Better Mobile App

Guardian Rom [Secure] [Privacy] [Preview]

Guardian Rom by x942​Thanks to:​
The Guardian Project
Cyanogen Mod
Android
Open-Pdroid Project
Any one else I am missing
Click to expand...
Click to collapse
What is Guardian Rom?​
Guardian ROM is a custom android ROM multiple devices. The ROM is completely Open Source and based off of the CM10.1. While this build is stable because it's based on CM10.1 it is a preview so please expect some bugs, & missing features (i.e updater).
What Features does Guardian Rom have?​
Kernel is hardened with SecDroid Tweaks.
ROM is patched with and includes OpenPdoird for
permissions management.
Guardian Project apps are pre-installed – These include Orbot (Tor), Gibberbot (Secure IM),
and more.
CSSimple and OStel (https://guardianproject.info/wiki/Ostel) are included as replacements to the
built calling apps. providing encrypted communications.
If encryption is enabled and password is entered wrong 10 times the phone wipes user data.
Click to expand...
Click to collapse
Coming Soon:​
Including support for Deniable Encryption (similar to Truecrypt hidden volumes).
Including GRSecurity for exploit mitigation and more secure phone.
Including SQLCipher to ensure all data is encrypted whenever possible
Including a customer “app store” for our repos.
Different lockscreen pin and Pre-Boot authentication password.
Auto-Prompt for encryption setup on first boot.
​
Click to expand...
Click to collapse
How to use:​
Simply flash the flashable zip through your favorite custom recovery. (TWRP is recommended as it supports encrypted devices). Once flashed you should enable Full Disk Encryption by doing the following (may very depending on device):
Code:
Settings --> Security ---> Password [enter a strong 8-16 char password]
Than
Code:
Settings --> Security ---> Encryption --> Enable Encryption
Downloads:​Downloads are over here.
Please verify the downloaded file with the attached GPG signature to ensure is is a legit copy.
GAPPS
Google Apps are NOT included and before you flash them you may want to read this article.
UPDATES:
Since this is a preview I have not had a chance to remove or modify the CM Updater. Please do NOT use it as you will be flashing a stock CM10.1 build and not Guardian Rom. This will be fixed shortly.​

thanks for taking the time to build this! how does your ROM compare with SE for Android [ http://selinuxproject.org/page/SEAndroid ]? it sounds like similar features. ive been planning on doing an htc one android SE build for a long time now but havent had the time or the skill to do so. anyways, i appreciate you building this.

lfwake08 said:
thanks for taking the time to build this! how does your ROM compare with SE for Android [ http://selinuxproject.org/page/SEAndroid ]? it sounds like similar features. ive been planning on doing an htc one android SE build for a long time now but havent had the time or the skill to do so. anyways, i appreciate you building this.
Click to expand...
Click to collapse
The build focuses more on the Encryption side and Exploit mitigation (GRSecurity) side of things. SEAndroid is great for containment of malicious payloads AFTER a successful exploit. We want to prevent the exploit to begin with. GRSecurity isn't included yet due to stability issues but it will be eventually. Since we can use SeLinux as the MAC with GRSec. We may do so. Or we may choose to go with RBAC instead. We haven't got that far just yet.
Another note:
Most of the features work well on AOSP but not on CM. It will take more work to either port these enhancements to CM or port stock AOSP to non-nexus devices such as the HTC One.

What exactly isneeded to change my new unlocked Moto E 4G LTE OS to a CyanogenMod OS?

I purchased outright this Moto E 4G LTE from Staples.
It's not locked to any single carrier and I more than likely will use it as a pocket computer, rather than a talk and text phone.
The details from within the phone are as follows:
Model Number - Moto E (2nd Generation) with 4G LTE
Hardware SKU - XT1527
Android Version - 5.0.2
Baseband version - M8916_200608.08.02.58.15R SURNIA_RETCA_CUST
Kernel version - 3.10.49-gb86829a [email protected] #1 Tue Aug 4 14:44:21 CDT 2015
System version - 22.46.8.surnia_retca.retca.en.CA retca
Build number - LXI22.50-53.8
This is my first plunge into the world of unlocking, rooting, and flashing Android OS.
So far I've been able to gather that cybojenix and squid2 have highly regarded threads and downloads related to the Moto E 4G LTE but the high volume of custom roms, TWRP files, modem files, gapps, patches to fix issues with the camera and patches to eliminate a warning message that warns of a rooted bootloader, etc have left me somewhat overwhelmed lost. I am in need of a short list of what I absolutely need to do what I want to do, and some hints of what extras would work best with my phone in terms of custom roms or whatever relevant.
I'd like to root my phone so that I can run a specific app not related to xdadevelopers. My needs are mostly related to security and anonymity because in my professional life I conduct social research with vulnerable populations and the ethics of my profession dictate a strict code of conduct in this vein.
[As an aside --The app I use unobtrusively requests root access and I fully trust the app since I am very familiar with its history and development to date. The app is found found at f-droid if anyone is interested in checking out f-droid's offerings.]
My questions are these:
What version of twrp-surnia-3.0.0-r*.img will my Moto E work with?
Motorola says my Android Version 5.0.2 is fully up to date when I try to use the in-phone System Updates feature from the About Phone tab in Settings. However I've read in XDAdevelopers that this version of Android can run into problems when using a later version of TWRP.
Can I install a flavour of CM13 straight from Android Version 5.0.2 or do I need to somehow install an Android Version of 5.1 as a first step?
What flavour of CM (Custom ROM) works best with this phone?
I recognize this thread is a bit long winded but I hope to have provided all the necessary details required to seek help from the many expert coders, programmers, and operators dedicated to xda-developers.
Thank you for taking time to read this, and many more thanks if you happen to contribute to any of the solutions that might follow.
Have a wonderful evening.

lostcelt said:
I purchased outright this Moto E 4G LTE from Staples.
It's not locked to any single carrier and I more than likely will use it as a pocket computer, rather than a talk and text phone.
The details from within the phone are as follows:
Model Number - Moto E (2nd Generation) with 4G LTE
Hardware SKU - XT1527
Android Version - 5.0.2
Baseband version - M8916_200608.08.02.58.15R SURNIA_RETCA_CUST
Kernel version - 3.10.49-gb86829a hud[email protected] #1 Tue Aug 4 14:44:21 CDT 2015
System version - 22.46.8.surnia_retca.retca.en.CA retca
Build number - LXI22.50-53.8
This is my first plunge into the world of unlocking, rooting, and flashing Android OS.
So far I've been able to gather that cybojenix and squid2 have highly regarded threads and downloads related to the Moto E 4G LTE but the high volume of custom roms, TWRP files, modem files, gapps, patches to fix issues with the camera and patches to eliminate a warning message that warns of a rooted bootloader, etc have left me somewhat overwhelmed lost. I am in need of a short list of what I absolutely need to do what I want to do, and some hints of what extras would work best with my phone in terms of custom roms or whatever relevant.
I'd like to root my phone so that I can run a specific app not related to xdadevelopers. My needs are mostly related to security and anonymity because in my professional life I conduct social research with vulnerable populations and the ethics of my profession dictate a strict code of conduct in this vein.
[As an aside --The app I use unobtrusively requests root access and I fully trust the app since I am very familiar with its history and development to date. The app is found found at f-droid if anyone is interested in checking out f-droid's offerings.]
My questions are these:
What version of twrp-surnia-3.0.0-r*.img will my Moto E work with?
Motorola says my Android Version 5.0.2 is fully up to date when I try to use the in-phone System Updates feature from the About Phone tab in Settings. However I've read in XDAdevelopers that this version of Android can run into problems when using a later version of TWRP.
Can I install a flavour of CM13 straight from Android Version 5.0.2 or do I need to somehow install an Android Version of 5.1 as a first step?
What flavour of CM (Custom ROM) works best with this phone?
I recognize this thread is a bit long winded but I hope to have provided all the necessary details required to seek help from the many expert coders, programmers, and operators dedicated to xda-developers.
Thank you for taking time to read this, and many more thanks if you happen to contribute to any of the solutions that might follow.
Have a wonderful evening.
Click to expand...
Click to collapse
The basic steps you need to follow are:
Unlock your bootloader
Flash the XT1527 RETUS 5.1 modem (see http://forum.xda-developers.com/moto-e-2015/help/moto-e-2015-modems-t3296044)
Flash the latest TWRP (my 3.0.1-r1 build as of this moment, see http://forum.xda-developers.com/moto-e-2015/development/twrp-squid-twrp-recovery-moto-e-lte-t3137649)
From TWRP, go into advanced wipe and erase system, data, cache, and dalvik
Flash CM13 + gapps together in TWRP
Apart from the modem, you don't have to upgrade anything else.

I choose to avoid Cm after reading up on it.
I prefer to use the Stock ROM etc
BUT!
I Root it with SuperSU then make my own Bootlogo + Animation
Then i use Squid's Kernel + Squid's TWRP and No-frills CPU Control (to use some of the options Squid's kernel has)
I believe my setup is cleaner and has more stable support and easier to do learn etc.
I checked on what features CM offers and none of it sound like anything i wanted.
I also don't want to have to fiddle around with Gapps or whatever.
I also seen some drawbacks before with some features on the stock Rom that do not work on CM.
I think most people use it simply because it's popular.
Evaluate your options and choose what is right for you.
First thing you want to do is check if you can unlock your bootloader.
Since your from Canada i bet you can.. i did on mine.
Squid's stuff plus Stock Android is good.. in my opinion better than CM.

squid2 said:
The basic steps you need to follow are:
Unlock your bootloader
Flash the XT1527 RETUS 5.1 modem (see http://forum.xda-developers.com/moto-e-2015/help/moto-e-2015-modems-t3296044)
Flash the latest TWRP (my 3.0.1-r1 build as of this moment, see http://forum.xda-developers.com/moto-e-2015/development/twrp-squid-twrp-recovery-moto-e-lte-t3137649)
From TWRP, go into advanced wipe and erase system, data, cache, and dalvik
Flash CM13 + gapps together in TWRP
Apart from the modem, you don't have to upgrade anything else.
Click to expand...
Click to collapse
Thank you for responding to my questions, squid2. I am very much honored to have had you taken the time to write on my behalf, this is certainly something to which I feel very privledged.
For the sake of clarity and accuracy I will quickly repeat the steps I just took after reading your answer to this thread. If you do not write into this thread a second time I will assume the steps I just took are indeed the correct ones.
1. I went to http://forum.xda-developers.com/moto...odems-t3296044 as you directed and downloaded only the one folder titled Modem, ignoring the larger file that includes another three folders in addition to the Modem folder (the larger file containing all the four files is 25.79GB, whereas the single Modem folder is just 561MB).
2. I then unzipped the Modem folder and selected the SURNIA-RETUS_5.1.zip, ignoring the SURNIA-RETUS_5.1_new.zip which is also in the Modem folder. (The newer SURNIA-RETUS_5.1_new.zip file is two days newer than the other SURNIA-RETUS_5.1.zip file, but since they are both in the same Modem folder I am taking that to mean I should follow your original instructions precisely as directed. Both files are about the same size, except that the newer file is slightly smaller than the other.)
Again, thank you. Your instructions were vital in enabling me to move forward on this task. We need a bitcoin tip jar for people who take time to help others.

xpmule said:
I choose to avoid Cm after reading up on it.
I prefer to use the Stock ROM etc
BUT!
I Root it with SuperSU then make my own Bootlogo + Animation
Then i use Squid's Kernel + Squid's TWRP and No-frills CPU Control (to use some of the options Squid's kernel has)
I believe my setup is cleaner and has more stable support and easier to do learn etc.
I checked on what features CM offers and none of it sound like anything i wanted.
I also don't want to have to fiddle around with Gapps or whatever.
I also seen some drawbacks before with some features on the stock Rom that do not work on CM.
I think most people use it simply because it's popular.
Evaluate your options and choose what is right for you.
First thing you want to do is check if you can unlock your bootloader.
Since your from Canada i bet you can.. i did on mine.
Squid's stuff plus Stock Android is good.. in my opinion better than CM.
Click to expand...
Click to collapse
Thank you, xpmule. I had been wondering whether it was a good idea to install CM or to use a stock Rom. From what I've been reading the Moto E version of Android is fairly bloat-free and since I really only need a rooted phone there is no real need for CM.
I've learned more than once that messing around with unfamiliar OS can be a recipe for disaster after foolishly timing updates of a Linux or BSD OS when I have papers due or exams to study for.
I'll take some more time to research the other options you recommended and then follow your lead with respect to this phone.
Again I'd like to thank both squid2 and yourself for helping me on this, and may I suggest that people who provide meaningful assistance such as this put a bitcoin wallet addres in their signature so that people like me can show our gratitude .

I Support Bitcoin and i think i said that to Squid before too LOL
But i have before refused some for helping people more than once.
My help is not as much as Squid's though.. he puts in effort for his public projects LOL
I don't think you will see him giving advice too much either.. at least i haven't.
So Squid.. GET a Bitcoin address man
OP good luck.. i think Moto's Android is fairly bloat free.. The stuff Moto put on there is good.
Like the twist the phone to activate the camera app or the app that tweaks the notifications.
I am happy myself just modding the stock firmware.

Thank you squid2, I followed your directions exactly as prescribed and I am now rocking the lastest nightly build of CM on my Moto E. It was fairly easy and I can confirm that everything works just fine.
And thank you as well, xpmule. I was going to follow your instructions too but when I got to a certain point in my process and my phone asked if I was sure I wanted to reboot even though there was no OS installed, well I had one of those moments.
Thank you, thank you, THANK YOU!!
Now it's time to explore this CM OS and see what all the fanfare is really about. )

Project Treble and unofficial roms/updates

Hello!
I have been following annual Google I/O 2017 and heard about all the benefits of Google's Project Treble.
I cannot help but wonder how are developers (for example here at XDA) able to create custom roms or unofficial Android updates. Why Google can't make official Android Nougat update for Nexus 7 2013, but you here at XDA can. What is different between your work and Google's when it comes to these things, as far as neither has access to hardware manufacturer's code support.
I have to say I am not a professional software developer, so I understand if this topic is beyond my comprehension.
Thank you!

"Why Google can't make official Android Nougat update for Nexus 7 2013"
Planned obsolescence.
"neither has access to hardware manufacturer's code support"
Google is obliged to release kernel source code because Linux(the kernel powering Android) is released under the GPL. The kernel is responsible for letting Android "talk" to the hardware. Developers at XDA can then modify the open-source kernel to "fit" newer versions of Android.

I'd like to chime in on this.
Let's use the Nexus 7 2013 as an example. The difference between what an official build of Nougat from Google would be and what a build of Nougat from XDA is that the Google released one will have updated devices drivers that are made specifically for Nougat, while the XDA released one simply uses the older device drivers and hope they work. In some cases they work flawlessly (mostly on Nexus devices), however other times there are things that don't work so they either need to be disabled or worked around. So essentially a Google released OS has everything updated and tested to work with the new OS, while XDA releases are more 'hacked' together to work (simply because the device drivers aren't Open Source). Google may not have access to the hardware drivers, but they still get them updated.
Now let's touch on Project Treble (and why I am so excited about it). Instead of each and every device driver needing to be upgraded and tested for each new OS version, the OS version will specify which version of the drivers (HAL's) will work with the OS. This means there will be a separate space where all the device drivers will reside, and the OS will simply load those when booting (no more proprietary binary blobs to include in the ROM! hopefully...).
This means on any Project Treble compatible device (all phones that ship with Oreo, and some that update to Oreo) with an unlocked bootloader, a user can simply compile AOSP and flash it directly to the device with no modifications and have the device work. I believe this is actually a requirement to pass Google's certification process for new devices with Oreo. That means, say, with the LG v30 if the bootloader is unlocked, there can be an AOSP ROM on day one of its release.
So instead of Android being strictly a per device compile, it is just a general compile (sans device specific features). However, this doesn't remove the old driver issue. If the drivers in their respective partition no longer are updated by the manufacturer, the later AOSP code will need to be modified to work around these (and accept them). This is still easier in my opinion than the binary blobs.
As for official updates, Project Treble allows device hardware manufacturers to work on updating the device drivers while the OS Dev (Samsung, etc) works on updating their OS. So it is a parallel development instead of a serial one (hardware AND os instead of hardware THEN os).

A question.
Do the Nexus 5X devices have the Treble system or project incorporated with Oreo?
I do not understand the other manufacturers that cheaper excuses are giving, it is true that they are not obliged but I think it would be good practice, maybe they think as before that you will not buy them a phone.
Does someone make a Change.org or similar campaign to ask all Android manufacturers to make a minimum effort?

[ROM] Unofficial Lineage-16.0 (Android 9.0 PIE)

This is unofficial lineageos 16 for Motorola Clark. It is only compatible with nougat firmware - you must have the nougat bootloader and modem flashed on your device.
Tons of thanks to hashbang for all of his work
Kernel Source-
https://github.com/randomblame/android_kernel_motorola_msm8992
Device tree-
https://github.com/randomblame/android_device_motorola_clark
Current status of rom-
Daily Driver
Broken-
Camera post processing- rotation is not accounted for in hal with latest round of hacks credit to AgathosAnthropos for fixing image capture by disabling the calls to pp, hold device in landscape for photos
Tethering - it works but device will soft reboot when tethering stops
Dual sim variants are NOT supported! I do not have the hardware to test and fix at this time - bugreports appreciated
Working - everything else?
Try it yourself (Requires Nougat Firmware and as always wipe data+cache)
Latest Releases:
1/12/2020 https://www.androidfilehost.com/?fid=4349826312261700035
8/1/2019 https://www.androidfilehost.com/?fid=6006931924117928331
Don't forget to grab a compatible version of gapps for 9.0
https://opengapps.org
Once again this rom REQUIRES that the stock nougat firmware was properly flashed to work correctly... It will check before installation that you have the correct modem version installed.
*If your radio does not work you may have the wrong modem
*If you can not switch lockscreen to pin or pattern you may have the wrong modem.
*Modem flashes fail quietly sometimes please make sure you have properly flashed it before reporting issues.

Great! [emoji6]
Enviado desde mi Nexus 5X mediante Tapatalk

I'll be happy to test once there is a working rom

I've been updating op, it seems to just be getting shorter as I fix things. The rom now compiles with default manifest only needs device tree and kernel source now. something is failing quietly and preventing boot. I'm just working the problem slowly getting it sorted out.

Can't wait to see more from this

We wait impatiently.

Spent a couple more hours going through init narrowing it down failure happens just before zygote startsI currently have my pure propped up in charging position so I can work more on it it's had a hard life

Thank You so much
randomblame said:
I've been updating op, it seems to just be getting shorter as I fix things. The rom now compiles with default manifest only needs device tree and kernel source now. something is failing quietly and preventing boot. I'm just working the problem slowly getting it sorted out.
Click to expand...
Click to collapse
I have been searching and search for lineage OS roms for my XT1575 but the bootloader is Ax052 which is not supported by 14.1 Lineage. I Hope you find a fix for this.

Moto X Pure XT1575 said:
I have been searching and search for lineage OS roms for my XT1575 but the bootloader is Ax052 which is not supported by 14.1 Lineage. I Hope you find a fix for this.
Click to expand...
Click to collapse
Hi, I have the Lineague 14.2 installed. What I did to eliminate the bootloader check was to edit the uptader-script

Fixing error caused by missing taskstats kernel feature

Hi randomblame,
A quick review please, could you tell us the intended purpose of your project.
Meaning like I'm thinking it's for a "Moto X Pure 2015 (clark)" device isn't it?
Would that be for everyone on this XT1575 device which has upgraded to a stock Nougat kernel and modem?
Or could/would others benefit from it as well with your research here - other moto's?
Any and all answers - thoughts are welcome in understanding the project...
Thanks for the lady power on XDA,
RIF
This device can have a new future. Think about it !

I will look into bootloader incompatibility once I get it running seems like it shouldn't be a big deal. I'm also toying with the idea of a new kernel 3.18 seems like low hanging fruit considering Motorola was kind enough to give us good searchable git history on GitHub of both kernels and the 3.18 source for the Moto z seems to have most of the msm8992 support still. My next step is going to be a new device tree starting as bare bones as possible and populating it properly to figure out this issue. I'll throw up a PayPal link again later a less broken device would be helpful USB port is bad and this is probably the fourth screen I've installed on it but touch only works when it feels like it lol

randomblame said:
I will look into bootloader incompatibility once I get it running seems like it shouldn't be a big deal. I'm also toying with the idea of a new kernel 3.18 seems like low hanging fruit considering Motorola was kind enough to give us good searchable git history on GitHub of both kernels and the 3.18 source for the Moto z seems to have most of the msm8992 support still. My next step is going to be a new device tree starting as bare bones as possible and populating it properly to figure out this issue. I'll throw up a PayPal link again later a less broken device would be helpful USB port is bad and this is probably the fourth screen I've installed on it but touch only works when it feels like it lol
Click to expand...
Click to collapse
I'm trying to follow along with your posts best as is possible for me - but, so sorry I and as well many others are lame to understand the under-the-hood workings of Android.
Are you saying in such a way that the Moto Pure XT1575, will maybe and with your research efforts move forward to a true PIE OS possibly?
Maybe I'm reading to much into your words.
But, as I follow your posts, you'll advance us Pure device owners beyond the Nougat kernel - or at least try too?
Or yet with your efforts will this yield something like HashBang did for the XT1575 device when a Nougat OS wasn't even a thought of possibility from Motorola for us.
Back then, HashBang had worked the Nougat OS on the Marshmallow kernel and modem - I'm very green to all of this - but that's what I understood.
Still that's good none the less if that will come here from you with PIE on Nougat internals...
Beings Motorola support is dead for our device for anything future of an OS update - not to mention security patches.
If you would spell it out better as any interested XT1575 owners now could grasp the concept here in your efforts - create a buzz for a greater community following. More MXP owners to jump on board as gained support from well wishers.
Is it to early yet for that? Is there a fear that someone could steal it out from under you? Unexpected negativity, or is it just the way you wish to present this to us for the present.
I'm still going to watch and support this project with high hopes no matter what may come in the end...
Could you benefit knowledge from a LineageOS 16 for Moto Z. download?
https://www.cyanogenmods.org/forums/topic/download-moto-z-lineage-os-16-android-9/
For people like me,
Device Tree = https://source.android.com/devices/architecture/dto
and on XDA
https://forum.xda-developers.com/android/software/guide-how-to-make-device-tree-phone-t3698419
As for any active developers still left for the XT1575 a big thank you to you all, seems to me like a daunting task to crawl inside of android moreless understand things once your there...

Kernels are only loosly linked to Android versions, Google maintains the Android-common kernel repos which are usually quite far behind mainline Linux, and caf who maintains Qualcomm specific kernels are further behind in general. Literallyany feature required by Android can be backported to an old kernel I'm sure 2.6.27 could run pie but it would need so many patches it would be an unrecognizable mess. It will become progressively more of a nuisance as time goes on to keep patching up 3.10 Pie "requires" 4.4 for new devices but only needs kernel features from 3.18 which I've backported to 3.10. with each new version of Android more assumptions are made about how modern the devices kernel is and what features it has so moving to a newer kernel would be nice and like I said 3.18 seems doable but it will still be quite a bit of work.

Thank you @randomblame I was able to grasp most of that...
Maybe it's too early but, how does Googles Android security patches figure into this - if they are possible to bring us forth from Oct 2017?
Remembering I'm a laymen to the nuts and bolts of android.
I understand your post #16 - Super !

Security patch version is irrelevant when you are building from the latest source

Obnoxiously after a few builds the dedicated 250gb SSD is full and I have to make clean which takes ages, I nooped every thing but the basics didn't include telephony or wifi, ril, audio, Bluetooth GPS nfc etc and left it to build overnight will test after work trying to narrow down the problem

Surface flinger is the culprit

I have the device laying around and getting no use. Will sure donate some $$$. Seeing a los16 with all working hardware would be great.

Only got a couple hours to work on it this weekend, there is an issue where /system/vendor is not symlinked to /vendor early enough and calls for things in /vendor fail thus the issue, since we don't have a physical /vendor partition it can not be mounted immediately via the kernel. Tis annoying. I can change the calls to /system/vendor or maybe make it symlinked earlier when I get a chance

Question Is Microg is device specified?

I want to install crdroid vanilla custom rom. I want to know whether microg is device specified like custom roms. I have a redmi note 10. Is there any specified micro g for redmi note 10 or can i install any mciro g. Also please suggest which is better from microg, nanodroid, nikgapps. I am also curious to know its pros and cons.

crdroid is unfortunately discontinued as vanilla build ( I still wonder why.. ) you better stick with other vanilla ROMs then.
however, getting Signature spoofing working on vanilla LineageOS is currently a mess and very tricky (as long as there is no official microG version), so many ways that worked before don't work anymore. nanodroid isn't working, the spoofing is not working. you have to manually extract framework files, deodex files, repack, upload again etc.. cumbersome.
if you have a vanilla ROM that supports signature spoofing out of the box, the best way seems to be having Magisk and installing the unofficial MinMicroG.zip with it. That was the only option that worked for me now on Android 11.
there is also no device specific MicroG version. To get a working MicroG installation it depends on 2 factors:
1. MicroG itself. the current version is kinda buggy on Android 11
2. the way it is installed and bound into the system (priv-app, userapp, as system installation or magisk module)
both need to work hand in hand, that means there are many combinations available that might work and might not work, and it's changing everyday (like, microg community updates fixes and adjusts the code, then google releases next update and nothing works anymore)
again: if your chosen ROM supports signature spoofing out of the box, installing microG is a piece of cake (if you know the right combinations that currently work, f.i. A11+magisk+minmicrog, or (currently not) nandroid, official microG apks only, etc.)
otherwise it's a lot more difficult, because there is currently nowhere a working one-click-solution to add signature spoofing.
(oh, and that's at least my experience so far, if anybody knows better, feel free correct me or add infos, I'm eager to hear)