Small fixups

Signed-off-by: Tad <tad@spotco.us>
This commit is contained in:
Tad 2023-08-18 16:08:10 -04:00
parent 0afe05ff22
commit 7fb56809ac
No known key found for this signature in database
GPG Key ID: B286E9F57A07424B
5 changed files with 22 additions and 25 deletions

View File

@ -265,23 +265,29 @@
<project path="kernel/xiaomi/sm8250" name="LineageOS/android_kernel_xiaomi_sm8250" remote="github" revision="lineage-20" /> <project path="kernel/xiaomi/sm8250" name="LineageOS/android_kernel_xiaomi_sm8250" remote="github" revision="lineage-20" />
<!-- Xiaomi Mi 10T / Mi 10T Pro / Redmi K30S Ultra (apollon) --> <!-- Xiaomi Mi 10T / Mi 10T Pro / Redmi K30S Ultra (apollon) -->
<project path="device/xiaomi/apollon" name="LineageOS/android_device_xiaomi_apollon" remote="github" /> <project path="device/xiaomi/apollon" name="LineageOS/android_device_xiaomi_apollon" remote="github" revision="lineage-20" />
<!-- Xiaomi POCO F3 / Redmi K40 / Mi 11X (alioth) --> <!-- Xiaomi POCO F3 / Redmi K40 / Mi 11X (alioth) -->
<project path="device/xiaomi/alioth" name="LineageOS/android_device_xiaomi_alioth" remote="github" revision="lineage-20" /> <project path="device/xiaomi/alioth" name="LineageOS/android_device_xiaomi_alioth" remote="github" revision="lineage-20" />
<!-- Proprietary Blobs --> <!-- Proprietary Blobs -->
<project path="vendor/essential/mata" name="[COLOUR IN THE LINES]/proprietary_vendor_essential_mata" remote="github" revision="lineage-20" />
<project path="vendor/fairphone/FP3" name="[COLOUR IN THE LINES]/proprietary_vendor_fairphone_FP3" remote="github" revision="lineage-20" /> <project path="vendor/fairphone/FP3" name="[COLOUR IN THE LINES]/proprietary_vendor_fairphone_FP3" remote="github" revision="lineage-20" />
<project path="vendor/fairphone/FP4" name="[COLOUR IN THE LINES]/proprietary_vendor_fairphone_FP4" remote="github" revision="lineage-20" /> <project path="vendor/fairphone/FP4" name="[COLOUR IN THE LINES]/proprietary_vendor_fairphone_FP4" remote="github" revision="lineage-20" />
<project path="vendor/fxtec/pro1" name="[COLOUR IN THE LINES]/proprietary_vendor_fxtec_pro1" remote="github" revision="lineage-20" /> <project path="vendor/fxtec/pro1" name="[COLOUR IN THE LINES]/proprietary_vendor_fxtec_pro1" remote="github" revision="lineage-20" />
<project path="vendor/fxtec/pro1x" name="[COLOUR IN THE LINES]/proprietary_vendor_fxtec_pro1x" remote="github" revision="lineage-20" /> <project path="vendor/fxtec/pro1x" name="[COLOUR IN THE LINES]/proprietary_vendor_fxtec_pro1x" remote="github" revision="lineage-20" />
<project path="vendor/google/barbet" name="[COLOUR IN THE LINES]/proprietary_vendor_google_barbet" remote="github" revision="lineage-20" /> <project path="vendor/google/barbet" name="[COLOUR IN THE LINES]/proprietary_vendor_google_barbet" remote="github" revision="lineage-20" />
<project path="vendor/google/bluejay" name="[COLOUR IN THE LINES]/proprietary_vendor_google_bluejay" remote="gitlab" revision="lineage-20" />
<project path="vendor/google/blueline" name="[COLOUR IN THE LINES]/proprietary_vendor_google_blueline" remote="github" revision="lineage-20" /> <project path="vendor/google/blueline" name="[COLOUR IN THE LINES]/proprietary_vendor_google_blueline" remote="github" revision="lineage-20" />
<project path="vendor/google/bonito" name="[COLOUR IN THE LINES]/proprietary_vendor_google_bonito" remote="github" revision="lineage-20" /> <project path="vendor/google/bonito" name="[COLOUR IN THE LINES]/proprietary_vendor_google_bonito" remote="github" revision="lineage-20" />
<project path="vendor/google/bramble" name="[COLOUR IN THE LINES]/proprietary_vendor_google_bramble" remote="github" revision="lineage-20" /> <project path="vendor/google/bramble" name="[COLOUR IN THE LINES]/proprietary_vendor_google_bramble" remote="github" revision="lineage-20" />
<project path="vendor/google/cheetah" name="[COLOUR IN THE LINES]/proprietary_vendor_google_cheetah" remote="gitlab" revision="lineage-20" />
<project path="vendor/google/coral" name="[COLOUR IN THE LINES]/proprietary_vendor_google_coral" remote="github" revision="lineage-20" /> <project path="vendor/google/coral" name="[COLOUR IN THE LINES]/proprietary_vendor_google_coral" remote="github" revision="lineage-20" />
<project path="vendor/google/crosshatch" name="[COLOUR IN THE LINES]/proprietary_vendor_google_crosshatch" remote="github" revision="lineage-20" /> <project path="vendor/google/crosshatch" name="[COLOUR IN THE LINES]/proprietary_vendor_google_crosshatch" remote="github" revision="lineage-20" />
<project path="vendor/google/flame" name="[COLOUR IN THE LINES]/proprietary_vendor_google_flame" remote="github" revision="lineage-20" /> <project path="vendor/google/flame" name="[COLOUR IN THE LINES]/proprietary_vendor_google_flame" remote="github" revision="lineage-20" />
<project path="vendor/google/oriole" name="[COLOUR IN THE LINES]/proprietary_vendor_google_oriole" remote="gitlab" revision="lineage-20" />
<project path="vendor/google/panther" name="[COLOUR IN THE LINES]/proprietary_vendor_google_panther" remote="gitlab" revision="lineage-20" />
<project path="vendor/google/raven" name="[COLOUR IN THE LINES]/proprietary_vendor_google_raven" remote="gitlab" revision="lineage-20" />
<project path="vendor/google/redfin" name="[COLOUR IN THE LINES]/proprietary_vendor_google_redfin" remote="github" revision="lineage-20" /> <project path="vendor/google/redfin" name="[COLOUR IN THE LINES]/proprietary_vendor_google_redfin" remote="github" revision="lineage-20" />
<project path="vendor/google/sargo" name="[COLOUR IN THE LINES]/proprietary_vendor_google_sargo" remote="github" revision="lineage-20" /> <project path="vendor/google/sargo" name="[COLOUR IN THE LINES]/proprietary_vendor_google_sargo" remote="github" revision="lineage-20" />
<project path="vendor/google/sunfish" name="[COLOUR IN THE LINES]/proprietary_vendor_google_sunfish" remote="github" revision="lineage-20" /> <project path="vendor/google/sunfish" name="[COLOUR IN THE LINES]/proprietary_vendor_google_sunfish" remote="github" revision="lineage-20" />
@ -309,31 +315,24 @@
<project path="vendor/oneplus/sm8350-common" name="[COLOUR IN THE LINES]/proprietary_vendor_oneplus_sm8350-common" remote="github" revision="lineage-20" /> <project path="vendor/oneplus/sm8350-common" name="[COLOUR IN THE LINES]/proprietary_vendor_oneplus_sm8350-common" remote="github" revision="lineage-20" />
<project path="vendor/razer/aura" name="[COLOUR IN THE LINES]/proprietary_vendor_razer_aura" remote="github" revision="lineage-20" /> <project path="vendor/razer/aura" name="[COLOUR IN THE LINES]/proprietary_vendor_razer_aura" remote="github" revision="lineage-20" />
<project path="vendor/razer/cheryl" name="[COLOUR IN THE LINES]/proprietary_vendor_razer_cheryl" remote="github" revision="lineage-20" /> <project path="vendor/razer/cheryl" name="[COLOUR IN THE LINES]/proprietary_vendor_razer_cheryl" remote="github" revision="lineage-20" />
<project path="vendor/samsung/exynos9810-common" name="[COLOUR IN THE LINES]/proprietary_vendor_samsung_exynos9810-common" remote="github" revision="lineage-20" />
<project path="vendor/samsung/crownlte" name="[COLOUR IN THE LINES]/proprietary_vendor_samsung_crownlte" remote="github" revision="lineage-20" /> <project path="vendor/samsung/crownlte" name="[COLOUR IN THE LINES]/proprietary_vendor_samsung_crownlte" remote="github" revision="lineage-20" />
<project path="vendor/samsung/starlte" name="[COLOUR IN THE LINES]/proprietary_vendor_samsung_starlte" remote="github" revision="lineage-20" /> <project path="vendor/samsung/exynos9810-common" name="[COLOUR IN THE LINES]/proprietary_vendor_samsung_exynos9810-common" remote="github" revision="lineage-20" />
<project path="vendor/samsung/star2lte" name="[COLOUR IN THE LINES]/proprietary_vendor_samsung_star2lte" remote="github" revision="lineage-20" /> <project path="vendor/samsung/star2lte" name="[COLOUR IN THE LINES]/proprietary_vendor_samsung_star2lte" remote="github" revision="lineage-20" />
<project path="vendor/samsung/starlte" name="[COLOUR IN THE LINES]/proprietary_vendor_samsung_starlte" remote="github" revision="lineage-20" />
<project path="vendor/sony/akari" name="[COLOUR IN THE LINES]/proprietary_vendor_sony_akari" remote="github" revision="lineage-20" />
<project path="vendor/sony/akatsuki" name="[COLOUR IN THE LINES]/proprietary_vendor_sony_akatsuki" remote="github" revision="lineage-20" />
<project path="vendor/sony/aurora" name="[COLOUR IN THE LINES]/proprietary_vendor_sony_aurora" remote="github" revision="lineage-20" />
<project path="vendor/sony/tama-common" name="[COLOUR IN THE LINES]/proprietary_vendor_sony_tama-common" remote="github" revision="lineage-20" />
<project path="vendor/sony/xz2c" name="[COLOUR IN THE LINES]/proprietary_vendor_sony_xz2c" remote="github" revision="lineage-20" />
<project path="vendor/xiaomi/alioth" name="[COLOUR IN THE LINES]/proprietary_vendor_xiaomi_alioth" remote="github" revision="lineage-20" />
<project path="vendor/xiaomi/beryllium" name="[COLOUR IN THE LINES]/proprietary_vendor_xiaomi_beryllium" remote="github" revision="lineage-20" /> <project path="vendor/xiaomi/beryllium" name="[COLOUR IN THE LINES]/proprietary_vendor_xiaomi_beryllium" remote="github" revision="lineage-20" />
<project path="vendor/xiaomi/dipper" name="[COLOUR IN THE LINES]/proprietary_vendor_xiaomi_dipper" remote="github" revision="lineage-20" /> <project path="vendor/xiaomi/dipper" name="[COLOUR IN THE LINES]/proprietary_vendor_xiaomi_dipper" remote="github" revision="lineage-20" />
<project path="vendor/xiaomi/equuleus" name="[COLOUR IN THE LINES]/proprietary_vendor_xiaomi_equuleus" remote="github" revision="lineage-20" /> <project path="vendor/xiaomi/equuleus" name="[COLOUR IN THE LINES]/proprietary_vendor_xiaomi_equuleus" remote="github" revision="lineage-20" />
<project path="vendor/xiaomi/polaris" name="[COLOUR IN THE LINES]/proprietary_vendor_xiaomi_polaris" remote="github" revision="lineage-20" /> <project path="vendor/xiaomi/lmi" name="[COLOUR IN THE LINES]/proprietary_vendor_xiaomi_lmi" remote="github" revision="lineage-20" />
<project path="vendor/xiaomi/ursa" name="[COLOUR IN THE LINES]/proprietary_vendor_xiaomi_ursa" remote="github" revision="lineage-20" />
<project path="vendor/xiaomi/sdm845-common" name="[COLOUR IN THE LINES]/proprietary_vendor_xiaomi_sdm845-common" remote="github" revision="lineage-20" />
<project path="vendor/xiaomi/Mi8937" name="[COLOUR IN THE LINES]/proprietary_vendor_xiaomi_Mi8937" remote="github" revision="lineage-20" /> <project path="vendor/xiaomi/Mi8937" name="[COLOUR IN THE LINES]/proprietary_vendor_xiaomi_Mi8937" remote="github" revision="lineage-20" />
<project path="vendor/xiaomi/mithorium-common" name="[COLOUR IN THE LINES]/proprietary_vendor_xiaomi_mithorium-common" remote="github" revision="lineage-20" /> <project path="vendor/xiaomi/mithorium-common" name="[COLOUR IN THE LINES]/proprietary_vendor_xiaomi_mithorium-common" remote="github" revision="lineage-20" />
<project path="vendor/xiaomi/polaris" name="[COLOUR IN THE LINES]/proprietary_vendor_xiaomi_polaris" remote="github" revision="lineage-20" />
<project path="vendor/xiaomi/sdm845-common" name="[COLOUR IN THE LINES]/proprietary_vendor_xiaomi_sdm845-common" remote="github" revision="lineage-20" />
<project path="vendor/xiaomi/sm8250-common" name="[COLOUR IN THE LINES]/proprietary_vendor_xiaomi_sm8250-common" remote="github" revision="lineage-20" /> <project path="vendor/xiaomi/sm8250-common" name="[COLOUR IN THE LINES]/proprietary_vendor_xiaomi_sm8250-common" remote="github" revision="lineage-20" />
<project path="vendor/xiaomi/lmi" name="[COLOUR IN THE LINES]/proprietary_vendor_xiaomi_lmi" remote="github" revision="lineage-20" /> <project path="vendor/xiaomi/ursa" name="[COLOUR IN THE LINES]/proprietary_vendor_xiaomi_ursa" remote="github" revision="lineage-20" />
<project path="vendor/xiaomi/alioth" name="[COLOUR IN THE LINES]/proprietary_vendor_xiaomi_alioth" remote="github" revision="lineage-20" />
<project path="vendor/google/bluejay" name="[COLOUR IN THE LINES]/proprietary_vendor_google_bluejay" remote="gitlab" revision="lineage-20" />
<project path="vendor/google/cheetah" name="[COLOUR IN THE LINES]/proprietary_vendor_google_cheetah" remote="gitlab" revision="lineage-20" />
<project path="vendor/google/oriole" name="[COLOUR IN THE LINES]/proprietary_vendor_google_oriole" remote="gitlab" revision="lineage-20" />
<project path="vendor/google/panther" name="[COLOUR IN THE LINES]/proprietary_vendor_google_panther" remote="gitlab" revision="lineage-20" />
<project path="vendor/google/raven" name="[COLOUR IN THE LINES]/proprietary_vendor_google_raven" remote="gitlab" revision="lineage-20" />
<project path="vendor/sony/tama-common" name="[COLOUR IN THE LINES]/proprietary_vendor_sony_tama-common" remote="github" revision="lineage-20" />
<project path="vendor/sony/akari" name="[COLOUR IN THE LINES]/proprietary_vendor_sony_akari" remote="github" revision="lineage-20" />
<project path="vendor/sony/aurora" name="[COLOUR IN THE LINES]/proprietary_vendor_sony_aurora" remote="github" revision="lineage-20" />
<project path="vendor/sony/xz2c" name="[COLOUR IN THE LINES]/proprietary_vendor_sony_xz2c" remote="github" revision="lineage-20" />
<project path="vendor/sony/akatsuki" name="[COLOUR IN THE LINES]/proprietary_vendor_sony_akatsuki" remote="github" revision="lineage-20" />
<project path="vendor/essential/mata" name="[COLOUR IN THE LINES]/proprietary_vendor_essential_mata" remote="github" revision="lineage-20" />
</manifest> </manifest>

View File

@ -176,6 +176,7 @@ enableAVB "device/xiaomi/whyred";
#Kernel Changes #Kernel Changes
[[ -d kernel/essential/msm8998 ]] && sed -i 's/slotselect/slotselect,verify/' kernel/essential/msm8998/arch/arm64/boot/dts/essential/msm8998-mata-lineage.dtsi &>/dev/null; #/vendor [[ -d kernel/essential/msm8998 ]] && sed -i 's/slotselect/slotselect,verify/' kernel/essential/msm8998/arch/arm64/boot/dts/essential/msm8998-mata-lineage.dtsi &>/dev/null; #/vendor
[[ -d kernel/google/marlin ]] && sed -i 's/wait,slotselect/wait,slotselect,verify/' kernel/google/marlin/arch/arm64/boot/dts/htc/msm8996-htc-common.dtsi &>/dev/null; #/vendor
#[[ -d kernel/htc/flounder ]] && sed -i 's/wait/wait,verify/g' kernel/htc/flounder/arch/arm64/boot/dts/tegra132.dtsi &>/dev/null; #/system #XXX: no boot #[[ -d kernel/htc/flounder ]] && sed -i 's/wait/wait,verify/g' kernel/htc/flounder/arch/arm64/boot/dts/tegra132.dtsi &>/dev/null; #/system #XXX: no boot
[[ -d kernel/moto/shamu ]] && sed -i 's/wait/wait,verify/g' kernel/moto/shamu/arch/arm/boot/dts/qcom/apq8084.dtsi &>/dev/null; #/system [[ -d kernel/moto/shamu ]] && sed -i 's/wait/wait,verify/g' kernel/moto/shamu/arch/arm/boot/dts/qcom/apq8084.dtsi &>/dev/null; #/system
[[ -d kernel/oneplus/msm8996 ]] && sed -i 's/wait/wait,verify/g' kernel/oneplus/msm8996/arch/arm/boot/dts/qcom/15801/msm8996-mtp.dtsi &>/dev/null; #/system [[ -d kernel/oneplus/msm8996 ]] && sed -i 's/wait/wait,verify/g' kernel/oneplus/msm8996/arch/arm/boot/dts/qcom/15801/msm8996-mtp.dtsi &>/dev/null; #/system

View File

@ -54,7 +54,7 @@ commentPatches android_kernel_google_dragon.sh "0006-AndroidHardening-Kernel_Har
commentPatches android_kernel_google_crosshatch.sh "CVE-2020-0067"; commentPatches android_kernel_google_crosshatch.sh "CVE-2020-0067";
commentPatches android_kernel_google_gs101_private_gs-google.sh "CVE-2021-29648/^5.11/0001.patch"; commentPatches android_kernel_google_gs101_private_gs-google.sh "CVE-2021-29648/^5.11/0001.patch";
commentPatches android_kernel_google_gs201_private_gs-google.sh "CVE-2021-29648/^5.11/0001.patch"; commentPatches android_kernel_google_gs201_private_gs-google.sh "CVE-2021-29648/^5.11/0001.patch";
commentPatches android_kernel_google_marlin.sh "0001-LinuxIncrementals/3.18/3.18.0098-0099.patch" "0006-AndroidHardening-Kernel_Hardening/3.18/0048.patch" "0006-AndroidHardening-Kernel_Hardening/3.18/0049.patch" "CVE-2017-13162/3.18/0001.patch" "CVE-2017-14883" "CVE-2017-15951" "CVE-2018-17972" "CVE-2019-16746" "CVE-2020-0427" "CVE-2020-14381" "CVE-2020-16166" "CVE-2021-39715/ANY/0001.patch" "CVE-2022-42896/4.9"; commentPatches android_kernel_google_marlin.sh "0001-LinuxIncrementals/3.18/3.18.0098-0099.patch" "0006-AndroidHardening-Kernel_Hardening/3.18/0048.patch" "0006-AndroidHardening-Kernel_Hardening/3.18/0049.patch" "0008-Graphene-Kernel_Hardening-canaries/4.4/0002.patch" "CVE-2017-13162/3.18/0001.patch" "CVE-2017-14883" "CVE-2017-15951" "CVE-2018-17972" "CVE-2019-16746" "CVE-2020-0427" "CVE-2020-14381" "CVE-2020-16166" "CVE-2021-39715/ANY/0001.patch" "CVE-2022-42896/4.9";
commentPatches android_kernel_google_msm.sh "CVE-2017-11015/prima" "CVE-2021-Misc2/ANY/0031.patch"; commentPatches android_kernel_google_msm.sh "CVE-2017-11015/prima" "CVE-2021-Misc2/ANY/0031.patch";
commentPatches android_kernel_google_msm-4.9.sh "CVE-2019-19319" "CVE-2020-0067" "CVE-2020-1749" "CVE-2020-8992" "CVE-2021-30324" "CVE-2021-45469"; commentPatches android_kernel_google_msm-4.9.sh "CVE-2019-19319" "CVE-2020-0067" "CVE-2020-1749" "CVE-2020-8992" "CVE-2021-30324" "CVE-2021-45469";
commentPatches android_kernel_google_redbull.sh "CVE-2018-5873" "CVE-2021-3444" "CVE-2021-3600"; commentPatches android_kernel_google_redbull.sh "CVE-2018-5873" "CVE-2021-3444" "CVE-2021-3600";

View File

@ -565,10 +565,6 @@ if enterAndClear "device/zuk/msm8996-common"; then
awk -i inplace '!/WfdCommon/' msm8996.mk; #fix breakage awk -i inplace '!/WfdCommon/' msm8996.mk; #fix breakage
fi; fi;
if enterAndClear "kernel/google/marlin"; then
git revert --no-edit a17f0cc9d8f16df52d3cf3ff64b37bf477f589e5; #enable verity on /vendor
fi;
#Make changes to all devices #Make changes to all devices
cd "$DOS_BUILD_BASE"; cd "$DOS_BUILD_BASE";
find "hardware/qcom/gps" -name "gps\.conf" -type f -print0 | xargs -0 -n 1 -P 4 -I {} bash -c 'hardenLocationConf "{}"'; find "hardware/qcom/gps" -name "gps\.conf" -type f -print0 | xargs -0 -n 1 -P 4 -I {} bash -c 'hardenLocationConf "{}"';

View File

@ -396,6 +396,7 @@ if enterAndClear "system/sepolicy"; then
applyPatch "$DOS_PATCHES/android_system_sepolicy/0002-protected_files.patch"; #Label protected_{fifos,regular} as proc_security (GrapheneOS) applyPatch "$DOS_PATCHES/android_system_sepolicy/0002-protected_files.patch"; #Label protected_{fifos,regular} as proc_security (GrapheneOS)
applyPatch "$DOS_PATCHES/android_system_sepolicy/0003-ptrace_scope-1.patch"; #Allow init to control kernel.yama.ptrace_scope (GrapheneOS) applyPatch "$DOS_PATCHES/android_system_sepolicy/0003-ptrace_scope-1.patch"; #Allow init to control kernel.yama.ptrace_scope (GrapheneOS)
applyPatch "$DOS_PATCHES/android_system_sepolicy/0003-ptrace_scope-2.patch"; #Allow system to use persist.native_debug (GrapheneOS) applyPatch "$DOS_PATCHES/android_system_sepolicy/0003-ptrace_scope-2.patch"; #Allow system to use persist.native_debug (GrapheneOS)
#awk -i inplace '!/true cannot be used in user builds/' Android.mk; #Allow ignoring neverallows under -user
awk -i inplace '!/domain=gmscore_app/' private/seapp_contexts prebuilts/api/*/private/seapp_contexts; #Disable unused gmscore_app domain (GrapheneOS) awk -i inplace '!/domain=gmscore_app/' private/seapp_contexts prebuilts/api/*/private/seapp_contexts; #Disable unused gmscore_app domain (GrapheneOS)
fi; fi;