From 3efd056bfdb7ab9b3e1917ad1138a083298afcd1 Mon Sep 17 00:00:00 2001 From: Tad Date: Sun, 13 May 2018 20:32:29 -0400 Subject: [PATCH] Tweaks --- Misc/Features/CaptivePortalCheck.txt | 33 +++++++++++++++++++ .../android_kernel_google_marlin.sh | 6 +--- Scripts/LineageOS-15.1/Overclock.sh | 2 +- Scripts/LineageOS-15.1/Patch.sh | 2 +- TODO | 5 ++- 5 files changed, 38 insertions(+), 10 deletions(-) create mode 100644 Misc/Features/CaptivePortalCheck.txt diff --git a/Misc/Features/CaptivePortalCheck.txt b/Misc/Features/CaptivePortalCheck.txt new file mode 100644 index 00000000..51024e24 --- /dev/null +++ b/Misc/Features/CaptivePortalCheck.txt @@ -0,0 +1,33 @@ +Android needs to be able to determine if there is a captive portal on the network or if a network has Internet connectivity at all +To do so it polls a server on every connection and also periodically +This is a privacy issue. + +There are multiple solutions: + - Use the default Google gen204 endpoint + - Google is not the most privacy friendly + - Disable the checks + - Would confuse users when behind a captive portal + + Would potentially save a small amount of battery + - Use our own gen204 endpoint + - Not everyone will trust us (even if they're running our code) + - Randomly choose between many different endpoints + - We'd need permission + + Would be the best + + Would limit one actor from knowing all + - If a maintainer wants us to stop using theirs it'd take a while since not everyone updates instantly + - If a maintainer blocked it, it'd cause issues (no Internet symbol when there is) + +List of known connectivity check endpoints + + DivestOS - 204 - http://divestos.xyz/gen204.php + - Google - 204 - https://www.google.com/generate_204 + - Google - 204 - http://connectivitycheck.gstatic.com/generate_204 + - Google - 204 - http://www.google.com/gen_204 + - Google - 204 - http://play.googleapis.com/generate_204 + + openSUSE - 204 - http://conncheck.opensuse.org + + Ubuntu - 204 - http://connectivity-check.ubuntu.com + Non 204 + - Apple - Success - http://captive.apple.com + + Arch - 404 - http://www.archlinux.org/check_network_status.txt + + Fedora - OK - http://fedoraproject.org/static/hotspot.txt + + Gnome - "NetworkManager is online" - http://nmcheck.gnome.org/check_network_status.txt + + Mozilla - success - http://detectportal.firefox.com/success.txt diff --git a/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_google_marlin.sh b/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_google_marlin.sh index 0dda11fc..c4d9e5a4 100644 --- a/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_google_marlin.sh +++ b/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_google_marlin.sh @@ -72,7 +72,6 @@ git apply $cvePatchesLinux/CVE-2017-11034/ANY/0001.patch git apply $cvePatchesLinux/CVE-2017-14883/ANY/0001.patch git apply $cvePatchesLinux/CVE-2017-15115/ANY/0001.patch git apply $cvePatchesLinux/CVE-2017-15649/ANY/0002.patch -git apply $cvePatchesLinux/CVE-2017-15842/ANY/0001.patch git apply $cvePatchesLinux/CVE-2017-16525/^4.13/0002.patch git apply $cvePatchesLinux/CVE-2017-16526/^4.13/0001.patch git apply $cvePatchesLinux/CVE-2017-16532/^4.13/0001.patch @@ -80,7 +79,6 @@ git apply $cvePatchesLinux/CVE-2017-16535/^4.13/0001.patch git apply $cvePatchesLinux/CVE-2017-16537/^4.13/0001.patch git apply $cvePatchesLinux/CVE-2017-16538/^4.13/0001.patch git apply $cvePatchesLinux/CVE-2017-16538/^4.13/0002.patch -git apply $cvePatchesLinux/CVE-2017-16643/3.5+/0001.patch git apply $cvePatchesLinux/CVE-2017-16645/ANY/0001.patch git apply $cvePatchesLinux/CVE-2017-16646/ANY/0001.patch git apply $cvePatchesLinux/CVE-2017-16650/ANY/0001.patch @@ -97,8 +95,6 @@ git apply $cvePatchesLinux/CVE-2017-6348/^4.9/0001.patch git apply $cvePatchesLinux/CVE-2017-7371/3.18/0001.patch git apply $cvePatchesLinux/CVE-2017-7372/ANY/0001.patch git apply $cvePatchesLinux/CVE-2017-9707/ANY/0001.patch -git apply $cvePatchesLinux/CVE-2018-5848/ANY/0001.patch -git apply $cvePatchesLinux/CVE-2018-5849/ANY/0001.patch git apply $cvePatchesLinux/Untracked/ANY/0002-ozwpan-Use-unsigned-ints-to-prevent-heap-overflow.patch git apply $cvePatchesLinux/Untracked/ANY/0005-tcp-fix-zero-cwnd-in-tcp_cwnd_reduction.patch git apply $cvePatchesLinux/CVE-2016-5853/3.18/0002.patch @@ -107,5 +103,5 @@ git apply $cvePatchesLinux/CVE-2016-6696/ANY/0001.patch git apply $cvePatchesLinux/CVE-2017-0610/ANY/0001.patch git apply $cvePatchesLinux/CVE-2017-0750/ANY/0001.patch git apply $cvePatchesLinux/CVE-2017-14883/ANY/0001.patch -editKernelLocalversion "-dos.p107" +editKernelLocalversion "-dos.p103" cd $base diff --git a/Scripts/LineageOS-15.1/Overclock.sh b/Scripts/LineageOS-15.1/Overclock.sh index c4b588c1..96f6f36f 100644 --- a/Scripts/LineageOS-15.1/Overclock.sh +++ b/Scripts/LineageOS-15.1/Overclock.sh @@ -48,7 +48,7 @@ patch -p1 < $patches"android_kernel_lge_mako/0003-Overclock.patch"; patch -p1 < $patches"android_kernel_lge_mako/0004-Overclock.patch"; patch -p1 < $patches"android_kernel_lge_mako/0005-Overclock.patch"; echo "CONFIG_LOW_CPUCLOCKS=y" >> arch/arm/configs/lineageos_mako_defconfig; #384Mhz -> 81Mhz -echo "CONFIG_CPU_OVERCLOCK=y" >> arch/arm/configs/lineageos_mako_defconfig; #1.51Ghz -> 1.7Ghz =+0.90Ghz +echo "CONFIG_CPU_OVERCLOCK=y" >> arch/arm/configs/lineageos_mako_defconfig; #1.51Ghz -> 1.70Ghz =+0.90Ghz #echo "CPU_OVERCLOCK_ULTRA=y" >> arch/arm/configs/lineageos_mako_defconfig; #1.51Ghz -> 1.94Ghz =+1.72Ghz XXX: Causes excessive throttling #enter "kernel/lge/msm8992"; diff --git a/Scripts/LineageOS-15.1/Patch.sh b/Scripts/LineageOS-15.1/Patch.sh index b206b985..70cc2aba 100755 --- a/Scripts/LineageOS-15.1/Patch.sh +++ b/Scripts/LineageOS-15.1/Patch.sh @@ -70,7 +70,7 @@ enterAndClear "device/qcom/sepolicy"; patch -p1 < $patches"android_device_qcom_sepolicy/0001-Camera_Fix.patch"; #Fix camera on -user builds XXX: REMOVE THIS TRASH enterAndClear "external/svox"; -git revert 1419d63b4889a26d22443fd8df1f9073bf229d3d; #Add back makefiles +git revert 1419d63b4889a26d22443fd8df1f9073bf229d3d; #Add back Makefiles enterAndClear "frameworks/base"; #git revert https://review.lineageos.org/#/c/202875/ #re-enable doze on devices without gms diff --git a/TODO b/TODO index 5e4f7f50..969189df 100644 --- a/TODO +++ b/TODO @@ -1,9 +1,9 @@ -Last updated: 2018-04-29 +Last updated: 2018-05-13 High Priority (Release blockers) Build - Automate incremental update generation - - Replace HOSTS file with a minimal one, and ship DNS66 + - Update HOSTS file Project - Create cryptocurrency addresses - Setup Stripe @@ -35,7 +35,6 @@ Medium Priority Website - Cache updater and device page outputs using (PHP)Redis - Create a 'Technical Docs' page - - Replace the site with a no-JS required version - Switch from Shadow to Piwik - Update Terms of Service and Privacy Policy