Git-Mirrors/DivestOS
1
0
Fork 0
mirror of https://github.com/Divested-Mobile/DivestOS-Build.git synced 2025-05-02 06:26:20 -04:00
Code Issues Projects Releases Packages Wiki Activity

Fixup the sensors permission patches on 7, 8, and 9.

Browse source 
Switch these patches to MODE_ALLOWED from MODE_ASK to fix breakage
of system services.

Also remove some code that adds a likely security issue.

Will need some extra regression testing.

Signed-off-by: Tad <tad@spotco.us>
This commit is contained in:
Tad 2021-11-04 09:44:00 -04:00
parent f7295a0f74
commit 621441349e
11 changed files with 27 additions and 184 deletions
Download patch file Download diff file Expand all files Collapse all files

2
Scripts/LineageOS-14.1/Patch.sh
View file

@ -105,8 +105,6 @@ applyPatch "$DOS_PATCHES/android_frameworks_base/0008-Disable_Analytics.patch";
applyPatch "$DOS_PATCHES_COMMON/android_frameworks_base/0001-Browser_No_Location.patch"; #Don't grant location permission to system browsers (GrapheneOS)
applyPatch "$DOS_PATCHES_COMMON/android_frameworks_base/0003-SUPL_No_IMSI.patch"; #Don't send IMSI to SUPL (MSe1969)
applyPatch "$DOS_PATCHES/android_frameworks_base/0009-Sensors-P1.patch"; #Permission for sensors access (MSe1969)
applyPatch "$DOS_PATCHES/android_frameworks_base/0009-Sensors-P2.patch";
applyPatch "$DOS_PATCHES/android_frameworks_base/0009-Sensors-P3.patch";
if [ "$DOS_MICROG_INCLUDED" = "FULL" ]; then applyPatch "$DOS_PATCHES/android_frameworks_base/0003-Signature_Spoofing.patch"; fi; #Allow packages to spoof their signature (microG)
if [ "$DOS_MICROG_INCLUDED" = "FULL" ]; then applyPatch "$DOS_PATCHES/android_frameworks_base/0005-Harden_Sig_Spoofing.patch"; fi; #Restrict signature spoofing to system apps signed with the platform key
hardenLocationFWB "$DOS_BUILD_BASE"; #Harden the default GPS config

4
Scripts/LineageOS-15.1/Patch.sh
View file

@ -291,9 +291,9 @@ if enterAndClear "device/lge/msm8996-common"; then
sed -i '3itypeattribute hwaddrs misc_block_device_exception;' sepolicy/hwaddrs.te;
fi;
if enterAndClear "device/moto/shamu"; then
#if enterAndClear "device/moto/shamu"; then
#git revert --no-edit 05fb49518049440f90423341ff25d4f75f10bc0c; #restore releasetools #TODO
fi;
#fi;
if enterAndClear "device/oneplus/oneplus2"; then
sed -i 's|etc/permissions/qti_libpermissions.xml|vendor/etc/permissions/qti_libpermissions.xml|' proprietary-files.txt; #Fix outdated path

1
Scripts/LineageOS-18.1/Functions.sh
View file

@ -133,6 +133,7 @@ patchWorkspace() {
#source build/envsetup.sh;
#repopick -it eleven-firewall;
#repopick -it R_tzdb2021a1;
#repopick -it R_asb_2021-11; #TODO: needs cherrypicks too
sh "$DOS_SCRIPTS/Patch.sh";
sh "$DOS_SCRIPTS_COMMON/Enable_Verity.sh";