PeterGSI/patches
1
0
Fork 1
Code Issues Pull requests Projects Releases Wiki Activity

[1/n] Android 14 port

Browse source
This commit is contained in:
Peter Cai 2023-10-07 19:15:00 -04:00
parent 34ba75d71f
commit ebc4ea1e26
14 changed files with 69 additions and 707 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
bionic/0001-Add-new-mechanism-to-fake-vendor-props-on-a-per-proc.patch
View file

@ -1,4 +1,4 @@
From ea0f283eec1e7750351302dbc2009fa905cef375 Mon Sep 17 00:00:00 2001
From ee3be511ddfa2474c7c5890cea4725e908996b9f Mon Sep 17 00:00:00 2001
From: Pierre-Hugues Husson <phh@phh.me>
Date: Sat, 19 Feb 2022 08:20:25 -0500
Subject: [PATCH] Add new mechanism to fake vendor props on a per-process basis
@ -132,5 +132,5 @@ index 1cb15c3df..40ff48bad 100644
static bool is_read_only(const char* name) {
--
2.40.0
2.41.0

10
frameworks/av/0002-APM-Optionally-force-load-audio-policy-for-system-si.patch → frameworks/av/0001-APM-Optionally-force-load-audio-policy-for-system-si.patch
View file

@ -1,7 +1,7 @@
From 5ae18168ff97d9e4eb66fc6dc8e087bd0ead8f31 Mon Sep 17 00:00:00 2001
From f8b9cb1d3cdf0274414bb7d100844d2707999558 Mon Sep 17 00:00:00 2001
From: Peter Cai <peter@typeblog.net>
Date: Wed, 24 Aug 2022 15:42:39 -0400
Subject: [PATCH 2/4] APM: Optionally force-load audio policy for system-side
Subject: [PATCH 1/2] APM: Optionally force-load audio policy for system-side
bt audio HAL
Required to support our system-side bt audio implementation, i.e.
@ -14,7 +14,7 @@ Change-Id: I279fff541a531f922f3fa55b8f14d00237db59ff
1 file changed, 25 insertions(+)
diff --git a/services/audiopolicy/common/managerdefinitions/src/Serializer.cpp b/services/audiopolicy/common/managerdefinitions/src/Serializer.cpp
index d446e9667b..f5233f2a42 100644
index 3d5c1d2e42..881c188e4c 100644
--- a/services/audiopolicy/common/managerdefinitions/src/Serializer.cpp
+++ b/services/audiopolicy/common/managerdefinitions/src/Serializer.cpp
@@ -25,6 +25,7 @@
@ -25,7 +25,7 @@ index d446e9667b..f5233f2a42 100644
#include <utils/Log.h>
#include <utils/StrongPointer.h>
#include <utils/Errors.h>
@@ -890,6 +891,30 @@ status_t PolicySerializer::deserialize(const char *configFile, AudioPolicyConfig
@@ -885,6 +886,30 @@ status_t PolicySerializer::deserialize(const char *configFile, AudioPolicyConfig
if (status != NO_ERROR) {
return status;
}
@ -57,5 +57,5 @@ index d446e9667b..f5233f2a42 100644
// Global Configuration
--
2.39.2
2.41.0

232
frameworks/av/0001-APM-Restore-S-R-and-Q-behavior-respectively-for-tele.patch
View file

@ -1,232 +0,0 @@
From f9be27ef60cd4ccca6803458ff29ee7a2236769c Mon Sep 17 00:00:00 2001
From: Peter Cai <peter@typeblog.net>
Date: Thu, 18 Aug 2022 15:44:46 -0400
Subject: [PATCH 1/4] APM: Restore S, R and Q behavior respectively for
telephony audio
This conditionally reverts part of b2e5cb (T), 51c9cc (S) and afd4ce (R)
when the VNDK version is equal to or before S, R and Q respectively.
On R, commit afd4ce made it so that both HW and SW bridging go through
`createAudioPatch()`, which is broken on some devices such as on MTK Q
vendor, because their HAL do not support HW patching via the newer
`createAudioPatch()` method. Instead, the patching on Q was done through
`setOutputDevices()`.
On S, commit 51c9cc refactored the related code again such that HW
bridging for the Rx direction is essentially removed, replaced with SW
bridging through `startAudioSource()`. This is, again, broken on MTK R
vendor devices.
On T, commit b2e5cb applied the same SW bridging to the Tx direction.
All of these commits rely on assumptions that are not tested through
VTS and just presumed to be true. Although we can blame MTK for not
supporting all the possible cases in their HAL, it will not fix
anything, and really frameworks code should not depend on such untested
assumptions.
To work around said issues, we restore old behavior from S, R and Q
relying on the value of `ro.vndk.version`.
Change-Id: I56d36d2aef4319935cb88a3e4771b23c6d5b2145
---
.../managerdefault/AudioPolicyManager.cpp | 103 ++++++++++++++++--
.../managerdefault/AudioPolicyManager.h | 3 +
2 files changed, 96 insertions(+), 10 deletions(-)
diff --git a/services/audiopolicy/managerdefault/AudioPolicyManager.cpp b/services/audiopolicy/managerdefault/AudioPolicyManager.cpp
index 4573382a06..c218c7ce2d 100644
--- a/services/audiopolicy/managerdefault/AudioPolicyManager.cpp
+++ b/services/audiopolicy/managerdefault/AudioPolicyManager.cpp
@@ -675,6 +675,17 @@ status_t AudioPolicyManager::updateCallRoutingInternal(
disconnectTelephonyAudioSource(mCallRxSourceClient);
disconnectTelephonyAudioSource(mCallTxSourceClient);
+ // release existing RX patch if any
+ if (mCallRxPatch != 0) {
+ releaseAudioPatchInternal(mCallRxPatch->getHandle());
+ mCallRxPatch.clear();
+ }
+ // release TX patch if any
+ if (mCallTxPatch != 0) {
+ releaseAudioPatchInternal(mCallTxPatch->getHandle());
+ mCallTxPatch.clear();
+ }
+
auto telephonyRxModule =
mHwModules.getModuleForDeviceType(AUDIO_DEVICE_IN_TELEPHONY_RX, AUDIO_FORMAT_DEFAULT);
auto telephonyTxModule =
@@ -697,9 +708,20 @@ status_t AudioPolicyManager::updateCallRoutingInternal(
ALOGE("%s() no telephony Tx and/or RX device", __func__);
return INVALID_OPERATION;
}
- // createAudioPatchInternal now supports both HW / SW bridging
- createRxPatch = true;
- createTxPatch = true;
+ if (property_get_int32("ro.vndk.version", 31) >= 30) {
+ // createAudioPatchInternal now supports both HW / SW bridging
+ createRxPatch = true;
+ createTxPatch = true;
+ } else {
+ // pre-R behavior: some devices before VNDK 30 do not support createAudioPatch correctly
+ // for HW bridging even though they declare support for it
+ // do not create a patch (aka Sw Bridging) if Primary HW module has declared supporting a
+ // route between telephony RX to Sink device and Source device to telephony TX
+ ALOGI("%s() Using pre-R behavior for createRxPatch and createTxPatch", __func__);
+ const auto &primaryModule = telephonyRxModule;
+ createRxPatch = !primaryModule->supportsPatch(rxSourceDevice, rxDevices.itemAt(0));
+ createTxPatch = !primaryModule->supportsPatch(txSourceDevice, txSinkDevice);
+ }
} else {
// If the RX device is on the primary HW module, then use legacy routing method for
// voice calls via setOutputDevice() on primary output.
@@ -716,7 +738,14 @@ status_t AudioPolicyManager::updateCallRoutingInternal(
if (!createRxPatch) {
muteWaitMs = setOutputDevices(mPrimaryOutput, rxDevices, true, delayMs);
} else { // create RX path audio patch
- connectTelephonyRxAudioSource();
+ if (property_get_int32("ro.vndk.version", 31) >= 31) {
+ connectTelephonyRxAudioSource();
+ } else {
+ // pre-S behavior: some devices do not support SW bridging correctly when HW bridge is
+ // available through createAudioPatch(); startAudioSource() forces SW bridging.
+ ALOGI("%s() Using pre-S behavior to create HW Rx patch", __func__);
+ mCallRxPatch = createTelephonyPatch(true /*isRx*/, rxDevices.itemAt(0), delayMs);
+ }
// If the TX device is on the primary HW module but RX device is
// on other HW module, SinkMetaData of telephony input should handle it
// assuming the device uses audio HAL V5.0 and above
@@ -731,7 +760,12 @@ status_t AudioPolicyManager::updateCallRoutingInternal(
closeActiveClients(activeDesc);
}
}
- connectTelephonyTxAudioSource(txSourceDevice, txSinkDevice, delayMs);
+ if (property_get_int32("ro.vndk.version", 33) >= 33) {
+ connectTelephonyTxAudioSource(txSourceDevice, txSinkDevice, delayMs);
+ } else {
+ // pre-T behavior: hw bridging for tx too; skip the SwOutput
+ mCallTxPatch = createTelephonyPatch(false /*isRx*/, txSourceDevice, delayMs);
+ }
}
if (waitMs != nullptr) {
*waitMs = muteWaitMs;
@@ -739,6 +773,36 @@ status_t AudioPolicyManager::updateCallRoutingInternal(
return NO_ERROR;
}
+sp<AudioPatch> AudioPolicyManager::createTelephonyPatch(
+ bool isRx, const sp<DeviceDescriptor> &device, uint32_t delayMs) {
+ PatchBuilder patchBuilder;
+
+ if (device == nullptr) {
+ return nullptr;
+ }
+
+ // @TODO: still ignoring the address, or not dealing platform with multiple telephony devices
+ if (isRx) {
+ patchBuilder.addSink(device).
+ addSource(mAvailableInputDevices.getDevice(
+ AUDIO_DEVICE_IN_TELEPHONY_RX, String8(), AUDIO_FORMAT_DEFAULT));
+ } else {
+ patchBuilder.addSource(device).
+ addSink(mAvailableOutputDevices.getDevice(
+ AUDIO_DEVICE_OUT_TELEPHONY_TX, String8(), AUDIO_FORMAT_DEFAULT));
+ }
+
+ audio_patch_handle_t patchHandle = AUDIO_PATCH_HANDLE_NONE;
+ status_t status =
+ createAudioPatchInternal(patchBuilder.patch(), &patchHandle, mUidCached, delayMs, nullptr);
+ ssize_t index = mAudioPatches.indexOfKey(patchHandle);
+ if (status != NO_ERROR || index < 0) {
+ ALOGW("%s() error %d creating %s audio patch", __func__, status, isRx ? "RX" : "TX");
+ return nullptr;
+ }
+ return mAudioPatches.valueAt(index);
+}
+
bool AudioPolicyManager::isDeviceOfModule(
const sp<DeviceDescriptor>& devDesc, const char *moduleId) const {
sp<HwModule> module = mHwModules.getModuleFromName(moduleId);
@@ -4541,6 +4605,7 @@ status_t AudioPolicyManager::createAudioPatchInternal(const struct audio_patch *
// in config XML to reach the sink so that is can be declared as available.
audio_io_handle_t output = AUDIO_IO_HANDLE_NONE;
sp<SwAudioOutputDescriptor> outputDesc;
+ if (sourceDesc != nullptr) { // Ignore indentation, we don't want to cuase huge conflicts...
if (!sourceDesc->isInternal()) {
// take care of dynamic routing for SwOutput selection,
audio_attributes_t attributes = sourceDesc->attributes();
@@ -4586,33 +4651,51 @@ status_t AudioPolicyManager::createAudioPatchInternal(const struct audio_patch *
outputDesc = mOutputs.valueFor(output);
if (outputDesc->isDuplicated()) {
ALOGV("%s output for device %s is duplicated",
- __func__, sinkDevice->toString().c_str());
+ __func__, sinkDevice->toString().c_str());
return INVALID_OPERATION;
}
sourceDesc->setSwOutput(outputDesc, /* closeOutput= */ false);
}
+ }
// create a software bridge in PatchPanel if:
// - source and sink devices are on different HW modules OR
// - audio HAL version is < 3.0
// - audio HAL version is >= 3.0 but no route has been declared between devices
- // - called from startAudioSource (aka sourceDesc is not internal) and source device
+ // - called from startAudioSource (aka sourceDesc is neither null nor internal) and source device
// does not have a gain controller
if (!srcDevice->hasSameHwModuleAs(sinkDevice) ||
(srcDevice->getModuleVersionMajor() < 3) ||
!srcDevice->getModule()->supportsPatch(srcDevice, sinkDevice) ||
- (!sourceDesc->isInternal() &&
+ ((sourceDesc != nullptr && !sourceDesc->isInternal()) &&
srcDevice->getAudioPort()->getGains().size() == 0)) {
// support only one sink device for now to simplify output selection logic
if (patch->num_sinks > 1) {
return INVALID_OPERATION;
}
- sourceDesc->setUseSwBridge();
+ if (sourceDesc == nullptr) {
+ SortedVector<audio_io_handle_t> outputs =
+ getOutputsForDevices(DeviceVector(sinkDevice), mOutputs);
+ // if the sink device is reachable via an opened output stream, request to
+ // go via this output stream by adding a second source to the patch
+ // description
+ output = selectOutput(outputs);
+ if (output != AUDIO_IO_HANDLE_NONE) {
+ outputDesc = mOutputs.valueFor(output);
+ if (outputDesc->isDuplicated()) {
+ ALOGV("%s output for device %s is duplicated",
+ __FUNCTION__, sinkDevice->toString().c_str());
+ return INVALID_OPERATION;
+ }
+ }
+ } else {
+ sourceDesc->setUseSwBridge();
+ }
if (outputDesc != nullptr) {
audio_port_config srcMixPortConfig = {};
outputDesc->toAudioPortConfig(&srcMixPortConfig, nullptr);
// for volume control, we may need a valid stream
srcMixPortConfig.ext.mix.usecase.stream =
- (!sourceDesc->isInternal() || isCallTxAudioSource(sourceDesc)) ?
+ ((sourceDesc != nullptr && !sourceDesc->isInternal()) || isCallTxAudioSource(sourceDesc)) ?
mEngine->getStreamTypeForAttributes(sourceDesc->attributes()) :
AUDIO_STREAM_PATCH;
patchBuilder.addSource(srcMixPortConfig);
diff --git a/services/audiopolicy/managerdefault/AudioPolicyManager.h b/services/audiopolicy/managerdefault/AudioPolicyManager.h
index a69e08871b..f8762016db 100644
--- a/services/audiopolicy/managerdefault/AudioPolicyManager.h
+++ b/services/audiopolicy/managerdefault/AudioPolicyManager.h
@@ -944,6 +944,9 @@ protected:
SoundTriggerSessionCollection mSoundTriggerSessions;
+ sp<AudioPatch> mCallTxPatch;
+ sp<AudioPatch> mCallRxPatch;
+
HwAudioOutputCollection mHwOutputs;
SourceClientCollection mAudioSources;
--
2.39.2

8
frameworks/av/0003-APM-Remove-A2DP-audio-ports-from-the-primary-HAL.patch → frameworks/av/0002-APM-Remove-A2DP-audio-ports-from-the-primary-HAL.patch
View file

@ -1,7 +1,7 @@
From d11e204968cbf01851042f03fe2a12aabbe84a93 Mon Sep 17 00:00:00 2001
From d60a1b5fc58a7cc84b48c554cb2cffaeff14d86e Mon Sep 17 00:00:00 2001
From: Peter Cai <peter@typeblog.net>
Date: Thu, 25 Aug 2022 13:30:29 -0400
Subject: [PATCH 3/4] APM: Remove A2DP audio ports from the primary HAL
Subject: [PATCH 2/2] APM: Remove A2DP audio ports from the primary HAL
These ports defined in the primary HAL are intended for A2DP offloading,
however they do not work in general on GSIs, and will interfere with
@ -16,7 +16,7 @@ Change-Id: I3305594a17285da113167b419543543f0ef71122
1 file changed, 22 insertions(+), 4 deletions(-)
diff --git a/services/audiopolicy/common/managerdefinitions/src/Serializer.cpp b/services/audiopolicy/common/managerdefinitions/src/Serializer.cpp
index f5233f2a42..6630d06f6d 100644
index 881c188e4c..8519cfdc04 100644
--- a/services/audiopolicy/common/managerdefinitions/src/Serializer.cpp
+++ b/services/audiopolicy/common/managerdefinitions/src/Serializer.cpp
@@ -26,6 +26,7 @@
@ -75,5 +75,5 @@ index f5233f2a42..6630d06f6d 100644
RouteTraits::Collection routes;
--
2.39.2
2.41.0

43
frameworks/av/0004-Camera-Avoid-unnecessary-close-of-buffer-acquire-fen.patch
View file

@ -1,43 +0,0 @@
From 628ff965d6ade74843a58cab6fe58069ef0ec3ad Mon Sep 17 00:00:00 2001
From: Emilian Peev <epeev@google.com>
Date: Fri, 5 Aug 2022 17:28:06 -0700
Subject: [PATCH 4/4] Camera: Avoid unnecessary close of buffer acquire fence
fds
According to the gralloc lock documentation:
The ownership of acquireFence is always transferred to the callee, even
on errors.
Bug: 241455881
Test: Manual using camera application
Change-Id: Ieec34b54aaa7f0d773eccb593c3daaa3e41bae0b
Merged-In: Ieec34b54aaa7f0d773eccb593c3daaa3e41bae0b
---
.../camera/libcameraservice/device3/Camera3OutputStream.cpp | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/services/camera/libcameraservice/device3/Camera3OutputStream.cpp b/services/camera/libcameraservice/device3/Camera3OutputStream.cpp
index 396104c4fd..c725aadb79 100644
--- a/services/camera/libcameraservice/device3/Camera3OutputStream.cpp
+++ b/services/camera/libcameraservice/device3/Camera3OutputStream.cpp
@@ -331,7 +331,7 @@ status_t Camera3OutputStream::fixUpHidlJpegBlobHeader(ANativeWindowBuffer* anwBu
status_t res =
gbLocker.lockAsync(
GraphicBuffer::USAGE_SW_READ_OFTEN | GraphicBuffer::USAGE_SW_WRITE_RARELY,
- &mapped, fenceFd.get());
+ &mapped, fenceFd.release());
if (res != OK) {
ALOGE("%s: Failed to lock the buffer: %s (%d)", __FUNCTION__, strerror(-res), res);
return res;
@@ -1327,7 +1327,7 @@ void Camera3OutputStream::dumpImageToDisk(nsecs_t timestamp,
void* mapped = nullptr;
base::unique_fd fenceFd(dup(fence));
status_t res = graphicBuffer->lockAsync(GraphicBuffer::USAGE_SW_READ_OFTEN, &mapped,
- fenceFd.get());
+ fenceFd.release());
if (res != OK) {
ALOGE("%s: Failed to lock the buffer: %s (%d)", __FUNCTION__, strerror(-res), res);
return;
--
2.39.2

6
frameworks/base/0001-PackageParser-support-glob-matching-for-properties.patch
View file

@ -1,7 +1,7 @@
From 5e94fc70ba1963ed33eb6633702cce706b6814d1 Mon Sep 17 00:00:00 2001
From c25e4bfafc3b0b9f44c9cd2b9fed590299480f71 Mon Sep 17 00:00:00 2001
From: Peter Cai <peter@typeblog.net>
Date: Tue, 12 Oct 2021 21:37:22 -0400
Subject: [PATCH 1/6] PackageParser: support glob matching for properties
Subject: [PATCH 1/4] PackageParser: support glob matching for properties
Needed to make phh's vendor overlays work
---
@ -9,7 +9,7 @@ Needed to make phh's vendor overlays work
1 file changed, 10 insertions(+), 2 deletions(-)
diff --git a/core/java/android/content/pm/PackageParser.java b/core/java/android/content/pm/PackageParser.java
index c15b3e0b80c3..05bb843c0c4d 100644
index 048289f56a0c..0d88d7ab97a4 100644
--- a/core/java/android/content/pm/PackageParser.java
+++ b/core/java/android/content/pm/PackageParser.java
@@ -2545,8 +2545,16 @@ public class PackageParser {

44
frameworks/base/0002-Add-support-for-app-signature-spoofing.patch
View file

@ -1,7 +1,7 @@
From 3199a7f449d08acf306aafb180ccbcbacd993616 Mon Sep 17 00:00:00 2001
From 540857efdf49ba24121970d2b836eb38ab7e7b32 Mon Sep 17 00:00:00 2001
From: Danny Lin <danny@kdrag0n.dev>
Date: Sat, 16 Oct 2021 05:27:57 -0700
Subject: [PATCH 2/6] Add support for app signature spoofing
Subject: [PATCH 2/4] Add support for app signature spoofing
This is needed by microG GmsCore to pretend to be the official Google
Play Services package, because client apps check the package signature
@ -38,18 +38,18 @@ Change-Id: Ied7d6ce0b83a2d2345c3abba0429998d86494a88
4 files changed, 56 insertions(+), 3 deletions(-)
diff --git a/core/api/current.txt b/core/api/current.txt
index 487e57d114c9..04e69741b9fd 100644
index 288ab479c0fb..2124d89c6e6f 100644
--- a/core/api/current.txt
+++ b/core/api/current.txt
@@ -87,6 +87,7 @@ package android {
field public static final String DUMP = "android.permission.DUMP";
@@ -95,6 +95,7 @@ package android {
field public static final String EXECUTE_APP_ACTION = "android.permission.EXECUTE_APP_ACTION";
field public static final String EXPAND_STATUS_BAR = "android.permission.EXPAND_STATUS_BAR";
field public static final String FACTORY_TEST = "android.permission.FACTORY_TEST";
+ field public static final String FAKE_PACKAGE_SIGNATURE = "android.permission.FAKE_PACKAGE_SIGNATURE";
field public static final String FOREGROUND_SERVICE = "android.permission.FOREGROUND_SERVICE";
field public static final String GET_ACCOUNTS = "android.permission.GET_ACCOUNTS";
field public static final String GET_ACCOUNTS_PRIVILEGED = "android.permission.GET_ACCOUNTS_PRIVILEGED";
@@ -222,6 +223,7 @@ package android {
field public static final String FOREGROUND_SERVICE_CAMERA = "android.permission.FOREGROUND_SERVICE_CAMERA";
field public static final String FOREGROUND_SERVICE_CONNECTED_DEVICE = "android.permission.FOREGROUND_SERVICE_CONNECTED_DEVICE";
@@ -326,6 +327,7 @@ package android {
field public static final String CALL_LOG = "android.permission-group.CALL_LOG";
field public static final String CAMERA = "android.permission-group.CAMERA";
field public static final String CONTACTS = "android.permission-group.CONTACTS";
@ -58,10 +58,10 @@ index 487e57d114c9..04e69741b9fd 100644
field public static final String MICROPHONE = "android.permission-group.MICROPHONE";
field public static final String NEARBY_DEVICES = "android.permission-group.NEARBY_DEVICES";
diff --git a/core/res/AndroidManifest.xml b/core/res/AndroidManifest.xml
index 0e95e30a99b8..a456ac6b7129 100644
index 2f9f6ae3f3c4..c4cde374ce58 100644
--- a/core/res/AndroidManifest.xml
+++ b/core/res/AndroidManifest.xml
@@ -3569,6 +3569,21 @@
@@ -4251,6 +4251,21 @@
android:description="@string/permdesc_getPackageSize"
android:protectionLevel="normal" />
@ -84,10 +84,10 @@ index 0e95e30a99b8..a456ac6b7129 100644
{@link android.content.pm.PackageManager#addPackageToPreferred}
for details. -->
diff --git a/core/res/res/values/strings.xml b/core/res/res/values/strings.xml
index 2091c0502b6f..6888edcf7d3c 100644
index a5b2b853fddd..f8b48c55ce21 100644
--- a/core/res/res/values/strings.xml
+++ b/core/res/res/values/strings.xml
@@ -982,6 +982,18 @@
@@ -991,6 +991,18 @@
<!-- Permissions -->
@ -107,10 +107,10 @@ index 2091c0502b6f..6888edcf7d3c 100644
<string name="permlab_statusBar">disable or modify status bar</string>
<!-- Description of an application permission, listed so the user can choose whether they want to allow the application to do this. -->
diff --git a/services/core/java/com/android/server/pm/ComputerEngine.java b/services/core/java/com/android/server/pm/ComputerEngine.java
index 46b7460dff1b..40549962436f 100644
index 78f1fa60b69f..fb2f7da97cda 100644
--- a/services/core/java/com/android/server/pm/ComputerEngine.java
+++ b/services/core/java/com/android/server/pm/ComputerEngine.java
@@ -1603,6 +1603,29 @@ public class ComputerEngine implements Computer {
@@ -1450,6 +1450,29 @@ public class ComputerEngine implements Computer {
return result;
}
@ -140,21 +140,21 @@ index 46b7460dff1b..40549962436f 100644
public final PackageInfo generatePackageInfo(PackageStateInternal ps,
@PackageManager.PackageInfoFlagsBits long flags, int userId) {
if (!mUserManager.exists(userId)) return null;
@@ -1632,13 +1655,14 @@ public class ComputerEngine implements Computer {
final int[] gids = (flags & PackageManager.GET_GIDS) == 0 ? EMPTY_INT_ARRAY
: mPermissionManager.getGidsForUid(UserHandle.getUid(userId, ps.getAppId()));
@@ -1483,13 +1506,14 @@ public class ComputerEngine implements Computer {
|| ArrayUtils.isEmpty(p.getPermissions())) ? Collections.emptySet()
: mPermissionManager.getInstalledPermissions(ps.getPackageName());
// Compute granted permissions only if package has requested permissions
- final Set<String> permissions = ((flags & PackageManager.GET_PERMISSIONS) == 0
+ final Set<String> permissions = (((flags & PackageManager.GET_PERMISSIONS) == 0
- final Set<String> grantedPermissions = ((flags & PackageManager.GET_PERMISSIONS) == 0
+ final Set<String> grantedPermissions = (((flags & PackageManager.GET_PERMISSIONS) == 0
+ && !requestsFakeSignature(p))
|| ArrayUtils.isEmpty(p.getRequestedPermissions())) ? Collections.emptySet()
: mPermissionManager.getGrantedPermissions(ps.getPackageName(), userId);
- PackageInfo packageInfo = PackageInfoUtils.generate(p, gids, flags,
+ PackageInfo packageInfo = mayFakeSignature(p, PackageInfoUtils.generate(p, gids, flags,
state.getFirstInstallTime(), ps.getLastUpdateTime(), permissions, state, userId,
- ps);
+ ps), permissions);
state.getFirstInstallTimeMillis(), ps.getLastUpdateTime(), installedPermissions,
- grantedPermissions, state, userId, ps);
+ grantedPermissions, state, userId, ps), grantedPermissions);
if (packageInfo == null) {
return null;

4
frameworks/base/0003-FrameworkParsingPackageUtils-Add-glob-matching-suppo.patch
View file

@ -1,7 +1,7 @@
From 734839b7918f93cb746ebbe82179a9cbcf165424 Mon Sep 17 00:00:00 2001
From 148fe28e381f444f7d06ea611dbd82c1e1ae8573 Mon Sep 17 00:00:00 2001
From: Peter Cai <peter@typeblog.net>
Date: Fri, 2 Sep 2022 21:36:06 -0400
Subject: [PATCH 3/6] FrameworkParsingPackageUtils: Add glob matching support
Subject: [PATCH 3/4] FrameworkParsingPackageUtils: Add glob matching support
for properties
This is now required in addition to the one in PackageParser in order

38
frameworks/base/0004-Global-VPN-feature-1-2.patch
View file

@ -1,7 +1,7 @@
From af0cbe50e889694dc72ab84c4e1af816bdd199b9 Mon Sep 17 00:00:00 2001
From 00b72ce36c74f294e9823a41c0f50f73d435b1dd Mon Sep 17 00:00:00 2001
From: Oliver Scott <olivercscott@gmail.com>
Date: Thu, 8 Jul 2021 10:41:43 -0400
Subject: [PATCH 4/6] Global VPN feature [1/2]
Subject: [PATCH 4/4] Global VPN feature [1/2]
* Modify existing VPN user range functions to conditionally have traffic
from all users pass through the global VPN.
@ -28,10 +28,10 @@ Signed-off-by: Mohammad Hasan Keramat J <ikeramat@protonmail.com>
3 files changed, 46 insertions(+), 5 deletions(-)
diff --git a/core/java/android/provider/Settings.java b/core/java/android/provider/Settings.java
index 8d8379831e87..bd6cc1d4d7bf 100644
index d695c0cb3760..5c705aa14d44 100644
--- a/core/java/android/provider/Settings.java
+++ b/core/java/android/provider/Settings.java
@@ -16060,6 +16060,12 @@ public final class Settings {
@@ -16734,6 +16734,12 @@ public final class Settings {
CLOCKWORK_HOME_READY,
};
@ -45,7 +45,7 @@ index 8d8379831e87..bd6cc1d4d7bf 100644
* Keys we no longer back up under the current schema, but want to continue to
* process when restoring historical backup datasets.
diff --git a/packages/SystemUI/src/com/android/systemui/statusbar/policy/SecurityControllerImpl.java b/packages/SystemUI/src/com/android/systemui/statusbar/policy/SecurityControllerImpl.java
index ba947149d287..e5eb04c7818d 100644
index 03656f000c07..fddf8167beb5 100644
--- a/packages/SystemUI/src/com/android/systemui/statusbar/policy/SecurityControllerImpl.java
+++ b/packages/SystemUI/src/com/android/systemui/statusbar/policy/SecurityControllerImpl.java
@@ -39,6 +39,7 @@ import android.os.Handler;
@ -56,7 +56,7 @@ index ba947149d287..e5eb04c7818d 100644
import android.security.KeyChain;
import android.util.ArrayMap;
import android.util.Log;
@@ -332,8 +333,13 @@ public class SecurityControllerImpl implements SecurityController {
@@ -338,8 +339,13 @@ public class SecurityControllerImpl implements SecurityController {
@Override
public void onUserSwitched(int newUserId) {
mCurrentUserId = newUserId;
@ -72,10 +72,10 @@ index ba947149d287..e5eb04c7818d 100644
mVpnUserId = newUserInfo.restrictedProfileParentId;
} else {
diff --git a/services/core/java/com/android/server/connectivity/Vpn.java b/services/core/java/com/android/server/connectivity/Vpn.java
index 8510de4ef201..7c02924a711d 100644
index e85eee817d29..2a731532b8d2 100644
--- a/services/core/java/com/android/server/connectivity/Vpn.java
+++ b/services/core/java/com/android/server/connectivity/Vpn.java
@@ -691,6 +691,15 @@ public class Vpn {
@@ -909,6 +909,15 @@ public class Vpn {
return mAlwaysOn;
}
@ -91,7 +91,7 @@ index 8510de4ef201..7c02924a711d 100644
/**
* Checks if a VPN app supports always-on mode.
*
@@ -1559,6 +1568,7 @@ public class Vpn {
@@ -1855,6 +1864,7 @@ public class Vpn {
try {
// Restricted users are not allowed to create VPNs, they are tied to Owner
enforceNotRestrictedUser();
@ -99,7 +99,7 @@ index 8510de4ef201..7c02924a711d 100644
final PackageManager packageManager = mUserIdContext.getPackageManager();
if (packageManager == null) {
@@ -1720,7 +1730,7 @@ public class Vpn {
@@ -2007,7 +2017,7 @@ public class Vpn {
addUserToRanges(ranges, userId, allowedApplications, disallowedApplications);
// If the user can have restricted profiles, assign all its restricted profiles too
@ -108,7 +108,7 @@ index 8510de4ef201..7c02924a711d 100644
final long token = Binder.clearCallingIdentity();
List<UserInfo> users;
try {
@@ -1729,7 +1739,8 @@ public class Vpn {
@@ -2016,7 +2026,8 @@ public class Vpn {
Binder.restoreCallingIdentity(token);
}
for (UserInfo user : users) {
@ -118,7 +118,7 @@ index 8510de4ef201..7c02924a711d 100644
addUserToRanges(ranges, user.id, allowedApplications, disallowedApplications);
}
}
@@ -1810,7 +1821,8 @@ public class Vpn {
@@ -2097,7 +2108,8 @@ public class Vpn {
public void onUserAdded(int userId) {
// If the user is restricted tie them to the parent user's VPN
UserInfo user = mUserManager.getUserInfo(userId);
@ -128,7 +128,7 @@ index 8510de4ef201..7c02924a711d 100644
synchronized(Vpn.this) {
final Set<Range<Integer>> existingRanges = mNetworkCapabilities.getUids();
if (existingRanges != null) {
@@ -1839,7 +1851,8 @@ public class Vpn {
@@ -2126,7 +2138,8 @@ public class Vpn {
public void onUserRemoved(int userId) {
// clean up if restricted
UserInfo user = mUserManager.getUserInfo(userId);
@ -138,7 +138,7 @@ index 8510de4ef201..7c02924a711d 100644
synchronized(Vpn.this) {
final Set<Range<Integer>> existingRanges = mNetworkCapabilities.getUids();
if (existingRanges != null) {
@@ -2278,6 +2291,17 @@ public class Vpn {
@@ -2565,6 +2578,17 @@ public class Vpn {
}
}
@ -156,7 +156,7 @@ index 8510de4ef201..7c02924a711d 100644
/**
* Start legacy VPN, controlling native daemons as needed. Creates a
* secondary thread to perform connection work, returning quickly.
@@ -2362,6 +2386,7 @@ public class Vpn {
@@ -2649,6 +2673,7 @@ public class Vpn {
new UserHandle(mUserId))) {
throw new SecurityException("Restricted users cannot establish VPNs");
}
@ -164,7 +164,7 @@ index 8510de4ef201..7c02924a711d 100644
final RouteInfo ipv4DefaultRoute = findIPv4DefaultRoute(egress);
final String gateway = ipv4DefaultRoute.getGateway().getHostAddress();
@@ -3859,6 +3884,7 @@ public class Vpn {
@@ -4627,6 +4652,7 @@ public class Vpn {
verifyCallingUidAndPackage(packageName);
enforceNotRestrictedUser();
@ -172,7 +172,7 @@ index 8510de4ef201..7c02924a711d 100644
validateRequiredFeatures(profile);
if (profile.isRestrictedToTestNetworks) {
@@ -3901,6 +3927,7 @@ public class Vpn {
@@ -4669,6 +4695,7 @@ public class Vpn {
verifyCallingUidAndPackage(packageName);
enforceNotRestrictedUser();
@ -180,7 +180,7 @@ index 8510de4ef201..7c02924a711d 100644
final long token = Binder.clearCallingIdentity();
try {
@@ -3964,6 +3991,7 @@ public class Vpn {
@@ -4738,6 +4765,7 @@ public class Vpn {
requireNonNull(packageName, "No package name provided");
enforceNotRestrictedUser();
@ -188,7 +188,7 @@ index 8510de4ef201..7c02924a711d 100644
// Prepare VPN for startup
if (!prepare(packageName, null /* newPackage */, VpnManager.TYPE_VPN_PLATFORM)) {
@@ -4085,6 +4113,7 @@ public class Vpn {
@@ -4860,6 +4888,7 @@ public class Vpn {
requireNonNull(packageName, "No package name provided");
enforceNotRestrictedUser();

236
frameworks/base/0005-fw-b-Use-ro.build.version.incremental-to-signal-OTA-.patch
View file

@ -1,236 +0,0 @@
From 628ab41923ce082cd68ab8d4a184823b62a75ab3 Mon Sep 17 00:00:00 2001
From: dhacker29 <dhackerdvm@gmail.com>
Date: Tue, 24 Nov 2015 01:53:47 -0500
Subject: [PATCH 5/6] fw/b: Use ro.build.version.incremental to signal OTA
upgrades
Squash of:
Author: dhacker29 <dhackerdvm@gmail.com>
Date: Tue Nov 24 01:53:47 2015 -0500
Core: Use ro.build.date to signal mIsUpgrade
M: We use a static fingerprint that is only changed when a new OEM build is released, so
every flash shows Android is starting instead of upgrading. This will fix that.
N: even though we dont have the dexopt sceen on N, this is still needed to delete the
correct caches, and grant/deny specific runtime permissions like a true oem update
would do.
Updated for Nougat By: BeansTown106
Change-Id: I0e3ed5c8f0351e48944432ae6a0c5194ddeff1fa
Author: Sam Mortimer <sam@mortimer.me.uk>
Date: Fri Sep 28 13:45:00 2018 -0700
fw/b UserManagerService: Use ro.build.date to signal upgrades
*) We changed PackageManagerService to use Build.DATE instead of
Build.FINGERPRINT to detect upgrade. Do the same for
UserManagerService.
*) Affects generation of preboot intent and app data migration.
Change-Id: I56887b7ca842afdcf3cf84b27b4c04667cf43307
Author: Wang Han <416810799@qq.com>
Date: Sat Dec 29 23:33:20 2018 +0800
ShortcutService: Use ro.build.date to signal package scanning
* Affects system apps scanning.
Change-Id: I5f6d6647929f5b5ae7e820b18e95bf5ed2ec8d1c
Author: maxwen <max.weninger@gmail.com>
Date: Tue Nov 19 01:02:01 2019 +0100
base: Use ro.build.date to clear cache dirs on update
instead of using ro.build.fingerprint we explictly need to use ro.build.date
Change-Id: Ib3e80e58eb8c9a21c108e9f5cd2dbdb7ada8e3a4
Author: maxwen <max.weninger@gmail.com>
Date: Wed Oct 28 07:07:10 2020 -0400
One more Build.FINGERPRINT to Build.DATE change
Change-Id: I13dbf3d7f6587d3fcd6591cc0f861b34b6d5561c
Change-Id: If0eb969ba509981f9209ffa37a949d9042ef4c2a
---
core/java/android/app/admin/SystemUpdateInfo.java | 4 ++--
.../java/com/android/server/am/UserController.java | 3 ++-
.../com/android/server/pm/PackageManagerService.java | 12 ++++++------
.../core/java/com/android/server/pm/Settings.java | 4 ++--
.../java/com/android/server/pm/ShortcutService.java | 2 +-
.../com/android/server/pm/UserManagerService.java | 8 ++++----
6 files changed, 17 insertions(+), 16 deletions(-)
diff --git a/core/java/android/app/admin/SystemUpdateInfo.java b/core/java/android/app/admin/SystemUpdateInfo.java
index b88bf76c96ca..fdf2b3f54311 100644
--- a/core/java/android/app/admin/SystemUpdateInfo.java
+++ b/core/java/android/app/admin/SystemUpdateInfo.java
@@ -132,7 +132,7 @@ public final class SystemUpdateInfo implements Parcelable {
out.startTag(null, tag);
out.attributeLong(null, ATTR_RECEIVED_TIME, mReceivedTime);
out.attributeInt(null, ATTR_SECURITY_PATCH_STATE, mSecurityPatchState);
- out.attribute(null, ATTR_ORIGINAL_BUILD , Build.FINGERPRINT);
+ out.attribute(null, ATTR_ORIGINAL_BUILD , Build.VERSION.INCREMENTAL);
out.endTag(null, tag);
}
@@ -141,7 +141,7 @@ public final class SystemUpdateInfo implements Parcelable {
public static SystemUpdateInfo readFromXml(TypedXmlPullParser parser) {
// If an OTA has been applied (build fingerprint has changed), discard stale info.
final String buildFingerprint = parser.getAttributeValue(null, ATTR_ORIGINAL_BUILD );
- if (!Build.FINGERPRINT.equals(buildFingerprint)) {
+ if (!Build.VERSION.INCREMENTAL.equals(buildFingerprint)) {
return null;
}
try {
diff --git a/services/core/java/com/android/server/am/UserController.java b/services/core/java/com/android/server/am/UserController.java
index 44b186e1541f..9470a728389f 100644
--- a/services/core/java/com/android/server/am/UserController.java
+++ b/services/core/java/com/android/server/am/UserController.java
@@ -71,6 +71,7 @@ import android.content.pm.PackagePartitions;
import android.content.pm.UserInfo;
import android.os.BatteryStats;
import android.os.Binder;
+import android.os.Build;
import android.os.Bundle;
import android.os.Debug;
import android.os.Handler;
@@ -761,7 +762,7 @@ class UserController implements Handler.Callback {
// purposefully block sending BOOT_COMPLETED until after all
// PRE_BOOT receivers are finished to avoid ANR'ing apps
final UserInfo info = getUserInfo(userId);
- if (!Objects.equals(info.lastLoggedInFingerprint, PackagePartitions.FINGERPRINT)
+ if (!Objects.equals(info.lastLoggedInFingerprint, Build.VERSION.INCREMENTAL)
|| SystemProperties.getBoolean("persist.pm.mock-upgrade", false)) {
// Suppress double notifications for managed profiles that
// were unlocked automatically as part of their parent user being
diff --git a/services/core/java/com/android/server/pm/PackageManagerService.java b/services/core/java/com/android/server/pm/PackageManagerService.java
index 47860373156b..858bf1aad92f 100644
--- a/services/core/java/com/android/server/pm/PackageManagerService.java
+++ b/services/core/java/com/android/server/pm/PackageManagerService.java
@@ -1492,7 +1492,7 @@ public class PackageManagerService implements PackageSender, TestUtilityService
}
PackageManagerService m = new PackageManagerService(injector, onlyCore, factoryTest,
- PackagePartitions.FINGERPRINT, Build.IS_ENG, Build.IS_USERDEBUG,
+ Build.VERSION.INCREMENTAL, Build.IS_ENG, Build.IS_USERDEBUG,
Build.VERSION.SDK_INT, Build.VERSION.INCREMENTAL);
t.traceEnd(); // "create package manager"
@@ -1954,7 +1954,7 @@ public class PackageManagerService implements PackageSender, TestUtilityService
!buildFingerprint.equals(ver.fingerprint);
if (mIsUpgrade) {
PackageManagerServiceUtils.logCriticalInfo(Log.INFO, "Upgrading from "
- + ver.fingerprint + " to " + PackagePartitions.FINGERPRINT);
+ + ver.fingerprint + " to " + Build.VERSION.INCREMENTAL);
}
mInitAppsHelper = new InitAppsHelper(this, mApexManager, mInstallPackageHelper,
@@ -2068,8 +2068,8 @@ public class PackageManagerService implements PackageSender, TestUtilityService
// allow... it would be nice to have some better way to handle
// this situation.
if (mIsUpgrade) {
- Slog.i(TAG, "Build fingerprint changed from " + ver.fingerprint + " to "
- + PackagePartitions.FINGERPRINT
+ Slog.i(TAG, "Build incremental version changed from " + ver.fingerprint + " to "
+ + Build.VERSION.INCREMENTAL
+ "; regranting permissions for internal storage");
}
mPermissionManager.onStorageVolumeMounted(
@@ -2091,7 +2091,7 @@ public class PackageManagerService implements PackageSender, TestUtilityService
// across OTAs and are used to drive profile verification (post OTA) and
// profile compilation (without waiting to collect a fresh set of profiles).
if (mIsUpgrade && !mOnlyCore) {
- Slog.i(TAG, "Build fingerprint changed; clearing code caches");
+ Slog.i(TAG, "Build incremental version changed; clearing code caches");
for (int i = 0; i < packageSettings.size(); i++) {
final PackageSetting ps = packageSettings.valueAt(i);
if (Objects.equals(StorageManager.UUID_PRIVATE_INTERNAL, ps.getVolumeUuid())) {
@@ -2102,7 +2102,7 @@ public class PackageManagerService implements PackageSender, TestUtilityService
| Installer.FLAG_CLEAR_APP_DATA_KEEP_ART_PROFILES);
}
}
- ver.fingerprint = PackagePartitions.FINGERPRINT;
+ ver.fingerprint = Build.VERSION.INCREMENTAL;
}
// Defer the app data fixup until we are done with app data clearing above.
diff --git a/services/core/java/com/android/server/pm/Settings.java b/services/core/java/com/android/server/pm/Settings.java
index cfd029346340..a9b624653b92 100644
--- a/services/core/java/com/android/server/pm/Settings.java
+++ b/services/core/java/com/android/server/pm/Settings.java
@@ -445,7 +445,7 @@ public final class Settings implements Watchable, Snappable {
public void forceCurrent() {
sdkVersion = Build.VERSION.SDK_INT;
databaseVersion = CURRENT_DATABASE_VERSION;
- fingerprint = PackagePartitions.FINGERPRINT;
+ fingerprint = Build.VERSION.INCREMENTAL;
}
}
@@ -5527,7 +5527,7 @@ public final class Settings implements Watchable, Snappable {
}
private String getExtendedFingerprint(long version) {
- return PackagePartitions.FINGERPRINT + "?pc_version=" + version;
+ return Build.VERSION.INCREMENTAL + "?pc_version=" + version;
}
private static long uniformRandom(double low, double high) {
diff --git a/services/core/java/com/android/server/pm/ShortcutService.java b/services/core/java/com/android/server/pm/ShortcutService.java
index a2b2983a8f35..4564e9dccc13 100644
--- a/services/core/java/com/android/server/pm/ShortcutService.java
+++ b/services/core/java/com/android/server/pm/ShortcutService.java
@@ -5168,7 +5168,7 @@ public class ShortcutService extends IShortcutService.Stub {
// Injection point.
String injectBuildFingerprint() {
- return Build.FINGERPRINT;
+ return Build.VERSION.INCREMENTAL;
}
final void wtf(String message) {
diff --git a/services/core/java/com/android/server/pm/UserManagerService.java b/services/core/java/com/android/server/pm/UserManagerService.java
index 88aeb17dc2b4..af7b481dd311 100644
--- a/services/core/java/com/android/server/pm/UserManagerService.java
+++ b/services/core/java/com/android/server/pm/UserManagerService.java
@@ -4104,7 +4104,7 @@ public class UserManagerService extends IUserManager.Stub {
userInfo.creationTime = getCreationTime();
userInfo.partial = true;
userInfo.preCreated = preCreate;
- userInfo.lastLoggedInFingerprint = PackagePartitions.FINGERPRINT;
+ userInfo.lastLoggedInFingerprint = Build.VERSION.INCREMENTAL;
if (userTypeDetails.hasBadge() && parentId != UserHandle.USER_NULL) {
userInfo.profileBadge = getFreeProfileBadgeLU(parentId, userType);
}
@@ -5390,7 +5390,7 @@ public class UserManagerService extends IUserManager.Stub {
t.traceBegin("onBeforeStartUser-" + userId);
final int userSerial = userInfo.serialNumber;
// Migrate only if build fingerprints mismatch
- boolean migrateAppsData = !PackagePartitions.FINGERPRINT.equals(
+ boolean migrateAppsData = !Build.VERSION.INCREMENTAL.equals(
userInfo.lastLoggedInFingerprint);
t.traceBegin("prepareUserData");
mUserDataPreparer.prepareUserData(userId, userSerial, StorageManager.FLAG_STORAGE_DE);
@@ -5421,7 +5421,7 @@ public class UserManagerService extends IUserManager.Stub {
}
final int userSerial = userInfo.serialNumber;
// Migrate only if build fingerprints mismatch
- boolean migrateAppsData = !PackagePartitions.FINGERPRINT.equals(
+ boolean migrateAppsData = !Build.VERSION.INCREMENTAL.equals(
userInfo.lastLoggedInFingerprint);
final TimingsTraceAndSlog t = new TimingsTraceAndSlog();
@@ -5466,7 +5466,7 @@ public class UserManagerService extends IUserManager.Stub {
if (now > EPOCH_PLUS_30_YEARS) {
userData.info.lastLoggedInTime = now;
}
- userData.info.lastLoggedInFingerprint = PackagePartitions.FINGERPRINT;
+ userData.info.lastLoggedInFingerprint = Build.VERSION.INCREMENTAL;
scheduleWriteUser(userData);
}
--
2.41.0

127
frameworks/base/0006-Revert-Remove-more-FDE-methods-from-StorageManager.patch
View file

@ -1,127 +0,0 @@
From 54e70eb7ce231f6a1bef4ffdedb6008b3a949820 Mon Sep 17 00:00:00 2001
From: Andy CrossGate Yan <GeForce8800Ultra@gmail.com>
Date: Sat, 15 Oct 2022 09:33:56 +0000
Subject: [PATCH 6/6] Revert "Remove more FDE methods from StorageManager"
This reverts commit bd13f84152449a3ead6fa8604fd31f48c0224676.
---
.../android/os/storage/StorageManager.java | 69 ++++++++++++++++---
.../internal/os/RoSystemProperties.java | 4 ++
2 files changed, 65 insertions(+), 8 deletions(-)
diff --git a/core/java/android/os/storage/StorageManager.java b/core/java/android/os/storage/StorageManager.java
index d9604b3f0145..603612e82007 100644
--- a/core/java/android/os/storage/StorageManager.java
+++ b/core/java/android/os/storage/StorageManager.java
@@ -1681,13 +1681,18 @@ public class StorageManager {
}
/** {@hide}
- * Is this device encrypted?
- * <p>
- * Note: all devices launching with Android 10 (API level 29) or later are
- * required to be encrypted. This should only ever return false for
- * in-development devices on which encryption has not yet been configured.
- *
- * @return true if encrypted, false if not encrypted
+ * Is this device encryptable or already encrypted?
+ * @return true for encryptable or encrypted
+ * false not encrypted and not encryptable
+ */
+ public static boolean isEncryptable() {
+ return RoSystemProperties.CRYPTO_ENCRYPTABLE;
+ }
+
+ /** {@hide}
+ * Is this device already encrypted?
+ * @return true for encrypted. (Implies isEncryptable() == true)
+ * false not encrypted
*/
public static boolean isEncrypted() {
return RoSystemProperties.CRYPTO_ENCRYPTED;
@@ -1696,7 +1701,7 @@ public class StorageManager {
/** {@hide}
* Is this device file encrypted?
* @return true for file encrypted. (Implies isEncrypted() == true)
- * false not encrypted or using "managed" encryption
+ * false not encrypted or block encrypted
*/
@UnsupportedAppUsage(maxTargetSdk = Build.VERSION_CODES.R, trackingBug = 170729553)
public static boolean isFileEncryptedNativeOnly() {
@@ -1706,6 +1711,54 @@ public class StorageManager {
return RoSystemProperties.CRYPTO_FILE_ENCRYPTED;
}
+ /** {@hide}
+ * Is this device block encrypted?
+ * @return true for block encrypted. (Implies isEncrypted() == true)
+ * false not encrypted or file encrypted
+ */
+ public static boolean isBlockEncrypted() {
+ return false;
+ }
+
+ /** {@hide}
+ * Is this device block encrypted with credentials?
+ * @return true for crediential block encrypted.
+ * (Implies isBlockEncrypted() == true)
+ * false not encrypted, file encrypted or default block encrypted
+ */
+ public static boolean isNonDefaultBlockEncrypted() {
+ return false;
+ }
+
+ /** {@hide}
+ * Is this device in the process of being block encrypted?
+ * @return true for encrypting.
+ * false otherwise
+ * Whether device isEncrypted at this point is undefined
+ * Note that only system services and CryptKeeper will ever see this return
+ * true - no app will ever be launched in this state.
+ * Also note that this state will not change without a teardown of the
+ * framework, so no service needs to check for changes during their lifespan
+ */
+ public static boolean isBlockEncrypting() {
+ return false;
+ }
+
+ /** {@hide}
+ * Is this device non default block encrypted and in the process of
+ * prompting for credentials?
+ * @return true for prompting for credentials.
+ * (Implies isNonDefaultBlockEncrypted() == true)
+ * false otherwise
+ * Note that only system services and CryptKeeper will ever see this return
+ * true - no app will ever be launched in this state.
+ * Also note that this state will not change without a teardown of the
+ * framework, so no service needs to check for changes during their lifespan
+ */
+ public static boolean inCryptKeeperBounce() {
+ return false;
+ }
+
/** {@hide} */
public static boolean isFileEncryptedEmulatedOnly() {
return SystemProperties.getBoolean(StorageManager.PROP_EMULATE_FBE, false);
diff --git a/core/java/com/android/internal/os/RoSystemProperties.java b/core/java/com/android/internal/os/RoSystemProperties.java
index cccd80e82420..adb5c107bc62 100644
--- a/core/java/com/android/internal/os/RoSystemProperties.java
+++ b/core/java/com/android/internal/os/RoSystemProperties.java
@@ -62,10 +62,14 @@ public class RoSystemProperties {
public static final CryptoProperties.type_values CRYPTO_TYPE =
CryptoProperties.type().orElse(CryptoProperties.type_values.NONE);
// These are pseudo-properties
+ public static final boolean CRYPTO_ENCRYPTABLE =
+ CRYPTO_STATE != CryptoProperties.state_values.UNSUPPORTED;
public static final boolean CRYPTO_ENCRYPTED =
CRYPTO_STATE == CryptoProperties.state_values.ENCRYPTED;
public static final boolean CRYPTO_FILE_ENCRYPTED =
CRYPTO_TYPE == CryptoProperties.type_values.FILE;
+ public static final boolean CRYPTO_BLOCK_ENCRYPTED =
+ CRYPTO_TYPE == CryptoProperties.type_values.BLOCK;
public static final boolean CONTROL_PRIVAPP_PERMISSIONS_LOG =
"log".equalsIgnoreCase(CONTROL_PRIVAPP_PERMISSIONS);
--
2.41.0

8
system/bpf/0001-Revert-detect-inability-to-write-to-index-0-of-bpf-m.patch
View file

@ -1,4 +1,4 @@
From cf04b02d96fef364996067ca4ecc51b65f521dca Mon Sep 17 00:00:00 2001
From 89613b61836c202b6ba3d3f35be16e24500ffe6c Mon Sep 17 00:00:00 2001
From: Peter Cai <peter@typeblog.net>
Date: Tue, 6 Dec 2022 18:30:32 -0500
Subject: [PATCH] Revert "detect inability to write to index != 0 of bpf map
@ -10,10 +10,10 @@ This reverts commit ead9d83423877458023056f6ccf9390950d6726f.
1 file changed, 9 deletions(-)
diff --git a/bpfloader/BpfLoader.cpp b/bpfloader/BpfLoader.cpp
index 5cd80b7..bc72811 100644
index e53669a..2816161 100644
--- a/bpfloader/BpfLoader.cpp
+++ b/bpfloader/BpfLoader.cpp
@@ -199,15 +199,6 @@ int main(int argc, char** argv) {
@@ -307,15 +307,6 @@ int main(int argc, char** argv) {
}
}
@ -30,5 +30,5 @@ index 5cd80b7..bc72811 100644
ALOGE("Failed to set bpf.progs_loaded property");
return 1;
--
2.38.1
2.41.0

8
system/core/0001-init-Do-not-start-console-service-when-debuggable.patch
View file

@ -1,4 +1,4 @@
From f53da166596fc34df3255b1c5120fd7cdcf21e5f Mon Sep 17 00:00:00 2001
From b370e176ea2fe56423d668a9c7a53000d6154b8a Mon Sep 17 00:00:00 2001
From: Isaac Chen <tingyi364@gmail.com>
Date: Wed, 23 Jun 2021 13:07:30 +0800
Subject: [PATCH 1/2] init: Do not start console service when debuggable
@ -13,10 +13,10 @@ Change-Id: I34cfd6b42d3b9aee4b3e63181480cfb8b1255f29
1 file changed, 3 deletions(-)
diff --git a/rootdir/init.rc b/rootdir/init.rc
index 02e51d2c4..ab45bb032 100644
index 1e6918d00..8b48a9c87 100644
--- a/rootdir/init.rc
+++ b/rootdir/init.rc
@@ -1277,9 +1277,6 @@ on property:ro.debuggable=1
@@ -1312,9 +1312,6 @@ on property:ro.debuggable=1
# Give reads to anyone for the accessibility trace folder on debug builds.
chmod 0775 /data/misc/a11ytrace
@ -27,5 +27,5 @@ index 02e51d2c4..ab45bb032 100644
# TODO(b/135984674): reset all necessary properties here.
setprop sys.boot_completed ""
--
2.40.0
2.41.0

8
system/core/0002-Let-system-override-some-properties-ro.apex.updatabl.patch
View file

@ -1,4 +1,4 @@
From b50dd85e88568bddedbab1e18984a5b5578c8612 Mon Sep 17 00:00:00 2001
From 1b075ec9186fd7b8b501272370a7ebfe43fe2fb4 Mon Sep 17 00:00:00 2001
From: Pierre-Hugues Husson <phh@phh.me>
Date: Fri, 21 Apr 2023 13:08:48 -0400
Subject: [PATCH 2/2] Let system override some properties (ro.apex.updatable,
@ -10,10 +10,10 @@ Change-Id: I3c84fa617f0ab7990abb0d905230a8703cf39bf7
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/init/property_service.cpp b/init/property_service.cpp
index 26341b196..19fc09d63 100644
index 8da69822c..0680b8e06 100644
--- a/init/property_service.cpp
+++ b/init/property_service.cpp
@@ -726,7 +726,12 @@ static void LoadProperties(char* data, const char* filter, const char* filename,
@@ -787,7 +787,12 @@ static void LoadProperties(char* data, const char* filter, const char* filename,
} else if (it->second != value) {
LOG(WARNING) << "Overriding previous property '" << key << "':'" << it->second
<< "' with new value '" << value << "'";
@ -28,5 +28,5 @@ index 26341b196..19fc09d63 100644
} else {
LOG(ERROR) << "Do not have permissions to set '" << key << "' to '" << value
--
2.40.0
2.41.0