Git-Mirrors/DivestOS
1
0
Fork 0
mirror of https://github.com/Divested-Mobile/DivestOS-Build.git synced 2025-08-24 13:59:43 -04:00
Code Issues Projects Releases Packages Wiki Activity

Switch to upstream ASB patchsets

Browse source 
Signed-off-by: Tad <tad@spotco.us>
This commit is contained in:
Tad 2023-10-08 22:06:56 -04:00
parent 7b54b4459c
commit bf565cd578
No known key found for this signature in database
GPG key ID: B286E9F57A07424B
120 changed files with 21 additions and 16243 deletions
Download patch file Download diff file Expand all files Collapse all files

23
Scripts/LineageOS-20.0/Patch.sh
View file

@ -97,7 +97,6 @@ applyPatch "$DOS_PATCHES/android_build/0004-Selective_APEX.patch"; #Only enable
sed -i '75i$(my_res_package): PRIVATE_AAPT_FLAGS += --auto-add-overlay' core/aapt2.mk; #Enable auto-add-overlay for packages, this allows the vendor overlay to easily work across all branches.
sed -i 's/PLATFORM_MIN_SUPPORTED_TARGET_SDK_VERSION := 23/PLATFORM_MIN_SUPPORTED_TARGET_SDK_VERSION := 28/' core/version_util.mk; #Set the minimum supported target SDK to Pie (GrapheneOS)
#sed -i 's/PRODUCT_OTA_ENFORCE_VINTF_KERNEL_REQUIREMENTS := true/PRODUCT_OTA_ENFORCE_VINTF_KERNEL_REQUIREMENTS := false/' core/product_config.mk; #broken by hardenDefconfig
sed -i 's/2023-09-05/2023-10-01/' core/version_defaults.mk; #Bump Security String #XXX ASB-2023-10
fi;
if enterAndClear "build/soong"; then
@ -124,7 +123,7 @@ fi;
fi;
if enterAndClear "external/libxml2"; then
git am $DOS_PATCHES/ASB-2023-10/libxml-*.patch;
git fetch https://github.com/LineageOS/android_external_libxml2 refs/changes/46/367946/1 && git cherry-pick FETCH_HEAD; #T_asb_2023-10
fi;
if enterAndClear "frameworks/av"; then
@ -132,7 +131,6 @@ git am $DOS_PATCHES/ASB-2023-10/av-*.patch;
fi;
if enterAndClear "frameworks/base"; then
git am $DOS_PATCHES/ASB-2023-10/base-*.patch;
git revert --no-edit d36faad3267522c6d3ff91ba9dcca8f6274bccd1; #Reverts "JobScheduler: Respect allow-in-power-save perm" in favor of below patch
git revert --no-edit 90d6826548189ca850d91692e71fcc1be426f453; #Reverts "Remove sensitive info from SUPL requests" in favor of below patch
applyPatch "$DOS_PATCHES/android_frameworks_base/0007-Always_Restict_Serial.patch"; #Always restrict access to Build.SERIAL (GrapheneOS)
@ -223,7 +221,6 @@ applyPatch "$DOS_PATCHES/android_frameworks_libs_systemui/0001-Icon_Cache.patch"
fi;
if enterAndClear "frameworks/native"; then
git am $DOS_PATCHES/ASB-2023-10/native-*.patch;
applyPatch "$DOS_PATCHES/android_frameworks_native/0001-Sensors_Permission.patch"; #Require OTHER_SENSORS permission for sensors (GrapheneOS)
applyPatch "$DOS_PATCHES/android_frameworks_native/0001-Sensors_Permission-a1.patch"; #Protect step sensors with OTHER_SENSORS permission for targetSdk<29 apps (GrapheneOS)
fi;
@ -316,7 +313,6 @@ applyPatch "$DOS_PATCHES/android_packages_apps_OpenEUICC/0001-hacky-fix.patch";
fi;
if enterAndClear "packages/apps/Settings"; then
git am $DOS_PATCHES/ASB-2023-10/settings-*.patch;
git revert --no-edit 41b4ed345a91da1dd46c00ee11a151c2b5ff4f43;
applyPatch "$DOS_PATCHES/android_packages_apps_Settings/0004-Private_DNS.patch"; #More 'Private DNS' options (heavily based off of a CalyxOS patch)
applyPatch "$DOS_PATCHES/android_packages_apps_Settings/0005-Automatic_Reboot.patch"; #Timeout for reboot (GrapheneOS)
@ -361,10 +357,6 @@ applyPatch "$DOS_PATCHES/android_packages_inputmethods_LatinIME/0001-Voice.patch
applyPatch "$DOS_PATCHES/android_packages_inputmethods_LatinIME/0002-Disable_Personalization.patch"; #Disable personalization dictionary by default (GrapheneOS)
fi;
if enterAndClear "packages/modules/Bluetooth"; then
git am $DOS_PATCHES/ASB-2023-10/bluetooth-*.patch;
fi;
if enterAndClear "packages/modules/Connectivity"; then
applyPatch "$DOS_PATCHES/android_packages_modules_Connectivity/0001-Network_Permission-1.patch"; #Skip reportNetworkConnectivity() when permission is revoked (GrapheneOS)
applyPatch "$DOS_PATCHES/android_packages_modules_Connectivity/0001-Network_Permission-2.patch"; #Enforce INTERNET permission per-uid instead of per-appId (GrapheneOS)
@ -391,7 +383,6 @@ applyPatch "$DOS_PATCHES/android_packages_modules_Permission/0006-Location_Indic
fi;
if enterAndClear "packages/modules/Wifi"; then
git am $DOS_PATCHES/ASB-2023-10/wifi-*.patch;
applyPatch "$DOS_PATCHES/android_packages_modules_Wifi/344228.patch"; #wifi: resurrect mWifiLinkLayerStatsSupported counter (sassmann)
applyPatch "$DOS_PATCHES/android_packages_modules_Wifi/0001-Random_MAC.patch"; #Add support for always generating new random MAC (GrapheneOS)
fi;
@ -400,19 +391,10 @@ if enterAndClear "packages/providers/DownloadProvider"; then
applyPatch "$DOS_PATCHES/android_packages_providers_DownloadProvider/0001-Network_Permission.patch"; #Expose the NETWORK permission (GrapheneOS)
fi;
if enterAndClear "packages/providers/MediaProvider"; then
git am $DOS_PATCHES/ASB-2023-10/mediaprovider-*.patch;
fi;
#if enterAndClear "packages/providers/TelephonyProvider"; then
#cp $DOS_PATCHES_COMMON/android_packages_providers_TelephonyProvider/carrier_list.* assets/latest_carrier_id/;
#fi;
if enterAndClear "packages/services/Telecomm"; then
git am $DOS_PATCHES/ASB-2023-10/telecomm-*.patch;
fi;
if enterAndClear "system/ca-certificates"; then
rm -rf files; #Remove old certs
cp -r "$DOS_PATCHES_COMMON/android_system_ca-certificates/files" .; #Copy the new ones into place
@ -444,10 +426,9 @@ git revert --no-edit ac104e8990f3be3a3f111241e9328e7f98bfb912; #Do not skip payl
fi;
if enterAndClear "tools/apksig"; then
git am $DOS_PATCHES/ASB-2023-10/apksig-*.patch;
git fetch https://github.com/LineageOS/android_tools_apksig refs/changes/64/367964/1 && git cherry-pick FETCH_HEAD; #T_asb_2023-10
fi;
if enterAndClear "vendor/lineage"; then
rm build/target/product/security/lineage.x509.pem; #Remove Lineage keys
rm -rf overlay/common/lineage-sdk/packages/LineageSettingsProvider/res/values/defaults.xml; #Remove analytics