18.1: April ASB picks

1 extra patch Signed-off-by: Tavi <tavi@divested.dev>
2025-05-03 06:54:59 -04:00 · 2024-04-09 16:29:35 -04:00 · 2024-04-09 16:29:35 -04:00 · 3f430b038e
commit 3f430b038e
parent 4f8cfc8a41
4 changed files with 1 additions and 464 deletions
--- a/Scripts/LineageOS-18.1/Functions.sh
+++ b/Scripts/LineageOS-18.1/Functions.sh
@ -124,6 +124,7 @@ patchWorkspaceReal() {
 	repopick -fit hh-vsync;
 	repopick -fi 311299; #ble: Workaround malformed HCI_BLE_VENDOR_CAP response
 	repopick -it R_asb_2024-03;
+	repopick -it R_asb_2024-04;

 	sh "$DOS_SCRIPTS/Patch.sh";
 	sh "$DOS_SCRIPTS_COMMON/Enable_Verity.sh";
--- a/Scripts/LineageOS-18.1/Patch.sh
+++ b/Scripts/LineageOS-18.1/Patch.sh
@ -126,8 +126,6 @@ fi;

 if enterAndClear "frameworks/base"; then
 git revert --no-edit 438d9feacfcad73d3ee918541574132928a93644; #Reverts "Allow signature spoofing for microG Companion/Services" in favor of below patch
-applyPatch "$DOS_PATCHES/android_frameworks_base/389013.patch"; #S_asb_2024-04 isUserInLockDown can be true when there are other strong auth requirements
-applyPatch "$DOS_PATCHES/android_frameworks_base/389014-backport.patch"; #S_asb_2024-04 Fix security vulnerability that creates user with no restrictions when accountOptions are too long.
 applyPatch "$DOS_PATCHES/android_frameworks_base/0007-Always_Restict_Serial.patch"; #Always restrict access to Build.SERIAL (GrapheneOS)
 applyPatch "$DOS_PATCHES/android_frameworks_base/0008-Browser_No_Location.patch"; #Don't grant location permission to system browsers (GrapheneOS)
 applyPatch "$DOS_PATCHES/android_frameworks_base/0009-SystemUI_No_Permission_Review.patch"; #Allow SystemUI to directly manage Bluetooth/WiFi (GrapheneOS)