From 50027d7dd2507e5bb82c77e7a179b16d2646f611 Mon Sep 17 00:00:00 2001
From: Samuel Wein <poshul@gmail.com>
Date: Fri, 19 Apr 2019 01:14:16 -0400
Subject: [PATCH] Add support for building LineageOS-16.0 (#30)

* Added initial Android 9 / LineageOS 16.0 support

* Add muppets16 containing Lineage-16.0 themuppets repos. Updated src/build.sh to allow building Lineage-16.0

* [Fix] Fixed switch for which themuppets repo to use

* [Fix] TheMuppets now supplies 16.0 manifests. Deleting local copy

* [fix] Fixed signing builds in Lineage-16.0 and added kmod to the docker image. (thanks @corna for both)

* Fix Android < 9 builds
---
 Dockerfile                                    |  2 +-
 src/build.sh                                  | 17 +++-
 .../android_frameworks_base-P.patch           | 88 +++++++++++++++++++
 3 files changed, 103 insertions(+), 4 deletions(-)
 create mode 100644 src/signature_spoofing_patches/android_frameworks_base-P.patch

diff --git a/Dockerfile b/Dockerfile
index 115ce40..4e0f838 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -168,7 +168,7 @@ RUN apt-get -qq update
 RUN apt-get -qqy upgrade
 
 RUN apt-get install -y bc bison bsdmainutils build-essential ccache cgpt cron \
-      curl flex g++-multilib gcc-multilib git gnupg gperf imagemagick \
+      curl flex g++-multilib gcc-multilib git gnupg gperf imagemagick kmod \
       lib32ncurses5-dev lib32readline-dev lib32z1-dev libesd0-dev liblz4-tool \
       libncurses5-dev libsdl1.2-dev libssl-dev libwxgtk3.0-dev libxml2 \
       libxml2-utils lsof lzop maven openjdk-7-jdk openjdk-8-jdk pngcrush \
diff --git a/src/build.sh b/src/build.sh
index d9c27e4..5c92bb7 100755
--- a/src/build.sh
+++ b/src/build.sh
@@ -120,11 +120,12 @@ for branch in ${BRANCH_NAME//,/ }; do
         themuppets_branch=cm-14.1
       elif [[ $branch =~ .*lineage-15\.1.* ]]; then
         themuppets_branch=lineage-15.1
+      elif [[ $branch =~ .*lineage-16\.0.* ]]; then
+        themuppets_branch=lineage-16.0
       else
         themuppets_branch=lineage-15.1
         echo ">> [$(date)] Can't find a matching branch on github.com/TheMuppets, using $themuppets_branch"
       fi
-
       wget -q -O .repo/local_manifests/proprietary.xml "https://raw.githubusercontent.com/TheMuppets/manifests/$themuppets_branch/muppets.xml"
     fi
 
@@ -134,7 +135,14 @@ for branch in ${BRANCH_NAME//,/ }; do
 
     android_version=$(sed -n -e 's/^\s*PLATFORM_VERSION\.OPM1 := //p' build/core/version_defaults.mk)
     if [ -z $android_version ]; then
-      android_version=$(sed -n -e 's/^\s*PLATFORM_VERSION := //p' build/core/version_defaults.mk)
+      android_version=$(sed -n -e 's/^\s*PLATFORM_VERSION\.PPR1 := //p' build/core/version_defaults.mk)
+      if [ -z $android_version ]; then
+        android_version=$(sed -n -e 's/^\s*PLATFORM_VERSION := //p' build/core/version_defaults.mk)
+        if [ -z $android_version ]; then
+          echo ">> [$(date)] Can't detect the android version"
+          exit 1
+        fi
+      fi
     fi
     android_version_major=$(cut -d '.' -f 1 <<< $android_version)
 
@@ -167,6 +175,7 @@ for branch in ${BRANCH_NAME//,/ }; do
         6.*  )    patch_name="android_frameworks_base-M.patch" ;;
         7.*  )    patch_name="android_frameworks_base-N.patch" ;;
         8.*  )    patch_name="android_frameworks_base-O.patch" ;;
+	9*  )    patch_name="android_frameworks_base-P.patch" ;; #not sure why 9 not 9.0 but here's a fix that will work until android 90
       esac
 
       if ! [ -z $patch_name ]; then
@@ -220,7 +229,9 @@ for branch in ${BRANCH_NAME//,/ }; do
 
     if [ "$SIGN_BUILDS" = true ]; then
       echo ">> [$(date)] Adding keys path ($KEYS_DIR)"
-      sed -i "1s;^;PRODUCT_DEFAULT_DEV_CERTIFICATE := $KEYS_DIR/releasekey\nPRODUCT_OTA_PUBLIC_KEYS := $KEYS_DIR/releasekey\nPRODUCT_EXTRA_RECOVERY_KEYS := $KEYS_DIR/releasekey\n\n;" "vendor/$vendor/config/common.mk"
+      # Soong (Android 9+) complains if the signing keys are outside the build path
+      ln -sf "$KEYS_DIR" user-keys
+      sed -i "1s;^;PRODUCT_DEFAULT_DEV_CERTIFICATE := user-keys/releasekey\nPRODUCT_OTA_PUBLIC_KEYS := user-keys/releasekey\nPRODUCT_EXTRA_RECOVERY_KEYS := user-keys/releasekey\n\n;" "vendor/$vendor/config/common.mk"
     fi
 
     if [ "$android_version_major" -ge "7" ]; then
diff --git a/src/signature_spoofing_patches/android_frameworks_base-P.patch b/src/signature_spoofing_patches/android_frameworks_base-P.patch
new file mode 100644
index 0000000..ad0fdf2
--- /dev/null
+++ b/src/signature_spoofing_patches/android_frameworks_base-P.patch
@@ -0,0 +1,88 @@
+diff --git a/core/res/AndroidManifest.xml b/core/res/AndroidManifest.xml
+index 66c497e9977..c1b2e703109 100644
+--- a/core/res/AndroidManifest.xml
++++ b/core/res/AndroidManifest.xml
+@@ -2341,6 +2341,13 @@
+         android:description="@string/permdesc_getPackageSize"
+         android:protectionLevel="normal" />
+ 
++    <!-- @hide Allows an application to change the package signature as
++	 seen by applications -->
++    <permission android:name="android.permission.FAKE_PACKAGE_SIGNATURE"
++        android:protectionLevel="dangerous"
++        android:label="@string/permlab_fakePackageSignature"
++        android:description="@string/permdesc_fakePackageSignature" />
++
+     <!-- @deprecated No longer useful, see
+          {@link android.content.pm.PackageManager#addPackageToPreferred}
+          for details. -->
+diff --git a/core/res/res/values/config.xml b/core/res/res/values/config.xml
+index 0b5dd7e70e8..bbdba64f2ba 100644
+--- a/core/res/res/values/config.xml
++++ b/core/res/res/values/config.xml
+@@ -1650,6 +1650,8 @@
+     <string-array name="config_locationProviderPackageNames" translatable="false">
+         <!-- The standard AOSP fused location provider -->
+         <item>com.android.location.fused</item>
++        <!-- The (faked) microg fused location provider (a free reimplementation) -->
++        <item>com.google.android.gms</item>
+     </string-array>
+ 
+     <!-- This string array can be overriden to enable test location providers initially. -->
+diff --git a/core/res/res/values/strings.xml b/core/res/res/values/strings.xml
+index 3c5159c89bf..7583f1c567f 100644
+--- a/core/res/res/values/strings.xml
++++ b/core/res/res/values/strings.xml
+@@ -786,6 +786,11 @@
+     <!--  Permissions -->
+ 
+     <!-- Title of an application permission, listed so the user can choose whether they want to allow the application to do this. -->
++    <string name="permlab_fakePackageSignature">Spoof package signature</string>
++    <!-- Description of an application permission, listed so the user can choose whether they want to allow the application to do this. -->
++    <string name="permdesc_fakePackageSignature">Allows the app to pretend to be a different app. Malicious applications might be able to use this to access private application data. Legitimate uses include an emulator pretending to be what it emulates. Grant this permission with caution only!</string>
++
++    <!-- Title of an application permission, listed so the user can choose whether they want to allow the application to do this. -->
+     <string name="permlab_statusBar">disable or modify status bar</string>
+     <!-- Description of an application permission, listed so the user can choose whether they want to allow the application to do this. -->
+     <string name="permdesc_statusBar">Allows the app to disable the status bar or add and remove system icons.</string>
+diff --git a/services/core/java/com/android/server/pm/PackageManagerService.java b/services/core/java/com/android/server/pm/PackageManagerService.java
+index 9ed2b9c1854..4c5ce24cfa7 100644
+--- a/services/core/java/com/android/server/pm/PackageManagerService.java
++++ b/services/core/java/com/android/server/pm/PackageManagerService.java
+@@ -3937,8 +3937,9 @@ public class PackageManagerService extends IPackageManager.Stub
+             final Set<String> permissions = ArrayUtils.isEmpty(p.requestedPermissions)
+                     ? Collections.<String>emptySet() : permissionsState.getPermissions(userId);
+ 
+-            PackageInfo packageInfo = PackageParser.generatePackageInfo(p, gids, flags,
+-                    ps.firstInstallTime, ps.lastUpdateTime, permissions, state, userId);
++            PackageInfo packageInfo = mayFakeSignature(p, PackageParser.generatePackageInfo(p, gids, flags,
++                ps.firstInstallTime, ps.lastUpdateTime, permissions, state, userId),
++                permissions);
+ 
+             if (packageInfo == null) {
+                 return null;
+@@ -3974,6 +3975,24 @@ public class PackageManagerService extends IPackageManager.Stub
+         }
+     }
+ 
++    private PackageInfo mayFakeSignature(PackageParser.Package p, PackageInfo pi,
++            Set<String> permissions) {
++        try {
++            if (permissions.contains("android.permission.FAKE_PACKAGE_SIGNATURE")
++                    && p.applicationInfo.targetSdkVersion > Build.VERSION_CODES.LOLLIPOP_MR1
++                    && p.mAppMetaData != null) {
++                String sig = p.mAppMetaData.getString("fake-signature");
++                if (sig != null) {
++                    pi.signatures = new Signature[] {new Signature(sig)};
++                }
++            }
++        } catch (Throwable t) {
++            // We should never die because of any failures, this is system code!
++            Log.w("PackageManagerService.FAKE_PACKAGE_SIGNATURE", t);
++	}
++        return pi;
++    }
++
+     @Override
+     public void checkPackageStartable(String packageName, int userId) {
+         final int callingUid = Binder.getCallingUid();