Various changes

- 17.1: Add more captive portal server options like 18.1+, disabled: needs fixes
- 17.1: Add the hosts toggle like 18.1+
- 18.1: fix junk in patch
- 17.1+: hosts toggle: bugfix: fixup localhost handling by switching to strcmp
- 15.1: fixes to get hmalloc to compile, does NOT boot

Signed-off-by: Tad <tad@spotco.us>

Patches/LineageOS-17.1/android_bionic/0004-hosts_toggle.patch

@@ -0,0 +1,35 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Tad <tad@spotco.us>
+Date: Wed, 20 Apr 2022 00:40:52 -0400
+Subject: [PATCH] Add a toggle to disable /etc/hosts lookup
+
+Signed-off-by: Tad <tad@spotco.us>
+Change-Id: I92679c57e73228dc194e61a86ea1a18b2ac90e04
+---
+ libc/dns/net/getaddrinfo.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/libc/dns/net/getaddrinfo.c b/libc/dns/net/getaddrinfo.c
+index cc94b21e2..12294da04 100644
+--- a/libc/dns/net/getaddrinfo.c
++++ b/libc/dns/net/getaddrinfo.c
+@@ -83,6 +83,7 @@
+ #include <sys/stat.h>
+ #include <sys/param.h>
+ #include <sys/socket.h>
++#include <sys/system_properties.h>
+ #include <sys/un.h>
+ #include <net/if.h>
+ #include <netinet/in.h>
+@@ -2127,6 +2128,11 @@ _files_getaddrinfo(void *rv, void *cb_data, va_list ap)
+ 	name = va_arg(ap, char *);
+ 	pai = va_arg(ap, struct addrinfo *);
+ 
++	char value[PROP_VALUE_MAX] = { 0 };
++	if (__system_property_get("persist.security.hosts_disable", value) != 0)
++		if (atoi(value) != 0 && strcmp(name, "localhost") != 0 && strcmp(name, "ip6-localhost") != 0)
++			return NS_NOTFOUND;
++
+ 	memset(&sentinel, 0, sizeof(sentinel));
+ 	cur = &sentinel;
+ 	int gai_error = hc_getaddrinfo(name, NULL, pai, &cur);

Patches/LineageOS-17.1/android_packages_apps_Settings/0001-Captive_Portal_Toggle-gos.patch

@@ -0,0 +1,447 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Pratyush <codelab@pratyush.dev>
+Date: Wed, 20 Oct 2021 05:40:11 +0530
+Subject: [PATCH] add toggle to set captiveportal settings
+
+Access is disallowed for users that are disallowed from configuring
+Private DNS settings. This restriction provides administrative control
+over this feature in a way that's compatible with existing device
+manager implementations. Private DNS is the closest fit from the
+existing user management restrictions that are available.
+
+Co-authored-by: stuux <stuux@posteo.net>
+Co-authored-by: Renlord <me@renlord.com>
+Co-authored-by: Danny Lin <danny@kdrag0n.dev>
+Co-authored-by: anupritaisno1 <www.anuprita804@gmail.com>
+Signed-off-by: empratyush <codelab@pratyush.dev>
+[tad@spotco.us]: add multiple other server options
+[tad@spotco.us]: merge with the GrapheneOS patch from RQ3A.211001.001.2021100606
+Change-Id: I8a762d0f29ac42fce3dcfc7189e8ff216a8f8d1a
+---
+ res/values/arrays.xml                         |  24 ++
+ res/values/strings.xml                        |   3 +
+ res/xml/network_and_internet.xml              |   8 +
+ ...ConnectivityCheckPreferenceController.java | 328 ++++++++++++++++++
+ .../network/NetworkDashboardFragment.java     |   3 +
+ 5 files changed, 366 insertions(+)
+ create mode 100644 src/com/android/settings/network/ConnectivityCheckPreferenceController.java
+
+diff --git a/res/values/arrays.xml b/res/values/arrays.xml
+index b983f467df..d799348200 100644
+--- a/res/values/arrays.xml
++++ b/res/values/arrays.xml
+@@ -108,6 +108,30 @@
+         <item>@string/dark_ui_auto_mode_auto</item>
+     </string-array>
+ 
++    <string-array name="connectivity_check_entries">
++        <item>Disabled</item>
++        <item>Google (US) [default]</item>
++        <!--<item>GrapheneOS (CA)</item>-->
++        <item>DivestOS (US)</item>
++        <item>openSUSE (DE)</item>
++        <item>Ubuntu (UK)</item>
++        <item>Amazon Fire OS (US)</item>
++        <item>Microsoft Edge (US)</item>
++        <item>Kuketz (DE)</item>
++    </string-array>
++
++    <string-array name="connectivity_check_values" translatable="false">
++        <item>0</item>
++        <item>1</item>
++        <!--<item>2</item>-->
++        <item>3</item>
++        <item>4</item>
++        <item>5</item>
++        <item>6</item>
++        <item>7</item>
++        <item>8</item>
++    </string-array>
++
+     <!-- Security settings.  The delay after screen is turned off until device locks.
+          These are shown in a list dialog. -->
+     <string-array name="lock_after_timeout_entries">
+diff --git a/res/values/strings.xml b/res/values/strings.xml
+index 2180ea45f6..edd9a93761 100644
+--- a/res/values/strings.xml
++++ b/res/values/strings.xml
+@@ -11462,4 +11462,7 @@
+     <string name="bluetooth_connect_access_dialog_negative">Don\u2019t connect</string>
+     <!-- Strings for Dialog connect button -->
+     <string name="bluetooth_connect_access_dialog_positive">Connect</string>
++
++    <string name="connectivity_check_title">Internet connectivity check</string>
++    <string name="connectivity_check_summary">HTTP endpoints to use for performing internet connectivity checks.</string>
+ </resources>
+diff --git a/res/xml/network_and_internet.xml b/res/xml/network_and_internet.xml
+index 32b51d48fc..ff1e5234cf 100644
+--- a/res/xml/network_and_internet.xml
++++ b/res/xml/network_and_internet.xml
+@@ -97,4 +97,12 @@
+         android:positiveButtonText="@string/save"
+         android:negativeButtonText="@android:string/cancel" />
+ 
++    <ListPreference
++        android:key="connectivity_check_settings"
++        android:title="@string/connectivity_check_title"
++        android:summary="@string/connectivity_check_summary"
++        android:entries="@array/connectivity_check_entries"
++        android:entryValues="@array/connectivity_check_values"
++        android:order="30"/>
++
+ </PreferenceScreen>
+diff --git a/src/com/android/settings/network/ConnectivityCheckPreferenceController.java b/src/com/android/settings/network/ConnectivityCheckPreferenceController.java
+new file mode 100644
+index 0000000000..942ae750bc
+--- /dev/null
++++ b/src/com/android/settings/network/ConnectivityCheckPreferenceController.java
+@@ -0,0 +1,328 @@
++/*
++ * Copyright (C) 2020 The Android Open Source Project
++ *
++ * Licensed under the Apache License, Version 2.0 (the "License");
++ * you may not use this file except in compliance with the License.
++ * You may obtain a copy of the License at
++ *
++ *      http://www.apache.org/licenses/LICENSE-2.0
++ *
++ * Unless required by applicable law or agreed to in writing, software
++ * distributed under the License is distributed on an "AS IS" BASIS,
++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
++ * See the License for the specific language governing permissions and
++ * limitations under the License.
++ */
++
++package com.android.settings.network;
++
++import android.content.ContentResolver;
++import android.content.Context;
++import android.content.res.Resources;
++import android.database.ContentObserver;
++import android.net.LinkProperties;
++import android.net.Network;
++import android.os.Handler;
++import android.os.Looper;
++import android.os.UserHandle;
++import android.os.UserManager;
++import android.provider.Settings;
++import androidx.preference.ListPreference;
++import androidx.preference.Preference;
++import androidx.preference.PreferenceScreen;
++import com.android.internal.util.ArrayUtils;
++import com.android.settings.R;
++import com.android.settings.core.BasePreferenceController;
++import com.android.settings.core.PreferenceControllerMixin;
++import com.android.settingslib.RestrictedLockUtils.EnforcedAdmin;
++import com.android.settingslib.RestrictedLockUtilsInternal;
++import com.android.settingslib.core.lifecycle.events.OnResume;
++
++public class ConnectivityCheckPreferenceController
++        extends BasePreferenceController
++        implements PreferenceControllerMixin, Preference.OnPreferenceChangeListener,
++        OnResume {
++
++    // imported defaults from AOSP NetworkStack
++    private static final String STANDARD_HTTPS_URL =
++            "https://www.google.com/generate_204";
++    private static final String STANDARD_HTTP_URL =
++            "http://connectivitycheck.gstatic.com/generate_204";
++    private static final String STANDARD_FALLBACK_URL =
++            "http://www.google.com/gen_204";
++    private static final String STANDARD_OTHER_FALLBACK_URLS =
++            "http://play.googleapis.com/generate_204";
++
++    // GrapheneOS
++    private static final String GRAPHENEOS_CAPTIVE_PORTAL_HTTPS_URL =
++            "https://connectivitycheck.grapheneos.network/generate_204";
++    private static final String GRAPHENEOS_CAPTIVE_PORTAL_HTTP_URL =
++            "http://connectivitycheck.grapheneos.network/generate_204";
++    private static final String GRAPHENEOS_CAPTIVE_PORTAL_FALLBACK_URL =
++            "http://grapheneos.online/gen_204";
++    private static final String GRAPHENEOS_CAPTIVE_PORTAL_OTHER_FALLBACK_URL =
++            "http://grapheneos.online/generate_204";
++
++    // DivestOS
++    private static final String DIVESTOS_HTTPS_URL =
++            "https://divestos.org/generate_204";
++    private static final String DIVESTOS_HTTP_URL =
++            "http://divestos.org/generate_204";
++
++    // openSUSE
++    private static final String OPENSUSE_HTTPS_URL =
++            "https://conncheck.opensuse.org";
++    private static final String OPENSUSE_HTTP_URL =
++            "http://conncheck.opensuse.org";
++
++    // Ubuntu
++    private static final String UBUNTU_HTTPS_URL =
++            "https://connectivity-check.ubuntu.com";
++    private static final String UBUNTU_HTTP_URL =
++            "http://connectivity-check.ubuntu.com";
++
++    // Amazon Fire OS
++    private static final String AMAZON_HTTPS_URL =
++            "https://fireoscaptiveportal.com/generate_204";
++    private static final String AMAZON_HTTP_URL =
++            "http://fireoscaptiveportal.com/generate_204";
++
++    // Microsoft Edge
++    private static final String MICROSOFT_HTTP_URL =
++            "http://edge-http.microsoft.com/captiveportal/generate_204";
++
++    // Kuketz, https://www.kuketz-blog.de/android-captive-portal-check-204-http-antwort-von-captiveportal-kuketz-de/
++    private static final String KUKETZ_HTTPS_URL =
++            "https://captiveportal.kuketz.de";
++    private static final String KUKETZ_HTTP_URL =
++            "http://captiveportal.kuketz.de";
++
++    private static final int DISABLED_CAPTIVE_PORTAL_INTVAL = 0;
++    private static final int STANDARD_CAPTIVE_PORTAL_HTTP_URL_INTVAL = 1;
++    private static final int GRAPHENEOS_CAPTIVE_PORTAL_HTTP_URL_INTVAL = 2;
++    private static final int DIVESTOS_CAPTIVE_PORTAL_HTTP_URL_INTVAL = 3;
++    private static final int OPENSUSE_CAPTIVE_PORTAL_HTTP_URL_INTVAL = 4;
++    private static final int UBUNTU_CAPTIVE_PORTAL_HTTP_URL_INTVAL = 5;
++    private static final int AMAZON_CAPTIVE_PORTAL_HTTP_URL_INTVAL = 6;
++    private static final int MICROSOFT_CAPTIVE_PORTAL_HTTP_URL_INTVAL = 7;
++    private static final int KUKETZ_CAPTIVE_PORTAL_HTTP_URL_INTVAL = 8;
++
++    private static final String KEY_CONNECTIVITY_CHECK_SETTINGS =
++            "connectivity_check_settings";
++
++    private ListPreference mConnectivityPreference;
++
++    public ConnectivityCheckPreferenceController(Context context) {
++        super(context, KEY_CONNECTIVITY_CHECK_SETTINGS);
++    }
++
++    @Override
++    public int getAvailabilityStatus() {
++        if (isDisabledByAdmin()) {
++            return BasePreferenceController.DISABLED_FOR_USER;
++        }
++        return BasePreferenceController.AVAILABLE;
++    }
++
++    @Override
++    public void displayPreference(PreferenceScreen screen) {
++        super.displayPreference(screen);
++        mConnectivityPreference =
++                screen.findPreference(KEY_CONNECTIVITY_CHECK_SETTINGS);
++        updatePreferenceState();
++    }
++
++    @Override
++    public String getPreferenceKey() {
++        return KEY_CONNECTIVITY_CHECK_SETTINGS;
++    }
++
++    private void updatePreferenceState() {
++        if (Settings.Global.getInt(mContext.getContentResolver(),
++                Settings.Global.CAPTIVE_PORTAL_MODE, Settings.Global.CAPTIVE_PORTAL_MODE_PROMPT)
++                == Settings.Global.CAPTIVE_PORTAL_MODE_IGNORE) {
++            mConnectivityPreference.setValueIndex(DISABLED_CAPTIVE_PORTAL_INTVAL);
++            return;
++        }
++
++        String pref = Settings.Global.getString(
++                mContext.getContentResolver(), Settings.Global.CAPTIVE_PORTAL_HTTP_URL);
++        if (STANDARD_HTTP_URL.equals(pref)) {
++            mConnectivityPreference.setValueIndex(
++                    STANDARD_CAPTIVE_PORTAL_HTTP_URL_INTVAL);
++        } else if (GRAPHENEOS_CAPTIVE_PORTAL_HTTP_URL.equals(pref)) {
++            mConnectivityPreference.setValueIndex(
++                    GRAPHENEOS_CAPTIVE_PORTAL_HTTP_URL_INTVAL);
++        } else if (DIVESTOS_HTTP_URL.equals(pref)) {
++            mConnectivityPreference.setValueIndex(
++                    DIVESTOS_CAPTIVE_PORTAL_HTTP_URL_INTVAL);
++        } else if (OPENSUSE_HTTP_URL.equals(pref)) {
++            mConnectivityPreference.setValueIndex(
++                    OPENSUSE_CAPTIVE_PORTAL_HTTP_URL_INTVAL);
++        } else if (UBUNTU_HTTP_URL.equals(pref)) {
++            mConnectivityPreference.setValueIndex(
++                    UBUNTU_CAPTIVE_PORTAL_HTTP_URL_INTVAL);
++        } else if (AMAZON_HTTP_URL.equals(pref)) {
++            mConnectivityPreference.setValueIndex(
++                    AMAZON_CAPTIVE_PORTAL_HTTP_URL_INTVAL);
++        } else if (MICROSOFT_HTTP_URL.equals(pref)) {
++            mConnectivityPreference.setValueIndex(
++                    MICROSOFT_CAPTIVE_PORTAL_HTTP_URL_INTVAL);
++        } else if (KUKETZ_HTTP_URL.equals(pref)) {
++            mConnectivityPreference.setValueIndex(
++                    KUKETZ_CAPTIVE_PORTAL_HTTP_URL_INTVAL);
++        }
++    }
++
++    @Override
++    public void onResume() {
++        updatePreferenceState();
++        if (mConnectivityPreference != null) {
++            setCaptivePortalURLs(
++                    mContext.getContentResolver(),
++                    Integer.parseInt(mConnectivityPreference.getValue()));
++        }
++    }
++
++    private void setCaptivePortalURLs(ContentResolver cr, int mode) {
++        switch (mode) {
++            case STANDARD_CAPTIVE_PORTAL_HTTP_URL_INTVAL:
++                Settings.Global.putString(cr, Settings.Global.CAPTIVE_PORTAL_HTTP_URL,
++                        STANDARD_HTTP_URL);
++                Settings.Global.putString(cr, Settings.Global.CAPTIVE_PORTAL_HTTPS_URL,
++                        STANDARD_HTTPS_URL);
++                Settings.Global.putString(cr, Settings.Global.CAPTIVE_PORTAL_FALLBACK_URL,
++                        STANDARD_FALLBACK_URL);
++                Settings.Global.putString(
++                        cr, Settings.Global.CAPTIVE_PORTAL_OTHER_FALLBACK_URLS,
++                        STANDARD_OTHER_FALLBACK_URLS);
++                Settings.Global.putInt(cr, Settings.Global.CAPTIVE_PORTAL_MODE,
++                        Settings.Global.CAPTIVE_PORTAL_MODE_PROMPT);
++                break;
++            case GRAPHENEOS_CAPTIVE_PORTAL_HTTP_URL_INTVAL:
++                Settings.Global.putString(cr, Settings.Global.CAPTIVE_PORTAL_HTTP_URL,
++                        GRAPHENEOS_CAPTIVE_PORTAL_HTTP_URL);
++                Settings.Global.putString(cr, Settings.Global.CAPTIVE_PORTAL_HTTPS_URL,
++                        GRAPHENEOS_CAPTIVE_PORTAL_HTTPS_URL);
++                Settings.Global.putString(cr, Settings.Global.CAPTIVE_PORTAL_FALLBACK_URL,
++                        GRAPHENEOS_CAPTIVE_PORTAL_FALLBACK_URL);
++                Settings.Global.putString(
++                        cr, Settings.Global.CAPTIVE_PORTAL_OTHER_FALLBACK_URLS,
++                        GRAPHENEOS_CAPTIVE_PORTAL_OTHER_FALLBACK_URL);
++                Settings.Global.putInt(cr, Settings.Global.CAPTIVE_PORTAL_MODE,
++                        Settings.Global.CAPTIVE_PORTAL_MODE_PROMPT);
++                break;
++            case DIVESTOS_CAPTIVE_PORTAL_HTTP_URL_INTVAL:
++                Settings.Global.putString(cr, Settings.Global.CAPTIVE_PORTAL_HTTP_URL,
++                        DIVESTOS_HTTP_URL);
++                Settings.Global.putString(cr, Settings.Global.CAPTIVE_PORTAL_HTTPS_URL,
++                        DIVESTOS_HTTPS_URL);
++                Settings.Global.putString(cr, Settings.Global.CAPTIVE_PORTAL_FALLBACK_URL,
++                        DIVESTOS_HTTP_URL);
++                Settings.Global.putString(
++                        cr, Settings.Global.CAPTIVE_PORTAL_OTHER_FALLBACK_URLS,
++                        DIVESTOS_HTTP_URL);
++                Settings.Global.putInt(cr, Settings.Global.CAPTIVE_PORTAL_MODE,
++                        Settings.Global.CAPTIVE_PORTAL_MODE_PROMPT);
++                break;
++            case OPENSUSE_CAPTIVE_PORTAL_HTTP_URL_INTVAL:
++                Settings.Global.putString(cr, Settings.Global.CAPTIVE_PORTAL_HTTP_URL,
++                        OPENSUSE_HTTP_URL);
++                Settings.Global.putString(cr, Settings.Global.CAPTIVE_PORTAL_HTTPS_URL,
++                        OPENSUSE_HTTPS_URL);
++                Settings.Global.putString(cr, Settings.Global.CAPTIVE_PORTAL_FALLBACK_URL,
++                        OPENSUSE_HTTP_URL);
++                Settings.Global.putString(
++                        cr, Settings.Global.CAPTIVE_PORTAL_OTHER_FALLBACK_URLS,
++                        OPENSUSE_HTTP_URL);
++                Settings.Global.putInt(cr, Settings.Global.CAPTIVE_PORTAL_MODE,
++                        Settings.Global.CAPTIVE_PORTAL_MODE_PROMPT);
++                break;
++            case UBUNTU_CAPTIVE_PORTAL_HTTP_URL_INTVAL:
++                Settings.Global.putString(cr, Settings.Global.CAPTIVE_PORTAL_HTTP_URL,
++                        UBUNTU_HTTP_URL);
++                Settings.Global.putString(cr, Settings.Global.CAPTIVE_PORTAL_HTTPS_URL,
++                        UBUNTU_HTTPS_URL);
++                Settings.Global.putString(cr, Settings.Global.CAPTIVE_PORTAL_FALLBACK_URL,
++                        UBUNTU_HTTP_URL);
++                Settings.Global.putString(
++                        cr, Settings.Global.CAPTIVE_PORTAL_OTHER_FALLBACK_URLS,
++                        UBUNTU_HTTP_URL);
++                Settings.Global.putInt(cr, Settings.Global.CAPTIVE_PORTAL_MODE,
++                        Settings.Global.CAPTIVE_PORTAL_MODE_PROMPT);
++                break;
++            case AMAZON_CAPTIVE_PORTAL_HTTP_URL_INTVAL:
++                Settings.Global.putString(cr, Settings.Global.CAPTIVE_PORTAL_HTTP_URL,
++                        AMAZON_HTTP_URL);
++                Settings.Global.putString(cr, Settings.Global.CAPTIVE_PORTAL_HTTPS_URL,
++                        AMAZON_HTTPS_URL);
++                Settings.Global.putString(cr, Settings.Global.CAPTIVE_PORTAL_FALLBACK_URL,
++                        AMAZON_HTTP_URL);
++                Settings.Global.putString(
++                        cr, Settings.Global.CAPTIVE_PORTAL_OTHER_FALLBACK_URLS,
++                        AMAZON_HTTP_URL);
++                Settings.Global.putInt(cr, Settings.Global.CAPTIVE_PORTAL_MODE,
++                        Settings.Global.CAPTIVE_PORTAL_MODE_PROMPT);
++                break;
++            case MICROSOFT_CAPTIVE_PORTAL_HTTP_URL_INTVAL:
++                Settings.Global.putString(cr, Settings.Global.CAPTIVE_PORTAL_HTTP_URL,
++                        MICROSOFT_HTTP_URL);
++                Settings.Global.putString(cr, Settings.Global.CAPTIVE_PORTAL_HTTPS_URL,
++                        MICROSOFT_HTTP_URL);
++                Settings.Global.putString(cr, Settings.Global.CAPTIVE_PORTAL_FALLBACK_URL,
++                        MICROSOFT_HTTP_URL);
++                Settings.Global.putString(
++                        cr, Settings.Global.CAPTIVE_PORTAL_OTHER_FALLBACK_URLS,
++                        MICROSOFT_HTTP_URL);
++                Settings.Global.putInt(cr, Settings.Global.CAPTIVE_PORTAL_MODE,
++                        Settings.Global.CAPTIVE_PORTAL_MODE_PROMPT);
++                break;
++            case KUKETZ_CAPTIVE_PORTAL_HTTP_URL_INTVAL:
++                Settings.Global.putString(cr, Settings.Global.CAPTIVE_PORTAL_HTTP_URL,
++                        KUKETZ_HTTP_URL);
++                Settings.Global.putString(cr, Settings.Global.CAPTIVE_PORTAL_HTTPS_URL,
++                        KUKETZ_HTTPS_URL);
++                Settings.Global.putString(cr, Settings.Global.CAPTIVE_PORTAL_FALLBACK_URL,
++                        KUKETZ_HTTP_URL);
++                Settings.Global.putString(
++                        cr, Settings.Global.CAPTIVE_PORTAL_OTHER_FALLBACK_URLS,
++                        KUKETZ_HTTP_URL);
++                Settings.Global.putInt(cr, Settings.Global.CAPTIVE_PORTAL_MODE,
++                        Settings.Global.CAPTIVE_PORTAL_MODE_PROMPT);
++                break;
++            default:
++                // Default URLs as placeholder
++                Settings.Global.putString(cr, Settings.Global.CAPTIVE_PORTAL_HTTP_URL,
++                        STANDARD_HTTP_URL);
++                Settings.Global.putString(cr, Settings.Global.CAPTIVE_PORTAL_HTTPS_URL,
++                        STANDARD_HTTPS_URL);
++                Settings.Global.putString(cr, Settings.Global.CAPTIVE_PORTAL_FALLBACK_URL,
++                        STANDARD_FALLBACK_URL);
++                Settings.Global.putString(
++                        cr, Settings.Global.CAPTIVE_PORTAL_OTHER_FALLBACK_URLS,
++                        STANDARD_OTHER_FALLBACK_URLS);
++                Settings.Global.putInt(cr, Settings.Global.CAPTIVE_PORTAL_MODE,
++                        Settings.Global.CAPTIVE_PORTAL_MODE_IGNORE);
++        }
++    }
++
++    @Override
++    public boolean onPreferenceChange(Preference preference, Object value) {
++        final String key = preference.getKey();
++        if (KEY_CONNECTIVITY_CHECK_SETTINGS.equals(key)) {
++            setCaptivePortalURLs(mContext.getContentResolver(),
++                    Integer.parseInt((String)value));
++            return true;
++        } else {
++            return false;
++        }
++    }
++
++    private EnforcedAdmin getEnforcedAdmin() {
++        return RestrictedLockUtilsInternal.checkIfRestrictionEnforced(
++                mContext, UserManager.DISALLOW_CONFIG_PRIVATE_DNS,
++                UserHandle.myUserId());
++    }
++
++    private boolean isDisabledByAdmin() { return getEnforcedAdmin() != null; }
++}
+diff --git a/src/com/android/settings/network/NetworkDashboardFragment.java b/src/com/android/settings/network/NetworkDashboardFragment.java
+index 8c686a54aa..19b3ae3ea6 100644
+--- a/src/com/android/settings/network/NetworkDashboardFragment.java
++++ b/src/com/android/settings/network/NetworkDashboardFragment.java
+@@ -104,6 +104,8 @@ public class NetworkDashboardFragment extends DashboardFragment implements
+                 new VpnPreferenceController(context);
+         final PrivateDnsPreferenceController privateDnsPreferenceController =
+                 new PrivateDnsPreferenceController(context);
++        final ConnectivityCheckPreferenceController connectivityCheckPreferenceController =
++                new ConnectivityCheckPreferenceController(context);
+ 
+         if (lifecycle != null) {
+             lifecycle.addObserver(mobilePlanPreferenceController);
+@@ -129,6 +131,7 @@ public class NetworkDashboardFragment extends DashboardFragment implements
+         controllers.add(mobilePlanPreferenceController);
+         controllers.add(wifiPreferenceController);
+         controllers.add(privateDnsPreferenceController);
++        controllers.add(connectivityCheckPreferenceController);
+         return controllers;
+     }
+ 

Patches/LineageOS-17.1/android_packages_apps_Settings/0012-hosts_toggle.patch

@@ -0,0 +1,172 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Tad <tad@spotco.us>
+Date: Wed, 20 Apr 2022 01:04:27 -0400
+Subject: [PATCH] Add a toggle to disable /etc/hosts lookup
+
+Copy and pasted from the GrapheneOS exec spawning toggle patch
+
+Signed-off-by: Tad <tad@spotco.us>
+Change-Id: Ic01a142722372d9d57f52947025cd9db23e58ef4
+---
+ res/values/strings.xml                        |   3 +
+ res/xml/security_dashboard_settings.xml       |   6 +
+ .../security/HostsPreferenceController.java   | 106 ++++++++++++++++++
+ .../settings/security/SecuritySettings.java   |   1 +
+ 4 files changed, 116 insertions(+)
+ create mode 100644 src/com/android/settings/security/HostsPreferenceController.java
+
+diff --git a/res/values/strings.xml b/res/values/strings.xml
+index 88bd100122..a64940d793 100644
+--- a/res/values/strings.xml
++++ b/res/values/strings.xml
+@@ -11327,6 +11327,9 @@
+     <string name="native_debug_title">Enable native code debugging</string>
+     <string name="native_debug_summary">Generate useful logs / bug reports from crashes and permit debugging native code.</string>
+ 
++    <string name="hosts_disable_title">Disable DNS content blocker</string>
++    <string name="hosts_disable_summary">Disables use of the included /etc/hosts database for data collection and malware blocking.</string>
++
+     <!-- Title for the top level Privacy Settings [CHAR LIMIT=30]-->
+     <string name="privacy_dashboard_title">Privacy</string>
+     <!-- Summary for the top level Privacy Settings [CHAR LIMIT=NONE]-->
+diff --git a/res/xml/security_dashboard_settings.xml b/res/xml/security_dashboard_settings.xml
+index 08328ad7b6..23a39d3106 100644
+--- a/res/xml/security_dashboard_settings.xml
++++ b/res/xml/security_dashboard_settings.xml
+@@ -75,6 +75,12 @@
+             android:title="@string/native_debug_title"
+             android:summary="@string/native_debug_summary"
+             android:persistent="false" />
++
++        <SwitchPreference
++            android:key="hosts_disable"
++            android:title="@string/hosts_disable_title"
++            android:summary="@string/hosts_disable_summary"
++            android:persistent="false" />
+     </PreferenceCategory>
+ 
+     <!-- work profile security section -->
+diff --git a/src/com/android/settings/security/HostsPreferenceController.java b/src/com/android/settings/security/HostsPreferenceController.java
+new file mode 100644
+index 0000000000..d8af6d2649
+--- /dev/null
++++ b/src/com/android/settings/security/HostsPreferenceController.java
+@@ -0,0 +1,106 @@
++/*
++ * Copyright (C) 2022 The Android Open Source Project
++ *
++ * Licensed under the Apache License, Version 2.0 (the "License");
++ * you may not use this file except in compliance with the License.
++ * You may obtain a copy of the License at
++ *
++ *      http://www.apache.org/licenses/LICENSE-2.0
++ *
++ * Unless required by applicable law or agreed to in writing, software
++ * distributed under the License is distributed on an "AS IS" BASIS,
++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
++ * See the License for the specific language governing permissions and
++ * limitations under the License
++ */
++
++package com.android.settings.security;
++
++import android.content.Context;
++
++import android.os.UserHandle;
++import android.os.UserManager;
++import android.os.SystemProperties;
++
++import android.provider.Settings;
++
++import androidx.preference.Preference;
++import androidx.preference.PreferenceCategory;
++import androidx.preference.PreferenceGroup;
++import androidx.preference.PreferenceScreen;
++import androidx.preference.TwoStatePreference;
++import androidx.preference.SwitchPreference;
++
++import com.android.internal.widget.LockPatternUtils;
++import com.android.settings.core.PreferenceControllerMixin;
++import com.android.settingslib.core.AbstractPreferenceController;
++import com.android.settingslib.core.lifecycle.events.OnResume;
++
++public class HostsPreferenceController extends AbstractPreferenceController
++        implements PreferenceControllerMixin, OnResume, Preference.OnPreferenceChangeListener {
++
++    private static final String SYS_KEY_HOSTS_DISABLE = "persist.security.hosts_disable";
++    private static final String PREF_KEY_HOSTS_DISABLE = "hosts_disable";
++    private static final String PREF_KEY_SECURITY_CATEGORY = "security_category";
++
++    private PreferenceCategory mSecurityCategory;
++    private SwitchPreference mHostsDisable;
++    private boolean mIsAdmin;
++    private UserManager mUm;
++
++    public HostsPreferenceController(Context context) {
++        super(context);
++        mUm = UserManager.get(context);
++    }
++
++    @Override
++    public void displayPreference(PreferenceScreen screen) {
++        super.displayPreference(screen);
++        mSecurityCategory = screen.findPreference(PREF_KEY_SECURITY_CATEGORY);
++        updatePreferenceState();
++    }
++
++    @Override
++    public boolean isAvailable() {
++        mIsAdmin = mUm.isAdminUser();
++        return mIsAdmin;
++    }
++
++    @Override
++    public String getPreferenceKey() {
++        return PREF_KEY_HOSTS_DISABLE;
++    }
++
++    // TODO: should we use onCreatePreferences() instead?
++    private void updatePreferenceState() {
++        if (mSecurityCategory == null) {
++            return;
++        }
++
++        if (mIsAdmin) {
++            mHostsDisable = (SwitchPreference) mSecurityCategory.findPreference(PREF_KEY_HOSTS_DISABLE);
++            mHostsDisable.setChecked(SystemProperties.getInt(SYS_KEY_HOSTS_DISABLE, 0) == 1);
++        } else {
++            mSecurityCategory.removePreference(mSecurityCategory.findPreference(PREF_KEY_HOSTS_DISABLE));
++        }
++    }
++
++    @Override
++    public void onResume() {
++        updatePreferenceState();
++        if (mHostsDisable != null) {
++                boolean mode = mHostsDisable.isChecked();
++                SystemProperties.set(SYS_KEY_HOSTS_DISABLE, mode ? "1" : "0");
++        }
++    }
++
++    @Override
++    public boolean onPreferenceChange(Preference preference, Object value) {
++        final String key = preference.getKey();
++        if (PREF_KEY_HOSTS_DISABLE.equals(key)) {
++            final boolean mode = !mHostsDisable.isChecked();
++            SystemProperties.set(SYS_KEY_HOSTS_DISABLE, mode ? "1" : "0");
++        }
++        return true;
++    }
++}
+diff --git a/src/com/android/settings/security/SecuritySettings.java b/src/com/android/settings/security/SecuritySettings.java
+index a5e0add739..88ba2ece3a 100644
+--- a/src/com/android/settings/security/SecuritySettings.java
++++ b/src/com/android/settings/security/SecuritySettings.java
+@@ -123,6 +123,7 @@ public class SecuritySettings extends DashboardFragment {
+         securityPreferenceControllers.add(new AutoRebootPreferenceController(context));
+         securityPreferenceControllers.add(new ExecSpawnPreferenceController(context));
+         securityPreferenceControllers.add(new NativeDebugPreferenceController(context));
++        securityPreferenceControllers.add(new HostsPreferenceController(context));
+         controllers.add(new PreferenceCategoryController(context, SECURITY_CATEGORY)
+                 .setChildren(securityPreferenceControllers));
+         controllers.addAll(securityPreferenceControllers);

Patches/LineageOS-17.1/android_system_netd/0002-hosts_toggle.patch

@@ -0,0 +1,34 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Tad <tad@spotco.us>
+Date: Wed, 20 Apr 2022 00:40:53 -0400
+Subject: [PATCH] Add a toggle to disable /etc/hosts lookup
+
+[tad@spotco.us]: backport to netd
+Signed-off-by: Tad <tad@spotco.us>
+Change-Id: Iea165003474e1107dc77980985bf9928c369dbb5
+---
+ resolv/getaddrinfo.cpp | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/resolv/getaddrinfo.cpp b/resolv/getaddrinfo.cpp
+index cf8e4d26..245132f6 100644
+--- a/resolv/getaddrinfo.cpp
++++ b/resolv/getaddrinfo.cpp
+@@ -56,6 +56,7 @@
+ #include <unistd.h>
+ 
+ #include <android-base/logging.h>
++#include <android-base/properties.h>
+ 
+ #include "netd_resolv/resolv.h"
+ #include "resolv_cache.h"
+@@ -1550,6 +1551,9 @@ found:
+ }
+ 
+ static bool files_getaddrinfo(const char* name, const addrinfo* pai, addrinfo** res) {
++    if ((android::base::GetIntProperty("persist.security.hosts_disable", 0) != 0) && (strcmp("localhost", name) != 0) && (strcmp("ip6-localhost", name) != 0))
++        return false;
++
+     struct addrinfo sentinel = {};
+     struct addrinfo *p, *cur;
+     FILE* hostf = NULL;

Patches/LineageOS-18.1/android_packages_apps_Settings/0001-Captive_Portal_Toggle-gos.patch

@@ -23,10 +23,8 @@ Change-Id: I8a762d0f29ac42fce3dcfc7189e8ff216a8f8d1a
  res/xml/network_and_internet.xml              |   8 +
  ...ConnectivityCheckPreferenceController.java | 328 ++++++++++++++++++
  .../network/NetworkDashboardFragment.java     |   3 +
- .../network/NetworkDashboardFragment.java.rej |  11 +
+ 5 files changed, 366 insertions(+)
- 6 files changed, 377 insertions(+)
  create mode 100644 src/com/android/settings/network/ConnectivityCheckPreferenceController.java
- create mode 100644 src/com/android/settings/network/NetworkDashboardFragment.java.rej
 
 diff --git a/res/values/arrays.xml b/res/values/arrays.xml
 index 617548cadc..87fd6e5df6 100644
@@ -94,7 +92,7 @@ index 6bf6dbaccf..8ee092aa04 100644
  </PreferenceScreen>
 diff --git a/src/com/android/settings/network/ConnectivityCheckPreferenceController.java b/src/com/android/settings/network/ConnectivityCheckPreferenceController.java
 new file mode 100644
-index 0000000000..3dc7520df3
+index 0000000000..942ae750bc
 --- /dev/null
 +++ b/src/com/android/settings/network/ConnectivityCheckPreferenceController.java
 @@ -0,0 +1,328 @@
@@ -447,20 +445,3 @@ index db704ae850..c77b07821e 100644
          return controllers;
      }
  
-diff --git a/src/com/android/settings/network/NetworkDashboardFragment.java.rej b/src/com/android/settings/network/NetworkDashboardFragment.java.rej
-new file mode 100644
-index 0000000000..491cf70863
---- /dev/null
-+++ b/src/com/android/settings/network/NetworkDashboardFragment.java.rej
-@@ -0,0 +1,11 @@
-+diff a/src/com/android/settings/network/NetworkDashboardFragment.java b/src/com/android/settings/network/NetworkDashboardFragment.java	(rejected hunks)
-+@@ -119,6 +119,9 @@ public class NetworkDashboardFragment extends DashboardFragment implements
-+         }
-+         controllers.add(privateDnsPreferenceController);
-+         controllers.add(new NetworkProviderCallsSmsController(context, lifecycle));
-++        ConnectivityCheckPreferenceController connectivityCheck =
-++                new ConnectivityCheckPreferenceController(context);
-++        controllers.add(connectivityCheck);
-+         return controllers;
-+     }
-+ 

Patches/LineageOS-18.1/android_packages_apps_Settings/0004-Private_DNS.patch

@@ -84,7 +84,7 @@ index 0b4f4db6c4..ca6a2cf62d 100644
                  android:id="@+id/private_dns_mode_opportunistic"
                  layout="@layout/preference_widget_dialog_radiobutton"/>
 diff --git a/res/values/cm_strings.xml b/res/values/cm_strings.xml
-index 5ddfe66ec0..89341009d4 100644
+index d13d4d4fe8..90f8829027 100644
 --- a/res/values/cm_strings.xml
 +++ b/res/values/cm_strings.xml
 @@ -137,6 +137,21 @@

Patches/LineageOS-18.1/android_packages_apps_Settings/0005-Automatic_Reboot.patch

@@ -13,10 +13,10 @@ Subject: [PATCH] add auto-reboot setting
  create mode 100644 src/com/android/settings/security/AutoRebootPreferenceController.java
 
 diff --git a/res/values/arrays.xml b/res/values/arrays.xml
-index 617548cadc..9caf926229 100644
+index 87fd6e5df6..b2ea885d46 100644
 --- a/res/values/arrays.xml
 +++ b/res/values/arrays.xml
-@@ -146,6 +146,37 @@
+@@ -170,6 +170,37 @@
          <item>1800000</item>
      </string-array>
  
@@ -55,7 +55,7 @@ index 617548cadc..9caf926229 100644
          <item msgid="6490061470416867723">Small</item>
          <item msgid="3579015730662088893">Default</item>
 diff --git a/res/values/strings.xml b/res/values/strings.xml
-index 0c6fe1a541..b9f886d492 100644
+index 0173a8bf31..3d9a6548fc 100644
 --- a/res/values/strings.xml
 +++ b/res/values/strings.xml
 @@ -647,6 +647,9 @@

Patches/LineageOS-18.1/android_packages_apps_Settings/0006-Bluetooth_Timeout.patch

@@ -12,7 +12,7 @@ Subject: [PATCH] add bluetooth auto-turn-off setting
  create mode 100644 src/com/android/settings/bluetooth/BluetoothTimeoutPreferenceController.java
 
 diff --git a/res/values/arrays.xml b/res/values/arrays.xml
-index 9caf926229..d40e65e536 100644
+index b2ea885d46..5317326366 100644
 --- a/res/values/arrays.xml
 +++ b/res/values/arrays.xml
 @@ -39,6 +39,50 @@
@@ -67,7 +67,7 @@ index 9caf926229..d40e65e536 100644
      <string-array name="screen_timeout_entries">
          <item>15 seconds</item>
 diff --git a/res/values/strings.xml b/res/values/strings.xml
-index b9f886d492..e925a30b3e 100644
+index 3d9a6548fc..773e7ffa68 100644
 --- a/res/values/strings.xml
 +++ b/res/values/strings.xml
 @@ -27,6 +27,25 @@

Patches/LineageOS-18.1/android_packages_apps_Settings/0007-WiFi_Timeout.patch

@@ -12,7 +12,7 @@ Subject: [PATCH] add Wi-Fi timeout feature
  create mode 100644 src/com/android/settings/wifi/WifiTimeoutPreferenceController.java
 
 diff --git a/res/values/arrays.xml b/res/values/arrays.xml
-index d40e65e536..6259f4d1a5 100644
+index 5317326366..2013c789cd 100644
 --- a/res/values/arrays.xml
 +++ b/res/values/arrays.xml
 @@ -83,6 +83,50 @@
@@ -67,7 +67,7 @@ index d40e65e536..6259f4d1a5 100644
      <string-array name="screen_timeout_entries">
          <item>15 seconds</item>
 diff --git a/res/values/strings.xml b/res/values/strings.xml
-index e925a30b3e..de6d38bcbd 100644
+index 773e7ffa68..278b6ace5e 100644
 --- a/res/values/strings.xml
 +++ b/res/values/strings.xml
 @@ -46,6 +46,25 @@

Patches/LineageOS-18.1/android_packages_apps_Settings/0008-ptrace_scope.patch

@@ -12,7 +12,7 @@ Subject: [PATCH] add native debugging setting
  create mode 100644 src/com/android/settings/security/NativeDebugPreferenceController.java
 
 diff --git a/res/values/strings.xml b/res/values/strings.xml
-index de6d38bcbd..dc14819f0c 100644
+index 278b6ace5e..dd813f1784 100644
 --- a/res/values/strings.xml
 +++ b/res/values/strings.xml
 @@ -11957,6 +11957,9 @@

Patches/LineageOS-18.1/android_packages_apps_Settings/0009-Install_Restrictions.patch

@@ -10,7 +10,7 @@ Subject: [PATCH] UserManager app installation restrictions
  3 files changed, 44 insertions(+), 5 deletions(-)
 
 diff --git a/res/values/strings.xml b/res/values/strings.xml
-index e612651bfe..c8e830342b 100644
+index 4ea24ec62e..a2c18d6cea 100644
 --- a/res/values/strings.xml
 +++ b/res/values/strings.xml
 @@ -7088,6 +7088,8 @@

Patches/LineageOS-18.1/android_packages_apps_Settings/0010-exec_spawning_toggle.patch

@@ -12,7 +12,7 @@ Subject: [PATCH] add exec spawning toggle
  create mode 100644 src/com/android/settings/security/ExecSpawnPreferenceController.java
 
 diff --git a/res/values/strings.xml b/res/values/strings.xml
-index dc14819f0c..e612651bfe 100644
+index dd813f1784..4ea24ec62e 100644
 --- a/res/values/strings.xml
 +++ b/res/values/strings.xml
 @@ -11957,6 +11957,8 @@

Patches/LineageOS-18.1/android_packages_apps_Settings/0011-Random_MAC-1.patch

@@ -13,10 +13,10 @@ RANDOMIZATION_ALWAYS is set as the default option
  5 files changed, 56 insertions(+), 17 deletions(-)
 
 diff --git a/res/values/arrays.xml b/res/values/arrays.xml
-index 6259f4d1a5..e93794e955 100644
+index 2013c789cd..309cbc9e77 100644
 --- a/res/values/arrays.xml
 +++ b/res/values/arrays.xml
-@@ -1332,7 +1332,8 @@
+@@ -1356,7 +1356,8 @@
      </string-array>
  
      <string-array name="wifi_privacy_entries">
@@ -26,7 +26,7 @@ index 6259f4d1a5..e93794e955 100644
          <item>Use device MAC</item>
      </string-array>
  
-@@ -1348,6 +1349,7 @@
+@@ -1372,6 +1373,7 @@
      </string-array>
  
      <string-array name="wifi_privacy_values" translatable="false">

Patches/LineageOS-18.1/android_packages_apps_Settings/0012-hosts_toggle.patch

@@ -16,7 +16,7 @@ Change-Id: Ic01a142722372d9d57f52947025cd9db23e58ef4
  create mode 100644 src/com/android/settings/security/HostsPreferenceController.java
 
 diff --git a/res/values/strings.xml b/res/values/strings.xml
-index c8e830342b..b04499511b 100644
+index a2c18d6cea..087fd82ef9 100644
 --- a/res/values/strings.xml
 +++ b/res/values/strings.xml
 @@ -11969,6 +11969,9 @@

Patches/LineageOS-18.1/android_packages_apps_Settings/0013-LTE_Only_Mode-1.patch

@@ -11,10 +11,10 @@ Subject: [PATCH] add LTE only setting
  4 files changed, 39 insertions(+), 3 deletions(-)
 
 diff --git a/res/values/arrays.xml b/res/values/arrays.xml
-index e93794e955..af140191ee 100644
+index 309cbc9e77..7d6ca66e85 100644
 --- a/res/values/arrays.xml
 +++ b/res/values/arrays.xml
-@@ -1393,6 +1393,9 @@
+@@ -1417,6 +1417,9 @@
          <item>4</item> <!-- AutofillManager.FLAG_ADD_CLIENT_VERBOSE -->
      </string-array>
  
@@ -24,7 +24,7 @@ index e93794e955..af140191ee 100644
      <string-array name="enabled_networks_choices" translatable="false">
          <item>@string/network_lte</item>
          <item>@string/network_3G</item>
-@@ -1482,7 +1485,7 @@
+@@ -1506,7 +1509,7 @@
          <item>CDMA + LTE/EvDo</item>
          <item>GSM/WCDMA/LTE</item>
          <item>LTE/CDMA/EvDo/GSM/WCDMA</item>
@@ -34,7 +34,7 @@ index e93794e955..af140191ee 100644
          <item>TDSCDMA only</item>
          <item>TDSCDMA/WCDMA</item>
 diff --git a/res/values/strings.xml b/res/values/strings.xml
-index b04499511b..53834ef17a 100644
+index 087fd82ef9..060f94a48f 100644
 --- a/res/values/strings.xml
 +++ b/res/values/strings.xml
 @@ -11593,6 +11593,8 @@

Patches/LineageOS-18.1/android_packages_modules_DnsResolver/0001-hosts_toggle.patch

@@ -10,7 +10,7 @@ Change-Id: Iea165003474e1107dc77980985bf9928c369dbb5
  1 file changed, 4 insertions(+)
 
 diff --git a/getaddrinfo.cpp b/getaddrinfo.cpp
-index 071f6ac..955b5c2 100644
+index 071f6ac..c22c11d 100644
 --- a/getaddrinfo.cpp
 +++ b/getaddrinfo.cpp
 @@ -57,6 +57,7 @@
@@ -25,7 +25,7 @@ index 071f6ac..955b5c2 100644
  
  static bool files_getaddrinfo(const size_t netid, const char* name, const addrinfo* pai,
                                addrinfo** res) {
-+    if (android::base::GetIntProperty("persist.security.hosts_disable", 0) != 0 && name != "localhost" && name != "ip6-localhost")
++    if ((android::base::GetIntProperty("persist.security.hosts_disable", 0) != 0) && (strcmp("localhost", name) != 0) && (strcmp("ip6-localhost", name) != 0))
 +        return false;
 +
      struct addrinfo sentinel = {};

Patches/LineageOS-19.1/android_packages_modules_DnsResolver/0002-hosts_toggle.patch

@@ -25,7 +25,7 @@ index f0c0ba8..8548b1a 100644
  
  static bool files_getaddrinfo(const size_t netid, const char* name, const addrinfo* pai,
                                addrinfo** res) {
-+    if (android::base::GetIntProperty("persist.security.hosts_disable", 0) != 0 && name != "localhost" && name != "ip6-localhost")
++    if ((android::base::GetIntProperty("persist.security.hosts_disable", 0) != 0) && (strcmp("localhost", name) != 0) && (strcmp("ip6-localhost", name) != 0))
 +        return false;
 +
      struct addrinfo sentinel = {};

Patches/LineageOS-20.0/android_packages_modules_DnsResolver/0002-hosts_toggle.patch

@@ -25,7 +25,7 @@ index d854293..6ff4f09 100644
  
  static bool files_getaddrinfo(const size_t netid, const char* name, const addrinfo* pai,
                                addrinfo** res) {
-+    if (android::base::GetIntProperty("persist.security.hosts_disable", 0) != 0 && name != "localhost" && name != "ip6-localhost")
++    if ((android::base::GetIntProperty("persist.security.hosts_disable", 0) != 0) && (strcmp("localhost", name) != 0) && (strcmp("ip6-localhost", name) != 0))
 +        return false;
 +
      struct addrinfo sentinel = {};

Scripts/LineageOS-15.1/Patch.sh

@@ -109,8 +109,10 @@ fi;
 
 #if [ "$DOS_GRAPHENE_MALLOC_BROKEN" = true ]; then
 #if enterAndClear "external/hardened_malloc"; then
+#git revert --no-edit 3d18fb80742fd80a75481b580d102deb18c74af9; #compile fix
 #applyPatch "$DOS_PATCHES_COMMON/android_external_hardened_malloc/0001-Broken_Audio.patch"; #DeviceDescriptor sorting wrongly relies on malloc addresses (GrapheneOS)
 #applyPatch "$DOS_PATCHES_COMMON/android_external_hardened_malloc/0002-Broken_Cameras.patch"; #Expand workaround to all camera executables (DivestOS)
+#sed -i 's/struct mallinfo info = {0};/struct mallinfo info = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0};/' h_malloc.c; #compile fix
 #fi;
 #fi;
 

Scripts/LineageOS-17.1/Functions.sh

@@ -83,7 +83,6 @@ patchWorkspace() {
 	source build/envsetup.sh;
 	#repopick -it ten-firewall;
 	repopick -it Q_tzdb2022f;
-	repopick -it Q_asb_2023-01;
 
 	sh "$DOS_SCRIPTS/Patch.sh";
 	sh "$DOS_SCRIPTS_COMMON/Enable_Verity.sh";

Scripts/LineageOS-17.1/Patch.sh

@@ -85,6 +85,7 @@ applyPatch "$DOS_PATCHES/android_bionic/0003-Graphene_Bionic_Hardening-9.patch";
 #applyPatch "$DOS_PATCHES/android_bionic/0003-Graphene_Bionic_Hardening-16.patch"; #Move pthread_internal_t behind guard page (GrapheneOS)
 #applyPatch "$DOS_PATCHES/android_bionic/0003-Graphene_Bionic_Hardening-17.patch"; #Add secondary stack randomization (GrapheneOS)
 fi;
+applyPatch "$DOS_PATCHES/android_bionic/0004-hosts_toggle.patch"; #Add a toggle to disable /etc/hosts lookup (DivestOS)
 fi;
 
 if enterAndClear "build/make"; then
@@ -301,6 +302,7 @@ if enterAndClear "packages/apps/Settings"; then
 git revert --no-edit 486980cfecce2ca64267f41462f9371486308e9d; #Don't hide OEM unlock
 #applyPatch "$DOS_PATCHES/android_packages_apps_Settings/272651.patch"; #ten-bt-sbc-hd-dualchannel: Add Dual Channel into Bluetooth Audio Channel Mode developer options menu (ValdikSS)
 applyPatch "$DOS_PATCHES/android_packages_apps_Settings/0001-Captive_Portal_Toggle.patch"; #Add option to disable captive portal checks (MSe1969)
+#applyPatch "$DOS_PATCHES/android_packages_apps_Settings/0001-Captive_Portal_Toggle-gos.patch"; #Add option to disable captive portal checks (GrapheneOS) #FIXME: needs work
 applyPatch "$DOS_PATCHES/android_packages_apps_Settings/0003-Remove_SensorsOff_Tile.patch"; #Remove the Sensors Off development tile (DivestOS)
 applyPatch "$DOS_PATCHES/android_packages_apps_Settings/0004-Private_DNS.patch"; #More 'Private DNS' options (heavily based off of a CalyxOS patch)
 applyPatch "$DOS_PATCHES/android_packages_apps_Settings/0005-Automatic_Reboot.patch"; #Timeout for reboot (GrapheneOS)
@@ -311,6 +313,7 @@ if [ "$DOS_GRAPHENE_EXEC" = true ]; then applyPatch "$DOS_PATCHES/android_packag
 applyPatch "$DOS_PATCHES/android_packages_apps_Settings/0010-Random_MAC-1.patch"; #Add option to always randomize MAC (GrapheneOS)
 applyPatch "$DOS_PATCHES/android_packages_apps_Settings/0010-Random_MAC-2.patch"; #Remove partial MAC randomization translations (GrapheneOS)
 applyPatch "$DOS_PATCHES/android_packages_apps_Settings/0011-LTE_Only_Mode.patch"; #Add LTE-only option (GrapheneOS)
+applyPatch "$DOS_PATCHES/android_packages_apps_Settings/0012-hosts_toggle.patch"; #Add a toggle to disable /etc/hosts lookup (heavily based off of a GrapheneOS patch)
 sed -i 's/private int mPasswordMaxLength = 16;/private int mPasswordMaxLength = 64;/' src/com/android/settings/password/ChooseLockPassword.java; #Increase default max password length to 64 (GrapheneOS)
 sed -i 's/if (isFullDiskEncrypted()) {/if (false) {/' src/com/android/settings/accessibility/*AccessibilityService*.java; #Never disable secure start-up when enabling an accessibility service
 fi;
@@ -374,6 +377,7 @@ fi;
 
 if enterAndClear "system/netd"; then
 applyPatch "$DOS_PATCHES/android_system_netd/0001-Network_Permission.patch"; #Expose the NETWORK permission (GrapheneOS)
+applyPatch "$DOS_PATCHES/android_system_netd/0002-hosts_toggle.patch"; #Add a toggle to disable /etc/hosts lookup (DivestOS)
 fi;
 
 if enterAndClear "system/sepolicy"; then