1
0
mirror of https://github.com/lineageos4microg/docker-lineage-cicd synced 2024-11-09 10:09:56 +01:00

Make applying patches switchable

This commit is contained in:
Pete 2023-12-04 12:34:40 +00:00 committed by Pete Fotheringham
parent 005fafd1b9
commit 0fffa67e4b

@ -231,40 +231,44 @@ for branch in ${BRANCH_NAME//,/ }; do
los_ver_minor=$(sed -n -e 's/^\s*PRODUCT_VERSION_MINOR = //p' "$makefile_containing_version")
los_ver="$los_ver_major.$los_ver_minor"
if [ "$APPLY_PATCHES" = true ]; then
# If needed, apply the microG's signature spoofing patch
if [ "$SIGNATURE_SPOOFING" = "yes" ] || [ "$SIGNATURE_SPOOFING" = "restricted" ]; then
# Determine which patch should be applied to the current Android source tree
cd frameworks/base
if [ "$SIGNATURE_SPOOFING" = "yes" ]; then
echo ">> [$(date)] Applying the standard signature spoofing patch ($frameworks_base_patch) to frameworks/base"
echo ">> [$(date)] WARNING: the standard signature spoofing patch introduces a security threat"
patch --quiet --force -p1 -i "/root/signature_spoofing_patches/$frameworks_base_patch"
else
echo ">> [$(date)] Applying the restricted signature spoofing patch (based on $frameworks_base_patch) to frameworks/base"
sed 's/android:protectionLevel="dangerous"/android:protectionLevel="signature|privileged"/' "/root/signature_spoofing_patches/$frameworks_base_patch" | patch --quiet --force -p1
fi
git clean -q -f
cd ../..
if [ -n "$apps_permissioncontroller_patch" ] && [ "$SIGNATURE_SPOOFING" = "yes" ]; then
cd packages/apps/PermissionController
echo ">> [$(date)] Applying the apps/PermissionController patch ($apps_permissioncontroller_patch) to packages/apps/PermissionController"
patch --quiet --force -p1 -i "/root/signature_spoofing_patches/$apps_permissioncontroller_patch"
if [ "$SIGNATURE_SPOOFING" = "yes" ] || [ "$SIGNATURE_SPOOFING" = "restricted" ]; then
# Determine which patch should be applied to the current Android source tree
cd frameworks/base
if [ "$SIGNATURE_SPOOFING" = "yes" ]; then
echo ">> [$(date)] Applying the standard signature spoofing patch ($frameworks_base_patch) to frameworks/base"
echo ">> [$(date)] WARNING: the standard signature spoofing patch introduces a security threat"
patch --quiet --force -p1 -i "/root/signature_spoofing_patches/$frameworks_base_patch"
else
echo ">> [$(date)] Applying the restricted signature spoofing patch (based on $frameworks_base_patch) to frameworks/base"
sed 's/android:protectionLevel="dangerous"/android:protectionLevel="signature|privileged"/' "/root/signature_spoofing_patches/$frameworks_base_patch" | patch --quiet --force -p1
fi
git clean -q -f
cd ../../..
fi
cd ../..
if [ -n "$modules_permission_patch" ] && [ "$SIGNATURE_SPOOFING" = "yes" ]; then
cd packages/modules/Permission
echo ">> [$(date)] Applying the modules/Permission patch ($modules_permission_patch) to packages/modules/Permission"
patch --quiet --force -p1 -i "/root/signature_spoofing_patches/$modules_permission_patch"
git clean -q -f
cd ../../..
fi
if [ -n "$apps_permissioncontroller_patch" ] && [ "$SIGNATURE_SPOOFING" = "yes" ]; then
cd packages/apps/PermissionController
echo ">> [$(date)] Applying the apps/PermissionController patch ($apps_permissioncontroller_patch) to packages/apps/PermissionController"
patch --quiet --force -p1 -i "/root/signature_spoofing_patches/$apps_permissioncontroller_patch"
git clean -q -f
cd ../../..
fi
# Override device-specific settings for the location providers
mkdir -p "vendor/$vendor/overlay/microg/frameworks/base/core/res/res/values/"
cp /root/signature_spoofing_patches/frameworks_base_config.xml "vendor/$vendor/overlay/microg/frameworks/base/core/res/res/values/config.xml"
if [ -n "$modules_permission_patch" ] && [ "$SIGNATURE_SPOOFING" = "yes" ]; then
cd packages/modules/Permission
echo ">> [$(date)] Applying the modules/Permission patch ($modules_permission_patch) to packages/modules/Permission"
patch --quiet --force -p1 -i "/root/signature_spoofing_patches/$modules_permission_patch"
git clean -q -f
cd ../../..
fi
# Override device-specific settings for the location providers
mkdir -p "vendor/$vendor/overlay/microg/frameworks/base/core/res/res/values/"
cp /root/signature_spoofing_patches/frameworks_base_config.xml "vendor/$vendor/overlay/microg/frameworks/base/core/res/res/values/config.xml"
fi
else
echo ">> [$(date)] Applying patches disabled"
fi
echo ">> [$(date)] Setting \"$RELEASE_TYPE\" as release type"