mirror of
https://github.com/Divested-Mobile/DivestOS-Build.git
synced 2024-10-01 01:35:54 -04:00
KSM tuning
- Only enable on Linux 3.0 through 4.9 - Always enable defer option - Only run twice a second, instead of fifty times a second Signed-off-by: Tad <tad@spotco.us>
This commit is contained in:
Tad
parent
11c286ecd4
commit
1c9076fffe
@ -1 +1 @@
|
||||
Subproject commit 71f7327b0d4d85a31ef3e959d63b1e52df6516f6
|
||||
Subproject commit 19534732114f5cde187cc1b3af576800d24922d2
|
||||
@ -901,7 +901,18 @@ hardenDefconfig() {
|
||||
optionsYes+=("DEBUG_KERNEL" "DEBUG_CREDENTIALS" "DEBUG_LIST" "DEBUG_VIRTUAL");
|
||||
optionsYes+=("DEBUG_RODATA" "DEBUG_SET_MODULE_RONX");
|
||||
#optionsYes+=("DEBUG_SG"); #bootloops - https://patchwork.kernel.org/patch/8989981
|
||||
if [ "$DOS_USE_KSM" = true ]; then optionsYes+=("KSM"); fi;
|
||||
|
||||
if [ "$DOS_USE_KSM" = true ] && [ -f "mm/ksm.c" ]; then
|
||||
if [[ $kernelVersion == "3."* ]] || [[ $kernelVersion == "4.4"* ]] || [[ $kernelVersion == "4.9"* ]]; then
|
||||
optionsYes+=("KSM");
|
||||
sed -i 's/unsigned int ksm_run = KSM_RUN_STOP;/unsigned int ksm_run = KSM_RUN_MERGE;/' mm/ksm.c &>/dev/null || true;
|
||||
sed -i 's/unsigned long ksm_run = KSM_RUN_STOP;/unsigned long ksm_run = KSM_RUN_MERGE;/' mm/ksm.c &>/dev/null || true;
|
||||
else
|
||||
local ksmNotNeeded=true;
|
||||
sed -i 's/unsigned int ksm_run = KSM_RUN_MERGE;/unsigned int ksm_run = KSM_RUN_STOP;/' mm/ksm.c &>/dev/null || true;
|
||||
sed -i 's/unsigned long ksm_run = KSM_RUN_MERGE;/unsigned long ksm_run = KSM_RUN_STOP;/' mm/ksm.c &>/dev/null || true;
|
||||
fi;
|
||||
fi;
|
||||
|
||||
if [[ $kernelVersion == "3."* ]] || [[ $kernelVersion == "4.4"* ]] || [[ $kernelVersion == "4.9"* ]]; then
|
||||
optionsYes+=("DEBUG_NOTIFIERS"); #(https://github.com/GrapheneOS/os-issue-tracker/issues/681)
|
||||
@ -1084,7 +1095,7 @@ hardenDefconfig() {
|
||||
optionsNo+=("HIBERNATION");
|
||||
optionsNo+=("KEXEC" "KEXEC_FILE");
|
||||
optionsNo+=("UKSM");
|
||||
if [ "$DOS_USE_KSM" = false ]; then optionsNo+=("KSM"); fi;
|
||||
if [ "$DOS_USE_KSM" = false ] || [ "$ksmNotNeeded" = true ]; then optionsNo+=("KSM"); fi;
|
||||
optionsNo+=("LIVEPATCH");
|
||||
optionsNo+=("WIREGUARD"); #Requires root access, which we do not provide
|
||||
if [ "$DOS_DEBLOBBER_REMOVE_IPA" = true ]; then optionsNo+=("IPA" "RMNET_IPA"); fi;
|
||||
|
||||
@ -24,12 +24,12 @@ echo "Post tweaks...";
|
||||
#MSM_DLOAD_MODE can't be disabled as it breaks compile
|
||||
sed -i 's/set_dload_mode(in_panic)/set_dload_mode(0)/' kernel/*/*/arch/arm/mach-msm/restart.c &>/dev/null || true;
|
||||
|
||||
if [ "$DOS_USE_KSM" = true ]; then
|
||||
#Enable KSM #XXX testing only
|
||||
sed -i 's/unsigned int ksm_run = KSM_RUN_STOP;/unsigned int ksm_run = KSM_RUN_MERGE;/' kernel/*/*/mm/ksm.c &>/dev/null || true;
|
||||
sed -i 's/unsigned long ksm_run = KSM_RUN_STOP;/unsigned long ksm_run = KSM_RUN_MERGE;/' kernel/*/*/mm/ksm.c &>/dev/null || true;
|
||||
#Increase power efficiency of KSM
|
||||
sed -i 's/bool use_deferred_timer;/bool use_deferred_timer = true;/' kernel/*/*/mm/ksm.c &>/dev/null || true;
|
||||
sed -i 's/unsigned int ksm_thread_sleep_millisecs = 20;/unsigned int ksm_thread_sleep_millisecs = 500;/' kernel/*/*/mm/ksm.c &>/dev/null || true;
|
||||
|
||||
#Enable slub/slab merging #XXX testing only
|
||||
if [ "$DOS_USE_KSM" = true ]; then
|
||||
#Enable slub/slab merging
|
||||
sed -i 's/static int slub_nomerge;/static int slub_nomerge = 0;/' kernel/*/*/mm/slub.c &>/dev/null || true; #2.6.22-3.17
|
||||
sed -i 's/static int slab_nomerge;/static int slab_nomerge = 0;/' kernel/*/*/mm/slab_common.c &>/dev/null || true; #3.18-4.12
|
||||
sed -i 's/static bool slab_nomerge = !IS_ENABLED(CONFIG_SLAB_MERGE_DEFAULT);/static bool slab_nomerge = false;/' kernel/*/*/mm/slab_common.c &>/dev/null || true; #4.13+
|
||||
|
||||
@ -12,6 +12,7 @@ git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.10/00
|
||||
#git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.18/0043.patch
|
||||
#git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening-slub/4.4/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0009-rfc4941bis/ANY/0008.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0010-ksm_deferred_timers/3.4/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3076/3.4/0003.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3222/3.4/0003.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3225/3.4/0003.patch
|
||||
@ -252,7 +253,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-3161/4.4/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-23559/4.4/0007.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-32269/4.4/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/797912_0001-usb-gadget-Fix-synchronization-issue-between-f_audio.patch
|
||||
editKernelLocalversion "-dos.p252"
|
||||
editKernelLocalversion "-dos.p253"
|
||||
else echo "kernel_samsung_exynos5420 is unavailable, not patching.";
|
||||
fi;
|
||||
cd "$DOS_BUILD_BASE"
|
||||
|
||||
@ -6,6 +6,7 @@ git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.10/00
|
||||
#git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.18/0043.patch
|
||||
#git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening-slub/4.4/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0009-rfc4941bis/ANY/0008.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0010-ksm_deferred_timers/3.4/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0090-Unknown/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2011-4131/^3.2/0003.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2011-4347/^3.2/0001.patch
|
||||
@ -426,7 +427,7 @@ git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/797912_0001-usb-gadget-Fix-sy
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14053/3.4/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14053/3.4/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-20423/3.4/0010.patch
|
||||
editKernelLocalversion "-dos.p426"
|
||||
editKernelLocalversion "-dos.p427"
|
||||
else echo "kernel_samsung_smdk4412 is unavailable, not patching.";
|
||||
fi;
|
||||
cd "$DOS_BUILD_BASE"
|
||||
|
||||
@ -6,6 +6,7 @@ git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.10/00
|
||||
#git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.18/0043.patch
|
||||
#git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening-slub/4.4/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0009-rfc4941bis/ANY/0008.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0010-ksm_deferred_timers/3.4/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0090-Unknown/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2011-4131/^3.2/0003.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2011-4347/^3.2/0001.patch
|
||||
@ -419,7 +420,7 @@ git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/797912_0001-usb-gadget-Fix-sy
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14053/3.4/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14053/3.4/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-20423/3.4/0010.patch
|
||||
editKernelLocalversion "-dos.p419"
|
||||
editKernelLocalversion "-dos.p420"
|
||||
else echo "kernel_samsung_tuna is unavailable, not patching.";
|
||||
fi;
|
||||
cd "$DOS_BUILD_BASE"
|
||||
|
||||
@ -34,6 +34,7 @@ git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening-random/4.9/0006
|
||||
#git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening-ro/4.9/0027.patch
|
||||
#git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening-ro/4.9/0031.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0009-rfc4941bis/ANY/0006.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0010-ksm_deferred_timers/3.18/0003.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0090-Unknown/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0090-Unknown/ANY/0005.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-7446/^4.3.3/0003.patch
|
||||
@ -777,7 +778,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14283/3.18/0004.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-0466/3.18/0003.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-29660/3.18/0007.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-37159/4.4/0006.patch
|
||||
editKernelLocalversion "-dos.p777"
|
||||
editKernelLocalversion "-dos.p778"
|
||||
else echo "kernel_samsung_universal8890 is unavailable, not patching.";
|
||||
fi;
|
||||
cd "$DOS_BUILD_BASE"
|
||||
|
||||
@ -16,6 +16,7 @@ git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.10/00
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.10/0016.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.10/0017.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0009-rfc4941bis/ANY/0007.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0010-ksm_deferred_timers/3.10/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0090-Unknown/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-2372/3.10/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6540/3.4/0003.patch
|
||||
@ -668,7 +669,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14053/3.4/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14283/3.18/0004.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-29660/3.18/0007.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-20423/3.4/0010.patch
|
||||
editKernelLocalversion "-dos.p668"
|
||||
editKernelLocalversion "-dos.p669"
|
||||
else echo "kernel_asus_fugu is unavailable, not patching.";
|
||||
fi;
|
||||
cd "$DOS_BUILD_BASE"
|
||||
|
||||
@ -29,6 +29,7 @@ git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening-random/4.9/0006
|
||||
#git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening-ro/4.9/0027.patch
|
||||
#git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening-ro/4.9/0031.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0009-rfc4941bis/ANY/0006.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0010-ksm_deferred_timers/3.18/0003.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0090-Unknown/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0090-Unknown/ANY/0005.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-4312/3.18/0007.patch
|
||||
@ -741,7 +742,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14283/3.18/0004.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-0466/3.18/0003.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-29660/3.18/0007.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-37159/4.4/0006.patch
|
||||
editKernelLocalversion "-dos.p741"
|
||||
editKernelLocalversion "-dos.p742"
|
||||
else echo "kernel_google_dragon is unavailable, not patching.";
|
||||
fi;
|
||||
cd "$DOS_BUILD_BASE"
|
||||
|
||||
@ -17,6 +17,7 @@ git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.10/00
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.10/0016.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.10/0017.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0009-rfc4941bis/ANY/0007.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0010-ksm_deferred_timers/3.10/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6540/3.4/0003.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3076/3.4/0003.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3222/3.4/0003.patch
|
||||
@ -458,7 +459,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14053/3.4/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14283/3.18/0004.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-29660/3.18/0007.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-20423/3.4/0010.patch
|
||||
editKernelLocalversion "-dos.p458"
|
||||
editKernelLocalversion "-dos.p459"
|
||||
else echo "kernel_htc_flounder is unavailable, not patching.";
|
||||
fi;
|
||||
cd "$DOS_BUILD_BASE"
|
||||
|
||||
@ -16,6 +16,7 @@ git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.10/00
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening-misc/4.4/0016.patch
|
||||
#git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening-slub/4.4/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0009-rfc4941bis/ANY/0008.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0010-ksm_deferred_timers/3.4/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0090-Unknown/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-2119/3.4/0003.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-2136/3.4/0003.patch
|
||||
@ -653,7 +654,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-4002/3.4/0008.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14053/3.4/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14053/3.4/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-20423/3.4/0010.patch
|
||||
editKernelLocalversion "-dos.p653"
|
||||
editKernelLocalversion "-dos.p654"
|
||||
else echo "kernel_lge_hammerhead is unavailable, not patching.";
|
||||
fi;
|
||||
cd "$DOS_BUILD_BASE"
|
||||
|
||||
@ -17,6 +17,7 @@ git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.10/00
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.10/0017.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.10/0018.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0009-rfc4941bis/ANY/0007.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0010-ksm_deferred_timers/3.10/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6540/3.4/0003.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3076/3.4/0003.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3222/3.4/0003.patch
|
||||
@ -367,7 +368,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14053/3.4/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14283/3.18/0004.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-29660/3.18/0007.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-20423/3.4/0010.patch
|
||||
editKernelLocalversion "-dos.p367"
|
||||
editKernelLocalversion "-dos.p368"
|
||||
else echo "kernel_moto_shamu is unavailable, not patching.";
|
||||
fi;
|
||||
cd "$DOS_BUILD_BASE"
|
||||
|
||||
@ -17,6 +17,7 @@ git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.10/00
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.10/0016.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.10/0017.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0009-rfc4941bis/ANY/0007.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0010-ksm_deferred_timers/3.10/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0090-Unknown/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6540/3.4/0003.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3076/3.4/0003.patch
|
||||
@ -508,7 +509,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14053/3.4/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14283/3.18/0004.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-29660/3.18/0007.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-20423/3.4/0010.patch
|
||||
editKernelLocalversion "-dos.p508"
|
||||
editKernelLocalversion "-dos.p509"
|
||||
else echo "kernel_google_yellowstone is unavailable, not patching.";
|
||||
fi;
|
||||
cd "$DOS_BUILD_BASE"
|
||||
|
||||
@ -17,6 +17,7 @@ git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.18/00
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening-misc/4.4/0016.patch
|
||||
#git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening-slub/4.4/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0009-rfc4941bis/ANY/0008.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0010-ksm_deferred_timers/3.4/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0090-Unknown/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-2119/3.4/0003.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-2136/3.4/0003.patch
|
||||
@ -653,7 +654,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-4002/3.4/0008.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14053/3.4/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14053/3.4/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-20423/3.4/0010.patch
|
||||
editKernelLocalversion "-dos.p653"
|
||||
editKernelLocalversion "-dos.p654"
|
||||
else echo "kernel_lge_hammerhead is unavailable, not patching.";
|
||||
fi;
|
||||
cd "$DOS_BUILD_BASE"
|
||||
|
||||
@ -13,6 +13,7 @@ git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/ANY/000
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening-misc/4.4/0016.patch
|
||||
#git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening-slub/4.4/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0009-rfc4941bis/ANY/0008.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0010-ksm_deferred_timers/3.4/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0090-Unknown/ANY/0001.patch
|
||||
#git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18193/3.18/0002.patch
|
||||
#git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-17972/3.18/0004.patch
|
||||
@ -31,7 +32,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-3141/4.4/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-3159/4.4/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-3161/4.4/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-32269/4.4/0001.patch
|
||||
editKernelLocalversion "-dos.p31"
|
||||
editKernelLocalversion "-dos.p32"
|
||||
else echo "kernel_lge_mako is unavailable, not patching.";
|
||||
fi;
|
||||
cd "$DOS_BUILD_BASE"
|
||||
|
||||
@ -18,6 +18,7 @@ git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.10/00
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.10/0017.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.10/0018.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0009-rfc4941bis/ANY/0007.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0010-ksm_deferred_timers/3.10/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6540/3.4/0003.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3076/3.4/0003.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3222/3.4/0003.patch
|
||||
@ -348,7 +349,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14053/3.4/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14283/3.18/0004.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-29660/3.18/0007.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-20423/3.4/0010.patch
|
||||
editKernelLocalversion "-dos.p348"
|
||||
editKernelLocalversion "-dos.p349"
|
||||
else echo "kernel_moto_shamu is unavailable, not patching.";
|
||||
fi;
|
||||
cd "$DOS_BUILD_BASE"
|
||||
|
||||
@ -11,6 +11,7 @@ git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.18/00
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/ANY/0001.patch
|
||||
#git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening-slub/4.4/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0009-rfc4941bis/ANY/0008.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0010-ksm_deferred_timers/3.4/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0090-Unknown/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6544/3.4/0007.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6544/3.4/0008.patch
|
||||
@ -505,7 +506,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6752/3.4/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14053/3.4/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14053/3.4/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-20423/3.4/0010.patch
|
||||
editKernelLocalversion "-dos.p505"
|
||||
editKernelLocalversion "-dos.p506"
|
||||
else echo "kernel_motorola_msm8974 is unavailable, not patching.";
|
||||
fi;
|
||||
cd "$DOS_BUILD_BASE"
|
||||
|
||||
@ -15,6 +15,7 @@ git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/ANY/000
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening-misc/4.4/0016.patch
|
||||
#git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening-slub/4.4/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0009-rfc4941bis/ANY/0008.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0010-ksm_deferred_timers/3.4/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0090-Unknown/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6703/^3.6/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6703/^3.6/0002.patch
|
||||
@ -542,7 +543,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13167/3.4/0014.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14053/3.4/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14053/3.4/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-20423/3.4/0010.patch
|
||||
editKernelLocalversion "-dos.p542"
|
||||
editKernelLocalversion "-dos.p543"
|
||||
else echo "kernel_samsung_msm8930-common is unavailable, not patching.";
|
||||
fi;
|
||||
cd "$DOS_BUILD_BASE"
|
||||
|
||||
@ -25,6 +25,7 @@ git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening-slab/4.9/0009.p
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening-slab/4.9/0013.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening-slab/4.9/0017.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0009-rfc4941bis/4.9/0004.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0010-ksm_deferred_timers/4.9/0005.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0090-Unknown/ANY/0004.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-9900/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7837/ANY/0001.patch
|
||||
@ -590,7 +591,7 @@ git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening-ro/4.9/0016.pat
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening-ro/4.9/0029.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14283/4.9/0008.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-37159/4.9/0007.patch
|
||||
editKernelLocalversion "-dos.p590"
|
||||
editKernelLocalversion "-dos.p591"
|
||||
else echo "kernel_samsung_exynos9810 is unavailable, not patching.";
|
||||
fi;
|
||||
cd "$DOS_BUILD_BASE"
|
||||
|
||||
Loading…
Reference in New Issue
Block a user