Many tweaks

- 19.1/20.0: Enable low ram for <6GB devices
- 20.0: support RROs with exec spawning patch from GrapheneOS
- allow work profiles when low ram is enabled
- churn
- cherrypicks

Signed-off-by: Tad <tad@spotco.us>

Scripts/Common/Functions.sh

@@ -688,7 +688,7 @@ fixupCarrierConfigs() {
 	local pathsToFixup="packages/apps/CarrierConfig/assets/*.xml device/*/*/overlay/packages/apps/CarrierConfig/res/xml/vendor.xml device/*/*/overlay/CarrierConfigResCommon/res/xml/vendor.xml device/*/*/rro_overlays/CarrierConfigOverlay/res/xml/vendor.xml";
 	#Things we don't want
 	#Reference (BSD-3-Clause): https://github.com/GrapheneOS/carriersettings-extractor/blob/13/carriersettings_extractor.py
-	local ccLines="allow_adding_apns_bool|apn_expand_bool|hide_ims_apn_bool|hide_preset_apn_details_bool|hide_enable_2g_bool";
+	local ccLines="allow_adding_apns_bool|apn_expand_bool|hide_ims_apn_bool|hide_preset_apn_details_bool|hide_enable_2g_bool|gps.lpp_profile|gps.persist_lpp_mode_bool";
 	sed -i -E "/($ccLines)/d" $pathsToFixup;
 	local ccArrays="read_only_apn_fields_string_array|read_only_apn_types_string_array";
 	sed -i -E "/("$ccArrays").*num=\"0\"/d" $pathsToFixup; #ugly hack because next line is very greedy

Scripts/Common/Post.sh

@@ -30,6 +30,10 @@ sed -i 's/static int slab_nomerge;/static int slab_nomerge = 1;/' kernel/*/*/mm/
 sed -i 's/static bool slab_nomerge = !IS_ENABLED(CONFIG_SLAB_MERGE_DEFAULT);/static bool slab_nomerge = true;/' kernel/*/*/mm/slab_common.c &>/dev/null || true; #4.13+
 sed -i 's/static bool slab_nomerge __ro_after_init = !IS_ENABLED(CONFIG_SLAB_MERGE_DEFAULT);/static bool slab_nomerge __ro_after_init = true;/' kernel/*/*/mm/slab_common.c &>/dev/null || true; #4.13+
 
+#Enable KSM #XXX testing only
+#sed -i 's/unsigned int ksm_run = KSM_RUN_STOP;/unsigned int ksm_run = KSM_RUN_MERGE;/' kernel/*/*/mm/ksm.c &>/dev/null || true;
+#sed -i 's/unsigned long ksm_run = KSM_RUN_STOP;/unsigned long ksm_run = KSM_RUN_MERGE;/' kernel/*/*/mm/ksm.c &>/dev/null || true;
+
 #Enable page poisoning
 #Commented as set by defconfig
 #sed -i 's/= IS_ENABLED(CONFIG_PAGE_POISONING_ENABLE_DEFAULT);/= true;/' kernel/*/*/mm/page_poison.c &>/dev/null || true; #4.4+ #XXX: shouldn't be enabled past 5.3
@@ -41,5 +45,8 @@ sed -i 's/static bool slab_nomerge __ro_after_init = !IS_ENABLED(CONFIG_SLAB_MER
 awk -i inplace '!/persist.device_config.runtime_native.usap_pool_enabled=true/' device/*/*/*.prop &>/dev/null || true;
 awk -i inplace '!/config_pinnerCameraApp/' device/*/*/overlay/frameworks/base/core/res/res/values/config.xml &>/dev/null || true;
 
+#Allow Work Profiles in low_ram mode
+sed -i '/android.software.managed_users/s/notLowRam="true"//' frameworks/native/data/etc/handheld_core_hardware.xml || true;
+
 cd "$DOS_BUILD_BASE";
 echo -e "\e[0;32m[SCRIPT COMPLETE] Post tweaks complete\e[0m";

Scripts/LineageOS-18.1/Functions.sh

@@ -114,11 +114,10 @@ patchWorkspaceReal() {
 	verifyAllPlatformTags;
 	gpgVerifyGitHead "$DOS_BUILD_BASE/external/chromium-webview";
 
-	source build/envsetup.sh;
+	#source build/envsetup.sh;
 	#repopick -it eleven-firewall;
 	#repopick -i 314453; #TaskViewTouchController: Null check current animation on drag
 	#repopick -i 325011; #lineage: Opt-in to shipping full recovery image by default
-	repopick -it R_asb_2023-07;
 
 	sh "$DOS_SCRIPTS/Patch.sh";
 	sh "$DOS_SCRIPTS_COMMON/Enable_Verity.sh";

Scripts/LineageOS-18.1/Patch.sh

@@ -95,7 +95,6 @@ sed -i '75i$(my_res_package): PRIVATE_AAPT_FLAGS += --auto-add-overlay' core/aap
 awk -i inplace '!/updatable_apex.mk/' target/product/mainline_system.mk; #Disable APEX
 sed -i 's/PLATFORM_MIN_SUPPORTED_TARGET_SDK_VERSION := 23/PLATFORM_MIN_SUPPORTED_TARGET_SDK_VERSION := 28/' core/version_defaults.mk; #Set the minimum supported target SDK to Pie (GrapheneOS)
 #sed -i 's/PRODUCT_OTA_ENFORCE_VINTF_KERNEL_REQUIREMENTS := true/PRODUCT_OTA_ENFORCE_VINTF_KERNEL_REQUIREMENTS := false/' core/product_config.mk; #broken by hardenDefconfig
-sed -i 's/2023-06-05/2023-07-05/' core/version_defaults.mk; #Bump Security String #R_asb_2023-07 #XXX
 fi;
 
 if enterAndClear "build/soong"; then
@@ -117,10 +116,6 @@ if enterAndClear "external/conscrypt"; then
 if [ "$DOS_GRAPHENE_CONSTIFY" = true ]; then applyPatch "$DOS_PATCHES/android_external_conscrypt/0001-constify_JNINativeMethod.patch"; fi; #Constify JNINativeMethod tables (GrapheneOS)
 fi;
 
-if enterAndClear "external/freetype"; then
-git fetch https://github.com/LineageOS/android_external_freetype refs/changes/51/360951/1 && git cherry-pick FETCH_HEAD; #R_asb_2023-07
-fi;
-
 if [ "$DOS_GRAPHENE_MALLOC" = true ]; then
 if enterAndClear "external/hardened_malloc"; then
 applyPatch "$DOS_PATCHES/android_external_hardened_malloc/0001-Broken_Cameras.patch"; #Expand workaround to all camera executables (DivestOS)
@@ -426,10 +421,6 @@ if enterAndClear "system/vold"; then
 git revert --no-edit 3461ff5c9ad334c96780f3da14f1d23fcbee63ad; #breaks mako first boot
 fi;
 
-if enterAndClear "tools/apksig"; then
-git fetch https://github.com/LineageOS/android_tools_apksig refs/changes/73/360973/1 && git cherry-pick FETCH_HEAD; #R_asb_2023-07
-fi;
-
 if enterAndClear "vendor/lineage"; then
 rm build/target/product/security/lineage.x509.pem; #Remove Lineage keys
 rm -rf overlay/common/lineage-sdk/packages/LineageSettingsProvider/res/values/defaults.xml; #Remove analytics

Scripts/LineageOS-19.1/Functions.sh

@@ -88,10 +88,9 @@ patchWorkspaceReal() {
 	verifyAllPlatformTags;
 	gpgVerifyGitHead "$DOS_BUILD_BASE/external/chromium-webview";
 
-	source build/envsetup.sh;
+	#source build/envsetup.sh;
 	#repopick -ift twelve-bt-sbc-hd-dualchannel;
 	#repopick -it twelve-colors;
-	repopick -it S_asb_2023-07;
 
 	sh "$DOS_SCRIPTS/Patch.sh";
 	sh "$DOS_SCRIPTS_COMMON/Enable_Verity.sh";

Scripts/LineageOS-19.1/Patch.sh

@@ -97,7 +97,6 @@ sed -i '75i$(my_res_package): PRIVATE_AAPT_FLAGS += --auto-add-overlay' core/aap
 awk -i inplace '!/updatable_apex.mk/' target/product/generic_system.mk; #Disable APEX
 sed -i 's/PLATFORM_MIN_SUPPORTED_TARGET_SDK_VERSION := 23/PLATFORM_MIN_SUPPORTED_TARGET_SDK_VERSION := 28/' core/version_defaults.mk; #Set the minimum supported target SDK to Pie (GrapheneOS)
 #sed -i 's/PRODUCT_OTA_ENFORCE_VINTF_KERNEL_REQUIREMENTS := true/PRODUCT_OTA_ENFORCE_VINTF_KERNEL_REQUIREMENTS := false/' core/product_config.mk; #broken by hardenDefconfig
-sed -i 's/2023-06-05/2023-07-05/' core/version_defaults.mk; #Bump Security String #S_asb_2023-07 #XXX
 fi;
 
 if enterAndClear "build/soong"; then
@@ -114,10 +113,6 @@ if enterAndClear "external/conscrypt"; then
 if [ "$DOS_GRAPHENE_CONSTIFY" = true ]; then applyPatch "$DOS_PATCHES/android_external_conscrypt/0001-constify_JNINativeMethod.patch"; fi; #Constify JNINativeMethod tables (GrapheneOS)
 fi;
 
-if enterAndClear "external/freetype"; then
-git fetch https://github.com/LineageOS/android_external_freetype refs/changes/29/360929/1 && git cherry-pick FETCH_HEAD; #S_asb_2023-07
-fi;
-
 if [ "$DOS_GRAPHENE_MALLOC" = true ]; then
 if enterAndClear "external/hardened_malloc"; then
 applyPatch "$DOS_PATCHES/android_external_hardened_malloc/0001-Broken_Cameras-1.patch"; #Workarounds for Pixel 3 SoC era camera driver bugs (GrapheneOS)
@@ -427,10 +422,6 @@ if enterAndClear "system/update_engine"; then
 git revert --no-edit a5a18ac5e2a2377fe036fcae93548967a7b40470; #Do not skip payload signature verification
 fi;
 
-if enterAndClear "tools/apksig"; then
-git fetch https://github.com/LineageOS/android_tools_apksig refs/changes/46/360946/1 && git cherry-pick FETCH_HEAD; #S_asb_2023-07
-fi;
-
 if enterAndClear "vendor/lineage"; then
 rm build/target/product/security/lineage.x509.pem; #Remove Lineage keys
 rm -rf overlay/common/lineage-sdk/packages/LineageSettingsProvider/res/values/defaults.xml; #Remove analytics
@@ -500,9 +491,25 @@ removeUntrustedCerts || true;
 cd "$DOS_BUILD_BASE";
 #rm -rfv device/*/*/overlay/CarrierConfigResCommon device/*/*/rro_overlays/CarrierConfigOverlay device/*/*/overlay/packages/apps/CarrierConfig/res/xml/vendor.xml;
 
-#Tweaks for <4GB RAM devices
-#enableLowRam "device/sony/kirin" "kirin";
-#enableLowRam "device/sony/pioneer" "pioneer";
+#Tweaks for 3GB RAM devices
+enableLowRam "device/sony/kirin" "kirin";
+enableLowRam "device/sony/pioneer" "pioneer";
+#Tweaks for 4GB RAM devices
+enableLowRam "device/lge/h830" "h830";
+enableLowRam "device/lge/h850" "h850";
+enableLowRam "device/lge/h870" "h870";
+enableLowRam "device/lge/h910" "h910";
+enableLowRam "device/lge/h918" "h918";
+enableLowRam "device/lge/h990" "h990";
+enableLowRam "device/lge/ls997" "ls997";
+enableLowRam "device/lge/rs988" "rs988";
+enableLowRam "device/lge/us996" "us996";
+enableLowRam "device/lge/us997" "us997";
+enableLowRam "device/lge/vs995" "vs995";
+enableLowRam "device/sony/discovery" "discovery";
+#Tweaks for 4GB/6GB RAM devices
+#enableLowRam "device/sony/voyager" "voyager";
+#enableLowRam "device/sony/mermaid" "mermaid";
 
 #Fix broken options enabled by hardenDefconfig()
 #none yet

Scripts/LineageOS-20.0/Patch.sh

@@ -161,6 +161,7 @@ applyPatch "$DOS_PATCHES/android_frameworks_base/0018-Exec_Based_Spawning-10.pat
 applyPatch "$DOS_PATCHES/android_frameworks_base/0018-Exec_Based_Spawning-11.patch";
 applyPatch "$DOS_PATCHES/android_frameworks_base/0018-Exec_Based_Spawning-12.patch";
 applyPatch "$DOS_PATCHES/android_frameworks_base/0018-Exec_Based_Spawning-13.patch";
+applyPatch "$DOS_PATCHES/android_frameworks_base/0018-Exec_Based_Spawning-14.patch";
 sed -i 's/sys.spawn.exec/persist.security.exec_spawn_new/' core/java/com/android/internal/os/ZygoteConnection.java;
 fi;
 applyPatch "$DOS_PATCHES/android_frameworks_base/0020-Location_Indicators.patch"; #SystemUI: Use new privacy indicators for location (GrapheneOS)
@@ -514,6 +515,24 @@ removeUntrustedCerts || true;
 cd "$DOS_BUILD_BASE";
 #rm -rfv device/*/*/overlay/CarrierConfigResCommon device/*/*/rro_overlays/CarrierConfigOverlay device/*/*/overlay/packages/apps/CarrierConfig/res/xml/vendor.xml;
 
+#Tweaks for <4GB RAM devices
+enableLowRam "device/xiaomi/Mi8937" "Mi8917";
+enableLowRam "device/xiaomi/Mi8937" "Mi8937";
+#Tweaks for 4GB RAM devices
+enableLowRam "device/essential/mata" "mata";
+enableLowRam "device/fairphone/FP3" "FP3";
+enableLowRam "device/google/bonito" "bonito";
+enableLowRam "device/google/bonito" "sargo";
+enableLowRam "device/google/crosshatch" "blueline";
+enableLowRam "device/google/crosshatch" "crosshatch";
+enableLowRam "device/google/muskie/walleye" "walleye";
+enableLowRam "device/google/taimen" "taimen";
+enableLowRam "device/samsung/starlte" "starlte";
+#Tweaks for 4GB/6GB RAM devices
+#enableLowRam "device/sony/akari" "akari";
+#enableLowRam "device/sony/akatsuki" "akatsuki";
+#enableLowRam "device/sony/xz2c" "xz2c";
+
 #Fix broken options enabled by hardenDefconfig()
 [[ -d kernel/fairphone/sdm632 ]] && sed -i "s/CONFIG_PREEMPT_TRACER=n/CONFIG_PREEMPT_TRACER=y/" kernel/fairphone/sdm632/arch/arm64/configs/lineageos_*_defconfig; #Breaks on compile
 [[ -d kernel/google/msm-4.9 ]] && sed -i "s/CONFIG_DEBUG_NOTIFIERS=y/# CONFIG_DEBUG_NOTIFIERS is not set/" kernel/google/msm-4.9/arch/arm64/configs/*_defconfig; #Likely breaks boot