diff --git a/.gitmodules b/.gitmodules
index 789516f1..6a41669c 100644
--- a/.gitmodules
+++ b/.gitmodules
@@ -3,7 +3,7 @@
url = personal-lan-git:tad/dos/Wallpapers.git
[submodule "Patches/Linux"]
path = Patches/Linux
- url = personal-lan-git:tad/dos/Linux_Patches.git
+ url = git@gitlab.com:divested/kernel_patches.git
[submodule "PrebuiltApps"]
path = PrebuiltApps
url = personal-lan-git:tad/dos/PrebuiltApps.git
diff --git a/Manifests/Manifest_LAOS-16.0.xml b/Manifests/Manifest_LAOS-16.0.xml
index 575efa41..3192904d 100644
--- a/Manifests/Manifest_LAOS-16.0.xml
+++ b/Manifests/Manifest_LAOS-16.0.xml
@@ -80,6 +80,10 @@
+
+
+
+
diff --git a/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_google_marlin.sh b/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_google_marlin.sh
index 5918989d..c5a6f0b7 100644
--- a/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_google_marlin.sh
+++ b/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_google_marlin.sh
@@ -3,7 +3,7 @@ cd "$DOS_BUILD_BASE""kernel/google/marlin"
git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/3.18/3.18.0085-0086.patch --exclude=Makefile
git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/3.18/3.18.0086-0087.patch --exclude=Makefile
git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/3.18/3.18.0089-0090.patch --exclude=Makefile
-git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/3.18/3.18.0098-0099.patch --exclude=Makefile
+#git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/3.18/3.18.0098-0099.patch --exclude=Makefile
git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/3.18/3.18.0101-0102.patch --exclude=Makefile
git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/3.18/3.18.0103-0104.patch --exclude=Makefile
git apply $DOS_PATCHES_LINUX_CVES/0005-Copperhead-Deny_USB/3.18/0002.patch
diff --git a/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_motorola_msm8996.sh b/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_motorola_msm8996.sh
index f93f56ec..92a492bb 100644
--- a/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_motorola_msm8996.sh
+++ b/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_motorola_msm8996.sh
@@ -1,7 +1,7 @@
#!/bin/bash
cd "$DOS_BUILD_BASE""kernel/motorola/msm8996"
git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/3.18/3.18.0072-0073.patch --exclude=Makefile
-git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/3.18/3.18.0098-0099.patch --exclude=Makefile
+#git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/3.18/3.18.0098-0099.patch --exclude=Makefile
git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/3.18/3.18.0103-0104.patch --exclude=Makefile
git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0019.patch
git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0020.patch
diff --git a/Scripts/LineageOS-15.1/Functions.sh b/Scripts/LineageOS-15.1/Functions.sh
index 4bdbf860..66fcc5e7 100644
--- a/Scripts/LineageOS-15.1/Functions.sh
+++ b/Scripts/LineageOS-15.1/Functions.sh
@@ -69,7 +69,7 @@ buildAll() {
brunch lineage_marlin-user;
brunch lineage_mata-user;
brunch lineage_sailfish-user;
- brunch lineage_shamu-user; #broken - needs synced proprietary-files.txt
+ brunch lineage_shamu-user;
brunch lineage_starlte-user; #broken - device/samsung/universal9810-common/audio: MODULE.TARGET.SHARED_LIBRARIES.libshim_audio_32 already defined by device/samsung/star-common/audio
brunch lineage_us996-user;
brunch lineage_us997-user;
@@ -83,7 +83,6 @@ patchWorkspace() {
source build/envsetup.sh;
#repopick 219020; #ab-neverallow-user
repopick 241694 241695 241696 241697 241698 241699 241700 241701; #mako cves
- repopick -it O_asb_2019-03;
source "$DOS_SCRIPTS/Patch.sh";
source "$DOS_SCRIPTS/Defaults.sh";
diff --git a/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_lge_mako.sh b/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_lge_mako.sh
new file mode 100644
index 00000000..2c3b2f4e
--- /dev/null
+++ b/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_lge_mako.sh
@@ -0,0 +1,84 @@
+#!/bin/bash
+cd "$DOS_BUILD_BASE""kernel/lge/mako"
+git apply $DOS_PATCHES_LINUX_CVES/0003-syskaller-Misc/ANY/0008.patch
+git apply $DOS_PATCHES_LINUX_CVES/0003-syskaller-Misc/ANY/0009.patch
+git apply $DOS_PATCHES_LINUX_CVES/0005-Copperhead-Deny_USB/3.4/3.4-Backport.patch
+git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.4/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6704/^3.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-4738/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-2041/^3.19/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2185/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2186/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2384/^4.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2544/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2549/^4.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3138/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3857/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3894/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5829/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6753/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6828/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-7910/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-7915/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8399/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8406/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8463/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8650/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-9576/3.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-9604/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-9793/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-9794/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0403/3.0-^3.18/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0404/^3.18/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0648/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0710/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0786/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11473/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13305/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16525/^4.13/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16526/^4.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16532/^4.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16533/^4.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16535/^4.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16537/^4.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16650/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0005.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0006.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17558/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17806/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-2671/^4.10/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-6074/^4.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-6345/^4.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-6348/^4.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-6951/^3.14/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7184/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7184/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7308/ANY/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7487/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8247/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8890/3.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9242/^4.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-1068/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10879/3.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10879/3.4/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10880/3.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10882/3.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10883/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9389/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9416/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9516/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2001/3.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-8912/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/LVT-2017-0004/3.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/Untracked-01/ANY/0008-nfsd-check-for-oversized-NFSv2-v3-arguments.patch
+git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/797912_0001-usb-gadget-Fix-synchronization-issue-between-f_audio.patch
+git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/870057_0001-wcnss-add-null-check-in-pm_ops-unregister.patch
+git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/kernel.msm.git-5d89eb01c93d8a62998e3bdccae28a7732e3bd51.patch
+git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/kernel.msm.git-7be3e08d7a523207486701b2d34607137558066f.patch
+git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/kernel.msm.git-9f34c6ebc016cd061ae5ec901221d15fa3d67e49.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000111/ANY/0001.patch
+editKernelLocalversion "-dos.p80"
+cd "$DOS_BUILD_BASE"
diff --git a/Scripts/LineageOS-16.0/Functions.sh b/Scripts/LineageOS-16.0/Functions.sh
index 592a1ba2..c11cd9d3 100644
--- a/Scripts/LineageOS-16.0/Functions.sh
+++ b/Scripts/LineageOS-16.0/Functions.sh
@@ -18,7 +18,7 @@
#Last verified: 2018-04-27
patchAllKernels() {
- startPatcher "kernel_moto_shamu kernel_motorola_msm8996 kernel_oppo_msm8974 kernel_samsung_msm8974";
+ startPatcher "kernel_lge_mako kernel_moto_shamu kernel_motorola_msm8996 kernel_oppo_msm8974 kernel_samsung_msm8974";
}
export -f patchAllKernels;
@@ -49,6 +49,7 @@ export -f buildDeviceDebug;
buildAll() {
if [ "$DOS_MALWARE_SCAN_ENABLED" = true ]; then scanWorkspaceForMalware; fi;
#userdebug because 16.0 is littered with neverallows
+ brunch lineage_mako-userdebug;
brunch lineage_bacon-userdebug;
brunch lineage_griffin-userdebug;
brunch lineage_klte-userdebug;
diff --git a/Scripts/LineageOS-16.0/Patch.sh b/Scripts/LineageOS-16.0/Patch.sh
index a5e1d652..74a39a39 100644
--- a/Scripts/LineageOS-16.0/Patch.sh
+++ b/Scripts/LineageOS-16.0/Patch.sh
@@ -70,9 +70,6 @@ sed -i '74i$(my_res_package): PRIVATE_AAPT_FLAGS += --auto-add-overlay' core/aap
enterAndClear "device/qcom/sepolicy-legacy";
patch -p1 < "$DOS_PATCHES/android_device_qcom_sepolicy-legacy/0001-Camera_Fix.patch"; #Fix camera on -user builds XXX: REMOVE THIS TRASH
-enterAndClear "external/svox";
-git revert 1419d63b4889a26d22443fd8df1f9073bf229d3d; #Add back Makefiles
-
enterAndClear "frameworks/base";
hardenLocationFWB "$DOS_BUILD_BASE";
sed -i 's/DEFAULT_MAX_FILES = 1000;/DEFAULT_MAX_FILES = 0;/' services/core/java/com/android/server/DropBoxManagerService.java; #Disable DropBox
@@ -170,6 +167,9 @@ if [ "$DOS_HOSTS_BLOCKING" = false ]; then echo "PRODUCT_PACKAGES += $DOS_HOSTS_
#
#START OF DEVICE CHANGES
#
+enterAndClear "device/lge/mako";
+echo "allow kickstart usbfs:dir search;" >> sepolicy/kickstart.te; #Fix forceencrypt on first boot
+
enterAndClear "device/oneplus/bacon";
sed -i 's/android.hardware.nfc@1.0-impl/android.hardware.nfc@1.0-impl.so/' device-proprietary-files.txt;