19.1: aura and beryllium + some fixes

Signed-off-by: Tad <tad@spotco.us>

Scripts/Common/Fix_CVE_Patchers.sh

@@ -87,7 +87,7 @@ commentPatches android_kernel_samsung_smdk4412.sh "CVE-2012-2127" "CVE-2016-8463
 commentPatches android_kernel_samsung_tuna.sh "CVE-2012-2127";
 commentPatches android_kernel_samsung_universal8890.sh "0008-Graphene-Kernel_Hardening/4.9/0053.patch" "0008-Graphene-Kernel_Hardening/4.9/0055.patch" "CVE-2016-7917" "CVE-2018-1092" "CVE-2018-17972" "CVE-2019-16746" "CVE-2020-0427" "CVE-2020-14381" "CVE-2020-16166";
 commentPatches android_kernel_samsung_universal9810.sh "CVE-2020-1749";
-commentPatches android_kernel_sony_sdm660.sh "CVE-2019-19319" "CVE-2020-0305" "CVE-2020-8992" "CVE-2020-16166";
+commentPatches android_kernel_sony_sdm660.sh "0008-Graphene-Kernel_Hardening/4.4/0019.patch" "CVE-2019-19319" "CVE-2020-0305" "CVE-2020-8992" "CVE-2020-16166";
 commentPatches android_kernel_sony_sdm845.sh "CVE-2019-19319" "CVE-2020-1749" "CVE-2020-8992";
 commentPatches android_kernel_xiaomi_msm8937.sh "CVE-2017-13162" "CVE-2019-14070" "CVE-2019-16746" "CVE-2020-0427" "CVE-2020-16166" "CVE-2021-39715/ANY/0001.patch";
 commentPatches android_kernel_xiaomi_sdm660.sh "0008-Graphene-Kernel_Hardening/4.4/0019.patch";

Scripts/LineageOS-17.1/Patch.sh

@@ -488,7 +488,6 @@ enableLowRam "device/motorola/osprey" "osprey";
 enableLowRam "device/motorola/surnia" "surnia";
 #Tweaks for <3GB RAM devices
 enableLowRam "device/cyanogen/msm8916-common" "msm8916-common";
-enableLowRam "device/motorola/clark" "clark";
 enableLowRam "device/wileyfox/crackling" "crackling";
 
 #Fix broken options enabled by hardenDefconfig()

Scripts/LineageOS-19.1/CVE_Patchers/android_kernel_razer_sdm845.sh

@@ -0,0 +1,67 @@
+#!/bin/bash
+cd "$DOS_BUILD_BASE""kernel/razer/sdm845"
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0024.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0025.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0026.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0027.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0028.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0029.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0030.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0031.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0032.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0033.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0034.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0035.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0036.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0037.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0038.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0039.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0041.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0042.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0043.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0044.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0045.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0046.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0047.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0048.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0049.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0051.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0052.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0053.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0054.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0055.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7837/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3695/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0006.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0008.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0009.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7477/4.9/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13693/^4.12.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13694/^4.12.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000252/^4.13/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5897/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9415/ANY/0005.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-20855/^4.18/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12378/^5.1.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12455/^5.1.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12456/^5.1.5/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15291/4.9/0007.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-16921/^4.16/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-16994/4.9/0004.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19051/4.9/0013.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19068/4.9/0005.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20908/^5.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-0067/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-3674/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-16119/^5.10/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-24394/^5.8/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-33098/^5.12/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-39792/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-44879/^5.16/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-45469/4.9-^5.16/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-1353/^5.17/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-27950/^5.16/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-28390/^5.17/0001.patch
+editKernelLocalversion "-dos.p63"
+cd "$DOS_BUILD_BASE"

Scripts/LineageOS-19.1/CVE_Patchers/android_kernel_sony_sdm660.sh

@@ -7,7 +7,7 @@ git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0012.patch
 git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0013.patch
 git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0014.patch
 git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0015.patch
-git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0019.patch
+#git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0019.patch
 git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/ANY/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7837/ANY/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-1583/^4.6/0003.patch

Scripts/LineageOS-19.1/CVE_Patchers/android_kernel_xiaomi_sdm845.sh

@@ -0,0 +1,67 @@
+#!/bin/bash
+cd "$DOS_BUILD_BASE""kernel/xiaomi/sdm845"
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0024.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0025.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0026.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0027.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0028.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0029.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0030.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0031.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0032.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0033.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0034.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0035.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0036.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0037.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0038.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0039.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0041.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0042.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0043.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0044.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0045.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0046.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0047.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0048.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0049.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0051.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0052.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0053.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0054.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0055.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7837/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3695/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0006.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0008.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0009.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7477/4.9/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13693/^4.12.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13694/^4.12.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000252/^4.13/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5897/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9415/ANY/0005.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-20855/^4.18/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12378/^5.1.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12455/^5.1.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12456/^5.1.5/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15291/4.9/0007.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-16921/^4.16/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-16994/4.9/0004.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19051/4.9/0013.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19068/4.9/0005.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20908/^5.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-0067/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-3674/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-16119/^5.10/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-24394/^5.8/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-33098/^5.12/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-39792/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-44879/^5.16/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-45469/4.9-^5.16/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-1353/^5.17/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-27950/^5.16/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-28390/^5.17/0001.patch
+editKernelLocalversion "-dos.p63"
+cd "$DOS_BUILD_BASE"

Scripts/LineageOS-19.1/Functions.sh

@@ -19,7 +19,7 @@ umask 0022;
 #Last verified: 2022-04-04
 
 patchAllKernels() {
-	startPatcher "kernel_fxtec_msm8998 kernel_google_msm-4.9 kernel_google_msm-4.14 kernel_google_redbull kernel_google_wahoo kernel_oneplus_sdm845 kernel_oneplus_sm8150 kernel_sony_sdm660";
+	startPatcher "kernel_fxtec_msm8998 kernel_google_msm-4.9 kernel_google_msm-4.14 kernel_google_redbull kernel_google_wahoo kernel_oneplus_sdm845 kernel_oneplus_sm8150 kernel_razer_sdm845 kernel_sony_sdm660 kernel_xiaomi_sdm845";
 }
 export -f patchAllKernels;
 
@@ -62,6 +62,8 @@ buildAll() {
 	buildDevice taimen avb;
 	buildDevice walleye avb;
 	#SD845
+	buildDevice aura avb;
+	buildDevice beryllium avb;
 	buildDevice pro1 avb;
 	buildDevice crosshatch avb;
 	buildDevice blueline avb;

Scripts/LineageOS-19.1/Patch.sh

@@ -425,13 +425,14 @@ removeBuildFingerprints || true;
 enableAutoVarInit || true;
 
 #Tweaks for <4GB RAM devices
-enableLowRam "device/sony/pioneer" "pioneer";
+#enableLowRam "device/sony/pioneer" "pioneer";
 
 #Fix broken options enabled by hardenDefconfig()
 #none yet
 
 sed -i 's/^YYLTYPE yylloc;/extern YYLTYPE yylloc;/' kernel/*/*/scripts/dtc/dtc-lexer.l*; #Fix builds with GCC 10
 rm -v kernel/*/*/drivers/staging/greybus/tools/Android.mk || true;
+rm -v device/*/*/overlay/frameworks/base/packages/overlays/NoCutoutOverlay/res/values/config.xml || true;
 #
 #END OF DEVICE CHANGES
 #

Scripts/init.sh

@@ -76,7 +76,7 @@ export DOS_WEBVIEW_LFS=true; #Whether to `git lfs pull` in the WebView repositor
 #Servers
 export DOS_DEFAULT_DNS_PRESET="Quad9"; #Sets default DNS. Options: See changeDefaultDNS() in Scripts/Common/Functions.sh
 export DOS_GPS_NTP_SERVER="2.android.pool.ntp.org"; #Options: Any NTP pool
-export DOS_GPS_SUPL_HOST="supl.google.com"; #Options: supl.{google,vodafone,sonyericsson}.com
+export DOS_GPS_SUPL_HOST="supl.google.com"; #Options: Any *valid* SUPL server
 
 #Release Processing
 export DOS_MALWARE_SCAN_BEFORE_SIGN=false; #Scan device files for malware before signing