diff --git a/Scripts/Common/Functions.sh b/Scripts/Common/Functions.sh index f1d953ee..92b0c2cf 100644 --- a/Scripts/Common/Functions.sh +++ b/Scripts/Common/Functions.sh @@ -186,7 +186,6 @@ processRelease() { "${VERITY_SWITCHES[@]}" \ $OUT_DIR/obj/PACKAGING/target_files_intermediates/*$DEVICE-target_files-*.zip \ $OUT_DIR/$PREFIX-target_files.zip; - md5sum $OUT_DIR/$PREFIX-target_files.zip > $OUT_DIR/$PREFIX-target_files.zip.md5sum; sha512sum $OUT_DIR/$PREFIX-target_files.zip > $OUT_DIR/$PREFIX-target_files.zip.sha512sum; local INCREMENTAL_ID=$(grep "ro.build.version.incremental" $OUT_DIR/system/build.prop | cut -f2 -d "=" | sed 's/\.//g'); echo $INCREMENTAL_ID > $OUT_DIR/$PREFIX-target_files.zip.id; @@ -196,7 +195,6 @@ processRelease() { echo -e "\e[0;32mCreating fastboot image\e[0m"; build/tools/releasetools/img_from_target_files $OUT_DIR/$PREFIX-target_files.zip \ $OUT_DIR/$PREFIX-fastboot.zip || exit 1; - md5sum $OUT_DIR/$PREFIX-fastboot.zip > $OUT_DIR/$PREFIX-fastboot.zip.md5sum; sha512sum $OUT_DIR/$PREFIX-fastboot.zip > $OUT_DIR/$PREFIX-fastboot.zip.sha512sum; fi @@ -218,7 +216,6 @@ processRelease() { "$LAST_TARGET_FILES" \ $OUT_DIR/$PREFIX-target_files.zip \ $OUT_DIR/$PREFIX-incremental_$LAST_INCREMENTAL_ID.zip; - md5sum $OUT_DIR/$PREFIX-incremental_$LAST_INCREMENTAL_ID.zip > $OUT_DIR/$PREFIX-incremental_$LAST_INCREMENTAL_ID.zip.md5sum; sha512sum $OUT_DIR/$PREFIX-incremental_$LAST_INCREMENTAL_ID.zip > $OUT_DIR/$PREFIX-incremental_$LAST_INCREMENTAL_ID.zip.sha512sum; fi; done; @@ -232,14 +229,12 @@ processRelease() { mkdir $OUT_DIR/rec_tmp; unzip $OUT_DIR/$PREFIX-target_files.zip IMAGES/recovery.img -d $OUT_DIR/rec_tmp; mv $OUT_DIR/rec_tmp/IMAGES/recovery.img $OUT_DIR/$PREFIX-recovery.img; - md5sum $OUT_DIR/$PREFIX-recovery.img > $OUT_DIR/$PREFIX-recovery.img.md5sum; sha512sum $OUT_DIR/$PREFIX-recovery.img > $OUT_DIR/$PREFIX-recovery.img.sha512sum; #else # echo -e "\e[0;32mExtracting signed boot.img\e[0m"; # mkdir $OUT_DIR/rec_tmp; # unzip $OUT_DIR/$PREFIX-target_files.zip IMAGES/boot.img -d $OUT_DIR/rec_tmp; # mv $OUT_DIR/rec_tmp/IMAGES/boot.img $OUT_DIR/$PREFIX-boot.img; - # md5sum $OUT_DIR/$PREFIX-boot.img > $OUT_DIR/$PREFIX-boot.img.md5sum; # sha512sum $OUT_DIR/$PREFIX-boot.img > $OUT_DIR/$PREFIX-boot.img.sha512sum; fi; diff --git a/Scripts/LineageOS-14.1/Functions.sh b/Scripts/LineageOS-14.1/Functions.sh index bb3de69e..d0c32d20 100644 --- a/Scripts/LineageOS-14.1/Functions.sh +++ b/Scripts/LineageOS-14.1/Functions.sh @@ -119,7 +119,7 @@ patchWorkspace() { repopick -it n_asb_09-2018-qcom; repopick -it ibss-mode-nougat; repopick -it n-netd; - repopick -it n-asb-2020-07; + repopick -i 280667 280668 280669; #n-asb-2020-07 export DOS_GRAPHENE_MALLOC=false; #patches apply, compile fails diff --git a/Scripts/LineageOS-14.1/Patch.sh b/Scripts/LineageOS-14.1/Patch.sh index a667b8ae..cb6eee0c 100644 --- a/Scripts/LineageOS-14.1/Patch.sh +++ b/Scripts/LineageOS-14.1/Patch.sh @@ -75,8 +75,8 @@ enterAndClear "device/qcom/sepolicy"; patch -p1 < "$DOS_PATCHES/android_device_qcom_sepolicy/248649.patch"; #msm_irqbalance: Allow read for stats and interrupts patch -p1 < "$DOS_PATCHES/android_device_qcom_sepolicy/0001-Camera_Fix.patch"; #Fix camera on user builds XXX: REMOVE THIS TRASH -enterAndClear "external/libexif"; -git fetch "https://github.com/LineageOS/android_external_libexif" refs/changes/18/275018/1 && git cherry-pick FETCH_HEAD; #n-asb-2020-05 +enterAndClear "external/dng_sdk"; +git pull "https://github.com/LineageOS/android_external_dng_sdk" refs/changes/66/280666/1 #n-asb-2020-07 enterAndClear "external/sqlite"; patch -p1 < "$DOS_PATCHES/android_external_sqlite/0001-Secure_Delete.patch"; #Enable secure_delete by default (CopperheadOS-13.0) diff --git a/Scripts/LineageOS-15.1/Functions.sh b/Scripts/LineageOS-15.1/Functions.sh index 8b1d3de0..f2aada76 100644 --- a/Scripts/LineageOS-15.1/Functions.sh +++ b/Scripts/LineageOS-15.1/Functions.sh @@ -61,7 +61,7 @@ buildAll() { buildDevice Z00T; #broken - needs vendor patching buildDevice axon7; #broken - needs vendor patching buildDevice us997; - buildDevice flounder verity; #broken encryption (?) + buildDevice flounder verity; buildDevice dragon verity; #The following are all superseded, and should only be enabled if the newer version is broken (not building/booting/etc.) @@ -105,7 +105,7 @@ patchWorkspace() { if [ "$DOS_MALWARE_SCAN_ENABLED" = true ]; then scanForMalware false "$DOS_PREBUILT_APPS $DOS_BUILD_BASE/build $DOS_BUILD_BASE/device $DOS_BUILD_BASE/vendor/lineage"; fi; source build/envsetup.sh; - repopick -it O_asb_2020-07; + repopick -i 280662 280664; #O_asb_2020-07 export DOS_GRAPHENE_MALLOC=false; #patches apply, compile fails diff --git a/Scripts/LineageOS-15.1/Patch.sh b/Scripts/LineageOS-15.1/Patch.sh index 7c738da1..7f400816 100644 --- a/Scripts/LineageOS-15.1/Patch.sh +++ b/Scripts/LineageOS-15.1/Patch.sh @@ -68,6 +68,7 @@ enterAndClear "build/make"; patch -p1 < "$DOS_PATCHES_COMMON/android_build/0001-OTA_Keys.patch"; #add correct keys to recovery for OTA verification awk -i inplace '!/PRODUCT_EXTRA_RECOVERY_KEYS/' core/product.mk; sed -i '57i$(my_res_package): PRIVATE_AAPT_FLAGS += --auto-add-overlay' core/aapt2.mk; +sed -i 's/2020-06-05/2020-07-05/' core/version_defaults.mk; #O_asb_2020-07 enterAndClear "device/lineage/sepolicy"; git revert --no-edit 9c28a0dfb91bb468515e123b1aaf3fcfc007b82f; #neverallow violation - breaks backuptool @@ -77,6 +78,9 @@ git revert --no-edit c9b0d95630b82cd0ad1a0fc633c6d59c2cb8aad7 37422f7df389f3ae5a enterAndClear "device/qcom/sepolicy"; patch -p1 < "$DOS_PATCHES/android_device_qcom_sepolicy/0001-Camera_Fix.patch"; #Fix camera on -user builds XXX: REMOVE THIS TRASH +enterAndClear "external/dng_sdk"; +git pull "https://github.com/LineageOS/android_external_dng_sdk" refs/changes/63/280663/1; #O_asb_2020-07 + enterAndClear "external/svox"; git revert --no-edit 1419d63b4889a26d22443fd8df1f9073bf229d3d; #Add back Makefiles diff --git a/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_oneplus_msm8998.sh b/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_oneplus_msm8998.sh index 9f1a03d0..ec2aa03a 100644 --- a/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_oneplus_msm8998.sh +++ b/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_oneplus_msm8998.sh @@ -55,12 +55,11 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19054/^5.3.11/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19073/^5.3.11/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19074/^5.3.11/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11608/^5.6.1/0001.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-15393/^5.7.6/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6693/ANY/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6696/ANY/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13096/^4.17.3/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10622/ANY/0002.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11608/^5.6.1/0001.patch -editKernelLocalversion "-dos.p62" +editKernelLocalversion "-dos.p61" cd "$DOS_BUILD_BASE" diff --git a/Scripts/LineageOS-16.0/Functions.sh b/Scripts/LineageOS-16.0/Functions.sh index 6e9fe77f..b0355e1b 100644 --- a/Scripts/LineageOS-16.0/Functions.sh +++ b/Scripts/LineageOS-16.0/Functions.sh @@ -58,7 +58,7 @@ buildAll() { #SDS4P #buildDevice flo; #broken encryption #SD800 - buildDevice hammerhead; #broken + buildDevice hammerhead; #broken sepolicy #SD801 buildDevice bacon; buildDevice ham; @@ -67,14 +67,12 @@ buildAll() { buildDevice ether; #SD615 buildDevice kipper; - #SD820 - buildDevice z2_plus verity; #broken #SD625 - buildDevice zenfone3; #needs manual patching - fwb xml: fused: dangling tag + buildDevice zenfone3; #broken - ninja: error: 'android.hidl.base@1.0.so', missing and no known rule to make it #Samsung - buildDeviceUserDebug i9100; #broken + buildDeviceUserDebug i9100; #broken - many errors in hardware/samsung/exynos4 #Intel - buildDevice fugu; #broken + buildDevice fugu; #broken - ninja: error: 'libpcre2.so' missing and no known rule to make it buildDevice cheeseburger verity; #needs manual patching - vendor common makefile buildDevice dumpling verity; @@ -100,12 +98,12 @@ buildAll() { #SD820 buildDevice oneplus3 verity; buildDevice griffin; + buildDevice z2_plus verity; #SD821 buildDevice marlin verity; buildDevice sailfish verity; #SD835 buildDevice cheryl; - buildDevice mata verity; buildDevice taimen avb; buildDevice walleye avb; @@ -126,7 +124,6 @@ patchWorkspace() { source build/envsetup.sh; repopick -i 232948; #wahoo: liblight: close fd - repopick -it P_asb_2020-07; source "$DOS_SCRIPTS/Patch.sh"; source "$DOS_SCRIPTS/Defaults.sh"; diff --git a/Scripts/LineageOS-16.0/Patch.sh b/Scripts/LineageOS-16.0/Patch.sh index d342b0a1..68da3cb1 100644 --- a/Scripts/LineageOS-16.0/Patch.sh +++ b/Scripts/LineageOS-16.0/Patch.sh @@ -232,6 +232,9 @@ git revert --no-edit dbebbce20b2b303fe13f7078ef54154f9dd5d9e2; #fix nfc path enterAndClear "device/lge/d855"; git revert --no-edit 9a5739e66d0a44347881807c0cc44d7c318c02b8; #fix nfc path +enterAndClear "device/lge/hammerhead"; +rm -rf bdAddrLoader; #duplicate with mako + enterAndClear "device/lge/mako"; #git revert ; #restore releasetools #TODO smallerSystem; @@ -255,6 +258,9 @@ awk -i inplace '!/TARGET_RELEASETOOLS_EXTENSIONS/' BoardConfigCommon.mk; #disabl enterAndClear "device/oppo/msm8974-common"; sed -i "s/TZ.BF.2.0-2.0.0134/TZ.BF.2.0-2.0.0134|TZ.BF.2.0-2.0.0137/" board-info.txt; #Suport new TZ firmware https://review.lineageos.org/#/c/178999/ +enterAndClear "device/zuk/msm8996-common"; +awk -i inplace '!/WfdCommon/' msm8996.mk; #fix breakage + enterAndClear "kernel/google/marlin"; git revert --no-edit 568f99db3c9a590912f533fa734c46cf7a25dcbd; #Resurrect dm-verity diff --git a/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_moto_shamu.sh b/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_moto_shamu.sh index 8c4ab346..6fcbc666 100644 --- a/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_moto_shamu.sh +++ b/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_moto_shamu.sh @@ -55,7 +55,6 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0537/ANY/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0627/ANY/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0648/ANY/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0824/ANY/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-5972/ANY/0002.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-6345/^4.9.13/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7487/^4.11.1/0001.patch @@ -129,7 +128,6 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19965/^5.4.6/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19966/^5.1.6/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20054/^5.0.6/0002.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20096/^5.1/0001.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20636/^5.4.12/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-8649/^5.5.2/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-9383/^5.5.6/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11565/^5.6.2/0001.patch @@ -147,5 +145,5 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2475/ANY/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10622/ANY/0002.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11608/^5.6.1/0001.patch -editKernelLocalversion "-dos.p147" +editKernelLocalversion "-dos.p145" cd "$DOS_BUILD_BASE" diff --git a/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_motorola_msm8916.sh.disabled b/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_motorola_msm8916.sh.disabled index dd71e6d3..c6956544 100644 --- a/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_motorola_msm8916.sh.disabled +++ b/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_motorola_msm8916.sh.disabled @@ -3,13 +3,13 @@ cd "$DOS_BUILD_BASE""kernel/motorola/msm8916" #git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/3.10/3.10.0050-0051.patch --exclude=Makefile git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/3.10/3.10.0052-0053.patch --exclude=Makefile git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/3.10/3.10.0053-0054.patch --exclude=Makefile -git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/3.10/3.10.0087-0088.patch --exclude=Makefile git apply $DOS_PATCHES_LINUX_CVES/0002-Misc_Fixes/ANY/0004.patch git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc/ANY/0009.patch git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc2/ANY/0001.patch git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc2/ANY/0004.patch git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.10/0004-No_dir-relax.patch git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.10/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.10/0006.patch git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.10/0007.patch git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.10/0008.patch git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.10/0009.patch @@ -22,7 +22,6 @@ git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.10/0015.pat git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.10/0016.patch git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.10/0017.patch git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.10/0018.patch -git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/ANY/0001.patch git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.10+/0011.patch git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.10+/0012.patch git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.10+/0013.patch @@ -44,11 +43,9 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-8134/^3.18/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-8369/^3.17.2/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-8884/^3.17.4/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-9419/^3.18.1/0001.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-9420/^3.18.1/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-9584/^3.18.2/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-9728/^3.18.2/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-9730/^3.18.2/0001.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-9781/ANY/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-1339/^4.4/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-1421/^3.18.8/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-1593/^3.19.1/0001.patch @@ -70,9 +67,6 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8709/^4.4.1/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8746/^4.2.2/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8812/^4.5/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8844/^4.3.5/0001.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8950/ANY/0001.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8955/^4.1/0001.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8967/^4.0/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-9289/^4.1.4/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2085/^4.5/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2117/^4.5.2/0001.patch @@ -80,23 +74,16 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2543/^4.4.1/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2782/^4.5/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3137/^4.5.1/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3857/ANY/0001.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3865/ANY/0001.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3865/ANY/0002.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3892/ANY/0001.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3894/ANY/0001.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3902/ANY/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-4580/^4.5.5/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-4913/^4.5.5/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5244/^4.6.3/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5828/^4.6.3/0001.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5858/ANY/0001.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5858/ANY/0002.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6480/^4.7/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6672/ANY/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6693/ANY/0001.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6694/ANY/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6696/ANY/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-7117/^4.5.2/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8394/ANY/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8481/ANY/0003.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8633/^4.8.7/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8646/^4.3.6/0001.patch @@ -106,36 +93,32 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-9576/3.10/0002.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0005.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0006.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0524/ANY/0001.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0648/ANY/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0861/3.10/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-5972/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-6001/^4.9.7/0002.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-6345/^4.9.13/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-6348/^4.9.13/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7261/^4.10.5/0001.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7533/3.10/0003.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7541/3.10/0002.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7645/^4.10.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8281/3.10/0003.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8824/^4.14.3/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8925/^4.10.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9723/ANY/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9984/^4.11.7/0001.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11089/ANY/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11176/^4.11.9/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11473/^4.12.2/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11600/3.10/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-12762/^4.12/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13218/3.10/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13218/3.10/0002.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13218/3.10/0003.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13218/3.10/0004.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13246/ANY/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13694/^4.12.9/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13695/^4.12.9/0001.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14106/^4.12/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14489/^4.13.2/0001.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-15837/ANY/0002.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16526/^4.13.6/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16532/^4.13.11/0001.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16534/ANY/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16537/^4.13.11/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16538/^4.13.11/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16538/^4.13.11/0002.patch @@ -147,13 +130,10 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18079/^4.12.4/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18203/^4.14.3/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18255/^4.11/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18360/^4.11.3/0001.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18595/^4.14.11/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000252/^4.13.3/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000363/ANY/0001.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000410/ANY/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-1068/ANY/0002.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-1092/^4.15.15/0001.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-3563/3.10/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5332/^4.14.13/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5333/^4.14.13/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5390/3.10/0001.patch @@ -163,10 +143,6 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7273/^4.15.4/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7492/^4.14.7/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7757/^4.15.7/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-8781/^4.15/0001.patch -#git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9514/ANY/0001.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9515/ANY/0001.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9516/ANY/0001.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9518/ANY/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10021/^4.16/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10087/^4.13/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10124/^4.13/0001.patch @@ -178,8 +154,6 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10881/ANY/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10882/3.10/0002.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10883/ANY/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10940/^4.16.6/0001.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11987/ANY/0001.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13053/^4.17.3/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-14634/ANY/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-14734/^4.17.11/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-15594/^4.18.1/0001.patch @@ -192,23 +166,17 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-1000199/^3.18/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2001/^3.10/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2101/ANY/0002.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2331/ANY/0002.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2341/ANY/0001.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-3459/^5.1/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-8912/^4.20.11/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10142/ANY/0001.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10491/ANY/0002.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10497/ANY/0001.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10519/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10503/ANY/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10622/ANY/0002.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11486/^5.0.8/0001.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11884/^5.0.15/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12456/^5.1.5/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-13631/^5.2.1/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14038/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14039/ANY/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14040/ANY/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14041/ANY/0001.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14055/ANY/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15098/^5.2.8/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15212/^5.1.8/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15213/^5.2.3/0001.patch @@ -228,9 +196,6 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19528/^5.3.7/0002.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19536/^5.2.9/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19965/^5.4.6/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19966/^5.1.6/0001.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20054/^5.0.6/0001.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20054/^5.0.6/0002.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20096/^5.1/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20636/^5.4.12/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-8649/^5.5.2/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-9383/^5.5.6/0001.patch @@ -238,11 +203,14 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11565/^5.6.2/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11608/^5.6.1/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11609/^5.6.1/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11668/^5.6.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-12656/^5.6.10/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-13143/^5.6.13/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-15393/^5.7.6/0001.patch git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/1035495_0001-cnss-Add-NULL-check-for-PM-related-APIs.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6693/ANY/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6696/ANY/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10622/ANY/0002.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11608/^5.6.1/0001.patch -editKernelLocalversion "-dos.p244" +editKernelLocalversion "-dos.p212" cd "$DOS_BUILD_BASE" diff --git a/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_oneplus_msm8998.sh b/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_oneplus_msm8998.sh index 9f1a03d0..ec2aa03a 100644 --- a/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_oneplus_msm8998.sh +++ b/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_oneplus_msm8998.sh @@ -55,12 +55,11 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19054/^5.3.11/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19073/^5.3.11/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19074/^5.3.11/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11608/^5.6.1/0001.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-15393/^5.7.6/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6693/ANY/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6696/ANY/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13096/^4.17.3/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10622/ANY/0002.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11608/^5.6.1/0001.patch -editKernelLocalversion "-dos.p62" +editKernelLocalversion "-dos.p61" cd "$DOS_BUILD_BASE" diff --git a/Scripts/LineageOS-17.1/Functions.sh b/Scripts/LineageOS-17.1/Functions.sh index 62da8562..2483bdb0 100644 --- a/Scripts/LineageOS-17.1/Functions.sh +++ b/Scripts/LineageOS-17.1/Functions.sh @@ -59,7 +59,7 @@ buildAll() { buildDevice mako; #SD410 buildDevice crackling; - #buildDevice osprey; #broken vendor by deblobber, breaks build for all devices + #buildDevice osprey; #needs manual patching + more - mkdir proprietary/priv-app && cp -r proprietary/system/priv-app/qcrilmsgtunnel proprietary/priv-app/ #SD600 buildDevice jfltexx; #SD800 @@ -75,11 +75,11 @@ buildAll() { #SD810 buildDevice oneplus2; #SD820 - buildDevice h850; #failed to find dex jar path for module "WfdCommon" + buildDevice h850; #needs manual patching + more - rm vendor/lge/v20-common/Android.bp buildDevice us996; buildDevice griffin; buildDevice oneplus3 verity; - buildDevice z2_plus verity; #broken + buildDevice z2_plus verity; #SD821 buildDevice marlin verity; buildDevice sailfish verity; @@ -107,7 +107,6 @@ patchWorkspace() { if [ "$DOS_MALWARE_SCAN_ENABLED" = true ]; then scanForMalware false "$DOS_PREBUILT_APPS $DOS_BUILD_BASE/build $DOS_BUILD_BASE/device $DOS_BUILD_BASE/vendor/lineage"; fi; #source build/envsetup.sh; - #repopick -it android-10.0.0_r40; source "$DOS_SCRIPTS/Patch.sh"; source "$DOS_SCRIPTS/Defaults.sh"; diff --git a/Scripts/LineageOS-17.1/Patch.sh b/Scripts/LineageOS-17.1/Patch.sh index 9ca1d807..5cf6b729 100644 --- a/Scripts/LineageOS-17.1/Patch.sh +++ b/Scripts/LineageOS-17.1/Patch.sh @@ -238,6 +238,7 @@ echo "pmf=0" >> wifi/wpa_supplicant_overlay.conf; #Wi-Fi chipset doesn't support enterAndClear "device/lge/msm8996-common"; sed -i '3itypeattribute hwaddrs misc_block_device_exception;' sepolicy/hwaddrs.te; +awk -i inplace '!/WfdCommon/' msm8996.mk; #fix breakage #enterAndClear "device/moto/shamu"; #git revert --no-edit 05fb49518049440f90423341ff25d4f75f10bc0c; #restore releasetools #TODO @@ -252,6 +253,9 @@ awk -i inplace '!/TARGET_RELEASETOOLS_EXTENSIONS/' BoardConfigCommon.mk; #disabl enterAndClear "device/oppo/common"; awk -i inplace '!/TARGET_RELEASETOOLS_EXTENSIONS/' BoardConfigCommon.mk; #disable releasetools to fix delta ota generation +enterAndClear "device/zuk/msm8996-common"; +awk -i inplace '!/WfdCommon/' msm8996.mk; #fix breakage + enterAndClear "kernel/google/marlin"; git revert --no-edit dd4a454f080f60cc7c4f5cc281a48cba80947baf; #Resurrect dm-verity