Git-Mirrors/DivestOS
1
0
Fork 0
mirror of https://github.com/Divested-Mobile/DivestOS-Build.git synced 2025-05-02 06:26:20 -04:00
Code Issues Projects Releases Packages Wiki Activity

Remove network hardening patches, disable mako LTE patch, add function to enable forceencrypt

Browse source
This commit is contained in:
Tad 2017-10-30 17:38:00 -04:00
parent 53ae1c8103
commit 64d490d95e
4 changed files with 13 additions and 135 deletions
Download patch file Download diff file Expand all files Collapse all files

2
Scripts/LineageOS-14.1/CVE_Patchers/android_kernel_htc_flounder.sh
View file

@ -5,7 +5,7 @@ git apply $cvePatches/CVE-2014-9900/ANY/0.patch
git apply $cvePatches/CVE-2015-4177/ANY/0.patch
git apply $cvePatches/CVE-2015-7515/ANY/0.patch
git apply $cvePatches/CVE-2015-8944/ANY/0.patch
git apply $cvePatches/CVE-2016-0819/ANY/0.patch
#git apply $cvePatches/CVE-2016-0819/ANY/0.patch
git apply $cvePatches/CVE-2016-2475/ANY/0.patch
git apply $cvePatches/CVE-2016-8453/ANY/0.patch
git apply $cvePatches/CVE-2016-8464/3.10/0.patch

18
Scripts/LineageOS-14.1/Patch.sh
View file

@ -70,6 +70,7 @@ enhanceLocation() {
fi;
fi;
echo "Enhanced location services for $1";
cd $base;
}
export -f enhanceLocation;
@ -77,6 +78,14 @@ enableZram() {
sed -i 's|#/dev/block/zram0|/dev/block/zram0|' fstab.* rootdir/fstab.* rootdir/etc/fstab.* || true;
echo "Enabled zram";
}
enabledForcedEncryption() {
cd $base$1;
sed -i 's|encryptable=/|forceencrypt,encryptable=/|' fstab.* rootdir/fstab.* rootdir/etc/fstab.* || true;
echo "Enabled forceencrypt";
cd $base;
}
export -f enabledForcedEncryption;
#
#END OF PREPRATION
#
@ -190,10 +199,6 @@ patch -p1 < $patches"android_packages_services_Telephony/0001-LTE_Only.patch" #L
enter "system/core"
cat /tmp/ar/hosts >> rootdir/etc/hosts #Merge in our HOSTS file
patch -p1 < $patches"android_system_core/0001-Harden_Mounts.patch" #Harden mounts with nodev/noexec/nosuid
#patch -p1 < $patches"android_system_core/0002-Harden_Network.patch" #Harden network via sysctls FIXME: Tethering
#enter "system/netd"
#patch -p1 < $patches"android_system_netd/0001-Harden_Network.patch"; #Harden network via iptables FIXME: Tethering
enter "vendor/cm"
rm -rf overlay/common/vendor/cmsdk/packages #Remove analytics
@ -230,7 +235,7 @@ patch -p1 < $patches"android_kernel_oneplus_msm8974/0001-OverUnderClock-EXTREME.
enter "device/lge/mako"
disableDexPreOpt #bootloops
patch -p1 < $patches"android_device_lge_mako/0001-Enable_LTE.patch" #Enable LTE support (Requires LTE hybrid modem to be flashed) XXX: Doesn't seem to work under 7.x
#patch -p1 < $patches"android_device_lge_mako/0001-Enable_LTE.patch" #Enable LTE support (Requires LTE hybrid modem to be flashed) XXX: Doesn't seem to work under 7.x
enter "kernel/lge/hammerhead"
patch -p1 < $patches"android_kernel_lge_hammerhead/0001-OverUnderClock.patch" #2.26Ghz -> 2.95Ghz =+2.76Ghz
@ -238,9 +243,10 @@ patch -p1 < $patches"android_kernel_lge_hammerhead/0001-OverUnderClock.patch" #2
enter "kernel/motorola/msm8916"
patch -p1 < $patches"android_kernel_motorola_msm8916/0001-Overclock.patch" #1.36Ghz -> 1.88Ghz =+ 2.07Ghz
#Enhance and improve security of GPS for all devices
#Make changes to all devices
cd $base
find "device" -maxdepth 2 -mindepth 2 -type d -exec bash -c 'enhanceLocation "$0"' {} \;
find "device" -maxdepth 2 -mindepth 2 -type d -exec bash -c 'enabledForcedEncryption "$0"' {} \;
cd $base
#
#END OF DEVICE CHANGES