From b0779c0cb6cb10ef1ad61c77290fe7c71acb1041 Mon Sep 17 00:00:00 2001
From: Marius Gripsgard <marius@ubports.com>
Date: Thu, 16 Aug 2018 18:29:39 +0200
Subject: [PATCH 1/7] Add enable mir option (default disabled)

---
 CMakeLists.txt | 13 ++++++-------
 1 file changed, 6 insertions(+), 7 deletions(-)

diff --git a/CMakeLists.txt b/CMakeLists.txt
index c1a98c5..d046142 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -68,19 +68,18 @@ pkg_check_modules(SDL2_IMAGE SDL2_image REQUIRED)
 pkg_check_modules(DBUS dbus-1 REQUIRED)
 pkg_check_modules(LXC lxc REQUIRED)
 pkg_check_modules(PROPERTIES_CPP properties-cpp REQUIRED)
+pkg_check_modules(LIBSYSTEMD libsystemd REQUIRED)
 
 option(ANBOX_ENABLE_WAYLAND "Enable wayland support" ON)
 if (ANBOX_ENABLE_WAYLAND)
   set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -DWAYLAND_SUPPORT")
 endif()
 
-pkg_check_modules(LIBSYSTEMD libsystemd REQUIRED)
-# FIXME mir support is currently broken due to mir's API
-# being broken with recent landings in Ubuntu 16.04
-# pkg_check_modules(MIRCLIENT mirclient)
-# if (MIRCLIENT_FOUND)
-#   set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -DMIR_SUPPORT")
-# endif()
+option(ANBOX_ENABLE_MIR "Enable mir support" OFF)
+if (ANBOX_ENABLE_MIR)
+  pkg_check_modules(MIRCLIENT mirclient REQUIRED)
+  set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -DMIR_SUPPORT")
+endif()
 
 set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -DMESA_EGL_NO_X11_HEADERS")
 

From 2b3c1f1e2def7762e1e29c83496b519c256cb03e Mon Sep 17 00:00:00 2001
From: Marius Gripsgard <marius@ubports.com>
Date: Sat, 18 Aug 2018 12:53:45 +0200
Subject: [PATCH 2/7] Change option var to ENABLE_MIR

---
 CMakeLists.txt | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/CMakeLists.txt b/CMakeLists.txt
index d046142..2a6c049 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -75,8 +75,8 @@ if (ANBOX_ENABLE_WAYLAND)
   set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -DWAYLAND_SUPPORT")
 endif()
 
-option(ANBOX_ENABLE_MIR "Enable mir support" OFF)
-if (ANBOX_ENABLE_MIR)
+option(ENABLE_MIR "Enable mir support" OFF)
+if (ENABLE_MIR)
   pkg_check_modules(MIRCLIENT mirclient REQUIRED)
   set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -DMIR_SUPPORT")
 endif()

From 75f5a8f6abb5fe0e0f5d14c8030322e284bcd82c Mon Sep 17 00:00:00 2001
From: Marius Gripsgard <marius@ubports.com>
Date: Sat, 18 Aug 2018 12:54:26 +0200
Subject: [PATCH 3/7] Change option var to ENABLE_TOUCH_INPUT

---
 CMakeLists.txt | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/CMakeLists.txt b/CMakeLists.txt
index 2a6c049..b41cb18 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -141,7 +141,7 @@ configure_file("${CMAKE_CURRENT_SOURCE_DIR}/cmake_uninstall.cmake.in"
 add_custom_target(uninstall "${CMAKE_COMMAND}"
                   -P "${CMAKE_CURRENT_BINARY_DIR}/cmake_uninstall.cmake")
 
-option(TOUCH_INPUT "Enable touch input support" OFF)
-if (TOUCH_INPUT)
+option(ENABLE_TOUCH_INPUT "Enable touch input support" OFF)
+if (ENABLE_TOUCH_INPUT)
   set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -DENABLE_TOUCH_INPUT")
 endif()

From 7cc6fb44d9800a317ccb5af8fdd0ca7094902b35 Mon Sep 17 00:00:00 2001
From: Marius Gripsgard <marius@ubports.com>
Date: Sat, 18 Aug 2018 12:54:04 +0200
Subject: [PATCH 4/7] Change option var to ENABLE_WAYLAND

---
 CMakeLists.txt | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/CMakeLists.txt b/CMakeLists.txt
index b41cb18..f411999 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -70,8 +70,8 @@ pkg_check_modules(LXC lxc REQUIRED)
 pkg_check_modules(PROPERTIES_CPP properties-cpp REQUIRED)
 pkg_check_modules(LIBSYSTEMD libsystemd REQUIRED)
 
-option(ANBOX_ENABLE_WAYLAND "Enable wayland support" ON)
-if (ANBOX_ENABLE_WAYLAND)
+option(ENABLE_WAYLAND "Enable wayland support" ON)
+if (ENABLE_WAYLAND)
   set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -DWAYLAND_SUPPORT")
 endif()
 

From 568a48343565ad59bd8c0c70aab74c398aea53ca Mon Sep 17 00:00:00 2001
From: Simon Fels <morphis@gravedo.de>
Date: Fri, 10 Aug 2018 07:30:58 +0200
Subject: [PATCH 5/7] cmds: allow users to change the container network
 configuration

In some spare situations it might be useful to change the network
configuration of the bridge and with that also the configuration of
the Android container itself. We don't validate the configuration
and just apply it no matter if it ends up with network connectivity
in the container.
---
 scripts/container-manager.sh          | 15 ++++++++++++++
 src/anbox/cmds/container_manager.cpp  | 15 ++++++++++++++
 src/anbox/cmds/container_manager.h    |  3 +++
 src/anbox/container/lxc_container.cpp | 28 +++++++++++++++++++++++----
 src/anbox/container/lxc_container.h   | 11 ++++++++++-
 src/anbox/container/service.cpp       |  7 ++++++-
 src/anbox/container/service.h         |  3 +++
 7 files changed, 76 insertions(+), 6 deletions(-)

diff --git a/scripts/container-manager.sh b/scripts/container-manager.sh
index 06a11a4..12a4d31 100755
--- a/scripts/container-manager.sh
+++ b/scripts/container-manager.sh
@@ -70,6 +70,21 @@ start() {
 		EXTRA_ARGS="$EXTRA_ARGS --privileged"
 	fi
 
+	container_network_address=$(snapctl get container.network.address)
+	if [ -n "$container_network_address" ]; then
+		EXTRA_ARGS="$EXTRA_ARGS --container-network-address=$container_network_address"
+	fi
+
+	container_network_gateway=$(snapctl get container.network.gateway)
+	if [ -n "$container_network_gateway" ]; then
+		EXTRA_ARGS="$EXTRA_ARGS --container-network-gateway=$container_network_gateway"
+	fi
+
+	container_network_dns=$(snapctl get container.network.dns)
+	if [ -n "$container_network_dns" ]; then
+		EXTRA_ARGS="$EXTRA_ARGS --container-network-dns-servers=$container_network_dns"
+	fi
+
 	exec "$SNAP"/bin/anbox-wrapper.sh container-manager \
 		--data-path="$DATA_PATH" \
 		--android-image="$ANDROID_IMG" \
diff --git a/src/anbox/cmds/container_manager.cpp b/src/anbox/cmds/container_manager.cpp
index da6b924..307001d 100644
--- a/src/anbox/cmds/container_manager.cpp
+++ b/src/anbox/cmds/container_manager.cpp
@@ -55,6 +55,15 @@ anbox::cmds::ContainerManager::ContainerManager()
   flag(cli::make_flag(cli::Name{"use-rootfs-overlay"},
                       cli::Description{"Use an overlay for the Android rootfs"},
                       enable_rootfs_overlay_));
+  flag(cli::make_flag(cli::Name{"container-network-address"},
+                      cli::Description{"Assign the specified network address to the Android container"},
+                      container_network_address_));
+  flag(cli::make_flag(cli::Name{"container-network-gateway"},
+                      cli::Description{"Assign the specified network gateway to the Android container"},
+                      container_network_gateway_));
+  flag(cli::make_flag(cli::Name{"container-network-dns-servers"},
+                      cli::Description{"Assign the specified DNS servers to the Android container"},
+                      container_network_dns_servers_));
 
   action([&](const cli::Command::Context&) {
     try {
@@ -93,6 +102,12 @@ anbox::cmds::ContainerManager::ContainerManager()
       container::Service::Configuration config;
       config.privileged = privileged_;
       config.rootfs_overlay = enable_rootfs_overlay_;
+      config.container_network_address = container_network_address_;
+      config.container_network_gateway = container_network_gateway_;
+
+      if (container_network_dns_servers_.length() > 0)
+        config.container_network_dns_servers = utils::string_split(container_network_dns_servers_, ',');
+
       auto service = container::Service::create(rt, config);
 
       rt->start();
diff --git a/src/anbox/cmds/container_manager.h b/src/anbox/cmds/container_manager.h
index 8532147..4fb151a 100644
--- a/src/anbox/cmds/container_manager.h
+++ b/src/anbox/cmds/container_manager.h
@@ -45,6 +45,9 @@ class ContainerManager : public cli::CommandWithFlagsAndAction {
   bool privileged_ = false;
   bool daemon_ = false;
   bool enable_rootfs_overlay_ = false;
+  std::string container_network_address_;
+  std::string container_network_gateway_;
+  std::string container_network_dns_servers_;
 };
 }  // namespace cmds
 }  // namespace anbox
diff --git a/src/anbox/container/lxc_container.cpp b/src/anbox/container/lxc_container.cpp
index ca83141..2bcec12 100644
--- a/src/anbox/container/lxc_container.cpp
+++ b/src/anbox/container/lxc_container.cpp
@@ -45,7 +45,6 @@ constexpr const char *default_container_ip_address{"192.168.250.2"};
 constexpr const std::uint32_t default_container_ip_prefix_length{24};
 constexpr const char *default_host_ip_address{"192.168.250.1"};
 constexpr const char *default_dns_server{"8.8.8.8"};
-constexpr const char *default_console_buffer_size{"256KB"};
 
 constexpr int device_major(__dev_t dev) {
   return int(((dev >> 8) & 0xfff) | ((dev >> 32) & (0xfffff000)));
@@ -58,11 +57,19 @@ constexpr int device_minor(__dev_t dev) {
 
 namespace anbox {
 namespace container {
-LxcContainer::LxcContainer(bool privileged, bool rootfs_overlay, const network::Credentials &creds)
+LxcContainer::LxcContainer(bool privileged,
+                           bool rootfs_overlay,
+                           const std::string& container_network_address,
+                           const std::string &container_network_gateway,
+                           const std::vector<std::string> &container_network_dns_servers,
+                           const network::Credentials &creds)
     : state_(State::inactive),
       container_(nullptr),
       privileged_(privileged),
       rootfs_overlay_(rootfs_overlay),
+      container_network_address_(container_network_address),
+      container_network_gateway_(container_network_gateway),
+      container_network_dns_servers_(container_network_dns_servers),
       creds_(creds) {
   utils::ensure_paths({
       SystemConfiguration::instance().container_config_dir(),
@@ -115,9 +122,22 @@ void LxcContainer::setup_network() {
   android::IpConfigBuilder ip_conf;
   ip_conf.set_version(android::IpConfigBuilder::Version::Version2);
   ip_conf.set_assignment(android::IpConfigBuilder::Assignment::Static);
-  ip_conf.set_link_address(default_container_ip_address, default_container_ip_prefix_length);
+
+  std::string address = default_container_ip_address;
+  if (!container_network_address_.empty())
+    address = container_network_address_;
+  ip_conf.set_link_address(address, default_container_ip_prefix_length);
+
+  std::string gateway = default_host_ip_address;
+  if (!container_network_gateway_.empty())
+    gateway = container_network_gateway_;
   ip_conf.set_gateway(default_host_ip_address);
-  ip_conf.set_dns_servers({default_dns_server});
+
+  if (container_network_dns_servers_.size() > 0)
+    ip_conf.set_dns_servers(container_network_dns_servers_);
+  else
+    ip_conf.set_dns_servers({default_dns_server});
+
   ip_conf.set_id(0);
 
   std::vector<std::uint8_t> buffer(512);
diff --git a/src/anbox/container/lxc_container.h b/src/anbox/container/lxc_container.h
index 4871014..2fa159d 100644
--- a/src/anbox/container/lxc_container.h
+++ b/src/anbox/container/lxc_container.h
@@ -22,6 +22,7 @@
 #include "anbox/network/credentials.h"
 
 #include <string>
+#include <vector>
 
 #include <lxc/lxccontainer.h>
 
@@ -29,7 +30,12 @@ namespace anbox {
 namespace container {
 class LxcContainer : public Container {
  public:
-  LxcContainer(bool privileged, bool rootfs_overlay, const network::Credentials &creds);
+  LxcContainer(bool privileged,
+               bool rootfs_overlay,
+               const std::string &container_network_address,
+               const std::string &container_network_gateway,
+               const std::vector<std::string> &container_network_dns_servers,
+               const network::Credentials &creds);
   ~LxcContainer();
 
   void start(const Configuration &configuration) override;
@@ -46,6 +52,9 @@ class LxcContainer : public Container {
   lxc_container *container_;
   bool privileged_;
   bool rootfs_overlay_;
+  std::string container_network_address_;
+  std::string container_network_gateway_;
+  std::vector<std::string> container_network_dns_servers_;
   network::Credentials creds_;
 };
 }  // namespace container
diff --git a/src/anbox/container/service.cpp b/src/anbox/container/service.cpp
index 2c192fb..71cc6e3 100644
--- a/src/anbox/container/service.cpp
+++ b/src/anbox/container/service.cpp
@@ -86,7 +86,12 @@ void Service::new_client(std::shared_ptr<boost::asio::local::stream_protocol::so
   auto pending_calls = std::make_shared<rpc::PendingCallCache>();
   auto rpc_channel = std::make_shared<rpc::Channel>(pending_calls, messenger);
   auto server = std::make_shared<container::ManagementApiSkeleton>(
-      pending_calls, std::make_shared<LxcContainer>(config_.privileged, config_.rootfs_overlay, messenger->creds()));
+      pending_calls, std::make_shared<LxcContainer>(config_.privileged,
+                                                    config_.rootfs_overlay,
+                                                    config_.container_network_address,
+                                                    config_.container_network_gateway,
+                                                    config_.container_network_dns_servers,
+                                                    messenger->creds()));
   auto processor = std::make_shared<container::ManagementApiMessageProcessor>(
       messenger, pending_calls, server);
 
diff --git a/src/anbox/container/service.h b/src/anbox/container/service.h
index d58b455..37450d1 100644
--- a/src/anbox/container/service.h
+++ b/src/anbox/container/service.h
@@ -33,6 +33,9 @@ class Service : public std::enable_shared_from_this<Service> {
   struct Configuration {
     bool privileged = false;
     bool rootfs_overlay = true;
+    std::string container_network_address;
+    std::string container_network_gateway;
+    std::vector<std::string> container_network_dns_servers;
   };
 
   static std::shared_ptr<Service> create(const std::shared_ptr<Runtime> &rt,

From c5da3c4e4fb9bf181527463fdf682de2a8dc0323 Mon Sep 17 00:00:00 2001
From: Simon Fels <morphis@gravedo.de>
Date: Tue, 4 Sep 2018 07:52:04 +0200
Subject: [PATCH 6/7] cmds: add override for Intel Celeron N2840

---
 src/anbox/cmds/check_features.cpp | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/src/anbox/cmds/check_features.cpp b/src/anbox/cmds/check_features.cpp
index 5d1be32..5826d59 100644
--- a/src/anbox/cmds/check_features.cpp
+++ b/src/anbox/cmds/check_features.cpp
@@ -27,9 +27,13 @@ std::vector<std::string> cpu_whitelist = {
   // when started with `-cpu qemu64,+ssse3,+sse4.1,+sse4.2,+x2apic`
   "QEMU",
 
-  // Intel Core i7 M620 does not support AVX which causes cpu_features to not
-  // detect SSE and friends correctly
+  // The following CPUs do not support AVX and without it cpu_features can't detect
+  // if SSE & friends are supported. See https://github.com/google/cpu_features/issues/4
+
+  // Intel Core i7 M620
   "M 620",
+  // Intel Celeron N2840
+  "N2840",
 };
 } // namespace
 

From ae5004b45d49c2b2cda07aaaaa642e72d2882715 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?M=C3=A1rcio=20Francisco?= <marciosilva15@hotmail.com>
Date: Fri, 7 Sep 2018 18:34:21 +0100
Subject: [PATCH 7/7] cmds: add override for Intel Core i5 M 460

---
 src/anbox/cmds/check_features.cpp | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/anbox/cmds/check_features.cpp b/src/anbox/cmds/check_features.cpp
index 5826d59..309d59f 100644
--- a/src/anbox/cmds/check_features.cpp
+++ b/src/anbox/cmds/check_features.cpp
@@ -32,6 +32,8 @@ std::vector<std::string> cpu_whitelist = {
 
   // Intel Core i7 M620
   "M 620",
+  // Intel Core i5 M460
+  "M 460",
   // Intel Celeron N2840
   "N2840",
 };