Git-Mirrors/DivestOS
1
0
Fork 0
mirror of https://github.com/Divested-Mobile/DivestOS-Build.git synced 2025-05-02 06:26:20 -04:00
Code Issues Projects Releases Packages Wiki Activity

Remove User-Agent (and serial) from source built libloc

Browse source 
Signed-off-by: Tad <tad@spotco.us>
This commit is contained in:
Tad 2023-05-05 22:25:47 -04:00
parent 14c191ffb5
commit 6d2a255eef
No known key found for this signature in database
GPG key ID: B286E9F57A07424B
8 changed files with 21 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

17
Scripts/Common/Functions.sh
View file

@ -492,13 +492,24 @@ volteOverride() {
}
export -f volteOverride;
hardenLocationSepolicy() {
#Prevent Qualcomm location stack from reading chipset serial number
hardenLocationSerials() {
#Prevent Qualcomm location stack from sending chipset serial number
#Devices using blob xtra-daemon (which Deblob.sh removes)
find device -name "hal_gnss*.te" -type f -exec sh -c "awk -i inplace '!/sysfs_soc/' {}" \;
find device -name "location.te" -type f -exec sh -c "awk -i inplace '!/sysfs_soc/' {}" \;
#Devices using source built libloc, these ones typically have broad /sys access
## Null out the User-Agent header
find device -name "LocEngAdapter.cpp" -type f -exec sh -c "sed -i 's/userAgent, strlen(userAgent)/\"-\", 1/' {}" \;
find hardware -name "LocEngAdapter.cpp" -type f -exec sh -c "sed -i 's/userAgent, strlen(userAgent)/\"-\", 1/' {}" \;
## Prevent reading the serial number
find device -name "LocEngAdapter.cpp" -type f -exec sh -c "sed -i 's|soc0/serial_number|soc0/invalid|' {}" \;
find hardware -name "LocEngAdapter.cpp" -type f -exec sh -c "sed -i 's|soc0/serial_number|soc0/invalid|' {}" \;
echo "Removed serial number access to Qualcomm location stacks";
}
export -f hardenLocationSepolicy;
export -f hardenLocationSerials;
hardenLocationConf() {
local gpsConfig=$1;