More devices

- 14.1: dragon, manta, us996, us997, victara
- 15.1: dragon, us996, us997, victara
- Deblobber: Remove more blobs
This commit is contained in:
Tad 2018-06-30 14:03:11 -04:00
parent d2ba1ddb20
commit 30d59ea53d
13 changed files with 480 additions and 13 deletions

1
.gitignore vendored
View File

@ -7,3 +7,4 @@ Build/
Repos/ Repos/
.Trash-1000 .Trash-1000
Misc/Features/LNL.txt Misc/Features/LNL.txt
pending_commit.txt

View File

@ -123,6 +123,10 @@
<project path="device/google/sailfish" name="LineageOS/android_device_google_sailfish" remote="github" /> <project path="device/google/sailfish" name="LineageOS/android_device_google_sailfish" remote="github" />
<project path="kernel/google/marlin" name="LineageOS/android_kernel_google_marlin" remote="github" /> <project path="kernel/google/marlin" name="LineageOS/android_kernel_google_marlin" remote="github" />
<!-- Google Pixel C (dragon) -->
<project path="device/google/dragon" name="LineageOS/android_device_google_dragon" remote="github" />
<project path="kernel/google/dragon" name="LineageOS/android_kernel_google_dragon" remote="github" />
<!-- HTC One (m8) --> <!-- HTC One (m8) -->
<project path="device/htc/m8" name="LineageOS/android_device_htc_m8" remote="github" /> <project path="device/htc/m8" name="LineageOS/android_device_htc_m8" remote="github" />
<project path="device/htc/m8-common" name="LineageOS/android_device_htc_m8-common" remote="github" /> <project path="device/htc/m8-common" name="LineageOS/android_device_htc_m8-common" remote="github" />
@ -157,11 +161,25 @@
<project path="device/lge/msm8996-common" name="LineageOS/android_device_lge_msm8996-common" remote="github" /> <project path="device/lge/msm8996-common" name="LineageOS/android_device_lge_msm8996-common" remote="github" />
<project path="kernel/lge/msm8996" name="LineageOS/android_kernel_lge_msm8996" remote="github" /> <project path="kernel/lge/msm8996" name="LineageOS/android_kernel_lge_msm8996" remote="github" />
<!-- LG V20 (us996) -->
<project path="device/lge/v20-common" name="LineageOS/android_device_lge_v20-common" remote="github" />
<project path="device/lge/us996" name="LineageOS/android_device_lge_us996" remote="github" />
<!-- uses lge msm8996 commons -->
<!-- LG G6 (us997) -->
<project path="device/lge/g6-common" name="LineageOS/android_device_lge_g6-common" remote="github" />
<project path="device/lge/us997" name="LineageOS/android_device_lge_us997" remote="github" />
<!-- uses lge msm8996 commons -->
<!-- Moto G 3rd Gen (osprey) --> <!-- Moto G 3rd Gen (osprey) -->
<project path="device/motorola/msm8916-common" name="LineageOS/android_device_motorola_msm8916-common" remote="github" /> <project path="device/motorola/msm8916-common" name="LineageOS/android_device_motorola_msm8916-common" remote="github" />
<project path="device/motorola/osprey" name="LineageOS/android_device_motorola_osprey" remote="github" /> <project path="device/motorola/osprey" name="LineageOS/android_device_motorola_osprey" remote="github" />
<project path="kernel/motorola/msm8916" name="LineageOS/android_kernel_motorola_msm8916" remote="github" /> <project path="kernel/motorola/msm8916" name="LineageOS/android_kernel_motorola_msm8916" remote="github" />
<!-- Moto X 2014 (victara) -->
<project path="device/motorola/victara" name="LineageOS/android_device_motorola_victara" remote="github" />
<project path="kernel/motorola/msm8974" name="LineageOS/android_kernel_motorola_msm8974" remote="github" />
<!-- Moto X Pure Edition (clark) --> <!-- Moto X Pure Edition (clark) -->
<project path="device/motorola/clark" name="LineageOS/android_device_motorola_clark" remote="github" /> <project path="device/motorola/clark" name="LineageOS/android_device_motorola_clark" remote="github" />
<project path="kernel/motorola/msm8992" name="LineageOS/android_kernel_motorola_msm8992" remote="github" /> <project path="kernel/motorola/msm8992" name="LineageOS/android_kernel_motorola_msm8992" remote="github" />
@ -178,6 +196,11 @@
<project path="device/asus/grouper" name="LineageOS/android_device_asus_grouper" remote="github" revision="staging/cm-14.1" /> <project path="device/asus/grouper" name="LineageOS/android_device_asus_grouper" remote="github" revision="staging/cm-14.1" />
<project path="kernel/asus/grouper" name="LineageOS/android_kernel_asus_grouper" remote="github" revision="staging/cm-14.1" /> <project path="kernel/asus/grouper" name="LineageOS/android_kernel_asus_grouper" remote="github" revision="staging/cm-14.1" />
<!-- Nexus 10 (manta) -->
<project path="device/samsung/manta" name="LineageOS/android_device_samsung_manta" remote="github" />
<project path="kernel/samsung/manta" name="LineageOS/android_kernel_samsung_manta" remote="github" />
<project path="hardware/samsung_slsi/exynos5" name="LineageOS/android_hardware_samsung_slsi_exynos5" remote="github" />
<!-- Nexus 7 [2013] (flo) --> <!-- Nexus 7 [2013] (flo) -->
<project path="device/asus/flo" name="LineageOS/android_device_asus_flo" remote="github" /> <project path="device/asus/flo" name="LineageOS/android_device_asus_flo" remote="github" />

View File

@ -105,6 +105,10 @@
<project path="device/google/sailfish" name="LineageOS/android_device_google_sailfish" remote="github" /> <project path="device/google/sailfish" name="LineageOS/android_device_google_sailfish" remote="github" />
<project path="kernel/google/marlin" name="LineageOS/android_kernel_google_marlin" remote="github" /> <project path="kernel/google/marlin" name="LineageOS/android_kernel_google_marlin" remote="github" />
<!-- Google Pixel C (dragon) -->
<project path="device/google/dragon" name="LineageOS/android_device_google_dragon" remote="github" />
<project path="kernel/google/dragon" name="LineageOS/android_kernel_google_dragon" remote="github" />
<!-- HTC One (m8) --> <!-- HTC One (m8) -->
<project path="device/htc/m8" name="LineageOS/android_device_htc_m8" remote="github" /> <project path="device/htc/m8" name="LineageOS/android_device_htc_m8" remote="github" />
<project path="device/htc/m8-common" name="LineageOS/android_device_htc_m8-common" remote="github" /> <project path="device/htc/m8-common" name="LineageOS/android_device_htc_m8-common" remote="github" />
@ -134,6 +138,20 @@
<project path="device/lge/msm8996-common" name="LineageOS/android_device_lge_msm8996-common" remote="github" /> <project path="device/lge/msm8996-common" name="LineageOS/android_device_lge_msm8996-common" remote="github" />
<project path="kernel/lge/msm8996" name="LineageOS/android_kernel_lge_msm8996" remote="github" /> <project path="kernel/lge/msm8996" name="LineageOS/android_kernel_lge_msm8996" remote="github" />
<!-- LG V20 (us996) -->
<project path="device/lge/v20-common" name="LineageOS/android_device_lge_v20-common" remote="github" />
<project path="device/lge/us996" name="LineageOS/android_device_lge_us996" remote="github" />
<!-- uses lge msm8996 commons -->
<!-- LG G6 (us997) -->
<project path="device/lge/g6-common" name="LineageOS/android_device_lge_g6-common" remote="github" />
<project path="device/lge/us997" name="LineageOS/android_device_lge_us997" remote="github" />
<!-- uses lge msm8996 commons -->
<!-- Moto X 2014 (victara) -->
<project path="device/motorola/victara" name="LineageOS/android_device_motorola_victara" remote="github" />
<project path="kernel/motorola/msm8974" name="LineageOS/android_kernel_motorola_msm8974" remote="github" />
<!-- Moto Z (griffin) --> <!-- Moto Z (griffin) -->
<project path="device/motorola/griffin" name="LineageOS/android_device_motorola_griffin" remote="github" /> <project path="device/motorola/griffin" name="LineageOS/android_device_motorola_griffin" remote="github" />
<project path="kernel/motorola/msm8996" name="LineageOS/android_kernel_motorola_msm8996" remote="github" /> <project path="kernel/motorola/msm8996" name="LineageOS/android_kernel_motorola_msm8996" remote="github" />

View File

@ -23,6 +23,8 @@
#Device Status (Tested under LineageOS 14.1 and 15.1) #Device Status (Tested under LineageOS 14.1 and 15.1)
# #
#Functioning as Expected: bacon, clark, d852, mako, marlin, thor #Functioning as Expected: bacon, clark, d852, mako, marlin, thor
#Partially working:
#Not booting:
echo "Deblobbing..." echo "Deblobbing..."
@ -54,7 +56,7 @@ echo "Deblobbing..."
sepolicy=$sepolicy" atfwd.te"; sepolicy=$sepolicy" atfwd.te";
#AudioFX (Audio Effects) [Qualcomm] #AudioFX (Audio Effects) [Qualcomm]
if [ "$DOS_DEBLOBBER_REMOVE_AUDIOFX" = true ]; then blobs=$blobs"|libasphere.so|libqcbassboost.so|libqcreverb.so|libqcvirt.so|libshoebox.so"; fi; if [ "$DOS_DEBLOBBER_REMOVE_AUDIOFX" = true ]; then blobs=$blobs"|libasphere.so|libqcbassboost.so|libqcreverb.so|libqcvirt.so|libshoebox.so|libfmas.so|fmas_eq.dat"; fi;
#Camera #Camera
#Attempted, don't waste your time... #Attempted, don't waste your time...
@ -111,7 +113,7 @@ echo "Deblobbing..."
#blobs=$blobs"|flp.conf|flp.default.so|flp.msm8084.so|flp.msm8960.so|gpsd|gps.msm8084.so|gps.msm8960.so|libflp.so|libgps.utils.so|libloc_api_v02.so|libloc_core.so|libloc_ds_api.so|libloc_eng.so|libloc_ext.so"; #blobs=$blobs"|flp.conf|flp.default.so|flp.msm8084.so|flp.msm8960.so|gpsd|gps.msm8084.so|gps.msm8960.so|libflp.so|libgps.utils.so|libloc_api_v02.so|libloc_core.so|libloc_ds_api.so|libloc_eng.so|libloc_ext.so";
#HDCP (DRM) #HDCP (DRM)
blobs=$blobs"|libmm-hdcpmgr.so"; blobs=$blobs"|libmm-hdcpmgr.so|libstagefright_hdcp.so";
blobs=$blobs"|hdcp1.*|tzhdcp.*"; blobs=$blobs"|hdcp1.*|tzhdcp.*";
#HDR #HDR
@ -222,7 +224,7 @@ echo "Deblobbing..."
blobs=$blobs"|libmmparser_lite.so|libmmrtpdecoder.so|libmmrtpencoder.so|libmmwfdinterface.so|libmmwfdsinkinterface.so|libmmwfdsrcinterface.so|libwfdavenhancements.so|libwfdcommonutils.so|libwfdhdcpcp.so|libwfdmmsink.so|libwfdmmsrc.so|libwfdmmutils.so|libwfdnative.so|libwfdrtsp.so|libwfdservice.so|libwfdsm.so|libwfduibcinterface.so|libwfduibcsinkinterface.so|libwfduibcsink.so|libwfduibcsrcinterface.so|libwfduibcsrc.so|WfdCommon.jar|wfdconfigsink.xml|wfdconfig.xml|wfdservice|WfdService.apk"; blobs=$blobs"|libmmparser_lite.so|libmmrtpdecoder.so|libmmrtpencoder.so|libmmwfdinterface.so|libmmwfdsinkinterface.so|libmmwfdsrcinterface.so|libwfdavenhancements.so|libwfdcommonutils.so|libwfdhdcpcp.so|libwfdmmsink.so|libwfdmmsrc.so|libwfdmmutils.so|libwfdnative.so|libwfdrtsp.so|libwfdservice.so|libwfdsm.so|libwfduibcinterface.so|libwfduibcsinkinterface.so|libwfduibcsink.so|libwfduibcsrcinterface.so|libwfduibcsrc.so|WfdCommon.jar|wfdconfigsink.xml|wfdconfig.xml|wfdservice|WfdService.apk";
#Widevine (DRM) [Google] #Widevine (DRM) [Google]
blobs=$blobs"|com.google.widevine.software.drm.jar|com.google.widevine.software.drm.xml|libdrmclearkeyplugin.so|libdrmwvmplugin.so|libmarlincdmplugin.so|libwvdrmengine.so|libwvdrm_L1.so|libwvdrm_L3.so|libwvhidl.so|libwvm.so|libWVphoneAPI.so|libWVStreamControlAPI_L1.so|libWVStreamControlAPI_L3.so"; blobs=$blobs"|com.google.widevine.software.drm.jar|com.google.widevine.software.drm.xml|libdrmclearkeyplugin.so|libdrmwvmplugin.so|libmarlincdmplugin.so|libwvdrmengine.so|libwvdrm_L1.so|libwvdrm_L3.so|libwvhidl.so|libwvm.so|libWVphoneAPI.so|libWVStreamControlAPI_L1.so|libWVStreamControlAPI_L3.so|libdrmmtkutil.so";
blobs=$blobs"|tzwidevine.*|tzwvcpybuf.*|widevine.*"; blobs=$blobs"|tzwidevine.*|tzwvcpybuf.*|widevine.*";
makes=$makes"|libshim_wvm"; makes=$makes"|libshim_wvm";

View File

@ -0,0 +1,148 @@
#!/bin/bash
cd "$DOS_BUILD_BASE""kernel/google/dragon"
git apply $DOS_PATCHES_LINUX_CVES/0007-Copperhead-Kernel_Hardening/3.18/0021.patch
git apply $DOS_PATCHES_LINUX_CVES/0007-Copperhead-Kernel_Hardening/3.18/0022.patch
git apply $DOS_PATCHES_LINUX_CVES/0007-Copperhead-Kernel_Hardening/3.18/0023.patch
git apply $DOS_PATCHES_LINUX_CVES/0007-Copperhead-Kernel_Hardening/3.18/0025.patch
git apply $DOS_PATCHES_LINUX_CVES/0007-Copperhead-Kernel_Hardening/3.18/0026.patch
git apply $DOS_PATCHES_LINUX_CVES/0007-Copperhead-Kernel_Hardening/3.18/0027.patch
git apply $DOS_PATCHES_LINUX_CVES/0007-Copperhead-Kernel_Hardening/3.18/0028.patch
git apply $DOS_PATCHES_LINUX_CVES/0007-Copperhead-Kernel_Hardening/3.18/0031.patch
git apply $DOS_PATCHES_LINUX_CVES/0007-Copperhead-Kernel_Hardening/3.18/0032.patch
git apply $DOS_PATCHES_LINUX_CVES/0007-Copperhead-Kernel_Hardening/3.18/0033.patch
git apply $DOS_PATCHES_LINUX_CVES/0007-Copperhead-Kernel_Hardening/3.18/0035.patch
git apply $DOS_PATCHES_LINUX_CVES/0007-Copperhead-Kernel_Hardening/3.18/0036.patch
git apply $DOS_PATCHES_LINUX_CVES/0007-Copperhead-Kernel_Hardening/3.18/0037.patch
git apply $DOS_PATCHES_LINUX_CVES/0007-Copperhead-Kernel_Hardening/3.18/0041.patch
git apply $DOS_PATCHES_LINUX_CVES/0007-Copperhead-Kernel_Hardening/3.18/0045.patch
git apply $DOS_PATCHES_LINUX_CVES/0007-Copperhead-Kernel_Hardening/3.18/0050.patch
git apply $DOS_PATCHES_LINUX_CVES/0010-Accelerated_AES/3.10+/0013.patch
git apply $DOS_PATCHES_LINUX_CVES/0013-syskaller-Misc/ANY/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/0013-syskaller-Misc/ANY/0009.patch
git apply $DOS_PATCHES_LINUX_CVES/0013-syskaller-Misc/ANY/0010.patch
git apply $DOS_PATCHES_LINUX_CVES/0013-syskaller-Misc/ANY/0011.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-9892/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-9900/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-1420/3.2-^3.19/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-2041/^3.19/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-3339/^3.19/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7515/^4.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7550/^4.3/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8785/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8944/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8962/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8966/3.15+/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-9016/3.18/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-0758/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-10088/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-10200/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2185/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2186/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2187/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2188/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2188/ANY/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2384/^4.5/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2475/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2545/^4.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2549/^4.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3136/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3137/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3138/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3140/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3156/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3689/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3857/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-4578/ANY/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-7117/^4.5/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8453/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8650/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-9191/3.11-^4.8/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-9604/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-GadgetFS/ANY/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-GadgetFS/ANY/0006.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-GadgetFS/ANY/0007.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-GadgetFS/ANY/0008.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-GadgetFS/ANY/0009.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-GadgetFS/ANY/0010.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0449/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0510/3.18/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0523/3.18/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0749/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0786/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0791/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0794/3.18/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0824/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0825/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0866/3.18/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000111/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000365/3.18/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000380/^4.11/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000410/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11089/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11090/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11473/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-12146/3.16+/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13215/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13218/3.18/0011.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13246/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13292/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-15115/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-15858/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16526/^4.13/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16529/^4.13/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16530/^4.13/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16531/^4.13/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16532/^4.13/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16533/^4.13/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16535/^4.13/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16537/^4.13/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16538/^4.13/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16538/^4.13/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16643/3.5+/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16645/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16646/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16647/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16650/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0005.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0006.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0009.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17558/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17806/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-2671/^4.10/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-5669/^4.9/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-5972/ANY/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-5986/^4.9/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-6001/^4.9/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-6274/3.18/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-6345/^4.9/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-6346/3.18/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-6348/^4.9/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-6353/^4.10/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7184/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7184/ANY/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7472/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7487/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7495/3.18/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7495/3.18/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7616/^4.10/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7618/^4.10/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8240/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9242/^4.11/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9698/3.18/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-1092/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-3575/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-8897/3.18/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/LVT-2017-0004/3.18/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/Untracked/ANY/0002-ozwpan-Use-unsigned-ints-to-prevent-heap-overflow.patch
git apply $DOS_PATCHES_LINUX_CVES/Untracked/ANY/0003-tunnels-Don-t-apply-GRO-to-multiple-layers-of-encaps.patch
git apply $DOS_PATCHES_LINUX_CVES/Untracked/ANY/0004-net-add-recursion-limit-to-GRO.patch
git apply $DOS_PATCHES_LINUX_CVES/Untracked/ANY/0005-tcp-fix-zero-cwnd-in-tcp_cwnd_reduction.patch
git apply $DOS_PATCHES_LINUX_CVES/Untracked/ANY/0007-USB-usbip-fix-potential-out-of-bounds-write.patch
git apply $DOS_PATCHES_LINUX_CVES/Untracked/ANY/0008-nfsd-check-for-oversized-NFSv2-v3-arguments.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2475/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
editKernelLocalversion "-dos.p144"
cd "$DOS_BUILD_BASE"

View File

@ -0,0 +1,53 @@
#!/bin/bash
cd "$DOS_BUILD_BASE""kernel/motorola/msm8974"
git apply $DOS_PATCHES_LINUX_CVES/0007-Copperhead-Kernel_Hardening/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/0010-Accelerated_AES/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/0012-Copperhead-Deny_USB/3.4/3.4-Backport.patch
git apply $DOS_PATCHES_LINUX_CVES/0013-syskaller-Misc/ANY/0008.patch
git apply $DOS_PATCHES_LINUX_CVES/0013-syskaller-Misc/ANY/0009.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-3153/ANY/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-3153/ANY/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-1593/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2443/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3865/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6672/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-7117/^4.5/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8406/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0524/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0611/3.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0648/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0710/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0751/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0786/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000111/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11000/ANY/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11090/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11473/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-12153/3.2-^3.16/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13215/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13246/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-15265/^4.14/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16526/^4.13/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16532/^4.13/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16533/^4.13/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16535/^4.13/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16537/^4.13/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16650/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0005.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0006.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17806/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-6348/^4.9/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7487/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7533/3.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8246/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8247/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8254/3.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8254/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8266/3.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9684/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/Untracked/ANY/0008-nfsd-check-for-oversized-NFSv2-v3-arguments.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
editKernelLocalversion "-dos.p49"
cd "$DOS_BUILD_BASE"

View File

@ -0,0 +1,27 @@
#!/bin/bash
cd "$DOS_BUILD_BASE""kernel/samsung/manta"
git apply $DOS_PATCHES_LINUX_CVES/0010-Accelerated_AES/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/0012-Copperhead-Deny_USB/3.4/3.4-Backport.patch
git apply $DOS_PATCHES_LINUX_CVES/0013-syskaller-Misc/ANY/0009.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-0723/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-0801/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3134/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8650/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0403/3.0-^3.18/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0404/^3.18/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0648/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11473/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16526/^4.13/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16532/^4.13/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16537/^4.13/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16650/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0005.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0006.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17806/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-6345/^4.9/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/Untracked/ANY/0008-nfsd-check-for-oversized-NFSv2-v3-arguments.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
editKernelLocalversion "-dos.p23"
cd "$DOS_BUILD_BASE"

View File

@ -18,7 +18,7 @@
#Last verified: 2018-04-27 #Last verified: 2018-04-27
patchAllKernels() { patchAllKernels() {
startPatcher "kernel_amazon_hdx-common kernel_asus_grouper kernel_asus_msm8916 kernel_fairphone_msm8974 kernel_google_marlin kernel_google_msm kernel_huawei_angler kernel_htc_msm8974 kernel_htc_msm8994 kernel_lge_bullhead kernel_lge_g3 kernel_lge_hammerhead kernel_lge_mako kernel_lge_msm8974 kernel_lge_msm8992 kernel_lge_msm8996 kernel_motorola_msm8916 kernel_motorola_msm8992 kernel_motorola_msm8996 kernel_oneplus_msm8974 kernel_nextbit_msm8992 kernel_samsung_jf kernel_samsung_msm8974 kernel_samsung_smdk4412 kernel_samsung_universal8890"; startPatcher "kernel_amazon_hdx-common kernel_asus_grouper kernel_asus_msm8916 kernel_fairphone_msm8974 kernel_google_dragon kernel_google_marlin kernel_google_msm kernel_huawei_angler kernel_htc_msm8974 kernel_htc_msm8994 kernel_lge_bullhead kernel_lge_g3 kernel_lge_hammerhead kernel_lge_mako kernel_lge_msm8974 kernel_lge_msm8992 kernel_lge_msm8996 kernel_motorola_msm8916 kernel_motorola_msm8974 kernel_motorola_msm8992 kernel_motorola_msm8996 kernel_oneplus_msm8974 kernel_nextbit_msm8992 kernel_samsung_jf kernel_samsung_manta kernel_samsung_msm8974 kernel_samsung_smdk4412 kernel_samsung_universal8890";
} }
export -f patchAllKernels; export -f patchAllKernels;
@ -48,19 +48,19 @@ export -f buildDeviceDebug;
buildAll() { buildAll() {
if [ "$DOS_MALWARE_SCAN_ENABLED" = true ]; then scanWorkspaceForMalware; fi; if [ "$DOS_MALWARE_SCAN_ENABLED" = true ]; then scanWorkspaceForMalware; fi;
#Select devices are userdebug due to SELinux policy issues
#Select devices are userdebug due to SELinux policy issues #TODO: Add athene, pme, t0lte, hlte, sumire, dogo, espresso
#TODO: Add victara, athene, us997, us996, pme, t0lte, hlte
brunch lineage_thor-userdebug; #deprecated brunch lineage_thor-userdebug; #deprecated
brunch lineage_clark-user; brunch lineage_clark-user;
brunch lineage_FP2-user; brunch lineage_FP2-user;
#brunch lineage_grouper-user; #builds, but requires out-of-tree blobs brunch lineage_grouper-user; #deprecated
brunch lineage_h815-user; #deprecated brunch lineage_h815-user; #deprecated
brunch lineage_herolte-user; #deprecated brunch lineage_herolte-user; #deprecated
brunch lineage_himaul-user; #deprecated brunch lineage_himaul-user; #deprecated
brunch lineage_i9100-userdebug; brunch lineage_i9100-userdebug;
brunch lineage_i9305-user; #deprecated? brunch lineage_i9305-user; #deprecated?
brunch lineage_jfltexx-user; brunch lineage_jfltexx-user;
brunch lineage_manta-user; #deprecated
brunch lineage_n5110-user; brunch lineage_n5110-user;
brunch lineage_osprey-user; brunch lineage_osprey-user;
brunch lineage_Z00T-user; brunch lineage_Z00T-user;
@ -72,11 +72,12 @@ buildAll() {
brunch lineage_d802-user; brunch lineage_d802-user;
#brunch lineage_d852-user; #brunch lineage_d852-user;
brunch lineage_d855-user; brunch lineage_d855-user;
#brunch lineage_dragon-user;
#brunch lineage_ether-user; #brunch lineage_ether-user;
#brunch lineage_flo-user; #brunch lineage_flo-user;
#brunch lineage_flounder-user; #brunch lineage_flounder-user;
#brunch lineage_griffin-user; #brunch lineage_griffin-user;
#brunch lineage_h850-userdebug; #brunch lineage_h850-user;
#brunch lineage_hammerhead-user; #brunch lineage_hammerhead-user;
#brunch lineage_klte-user; #brunch lineage_klte-user;
#brunch lineage_m8-user; #brunch lineage_m8-user;
@ -84,6 +85,9 @@ buildAll() {
#brunch lineage_marlin-user; #brunch lineage_marlin-user;
#brunch lineage_sailfish-user; #brunch lineage_sailfish-user;
#brunch lineage_shamu-user; #brunch lineage_shamu-user;
#brunch lineage_us996-user;
#brunch lineage_us997-user;
brunch lineage_victara-user;
} }
export -f buildAll; export -f buildAll;

View File

@ -246,6 +246,9 @@ sed -i '3itypeattribute hwaddrs misc_block_device_exception;' sepolicy/hwaddrs.t
sed -i '1itypeattribute wcnss_service misc_block_device_exception;' sepolicy/wcnss_service.te; sed -i '1itypeattribute wcnss_service misc_block_device_exception;' sepolicy/wcnss_service.te;
echo "allow wcnss_service block_device:dir search;" >> sepolicy/wcnss_service.te; #fix incorrect Wi-Fi MAC address echo "allow wcnss_service block_device:dir search;" >> sepolicy/wcnss_service.te; #fix incorrect Wi-Fi MAC address
enterAndClear "device/lge/msm8996-common";
sed -i '3itypeattribute hwaddrs misc_block_device_exception;' sepolicy/hwaddrs.te;
enterAndClear "device/lge/mako"; enterAndClear "device/lge/mako";
echo "allow kickstart usbfs:dir search;" >> sepolicy/kickstart.te; #Fix forceencrypt on first boot echo "allow kickstart usbfs:dir search;" >> sepolicy/kickstart.te; #Fix forceencrypt on first boot
@ -269,6 +272,7 @@ cd "$DOS_BUILD_BASE";
#Fix broken options enabled by hardenDefconfig() #Fix broken options enabled by hardenDefconfig()
sed -i "s/CONFIG_DEBUG_RODATA=y/# CONFIG_DEBUG_RODATA is not set/" kernel/google/msm/arch/arm/configs/lineageos_*_defconfig; #Breaks on compile sed -i "s/CONFIG_DEBUG_RODATA=y/# CONFIG_DEBUG_RODATA is not set/" kernel/google/msm/arch/arm/configs/lineageos_*_defconfig; #Breaks on compile
sed -i "s/CONFIG_STRICT_MEMORY_RWX=y/# CONFIG_STRICT_MEMORY_RWX is not set/" kernel/lge/msm8996/arch/arm64/configs/lineageos_*_defconfig; #Breaks on compile sed -i "s/CONFIG_STRICT_MEMORY_RWX=y/# CONFIG_STRICT_MEMORY_RWX is not set/" kernel/lge/msm8996/arch/arm64/configs/lineageos_*_defconfig; #Breaks on compile
sed -i "s/CONFIG_DEBUG_RODATA=y/# CONFIG_DEBUG_RODATA is not set/" kernel/motorola/msm8974/arch/arm/configs/lineageos_*_defconfig; #Breaks on compile
# #
#END OF DEVICE CHANGES #END OF DEVICE CHANGES
# #

View File

@ -0,0 +1,127 @@
#!/bin/bash
cd "$DOS_BUILD_BASE""kernel/google/dragon"
git apply $DOS_PATCHES_LINUX_CVES/0007-Copperhead-Kernel_Hardening/3.18/0021.patch
git apply $DOS_PATCHES_LINUX_CVES/0007-Copperhead-Kernel_Hardening/3.18/0022.patch
git apply $DOS_PATCHES_LINUX_CVES/0007-Copperhead-Kernel_Hardening/3.18/0023.patch
git apply $DOS_PATCHES_LINUX_CVES/0007-Copperhead-Kernel_Hardening/3.18/0025.patch
git apply $DOS_PATCHES_LINUX_CVES/0007-Copperhead-Kernel_Hardening/3.18/0026.patch
git apply $DOS_PATCHES_LINUX_CVES/0007-Copperhead-Kernel_Hardening/3.18/0027.patch
git apply $DOS_PATCHES_LINUX_CVES/0007-Copperhead-Kernel_Hardening/3.18/0028.patch
git apply $DOS_PATCHES_LINUX_CVES/0007-Copperhead-Kernel_Hardening/3.18/0031.patch
git apply $DOS_PATCHES_LINUX_CVES/0007-Copperhead-Kernel_Hardening/3.18/0032.patch
git apply $DOS_PATCHES_LINUX_CVES/0007-Copperhead-Kernel_Hardening/3.18/0033.patch
git apply $DOS_PATCHES_LINUX_CVES/0007-Copperhead-Kernel_Hardening/3.18/0035.patch
git apply $DOS_PATCHES_LINUX_CVES/0007-Copperhead-Kernel_Hardening/3.18/0036.patch
git apply $DOS_PATCHES_LINUX_CVES/0007-Copperhead-Kernel_Hardening/3.18/0037.patch
git apply $DOS_PATCHES_LINUX_CVES/0007-Copperhead-Kernel_Hardening/3.18/0041.patch
git apply $DOS_PATCHES_LINUX_CVES/0007-Copperhead-Kernel_Hardening/3.18/0045.patch
git apply $DOS_PATCHES_LINUX_CVES/0007-Copperhead-Kernel_Hardening/3.18/0050.patch
git apply $DOS_PATCHES_LINUX_CVES/0010-Accelerated_AES/3.10+/0013.patch
git apply $DOS_PATCHES_LINUX_CVES/0013-syskaller-Misc/ANY/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/0013-syskaller-Misc/ANY/0009.patch
git apply $DOS_PATCHES_LINUX_CVES/0013-syskaller-Misc/ANY/0010.patch
git apply $DOS_PATCHES_LINUX_CVES/0013-syskaller-Misc/ANY/0011.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-9892/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-9900/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-1420/3.2-^3.19/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-2041/^3.19/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-3339/^3.19/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7515/^4.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7550/^4.3/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8785/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8944/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8962/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8966/3.15+/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-9016/3.18/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-0758/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-10088/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-10200/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2185/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2186/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2187/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2188/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2188/ANY/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2384/^4.5/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2475/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2545/^4.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2549/^4.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3136/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3137/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3138/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3140/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3156/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3689/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3857/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-7117/^4.5/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8453/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8650/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-9191/3.11-^4.8/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-9604/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-GadgetFS/ANY/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-GadgetFS/ANY/0006.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-GadgetFS/ANY/0007.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-GadgetFS/ANY/0008.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-GadgetFS/ANY/0009.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-GadgetFS/ANY/0010.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0449/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0510/3.18/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0523/3.18/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0794/3.18/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0825/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000111/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000365/3.18/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000410/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11473/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13218/3.18/0009.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-15115/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-15858/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16526/^4.13/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16530/^4.13/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16532/^4.13/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16533/^4.13/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16535/^4.13/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16537/^4.13/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16538/^4.13/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16538/^4.13/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16645/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16646/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16647/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16650/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0005.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0006.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0009.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-2671/^4.10/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-5669/^4.9/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-5972/ANY/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-5986/^4.9/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-6345/^4.9/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-6348/^4.9/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-6353/^4.10/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7184/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7184/ANY/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7472/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7487/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7495/3.18/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7495/3.18/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7616/^4.10/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7618/^4.10/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8240/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9242/^4.11/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9698/3.18/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-1092/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-3575/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-8897/3.18/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/LVT-2017-0004/3.18/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/Untracked/ANY/0002-ozwpan-Use-unsigned-ints-to-prevent-heap-overflow.patch
git apply $DOS_PATCHES_LINUX_CVES/Untracked/ANY/0003-tunnels-Don-t-apply-GRO-to-multiple-layers-of-encaps.patch
git apply $DOS_PATCHES_LINUX_CVES/Untracked/ANY/0004-net-add-recursion-limit-to-GRO.patch
git apply $DOS_PATCHES_LINUX_CVES/Untracked/ANY/0005-tcp-fix-zero-cwnd-in-tcp_cwnd_reduction.patch
git apply $DOS_PATCHES_LINUX_CVES/Untracked/ANY/0007-USB-usbip-fix-potential-out-of-bounds-write.patch
git apply $DOS_PATCHES_LINUX_CVES/Untracked/ANY/0008-nfsd-check-for-oversized-NFSv2-v3-arguments.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2475/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
editKernelLocalversion "-dos.p123"
cd "$DOS_BUILD_BASE"

View File

@ -0,0 +1,53 @@
#!/bin/bash
cd "$DOS_BUILD_BASE""kernel/motorola/msm8974"
git apply $DOS_PATCHES_LINUX_CVES/0007-Copperhead-Kernel_Hardening/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/0010-Accelerated_AES/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/0012-Copperhead-Deny_USB/3.4/3.4-Backport.patch
git apply $DOS_PATCHES_LINUX_CVES/0013-syskaller-Misc/ANY/0008.patch
git apply $DOS_PATCHES_LINUX_CVES/0013-syskaller-Misc/ANY/0009.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-3153/ANY/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-3153/ANY/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-1593/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2443/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3865/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6672/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-7117/^4.5/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8406/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0524/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0611/3.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0648/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0710/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0751/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0786/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000111/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11000/ANY/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11090/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11473/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-12153/3.2-^3.16/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13215/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13246/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-15265/^4.14/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16526/^4.13/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16532/^4.13/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16533/^4.13/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16535/^4.13/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16537/^4.13/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16650/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0005.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0006.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17806/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-6348/^4.9/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7487/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7533/3.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8246/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8247/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8254/3.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8254/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8266/3.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9684/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/Untracked/ANY/0008-nfsd-check-for-oversized-NFSv2-v3-arguments.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
editKernelLocalversion "-dos.p49"
cd "$DOS_BUILD_BASE"

View File

@ -18,7 +18,7 @@
#Last verified: 2018-04-27 #Last verified: 2018-04-27
patchAllKernels() { patchAllKernels() {
startPatcher "kernel_essential_msm8998 kernel_google_marlin kernel_google_msm kernel_htc_flounder kernel_htc_msm8974 kernel_huawei_angler kernel_lge_bullhead kernel_lge_g3 kernel_lge_hammerhead kernel_lge_mako kernel_lge_msm8974 kernel_lge_msm8996 kernel_moto_shamu kernel_motorola_msm8996 kernel_nextbit_msm8992 kernel_oppo_msm8974 kernel_samsung_msm8974"; startPatcher "kernel_essential_msm8998 kernel_google_dragon kernel_google_marlin kernel_google_msm kernel_htc_flounder kernel_htc_msm8974 kernel_huawei_angler kernel_lge_bullhead kernel_lge_g3 kernel_lge_hammerhead kernel_lge_mako kernel_lge_msm8974 kernel_lge_msm8996 kernel_moto_shamu kernel_motorola_msm8974 kernel_motorola_msm8996 kernel_nextbit_msm8992 kernel_oppo_msm8974 kernel_samsung_msm8974";
} }
export -f patchAllKernels; export -f patchAllKernels;
@ -48,8 +48,7 @@ export -f buildDeviceDebug;
buildAll() { buildAll() {
if [ "$DOS_MALWARE_SCAN_ENABLED" = true ]; then scanWorkspaceForMalware; fi; if [ "$DOS_MALWARE_SCAN_ENABLED" = true ]; then scanWorkspaceForMalware; fi;
#Select devices are userdebug due to SELinux policy issues #TODO: hiae star2lte starlte
#TODO: hiae star2lte starlte
brunch lineage_mako-user; brunch lineage_mako-user;
brunch lineage_d852-user; brunch lineage_d852-user;
brunch lineage_bacon-user; brunch lineage_bacon-user;
@ -57,11 +56,12 @@ buildAll() {
brunch lineage_bullhead-user; brunch lineage_bullhead-user;
brunch lineage_d802-user; #broken upstream - error: 'vendor/lge/g2-common/proprietary/vendor/etc/acdbdata/Bluetooth_cal.acdb' brunch lineage_d802-user; #broken upstream - error: 'vendor/lge/g2-common/proprietary/vendor/etc/acdbdata/Bluetooth_cal.acdb'
brunch lineage_d855-user; #broken upstream - recovery updater brunch lineage_d855-user; #broken upstream - recovery updater
brunch lineage_dragon-user;
brunch lineage_ether-user; brunch lineage_ether-user;
brunch lineage_flo-user; brunch lineage_flo-user;
brunch lineage_flounder-user; brunch lineage_flounder-user;
brunch lineage_griffin-user; brunch lineage_griffin-user;
brunch lineage_h850-userdebug; brunch lineage_h850-user;
brunch lineage_hammerhead-user; brunch lineage_hammerhead-user;
brunch lineage_klte-user; brunch lineage_klte-user;
brunch lineage_m8-user; brunch lineage_m8-user;
@ -69,6 +69,9 @@ buildAll() {
brunch lineage_mata-user; brunch lineage_mata-user;
brunch lineage_sailfish-user; brunch lineage_sailfish-user;
brunch lineage_shamu-user; brunch lineage_shamu-user;
brunch lineage_us996-user;
brunch lineage_us997-user;
#brunch lineage_victara-user; #broken - recovery.img too large
} }
export -f buildAll; export -f buildAll;

View File

@ -229,6 +229,9 @@ sed -i '1itypeattribute wcnss_service misc_block_device_exception;' sepolicy/wcn
echo "allow wcnss_service block_device:dir search;" >> sepolicy/wcnss_service.te; #fix incorrect Wi-Fi MAC address echo "allow wcnss_service block_device:dir search;" >> sepolicy/wcnss_service.te; #fix incorrect Wi-Fi MAC address
echo "/dev/block/platform/msm_sdcc\.1/by-name/pad u:object_r:misc_block_device:s0" >> sepolicy/file_contexts; #fix uncrypt denial echo "/dev/block/platform/msm_sdcc\.1/by-name/pad u:object_r:misc_block_device:s0" >> sepolicy/file_contexts; #fix uncrypt denial
enterAndClear "device/lge/msm8996-common";
sed -i '3itypeattribute hwaddrs misc_block_device_exception;' sepolicy/hwaddrs.te;
enterAndClear "device/lge/mako"; enterAndClear "device/lge/mako";
cp "$DOS_PATCHES/android_device_lge_mako/proprietary-blobs.txt" proprietary-blobs.txt; #Out of sync cp "$DOS_PATCHES/android_device_lge_mako/proprietary-blobs.txt" proprietary-blobs.txt; #Out of sync
echo "allow kickstart usbfs:dir search;" >> sepolicy/kickstart.te; #Fix forceencrypt on first boot echo "allow kickstart usbfs:dir search;" >> sepolicy/kickstart.te; #Fix forceencrypt on first boot
@ -249,6 +252,7 @@ cd "$DOS_BUILD_BASE";
#Fix broken options enabled by hardenDefconfig() #Fix broken options enabled by hardenDefconfig()
sed -i "s/CONFIG_DEBUG_RODATA=y/# CONFIG_DEBUG_RODATA is not set/" kernel/google/msm/arch/arm/configs/lineageos_*_defconfig; #Breaks on compile sed -i "s/CONFIG_DEBUG_RODATA=y/# CONFIG_DEBUG_RODATA is not set/" kernel/google/msm/arch/arm/configs/lineageos_*_defconfig; #Breaks on compile
sed -i "s/CONFIG_STRICT_MEMORY_RWX=y/# CONFIG_STRICT_MEMORY_RWX is not set/" kernel/lge/msm8996/arch/arm64/configs/lineageos_*_defconfig; #Breaks on compile sed -i "s/CONFIG_STRICT_MEMORY_RWX=y/# CONFIG_STRICT_MEMORY_RWX is not set/" kernel/lge/msm8996/arch/arm64/configs/lineageos_*_defconfig; #Breaks on compile
sed -i "s/CONFIG_DEBUG_RODATA=y/# CONFIG_DEBUG_RODATA is not set/" kernel/motorola/msm8974/arch/arm/configs/lineageos_*_defconfig; #Breaks on compile
sed -i "s/CONFIG_STRICT_MEMORY_RWX=y/# CONFIG_STRICT_MEMORY_RWX is not set/" kernel/motorola/msm8996/arch/arm64/configs/*_defconfig; #Breaks on compile sed -i "s/CONFIG_STRICT_MEMORY_RWX=y/# CONFIG_STRICT_MEMORY_RWX is not set/" kernel/motorola/msm8996/arch/arm64/configs/*_defconfig; #Breaks on compile
# #
#END OF DEVICE CHANGES #END OF DEVICE CHANGES