mirror of
https://github.com/Divested-Mobile/DivestOS-Build.git
synced 2024-10-01 01:35:54 -04:00
Broken EUICC handling
Signed-off-by: Tad <tad@spotco.us>
This commit is contained in:
parent
196dfddf63
commit
7ef5d9a9c4
@ -52,9 +52,9 @@
|
|||||||
<!-- GrapheneOS -->
|
<!-- GrapheneOS -->
|
||||||
<project path="external/hardened_malloc" name="GrapheneOS/hardened_malloc" remote="github" revision="d3152b8e8ff5070f69e7c991d34f32a429e6a894" />
|
<project path="external/hardened_malloc" name="GrapheneOS/hardened_malloc" remote="github" revision="d3152b8e8ff5070f69e7c991d34f32a429e6a894" />
|
||||||
|
|
||||||
<!-- OpenEUICC -->
|
<!-- OpenEUICC
|
||||||
<project path="packages/apps/OpenEUICC" name="PeterCxy/OpenEUICC" remote="angry" revision="6add8c89ac141f177cd8d124a0a955232f4222f9" />
|
<project path="packages/apps/OpenEUICC" name="PeterCxy/OpenEUICC" remote="angry" revision="6add8c89ac141f177cd8d124a0a955232f4222f9" />
|
||||||
<project path="prebuilts/openeuicc-deps" name="PeterCxy/android_prebuilts_openeuicc-deps" remote="angry" revision="55f3e2c7ab26484f7478b26540fa14392d0c2cd7" />
|
<project path="prebuilts/openeuicc-deps" name="PeterCxy/android_prebuilts_openeuicc-deps" remote="angry" revision="55f3e2c7ab26484f7478b26540fa14392d0c2cd7" /> -->
|
||||||
<!-- END OF ADDITIONAL REPOS -->
|
<!-- END OF ADDITIONAL REPOS -->
|
||||||
|
|
||||||
<!-- START OF DEVICE REPOS -->
|
<!-- START OF DEVICE REPOS -->
|
||||||
|
@ -13,6 +13,11 @@ PRODUCT_PACKAGES += \
|
|||||||
# OpenCamera
|
# OpenCamera
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
#ifneq ($(filter crosshatch blueline bonito sargo coral flame sunfish barbet redfin bluejay oriole raven panther cheetah FP4,$(TARGET_DEVICE)),)
|
||||||
|
#PRODUCT_PACKAGES += \
|
||||||
|
# OpenEUICC
|
||||||
|
#endif
|
||||||
|
|
||||||
# Extras
|
# Extras
|
||||||
PRODUCT_PACKAGES += \
|
PRODUCT_PACKAGES += \
|
||||||
TalkBack \
|
TalkBack \
|
||||||
|
@ -8,10 +8,10 @@ Subject: [PATCH] reject updates with serialno constraints
|
|||||||
1 file changed, 2 insertions(+), 14 deletions(-)
|
1 file changed, 2 insertions(+), 14 deletions(-)
|
||||||
|
|
||||||
diff --git a/install/install.cpp b/install/install.cpp
|
diff --git a/install/install.cpp b/install/install.cpp
|
||||||
index 61bab17b..e14cbf50 100644
|
index 11a6b3ff..8dd647be 100644
|
||||||
--- a/install/install.cpp
|
--- a/install/install.cpp
|
||||||
+++ b/install/install.cpp
|
+++ b/install/install.cpp
|
||||||
@@ -221,22 +221,10 @@ bool CheckPackageMetadata(const std::map<std::string, std::string>& metadata, Ot
|
@@ -223,22 +223,10 @@ bool CheckPackageMetadata(const std::map<std::string, std::string>& metadata, Ot
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -0,0 +1,54 @@
|
|||||||
|
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Oliver Scott <olivercscott@gmail.com>
|
||||||
|
Date: Wed, 17 May 2023 15:42:52 -0400
|
||||||
|
Subject: [PATCH] Filter select package queries for GMS
|
||||||
|
|
||||||
|
Bit of a hack to pretend that microG is not available,
|
||||||
|
to make apps work
|
||||||
|
|
||||||
|
[tad@spotco.us]: adjusted package list
|
||||||
|
Change-Id: Ic5ddb78b1014ce567d1a5c57fc79f79edd1154c0
|
||||||
|
|
||||||
|
Change-Id: I7969470baa125eef349e82808b0d6e643e344c8b
|
||||||
|
---
|
||||||
|
.../java/com/android/server/pm/AppsFilterBase.java | 13 +++++++++++++
|
||||||
|
1 file changed, 13 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/services/core/java/com/android/server/pm/AppsFilterBase.java b/services/core/java/com/android/server/pm/AppsFilterBase.java
|
||||||
|
index 01252c48081e..07746236320e 100644
|
||||||
|
--- a/services/core/java/com/android/server/pm/AppsFilterBase.java
|
||||||
|
+++ b/services/core/java/com/android/server/pm/AppsFilterBase.java
|
||||||
|
@@ -37,6 +37,7 @@ import android.util.Slog;
|
||||||
|
import android.util.SparseArray;
|
||||||
|
|
||||||
|
import com.android.internal.annotations.VisibleForTesting;
|
||||||
|
+import com.android.internal.util.ArrayUtils;
|
||||||
|
import com.android.internal.util.function.QuadFunction;
|
||||||
|
import com.android.server.om.OverlayReferenceMapper;
|
||||||
|
import com.android.server.pm.parsing.pkg.AndroidPackage;
|
||||||
|
@@ -64,6 +65,9 @@ import java.util.concurrent.atomic.AtomicBoolean;
|
||||||
|
public abstract class AppsFilterBase implements AppsFilterSnapshot {
|
||||||
|
protected static final String TAG = "AppsFilter";
|
||||||
|
|
||||||
|
+ private static final String GMS = "com.google.android.gms";
|
||||||
|
+ private static final String[] GMS_HIDDEN_PACKAGES = { "com.google.euiccpixel" };
|
||||||
|
+
|
||||||
|
// Logs all filtering instead of enforcing
|
||||||
|
protected static final boolean DEBUG_ALLOW_ALL = false;
|
||||||
|
protected static final boolean DEBUG_LOGGING = false;
|
||||||
|
@@ -496,6 +500,15 @@ public abstract class AppsFilterBase implements AppsFilterSnapshot {
|
||||||
|
if (DEBUG_LOGGING) {
|
||||||
|
log(callingSetting, targetPkgSetting, "force queryable");
|
||||||
|
}
|
||||||
|
+ if (GMS.equals(targetPkgSetting.getPackageName())
|
||||||
|
+ && callingPkgSetting != null) {
|
||||||
|
+ // HACK: Hide GMS from these packages
|
||||||
|
+ // Breaks login but makes them work
|
||||||
|
+ if (ArrayUtils.contains(GMS_HIDDEN_PACKAGES,
|
||||||
|
+ callingPkgSetting.getPackageName())) {
|
||||||
|
+ return true;
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
} finally {
|
@ -0,0 +1,24 @@
|
|||||||
|
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Dmitry Muhomor <muhomor.dmitry@gmail.com>
|
||||||
|
Date: Sun, 19 Mar 2023 17:57:26 +0200
|
||||||
|
Subject: [PATCH] do not auto-grant Camera permission to the eUICC LPA UI app
|
||||||
|
|
||||||
|
Google's LPA that is shipped on GrapheneOS handles requesting the Camera permission at runtime,
|
||||||
|
which allows the user to give it a one-time grant.
|
||||||
|
---
|
||||||
|
.../server/pm/permission/DefaultPermissionGrantPolicy.java | 2 --
|
||||||
|
1 file changed, 2 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/services/core/java/com/android/server/pm/permission/DefaultPermissionGrantPolicy.java b/services/core/java/com/android/server/pm/permission/DefaultPermissionGrantPolicy.java
|
||||||
|
index 0443d19ba1d4..39608dcc9ccb 100644
|
||||||
|
--- a/services/core/java/com/android/server/pm/permission/DefaultPermissionGrantPolicy.java
|
||||||
|
+++ b/services/core/java/com/android/server/pm/permission/DefaultPermissionGrantPolicy.java
|
||||||
|
@@ -1060,8 +1060,6 @@ final class DefaultPermissionGrantPolicy {
|
||||||
|
|
||||||
|
public void grantDefaultPermissionsToActiveLuiApp(String packageName, int userId) {
|
||||||
|
Log.i(TAG, "Granting permissions to active LUI app for user:" + userId);
|
||||||
|
- grantSystemFixedPermissionsToSystemPackage(NO_PM_CACHE, packageName, userId,
|
||||||
|
- CAMERA_PERMISSIONS);
|
||||||
|
}
|
||||||
|
|
||||||
|
public void revokeDefaultPermissionsFromLuiApps(String[] packageNames, int userId) {
|
@ -287,12 +287,14 @@ echo "Deblobbing...";
|
|||||||
#eUICC (Virtual SIM) [Google]
|
#eUICC (Virtual SIM) [Google]
|
||||||
if [ "$DOS_DEBLOBBER_REMOVE_IMS" = true ] || [ "$DOS_DEBLOBBER_REMOVE_EUICC" = true ]; then
|
if [ "$DOS_DEBLOBBER_REMOVE_IMS" = true ] || [ "$DOS_DEBLOBBER_REMOVE_EUICC" = true ]; then
|
||||||
blobs=$blobs"|EuiccGoogle.apk|EuiccGoogleOverlay.apk"; #Google LPAD
|
blobs=$blobs"|EuiccGoogle.apk|EuiccGoogleOverlay.apk"; #Google LPAD
|
||||||
blobs=$blobs"|EuiccSupportPixel.apk|EuiccSupportPixelPermissions.apk"; #Hardware support
|
|
||||||
blobs=$blobs"|esim0.img|esim-v1.img|esim-full-v0.img|esim-a1.img|esim-a2.img"; #Firmware
|
|
||||||
blobs=$blobs"|com.google.euiccpixel.xml|com.google.euiccpixel.permissions.xml"; #Permissions
|
|
||||||
makes=$makes"|android.hardware.telephony.euicc.*"; #Manifests
|
|
||||||
makes=$makes"|GoogleParts"; #Disables apps if GMS is not available
|
makes=$makes"|GoogleParts"; #Disables apps if GMS is not available
|
||||||
#overlay=$overlay"|config_telephonyEuiccDeviceCapabilities"; #TODO handle multiple lines
|
#overlay=$overlay"|config_telephonyEuiccDeviceCapabilities"; #TODO handle multiple lines
|
||||||
|
if [ "$DOS_DEBLOBBER_REMOVE_EUICC_FULL" = true ]; then
|
||||||
|
blobs=$blobs"|EuiccSupportPixel.apk|EuiccSupportPixelPermissions.apk"; #Hardware support
|
||||||
|
blobs=$blobs"|esim0.img|esim-v1.img|esim-full-v0.img|esim-a1.img|esim-a2.img"; #Firmware
|
||||||
|
blobs=$blobs"|com.google.euiccpixel.xml|com.google.euiccpixel.permissions.xml"; #Permissions
|
||||||
|
makes=$makes"|android.hardware.telephony.euicc.*"; #Manifests
|
||||||
|
fi;
|
||||||
fi;
|
fi;
|
||||||
|
|
||||||
#Google Camera
|
#Google Camera
|
||||||
|
@ -182,7 +182,11 @@ applyPatch "$DOS_PATCHES/android_frameworks_base/0032-SUPL_Toggle.patch"; #Add a
|
|||||||
applyPatch "$DOS_PATCHES/android_frameworks_base/0033-Ugly_Orbot_Workaround.patch"; #Always add Briar and Tor Browser to Orbot's lockdown allowlist (CalyxOS)
|
applyPatch "$DOS_PATCHES/android_frameworks_base/0033-Ugly_Orbot_Workaround.patch"; #Always add Briar and Tor Browser to Orbot's lockdown allowlist (CalyxOS)
|
||||||
applyPatch "$DOS_PATCHES/android_frameworks_base/0034-Allow_Disabling_NTP.patch"; #Dont ping ntp server when nitz time update is toggled off (GrapheneOS)
|
applyPatch "$DOS_PATCHES/android_frameworks_base/0034-Allow_Disabling_NTP.patch"; #Dont ping ntp server when nitz time update is toggled off (GrapheneOS)
|
||||||
applyPatch "$DOS_PATCHES/android_frameworks_base/0035-System_JobScheduler_Allowance.patch"; #DeviceIdleJobsController: don't ignore whitelisted system apps (GrapheneOS)
|
applyPatch "$DOS_PATCHES/android_frameworks_base/0035-System_JobScheduler_Allowance.patch"; #DeviceIdleJobsController: don't ignore whitelisted system apps (GrapheneOS)
|
||||||
if [ "$DOS_MICROG_SUPPORT" = true ]; then applyPatch "$DOS_PATCHES/android_frameworks_base/0036-Unprivileged_microG_Handling.patch"; fi; #Unprivileged microG handling (heavily based off of a CalyxOS patch)
|
if [ "$DOS_MICROG_SUPPORT" = true ]; then
|
||||||
|
applyPatch "$DOS_PATCHES/android_frameworks_base/0036-Unprivileged_microG_Handling.patch"; #Unprivileged microG handling (heavily based off of a CalyxOS patch)
|
||||||
|
applyPatch "$DOS_PATCHES/android_frameworks_base/0037-filter-gms.patch"; #Filter select package queries for GMS (CalyxOS)
|
||||||
|
fi;
|
||||||
|
applyPatch "$DOS_PATCHES/android_frameworks_base/0038-no-camera-lpad.patch"; #Do not auto-grant Camera permission to the eUICC LPA UI app (GrapheneOS)
|
||||||
applyPatch "$DOS_PATCHES_COMMON/android_frameworks_base/0008-No_Crash_GSF.patch"; #Don't crash apps that depend on missing Gservices provider (GrapheneOS)
|
applyPatch "$DOS_PATCHES_COMMON/android_frameworks_base/0008-No_Crash_GSF.patch"; #Don't crash apps that depend on missing Gservices provider (GrapheneOS)
|
||||||
hardenLocationConf services/core/java/com/android/server/location/gnss/gps_debug.conf; #Harden the default GPS config
|
hardenLocationConf services/core/java/com/android/server/location/gnss/gps_debug.conf; #Harden the default GPS config
|
||||||
sed -i 's/DEFAULT_USE_COMPACTION = false;/DEFAULT_USE_COMPACTION = true;/' services/core/java/com/android/server/am/CachedAppOptimizer.java; #Enable app compaction by default (GrapheneOS)
|
sed -i 's/DEFAULT_USE_COMPACTION = false;/DEFAULT_USE_COMPACTION = true;/' services/core/java/com/android/server/am/CachedAppOptimizer.java; #Enable app compaction by default (GrapheneOS)
|
||||||
@ -427,6 +431,7 @@ sed -i 's/OpenCamera/Aperture/' packages.mk; #Use the LineageOS camera app
|
|||||||
awk -i inplace '!/speed-profile/' build/target/product/lowram.mk; #breaks compile on some dexpreopt devices
|
awk -i inplace '!/speed-profile/' build/target/product/lowram.mk; #breaks compile on some dexpreopt devices
|
||||||
sed -i 's/wifi,cell/internet/' overlay/common/frameworks/base/packages/SystemUI/res/values/config.xml; #Use the modern quick tile
|
sed -i 's/wifi,cell/internet/' overlay/common/frameworks/base/packages/SystemUI/res/values/config.xml; #Use the modern quick tile
|
||||||
sed -i 's|system/etc|$(TARGET_COPY_OUT_PRODUCT)/etc|' divestos.mk;
|
sed -i 's|system/etc|$(TARGET_COPY_OUT_PRODUCT)/etc|' divestos.mk;
|
||||||
|
if [ "$DOS_DEBLOBBER_REMOVE_EUICC_FULL" = true ]; then sed -i 's/OpenEUICC/OpenInvalidEUICC/' packages.mk; fi; #Handle OpenEUICC inclusion
|
||||||
fi;
|
fi;
|
||||||
#
|
#
|
||||||
#END OF ROM CHANGES
|
#END OF ROM CHANGES
|
||||||
@ -553,6 +558,7 @@ enableLowRam "device/xiaomi/Mi8937" "Mi8937";
|
|||||||
[[ -d kernel/samsung/exynos9810 ]] && sed -i "s/CONFIG_RANDOMIZE_BASE=y/# CONFIG_RANDOMIZE_BASE is not set/" kernel/samsung/exynos9810/arch/arm64/configs/*_defconfig; #Breaks on compile
|
[[ -d kernel/samsung/exynos9810 ]] && sed -i "s/CONFIG_RANDOMIZE_BASE=y/# CONFIG_RANDOMIZE_BASE is not set/" kernel/samsung/exynos9810/arch/arm64/configs/*_defconfig; #Breaks on compile
|
||||||
[[ -d kernel/xiaomi/msm8937 ]] && sed -i "s/CONFIG_MITIGATE_SPECTRE_BRANCH_HISTORY=y/# CONFIG_MITIGATE_SPECTRE_BRANCH_HISTORY is not set/" kernel/xiaomi/msm8937/arch/arm64/configs/*_defconfig; #Breaks on compile
|
[[ -d kernel/xiaomi/msm8937 ]] && sed -i "s/CONFIG_MITIGATE_SPECTRE_BRANCH_HISTORY=y/# CONFIG_MITIGATE_SPECTRE_BRANCH_HISTORY is not set/" kernel/xiaomi/msm8937/arch/arm64/configs/*_defconfig; #Breaks on compile
|
||||||
|
|
||||||
|
if [ "$DOS_DEBLOBBER_REMOVE_EUICC_FULL" = false ]; then sed -i '/<privapp-permissions/a\ \ \ \ \ \ \ \ <deny-permission name="android.permission.INTERNET" \/>' vendor/*/*/proprietary/*/etc/permissions/com.google.euiccpixel.xml; fi; #Remove network permission
|
||||||
sed -i 's/^YYLTYPE yylloc;/extern YYLTYPE yylloc;/' kernel/*/*/scripts/dtc/dtc-lexer.l* || true; #Fix builds with GCC 10
|
sed -i 's/^YYLTYPE yylloc;/extern YYLTYPE yylloc;/' kernel/*/*/scripts/dtc/dtc-lexer.l* || true; #Fix builds with GCC 10
|
||||||
rm -v kernel/*/*/drivers/staging/greybus/tools/Android.mk || true;
|
rm -v kernel/*/*/drivers/staging/greybus/tools/Android.mk || true;
|
||||||
rm -v kernel/*/*/*/*/drivers/staging/greybus/tools/Android.mk || true;
|
rm -v kernel/*/*/*/*/drivers/staging/greybus/tools/Android.mk || true;
|
||||||
|
@ -47,7 +47,8 @@ export DOS_DEBLOBBER_REMOVE_DPM=true; #Set true to remove all DPM blobs #XXX: Ma
|
|||||||
export DOS_DEBLOBBER_REMOVE_DPP=false; #Set true to remove all Display Post Processing blobs #XXX: Breaks boot on select devices
|
export DOS_DEBLOBBER_REMOVE_DPP=false; #Set true to remove all Display Post Processing blobs #XXX: Breaks boot on select devices
|
||||||
export DOS_DEBLOBBER_REMOVE_FP=false; #Set true to remove all fingerprint reader blobs
|
export DOS_DEBLOBBER_REMOVE_FP=false; #Set true to remove all fingerprint reader blobs
|
||||||
export DOS_DEBLOBBER_REMOVE_GRAPHICS=false; #Set true to remove all graphics blobs and use SwiftShader CPU renderer #TODO: Needs work
|
export DOS_DEBLOBBER_REMOVE_GRAPHICS=false; #Set true to remove all graphics blobs and use SwiftShader CPU renderer #TODO: Needs work
|
||||||
export DOS_DEBLOBBER_REMOVE_EUICC=true; #Set true to remove all eUICC blobs
|
export DOS_DEBLOBBER_REMOVE_EUICC=true; #Set true to remove all Google eUICC blobs
|
||||||
|
export DOS_DEBLOBBER_REMOVE_EUICC_FULL=true; #Set true to remove all hardware eUICC blobs #TODO: needs work
|
||||||
export DOS_DEBLOBBER_REMOVE_IMS=false; #Set true to remove all IMS blobs #XXX: Carriers are phasing out 3G, making IMS mandatory for calls
|
export DOS_DEBLOBBER_REMOVE_IMS=false; #Set true to remove all IMS blobs #XXX: Carriers are phasing out 3G, making IMS mandatory for calls
|
||||||
export DOS_DEBLOBBER_REMOVE_IPA=false; #Set true to remove all IPA blobs
|
export DOS_DEBLOBBER_REMOVE_IPA=false; #Set true to remove all IPA blobs
|
||||||
export DOS_DEBLOBBER_REMOVE_IR=false; #Set true to remove all IR blobs
|
export DOS_DEBLOBBER_REMOVE_IR=false; #Set true to remove all IR blobs
|
||||||
|
Loading…
Reference in New Issue
Block a user