Changes for January 2023, syncing up to 20230104
This commit is contained in:
Andy CrossGate Yan
@@ -1,7 +1,7 @@
|
||||
From 33bd59e348d95f59265fad3abb72e27038f5222f Mon Sep 17 00:00:00 2001
|
||||
From 05f4b920214c3d4145ca39d2c4334dc68c8faecb Mon Sep 17 00:00:00 2001
|
||||
From: Andy CrossGate Yan <GeForce8800Ultra@gmail.com>
|
||||
Date: Sun, 8 Aug 2021 01:43:40 +0000
|
||||
Subject: [PATCH 1/6] treble: Lineage-ify
|
||||
Subject: [PATCH 1/7] treble: Lineage-ify
|
||||
|
||||
Squash of:
|
||||
- Proper target names
|
||||
@@ -29,7 +29,7 @@ index 6a317e4..e69de29 100644
|
||||
-PRODUCT_COPY_FILES += \
|
||||
- device/sample/etc/apns-full-conf.xml:system/etc/apns-conf.xml
|
||||
diff --git a/base.mk b/base.mk
|
||||
index ce2f218..48b2ccb 100644
|
||||
index 5d4ed0b..6097e3d 100644
|
||||
--- a/base.mk
|
||||
+++ b/base.mk
|
||||
@@ -17,12 +17,14 @@ PRODUCT_COPY_FILES += \
|
||||
@@ -52,10 +52,10 @@ index ce2f218..48b2ccb 100644
|
||||
|
||||
$(call inherit-product, vendor/hardware_overlay/overlay.mk)
|
||||
$(call inherit-product, $(SRC_TARGET_DIR)/product/core_64_bit.mk)
|
||||
@@ -39,11 +41,11 @@ PRODUCT_SYSTEM_DEFAULT_PROPERTIES += \
|
||||
ro.build.version.security_patch=$(PLATFORM_SECURITY_PATCH) \
|
||||
@@ -40,11 +42,11 @@ PRODUCT_SYSTEM_DEFAULT_PROPERTIES += \
|
||||
ro.adb.secure=0 \
|
||||
ro.logd.auditd=true
|
||||
ro.logd.auditd=true \
|
||||
ro.logd.kernel=true \
|
||||
-
|
||||
+
|
||||
#Huawei HiSuite (also other OEM custom programs I guess) it's of no use in AOSP builds
|
||||
@@ -67,7 +67,7 @@ index ce2f218..48b2ccb 100644
|
||||
#VNDK config files
|
||||
PRODUCT_COPY_FILES += \
|
||||
diff --git a/generate.sh b/generate.sh
|
||||
index fac8208..2160786 100644
|
||||
index 9c20eb5..89fa88b 100644
|
||||
--- a/generate.sh
|
||||
+++ b/generate.sh
|
||||
@@ -54,7 +54,7 @@ for part in a ab;do
|
||||
@@ -176,7 +176,7 @@ index 0000000..8df673a
|
||||
+ <integer name="config_deviceHardwareWakeKeys">127</integer>
|
||||
+</resources>
|
||||
diff --git a/overlay/frameworks/base/core/res/res/values/config.xml b/overlay/frameworks/base/core/res/res/values/config.xml
|
||||
index 0bc3350..045f4b3 100644
|
||||
index 479bff7..964524c 100644
|
||||
--- a/overlay/frameworks/base/core/res/res/values/config.xml
|
||||
+++ b/overlay/frameworks/base/core/res/res/values/config.xml
|
||||
@@ -22,7 +22,6 @@
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
From 1d807ba01f00a2b2be96f3e0b06c31f0b68852aa Mon Sep 17 00:00:00 2001
|
||||
From 53244ebbb4a2da9fbcf02834f40b8083549e3ca7 Mon Sep 17 00:00:00 2001
|
||||
From: Andy CrossGate Yan <GeForce8800Ultra@gmail.com>
|
||||
Date: Sun, 8 Aug 2021 09:29:32 +0000
|
||||
Subject: [PATCH 2/6] treble: Set BOARD_EXT4_SHARE_DUP_BLOCKS explicitly
|
||||
Subject: [PATCH 2/7] treble: Set BOARD_EXT4_SHARE_DUP_BLOCKS explicitly
|
||||
|
||||
Change-Id: I725443154fabde548d2e6c1b072d34c27596c421
|
||||
---
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
From a5d17b7fb89bc838b39e642952e897f3ee042e1a Mon Sep 17 00:00:00 2001
|
||||
From 515176d3ca472dd8ffe122ebf91af4ecc5533c3f Mon Sep 17 00:00:00 2001
|
||||
From: Andy CrossGate Yan <GeForce8800Ultra@gmail.com>
|
||||
Date: Wed, 20 Oct 2021 11:30:25 +0000
|
||||
Subject: [PATCH 3/6] treble: Set TARGET_NO_KERNEL_OVERRIDE
|
||||
Subject: [PATCH 3/7] treble: Set TARGET_NO_KERNEL_OVERRIDE
|
||||
|
||||
Taken from Lineage generic targets - skips building kernel cleanly
|
||||
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
From bd8cc570c61789a9df881bd60f53d03bd73d974d Mon Sep 17 00:00:00 2001
|
||||
From 027b59c5b6d68570be7025632f985d8569f6dc85 Mon Sep 17 00:00:00 2001
|
||||
From: Andy CrossGate Yan <GeForce8800Ultra@gmail.com>
|
||||
Date: Tue, 11 Oct 2022 11:29:02 +0000
|
||||
Subject: [PATCH 4/6] treble: Enable call recording
|
||||
Subject: [PATCH 4/7] treble: Enable call recording
|
||||
|
||||
Change-Id: I57ca3604363547419a566b37b5151b6b30c46d28
|
||||
---
|
||||
|
||||
@@ -1,43 +0,0 @@
|
||||
From efd5867e8b259b885d3dab87704e038f71eb6d86 Mon Sep 17 00:00:00 2001
|
||||
From: Andy CrossGate Yan <GeForce8800Ultra@gmail.com>
|
||||
Date: Sat, 5 Nov 2022 23:44:33 +0000
|
||||
Subject: [PATCH 5/6] treble: Integrally secure *N builds
|
||||
|
||||
Change-Id: I22b5f746cb88a5fa4059595a8daa693d9adca979
|
||||
---
|
||||
generate.sh | 5 +++++
|
||||
1 file changed, 5 insertions(+)
|
||||
|
||||
diff --git a/generate.sh b/generate.sh
|
||||
index 2160786..f64ea84 100644
|
||||
--- a/generate.sh
|
||||
+++ b/generate.sh
|
||||
@@ -23,6 +23,7 @@ for part in a ab;do
|
||||
apps_name=""
|
||||
extra_packages=""
|
||||
vndk="vndk.mk"
|
||||
+ secure=""
|
||||
optional_base=""
|
||||
if [ "$apps" == "gapps" ];then
|
||||
apps_suffix="g"
|
||||
@@ -55,6 +56,8 @@ for part in a ab;do
|
||||
if [ "$su" == "yes" ];then
|
||||
su_suffix='S'
|
||||
extra_packages+=' phh-su me.phh.superuser su'
|
||||
+ else
|
||||
+ secure='PRODUCT_COPY_FILES += device/phh/treble/empty:system/phh/secure'
|
||||
fi
|
||||
|
||||
part_suffix='a'
|
||||
@@ -96,6 +99,8 @@ PRODUCT_CHARACTERISTICS := device
|
||||
|
||||
PRODUCT_PACKAGES += $extra_packages
|
||||
|
||||
+$secure
|
||||
+
|
||||
EOF
|
||||
echo -e '\t$(LOCAL_DIR)/'$target.mk '\' >> AndroidProducts.mk
|
||||
done
|
||||
--
|
||||
2.25.1
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
From 667aa0b0c11f18bb8b0f5aeda31e186c0a1fc60d Mon Sep 17 00:00:00 2001
|
||||
From b77fda8daa3632ef92f3299180506bcbd7c53189 Mon Sep 17 00:00:00 2001
|
||||
From: Andy CrossGate Yan <GeForce8800Ultra@gmail.com>
|
||||
Date: Sat, 5 Nov 2022 23:49:11 +0000
|
||||
Subject: [PATCH 6/6] treble: Switch to MindTheGapps
|
||||
Subject: [PATCH 5/7] treble: Switch to MindTheGapps
|
||||
|
||||
Change-Id: I1b80d4c5176cbf4af21d147c71b0abce6027c7c7
|
||||
---
|
||||
@@ -9,10 +9,10 @@ Change-Id: I1b80d4c5176cbf4af21d147c71b0abce6027c7c7
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/generate.sh b/generate.sh
|
||||
index f64ea84..b0d6d41 100644
|
||||
index 89fa88b..d847430 100644
|
||||
--- a/generate.sh
|
||||
+++ b/generate.sh
|
||||
@@ -27,7 +27,7 @@ for part in a ab;do
|
||||
@@ -26,7 +26,7 @@ for part in a ab;do
|
||||
optional_base=""
|
||||
if [ "$apps" == "gapps" ];then
|
||||
apps_suffix="g"
|
||||
@@ -0,0 +1,36 @@
|
||||
From 2a9382e9a122f3a34adfed4da687e2bf23383d58 Mon Sep 17 00:00:00 2001
|
||||
From: Andy CrossGate Yan <GeForce8800Ultra@gmail.com>
|
||||
Date: Tue, 22 Nov 2022 00:36:15 +0000
|
||||
Subject: [PATCH 6/7] treble: Stop securing ADB
|
||||
|
||||
Seems to kill USB Debugging altogether on certain devices,
|
||||
and unrelated to SN anyway
|
||||
Build-time macro coupled with vendor/lineage might do better...
|
||||
|
||||
Change-Id: I0215b3ed970dd53a124f48e30ca2cf4b0c6d2899
|
||||
---
|
||||
rw-system.sh | 4 ----
|
||||
1 file changed, 4 deletions(-)
|
||||
|
||||
diff --git a/rw-system.sh b/rw-system.sh
|
||||
index 42d315f..798e5e3 100644
|
||||
--- a/rw-system.sh
|
||||
+++ b/rw-system.sh
|
||||
@@ -764,14 +764,10 @@ if [ -f /system/phh/secure ] || [ -f /metadata/phh/secure ];then
|
||||
resetprop_phh ro.boot.veritymode enforcing
|
||||
resetprop_phh ro.boot.warranty_bit 0
|
||||
resetprop_phh ro.warranty_bit 0
|
||||
- resetprop_phh ro.debuggable 0
|
||||
resetprop_phh ro.secure 1
|
||||
resetprop_phh ro.build.type user
|
||||
resetprop_phh ro.build.selinux 0
|
||||
|
||||
- resetprop_phh ro.adb.secure 1
|
||||
- setprop ctl.restart adbd
|
||||
-
|
||||
# Hide system/xbin/su
|
||||
mount /mnt/phh/empty_dir /system/xbin
|
||||
mount /mnt/phh/empty_dir /system/app/me.phh.superuser
|
||||
--
|
||||
2.25.1
|
||||
|
||||
@@ -0,0 +1,48 @@
|
||||
From f57a44efd56ca41a593e6d1ebb948f486960f714 Mon Sep 17 00:00:00 2001
|
||||
From: Andy CrossGate Yan <GeForce8800Ultra@gmail.com>
|
||||
Date: Thu, 29 Dec 2022 15:12:03 +0000
|
||||
Subject: [PATCH 7/7] treble: Securize on-demand
|
||||
|
||||
Status is stored in /metadata and controlled by persist prop
|
||||
|
||||
Change-Id: I8069b6f471ad87ab34c18b743689ab3584cee35b
|
||||
---
|
||||
phh-prop-handler.sh | 14 ++++++++++++++
|
||||
vndk.rc | 2 ++
|
||||
2 files changed, 16 insertions(+)
|
||||
|
||||
diff --git a/phh-prop-handler.sh b/phh-prop-handler.sh
|
||||
index 4371632..a8cea3f 100644
|
||||
--- a/phh-prop-handler.sh
|
||||
+++ b/phh-prop-handler.sh
|
||||
@@ -210,3 +210,17 @@ if [ "$1" == "persist.sys.phh.disable_soundvolume_effect" ];then
|
||||
restartAudio
|
||||
exit
|
||||
fi
|
||||
+
|
||||
+if [ "$1" == "persist.sys.phh.securize" ];then
|
||||
+ if [[ "$prop_value" != "true" && "$prop_value" != "false" ]]; then
|
||||
+ exit 1
|
||||
+ fi
|
||||
+
|
||||
+ if [[ "$prop_value" == "true" ]]; then
|
||||
+ mkdir /metadata/phh
|
||||
+ touch /metadata/phh/secure
|
||||
+ else
|
||||
+ rm /metadata/phh/secure
|
||||
+ fi
|
||||
+ exit
|
||||
+fi
|
||||
diff --git a/vndk.rc b/vndk.rc
|
||||
index d1fffde..7db62b7 100644
|
||||
--- a/vndk.rc
|
||||
+++ b/vndk.rc
|
||||
@@ -82,3 +82,5 @@ on property:sys.phh.uninstall-ota=true
|
||||
on property:ro.vendor.radio.default_network=*
|
||||
setprop ro.telephony.default_network ${ro.vendor.radio.default_network}
|
||||
|
||||
+on property:persist.sys.phh.securize=*
|
||||
+ exec u:r:phhsu_daemon:s0 root -- /system/bin/phh-prop-handler.sh "persist.sys.phh.securize"
|
||||
--
|
||||
2.25.1
|
||||
|
||||
Reference in New Issue
Block a user