Drop 11.0

It has been over 2,500 days since the last release of 4.4.4.
And over 600 days since I last compiled this.

Signed-off-by: Tad <tad@spotco.us>
This commit is contained in:
Tad 2021-10-14 20:07:16 -04:00
parent 7ba42f052a
commit 5b630620f8
51 changed files with 0 additions and 3754 deletions

View File

@ -1,76 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<manifest>
<!-- START OF UNNECESSARY REPO REMOVAL -->
<remove-project name="device/generic/mini-emulator-armv7-a-neon" />
<remove-project name="device/generic/mini-emulator-mips" />
<remove-project name="device/generic/mini-emulator-x86" />
<remove-project name="LineageOS/android_device_generic_mips" />
<remove-project name="LineageOS/android_device_generic_x86" />
<remove-project name="LineageOS/android_device_google_accessory_arduino" />
<remove-project name="LineageOS/android_device_google_accessory_demokit" />
<remove-project name="LineageOS/android_external_ant-wireless_ant_native" />
<remove-project name="LineageOS/android_external_ant-wireless_ant_service" />
<remove-project name="LineageOS/android_external_arduino" />
<remove-project name="LineageOS/android_external_bash" />
<remove-project name="LineageOS/android_external_openssh" />
<remove-project name="LineageOS/android_external_powertop" />
<remove-project name="LineageOS/android_external_unrar" />
<remove-project name="LineageOS/android_packages_apps_CMAccount" />
<remove-project name="LineageOS/android_packages_apps_CMBugreport" />
<remove-project name="LineageOS/android_packages_apps_Stk" />
<remove-project name="LineageOS/android_packages_apps_VideoEditor" />
<remove-project name="LineageOS/android_packages_apps_VoiceDialer" />
<remove-project name="LineageOS/android_packages_apps_VoicePlus" />
<remove-project name="LineageOS/android_packages_providers_PartnerBookmarksProvider" />
<remove-project name="LineageOS/android_packages_screensavers_Basic" />
<remove-project name="LineageOS/android_packages_screensavers_PhotoTable" />
<remove-project name="LineageOS/android_packages_screensavers_WebView" />
<remove-project name="LineageOS/android_packages_wallpapers_Basic" />
<remove-project name="LineageOS/android_packages_wallpapers_Galaxy4" />
<remove-project name="LineageOS/android_packages_wallpapers_HoloSpiral" />
<remove-project name="LineageOS/android_packages_wallpapers_MagicSmoke" />
<remove-project name="LineageOS/android_packages_wallpapers_MusicVisualization" />
<remove-project name="LineageOS/android_packages_wallpapers_NoiseField" />
<remove-project name="LineageOS/android_packages_wallpapers_PhaseBeam" />
<remove-project name="LineageOS/android_packages_wallpapers_PhotoPhase" />
<remove-project name="platform/developers/build" />
<remove-project name="platform/developers/demos" />
<remove-project name="platform/developers/docs" />
<remove-project name="platform/developers/samples/android" />
<remove-project name="platform/docs/source.android.com" />
<remove-project name="platform/external/libssh2" />
<remove-project name="platform/prebuilts/clang/darwin-x86/3.1" />
<remove-project name="platform/prebuilts/clang/darwin-x86/3.2" />
<remove-project name="platform/prebuilts/clang/darwin-x86/arm/3.3" />
<remove-project name="platform/prebuilts/clang/darwin-x86/host/3.3" />
<remove-project name="platform/prebuilts/clang/darwin-x86/mips/3.3" />
<remove-project name="platform/prebuilts/clang/darwin-x86/x86/3.3" />
<remove-project name="platform/prebuilts/clang/linux-x86/mips/3.3" />
<remove-project name="platform/prebuilts/gcc/darwin-x86/arm/arm-eabi-4.6" />
<remove-project name="platform/prebuilts/gcc/darwin-x86/arm/arm-eabi-4.7" />
<remove-project name="platform/prebuilts/gcc/darwin-x86/arm/arm-linux-androideabi-4.6" />
<remove-project name="platform/prebuilts/gcc/darwin-x86/arm/arm-linux-androideabi-4.7" />
<remove-project name="platform/prebuilts/gcc/darwin-x86/host/headers" />
<remove-project name="platform/prebuilts/gcc/darwin-x86/host/i686-apple-darwin-4.2.1" />
<remove-project name="platform/prebuilts/gcc/darwin-x86/mips/mipsel-linux-android-4.6" />
<remove-project name="platform/prebuilts/gcc/darwin-x86/mips/mipsel-linux-android-4.7" />
<remove-project name="platform/prebuilts/gcc/darwin-x86/x86/i686-linux-android-4.6" />
<remove-project name="platform/prebuilts/gcc/darwin-x86/x86/i686-linux-android-4.7" />
<remove-project name="platform/prebuilts/gcc/darwin-x86/x86/x86_64-linux-android-4.7" />
<remove-project name="platform/prebuilts/gcc/linux-x86/mips/mipsel-linux-android-4.6" />
<remove-project name="platform/prebuilts/gcc/linux-x86/mips/mipsel-linux-android-4.7" />
<remove-project name="platform/prebuilts/python/darwin-x86/2.7.5" />
<remove-project name="platform/tools/emulator" />
<!-- END OF UNNECESSARY REPO REMOVAL -->
<!-- START OF DEVICE REPOS -->
<!-- Common -->
<project path="device/qcom/common" name="LineageOS/android_device_qcom_common" remote="github" revision="cm-11.0" />
<!-- ZTE AWE (n800) -->
<project path="device/zte/nex" name="spock1104/android_device_zte_nex" remote="github" revision="cm11_newkern" />
<project path="kernel/zte/msm8930" name="spock1104/android_kernel_zte_msm8930" remote="github" revision="stockmod" />
<!-- END OF DEVICE REPOS -->
</manifest>

View File

@ -1,183 +0,0 @@
From 3d89c4fb28b44ad5cbc0e75315e28b96eaee95db Mon Sep 17 00:00:00 2001
From: Ted Wang <tedwang@google.com>
Date: Mon, 29 Apr 2019 10:11:04 +0800
Subject: [PATCH] Fix potential OOB read in sdpu_get_len_from_type
Add boundary check in sdpu_get_len_from_type to prevent potential OOB read.
Bug: 117105007
Test: Manul
Merged-In: I3755e13ee0a7e22ffd5f48fca909610a26b09d0a
Change-Id: I3755e13ee0a7e22ffd5f48fca909610a26b09d0a
(cherry picked from commit 1243f8da338dadfe2a3c281a08297b431402d41c)
(cherry picked from commit 4d8e1d63e1a2116c47702d38d858f5a742e8292f)
---
stack/sdp/sdp_db.c | 7 ++++++-
stack/sdp/sdp_discovery.c | 37 ++++++++++++++++++++++++++++---------
stack/sdp/sdp_utils.c | 17 ++++++++++++++++-
stack/sdp/sdpint.h | 2 +-
4 files changed, 51 insertions(+), 12 deletions(-)
diff --git a/stack/sdp/sdp_db.c b/stack/sdp/sdp_db.c
index 318a8cc2..f9518f77 100644
--- a/stack/sdp/sdp_db.c
+++ b/stack/sdp/sdp_db.c
@@ -130,7 +130,12 @@ static BOOLEAN find_uuid_in_seq (UINT8 *p , UINT32 seq_len, UINT8 *p_uuid,
while (p < p_end)
{
type = *p++;
- p = sdpu_get_len_from_type (p, type, &len);
+ p = sdpu_get_len_from_type (p, p_end, type, &len);
+ if (p == NULL || (p + len) > p_end)
+ {
+ SDP_TRACE_WARNING1("%s: bad length", __func__);
+ break;
+ }
type = type >> 3;
if (type == UUID_DESC_TYPE)
{
diff --git a/stack/sdp/sdp_discovery.c b/stack/sdp/sdp_discovery.c
index d92d1e52..81b5d584 100644
--- a/stack/sdp/sdp_discovery.c
+++ b/stack/sdp/sdp_discovery.c
@@ -408,6 +408,7 @@ static void sdp_copy_raw_data (tCONN_CB *p_ccb, BOOLEAN offset)
UINT32 list_len;
UINT8 *p;
UINT8 * p_temp;
+ UINT8 *p_end;
UINT8 type;
UINT32 delta_len = 0;
@@ -427,13 +428,19 @@ static void sdp_copy_raw_data (tCONN_CB *p_ccb, BOOLEAN offset)
cpy_len = p_ccb->p_db->raw_size - p_ccb->p_db->raw_used;
list_len = p_ccb->list_len;
p_temp = p = &p_ccb->rsp_list[0];
+ p_end = &p_ccb->rsp_list[0] + list_len;
if(offset)
{
cpy_len -= 1;
type = *p++;
uint8_t* old_p = p;
- p = sdpu_get_len_from_type (p, type, &list_len);
+ p = sdpu_get_len_from_type(p, p_end, type, &list_len);
+ if (p == NULL || (p + list_len) > p_end)
+ {
+ SDP_TRACE_WARNING1("%s: bad length", __func__);
+ return;
+ }
if ((int)cpy_len < (p - old_p))
{
SDP_TRACE_WARNING1("%s: no bytes left for data", __func__);
@@ -810,8 +817,12 @@ static void process_service_search_attr_rsp (tCONN_CB *p_ccb, UINT8 *p_reply,
SDP_TRACE_WARNING1 ("SDP - Wrong type: 0x%02x in attr_rsp", type);
return;
}
- p = sdpu_get_len_from_type (p, type, &seq_len);
-
+ p = sdpu_get_len_from_type(p, p + p_ccb->list_len, type, &seq_len);
+ if (p == NULL || (p + seq_len) > (p + p_ccb->list_len))
+ {
+ SDP_TRACE_WARNING1("%s: bad length", __func__);
+ return;
+ }
p_end = &p_ccb->rsp_list[p_ccb->list_len];
if ((p + seq_len) != p_end)
@@ -858,9 +869,8 @@ static UINT8 *save_attr_seq (tCONN_CB *p_ccb, UINT8 *p, UINT8 *p_msg_end)
SDP_TRACE_WARNING1 ("SDP - Wrong type: 0x%02x in attr_rsp", type);
return (NULL);
}
-
- p = sdpu_get_len_from_type (p, type, &seq_len);
- if ((p + seq_len) > p_msg_end)
+ p = sdpu_get_len_from_type(p, p_msg_end, type, &seq_len);
+ if (p == NULL || (p + seq_len) > p_msg_end)
{
SDP_TRACE_WARNING1 ("SDP - Bad len in attr_rsp %d", seq_len);
return (NULL);
@@ -880,7 +890,12 @@ static UINT8 *save_attr_seq (tCONN_CB *p_ccb, UINT8 *p, UINT8 *p_msg_end)
{
/* First get the attribute ID */
type = *p++;
- p = sdpu_get_len_from_type (p, type, &attr_len);
+ p = sdpu_get_len_from_type(p, p_msg_end, type, &attr_len);
+ if (p == NULL || (p + attr_len) > p_seq_end)
+ {
+ SDP_TRACE_WARNING2("%s: Bad len in attr_rsp %d", __func__, attr_len);
+ return (NULL);
+ }
if (((type >> 3) != UINT_DESC_TYPE) || (attr_len != 2))
{
SDP_TRACE_WARNING2 ("SDP - Bad type: 0x%02x or len: %d in attr_rsp", type, attr_len);
@@ -970,8 +985,12 @@ static UINT8 *add_attr (UINT8 *p, UINT8 *p_end, tSDP_DISCOVERY_DB *p_db, tSDP_DI
nest_level &= ~(SDP_ADDITIONAL_LIST_MASK);
type = *p++;
- p = sdpu_get_len_from_type (p, type, &attr_len);
-
+ p = sdpu_get_len_from_type(p, p_end, type, &attr_len);
+ if (p == NULL || (p + attr_len) > p_end)
+ {
+ SDP_TRACE_WARNING1("%s: bad length in attr_rsp", __func__);
+ return NULL;
+ }
attr_len &= SDP_DISC_ATTR_LEN_MASK;
attr_type = (type >> 3) & 0x0f;
diff --git a/stack/sdp/sdp_utils.c b/stack/sdp/sdp_utils.c
index 210fbcc8..c99378b8 100644
--- a/stack/sdp/sdp_utils.c
+++ b/stack/sdp/sdp_utils.c
@@ -608,7 +608,7 @@ UINT8 *sdpu_extract_attr_seq (UINT8 *p, UINT16 param_len, tSDP_ATTR_SEQ *p_seq)
** Returns void
**
*******************************************************************************/
-UINT8 *sdpu_get_len_from_type (UINT8 *p, UINT8 type, UINT32 *p_len)
+UINT8 *sdpu_get_len_from_type (UINT8 *p, UINT8 *p_end, UINT8 type, UINT32 *p_len)
{
UINT8 u8;
UINT16 u16;
@@ -632,14 +632,29 @@ UINT8 *sdpu_get_len_from_type (UINT8 *p, UINT8 type, UINT32 *p_len)
*p_len = 16;
break;
case SIZE_IN_NEXT_BYTE:
+ if (p + 1 > p_end)
+ {
+ *p_len = 0;
+ return NULL;
+ }
BE_STREAM_TO_UINT8 (u8, p);
*p_len = u8;
break;
case SIZE_IN_NEXT_WORD:
+ if (p + 2 > p_end)
+ {
+ *p_len = 0;
+ return NULL;
+ }
BE_STREAM_TO_UINT16 (u16, p);
*p_len = u16;
break;
case SIZE_IN_NEXT_LONG:
+ if (p + 4 > p_end)
+ {
+ *p_len = 0;
+ return NULL;
+ }
BE_STREAM_TO_UINT32 (u32, p);
*p_len = (UINT16) u32;
break;
diff --git a/stack/sdp/sdpint.h b/stack/sdp/sdpint.h
index b3006640..74f748aa 100644
--- a/stack/sdp/sdpint.h
+++ b/stack/sdp/sdpint.h
@@ -285,7 +285,7 @@ extern void sdpu_build_n_send_error (tCONN_CB *p_ccb, UINT16 trans_num, UIN
extern UINT8 *sdpu_extract_attr_seq (UINT8 *p, UINT16 param_len, tSDP_ATTR_SEQ *p_seq);
extern UINT8 *sdpu_extract_uid_seq (UINT8 *p, UINT16 param_len, tSDP_UUID_SEQ *p_seq);
-SDP_API extern UINT8 *sdpu_get_len_from_type (UINT8 *p, UINT8 type, UINT32 *p_len);
+SDP_API extern UINT8 *sdpu_get_len_from_type (UINT8 *p, UINT8 *p_end, UINT8 type, UINT32 *p_len);
extern BOOLEAN sdpu_is_base_uuid (UINT8 *p_uuid);
extern BOOLEAN sdpu_compare_uuid_arrays (UINT8 *p_uuid1, UINT32 len1, UINT8 *p_uuid2, UINT16 len2);
SDP_API extern BOOLEAN sdpu_compare_bt_uuids (tBT_UUID *p_uuid1, tBT_UUID *p_uuid2);

View File

@ -1,55 +0,0 @@
From 7b32c85942c038866d44634b0c08593133e150b7 Mon Sep 17 00:00:00 2001
From: Martin Brabham <optedoblivion@google.com>
Date: Fri, 24 May 2019 15:13:38 -0700
Subject: [PATCH] DO NOT MERGE: btif: require pairing dialog for JustWorks SSP
Bug: 110433804
Test: Manual; atest net_test_bluetooth
Change-Id: If65a8d53ff368ba3ddddb47cfc0072469090b46a
(cherry picked from commit ddae6274742e241c03526c7659dca7b3446b9f8d)
(cherry picked from commit 26ba26be830f04e6fd9c77b075bcae48677d4cce)
---
btif/src/btif_dm.c | 23 -----------------------
1 file changed, 23 deletions(-)
diff --git a/btif/src/btif_dm.c b/btif/src/btif_dm.c
index f2bd9001..544cb1a4 100644
--- a/btif/src/btif_dm.c
+++ b/btif/src/btif_dm.c
@@ -915,7 +915,6 @@ static void btif_dm_ssp_cfm_req_evt(tBTA_DM_SP_CFM_REQ *p_ssp_cfm_req)
bt_bdaddr_t bd_addr;
bt_bdname_t bd_name;
UINT32 cod;
- BOOLEAN is_incoming = !(pairing_cb.state == BT_BOND_STATE_BONDING);
BTIF_TRACE_DEBUG1("%s", __FUNCTION__);
@@ -946,28 +945,6 @@ static void btif_dm_ssp_cfm_req_evt(tBTA_DM_SP_CFM_REQ *p_ssp_cfm_req)
pairing_cb.is_ssp = TRUE;
- /* If JustWorks auto-accept */
- if (p_ssp_cfm_req->just_works)
- {
- /* Pairing consent for JustWorks needed if:
- * 1. Incoming pairing is detected AND
- * 2. local IO capabilities are DisplayYesNo AND
- * 3. remote IO capabiltiies are DisplayOnly or NoInputNoOutput;
- */
- if ((is_incoming) && ((p_ssp_cfm_req->loc_io_caps == 0x01) &&
- (p_ssp_cfm_req->rmt_io_caps == 0x00 || p_ssp_cfm_req->rmt_io_caps == 0x03)))
- {
- BTIF_TRACE_EVENT3("%s: User consent needed for incoming pairing request. loc_io_caps: %d, rmt_io_caps: %d",
- __FUNCTION__, p_ssp_cfm_req->loc_io_caps, p_ssp_cfm_req->rmt_io_caps);
- }
- else
- {
- BTIF_TRACE_EVENT1("%s: Auto-accept JustWorks pairing", __FUNCTION__);
- btif_dm_ssp_reply(&bd_addr, BT_SSP_VARIANT_CONSENT, TRUE, 0);
- return;
- }
- }
-
cod = devclass2uint(p_ssp_cfm_req->dev_class);
if ( cod == 0) {

View File

@ -1,89 +0,0 @@
From 83f6ba8dc3f5bd609c117527da4e46bb36612e04 Mon Sep 17 00:00:00 2001
From: Zongheng Wang <wangzongheng@google.com>
Date: Mon, 5 Aug 2019 12:45:35 -0700
Subject: [PATCH] SDP: disconnect if sdp_copy_raw_data fails
Our partners met with the problem with sdp_copy_raw_data updated in
CVE-2019-2116. When peer device responds with a wrong size,
sdp_copy_raw_data will not complete and won't trigger
disconnection. This CL enables the disconnection when a wrong size is
received.
Bug: 137239831
Bug: 117105007
Test: manual test
Change-Id: I9f0df8b2de28970e7d69b737ce5d363785183bf3
Merged-In: I9f0df8b2de28970e7d69b737ce5d363785183bf3
(cherry picked from commit bc9df3451dad17c1ab1002fdbc85d60e57d4f0af)
(cherry picked from commit 41939a2b5a8e3584c5a99dfe264a47df79e3091f)
---
stack/sdp/sdp_discovery.c | 21 +++++++++++++++------
1 file changed, 15 insertions(+), 6 deletions(-)
diff --git a/stack/sdp/sdp_discovery.c b/stack/sdp/sdp_discovery.c
index 81b5d584..474ce6b7 100644
--- a/stack/sdp/sdp_discovery.c
+++ b/stack/sdp/sdp_discovery.c
@@ -398,11 +398,13 @@ static void process_service_search_rsp (tCONN_CB *p_ccb, UINT8 *p_reply,
** Description copy the raw data
**
**
-** Returns void
+** Returns BOOLEAN
+** true if successful
+** false if not copied
**
*******************************************************************************/
#if (SDP_RAW_DATA_INCLUDED == TRUE)
-static void sdp_copy_raw_data (tCONN_CB *p_ccb, BOOLEAN offset)
+static BOOLEAN sdp_copy_raw_data (tCONN_CB *p_ccb, BOOLEAN offset)
{
unsigned int cpy_len, rem_len;
UINT32 list_len;
@@ -439,12 +441,12 @@ static void sdp_copy_raw_data (tCONN_CB *p_ccb, BOOLEAN offset)
if (p == NULL || (p + list_len) > p_end)
{
SDP_TRACE_WARNING1("%s: bad length", __func__);
- return;
+ return FALSE;
}
if ((int)cpy_len < (p - old_p))
{
SDP_TRACE_WARNING1("%s: no bytes left for data", __func__);
- return;
+ return FALSE;
}
cpy_len -= (p - old_p);
}
@@ -464,6 +466,7 @@ static void sdp_copy_raw_data (tCONN_CB *p_ccb, BOOLEAN offset)
memcpy (&p_ccb->p_db->raw_data[p_ccb->p_db->raw_used], p, cpy_len);
p_ccb->p_db->raw_used += cpy_len;
}
+ return TRUE;
}
#endif
@@ -547,7 +550,10 @@ static void process_service_attr_rsp (tCONN_CB *p_ccb, UINT8 *p_reply,
#if (SDP_RAW_DATA_INCLUDED == TRUE)
SDP_TRACE_WARNING0("process_service_attr_rsp");
- sdp_copy_raw_data (p_ccb, FALSE);
+ if (!sdp_copy_raw_data(p_ccb, FALSE)) {
+ SDP_TRACE_ERROR0("sdp_copy_raw_data failed");
+ sdp_disconnect(p_ccb, SDP_ILLEGAL_PARAMETER);
+ }
#endif
/* Save the response in the database. Stop on any error */
@@ -804,7 +810,10 @@ static void process_service_search_attr_rsp (tCONN_CB *p_ccb, UINT8 *p_reply,
#if (SDP_RAW_DATA_INCLUDED == TRUE)
SDP_TRACE_WARNING0("process_service_search_attr_rsp");
- sdp_copy_raw_data (p_ccb, TRUE);
+ if (!sdp_copy_raw_data (p_ccb, TRUE)) {
+ SDP_TRACE_ERROR0("sdp_copy_raw_data failed");
+ sdp_disconnect(p_ccb, SDP_ILLEGAL_PARAMETER);
+ }
#endif
p = &p_ccb->rsp_list[0];

View File

@ -1,31 +0,0 @@
From 583460635a78028e8724275ad5370a8db3ae9d54 Mon Sep 17 00:00:00 2001
From: Zongheng Wang <wangzongheng@google.com>
Date: Tue, 20 Aug 2019 17:56:04 -0700
Subject: [PATCH] SDP: Disconnect when there is a bad length
Handle the case when SDP_RAW_DATA_INCLUDED is FALSE.
Related to: I9f0df8b2de28970e7d69b737ce5d363785183bf3
Bug: 137239831
Bug: 117105007
Test: manual test
Change-Id: I354494565005f2ca9093486546fc54c145066413
Merged-In: I354494565005f2ca9093486546fc54c145066413
(cherry picked from commit e45fe0a8ec678c73c57967b69c2fd485eef92927)
(cherry picked from commit 7f555a1a9b641a8e4892a4e7a7cc1ff294d8f2b7)
---
stack/sdp/sdp_discovery.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/stack/sdp/sdp_discovery.c b/stack/sdp/sdp_discovery.c
index 474ce6b7..68308e67 100644
--- a/stack/sdp/sdp_discovery.c
+++ b/stack/sdp/sdp_discovery.c
@@ -830,6 +830,7 @@ static void process_service_search_attr_rsp (tCONN_CB *p_ccb, UINT8 *p_reply,
if (p == NULL || (p + seq_len) > (p + p_ccb->list_len))
{
SDP_TRACE_WARNING1("%s: bad length", __func__);
+ sdp_disconnect(p_ccb, SDP_ILLEGAL_PARAMETER);
return;
}
p_end = &p_ccb->rsp_list[p_ccb->list_len];

View File

@ -1,47 +0,0 @@
From 414b324868ebcd0fb4d213e7951cd2e82a3eee3a Mon Sep 17 00:00:00 2001
From: George Chang <georgekgchang@google.com>
Date: Thu, 6 Jun 2019 19:07:54 +0800
Subject: [PATCH] Prevent integer overflow in NDEF_MsgValidate
Bug: 126200054
Test: Read a Ndef Tag
Change-Id: I156047fa8b6219a4d4d269f7ca720f9a0ee55e17
---
src/nfc/ndef/ndef_utils.c | 10 ++++++++++
1 file changed, 10 insertions(+)
diff --git a/src/nfc/ndef/ndef_utils.c b/src/nfc/ndef/ndef_utils.c
index 9d44526..8b73c70 100644
--- a/src/nfc/ndef/ndef_utils.c
+++ b/src/nfc/ndef/ndef_utils.c
@@ -24,6 +24,7 @@
*
******************************************************************************/
#include <string.h>
+#include <log/log.h>
#include "ndef_utils.h"
/*******************************************************************************
@@ -80,6 +81,7 @@ tNDEF_STATUS NDEF_MsgValidate (UINT8 *p_msg, UINT32 msg_len, BOOLEAN b_allow_chu
{
UINT8 *p_rec = p_msg;
UINT8 *p_end = p_msg + msg_len;
+ UINT8 *p_new;
UINT8 rec_hdr=0, type_len, id_len;
int count;
UINT32 payload_len;
@@ -187,6 +189,14 @@ tNDEF_STATUS NDEF_MsgValidate (UINT8 *p_msg, UINT32 msg_len, BOOLEAN b_allow_chu
return (NDEF_MSG_LENGTH_MISMATCH);
}
+ /* Check for OOB */
+ p_new = p_rec + (payload_len + type_len + id_len);
+ if (p_rec > p_new || p_end < p_new)
+ {
+ android_errorWriteLog(0x534e4554, "126200054");
+ return (NDEF_MSG_LENGTH_MISMATCH);
+ }
+
/* Point to next record */
p_rec += (payload_len + type_len + id_len);

View File

@ -1,45 +0,0 @@
From 818a7f04e004cae09ccd62e35911b9853a02b96b Mon Sep 17 00:00:00 2001
From: George Chang <georgekgchang@google.com>
Date: Tue, 9 Jul 2019 16:17:23 +0800
Subject: [PATCH] Prevent OOB read in rw_t4t.cc part 2
Bug: 120865977
Bug: 120274615
Bug: 124462242
Test: Read T4T Tag
Change-Id: I4d70537d71442205a9456c0ece7a836fa4473558
---
src/nfc/tags/rw_t4t.c | 13 +++++++++++++
1 file changed, 13 insertions(+)
diff --git a/src/nfc/tags/rw_t4t.c b/src/nfc/tags/rw_t4t.c
index 7a7f457..29fbc02 100644
--- a/src/nfc/tags/rw_t4t.c
+++ b/src/nfc/tags/rw_t4t.c
@@ -1075,6 +1075,8 @@ static void rw_t4t_handle_error (tNFC_STATUS status, UINT8 sw1, UINT8 sw2)
rw_data.t4t_sw.sw1 = sw1;
rw_data.t4t_sw.sw2 = sw2;
+ rw_data.ndef.cur_size = 0;
+ rw_data.ndef.max_size = 0;
switch (p_t4t->state)
{
@@ -1980,6 +1982,17 @@ static void rw_t4t_data_cback (UINT8 conn_id, tNFC_CONN_EVT event, tNFC_CONN *p_
RW_TRACE_DEBUG1 ("RW T4T state: %d", p_t4t->state);
#endif
+ if (p_t4t->state != RW_T4T_STATE_IDLE &&
+ p_t4t->state != RW_T4T_STATE_PRESENCE_CHECK &&
+ p_r_apdu->len < T4T_RSP_STATUS_WORDS_SIZE)
+ {
+ RW_TRACE_DEBUG1 ("%s incorrect p_r_apdu length", __func__);
+ RW_TRACE_DEBUG0 ("0x534e4554 120865977");
+ rw_t4t_handle_error(NFC_STATUS_FAILED, 0, 0);
+ GKI_freebuf(p_r_apdu);
+ return;
+ }
+
switch (p_t4t->state)
{
case RW_T4T_STATE_IDLE:

View File

@ -1,59 +0,0 @@
From 3b4afbcac25aed96d157b05921077ce83f05b518 Mon Sep 17 00:00:00 2001
From: George Chang <georgekgchang@google.com>
Date: Fri, 16 Aug 2019 20:37:23 +0800
Subject: [PATCH] Prevent OOB in rw_i93.cc
Bug: 139188579
Test: Read/Write/Lock Type 5 Tag
Change-Id: Ife24f097c926184019038e559cbd806b289911c6
Exempt-From-Owner-Approval: Old Owners are all transferred to another BU
(cherry picked from commit 4025e2b929905f9b751f3612a6ee26cd5e599417)
---
src/nfc/tags/rw_i93.c | 20 ++++++++++++++++++--
1 file changed, 18 insertions(+), 2 deletions(-)
diff --git a/src/nfc/tags/rw_i93.c b/src/nfc/tags/rw_i93.c
index 4713d8f..7d6a3d7 100644
--- a/src/nfc/tags/rw_i93.c
+++ b/src/nfc/tags/rw_i93.c
@@ -41,6 +41,8 @@
#define RW_I93_READ_MULTI_BLOCK_SIZE 128 /* max reading data if read multi block is supported */
#define RW_I93_FORMAT_DATA_LEN 8 /* CC, zero length NDEF, Terminator TLV */
#define RW_I93_GET_MULTI_BLOCK_SEC_SIZE 512 /* max getting lock status if get multi block sec is supported */
+/*Capability Container CC Size */
+#define RW_I93_CC_SIZE 4
/* main state */
enum
@@ -1630,8 +1632,15 @@ void rw_i93_sm_detect_ndef (BT_HDR *p_resp)
case RW_I93_SUBSTATE_WAIT_CC:
- /* assume block size is more than 4 */
- STREAM_TO_ARRAY (cc, p, 4);
+ if (length < RW_I93_CC_SIZE)
+ {
+ android_errorWriteLog(0x534e4554, "139188579");
+ rw_i93_handle_error(NFC_STATUS_FAILED);
+ return;
+ }
+
+ /* assume block size is more than RW_I93_CC_SIZE 4 */
+ STREAM_TO_ARRAY(cc, p, RW_I93_CC_SIZE);
status = NFC_STATUS_FAILED;
@@ -2863,6 +2872,13 @@ void rw_i93_sm_set_read_only (BT_HDR *p_resp)
{
case RW_I93_SUBSTATE_WAIT_CC:
+ if (length < RW_I93_CC_SIZE)
+ {
+ android_errorWriteLog(0x534e4554, "139188579");
+ rw_i93_handle_error(NFC_STATUS_FAILED);
+ return;
+ }
+
/* mark CC as read-only */
*(p+1) |= I93_ICODE_CC_READ_ONLY;

View File

@ -1,106 +0,0 @@
From 11f084f3bddf24d1747603363090ffab9217d7f3 Mon Sep 17 00:00:00 2001
From: George Chang <georgekgchang@google.com>
Date: Sun, 8 Sep 2019 22:55:33 +0800
Subject: [PATCH] Add boundary check in nfa_hci_handle_admin_gate_rsp
Bug: 124524315
Test: Nfc Enable/Disable with NFC SIM
Merged-In: Ic5b9398f7fc4f3aa8c83bd902e47d7785c5a6161
Change-Id: Ic5b9398f7fc4f3aa8c83bd902e47d7785c5a6161
Exempt-From-Owner-Approval: new owner approved
(cherry picked from commit dc58f77ff10e8a6502208249741ab6879c038bf1)
---
src/nfa/hci/nfa_hci_act.c | 31 +++++++++++++++++++++++++------
1 file changed, 25 insertions(+), 6 deletions(-)
diff --git a/src/nfa/hci/nfa_hci_act.c b/src/nfa/hci/nfa_hci_act.c
index 9a25cf6..c800a34 100644
--- a/src/nfa/hci/nfa_hci_act.c
+++ b/src/nfa/hci/nfa_hci_act.c
@@ -33,6 +33,7 @@
#include "nfa_nv_co.h"
#include "nfa_mem_co.h"
#include "nfa_hci_defs.h"
+#include <log/log.h>
/* Static local functions */
@@ -1405,8 +1406,8 @@ void nfa_hci_handle_admin_gate_rsp (UINT8 *p_data, UINT8 data_len)
}
else if (nfa_hci_cb.param_in_use == NFA_HCI_SESSION_IDENTITY_INDEX)
{
- /* The only parameter we get when initializing is the session ID. Check for match. */
- if (!memcmp ((UINT8 *) nfa_hci_cb.cfg.admin_gate.session_id, p_data, NFA_HCI_SESSION_ID_LEN) )
+ if (data_len >= NFA_HCI_SESSION_ID_LEN &&
+ !memcmp((uint8_t*)nfa_hci_cb.cfg.admin_gate.session_id, p_data, NFA_HCI_SESSION_ID_LEN))
{
/* Session has not changed. Set the WHITELIST */
nfa_hciu_send_set_param_cmd (NFA_HCI_ADMIN_PIPE, NFA_HCI_WHITELIST_INDEX, 0x02, hosts);
@@ -1416,6 +1417,10 @@ void nfa_hci_handle_admin_gate_rsp (UINT8 *p_data, UINT8 data_len)
/* Something wrong, NVRAM data could be corrupt or first start with default session id */
nfa_hciu_send_clear_all_pipe_cmd ();
nfa_hci_cb.b_hci_netwk_reset = TRUE;
+ if (data_len < NFA_HCI_SESSION_ID_LEN)
+ {
+ android_errorWriteLog(0x534e4554, "124524315");
+ }
}
}
break;
@@ -1466,7 +1471,8 @@ void nfa_hci_handle_admin_gate_rsp (UINT8 *p_data, UINT8 data_len)
case NFA_HCI_ANY_GET_PARAMETER:
if (nfa_hci_cb.param_in_use == NFA_HCI_SESSION_IDENTITY_INDEX)
{
- if (!memcmp ((UINT8 *) default_session, p_data , NFA_HCI_SESSION_ID_LEN))
+ if (data_len >= NFA_HCI_SESSION_ID_LEN &&
+ !memcmp((uint8_t*)default_session, p_data, NFA_HCI_SESSION_ID_LEN))
{
memcpy (&nfa_hci_cb.cfg.admin_gate.session_id[(NFA_HCI_SESSION_ID_LEN / 2)], nfa_hci_cb.cfg.admin_gate.session_id, (NFA_HCI_SESSION_ID_LEN / 2));
os_tick = GKI_get_os_tick_count ();
@@ -1476,6 +1482,10 @@ void nfa_hci_handle_admin_gate_rsp (UINT8 *p_data, UINT8 data_len)
}
else
{
+ if (data_len < NFA_HCI_SESSION_ID_LEN)
+ {
+ android_errorWriteLog(0x534e4554, "124524315");
+ }
if (nfa_hci_cb.hci_state == NFA_HCI_STATE_APP_DEREGISTER)
nfa_hci_api_deregister (NULL);
else if (nfa_hci_cb.hci_state == NFA_HCI_STATE_REMOVE_GATE)
@@ -1485,6 +1495,11 @@ void nfa_hci_handle_admin_gate_rsp (UINT8 *p_data, UINT8 data_len)
else if (nfa_hci_cb.param_in_use == NFA_HCI_HOST_LIST_INDEX)
{
evt_data.hosts.status = status;
+ if (data_len > NFA_HCI_MAX_HOST_IN_NETWORK)
+ {
+ data_len = NFA_HCI_MAX_HOST_IN_NETWORK;
+ android_errorWriteLog(0x534e4554, "124524315");
+ }
evt_data.hosts.num_hosts = data_len;
memcpy (evt_data.hosts.host, p_data, data_len);
@@ -1516,7 +1531,8 @@ void nfa_hci_handle_admin_gate_rsp (UINT8 *p_data, UINT8 data_len)
break;
case NFA_HCI_ADM_CREATE_PIPE:
- if (status == NFA_STATUS_OK)
+ // p_data should have at least 5 bytes length for pipe info
+ if (data_len >= 5 && status == NFA_STATUS_OK)
{
STREAM_TO_UINT8 (source_host, p_data);
STREAM_TO_UINT8 (source_gate, p_data);
@@ -1533,8 +1549,11 @@ void nfa_hci_handle_admin_gate_rsp (UINT8 *p_data, UINT8 data_len)
}
nfa_hciu_add_pipe_to_gate (pipe, source_gate, dest_host, dest_gate);
-
- }
+ } else if (data_len < 5 && status == NFA_STATUS_OK)
+ {
+ android_errorWriteLog(0x534e4554, "124524315");
+ status = NFA_STATUS_FAILED;
+ }
/* Tell the application his pipe was created or not */
evt_data.created.status = status;

View File

@ -1,33 +0,0 @@
From 2acc89d321bf0d1ea4bc08bc4620f165cb7e65f3 Mon Sep 17 00:00:00 2001
From: Frank Galligan <fgalligan@google.com>
Date: Fri, 10 May 2019 17:42:46 -0700
Subject: [PATCH] Check there is only one settings per ContentCompression
This fixes a memory leak with invalid files.
BUG: 127702368
Merged-In: Id7de1f8c35ef2f6458c6fb6c7751a84fe43ed1cc
Change-Id: I73bd34e212d74ffcf8d428e01b5269037147bf8c
(cherry picked from commit 0fbbf3c3e05647aa10174a1876e02ba6a2ec631d)
---
libwebm/mkvparser.cpp | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/libwebm/mkvparser.cpp b/libwebm/mkvparser.cpp
index f0cd97f..e65e9c7 100644
--- a/libwebm/mkvparser.cpp
+++ b/libwebm/mkvparser.cpp
@@ -4284,6 +4284,12 @@ long ContentEncoding::ParseCompressionEntry(long long start, long long size,
return status;
}
+ // There should be only one settings element per content compression.
+ if (compression->settings != NULL) {
+ delete[] buf;
+ return E_FILE_FORMAT_INVALID;
+ }
+
compression->settings = buf;
compression->settings_len = buflen;
}

View File

@ -1,26 +0,0 @@
From 3e54ae6106d08aac9707919631ba6d8adb91b87d Mon Sep 17 00:00:00 2001
From: Frank Galligan <fgalligan@google.com>
Date: Fri, 10 May 2019 18:21:43 -0700
Subject: [PATCH] Fixes a double free in ContentEncoding
BUG: 127702368
Merged-In: Id7de1f8c35ef2f6458c6fb6c7751a84fe43ed1cc
Change-Id: Id17f570fe60ea2ecb3cf5cdbc179246486401005
(cherry picked from commit d2ff9ba6d9376f295b13d822d345e83841bc6189)
---
libwebm/mkvparser.cpp | 1 +
1 file changed, 1 insertion(+)
diff --git a/libwebm/mkvparser.cpp b/libwebm/mkvparser.cpp
index e65e9c7..78cdcee 100644
--- a/libwebm/mkvparser.cpp
+++ b/libwebm/mkvparser.cpp
@@ -4182,6 +4182,7 @@ long ContentEncoding::ParseContentEncodingEntry(long long start, long long size,
new (std::nothrow) ContentEncryption*[encryption_count];
if (!encryption_entries_) {
delete[] compression_entries_;
+ compression_entries_ = NULL;
return -1;
}
encryption_entries_end_ = encryption_entries_;

View File

@ -1,40 +0,0 @@
From 30cc508a007fa28db6d5d5582bae001ced5db1fe Mon Sep 17 00:00:00 2001
From: Haibo Huang <hhb@google.com>
Date: Mon, 6 May 2019 12:43:47 -0700
Subject: [PATCH] Fix uninitialized value in sfntly
Bug: 116114182
Test: build
Change-Id: Ief84dd8a19bdb461945e07504270be76a3545701
Merged-In: Ief84dd8a19bdb461945e07504270be76a3545701
(cherry picked from commit 51ecc82faa63aacdde6648f80a3898b53653da78)
---
README.android | 4 ++++
cpp/src/sfntly/port/file_input_stream.cc | 2 +-
2 files changed, 5 insertions(+), 1 deletion(-)
diff --git a/README.android b/README.android
index 4447b27..39b0cf9 100644
--- a/README.android
+++ b/README.android
@@ -9,3 +9,7 @@ git rm -rf cpp/data
git rm -rf cpp/ext
git rm -rf cpp/tools
git commit
+
+
+# Local changes
+Fixed uninitialized variable. See bug 116114182 for details.
diff --git a/cpp/src/sfntly/port/file_input_stream.cc b/cpp/src/sfntly/port/file_input_stream.cc
index dfe9a7b..883c1fd 100644
--- a/cpp/src/sfntly/port/file_input_stream.cc
+++ b/cpp/src/sfntly/port/file_input_stream.cc
@@ -70,7 +70,7 @@ int32_t FileInputStream::Read() {
#endif
return 0;
}
- byte_t value;
+ byte_t value = 0;
size_t length = fread(&value, 1, 1, file_);
position_ += length;
return value;

View File

@ -1,63 +0,0 @@
From 2d696238c1acdd26b824b80c26942d06c071f451 Mon Sep 17 00:00:00 2001
From: Mike Klein <mtklein@google.com>
Date: Mon, 17 Sep 2018 17:29:39 -0400
Subject: [PATCH] RESTRICT AUTOMERGE: Make listener lists threadsafe with a
mutex.
Bug: 124232283
Test: Infeasible
Cherry-pick of https://skia-review.googlesource.com/155060 in Skia
There were conflicts due the fact that pi-dev does not have commit
afa11586d782c7cb3e83b8af48023ff227349516 ("Make the SkPathRef
GenIDChangeListener ref counted") or
6c8d242b14355bf66c9137e9e4d6c7861d22168f ("Make atomic lists list for
bitmaps and paths" - an alternate fix for this issue) and some smaller
header file changes.
Change-Id: I7c2c5cd6603007d099169071a1b7d1a230c621bc
Merged-In: I91a8fbdd1b8fb4cf8b124ebdf17212c643058ef3
---
include/core/SkPixelRef.h | 3 ++-
src/core/SkPixelRef.cpp | 2 ++
2 files changed, 4 insertions(+), 1 deletion(-)
diff --git a/include/core/SkPixelRef.h b/include/core/SkPixelRef.h
index 4369e5d537..3b2de4eaa8 100644
--- a/include/core/SkPixelRef.h
+++ b/include/core/SkPixelRef.h
@@ -236,7 +236,7 @@ class SK_API SkPixelRef : public SkFlattenable {
virtual void onChange() = 0;
};
- // Takes ownership of listener.
+ // Takes ownership of listener. Threadsafe.
void addGenIDChangeListener(GenIDChangeListener* listener);
protected:
@@ -311,6 +311,7 @@ class SK_API SkPixelRef : public SkFlattenable {
mutable uint32_t fGenerationID;
mutable bool fUniqueGenerationID;
+ SkMutex fGenIDChangeListenersMutex;
SkTDArray<GenIDChangeListener*> fGenIDChangeListeners; // pointers are owned
SkString fURI;
diff --git a/src/core/SkPixelRef.cpp b/src/core/SkPixelRef.cpp
index 6cc67d89af..290d29d71c 100644
--- a/src/core/SkPixelRef.cpp
+++ b/src/core/SkPixelRef.cpp
@@ -242,10 +242,12 @@ void SkPixelRef::addGenIDChangeListener(GenIDChangeListener* listener) {
SkDELETE(listener);
return;
}
+ SkAutoMutexAcquire lock(fGenIDChangeListenersMutex);
*fGenIDChangeListeners.append() = listener;
}
void SkPixelRef::callGenIDChangeListeners() {
+ SkAutoMutexAcquire lock(fGenIDChangeListenersMutex);
// We don't invalidate ourselves if we think another SkPixelRef is sharing our genID.
if (fUniqueGenerationID) {
for (int i = 0; i < fGenIDChangeListeners.count(); i++) {

View File

@ -1,27 +0,0 @@
From de55e0158ad3a6f89718c1d9fb19d336dea34937 Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Tue, 10 Jul 2018 08:09:29 -0400
Subject: [PATCH] Enable secure_delete by default
Change-Id: Iad6cea9f6489759faee04926213163a56dab1b9b
---
dist/Android.mk | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/dist/Android.mk b/dist/Android.mk
index 96e3035..4692f3f 100644
--- a/dist/Android.mk
+++ b/dist/Android.mk
@@ -28,7 +28,8 @@ common_sqlite_flags := \
-DSQLITE_OMIT_COMPILEOPTION_DIAGS \
-DSQLITE_OMIT_LOAD_EXTENSION \
-DSQLITE_DEFAULT_FILE_PERMISSIONS=0600 \
- -Dfdatasync=fdatasync
+ -Dfdatasync=fdatasync \
+ -DSQLITE_SECURE_DELETE
common_src_files := sqlite3.c
--
2.18.0

View File

@ -1,53 +0,0 @@
From 098f0a757422c049440af7c5e64f73288d091c15 Mon Sep 17 00:00:00 2001
From: Nick Kralevich <nnk@google.com>
Date: Tue, 27 Aug 2019 09:48:01 -0700
Subject: [PATCH] sqlite3_android.cpp: disable _TOKENIZE
Comment out the tokenize function. This code doesn't appear to be used.
A future change will further clean up this code and delete it properly.
Bug: 139186193
Test: compiles and boots
Change-Id: I0b2c37b6716162228205fc1ca8bea0f397f36baf
(cherry picked from commit c52a17358593062a7eb75a023c115df9ad89563b)
(cherry picked from commit 2f967a222a948027bb7f02970370ccaa8ae608a2)
---
android/sqlite3_android.cpp | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/android/sqlite3_android.cpp b/android/sqlite3_android.cpp
index b836952..2aee08d 100644
--- a/android/sqlite3_android.cpp
+++ b/android/sqlite3_android.cpp
@@ -226,6 +226,7 @@ struct SqliteUserData {
UCollator* collator;
};
+#if 0
/**
* This function is invoked as:
*
@@ -402,6 +403,7 @@ static void tokenize(sqlite3_context * context, int argc, sqlite3_value ** argv)
} while ((token = u_strtok_r(NULL, delim, &state)) != NULL);
sqlite3_result_int(context, numTokens);
}
+#endif
static void localized_collator_dtor(UCollator* collator)
{
@@ -445,6 +447,7 @@ extern "C" int register_localized_collators(sqlite3* handle, const char* systemL
return err;
}
+#if 0
// Register the _TOKENIZE function
err = sqlite3_create_function(handle, "_TOKENIZE", 4, SQLITE_UTF16, collator, tokenize, NULL, NULL);
if (err != SQLITE_OK) {
@@ -458,6 +461,7 @@ extern "C" int register_localized_collators(sqlite3* handle, const char* systemL
if (err != SQLITE_OK) {
return err;
}
+#endif
//// PHONEBOOK_COLLATOR

View File

@ -1,31 +0,0 @@
From 811aa12c4308817abc681f0d85cba82fd12b40c4 Mon Sep 17 00:00:00 2001
From: Ray Essick <essick@google.com>
Date: Tue, 26 Feb 2019 15:47:01 -0800
Subject: [PATCH] Reserve enough space for RTSP CSD
make parameters to GetSizeWidth() reflect values being used in
corresponding EncodeSize() invocations so we won't overflow the buffer.
Bug: 123701862
Test: y
Change-Id: I78596176e6042c95582494a8ae1b9c3160bf5955
(cherry picked from commit c025be8ce5f1b34bdf293ac367685c969bd430ba)
---
media/libstagefright/rtsp/APacketSource.cpp | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/media/libstagefright/rtsp/APacketSource.cpp b/media/libstagefright/rtsp/APacketSource.cpp
index 462c384130..39424fa689 100644
--- a/media/libstagefright/rtsp/APacketSource.cpp
+++ b/media/libstagefright/rtsp/APacketSource.cpp
@@ -379,8 +379,8 @@ static sp<ABuffer> MakeMPEG4VideoCodecSpecificData(
ALOGI("VOL dimensions = %dx%d", *width, *height);
size_t len1 = config->size() + GetSizeWidth(config->size()) + 1;
- size_t len2 = len1 + GetSizeWidth(len1) + 1 + 13;
- size_t len3 = len2 + GetSizeWidth(len2) + 1 + 3;
+ size_t len2 = len1 + GetSizeWidth(len1 + 13) + 1 + 13;
+ size_t len3 = len2 + GetSizeWidth(len2 + 3) + 1 + 3;
sp<ABuffer> csd = new ABuffer(len3);
uint8_t *dst = csd->data();

View File

@ -1,44 +0,0 @@
From b742278f2c4365be0021ce3498887e89e2cc8a4a Mon Sep 17 00:00:00 2001
From: Andy Hung <hunga@google.com>
Date: Tue, 12 Mar 2019 19:39:03 -0700
Subject: [PATCH] AudioFlinger: Prevent multiple effect chains with same
sessionId
Allow at most one effect chain with same sessionId on mPlaybackThreads.
Test: poc, CTS effect tests
Bug: 123237974
Merged-In: Ide46cd23b0a9f4295f0dca2fea23379a76b836ee
Change-Id: Ide46cd23b0a9f4295f0dca2fea23379a76b836ee
(cherry picked from commit 1631f06feb36df5406ad00e850dcca9394f67772)
(cherry picked from commit f963b2bfdaf406b42d371322402172b4380bbba5)
---
services/audioflinger/AudioFlinger.cpp | 15 +++++++++++++++
1 file changed, 15 insertions(+)
diff --git a/services/audioflinger/AudioFlinger.cpp b/services/audioflinger/AudioFlinger.cpp
index c06bf1e05c..b5ec45884d 100644
--- a/services/audioflinger/AudioFlinger.cpp
+++ b/services/audioflinger/AudioFlinger.cpp
@@ -2759,6 +2759,21 @@ sp<IEffect> AudioFlinger::createEffect(
io = mPlaybackThreads.keyAt(0);
}
ALOGV("createEffect() got io %d for effect %s", io, desc.name);
+ } else if (checkPlaybackThread_l(io) != NULL) {
+ // allow only one effect chain per sessionId on mPlaybackThreads.
+ for (size_t i = 0; i < mPlaybackThreads.size(); i++) {
+ const audio_io_handle_t checkIo = mPlaybackThreads.keyAt(i);
+ if (io == checkIo) continue;
+ const uint32_t sessionType =
+ mPlaybackThreads.valueAt(i)->hasAudioSession(sessionId);
+ if ((sessionType & ThreadBase::EFFECT_SESSION) != 0) {
+ ALOGE("%s: effect %s io %d denied because session %d effect exists on io %d",
+ __func__, desc.name, (int)io, (int)sessionId, (int)checkIo);
+ android_errorWriteLog(0x534e4554, "123237974");
+ lStatus = BAD_VALUE;
+ goto Exit;
+ }
+ }
}
ThreadBase *thread = checkRecordThread_l(io);
if (thread == NULL) {

View File

@ -1,43 +0,0 @@
From 620f9a1effe8cfb6b30d8a7f5247397259a618dc Mon Sep 17 00:00:00 2001
From: Weiyin Jiang <wjiang@codeaurora.org>
Date: Fri, 27 Apr 2018 00:39:29 +0800
Subject: [PATCH] audio: ensure effect chain with specific session id is unique
It's possible that tracks with the same session id running on various
playback outputs, which causes effect chain being created on the same
session twice. As a result, the same effect engine will be released
twice as the same context is reused.
Output that has effect chain with same session id is more preferable.
Test: No regression with Play Music and Effects
Bug: 123082420
Bug: 123237974
Merged-In: I690ea3cb942d1fdc96b46048e271557d48000f43
Change-Id: I690ea3cb942d1fdc96b46048e271557d48000f43
(cherry picked from commit 9aeb1770d49bab13ea5c6454c969a713641fe686)
(cherry picked from commit 5945746bcabff8d833229a6c230cbe873474087f)
---
services/audioflinger/AudioFlinger.cpp | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/services/audioflinger/AudioFlinger.cpp b/services/audioflinger/AudioFlinger.cpp
index b5ec45884d..ecad12b867 100644
--- a/services/audioflinger/AudioFlinger.cpp
+++ b/services/audioflinger/AudioFlinger.cpp
@@ -2739,9 +2739,13 @@ sp<IEffect> AudioFlinger::createEffect(
}
// look for the thread where the specified audio session is present
for (size_t i = 0; i < mPlaybackThreads.size(); i++) {
- if (mPlaybackThreads.valueAt(i)->hasAudioSession(sessionId) != 0) {
+ uint32_t sessionType = mPlaybackThreads.valueAt(i)->hasAudioSession(sessionId);
+ if (sessionType != 0) {
io = mPlaybackThreads.keyAt(i);
- break;
+ // thread with same effect session is preferable
+ if ((sessionType & ThreadBase::EFFECT_SESSION) != 0) {
+ break;
+ }
}
}
if (io == 0) {

View File

@ -1,68 +0,0 @@
From c007165a4c8ff93ed1b4d5659cbd71e961e14ef4 Mon Sep 17 00:00:00 2001
From: Jean-Michel Trivi <jmtrivi@google.com>
Date: Fri, 17 May 2019 07:29:07 -0700
Subject: [PATCH] AMR WB encoder: prevent OOB write in ACELP_4t64_fx
In ACELP_4t64_fx, when iterating over ind array, check index against
array size to prevent OOB write, log an error if such an access
was about to happen.
Bug: 132647222
Test: atest EncoderTest#testAMRWBEncoders
Change-Id: I33f476d94baec2feffc7bcccd0ad0481b8452518
(cherry picked from commit 82cb46d0d55a407f468023977204eb7133b7fd77)
Merged-in: I33f476d94baec2feffc7bcccd0ad0481b8452518
(cherry picked from commit 9a44849c88b306e1b4fb37bd9aa34d6ba0607b7a)
---
.../codecs/amrwbenc/SampleCode/Android.mk | 3 ++-
media/libstagefright/codecs/amrwbenc/src/c4t64fx.c | 13 +++++++++++--
2 files changed, 13 insertions(+), 3 deletions(-)
diff --git a/media/libstagefright/codecs/amrwbenc/SampleCode/Android.mk b/media/libstagefright/codecs/amrwbenc/SampleCode/Android.mk
index c203f77e84..7ddbbe5f7b 100644
--- a/media/libstagefright/codecs/amrwbenc/SampleCode/Android.mk
+++ b/media/libstagefright/codecs/amrwbenc/SampleCode/Android.mk
@@ -14,7 +14,8 @@ LOCAL_CFLAGS := -DLINUX
LOCAL_SHARED_LIBRARIES := \
libstagefright \
- libdl
+ libdl \
+ liblog
LOCAL_C_INCLUDES := \
$(LOCAL_PATH)/ \
diff --git a/media/libstagefright/codecs/amrwbenc/src/c4t64fx.c b/media/libstagefright/codecs/amrwbenc/src/c4t64fx.c
index 1ecc11f536..9262a0d49b 100644
--- a/media/libstagefright/codecs/amrwbenc/src/c4t64fx.c
+++ b/media/libstagefright/codecs/amrwbenc/src/c4t64fx.c
@@ -47,6 +47,10 @@
#include "q_pulse.h"
+#undef LOG_TAG
+#define LOG_TAG "amrwbenc"
+#include "log/log.h"
+
static Word16 tipos[36] = {
0, 1, 2, 3, /* starting point &ipos[0], 1st iter */
1, 2, 3, 0, /* starting point &ipos[4], 2nd iter */
@@ -737,11 +741,16 @@ void ACELP_4t64_fx(
i = (Word16)((vo_L_mult(track, NPMAXPT) >> 1));
- while (ind[i] >= 0)
+ while (i < NPMAXPT * NB_TRACK && ind[i] >= 0)
{
i += 1;
}
- ind[i] = index;
+ if (i < NPMAXPT * NB_TRACK) {
+ ind[i] = index;
+ } else {
+ ALOGE("b/132647222, OOB access in ind array track=%d i=%d", track, i);
+ android_errorWriteLog(0x534e4554, "132647222");
+ }
}
k = 0;

View File

@ -1,26 +0,0 @@
From f996521d68b88375bf5a1b357b684bac51e65d47 Mon Sep 17 00:00:00 2001
From: Marco Nelissen <marcone@google.com>
Date: Tue, 14 May 2019 10:53:06 -0700
Subject: [PATCH] Fix overflow/dos in 3gg text description parsing
Bug: 124781927
Test: run pocs
Change-Id: I8765ac9746c3de7d711ef866d4ec0e29972320c0
(cherry picked from commit 851e22d1dc89a7f708b9d2b56947f69cd1a08b94)
---
media/libstagefright/timedtext/TextDescriptions.cpp | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/media/libstagefright/timedtext/TextDescriptions.cpp b/media/libstagefright/timedtext/TextDescriptions.cpp
index c762a74d08..83d15a28ca 100644
--- a/media/libstagefright/timedtext/TextDescriptions.cpp
+++ b/media/libstagefright/timedtext/TextDescriptions.cpp
@@ -383,7 +383,7 @@ status_t TextDescriptions::extract3GPPGlobalDescriptions(
tmpData += 8;
size_t remaining = size - 8;
- if (size < chunkSize) {
+ if (chunkSize <= 8 || size < chunkSize) {
return OK;
}
switch(chunkType) {

View File

@ -1,30 +0,0 @@
From 69e4cbac1cbe2d4c5d3fc92b1b5c731078e8ba13 Mon Sep 17 00:00:00 2001
From: Dongwon Kang <dwkang@google.com>
Date: Fri, 21 Jun 2019 14:17:58 -0700
Subject: [PATCH] m4v_h263: add a test for invalid/negative value
Test: run poc with and without the patch.
Bug: 134578122
Change-Id: I2d11826d1d9e2669aa5627065dc627729ddc823b
(cherry picked from commit 7802c68aebf7908983508fd4a52a7d53746a80eb)
---
.../libstagefright/codecs/m4v_h263/dec/src/packet_util.cpp | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/media/libstagefright/codecs/m4v_h263/dec/src/packet_util.cpp b/media/libstagefright/codecs/m4v_h263/dec/src/packet_util.cpp
index 48414d7b32..5880e3260d 100644
--- a/media/libstagefright/codecs/m4v_h263/dec/src/packet_util.cpp
+++ b/media/libstagefright/codecs/m4v_h263/dec/src/packet_util.cpp
@@ -52,7 +52,11 @@ PV_STATUS PV_ReadVideoPacketHeader(VideoDecData *video, int *next_MB)
PV_BitstreamByteAlign(stream);
BitstreamReadBits32(stream, resync_marker_length);
- *next_MB = (int) BitstreamReadBits16(stream, nbits);
+ int mbnum = (int) BitstreamReadBits16(stream, nbits);
+ if (mbnum < 0) {
+ return PV_FAIL;
+ }
+ *next_MB = mbnum;
// if (*next_MB <= video->mbnum) /* needs more investigation */
// *next_MB = video->mbnum+1;

View File

@ -1,40 +0,0 @@
From 1ce50d3b7dc2658354a878a8c7291bd115f63632 Mon Sep 17 00:00:00 2001
From: Marco Nelissen <marcone@google.com>
Date: Tue, 23 Jul 2019 08:27:46 -0700
Subject: [PATCH] Fix OOB access in mpeg4/h263 decoder
The decoder does not support an increase in frame width, and
would exceed its buffer if the width increased mid-stream.
There was an existing check to prevent the total frame size
(width*height) from increasing, but in fact the decoder also
does not even support a width increase, even if the height
decreases correspondingly.
Bug: 136175447
Bug: 136173699
Test: manual
Change-Id: Ic2d28bb0503635dadeb69ba3be9412d58684e910
(cherry picked from commit ef4ce157000b2b5bcbf2bcb36a228ec604803547)
---
media/libstagefright/codecs/m4v_h263/dec/src/vop.cpp | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/media/libstagefright/codecs/m4v_h263/dec/src/vop.cpp b/media/libstagefright/codecs/m4v_h263/dec/src/vop.cpp
index 56ade8f920..f4c51ae7a6 100644
--- a/media/libstagefright/codecs/m4v_h263/dec/src/vop.cpp
+++ b/media/libstagefright/codecs/m4v_h263/dec/src/vop.cpp
@@ -1351,6 +1351,14 @@ PV_STATUS DecodeShortHeader(VideoDecData *video, Vop *currVop)
int tmpHeight = (tmpDisplayHeight + 15) & -16;
int tmpWidth = (tmpDisplayWidth + 15) & -16;
+ if (tmpWidth > video->width)
+ {
+ // while allowed by the spec, this decoder does not actually
+ // support an increase in size.
+ ALOGE("width increase not supported");
+ status = PV_FAIL;
+ goto return_point;
+ }
if (tmpHeight * tmpWidth > video->size)
{
// This is just possibly "b/37079296".

View File

@ -1,66 +0,0 @@
diff --git a/core/java/android/content/pm/PackageParser.java b/core/java/android/content/pm/PackageParser.java
index e6da288..66684d3 100644
--- a/core/java/android/content/pm/PackageParser.java
+++ b/core/java/android/content/pm/PackageParser.java
@@ -447,10 +447,23 @@ public class PackageParser {
}
}
if ((flags&PackageManager.GET_SIGNATURES) != 0) {
- int N = (p.mSignatures != null) ? p.mSignatures.length : 0;
- if (N > 0) {
- pi.signatures = new Signature[N];
- System.arraycopy(p.mSignatures, 0, pi.signatures, 0, N);
+ boolean handledFakeSignature = false;
+ try {
+ if (p.requestedPermissions.contains("android.permission.FAKE_PACKAGE_SIGNATURE") && p.mAppMetaData != null
+ && p.mAppMetaData.get("fake-signature") instanceof String) {
+ pi.signatures = new Signature[] {new Signature(p.mAppMetaData.getString("fake-signature"))};
+ handledFakeSignature = true;
+ }
+ } catch (Throwable t) {
+ // We should never die because of any failures, this is system code!
+ Log.w("PackageParser.FAKE_PACKAGE_SIGNATURE", t);
+ }
+ if (!handledFakeSignature) {
+ int N = (p.mSignatures != null) ? p.mSignatures.length : 0;
+ if (N > 0) {
+ pi.signatures = new Signature[N];
+ System.arraycopy(p.mSignatures, 0, pi.signatures, 0, N);
+ }
}
}
return pi;
diff --git a/core/res/AndroidManifest.xml b/core/res/AndroidManifest.xml
index 558a475..4e7aa65 100644
--- a/core/res/AndroidManifest.xml
+++ b/core/res/AndroidManifest.xml
@@ -1562,6 +1562,13 @@
android:label="@string/permlab_getPackageSize"
android:description="@string/permdesc_getPackageSize" />
+ <!-- Allows an application to change the package signature as seen by applications -->
+ <permission android:name="android.permission.FAKE_PACKAGE_SIGNATURE"
+ android:permissionGroup="android.permission-group.SYSTEM_TOOLS"
+ android:protectionLevel="dangerous"
+ android:label="@string/permlab_fakePackageSignature"
+ android:description="@string/permdesc_fakePackageSignature" />
+
<!-- @deprecated No longer useful, see
{@link android.content.pm.PackageManager#addPackageToPreferred}
for details. -->
diff --git a/core/res/res/values/strings.xml b/core/res/res/values/strings.xml
index 790e166..8e66470 100644
--- a/core/res/res/values/strings.xml
+++ b/core/res/res/values/strings.xml
@@ -1135,6 +1135,11 @@
<string name="permdesc_getPackageSize">Allows the app to retrieve its code, data, and cache sizes</string>
<!-- Title of an application permission, listed so the user can choose whether they want to allow the application to do this. -->
+ <string name="permlab_fakePackageSignature">mimic package signature</string>
+ <!-- Description of an application permission, listed so the user can choose whether they want to allow the application to do this. -->
+ <string name="permdesc_fakePackageSignature">Allows the app to use mimic another app\'s package signature.</string>
+
+ <!-- Title of an application permission, listed so the user can choose whether they want to allow the application to do this. -->
<string name="permlab_installPackages">directly install apps</string>
<!-- Description of an application permission, listed so the user can choose whether they want to allow the application to do this. -->
<string name="permdesc_installPackages">Allows the app to install new or updated

View File

@ -1,26 +0,0 @@
From 79c65fa6741cecda0b38a4881a07ec54a4896b69 Mon Sep 17 00:00:00 2001
From: Tad <tad@spotco.us>
Date: Tue, 10 Jul 2018 08:13:23 -0400
Subject: [PATCH] Harden signature spoofing
Change-Id: Iad362df358cb9cdf6e2ce9d511f09ee6b77a90e2
---
core/res/AndroidManifest.xml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/core/res/AndroidManifest.xml b/core/res/AndroidManifest.xml
index 1e5a7ad1f9..224fea23c8 100644
--- a/core/res/AndroidManifest.xml
+++ b/core/res/AndroidManifest.xml
@@ -1598,7 +1598,7 @@
<!-- Allows an application to change the package signature as seen by applications -->
<permission android:name="android.permission.FAKE_PACKAGE_SIGNATURE"
android:permissionGroup="android.permission-group.SYSTEM_TOOLS"
- android:protectionLevel="dangerous"
+ android:protectionLevel="signature"
android:label="@string/permlab_fakePackageSignature"
android:description="@string/permdesc_fakePackageSignature" />
--
2.18.0

View File

@ -1,49 +0,0 @@
From ba3aeed507b4af79be3dee4ea401a542b47247e1 Mon Sep 17 00:00:00 2001
From: Chalard Jean <jchalard@google.com>
Date: Mon, 20 May 2019 13:11:37 +0900
Subject: [PATCH] [RESTRICT AUTOMERGE] Protect VPN dialogs against overlay.
Bug: 130568701
Test: manual. After this, can't display on top of it
Change-Id: Ib032f800edb0416cc15f01a34954340d0d0ffa78
(cherry picked from commit 4e80dc2861614d25a1f957f50040a8cf04812d11)
(cherry picked from commit 27d47340496580d66f36a734a115e47eaf550972)
---
packages/VpnDialogs/AndroidManifest.xml | 2 ++
.../VpnDialogs/src/com/android/vpndialogs/ConfirmDialog.java | 3 +++
2 files changed, 5 insertions(+)
diff --git a/packages/VpnDialogs/AndroidManifest.xml b/packages/VpnDialogs/AndroidManifest.xml
index ef640d5fcedb..1e15b2257c21 100644
--- a/packages/VpnDialogs/AndroidManifest.xml
+++ b/packages/VpnDialogs/AndroidManifest.xml
@@ -1,6 +1,8 @@
<manifest xmlns:android="http://schemas.android.com/apk/res/android"
package="com.android.vpndialogs">
+ <uses-permission android:name="android.permission.HIDE_NON_SYSTEM_OVERLAY_WINDOWS"/>
+
<application android:label="VpnDialogs"
android:allowBackup="false" >
<activity android:name=".ConfirmDialog"
diff --git a/packages/VpnDialogs/src/com/android/vpndialogs/ConfirmDialog.java b/packages/VpnDialogs/src/com/android/vpndialogs/ConfirmDialog.java
index 6faf4e09fcbb..65f99268ec77 100644
--- a/packages/VpnDialogs/src/com/android/vpndialogs/ConfirmDialog.java
+++ b/packages/VpnDialogs/src/com/android/vpndialogs/ConfirmDialog.java
@@ -16,6 +16,8 @@
package com.android.vpndialogs;
+import static android.view.WindowManager.LayoutParams.PRIVATE_FLAG_HIDE_NON_SYSTEM_OVERLAY_WINDOWS;
+
import android.content.Context;
import android.content.DialogInterface;
import android.content.Intent;
@@ -76,6 +78,7 @@ protected void onResume() {
setupAlert();
getWindow().setCloseOnTouchOutside(false);
+ getWindow().addPrivateFlags(PRIVATE_FLAG_HIDE_NON_SYSTEM_OVERLAY_WINDOWS);
mButton = mAlert.getButton(DialogInterface.BUTTON_POSITIVE);
mButton.setEnabled(false);
mButton.setFilterTouchesWhenObscured(true);

View File

@ -1,30 +0,0 @@
From 119329bdfbebf3826859000472afbcdb50ad96d8 Mon Sep 17 00:00:00 2001
From: Michael Wachenschwanz <mwachens@google.com>
Date: Wed, 15 May 2019 22:58:15 -0700
Subject: [PATCH] Clear the Parcel before writing an exception during a
transaction
This prevents any object data from being accidentally overwritten by the
exception, which could cause unexpected malformed objects to be sent
across the transaction.
Test: atest CtsOsTestCases:ParcelTest#testExceptionOverwritesObject
Fixes: 34175893
Change-Id: Iaf80a0ad711762992b8ae60f76d861c97a403013
---
core/java/android/os/Binder.java | 2 ++
1 file changed, 2 insertions(+)
diff --git a/core/java/android/os/Binder.java b/core/java/android/os/Binder.java
index f4a83910e652..cd0e5ea76551 100644
--- a/core/java/android/os/Binder.java
+++ b/core/java/android/os/Binder.java
@@ -413,6 +413,8 @@ private boolean execTransact(int code, int dataObj, int replyObj,
if ((flags & FLAG_ONEWAY) != 0) {
Log.w(TAG, "Caught a RuntimeException from the binder stub implementation.", e);
}
+ // Clear the parcel before writing the exception
+ reply.setDataSize(0);
reply.setDataPosition(0);
reply.writeException(e);
res = true;

View File

@ -1,99 +0,0 @@
From 563e93ae4a060df93044313818b4164fd96362d9 Mon Sep 17 00:00:00 2001
From: Jeff Sharkey <jsharkey@android.com>
Date: Wed, 17 Jul 2019 18:51:28 -0600
Subject: [PATCH] RESTRICT AUTOMERGE Enable stricter SQLiteQueryBuilder
options.
Malicious callers can leak side-channel information by using
subqueries in any untrusted inputs where SQLite allows "expr" values.
This change starts using setStrictColumns() and setStrictGrammar()
on SQLiteQueryBuilder to block this class of attacks. This means we
now need to define the projection mapping of valid columns, which
consists of both the columns defined in the public API and columns
read internally by DownloadInfo.Reader.
We're okay growing sAppReadableColumnsSet like this, since we're
relying on our trusted WHERE clause to filter away any rows that
don't belong to the calling UID.
Remove the legacy Lexer code, since we're now internally relying on
the robust and well-tested SQLiteTokenizer logic.
Bug: 135270103
Bug: 135269143
Test: atest DownloadProviderTests
Test: atest CtsAppTestCases:android.app.cts.DownloadManagerTest
Change-Id: Iec1e8ce18dc4a9564318e0473d9d3863c8c2988a
(cherry picked from commit 13f49c42599dc2ea0be376be34275aefcb70d398)
---
core/java/android/app/DownloadManager.java | 42 +++++++++++-----------
1 file changed, 22 insertions(+), 20 deletions(-)
diff --git a/core/java/android/app/DownloadManager.java b/core/java/android/app/DownloadManager.java
index 91925db26e58..67b7446388d7 100755
--- a/core/java/android/app/DownloadManager.java
+++ b/core/java/android/app/DownloadManager.java
@@ -114,6 +114,9 @@
*/
public final static String COLUMN_STATUS = Downloads.Impl.COLUMN_STATUS;
+ /** {@hide} */
+ public static final String COLUMN_FILE_NAME_HINT = Downloads.Impl.COLUMN_FILE_NAME_HINT;
+
/**
* Provides more detail on the status of the download. Its meaning depends on the value of
* {@link #COLUMN_STATUS}.
@@ -151,6 +154,9 @@
*/
public static final String COLUMN_MEDIAPROVIDER_URI = Downloads.Impl.COLUMN_MEDIAPROVIDER_URI;
+ /** {@hide} */
+ public static final String COLUMN_DESTINATION = Downloads.Impl.COLUMN_DESTINATION;
+
/**
* @hide
*/
@@ -319,26 +325,22 @@
* @hide
*/
public static final String[] UNDERLYING_COLUMNS = new String[] {
- Downloads.Impl._ID,
- Downloads.Impl._DATA + " AS " + COLUMN_LOCAL_FILENAME,
- Downloads.Impl.COLUMN_MEDIAPROVIDER_URI,
- Downloads.Impl.COLUMN_DESTINATION,
- Downloads.Impl.COLUMN_TITLE,
- Downloads.Impl.COLUMN_DESCRIPTION,
- Downloads.Impl.COLUMN_URI,
- Downloads.Impl.COLUMN_STATUS,
- Downloads.Impl.COLUMN_FILE_NAME_HINT,
- Downloads.Impl.COLUMN_MIME_TYPE + " AS " + COLUMN_MEDIA_TYPE,
- Downloads.Impl.COLUMN_TOTAL_BYTES + " AS " + COLUMN_TOTAL_SIZE_BYTES,
- Downloads.Impl.COLUMN_LAST_MODIFICATION + " AS " + COLUMN_LAST_MODIFIED_TIMESTAMP,
- Downloads.Impl.COLUMN_CURRENT_BYTES + " AS " + COLUMN_BYTES_DOWNLOADED_SO_FAR,
- Downloads.Impl.COLUMN_ALLOW_WRITE,
- /* add the following 'computed' columns to the cursor.
- * they are not 'returned' by the database, but their inclusion
- * eliminates need to have lot of methods in CursorTranslator
- */
- "'placeholder' AS " + COLUMN_LOCAL_URI,
- "'placeholder' AS " + COLUMN_REASON
+ DownloadManager.COLUMN_ID,
+ DownloadManager.COLUMN_LOCAL_FILENAME,
+ DownloadManager.COLUMN_MEDIAPROVIDER_URI,
+ DownloadManager.COLUMN_DESTINATION,
+ DownloadManager.COLUMN_TITLE,
+ DownloadManager.COLUMN_DESCRIPTION,
+ DownloadManager.COLUMN_URI,
+ DownloadManager.COLUMN_STATUS,
+ DownloadManager.COLUMN_FILE_NAME_HINT,
+ DownloadManager.COLUMN_MEDIA_TYPE,
+ DownloadManager.COLUMN_TOTAL_SIZE_BYTES,
+ DownloadManager.COLUMN_LAST_MODIFIED_TIMESTAMP,
+ DownloadManager.COLUMN_BYTES_DOWNLOADED_SO_FAR,
+ DownloadManager.COLUMN_ALLOW_WRITE,
+ DownloadManager.COLUMN_LOCAL_URI,
+ DownloadManager.COLUMN_REASON
};
/**

View File

@ -1,38 +0,0 @@
From 34d287505f8c992b1ba3416b89fca16482123e48 Mon Sep 17 00:00:00 2001
From: Seigo Nonaka <nona@google.com>
Date: Mon, 16 Sep 2019 14:49:49 -0700
Subject: [PATCH] Do not compute outside given range in TextLine
This is second attempt of I646851973b3816bf9ba32dfe26748c0345a5a081
which breaks various layout test on application.
The empty string must be also handled by the TextLine since it
retrieves the default line height from the empty string.
Bug: 140632678
Test: StaticLayoutTest
Test: Manually done
Change-Id: I7089ed9b711dddd7de2b27c9c2fa0fb4cb53a735
---
core/java/android/text/TextLine.java | 2 ++
1 file changed, 2 insertions(+)
diff --git a/core/java/android/text/TextLine.java b/core/java/android/text/TextLine.java
index 1fecf81d5a4f..712007ed0577 100644
--- a/core/java/android/text/TextLine.java
+++ b/core/java/android/text/TextLine.java
@@ -206,6 +206,7 @@ void draw(Canvas c, float x, int top, int y, int bottom) {
int lastRunIndex = runs.length - 2;
for (int i = 0; i < runs.length; i += 2) {
int runStart = runs[i];
+ if (runStart > mLen) break;
int runLimit = runStart + (runs[i+1] & Layout.RUN_LENGTH_MASK);
if (runLimit > mLen) {
runLimit = mLen;
@@ -301,6 +302,7 @@ float measure(int offset, boolean trailing, FontMetricsInt fmi) {
int[] runs = mDirections.mDirections;
for (int i = 0; i < runs.length; i += 2) {
int runStart = runs[i];
+ if (runStart > mLen) break;
int runLimit = runStart + (runs[i+1] & Layout.RUN_LENGTH_MASK);
if (runLimit > mLen) {
runLimit = mLen;

View File

@ -1,29 +0,0 @@
From a501f19d464306ed340c1c9d1b217c82cf8fda57 Mon Sep 17 00:00:00 2001
From: Jing Ji <jji@google.com>
Date: Mon, 4 Nov 2019 14:22:27 -0800
Subject: [PATCH] Prevent system uid component from running in an isolated app
process
Bug: 140055304
Test: Manua
Change-Id: Ie7f6ed23f0c6009aad0f67a00af119b02cdceac3
Merged-In: I5a1618fab529cb0300d4a8e9c7762ee218ca09eb
(cherry picked from commit 0bfebadf304bdd5f921e80f93de3e0d13b88b79c)
---
.../java/com/android/server/am/ActivityManagerService.java | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/services/java/com/android/server/am/ActivityManagerService.java b/services/java/com/android/server/am/ActivityManagerService.java
index bae278c5450e..12d22c03bc75 100644
--- a/services/java/com/android/server/am/ActivityManagerService.java
+++ b/services/java/com/android/server/am/ActivityManagerService.java
@@ -2651,7 +2651,8 @@ final ProcessRecord getProcessRecordLocked(String processName, int uid, boolean
final int procCount = procs.size();
for (int i = 0; i < procCount; i++) {
final int procUid = procs.keyAt(i);
- if (UserHandle.isApp(procUid) || !UserHandle.isSameUser(procUid, uid)) {
+ if (UserHandle.isApp(procUid) || !UserHandle.isSameUser(procUid, uid)
+ || UserHandle.isIsolated(procUid)) {
// Don't use an app process or different user process for system component.
continue;
}

View File

@ -1,29 +0,0 @@
From 2f6bf894b7c3462f0af6cebfb7b7400f820e4220 Mon Sep 17 00:00:00 2001
From: Steven Moreland <smoreland@google.com>
Date: Fri, 17 May 2019 13:11:30 -0700
Subject: [PATCH] readCString: no ubsan sub-overflow
Bug: 132650049
Test: fuzzer
Change-Id: I1f6dcad6906951ab505a7500573b74b210a68705
Merged-In: I1f6dcad6906951ab505a7500573b74b210a68705
(cherry picked from commit 1086548c6ceb141e2852d2690db8386911a014dd)
---
libs/binder/Parcel.cpp | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/libs/binder/Parcel.cpp b/libs/binder/Parcel.cpp
index e369c444ba..2ca4170c7d 100644
--- a/libs/binder/Parcel.cpp
+++ b/libs/binder/Parcel.cpp
@@ -1136,8 +1136,8 @@ intptr_t Parcel::readIntPtr() const
const char* Parcel::readCString() const
{
- const size_t avail = mDataSize-mDataPos;
- if (avail > 0) {
+ if (mDataPos < mDataSize) {
+ const size_t avail = mDataSize-mDataPos;
const char* str = reinterpret_cast<const char*>(mData+mDataPos);
// is the string's trailing NUL within the parcel's valid bounds?
const char* eos = reinterpret_cast<const char*>(memchr(str, 0, avail));

View File

@ -1,37 +0,0 @@
From 8abbfba105c0d394b10a6f9d2fcc1a6441a8b0ca Mon Sep 17 00:00:00 2001
From: Michael Wachenschwanz <mwachens@google.com>
Date: Mon, 3 Jun 2019 17:24:51 -0700
Subject: [PATCH] Free mObjects if no objects left to realloc on resize
Fixes: 134168436
Test: atest CtsOsTestCases:ParcelTest#testObjectDoubleFree
Change-Id: I82e7e8c7b4206fb45b832a71d174df45edb62710
---
libs/binder/Parcel.cpp | 14 ++++++++++----
1 file changed, 10 insertions(+), 4 deletions(-)
diff --git a/libs/binder/Parcel.cpp b/libs/binder/Parcel.cpp
index 2ca4170c7d..4d13767a2b 100644
--- a/libs/binder/Parcel.cpp
+++ b/libs/binder/Parcel.cpp
@@ -1647,10 +1647,16 @@ status_t Parcel::continueWrite(size_t desired)
}
release_object(proc, *flat, this);
}
- size_t* objects =
- (size_t*)realloc(mObjects, objectsSize*sizeof(size_t));
- if (objects) {
- mObjects = objects;
+
+ if (objectsSize == 0) {
+ free(mObjects);
+ mObjects = NULL;
+ } else {
+ size_t* objects =
+ (size_t*)realloc(mObjects, objectsSize*sizeof(size_t));
+ if (objects) {
+ mObjects = objects;
+ }
}
mObjectsSize = objectsSize;
mNextObjectHint = 0;

View File

@ -1,28 +0,0 @@
From 84a415c8fc3b7e22d253243eb7a23c058483cc92 Mon Sep 17 00:00:00 2001
From: Brian Duddie <bduddie@google.com>
Date: Thu, 6 Jun 2019 16:43:41 -0700
Subject: [PATCH] Fix race between SensorManager ctor and callback
Avoids potential invalid memory access if system server crashes during
initialization.
Bug: 132927376
Test: confirm sensors initialize
Change-Id: If7421c452b5893ab2567323d265503a1ce304482
---
libs/gui/SensorManager.cpp | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libs/gui/SensorManager.cpp b/libs/gui/SensorManager.cpp
index b80da56813..3450395756 100644
--- a/libs/gui/SensorManager.cpp
+++ b/libs/gui/SensorManager.cpp
@@ -41,7 +41,7 @@ ANDROID_SINGLETON_STATIC_INSTANCE(SensorManager)
SensorManager::SensorManager()
: mSensorList(0)
{
- // okay we're not locked here, but it's not needed during construction
+ Mutex::Autolock _l(mLock);
assertStateLocked();
}

View File

@ -1,24 +0,0 @@
From f67900ad9370a7e7f0186b3f459dad2c74db7aae Mon Sep 17 00:00:00 2001
From: Tad <tad@spotco.us>
Date: Sun, 11 Dec 2016 23:15:20 -0500
Subject: [PATCH] Fixes
Change-Id: I55eb4f1af258b649ddc36bd822d9b28f9fd64ce9
---
include/linux/msm_mdp.h | 1 +
1 file changed, 1 insertion(+)
diff --git a/include/linux/msm_mdp.h b/include/linux/msm_mdp.h
index 8f829ef..cf6d3d0 100644
--- a/include/linux/msm_mdp.h
+++ b/include/linux/msm_mdp.h
@@ -574,6 +574,7 @@ struct mdp_buf_sync {
uint32_t acq_fen_fd_cnt;
int *acq_fen_fd;
int *rel_fen_fd;
+ int *retire_fen_fd;
};
struct mdp_buf_fence {
--
2.9.3

View File

@ -1,46 +0,0 @@
From 0cf201d4e94528a997efc74e8937d3950d8c9ed9 Mon Sep 17 00:00:00 2001
From: Cheney Ni <cheneyni@google.com>
Date: Fri, 23 Aug 2019 23:05:19 +0800
Subject: [PATCH] AdapterService: Check the PIN code length before using
The length is assigned by the framework. We should be better to check
again before using, and dropped any unexcepted input.
Bug: 139287605
Test: PoC, atest -t BluetoothInstrumentationTests:com.android.bluetooth.btservice
Change-Id: Ie2dd01e0b192e7ed1fe4b464618ddfa415dbf15c
(cherry picked from commit d6c84aa34962333448e0ed8e4ddbc9de8b73c5ac)
---
.../android/bluetooth/btservice/AdapterService.java | 12 ++++++++++++
1 file changed, 12 insertions(+)
diff --git a/src/com/android/bluetooth/btservice/AdapterService.java b/src/com/android/bluetooth/btservice/AdapterService.java
index a6d0b1cb2..0e4845f71 100644
--- a/src/com/android/bluetooth/btservice/AdapterService.java
+++ b/src/com/android/bluetooth/btservice/AdapterService.java
@@ -1457,6 +1457,12 @@ boolean setPin(BluetoothDevice device, boolean accept, int len, byte[] pinCode)
return false;
}
+ if (pinCode.length != len) {
+ android.util.EventLog.writeEvent(0x534e4554, "139287605", -1,
+ "PIN code length mismatch");
+ return false;
+ }
+
byte[] addr = Utils.getBytesFromAddress(device.getAddress());
return pinReplyNative(addr, accept, len, pinCode);
}
@@ -1468,6 +1474,12 @@ boolean setPasskey(BluetoothDevice device, boolean accept, int len, byte[] passk
return false;
}
+ if (passkey.length != len) {
+ android.util.EventLog.writeEvent(0x534e4554, "139287605", -1,
+ "Passkey length mismatch");
+ return false;
+ }
+
byte[] addr = Utils.getBytesFromAddress(device.getAddress());
return sspReplyNative(addr, AbstractionLayer.BT_SSP_VARIANT_PASSKEY_ENTRY, accept,
Utils.byteArrayToInt(passkey));

View File

@ -1,277 +0,0 @@
From 69d632664ec7cc60d5f9037ae306c97b4abfbb6f Mon Sep 17 00:00:00 2001
From: Tad <tad@spotco.us>
Date: Tue, 18 Dec 2018 23:35:40 -0500
Subject: [PATCH] Remove CMStats
Change-Id: I874c5b7eb571a0a2ac551dedd0da44eaa79af472
---
AndroidManifest.xml | 2 --
src/com/android/dialer/CallDetailActivity.java | 7 -----
src/com/android/dialer/CallDetailHeader.java | 4 ---
src/com/android/dialer/DialtactsActivity.java | 33 ----------------------
src/com/android/dialer/calllog/CallLogAdapter.java | 4 ---
.../android/dialer/dialpad/DialpadFragment.java | 3 --
.../android/dialer/list/AllContactsActivity.java | 4 ---
src/com/android/dialer/list/SearchFragment.java | 4 ---
8 files changed, 61 deletions(-)
diff --git a/AndroidManifest.xml b/AndroidManifest.xml
index 0a36776..80e9939 100755
--- a/AndroidManifest.xml
+++ b/AndroidManifest.xml
@@ -52,8 +52,6 @@
<uses-permission android:name="android.permission.RECEIVE_BOOT_COMPLETED" />
<!-- allow brodcasting across all users -->
<uses-permission android:name="android.permission.INTERACT_ACROSS_USERS" />
- <!-- send analytic events through internal package -->
- <uses-permission android:name="com.cyngn.cmstats.SEND_ANALYTICS" />
<!-- This tells the activity manager to not delay any of our activity
start requests, even if they happen immediately after the user
presses home. -->
diff --git a/src/com/android/dialer/CallDetailActivity.java b/src/com/android/dialer/CallDetailActivity.java
index 711b616..89d723f 100755
--- a/src/com/android/dialer/CallDetailActivity.java
+++ b/src/com/android/dialer/CallDetailActivity.java
@@ -60,7 +60,6 @@ import com.android.dialer.calllog.ContactInfo;
import com.android.dialer.calllog.ContactInfoHelper;
import com.android.dialer.calllog.PhoneNumberDisplayHelper;
import com.android.dialer.calllog.PhoneNumberUtilsWrapper;
-import com.android.dialer.cmstats.DialerStats;
import com.android.dialer.util.AsyncTaskExecutor;
import com.android.dialer.util.AsyncTaskExecutors;
import com.android.dialer.util.CallRecordingPlayer;
@@ -453,12 +452,6 @@ public class CallDetailActivity extends Activity implements ProximitySensorAware
isBusiness ? ContactPhotoManager.TYPE_BUSINESS :
ContactPhotoManager.TYPE_DEFAULT;
- // Track percentage of time that contact photo is present on details page
- String imageFound = firstDetails.photoUri != null ?
- "details_image_found" : "details_image_not_found";
- DialerStats.sendEvent(CallDetailActivity.this,
- DialerStats.Categories.DETAILS_CONTACT_IMAGE, imageFound);
-
mCallDetailHeader.loadContactPhotos(firstDetails.photoUri, displayNameForDefaultImage, lookupKey, contactType);
findViewById(R.id.call_detail).setVisibility(View.VISIBLE);
diff --git a/src/com/android/dialer/CallDetailHeader.java b/src/com/android/dialer/CallDetailHeader.java
index 1247b6d..6b36f1a 100644
--- a/src/com/android/dialer/CallDetailHeader.java
+++ b/src/com/android/dialer/CallDetailHeader.java
@@ -56,7 +56,6 @@ import com.android.dialer.calllog.PhoneNumberDisplayHelper;
import com.android.dialer.calllog.PhoneNumberUtilsWrapper;
import android.provider.ContactsContract.DisplayNameSources;
-import com.android.dialer.cmstats.DialerStats;
import com.android.internal.telephony.MSimConstants;
public class CallDetailHeader {
@@ -110,9 +109,6 @@ public class CallDetailHeader {
return;
}
Intent intent = ((ViewEntry) view.getTag()).primaryIntent;
- if (TextUtils.equals(intent.getAction(), Intent.ACTION_CALL_PRIVILEGED)) {
- DialerStats.sendEvent(mActivity, DialerStats.Categories.INITIATE_CALL, "call_from_detail_page");
- }
mActivity.startActivity(intent);
}
};
diff --git a/src/com/android/dialer/DialtactsActivity.java b/src/com/android/dialer/DialtactsActivity.java
index a26bc17..49c2427 100644
--- a/src/com/android/dialer/DialtactsActivity.java
+++ b/src/com/android/dialer/DialtactsActivity.java
@@ -71,7 +71,6 @@ import com.android.contacts.common.dialog.ClearFrequentsDialog;
import com.android.contacts.common.interactions.ImportExportDialogFragment;
import com.android.contacts.common.list.OnPhoneNumberPickerActionListener;
import com.android.dialer.calllog.CallLogActivity;
-import com.android.dialer.cmstats.DialerStats;
import com.android.dialer.database.DialerDatabaseHelper;
import com.android.dialer.dialpad.DialpadFragment;
import com.android.dialer.dialpad.SmartDialNameMatcher;
@@ -285,14 +284,6 @@ public class DialtactsActivity extends TransactionSafeActivity implements View.O
new OnPhoneNumberPickerActionListener() {
@Override
public void onPickPhoneNumberAction(Uri dataUri) {
- if (mInDialpadSearch) {
- DialerStats.sendEvent(DialtactsActivity.this,
- DialerStats.Categories.INITIATE_CALL, "call_from_dialpad_search");
- } else if (mInRegularSearch) {
- DialerStats.sendEvent(DialtactsActivity.this,
- DialerStats.Categories.INITIATE_CALL, "call_from_regular_search");
- }
-
// Specify call-origin so that users will see the previous tab instead of
// CallLog screen (search UI will be automatically exited).
PhoneNumberInteraction.startInteractionForPhoneCall(
@@ -392,8 +383,6 @@ public class DialtactsActivity extends TransactionSafeActivity implements View.O
setContentView(R.layout.dialtacts_activity);
- DialerStats.sendEvent(this, DialerStats.Categories.APP_LAUNCH, DialtactsActivity.class.getSimpleName());
-
// Add the favorites fragment, and the dialpad fragment, but only if savedInstanceState
// is null. Otherwise the fragment manager takes care of recreating these fragments.
if (savedInstanceState == null) {
@@ -594,7 +583,6 @@ public class DialtactsActivity extends TransactionSafeActivity implements View.O
}
break;
case R.id.voice_search_button:
- DialerStats.sendEvent(DialtactsActivity.this, DialerStats.Categories.BUTTON_EVENT, "voice_clicked");
try {
startActivityForResult(new Intent(RecognizerIntent.ACTION_RECOGNIZE_SPEECH),
ACTIVITY_REQUEST_CODE_VOICE_SEARCH);
@@ -646,7 +634,6 @@ public class DialtactsActivity extends TransactionSafeActivity implements View.O
}
private void showDialpadFragment(boolean animate) {
- DialerStats.sendEvent(DialtactsActivity.this, DialerStats.Categories.BUTTON_EVENT, "dialer_shown");
mDialpadFragment.setAdjustTranslationForAnimation(animate);
final FragmentTransaction ft = getFragmentManager().beginTransaction();
if (animate) {
@@ -692,7 +679,6 @@ public class DialtactsActivity extends TransactionSafeActivity implements View.O
mSearchView = (EditText) findViewById(R.id.search_view);
mSearchView.addTextChangedListener(mPhoneSearchQueryTextListener);
mSearchView.setHint(getString(R.string.dialer_hint_find_contact));
- setupEvent(mSearchViewContainer, R.id.search_view, DialerStats.Categories.BUTTON_EVENT, "search_clicked");
prepareVoiceSearchButton();
}
@@ -948,14 +934,12 @@ public class DialtactsActivity extends TransactionSafeActivity implements View.O
new PhoneFavoriteFragment.Listener() {
@Override
public void onContactSelected(Uri contactUri) {
- DialerStats.sendEvent(DialtactsActivity.this, DialerStats.Categories.INITIATE_CALL, "call_from_favorite_tile");
PhoneNumberInteraction.startInteractionForPhoneCall(
DialtactsActivity.this, contactUri, getCallOrigin());
}
@Override
public void onCallNumberDirectly(String phoneNumber) {
- DialerStats.sendEvent(DialtactsActivity.this, DialerStats.Categories.INITIATE_CALL, "call_from_favorite_tile");
Intent intent = CallUtil.getCallIntent(phoneNumber, getCallOrigin());
startActivity(intent);
}
@@ -1173,7 +1157,6 @@ public class DialtactsActivity extends TransactionSafeActivity implements View.O
}
public void allContactsClick(View v) {
- DialerStats.sendEvent(DialtactsActivity.this, DialerStats.Categories.BUTTON_EVENT, "contacts_clicked");
onShowAllContacts();
}
@@ -1245,20 +1228,4 @@ public class DialtactsActivity extends TransactionSafeActivity implements View.O
return getResources().getBoolean(R.bool.config_show_onscreen_dial_button);
}
- /**
- * Add analytics event for view
- * @param v
- * @param buttonId
- * @param category
- * @param action
- */
- private void setupEvent(View v, int buttonId, final String category, final String action) {
- final View pageviewButton = v.findViewById(buttonId);
- pageviewButton.setOnClickListener(new View.OnClickListener() {
- @Override
- public void onClick(View v) {
- DialerStats.sendEvent(DialtactsActivity.this, category, action);
- }
- });
- }
}
diff --git a/src/com/android/dialer/calllog/CallLogAdapter.java b/src/com/android/dialer/calllog/CallLogAdapter.java
index 26664fd..1571d22 100755
--- a/src/com/android/dialer/calllog/CallLogAdapter.java
+++ b/src/com/android/dialer/calllog/CallLogAdapter.java
@@ -44,7 +44,6 @@ import com.android.dialer.PhoneCallDetails;
import com.android.dialer.PhoneCallDetailsHelper;
import com.android.dialer.R;
import com.android.dialer.calllog.CallLogAdapterHelper.NumberWithCountryIso;
-import com.android.dialer.cmstats.DialerStats;
import com.google.common.annotations.VisibleForTesting;
import com.google.common.base.Objects;
@@ -123,9 +122,6 @@ public class CallLogAdapter extends GroupingListAdapter
final Intent intent = intentProvider.getIntent(mContext);
// See IntentProvider.getCallDetailIntentProvider() for why this may be null.
if (intent != null) {
- if (mStatsLabel != null) {
- DialerStats.sendEvent(mContext, DialerStats.Categories.INITIATE_CALL, mStatsLabel);
- }
mContext.startActivity(intent);
}
}
diff --git a/src/com/android/dialer/dialpad/DialpadFragment.java b/src/com/android/dialer/dialpad/DialpadFragment.java
index 77cbb08..6edf4d2 100644
--- a/src/com/android/dialer/dialpad/DialpadFragment.java
+++ b/src/com/android/dialer/dialpad/DialpadFragment.java
@@ -84,7 +84,6 @@ import com.android.dialer.NeededForReflection;
import com.android.dialer.DialtactsActivity;
import com.android.dialer.R;
import com.android.dialer.SpecialCharSequenceMgr;
-import com.android.dialer.cmstats.DialerStats;
import com.android.dialer.SpeedDialUtils;
import com.android.dialer.SpeedDialListActivity;
import com.android.dialer.database.DialerDatabaseHelper;
@@ -1285,8 +1284,6 @@ public class DialpadFragment extends Fragment
if (isDigitsEmpty()) { // No number entered.
handleDialButtonClickWithEmptyDigits();
} else {
- DialerStats.sendEvent(getActivity(), DialerStats.Categories.INITIATE_CALL, "call_from_dialpad_direct");
-
final String number = mDigits.getText().toString();
// "persist.radio.otaspdial" is a temporary hack needed for one carrier's automated
diff --git a/src/com/android/dialer/list/AllContactsActivity.java b/src/com/android/dialer/list/AllContactsActivity.java
index 5773123..66a891b 100644
--- a/src/com/android/dialer/list/AllContactsActivity.java
+++ b/src/com/android/dialer/list/AllContactsActivity.java
@@ -32,7 +32,6 @@ import com.android.contacts.common.activity.TransactionSafeActivity;
import com.android.contacts.common.list.OnPhoneNumberPickerActionListener;
import com.android.dialer.DialtactsActivity;
import com.android.dialer.R;
-import com.android.dialer.cmstats.DialerStats;
import com.android.dialer.interactions.PhoneNumberInteraction;
public class AllContactsActivity extends TransactionSafeActivity {
@@ -45,9 +44,6 @@ public class AllContactsActivity extends TransactionSafeActivity {
new OnPhoneNumberPickerActionListener() {
@Override
public void onPickPhoneNumberAction(Uri dataUri) {
- DialerStats.sendEvent(AllContactsActivity.this,
- DialerStats.Categories.INITIATE_CALL, "call_from_all_contacts");
-
// Specify call-origin so that users will see the previous tab instead of
// CallLog screen (search UI will be automatically exited).
PhoneNumberInteraction.startInteractionForPhoneCall(
diff --git a/src/com/android/dialer/list/SearchFragment.java b/src/com/android/dialer/list/SearchFragment.java
index d7b0ef3..36871dc 100644
--- a/src/com/android/dialer/list/SearchFragment.java
+++ b/src/com/android/dialer/list/SearchFragment.java
@@ -30,7 +30,6 @@ import com.android.contacts.common.list.OnPhoneNumberPickerActionListener;
import com.android.contacts.common.list.PhoneNumberPickerFragment;
import com.android.dialer.DialtactsActivity;
import com.android.dialer.R;
-import com.android.dialer.cmstats.DialerStats;
import com.android.dialer.dialpad.DialpadFragment;
import com.android.dialer.list.OnListFragmentScrolledListener;
@@ -104,15 +103,12 @@ public class SearchFragment extends PhoneNumberPickerFragment {
(DirectoryPartition)adapter.getPartition(adapter.getPartitionForPosition(position));
if (TextUtils.equals(partition.getLabel(),
getResources().getString(R.string.nearby_places))) {
- DialerStats.sendEvent(getContext(), "lookup", "nearby_lookup");
}
super.onItemClick(position, id);
} else if (shortcutType == DialerPhoneNumberListAdapter.SHORTCUT_DIRECT_CALL) {
final OnPhoneNumberPickerActionListener listener =
getOnPhoneNumberPickerListener();
if (listener != null) {
- DialerStats.sendEvent(getContext(),
- DialerStats.Categories.INITIATE_CALL, "call_from_direct_dial_search");
listener.onCallNumberDirectly(getQueryString());
}
} else if (shortcutType == DialerPhoneNumberListAdapter.SHORTCUT_ADD_NUMBER_TO_CONTACTS) {
--
1.8.3.1

View File

@ -1,107 +0,0 @@
From f291cb8c6b1e0c8554f4407e9b1e9be27e74058e Mon Sep 17 00:00:00 2001
From: Raman Tenneti <rtenneti@google.com>
Date: Mon, 13 May 2019 13:29:40 -0700
Subject: [PATCH] AOSP/Email - bug fix: do not allow composing message with
hidden private data attachments.
Ported/merged thefollowing from CL
https://critique.corp.google.com/#review/247540041
original file:
java/com/google/android/apps/gmail/unifiedgmail/src/com/google/android/gm/ComposeActivityGmailExternal.java
aosp's version:
src/com/android/email/activity/ComposeActivityEmailExternal.java
Change description from the above CL:
"Switch intent filtering to be whitelist based rather than blacklist based.
ComposeActivityGmailExternal should whitelist what extras we allow in.
This is a very belated follow up to cl/235253805 where I wrote a quick fix
as a blacklist based solution."
Bug: 127320867
Test: manual - Ran the following tests on Pixel phone. Tested the email UI.
$ make -j 40
-rw-r--r-- 1 rtenneti primarygroup 6375626 May 5 19:49 out/target/product/marlin/system/product/app/Email/Email.apk
$ make UnifiedEmailTests -j
-rw-r--r-- 1 rtenneti primarygroup 311703 May 5 20:04 out/target/product/marlin/testcases/UnifiedEmailTests/arm64/UnifiedEmailTests.apk
$ make EmailTests -j
-rw-r--r-- 1 rtenneti primarygroup 365023 May 13 14:39 out/target/product/marlin/testcases/EmailTests/arm64/EmailTests.apk
$ adb install -r out/target/product/marlin/system/product/app/Email/Email.apk
$ adb install -r out/target/product/marlin/testcases/EmailTests/arm64/EmailTests.apk
$ adb install -r out/target/product/marlin/testcases/UnifiedEmailTests/arm64/UnifiedEmailTests.apk
$ adb shell am instrument -w com.android.mail.emailtests
Time: 3.519
OK (157 tests)
Change-Id: I5f6541ceb79a1a1c598d0c8207e3cab98d1a8ac5
Merged-In: I5f6541ceb79a1a1c598d0c8207e3cab98d1a8ac5
(cherry picked from commit e81f6f92bbdd43f34aa25fc2b7605aeb887af2cc)
---
.../ComposeActivityEmailExternal.java | 36 +++++++++++++++++++
1 file changed, 36 insertions(+)
diff --git a/src/com/android/email/activity/ComposeActivityEmailExternal.java b/src/com/android/email/activity/ComposeActivityEmailExternal.java
index 455193bea..a5cbe9d3a 100644
--- a/src/com/android/email/activity/ComposeActivityEmailExternal.java
+++ b/src/com/android/email/activity/ComposeActivityEmailExternal.java
@@ -16,11 +16,21 @@
package com.android.email.activity;
+import android.content.Intent;
+import android.os.Bundle;
+import com.android.mail.compose.ComposeActivity;
+
/**
* A subclass of {@link ComposeActivityEmail} which is exported for other Android packages to open.
*/
public class ComposeActivityEmailExternal extends ComposeActivityEmail {
+ @Override
+ protected void onCreate(Bundle savedInstanceState) {
+ sanitizeIntent();
+ super.onCreate(savedInstanceState);
+ }
+
/**
* Only relevant when WebView Compose is enabled. Change this when WebView
* Compose is enabled for Email.
@@ -29,4 +39,30 @@
public boolean isExternal() {
return false;
}
+
+ /**
+ * Overrides the value of {@code #getIntent()} so any future callers will get a sanitized version
+ * of the intent.
+ */
+ // See b/114493057 for context.
+ private void sanitizeIntent() {
+ Intent sanitizedIntent = getIntent();
+ if (sanitizedIntent != null) {
+ Bundle originalExtras = sanitizedIntent.getExtras();
+ sanitizedIntent.replaceExtras(new Bundle());
+ copyStringExtraIfExists(ComposeActivity.EXTRA_SUBJECT, originalExtras, sanitizedIntent);
+ copyStringExtraIfExists(ComposeActivity.EXTRA_TO, originalExtras, sanitizedIntent);
+ copyStringExtraIfExists(ComposeActivity.EXTRA_CC, originalExtras, sanitizedIntent);
+ copyStringExtraIfExists(ComposeActivity.EXTRA_BCC, originalExtras, sanitizedIntent);
+ copyStringExtraIfExists(ComposeActivity.EXTRA_BODY, originalExtras, sanitizedIntent);
+ setIntent(sanitizedIntent);
+ }
+ }
+
+ private void copyStringExtraIfExists(
+ String extraKey, Bundle originalExtras, Intent sanitizedIntent) {
+ if (originalExtras.containsKey(extraKey)) {
+ sanitizedIntent.putExtra(extraKey, originalExtras.getString(extraKey));
+ }
+ }
}

View File

@ -1,48 +0,0 @@
From 0e2e8cafa51610f103da120bd75f216bfae12769 Mon Sep 17 00:00:00 2001
From: Raman Tenneti <rtenneti@google.com>
Date: Tue, 25 Jun 2019 18:04:39 -0700
Subject: [PATCH] AOSP/Email - Create an empty Bundle if originalExtras doesn't
exit. Backporting the fix to fix NullPointerException.
+ Added "originalExtras = new Bundle();" change from cl/247540041
Bug: 135889250
Bug: 127320867
Test: manual - Ran the following tests on Pixel phone. Tested the email UI.
$ make -j 40
-rw-r--r-- 1 rtenneti primarygroup 6371530 Jun 25 17:23 out/target/product/marlin/system/product/app/Email/Email.apk
$ make EmailTests -j
-rw-r--r-- 1 rtenneti primarygroup 365023 Jun 25 17:49 out/target/product/marlin/testcases/EmailTests/arm64/EmailTests.apk
$ adb install -r out/target/product/marlin/system/product/app/Email/Email.apk
$ adb install -r out/target/product/marlin/testcases/EmailTests/arm64/EmailTests.apk
$ adb shell am instrument -w com.android.email.tests
Time: 2.986
OK (157 tests)
Change-Id: Ica9eb7ad3ddd11c752a526c2b1d5f086c74da283
Merged-In: Ica9eb7ad3ddd11c752a526c2b1d5f086c74da283
(cherry picked from commit 3150b66305bea67a83ce289c42c85efc669088d3)
---
.../android/email/activity/ComposeActivityEmailExternal.java | 3 +++
1 file changed, 3 insertions(+)
diff --git a/src/com/android/email/activity/ComposeActivityEmailExternal.java b/src/com/android/email/activity/ComposeActivityEmailExternal.java
index a5cbe9d3a..a94313a86 100644
--- a/src/com/android/email/activity/ComposeActivityEmailExternal.java
+++ b/src/com/android/email/activity/ComposeActivityEmailExternal.java
@@ -49,6 +49,9 @@ private void sanitizeIntent() {
Intent sanitizedIntent = getIntent();
if (sanitizedIntent != null) {
Bundle originalExtras = sanitizedIntent.getExtras();
+ if (originalExtras == null) {
+ originalExtras = new Bundle();
+ }
sanitizedIntent.replaceExtras(new Bundle());
copyStringExtraIfExists(ComposeActivity.EXTRA_SUBJECT, originalExtras, sanitizedIntent);
copyStringExtraIfExists(ComposeActivity.EXTRA_TO, originalExtras, sanitizedIntent);

View File

@ -1,36 +0,0 @@
From ff9c00d3b29dfd10b3332625ebed85a46f56bac6 Mon Sep 17 00:00:00 2001
From: Tad <tad@spotco.us>
Date: Tue, 18 Dec 2018 23:28:32 -0500
Subject: [PATCH] Remove CMStats
Change-Id: I5439906a93869efae9d294d3197e4ada80a0c248
---
src/com/android/incallui/ContactInfoCache.java | 5 -----
1 file changed, 5 deletions(-)
diff --git a/src/com/android/incallui/ContactInfoCache.java b/src/com/android/incallui/ContactInfoCache.java
index bccc7fc..4bbf8fa 100644
--- a/src/com/android/incallui/ContactInfoCache.java
+++ b/src/com/android/incallui/ContactInfoCache.java
@@ -29,7 +29,6 @@ import android.telephony.PhoneNumberUtils;
import android.text.TextUtils;
import com.android.dialer.calllog.ContactInfo;
-import com.android.dialer.cmstats.DialerStats;
import com.android.dialer.lookup.ReverseLookupThread;
import com.android.incallui.service.PhoneNumberService;
import com.android.incalluibind.ServiceFactory;
@@ -350,10 +349,6 @@ public class ContactInfoCache implements ContactsAsyncHelper.OnImageLoadComplete
entry.photo = null;
}
- DialerStats.sendEvent(mContext,
- DialerStats.Categories.INCALL_CONTACT_IMAGE,
- entry.photo != null ? "incall_image_found" : "incall_image_not_found");
-
sendImageNotifications(callId, entry);
clearCallbacks(callId);
}
--
1.8.3.1

View File

@ -1,45 +0,0 @@
From 248cb503bdf5196dc827a3eb7f216e655cc2ee4b Mon Sep 17 00:00:00 2001
From: George Chang <georgekgchang@google.com>
Date: Tue, 9 Jul 2019 15:46:28 +0800
Subject: [PATCH] Prevent length underflow in NfcTag.cpp
Bug: 124940143
Test: Read Type4B Tag
Exempt-From-Owner-Approval: Old Owners are all transferred to another BU
Change-Id: Ibdab756410bf55d701875279df3e289dbc9369d6
(cherry picked from commit c7b41a96744e1ac30920991ef1b427acbcde44db)
---
nci/jni/NfcTag.cpp | 13 ++++++++++++-
1 file changed, 12 insertions(+), 1 deletion(-)
diff --git a/nci/jni/NfcTag.cpp b/nci/jni/NfcTag.cpp
index b0fe9ab7..9a08dea2 100755
--- a/nci/jni/NfcTag.cpp
+++ b/nci/jni/NfcTag.cpp
@@ -40,6 +40,7 @@
#include "JavaClassConstants.h"
#include <ScopedLocalRef.h>
#include <ScopedPrimitiveArray.h>
+#include <log/log.h>
extern "C"
{
@@ -712,7 +713,17 @@ void NfcTag::fillNativeNfcTagMembers3 (JNIEnv* e, jclass tag_cls, jobject tag, t
*****************/
ALOGD ("%s: tech B; TARGET_TYPE_ISO14443_3B", fn);
len = mTechParams [i].param.pb.sensb_res_len;
- len = len - 4; //subtract 4 bytes for NFCID0 at byte 2 through 5
+ if (len >= NFC_NFCID0_MAX_LEN)
+ {
+ // subtract 4 bytes for NFCID0 at byte 2 through 5
+ len = len - NFC_NFCID0_MAX_LEN;
+ }
+ else
+ {
+ android_errorWriteLog(0x534e4554, "124940143");
+ ALOGE ("%s: sensb_res_len error", fn);
+ len = 0;
+ }
pollBytes.reset(e->NewByteArray(len));
e->SetByteArrayRegion(pollBytes.get(), 0, len, (jbyte*) (mTechParams [i].param.pb.sensb_res+4));
}

View File

@ -1,84 +0,0 @@
From dec39e7972d1f57b07b924eb33c4ee6b00e78147 Mon Sep 17 00:00:00 2001
From: Tad <tad@spotco.us>
Date: Tue, 18 Dec 2018 23:27:04 -0500
Subject: [PATCH] Remove CMStats
Change-Id: Ia1d9157ab9091176d73bf603e49d8b444218cb16
---
AndroidManifest.xml | 26 ----------------------
src/com/android/settings/Settings.java | 1 -
.../settings/cyanogenmod/PrivacySettings.java | 2 --
3 files changed, 29 deletions(-)
diff --git a/AndroidManifest.xml b/AndroidManifest.xml
index b562de2..f7f9396 100644
--- a/AndroidManifest.xml
+++ b/AndroidManifest.xml
@@ -1872,14 +1872,6 @@
<activity android:name=".ApnEditor" />
- <activity android:name="Settings$AnonymousStatsActivity"
- android:label="@string/anonymous_statistics_title"
- android:configChanges="orientation|keyboardHidden|screenSize"
- android:clearTaskOnLaunch="true">
- <meta-data android:name="com.android.settings.FRAGMENT_CLASS"
- android:value="com.android.settings.cmstats.AnonymousStats" />
- </activity>
-
<activity android:name=".cyanogenmod.ChangeLog" />
<activity android:name=".cyanogenmod.ContributorsCloud" />
@@ -2137,24 +2129,6 @@
</intent-filter>
</receiver>
- <!-- Anonymous Statistics -->
- <receiver android:name=".cmstats.ReportingServiceManager"
- android:enabled="true"
- android:exported="false"
- android:label="ReportingServiceManager">
- <intent-filter>
- <action android:name="android.intent.action.BOOT_COMPLETED" />
- <action android:name="android.net.conn.CONNECTIVITY_CHANGE" />
- </intent-filter>
- </receiver>
-
- <service android:label="ReportingService"
- android:enabled="true"
- android:exported="false"
- android:name=".cmstats.ReportingService">
- </service>
-
-
<!-- Watch for ContactsContract.Profile changes and update the user's photo. -->
<receiver android:name=".users.ProfileUpdateReceiver">
<intent-filter>
diff --git a/src/com/android/settings/Settings.java b/src/com/android/settings/Settings.java
index 81b8cf6..4642581 100644
--- a/src/com/android/settings/Settings.java
+++ b/src/com/android/settings/Settings.java
@@ -1403,7 +1403,6 @@ public class Settings extends PreferenceActivity
public static class PaymentSettingsActivity extends Settings { /* empty */ }
public static class PrintSettingsActivity extends Settings { /* empty */ }
public static class PrintJobSettingsActivity extends Settings { /* empty */ }
- public static class AnonymousStatsActivity extends Settings { /* empty */ }
public static class ApnSettingsActivity extends Settings { /* empty */ }
public static class ApnEditorActivity extends Settings { /* empty */ }
public static class BlacklistSettingsActivity extends Settings { /* empty */ }
diff --git a/src/com/android/settings/cyanogenmod/PrivacySettings.java b/src/com/android/settings/cyanogenmod/PrivacySettings.java
index 49bc7b4..6c2ca8e 100644
--- a/src/com/android/settings/cyanogenmod/PrivacySettings.java
+++ b/src/com/android/settings/cyanogenmod/PrivacySettings.java
@@ -53,8 +53,6 @@ public class PrivacySettings extends SettingsPreferenceFragment {
getPreferenceScreen().removePreference(mBlacklist);
mBlacklist = null;
}
-
- addPreferencesFromResource(R.xml.security_settings_cyanogenmod);
}
@Override
--
1.8.3.1

View File

@ -1,85 +0,0 @@
From f2fdb82e9c4f396657239ae68d300510c6be4b63 Mon Sep 17 00:00:00 2001
From: MSe1969 <mse1969@posteo.de>
Date: Mon, 24 Sep 2018 21:09:57 +0200
Subject: [PATCH] Settings/DeviceInfo - Provide "patch level" explanation and
disclaimer
Make it clear to the user, that this is an outdated, no longer
supported Android version. And that we have only backported stuff
from newer Android versions in the monthly Android security bulletins.
Change-Id: I6d706dcb598dd836c6a6f0b499782be9bd59b4dc
---
res/values/cm_strings.xml | 3 +++
res/xml/device_info_settings.xml | 2 +-
src/com/android/settings/DeviceInfoSettings.java | 11 ++++++++++-
3 files changed, 14 insertions(+), 2 deletions(-)
diff --git a/res/values/cm_strings.xml b/res/values/cm_strings.xml
index 67348ac05ac..defc226c12e 100644
--- a/res/values/cm_strings.xml
+++ b/res/values/cm_strings.xml
@@ -1463,4 +1463,7 @@ two in order to insert additional control points. \'Remove\' deletes the selecte
<string name="lock_to_cyanogen_disable_msg">Disabling this feature will allow unauthorized users to reset your phone to factory defaults if it is stolen. Your personal data may not be protected. Do you want to disable this feature?</string>
<string name="lock_to_cyanogen_master_clear_warning">Device Protection is enabled. Please disable to continue resetting your device.</string>
+ <!-- "Legacy" Security Patch label -->
+ <string name="security_patch_legacy">Unofficial security backport</string>
+ <string name="security_patch_legacy_info">There are no official security patches for this Android version anymore.\nAll patches contained in this build are backports from newer versions.</string>
</resources>
diff --git a/res/xml/device_info_settings.xml b/res/xml/device_info_settings.xml
index bcee3a76413..9081296a8aa 100644
--- a/res/xml/device_info_settings.xml
+++ b/res/xml/device_info_settings.xml
@@ -145,7 +145,7 @@
<!-- Security patch level -->
<Preference android:key="security_patch"
style="?android:preferenceInformationStyle"
- android:title="@string/security_patch"
+ android:title="@string/security_patch_legacy"
android:summary="@string/device_info_default"/>
<!-- Device FCC equipment id -->
diff --git a/src/com/android/settings/DeviceInfoSettings.java b/src/com/android/settings/DeviceInfoSettings.java
index cc7f7020c3a..b00f545ef99 100644
--- a/src/com/android/settings/DeviceInfoSettings.java
+++ b/src/com/android/settings/DeviceInfoSettings.java
@@ -17,6 +17,7 @@
package com.android.settings;
import android.app.Activity;
+import android.app.AlertDialog;
import android.content.Context;
import android.content.Intent;
import android.content.pm.PackageInfo;
@@ -111,7 +112,7 @@ public void onCreate(Bundle icicle) {
try {
SimpleDateFormat template = new SimpleDateFormat("yyyy-MM-dd");
Date patchDate = template.parse(patch);
- String format = DateFormat.getBestDateTimePattern(Locale.getDefault(), "dMMMMyyyy");
+ String format = DateFormat.getBestDateTimePattern(Locale.getDefault(), "MMMMyyyy");
patch = DateFormat.format(format, patchDate).toString();
} catch (ParseException e) {
// broken parse; fall through and use the raw string
@@ -131,6 +132,7 @@ public void onCreate(Bundle icicle) {
setValueSummary(KEY_MOD_VERSION, "ro.cm.display.version");
findPreference(KEY_MOD_VERSION).setEnabled(true);
setValueSummary(KEY_MOD_BUILD_DATE, "ro.build.date");
+ findPreference(KEY_SECURITY_PATCH).setEnabled(true);
if (!SELinux.isSELinuxEnabled()) {
String status = getResources().getString(R.string.selinux_status_disabled);
@@ -306,6 +308,13 @@ public boolean onPreferenceTreeClick(PreferenceScreen preferenceScreen, Preferen
Log.e(LOG_TAG, "Unable to start activity " + intent.toString());
}
}
+ } else if (preference.getKey().equals(KEY_SECURITY_PATCH)) {
+ new AlertDialog.Builder(getActivity())
+ .setTitle(R.string.security_patch)
+ .setIcon(android.R.drawable.ic_dialog_alert)
+ .setMessage(R.string.security_patch_legacy_info)
+ .setNegativeButton(R.string.cancel, null)
+ .create().show();
}
return super.onPreferenceTreeClick(preferenceScreen, preference);
}

View File

@ -1,96 +0,0 @@
From a63ed5dc0c965d0e9455dbfab40903e8a0e916d8 Mon Sep 17 00:00:00 2001
From: MSe1969 <mse1969@posteo.de>
Date: Sat, 29 Sep 2018 12:19:18 +0200
Subject: [PATCH] Settings/DeviceInfo - Translations for patch level disclaimer
cm-11.0 does not receive any more translations from 'crowdin'
Translations contained in this patch: DE/ES/FR/IT/PL/RU/UA
Change-Id: I5426cc4a73859271c1a772817520a247b1697c3f
---
res/values-de/cm_strings.xml | 2 ++
res/values-es/cm_strings.xml | 2 ++
res/values-fr/cm_strings.xml | 2 ++
res/values-it/cm_strings.xml | 2 ++
res/values-pl/cm_strings.xml | 2 ++
res/values-ru/cm_strings.xml | 2 ++
res/values-uk/cm_strings.xml | 2 ++
7 files changed, 14 insertions(+)
diff --git a/res/values-de/cm_strings.xml b/res/values-de/cm_strings.xml
index 8bb1fed83c4..7121ab1090f 100644
--- a/res/values-de/cm_strings.xml
+++ b/res/values-de/cm_strings.xml
@@ -1038,4 +1038,6 @@ auf <xliff:g id="new" example="libart.so">%2$s</xliff:g> zu ändern?</string>
<string name="lock_to_cyanogen_create_account_msg">Das Passwort Ihres Cyanogen OS-Kontos wird genutzt, um Ihr Gerät auch beim Rücksetzen auf Werkseinstellungen zu schützen. Dazu müssen Sie ein Cyanogen OS-Konto anlegen.</string>
<string name="lock_to_cyanogen_disable_msg">Deaktivieren dieser Funktion erlaubt es nicht autorisierten Benutzern Ihr Telefon auf Werkseinstellungen zurückzusetzen, wenn es gestohlen wird. Ihre persönlichen Daten können nicht sicher sein. Wollen Sie diese Funktion deaktivieren?</string>
<string name="lock_to_cyanogen_master_clear_warning">Geräteschutz ist aktiviert. Bitte deaktivieren, um mit dem Zurücksetzen Ihres Gerätes fortzufahren.</string>
+ <string name="security_patch_legacy">Inoffizielle Sicherheitsstufe</string>
+ <string name="security_patch_legacy_info">Für diese Android-Version sind keine offiziellen Sicherheitsupdates mehr erhältlich.\nAlle enthaltenen Patches wurden aus neueren Versionen rückportiert.</string>
</resources>
diff --git a/res/values-es/cm_strings.xml b/res/values-es/cm_strings.xml
index a9b656ae788..883290b29ef 100644
--- a/res/values-es/cm_strings.xml
+++ b/res/values-es/cm_strings.xml
@@ -1023,4 +1023,6 @@ Tocando de forma prolongada cada línea se mostrarán opciones adicionales. Sele
<string name="lock_to_cyanogen_create_account_msg">El dispositivo usa una contraseña de cuenta de Cyanogen OS para protegerse incluso después de un restablecimiento de fábrica. Necesitarás crear una cuenta de Cyanogen OS.</string>
<string name="lock_to_cyanogen_disable_msg">Deshabilitar esta característica permitirá que usuarios no autorizados puedan restablecer a fábrica el dispositivo si éste es sustraído. Tus datos personales podrán quedar desprotegidos. ¿Quieres deshabilitar esta característica?</string>
<string name="lock_to_cyanogen_master_clear_warning">La protección del dispositivo está habilitada. Por favor, deshabilita la protección para continuar con el restablecimiento del dispositivo.</string>
+ <string name="security_patch_legacy">Parche de seguridad no oficial</string>
+ <string name="security_patch_legacy_info">No hay actualizaciones de seguridad oficiales disponibles para esta versión de Android.\nTodos los parches incluidos fueron portados desde versiones más nuevas.</string>
</resources>
diff --git a/res/values-fr/cm_strings.xml b/res/values-fr/cm_strings.xml
index a5b212d13f3..21fdcbfc52b 100644
--- a/res/values-fr/cm_strings.xml
+++ b/res/values-fr/cm_strings.xml
@@ -1023,4 +1023,6 @@ Des options supplémentaires sont disponibles en appuyant longtemps sur une lign
<string name="lock_to_cyanogen_create_account_msg">Votre appareil utilise le mot de passe du compte Cyanogen OS pour protéger votre appareil même dans le cas d\'une réinitialisation d\'usine. Vous devrez créer un compte Cyanogen OS.</string>
<string name="lock_to_cyanogen_disable_msg">La désactivation de cette fonction permettra à des utilisateurs non autorisés de réinitialiser votre téléphone aux paramètres par défaut s\'il est volé. Vos données personnelles ne peuvent pas être protégées. Voulez-vous désactiver cette fonction ?</string>
<string name="lock_to_cyanogen_master_clear_warning">La protection de l\'appareil est activée. Veuillez la désactiver pour continuer la réinitialisation de votre appareil.</string>
+ <string name="security_patch_legacy">Niveau de sécurité non officiel</string>
+ <string name="security_patch_legacy_info">Il n\'y a pas de mises à jour de sécurité officielles disponibles pour cette version d\'Android.\nTous les correctifs contenus ont été répliqués à partir de versions plus récentes.</string>
</resources>
diff --git a/res/values-it/cm_strings.xml b/res/values-it/cm_strings.xml
index 59d76b59c9a..981ed9879a9 100644
--- a/res/values-it/cm_strings.xml
+++ b/res/values-it/cm_strings.xml
@@ -1034,4 +1034,6 @@ inserire punti di controllo aggiuntivi. \'Rimuovi\' elimina la riga selezionata.
<string name="lock_to_cyanogen_create_account_msg">Il dispositivo utilizza la password dell\'account Cyanogen OS per proteggerlo anche in caso di un reset di fabbrica. Devi creare un account Cyanogen OS.</string>
<string name="lock_to_cyanogen_disable_msg">Disattivando questa funzione gli utenti non autorizzati potranno ripristinare il telefono alle impostazioni di fabbrica, se viene rubato. I dati personali non possono essere protetti. Desideri disattivare questa funzione?</string>
<string name="lock_to_cyanogen_master_clear_warning">La protezione del dispositivo è attiva. Disattivala per ripristinare il tuo dispositivo.</string>
+ <string name="security_patch_legacy">Backport di sicurezza non ufficiale</string>
+ <string name="security_patch_legacy_info">Non ci sono più patch di sicurezza ufficiali per questa versione di Android.\nTutte le patch contenute in questa build sono backport dalle versioni più recenti.</string>
</resources>
diff --git a/res/values-pl/cm_strings.xml b/res/values-pl/cm_strings.xml
index e1a7ad91ac1..dcadae48874 100644
--- a/res/values-pl/cm_strings.xml
+++ b/res/values-pl/cm_strings.xml
@@ -1024,4 +1024,6 @@ Dodatkowe opcje są dostępne przez długie przytrzymanie linii. Wybierając opc
<string name="lock_to_cyanogen_create_account_msg">Twoje urządzenie korzysta z hasła twojego konta Cyanogen OS, aby chronić twoje urządzenie nawet w przypadku przywrócenia ustawień fabrycznych. Musisz utworzyć konto Cyanogen OS.</string>
<string name="lock_to_cyanogen_disable_msg">Wyłączenie tej funkcji umożliwi nieautoryzowanym użytkownikom na przywrócenie ustawień fabrycznych jeśli twoje urządzenie zostanie zgubione. Twoje prywatne dane mogą nie być chronione. Czy chcesz wyłączyć tę funkcję?</string>
<string name="lock_to_cyanogen_master_clear_warning">Ochrona urządzenia jest włączona. Proszę wyłącz ją, aby kontynuować resetowanie urządzenia.</string>
+ <string name="security_patch_legacy">Nieoficjalna aktualizacja zabezpieczeń</string>
+ <string name="security_patch_legacy_info">Nie ma oficjalnych aktualizacji zabezpieczeń dla tej wersji Androida.\nWszystkie zawarte łaty zostały przeniesione z nowszych wersji.</string>
</resources>
diff --git a/res/values-ru/cm_strings.xml b/res/values-ru/cm_strings.xml
index 14186323da3..cf9ac14991d 100644
--- a/res/values-ru/cm_strings.xml
+++ b/res/values-ru/cm_strings.xml
@@ -1024,4 +1024,6 @@
<string name="lock_to_cyanogen_create_account_msg">Устройство использует пароль аккаунта ОС Cyanogen для защиты устройства от сброса настроек. Потребуется создать новый аккаунт ОС Cyanogen.</string>
<string name="lock_to_cyanogen_disable_msg">Отключение этой функции позволит другим людям выполнить удаление всех данных на устройстве в случае его кражи. Ваши личные данные могут стать недостаточно защищёнными. Вы действительно хотите отключить эту функцию?</string>
<string name="lock_to_cyanogen_master_clear_warning">Защита устройства включена. Необходимо отключить её, чтобы выполнить сброс настроек на устройстве.</string>
+ <string name="security_patch_legacy">Неофициальные исправления безопасности</string>
+ <string name="security_patch_legacy_info">Официальные исправления безопасности более не выпускаются для данной версии Android.\nВсе исправления, представленные в этой сборке, адаптированы из более новых версий системы.</string>
</resources>
diff --git a/res/values-uk/cm_strings.xml b/res/values-uk/cm_strings.xml
index 00f896b862e..0eba0913b9b 100644
--- a/res/values-uk/cm_strings.xml
+++ b/res/values-uk/cm_strings.xml
@@ -1024,4 +1024,6 @@
<string name="lock_to_cyanogen_create_account_msg">Ваш пристрій використовує пароль облікового запису Cyanogen OS для захисту навіть у разі повернення до заводських налаштувань. Вам потрібно буде створити обліковий запис Cyanogen OS.</string>
<string name="lock_to_cyanogen_disable_msg">Вимкнення цієї функції дозволить неавторизованим користувачам скинути до заводських налаштувань телефон, наприклад, при викраденні. Ваші персональні дані не будуть захищені. Ви хочете вимкнути цю функцію?</string>
<string name="lock_to_cyanogen_master_clear_warning">Захист пристрою увімкнено. Необхідно вимкнути його, щоб виконати скидання налаштувань на пристрої.</string>
+ <string name="security_patch_legacy">Неофіційні виправлення безпеки</string>
+ <string name="security_patch_legacy_info">Офіційні виправлення безпеки більше не випускаються для даної версії Android.\nУсі виправлення, наявні у цій збірці, адаптовані з новіших версій системи.</string>
</resources>

View File

@ -1,66 +0,0 @@
From 0afe7bd5b556b96ca442f632b9a789bbe4915d48 Mon Sep 17 00:00:00 2001
From: Fan Zhang <zhfan@google.com>
Date: Thu, 14 Feb 2019 16:07:37 -0800
Subject: [PATCH] Do not allow draw on top for default sms picker.
Fixes: 120484087
Test: manual
Change-Id: I4be265565678302fad207839216d5cd65dcb6e94
Merged-In: I4be265565678302fad207839216d5cd65dcb6e94
(cherry picked from commit 9d46e1fdfe1b70618c5a92c3e3461a4b379db236)
(cherry picked from commit 95d0fb7f4911403844666632ece42467f60ad753)
---
.../android/settings/SmsDefaultDialog.java | 22 ++++++++++++++++++-
1 file changed, 21 insertions(+), 1 deletion(-)
diff --git a/src/com/android/settings/SmsDefaultDialog.java b/src/com/android/settings/SmsDefaultDialog.java
index 3a3848ba4f7..f4adc4a3aee 100644
--- a/src/com/android/settings/SmsDefaultDialog.java
+++ b/src/com/android/settings/SmsDefaultDialog.java
@@ -16,6 +16,8 @@
package com.android.settings;
+import static android.view.WindowManager.LayoutParams.PRIVATE_FLAG_HIDE_NON_SYSTEM_OVERLAY_WINDOWS;
+
import android.content.ComponentName;
import android.content.Context;
import android.content.DialogInterface;
@@ -31,12 +33,30 @@
import com.android.internal.telephony.SmsApplication;
import com.android.internal.telephony.SmsApplication.SmsApplicationData;
import com.android.settings.R;
+import android.view.Window;
+import android.view.WindowManager;
public final class SmsDefaultDialog extends AlertActivity implements
DialogInterface.OnClickListener {
private ComponentName mNewDefault;
private SmsApplicationData mNewSmsApplicationData;
+ @Override
+ protected void onStart() {
+ super.onStart();
+ getWindow().addPrivateFlags(PRIVATE_FLAG_HIDE_NON_SYSTEM_OVERLAY_WINDOWS);
+ android.util.EventLog.writeEvent(0x534e4554, "120484087", -1, "");
+ }
+
+ @Override
+ protected void onStop() {
+ super.onStop();
+ final Window window = getWindow();
+ final WindowManager.LayoutParams attrs = window.getAttributes();
+ attrs.privateFlags &= ~PRIVATE_FLAG_HIDE_NON_SYSTEM_OVERLAY_WINDOWS;
+ window.setAttributes(attrs);
+ }
+
@Override
protected void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
@@ -103,4 +123,4 @@ private boolean buildDialog(String packageName) {
return true;
}
-}
\ No newline at end of file
+}

View File

@ -1,66 +0,0 @@
From d64211dbe4c630e7bc1ffd68ec977525f9b334e9 Mon Sep 17 00:00:00 2001
From: Raman Tenneti <rtenneti@google.com>
Date: Mon, 13 May 2019 11:57:09 -0700
Subject: [PATCH] AOSP/UnifiedEmail - bug fix to composing messages.
As part of porting https://critique.corp.google.com/#review/247540041,
needed to make EXTRA_TO, EXTRA_CC, EXTRA_BCC, EXTRA_SUBJECT, EXTRA_BODY
public so that they couuld be accessed from packages/apps/Email package.
Bug: 127320867
Test: manual - Ran the following tests on Pixel phone. Tested the email UI.
$ make -j 40
-rw-r--r-- 1 rtenneti primarygroup 6375626 May 5 19:49 out/target/product/marlin/system/product/app/Email/Email.apk
$ make UnifiedEmailTests -j
-rw-r--r-- 1 rtenneti primarygroup 311703 May 5 20:04 out/target/product/marlin/testcases/UnifiedEmailTests/arm64/UnifiedEmailTests.apk
$ make EmailTests -j
-rw-r--r-- 1 rtenneti primarygroup 365023 May 13 14:39 out/target/product/marlin/testcases/EmailTests/arm64/EmailTests.apk
$ adb install -r out/target/product/marlin/system/product/app/Email/Email.apk
$ adb install -r out/target/product/marlin/testcases/EmailTests/arm64/EmailTests.apk
$ adb install -r out/target/product/marlin/testcases/UnifiedEmailTests/arm64/UnifiedEmailTests.apk
$ adb shell am instrument -w com.android.mail.emailtests
Time: 3.519
OK (157 tests)
Change-Id: I2a0e1048bac20c4346ec16d4bc8151297971fe0d
Merged-In: I2a0e1048bac20c4346ec16d4bc8151297971fe0d
(cherry picked from commit 8c19e4f8fa80ab21da9bd684f038f24cb1240011)
---
src/com/android/mail/compose/ComposeActivity.java | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/src/com/android/mail/compose/ComposeActivity.java b/src/com/android/mail/compose/ComposeActivity.java
index b1bed47ee..d4da5327c 100644
--- a/src/com/android/mail/compose/ComposeActivity.java
+++ b/src/com/android/mail/compose/ComposeActivity.java
@@ -153,9 +153,9 @@
private static final String MAIL_TO = "mailto";
- private static final String EXTRA_SUBJECT = "subject";
+ public static final String EXTRA_SUBJECT = "subject";
- private static final String EXTRA_BODY = "body";
+ public static final String EXTRA_BODY = "body";
/**
* Expected to be html formatted text.
@@ -168,9 +168,9 @@
// Extra that we can get passed from other activities
@VisibleForTesting
- protected static final String EXTRA_TO = "to";
- private static final String EXTRA_CC = "cc";
- private static final String EXTRA_BCC = "bcc";
+ public static final String EXTRA_TO = "to";
+ public static final String EXTRA_CC = "cc";
+ public static final String EXTRA_BCC = "bcc";
/**
* An optional extra containing a {@link ContentValues} of values to be added to

View File

@ -1,30 +0,0 @@
From f19ab3bce2115c6ddf24528885305c3ba038f29b Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Tue, 10 Jul 2018 08:22:08 -0400
Subject: [PATCH] Harden mounts
Change-Id: I2db94882224672cac3e54f7d8422d1e036828378
---
init/init.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/init/init.c b/init/init.c
index 53e0dae1..d022253b 100644
--- a/init/init.c
+++ b/init/init.c
@@ -1136,9 +1136,9 @@ int main(int argc, char **argv)
mount("tmpfs", "/dev", "tmpfs", MS_NOSUID, "mode=0755");
mkdir("/dev/pts", 0755);
mkdir("/dev/socket", 0755);
- mount("devpts", "/dev/pts", "devpts", 0, NULL);
- mount("proc", "/proc", "proc", 0, NULL);
- mount("sysfs", "/sys", "sysfs", 0, NULL);
+ mount("devpts", "/dev/pts", "devpts", MS_NOSUID|MS_NOEXEC, NULL);
+ mount("proc", "/proc", "proc", MS_NOSUID|MS_NODEV|MS_NOEXEC, NULL);
+ mount("sysfs", "/sys", "sysfs", MS_NOSUID|MS_NODEV|MS_NOEXEC, NULL);
/* indicate that booting is in progress to background fw loaders, etc */
close(open("/dev/.booting", O_WRONLY | O_CREAT, 0000));
--
2.18.0

View File

@ -1,680 +0,0 @@
#!/bin/bash
cd "$DOS_BUILD_BASE""kernel/zte/msm8930"
git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/3.4/3.4.0002-0003.patch --exclude=Makefile
git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/3.4/3.4.0032-0033.patch --exclude=Makefile
git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/3.4/3.4.0046-0047.patch --exclude=Makefile
git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/3.4/3.4.0059-0060.patch --exclude=Makefile
git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/3.4/3.4.0077-0078.patch --exclude=Makefile
git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/3.4/3.4.0085-0086.patch --exclude=Makefile
git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/3.4/3.4.0089-0090.patch --exclude=Makefile
git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/3.4/3.4.0090-0091.patch --exclude=Makefile
git apply $DOS_PATCHES_LINUX_CVES/0002-Misc_Fixes/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/0002-Misc_Fixes/ANY/0007.patch
git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc/ANY/0008.patch
git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc2/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/0005-AndroidHardening-Deny_USB/3.4/3.4-Backport.patch
git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/0090-Unknown/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-2119/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-2136/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-2137/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-2372/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-2373/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-2390/3.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-2390/^3.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-2669/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-3364/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-3400/3.4/0005.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-3412/3.4/0006.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-3412/3.4/0007.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-3430/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-3511/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-4461/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-4467/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-4508/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-4530/3.4/0005.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-4530/3.4/0006.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-4565/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-5532/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6536/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6537/3.4/0007.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6537/3.4/0008.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6537/3.4/0009.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6538/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6539/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6540/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6541/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6542/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6544/3.4/0007.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6544/3.4/0008.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6544/3.4/0009.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6544/^3.6/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6545/3.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6545/3.4/0005.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6545/3.4/0006.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6546/3.4/0005.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6546/3.4/0006.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6548/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6549/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6647/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6657/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6701/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6703/^3.6/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6703/^3.6/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6704/^3.5/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-0216/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-0217/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-0228/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-0231/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-0268/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-0290/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-0309/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-0310/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-0311/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-0313/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-0343/3.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-0349/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-0871/3.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-0871/3.4/0005.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-0871/3.4/0006.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-0913/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-1059/3.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-1767/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-1774/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-1792/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-1796/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-1797/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-1798/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-1826/3.4/0005.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-1826/3.4/0006.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-1827/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-1848/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-1928/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-1929/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-1957/^3.9/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-1979/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-2015/3.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-2140/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-2141/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-2146/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-2147/3.4/0007.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-2147/3.4/0008.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-2148/3.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-2164/3.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-2206/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-2232/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-2234/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-2237/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-2546/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-2596-UPSTREAM/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-2596-UPSTREAM/3.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-2634/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-2635/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-2850/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-2851/3.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-2852/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-2888/3.4/0007.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-2888/3.4/0008.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-2889/3.4/0007.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-2889/3.4/0008.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-2892/3.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-2893/3.4/0005.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-2896/3.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-2897/3.4/0005.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-2899/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-2929/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-2930/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3076/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3222/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3223/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3224/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3225/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3227/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3228/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3229/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3231/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3233/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3234/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3235/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3301/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-4162/3.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-4299/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-4345/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-4348/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-4350/3.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-4387/3.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-4470/^3.12/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-4512/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-4513/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-4514/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-4515/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-4579/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-4587/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-4592/3.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-6367/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-6378/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-6380/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-6381/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-6382/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-6383/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-6885/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-7027/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-7266/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-7339/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-7446/3.4/0006.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-7446/^4.3.3/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-0055/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-0069/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-0077/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-0101/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-1438/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-1444/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-1445/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-1446/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-1739/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-1874/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-2039/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-2309/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-2672/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-2678/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-2706/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-3122/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-3144/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-3153/3.4/0010.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-3153/3.4/0011.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-3181/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-3183/3.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-3184/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-3186/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-3534/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-3601/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-3610/3.4/0005.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-3610/3.4/0006.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-3611/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-3645/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-3646/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-3687/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-3688/^3.17.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-3690/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-3917/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-4171/3.4/0007.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-4171/3.4/0008.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-4171/3.4/0009.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-4323/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-4508/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-4652/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-4653/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-4654/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-4656/3.4/0005.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-4656/3.4/0006.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-4667/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-4699/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-5077/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-5471/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-6416/3.4/0005.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-6416/3.4/0006.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-7207/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-7822/3.2-^3.16/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-7841/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-7842/^3.17/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-7970/3.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-7975/^3.17/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-8133/3.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-8134/3.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-8159/3.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-8172/3.4/0009.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-8369/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-8709/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-9090/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-9410/ANY/msm.git-43b4ff3bf3fbb02e85defcea939629f46506a217.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-9419/3.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-9420/3.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-9529/3.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-9584/3.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-9585/3.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-9683/3.4/0005.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-9728/3.4/0007.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-9728/3.4/0009.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-9731/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-9870/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-9888/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-9900/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-0568/ANY/msm.git-8de3fe39e7c40190f82832253ed5946714e5bff1.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-1420/3.2-^3.19.1/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-1421/3.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-1593/3.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-1805/3.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-2041/3.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-2042/^3.19/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-2150/3.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-2686/^3.19.3/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-2830/3.4/0004.patch
#git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-2922/^3.19.6/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-2925/3.4/0007.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-3212/3.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-3331/3.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-3339/3.4/0005.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-3636/3.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-4002/3.4/0007.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-4003/3.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-4167/3.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-4700/3.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-5156/3.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-5257/3.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-5307/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-5364/3.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-5697/3.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-6252/3.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-6526/3.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-6937/3.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7515/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7550/3.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7566/^4.4.1/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7613/3.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7799/3.4/0007.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7799/3.4/0008.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7990/3.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8104/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8215/3.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8539/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8543/3.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8551/3.4/0011.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8551/3.4/0012.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8551/3.4/0013.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8551/3.4/0014.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8551/3.4/0015.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8569/3.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8575/3.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8746/^4.2.2/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8767/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8785/3.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8812/^4.5/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8816/3.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8839/3.4/0018.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8937/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8939/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8944/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8962/3.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-9004/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-0723/^4.4.1/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-0774/^3.10/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-0806/prima/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-0806/prima/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-0806/prima/0006.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-0806/prima/0007.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-0806/prima/0010.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-0821/^4.3/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-0823/3.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2085/^4.5/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2184/3.4/0018.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2185/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2186/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2187/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2188/3.4/0018.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2188/3.4/0019.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2384/^4.5/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2438/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2543/^4.4.1/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2544/^4.4.1/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2545/^4.4.1/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2546/3.4/0009.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2549/^4.4.1/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3134/^4.5.2/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3135/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3136/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3137/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3138/3.4/0010.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3140/3.4/0010.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3156/3.4/0008.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3157/3.4/0008.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3854/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3857/3.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3865/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3894/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3907/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3951/3.4/0016.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-4470/3.4/0008.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-4485/^4.5.5/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-4486/3.4/0010.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-4569/^4.6/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-4578/^4.6/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-4578/^4.6/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-4580/^4.5.5/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-4805/^4.5.2/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-4913/^4.5.5/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5195/3.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5244/^4.6.3/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5346/3.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5828/^4.6.3/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5829/^4.6.3/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6480/^4.7/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6672/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6728/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6742/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6753/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6791/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6828/^4.7.5/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-7117/3.4/0009.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-7117/^4.5.2/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-7910/^4.7.1/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-7911/3.4/0009.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-7915/^4.6/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-7916/3.4/0010.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8399/^4.9/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8404/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8406/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8463/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8646/3.4/0007.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8650/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8655/3.4/0007.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-9555/3.4/0008.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-9576/3.4/0008.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-9604/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-9754/3.4/0009.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-9793/^4.8.14/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-9794/3.4/0008.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-10044/3.4/0007.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-10088/3.4/0010.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-10153/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-10208/3.4/0009.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-10208/3.4/0010.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-10233/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0005.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0006.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0403/3.0-^3.18/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0404/^3.18/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0457/3.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0524/3.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0611/3.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0627/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0630/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0630/3.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0648/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0710/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0751/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0786/3.4/0007.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0794/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0824/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0861/3.4/0009.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0862/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-2618/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-2636/3.4/0010.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-2671/3.4/0010.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-5669/3.4/0010.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-6074/^4.9.11/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-6345/3.4/0009.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-6346/3.4/0010.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-6348/3.4/0010.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-6951/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7184/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7184/3.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7308/3.4/0019.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7308/3.4/0020.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7308/3.4/0021.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7308/3.4/0022.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7472/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7487/3.4/0008.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7533/3.4/0006.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7616/3.4/0010.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7645/^4.10.11/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7889/3.4/0010.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8246/3.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8246/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8254/3.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8254/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8263/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8281/3.4/0007.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8824/^4.14.3/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9074/3.4/0009.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9074/3.4/0010.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9075/3.4/0009.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9077/3.4/0008.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9242/3.4/0008.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9684/3.4/0005.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9714/prima/0003.patch --directory=drivers/staging/prima
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9984/^4.11.7/0001.patch
#git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11015/prima/0001.patch
#git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11015/prima/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11089/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11090/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11176/^4.11.9/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11473/^4.12.2/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11600/3.4/0010.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-12153/3.4/0009.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-12762/^4.12/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13078/prima/0001.patch --directory=drivers/staging/prima
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13080/3.4/0009.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13080-Extra/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13080-Extra/ANY/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13080-Extra/ANY/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13080-Extra/ANY/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13162/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13162/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13166/3.4/0076.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13167/3.4/0012.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13167/3.4/0013.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13167/3.4/0015.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13167/3.4/0016.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13167/3.4/0017.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13167/3.4/0018.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13168/3.4/0008.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13215/3.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13216/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13245/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13246/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13305/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13695/^4.12.9/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14106/^4.12/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14489/^4.13.2/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-15115/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-15265/3.4/0009.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-15649/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-15819/prima/0002.patch --directory=drivers/staging/prima
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-15850/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-15868/3.4/0012.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-15868/3.4/0013.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-15868/3.4/0014.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16526/^4.13.6/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16531/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16532/^4.13.11/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16533/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16535/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16537/^4.13.11/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16643/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16650/^4.13.11/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16939/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17450/^4.14.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17770/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17805/^4.14.8/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17806/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17807/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18079/^4.12.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18360/^4.11.3/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18509/3.4/0006.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000111/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000251/3.4/0006.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000253/3.4/0009.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000363/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000365/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000380/^4.11.5/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-1068/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-1068/^4.16/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-1092/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-3561/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-3584/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5332/^4.14.13/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5333/^4.14.13/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5344/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5750/^4.14.15/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5803/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5835/prima/0001.patch --directory=drivers/staging/prima
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5905/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7492/^4.14.7/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7566/^4.15/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7755/^4.15.7/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7757/^4.15.7/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-8781/^4.15/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9389/3.4/0005.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9416/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9439/ANY/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9516/3.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9568/3.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10021/^4.16/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10087/^4.13/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10124/^4.13/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10675/^4.12.9/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10877/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10877/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10879/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10879/3.4/0005.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10880/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10882/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10940/^4.16.6/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11832/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11939/3.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-12233/^4.17.1/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13053/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13405/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-14634/3.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-15594/^4.18.1/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-16658/^4.18.6/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-16885/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-18710/^4.19/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-19985/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-20169/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-20511/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-1000199/3.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-1000199/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-1000204/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2001/^3.10/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2101/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2215/3.4/0012.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2331/3.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-3459/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-3460/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-3837/^3.14/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-3896/3.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-8912/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-9454/3.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-9456/3.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-9456/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10142/^5.0.17/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10607/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11477/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11479/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11479/3.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11833/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11884/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14040/3.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14053/3.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14283/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14821/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15117/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15213/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15214/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15216/^5.0.14/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15239/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15505/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15807/^5.1.13/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15926/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-16746/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-16746/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-16746/3.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-17052/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-17052/3.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-17052/3.4/0005.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-17052/3.4/0006.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-17133/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-18806/^5.3.5/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19051/^5.3.11/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19066/^5.3.11/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19073/^5.3.11/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19074/^5.3.11/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19524/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19527/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19527/3.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19528/^5.3.7/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19528/^5.3.7/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19532/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19537/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20054/^5.0.6/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20054/^5.0.6/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20096/^5.1/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20636/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20812/3.4/0009.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-0009/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-0040/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-0404/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-0431/^3.18/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-0465/3.4/0015.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-0466/3.4/0015.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-8647/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-8648/3.4/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-8648/3.4/0005.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-8648/3.4/0006.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-9383/^5.5.6/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-10732/3.4/0010.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-10773/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11267/ANY/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11267/ANY/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11282/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11565/^5.6.2/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-12656/^5.6.10/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-13974/^5.7.1/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-14314/^5.9/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-15393/^5.7.6/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-15436/3.4/0008.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-16119/^5.14/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-25643/^5.9/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-25669/^5.7/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-27066/^5.5/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-27068/3.4/0008.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-27815/^5.10/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-28974/^5.10/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-29371/^5.9/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-29661/3.4/0008.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-0512/^5.10/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-0695/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3178/^5.11/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3483/^5.12/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3612/^5.12/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3655/^5.13/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-20261/^3.15/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-27363/^5.12/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-28972/^5.12/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-Misc2/3.4/0060.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-Misc2/ANY/0013.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-Misc2/ANY/0014.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-Misc2/ANY/0019.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-Misc2/ANY/0021.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-Misc2/ANY/0022.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-Misc2/ANY/0025.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-Misc2/ANY/0026.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-Misc2/ANY/0028.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-Misc2/ANY/0029.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-Misc2/ANY/0030.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-Misc2/ANY/0031.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-Misc2/ANY/0032.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-Misc2/ANY/0033.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-Misc2/ANY/0034.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-Misc2/ANY/0036.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-Misc2/ANY/0037.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-Misc2/ANY/0039.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-Misc2/ANY/0040.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-Misc2/ANY/0041.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-Misc2/ANY/0042.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-Misc2/ANY/0043.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-Misc2/ANY/0044.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-Misc2/ANY/0045.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-Misc2/ANY/0046.patch
git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/772877_0001-usb-core-Fix-use-after-free-for-hub-usb-device.patch
git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/797912_0001-usb-gadget-Fix-synchronization-issue-between-f_audio.patch
git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/870057_0001-wcnss-add-null-check-in-pm_ops-unregister.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-4592/3.4/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-9728/3.4/0008.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-4002/3.4/0008.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19051/^5.3.11/0001.patch
editKernelLocalversion "-dos.p676"
cd "$DOS_BUILD_BASE"

View File

@ -1,48 +0,0 @@
#!/bin/bash
#DivestOS: A privacy focused mobile distribution
#Copyright (c) 2017-2018 Divested Computing Group
#
#This program is free software: you can redistribute it and/or modify
#it under the terms of the GNU General Public License as published by
#the Free Software Foundation, either version 3 of the License, or
#(at your option) any later version.
#
#This program is distributed in the hope that it will be useful,
#but WITHOUT ANY WARRANTY; without even the implied warranty of
#MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
#GNU General Public License for more details.
#
#You should have received a copy of the GNU General Public License
#along with this program. If not, see <https://www.gnu.org/licenses/>.
#Changes various default settings
#Last verified: 2018-07-10
#Useful commands
#nano $(find . -name "config.xml" | grep "values/" | grep -v "device" | grep -v "tests")
#nano $(find . -name "defaults.xml" | grep "values/" | grep -v "device")
echo "Changing default settings...";
if enter "packages/apps/Dialer"; then
sed -i 's/ENABLE_FORWARD_LOOKUP, 1)/ENABLE_FORWARD_LOOKUP, 0)/' src/com/android/dialer/*/LookupSettings*.java; #Disable FLP
sed -i 's/ENABLE_PEOPLE_LOOKUP, 1)/ENABLE_PEOPLE_LOOKUP, 0)/' src/com/android/dialer/*/LookupSettings*.java; #Disable PLP
sed -i 's/ENABLE_REVERSE_LOOKUP, 1)/ENABLE_REVERSE_LOOKUP, 0)/' src/com/android/dialer/*/LookupSettings*.java; #Disable RLP
fi;
if enter "packages/apps/Nfc"; then
sed -i 's/boolean NFC_ON_DEFAULT = true;/boolean NFC_ON_DEFAULT = false;/' src/com/android/nfc/NfcService.java; #Disable NFC
sed -i 's/boolean NDEF_PUSH_ON_DEFAULT = true;/boolean NDEF_PUSH_ON_DEFAULT = false;/' src/com/android/nfc/NfcService.java; #Disable NDEF Push
fi;
if enter "packages/apps/Settings"; then
sed -i 's/Float.parseFloat(newValue.toString()) : 1;/Float.parseFloat(newValue.toString()) : 0.5f;/' src/com/android/settings/DevelopmentSettings.java; #Always reset animation scales to 0.5
fi;
if enter "vendor/cm"; then
sed -i 's/ro.config.notification_sound=Argon.ogg/ro.config.notification_sound=Pong.ogg/' config/common*.mk;
sed -i 's/ro.config.alarm_alert=Hassium.ogg/ro.config.alarm_alert=Alarm_Buzzer.ogg/' config/common*.mk;
fi;
cd "$DOS_BUILD_BASE";
echo "Default settings changed!";

View File

@ -1,77 +0,0 @@
#!/bin/bash
#DivestOS: A privacy focused mobile distribution
#Copyright (c) 2017-2020 Divested Computing Group
#
#This program is free software: you can redistribute it and/or modify
#it under the terms of the GNU General Public License as published by
#the Free Software Foundation, either version 3 of the License, or
#(at your option) any later version.
#
#This program is distributed in the hope that it will be useful,
#but WITHOUT ANY WARRANTY; without even the implied warranty of
#MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
#GNU General Public License for more details.
#
#You should have received a copy of the GNU General Public License
#along with this program. If not, see <https://www.gnu.org/licenses/>.
#Last verified: 2018-07-10
patchAllKernels() {
startPatcher "kernel_zte_msm8930";
}
export -f patchAllKernels;
resetWorkspace() {
umask 0022;
repo forall -c 'git add -A && git reset --hard' && rm -rf out && repo sync -j8 --force-sync --detach;
}
export -f resetWorkspace;
scanWorkspaceForMalware() {
local scanQueue="$DOS_BUILD_BASE/abi $DOS_BUILD_BASE/android $DOS_BUILD_BASE/bionic $DOS_BUILD_BASE/bootable $DOS_BUILD_BASE/build $DOS_BUILD_BASE/dalvik $DOS_BUILD_BASE/device $DOS_BUILD_BASE/hardware $DOS_BUILD_BASE/libcore $DOS_BUILD_BASE/libnativehelper $DOS_BUILD_BASE/ndk $DOS_BUILD_BASE/packages $DOS_BUILD_BASE/pdk $DOS_BUILD_BASE/sdk $DOS_BUILD_BASE/system";
scanQueue=$scanQueue" $DOS_BUILD_BASE/vendor/cm $DOS_BUILD_BASE/vendor/cmsdk";
scanForMalware true "$scanQueue";
}
export -f scanWorkspaceForMalware;
buildDevice() {
cd "$DOS_BUILD_BASE";
export OTA_PACKAGE_SIGNING_KEY="$DOS_SIGNING_KEYS/$1/releasekey";
brunch "cm_$1-user" && processRelease $1 false;
}
export -f buildDevice;
buildDeviceDebug() {
cd "$DOS_BUILD_BASE";
unset OTA_PACKAGE_SIGNING_KEY;
brunch "cm_$1-eng";
}
export -f buildDeviceDebug;
buildAll() {
umask 0022;
cd "$DOS_BUILD_BASE";
if [ "$DOS_MALWARE_SCAN_ENABLED" = true ]; then scanWorkspaceForMalware; fi;
if [ "$DOS_OPTIMIZE_IMAGES" = true ]; then optimizeImagesRecursive "$DOS_BUILD_BASE"; fi;
brunch lineage_nex-user && processRelease nex false; #broken encryption
}
export -f buildAll;
patchWorkspace() {
umask 0022;
if [ "$DOS_MALWARE_SCAN_ENABLED" = true ]; then scanForMalware false "$DOS_PREBUILT_APPS $DOS_BUILD_BASE/build $DOS_BUILD_BASE/device $DOS_BUILD_BASE/vendor/cm"; fi;
sed -i "s/'git', 'show', '-q'/'git', 'show'/" build/tools/repopick.py; #fix for old git versions
source build/envsetup.sh;
repopick -ift asb-2018.09-cm11-qcom; #TODO: move in tree
source "$DOS_SCRIPTS/Patch.sh";
source "$DOS_SCRIPTS/Defaults.sh";
source "$DOS_SCRIPTS/Rebrand.sh";
source "$DOS_SCRIPTS_COMMON/Optimize.sh";
source "$DOS_SCRIPTS_COMMON/Deblob.sh";
source "$DOS_SCRIPTS_COMMON/Patch_CVE.sh";
source "$DOS_SCRIPTS_COMMON/Post.sh";
source build/envsetup.sh;
}
export -f patchWorkspace;

View File

@ -1,236 +0,0 @@
#!/bin/bash
#DivestOS: A privacy focused mobile distribution
#Copyright (c) 2015-2019 Divested Computing Group
#
#This program is free software: you can redistribute it and/or modify
#it under the terms of the GNU General Public License as published by
#the Free Software Foundation, either version 3 of the License, or
#(at your option) any later version.
#
#This program is distributed in the hope that it will be useful,
#but WITHOUT ANY WARRANTY; without even the implied warranty of
#MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
#GNU General Public License for more details.
#
#You should have received a copy of the GNU General Public License
#along with this program. If not, see <https://www.gnu.org/licenses/>.
#Last verified: 2018-07-10
#Initialize aliases
#source ../../Scripts/init.sh
#Delete Everything and Sync
#resetWorkspace
#Apply all of our changes
#patchWorkspace
#Build!
#buildDevice [device]
#buildAll
#Generate firmware deblobber
#mka firmware_deblobber
#
#START OF PREPRATION
#
#Download some (non-executable) out-of-tree files for use later on
cd "$DOS_TMP_DIR";
if [ "$DOS_HOSTS_BLOCKING" = true ]; then $DOS_TOR_WRAPPER wget "$DOS_HOSTS_BLOCKING_LIST" -N -O "$DOS_HOSTS_FILE"; fi;
cd "$DOS_BUILD_BASE";
#
#END OF PREPRATION
#
#
#START OF ROM CHANGES
#
#top dir
cp -r "$DOS_PREBUILT_APPS""Fennec_DOS-Shim" "$DOS_BUILD_BASE""packages/apps/"; #Add a shim to install Fennec DOS without actually including the large APK
gpgVerifyDirectory "$DOS_PREBUILT_APPS""android_vendor_FDroid_PrebuiltApps/packages";
cp -r "$DOS_PREBUILT_APPS""android_vendor_FDroid_PrebuiltApps/." "$DOS_BUILD_BASE""vendor/fdroid_prebuilt/"; #Add the prebuilt apps
cp -r "$DOS_PATCHES_COMMON""android_vendor_divested/." "$DOS_BUILD_BASE""vendor/divested/"; #Add our vendor files
#fix prebuilts (disable dexopt and fix suffix)
sed -i 's/LOCAL_DEX_PREOPT := false/LOCAL_MODULE_SUFFIX := $(COMMON_ANDROID_PACKAGE_SUFFIX)/' packages/apps/Fennec_DOS-Shim/Android.mk;
sed -i 's/LOCAL_DEX_PREOPT := false/LOCAL_MODULE_SUFFIX := $(COMMON_ANDROID_PACKAGE_SUFFIX)/' vendor/fdroid_prebuilt/Android.mk;
if enterAndClear "build"; then
sed -i 's/Mms/Silence/' target/product/*.mk; #Replace the Messaging app with Silence
sed -i '497i$(LOCAL_INTERMEDIATE_TARGETS) : PRIVATE_AAPT_FLAGS += --auto-add-overlay' core/base_rules.mk; #Enable auto-add-overlay for packages, this allows the vendor overlay to easily work across all branches.
sed -i '80iLOCAL_AAPT_FLAGS += --auto-add-overlay' core/package.mk;
fi;
if enterAndClear "external/bluetooth/bluedroid"; then
patch -p1 < "$DOS_PATCHES/android_external_bluetooth_bluedroid/251199.patch"; #asb-2019.12-cm11
patch -p1 < "$DOS_PATCHES/android_external_bluetooth_bluedroid/265361.patch"; #asb-2019.12-cm11
patch -p1 < "$DOS_PATCHES/android_external_bluetooth_bluedroid/265493.patch"; #asb-2019.12-cm11
patch -p1 < "$DOS_PATCHES/android_external_bluetooth_bluedroid/265494.patch"; #asb-2019.12-cm11
fi;
if enterAndClear "external/libnfc-nci"; then
patch -p1 < "$DOS_PATCHES/android_external_libnfc-nci/258164.patch"; #asb-2019.09-cm11
patch -p1 < "$DOS_PATCHES/android_external_libnfc-nci/258165.patch"; #asb-2019.09-cm11
patch -p1 < "$DOS_PATCHES/android_external_libnfc-nci/264094.patch"; #asb-2019.11-cm11
patch -p1 < "$DOS_PATCHES/android_external_libnfc-nci/264097.patch"; #asb-2019.11-cm11
fi;
if enterAndClear "external/libvpx"; then
patch -p1 < "$DOS_PATCHES/android_external_libvpx/253499.patch"; #asb-2019.08-cm11
patch -p1 < "$DOS_PATCHES/android_external_libvpx/253500.patch"; #asb-2019.08-cm11
fi;
if enterAndClear "external/sfntly"; then
patch -p1 < "$DOS_PATCHES/android_external_sfntly/251198.patch"; #asb-2019.07-cm11
fi;
if enterAndClear "external/skia"; then
patch -p1 < "$DOS_PATCHES/android_external_skia/249705.patch"; #asb-2019.06-cm11
fi;
if enterAndClear "external/sqlite"; then
patch -p1 < "$DOS_PATCHES/android_external_sqlite/0001-Secure_Delete.patch"; #Enable secure_delete by default (AndroidHardening-13.0)
patch -p1 < "$DOS_PATCHES/android_external_sqlite/263910.patch"; #asb-2019.11-cm11
fi;
if enterAndClear "frameworks/av"; then
patch -p1 < "$DOS_PATCHES/android_frameworks_av/247874.patch"; #asb-2019.06-cm11
patch -p1 < "$DOS_PATCHES/android_frameworks_av/249706.patch"; #asb-2019.07-cm11
patch -p1 < "$DOS_PATCHES/android_frameworks_av/249707.patch"; #asb-2019.07-cm11
patch -p1 < "$DOS_PATCHES/android_frameworks_av/253521.patch"; #asb-2019.08-cm11
patch -p1 < "$DOS_PATCHES/android_frameworks_av/253522.patch"; #asb-2019.08-cm11
patch -p1 < "$DOS_PATCHES/android_frameworks_av/261040.patch"; #asb-2019.10-cm11
patch -p1 < "$DOS_PATCHES/android_frameworks_av/261041.patch"; #asb-2019.10-cm11
fi;
if enterAndClear "frameworks/base"; then
hardenLocationFWB "$DOS_BUILD_BASE"; #Harden the default GPS config
sed -i 's/com.android.mms/org.smssecure.smssecure/' core/res/res/values/config.xml; #Change default SMS app to Silence
sed -i 's|db_default_journal_mode">PERSIST|db_default_journal_mode">TRUNCATE|' core/res/res/values/config.xml; #Mirror SQLite secure_delete
if [ "$DOS_MICROG_INCLUDED" = "FULL" ]; then patch -p1 < "$DOS_PATCHES/android_frameworks_base/0001-Signature_Spoofing.patch"; fi; #Allow packages to spoof their signature (microG)
if [ "$DOS_MICROG_INCLUDED" = "FULL" ]; then patch -p1 < "$DOS_PATCHES/android_frameworks_base/0002-Harden_Sig_Spoofing.patch"; fi; #Restrict signature spoofing to system apps signed with the platform key
patch -p1 < "$DOS_PATCHES/android_frameworks_base/253523.patch"; #asb-2019.08-cm11
patch -p1 < "$DOS_PATCHES/android_frameworks_base/256318.patch"; #asb-2019.09-cm11
#patch -p1 < "$DOS_PATCHES/android_frameworks_base/264100.patch"; #asb-2019.11-cm11 XXX: breaks things
patch -p1 < "$DOS_PATCHES/android_frameworks_base/265311.patch"; #asb-2019.12-cm11
patch -p1 < "$DOS_PATCHES/android_frameworks_base/267438.patch"; #asb-2020.01-cm11
changeDefaultDNS; #Change the default DNS servers
#patch -p1 < "$DOS_PATCHES/android_frameworks_base/0008-Disable_Analytics.patch"; #Disable/reduce functionality of various ad/analytics libraries #TODO BACKPORT-11.0
fi;
if enterAndClear "frameworks/native"; then
patch -p1 < "$DOS_PATCHES/android_frameworks_native/253524.patch"; #asb-2019.08-cm11
patch -p1 < "$DOS_PATCHES/android_frameworks_native/256319.patch"; #asb-2019.09-cm11
patch -p1 < "$DOS_PATCHES/android_frameworks_native/256322.patch"; #asb-2019.09-cm11
fi;
if enterAndClear "packages/apps/Bluetooth"; then
patch -p1 < "$DOS_PATCHES/android_packages_apps_Bluetooth/264098.patch"; #asb-2019.11-cm11
fi;
if enterAndClear "packages/apps/Dialer"; then
rm -rf src/com/android/dialer/cmstats;
patch -p1 < "$DOS_PATCHES/android_packages_apps_Dialer/0001-Remove_Analytics.patch"; #Remove CMStats
fi;
if enterAndClear "packages/apps/Email"; then
patch -p1 < "$DOS_PATCHES/android_packages_apps_Email/253862.patch"; #asb-2019.08-cm11
patch -p1 < "$DOS_PATCHES/android_packages_apps_Email/256927.patch"; #asb-2019.09-cm11
fi;
if enterAndClear "packages/apps/InCallUI"; then
patch -p1 < "$DOS_PATCHES/android_packages_apps_InCallUI/0001-Remove_Analytics.patch"; #Remove CMStats
fi;
if enterAndClear "packages/apps/Nfc"; then
patch -p1 < "$DOS_PATCHES/android_packages_apps_Nfc/261042.patch"; #asb-2019.10-cm11
fi;
if enterAndClear "packages/apps/Settings"; then
sed -i 's/private int mPasswordMaxLength = 16;/private int mPasswordMaxLength = 48;/' src/com/android/settings/ChooseLockPassword.java; #Increase max password length
if [ "$DOS_MICROG_INCLUDED" = "FULL" ]; then sed -i 's/GSETTINGS_PROVIDER = "com.google.settings";/GSETTINGS_PROVIDER = "com.google.oQuae4av";/' src/com/android/settings/PrivacySettings.java; fi; #microG doesn't support Backup, hide the options
rm -rf src/com/android/settings/cmstats res/xml/security_settings_cyanogenmod.xml; #Nuke part of CMStats
patch -p1 < "$DOS_PATCHES/android_packages_apps_Settings/0001-Remove_Analytics.patch"; #Remove the rest of CMStats
patch -p1 < "$DOS_PATCHES/android_packages_apps_Settings/230054.patch"; #ASB disclaimer
patch -p1 < "$DOS_PATCHES/android_packages_apps_Settings/230392.patch"; #ASB disclaimer translations
patch -p1 < "$DOS_PATCHES/android_packages_apps_Settings/248015.patch"; #asb-2019.05-cm11
fi;
if enterAndClear "packages/apps/Trebuchet"; then
#cp -r "$DOS_PATCHES_COMMON/android_packages_apps_Trebuchet/default_workspace/." "res/xml/"; #TODO BACKPORT-11.0
sed -i 's/mCropView.setTouchEnabled(touchEnabled);/mCropView.setTouchEnabled(true);/' WallpaperPicker/src/com/android/launcher3/WallpaperCropActivity.java;
fi;
if enterAndClear "packages/apps/UnifiedEmail"; then
patch -p1 < "$DOS_PATCHES/android_packages_apps_UnifiedEmail/253861.patch"; #asb-2019.08-cm11
fi;
if enterAndClear "system/core"; then
sed -i 's/!= 2048/< 2048/' libmincrypt/tools/DumpPublicKey.java; #Allow 4096-bit keys
if [ "$DOS_HOSTS_BLOCKING" = true ]; then cat "$DOS_HOSTS_FILE" >> rootdir/etc/hosts; fi; #Merge in our HOSTS file
patch -p1 < "$DOS_PATCHES/android_system_core/0001-Harden_Mounts.patch"; #Harden mounts with nodev/noexec/nosuid (AndroidHardening-13.0)
fi;
if enterAndClear "vendor/cm"; then
rm -rf terminal;
awk -i inplace '!/50-cm.sh/' config/common.mk; #Make sure our hosts is always used
if [ "$DOS_DEBLOBBER_REMOVE_AUDIOFX" = true ]; then
awk -i inplace '!/DSPManager/' config/common.mk; #Remove AudioFX
fi;
if [ "$DOS_MICROG_INCLUDED" = "NLP" ]; then sed -i '/Google provider/!b;n;s/com.google.android.gms/org.microg.nlp/' overlay/common/frameworks/base/core/res/res/values/config.xml; fi; #Adjust the fused providers
sed -i 's/CM_BUILDTYPE := UNOFFICIAL/CM_BUILDTYPE := dos/' config/common.mk; #Change buildtype
if [ "$DOS_NON_COMMERCIAL_USE_PATCHES" = true ]; then sed -i 's/CM_BUILDTYPE := dos/CM_BUILDTYPE := dosNC/' config/common.mk; fi;
sed -i 's/Mms/Silence/' config/telephony.mk; #Replace the Messaging app with Silence
echo 'include vendor/divested/divestos.mk' >> config/common.mk; #Include our customizations
fi;
if enter "vendor/divested"; then
if [ "$DOS_MICROG_INCLUDED" = "FULL" ]; then echo "PRODUCT_PACKAGES += GmsCore GsfProxy FakeStore" >> packages.mk; fi; #Include microG
if [ "$DOS_HOSTS_BLOCKING" = false ]; then echo "PRODUCT_PACKAGES += $DOS_HOSTS_BLOCKING_APP" >> packages.mk; fi; #Include blocker app
awk -i inplace '!/FairEmail/' packages.mk; #FairEmail requires 5.0+
fi;
#
#END OF ROM CHANGES
#
#
#START OF DEVICE CHANGES
#
if enterAndClear "device/zte/nex" then
mv cm.mk lineage.mk;
sed -i 's/cm_/lineage_/' lineage.mk vendorsetup.sh;
echo "TARGET_DISPLAY_USE_RETIRE_FENCE := true" >> BoardConfig.mk;
sed -i 's/libm libc/libm libc libutils/' charger/Android.mk;
sed -i 's/ro.sf.lcd_density=240/ro.sf.lcd_density=180/' system.prop;
awk -i inplace '!/WCNSS_qcom_wlan_nv_2.bin/' proprietary-files.txt; #Missing
#echo "lib/hw/camera.msm8960.so" >> proprietary-files.txt;
#In nex-vendor-blobs.mk
# Copy "system/lib/libtime_genoff.so" as "obj/lib/libtime_genoff.so"
fi;
if enterAndClear "kernel/zte/msm8930" then
patch -p1 < "$DOS_PATCHES/android_kernel_zte_msm8930/0001-MDP-Fix.patch";
fi;
#Make changes to all devices
cd "$DOS_BUILD_BASE";
find "hardware/qcom/gps" -name "gps\.conf" -type f -print0 | xargs -0 -n 1 -P 4 -I {} bash -c 'hardenLocationConf "{}"';
find "device" -name "gps\.conf" -type f -print0 | xargs -0 -n 1 -P 4 -I {} bash -c 'hardenLocationConf "{}"';
find "vendor" -name "gps\.conf" -type f -print0 | xargs -0 -n 1 -P 4 -I {} bash -c 'hardenLocationConf "{}"';
find "device" -type d -name "overlay" -print0 | xargs -0 -n 1 -P 4 -I {} bash -c 'hardenLocationFWB "{}"';
find "device" -maxdepth 2 -mindepth 2 -type d -print0 | xargs -0 -n 1 -P 8 -I {} bash -c 'hardenUserdata "{}"';
find "device" -maxdepth 2 -mindepth 2 -type d -print0 | xargs -0 -n 1 -P 8 -I {} bash -c 'hardenBootArgs "{}"';
find "kernel" -maxdepth 2 -mindepth 2 -type d -print0 | xargs -0 -n 1 -P 4 -I {} bash -c 'hardenDefconfig "{}"';
cd "$DOS_BUILD_BASE";
deblobAudio;
removeBuildFingerprints;
#Fixes
#Fix broken options enabled by hardenDefconfig()
sed -i "s/# CONFIG_COMPAT_BRK is not set/CONFIG_COMPAT_BRK=y/" kernel/zte/msm8930/arch/arm/configs/msm8960-nex_defconfig;
#
#END OF DEVICE CHANGES
#

View File

@ -1,56 +0,0 @@
#!/bin/bash
#DivestOS: A privacy focused mobile distribution
#Copyright (c) 2017-2018 Divested Computing Group
#
#This program is free software: you can redistribute it and/or modify
#it under the terms of the GNU General Public License as published by
#the Free Software Foundation, either version 3 of the License, or
#(at your option) any later version.
#
#This program is distributed in the hope that it will be useful,
#but WITHOUT ANY WARRANTY; without even the implied warranty of
#MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
#GNU General Public License for more details.
#
#You should have received a copy of the GNU General Public License
#along with this program. If not, see <https://www.gnu.org/licenses/>.
#Updates select user facing strings
#Last verified: 2018-04-27
echo "Rebranding...";
if enter "bootable/recovery-cm"; then
sed -i 's|CyanogenMod Simple Recovery|'"$DOS_BRANDING_NAME"' Recovery|' ./recovery.cpp;
fi;
if enter "build"; then
sed -i 's|echo "ro.build.user=$USER"|echo "ro.build.user=emy"|' tools/buildinfo.sh; #Override build user
sed -i 's|echo "ro.build.host=`hostname`"|echo "ro.build.host=dosbm"|' tools/buildinfo.sh; #Override build host
sed -i '/CM_TARGET_PACKAGE/s/lineage/'"$DOS_BRANDING_ZIP_PREFIX"'/' core/Makefile;
fi;
if enter "frameworks/base"; then
generateBootAnimationMask "$DOS_BRANDING_NAME" "$DOS_BRANDING_BOOTANIMATION_FONT" core/res/assets/images/android-logo-mask.png;
generateBootAnimationShine "$DOS_BRANDING_BOOTANIMATION_COLOR" "$DOS_BRANDING_BOOTANIMATION_STYLE" core/res/assets/images/android-logo-shine.png;
fi;
if enter "packages/apps/Settings"; then
sed -i '/.*cmlicense_title/s/LineageOS/'"$DOS_BRANDING_NAME"'/' res/values*/cm_strings.xml
sed -i '/.*cmlicense_activity_title/s/LineageOS/'"$DOS_BRANDING_NAME"'/' res/values*/cm_strings.xml
sed -i '/.*cmupdate_settings_title/s/LineageOS/'"$DOS_BRANDING_NAME"'/' res/values*/cm_strings.xml
sed -i '/.*mod_version/s/LineageOS/'"$DOS_BRANDING_NAME"'/' res/values*/cm_strings.xml
sed -i '/.*privacy_settings_cyanogenmod_category/s/LineageOS/'"$DOS_BRANDING_NAME"'/' res/values*/cm_strings.xml
fi;
if enter "packages/apps/CMUpdater"; then
sed -i 's|https://download.cyanogenmod.org/api|'"$DOS_BRANDING_SERVER_OTA"'|' res/values/config.xml;
fi;
if enter "vendor/cm"; then
sed -i 's|https://lineageos.org/legal|'"$DOS_BRANDING_LINK_ABOUT"'|' config/common.mk;
rm -rf bootanimation;
fi;
cd "$DOS_BUILD_BASE";
echo "Rebranding complete!";

View File

@ -22,7 +22,6 @@ setStrict Misc;
setStrict Patches/Common;
setRelaxed Patches/Common/android_timekeep_sepolicy;
setRelaxed Patches/Common/android_vendor_divested;
setStrict Patches/LineageOS-11.0;
setStrict Patches/LineageOS-14.1;
setStrict Patches/LineageOS-15.1;
setStrict Patches/LineageOS-16.0;