mirror of
https://github.com/Divested-Mobile/DivestOS-Build.git
synced 2024-12-23 14:39:24 -05:00
18.1: switch to latest hardened_malloc revision
+ other fixes Signed-off-by: Tavi <tavi@divested.dev>
This commit is contained in:
parent
2c90c48637
commit
11b5815f14
@ -217,7 +217,7 @@ external/guava f68acb20fe2dbfb31dd6259fd0cf161f09d51701
|
||||
external/guice 341b3654f990734fccc4f8bdda401862f1aea696
|
||||
external/gwp_asan 76e2fecf2dd8449ab4d636dc3e55f1be1d7a56d0
|
||||
external/hamcrest c24f6249abf1583a60f7b33ea29e321e8f15c586
|
||||
external/hardened_malloc 9823dcad79b5dc735720790d27770231ec90fee8
|
||||
external/hardened_malloc 749640c274d54e084505a24fa758bcb5f96a25ef
|
||||
external/harfbuzz_ng ab5e62fefce126b4f299430f1327b33c9fe526e1
|
||||
external/honggfuzz 03bc7e514aac0c4c64a5bb978454aa2020695ac3
|
||||
external/hyphenation-patterns ac87c57f7beddbf5d5a50462508ce182f4fe72e8
|
||||
|
@ -74,7 +74,7 @@
|
||||
|
||||
<!-- START OF ADDITIONAL REPOS -->
|
||||
<!-- GrapheneOS -->
|
||||
<project path="external/hardened_malloc" name="GrapheneOS/hardened_malloc" remote="github" revision="9823dcad79b5dc735720790d27770231ec90fee8" />
|
||||
<project path="external/hardened_malloc" name="GrapheneOS/hardened_malloc" remote="github" revision="749640c274d54e084505a24fa758bcb5f96a25ef" />
|
||||
<!-- END OF ADDITIONAL REPOS -->
|
||||
|
||||
<!-- START OF DEVICE REPOS -->
|
||||
|
@ -0,0 +1,102 @@
|
||||
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
||||
From: Daniel Micay <danielmicay@gmail.com>
|
||||
Date: Tue, 1 Jan 2019 14:45:27 -0500
|
||||
Subject: [PATCH] workarounds for Pixel 3 SoC era camera driver bugs
|
||||
|
||||
---
|
||||
h_malloc.c | 33 ++++++++++++++++++++++++++++-----
|
||||
1 file changed, 28 insertions(+), 5 deletions(-)
|
||||
|
||||
diff --git a/h_malloc.c b/h_malloc.c
|
||||
index 15be0a2..3fa9ed7 100644
|
||||
--- a/h_malloc.c
|
||||
+++ b/h_malloc.c
|
||||
@@ -80,6 +80,9 @@ static union {
|
||||
#ifdef MEMTAG
|
||||
bool is_memtag_disabled;
|
||||
#endif
|
||||
+ bool zero_on_free;
|
||||
+ bool purge_slabs;
|
||||
+ bool region_quarantine_protect;
|
||||
};
|
||||
char padding[PAGE_SIZE];
|
||||
} ro __attribute__((aligned(PAGE_SIZE)));
|
||||
@@ -465,7 +468,7 @@ static void *slot_pointer(size_t size, void *slab, size_t slot) {
|
||||
}
|
||||
|
||||
static void write_after_free_check(const char *p, size_t size) {
|
||||
- if (!WRITE_AFTER_FREE_CHECK) {
|
||||
+ if (!WRITE_AFTER_FREE_CHECK || !ro.zero_on_free) {
|
||||
return;
|
||||
}
|
||||
|
||||
@@ -812,7 +815,7 @@ static inline void deallocate_small(void *p, const size_t *expected_size) {
|
||||
}
|
||||
#endif
|
||||
|
||||
- if (ZERO_ON_FREE && !skip_zero) {
|
||||
+ if (ro.zero_on_free && !skip_zero) {
|
||||
memset(p, 0, size - canary_size);
|
||||
}
|
||||
}
|
||||
@@ -890,7 +893,7 @@ static inline void deallocate_small(void *p, const size_t *expected_size) {
|
||||
|
||||
if (c->empty_slabs_total + slab_size > max_empty_slabs_total) {
|
||||
int saved_errno = errno;
|
||||
- if (!memory_map_fixed(slab, slab_size)) {
|
||||
+ if (ro.purge_slabs && !memory_map_fixed(slab, slab_size)) {
|
||||
label_slab(slab, slab_size, class);
|
||||
stats_slab_deallocate(c, slab_size);
|
||||
enqueue_free_slab(c, metadata);
|
||||
@@ -976,7 +979,7 @@ static void regions_quarantine_deallocate_pages(void *p, size_t size, size_t gua
|
||||
return;
|
||||
}
|
||||
|
||||
- if (unlikely(memory_map_fixed(p, size))) {
|
||||
+ if (!ro.region_quarantine_protect || unlikely(memory_map_fixed(p, size))) {
|
||||
memory_purge(p, size);
|
||||
} else {
|
||||
memory_set_name(p, size, "malloc large quarantine");
|
||||
@@ -1192,6 +1195,21 @@ static inline void enforce_init(void) {
|
||||
}
|
||||
}
|
||||
|
||||
+COLD static void handle_bugs(void) {
|
||||
+ char path[256];
|
||||
+ if (readlink("/proc/self/exe", path, sizeof(path)) == -1) {
|
||||
+ return;
|
||||
+ }
|
||||
+
|
||||
+ // Pixel 3, Pixel 3 XL, Pixel 3a and Pixel 3a XL camera provider
|
||||
+ const char camera_provider[] = "/vendor/bin/hw/android.hardware.camera.provider@2.4-service_64";
|
||||
+ if (strcmp(camera_provider, path) == 0) {
|
||||
+ ro.zero_on_free = false;
|
||||
+ ro.purge_slabs = false;
|
||||
+ ro.region_quarantine_protect = false;
|
||||
+ }
|
||||
+}
|
||||
+
|
||||
static struct mutex init_lock = MUTEX_INITIALIZER;
|
||||
|
||||
COLD static void init_slow_path(void) {
|
||||
@@ -1207,6 +1225,11 @@ COLD static void init_slow_path(void) {
|
||||
ro.metadata_pkey = pkey_alloc(0, 0);
|
||||
#endif
|
||||
|
||||
+ ro.purge_slabs = true;
|
||||
+ ro.zero_on_free = ZERO_ON_FREE;
|
||||
+ ro.region_quarantine_protect = true;
|
||||
+ handle_bugs();
|
||||
+
|
||||
if (unlikely(sysconf(_SC_PAGESIZE) != PAGE_SIZE)) {
|
||||
fatal_error("runtime page size does not match compile-time page size which is not supported");
|
||||
}
|
||||
@@ -1491,7 +1514,7 @@ EXPORT void *h_calloc(size_t nmemb, size_t size) {
|
||||
}
|
||||
total_size = adjust_size_for_canary(total_size);
|
||||
void *p = alloc(total_size);
|
||||
- if (!ZERO_ON_FREE && likely(p != NULL) && total_size && total_size <= max_slab_size_class) {
|
||||
+ if (!ro.zero_on_free && likely(p != NULL) && total_size && total_size <= max_slab_size_class) {
|
||||
memset(p, 0, total_size - canary_size);
|
||||
}
|
||||
#ifdef HAS_ARM_MTE
|
@ -10,16 +10,16 @@ Change-Id: I23513ec0379bbb10829f989690334e9704fd20e2
|
||||
1 file changed, 2 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/h_malloc.c b/h_malloc.c
|
||||
index a6e1a7c..1b574e4 100644
|
||||
index 3fa9ed7..0308d73 100644
|
||||
--- a/h_malloc.c
|
||||
+++ b/h_malloc.c
|
||||
@@ -1070,7 +1070,8 @@ COLD static void handle_bugs(void) {
|
||||
@@ -1203,7 +1203,8 @@ COLD static void handle_bugs(void) {
|
||||
|
||||
// Pixel 3, Pixel 3 XL, Pixel 3a and Pixel 3a XL camera provider
|
||||
const char camera_provider[] = "/vendor/bin/hw/android.hardware.camera.provider@2.4-service_64";
|
||||
- if (strcmp(camera_provider, path) == 0) {
|
||||
+ // Any camera executable on system partition
|
||||
+ if (strcmp(camera_provider, path) == 0 || (strstr(path, "camera") != NULL && (strncmp("/system", path, 7) == 0 || strncmp("/vendor", path, 7) == 0))) {
|
||||
+ if (strcmp(camera_provider, path) == 0 || (strstr(path, "camera") != NULL && (strncmp("/system", path, 7) == 0 || strncmp("/vendor", path, 7) == 0 || strncmp("/apex", path, 5) == 0))) {
|
||||
ro.zero_on_free = false;
|
||||
ro.purge_slabs = false;
|
||||
ro.region_quarantine_protect = false;
|
@ -0,0 +1,31 @@
|
||||
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
||||
From: Tad <tad@spotco.us>
|
||||
Date: Tue, 22 Nov 2022 07:23:10 -0500
|
||||
Subject: [PATCH] Add workaround for OnePlus 8 & 9 display driver crash
|
||||
|
||||
Change-Id: Ie7a0ca79bb629814e57958d57546f85030b67048
|
||||
Signed-off-by: Tad <tad@spotco.us>
|
||||
---
|
||||
h_malloc.c | 9 +++++++++
|
||||
1 file changed, 9 insertions(+)
|
||||
|
||||
diff --git a/h_malloc.c b/h_malloc.c
|
||||
index 0308d73..6c3b148 100644
|
||||
--- a/h_malloc.c
|
||||
+++ b/h_malloc.c
|
||||
@@ -1209,6 +1209,15 @@ COLD static void handle_bugs(void) {
|
||||
ro.purge_slabs = false;
|
||||
ro.region_quarantine_protect = false;
|
||||
}
|
||||
+
|
||||
+ // OnePlus 8 & 9 display composer
|
||||
+ // https://gitlab.com/divested-mobile/divestos-build/-/issues/19
|
||||
+ const char hwc[] = "/vendor/bin/hw/vendor.qti.hardware.display.composer-service";
|
||||
+ if (strcmp(hwc, path) == 0) {
|
||||
+ ro.zero_on_free = false;
|
||||
+ ro.purge_slabs = false;
|
||||
+ ro.region_quarantine_protect = false;
|
||||
+ }
|
||||
}
|
||||
|
||||
static struct mutex init_lock = MUTEX_INITIALIZER;
|
@ -133,7 +133,7 @@ done
|
||||
declare -a threeDotEighteen=("${threeDotTen[@]}" "android_kernel_samsung_universal8890.sh" "android_kernel_google_dragon.sh" "android_kernel_zte_msm8996.sh" "android_kernel_asus_msm8953.sh" "android_kernel_google_marlin.sh" "android_kernel_motorola_msm8996.sh" "android_kernel_oneplus_msm8996.sh");
|
||||
for script in "${threeDotEighteen[@]}"
|
||||
do
|
||||
commentPatches $script "0008-Graphene-Kernel_Hardening-slub/4.4/0002.patch" "CVE-2018-16597/4.4" "CVE-2019-19319/4.4" "CVE-2020-0305/4.4" "CVE-2020-0429/4.4" "CVE-2020-8992/4.4" "CVE-2021-1048/4.4" "CVE-2021-3428/4.4" "CVE-2021-20265/4.4" "CVE-2022-1184/4.4/0014.patch" "CVE-2022-1184/4.9/0007.patch" "CVE-2022-40768/4.9/0007.patch" "CVE-2022-40768/4.4/0008.patch" "CVE-2022-47929/4.4" "CVE-2023-0458";
|
||||
commentPatches $script "0008-Graphene-Kernel_Hardening-slub/4.4/0002.patch" "CVE-2018-16597/4.4" "CVE-2019-19319/4.4" "CVE-2020-0305/4.4" "CVE-2020-0429/4.4" "CVE-2020-8992/4.4" "CVE-2021-1048/4.4" "CVE-2021-3428/4.4" "CVE-2021-20265/4.4" "CVE-2022-1184/4.4/0014.patch" "CVE-2022-1184/4.9/0007.patch" "CVE-2022-40768/4.9/0007.patch" "CVE-2022-40768/4.4/0008.patch" "CVE-2022-47929/4.4" "CVE-2023-0458" "CVE-2024-26889";
|
||||
done
|
||||
#4.4
|
||||
declare -a fourDotFour=("${threeDotEighteen[@]}" "android_kernel_essential_msm8998.sh" "android_kernel_fxtec_msm8998.sh" "android_kernel_lge_msm8996.sh" "android_kernel_zuk_msm8996.sh" "android_kernel_xiaomi_sdm660.sh" "android_kernel_sony_sdm660.sh" "android_kernel_razer_msm8998.sh" "android_kernel_oneplus_msm8998.sh" "android_kernel_google_wahoo.sh" "android_kernel_yandex_sdm660.sh" "android_kernel_zuk_msm8996.sh");
|
||||
|
@ -860,7 +860,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26816/4.4/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26840/4.4/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26851/4.4/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26875/4.4/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26889/4.4/0001.patch
|
||||
#git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26889/4.4/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26894/4.4/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26901/4.4/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26955/4.4/0001.patch
|
||||
|
@ -822,7 +822,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26816/4.4/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26840/4.4/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26851/4.4/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26875/4.4/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26889/4.4/0001.patch
|
||||
#git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26889/4.4/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26894/4.4/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26901/4.4/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26955/4.4/0001.patch
|
||||
|
@ -812,7 +812,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26816/4.4/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26840/4.4/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26851/4.4/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26875/4.4/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26889/4.4/0001.patch
|
||||
#git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26889/4.4/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26894/4.4/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26901/4.4/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26955/4.4/0001.patch
|
||||
|
@ -629,7 +629,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26816/4.4/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26840/4.4/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26851/4.4/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26875/4.4/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26889/4.4/0001.patch
|
||||
#git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26889/4.4/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26894/4.4/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26901/4.4/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26955/4.4/0001.patch
|
||||
|
@ -645,7 +645,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26816/4.4/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26840/4.4/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26851/4.4/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26875/4.4/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26889/4.4/0001.patch
|
||||
#git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26889/4.4/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26894/4.4/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26901/4.4/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26955/4.4/0001.patch
|
||||
|
@ -633,7 +633,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26816/4.4/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26840/4.4/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26851/4.4/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26875/4.4/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26889/4.4/0001.patch
|
||||
#git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26889/4.4/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26894/4.4/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26901/4.4/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26955/4.4/0001.patch
|
||||
|
@ -120,7 +120,14 @@ fi;
|
||||
|
||||
if [ "$DOS_GRAPHENE_MALLOC" = true ]; then
|
||||
if enterAndClear "external/hardened_malloc"; then
|
||||
applyPatch "$DOS_PATCHES/android_external_hardened_malloc/0001-Broken_Cameras.patch"; #Expand workaround to all camera executables (DivestOS)
|
||||
applyPatch "$DOS_PATCHES/android_external_hardened_malloc/0001-Broken_Cameras-1.patch"; #Workarounds for Pixel 3 SoC era camera driver bugs (GrapheneOS)
|
||||
applyPatch "$DOS_PATCHES/android_external_hardened_malloc/0001-Broken_Cameras-2.patch"; #Expand workaround to all camera executables (DivestOS)
|
||||
applyPatch "$DOS_PATCHES/android_external_hardened_malloc/0002-Broken_Displays.patch"; #Add workaround for OnePlus 8 & 9 display driver crash (DivestOS)
|
||||
sed -i 's/34359738368/2147483648/' Android.bp; #revert 48-bit address space requirement
|
||||
sed -i -e '76,78d;' Android.bp; #fix compile under A13
|
||||
sed -i -e '22,24d;' androidtest/Android.bp; #fix compile under A12
|
||||
awk -i inplace '!/vendor_ramdisk_available/' Android.bp; #fix compile under A11
|
||||
rm -rfv androidtest;
|
||||
fi;
|
||||
fi;
|
||||
|
||||
|
@ -205,3 +205,5 @@ source "$DOS_SCRIPTS/Functions.sh";
|
||||
|
||||
[[ -f "$DOS_BUILD_BASE/.repo/local_manifests/roomservice.xml" ]] && echo "roomservice manifest found! Please fix your manifests before continuing!";
|
||||
[[ -f "$DOS_BUILD_BASE/DOS_PATCHED_FLAG" ]] && echo "NOTE: THIS WORKSPACE IS ALREADY PATCHED, PLEASE RESET BEFORE PATCHING AGAIN!";
|
||||
|
||||
if grep -sq "orphan_file" "/etc/mke2fs.conf"; then echo "NOTE: YOU MUST REMOVE orphan_file AND metadata_csum_seed FROM /etc/mke2fs.conf"; fi;
|
||||
|
Loading…
Reference in New Issue
Block a user