From 61a8a10c42a3cb69b3bc791cb00c0dc60191de04 Mon Sep 17 00:00:00 2001
From: Tad <tad@spotco.us>
Date: Mon, 11 Mar 2019 00:55:05 -0400
Subject: [PATCH] Many changes

repo changes
15.1: build fixes
16.0: add unofficial mako
---
 .gitmodules                                   |  2 +-
 Manifests/Manifest_LAOS-16.0.xml              |  4 +
 .../android_kernel_google_marlin.sh           |  2 +-
 .../android_kernel_motorola_msm8996.sh        |  2 +-
 Scripts/LineageOS-15.1/Functions.sh           |  3 +-
 .../CVE_Patchers/android_kernel_lge_mako.sh   | 84 +++++++++++++++++++
 Scripts/LineageOS-16.0/Functions.sh           |  3 +-
 Scripts/LineageOS-16.0/Patch.sh               |  6 +-
 8 files changed, 97 insertions(+), 9 deletions(-)
 create mode 100644 Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_lge_mako.sh

diff --git a/.gitmodules b/.gitmodules
index 789516f1..6a41669c 100644
--- a/.gitmodules
+++ b/.gitmodules
@@ -3,7 +3,7 @@
 	url = personal-lan-git:tad/dos/Wallpapers.git
 [submodule "Patches/Linux"]
 	path = Patches/Linux
-	url = personal-lan-git:tad/dos/Linux_Patches.git
+	url = git@gitlab.com:divested/kernel_patches.git
 [submodule "PrebuiltApps"]
 	path = PrebuiltApps
 	url = personal-lan-git:tad/dos/PrebuiltApps.git
diff --git a/Manifests/Manifest_LAOS-16.0.xml b/Manifests/Manifest_LAOS-16.0.xml
index 575efa41..3192904d 100644
--- a/Manifests/Manifest_LAOS-16.0.xml
+++ b/Manifests/Manifest_LAOS-16.0.xml
@@ -80,6 +80,10 @@
 	<project path="device/motorola/griffin" name="LineageOS/android_device_motorola_griffin" remote="github" />
 	<project path="kernel/motorola/msm8996" name="LineageOS/android_kernel_motorola_msm8996" remote="github" />
 
+        <!-- Nexus 4 (mako) -->
+        <project path="device/lge/mako" name="voron00/android_device_lge_mako" remote="github" />
+        <project path="kernel/lge/mako" name="voron00/android_kernel_lge_mako" remote="github" />
+
 	<!-- Nexus 6 (shamu) -->
 	<project path="device/moto/shamu" name="LineageOS/android_device_moto_shamu" remote="github" />
 	<project path="kernel/moto/shamu" name="LineageOS/android_kernel_moto_shamu" remote="github" />
diff --git a/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_google_marlin.sh b/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_google_marlin.sh
index 5918989d..c5a6f0b7 100644
--- a/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_google_marlin.sh
+++ b/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_google_marlin.sh
@@ -3,7 +3,7 @@ cd "$DOS_BUILD_BASE""kernel/google/marlin"
 git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/3.18/3.18.0085-0086.patch --exclude=Makefile
 git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/3.18/3.18.0086-0087.patch --exclude=Makefile
 git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/3.18/3.18.0089-0090.patch --exclude=Makefile
-git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/3.18/3.18.0098-0099.patch --exclude=Makefile
+#git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/3.18/3.18.0098-0099.patch --exclude=Makefile
 git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/3.18/3.18.0101-0102.patch --exclude=Makefile
 git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/3.18/3.18.0103-0104.patch --exclude=Makefile
 git apply $DOS_PATCHES_LINUX_CVES/0005-Copperhead-Deny_USB/3.18/0002.patch
diff --git a/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_motorola_msm8996.sh b/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_motorola_msm8996.sh
index f93f56ec..92a492bb 100644
--- a/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_motorola_msm8996.sh
+++ b/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_motorola_msm8996.sh
@@ -1,7 +1,7 @@
 #!/bin/bash
 cd "$DOS_BUILD_BASE""kernel/motorola/msm8996"
 git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/3.18/3.18.0072-0073.patch --exclude=Makefile
-git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/3.18/3.18.0098-0099.patch --exclude=Makefile
+#git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/3.18/3.18.0098-0099.patch --exclude=Makefile
 git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/3.18/3.18.0103-0104.patch --exclude=Makefile
 git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0019.patch
 git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0020.patch
diff --git a/Scripts/LineageOS-15.1/Functions.sh b/Scripts/LineageOS-15.1/Functions.sh
index 4bdbf860..66fcc5e7 100644
--- a/Scripts/LineageOS-15.1/Functions.sh
+++ b/Scripts/LineageOS-15.1/Functions.sh
@@ -69,7 +69,7 @@ buildAll() {
 	brunch lineage_marlin-user;
 	brunch lineage_mata-user;
 	brunch lineage_sailfish-user;
-	brunch lineage_shamu-user; #broken - needs synced proprietary-files.txt
+	brunch lineage_shamu-user;
 	brunch lineage_starlte-user; #broken - device/samsung/universal9810-common/audio: MODULE.TARGET.SHARED_LIBRARIES.libshim_audio_32 already defined by device/samsung/star-common/audio
 	brunch lineage_us996-user;
 	brunch lineage_us997-user;
@@ -83,7 +83,6 @@ patchWorkspace() {
 	source build/envsetup.sh;
 	#repopick 219020; #ab-neverallow-user
 	repopick 241694 241695 241696 241697 241698 241699 241700 241701; #mako cves
-	repopick -it O_asb_2019-03;
 
 	source "$DOS_SCRIPTS/Patch.sh";
 	source "$DOS_SCRIPTS/Defaults.sh";
diff --git a/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_lge_mako.sh b/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_lge_mako.sh
new file mode 100644
index 00000000..2c3b2f4e
--- /dev/null
+++ b/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_lge_mako.sh
@@ -0,0 +1,84 @@
+#!/bin/bash
+cd "$DOS_BUILD_BASE""kernel/lge/mako"
+git apply $DOS_PATCHES_LINUX_CVES/0003-syskaller-Misc/ANY/0008.patch
+git apply $DOS_PATCHES_LINUX_CVES/0003-syskaller-Misc/ANY/0009.patch
+git apply $DOS_PATCHES_LINUX_CVES/0005-Copperhead-Deny_USB/3.4/3.4-Backport.patch
+git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.4/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6704/^3.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-4738/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-2041/^3.19/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2185/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2186/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2384/^4.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2544/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2549/^4.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3138/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3857/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3894/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5829/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6753/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6828/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-7910/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-7915/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8399/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8406/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8463/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8650/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-9576/3.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-9604/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-9793/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-9794/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0403/3.0-^3.18/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0404/^3.18/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0648/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0710/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0786/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11473/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13305/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16525/^4.13/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16526/^4.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16532/^4.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16533/^4.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16535/^4.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16537/^4.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16650/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0005.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0006.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17558/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17806/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-2671/^4.10/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-6074/^4.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-6345/^4.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-6348/^4.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-6951/^3.14/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7184/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7184/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7308/ANY/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7487/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8247/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8890/3.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9242/^4.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-1068/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10879/3.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10879/3.4/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10880/3.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10882/3.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10883/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9389/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9416/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9516/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2001/3.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-8912/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/LVT-2017-0004/3.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/Untracked-01/ANY/0008-nfsd-check-for-oversized-NFSv2-v3-arguments.patch
+git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/797912_0001-usb-gadget-Fix-synchronization-issue-between-f_audio.patch
+git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/870057_0001-wcnss-add-null-check-in-pm_ops-unregister.patch
+git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/kernel.msm.git-5d89eb01c93d8a62998e3bdccae28a7732e3bd51.patch
+git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/kernel.msm.git-7be3e08d7a523207486701b2d34607137558066f.patch
+git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/kernel.msm.git-9f34c6ebc016cd061ae5ec901221d15fa3d67e49.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000111/ANY/0001.patch
+editKernelLocalversion "-dos.p80"
+cd "$DOS_BUILD_BASE"
diff --git a/Scripts/LineageOS-16.0/Functions.sh b/Scripts/LineageOS-16.0/Functions.sh
index 592a1ba2..c11cd9d3 100644
--- a/Scripts/LineageOS-16.0/Functions.sh
+++ b/Scripts/LineageOS-16.0/Functions.sh
@@ -18,7 +18,7 @@
 #Last verified: 2018-04-27
 
 patchAllKernels() {
-	startPatcher "kernel_moto_shamu kernel_motorola_msm8996 kernel_oppo_msm8974 kernel_samsung_msm8974";
+	startPatcher "kernel_lge_mako kernel_moto_shamu kernel_motorola_msm8996 kernel_oppo_msm8974 kernel_samsung_msm8974";
 }
 export -f patchAllKernels;
 
@@ -49,6 +49,7 @@ export -f buildDeviceDebug;
 buildAll() {
 	if [ "$DOS_MALWARE_SCAN_ENABLED" = true ]; then scanWorkspaceForMalware; fi;
 	#userdebug because 16.0 is littered with neverallows
+	brunch lineage_mako-userdebug;
 	brunch lineage_bacon-userdebug;
 	brunch lineage_griffin-userdebug;
 	brunch lineage_klte-userdebug;
diff --git a/Scripts/LineageOS-16.0/Patch.sh b/Scripts/LineageOS-16.0/Patch.sh
index a5e1d652..74a39a39 100644
--- a/Scripts/LineageOS-16.0/Patch.sh
+++ b/Scripts/LineageOS-16.0/Patch.sh
@@ -70,9 +70,6 @@ sed -i '74i$(my_res_package): PRIVATE_AAPT_FLAGS += --auto-add-overlay' core/aap
 enterAndClear "device/qcom/sepolicy-legacy";
 patch -p1 < "$DOS_PATCHES/android_device_qcom_sepolicy-legacy/0001-Camera_Fix.patch"; #Fix camera on -user builds XXX: REMOVE THIS TRASH
 
-enterAndClear "external/svox";
-git revert 1419d63b4889a26d22443fd8df1f9073bf229d3d; #Add back Makefiles
-
 enterAndClear "frameworks/base";
 hardenLocationFWB "$DOS_BUILD_BASE";
 sed -i 's/DEFAULT_MAX_FILES = 1000;/DEFAULT_MAX_FILES = 0;/' services/core/java/com/android/server/DropBoxManagerService.java; #Disable DropBox
@@ -170,6 +167,9 @@ if [ "$DOS_HOSTS_BLOCKING" = false ]; then echo "PRODUCT_PACKAGES += $DOS_HOSTS_
 #
 #START OF DEVICE CHANGES
 #
+enterAndClear "device/lge/mako";
+echo "allow kickstart usbfs:dir search;" >> sepolicy/kickstart.te; #Fix forceencrypt on first boot
+
 enterAndClear "device/oneplus/bacon";
 sed -i 's/android.hardware.nfc@1.0-impl/android.hardware.nfc@1.0-impl.so/' device-proprietary-files.txt;