Churn

Signed-off-by: Tad <tad@spotco.us>

Patches/LineageOS-14.1/android_external_freetype/360899.patch

@@ -1,4 +1,4 @@
-From 82159c4fb4f274c5f0b21c987f44cb48cf3b28a3 Mon Sep 17 00:00:00 2001
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
 From: Werner Lemberg <wl@gnu.org>
 Date: Sat, 19 Mar 2022 06:40:17 +0100
 Subject: [PATCH] DO NOT MERGE - Cherry-pick two upstream changes

Patches/LineageOS-14.1/android_external_libnfc-nci/360898.patch

@@ -1,4 +1,4 @@
-From f73e2d95da050a0b08e3ed5ae8c04968e8297230 Mon Sep 17 00:00:00 2001
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
 From: Alisher Alikhodjaev <alisher@google.com>
 Date: Tue, 2 May 2023 14:20:57 -0700
 Subject: [PATCH] OOBW in rw_i93_send_to_upper()

Patches/LineageOS-14.1/android_frameworks_base/360893.patch

@@ -1,4 +1,4 @@
-From 2f780d815579ec2500046fadd4a3c7b09aa0bf62 Mon Sep 17 00:00:00 2001
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
 From: Lucas Lin <lucaslin@google.com>
 Date: Fri, 3 Mar 2023 08:13:50 +0000
 Subject: [PATCH] Sanitize VPN label to prevent HTML injection
@@ -30,7 +30,7 @@ Change-Id: Ieb148594d8e9a6505567f80d78810f687bb6e489
  2 files changed, 77 insertions(+), 5 deletions(-)
 
 diff --git a/packages/VpnDialogs/res/values/strings.xml b/packages/VpnDialogs/res/values/strings.xml
-index 406bcc34a1015..7389f765c717d 100644
+index 406bcc34a101..7389f765c717 100644
 --- a/packages/VpnDialogs/res/values/strings.xml
 +++ b/packages/VpnDialogs/res/values/strings.xml
 @@ -50,4 +50,33 @@
@@ -68,7 +68,7 @@ index 406bcc34a1015..7389f765c717d 100644
 +    </string>
  </resources>
 diff --git a/packages/VpnDialogs/src/com/android/vpndialogs/ConfirmDialog.java b/packages/VpnDialogs/src/com/android/vpndialogs/ConfirmDialog.java
-index 09339743db5c5..43d18df3a10dd 100644
+index 09339743db5c..43d18df3a10d 100644
 --- a/packages/VpnDialogs/src/com/android/vpndialogs/ConfirmDialog.java
 +++ b/packages/VpnDialogs/src/com/android/vpndialogs/ConfirmDialog.java
 @@ -42,10 +42,52 @@ public class ConfirmDialog extends AlertActivity
@@ -124,7 +124,7 @@ index 09339743db5c5..43d18df3a10dd 100644
      @Override
      protected void onCreate(Bundle savedInstanceState) {
          super.onCreate(savedInstanceState);
-@@ -68,15 +110,16 @@ protected void onCreate(Bundle savedInstanceState) {
+@@ -68,15 +110,16 @@ public class ConfirmDialog extends AlertActivity
              finish();
              return;
          }

Patches/LineageOS-14.1/android_frameworks_base/360894.patch

@@ -1,4 +1,4 @@
-From 0459c2c0db0c0187a8d9a3074534a34c1cbf2ccc Mon Sep 17 00:00:00 2001
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
 From: Michael Groover <mpgroover@google.com>
 Date: Fri, 31 Mar 2023 21:31:22 +0000
 Subject: [PATCH] Limit the number of supported v1 and v2 signers
@@ -22,7 +22,7 @@ Change-Id: I6aa86b615b203cdc69d58a593ccf8f18474ca091
  2 files changed, 21 insertions(+)
 
 diff --git a/core/java/android/util/apk/ApkSignatureSchemeV2Verifier.java b/core/java/android/util/apk/ApkSignatureSchemeV2Verifier.java
-index 78d3b7bf81d28..f4631c68832b2 100644
+index 78d3b7bf81d2..f4631c68832b 100644
 --- a/core/java/android/util/apk/ApkSignatureSchemeV2Verifier.java
 +++ b/core/java/android/util/apk/ApkSignatureSchemeV2Verifier.java
 @@ -79,6 +79,11 @@ public class ApkSignatureSchemeV2Verifier {
@@ -37,7 +37,7 @@ index 78d3b7bf81d28..f4631c68832b2 100644
      /**
       * Returns {@code true} if the provided APK contains an APK Signature Scheme V2 signature.
       *
-@@ -219,6 +224,11 @@ private static X509Certificate[][] verify(
+@@ -219,6 +224,11 @@ public class ApkSignatureSchemeV2Verifier {
          }
          while (signers.hasRemaining()) {
              signerCount++;
@@ -50,7 +50,7 @@ index 78d3b7bf81d28..f4631c68832b2 100644
                  ByteBuffer signer = getLengthPrefixedSlice(signers);
                  X509Certificate[] certs = verifySigner(signer, contentDigests, certFactory);
 diff --git a/core/java/android/util/jar/StrictJarVerifier.java b/core/java/android/util/jar/StrictJarVerifier.java
-index cb71ecc1da8b3..1ce078704be32 100644
+index cb71ecc1da8b..1ce078704be3 100644
 --- a/core/java/android/util/jar/StrictJarVerifier.java
 +++ b/core/java/android/util/jar/StrictJarVerifier.java
 @@ -70,6 +70,11 @@ class StrictJarVerifier {
@@ -65,7 +65,7 @@ index cb71ecc1da8b3..1ce078704be32 100644
      private final String jarName;
      private final StrictJarManifest manifest;
      private final HashMap<String, byte[]> metaEntries;
-@@ -285,10 +290,16 @@ synchronized boolean readCertificates() {
+@@ -285,10 +290,16 @@ class StrictJarVerifier {
              return false;
          }
  

Patches/LineageOS-14.1/android_frameworks_base/360895.patch

@@ -1,4 +1,4 @@
-From 303a97a99b75bae716c109b810e6bccb732483df Mon Sep 17 00:00:00 2001
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Andr=C3=A1s=20Kurucz?= <kurucz@google.com>
 Date: Fri, 21 Apr 2023 09:45:07 +0000
 Subject: [PATCH] Truncate ShortcutInfo Id
@@ -18,7 +18,7 @@ Change-Id: I2617de6f9e8a7dbfd8fbeff589a7d592f00d87c5
  2 files changed, 27 insertions(+), 3 deletions(-)
 
 diff --git a/core/java/android/content/pm/ShortcutInfo.java b/core/java/android/content/pm/ShortcutInfo.java
-index a854b899a82af..3ac20ff39327b 100644
+index a854b899a82a..3ac20ff39327 100644
 --- a/core/java/android/content/pm/ShortcutInfo.java
 +++ b/core/java/android/content/pm/ShortcutInfo.java
 @@ -128,6 +128,12 @@ public final class ShortcutInfo implements Parcelable {
@@ -44,7 +44,7 @@ index a854b899a82af..3ac20ff39327b 100644
  
          // Note we can't do other null checks here because SM.updateShortcuts() takes partial
          // information.
-@@ -309,6 +314,14 @@ private static PersistableBundle[] clonePersistableBundle(PersistableBundle[] bu
+@@ -309,6 +314,14 @@ public final class ShortcutInfo implements Parcelable {
          return ret;
      }
  
@@ -59,7 +59,7 @@ index a854b899a82af..3ac20ff39327b 100644
      /**
       * Throws if any of the mandatory fields is not set.
       *
-@@ -1602,7 +1615,8 @@ private ShortcutInfo(Parcel source) {
+@@ -1602,7 +1615,8 @@ public final class ShortcutInfo implements Parcelable {
          final ClassLoader cl = getClass().getClassLoader();
  
          mUserId = source.readInt();
@@ -70,10 +70,10 @@ index a854b899a82af..3ac20ff39327b 100644
          mActivity = source.readParcelable(cl);
          mFlags = source.readInt();
 diff --git a/services/tests/servicestests/src/com/android/server/pm/ShortcutManagerTest2.java b/services/tests/servicestests/src/com/android/server/pm/ShortcutManagerTest2.java
-index d25923c019cac..6b86ef0e0704c 100644
+index d25923c019ca..6b86ef0e0704 100644
 --- a/services/tests/servicestests/src/com/android/server/pm/ShortcutManagerTest2.java
 +++ b/services/tests/servicestests/src/com/android/server/pm/ShortcutManagerTest2.java
-@@ -53,6 +53,7 @@
+@@ -53,6 +53,7 @@ import java.io.IOException;
  import java.io.PrintWriter;
  import java.io.StringWriter;
  import java.io.Writer;
@@ -81,7 +81,7 @@ index d25923c019cac..6b86ef0e0704c 100644
  import java.util.Locale;
  
  /**
-@@ -223,6 +224,15 @@ public void testShortcutInfoMissingMandatoryFields() {
+@@ -223,6 +224,15 @@ public class ShortcutManagerTest2 extends BaseShortcutManagerTest {
                  });
      }
  

Patches/LineageOS-14.1/android_system_bt/360892.patch

@@ -1,4 +1,4 @@
-From fa5c4429ae75e687b87313b79512c4a90f90ee3b Mon Sep 17 00:00:00 2001
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
 From: tyiu <tyiu@google.com>
 Date: Tue, 28 Mar 2023 18:40:51 +0000
 Subject: [PATCH] Fix gatt_end_operation buffer overflow
@@ -26,7 +26,7 @@ Change-Id: I49e2797cd9300ee4cd69f2c7fa5f0073db78b873
  1 file changed, 8 insertions(+)
 
 diff --git a/stack/gatt/gatt_utils.c b/stack/gatt/gatt_utils.c
-index 4582b5ae477..e56c1a4e793 100644
+index 4582b5ae4..e56c1a4e7 100644
 --- a/stack/gatt/gatt_utils.c
 +++ b/stack/gatt/gatt_utils.c
 @@ -2190,6 +2190,14 @@ void gatt_end_operation(tGATT_CLCB *p_clcb, tGATT_STATUS status, void *p_data)

Patches/LineageOS-17.1/android_frameworks_base/0021-Hardened-signature-spoofing.patch

@@ -79,7 +79,7 @@ index a84d23b624bf..1ab293758ee7 100644
  
      <!-- This string array can be overriden to enable test location providers initially. -->
 diff --git a/services/core/java/com/android/server/pm/PackageManagerService.java b/services/core/java/com/android/server/pm/PackageManagerService.java
-index 9483f266b1fa..7e5a46cfd72f 100644
+index 9483f266b1fa..eb2b66d5ce03 100644
 --- a/services/core/java/com/android/server/pm/PackageManagerService.java
 +++ b/services/core/java/com/android/server/pm/PackageManagerService.java
 @@ -4203,8 +4203,20 @@ public class PackageManagerService extends IPackageManager.Stub

Patches/LineageOS-17.1/android_frameworks_base/360962-backport.patch

@@ -18,7 +18,7 @@ Change-Id: I2617de6f9e8a7dbfd8fbeff589a7d592f00d87c5
  2 files changed, 27 insertions(+), 3 deletions(-)
 
 diff --git a/core/java/android/content/pm/ShortcutInfo.java b/core/java/android/content/pm/ShortcutInfo.java
-index 58aacc2c36c7..4bd28aefc0a9 100644
+index 58aacc2c36c7..a50b321f6827 100644
 --- a/core/java/android/content/pm/ShortcutInfo.java
 +++ b/core/java/android/content/pm/ShortcutInfo.java
 @@ -236,6 +236,12 @@ public final class ShortcutInfo implements Parcelable {

Patches/LineageOS-17.1/android_packages_apps_Settings/0014-signature_spoofing_toggle.patch

@@ -16,7 +16,7 @@ Signed-off-by: Tad <tad@spotco.us>
  create mode 100644 src/com/android/settings/security/SigSpoofPreferenceController.java
 
 diff --git a/res/values/strings.xml b/res/values/strings.xml
-index a5aab8e5d0..eb346bd8eb 100644
+index a5aab8e5d0..59c4e0aa57 100644
 --- a/res/values/strings.xml
 +++ b/res/values/strings.xml
 @@ -11330,6 +11330,9 @@

Patches/LineageOS-18.1/android_frameworks_opt_net_wifi/0001-Random_MAC.patch

@@ -156,7 +156,7 @@ index f40d65624..7276bfb44 100644
      }
  
 diff --git a/service/java/com/android/server/wifi/WifiConfigurationUtil.java b/service/java/com/android/server/wifi/WifiConfigurationUtil.java
-index 336d97810..9c3e074ae 100644
+index 7273da333..2ffe547b1 100644
 --- a/service/java/com/android/server/wifi/WifiConfigurationUtil.java
 +++ b/service/java/com/android/server/wifi/WifiConfigurationUtil.java
 @@ -203,7 +203,7 @@ public class WifiConfigurationUtil {

Patches/LineageOS-18.1/android_packages_apps_Settings/0015-signature_spoofing_toggle.patch

@@ -16,7 +16,7 @@ Signed-off-by: Tad <tad@spotco.us>
  create mode 100644 src/com/android/settings/security/SigSpoofPreferenceController.java
 
 diff --git a/res/values/strings.xml b/res/values/strings.xml
-index c597570f35..f04d49d6f1 100644
+index c597570f35..2fe1eda202 100644
 --- a/res/values/strings.xml
 +++ b/res/values/strings.xml
 @@ -11978,6 +11978,9 @@

Scripts/LineageOS-18.1/Patch.sh

@@ -117,6 +117,10 @@ if enterAndClear "external/conscrypt"; then
 if [ "$DOS_GRAPHENE_CONSTIFY" = true ]; then applyPatch "$DOS_PATCHES/android_external_conscrypt/0001-constify_JNINativeMethod.patch"; fi; #Constify JNINativeMethod tables (GrapheneOS)
 fi;
 
+if enterAndClear "external/freetype"; then
+git fetch https://github.com/LineageOS/android_external_freetype refs/changes/51/360951/1 && git cherry-pick FETCH_HEAD; #R_asb_2023-07
+fi;
+
 if [ "$DOS_GRAPHENE_MALLOC" = true ]; then
 if enterAndClear "external/hardened_malloc"; then
 applyPatch "$DOS_PATCHES/android_external_hardened_malloc/0001-Broken_Cameras.patch"; #Expand workaround to all camera executables (DivestOS)
@@ -421,6 +425,10 @@ if enterAndClear "system/vold"; then
 git revert --no-edit 3461ff5c9ad334c96780f3da14f1d23fcbee63ad; #breaks mako first boot
 fi;
 
+if enterAndClear "tools/apksig"; then
+git fetch https://github.com/LineageOS/android_tools_apksig refs/changes/73/360973/1 && git cherry-pick FETCH_HEAD; #R_asb_2023-07
+fi;
+
 if enterAndClear "vendor/lineage"; then
 rm build/target/product/security/lineage.x509.pem; #Remove Lineage keys
 rm -rf overlay/common/lineage-sdk/packages/LineageSettingsProvider/res/values/defaults.xml; #Remove analytics

Scripts/init.sh

@@ -65,7 +65,7 @@ export DOS_GRAPHENE_MALLOC=true; #Enables use of GrapheneOS' hardened memory all
 export DOS_GRAPHENE_EXEC=true; #Enables use of GrapheneOS' exec spawning feature on 16.0+17.1+18.1+19.1+20.0
 export DOS_HOSTS_BLOCKING=true; #Set false to prevent inclusion of a HOSTS file
 export DOS_HOSTS_BLOCKING_LIST="https://divested.dev/hosts-wildcards"; #Must be in the format "127.0.0.1 bad.domain.tld"
-export DOS_MICROG_SUPPORT=false; #Opt-in unprivileged microG support on 17.1+18.1+19.1+20.0
+export DOS_MICROG_SUPPORT=true; #Opt-in unprivileged microG support on 17.1+18.1+19.1+20.0
 export DOS_SENSORS_PERM=false; #Set true to provide a per-app sensors permission for 14.1/15.1 #XXX: can break things like camera
 export DOS_STRONG_ENCRYPTION_ENABLED=false; #Set true to enable AES 256-bit FDE encryption on 14.1+15.1 XXX: THIS WILL **DESTROY** EXISTING INSTALLS!
 export DOS_WEBVIEW_LFS=true; #Whether to `git lfs pull` in the WebView repository