Git-Mirrors
/
DivestOS
mirror of https://github.com/Divested-Mobile/DivestOS-Build.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

19.1: More work 

- Adds hosts cache and wildcard support back
- Fixes broken hardened malloc enablement patch
- Drops FDroidPrivExt, non-functional
- Disables captive portal toggle patch, crashes Settings, needs rework
- Rebranding work
- Attempts to fix no boot animation

Signed-off-by: Tad <tad@spotco.us>
This commit is contained in:
Tad 2022-04-06 00:14:39 -04:00
parent 3a0659b9d8
commit d1e441e4cb
13 changed files with 833 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
Misc/Features/GrapheneOS.txt
View File

@ -214,13 +214,13 @@ nojit
11 https://github.com/GrapheneOS/platform_frameworks_base/commit/3afe69fda4e6d89c90bb5d35e43ed2cc272e20dc
11 https://github.com/GrapheneOS/platform_packages_apps_Settings/commit/607919bb5de5aa42558f73840a1f1c06fc5c04fd
[implemented] Bluetooth auto turn off (partial CalyxOS?
[implemented] Bluetooth auto turn off (partial CalyxOS)
12 https://github.com/GrapheneOS/platform_frameworks_base/commit/6577307ef97cfeb4ba951d0c9e2696a21bd1237a
12 https://github.com/GrapheneOS/platform_packages_apps_Settings/commit/cfc5b87c62cc67b5a242a3030eba7fff934871b5
11 https://github.com/GrapheneOS/platform_frameworks_base/commit/e9d17cd4807dbfa837b16296b3a2e4434c060002
11 https://github.com/GrapheneOS/platform_packages_apps_Settings/commit/43ca9fac87286bab5db3be5ee079e0047a469a66
[implemented] Wi-Fi auto turn off (partial CalyxOS?)
[implemented] Wi-Fi auto turn off (partial CalyxOS)
12 https://github.com/GrapheneOS/platform_frameworks_base/commit/b008fb6e05af55577bad6046af4a91af4fccaeca
12 https://github.com/GrapheneOS/platform_packages_apps_Settings/commit/0f8a16323cfe431da8146e5ae58972c42b4d32d6
11 https://github.com/GrapheneOS/platform_frameworks_base/commit/423f3e151beae0c608881d4bf16b8dff22b5efc6

53
Patches/LineageOS-19.1/android_bionic/0001-HM-Use_HM.patch
View File

@ -7,14 +7,14 @@ Co-authored-by: anupritaisno1 <www.anuprita804@gmail.com>
Signed-off-by: anupritaisno1 <www.anuprita804@gmail.com>
[tad@spotco.us]: kept Lineage's scudo 32-bit workaround
---
libc/Android.bp | 39 +++++++++++-------------
libc/bionic/h_malloc_wrapper.cpp | 51 ++++++++++++++++++++++++++++++++
libc/Android.bp | 54 +++++++++++++++-----------------
libc/bionic/h_malloc_wrapper.cpp | 51 ++++++++++++++++++++++++++++++
libc/bionic/malloc_common.h | 8 +++++
3 files changed, 77 insertions(+), 21 deletions(-)
3 files changed, 84 insertions(+), 29 deletions(-)
create mode 100644 libc/bionic/h_malloc_wrapper.cpp
diff --git a/libc/Android.bp b/libc/Android.bp
index 98b878151..75b06f58c 100644
index 98b878151..4bc0a77b3 100644
--- a/libc/Android.bp
+++ b/libc/Android.bp
@@ -68,6 +68,8 @@ libc_common_flags = [
@ -26,7 +26,7 @@ index 98b878151..75b06f58c 100644
]
// Define some common cflags
@@ -113,33 +115,20 @@ cc_defaults {
@@ -113,19 +115,6 @@ cc_defaults {
ldflags: ["-Wl,-z,muldefs"],
multilib: {
@ -46,15 +46,8 @@ index 98b878151..75b06f58c 100644
lib32: {
product_variables: {
malloc_zero_contents: {
cflags: ["-DSCUDO_ZERO_CONTENTS"],
},
malloc_pattern_fill_contents: {
- cflags: ["-DSCUDO_PATTERN_FILL_CONTENTS"],
+ cflags: ["-DSCUDO_PATTERN_FILL_CONTENTS"],
},
malloc_not_svelte_libc32: {
- cflags: ["-DUSE_SCUDO"],
+ cflags: ["-DUSE_SCUDO"],
@@ -138,8 +127,8 @@ cc_defaults {
cflags: ["-DUSE_SCUDO"],
},
},
- },
@ -64,7 +57,37 @@ index 98b878151..75b06f58c 100644
}
libc_scudo_product_variables = {
@@ -194,12 +183,20 @@ cc_defaults {
@@ -173,20 +162,19 @@ libc32_scudo_product_variables = {
// ========================================================
cc_defaults {
name: "libc_native_allocator_defaults",
-
- whole_static_libs: [
- "libjemalloc5",
- "libc_jemalloc_wrapper",
- ],
- header_libs: ["gwp_asan_headers"],
+ whole_static_libs: ["libc_jemalloc_wrapper"],
multilib: {
- lib64: {
- product_variables: libc_scudo_product_variables,
- },
lib32: {
+ whole_static_libs: ["libjemalloc5"],
product_variables: libc32_scudo_product_variables,
- }
+ },
+ lib64: {
+ cflags: ["-DH_MALLOC_PREFIX"],
+ whole_static_libs: ["libhardened_malloc"],
+ },
},
+
+ header_libs: ["gwp_asan_headers"],
}
// Functions not implemented by jemalloc directly, or that need to
@@ -194,12 +182,20 @@ cc_defaults {
cc_library_static {
name: "libc_jemalloc_wrapper",
defaults: ["libc_defaults"],

4
Patches/LineageOS-19.1/android_bionic/0002-Graphene_Bionic_Hardening-1.patch
View File

@ -26,10 +26,10 @@ Signed-off-by: anupritaisno1 <www.anuprita804@gmail.com>
create mode 100644 libc/bionic/explicit_bzero.cpp
diff --git a/libc/Android.bp b/libc/Android.bp
index 75b06f58c..cae5d8776 100644
index 4bc0a77b3..bcb3861d8 100644
--- a/libc/Android.bp
+++ b/libc/Android.bp
@@ -1084,6 +1084,7 @@ cc_library_static {
@@ -1083,6 +1083,7 @@ cc_library_static {
"bionic/error.cpp",
"bionic/eventfd.cpp",
"bionic/exec.cpp",

1
Patches/LineageOS-19.1/android_build/0002-OTA_Keys.patch
View File

@ -26,6 +26,7 @@ index 4b4ba3ccb8..dac79d1ff7 100644
DEXPREOPT_DISABLED_MODULES :=
# If a module has multiple setups, the first takes precedence.
diff --git a/target/product/security/Android.mk b/target/product/security/Android.mk
index cedad5b490..76d3e5ad1d 100644
--- a/target/product/security/Android.mk
+++ b/target/product/security/Android.mk
@@ -63,8 +63,15 @@ LOCAL_MODULE_CLASS := ETC

8
Patches/LineageOS-19.1/android_frameworks_base/0013-Network_Permission-4.patch
View File

@ -1,4 +1,4 @@
From 2f262ed47122e57283ee85c2cca138728559ef35 Mon Sep 17 00:00:00 2001
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Dmitry Muhomor <muhomor.dmitry@gmail.com>
Date: Mon, 10 Jan 2022 15:50:33 +0200
Subject: [PATCH] make DownloadManager.enqueue() a no-op when INTERNET
@ -9,7 +9,7 @@ Subject: [PATCH] make DownloadManager.enqueue() a no-op when INTERNET
1 file changed, 8 insertions(+)
diff --git a/core/java/android/app/DownloadManager.java b/core/java/android/app/DownloadManager.java
index 355092378279..cb4a16641953 100644
index c209660f4197..ed0ba8b4b642 100644
--- a/core/java/android/app/DownloadManager.java
+++ b/core/java/android/app/DownloadManager.java
@@ -16,6 +16,7 @@
@ -20,7 +20,7 @@ index 355092378279..cb4a16641953 100644
import android.annotation.NonNull;
import android.annotation.Nullable;
import android.annotation.RequiresPermission;
@@ -31,6 +32,7 @@
@@ -31,6 +32,7 @@ import android.content.ContentResolver;
import android.content.ContentUris;
import android.content.ContentValues;
import android.content.Context;
@ -28,7 +28,7 @@ index 355092378279..cb4a16641953 100644
import android.database.Cursor;
import android.database.CursorWrapper;
import android.database.DatabaseUtils;
@@ -1115,6 +1117,12 @@ public void onMediaStoreDownloadsDeleted(@NonNull LongSparseArray<String> idToMi
@@ -1123,6 +1125,12 @@ public class DownloadManager {
* calls related to this download.
*/
public long enqueue(Request request) {

6
Patches/LineageOS-19.1/android_frameworks_base/0013-Network_Permission-5.patch
View File

@ -9,10 +9,10 @@ Subject: [PATCH] make DownloadManager.query() a no-op when INTERNET permission
1 file changed, 7 insertions(+)
diff --git a/core/java/android/app/DownloadManager.java b/core/java/android/app/DownloadManager.java
index c209660f4197..2b141e17a80b 100644
index ed0ba8b4b642..97757b51aaeb 100644
--- a/core/java/android/app/DownloadManager.java
+++ b/core/java/android/app/DownloadManager.java
@@ -34,6 +34,7 @@ import android.content.Context;
@@ -36,6 +36,7 @@ import android.content.pm.PackageManager;
import android.database.Cursor;
import android.database.CursorWrapper;
import android.database.DatabaseUtils;
@ -20,7 +20,7 @@ index c209660f4197..2b141e17a80b 100644
import android.net.ConnectivityManager;
import android.net.NetworkPolicyManager;
import android.net.Uri;
@@ -1170,6 +1171,12 @@ public class DownloadManager {
@@ -1178,6 +1179,12 @@ public class DownloadManager {
/** @hide */
public Cursor query(Query query, String[] projection) {

39
Patches/LineageOS-19.1/android_frameworks_base/0021-Boot_Animation.patch Normal file
View File

@ -0,0 +1,39 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Tad <tad@spotco.us>
Date: Wed, 6 Apr 2022 01:10:00 -0400
Subject: [PATCH] Use basic boot animation
Signed-off-by: Tad <tad@spotco.us>
Change-Id: I0c87ddd9aec21fc610f3d17701192c04150308d7
---
cmds/bootanimation/BootAnimation.cpp | 10 ++--------
1 file changed, 2 insertions(+), 8 deletions(-)
diff --git a/cmds/bootanimation/BootAnimation.cpp b/cmds/bootanimation/BootAnimation.cpp
index 6c8cab7783b6..73a98dcc56b3 100644
--- a/cmds/bootanimation/BootAnimation.cpp
+++ b/cmds/bootanimation/BootAnimation.cpp
@@ -725,7 +725,7 @@ GLuint linkShader(GLuint vertexShader, GLuint fragmentShader) {
}
void BootAnimation::initShaders() {
- bool dynamicColoringEnabled = mAnimation != nullptr && mAnimation->dynamicColoringEnabled;
+ bool dynamicColoringEnabled = false;
GLuint vertexShader = compileShader(GL_VERTEX_SHADER, (const GLchar *)VERTEX_SHADER_SOURCE);
GLuint imageFragmentShader =
compileShader(GL_FRAGMENT_SHADER, dynamicColoringEnabled
@@ -761,13 +761,7 @@ bool BootAnimation::threadLoop() {
bool result;
initShaders();
- // We have no bootanimation file, so we use the stock android logo
- // animation.
- if (mZipFileName.isEmpty()) {
- result = android();
- } else {
- result = movie();
- }
+ result = android();
mCallbacks->shutdown();
eglMakeCurrent(mDisplay, EGL_NO_SURFACE, EGL_NO_SURFACE, EGL_NO_CONTEXT);

659
Patches/LineageOS-19.1/android_packages_modules_DnsResolver/0001-Hosts_Cache.patch Normal file
View File

@ -0,0 +1,659 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Tom Marshall <tdm.code@gmail.com>
Date: Tue, 25 Aug 2020 08:31:32 -0700
Subject: [PATCH] DnsResolver: Sort and cache hosts file data for fast lookup
The hosts file is normally searched linearly. This is very slow when
the file is large. To mitigate this, read the hosts file and sort the
entries in an in-memory cache. When an address is requested via
gethostbyname or getaddrinfo, binary search the cache.
In case where the cache is not available, return a suitable error code
and fall back to the existing lookup code.
This has been written to behave as much like the existing lookup code as
possible. But note bionic and glibc differ in behavior for some corner
cases. Choose the most standard compliant behavior for these where
possible. Otherwise choose the behavior that seems most reasonable.
Note: this change is the analogue of the bionic change of the same name.
Both should be kept in sync.
Change-Id: I5926493864d4b1291ae83f8b601bf5dcc54085cd
---
Android.bp | 1 +
getaddrinfo.cpp | 9 +
hosts_cache.cpp | 523 ++++++++++++++++++++++++++++++++++++++++++++++++
hosts_cache.h | 28 +++
sethostent.cpp | 7 +
5 files changed, 568 insertions(+)
create mode 100644 hosts_cache.cpp
create mode 100644 hosts_cache.h
diff --git a/Android.bp b/Android.bp
index 696d721..86c9cf9 100644
--- a/Android.bp
+++ b/Android.bp
@@ -164,6 +164,7 @@ cc_library {
"getaddrinfo.cpp",
"gethnamaddr.cpp",
"sethostent.cpp",
+ "hosts_cache.cpp",
"res_cache.cpp",
"res_comp.cpp",
"res_debug.cpp",
diff --git a/getaddrinfo.cpp b/getaddrinfo.cpp
index 23e7e44..f0c0ba8 100644
--- a/getaddrinfo.cpp
+++ b/getaddrinfo.cpp
@@ -66,6 +66,8 @@
#include "resolv_private.h"
#include "util.h"
+#include "hosts_cache.h"
+
#define ANY 0
using android::net::NetworkDnsEventReported;
@@ -1557,6 +1559,13 @@ static bool files_getaddrinfo(const size_t netid, const char* name, const addrin
FILE* hostf = nullptr;
cur = &sentinel;
+
+ int hc_error = hc_getaddrinfo(name, pai, &cur);
+ if (hc_error != EAI_SYSTEM) {
+ *res = sentinel.ai_next;
+ return sentinel.ai_next != NULL;
+ }
+
_sethtent(&hostf);
while ((p = _gethtent(&hostf, name, pai)) != nullptr) {
cur->ai_next = p;
diff --git a/hosts_cache.cpp b/hosts_cache.cpp
new file mode 100644
index 0000000..a40fb40
--- /dev/null
+++ b/hosts_cache.cpp
@@ -0,0 +1,523 @@
+/*
+ * Copyright (C) 2016 The CyanogenMod Project
+ * Copyright (C) 2020 The LineageOS Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <fcntl.h>
+#include <netdb.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <ctype.h>
+#include <strings.h>
+#include <sys/file.h>
+#include <sys/mman.h>
+#include <sys/socket.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+#include <unistd.h>
+#include <utime.h>
+#include <pthread.h>
+
+#include <netinet/in6.h>
+#include <arpa/inet.h>
+#include <arpa/nameser.h>
+
+#include "hostent.h"
+#include "resolv_private.h"
+
+constexpr int MAXALIASES = 35;
+constexpr int MAXADDRS = 35;
+
+#define MAX_ADDRLEN (INET6_ADDRSTRLEN - (1 + 5))
+#define MAX_HOSTLEN MAXHOSTNAMELEN
+
+#define ESTIMATED_LINELEN 32
+#define HCFILE_ALLOC_SIZE 256
+
+/* From sethostent.c */
+#define ALIGNBYTES (sizeof(uintptr_t) - 1)
+#define ALIGN(p) (((uintptr_t)(p) + ALIGNBYTES) &~ ALIGNBYTES)
+
+/*
+ * Host cache entry for hcfile.c_data.
+ * Offsets are into hcfile.h_data.
+ * Strings are *not* terminated by NULL, but by whitespace (isspace) or '#'.
+ * Use hstr* functions with these.
+ */
+struct hcent
+{
+ uint32_t addr;
+ uint32_t name;
+};
+
+/*
+ * Overall host cache file state.
+ */
+struct hcfile
+{
+ int h_fd;
+ struct stat h_st;
+ char* h_data;
+
+ uint32_t c_alloc;
+ uint32_t c_len;
+ struct hcent* c_data;
+};
+static struct hcfile hcfile;
+static pthread_mutex_t hclock = PTHREAD_MUTEX_INITIALIZER;
+
+static size_t hstrlen(const char *s)
+{
+ const char *p = s;
+ while (*p && *p != '#' && !isspace(*p))
+ ++p;
+ return p - s;
+}
+
+static int hstrcmp(const char *a, const char *b)
+{
+ size_t alen = hstrlen(a);
+ size_t blen = hstrlen(b);
+ int res = strncmp(a, b, MIN(alen, blen));
+ if (res == 0)
+ res = alen - blen;
+ return res;
+}
+
+static char *hstrcpy(char *dest, const char *src)
+{
+ size_t len = hstrlen(src);
+ memcpy(dest, src, len);
+ dest[len] = '\0';
+ return dest;
+}
+
+static char *hstrdup(const char *s)
+{
+ size_t len = hstrlen(s);
+ char *dest = (char *)malloc(len + 1);
+ if (!dest)
+ return NULL;
+ memcpy(dest, s, len);
+ dest[len] = '\0';
+ return dest;
+}
+
+static int cmp_hcent_name(const void *a, const void *b)
+{
+ struct hcent *ea = (struct hcent *)a;
+ const char *na = hcfile.h_data + ea->name;
+ struct hcent *eb = (struct hcent *)b;
+ const char *nb = hcfile.h_data + eb->name;
+
+ return hstrcmp(na, nb);
+}
+
+static struct hcent *_hcfindname(const char *name)
+{
+ size_t first, last, mid;
+ struct hcent *cur = NULL;
+ int cmp;
+
+ if (hcfile.c_len == 0)
+ return NULL;
+
+ first = 0;
+ last = hcfile.c_len - 1;
+ mid = (first + last) / 2;
+ while (first <= last) {
+ cur = hcfile.c_data + mid;
+ cmp = hstrcmp(hcfile.h_data + cur->name, name);
+ if (cmp == 0)
+ goto found;
+ if (cmp < 0)
+ first = mid + 1;
+ else {
+ if (mid > 0)
+ last = mid - 1;
+ else
+ return NULL;
+ }
+ mid = (first + last) / 2;
+ }
+ return NULL;
+
+found:
+ while (cur > hcfile.c_data) {
+ struct hcent *prev = cur - 1;
+ cmp = cmp_hcent_name(cur, prev);
+ if (cmp)
+ break;
+ cur = prev;
+ }
+
+ return cur;
+}
+
+/*
+ * Find next name on line, if any.
+ *
+ * Assumes that line is terminated by LF.
+ */
+static const char *_hcnextname(const char *name)
+{
+ while (!isspace(*name)) {
+ if (*name == '#')
+ return NULL;
+ ++name;
+ }
+ while (isspace(*name)) {
+ if (*name == '\n')
+ return NULL;
+ ++name;
+ }
+ if (*name == '#')
+ return NULL;
+ return name;
+}
+
+static int _hcfilemmap(void)
+{
+ struct stat st;
+ int h_fd;
+ char *h_addr;
+ const char *p, *pend;
+ uint32_t c_alloc;
+
+ h_fd = open(_PATH_HOSTS, O_CLOEXEC);
+ if (h_fd < 0)
+ return -1;
+ if (flock(h_fd, LOCK_EX) != 0) {
+ close(h_fd);
+ return -1;
+ }
+
+ if (hcfile.h_data) {
+ memset(&st, 0, sizeof(st));
+ if (fstat(h_fd, &st) == 0) {
+ if (st.st_size == hcfile.h_st.st_size &&
+ st.st_mtime == hcfile.h_st.st_mtime) {
+ flock(h_fd, LOCK_UN);
+ close(h_fd);
+ return 0;
+ }
+ }
+ free(hcfile.c_data);
+ munmap(hcfile.h_data, hcfile.h_st.st_size);
+ close(hcfile.h_fd);
+ memset(&hcfile, 0, sizeof(struct hcfile));
+ }
+
+ if (fstat(h_fd, &st) != 0) {
+ flock(h_fd, LOCK_UN);
+ close(h_fd);
+ return -1;
+ }
+ h_addr = (char*)mmap(NULL, st.st_size, PROT_READ, MAP_SHARED, h_fd, 0);
+ if (h_addr == MAP_FAILED) {
+ flock(h_fd, LOCK_UN);
+ close(h_fd);
+ return -1;
+ }
+
+ hcfile.h_fd = h_fd;
+ hcfile.h_st = st;
+ hcfile.h_data = h_addr;
+
+ c_alloc = 0;
+ /*
+ * Do an initial allocation if the file is "large". Estimate
+ * 32 bytes per line and define "large" as more than half of
+ * the alloc growth size (256 entries).
+ */
+ if (st.st_size >= ESTIMATED_LINELEN * HCFILE_ALLOC_SIZE / 2) {
+ c_alloc = st.st_size / ESTIMATED_LINELEN;
+ hcfile.c_data = (struct hcent*)malloc(c_alloc * sizeof(struct hcent));
+ if (!hcfile.c_data) {
+ goto oom;
+ }
+ }
+
+ p = (const char *)h_addr;
+ pend = p + st.st_size;
+ while (p < pend) {
+ const char *eol, *addr, *name;
+ size_t len;
+ addr = p;
+ eol = (const char*)memchr(p, '\n', pend - p);
+ if (!eol)
+ break;
+ p = eol + 1;
+ if (*addr == '#' || *addr == '\n')
+ continue;
+ len = hstrlen(addr);
+ if (len > MAX_ADDRLEN)
+ continue;
+ name = addr + len;
+ while (name < eol && isspace(*name))
+ ++name;
+ while (name < eol) {
+ len = hstrlen(name);
+ if (len == 0)
+ break;
+ if (len < MAX_HOSTLEN) {
+ struct hcent *ent;
+ if (c_alloc <= hcfile.c_len) {
+ struct hcent *c_data;
+ c_alloc += HCFILE_ALLOC_SIZE;
+ c_data = (struct hcent*)realloc(hcfile.c_data, c_alloc * sizeof(struct hcent));
+ if (!c_data) {
+ goto oom;
+ }
+ hcfile.c_data = c_data;
+ }
+ ent = hcfile.c_data + hcfile.c_len;
+ ent->addr = addr - h_addr;
+ ent->name = name - h_addr;
+ ++hcfile.c_len;
+ }
+ name += len;
+ while (name < eol && isspace(*name))
+ ++name;
+ }
+ }
+
+ qsort(hcfile.c_data, hcfile.c_len,
+ sizeof(struct hcent), cmp_hcent_name);
+
+ flock(h_fd, LOCK_UN);
+
+ return 0;
+
+oom:
+ free(hcfile.c_data);
+ munmap(hcfile.h_data, hcfile.h_st.st_size);
+ flock(hcfile.h_fd, LOCK_UN);
+ close(hcfile.h_fd);
+ memset(&hcfile, 0, sizeof(struct hcfile));
+ return -1;
+}
+
+/*
+ * Caching version of getaddrinfo.
+ *
+ * If we find the requested host name in the cache, use getaddrinfo to
+ * populate the result for each address we find.
+ *
+ * Note glibc and bionic differ in the handling of ai_canonname. POSIX
+ * says that ai_canonname is only populated in the first result entry.
+ * glibc does this. bionic populates ai_canonname in all result entries.
+ * We choose the POSIX/glibc way here.
+ */
+int hc_getaddrinfo(const char *name, const struct addrinfo* hints, struct addrinfo** result)
+{
+ int ret = 0;
+ struct hcent *ent, *cur;
+ struct addrinfo *ai;
+ struct addrinfo rhints;
+ struct addrinfo *last;
+ int canonname = 0;
+ int cmp;
+
+ if (getenv("ANDROID_HOSTS_CACHE_DISABLE") != NULL)
+ return EAI_SYSTEM;
+
+ if (!name)
+ return EAI_SYSTEM;
+
+ pthread_mutex_lock(&hclock);
+
+ if (_hcfilemmap() != 0) {
+ ret = EAI_SYSTEM;
+ goto out;
+ }
+ ent = _hcfindname(name);
+ if (!ent) {
+ ret = EAI_NONAME;
+ goto out;
+ }
+
+ if (hints) {
+ canonname = (hints->ai_flags & AI_CANONNAME);
+ memcpy(&rhints, hints, sizeof(rhints));
+ rhints.ai_flags &= ~AI_CANONNAME;
+ }
+ else {
+ memset(&rhints, 0, sizeof(rhints));
+ }
+ rhints.ai_flags |= AI_NUMERICHOST;
+
+ last = NULL;
+ cur = ent;
+ do {
+ char addrstr[MAX_ADDRLEN];
+ struct addrinfo *res;
+
+ hstrcpy(addrstr, hcfile.h_data + cur->addr);
+
+ if (getaddrinfo_numeric(addrstr, nullptr, rhints, &res) == 0) {
+ if (!last)
+ (*result)->ai_next = res;
+ else
+ last->ai_next = res;
+ last = res;
+ while (last->ai_next)
+ last = last->ai_next;
+ }
+
+ if(cur + 1 >= hcfile.c_data + hcfile.c_len)
+ break;
+ cmp = cmp_hcent_name(cur, cur + 1);
+ cur = cur + 1;
+ }
+ while (!cmp);
+
+ if (last == NULL) {
+ /* This check is equivalent to (*result)->ai_next == NULL */
+ ret = EAI_NODATA;
+ goto out;
+ }
+
+ if (canonname) {
+ ai = (*result)->ai_next;
+ free(ai->ai_canonname);
+ ai->ai_canonname = hstrdup(hcfile.h_data + ent->name);
+ }
+
+out:
+ pthread_mutex_unlock(&hclock);
+ return ret;
+}
+
+/*
+ * Caching version of gethtbyname.
+ *
+ * Note glibc and bionic differ in the handling of aliases. glibc returns
+ * all aliases for all entries, regardless of whether they match h_addrtype.
+ * bionic returns only the aliases for the first hosts entry. We return all
+ * aliases for all IPv4 entries.
+ *
+ * Additionally, if an alias is IPv6 and the primary name for an alias also
+ * has an IPv4 entry, glibc will return the IPv4 address(es), but bionic
+ * will not. Neither do we.
+ */
+int hc_gethtbyname(const char *host, int af, struct getnamaddr *info)
+{
+ int ret = NETDB_SUCCESS;
+ struct hcent *ent, *cur;
+ int cmp;
+ size_t addrlen;
+ unsigned int naliases = 0;
+ char *aliases[MAXALIASES];
+ unsigned int naddrs = 0;
+ char *addr_ptrs[MAXADDRS];
+ unsigned int n;
+
+ if (getenv("ANDROID_HOSTS_CACHE_DISABLE") != NULL)
+ return NETDB_INTERNAL;
+
+ switch (af) {
+ case AF_INET: addrlen = NS_INADDRSZ; break;
+ case AF_INET6: addrlen = NS_IN6ADDRSZ; break;
+ default:
+ return NETDB_INTERNAL;
+ }
+
+ pthread_mutex_lock(&hclock);
+
+ if (_hcfilemmap() != 0) {
+ ret = NETDB_INTERNAL;
+ goto out;
+ }
+
+ ent = _hcfindname(host);
+ if (!ent) {
+ ret = HOST_NOT_FOUND;
+ goto out;
+ }
+
+ cur = ent;
+ do {
+ char addr[16];
+ char addrstr[MAX_ADDRLEN];
+ char namestr[MAX_HOSTLEN];
+ const char *name;
+
+ hstrcpy(addrstr, hcfile.h_data + cur->addr);
+ if (inet_pton(af, addrstr, &addr) == 1) {
+ char *aligned;
+ /* First match is considered the official hostname */
+ if (naddrs == 0) {
+ hstrcpy(namestr, hcfile.h_data + cur->name);
+ HENT_SCOPY(info->hp->h_name, namestr, info->buf, info->buflen);
+ }
+ for (name = hcfile.h_data + cur->name; name; name = _hcnextname(name)) {
+ if (!hstrcmp(name, host))
+ continue;
+ hstrcpy(namestr, name);
+ HENT_SCOPY(aliases[naliases], namestr, info->buf, info->buflen);
+ ++naliases;
+ if (naliases >= MAXALIASES)
+ goto nospc;
+ }
+ aligned = (char *)ALIGN(info->buf);
+ if (info->buf != aligned) {
+ if ((ptrdiff_t)info->buflen < (aligned - info->buf))
+ goto nospc;
+ info->buflen -= (aligned - info->buf);
+ info->buf = aligned;
+ }
+ HENT_COPY(addr_ptrs[naddrs], addr, addrlen, info->buf, info->buflen);
+ ++naddrs;
+ if (naddrs >= MAXADDRS)
+ goto nospc;
+ }
+
+ if(cur + 1 >= hcfile.c_data + hcfile.c_len)
+ break;
+ cmp = cmp_hcent_name(cur, cur + 1);
+ cur = cur + 1;
+ }
+ while (!cmp);
+
+ if (naddrs == 0) {
+ ret = HOST_NOT_FOUND;
+ goto out;
+ }
+
+ addr_ptrs[naddrs++] = NULL;
+ aliases[naliases++] = NULL;
+
+ /* hp->h_name already populated */
+ HENT_ARRAY(info->hp->h_aliases, naliases, info->buf, info->buflen);
+ for (n = 0; n < naliases; ++n) {
+ info->hp->h_aliases[n] = aliases[n];
+ }
+ info->hp->h_addrtype = af;
+ info->hp->h_length = addrlen;
+ HENT_ARRAY(info->hp->h_addr_list, naddrs, info->buf, info->buflen);
+ for (n = 0; n < naddrs; ++n) {
+ info->hp->h_addr_list[n] = addr_ptrs[n];
+ }
+
+out:
+ pthread_mutex_unlock(&hclock);
+ return ret;
+
+nospc:
+ ret = NETDB_INTERNAL;
+ goto out;
+}
diff --git a/hosts_cache.h b/hosts_cache.h
new file mode 100644
index 0000000..55138dc
--- /dev/null
+++ b/hosts_cache.h
@@ -0,0 +1,28 @@
+/*
+ * Copyright (C) 2016 The CyanogenMod Project
+ * Copyright (C) 2020 The LineageOS Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef NETD_RESOLV_HOSTS_CACHE_H
+#define NETD_RESOLV_HOSTS_CACHE_H
+
+struct getnamaddr;
+
+int hc_getaddrinfo(const char* name, const struct addrinfo* hints,
+ struct addrinfo** result);
+
+int hc_gethtbyname(const char *host, int af, struct getnamaddr *info);
+
+#endif
diff --git a/sethostent.cpp b/sethostent.cpp
index de94fce..64de4c3 100644
--- a/sethostent.cpp
+++ b/sethostent.cpp
@@ -43,6 +43,8 @@
#include "hostent.h"
#include "resolv_private.h"
+#include "hosts_cache.h"
+
constexpr int MAXALIASES = 35;
constexpr int MAXADDRS = 35;
@@ -72,6 +74,11 @@ int _hf_gethtbyname2(const char* name, int af, getnamaddr* info) {
char* aliases[MAXALIASES];
char* addr_ptrs[MAXADDRS];
+ int rc = hc_gethtbyname(name, af, info);
+ if (rc != NETDB_INTERNAL) {
+ return (rc == NETDB_SUCCESS ? 0 : EAI_NODATA);
+ }
+
FILE* hf = NULL;
sethostent_r(&hf);
if (hf == NULL) {

72
Patches/LineageOS-19.1/android_packages_modules_DnsResolver/0002-Hosts_Wildcards.patch Normal file
View File

@ -0,0 +1,72 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Tom Marshall <tdm.code@gmail.com>
Date: Thu, 16 Jan 2020 13:07:04 -0800
Subject: [PATCH] DnsResolver: Support wildcards in cached hosts file
If an exact name is not found in the hosts file and the host name
contains at least one dot, search for entries of the form "*.domain",
where domain is the portion of the host name after the first dot. If
that is not found, repeat using the domain.
Example: a.b.c.example.com would search for the following in turn:
a.b.c.example.com
*.b.c.example.com
*.c.example.com
*.example.com
*.com
Note: this change is the analogue of the bionic change of the same name.
Both should be kept in sync.
Change-Id: I4b0bb81699151d5b371850daebf785e35ec9b170
---
hosts_cache.cpp | 29 ++++++++++++++++++++++++++++-
1 file changed, 28 insertions(+), 1 deletion(-)
diff --git a/hosts_cache.cpp b/hosts_cache.cpp
index a40fb40..258eac1 100644
--- a/hosts_cache.cpp
+++ b/hosts_cache.cpp
@@ -126,7 +126,7 @@ static int cmp_hcent_name(const void *a, const void *b)
return hstrcmp(na, nb);
}
-static struct hcent *_hcfindname(const char *name)
+static struct hcent *_hcfindname_exact(const char *name)
{
size_t first, last, mid;
struct hcent *cur = NULL;
@@ -167,6 +167,33 @@ found:
return cur;
}
+static struct hcent *_hcfindname(const char *name)
+{
+ struct hcent *ent;
+ char namebuf[MAX_HOSTLEN];
+ char *p;
+ char *dot;
+
+ ent = _hcfindname_exact(name);
+ if (!ent && strlen(name) < sizeof(namebuf)) {
+ strlcpy(namebuf, name, sizeof(namebuf));
+ p = namebuf;
+ do {
+ dot = strchr(p, '.');
+ if (!dot)
+ break;
+ if (dot > p) {
+ *(dot - 1) = '*';
+ ent = _hcfindname_exact(dot - 1);
+ }
+ p = dot + 1;
+ }
+ while (!ent);
+ }
+
+ return ent;
+}
+
/*
* Find next name on line, if any.
*

2
Scripts/Common/Post.sh
View File

@ -35,7 +35,7 @@ sed -i 's/static bool slab_nomerge __ro_after_init = !IS_ENABLED(CONFIG_SLAB_MER
#sed -i 's/= IS_ENABLED(CONFIG_PAGE_POISONING_ENABLE_DEFAULT);/= true;/' kernel/*/*/mm/page_poison.c &>/dev/null || true; #4.4+ #XXX: shouldn't be enabled past 5.3
#Build speedup
sed -i 's/flags.Tidy = true/flags.Tidy = false/' build/soong/cc/tidy.go &>/dev/null || true; #Disable clang-tidy (GrapheneOS/kdrag0n)
sed -i 's/flags.Tidy = true/flags.Tidy = false/' build/soong/cc/tidy.go &>/dev/null || true; #Disable clang-tidy (kdrag0n)
cd "$DOS_BUILD_BASE";
echo -e "\e[0;32m[SCRIPT COMPLETE] Post tweaks complete\e[0m";

4
Scripts/LineageOS-18.1/Patch.sh
View File

@ -168,8 +168,8 @@ if [ "$DOS_MICROG_INCLUDED" = "FULL" ]; then applyPatch "$DOS_PATCHES/android_fr
if [ "$DOS_MICROG_INCLUDED" = "FULL" ]; then applyPatch "$DOS_PATCHES/android_frameworks_base/0003-Harden_Sig_Spoofing.patch"; fi; #Restrict signature spoofing to system apps signed with the platform key
hardenLocationConf services/core/java/com/android/server/location/gps_debug.conf; #Harden the default GPS config
changeDefaultDNS; #Change the default DNS servers
#sed -i 's/DEFAULT_USE_COMPACTION = false;/DEFAULT_USE_COMPACTION = true;/' services/core/java/com/android/server/am/CachedAppOptimizer.java; #Enable app compaction by default (GrapheneOS)
#sed -i 's/DEFAULT_USE_FREEZER = false;/DEFAULT_USE_FREEZER = true;/' services/core/java/com/android/server/am/CachedAppOptimizer.java; #Enable app freezer by default (GrapheneOS)
sed -i 's/DEFAULT_USE_COMPACTION = false;/DEFAULT_USE_COMPACTION = true;/' services/core/java/com/android/server/am/CachedAppOptimizer.java; #Enable app compaction by default (GrapheneOS)
sed -i 's/DEFAULT_USE_FREEZER = false;/DEFAULT_USE_FREEZER = true;/' services/core/java/com/android/server/am/CachedAppOptimizer.java; #Enable app freezer by default (GrapheneOS)
sed -i 's/DEFAULT_MAX_FILES = 1000;/DEFAULT_MAX_FILES = 0;/' services/core/java/com/android/server/DropBoxManagerService.java; #Disable DropBox internal logging service
sed -i 's/DEFAULT_MAX_FILES_LOWRAM = 300;/DEFAULT_MAX_FILES_LOWRAM = 0;/' services/core/java/com/android/server/DropBoxManagerService.java;
sed -i 's/(notif.needNotify)/(true)/' location/java/com/android/internal/location/GpsNetInitiatedHandler.java; #Notify the user if their location is requested via SUPL

9
Scripts/LineageOS-19.1/Patch.sh
View File

@ -153,6 +153,7 @@ sed -i 's/sys.spawn.exec/persist.security.exec_spawn/' core/java/com/android/int
fi;
applyPatch "$DOS_PATCHES/android_frameworks_base/0020-Location_Indicators-1.patch"; #SystemUI: Use new privacy indicators for location (GrapheneOS)
applyPatch "$DOS_PATCHES/android_frameworks_base/0020-Location_Indicators-2.patch"; #Exclude Bluetooth app from Location indicators (GrapheneOS)
applyPatch "$DOS_PATCHES/android_frameworks_base/0021-Boot_Animation.patch"; #Use basic boot animation
hardenLocationConf services/core/java/com/android/server/location/gnss/gps_debug.conf; #Harden the default GPS config
changeDefaultDNS; #Change the default DNS servers
sed -i 's/DEFAULT_USE_COMPACTION = false;/DEFAULT_USE_COMPACTION = true;/' services/core/java/com/android/server/am/CachedAppOptimizer.java; #Enable app compaction by default (GrapheneOS)
@ -239,7 +240,7 @@ if [ "$DOS_GRAPHENE_CONSTIFY" = true ]; then applyPatch "$DOS_PATCHES/android_pa
fi;
if enterAndClear "packages/apps/Settings"; then
applyPatch "$DOS_PATCHES/android_packages_apps_Settings/0001-Captive_Portal_Toggle.patch"; #Add option to disable captive portal checks (MSe1969)
#applyPatch "$DOS_PATCHES/android_packages_apps_Settings/0001-Captive_Portal_Toggle.patch"; #Add option to disable captive portal checks (MSe1969) #XXX 19REBASE: broken?
#applyPatch "$DOS_PATCHES/android_packages_apps_Settings/0004-Private_DNS.patch"; #More 'Private DNS' options (CalyxOS) #XXX 19REBASE
if [ "$DOS_TIMEOUTS" = true ]; then
applyPatch "$DOS_PATCHES/android_packages_apps_Settings/0005-Automatic_Reboot.patch"; #Timeout for reboot (GrapheneOS)
@ -280,6 +281,11 @@ applyPatch "$DOS_PATCHES/android_packages_modules_Connectivity/0001-Network_Perm
#applyPatch "$DOS_PATCHES/android_packages_modules_Connectivity/0002-Private_DNS.patch"; #More 'Private DNS' options (CalyxOS) #XXX 19REBASE
fi;
if enterAndClear "packages/modules/DnsResolver"; then
applyPatch "$DOS_PATCHES/android_packages_modules_DnsResolver/0001-Hosts_Cache.patch"; #DnsResolver: Sort and cache hosts file data for fast lookup (LineageOS)
applyPatch "$DOS_PATCHES/android_packages_modules_DnsResolver/0002-Hosts_Wildcards.patch"; #DnsResolver: Support wildcards in cached hosts file (LineageOS)
fi;
if [ "$DOS_GRAPHENE_RANDOM_MAC" = true ]; then
if enterAndClear "packages/modules/NetworkStack"; then
applyPatch "$DOS_PATCHES/android_packages_modules_NetworkStack/0001-Random_MAC.patch"; #Avoid reusing DHCP state for full MAC randomization (GrapheneOS)
@ -366,6 +372,7 @@ if [ "$DOS_MICROG_INCLUDED" = "NLP" ]; then echo "PRODUCT_PACKAGES += UnifiedNLP
if [ "$DOS_HOSTS_BLOCKING" = false ]; then echo "PRODUCT_PACKAGES += $DOS_HOSTS_BLOCKING_APP" >> packages.mk; fi; #Include blocker app
#echo "PRODUCT_PACKAGES += vendor.lineage.trust@1.0-service" >> packages.mk; #Add deny usb service, all of our kernels have the necessary patch #XXX 19REBASE: is this necessary?
echo "PRODUCT_PACKAGES += eSpeakNG" >> packages.mk; #PicoTTS needs work to compile on 18.1, use eSpeak-NG instead
awk -i inplace '!/F-DroidPrivilegedExtensionOfficial/' packages.mk; #Appears to be broken
fi;
#
#END OF ROM CHANGES

4
Scripts/LineageOS-19.1/Rebrand.sh
View File

@ -24,7 +24,7 @@ source "$DOS_SCRIPTS_COMMON/Shell.sh";
echo "Rebranding...";
if enter "bootable/recovery"; then
#git revert --no-edit c4071b4f; #use standard animation #XXX 19REBASE
git revert --no-edit b8aba40343b694ddd03e2c03be5027c6c9a08371; #use standard animation
awk -i inplace '!/DrawSurface\(logo.get\(\)/' recovery_ui/screen_ui.cpp; #Hide logo
mogrify -format png -fill "#FF5722" -opaque "#167C80" -fuzz 10% res-*/images/*sel.png; #Recolor icons
mogrify -format png -fill "#FF5722" -opaque "#7c4dff" -fuzz 10% res-*/images/ic_back_sel.png;
@ -33,7 +33,7 @@ sed -i 's|0xf8, 0x90, 0xff|0xff, 0x98, 0x00|' recovery_ui/*ui.cpp; #Recolor acce
sed -i 's|0xe6, 0x51, 0x00|0x4c, 0xaf, 0x50|' recovery_ui/*ui.cpp; #Recolor accents (fastboot primary)
sed -i 's|0xfd, 0xd8, 0x35|0x8b, 0xc3, 0x4a|' recovery_ui/*ui.cpp; #Recolor accents (fastboot secondary)
sed -i 's|0xfd, 0xd8,0x35|0x8b, 0xc3, 0x4a|' recovery_ui/*ui.cpp; #Recolor accents (fastboot secondary typo)
#sed -i 's|0x16, 0x7c, 0x80|0x03, 0xa9, 0xf4|' recovery_ui/*ui.cpp; #Recolor text #XXX 19REBASE
sed -i 's|0x16, 0x7c, 0x80|0x03, 0xa9, 0xf4|' recovery_ui/*ui.cpp; #Recolor text
sed -i 's|Android Recovery|'"$DOS_BRANDING_NAME"' Recovery|' recovery_ui/*ui.cpp; #not used (yet)
sed -i 's|LineageOS|'"$DOS_BRANDING_NAME"'|' recovery_ui/*ui.cpp; #not used (yet)
sed -i 's|Lineage |'"$DOS_BRANDING_NAME"' |' recovery.cpp; #not used (yet)