1
0
mirror of https://github.com/lineageos4microg/docker-lineage-cicd synced 2024-11-09 10:09:56 +01:00

Add SIGNATURE_SPOOFING

This commit is contained in:
Nicola Corna 2017-05-22 10:03:05 +02:00
parent 37f1814a22
commit 134a82710e
3 changed files with 23 additions and 8 deletions

@ -66,6 +66,11 @@ ENV KEYS_DIR ''
# Move the resulting zips to $ZIP_DIR/$codename instead of $ZIP_DIR/ # Move the resulting zips to $ZIP_DIR/$codename instead of $ZIP_DIR/
ENV ZIP_SUBDIR false ENV ZIP_SUBDIR false
# Apply the signature spoofing patch
# Valid values are "no", "yes" (for the original MicroG's patch) and "restricted" (to grant the
# permission only to the privileged apps)
ENV SIGNATURE_SPOOFING "no"
# Create Volume entry points # Create Volume entry points
############################ ############################

@ -29,7 +29,7 @@ index ea0e39c..a936983 100644
+ <!-- @hide Allows an application to change the package signature as + <!-- @hide Allows an application to change the package signature as
+ seen by applications --> + seen by applications -->
+ <permission android:name="android.permission.FAKE_PACKAGE_SIGNATURE" + <permission android:name="android.permission.FAKE_PACKAGE_SIGNATURE"
+ android:protectionLevel="signature|privileged" + android:protectionLevel="dangerous"
+ android:label="@string/permlab_fakePackageSignature" + android:label="@string/permlab_fakePackageSignature"
+ android:description="@string/permdesc_fakePackageSignature" /> + android:description="@string/permdesc_fakePackageSignature" />
+ +

@ -26,25 +26,35 @@ if ! [ -z "$DEVICE_LIST" ]; then
echo ">> [$(date)] Copying '$LMANIFEST_DIR/*.xml' to '$SRC_DIR/.repo/local_manifests/'" >> $DOCKER_LOG echo ">> [$(date)] Copying '$LMANIFEST_DIR/*.xml' to '$SRC_DIR/.repo/local_manifests/'" >> $DOCKER_LOG
cp $LMANIFEST_DIR/*.xml $SRC_DIR/.repo/local_manifests/ >&$DEBUG_LOG cp $LMANIFEST_DIR/*.xml $SRC_DIR/.repo/local_manifests/ >&$DEBUG_LOG
# Go to "vendor/cm" and reset it's current git status ( remove previous changes ) only if the directory exists # Reset the current git status of "vendor/cm" (remove previous changes) if the directory exists
if [ -d "vendor/cm" ]; then if [ -d "vendor/cm" ]; then
cd vendor/cm cd vendor/cm
git reset --hard 2>&1 >&$DEBUG_LOG git reset --hard 2>&1 >&$DEBUG_LOG
cd $SRC_DIR cd $SRC_DIR
fi fi
# Reset the current git status of "frameworks/base" (remove previous changes) if the directory exists
if [ -d "frameworks/base" ]; then
cd frameworks/base
git reset --hard 2>&1 >&$DEBUG_LOG
cd $SRC_DIR
fi
# Sync the source code # Sync the source code
echo ">> [$(date)] Syncing repository" >> $DOCKER_LOG echo ">> [$(date)] Syncing repository" >> $DOCKER_LOG
builddate=$(date +%Y%m%d) builddate=$(date +%Y%m%d)
repo sync 2>&1 >&$DEBUG_LOG repo sync 2>&1 >&$DEBUG_LOG
# If not yet done, apply the MicroG's signature spoofing patch # If needed, apply the MicroG's signature spoofing patch
# The patch has been modified to allow only privileged apps to obtain the signature spoofing permission
cd frameworks/base cd frameworks/base
if [ $(git rev-parse --abbrev-ref HEAD) != "signature_spoofing" ]; then if [ "$SIGNATURE_SPOOFING" = "yes" ]; then
echo ">> [$(date)] Applying signature spoofing patch to frameworks/base" >> $DOCKER_LOG echo ">> [$(date)] Applying the standard signature spoofing patch to frameworks/base" >> $DOCKER_LOG
repo start signature_spoofing patch -p1 -i /root/android_frameworks_base-N.patch
git am /root/android_frameworks_base-N.patch git clean -f
elif [ "$SIGNATURE_SPOOFING" = "restricted" ]; then
echo ">> [$(date)] Applying the restricted signature spoofing patch to frameworks/base" >> $DOCKER_LOG
sed 's/android:protectionLevel="dangerous"/android:protectionLevel="signature|privileged"/' /root/android_frameworks_base-N.patch | patch -p1
git clean -f
fi fi
cd $SRC_DIR cd $SRC_DIR