From 5d57bf13c4fafb8386840263508a221287b04324 Mon Sep 17 00:00:00 2001
From: Tad <tad@spotco.us>
Date: Thu, 26 May 2022 19:16:40 -0400
Subject: [PATCH] Compile fixes

The backported fix for CVE-2021-39713 requires CONFIG_MODULES=y
MODULES is default enabled, but some kernels are mutilated and break with it on

Signed-off-by: Tad <tad@spotco.us>
---
 Scripts/Common/Fix_CVE_Patchers.sh                          | 6 +++---
 Scripts/Common/Functions.sh                                 | 2 +-
 .../CVE_Patchers/android_kernel_asus_grouper.sh             | 2 +-
 .../CVE_Patchers/android_kernel_samsung_manta.sh            | 2 +-
 Scripts/LineageOS-14.1/Patch.sh                             | 3 +++
 5 files changed, 9 insertions(+), 6 deletions(-)

diff --git a/Scripts/Common/Fix_CVE_Patchers.sh b/Scripts/Common/Fix_CVE_Patchers.sh
index 7b8749b4..44608d7e 100644
--- a/Scripts/Common/Fix_CVE_Patchers.sh
+++ b/Scripts/Common/Fix_CVE_Patchers.sh
@@ -37,7 +37,7 @@ commentPatches() {
 
 commentPatches android_kernel_amazon_hdx-common.sh "CVE-2021-Misc2/3.4/0055.patch" "CVE-2021-Misc2/3.4/0056.patch";
 commentPatches android_kernel_asus_fugu.sh "CVE-2014-2568" "CVE-2014-8559" "CVE-2015-8746" "CVE-2017-5551" "LVT-2017-0003/3.10/0001.patch";
-commentPatches android_kernel_asus_grouper.sh "CVE-2017-15868" "CVE-2021-Misc2/3.4/0055.patch" "CVE-2021-Misc2/3.4/0056.patch";
+commentPatches android_kernel_asus_grouper.sh "CVE-2017-15868" "CVE-2021-39713/ANY/0011.patch" "CVE-2021-Misc2/3.4/0055.patch" "CVE-2021-Misc2/3.4/0056.patch";
 commentPatches android_kernel_asus_msm8916.sh "CVE-2018-13913/ANY/0001.patch";
 commentPatches android_kernel_asus_msm8953.sh "CVE-2017-13162/3.18/0001.patch";
 commentPatches android_kernel_cyanogen_msm8916.sh "CVE-2018-13913/ANY/0001.patch" "CVE-2018-5897" "CVE-2018-9514" "CVE-2018-11266";
@@ -81,12 +81,12 @@ commentPatches android_kernel_samsung_apq8084.sh "0006-AndroidHardening-Kernel_H
 commentPatches android_kernel_samsung_d2.sh "CVE-2021-Misc2/3.4/0055.patch" "CVE-2021-Misc2/3.4/0056.patch";
 commentPatches android_kernel_samsung_exynos5420.sh "CVE-2021-Misc2/3.4/0061.patch" "CVE-2021-Misc2/3.4/0062.patch";
 commentPatches android_kernel_samsung_jf.sh "CVE-2019-11599";
-commentPatches android_kernel_samsung_manta.sh "CVE-2021-Misc2/3.4/0055.patch" "CVE-2021-Misc2/3.4/0056.patch";
+commentPatches android_kernel_samsung_manta.sh "CVE-2021-39713/ANY/0011.patch" "CVE-2021-Misc2/3.4/0055.patch" "CVE-2021-Misc2/3.4/0056.patch";
 commentPatches android_kernel_samsung_msm8930-common.sh "CVE-2017-11015/prima" "CVE-2019-11599" "CVE-2021-Misc2/ANY/0031.patch";
 commentPatches android_kernel_samsung_smdk4412.sh "CVE-2012-2127" "CVE-2016-8463/ANY/0001.patch";
 commentPatches android_kernel_samsung_tuna.sh "CVE-2012-2127";
 commentPatches android_kernel_samsung_universal8890.sh "0008-Graphene-Kernel_Hardening/4.9/0053.patch" "0008-Graphene-Kernel_Hardening/4.9/0055.patch" "CVE-2016-7917" "CVE-2018-1092" "CVE-2018-17972" "CVE-2019-16746" "CVE-2020-0427" "CVE-2020-14381" "CVE-2020-16166";
-commentPatches android_kernel_samsung_universal9810.sh "CVE-2020-1749";
+commentPatches android_kernel_samsung_universal9810.sh "CVE-2020-1749" "CVE-2021-39713/ANY/0011.patch";
 commentPatches android_kernel_sony_sdm660.sh "0008-Graphene-Kernel_Hardening/4.4/0019.patch" "CVE-2019-19319" "CVE-2020-0305" "CVE-2020-8992" "CVE-2020-16166";
 commentPatches android_kernel_sony_sdm845.sh "CVE-2019-19319" "CVE-2020-1749" "CVE-2020-8992";
 commentPatches android_kernel_xiaomi_msm8937.sh "CVE-2017-13162" "CVE-2019-14070" "CVE-2019-16746" "CVE-2020-0427" "CVE-2020-16166" "CVE-2021-39715/ANY/0001.patch";
diff --git a/Scripts/Common/Functions.sh b/Scripts/Common/Functions.sh
index 48860722..9df7ec97 100644
--- a/Scripts/Common/Functions.sh
+++ b/Scripts/Common/Functions.sh
@@ -777,7 +777,7 @@ hardenDefconfig() {
 	#Enable supported options
 	#Linux <3.0
 	declare -a optionsYes=("BUG" "DEBUG_CREDENTIALS" "DEBUG_KERNEL" "DEBUG_LIST" "DEBUG_NOTIFIERS" "DEBUG_RODATA" "DEBUG_SET_MODULE_RONX" "DEBUG_VIRTUAL" "IPV6_PRIVACY" "SECCOMP" "SECURITY" "SECURITY_DMESG_RESTRICT" "SLUB_DEBUG" "STRICT_DEVMEM" "SYN_COOKIES");
-	optionsYes+=("DEBUG_FS"); #fix compile issues
+	optionsYes+=("DEBUG_FS" "MODULES"); #fix compile issues
 	#optionsYes+=("DEBUG_SG"); #bootloops - https://patchwork.kernel.org/patch/8989981
 
 	#Linux 3.4
diff --git a/Scripts/LineageOS-14.1/CVE_Patchers/android_kernel_asus_grouper.sh b/Scripts/LineageOS-14.1/CVE_Patchers/android_kernel_asus_grouper.sh
index 61e411aa..241c8bc7 100644
--- a/Scripts/LineageOS-14.1/CVE_Patchers/android_kernel_asus_grouper.sh
+++ b/Scripts/LineageOS-14.1/CVE_Patchers/android_kernel_asus_grouper.sh
@@ -398,7 +398,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-28972/3.18/0007.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-31916/3.18/0008.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-34693/3.18/0008.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-37576/4.4/0006.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-39713/ANY/0011.patch
+#git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-39713/ANY/0011.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-42008/4.4/0004.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-45095/4.4/0004.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-45868/4.4/0004.patch
diff --git a/Scripts/LineageOS-14.1/CVE_Patchers/android_kernel_samsung_manta.sh b/Scripts/LineageOS-14.1/CVE_Patchers/android_kernel_samsung_manta.sh
index ac97997f..8305d4f7 100644
--- a/Scripts/LineageOS-14.1/CVE_Patchers/android_kernel_samsung_manta.sh
+++ b/Scripts/LineageOS-14.1/CVE_Patchers/android_kernel_samsung_manta.sh
@@ -313,7 +313,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-28972/3.18/0007.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-31916/3.18/0008.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-34693/3.18/0008.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-37576/4.4/0006.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-39713/ANY/0011.patch
+#git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-39713/ANY/0011.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-42008/4.4/0004.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-45095/4.4/0004.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-45868/4.4/0004.patch
diff --git a/Scripts/LineageOS-14.1/Patch.sh b/Scripts/LineageOS-14.1/Patch.sh
index 86306dd7..35903fec 100644
--- a/Scripts/LineageOS-14.1/Patch.sh
+++ b/Scripts/LineageOS-14.1/Patch.sh
@@ -441,8 +441,11 @@ sed -i "s/CONFIG_ASYMMETRIC_PUBLIC_KEY_SUBTYPE=y/# CONFIG_ASYMMETRIC_PUBLIC_KEY_
 sed -i "s/CONFIG_SYSTEM_TRUSTED_KEYRING=y/# CONFIG_SYSTEM_TRUSTED_KEYRING is not set/" kernel/amazon/hdx-common/arch/arm/configs/*defconfig; #Breaks on compile
 sed -i "s/CONFIG_ASYMMETRIC_KEY_TYPE=y/# CONFIG_ASYMMETRIC_KEY_TYPE is not set/" kernel/amazon/hdx-common/arch/arm/configs/*defconfig; #Breaks on compile
 sed -i "s/CONFIG_DEBUG_RODATA=y/# CONFIG_DEBUG_RODATA is not set/" kernel/asus/grouper/arch/arm/configs/grouper_defconfig; #Breaks on compile
+sed -i "s/CONFIG_MODULES=y/# CONFIG_MODULES is not set/" kernel/asus/grouper/arch/arm/configs/grouper_defconfig; #Breaks on compile
 awk -i inplace '!/STACKPROTECTOR/' kernel/lge/msm8992/arch/arm64/configs/lineageos_*_defconfig; #Breaks on compile
 sed -i "s/CONFIG_ARM_SMMU=y/# CONFIG_ARM_SMMU is not set/" kernel/motorola/msm8992/arch/arm64/configs/*defconfig; #Breaks on compile
+sed -i "s/CONFIG_MODULES=y/# CONFIG_MODULES is not set/" kernel/samsung/manta/arch/arm/configs/lineage_*_defconfig; #Breaks on compile
+sed -i "s/CONFIG_MODULES=y/# CONFIG_MODULES is not set/" kernel/samsung/universal8890/arch/arm64/configs/exynos8890-hero*lte_defconfig; #Breaks on compile
 #tuna fixes
 awk -i inplace '!/nfc_enhanced.mk/' device/samsung/toro*/lineage.mk;
 awk -i inplace '!/TARGET_RECOVERY_UPDATER_LIBS/' device/samsung/toro*/BoardConfig.mk;