diff --git a/module/template/common_func.sh b/module/template/common_func.sh deleted file mode 100644 index 7623096..0000000 --- a/module/template/common_func.sh +++ /dev/null @@ -1,17 +0,0 @@ -# resetprop_if_diff -resetprop_if_diff() { - local NAME="$1" - local EXPECTED="$2" - local CURRENT="$(resetprop "$NAME")" - - [ -z "$CURRENT" ] || [ "$CURRENT" = "$EXPECTED" ] || resetprop -n "$NAME" "$EXPECTED" -} - -# resetprop_if_match -resetprop_if_match() { - local NAME="$1" - local CONTAINS="$2" - local VALUE="$3" - - [[ "$(resetprop "$NAME")" = *"$CONTAINS"* ]] && resetprop -n "$NAME" "$VALUE" -} diff --git a/module/template/post-fs-data.sh b/module/template/post-fs-data.sh deleted file mode 100644 index 9ab2cee..0000000 --- a/module/template/post-fs-data.sh +++ /dev/null @@ -1,32 +0,0 @@ -MODPATH="${0%/*}" -. $MODPATH/common_func.sh - -# Conditional early sensitive properties - -# Samsung -resetprop_if_diff ro.boot.warranty_bit 0 -resetprop_if_diff ro.vendor.boot.warranty_bit 0 -resetprop_if_diff ro.vendor.warranty_bit 0 -resetprop_if_diff ro.warranty_bit 0 - -# Xiaomi -resetprop_if_diff ro.secureboot.lockstate locked - -# Realme -resetprop_if_diff ro.boot.realmebootstate green - -# OnePlus -resetprop_if_diff ro.is_ever_orange 0 - -# Microsoft -for PROP in $(resetprop | grep -oE 'ro.*.build.tags'); do - resetprop_if_diff $PROP release-keys -done - -# Other -for PROP in $(resetprop | grep -oE 'ro.*.build.type'); do - resetprop_if_diff $PROP user -done -resetprop_if_diff ro.debuggable 0 -resetprop_if_diff ro.force.debuggable 0 -resetprop_if_diff ro.secure 1 diff --git a/module/template/service.sh b/module/template/service.sh deleted file mode 100644 index 5d8c05a..0000000 --- a/module/template/service.sh +++ /dev/null @@ -1,44 +0,0 @@ -MODPATH="${0%/*}" -. $MODPATH/common_func.sh - -# Conditional sensitive properties - -# Magisk Recovery Mode -resetprop_if_match ro.boot.mode recovery unknown -resetprop_if_match ro.bootmode recovery unknown -resetprop_if_match vendor.boot.mode recovery unknown - -# SELinux -resetprop_if_diff ro.boot.selinux enforcing -# use delete since it can be 0 or 1 for enforcing depending on OEM -if [ -n "$(resetprop ro.build.selinux)" ]; then - resetprop --delete ro.build.selinux -fi -# use toybox to protect stat access time reading -if [ "$(toybox cat /sys/fs/selinux/enforce)" = "0" ]; then - chmod 640 /sys/fs/selinux/enforce - chmod 440 /sys/fs/selinux/policy -fi - -# Conditional late sensitive properties - -# must be set after boot_completed for various OEMs -{ - -# SafetyNet/Play Integrity + OEM -# avoid breaking Realme fingerprint scanners -resetprop_if_diff ro.boot.flash.locked 1 -resetprop_if_diff ro.boot.realme.lockstate 1 -# avoid breaking Oppo fingerprint scanners -resetprop_if_diff ro.boot.vbmeta.device_state locked -# avoid breaking OnePlus display modes/fingerprint scanners -resetprop_if_diff vendor.boot.verifiedbootstate green -# avoid breaking OnePlus/Oppo fingerprint scanners on OOS/ColorOS 12+ -resetprop_if_diff ro.boot.verifiedbootstate green -resetprop_if_diff ro.boot.veritymode enforcing -resetprop_if_diff vendor.boot.vbmeta.device_state locked - -# Other -resetprop_if_diff sys.oem_unlock_allowed 0 - -}&