Git-Mirrors/DivestOS
1
0
Fork 0
mirror of https://github.com/Divested-Mobile/DivestOS-Build.git synced 2025-05-02 06:26:20 -04:00
Code Issues Projects Releases Packages Wiki Activity

Prevent Qualcomm location stack from reading chipset serial number

Browse source 
The deblobber already removes xtra-daemon which is what actually performs the requests.
This is just extra sanctity.

Signed-off-by: Tad <tad@spotco.us>
This commit is contained in:
Tad 2023-05-03 21:39:48 -04:00
parent 366b4eb5ef
commit c544c28b94
No known key found for this signature in database
GPG key ID: B286E9F57A07424B
9 changed files with 17 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

8
Scripts/Common/Functions.sh
View file

@ -492,6 +492,14 @@ volteOverride() {
}
export -f volteOverride;
hardenLocationSepolicy() {
#Prevent Qualcomm location stack from reading chipset serial number
find device -name "hal_gnss*.te" -type f -exec sh -c "awk -i inplace '!/sysfs_soc/' {}" \;
find device -name "location.te" -type f -exec sh -c "awk -i inplace '!/sysfs_soc/' {}" \;
echo "Removed serial number access to Qualcomm location stacks";
}
export -f hardenLocationSepolicy;
hardenLocationConf() {
local gpsConfig=$1;
#Debugging: adb logcat -b all | grep -i -e locsvc -e izat -e gps -e gnss -e location -e xtra

1
Scripts/LineageOS-14.1/Patch.sh
View file

@ -591,6 +591,7 @@ find "kernel" -maxdepth 2 -mindepth 2 -type d -print0 | xargs -0 -n 1 -P 8 -I {}
cd "$DOS_BUILD_BASE";
deblobAudio;
removeBuildFingerprints;
hardenLocationSepolicy || true;
changeDefaultDNS; #Change the default DNS servers
#Tweaks for <2GB RAM devices

1
Scripts/LineageOS-15.1/Patch.sh
View file

@ -502,6 +502,7 @@ find "kernel" -maxdepth 2 -mindepth 2 -type d -print0 | xargs -0 -n 1 -P 8 -I {}
cd "$DOS_BUILD_BASE";
deblobAudio;
removeBuildFingerprints;
hardenLocationSepolicy || true;
changeDefaultDNS; #Change the default DNS servers
#Tweaks for <2GB RAM devices

1
Scripts/LineageOS-16.0/Patch.sh
View file

@ -412,6 +412,7 @@ if [ "$DOS_GRAPHENE_EXEC" = true ]; then find "device" -maxdepth 2 -mindepth 2 -
cd "$DOS_BUILD_BASE";
deblobAudio;
removeBuildFingerprints;
hardenLocationSepolicy || true;
changeDefaultDNS; #Change the default DNS servers
fixupCarrierConfigs || true; #Remove silly carrier restrictions
cd "$DOS_BUILD_BASE";

1
Scripts/LineageOS-17.1/Patch.sh
View file

@ -555,6 +555,7 @@ if [ "$DOS_GRAPHENE_EXEC" = true ]; then find "device" -maxdepth 2 -mindepth 2 -
cd "$DOS_BUILD_BASE";
deblobAudio;
removeBuildFingerprints;
hardenLocationSepolicy || true;
enableAutoVarInit || true;
changeDefaultDNS; #Change the default DNS servers
fixupCarrierConfigs || true; #Remove silly carrier restrictions

1
Scripts/LineageOS-18.1/Patch.sh
View file

@ -561,6 +561,7 @@ if [ "$DOS_GRAPHENE_EXEC" = true ]; then find "device" -maxdepth 2 -mindepth 2 -
cd "$DOS_BUILD_BASE";
deblobAudio;
removeBuildFingerprints;
hardenLocationSepolicy || true;
enableAutoVarInit || true;
changeDefaultDNS; #Change the default DNS servers
fixupCarrierConfigs || true; #Remove silly carrier restrictions

1
Scripts/LineageOS-19.1/Patch.sh
View file

@ -450,6 +450,7 @@ if [ "$DOS_GRAPHENE_EXEC" = true ]; then find "device" -maxdepth 2 -mindepth 2 -
cd "$DOS_BUILD_BASE";
deblobAudio;
removeBuildFingerprints;
hardenLocationSepolicy || true;
enableAutoVarInit || true;
changeDefaultDNS; #Change the default DNS servers
fixupCarrierConfigs || true; #Remove silly carrier restrictions

1
Scripts/LineageOS-20.0/Patch.sh
View file

@ -504,6 +504,7 @@ if [ "$DOS_GRAPHENE_EXEC" = true ]; then find "device" -maxdepth 2 -mindepth 2 -
cd "$DOS_BUILD_BASE";
deblobAudio;
removeBuildFingerprints;
hardenLocationSepolicy || true;
enableAutoVarInit || true;
changeDefaultDNS; #Change the default DNS servers
fixupCarrierConfigs || true; #Remove silly carrier restrictions