From f9bc6d81252abdd9199e56eb56f7a3f728153bfd Mon Sep 17 00:00:00 2001 From: Pete Date: Mon, 4 Dec 2023 12:34:40 +0000 Subject: [PATCH] Make applying patches switchable --- src/build.sh | 64 ++++++++++++++++++++++++++++------------------------ 1 file changed, 34 insertions(+), 30 deletions(-) diff --git a/src/build.sh b/src/build.sh index da03eb5..ba59057 100755 --- a/src/build.sh +++ b/src/build.sh @@ -231,40 +231,44 @@ for branch in ${BRANCH_NAME//,/ }; do los_ver_minor=$(sed -n -e 's/^\s*PRODUCT_VERSION_MINOR = //p' "$makefile_containing_version") los_ver="$los_ver_major.$los_ver_minor" + if [ "$APPLY_PATCHES" = true ]; then # If needed, apply the microG's signature spoofing patch - if [ "$SIGNATURE_SPOOFING" = "yes" ] || [ "$SIGNATURE_SPOOFING" = "restricted" ]; then - # Determine which patch should be applied to the current Android source tree - cd frameworks/base - if [ "$SIGNATURE_SPOOFING" = "yes" ]; then - echo ">> [$(date)] Applying the standard signature spoofing patch ($frameworks_base_patch) to frameworks/base" - echo ">> [$(date)] WARNING: the standard signature spoofing patch introduces a security threat" - patch --quiet --force -p1 -i "/root/signature_spoofing_patches/$frameworks_base_patch" - else - echo ">> [$(date)] Applying the restricted signature spoofing patch (based on $frameworks_base_patch) to frameworks/base" - sed 's/android:protectionLevel="dangerous"/android:protectionLevel="signature|privileged"/' "/root/signature_spoofing_patches/$frameworks_base_patch" | patch --quiet --force -p1 - fi - git clean -q -f - cd ../.. - - if [ -n "$apps_permissioncontroller_patch" ] && [ "$SIGNATURE_SPOOFING" = "yes" ]; then - cd packages/apps/PermissionController - echo ">> [$(date)] Applying the apps/PermissionController patch ($apps_permissioncontroller_patch) to packages/apps/PermissionController" - patch --quiet --force -p1 -i "/root/signature_spoofing_patches/$apps_permissioncontroller_patch" + if [ "$SIGNATURE_SPOOFING" = "yes" ] || [ "$SIGNATURE_SPOOFING" = "restricted" ]; then + # Determine which patch should be applied to the current Android source tree + cd frameworks/base + if [ "$SIGNATURE_SPOOFING" = "yes" ]; then + echo ">> [$(date)] Applying the standard signature spoofing patch ($frameworks_base_patch) to frameworks/base" + echo ">> [$(date)] WARNING: the standard signature spoofing patch introduces a security threat" + patch --quiet --force -p1 -i "/root/signature_spoofing_patches/$frameworks_base_patch" + else + echo ">> [$(date)] Applying the restricted signature spoofing patch (based on $frameworks_base_patch) to frameworks/base" + sed 's/android:protectionLevel="dangerous"/android:protectionLevel="signature|privileged"/' "/root/signature_spoofing_patches/$frameworks_base_patch" | patch --quiet --force -p1 + fi git clean -q -f - cd ../../.. - fi + cd ../.. - if [ -n "$modules_permission_patch" ] && [ "$SIGNATURE_SPOOFING" = "yes" ]; then - cd packages/modules/Permission - echo ">> [$(date)] Applying the modules/Permission patch ($modules_permission_patch) to packages/modules/Permission" - patch --quiet --force -p1 -i "/root/signature_spoofing_patches/$modules_permission_patch" - git clean -q -f - cd ../../.. - fi + if [ -n "$apps_permissioncontroller_patch" ] && [ "$SIGNATURE_SPOOFING" = "yes" ]; then + cd packages/apps/PermissionController + echo ">> [$(date)] Applying the apps/PermissionController patch ($apps_permissioncontroller_patch) to packages/apps/PermissionController" + patch --quiet --force -p1 -i "/root/signature_spoofing_patches/$apps_permissioncontroller_patch" + git clean -q -f + cd ../../.. + fi - # Override device-specific settings for the location providers - mkdir -p "vendor/$vendor/overlay/microg/frameworks/base/core/res/res/values/" - cp /root/signature_spoofing_patches/frameworks_base_config.xml "vendor/$vendor/overlay/microg/frameworks/base/core/res/res/values/config.xml" + if [ -n "$modules_permission_patch" ] && [ "$SIGNATURE_SPOOFING" = "yes" ]; then + cd packages/modules/Permission + echo ">> [$(date)] Applying the modules/Permission patch ($modules_permission_patch) to packages/modules/Permission" + patch --quiet --force -p1 -i "/root/signature_spoofing_patches/$modules_permission_patch" + git clean -q -f + cd ../../.. + fi + + # Override device-specific settings for the location providers + mkdir -p "vendor/$vendor/overlay/microg/frameworks/base/core/res/res/values/" + cp /root/signature_spoofing_patches/frameworks_base_config.xml "vendor/$vendor/overlay/microg/frameworks/base/core/res/res/values/config.xml" + fi + else + echo ">> [$(date)] Applying patches disabled" fi echo ">> [$(date)] Setting \"$RELEASE_TYPE\" as release type"