From 9a4c02c3dcc1e3ccef2071d680966550195507b4 Mon Sep 17 00:00:00 2001 From: Tad Date: Sat, 17 Jul 2021 23:14:34 -0400 Subject: [PATCH] Tiny tweaks --- Patches/Linux | 2 +- Scripts/LineageOS-14.1/Functions.sh | 1 - Scripts/LineageOS-15.1/Functions.sh | 3 +-- Scripts/LineageOS-15.1/Patch.sh | 8 -------- Scripts/LineageOS-16.0/Functions.sh | 3 +-- Scripts/LineageOS-16.0/Patch.sh | 8 -------- Scripts/LineageOS-17.1/Functions.sh | 1 + .../CVE_Patchers/android_kernel_lge_msm8996.sh | 3 ++- .../CVE_Patchers/android_kernel_moto_shamu.sh | 3 +-- .../android_kernel_oneplus_msm8996.sh | 3 ++- .../android_kernel_oneplus_msm8998.sh | 17 +---------------- Scripts/init.sh | 2 +- 12 files changed, 11 insertions(+), 43 deletions(-) diff --git a/Patches/Linux b/Patches/Linux index 429f8531..cb3bd4a5 160000 --- a/Patches/Linux +++ b/Patches/Linux @@ -1 +1 @@ -Subproject commit 429f853106432f026b619ff367d3140185802b26 +Subproject commit cb3bd4a586451f9d1f1fc7f3353ab44d57c78b94 diff --git a/Scripts/LineageOS-14.1/Functions.sh b/Scripts/LineageOS-14.1/Functions.sh index f8fb072c..65036a83 100644 --- a/Scripts/LineageOS-14.1/Functions.sh +++ b/Scripts/LineageOS-14.1/Functions.sh @@ -97,7 +97,6 @@ patchWorkspace() { if [ "$DOS_MALWARE_SCAN_ENABLED" = true ]; then scanForMalware false "$DOS_PREBUILT_APPS $DOS_BUILD_BASE/build $DOS_BUILD_BASE/device $DOS_BUILD_BASE/vendor/cm"; fi; source build/envsetup.sh; #repopick -it bt-sbc-hd-dualchannel-nougat; - repopick -it n-asb-2021-06; repopick -it n-asb-2021-07; source "$DOS_SCRIPTS/Patch.sh"; diff --git a/Scripts/LineageOS-15.1/Functions.sh b/Scripts/LineageOS-15.1/Functions.sh index d1f2156b..e4be102a 100644 --- a/Scripts/LineageOS-15.1/Functions.sh +++ b/Scripts/LineageOS-15.1/Functions.sh @@ -85,8 +85,7 @@ patchWorkspace() { umask 0022; if [ "$DOS_MALWARE_SCAN_ENABLED" = true ]; then scanForMalware false "$DOS_PREBUILT_APPS $DOS_BUILD_BASE/build $DOS_BUILD_BASE/device $DOS_BUILD_BASE/vendor/lineage"; fi; - source build/envsetup.sh; - repopick -it O_asb_2021-07; + #source build/envsetup.sh; source "$DOS_SCRIPTS/Patch.sh"; source "$DOS_SCRIPTS_COMMON/Copy_Keys.sh"; diff --git a/Scripts/LineageOS-15.1/Patch.sh b/Scripts/LineageOS-15.1/Patch.sh index b126de13..18455171 100644 --- a/Scripts/LineageOS-15.1/Patch.sh +++ b/Scripts/LineageOS-15.1/Patch.sh @@ -125,10 +125,6 @@ awk -i inplace '!/\|\| context.getResources\(\).getBoolean\(/' service/java/com/ awk -i inplace '!/com.android.internal.R.bool.config_permissionReviewRequired/' service/java/com/android/server/wifi/WifiServiceImpl.java; fi; -if enterAndClear "frameworks/opt/net/voip"; then -git pull "https://github.com/LineageOS/android_frameworks_opt_net_voip" refs/changes/47/313347/1; #O_asb_2021-07 -fi; - if enterAndClear "hardware/qcom/display"; then git apply "$DOS_PATCHES_COMMON/android_hardware_qcom_display/CVE-2019-2306-msm8084.patch" --directory msm8084; git apply "$DOS_PATCHES_COMMON/android_hardware_qcom_display/CVE-2019-2306-msm8916.patch" --directory msm8226; @@ -226,10 +222,6 @@ git revert --no-edit a6a4ce8e9a6d63014047a447c6bb3ac1fa90b3f4; #Always update re patch -p1 < "$DOS_PATCHES/android_system_core/0001-Harden.patch"; #Harden mounts with nodev/noexec/nosuid + misc sysctl changes (GrapheneOS) fi; -if enterAndClear "system/libfmq"; then -git pull "https://github.com/LineageOS/android_system_libfmq" refs/changes/57/313357/1; #O_asb_2021-07 -fi; - if enterAndClear "system/sepolicy"; then patch -p1 < "$DOS_PATCHES/android_system_sepolicy/0001-LGE_Fixes.patch"; #Fix -user builds for LGE devices patch -p1 < "$DOS_PATCHES/android_system_sepolicy/0001-LGE_Fixes.patch" --directory="prebuilts/api/26.0"; diff --git a/Scripts/LineageOS-16.0/Functions.sh b/Scripts/LineageOS-16.0/Functions.sh index c4d31722..4b81be72 100644 --- a/Scripts/LineageOS-16.0/Functions.sh +++ b/Scripts/LineageOS-16.0/Functions.sh @@ -75,9 +75,8 @@ patchWorkspace() { umask 0022; if [ "$DOS_MALWARE_SCAN_ENABLED" = true ]; then scanForMalware false "$DOS_PREBUILT_APPS $DOS_BUILD_BASE/build $DOS_BUILD_BASE/device $DOS_BUILD_BASE/vendor/lineage"; fi; - source build/envsetup.sh; + #source build/envsetup.sh; #repopick -it pie-firewall; - repopick -it P_asb_2021-07; source "$DOS_SCRIPTS/Patch.sh"; source "$DOS_SCRIPTS_COMMON/Copy_Keys.sh"; diff --git a/Scripts/LineageOS-16.0/Patch.sh b/Scripts/LineageOS-16.0/Patch.sh index dd7a2f32..ca55933f 100644 --- a/Scripts/LineageOS-16.0/Patch.sh +++ b/Scripts/LineageOS-16.0/Patch.sh @@ -129,10 +129,6 @@ patch -p1 < "$DOS_PATCHES/android_frameworks_opt_net_ims/0001-Fix_Calling.patch" fi; fi; -if enterAndClear "frameworks/opt/net/voip"; then -git pull "https://github.com/LineageOS/android_frameworks_opt_net_voip" refs/changes/31/313331/1; #P_asb_2021-07 -fi; - if enterAndClear "hardware/qcom/display"; then git apply "$DOS_PATCHES_COMMON/android_hardware_qcom_display/CVE-2019-2306-msm8084.patch" --directory msm8084; git apply "$DOS_PATCHES_COMMON/android_hardware_qcom_display/CVE-2019-2306-msm8916.patch" --directory msm8226; @@ -241,10 +237,6 @@ if enterAndClear "system/extras"; then patch -p1 < "$DOS_PATCHES/android_system_extras/0001-ext4_pad_filenames.patch"; #FBE: pad filenames more (GrapheneOS) fi; -if enterAndClear "system/libfmq"; then -git pull "https://github.com/LineageOS/android_system_libfmq" refs/changes/41/313341/1; #P_asb_2021-07 -fi; - if enterAndClear "system/sepolicy"; then patch -p1 < "$DOS_PATCHES/android_system_sepolicy/0001-LGE_Fixes.patch"; #Fix -user builds for LGE devices patch -p1 < "$DOS_PATCHES/android_system_sepolicy/0001-LGE_Fixes.patch" --directory="prebuilts/api/28.0"; diff --git a/Scripts/LineageOS-17.1/Functions.sh b/Scripts/LineageOS-17.1/Functions.sh index b91252e1..8fea4669 100644 --- a/Scripts/LineageOS-17.1/Functions.sh +++ b/Scripts/LineageOS-17.1/Functions.sh @@ -94,6 +94,7 @@ patchWorkspace() { #source build/envsetup.sh; #repopick -it ten-firewall; + #repopick -it fp2-prima-fixes; source "$DOS_SCRIPTS/Patch.sh"; source "$DOS_SCRIPTS_COMMON/Copy_Keys.sh"; diff --git a/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_lge_msm8996.sh b/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_lge_msm8996.sh index 3705ba19..5824f38c 100644 --- a/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_lge_msm8996.sh +++ b/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_lge_msm8996.sh @@ -460,8 +460,9 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-28688/3.18/0008.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-28964/3.18/0007.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-28972/3.18/0007.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-30002/3.18/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-31916/3.18/0008.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0610/ANY/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14283/3.18/0004.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-0466/3.18/0003.patch -editKernelLocalversion "-dos.p463" +editKernelLocalversion "-dos.p464" cd "$DOS_BUILD_BASE" diff --git a/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_moto_shamu.sh b/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_moto_shamu.sh index 558ce2ed..8a46b92c 100644 --- a/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_moto_shamu.sh +++ b/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_moto_shamu.sh @@ -163,7 +163,6 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3483/^5.12/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3564/^5.12/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3573/^5.12/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-20261/^3.15/0001.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-22555/^5.12/0002.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-27363/^5.12/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-28972/^5.12/0001.patch git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/797912_0001-usb-gadget-Fix-synchronization-issue-between-f_audio.patch @@ -171,5 +170,5 @@ git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/870057_0001-wcnss-add-null-ch git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/1035495_0001-cnss-Add-NULL-check-for-PM-related-APIs.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14283/^5.2.3/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19051/^5.3.11/0001.patch -editKernelLocalversion "-dos.p171" +editKernelLocalversion "-dos.p170" cd "$DOS_BUILD_BASE" diff --git a/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_oneplus_msm8996.sh b/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_oneplus_msm8996.sh index 6405325d..f49e130d 100644 --- a/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_oneplus_msm8996.sh +++ b/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_oneplus_msm8996.sh @@ -373,8 +373,9 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-28688/3.18/0008.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-28964/3.18/0007.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-28972/3.18/0007.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-30002/3.18/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-31916/3.18/0008.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0610/ANY/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14283/3.18/0004.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-0466/3.18/0003.patch -editKernelLocalversion "-dos.p376" +editKernelLocalversion "-dos.p377" cd "$DOS_BUILD_BASE" diff --git a/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_oneplus_msm8998.sh b/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_oneplus_msm8998.sh index bc6e785a..f97bef52 100644 --- a/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_oneplus_msm8998.sh +++ b/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_oneplus_msm8998.sh @@ -1,6 +1,5 @@ #!/bin/bash cd "$DOS_BUILD_BASE""kernel/oneplus/msm8998" -git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/4.4/4.4.0274-0275.patch --exclude=Makefile git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.10+/0016.patch git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.10+/0020.patch git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0002.patch @@ -51,20 +50,6 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11608/4.4/0006.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11608/^5.6.1/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-14386/3.10-^4.4/0002.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-16119/^5.10/0002.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-26139/4.4/0004.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-26147/4.4/0004.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-26558/4.4/0004.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-1906/ANY/0003.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3564/4.4/0004.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3573/4.4/0004.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-23133/4.4/0007.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-23133/4.4/0008.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-23134/4.4/0004.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-29650/4.4/0004.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-31916/4.4/0006.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-32399/4.4/0007.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-34693/4.4/0006.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-24586/4.4/0007.patch -git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3587/4.4/0004.patch -editKernelLocalversion "-dos.p66" +editKernelLocalversion "-dos.p51" cd "$DOS_BUILD_BASE" diff --git a/Scripts/init.sh b/Scripts/init.sh index 3c1372c6..94ea02c6 100644 --- a/Scripts/init.sh +++ b/Scripts/init.sh @@ -61,7 +61,7 @@ export DOS_MICROG_INCLUDED="NLP"; #Determines inclusion of microG. Options: NLP, export DOS_NON_COMMERCIAL_USE_PATCHES=false; #Set true to allow inclusion of non-commercial use patches XXX: Unused, see 1dc9247 export DOS_OPTIMIZE_IMAGES=false; #Set true to apply lossless optimizations to image resources export DOS_STRONG_ENCRYPTION_ENABLED=false; #Set true to enable AES 256-bit FDE encryption on 14.1+15.1 XXX: THIS WILL **DESTROY** EXISTING INSTALLS! -alias DOS_WEBVIEW_CHERRYPICK='git pull "https://github.com/LineageOS/android_external_chromium-webview" refs/changes/60/312860/2'; +alias DOS_WEBVIEW_CHERRYPICK='git pull "https://github.com/LineageOS/android_external_chromium-webview" refs/changes/60/312860/3'; #Servers export DOS_DEFAULT_DNS_PRESET="Quad9"; #Sets default DNS. Options: See changeDefaultDNS() in Scripts/Common/Functions.sh