From ad466bd3e438316d4910b96966e7cbe52dbc8763 Mon Sep 17 00:00:00 2001 From: Tad Date: Fri, 20 Jan 2023 14:45:46 -0500 Subject: [PATCH] Various changes - 17.1: Add more captive portal server options like 18.1+, disabled: needs fixes - 17.1: Add the hosts toggle like 18.1+ - 18.1: fix junk in patch - 17.1+: hosts toggle: bugfix: fixup localhost handling by switching to strcmp - 15.1: fixes to get hmalloc to compile, does NOT boot Signed-off-by: Tad --- .../android_bionic/0004-hosts_toggle.patch | 35 ++ .../0001-Captive_Portal_Toggle-gos.patch | 447 ++++++++++++++++++ .../0012-hosts_toggle.patch | 172 +++++++ .../0002-hosts_toggle.patch | 34 ++ .../0001-Captive_Portal_Toggle-gos.patch | 23 +- .../0004-Private_DNS.patch | 2 +- .../0005-Automatic_Reboot.patch | 6 +- .../0006-Bluetooth_Timeout.patch | 4 +- .../0007-WiFi_Timeout.patch | 4 +- .../0008-ptrace_scope.patch | 2 +- .../0009-Install_Restrictions.patch | 2 +- .../0010-exec_spawning_toggle.patch | 2 +- .../0011-Random_MAC-1.patch | 6 +- .../0012-hosts_toggle.patch | 2 +- .../0013-LTE_Only_Mode-1.patch | 8 +- .../0001-hosts_toggle.patch | 4 +- .../0002-hosts_toggle.patch | 2 +- .../0002-hosts_toggle.patch | 2 +- Scripts/LineageOS-15.1/Patch.sh | 2 + Scripts/LineageOS-17.1/Functions.sh | 1 - Scripts/LineageOS-17.1/Patch.sh | 4 + 21 files changed, 719 insertions(+), 45 deletions(-) create mode 100644 Patches/LineageOS-17.1/android_bionic/0004-hosts_toggle.patch create mode 100644 Patches/LineageOS-17.1/android_packages_apps_Settings/0001-Captive_Portal_Toggle-gos.patch create mode 100644 Patches/LineageOS-17.1/android_packages_apps_Settings/0012-hosts_toggle.patch create mode 100644 Patches/LineageOS-17.1/android_system_netd/0002-hosts_toggle.patch diff --git a/Patches/LineageOS-17.1/android_bionic/0004-hosts_toggle.patch b/Patches/LineageOS-17.1/android_bionic/0004-hosts_toggle.patch new file mode 100644 index 00000000..3d8c3c90 --- /dev/null +++ b/Patches/LineageOS-17.1/android_bionic/0004-hosts_toggle.patch @@ -0,0 +1,35 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Tad +Date: Wed, 20 Apr 2022 00:40:52 -0400 +Subject: [PATCH] Add a toggle to disable /etc/hosts lookup + +Signed-off-by: Tad +Change-Id: I92679c57e73228dc194e61a86ea1a18b2ac90e04 +--- + libc/dns/net/getaddrinfo.c | 6 ++++++ + 1 file changed, 6 insertions(+) + +diff --git a/libc/dns/net/getaddrinfo.c b/libc/dns/net/getaddrinfo.c +index cc94b21e2..12294da04 100644 +--- a/libc/dns/net/getaddrinfo.c ++++ b/libc/dns/net/getaddrinfo.c +@@ -83,6 +83,7 @@ + #include + #include + #include ++#include + #include + #include + #include +@@ -2127,6 +2128,11 @@ _files_getaddrinfo(void *rv, void *cb_data, va_list ap) + name = va_arg(ap, char *); + pai = va_arg(ap, struct addrinfo *); + ++ char value[PROP_VALUE_MAX] = { 0 }; ++ if (__system_property_get("persist.security.hosts_disable", value) != 0) ++ if (atoi(value) != 0 && strcmp(name, "localhost") != 0 && strcmp(name, "ip6-localhost") != 0) ++ return NS_NOTFOUND; ++ + memset(&sentinel, 0, sizeof(sentinel)); + cur = &sentinel; + int gai_error = hc_getaddrinfo(name, NULL, pai, &cur); diff --git a/Patches/LineageOS-17.1/android_packages_apps_Settings/0001-Captive_Portal_Toggle-gos.patch b/Patches/LineageOS-17.1/android_packages_apps_Settings/0001-Captive_Portal_Toggle-gos.patch new file mode 100644 index 00000000..633ea809 --- /dev/null +++ b/Patches/LineageOS-17.1/android_packages_apps_Settings/0001-Captive_Portal_Toggle-gos.patch @@ -0,0 +1,447 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Pratyush +Date: Wed, 20 Oct 2021 05:40:11 +0530 +Subject: [PATCH] add toggle to set captiveportal settings + +Access is disallowed for users that are disallowed from configuring +Private DNS settings. This restriction provides administrative control +over this feature in a way that's compatible with existing device +manager implementations. Private DNS is the closest fit from the +existing user management restrictions that are available. + +Co-authored-by: stuux +Co-authored-by: Renlord +Co-authored-by: Danny Lin +Co-authored-by: anupritaisno1 +Signed-off-by: empratyush +[tad@spotco.us]: add multiple other server options +[tad@spotco.us]: merge with the GrapheneOS patch from RQ3A.211001.001.2021100606 +Change-Id: I8a762d0f29ac42fce3dcfc7189e8ff216a8f8d1a +--- + res/values/arrays.xml | 24 ++ + res/values/strings.xml | 3 + + res/xml/network_and_internet.xml | 8 + + ...ConnectivityCheckPreferenceController.java | 328 ++++++++++++++++++ + .../network/NetworkDashboardFragment.java | 3 + + 5 files changed, 366 insertions(+) + create mode 100644 src/com/android/settings/network/ConnectivityCheckPreferenceController.java + +diff --git a/res/values/arrays.xml b/res/values/arrays.xml +index b983f467df..d799348200 100644 +--- a/res/values/arrays.xml ++++ b/res/values/arrays.xml +@@ -108,6 +108,30 @@ + @string/dark_ui_auto_mode_auto + + ++ ++ Disabled ++ Google (US) [default] ++ ++ DivestOS (US) ++ openSUSE (DE) ++ Ubuntu (UK) ++ Amazon Fire OS (US) ++ Microsoft Edge (US) ++ Kuketz (DE) ++ ++ ++ ++ 0 ++ 1 ++ ++ 3 ++ 4 ++ 5 ++ 6 ++ 7 ++ 8 ++ ++ + + +diff --git a/res/values/strings.xml b/res/values/strings.xml +index 2180ea45f6..edd9a93761 100644 +--- a/res/values/strings.xml ++++ b/res/values/strings.xml +@@ -11462,4 +11462,7 @@ + Don\u2019t connect + + Connect ++ ++ Internet connectivity check ++ HTTP endpoints to use for performing internet connectivity checks. + +diff --git a/res/xml/network_and_internet.xml b/res/xml/network_and_internet.xml +index 32b51d48fc..ff1e5234cf 100644 +--- a/res/xml/network_and_internet.xml ++++ b/res/xml/network_and_internet.xml +@@ -97,4 +97,12 @@ + android:positiveButtonText="@string/save" + android:negativeButtonText="@android:string/cancel" /> + ++ ++ + +diff --git a/src/com/android/settings/network/ConnectivityCheckPreferenceController.java b/src/com/android/settings/network/ConnectivityCheckPreferenceController.java +new file mode 100644 +index 0000000000..942ae750bc +--- /dev/null ++++ b/src/com/android/settings/network/ConnectivityCheckPreferenceController.java +@@ -0,0 +1,328 @@ ++/* ++ * Copyright (C) 2020 The Android Open Source Project ++ * ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ */ ++ ++package com.android.settings.network; ++ ++import android.content.ContentResolver; ++import android.content.Context; ++import android.content.res.Resources; ++import android.database.ContentObserver; ++import android.net.LinkProperties; ++import android.net.Network; ++import android.os.Handler; ++import android.os.Looper; ++import android.os.UserHandle; ++import android.os.UserManager; ++import android.provider.Settings; ++import androidx.preference.ListPreference; ++import androidx.preference.Preference; ++import androidx.preference.PreferenceScreen; ++import com.android.internal.util.ArrayUtils; ++import com.android.settings.R; ++import com.android.settings.core.BasePreferenceController; ++import com.android.settings.core.PreferenceControllerMixin; ++import com.android.settingslib.RestrictedLockUtils.EnforcedAdmin; ++import com.android.settingslib.RestrictedLockUtilsInternal; ++import com.android.settingslib.core.lifecycle.events.OnResume; ++ ++public class ConnectivityCheckPreferenceController ++ extends BasePreferenceController ++ implements PreferenceControllerMixin, Preference.OnPreferenceChangeListener, ++ OnResume { ++ ++ // imported defaults from AOSP NetworkStack ++ private static final String STANDARD_HTTPS_URL = ++ "https://www.google.com/generate_204"; ++ private static final String STANDARD_HTTP_URL = ++ "http://connectivitycheck.gstatic.com/generate_204"; ++ private static final String STANDARD_FALLBACK_URL = ++ "http://www.google.com/gen_204"; ++ private static final String STANDARD_OTHER_FALLBACK_URLS = ++ "http://play.googleapis.com/generate_204"; ++ ++ // GrapheneOS ++ private static final String GRAPHENEOS_CAPTIVE_PORTAL_HTTPS_URL = ++ "https://connectivitycheck.grapheneos.network/generate_204"; ++ private static final String GRAPHENEOS_CAPTIVE_PORTAL_HTTP_URL = ++ "http://connectivitycheck.grapheneos.network/generate_204"; ++ private static final String GRAPHENEOS_CAPTIVE_PORTAL_FALLBACK_URL = ++ "http://grapheneos.online/gen_204"; ++ private static final String GRAPHENEOS_CAPTIVE_PORTAL_OTHER_FALLBACK_URL = ++ "http://grapheneos.online/generate_204"; ++ ++ // DivestOS ++ private static final String DIVESTOS_HTTPS_URL = ++ "https://divestos.org/generate_204"; ++ private static final String DIVESTOS_HTTP_URL = ++ "http://divestos.org/generate_204"; ++ ++ // openSUSE ++ private static final String OPENSUSE_HTTPS_URL = ++ "https://conncheck.opensuse.org"; ++ private static final String OPENSUSE_HTTP_URL = ++ "http://conncheck.opensuse.org"; ++ ++ // Ubuntu ++ private static final String UBUNTU_HTTPS_URL = ++ "https://connectivity-check.ubuntu.com"; ++ private static final String UBUNTU_HTTP_URL = ++ "http://connectivity-check.ubuntu.com"; ++ ++ // Amazon Fire OS ++ private static final String AMAZON_HTTPS_URL = ++ "https://fireoscaptiveportal.com/generate_204"; ++ private static final String AMAZON_HTTP_URL = ++ "http://fireoscaptiveportal.com/generate_204"; ++ ++ // Microsoft Edge ++ private static final String MICROSOFT_HTTP_URL = ++ "http://edge-http.microsoft.com/captiveportal/generate_204"; ++ ++ // Kuketz, https://www.kuketz-blog.de/android-captive-portal-check-204-http-antwort-von-captiveportal-kuketz-de/ ++ private static final String KUKETZ_HTTPS_URL = ++ "https://captiveportal.kuketz.de"; ++ private static final String KUKETZ_HTTP_URL = ++ "http://captiveportal.kuketz.de"; ++ ++ private static final int DISABLED_CAPTIVE_PORTAL_INTVAL = 0; ++ private static final int STANDARD_CAPTIVE_PORTAL_HTTP_URL_INTVAL = 1; ++ private static final int GRAPHENEOS_CAPTIVE_PORTAL_HTTP_URL_INTVAL = 2; ++ private static final int DIVESTOS_CAPTIVE_PORTAL_HTTP_URL_INTVAL = 3; ++ private static final int OPENSUSE_CAPTIVE_PORTAL_HTTP_URL_INTVAL = 4; ++ private static final int UBUNTU_CAPTIVE_PORTAL_HTTP_URL_INTVAL = 5; ++ private static final int AMAZON_CAPTIVE_PORTAL_HTTP_URL_INTVAL = 6; ++ private static final int MICROSOFT_CAPTIVE_PORTAL_HTTP_URL_INTVAL = 7; ++ private static final int KUKETZ_CAPTIVE_PORTAL_HTTP_URL_INTVAL = 8; ++ ++ private static final String KEY_CONNECTIVITY_CHECK_SETTINGS = ++ "connectivity_check_settings"; ++ ++ private ListPreference mConnectivityPreference; ++ ++ public ConnectivityCheckPreferenceController(Context context) { ++ super(context, KEY_CONNECTIVITY_CHECK_SETTINGS); ++ } ++ ++ @Override ++ public int getAvailabilityStatus() { ++ if (isDisabledByAdmin()) { ++ return BasePreferenceController.DISABLED_FOR_USER; ++ } ++ return BasePreferenceController.AVAILABLE; ++ } ++ ++ @Override ++ public void displayPreference(PreferenceScreen screen) { ++ super.displayPreference(screen); ++ mConnectivityPreference = ++ screen.findPreference(KEY_CONNECTIVITY_CHECK_SETTINGS); ++ updatePreferenceState(); ++ } ++ ++ @Override ++ public String getPreferenceKey() { ++ return KEY_CONNECTIVITY_CHECK_SETTINGS; ++ } ++ ++ private void updatePreferenceState() { ++ if (Settings.Global.getInt(mContext.getContentResolver(), ++ Settings.Global.CAPTIVE_PORTAL_MODE, Settings.Global.CAPTIVE_PORTAL_MODE_PROMPT) ++ == Settings.Global.CAPTIVE_PORTAL_MODE_IGNORE) { ++ mConnectivityPreference.setValueIndex(DISABLED_CAPTIVE_PORTAL_INTVAL); ++ return; ++ } ++ ++ String pref = Settings.Global.getString( ++ mContext.getContentResolver(), Settings.Global.CAPTIVE_PORTAL_HTTP_URL); ++ if (STANDARD_HTTP_URL.equals(pref)) { ++ mConnectivityPreference.setValueIndex( ++ STANDARD_CAPTIVE_PORTAL_HTTP_URL_INTVAL); ++ } else if (GRAPHENEOS_CAPTIVE_PORTAL_HTTP_URL.equals(pref)) { ++ mConnectivityPreference.setValueIndex( ++ GRAPHENEOS_CAPTIVE_PORTAL_HTTP_URL_INTVAL); ++ } else if (DIVESTOS_HTTP_URL.equals(pref)) { ++ mConnectivityPreference.setValueIndex( ++ DIVESTOS_CAPTIVE_PORTAL_HTTP_URL_INTVAL); ++ } else if (OPENSUSE_HTTP_URL.equals(pref)) { ++ mConnectivityPreference.setValueIndex( ++ OPENSUSE_CAPTIVE_PORTAL_HTTP_URL_INTVAL); ++ } else if (UBUNTU_HTTP_URL.equals(pref)) { ++ mConnectivityPreference.setValueIndex( ++ UBUNTU_CAPTIVE_PORTAL_HTTP_URL_INTVAL); ++ } else if (AMAZON_HTTP_URL.equals(pref)) { ++ mConnectivityPreference.setValueIndex( ++ AMAZON_CAPTIVE_PORTAL_HTTP_URL_INTVAL); ++ } else if (MICROSOFT_HTTP_URL.equals(pref)) { ++ mConnectivityPreference.setValueIndex( ++ MICROSOFT_CAPTIVE_PORTAL_HTTP_URL_INTVAL); ++ } else if (KUKETZ_HTTP_URL.equals(pref)) { ++ mConnectivityPreference.setValueIndex( ++ KUKETZ_CAPTIVE_PORTAL_HTTP_URL_INTVAL); ++ } ++ } ++ ++ @Override ++ public void onResume() { ++ updatePreferenceState(); ++ if (mConnectivityPreference != null) { ++ setCaptivePortalURLs( ++ mContext.getContentResolver(), ++ Integer.parseInt(mConnectivityPreference.getValue())); ++ } ++ } ++ ++ private void setCaptivePortalURLs(ContentResolver cr, int mode) { ++ switch (mode) { ++ case STANDARD_CAPTIVE_PORTAL_HTTP_URL_INTVAL: ++ Settings.Global.putString(cr, Settings.Global.CAPTIVE_PORTAL_HTTP_URL, ++ STANDARD_HTTP_URL); ++ Settings.Global.putString(cr, Settings.Global.CAPTIVE_PORTAL_HTTPS_URL, ++ STANDARD_HTTPS_URL); ++ Settings.Global.putString(cr, Settings.Global.CAPTIVE_PORTAL_FALLBACK_URL, ++ STANDARD_FALLBACK_URL); ++ Settings.Global.putString( ++ cr, Settings.Global.CAPTIVE_PORTAL_OTHER_FALLBACK_URLS, ++ STANDARD_OTHER_FALLBACK_URLS); ++ Settings.Global.putInt(cr, Settings.Global.CAPTIVE_PORTAL_MODE, ++ Settings.Global.CAPTIVE_PORTAL_MODE_PROMPT); ++ break; ++ case GRAPHENEOS_CAPTIVE_PORTAL_HTTP_URL_INTVAL: ++ Settings.Global.putString(cr, Settings.Global.CAPTIVE_PORTAL_HTTP_URL, ++ GRAPHENEOS_CAPTIVE_PORTAL_HTTP_URL); ++ Settings.Global.putString(cr, Settings.Global.CAPTIVE_PORTAL_HTTPS_URL, ++ GRAPHENEOS_CAPTIVE_PORTAL_HTTPS_URL); ++ Settings.Global.putString(cr, Settings.Global.CAPTIVE_PORTAL_FALLBACK_URL, ++ GRAPHENEOS_CAPTIVE_PORTAL_FALLBACK_URL); ++ Settings.Global.putString( ++ cr, Settings.Global.CAPTIVE_PORTAL_OTHER_FALLBACK_URLS, ++ GRAPHENEOS_CAPTIVE_PORTAL_OTHER_FALLBACK_URL); ++ Settings.Global.putInt(cr, Settings.Global.CAPTIVE_PORTAL_MODE, ++ Settings.Global.CAPTIVE_PORTAL_MODE_PROMPT); ++ break; ++ case DIVESTOS_CAPTIVE_PORTAL_HTTP_URL_INTVAL: ++ Settings.Global.putString(cr, Settings.Global.CAPTIVE_PORTAL_HTTP_URL, ++ DIVESTOS_HTTP_URL); ++ Settings.Global.putString(cr, Settings.Global.CAPTIVE_PORTAL_HTTPS_URL, ++ DIVESTOS_HTTPS_URL); ++ Settings.Global.putString(cr, Settings.Global.CAPTIVE_PORTAL_FALLBACK_URL, ++ DIVESTOS_HTTP_URL); ++ Settings.Global.putString( ++ cr, Settings.Global.CAPTIVE_PORTAL_OTHER_FALLBACK_URLS, ++ DIVESTOS_HTTP_URL); ++ Settings.Global.putInt(cr, Settings.Global.CAPTIVE_PORTAL_MODE, ++ Settings.Global.CAPTIVE_PORTAL_MODE_PROMPT); ++ break; ++ case OPENSUSE_CAPTIVE_PORTAL_HTTP_URL_INTVAL: ++ Settings.Global.putString(cr, Settings.Global.CAPTIVE_PORTAL_HTTP_URL, ++ OPENSUSE_HTTP_URL); ++ Settings.Global.putString(cr, Settings.Global.CAPTIVE_PORTAL_HTTPS_URL, ++ OPENSUSE_HTTPS_URL); ++ Settings.Global.putString(cr, Settings.Global.CAPTIVE_PORTAL_FALLBACK_URL, ++ OPENSUSE_HTTP_URL); ++ Settings.Global.putString( ++ cr, Settings.Global.CAPTIVE_PORTAL_OTHER_FALLBACK_URLS, ++ OPENSUSE_HTTP_URL); ++ Settings.Global.putInt(cr, Settings.Global.CAPTIVE_PORTAL_MODE, ++ Settings.Global.CAPTIVE_PORTAL_MODE_PROMPT); ++ break; ++ case UBUNTU_CAPTIVE_PORTAL_HTTP_URL_INTVAL: ++ Settings.Global.putString(cr, Settings.Global.CAPTIVE_PORTAL_HTTP_URL, ++ UBUNTU_HTTP_URL); ++ Settings.Global.putString(cr, Settings.Global.CAPTIVE_PORTAL_HTTPS_URL, ++ UBUNTU_HTTPS_URL); ++ Settings.Global.putString(cr, Settings.Global.CAPTIVE_PORTAL_FALLBACK_URL, ++ UBUNTU_HTTP_URL); ++ Settings.Global.putString( ++ cr, Settings.Global.CAPTIVE_PORTAL_OTHER_FALLBACK_URLS, ++ UBUNTU_HTTP_URL); ++ Settings.Global.putInt(cr, Settings.Global.CAPTIVE_PORTAL_MODE, ++ Settings.Global.CAPTIVE_PORTAL_MODE_PROMPT); ++ break; ++ case AMAZON_CAPTIVE_PORTAL_HTTP_URL_INTVAL: ++ Settings.Global.putString(cr, Settings.Global.CAPTIVE_PORTAL_HTTP_URL, ++ AMAZON_HTTP_URL); ++ Settings.Global.putString(cr, Settings.Global.CAPTIVE_PORTAL_HTTPS_URL, ++ AMAZON_HTTPS_URL); ++ Settings.Global.putString(cr, Settings.Global.CAPTIVE_PORTAL_FALLBACK_URL, ++ AMAZON_HTTP_URL); ++ Settings.Global.putString( ++ cr, Settings.Global.CAPTIVE_PORTAL_OTHER_FALLBACK_URLS, ++ AMAZON_HTTP_URL); ++ Settings.Global.putInt(cr, Settings.Global.CAPTIVE_PORTAL_MODE, ++ Settings.Global.CAPTIVE_PORTAL_MODE_PROMPT); ++ break; ++ case MICROSOFT_CAPTIVE_PORTAL_HTTP_URL_INTVAL: ++ Settings.Global.putString(cr, Settings.Global.CAPTIVE_PORTAL_HTTP_URL, ++ MICROSOFT_HTTP_URL); ++ Settings.Global.putString(cr, Settings.Global.CAPTIVE_PORTAL_HTTPS_URL, ++ MICROSOFT_HTTP_URL); ++ Settings.Global.putString(cr, Settings.Global.CAPTIVE_PORTAL_FALLBACK_URL, ++ MICROSOFT_HTTP_URL); ++ Settings.Global.putString( ++ cr, Settings.Global.CAPTIVE_PORTAL_OTHER_FALLBACK_URLS, ++ MICROSOFT_HTTP_URL); ++ Settings.Global.putInt(cr, Settings.Global.CAPTIVE_PORTAL_MODE, ++ Settings.Global.CAPTIVE_PORTAL_MODE_PROMPT); ++ break; ++ case KUKETZ_CAPTIVE_PORTAL_HTTP_URL_INTVAL: ++ Settings.Global.putString(cr, Settings.Global.CAPTIVE_PORTAL_HTTP_URL, ++ KUKETZ_HTTP_URL); ++ Settings.Global.putString(cr, Settings.Global.CAPTIVE_PORTAL_HTTPS_URL, ++ KUKETZ_HTTPS_URL); ++ Settings.Global.putString(cr, Settings.Global.CAPTIVE_PORTAL_FALLBACK_URL, ++ KUKETZ_HTTP_URL); ++ Settings.Global.putString( ++ cr, Settings.Global.CAPTIVE_PORTAL_OTHER_FALLBACK_URLS, ++ KUKETZ_HTTP_URL); ++ Settings.Global.putInt(cr, Settings.Global.CAPTIVE_PORTAL_MODE, ++ Settings.Global.CAPTIVE_PORTAL_MODE_PROMPT); ++ break; ++ default: ++ // Default URLs as placeholder ++ Settings.Global.putString(cr, Settings.Global.CAPTIVE_PORTAL_HTTP_URL, ++ STANDARD_HTTP_URL); ++ Settings.Global.putString(cr, Settings.Global.CAPTIVE_PORTAL_HTTPS_URL, ++ STANDARD_HTTPS_URL); ++ Settings.Global.putString(cr, Settings.Global.CAPTIVE_PORTAL_FALLBACK_URL, ++ STANDARD_FALLBACK_URL); ++ Settings.Global.putString( ++ cr, Settings.Global.CAPTIVE_PORTAL_OTHER_FALLBACK_URLS, ++ STANDARD_OTHER_FALLBACK_URLS); ++ Settings.Global.putInt(cr, Settings.Global.CAPTIVE_PORTAL_MODE, ++ Settings.Global.CAPTIVE_PORTAL_MODE_IGNORE); ++ } ++ } ++ ++ @Override ++ public boolean onPreferenceChange(Preference preference, Object value) { ++ final String key = preference.getKey(); ++ if (KEY_CONNECTIVITY_CHECK_SETTINGS.equals(key)) { ++ setCaptivePortalURLs(mContext.getContentResolver(), ++ Integer.parseInt((String)value)); ++ return true; ++ } else { ++ return false; ++ } ++ } ++ ++ private EnforcedAdmin getEnforcedAdmin() { ++ return RestrictedLockUtilsInternal.checkIfRestrictionEnforced( ++ mContext, UserManager.DISALLOW_CONFIG_PRIVATE_DNS, ++ UserHandle.myUserId()); ++ } ++ ++ private boolean isDisabledByAdmin() { return getEnforcedAdmin() != null; } ++} +diff --git a/src/com/android/settings/network/NetworkDashboardFragment.java b/src/com/android/settings/network/NetworkDashboardFragment.java +index 8c686a54aa..19b3ae3ea6 100644 +--- a/src/com/android/settings/network/NetworkDashboardFragment.java ++++ b/src/com/android/settings/network/NetworkDashboardFragment.java +@@ -104,6 +104,8 @@ public class NetworkDashboardFragment extends DashboardFragment implements + new VpnPreferenceController(context); + final PrivateDnsPreferenceController privateDnsPreferenceController = + new PrivateDnsPreferenceController(context); ++ final ConnectivityCheckPreferenceController connectivityCheckPreferenceController = ++ new ConnectivityCheckPreferenceController(context); + + if (lifecycle != null) { + lifecycle.addObserver(mobilePlanPreferenceController); +@@ -129,6 +131,7 @@ public class NetworkDashboardFragment extends DashboardFragment implements + controllers.add(mobilePlanPreferenceController); + controllers.add(wifiPreferenceController); + controllers.add(privateDnsPreferenceController); ++ controllers.add(connectivityCheckPreferenceController); + return controllers; + } + diff --git a/Patches/LineageOS-17.1/android_packages_apps_Settings/0012-hosts_toggle.patch b/Patches/LineageOS-17.1/android_packages_apps_Settings/0012-hosts_toggle.patch new file mode 100644 index 00000000..0381aa75 --- /dev/null +++ b/Patches/LineageOS-17.1/android_packages_apps_Settings/0012-hosts_toggle.patch @@ -0,0 +1,172 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Tad +Date: Wed, 20 Apr 2022 01:04:27 -0400 +Subject: [PATCH] Add a toggle to disable /etc/hosts lookup + +Copy and pasted from the GrapheneOS exec spawning toggle patch + +Signed-off-by: Tad +Change-Id: Ic01a142722372d9d57f52947025cd9db23e58ef4 +--- + res/values/strings.xml | 3 + + res/xml/security_dashboard_settings.xml | 6 + + .../security/HostsPreferenceController.java | 106 ++++++++++++++++++ + .../settings/security/SecuritySettings.java | 1 + + 4 files changed, 116 insertions(+) + create mode 100644 src/com/android/settings/security/HostsPreferenceController.java + +diff --git a/res/values/strings.xml b/res/values/strings.xml +index 88bd100122..a64940d793 100644 +--- a/res/values/strings.xml ++++ b/res/values/strings.xml +@@ -11327,6 +11327,9 @@ + Enable native code debugging + Generate useful logs / bug reports from crashes and permit debugging native code. + ++ Disable DNS content blocker ++ Disables use of the included /etc/hosts database for data collection and malware blocking. ++ + + Privacy + +diff --git a/res/xml/security_dashboard_settings.xml b/res/xml/security_dashboard_settings.xml +index 08328ad7b6..23a39d3106 100644 +--- a/res/xml/security_dashboard_settings.xml ++++ b/res/xml/security_dashboard_settings.xml +@@ -75,6 +75,12 @@ + android:title="@string/native_debug_title" + android:summary="@string/native_debug_summary" + android:persistent="false" /> ++ ++ + + + +diff --git a/src/com/android/settings/security/HostsPreferenceController.java b/src/com/android/settings/security/HostsPreferenceController.java +new file mode 100644 +index 0000000000..d8af6d2649 +--- /dev/null ++++ b/src/com/android/settings/security/HostsPreferenceController.java +@@ -0,0 +1,106 @@ ++/* ++ * Copyright (C) 2022 The Android Open Source Project ++ * ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License ++ */ ++ ++package com.android.settings.security; ++ ++import android.content.Context; ++ ++import android.os.UserHandle; ++import android.os.UserManager; ++import android.os.SystemProperties; ++ ++import android.provider.Settings; ++ ++import androidx.preference.Preference; ++import androidx.preference.PreferenceCategory; ++import androidx.preference.PreferenceGroup; ++import androidx.preference.PreferenceScreen; ++import androidx.preference.TwoStatePreference; ++import androidx.preference.SwitchPreference; ++ ++import com.android.internal.widget.LockPatternUtils; ++import com.android.settings.core.PreferenceControllerMixin; ++import com.android.settingslib.core.AbstractPreferenceController; ++import com.android.settingslib.core.lifecycle.events.OnResume; ++ ++public class HostsPreferenceController extends AbstractPreferenceController ++ implements PreferenceControllerMixin, OnResume, Preference.OnPreferenceChangeListener { ++ ++ private static final String SYS_KEY_HOSTS_DISABLE = "persist.security.hosts_disable"; ++ private static final String PREF_KEY_HOSTS_DISABLE = "hosts_disable"; ++ private static final String PREF_KEY_SECURITY_CATEGORY = "security_category"; ++ ++ private PreferenceCategory mSecurityCategory; ++ private SwitchPreference mHostsDisable; ++ private boolean mIsAdmin; ++ private UserManager mUm; ++ ++ public HostsPreferenceController(Context context) { ++ super(context); ++ mUm = UserManager.get(context); ++ } ++ ++ @Override ++ public void displayPreference(PreferenceScreen screen) { ++ super.displayPreference(screen); ++ mSecurityCategory = screen.findPreference(PREF_KEY_SECURITY_CATEGORY); ++ updatePreferenceState(); ++ } ++ ++ @Override ++ public boolean isAvailable() { ++ mIsAdmin = mUm.isAdminUser(); ++ return mIsAdmin; ++ } ++ ++ @Override ++ public String getPreferenceKey() { ++ return PREF_KEY_HOSTS_DISABLE; ++ } ++ ++ // TODO: should we use onCreatePreferences() instead? ++ private void updatePreferenceState() { ++ if (mSecurityCategory == null) { ++ return; ++ } ++ ++ if (mIsAdmin) { ++ mHostsDisable = (SwitchPreference) mSecurityCategory.findPreference(PREF_KEY_HOSTS_DISABLE); ++ mHostsDisable.setChecked(SystemProperties.getInt(SYS_KEY_HOSTS_DISABLE, 0) == 1); ++ } else { ++ mSecurityCategory.removePreference(mSecurityCategory.findPreference(PREF_KEY_HOSTS_DISABLE)); ++ } ++ } ++ ++ @Override ++ public void onResume() { ++ updatePreferenceState(); ++ if (mHostsDisable != null) { ++ boolean mode = mHostsDisable.isChecked(); ++ SystemProperties.set(SYS_KEY_HOSTS_DISABLE, mode ? "1" : "0"); ++ } ++ } ++ ++ @Override ++ public boolean onPreferenceChange(Preference preference, Object value) { ++ final String key = preference.getKey(); ++ if (PREF_KEY_HOSTS_DISABLE.equals(key)) { ++ final boolean mode = !mHostsDisable.isChecked(); ++ SystemProperties.set(SYS_KEY_HOSTS_DISABLE, mode ? "1" : "0"); ++ } ++ return true; ++ } ++} +diff --git a/src/com/android/settings/security/SecuritySettings.java b/src/com/android/settings/security/SecuritySettings.java +index a5e0add739..88ba2ece3a 100644 +--- a/src/com/android/settings/security/SecuritySettings.java ++++ b/src/com/android/settings/security/SecuritySettings.java +@@ -123,6 +123,7 @@ public class SecuritySettings extends DashboardFragment { + securityPreferenceControllers.add(new AutoRebootPreferenceController(context)); + securityPreferenceControllers.add(new ExecSpawnPreferenceController(context)); + securityPreferenceControllers.add(new NativeDebugPreferenceController(context)); ++ securityPreferenceControllers.add(new HostsPreferenceController(context)); + controllers.add(new PreferenceCategoryController(context, SECURITY_CATEGORY) + .setChildren(securityPreferenceControllers)); + controllers.addAll(securityPreferenceControllers); diff --git a/Patches/LineageOS-17.1/android_system_netd/0002-hosts_toggle.patch b/Patches/LineageOS-17.1/android_system_netd/0002-hosts_toggle.patch new file mode 100644 index 00000000..2f309ea8 --- /dev/null +++ b/Patches/LineageOS-17.1/android_system_netd/0002-hosts_toggle.patch @@ -0,0 +1,34 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Tad +Date: Wed, 20 Apr 2022 00:40:53 -0400 +Subject: [PATCH] Add a toggle to disable /etc/hosts lookup + +[tad@spotco.us]: backport to netd +Signed-off-by: Tad +Change-Id: Iea165003474e1107dc77980985bf9928c369dbb5 +--- + resolv/getaddrinfo.cpp | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/resolv/getaddrinfo.cpp b/resolv/getaddrinfo.cpp +index cf8e4d26..245132f6 100644 +--- a/resolv/getaddrinfo.cpp ++++ b/resolv/getaddrinfo.cpp +@@ -56,6 +56,7 @@ + #include + + #include ++#include + + #include "netd_resolv/resolv.h" + #include "resolv_cache.h" +@@ -1550,6 +1551,9 @@ found: + } + + static bool files_getaddrinfo(const char* name, const addrinfo* pai, addrinfo** res) { ++ if ((android::base::GetIntProperty("persist.security.hosts_disable", 0) != 0) && (strcmp("localhost", name) != 0) && (strcmp("ip6-localhost", name) != 0)) ++ return false; ++ + struct addrinfo sentinel = {}; + struct addrinfo *p, *cur; + FILE* hostf = NULL; diff --git a/Patches/LineageOS-18.1/android_packages_apps_Settings/0001-Captive_Portal_Toggle-gos.patch b/Patches/LineageOS-18.1/android_packages_apps_Settings/0001-Captive_Portal_Toggle-gos.patch index 624de195..d765046c 100644 --- a/Patches/LineageOS-18.1/android_packages_apps_Settings/0001-Captive_Portal_Toggle-gos.patch +++ b/Patches/LineageOS-18.1/android_packages_apps_Settings/0001-Captive_Portal_Toggle-gos.patch @@ -23,10 +23,8 @@ Change-Id: I8a762d0f29ac42fce3dcfc7189e8ff216a8f8d1a res/xml/network_and_internet.xml | 8 + ...ConnectivityCheckPreferenceController.java | 328 ++++++++++++++++++ .../network/NetworkDashboardFragment.java | 3 + - .../network/NetworkDashboardFragment.java.rej | 11 + - 6 files changed, 377 insertions(+) + 5 files changed, 366 insertions(+) create mode 100644 src/com/android/settings/network/ConnectivityCheckPreferenceController.java - create mode 100644 src/com/android/settings/network/NetworkDashboardFragment.java.rej diff --git a/res/values/arrays.xml b/res/values/arrays.xml index 617548cadc..87fd6e5df6 100644 @@ -94,7 +92,7 @@ index 6bf6dbaccf..8ee092aa04 100644 diff --git a/src/com/android/settings/network/ConnectivityCheckPreferenceController.java b/src/com/android/settings/network/ConnectivityCheckPreferenceController.java new file mode 100644 -index 0000000000..3dc7520df3 +index 0000000000..942ae750bc --- /dev/null +++ b/src/com/android/settings/network/ConnectivityCheckPreferenceController.java @@ -0,0 +1,328 @@ @@ -447,20 +445,3 @@ index db704ae850..c77b07821e 100644 return controllers; } -diff --git a/src/com/android/settings/network/NetworkDashboardFragment.java.rej b/src/com/android/settings/network/NetworkDashboardFragment.java.rej -new file mode 100644 -index 0000000000..491cf70863 ---- /dev/null -+++ b/src/com/android/settings/network/NetworkDashboardFragment.java.rej -@@ -0,0 +1,11 @@ -+diff a/src/com/android/settings/network/NetworkDashboardFragment.java b/src/com/android/settings/network/NetworkDashboardFragment.java (rejected hunks) -+@@ -119,6 +119,9 @@ public class NetworkDashboardFragment extends DashboardFragment implements -+ } -+ controllers.add(privateDnsPreferenceController); -+ controllers.add(new NetworkProviderCallsSmsController(context, lifecycle)); -++ ConnectivityCheckPreferenceController connectivityCheck = -++ new ConnectivityCheckPreferenceController(context); -++ controllers.add(connectivityCheck); -+ return controllers; -+ } -+ diff --git a/Patches/LineageOS-18.1/android_packages_apps_Settings/0004-Private_DNS.patch b/Patches/LineageOS-18.1/android_packages_apps_Settings/0004-Private_DNS.patch index 8473e277..42a4ad26 100644 --- a/Patches/LineageOS-18.1/android_packages_apps_Settings/0004-Private_DNS.patch +++ b/Patches/LineageOS-18.1/android_packages_apps_Settings/0004-Private_DNS.patch @@ -84,7 +84,7 @@ index 0b4f4db6c4..ca6a2cf62d 100644 android:id="@+id/private_dns_mode_opportunistic" layout="@layout/preference_widget_dialog_radiobutton"/> diff --git a/res/values/cm_strings.xml b/res/values/cm_strings.xml -index 5ddfe66ec0..89341009d4 100644 +index d13d4d4fe8..90f8829027 100644 --- a/res/values/cm_strings.xml +++ b/res/values/cm_strings.xml @@ -137,6 +137,21 @@ diff --git a/Patches/LineageOS-18.1/android_packages_apps_Settings/0005-Automatic_Reboot.patch b/Patches/LineageOS-18.1/android_packages_apps_Settings/0005-Automatic_Reboot.patch index 26b68906..28421564 100644 --- a/Patches/LineageOS-18.1/android_packages_apps_Settings/0005-Automatic_Reboot.patch +++ b/Patches/LineageOS-18.1/android_packages_apps_Settings/0005-Automatic_Reboot.patch @@ -13,10 +13,10 @@ Subject: [PATCH] add auto-reboot setting create mode 100644 src/com/android/settings/security/AutoRebootPreferenceController.java diff --git a/res/values/arrays.xml b/res/values/arrays.xml -index 617548cadc..9caf926229 100644 +index 87fd6e5df6..b2ea885d46 100644 --- a/res/values/arrays.xml +++ b/res/values/arrays.xml -@@ -146,6 +146,37 @@ +@@ -170,6 +170,37 @@ 1800000 @@ -55,7 +55,7 @@ index 617548cadc..9caf926229 100644 Small Default diff --git a/res/values/strings.xml b/res/values/strings.xml -index 0c6fe1a541..b9f886d492 100644 +index 0173a8bf31..3d9a6548fc 100644 --- a/res/values/strings.xml +++ b/res/values/strings.xml @@ -647,6 +647,9 @@ diff --git a/Patches/LineageOS-18.1/android_packages_apps_Settings/0006-Bluetooth_Timeout.patch b/Patches/LineageOS-18.1/android_packages_apps_Settings/0006-Bluetooth_Timeout.patch index ca1e59d9..9b8bf81b 100644 --- a/Patches/LineageOS-18.1/android_packages_apps_Settings/0006-Bluetooth_Timeout.patch +++ b/Patches/LineageOS-18.1/android_packages_apps_Settings/0006-Bluetooth_Timeout.patch @@ -12,7 +12,7 @@ Subject: [PATCH] add bluetooth auto-turn-off setting create mode 100644 src/com/android/settings/bluetooth/BluetoothTimeoutPreferenceController.java diff --git a/res/values/arrays.xml b/res/values/arrays.xml -index 9caf926229..d40e65e536 100644 +index b2ea885d46..5317326366 100644 --- a/res/values/arrays.xml +++ b/res/values/arrays.xml @@ -39,6 +39,50 @@ @@ -67,7 +67,7 @@ index 9caf926229..d40e65e536 100644 15 seconds diff --git a/res/values/strings.xml b/res/values/strings.xml -index b9f886d492..e925a30b3e 100644 +index 3d9a6548fc..773e7ffa68 100644 --- a/res/values/strings.xml +++ b/res/values/strings.xml @@ -27,6 +27,25 @@ diff --git a/Patches/LineageOS-18.1/android_packages_apps_Settings/0007-WiFi_Timeout.patch b/Patches/LineageOS-18.1/android_packages_apps_Settings/0007-WiFi_Timeout.patch index 737f6ab4..1fed1deb 100644 --- a/Patches/LineageOS-18.1/android_packages_apps_Settings/0007-WiFi_Timeout.patch +++ b/Patches/LineageOS-18.1/android_packages_apps_Settings/0007-WiFi_Timeout.patch @@ -12,7 +12,7 @@ Subject: [PATCH] add Wi-Fi timeout feature create mode 100644 src/com/android/settings/wifi/WifiTimeoutPreferenceController.java diff --git a/res/values/arrays.xml b/res/values/arrays.xml -index d40e65e536..6259f4d1a5 100644 +index 5317326366..2013c789cd 100644 --- a/res/values/arrays.xml +++ b/res/values/arrays.xml @@ -83,6 +83,50 @@ @@ -67,7 +67,7 @@ index d40e65e536..6259f4d1a5 100644 15 seconds diff --git a/res/values/strings.xml b/res/values/strings.xml -index e925a30b3e..de6d38bcbd 100644 +index 773e7ffa68..278b6ace5e 100644 --- a/res/values/strings.xml +++ b/res/values/strings.xml @@ -46,6 +46,25 @@ diff --git a/Patches/LineageOS-18.1/android_packages_apps_Settings/0008-ptrace_scope.patch b/Patches/LineageOS-18.1/android_packages_apps_Settings/0008-ptrace_scope.patch index 22220435..cb897f30 100644 --- a/Patches/LineageOS-18.1/android_packages_apps_Settings/0008-ptrace_scope.patch +++ b/Patches/LineageOS-18.1/android_packages_apps_Settings/0008-ptrace_scope.patch @@ -12,7 +12,7 @@ Subject: [PATCH] add native debugging setting create mode 100644 src/com/android/settings/security/NativeDebugPreferenceController.java diff --git a/res/values/strings.xml b/res/values/strings.xml -index de6d38bcbd..dc14819f0c 100644 +index 278b6ace5e..dd813f1784 100644 --- a/res/values/strings.xml +++ b/res/values/strings.xml @@ -11957,6 +11957,9 @@ diff --git a/Patches/LineageOS-18.1/android_packages_apps_Settings/0009-Install_Restrictions.patch b/Patches/LineageOS-18.1/android_packages_apps_Settings/0009-Install_Restrictions.patch index f8d53f53..9f81728a 100644 --- a/Patches/LineageOS-18.1/android_packages_apps_Settings/0009-Install_Restrictions.patch +++ b/Patches/LineageOS-18.1/android_packages_apps_Settings/0009-Install_Restrictions.patch @@ -10,7 +10,7 @@ Subject: [PATCH] UserManager app installation restrictions 3 files changed, 44 insertions(+), 5 deletions(-) diff --git a/res/values/strings.xml b/res/values/strings.xml -index e612651bfe..c8e830342b 100644 +index 4ea24ec62e..a2c18d6cea 100644 --- a/res/values/strings.xml +++ b/res/values/strings.xml @@ -7088,6 +7088,8 @@ diff --git a/Patches/LineageOS-18.1/android_packages_apps_Settings/0010-exec_spawning_toggle.patch b/Patches/LineageOS-18.1/android_packages_apps_Settings/0010-exec_spawning_toggle.patch index 9f539ff6..3996b0be 100644 --- a/Patches/LineageOS-18.1/android_packages_apps_Settings/0010-exec_spawning_toggle.patch +++ b/Patches/LineageOS-18.1/android_packages_apps_Settings/0010-exec_spawning_toggle.patch @@ -12,7 +12,7 @@ Subject: [PATCH] add exec spawning toggle create mode 100644 src/com/android/settings/security/ExecSpawnPreferenceController.java diff --git a/res/values/strings.xml b/res/values/strings.xml -index dc14819f0c..e612651bfe 100644 +index dd813f1784..4ea24ec62e 100644 --- a/res/values/strings.xml +++ b/res/values/strings.xml @@ -11957,6 +11957,8 @@ diff --git a/Patches/LineageOS-18.1/android_packages_apps_Settings/0011-Random_MAC-1.patch b/Patches/LineageOS-18.1/android_packages_apps_Settings/0011-Random_MAC-1.patch index fb97d4ab..726b7823 100644 --- a/Patches/LineageOS-18.1/android_packages_apps_Settings/0011-Random_MAC-1.patch +++ b/Patches/LineageOS-18.1/android_packages_apps_Settings/0011-Random_MAC-1.patch @@ -13,10 +13,10 @@ RANDOMIZATION_ALWAYS is set as the default option 5 files changed, 56 insertions(+), 17 deletions(-) diff --git a/res/values/arrays.xml b/res/values/arrays.xml -index 6259f4d1a5..e93794e955 100644 +index 2013c789cd..309cbc9e77 100644 --- a/res/values/arrays.xml +++ b/res/values/arrays.xml -@@ -1332,7 +1332,8 @@ +@@ -1356,7 +1356,8 @@ @@ -26,7 +26,7 @@ index 6259f4d1a5..e93794e955 100644 Use device MAC -@@ -1348,6 +1349,7 @@ +@@ -1372,6 +1373,7 @@ diff --git a/Patches/LineageOS-18.1/android_packages_apps_Settings/0012-hosts_toggle.patch b/Patches/LineageOS-18.1/android_packages_apps_Settings/0012-hosts_toggle.patch index d8f5c82b..da263f02 100644 --- a/Patches/LineageOS-18.1/android_packages_apps_Settings/0012-hosts_toggle.patch +++ b/Patches/LineageOS-18.1/android_packages_apps_Settings/0012-hosts_toggle.patch @@ -16,7 +16,7 @@ Change-Id: Ic01a142722372d9d57f52947025cd9db23e58ef4 create mode 100644 src/com/android/settings/security/HostsPreferenceController.java diff --git a/res/values/strings.xml b/res/values/strings.xml -index c8e830342b..b04499511b 100644 +index a2c18d6cea..087fd82ef9 100644 --- a/res/values/strings.xml +++ b/res/values/strings.xml @@ -11969,6 +11969,9 @@ diff --git a/Patches/LineageOS-18.1/android_packages_apps_Settings/0013-LTE_Only_Mode-1.patch b/Patches/LineageOS-18.1/android_packages_apps_Settings/0013-LTE_Only_Mode-1.patch index 0c8aaa70..8711b193 100644 --- a/Patches/LineageOS-18.1/android_packages_apps_Settings/0013-LTE_Only_Mode-1.patch +++ b/Patches/LineageOS-18.1/android_packages_apps_Settings/0013-LTE_Only_Mode-1.patch @@ -11,10 +11,10 @@ Subject: [PATCH] add LTE only setting 4 files changed, 39 insertions(+), 3 deletions(-) diff --git a/res/values/arrays.xml b/res/values/arrays.xml -index e93794e955..af140191ee 100644 +index 309cbc9e77..7d6ca66e85 100644 --- a/res/values/arrays.xml +++ b/res/values/arrays.xml -@@ -1393,6 +1393,9 @@ +@@ -1417,6 +1417,9 @@ 4 @@ -24,7 +24,7 @@ index e93794e955..af140191ee 100644 @string/network_lte @string/network_3G -@@ -1482,7 +1485,7 @@ +@@ -1506,7 +1509,7 @@ CDMA + LTE/EvDo GSM/WCDMA/LTE LTE/CDMA/EvDo/GSM/WCDMA @@ -34,7 +34,7 @@ index e93794e955..af140191ee 100644 TDSCDMA only TDSCDMA/WCDMA diff --git a/res/values/strings.xml b/res/values/strings.xml -index b04499511b..53834ef17a 100644 +index 087fd82ef9..060f94a48f 100644 --- a/res/values/strings.xml +++ b/res/values/strings.xml @@ -11593,6 +11593,8 @@ diff --git a/Patches/LineageOS-18.1/android_packages_modules_DnsResolver/0001-hosts_toggle.patch b/Patches/LineageOS-18.1/android_packages_modules_DnsResolver/0001-hosts_toggle.patch index 34c1cb5c..a5fb9036 100644 --- a/Patches/LineageOS-18.1/android_packages_modules_DnsResolver/0001-hosts_toggle.patch +++ b/Patches/LineageOS-18.1/android_packages_modules_DnsResolver/0001-hosts_toggle.patch @@ -10,7 +10,7 @@ Change-Id: Iea165003474e1107dc77980985bf9928c369dbb5 1 file changed, 4 insertions(+) diff --git a/getaddrinfo.cpp b/getaddrinfo.cpp -index 071f6ac..955b5c2 100644 +index 071f6ac..c22c11d 100644 --- a/getaddrinfo.cpp +++ b/getaddrinfo.cpp @@ -57,6 +57,7 @@ @@ -25,7 +25,7 @@ index 071f6ac..955b5c2 100644 static bool files_getaddrinfo(const size_t netid, const char* name, const addrinfo* pai, addrinfo** res) { -+ if (android::base::GetIntProperty("persist.security.hosts_disable", 0) != 0 && name != "localhost" && name != "ip6-localhost") ++ if ((android::base::GetIntProperty("persist.security.hosts_disable", 0) != 0) && (strcmp("localhost", name) != 0) && (strcmp("ip6-localhost", name) != 0)) + return false; + struct addrinfo sentinel = {}; diff --git a/Patches/LineageOS-19.1/android_packages_modules_DnsResolver/0002-hosts_toggle.patch b/Patches/LineageOS-19.1/android_packages_modules_DnsResolver/0002-hosts_toggle.patch index 88e5ba28..6529c95f 100644 --- a/Patches/LineageOS-19.1/android_packages_modules_DnsResolver/0002-hosts_toggle.patch +++ b/Patches/LineageOS-19.1/android_packages_modules_DnsResolver/0002-hosts_toggle.patch @@ -25,7 +25,7 @@ index f0c0ba8..8548b1a 100644 static bool files_getaddrinfo(const size_t netid, const char* name, const addrinfo* pai, addrinfo** res) { -+ if (android::base::GetIntProperty("persist.security.hosts_disable", 0) != 0 && name != "localhost" && name != "ip6-localhost") ++ if ((android::base::GetIntProperty("persist.security.hosts_disable", 0) != 0) && (strcmp("localhost", name) != 0) && (strcmp("ip6-localhost", name) != 0)) + return false; + struct addrinfo sentinel = {}; diff --git a/Patches/LineageOS-20.0/android_packages_modules_DnsResolver/0002-hosts_toggle.patch b/Patches/LineageOS-20.0/android_packages_modules_DnsResolver/0002-hosts_toggle.patch index 830dbb3f..6768f8d2 100644 --- a/Patches/LineageOS-20.0/android_packages_modules_DnsResolver/0002-hosts_toggle.patch +++ b/Patches/LineageOS-20.0/android_packages_modules_DnsResolver/0002-hosts_toggle.patch @@ -25,7 +25,7 @@ index d854293..6ff4f09 100644 static bool files_getaddrinfo(const size_t netid, const char* name, const addrinfo* pai, addrinfo** res) { -+ if (android::base::GetIntProperty("persist.security.hosts_disable", 0) != 0 && name != "localhost" && name != "ip6-localhost") ++ if ((android::base::GetIntProperty("persist.security.hosts_disable", 0) != 0) && (strcmp("localhost", name) != 0) && (strcmp("ip6-localhost", name) != 0)) + return false; + struct addrinfo sentinel = {}; diff --git a/Scripts/LineageOS-15.1/Patch.sh b/Scripts/LineageOS-15.1/Patch.sh index 5edc4b28..52e83adb 100644 --- a/Scripts/LineageOS-15.1/Patch.sh +++ b/Scripts/LineageOS-15.1/Patch.sh @@ -109,8 +109,10 @@ fi; #if [ "$DOS_GRAPHENE_MALLOC_BROKEN" = true ]; then #if enterAndClear "external/hardened_malloc"; then +#git revert --no-edit 3d18fb80742fd80a75481b580d102deb18c74af9; #compile fix #applyPatch "$DOS_PATCHES_COMMON/android_external_hardened_malloc/0001-Broken_Audio.patch"; #DeviceDescriptor sorting wrongly relies on malloc addresses (GrapheneOS) #applyPatch "$DOS_PATCHES_COMMON/android_external_hardened_malloc/0002-Broken_Cameras.patch"; #Expand workaround to all camera executables (DivestOS) +#sed -i 's/struct mallinfo info = {0};/struct mallinfo info = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0};/' h_malloc.c; #compile fix #fi; #fi; diff --git a/Scripts/LineageOS-17.1/Functions.sh b/Scripts/LineageOS-17.1/Functions.sh index 0c56f6e8..a08dc267 100644 --- a/Scripts/LineageOS-17.1/Functions.sh +++ b/Scripts/LineageOS-17.1/Functions.sh @@ -83,7 +83,6 @@ patchWorkspace() { source build/envsetup.sh; #repopick -it ten-firewall; repopick -it Q_tzdb2022f; - repopick -it Q_asb_2023-01; sh "$DOS_SCRIPTS/Patch.sh"; sh "$DOS_SCRIPTS_COMMON/Enable_Verity.sh"; diff --git a/Scripts/LineageOS-17.1/Patch.sh b/Scripts/LineageOS-17.1/Patch.sh index 5f92695c..5fdc5c59 100644 --- a/Scripts/LineageOS-17.1/Patch.sh +++ b/Scripts/LineageOS-17.1/Patch.sh @@ -85,6 +85,7 @@ applyPatch "$DOS_PATCHES/android_bionic/0003-Graphene_Bionic_Hardening-9.patch"; #applyPatch "$DOS_PATCHES/android_bionic/0003-Graphene_Bionic_Hardening-16.patch"; #Move pthread_internal_t behind guard page (GrapheneOS) #applyPatch "$DOS_PATCHES/android_bionic/0003-Graphene_Bionic_Hardening-17.patch"; #Add secondary stack randomization (GrapheneOS) fi; +applyPatch "$DOS_PATCHES/android_bionic/0004-hosts_toggle.patch"; #Add a toggle to disable /etc/hosts lookup (DivestOS) fi; if enterAndClear "build/make"; then @@ -301,6 +302,7 @@ if enterAndClear "packages/apps/Settings"; then git revert --no-edit 486980cfecce2ca64267f41462f9371486308e9d; #Don't hide OEM unlock #applyPatch "$DOS_PATCHES/android_packages_apps_Settings/272651.patch"; #ten-bt-sbc-hd-dualchannel: Add Dual Channel into Bluetooth Audio Channel Mode developer options menu (ValdikSS) applyPatch "$DOS_PATCHES/android_packages_apps_Settings/0001-Captive_Portal_Toggle.patch"; #Add option to disable captive portal checks (MSe1969) +#applyPatch "$DOS_PATCHES/android_packages_apps_Settings/0001-Captive_Portal_Toggle-gos.patch"; #Add option to disable captive portal checks (GrapheneOS) #FIXME: needs work applyPatch "$DOS_PATCHES/android_packages_apps_Settings/0003-Remove_SensorsOff_Tile.patch"; #Remove the Sensors Off development tile (DivestOS) applyPatch "$DOS_PATCHES/android_packages_apps_Settings/0004-Private_DNS.patch"; #More 'Private DNS' options (heavily based off of a CalyxOS patch) applyPatch "$DOS_PATCHES/android_packages_apps_Settings/0005-Automatic_Reboot.patch"; #Timeout for reboot (GrapheneOS) @@ -311,6 +313,7 @@ if [ "$DOS_GRAPHENE_EXEC" = true ]; then applyPatch "$DOS_PATCHES/android_packag applyPatch "$DOS_PATCHES/android_packages_apps_Settings/0010-Random_MAC-1.patch"; #Add option to always randomize MAC (GrapheneOS) applyPatch "$DOS_PATCHES/android_packages_apps_Settings/0010-Random_MAC-2.patch"; #Remove partial MAC randomization translations (GrapheneOS) applyPatch "$DOS_PATCHES/android_packages_apps_Settings/0011-LTE_Only_Mode.patch"; #Add LTE-only option (GrapheneOS) +applyPatch "$DOS_PATCHES/android_packages_apps_Settings/0012-hosts_toggle.patch"; #Add a toggle to disable /etc/hosts lookup (heavily based off of a GrapheneOS patch) sed -i 's/private int mPasswordMaxLength = 16;/private int mPasswordMaxLength = 64;/' src/com/android/settings/password/ChooseLockPassword.java; #Increase default max password length to 64 (GrapheneOS) sed -i 's/if (isFullDiskEncrypted()) {/if (false) {/' src/com/android/settings/accessibility/*AccessibilityService*.java; #Never disable secure start-up when enabling an accessibility service fi; @@ -374,6 +377,7 @@ fi; if enterAndClear "system/netd"; then applyPatch "$DOS_PATCHES/android_system_netd/0001-Network_Permission.patch"; #Expose the NETWORK permission (GrapheneOS) +applyPatch "$DOS_PATCHES/android_system_netd/0002-hosts_toggle.patch"; #Add a toggle to disable /etc/hosts lookup (DivestOS) fi; if enterAndClear "system/sepolicy"; then