mirror of
https://github.com/Divested-Mobile/DivestOS-Build.git
synced 2024-10-01 01:35:54 -04:00
Churn
Signed-off-by: Tavi <tavi@divested.dev>
This commit is contained in:
Tavi
parent
450ad03159
commit
97ce53667f
@ -11,7 +11,7 @@ Subject: [PATCH] perform additional boot-time checks on system package updates
|
||||
create mode 100644 services/core/java/com/android/server/pm/PackageVerityExt.java
|
||||
|
||||
diff --git a/services/core/java/com/android/server/pm/InstallPackageHelper.java b/services/core/java/com/android/server/pm/InstallPackageHelper.java
|
||||
index a56ac9de6ebe..7d1eca4df94a 100644
|
||||
index 0ec70238ff64..adf3e172d192 100644
|
||||
--- a/services/core/java/com/android/server/pm/InstallPackageHelper.java
|
||||
+++ b/services/core/java/com/android/server/pm/InstallPackageHelper.java
|
||||
@@ -3827,6 +3827,13 @@ final class InstallPackageHelper {
|
||||
|
||||
@ -38,10 +38,10 @@ Such ops are being constructed due to another bug.
|
||||
1 file changed, 3 insertions(+), 5 deletions(-)
|
||||
|
||||
diff --git a/services/core/java/com/android/server/appop/AppOpsService.java b/services/core/java/com/android/server/appop/AppOpsService.java
|
||||
index 20f0c17bb9d9..748ff6bc0d0d 100644
|
||||
index 6fde3b531fbb..2d26cc53832f 100644
|
||||
--- a/services/core/java/com/android/server/appop/AppOpsService.java
|
||||
+++ b/services/core/java/com/android/server/appop/AppOpsService.java
|
||||
@@ -5193,15 +5193,13 @@ public class AppOpsService extends IAppOpsService.Stub {
|
||||
@@ -5231,15 +5231,13 @@ public class AppOpsService extends IAppOpsService.Stub {
|
||||
String lastPkg = null;
|
||||
for (int i=0; i<allOps.size(); i++) {
|
||||
AppOpsManager.PackageOps pkg = allOps.get(i);
|
||||
|
||||
@ -15,10 +15,10 @@ crashes.
|
||||
1 file changed, 3 insertions(+)
|
||||
|
||||
diff --git a/services/core/java/com/android/server/appop/AppOpsService.java b/services/core/java/com/android/server/appop/AppOpsService.java
|
||||
index 748ff6bc0d0d..f8feeaad0fa7 100644
|
||||
index 2d26cc53832f..425b36da5ed9 100644
|
||||
--- a/services/core/java/com/android/server/appop/AppOpsService.java
|
||||
+++ b/services/core/java/com/android/server/appop/AppOpsService.java
|
||||
@@ -5193,6 +5193,9 @@ public class AppOpsService extends IAppOpsService.Stub {
|
||||
@@ -5231,6 +5231,9 @@ public class AppOpsService extends IAppOpsService.Stub {
|
||||
String lastPkg = null;
|
||||
for (int i=0; i<allOps.size(); i++) {
|
||||
AppOpsManager.PackageOps pkg = allOps.get(i);
|
||||
|
||||
@ -1 +1 @@
|
||||
Subproject commit f30d8d85e75c2e0e2d983ace0971b954b7a759d7
|
||||
Subproject commit c3f6f9630e168a421f79c67b1a024c8914198f99
|
||||
@ -55,8 +55,8 @@ commentPatches android_kernel_google_bonito.sh "CVE-2020-0067";
|
||||
commentPatches android_kernel_google_coral.sh "CVE-2019-19319" "CVE-2020-1749" "CVE-2020-8992" "CVE-2021-30324";
|
||||
commentPatches android_kernel_google_dragon.sh "0006-AndroidHardening-Kernel_Hardening/3.18/0026.patch" "0008-Graphene-Kernel_Hardening-ro" "CVE-2015-4167" "CVE-2017-15951" "CVE-2016-1237" "CVE-2016-6198" "CVE-2017-7374" "CVE-2018-17972" "CVE-2019-2214" "CVE-2021-39715/ANY/0001.patch";
|
||||
commentPatches android_kernel_google_crosshatch.sh "CVE-2020-0067";
|
||||
commentPatches android_kernel_google_gs101_private_gs-google.sh "CVE-2021-29648/^5.11/0001.patch" "CVE-2023-6817/5.10/0002.patch" "CVE-2023-52462/5.10/0002.patch";
|
||||
commentPatches android_kernel_google_gs201_private_gs-google.sh "CVE-2021-29648/^5.11/0001.patch" "CVE-2023-6817/5.10/0002.patch" "CVE-2023-52462/5.10/0002.patch";
|
||||
commentPatches android_kernel_google_gs101_private_gs-google.sh "CVE-2021-29648/^5.11/0001.patch" "CVE-2023-6817/5.10/0002.patch" "CVE-2023-52462/5.10/0002.patch" "CVE-2024-26733/5.10/0002.patch";
|
||||
commentPatches android_kernel_google_gs201_private_gs-google.sh "CVE-2021-29648/^5.11/0001.patch" "CVE-2023-6817/5.10/0002.patch" "CVE-2023-52462/5.10/0002.patch" "CVE-2024-26733/5.10/0002.patch";
|
||||
commentPatches android_kernel_google_marlin.sh "0001-LinuxIncrementals/3.18/3.18.0098-0099.patch" "0006-AndroidHardening-Kernel_Hardening/3.18/0048.patch" "0006-AndroidHardening-Kernel_Hardening/3.18/0049.patch" "0008-Graphene-Kernel_Hardening-canaries/4.4/0002.patch" "CVE-2017-13162/3.18/0001.patch" "CVE-2017-14883" "CVE-2017-15951" "CVE-2018-17972" "CVE-2019-16746" "CVE-2020-0427" "CVE-2020-14381" "CVE-2020-16166" "CVE-2021-39715/ANY/0001.patch" "CVE-2022-42896/4.9";
|
||||
commentPatches android_kernel_google_msm.sh "CVE-2017-11015/prima" "CVE-2021-Misc2/ANY/0031.patch";
|
||||
commentPatches android_kernel_google_msm-4.9.sh "CVE-2019-19319" "CVE-2020-0067" "CVE-2020-1749" "CVE-2020-8992" "CVE-2021-30324" "CVE-2021-45469";
|
||||
|
||||
@ -544,7 +544,6 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26635/^6.7/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26636/^6.7/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26645/^6.8/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26651/^6.8/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26659/^6.8/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26663/^6.8/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26675/^6.8/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26679/^6.8/0002.patch
|
||||
|
||||
@ -633,7 +633,6 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26635/^6.7/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26636/^6.7/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26645/^6.8/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26651/^6.8/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26659/^6.8/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26663/^6.8/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26675/^6.8/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26679/^6.8/0002.patch
|
||||
|
||||
@ -130,7 +130,6 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26636/4.19/0003.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26643/^6.8/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26645/4.19/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26654/^6.8/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26659/^6.8/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26663/4.19/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26664/4.19/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26671/4.19/0002.patch
|
||||
|
||||
@ -130,7 +130,6 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26636/4.19/0003.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26643/^6.8/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26645/4.19/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26654/^6.8/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26659/^6.8/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26663/4.19/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26664/4.19/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26671/4.19/0002.patch
|
||||
|
||||
@ -309,7 +309,6 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26644/5.10/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26645/5.10/0003.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26651/5.10/0003.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26654/^6.8/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26659/5.10/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26663/5.10/0003.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26664/5.10/0003.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26665/5.10/0002.patch
|
||||
@ -330,7 +329,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26710/^6.8/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26712/5.10/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26720/5.10/0004.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26722/5.10/0003.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26733/5.10/0002.patch
|
||||
#git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26733/5.10/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26735/5.10/0003.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26736/5.10/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26743/5.10/0002.patch
|
||||
|
||||
@ -307,7 +307,6 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26644/5.10/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26645/5.10/0003.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26651/5.10/0003.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26654/^6.8/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26659/5.10/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26663/5.10/0003.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26664/5.10/0003.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26665/5.10/0002.patch
|
||||
@ -328,7 +327,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26710/^6.8/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26712/5.10/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26720/5.10/0004.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26722/5.10/0003.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26733/5.10/0002.patch
|
||||
#git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26733/5.10/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26735/5.10/0003.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26736/5.10/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26743/5.10/0002.patch
|
||||
|
||||
@ -111,7 +111,6 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26635/^6.7/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26636/^6.7/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26645/^6.8/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26651/^6.8/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26659/^6.8/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26663/^6.8/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26675/^6.8/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26679/^6.8/0002.patch
|
||||
|
||||
@ -280,7 +280,6 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26643/^6.8/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26645/4.19/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26651/4.19/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26654/^6.8/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26659/^6.8/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26663/4.19/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26664/4.19/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26671/4.19/0002.patch
|
||||
|
||||
@ -149,7 +149,6 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26643/^6.8/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26645/4.19/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26651/4.19/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26654/^6.8/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26659/^6.8/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26663/4.19/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26664/4.19/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26671/4.19/0002.patch
|
||||
|
||||
@ -600,7 +600,6 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26635/^6.7/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26636/^6.7/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26645/^6.8/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26651/^6.8/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26659/^6.8/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26663/^6.8/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26675/^6.8/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26679/^6.8/0002.patch
|
||||
|
||||
@ -128,7 +128,6 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26636/4.19/0003.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26643/^6.8/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26645/4.19/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26654/^6.8/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26659/^6.8/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26663/4.19/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26664/4.19/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26671/4.19/0002.patch
|
||||
|
||||
@ -95,7 +95,6 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26643/^6.8/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26645/5.4/0005.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26651/5.4/0005.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26654/^6.8/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26659/^6.8/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26663/5.4/0005.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26664/5.4/0005.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26671/5.4/0005.patch
|
||||
|
||||
@ -121,7 +121,6 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26635/^6.7/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26636/^6.7/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26645/^6.8/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26651/^6.8/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26659/^6.8/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26663/^6.8/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26675/^6.8/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26679/^6.8/0002.patch
|
||||
|
||||
@ -130,7 +130,6 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26636/4.19/0003.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26643/^6.8/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26645/4.19/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26654/^6.8/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26659/^6.8/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26663/4.19/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26664/4.19/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26671/4.19/0002.patch
|
||||
|
||||
@ -126,7 +126,6 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26635/^6.7/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26636/^6.7/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26645/^6.8/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26651/^6.8/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26659/^6.8/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26663/^6.8/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26675/^6.8/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26679/^6.8/0002.patch
|
||||
|
||||
@ -97,6 +97,7 @@ applyPatch "$DOS_PATCHES/android_build/0004-Selective_APEX.patch"; #Only enable
|
||||
sed -i '75i$(my_res_package): PRIVATE_AAPT_FLAGS += --auto-add-overlay' core/aapt2.mk; #Enable auto-add-overlay for packages, this allows the vendor overlay to easily work across all branches.
|
||||
sed -i 's/PLATFORM_MIN_SUPPORTED_TARGET_SDK_VERSION := 23/PLATFORM_MIN_SUPPORTED_TARGET_SDK_VERSION := 28/' core/version_util.mk; #Set the minimum supported target SDK to Pie (GrapheneOS)
|
||||
#sed -i 's/PRODUCT_OTA_ENFORCE_VINTF_KERNEL_REQUIREMENTS := true/PRODUCT_OTA_ENFORCE_VINTF_KERNEL_REQUIREMENTS := false/' core/product_config.mk; #broken by hardenDefconfig
|
||||
sed -i 's/2024-03-05/2024-04-05/' core/version_defaults.mk; #Bump Security String #T_asb_2024-04
|
||||
fi;
|
||||
|
||||
if enterAndClear "build/soong"; then
|
||||
|
||||
Loading…
Reference in New Issue
Block a user