Switch to the Broadcom PSDS server for Pixel 6/7 series

Instead of agnss.goog cache
Based off of a patch from GrapheneOS

Signed-off-by: Tad <tad@spotco.us>

Misc/Features/GrapheneOS.txt

@@ -3,6 +3,10 @@ RQ3A.211001.001.2021100606
 QQ3A.200805.001.2020.09.11.14
 PQ3B.190801.002.2019.08.25.15
 
+appops reset fix
+13 https://github.com/GrapheneOS/platform_frameworks_base/commit/41446b749e0851572e280f88b37db05f6283e0c3
+13 https://github.com/GrapheneOS/platform_frameworks_base/commit/e7022b12acbc1b87c07f9c4ed7b22bae9588c7ea
+
 https time
 12 https://github.com/GrapheneOS/platform_frameworks_base/commit/1d4e3f495b7b544f6314f04243e9d47b3f8e7102
 12 https://github.com/GrapheneOS/platform_frameworks_base/commit/2c04a077ec9f3ac6857885199f49f4845b70ec2e

Patches/LineageOS-20.0/android_frameworks_base/0030-agnss.goog_override.patch

@@ -0,0 +1,92 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Tad <tad@spotco.us>
+Date: Fri, 20 Jan 2023 21:45:50 -0500
+Subject: [PATCH] Replace agnss.goog with the Broadcom PSDS server
+
+This is heavily based off of the GrapheneOS patch for their server handling:
+https://github.com/GrapheneOS/platform_frameworks_base/commit/f29bedd2aad471b27d1eb6ec3b49e9751d8e0c5a
+
+Change-Id: Idd867bcd55d65d4aae7f9744de4807db46cf4374
+Signed-off-by: Tad <tad@spotco.us>
+---
+ .../location/gnss/GnssPsdsDownloader.java     | 45 ++++++++++++++-----
+ 1 file changed, 35 insertions(+), 10 deletions(-)
+
+diff --git a/services/core/java/com/android/server/location/gnss/GnssPsdsDownloader.java b/services/core/java/com/android/server/location/gnss/GnssPsdsDownloader.java
+index 243910dd9541..07f0f8a6a4af 100644
+--- a/services/core/java/com/android/server/location/gnss/GnssPsdsDownloader.java
++++ b/services/core/java/com/android/server/location/gnss/GnssPsdsDownloader.java
+@@ -18,6 +18,7 @@ package com.android.server.location.gnss;
+ 
+ import android.annotation.Nullable;
+ import android.net.TrafficStats;
++import android.os.Build;
+ import android.util.Log;
+ 
+ import com.android.internal.util.TrafficStatsConstants;
+@@ -53,20 +54,39 @@ class GnssPsdsDownloader {
+     private static final int REALTIME_PSDS_SERVER_INDEX = 3;
+     private static final int MAX_PSDS_TYPE_INDEX = 3;
+ 
++    // Broadcom GNSS almanac server URLs
++    private static final String BROADCOM_LONGTERM_PSDS_SERVER_1 = "https://gllto.glpals.com/7day/v5/latest/lto2.dat";
++    private static final String BROADCOM_LONGTERM_PSDS_SERVER_2 = null;
++    private static final String BROADCOM_LONGTERM_PSDS_SERVER_3 = null;
++    private static final String BROADCOM_NORMAL_PSDS_SERVER = "https://gllto.glpals.com/rto/v1/latest/rto.dat";
++    private static final String BROADCOM_REALTIME_PSDS_SERVER = "https://gllto.glpals.com/rtistatus4.dat";
++
+     private final String[] mLongTermPsdsServers;
+     private final String[] mPsdsServers;
+     // to load balance our server requests
+     private int mNextServerIndex;
+ 
++    private static boolean shouldUseBroadcomServer() {
++        boolean supportedDevice = Build.DEVICE.equals("cheetah") || Build.DEVICE.equals("panther") || Build.DEVICE.equals("raven") || Build.DEVICE.equals("oriole") || Build.DEVICE.equals("bluejay");
++        return supportedDevice;
++    }
++
+     GnssPsdsDownloader(Properties properties) {
+         // read PSDS servers from the Properties object
+         int count = 0;
+-        String longTermPsdsServer1 = properties.getProperty(
+-                GnssConfiguration.CONFIG_LONGTERM_PSDS_SERVER_1);
+-        String longTermPsdsServer2 = properties.getProperty(
+-                GnssConfiguration.CONFIG_LONGTERM_PSDS_SERVER_2);
+-        String longTermPsdsServer3 = properties.getProperty(
+-                GnssConfiguration.CONFIG_LONGTERM_PSDS_SERVER_3);
++        String longTermPsdsServer1;
++        String longTermPsdsServer2;
++        String longTermPsdsServer3;
++
++        if (shouldUseBroadcomServer()) {
++            longTermPsdsServer1 = BROADCOM_LONGTERM_PSDS_SERVER_1;
++            longTermPsdsServer2 = BROADCOM_LONGTERM_PSDS_SERVER_2;
++            longTermPsdsServer3 = BROADCOM_LONGTERM_PSDS_SERVER_3;
++        } else {
++            longTermPsdsServer1 = properties.getProperty(GnssConfiguration.CONFIG_LONGTERM_PSDS_SERVER_1);
++            longTermPsdsServer2 = properties.getProperty(GnssConfiguration.CONFIG_LONGTERM_PSDS_SERVER_2);
++            longTermPsdsServer3 = properties.getProperty(GnssConfiguration.CONFIG_LONGTERM_PSDS_SERVER_3);
++        }
+         if (longTermPsdsServer1 != null) count++;
+         if (longTermPsdsServer2 != null) count++;
+         if (longTermPsdsServer3 != null) count++;
+@@ -86,10 +106,15 @@ class GnssPsdsDownloader {
+             mNextServerIndex = random.nextInt(count);
+         }
+ 
+-        String normalPsdsServer = properties.getProperty(
+-                GnssConfiguration.CONFIG_NORMAL_PSDS_SERVER);
+-        String realtimePsdsServer = properties.getProperty(
+-                GnssConfiguration.CONFIG_REALTIME_PSDS_SERVER);
++        String normalPsdsServer;
++        String realtimePsdsServer;
++        if (shouldUseBroadcomServer()) {
++            normalPsdsServer = BROADCOM_NORMAL_PSDS_SERVER;
++            realtimePsdsServer = BROADCOM_REALTIME_PSDS_SERVER;
++        } else {
++            normalPsdsServer = properties.getProperty(GnssConfiguration.CONFIG_NORMAL_PSDS_SERVER);
++            realtimePsdsServer = properties.getProperty(GnssConfiguration.CONFIG_REALTIME_PSDS_SERVER);
++        }
+         mPsdsServers = new String[MAX_PSDS_TYPE_INDEX + 1];
+         mPsdsServers[NORMAL_PSDS_SERVER_INDEX] = normalPsdsServer;
+         mPsdsServers[REALTIME_PSDS_SERVER_INDEX] = realtimePsdsServer;

Scripts/Common/Fix_CVE_Patchers.sh

@@ -61,7 +61,7 @@ commentPatches android_kernel_google_sunfish.sh "CVE-2021-30324";
 commentPatches android_kernel_google_wahoo.sh "0008-Graphene-Kernel_Hardening/4.4/0019.patch" "CVE-2019-14047/ANY/0002.patch" "CVE-2019-19319" "CVE-2020-1749" "CVE-2020-8992" "CVE-2020-16166" "CVE-2021-30324";
 commentPatches android_kernel_google_yellowstone.sh "0001-LinuxIncrementals/3.10/3.10.0098-0099.patch" "CVE-2018-9514";
 commentPatches android_kernel_huawei_angler.sh "CVE-2014-8559";
-commentPatches android_kernel_htc_flounder.sh "CVE-2018-9514";
+commentPatches android_kernel_htc_flounder.sh "CVE-2018-9514" "CVE-2018-14614/3.4";
 commentPatches android_kernel_htc_msm8960.sh "CVE-2018-10876" "CVE-2021-0695" "CVE-2021-Misc2/3.4/0055.patch" "CVE-2021-Misc2/3.4/0056.patch";
 commentPatches android_kernel_htc_msm8974.sh "CVE-2016-8393" "CVE-2022-22058";
 commentPatches android_kernel_htc_msm8994.sh "CVE-2016-8394/ANY/0001.patch" "CVE-2017-13166" "CVE-2018-3585" "CVE-2018-9514";
@@ -71,7 +71,7 @@ commentPatches android_kernel_lge_msm8996.sh "CVE-2016-6198" "CVE-2017-13162/3.1
 commentPatches android_kernel_moto_shamu.sh "CVE-2014-8559";
 commentPatches android_kernel_motorola_msm8916.sh "0001-LinuxIncrementals/3.10/3.10.0050-0051.patch" "CVE-2014-8559" "CVE-2017-15817" "CVE-2018-9514";
 commentPatches android_kernel_motorola_msm8974.sh "CVE-2016-5696" "CVE-2017-7373" "CVE-2017-17770/3.4/0002.patch" "CVE-2019-11599" "CVE-2022-22058";
-commentPatches android_kernel_motorola_msm8992.sh "CVE-2017-5551/3.10/0002.patch" "CVE-2017-14880/3.10/0001.patch" "CVE-2018-3585/3.10/0001.patch" "CVE-2019-2297/qcacld-2.0/0001.patch";
+commentPatches android_kernel_motorola_msm8992.sh "CVE-2017-5551/3.10/0002.patch" "CVE-2017-14880/3.10/0001.patch" "CVE-2017-17770/3.4" "CVE-2018-3585/3.10/0001.patch" "CVE-2019-2297/qcacld-2.0/0001.patch";
 commentPatches android_kernel_motorola_msm8996.sh "0001-LinuxIncrementals/3.18/3.18.0098-0099.patch" "CVE-2017-8266" "CVE-2017-13162/3.18/0001.patch" "CVE-2017-15951" "CVE-2018-17972" "CVE-2019-2214" "CVE-2019-14070/ANY/0006.patch" "CVE-2019-16746" "CVE-2020-0427" "CVE-2020-14381" "CVE-2020-16166" "CVE-2021-39715/ANY/0001.patch" "CVE-2022-42896/4.9";
 commentPatches android_kernel_nextbit_msm8992.sh "CVE-2018-3585/3.10/0001.patch" "CVE-2018-9514";
 commentPatches android_kernel_oneplus_msm8994.sh "CVE-2018-3585/3.10/0001.patch" "CVE-2018-9514";

Scripts/LineageOS-14.1/CVE_Patchers/android_kernel_motorola_msm8992.sh

@@ -332,7 +332,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17741/3.18/0008.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17760/qcacld-2.0/0002.patch --directory=drivers/staging/qcacld-2.0
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17762/ANY/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17769/ANY/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17770/3.4/0002.patch
+#git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17770/3.4/0002.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17805/3.18/0003.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17806/3.10/0003.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18017/3.10/0002.patch

Scripts/LineageOS-14.1/Patch.sh

@@ -558,7 +558,7 @@ fi;
 #Make changes to all devices
 cd "$DOS_BUILD_BASE";
 find "hardware/qcom/gps" -name "gps\.conf" -type f -print0 | xargs -0 -n 1 -P 4 -I {} bash -c 'hardenLocationConf "{}"';
-find "device" -name "gps\.conf" -type f -print0 | xargs -0 -n 1 -P 4 -I {} bash -c 'hardenLocationConf "{}"';
+find "device" -name "gps\.conf*" -type f -print0 | xargs -0 -n 1 -P 4 -I {} bash -c 'hardenLocationConf "{}"';
 find "vendor" -name "gps\.conf" -type f -print0 | xargs -0 -n 1 -P 4 -I {} bash -c 'hardenLocationConf "{}"';
 find "device" -type d -name "overlay" -print0 | xargs -0 -n 1 -P 4 -I {} bash -c 'hardenLocationFWB "{}"';
 if [ "$DOS_DEBLOBBER_REMOVE_IMS" = "false" ]; then find "device" -maxdepth 2 -mindepth 2 -type d -print0 | xargs -0 -n 1 -P 8 -I {} bash -c 'volteOverride "{}"'; fi;

Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_htc_flounder.sh

@@ -209,7 +209,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-12232/3.10/0004.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-12233/3.18/0003.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13053/3.10/0008.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13405/3.10/0007.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-14614/3.4/0002.patch
+#git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-14614/3.4/0002.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-14634/3.10/0002.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-14734/3.18/0003.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-15594/3.18/0005.patch

Scripts/LineageOS-15.1/Patch.sh

@@ -465,7 +465,7 @@ fi;
 #Make changes to all devices
 cd "$DOS_BUILD_BASE";
 find "hardware/qcom/gps" -name "gps\.conf" -type f -print0 | xargs -0 -n 1 -P 4 -I {} bash -c 'hardenLocationConf "{}"';
-find "device" -name "gps\.conf" -type f -print0 | xargs -0 -n 1 -P 4 -I {} bash -c 'hardenLocationConf "{}"';
+find "device" -name "gps\.conf*" -type f -print0 | xargs -0 -n 1 -P 4 -I {} bash -c 'hardenLocationConf "{}"';
 find "vendor" -name "gps\.conf" -type f -print0 | xargs -0 -n 1 -P 4 -I {} bash -c 'hardenLocationConf "{}"';
 find "device" -type d -name "overlay" -print0 | xargs -0 -n 1 -P 4 -I {} bash -c 'hardenLocationFWB "{}"';
 if [ "$DOS_DEBLOBBER_REMOVE_IMS" = "false" ]; then find "device" -maxdepth 2 -mindepth 2 -type d -print0 | xargs -0 -n 1 -P 8 -I {} bash -c 'volteOverride "{}"'; fi;

Scripts/LineageOS-16.0/Patch.sh

@@ -393,7 +393,7 @@ fi;
 #Make changes to all devices
 cd "$DOS_BUILD_BASE";
 find "hardware/qcom/gps" -name "gps\.conf" -type f -print0 | xargs -0 -n 1 -P 4 -I {} bash -c 'hardenLocationConf "{}"';
-find "device" -name "gps\.conf" -type f -print0 | xargs -0 -n 1 -P 4 -I {} bash -c 'hardenLocationConf "{}"';
+find "device" -name "gps\.conf*" -type f -print0 | xargs -0 -n 1 -P 4 -I {} bash -c 'hardenLocationConf "{}"';
 find "vendor" -name "gps\.conf" -type f -print0 | xargs -0 -n 1 -P 4 -I {} bash -c 'hardenLocationConf "{}"';
 find "device" -type d -name "overlay" -print0 | xargs -0 -n 1 -P 4 -I {} bash -c 'hardenLocationFWB "{}"';
 if [ "$DOS_DEBLOBBER_REMOVE_IMS" = "false" ]; then find "device" -maxdepth 2 -mindepth 2 -type d -print0 | xargs -0 -n 1 -P 8 -I {} bash -c 'volteOverride "{}"'; fi;

Scripts/LineageOS-17.1/Patch.sh

@@ -468,7 +468,7 @@ fi;
 #Make changes to all devices
 cd "$DOS_BUILD_BASE";
 find "hardware/qcom/gps" -name "gps\.conf" -type f -print0 | xargs -0 -n 1 -P 4 -I {} bash -c 'hardenLocationConf "{}"';
-find "device" -name "gps\.conf" -type f -print0 | xargs -0 -n 1 -P 4 -I {} bash -c 'hardenLocationConf "{}"';
+find "device" -name "gps\.conf*" -type f -print0 | xargs -0 -n 1 -P 4 -I {} bash -c 'hardenLocationConf "{}"';
 find "vendor" -name "gps\.conf" -type f -print0 | xargs -0 -n 1 -P 4 -I {} bash -c 'hardenLocationConf "{}"';
 find "device" -type d -name "overlay" -print0 | xargs -0 -n 1 -P 4 -I {} bash -c 'hardenLocationFWB "{}"';
 if [ "$DOS_DEBLOBBER_REMOVE_IMS" = "false" ]; then find "device" -maxdepth 2 -mindepth 2 -type d -print0 | xargs -0 -n 1 -P 8 -I {} bash -c 'volteOverride "{}"'; fi;

Scripts/LineageOS-18.1/Patch.sh

@@ -542,7 +542,7 @@ fi;
 #Make changes to all devices
 cd "$DOS_BUILD_BASE";
 find "hardware/qcom/gps" -name "gps\.conf" -type f -print0 | xargs -0 -n 1 -P 4 -I {} bash -c 'hardenLocationConf "{}"';
-find "device" -name "gps\.conf" -type f -print0 | xargs -0 -n 1 -P 4 -I {} bash -c 'hardenLocationConf "{}"';
+find "device" -name "gps\.conf*" -type f -print0 | xargs -0 -n 1 -P 4 -I {} bash -c 'hardenLocationConf "{}"';
 find "vendor" -name "gps\.conf" -type f -print0 | xargs -0 -n 1 -P 4 -I {} bash -c 'hardenLocationConf "{}"';
 find "device" -type d -name "overlay" -print0 | xargs -0 -n 1 -P 4 -I {} bash -c 'hardenLocationFWB "{}"';
 if [ "$DOS_DEBLOBBER_REMOVE_IMS" = "false" ]; then find "device" -maxdepth 2 -mindepth 2 -type d -print0 | xargs -0 -n 1 -P 8 -I {} bash -c 'volteOverride "{}"'; fi;

Scripts/LineageOS-19.1/Patch.sh

@@ -437,7 +437,7 @@ fi;
 #Make changes to all devices
 cd "$DOS_BUILD_BASE";
 find "hardware/qcom/gps" -name "gps\.conf" -type f -print0 | xargs -0 -n 1 -P 4 -I {} bash -c 'hardenLocationConf "{}"';
-find "device" -name "gps\.conf" -type f -print0 | xargs -0 -n 1 -P 4 -I {} bash -c 'hardenLocationConf "{}"';
+find "device" -name "gps\.conf*" -type f -print0 | xargs -0 -n 1 -P 4 -I {} bash -c 'hardenLocationConf "{}"';
 find "vendor" -name "gps\.conf" -type f -print0 | xargs -0 -n 1 -P 4 -I {} bash -c 'hardenLocationConf "{}"';
 find "device" -type d -name "overlay" -print0 | xargs -0 -n 1 -P 4 -I {} bash -c 'hardenLocationFWB "{}"';
 if [ "$DOS_DEBLOBBER_REMOVE_IMS" = "false" ]; then find "device" -maxdepth 2 -mindepth 2 -type d -print0 | xargs -0 -n 1 -P 8 -I {} bash -c 'volteOverride "{}"'; fi;

Scripts/LineageOS-20.0/Patch.sh

@@ -134,7 +134,7 @@ applyPatch "$DOS_PATCHES/android_frameworks_base/0008-Browser_No_Location.patch"
 applyPatch "$DOS_PATCHES/android_frameworks_base/0003-SUPL_No_IMSI.patch"; #Don't send IMSI to SUPL (MSe1969)
 applyPatch "$DOS_PATCHES/android_frameworks_base/0004-Fingerprint_Lockout.patch"; #Enable fingerprint lockout after three failed attempts (GrapheneOS)
 applyPatch "$DOS_PATCHES/android_frameworks_base/0005-User_Logout.patch"; #Enable secondary user logout support by default (GrapheneOS)
-applyPatch "$DOS_PATCHES/android_frameworks_base/0005-User_Logout-a1.patch"; #Fix DevicePolicyManager#logoutUser() never succeeding(GrapheneOS)
+applyPatch "$DOS_PATCHES/android_frameworks_base/0005-User_Logout-a1.patch"; #Fix DevicePolicyManager#logoutUser() never succeeding (GrapheneOS)
 applyPatch "$DOS_PATCHES/android_frameworks_base/0013-Special_Permissions-1.patch"; #Support new special runtime permissions (GrapheneOS)
 applyPatch "$DOS_PATCHES/android_frameworks_base/0013-Special_Permissions-2.patch"; #Make INTERNET into a special runtime permission (GrapheneOS)
 applyPatch "$DOS_PATCHES/android_frameworks_base/0013-Special_Permissions-3.patch"; #Add special runtime permission for other sensors (GrapheneOS)
@@ -179,6 +179,7 @@ applyPatch "$DOS_PATCHES/android_frameworks_base/0027-Installer_Glitch.patch"; #
 applyPatch "$DOS_PATCHES/android_frameworks_base/0028-Remove_Legacy_Package_Query.patch"; #Don't leak device-wide package list to apps when work profile is present (GrapheneOS)
 applyPatch "$DOS_PATCHES/android_frameworks_base/0029-Strict_versionCode_Checks-1.patch"; #Don't allow updating system packages to the same versionCode (GrapheneOS)
 applyPatch "$DOS_PATCHES/android_frameworks_base/0029-Strict_versionCode_Checks-2.patch"; #Prefer package from OS image over equal version of upgraded system package (GrapheneOS)
+applyPatch "$DOS_PATCHES/android_frameworks_base/0030-agnss.goog_override.patch"; #Replace agnss.goog with the Broadcom PSDS server (heavily based off of a GrapheneOS patch)
 hardenLocationConf services/core/java/com/android/server/location/gnss/gps_debug.conf; #Harden the default GPS config
 changeDefaultDNS; #Change the default DNS servers
 sed -i 's/DEFAULT_USE_COMPACTION = false;/DEFAULT_USE_COMPACTION = true;/' services/core/java/com/android/server/am/CachedAppOptimizer.java; #Enable app compaction by default (GrapheneOS)
@@ -457,7 +458,7 @@ fi;
 #Make changes to all devices
 cd "$DOS_BUILD_BASE";
 find "hardware/qcom/gps" -name "gps\.conf" -type f -print0 | xargs -0 -n 1 -P 4 -I {} bash -c 'hardenLocationConf "{}"';
-find "device" -name "gps\.conf" -type f -print0 | xargs -0 -n 1 -P 4 -I {} bash -c 'hardenLocationConf "{}"';
+find "device" -name "gps\.conf*" -type f -print0 | xargs -0 -n 1 -P 4 -I {} bash -c 'hardenLocationConf "{}"';
 find "vendor" -name "gps\.conf" -type f -print0 | xargs -0 -n 1 -P 4 -I {} bash -c 'hardenLocationConf "{}"';
 find "device" -type d -name "overlay" -print0 | xargs -0 -n 1 -P 4 -I {} bash -c 'hardenLocationFWB "{}"';
 #if [ "$DOS_DEBLOBBER_REMOVE_IMS" = "false" ]; then find "device" -maxdepth 2 -mindepth 2 -type d -print0 | xargs -0 -n 1 -P 8 -I {} bash -c 'volteOverride "{}"'; fi;