diff --git a/Scripts/Common/Fix_CVE_Patchers.sh b/Scripts/Common/Fix_CVE_Patchers.sh index 6d1ec9a5..0714af12 100644 --- a/Scripts/Common/Fix_CVE_Patchers.sh +++ b/Scripts/Common/Fix_CVE_Patchers.sh @@ -50,6 +50,7 @@ commentPatches android_kernel_google_yellowstone.sh "0001-LinuxIncrementals/3.10 commentPatches android_kernel_huawei_angler.sh "CVE-2014-8559"; commentPatches android_kernel_htc_flounder.sh "CVE-2018-9514"; commentPatches android_kernel_htc_msm8960.sh "CVE-2018-10876"; +commentPatches android_kernel_htc_msm8974.sh "CVE-2016-8393"; commentPatches android_kernel_htc_msm8994.sh "CVE-2016-8394/ANY/0001.patch" "CVE-2017-13166" "CVE-2018-3585" "CVE-2018-9514"; commentPatches android_kernel_lge_bullhead.sh "CVE-2014-8559"; commentPatches android_kernel_lge_msm8992.sh "CVE-2018-5897" "CVE-2018-11266"; @@ -63,7 +64,7 @@ commentPatches android_kernel_nextbit_msm8992.sh "CVE-2018-3585/3.10/0001.patch" commentPatches android_kernel_oneplus_msm8994.sh "CVE-2018-3585/3.10/0001.patch" "CVE-2018-9514"; commentPatches android_kernel_oneplus_msm8996.sh "CVE-2017-13162/3.18/0001.patch" "CVE-2017-15951" "CVE-2017-16939" "CVE-2018-17972" "CVE-2019-2214" "CVE-2019-14070/ANY/0006.patch" "CVE-2019-16746" "CVE-2020-0427" "CVE-2020-14381" "CVE-2020-16166"; commentPatches android_kernel_oneplus_msm8998.sh "0008-Graphene-Kernel_Hardening/4.4/0011.patch" "0008-Graphene-Kernel_Hardening/4.4/0012.patch" "0008-Graphene-Kernel_Hardening/4.4/0014.patch" "0008-Graphene-Kernel_Hardening/4.4/0019.patch" "CVE-2019-11599" "CVE-2019-19319" "CVE-2020-0305" "CVE-2020-8992" "CVE-2020-16166"; -commentPatches android_kernel_oneplus_sm7250.sh "CVE-2018-5873" "CVE-2020-1749"; +commentPatches android_kernel_oneplus_sm7250.sh "CVE-2018-5873" "CVE-2020-1749" "CVE-2021-3444" "CVE-2021-3600"; commentPatches android_kernel_oneplus_sm8150.sh "CVE-2019-16746" "CVE-2019-19319" "CVE-2020-0067" "CVE-2020-8992"; commentPatches android_kernel_razer_msm8998.sh "0008-Graphene-Kernel_Hardening/4.4/0011.patch" "0008-Graphene-Kernel_Hardening/4.4/0012.patch" "0008-Graphene-Kernel_Hardening/4.4/0014.patch" "0008-Graphene-Kernel_Hardening/4.4/0019.patch" "CVE-2019-14070/ANY/0005.patch" "CVE-2020-16166"; commentPatches android_kernel_samsung_jf.sh "CVE-2019-11599"; diff --git a/Scripts/LineageOS-15.1/Functions.sh b/Scripts/LineageOS-15.1/Functions.sh index 1c78e11a..d1f2156b 100644 --- a/Scripts/LineageOS-15.1/Functions.sh +++ b/Scripts/LineageOS-15.1/Functions.sh @@ -55,7 +55,7 @@ buildAll() { if [ "$DOS_MALWARE_SCAN_ENABLED" = true ]; then scanWorkspaceForMalware; fi; if [ "$DOS_OPTIMIZE_IMAGES" = true ]; then optimizeImagesRecursive "$DOS_BUILD_BASE"; fi; #SDS4P - buildDevice flo; #Last version without repartitioning required + 17.1 has random power off issue + buildDevice flo; #Last version without repartitioning required + 18.1 has random power off issue #SD801 buildDevice hammerhead; #Last version with working Bluetooth #SD805 @@ -68,7 +68,7 @@ buildAll() { buildDevice himaul; #broken - needs vendor bits buildDevice oneplus2; #Last version with working IMS + broken - needs vendor patching #SD615 - buildDevice Z00T; #broken - needs vendor patching + buildDevice Z00T; #SD820 buildDevice axon7; buildDevice h870; diff --git a/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_htc_msm8974.sh b/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_htc_msm8974.sh index c0b578ca..58e52a37 100644 --- a/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_htc_msm8974.sh +++ b/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_htc_msm8974.sh @@ -43,7 +43,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5859/3.4/0003.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5867/3.4/0004.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6480/^4.7/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-7117/^4.5.2/0002.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8393/3.4/0004.patch +#git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8393/3.4/0004.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8404/ANY/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8450/3.4/0002.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8481/3.4/0005.patch diff --git a/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_oneplus_sm7250.sh b/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_oneplus_sm7250.sh index 104e36a3..7b7c6704 100644 --- a/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_oneplus_sm7250.sh +++ b/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_oneplus_sm7250.sh @@ -280,7 +280,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3483/4.19/0003.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3506/4.18-^5.12/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3564/4.19/0003.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3573/4.19/0003.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3600/^5.11/0001.patch +#git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3600/^5.11/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3609/^5.13/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-20177/4.19/0002.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-20292/4.19/0002.patch @@ -327,7 +327,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-24586/4.19/0005.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-27830/4.19/0003.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-29660/4.19/0003.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3428/4.19/0011.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3444/^5.11/0001.patch +#git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3444/^5.11/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3587/4.19/0003.patch editKernelLocalversion "-dos.p329" cd "$DOS_BUILD_BASE" diff --git a/Scripts/LineageOS-17.1/Functions.sh b/Scripts/LineageOS-17.1/Functions.sh index f22ff16e..b91252e1 100644 --- a/Scripts/LineageOS-17.1/Functions.sh +++ b/Scripts/LineageOS-17.1/Functions.sh @@ -92,9 +92,8 @@ patchWorkspace() { umask 0022; if [ "$DOS_MALWARE_SCAN_ENABLED" = true ]; then scanForMalware false "$DOS_PREBUILT_APPS $DOS_BUILD_BASE/build $DOS_BUILD_BASE/device $DOS_BUILD_BASE/vendor/lineage"; fi; - source build/envsetup.sh; + #source build/envsetup.sh; #repopick -it ten-firewall; - repopick -it Q_asb_2021-07; source "$DOS_SCRIPTS/Patch.sh"; source "$DOS_SCRIPTS_COMMON/Copy_Keys.sh"; diff --git a/Scripts/LineageOS-17.1/Patch.sh b/Scripts/LineageOS-17.1/Patch.sh index 93d769e1..fbde379c 100644 --- a/Scripts/LineageOS-17.1/Patch.sh +++ b/Scripts/LineageOS-17.1/Patch.sh @@ -126,10 +126,6 @@ patch -p1 < "$DOS_PATCHES/android_frameworks_opt_net_ims/0001-Fix_Calling.patch" fi; fi; -if enterAndClear "frameworks/opt/net/voip"; then -git pull "https://github.com/LineageOS/android_frameworks_opt_net_voip" refs/changes/91/313291/1; #Q_asb_2021-07 -fi; - if enterAndClear "hardware/qcom/display"; then git apply "$DOS_PATCHES_COMMON/android_hardware_qcom_display/CVE-2019-2306-msm8084.patch" --directory msm8084; git apply "$DOS_PATCHES_COMMON/android_hardware_qcom_display/CVE-2019-2306-msm8916.patch" --directory msm8226; @@ -219,10 +215,6 @@ patch -p1 < "$DOS_PATCHES_COMMON/android_packages_inputmethods_LatinIME/0001-Voi patch -p1 < "$DOS_PATCHES_COMMON/android_packages_inputmethods_LatinIME/0002-Disable_Personalization.patch"; #Disable personalization dictionary by default (GrapheneOS) fi; -if enterAndClear "packages/modules/NetworkStack"; then -git pull "https://github.com/LineageOS/android_packages_modules_NetworkStack" refs/changes/01/313301/1; #Q_asb_2021-07 -fi; - #if enterAndClear "packages/services/Telephony"; then #patch -p1 < "$DOS_PATCHES/android_packages_services_Telephony/0001-PREREQ_Handle_All_Modes.patch"; #XXX 17REBASE #patch -p1 < "$DOS_PATCHES/android_packages_services_Telephony/0002-More_Preferred_Network_Modes.patch"; #XXX 17REBASE @@ -240,10 +232,6 @@ if enterAndClear "system/extras"; then patch -p1 < "$DOS_PATCHES/android_system_extras/0001-ext4_pad_filenames.patch"; #FBE: pad filenames more (GrapheneOS) fi; -if enterAndClear "system/libfmq"; then -git pull "https://github.com/LineageOS/android_system_libfmq" refs/changes/03/313303/1; #Q_asb_2021-07 -fi; - if enterAndClear "system/sepolicy"; then patch -p1 < "$DOS_PATCHES/android_system_sepolicy/0001-LGE_Fixes.patch"; #Fix -user builds for LGE devices patch -p1 < "$DOS_PATCHES/android_system_sepolicy/0001-LGE_Fixes.patch" --directory="prebuilts/api/29.0"; diff --git a/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_google_coral.sh b/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_google_coral.sh index cf163263..09247503 100644 --- a/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_google_coral.sh +++ b/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_google_coral.sh @@ -88,7 +88,6 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-29568/4.14/0010.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-29569/4.14/0002.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-36158/4.14/0002.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-BleedingToothExtras/^5.10/0001.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-1940/ANY/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3348/4.14/0002.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3428/4.14/0007.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3428/4.14/0008.patch @@ -133,5 +132,5 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-33034/4.14/0002.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-34693/4.14/0004.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-24586/4.14/0003.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3587/4.14/0002.patch -editKernelLocalversion "-dos.p133" +editKernelLocalversion "-dos.p132" cd "$DOS_BUILD_BASE" diff --git a/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_htc_msm8974.sh b/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_htc_msm8974.sh index e8766df6..c18627e5 100644 --- a/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_htc_msm8974.sh +++ b/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_htc_msm8974.sh @@ -43,7 +43,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5859/3.4/0003.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5867/3.4/0004.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6480/^4.7/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-7117/^4.5.2/0002.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8393/3.4/0004.patch +#git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8393/3.4/0004.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8404/ANY/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8450/3.4/0002.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8481/3.4/0005.patch diff --git a/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_razer_msm8998.sh b/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_razer_msm8998.sh index d9c1cfe5..b5ae7478 100644 --- a/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_razer_msm8998.sh +++ b/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_razer_msm8998.sh @@ -1,6 +1,5 @@ #!/bin/bash cd "$DOS_BUILD_BASE""kernel/razer/msm8998" -git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/4.4/4.4.0271-0272.patch --exclude=Makefile git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/4.4/4.4.0274-0275.patch --exclude=Makefile git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.10+/0016.patch git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.10+/0020.patch @@ -45,16 +44,9 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15291/4.4/0006.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-16994/^5.0/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19051/4.4/0012.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19068/4.4/0004.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11160/ANY/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11608/4.4/0006.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11608/^5.6.1/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-14386/3.10-^4.4/0002.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-16119/^5.10/0002.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-26139/4.4/0004.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-26147/4.4/0004.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-29650/4.4/0004.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-32399/4.4/0007.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-34693/4.4/0006.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-24586/4.4/0007.patch -editKernelLocalversion "-dos.p56" +editKernelLocalversion "-dos.p48" cd "$DOS_BUILD_BASE" diff --git a/Scripts/LineageOS-18.1/Functions.sh b/Scripts/LineageOS-18.1/Functions.sh index 1ccfeb8e..3aebeade 100644 --- a/Scripts/LineageOS-18.1/Functions.sh +++ b/Scripts/LineageOS-18.1/Functions.sh @@ -55,7 +55,7 @@ buildAll() { if [ "$DOS_MALWARE_SCAN_ENABLED" = true ]; then scanWorkspaceForMalware; fi; if [ "$DOS_OPTIMIZE_IMAGES" = true ]; then optimizeImagesRecursive "$DOS_BUILD_BASE"; fi; #SDS4P - buildDevice flox; + buildDevice flox && rm device/asus/flox/sensors/Android.bp; buildDevice mako; #SD400 buildDevice serrano3gxx; #unb @@ -83,7 +83,7 @@ buildAll() { buildDevice oneplus3 verity; #needs manual patching - broken yyloc #SD835 buildDevice cheryl verity; - buildDevice cheeseburger verity; #needs manual patching - vendor common makefile + buildDevice cheeseburger verity; buildDevice dumpling verity; buildDevice mata verity; buildDevice taimen avb; @@ -109,9 +109,8 @@ patchWorkspace() { umask 0022; if [ "$DOS_MALWARE_SCAN_ENABLED" = true ]; then scanForMalware false "$DOS_PREBUILT_APPS $DOS_BUILD_BASE/build $DOS_BUILD_BASE/device $DOS_BUILD_BASE/vendor/lineage"; fi; - source build/envsetup.sh; + #source build/envsetup.sh; #repopick -i 312861; #recorder intent improvement - repopick -it android-11.0.0_r39; #XXX: manifests change must be manually picked source "$DOS_SCRIPTS/Patch.sh"; source "$DOS_SCRIPTS_COMMON/Copy_Keys.sh";