Various fixes from GrapheneOS

Signed-off-by: Tad <tad@spotco.us>
2025-02-03 02:40:07 -05:00 · 2022-09-13 09:57:57 -04:00 · 2022-09-13 09:57:57 -04:00 · ec42acceb6
commit ec42acceb6
parent 3b0c05fe7c
15 changed files with 397 additions and 2 deletions
--- a/Misc/Features/GrapheneOS.txt
+++ b/Misc/Features/GrapheneOS.txt
@ -1,7 +1,12 @@
+SQ3A.220705.004.2022081800
 RQ3A.211001.001.2021100606
 QQ3A.200805.001.2020.09.11.14
 PQ3B.190801.002.2019.08.25.15

+
+show crash details
+12 https://github.com/GrapheneOS/platform_frameworks_base/commit/e740f4b78344c5671d022dfe90bed9e2dacd3db6
+
 https time
 12 https://github.com/GrapheneOS/platform_frameworks_base/commit/1d4e3f495b7b544f6314f04243e9d47b3f8e7102
 12 https://github.com/GrapheneOS/platform_frameworks_base/commit/2c04a077ec9f3ac6857885199f49f4845b70ec2e
@ -107,6 +112,7 @@ nojit
 12 https://github.com/GrapheneOS/platform_packages_modules_Permission/commit/452c474dfae9a312f6e01db5b28de308dbb14cc2
 12 https://github.com/GrapheneOS/platform_packages_modules_Permission/commit/daed8c4e3ff8bf94a2a9aa319d32ec2ff5653c8f
 12 https://github.com/GrapheneOS/platform_frameworks_native/commit/dcef490d7cab7bb9f96f8bfe19a8779ac140b26d
+12 https://github.com/GrapheneOS/platform_frameworks_native/commit/69be2f0d12126cb8047671ed394aec3f7ff236e8
 12 https://github.com/GrapheneOS/platform_frameworks_base/commit/a949bd530bdbedf2078119a90a93d7c15bca6975
 11 https://github.com/GrapheneOS/platform_packages_modules_Permission/commit/d18b364558ca86fe3d9bbb643f7dc79d1a57aa5d
 11 https://github.com/GrapheneOS/platform_packages_modules_Permission/commit/cc9b673157996228e8096f83b993cce33a717e14
@ -122,6 +128,9 @@ nojit
 9 https://github.com/GrapheneOS/platform_frameworks_base/commit/899441075ddbfc945cff97e433c9e1c9d6bde7af

 [implemented] network permission
+12xhttps://github.com/GrapheneOS/platform_frameworks_base/commit/30370e36ac6945d4c837fb217ea747f66a6a7361
+12xhttps://github.com/GrapheneOS/platform_frameworks_base/commit/3dbe45681a043d44080e8c579e36a3a4562e75a1
+12xhttps://github.com/GrapheneOS/platform_frameworks_base/commit/fdf369f81209a9dea42ad0f4eff8e3912d48b8af
 12 https://github.com/GrapheneOS/platform_frameworks_base/commit/947744f753638c82775186a3876f2b2ffd7c0244
 12 https://github.com/GrapheneOS/platform_frameworks_base/commit/7f33d084d32a5f95f53d1919f92f5b14cd310d15
 12 https://github.com/GrapheneOS/platform_frameworks_base/commit/0a0fdab36ba9c582e9abafc6f42f4e761d1112b5
@ -135,6 +144,7 @@ nojit
 12 https://github.com/GrapheneOS/platform_packages_modules_Connectivity/commit/9c4a5ac0cb34b751dbd8cda9f75f21f39b566681
 12 https://github.com/GrapheneOS/platform_packages_modules_Connectivity/commit/dbf6ae4cd96450a21be0a4dd85fb5addeba67462
 12 https://github.com/GrapheneOS/platform_packages_modules_Connectivity/commit/34cded990ebd8da8c47cab88f0b1ef523a05d122
+12xhttps://github.com/GrapheneOS/platform_packages_modules_Connectivity/commit/4b0ab9a58728b59558d690582c39c84d5d8b5bf6
 12 https://github.com/GrapheneOS/platform_libcore/commit/7110daa77503720bbd2f233df53be90b742ce85a
 11 https://github.com/GrapheneOS/platform_packages_modules_Permission/commit/d4b073b2c17f382a4bc922c3f12dc3673e3d8472
 11 https://github.com/GrapheneOS/platform_packages_modules_Permission/commit/7396a2da80a06f1405b34370a9e2883dca57ba79
@ -165,6 +175,8 @@ nojit
 [implemented] always random mac
 12 https://github.com/GrapheneOS/platform_packages_apps_Settings/commit/2e67bc8b420752bec795235ab6d5c27d0956b017
 12 https://github.com/GrapheneOS/platform_packages_modules_Wifi/commit/9a9e6eb3232720776230eebd70ab9816d5127c53
+12 https://github.com/GrapheneOS/platform_packages_modules_Wifi/commit/8bd5c19549b782a23c44afe313c52fc3253b5024
+12 https://github.com/GrapheneOS/platform_packages_modules_Wifi/commit/ebbd3e73c6c460c95169200ca26779748e7abe38
 12 https://github.com/GrapheneOS/platform_packages_modules_NetworkStack/commit/dbc7cd419cdddcae2fc0c10d3cef6b8cdb31e2c4
 12 https://github.com/GrapheneOS/platform_frameworks_opt_net_wifi/commit/776beebd3d221740ac1b77d8535f745415d171a0
 11 https://github.com/GrapheneOS/platform_packages_apps_Settings/commit/9bc33b2f1a94c5b801f2c7078b996478cd4d11ac
@ -347,6 +359,7 @@ nojit
 12 https://github.com/GrapheneOS/platform_frameworks_base/commit/46b912e1646989a525b9f948711813beb445e9b6
 12 https://github.com/GrapheneOS/platform_frameworks_base/commit/067d641615de51032ee8e34d2939bcd4894c2e6d
 12 https://github.com/GrapheneOS/platform_frameworks_base/commit/8bc4887e3f0be372867537ae1e6b9bed86957412
+12 https://github.com/GrapheneOS/platform_frameworks_base/commit/88104aed9e07391d2479eee8d60c954cd01fa1d1
 12 https://github.com/GrapheneOS/platform_build/commit/8e01dd93f29aba79e15a211084582afd9681e8ab
 12 https://github.com/GrapheneOS/platform_libcore/commit/c5ee98157523315b3829d0158082433f8b9f96a3
 12 https://github.com/GrapheneOS/platform_libcore/commit/7f186c7a6745e1ce9e407e10782086fa35ef746e
--- a/Patches/LineageOS-15.1/android_external_expat/337988-backport.patch
+++ b/Patches/LineageOS-15.1/android_external_expat/337988-backport.patch
@ -1,7 +1,7 @@
 From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
 From: Sadaf Ebrahimi <sadafebrahimi@google.com>
 Date: Fri, 3 Jun 2022 03:40:21 +0000
-Subject: [PATCH 1/2] Prevent integer overflow in function doProlog
+Subject: [PATCH] Prevent integer overflow in function doProlog

 Bug: http://b/221256678
 Change-Id: I6fe381103f4eb287726d1ccb5bfec99db160ffe4
--- a/Patches/LineageOS-15.1/android_external_expat/337989-backport.patch
+++ b/Patches/LineageOS-15.1/android_external_expat/337989-backport.patch
@ -1,7 +1,7 @@
 From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
 From: Sadaf Ebrahimi <sadafebrahimi@google.com>
 Date: Wed, 15 Jun 2022 04:14:33 +0000
-Subject: [PATCH 2/2] Prevent more integer overflows
+Subject: [PATCH] Prevent more integer overflows

 Bug: http://b/219942275
 Change-Id: I7489f59564e0053a4a46bb8c362f7c36ab0b3c9d
--- a/Patches/LineageOS-16.0/android_frameworks_base/0010-Exec_Based_Spawning-11.patch
+++ b/Patches/LineageOS-16.0/android_frameworks_base/0010-Exec_Based_Spawning-11.patch
@ -0,0 +1,34 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Dmitry Muhomor <muhomor.dmitry@gmail.com>
+Date: Mon, 8 Aug 2022 18:42:19 +0300
+Subject: [PATCH] exec spawning: don't close the binder connection when the app
+ crashes
+
+When an unhandled exception occured, binder connections were closed with
+IPCThreadState::stopProcess() before the invocation of java.lang.Thread#dispatchUncaughtException().
+By default, that method tries to report the crash via ActivityManager#handleApplicationCrash(),
+which always failed due to the closed binder connection.
+This meant that the crash dialog was never shown and additional crash handling was skipped.
+
+Zygote-based spawning never calls IPCThreadState::stopProcess().
+---
+ cmds/app_process/app_main.cpp | 6 ++++--
+ 1 file changed, 4 insertions(+), 2 deletions(-)
+
+diff --git a/cmds/app_process/app_main.cpp b/cmds/app_process/app_main.cpp
+index 12083b6fe20b..4ca8b1e18431 100644
+--- a/cmds/app_process/app_main.cpp
+++ b/cmds/app_process/app_main.cpp
+@@ -85,8 +85,10 @@ public:
+         AndroidRuntime* ar = AndroidRuntime::getRuntime();
+         ar->callMain(mClassName, mClass, mArgs);
+ 
+-        IPCThreadState::self()->stopProcess();
+-        hardware::IPCThreadState::self()->stopProcess();
+        if (mClassName != "com.android.internal.os.ExecInit") {
+            IPCThreadState::self()->stopProcess();
+            hardware::IPCThreadState::self()->stopProcess();
+        }
+     }
+ 
+     virtual void onZygoteInit()
--- a/Patches/LineageOS-17.1/android_frameworks_base/0010-Exec_Based_Spawning-13.patch
+++ b/Patches/LineageOS-17.1/android_frameworks_base/0010-Exec_Based_Spawning-13.patch
@ -0,0 +1,34 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Dmitry Muhomor <muhomor.dmitry@gmail.com>
+Date: Mon, 8 Aug 2022 18:42:19 +0300
+Subject: [PATCH] exec spawning: don't close the binder connection when the app
+ crashes
+
+When an unhandled exception occured, binder connections were closed with
+IPCThreadState::stopProcess() before the invocation of java.lang.Thread#dispatchUncaughtException().
+By default, that method tries to report the crash via ActivityManager#handleApplicationCrash(),
+which always failed due to the closed binder connection.
+This meant that the crash dialog was never shown and additional crash handling was skipped.
+
+Zygote-based spawning never calls IPCThreadState::stopProcess().
+---
+ cmds/app_process/app_main.cpp | 6 ++++--
+ 1 file changed, 4 insertions(+), 2 deletions(-)
+
+diff --git a/cmds/app_process/app_main.cpp b/cmds/app_process/app_main.cpp
+index 12083b6fe20b..4ca8b1e18431 100644
+--- a/cmds/app_process/app_main.cpp
+++ b/cmds/app_process/app_main.cpp
+@@ -85,8 +85,10 @@ public:
+         AndroidRuntime* ar = AndroidRuntime::getRuntime();
+         ar->callMain(mClassName, mClass, mArgs);
+ 
+-        IPCThreadState::self()->stopProcess();
+-        hardware::IPCThreadState::self()->stopProcess();
+        if (mClassName != "com.android.internal.os.ExecInit") {
+            IPCThreadState::self()->stopProcess();
+            hardware::IPCThreadState::self()->stopProcess();
+        }
+     }
+ 
+     virtual void onZygoteInit()
--- a/Patches/LineageOS-18.1/android_frameworks_base/0018-Exec_Based_Spawning-13.patch
+++ b/Patches/LineageOS-18.1/android_frameworks_base/0018-Exec_Based_Spawning-13.patch
@ -0,0 +1,34 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Dmitry Muhomor <muhomor.dmitry@gmail.com>
+Date: Mon, 8 Aug 2022 18:42:19 +0300
+Subject: [PATCH] exec spawning: don't close the binder connection when the app
+ crashes
+
+When an unhandled exception occured, binder connections were closed with
+IPCThreadState::stopProcess() before the invocation of java.lang.Thread#dispatchUncaughtException().
+By default, that method tries to report the crash via ActivityManager#handleApplicationCrash(),
+which always failed due to the closed binder connection.
+This meant that the crash dialog was never shown and additional crash handling was skipped.
+
+Zygote-based spawning never calls IPCThreadState::stopProcess().
+---
+ cmds/app_process/app_main.cpp | 6 ++++--
+ 1 file changed, 4 insertions(+), 2 deletions(-)
+
+diff --git a/cmds/app_process/app_main.cpp b/cmds/app_process/app_main.cpp
+index 12083b6fe20b..4ca8b1e18431 100644
+--- a/cmds/app_process/app_main.cpp
+++ b/cmds/app_process/app_main.cpp
+@@ -85,8 +85,10 @@ public:
+         AndroidRuntime* ar = AndroidRuntime::getRuntime();
+         ar->callMain(mClassName, mClass, mArgs);
+ 
+-        IPCThreadState::self()->stopProcess();
+-        hardware::IPCThreadState::self()->stopProcess();
+        if (mClassName != "com.android.internal.os.ExecInit") {
+            IPCThreadState::self()->stopProcess();
+            hardware::IPCThreadState::self()->stopProcess();
+        }
+     }
+ 
+     virtual void onZygoteInit()
--- a/Patches/LineageOS-19.1/android_frameworks_base/0018-Exec_Based_Spawning-13.patch
+++ b/Patches/LineageOS-19.1/android_frameworks_base/0018-Exec_Based_Spawning-13.patch
@ -0,0 +1,34 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Dmitry Muhomor <muhomor.dmitry@gmail.com>
+Date: Mon, 8 Aug 2022 18:42:19 +0300
+Subject: [PATCH] exec spawning: don't close the binder connection when the app
+ crashes
+
+When an unhandled exception occured, binder connections were closed with
+IPCThreadState::stopProcess() before the invocation of java.lang.Thread#dispatchUncaughtException().
+By default, that method tries to report the crash via ActivityManager#handleApplicationCrash(),
+which always failed due to the closed binder connection.
+This meant that the crash dialog was never shown and additional crash handling was skipped.
+
+Zygote-based spawning never calls IPCThreadState::stopProcess().
+---
+ cmds/app_process/app_main.cpp | 6 ++++--
+ 1 file changed, 4 insertions(+), 2 deletions(-)
+
+diff --git a/cmds/app_process/app_main.cpp b/cmds/app_process/app_main.cpp
+index 12083b6fe20b..4ca8b1e18431 100644
+--- a/cmds/app_process/app_main.cpp
+++ b/cmds/app_process/app_main.cpp
+@@ -85,8 +85,10 @@ public:
+         AndroidRuntime* ar = AndroidRuntime::getRuntime();
+         ar->callMain(mClassName, mClass, mArgs);
+ 
+-        IPCThreadState::self()->stopProcess();
+-        hardware::IPCThreadState::self()->stopProcess();
+        if (mClassName != "com.android.internal.os.ExecInit") {
+            IPCThreadState::self()->stopProcess();
+            hardware::IPCThreadState::self()->stopProcess();
+        }
+     }
+ 
+     virtual void onZygoteInit()
--- a/Patches/LineageOS-19.1/android_frameworks_native/0001-Sensors_Permission-a1.patch
+++ b/Patches/LineageOS-19.1/android_frameworks_native/0001-Sensors_Permission-a1.patch
@ -0,0 +1,54 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Dmitry Muhomor <muhomor.dmitry@gmail.com>
+Date: Sun, 24 Jul 2022 13:07:00 +0300
+Subject: [PATCH] protect step sensors with OTHER_SENSORS permission for
+ targetSdk<29 apps
+
+---
+ services/sensorservice/SensorService.cpp | 24 +++++++++++++++---------
+ 1 file changed, 15 insertions(+), 9 deletions(-)
+
+diff --git a/services/sensorservice/SensorService.cpp b/services/sensorservice/SensorService.cpp
+index bdbae7b1ec..e1f0300407 100644
+--- a/services/sensorservice/SensorService.cpp
+++ b/services/sensorservice/SensorService.cpp
+@@ -1938,17 +1938,9 @@ bool SensorService::canAccessSensor(const Sensor& sensor, const char* operation,
+     }
+ 
+     const int32_t opCode = sensor.getRequiredAppOp();
+-    int targetSdkVersion = getTargetSdkVersion(opPackageName);
+ 
+     bool canAccess = false;
+-    if (targetSdkVersion > 0 && targetSdkVersion <= __ANDROID_API_P__ &&
+-            (sensor.getType() == SENSOR_TYPE_STEP_COUNTER ||
+-             sensor.getType() == SENSOR_TYPE_STEP_DETECTOR)) {
+-        // Allow access to step sensors if the application targets pre-Q, which is before the
+-        // requirement to hold the AR permission to access Step Counter and Step Detector events
+-        // was introduced.
+-        canAccess = true;
+-    } else if (hasPermissionForSensor(sensor)) {
+    if (hasPermissionForSensor(sensor)) {
+         // Ensure that the AppOp is allowed, or that there is no necessary app op for the sensor
+         if (opCode >= 0) {
+             const int32_t appOpMode = sAppOpsManager.checkOp(opCode,
+@@ -1957,6 +1949,20 @@ bool SensorService::canAccessSensor(const Sensor& sensor, const char* operation,
+         } else {
+             canAccess = true;
+         }
+    } else {
+        int targetSdkVersion = getTargetSdkVersion(opPackageName);
+        if (targetSdkVersion > 0 && targetSdkVersion <= __ANDROID_API_P__ &&
+            (sensor.getType() == SENSOR_TYPE_STEP_COUNTER ||
+             sensor.getType() == SENSOR_TYPE_STEP_DETECTOR)) {
+
+            // upstream allows access to these sensors without the ACTIVITY_RECOGNITION permission
+            // for targetSdk < 29 apps, enforce the OTHER_SENSORS permission instead
+            const String16 requiredPermission("android.permission.OTHER_SENSORS");
+
+            // copied from hasPermissionForSensor() below
+            canAccess = checkPermission(requiredPermission,
+                IPCThreadState::self()->getCallingPid(), IPCThreadState::self()->getCallingUid());
+         }
+     }
+ 
+     if (!canAccess) {
--- a/Patches/LineageOS-19.1/android_packages_modules_Connectivity/0001-Network_Permission-4.patch
+++ b/Patches/LineageOS-19.1/android_packages_modules_Connectivity/0001-Network_Permission-4.patch
@ -0,0 +1,48 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Dmitry Muhomor <muhomor.dmitry@gmail.com>
+Date: Fri, 29 Jul 2022 20:45:30 +0300
+Subject: [PATCH] bugfix: reportNetworkConnectivity() wasn't switched to
+ isInternetCompatEnabled()
+
+---
+ framework/src/android/net/ConnectivityManager.java | 11 +++++------
+ 1 file changed, 5 insertions(+), 6 deletions(-)
+
+diff --git a/framework/src/android/net/ConnectivityManager.java b/framework/src/android/net/ConnectivityManager.java
+index 8857b7996..0fa34a46b 100644
+--- a/framework/src/android/net/ConnectivityManager.java
+++ b/framework/src/android/net/ConnectivityManager.java
+@@ -25,7 +25,6 @@ import static android.net.NetworkRequest.Type.TRACK_DEFAULT;
+ import static android.net.NetworkRequest.Type.TRACK_SYSTEM_DEFAULT;
+ import static android.net.QosCallback.QosCallbackRegistrationException;
+ 
+-import android.Manifest;
+ import android.annotation.CallbackExecutor;
+ import android.annotation.IntDef;
+ import android.annotation.NonNull;
+@@ -43,7 +42,7 @@ import android.compat.annotation.UnsupportedAppUsage;
+ import android.content.ComponentName;
+ import android.content.Context;
+ import android.content.Intent;
+-import android.content.pm.PackageManager;
+import android.content.pm.SpecialRuntimePermAppUtils;
+ import android.net.ConnectivityDiagnosticsManager.DataStallReport.DetectionMethod;
+ import android.net.IpSecManager.UdpEncapsulationSocket;
+ import android.net.SocketKeepalive.Callback;
+@@ -3141,12 +3140,12 @@ public class ConnectivityManager {
+      */
+     public void reportNetworkConnectivity(@Nullable Network network, boolean hasConnectivity) {
+         printStackTrace();
+-        if (mContext.checkSelfPermission(Manifest.permission.INTERNET) != PackageManager.PERMISSION_GRANTED) {
+-            // ConnectivityService enforces this by throwing an unexpected SecurityException,
+-            // which puts GMS into a crash loop. Also useful for other apps that don't expect that
+-            // INTERNET permission might get revoked.
+
+        if (SpecialRuntimePermAppUtils.isInternetCompatEnabled()) {
+            // caller doesn't have INTERNET, but expects to always have it
+             return;
+         }
+
+         try {
+             mService.reportNetworkConnectivity(network, hasConnectivity);
+         } catch (RemoteException e) {
--- a/Patches/LineageOS-19.1/android_packages_modules_Wifi/0001-Random_MAC-a1.patch
+++ b/Patches/LineageOS-19.1/android_packages_modules_Wifi/0001-Random_MAC-a1.patch
@ -0,0 +1,98 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: xshu <xshu@google.com>
+Date: Thu, 4 Nov 2021 16:51:09 +0800
+Subject: [PATCH 1/2] Fix MAC address leak after SSR
+
+Re-randomize MAC at interface up if the previous attempt to re-randomize
+failed.
+
+Bug: 197776883
+Test: atest com.android.server.wifi
+Change-Id: Ifffec40276171583f07868b81098bc7d17288ae1
+CRs-Fixed: 3011538
+(Cherry-picked from 85daf5384212f7892ca72a924e14298b2fade1c7)
+---
+ .../android/server/wifi/ClientModeImpl.java   | 34 ++++++++++++++++---
+ .../wifi/ConcreteClientModeManager.java       |  3 ++
+ 2 files changed, 32 insertions(+), 5 deletions(-)
+
+diff --git a/service/java/com/android/server/wifi/ClientModeImpl.java b/service/java/com/android/server/wifi/ClientModeImpl.java
+index cff2c0258..cacfeb874 100644
+--- a/service/java/com/android/server/wifi/ClientModeImpl.java
+++ b/service/java/com/android/server/wifi/ClientModeImpl.java
+@@ -249,6 +249,7 @@ public class ClientModeImpl extends StateMachine implements ClientMode {
+     private final String mInterfaceName;
+     private final ConcreteClientModeManager mClientModeManager;
+ 
+    private boolean mFailedToResetMacAddress = false;
+     private int mLastSignalLevel = -1;
+     private int mLastTxKbps = -1;
+     private int mLastRxKbps = -1;
+@@ -1201,6 +1202,27 @@ public class ClientModeImpl extends StateMachine implements ClientMode {
+         return sb.toString();
+     }
+ 
+    /**
+     * receives changes in the interface up/down events for the interface associated with this
+     * ClientModeImpl. This is expected to be called from the ClientModeManager running on the
+     * wifi handler thread.
+     */
+    public void onUpChanged(boolean isUp) {
+        if (isUp && mFailedToResetMacAddress) {
+            // When the firmware does a subsystem restart, wifi will disconnect but we may fail to
+            // re-randomize the MAC address of the interface since it's undergoing recovery. Thus,
+            // check every time the interface goes up and re-randomize if the failure was detected.
+            if (mWifiGlobals.isConnectedMacRandomizationEnabled()) {
+                mFailedToResetMacAddress = !mWifiNative.setStaMacAddress(
+                        mInterfaceName, MacAddressUtils.createRandomUnicastAddress());
+                if (mFailedToResetMacAddress) {
+                    Log.e(getTag(), "Failed to set random MAC address on interface up");
+                }
+            }
+        }
+        // No need to handle interface down since it's already handled in the ClientModeManager.
+    }
+
+     public WifiLinkLayerStats getWifiLinkLayerStats() {
+         if (mInterfaceName == null) {
+             loge("getWifiLinkLayerStats called without an interface");
+@@ -3205,9 +3227,10 @@ public class ClientModeImpl extends StateMachine implements ClientMode {
+         mLastSimBasedConnectionCarrierName = null;
+         mLastSignalLevel = -1;
+         if (mWifiGlobals.isConnectedMacRandomizationEnabled()) {
+-            if (!mWifiNative.setStaMacAddress(
+-                    mInterfaceName, MacAddressUtils.createRandomUnicastAddress())) {
+-                Log.e(getTag(), "Failed to set random MAC address on bootup");
+            mFailedToResetMacAddress = !mWifiNative.setStaMacAddress(
+                    mInterfaceName, MacAddressUtils.createRandomUnicastAddress());
+            if (mFailedToResetMacAddress) {
+                Log.e(getTag(), "Failed to set random MAC address on ClientMode creation");
+             }
+         }
+         mWifiInfo.setMacAddress(mWifiNative.getMacAddress(mInterfaceName));
+@@ -4253,8 +4276,9 @@ public class ClientModeImpl extends StateMachine implements ClientMode {
+             // 2. Set a random MAC address to ensure that we're not leaking the MAC address.
+             mWifiNative.disableNetwork(mInterfaceName);
+             if (mWifiGlobals.isConnectedMacRandomizationEnabled()) {
+-                if (!mWifiNative.setStaMacAddress(
+-                        mInterfaceName, MacAddressUtils.createRandomUnicastAddress())) {
+                mFailedToResetMacAddress = !mWifiNative.setStaMacAddress(
+                        mInterfaceName, MacAddressUtils.createRandomUnicastAddress());
+                if (mFailedToResetMacAddress) {
+                     Log.e(getTag(), "Failed to set random MAC address on disconnect");
+                 }
+             }
+diff --git a/service/java/com/android/server/wifi/ConcreteClientModeManager.java b/service/java/com/android/server/wifi/ConcreteClientModeManager.java
+index 1e6d63d31..0c6183d58 100644
+--- a/service/java/com/android/server/wifi/ConcreteClientModeManager.java
+++ b/service/java/com/android/server/wifi/ConcreteClientModeManager.java
+@@ -856,6 +856,9 @@ public class ConcreteClientModeManager implements ClientModeManager {
+                     Log.d(getTag(), "interface down!");
+                     mStateMachine.sendMessage(CMD_INTERFACE_DOWN);
+                 }
+                if (mClientModeImpl != null) {
+                    mClientModeImpl.onUpChanged(isUp);
+                }
+             }
+ 
+             @Override
--- a/Patches/LineageOS-19.1/android_packages_modules_Wifi/0001-Random_MAC-a2.patch
+++ b/Patches/LineageOS-19.1/android_packages_modules_Wifi/0001-Random_MAC-a2.patch
@ -0,0 +1,38 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Khanjan Desai <khanjan@codeaurora.org>
+Date: Fri, 9 Jul 2021 22:24:50 +0530
+Subject: [PATCH 2/2] WifiService: Capture BackendBusyException in
+ MacRandomization
+
+While obtaining hash for Mac Randomization, the framework is
+rebooting due to BackendBusyException.
+
+Added cache for BackendBusyException to avoid reboot.
+
+Change-Id: I7bb606f00e311e4435e30dd86cb77d3507e38627
+CRs-Fixed: 2987402
+---
+ service/java/com/android/server/wifi/MacAddressUtil.java | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/service/java/com/android/server/wifi/MacAddressUtil.java b/service/java/com/android/server/wifi/MacAddressUtil.java
+index 3ea265491..b6526ccf4 100644
+--- a/service/java/com/android/server/wifi/MacAddressUtil.java
+++ b/service/java/com/android/server/wifi/MacAddressUtil.java
+@@ -26,6 +26,7 @@ import java.nio.ByteBuffer;
+ import java.nio.charset.StandardCharsets;
+ import java.security.InvalidAlgorithmParameterException;
+ import java.security.InvalidKeyException;
+import android.security.keystore.BackendBusyException;
+ import java.security.Key;
+ import java.security.KeyStore;
+ import java.security.KeyStoreException;
+@@ -101,7 +102,7 @@ public class MacAddressUtil {
+             result.init(key);
+             return result;
+         } catch (KeyStoreException | NoSuchAlgorithmException | InvalidKeyException
+-                | UnrecoverableKeyException | NoSuchProviderException e) {
+                | UnrecoverableKeyException | NoSuchProviderException | BackendBusyException e) {
+             Log.e(TAG, "Failure in obtainMacRandHashFunction", e);
+             return null;
+         }
--- a/Scripts/LineageOS-16.0/Patch.sh
+++ b/Scripts/LineageOS-16.0/Patch.sh
@ -163,6 +163,7 @@ applyPatch "$DOS_PATCHES/android_frameworks_base/0010-Exec_Based_Spawning-7.patc
 applyPatch "$DOS_PATCHES/android_frameworks_base/0010-Exec_Based_Spawning-8.patch";
 applyPatch "$DOS_PATCHES/android_frameworks_base/0010-Exec_Based_Spawning-9.patch";
 applyPatch "$DOS_PATCHES/android_frameworks_base/0010-Exec_Based_Spawning-10.patch";
+applyPatch "$DOS_PATCHES/android_frameworks_base/0010-Exec_Based_Spawning-11.patch";
 sed -i 's/sys.spawn.exec/persist.security.exec_spawn_new/' core/java/com/android/internal/os/ZygoteConnection.java;
 fi;
 applyPatch "$DOS_PATCHES_COMMON/android_frameworks_base/0003-SUPL_No_IMSI.patch"; #Don't send IMSI to SUPL (MSe1969)
--- a/Scripts/LineageOS-17.1/Patch.sh
+++ b/Scripts/LineageOS-17.1/Patch.sh
@ -148,6 +148,7 @@ applyPatch "$DOS_PATCHES/android_frameworks_base/0010-Exec_Based_Spawning-9.patc
 applyPatch "$DOS_PATCHES/android_frameworks_base/0010-Exec_Based_Spawning-10.patch";
 applyPatch "$DOS_PATCHES/android_frameworks_base/0010-Exec_Based_Spawning-11.patch";
 applyPatch "$DOS_PATCHES/android_frameworks_base/0010-Exec_Based_Spawning-12.patch";
+applyPatch "$DOS_PATCHES/android_frameworks_base/0010-Exec_Based_Spawning-13.patch";
 sed -i 's/sys.spawn.exec/persist.security.exec_spawn_new/' core/java/com/android/internal/os/ZygoteConnection.java;
 fi;
 applyPatch "$DOS_PATCHES/android_frameworks_base/0003-SUPL_No_IMSI.patch"; #Don't send IMSI to SUPL (MSe1969)
--- a/Scripts/LineageOS-18.1/Patch.sh
+++ b/Scripts/LineageOS-18.1/Patch.sh
@ -157,6 +157,7 @@ applyPatch "$DOS_PATCHES/android_frameworks_base/0018-Exec_Based_Spawning-9.patc
 applyPatch "$DOS_PATCHES/android_frameworks_base/0018-Exec_Based_Spawning-10.patch";
 applyPatch "$DOS_PATCHES/android_frameworks_base/0018-Exec_Based_Spawning-11.patch";
 applyPatch "$DOS_PATCHES/android_frameworks_base/0018-Exec_Based_Spawning-12.patch";
+applyPatch "$DOS_PATCHES/android_frameworks_base/0018-Exec_Based_Spawning-13.patch";
 sed -i 's/sys.spawn.exec/persist.security.exec_spawn_new/' core/java/com/android/internal/os/ZygoteConnection.java;
 fi;
 applyPatch "$DOS_PATCHES/android_frameworks_base/0019-Random_MAC.patch"; #Add option of always randomizing MAC addresses (GrapheneOS)
--- a/Scripts/LineageOS-19.1/Patch.sh
+++ b/Scripts/LineageOS-19.1/Patch.sh
@ -157,6 +157,7 @@ applyPatch "$DOS_PATCHES/android_frameworks_base/0018-Exec_Based_Spawning-9.patc
 applyPatch "$DOS_PATCHES/android_frameworks_base/0018-Exec_Based_Spawning-10.patch";
 applyPatch "$DOS_PATCHES/android_frameworks_base/0018-Exec_Based_Spawning-11.patch";
 applyPatch "$DOS_PATCHES/android_frameworks_base/0018-Exec_Based_Spawning-12.patch";
+applyPatch "$DOS_PATCHES/android_frameworks_base/0018-Exec_Based_Spawning-13.patch";
 sed -i 's/sys.spawn.exec/persist.security.exec_spawn_new/' core/java/com/android/internal/os/ZygoteConnection.java;
 fi;
 applyPatch "$DOS_PATCHES/android_frameworks_base/0020-Location_Indicators.patch"; #SystemUI: Use new privacy indicators for location (GrapheneOS)
@ -196,6 +197,7 @@ fi;

 if enterAndClear "frameworks/native"; then
 applyPatch "$DOS_PATCHES/android_frameworks_native/0001-Sensors_Permission.patch"; #Require OTHER_SENSORS permission for sensors (GrapheneOS)
+applyPatch "$DOS_PATCHES/android_frameworks_native/0001-Sensors_Permission-a1.patch"; #Protect step sensors with OTHER_SENSORS permission for targetSdk<29 apps (GrapheneOS)
 fi;

 if [ "$DOS_DEBLOBBER_REMOVE_IMS" = true ]; then
@ -313,6 +315,7 @@ if enterAndClear "packages/modules/Connectivity"; then
 applyPatch "$DOS_PATCHES/android_packages_modules_Connectivity/0001-Network_Permission-1.patch"; #Add callback for enforcing INTERNET permission changes (GrapheneOS)
 applyPatch "$DOS_PATCHES/android_packages_modules_Connectivity/0001-Network_Permission-2.patch"; #Use uid instead of app id (GrapheneOS)
 applyPatch "$DOS_PATCHES/android_packages_modules_Connectivity/0001-Network_Permission-3.patch"; #Skip reportNetworkConnectivity() when permission is revoked (GrapheneOS)
+#applyPatch "$DOS_PATCHES/android_packages_modules_Connectivity/0001-Network_Permission-4.patch"; #bugfix: reportNetworkConnectivity() wasn't switched to isInternetCompatEnabled() (GrapheneOS)
 applyPatch "$DOS_PATCHES/android_packages_modules_Connectivity/0002-Private_DNS.patch"; #More 'Private DNS' options (heavily based off of a CalyxOS patch)
 fi;

@ -341,6 +344,8 @@ fi;

 if enterAndClear "packages/modules/Wifi"; then
 applyPatch "$DOS_PATCHES/android_packages_modules_Wifi/0001-Random_MAC.patch"; #Add support for always generating new random MAC (GrapheneOS)
+applyPatch "$DOS_PATCHES/android_packages_modules_Wifi/0001-Random_MAC-a1.patch"; #Fix MAC address leak after SSR (AOSP)
+applyPatch "$DOS_PATCHES/android_packages_modules_Wifi/0001-Random_MAC-a2.patch"; #WifiService: Capture BackendBusyException in MacRandomization (CodeAurora)
 fi;

 if enterAndClear "packages/providers/DownloadProvider"; then