Backports of 0f4044e2 to 17.1/18.1/19.1

Also don't grant any special location permissions

Signed-off-by: Tad <tad@spotco.us>

Patches/Common/android_vendor_divested/overlay/common/frameworks/base/core/res/res/values/config.xml

@@ -123,10 +123,10 @@
     <string-array name="config_locationProviderPackageNames" translatable="false">
         <!-- The standard AOSP fused location provider -->
         <item>com.android.location.fused</item>
-	<!-- UnifiedNLP -->
-        <item>org.microg.nlp</item>
-	<!-- Play/microG -->
-        <item>com.google.android.gms</item>
+	<!-- UnifiedNLP
+        <item>org.microg.nlp</item> -->
+	<!-- Play/microG
+        <item>com.google.android.gms</item> -->
     </string-array>
 
     <!-- Package name providing Hardware Activity-Recognition API support. Used only when

Patches/LineageOS-17.1/android_frameworks_base/0021-Hardened-signature-spoofing.patch

@@ -0,0 +1,137 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Tad <tad@spotco.us>
+Date: Mon, 3 Jul 2023 12:00:12 -0400
+Subject: [PATCH] Hardened signature spoofing
+
+- Must be enabled by user
+- Must match microG package ID
+- Must match official microG build signing key
+- Only spoofs the Google package signature
+
+This is an effective merge + tweak of two existing patches, credits:
+  Dylanger Daly
+  https://github.com/dylangerdaly/platform_frameworks_base/commit/b58aa11631fadab3309a1d9268118bd9f2c2a79f
+  Chirayu Desai of CalyxOS
+  https://gitlab.com/CalyxOS/platform_frameworks_base/-/commit/76485abb36dc01b65506b010d0458e96e0116369
+
+Change-Id: I64a252aac9bb196a11ed7b4b5d8c7e59a3413bd4
+---
+ .../android/content/pm/PackageParser.java     | 32 +++++++++++++++
+ core/res/res/values/config.xml                |  2 +
+ .../server/pm/PackageManagerService.java      | 40 ++++++++++++++++++-
+ 3 files changed, 72 insertions(+), 2 deletions(-)
+
+diff --git a/core/java/android/content/pm/PackageParser.java b/core/java/android/content/pm/PackageParser.java
+index 7f728febe5d9..119603e6c266 100644
+--- a/core/java/android/content/pm/PackageParser.java
++++ b/core/java/android/content/pm/PackageParser.java
+@@ -6346,6 +6346,38 @@ public class PackageParser {
+             return false;
+         }
+ 
++        /**
++         * Return the Cerificate's Digest
++         */
++        public @Nullable String getSha256Certificate() {
++            return getSha256CertificateInternal();
++        }
++
++        private @Nullable String getSha256CertificateInternal() {
++            String digest;
++            if (this == UNKNOWN) {
++                return null;
++            }
++            if (hasPastSigningCertificates()) {
++
++                // check all past certs, except for the last one, which automatically gets all
++                // capabilities, since it is the same as the current signature, and is checked below
++                for (int i = 0; i < pastSigningCertificates.length - 1; i++) {
++                    digest = PackageUtils.computeSha256Digest(
++                            pastSigningCertificates[i].toByteArray());
++                    return digest;
++                }
++            }
++
++            // not in previous certs signing history, just check the current signer
++            if (signatures.length == 1) {
++                digest =
++                        PackageUtils.computeSha256Digest(signatures[0].toByteArray());
++                return digest;
++            }
++            return null;
++        }
++
+         /** Returns true if the signatures in this and other match exactly. */
+         public boolean signaturesMatchExactly(SigningDetails other) {
+             return Signature.areExactMatch(this.signatures, other.signatures);
+diff --git a/core/res/res/values/config.xml b/core/res/res/values/config.xml
+index a84d23b624bf..89754ba11ef2 100644
+--- a/core/res/res/values/config.xml
++++ b/core/res/res/values/config.xml
+@@ -1875,6 +1875,8 @@
+     <string-array name="config_locationProviderPackageNames" translatable="false">
+         <!-- The standard AOSP fused location provider -->
+         <item>com.android.location.fused</item>
++        <!-- The (faked) microg fused location provider (a free reimplementation)
++        <item>com.google.android.gms</item> -->
+     </string-array>
+ 
+     <!-- This string array can be overriden to enable test location providers initially. -->
+diff --git a/services/core/java/com/android/server/pm/PackageManagerService.java b/services/core/java/com/android/server/pm/PackageManagerService.java
+index 1bd1396c6d45..1831c3770f51 100644
+--- a/services/core/java/com/android/server/pm/PackageManagerService.java
++++ b/services/core/java/com/android/server/pm/PackageManagerService.java
+@@ -4203,8 +4203,19 @@ public class PackageManagerService extends IPackageManager.Stub
+                 });
+             }
+ 
+-            PackageInfo packageInfo = PackageParser.generatePackageInfo(p, gids, flags,
+-                    ps.firstInstallTime, ps.lastUpdateTime, permissions, state, userId);
++            // Allow microG GmsCore and FakeStore to spoof signature
++            final boolean isMicroG = ArrayUtils.contains(MICROG_FAKE_SIGNATURE_PACKAGES,
++                p.getPackageName());
++            PackageInfo packageInfo;
++            if (isMicroG && SystemProperties.getBoolean(SPOOF_CONTROL, false)) {
++                packageInfo = fakeSignature(p, PackageParser.generatePackageInfo(p, gids, flags,
++                        ps.firstInstallTime, ps.lastUpdateTime, permissions, state,
++                        userId, ps), permissions);
++            } else {
++                packageInfo =PackageParser.generatePackageInfo(p, gids, flags,
++                        ps.firstInstallTime, ps.lastUpdateTime, permissions, state,
++                        userId, ps);
++            }
+ 
+             if (packageInfo == null) {
+                 return null;
+@@ -4240,6 +4251,31 @@ public class PackageManagerService extends IPackageManager.Stub
+         }
+     }
+ 
++    // The setting to control spoofing enablement.
++    private static final String SPOOF_CONTROL = "persist.security.sigspoof";
++    // The Google signature faked by microG.
++    private static final String GOOGLE_CERT = "308204433082032ba003020102020900c2e08746644a308d300d06092a864886f70d01010405003074310b3009060355040613025553311330110603550408130a43616c69666f726e6961311630140603550407130d4d6f756e7461696e205669657731143012060355040a130b476f6f676c6520496e632e3110300e060355040b1307416e64726f69643110300e06035504031307416e64726f6964301e170d3038303832313233313333345a170d3336303130373233313333345a3074310b3009060355040613025553311330110603550408130a43616c69666f726e6961311630140603550407130d4d6f756e7461696e205669657731143012060355040a130b476f6f676c6520496e632e3110300e060355040b1307416e64726f69643110300e06035504031307416e64726f696430820120300d06092a864886f70d01010105000382010d00308201080282010100ab562e00d83ba208ae0a966f124e29da11f2ab56d08f58e2cca91303e9b754d372f640a71b1dcb130967624e4656a7776a92193db2e5bfb724a91e77188b0e6a47a43b33d9609b77183145ccdf7b2e586674c9e1565b1f4c6a5955bff251a63dabf9c55c27222252e875e4f8154a645f897168c0b1bfc612eabf785769bb34aa7984dc7e2ea2764cae8307d8c17154d7ee5f64a51a44a602c249054157dc02cd5f5c0e55fbef8519fbe327f0b1511692c5a06f19d18385f5c4dbc2d6b93f68cc2979c70e18ab93866b3bd5db8999552a0e3b4c99df58fb918bedc182ba35e003c1b4b10dd244a8ee24fffd333872ab5221985edab0fc0d0b145b6aa192858e79020103a381d93081d6301d0603551d0e04160414c77d8cc2211756259a7fd382df6be398e4d786a53081a60603551d2304819e30819b8014c77d8cc2211756259a7fd382df6be398e4d786a5a178a4763074310b3009060355040613025553311330110603550408130a43616c69666f726e6961311630140603550407130d4d6f756e7461696e205669657731143012060355040a130b476f6f676c6520496e632e3110300e060355040b1307416e64726f69643110300e06035504031307416e64726f6964820900c2e08746644a308d300c0603551d13040530030101ff300d06092a864886f70d010104050003820101006dd252ceef85302c360aaace939bcff2cca904bb5d7a1661f8ae46b2994204d0ff4a68c7ed1a531ec4595a623ce60763b167297a7ae35712c407f208f0cb109429124d7b106219c084ca3eb3f9ad5fb871ef92269a8be28bf16d44c8d9a08e6cb2f005bb3fe2cb96447e868e731076ad45b33f6009ea19c161e62641aa99271dfd5228c5c587875ddb7f452758d661f6cc0cccb7352e424cc4365c523532f7325137593c4ae341f4db41edda0d0b1071a7c440f0fe9ea01cb627ca674369d084bd2fd911ff06cdbf2cfa10dc0f893ae35762919048c7efc64c7144178342f70581c9de573af55b390dd7fdb9418631895d5f759f30112687ff621410c069308a";
++   // The signing key hash of official microG builds.
++    private static final String MICROG_HASH = "9BD06727E62796C0130EB6DAB39B73157451582CBD138E86C468ACC395D14165";
++    // List of packages which require signature spoofing.
++    private static final String[] MICROG_FAKE_SIGNATURE_PACKAGES = new String[] { "com.google.android.gms", "com.android.vending" };
++
++    private PackageInfo fakeSignature(AndroidPackage p, PackageInfo pi,
++            Set<String> permissions) {
++        String hash = p.getSigningDetails().getSha256Certificate();
++        try {
++            if (hash.equals(MICROG_HASH)) {
++                    pi.signatures = new Signature[] {new Signature(GOOGLE_CERT)};
++                    if (DEBUG_PACKAGE_INFO) {
++                        Log.v(TAG, "Spoofing signature for microG");
++                    }
++            }
++        } catch (Throwable t) {
++            Log.w("Unable to fake signature!", t);
++        }
++        return pi;
++    }
++
+     @Override
+     public void checkPackageStartable(String packageName, int userId) {
+         final int callingUid = Binder.getCallingUid();

Patches/LineageOS-17.1/android_packages_apps_Settings/0005-Automatic_Reboot.patch

@@ -55,7 +55,7 @@ index b983f467df..5813bb18db 100644
          <item msgid="6490061470416867723">Small</item>
          <item msgid="3579015730662088893">Default</item>
 diff --git a/res/values/strings.xml b/res/values/strings.xml
-index f6e3b0f62d..8f4a3c6115 100644
+index 2180ea45f6..eeee1c039f 100644
 --- a/res/values/strings.xml
 +++ b/res/values/strings.xml
 @@ -810,6 +810,9 @@

Patches/LineageOS-17.1/android_packages_apps_Settings/0006-Bluetooth_Timeout.patch

@@ -67,7 +67,7 @@ index 5813bb18db..40d01907a4 100644
      <string-array name="screen_timeout_entries">
          <item>15 seconds</item>
 diff --git a/res/values/strings.xml b/res/values/strings.xml
-index 8f4a3c6115..ef517e8503 100644
+index eeee1c039f..c5287c4489 100644
 --- a/res/values/strings.xml
 +++ b/res/values/strings.xml
 @@ -25,6 +25,25 @@

Patches/LineageOS-17.1/android_packages_apps_Settings/0007-WiFi_Timeout.patch

@@ -67,7 +67,7 @@ index 40d01907a4..0a9a9a31e8 100644
      <string-array name="screen_timeout_entries">
          <item>15 seconds</item>
 diff --git a/res/values/strings.xml b/res/values/strings.xml
-index ef517e8503..228d9570dd 100644
+index c5287c4489..0f254706ff 100644
 --- a/res/values/strings.xml
 +++ b/res/values/strings.xml
 @@ -44,6 +44,25 @@

Patches/LineageOS-17.1/android_packages_apps_Settings/0008-ptrace_scope.patch

@@ -12,7 +12,7 @@ Subject: [PATCH] add native debugging setting
  create mode 100644 src/com/android/settings/security/NativeDebugPreferenceController.java
 
 diff --git a/res/values/strings.xml b/res/values/strings.xml
-index 228d9570dd..d965a63b0d 100644
+index 0f254706ff..fcac812417 100644
 --- a/res/values/strings.xml
 +++ b/res/values/strings.xml
 @@ -11316,6 +11316,9 @@

Patches/LineageOS-17.1/android_packages_apps_Settings/0009-exec_spawning_toggle.patch

@@ -12,7 +12,7 @@ Subject: [PATCH] add exec spawning toggle
  create mode 100644 src/com/android/settings/security/ExecSpawnPreferenceController.java
 
 diff --git a/res/values/strings.xml b/res/values/strings.xml
-index d965a63b0d..e7dcf62ddc 100644
+index fcac812417..197882d66e 100644
 --- a/res/values/strings.xml
 +++ b/res/values/strings.xml
 @@ -11316,6 +11316,8 @@

Patches/LineageOS-17.1/android_packages_apps_Settings/0011-LTE_Only_Mode.patch

@@ -106,7 +106,7 @@ index 6d95bcc58b..072004e447 100644
          <item>"18"</item>
          <item>"1"</item>
 diff --git a/res/values/strings.xml b/res/values/strings.xml
-index e7dcf62ddc..fedb9f3fde 100644
+index 197882d66e..88bd100122 100644
 --- a/res/values/strings.xml
 +++ b/res/values/strings.xml
 @@ -10942,6 +10942,8 @@

Patches/LineageOS-17.1/android_packages_apps_Settings/0012-hosts_toggle.patch

@@ -16,7 +16,7 @@ Change-Id: Ic01a142722372d9d57f52947025cd9db23e58ef4
  create mode 100644 src/com/android/settings/security/HostsPreferenceController.java
 
 diff --git a/res/values/strings.xml b/res/values/strings.xml
-index fedb9f3fde..b5dbdc7d81 100644
+index 88bd100122..a64940d793 100644
 --- a/res/values/strings.xml
 +++ b/res/values/strings.xml
 @@ -11327,6 +11327,9 @@

Patches/LineageOS-17.1/android_packages_apps_Settings/0014-signature_spoofing_toggle.patch

@@ -0,0 +1,172 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Tad <tad@spotco.us>
+Date: Wed, 20 Apr 2022 01:04:27 -0400
+Subject: [PATCH] Add a toggle to opt-in to restricted signature spoofing
+
+Copy and pasted from the GrapheneOS exec spawning toggle patch
+
+Change-Id: Ibea6ea9bed1c2ae3491f403d9e5c17c1d1c403f1
+Signed-off-by: Tad <tad@spotco.us>
+---
+ res/values/strings.xml                        |   3 +
+ res/xml/security_dashboard_settings.xml       |   6 +
+ .../settings/security/SecuritySettings.java   |   1 +
+ .../SigSpoofPreferenceController.java         | 106 ++++++++++++++++++
+ 4 files changed, 116 insertions(+)
+ create mode 100644 src/com/android/settings/security/SigSpoofPreferenceController.java
+
+diff --git a/res/values/strings.xml b/res/values/strings.xml
+index a64940d793..a0149bc124 100644
+--- a/res/values/strings.xml
++++ b/res/values/strings.xml
+@@ -11330,6 +11330,9 @@
+     <string name="hosts_disable_title">Disable DNS content blocker</string>
+     <string name="hosts_disable_summary">Disables use of the included /etc/hosts database for data collection and malware blocking.</string>
+ 
++    <string name="sig_spoof_title">microG enablement (not recommended)</string>
++    <string name="sig_spoof_summary">Allows official builds of microG apps to spoof the Google signature. Not supported, not recommended. May break apps and/or degrade their security model. Notes: 1) microG connects directly to Google, 2) microG can download/execute proprietary code from Google, 3) apps talking to microG do so using proprietary Google libraries.</string>
++
+     <!-- Title for the top level Privacy Settings [CHAR LIMIT=30]-->
+     <string name="privacy_dashboard_title">Privacy</string>
+     <!-- Summary for the top level Privacy Settings [CHAR LIMIT=NONE]-->
+diff --git a/res/xml/security_dashboard_settings.xml b/res/xml/security_dashboard_settings.xml
+index 23a39d3106..c5a6c8cada 100644
+--- a/res/xml/security_dashboard_settings.xml
++++ b/res/xml/security_dashboard_settings.xml
+@@ -81,6 +81,12 @@
+             android:title="@string/hosts_disable_title"
+             android:summary="@string/hosts_disable_summary"
+             android:persistent="false" />
++
++        <SwitchPreference
++            android:key="sig_spoof"
++            android:title="@string/sig_spoof_title"
++            android:summary="@string/sig_spoof_summary"
++            android:persistent="false" />
+     </PreferenceCategory>
+ 
+     <!-- work profile security section -->
+diff --git a/src/com/android/settings/security/SecuritySettings.java b/src/com/android/settings/security/SecuritySettings.java
+index 88ba2ece3a..3ba3f518b0 100644
+--- a/src/com/android/settings/security/SecuritySettings.java
++++ b/src/com/android/settings/security/SecuritySettings.java
+@@ -124,6 +124,7 @@ public class SecuritySettings extends DashboardFragment {
+         securityPreferenceControllers.add(new ExecSpawnPreferenceController(context));
+         securityPreferenceControllers.add(new NativeDebugPreferenceController(context));
+         securityPreferenceControllers.add(new HostsPreferenceController(context));
++        securityPreferenceControllers.add(new SigSpoofPreferenceController(context));
+         controllers.add(new PreferenceCategoryController(context, SECURITY_CATEGORY)
+                 .setChildren(securityPreferenceControllers));
+         controllers.addAll(securityPreferenceControllers);
+diff --git a/src/com/android/settings/security/SigSpoofPreferenceController.java b/src/com/android/settings/security/SigSpoofPreferenceController.java
+new file mode 100644
+index 0000000000..258b59b0b0
+--- /dev/null
++++ b/src/com/android/settings/security/SigSpoofPreferenceController.java
+@@ -0,0 +1,106 @@
++/*
++ * Copyright (C) 2022 The Android Open Source Project
++ *
++ * Licensed under the Apache License, Version 2.0 (the "License");
++ * you may not use this file except in compliance with the License.
++ * You may obtain a copy of the License at
++ *
++ *      http://www.apache.org/licenses/LICENSE-2.0
++ *
++ * Unless required by applicable law or agreed to in writing, software
++ * distributed under the License is distributed on an "AS IS" BASIS,
++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
++ * See the License for the specific language governing permissions and
++ * limitations under the License
++ */
++
++package com.android.settings.security;
++
++import android.content.Context;
++
++import android.os.UserHandle;
++import android.os.UserManager;
++import android.os.SystemProperties;
++
++import android.provider.Settings;
++
++import androidx.preference.Preference;
++import androidx.preference.PreferenceCategory;
++import androidx.preference.PreferenceGroup;
++import androidx.preference.PreferenceScreen;
++import androidx.preference.TwoStatePreference;
++import androidx.preference.SwitchPreference;
++
++import com.android.internal.widget.LockPatternUtils;
++import com.android.settings.core.PreferenceControllerMixin;
++import com.android.settingslib.core.AbstractPreferenceController;
++import com.android.settingslib.core.lifecycle.events.OnResume;
++
++public class SigSpoofPreferenceController extends AbstractPreferenceController
++        implements PreferenceControllerMixin, OnResume, Preference.OnPreferenceChangeListener {
++
++    private static final String SYS_KEY_SIG_SPOOF_ENABLE = "persist.security.sigspoof";
++    private static final String PREF_KEY_SIG_SPOOF_ENABLE = "sig_spoof";
++    private static final String PREF_KEY_SECURITY_CATEGORY = "security_category";
++
++    private PreferenceCategory mSecurityCategory;
++    private SwitchPreference mSigSpoofEnable;
++    private boolean mIsAdmin;
++    private UserManager mUm;
++
++    public SigSpoofPreferenceController(Context context) {
++        super(context);
++        mUm = UserManager.get(context);
++    }
++
++    @Override
++    public void displayPreference(PreferenceScreen screen) {
++        super.displayPreference(screen);
++        mSecurityCategory = screen.findPreference(PREF_KEY_SECURITY_CATEGORY);
++        updatePreferenceState();
++    }
++
++    @Override
++    public boolean isAvailable() {
++        mIsAdmin = mUm.isAdminUser();
++        return mIsAdmin;
++    }
++
++    @Override
++    public String getPreferenceKey() {
++        return PREF_KEY_SIG_SPOOF_ENABLE;
++    }
++
++    // TODO: should we use onCreatePreferences() instead?
++    private void updatePreferenceState() {
++        if (mSecurityCategory == null) {
++            return;
++        }
++
++        if (mIsAdmin) {
++            mSigSpoofEnable = (SwitchPreference) mSecurityCategory.findPreference(PREF_KEY_SIG_SPOOF_ENABLE);
++            mSigSpoofEnable.setChecked(SystemProperties.getInt(SYS_KEY_SIG_SPOOF_ENABLE, 0) == 1);
++        } else {
++            mSecurityCategory.removePreference(mSecurityCategory.findPreference(PREF_KEY_SIG_SPOOF_ENABLE));
++        }
++    }
++
++    @Override
++    public void onResume() {
++        updatePreferenceState();
++        if (mSigSpoofEnable != null) {
++                boolean mode = mSigSpoofEnable.isChecked();
++                SystemProperties.set(SYS_KEY_SIG_SPOOF_ENABLE, mode ? "1" : "0");
++        }
++    }
++
++    @Override
++    public boolean onPreferenceChange(Preference preference, Object value) {
++        final String key = preference.getKey();
++        if (PREF_KEY_SIG_SPOOF_ENABLE.equals(key)) {
++            final boolean mode = !mSigSpoofEnable.isChecked();
++            SystemProperties.set(SYS_KEY_SIG_SPOOF_ENABLE, mode ? "1" : "0");
++        }
++        return true;
++    }
++}

Patches/LineageOS-18.1/android_frameworks_base/0024-Hardened-signature-spoofing.patch

@@ -0,0 +1,137 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Tad <tad@spotco.us>
+Date: Mon, 3 Jul 2023 12:00:12 -0400
+Subject: [PATCH] Hardened signature spoofing
+
+- Must be enabled by user
+- Must match microG package ID
+- Must match official microG build signing key
+- Only spoofs the Google package signature
+
+This is an effective merge + tweak of two existing patches, credits:
+  Dylanger Daly
+  https://github.com/dylangerdaly/platform_frameworks_base/commit/b58aa11631fadab3309a1d9268118bd9f2c2a79f
+  Chirayu Desai of CalyxOS
+  https://gitlab.com/CalyxOS/platform_frameworks_base/-/commit/76485abb36dc01b65506b010d0458e96e0116369
+
+Change-Id: I64a252aac9bb196a11ed7b4b5d8c7e59a3413bd4
+---
+ .../android/content/pm/PackageParser.java     | 32 +++++++++++++++
+ core/res/res/values/config.xml                |  2 +
+ .../server/pm/PackageManagerService.java      | 40 ++++++++++++++++++-
+ 3 files changed, 72 insertions(+), 2 deletions(-)
+
+diff --git a/core/java/android/content/pm/PackageParser.java b/core/java/android/content/pm/PackageParser.java
+index 57f8a713ec13..ec2cf1ace99f 100644
+--- a/core/java/android/content/pm/PackageParser.java
++++ b/core/java/android/content/pm/PackageParser.java
+@@ -6457,6 +6457,38 @@ public class PackageParser {
+             return false;
+         }
+ 
++        /**
++         * Return the Cerificate's Digest
++         */
++        public @Nullable String getSha256Certificate() {
++            return getSha256CertificateInternal();
++        }
++
++        private @Nullable String getSha256CertificateInternal() {
++            String digest;
++            if (this == UNKNOWN) {
++                return null;
++            }
++            if (hasPastSigningCertificates()) {
++
++                // check all past certs, except for the last one, which automatically gets all
++                // capabilities, since it is the same as the current signature, and is checked below
++                for (int i = 0; i < pastSigningCertificates.length - 1; i++) {
++                    digest = PackageUtils.computeSha256Digest(
++                            pastSigningCertificates[i].toByteArray());
++                    return digest;
++                }
++            }
++
++            // not in previous certs signing history, just check the current signer
++            if (signatures.length == 1) {
++                digest =
++                        PackageUtils.computeSha256Digest(signatures[0].toByteArray());
++                return digest;
++            }
++            return null;
++        }
++
+         /** Returns true if the signatures in this and other match exactly. */
+         public boolean signaturesMatchExactly(SigningDetails other) {
+             return Signature.areExactMatch(this.signatures, other.signatures);
+diff --git a/core/res/res/values/config.xml b/core/res/res/values/config.xml
+index f4efcc7e4eec..6ff71f0e6d2e 100644
+--- a/core/res/res/values/config.xml
++++ b/core/res/res/values/config.xml
+@@ -1654,6 +1654,8 @@
+     <string-array name="config_locationProviderPackageNames" translatable="false">
+         <!-- The standard AOSP fused location provider -->
+         <item>com.android.location.fused</item>
++        <!-- The (faked) microg fused location provider (a free reimplementation)
++        <item>com.google.android.gms</item> -->
+     </string-array>
+ 
+     <!-- This string array can be overriden to enable test location providers initially. -->
+diff --git a/services/core/java/com/android/server/pm/PackageManagerService.java b/services/core/java/com/android/server/pm/PackageManagerService.java
+index 9611b381942c..900ba7ba68d2 100644
+--- a/services/core/java/com/android/server/pm/PackageManagerService.java
++++ b/services/core/java/com/android/server/pm/PackageManagerService.java
+@@ -4465,8 +4465,19 @@ public class PackageManagerService extends IPackageManager.Stub
+                 });
+             }
+ 
+-            PackageInfo packageInfo = PackageInfoUtils.generate(p, gids, flags,
+-                    ps.firstInstallTime, ps.lastUpdateTime, permissions, state, userId, ps);
++            // Allow microG GmsCore and FakeStore to spoof signature
++            final boolean isMicroG = ArrayUtils.contains(MICROG_FAKE_SIGNATURE_PACKAGES,
++                p.getPackageName());
++            PackageInfo packageInfo;
++            if (isMicroG && SystemProperties.getBoolean(SPOOF_CONTROL, false)) {
++                packageInfo = fakeSignature(p, PackageInfoUtils.generate(p, gids, flags,
++                        ps.firstInstallTime, ps.lastUpdateTime, permissions, state,
++                        userId, ps), permissions);
++            } else {
++                packageInfo = PackageInfoUtils.generate(p, gids, flags,
++                        ps.firstInstallTime, ps.lastUpdateTime, permissions, state,
++                        userId, ps);
++            }
+ 
+             if (packageInfo == null) {
+                 return null;
+@@ -4502,6 +4513,31 @@ public class PackageManagerService extends IPackageManager.Stub
+         }
+     }
+ 
++    // The setting to control spoofing enablement.
++    private static final String SPOOF_CONTROL = "persist.security.sigspoof";
++    // The Google signature faked by microG.
++    private static final String GOOGLE_CERT = "308204433082032ba003020102020900c2e08746644a308d300d06092a864886f70d01010405003074310b3009060355040613025553311330110603550408130a43616c69666f726e6961311630140603550407130d4d6f756e7461696e205669657731143012060355040a130b476f6f676c6520496e632e3110300e060355040b1307416e64726f69643110300e06035504031307416e64726f6964301e170d3038303832313233313333345a170d3336303130373233313333345a3074310b3009060355040613025553311330110603550408130a43616c69666f726e6961311630140603550407130d4d6f756e7461696e205669657731143012060355040a130b476f6f676c6520496e632e3110300e060355040b1307416e64726f69643110300e06035504031307416e64726f696430820120300d06092a864886f70d01010105000382010d00308201080282010100ab562e00d83ba208ae0a966f124e29da11f2ab56d08f58e2cca91303e9b754d372f640a71b1dcb130967624e4656a7776a92193db2e5bfb724a91e77188b0e6a47a43b33d9609b77183145ccdf7b2e586674c9e1565b1f4c6a5955bff251a63dabf9c55c27222252e875e4f8154a645f897168c0b1bfc612eabf785769bb34aa7984dc7e2ea2764cae8307d8c17154d7ee5f64a51a44a602c249054157dc02cd5f5c0e55fbef8519fbe327f0b1511692c5a06f19d18385f5c4dbc2d6b93f68cc2979c70e18ab93866b3bd5db8999552a0e3b4c99df58fb918bedc182ba35e003c1b4b10dd244a8ee24fffd333872ab5221985edab0fc0d0b145b6aa192858e79020103a381d93081d6301d0603551d0e04160414c77d8cc2211756259a7fd382df6be398e4d786a53081a60603551d2304819e30819b8014c77d8cc2211756259a7fd382df6be398e4d786a5a178a4763074310b3009060355040613025553311330110603550408130a43616c69666f726e6961311630140603550407130d4d6f756e7461696e205669657731143012060355040a130b476f6f676c6520496e632e3110300e060355040b1307416e64726f69643110300e06035504031307416e64726f6964820900c2e08746644a308d300c0603551d13040530030101ff300d06092a864886f70d010104050003820101006dd252ceef85302c360aaace939bcff2cca904bb5d7a1661f8ae46b2994204d0ff4a68c7ed1a531ec4595a623ce60763b167297a7ae35712c407f208f0cb109429124d7b106219c084ca3eb3f9ad5fb871ef92269a8be28bf16d44c8d9a08e6cb2f005bb3fe2cb96447e868e731076ad45b33f6009ea19c161e62641aa99271dfd5228c5c587875ddb7f452758d661f6cc0cccb7352e424cc4365c523532f7325137593c4ae341f4db41edda0d0b1071a7c440f0fe9ea01cb627ca674369d084bd2fd911ff06cdbf2cfa10dc0f893ae35762919048c7efc64c7144178342f70581c9de573af55b390dd7fdb9418631895d5f759f30112687ff621410c069308a";
++   // The signing key hash of official microG builds.
++    private static final String MICROG_HASH = "9BD06727E62796C0130EB6DAB39B73157451582CBD138E86C468ACC395D14165";
++    // List of packages which require signature spoofing.
++    private static final String[] MICROG_FAKE_SIGNATURE_PACKAGES = new String[] { "com.google.android.gms", "com.android.vending" };
++
++    private PackageInfo fakeSignature(AndroidPackage p, PackageInfo pi,
++            Set<String> permissions) {
++        String hash = p.getSigningDetails().getSha256Certificate();
++        try {
++            if (hash.equals(MICROG_HASH)) {
++                    pi.signatures = new Signature[] {new Signature(GOOGLE_CERT)};
++                    if (DEBUG_PACKAGE_INFO) {
++                        Log.v(TAG, "Spoofing signature for microG");
++                    }
++            }
++        } catch (Throwable t) {
++            Log.w("Unable to fake signature!", t);
++        }
++        return pi;
++    }
++
+     @Override
+     public void checkPackageStartable(String packageName, int userId) {
+         final int callingUid = Binder.getCallingUid();

Patches/LineageOS-18.1/android_packages_apps_Settings/0015-signature_spoofing_toggle.patch

@@ -0,0 +1,172 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Tad <tad@spotco.us>
+Date: Wed, 20 Apr 2022 01:04:27 -0400
+Subject: [PATCH] Add a toggle to opt-in to restricted signature spoofing
+
+Copy and pasted from the GrapheneOS exec spawning toggle patch
+
+Change-Id: Ibea6ea9bed1c2ae3491f403d9e5c17c1d1c403f1
+Signed-off-by: Tad <tad@spotco.us>
+---
+ res/values/strings.xml                        |   3 +
+ res/xml/security_dashboard_settings.xml       |   6 +
+ .../settings/security/SecuritySettings.java   |   1 +
+ .../SigSpoofPreferenceController.java         | 106 ++++++++++++++++++
+ 4 files changed, 116 insertions(+)
+ create mode 100644 src/com/android/settings/security/SigSpoofPreferenceController.java
+
+diff --git a/res/values/strings.xml b/res/values/strings.xml
+index 5af3638555..6d410415bc 100644
+--- a/res/values/strings.xml
++++ b/res/values/strings.xml
+@@ -11972,6 +11972,9 @@
+     <string name="hosts_disable_title">Disable DNS content blocker</string>
+     <string name="hosts_disable_summary">Disables use of the included /etc/hosts database for data collection and malware blocking.</string>
+ 
++    <string name="sig_spoof_title">microG enablement (not recommended)</string>
++    <string name="sig_spoof_summary">Allows official builds of microG apps to spoof the Google signature. Not supported, not recommended. May break apps and/or degrade their security model. Notes: 1) microG connects directly to Google, 2) microG can download/execute proprietary code from Google, 3) apps talking to microG do so using proprietary Google libraries.</string>
++
+     <!-- Title for the top level Privacy Settings [CHAR LIMIT=30]-->
+     <string name="privacy_dashboard_title">Privacy</string>
+     <!-- Summary for the top level Privacy Settings [CHAR LIMIT=NONE]-->
+diff --git a/res/xml/security_dashboard_settings.xml b/res/xml/security_dashboard_settings.xml
+index 62d42246a3..21ce054889 100644
+--- a/res/xml/security_dashboard_settings.xml
++++ b/res/xml/security_dashboard_settings.xml
+@@ -81,6 +81,12 @@
+             android:title="@string/hosts_disable_title"
+             android:summary="@string/hosts_disable_summary"
+             android:persistent="false" />
++
++        <SwitchPreference
++            android:key="sig_spoof"
++            android:title="@string/sig_spoof_title"
++            android:summary="@string/sig_spoof_summary"
++            android:persistent="false" />
+     </PreferenceCategory>
+ 
+     <!-- work profile security section -->
+diff --git a/src/com/android/settings/security/SecuritySettings.java b/src/com/android/settings/security/SecuritySettings.java
+index 0fbcd27104..5248d74c37 100644
+--- a/src/com/android/settings/security/SecuritySettings.java
++++ b/src/com/android/settings/security/SecuritySettings.java
+@@ -122,6 +122,7 @@ public class SecuritySettings extends DashboardFragment {
+         securityPreferenceControllers.add(new ExecSpawnPreferenceController(context));
+         securityPreferenceControllers.add(new NativeDebugPreferenceController(context));
+         securityPreferenceControllers.add(new HostsPreferenceController(context));
++        securityPreferenceControllers.add(new SigSpoofPreferenceController(context));
+         controllers.add(new PreferenceCategoryController(context, SECURITY_CATEGORY)
+                 .setChildren(securityPreferenceControllers));
+         controllers.addAll(securityPreferenceControllers);
+diff --git a/src/com/android/settings/security/SigSpoofPreferenceController.java b/src/com/android/settings/security/SigSpoofPreferenceController.java
+new file mode 100644
+index 0000000000..258b59b0b0
+--- /dev/null
++++ b/src/com/android/settings/security/SigSpoofPreferenceController.java
+@@ -0,0 +1,106 @@
++/*
++ * Copyright (C) 2022 The Android Open Source Project
++ *
++ * Licensed under the Apache License, Version 2.0 (the "License");
++ * you may not use this file except in compliance with the License.
++ * You may obtain a copy of the License at
++ *
++ *      http://www.apache.org/licenses/LICENSE-2.0
++ *
++ * Unless required by applicable law or agreed to in writing, software
++ * distributed under the License is distributed on an "AS IS" BASIS,
++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
++ * See the License for the specific language governing permissions and
++ * limitations under the License
++ */
++
++package com.android.settings.security;
++
++import android.content.Context;
++
++import android.os.UserHandle;
++import android.os.UserManager;
++import android.os.SystemProperties;
++
++import android.provider.Settings;
++
++import androidx.preference.Preference;
++import androidx.preference.PreferenceCategory;
++import androidx.preference.PreferenceGroup;
++import androidx.preference.PreferenceScreen;
++import androidx.preference.TwoStatePreference;
++import androidx.preference.SwitchPreference;
++
++import com.android.internal.widget.LockPatternUtils;
++import com.android.settings.core.PreferenceControllerMixin;
++import com.android.settingslib.core.AbstractPreferenceController;
++import com.android.settingslib.core.lifecycle.events.OnResume;
++
++public class SigSpoofPreferenceController extends AbstractPreferenceController
++        implements PreferenceControllerMixin, OnResume, Preference.OnPreferenceChangeListener {
++
++    private static final String SYS_KEY_SIG_SPOOF_ENABLE = "persist.security.sigspoof";
++    private static final String PREF_KEY_SIG_SPOOF_ENABLE = "sig_spoof";
++    private static final String PREF_KEY_SECURITY_CATEGORY = "security_category";
++
++    private PreferenceCategory mSecurityCategory;
++    private SwitchPreference mSigSpoofEnable;
++    private boolean mIsAdmin;
++    private UserManager mUm;
++
++    public SigSpoofPreferenceController(Context context) {
++        super(context);
++        mUm = UserManager.get(context);
++    }
++
++    @Override
++    public void displayPreference(PreferenceScreen screen) {
++        super.displayPreference(screen);
++        mSecurityCategory = screen.findPreference(PREF_KEY_SECURITY_CATEGORY);
++        updatePreferenceState();
++    }
++
++    @Override
++    public boolean isAvailable() {
++        mIsAdmin = mUm.isAdminUser();
++        return mIsAdmin;
++    }
++
++    @Override
++    public String getPreferenceKey() {
++        return PREF_KEY_SIG_SPOOF_ENABLE;
++    }
++
++    // TODO: should we use onCreatePreferences() instead?
++    private void updatePreferenceState() {
++        if (mSecurityCategory == null) {
++            return;
++        }
++
++        if (mIsAdmin) {
++            mSigSpoofEnable = (SwitchPreference) mSecurityCategory.findPreference(PREF_KEY_SIG_SPOOF_ENABLE);
++            mSigSpoofEnable.setChecked(SystemProperties.getInt(SYS_KEY_SIG_SPOOF_ENABLE, 0) == 1);
++        } else {
++            mSecurityCategory.removePreference(mSecurityCategory.findPreference(PREF_KEY_SIG_SPOOF_ENABLE));
++        }
++    }
++
++    @Override
++    public void onResume() {
++        updatePreferenceState();
++        if (mSigSpoofEnable != null) {
++                boolean mode = mSigSpoofEnable.isChecked();
++                SystemProperties.set(SYS_KEY_SIG_SPOOF_ENABLE, mode ? "1" : "0");
++        }
++    }
++
++    @Override
++    public boolean onPreferenceChange(Preference preference, Object value) {
++        final String key = preference.getKey();
++        if (PREF_KEY_SIG_SPOOF_ENABLE.equals(key)) {
++            final boolean mode = !mSigSpoofEnable.isChecked();
++            SystemProperties.set(SYS_KEY_SIG_SPOOF_ENABLE, mode ? "1" : "0");
++        }
++        return true;
++    }
++}

Patches/LineageOS-19.1/android_frameworks_base/0031-Hardened-signature-spoofing.patch

@@ -0,0 +1,137 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Tad <tad@spotco.us>
+Date: Mon, 3 Jul 2023 12:00:12 -0400
+Subject: [PATCH] Hardened signature spoofing
+
+- Must be enabled by user
+- Must match microG package ID
+- Must match official microG build signing key
+- Only spoofs the Google package signature
+
+This is an effective merge + tweak of two existing patches, credits:
+  Dylanger Daly
+  https://github.com/dylangerdaly/platform_frameworks_base/commit/b58aa11631fadab3309a1d9268118bd9f2c2a79f
+  Chirayu Desai of CalyxOS
+  https://gitlab.com/CalyxOS/platform_frameworks_base/-/commit/76485abb36dc01b65506b010d0458e96e0116369
+
+Change-Id: I64a252aac9bb196a11ed7b4b5d8c7e59a3413bd4
+---
+ .../android/content/pm/PackageParser.java     | 32 +++++++++++++++
+ core/res/res/values/config.xml                |  2 +
+ .../server/pm/PackageManagerService.java      | 40 ++++++++++++++++++-
+ 3 files changed, 72 insertions(+), 2 deletions(-)
+
+diff --git a/core/java/android/content/pm/PackageParser.java b/core/java/android/content/pm/PackageParser.java
+index f92c2951fdef..052d7db60379 100644
+--- a/core/java/android/content/pm/PackageParser.java
++++ b/core/java/android/content/pm/PackageParser.java
+@@ -6567,6 +6567,38 @@ public class PackageParser {
+             return false;
+         }
+ 
++        /**
++         * Return the Cerificate's Digest
++         */
++        public @Nullable String getSha256Certificate() {
++            return getSha256CertificateInternal();
++        }
++
++        private @Nullable String getSha256CertificateInternal() {
++            String digest;
++            if (this == UNKNOWN) {
++                return null;
++            }
++            if (hasPastSigningCertificates()) {
++
++                // check all past certs, except for the last one, which automatically gets all
++                // capabilities, since it is the same as the current signature, and is checked below
++                for (int i = 0; i < pastSigningCertificates.length - 1; i++) {
++                    digest = PackageUtils.computeSha256Digest(
++                            pastSigningCertificates[i].toByteArray());
++                    return digest;
++                }
++            }
++
++            // not in previous certs signing history, just check the current signer
++            if (signatures.length == 1) {
++                digest =
++                        PackageUtils.computeSha256Digest(signatures[0].toByteArray());
++                return digest;
++            }
++            return null;
++        }
++
+         /** Returns true if the signatures in this and other match exactly. */
+         public boolean signaturesMatchExactly(SigningDetails other) {
+             return Signature.areExactMatch(this.signatures, other.signatures);
+diff --git a/core/res/res/values/config.xml b/core/res/res/values/config.xml
+index a7d55479d2c3..c3616d28dd66 100644
+--- a/core/res/res/values/config.xml
++++ b/core/res/res/values/config.xml
+@@ -1804,6 +1804,8 @@
+     <string-array name="config_locationProviderPackageNames" translatable="false">
+         <!-- The standard AOSP fused location provider -->
+         <item>com.android.location.fused</item>
++        <!-- The (faked) microg fused location provider (a free reimplementation)
++        <item>com.google.android.gms</item> -->
+     </string-array>
+ 
+     <!-- Package name(s) of Advanced Driver Assistance applications. These packages have additional
+diff --git a/services/core/java/com/android/server/pm/PackageManagerService.java b/services/core/java/com/android/server/pm/PackageManagerService.java
+index 5bbde18f7e9e..fee7dc331558 100644
+--- a/services/core/java/com/android/server/pm/PackageManagerService.java
++++ b/services/core/java/com/android/server/pm/PackageManagerService.java
+@@ -3362,8 +3362,19 @@ public class PackageManagerService extends IPackageManager.Stub
+                         || ArrayUtils.isEmpty(p.getRequestedPermissions())) ? Collections.emptySet()
+                         : mPermissionManager.getGrantedPermissions(ps.name, userId);
+ 
+-                PackageInfo packageInfo = PackageInfoUtils.generate(p, gids, flags,
+-                        ps.firstInstallTime, ps.lastUpdateTime, permissions, state, userId, ps);
++                // Allow microG GmsCore and FakeStore to spoof signature
++                final boolean isMicroG = ArrayUtils.contains(MICROG_FAKE_SIGNATURE_PACKAGES,
++                    p.getPackageName());
++                PackageInfo packageInfo;
++                if (isMicroG && SystemProperties.getBoolean(SPOOF_CONTROL, false)) {
++                    packageInfo = fakeSignature(p, PackageInfoUtils.generate(p, gids, flags,
++                            ps.firstInstallTime, ps.lastUpdateTime, permissions, state,
++                            userId, ps), permissions);
++                } else {
++                    packageInfo = PackageInfoUtils.generate(p, gids, flags,
++                            ps.firstInstallTime, ps.lastUpdateTime, permissions, state,
++                            userId, ps);
++                }
+ 
+                 if (packageInfo == null) {
+                     return null;
+@@ -3400,6 +3411,31 @@ public class PackageManagerService extends IPackageManager.Stub
+             }
+         }
+ 
++        // The setting to control spoofing enablement.
++        private static final String SPOOF_CONTROL = "persist.security.sigspoof";
++        // The Google signature faked by microG.
++        private static final String GOOGLE_CERT = "308204433082032ba003020102020900c2e08746644a308d300d06092a864886f70d01010405003074310b3009060355040613025553311330110603550408130a43616c69666f726e6961311630140603550407130d4d6f756e7461696e205669657731143012060355040a130b476f6f676c6520496e632e3110300e060355040b1307416e64726f69643110300e06035504031307416e64726f6964301e170d3038303832313233313333345a170d3336303130373233313333345a3074310b3009060355040613025553311330110603550408130a43616c69666f726e6961311630140603550407130d4d6f756e7461696e205669657731143012060355040a130b476f6f676c6520496e632e3110300e060355040b1307416e64726f69643110300e06035504031307416e64726f696430820120300d06092a864886f70d01010105000382010d00308201080282010100ab562e00d83ba208ae0a966f124e29da11f2ab56d08f58e2cca91303e9b754d372f640a71b1dcb130967624e4656a7776a92193db2e5bfb724a91e77188b0e6a47a43b33d9609b77183145ccdf7b2e586674c9e1565b1f4c6a5955bff251a63dabf9c55c27222252e875e4f8154a645f897168c0b1bfc612eabf785769bb34aa7984dc7e2ea2764cae8307d8c17154d7ee5f64a51a44a602c249054157dc02cd5f5c0e55fbef8519fbe327f0b1511692c5a06f19d18385f5c4dbc2d6b93f68cc2979c70e18ab93866b3bd5db8999552a0e3b4c99df58fb918bedc182ba35e003c1b4b10dd244a8ee24fffd333872ab5221985edab0fc0d0b145b6aa192858e79020103a381d93081d6301d0603551d0e04160414c77d8cc2211756259a7fd382df6be398e4d786a53081a60603551d2304819e30819b8014c77d8cc2211756259a7fd382df6be398e4d786a5a178a4763074310b3009060355040613025553311330110603550408130a43616c69666f726e6961311630140603550407130d4d6f756e7461696e205669657731143012060355040a130b476f6f676c6520496e632e3110300e060355040b1307416e64726f69643110300e06035504031307416e64726f6964820900c2e08746644a308d300c0603551d13040530030101ff300d06092a864886f70d010104050003820101006dd252ceef85302c360aaace939bcff2cca904bb5d7a1661f8ae46b2994204d0ff4a68c7ed1a531ec4595a623ce60763b167297a7ae35712c407f208f0cb109429124d7b106219c084ca3eb3f9ad5fb871ef92269a8be28bf16d44c8d9a08e6cb2f005bb3fe2cb96447e868e731076ad45b33f6009ea19c161e62641aa99271dfd5228c5c587875ddb7f452758d661f6cc0cccb7352e424cc4365c523532f7325137593c4ae341f4db41edda0d0b1071a7c440f0fe9ea01cb627ca674369d084bd2fd911ff06cdbf2cfa10dc0f893ae35762919048c7efc64c7144178342f70581c9de573af55b390dd7fdb9418631895d5f759f30112687ff621410c069308a";
++       // The signing key hash of official microG builds.
++        private static final String MICROG_HASH = "9BD06727E62796C0130EB6DAB39B73157451582CBD138E86C468ACC395D14165";
++        // List of packages which require signature spoofing.
++        private static final String[] MICROG_FAKE_SIGNATURE_PACKAGES = new String[] { "com.google.android.gms", "com.android.vending" };
++
++        private PackageInfo fakeSignature(AndroidPackage p, PackageInfo pi,
++                Set<String> permissions) {
++            String hash = p.getSigningDetails().getSha256Certificate();
++            try {
++                if (hash.equals(MICROG_HASH)) {
++                        pi.signatures = new Signature[] {new Signature(GOOGLE_CERT)};
++                        if (DEBUG_PACKAGE_INFO) {
++                            Log.v(TAG, "Spoofing signature for microG");
++                        }
++                }
++            } catch (Throwable t) {
++                Log.w("Unable to fake signature!", t);
++            }
++            return pi;
++        }
++
+         public final PackageInfo getPackageInfo(String packageName, int flags, int userId) {
+             return getPackageInfoInternal(packageName, PackageManager.VERSION_CODE_HIGHEST,
+                     flags, Binder.getCallingUid(), userId);

Patches/LineageOS-19.1/android_packages_apps_Settings/0016-signature_spoofing_toggle.patch

@@ -0,0 +1,172 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Tad <tad@spotco.us>
+Date: Wed, 20 Apr 2022 01:04:27 -0400
+Subject: [PATCH] Add a toggle to opt-in to restricted signature spoofing
+
+Copy and pasted from the GrapheneOS exec spawning toggle patch
+
+Change-Id: Ibea6ea9bed1c2ae3491f403d9e5c17c1d1c403f1
+Signed-off-by: Tad <tad@spotco.us>
+---
+ res/values/strings.xml                        |   3 +
+ res/xml/security_dashboard_settings.xml       |   6 +
+ .../settings/security/SecuritySettings.java   |   1 +
+ .../SigSpoofPreferenceController.java         | 106 ++++++++++++++++++
+ 4 files changed, 116 insertions(+)
+ create mode 100644 src/com/android/settings/security/SigSpoofPreferenceController.java
+
+diff --git a/res/values/strings.xml b/res/values/strings.xml
+index 67c47bc7b3..efab810360 100644
+--- a/res/values/strings.xml
++++ b/res/values/strings.xml
+@@ -13127,6 +13127,9 @@
+     <string name="hosts_disable_title">Disable DNS content blocker</string>
+     <string name="hosts_disable_summary">Disables use of the included /etc/hosts database for data collection and malware blocking.</string>
+ 
++    <string name="sig_spoof_title">microG enablement (not recommended)</string>
++    <string name="sig_spoof_summary">Allows official builds of microG apps to spoof the Google signature. Not supported, not recommended. May break apps and/or degrade their security model. Notes: 1) microG connects directly to Google, 2) microG can download/execute proprietary code from Google, 3) apps talking to microG do so using proprietary Google libraries.</string>
++
+     <!-- Title for the top level Privacy Settings [CHAR LIMIT=30]-->
+     <string name="privacy_dashboard_title">Privacy</string>
+     <!-- Summary for the top level Privacy Settings [CHAR LIMIT=NONE]-->
+diff --git a/res/xml/security_dashboard_settings.xml b/res/xml/security_dashboard_settings.xml
+index 011f6e1117..f5384fa104 100644
+--- a/res/xml/security_dashboard_settings.xml
++++ b/res/xml/security_dashboard_settings.xml
+@@ -81,6 +81,12 @@
+             android:summary="@string/hosts_disable_summary"
+             android:persistent="false" />
+ 
++        <SwitchPreference
++            android:key="sig_spoof"
++            android:title="@string/sig_spoof_title"
++            android:summary="@string/sig_spoof_summary"
++            android:persistent="false" />
++
+         <com.android.settingslib.RestrictedPreference
+             android:key="biometric_settings"
+             android:title="@string/security_settings_biometric_preference_title"
+diff --git a/src/com/android/settings/security/SecuritySettings.java b/src/com/android/settings/security/SecuritySettings.java
+index dbb9987f0c..0ac2ace282 100644
+--- a/src/com/android/settings/security/SecuritySettings.java
++++ b/src/com/android/settings/security/SecuritySettings.java
+@@ -126,6 +126,7 @@ public class SecuritySettings extends DashboardFragment {
+         securityPreferenceControllers.add(new ExecSpawnPreferenceController(context));
+         securityPreferenceControllers.add(new NativeDebugPreferenceController(context));
+         securityPreferenceControllers.add(new HostsPreferenceController(context));
++        securityPreferenceControllers.add(new SigSpoofPreferenceController(context));
+         controllers.add(new PreferenceCategoryController(context, SECURITY_CATEGORY)
+                 .setChildren(securityPreferenceControllers));
+         controllers.addAll(securityPreferenceControllers);
+diff --git a/src/com/android/settings/security/SigSpoofPreferenceController.java b/src/com/android/settings/security/SigSpoofPreferenceController.java
+new file mode 100644
+index 0000000000..258b59b0b0
+--- /dev/null
++++ b/src/com/android/settings/security/SigSpoofPreferenceController.java
+@@ -0,0 +1,106 @@
++/*
++ * Copyright (C) 2022 The Android Open Source Project
++ *
++ * Licensed under the Apache License, Version 2.0 (the "License");
++ * you may not use this file except in compliance with the License.
++ * You may obtain a copy of the License at
++ *
++ *      http://www.apache.org/licenses/LICENSE-2.0
++ *
++ * Unless required by applicable law or agreed to in writing, software
++ * distributed under the License is distributed on an "AS IS" BASIS,
++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
++ * See the License for the specific language governing permissions and
++ * limitations under the License
++ */
++
++package com.android.settings.security;
++
++import android.content.Context;
++
++import android.os.UserHandle;
++import android.os.UserManager;
++import android.os.SystemProperties;
++
++import android.provider.Settings;
++
++import androidx.preference.Preference;
++import androidx.preference.PreferenceCategory;
++import androidx.preference.PreferenceGroup;
++import androidx.preference.PreferenceScreen;
++import androidx.preference.TwoStatePreference;
++import androidx.preference.SwitchPreference;
++
++import com.android.internal.widget.LockPatternUtils;
++import com.android.settings.core.PreferenceControllerMixin;
++import com.android.settingslib.core.AbstractPreferenceController;
++import com.android.settingslib.core.lifecycle.events.OnResume;
++
++public class SigSpoofPreferenceController extends AbstractPreferenceController
++        implements PreferenceControllerMixin, OnResume, Preference.OnPreferenceChangeListener {
++
++    private static final String SYS_KEY_SIG_SPOOF_ENABLE = "persist.security.sigspoof";
++    private static final String PREF_KEY_SIG_SPOOF_ENABLE = "sig_spoof";
++    private static final String PREF_KEY_SECURITY_CATEGORY = "security_category";
++
++    private PreferenceCategory mSecurityCategory;
++    private SwitchPreference mSigSpoofEnable;
++    private boolean mIsAdmin;
++    private UserManager mUm;
++
++    public SigSpoofPreferenceController(Context context) {
++        super(context);
++        mUm = UserManager.get(context);
++    }
++
++    @Override
++    public void displayPreference(PreferenceScreen screen) {
++        super.displayPreference(screen);
++        mSecurityCategory = screen.findPreference(PREF_KEY_SECURITY_CATEGORY);
++        updatePreferenceState();
++    }
++
++    @Override
++    public boolean isAvailable() {
++        mIsAdmin = mUm.isAdminUser();
++        return mIsAdmin;
++    }
++
++    @Override
++    public String getPreferenceKey() {
++        return PREF_KEY_SIG_SPOOF_ENABLE;
++    }
++
++    // TODO: should we use onCreatePreferences() instead?
++    private void updatePreferenceState() {
++        if (mSecurityCategory == null) {
++            return;
++        }
++
++        if (mIsAdmin) {
++            mSigSpoofEnable = (SwitchPreference) mSecurityCategory.findPreference(PREF_KEY_SIG_SPOOF_ENABLE);
++            mSigSpoofEnable.setChecked(SystemProperties.getInt(SYS_KEY_SIG_SPOOF_ENABLE, 0) == 1);
++        } else {
++            mSecurityCategory.removePreference(mSecurityCategory.findPreference(PREF_KEY_SIG_SPOOF_ENABLE));
++        }
++    }
++
++    @Override
++    public void onResume() {
++        updatePreferenceState();
++        if (mSigSpoofEnable != null) {
++                boolean mode = mSigSpoofEnable.isChecked();
++                SystemProperties.set(SYS_KEY_SIG_SPOOF_ENABLE, mode ? "1" : "0");
++        }
++    }
++
++    @Override
++    public boolean onPreferenceChange(Preference preference, Object value) {
++        final String key = preference.getKey();
++        if (PREF_KEY_SIG_SPOOF_ENABLE.equals(key)) {
++            final boolean mode = !mSigSpoofEnable.isChecked();
++            SystemProperties.set(SYS_KEY_SIG_SPOOF_ENABLE, mode ? "1" : "0");
++        }
++        return true;
++    }
++}

Patches/LineageOS-20.0/android_frameworks_base/0036-Hardened-signature-spoofing.patch

@@ -85,8 +85,8 @@ index a01ec67630de..0b9ab8c1166c 100644
      <string-array name="config_locationProviderPackageNames" translatable="false">
          <!-- The standard AOSP fused location provider -->
          <item>com.android.location.fused</item>
-+        <!-- The (faked) microg fused location provider (a free reimplementation) -->
-+        <item>com.google.android.gms</item>
++        <!-- The (faked) microg fused location provider (a free reimplementation)
++        <item>com.google.android.gms</item> -->
      </string-array>
  
      <!-- Package name(s) of Advanced Driver Assistance applications. These packages have additional

Patches/LineageOS-20.0/android_packages_apps_Settings/0016-signature_spoofing_toggle.patch

@@ -23,7 +23,7 @@ index 6e619cc2c4..0677bede10 100644
      <string name="hosts_disable_title">Disable DNS content blocker</string>
      <string name="hosts_disable_summary">Disables use of the included /etc/hosts database for data collection and malware blocking.</string>
  
-+    <string name="sig_spoof_title">Allow microG</string>
++    <string name="sig_spoof_title">microG enablement (not recommended)</string>
 +    <string name="sig_spoof_summary">Allows official builds of microG apps to spoof the Google signature. Not supported, not recommended. May break apps and/or degrade their security model. Notes: 1) microG connects directly to Google, 2) microG can download/execute proprietary code from Google, 3) apps talking to microG do so using proprietary Google libraries.</string>
 +
      <!-- Text shown for the title of the lock when trust lost option [CHAR LIMIT=40] -->

Scripts/LineageOS-17.1/Patch.sh

@@ -177,6 +177,7 @@ applyPatch "$DOS_PATCHES/android_frameworks_base/0017-WiFi_Timeout.patch"; #Time
 if [ "$DOS_GRAPHENE_CONSTIFY" = true ]; then applyPatch "$DOS_PATCHES/android_frameworks_base/0018-constify_JNINativeMethod.patch"; fi; #Constify JNINativeMethod tables (GrapheneOS)
 applyPatch "$DOS_PATCHES/android_frameworks_base/0019-Random_MAC.patch"; #Add option of always randomizing MAC addresses (GrapheneOS)
 applyPatch "$DOS_PATCHES/android_frameworks_base/0020-SUPL_Toggle.patch"; #Add a setting for forcibly disabling SUPL (GrapheneOS)
+if [ "$DOS_MICROG_SUPPORT" = true ]; then applyPatch "$DOS_PATCHES/android_frameworks_base/0021-Hardened-signature-spoofing.patch"; fi; #Hardened signature spoofing ability (DivestOS)
 applyPatch "$DOS_PATCHES_COMMON/android_frameworks_base/0006-Do-not-throw-in-setAppOnInterfaceLocked.patch"; #Fix random reboots on broken kernels when an app has data restricted XXX: ugly (DivestOS)
 applyPatch "$DOS_PATCHES_COMMON/android_frameworks_base/0007-ABI_Warning.patch"; #Warn when running activity from 32 bit app on ARM64 devices. (AOSP)
 applyPatch "$DOS_PATCHES_COMMON/android_frameworks_base/0008-No_Crash_GSF.patch"; #Don't crash apps that depend on missing Gservices provider (GrapheneOS)
@@ -321,6 +322,7 @@ applyPatch "$DOS_PATCHES/android_packages_apps_Settings/0010-Random_MAC-2.patch"
 applyPatch "$DOS_PATCHES/android_packages_apps_Settings/0011-LTE_Only_Mode.patch"; #Add LTE-only option (GrapheneOS)
 applyPatch "$DOS_PATCHES/android_packages_apps_Settings/0012-hosts_toggle.patch"; #Add a toggle to disable /etc/hosts lookup (heavily based off of a GrapheneOS patch)
 applyPatch "$DOS_PATCHES/android_packages_apps_Settings/0013-SUPL_Toggle.patch"; #Add a toggle for forcibly disabling SUPL (GrapheneOS)
+if [ "$DOS_MICROG_SUPPORT" = true ]; then applyPatch "$DOS_PATCHES/android_packages_apps_Settings/0014-signature_spoofing_toggle.patch"; fi; #Add a toggle to opt-in to restricted signature spoofing (heavily based off of a GrapheneOS patch)
 sed -i 's/private int mPasswordMaxLength = 16;/private int mPasswordMaxLength = 64;/' src/com/android/settings/password/ChooseLockPassword.java; #Increase default max password length to 64 (GrapheneOS)
 sed -i 's/if (isFullDiskEncrypted()) {/if (false) {/' src/com/android/settings/accessibility/*AccessibilityService*.java; #Never disable secure start-up when enabling an accessibility service
 fi;

Scripts/LineageOS-18.1/Patch.sh

@@ -165,6 +165,7 @@ applyPatch "$DOS_PATCHES/android_frameworks_base/0020-Burnin_Protection.patch";
 applyPatch "$DOS_PATCHES/android_frameworks_base/0021-SUPL_Toggle.patch"; #Add a setting for forcibly disabling SUPL (GrapheneOS)
 applyPatch "$DOS_PATCHES/android_frameworks_base/0022-Allow_Disabling_NTP.patch"; #Dont ping ntp server when nitz time update is toggled off (GrapheneOS)
 applyPatch "$DOS_PATCHES/android_frameworks_base/0023-System_JobScheduler_Allowance.patch"; #DeviceIdleJobsController: don't ignore whitelisted system apps (GrapheneOS)
+if [ "$DOS_MICROG_SUPPORT" = true ]; then applyPatch "$DOS_PATCHES/android_frameworks_base/0024-Hardened-signature-spoofing.patch"; fi; #Hardened signature spoofing ability (DivestOS)
 applyPatch "$DOS_PATCHES_COMMON/android_frameworks_base/0006-Do-not-throw-in-setAppOnInterfaceLocked.patch"; #Fix random reboots on broken kernels when an app has data restricted XXX: ugly (DivestOS)
 applyPatch "$DOS_PATCHES_COMMON/android_frameworks_base/0007-ABI_Warning.patch"; #Warn when running activity from 32 bit app on ARM64 devices. (AOSP)
 applyPatch "$DOS_PATCHES_COMMON/android_frameworks_base/0008-No_Crash_GSF.patch"; #Don't crash apps that depend on missing Gservices provider (GrapheneOS)
@@ -328,6 +329,7 @@ applyPatch "$DOS_PATCHES/android_packages_apps_Settings/0013-LTE_Only_Mode-1.pat
 applyPatch "$DOS_PATCHES/android_packages_apps_Settings/0013-LTE_Only_Mode-2.patch"; #Show preferred network options no matter the carrier configuration (GrapheneOS)
 applyPatch "$DOS_PATCHES/android_packages_apps_Settings/0013-LTE_Only_Mode-3.patch"; #Add LTE only entry when carrier enables world mode (GrapheneOS)
 applyPatch "$DOS_PATCHES/android_packages_apps_Settings/0014-SUPL_Toggle.patch"; #Add a toggle for forcibly disabling SUPL (GrapheneOS)
+if [ "$DOS_MICROG_SUPPORT" = true ]; then applyPatch "$DOS_PATCHES/android_packages_apps_Settings/0015-signature_spoofing_toggle.patch"; fi; #Add a toggle to opt-in to restricted signature spoofing (heavily based off of a GrapheneOS patch)
 sed -i 's/if (isFullDiskEncrypted()) {/if (false) {/' src/com/android/settings/accessibility/*AccessibilityService*.java; #Never disable secure start-up when enabling an accessibility service
 fi;
 

Scripts/LineageOS-19.1/Patch.sh

@@ -175,6 +175,7 @@ applyPatch "$DOS_PATCHES/android_frameworks_base/0027-appops_reset_fix-2.patch";
 applyPatch "$DOS_PATCHES/android_frameworks_base/0028-SUPL_Toggle.patch"; #Add a setting for forcibly disabling SUPL (GrapheneOS)
 applyPatch "$DOS_PATCHES/android_frameworks_base/0029-Allow_Disabling_NTP.patch"; #Dont ping ntp server when nitz time update is toggled off (GrapheneOS)
 applyPatch "$DOS_PATCHES/android_frameworks_base/0030-System_JobScheduler_Allowance.patch"; #DeviceIdleJobsController: don't ignore whitelisted system apps (GrapheneOS)
+if [ "$DOS_MICROG_SUPPORT" = true ]; then applyPatch "$DOS_PATCHES/android_frameworks_base/0031-Hardened-signature-spoofing.patch"; fi; #Hardened signature spoofing ability (DivestOS)
 applyPatch "$DOS_PATCHES_COMMON/android_frameworks_base/0007-ABI_Warning.patch"; #Warn when running activity from 32 bit app on ARM64 devices. (AOSP)
 applyPatch "$DOS_PATCHES_COMMON/android_frameworks_base/0008-No_Crash_GSF.patch"; #Don't crash apps that depend on missing Gservices provider (GrapheneOS)
 hardenLocationConf services/core/java/com/android/server/location/gnss/gps_debug.conf; #Harden the default GPS config
@@ -304,6 +305,7 @@ applyPatch "$DOS_PATCHES/android_packages_apps_Settings/0012-hosts_toggle.patch"
 applyPatch "$DOS_PATCHES/android_packages_apps_Settings/0013-Captive_Portal_Toggle.patch"; #Add option to disable captive portal checks (GrapheneOS)
 applyPatch "$DOS_PATCHES/android_packages_apps_Settings/0014-LTE_Only_Mode.patch"; #Add LTE only setting (GrapheneOS)
 applyPatch "$DOS_PATCHES/android_packages_apps_Settings/0015-SUPL_Toggle.patch"; #Add a toggle for forcibly disabling SUPL (GrapheneOS)
+if [ "$DOS_MICROG_SUPPORT" = true ]; then applyPatch "$DOS_PATCHES/android_packages_apps_Settings/0016-signature_spoofing_toggle.patch"; fi; #Add a toggle to opt-in to restricted signature spoofing (heavily based off of a GrapheneOS patch)
 sed -i 's/if (isFullDiskEncrypted()) {/if (false) {/' src/com/android/settings/accessibility/*AccessibilityService*.java; #Never disable secure start-up when enabling an accessibility service
 fi;