This commit is contained in:
Tad 2018-05-13 20:32:29 -04:00
parent dd340b087e
commit 3efd056bfd
5 changed files with 38 additions and 10 deletions

View File

@ -0,0 +1,33 @@
Android needs to be able to determine if there is a captive portal on the network or if a network has Internet connectivity at all
To do so it polls a server on every connection and also periodically
This is a privacy issue.
There are multiple solutions:
- Use the default Google gen204 endpoint
- Google is not the most privacy friendly
- Disable the checks
- Would confuse users when behind a captive portal
+ Would potentially save a small amount of battery
- Use our own gen204 endpoint
- Not everyone will trust us (even if they're running our code)
- Randomly choose between many different endpoints
- We'd need permission
+ Would be the best
+ Would limit one actor from knowing all
- If a maintainer wants us to stop using theirs it'd take a while since not everyone updates instantly
- If a maintainer blocked it, it'd cause issues (no Internet symbol when there is)
List of known connectivity check endpoints
+ DivestOS - 204 - http://divestos.xyz/gen204.php
- Google - 204 - https://www.google.com/generate_204
- Google - 204 - http://connectivitycheck.gstatic.com/generate_204
- Google - 204 - http://www.google.com/gen_204
- Google - 204 - http://play.googleapis.com/generate_204
+ openSUSE - 204 - http://conncheck.opensuse.org
+ Ubuntu - 204 - http://connectivity-check.ubuntu.com
Non 204
- Apple - Success - http://captive.apple.com
+ Arch - 404 - http://www.archlinux.org/check_network_status.txt
+ Fedora - OK - http://fedoraproject.org/static/hotspot.txt
+ Gnome - "NetworkManager is online" - http://nmcheck.gnome.org/check_network_status.txt
+ Mozilla - success - http://detectportal.firefox.com/success.txt

View File

@ -72,7 +72,6 @@ git apply $cvePatchesLinux/CVE-2017-11034/ANY/0001.patch
git apply $cvePatchesLinux/CVE-2017-14883/ANY/0001.patch git apply $cvePatchesLinux/CVE-2017-14883/ANY/0001.patch
git apply $cvePatchesLinux/CVE-2017-15115/ANY/0001.patch git apply $cvePatchesLinux/CVE-2017-15115/ANY/0001.patch
git apply $cvePatchesLinux/CVE-2017-15649/ANY/0002.patch git apply $cvePatchesLinux/CVE-2017-15649/ANY/0002.patch
git apply $cvePatchesLinux/CVE-2017-15842/ANY/0001.patch
git apply $cvePatchesLinux/CVE-2017-16525/^4.13/0002.patch git apply $cvePatchesLinux/CVE-2017-16525/^4.13/0002.patch
git apply $cvePatchesLinux/CVE-2017-16526/^4.13/0001.patch git apply $cvePatchesLinux/CVE-2017-16526/^4.13/0001.patch
git apply $cvePatchesLinux/CVE-2017-16532/^4.13/0001.patch git apply $cvePatchesLinux/CVE-2017-16532/^4.13/0001.patch
@ -80,7 +79,6 @@ git apply $cvePatchesLinux/CVE-2017-16535/^4.13/0001.patch
git apply $cvePatchesLinux/CVE-2017-16537/^4.13/0001.patch git apply $cvePatchesLinux/CVE-2017-16537/^4.13/0001.patch
git apply $cvePatchesLinux/CVE-2017-16538/^4.13/0001.patch git apply $cvePatchesLinux/CVE-2017-16538/^4.13/0001.patch
git apply $cvePatchesLinux/CVE-2017-16538/^4.13/0002.patch git apply $cvePatchesLinux/CVE-2017-16538/^4.13/0002.patch
git apply $cvePatchesLinux/CVE-2017-16643/3.5+/0001.patch
git apply $cvePatchesLinux/CVE-2017-16645/ANY/0001.patch git apply $cvePatchesLinux/CVE-2017-16645/ANY/0001.patch
git apply $cvePatchesLinux/CVE-2017-16646/ANY/0001.patch git apply $cvePatchesLinux/CVE-2017-16646/ANY/0001.patch
git apply $cvePatchesLinux/CVE-2017-16650/ANY/0001.patch git apply $cvePatchesLinux/CVE-2017-16650/ANY/0001.patch
@ -97,8 +95,6 @@ git apply $cvePatchesLinux/CVE-2017-6348/^4.9/0001.patch
git apply $cvePatchesLinux/CVE-2017-7371/3.18/0001.patch git apply $cvePatchesLinux/CVE-2017-7371/3.18/0001.patch
git apply $cvePatchesLinux/CVE-2017-7372/ANY/0001.patch git apply $cvePatchesLinux/CVE-2017-7372/ANY/0001.patch
git apply $cvePatchesLinux/CVE-2017-9707/ANY/0001.patch git apply $cvePatchesLinux/CVE-2017-9707/ANY/0001.patch
git apply $cvePatchesLinux/CVE-2018-5848/ANY/0001.patch
git apply $cvePatchesLinux/CVE-2018-5849/ANY/0001.patch
git apply $cvePatchesLinux/Untracked/ANY/0002-ozwpan-Use-unsigned-ints-to-prevent-heap-overflow.patch git apply $cvePatchesLinux/Untracked/ANY/0002-ozwpan-Use-unsigned-ints-to-prevent-heap-overflow.patch
git apply $cvePatchesLinux/Untracked/ANY/0005-tcp-fix-zero-cwnd-in-tcp_cwnd_reduction.patch git apply $cvePatchesLinux/Untracked/ANY/0005-tcp-fix-zero-cwnd-in-tcp_cwnd_reduction.patch
git apply $cvePatchesLinux/CVE-2016-5853/3.18/0002.patch git apply $cvePatchesLinux/CVE-2016-5853/3.18/0002.patch
@ -107,5 +103,5 @@ git apply $cvePatchesLinux/CVE-2016-6696/ANY/0001.patch
git apply $cvePatchesLinux/CVE-2017-0610/ANY/0001.patch git apply $cvePatchesLinux/CVE-2017-0610/ANY/0001.patch
git apply $cvePatchesLinux/CVE-2017-0750/ANY/0001.patch git apply $cvePatchesLinux/CVE-2017-0750/ANY/0001.patch
git apply $cvePatchesLinux/CVE-2017-14883/ANY/0001.patch git apply $cvePatchesLinux/CVE-2017-14883/ANY/0001.patch
editKernelLocalversion "-dos.p107" editKernelLocalversion "-dos.p103"
cd $base cd $base

View File

@ -48,7 +48,7 @@ patch -p1 < $patches"android_kernel_lge_mako/0003-Overclock.patch";
patch -p1 < $patches"android_kernel_lge_mako/0004-Overclock.patch"; patch -p1 < $patches"android_kernel_lge_mako/0004-Overclock.patch";
patch -p1 < $patches"android_kernel_lge_mako/0005-Overclock.patch"; patch -p1 < $patches"android_kernel_lge_mako/0005-Overclock.patch";
echo "CONFIG_LOW_CPUCLOCKS=y" >> arch/arm/configs/lineageos_mako_defconfig; #384Mhz -> 81Mhz echo "CONFIG_LOW_CPUCLOCKS=y" >> arch/arm/configs/lineageos_mako_defconfig; #384Mhz -> 81Mhz
echo "CONFIG_CPU_OVERCLOCK=y" >> arch/arm/configs/lineageos_mako_defconfig; #1.51Ghz -> 1.7Ghz =+0.90Ghz echo "CONFIG_CPU_OVERCLOCK=y" >> arch/arm/configs/lineageos_mako_defconfig; #1.51Ghz -> 1.70Ghz =+0.90Ghz
#echo "CPU_OVERCLOCK_ULTRA=y" >> arch/arm/configs/lineageos_mako_defconfig; #1.51Ghz -> 1.94Ghz =+1.72Ghz XXX: Causes excessive throttling #echo "CPU_OVERCLOCK_ULTRA=y" >> arch/arm/configs/lineageos_mako_defconfig; #1.51Ghz -> 1.94Ghz =+1.72Ghz XXX: Causes excessive throttling
#enter "kernel/lge/msm8992"; #enter "kernel/lge/msm8992";

View File

@ -70,7 +70,7 @@ enterAndClear "device/qcom/sepolicy";
patch -p1 < $patches"android_device_qcom_sepolicy/0001-Camera_Fix.patch"; #Fix camera on -user builds XXX: REMOVE THIS TRASH patch -p1 < $patches"android_device_qcom_sepolicy/0001-Camera_Fix.patch"; #Fix camera on -user builds XXX: REMOVE THIS TRASH
enterAndClear "external/svox"; enterAndClear "external/svox";
git revert 1419d63b4889a26d22443fd8df1f9073bf229d3d; #Add back makefiles git revert 1419d63b4889a26d22443fd8df1f9073bf229d3d; #Add back Makefiles
enterAndClear "frameworks/base"; enterAndClear "frameworks/base";
#git revert https://review.lineageos.org/#/c/202875/ #re-enable doze on devices without gms #git revert https://review.lineageos.org/#/c/202875/ #re-enable doze on devices without gms

5
TODO
View File

@ -1,9 +1,9 @@
Last updated: 2018-04-29 Last updated: 2018-05-13
High Priority (Release blockers) High Priority (Release blockers)
Build Build
- Automate incremental update generation - Automate incremental update generation
- Replace HOSTS file with a minimal one, and ship DNS66 - Update HOSTS file
Project Project
- Create cryptocurrency addresses - Create cryptocurrency addresses
- Setup Stripe - Setup Stripe
@ -35,7 +35,6 @@ Medium Priority
Website Website
- Cache updater and device page outputs using (PHP)Redis - Cache updater and device page outputs using (PHP)Redis
- Create a 'Technical Docs' page - Create a 'Technical Docs' page
- Replace the site with a no-JS required version
- Switch from Shadow to Piwik - Switch from Shadow to Piwik
- Update Terms of Service and Privacy Policy - Update Terms of Service and Privacy Policy