Git-Mirrors/DivestOS
1
0
Fork 0
mirror of https://github.com/Divested-Mobile/DivestOS-Build.git synced 2025-06-29 08:47:18 -04:00
Code Issues Projects Releases Packages Wiki Activity

Fixups + Churn

Browse source 
Signed-off-by: Tavi <tavi@divested.dev>
This commit is contained in:
Tavi 2024-10-16 20:47:28 -04:00
parent 52fd08c2f1
commit 2e83c91a81
No known key found for this signature in database
GPG key ID: E599F62ECBAEAF2E
64 changed files with 260 additions and 309 deletions
Download patch file Download diff file Expand all files Collapse all files

4
Scripts/Common/Fix_CVE_Patchers.sh
View file

@ -53,7 +53,7 @@ commentPatches android_kernel_fxtec_msm8998.sh "0008-Graphene-Kernel_Hardening-s
commentPatches android_kernel_fxtec_sm6115.sh "CVE-2018-5873" "CVE-2021-3444" "CVE-2021-3600";
commentPatches android_kernel_google_bonito.sh "CVE-2020-0067";
commentPatches android_kernel_google_coral.sh "CVE-2019-19319" "CVE-2020-1749" "CVE-2020-8992" "CVE-2021-30324";
commentPatches android_kernel_google_dragon.sh "0006-AndroidHardening-Kernel_Hardening/3.18/0026.patch" "0008-Graphene-Kernel_Hardening-ro" "CVE-2015-4167" "CVE-2017-15951" "CVE-2016-1237" "CVE-2016-6198" "CVE-2017-7374" "CVE-2018-17972" "CVE-2019-2214" "CVE-2021-39715/ANY/0001.patch";
commentPatches android_kernel_google_dragon.sh "0006-AndroidHardening-Kernel_Hardening/3.18/0026.patch" "0008-Graphene-Kernel_Hardening-ro" "CVE-2015-4167" "CVE-2017-15951" "CVE-2016-1237" "CVE-2016-6198" "CVE-2017-7374" "CVE-2018-17972" "CVE-2019-2214" "CVE-2021-39715/ANY/0001.patch" "CVE-2024-46777";
commentPatches android_kernel_google_crosshatch.sh "CVE-2020-0067";
commentPatches android_kernel_google_gs101_private_gs-google.sh "CVE-2021-29648/^5.11/0001.patch" "CVE-2023-6817/5.10/0002.patch" "CVE-2023-52462/5.10/0002.patch" "CVE-2023-52672" "CVE-2024-26733/5.10/0002.patch" "CVE-2023-52656/5.10" "CVE-2024-26882" "CVE-2024-38564" "CVE-2022-48862" "CVE-2024-46681" "CVE-2024-46826";
commentPatches android_kernel_google_gs201_private_gs-google.sh "CVE-2021-29648/^5.11/0001.patch" "CVE-2023-6817/5.10/0002.patch" "CVE-2023-52462/5.10/0002.patch" "CVE-2023-52672" "CVE-2024-26733/5.10/0002.patch" "CVE-2023-52656/5.10" "CVE-2024-26882" "CVE-2024-38564" "CVE-2022-48862" "CVE-2024-46681" "CVE-2024-46826";
@ -106,7 +106,7 @@ commentPatches android_kernel_xiaomi_sm8150.sh "CVE-2020-24588/4.14/0018.patch"
commentPatches android_kernel_xiaomi_vayu.sh "CVE-2020-24588/4.14/0018.patch";
commentPatches android_kernel_xiaomi_sm6150.sh "CVE-2023-43550" "CVE-2023-52901";
commentPatches android_kernel_xiaomi_sm8250.sh "CVE-2018-5873" "CVE-2020-1749" "CVE-2021-3444" "CVE-2021-3600" "CVE-2022-22075";
commentPatches android_kernel_yandex_sdm660.sh "CVE-2019-11599" "CVE-2019-14070/ANY/0005.patch" "CVE-2019-19319" "CVE-2020-1749" "CVE-2020-8992" "CVE-2020-16166" "CVE-2024-35954";
commentPatches android_kernel_yandex_sdm660.sh "CVE-2019-11599" "CVE-2019-14070/ANY/0005.patch" "CVE-2019-19319" "CVE-2020-1749" "CVE-2020-8992" "CVE-2020-16166" "CVE-2024-35954" "CVE-2023-28542" "CVE-2021-30319";
commentPatches android_kernel_zte_msm8930.sh "CVE-2015-2922" "CVE-2017-11015/prima";
commentPatches android_kernel_zte_msm8996.sh "0001-LinuxIncrementals/3.18/3.18.0098-0099.patch" "CVE-2017-13162" "CVE-2017-15951" "CVE-2017-16939" "CVE-2018-17972" "CVE-2019-2214" "CVE-2019-14070" "CVE-2019-16746" "CVE-2020-0427" "CVE-2020-14381" "CVE-2020-16166" "CVE-2021-39715/ANY/0001.patch" "CVE-2022-42896/4.9";
commentPatches android_kernel_zuk_msm8996.sh "0008-Graphene-Kernel_Hardening-slab" "0008-Graphene-Kernel_Hardening-canaries/4.4/0002.patch" "CVE-2019-19319" "CVE-2020-0305" "CVE-2020-1749" "CVE-2020-8992" "CVE-2020-1616";

2
Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_google_dragon.sh
View file

@ -1068,7 +1068,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-46757/4.4/0008.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-46758/4.4/0008.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-46759/4.4/0008.patch
#git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-46771/^6.11/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-46777/4.4/0008.patch
#git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-46777/4.4/0008.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-46781/4.4/0008.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-46830/^6.11/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-46844/4.4/0008.patch

2
Scripts/LineageOS-15.1/Patch.sh
View file

@ -278,7 +278,7 @@ applyPatch "$DOS_PATCHES/android_frameworks_base/399769-backport.patch"; #P_asb_
applyPatch "$DOS_PATCHES/android_frameworks_base/399770.patch"; #P_asb_2024-08 Hide SAW subwindows
applyPatch "$DOS_PATCHES/android_frameworks_base/401373-backport.patch"; #S_asb_2024-09 Sanitized uri scheme by removing scheme delimiter
applyPatch "$DOS_PATCHES/android_frameworks_base/405829-backport.patch"; #P_asb_2024-10 Update AccountManagerService checkKeyIntent.
+applyPatch "$DOS_PATCHES/android_frameworks_base/405830.patch"; #P_asb_2024-10 Fail parseUri if end is missing
applyPatch "$DOS_PATCHES/android_frameworks_base/405830.patch"; #P_asb_2024-10 Fail parseUri if end is missing
applyPatch "$DOS_PATCHES_COMMON/android_frameworks_base/0001-Browser_No_Location.patch"; #Don't grant location permission to system browsers (GrapheneOS)
applyPatch "$DOS_PATCHES_COMMON/android_frameworks_base/0003-SUPL_No_IMSI.patch"; #Don't send IMSI to SUPL (MSe1969)
applyPatch "$DOS_PATCHES_COMMON/android_frameworks_base/0004-Fingerprint_Lockout.patch"; #Enable fingerprint lockout after five failed attempts (GrapheneOS)

4
Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_yandex_sdm660.sh
View file

@ -313,7 +313,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-28964/4.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-28972/4.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-29154/4.4/0006.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-30002/4.4/0005.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-30319/qcacld-3.0/0001.patch --directory=drivers/staging/qcacld-3.0
#git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-30319/qcacld-3.0/0001.patch --directory=drivers/staging/qcacld-3.0
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-31916/4.4/0006.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-32399/4.4/0007.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-33656/4.4/0007.patch
@ -631,7 +631,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-23455/4.4/0007.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-23559/4.4/0007.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-26545/4.4/0007.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-28328/4.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-28542/qcacld-3.0/0001.patch --directory=drivers/staging/qcacld-3.0
#git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-28542/qcacld-3.0/0001.patch --directory=drivers/staging/qcacld-3.0
git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-28584/4.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-28772/4.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-30772/4.4/0008.patch

7
Scripts/LineageOS-17.1/Patch.sh
View file

@ -330,7 +330,6 @@ applyPatch "$DOS_PATCHES/android_frameworks_base/402606.patch"; #Q_asb_2024-08 H
applyPatch "$DOS_PATCHES/android_frameworks_base/403301.patch"; #Q_asb_2024-09 Sanitized uri scheme by removing scheme delimiter
applyPatch "$DOS_PATCHES/android_frameworks_base/405515.patch"; #R_asb_2024-10 Update AccountManagerService checkKeyIntent.
applyPatch "$DOS_PATCHES/android_frameworks_base/405516.patch"; #R_asb_2024-10 Fail parseUri if end is missing
applyPatch "$DOS_PATCHES/android_frameworks_base/405517-backport.patch"; #R_asb_2024-10 Prevent Sharing when FRP enforcement is in effect
applyPatch "$DOS_PATCHES/android_frameworks_base/405518.patch"; #R_asb_2024-10 Check whether installerPackageName contains only valid characters
#applyPatch "$DOS_PATCHES/android_frameworks_base/272645.patch"; #ten-bt-sbc-hd-dualchannel: Add CHANNEL_MODE_DUAL_CHANNEL constant (ValdikSS)
#applyPatch "$DOS_PATCHES/android_frameworks_base/272646-forwardport.patch"; #ten-bt-sbc-hd-dualchannel: Add Dual Channel into Bluetooth Audio Channel Mode developer options menu (ValdikSS)
@ -468,7 +467,7 @@ fi;
if enterAndClear "packages/apps/Bluetooth"; then
applyPatch "$DOS_PATCHES/android_packages_apps_Bluetooth/378135.patch"; #Q_asb_2023-12 Fix UAF in ~CallbackEnv
applyPatch "$DOS_PATCHES/android_packages_apps_Bluetooth/405540.patch"; #R_asb_2024-10 Disallow unexpected incoming HID connections 2/2
applyPatch "$DOS_PATCHES/android_packages_apps_Bluetooth/405835-backport.patch"; #P_asb_2024-10 Disallow unexpected incoming HID connections 2/2
#applyPatch "$DOS_PATCHES/android_packages_apps_Bluetooth/272652.patch"; #ten-bt-sbc-hd-dualchannel: SBC Dual Channel (SBC HD Audio) support (ValdikSS)
#applyPatch "$DOS_PATCHES/android_packages_apps_Bluetooth/272653.patch"; #ten-bt-sbc-hd-dualchannel: Assume optional codecs are supported if were supported previously (ValdikSS)
applyPatch "$DOS_PATCHES/android_packages_apps_Bluetooth/0001-constify_JNINativeMethod.patch"; #Constify JNINativeMethod tables (GrapheneOS)
@ -676,7 +675,7 @@ applyPatch "$DOS_PATCHES/android_system_bt/403315.patch"; #Q_asb_2024-09 Add sup
applyPatch "$DOS_PATCHES/android_system_bt/403316.patch"; #Q_asb_2024-09 Disallow connect with Secure Connections downgrade
applyPatch "$DOS_PATCHES/android_system_bt/403317.patch"; #Q_asb_2024-09 Disallow connect with key length downgrade
applyPatch "$DOS_PATCHES/android_system_bt/405536.patch"; #R_asb_2024-10 Add btif/include/btif_hh::btif_hh_status_text
applyPatch "$DOS_PATCHES/android_system_bt/405537.patch"; #R_asb_2024-10 Disallow unexpected incoming HID connections 1/2
applyPatch "$DOS_PATCHES/android_system_bt/405834-backport.patch"; #P_asb_2024-10 Disallow unexpected incoming HID connections 1/2
applyPatch "$DOS_PATCHES_COMMON/android_system_bt/0001-alloc_size.patch"; #Add alloc_size attributes to the allocator (GrapheneOS)
#applyPatch "$DOS_PATCHES/android_system_bt/272648.patch"; #ten-bt-sbc-hd-dualchannel: Increase maximum Bluetooth SBC codec bitrate for SBC HD (ValdikSS)
#applyPatch "$DOS_PATCHES/android_system_bt/272649.patch"; #ten-bt-sbc-hd-dualchannel: Explicit SBC Dual Channel (SBC HD) support (ValdikSS)
@ -758,7 +757,7 @@ fi;
if enterAndClear "vendor/qcom/opensource/commonsys/packages/apps/Bluetooth"; then
applyPatch "$DOS_PATCHES/android_vendor_qcom_opensource_packages_apps_Bluetooth/378136.patch"; #Q_asb_2023-12 Fix UAF in ~CallbackEnv
applyPatch "$DOS_PATCHES/android_vendor_qcom_opensource_packages_apps_Bluetooth/405585.patch"; #R_asb_2024-10 Disallow unexpected incoming HID connections 2/2
applyPatch "$DOS_PATCHES/android_vendor_qcom_opensource_packages_apps_Bluetooth/405585-backport.patch"; #R_asb_2024-10 Disallow unexpected incoming HID connections 2/2
fi;
if enterAndClear "vendor/qcom/opensource/commonsys/system/bt"; then