From 14c191ffb5eeb08579f30c308d3161cf9b01c653 Mon Sep 17 00:00:00 2001 From: Tad Date: Thu, 4 May 2023 21:04:43 -0400 Subject: [PATCH] Churn Signed-off-by: Tad --- .../android_frameworks_base/0007-Always_Restict_Serial.patch | 2 +- .../0029-Strict_Package_Checks-2.patch | 4 ++-- .../android_frameworks_native/0001-Sensors_Permission.patch | 2 +- .../CVE_Patchers/android_kernel_fxtec_msm8998.sh | 3 +-- .../android_kernel_google_gs101_private_gs-google.sh | 5 +---- .../android_kernel_google_gs201_private_gs-google.sh | 5 +---- .../CVE_Patchers/android_kernel_google_msm-4.14.sh | 4 +--- .../CVE_Patchers/android_kernel_google_redbull.sh | 5 +---- 8 files changed, 9 insertions(+), 21 deletions(-) diff --git a/Patches/LineageOS-20.0/android_frameworks_base/0007-Always_Restict_Serial.patch b/Patches/LineageOS-20.0/android_frameworks_base/0007-Always_Restict_Serial.patch index c3455647..b06581d0 100644 --- a/Patches/LineageOS-20.0/android_frameworks_base/0007-Always_Restict_Serial.patch +++ b/Patches/LineageOS-20.0/android_frameworks_base/0007-Always_Restict_Serial.patch @@ -10,7 +10,7 @@ requiring the READ_PHONE_STATE permission. 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/services/core/java/com/android/server/am/ActivityManagerService.java b/services/core/java/com/android/server/am/ActivityManagerService.java -index 1428fa853f2a..f9f042ea6517 100644 +index 3e43e711e7f5..c5eb18bf40ed 100644 --- a/services/core/java/com/android/server/am/ActivityManagerService.java +++ b/services/core/java/com/android/server/am/ActivityManagerService.java @@ -4822,12 +4822,7 @@ public class ActivityManagerService extends IActivityManager.Stub diff --git a/Patches/LineageOS-20.0/android_frameworks_base/0029-Strict_Package_Checks-2.patch b/Patches/LineageOS-20.0/android_frameworks_base/0029-Strict_Package_Checks-2.patch index ea16e629..4dafbab0 100644 --- a/Patches/LineageOS-20.0/android_frameworks_base/0029-Strict_Package_Checks-2.patch +++ b/Patches/LineageOS-20.0/android_frameworks_base/0029-Strict_Package_Checks-2.patch @@ -11,10 +11,10 @@ Subject: [PATCH] perform additional boot-time checks on system package updates create mode 100644 services/core/java/com/android/server/pm/PackageVerityExt.java diff --git a/services/core/java/com/android/server/pm/InstallPackageHelper.java b/services/core/java/com/android/server/pm/InstallPackageHelper.java -index 64a9a563e4a2..4d82581e2389 100644 +index c32a57c68ede..d037e28f74fd 100644 --- a/services/core/java/com/android/server/pm/InstallPackageHelper.java +++ b/services/core/java/com/android/server/pm/InstallPackageHelper.java -@@ -3785,6 +3785,13 @@ final class InstallPackageHelper { +@@ -3808,6 +3808,13 @@ final class InstallPackageHelper { @Nullable UserHandle user) throws PackageManagerException { final boolean scanSystemPartition = (parseFlags & ParsingPackageUtils.PARSE_IS_SYSTEM_DIR) != 0; diff --git a/Patches/LineageOS-20.0/android_frameworks_native/0001-Sensors_Permission.patch b/Patches/LineageOS-20.0/android_frameworks_native/0001-Sensors_Permission.patch index 01235f63..cb106b2c 100644 --- a/Patches/LineageOS-20.0/android_frameworks_native/0001-Sensors_Permission.patch +++ b/Patches/LineageOS-20.0/android_frameworks_native/0001-Sensors_Permission.patch @@ -9,7 +9,7 @@ Ported from 10: ff005a6b6a38baef95c4a01d7e1fc75aac651a58 1 file changed, 1 insertion(+) diff --git a/libs/sensor/Sensor.cpp b/libs/sensor/Sensor.cpp -index ec0ced8663..1cf12e1f43 100644 +index b865c4d5d6..f8eac85c90 100644 --- a/libs/sensor/Sensor.cpp +++ b/libs/sensor/Sensor.cpp @@ -59,6 +59,7 @@ Sensor::Sensor(struct sensor_t const& hwSensor, const uuid_t& uuid, int halVersi diff --git a/Scripts/LineageOS-20.0/CVE_Patchers/android_kernel_fxtec_msm8998.sh b/Scripts/LineageOS-20.0/CVE_Patchers/android_kernel_fxtec_msm8998.sh index d9a0636f..1926553b 100644 --- a/Scripts/LineageOS-20.0/CVE_Patchers/android_kernel_fxtec_msm8998.sh +++ b/Scripts/LineageOS-20.0/CVE_Patchers/android_kernel_fxtec_msm8998.sh @@ -155,12 +155,11 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-1990/4.4/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-2162/4.4/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-2194/^6.3/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-2248/^6.3/0001.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-20941/ANY/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-23455/4.4/0007.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-23559/4.4/0007.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-26545/4.4/0007.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-28328/4.4/0001.patch -editKernelLocalversion "-dos.p160" +editKernelLocalversion "-dos.p159" else echo "kernel_fxtec_msm8998 is unavailable, not patching."; fi; cd "$DOS_BUILD_BASE" diff --git a/Scripts/LineageOS-20.0/CVE_Patchers/android_kernel_google_gs101_private_gs-google.sh b/Scripts/LineageOS-20.0/CVE_Patchers/android_kernel_google_gs101_private_gs-google.sh index d180a4db..421478cb 100644 --- a/Scripts/LineageOS-20.0/CVE_Patchers/android_kernel_google_gs101_private_gs-google.sh +++ b/Scripts/LineageOS-20.0/CVE_Patchers/android_kernel_google_gs101_private_gs-google.sh @@ -74,7 +74,6 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-4662/5.10/0006.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-20158/^5.15/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-27950/^5.16/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-36280/5.10/0005.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-41218/5.10/0004.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-41849/5.10/0005.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-42703/5.10/0005.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-42895/5.10/0005.patch @@ -117,8 +116,6 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-2166/5.10/0002.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-2194/5.10/0004.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-2235/^6.3/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-2248/5.10/0004.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-21102/ANY/0001.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-21102/ANY/0002.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-22998/5.10/0003.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-22998/5.10/0004.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-23000/^5.16/0001.patch @@ -133,7 +130,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-28328/5.10/0006.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-28466/5.10/0002.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-30456/5.10/0002.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-30772/5.10/0004.patch -editKernelLocalversion "-dos.p133" +editKernelLocalversion "-dos.p130" else echo "kernel_google_gs101_private_gs-google is unavailable, not patching."; fi; cd "$DOS_BUILD_BASE" diff --git a/Scripts/LineageOS-20.0/CVE_Patchers/android_kernel_google_gs201_private_gs-google.sh b/Scripts/LineageOS-20.0/CVE_Patchers/android_kernel_google_gs201_private_gs-google.sh index 8f067dba..61238f96 100644 --- a/Scripts/LineageOS-20.0/CVE_Patchers/android_kernel_google_gs201_private_gs-google.sh +++ b/Scripts/LineageOS-20.0/CVE_Patchers/android_kernel_google_gs201_private_gs-google.sh @@ -74,7 +74,6 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-4662/5.10/0006.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-20158/^5.15/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-27950/^5.16/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-36280/5.10/0005.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-41218/5.10/0004.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-41849/5.10/0005.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-42703/5.10/0005.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-42895/5.10/0005.patch @@ -117,8 +116,6 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-2166/5.10/0002.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-2194/5.10/0004.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-2235/^6.3/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-2248/5.10/0004.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-21102/ANY/0001.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-21102/ANY/0002.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-22998/5.10/0003.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-22998/5.10/0004.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-23000/^5.16/0001.patch @@ -133,7 +130,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-28328/5.10/0006.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-28466/5.10/0002.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-30456/5.10/0002.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-30772/5.10/0004.patch -editKernelLocalversion "-dos.p133" +editKernelLocalversion "-dos.p130" else echo "kernel_google_gs201_private_gs-google is unavailable, not patching."; fi; cd "$DOS_BUILD_BASE" diff --git a/Scripts/LineageOS-20.0/CVE_Patchers/android_kernel_google_msm-4.14.sh b/Scripts/LineageOS-20.0/CVE_Patchers/android_kernel_google_msm-4.14.sh index 7a984fa6..bc9daec2 100644 --- a/Scripts/LineageOS-20.0/CVE_Patchers/android_kernel_google_msm-4.14.sh +++ b/Scripts/LineageOS-20.0/CVE_Patchers/android_kernel_google_msm-4.14.sh @@ -88,11 +88,9 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-4378/4.14/0004.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-4382/^6.2/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-20369/4.14/0006.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-20382/ANY/0001.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-25677/ANY/0002.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-27950/^5.16/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-36280/4.14/0002.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-40768/4.14/0005.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-41218/4.14/0002.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-41849/4.14/0002.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-41850/4.14/0002.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-42895/4.14/0002.patch @@ -130,7 +128,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-26545/4.14/0002.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-26607/4.14/0003.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-28328/4.14/0003.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-30772/4.14/0002.patch -editKernelLocalversion "-dos.p130" +editKernelLocalversion "-dos.p128" else echo "kernel_google_msm-4.14 is unavailable, not patching."; fi; cd "$DOS_BUILD_BASE" diff --git a/Scripts/LineageOS-20.0/CVE_Patchers/android_kernel_google_redbull.sh b/Scripts/LineageOS-20.0/CVE_Patchers/android_kernel_google_redbull.sh index 541fcfc3..6e885b99 100644 --- a/Scripts/LineageOS-20.0/CVE_Patchers/android_kernel_google_redbull.sh +++ b/Scripts/LineageOS-20.0/CVE_Patchers/android_kernel_google_redbull.sh @@ -98,7 +98,6 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-20571/ANY/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-27950/^5.16/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-36280/4.19/0003.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-40768/4.19/0006.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-41218/4.19/0003.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-41849/4.19/0003.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-41850/4.19/0003.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-42703/4.19/0003.patch @@ -133,8 +132,6 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-2002/3.10-^6.3/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-2162/4.19/0004.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-2194/4.19/0003.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-2248/4.19/0003.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-21665/ANY/0001.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-21666/ANY/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-23000/^5.16/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-23454/4.19/0003.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-23455/4.19/0003.patch @@ -143,7 +140,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-26545/4.19/0003.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-26607/4.19/0004.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-28328/4.19/0004.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-30772/4.19/0003.patch -editKernelLocalversion "-dos.p143" +editKernelLocalversion "-dos.p140" else echo "kernel_google_redbull is unavailable, not patching."; fi; cd "$DOS_BUILD_BASE"