From 529b47039c940672be0a70b0fe02242efe7e3d03 Mon Sep 17 00:00:00 2001 From: Tad Date: Mon, 22 Mar 2021 19:59:15 -0400 Subject: [PATCH] 18.1: Initial bringup - Functionality tested on mako and klte - In-place upgrade from 17.1 tested working on klte - Compile tested on bacon and klte - Recovery OTA key patch missing, unsure if still needed. - Deblobber needs support for removing vintf manifest paths from vendor Android.bp - Launcher needs more default_workspace grid variants (eg. 4x5) --- Manifests/Manifest_LAOS-11.0.xml | 1 - Manifests/Manifest_LAOS-14.1.xml | 3 - Manifests/Manifest_LAOS-15.1.xml | 2 - Manifests/Manifest_LAOS-16.0.xml | 3 - Manifests/Manifest_LAOS-17.1.xml | 11 - Manifests/Manifest_LAOS-18.1.xml | 193 ++++++++ .../0001-No_SerialNum_Restrictions.patch | 38 ++ .../android_build/0001-Restore_TTS.patch | 59 +++ .../0001-Camera_Fix.patch | 34 ++ .../0002-Signature_Spoofing.patch | 161 +++++++ .../0003-Harden_Sig_Spoofing.patch | 26 ++ .../0003-SUPL_No_IMSI.patch | 38 ++ .../0004-Fingerprint_Lockout.patch | 22 + .../0006-Disable_Analytics.patch | 37 ++ .../0007-Always_Restict_Serial.patch | 29 ++ .../0008-Browser_No_Location.patch | 55 +++ .../0009-SystemUI_No_Permission_Review.patch | 23 + .../0001-Fix_Calling.patch | 55 +++ .../0001-Unused-8996.patch | 58 +++ .../0001-Unused-8998.patch | 63 +++ .../0001-Unused-sdm845.patch | 63 +++ .../0001-Unused-sm8150.patch | 58 +++ .../0001-Remove_Analytics.patch | 143 ++++++ .../0001-Signature_Spoofing.patch | 34 ++ .../0001-Remove_Analytics.patch | 186 ++++++++ .../0001-Server.patch | 36 ++ .../0002-Tor_Support.patch | 384 +++++++++++++++ .../android_system_core/0001-Harden.patch | 61 +++ .../0001-ext4_pad_filenames.patch | 35 ++ .../0001-LGE_Fixes.patch | 35 ++ Scripts/Common/Copy_Keys.sh | 6 +- Scripts/Common/Functions.sh | 16 +- Scripts/LineageOS-14.1/Patch.sh | 2 +- Scripts/LineageOS-14.1/Rebrand.sh | 4 +- Scripts/LineageOS-15.1/Patch.sh | 2 +- Scripts/LineageOS-15.1/Rebrand.sh | 4 +- Scripts/LineageOS-16.0/Defaults.sh | 4 +- Scripts/LineageOS-16.0/Patch.sh | 2 +- Scripts/LineageOS-16.0/Rebrand.sh | 4 +- Scripts/LineageOS-17.1/Defaults.sh | 4 +- Scripts/LineageOS-17.1/Functions.sh | 5 +- Scripts/LineageOS-17.1/Patch.sh | 12 +- Scripts/LineageOS-17.1/Rebrand.sh | 13 +- .../android_kernel_essential_msm8998.sh | 100 ++++ .../android_kernel_fxtec_msm8998.sh | 52 +++ .../android_kernel_google_coral.sh | 115 +++++ .../android_kernel_google_msm-4.9.sh | 124 +++++ .../CVE_Patchers/android_kernel_google_msm.sh | 254 ++++++++++ .../android_kernel_google_wahoo.sh | 170 +++++++ .../android_kernel_htc_msm8974.sh | 264 +++++++++++ .../CVE_Patchers/android_kernel_lge_mako.sh | 251 ++++++++++ .../android_kernel_lge_msm8974.sh | 213 +++++++++ .../android_kernel_lge_msm8996.sh | 436 ++++++++++++++++++ .../CVE_Patchers/android_kernel_moto_shamu.sh | 169 +++++++ .../android_kernel_nextbit_msm8992.sh | 256 ++++++++++ .../android_kernel_oneplus_msm8996.sh | 351 ++++++++++++++ .../android_kernel_oneplus_msm8998.sh | 61 +++ .../android_kernel_oppo_msm8974.sh | 147 ++++++ .../android_kernel_razer_msm8998.sh | 69 +++ .../CVE_Patchers/android_kernel_samsung_jf.sh | 256 ++++++++++ .../android_kernel_samsung_msm8974.sh | 115 +++++ .../android_kernel_xiaomi_sdm845.sh | 64 +++ Scripts/LineageOS-18.1/Defaults.sh | 51 ++ Scripts/LineageOS-18.1/Functions.sh | 150 ++++++ Scripts/LineageOS-18.1/Patch.sh | 306 ++++++++++++ Scripts/LineageOS-18.1/Rebrand.sh | 79 ++++ Scripts/init.sh | 4 +- 67 files changed, 6022 insertions(+), 59 deletions(-) create mode 100644 Manifests/Manifest_LAOS-18.1.xml create mode 100644 Patches/LineageOS-18.1/android_bootable_recovery/0001-No_SerialNum_Restrictions.patch create mode 100644 Patches/LineageOS-18.1/android_build/0001-Restore_TTS.patch create mode 100644 Patches/LineageOS-18.1/android_device_qcom_sepolicy-legacy/0001-Camera_Fix.patch create mode 100644 Patches/LineageOS-18.1/android_frameworks_base/0002-Signature_Spoofing.patch create mode 100644 Patches/LineageOS-18.1/android_frameworks_base/0003-Harden_Sig_Spoofing.patch create mode 100644 Patches/LineageOS-18.1/android_frameworks_base/0003-SUPL_No_IMSI.patch create mode 100644 Patches/LineageOS-18.1/android_frameworks_base/0004-Fingerprint_Lockout.patch create mode 100644 Patches/LineageOS-18.1/android_frameworks_base/0006-Disable_Analytics.patch create mode 100644 Patches/LineageOS-18.1/android_frameworks_base/0007-Always_Restict_Serial.patch create mode 100644 Patches/LineageOS-18.1/android_frameworks_base/0008-Browser_No_Location.patch create mode 100644 Patches/LineageOS-18.1/android_frameworks_base/0009-SystemUI_No_Permission_Review.patch create mode 100644 Patches/LineageOS-18.1/android_frameworks_opt_net_ims/0001-Fix_Calling.patch create mode 100644 Patches/LineageOS-18.1/android_hardware_qcom_audio/0001-Unused-8996.patch create mode 100644 Patches/LineageOS-18.1/android_hardware_qcom_audio/0001-Unused-8998.patch create mode 100644 Patches/LineageOS-18.1/android_hardware_qcom_audio/0001-Unused-sdm845.patch create mode 100644 Patches/LineageOS-18.1/android_hardware_qcom_audio/0001-Unused-sm8150.patch create mode 100644 Patches/LineageOS-18.1/android_packages_apps_LineageParts/0001-Remove_Analytics.patch create mode 100644 Patches/LineageOS-18.1/android_packages_apps_PermissionController/0001-Signature_Spoofing.patch create mode 100644 Patches/LineageOS-18.1/android_packages_apps_SetupWizard/0001-Remove_Analytics.patch create mode 100644 Patches/LineageOS-18.1/android_packages_apps_Updater/0001-Server.patch create mode 100644 Patches/LineageOS-18.1/android_packages_apps_Updater/0002-Tor_Support.patch create mode 100644 Patches/LineageOS-18.1/android_system_core/0001-Harden.patch create mode 100644 Patches/LineageOS-18.1/android_system_extras/0001-ext4_pad_filenames.patch create mode 100644 Patches/LineageOS-18.1/android_system_sepolicy/0001-LGE_Fixes.patch create mode 100644 Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_essential_msm8998.sh create mode 100644 Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_fxtec_msm8998.sh create mode 100644 Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_google_coral.sh create mode 100644 Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_google_msm-4.9.sh create mode 100644 Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_google_msm.sh create mode 100644 Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_google_wahoo.sh create mode 100644 Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_htc_msm8974.sh create mode 100644 Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_lge_mako.sh create mode 100644 Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_lge_msm8974.sh create mode 100644 Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_lge_msm8996.sh create mode 100644 Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_moto_shamu.sh create mode 100644 Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_nextbit_msm8992.sh create mode 100644 Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_oneplus_msm8996.sh create mode 100644 Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_oneplus_msm8998.sh create mode 100644 Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_oppo_msm8974.sh create mode 100644 Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_razer_msm8998.sh create mode 100644 Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_samsung_jf.sh create mode 100644 Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_samsung_msm8974.sh create mode 100644 Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_xiaomi_sdm845.sh create mode 100644 Scripts/LineageOS-18.1/Defaults.sh create mode 100644 Scripts/LineageOS-18.1/Functions.sh create mode 100644 Scripts/LineageOS-18.1/Patch.sh create mode 100644 Scripts/LineageOS-18.1/Rebrand.sh diff --git a/Manifests/Manifest_LAOS-11.0.xml b/Manifests/Manifest_LAOS-11.0.xml index 5b301e57..576f74d2 100644 --- a/Manifests/Manifest_LAOS-11.0.xml +++ b/Manifests/Manifest_LAOS-11.0.xml @@ -34,7 +34,6 @@ - diff --git a/Manifests/Manifest_LAOS-14.1.xml b/Manifests/Manifest_LAOS-14.1.xml index 9cff7f8d..62322308 100644 --- a/Manifests/Manifest_LAOS-14.1.xml +++ b/Manifests/Manifest_LAOS-14.1.xml @@ -25,7 +25,6 @@ - @@ -47,8 +46,6 @@ - - diff --git a/Manifests/Manifest_LAOS-15.1.xml b/Manifests/Manifest_LAOS-15.1.xml index 260eafca..2f22bda7 100644 --- a/Manifests/Manifest_LAOS-15.1.xml +++ b/Manifests/Manifest_LAOS-15.1.xml @@ -26,7 +26,6 @@ - @@ -46,7 +45,6 @@ - diff --git a/Manifests/Manifest_LAOS-16.0.xml b/Manifests/Manifest_LAOS-16.0.xml index 9f123761..b8385116 100644 --- a/Manifests/Manifest_LAOS-16.0.xml +++ b/Manifests/Manifest_LAOS-16.0.xml @@ -26,9 +26,7 @@ - - @@ -46,7 +44,6 @@ - diff --git a/Manifests/Manifest_LAOS-17.1.xml b/Manifests/Manifest_LAOS-17.1.xml index 2782e7d7..4ce3196b 100644 --- a/Manifests/Manifest_LAOS-17.1.xml +++ b/Manifests/Manifest_LAOS-17.1.xml @@ -23,9 +23,7 @@ - - @@ -43,7 +41,6 @@ - @@ -252,14 +249,6 @@ - - - - - - - - diff --git a/Manifests/Manifest_LAOS-18.1.xml b/Manifests/Manifest_LAOS-18.1.xml new file mode 100644 index 00000000..113a478f --- /dev/null +++ b/Manifests/Manifest_LAOS-18.1.xml @@ -0,0 +1,193 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/Patches/LineageOS-18.1/android_bootable_recovery/0001-No_SerialNum_Restrictions.patch b/Patches/LineageOS-18.1/android_bootable_recovery/0001-No_SerialNum_Restrictions.patch new file mode 100644 index 00000000..9ddc1cbc --- /dev/null +++ b/Patches/LineageOS-18.1/android_bootable_recovery/0001-No_SerialNum_Restrictions.patch @@ -0,0 +1,38 @@ +From 5647b8d92ed5d69a4eb24f262e0d7ba4cbd8316e Mon Sep 17 00:00:00 2001 +From: Daniel Micay +Date: Wed, 19 Aug 2020 09:31:04 -0400 +Subject: [PATCH] reject updates with serialno constraints + +--- + install/install.cpp | 16 ++-------------- + 1 file changed, 2 insertions(+), 14 deletions(-) + +diff --git a/install/install.cpp b/install/install.cpp +index d404997d..26d7c766 100644 +--- a/install/install.cpp ++++ b/install/install.cpp +@@ -204,22 +204,10 @@ bool CheckPackageMetadata(const std::map& metadata, Ot + return false; + } + +- // We allow the package to not have any serialno; and we also allow it to carry multiple serial +- // numbers split by "|"; e.g. serialno=serialno1|serialno2|serialno3 ... We will fail the +- // verification if the device's serialno doesn't match any of these carried numbers. + auto pkg_serial_no = get_value(metadata, "serialno"); + if (!pkg_serial_no.empty()) { +- auto device_serial_no = android::base::GetProperty("ro.serialno", ""); +- bool serial_number_match = false; +- for (const auto& number : android::base::Split(pkg_serial_no, "|")) { +- if (device_serial_no == android::base::Trim(number)) { +- serial_number_match = true; +- } +- } +- if (!serial_number_match) { +- LOG(ERROR) << "Package is for serial " << pkg_serial_no; +- return false; +- } ++ LOG(ERROR) << "Serial number constraint not permitted: " << pkg_serial_no; ++ return INSTALL_ERROR; + } + + if (ota_type == OtaType::AB) { diff --git a/Patches/LineageOS-18.1/android_build/0001-Restore_TTS.patch b/Patches/LineageOS-18.1/android_build/0001-Restore_TTS.patch new file mode 100644 index 00000000..336dcbd7 --- /dev/null +++ b/Patches/LineageOS-18.1/android_build/0001-Restore_TTS.patch @@ -0,0 +1,59 @@ +From f8f88297ec49d592e501397222c7ec73d4691657 Mon Sep 17 00:00:00 2001 +From: Tad +Date: Fri, 25 Sep 2020 10:13:52 -0400 +Subject: [PATCH] Restore PicoTTS + +Reverts: +271f6ffa045064abcac066e97f2cb53ccb3e5126 +61f7ee9386be426fd4eadc2c8759362edb5bef8d + +Change-Id: I9aee2c5f739f9f08a27c71d54570517ed4aa413f +--- + target/product/full_base.mk | 3 +++ + target/product/handheld_system.mk | 9 +++++++++ + 2 files changed, 12 insertions(+) + +diff --git a/target/product/full_base.mk b/target/product/full_base.mk +index 267859a62..8e124c707 100644 +--- a/target/product/full_base.mk ++++ b/target/product/full_base.mk +@@ -59,6 +59,9 @@ else + $(call inherit-product-if-exists, frameworks/base/data/sounds/AudioPackage14.mk) + endif + ++# Get the TTS language packs ++$(call inherit-product-if-exists, external/svox/pico/lang/all_pico_languages.mk) ++ + # Get a list of languages. + $(call inherit-product, $(SRC_TARGET_DIR)/product/languages_full.mk) + +diff --git a/target/product/handheld_system.mk b/target/product/handheld_system.mk +index f6c92b5e8..176521e09 100644 +--- a/target/product/handheld_system.mk ++++ b/target/product/handheld_system.mk +@@ -31,6 +31,14 @@ $(call inherit-product-if-exists, external/hyphenation-patterns/patterns.mk) + $(call inherit-product-if-exists, frameworks/base/data/keyboards/keyboards.mk) + $(call inherit-product-if-exists, frameworks/webview/chromium/chromium.mk) + ++# include available languages for TTS in the system image ++-include external/svox/pico/lang/PicoLangDeDeInSystem.mk ++-include external/svox/pico/lang/PicoLangEnGBInSystem.mk ++-include external/svox/pico/lang/PicoLangEnUsInSystem.mk ++-include external/svox/pico/lang/PicoLangEsEsInSystem.mk ++-include external/svox/pico/lang/PicoLangFrFrInSystem.mk ++-include external/svox/pico/lang/PicoLangItItInSystem.mk ++ + PRODUCT_PACKAGES += \ + BasicDreams \ + BlockedNumberProvider \ +@@ -57,6 +65,7 @@ PRODUCT_PACKAGES += \ + MtpService \ + MusicFX \ + PacProcessor \ ++ PicoTTS \ + PrintRecommendationService \ + PrintSpooler \ + ProxyHandler \ +-- +2.30.2 + diff --git a/Patches/LineageOS-18.1/android_device_qcom_sepolicy-legacy/0001-Camera_Fix.patch b/Patches/LineageOS-18.1/android_device_qcom_sepolicy-legacy/0001-Camera_Fix.patch new file mode 100644 index 00000000..52de3921 --- /dev/null +++ b/Patches/LineageOS-18.1/android_device_qcom_sepolicy-legacy/0001-Camera_Fix.patch @@ -0,0 +1,34 @@ +From 41c2cb884b69e04e2e7a6404b580aafc4b2ceba7 Mon Sep 17 00:00:00 2001 +From: Tad +Date: Mon, 12 Feb 2018 02:41:09 -0500 +Subject: [PATCH] TEMPORARY fix camera not working on user builds + +Change-Id: I61e8c78bfd70be7c157c049dac201de21749d4a2 +--- + common/mediaserver.te | 10 ++++------ + 1 file changed, 4 insertions(+), 6 deletions(-) + +diff --git a/common/mediaserver.te b/common/mediaserver.te +index 1108551..6b92565 100755 +--- a/common/mediaserver.te ++++ b/common/mediaserver.te +@@ -13,12 +13,10 @@ binder_call(mediaserver, rild) + #qmux_socket(mediaserver) + allow mediaserver camera_data_file:sock_file w_file_perms; + +-userdebug_or_eng(` +- allow mediaserver camera_data_file:dir rw_dir_perms; +- allow mediaserver camera_data_file:file create_file_perms; +- # Access to audio +- allow mediaserver qti_debugfs:file rw_file_perms; +-') ++allow mediaserver camera_data_file:dir rw_dir_perms; ++allow mediaserver camera_data_file:file create_file_perms; ++# Access to audio ++allow mediaserver qti_debugfs:file rw_file_perms; + + r_dir_file(mediaserver, sysfs_esoc) + #allow mediaserver system_app_data_file:file rw_file_perms; +-- +2.16.1 + diff --git a/Patches/LineageOS-18.1/android_frameworks_base/0002-Signature_Spoofing.patch b/Patches/LineageOS-18.1/android_frameworks_base/0002-Signature_Spoofing.patch new file mode 100644 index 00000000..a68a9123 --- /dev/null +++ b/Patches/LineageOS-18.1/android_frameworks_base/0002-Signature_Spoofing.patch @@ -0,0 +1,161 @@ +From 39a82d79321100965f446fb4007f2a44f3d41f4d Mon Sep 17 00:00:00 2001 +From: Philip Nagler-Frank +Date: Mon, 22 Mar 2021 21:03:57 -0400 +Subject: [PATCH] Add permission to allow an APK to fake a signature. + +Change-Id: I770c2c8b2ab6857d4ea0a4142fb814302685a64e +--- + api/current.txt | 2 ++ + core/res/AndroidManifest.xml | 15 ++++++++++++ + core/res/res/values/config.xml | 2 ++ + core/res/res/values/strings.xml | 12 ++++++++++ + non-updatable-api/current.txt | 2 ++ + .../server/pm/PackageManagerService.java | 23 +++++++++++++++++-- + 6 files changed, 54 insertions(+), 2 deletions(-) + +diff --git a/api/current.txt b/api/current.txt +index 952ccdad992..6bd7ffe6dcb 100644 +--- a/api/current.txt ++++ b/api/current.txt +@@ -77,6 +77,7 @@ package android { + field public static final String DIAGNOSTIC = "android.permission.DIAGNOSTIC"; + field public static final String DISABLE_KEYGUARD = "android.permission.DISABLE_KEYGUARD"; + field public static final String DUMP = "android.permission.DUMP"; ++ field public static final String FAKE_PACKAGE_SIGNATURE = "android.permission.FAKE_PACKAGE_SIGNATURE"; + field public static final String EXPAND_STATUS_BAR = "android.permission.EXPAND_STATUS_BAR"; + field public static final String FACTORY_TEST = "android.permission.FACTORY_TEST"; + field public static final String FOREGROUND_SERVICE = "android.permission.FOREGROUND_SERVICE"; +@@ -182,6 +183,7 @@ package android { + field public static final String CALL_LOG = "android.permission-group.CALL_LOG"; + field public static final String CAMERA = "android.permission-group.CAMERA"; + field public static final String CONTACTS = "android.permission-group.CONTACTS"; ++ field public static final String FAKE_PACKAGE = "android.permission-group.FAKE_PACKAGE"; + field public static final String LOCATION = "android.permission-group.LOCATION"; + field public static final String MICROPHONE = "android.permission-group.MICROPHONE"; + field public static final String PHONE = "android.permission-group.PHONE"; +diff --git a/core/res/AndroidManifest.xml b/core/res/AndroidManifest.xml +index 962d6ce79a4..5a654329446 100644 +--- a/core/res/AndroidManifest.xml ++++ b/core/res/AndroidManifest.xml +@@ -2842,6 +2842,21 @@ + android:description="@string/permdesc_getPackageSize" + android:protectionLevel="normal" /> + ++ ++ ++ ++ ++ ++ + +diff --git a/core/res/res/values/config.xml b/core/res/res/values/config.xml +index b61b26a0e7f..0b6206def57 100644 +--- a/core/res/res/values/config.xml ++++ b/core/res/res/values/config.xml +@@ -1654,6 +1654,8 @@ + + + com.android.location.fused ++ ++ com.google.android.gms + + + +diff --git a/core/res/res/values/strings.xml b/core/res/res/values/strings.xml +index d6ee28b93f9..d5b3f54afc5 100644 +--- a/core/res/res/values/strings.xml ++++ b/core/res/res/values/strings.xml +@@ -847,6 +847,18 @@ + + + ++ ++ Spoof package signature ++ ++ Allows the app to pretend to be a different app. Malicious applications might be able to use this to access private application data. Legitimate uses include an emulator pretending to be what it emulates. Grant this permission with caution only! ++ ++ Spoof package signature ++ ++ allow to spoof package signature ++ ++ Allow ++ <b>%1$s</b> to spoof package signature? ++ + + disable or modify status bar + +diff --git a/non-updatable-api/current.txt b/non-updatable-api/current.txt +index 5f15216e840..57748a8090a 100644 +--- a/non-updatable-api/current.txt ++++ b/non-updatable-api/current.txt +@@ -79,6 +79,7 @@ package android { + field public static final String DUMP = "android.permission.DUMP"; + field public static final String EXPAND_STATUS_BAR = "android.permission.EXPAND_STATUS_BAR"; + field public static final String FACTORY_TEST = "android.permission.FACTORY_TEST"; ++ field public static final String FAKE_PACKAGE_SIGNATURE = "android.permission.FAKE_PACKAGE_SIGNATURE"; + field public static final String FOREGROUND_SERVICE = "android.permission.FOREGROUND_SERVICE"; + field public static final String GET_ACCOUNTS = "android.permission.GET_ACCOUNTS"; + field public static final String GET_ACCOUNTS_PRIVILEGED = "android.permission.GET_ACCOUNTS_PRIVILEGED"; +@@ -182,6 +183,7 @@ package android { + field public static final String CALL_LOG = "android.permission-group.CALL_LOG"; + field public static final String CAMERA = "android.permission-group.CAMERA"; + field public static final String CONTACTS = "android.permission-group.CONTACTS"; ++ field public static final String FAKE_PACKAGE = "android.permission-group.FAKE_PACKAGE"; + field public static final String LOCATION = "android.permission-group.LOCATION"; + field public static final String MICROPHONE = "android.permission-group.MICROPHONE"; + field public static final String PHONE = "android.permission-group.PHONE"; +diff --git a/services/core/java/com/android/server/pm/PackageManagerService.java b/services/core/java/com/android/server/pm/PackageManagerService.java +index cbf2300d998..c9cafa76c66 100644 +--- a/services/core/java/com/android/server/pm/PackageManagerService.java ++++ b/services/core/java/com/android/server/pm/PackageManagerService.java +@@ -4454,8 +4454,9 @@ public class PackageManagerService extends IPackageManager.Stub + }); + } + +- PackageInfo packageInfo = PackageInfoUtils.generate(p, gids, flags, +- ps.firstInstallTime, ps.lastUpdateTime, permissions, state, userId, ps); ++ PackageInfo packageInfo = mayFakeSignature(p, PackageInfoUtils.generate(p, gids, flags, ++ ps.firstInstallTime, ps.lastUpdateTime, permissions, state, userId, ps), ++ permissions); + + if (packageInfo == null) { + return null; +@@ -4491,6 +4492,24 @@ public class PackageManagerService extends IPackageManager.Stub + } + } + ++ private PackageInfo mayFakeSignature(AndroidPackage p, PackageInfo pi, ++ Set permissions) { ++ try { ++ if (permissions.contains("android.permission.FAKE_PACKAGE_SIGNATURE") ++ && p.getTargetSdkVersion() > Build.VERSION_CODES.LOLLIPOP_MR1 ++ && p.getMetaData() != null) { ++ String sig = p.getMetaData().getString("fake-signature"); ++ if (sig != null) { ++ pi.signatures = new Signature[] {new Signature(sig)}; ++ } ++ } ++ } catch (Throwable t) { ++ // We should never die because of any failures, this is system code! ++ Log.w("PackageManagerService.FAKE_PACKAGE_SIGNATURE", t); ++ } ++ return pi; ++ } ++ + @Override + public void checkPackageStartable(String packageName, int userId) { + final int callingUid = Binder.getCallingUid(); +-- +2.30.2 + diff --git a/Patches/LineageOS-18.1/android_frameworks_base/0003-Harden_Sig_Spoofing.patch b/Patches/LineageOS-18.1/android_frameworks_base/0003-Harden_Sig_Spoofing.patch new file mode 100644 index 00000000..10736d1b --- /dev/null +++ b/Patches/LineageOS-18.1/android_frameworks_base/0003-Harden_Sig_Spoofing.patch @@ -0,0 +1,26 @@ +From afedf9abaf7dc3df592b0b9e1046b3c87217af64 Mon Sep 17 00:00:00 2001 +From: Tad +Date: Mon, 12 Feb 2018 02:55:55 -0500 +Subject: [PATCH] Harden signature spoofing + +Change-Id: I86f35690710612f23ffce9067e1fd4d58b9fba6f +--- + core/res/AndroidManifest.xml | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/core/res/AndroidManifest.xml b/core/res/AndroidManifest.xml +index 5a654329446..a87ab52cbaa 100644 +--- a/core/res/AndroidManifest.xml ++++ b/core/res/AndroidManifest.xml +@@ -2853,7 +2853,7 @@ + seen by applications --> + + +-- +2.30.2 + diff --git a/Patches/LineageOS-18.1/android_frameworks_base/0003-SUPL_No_IMSI.patch b/Patches/LineageOS-18.1/android_frameworks_base/0003-SUPL_No_IMSI.patch new file mode 100644 index 00000000..c9bd9c3e --- /dev/null +++ b/Patches/LineageOS-18.1/android_frameworks_base/0003-SUPL_No_IMSI.patch @@ -0,0 +1,38 @@ +From 44495d43c291ea193884f2190938da400068a4cc Mon Sep 17 00:00:00 2001 +From: MSe1969 +Date: Mon, 29 Oct 2018 12:14:17 +0100 +Subject: [PATCH] SUPL: Don't send IMSI / Phone number to SUPL server + +Change-Id: I5ccc4d61e52ac11ef33f44618d0e610089885b87 +--- + .../android/server/location/gnss/GnssLocationProvider.java | 7 ++++++- + 1 file changed, 6 insertions(+), 1 deletion(-) + +diff --git a/services/core/java/com/android/server/location/gnss/GnssLocationProvider.java b/services/core/java/com/android/server/location/gnss/GnssLocationProvider.java +index a6a607e4ce6..901d73213ac 100644 +--- a/services/core/java/com/android/server/location/gnss/GnssLocationProvider.java ++++ b/services/core/java/com/android/server/location/gnss/GnssLocationProvider.java +@@ -1951,6 +1951,11 @@ public class GnssLocationProvider extends AbstractLocationProvider implements + int type = AGPS_SETID_TYPE_NONE; + String setId = null; + ++ /* ++ * We don't want to tell Google our IMSI or phone number to spy on us! ++ * As devices w/o SIM card also have working GPS, providing this data does ++ * not seem to add a lot of value, at least not for the device holder ++ * + int ddSubId = SubscriptionManager.getDefaultDataSubscriptionId(); + if (SubscriptionManager.isValidSubscriptionId(ddSubId)) { + phone = phone.createForSubscriptionId(ddSubId); +@@ -1967,7 +1972,7 @@ public class GnssLocationProvider extends AbstractLocationProvider implements + // This means the framework has the SIM card. + type = AGPS_SETID_TYPE_MSISDN; + } +- } ++ } */ + + native_agps_set_id(type, (setId == null) ? "" : setId); + } +-- +2.30.2 + diff --git a/Patches/LineageOS-18.1/android_frameworks_base/0004-Fingerprint_Lockout.patch b/Patches/LineageOS-18.1/android_frameworks_base/0004-Fingerprint_Lockout.patch new file mode 100644 index 00000000..6d53de08 --- /dev/null +++ b/Patches/LineageOS-18.1/android_frameworks_base/0004-Fingerprint_Lockout.patch @@ -0,0 +1,22 @@ +From 9c21f1c52b9d5f589a4bca4893e8a04fc1c42cd2 Mon Sep 17 00:00:00 2001 +From: Daniel Micay +Date: Tue, 12 Sep 2017 01:52:11 -0400 +Subject: [PATCH] use permanent fingerprint lockout immediately + +--- + .../server/biometrics/fingerprint/FingerprintService.java | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/services/core/java/com/android/server/biometrics/fingerprint/FingerprintService.java b/services/core/java/com/android/server/biometrics/fingerprint/FingerprintService.java +index 320e1022873..fb580ffe43c 100644 +--- a/services/core/java/com/android/server/biometrics/fingerprint/FingerprintService.java ++++ b/services/core/java/com/android/server/biometrics/fingerprint/FingerprintService.java +@@ -98,7 +98,7 @@ + private static final String ACTION_LOCKOUT_RESET = + "com.android.server.biometrics.fingerprint.ACTION_LOCKOUT_RESET"; + private static final int MAX_FAILED_ATTEMPTS_LOCKOUT_TIMED = 5; +- private static final int MAX_FAILED_ATTEMPTS_LOCKOUT_PERMANENT = 20; ++ private static final int MAX_FAILED_ATTEMPTS_LOCKOUT_PERMANENT = 3; + private static final long FAIL_LOCKOUT_TIMEOUT_MS = 30 * 1000; + private static final String KEY_LOCKOUT_RESET_USER = "lockout_reset_user"; + diff --git a/Patches/LineageOS-18.1/android_frameworks_base/0006-Disable_Analytics.patch b/Patches/LineageOS-18.1/android_frameworks_base/0006-Disable_Analytics.patch new file mode 100644 index 00000000..433aca32 --- /dev/null +++ b/Patches/LineageOS-18.1/android_frameworks_base/0006-Disable_Analytics.patch @@ -0,0 +1,37 @@ +From 5b59a2cf8028488847a5cd6ac7d4a14414972438 Mon Sep 17 00:00:00 2001 +From: Tad +Date: Mon, 21 May 2018 04:23:40 -0400 +Subject: [PATCH] Disable/reduce functionality of various ad/analytics + libraries + +Change-Id: I84303ee26d0232e471f44ae6eff6e41a2210e42e +--- + core/java/android/content/pm/PackageParser.java | 12 ++++++++++++ + 1 file changed, 12 insertions(+) + +diff --git a/core/java/android/content/pm/PackageParser.java b/core/java/android/content/pm/PackageParser.java +index 8c66fb227cf..31368bf74b1 100644 +--- a/core/java/android/content/pm/PackageParser.java ++++ b/core/java/android/content/pm/PackageParser.java +@@ -5524,6 +5524,18 @@ public class PackageParser { + + if (data == null) { + data = new Bundle(); ++ data.putBoolean("batch_opted_out_by_default", true); ++ data.putBoolean("com.ad4screen.no_geoloc", true); ++ data.putBoolean("com.facebook.sdk.AutoLogAppEventsEnabled", false); ++ data.putBoolean("com.mixpanel.android.MPConfig.UseIpAddressForGeolocation", false); ++ data.putBoolean("com.webengage.sdk.android.location_tracking", false); ++ data.putBoolean("firebase_analytics_collection_deactivated", true); ++ data.putBoolean("firebase_analytics_collection_enabled", false); ++ data.putBoolean("firebase_crash_collection_enabled", false); ++ data.putBoolean("firebase_performance_collection_deactivated", true); ++ data.putBoolean("google_analytics_adid_collection_enabled", false); ++ data.putString("com.ad4screen.tracking_mode", "Restricted"); ++ data.putString("com.sprooki.LOCATION_SERVICES", "disable"); + } + + String name = sa.getNonConfigurationString( +-- +2.17.0 + diff --git a/Patches/LineageOS-18.1/android_frameworks_base/0007-Always_Restict_Serial.patch b/Patches/LineageOS-18.1/android_frameworks_base/0007-Always_Restict_Serial.patch new file mode 100644 index 00000000..65ecb039 --- /dev/null +++ b/Patches/LineageOS-18.1/android_frameworks_base/0007-Always_Restict_Serial.patch @@ -0,0 +1,29 @@ +From d6224b1fca2bb1a32e1bf6df2de6227eddb13595 Mon Sep 17 00:00:00 2001 +From: Daniel Micay +Date: Wed, 6 Sep 2017 21:40:48 -0400 +Subject: [PATCH] always set deprecated Build.SERIAL to UNKNOWN + +Only support fetching the serial number via the new Build.getSerial() +requiring the READ_PHONE_STATE permission. +--- + .../java/com/android/server/am/ActivityManagerService.java | 7 +------ + 1 file changed, 1 insertion(+), 6 deletions(-) + +diff --git a/services/core/java/com/android/server/am/ActivityManagerService.java b/services/core/java/com/android/server/am/ActivityManagerService.java +index e8505fcb37a..7b14f5fdb1e 100644 +--- a/services/core/java/com/android/server/am/ActivityManagerService.java ++++ b/services/core/java/com/android/server/am/ActivityManagerService.java +@@ -4971,12 +4971,7 @@ private final boolean attachApplicationLocked(IApplicationThread thread, + } + } + +- // We deprecated Build.SERIAL and it is not accessible to +- // Instant Apps and target APIs higher than O MR1. Since access to the serial +- // is now behind a permission we push down the value. +- final String buildSerial = (!appInfo.isInstantApp() +- && appInfo.targetSdkVersion < Build.VERSION_CODES.P) +- ? sTheRealBuildSerial : Build.UNKNOWN; ++ final String buildSerial = Build.UNKNOWN; + + // Check if this is a secondary process that should be incorporated into some + // currently active instrumentation. (Note we do this AFTER all of the profiling diff --git a/Patches/LineageOS-18.1/android_frameworks_base/0008-Browser_No_Location.patch b/Patches/LineageOS-18.1/android_frameworks_base/0008-Browser_No_Location.patch new file mode 100644 index 00000000..5304b508 --- /dev/null +++ b/Patches/LineageOS-18.1/android_frameworks_base/0008-Browser_No_Location.patch @@ -0,0 +1,55 @@ +From 705a38ae754c2895c68480fa9d2ec00a5728e661 Mon Sep 17 00:00:00 2001 +From: Daniel Micay +Date: Sun, 17 Mar 2019 19:54:30 -0400 +Subject: [PATCH] stop auto-granting location to system browsers + +--- + .../DefaultPermissionGrantPolicy.java | 28 +++++++++---------- + 1 file changed, 14 insertions(+), 14 deletions(-) + +diff --git a/services/core/java/com/android/server/pm/permission/DefaultPermissionGrantPolicy.java b/services/core/java/com/android/server/pm/permission/DefaultPermissionGrantPolicy.java +index cd53fb9ba52..a08cbb5ceec 100644 +--- a/services/core/java/com/android/server/pm/permission/DefaultPermissionGrantPolicy.java ++++ b/services/core/java/com/android/server/pm/permission/DefaultPermissionGrantPolicy.java +@@ -682,17 +682,17 @@ private void grantDefaultSystemHandlerPermissions(PackageManagerWrapper pm, int + userId, CONTACTS_PERMISSIONS, CALENDAR_PERMISSIONS); + + // Browser +- String browserPackage = ArrayUtils.firstOrNull(getKnownPackages( +- PackageManagerInternal.PACKAGE_BROWSER, userId)); +- if (browserPackage == null) { +- browserPackage = getDefaultSystemHandlerActivityPackageForCategory(pm, +- Intent.CATEGORY_APP_BROWSER, userId); +- if (!pm.isSystemPackage(browserPackage)) { +- browserPackage = null; +- } +- } +- grantPermissionsToPackage(pm, browserPackage, userId, false /* ignoreSystemPackage */, +- true /*whitelistRestrictedPermissions*/, FOREGROUND_LOCATION_PERMISSIONS); ++ //String browserPackage = ArrayUtils.firstOrNull(getKnownPackages( ++ //PackageManagerInternal.PACKAGE_BROWSER, userId)); ++ //if (browserPackage == null) { ++ //browserPackage = getDefaultSystemHandlerActivityPackageForCategory(pm, ++ //Intent.CATEGORY_APP_BROWSER, userId); ++ //if (!pm.isSystemPackage(browserPackage)) { ++ //browserPackage = null; ++ //} ++ //} ++ //grantPermissionsToPackage(pm, browserPackage, userId, false [> ignoreSystemPackage <], ++ //true [>whitelistRestrictedPermissions<], FOREGROUND_LOCATION_PERMISSIONS); + + // Voice interaction + if (voiceInteractPackageNames != null) { +@@ -992,9 +992,9 @@ public void revokeDefaultPermissionsFromLuiApps(String[] packageNames, int userI + } + + public void grantDefaultPermissionsToDefaultBrowser(String packageName, int userId) { +- Log.i(TAG, "Granting permissions to default browser for user:" + userId); +- grantPermissionsToSystemPackage(NO_PM_CACHE, packageName, userId, +- FOREGROUND_LOCATION_PERMISSIONS); ++ //Log.i(TAG, "Granting permissions to default browser for user:" + userId); ++ //grantPermissionsToSystemPackage(NO_PM_CACHE, packageName, userId, ++ //FOREGROUND_LOCATION_PERMISSIONS); + } + + private String getDefaultSystemHandlerActivityPackage(PackageManagerWrapper pm, diff --git a/Patches/LineageOS-18.1/android_frameworks_base/0009-SystemUI_No_Permission_Review.patch b/Patches/LineageOS-18.1/android_frameworks_base/0009-SystemUI_No_Permission_Review.patch new file mode 100644 index 00000000..5d6e125a --- /dev/null +++ b/Patches/LineageOS-18.1/android_frameworks_base/0009-SystemUI_No_Permission_Review.patch @@ -0,0 +1,23 @@ +From a507f07f4b04c421400ef8382212aa38cfe37b0d Mon Sep 17 00:00:00 2001 +From: Daniel Micay +Date: Tue, 18 Dec 2018 08:48:14 -0500 +Subject: [PATCH] allow SystemUI to directly manage Bluetooth/WiFi + +--- + packages/SystemUI/AndroidManifest.xml | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/packages/SystemUI/AndroidManifest.xml b/packages/SystemUI/AndroidManifest.xml +index 5599b5a2837..08a8d9f504b 100644 +--- a/packages/SystemUI/AndroidManifest.xml ++++ b/packages/SystemUI/AndroidManifest.xml +@@ -70,6 +70,9 @@ + + + ++ ++ ++ + + + diff --git a/Patches/LineageOS-18.1/android_frameworks_opt_net_ims/0001-Fix_Calling.patch b/Patches/LineageOS-18.1/android_frameworks_opt_net_ims/0001-Fix_Calling.patch new file mode 100644 index 00000000..7e7c8948 --- /dev/null +++ b/Patches/LineageOS-18.1/android_frameworks_opt_net_ims/0001-Fix_Calling.patch @@ -0,0 +1,55 @@ +From a2f309bdb5de824d9c86337101656b47ff4ae0ff Mon Sep 17 00:00:00 2001 +From: Tad +Date: Tue, 14 Apr 2020 16:59:46 -0400 +Subject: [PATCH] Fix calling after VoLTE is removed from devices that had it + previously enabled + +Change-Id: I34cc1b7786446927751950386ebe729b43fa53f1 +--- + src/java/com/android/ims/ImsManager.java | 23 +---------------------- + 1 file changed, 1 insertion(+), 22 deletions(-) + +diff --git a/src/java/com/android/ims/ImsManager.java b/src/java/com/android/ims/ImsManager.java +index 9a436c3..270c40c 100644 +--- a/src/java/com/android/ims/ImsManager.java ++++ b/src/java/com/android/ims/ImsManager.java +@@ -303,13 +303,6 @@ public class ImsManager implements IFeatureConnector { + */ + @UnsupportedAppUsage + public static boolean isEnhanced4gLteModeSettingEnabledByUser(Context context) { +- ImsManager mgr = ImsManager.getInstance(context, +- SubscriptionManager.getDefaultVoicePhoneId()); +- if (mgr != null) { +- return mgr.isEnhanced4gLteModeSettingEnabledByUser(); +- } +- Rlog.e(TAG, "isEnhanced4gLteModeSettingEnabledByUser: ImsManager null, returning default" +- + " value."); + return false; + } + +@@ -324,21 +317,7 @@ public class ImsManager implements IFeatureConnector { + * return the default value. + */ + public boolean isEnhanced4gLteModeSettingEnabledByUser() { +- int setting = SubscriptionManager.getIntegerSubscriptionProperty( +- getSubId(), SubscriptionManager.ENHANCED_4G_MODE_ENABLED, +- SUB_PROPERTY_NOT_INITIALIZED, mContext); +- boolean onByDefault = getBooleanCarrierConfig( +- CarrierConfigManager.KEY_ENHANCED_4G_LTE_ON_BY_DEFAULT_BOOL); +- +- // If Enhanced 4G LTE Mode is uneditable, hidden or not initialized, we use the default +- // value +- if (!getBooleanCarrierConfig(CarrierConfigManager.KEY_EDITABLE_ENHANCED_4G_LTE_BOOL) +- || getBooleanCarrierConfig(CarrierConfigManager.KEY_HIDE_ENHANCED_4G_LTE_BOOL) +- || setting == SUB_PROPERTY_NOT_INITIALIZED) { +- return onByDefault; +- } else { +- return (setting == ProvisioningManager.PROVISIONING_VALUE_ENABLED); +- } ++ return false; + } + + /** +-- +2.30.2 + diff --git a/Patches/LineageOS-18.1/android_hardware_qcom_audio/0001-Unused-8996.patch b/Patches/LineageOS-18.1/android_hardware_qcom_audio/0001-Unused-8996.patch new file mode 100644 index 00000000..6d624d24 --- /dev/null +++ b/Patches/LineageOS-18.1/android_hardware_qcom_audio/0001-Unused-8996.patch @@ -0,0 +1,58 @@ +From fc4d2c7dc902dc9e36261ab61081df80d49ceb60 Mon Sep 17 00:00:00 2001 +From: codeworkx +Date: Sun, 20 Jan 2019 17:48:20 +0100 +Subject: [PATCH] audio_extn: Fix unused parameter warning in utils.c + +The unused parameter warning appears if we are not building with +at least one of the following cflags enabled: + +* DEV_ARBI_ENABLED +* SOUND_TRIGGER_ENABLED +* AUDIO_LISTEN_ENABLED + + hardware/qcom/audio/hal/audio_extn/utils.c:2522:55: error: unused parameter 'snd_device' +[-Werror,-Wunused-parameter] + void audio_extn_utils_release_snd_device(snd_device_t snd_device) + ^ + +Change-Id: I694c683c9bfde60343f0f6ea8d806bc5e24437e6 +(cherry picked from commit 12981fb9f3c8a67bcc362c7badfb9189bc181cda) +--- + hal/audio_extn/audio_extn.h | 5 +++++ + hal/audio_extn/utils.c | 2 ++ + 2 files changed, 7 insertions(+) + +diff --git a/hal/audio_extn/audio_extn.h b/hal/audio_extn/audio_extn.h +index c847291fa..9ffdd9c15 100644 +--- a/hal/audio_extn/audio_extn.h ++++ b/hal/audio_extn/audio_extn.h +@@ -688,7 +688,12 @@ bool audio_extn_utils_is_dolby_format(audio_format_t format); + int audio_extn_utils_get_bit_width_from_string(const char *); + int audio_extn_utils_get_sample_rate_from_string(const char *); + int audio_extn_utils_get_channels_from_string(const char *); ++ ++#if !defined(DEV_ARBI_ENABLED) && !defined(SOUND_TRIGGER_ENABLED) && !defined(AUDIO_LISTEN_ENABLED) ++#define audio_extn_utils_release_snd_device(snd_device) (0) ++#else + void audio_extn_utils_release_snd_device(snd_device_t snd_device); ++#endif + int audio_extn_utils_get_app_sample_rate_for_device(struct audio_device *adev, + struct audio_usecase *usecase, int snd_device); + +diff --git a/hal/audio_extn/utils.c b/hal/audio_extn/utils.c +index 5ee94143d..202006a35 100644 +--- a/hal/audio_extn/utils.c ++++ b/hal/audio_extn/utils.c +@@ -2520,6 +2520,7 @@ int audio_extn_utils_get_channels_from_string(const char *id_string) + return -EINVAL; + } + ++#if defined(DEV_ARBI_ENABLED) || defined(SOUND_TRIGGER_ENABLED) || defined(AUDIO_LISTEN_ENABLED) + void audio_extn_utils_release_snd_device(snd_device_t snd_device) + { + audio_extn_dev_arbi_release(snd_device); +@@ -2528,3 +2529,4 @@ void audio_extn_utils_release_snd_device(snd_device_t snd_device) + audio_extn_listen_update_device_status(snd_device, + LISTEN_EVENT_SND_DEVICE_FREE); + } ++#endif diff --git a/Patches/LineageOS-18.1/android_hardware_qcom_audio/0001-Unused-8998.patch b/Patches/LineageOS-18.1/android_hardware_qcom_audio/0001-Unused-8998.patch new file mode 100644 index 00000000..7fa9aefc --- /dev/null +++ b/Patches/LineageOS-18.1/android_hardware_qcom_audio/0001-Unused-8998.patch @@ -0,0 +1,63 @@ +From 71e43ff08ed4755c032084d08721c13ef2044fbc Mon Sep 17 00:00:00 2001 +From: codeworkx +Date: Sun, 20 Jan 2019 17:48:20 +0100 +Subject: [PATCH] audio_extn: Fix unused parameter warning in utils.c + +The unused parameter warning appears if we are not building with +at least one of the following cflags enabled: + +* DEV_ARBI_ENABLED +* SOUND_TRIGGER_ENABLED +* AUDIO_LISTEN_ENABLED + + hardware/qcom/audio/hal/audio_extn/utils.c:2522:55: error: unused parameter 'snd_device' +[-Werror,-Wunused-parameter] + void audio_extn_utils_release_snd_device(snd_device_t snd_device) + ^ + +Change-Id: I694c683c9bfde60343f0f6ea8d806bc5e24437e6 +Signed-off-by: Atman +--- + hal/audio_extn/audio_extn.h | 4 ++++ + hal/audio_extn/utils.c | 2 ++ + 2 files changed, 6 insertions(+) + +diff --git a/hal/audio_extn/audio_extn.h b/hal/audio_extn/audio_extn.h +index f37c948ec..c6b2051a7 100644 +--- a/hal/audio_extn/audio_extn.h ++++ b/hal/audio_extn/audio_extn.h +@@ -815,7 +815,11 @@ bool audio_extn_utils_is_dolby_format(audio_format_t format); + int audio_extn_utils_get_bit_width_from_string(const char *); + int audio_extn_utils_get_sample_rate_from_string(const char *); + int audio_extn_utils_get_channels_from_string(const char *); ++#if !defined(DEV_ARBI_ENABLED) && !defined(SOUND_TRIGGER_ENABLED) && !defined(AUDIO_LISTEN_ENABLED) ++#define audio_extn_utils_release_snd_device(snd_device) (0) ++#else + void audio_extn_utils_release_snd_device(snd_device_t snd_device); ++#endif + bool audio_extn_utils_is_vendor_enhanced_fwk(); + int audio_extn_utils_get_vendor_enhanced_info(); + int audio_extn_utils_get_app_sample_rate_for_device(struct audio_device *adev, +diff --git a/hal/audio_extn/utils.c b/hal/audio_extn/utils.c +index 4675fc39c..4a5d91a97 100644 +--- a/hal/audio_extn/utils.c ++++ b/hal/audio_extn/utils.c +@@ -2917,6 +2917,7 @@ int audio_extn_utils_get_channels_from_string(const char *id_string) + return -EINVAL; + } + ++#if defined(DEV_ARBI_ENABLED) || defined(SOUND_TRIGGER_ENABLED) || defined(AUDIO_LISTEN_ENABLED) + void audio_extn_utils_release_snd_device(snd_device_t snd_device) + { + audio_extn_dev_arbi_release(snd_device); +@@ -2925,6 +2926,7 @@ void audio_extn_utils_release_snd_device(snd_device_t snd_device) + audio_extn_listen_update_device_status(snd_device, + LISTEN_EVENT_SND_DEVICE_FREE); + } ++#endif + + int audio_extn_utils_get_license_params( + const struct audio_device *adev, +-- +2.26.0 + diff --git a/Patches/LineageOS-18.1/android_hardware_qcom_audio/0001-Unused-sdm845.patch b/Patches/LineageOS-18.1/android_hardware_qcom_audio/0001-Unused-sdm845.patch new file mode 100644 index 00000000..7fa9aefc --- /dev/null +++ b/Patches/LineageOS-18.1/android_hardware_qcom_audio/0001-Unused-sdm845.patch @@ -0,0 +1,63 @@ +From 71e43ff08ed4755c032084d08721c13ef2044fbc Mon Sep 17 00:00:00 2001 +From: codeworkx +Date: Sun, 20 Jan 2019 17:48:20 +0100 +Subject: [PATCH] audio_extn: Fix unused parameter warning in utils.c + +The unused parameter warning appears if we are not building with +at least one of the following cflags enabled: + +* DEV_ARBI_ENABLED +* SOUND_TRIGGER_ENABLED +* AUDIO_LISTEN_ENABLED + + hardware/qcom/audio/hal/audio_extn/utils.c:2522:55: error: unused parameter 'snd_device' +[-Werror,-Wunused-parameter] + void audio_extn_utils_release_snd_device(snd_device_t snd_device) + ^ + +Change-Id: I694c683c9bfde60343f0f6ea8d806bc5e24437e6 +Signed-off-by: Atman +--- + hal/audio_extn/audio_extn.h | 4 ++++ + hal/audio_extn/utils.c | 2 ++ + 2 files changed, 6 insertions(+) + +diff --git a/hal/audio_extn/audio_extn.h b/hal/audio_extn/audio_extn.h +index f37c948ec..c6b2051a7 100644 +--- a/hal/audio_extn/audio_extn.h ++++ b/hal/audio_extn/audio_extn.h +@@ -815,7 +815,11 @@ bool audio_extn_utils_is_dolby_format(audio_format_t format); + int audio_extn_utils_get_bit_width_from_string(const char *); + int audio_extn_utils_get_sample_rate_from_string(const char *); + int audio_extn_utils_get_channels_from_string(const char *); ++#if !defined(DEV_ARBI_ENABLED) && !defined(SOUND_TRIGGER_ENABLED) && !defined(AUDIO_LISTEN_ENABLED) ++#define audio_extn_utils_release_snd_device(snd_device) (0) ++#else + void audio_extn_utils_release_snd_device(snd_device_t snd_device); ++#endif + bool audio_extn_utils_is_vendor_enhanced_fwk(); + int audio_extn_utils_get_vendor_enhanced_info(); + int audio_extn_utils_get_app_sample_rate_for_device(struct audio_device *adev, +diff --git a/hal/audio_extn/utils.c b/hal/audio_extn/utils.c +index 4675fc39c..4a5d91a97 100644 +--- a/hal/audio_extn/utils.c ++++ b/hal/audio_extn/utils.c +@@ -2917,6 +2917,7 @@ int audio_extn_utils_get_channels_from_string(const char *id_string) + return -EINVAL; + } + ++#if defined(DEV_ARBI_ENABLED) || defined(SOUND_TRIGGER_ENABLED) || defined(AUDIO_LISTEN_ENABLED) + void audio_extn_utils_release_snd_device(snd_device_t snd_device) + { + audio_extn_dev_arbi_release(snd_device); +@@ -2925,6 +2926,7 @@ void audio_extn_utils_release_snd_device(snd_device_t snd_device) + audio_extn_listen_update_device_status(snd_device, + LISTEN_EVENT_SND_DEVICE_FREE); + } ++#endif + + int audio_extn_utils_get_license_params( + const struct audio_device *adev, +-- +2.26.0 + diff --git a/Patches/LineageOS-18.1/android_hardware_qcom_audio/0001-Unused-sm8150.patch b/Patches/LineageOS-18.1/android_hardware_qcom_audio/0001-Unused-sm8150.patch new file mode 100644 index 00000000..234479eb --- /dev/null +++ b/Patches/LineageOS-18.1/android_hardware_qcom_audio/0001-Unused-sm8150.patch @@ -0,0 +1,58 @@ +From e8b33a3be7b1d0e7aaf041a1664dd09b65686225 Mon Sep 17 00:00:00 2001 +From: codeworkx +Date: Mon, 1 Jul 2019 06:36:30 +0000 +Subject: [PATCH] audio_extn: Fix unused parameter warning in utils.c + +The unused parameter warning appears if we are not building with +at least one of the following cflags enabled: + +* DEV_ARBI_ENABLED +* SOUND_TRIGGER_ENABLED +* AUDIO_LISTEN_ENABLED + + hardware/qcom/audio/hal/audio_extn/utils.c:2522:55: error: unused parameter 'snd_device' +[-Werror,-Wunused-parameter] + void audio_extn_utils_release_snd_device(snd_device_t snd_device) + +Change-Id: Ia2e99b063f4b3c99a4e1e1f6bc50b84252211eb0 +--- + hal/audio_extn/audio_extn.h | 4 ++++ + hal/audio_extn/utils.c | 2 ++ + 2 files changed, 6 insertions(+) + +diff --git a/hal/audio_extn/audio_extn.h b/hal/audio_extn/audio_extn.h +index b1f4dda75..3a3e38f7f 100644 +--- a/hal/audio_extn/audio_extn.h ++++ b/hal/audio_extn/audio_extn.h +@@ -804,7 +804,11 @@ bool audio_extn_utils_is_dolby_format(audio_format_t format); + int audio_extn_utils_get_bit_width_from_string(const char *); + int audio_extn_utils_get_sample_rate_from_string(const char *); + int audio_extn_utils_get_channels_from_string(const char *); ++#if !defined(DEV_ARBI_ENABLED) && !defined(SOUND_TRIGGER_ENABLED) && !defined(AUDIO_LISTEN_ENABLED) ++#define audio_extn_utils_release_snd_device(snd_device) (0) ++#else + void audio_extn_utils_release_snd_device(snd_device_t snd_device); ++#endif + bool audio_extn_utils_is_vendor_enhanced_fwk(); + int audio_extn_utils_get_vendor_enhanced_info(); + int audio_extn_utils_get_app_sample_rate_for_device(struct audio_device *adev, +diff --git a/hal/audio_extn/utils.c b/hal/audio_extn/utils.c +index 6dfb98671..0ae9c2657 100644 +--- a/hal/audio_extn/utils.c ++++ b/hal/audio_extn/utils.c +@@ -2912,6 +2912,7 @@ int audio_extn_utils_get_channels_from_string(const char *id_string) + return -EINVAL; + } + ++#if defined(DEV_ARBI_ENABLED) || defined(SOUND_TRIGGER_ENABLED) || defined(AUDIO_LISTEN_ENABLED) + void audio_extn_utils_release_snd_device(snd_device_t snd_device) + { + audio_extn_dev_arbi_release(snd_device); +@@ -2920,6 +2921,7 @@ void audio_extn_utils_release_snd_device(snd_device_t snd_device) + audio_extn_listen_update_device_status(snd_device, + LISTEN_EVENT_SND_DEVICE_FREE); + } ++#endif + + int audio_extn_utils_get_license_params( + const struct audio_device *adev, diff --git a/Patches/LineageOS-18.1/android_packages_apps_LineageParts/0001-Remove_Analytics.patch b/Patches/LineageOS-18.1/android_packages_apps_LineageParts/0001-Remove_Analytics.patch new file mode 100644 index 00000000..fbab8d14 --- /dev/null +++ b/Patches/LineageOS-18.1/android_packages_apps_LineageParts/0001-Remove_Analytics.patch @@ -0,0 +1,143 @@ +From 4071a60be869f520b396626781fefc5bdfcb544c Mon Sep 17 00:00:00 2001 +From: Tad +Date: Tue, 14 Apr 2020 17:03:26 -0400 +Subject: [PATCH] Remove analytics + +Change-Id: I7f17bfdf094e0c1a9c15b28c72936de67eec235e +--- + AndroidManifest.xml | 25 ------------------------- + proguard.flags | 1 - + res/values/config.xml | 3 --- + res/values/strings.xml | 22 ---------------------- + res/xml/parts_catalog.xml | 5 ----- + res/xml/trust_preferences.xml | 3 --- + 6 files changed, 59 deletions(-) + +diff --git a/AndroidManifest.xml b/AndroidManifest.xml +index eebaa7c..3c3c223 100644 +--- a/AndroidManifest.xml ++++ b/AndroidManifest.xml +@@ -211,31 +211,6 @@ + android:resource="@string/summary_empty" /> + + +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- + + + +- +- https://stats.lineageos.org/api/v1/stats +- + + true + +diff --git a/res/values/strings.xml b/res/values/strings.xml +index eb0d487..3afb455 100644 +--- a/res/values/strings.xml ++++ b/res/values/strings.xml +@@ -511,28 +511,6 @@ + Total commits: %2$s

+ Last update: %3$s]]> + +- +- +- LineageOS statistics +- Help make LineageOS better by opting into anonymous statistics reporting +- About +- Opting into LineageOS Statistics will allow non-personal data to be submitted to the +- developers of LineageOS to track unique installations across devices. The information submitted includes an unique identifier, +- which does not compromise your privacy or personal data. The data is submitted during each boot.\n\nFor an example of the data that is submitted, tap on Preview Data. +- Enable reporting +- Preview data +- View stats +- Learn more +- +- +- Unique ID +- Device +- Version +- Country +- Carrier +- Stats collection +- Allow installation metrics and device statistics to be collected +- + + Auto-rotate screen + Rotation settings +diff --git a/res/xml/parts_catalog.xml b/res/xml/parts_catalog.xml +index a6f5355..80d9fac 100644 +--- a/res/xml/parts_catalog.xml ++++ b/res/xml/parts_catalog.xml +@@ -70,11 +70,6 @@ + android:fragment="org.lineageos.lineageparts.statusbar.StatusBarSettings" + lineage:xmlRes="@xml/status_bar_settings" /> + +- +- + + +- +- + +Date: Mon, 22 Mar 2021 21:07:09 -0400 +Subject: [PATCH] Add permission to allow an APK to fake a signature. + +Change-Id: Iffcffde30416bd897d8afe0b4f72538a586ccab9 +--- + .../android/permissioncontroller/permission/utils/Utils.java | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/src/com/android/permissioncontroller/permission/utils/Utils.java b/src/com/android/permissioncontroller/permission/utils/Utils.java +index 65fdd590a..fdd71e215 100644 +--- a/src/com/android/permissioncontroller/permission/utils/Utils.java ++++ b/src/com/android/permissioncontroller/permission/utils/Utils.java +@@ -23,6 +23,7 @@ import static android.Manifest.permission_group.CALENDAR; + import static android.Manifest.permission_group.CALL_LOG; + import static android.Manifest.permission_group.CAMERA; + import static android.Manifest.permission_group.CONTACTS; ++import static android.Manifest.permission_group.FAKE_PACKAGE; + import static android.Manifest.permission_group.LOCATION; + import static android.Manifest.permission_group.MICROPHONE; + import static android.Manifest.permission_group.PHONE; +@@ -209,6 +210,8 @@ public final class Utils { + + PLATFORM_PERMISSIONS.put(Manifest.permission.BODY_SENSORS, SENSORS); + ++ PLATFORM_PERMISSIONS.put(Manifest.permission.FAKE_PACKAGE_SIGNATURE, FAKE_PACKAGE); ++ + PLATFORM_PERMISSION_GROUPS = new ArrayMap<>(); + int numPlatformPermissions = PLATFORM_PERMISSIONS.size(); + for (int i = 0; i < numPlatformPermissions; i++) { +-- +2.30.2 + diff --git a/Patches/LineageOS-18.1/android_packages_apps_SetupWizard/0001-Remove_Analytics.patch b/Patches/LineageOS-18.1/android_packages_apps_SetupWizard/0001-Remove_Analytics.patch new file mode 100644 index 00000000..69103345 --- /dev/null +++ b/Patches/LineageOS-18.1/android_packages_apps_SetupWizard/0001-Remove_Analytics.patch @@ -0,0 +1,186 @@ +From 1326644f0e695266010461ba80543eba403c64e5 Mon Sep 17 00:00:00 2001 +From: Tad +Date: Wed, 28 Feb 2018 08:12:03 -0500 +Subject: [PATCH] Remove analytics + +Change-Id: I189e9362c828569512e819cf655b03bfa3436830 +--- + res/layout/setup_lineage_settings.xml | 36 ------------------- + .../lineageos/setupwizard/FinishActivity.java | 12 ------- + .../setupwizard/LineageSettingsActivity.java | 31 ---------------- + .../lineageos/setupwizard/SetupWizardApp.java | 1 - + 4 files changed, 80 deletions(-) + +diff --git a/res/layout/setup_lineage_settings.xml b/res/layout/setup_lineage_settings.xml +index b75af3c..15c2755 100644 +--- a/res/layout/setup_lineage_settings.xml ++++ b/res/layout/setup_lineage_settings.xml +@@ -51,42 +51,6 @@ + android:text="@string/services_explanation" + android:clickable="true"/> + +- +- +- +- +- +- +- +- +- +- + + { +- boolean checked = !mMetrics.isChecked(); +- mMetrics.setChecked(checked); +- mSetupWizardApp.getSettingsBundle().putBoolean(KEY_SEND_METRICS, checked); +- }; +- + private View.OnClickListener mNavKeysClickListener = view -> { + boolean checked = !mNavKeys.isChecked(); + mNavKeys.setChecked(checked); +@@ -101,19 +93,6 @@ public class LineageSettingsActivity extends BaseSetupWizardActivity { + privacyPolicy.setMovementMethod(LinkMovementMethod.getInstance()); + privacyPolicy.setText(ss); + +- View metricsRow = findViewById(R.id.metrics); +- metricsRow.setOnClickListener(mMetricsClickListener); +- String metricsHelpImproveLineage = +- getString(R.string.services_help_improve_cm, getString(R.string.os_name)); +- String metricsSummary = getString(R.string.services_metrics_label, +- metricsHelpImproveLineage, getString(R.string.os_name)); +- final SpannableStringBuilder metricsSpan = new SpannableStringBuilder(metricsSummary); +- metricsSpan.setSpan(new android.text.style.StyleSpan(android.graphics.Typeface.BOLD), +- 0, metricsHelpImproveLineage.length(), Spannable.SPAN_EXCLUSIVE_EXCLUSIVE); +- TextView metrics = (TextView) findViewById(R.id.enable_metrics_summary); +- metrics.setText(metricsSpan); +- mMetrics = (CheckBox) findViewById(R.id.enable_metrics_checkbox); +- + View navKeysRow = findViewById(R.id.nav_keys); + navKeysRow.setOnClickListener(mNavKeysClickListener); + mNavKeys = (CheckBox) findViewById(R.id.nav_keys_checkbox); +@@ -130,7 +109,6 @@ public class LineageSettingsActivity extends BaseSetupWizardActivity { + public void onResume() { + super.onResume(); + updateDisableNavkeysOption(); +- updateMetricsOption(); + } + + @Override +@@ -154,15 +132,6 @@ public class LineageSettingsActivity extends BaseSetupWizardActivity { + return R.drawable.ic_features; + } + +- private void updateMetricsOption() { +- final Bundle myPageBundle = mSetupWizardApp.getSettingsBundle(); +- boolean metricsChecked = +- !myPageBundle.containsKey(KEY_SEND_METRICS) || myPageBundle +- .getBoolean(KEY_SEND_METRICS); +- mMetrics.setChecked(metricsChecked); +- myPageBundle.putBoolean(KEY_SEND_METRICS, metricsChecked); +- } +- + private void updateDisableNavkeysOption() { + if (mSupportsKeyDisabler) { + final Bundle myPageBundle = mSetupWizardApp.getSettingsBundle(); +diff --git a/src/org/lineageos/setupwizard/SetupWizardApp.java b/src/org/lineageos/setupwizard/SetupWizardApp.java +index 88581cf..757e0b1 100644 +--- a/src/org/lineageos/setupwizard/SetupWizardApp.java ++++ b/src/org/lineageos/setupwizard/SetupWizardApp.java +@@ -63,7 +63,6 @@ public class SetupWizardApp extends Application { + public static final String EXTRA_IS_SETUP_FLOW = "isSetupFlow"; + + public static final String KEY_DETECT_CAPTIVE_PORTAL = "captive_portal_detection_enabled"; +- public static final String KEY_SEND_METRICS = "send_metrics"; + public static final String DISABLE_NAV_KEYS = "disable_nav_keys"; + public static final String ENABLE_RECOVERY_UPDATE = "enable_recovery_update"; + public static final String UPDATE_RECOVERY_PROP = "persist.vendor.recovery_update"; +-- +2.30.2 + diff --git a/Patches/LineageOS-18.1/android_packages_apps_Updater/0001-Server.patch b/Patches/LineageOS-18.1/android_packages_apps_Updater/0001-Server.patch new file mode 100644 index 00000000..94d4def5 --- /dev/null +++ b/Patches/LineageOS-18.1/android_packages_apps_Updater/0001-Server.patch @@ -0,0 +1,36 @@ +From 3ef68d192b4c53db09111ee16246199757c4066b Mon Sep 17 00:00:00 2001 +From: Tad +Date: Thu, 20 Sep 2018 16:43:46 -0400 +Subject: [PATCH] Switch to our update server + +Change-Id: I26dc2942736cf0cfe4e7b92ddfdd04b9d74dbae5 +--- + src/org/lineageos/updater/misc/Utils.java | 11 ++--------- + 1 file changed, 2 insertions(+), 9 deletions(-) + +diff --git a/src/org/lineageos/updater/misc/Utils.java b/src/org/lineageos/updater/misc/Utils.java +index caf80c9..048d865 100644 +--- a/src/org/lineageos/updater/misc/Utils.java ++++ b/src/org/lineageos/updater/misc/Utils.java +@@ -154,16 +154,9 @@ public class Utils { + String incrementalVersion = SystemProperties.get(Constants.PROP_BUILD_VERSION_INCREMENTAL); + String device = SystemProperties.get(Constants.PROP_NEXT_DEVICE, + SystemProperties.get(Constants.PROP_DEVICE)); +- String type = SystemProperties.get(Constants.PROP_RELEASE_TYPE).toLowerCase(Locale.ROOT); ++ String server = "0OTA_SERVER_CLEARNET0"; + +- String serverUrl = SystemProperties.get(Constants.PROP_UPDATER_URI); +- if (serverUrl.trim().isEmpty()) { +- serverUrl = context.getString(R.string.updater_server_url); +- } +- +- return serverUrl.replace("{device}", device) +- .replace("{type}", type) +- .replace("{incr}", incrementalVersion); ++ return server + "?base=LineageOS&device=" + device + "&inc=" + incrementalVersion; + } + + public static String getUpgradeBlockedURL(Context context) { +-- +2.26.0 + diff --git a/Patches/LineageOS-18.1/android_packages_apps_Updater/0002-Tor_Support.patch b/Patches/LineageOS-18.1/android_packages_apps_Updater/0002-Tor_Support.patch new file mode 100644 index 00000000..1e9443cb --- /dev/null +++ b/Patches/LineageOS-18.1/android_packages_apps_Updater/0002-Tor_Support.patch @@ -0,0 +1,384 @@ +From 14bd0c11762e842c876c7c22c2f82ee1002e7186 Mon Sep 17 00:00:00 2001 +From: Tad +Date: Thu, 20 Sep 2018 21:44:53 -0400 +Subject: [PATCH] Add support for routing over Tor + +Change-Id: Ibfe080c3d801af34fb64fda1b6b8f4f39a2b1ccf +--- + res/layout/preferences_dialog.xml | 8 +++ + res/values/strings.xml | 2 + + .../lineageos/updater/UpdatesActivity.java | 12 ++++ + .../updater/UpdatesCheckReceiver.java | 4 ++ + .../updater/controller/UpdaterController.java | 8 +++ + .../updater/download/DownloadClient.java | 8 ++- + .../download/HttpURLConnectionClient.java | 27 ++++++-- + src/org/lineageos/updater/misc/Constants.java | 1 + + src/org/lineageos/updater/misc/Utils.java | 65 +++++++++++++++++++ + 9 files changed, 130 insertions(+), 5 deletions(-) + +diff --git a/res/layout/preferences_dialog.xml b/res/layout/preferences_dialog.xml +index e30c117..f5f3170 100644 +--- a/res/layout/preferences_dialog.xml ++++ b/res/layout/preferences_dialog.xml +@@ -29,6 +29,14 @@ + android:entries="@array/menu_auto_updates_check_interval_entries" /> + + ++ ++ + Once a week + Once a month + Never ++ Perform requests over Tor + Delete updates when installed + Delete + Copy URL +@@ -85,6 +86,7 @@ + The download failed. Please check your internet connection and try again later. + The update verification failed. + Download completed. ++ Orbot is not installed, disabling Tor routing! + + This update can\'t be installed on top of the current build. + +diff --git a/src/org/lineageos/updater/UpdatesActivity.java b/src/org/lineageos/updater/UpdatesActivity.java +index ad001c8..4bebc17 100644 +--- a/src/org/lineageos/updater/UpdatesActivity.java ++++ b/src/org/lineageos/updater/UpdatesActivity.java +@@ -343,10 +343,14 @@ public class UpdatesActivity extends UpdatesListActivity { + + final DownloadClient downloadClient; + try { ++ if(Utils.isOnionRoutingEnabled(getApplicationContext())) { ++ Utils.requestStartOrbot(getApplicationContext()); ++ } + downloadClient = new DownloadClient.Builder() + .setUrl(url) + .setDestination(jsonFileTmp) + .setDownloadCallback(callback) ++ .setUseOnionRouting(Utils.isOnionRoutingEnabled(getApplicationContext())) + .build(); + } catch (IOException exception) { + Log.e(TAG, "Could not build download client"); +@@ -411,6 +415,7 @@ public class UpdatesActivity extends UpdatesListActivity { + View view = LayoutInflater.from(this).inflate(R.layout.preferences_dialog, null); + Spinner autoCheckInterval = + view.findViewById(R.id.preferences_auto_updates_check_interval); ++ Switch onionRouting = view.findViewById(R.id.preferences_onion_routing); + Switch autoDelete = view.findViewById(R.id.preferences_auto_delete_updates); + Switch dataWarning = view.findViewById(R.id.preferences_mobile_data_warning); + Switch abPerfMode = view.findViewById(R.id.preferences_ab_perf_mode); +@@ -421,6 +426,7 @@ public class UpdatesActivity extends UpdatesListActivity { + + SharedPreferences prefs = PreferenceManager.getDefaultSharedPreferences(this); + autoCheckInterval.setSelection(Utils.getUpdateCheckSetting(this)); ++ onionRouting.setChecked(prefs.getBoolean(Constants.PREF_ONION_ROUTING, false)); + autoDelete.setChecked(prefs.getBoolean(Constants.PREF_AUTO_DELETE_UPDATES, false)); + dataWarning.setChecked(prefs.getBoolean(Constants.PREF_MOBILE_DATA_WARNING, true)); + abPerfMode.setChecked(prefs.getBoolean(Constants.PREF_AB_PERF_MODE, false)); +@@ -432,6 +438,8 @@ public class UpdatesActivity extends UpdatesListActivity { + prefs.edit() + .putInt(Constants.PREF_AUTO_UPDATES_CHECK_INTERVAL, + autoCheckInterval.getSelectedItemPosition()) ++ .putBoolean(Constants.PREF_ONION_ROUTING, ++ onionRouting.isChecked() && Utils.isOrbotInstalled(getApplicationContext())) + .putBoolean(Constants.PREF_AUTO_DELETE_UPDATES, + autoDelete.isChecked()) + .putBoolean(Constants.PREF_MOBILE_DATA_WARNING, +@@ -447,6 +455,10 @@ public class UpdatesActivity extends UpdatesListActivity { + UpdatesCheckReceiver.cancelUpdatesCheck(this); + } + ++ if(onionRouting.isChecked() && !Utils.isOrbotInstalled(getApplicationContext())) { ++ showSnackbar(R.string.snack_orbot_not_available, Snackbar.LENGTH_LONG); ++ } ++ + if (Utils.isABDevice()) { + boolean enableABPerfMode = abPerfMode.isChecked(); + mUpdaterService.getUpdaterController().setPerformanceMode(enableABPerfMode); +diff --git a/src/org/lineageos/updater/UpdatesCheckReceiver.java b/src/org/lineageos/updater/UpdatesCheckReceiver.java +index 288cd1a..5769a21 100644 +--- a/src/org/lineageos/updater/UpdatesCheckReceiver.java ++++ b/src/org/lineageos/updater/UpdatesCheckReceiver.java +@@ -110,10 +110,14 @@ public class UpdatesCheckReceiver extends BroadcastReceiver { + }; + + try { ++ if(Utils.isOnionRoutingEnabled(context)) { ++ Utils.requestStartOrbot(context); ++ } + DownloadClient downloadClient = new DownloadClient.Builder() + .setUrl(url) + .setDestination(jsonNew) + .setDownloadCallback(callback) ++ .setUseOnionRouting(Utils.isOnionRoutingEnabled(context)) + .build(); + downloadClient.start(); + } catch (IOException e) { +diff --git a/src/org/lineageos/updater/controller/UpdaterController.java b/src/org/lineageos/updater/controller/UpdaterController.java +index 62f8ca7..07f9a61 100644 +--- a/src/org/lineageos/updater/controller/UpdaterController.java ++++ b/src/org/lineageos/updater/controller/UpdaterController.java +@@ -358,12 +358,16 @@ public class UpdaterController { + update.setFile(destination); + DownloadClient downloadClient; + try { ++ if(Utils.isOnionRoutingEnabled(mContext)) { ++ Utils.requestStartOrbot(mContext); ++ } + downloadClient = new DownloadClient.Builder() + .setUrl(update.getDownloadUrl()) + .setDestination(update.getFile()) + .setDownloadCallback(getDownloadCallback(downloadId)) + .setProgressListener(getProgressListener(downloadId)) + .setUseDuplicateLinks(true) ++ .setUseOnionRouting(Utils.isOnionRoutingEnabled(mContext)) + .build(); + } catch (IOException exception) { + Log.e(TAG, "Could not build download client"); +@@ -398,6 +402,9 @@ public class UpdaterController { + verifyUpdateAsync(downloadId); + notifyUpdateChange(downloadId); + } else { ++ if(Utils.isOnionRoutingEnabled(mContext)) { ++ Utils.requestStartOrbot(mContext); ++ } + DownloadClient downloadClient; + try { + downloadClient = new DownloadClient.Builder() +@@ -406,6 +413,7 @@ public class UpdaterController { + .setDownloadCallback(getDownloadCallback(downloadId)) + .setProgressListener(getProgressListener(downloadId)) + .setUseDuplicateLinks(true) ++ .setUseOnionRouting(Utils.isOnionRoutingEnabled(mContext)) + .build(); + } catch (IOException exception) { + Log.e(TAG, "Could not build download client"); +diff --git a/src/org/lineageos/updater/download/DownloadClient.java b/src/org/lineageos/updater/download/DownloadClient.java +index 6a2a490..374e017 100644 +--- a/src/org/lineageos/updater/download/DownloadClient.java ++++ b/src/org/lineageos/updater/download/DownloadClient.java +@@ -64,6 +64,7 @@ public interface DownloadClient { + private DownloadClient.DownloadCallback mCallback; + private DownloadClient.ProgressListener mProgressListener; + private boolean mUseDuplicateLinks; ++ private boolean mOnionRouting; + + public DownloadClient build() throws IOException { + if (mUrl == null) { +@@ -74,7 +75,7 @@ public interface DownloadClient { + throw new IllegalStateException("No download callback defined"); + } + return new HttpURLConnectionClient(mUrl, mDestination, mProgressListener, mCallback, +- mUseDuplicateLinks); ++ mUseDuplicateLinks, mOnionRouting); + } + + public Builder setUrl(String url) { +@@ -101,5 +102,10 @@ public interface DownloadClient { + mUseDuplicateLinks = useDuplicateLinks; + return this; + } ++ ++ public Builder setUseOnionRouting(boolean onionRouting) { ++ mOnionRouting = onionRouting; ++ return this; ++ } + } + } +diff --git a/src/org/lineageos/updater/download/HttpURLConnectionClient.java b/src/org/lineageos/updater/download/HttpURLConnectionClient.java +index 2b7c80e..caeaf66 100644 +--- a/src/org/lineageos/updater/download/HttpURLConnectionClient.java ++++ b/src/org/lineageos/updater/download/HttpURLConnectionClient.java +@@ -18,12 +18,16 @@ package org.lineageos.updater.download; + import android.os.SystemClock; + import android.util.Log; + ++import org.lineageos.updater.misc.Utils; ++ + import java.io.File; + import java.io.FileOutputStream; + import java.io.IOException; + import java.io.InputStream; + import java.io.OutputStream; + import java.net.HttpURLConnection; ++import java.net.InetSocketAddress; ++import java.net.Proxy; + import java.net.URL; + import java.util.Comparator; + import java.util.List; +@@ -42,6 +46,7 @@ public class HttpURLConnectionClient implements DownloadClient { + private final DownloadClient.ProgressListener mProgressListener; + private final DownloadClient.DownloadCallback mCallback; + private final boolean mUseDuplicateLinks; ++ private final boolean mUseOnionRouting; + + private DownloadThread mDownloadThread; + +@@ -60,8 +65,14 @@ public class HttpURLConnectionClient implements DownloadClient { + HttpURLConnectionClient(String url, File destination, + DownloadClient.ProgressListener progressListener, + DownloadClient.DownloadCallback callback, +- boolean useDuplicateLinks) throws IOException { +- mClient = (HttpURLConnection) new URL(url).openConnection(); ++ boolean useDuplicateLinks, boolean useOnionRouting) throws IOException { ++ mUseOnionRouting = useOnionRouting; ++ if(mUseOnionRouting) { ++ Proxy orbot = new Proxy(Proxy.Type.SOCKS, new InetSocketAddress("127.0.0.1", 9050)); ++ mClient = (HttpURLConnection) new URL(url).openConnection(orbot); ++ } else { ++ mClient = (HttpURLConnection) new URL(url).openConnection(); ++ } + mDestination = destination; + mProgressListener = progressListener; + mCallback = callback; +@@ -169,7 +180,12 @@ public class HttpURLConnectionClient implements DownloadClient { + private void changeClientUrl(URL newUrl) throws IOException { + String range = mClient.getRequestProperty("Range"); + mClient.disconnect(); +- mClient = (HttpURLConnection) newUrl.openConnection(); ++ if(mUseOnionRouting) { ++ Proxy orbot = new Proxy(Proxy.Type.SOCKS, new InetSocketAddress("127.0.0.1", 9050)); ++ mClient = (HttpURLConnection) newUrl.openConnection(orbot); ++ } else { ++ mClient = (HttpURLConnection) newUrl.openConnection(); ++ } + if (range != null) { + mClient.setRequestProperty("Range", range); + } +@@ -224,7 +240,7 @@ public class HttpURLConnectionClient implements DownloadClient { + } + Log.d(TAG, "Downloading from " + newUrl); + changeClientUrl(url); +- mClient.setConnectTimeout(5000); ++ mClient.setConnectTimeout(mUseOnionRouting ? 45000 : 5000); + mClient.connect(); + if (!isSuccessCode(mClient.getResponseCode())) { + throw new IOException("Server replied with " + mClient.getResponseCode()); +@@ -246,6 +262,9 @@ public class HttpURLConnectionClient implements DownloadClient { + @Override + public void run() { + try { ++ if(mUseOnionRouting) { ++ Utils.waitUntilOrbotIsAvailable(); ++ } + mClient.setInstanceFollowRedirects(!mUseDuplicateLinks); + mClient.connect(); + int responseCode = mClient.getResponseCode(); +diff --git a/src/org/lineageos/updater/misc/Constants.java b/src/org/lineageos/updater/misc/Constants.java +index 81e7c1a..46d8666 100644 +--- a/src/org/lineageos/updater/misc/Constants.java ++++ b/src/org/lineageos/updater/misc/Constants.java +@@ -30,6 +30,7 @@ public final class Constants { + + public static final String PREF_LAST_UPDATE_CHECK = "last_update_check"; + public static final String PREF_AUTO_UPDATES_CHECK_INTERVAL = "auto_updates_check_interval"; ++ public static final String PREF_ONION_ROUTING = "onion_routing"; + public static final String PREF_AUTO_DELETE_UPDATES = "auto_delete_updates"; + public static final String PREF_AB_PERF_MODE = "ab_perf_mode"; + public static final String PREF_MOBILE_DATA_WARNING = "pref_mobile_data_warning"; +diff --git a/src/org/lineageos/updater/misc/Utils.java b/src/org/lineageos/updater/misc/Utils.java +index 048d865..d1b5a74 100644 +--- a/src/org/lineageos/updater/misc/Utils.java ++++ b/src/org/lineageos/updater/misc/Utils.java +@@ -45,6 +45,7 @@ import java.io.BufferedReader; + import java.io.File; + import java.io.FileReader; + import java.io.IOException; ++import java.net.Socket; + import java.util.ArrayList; + import java.util.Enumeration; + import java.util.HashSet; +@@ -150,11 +151,75 @@ public class Utils { + return updates; + } + ++ //Credit: https://stackoverflow.com/a/6758962 ++ public static boolean isPackageInstalled(Context context, String packageID) { ++ PackageManager pm = context.getPackageManager(); ++ try { ++ pm.getPackageInfo(packageID, PackageManager.GET_META_DATA); ++ } catch(PackageManager.NameNotFoundException e) { ++ return false; ++ } ++ return true; ++ } ++ ++ public static boolean isOrbotInstalled(Context context) { ++ return isPackageInstalled(context, "org.torproject.android"); ++ } ++ ++ public static boolean isOnionRoutingEnabled(Context context) { ++ SharedPreferences preferences = PreferenceManager.getDefaultSharedPreferences(context); ++ return preferences.getBoolean(Constants.PREF_ONION_ROUTING, false); ++ } ++ ++ //Credit: OrbotHelper/NetCipher ++ public static void requestStartOrbot(Context context) { ++ Intent intent = new Intent("org.torproject.android.intent.action.START"); ++ intent.setPackage("org.torproject.android"); ++ intent.putExtra("org.torproject.android.intent.extra.PACKAGE_NAME", context.getPackageName()); ++ context.sendBroadcast(intent); ++ } ++ ++ //Credit: https://www.geekality.net/2013/04/30/java-simple-check-to-see-if-a-server-is-listening-on-a-port/ ++ public static boolean isPortListening(String host, int port) { ++ Socket s = null; ++ try { ++ s = new Socket(host, port); ++ return true; ++ } catch(Exception e) { ++ return false; ++ } finally { ++ if (s != null) { ++ try { ++ s.close(); ++ } catch(Exception e1) { ++ } ++ } ++ } ++ } ++ ++ public static boolean waitUntilOrbotIsAvailable() { ++ int tries = 0; ++ boolean listening; ++ while(!(listening = isPortListening("127.0.0.1", 9050)) && tries <= 60) { ++ tries++; ++ try { ++ Thread.sleep(1000); ++ } catch(Exception e) { ++ ++ } ++ } ++ return listening; ++ } ++ + public static String getServerURL(Context context) { + String incrementalVersion = SystemProperties.get(Constants.PROP_BUILD_VERSION_INCREMENTAL); + String device = SystemProperties.get(Constants.PROP_NEXT_DEVICE, + SystemProperties.get(Constants.PROP_DEVICE)); + String server = "0OTA_SERVER_CLEARNET0"; ++ String serverOnion = "0OTA_SERVER_ONION0"; ++ if(serverOnion.toLowerCase().startsWith("http") && isOnionRoutingEnabled(context)) { ++ server = serverOnion; ++ } + + return server + "?base=LineageOS&device=" + device + "&inc=" + incrementalVersion; + } +-- +2.26.0 + diff --git a/Patches/LineageOS-18.1/android_system_core/0001-Harden.patch b/Patches/LineageOS-18.1/android_system_core/0001-Harden.patch new file mode 100644 index 00000000..15db706d --- /dev/null +++ b/Patches/LineageOS-18.1/android_system_core/0001-Harden.patch @@ -0,0 +1,61 @@ +From 65e3c9d1b1771faeb103ad0af8be6b960586e4c6 Mon Sep 17 00:00:00 2001 +From: Daniel Micay +Date: Mon, 12 Feb 2018 03:29:58 -0500 +Subject: [PATCH] Harden + +Change-Id: Idd2da6d9989ec554ce5b0841781d323fdcd9eb87 +--- + init/first_stage_init.cpp | 6 +++--- + rootdir/init.rc | 11 +++++++++++ + 2 files changed, 14 insertions(+), 3 deletions(-) + +diff --git a/init/first_stage_init.cpp b/init/first_stage_init.cpp +index 021557697..ff16ff344 100644 +--- a/init/first_stage_init.cpp ++++ b/init/first_stage_init.cpp +@@ -192,9 +192,9 @@ int FirstStageMain(int argc, char** argv) { + CHECKCALL(mount("tmpfs", "/dev", "tmpfs", MS_NOSUID, "mode=0755")); + CHECKCALL(mkdir("/dev/pts", 0755)); + CHECKCALL(mkdir("/dev/socket", 0755)); +- CHECKCALL(mount("devpts", "/dev/pts", "devpts", 0, NULL)); ++ CHECKCALL(mount("devpts", "/dev/pts", "devpts", MS_NOSUID|MS_NOEXEC, NULL)); + #define MAKE_STR(x) __STRING(x) +- CHECKCALL(mount("proc", "/proc", "proc", 0, "hidepid=2,gid=" MAKE_STR(AID_READPROC))); ++ CHECKCALL(mount("proc", "/proc", "proc", MS_NOSUID|MS_NODEV|MS_NOEXEC, "hidepid=2,gid=" MAKE_STR(AID_READPROC))); + #undef MAKE_STR + // Don't expose the raw commandline to unprivileged processes. + CHECKCALL(chmod("/proc/cmdline", 0440)); +@@ -202,7 +202,7 @@ int FirstStageMain(int argc, char** argv) { + android::base::ReadFileToString("/proc/cmdline", &cmdline); + gid_t groups[] = {AID_READPROC}; + CHECKCALL(setgroups(arraysize(groups), groups)); +- CHECKCALL(mount("sysfs", "/sys", "sysfs", 0, NULL)); ++ CHECKCALL(mount("sysfs", "/sys", "sysfs", MS_NOSUID|MS_NODEV|MS_NOEXEC, NULL)); + CHECKCALL(mount("selinuxfs", "/sys/fs/selinux", "selinuxfs", 0, NULL)); + + CHECKCALL(mknod("/dev/kmsg", S_IFCHR | 0600, makedev(1, 11))); +diff --git a/rootdir/init.rc b/rootdir/init.rc +index a9af0b094..f19b7484d 100644 +--- a/rootdir/init.rc ++++ b/rootdir/init.rc +@@ -237,6 +237,17 @@ on init + write /proc/sys/kernel/sched_wakeup_granularity_ns 2000000 + write /proc/sys/kernel/sched_child_runs_first 0 + ++ write /proc/sys/kernel/dmesg_restrict 1 ++ write /proc/sys/fs/protected_hardlinks 1 ++ write /proc/sys/fs/protected_symlinks 1 ++ write /proc/sys/fs/protected_fifos 1 ++ write /proc/sys/fs/protected_regular 1 ++ write /proc/sys/net/ipv6/conf/all/use_tempaddr 2 ++ write /proc/sys/net/ipv6/conf/all/max_addresses 128 ++ write /proc/sys/net/ipv6/conf/all/temp_prefered_lft 21600 ++ write /proc/sys/net/ipv6/conf/default/use_tempaddr 2 ++ write /proc/sys/net/ipv6/conf/default/max_addresses 128 ++ write /proc/sys/net/ipv6/conf/default/temp_prefered_lft 21600 + write /proc/sys/kernel/randomize_va_space 2 + write /proc/sys/vm/mmap_min_addr 32768 + write /proc/sys/net/ipv4/ping_group_range "0 2147483647" +-- +2.30.2 + diff --git a/Patches/LineageOS-18.1/android_system_extras/0001-ext4_pad_filenames.patch b/Patches/LineageOS-18.1/android_system_extras/0001-ext4_pad_filenames.patch new file mode 100644 index 00000000..68996225 --- /dev/null +++ b/Patches/LineageOS-18.1/android_system_extras/0001-ext4_pad_filenames.patch @@ -0,0 +1,35 @@ +From da1020cc2923c0a61a3dd55109aa342bd2097c1b Mon Sep 17 00:00:00 2001 +From: Daniel Micay +Date: Wed, 9 Sep 2020 01:53:11 -0400 +Subject: [PATCH] pad filenames to 32 bytes instead of 16 or 4 bytes + +This was adopted before the earliest stable release of GrapheneOS, so +backwards compatibility is not implemented anymore. +--- + libfscrypt/fscrypt.cpp | 13 ++----------- + 1 file changed, 2 insertions(+), 11 deletions(-) + +diff --git a/libfscrypt/fscrypt.cpp b/libfscrypt/fscrypt.cpp +index a52ed90c..7852349f 100644 +--- a/libfscrypt/fscrypt.cpp ++++ b/libfscrypt/fscrypt.cpp +@@ -228,17 +228,8 @@ bool ParseOptionsForApiLevel(unsigned int first_api_level, const std::string& op + } + } + +- // In the original setting of v1 policies and AES-256-CTS we used 4-byte +- // padding of filenames, so retain that on old first_api_levels. +- // +- // For everything else, use 16-byte padding. This is more secure (it helps +- // hide the length of filenames), and it makes the inputs evenly divisible +- // into cipher blocks which is more efficient for encryption and decryption. +- if (!is_gki && options->version == 1 && options->filenames_mode == FSCRYPT_MODE_AES_256_CTS) { +- options->flags |= FSCRYPT_POLICY_FLAGS_PAD_4; +- } else { +- options->flags |= FSCRYPT_POLICY_FLAGS_PAD_16; +- } ++ // GrapheneOS has always used the maximum 32 byte padding. ++ options->flags |= FSCRYPT_POLICY_FLAGS_PAD_32; + + // Use DIRECT_KEY for Adiantum, since it's much more efficient but just as + // secure since Android doesn't reuse the same master key for multiple diff --git a/Patches/LineageOS-18.1/android_system_sepolicy/0001-LGE_Fixes.patch b/Patches/LineageOS-18.1/android_system_sepolicy/0001-LGE_Fixes.patch new file mode 100644 index 00000000..09d44df2 --- /dev/null +++ b/Patches/LineageOS-18.1/android_system_sepolicy/0001-LGE_Fixes.patch @@ -0,0 +1,35 @@ +From acf37ef4f2f187641d1f0a8bd5a313ee46135ef9 Mon Sep 17 00:00:00 2001 +From: Tad +Date: Tue, 14 Apr 2020 17:16:42 -0400 +Subject: [PATCH] Fix -user builds for many LGE devices + +Change-Id: I7d7e366f51d376ccba01fda9a2d5276c20cf77f4 +--- + public/domain.te | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/public/domain.te b/public/domain.te +index 6f3a19cd..87ca0e6c 100644 +--- a/public/domain.te ++++ b/public/domain.te +@@ -597,6 +597,9 @@ neverallow { + -update_engine + } system_block_device:blk_file { write append }; + ++# Select devices have policies prevented by the following neverallow ++attribute misc_block_device_exception; ++ + # No domains other than a select few can access the misc_block_device. This + # block device is reserved for OTA use. + # Do not assert this rule on userdebug/eng builds, due to some devices using +@@ -614,6 +617,7 @@ neverallow { + -vold + -recovery + -ueventd ++ -misc_block_device_exception + } misc_block_device:blk_file { append link relabelfrom rename write open read ioctl lock }; + + # Only (hw|vnd|)servicemanager should be able to register with binder as the context manager +-- +2.26.0 + diff --git a/Scripts/Common/Copy_Keys.sh b/Scripts/Common/Copy_Keys.sh index 8484f7bd..a80b3128 100644 --- a/Scripts/Common/Copy_Keys.sh +++ b/Scripts/Common/Copy_Keys.sh @@ -38,7 +38,8 @@ cat "$DOS_SIGNING_KEYS/mata/verity.x509.pem" >> "kernel/essential/msm8998/certs/ cat "$DOS_SIGNING_KEYS/pro1/verity.x509.pem" >> "kernel/fxtec/msm8998/certs/verity.x509.pem"; cat "$DOS_SIGNING_KEYS/sargo/verity.x509.pem" >> "kernel/google/bonito/certs/verity.x509.pem"; cat "$DOS_SIGNING_KEYS/sargo/verity.x509.pem" >> "kernel/google/msm-4.9/certs/verity.x509.pem"; -cat "$DOS_SIGNING_KEYS/starlte/verity.x509.pem" >> "kernel/samsung/universal9810/certs/verity.x509.pem"; +#cat "$DOS_SIGNING_KEYS/starlte/verity.x509.pem" >> "kernel/samsung/universal9810/certs/verity.x509.pem"; +#cat "$DOS_SIGNING_KEYS/star2lte/verity.x509.pem" >> "kernel/samsung/universal9810/certs/verity.x509.pem"; cat "$DOS_SIGNING_KEYS/taimen/verity.x509.pem" >> "kernel/google/wahoo/certs/verity.x509.pem"; cat "$DOS_SIGNING_KEYS/walleye/verity.x509.pem" >> "kernel/google/wahoo/certs/verity.x509.pem"; cat "$DOS_SIGNING_KEYS/z2_plus/verity.x509.pem" >> "kernel/zuk/msm8996/certs/verity.x509.pem"; @@ -68,7 +69,8 @@ cp -v "$DOS_SIGNING_KEYS/pro1/verifiedboot_relkeys.der.x509" "kernel/fxtec/msm89 cp -v "$DOS_SIGNING_KEYS/sailfish/verifiedboot_relkeys.der.x509" "kernel/google/marlin/verifiedboot_sailfish_dos_relkeys.der.x509"; cp -v "$DOS_SIGNING_KEYS/sargo/verifiedboot_relkeys.der.x509" "kernel/google/bonito/verifiedboot_sargo_dos_relkeys.der.x509"; cp -v "$DOS_SIGNING_KEYS/sargo/verifiedboot_relkeys.der.x509" "kernel/google/msm-4.9/verifiedboot_sargo_dos_relkeys.der.x509"; -cp -v "$DOS_SIGNING_KEYS/starlte/verifiedboot_relkeys.der.x509" "kernel/samsung/universal9810/verifiedboot_starlte_dos_relkeys.der.x509"; +#cp -v "$DOS_SIGNING_KEYS/starlte/verifiedboot_relkeys.der.x509" "kernel/samsung/universal9810/verifiedboot_starlte_dos_relkeys.der.x509"; +#cp -v "$DOS_SIGNING_KEYS/star2lte/verifiedboot_relkeys.der.x509" "kernel/samsung/universal9810/verifiedboot_star2lte_dos_relkeys.der.x509"; cp -v "$DOS_SIGNING_KEYS/taimen/verifiedboot_relkeys.der.x509" "kernel/google/wahoo/verifiedboot_taimen_dos_relkeys.der.x509"; cp -v "$DOS_SIGNING_KEYS/walleye/verifiedboot_relkeys.der.x509" "kernel/google/wahoo/verifiedboot_walleye_dos_relkeys.der.x509"; cp -v "$DOS_SIGNING_KEYS/z2_plus/verifiedboot_relkeys.der.x509" "kernel/zuk/msm8996/verifiedboot_z2_plus_dos_relkeys.der.x509"; diff --git a/Scripts/Common/Functions.sh b/Scripts/Common/Functions.sh index 7cf54c6d..61265e00 100644 --- a/Scripts/Common/Functions.sh +++ b/Scripts/Common/Functions.sh @@ -154,6 +154,12 @@ processRelease() { local ARCHIVE="$DOS_BUILDS/$DOS_VERSION/release_keys/"; local OUT_DIR="$DOS_BUILD_BASE/out/target/product/$DEVICE/"; + local RELEASETOOLS_PREFIX="build/tools/releasetools/"; #XXX: FIXME 18REBASE + if [[ "$DOS_VERSION" == "LineageOS-18.1" ]]; then + local RELEASETOOLS_PREFIX=""; + make otatools; + fi; + echo -e "\e[0;32mProcessing release for $DEVICE\e[0m"; #Arguments @@ -183,7 +189,7 @@ processRelease() { #Target Files echo -e "\e[0;32mSigning target files\e[0m"; - build/tools/releasetools/sign_target_files_apks -o -d "$KEY_DIR" \ + "$RELEASETOOLS_PREFIX"sign_target_files_apks -o -d "$KEY_DIR" \ "${VERITY_SWITCHES[@]}" \ $OUT_DIR/obj/PACKAGING/target_files_intermediates/*$DEVICE-target_files-*.zip \ $OUT_DIR/$PREFIX-target_files.zip; @@ -194,14 +200,14 @@ processRelease() { #Image if [ ! -f $OUT_DIR/recovery.img ]; then echo -e "\e[0;32mCreating fastboot image\e[0m"; - build/tools/releasetools/img_from_target_files $OUT_DIR/$PREFIX-target_files.zip \ + "$RELEASETOOLS_PREFIX"img_from_target_files $OUT_DIR/$PREFIX-target_files.zip \ $OUT_DIR/$PREFIX-fastboot.zip || exit 1; sha512sum $OUT_DIR/$PREFIX-fastboot.zip > $OUT_DIR/$PREFIX-fastboot.zip.sha512sum; fi #OTA echo -e "\e[0;32mCreating OTA\e[0m"; - build/tools/releasetools/ota_from_target_files $BLOCK_SWITCHES -k "$KEY_DIR/releasekey" \ + "$RELEASETOOLS_PREFIX"ota_from_target_files $BLOCK_SWITCHES -k "$KEY_DIR/releasekey" \ $OUT_DIR/$PREFIX-target_files.zip \ $OUT_DIR/$PREFIX-ota.zip; md5sum $OUT_DIR/$PREFIX-ota.zip > $OUT_DIR/$PREFIX-ota.zip.md5sum; @@ -214,7 +220,7 @@ processRelease() { local LAST_INCREMENTAL_ID=$(cat "$LAST_TARGET_FILES.id"); echo -e "\e[0;32mGenerating incremental OTA against $LAST_INCREMENTAL_ID\e[0m"; #TODO: Verify GPG signature and checksum of target-files first! - build/tools/releasetools/ota_from_target_files $BLOCK_SWITCHES -t 8 -k "$KEY_DIR/releasekey" -i \ + "$RELEASETOOLS_PREFIX"ota_from_target_files $BLOCK_SWITCHES -t 8 -k "$KEY_DIR/releasekey" -i \ "$LAST_TARGET_FILES" \ $OUT_DIR/$PREFIX-target_files.zip \ $OUT_DIR/$PREFIX-incremental_$LAST_INCREMENTAL_ID.zip; @@ -623,7 +629,7 @@ changeDefaultDNS() { echo "You must first set a preset via the DOS_DEFAULT_DNS_PRESET variable in init.sh!"; fi; - local files="core/res/res/values/config.xml packages/SettingsLib/res/values/strings.xml services/core/java/com/android/server/connectivity/NetworkDiagnostics.java services/core/java/com/android/server/connectivity/Tethering.java services/core/java/com/android/server/connectivity/tethering/TetheringConfiguration.java services/java/com/android/server/connectivity/Tethering.java"; + local files="core/res/res/values/config.xml packages/SettingsLib/res/values/strings.xml services/core/java/com/android/server/connectivity/NetworkDiagnostics.java services/core/java/com/android/server/connectivity/Tethering.java services/core/java/com/android/server/connectivity/tethering/TetheringConfiguration.java services/java/com/android/server/connectivity/Tethering.java packages/Tethering/src/com/android/networkstack/tethering/TetheringConfiguration.java core/java/android/net/util/DnsUtils.java"; sed -i "s/8\.8\.8\.8/$dnsPrimary/" $files &>/dev/null || true; sed -i "s/2001:4860:4860::8888/$dnsPrimaryV6/" $files &>/dev/null || true; sed -i "s/8\.8\.4\.4/$dnsSecondary/" $files &>/dev/null || true; diff --git a/Scripts/LineageOS-14.1/Patch.sh b/Scripts/LineageOS-14.1/Patch.sh index 0870dc14..2cb8d160 100644 --- a/Scripts/LineageOS-14.1/Patch.sh +++ b/Scripts/LineageOS-14.1/Patch.sh @@ -74,7 +74,7 @@ patch -p1 < "$DOS_PATCHES/android_device_qcom_sepolicy/248649.patch"; #msm_irqba patch -p1 < "$DOS_PATCHES/android_device_qcom_sepolicy/0001-Camera_Fix.patch"; #Fix camera on user builds XXX: REMOVE THIS TRASH enterAndClear "external/chromium-webview"; -git pull "https://github.com/LineageOS/android_external_chromium-webview" refs/changes/88/305088/1; #update webview +git pull "https://github.com/LineageOS/android_external_chromium-webview" refs/changes/88/305088/2 #update webview enterAndClear "external/sqlite"; patch -p1 < "$DOS_PATCHES/android_external_sqlite/0001-Secure_Delete.patch"; #Enable secure_delete by default (AndroidHardening-13.0) diff --git a/Scripts/LineageOS-14.1/Rebrand.sh b/Scripts/LineageOS-14.1/Rebrand.sh index 3acb2308..24fb8b53 100644 --- a/Scripts/LineageOS-14.1/Rebrand.sh +++ b/Scripts/LineageOS-14.1/Rebrand.sh @@ -45,8 +45,8 @@ sed -i '/.*mod_version/s/LineageOS/'"$DOS_BRANDING_NAME"'/' res/values*/cm_strin enter "packages/apps/SetupWizard"; sed -i 's|http://lineageos.org/legal|'"$DOS_BRANDING_LINK_PRIVACY"'|' src/com/cyanogenmod/setupwizard/LineageSettingsActivity.java; sed -i '/.*os_name/s/LineageOS/'"$DOS_BRANDING_NAME"'/' res/values*/strings.xml; -sed -i '/.*services/s/LineageOS/'"$DOS_BRANDING_NAME"'/' res/values*/strings.xml; -sed -i '/.*setup_services/s/LineageOS/'"$DOS_BRANDING_NAME"'/' res/values*/strings.xml; +sed -i '/.*services/s/LineageOS/'"$DOS_BRANDING_NAME"'/g' res/values*/strings.xml; +sed -i '/.*setup_services/s/LineageOS/'"$DOS_BRANDING_NAME"'/g' res/values*/strings.xml; enter "packages/apps/Updater"; sed -i 's|0OTA_SERVER_CLEARNET0|'"$DOS_BRANDING_SERVER_OTA"'|' src/org/lineageos/updater/misc/Utils.java; diff --git a/Scripts/LineageOS-15.1/Patch.sh b/Scripts/LineageOS-15.1/Patch.sh index 56f19080..a93838b1 100644 --- a/Scripts/LineageOS-15.1/Patch.sh +++ b/Scripts/LineageOS-15.1/Patch.sh @@ -76,7 +76,7 @@ enterAndClear "device/qcom/sepolicy"; patch -p1 < "$DOS_PATCHES/android_device_qcom_sepolicy/0001-Camera_Fix.patch"; #Fix camera on -user builds XXX: REMOVE THIS TRASH enterAndClear "external/chromium-webview"; -git pull "https://github.com/LineageOS/android_external_chromium-webview" refs/changes/88/305088/1; #update webview +git pull "https://github.com/LineageOS/android_external_chromium-webview" refs/changes/88/305088/2 #update webview enterAndClear "external/svox"; git revert --no-edit 1419d63b4889a26d22443fd8df1f9073bf229d3d; #Add back Makefiles diff --git a/Scripts/LineageOS-15.1/Rebrand.sh b/Scripts/LineageOS-15.1/Rebrand.sh index ae9373b4..290cdd86 100644 --- a/Scripts/LineageOS-15.1/Rebrand.sh +++ b/Scripts/LineageOS-15.1/Rebrand.sh @@ -55,8 +55,8 @@ sed -i '/.*lineagelicense_title/s/LineageOS/'"$DOS_BRANDING_NAME"'/' res/values* enter "packages/apps/SetupWizard"; sed -i 's|http://lineageos.org/legal|'"$DOS_BRANDING_LINK_PRIVACY"'|' src/org/lineageos/setupwizard/LineageSettingsActivity.java; sed -i '/.*os_name/s/LineageOS/'"$DOS_BRANDING_NAME"'/' res/values*/strings.xml; -sed -i '/.*services/s/LineageOS/'"$DOS_BRANDING_NAME"'/' res/values*/strings.xml; -sed -i '/.*setup_services/s/LineageOS/'"$DOS_BRANDING_NAME"'/' res/values*/strings.xml; +sed -i '/.*services/s/LineageOS/'"$DOS_BRANDING_NAME"'/g' res/values*/strings.xml; +sed -i '/.*setup_services/s/LineageOS/'"$DOS_BRANDING_NAME"'/g' res/values*/strings.xml; enter "packages/apps/Updater"; sed -i 's|0OTA_SERVER_CLEARNET0|'"$DOS_BRANDING_SERVER_OTA"'|' src/org/lineageos/updater/misc/Utils.java; diff --git a/Scripts/LineageOS-16.0/Defaults.sh b/Scripts/LineageOS-16.0/Defaults.sh index 07b28f23..ce589fbd 100644 --- a/Scripts/LineageOS-16.0/Defaults.sh +++ b/Scripts/LineageOS-16.0/Defaults.sh @@ -38,8 +38,8 @@ sed -i 's/INSTANT_APPS_ENABLED, 1/INSTANT_APPS_ENABLED, 0/' src/com/android/sett sed -i 's/DEFAULT_VALUE = 1;/DEFAULT_VALUE = 0.5f;/' src/com/android/settings/development/*ScalePreferenceController.java; #Always reset animation scales to 0.5 enter "vendor/lineage"; -sed -i 's/ro.config.notification_sound=Argon.ogg/ro.config.notification_sound=Pong.ogg/' config/common.mk; -sed -i 's/ro.config.alarm_alert=Hassium.ogg/ro.config.alarm_alert=Alarm_Buzzer.ogg/' config/common.mk; +sed -i 's/ro.config.notification_sound=Argon.ogg/ro.config.notification_sound=Pong.ogg/' config/common*.mk; +sed -i 's/ro.config.alarm_alert=Hassium.ogg/ro.config.alarm_alert=Alarm_Buzzer.ogg/' config/common*.mk; cd "$DOS_BUILD_BASE"; echo "Default settings changed!"; diff --git a/Scripts/LineageOS-16.0/Patch.sh b/Scripts/LineageOS-16.0/Patch.sh index 32796b97..118396b9 100644 --- a/Scripts/LineageOS-16.0/Patch.sh +++ b/Scripts/LineageOS-16.0/Patch.sh @@ -78,7 +78,7 @@ patch -p1 < "$DOS_PATCHES/android_device_qcom_sepolicy-legacy/0001-Camera_Fix.pa echo "SELINUX_IGNORE_NEVERALLOWS := true" >> sepolicy.mk; #necessary for -user builds of legacy devices enterAndClear "external/chromium-webview"; -git pull "https://github.com/LineageOS/android_external_chromium-webview" refs/changes/88/305088/1; #update webview +git pull "https://github.com/LineageOS/android_external_chromium-webview" refs/changes/88/305088/2 #update webview enterAndClear "external/svox"; git revert --no-edit 1419d63b4889a26d22443fd8df1f9073bf229d3d; #Add back Makefiles diff --git a/Scripts/LineageOS-16.0/Rebrand.sh b/Scripts/LineageOS-16.0/Rebrand.sh index f5377b18..06ec8940 100644 --- a/Scripts/LineageOS-16.0/Rebrand.sh +++ b/Scripts/LineageOS-16.0/Rebrand.sh @@ -55,8 +55,8 @@ sed -i '/.*lineagelicense_title/s/LineageOS/'"$DOS_BRANDING_NAME"'/' res/values* enter "packages/apps/SetupWizard"; sed -i 's|http://lineageos.org/legal|'"$DOS_BRANDING_LINK_PRIVACY"'|' src/org/lineageos/setupwizard/LineageSettingsActivity.java; sed -i '/.*os_name/s/LineageOS/'"$DOS_BRANDING_NAME"'/' res/values*/strings.xml; -sed -i '/.*services/s/LineageOS/'"$DOS_BRANDING_NAME"'/' res/values*/strings.xml; -sed -i '/.*setup_services/s/LineageOS/'"$DOS_BRANDING_NAME"'/' res/values*/strings.xml; +sed -i '/.*services/s/LineageOS/'"$DOS_BRANDING_NAME"'/g' res/values*/strings.xml; +sed -i '/.*setup_services/s/LineageOS/'"$DOS_BRANDING_NAME"'/g' res/values*/strings.xml; enter "packages/apps/Updater"; sed -i 's|0OTA_SERVER_CLEARNET0|'"$DOS_BRANDING_SERVER_OTA"'|' src/org/lineageos/updater/misc/Utils.java; diff --git a/Scripts/LineageOS-17.1/Defaults.sh b/Scripts/LineageOS-17.1/Defaults.sh index b31859c7..ee369c41 100644 --- a/Scripts/LineageOS-17.1/Defaults.sh +++ b/Scripts/LineageOS-17.1/Defaults.sh @@ -38,8 +38,8 @@ sed -i 's/INSTANT_APPS_ENABLED, 1/INSTANT_APPS_ENABLED, 0/' src/com/android/sett sed -i 's/DEFAULT_VALUE = 1;/DEFAULT_VALUE = 0.5f;/' src/com/android/settings/development/*ScalePreferenceController.java; #Always reset animation scales to 0.5 enter "vendor/lineage"; -sed -i 's/ro.config.notification_sound=Argon.ogg/ro.config.notification_sound=Pong.ogg/' config/common.mk; -sed -i 's/ro.config.alarm_alert=Hassium.ogg/ro.config.alarm_alert=Alarm_Buzzer.ogg/' config/common.mk; +sed -i 's/ro.config.notification_sound=Argon.ogg/ro.config.notification_sound=Pong.ogg/' config/common*.mk; +sed -i 's/ro.config.alarm_alert=Hassium.ogg/ro.config.alarm_alert=Alarm_Buzzer.ogg/' config/common*.mk; cd "$DOS_BUILD_BASE"; echo "Default settings changed!"; diff --git a/Scripts/LineageOS-17.1/Functions.sh b/Scripts/LineageOS-17.1/Functions.sh index 62c0350a..c61d4501 100644 --- a/Scripts/LineageOS-17.1/Functions.sh +++ b/Scripts/LineageOS-17.1/Functions.sh @@ -18,7 +18,7 @@ #Last verified: 2020-04-14 patchAllKernels() { - startPatcher "kernel_cyanogen_msm8916 kernel_essential_msm8998 kernel_fairphone_msm8974 kernel_fairphone_sdm632 kernel_fxtec_msm8998 kernel_google_coral kernel_google_marlin kernel_google_msm kernel_google_msm-4.9 kernel_google_wahoo kernel_google_yellowstone kernel_htc_msm8974 kernel_lge_g3 kernel_lge_mako kernel_lge_msm8974 kernel_lge_msm8996 kernel_moto_shamu kernel_motorola_msm8916 kernel_motorola_msm8974 kernel_motorola_msm8992 kernel_motorola_msm8996 kernel_nextbit_msm8992 kernel_oneplus_msm8994 kernel_oneplus_msm8996 kernel_oneplus_msm8998 kernel_oneplus_sdm845 kernel_oneplus_sm8150 kernel_oppo_msm8974 kernel_razer_msm8998 kernel_samsung_jf kernel_samsung_msm8974 kernel_samsung_universal9810 kernel_xiaomi_sdm845 kernel_yandex_sdm660 kernel_zuk_msm8996"; + startPatcher "kernel_cyanogen_msm8916 kernel_essential_msm8998 kernel_fairphone_msm8974 kernel_fairphone_sdm632 kernel_fxtec_msm8998 kernel_google_coral kernel_google_marlin kernel_google_msm kernel_google_msm-4.9 kernel_google_wahoo kernel_google_yellowstone kernel_htc_msm8974 kernel_lge_g3 kernel_lge_mako kernel_lge_msm8974 kernel_lge_msm8996 kernel_moto_shamu kernel_motorola_msm8916 kernel_motorola_msm8974 kernel_motorola_msm8992 kernel_motorola_msm8996 kernel_nextbit_msm8992 kernel_oneplus_msm8994 kernel_oneplus_msm8996 kernel_oneplus_msm8998 kernel_oneplus_sdm845 kernel_oneplus_sm8150 kernel_oppo_msm8974 kernel_razer_msm8998 kernel_samsung_jf kernel_samsung_msm8974 kernel_xiaomi_sdm845 kernel_yandex_sdm660 kernel_zuk_msm8996"; } export -f patchAllKernels; @@ -121,9 +121,6 @@ buildAll() { #SD670 buildDevice bonito avb; buildDevice sargo avb; - #Exynos - buildDevice starlte; #broken vendor partition integration - buildDevice star2lte; #Tegra buildDevice yellowstone; #broken } diff --git a/Scripts/LineageOS-17.1/Patch.sh b/Scripts/LineageOS-17.1/Patch.sh index fc7eda5c..07c8da5a 100644 --- a/Scripts/LineageOS-17.1/Patch.sh +++ b/Scripts/LineageOS-17.1/Patch.sh @@ -58,8 +58,8 @@ cp -r "$DOS_PATCHES_COMMON""android_vendor_divested/." "$DOS_BUILD_BASE""vendor/ enterAndClear "bootable/recovery"; git checkout 53fd25482; #XXX: TEMPORARY! +#git revert --no-edit 0335405715fd15b1564c3169b725f7145ebde3af; #Don't allow bypassing signature verification patch -p1 < "$DOS_PATCHES/android_bootable_recovery/0001-No_SerialNum_Restrictions.patch"; #Abort on serial number specific packages (GrapheneOS) -#patch -p1 < "$DOS_PATCHES/android_bootable_recovery/0002-Permissive_Override.patch"; #Allow devices to set SELinux permissive enterAndClear "bionic"; if [ "$DOS_GRAPHENE_MALLOC" = true ]; then patch -p1 < "$DOS_PATCHES/android_bionic/0001-HM-Use_HM.patch"; fi; #(GrapheneOS) @@ -76,7 +76,7 @@ patch -p1 < "$DOS_PATCHES/android_device_qcom_sepolicy-legacy/0001-Camera_Fix.pa echo "SELINUX_IGNORE_NEVERALLOWS := true" >> sepolicy.mk; #necessary for -user builds of legacy devices enterAndClear "external/chromium-webview"; -git pull "https://github.com/LineageOS/android_external_chromium-webview" refs/changes/88/305088/1; #update webview +git pull "https://github.com/LineageOS/android_external_chromium-webview" refs/changes/88/305088/2 #update webview enterAndClear "external/svox"; git revert --no-edit 1419d63b4889a26d22443fd8df1f9073bf229d3d; #Add back Makefiles @@ -88,7 +88,6 @@ enterAndClear "frameworks/av"; if [ "$DOS_GRAPHENE_MALLOC" = true ]; then patch -p1 < "$DOS_PATCHES/android_frameworks_av/0001-HM_A2DP_Fix.patch"; fi; #(GrapheneOS) enterAndClear "frameworks/base"; -hardenLocationFWB "$DOS_BUILD_BASE"; #XXX 17REBASE hardenLocationConf services/core/java/com/android/server/location/gps_debug.conf; sed -i 's/DEFAULT_MAX_FILES = 1000;/DEFAULT_MAX_FILES = 0;/' services/core/java/com/android/server/DropBoxManagerService.java; #Disable DropBox sed -i 's/DEFAULT_MAX_FILES_LOWRAM = 300;/DEFAULT_MAX_FILES_LOWRAM = 0;/' services/core/java/com/android/server/DropBoxManagerService.java; #Disable DropBox @@ -106,7 +105,6 @@ patch -p1 < "$DOS_PATCHES/android_frameworks_base/0009-SystemUI_No_Permission_Re if [ "$DOS_GRAPHENE_EXEC" = true ]; then patch -p1 < "$DOS_PATCHES/android_frameworks_base/0010-Exec_Based_Spawning.patch"; fi; #add exec-based spawning support (GrapheneOS) patch -p1 < "$DOS_PATCHES/android_frameworks_base/0003-SUPL_No_IMSI.patch"; #don't send IMSI to SUPL (MSe) patch -p1 < "$DOS_PATCHES/android_frameworks_base/0004-Fingerprint_Lockout.patch"; #enable fingerprint failed lockout after 5 attempts (GrapheneOS) -#sed -i '295i\ packageList.add("net.sourceforge.opencamera");' core/java/android/hardware/Camera.java; #add Open Camera to aux camera whitelist #XXX: breaks boot? if [ "$DOS_MICROG_INCLUDED" != "FULL" ]; then rm -rf packages/CompanionDeviceManager; fi; #Used to support Android Wear (which hard depends on GMS) rm -rf packages/OsuLogin; #Automatic Wi-Fi connection non-sense rm -rf packages/PrintRecommendationService; #Creates popups to install proprietary print apps @@ -167,7 +165,6 @@ sed -i 's/if (isFullDiskEncrypted()) {/if (false) {/' src/com/android/settings/a if [ "$DOS_MICROG_INCLUDED" = "FULL" ]; then sed -i 's/GSETTINGS_PROVIDER = "com.google.settings";/GSETTINGS_PROVIDER = "com.google.oQuae4av";/' src/com/android/settings/backup/PrivacySettingsUtils.java; fi; #microG doesn't support Backup, hide the options enterAndClear "packages/apps/SetupWizard"; -git revert --no-edit 578a6c99e291f330786af204d9725abaed5a4a32; #hold off on Seedvault for now patch -p1 < "$DOS_PATCHES/android_packages_apps_SetupWizard/0001-Remove_Analytics.patch"; #Remove analytics enterAndClear "packages/apps/Trebuchet"; @@ -208,7 +205,6 @@ enterAndClear "system/update_engine"; git revert --no-edit c68499e3ff10f2a31f913e14f66aafb4ed94d42d; #Do not skip payload signature verification enterAndClear "vendor/lineage"; -git revert --no-edit f16956ab7a08c4ff79892bc2ce90dd7ac2976a38; #hold off on Seedvault for now rm build/target/product/security/lineage.x509.pem; rm -rf overlay/common/lineage-sdk/packages/LineageSettingsProvider/res/values/defaults.xml; #Remove analytics rm -rf overlay/common/frameworks/base/core/res/res/drawable-*/default_wallpaper.png; @@ -324,9 +320,6 @@ echo "allow hal_gnss_default ssr_device:chr_file { open read };" >> sepolicy/com enterAndClear "device/zuk/msm8996-common"; awk -i inplace '!/WfdCommon/' msm8996.mk; #fix breakage -enterAndClear "kernel/essential/msm8998"; -awk -i inplace '!/SECTOR_SIZE 512/' drivers/md/dm-req-crypt.c; #fixup 4.4.0258-0259.patch - enterAndClear "kernel/google/marlin"; git revert --no-edit dd4a454f080f60cc7c4f5cc281a48cba80947baf; #Resurrect dm-verity @@ -356,7 +349,6 @@ sed -i "s/CONFIG_STRICT_MEMORY_RWX=y/# CONFIG_STRICT_MEMORY_RWX is not set/" ker sed -i "s/CONFIG_DEBUG_RODATA=y/# CONFIG_DEBUG_RODATA is not set/" kernel/motorola/msm8974/arch/arm/configs/lineageos_*_defconfig; #Breaks on compile sed -i "s/CONFIG_STRICT_MEMORY_RWX=y/# CONFIG_STRICT_MEMORY_RWX is not set/" kernel/motorola/msm8996/arch/arm64/configs/*_defconfig; #Breaks on compile sed -i "s/CONFIG_STRICT_MEMORY_RWX=y/# CONFIG_STRICT_MEMORY_RWX is not set/" kernel/oneplus/msm8996/arch/arm64/configs/lineageos_*_defconfig; #Breaks on compile -sed -i "s/CONFIG_RANDOMIZE_BASE=y/# CONFIG_RANDOMIZE_BASE is not set/" kernel/samsung/universal9810/arch/arm64/configs/*_defconfig; #Breaks on compile sed -i 's/YYLTYPE yylloc;/extern YYLTYPE yylloc;/' kernel/*/*/scripts/dtc/dtc-lexer.l*; #Fix builds with GCC 10 rm -v kernel/*/*/drivers/staging/greybus/tools/Android.mk; diff --git a/Scripts/LineageOS-17.1/Rebrand.sh b/Scripts/LineageOS-17.1/Rebrand.sh index aa808ca0..902d971e 100644 --- a/Scripts/LineageOS-17.1/Rebrand.sh +++ b/Scripts/LineageOS-17.1/Rebrand.sh @@ -21,9 +21,16 @@ echo "Rebranding..."; enter "bootable/recovery"; -git revert --no-edit 2e0e35734f65035d24014dcce7aceda6e4b1e222 1423e5792837f204e535efd75fd44a2970899a7d 7e46bc14b15fdeabfd16871137f403f89486b83c; +git revert --no-edit 2e0e35734f65035d24014dcce7aceda6e4b1e222 1423e5792837f204e535efd75fd44a2970899a7d 7e46bc14b15fdeabfd16871137f403f89486b83c; #TODO: remove to sync with 18.1 sed -i 's/if (lineage_logo_/if (false/' recovery_ui/*ui.cpp; +awk -i inplace '!/DrawSurface\(logo.get\(\)/' recovery_ui/screen_ui.cpp; #Hide logo mogrify -format png -fill "#FF5722" -opaque "#167C80" -fuzz 10% res-*/images/*sel.png; #Recolor icons +mogrify -format png -fill "#FF5722" -opaque "#7c4dff" -fuzz 10% res-*/images/ic_back_sel.png; +sed -i 's|0x7c, 0x4d, 0xff|0xff, 0x57, 0x22|' recovery_ui/*ui.cpp; #Recolor accents (recovery primary) +sed -i 's|0xf8, 0x90, 0xff|0xff, 0x98, 0x00|' recovery_ui/*ui.cpp; #Recolor accents (recovery secondar) +sed -i 's|0xe6, 0x51, 0x00|0x4c, 0xaf, 0x50|' recovery_ui/*ui.cpp; #Recolor accents (fastboot primary) +sed -i 's|0xfd, 0xd8, 0x35|0x8b, 0xc3, 0x4a|' recovery_ui/*ui.cpp; #Recolor accents (fastboot secondary) +sed -i 's|0xfd, 0xd8,0x35|0x8b, 0xc3, 0x4a|' recovery_ui/*ui.cpp; #Recolor accents (fastboot secondary typo) sed -i 's|0x16, 0x7c, 0x80|0x03, 0xa9, 0xf4|' recovery_ui/*ui.cpp; #Recolor text sed -i 's|Android Recovery|'"$DOS_BRANDING_NAME"' Recovery|' recovery_ui/*ui.cpp; sed -i 's|LineageOS|'"$DOS_BRANDING_NAME"'|' recovery_ui/*ui.cpp; @@ -55,8 +62,8 @@ enter "packages/apps/SetupWizard"; sed -i 's|http://lineageos.org/legal|'"$DOS_BRANDING_LINK_PRIVACY"'|' src/org/lineageos/setupwizard/LineageSettingsActivity.java; sed -i '/.*intro_restore/s/LineageOS/'"$DOS_BRANDING_NAME"'/' res/values*/strings.xml; sed -i '/.*os_name/s/LineageOS/'"$DOS_BRANDING_NAME"'/' res/values*/strings.xml; -sed -i '/.*services/s/LineageOS/'"$DOS_BRANDING_NAME"'/' res/values*/strings.xml; -sed -i '/.*setup_services/s/LineageOS/'"$DOS_BRANDING_NAME"'/' res/values*/strings.xml; +sed -i '/.*services/s/LineageOS/'"$DOS_BRANDING_NAME"'/g' res/values*/strings.xml; +sed -i '/.*setup_services/s/LineageOS/'"$DOS_BRANDING_NAME"'/g' res/values*/strings.xml; enter "packages/apps/Updater"; sed -i 's|0OTA_SERVER_CLEARNET0|'"$DOS_BRANDING_SERVER_OTA"'|' src/org/lineageos/updater/misc/Utils.java; diff --git a/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_essential_msm8998.sh b/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_essential_msm8998.sh new file mode 100644 index 00000000..e32a5e07 --- /dev/null +++ b/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_essential_msm8998.sh @@ -0,0 +1,100 @@ +#!/bin/bash +cd "$DOS_BUILD_BASE""kernel/essential/msm8998" +git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/4.4/4.4.0260-0261.patch --exclude=Makefile +git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.10+/0016.patch +git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.10+/0020.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0007.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0008.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0009.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0010.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0011.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0012.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0013.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0014.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0015.patch +#git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0019.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7837/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-1583/^4.6.3/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6187/^4.6.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6693/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6696/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8394/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0009.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0610/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0627/4.4/0009.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0627/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9059/^4.11.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9711/4.4/0003.patch +#git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13218/4.4/0019.patch +#git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13218/4.4/0027.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13693/^4.12.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13694/^4.12.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14875/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18174/^4.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18204/4.4/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18306/4.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000252/^4.13.3/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5896/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5897/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5897/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5905/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5906/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5908/4.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5909/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5910/4.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9415/ANY/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11273/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11818/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11919/4.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11984/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11986/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11987/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11988/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11988/ANY/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-12010/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13912/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13913/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13914/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13917/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13920/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-16597/4.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0013.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0014.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2264/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2333/ANY/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2341/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-8912/^4.20.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10494/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10503/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10503/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10515/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10524/ANY/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10527/ANY/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10555/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10567/ANY/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10584/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10614/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10622/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12378/^5.1.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12456/^5.1.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14040/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14041/ANY/0002.patch +#git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14047/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15291/4.4/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-16994/^5.0/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19051/4.4/0012.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19068/4.4/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11608/4.4/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11608/^5.6.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-14386/3.10-^4.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-16119/^5.10/0002.patch +editKernelLocalversion "-dos.p96" +cd "$DOS_BUILD_BASE" diff --git a/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_fxtec_msm8998.sh b/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_fxtec_msm8998.sh new file mode 100644 index 00000000..d38144a5 --- /dev/null +++ b/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_fxtec_msm8998.sh @@ -0,0 +1,52 @@ +#!/bin/bash +cd "$DOS_BUILD_BASE""kernel/fxtec/msm8998" +git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.10+/0016.patch +git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.10+/0020.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0006.patch +#git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0011.patch +#git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0012.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0013.patch +#git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0014.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0015.patch +#git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0019.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7837/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-1583/^4.6.3/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6187/^4.6.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6693/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6696/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8394/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0009.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0610/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0627/4.4/0009.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0627/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9059/^4.11.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9211/^4.11.2/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13218/4.4/0019.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13693/^4.12.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13694/^4.12.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14875/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18174/^4.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18204/4.4/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000252/^4.13.3/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5897/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9415/ANY/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-16597/4.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-8912/^4.20.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10622/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12378/^5.1.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12456/^5.1.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14763/^4.16.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15291/4.4/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-16994/^5.0/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19051/4.4/0012.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19068/4.4/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11160/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11608/4.4/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11608/^5.6.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-14386/3.10-^4.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-16119/^5.10/0002.patch +editKernelLocalversion "-dos.p48" +cd "$DOS_BUILD_BASE" diff --git a/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_google_coral.sh b/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_google_coral.sh new file mode 100644 index 00000000..3bc0a6a2 --- /dev/null +++ b/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_google_coral.sh @@ -0,0 +1,115 @@ +#!/bin/bash +cd "$DOS_BUILD_BASE""kernel/google/coral" +git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/4.14/4.14.0201-0202.patch --exclude=Makefile +git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/4.14/4.14.0205-0206.patch --exclude=Makefile +git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/4.14/4.14.0207-0208.patch --exclude=Makefile +git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/4.14/4.14.0210-0211.patch --exclude=Makefile +git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/4.14/4.14.0219-0220.patch --exclude=Makefile +git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc/ANY/0008.patch +git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc2/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.14/0051.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.14/0052.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.14/0053.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.14/0054.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.14/0055.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.14/0056.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.14/0059.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.14/0062.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.14/0064.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.14/0065.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.14/0066.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.14/0067.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.14/0069.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.14/0070.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.14/0071.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.14/0072.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.14/0073.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.14/0075.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.14/0076.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.14/0077.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.14/0078.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.14/0079.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.14/0080.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.14/0081.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.14/0082.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7837/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3695/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0627/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14875/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18232/4.14/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5897/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9415/ANY/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-20855/^4.18.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-0145/4.14/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-0148/4.14/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-3874/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-9444/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10520/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11191/^5.0.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12378/^5.1.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12455/^5.1.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12456/^5.1.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14034/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15291/4.14/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-16921/^4.17/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19051/4.14/0008.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19318/4.14/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19602/^5.4.2/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19816/4.14/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20908/^5.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11146/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11250/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11608/4.14/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11608/^5.6.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-12352/ANY/0011.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-14351/4.14/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-14386/4.14/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-15780/^5.7.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-16119/^5.10/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-25643/4.14/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-25645/4.14/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-25668/4.14/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-25704/4.14/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-25705/4.14/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-27777/4.14/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-27815/4.14/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-27825/4.14/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-28374/4.14/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-28915/4.14/0007.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-28915/4.14/0008.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-28915/4.14/0009.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-28941/4.14/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-28974/4.14/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-29372/^5.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-29568/4.14/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-29568/4.14/0007.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-29568/4.14/0008.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-29568/4.14/0009.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-29568/4.14/0010.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-29569/4.14/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-29661/4.14/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-35508/4.14/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-36158/4.14/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-BleedingToothExtras/^5.10/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3178/4.14/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3348/4.14/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-26930/4.14/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-26931/4.14/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-26931/4.14/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-26931/4.14/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-26932/4.14/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-26932/4.14/0007.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-26932/4.14/0008.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-26932/4.14/0009.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-26932/4.14/0010.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-27363/4.14/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-27365/4.14/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-27365/4.14/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-28038/4.14/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-28038/4.14/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-28039/^5.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-27830/4.14/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-29660/4.14/0002.patch +editKernelLocalversion "-dos.p111" +cd "$DOS_BUILD_BASE" diff --git a/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_google_msm-4.9.sh b/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_google_msm-4.9.sh new file mode 100644 index 00000000..f77b380f --- /dev/null +++ b/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_google_msm-4.9.sh @@ -0,0 +1,124 @@ +#!/bin/bash +cd "$DOS_BUILD_BASE""kernel/google/msm-4.9" +git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/4.9/4.9.0239-0240.patch --exclude=Makefile +git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/4.9/4.9.0242-0243.patch --exclude=Makefile +git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/4.9/4.9.0244-0245.patch --exclude=Makefile +git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/4.9/4.9.0247-0248.patch --exclude=Makefile +git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.10+/0016.patch +git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.10+/0020.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0026.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0027.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0028.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0029.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0030.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0031.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0032.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0033.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0034.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0035.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0036.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0037.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0038.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0039.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0041.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0043.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0044.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0045.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0046.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0047.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0048.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0049.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0050.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7837/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3695/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0008.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0009.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0605/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0627/4.9/0010.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0627/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7477/4.9/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13693/^4.12.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13694/^4.12.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14875/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000252/^4.13.3/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5897/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9415/ANY/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9462/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9519/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-20855/^4.18.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-0145/4.9/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-0148/4.9/0007.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-8912/^4.20.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10503/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12378/^5.1.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12455/^5.1.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12456/^5.1.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14040/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14104/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15291/4.9/0007.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-16921/^4.17/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-16994/4.9/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19051/4.9/0013.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19318/4.9/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19813/4.9/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19816/4.9/0007.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20908/^5.4/0001.patch +#git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-0067/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-0427/4.9/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-3674/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-3693/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11608/4.9/0007.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11608/^5.6.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-12352/ANY/0011.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-14351/4.9/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-14386/4.9/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-16119/^5.10/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-24394/^5.7.8/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-25643/4.9/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-25645/4.9/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-25668/4.9/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-25705/4.9/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-27815/4.9/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-27825/4.9/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-28915/4.9/0016.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-28915/4.9/0017.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-28915/4.9/0018.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-28974/4.9/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-29368/4.9/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-29568/4.9/0031.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-29568/4.9/0032.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-29568/4.9/0033.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-29568/4.9/0034.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-29568/4.9/0035.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-29569/4.9/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-35508/4.9/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-36158/4.9/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3178/4.9/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3347/4.9/0036.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3347/4.9/0037.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3347/4.9/0038.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3347/4.9/0039.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3347/4.9/0040.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3347/4.9/0041.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3347/4.9/0042.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3347/4.9/0043.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3347/4.9/0044.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3347/4.9/0045.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-26930/4.9/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-26931/4.9/0013.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-26931/4.9/0014.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-26931/4.9/0015.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-26932/4.9/0021.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-26932/4.9/0022.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-26932/4.9/0023.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-26932/4.9/0024.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-26932/4.9/0025.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-27363/4.9/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-27365/4.9/0009.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-27365/4.9/0010.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-28038/4.9/0009.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-28038/4.9/0010.patch +editKernelLocalversion "-dos.p120" +cd "$DOS_BUILD_BASE" diff --git a/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_google_msm.sh b/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_google_msm.sh new file mode 100644 index 00000000..fbbe1a85 --- /dev/null +++ b/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_google_msm.sh @@ -0,0 +1,254 @@ +#!/bin/bash +cd "$DOS_BUILD_BASE""kernel/google/msm" +git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc/ANY/0009.patch +git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc2/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/0090-Unknown/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6544/3.4/0007.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6544/3.4/0008.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6544/3.4/0009.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6544/^3.6/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6545/3.4/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6545/3.4/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6545/3.4/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-0349/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3076/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3222/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3224/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3225/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3227/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3228/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3229/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3231/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-4470/^3.12/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-4738/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-3688/^3.17.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-7842/^3.17/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-7975/^3.17/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-9781/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-2042/^3.19/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-6937/3.4/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7566/^4.4.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8553/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8746/^4.2.2/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8812/^4.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2085/^4.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2543/^4.4.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3136/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3857/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3894/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-4485/^4.5.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-4580/^4.5.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-4913/^4.5.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5244/^4.6.3/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5828/^4.6.3/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6480/^4.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6740/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-7117/^4.5.2/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8404/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-10142/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-10318/^4.7.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0457/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0611/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0627/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0648/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0710/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0751/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0786/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7308/3.4/0021.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7308/3.4/0022.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7645/^4.10.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8246/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8254/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8254/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8824/^4.14.3/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9984/^4.11.7/0001.patch +#git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11015/prima/0001.patch +#git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11015/prima/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11176/^4.11.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11473/^4.12.2/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-12153/^4.13.3/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-12762/^4.12/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13080/3.4/0009.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13245/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13246/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13305/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13695/^4.12.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14106/^4.12/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14489/^4.13.2/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-15115/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-15649/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16525/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16526/^4.13.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16531/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16532/^4.13.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16533/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16534/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16535/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16537/^4.13.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16643/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16650/^4.13.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16939/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17450/^4.14.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17558/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17770/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17805/^4.14.8/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17806/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17807/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18079/^4.12.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18203/^4.14.3/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18360/^4.11.3/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000111/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000363/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-1068/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-1068/^4.16/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-1092/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-3584/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5332/^4.14.13/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5333/^4.14.13/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5344/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5750/^4.14.15/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5803/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-6927/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7492/^4.14.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7566/^4.15/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7755/^4.15.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7757/^4.15.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-8781/^4.15/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9389/3.4/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9416/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9422/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9439/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9516/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9517/3.4/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9517/3.4/0007.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9517/3.4/0008.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9517/3.4/0009.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9517/3.4/0010.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9568/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10021/^4.16/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10087/^4.13/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10124/^4.13/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10675/^4.12.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10876/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10876/3.4/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10876/3.4/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10876/3.4/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10876/3.4/0007.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10876/3.4/0008.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10876/3.4/0009.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10876/3.4/0010.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10877/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10879/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10879/3.4/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10880/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10882/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10883/ANY/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10940/^4.16.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11832/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-12233/^4.17.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13053/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13405/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13917/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-14614/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-14634/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-15594/^4.18.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-16658/^4.18.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-18710/^4.19/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-19985/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-20169/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-20511/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-1000199/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-1000199/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-1000204/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2001/^3.10/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2101/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2331/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-3459/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-3460/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-5489/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-5489/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-8912/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-9454/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-9456/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-9456/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10142/^5.0.17/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10607/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10638/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11477/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11478/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11833/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11884/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14041/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14053/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14283/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14821/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15117/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15118/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15213/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15214/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15216/^5.0.14/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15239/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15505/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15807/^5.1.13/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15926/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-16746/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-16746/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-16746/3.4/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-17052/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-17052/3.4/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-17052/3.4/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-17052/3.4/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-17133/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-18806/^5.3.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19051/^5.3.11/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19066/^5.3.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19073/^5.3.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19074/^5.3.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19524/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19527/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19527/3.4/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19528/^5.3.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19528/^5.3.7/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19532/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19537/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20054/^5.0.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20054/^5.0.6/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20096/^5.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20636/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-0009/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-0040/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-0404/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-0431/^3.18/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-8647/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-8648/3.4/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-8648/3.4/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-8648/3.4/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-9383/^5.5.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-10773/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11565/^5.6.2/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-12656/^5.6.10/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-13974/^5.7.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-14314/^5.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-15393/^5.7.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-25643/^5.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-25669/^5.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-27066/^5.5/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-27815/^5.10/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-28974/^5.10/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-29371/^5.9/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3178/^5.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-20261/^3.15/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-27363/^5.12/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/797912_0001-usb-gadget-Fix-synchronization-issue-between-f_audio.patch +git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/870057_0001-wcnss-add-null-check-in-pm_ops-unregister.patch +git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/kernel.msm.git-5d89eb01c93d8a62998e3bdccae28a7732e3bd51.patch +git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/kernel.msm.git-7be3e08d7a523207486701b2d34607137558066f.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19051/^5.3.11/0001.patch +editKernelLocalversion "-dos.p250" +cd "$DOS_BUILD_BASE" diff --git a/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_google_wahoo.sh b/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_google_wahoo.sh new file mode 100644 index 00000000..099f8a9f --- /dev/null +++ b/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_google_wahoo.sh @@ -0,0 +1,170 @@ +#!/bin/bash +cd "$DOS_BUILD_BASE""kernel/google/wahoo" +git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/4.4/4.4.0242-0243.patch --exclude=Makefile +git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/4.4/4.4.0244-0245.patch --exclude=Makefile +git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/4.4/4.4.0251-0252.patch --exclude=Makefile +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.10+/0016.patch +git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.10+/0020.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0007.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0008.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0009.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0010.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0011.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0012.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0013.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0014.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0015.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0018.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0019.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0022.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0023.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7837/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-1583/^4.6.3/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6187/^4.6.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6693/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6696/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8394/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-9919/4.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0009.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0610/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0627/4.4/0009.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0627/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0627/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9059/^4.11.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9699/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11065/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13693/^4.12.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13694/^4.12.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14875/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14886/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18061/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18174/^4.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18204/4.4/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000252/^4.13.3/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-3575/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5902/4.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5906/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-8043/4.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9415/ANY/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10323/4.4/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13094/4.4/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-16597/4.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-8912/^4.20.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10622/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10626/ANY/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12378/^5.1.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12456/^5.1.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14038/4.4/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14039/4.4/0003.patch +#git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14047/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15291/4.4/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-16994/^5.0/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19051/4.4/0012.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19054/4.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19073/4.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19074/4.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19318/4.4/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19448/4.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19813/4.4/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19815/4.4/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19816/4.4/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19947/4.4/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20810/4.4/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-0427/4.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-0543/4.4/0021.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-0543/4.4/0022.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-0543/4.4/0023.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-0543/4.4/0024.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-0543/4.4/0025.patch +#git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-1749/4.4/0009.patch +#git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-8992/4.4/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-10135/4.4/0010.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-10135/4.4/0011.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-10135/4.4/0012.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-10711/4.4/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-10766/4.4/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11286/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11608/4.4/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11608/^5.6.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-12352/3.6-^5.10/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-12352/ANY/0011.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-12656/4.4/0008.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-12656/4.4/0009.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-12769/4.4/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-12770/4.4/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-12771/4.4/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-13974/4.4/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-14305/4.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-14314/4.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-14331/4.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-14351/4.4/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-14386/3.10-^4.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-14390/4.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-15393/4.4/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-15436/4.4/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-15437/4.4/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-16119/^5.10/0002.patch +#git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-16166/4.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-24490/4.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-25211/4.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-25212/4.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-25284/4.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-25285/4.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-25643/4.4/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-25645/4.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-25668/4.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-25705/4.4/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-26088/4.4/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-27815/4.4/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-27825/4.4/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-28915/4.4/0013.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-28915/4.4/0014.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-28915/4.4/0015.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-28974/4.4/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-29371/4.4/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-29568/4.4/0016.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-29568/4.4/0017.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-29568/4.4/0018.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-29568/4.4/0019.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-29568/4.4/0020.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-29569/4.4/0007.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-29661/4.4/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-35508/4.4/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-36158/4.4/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3178/4.4/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3347/4.4/0046.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3347/4.4/0047.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3347/4.4/0048.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3347/4.4/0049.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3347/4.4/0050.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3347/4.4/0051.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3347/4.4/0052.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3347/4.4/0053.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3347/4.4/0054.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3347/4.4/0055.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-26930/4.4/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-26931/4.4/0010.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-26931/4.4/0011.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-26931/4.4/0012.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-26932/4.4/0016.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-26932/4.4/0017.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-26932/4.4/0018.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-26932/4.4/0019.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-26932/4.4/0020.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-27363/4.4/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-27365/4.4/0007.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-27365/4.4/0008.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-28038/4.4/0007.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-28038/4.4/0008.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-29660/4.4/0004.patch +editKernelLocalversion "-dos.p166" +cd "$DOS_BUILD_BASE" diff --git a/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_htc_msm8974.sh b/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_htc_msm8974.sh new file mode 100644 index 00000000..3b66bd10 --- /dev/null +++ b/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_htc_msm8974.sh @@ -0,0 +1,264 @@ +#!/bin/bash +cd "$DOS_BUILD_BASE""kernel/htc/msm8974" +git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc/ANY/0009.patch +git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc2/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/0005-AndroidHardening-Deny_USB/3.4/3.4-Backport.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/0090-Unknown/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6544/3.4/0009.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3076/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3222/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3225/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3227/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3228/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3229/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3231/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-4470/^3.12/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-3688/^3.17.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-7842/^3.17/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-7975/^3.17/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-9781/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-2042/^3.19/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-6937/3.4/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7566/^4.4.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8553/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8746/^4.2.2/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8812/^4.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2085/^4.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2443/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2543/^4.4.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-4485/^4.5.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-4580/^4.5.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-4913/^4.5.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5244/^4.6.3/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5828/^4.6.3/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6480/^4.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-7117/^4.5.2/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8404/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-10142/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-10318/^4.7.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0452/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0610/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0627/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0786/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0861/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7645/^4.10.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8266/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8824/^4.14.3/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9984/^4.11.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11039/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11090/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11176/^4.11.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11473/^4.12.2/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-12153/^4.13.3/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-12762/^4.12/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13167/^4.4/0009.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13215/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13218/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13245/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13246/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13305/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13695/^4.12.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14106/^4.12/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14489/^4.13.2/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-15115/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-15649/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-15850/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-15868/3.4/0012.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-15868/3.4/0013.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-15868/3.4/0014.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16525/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16526/^4.13.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16529/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16531/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16532/^4.13.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16533/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16534/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16535/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16537/^4.13.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16643/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16650/^4.13.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16939/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17450/^4.14.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17558/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17769/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17770/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17805/^4.14.8/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17806/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17807/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18079/^4.12.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18203/^4.14.3/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18360/^4.11.3/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000111/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000363/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-1068/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-1068/^4.16/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-1092/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-3561/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-3563/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-3564/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-3584/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-3586/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5332/^4.14.13/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5333/^4.14.13/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5344/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5750/^4.14.15/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5803/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5858/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5896/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-6927/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7492/^4.14.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7566/^4.15/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7755/^4.15.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7757/^4.15.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-8781/^4.15/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9389/3.4/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9416/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9422/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9439/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9516/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9517/3.4/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9517/3.4/0007.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9517/3.4/0008.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9517/3.4/0009.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9517/3.4/0010.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9568/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10021/^4.16/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10087/^4.13/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10124/^4.13/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10675/^4.12.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10876/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10876/3.4/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10876/3.4/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10876/3.4/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10876/3.4/0007.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10876/3.4/0008.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10876/3.4/0009.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10876/3.4/0010.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10877/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10879/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10879/3.4/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10880/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10882/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10883/ANY/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10940/^4.16.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11266/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11832/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11939/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11987/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11988/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-12011/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-12233/^4.17.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13053/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13099/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13405/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13900/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13917/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13919/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-14614/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-14634/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-15594/^4.18.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-16658/^4.18.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-18710/^4.19/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-19985/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-20169/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-20511/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-1000199/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-1000199/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-1000204/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2001/^3.10/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2101/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2331/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2333/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2333/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2341/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-3459/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-3460/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-5489/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-5489/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-8912/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-9454/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-9456/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-9456/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10142/^5.0.17/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10491/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10497/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10527/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10622/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10626/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10638/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11477/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11478/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11833/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11884/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14037/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14040/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14041/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14053/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14283/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14821/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15117/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15118/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15213/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15214/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15216/^5.0.14/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15239/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15505/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15807/^5.1.13/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15926/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-16746/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-16746/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-16746/3.4/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-17052/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-17052/3.4/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-17052/3.4/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-17052/3.4/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-17133/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-18806/^5.3.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19051/^5.3.11/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19066/^5.3.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19073/^5.3.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19074/^5.3.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19524/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19527/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19527/3.4/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19528/^5.3.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19528/^5.3.7/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19532/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19537/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20054/^5.0.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20054/^5.0.6/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20096/^5.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20636/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-0040/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-0404/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-0431/^3.18/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-8647/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-8648/3.4/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-8648/3.4/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-8648/3.4/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-9383/^5.5.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-10773/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11565/^5.6.2/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-12656/^5.6.10/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-13974/^5.7.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-14314/^5.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-15393/^5.7.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-25643/^5.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-25669/^5.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-27066/^5.5/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-27815/^5.10/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-28974/^5.10/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-29371/^5.9/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3178/^5.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-20261/^3.15/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-27363/^5.12/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19051/^5.3.11/0001.patch +editKernelLocalversion "-dos.p260" +cd "$DOS_BUILD_BASE" diff --git a/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_lge_mako.sh b/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_lge_mako.sh new file mode 100644 index 00000000..8a03c1ae --- /dev/null +++ b/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_lge_mako.sh @@ -0,0 +1,251 @@ +#!/bin/bash +cd "$DOS_BUILD_BASE""kernel/lge/mako" +git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc/ANY/0009.patch +git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc2/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/0090-Unknown/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6544/3.4/0009.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6704/^3.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3076/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3222/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3225/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3227/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3228/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3229/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3231/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-4312/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-4312/3.4/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-4470/^3.12/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-4738/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-3688/^3.17.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-7842/^3.17/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-7975/^3.17/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-2042/^3.19/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-6937/3.4/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7566/^4.4.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8553/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8746/^4.2.2/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8812/^4.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-9004/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2085/^4.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2185/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2186/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2187/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2384/^4.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2543/^4.4.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2549/^4.4.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3136/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3137/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3138/^4.5.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3857/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-4485/^4.5.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-4580/^4.5.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-4913/^4.5.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5244/^4.6.3/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5828/^4.6.3/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5829/^4.6.3/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6480/^4.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6740/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6828/^4.7.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-7097/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-7097/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8399/^4.9/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8406/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8650/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8655/3.4/0007.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-9576/3.4/0008.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-9604/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-9793/^4.8.14/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-10142/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-10318/^4.7.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0627/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0751/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0786/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0861/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-2671/^4.10.8/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-6345/^4.9.13/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-6348/^4.9.13/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-6951/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7472/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7645/^4.10.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8246/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8246/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8247/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8254/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8254/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8824/^4.14.3/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9242/^4.11.3/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9984/^4.11.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-10662/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-10663/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11176/^4.11.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11473/^4.12.2/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-12762/^4.12/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13695/^4.12.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14106/^4.12/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14489/^4.13.2/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-15649/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16526/^4.13.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16531/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16532/^4.13.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16534/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16537/^4.13.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16650/^4.13.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16939/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17450/^4.14.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17558/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17805/^4.14.8/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17807/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18079/^4.12.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18203/^4.14.3/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18360/^4.11.3/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000363/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-1068/^4.16/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-1092/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-3584/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5332/^4.14.13/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5333/^4.14.13/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5750/^4.14.15/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5803/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-6927/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7492/^4.14.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7566/^4.15/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7755/^4.15.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7757/^4.15.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-8781/^4.15/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9389/3.4/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9422/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9439/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9516/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9517/3.4/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9517/3.4/0007.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9517/3.4/0008.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9517/3.4/0009.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9517/3.4/0010.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9568/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10021/^4.16/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10087/^4.13/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10124/^4.13/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10675/^4.12.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10876/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10876/3.4/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10876/3.4/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10876/3.4/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10876/3.4/0007.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10876/3.4/0008.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10876/3.4/0009.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10876/3.4/0010.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10877/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10879/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10879/3.4/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10880/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10882/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10883/ANY/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10940/^4.16.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11832/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11939/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-12233/^4.17.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13053/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13099/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13405/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13917/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-14614/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-15594/^4.18.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-16658/^4.18.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-18710/^4.19/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-19985/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-20169/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-20511/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-1000199/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-1000199/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-1000204/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2001/^3.10/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2101/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2331/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-3459/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-3460/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-5489/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-5489/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-8912/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-9454/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-9456/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-9456/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10142/^5.0.17/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10607/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10638/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11477/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11478/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11833/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11884/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14040/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14053/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14283/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14821/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15117/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15118/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15213/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15214/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15216/^5.0.14/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15239/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15505/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15807/^5.1.13/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15926/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-16746/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-16746/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-16746/3.4/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-17052/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-17052/3.4/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-17052/3.4/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-17052/3.4/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-17133/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-18806/^5.3.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19051/^5.3.11/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19066/^5.3.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19073/^5.3.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19074/^5.3.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19524/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19527/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19527/3.4/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19528/^5.3.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19528/^5.3.7/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19532/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19537/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20054/^5.0.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20054/^5.0.6/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20096/^5.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20636/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-0009/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-0040/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-0404/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-0431/^3.18/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-8647/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-8648/3.4/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-8648/3.4/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-8648/3.4/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-9383/^5.5.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-10773/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11565/^5.6.2/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-12656/^5.6.10/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-13974/^5.7.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-14314/^5.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-15393/^5.7.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-25643/^5.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-25669/^5.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-27066/^5.5/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-27815/^5.10/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-28974/^5.10/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-29371/^5.9/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3178/^5.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-20261/^3.15/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-27363/^5.12/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/797912_0001-usb-gadget-Fix-synchronization-issue-between-f_audio.patch +git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/870057_0001-wcnss-add-null-check-in-pm_ops-unregister.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19051/^5.3.11/0001.patch +editKernelLocalversion "-dos.p247" +cd "$DOS_BUILD_BASE" diff --git a/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_lge_msm8974.sh b/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_lge_msm8974.sh new file mode 100644 index 00000000..61a04916 --- /dev/null +++ b/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_lge_msm8974.sh @@ -0,0 +1,213 @@ +#!/bin/bash +cd "$DOS_BUILD_BASE""kernel/lge/msm8974" +git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc/ANY/0009.patch +git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc2/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/0090-Unknown/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6544/3.4/0007.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6544/3.4/0008.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6544/3.4/0009.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6544/^3.6/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6545/3.4/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6545/3.4/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6545/3.4/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-0349/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3076/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3222/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3224/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3225/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3227/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3228/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3229/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3231/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-4470/^3.12/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-3688/^3.17.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-7842/^3.17/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-7975/^3.17/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-2042/^3.19/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-6937/3.4/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7566/^4.4.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8553/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8746/^4.2.2/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8812/^4.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8939/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-0806/prima/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-0806/prima/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-0806/prima/0007.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-0806/prima/0010.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2085/^4.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2543/^4.4.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-4485/^4.5.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-4580/^4.5.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-4913/^4.5.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5244/^4.6.3/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5828/^4.6.3/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6480/^4.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6751/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-10142/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-10318/^4.7.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0452/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0648/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0861/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7308/3.4/0020.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7308/3.4/0021.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7308/3.4/0022.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7487/^4.11.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7645/^4.10.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8824/^4.14.3/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9984/^4.11.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11176/^4.11.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11473/^4.12.2/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-12762/^4.12/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13218/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13695/^4.12.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14106/^4.12/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14489/^4.13.2/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-15845/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16526/^4.13.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16532/^4.13.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16537/^4.13.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16650/^4.13.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17450/^4.14.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17769/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17770/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17805/^4.14.8/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17807/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18079/^4.12.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18203/^4.14.3/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18360/^4.11.3/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000111/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000363/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-1068/^4.16/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-3586/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5332/^4.14.13/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5333/^4.14.13/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5750/^4.14.15/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5803/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7492/^4.14.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7566/^4.15/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7755/^4.15.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7757/^4.15.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-8781/^4.15/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9439/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9514/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10021/^4.16/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10087/^4.13/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10124/^4.13/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10675/^4.12.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10883/ANY/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10940/^4.16.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11266/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11832/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11939/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11987/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11988/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-12233/^4.17.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13053/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13900/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13917/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13919/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-14614/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-15594/^4.18.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-16658/^4.18.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-18710/^4.19/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-19985/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-20169/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-20511/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-1000199/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-1000199/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-1000204/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2101/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2331/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2333/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2333/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2341/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-3459/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-3460/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-5489/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-5489/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-8912/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-9454/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-9456/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-9456/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10142/^5.0.17/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10491/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10527/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10607/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10622/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10638/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11477/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11478/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11833/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11884/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14037/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14040/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14041/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14053/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14283/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14821/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15117/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15118/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15213/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15214/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15216/^5.0.14/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15239/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15505/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15807/^5.1.13/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15926/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-16746/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-16746/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-16746/3.4/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-17052/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-17052/3.4/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-17052/3.4/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-17052/3.4/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-17133/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-18806/^5.3.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19051/^5.3.11/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19066/^5.3.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19073/^5.3.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19074/^5.3.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19524/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19527/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19527/3.4/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19528/^5.3.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19528/^5.3.7/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19532/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19537/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20054/^5.0.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20054/^5.0.6/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20096/^5.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20636/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-0009/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-0040/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-0404/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-0431/^3.18/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-8647/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-8648/3.4/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-8648/3.4/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-8648/3.4/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-9383/^5.5.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-10773/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11565/^5.6.2/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-12656/^5.6.10/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-13974/^5.7.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-14314/^5.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-15393/^5.7.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-25643/^5.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-25669/^5.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-27066/^5.5/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-27815/^5.10/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-28974/^5.10/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-29371/^5.9/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3178/^5.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-20261/^3.15/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-27363/^5.12/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19051/^5.3.11/0001.patch +editKernelLocalversion "-dos.p209" +cd "$DOS_BUILD_BASE" diff --git a/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_lge_msm8996.sh b/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_lge_msm8996.sh new file mode 100644 index 00000000..edd16a09 --- /dev/null +++ b/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_lge_msm8996.sh @@ -0,0 +1,436 @@ +#!/bin/bash +cd "$DOS_BUILD_BASE""kernel/lge/msm8996" +git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/3.18/3.18.0115-0116.patch --exclude=Makefile +git apply $DOS_PATCHES_LINUX_CVES/0005-AndroidHardening-Deny_USB/3.18/0002-Alt2.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.18/0019.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.18/0020.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.18/0022.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.18/0023.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.18/0025.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.18/0026.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.18/0027.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.18/0028.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.18/0029.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.18/0030.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.18/0031.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.18/0032.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.18/0033.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.18/0034.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.18/0035.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.18/0036.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.18/0037.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.18/0040.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.18/0041.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.18/0042.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.18/0043.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.18/0045.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.18/0046.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.18/0050.patch +git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.10+/0018.patch +git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.10+/0019.patch +git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.10+/0023.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/0090-Unknown/ANY/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-9900/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-1339/^4.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-2041/^3.19/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-2042/^3.19/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-5257/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7515/^4.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7566/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7833/3.18/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7837/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7884/^4.3.3/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7885/^4.3.3/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8104/^4.2.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8553/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8709/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8844/^4.3.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8845/^4.4.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8953/^4.2.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2069/3.18/0013.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2069/3.18/0014.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2184/3.18/0011.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2549/3.18/0007.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2550/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2782/3.18/0007.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3136/3.18/0007.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3137/3.18/0007.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3138/3.18/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3140/3.18/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3857/3.18/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5244/3.18/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6130/^4.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6187/^4.6.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6197/3.18/0002.patch +#git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6198/3.18/0003.patch +#git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6198/3.18/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6672/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6693/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6696/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8394/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8630/3.18/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8646/^4.3.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-9756/3.18/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-10741/3.18/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-10906/^4.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-GadgetFS/ANY/0007.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-GadgetFS/ANY/0008.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-GadgetFS/ANY/0009.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-GadgetFS/ANY/0010.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0009.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0610/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0627/3.18/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0627/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-2583/3.18/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-5549/3.18/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-5551/3.18/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-5669/3.18/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-6001/3.18/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-6348/3.18/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7273/3.18/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7518/3.18/0007.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8068/3.18/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8069/3.18/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8924/3.18/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8925/3.18/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-10810/^4.11.8/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-10911/3.18/0008.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11031/3.18/0001.patch +#git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13162/3.18/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13168/3.18/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13218/3.18/0010.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13220/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13246/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13693/^4.12.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13694/^4.12.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-15102/^4.8.1/0001.patch +#git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-15951/3.18/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16536/3.18/0008.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16650/3.18/0007.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16994/3.18/0007.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16995/3.18/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17741/3.18/0008.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18216/3.18/0007.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18360/3.18/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18509/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18551/3.18/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000252/^4.13.3/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000370/^4.11.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-1066/3.18/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5390/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5390/3.18/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5832/3.18/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5849/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5897/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5904/3.18/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5953/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7755/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-8043/^4.15.8/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-8087/3.18/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9363/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9415/ANY/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9463/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9515/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9516/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10323/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10876/3.18/0013.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10877/3.18/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10878/3.18/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10878/3.18/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10879/3.18/0010.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10879/3.18/0011.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10880/3.18/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10881/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10882/3.18/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10883/3.18/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10883/3.18/0007.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10938/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11506/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11832/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11939/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11960/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11984/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11986/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11987/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11988/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11988/ANY/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-12232/3.18/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-12233/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-12896/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13053/3.18/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13094/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13406/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13900/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13912/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13913/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13914/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13919/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-14609/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-14633/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-14734/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-15594/3.18/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-16658/3.18/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-16862/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-16884/3.18/0003.patch +#git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-17972/3.18/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-18021/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-18021/3.18/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-18690/^4.17/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-18710/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-19824/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-19985/3.18/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-20169/3.18/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-20511/3.18/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-20836/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-20856/3.18/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-21008/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-v4l2-event-uaf/3.18/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-1999/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2000/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2000/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0007.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0008.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0009.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0010.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0011.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0012.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0013.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0014.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0015.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2101/3.18/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2287/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2323/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2331/ANY/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2333/ANY/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2333/ANY/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2341/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2345/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-3459/3.18/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-3460/3.18/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-3701/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-3819/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-3846/3.18/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-3882/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-6133/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-6974/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-7221/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-7222/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-8912/3.18/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-9213/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-9245/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-9453/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-9506/3.18/0007.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-9506/3.18/0008.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-9506/3.18/0009.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10142/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10486/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10491/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10503/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10515/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10524/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10524/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10524/ANY/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10527/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10529/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10544/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10555/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10567/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10571/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10622/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10638/^4.1/0015.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11190/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11477/3.18/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11478/3.18/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11479/3.18/0009.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11479/3.18/0010.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11486/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11810/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11833/3.18/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11884/3.18/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12378/^5.1.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12456/^5.1.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12614/^5.1.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12818/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12819/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12881/^4.17/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-13631/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-13648/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14037/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14038/ANY/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14040/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14041/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14047/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14053/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14055/ANY/0001.patch +#git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14070/ANY/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14284/3.18/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14814/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14821/3.18/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14835/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14895/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14896/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14901/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15098/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15117/3.18/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15118/3.18/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15211/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15212/3.18/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15213/^5.2.3/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15214/^5.0.10/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15215/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15216/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15217/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15218/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15219/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15220/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15291/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15292/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15505/3.18/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15666/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15807/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15916/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15926/3.18/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15927/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-16233/3.18/0002.patch +#git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-16746/3.18/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-16994/^5.0/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-16995/3.18/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-17052/3.18/0008.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-17053/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-17054/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-17055/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-17056/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-17075/3.18/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-17133/3.18/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-17666/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-18683/3.18/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-18806/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19051/3.18/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19051/^5.3.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19051/^5.3.11/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19052/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19054/3.18/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19056/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19057/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19062/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19063/3.18/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19066/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19073/3.18/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19074/3.18/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19227/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19318/3.18/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19332/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19447/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19448/3.18/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19524/3.18/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19527/3.18/0007.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19527/3.18/0008.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19528/^5.3.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19528/^5.3.7/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19530/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19531/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19532/3.18/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19533/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19534/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19536/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19537/3.18/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19813/3.18/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19815/3.18/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19947/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19965/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19966/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20054/3.18/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20054/3.18/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20096/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20636/3.18/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20810/3.18/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20812/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-0009/3.18/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-0066/3.18/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-0404/3.18/0003.patch +#git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-0427/3.18/0007.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-0429/3.18/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-0431/^3.18/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-0444/3.18/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-0465/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-0466/3.18/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-3610/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-3625/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-8647/3.18/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-8648/3.18/0010.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-8648/3.18/0011.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-8648/3.18/0012.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-8694/3.18/0008.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-9383/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-10711/3.18/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-10720/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-10769/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-10773/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-10942/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11282/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11286/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11309/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11494/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11565/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11608/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11608/^5.6.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11609/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11668/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-12352/3.6-^5.10/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-12352/ANY/0011.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-12652/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-12654/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-12656/^5.6.10/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-12770/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-12771/3.18/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-12826/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-13143/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-13974/3.18/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-14314/3.18/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-14331/3.18/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-14351/3.18/0009.patch +#git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-14381/3.18/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-14386/3.10-^4.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-14390/3.18/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-14416/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-15393/3.18/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-15436/3.18/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-16119/^5.10/0002.patch +#git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-16166/3.18/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-25211/3.18/0008.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-25212/3.18/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-25284/3.18/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-25285/3.18/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-25643/3.18/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-25668/3.18/0008.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-25669/3.18/0008.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-26088/3.18/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-27066/3.18/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-27068/3.18/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-27815/3.18/0008.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-27825/3.18/0007.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-28915/3.18/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-28915/3.18/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-28915/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-28974/3.18/0008.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-29371/3.18/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-29661/3.18/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-35508/3.18/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-36158/3.18/0008.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-0399/3.18/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3178/3.18/0008.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-26930/3.18/0008.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-27363/^5.12/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0610/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14283/3.18/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-0466/3.18/0003.patch +editKernelLocalversion "-dos.p432" +cd "$DOS_BUILD_BASE" diff --git a/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_moto_shamu.sh b/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_moto_shamu.sh new file mode 100644 index 00000000..8ec49abb --- /dev/null +++ b/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_moto_shamu.sh @@ -0,0 +1,169 @@ +#!/bin/bash +cd "$DOS_BUILD_BASE""kernel/moto/shamu" +git apply $DOS_PATCHES_LINUX_CVES/0002-Misc_Fixes/ANY/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc2/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.10/0004-No_dir-relax.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.10/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.10/0007.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.10/0008.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.10/0009.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.10/0010.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.10/0011.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.10/0012.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.10/0013.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.10/0014.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.10/0015.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.10/0016.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.10/0017.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.10/0018.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-2891/3.10/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-2891/^3.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-2898/3.10/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-4129/^3.10.3/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-4129/^3.10.3/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-4470/^3.12/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-8480/^3.18/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-9728/^3.18.2/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-1339/^4.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-1420/3.2-^3.19.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-4170/3.10-^3.13/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-4177/^4.0.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-5307/^4.2.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-6937/3.10/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7515/^4.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8215/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8553/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8746/^4.2.2/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8955/^4.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8967/3.10/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-0758/^4.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2475/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3865/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3865/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3894/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5244/^4.6.3/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5828/3.10/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5870/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6136/3.10/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6672/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6695/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8404/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8464/3.10/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0404/^3.18/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0524/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0537/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0627/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0627/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0648/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-5972/3.10/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-6001/3.10/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-6345/^4.9.13/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7487/^4.11.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9242/^4.11.3/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9984/^4.11.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11176/^4.11.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11473/3.10/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11600/3.10/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-12762/^4.12/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13245/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13694/^4.12.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13695/^4.12.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14489/^4.13.2/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16526/^4.13.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16532/^4.13.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16537/^4.13.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16538/^4.13.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16538/^4.13.11/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16645/^4.13.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16650/^4.13.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17450/^4.14.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17558/^4.14.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17805/^4.14.8/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18079/^4.12.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18203/^4.14.3/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18255/^4.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18257/^4.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18360/^4.11.3/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000252/^4.13.3/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5332/^4.14.13/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5333/^4.14.13/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5750/^4.14.15/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7492/^4.14.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7566/^4.15/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7755/^4.15.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7757/^4.15.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-8781/^4.15/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10021/^4.16/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10087/^4.13/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10124/^4.13/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10675/^4.12.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10940/^4.16.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11832/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-12233/^4.17.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-14734/^4.17.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-15594/^4.18.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-16658/^4.18.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-18710/^4.19/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-20511/^4.18.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-20836/^4.20/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10142/^5.0.17/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10622/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11486/^5.0.8/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12456/^5.1.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-13631/^5.2.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14284/^5.2.3/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15098/^5.2.8/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15212/^5.1.8/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15213/^5.2.3/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15216/^5.0.14/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15291/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15807/^5.1.13/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15926/^5.2.3/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-17052/^5.3.2/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-18806/^5.3.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19051/^5.3.11/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19066/^5.3.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19073/^5.3.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19074/^5.3.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19527/^5.2.10/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19528/^5.3.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19528/^5.3.7/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19531/^5.2.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19533/^5.3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19534/^5.3.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19965/^5.4.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19966/^5.1.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20054/^5.0.6/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20096/^5.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-8647/^5.5.2/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-9383/^5.5.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-10773/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11565/^5.6.2/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11608/^5.6.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11609/^5.6.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11668/^5.6.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-12656/^5.6.10/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-13974/^5.7.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-14314/^5.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-15393/^5.7.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-25643/^5.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-25669/^5.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-27066/^5.5/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-27815/^5.10/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-28974/^5.10/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-29371/^5.9/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3178/^5.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-20261/^3.15/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-27363/^5.12/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/797912_0001-usb-gadget-Fix-synchronization-issue-between-f_audio.patch +git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/870057_0001-wcnss-add-null-check-in-pm_ops-unregister.patch +git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/1035495_0001-cnss-Add-NULL-check-for-PM-related-APIs.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14283/^5.2.3/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19051/^5.3.11/0001.patch +editKernelLocalversion "-dos.p165" +cd "$DOS_BUILD_BASE" diff --git a/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_nextbit_msm8992.sh b/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_nextbit_msm8992.sh new file mode 100644 index 00000000..1781ab45 --- /dev/null +++ b/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_nextbit_msm8992.sh @@ -0,0 +1,256 @@ +#!/bin/bash +cd "$DOS_BUILD_BASE""kernel/nextbit/msm8992" +git apply $DOS_PATCHES_LINUX_CVES/0002-Misc_Fixes/ANY/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc2/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.10/0004-No_dir-relax.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.10/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.10/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.10/0007.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.10/0008.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.10/0009.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.10/0010.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.10/0011.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.10/0012.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.10/0013.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.10/0014.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.10/0015.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.10/0016.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.10/0017.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.10/0018.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-2891/3.10/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-2891/^3.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-2898/3.10/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-4129/^3.10.3/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-4129/^3.10.3/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-4470/^3.12/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-8480/^3.18/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-9728/^3.18.2/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-9904/^3.17/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-1339/^4.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-5307/^4.2.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-6937/3.10/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8553/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8746/^4.2.2/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5244/^4.6.3/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5828/3.10/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6672/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6693/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6696/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8394/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0627/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0648/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0861/3.10/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0862/3.10/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-6345/^4.9.13/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7533/3.10/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7533/3.10/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8243/3.10/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8281/3.10/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8281/3.10/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8824/3.10/0009.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9711/3.10/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9723/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9984/^4.11.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11176/^4.11.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11473/3.10/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11600/3.10/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-12762/^4.12/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13163/3.10/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13168/3.10/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13218/3.10/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13218/3.10/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13218/3.10/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13218/3.10/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13245/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13246/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13305/3.10/0009.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13694/^4.12.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13695/^4.12.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14489/^4.13.2/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-15115/3.10/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-15649/3.10/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-15837/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16526/^4.13.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16527/3.10/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16531/3.10/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16532/^4.13.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16533/3.10/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16534/3.10/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16535/3.10/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16537/^4.13.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16538/^4.13.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16538/^4.13.11/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16643/3.5-^4.13.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16645/^4.13.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16650/^4.13.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16939/3.10/0009.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17450/^4.14.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17558/^4.14.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17762/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17805/^4.14.8/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17806/3.10/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18079/^4.12.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18153/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18161/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18203/^4.14.3/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18255/^4.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18306/3.10/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18360/^4.11.3/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18595/^4.14.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000252/^4.13.3/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000410/3.10/0008.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-1068/3.10/0008.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-1068/^4.16/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-3563/3.10/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-3584/ANY/0001.patch +#git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-3585/3.10/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-3597/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5332/^4.14.13/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5333/^4.14.13/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5390/3.10/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5390/3.10/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5750/^4.14.15/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5803/3.10/0010.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5825/3.10/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5858/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5864/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5897/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5897/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5904/3.10/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5908/3.10/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7492/^4.14.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7566/^4.15/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7755/^4.15.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7757/^4.15.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-8781/^4.15/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9383/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9389/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9416/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9516/^4.17/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9518/3.10/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10021/^4.16/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10087/^4.13/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10124/^4.13/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10675/^4.12.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10877/3.10/0009.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10879/3.10/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10879/3.10/0007.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10880/3.10/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10881/3.10/0007.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10882/3.10/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10883/ANY/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10940/^4.16.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11265/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11273/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11286/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11832/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11919/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11939/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11987/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-12011/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-12233/^4.17.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13053/3.10/0008.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13405/3.10/0007.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13913/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-14634/3.10/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-14734/^4.17.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-15594/^4.18.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-16658/^4.18.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-18021/^4.18.12/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-18710/^4.19/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-19824/3.10/0008.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-20511/^4.18.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-20836/^4.20/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-1000199/3.10/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2001/^3.10/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2101/3.10/0009.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2331/ANY/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-3459/3.10/0009.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-3460/3.10/0009.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-8912/3.10/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10142/^5.0.17/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10491/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10519/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10607/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10622/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10639/3.10/0008.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11477/3.10/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11478/3.10/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11478/3.10/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11479/3.10/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11479/3.10/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11486/^5.0.8/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11833/3.10/0009.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11884/3.10/0009.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12456/^5.1.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-13631/^5.2.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14037/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14038/ANY/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14040/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14041/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14055/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14284/^5.2.3/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15098/^5.2.8/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15212/^5.1.8/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15213/^5.2.3/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15216/^5.0.14/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15291/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15807/^5.1.13/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15926/^5.2.3/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-17052/^5.3.2/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-17133/^5.3.2/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-18806/^5.3.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19051/^5.3.11/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19066/^5.3.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19073/^5.3.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19074/^5.3.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19447/3.10/0009.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19524/3.10/0009.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19527/^5.2.10/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19528/^5.3.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19528/^5.3.7/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19531/^5.2.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19532/3.10/0009.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19533/^5.3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19534/^5.3.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19536/^5.2.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19965/^5.4.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19966/^5.1.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20054/^5.0.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20054/^5.0.6/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20096/^5.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20636/^5.4.12/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-0429/^4.14/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-8647/^5.5.2/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-9383/^5.5.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-10773/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11286/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11565/^5.6.2/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11608/^5.6.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11609/^5.6.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11668/^5.6.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-12656/^5.6.10/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-13143/^5.6.13/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-13974/^5.7.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-14314/^5.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-14386/3.10-^4.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-15393/^5.7.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-25643/^5.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-25669/^5.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-27066/^5.5/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-27815/^5.10/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-28974/^5.10/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-29371/^5.9/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3178/^5.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-20261/^3.15/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-27363/^5.12/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14283/^5.2.3/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19051/^5.3.11/0001.patch +editKernelLocalversion "-dos.p252" +cd "$DOS_BUILD_BASE" diff --git a/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_oneplus_msm8996.sh b/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_oneplus_msm8996.sh new file mode 100644 index 00000000..c0e12bc8 --- /dev/null +++ b/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_oneplus_msm8996.sh @@ -0,0 +1,351 @@ +#!/bin/bash +cd "$DOS_BUILD_BASE""kernel/oneplus/msm8996" +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.18/0019.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.18/0020.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.18/0022.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.18/0023.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.18/0025.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.18/0026.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.18/0027.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.18/0028.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.18/0029.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.18/0030.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.18/0031.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.18/0032.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.18/0033.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.18/0034.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.18/0035.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.18/0036.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.18/0037.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.18/0040.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.18/0041.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.18/0042.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.18/0043.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.18/0045.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.18/0046.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/3.18/0050.patch +git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.10+/0018.patch +git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.10+/0019.patch +git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.10+/0023.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-9900/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-1339/^4.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-2041/^3.19/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-2042/^3.19/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-5257/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7515/^4.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7566/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7833/3.18/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7837/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7884/^4.3.3/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7885/^4.3.3/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8104/^4.2.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8553/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8709/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8844/^4.3.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8845/^4.4.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8953/^4.2.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2069/3.18/0013.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2069/3.18/0014.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2184/3.18/0011.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2549/3.18/0007.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2550/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2782/3.18/0007.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3136/3.18/0007.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3137/3.18/0007.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3138/3.18/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3140/3.18/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3672/^4.5.2/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3857/3.18/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5244/3.18/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6130/^4.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6187/^4.6.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6197/3.18/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6198/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6198/3.18/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6672/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6693/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6696/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8394/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8630/3.18/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8646/^4.3.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-9756/3.18/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-10741/3.18/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-10906/^4.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-GadgetFS/ANY/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-GadgetFS/ANY/0007.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-GadgetFS/ANY/0008.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-GadgetFS/ANY/0009.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-GadgetFS/ANY/0010.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0009.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0610/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0627/3.18/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0627/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-2583/3.18/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-5549/3.18/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-5551/3.18/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-5669/3.18/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-6001/3.18/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-6348/3.18/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7273/3.18/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7518/3.18/0007.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8068/3.18/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8069/3.18/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8924/3.18/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8925/3.18/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-10911/3.18/0008.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11031/3.18/0001.patch +#git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13162/3.18/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13218/3.18/0010.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13220/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13246/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13693/^4.12.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13694/^4.12.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14883/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-15102/^4.8.1/0001.patch +#git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-15951/3.18/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16532/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16912/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16913/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16914/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16994/3.18/0007.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16995/3.18/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17741/3.18/0008.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18216/3.18/0007.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18360/3.18/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18509/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18551/3.18/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000252/^4.13.3/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000370/^4.11.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-1066/3.18/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5825/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5897/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5953/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-8043/^4.15.8/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-8087/3.18/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9415/ANY/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10323/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11506/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-12232/3.18/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-12896/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13094/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-15594/3.18/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-16276/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-16862/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-16884/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-18690/^4.17/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-18710/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-19824/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-19985/3.18/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-20856/3.18/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-21008/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0007.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0008.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0009.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0010.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0011.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0012.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0013.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0014.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0015.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2101/3.18/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-3459/3.18/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-3460/3.18/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-3701/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-3819/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-3846/3.18/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-3882/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-6133/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-6974/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-7221/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-7222/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-8912/3.18/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-9213/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-9245/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-9453/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-9506/3.18/0007.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-9506/3.18/0008.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-9506/3.18/0009.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10142/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10622/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10638/^4.1/0015.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11190/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11478/3.18/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11486/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11833/3.18/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11884/3.18/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12378/^5.1.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12456/^5.1.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12614/^5.1.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12818/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12819/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12881/^4.17/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-13631/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-13648/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14284/3.18/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14814/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14821/3.18/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14835/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14895/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14896/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14901/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15098/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15117/3.18/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15118/3.18/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15211/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15212/3.18/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15213/^5.2.3/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15214/^5.0.10/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15215/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15216/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15217/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15218/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15219/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15220/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15291/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15292/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15505/3.18/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15666/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15807/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15916/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15926/3.18/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15927/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-16233/3.18/0002.patch +#git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-16746/3.18/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-16994/^5.0/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-16995/3.18/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-17052/3.18/0008.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-17053/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-17054/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-17055/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-17056/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-17075/3.18/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-17133/3.18/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-17666/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-18683/3.18/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-18806/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19051/3.18/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19051/^5.3.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19051/^5.3.11/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19052/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19054/3.18/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19056/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19057/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19062/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19063/3.18/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19066/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19073/3.18/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19074/3.18/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19227/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19318/3.18/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19332/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19447/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19448/3.18/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19524/3.18/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19527/3.18/0007.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19527/3.18/0008.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19528/^5.3.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19528/^5.3.7/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19530/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19531/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19532/3.18/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19533/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19534/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19536/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19537/3.18/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19813/3.18/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19815/3.18/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19947/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19965/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19966/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20054/3.18/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20054/3.18/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20096/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20636/3.18/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20810/3.18/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20812/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-0009/3.18/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-0066/3.18/0002.patch +#git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-0427/3.18/0007.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-0429/3.18/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-0431/^3.18/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-0444/3.18/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-0465/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-0466/3.18/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-8647/3.18/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-8648/3.18/0010.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-8648/3.18/0011.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-8648/3.18/0012.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-8694/3.18/0008.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-9383/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-10711/3.18/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-10720/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-10732/3.18/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-10769/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-10773/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-10942/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11309/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11494/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11565/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11608/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11608/^5.6.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11609/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11668/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-12352/3.6-^5.10/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-12352/ANY/0011.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-12652/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-12654/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-12656/^5.6.10/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-12770/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-12771/3.18/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-12826/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-13143/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-13974/3.18/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-14314/3.18/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-14331/3.18/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-14351/3.18/0009.patch +#git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-14381/3.18/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-14386/3.10-^4.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-14390/3.18/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-14416/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-15393/3.18/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-15436/3.18/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-16119/^5.10/0002.patch +#git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-16166/3.18/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-25211/3.18/0008.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-25212/3.18/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-25284/3.18/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-25285/3.18/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-25643/3.18/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-25668/3.18/0008.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-25669/3.18/0008.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-26088/3.18/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-27066/3.18/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-27068/3.18/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-27675/3.18/0008.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-27815/3.18/0008.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-27825/3.18/0007.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-28915/3.18/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-28915/3.18/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-28915/3.18/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-28974/3.18/0008.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-29371/3.18/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-29661/3.18/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-35508/3.18/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-36158/3.18/0008.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-0399/3.18/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3178/3.18/0008.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-26930/3.18/0008.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-27363/^5.12/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0610/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14283/3.18/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-0466/3.18/0003.patch +editKernelLocalversion "-dos.p347" +cd "$DOS_BUILD_BASE" diff --git a/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_oneplus_msm8998.sh b/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_oneplus_msm8998.sh new file mode 100644 index 00000000..b5864cbc --- /dev/null +++ b/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_oneplus_msm8998.sh @@ -0,0 +1,61 @@ +#!/bin/bash +cd "$DOS_BUILD_BASE""kernel/oneplus/msm8998" +git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/4.4/4.4.0260-0261.patch --exclude=Makefile +git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.10+/0016.patch +git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.10+/0020.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0006.patch +#git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0011.patch +#git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0012.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0013.patch +#git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0014.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0015.patch +#git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0019.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7837/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-1583/^4.6.3/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6187/^4.6.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6693/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6696/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8394/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0009.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0610/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0627/4.4/0009.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0627/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9059/^4.11.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9211/^4.11.2/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13218/4.4/0019.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13693/^4.12.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13694/^4.12.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14875/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18174/^4.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18204/4.4/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000252/^4.13.3/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5897/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9415/ANY/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-16597/4.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-8912/^4.20.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10494/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10622/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12378/^5.1.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12456/^5.1.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14763/^4.16.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15291/4.4/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-16994/^5.0/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19051/4.4/0012.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19068/4.4/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-3625/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11160/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11608/4.4/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11608/^5.6.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-12352/ANY/0011.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-14386/3.10-^4.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-16119/^5.10/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-27363/4.4/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-27365/4.4/0007.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-27365/4.4/0008.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-28038/4.4/0007.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-28038/4.4/0008.patch +editKernelLocalversion "-dos.p57" +cd "$DOS_BUILD_BASE" diff --git a/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_oppo_msm8974.sh b/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_oppo_msm8974.sh new file mode 100644 index 00000000..2af292fe --- /dev/null +++ b/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_oppo_msm8974.sh @@ -0,0 +1,147 @@ +#!/bin/bash +cd "$DOS_BUILD_BASE""kernel/oppo/msm8974" +git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc/ANY/0009.patch +git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc2/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6544/3.4/0007.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6544/3.4/0008.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6544/3.4/0009.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6544/^3.6/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6545/3.4/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6545/3.4/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6545/3.4/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-0349/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3076/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3222/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3224/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3225/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3227/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3228/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3229/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3231/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-4470/^3.12/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-3688/^3.17.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-7842/^3.17/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-7975/^3.17/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-9781/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-9880/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-2042/^3.19/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-6937/3.4/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7566/^4.4.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8553/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8746/^4.2.2/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8812/^4.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-0801/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2085/^4.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2443/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2543/^4.4.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-4485/^4.5.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-4580/^4.5.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-4913/^4.5.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5244/^4.6.3/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5828/^4.6.3/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6480/^4.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6672/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-7117/^4.5.2/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8404/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-10142/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-10318/^4.7.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0510/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0524/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0610/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0611/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0648/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0751/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0786/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0861/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7308/3.4/0021.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7308/3.4/0022.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7487/^4.11.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7645/^4.10.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8246/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8247/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8824/^4.14.3/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9242/^4.11.3/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9684/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9706/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9984/^4.11.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11000/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11019/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11039/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11090/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11473/^4.12.2/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-12153/^4.13.3/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-12762/^4.12/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13167/^4.4/0009.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13695/^4.12.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14489/^4.13.2/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16526/^4.13.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16532/^4.13.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16537/^4.13.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16650/^4.13.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17450/^4.14.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17805/^4.14.8/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18079/^4.12.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18161/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18203/^4.14.3/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18360/^4.11.3/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000363/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000380/^4.11.5/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5332/^4.14.13/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5333/^4.14.13/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5750/^4.14.15/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7492/^4.14.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7566/^4.15/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7755/^4.15.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7757/^4.15.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-8781/^4.15/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10021/^4.16/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10087/^4.13/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10124/^4.13/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10675/^4.12.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10879/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10880/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10940/^4.16.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-12233/^4.17.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-15594/^4.18.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-16658/^4.18.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-18710/^4.19/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10142/^5.0.17/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10622/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15216/^5.0.14/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15807/^5.1.13/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-18806/^5.3.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19051/^5.3.11/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19066/^5.3.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19073/^5.3.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19074/^5.3.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19528/^5.3.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19528/^5.3.7/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20054/^5.0.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20054/^5.0.6/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20096/^5.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-9383/^5.5.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-10773/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11565/^5.6.2/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-12656/^5.6.10/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-13974/^5.7.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-14314/^5.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-15393/^5.7.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-25643/^5.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-25669/^5.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-27066/^5.5/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-27815/^5.10/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-28974/^5.10/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-29371/^5.9/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3178/^5.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-20261/^3.15/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-27363/^5.12/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19051/^5.3.11/0001.patch +editKernelLocalversion "-dos.p143" +cd "$DOS_BUILD_BASE" diff --git a/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_razer_msm8998.sh b/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_razer_msm8998.sh new file mode 100644 index 00000000..6d2a540a --- /dev/null +++ b/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_razer_msm8998.sh @@ -0,0 +1,69 @@ +#!/bin/bash +cd "$DOS_BUILD_BASE""kernel/razer/msm8998" +git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/4.4/4.4.0256-0257.patch --exclude=Makefile +git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/4.4/4.4.0260-0261.patch --exclude=Makefile +git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.10+/0016.patch +git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.10+/0020.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0006.patch +#git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0011.patch +#git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0012.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0013.patch +#git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0014.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0015.patch +#git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0019.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7837/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-1583/^4.6.3/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6187/^4.6.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6693/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6696/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8394/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0009.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0610/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0627/4.4/0009.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0627/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9059/^4.11.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9211/^4.11.2/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13218/4.4/0019.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13693/^4.12.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13694/^4.12.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14875/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18174/^4.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18204/4.4/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000252/^4.13.3/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5897/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9415/ANY/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-16597/4.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-8912/^4.20.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10622/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12378/^5.1.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12456/^5.1.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14763/^4.16.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15291/4.4/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-16994/^5.0/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19051/4.4/0012.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19068/4.4/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11160/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11608/4.4/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11608/^5.6.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-12352/ANY/0011.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-14386/3.10-^4.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-16119/^5.10/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-26930/4.4/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-26931/4.4/0010.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-26931/4.4/0011.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-26931/4.4/0012.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-26932/4.4/0016.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-26932/4.4/0017.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-26932/4.4/0018.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-26932/4.4/0019.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-26932/4.4/0020.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-27363/4.4/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-27365/4.4/0007.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-27365/4.4/0008.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-28038/4.4/0007.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-28038/4.4/0008.patch +editKernelLocalversion "-dos.p65" +cd "$DOS_BUILD_BASE" diff --git a/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_samsung_jf.sh b/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_samsung_jf.sh new file mode 100644 index 00000000..ebf81dfb --- /dev/null +++ b/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_samsung_jf.sh @@ -0,0 +1,256 @@ +#!/bin/bash +cd "$DOS_BUILD_BASE""kernel/samsung/jf" +git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc/ANY/0008.patch +git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc/ANY/0009.patch +git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc2/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/0090-Unknown/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6544/3.4/0009.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3076/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3222/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3225/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3227/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3228/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3229/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3231/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-4470/^3.12/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-4737/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-3688/^3.17.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-7842/^3.17/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-7975/^3.17/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-9410/ANY/msm.git-43b4ff3bf3fbb02e85defcea939629f46506a217.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-0568/ANY/msm.git-8de3fe39e7c40190f82832253ed5946714e5bff1.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-2042/^3.19/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-6937/3.4/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7566/^4.4.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8553/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8746/^4.2.2/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8812/^4.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2085/^4.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2185/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2186/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2187/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2475/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3136/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3854/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3857/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3865/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3894/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-4485/^4.5.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-4580/^4.5.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-4913/^4.5.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5244/^4.6.3/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5828/^4.6.3/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6480/^4.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6672/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8404/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-10142/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-10233/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-10318/^4.7.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0430/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0457/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0524/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0573/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0627/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0706/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0751/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0786/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0791/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7487/^4.11.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7645/^4.10.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8254/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8254/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8824/^4.14.3/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9984/^4.11.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-10662/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-10663/^4.12.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11015/prima/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11015/prima/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11089/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11090/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11176/^4.11.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11473/^4.12.2/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-12762/^4.12/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13080/3.4/0009.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13167/^4.4/0009.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13215/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13245/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13246/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13292/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13305/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13695/^4.12.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14106/^4.12/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14489/^4.13.2/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-15115/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-15649/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-15850/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-15868/3.4/0012.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-15868/3.4/0013.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-15868/3.4/0014.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16525/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16526/^4.13.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16531/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16532/^4.13.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16533/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16534/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16535/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16537/^4.13.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16643/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16650/^4.13.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16939/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17450/^4.14.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17558/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17805/^4.14.8/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17806/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17807/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18079/^4.12.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18203/^4.14.3/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18257/^4.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18360/^4.11.3/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000111/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000251/3.4/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000363/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000365/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-1068/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-1068/^4.16/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-1092/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-3561/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-3563/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-3584/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5332/^4.14.13/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5333/^4.14.13/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5344/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5750/^4.14.15/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5803/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7492/^4.14.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7566/^4.15/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7755/^4.15.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7757/^4.15.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-8781/^4.15/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9389/3.4/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9416/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9439/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9516/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9517/3.4/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9517/3.4/0007.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9517/3.4/0008.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9517/3.4/0009.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9517/3.4/0010.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9568/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10021/^4.16/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10087/^4.13/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10124/^4.13/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10675/^4.12.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10877/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10879/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10879/3.4/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10880/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10882/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10883/ANY/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10940/^4.16.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11939/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-12233/^4.17.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13099/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13405/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13917/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-14634/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-15594/^4.18.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-16658/^4.18.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-18710/^4.19/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-19985/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-20169/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-20511/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-1000199/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-1000199/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-1000204/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2001/^3.10/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2101/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2331/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-3459/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-3460/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-8912/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-9454/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-9456/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-9456/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10142/^5.0.17/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10638/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11477/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11478/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11599/^4.9/0009.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11833/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11884/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14040/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14041/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14053/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14283/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14821/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15117/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15118/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15213/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15214/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15216/^5.0.14/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15239/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15505/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15807/^5.1.13/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15926/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-16746/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-16746/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-16746/3.4/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-17052/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-17052/3.4/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-17052/3.4/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-17052/3.4/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-17133/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-18806/^5.3.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19051/^5.3.11/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19066/^5.3.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19073/^5.3.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19074/^5.3.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19524/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19527/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19527/3.4/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19528/^5.3.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19528/^5.3.7/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19532/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19537/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20054/^5.0.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20054/^5.0.6/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20096/^5.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20636/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-0009/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-0040/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-0404/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-0431/^3.18/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-8647/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-8648/3.4/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-8648/3.4/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-8648/3.4/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-9383/^5.5.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-10773/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11565/^5.6.2/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-12656/^5.6.10/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-13974/^5.7.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-14314/^5.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-15393/^5.7.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-25643/^5.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-25669/^5.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-27066/^5.5/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-27815/^5.10/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-28974/^5.10/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-29371/^5.9/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3178/^5.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-20261/^3.15/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-27363/^5.12/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/LVT-2017-0002/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/LVT-2017-0004/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/797912_0001-usb-gadget-Fix-synchronization-issue-between-f_audio.patch +git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/870057_0001-wcnss-add-null-check-in-pm_ops-unregister.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19051/^5.3.11/0001.patch +editKernelLocalversion "-dos.p252" +cd "$DOS_BUILD_BASE" diff --git a/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_samsung_msm8974.sh b/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_samsung_msm8974.sh new file mode 100644 index 00000000..738bb0e6 --- /dev/null +++ b/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_samsung_msm8974.sh @@ -0,0 +1,115 @@ +#!/bin/bash +cd "$DOS_BUILD_BASE""kernel/samsung/msm8974" +git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc/ANY/0009.patch +git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc2/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-AndroidHardening-Kernel_Hardening/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6544/3.4/0009.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3076/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3222/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3225/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3227/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3228/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3229/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3231/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-4470/^3.12/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-3688/^3.17.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-7842/^3.17/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-7975/^3.17/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-2042/^3.19/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-6937/3.4/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7566/^4.4.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8553/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8746/^4.2.2/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8812/^4.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2085/^4.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2475/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-4485/^4.5.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-4578/^4.6/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-4580/^4.5.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-4913/^4.5.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5828/^4.6.3/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6480/^4.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-10142/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-10318/^4.7.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0611/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7308/3.4/0021.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7308/3.4/0022.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7645/^4.10.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8246/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8254/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8254/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8824/^4.14.3/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9984/^4.11.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11473/^4.12.2/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-12762/^4.12/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13695/^4.12.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14489/^4.13.2/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-15868/3.4/0012.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16526/^4.13.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16532/^4.13.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16537/^4.13.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16650/^4.13.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17450/^4.14.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17805/^4.14.8/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18079/^4.12.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18203/^4.14.3/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18360/^4.11.3/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000363/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5332/^4.14.13/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5333/^4.14.13/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5750/^4.14.15/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7492/^4.14.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7566/^4.15/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7755/^4.15.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7757/^4.15.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-8781/^4.15/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10021/^4.16/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10087/^4.13/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10124/^4.13/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10675/^4.12.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10879/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10880/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10940/^4.16.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-12233/^4.17.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-15594/^4.18.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-16658/^4.18.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-18710/^4.19/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10142/^5.0.17/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10622/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15216/^5.0.14/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15807/^5.1.13/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-18806/^5.3.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19051/^5.3.11/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19066/^5.3.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19073/^5.3.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19074/^5.3.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19528/^5.3.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19528/^5.3.7/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20054/^5.0.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20054/^5.0.6/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20096/^5.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-9383/^5.5.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-10773/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11565/^5.6.2/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-12656/^5.6.10/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-13974/^5.7.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-14314/^5.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-15393/^5.7.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-25643/^5.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-25669/^5.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-27066/^5.5/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-27815/^5.10/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-28974/^5.10/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-29371/^5.9/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3178/^5.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-20261/^3.15/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-27363/^5.12/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19051/^5.3.11/0001.patch +editKernelLocalversion "-dos.p111" +cd "$DOS_BUILD_BASE" diff --git a/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_xiaomi_sdm845.sh b/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_xiaomi_sdm845.sh new file mode 100644 index 00000000..587cb4f5 --- /dev/null +++ b/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_xiaomi_sdm845.sh @@ -0,0 +1,64 @@ +#!/bin/bash +cd "$DOS_BUILD_BASE""kernel/xiaomi/sdm845" +git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.10+/0016.patch +git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.10+/0020.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0026.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0027.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0028.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0029.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0030.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0031.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0032.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0033.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0034.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0035.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0036.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0037.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0038.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0039.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0041.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0042.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0043.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0044.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0045.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0046.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0047.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0048.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0049.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0050.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7837/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3695/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0008.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0009.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0605/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0627/4.9/0010.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0627/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7477/4.9/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13693/^4.12.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13694/^4.12.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14875/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000252/^4.13.3/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5897/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9415/ANY/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-20855/^4.18.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12378/^5.1.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12455/^5.1.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12456/^5.1.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14104/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15291/4.9/0007.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-16921/^4.17/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-16994/4.9/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19051/4.9/0013.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19068/4.9/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20908/^5.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-0067/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-3674/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11146/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11608/4.9/0007.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11608/^5.6.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-16119/^5.10/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-24394/^5.7.8/0001.patch +editKernelLocalversion "-dos.p60" +cd "$DOS_BUILD_BASE" diff --git a/Scripts/LineageOS-18.1/Defaults.sh b/Scripts/LineageOS-18.1/Defaults.sh new file mode 100644 index 00000000..8f664b82 --- /dev/null +++ b/Scripts/LineageOS-18.1/Defaults.sh @@ -0,0 +1,51 @@ +#!/bin/bash +#DivestOS: A privacy focused mobile distribution +#Copyright (c) 2017-2021 Divested Computing Group +# +#This program is free software: you can redistribute it and/or modify +#it under the terms of the GNU General Public License as published by +#the Free Software Foundation, either version 3 of the License, or +#(at your option) any later version. +# +#This program is distributed in the hope that it will be useful, +#but WITHOUT ANY WARRANTY; without even the implied warranty of +#MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +#GNU General Public License for more details. +# +#You should have received a copy of the GNU General Public License +#along with this program. If not, see . + +#Changes various default settings +#Last verified: 2021-03-22 + +#Useful commands +#nano $(find . -name "config.xml" | grep "values/" | grep -v "device" | grep -v "tests") +#nano $(find . -name "defaults.xml" | grep "values/" | grep -v "device") + +echo "Changing default settings..."; + +enter "packages/apps/Dialer"; +sed -i 's/ENABLE_FORWARD_LOOKUP, true)/ENABLE_FORWARD_LOOKUP, false)/' java/com/android/dialer/lookup/LookupSettings*.java; #Disable FLP +sed -i 's/ENABLE_PEOPLE_LOOKUP, true)/ENABLE_PEOPLE_LOOKUP, false)/' java/com/android/dialer/lookup/LookupSettings*.java; #Disable PLP +sed -i 's/ENABLE_REVERSE_LOOKUP, true)/ENABLE_REVERSE_LOOKUP, false)/' java/com/android/dialer/lookup/LookupSettings*.java; #Disable RLP + +enter "packages/apps/Nfc"; +sed -i 's/boolean NFC_ON_DEFAULT = true;/boolean NFC_ON_DEFAULT = false;/' src/com/android/nfc/NfcService.java; #Disable NFC +sed -i 's/boolean NDEF_PUSH_ON_DEFAULT = true;/boolean NDEF_PUSH_ON_DEFAULT = false;/' src/com/android/nfc/NfcService.java; #Disable NDEF Push + +enter "packages/apps/Settings"; +sed -i 's/INSTANT_APPS_ENABLED, 1/INSTANT_APPS_ENABLED, 0/' src/com/android/settings/applications/managedomainurls/InstantAppWebActionPreferenceController.java; #Disable "Instant Apps" +sed -i 's/DEFAULT_VALUE = 1;/DEFAULT_VALUE = 0.5f;/' src/com/android/settings/development/*ScalePreferenceController.java; #Always reset animation scales to 0.5 + +enter "packages/apps/SetupWizard"; +sed -i 's/UPDATE_RECOVERY_PROP, false)/UPDATE_RECOVERY_PROP, true)/' src/org/lineageos/setupwizard/UpdateRecoveryActivity.java; #Always update recovery by default + +enter "packages/apps/Updater"; +sed -i 's/Constants.UPDATE_RECOVERY_PROPERTY, false)/Constants.UPDATE_RECOVERY_PROPERTY, true)/' src/org/lineageos/updater/UpdatesActivity.java; #Always update recovery by default + +enter "vendor/lineage"; +sed -i 's/ro.config.notification_sound=Argon.ogg/ro.config.notification_sound=Pong.ogg/' config/common*.mk; +sed -i 's/ro.config.alarm_alert=Hassium.ogg/ro.config.alarm_alert=Alarm_Buzzer.ogg/' config/common*.mk; + +cd "$DOS_BUILD_BASE"; +echo "Default settings changed!"; diff --git a/Scripts/LineageOS-18.1/Functions.sh b/Scripts/LineageOS-18.1/Functions.sh new file mode 100644 index 00000000..9d66fe7e --- /dev/null +++ b/Scripts/LineageOS-18.1/Functions.sh @@ -0,0 +1,150 @@ +#!/bin/bash +#DivestOS: A privacy focused mobile distribution +#Copyright (c) 2017-2021 Divested Computing Group +# +#This program is free software: you can redistribute it and/or modify +#it under the terms of the GNU General Public License as published by +#the Free Software Foundation, either version 3 of the License, or +#(at your option) any later version. +# +#This program is distributed in the hope that it will be useful, +#but WITHOUT ANY WARRANTY; without even the implied warranty of +#MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +#GNU General Public License for more details. +# +#You should have received a copy of the GNU General Public License +#along with this program. If not, see . + +#Last verified: 2021-03-22 + +patchAllKernels() { + startPatcher "kernel_essential_msm8998 kernel_fxtec_msm8998 kernel_google_coral kernel_google_msm kernel_google_msm-4.9 kernel_google_wahoo kernel_htc_msm8974 kernel_lge_mako kernel_lge_msm8974 kernel_lge_msm8996 kernel_moto_shamu kernel_nextbit_msm8992 kernel_oneplus_msm8996 kernel_oneplus_msm8998 kernel_oppo_msm8974 kernel_razer_msm8998 kernel_samsung_jf kernel_samsung_msm8974 kernel_xiaomi_sdm845"; +} +export -f patchAllKernels; + +resetWorkspace() { + repo forall -c 'git add -A && git reset --hard' && rm -rf out && repo sync -j20 --force-sync; +} +export -f resetWorkspace; + +scanWorkspaceForMalware() { + local scanQueue="$DOS_BUILD_BASE/android $DOS_BUILD_BASE/art $DOS_BUILD_BASE/bionic $DOS_BUILD_BASE/bootable $DOS_BUILD_BASE/build $DOS_BUILD_BASE/dalvik $DOS_BUILD_BASE/device $DOS_BUILD_BASE/hardware $DOS_BUILD_BASE/libcore $DOS_BUILD_BASE/libnativehelper $DOS_BUILD_BASE/packages $DOS_BUILD_BASE/pdk $DOS_BUILD_BASE/platform_testing $DOS_BUILD_BASE/sdk $DOS_BUILD_BASE/system"; + scanQueue=$scanQueue" $DOS_BUILD_BASE/lineage-sdk $DOS_BUILD_BASE/vendor/lineage"; + scanForMalware true "$scanQueue"; +} +export -f scanWorkspaceForMalware; + +buildDevice() { + cd "$DOS_BUILD_BASE"; + export OTA_KEY_OVERRIDE_DIR="$DOS_SIGNING_KEYS/$1"; + brunch "lineage_$1-user" && processRelease $1 true $2; +} +export -f buildDevice; + +buildDeviceUserDebug() { + cd "$DOS_BUILD_BASE"; + export OTA_KEY_OVERRIDE_DIR="$DOS_SIGNING_KEYS/$1"; + brunch "lineage_$1-userdebug" && processRelease $1 true $2; +} +export -f buildDeviceUserDebug; + +buildDeviceDebug() { + cd "$DOS_BUILD_BASE"; + unset OTA_KEY_OVERRIDE_DIR; + brunch "lineage_$1-eng"; +} +export -f buildDeviceDebug; + +buildAll() { + cd "$DOS_BUILD_BASE"; + if [ "$DOS_MALWARE_SCAN_ENABLED" = true ]; then scanWorkspaceForMalware; fi; + if [ "$DOS_OPTIMIZE_IMAGES" = true ]; then optimizeImagesRecursive "$DOS_BUILD_BASE"; fi; + #SDS4P + buildDevice flox; + buildDevice mako; + #SD600 + buildDevice jfltexx; + #SD800 + buildDevice d802; + #SD801 + buildDevice bacon; + buildDevice d855; + buildDevice klte; + buildDevice m8; + #SD805 + buildDevice shamu verity; + #SD808 + buildDevice ether; + #SD820 + buildDevice h850; + buildDevice rs988; + buildDevice h990; + buildDevice us996; + buildDevice oneplus3 verity; + #SD835 + buildDevice cheryl verity; + buildDevice cheeseburger verity; #needs manual patching - vendor common makefile + buildDevice dumpling verity; + buildDevice mata verity; + buildDevice taimen avb; + buildDevice walleye avb; + #SD845 + buildDevice beryllium; #needs manual patching in vendor + buildDevice pro1 avb; + #SD855 + buildDevice coral avb; + buildDevice flame avb; + #SD670 + buildDevice bonito avb; + buildDevice sargo avb; +} +export -f buildAll; + +patchWorkspace() { + if [ "$DOS_MALWARE_SCAN_ENABLED" = true ]; then scanForMalware false "$DOS_PREBUILT_APPS $DOS_BUILD_BASE/build $DOS_BUILD_BASE/device $DOS_BUILD_BASE/vendor/lineage"; fi; + + #source build/envsetup.sh; + + source "$DOS_SCRIPTS/Patch.sh"; + source "$DOS_SCRIPTS_COMMON/Copy_Keys.sh"; + source "$DOS_SCRIPTS/Defaults.sh"; + source "$DOS_SCRIPTS/Rebrand.sh"; + source "$DOS_SCRIPTS_COMMON/Optimize.sh"; + source "$DOS_SCRIPTS_COMMON/Deblob.sh"; + source "$DOS_SCRIPTS_COMMON/Patch_CVE.sh"; + source build/envsetup.sh; + + #Deblobbing fixes + ##setup-makefiles doesn't execute properly for some devices, running it twice seems to fix whatever is wrong + #none yet +} +export -f patchWorkspace; + +enableDexPreOpt() { + cd "$DOS_BUILD_BASE$1"; + if [ -f BoardConfig.mk ]; then + echo "WITH_DEXPREOPT := true" >> BoardConfig.mk; + echo "WITH_DEXPREOPT_DEBUG_INFO := false" >> BoardConfig.mk; + #m8: /system partition too small + if [ "$1" != "device/htc/m8" ]; then + echo "WITH_DEXPREOPT_BOOT_IMG_AND_SYSTEM_SERVER_ONLY := false" >> BoardConfig.mk; + echo "Enabled full dexpreopt for $1"; + else + echo "WITH_DEXPREOPT_BOOT_IMG_AND_SYSTEM_SERVER_ONLY := true" >> BoardConfig.mk; + echo "Enabled core dexpreopt for $1"; + fi; + fi; + cd "$DOS_BUILD_BASE"; +} +export -f enableDexPreOpt; + +enableLowRam() { + cd "$DOS_BUILD_BASE$1"; + #if [ -f lineage.mk ]; then echo '$(call inherit-product, $(SRC_TARGET_DIR)/product/go_defaults.mk)' >> lineage.mk; fi; + if [ -f lineage.mk ]; then echo '$(call inherit-product, vendor/divested/build/target/product/lowram.mk)' >> lineage.mk; fi; + if [ -f BoardConfig.mk ]; then echo 'MALLOC_SVELTE := true' >> BoardConfig.mk; fi; + if [ -f BoardConfigCommon.mk ]; then echo 'MALLOC_SVELTE := true' >> BoardConfigCommon.mk; fi; + echo "Enabled lowram for $1"; + cd "$DOS_BUILD_BASE"; +} +export -f enableLowRam; diff --git a/Scripts/LineageOS-18.1/Patch.sh b/Scripts/LineageOS-18.1/Patch.sh new file mode 100644 index 00000000..6e24d7e6 --- /dev/null +++ b/Scripts/LineageOS-18.1/Patch.sh @@ -0,0 +1,306 @@ +#!/bin/bash +#DivestOS: A privacy focused mobile distribution +#Copyright (c) 2015-2021 Divested Computing Group +# +#This program is free software: you can redistribute it and/or modify +#it under the terms of the GNU General Public License as published by +#the Free Software Foundation, either version 3 of the License, or +#(at your option) any later version. +# +#This program is distributed in the hope that it will be useful, +#but WITHOUT ANY WARRANTY; without even the implied warranty of +#MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +#GNU General Public License for more details. +# +#You should have received a copy of the GNU General Public License +#along with this program. If not, see . + +#Last verified: 2021-03-22 + +#Initialize aliases +#source ../../Scripts/init.sh + +#Delete Everything and Sync +#resetWorkspace + +#Apply all of our changes +#patchWorkspace + +#Build! +#buildDevice [device] +#buildAll + +# +#START OF PREPRATION +# +#Download some (non-executable) out-of-tree files for use later on +cd "$DOS_TMP_DIR"; +if [ "$DOS_HOSTS_BLOCKING" = true ]; then $DOS_TOR_WRAPPER wget "$DOS_HOSTS_BLOCKING_LIST" -N; fi; +cd "$DOS_BUILD_BASE"; + +#Accept all SDK licences, not normally needed but Gradle managed apps fail without it +mkdir -p "$ANDROID_HOME/licenses"; +echo -e "\n8933bad161af4178b1185d1a37fbf41ea5269c55\nd56f5187479451eabf01fb78af6dfcb131a6481e" > "$ANDROID_HOME/licenses/android-sdk-license"; +echo -e "\n84831b9409646a918e30573bab4c9c91346d8abd" > "$ANDROID_HOME/licenses/android-sdk-preview-license"; +# +#END OF PREPRATION +# + +# +#START OF ROM CHANGES +# + +#top dir +cp -r "$DOS_PREBUILT_APPS""Fennec_DOS-Shim" "$DOS_BUILD_BASE""packages/apps/"; #Add a shim to install Fennec DOS without actually including the large APK +gpgVerifyDirectory "$DOS_PREBUILT_APPS""android_vendor_FDroid_PrebuiltApps/packages"; +cp -r "$DOS_PREBUILT_APPS""android_vendor_FDroid_PrebuiltApps/." "$DOS_BUILD_BASE""vendor/fdroid_prebuilt/"; #Add the prebuilt apps +cp -r "$DOS_PATCHES_COMMON""android_vendor_divested/." "$DOS_BUILD_BASE""vendor/divested/"; #Add our vendor files + +enterAndClear "bootable/recovery"; +#git revert --no-edit 304cbe612ccd85ef376a3fb4f7166961dc1d1afc; #Don't allow bypassing signature verification +patch -p1 < "$DOS_PATCHES/android_bootable_recovery/0001-No_SerialNum_Restrictions.patch"; #Abort on serial number specific packages (GrapheneOS) + +enterAndClear "build/make"; +patch -p1 < "$DOS_PATCHES/android_build/0001-Restore_TTS.patch"; #Add back PicoTTS and language files +#patch -p1 < "$DOS_PATCHES/android_build/0001-OTA_Keys.patch"; #add correct keys to recovery for OTA verification #XXX 18REBASE +awk -i inplace '!/PRODUCT_EXTRA_RECOVERY_KEYS/' core/product.mk; +sed -i '75i$(my_res_package): PRIVATE_AAPT_FLAGS += --auto-add-overlay' core/aapt2.mk; + +enterAndClear "device/qcom/sepolicy-legacy"; +patch -p1 < "$DOS_PATCHES/android_device_qcom_sepolicy-legacy/0001-Camera_Fix.patch"; #Fix camera on -user builds XXX: REMOVE THIS TRASH +echo "SELINUX_IGNORE_NEVERALLOWS := true" >> sepolicy.mk; #necessary for -user builds of legacy devices + +enterAndClear "external/chromium-webview"; +git pull "https://github.com/LineageOS/android_external_chromium-webview" refs/changes/88/305088/2 #update webview + +enterAndClear "external/svox"; +git revert --no-edit 1419d63b4889a26d22443fd8df1f9073bf229d3d; #Add back Makefiles +sed -i '12iLOCAL_SDK_VERSION := current' pico/Android.mk; #Fix build under Pie +sed -i 's/about to delete/unable to delete/' pico/src/com/svox/pico/LangPackUninstaller.java; +awk -i inplace '!/deletePackage/' pico/src/com/svox/pico/LangPackUninstaller.java; + +enterAndClear "frameworks/base"; +hardenLocationConf services/core/java/com/android/server/location/gps_debug.conf; +sed -i 's/DEFAULT_MAX_FILES = 1000;/DEFAULT_MAX_FILES = 0;/' services/core/java/com/android/server/DropBoxManagerService.java; #Disable DropBox +sed -i 's/DEFAULT_MAX_FILES_LOWRAM = 300;/DEFAULT_MAX_FILES_LOWRAM = 0;/' services/core/java/com/android/server/DropBoxManagerService.java; #Disable DropBox +sed -i 's/(notif.needNotify)/(true)/' location/java/com/android/internal/location/GpsNetInitiatedHandler.java; #Notify user when location is requested via SUPL +sed -i 's/entry == null/entry == null || true/' core/java/android/os/RecoverySystem.java; #Skip update compatibiltity check XXX: TEMPORARY FIX +sed -i 's/!Build.isBuildConsistent()/false/' services/core/java/com/android/server/wm/ActivityTaskManagerService.java; #Disable fingerprint mismatch warning XXX: TEMPORARY FIX +sed -i 's/DEFAULT_STRONG_AUTH_TIMEOUT_MS = 72 \* 60 \* 60 \* 1000;/DEFAULT_STRONG_AUTH_TIMEOUT_MS = 12 * 60 * 60 * 1000;/' core/java/android/app/admin/DevicePolicyManager.java; #decrease strong auth prompt timeout +if [ "$DOS_MICROG_INCLUDED" = "FULL" ]; then patch -p1 < "$DOS_PATCHES/android_frameworks_base/0002-Signature_Spoofing.patch"; fi; #Allow packages to spoof their signature (microG) +if [ "$DOS_MICROG_INCLUDED" = "FULL" ]; then patch -p1 < "$DOS_PATCHES/android_frameworks_base/0003-Harden_Sig_Spoofing.patch"; fi; #Restrict signature spoofing to system apps signed with the platform key +changeDefaultDNS; +patch -p1 < "$DOS_PATCHES/android_frameworks_base/0006-Disable_Analytics.patch"; #Disable/reduce functionality of various ad/analytics libraries +patch -p1 < "$DOS_PATCHES/android_frameworks_base/0007-Always_Restict_Serial.patch"; #always restrict access to Build.SERIAL (GrapheneOS) +patch -p1 < "$DOS_PATCHES/android_frameworks_base/0008-Browser_No_Location.patch"; #don't grant location permission to system browsers (GrapheneOS) +patch -p1 < "$DOS_PATCHES/android_frameworks_base/0009-SystemUI_No_Permission_Review.patch"; #allow SystemUI to directly manage Bluetooth/WiFi (GrapheneOS) +patch -p1 < "$DOS_PATCHES/android_frameworks_base/0003-SUPL_No_IMSI.patch"; #don't send IMSI to SUPL (MSe) +patch -p1 < "$DOS_PATCHES/android_frameworks_base/0004-Fingerprint_Lockout.patch"; #enable fingerprint failed lockout after 5 attempts (GrapheneOS) +if [ "$DOS_MICROG_INCLUDED" != "FULL" ]; then rm -rf packages/CompanionDeviceManager; fi; #Used to support Android Wear (which hard depends on GMS) +rm -rf packages/PrintRecommendationService; #Creates popups to install proprietary print apps + +if [ "$DOS_DEBLOBBER_REMOVE_IMS" = true ]; then +enterAndClear "frameworks/opt/net/ims"; +patch -p1 < "$DOS_PATCHES/android_frameworks_opt_net_ims/0001-Fix_Calling.patch"; #Fix calling when IMS is removed +fi + +enterAndClear "hardware/qcom/display"; +git apply "$DOS_PATCHES_COMMON/android_hardware_qcom_display/CVE-2019-2306-msm8084.patch" --directory msm8084; +git apply "$DOS_PATCHES_COMMON/android_hardware_qcom_display/CVE-2019-2306-msm8916.patch" --directory msm8226; +git apply "$DOS_PATCHES_COMMON/android_hardware_qcom_display/CVE-2019-2306-msm8960.patch" --directory msm8960; +git apply "$DOS_PATCHES_COMMON/android_hardware_qcom_display/CVE-2019-2306-msm8974.patch" --directory msm8974; +git apply "$DOS_PATCHES_COMMON/android_hardware_qcom_display/CVE-2019-2306-msm8994.patch" --directory msm8994; +#TODO: missing msm8909, msm8996, msm8998, sdm845, sdm8150 + +enterAndClear "hardware/qcom-caf/apq8084/display"; +git apply "$DOS_PATCHES_COMMON/android_hardware_qcom_display/CVE-2019-2306-apq8084.patch"; + +enterAndClear "hardware/qcom-caf/msm8952/display"; +git apply "$DOS_PATCHES_COMMON/android_hardware_qcom_display/CVE-2019-2306-msm8952.patch"; + +enterAndClear "hardware/qcom-caf/msm8960/display"; +git apply "$DOS_PATCHES_COMMON/android_hardware_qcom_display/CVE-2019-2306-msm8960.patch"; + +enterAndClear "hardware/qcom-caf/msm8974/display"; +git apply "$DOS_PATCHES_COMMON/android_hardware_qcom_display/CVE-2019-2306-msm8974.patch"; + +enterAndClear "hardware/qcom-caf/msm8994/display"; +git apply "$DOS_PATCHES_COMMON/android_hardware_qcom_display/CVE-2019-2306-msm8994.patch"; + +enterAndClear "hardware/qcom-caf/msm8996/audio"; +patch -p1 < "$DOS_PATCHES/android_hardware_qcom_audio/0001-Unused-8996.patch"; #audio_extn: Fix unused parameter warning in utils.c + +enterAndClear "hardware/qcom-caf/msm8998/audio"; +patch -p1 < "$DOS_PATCHES/android_hardware_qcom_audio/0001-Unused-8998.patch"; #audio_extn: Fix unused parameter warning in utils.c + +enterAndClear "lineage-sdk"; +awk -i inplace '!/LineageWeatherManagerService/' lineage/res/res/values/config.xml; #Disable Weather +if [ "$DOS_DEBLOBBER_REMOVE_AUDIOFX" = true ]; then awk -i inplace '!/LineageAudioService/' lineage/res/res/values/config.xml; fi; + +enterAndClear "packages/apps/Contacts"; +patch -p1 < "$DOS_PATCHES_COMMON/android_packages_apps_Contacts/0001-No_Google_Links.patch"; #Remove Privacy Policy and Terms of Service links (GrapheneOS) + +enterAndClear "packages/apps/LineageParts"; +rm -rf src/org/lineageos/lineageparts/lineagestats/ res/xml/anonymous_stats.xml res/xml/preview_data.xml; #Nuke part of the analytics +patch -p1 < "$DOS_PATCHES/android_packages_apps_LineageParts/0001-Remove_Analytics.patch"; #Remove analytics + +enterAndClear "packages/apps/PermissionController"; +if [ "$DOS_MICROG_INCLUDED" = "FULL" ]; then patch -p1 < "$DOS_PATCHES/android_packages_apps_PermissionController/0001-Signature_Spoofing.patch"; fi; #Allow packages to spoof their signature (microG) + +enterAndClear "packages/apps/Settings"; +sed -i 's/if (isFullDiskEncrypted()) {/if (false) {/' src/com/android/settings/accessibility/*AccessibilityService*.java; #Never disable secure start-up when enabling an accessibility service +if [ "$DOS_MICROG_INCLUDED" = "FULL" ]; then sed -i 's/GSETTINGS_PROVIDER = "com.google.settings";/GSETTINGS_PROVIDER = "com.google.oQuae4av";/' src/com/android/settings/backup/PrivacySettingsUtils.java; fi; #microG doesn't support Backup, hide the options + +enterAndClear "packages/apps/SetupWizard"; +patch -p1 < "$DOS_PATCHES/android_packages_apps_SetupWizard/0001-Remove_Analytics.patch"; #Remove analytics + +enterAndClear "packages/apps/Trebuchet"; +cp $DOS_BUILD_BASE/vendor/divested/overlay/common/packages/apps/Trebuchet/res/xml/default_workspace_*.xml res/xml/; #XXX: Likely no longer needed + +enterAndClear "packages/apps/Updater"; +patch -p1 < "$DOS_PATCHES/android_packages_apps_Updater/0001-Server.patch"; #Switch to our server +patch -p1 < "$DOS_PATCHES/android_packages_apps_Updater/0002-Tor_Support.patch"; #Add Tor support +sed -i 's/PROP_BUILD_VERSION_INCREMENTAL);/PROP_BUILD_VERSION_INCREMENTAL).replaceAll("\\\\.", "");/' src/org/lineageos/updater/misc/Utils.java; #Remove periods from incremental version +#TODO: Remove changelog + +enterAndClear "packages/inputmethods/LatinIME"; +patch -p1 < "$DOS_PATCHES_COMMON/android_packages_inputmethods_LatinIME/0001-Voice.patch"; #Remove voice input key + +#enterAndClear "packages/services/Telephony"; +#patch -p1 < "$DOS_PATCHES/android_packages_services_Telephony/0001-PREREQ_Handle_All_Modes.patch"; #XXX 18REBASE +#patch -p1 < "$DOS_PATCHES/android_packages_services_Telephony/0002-More_Preferred_Network_Modes.patch"; #XXX 18REBASE + +enterAndClear "system/core"; +if [ "$DOS_HOSTS_BLOCKING" = true ]; then cat "$DOS_HOSTS_FILE" >> rootdir/etc/hosts; fi; #Merge in our HOSTS file +git revert --no-edit e8dcabaf6b55ec55eb73c4585501ddbafc04fc9b 79f606ece6b74652d374eb4f79de309a0aa81360; #insanity +patch -p1 < "$DOS_PATCHES/android_system_core/0001-Harden.patch"; #Harden mounts with nodev/noexec/nosuid + misc sysfs changes (GrapheneOS) + +enterAndClear "system/extras"; +patch -p1 < "$DOS_PATCHES/android_system_extras/0001-ext4_pad_filenames.patch"; #FBE: pad filenames more (GrapheneOS) + +enterAndClear "system/sepolicy"; +patch -p1 < "$DOS_PATCHES/android_system_sepolicy/0001-LGE_Fixes.patch"; #Fix -user builds for LGE devices +patch -p1 < "$DOS_PATCHES/android_system_sepolicy/0001-LGE_Fixes.patch" --directory="prebuilts/api/30.0"; +patch -p1 < "$DOS_PATCHES/android_system_sepolicy/0001-LGE_Fixes.patch" --directory="prebuilts/api/29.0"; +patch -p1 < "$DOS_PATCHES/android_system_sepolicy/0001-LGE_Fixes.patch" --directory="prebuilts/api/28.0"; +patch -p1 < "$DOS_PATCHES/android_system_sepolicy/0001-LGE_Fixes.patch" --directory="prebuilts/api/27.0"; +patch -p1 < "$DOS_PATCHES/android_system_sepolicy/0001-LGE_Fixes.patch" --directory="prebuilts/api/26.0"; +awk -i inplace '!/true cannot be used in user builds/' Android.mk; #Allow ignoring neverallows under -user + +enterAndClear "system/update_engine"; +git revert --no-edit c0e056ed5c084ce55557c4aecbad540e2b235785; #Do not skip payload signature verification + +enterAndClear "vendor/lineage"; +rm build/target/product/security/lineage.x509.pem; +rm -rf overlay/common/lineage-sdk/packages/LineageSettingsProvider/res/values/defaults.xml; #Remove analytics +rm -rf overlay/common/frameworks/base/core/res/res/drawable-*/default_wallpaper.png; +if [ "$DOS_HOSTS_BLOCKING" = true ]; then awk -i inplace '!/50-lineage.sh/' config/*.mk; fi; #Make sure our hosts is always used +awk -i inplace '!/PRODUCT_EXTRA_RECOVERY_KEYS/' config/*.mk; #Remove extra keys +awk -i inplace '!/security\/lineage/' config/*.mk; #Remove extra keys +awk -i inplace '!/WeatherProvider/' config/*.mk; +awk -i inplace '!/def_backup_transport/' overlay/common/frameworks/base/packages/SettingsProvider/res/values/defaults.xml; +if [ "$DOS_DEBLOBBER_REMOVE_AUDIOFX" = true ]; then awk -i inplace '!/AudioFX/' config/*.mk; fi; #XXX: 18REBASE +if [ "$DOS_MICROG_INCLUDED" = "NLP" ]; then sed -i '/Google provider/!b;n;s/com.google.android.gms/org.microg.nlp/' overlay/common/frameworks/base/core/res/res/values/config.xml; fi; +sed -i 's/LINEAGE_BUILDTYPE := UNOFFICIAL/LINEAGE_BUILDTYPE := dos/' config/*.mk; #Change buildtype +if [ "$DOS_NON_COMMERCIAL_USE_PATCHES" = true ]; then sed -i 's/LINEAGE_BUILDTYPE := dos/LINEAGE_BUILDTYPE := dosNC/' config/*.mk; fi; +echo 'include vendor/divested/divestos.mk' >> config/common.mk; #Include our customizations +cp -f "$DOS_PATCHES_COMMON/apns-conf.xml" prebuilt/common/etc/apns-conf.xml; #Update APN list + +enter "vendor/divested"; +awk -i inplace '!/EtarPrebuilt/' packages.mk; #lineage-17.1 calendar is Etar fork +if [ "$DOS_MICROG_INCLUDED" = "FULL" ]; then echo "PRODUCT_PACKAGES += GmsCore GsfProxy FakeStore" >> packages.mk; fi; +if [ "$DOS_HOSTS_BLOCKING" = false ]; then echo "PRODUCT_PACKAGES += $DOS_HOSTS_BLOCKING_APP" >> packages.mk; fi; +echo "PRODUCT_PACKAGES += vendor.lineage.trust@1.0-service" >> packages.mk; #All of our kernels have deny USB patch added +# +#END OF ROM CHANGES +# + +# +#START OF DEVICE CHANGES +# +enterAndClear "device/asus/flox"; +git revert --no-edit f638a192cbef0045b6235fdd8fe28ee500ff7527; #conflict +compressRamdisks; +rm -rf bdAddrLoader; #duplicate with mako + +#enterAndClear "device/essential/mata"; +#git revert --no-edit 3928b30a97fe7f6b6020bbd9d83a56a32de4ba16 #e91f0fece65d32ca407be532e2c4456056b1a968; #Unbreak the earpiece speaker, breaking the loud speaker volume control on calls #XXX 18REBASE + +enterAndClear "device/fxtec/pro1"; +enableVerity; #Resurrect dm-verity + +enterAndClear "device/google/bonito"; +enableVerity; #Resurrect dm-verity +awk -i inplace '!/INODE_COUNT/' BoardConfigLineage.mk; #mke2fs -1 incompatibility (?) + +enterAndClear "device/google/coral"; +enableVerity; #Resurrect dm-verity + +enterAndClear "device/google/wahoo"; +enableVerity; #Resurrect dm-verity + +enterAndClear "device/htc/m8-common"; +awk -i inplace '!/TARGET_RELEASETOOLS_EXTENSIONS/' BoardConfigCommon.mk; #broken releasetools + +enterAndClear "device/lge/g2-common"; +sed -i '3itypeattribute hwaddrs misc_block_device_exception;' sepolicy/hwaddrs.te; +awk -i inplace '!/TARGET_RELEASETOOLS_EXTENSIONS/' BoardConfigCommon.mk; #broken releasetools + +enterAndClear "device/lge/mako"; +git revert --no-edit 6081a4436b3d20536650cb11c37e64709bd33159; #Fix vibrator logspam +echo "pmf=0" >> wifi/wpa_supplicant_overlay.conf; #Wi-Fi chipset doesn't support PMF +awk -i inplace '!/TARGET_RELEASETOOLS_EXTENSIONS/' BoardConfig.mk; #broken releasetools + +enterAndClear "device/lge/msm8996-common"; +sed -i '3itypeattribute hwaddrs misc_block_device_exception;' sepolicy/hwaddrs.te; +awk -i inplace '!/WfdCommon/' msm8996.mk; #fix breakage + +#enterAndClear "device/moto/shamu"; +#git revert --no-edit 05fb49518049440f90423341ff25d4f75f10bc0c; #restore releasetools #TODO + +#enterAndClear "device/motorola/clark"; +#echo "TARGET_RECOVERY_PERMISSIVE_OVERRIDE := true" >> BoardConfig.mk; #Allow extract_firmware.sh to function + +enterAndClear "device/oneplus/msm8998-common"; +awk -i inplace '!/TARGET_RELEASETOOLS_EXTENSIONS/' BoardConfigCommon.mk; #disable releasetools to fix delta ota generation + +enterAndClear "device/oppo/common"; +awk -i inplace '!/TARGET_RELEASETOOLS_EXTENSIONS/' BoardConfigCommon.mk; #disable releasetools to fix delta ota generation + +enterAndClear "device/oppo/msm8974-common"; +sed -i 's/libinit_msm8974/libinit_msm8974-oppo/' BoardConfigCommon.mk init/Android.bp; #Fix name conflict +sed -i "s/TZ.BF.2.0-2.0.0134/TZ.BF.2.0-2.0.0134|TZ.BF.2.0-2.0.0137/" board-info.txt; #Suport new TZ firmware https://review.lineageos.org/#/c/178999/ + +enterAndClear "device/samsung/msm8974-common"; +echo "TARGET_RECOVERY_DENSITY := hdpi" >> BoardConfigCommon.mk; +echo "allow hal_gnss_default ssr_device:chr_file { open read };" >> sepolicy/common/hal_gnss_default.te; + +enterAndClear "kernel/google/wahoo"; +sed -i 's/asm(SET_PSTATE_UAO(1));/asm(SET_PSTATE_UAO(1)); return 0;/' arch/arm64/mm/fault.c; #fix build with CONFIG_ARM64_UAO + +#Make changes to all devices +cd "$DOS_BUILD_BASE"; +if [ "$DOS_LOWRAM_ENABLED" = true ]; then find "device" -maxdepth 2 -mindepth 2 -type d -print0 | xargs -0 -n 1 -P 8 -I {} bash -c 'enableLowRam "{}"'; fi; +find "hardware/qcom/gps" -name "gps\.conf" -type f -print0 | xargs -0 -n 1 -P 4 -I {} bash -c 'hardenLocationConf "{}"'; +find "device" -name "gps\.conf" -type f -print0 | xargs -0 -n 1 -P 4 -I {} bash -c 'hardenLocationConf "{}"'; +find "device" -type d -name "overlay" -print0 | xargs -0 -n 1 -P 4 -I {} bash -c 'hardenLocationFWB "{}"'; +if [ "$DOS_DEBLOBBER_REMOVE_IMS" = "false" ]; then find "device" -maxdepth 2 -mindepth 2 -type d -print0 | xargs -0 -n 1 -P 8 -I {} bash -c 'volteOverride "{}"'; fi; +find "device" -maxdepth 2 -mindepth 2 -type d -print0 | xargs -0 -n 1 -P 8 -I {} bash -c 'enableDexPreOpt "{}"'; +find "device" -maxdepth 2 -mindepth 2 -type d -print0 | xargs -0 -n 1 -P 8 -I {} bash -c 'hardenUserdata "{}"'; +find "device" -maxdepth 2 -mindepth 2 -type d -print0 | xargs -0 -n 1 -P 8 -I {} bash -c 'hardenBootArgs "{}"'; +find "kernel" -maxdepth 2 -mindepth 2 -type d -print0 | xargs -0 -n 1 -P 4 -I {} bash -c 'hardenDefconfig "{}"'; +cd "$DOS_BUILD_BASE"; +deblobAudio; +removeBuildFingerprints; + +#Fix broken options enabled by hardenDefconfig() +sed -i "s/CONFIG_DEBUG_RODATA=y/# CONFIG_DEBUG_RODATA is not set/" kernel/google/msm/arch/arm/configs/lineageos_*_defconfig; #Breaks on compile +sed -i "s/CONFIG_DEBUG_RODATA=y/# CONFIG_DEBUG_RODATA is not set/" kernel/lge/mako/arch/arm/configs/lineageos_*_defconfig; #Breaks on compile +sed -i "s/CONFIG_STRICT_MEMORY_RWX=y/# CONFIG_STRICT_MEMORY_RWX is not set/" kernel/lge/msm8996/arch/arm64/configs/lineageos_*_defconfig; #Breaks on compile +sed -i "s/CONFIG_STRICT_MEMORY_RWX=y/# CONFIG_STRICT_MEMORY_RWX is not set/" kernel/oneplus/msm8996/arch/arm64/configs/lineageos_*_defconfig; #Breaks on compile + +sed -i 's/YYLTYPE yylloc;/extern YYLTYPE yylloc;/' kernel/*/*/scripts/dtc/dtc-lexer.l*; #Fix builds with GCC 10 +rm -v kernel/*/*/drivers/staging/greybus/tools/Android.mk; +# +#END OF DEVICE CHANGES +# diff --git a/Scripts/LineageOS-18.1/Rebrand.sh b/Scripts/LineageOS-18.1/Rebrand.sh new file mode 100644 index 00000000..02b96880 --- /dev/null +++ b/Scripts/LineageOS-18.1/Rebrand.sh @@ -0,0 +1,79 @@ +#!/bin/bash +#DivestOS: A privacy focused mobile distribution +#Copyright (c) 2017-2021 Divested Computing Group +# +#This program is free software: you can redistribute it and/or modify +#it under the terms of the GNU General Public License as published by +#the Free Software Foundation, either version 3 of the License, or +#(at your option) any later version. +# +#This program is distributed in the hope that it will be useful, +#but WITHOUT ANY WARRANTY; without even the implied warranty of +#MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +#GNU General Public License for more details. +# +#You should have received a copy of the GNU General Public License +#along with this program. If not, see . + +#Updates select user facing strings +#Last verified: 2021-03-22 + +echo "Rebranding..."; + +enter "bootable/recovery"; +awk -i inplace '!/DrawSurface\(logo.get\(\)/' recovery_ui/screen_ui.cpp; #Hide logo +mogrify -format png -fill "#FF5722" -opaque "#167C80" -fuzz 10% res-*/images/*sel.png; #Recolor icons +mogrify -format png -fill "#FF5722" -opaque "#7c4dff" -fuzz 10% res-*/images/ic_back_sel.png; +sed -i 's|0x7c, 0x4d, 0xff|0xff, 0x57, 0x22|' recovery_ui/*ui.cpp; #Recolor accents (recovery primary) +sed -i 's|0xf8, 0x90, 0xff|0xff, 0x98, 0x00|' recovery_ui/*ui.cpp; #Recolor accents (recovery secondar) +sed -i 's|0xe6, 0x51, 0x00|0x4c, 0xaf, 0x50|' recovery_ui/*ui.cpp; #Recolor accents (fastboot primary) +sed -i 's|0xfd, 0xd8, 0x35|0x8b, 0xc3, 0x4a|' recovery_ui/*ui.cpp; #Recolor accents (fastboot secondary) +sed -i 's|0xfd, 0xd8,0x35|0x8b, 0xc3, 0x4a|' recovery_ui/*ui.cpp; #Recolor accents (fastboot secondary typo) +sed -i 's|0x16, 0x7c, 0x80|0x03, 0xa9, 0xf4|' recovery_ui/*ui.cpp; #Recolor text +sed -i 's|Android Recovery|'"$DOS_BRANDING_NAME"' Recovery|' recovery_ui/*ui.cpp; +sed -i 's|LineageOS|'"$DOS_BRANDING_NAME"'|' recovery_ui/*ui.cpp; +sed -i 's|Lineage |'"$DOS_BRANDING_NAME"' |' recovery.cpp; + +enter "build/make"; +sed -i 's|echo "ro.build.user=$BUILD_USERNAME"|echo "ro.build.user=emy"|' tools/buildinfo.sh; #Override build user +sed -i 's|echo "ro.build.host=$BUILD_HOSTNAME"|echo "ro.build.host=dosbm"|' tools/buildinfo.sh; #Override build host + +enter "frameworks/base"; +generateBootAnimationMask "$DOS_BRANDING_NAME" "$DOS_BRANDING_BOOTANIMATION_FONT" core/res/assets/images/android-logo-mask.png; +generateBootAnimationShine "$DOS_BRANDING_BOOTANIMATION_COLOR" "$DOS_BRANDING_BOOTANIMATION_STYLE" core/res/assets/images/android-logo-shine.png; + +enter "lineage-sdk"; +sed -i '/.*lineage_version/s/LineageOS/'"$DOS_BRANDING_NAME"'/' lineage/res/res/values*/strings.xml; +sed -i '/.*lineage_updates/s/LineageOS/'"$DOS_BRANDING_NAME"'/' lineage/res/res/values*/strings.xml; +sed -i '/.*lineageos_system_label/s/LineageOS/'"$DOS_BRANDING_NAME"'/' lineage/res/res/values*/strings.xml; + +enter "packages/apps/LineageParts"; +sed -i '/.*egg_title/s/LineageOS/'"$DOS_BRANDING_NAME"'/' res/values*/strings.xml; +sed -i '/.*lineageparts_title/s/LineageOS/'"$DOS_BRANDING_NAME"'/' res/values*/strings.xml; +sed -i '/.*privacy_settings_category/s/LineageOS/'"$DOS_BRANDING_NAME"'/' res/values*/strings.xml; +sed -i '/.*trust_feature_security_patches_explain/s/LineageOS/'"$DOS_BRANDING_NAME"'/' res/values*/strings.xml; + +enter "packages/apps/Settings"; +sed -i '/.*lineagelicense_title/s/LineageOS/'"$DOS_BRANDING_NAME"'/' res/values*/cm_strings.xml; + +enter "packages/apps/SetupWizard"; +sed -i 's|http://lineageos.org/legal|'"$DOS_BRANDING_LINK_PRIVACY"'|' src/org/lineageos/setupwizard/LineageSettingsActivity.java; +sed -i '/.*intro_restore/s/LineageOS/'"$DOS_BRANDING_NAME"'/' res/values*/strings.xml; +sed -i '/.*os_name/s/LineageOS/'"$DOS_BRANDING_NAME"'/' res/values*/strings.xml; +sed -i '/.*services/s/LineageOS/'"$DOS_BRANDING_NAME"'/g' res/values*/strings.xml; +sed -i '/.*setup_services/s/LineageOS/'"$DOS_BRANDING_NAME"'/g' res/values*/strings.xml; +sed -i '/.*update_recovery/s/Lineage/'"$DOS_BRANDING_NAME"'/g' res/values*/strings.xml; + +enter "packages/apps/Updater"; +sed -i 's|0OTA_SERVER_CLEARNET0|'"$DOS_BRANDING_SERVER_OTA"'|' src/org/lineageos/updater/misc/Utils.java; +sed -i 's|0OTA_SERVER_ONION0|'"$DOS_BRANDING_SERVER_OTA_ONION"'|' src/org/lineageos/updater/misc/Utils.java; +sed -i 's|>LineageOS|>'"$DOS_BRANDING_NAME"'|' res/values*/strings.xml; + +enter "vendor/lineage"; +sed -i 's|https://lineageos.org/legal|'"$DOS_BRANDING_LINK_ABOUT"'|' build/core/main_version.mk +sed -i '/.*ZIPPATH=/s/lineage/'"$DOS_BRANDING_ZIP_PREFIX"'/' build/envsetup.sh; +sed -i '/LINEAGE_TARGET_PACKAGE/s/lineage/'"$DOS_BRANDING_ZIP_PREFIX"'/' build/tasks/bacon.mk; +rm -rf bootanimation; + +cd "$DOS_BUILD_BASE"; +echo "Rebranding complete!"; diff --git a/Scripts/init.sh b/Scripts/init.sh index d27962e1..d3ca3fde 100644 --- a/Scripts/init.sh +++ b/Scripts/init.sh @@ -51,8 +51,8 @@ export DOS_DEBLOBBER_REPLACE_TIME=false; #Set true to replace Qualcomm Time Serv #Features export DOS_GPS_GLONASS_FORCED=false; #Enables GLONASS on all devices -export DOS_GRAPHENE_MALLOC=true; #Enables use of GrapheneOS' hardened memory allocator on 64-bit platforms -export DOS_GRAPHENE_EXEC=false; #Enables use of GrapheneOS' exec spawning feature XXX: broken (just on 17.1?) +export DOS_GRAPHENE_MALLOC=true; #Enables use of GrapheneOS' hardened memory allocator on 64-bit platforms on 16.0+17.1 +export DOS_GRAPHENE_EXEC=false; #Enables use of GrapheneOS' exec spawning feature on 16.0+17.1 XXX: broken (just on 17.1?) export DOS_HOSTS_BLOCKING=true; #Set false to prevent inclusion of a HOSTS file export DOS_HOSTS_BLOCKING_APP="DNS66"; #App installed when built-in blocking is disabled. Options: DNS66 export DOS_HOSTS_BLOCKING_LIST="https://divestos.org/hosts"; #Must be in the format "127.0.0.1 bad.domain.tld"