/pm/permission/PermissionManagerService.java b/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
index 22d3fd41ea64..60dc0a027725 100644
--- a/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
+++ b/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
@@ -2592,7 +2592,7 @@ public class PermissionManagerService extends IPermissionManager.Stub {
}
public static boolean isSpecialRuntimePermission(final String permission) {
- return Manifest.permission.INTERNET.equals(permission);
+ return Manifest.permission.INTERNET.equals(permission) || Manifest.permission.OTHER_SENSORS.equals(permission);
}
/**

99
Patches/LineageOS-19.1/android_frameworks_base/0013-Special_Permissions.patch Normal file
View File

@ -0,0 +1,99 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: inthewaves <inthewaves@pm.me>
Date: Sat, 12 Sep 2020 12:28:34 -0700
Subject: [PATCH] support new special runtime permissions
These are treated as a runtime permission even for legacy apps. They
need to be granted by default for all apps to maintain compatibility.
Ported from 10: 4d5d82f4e2fb9ff68158bf30f3944591bb74dd04
Changes from 10:
- It seems like parts of PackageManagerService#resetUserChangesToRuntimePermissionsAndFlagsLPw
were refactored into PermissionManagerService#resetRuntimePermissionsInternal.
As a result, PackageManagerService is no longer modified.
[kdrag0n: Ported to Android 12]
Signed-off-by: Danny Lin <danny@kdrag0n.dev>
---
.../permission/PermissionManagerService.java | 25 +++++++++++++++----
1 file changed, 20 insertions(+), 5 deletions(-)
diff --git a/services/core/java/com/android/server/pm/permission/PermissionManagerService.java b/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
index 54a6c678e0da..41b43e3c38bd 100644
--- a/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
+++ b/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
@@ -1525,7 +1525,8 @@ public class PermissionManagerService extends IPermissionManager.Stub {
// their permissions as always granted runtime ones since we need
// to keep the review required permission flag per user while an
// install permission's state is shared across all users.
- if (pkg.getTargetSdkVersion() < Build.VERSION_CODES.M && bp.isRuntime()) {
+ if (pkg.getTargetSdkVersion() < Build.VERSION_CODES.M && bp.isRuntime() &&
+ !isSpecialRuntimePermission(permName)) {
return;
}
@@ -1568,7 +1569,8 @@ public class PermissionManagerService extends IPermissionManager.Stub {
+ " for package " + packageName);
}
- if (pkg.getTargetSdkVersion() < Build.VERSION_CODES.M) {
+ if (pkg.getTargetSdkVersion() < Build.VERSION_CODES.M &&
+ !isSpecialRuntimePermission(permName)) {
Slog.w(TAG, "Cannot grant runtime permission to a legacy app");
return;
}
@@ -1693,7 +1695,8 @@ public class PermissionManagerService extends IPermissionManager.Stub {
// their permissions as always granted runtime ones since we need
// to keep the review required permission flag per user while an
// install permission's state is shared across all users.
- if (pkg.getTargetSdkVersion() < Build.VERSION_CODES.M && bp.isRuntime()) {
+ if (pkg.getTargetSdkVersion() < Build.VERSION_CODES.M && bp.isRuntime() &&
+ !isSpecialRuntimePermission(permName)) {
return;
}
@@ -1898,7 +1901,8 @@ public class PermissionManagerService extends IPermissionManager.Stub {
// If this permission was granted by default or role, make sure it is.
if ((oldFlags & FLAG_PERMISSION_GRANTED_BY_DEFAULT) != 0
- || (oldFlags & FLAG_PERMISSION_GRANTED_BY_ROLE) != 0) {
+ || (oldFlags & FLAG_PERMISSION_GRANTED_BY_ROLE) != 0
+ || isSpecialRuntimePermission(permName)) {
// PermissionPolicyService will handle the app op for runtime permissions later.
grantRuntimePermissionInternal(packageName, permName, false,
Process.SYSTEM_UID, userId, delayingPermCallback);
@@ -2587,6 +2591,10 @@ public class PermissionManagerService extends IPermissionManager.Stub {
}
}
+ public static boolean isSpecialRuntimePermission(final String permission) {
+ return false;
+ }
+
/**
* Restore the permission state for a package.
*
@@ -2966,6 +2974,13 @@ public class PermissionManagerService extends IPermissionManager.Stub {
}
}
}
+
+ if (isSpecialRuntimePermission(permName) &&
+ origPermState == null) {
+ if (uidState.grantPermission(bp)) {
+ wasChanged = true;
+ }
+ }
} else {
if (origPermState == null) {
// New permission
@@ -3803,7 +3818,7 @@ public class PermissionManagerService extends IPermissionManager.Stub {
if (shouldGrantPermission) {
final int flags = getPermissionFlagsInternal(pkg.getPackageName(), permission,
myUid, userId);
- if (supportsRuntimePermissions) {
+ if (supportsRuntimePermissions || isSpecialRuntimePermission(permission)) {
// Installer cannot change immutable permissions.
if ((flags & immutableFlags) == 0) {
grantRuntimePermissionInternal(pkg.getPackageName(), permission, false,

153
Patches/LineageOS-19.1/android_frameworks_base/0014-Automatic_Reboot.patch Normal file
View File

@ -0,0 +1,153 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: anupritaisno1 <www.anuprita804@gmail.com>
Date: Mon, 18 Oct 2021 04:05:40 +0530
Subject: [PATCH] automatically reboot device after timeout if set
Signed-off-by: anupritaisno1 <www.anuprita804@gmail.com>
Change-Id: If891bfbcc144c9336ba013260bad2b7c7a59c054
---
core/java/android/provider/Settings.java | 7 ++++
data/etc/com.android.systemui.xml | 1 +
packages/SystemUI/AndroidManifest.xml | 3 ++
.../keyguard/KeyguardViewMediator.java | 35 +++++++++++++++++++
4 files changed, 46 insertions(+)
diff --git a/core/java/android/provider/Settings.java b/core/java/android/provider/Settings.java
index 01e369779e1e..52103c3a3f99 100644
--- a/core/java/android/provider/Settings.java
+++ b/core/java/android/provider/Settings.java
@@ -16378,6 +16378,13 @@ public final class Settings {
* @hide
*/
public static final String RESTRICTED_NETWORKING_MODE = "restricted_networking_mode";
+
+ /**
+ * Whether to automatically reboot the device after a user defined timeout
+ *
+ * @hide
+ */
+ public static final String SETTINGS_REBOOT_AFTER_TIMEOUT = "settings_reboot_after_timeout";
}
/**
diff --git a/data/etc/com.android.systemui.xml b/data/etc/com.android.systemui.xml
index f2a33de008d6..354fd82f3a0d 100644
--- a/data/etc/com.android.systemui.xml
+++ b/data/etc/com.android.systemui.xml
@@ -48,6 +48,7 @@
<permission name="android.permission.READ_NETWORK_USAGE_HISTORY"/>
<permission name="android.permission.READ_PRIVILEGED_PHONE_STATE"/>
<permission name="android.permission.REAL_GET_TASKS"/>
+ <permission name="android.permission.REBOOT"/>
<permission name="android.permission.REQUEST_NETWORK_SCORES"/>
<permission name="android.permission.RECEIVE_MEDIA_RESOURCE_USAGE"/>
<permission name="android.permission.START_ACTIVITIES_FROM_BACKGROUND" />
diff --git a/packages/SystemUI/AndroidManifest.xml b/packages/SystemUI/AndroidManifest.xml
index 5797aa01bfc0..cd3e8b391982 100644
--- a/packages/SystemUI/AndroidManifest.xml
+++ b/packages/SystemUI/AndroidManifest.xml
@@ -292,6 +292,9 @@
<uses-permission android:name="android.permission.READ_PEOPLE_DATA" />
+ <!-- Permission to allow rebooting the device after a user configurable amount of time -->
+ <uses-permission android:name="android.permission.REBOOT" />
+
<protected-broadcast android:name="com.android.settingslib.action.REGISTER_SLICE_RECEIVER" />
<protected-broadcast android:name="com.android.settingslib.action.UNREGISTER_SLICE_RECEIVER" />
<protected-broadcast android:name="com.android.settings.flashlight.action.FLASHLIGHT_CHANGED" />
diff --git a/packages/SystemUI/src/com/android/systemui/keyguard/KeyguardViewMediator.java b/packages/SystemUI/src/com/android/systemui/keyguard/KeyguardViewMediator.java
index 532f071132fc..bb78b6cd6eee 100644
--- a/packages/SystemUI/src/com/android/systemui/keyguard/KeyguardViewMediator.java
+++ b/packages/SystemUI/src/com/android/systemui/keyguard/KeyguardViewMediator.java
@@ -186,6 +186,8 @@ public class KeyguardViewMediator extends SystemUI implements Dumpable,
private final static String TAG = "KeyguardViewMediator";
+ private static final String DELAYED_REBOOT_ACTION =
+ "com.android.internal.policy.impl.PhoneWindowManager.DELAYED_REBOOT";
private static final String DELAYED_KEYGUARD_ACTION =
"com.android.internal.policy.impl.PhoneWindowManager.DELAYED_KEYGUARD";
private static final String DELAYED_LOCK_PROFILE_ACTION =
@@ -313,6 +315,11 @@ public class KeyguardViewMediator extends SystemUI implements Dumpable,
*/
private int mDelayedProfileShowingSequence;
+ /**
+ * Same as {@link #mDelayedProfileShowingSequence}, but used for our reboot implementation
+ */
+ private int mDelayedRebootSequence;
+
/**
* If the user has disabled the keyguard, then requests to exit, this is
* how we'll ultimately let them know whether it was successful. We use this
@@ -905,6 +912,7 @@ public class KeyguardViewMediator extends SystemUI implements Dumpable,
final IntentFilter delayedActionFilter = new IntentFilter();
delayedActionFilter.addAction(DELAYED_KEYGUARD_ACTION);
delayedActionFilter.addAction(DELAYED_LOCK_PROFILE_ACTION);
+ delayedActionFilter.addAction(DELAYED_REBOOT_ACTION);
mContext.registerReceiver(mDelayedLockBroadcastReceiver, delayedActionFilter,
SYSTEMUI_PERMISSION, null /* scheduler */);
@@ -1206,6 +1214,18 @@ public class KeyguardViewMediator extends SystemUI implements Dumpable,
}
}
+ private void doRebootForOwnerAfterTimeoutIfEnabled(long rebootAfterTimeout) {
+ long when = SystemClock.elapsedRealtime() + rebootAfterTimeout;
+ Intent rebootIntent = new Intent(DELAYED_REBOOT_ACTION);
+ rebootIntent.putExtra("seq", mDelayedRebootSequence);
+ rebootIntent.addFlags(Intent.FLAG_RECEIVER_FOREGROUND);
+ PendingIntent sender = PendingIntent.getBroadcast(mContext,
+ 0, rebootIntent, PendingIntent.FLAG_CANCEL_CURRENT | PendingIntent.FLAG_IMMUTABLE);
+ mAlarmManager.setExactAndAllowWhileIdle(AlarmManager.ELAPSED_REALTIME_WAKEUP, when, sender);
+ if (DEBUG) Log.d(TAG, "setting alarm to reboot device, timeout = "
+ + String.valueOf(rebootAfterTimeout));
+ }
+
private void doKeyguardForChildProfilesLocked() {
UserManager um = UserManager.get(mContext);
for (int profileId : um.getEnabledProfileIds(UserHandle.myUserId())) {
@@ -1223,6 +1243,10 @@ public class KeyguardViewMediator extends SystemUI implements Dumpable,
mDelayedProfileShowingSequence++;
}
+ private void cancelDoRebootForOwnerAfterTimeoutIfEnabled() {
+ mDelayedRebootSequence++;
+ }
+
/**
* Let's us know when the device is waking up.
*/
@@ -1587,6 +1611,10 @@ public class KeyguardViewMediator extends SystemUI implements Dumpable,
if (DEBUG) Log.d(TAG, "doKeyguard: showing the lock screen");
showLocked(options);
+ final long rebootAfterTimeout = Settings.Global.getLong(mContext.getContentResolver(), Settings.Global.SETTINGS_REBOOT_AFTER_TIMEOUT, 0);
+ if (rebootAfterTimeout >= 1) {
+ doRebootForOwnerAfterTimeoutIfEnabled(rebootAfterTimeout);
+ }
}
private void lockProfile(int userId) {
@@ -1786,6 +1814,12 @@ public class KeyguardViewMediator extends SystemUI implements Dumpable,
}
}
}
+ } else if (DELAYED_REBOOT_ACTION.equals(intent.getAction())) {
+ final int sequence = intent.getIntExtra("seq", 0);
+ if (sequence == mDelayedRebootSequence) {
+ PowerManager pm = mContext.getSystemService(PowerManager.class);
+ pm.reboot(null);
+ }
}
}
};
@@ -2365,6 +2399,7 @@ public class KeyguardViewMediator extends SystemUI implements Dumpable,
mHideAnimationRun = false;
adjustStatusBarLocked();
sendUserPresentBroadcast();
+ cancelDoRebootForOwnerAfterTimeoutIfEnabled();
}
private Configuration.Builder createInteractionJankMonitorConf(String tag) {

121
Patches/LineageOS-19.1/android_frameworks_base/0015-Bluetooth_Timeout.patch Normal file
View File

@ -0,0 +1,121 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: pratyush <codelab@pratyush.dev>
Date: Thu, 1 Jul 2021 12:26:49 +0530
Subject: [PATCH] Bluetooth auto turn off
---
core/java/android/provider/Settings.java | 6 ++
.../server/BluetoothManagerService.java | 76 +++++++++++++++++++
2 files changed, 82 insertions(+)
diff --git a/core/java/android/provider/Settings.java b/core/java/android/provider/Settings.java
index 52103c3a3f99..580f9745eea7 100644
--- a/core/java/android/provider/Settings.java
+++ b/core/java/android/provider/Settings.java
@@ -16385,6 +16385,12 @@ public final class Settings {
* @hide
*/
public static final String SETTINGS_REBOOT_AFTER_TIMEOUT = "settings_reboot_after_timeout";
+
+ /**
+ * The amount of time in milliseconds before bluetooth is turned off
+ * @hide
+ */
+ public static final String BLUETOOTH_OFF_TIMEOUT = "bluetooth_off_timeout";
}
/**
diff --git a/services/core/java/com/android/server/BluetoothManagerService.java b/services/core/java/com/android/server/BluetoothManagerService.java
index f5ff7a3d71a4..8123494599b6 100644
--- a/services/core/java/com/android/server/BluetoothManagerService.java
+++ b/services/core/java/com/android/server/BluetoothManagerService.java
@@ -29,6 +29,7 @@ import android.annotation.NonNull;
import android.annotation.RequiresPermission;
import android.annotation.SuppressLint;
import android.app.ActivityManager;
+import android.app.AlarmManager;
import android.app.AppGlobals;
import android.app.AppOpsManager;
import android.app.BroadcastOptions;
@@ -549,6 +550,81 @@ class BluetoothManagerService extends IBluetoothManager.Stub {
Slog.w(TAG, "Unable to resolve SystemUI's UID.");
}
mSystemUiUid = systemUiUid;
+
+ /*
+ * System sends ACTION_STATE_CHANGED broadcast soon as any state
+ * changes. what it means in action is we don't have to take care if
+ * device reboot while BT has not been turned off automatically.
+ *
+ * A word of warning though it does not check if device as been
+ * unlocked or not what it means in real life is if you have sometime
+ * like tile ble tracker configured it will turn off BT. As result tile
+ * tracking will fail because of auto timeout. this behaviour can be
+ * changed with UserManager.isUnlocked()
+ * */
+ IntentFilter btFilter = new IntentFilter();
+ btFilter.addAction(BluetoothAdapter.ACTION_STATE_CHANGED);
+ btFilter.addAction(BluetoothAdapter.ACTION_CONNECTION_STATE_CHANGED);
+ btFilter.addAction(BluetoothAdapter.ACTION_LOCAL_NAME_CHANGED);
+ context.registerReceiver(new BroadcastReceiver() {
+ @Override
+ public void onReceive(Context broadcastContext, Intent intent) {
+ reconfigureBtTimeoutListener();
+ }
+ }, btFilter);
+
+ context.getContentResolver().registerContentObserver(
+ Settings.Global.getUriFor(Settings.Global.BLUETOOTH_OFF_TIMEOUT),
+ false,
+ new ContentObserver(new Handler(context.getMainLooper())) {
+ @Override
+ public void onChange(boolean selfChange) {
+ super.onChange(selfChange);
+ reconfigureBtTimeoutListener();
+ }
+ });
+ }
+
+ private static final AlarmManager.OnAlarmListener listener = () -> {
+ BluetoothAdapter bluetoothAdapter = BluetoothAdapter.getDefaultAdapter();
+ if (isBtOnAndDisconnected() && bluetoothAdapter != null) {
+ bluetoothAdapter.disable();
+ }
+ };
+
+ // If device is still connected cancel timeout for now and wait for disconnected signal
+ private void reconfigureBtTimeoutListener() {
+ AlarmManager alarmManager = (AlarmManager) mContext.getSystemService(Context.ALARM_SERVICE);
+ if (isTimeoutEnabled(mContext) && isBtOnAndDisconnected()) {
+ final long timeout = SystemClock.elapsedRealtime() + btTimeoutDurationInMilli(mContext);
+ alarmManager.cancel(listener);
+ alarmManager.setExact(
+ AlarmManager.ELAPSED_REALTIME_WAKEUP,
+ timeout,
+ "BT Idle Timeout",
+ listener,
+ new Handler(mContext.getMainLooper())
+ );
+ } else {
+ alarmManager.cancel(listener);
+ }
+ }
+
+ private static boolean isBtOnAndDisconnected() {
+ BluetoothAdapter bluetoothAdapter = BluetoothAdapter.getDefaultAdapter();
+ return bluetoothAdapter != null && bluetoothAdapter.getState() == BluetoothAdapter.STATE_ON
+ && bluetoothAdapter.getState() == BluetoothAdapter.STATE_ON &&
+ bluetoothAdapter.getConnectionState() == BluetoothAdapter.STATE_DISCONNECTED;
+ }
+
+ private static long btTimeoutDurationInMilli(Context context) {
+ return Settings.Global.getLong(context.getContentResolver(),
+ Settings.Global.BLUETOOTH_OFF_TIMEOUT, 0);
+ }
+
+ /** Zero is default and means disabled */
+ private static boolean isTimeoutEnabled(Context context) {
+ return 0 != btTimeoutDurationInMilli(context);
}
/**

123
Patches/LineageOS-19.1/android_frameworks_base/0016-WiFi_Timeout.patch Normal file
View File

@ -0,0 +1,123 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Pratyush <codelab@pratyush.dev>
Date: Tue, 6 Jul 2021 18:18:06 +0530
Subject: [PATCH] Wi-Fi auto turn off
---
core/java/android/provider/Settings.java | 6 ++
.../server/net/NetworkStatsService.java | 69 +++++++++++++++++++
2 files changed, 75 insertions(+)
diff --git a/core/java/android/provider/Settings.java b/core/java/android/provider/Settings.java
index 580f9745eea7..1d8745501553 100644
--- a/core/java/android/provider/Settings.java
+++ b/core/java/android/provider/Settings.java
@@ -16379,6 +16379,12 @@ public final class Settings {
*/
public static final String RESTRICTED_NETWORKING_MODE = "restricted_networking_mode";
+ /**
+ * The amount of time in milliseconds before Wi-Fi is turned off
+ * @hide
+ */
+ public static final String WIFI_OFF_TIMEOUT = "wifi_off_timeout";
+
/**
* Whether to automatically reboot the device after a user defined timeout
*
diff --git a/services/core/java/com/android/server/net/NetworkStatsService.java b/services/core/java/com/android/server/net/NetworkStatsService.java
index 097b0711eff7..0a4fca3ec09d 100644
--- a/services/core/java/com/android/server/net/NetworkStatsService.java
+++ b/services/core/java/com/android/server/net/NetworkStatsService.java
@@ -96,6 +96,7 @@ import android.net.INetworkStatsSession;
import android.net.Network;
import android.net.NetworkCapabilities;
import android.net.NetworkIdentity;
+import android.net.NetworkInfo;
import android.net.NetworkSpecifier;
import android.net.NetworkStack;
import android.net.NetworkStateSnapshot;
@@ -110,8 +111,10 @@ import android.net.Uri;
import android.net.netstats.provider.INetworkStatsProvider;
import android.net.netstats.provider.INetworkStatsProviderCallback;
import android.net.netstats.provider.NetworkStatsProvider;
+import android.net.wifi.WifiManager;
import android.os.BestClock;
import android.os.Binder;
+import android.os.Bundle;
import android.os.DropBoxManager;
import android.os.Environment;
import android.os.Handler;
@@ -449,6 +452,72 @@ public class NetworkStatsService extends INetworkStatsService.Stub {
mContentResolver = mContext.getContentResolver();
mContentObserver = mDeps.makeContentObserver(mHandler, mSettings,
mNetworkStatsSubscriptionsMonitor);
+ IntentFilter wifiFilter = new IntentFilter();
+ wifiFilter.addAction(WifiManager.NETWORK_STATE_CHANGED_ACTION);
+ wifiFilter.addAction(WifiManager.WIFI_STATE_CHANGED_ACTION);
+
+ context.registerReceiver(
+ new BroadcastReceiver() {
+ @Override
+ public void onReceive(Context context, Intent intent) {
+ if (WifiManager.NETWORK_STATE_CHANGED_ACTION.equals(intent.getAction())) {
+ Bundle bundle = intent.getExtras();
+ NetworkInfo networkInfo = bundle.getParcelable(WifiManager.EXTRA_NETWORK_INFO);
+ isWifiConnected = networkInfo != null && networkInfo.isConnected();
+ }
+ reconfigureWiFiTimeoutListener();
+ }
+ }, wifiFilter
+ );
+
+ context.getContentResolver().registerContentObserver(
+ Global.getUriFor(Global.WIFI_OFF_TIMEOUT),
+ false,
+ new ContentObserver(new Handler(context.getMainLooper())) {
+ @Override
+ public void onChange(boolean selfChange) {
+ super.onChange(selfChange);
+ reconfigureWiFiTimeoutListener();
+ }
+ });
+ }
+
+ private static boolean isWifiConnected = false;
+ private final AlarmManager.OnAlarmListener listener = this::turnOffWifi;
+
+ private void turnOffWifi() {
+ WifiManager wifiManager = (WifiManager) mContext.getSystemService(Context.WIFI_SERVICE);
+ if (isWifiTimeoutEnabled(mContext) && wifiManager.isWifiEnabled()) {
+ // setWifiEnabled(enabled) is deprecated, though AOSP still uses
+ // it internally and system apps/services are exempted
+ wifiManager.setWifiEnabled(false);
+ }
+ }
+
+ private void reconfigureWiFiTimeoutListener() {
+ if (isWifiTimeoutEnabled(mContext) && !isWifiConnected) {
+ final long timeout = SystemClock.elapsedRealtime() + wifiTimeoutDurationInMilli(mContext);
+ mAlarmManager.cancel(listener);
+ mAlarmManager.setExact(
+ AlarmManager.ELAPSED_REALTIME_WAKEUP,
+ timeout,
+ "Wi-Fi Idle Timeout",
+ listener,
+ new Handler(mContext.getMainLooper())
+ );
+ } else {
+ mAlarmManager.cancel(listener);
+ }
+ }
+
+ private static long wifiTimeoutDurationInMilli(Context mContext) {
+ return Settings.Global.getLong(mContext.getContentResolver(),
+ Global.WIFI_OFF_TIMEOUT, 0);
+ }
+
+ /** Zero is default and means disabled */
+ private static boolean isWifiTimeoutEnabled(Context mContext) {
+ return 0 != wifiTimeoutDurationInMilli(mContext);
}
/**

213
Patches/LineageOS-19.1/android_frameworks_base/0017-constify_JNINativeMethod.patch Normal file
View File

@ -0,0 +1,213 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Sat, 16 Oct 2021 19:44:59 -0400
Subject: [PATCH] constify JNINativeMethod tables
---
cmds/hid/jni/com_android_commands_hid_Device.cpp | 2 +-
cmds/uinput/jni/com_android_commands_uinput_Device.cpp | 2 +-
core/jni/android_app_ActivityThread.cpp | 2 +-
core/jni/android_os_HidlMemory.cpp | 2 +-
core/jni/android_os_HwBinder.cpp | 2 +-
core/jni/android_os_HwBlob.cpp | 2 +-
core/jni/android_os_HwParcel.cpp | 2 +-
core/jni/android_os_HwRemoteBinder.cpp | 2 +-
libs/hwui/jni/android_graphics_DisplayListCanvas.cpp | 2 +-
media/jni/android_media_ImageWriter.cpp | 4 ++--
media/jni/android_media_MediaSync.cpp | 2 +-
media/jni/soundpool/android_media_SoundPool.cpp | 2 +-
services/core/jni/com_android_server_UsbMidiDevice.cpp | 2 +-
services/core/jni/com_android_server_tv_TvUinputBridge.cpp | 2 +-
14 files changed, 15 insertions(+), 15 deletions(-)
diff --git a/cmds/hid/jni/com_android_commands_hid_Device.cpp b/cmds/hid/jni/com_android_commands_hid_Device.cpp
index 2cda57dd67e9..7613651e75c4 100644
--- a/cmds/hid/jni/com_android_commands_hid_Device.cpp
+++ b/cmds/hid/jni/com_android_commands_hid_Device.cpp
@@ -354,7 +354,7 @@ static void closeDevice(JNIEnv* /* env */, jclass /* clazz */, jlong ptr) {
}
}
-static JNINativeMethod sMethods[] = {
+static const JNINativeMethod sMethods[] = {
{"nativeOpenDevice",
"(Ljava/lang/String;IIII[B"
"Lcom/android/commands/hid/Device$DeviceCallback;)J",
diff --git a/cmds/uinput/jni/com_android_commands_uinput_Device.cpp b/cmds/uinput/jni/com_android_commands_uinput_Device.cpp
index 06fa2aac2c7e..4c20055020a4 100644
--- a/cmds/uinput/jni/com_android_commands_uinput_Device.cpp
+++ b/cmds/uinput/jni/com_android_commands_uinput_Device.cpp
@@ -301,7 +301,7 @@ static void setAbsInfo(JNIEnv* env, jclass /* clazz */, jint handle, jint axisCo
::ioctl(static_cast<int>(handle), UI_ABS_SETUP, &absSetup);
}
-static JNINativeMethod sMethods[] = {
+static const JNINativeMethod sMethods[] = {
{"nativeOpenUinputDevice",
"(Ljava/lang/String;IIIII"
"Lcom/android/commands/uinput/Device$DeviceCallback;)J",
diff --git a/core/jni/android_app_ActivityThread.cpp b/core/jni/android_app_ActivityThread.cpp
index e9d9a20c7538..cd285238d6e2 100644
--- a/core/jni/android_app_ActivityThread.cpp
+++ b/core/jni/android_app_ActivityThread.cpp
@@ -40,7 +40,7 @@ static void android_app_ActivityThread_initZygoteChildHeapProfiling(JNIEnv* env,
android_mallopt(M_INIT_ZYGOTE_CHILD_PROFILING, nullptr, 0);
}
-static JNINativeMethod gActivityThreadMethods[] = {
+static const JNINativeMethod gActivityThreadMethods[] = {
// ------------ Regular JNI ------------------
{ "nPurgePendingResources", "()V",
(void*) android_app_ActivityThread_purgePendingResources },
diff --git a/core/jni/android_os_HidlMemory.cpp b/core/jni/android_os_HidlMemory.cpp
index 69e48184c0ad..612fc95776a5 100644
--- a/core/jni/android_os_HidlMemory.cpp
+++ b/core/jni/android_os_HidlMemory.cpp
@@ -50,7 +50,7 @@ static void nativeFinalize(JNIEnv* env, jobject jobj) {
delete native;
}
-static JNINativeMethod gMethods[] = {
+static const JNINativeMethod gMethods[] = {
{"nativeFinalize", "()V", (void*) nativeFinalize},
};
diff --git a/core/jni/android_os_HwBinder.cpp b/core/jni/android_os_HwBinder.cpp
index 781895eeeaba..cbec79144826 100644
--- a/core/jni/android_os_HwBinder.cpp
+++ b/core/jni/android_os_HwBinder.cpp
@@ -352,7 +352,7 @@ static void JHwBinder_report_sysprop_change(JNIEnv * /*env*/, jclass /*clazz*/)
report_sysprop_change();
}
-static JNINativeMethod gMethods[] = {
+static const JNINativeMethod gMethods[] = {
{ "native_init", "()J", (void *)JHwBinder_native_init },
{ "native_setup", "()V", (void *)JHwBinder_native_setup },
diff --git a/core/jni/android_os_HwBlob.cpp b/core/jni/android_os_HwBlob.cpp
index a9db91be1d5b..ba4cf6101449 100644
--- a/core/jni/android_os_HwBlob.cpp
+++ b/core/jni/android_os_HwBlob.cpp
@@ -599,7 +599,7 @@ static jlong JHwBlob_native_handle(JNIEnv *env, jobject thiz) {
return handle;
}
-static JNINativeMethod gMethods[] = {
+static const JNINativeMethod gMethods[] = {
{ "native_init", "()J", (void *)JHwBlob_native_init },
{ "native_setup", "(I)V", (void *)JHwBlob_native_setup },
diff --git a/core/jni/android_os_HwParcel.cpp b/core/jni/android_os_HwParcel.cpp
index 4c4443fc29c3..78fd6d90691b 100644
--- a/core/jni/android_os_HwParcel.cpp
+++ b/core/jni/android_os_HwParcel.cpp
@@ -1068,7 +1068,7 @@ static void JHwParcel_native_writeBuffer(
}
}
-static JNINativeMethod gMethods[] = {
+static const JNINativeMethod gMethods[] = {
{ "native_init", "()J", (void *)JHwParcel_native_init },
{ "native_setup", "(Z)V", (void *)JHwParcel_native_setup },
diff --git a/core/jni/android_os_HwRemoteBinder.cpp b/core/jni/android_os_HwRemoteBinder.cpp
index 3af55fe810fc..feabd6a60fbf 100644
--- a/core/jni/android_os_HwRemoteBinder.cpp
+++ b/core/jni/android_os_HwRemoteBinder.cpp
@@ -442,7 +442,7 @@ static jint JHwRemoteBinder_hashCode(JNIEnv* env, jobject thiz) {
return static_cast<jint>(longHash ^ (longHash >> 32)); // See Long.hashCode()
}
-static JNINativeMethod gMethods[] = {
+static const JNINativeMethod gMethods[] = {
{ "native_init", "()J", (void *)JHwRemoteBinder_native_init },
{ "native_setup_empty", "()V",
diff --git a/libs/hwui/jni/android_graphics_DisplayListCanvas.cpp b/libs/hwui/jni/android_graphics_DisplayListCanvas.cpp
index f060bb32031a..3ebb3553ce20 100644
--- a/libs/hwui/jni/android_graphics_DisplayListCanvas.cpp
+++ b/libs/hwui/jni/android_graphics_DisplayListCanvas.cpp
@@ -174,7 +174,7 @@ static void android_view_DisplayListCanvas_drawWebViewFunctor(CRITICAL_JNI_PARAM
const char* const kClassPathName = "android/graphics/RecordingCanvas";
-static JNINativeMethod gMethods[] = {
+static const JNINativeMethod gMethods[] = {
// ------------ @CriticalNative --------------
{"nCreateDisplayListCanvas", "(JII)J",
(void*)android_view_DisplayListCanvas_createDisplayListCanvas},
diff --git a/media/jni/android_media_ImageWriter.cpp b/media/jni/android_media_ImageWriter.cpp
index b291ac95bf4f..1ee25c4f6421 100644
--- a/media/jni/android_media_ImageWriter.cpp
+++ b/media/jni/android_media_ImageWriter.cpp
@@ -1061,7 +1061,7 @@ static jobjectArray Image_createSurfacePlanes(JNIEnv* env, jobject thiz,
// ----------------------------------------------------------------------------
-static JNINativeMethod gImageWriterMethods[] = {
+static const JNINativeMethod gImageWriterMethods[] = {
{"nativeClassInit", "()V", (void*)ImageWriter_classInit },
{"nativeInit", "(Ljava/lang/Object;Landroid/view/Surface;IIII)J",
(void*)ImageWriter_init },
@@ -1075,7 +1075,7 @@ static JNINativeMethod gImageWriterMethods[] = {
{"cancelImage", "(JLandroid/media/Image;)V", (void*)ImageWriter_cancelImage },
};
-static JNINativeMethod gImageMethods[] = {
+static const JNINativeMethod gImageMethods[] = {
{"nativeCreatePlanes", "(II)[Landroid/media/ImageWriter$WriterSurfaceImage$SurfacePlane;",
(void*)Image_createSurfacePlanes },
{"nativeGetWidth", "()I", (void*)Image_getWidth },
diff --git a/media/jni/android_media_MediaSync.cpp b/media/jni/android_media_MediaSync.cpp
index d1ce30a3e827..d93bda166c44 100644
--- a/media/jni/android_media_MediaSync.cpp
+++ b/media/jni/android_media_MediaSync.cpp
@@ -514,7 +514,7 @@ static void android_media_MediaSync_native_finalize(JNIEnv *env, jobject thiz) {
android_media_MediaSync_release(env, thiz);
}
-static JNINativeMethod gMethods[] = {
+static const JNINativeMethod gMethods[] = {
{ "native_setSurface",
"(Landroid/view/Surface;)V",
(void *)android_media_MediaSync_native_setSurface },
diff --git a/media/jni/soundpool/android_media_SoundPool.cpp b/media/jni/soundpool/android_media_SoundPool.cpp
index a66d99fbd9f4..1665421aacd4 100644
--- a/media/jni/soundpool/android_media_SoundPool.cpp
+++ b/media/jni/soundpool/android_media_SoundPool.cpp
@@ -247,7 +247,7 @@ android_media_SoundPool_release(JNIEnv *env, jobject thiz)
// ----------------------------------------------------------------------------
// Dalvik VM type signatures
-static JNINativeMethod gMethods[] = {
+static const JNINativeMethod gMethods[] = {
{ "_load",
"(Ljava/io/FileDescriptor;JJI)I",
(void *)android_media_SoundPool_load_FD
diff --git a/services/core/jni/com_android_server_UsbMidiDevice.cpp b/services/core/jni/com_android_server_UsbMidiDevice.cpp
index d6b5bed173eb..564f71daedac 100644
--- a/services/core/jni/com_android_server_UsbMidiDevice.cpp
+++ b/services/core/jni/com_android_server_UsbMidiDevice.cpp
@@ -157,7 +157,7 @@ android_server_UsbMidiDevice_close(JNIEnv *env, jobject thiz, jobjectArray fds)
}
}
-static JNINativeMethod method_table[] = {
+static const JNINativeMethod method_table[] = {
{ "nativeGetSubdeviceCount", "(II)I", (void*)android_server_UsbMidiDevice_get_subdevice_count },
{ "nativeOpen", "(III)[Ljava/io/FileDescriptor;", (void*)android_server_UsbMidiDevice_open },
{ "nativeClose", "([Ljava/io/FileDescriptor;)V", (void*)android_server_UsbMidiDevice_close },
diff --git a/services/core/jni/com_android_server_tv_TvUinputBridge.cpp b/services/core/jni/com_android_server_tv_TvUinputBridge.cpp
index 99deab4fd652..2cb1aaef13fa 100644
--- a/services/core/jni/com_android_server_tv_TvUinputBridge.cpp
+++ b/services/core/jni/com_android_server_tv_TvUinputBridge.cpp
@@ -534,7 +534,7 @@ static void nativeClear(JNIEnv* env, jclass clazz, jlong ptr) {
* JNI registration
*/
-static JNINativeMethod gUinputBridgeMethods[] = {
+static const JNINativeMethod gUinputBridgeMethods[] = {
{"nativeOpen", "(Ljava/lang/String;Ljava/lang/String;III)J", (void*)nativeOpen},
{"nativeGamepadOpen", "(Ljava/lang/String;Ljava/lang/String;)J", (void*)nativeGamepadOpen},
{"nativeClose", "(J)V", (void*)nativeClose},

181
Patches/LineageOS-19.1/android_frameworks_base/0018-Exec_Based_Spawning-1.patch Normal file
View File

@ -0,0 +1,181 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Sat, 14 Mar 2015 18:10:20 -0400
Subject: [PATCH] add exec-based spawning support
---
.../com/android/internal/os/ExecInit.java | 115 ++++++++++++++++++
.../com/android/internal/os/WrapperInit.java | 2 +-
.../android/internal/os/ZygoteConnection.java | 10 +-
3 files changed, 125 insertions(+), 2 deletions(-)
create mode 100644 core/java/com/android/internal/os/ExecInit.java
diff --git a/core/java/com/android/internal/os/ExecInit.java b/core/java/com/android/internal/os/ExecInit.java
new file mode 100644
index 000000000000..2adcab7fdbe6
--- /dev/null
+++ b/core/java/com/android/internal/os/ExecInit.java
@@ -0,0 +1,115 @@
+package com.android.internal.os;
+
+import android.os.Trace;
+import android.system.ErrnoException;
+import android.system.Os;
+import android.util.Slog;
+import android.util.TimingsTraceLog;
+import dalvik.system.VMRuntime;
+
+/**
+ * Startup class for the process.
+ * @hide
+ */
+public class ExecInit {
+ /**
+ * Class not instantiable.
+ */
+ private ExecInit() {
+ }
+
+ /**
+ * The main function called when starting a runtime application.
+ *
+ * The first argument is the target SDK version for the app.
+ *
+ * The remaining arguments are passed to the runtime.
+ *
+ * @param args The command-line arguments.
+ */
+ public static void main(String[] args) {
+ // Parse our mandatory argument.
+ int targetSdkVersion = Integer.parseInt(args[0], 10);
+
+ // Mimic system Zygote preloading.
+ ZygoteInit.preload(new TimingsTraceLog("ExecInitTiming",
+ Trace.TRACE_TAG_DALVIK));
+
+ // Launch the application.
+ String[] runtimeArgs = new String[args.length - 1];
+ System.arraycopy(args, 1, runtimeArgs, 0, runtimeArgs.length);
+ Runnable r = execInit(targetSdkVersion, runtimeArgs);
+
+ r.run();
+ }
+
+ /**
+ * Executes a runtime application with exec-based spawning.
+ * This method never returns.
+ *
+ * @param niceName The nice name for the application, or null if none.
+ * @param targetSdkVersion The target SDK version for the app.
+ * @param args Arguments for {@link RuntimeInit#main}.
+ */
+ public static void execApplication(String niceName, int targetSdkVersion,
+ String instructionSet, String[] args) {
+ int niceArgs = niceName == null ? 0 : 1;
+ int baseArgs = 5 + niceArgs;
+ String[] argv = new String[baseArgs + args.length];
+ if (VMRuntime.is64BitInstructionSet(instructionSet)) {
+ argv[0] = "/system/bin/app_process64";
+ } else {
+ argv[0] = "/system/bin/app_process32";
+ }
+ argv[1] = "/system/bin";
+ argv[2] = "--application";
+ if (niceName != null) {
+ argv[3] = "--nice-name=" + niceName;
+ }
+ argv[3 + niceArgs] = "com.android.internal.os.ExecInit";
+ argv[4 + niceArgs] = Integer.toString(targetSdkVersion);
+ System.arraycopy(args, 0, argv, baseArgs, args.length);
+
+ WrapperInit.preserveCapabilities();
+ try {
+ Os.execv(argv[0], argv);
+ } catch (ErrnoException e) {
+ throw new RuntimeException(e);
+ }
+ }
+
+ /**
+ * The main function called when an application is started with exec-based spawning.
+ *
+ * When the app starts, the runtime starts {@link RuntimeInit#main}
+ * which calls {@link main} which then calls this method.
+ * So we don't need to call commonInit() here.
+ *
+ * @param targetSdkVersion target SDK version
+ * @param argv arg strings
+ */
+ private static Runnable execInit(int targetSdkVersion, String[] argv) {
+ if (RuntimeInit.DEBUG) {
+ Slog.d(RuntimeInit.TAG, "RuntimeInit: Starting application from exec");
+ }
+
+ // Check whether the first argument is a "-cp" in argv, and assume the next argument is the
+ // classpath. If found, create a PathClassLoader and use it for applicationInit.
+ ClassLoader classLoader = null;
+ if (argv != null && argv.length > 2 && argv[0].equals("-cp")) {
+ classLoader = ZygoteInit.createPathClassLoader(argv[1], targetSdkVersion);
+
+ // Install this classloader as the context classloader, too.
+ Thread.currentThread().setContextClassLoader(classLoader);
+
+ // Remove the classpath from the arguments.
+ String removedArgs[] = new String[argv.length - 2];
+ System.arraycopy(argv, 2, removedArgs, 0, argv.length - 2);
+ argv = removedArgs;
+ }
+
+ // Perform the same initialization that would happen after the Zygote forks.
+ Zygote.nativePreApplicationInit();
+ return RuntimeInit.applicationInit(targetSdkVersion, /*disabledCompatChanges*/ null, argv, classLoader);
+ }
+}
diff --git a/core/java/com/android/internal/os/WrapperInit.java b/core/java/com/android/internal/os/WrapperInit.java
index 6860759eea8a..a2eef62f80be 100644
--- a/core/java/com/android/internal/os/WrapperInit.java
+++ b/core/java/com/android/internal/os/WrapperInit.java
@@ -186,7 +186,7 @@ public class WrapperInit {
* This is acceptable here as failure will leave the wrapped app with strictly less
* capabilities, which may make it crash, but not exceed its allowances.
*/
- private static void preserveCapabilities() {
+ public static void preserveCapabilities() {
StructCapUserHeader header = new StructCapUserHeader(
OsConstants._LINUX_CAPABILITY_VERSION_3, 0);
StructCapUserData[] data;
diff --git a/core/java/com/android/internal/os/ZygoteConnection.java b/core/java/com/android/internal/os/ZygoteConnection.java
index 993e4e7b4b3d..756547706f60 100644
--- a/core/java/com/android/internal/os/ZygoteConnection.java
+++ b/core/java/com/android/internal/os/ZygoteConnection.java
@@ -29,6 +29,7 @@ import android.net.Credentials;
import android.net.LocalSocket;
import android.os.Parcel;
import android.os.Process;
+import android.os.SystemProperties;
import android.os.Trace;
import android.system.ErrnoException;
import android.system.Os;
@@ -247,7 +248,7 @@ class ZygoteConnection {
fdsToClose[1] = zygoteFd.getInt$();
}
- if (parsedArgs.mInvokeWith != null || parsedArgs.mStartChildZygote
+ if (parsedArgs.mInvokeWith != null || SystemProperties.getBoolean("sys.spawn.exec", true) || parsedArgs.mStartChildZygote
|| !multipleOK || peer.getUid() != Process.SYSTEM_UID) {
// Continue using old code for now. TODO: Handle these cases in the other path.
pid = Zygote.forkAndSpecialize(parsedArgs.mUid, parsedArgs.mGid,
@@ -535,6 +536,13 @@ class ZygoteConnection {
throw new IllegalStateException("WrapperInit.execApplication unexpectedly returned");
} else {
if (!isZygote) {
+ if (SystemProperties.getBoolean("sys.spawn.exec", true)) {
+ ExecInit.execApplication(parsedArgs.mNiceName, parsedArgs.mTargetSdkVersion,
+ VMRuntime.getCurrentInstructionSet(), parsedArgs.mRemainingArgs);
+
+ // Should not get here.
+ throw new IllegalStateException("ExecInit.execApplication unexpectedly returned");
+ }
return ZygoteInit.zygoteInit(parsedArgs.mTargetSdkVersion,
parsedArgs.mDisabledCompatChanges,
parsedArgs.mRemainingArgs, null /* classLoader */);

28
Patches/LineageOS-19.1/android_frameworks_base/0018-Exec_Based_Spawning-10.patch Normal file
View File

@ -0,0 +1,28 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Wed, 11 Sep 2019 06:57:24 -0400
Subject: [PATCH] disable preloading classloaders for exec spawning
---
core/java/com/android/internal/os/ZygoteInit.java | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/core/java/com/android/internal/os/ZygoteInit.java b/core/java/com/android/internal/os/ZygoteInit.java
index 851e5e1fb5b1..231b42ba64b9 100644
--- a/core/java/com/android/internal/os/ZygoteInit.java
+++ b/core/java/com/android/internal/os/ZygoteInit.java
@@ -143,9 +143,11 @@ public class ZygoteInit {
preloadClasses();
bootTimingsTraceLog.traceEnd(); // PreloadClasses
}
- bootTimingsTraceLog.traceBegin("CacheNonBootClasspathClassLoaders");
- cacheNonBootClasspathClassLoaders();
- bootTimingsTraceLog.traceEnd(); // CacheNonBootClasspathClassLoaders
+ if (fullPreload) {
+ bootTimingsTraceLog.traceBegin("CacheNonBootClasspathClassLoaders");
+ cacheNonBootClasspathClassLoaders();
+ bootTimingsTraceLog.traceEnd(); // CacheNonBootClasspathClassLoaders
+ }
if (fullPreload) {
bootTimingsTraceLog.traceBegin("PreloadResources");
preloadResources();

28
Patches/LineageOS-19.1/android_frameworks_base/0018-Exec_Based_Spawning-11.patch Normal file
View File

@ -0,0 +1,28 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Wed, 11 Sep 2019 06:58:51 -0400
Subject: [PATCH] disable preloading HALs for exec spawning
---
core/java/com/android/internal/os/ZygoteInit.java | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/core/java/com/android/internal/os/ZygoteInit.java b/core/java/com/android/internal/os/ZygoteInit.java
index 231b42ba64b9..1696d2135180 100644
--- a/core/java/com/android/internal/os/ZygoteInit.java
+++ b/core/java/com/android/internal/os/ZygoteInit.java
@@ -153,9 +153,11 @@ public class ZygoteInit {
preloadResources();
bootTimingsTraceLog.traceEnd(); // PreloadResources
}
- Trace.traceBegin(Trace.TRACE_TAG_DALVIK, "PreloadAppProcessHALs");
- nativePreloadAppProcessHALs();
- Trace.traceEnd(Trace.TRACE_TAG_DALVIK);
+ if (fullPreload) {
+ Trace.traceBegin(Trace.TRACE_TAG_DALVIK, "PreloadAppProcessHALs");
+ nativePreloadAppProcessHALs();
+ Trace.traceEnd(Trace.TRACE_TAG_DALVIK);
+ }
Trace.traceBegin(Trace.TRACE_TAG_DALVIK, "PreloadGraphicsDriver");
maybePreloadGraphicsDriver();
Trace.traceEnd(Trace.TRACE_TAG_DALVIK);

253
Patches/LineageOS-19.1/android_frameworks_base/0018-Exec_Based_Spawning-12.patch Normal file
View File

@ -0,0 +1,253 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: anupritaisno1 <www.anuprita804@gmail.com>
Date: Fri, 30 Oct 2020 22:26:09 +0000
Subject: [PATCH] pass through runtime flags for exec spawning and implement
them in the child
Signed-off-by: anupritaisno1 <www.anuprita804@gmail.com>
---
.../com/android/internal/os/ExecInit.java | 14 +-
core/java/com/android/internal/os/Zygote.java | 9 ++
.../android/internal/os/ZygoteConnection.java | 2 +-
core/jni/com_android_internal_os_Zygote.cpp | 129 ++++++++++--------
4 files changed, 89 insertions(+), 65 deletions(-)
diff --git a/core/java/com/android/internal/os/ExecInit.java b/core/java/com/android/internal/os/ExecInit.java
index 830e5b562a91..749c67abf389 100644
--- a/core/java/com/android/internal/os/ExecInit.java
+++ b/core/java/com/android/internal/os/ExecInit.java
@@ -31,15 +31,20 @@ public class ExecInit {
// Parse our mandatory argument.
int targetSdkVersion = Integer.parseInt(args[0], 10);
+ // Parse the runtime_flags.
+ int runtimeFlags = Integer.parseInt(args[1], 10);
+
// Mimic system Zygote preloading.
ZygoteInit.preload(new TimingsTraceLog("ExecInitTiming",
Trace.TRACE_TAG_DALVIK), false);
// Launch the application.
- String[] runtimeArgs = new String[args.length - 1];
- System.arraycopy(args, 1, runtimeArgs, 0, runtimeArgs.length);
+ String[] runtimeArgs = new String[args.length - 2];
+ System.arraycopy(args, 2, runtimeArgs, 0, runtimeArgs.length);
Runnable r = execInit(targetSdkVersion, runtimeArgs);
+ Zygote.nativeHandleRuntimeFlags(runtimeFlags);
+
r.run();
}
@@ -52,9 +57,9 @@ public class ExecInit {
* @param args Arguments for {@link RuntimeInit#main}.
*/
public static void execApplication(String niceName, int targetSdkVersion,
- String instructionSet, String[] args) {
+ String instructionSet, int runtimeFlags, String[] args) {
int niceArgs = niceName == null ? 0 : 1;
- int baseArgs = 5 + niceArgs;
+ int baseArgs = 6 + niceArgs;
String[] argv = new String[baseArgs + args.length];
if (VMRuntime.is64BitInstructionSet(instructionSet)) {
argv[0] = "/system/bin/app_process64";
@@ -68,6 +73,7 @@ public class ExecInit {
}
argv[3 + niceArgs] = "com.android.internal.os.ExecInit";
argv[4 + niceArgs] = Integer.toString(targetSdkVersion);
+ argv[5 + niceArgs] = Integer.toString(runtimeFlags);
System.arraycopy(args, 0, argv, baseArgs, args.length);
WrapperInit.preserveCapabilities();
diff --git a/core/java/com/android/internal/os/Zygote.java b/core/java/com/android/internal/os/Zygote.java
index 6d4b8c5ea1ad..1f0ac0bd6520 100644
--- a/core/java/com/android/internal/os/Zygote.java
+++ b/core/java/com/android/internal/os/Zygote.java
@@ -1170,4 +1170,13 @@ public final class Zygote {
* we failed to determine the level.
*/
public static native int nativeCurrentTaggingLevel();
+
+ /**
+ * Used on GrapheneOS to set up runtime flags
+ *
+ * @param runtimeFlags flags to be passed to the native method
+ *
+ * @hide
+ */
+ public static native void nativeHandleRuntimeFlags(int runtimeFlags);
}
diff --git a/core/java/com/android/internal/os/ZygoteConnection.java b/core/java/com/android/internal/os/ZygoteConnection.java
index 27518dd4cdce..a8d9400c7992 100644
--- a/core/java/com/android/internal/os/ZygoteConnection.java
+++ b/core/java/com/android/internal/os/ZygoteConnection.java
@@ -539,7 +539,7 @@ class ZygoteConnection {
if (SystemProperties.getBoolean("sys.spawn.exec", true) &&
(parsedArgs.mRuntimeFlags & ApplicationInfo.FLAG_DEBUGGABLE) == 0) {
ExecInit.execApplication(parsedArgs.mNiceName, parsedArgs.mTargetSdkVersion,
- VMRuntime.getCurrentInstructionSet(), parsedArgs.mRemainingArgs);
+ VMRuntime.getCurrentInstructionSet(), parsedArgs.mRuntimeFlags, parsedArgs.mRemainingArgs);
// Should not get here.
throw new IllegalStateException("ExecInit.execApplication unexpectedly returned");
diff --git a/core/jni/com_android_internal_os_Zygote.cpp b/core/jni/com_android_internal_os_Zygote.cpp
index bed0aae074a4..69f615a8e0f4 100644
--- a/core/jni/com_android_internal_os_Zygote.cpp
+++ b/core/jni/com_android_internal_os_Zygote.cpp
@@ -1552,6 +1552,69 @@ static void BindMountStorageDirs(JNIEnv* env, jobjectArray pkg_data_info_list,
}
}
+static void HandleRuntimeFlags(JNIEnv* env, jint& runtime_flags) {
+ // Set process properties to enable debugging if required.
+ if ((runtime_flags & RuntimeFlags::DEBUG_ENABLE_JDWP) != 0) {
+ EnableDebugger();
+ }
+ if ((runtime_flags & RuntimeFlags::PROFILE_FROM_SHELL) != 0) {
+ // simpleperf needs the process to be dumpable to profile it.
+ if (prctl(PR_SET_DUMPABLE, 1, 0, 0, 0) == -1) {
+ ALOGE("prctl(PR_SET_DUMPABLE) failed: %s", strerror(errno));
+ RuntimeAbort(env, __LINE__, "prctl(PR_SET_DUMPABLE, 1) failed");
+ }
+ }
+
+ HeapTaggingLevel heap_tagging_level;
+ switch (runtime_flags & RuntimeFlags::MEMORY_TAG_LEVEL_MASK) {
+ case RuntimeFlags::MEMORY_TAG_LEVEL_TBI:
+ heap_tagging_level = M_HEAP_TAGGING_LEVEL_TBI;
+ break;
+ case RuntimeFlags::MEMORY_TAG_LEVEL_ASYNC:
+ heap_tagging_level = M_HEAP_TAGGING_LEVEL_ASYNC;
+ break;
+ case RuntimeFlags::MEMORY_TAG_LEVEL_SYNC:
+ heap_tagging_level = M_HEAP_TAGGING_LEVEL_SYNC;
+ break;
+ default:
+ heap_tagging_level = M_HEAP_TAGGING_LEVEL_NONE;
+ break;
+ }
+ mallopt(M_BIONIC_SET_HEAP_TAGGING_LEVEL, heap_tagging_level);
+
+ // Now that we've used the flag, clear it so that we don't pass unknown flags to the ART
+ // runtime.
+ runtime_flags &= ~RuntimeFlags::MEMORY_TAG_LEVEL_MASK;
+
+ // Avoid heap zero initialization for applications without MTE. Zero init may
+ // cause app compat problems, use more memory, or reduce performance. While it
+ // would be nice to have them for apps, we will have to wait until they are
+ // proven out, have more efficient hardware, and/or apply them only to new
+ // applications.
+ if (!(runtime_flags & RuntimeFlags::NATIVE_HEAP_ZERO_INIT)) {
+ mallopt(M_BIONIC_ZERO_INIT, 0);
+ }
+
+ // Now that we've used the flag, clear it so that we don't pass unknown flags to the ART
+ // runtime.
+ runtime_flags &= ~RuntimeFlags::NATIVE_HEAP_ZERO_INIT;
+
+ bool forceEnableGwpAsan = false;
+ switch (runtime_flags & RuntimeFlags::GWP_ASAN_LEVEL_MASK) {
+ default:
+ case RuntimeFlags::GWP_ASAN_LEVEL_NEVER:
+ break;
+ case RuntimeFlags::GWP_ASAN_LEVEL_ALWAYS:
+ forceEnableGwpAsan = true;
+ [[fallthrough]];
+ case RuntimeFlags::GWP_ASAN_LEVEL_LOTTERY:
+ android_mallopt(M_INITIALIZE_GWP_ASAN, &forceEnableGwpAsan, sizeof(forceEnableGwpAsan));
+ }
+ // Now that we've used the flag, clear it so that we don't pass unknown flags to the ART
+ // runtime.
+ runtime_flags &= ~RuntimeFlags::GWP_ASAN_LEVEL_MASK;
+}
+
// Utility routine to specialize a zygote child process.
static void SpecializeCommon(JNIEnv* env, uid_t uid, gid_t gid, jintArray gids, jint runtime_flags,
jobjectArray rlimits, jlong permitted_capabilities,
@@ -1679,66 +1742,7 @@ static void SpecializeCommon(JNIEnv* env, uid_t uid, gid_t gid, jintArray gids,
}
}
- // Set process properties to enable debugging if required.
- if ((runtime_flags & RuntimeFlags::DEBUG_ENABLE_JDWP) != 0) {
- EnableDebugger();
- }
- if ((runtime_flags & RuntimeFlags::PROFILE_FROM_SHELL) != 0) {
- // simpleperf needs the process to be dumpable to profile it.
- if (prctl(PR_SET_DUMPABLE, 1, 0, 0, 0) == -1) {
- ALOGE("prctl(PR_SET_DUMPABLE) failed: %s", strerror(errno));
- RuntimeAbort(env, __LINE__, "prctl(PR_SET_DUMPABLE, 1) failed");
- }
- }
-
- HeapTaggingLevel heap_tagging_level;
- switch (runtime_flags & RuntimeFlags::MEMORY_TAG_LEVEL_MASK) {
- case RuntimeFlags::MEMORY_TAG_LEVEL_TBI:
- heap_tagging_level = M_HEAP_TAGGING_LEVEL_TBI;
- break;
- case RuntimeFlags::MEMORY_TAG_LEVEL_ASYNC:
- heap_tagging_level = M_HEAP_TAGGING_LEVEL_ASYNC;
- break;
- case RuntimeFlags::MEMORY_TAG_LEVEL_SYNC:
- heap_tagging_level = M_HEAP_TAGGING_LEVEL_SYNC;
- break;
- default:
- heap_tagging_level = M_HEAP_TAGGING_LEVEL_NONE;
- break;
- }
- mallopt(M_BIONIC_SET_HEAP_TAGGING_LEVEL, heap_tagging_level);
-
- // Now that we've used the flag, clear it so that we don't pass unknown flags to the ART
- // runtime.
- runtime_flags &= ~RuntimeFlags::MEMORY_TAG_LEVEL_MASK;
-
- // Avoid heap zero initialization for applications without MTE. Zero init may
- // cause app compat problems, use more memory, or reduce performance. While it
- // would be nice to have them for apps, we will have to wait until they are
- // proven out, have more efficient hardware, and/or apply them only to new
- // applications.
- if (!(runtime_flags & RuntimeFlags::NATIVE_HEAP_ZERO_INIT)) {
- mallopt(M_BIONIC_ZERO_INIT, 0);
- }
-
- // Now that we've used the flag, clear it so that we don't pass unknown flags to the ART
- // runtime.
- runtime_flags &= ~RuntimeFlags::NATIVE_HEAP_ZERO_INIT;
-
- bool forceEnableGwpAsan = false;
- switch (runtime_flags & RuntimeFlags::GWP_ASAN_LEVEL_MASK) {
- default:
- case RuntimeFlags::GWP_ASAN_LEVEL_NEVER:
- break;
- case RuntimeFlags::GWP_ASAN_LEVEL_ALWAYS:
- forceEnableGwpAsan = true;
- [[fallthrough]];
- case RuntimeFlags::GWP_ASAN_LEVEL_LOTTERY:
- android_mallopt(M_INITIALIZE_GWP_ASAN, &forceEnableGwpAsan, sizeof(forceEnableGwpAsan));
- }
- // Now that we've used the flag, clear it so that we don't pass unknown flags to the ART
- // runtime.
- runtime_flags &= ~RuntimeFlags::GWP_ASAN_LEVEL_MASK;
+ HandleRuntimeFlags(env, runtime_flags);
if (NeedsNoRandomizeWorkaround()) {
// Work around ARM kernel ASLR lossage (http://b/5817320).
@@ -2642,6 +2646,10 @@ static void com_android_internal_os_Zygote_nativeAllowFilesOpenedByPreload(JNIEn
gPreloadFdsExtracted = true;
}
+static void nativeHandleRuntimeFlagsWrapper(JNIEnv* env, jclass, jint runtime_flags) {
+ HandleRuntimeFlags(env, runtime_flags);
+}
+
static const JNINativeMethod gMethods[] = {
{"nativeForkAndSpecialize",
"(II[II[[IILjava/lang/String;Ljava/lang/String;[I[IZLjava/lang/String;Ljava/lang/"
@@ -2694,6 +2702,7 @@ static const JNINativeMethod gMethods[] = {
(void*)com_android_internal_os_Zygote_nativeMarkOpenedFilesBeforePreload},
{"nativeAllowFilesOpenedByPreload", "()V",
(void*)com_android_internal_os_Zygote_nativeAllowFilesOpenedByPreload},
+ {"nativeHandleRuntimeFlags", "(I)V", (void*)nativeHandleRuntimeFlagsWrapper},
};
int register_com_android_internal_os_Zygote(JNIEnv* env) {

25
Patches/LineageOS-19.1/android_frameworks_base/0018-Exec_Based_Spawning-2.patch Normal file
View File

@ -0,0 +1,25 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Tue, 21 May 2019 23:54:20 -0400
Subject: [PATCH] disable exec spawning when using debugging options
The debugging options are not yet supported probably, so disable exec
spawning when doing debugging.
---
core/java/com/android/internal/os/ZygoteConnection.java | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/core/java/com/android/internal/os/ZygoteConnection.java b/core/java/com/android/internal/os/ZygoteConnection.java
index 756547706f60..27518dd4cdce 100644
--- a/core/java/com/android/internal/os/ZygoteConnection.java
+++ b/core/java/com/android/internal/os/ZygoteConnection.java
@@ -536,7 +536,8 @@ class ZygoteConnection {
throw new IllegalStateException("WrapperInit.execApplication unexpectedly returned");
} else {
if (!isZygote) {
- if (SystemProperties.getBoolean("sys.spawn.exec", true)) {
+ if (SystemProperties.getBoolean("sys.spawn.exec", true) &&
+ (parsedArgs.mRuntimeFlags & ApplicationInfo.FLAG_DEBUGGABLE) == 0) {
ExecInit.execApplication(parsedArgs.mNiceName, parsedArgs.mTargetSdkVersion,
VMRuntime.getCurrentInstructionSet(), parsedArgs.mRemainingArgs);

47
Patches/LineageOS-19.1/android_frameworks_base/0018-Exec_Based_Spawning-3.patch Normal file
View File

@ -0,0 +1,47 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Tue, 14 May 2019 14:24:21 -0400
Subject: [PATCH] add parameter for avoiding full preload with exec
---
core/java/com/android/internal/os/ExecInit.java | 2 +-
core/java/com/android/internal/os/ZygoteInit.java | 6 +++++-
2 files changed, 6 insertions(+), 2 deletions(-)
diff --git a/core/java/com/android/internal/os/ExecInit.java b/core/java/com/android/internal/os/ExecInit.java
index 2adcab7fdbe6..830e5b562a91 100644
--- a/core/java/com/android/internal/os/ExecInit.java
+++ b/core/java/com/android/internal/os/ExecInit.java
@@ -33,7 +33,7 @@ public class ExecInit {
// Mimic system Zygote preloading.
ZygoteInit.preload(new TimingsTraceLog("ExecInitTiming",
- Trace.TRACE_TAG_DALVIK));
+ Trace.TRACE_TAG_DALVIK), false);
// Launch the application.
String[] runtimeArgs = new String[args.length - 1];
diff --git a/core/java/com/android/internal/os/ZygoteInit.java b/core/java/com/android/internal/os/ZygoteInit.java
index 89b33590ab35..fefff67a66eb 100644
--- a/core/java/com/android/internal/os/ZygoteInit.java
+++ b/core/java/com/android/internal/os/ZygoteInit.java
@@ -133,7 +133,7 @@ public class ZygoteInit {
*/
private static ClassLoader sCachedSystemServerClassLoader = null;
- static void preload(TimingsTraceLog bootTimingsTraceLog) {
+ static void preload(TimingsTraceLog bootTimingsTraceLog, boolean fullPreload) {
Log.d(TAG, "begin preload");
bootTimingsTraceLog.traceBegin("BeginPreload");
beginPreload();
@@ -165,6 +165,10 @@ public class ZygoteInit {
sPreloadComplete = true;
}
+ static void preload(TimingsTraceLog bootTimingsTraceLog) {
+ preload(bootTimingsTraceLog, true);
+ }
+
static void lazyPreload() {
Preconditions.checkState(!sPreloadComplete);
Log.i(TAG, "Lazily preloading resources.");

50
Patches/LineageOS-19.1/android_frameworks_base/0018-Exec_Based_Spawning-4.patch Normal file
View File

@ -0,0 +1,50 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Wed, 11 Sep 2019 06:43:55 -0400
Subject: [PATCH] pass through fullPreload to libcore
---
core/java/com/android/internal/os/ZygoteInit.java | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/core/java/com/android/internal/os/ZygoteInit.java b/core/java/com/android/internal/os/ZygoteInit.java
index fefff67a66eb..b07173d50b9d 100644
--- a/core/java/com/android/internal/os/ZygoteInit.java
+++ b/core/java/com/android/internal/os/ZygoteInit.java
@@ -136,7 +136,7 @@ public class ZygoteInit {
static void preload(TimingsTraceLog bootTimingsTraceLog, boolean fullPreload) {
Log.d(TAG, "begin preload");
bootTimingsTraceLog.traceBegin("BeginPreload");
- beginPreload();
+ beginPreload(fullPreload);
bootTimingsTraceLog.traceEnd(); // BeginPreload
bootTimingsTraceLog.traceBegin("PreloadClasses");
preloadClasses();
@@ -158,7 +158,7 @@ public class ZygoteInit {
// Ask the WebViewFactory to do any initialization that must run in the zygote process,
// for memory sharing purposes.
WebViewFactory.prepareWebViewInZygote();
- endPreload();
+ endPreload(fullPreload);
warmUpJcaProviders();
Log.d(TAG, "end preload");
@@ -176,14 +176,14 @@ public class ZygoteInit {
preload(new TimingsTraceLog("ZygoteInitTiming_lazy", Trace.TRACE_TAG_DALVIK));
}
- private static void beginPreload() {
+ private static void beginPreload(boolean fullPreload) {
Log.i(TAG, "Calling ZygoteHooks.beginPreload()");
- ZygoteHooks.onBeginPreload();
+ ZygoteHooks.onBeginPreload(fullPreload);
}
- private static void endPreload() {
- ZygoteHooks.onEndPreload();
+ private static void endPreload(boolean fullPreload) {
+ ZygoteHooks.onEndPreload(fullPreload);
Log.i(TAG, "Called ZygoteHooks.endPreload()");
}

28
Patches/LineageOS-19.1/android_frameworks_base/0018-Exec_Based_Spawning-5.patch Normal file
View File

@ -0,0 +1,28 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Tue, 14 May 2019 14:28:27 -0400
Subject: [PATCH] disable OpenGL preloading for exec spawning
---
core/java/com/android/internal/os/ZygoteInit.java | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/core/java/com/android/internal/os/ZygoteInit.java b/core/java/com/android/internal/os/ZygoteInit.java
index b07173d50b9d..d1f7ca14501e 100644
--- a/core/java/com/android/internal/os/ZygoteInit.java
+++ b/core/java/com/android/internal/os/ZygoteInit.java
@@ -150,9 +150,11 @@ public class ZygoteInit {
Trace.traceBegin(Trace.TRACE_TAG_DALVIK, "PreloadAppProcessHALs");
nativePreloadAppProcessHALs();
Trace.traceEnd(Trace.TRACE_TAG_DALVIK);
- Trace.traceBegin(Trace.TRACE_TAG_DALVIK, "PreloadGraphicsDriver");
- maybePreloadGraphicsDriver();
- Trace.traceEnd(Trace.TRACE_TAG_DALVIK);
+ if (fullPreload) {
+ Trace.traceBegin(Trace.TRACE_TAG_DALVIK, "PreloadGraphicsDriver");
+ maybePreloadGraphicsDriver();
+ Trace.traceEnd(Trace.TRACE_TAG_DALVIK);
+ }
preloadSharedLibraries();
preloadTextResources();
// Ask the WebViewFactory to do any initialization that must run in the zygote process,

28
Patches/LineageOS-19.1/android_frameworks_base/0018-Exec_Based_Spawning-6.patch Normal file
View File

@ -0,0 +1,28 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Tue, 14 May 2019 14:28:52 -0400
Subject: [PATCH] disable resource preloading for exec spawning
---
core/java/com/android/internal/os/ZygoteInit.java | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/core/java/com/android/internal/os/ZygoteInit.java b/core/java/com/android/internal/os/ZygoteInit.java
index b07173d50b9d..dbb1fb83f62d 100644
--- a/core/java/com/android/internal/os/ZygoteInit.java
+++ b/core/java/com/android/internal/os/ZygoteInit.java
@@ -144,9 +144,11 @@ public class ZygoteInit {
bootTimingsTraceLog.traceBegin("CacheNonBootClasspathClassLoaders");
cacheNonBootClasspathClassLoaders();
bootTimingsTraceLog.traceEnd(); // CacheNonBootClasspathClassLoaders
- bootTimingsTraceLog.traceBegin("PreloadResources");
- preloadResources();
- bootTimingsTraceLog.traceEnd(); // PreloadResources
+ if (fullPreload) {
+ bootTimingsTraceLog.traceBegin("PreloadResources");
+ preloadResources();
+ bootTimingsTraceLog.traceEnd(); // PreloadResources
+ }
Trace.traceBegin(Trace.TRACE_TAG_DALVIK, "PreloadAppProcessHALs");
nativePreloadAppProcessHALs();
Trace.traceEnd(Trace.TRACE_TAG_DALVIK);

28
Patches/LineageOS-19.1/android_frameworks_base/0018-Exec_Based_Spawning-7.patch Normal file
View File

@ -0,0 +1,28 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Tue, 14 May 2019 14:30:59 -0400
Subject: [PATCH] disable class preloading for exec spawning
---
core/java/com/android/internal/os/ZygoteInit.java | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/core/java/com/android/internal/os/ZygoteInit.java b/core/java/com/android/internal/os/ZygoteInit.java
index dbb1fb83f62d..2c681002eaf8 100644
--- a/core/java/com/android/internal/os/ZygoteInit.java
+++ b/core/java/com/android/internal/os/ZygoteInit.java
@@ -138,9 +138,11 @@ public class ZygoteInit {
bootTimingsTraceLog.traceBegin("BeginPreload");
beginPreload(fullPreload);
bootTimingsTraceLog.traceEnd(); // BeginPreload
- bootTimingsTraceLog.traceBegin("PreloadClasses");
- preloadClasses();
- bootTimingsTraceLog.traceEnd(); // PreloadClasses
+ if (fullPreload) {
+ bootTimingsTraceLog.traceBegin("PreloadClasses");
+ preloadClasses();
+ bootTimingsTraceLog.traceEnd(); // PreloadClasses
+ }
bootTimingsTraceLog.traceBegin("CacheNonBootClasspathClassLoaders");
cacheNonBootClasspathClassLoaders();
bootTimingsTraceLog.traceEnd(); // CacheNonBootClasspathClassLoaders

28
Patches/LineageOS-19.1/android_frameworks_base/0018-Exec_Based_Spawning-8.patch Normal file
View File

@ -0,0 +1,28 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Tue, 14 May 2019 14:31:29 -0400
Subject: [PATCH] disable WebView reservation for exec spawning
---
core/java/com/android/internal/os/ZygoteInit.java | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/core/java/com/android/internal/os/ZygoteInit.java b/core/java/com/android/internal/os/ZygoteInit.java
index 2c681002eaf8..abef5cd17126 100644
--- a/core/java/com/android/internal/os/ZygoteInit.java
+++ b/core/java/com/android/internal/os/ZygoteInit.java
@@ -159,9 +159,11 @@ public class ZygoteInit {
Trace.traceEnd(Trace.TRACE_TAG_DALVIK);
preloadSharedLibraries();
preloadTextResources();
- // Ask the WebViewFactory to do any initialization that must run in the zygote process,
- // for memory sharing purposes.
- WebViewFactory.prepareWebViewInZygote();
+ if (fullPreload) {
+ // Ask the WebViewFactory to do any initialization that must run in the zygote process,
+ // for memory sharing purposes.
+ WebViewFactory.prepareWebViewInZygote();
+ }
endPreload(fullPreload);
warmUpJcaProviders();
Log.d(TAG, "end preload");

57
Patches/LineageOS-19.1/android_frameworks_base/0018-Exec_Based_Spawning-9.patch Normal file
View File

@ -0,0 +1,57 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Tue, 14 May 2019 14:34:32 -0400
Subject: [PATCH] disable JCA provider warm up for exec spawning
---
.../com/android/internal/os/ZygoteInit.java | 22 ++++++++++---------
1 file changed, 12 insertions(+), 10 deletions(-)
diff --git a/core/java/com/android/internal/os/ZygoteInit.java b/core/java/com/android/internal/os/ZygoteInit.java
index abef5cd17126..851e5e1fb5b1 100644
--- a/core/java/com/android/internal/os/ZygoteInit.java
+++ b/core/java/com/android/internal/os/ZygoteInit.java
@@ -165,7 +165,7 @@ public class ZygoteInit {
WebViewFactory.prepareWebViewInZygote();
}
endPreload(fullPreload);
- warmUpJcaProviders();
+ warmUpJcaProviders(fullPreload);
Log.d(TAG, "end preload");
sPreloadComplete = true;
@@ -229,7 +229,7 @@ public class ZygoteInit {
* By doing it here we avoid that each app does it when requesting a service from the provider
* for the first time.
*/
- private static void warmUpJcaProviders() {
+ private static void warmUpJcaProviders(boolean fullPreload) {
long startTime = SystemClock.uptimeMillis();
Trace.traceBegin(
Trace.TRACE_TAG_DALVIK, "Starting installation of AndroidKeyStoreProvider");
@@ -239,15 +239,17 @@ public class ZygoteInit {
+ (SystemClock.uptimeMillis() - startTime) + "ms.");
Trace.traceEnd(Trace.TRACE_TAG_DALVIK);
- startTime = SystemClock.uptimeMillis();
- Trace.traceBegin(
- Trace.TRACE_TAG_DALVIK, "Starting warm up of JCA providers");
- for (Provider p : Security.getProviders()) {
- p.warmUpServiceProvision();
+ if (fullPreload) {
+ startTime = SystemClock.uptimeMillis();
+ Trace.traceBegin(
+ Trace.TRACE_TAG_DALVIK, "Starting warm up of JCA providers");
+ for (Provider p : Security.getProviders()) {
+ p.warmUpServiceProvision();
+ }
+ Log.i(TAG, "Warmed up JCA providers in "
+ + (SystemClock.uptimeMillis() - startTime) + "ms.");
+ Trace.traceEnd(Trace.TRACE_TAG_DALVIK);
}
- Log.i(TAG, "Warmed up JCA providers in "
- + (SystemClock.uptimeMillis() - startTime) + "ms.");
- Trace.traceEnd(Trace.TRACE_TAG_DALVIK);
}
/**

48
Patches/LineageOS-19.1/android_frameworks_base/0020-Location_Indicators.patch Normal file
View File

@ -0,0 +1,48 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Danny Lin <danny@kdrag0n.dev>
Date: Mon, 11 Oct 2021 15:03:59 -0700
Subject: [PATCH] SystemUI: Use new privacy indicators for location
Android has had location indicators for a while, but let's use the new
privacy indicator infrastructure for displaying them. This makes them
integrate better with the new camera and microphone indicators.
Change-Id: Ie457bb2dad17bddbf9dc3a818e3ec586023ce918
---
core/java/android/permission/PermissionUsageHelper.java | 2 +-
.../src/com/android/systemui/privacy/PrivacyItemController.kt | 4 ++--
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/core/java/android/permission/PermissionUsageHelper.java b/core/java/android/permission/PermissionUsageHelper.java
index cf2361a1026a..5ba24a3d4e7a 100644
--- a/core/java/android/permission/PermissionUsageHelper.java
+++ b/core/java/android/permission/PermissionUsageHelper.java
@@ -101,7 +101,7 @@ public class PermissionUsageHelper implements AppOpsManager.OnOpActiveChangedLis
private static boolean shouldShowLocationIndicator() {
return DeviceConfig.getBoolean(DeviceConfig.NAMESPACE_PRIVACY,
- PROPERTY_LOCATION_INDICATORS_ENABLED, false);
+ PROPERTY_LOCATION_INDICATORS_ENABLED, true);
}
private static long getRecentThreshold(Long now) {
diff --git a/packages/SystemUI/src/com/android/systemui/privacy/PrivacyItemController.kt b/packages/SystemUI/src/com/android/systemui/privacy/PrivacyItemController.kt
index e072b4a3646c..f7bf1c3af7a2 100644
--- a/packages/SystemUI/src/com/android/systemui/privacy/PrivacyItemController.kt
+++ b/packages/SystemUI/src/com/android/systemui/privacy/PrivacyItemController.kt
@@ -73,7 +73,7 @@ class PrivacyItemController @Inject constructor(
private const val MIC_CAMERA = SystemUiDeviceConfigFlags.PROPERTY_MIC_CAMERA_ENABLED
private const val LOCATION = SystemUiDeviceConfigFlags.PROPERTY_LOCATION_INDICATORS_ENABLED
private const val DEFAULT_MIC_CAMERA = true
- private const val DEFAULT_LOCATION = false
+ private const val DEFAULT_LOCATION = true
@VisibleForTesting const val TIME_TO_HOLD_INDICATORS = 5000L
}
@@ -381,4 +381,4 @@ class PrivacyItemController @Inject constructor(
listeningCanceller = delegate.executeDelayed({ setListeningState() }, 0L)
}
}
-}
\ No newline at end of file
+}

22
Patches/LineageOS-19.1/android_frameworks_ex/0001-constify_JNINativeMethod.patch Normal file
View File

@ -0,0 +1,22 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Mon, 4 Jan 2021 19:56:14 -0500
Subject: [PATCH] constify JNINativeMethod table
---
framesequence/jni/FrameSequenceJNI.cpp | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/framesequence/jni/FrameSequenceJNI.cpp b/framesequence/jni/FrameSequenceJNI.cpp
index c701f03..4041733 100644
--- a/framesequence/jni/FrameSequenceJNI.cpp
+++ b/framesequence/jni/FrameSequenceJNI.cpp
@@ -141,7 +141,7 @@ static jlong JNICALL nativeGetFrame(
return delayMs;
}
-static JNINativeMethod gMethods[] = {
+static const JNINativeMethod gMethods[] = {
{ "nativeDecodeByteArray",
"([BII)L" JNI_PACKAGE "/FrameSequence;",
(void*) nativeDecodeByteArray

22
Patches/LineageOS-19.1/android_frameworks_native/0001-Sensors_Permission.patch Normal file
View File

@ -0,0 +1,22 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Sat, 7 Oct 2017 16:28:57 -0400
Subject: [PATCH] require OTHER_SENSORS permission for sensors
Ported from 10: ff005a6b6a38baef95c4a01d7e1fc75aac651a58
---
libs/sensor/Sensor.cpp | 1 +
1 file changed, 1 insertion(+)
diff --git a/libs/sensor/Sensor.cpp b/libs/sensor/Sensor.cpp
index 0a49008584..94bac9177c 100644
--- a/libs/sensor/Sensor.cpp
+++ b/libs/sensor/Sensor.cpp
@@ -59,6 +59,7 @@ Sensor::Sensor(struct sensor_t const& hwSensor, const uuid_t& uuid, int halVersi
mMinDelay = hwSensor.minDelay;
mFlags = 0;
mUuid = uuid;
+ mRequiredPermission = "android.permission.OTHER_SENSORS";
// Set fifo event count zero for older devices which do not support batching. Fused
// sensors also have their fifo counts set to zero.

55
Patches/LineageOS-19.1/android_frameworks_opt_net_ims/0001-Fix_Calling.patch Normal file
View File

@ -0,0 +1,55 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Tad <tad@spotco.us>
Date: Tue, 14 Apr 2020 16:59:46 -0400
Subject: [PATCH] Fix calling after VoLTE is removed from devices that had it
previously enabled
Change-Id: Id5e3b8f7793d0783104b8b59581688c8ef821396
---
src/java/com/android/ims/ImsManager.java | 26 +-----------------------
1 file changed, 1 insertion(+), 25 deletions(-)
diff --git a/src/java/com/android/ims/ImsManager.java b/src/java/com/android/ims/ImsManager.java
index 345cbc5..fbf0389 100644
--- a/src/java/com/android/ims/ImsManager.java
+++ b/src/java/com/android/ims/ImsManager.java
@@ -534,13 +534,6 @@ public class ImsManager implements FeatureUpdates {
*/
@UnsupportedAppUsage(maxTargetSdk = Build.VERSION_CODES.R, trackingBug = 170729553)
public static boolean isEnhanced4gLteModeSettingEnabledByUser(Context context) {
- DefaultSubscriptionManagerProxy p = new DefaultSubscriptionManagerProxy(context);
- ImsManager mgr = ImsManager.getInstance(context, p.getDefaultVoicePhoneId());
- if (mgr != null) {
- return mgr.isEnhanced4gLteModeSettingEnabledByUser();
- }
- Rlog.e(TAG, "isEnhanced4gLteModeSettingEnabledByUser: ImsManager null, returning default"
- + " value.");
return false;
}
@@ -555,24 +548,7 @@ public class ImsManager implements FeatureUpdates {
* return the default value.
*/
public boolean isEnhanced4gLteModeSettingEnabledByUser() {
- int setting = mSubscriptionManagerProxy.getIntegerSubscriptionProperty(
- getSubId(), SubscriptionManager.ENHANCED_4G_MODE_ENABLED,
- SUB_PROPERTY_NOT_INITIALIZED);
- boolean onByDefault = getBooleanCarrierConfig(
- CarrierConfigManager.KEY_ENHANCED_4G_LTE_ON_BY_DEFAULT_BOOL);
- boolean isUiUnEditable =
- !getBooleanCarrierConfig(CarrierConfigManager.KEY_EDITABLE_ENHANCED_4G_LTE_BOOL)
- || getBooleanCarrierConfig(CarrierConfigManager.KEY_HIDE_ENHANCED_4G_LTE_BOOL);
- boolean isSettingNotInitialized = setting == SUB_PROPERTY_NOT_INITIALIZED;
-
- // If Enhanced 4G LTE Mode is uneditable, hidden, not initialized and VoIMS opt-in disabled
- // we use the default value. If VoIMS opt-in is enabled, we will always allow the user to
- // change the IMS enabled setting.
- if ((isUiUnEditable || isSettingNotInitialized) && !isVoImsOptInEnabled()) {
- return onByDefault;
- } else {
- return (setting == ProvisioningManager.PROVISIONING_VALUE_ENABLED);
- }
+ return false;
}
/**

88
Patches/LineageOS-19.1/android_frameworks_opt_net_wifi/0001-Random_MAC.patch Normal file
View File

@ -0,0 +1,88 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: renlord <me@renlord.com>
Date: Fri, 15 Oct 2021 19:11:18 +0530
Subject: [PATCH] add support for always generating new random MAC
To trigger re-generation of randomized MAC addressed for an already
connected AP. User simply has to toggle on/off wifi. Otherwise, on
re-connection, a new randomized MAC address also gets generated.
based on https://github.com/GrapheneOS/platform_frameworks_opt_net_wifi/commit/a0d9bda06b71694f38fe02bbe24628ee21a7d270
---
.../wifitrackerlib/StandardWifiEntry.java | 32 ++++++++++++++-----
.../com/android/wifitrackerlib/WifiEntry.java | 1 +
2 files changed, 25 insertions(+), 8 deletions(-)
diff --git a/libs/WifiTrackerLib/src/com/android/wifitrackerlib/StandardWifiEntry.java b/libs/WifiTrackerLib/src/com/android/wifitrackerlib/StandardWifiEntry.java
index 4f63ced83..3d3000d33 100644
--- a/libs/WifiTrackerLib/src/com/android/wifitrackerlib/StandardWifiEntry.java
+++ b/libs/WifiTrackerLib/src/com/android/wifitrackerlib/StandardWifiEntry.java
@@ -260,7 +260,7 @@ public class StandardWifiEntry extends WifiEntry {
return wifiInfoMac;
}
}
- if (mTargetWifiConfig == null || getPrivacy() != PRIVACY_RANDOMIZED_MAC) {
+ if (mTargetWifiConfig == null || getPrivacy() == PRIVACY_DEVICE_MAC) {
final String[] factoryMacs = mWifiManager.getFactoryMacAddresses();
if (factoryMacs.length > 0) {
return factoryMacs[0];
@@ -522,12 +522,18 @@ public class StandardWifiEntry extends WifiEntry {
@Override
@Privacy
public synchronized int getPrivacy() {
- if (mTargetWifiConfig != null
- && mTargetWifiConfig.macRandomizationSetting
- == WifiConfiguration.RANDOMIZATION_NONE) {
- return PRIVACY_DEVICE_MAC;
+ if (mTargetWifiConfig != null) {
+ switch (mTargetWifiConfig.macRandomizationSetting) {
+ case WifiConfiguration.RANDOMIZATION_NONE:
+ return PRIVACY_DEVICE_MAC;
+ case WifiConfiguration.RANDOMIZATION_ALWAYS:
+ return PRIVACY_RANDOMIZATION_ALWAYS;
+ default:
+ // WifiConfiguration.RANDOMIZATION_AUTO and WifiConfiguration.RANDOMIZATION_PERSISTENT
+ return PRIVACY_RANDOMIZED_MAC;
+ }
} else {
- return PRIVACY_RANDOMIZED_MAC;
+ return PRIVACY_RANDOMIZATION_ALWAYS;
}
}
@@ -537,11 +543,21 @@ public class StandardWifiEntry extends WifiEntry {
return;
}
- mTargetWifiConfig.macRandomizationSetting = privacy == PRIVACY_RANDOMIZED_MAC
- ? WifiConfiguration.RANDOMIZATION_AUTO : WifiConfiguration.RANDOMIZATION_NONE;
+ mTargetWifiConfig.macRandomizationSetting = translatePrivacyToWifiConfigurationValues(privacy);
mWifiManager.save(mTargetWifiConfig, null /* listener */);
}
+ private static int translatePrivacyToWifiConfigurationValues(int privacyValue) {
+ switch (privacyValue) {
+ case PRIVACY_RANDOMIZED_MAC:
+ return WifiConfiguration.RANDOMIZATION_PERSISTENT;
+ case PRIVACY_DEVICE_MAC:
+ return WifiConfiguration.RANDOMIZATION_NONE;
+ default:
+ return WifiConfiguration.RANDOMIZATION_ALWAYS;
+ }
+ }
+
@Override
public synchronized boolean isAutoJoinEnabled() {
if (mTargetWifiConfig == null) {
diff --git a/libs/WifiTrackerLib/src/com/android/wifitrackerlib/WifiEntry.java b/libs/WifiTrackerLib/src/com/android/wifitrackerlib/WifiEntry.java
index 15edf8a18..e3bc3a45b 100644
--- a/libs/WifiTrackerLib/src/com/android/wifitrackerlib/WifiEntry.java
+++ b/libs/WifiTrackerLib/src/com/android/wifitrackerlib/WifiEntry.java
@@ -156,6 +156,7 @@ public class WifiEntry implements Comparable<WifiEntry> {
public static final int PRIVACY_DEVICE_MAC = 0;
public static final int PRIVACY_RANDOMIZED_MAC = 1;
public static final int PRIVACY_UNKNOWN = 2;
+ public static final int PRIVACY_RANDOMIZATION_ALWAYS = 100;
@Retention(RetentionPolicy.SOURCE)
@IntDef(value = {

58
Patches/LineageOS-19.1/android_hardware_qcom_audio/0001-Unused-8996.patch Normal file
View File

@ -0,0 +1,58 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: codeworkx <daniel.hillenbrand@codeworkx.de>
Date: Sun, 20 Jan 2019 17:48:20 +0100
Subject: [PATCH] audio_extn: Fix unused parameter warning in utils.c
The unused parameter warning appears if we are not building with
at least one of the following cflags enabled:
* DEV_ARBI_ENABLED
* SOUND_TRIGGER_ENABLED
* AUDIO_LISTEN_ENABLED
hardware/qcom/audio/hal/audio_extn/utils.c:2522:55: error: unused parameter 'snd_device'
[-Werror,-Wunused-parameter]
void audio_extn_utils_release_snd_device(snd_device_t snd_device)
^
Change-Id: I694c683c9bfde60343f0f6ea8d806bc5e24437e6
(cherry picked from commit 12981fb9f3c8a67bcc362c7badfb9189bc181cda)
---
hal/audio_extn/audio_extn.h | 5 +++++
hal/audio_extn/utils.c | 2 ++
2 files changed, 7 insertions(+)
diff --git a/hal/audio_extn/audio_extn.h b/hal/audio_extn/audio_extn.h
index 1187642d1..38ae1aed5 100644
--- a/hal/audio_extn/audio_extn.h
+++ b/hal/audio_extn/audio_extn.h
@@ -688,7 +688,12 @@ bool audio_extn_utils_is_dolby_format(audio_format_t format);
int audio_extn_utils_get_bit_width_from_string(const char *);
int audio_extn_utils_get_sample_rate_from_string(const char *);
int audio_extn_utils_get_channels_from_string(const char *);
+
+#if !defined(DEV_ARBI_ENABLED) && !defined(SOUND_TRIGGER_ENABLED) && !defined(AUDIO_LISTEN_ENABLED)
+#define audio_extn_utils_release_snd_device(snd_device) (0)
+#else
void audio_extn_utils_release_snd_device(snd_device_t snd_device);
+#endif
int audio_extn_utils_get_app_sample_rate_for_device(struct audio_device *adev,
struct audio_usecase *usecase, int snd_device);
diff --git a/hal/audio_extn/utils.c b/hal/audio_extn/utils.c
index cd788542f..10f1eb216 100644
--- a/hal/audio_extn/utils.c
+++ b/hal/audio_extn/utils.c
@@ -2520,6 +2520,7 @@ int audio_extn_utils_get_channels_from_string(const char *id_string)
return -EINVAL;
}
+#if defined(DEV_ARBI_ENABLED) || defined(SOUND_TRIGGER_ENABLED) || defined(AUDIO_LISTEN_ENABLED)
void audio_extn_utils_release_snd_device(snd_device_t snd_device)
{
audio_extn_dev_arbi_release(snd_device);
@@ -2528,3 +2529,4 @@ void audio_extn_utils_release_snd_device(snd_device_t snd_device)
audio_extn_listen_update_device_status(snd_device,
LISTEN_EVENT_SND_DEVICE_FREE);
}
+#endif

60
Patches/LineageOS-19.1/android_hardware_qcom_audio/0001-Unused-8998.patch Normal file
View File

@ -0,0 +1,60 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: codeworkx <daniel.hillenbrand@codeworkx.de>
Date: Sun, 20 Jan 2019 17:48:20 +0100
Subject: [PATCH] audio_extn: Fix unused parameter warning in utils.c
The unused parameter warning appears if we are not building with
at least one of the following cflags enabled:
* DEV_ARBI_ENABLED
* SOUND_TRIGGER_ENABLED
* AUDIO_LISTEN_ENABLED
hardware/qcom/audio/hal/audio_extn/utils.c:2522:55: error: unused parameter 'snd_device'
[-Werror,-Wunused-parameter]
void audio_extn_utils_release_snd_device(snd_device_t snd_device)
^
Change-Id: I694c683c9bfde60343f0f6ea8d806bc5e24437e6
Signed-off-by: Atman <masteratman@gmail.com>
---
hal/audio_extn/audio_extn.h | 4 ++++
hal/audio_extn/utils.c | 2 ++
2 files changed, 6 insertions(+)
diff --git a/hal/audio_extn/audio_extn.h b/hal/audio_extn/audio_extn.h
index f37c948ec..c6b2051a7 100644
--- a/hal/audio_extn/audio_extn.h
+++ b/hal/audio_extn/audio_extn.h
@@ -815,7 +815,11 @@ bool audio_extn_utils_is_dolby_format(audio_format_t format);
int audio_extn_utils_get_bit_width_from_string(const char *);
int audio_extn_utils_get_sample_rate_from_string(const char *);
int audio_extn_utils_get_channels_from_string(const char *);
+#if !defined(DEV_ARBI_ENABLED) && !defined(SOUND_TRIGGER_ENABLED) && !defined(AUDIO_LISTEN_ENABLED)
+#define audio_extn_utils_release_snd_device(snd_device) (0)
+#else
void audio_extn_utils_release_snd_device(snd_device_t snd_device);
+#endif
bool audio_extn_utils_is_vendor_enhanced_fwk();
int audio_extn_utils_get_vendor_enhanced_info();
int audio_extn_utils_get_app_sample_rate_for_device(struct audio_device *adev,
diff --git a/hal/audio_extn/utils.c b/hal/audio_extn/utils.c
index 4675fc39c..4a5d91a97 100644
--- a/hal/audio_extn/utils.c
+++ b/hal/audio_extn/utils.c
@@ -2917,6 +2917,7 @@ int audio_extn_utils_get_channels_from_string(const char *id_string)
return -EINVAL;
}
+#if defined(DEV_ARBI_ENABLED) || defined(SOUND_TRIGGER_ENABLED) || defined(AUDIO_LISTEN_ENABLED)
void audio_extn_utils_release_snd_device(snd_device_t snd_device)
{
audio_extn_dev_arbi_release(snd_device);
@@ -2925,6 +2926,7 @@ void audio_extn_utils_release_snd_device(snd_device_t snd_device)
audio_extn_listen_update_device_status(snd_device,
LISTEN_EVENT_SND_DEVICE_FREE);
}
+#endif
int audio_extn_utils_get_license_params(
const struct audio_device *adev,

60
Patches/LineageOS-19.1/android_hardware_qcom_audio/0001-Unused-sdm845.patch Normal file
View File

@ -0,0 +1,60 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: codeworkx <daniel.hillenbrand@codeworkx.de>
Date: Sun, 20 Jan 2019 17:48:20 +0100
Subject: [PATCH] audio_extn: Fix unused parameter warning in utils.c
The unused parameter warning appears if we are not building with
at least one of the following cflags enabled:
* DEV_ARBI_ENABLED
* SOUND_TRIGGER_ENABLED
* AUDIO_LISTEN_ENABLED
hardware/qcom/audio/hal/audio_extn/utils.c:2522:55: error: unused parameter 'snd_device'
[-Werror,-Wunused-parameter]
void audio_extn_utils_release_snd_device(snd_device_t snd_device)
^
Change-Id: I694c683c9bfde60343f0f6ea8d806bc5e24437e6
Signed-off-by: Atman <masteratman@gmail.com>
---
hal/audio_extn/audio_extn.h | 4 ++++
hal/audio_extn/utils.c | 2 ++
2 files changed, 6 insertions(+)
diff --git a/hal/audio_extn/audio_extn.h b/hal/audio_extn/audio_extn.h
index 85502ad91..95890ab12 100755
--- a/hal/audio_extn/audio_extn.h
+++ b/hal/audio_extn/audio_extn.h
@@ -860,7 +860,11 @@ bool audio_extn_utils_is_dolby_format(audio_format_t format);
int audio_extn_utils_get_bit_width_from_string(const char *);
int audio_extn_utils_get_sample_rate_from_string(const char *);
int audio_extn_utils_get_channels_from_string(const char *);
+#if !defined(DEV_ARBI_ENABLED) && !defined(SOUND_TRIGGER_ENABLED) && !defined(AUDIO_LISTEN_ENABLED)
+#define audio_extn_utils_release_snd_device(snd_device) (0)
+#else
void audio_extn_utils_release_snd_device(snd_device_t snd_device);
+#endif
bool audio_extn_utils_is_vendor_enhanced_fwk();
int audio_extn_utils_get_vendor_enhanced_info();
int audio_extn_utils_get_app_sample_rate_for_device(struct audio_device *adev,
diff --git a/hal/audio_extn/utils.c b/hal/audio_extn/utils.c
index 756faf544..0e25d3a39 100755
--- a/hal/audio_extn/utils.c
+++ b/hal/audio_extn/utils.c
@@ -3272,6 +3272,7 @@ int audio_extn_utils_get_channels_from_string(const char *id_string)
return -EINVAL;
}
+#if defined(DEV_ARBI_ENABLED) || defined(SOUND_TRIGGER_ENABLED) || defined(AUDIO_LISTEN_ENABLED)
void audio_extn_utils_release_snd_device(snd_device_t snd_device)
{
audio_extn_dev_arbi_release(snd_device);
@@ -3280,6 +3281,7 @@ void audio_extn_utils_release_snd_device(snd_device_t snd_device)
audio_extn_listen_update_device_status(snd_device,
LISTEN_EVENT_SND_DEVICE_FREE);
}
+#endif
int audio_extn_utils_get_license_params(
const struct audio_device *adev,

58
Patches/LineageOS-19.1/android_hardware_qcom_audio/0001-Unused-sm8150.patch Normal file
View File

@ -0,0 +1,58 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: codeworkx <daniel.hillenbrand@codeworkx.de>
Date: Mon, 1 Jul 2019 06:36:30 +0000
Subject: [PATCH] audio_extn: Fix unused parameter warning in utils.c
The unused parameter warning appears if we are not building with
at least one of the following cflags enabled:
* DEV_ARBI_ENABLED
* SOUND_TRIGGER_ENABLED
* AUDIO_LISTEN_ENABLED
hardware/qcom/audio/hal/audio_extn/utils.c:2522:55: error: unused parameter 'snd_device'
[-Werror,-Wunused-parameter]
void audio_extn_utils_release_snd_device(snd_device_t snd_device)
Change-Id: I694c683c9bfde60343f0f6ea8d806bc5e24437e6
---
hal/audio_extn/audio_extn.h | 4 ++++
hal/audio_extn/utils.c | 2 ++
2 files changed, 6 insertions(+)
diff --git a/hal/audio_extn/audio_extn.h b/hal/audio_extn/audio_extn.h
index da986ad63..82320356e 100644
--- a/hal/audio_extn/audio_extn.h
+++ b/hal/audio_extn/audio_extn.h
@@ -834,7 +834,11 @@ bool audio_extn_utils_is_dolby_format(audio_format_t format);
int audio_extn_utils_get_bit_width_from_string(const char *);
int audio_extn_utils_get_sample_rate_from_string(const char *);
int audio_extn_utils_get_channels_from_string(const char *);
+#if !defined(DEV_ARBI_ENABLED) && !defined(SOUND_TRIGGER_ENABLED) && !defined(AUDIO_LISTEN_ENABLED)
+#define audio_extn_utils_release_snd_device(snd_device) (0)
+#else
void audio_extn_utils_release_snd_device(snd_device_t snd_device);
+#endif
bool audio_extn_utils_is_vendor_enhanced_fwk();
int audio_extn_utils_get_vendor_enhanced_info();
int audio_extn_utils_get_app_sample_rate_for_device(struct audio_device *adev,
diff --git a/hal/audio_extn/utils.c b/hal/audio_extn/utils.c
index 0ba2f4f82..d179f4f03 100644
--- a/hal/audio_extn/utils.c
+++ b/hal/audio_extn/utils.c
@@ -3072,6 +3072,7 @@ int audio_extn_utils_get_channels_from_string(const char *id_string)
return -EINVAL;
}
+#if defined(DEV_ARBI_ENABLED) || defined(SOUND_TRIGGER_ENABLED) || defined(AUDIO_LISTEN_ENABLED)
void audio_extn_utils_release_snd_device(snd_device_t snd_device)
{
audio_extn_dev_arbi_release(snd_device);
@@ -3080,6 +3081,7 @@ void audio_extn_utils_release_snd_device(snd_device_t snd_device)
audio_extn_listen_update_device_status(snd_device,
LISTEN_EVENT_SND_DEVICE_FREE);
}
+#endif
int audio_extn_utils_get_license_params(
const struct audio_device *adev,

32
Patches/LineageOS-19.1/android_libcore/0001-Network_Permission.patch Normal file
View File

@ -0,0 +1,32 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Dmitry Muhomor <muhomor.dmitry@gmail.com>
Date: Tue, 14 Dec 2021 21:10:51 +0200
Subject: [PATCH] don't throw SecurityException when INTERNET permission is
revoked
---
ojluni/src/main/java/java/net/Inet6AddressImpl.java | 11 +----------
1 file changed, 1 insertion(+), 10 deletions(-)
diff --git a/ojluni/src/main/java/java/net/Inet6AddressImpl.java b/ojluni/src/main/java/java/net/Inet6AddressImpl.java
index 84bcf17edae..fda9674e08e 100644
--- a/ojluni/src/main/java/java/net/Inet6AddressImpl.java
+++ b/ojluni/src/main/java/java/net/Inet6AddressImpl.java
@@ -141,16 +141,7 @@ class Inet6AddressImpl implements InetAddressImpl {
addressCache.put(host, netId, addresses);
return addresses;
} catch (GaiException gaiException) {
- // If the failure appears to have been a lack of INTERNET permission, throw a clear
- // SecurityException to aid in debugging this common mistake.
- // http://code.google.com/p/android/issues/detail?id=15722
- if (gaiException.getCause() instanceof ErrnoException) {
- int errno = ((ErrnoException) gaiException.getCause()).errno;
- if (errno == EACCES || errno == EPERM) {
- throw new SecurityException("Permission denied (missing INTERNET permission?)", gaiException);
- }
- }
- // Otherwise, throw an UnknownHostException.
+ // Throw an UnknownHostException.
String detailMessage = "Unable to resolve host \"" + host + "\": " + Libcore.os.gai_strerror(gaiException.error);
addressCache.putUnknownHost(host, netId, detailMessage);
throw gaiException.rethrowAsUnknownHostException(detailMessage);

199
Patches/LineageOS-19.1/android_libcore/0002-constify_JNINativeMethod.patch Normal file
View File

@ -0,0 +1,199 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Sun, 10 Oct 2021 18:47:54 -0400
Subject: [PATCH] constify JNINativeMethod tables
---
luni/src/main/native/android_system_OsConstants.cpp | 2 +-
luni/src/main/native/java_lang_StringToReal.cpp | 2 +-
luni/src/main/native/java_lang_invoke_MethodHandle.cpp | 2 +-
luni/src/main/native/java_lang_invoke_VarHandle.cpp | 2 +-
luni/src/main/native/libcore_icu_ICU.cpp | 2 +-
luni/src/main/native/libcore_io_AsynchronousCloseMonitor.cpp | 2 +-
luni/src/main/native/libcore_io_Linux.cpp | 2 +-
luni/src/main/native/libcore_io_Memory.cpp | 2 +-
luni/src/main/native/libcore_math_NativeBN.cpp | 2 +-
.../src/main/native/libcore_util_NativeAllocationRegistry.cpp | 2 +-
luni/src/main/native/org_apache_harmony_xml_ExpatParser.cpp | 4 ++--
luni/src/main/native/sun_misc_Unsafe.cpp | 2 +-
ojluni/src/main/native/Character.cpp | 2 +-
13 files changed, 14 insertions(+), 14 deletions(-)
diff --git a/luni/src/main/native/android_system_OsConstants.cpp b/luni/src/main/native/android_system_OsConstants.cpp
index 50e3c104666..8ad66d2742b 100644
--- a/luni/src/main/native/android_system_OsConstants.cpp
+++ b/luni/src/main/native/android_system_OsConstants.cpp
@@ -722,7 +722,7 @@ static void OsConstants_initConstants(JNIEnv* env, jclass c) {
initConstant(env, c, "_SC_XOPEN_XCU_VERSION", _SC_XOPEN_XCU_VERSION);
}
-static JNINativeMethod gMethods[] = {
+static const JNINativeMethod gMethods[] = {
NATIVE_METHOD(OsConstants, initConstants, "()V"),
};
void register_android_system_OsConstants(JNIEnv* env) {
diff --git a/luni/src/main/native/java_lang_StringToReal.cpp b/luni/src/main/native/java_lang_StringToReal.cpp
index 7a492856394..edd71fad700 100644
--- a/luni/src/main/native/java_lang_StringToReal.cpp
+++ b/luni/src/main/native/java_lang_StringToReal.cpp
@@ -892,7 +892,7 @@ static jdouble StringToReal_parseDblImpl(JNIEnv* env, jclass, jstring s, jint e)
return createDouble(env, str.c_str(), e);
}
-static JNINativeMethod gMethods[] = {
+static const JNINativeMethod gMethods[] = {
NATIVE_METHOD(StringToReal, parseFltImpl, "(Ljava/lang/String;I)F"),
NATIVE_METHOD(StringToReal, parseDblImpl, "(Ljava/lang/String;I)D"),
};
diff --git a/luni/src/main/native/java_lang_invoke_MethodHandle.cpp b/luni/src/main/native/java_lang_invoke_MethodHandle.cpp
index 0441d4552dc..3335c6de9ac 100644
--- a/luni/src/main/native/java_lang_invoke_MethodHandle.cpp
+++ b/luni/src/main/native/java_lang_invoke_MethodHandle.cpp
@@ -29,7 +29,7 @@ static jobject MethodHandle_invoke(JNIEnv* env, jobject, jobjectArray) {
return nullptr;
}
-static JNINativeMethod gMethods[] = {
+static const JNINativeMethod gMethods[] = {
NATIVE_METHOD(MethodHandle, invokeExact, "([Ljava/lang/Object;)Ljava/lang/Object;"),
NATIVE_METHOD(MethodHandle, invoke, "([Ljava/lang/Object;)Ljava/lang/Object;"),
};
diff --git a/luni/src/main/native/java_lang_invoke_VarHandle.cpp b/luni/src/main/native/java_lang_invoke_VarHandle.cpp
index e1cc1c7f8b5..9f5215a5204 100644
--- a/luni/src/main/native/java_lang_invoke_VarHandle.cpp
+++ b/luni/src/main/native/java_lang_invoke_VarHandle.cpp
@@ -210,7 +210,7 @@ static jboolean VarHandle_weakCompareAndSetRelease(JNIEnv* env, jobject, jobject
return JNI_FALSE;
}
-static JNINativeMethod gMethods[] = {
+static const JNINativeMethod gMethods[] = {
NATIVE_METHOD(VarHandle, compareAndExchange, "([Ljava/lang/Object;)Ljava/lang/Object;"),
NATIVE_METHOD(VarHandle, compareAndExchangeAcquire, "([Ljava/lang/Object;)Ljava/lang/Object;"),
NATIVE_METHOD(VarHandle, compareAndExchangeRelease, "([Ljava/lang/Object;)Ljava/lang/Object;"),
diff --git a/luni/src/main/native/libcore_icu_ICU.cpp b/luni/src/main/native/libcore_icu_ICU.cpp
index f9401d1edb7..1531ad1ca59 100644
--- a/luni/src/main/native/libcore_icu_ICU.cpp
+++ b/luni/src/main/native/libcore_icu_ICU.cpp
@@ -112,7 +112,7 @@ static jstring ICU_getUnicodeVersion(JNIEnv* env, jclass) {
return versionString(env, unicodeVersion);
}
-static JNINativeMethod gMethods[] = {
+static const JNINativeMethod gMethods[] = {
NATIVE_METHOD(ICU, getAvailableLocalesNative, "()[Ljava/lang/String;"),
NATIVE_METHOD(ICU, getCldrVersion, "()Ljava/lang/String;"),
NATIVE_METHOD(ICU, getDefaultLocale, "()Ljava/lang/String;"),
diff --git a/luni/src/main/native/libcore_io_AsynchronousCloseMonitor.cpp b/luni/src/main/native/libcore_io_AsynchronousCloseMonitor.cpp
index e99edd6c4f9..61b75bcd358 100644
--- a/luni/src/main/native/libcore_io_AsynchronousCloseMonitor.cpp
+++ b/luni/src/main/native/libcore_io_AsynchronousCloseMonitor.cpp
@@ -26,7 +26,7 @@ static void AsynchronousCloseMonitor_signalBlockedThreads(JNIEnv* env, jclass, j
AsynchronousCloseMonitor::signalBlockedThreads(fd);
}
-static JNINativeMethod gMethods[] = {
+static const JNINativeMethod gMethods[] = {
NATIVE_METHOD(AsynchronousCloseMonitor, signalBlockedThreads, "(Ljava/io/FileDescriptor;)V"),
};
void register_libcore_io_AsynchronousCloseMonitor(JNIEnv* env) {
diff --git a/luni/src/main/native/libcore_io_Linux.cpp b/luni/src/main/native/libcore_io_Linux.cpp
index d7b6c22aa57..996085b1423 100755
--- a/luni/src/main/native/libcore_io_Linux.cpp
+++ b/luni/src/main/native/libcore_io_Linux.cpp
@@ -2741,7 +2741,7 @@ static jint Linux_writev(JNIEnv* env, jobject, jobject javaFd, jobjectArray buff
#define NATIVE_METHOD_OVERLOAD(className, functionName, signature, variant) \
{ #functionName, signature, reinterpret_cast<void*>(className ## _ ## functionName ## variant) }
-static JNINativeMethod gMethods[] = {
+static const JNINativeMethod gMethods[] = {
NATIVE_METHOD(Linux, accept, "(Ljava/io/FileDescriptor;Ljava/net/SocketAddress;)Ljava/io/FileDescriptor;"),
NATIVE_METHOD(Linux, access, "(Ljava/lang/String;I)Z"),
NATIVE_METHOD(Linux, android_fdsan_exchange_owner_tag, "(Ljava/io/FileDescriptor;JJ)V"),
diff --git a/luni/src/main/native/libcore_io_Memory.cpp b/luni/src/main/native/libcore_io_Memory.cpp
index b8a88450006..7dec85dab80 100644
--- a/luni/src/main/native/libcore_io_Memory.cpp
+++ b/luni/src/main/native/libcore_io_Memory.cpp
@@ -290,7 +290,7 @@ static void Memory_unsafeBulkPut(JNIEnv* env, jclass, jbyteArray dstArray, jint
env->ReleasePrimitiveArrayCritical(srcArray, srcBytes, 0);
}
-static JNINativeMethod gMethods[] = {
+static const JNINativeMethod gMethods[] = {
NATIVE_METHOD(Memory, memmove, "(Ljava/lang/Object;ILjava/lang/Object;IJ)V"),
FAST_NATIVE_METHOD(Memory, peekByte, "(J)B"),
NATIVE_METHOD(Memory, peekByteArray, "(J[BII)V"),
diff --git a/luni/src/main/native/libcore_math_NativeBN.cpp b/luni/src/main/native/libcore_math_NativeBN.cpp
index dc4b947358b..c6af376f6bc 100644
--- a/luni/src/main/native/libcore_math_NativeBN.cpp
+++ b/luni/src/main/native/libcore_math_NativeBN.cpp
@@ -164,7 +164,7 @@ static void NativeBN_BN_mod_exp(JNIEnv* env, jclass, jlong r, jlong a, jlong p,
}
}
-static JNINativeMethod gMethods[] = {
+static const JNINativeMethod gMethods[] = {
NATIVE_METHOD(NativeBN, BN_div, "(JJJJ)V"),
NATIVE_METHOD(NativeBN, BN_free, "(J)V"),
NATIVE_METHOD(NativeBN, BN_mod_exp, "(JJJJ)V"),
diff --git a/luni/src/main/native/libcore_util_NativeAllocationRegistry.cpp b/luni/src/main/native/libcore_util_NativeAllocationRegistry.cpp
index ded578a9580..faaa5c7a7c4 100644
--- a/luni/src/main/native/libcore_util_NativeAllocationRegistry.cpp
+++ b/luni/src/main/native/libcore_util_NativeAllocationRegistry.cpp
@@ -29,7 +29,7 @@ static void NativeAllocationRegistry_applyFreeFunction(JNIEnv*,
nativeFreeFunction(nativePtr);
}
-static JNINativeMethod gMethods[] = {
+static const JNINativeMethod gMethods[] = {
NATIVE_METHOD(NativeAllocationRegistry, applyFreeFunction, "(JJ)V"),
};
diff --git a/luni/src/main/native/org_apache_harmony_xml_ExpatParser.cpp b/luni/src/main/native/org_apache_harmony_xml_ExpatParser.cpp
index fdabcf71591..62a2cd37b76 100644
--- a/luni/src/main/native/org_apache_harmony_xml_ExpatParser.cpp
+++ b/luni/src/main/native/org_apache_harmony_xml_ExpatParser.cpp
@@ -1366,7 +1366,7 @@ static void ExpatParser_staticInitialize(JNIEnv* env, jobject classObject, jstri
emptyString = reinterpret_cast<jstring>(env->NewGlobalRef(empty));
}
-static JNINativeMethod parserMethods[] = {
+static const JNINativeMethod parserMethods[] = {
NATIVE_METHOD(ExpatParser, appendString, "(JLjava/lang/String;Z)V"),
NATIVE_METHOD(ExpatParser, appendBytes, "(J[BII)V"),
NATIVE_METHOD(ExpatParser, appendChars, "(J[CII)V"),
@@ -1380,7 +1380,7 @@ static JNINativeMethod parserMethods[] = {
NATIVE_METHOD(ExpatParser, staticInitialize, "(Ljava/lang/String;)V"),
};
-static JNINativeMethod attributeMethods[] = {
+static const JNINativeMethod attributeMethods[] = {
NATIVE_METHOD(ExpatAttributes, freeAttributes, "(J)V"),
NATIVE_METHOD(ExpatAttributes, getIndexForQName, "(JLjava/lang/String;)I"),
NATIVE_METHOD(ExpatAttributes, getIndex, "(JLjava/lang/String;Ljava/lang/String;)I"),
diff --git a/luni/src/main/native/sun_misc_Unsafe.cpp b/luni/src/main/native/sun_misc_Unsafe.cpp
index 49848a2db2b..87b2feac807 100644
--- a/luni/src/main/native/sun_misc_Unsafe.cpp
+++ b/luni/src/main/native/sun_misc_Unsafe.cpp
@@ -23,7 +23,7 @@ static jobject Unsafe_allocateInstance(JNIEnv* env, jclass, jclass c) {
return env->AllocObject(c);
}
-static JNINativeMethod gMethods[] = {
+static const JNINativeMethod gMethods[] = {
NATIVE_METHOD(Unsafe, allocateInstance, "(Ljava/lang/Class;)Ljava/lang/Object;"),
};
void register_sun_misc_Unsafe(JNIEnv* env) {
diff --git a/ojluni/src/main/native/Character.cpp b/ojluni/src/main/native/Character.cpp
index 3e27c674d2f..719190c81ae 100644
--- a/ojluni/src/main/native/Character.cpp
+++ b/ojluni/src/main/native/Character.cpp
@@ -158,7 +158,7 @@ Character_getNameImpl(JNIEnv* env, jclass, jint codePoint) {
return (U_FAILURE(status) || byteCount == 0) ? NULL : env->NewStringUTF(buf);
}
-static JNINativeMethod gMethods[] = {
+static const JNINativeMethod gMethods[] = {
FAST_NATIVE_METHOD(Character, digitImpl, "(II)I"),
FAST_NATIVE_METHOD(Character, getDirectionalityImpl, "(I)B"),
NATIVE_METHOD(Character, getNameImpl, "(I)Ljava/lang/String;"),

112
Patches/LineageOS-19.1/android_libcore/0003-Exec_Based_Spawning-1.patch Normal file
View File

@ -0,0 +1,112 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Wed, 11 Sep 2019 06:46:38 -0400
Subject: [PATCH] add parameter for avoiding full preload with exec
---
api/module-lib-current.txt | 2 ++
.../main/java/dalvik/system/ZygoteHooks.java | 26 +++++++++++++++++--
.../api/legacy_platform/current.txt | 2 ++
.../api/stable_platform/current.txt | 2 ++
4 files changed, 30 insertions(+), 2 deletions(-)
diff --git a/api/module-lib-current.txt b/api/module-lib-current.txt
index 15741a78057..e554dd77cb8 100644
--- a/api/module-lib-current.txt
+++ b/api/module-lib-current.txt
@@ -366,7 +366,9 @@ package dalvik.system {
public final class ZygoteHooks {
method public static void gcAndFinalize();
method public static boolean isIndefiniteThreadSuspensionSafe();
+ method public static void onBeginPreload(boolean);
method public static void onBeginPreload();
+ method public static void onEndPreload(boolean);
method public static void onEndPreload();
method public static void postForkChild(int, boolean, boolean, String);
method public static void postForkCommon();
diff --git a/dalvik/src/main/java/dalvik/system/ZygoteHooks.java b/dalvik/src/main/java/dalvik/system/ZygoteHooks.java
index a17a2574f7b..763511d2187 100644
--- a/dalvik/src/main/java/dalvik/system/ZygoteHooks.java
+++ b/dalvik/src/main/java/dalvik/system/ZygoteHooks.java
@@ -62,7 +62,7 @@ public final class ZygoteHooks {
*/
@SystemApi(client = MODULE_LIBRARIES)
@libcore.api.CorePlatformApi(status = libcore.api.CorePlatformApi.Status.STABLE)
- public static void onBeginPreload() {
+ public static void onBeginPreload(boolean fullPreload) {
com.android.i18n.system.ZygoteHooks.onBeginPreload();
ICU.initializeCacheInZygote();
@@ -81,6 +81,17 @@ public final class ZygoteHooks {
}
}
+ /**
+ * Called when the zygote begins preloading classes and data.
+ *
+ * @hide
+ */
+ @SystemApi(client = MODULE_LIBRARIES)
+ @libcore.api.CorePlatformApi(status = libcore.api.CorePlatformApi.Status.STABLE)
+ public static void onBeginPreload() {
+ onBeginPreload(true);
+ }
+
/**
* Called when the zygote has completed preloading classes and data.
*
@@ -88,7 +99,7 @@ public final class ZygoteHooks {
*/
@SystemApi(client = MODULE_LIBRARIES)
@libcore.api.CorePlatformApi(status = libcore.api.CorePlatformApi.Status.STABLE)
- public static void onEndPreload() {
+ public static void onEndPreload(boolean fullPreload) {
com.android.i18n.system.ZygoteHooks.onEndPreload();
// Clone standard descriptors as originals closed / rebound during zygote post fork.
@@ -97,6 +108,17 @@ public final class ZygoteHooks {
FileDescriptor.err.cloneForFork();
}
+ /**
+ * Called when the zygote has completed preloading classes and data.
+ *
+ * @hide
+ */
+ @SystemApi(client = MODULE_LIBRARIES)
+ @libcore.api.CorePlatformApi(status = libcore.api.CorePlatformApi.Status.STABLE)
+ public static void onEndPreload() {
+ onEndPreload(true);
+ }
+
/**
* Runs several special GCs to try to clean up a few generations of
* softly- and final-reachable objects, along with any other garbage.
diff --git a/mmodules/core_platform_api/api/legacy_platform/current.txt b/mmodules/core_platform_api/api/legacy_platform/current.txt
index 15741a78057..e554dd77cb8 100644
--- a/mmodules/core_platform_api/api/legacy_platform/current.txt
+++ b/mmodules/core_platform_api/api/legacy_platform/current.txt
@@ -366,7 +366,9 @@ package dalvik.system {
public final class ZygoteHooks {
method public static void gcAndFinalize();
method public static boolean isIndefiniteThreadSuspensionSafe();
+ method public static void onBeginPreload(boolean);
method public static void onBeginPreload();
+ method public static void onEndPreload(boolean);
method public static void onEndPreload();
method public static void postForkChild(int, boolean, boolean, String);
method public static void postForkCommon();
diff --git a/mmodules/core_platform_api/api/stable_platform/current.txt b/mmodules/core_platform_api/api/stable_platform/current.txt
index 15741a78057..e554dd77cb8 100644
--- a/mmodules/core_platform_api/api/stable_platform/current.txt
+++ b/mmodules/core_platform_api/api/stable_platform/current.txt
@@ -366,7 +366,9 @@ package dalvik.system {
public final class ZygoteHooks {
method public static void gcAndFinalize();
method public static boolean isIndefiniteThreadSuspensionSafe();
+ method public static void onBeginPreload(boolean);
method public static void onBeginPreload();
+ method public static void onEndPreload(boolean);
method public static void onEndPreload();
method public static void postForkChild(int, boolean, boolean, String);
method public static void postForkCommon();

38
Patches/LineageOS-19.1/android_libcore/0003-Exec_Based_Spawning-2.patch Normal file
View File

@ -0,0 +1,38 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Thu, 14 Oct 2021 17:00:10 -0400
Subject: [PATCH] disable ICU cache pinning for exec spawning
---
dalvik/src/main/java/dalvik/system/ZygoteHooks.java | 10 +++++++---
1 file changed, 7 insertions(+), 3 deletions(-)
diff --git a/dalvik/src/main/java/dalvik/system/ZygoteHooks.java b/dalvik/src/main/java/dalvik/system/ZygoteHooks.java
index 763511d2187..179c19ac8d5 100644
--- a/dalvik/src/main/java/dalvik/system/ZygoteHooks.java
+++ b/dalvik/src/main/java/dalvik/system/ZygoteHooks.java
@@ -63,9 +63,11 @@ public final class ZygoteHooks {
@SystemApi(client = MODULE_LIBRARIES)
@libcore.api.CorePlatformApi(status = libcore.api.CorePlatformApi.Status.STABLE)
public static void onBeginPreload(boolean fullPreload) {
- com.android.i18n.system.ZygoteHooks.onBeginPreload();
+ if (fullPreload) {
+ com.android.i18n.system.ZygoteHooks.onBeginPreload();
- ICU.initializeCacheInZygote();
+ ICU.initializeCacheInZygote();
+ }
// Look up JaCoCo on the boot classpath, if it exists. This will be used later for enabling
// memory-mapped Java coverage.
@@ -100,7 +102,9 @@ public final class ZygoteHooks {
@SystemApi(client = MODULE_LIBRARIES)
@libcore.api.CorePlatformApi(status = libcore.api.CorePlatformApi.Status.STABLE)
public static void onEndPreload(boolean fullPreload) {
- com.android.i18n.system.ZygoteHooks.onEndPreload();
+ if (fullPreload) {
+ com.android.i18n.system.ZygoteHooks.onEndPreload();
+ }
// Clone standard descriptors as originals closed / rebound during zygote post fork.
FileDescriptor.in.cloneForFork();

259
Patches/LineageOS-19.1/android_packages_apps_Bluetooth/0001-constify_JNINativeMethod.patch Normal file
View File

@ -0,0 +1,259 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Sun, 10 Oct 2021 18:35:08 -0400
Subject: [PATCH] constify JNINativeMethod tables
---
jni/com_android_bluetooth_a2dp.cpp | 2 +-
jni/com_android_bluetooth_a2dp_sink.cpp | 2 +-
jni/com_android_bluetooth_avrcp_controller.cpp | 2 +-
jni/com_android_bluetooth_avrcp_target.cpp | 2 +-
...om_android_bluetooth_btservice_ActivityAttribution.cpp | 2 +-
jni/com_android_bluetooth_btservice_AdapterService.cpp | 2 +-
jni/com_android_bluetooth_btservice_BluetoothKeystore.cpp | 2 +-
jni/com_android_bluetooth_gatt.cpp | 8 ++++----
jni/com_android_bluetooth_hearing_aid.cpp | 2 +-
jni/com_android_bluetooth_hfp.cpp | 2 +-
jni/com_android_bluetooth_hfpclient.cpp | 2 +-
jni/com_android_bluetooth_hid_device.cpp | 2 +-
jni/com_android_bluetooth_hid_host.cpp | 2 +-
jni/com_android_bluetooth_le_audio.cpp | 2 +-
jni/com_android_bluetooth_pan.cpp | 2 +-
jni/com_android_bluetooth_sdp.cpp | 2 +-
16 files changed, 19 insertions(+), 19 deletions(-)
diff --git a/jni/com_android_bluetooth_a2dp.cpp b/jni/com_android_bluetooth_a2dp.cpp
index a94990437..1f0560860 100644
--- a/jni/com_android_bluetooth_a2dp.cpp
+++ b/jni/com_android_bluetooth_a2dp.cpp
@@ -505,7 +505,7 @@ static jboolean setCodecConfigPreferenceNative(JNIEnv* env, jobject object,
return (status == BT_STATUS_SUCCESS) ? JNI_TRUE : JNI_FALSE;
}
-static JNINativeMethod sMethods[] = {
+static const JNINativeMethod sMethods[] = {
{"classInitNative", "()V", (void*)classInitNative},
{"initNative",
"(I[Landroid/bluetooth/BluetoothCodecConfig;[Landroid/bluetooth/BluetoothCodecConfig;)V",
diff --git a/jni/com_android_bluetooth_a2dp_sink.cpp b/jni/com_android_bluetooth_a2dp_sink.cpp
index d7cbeb770..08cd8f419 100644
--- a/jni/com_android_bluetooth_a2dp_sink.cpp
+++ b/jni/com_android_bluetooth_a2dp_sink.cpp
@@ -243,7 +243,7 @@ static jboolean setActiveDeviceNative(JNIEnv* env, jobject object,
return (status == BT_STATUS_SUCCESS) ? JNI_TRUE : JNI_FALSE;
}
-static JNINativeMethod sMethods[] = {
+static const JNINativeMethod sMethods[] = {
{"classInitNative", "()V", (void*)classInitNative},
{"initNative", "(I)V", (void*)initNative},
{"cleanupNative", "()V", (void*)cleanupNative},
diff --git a/jni/com_android_bluetooth_avrcp_controller.cpp b/jni/com_android_bluetooth_avrcp_controller.cpp
index 86bf06879..642f73ea3 100755
--- a/jni/com_android_bluetooth_avrcp_controller.cpp
+++ b/jni/com_android_bluetooth_avrcp_controller.cpp
@@ -1284,7 +1284,7 @@ static void playItemNative(JNIEnv* env, jobject object, jbyteArray address,
env->ReleaseByteArrayElements(address, addr, 0);
}
-static JNINativeMethod sMethods[] = {
+static const JNINativeMethod sMethods[] = {
{"classInitNative", "()V", (void*)classInitNative},
{"initNative", "()V", (void*)initNative},
{"cleanupNative", "()V", (void*)cleanupNative},
diff --git a/jni/com_android_bluetooth_avrcp_target.cpp b/jni/com_android_bluetooth_avrcp_target.cpp
index fb8c56086..a7434e365 100644
--- a/jni/com_android_bluetooth_avrcp_target.cpp
+++ b/jni/com_android_bluetooth_avrcp_target.cpp
@@ -900,7 +900,7 @@ static void setBipClientStatusNative(JNIEnv* env, jobject object,
sServiceInterface->SetBipClientStatus(bdaddr, status);
}
-static JNINativeMethod sMethods[] = {
+static const JNINativeMethod sMethods[] = {
{"classInitNative", "()V", (void*)classInitNative},
{"initNative", "()V", (void*)initNative},
{"registerBipServerNative", "(I)V", (void*)registerBipServerNative},
diff --git a/jni/com_android_bluetooth_btservice_ActivityAttribution.cpp b/jni/com_android_bluetooth_btservice_ActivityAttribution.cpp
index 791e42a0e..cb0082244 100644
--- a/jni/com_android_bluetooth_btservice_ActivityAttribution.cpp
+++ b/jni/com_android_bluetooth_btservice_ActivityAttribution.cpp
@@ -157,7 +157,7 @@ static void cleanupNative(JNIEnv* env, jobject object) {
}
}
-static JNINativeMethod sMethods[] = {
+static const JNINativeMethod sMethods[] = {
{"classInitNative", "()V", (void*)classInitNative},
{"initNative", "()V", (void*)initNative},
{"cleanupNative", "()V", (void*)cleanupNative},
diff --git a/jni/com_android_bluetooth_btservice_AdapterService.cpp b/jni/com_android_bluetooth_btservice_AdapterService.cpp
index 62c7d522d..9fa89ded9 100644
--- a/jni/com_android_bluetooth_btservice_AdapterService.cpp
+++ b/jni/com_android_bluetooth_btservice_AdapterService.cpp
@@ -1689,7 +1689,7 @@ static int getMetricIdNative(JNIEnv* env, jobject obj, jbyteArray address) {
return sBluetoothInterface->get_metric_id(addr_obj);
}
-static JNINativeMethod sMethods[] = {
+static const JNINativeMethod sMethods[] = {
/* name, signature, funcPtr */
{"classInitNative", "()V", (void*)classInitNative},
{"initNative", "(ZZI[Ljava/lang/String;Z)Z", (void*)initNative},
diff --git a/jni/com_android_bluetooth_btservice_BluetoothKeystore.cpp b/jni/com_android_bluetooth_btservice_BluetoothKeystore.cpp
index bceea1d73..6b8a317bc 100644
--- a/jni/com_android_bluetooth_btservice_BluetoothKeystore.cpp
+++ b/jni/com_android_bluetooth_btservice_BluetoothKeystore.cpp
@@ -155,7 +155,7 @@ static void cleanupNative(JNIEnv* env, jobject object) {
}
}
-static JNINativeMethod sMethods[] = {
+static const JNINativeMethod sMethods[] = {
{"classInitNative", "()V", (void*)classInitNative},
{"initNative", "()V", (void*)initNative},
{"cleanupNative", "()V", (void*)cleanupNative},
diff --git a/jni/com_android_bluetooth_gatt.cpp b/jni/com_android_bluetooth_gatt.cpp
index 8f996a012..5273bfacd 100644
--- a/jni/com_android_bluetooth_gatt.cpp
+++ b/jni/com_android_bluetooth_gatt.cpp
@@ -2343,7 +2343,7 @@ static void gattTestNative(JNIEnv* env, jobject object, jint command,
*/
// JNI functions defined in AdvertiseManager class.
-static JNINativeMethod sAdvertiseMethods[] = {
+static const JNINativeMethod sAdvertiseMethods[] = {
{"classInitNative", "()V", (void*)advertiseClassInitNative},
{"initializeNative", "()V", (void*)advertiseInitializeNative},
{"cleanupNative", "()V", (void*)advertiseCleanupNative},
@@ -2370,7 +2370,7 @@ static JNINativeMethod sAdvertiseMethods[] = {
};
// JNI functions defined in PeriodicScanManager class.
-static JNINativeMethod sPeriodicScanMethods[] = {
+static const JNINativeMethod sPeriodicScanMethods[] = {
{"classInitNative", "()V", (void*)periodicScanClassInitNative},
{"initializeNative", "()V", (void*)periodicScanInitializeNative},
{"cleanupNative", "()V", (void*)periodicScanCleanupNative},
@@ -2384,7 +2384,7 @@ static JNINativeMethod sPeriodicScanMethods[] = {
};
// JNI functions defined in ScanManager class.
-static JNINativeMethod sScanMethods[] = {
+static const JNINativeMethod sScanMethods[] = {
{"registerScannerNative", "(JJ)V", (void*)registerScannerNative},
{"unregisterScannerNative", "(I)V", (void*)unregisterScannerNative},
{"gattClientScanNative", "(Z)V", (void*)gattClientScanNative},
@@ -2417,7 +2417,7 @@ static JNINativeMethod sScanMethods[] = {
};
// JNI functions defined in GattService class.
-static JNINativeMethod sMethods[] = {
+static const JNINativeMethod sMethods[] = {
{"classInitNative", "()V", (void*)classInitNative},
{"initializeNative", "()V", (void*)initializeNative},
{"cleanupNative", "()V", (void*)cleanupNative},
diff --git a/jni/com_android_bluetooth_hearing_aid.cpp b/jni/com_android_bluetooth_hearing_aid.cpp
index e359faf8a..c72b0c915 100644
--- a/jni/com_android_bluetooth_hearing_aid.cpp
+++ b/jni/com_android_bluetooth_hearing_aid.cpp
@@ -218,7 +218,7 @@ static void setVolumeNative(JNIEnv* env, jclass clazz, jint volume) {
sHearingAidInterface->SetVolume(volume);
}
-static JNINativeMethod sMethods[] = {
+static const JNINativeMethod sMethods[] = {
{"classInitNative", "()V", (void*)classInitNative},
{"initNative", "()V", (void*)initNative},
{"cleanupNative", "()V", (void*)cleanupNative},
diff --git a/jni/com_android_bluetooth_hfp.cpp b/jni/com_android_bluetooth_hfp.cpp
index 813bdd081..5b21b543b 100644
--- a/jni/com_android_bluetooth_hfp.cpp
+++ b/jni/com_android_bluetooth_hfp.cpp
@@ -954,7 +954,7 @@ static jboolean setActiveDeviceNative(JNIEnv* env, jobject object,
return (status == BT_STATUS_SUCCESS) ? JNI_TRUE : JNI_FALSE;
}
-static JNINativeMethod sMethods[] = {
+static const JNINativeMethod sMethods[] = {
{"classInitNative", "()V", (void*)classInitNative},
{"initializeNative", "(IZ)V", (void*)initializeNative},
{"cleanupNative", "()V", (void*)cleanupNative},
diff --git a/jni/com_android_bluetooth_hfpclient.cpp b/jni/com_android_bluetooth_hfpclient.cpp
index 83c6b20f3..5534b00ff 100644
--- a/jni/com_android_bluetooth_hfpclient.cpp
+++ b/jni/com_android_bluetooth_hfpclient.cpp
@@ -836,7 +836,7 @@ static jboolean sendATCmdNative(JNIEnv* env, jobject object, jbyteArray address,
return (status == BT_STATUS_SUCCESS) ? JNI_TRUE : JNI_FALSE;
}
-static JNINativeMethod sMethods[] = {
+static const JNINativeMethod sMethods[] = {
{"classInitNative", "()V", (void*)classInitNative},
{"initializeNative", "()V", (void*)initializeNative},
{"cleanupNative", "()V", (void*)cleanupNative},
diff --git a/jni/com_android_bluetooth_hid_device.cpp b/jni/com_android_bluetooth_hid_device.cpp
index 17b6e97c0..c3a00d5d2 100644
--- a/jni/com_android_bluetooth_hid_device.cpp
+++ b/jni/com_android_bluetooth_hid_device.cpp
@@ -497,7 +497,7 @@ static jboolean disconnectNative(JNIEnv* env, jobject thiz) {
return result;
}
-static JNINativeMethod sMethods[] = {
+static const JNINativeMethod sMethods[] = {
{"classInitNative", "()V", (void*)classInitNative},
{"initNative", "()V", (void*)initNative},
{"cleanupNative", "()V", (void*)cleanupNative},
diff --git a/jni/com_android_bluetooth_hid_host.cpp b/jni/com_android_bluetooth_hid_host.cpp
index 074e39d5b..b1116ef47 100644
--- a/jni/com_android_bluetooth_hid_host.cpp
+++ b/jni/com_android_bluetooth_hid_host.cpp
@@ -506,7 +506,7 @@ static jboolean setIdleTimeNative(JNIEnv* env, jobject object,
return status == BT_STATUS_SUCCESS ? JNI_TRUE : JNI_FALSE;
}
-static JNINativeMethod sMethods[] = {
+static const JNINativeMethod sMethods[] = {
{"classInitNative", "()V", (void*)classInitNative},
{"initializeNative", "()V", (void*)initializeNative},
{"cleanupNative", "()V", (void*)cleanupNative},
diff --git a/jni/com_android_bluetooth_le_audio.cpp b/jni/com_android_bluetooth_le_audio.cpp
index a8f5dbe1e..11b2a5d09 100644
--- a/jni/com_android_bluetooth_le_audio.cpp
+++ b/jni/com_android_bluetooth_le_audio.cpp
@@ -261,7 +261,7 @@ static void groupStopNative(JNIEnv* env, jobject object, jint group_id) {
sLeAudioClientInterface->GroupStop(group_id);
}
-static JNINativeMethod sMethods[] = {
+static const JNINativeMethod sMethods[] = {
{"classInitNative", "()V", (void*)classInitNative},
{"initNative", "()V", (void*)initNative},
{"cleanupNative", "()V", (void*)cleanupNative},
diff --git a/jni/com_android_bluetooth_pan.cpp b/jni/com_android_bluetooth_pan.cpp
index b02ae9f9b..3edc1ad98 100644
--- a/jni/com_android_bluetooth_pan.cpp
+++ b/jni/com_android_bluetooth_pan.cpp
@@ -215,7 +215,7 @@ static jboolean disconnectPanNative(JNIEnv* env, jobject object,
return ret;
}
-static JNINativeMethod sMethods[] = {
+static const JNINativeMethod sMethods[] = {
{"classInitNative", "()V", (void*)classInitNative},
{"initializeNative", "()V", (void*)initializeNative},
{"cleanupNative", "()V", (void*)cleanupNative},
diff --git a/jni/com_android_bluetooth_sdp.cpp b/jni/com_android_bluetooth_sdp.cpp
index bba109ac4..791ca06f2 100755
--- a/jni/com_android_bluetooth_sdp.cpp
+++ b/jni/com_android_bluetooth_sdp.cpp
@@ -510,7 +510,7 @@ static void cleanupNative(JNIEnv* env, jobject object) {
}
}
-static JNINativeMethod sMethods[] = {
+static const JNINativeMethod sMethods[] = {
/* name, signature, funcPtr */
{"classInitNative", "()V", (void*)classInitNative},
{"initializeNative", "()V", (void*)initializeNative},

185
Patches/LineageOS-19.1/android_packages_apps_Dialer/0001-Not_Private_Banner.patch Normal file
View File

@ -0,0 +1,185 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Torsten Grote <t@grobox.de>
Date: Thu, 18 Jun 2020 13:15:16 -0300
Subject: [PATCH] Show privacy warning on in-call screen
Includes:
Author: Chirayu Desai <chirayudesai1@gmail.com>
Date: Tue Jul 28 02:23:37 2020 +0530
Move the incall warning back to the center
* Instead of left/started aligned.
Change-Id: Ic9b18c110481df7042ca1daa36182e0999fe948f
---
.../res/drawable/ic_baseline_warning.xml | 9 +++++
.../dialer/theme/common/res/values/colors.xml | 1 +
.../res/layout/fragment_incoming_call.xml | 7 +++-
.../contactgrid/res/layout/incall_header.xml | 39 +++++++++++++++++++
.../impl/res/layout/frag_incall_voice.xml | 7 ++++
.../android/incallui/res/values/strings.xml | 3 ++
.../incallui/theme/res/values/styles.xml | 4 +-
7 files changed, 67 insertions(+), 3 deletions(-)
create mode 100644 java/com/android/dialer/common/res/drawable/ic_baseline_warning.xml
create mode 100644 java/com/android/incallui/contactgrid/res/layout/incall_header.xml
diff --git a/java/com/android/dialer/common/res/drawable/ic_baseline_warning.xml b/java/com/android/dialer/common/res/drawable/ic_baseline_warning.xml
new file mode 100644
index 000000000..c2baa9bdb
--- /dev/null
+++ b/java/com/android/dialer/common/res/drawable/ic_baseline_warning.xml
@@ -0,0 +1,9 @@
+<?xml version="1.0" encoding="utf-8"?>
+<vector xmlns:android="http://schemas.android.com/apk/res/android"
+ android:height="16dp"
+ android:width="16dp"
+ android:viewportWidth="24"
+ android:viewportHeight="24">
+ <path android:fillColor="?attr/colorControlNormal"
+ android:pathData="M13,14H11V10H13M13,18H11V16H13M1,21H23L12,2L1,21Z"/>
+</vector>
\ No newline at end of file
diff --git a/java/com/android/dialer/theme/common/res/values/colors.xml b/java/com/android/dialer/theme/common/res/values/colors.xml
index 1831862b1..6f6795cea 100644
--- a/java/com/android/dialer/theme/common/res/values/colors.xml
+++ b/java/com/android/dialer/theme/common/res/values/colors.xml
@@ -21,6 +21,7 @@
<color name="dialer_divider_line_color">#D8D8D8</color>
<color name="dialer_link_color">#2A56C6</color>
<color name="dialer_snackbar_action_text_color">#4285F4</color>
+ <color name="incall_header_background">#f3b514</color>
<!-- Colors for the notification actions -->
<color name="notification_action_accept">#097138</color>
diff --git a/java/com/android/incallui/answer/impl/res/layout/fragment_incoming_call.xml b/java/com/android/incallui/answer/impl/res/layout/fragment_incoming_call.xml
index 1672bf984..63de75999 100644
--- a/java/com/android/incallui/answer/impl/res/layout/fragment_incoming_call.xml
+++ b/java/com/android/incallui/answer/impl/res/layout/fragment_incoming_call.xml
@@ -78,18 +78,23 @@
android:id="@+id/incall_contact_grid"
android:layout_width="match_parent"
android:layout_height="match_parent"
- android:layout_marginTop="24dp"
android:clipChildren="false"
android:clipToPadding="false"
android:focusable="true"
android:gravity="top|center_horizontal"
android:orientation="vertical">
+ <include
+ layout="@layout/incall_header"
+ android:layout_width="match_parent"
+ android:layout_height="wrap_content"/>
+
<include
android:id="@id/contactgrid_top_row"
layout="@layout/incall_contactgrid_top_row"
android:layout_width="wrap_content"
android:layout_height="wrap_content"
+ android:layout_marginTop="24dp"
android:layout_marginBottom="8dp"
android:layout_marginStart="24dp"
android:layout_marginEnd="24dp"/>
diff --git a/java/com/android/incallui/contactgrid/res/layout/incall_header.xml b/java/com/android/incallui/contactgrid/res/layout/incall_header.xml
new file mode 100644
index 000000000..7e8e90e5d
--- /dev/null
+++ b/java/com/android/incallui/contactgrid/res/layout/incall_header.xml
@@ -0,0 +1,39 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!--
+ ~ Copyright (C) 2020 The Calyx Institute
+ ~
+ ~ Licensed under the Apache License, Version 2.0 (the "License");
+ ~ you may not use this file except in compliance with the License.
+ ~ You may obtain a copy of the License at
+ ~
+ ~ http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing, software
+ ~ distributed under the License is distributed on an "AS IS" BASIS,
+ ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ ~ See the License for the specific language governing permissions and
+ ~ limitations under the License
+ -->
+<LinearLayout
+ xmlns:android="http://schemas.android.com/apk/res/android"
+ android:layout_width="match_parent"
+ android:layout_height="wrap_content"
+ android:background="@color/incall_header_background"
+ android:gravity="center"
+ android:orientation="vertical"
+ android:padding="8dp"
+ android:fitsSystemWindows="true">
+
+ <TextView
+ android:id="@+id/incall_privacy_title"
+ android:layout_width="wrap_content"
+ android:layout_height="wrap_content"
+ android:textColor="?android:attr/textColorPrimaryInverse"
+ android:drawableStart="@drawable/ic_baseline_warning"
+ android:drawablePadding="8dp"
+ android:drawableTint="?android:attr/textColorPrimaryInverse"
+ android:gravity="center"
+ android:padding="4dp"
+ android:text="@string/incall_screen_privacy_data_collection"/>
+
+</LinearLayout>
diff --git a/java/com/android/incallui/incall/impl/res/layout/frag_incall_voice.xml b/java/com/android/incallui/incall/impl/res/layout/frag_incall_voice.xml
index 9cc599dc7..fac420908 100644
--- a/java/com/android/incallui/incall/impl/res/layout/frag_incall_voice.xml
+++ b/java/com/android/incallui/incall/impl/res/layout/frag_incall_voice.xml
@@ -29,11 +29,18 @@
android:clipToPadding="false"
android:fitsSystemWindows="true">
+ <include
+ layout="@layout/incall_header"
+ android:id="@+id/incall_header"
+ android:layout_width="match_parent"
+ android:layout_height="wrap_content"/>
+
<LinearLayout
android:id="@id/incall_contact_grid"
android:layout_width="match_parent"
android:layout_height="wrap_content"
android:layout_marginTop="12dp"
+ android:layout_below="@+id/incall_header"
android:gravity="center_horizontal"
android:orientation="vertical">
diff --git a/java/com/android/incallui/res/values/strings.xml b/java/com/android/incallui/res/values/strings.xml
index c18ee495e..a5d08d3ec 100644
--- a/java/com/android/incallui/res/values/strings.xml
+++ b/java/com/android/incallui/res/values/strings.xml
@@ -212,4 +212,7 @@
<!-- Text for button to accept RTT request. [CHAR LIMIT=20] -->
<string name="rtt_button_accept_request">Join RTT</string>
+ <!-- Text for call not private banner. -->
+ <string name="incall_screen_privacy_data_collection">The location and audio of this call are not private.</string>
+
</resources>
diff --git a/java/com/android/incallui/theme/res/values/styles.xml b/java/com/android/incallui/theme/res/values/styles.xml
index 5b65cc3d9..19e7fdc4f 100644
--- a/java/com/android/incallui/theme/res/values/styles.xml
+++ b/java/com/android/incallui/theme/res/values/styles.xml
@@ -21,7 +21,7 @@
Theme.Black.NoTitleBar directly, since we want any popups or dialogs from the
InCallActivity to have the correct Material style. -->
<style name="Theme.InCallScreen.Light" parent="@style/Dialer.ThemeBase.NoActionBar">
- <item name="android:statusBarColor">@android:color/transparent</item>
+ <item name="android:statusBarColor">@color/incall_header_background</item>
<item name="android:navigationBarColor">@android:color/transparent</item>
<item name="android:windowDrawsSystemBarBackgrounds">true</item>
@@ -36,7 +36,7 @@
<style name="Theme.InCallScreen" parent="@style/Dialer.Dark.ThemeBase.NoActionBar">
<item name="android:textColorPrimary">@android:color/white</item>
<item name="android:textColorSecondary">#DDFFFFFF</item>
- <item name="android:statusBarColor">@android:color/transparent</item>
+ <item name="android:statusBarColor">@color/incall_header_background</item>
<item name="android:navigationBarColor">@android:color/transparent</item>
<item name="android:windowDrawsSystemBarBackgrounds">true</item>
<item name="android:colorPrimaryDark">@color/dialer_theme_color_dark</item>

140
Patches/LineageOS-19.1/android_packages_apps_LineageParts/0001-Remove_Analytics.patch Normal file
View File

@ -0,0 +1,140 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Tad <tad@spotco.us>
Date: Tue, 14 Apr 2020 17:03:26 -0400
Subject: [PATCH] Remove analytics
Change-Id: Ic01c97d6ceac8d324609763973639b41b4581a76
---
AndroidManifest.xml | 25 -------------------------
proguard.flags | 1 -
res/values/config.xml | 3 ---
res/values/strings.xml | 22 ----------------------
res/xml/parts_catalog.xml | 5 -----
res/xml/trust_preferences.xml | 3 ---
6 files changed, 59 deletions(-)
diff --git a/AndroidManifest.xml b/AndroidManifest.xml
index 0c6542a..5dd522c 100644
--- a/AndroidManifest.xml
+++ b/AndroidManifest.xml
@@ -226,31 +226,6 @@
android:resource="@string/summary_empty" />
</activity-alias>
- <!-- Anonymous Statistics -->
- <receiver android:name=".lineagestats.ReportingServiceManager"
- android:enabled="true"
- android:exported="false"
- android:label="ReportingServiceManager">
- <intent-filter>
- <action android:name="android.intent.action.BOOT_COMPLETED" />
- <action android:name="org.lineageos.lineageparts.action.TRIGGER_REPORT_METRICS" />
- </intent-filter>
- </receiver>
-
- <service android:label="ReportingService"
- android:enabled="true"
- android:exported="false"
- android:name=".lineagestats.ReportingService">
- </service>
-
- <service android:name=".lineagestats.StatsUploadJobService"
- android:permission="android.permission.BIND_JOB_SERVICE" />
-
- <service android:name=".lineagestats.ReportingService"
- android:label="ReportingService"
- android:enabled="true"
- android:exported="false" />
-
<activity android:name=".profiles.NFCProfile">
<intent-filter>
<action android:name="android.nfc.action.NDEF_DISCOVERED"/>
diff --git a/proguard.flags b/proguard.flags
index 9de6495..911b751 100644
--- a/proguard.flags
+++ b/proguard.flags
@@ -7,7 +7,6 @@
-keep class org.lineageos.lineageparts.gestures.*
-keep class org.lineageos.lineageparts.hardware.*
-keep class org.lineageos.lineageparts.input.*
--keep class org.lineageos.lineageparts.lineagestats.*
-keep class org.lineageos.lineageparts.livedisplay.*
-keep class org.lineageos.lineageparts.notificationlight.*
-keep class org.lineageos.lineageparts.power.*
diff --git a/res/values/config.xml b/res/values/config.xml
index a3ee437..c4532c5 100644
--- a/res/values/config.xml
+++ b/res/values/config.xml
@@ -17,9 +17,6 @@
<resources xmlns:xliff="urn:oasis:names:tc:xliff:document:1.2">
- <!-- Metrics server endpoint -->
- <string name="stats_lineage_url">https://stats.lineageos.org/api/v1/stats</string>
-
<!-- Default action ids for a device's touchscreen gestures
The array should be sorted in the same order as the
touchscreen gestures advertised by the device's LineageHW impl. -->
diff --git a/res/values/strings.xml b/res/values/strings.xml
index 9fe4181..4be6a14 100644
--- a/res/values/strings.xml
+++ b/res/values/strings.xml
@@ -531,28 +531,6 @@
<b>Total commits:</b> <xliff:g id="total_commits">%2$s</xliff:g><br/><br/>
<b>Last update:</b> <xliff:g id="date">%3$s</xliff:g>]]></string>
- <!-- Anonymous Statistics #Lineage -->
- <!-- About device screen, list item title. Takes the user to the screen about opting in or out of anonymous statistics. -->
- <string name="anonymous_statistics_title">LineageOS statistics</string>
- <string name="anonymous_statistics_summary">Help make LineageOS better by opting into anonymous statistics reporting</string>
- <string name="anonymous_statistics_warning_title">About</string>
- <string name="anonymous_statistics_warning">Opting into LineageOS Statistics will allow non-personal data to be submitted to the
- developers of LineageOS to track unique installations across devices. The information submitted includes an unique identifier,
- which does not compromise your privacy or personal data. The data is submitted during each boot.\n\nFor an example of the data that is submitted, tap on Preview Data.</string>
- <string name="enable_reporting_title">Enable reporting</string>
- <string name="preview_data_title">Preview data</string>
- <string name="view_stats_title">View stats</string>
- <string name="anonymous_learn_more">Learn more</string>
-
- <!-- Anonymous Statistics - Preview -->
- <string name="preview_id_title">Unique ID</string>
- <string name="preview_device_title">Device</string>
- <string name="preview_version_title">Version</string>
- <string name="preview_country_title">Country</string>
- <string name="preview_carrier_title">Carrier</string>
- <string name="stats_collection_title">Stats collection</string>
- <string name="stats_collection_summary">Allow installation metrics and device statistics to be collected</string>
-
<!-- Display : Rotation -->
<string name="accelerometer_title">Auto-rotate screen</string>
<string name="display_rotation_title">Rotation settings</string>
diff --git a/res/xml/parts_catalog.xml b/res/xml/parts_catalog.xml
index 803b214..371382c 100644
--- a/res/xml/parts_catalog.xml
+++ b/res/xml/parts_catalog.xml
@@ -70,11 +70,6 @@
android:fragment="org.lineageos.lineageparts.statusbar.StatusBarSettings"
lineage:xmlRes="@xml/status_bar_settings" />
- <part android:key="lineagestats"
- android:title="@string/anonymous_statistics_title"
- android:fragment="org.lineageos.lineageparts.lineagestats.AnonymousStats"
- lineage:xmlRes="@xml/anonymous_stats" />
-
<part android:key="power_menu"
android:title="@string/power_menu_title"
android:fragment="org.lineageos.lineageparts.input.PowerMenuActions"
diff --git a/res/xml/trust_preferences.xml b/res/xml/trust_preferences.xml
index bdb1aa7..0097a52 100644
--- a/res/xml/trust_preferences.xml
+++ b/res/xml/trust_preferences.xml
@@ -45,9 +45,6 @@
android:summary="@string/trust_restrict_usb_summary"
android:defaultValue="false" />
- <org.lineageos.internal.lineageparts.LineagePartsPreference
- android:key="lineagestats" />
-
<ListPreference
android:key="sms_security_check_limit"
android:defaultValue="30"

92
Patches/LineageOS-19.1/android_packages_apps_Nfc/0001-constify_JNINativeMethod.patch Normal file
View File

@ -0,0 +1,92 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Sun, 17 Mar 2019 20:58:37 -0400
Subject: [PATCH] constify JNINativeMethod tables
---
nci/jni/NativeLlcpConnectionlessSocket.cpp | 2 +-
nci/jni/NativeLlcpServiceSocket.cpp | 2 +-
nci/jni/NativeLlcpSocket.cpp | 2 +-
nci/jni/NativeNfcManager.cpp | 2 +-
nci/jni/NativeNfcTag.cpp | 2 +-
nci/jni/NativeP2pDevice.cpp | 2 +-
6 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/nci/jni/NativeLlcpConnectionlessSocket.cpp b/nci/jni/NativeLlcpConnectionlessSocket.cpp
index 7506d80e..e1e547ec 100644
--- a/nci/jni/NativeLlcpConnectionlessSocket.cpp
+++ b/nci/jni/NativeLlcpConnectionlessSocket.cpp
@@ -280,7 +280,7 @@ static jboolean nativeLlcpConnectionlessSocket_doClose(JNIEnv* e, jobject o) {
** Description: JNI functions
**
*****************************************************************************/
-static JNINativeMethod gMethods[] = {
+static const JNINativeMethod gMethods[] = {
{"doSendTo", "(I[B)Z", (void*)nativeLlcpConnectionlessSocket_doSendTo},
{"doReceiveFrom", "(I)Lcom/android/nfc/LlcpPacket;",
(void*)nativeLlcpConnectionlessSocket_doReceiveFrom},
diff --git a/nci/jni/NativeLlcpServiceSocket.cpp b/nci/jni/NativeLlcpServiceSocket.cpp
index 76ffeea5..4d2297c4 100644
--- a/nci/jni/NativeLlcpServiceSocket.cpp
+++ b/nci/jni/NativeLlcpServiceSocket.cpp
@@ -128,7 +128,7 @@ static jboolean nativeLlcpServiceSocket_doClose(JNIEnv* e, jobject o) {
** Description: JNI functions
**
*****************************************************************************/
-static JNINativeMethod gMethods[] = {
+static const JNINativeMethod gMethods[] = {
{"doAccept", "(III)Lcom/android/nfc/dhimpl/NativeLlcpSocket;",
(void*)nativeLlcpServiceSocket_doAccept},
{"doClose", "()Z", (void*)nativeLlcpServiceSocket_doClose},
diff --git a/nci/jni/NativeLlcpSocket.cpp b/nci/jni/NativeLlcpSocket.cpp
index 0ee0d248..fa49ec94 100644
--- a/nci/jni/NativeLlcpSocket.cpp
+++ b/nci/jni/NativeLlcpSocket.cpp
@@ -214,7 +214,7 @@ static jint nativeLlcpSocket_doGetRemoteSocketRW(JNIEnv* e, jobject o) {
** Description: JNI functions
**
*****************************************************************************/
-static JNINativeMethod gMethods[] = {
+static const JNINativeMethod gMethods[] = {
{"doConnect", "(I)Z", (void*)nativeLlcpSocket_doConnect},
{"doConnectBy", "(Ljava/lang/String;)Z",
(void*)nativeLlcpSocket_doConnectBy},
diff --git a/nci/jni/NativeNfcManager.cpp b/nci/jni/NativeNfcManager.cpp
index 28ae464a..6804497b 100644
--- a/nci/jni/NativeNfcManager.cpp
+++ b/nci/jni/NativeNfcManager.cpp
@@ -2149,7 +2149,7 @@ static void nfcManager_doSetNfceePowerAndLinkCtrl(JNIEnv* e, jobject o,
** JNI functions for android-4.0.1_r1
**
*****************************************************************************/
-static JNINativeMethod gMethods[] = {
+static const JNINativeMethod gMethods[] = {
{"doDownload", "()Z", (void*)nfcManager_doDownload},
{"initializeNativeStructure", "()Z", (void*)nfcManager_initNativeStruc},
diff --git a/nci/jni/NativeNfcTag.cpp b/nci/jni/NativeNfcTag.cpp
index cc167e67..a53c1425 100644
--- a/nci/jni/NativeNfcTag.cpp
+++ b/nci/jni/NativeNfcTag.cpp
@@ -1853,7 +1853,7 @@ void nativeNfcTag_releaseRfInterfaceMutexLock() {
** JNI functions for Android 4.0.3
**
*****************************************************************************/
-static JNINativeMethod gMethods[] = {
+static const JNINativeMethod gMethods[] = {
{"doConnect", "(I)I", (void*)nativeNfcTag_doConnect},
{"doDisconnect", "()Z", (void*)nativeNfcTag_doDisconnect},
{"doReconnect", "()I", (void*)nativeNfcTag_doReconnect},
diff --git a/nci/jni/NativeP2pDevice.cpp b/nci/jni/NativeP2pDevice.cpp
index 23f5db41..396c6d0c 100644
--- a/nci/jni/NativeP2pDevice.cpp
+++ b/nci/jni/NativeP2pDevice.cpp
@@ -58,7 +58,7 @@ static jboolean nativeP2pDeviceDoSend(JNIEnv*, jobject, jbyteArray) {
** Description: JNI functions
**
*****************************************************************************/
-static JNINativeMethod gMethods[] = {
+static const JNINativeMethod gMethods[] = {
{"doConnect", "()Z", (void*)nativeP2pDeviceDoConnect},
{"doDisconnect", "()Z", (void*)nativeP2pDeviceDoDisconnect},
{"doTransceive", "([B)[B", (void*)nativeP2pDeviceDoTransceive},

341
Patches/LineageOS-19.1/android_packages_apps_Settings/0001-Captive_Portal_Toggle.patch Normal file
View File

@ -0,0 +1,341 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: MSe1969 <mse1969@posteo.de>
Date: Mon, 10 Sep 2018 12:05:40 +0200
Subject: [PATCH] Network & Internet Settings: Add option to switch off Captive
portal check
* Option added in Network & Internet Settings, which is equivalent to
the adb shell command 'settings put global captive_portal_mode [1/0]'
* Will be reset to default, if 'Reset network settings' is chosen (menu)
* Warning dialog is shown, when captive portal check is switched off
* Hidden under 'advanced'
Cherry-picked from lin17-microG repo
Change-Id: Ibbffdb5f3930df74ca8b4ba93d451f7fad086989
---
res/values-de/cm_strings.xml | 3 +
res/values/cm_strings.xml | 5 ++
res/xml/network_and_internet.xml | 7 ++
.../android/settings/ResetNetworkConfirm.java | 3 +
...CaptivePortalModePreferenceController.java | 82 +++++++++++++++++++
.../network/CaptivePortalWarningDialog.java | 74 +++++++++++++++++
.../CaptivePortalWarningDialogHost.java | 32 ++++++++
.../network/NetworkDashboardFragment.java | 17 +++-
8 files changed, 222 insertions(+), 1 deletion(-)
create mode 100644 src/com/android/settings/network/CaptivePortalModePreferenceController.java
create mode 100644 src/com/android/settings/network/CaptivePortalWarningDialog.java
create mode 100644 src/com/android/settings/network/CaptivePortalWarningDialogHost.java
diff --git a/res/values-de/cm_strings.xml b/res/values-de/cm_strings.xml
index 1669bf4fbf..0c3ebffd3e 100644
--- a/res/values-de/cm_strings.xml
+++ b/res/values-de/cm_strings.xml
@@ -23,6 +23,9 @@
<string name="volume_link_notification_title">Klingelton- und Benachrichtigungslautstärke verknüpfen</string>
<string name="unlock_scramble_pin_layout_title">Zufällige Anordnung</string>
<string name="unlock_scramble_pin_layout_summary">Bei jedem Entsperrversuch die Ziffernanordnung zufällig neu wählen</string>
+ <string name="captive_portal_switch_title">Captive Portal Erkennung</string>
+ <string name="captive_portal_switch_summary">Ein-/Ausschalten der Captive Portal Erkennung (Vorgabe EIN).</string>
+ <string name="captive_portal_switch_warning">Nach dem Ausschalten der Captive-Portal-Erkennung empfangen Sie keine Verbindungs-Rückmeldung mehr. Wirklich fortfahren?</string>
<string name="lock_settings_picker_pattern_size_message">Größe des Musters auswählen</string>
<string name="lockpattern_settings_enable_error_path_title">Sperrmuster-Fehler anzeigen</string>
<string name="lockpattern_settings_enable_dots_title">Sperrmuster-Punkte anzeigen</string>
diff --git a/res/values/cm_strings.xml b/res/values/cm_strings.xml
index 01d746958e..9923c03f0e 100644
--- a/res/values/cm_strings.xml
+++ b/res/values/cm_strings.xml
@@ -78,6 +78,11 @@
<string name="unlock_scramble_pin_layout_title">Scramble layout</string>
<string name="unlock_scramble_pin_layout_summary">Scramble PIN layout when unlocking device</string>
+ <!-- Captive Portal -->
+ <string name="captive_portal_switch_title">Captive portal mode</string>
+ <string name="captive_portal_switch_summary">Enable or disable the captive portal probing for connection attempts (default ON).</string>
+ <string name="captive_portal_switch_warning">If you switch off the captive portal, you will not receive connectivity informations any longer. Really switch off?</string>
+
<!-- Lock screen pattern size -->
<string name="lock_pattern_size_3" translatable="false">3 \u00d7 3</string>
<string name="lock_pattern_size_4" translatable="false">4 \u00d7 4</string>
diff --git a/res/xml/network_and_internet.xml b/res/xml/network_and_internet.xml
index d842aad021..7f82235a2b 100644
--- a/res/xml/network_and_internet.xml
+++ b/res/xml/network_and_internet.xml
@@ -125,4 +125,11 @@
android:summary="@string/summary_placeholder"
android:order="25"
settings:controller="com.android.settings.network.AdaptiveConnectivityPreferenceController"/>
+
+ <SwitchPreference
+ android:key="captive_portal_switch"
+ android:title="@string/captive_portal_switch_title"
+ android:summary="@string/captive_portal_switch_summary"
+ android:order="30" />
+
</PreferenceScreen>
diff --git a/src/com/android/settings/ResetNetworkConfirm.java b/src/com/android/settings/ResetNetworkConfirm.java
index f79bdb2e36..aab19b4c73 100644
--- a/src/com/android/settings/ResetNetworkConfirm.java
+++ b/src/com/android/settings/ResetNetworkConfirm.java
@@ -142,6 +142,9 @@ public class ResetNetworkConfirm extends InstrumentedFragment {
}
}
+ Settings.Global.putInt(mContext.getContentResolver(),
+ Settings.Global.CAPTIVE_PORTAL_MODE, 1);
+
restoreDefaultApn(mContext);
Log.d(TAG, "network factoryReset complete. succeeded: "
+ String.valueOf(isResetSucceed));
diff --git a/src/com/android/settings/network/CaptivePortalModePreferenceController.java b/src/com/android/settings/network/CaptivePortalModePreferenceController.java
new file mode 100644
index 0000000000..ae21b29292
--- /dev/null
+++ b/src/com/android/settings/network/CaptivePortalModePreferenceController.java
@@ -0,0 +1,82 @@
+/*
+ * Copyright (C) 2018 The LineageOS Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.android.settings.network;
+
+import android.content.Context;
+import android.provider.Settings;
+
+import androidx.fragment.app.Fragment;
+import androidx.preference.Preference;
+import androidx.preference.SwitchPreference;
+
+import com.android.settings.core.PreferenceControllerMixin;
+import com.android.settingslib.core.AbstractPreferenceController;
+
+public class CaptivePortalModePreferenceController extends AbstractPreferenceController
+ implements PreferenceControllerMixin, Preference.OnPreferenceChangeListener {
+
+ private static final String TAG = "CaptivePortalModePreferenceController";
+ private static final String CAPTIVE_PORTAL_SWITCH_KEY = "captive_portal_switch";
+
+ private SwitchPreference mCaptivePortalMode;
+ private Preference mPreference;
+ private final Fragment mFragment;
+
+ public CaptivePortalModePreferenceController(Context context, Fragment hostFragment) {
+ super(context);
+
+ mFragment = hostFragment;
+ }
+
+ @Override
+ public void updateState(Preference preference) {
+ boolean value = (Settings.Global.getInt(mContext.getContentResolver(),
+ Settings.Global.CAPTIVE_PORTAL_MODE,
+ Settings.Global.CAPTIVE_PORTAL_MODE_PROMPT) != 0);
+ ((SwitchPreference) preference).setChecked(value);
+ }
+
+ @Override
+ public boolean onPreferenceChange(Preference preference, Object newValue) {
+ mPreference = preference;
+ if ((Boolean) newValue) {
+ Settings.Global.putInt(mContext.getContentResolver(),
+ Settings.Global.CAPTIVE_PORTAL_MODE, 1);
+ } else {
+ CaptivePortalWarningDialog.show(mFragment);
+ }
+ return true;
+ }
+
+ public void onCaptivePortalSwitchOffDialogConfirmed() {
+ Settings.Global.putInt(mContext.getContentResolver(),
+ Settings.Global.CAPTIVE_PORTAL_MODE, 0);
+ }
+
+ public void onCaptivePortalSwitchOffDialogDismissed() {
+ updateState(mPreference);
+ }
+
+ @Override
+ public boolean isAvailable() {
+ return true;
+ }
+
+ @Override
+ public String getPreferenceKey() {
+ return CAPTIVE_PORTAL_SWITCH_KEY;
+ }
+}
diff --git a/src/com/android/settings/network/CaptivePortalWarningDialog.java b/src/com/android/settings/network/CaptivePortalWarningDialog.java
new file mode 100644
index 0000000000..d27bd7d2f0
--- /dev/null
+++ b/src/com/android/settings/network/CaptivePortalWarningDialog.java
@@ -0,0 +1,74 @@
+/*
+ * Copyright (C) 2018 The LineageOS Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.settings.network;
+
+import android.app.Dialog;
+import android.content.DialogInterface;
+import android.os.Bundle;
+
+import androidx.appcompat.app.AlertDialog;
+import androidx.fragment.app.Fragment;
+import androidx.fragment.app.FragmentManager;
+
+import com.android.internal.logging.nano.MetricsProto;
+import com.android.settings.R;
+import com.android.settings.core.instrumentation.InstrumentedDialogFragment;
+
+public class CaptivePortalWarningDialog extends InstrumentedDialogFragment implements
+ DialogInterface.OnClickListener, DialogInterface.OnDismissListener {
+
+ public static final String TAG = "CaptivePortalWarningDialog";
+
+ public static void show(Fragment host) {
+ final FragmentManager manager = host.getActivity().getSupportFragmentManager();
+ if (manager.findFragmentByTag(TAG) == null) {
+ final CaptivePortalWarningDialog dialog =
+ new CaptivePortalWarningDialog();
+ dialog.setTargetFragment(host, 0 /* requestCode */);
+ dialog.show(manager, TAG);
+ }
+ }
+
+ @Override
+ public int getMetricsCategory() {
+ return MetricsProto.MetricsEvent.TYPE_UNKNOWN;
+ }
+
+ @Override
+ public Dialog onCreateDialog(Bundle savedInstanceState) {
+ return new AlertDialog.Builder(getActivity())
+ .setTitle(R.string.captive_portal_switch_title)
+ .setMessage(R.string.captive_portal_switch_warning)
+ .setIconAttribute(android.R.attr.alertDialogIcon)
+ .setPositiveButton(android.R.string.yes, this /* onClickListener */)
+ .setNegativeButton(android.R.string.no, this /* onClickListener */)
+ .create();
+ }
+
+ @Override
+ public void onClick(DialogInterface dialog, int which) {
+ final CaptivePortalWarningDialogHost host = (CaptivePortalWarningDialogHost) getTargetFragment();
+ if (host == null) {
+ return;
+ }
+ if (which == DialogInterface.BUTTON_POSITIVE) {
+ host.onCaptivePortalSwitchOffDialogConfirmed();
+ } else {
+ host.onCaptivePortalSwitchOffDialogDismissed();
+ }
+ }
+}
diff --git a/src/com/android/settings/network/CaptivePortalWarningDialogHost.java b/src/com/android/settings/network/CaptivePortalWarningDialogHost.java
new file mode 100644
index 0000000000..7a04d1f831
--- /dev/null
+++ b/src/com/android/settings/network/CaptivePortalWarningDialogHost.java
@@ -0,0 +1,32 @@
+/*
+ * Copyright (C) 2018 The LineageOS Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.settings.network;
+
+/**
+ * Interface for CaptivePortalWarningDialogHost callbacks.
+ */
+public interface CaptivePortalWarningDialogHost {
+ /**
+ * Called when the user presses YES/ok on the warning dialog.
+ */
+ void onCaptivePortalSwitchOffDialogConfirmed();
+
+ /**
+ * Called when the user presses NO/cancel on the warning dialog.
+ */
+ void onCaptivePortalSwitchOffDialogDismissed();
+}
diff --git a/src/com/android/settings/network/NetworkDashboardFragment.java b/src/com/android/settings/network/NetworkDashboardFragment.java
index 286e4e36e5..0eb79c5d4c 100644
--- a/src/com/android/settings/network/NetworkDashboardFragment.java
+++ b/src/com/android/settings/network/NetworkDashboardFragment.java
@@ -44,7 +44,7 @@ import java.util.List;
@SearchIndexable
public class NetworkDashboardFragment extends DashboardFragment implements
- MobilePlanPreferenceHost {
+ MobilePlanPreferenceHost, CaptivePortalWarningDialogHost {
private static final String TAG = "NetworkDashboardFrag";
@@ -100,6 +100,8 @@ public class NetworkDashboardFragment extends DashboardFragment implements
new VpnPreferenceController(context);
final PrivateDnsPreferenceController privateDnsPreferenceController =
new PrivateDnsPreferenceController(context);
+ final CaptivePortalModePreferenceController captiveportalModePreferenceController =
+ new CaptivePortalModePreferenceController(context, fragment);
if (lifecycle != null) {
lifecycle.addObserver(mobilePlanPreferenceController);
@@ -118,10 +120,23 @@ public class NetworkDashboardFragment extends DashboardFragment implements
controllers.add(internetPreferenceController);
}
controllers.add(privateDnsPreferenceController);
+ controllers.add(captiveportalModePreferenceController);
controllers.add(new NetworkProviderCallsSmsController(context, lifecycle));
return controllers;
}
+ public void onCaptivePortalSwitchOffDialogConfirmed() {
+ final CaptivePortalModePreferenceController controller =
+ use(CaptivePortalModePreferenceController.class);
+ controller.onCaptivePortalSwitchOffDialogConfirmed();
+ }
+
+ public void onCaptivePortalSwitchOffDialogDismissed() {
+ final CaptivePortalModePreferenceController controller =
+ use(CaptivePortalModePreferenceController.class);
+ controller.onCaptivePortalSwitchOffDialogDismissed();
+ }
+
@Override
public void showMobilePlanMessageDialog() {
showDialog(MANAGE_MOBILE_PLAN_DIALOG_ID);

318
Patches/LineageOS-19.1/android_packages_apps_Settings/0004-Private_DNS.patch Normal file
View File

@ -0,0 +1,318 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Tad <tad@spotco.us>
Date: Thu, 21 Oct 2021 21:09:38 -0400
Subject: [PATCH] Add more 'Private DNS' options
This adds thirteen DNS providers as available presets.
Credit: CalyxOS
- Chirayu Desai <chirayudesai1@gmail.com>
https://review.calyxos.org/c/CalyxOS/platform_packages_apps_Settings/+/458
- Pavel Shirshov <pshirshov@eml.cc>
https://review.calyxos.org/c/CalyxOS/platform_packages_apps_Settings/+/5357
Signed-off-by: Tad <tad@spotco.us>
Change-Id: I423ad5a3c360a687a226e61df3f75b5550f851c0
---
res/layout/private_dns_mode_dialog.xml | 52 +++++++++++
res/values/cm_strings.xml | 15 +++
.../PrivateDnsModeDialogPreference.java | 92 +++++++++++++++++++
.../PrivateDnsPreferenceController.java | 65 +++++++++++++
4 files changed, 224 insertions(+)
diff --git a/res/layout/private_dns_mode_dialog.xml b/res/layout/private_dns_mode_dialog.xml
index 12e29e693b..b6745806b5 100644
--- a/res/layout/private_dns_mode_dialog.xml
+++ b/res/layout/private_dns_mode_dialog.xml
@@ -35,6 +35,58 @@
android:id="@+id/private_dns_mode_off"
layout="@layout/preference_widget_dialog_radiobutton"/>
+ <include
+ android:id="@+id/private_dns_mode_adguard"
+ layout="@layout/preference_widget_dialog_radiobutton"/>
+
+ <include
+ android:id="@+id/private_dns_mode_appliedprivacy"
+ layout="@layout/preference_widget_dialog_radiobutton"/>
+
+ <include
+ android:id="@+id/private_dns_mode_cira"
+ layout="@layout/preference_widget_dialog_radiobutton"/>
+
+ <include
+ android:id="@+id/private_dns_mode_cleanbrowsing"
+ layout="@layout/preference_widget_dialog_radiobutton"/>
+
+ <include
+ android:id="@+id/private_dns_mode_cloudflare"
+ layout="@layout/preference_widget_dialog_radiobutton"/>
+
+ <include
+ android:id="@+id/private_dns_mode_cznic"
+ layout="@layout/preference_widget_dialog_radiobutton"/>
+
+ <include
+ android:id="@+id/private_dns_mode_google"
+ layout="@layout/preference_widget_dialog_radiobutton"/>
+
+ <include
+ android:id="@+id/private_dns_mode_mullvad"
+ layout="@layout/preference_widget_dialog_radiobutton"/>
+
+ <include
+ android:id="@+id/private_dns_mode_quadnine"
+ layout="@layout/preference_widget_dialog_radiobutton"/>
+
+ <include
+ android:id="@+id/private_dns_mode_restena"
+ layout="@layout/preference_widget_dialog_radiobutton"/>
+
+ <include
+ android:id="@+id/private_dns_mode_switch"
+ layout="@layout/preference_widget_dialog_radiobutton"/>
+
+ <include
+ android:id="@+id/private_dns_mode_twnic"
+ layout="@layout/preference_widget_dialog_radiobutton"/>
+
+ <include
+ android:id="@+id/private_dns_mode_uncensoreddns"
+ layout="@layout/preference_widget_dialog_radiobutton"/>
+
<include
android:id="@+id/private_dns_mode_opportunistic"
layout="@layout/preference_widget_dialog_radiobutton"/>
diff --git a/res/values/cm_strings.xml b/res/values/cm_strings.xml
index 9923c03f0e..9495cd3d0e 100644
--- a/res/values/cm_strings.xml
+++ b/res/values/cm_strings.xml
@@ -74,6 +74,21 @@
<!-- Volume link notification -->
<string name="volume_link_notification_title">Link ring &amp; notification volumes</string>
+ <!-- Private DNS -->
+ <string name="private_dns_mode_adguard" translatable="false">AdGuard (CY)</string>
+ <string name="private_dns_mode_appliedprivacy" translatable="false">AppliedPrivacy (AT)</string>
+ <string name="private_dns_mode_cira" translatable="false">CIRA (CA)</string>
+ <string name="private_dns_mode_cleanbrowsing" translatable="false">CleanBrowsing (US)</string>
+ <string name="private_dns_mode_cloudflare" translatable="false">Cloudflare (US)</string>
+ <string name="private_dns_mode_cznic" translatable="false">CZ.NIC (CZ)</string>
+ <string name="private_dns_mode_google" translatable="false">Google (US)</string>
+ <string name="private_dns_mode_mullvad" translatable="false">Mullvad (SE)</string>
+ <string name="private_dns_mode_quadnine" translatable="false">Quad9 (CH)</string>
+ <string name="private_dns_mode_restena" translatable="false">Restena (LU)</string>
+ <string name="private_dns_mode_switch" translatable="false">SWITCH (CH)</string>
+ <string name="private_dns_mode_twnic" translatable="false">TW.NIC (TW)</string>
+ <string name="private_dns_mode_uncensoreddns" translatable="false">UncensoredDNS (DK)</string>
+
<!-- PIN scramble -->
<string name="unlock_scramble_pin_layout_title">Scramble layout</string>
<string name="unlock_scramble_pin_layout_summary">Scramble PIN layout when unlocking device</string>
diff --git a/src/com/android/settings/network/PrivateDnsModeDialogPreference.java b/src/com/android/settings/network/PrivateDnsModeDialogPreference.java
index 1c3fc76dba..0be44c4fee 100644
--- a/src/com/android/settings/network/PrivateDnsModeDialogPreference.java
+++ b/src/com/android/settings/network/PrivateDnsModeDialogPreference.java
@@ -18,6 +18,19 @@ package com.android.settings.network;
import static android.net.ConnectivitySettingsManager.PRIVATE_DNS_MODE_OFF;
import static android.net.ConnectivitySettingsManager.PRIVATE_DNS_MODE_OPPORTUNISTIC;
import static android.net.ConnectivitySettingsManager.PRIVATE_DNS_MODE_PROVIDER_HOSTNAME;
+import static android.net.ConnectivitySettingsManager.PRIVATE_DNS_MODE_ADGUARD;
+import static android.net.ConnectivitySettingsManager.PRIVATE_DNS_MODE_APPLIEDPRIVACY;
+import static android.net.ConnectivitySettingsManager.PRIVATE_DNS_MODE_CIRA;
+import static android.net.ConnectivitySettingsManager.PRIVATE_DNS_MODE_CLEANBROWSING;
+import static android.net.ConnectivitySettingsManager.PRIVATE_DNS_MODE_CLOUDFLARE;
+import static android.net.ConnectivitySettingsManager.PRIVATE_DNS_MODE_CZNIC;
+import static android.net.ConnectivitySettingsManager.PRIVATE_DNS_MODE_GOOGLE;
+import static android.net.ConnectivitySettingsManager.PRIVATE_DNS_MODE_MULLVAD;
+import static android.net.ConnectivitySettingsManager.PRIVATE_DNS_MODE_QUADNINE;
+import static android.net.ConnectivitySettingsManager.PRIVATE_DNS_MODE_RESTENA;
+import static android.net.ConnectivitySettingsManager.PRIVATE_DNS_MODE_SWITCH;
+import static android.net.ConnectivitySettingsManager.PRIVATE_DNS_MODE_TWNIC;
+import static android.net.ConnectivitySettingsManager.PRIVATE_DNS_MODE_UNCENSOREDDNS;
import static com.android.settingslib.RestrictedLockUtils.EnforcedAdmin;
@@ -75,6 +88,19 @@ public class PrivateDnsModeDialogPreference extends CustomDialogPreferenceCompat
static {
PRIVATE_DNS_MAP = new HashMap<>();
PRIVATE_DNS_MAP.put(PRIVATE_DNS_MODE_OFF, R.id.private_dns_mode_off);
+ PRIVATE_DNS_MAP.put(PRIVATE_DNS_MODE_ADGUARD, R.id.private_dns_mode_adguard);
+ PRIVATE_DNS_MAP.put(PRIVATE_DNS_MODE_APPLIEDPRIVACY, R.id.private_dns_mode_appliedprivacy);
+ PRIVATE_DNS_MAP.put(PRIVATE_DNS_MODE_CIRA, R.id.private_dns_mode_cira);
+ PRIVATE_DNS_MAP.put(PRIVATE_DNS_MODE_CLEANBROWSING, R.id.private_dns_mode_cleanbrowsing);
+ PRIVATE_DNS_MAP.put(PRIVATE_DNS_MODE_CLOUDFLARE, R.id.private_dns_mode_cloudflare);
+ PRIVATE_DNS_MAP.put(PRIVATE_DNS_MODE_CZNIC, R.id.private_dns_mode_cznic);
+ PRIVATE_DNS_MAP.put(PRIVATE_DNS_MODE_GOOGLE, R.id.private_dns_mode_google);
+ PRIVATE_DNS_MAP.put(PRIVATE_DNS_MODE_MULLVAD, R.id.private_dns_mode_mullvad);
+ PRIVATE_DNS_MAP.put(PRIVATE_DNS_MODE_QUADNINE, R.id.private_dns_mode_quadnine);
+ PRIVATE_DNS_MAP.put(PRIVATE_DNS_MODE_RESTENA, R.id.private_dns_mode_restena);
+ PRIVATE_DNS_MAP.put(PRIVATE_DNS_MODE_SWITCH, R.id.private_dns_mode_switch);
+ PRIVATE_DNS_MAP.put(PRIVATE_DNS_MODE_TWNIC, R.id.private_dns_mode_twnic);
+ PRIVATE_DNS_MAP.put(PRIVATE_DNS_MODE_UNCENSOREDDNS, R.id.private_dns_mode_uncensoreddns);
PRIVATE_DNS_MAP.put(PRIVATE_DNS_MODE_OPPORTUNISTIC, R.id.private_dns_mode_opportunistic);
PRIVATE_DNS_MAP.put(PRIVATE_DNS_MODE_PROVIDER_HOSTNAME, R.id.private_dns_mode_provider);
}
@@ -173,6 +199,46 @@ public class PrivateDnsModeDialogPreference extends CustomDialogPreferenceCompat
// Initial radio button text
final RadioButton offRadioButton = view.findViewById(R.id.private_dns_mode_off);
offRadioButton.setText(R.string.private_dns_mode_off);
+ final RadioButton adguardRadioButton =
+ view.findViewById(R.id.private_dns_mode_adguard);
+ adguardRadioButton.setText(R.string.private_dns_mode_adguard);
+ final RadioButton appliedprivacyRadioButton =
+ view.findViewById(R.id.private_dns_mode_appliedprivacy);
+ appliedprivacyRadioButton.setText(R.string.private_dns_mode_appliedprivacy);
+ final RadioButton ciraRadioButton =
+ view.findViewById(R.id.private_dns_mode_cira);
+ ciraRadioButton.setText(R.string.private_dns_mode_cira);
+ final RadioButton cleanbrowsingRadioButton =
+ view.findViewById(R.id.private_dns_mode_cleanbrowsing);
+ cleanbrowsingRadioButton.setText(R.string.private_dns_mode_cleanbrowsing);
+ final RadioButton cloudflareRadioButton =
+ view.findViewById(R.id.private_dns_mode_cloudflare);
+ cloudflareRadioButton.setText(R.string.private_dns_mode_cloudflare);
+ final RadioButton cznicRadioButton =
+ view.findViewById(R.id.private_dns_mode_cznic);
+ cznicRadioButton.setText(R.string.private_dns_mode_cznic);
+ final RadioButton googleRadioButton =
+ view.findViewById(R.id.private_dns_mode_google);
+ googleRadioButton.setText(R.string.private_dns_mode_google);
+ final RadioButton mullvadRadioButton =
+ view.findViewById(R.id.private_dns_mode_mullvad);
+ mullvadRadioButton.setText(R.string.private_dns_mode_mullvad);
+ final RadioButton quadnineRadioButton =
+ view.findViewById(R.id.private_dns_mode_quadnine);
+ quadnineRadioButton.setText(R.string.private_dns_mode_quadnine);
+ final RadioButton restenaRadioButton =
+ view.findViewById(R.id.private_dns_mode_restena);
+ restenaRadioButton.setText(R.string.private_dns_mode_restena);
+ final RadioButton switchRadioButton =
+ view.findViewById(R.id.private_dns_mode_switch);
+ switchRadioButton.setText(R.string.private_dns_mode_switch);
+ final RadioButton twnicRadioButton =
+ view.findViewById(R.id.private_dns_mode_twnic);
+ twnicRadioButton.setText(R.string.private_dns_mode_twnic);
+ final RadioButton uncensoreddnsRadioButton =
+ view.findViewById(R.id.private_dns_mode_uncensoreddns);
+ uncensoreddnsRadioButton.setText(R.string.private_dns_mode_uncensoreddns);
+
final RadioButton opportunisticRadioButton =
view.findViewById(R.id.private_dns_mode_opportunistic);
opportunisticRadioButton.setText(R.string.private_dns_mode_opportunistic);
@@ -212,6 +278,32 @@ public class PrivateDnsModeDialogPreference extends CustomDialogPreferenceCompat
public void onCheckedChanged(RadioGroup group, int checkedId) {
if (checkedId == R.id.private_dns_mode_off) {
mMode = PRIVATE_DNS_MODE_OFF;
+ } else if (checkedId == R.id.private_dns_mode_adguard) {
+ mMode = PRIVATE_DNS_MODE_ADGUARD;
+ } else if (checkedId == R.id.private_dns_mode_appliedprivacy) {
+ mMode = PRIVATE_DNS_MODE_APPLIEDPRIVACY;
+ } else if (checkedId == R.id.private_dns_mode_cira) {
+ mMode = PRIVATE_DNS_MODE_CIRA;
+ } else if (checkedId == R.id.private_dns_mode_cleanbrowsing) {
+ mMode = PRIVATE_DNS_MODE_CLEANBROWSING;
+ } else if (checkedId == R.id.private_dns_mode_cloudflare) {
+ mMode = PRIVATE_DNS_MODE_CLOUDFLARE;
+ } else if (checkedId == R.id.private_dns_mode_cznic) {
+ mMode = PRIVATE_DNS_MODE_CZNIC;
+ } else if (checkedId == R.id.private_dns_mode_google) {
+ mMode = PRIVATE_DNS_MODE_GOOGLE;
+ } else if (checkedId == R.id.private_dns_mode_mullvad) {
+ mMode = PRIVATE_DNS_MODE_MULLVAD;
+ } else if (checkedId == R.id.private_dns_mode_quadnine) {
+ mMode = PRIVATE_DNS_MODE_QUADNINE;
+ } else if (checkedId == R.id.private_dns_mode_restena) {
+ mMode = PRIVATE_DNS_MODE_RESTENA;
+ } else if (checkedId == R.id.private_dns_mode_switch) {
+ mMode = PRIVATE_DNS_MODE_SWITCH;
+ } else if (checkedId == R.id.private_dns_mode_twnic) {
+ mMode = PRIVATE_DNS_MODE_TWNIC;
+ } else if (checkedId == R.id.private_dns_mode_uncensoreddns) {
+ mMode = PRIVATE_DNS_MODE_UNCENSOREDDNS;
} else if (checkedId == R.id.private_dns_mode_opportunistic) {
mMode = PRIVATE_DNS_MODE_OPPORTUNISTIC;
} else if (checkedId == R.id.private_dns_mode_provider) {
diff --git a/src/com/android/settings/network/PrivateDnsPreferenceController.java b/src/com/android/settings/network/PrivateDnsPreferenceController.java
index 07d57140ec..ee9bf84faf 100644
--- a/src/com/android/settings/network/PrivateDnsPreferenceController.java
+++ b/src/com/android/settings/network/PrivateDnsPreferenceController.java
@@ -19,6 +19,19 @@ package com.android.settings.network;
import static android.net.ConnectivitySettingsManager.PRIVATE_DNS_MODE_OFF;
import static android.net.ConnectivitySettingsManager.PRIVATE_DNS_MODE_OPPORTUNISTIC;
import static android.net.ConnectivitySettingsManager.PRIVATE_DNS_MODE_PROVIDER_HOSTNAME;
+import static android.net.ConnectivitySettingsManager.PRIVATE_DNS_MODE_ADGUARD;
+import static android.net.ConnectivitySettingsManager.PRIVATE_DNS_MODE_APPLIEDPRIVACY;
+import static android.net.ConnectivitySettingsManager.PRIVATE_DNS_MODE_CIRA;
+import static android.net.ConnectivitySettingsManager.PRIVATE_DNS_MODE_CLEANBROWSING;
+import static android.net.ConnectivitySettingsManager.PRIVATE_DNS_MODE_CLOUDFLARE;
+import static android.net.ConnectivitySettingsManager.PRIVATE_DNS_MODE_CZNIC;
+import static android.net.ConnectivitySettingsManager.PRIVATE_DNS_MODE_GOOGLE;
+import static android.net.ConnectivitySettingsManager.PRIVATE_DNS_MODE_MULLVAD;
+import static android.net.ConnectivitySettingsManager.PRIVATE_DNS_MODE_QUADNINE;
+import static android.net.ConnectivitySettingsManager.PRIVATE_DNS_MODE_RESTENA;
+import static android.net.ConnectivitySettingsManager.PRIVATE_DNS_MODE_SWITCH;
+import static android.net.ConnectivitySettingsManager.PRIVATE_DNS_MODE_TWNIC;
+import static android.net.ConnectivitySettingsManager.PRIVATE_DNS_MODE_UNCENSOREDDNS;
import static android.provider.Settings.Global.PRIVATE_DNS_DEFAULT_MODE;
import static android.provider.Settings.Global.PRIVATE_DNS_MODE;
import static android.provider.Settings.Global.PRIVATE_DNS_SPECIFIER;
@@ -126,6 +139,58 @@ public class PrivateDnsPreferenceController extends BasePreferenceController
switch (mode) {
case PRIVATE_DNS_MODE_OFF:
return res.getString(R.string.private_dns_mode_off);
+ case PRIVATE_DNS_MODE_ADGUARD:
+ return dnsesResolved
+ ? res.getString(R.string.private_dns_mode_adguard)
+ : res.getString(R.string.private_dns_mode_provider_failure);
+ case PRIVATE_DNS_MODE_APPLIEDPRIVACY:
+ return dnsesResolved
+ ? res.getString(R.string.private_dns_mode_appliedprivacy)
+ : res.getString(R.string.private_dns_mode_provider_failure);
+ case PRIVATE_DNS_MODE_CIRA:
+ return dnsesResolved
+ ? res.getString(R.string.private_dns_mode_cira)
+ : res.getString(R.string.private_dns_mode_provider_failure);
+ case PRIVATE_DNS_MODE_CLEANBROWSING:
+ return dnsesResolved
+ ? res.getString(R.string.private_dns_mode_cleanbrowsing)
+ : res.getString(R.string.private_dns_mode_provider_failure);
+ case PRIVATE_DNS_MODE_CLOUDFLARE:
+ return dnsesResolved
+ ? res.getString(R.string.private_dns_mode_cloudflare)
+ : res.getString(R.string.private_dns_mode_provider_failure);
+ case PRIVATE_DNS_MODE_CZNIC:
+ return dnsesResolved
+ ? res.getString(R.string.private_dns_mode_cznic)
+ : res.getString(R.string.private_dns_mode_provider_failure);
+ case PRIVATE_DNS_MODE_GOOGLE:
+ return dnsesResolved
+ ? res.getString(R.string.private_dns_mode_google)
+ : res.getString(R.string.private_dns_mode_provider_failure);
+ case PRIVATE_DNS_MODE_MULLVAD:
+ return dnsesResolved
+ ? res.getString(R.string.private_dns_mode_mullvad)
+ : res.getString(R.string.private_dns_mode_provider_failure);
+ case PRIVATE_DNS_MODE_QUADNINE:
+ return dnsesResolved
+ ? res.getString(R.string.private_dns_mode_quadnine)
+ : res.getString(R.string.private_dns_mode_provider_failure);
+ case PRIVATE_DNS_MODE_RESTENA:
+ return dnsesResolved
+ ? res.getString(R.string.private_dns_mode_restena)
+ : res.getString(R.string.private_dns_mode_provider_failure);
+ case PRIVATE_DNS_MODE_SWITCH:
+ return dnsesResolved
+ ? res.getString(R.string.private_dns_mode_switch)
+ : res.getString(R.string.private_dns_mode_provider_failure);
+ case PRIVATE_DNS_MODE_TWNIC:
+ return dnsesResolved
+ ? res.getString(R.string.private_dns_mode_twnic)
+ : res.getString(R.string.private_dns_mode_provider_failure);
+ case PRIVATE_DNS_MODE_UNCENSOREDDNS:
+ return dnsesResolved
+ ? res.getString(R.string.private_dns_mode_uncensoreddns)
+ : res.getString(R.string.private_dns_mode_provider_failure);
case PRIVATE_DNS_MODE_OPPORTUNISTIC:
return dnsesResolved ? res.getString(R.string.private_dns_mode_on)
: res.getString(R.string.private_dns_mode_opportunistic);

196
Patches/LineageOS-19.1/android_packages_apps_Settings/0005-Automatic_Reboot.patch Normal file
View File

@ -0,0 +1,196 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: pratyush <codelab@pratyush.dev>
Date: Mon, 7 Jun 2021 22:15:59 +0100
Subject: [PATCH] add auto-reboot setting
---
res/values/arrays.xml | 31 +++++++
res/values/strings.xml | 3 +
res/xml/security_dashboard_settings.xml | 10 ++-
.../AutoRebootPreferenceController.java | 82 +++++++++++++++++++
.../settings/security/SecuritySettings.java | 1 +
5 files changed, 126 insertions(+), 1 deletion(-)
create mode 100644 src/com/android/settings/security/AutoRebootPreferenceController.java
diff --git a/res/values/arrays.xml b/res/values/arrays.xml
index 0fe13feb3e..7472ef5ecd 100644
--- a/res/values/arrays.xml
+++ b/res/values/arrays.xml
@@ -110,6 +110,37 @@
<item>@string/dark_ui_auto_mode_auto</item>
</string-array>
+ <!-- Auto reboot settings -->
+ <string-array name="auto_reboot_entries">
+ <item>Off</item>
+ <item>10 minutes</item>
+ <item>30 minutes</item>
+ <item>1 hour</item>
+ <item>2 hours</item>
+ <item>4 hours</item>
+ <item>8 hours</item>
+ <item>12 hours</item>
+ <item>24 hours</item>
+ <item>36 hours</item>
+ <item>48 hours</item>
+ <item>72 hours</item>
+ </string-array>
+
+ <string-array name="auto_reboot_values" translatable="false">
+ <item>0</item> <!-- Disabled -->
+ <item>600000</item>
+ <item>1800000</item>
+ <item>3600000</item>
+ <item>7200000</item>
+ <item>14400000</item>
+ <item>28800000</item>
+ <item>43200000</item>
+ <item>86400000</item>
+ <item>129600000</item>
+ <item>172800000</item>
+ <item>259200000</item>
+ </string-array>
+
<!-- Security settings. The delay after screen is turned off until device locks.
These are shown in a list dialog. -->
<string-array name="lock_after_timeout_entries">
diff --git a/res/values/strings.xml b/res/values/strings.xml
index 79ca7a465f..76aa5de4c7 100644
--- a/res/values/strings.xml
+++ b/res/values/strings.xml
@@ -650,6 +650,9 @@
<!-- Text shown for the description of the lock when trust lost option [CHAR LIMIT=NONE -->
<string name="trust_lost_locks_screen_summary">If enabled, the device will lock when the last trust agent loses trust</string>
+ <string name="auto_reboot_title">Auto reboot</string>
+ <string name="auto_reboot_summary">Automatically reboot the device, if the phone hasn\'t been unlocked within the selected number of hours.</string>
+
<!-- Text shown for summary of owner info setting (if none set) [CHAR LIMIT=40]-->
<string name="owner_info_settings_summary">None</string>
<!-- Description of how many characters are used in owner info [CHAR LIMIT=40]-->
diff --git a/res/xml/security_dashboard_settings.xml b/res/xml/security_dashboard_settings.xml
index 5b687afc48..25bead6622 100644
--- a/res/xml/security_dashboard_settings.xml
+++ b/res/xml/security_dashboard_settings.xml
@@ -55,6 +55,14 @@
android:summary="@string/summary_placeholder"
settings:keywords="@string/keywords_face_settings" />
+ <ListPreference
+ android:key="auto_reboot"
+ android:title="@string/auto_reboot_title"
+ android:summary="@string/auto_reboot_summary"
+ android:persistent="false"
+ android:entries="@array/auto_reboot_entries"
+ android:entryValues="@array/auto_reboot_values" />
+
<com.android.settingslib.RestrictedPreference
android:key="biometric_settings"
android:title="@string/security_settings_biometric_preference_title"
@@ -170,4 +178,4 @@
</PreferenceCategory>
-</PreferenceScreen>
\ No newline at end of file
+</PreferenceScreen>
diff --git a/src/com/android/settings/security/AutoRebootPreferenceController.java b/src/com/android/settings/security/AutoRebootPreferenceController.java
new file mode 100644
index 0000000000..c7a75219a5
--- /dev/null
+++ b/src/com/android/settings/security/AutoRebootPreferenceController.java
@@ -0,0 +1,82 @@
+package com.android.settings.security;
+
+import android.content.Context;
+import android.os.UserManager;
+import android.provider.Settings;
+import android.util.Log;
+
+import androidx.preference.ListPreference;
+import androidx.preference.Preference;
+import androidx.preference.PreferenceCategory;
+import androidx.preference.PreferenceScreen;
+
+import com.android.settings.core.PreferenceControllerMixin;
+import com.android.settingslib.core.AbstractPreferenceController;
+import com.android.settingslib.core.lifecycle.events.OnResume;
+
+public class AutoRebootPreferenceController extends AbstractPreferenceController
+ implements PreferenceControllerMixin, OnResume,
+ Preference.OnPreferenceChangeListener {
+
+ private static final String KEY_AUTO_REBOOT = "auto_reboot";
+ private static final String PREF_KEY_SECURITY_CATEGORY = "security_category";
+
+ private PreferenceCategory mSecurityCategory;
+ private boolean mIsAdmin;
+ private final UserManager mUm;
+
+ public AutoRebootPreferenceController(Context context) {
+ super(context);
+ mUm = UserManager.get(context);
+ }
+
+ @Override
+ public void displayPreference(PreferenceScreen screen) {
+ super.displayPreference(screen);
+ mSecurityCategory = screen.findPreference(PREF_KEY_SECURITY_CATEGORY);
+ updatePreferenceState();
+ }
+
+ @Override
+ public boolean isAvailable() {
+ mIsAdmin = mUm.isAdminUser();
+ return mIsAdmin;
+ }
+
+ @Override
+ public String getPreferenceKey() {
+ return KEY_AUTO_REBOOT;
+ }
+
+ // TODO: should we use onCreatePreferences() instead?
+ private void updatePreferenceState() {
+ if (mSecurityCategory == null) {
+ return;
+ }
+
+ if (mIsAdmin) {
+ ListPreference autoReboot =
+ (ListPreference) mSecurityCategory.findPreference(KEY_AUTO_REBOOT);
+ autoReboot.setValue(Long.toString(Settings.Global.getLong(
+ mContext.getContentResolver(), Settings.Global.SETTINGS_REBOOT_AFTER_TIMEOUT, 0)));
+ } else {
+ mSecurityCategory.removePreference(
+ mSecurityCategory.findPreference(KEY_AUTO_REBOOT));
+ }
+ }
+
+ @Override
+ public void onResume() {
+ updatePreferenceState();
+ }
+
+ @Override
+ public boolean onPreferenceChange(Preference preference, Object value) {
+ final String key = preference.getKey();
+ if (KEY_AUTO_REBOOT.equals(key) && mIsAdmin) {
+ long timeout = Long.parseLong((String) value);
+ Settings.Global.putLong(mContext.getContentResolver(), Settings.Global.SETTINGS_REBOOT_AFTER_TIMEOUT, timeout);
+ }
+ return true;
+ }
+}
diff --git a/src/com/android/settings/security/SecuritySettings.java b/src/com/android/settings/security/SecuritySettings.java
index be123f2339..c8776749ef 100644
--- a/src/com/android/settings/security/SecuritySettings.java
+++ b/src/com/android/settings/security/SecuritySettings.java
@@ -122,6 +122,7 @@ public class SecuritySettings extends DashboardFragment {
securityPreferenceControllers.add(new CombinedBiometricStatusPreferenceController(
context, lifecycle));
securityPreferenceControllers.add(new ChangeScreenLockPreferenceController(context, host));
+ securityPreferenceControllers.add(new AutoRebootPreferenceController(context));
controllers.add(new PreferenceCategoryController(context, SECURITY_CATEGORY)
.setChildren(securityPreferenceControllers));
controllers.addAll(securityPreferenceControllers);

238
Patches/LineageOS-19.1/android_packages_apps_Settings/0006-Bluetooth_Timeout.patch Normal file
View File

@ -0,0 +1,238 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Oliver Scott <olivercscott@gmail.com>
Date: Fri, 2 Oct 2020 12:37:30 -0400
Subject: [PATCH] add bluetooth auto-turn-off setting
---
res/values/arrays.xml | 44 +++++++
res/values/strings.xml | 19 +++
res/xml/connected_devices.xml | 8 ++
.../BluetoothTimeoutPreferenceController.java | 115 ++++++++++++++++++
4 files changed, 186 insertions(+)
create mode 100644 src/com/android/settings/bluetooth/BluetoothTimeoutPreferenceController.java
diff --git a/res/values/arrays.xml b/res/values/arrays.xml
index 7472ef5ecd..b7428c8c10 100644
--- a/res/values/arrays.xml
+++ b/res/values/arrays.xml
@@ -39,6 +39,50 @@
<item>All</item>
</string-array>
+ <!-- Bluetooth settings. The delay in inactivity before bluetooth is turned off. These are shown in a list dialog. -->
+ <string-array name="bluetooth_timeout_entries">
+ <item>@string/bluetooth_timeout_summary_never</item>
+ <item>@string/bluetooth_timeout_summary_15secs</item>
+ <item>@string/bluetooth_timeout_summary_30secs</item>
+ <item>@string/bluetooth_timeout_summary_1min</item>
+ <item>@string/bluetooth_timeout_summary_2mins</item>
+ <item>@string/bluetooth_timeout_summary_5mins</item>
+ <item>@string/bluetooth_timeout_summary_10mins</item>
+ <item>@string/bluetooth_timeout_summary_30mins</item>
+ <item>@string/bluetooth_timeout_summary_1hour</item>
+ <item>@string/bluetooth_timeout_summary_2hours</item>
+ <item>@string/bluetooth_timeout_summary_4hours</item>
+ <item>@string/bluetooth_timeout_summary_8hours</item>
+ </string-array>
+
+ <!-- Do not translate. -->
+ <string-array name="bluetooth_timeout_values" translatable="false">
+ <!-- Do not translate. -->
+ <item>0</item>
+ <!-- Do not translate. -->
+ <item>15000</item>
+ <!-- Do not translate. -->
+ <item>30000</item>
+ <!-- Do not translate. -->
+ <item>60000</item>
+ <!-- Do not translate. -->
+ <item>120000</item>
+ <!-- Do not translate. -->
+ <item>300000</item>
+ <!-- Do not translate. -->
+ <item>600000</item>
+ <!-- Do not translate. -->
+ <item>1800000</item>
+ <!-- Do not translate. -->
+ <item>3600000</item>
+ <!-- Do not translate. -->
+ <item>7200000</item>
+ <!-- Do not translate. -->
+ <item>14400000</item>
+ <!-- Do not translate. -->
+ <item>28800000</item>
+ </string-array>
+
<!-- Display settings. The delay in inactivity before the screen is turned off. These are shown in a list dialog. -->
<string-array name="screen_timeout_entries">
<item>15 seconds</item>
diff --git a/res/values/strings.xml b/res/values/strings.xml
index 76aa5de4c7..4b53b52b5b 100644
--- a/res/values/strings.xml
+++ b/res/values/strings.xml
@@ -27,6 +27,25 @@
<!-- Used in confirmation dialogs as the action that the user will tap to turn on the feature. [CHAR LIMIT=40]-->
<string name="confirmation_turn_on">Turn on</string>
+ <!-- Connected devices screen, setting option name to change bluetooth timeout -->
+ <string name="bluetooth_timeout">Bluetooth timeout</string>
+
+ <!-- Connected devices screen, setting option summary to change bluetooth timeout -->
+ <string name="bluetooth_timeout_summary">Bluetooth will turn off after <xliff:g id="timeout_description">%1$s</xliff:g> if no devices connected</string>
+ <string name="bluetooth_timeout_summary2">Do not automatically turn off Bluetooth</string>
+ <string name="bluetooth_timeout_summary_never">Never</string>
+ <string name="bluetooth_timeout_summary_15secs">15 seconds</string>
+ <string name="bluetooth_timeout_summary_30secs">30 seconds</string>
+ <string name="bluetooth_timeout_summary_1min">1 minute</string>
+ <string name="bluetooth_timeout_summary_2mins">2 minutes</string>
+ <string name="bluetooth_timeout_summary_5mins">5 minutes</string>
+ <string name="bluetooth_timeout_summary_10mins">10 minutes</string>
+ <string name="bluetooth_timeout_summary_30mins">30 minutes</string>
+ <string name="bluetooth_timeout_summary_1hour">1 hour</string>
+ <string name="bluetooth_timeout_summary_2hours">2 hours</string>
+ <string name="bluetooth_timeout_summary_4hours">4 hours</string>
+ <string name="bluetooth_timeout_summary_8hours">8 hours</string>
+
<!-- Device Info screen. Used for a status item's value when the proper value is not known -->
<string name="device_info_default">Unknown</string>
<!-- [CHAR LIMIT=NONE] Device Info screen. Countdown for user taps to enable development settings -->
diff --git a/res/xml/connected_devices.xml b/res/xml/connected_devices.xml
index 2ac73aef49..a823ff996e 100644
--- a/res/xml/connected_devices.xml
+++ b/res/xml/connected_devices.xml
@@ -52,6 +52,14 @@
settings:useAdminDisabledSummary="true"
settings:controller="com.android.settings.connecteddevice.AddDevicePreferenceController"/>
+ <androidx.preference.ListPreference
+ android:key="bluetooth_timeout"
+ android:title="@string/bluetooth_timeout"
+ android:summary="@string/summary_placeholder"
+ android:entries="@array/bluetooth_timeout_entries"
+ android:entryValues="@array/bluetooth_timeout_values"
+ settings:controller="com.android.settings.bluetooth.BluetoothTimeoutPreferenceController"/>
+
<PreferenceCategory
android:key="previously_connected_devices"
android:title="@string/connected_device_previously_connected_title"
diff --git a/src/com/android/settings/bluetooth/BluetoothTimeoutPreferenceController.java b/src/com/android/settings/bluetooth/BluetoothTimeoutPreferenceController.java
new file mode 100644
index 0000000000..244147948a
--- /dev/null
+++ b/src/com/android/settings/bluetooth/BluetoothTimeoutPreferenceController.java
@@ -0,0 +1,115 @@
+/*
+ * Copyright (C) 2020 The Calyx Institute
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.settings.bluetooth;
+
+import android.bluetooth.BluetoothAdapter;
+import android.content.Context;
+import android.provider.Settings;
+import android.util.Log;
+
+import androidx.preference.ListPreference;
+import androidx.preference.Preference;
+
+import com.android.settings.R;
+import com.android.settings.core.BasePreferenceController;
+import com.android.settings.core.PreferenceControllerMixin;
+
+public class BluetoothTimeoutPreferenceController extends BasePreferenceController implements
+ PreferenceControllerMixin, Preference.OnPreferenceChangeListener {
+ private static final String TAG = "BluetoothTimeoutPrefCtrl";
+
+ public static final int FALLBACK_BLUETOOTH_TIMEOUT_VALUE = 0;
+
+ private final String mBluetoothTimeoutKey;
+
+ protected BluetoothAdapter mBluetoothAdapter;
+
+ public BluetoothTimeoutPreferenceController(Context context, String key) {
+ super(context, key);
+ mBluetoothTimeoutKey = key;
+
+ mBluetoothAdapter = BluetoothAdapter.getDefaultAdapter();
+ if (mBluetoothAdapter == null) {
+ Log.e(TAG, "Bluetooth is not supported on this device");
+ return;
+ }
+ }
+
+ @Override
+ public int getAvailabilityStatus() {
+ return mBluetoothAdapter != null ? AVAILABLE : UNSUPPORTED_ON_DEVICE;
+ }
+
+ @Override
+ public String getPreferenceKey() {
+ return mBluetoothTimeoutKey;
+ }
+
+ @Override
+ public void updateState(Preference preference) {
+ final ListPreference timeoutListPreference = (ListPreference) preference;
+ final long currentTimeout = Settings.Global.getLong(mContext.getContentResolver(),
+ Settings.Global.BLUETOOTH_OFF_TIMEOUT, FALLBACK_BLUETOOTH_TIMEOUT_VALUE);
+ timeoutListPreference.setValue(String.valueOf(currentTimeout));
+ updateTimeoutPreferenceDescription(timeoutListPreference,
+ Long.parseLong(timeoutListPreference.getValue()));
+ }
+
+ @Override
+ public boolean onPreferenceChange(Preference preference, Object newValue) {
+ try {
+ long value = Long.parseLong((String) newValue);
+ Settings.Global.putLong(mContext.getContentResolver(), Settings.Global.BLUETOOTH_OFF_TIMEOUT, value);
+ updateTimeoutPreferenceDescription((ListPreference) preference, value);
+ } catch (NumberFormatException e) {
+ Log.e(TAG, "could not persist bluetooth timeout setting", e);
+ }
+ return true;
+ }
+
+ public static CharSequence getTimeoutDescription(
+ long currentTimeout, CharSequence[] entries, CharSequence[] values) {
+ if (currentTimeout < 0 || entries == null || values == null
+ || values.length != entries.length) {
+ return null;
+ }
+
+ for (int i = 0; i < values.length; i++) {
+ long timeout = Long.parseLong(values[i].toString());
+ if (currentTimeout == timeout) {
+ return entries[i];
+ }
+ }
+ return null;
+ }
+
+ private void updateTimeoutPreferenceDescription(ListPreference preference,
+ long currentTimeout) {
+ final CharSequence[] entries = preference.getEntries();
+ final CharSequence[] values = preference.getEntryValues();
+ final CharSequence timeoutDescription = getTimeoutDescription(
+ currentTimeout, entries, values);
+ String summary = "";
+ if (timeoutDescription != null) {
+ if (currentTimeout != 0)
+ summary = mContext.getString(R.string.bluetooth_timeout_summary, timeoutDescription);
+ else
+ summary = mContext.getString(R.string.bluetooth_timeout_summary2);
+ }
+ preference.setSummary(summary);
+ }
+}

238
Patches/LineageOS-19.1/android_packages_apps_Settings/0007-WiFi_Timeout.patch Normal file
View File

@ -0,0 +1,238 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Oliver Scott <olivercscott@gmail.com>
Date: Thu, 25 Feb 2021 11:31:14 -0500
Subject: [PATCH] add Wi-Fi timeout feature
---
res/values/arrays.xml | 44 +++++++
res/values/strings.xml | 19 +++
res/xml/wifi_configure_settings.xml | 8 ++
.../wifi/WifiTimeoutPreferenceController.java | 115 ++++++++++++++++++
4 files changed, 186 insertions(+)
create mode 100644 src/com/android/settings/wifi/WifiTimeoutPreferenceController.java
diff --git a/res/values/arrays.xml b/res/values/arrays.xml
index b7428c8c10..a474c3bde0 100644
--- a/res/values/arrays.xml
+++ b/res/values/arrays.xml
@@ -83,6 +83,50 @@
<item>28800000</item>
</string-array>
+ <!-- Wifi settings. The delay in inactivity before wifi is turned off. These are shown in a list dialog. -->
+ <string-array name="wifi_timeout_entries">
+ <item>@string/wifi_timeout_summary_never</item>
+ <item>@string/wifi_timeout_summary_15secs</item>
+ <item>@string/wifi_timeout_summary_30secs</item>
+ <item>@string/wifi_timeout_summary_1min</item>
+ <item>@string/wifi_timeout_summary_2mins</item>
+ <item>@string/wifi_timeout_summary_5mins</item>
+ <item>@string/wifi_timeout_summary_10mins</item>
+ <item>@string/wifi_timeout_summary_30mins</item>
+ <item>@string/wifi_timeout_summary_1hour</item>
+ <item>@string/wifi_timeout_summary_2hours</item>
+ <item>@string/wifi_timeout_summary_4hours</item>
+ <item>@string/wifi_timeout_summary_8hours</item>
+ </string-array>
+
+ <!-- Do not translate. -->
+ <string-array name="wifi_timeout_values" translatable="false">
+ <!-- Do not translate. -->
+ <item>0</item>
+ <!-- Do not translate. -->
+ <item>15000</item>
+ <!-- Do not translate. -->
+ <item>30000</item>
+ <!-- Do not translate. -->
+ <item>60000</item>
+ <!-- Do not translate. -->
+ <item>120000</item>
+ <!-- Do not translate. -->
+ <item>300000</item>
+ <!-- Do not translate. -->
+ <item>600000</item>
+ <!-- Do not translate. -->
+ <item>1800000</item>
+ <!-- Do not translate. -->
+ <item>3600000</item>
+ <!-- Do not translate. -->
+ <item>7200000</item>
+ <!-- Do not translate. -->
+ <item>14400000</item>
+ <!-- Do not translate. -->
+ <item>28800000</item>
+ </string-array>
+
<!-- Display settings. The delay in inactivity before the screen is turned off. These are shown in a list dialog. -->
<string-array name="screen_timeout_entries">
<item>15 seconds</item>
diff --git a/res/values/strings.xml b/res/values/strings.xml
index 4b53b52b5b..2262ef679a 100644
--- a/res/values/strings.xml
+++ b/res/values/strings.xml
@@ -46,6 +46,25 @@
<string name="bluetooth_timeout_summary_4hours">4 hours</string>
<string name="bluetooth_timeout_summary_8hours">8 hours</string>
+ <!-- screen, setting option name to change wifi timeout -->
+ <string name="wifi_timeout">Turn off Wi-Fi automatically</string>
+
+ <!-- screen, setting option summary to change wifi timeout -->
+ <string name="wifi_timeout_summary">Wi-Fi will turn off after <xliff:g id="timeout_description">%1$s</xliff:g> if no network connected</string>
+ <string name="wifi_timeout_summary2">Disabled</string>
+ <string name="wifi_timeout_summary_never">Never</string>
+ <string name="wifi_timeout_summary_15secs">15 seconds</string>
+ <string name="wifi_timeout_summary_30secs">30 seconds</string>
+ <string name="wifi_timeout_summary_1min">1 minute</string>
+ <string name="wifi_timeout_summary_2mins">2 minutes</string>
+ <string name="wifi_timeout_summary_5mins">5 minutes</string>
+ <string name="wifi_timeout_summary_10mins">10 minutes</string>
+ <string name="wifi_timeout_summary_30mins">30 minutes</string>
+ <string name="wifi_timeout_summary_1hour">1 hour</string>
+ <string name="wifi_timeout_summary_2hours">2 hours</string>
+ <string name="wifi_timeout_summary_4hours">4 hours</string>
+ <string name="wifi_timeout_summary_8hours">8 hours</string>
+
<!-- Device Info screen. Used for a status item's value when the proper value is not known -->
<string name="device_info_default">Unknown</string>
<!-- [CHAR LIMIT=NONE] Device Info screen. Countdown for user taps to enable development settings -->
diff --git a/res/xml/wifi_configure_settings.xml b/res/xml/wifi_configure_settings.xml
index 2ab7b6a28f..a682e2db92 100644
--- a/res/xml/wifi_configure_settings.xml
+++ b/res/xml/wifi_configure_settings.xml
@@ -26,6 +26,14 @@
android:summary="@string/wifi_wakeup_summary"
settings:controller="com.android.settings.wifi.WifiWakeupPreferenceController"/>
+ <ListPreference
+ android:key="wifi_timeout"
+ android:title="@string/wifi_timeout"
+ android:summary="@string/wifi_timeout_summary"
+ android:entries="@array/wifi_timeout_entries"
+ android:entryValues="@array/wifi_timeout_values"
+ settings:controller="com.android.settings.wifi.WifiTimeoutPreferenceController"/>
+
<SwitchPreference
android:key="notify_open_networks"
android:title="@string/wifi_notify_open_networks"
diff --git a/src/com/android/settings/wifi/WifiTimeoutPreferenceController.java b/src/com/android/settings/wifi/WifiTimeoutPreferenceController.java
new file mode 100644
index 0000000000..7116c90519
--- /dev/null
+++ b/src/com/android/settings/wifi/WifiTimeoutPreferenceController.java
@@ -0,0 +1,115 @@
+/*
+ * Copyright (C) 2020 The Calyx Institute
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.settings.wifi;
+
+import android.content.Context;
+import android.net.wifi.WifiManager;
+import android.provider.Settings;
+import android.util.Log;
+
+import androidx.preference.ListPreference;
+import androidx.preference.Preference;
+
+import com.android.settings.R;
+import com.android.settings.core.BasePreferenceController;
+import com.android.settings.core.PreferenceControllerMixin;
+
+public class WifiTimeoutPreferenceController extends BasePreferenceController implements
+ PreferenceControllerMixin, Preference.OnPreferenceChangeListener {
+ private static final String TAG = "WifiTimeoutPrefCtrl";
+
+ public static final int FALLBACK_WIFI_TIMEOUT_VALUE = 0;
+
+ private final String mWifiTimeoutKey;
+
+ protected WifiManager mWifiManager;
+
+ public WifiTimeoutPreferenceController(Context context, String key) {
+ super(context, key);
+ mWifiTimeoutKey = key;
+
+ mWifiManager = context.getSystemService(WifiManager.class);
+ if (mWifiManager == null) {
+ Log.e(TAG, "Wifi is not supported on this device");
+ return;
+ }
+ }
+
+ @Override
+ public int getAvailabilityStatus() {
+ return mWifiManager != null ? AVAILABLE : UNSUPPORTED_ON_DEVICE;
+ }
+
+ @Override
+ public String getPreferenceKey() {
+ return mWifiTimeoutKey;
+ }
+
+ @Override
+ public void updateState(Preference preference) {
+ final ListPreference timeoutListPreference = (ListPreference) preference;
+ final long currentTimeout = Settings.Global.getLong(mContext.getContentResolver(),
+ Settings.Global.WIFI_OFF_TIMEOUT, FALLBACK_WIFI_TIMEOUT_VALUE);
+ timeoutListPreference.setValue(String.valueOf(currentTimeout));
+ updateTimeoutPreferenceDescription(timeoutListPreference,
+ Long.parseLong(timeoutListPreference.getValue()));
+ }
+
+ @Override
+ public boolean onPreferenceChange(Preference preference, Object newValue) {
+ try {
+ long value = Long.parseLong((String) newValue);
+ Settings.Global.putLong(mContext.getContentResolver(), Settings.Global.WIFI_OFF_TIMEOUT, value);
+ updateTimeoutPreferenceDescription((ListPreference) preference, value);
+ } catch (NumberFormatException e) {
+ Log.e(TAG, "could not persist wifi timeout setting", e);
+ }
+ return true;
+ }
+
+ public static CharSequence getTimeoutDescription(
+ long currentTimeout, CharSequence[] entries, CharSequence[] values) {
+ if (currentTimeout < 0 || entries == null || values == null
+ || values.length != entries.length) {
+ return null;
+ }
+
+ for (int i = 0; i < values.length; i++) {
+ long timeout = Long.parseLong(values[i].toString());
+ if (currentTimeout == timeout) {
+ return entries[i];
+ }
+ }
+ return null;
+ }
+
+ private void updateTimeoutPreferenceDescription(ListPreference preference,
+ long currentTimeout) {
+ final CharSequence[] entries = preference.getEntries();
+ final CharSequence[] values = preference.getEntryValues();
+ final CharSequence timeoutDescription = getTimeoutDescription(
+ currentTimeout, entries, values);
+ String summary = "";
+ if (timeoutDescription != null) {
+ if (currentTimeout != 0)
+ summary = mContext.getString(R.string.wifi_timeout_summary, timeoutDescription);
+ else
+ summary = mContext.getString(R.string.wifi_timeout_summary2);
+ }
+ preference.setSummary(summary);
+ }
+}

168
Patches/LineageOS-19.1/android_packages_apps_Settings/0008-ptrace_scope.patch Normal file
View File

@ -0,0 +1,168 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: flawedworld <38294951+flawedworld@users.noreply.github.com>
Date: Tue, 6 Apr 2021 01:15:32 +0100
Subject: [PATCH] add native debugging setting
---
res/values/strings.xml | 3 +
res/xml/security_dashboard_settings.xml | 6 +
.../NativeDebugPreferenceController.java | 106 ++++++++++++++++++
.../settings/security/SecuritySettings.java | 1 +
4 files changed, 116 insertions(+)
create mode 100644 src/com/android/settings/security/NativeDebugPreferenceController.java
diff --git a/res/values/strings.xml b/res/values/strings.xml
index 2262ef679a..86fca902ec 100644
--- a/res/values/strings.xml
+++ b/res/values/strings.xml
@@ -13109,6 +13109,9 @@
<!-- UI debug setting: Force enable "smart dark" UI rendering feature summary [CHAR LIMIT=NONE] -->
<string name="hwui_force_dark_summary">Overrides the force-dark feature to be always-on</string>
+ <string name="native_debug_title">Enable native code debugging</string>
+ <string name="native_debug_summary">Generate useful logs / bug reports from crashes and permit debugging native code.</string>
+
<!-- Title for the top level Privacy Settings [CHAR LIMIT=30]-->
<string name="privacy_dashboard_title">Privacy</string>
<!-- Summary for the top level Privacy Settings [CHAR LIMIT=NONE]-->
diff --git a/res/xml/security_dashboard_settings.xml b/res/xml/security_dashboard_settings.xml
index 25bead6622..d6754c0932 100644
--- a/res/xml/security_dashboard_settings.xml
+++ b/res/xml/security_dashboard_settings.xml
@@ -63,6 +63,12 @@
android:entries="@array/auto_reboot_entries"
android:entryValues="@array/auto_reboot_values" />
+ <SwitchPreference
+ android:key="native_debug"
+ android:title="@string/native_debug_title"
+ android:summary="@string/native_debug_summary"
+ android:persistent="false" />
+
<com.android.settingslib.RestrictedPreference
android:key="biometric_settings"
android:title="@string/security_settings_biometric_preference_title"
diff --git a/src/com/android/settings/security/NativeDebugPreferenceController.java b/src/com/android/settings/security/NativeDebugPreferenceController.java
new file mode 100644
index 0000000000..9271e6e21c
--- /dev/null
+++ b/src/com/android/settings/security/NativeDebugPreferenceController.java
@@ -0,0 +1,106 @@
+/*
+ * Copyright (C) 2020 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+
+package com.android.settings.security;
+
+import android.content.Context;
+
+import android.os.UserHandle;
+import android.os.UserManager;
+import android.os.SystemProperties;
+
+import android.provider.Settings;
+
+import androidx.preference.Preference;
+import androidx.preference.PreferenceCategory;
+import androidx.preference.PreferenceGroup;
+import androidx.preference.PreferenceScreen;
+import androidx.preference.TwoStatePreference;
+import androidx.preference.SwitchPreference;
+
+import com.android.internal.widget.LockPatternUtils;
+import com.android.settings.core.PreferenceControllerMixin;
+import com.android.settingslib.core.AbstractPreferenceController;
+import com.android.settingslib.core.lifecycle.events.OnResume;
+
+public class NativeDebugPreferenceController extends AbstractPreferenceController
+ implements PreferenceControllerMixin, OnResume, Preference.OnPreferenceChangeListener {
+
+ private static final String SYS_KEY_NATIVE_DEBUG = "persist.native_debug";
+ private static final String PREF_KEY_NATIVE_DEBUG = "native_debug";
+ private static final String PREF_KEY_SECURITY_CATEGORY = "security_category";
+
+ private PreferenceCategory mSecurityCategory;
+ private SwitchPreference mNativeDebug;
+ private boolean mIsAdmin;
+ private UserManager mUm;
+
+ public NativeDebugPreferenceController(Context context) {
+ super(context);
+ mUm = UserManager.get(context);
+ }
+
+ @Override
+ public void displayPreference(PreferenceScreen screen) {
+ super.displayPreference(screen);
+ mSecurityCategory = screen.findPreference(PREF_KEY_SECURITY_CATEGORY);
+ updatePreferenceState();
+ }
+
+ @Override
+ public boolean isAvailable() {
+ mIsAdmin = mUm.isAdminUser();
+ return mIsAdmin;
+ }
+
+ @Override
+ public String getPreferenceKey() {
+ return PREF_KEY_NATIVE_DEBUG;
+ }
+
+ // TODO: should we use onCreatePreferences() instead?
+ private void updatePreferenceState() {
+ if (mSecurityCategory == null) {
+ return;
+ }
+
+ if (mIsAdmin) {
+ mNativeDebug = (SwitchPreference) mSecurityCategory.findPreference(PREF_KEY_NATIVE_DEBUG);
+ mNativeDebug.setChecked(SystemProperties.getBoolean(SYS_KEY_NATIVE_DEBUG, true));
+ } else {
+ mSecurityCategory.removePreference(mSecurityCategory.findPreference(PREF_KEY_NATIVE_DEBUG));
+ }
+ }
+
+ @Override
+ public void onResume() {
+ updatePreferenceState();
+ if (mNativeDebug != null) {
+ boolean mode = mNativeDebug.isChecked();
+ SystemProperties.set(SYS_KEY_NATIVE_DEBUG, Boolean.toString(mode));
+ }
+ }
+
+ @Override
+ public boolean onPreferenceChange(Preference preference, Object value) {
+ final String key = preference.getKey();
+ if (PREF_KEY_NATIVE_DEBUG.equals(key)) {
+ final boolean mode = !mNativeDebug.isChecked();
+ SystemProperties.set(SYS_KEY_NATIVE_DEBUG, Boolean.toString(mode));
+ }
+ return true;
+ }
+}
diff --git a/src/com/android/settings/security/SecuritySettings.java b/src/com/android/settings/security/SecuritySettings.java
index c8776749ef..34822e7a3e 100644
--- a/src/com/android/settings/security/SecuritySettings.java
+++ b/src/com/android/settings/security/SecuritySettings.java
@@ -123,6 +123,7 @@ public class SecuritySettings extends DashboardFragment {
context, lifecycle));
securityPreferenceControllers.add(new ChangeScreenLockPreferenceController(context, host));
securityPreferenceControllers.add(new AutoRebootPreferenceController(context));
+ securityPreferenceControllers.add(new NativeDebugPreferenceController(context));
controllers.add(new PreferenceCategoryController(context, SECURITY_CATEGORY)
.setChildren(securityPreferenceControllers));
controllers.addAll(securityPreferenceControllers);

140
Patches/LineageOS-19.1/android_packages_apps_Settings/0009-Install_Restrictions.patch Normal file
View File

@ -0,0 +1,140 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: flawedworld <flawedworld@flawed.world>
Date: Wed, 1 Sep 2021 20:36:10 +0000
Subject: [PATCH] UserManager app installation restrictions
---
res/values/strings.xml | 2 +
res/xml/user_details_settings.xml | 4 ++
.../settings/users/UserDetailsSettings.java | 43 ++++++++++++++++---
3 files changed, 44 insertions(+), 5 deletions(-)
diff --git a/res/values/strings.xml b/res/values/strings.xml
index 19d4cdec54..970533145b 100644
--- a/res/values/strings.xml
+++ b/res/values/strings.xml
@@ -7737,6 +7737,8 @@
<string name="user_enable_calling">Turn on phone calls</string>
<!-- Title of preference to enable calling and SMS [CHAR LIMIT=45] -->
<string name="user_enable_calling_sms">Turn on phone calls &amp; SMS</string>
+ <!-- Title of preference to disallow installing apps [CHAR LIMIT=45] -->
+ <string name="user_disallow_install_apps">Disallow installing apps</string>
<!-- Title of preference to remove the user [CHAR LIMIT=35] -->
<string name="user_remove_user">Delete user</string>
<!-- Title for confirmation of turning on calls [CHAR LIMIT=40] -->
diff --git a/res/xml/user_details_settings.xml b/res/xml/user_details_settings.xml
index 9280ff1163..d0a055fae2 100644
--- a/res/xml/user_details_settings.xml
+++ b/res/xml/user_details_settings.xml
@@ -29,6 +29,10 @@
android:key="app_and_content_access"
android:icon="@drawable/ic_lock_closed"
android:title="@string/user_restrictions_title" />
+ <SwitchPreference
+ android:icon="@drawable/ic_settings_install"
+ android:key="disallow_install_apps"
+ android:title="@string/user_disallow_install_apps" />
<com.android.settingslib.RestrictedPreference
android:key="remove_user"
android:icon="@drawable/ic_delete"
diff --git a/src/com/android/settings/users/UserDetailsSettings.java b/src/com/android/settings/users/UserDetailsSettings.java
index ce186f2134..0b70fa2704 100644
--- a/src/com/android/settings/users/UserDetailsSettings.java
+++ b/src/com/android/settings/users/UserDetailsSettings.java
@@ -62,6 +62,7 @@ public class UserDetailsSettings extends SettingsPreferenceFragment
private static final String KEY_ENABLE_TELEPHONY = "enable_calling";
private static final String KEY_REMOVE_USER = "remove_user";
private static final String KEY_APP_AND_CONTENT_ACCESS = "app_and_content_access";
+ private static final String KEY_DISALLOW_INSTALL_APPS = "disallow_install_apps";
/** Integer extra containing the userId to manage */
static final String EXTRA_USER_ID = "user_id";
@@ -85,6 +86,7 @@ public class UserDetailsSettings extends SettingsPreferenceFragment
Preference mAppAndContentAccessPref;
@VisibleForTesting
Preference mRemoveUserPref;
+ private SwitchPreference mInstallAppsPref;
@VisibleForTesting
UserInfo mUserInfo;
@@ -148,12 +150,37 @@ public class UserDetailsSettings extends SettingsPreferenceFragment
@Override
public boolean onPreferenceChange(Preference preference, Object newValue) {
- if (Boolean.TRUE.equals(newValue)) {
- showDialog(mUserInfo.isGuest() ? DIALOG_CONFIRM_ENABLE_CALLING
- : DIALOG_CONFIRM_ENABLE_CALLING_AND_SMS);
- return false;
+ if (preference == mPhonePref) {
+ if (Boolean.TRUE.equals(newValue)) {
+ showDialog(mUserInfo.isGuest() ? DIALOG_CONFIRM_ENABLE_CALLING
+ : DIALOG_CONFIRM_ENABLE_CALLING_AND_SMS);
+ return false;
+ }
+ enableCallsAndSms(false);
+ } else if (preference == mInstallAppsPref) {
+ if (mUserInfo.isGuest()) {
+ mDefaultGuestRestrictions.putBoolean(UserManager.DISALLOW_INSTALL_APPS, (Boolean) newValue);
+ mUserManager.setDefaultGuestRestrictions(mDefaultGuestRestrictions);
+
+ // Update the guest's restrictions, if there is a guest
+ // TODO: Maybe setDefaultGuestRestrictions() can internally just set the restrictions
+ // on any existing guest rather than do it here with multiple Binder calls.
+ List<UserInfo> users = mUserManager.getUsers(true);
+ for (UserInfo user: users) {
+ if (user.isGuest()) {
+ UserHandle userHandle = UserHandle.of(user.id);
+ for (String key : mDefaultGuestRestrictions.keySet()) {
+ mUserManager.setUserRestriction(
+ key, mDefaultGuestRestrictions.getBoolean(key), userHandle);
+ }
+ }
+ }
+ } else {
+ UserHandle userHandle = UserHandle.of(mUserInfo.id);
+ mUserManager.setUserRestriction(UserManager.DISALLOW_INSTALL_APPS, (Boolean) newValue,
+ userHandle);
+ }
}
- enableCallsAndSms(false);
return true;
}
@@ -241,6 +268,7 @@ public class UserDetailsSettings extends SettingsPreferenceFragment
mPhonePref = findPreference(KEY_ENABLE_TELEPHONY);
mRemoveUserPref = findPreference(KEY_REMOVE_USER);
mAppAndContentAccessPref = findPreference(KEY_APP_AND_CONTENT_ACCESS);
+ mInstallAppsPref = findPreference(KEY_DISALLOW_INSTALL_APPS);
mSwitchUserPref.setTitle(
context.getString(com.android.settingslib.R.string.user_switch_to_user,
@@ -258,6 +286,7 @@ public class UserDetailsSettings extends SettingsPreferenceFragment
removePreference(KEY_ENABLE_TELEPHONY);
removePreference(KEY_REMOVE_USER);
removePreference(KEY_APP_AND_CONTENT_ACCESS);
+ removePreference(KEY_DISALLOW_INSTALL_APPS);
} else {
if (!Utils.isVoiceCapable(context)) { // no telephony
removePreference(KEY_ENABLE_TELEPHONY);
@@ -288,10 +317,13 @@ public class UserDetailsSettings extends SettingsPreferenceFragment
if (mGuestUserAutoCreated) {
mRemoveUserPref.setEnabled((mUserInfo.flags & UserInfo.FLAG_INITIALIZED) != 0);
}
+ removePreference(KEY_DISALLOW_INSTALL_APPS);
} else {
mPhonePref.setChecked(!mUserManager.hasUserRestriction(
UserManager.DISALLOW_OUTGOING_CALLS, new UserHandle(userId)));
mRemoveUserPref.setTitle(R.string.user_remove_user);
+ mInstallAppsPref.setChecked(mUserManager.hasUserRestriction(
+ UserManager.DISALLOW_INSTALL_APPS, new UserHandle(userId)));
}
if (RestrictedLockUtilsInternal.hasBaseUserRestriction(context,
UserManager.DISALLOW_REMOVE_USER, UserHandle.myUserId())) {
@@ -301,6 +333,7 @@ public class UserDetailsSettings extends SettingsPreferenceFragment
mRemoveUserPref.setOnPreferenceClickListener(this);
mPhonePref.setOnPreferenceChangeListener(this);
mAppAndContentAccessPref.setOnPreferenceClickListener(this);
+ mInstallAppsPref.setOnPreferenceChangeListener(this);
}
}

168
Patches/LineageOS-19.1/android_packages_apps_Settings/0010-exec_spawning_toggle.patch Normal file
View File

@ -0,0 +1,168 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Sat, 26 Mar 2022 20:35:37 -0400
Subject: [PATCH] add exec spawning toggle
---
res/values/strings.xml | 3 +
res/xml/security_dashboard_settings.xml | 6 +
.../ExecSpawnPreferenceController.java | 106 ++++++++++++++++++
.../settings/security/SecuritySettings.java | 1 +
4 files changed, 116 insertions(+)
create mode 100644 src/com/android/settings/security/ExecSpawnPreferenceController.java
diff --git a/res/values/strings.xml b/res/values/strings.xml
index 86fca902ec..19d4cdec54 100644
--- a/res/values/strings.xml
+++ b/res/values/strings.xml
@@ -13109,6 +13109,9 @@
<!-- UI debug setting: Force enable "smart dark" UI rendering feature summary [CHAR LIMIT=NONE] -->
<string name="hwui_force_dark_summary">Overrides the force-dark feature to be always-on</string>
+ <string name="exec_spawn_title">Enable secure app spawning</string>
+ <string name="exec_spawn_summary">Launch apps in a more secure way than Android which takes slightly longer and increases memory usage by app processes.</string>
+
<string name="native_debug_title">Enable native code debugging</string>
<string name="native_debug_summary">Generate useful logs / bug reports from crashes and permit debugging native code.</string>
diff --git a/res/xml/security_dashboard_settings.xml b/res/xml/security_dashboard_settings.xml
index d6754c0932..20f0d4df5b 100644
--- a/res/xml/security_dashboard_settings.xml
+++ b/res/xml/security_dashboard_settings.xml
@@ -63,6 +63,12 @@
android:entries="@array/auto_reboot_entries"
android:entryValues="@array/auto_reboot_values" />
+ <SwitchPreference
+ android:key="exec_spawn"
+ android:title="@string/exec_spawn_title"
+ android:summary="@string/exec_spawn_summary"
+ android:persistent="false" />
+
<SwitchPreference
android:key="native_debug"
android:title="@string/native_debug_title"
diff --git a/src/com/android/settings/security/ExecSpawnPreferenceController.java b/src/com/android/settings/security/ExecSpawnPreferenceController.java
new file mode 100644
index 0000000000..78f021210a
--- /dev/null
+++ b/src/com/android/settings/security/ExecSpawnPreferenceController.java
@@ -0,0 +1,106 @@
+/*
+ * Copyright (C) 2022 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+
+package com.android.settings.security;
+
+import android.content.Context;
+
+import android.os.UserHandle;
+import android.os.UserManager;
+import android.os.SystemProperties;
+
+import android.provider.Settings;
+
+import androidx.preference.Preference;
+import androidx.preference.PreferenceCategory;
+import androidx.preference.PreferenceGroup;
+import androidx.preference.PreferenceScreen;
+import androidx.preference.TwoStatePreference;
+import androidx.preference.SwitchPreference;
+
+import com.android.internal.widget.LockPatternUtils;
+import com.android.settings.core.PreferenceControllerMixin;
+import com.android.settingslib.core.AbstractPreferenceController;
+import com.android.settingslib.core.lifecycle.events.OnResume;
+
+public class ExecSpawnPreferenceController extends AbstractPreferenceController
+ implements PreferenceControllerMixin, OnResume, Preference.OnPreferenceChangeListener {
+
+ private static final String SYS_KEY_EXEC_SPAWN = "persist.security.exec_spawn";
+ private static final String PREF_KEY_EXEC_SPAWN = "exec_spawn";
+ private static final String PREF_KEY_SECURITY_CATEGORY = "security_category";
+
+ private PreferenceCategory mSecurityCategory;
+ private SwitchPreference mExecSpawn;
+ private boolean mIsAdmin;
+ private UserManager mUm;
+
+ public ExecSpawnPreferenceController(Context context) {
+ super(context);
+ mUm = UserManager.get(context);
+ }
+
+ @Override
+ public void displayPreference(PreferenceScreen screen) {
+ super.displayPreference(screen);
+ mSecurityCategory = screen.findPreference(PREF_KEY_SECURITY_CATEGORY);
+ updatePreferenceState();
+ }
+
+ @Override
+ public boolean isAvailable() {
+ mIsAdmin = mUm.isAdminUser();
+ return mIsAdmin;
+ }
+
+ @Override
+ public String getPreferenceKey() {
+ return PREF_KEY_EXEC_SPAWN;
+ }
+
+ // TODO: should we use onCreatePreferences() instead?
+ private void updatePreferenceState() {
+ if (mSecurityCategory == null) {
+ return;
+ }
+
+ if (mIsAdmin) {
+ mExecSpawn = (SwitchPreference) mSecurityCategory.findPreference(PREF_KEY_EXEC_SPAWN);
+ mExecSpawn.setChecked(SystemProperties.getBoolean(SYS_KEY_EXEC_SPAWN, true));
+ } else {
+ mSecurityCategory.removePreference(mSecurityCategory.findPreference(PREF_KEY_EXEC_SPAWN));
+ }
+ }
+
+ @Override
+ public void onResume() {
+ updatePreferenceState();
+ if (mExecSpawn != null) {
+ boolean mode = mExecSpawn.isChecked();
+ SystemProperties.set(SYS_KEY_EXEC_SPAWN, Boolean.toString(mode));
+ }
+ }
+
+ @Override
+ public boolean onPreferenceChange(Preference preference, Object value) {
+ final String key = preference.getKey();
+ if (PREF_KEY_EXEC_SPAWN.equals(key)) {
+ final boolean mode = !mExecSpawn.isChecked();
+ SystemProperties.set(SYS_KEY_EXEC_SPAWN, Boolean.toString(mode));
+ }
+ return true;
+ }
+}
diff --git a/src/com/android/settings/security/SecuritySettings.java b/src/com/android/settings/security/SecuritySettings.java
index 34822e7a3e..a940165bed 100644
--- a/src/com/android/settings/security/SecuritySettings.java
+++ b/src/com/android/settings/security/SecuritySettings.java
@@ -123,6 +123,7 @@ public class SecuritySettings extends DashboardFragment {
context, lifecycle));
securityPreferenceControllers.add(new ChangeScreenLockPreferenceController(context, host));
securityPreferenceControllers.add(new AutoRebootPreferenceController(context));
+ securityPreferenceControllers.add(new ExecSpawnPreferenceController(context));
securityPreferenceControllers.add(new NativeDebugPreferenceController(context));
controllers.add(new PreferenceCategoryController(context, SECURITY_CATEGORY)
.setChildren(securityPreferenceControllers));

145
Patches/LineageOS-19.1/android_packages_apps_Settings/0011-Random_MAC.patch Normal file
View File

@ -0,0 +1,145 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: renlord <me@renlord.com>
Date: Fri, 15 Oct 2021 20:02:51 +0530
Subject: [PATCH] add option to always randomize MAC RANDOMIZATION_ALWAYS is
set as the default option
---
res/layout/wifi_dialog.xml | 2 +-
res/values/arrays.xml | 7 +++++
res/xml/wifi_network_details_fragment2.xml | 2 +-
.../WifiDetailPreferenceController2.java | 2 +-
.../WifiPrivacyPreferenceController2.java | 28 +++++++++++++++----
5 files changed, 32 insertions(+), 9 deletions(-)
diff --git a/res/layout/wifi_dialog.xml b/res/layout/wifi_dialog.xml
index 8111d3aaa9..de57fb3525 100644
--- a/res/layout/wifi_dialog.xml
+++ b/res/layout/wifi_dialog.xml
@@ -694,7 +694,7 @@
android:layout_height="wrap_content"
style="@style/wifi_item_spinner"
android:prompt="@string/wifi_privacy_settings"
- android:entries="@array/wifi_privacy_entries"/>
+ android:entries="@array/wifi_privacy_entries_extended"/>
</LinearLayout>
<LinearLayout
diff --git a/res/values/arrays.xml b/res/values/arrays.xml
index a474c3bde0..dffc6daf07 100644
--- a/res/values/arrays.xml
+++ b/res/values/arrays.xml
@@ -1397,6 +1397,12 @@
<item>Treat as unmetered</item>
</string-array>
+ <string-array name="wifi_privacy_entries_extended">
+ <item>Use per-connection randomized MAC (default)</item>
+ <item>Use per-network randomized MAC</item>
+ <item>Use device MAC</item>
+ </string-array>
+
<string-array name="wifi_privacy_entries">
<item>Use randomized MAC (default)</item>
<item>Use device MAC</item>
@@ -1414,6 +1420,7 @@
</string-array>
<string-array name="wifi_privacy_values" translatable="false">
+ <item>100</item>
<item>1</item>
<item>0</item>
</string-array>
diff --git a/res/xml/wifi_network_details_fragment2.xml b/res/xml/wifi_network_details_fragment2.xml
index 1c4fe9147a..191b4f80ae 100644
--- a/res/xml/wifi_network_details_fragment2.xml
+++ b/res/xml/wifi_network_details_fragment2.xml
@@ -69,7 +69,7 @@
android:key="privacy"
android:icon="@drawable/ic_wifi_privacy_24dp"
android:title="@string/wifi_privacy_settings"
- android:entries="@array/wifi_privacy_entries"
+ android:entries="@array/wifi_privacy_entries_extended"
android:entryValues="@array/wifi_privacy_values"/>
<Preference
diff --git a/src/com/android/settings/wifi/details2/WifiDetailPreferenceController2.java b/src/com/android/settings/wifi/details2/WifiDetailPreferenceController2.java
index f9d0db07b2..5f46d9b71e 100644
--- a/src/com/android/settings/wifi/details2/WifiDetailPreferenceController2.java
+++ b/src/com/android/settings/wifi/details2/WifiDetailPreferenceController2.java
@@ -799,7 +799,7 @@ public class WifiDetailPreferenceController2 extends AbstractPreferenceControlle
}
private int getMacAddressTitle() {
- if (mWifiEntry.getPrivacy() == WifiEntry.PRIVACY_RANDOMIZED_MAC) {
+ if (mWifiEntry.getPrivacy() != WifiEntry.PRIVACY_DEVICE_MAC) {
return mWifiEntry.getConnectedState() == WifiEntry.CONNECTED_STATE_CONNECTED
? R.string.wifi_advanced_randomized_mac_address_title
: R.string.wifi_advanced_randomized_mac_address_disconnected_title;
diff --git a/src/com/android/settings/wifi/details2/WifiPrivacyPreferenceController2.java b/src/com/android/settings/wifi/details2/WifiPrivacyPreferenceController2.java
index c484922564..d0b98b6086 100644
--- a/src/com/android/settings/wifi/details2/WifiPrivacyPreferenceController2.java
+++ b/src/com/android/settings/wifi/details2/WifiPrivacyPreferenceController2.java
@@ -42,6 +42,10 @@ public class WifiPrivacyPreferenceController2 extends BasePreferenceController i
private WifiEntry mWifiEntry;
private Preference mPreference;
+ private static final int PREF_RANDOMIZATION_ALWAYS = 0;
+ private static final int PREF_RANDOMIZATION_PERSISTENT = 1;
+ private static final int PREF_RANDOMIZATION_NONE = 2;
+
public WifiPrivacyPreferenceController2(Context context) {
super(context, KEY_WIFI_PRIVACY);
@@ -99,8 +103,6 @@ public class WifiPrivacyPreferenceController2 extends BasePreferenceController i
return mWifiEntry.getPrivacy();
}
- private static final int PREF_RANDOMIZATION_PERSISTENT = 0;
- private static final int PREF_RANDOMIZATION_NONE = 1;
/**
* Returns preference index value.
@@ -109,8 +111,14 @@ public class WifiPrivacyPreferenceController2 extends BasePreferenceController i
* @return index value of preference
*/
public static int translateMacRandomizedValueToPrefValue(int macRandomized) {
- return (macRandomized == WifiEntry.PRIVACY_RANDOMIZED_MAC)
- ? PREF_RANDOMIZATION_PERSISTENT : PREF_RANDOMIZATION_NONE;
+ switch (macRandomized) {
+ case WifiEntry.PRIVACY_RANDOMIZED_MAC:
+ return PREF_RANDOMIZATION_PERSISTENT;
+ case WifiEntry.PRIVACY_DEVICE_MAC:
+ return PREF_RANDOMIZATION_NONE;
+ default:
+ return PREF_RANDOMIZATION_ALWAYS;
+ }
}
/**
@@ -120,8 +128,14 @@ public class WifiPrivacyPreferenceController2 extends BasePreferenceController i
* @return mac randomized value
*/
public static int translatePrefValueToMacRandomizedValue(int prefMacRandomized) {
- return (prefMacRandomized == PREF_RANDOMIZATION_PERSISTENT)
- ? WifiEntry.PRIVACY_RANDOMIZED_MAC : WifiEntry.PRIVACY_DEVICE_MAC;
+ switch (prefMacRandomized) {
+ case PREF_RANDOMIZATION_PERSISTENT:
+ return WifiEntry.PRIVACY_RANDOMIZED_MAC;
+ case PREF_RANDOMIZATION_NONE:
+ return WifiEntry.PRIVACY_DEVICE_MAC;
+ default:
+ return WifiEntry.PRIVACY_RANDOMIZATION_ALWAYS;
+ }
}
private void updateSummary(DropDownPreference preference, int macRandomized) {
@@ -151,6 +165,8 @@ public class WifiPrivacyPreferenceController2 extends BasePreferenceController i
return WifiEntry.PRIVACY_DEVICE_MAC;
case WifiConfiguration.RANDOMIZATION_PERSISTENT:
return WifiEntry.PRIVACY_RANDOMIZED_MAC;
+ case WifiConfiguration.RANDOMIZATION_ALWAYS:
+ return WifiEntry.PRIVACY_RANDOMIZATION_ALWAYS;
default:
return WifiEntry.PRIVACY_UNKNOWN;
}

178
Patches/LineageOS-19.1/android_packages_apps_SetupWizard/0001-Remove_Analytics.patch Normal file
View File

@ -0,0 +1,178 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Tad <tad@spotco.us>
Date: Fri, 3 Sep 2021 08:52:48 -0400
Subject: [PATCH] Remove analytics
Change-Id: I044dd6b137b8a1d4a6dde3a63c0aaa454309341f
---
res/layout/setup_lineage_settings.xml | 29 -----------------
.../lineageos/setupwizard/FinishActivity.java | 13 --------
.../setupwizard/LineageSettingsActivity.java | 32 -------------------
.../lineageos/setupwizard/SetupWizardApp.java | 1 -
4 files changed, 75 deletions(-)
diff --git a/res/layout/setup_lineage_settings.xml b/res/layout/setup_lineage_settings.xml
index 5d206e4..db3594a 100644
--- a/res/layout/setup_lineage_settings.xml
+++ b/res/layout/setup_lineage_settings.xml
@@ -45,35 +45,6 @@
android:layout_width="match_parent"
android:layout_height="match_parent">
- <!-- Whether or not to enable metrics -->
- <LinearLayout
- android:id="@+id/metrics"
- android:orientation="horizontal"
- android:layout_width="match_parent"
- android:layout_height="wrap_content"
- android:paddingLeft="@dimen/location_margin_left"
- android:paddingRight="@dimen/content_margin_right"
- android:background="?android:attr/selectableItemBackground"
- android:clickable="true">
-
-
- <CheckBox
- android:id="@+id/enable_metrics_checkbox"
- android:layout_width="wrap_content"
- android:layout_height="wrap_content"
- android:duplicateParentState="true"
- android:clickable="false"
- style="@style/SudCheckBox.Multiline" />
-
- <TextView
- android:id="@+id/enable_metrics_summary"
- android:layout_width="wrap_content"
- android:layout_height="wrap_content"
- android:text="@string/services_metrics_label"
- style="@style/SudCheckBox.Multiline" />
-
- </LinearLayout>
-
<!-- Checkbox for using on-screen nav keys -->
<LinearLayout
android:id="@+id/nav_keys"
diff --git a/src/org/lineageos/setupwizard/FinishActivity.java b/src/org/lineageos/setupwizard/FinishActivity.java
index 95e3166..0a07369 100644
--- a/src/org/lineageos/setupwizard/FinishActivity.java
+++ b/src/org/lineageos/setupwizard/FinishActivity.java
@@ -26,7 +26,6 @@ import static org.lineageos.setupwizard.Manifest.permission.FINISH_SETUP;
import static org.lineageos.setupwizard.SetupWizardApp.ACTION_SETUP_COMPLETE;
import static org.lineageos.setupwizard.SetupWizardApp.DISABLE_NAV_KEYS;
import static org.lineageos.setupwizard.SetupWizardApp.ENABLE_RECOVERY_UPDATE;
-import static org.lineageos.setupwizard.SetupWizardApp.KEY_SEND_METRICS;
import static org.lineageos.setupwizard.SetupWizardApp.LOGV;
import static org.lineageos.setupwizard.SetupWizardApp.NAVIGATION_OPTION_KEY;
import static org.lineageos.setupwizard.SetupWizardApp.UPDATE_RECOVERY_PROP;
@@ -175,7 +174,6 @@ public class FinishActivity extends BaseSetupWizardActivity {
}
private void completeSetup() {
- handleEnableMetrics(mSetupWizardApp);
handleNavKeys(mSetupWizardApp);
handleRecoveryUpdate(mSetupWizardApp);
handleNavigationOption(mSetupWizardApp);
@@ -189,17 +187,6 @@ public class FinishActivity extends BaseSetupWizardActivity {
startActivityForResult(intent, NEXT_REQUEST);
}
- private static void handleEnableMetrics(SetupWizardApp setupWizardApp) {
- Bundle privacyData = setupWizardApp.getSettingsBundle();
- if (privacyData != null
- && privacyData.containsKey(KEY_SEND_METRICS)) {
- LineageSettings.Secure.putInt(setupWizardApp.getContentResolver(),
- LineageSettings.Secure.STATS_COLLECTION,
- privacyData.getBoolean(KEY_SEND_METRICS)
- ? 1 : 0);
- }
- }
-
private static void handleNavKeys(SetupWizardApp setupWizardApp) {
if (setupWizardApp.getSettingsBundle().containsKey(DISABLE_NAV_KEYS)) {
writeDisableNavkeysOption(setupWizardApp,
diff --git a/src/org/lineageos/setupwizard/LineageSettingsActivity.java b/src/org/lineageos/setupwizard/LineageSettingsActivity.java
index ace417f..5f77401 100644
--- a/src/org/lineageos/setupwizard/LineageSettingsActivity.java
+++ b/src/org/lineageos/setupwizard/LineageSettingsActivity.java
@@ -18,7 +18,6 @@
package org.lineageos.setupwizard;
import static org.lineageos.setupwizard.SetupWizardApp.DISABLE_NAV_KEYS;
-import static org.lineageos.setupwizard.SetupWizardApp.KEY_SEND_METRICS;
import android.app.Activity;
import android.content.Context;
@@ -50,17 +49,10 @@ public class LineageSettingsActivity extends BaseSetupWizardActivity {
private SetupWizardApp mSetupWizardApp;
- private CheckBox mMetrics;
private CheckBox mNavKeys;
private boolean mSupportsKeyDisabler = false;
- private final View.OnClickListener mMetricsClickListener = view -> {
- boolean checked = !mMetrics.isChecked();
- mMetrics.setChecked(checked);
- mSetupWizardApp.getSettingsBundle().putBoolean(KEY_SEND_METRICS, checked);
- };
-
private final View.OnClickListener mNavKeysClickListener = view -> {
boolean checked = !mNavKeys.isChecked();
mNavKeys.setChecked(checked);
@@ -80,20 +72,6 @@ public class LineageSettingsActivity extends BaseSetupWizardActivity {
privacyPolicy, policySummary);
getGlifLayout().setDescriptionText(servicesFullDescription);
- View metricsRow = findViewById(R.id.metrics);
- metricsRow.setOnClickListener(mMetricsClickListener);
- metricsRow.requestFocus();
- String metricsHelpImproveLineage =
- getString(R.string.services_help_improve_cm, os_name);
- String metricsSummary = getString(R.string.services_metrics_label,
- metricsHelpImproveLineage, os_name, os_name);
- final SpannableStringBuilder metricsSpan = new SpannableStringBuilder(metricsSummary);
- metricsSpan.setSpan(new android.text.style.StyleSpan(android.graphics.Typeface.BOLD),
- 0, metricsHelpImproveLineage.length(), Spannable.SPAN_EXCLUSIVE_EXCLUSIVE);
- TextView metrics = (TextView) findViewById(R.id.enable_metrics_summary);
- metrics.setText(metricsSpan);
- mMetrics = (CheckBox) findViewById(R.id.enable_metrics_checkbox);
-
View navKeysRow = findViewById(R.id.nav_keys);
navKeysRow.setOnClickListener(mNavKeysClickListener);
mNavKeys = (CheckBox) findViewById(R.id.nav_keys_checkbox);
@@ -110,7 +88,6 @@ public class LineageSettingsActivity extends BaseSetupWizardActivity {
public void onResume() {
super.onResume();
updateDisableNavkeysOption();
- updateMetricsOption();
}
@Override
@@ -134,15 +111,6 @@ public class LineageSettingsActivity extends BaseSetupWizardActivity {
return R.drawable.ic_features;
}
- private void updateMetricsOption() {
- final Bundle myPageBundle = mSetupWizardApp.getSettingsBundle();
- boolean metricsChecked =
- !myPageBundle.containsKey(KEY_SEND_METRICS) || myPageBundle
- .getBoolean(KEY_SEND_METRICS);
- mMetrics.setChecked(metricsChecked);
- myPageBundle.putBoolean(KEY_SEND_METRICS, metricsChecked);
- }
-
private void updateDisableNavkeysOption() {
if (mSupportsKeyDisabler) {
final Bundle myPageBundle = mSetupWizardApp.getSettingsBundle();
diff --git a/src/org/lineageos/setupwizard/SetupWizardApp.java b/src/org/lineageos/setupwizard/SetupWizardApp.java
index dcfe3bc..9466815 100644
--- a/src/org/lineageos/setupwizard/SetupWizardApp.java
+++ b/src/org/lineageos/setupwizard/SetupWizardApp.java
@@ -60,7 +60,6 @@ public class SetupWizardApp extends Application {
public static final String EXTRA_ENABLE_NEXT_ON_CONNECT = "wifi_enable_next_on_connect";
public static final String KEY_DETECT_CAPTIVE_PORTAL = "captive_portal_detection_enabled";
- public static final String KEY_SEND_METRICS = "send_metrics";
public static final String DISABLE_NAV_KEYS = "disable_nav_keys";
public static final String ENABLE_RECOVERY_UPDATE = "enable_recovery_update";
public static final String UPDATE_RECOVERY_PROP = "persist.vendor.recovery_update";

33
Patches/LineageOS-19.1/android_packages_apps_Updater/0001-Server.patch Normal file
View File

@ -0,0 +1,33 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Tad <tad@spotco.us>
Date: Thu, 20 Sep 2018 16:43:46 -0400
Subject: [PATCH] Switch to our update server
Change-Id: I26dc2942736cf0cfe4e7b92ddfdd04b9d74dbae5
---
src/org/lineageos/updater/misc/Utils.java | 11 ++---------
1 file changed, 2 insertions(+), 9 deletions(-)
diff --git a/src/org/lineageos/updater/misc/Utils.java b/src/org/lineageos/updater/misc/Utils.java
index 79ded8f..69a5252 100644
--- a/src/org/lineageos/updater/misc/Utils.java
+++ b/src/org/lineageos/updater/misc/Utils.java
@@ -153,16 +153,9 @@ public class Utils {
String incrementalVersion = SystemProperties.get(Constants.PROP_BUILD_VERSION_INCREMENTAL);
String device = SystemProperties.get(Constants.PROP_NEXT_DEVICE,
SystemProperties.get(Constants.PROP_DEVICE));
- String type = SystemProperties.get(Constants.PROP_RELEASE_TYPE).toLowerCase(Locale.ROOT);
+ String server = "0OTA_SERVER_CLEARNET0";
- String serverUrl = SystemProperties.get(Constants.PROP_UPDATER_URI);
- if (serverUrl.trim().isEmpty()) {
- serverUrl = context.getString(R.string.updater_server_url);
- }
-
- return serverUrl.replace("{device}", device)
- .replace("{type}", type)
- .replace("{incr}", incrementalVersion);
+ return server + "?base=LineageOS&device=" + device + "&inc=" + incrementalVersion;
}
public static String getUpgradeBlockedURL(Context context) {

397
Patches/LineageOS-19.1/android_packages_apps_Updater/0002-Tor_Support.patch Normal file
View File

@ -0,0 +1,397 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Tad <tad@spotco.us>
Date: Thu, 20 Sep 2018 21:44:53 -0400
Subject: [PATCH] Add support for routing over Tor
Change-Id: Ibfe080c3d801af34fb64fda1b6b8f4f39a2b1ccf
---
AndroidManifest.xml | 4 ++
res/layout/preferences_dialog.xml | 8 +++
res/values/strings.xml | 2 +
.../lineageos/updater/UpdatesActivity.java | 12 ++++
.../updater/UpdatesCheckReceiver.java | 4 ++
.../updater/controller/UpdaterController.java | 8 +++
.../updater/download/DownloadClient.java | 8 ++-
.../download/HttpURLConnectionClient.java | 27 ++++++--
src/org/lineageos/updater/misc/Constants.java | 1 +
src/org/lineageos/updater/misc/Utils.java | 65 +++++++++++++++++++
10 files changed, 134 insertions(+), 5 deletions(-)
diff --git a/AndroidManifest.xml b/AndroidManifest.xml
index 693ded4..91e85a3 100644
--- a/AndroidManifest.xml
+++ b/AndroidManifest.xml
@@ -12,6 +12,10 @@
<uses-permission android:name="android.permission.START_ACTIVITIES_FROM_BACKGROUND" />
<uses-permission android:name="android.permission.WAKE_LOCK" />
+ <queries>
+ <package android:name="org.torproject.android" />
+ </queries>
+
<application
android:allowBackup="false"
android:icon="@mipmap/ic_launcher"
diff --git a/res/layout/preferences_dialog.xml b/res/layout/preferences_dialog.xml
index c586f44..b1536ea 100644
--- a/res/layout/preferences_dialog.xml
+++ b/res/layout/preferences_dialog.xml
@@ -29,6 +29,14 @@
android:entries="@array/menu_auto_updates_check_interval_entries" />
</LinearLayout>
+ <androidx.appcompat.widget.SwitchCompat
+ android:id="@+id/preferences_onion_routing"
+ android:layout_width="match_parent"
+ android:layout_height="wrap_content"
+ android:layout_marginBottom="16dp"
+ android:text="@string/menu_onion_routing"
+ android:textSize="16sp" />
+
<androidx.appcompat.widget.SwitchCompat
android:id="@+id/preferences_auto_delete_updates"
android:layout_width="match_parent"
diff --git a/res/values/strings.xml b/res/values/strings.xml
index bfb2627..916e1e6 100644
--- a/res/values/strings.xml
+++ b/res/values/strings.xml
@@ -70,6 +70,7 @@
<string name="menu_auto_updates_check_interval_weekly">Once a week</string>
<string name="menu_auto_updates_check_interval_monthly">Once a month</string>
<string name="menu_auto_updates_check_interval_never">Never</string>
+ <string name="menu_onion_routing">Perform requests over Tor</string>
<string name="menu_auto_delete_updates">Delete updates when installed</string>
<string name="menu_delete_update">Delete</string>
<string name="menu_copy_url">Copy URL</string>
@@ -87,6 +88,7 @@
<string name="snack_download_failed">The download failed. Please check your internet connection and try again later.</string>
<string name="snack_download_verification_failed">The update verification failed.</string>
<string name="snack_download_verified">Download completed.</string>
+ <string name="snack_orbot_not_available">Orbot is not installed, disabling Tor routing!</string>
<string name="snack_update_not_installable">This update can\'t be installed on top of the current build.</string>
diff --git a/src/org/lineageos/updater/UpdatesActivity.java b/src/org/lineageos/updater/UpdatesActivity.java
index 395e801..7fddc87 100644
--- a/src/org/lineageos/updater/UpdatesActivity.java
+++ b/src/org/lineageos/updater/UpdatesActivity.java
@@ -361,10 +361,14 @@ public class UpdatesActivity extends UpdatesListActivity {
final DownloadClient downloadClient;
try {
+ if(Utils.isOnionRoutingEnabled(getApplicationContext())) {
+ Utils.requestStartOrbot(getApplicationContext());
+ }
downloadClient = new DownloadClient.Builder()
.setUrl(url)
.setDestination(jsonFileTmp)
.setDownloadCallback(callback)
+ .setUseOnionRouting(Utils.isOnionRoutingEnabled(getApplicationContext()))
.build();
} catch (IOException exception) {
Log.e(TAG, "Could not build download client");
@@ -444,6 +448,7 @@ public class UpdatesActivity extends UpdatesListActivity {
private void showPreferencesDialog() {
View view = LayoutInflater.from(this).inflate(R.layout.preferences_dialog, null);
Spinner autoCheckInterval = view.findViewById(R.id.preferences_auto_updates_check_interval);
+ SwitchCompat onionRouting = view.findViewById(R.id.preferences_onion_routing);
SwitchCompat autoDelete = view.findViewById(R.id.preferences_auto_delete_updates);
SwitchCompat dataWarning = view.findViewById(R.id.preferences_mobile_data_warning);
SwitchCompat abPerfMode = view.findViewById(R.id.preferences_ab_perf_mode);
@@ -455,6 +460,7 @@ public class UpdatesActivity extends UpdatesListActivity {
SharedPreferences prefs = PreferenceManager.getDefaultSharedPreferences(this);
autoCheckInterval.setSelection(Utils.getUpdateCheckSetting(this));
+ onionRouting.setChecked(prefs.getBoolean(Constants.PREF_ONION_ROUTING, false));
autoDelete.setChecked(prefs.getBoolean(Constants.PREF_AUTO_DELETE_UPDATES, false));
dataWarning.setChecked(prefs.getBoolean(Constants.PREF_MOBILE_DATA_WARNING, true));
abPerfMode.setChecked(prefs.getBoolean(Constants.PREF_AB_PERF_MODE, false));
@@ -494,6 +500,8 @@ public class UpdatesActivity extends UpdatesListActivity {
prefs.edit()
.putInt(Constants.PREF_AUTO_UPDATES_CHECK_INTERVAL,
autoCheckInterval.getSelectedItemPosition())
+ .putBoolean(Constants.PREF_ONION_ROUTING,
+ onionRouting.isChecked() && Utils.isOrbotInstalled(getApplicationContext()))
.putBoolean(Constants.PREF_AUTO_DELETE_UPDATES, autoDelete.isChecked())
.putBoolean(Constants.PREF_MOBILE_DATA_WARNING, dataWarning.isChecked())
.putBoolean(Constants.PREF_AB_PERF_MODE, abPerfMode.isChecked())
@@ -506,6 +514,10 @@ public class UpdatesActivity extends UpdatesListActivity {
UpdatesCheckReceiver.cancelUpdatesCheck(this);
}
+ if(onionRouting.isChecked() && !Utils.isOrbotInstalled(getApplicationContext())) {
+ showSnackbar(R.string.snack_orbot_not_available, Snackbar.LENGTH_LONG);
+ }
+
if (Utils.isABDevice()) {
boolean enableABPerfMode = abPerfMode.isChecked();
mUpdaterService.getUpdaterController().setPerformanceMode(enableABPerfMode);
diff --git a/src/org/lineageos/updater/UpdatesCheckReceiver.java b/src/org/lineageos/updater/UpdatesCheckReceiver.java
index 7fa9cd5..962fd00 100644
--- a/src/org/lineageos/updater/UpdatesCheckReceiver.java
+++ b/src/org/lineageos/updater/UpdatesCheckReceiver.java
@@ -110,10 +110,14 @@ public class UpdatesCheckReceiver extends BroadcastReceiver {
};
try {
+ if(Utils.isOnionRoutingEnabled(context)) {
+ Utils.requestStartOrbot(context);
+ }
DownloadClient downloadClient = new DownloadClient.Builder()
.setUrl(url)
.setDestination(jsonNew)
.setDownloadCallback(callback)
+ .setUseOnionRouting(Utils.isOnionRoutingEnabled(context))
.build();
downloadClient.start();
} catch (IOException e) {
diff --git a/src/org/lineageos/updater/controller/UpdaterController.java b/src/org/lineageos/updater/controller/UpdaterController.java
index 5d7d51a..7ac5f5b 100644
--- a/src/org/lineageos/updater/controller/UpdaterController.java
+++ b/src/org/lineageos/updater/controller/UpdaterController.java
@@ -374,12 +374,16 @@ public class UpdaterController {
update.setFile(destination);
DownloadClient downloadClient;
try {
+ if(Utils.isOnionRoutingEnabled(mContext)) {
+ Utils.requestStartOrbot(mContext);
+ }
downloadClient = new DownloadClient.Builder()
.setUrl(update.getDownloadUrl())
.setDestination(update.getFile())
.setDownloadCallback(getDownloadCallback(downloadId))
.setProgressListener(getProgressListener(downloadId))
.setUseDuplicateLinks(true)
+ .setUseOnionRouting(Utils.isOnionRoutingEnabled(mContext))
.build();
} catch (IOException exception) {
Log.e(TAG, "Could not build download client");
@@ -419,6 +423,9 @@ public class UpdaterController {
verifyUpdateAsync(downloadId);
notifyUpdateChange(downloadId);
} else {
+ if(Utils.isOnionRoutingEnabled(mContext)) {
+ Utils.requestStartOrbot(mContext);
+ }
DownloadClient downloadClient;
try {
downloadClient = new DownloadClient.Builder()
@@ -427,6 +434,7 @@ public class UpdaterController {
.setDownloadCallback(getDownloadCallback(downloadId))
.setProgressListener(getProgressListener(downloadId))
.setUseDuplicateLinks(true)
+ .setUseOnionRouting(Utils.isOnionRoutingEnabled(mContext))
.build();
} catch (IOException exception) {
Log.e(TAG, "Could not build download client");
diff --git a/src/org/lineageos/updater/download/DownloadClient.java b/src/org/lineageos/updater/download/DownloadClient.java
index 3494947..7a7f7cf 100644
--- a/src/org/lineageos/updater/download/DownloadClient.java
+++ b/src/org/lineageos/updater/download/DownloadClient.java
@@ -60,6 +60,7 @@ public interface DownloadClient {
private DownloadClient.DownloadCallback mCallback;
private DownloadClient.ProgressListener mProgressListener;
private boolean mUseDuplicateLinks;
+ private boolean mOnionRouting;
public DownloadClient build() throws IOException {
if (mUrl == null) {
@@ -70,7 +71,7 @@ public interface DownloadClient {
throw new IllegalStateException("No download callback defined");
}
return new HttpURLConnectionClient(mUrl, mDestination, mProgressListener, mCallback,
- mUseDuplicateLinks);
+ mUseDuplicateLinks, mOnionRouting);
}
public Builder setUrl(String url) {
@@ -97,5 +98,10 @@ public interface DownloadClient {
mUseDuplicateLinks = useDuplicateLinks;
return this;
}
+
+ public Builder setUseOnionRouting(boolean onionRouting) {
+ mOnionRouting = onionRouting;
+ return this;
+ }
}
}
diff --git a/src/org/lineageos/updater/download/HttpURLConnectionClient.java b/src/org/lineageos/updater/download/HttpURLConnectionClient.java
index b9c4b5d..b94fff0 100644
--- a/src/org/lineageos/updater/download/HttpURLConnectionClient.java
+++ b/src/org/lineageos/updater/download/HttpURLConnectionClient.java
@@ -18,12 +18,16 @@ package org.lineageos.updater.download;
import android.os.SystemClock;
import android.util.Log;
+import org.lineageos.updater.misc.Utils;
+
import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.net.HttpURLConnection;
+import java.net.InetSocketAddress;
+import java.net.Proxy;
import java.net.URL;
import java.util.Comparator;
import java.util.List;
@@ -42,6 +46,7 @@ public class HttpURLConnectionClient implements DownloadClient {
private final DownloadClient.ProgressListener mProgressListener;
private final DownloadClient.DownloadCallback mCallback;
private final boolean mUseDuplicateLinks;
+ private final boolean mUseOnionRouting;
private DownloadThread mDownloadThread;
@@ -56,8 +61,14 @@ public class HttpURLConnectionClient implements DownloadClient {
HttpURLConnectionClient(String url, File destination,
DownloadClient.ProgressListener progressListener,
DownloadClient.DownloadCallback callback,
- boolean useDuplicateLinks) throws IOException {
- mClient = (HttpURLConnection) new URL(url).openConnection();
+ boolean useDuplicateLinks, boolean useOnionRouting) throws IOException {
+ mUseOnionRouting = useOnionRouting;
+ if(mUseOnionRouting) {
+ Proxy orbot = new Proxy(Proxy.Type.SOCKS, new InetSocketAddress("127.0.0.1", 9050));
+ mClient = (HttpURLConnection) new URL(url).openConnection(orbot);
+ } else {
+ mClient = (HttpURLConnection) new URL(url).openConnection();
+ }
mDestination = destination;
mProgressListener = progressListener;
mCallback = callback;
@@ -177,7 +188,12 @@ public class HttpURLConnectionClient implements DownloadClient {
private void changeClientUrl(URL newUrl) throws IOException {
String range = mClient.getRequestProperty("Range");
mClient.disconnect();
- mClient = (HttpURLConnection) newUrl.openConnection();
+ if(mUseOnionRouting) {
+ Proxy orbot = new Proxy(Proxy.Type.SOCKS, new InetSocketAddress("127.0.0.1", 9050));
+ mClient = (HttpURLConnection) newUrl.openConnection(orbot);
+ } else {
+ mClient = (HttpURLConnection) newUrl.openConnection();
+ }
if (range != null) {
mClient.setRequestProperty("Range", range);
}
@@ -232,7 +248,7 @@ public class HttpURLConnectionClient implements DownloadClient {
}
Log.d(TAG, "Downloading from " + newUrl);
changeClientUrl(url);
- mClient.setConnectTimeout(5000);
+ mClient.setConnectTimeout(mUseOnionRouting ? 45000 : 5000);
mClient.connect();
if (!isSuccessCode(mClient.getResponseCode())) {
throw new IOException("Server replied with " + mClient.getResponseCode());
@@ -257,6 +273,9 @@ public class HttpURLConnectionClient implements DownloadClient {
public void run() {
boolean justResumed = false;
try {
+ if(mUseOnionRouting) {
+ Utils.waitUntilOrbotIsAvailable();
+ }
mClient.setInstanceFollowRedirects(!mUseDuplicateLinks);
mClient.connect();
int responseCode = mClient.getResponseCode();
diff --git a/src/org/lineageos/updater/misc/Constants.java b/src/org/lineageos/updater/misc/Constants.java
index 6144ed7..37e81d8 100644
--- a/src/org/lineageos/updater/misc/Constants.java
+++ b/src/org/lineageos/updater/misc/Constants.java
@@ -30,6 +30,7 @@ public final class Constants {
public static final String PREF_LAST_UPDATE_CHECK = "last_update_check";
public static final String PREF_AUTO_UPDATES_CHECK_INTERVAL = "auto_updates_check_interval";
+ public static final String PREF_ONION_ROUTING = "onion_routing";
public static final String PREF_AUTO_DELETE_UPDATES = "auto_delete_updates";
public static final String PREF_AB_PERF_MODE = "ab_perf_mode";
public static final String PREF_MOBILE_DATA_WARNING = "pref_mobile_data_warning";
diff --git a/src/org/lineageos/updater/misc/Utils.java b/src/org/lineageos/updater/misc/Utils.java
index 69a5252..2b42726 100644
--- a/src/org/lineageos/updater/misc/Utils.java
+++ b/src/org/lineageos/updater/misc/Utils.java
@@ -44,6 +44,7 @@ import java.io.BufferedReader;
import java.io.File;
import java.io.FileReader;
import java.io.IOException;
+import java.net.Socket;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.HashSet;
@@ -149,11 +150,75 @@ public class Utils {
return updates;
}
+ //Credit: https://stackoverflow.com/a/6758962
+ public static boolean isPackageInstalled(Context context, String packageID) {
+ PackageManager pm = context.getPackageManager();
+ try {
+ pm.getPackageInfo(packageID, PackageManager.GET_META_DATA);
+ } catch(PackageManager.NameNotFoundException e) {
+ return false;
+ }
+ return true;
+ }
+
+ public static boolean isOrbotInstalled(Context context) {
+ return isPackageInstalled(context, "org.torproject.android");
+ }
+
+ public static boolean isOnionRoutingEnabled(Context context) {
+ SharedPreferences preferences = PreferenceManager.getDefaultSharedPreferences(context);
+ return preferences.getBoolean(Constants.PREF_ONION_ROUTING, false);
+ }
+
+ //Credit: OrbotHelper/NetCipher
+ public static void requestStartOrbot(Context context) {
+ Intent intent = new Intent("org.torproject.android.intent.action.START");
+ intent.setPackage("org.torproject.android");
+ intent.putExtra("org.torproject.android.intent.extra.PACKAGE_NAME", context.getPackageName());
+ context.sendBroadcast(intent);
+ }
+
+ //Credit: https://www.geekality.net/2013/04/30/java-simple-check-to-see-if-a-server-is-listening-on-a-port/
+ public static boolean isPortListening(String host, int port) {
+ Socket s = null;
+ try {
+ s = new Socket(host, port);
+ return true;
+ } catch(Exception e) {
+ return false;
+ } finally {
+ if (s != null) {
+ try {
+ s.close();
+ } catch(Exception e1) {
+ }
+ }
+ }
+ }
+
+ public static boolean waitUntilOrbotIsAvailable() {
+ int tries = 0;
+ boolean listening;
+ while(!(listening = isPortListening("127.0.0.1", 9050)) && tries <= 60) {
+ tries++;
+ try {
+ Thread.sleep(1000);
+ } catch(Exception e) {
+
+ }
+ }
+ return listening;
+ }
+
public static String getServerURL(Context context) {
String incrementalVersion = SystemProperties.get(Constants.PROP_BUILD_VERSION_INCREMENTAL);
String device = SystemProperties.get(Constants.PROP_NEXT_DEVICE,
SystemProperties.get(Constants.PROP_DEVICE));
String server = "0OTA_SERVER_CLEARNET0";
+ String serverOnion = "0OTA_SERVER_ONION0";
+ if(serverOnion.toLowerCase().startsWith("http") && isOnionRoutingEnabled(context)) {
+ server = serverOnion;
+ }
return server + "?base=LineageOS&device=" + device + "&inc=" + incrementalVersion;
}

70
Patches/LineageOS-19.1/android_packages_modules_NetworkStack/0001-Random_MAC.patch Normal file
View File

@ -0,0 +1,70 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Pratyush <39559233+empratyush@users.noreply.github.com>
Date: Thu, 20 May 2021 13:21:31 +0530
Subject: [PATCH] avoid reusing DHCP state for full MAC randomization
---
src/android/net/dhcp/DhcpClient.java | 29 +++++++++++++++++++++++++++-
1 file changed, 28 insertions(+), 1 deletion(-)
diff --git a/src/android/net/dhcp/DhcpClient.java b/src/android/net/dhcp/DhcpClient.java
index 8e0e9d34..4876c2f1 100644
--- a/src/android/net/dhcp/DhcpClient.java
+++ b/src/android/net/dhcp/DhcpClient.java
@@ -76,6 +76,9 @@ import android.net.util.HostnameTransliterator;
import android.net.util.InterfaceParams;
import android.net.util.NetworkStackUtils;
import android.net.util.SocketUtils;
+import android.net.wifi.WifiConfiguration;
+import android.net.wifi.WifiInfo;
+import android.net.wifi.WifiManager;
import android.os.Build;
import android.os.Handler;
import android.os.Message;
@@ -116,6 +119,7 @@ import java.net.SocketAddress;
import java.net.SocketException;
import java.nio.ByteBuffer;
import java.util.Arrays;
+import java.util.ArrayList;
import java.util.List;
import java.util.Random;
@@ -1242,7 +1246,7 @@ public class DhcpClient extends StateMachine {
+ " lease expiry: " + attributes.assignedV4AddressExpiry
+ " current time: " + currentTime);
}
- if (currentTime >= attributes.assignedV4AddressExpiry) {
+ if (currentTime >= attributes.assignedV4AddressExpiry || shouldAvoidStateReuse()) {
// Lease has expired.
transitionTo(mDhcpInitState);
return HANDLED;
@@ -1276,6 +1280,29 @@ public class DhcpClient extends StateMachine {
return true;
}
+ private static final int RANDOMIZATION_ALWAYS = 100;
+
+ private boolean shouldAvoidStateReuse() {
+ try {
+ WifiManager wifiManager = (WifiManager) mContext.getSystemService(Context.WIFI_SERVICE);
+ WifiInfo wifiInfo = wifiManager.getConnectionInfo();
+ if (wifiInfo != null) {
+ int connectedNetworkId = wifiInfo.getNetworkId();
+ List<WifiConfiguration> configurationList = wifiManager.getConfiguredNetworks();
+ for (WifiConfiguration configuration : configurationList){
+ if (configuration.networkId == connectedNetworkId){
+ return configuration.macRandomizationSetting == RANDOMIZATION_ALWAYS;
+ }
+ }
+ }
+ } catch (Exception e) {
+ loge(e.getLocalizedMessage(), e);
+ }
+
+ loge("ConfiguredNetworks should contain Connected network id config");
+ return true;
+ }
+
private void receiveOfferOrAckPacket(final DhcpPacket packet, final boolean acceptRapidCommit) {
if (!isValidPacket(packet)) return;

62
Patches/LineageOS-19.1/android_packages_modules_Permission/0002-Network_Permission-1.patch Normal file
View File

@ -0,0 +1,62 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Sat, 22 Jul 2017 21:43:50 -0400
Subject: [PATCH] always treat INTERNET as a runtime permission
ported from 10: 6c4f112dde47f21ce5a583f5bd8b217db6de5c02
---
.../permission/model/AppPermissionGroup.java | 5 +++--
.../permissioncontroller/permission/model/Permission.java | 3 ++-
2 files changed, 5 insertions(+), 3 deletions(-)
diff --git a/PermissionController/src/com/android/permissioncontroller/permission/model/AppPermissionGroup.java b/PermissionController/src/com/android/permissioncontroller/permission/model/AppPermissionGroup.java
index 869ff76ba..cb80394e5 100644
--- a/PermissionController/src/com/android/permissioncontroller/permission/model/AppPermissionGroup.java
+++ b/PermissionController/src/com/android/permissioncontroller/permission/model/AppPermissionGroup.java
@@ -34,6 +34,7 @@ import android.content.pm.PackageManager;
import android.content.pm.PackageManager.NameNotFoundException;
import android.content.pm.PermissionGroupInfo;
import android.content.pm.PermissionInfo;
+import android.Manifest;
import android.os.Build;
import android.os.UserHandle;
import android.permission.PermissionManager;
@@ -872,7 +873,7 @@ public final class AppPermissionGroup implements Comparable<AppPermissionGroup>
boolean wasGranted = permission.isGrantedIncludingAppOp();
- if (mAppSupportsRuntimePermissions) {
+ if (mAppSupportsRuntimePermissions || Manifest.permission.INTERNET.equals(permission.getName())) {
// Do not touch permissions fixed by the system.
if (permission.isSystemFixed()) {
wasAllGranted = false;
@@ -1057,7 +1058,7 @@ public final class AppPermissionGroup implements Comparable<AppPermissionGroup>
break;
}
- if (mAppSupportsRuntimePermissions) {
+ if (mAppSupportsRuntimePermissions || Manifest.permission.INTERNET.equals(permission.getName())) {
// Revoke the permission if needed.
if (permission.isGranted()) {
permission.setGranted(false);
diff --git a/PermissionController/src/com/android/permissioncontroller/permission/model/Permission.java b/PermissionController/src/com/android/permissioncontroller/permission/model/Permission.java
index 49381db2b..3af5241af 100644
--- a/PermissionController/src/com/android/permissioncontroller/permission/model/Permission.java
+++ b/PermissionController/src/com/android/permissioncontroller/permission/model/Permission.java
@@ -18,6 +18,7 @@ package com.android.permissioncontroller.permission.model;
import android.content.pm.PackageManager;
import android.content.pm.PermissionInfo;
+import android.Manifest;
import androidx.annotation.NonNull;
@@ -137,7 +138,7 @@ public final class Permission {
* @return {@code true} if the permission (and the app-op) is granted.
*/
public boolean isGrantedIncludingAppOp() {
- return mGranted && (!affectsAppOp() || isAppOpAllowed()) && !isReviewRequired();
+ return mGranted && (!affectsAppOp() || isAppOpAllowed()) && (!isReviewRequired() || Manifest.permission.INTERNET.equals(mName));
}
public boolean isReviewRequired() {

31
Patches/LineageOS-19.1/android_packages_modules_Permission/0002-Network_Permission-2.patch Normal file
View File

@ -0,0 +1,31 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Fri, 21 Jul 2017 10:29:15 -0400
Subject: [PATCH] add INTERNET permission toggle
ported from 10: a07271ed7e45239369f2ca33496d939d2e9cbd08
---
.../android/permissioncontroller/permission/utils/Utils.java | 3 +++
1 file changed, 3 insertions(+)
diff --git a/PermissionController/src/com/android/permissioncontroller/permission/utils/Utils.java b/PermissionController/src/com/android/permissioncontroller/permission/utils/Utils.java
index 68e31e5b2..79ff02e48 100644
--- a/PermissionController/src/com/android/permissioncontroller/permission/utils/Utils.java
+++ b/PermissionController/src/com/android/permissioncontroller/permission/utils/Utils.java
@@ -24,6 +24,7 @@ import static android.Manifest.permission_group.CONTACTS;
import static android.Manifest.permission_group.LOCATION;
import static android.Manifest.permission_group.MICROPHONE;
import static android.Manifest.permission_group.NEARBY_DEVICES;
+import static android.Manifest.permission_group.NETWORK;
import static android.Manifest.permission_group.PHONE;
import static android.Manifest.permission_group.SENSORS;
import static android.Manifest.permission_group.SMS;
@@ -281,6 +282,8 @@ public final class Utils {
PLATFORM_PERMISSIONS.put(Manifest.permission.BODY_SENSORS, SENSORS);
+ PLATFORM_PERMISSIONS.put(Manifest.permission.INTERNET, NETWORK);
+
PLATFORM_PERMISSION_GROUPS = new ArrayMap<>();
int numPlatformPermissions = PLATFORM_PERMISSIONS.size();
for (int i = 0; i < numPlatformPermissions; i++) {

46
Patches/LineageOS-19.1/android_packages_modules_Permission/0003-Sensors_Permission-1.patch Normal file
View File

@ -0,0 +1,46 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Sat, 7 Oct 2017 15:55:58 -0400
Subject: [PATCH] always treat OTHER_SENSORS as a runtime permission
ported from 10: a1204e6126189810018ff5540858536a1c58ac37
---
.../permission/model/AppPermissionGroup.java | 4 ++--
.../permissioncontroller/permission/model/Permission.java | 2 +-
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/PermissionController/src/com/android/permissioncontroller/permission/model/AppPermissionGroup.java b/PermissionController/src/com/android/permissioncontroller/permission/model/AppPermissionGroup.java
index cb80394e5..a74a63121 100644
--- a/PermissionController/src/com/android/permissioncontroller/permission/model/AppPermissionGroup.java
+++ b/PermissionController/src/com/android/permissioncontroller/permission/model/AppPermissionGroup.java
@@ -873,7 +873,7 @@ public final class AppPermissionGroup implements Comparable<AppPermissionGroup>
boolean wasGranted = permission.isGrantedIncludingAppOp();
- if (mAppSupportsRuntimePermissions || Manifest.permission.INTERNET.equals(permission.getName())) {
+ if (mAppSupportsRuntimePermissions || Manifest.permission.INTERNET.equals(permission.getName()) || Manifest.permission.OTHER_SENSORS.equals(permission.getName())) {
// Do not touch permissions fixed by the system.
if (permission.isSystemFixed()) {
wasAllGranted = false;
@@ -1058,7 +1058,7 @@ public final class AppPermissionGroup implements Comparable<AppPermissionGroup>
break;
}
- if (mAppSupportsRuntimePermissions || Manifest.permission.INTERNET.equals(permission.getName())) {
+ if (mAppSupportsRuntimePermissions || Manifest.permission.INTERNET.equals(permission.getName()) || Manifest.permission.OTHER_SENSORS.equals(permission.getName())) {
// Revoke the permission if needed.
if (permission.isGranted()) {
permission.setGranted(false);
diff --git a/PermissionController/src/com/android/permissioncontroller/permission/model/Permission.java b/PermissionController/src/com/android/permissioncontroller/permission/model/Permission.java
index 3af5241af..f65b75a9c 100644
--- a/PermissionController/src/com/android/permissioncontroller/permission/model/Permission.java
+++ b/PermissionController/src/com/android/permissioncontroller/permission/model/Permission.java
@@ -138,7 +138,7 @@ public final class Permission {
* @return {@code true} if the permission (and the app-op) is granted.
*/
public boolean isGrantedIncludingAppOp() {
- return mGranted && (!affectsAppOp() || isAppOpAllowed()) && (!isReviewRequired() || Manifest.permission.INTERNET.equals(mName));
+ return mGranted && (!affectsAppOp() || isAppOpAllowed()) && (!isReviewRequired() || Manifest.permission.INTERNET.equals(mName) || Manifest.permission.OTHER_SENSORS.equals(mName));
}
public boolean isReviewRequired() {

30
Patches/LineageOS-19.1/android_packages_modules_Permission/0003-Sensors_Permission-2.patch Normal file
View File

@ -0,0 +1,30 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Sat, 7 Oct 2017 15:56:35 -0400
Subject: [PATCH] add OTHER_SENSORS permission group
ported from 10: fc8c816e07ce39583774db8fe668e0505b6aa504
---
.../android/permissioncontroller/permission/utils/Utils.java | 2 ++
1 file changed, 2 insertions(+)
diff --git a/PermissionController/src/com/android/permissioncontroller/permission/utils/Utils.java b/PermissionController/src/com/android/permissioncontroller/permission/utils/Utils.java
index 79ff02e48..fdd04c8c9 100644
--- a/PermissionController/src/com/android/permissioncontroller/permission/utils/Utils.java
+++ b/PermissionController/src/com/android/permissioncontroller/permission/utils/Utils.java
@@ -25,6 +25,7 @@ import static android.Manifest.permission_group.LOCATION;
import static android.Manifest.permission_group.MICROPHONE;
import static android.Manifest.permission_group.NEARBY_DEVICES;
import static android.Manifest.permission_group.NETWORK;
+import static android.Manifest.permission_group.OTHER_SENSORS;
import static android.Manifest.permission_group.PHONE;
import static android.Manifest.permission_group.SENSORS;
import static android.Manifest.permission_group.SMS;
@@ -283,6 +284,7 @@ public final class Utils {
PLATFORM_PERMISSIONS.put(Manifest.permission.BODY_SENSORS, SENSORS);
PLATFORM_PERMISSIONS.put(Manifest.permission.INTERNET, NETWORK);
+ PLATFORM_PERMISSIONS.put(Manifest.permission.OTHER_SENSORS, OTHER_SENSORS);
PLATFORM_PERMISSION_GROUPS = new ArrayMap<>();
int numPlatformPermissions = PLATFORM_PERMISSIONS.size();

110
Patches/LineageOS-19.1/android_packages_modules_Permission/0004-Special_Permission-1.patch Normal file
View File

@ -0,0 +1,110 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: inthewaves <inthewaves@pm.me>
Date: Sat, 12 Sep 2020 15:40:58 -0700
Subject: [PATCH] refactor handling of special runtime permissions
---
.../permission/model/AppPermissionGroup.java | 5 ++---
.../permission/model/Permission.java | 5 +++--
.../permission/utils/Utils.java | 18 ++++++++++++++++++
3 files changed, 23 insertions(+), 5 deletions(-)
diff --git a/PermissionController/src/com/android/permissioncontroller/permission/model/AppPermissionGroup.java b/PermissionController/src/com/android/permissioncontroller/permission/model/AppPermissionGroup.java
index a74a63121..87001d20a 100644
--- a/PermissionController/src/com/android/permissioncontroller/permission/model/AppPermissionGroup.java
+++ b/PermissionController/src/com/android/permissioncontroller/permission/model/AppPermissionGroup.java
@@ -34,7 +34,6 @@ import android.content.pm.PackageManager;
import android.content.pm.PackageManager.NameNotFoundException;
import android.content.pm.PermissionGroupInfo;
import android.content.pm.PermissionInfo;
-import android.Manifest;
import android.os.Build;
import android.os.UserHandle;
import android.permission.PermissionManager;
@@ -873,7 +872,7 @@ public final class AppPermissionGroup implements Comparable<AppPermissionGroup>
boolean wasGranted = permission.isGrantedIncludingAppOp();
- if (mAppSupportsRuntimePermissions || Manifest.permission.INTERNET.equals(permission.getName()) || Manifest.permission.OTHER_SENSORS.equals(permission.getName())) {
+ if (mAppSupportsRuntimePermissions || Utils.isSpecialRuntimePermission(permission.getName())) {
// Do not touch permissions fixed by the system.
if (permission.isSystemFixed()) {
wasAllGranted = false;
@@ -1058,7 +1057,7 @@ public final class AppPermissionGroup implements Comparable<AppPermissionGroup>
break;
}
- if (mAppSupportsRuntimePermissions || Manifest.permission.INTERNET.equals(permission.getName()) || Manifest.permission.OTHER_SENSORS.equals(permission.getName())) {
+ if (mAppSupportsRuntimePermissions || Utils.isSpecialRuntimePermission(permission.getName())) {
// Revoke the permission if needed.
if (permission.isGranted()) {
permission.setGranted(false);
diff --git a/PermissionController/src/com/android/permissioncontroller/permission/model/Permission.java b/PermissionController/src/com/android/permissioncontroller/permission/model/Permission.java
index f65b75a9c..3f17de882 100644
--- a/PermissionController/src/com/android/permissioncontroller/permission/model/Permission.java
+++ b/PermissionController/src/com/android/permissioncontroller/permission/model/Permission.java
@@ -18,10 +18,11 @@ package com.android.permissioncontroller.permission.model;
import android.content.pm.PackageManager;
import android.content.pm.PermissionInfo;
-import android.Manifest;
import androidx.annotation.NonNull;
+import com.android.permissioncontroller.permission.utils.Utils;
+
import java.util.ArrayList;
import java.util.Objects;
@@ -138,7 +139,7 @@ public final class Permission {
* @return {@code true} if the permission (and the app-op) is granted.
*/
public boolean isGrantedIncludingAppOp() {
- return mGranted && (!affectsAppOp() || isAppOpAllowed()) && (!isReviewRequired() || Manifest.permission.INTERNET.equals(mName) || Manifest.permission.OTHER_SENSORS.equals(mName));
+ return mGranted && (!affectsAppOp() || isAppOpAllowed()) && (!isReviewRequired() || Utils.isSpecialRuntimePermission(mName));
}
public boolean isReviewRequired() {
diff --git a/PermissionController/src/com/android/permissioncontroller/permission/utils/Utils.java b/PermissionController/src/com/android/permissioncontroller/permission/utils/Utils.java
index fdd04c8c9..5a309a7de 100644
--- a/PermissionController/src/com/android/permissioncontroller/permission/utils/Utils.java
+++ b/PermissionController/src/com/android/permissioncontroller/permission/utils/Utils.java
@@ -178,6 +178,9 @@ public final class Utils {
*/
public static final long ONE_TIME_PERMISSIONS_TIMEOUT_MILLIS = 1 * 60 * 1000; // 1 minute
+ /** Mapping permission -> group for all special runtime permissions */
+ private static final ArrayMap<String, String> SPECIAL_RUNTIME_PERMISSIONS;
+
/** Mapping permission -> group for all dangerous platform permissions */
private static final ArrayMap<String, String> PLATFORM_PERMISSIONS;
@@ -286,6 +289,10 @@ public final class Utils {
PLATFORM_PERMISSIONS.put(Manifest.permission.INTERNET, NETWORK);
PLATFORM_PERMISSIONS.put(Manifest.permission.OTHER_SENSORS, OTHER_SENSORS);
+ SPECIAL_RUNTIME_PERMISSIONS = new ArrayMap<>();
+ SPECIAL_RUNTIME_PERMISSIONS.put(Manifest.permission.INTERNET, NETWORK);
+ SPECIAL_RUNTIME_PERMISSIONS.put(Manifest.permission.OTHER_SENSORS, OTHER_SENSORS);
+
PLATFORM_PERMISSION_GROUPS = new ArrayMap<>();
int numPlatformPermissions = PLATFORM_PERMISSIONS.size();
for (int i = 0; i < numPlatformPermissions; i++) {
@@ -725,6 +732,17 @@ public final class Utils {
return PLATFORM_PERMISSIONS.containsKey(permission);
}
+ /**
+ * Is the permission a special runtime permission?
+ * These are treated as a runtime permission even for legacy apps. They
+ * need to be granted by default for all apps to maintain compatibility.
+ *
+ * @return whether the permission is a special runtime permission.
+ */
+ public static boolean isSpecialRuntimePermission(@NonNull String permission) {
+ return SPECIAL_RUNTIME_PERMISSIONS.containsKey(permission);
+ }
+
/**
* Should UI show this permission.
*

73
Patches/LineageOS-19.1/android_packages_modules_Permission/0004-Special_Permission-2.patch Normal file
View File

@ -0,0 +1,73 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: inthewaves <inthewaves@pm.me>
Date: Wed, 16 Sep 2020 17:30:37 -0700
Subject: [PATCH] don't auto revoke Network and Sensors
These shouldn't be automatically removed since apps are currently
granted these by default for compatibility. Users have to explicitly
remove them rather than granting them. Apps would need to be aware of
them and request them from the user to treat them like the standard
permissions.
---
.../data/HibernationSettingStateLiveData.kt | 3 ++-
.../permission/service/AutoRevokePermissions.kt | 3 ++-
.../permissioncontroller/permission/utils/Utils.java | 11 +++++++++++
3 files changed, 15 insertions(+), 2 deletions(-)
diff --git a/PermissionController/src/com/android/permissioncontroller/permission/data/HibernationSettingStateLiveData.kt b/PermissionController/src/com/android/permissioncontroller/permission/data/HibernationSettingStateLiveData.kt
index 18686875a..fad5be5b6 100644
--- a/PermissionController/src/com/android/permissioncontroller/permission/data/HibernationSettingStateLiveData.kt
+++ b/PermissionController/src/com/android/permissioncontroller/permission/data/HibernationSettingStateLiveData.kt
@@ -30,6 +30,7 @@ import com.android.permissioncontroller.hibernation.HibernationEnabledLiveData
import com.android.permissioncontroller.hibernation.isHibernationJobEnabled
import com.android.permissioncontroller.hibernation.isPackageHibernationExemptByUser
import com.android.permissioncontroller.hibernation.isPackageHibernationExemptBySystem
+import com.android.permissioncontroller.permission.utils.Utils
import kotlinx.coroutines.Job
/**
@@ -95,7 +96,7 @@ class HibernationSettingStateLiveData private constructor(
permState.permFlags and (FLAG_PERMISSION_GRANTED_BY_DEFAULT or
FLAG_PERMISSION_GRANTED_BY_ROLE) != 0
} ?: false
- if (!default) {
+ if (!default && !Utils.isSpecialRuntimePermissionGroup(groupName)) {
revocableGroups.add(groupName)
}
}
diff --git a/PermissionController/src/com/android/permissioncontroller/permission/service/AutoRevokePermissions.kt b/PermissionController/src/com/android/permissioncontroller/permission/service/AutoRevokePermissions.kt
index d57e79751..4cfa0d38b 100644
--- a/PermissionController/src/com/android/permissioncontroller/permission/service/AutoRevokePermissions.kt
+++ b/PermissionController/src/com/android/permissioncontroller/permission/service/AutoRevokePermissions.kt
@@ -100,7 +100,8 @@ suspend fun revokeAppPermissions(
!group.isGrantedByDefault &&
!group.isGrantedByRole &&
!group.isRevokeWhenRequested &&
- group.isUserSensitive) {
+ group.isUserSensitive &&
+ !Utils.isSpecialRuntimePermissionGroup(groupName)) {
val revocablePermissions = group.permissions.keys.toList()
diff --git a/PermissionController/src/com/android/permissioncontroller/permission/utils/Utils.java b/PermissionController/src/com/android/permissioncontroller/permission/utils/Utils.java
index 5a309a7de..3df07ff43 100644
--- a/PermissionController/src/com/android/permissioncontroller/permission/utils/Utils.java
+++ b/PermissionController/src/com/android/permissioncontroller/permission/utils/Utils.java
@@ -743,6 +743,17 @@ public final class Utils {
return SPECIAL_RUNTIME_PERMISSIONS.containsKey(permission);
}
+ /**
+ * Is the permission group a special runtime permission group?
+ * These are treated as a runtime permission even for legacy apps. They
+ * need to be granted by default for all apps to maintain compatibility.
+ *
+ * @return whether the permission group is a special runtime permission group.
+ */
+ public static boolean isSpecialRuntimePermissionGroup(@NonNull String permissionGroup) {
+ return SPECIAL_RUNTIME_PERMISSIONS.containsValue(permissionGroup);
+ }
+
/**
* Should UI show this permission.
*

30
Patches/LineageOS-19.1/android_packages_modules_Permission/0004-Special_Permission-3.patch Normal file
View File

@ -0,0 +1,30 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Pratyush <codelab@pratyush.dev>
Date: Fri, 15 Oct 2021 08:55:52 +0530
Subject: [PATCH] ui fix for special runtime permission
Toggles were not working correctly for API < 23.
---
.../permissioncontroller/permission/utils/KotlinUtils.kt | 2 ++
1 file changed, 2 insertions(+)
diff --git a/PermissionController/src/com/android/permissioncontroller/permission/utils/KotlinUtils.kt b/PermissionController/src/com/android/permissioncontroller/permission/utils/KotlinUtils.kt
index da93d4f78..96f6e356f 100644
--- a/PermissionController/src/com/android/permissioncontroller/permission/utils/KotlinUtils.kt
+++ b/PermissionController/src/com/android/permissioncontroller/permission/utils/KotlinUtils.kt
@@ -547,6 +547,7 @@ object KotlinUtils {
val pkgInfo = group.packageInfo
val user = UserHandle.getUserHandleForUid(pkgInfo.uid)
val supportsRuntime = pkgInfo.targetSdkVersion >= Build.VERSION_CODES.M
+ || Utils.isSpecialRuntimePermission(perm.name)
val isGrantingAllowed = (!pkgInfo.isInstantApp || perm.isInstantPerm) &&
(supportsRuntime || !perm.isRuntimeOnly)
// Do not touch permissions fixed by the system, or permissions that cannot be granted
@@ -776,6 +777,7 @@ object KotlinUtils {
var newFlags = perm.flags
var isGranted = perm.isGrantedIncludingAppOp
val supportsRuntime = group.packageInfo.targetSdkVersion >= Build.VERSION_CODES.M
+ || Utils.isSpecialRuntimePermission(perm.name)
var shouldKill = false
val affectsAppOp = permissionToOp(perm.name) != null || perm.isBackgroundPermission

41
Patches/LineageOS-19.1/android_packages_modules_Permission/0004-Special_Permission-4.patch Normal file
View File

@ -0,0 +1,41 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Mon, 18 Oct 2021 03:23:42 -0400
Subject: [PATCH] fix usage UI summary for Network/Sensors
---
PermissionController/res/values/strings.xml | 3 +++
.../ui/handheld/PermissionUsageV2ControlPreference.java | 6 +++++-
2 files changed, 8 insertions(+), 1 deletion(-)
diff --git a/PermissionController/res/values/strings.xml b/PermissionController/res/values/strings.xml
index 7a086816d..8799a54bd 100644
--- a/PermissionController/res/values/strings.xml
+++ b/PermissionController/res/values/strings.xml
@@ -450,6 +450,9 @@
<item quantity="other"><xliff:g id="number" example="7">%s</xliff:g> apps</item>
</plurals>
+ <!-- Summary text if tracking permission usage is not supported [CHAR LIMIT=60] -->
+ <string name="permission_usage_preference_summary_not_supported">Tracking usage not yet supported</string>
+
<!-- Summary text if a permission usage is not used [CHAR LIMIT=60] -->
<string name="permission_usage_preference_summary_not_used">Not used in past 24 hours</string>
diff --git a/PermissionController/src/com/android/permissioncontroller/permission/ui/handheld/PermissionUsageV2ControlPreference.java b/PermissionController/src/com/android/permissioncontroller/permission/ui/handheld/PermissionUsageV2ControlPreference.java
index 794c760d1..6d5eaebe2 100644
--- a/PermissionController/src/com/android/permissioncontroller/permission/ui/handheld/PermissionUsageV2ControlPreference.java
+++ b/PermissionController/src/com/android/permissioncontroller/permission/ui/handheld/PermissionUsageV2ControlPreference.java
@@ -72,7 +72,11 @@ public class PermissionUsageV2ControlPreference extends Preference {
if (mCount == 0) {
this.setEnabled(false);
- setSummary(R.string.permission_usage_preference_summary_not_used);
+ if (groupName.equals(Manifest.permission_group.NETWORK) || groupName.equals(Manifest.permission_group.OTHER_SENSORS)) {
+ setSummary(R.string.permission_usage_preference_summary_not_supported);
+ } else {
+ setSummary(R.string.permission_usage_preference_summary_not_used);
+ }
} else if (SENSOR_DATA_PERMISSIONS.contains(groupName)) {
setOnPreferenceClickListener((preference) -> {
Intent intent = new Intent(Intent.ACTION_REVIEW_PERMISSION_HISTORY);

44
Patches/LineageOS-19.1/android_packages_modules_Permission/0005-Browser_No_Location.patch Normal file
View File

@ -0,0 +1,44 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Tue, 19 Oct 2021 08:17:55 -0400
Subject: [PATCH] stop auto-granting location to system browsers
---
.../role/model/BrowserRoleBehavior.java | 17 -----------------
1 file changed, 17 deletions(-)
diff --git a/PermissionController/src/com/android/permissioncontroller/role/model/BrowserRoleBehavior.java b/PermissionController/src/com/android/permissioncontroller/role/model/BrowserRoleBehavior.java
index d359fc4ae..9765432ea 100644
--- a/PermissionController/src/com/android/permissioncontroller/role/model/BrowserRoleBehavior.java
+++ b/PermissionController/src/com/android/permissioncontroller/role/model/BrowserRoleBehavior.java
@@ -52,11 +52,6 @@ public class BrowserRoleBehavior implements RoleBehavior {
.addCategory(Intent.CATEGORY_BROWSABLE)
.setData(Uri.fromParts("http", "", null));
- private static final List<String> SYSTEM_BROWSER_PERMISSIONS = Arrays.asList(
- android.Manifest.permission.ACCESS_COARSE_LOCATION,
- android.Manifest.permission.ACCESS_FINE_LOCATION
- );
-
@Nullable
@Override
public String getFallbackHolder(@NonNull Role role, @NonNull Context context) {
@@ -130,18 +125,6 @@ public class BrowserRoleBehavior implements RoleBehavior {
return new ArrayList<>(packageNames);
}
- @Override
- public void grant(@NonNull Role role, @NonNull String packageName, @NonNull Context context) {
- // @see com.android.server.pm.permission.DefaultPermissionGrantPolicy
- // #grantDefaultPermissionsToDefaultBrowser(java.lang.String, int)
- if (SdkLevel.isAtLeastS()) {
- if (PackageUtils.isSystemPackage(packageName, context)) {
- Permissions.grant(packageName, SYSTEM_BROWSER_PERMISSIONS, false, false, false,
- true, false, context);
- }
- }
- }
-
@Override
public boolean isVisibleAsUser(@NonNull Role role, @NonNull UserHandle user,
@NonNull Context context) {

25
Patches/LineageOS-19.1/android_packages_modules_Permission/0006-Location_Indicators.patch Normal file
View File

@ -0,0 +1,25 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Sun, 17 Oct 2021 22:53:22 -0400
Subject: [PATCH] SystemUI: Use new privacy indicators for location
Android has had location indicators for a while, but let's use the new
privacy indicator infrastructure for displaying them. This makes them
integrate better with the new camera and microphone indicators.
---
.../permission/ui/handheld/dashboard/Utils.kt | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/PermissionController/src/com/android/permissioncontroller/permission/ui/handheld/dashboard/Utils.kt b/PermissionController/src/com/android/permissioncontroller/permission/ui/handheld/dashboard/Utils.kt
index 29fa50ae3..72cb2eb2f 100644
--- a/PermissionController/src/com/android/permissioncontroller/permission/ui/handheld/dashboard/Utils.kt
+++ b/PermissionController/src/com/android/permissioncontroller/permission/ui/handheld/dashboard/Utils.kt
@@ -91,7 +91,7 @@ fun shouldShowCameraMicIndicators(): Boolean {
*/
fun isLocationIndicatorsFlagEnabled(): Boolean {
return DeviceConfig.getBoolean(DeviceConfig.NAMESPACE_PRIVACY,
- PROPERTY_LOCATION_INDICATORS_ENABLED, false)
+ PROPERTY_LOCATION_INDICATORS_ENABLED, true)
}
/**

103
Patches/LineageOS-19.1/android_packages_modules_Wifi/0001-Random_MAC.patch Normal file
View File

@ -0,0 +1,103 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: renlord <me@renlord.com>
Date: Fri, 15 Oct 2021 19:28:34 +0530
Subject: [PATCH] add option of always randomizing MAC addresses
---
framework/api/system-current.txt | 1 +
.../java/android/net/wifi/WifiConfiguration.java | 16 ++++++++++++----
.../android/server/wifi/WifiConfigManager.java | 7 ++++++-
.../server/wifi/WifiConfigurationUtil.java | 2 +-
4 files changed, 20 insertions(+), 6 deletions(-)
diff --git a/framework/api/system-current.txt b/framework/api/system-current.txt
index dda74810f..855a5c53d 100644
--- a/framework/api/system-current.txt
+++ b/framework/api/system-current.txt
@@ -380,6 +380,7 @@ package android.net.wifi {
field @Deprecated public static final int METERED_OVERRIDE_METERED = 1; // 0x1
field @Deprecated public static final int METERED_OVERRIDE_NONE = 0; // 0x0
field @Deprecated public static final int METERED_OVERRIDE_NOT_METERED = 2; // 0x2
+ field @Deprecated public static final int RANDOMIZATION_ALWAYS = 100; // 0x64
field @Deprecated public static final int RANDOMIZATION_AUTO = 3; // 0x3
field @Deprecated public static final int RANDOMIZATION_NONE = 0; // 0x0
field @Deprecated public static final int RANDOMIZATION_NON_PERSISTENT = 2; // 0x2
diff --git a/framework/java/android/net/wifi/WifiConfiguration.java b/framework/java/android/net/wifi/WifiConfiguration.java
index 924cd3345..fa96b73c0 100644
--- a/framework/java/android/net/wifi/WifiConfiguration.java
+++ b/framework/java/android/net/wifi/WifiConfiguration.java
@@ -1641,7 +1641,8 @@ public class WifiConfiguration implements Parcelable {
RANDOMIZATION_NONE,
RANDOMIZATION_PERSISTENT,
RANDOMIZATION_NON_PERSISTENT,
- RANDOMIZATION_AUTO})
+ RANDOMIZATION_AUTO,
+ RANDOMIZATION_ALWAYS})
public @interface MacRandomizationSetting {}
/**
@@ -1672,16 +1673,23 @@ public class WifiConfiguration implements Parcelable {
@SystemApi
public static final int RANDOMIZATION_AUTO = 3;
+ /**
+ * @hide
+ * Generate a randomize MAC always
+ */
+ @SystemApi
+ public static final int RANDOMIZATION_ALWAYS = 100;
+
/**
* Level of MAC randomization for this network.
* One of {@link #RANDOMIZATION_NONE}, {@link #RANDOMIZATION_AUTO},
- * {@link #RANDOMIZATION_PERSISTENT} or {@link #RANDOMIZATION_NON_PERSISTENT}.
- * By default this field is set to {@link #RANDOMIZATION_AUTO}.
+ * {@link #RANDOMIZATION_PERSISTENT} or {@link #RANDOMIZATION_NON_PERSISTENT} or RANDOMIZATION_ALWAYS.
+ * By default this field is set to RANDOMIZATION_ALWAYS in GrapheneOS.
* @hide
*/
@SystemApi
@MacRandomizationSetting
- public int macRandomizationSetting = RANDOMIZATION_AUTO;
+ public int macRandomizationSetting = RANDOMIZATION_ALWAYS;
/**
* Randomized MAC address to use with this particular network
diff --git a/service/java/com/android/server/wifi/WifiConfigManager.java b/service/java/com/android/server/wifi/WifiConfigManager.java
index 1c87eb2fa..9032bfb54 100644
--- a/service/java/com/android/server/wifi/WifiConfigManager.java
+++ b/service/java/com/android/server/wifi/WifiConfigManager.java
@@ -431,6 +431,10 @@ public class WifiConfigManager {
return false;
}
+ if (config.macRandomizationSetting == WifiConfiguration.RANDOMIZATION_ALWAYS) {
+ return true;
+ }
+
// Use enhanced randomization if it's forced on by dev option
if (mFrameworkFacade.getIntegerSetting(mContext,
ENHANCED_MAC_RANDOMIZATION_FEATURE_FORCE_ENABLE_FLAG, 0) == 1) {
@@ -580,7 +584,8 @@ public class WifiConfigManager {
private MacAddress updateRandomizedMacIfNeeded(WifiConfiguration config) {
boolean shouldUpdateMac = config.randomizedMacExpirationTimeMs
< mClock.getWallClockMillis() || mClock.getWallClockMillis()
- - config.randomizedMacLastModifiedTimeMs >= ENHANCED_MAC_REFRESH_MS_MAX;
+ - config.randomizedMacLastModifiedTimeMs >= ENHANCED_MAC_REFRESH_MS_MAX ||
+ config.macRandomizationSetting == WifiConfiguration.RANDOMIZATION_ALWAYS;
if (!shouldUpdateMac) {
return config.getRandomizedMacAddress();
}
diff --git a/service/java/com/android/server/wifi/WifiConfigurationUtil.java b/service/java/com/android/server/wifi/WifiConfigurationUtil.java
index 5e0db72f6..f63ccb32d 100644
--- a/service/java/com/android/server/wifi/WifiConfigurationUtil.java
+++ b/service/java/com/android/server/wifi/WifiConfigurationUtil.java
@@ -225,7 +225,7 @@ public class WifiConfigurationUtil {
public static boolean hasMacRandomizationSettingsChanged(WifiConfiguration existingConfig,
WifiConfiguration newConfig) {
if (existingConfig == null) {
- return newConfig.macRandomizationSetting != WifiConfiguration.RANDOMIZATION_AUTO;
+ return newConfig.macRandomizationSetting != WifiConfiguration.RANDOMIZATION_ALWAYS;
}
return newConfig.macRandomizationSetting != existingConfig.macRandomizationSetting;
}

21
Patches/LineageOS-19.1/android_packages_providers_DownloadProvider/0001-Network_Permission.patch Normal file
View File

@ -0,0 +1,21 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Sun, 6 Aug 2017 08:19:36 -0400
Subject: [PATCH] remove legacy NETWORK permission group reference
---
AndroidManifest.xml | 1 -
1 file changed, 1 deletion(-)
diff --git a/AndroidManifest.xml b/AndroidManifest.xml
index 43cf258e..dfce071d 100644
--- a/AndroidManifest.xml
+++ b/AndroidManifest.xml
@@ -29,7 +29,6 @@
<!-- Allows to queue downloads without a notification shown while the download runs. -->
<permission android:name="android.permission.DOWNLOAD_WITHOUT_NOTIFICATION"
- android:permissionGroup="android.permission-group.NETWORK"
android:label="@string/permlab_downloadWithoutNotification"
android:description="@string/permdesc_downloadWithoutNotification"
android:protectionLevel="normal"/>

25
Patches/LineageOS-19.1/android_system_bt/0001-alloc_size.patch Normal file
View File

@ -0,0 +1,25 @@
From 3ee1dde662b9b42c1a344fc9c6613b12e96b80cf Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Sat, 1 Jul 2017 13:21:18 -0400
Subject: [PATCH] add alloc_size attributes to the allocator
This results in expanded _FORTIFY_SOURCE coverage.
---
osi/include/allocator.h | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/osi/include/allocator.h b/osi/include/allocator.h
index 3a4141f384..4fa059eb14 100644
--- a/osi/include/allocator.h
+++ b/osi/include/allocator.h
@@ -37,8 +37,8 @@ extern const allocator_t allocator_calloc;
char* osi_strdup(const char* str);
char* osi_strndup(const char* str, size_t len);
-void* osi_malloc(size_t size);
-void* osi_calloc(size_t size);
+void* osi_malloc(size_t size) __attribute__((alloc_size(1)));
+void* osi_calloc(size_t size) __attribute__((alloc_size(1)));
void osi_free(void* ptr);
// Free a buffer that was previously allocated with function |osi_malloc|

60
Patches/LineageOS-19.1/android_system_core/0001-Harden.patch Normal file
View File

@ -0,0 +1,60 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Mon, 12 Feb 2018 03:29:58 -0500
Subject: [PATCH] Harden
Change-Id: I46e3fc4ac896a509ab8ca90ae4ce09b820da434b
[tad@spotco.us]: added protected fifos and regular from newer GrapheneOS patches
[tad@spotco.us]: added IPv6 privacy options TODO split into another patch
---
init/first_stage_init.cpp | 6 +++---
rootdir/init.rc | 11 +++++++++++
2 files changed, 14 insertions(+), 3 deletions(-)
diff --git a/init/first_stage_init.cpp b/init/first_stage_init.cpp
index c7b7b0c13..3ccacf56e 100644
--- a/init/first_stage_init.cpp
+++ b/init/first_stage_init.cpp
@@ -202,9 +202,9 @@ int FirstStageMain(int argc, char** argv) {
CHECKCALL(mkdir("/dev/pts", 0755));
CHECKCALL(mkdir("/dev/socket", 0755));
CHECKCALL(mkdir("/dev/dm-user", 0755));
- CHECKCALL(mount("devpts", "/dev/pts", "devpts", 0, NULL));
+ CHECKCALL(mount("devpts", "/dev/pts", "devpts", MS_NOSUID|MS_NOEXEC, NULL));
#define MAKE_STR(x) __STRING(x)
- CHECKCALL(mount("proc", "/proc", "proc", 0, "hidepid=2,gid=" MAKE_STR(AID_READPROC)));
+ CHECKCALL(mount("proc", "/proc", "proc", MS_NOSUID|MS_NODEV|MS_NOEXEC, "hidepid=2,gid=" MAKE_STR(AID_READPROC)));
#undef MAKE_STR
// Don't expose the raw commandline to unprivileged processes.
CHECKCALL(chmod("/proc/cmdline", 0440));
@@ -216,7 +216,7 @@ int FirstStageMain(int argc, char** argv) {
android::base::ReadFileToString("/proc/bootconfig", &bootconfig);
gid_t groups[] = {AID_READPROC};
CHECKCALL(setgroups(arraysize(groups), groups));
- CHECKCALL(mount("sysfs", "/sys", "sysfs", 0, NULL));
+ CHECKCALL(mount("sysfs", "/sys", "sysfs", MS_NOSUID|MS_NODEV|MS_NOEXEC, NULL));
CHECKCALL(mount("selinuxfs", "/sys/fs/selinux", "selinuxfs", 0, NULL));
CHECKCALL(mknod("/dev/kmsg", S_IFCHR | 0600, makedev(1, 11)));
diff --git a/rootdir/init.rc b/rootdir/init.rc
index 5116c0fea..08e8938cb 100644
--- a/rootdir/init.rc
+++ b/rootdir/init.rc
@@ -296,6 +296,17 @@ on init
write /proc/sys/kernel/sched_wakeup_granularity_ns 2000000
write /proc/sys/kernel/sched_child_runs_first 0
+ write /proc/sys/kernel/dmesg_restrict 1
+ write /proc/sys/fs/protected_hardlinks 1
+ write /proc/sys/fs/protected_symlinks 1
+ write /proc/sys/fs/protected_fifos 1
+ write /proc/sys/fs/protected_regular 1
+ write /proc/sys/net/ipv6/conf/all/use_tempaddr 2
+ write /proc/sys/net/ipv6/conf/all/max_addresses 128
+ write /proc/sys/net/ipv6/conf/all/temp_prefered_lft 21600
+ write /proc/sys/net/ipv6/conf/default/use_tempaddr 2
+ write /proc/sys/net/ipv6/conf/default/max_addresses 128
+ write /proc/sys/net/ipv6/conf/default/temp_prefered_lft 21600
write /proc/sys/kernel/randomize_va_space 2
write /proc/sys/vm/mmap_min_addr 32768
write /proc/sys/net/ipv4/ping_group_range "0 2147483647"

27
Patches/LineageOS-19.1/android_system_core/0002-ptrace_scope.patch Normal file
View File

@ -0,0 +1,27 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: flawedworld <38294951+flawedworld@users.noreply.github.com>
Date: Mon, 5 Apr 2021 03:02:51 +0100
Subject: [PATCH] add a property for controlling ptrace_scope
Signed-off-by: anupritaisno1 <www.anuprita804@gmail.com>
---
rootdir/init.rc | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/rootdir/init.rc b/rootdir/init.rc
index 08e8938cb..1617822a9 100644
--- a/rootdir/init.rc
+++ b/rootdir/init.rc
@@ -1174,6 +1174,12 @@ on property:perf.drop_caches=3
on property:net.tcp_def_init_rwnd=*
write /proc/sys/net/ipv4/tcp_default_init_rwnd ${net.tcp_def_init_rwnd}
+on property:persist.native_debug=true
+ write /proc/sys/kernel/yama/ptrace_scope 0
+
+on property:persist.native_debug=false
+ write /proc/sys/kernel/yama/ptrace_scope 2
+
# perf_event_open syscall security:
# Newer kernels have the ability to control the use of the syscall via SELinux
# hooks. init tests for this, and sets sys_init.perf_lsm_hooks to 1 if the

23
Patches/LineageOS-19.1/android_system_core/0003-HM-Increase_vm_mmc.patch Normal file
View File

@ -0,0 +1,23 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Thu, 13 Dec 2018 09:26:25 -0500
Subject: [PATCH] increase max_map_count for hardened malloc
Signed-off-by: anupritaisno1 <www.anuprita804@gmail.com>
---
rootdir/init.rc | 2 ++
1 file changed, 2 insertions(+)
diff --git a/rootdir/init.rc b/rootdir/init.rc
index 1617822a9..3ae6ff654 100644
--- a/rootdir/init.rc
+++ b/rootdir/init.rc
@@ -1035,6 +1035,8 @@ on boot
mkdir /dev/sys/block/by-name 0755 system system
symlink /sys/devices/virtual/block/${dev.mnt.blk.data} /dev/sys/block/by-name/userdata
+ write /proc/sys/vm/max_map_count 1048576
+
# F2FS tuning. Set cp_interval larger than dirty_expire_centisecs, 30 secs,
# to avoid power consumption when system becomes mostly idle. Be careful
# to make it too large, since it may bring userdata loss, if they

38
Patches/LineageOS-19.1/android_system_extras/0001-ext4_pad_filenames.patch Normal file
View File

@ -0,0 +1,38 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Wed, 9 Sep 2020 01:53:11 -0400
Subject: [PATCH] pad filenames to 32 bytes instead of 16 or 4 bytes
This was adopted before the earliest stable release of GrapheneOS, so
backwards compatibility is not implemented anymore.
Signed-off-by: anupritaisno1 <www.anuprita804@gmail.com>
---
libfscrypt/fscrypt.cpp | 14 ++------------
1 file changed, 2 insertions(+), 12 deletions(-)
diff --git a/libfscrypt/fscrypt.cpp b/libfscrypt/fscrypt.cpp
index f6e97f11..b9cd7004 100644
--- a/libfscrypt/fscrypt.cpp
+++ b/libfscrypt/fscrypt.cpp
@@ -226,18 +226,8 @@ bool ParseOptionsForApiLevel(unsigned int first_api_level, const std::string& op
}
}
- // In the original setting of v1 policies and AES-256-CTS we used 4-byte
- // padding of filenames, so retain that on old first_api_levels.
- //
- // For everything else, use 16-byte padding. This is more secure (it helps
- // hide the length of filenames), and it makes the inputs evenly divisible
- // into cipher blocks which is more efficient for encryption and decryption.
- if (first_api_level <= __ANDROID_API_Q__ && options->version == 1 &&
- options->filenames_mode == FSCRYPT_MODE_AES_256_CTS) {
- options->flags |= FSCRYPT_POLICY_FLAGS_PAD_4;
- } else {
- options->flags |= FSCRYPT_POLICY_FLAGS_PAD_16;
- }
+ // GrapheneOS has always used the maximum 32 byte padding.
+ options->flags |= FSCRYPT_POLICY_FLAGS_PAD_32;
// Use DIRECT_KEY for Adiantum, since it's much more efficient but just as
// secure since Android doesn't reuse the same master key for multiple

31
Patches/LineageOS-19.1/android_system_netd/0001-Network_Permission.patch Normal file
View File

@ -0,0 +1,31 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Pratyush <codelab@pratyush.dev>
Date: Thu, 12 Aug 2021 00:15:25 +0530
Subject: [PATCH] use uid instead of app id for tracking INTERNET permission
Change-Id: Ibec846480f3b440b5a323c86efa95c2fd1d81284
---
bpf_progs/netd.c | 10 ++--------
1 file changed, 2 insertions(+), 8 deletions(-)
diff --git a/bpf_progs/netd.c b/bpf_progs/netd.c
index e9e1477f..df60a59f 100644
--- a/bpf_progs/netd.c
+++ b/bpf_progs/netd.c
@@ -349,14 +349,8 @@ DEFINE_BPF_PROG_KVER("cgroupsock/inet/create", AID_ROOT, AID_ROOT, inet_socket_c
KVER(4, 14, 0))
(struct bpf_sock* sk) {
uint64_t gid_uid = bpf_get_current_uid_gid();
- /*
- * A given app is guaranteed to have the same app ID in all the profiles in
- * which it is installed, and install permission is granted to app for all
- * user at install time so we only check the appId part of a request uid at
- * run time. See UserHandle#isSameApp for detail.
- */
- uint32_t appId = (gid_uid & 0xffffffff) % PER_USER_RANGE;
- uint8_t* permissions = bpf_uid_permission_map_lookup_elem(&appId);
+ uint32_t uid = (gid_uid & 0xffffffff);
+ uint8_t* permissions = bpf_uid_permission_map_lookup_elem(&uid);
if (!permissions) {
// UID not in map. Default to just INTERNET permission.
return 1;

Some files were not shown because too many files have changed in this diff Show More