Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

add network location setting and add network location provider to config_locationProviderPackageNames #61

Open
wants to merge 339 commits into
base: 15
Choose a base branch
from
Open

add network location setting and add network location provider to config_locationProviderPackageNames #61

wants to merge 339 commits into from

Conversation

soupslurpr
Copy link
Member

@soupslurpr soupslurpr commented Nov 6, 2024
edited
Loading

@soupslurpr soupslurpr changed the title add network location setting add network location setting and redirect to other location providers when network location is disabled Nov 15, 2024
thestinger and others added 26 commits December 6, 2024 07:19
@thestinger @muhomorr
disable OpenGL preloading for exec spawning
089b6ae
@thestinger @muhomorr
Revert "disable OpenGL preloading for exec spawning"
2849cb0 
This reverts commit 5a8d91b5fac0a1ae597de359128e0706776ce3a7.
@thestinger @muhomorr
disable resource preloading for exec spawning
2c90ef9
@thestinger @muhomorr
disable class preloading for exec spawning
b126cef
@thestinger @muhomorr
disable WebView reservation for exec spawning
91a8c28
@thestinger @muhomorr
disable JCA provider warm up for exec spawning
e4d3976
@thestinger @muhomorr
disable preloading classloaders for exec spawning
4788dc2
@thestinger @muhomorr
disable preloading HALs for exec spawning
7e8e315
@randomhydrosol @muhomorr
pass through runtime flags for exec spawning and implement them in th…
12e3424 
…e child
@muhomorr
exec spawning: don't close the binder connection when the app crashes
787a99b 
When an unhandled exception occured, binder connections were closed with
IPCThreadState::stopProcess() before the invocation of java.lang.Thread#dispatchUncaughtException().
By default, that method tries to report the crash via ActivityManager#handleApplicationCrash(),
which always failed due to the closed binder connection.
This meant that the crash dialog was never shown and additional crash handling was skipped.

Zygote-based spawning never calls IPCThreadState::stopProcess().
@muhomorr
add a wrapper for execveat(2)
08243b6 
Needed for exec spawning, to pass custom flags to the kernel.
@muhomorr
zygote: define runtime flags that depend on exec spawning
b2e5c24
@muhomorr
exec spawning: support runtime resource overlays
c3c8c55
@muhomorr
exec spawning: support disabling hardened_malloc and extended VA space
0646842
@muhomorr
exec spawning: add workaround for late init of ART userfaultfd GC
e1c39d4 
Chromium browser and its derivatives setup a seccomp syscall filter in their isolated processes,
which blocks creation of new userfaultfds.

Since 14 QPR2, ART uses a new userfaultfd-based GC.

When zygote-based process spawning is used, userfaultfd GC is initialized before any of app's code
is executed, i.e. before Chromium's seccomp syscall filter is installed.

When exec spawning is used, userfaultfd GC initialization is delayed until first garbage collection.
Chromium's seccomp syscall filter is already installed at that point.

This leads to crashes of isolated Chromium processes (both browser and WebView), with the following
log messages:
 E cr_seccomp: ../../sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.cc:**CRASHING**:seccomp-bpf failure in syscall
 E cr_seccomp: nr=0x11a arg1=0x80001 arg2=0xc arg3=0xffffffffffffffff arg4=0xc

As a workaround, perform early initialization of ART userfaultfd GC in isolated processes by calling
System.gc() before executing app's code. On Pixel 8, this increases startup latency by around 4 to
10 milliseconds.
@muhomorr @renlord @thestinger
use HTTPS X-Time header for time updates instead of NTP
c21530e 
Based on 57448ae and d17960e

Co-authored-by: Renlord <me@renlord.com>
Co-authored-by: Daniel Micay <daniel.micay@grapheneos.org>
@muhomorr
extend auto-time setting to forced time updates
f7f4991 
Original commit: c1d9385
@thestinger @muhomorr
reduce system clock drift warning
107ba0c
@thestinger @muhomorr
core/config: disable using telephony-based auto time
9216640
@muhomorr
add system package check methods to PackageUtils
19bb01e
@muhomorr
filter out non-system packages from location indicator exemptions
b216a87
@muhomorr
filter out non-system packages from getLocationBypassPackages() result
1a95994
@muhomorr
define package name of first-party app source
85316d0
@muhomorr
SystemUI: require unlocking to use QS tiles by default
7740243
@muhomorr
SystemUI: allow to use some QS tiles while device is locked
8abc24f
@thestinger @muhomorr
SystemUI: enable NFC quick settings tile
f8f4964
u-fred and others added 10 commits December 29, 2024 23:53
@u-fred @muhomorr
throw Exception to notify of SceneContainerFlag
bba7ed2
@u-fred @muhomorr
prevent face auth in KUM
277409d
@u-fred @muhomorr
fix upstream fingerprint mode change bug
8bfb7a9
@u-fred @muhomorr
append "Safe" to risky upstream method names
e1e275f 
Some upstream methods are used to check if unlocking is possible when it
is known that a biometric auth has succeeded, but they don't and can't
take into account biometric second factor. Renaming these methods gives
us build errors for future callers, so we can make sure they are safe.
@u-fred @muhomorr
add second factor to fingerprint unlock
ba3926b
@muhomorr
fix feature check in DPMS.getPasswordMinimumMetricsUnchecked()
798cf04 
Extracted from:
commit dc6270f
Author: Fred Underwood <underwoodfred@proton.me>
Date:   Sat Dec 21 16:25:15 2024 +1000

    add second factor to DevicePolicyManagerService
@muhomorr
fixup! add duress password feature
e2d0cbf
@muhomorr
fix collision check in SyntheticPasswordManager.generateProtectorId()
5681bcc 
Extracted from:
commit 3caf1f2
Author: Fred Underwood <underwoodfred@proton.me>
Date:   Sat Dec 21 16:40:05 2024 +1000

    add second factor to LockSettingsService
@muhomorr
fixup! add option to scramble PIN layout
810d430 
Extracted from:
commit caa335d
Author: Fred Underwood <underwoodfred@proton.me>
Date:   Sun Dec 22 06:53:47 2024 +1000

    add second factor UI
@muhomorr
fixup! add option to scramble PIN layout
40fa839
@thestinger
Copy link
Member

@hamzabhatti5253 Why are you repeatedly marking this approved?

@soupslurpr soupslurpr changed the title add network location setting, redirect to other location providers when network location is disabled, and add network location provider to config_locationProviderPackageNames add network location setting and add network location provider to config_locationProviderPackageNames Jan 5, 2025
@thestinger thestinger force-pushed the 15 branch 9 times, most recently from 3d97c25 to f3469eb Compare January 21, 2025 08:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@hamzabhatti5253 hamzabhatti5253 hamzabhatti5253 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.