Add driver spoofing + stealth system

Driver spoof: mount namespace isolation keeps stock files visible
to verification (dm-verity, Play Integrity, hash checks) while
custom drivers load into target processes (surfaceflinger,
wpa_supplicant, bluetooth). SELinux context, timestamps, perms,
ownership all cloned from stock. Per-process or global modes.
Configurable driver map for GPU, WiFi firmware, BT firmware.

Stealth: process name masking (rtl_tcp->mediastream, etc),
non-stock prop removal, MAC randomization (WiFi+BT), USB device
permission tightening, log purging, logcat suppression.
Full mode combines all stealth features.

WebUI panels for both spoof and stealth control.

scripts/rtl_mode_switch.sh

@@ -10,13 +10,35 @@ MODDIR="/data/adb/modules/driver-manager"
 CONFDIR="$MODDIR/config"
 LOGFILE="$MODDIR/driver-manager.log"
 PIDDIR="$MODDIR/run"
-TERMUX="/data/data/com.termux/files/usr/bin"
 STREAMDIR="$MODDIR/streams"
 
+# Use stealth wrappers if available, otherwise Termux direct
+STEALTH_BIN=$(cat "$CONFDIR/stealth_bin_path" 2>/dev/null)
+if [ -n "$STEALTH_BIN" ] && [ -d "$STEALTH_BIN" ]; then
+    TERMUX="$STEALTH_BIN"
+    # Map stealth names back to real tool names for this script
+    RTL_TCP="$STEALTH_BIN/mediastream"
+    RTL_FM="$STEALTH_BIN/audioservice"
+    RTL_ADSB="$STEALTH_BIN/locationd"
+    RTL_POWER="$STEALTH_BIN/powermanager"
+    HACKRF="$STEALTH_BIN/usb_mtp"
+else
+    TERMUX="/data/data/com.termux/files/usr/bin"
+    RTL_TCP="$TERMUX/rtl_tcp"
+    RTL_FM="$TERMUX/rtl_fm"
+    RTL_ADSB="$TERMUX/rtl_adsb"
+    RTL_POWER="$TERMUX/rtl_power"
+    HACKRF="$TERMUX/hackrf_transfer"
+fi
+
 mkdir -p "$PIDDIR" "$STREAMDIR"
 
+# Stealth-aware logging — skip logcat in stealth mode
+STEALTH_MODE=$(cat "$CONFDIR/stealth_mode" 2>/dev/null || echo "off")
 mlog() {
+    [ "$STEALTH_MODE" = "full" ] && return
     echo "$(date '+%Y-%m-%d %H:%M:%S') [rtl_switch] $1" >> "$LOGFILE"
+    [ "$STEALTH_MODE" = "off" ] && log -t DriverManager "$1" 2>/dev/null
 }
 
 # Kill any running RTL process that holds the dongle
@@ -32,13 +54,18 @@ kill_rtl() {
         fi
         rm -f "$pidfile"
     done
-    # Also catch any strays
+    # Also catch any strays — both real and stealth names
     pkill -f rtl_tcp 2>/dev/null
     pkill -f rtl_fm 2>/dev/null
     pkill -f rtl_adsb 2>/dev/null
     pkill -f rtl_power 2>/dev/null
     pkill -f dvbt_rx 2>/dev/null
     pkill -f sdr_tv 2>/dev/null
+    pkill -f mediastream 2>/dev/null
+    pkill -f audioservice 2>/dev/null
+    pkill -f locationd 2>/dev/null
+    pkill -f powermanager 2>/dev/null
+    pkill -f usb_mtp 2>/dev/null
     sleep 1
 }
 
@@ -50,8 +77,8 @@ start_rtl_tcp() {
     SRATE=$(cat "$CONFDIR/rtl_samplerate" 2>/dev/null || echo "2048000")
     FREQ=$(cat "$CONFDIR/rtl_freq" 2>/dev/null || echo "100000000")
 
-    if [ -x "$TERMUX/rtl_tcp" ]; then
-        "$TERMUX/rtl_tcp" -a 127.0.0.1 -p "$PORT" -f "$FREQ" -s "$SRATE" -g "$GAIN" &
+    if [ -x "$RTL_TCP" ]; then
+        "$RTL_TCP" -a 127.0.0.1 -p "$PORT" -f "$FREQ" -s "$SRATE" -g "$GAIN" &
         echo $! > "$PIDDIR/rtl_tcp.pid"
         mlog "rtl_tcp started on port $PORT (freq=$FREQ srate=$SRATE gain=$GAIN)"
     else