diff --git a/Misc/BUGBASH-590.log b/Misc/BUGBASH-590.log new file mode 100644 index 00000000..44ab88dc --- /dev/null +++ b/Misc/BUGBASH-590.log @@ -0,0 +1,86 @@ +The QCOM hardware KeyMaster on LineageOS 14.1 is broken + +https://jira.lineageos.org/browse/BUGBASH-590 +https://jira.lineageos.org/browse/BUGBASH-505 +https://github.com/andOTP/andOTP/issues/16 +See https://android.stackexchange.com/questions/168168/wifi-certificate-auth-problem-on-rr-5-8-0-android-7-1-1-cyanogen-based-rom + +12-02 10:26:50.203 3064 3064 E QCOMKeyMaster: Len returned is < 0 len = 0 +12-02 10:26:50.203 3064 3064 E Keymaster0Engine: Error -1 extracting public key +12-02 10:26:50.206 28600 28600 W System.err: java.security.ProviderException: Failed to load generated key pair from keystore +12-02 10:26:50.220 28600 28600 W System.err: at android.security.keystore.AndroidKeyStoreKeyPairGeneratorSpi.loadKeystoreKeyPair(AndroidKeyStoreKeyPairGeneratorSpi.java:518) +12-02 10:26:50.220 28600 28600 W System.err: at android.security.keystore.AndroidKeyStoreKeyPairGeneratorSpi.generateKeyPair(AndroidKeyStoreKeyPairGeneratorSpi.java:470) +12-02 10:26:50.220 28600 28600 W System.err: at java.security.KeyPairGenerator$Delegate.generateKeyPair(KeyPairGenerator.java:699) +12-02 10:26:50.220 28600 28600 W System.err: at org.shadowice.flocke.andotp.Utilities.KeyStoreHelper.loadOrGenerateAsymmetricKeyPair(KeyStoreHelper.java:82) +12-02 10:26:50.220 28600 28600 W System.err: at org.shadowice.flocke.andotp.Preferences.PasswordEncryptedPreference.(PasswordEncryptedPreference.java:73) +12-02 10:26:50.220 28600 28600 W System.err: at java.lang.reflect.Constructor.newInstance0(Native Method) +12-02 10:26:50.220 28600 28600 W System.err: at java.lang.reflect.Constructor.newInstance(Constructor.java:430) +12-02 10:26:50.220 28600 28600 W System.err: at android.preference.GenericInflater.createItem(GenericInflater.java:385) +12-02 10:26:50.220 28600 28600 W System.err: at android.preference.GenericInflater.createItemFromTag(GenericInflater.java:432) +12-02 10:26:50.220 28600 28600 W System.err: at android.preference.GenericInflater.rInflate(GenericInflater.java:483) +12-02 10:26:50.220 28600 28600 W System.err: at android.preference.GenericInflater.rInflate(GenericInflater.java:495) +12-02 10:26:50.220 28600 28600 W System.err: at android.preference.GenericInflater.inflate(GenericInflater.java:327) +12-02 10:26:50.220 28600 28600 W System.err: at android.preference.GenericInflater.inflate(GenericInflater.java:264) +12-02 10:26:50.220 28600 28600 W System.err: at android.preference.PreferenceManager.inflateFromResource(PreferenceManager.java:280) +12-02 10:26:50.220 28600 28600 W System.err: at android.preference.PreferenceManager.setDefaultValues(PreferenceManager.java:609) +12-02 10:26:50.220 28600 28600 W System.err: at android.preference.PreferenceManager.setDefaultValues(PreferenceManager.java:568) +12-02 10:26:50.220 28600 28600 W System.err: at org.shadowice.flocke.andotp.Activities.MainActivity.onCreate(MainActivity.java:288) +12-02 10:26:50.220 28600 28600 W System.err: at android.app.Activity.performCreate(Activity.java:6684) +12-02 10:26:50.220 28600 28600 W System.err: at android.app.Instrumentation.callActivityOnCreate(Instrumentation.java:1119) +12-02 10:26:50.221 28600 28600 W System.err: at android.app.ActivityThread.performLaunchActivity(ActivityThread.java:2637) +12-02 10:26:50.221 28600 28600 W System.err: at android.app.ActivityThread.handleLaunchActivity(ActivityThread.java:2751) +12-02 10:26:50.221 28600 28600 W System.err: at android.app.ActivityThread.-wrap12(ActivityThread.java) +12-02 10:26:50.221 28600 28600 W System.err: at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1496) +12-02 10:26:50.221 28600 28600 W System.err: at android.os.Handler.dispatchMessage(Handler.java:102) +12-02 10:26:50.221 28600 28600 W System.err: at android.os.Looper.loop(Looper.java:154) +12-02 10:26:50.221 28600 28600 W System.err: at android.app.ActivityThread.main(ActivityThread.java:6186) +12-02 10:26:50.221 28600 28600 W System.err: at java.lang.reflect.Method.invoke(Native Method) +12-02 10:26:50.221 28600 28600 W System.err: at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:889) +12-02 10:26:50.221 28600 28600 W System.err: at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:779) +12-02 10:26:50.221 28600 28600 W System.err: Caused by: java.security.UnrecoverableKeyException: Failed to obtain X.509 form of public key +12-02 10:26:50.221 28600 28600 W System.err: at android.security.keystore.AndroidKeyStoreProvider.loadAndroidKeyStorePublicKeyFromKeystore(AndroidKeyStoreProvider.java:230) +12-02 10:26:50.221 28600 28600 W System.err: at android.security.keystore.AndroidKeyStoreProvider.loadAndroidKeyStoreKeyPairFromKeystore(AndroidKeyStoreProvider.java:259) +12-02 10:26:50.221 28600 28600 W System.err: at android.security.keystore.AndroidKeyStoreKeyPairGeneratorSpi.loadKeystoreKeyPair(AndroidKeyStoreKeyPairGeneratorSpi.java:509) +12-02 10:26:50.221 28600 28600 W System.err: ... 28 more +12-02 10:26:50.221 28600 28600 W System.err: Caused by: android.security.KeyStoreException: Unknown error +12-02 10:26:50.221 28600 28600 W System.err: at android.security.KeyStore.getKeyStoreException(KeyStore.java:676) +12-02 10:26:50.221 28600 28600 W System.err: at android.security.keystore.AndroidKeyStoreProvider.loadAndroidKeyStorePublicKeyFromKeystore(AndroidKeyStoreProvider.java:231) +12-02 10:26:50.221 28600 28600 W System.err: ... 30 more +12-02 10:26:50.271 28600 28600 W System.err: java.io.FileNotFoundException: /data/user/0/org.shadowice.flocke.andotp/files/secrets.dat (No such file or directory) +12-02 10:26:50.272 28600 28600 W System.err: at java.io.FileInputStream.open(Native Method) +12-02 10:26:50.272 28600 28600 W System.err: at java.io.FileInputStream.(FileInputStream.java:146) +12-02 10:26:50.272 28600 28600 W System.err: at org.shadowice.flocke.andotp.Utilities.FileHelper.readFileToBytes(FileHelper.java:78) +12-02 10:26:50.272 28600 28600 W System.err: at org.shadowice.flocke.andotp.Utilities.DatabaseHelper.loadDatabase(DatabaseHelper.java:63) +12-02 10:26:50.272 28600 28600 W System.err: at org.shadowice.flocke.andotp.Activities.MainActivity.onCreate(MainActivity.java:327) +12-02 10:26:50.272 28600 28600 W System.err: at android.app.Activity.performCreate(Activity.java:6684) +12-02 10:26:50.272 28600 28600 W System.err: at android.app.Instrumentation.callActivityOnCreate(Instrumentation.java:1119) +12-02 10:26:50.272 28600 28600 W System.err: at android.app.ActivityThread.performLaunchActivity(ActivityThread.java:2637) +12-02 10:26:50.272 28600 28600 W System.err: at android.app.ActivityThread.handleLaunchActivity(ActivityThread.java:2751) +12-02 10:26:50.272 28600 28600 W System.err: at android.app.ActivityThread.-wrap12(ActivityThread.java) +12-02 10:26:50.272 28600 28600 W System.err: at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1496) +12-02 10:26:50.272 28600 28600 W System.err: at android.os.Handler.dispatchMessage(Handler.java:102) +12-02 10:26:50.272 28600 28600 W System.err: at android.os.Looper.loop(Looper.java:154) +12-02 10:26:50.272 28600 28600 W System.err: at android.app.ActivityThread.main(ActivityThread.java:6186) +12-02 10:26:50.272 28600 28600 W System.err: at java.lang.reflect.Method.invoke(Native Method) +12-02 10:26:50.272 28600 28600 W System.err: at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:889) +12-02 10:26:50.272 28600 28600 W System.err: at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:779) +12-02 10:26:50.273 28600 28600 W System.err: java.io.FileNotFoundException: /data/user/0/org.shadowice.flocke.andotp/files/secrets.dat (No such file or directory) +12-02 10:26:50.273 28600 28600 W System.err: at java.io.FileInputStream.open(Native Method) +12-02 10:26:50.273 28600 28600 W System.err: at java.io.FileInputStream.(FileInputStream.java:146) +12-02 10:26:50.273 28600 28600 W System.err: at org.shadowice.flocke.andotp.Utilities.FileHelper.readFileToBytes(FileHelper.java:78) +12-02 10:26:50.273 28600 28600 W System.err: at org.shadowice.flocke.andotp.Utilities.DatabaseHelper.loadDatabase(DatabaseHelper.java:63) +12-02 10:26:50.273 28600 28600 W System.err: at org.shadowice.flocke.andotp.View.EntriesCardAdapter.loadEntries(EntriesCardAdapter.java:113) +12-02 10:26:50.273 28600 28600 W System.err: at org.shadowice.flocke.andotp.View.EntriesCardAdapter.(EntriesCardAdapter.java:81) +12-02 10:26:50.273 28600 28600 W System.err: at org.shadowice.flocke.andotp.Activities.MainActivity.onCreate(MainActivity.java:333) +12-02 10:26:50.273 28600 28600 W System.err: at android.app.Activity.performCreate(Activity.java:6684) +12-02 10:26:50.273 28600 28600 W System.err: at android.app.Instrumentation.callActivityOnCreate(Instrumentation.java:1119) +12-02 10:26:50.273 28600 28600 W System.err: at android.app.ActivityThread.performLaunchActivity(ActivityThread.java:2637) +12-02 10:26:50.273 28600 28600 W System.err: at android.app.ActivityThread.handleLaunchActivity(ActivityThread.java:2751) +12-02 10:26:50.273 28600 28600 W System.err: at android.app.ActivityThread.-wrap12(ActivityThread.java) +12-02 10:26:50.273 28600 28600 W System.err: at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1496) +12-02 10:26:50.273 28600 28600 W System.err: at android.os.Handler.dispatchMessage(Handler.java:102) +12-02 10:26:50.273 28600 28600 W System.err: at android.os.Looper.loop(Looper.java:154) +12-02 10:26:50.273 28600 28600 W System.err: at android.app.ActivityThread.main(ActivityThread.java:6186) +12-02 10:26:50.273 28600 28600 W System.err: at java.lang.reflect.Method.invoke(Native Method) +12-02 10:26:50.273 28600 28600 W System.err: at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:889) +12-02 10:26:50.273 28600 28600 W System.err: at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:779) diff --git a/Patches/LineageOS-14.1/android_packages_apps_PackageInstaller/64d8b44.diff b/Patches/LineageOS-14.1/android_packages_apps_PackageInstaller/64d8b44.diff new file mode 100644 index 00000000..c4dbf18c --- /dev/null +++ b/Patches/LineageOS-14.1/android_packages_apps_PackageInstaller/64d8b44.diff @@ -0,0 +1,108 @@ +From 64d8b44f6625292bc4a5f90913713e97fc4a0032 Mon Sep 17 00:00:00 2001 +From: Daniel Micay +Date: Sun, 06 Aug 2017 10:27:32 -0400 +Subject: [PATCH] fix toggling off current permissions in review + +The confirmPermissionsReview function currently only takes into account +changes to the new permissions section. Since permissions review shows +toggles for the current permissions, those should work too. It doesn't +necessarily need to show toggles for the current permissions but since +they're present the toggles should work to avoid misleading users into +thinking they've toggled off a permission that they haven't. + +Change-Id: I84310a1c20981a239169069a881dbb79267d784f +--- + +diff --git a/src/com/android/packageinstaller/permission/ui/ReviewPermissionsActivity.java b/src/com/android/packageinstaller/permission/ui/ReviewPermissionsActivity.java +index 6bc251a..b6fd0c1 100644 +--- a/src/com/android/packageinstaller/permission/ui/ReviewPermissionsActivity.java ++++ b/src/com/android/packageinstaller/permission/ui/ReviewPermissionsActivity.java +@@ -48,6 +48,7 @@ + import com.android.packageinstaller.permission.utils.Utils; + import com.android.packageinstaller.permission.ui.ConfirmActionDialogFragment.OnActionConfirmedListener; + ++import java.util.ArrayList; + import java.util.List; + + public final class ReviewPermissionsActivity extends Activity +@@ -103,6 +104,7 @@ + private Button mCancelButton; + + private PreferenceCategory mNewPermissionsCategory; ++ private PreferenceCategory mCurrentPermissionsCategory; + + private boolean mHasConfirmedRevoke; + +@@ -218,22 +220,29 @@ + } + + private void confirmPermissionsReview() { +- PreferenceGroup preferenceGroup = mNewPermissionsCategory != null +- ? mNewPermissionsCategory : getPreferenceScreen(); ++ final List preferenceGroups = new ArrayList(); ++ if (mNewPermissionsCategory != null) { ++ preferenceGroups.add(mNewPermissionsCategory); ++ preferenceGroups.add(mCurrentPermissionsCategory); ++ } else { ++ preferenceGroups.add(getPreferenceScreen()); ++ } + +- final int preferenceCount = preferenceGroup.getPreferenceCount(); +- for (int i = 0; i < preferenceCount; i++) { +- Preference preference = preferenceGroup.getPreference(i); +- if (preference instanceof TwoStatePreference) { +- TwoStatePreference twoStatePreference = (TwoStatePreference) preference; +- String groupName = preference.getKey(); +- AppPermissionGroup group = mAppPermissions.getPermissionGroup(groupName); +- if (twoStatePreference.isChecked()) { +- group.grantRuntimePermissions(false); +- } else { +- group.revokeRuntimePermissions(false); ++ for (PreferenceGroup preferenceGroup : preferenceGroups) { ++ final int preferenceCount = preferenceGroup.getPreferenceCount(); ++ for (int i = 0; i < preferenceCount; i++) { ++ Preference preference = preferenceGroup.getPreference(i); ++ if (preference instanceof TwoStatePreference) { ++ TwoStatePreference twoStatePreference = (TwoStatePreference) preference; ++ String groupName = preference.getKey(); ++ AppPermissionGroup group = mAppPermissions.getPermissionGroup(groupName); ++ if (twoStatePreference.isChecked()) { ++ group.grantRuntimePermissions(false); ++ } else { ++ group.revokeRuntimePermissions(false); ++ } ++ group.resetReviewRequired(); + } +- group.resetReviewRequired(); + } + } + } +@@ -295,7 +304,7 @@ + screen.removeAll(); + } + +- PreferenceGroup currentPermissionsCategory = null; ++ mCurrentPermissionsCategory = null; + PreferenceGroup oldNewPermissionsCategory = mNewPermissionsCategory; + mNewPermissionsCategory = null; + +@@ -353,13 +362,13 @@ + mNewPermissionsCategory.addPreference(preference); + } + } else { +- if (currentPermissionsCategory == null) { +- currentPermissionsCategory = new PreferenceCategory(activity); +- currentPermissionsCategory.setTitle(R.string.current_permissions_category); +- currentPermissionsCategory.setOrder(2); +- screen.addPreference(currentPermissionsCategory); ++ if (mCurrentPermissionsCategory == null) { ++ mCurrentPermissionsCategory = new PreferenceCategory(activity); ++ mCurrentPermissionsCategory.setTitle(R.string.current_permissions_category); ++ mCurrentPermissionsCategory.setOrder(2); ++ screen.addPreference(mCurrentPermissionsCategory); + } +- currentPermissionsCategory.addPreference(preference); ++ mCurrentPermissionsCategory.addPreference(preference); + } + } + } diff --git a/Patches/Linux b/Patches/Linux index ea896538..7bcadaa3 160000 --- a/Patches/Linux +++ b/Patches/Linux @@ -1 +1 @@ -Subproject commit ea896538581f64ba1e7e1c06608c7d37d779f683 +Subproject commit 7bcadaa32b927340f6301361614bf7b1350f8dbc diff --git a/Scripts/LineageOS-14.1/CVE_Patchers/android_kernel_google_marlin.sh b/Scripts/LineageOS-14.1/CVE_Patchers/android_kernel_google_marlin.sh index 647dfb11..d4623018 100644 --- a/Scripts/LineageOS-14.1/CVE_Patchers/android_kernel_google_marlin.sh +++ b/Scripts/LineageOS-14.1/CVE_Patchers/android_kernel_google_marlin.sh @@ -58,11 +58,18 @@ git apply $cvePatches/CVE-2017-1000380/^4.11/0001.patch git apply $cvePatches/CVE-2017-10998/3.18/0002.patch git apply $cvePatches/CVE-2017-11001/ANY/0001.patch git apply $cvePatches/CVE-2017-11002/ANY/0002.patch +git apply $cvePatches/CVE-2017-11016/ANY/0001.patch +git apply $cvePatches/CVE-2017-11019/ANY/0001.patch git apply $cvePatches/CVE-2017-11025/ANY/0001.patch git apply $cvePatches/CVE-2017-11028/3.18/0001.patch +git apply $cvePatches/CVE-2017-11030/3.18/0001.patch +git apply $cvePatches/CVE-2017-11031/ANY/0001.patch git apply $cvePatches/CVE-2017-11032/ANY/0001.patch +git apply $cvePatches/CVE-2017-11033/3.18/0002.patch +git apply $cvePatches/CVE-2017-11044/ANY/0001.patch +git apply $cvePatches/CVE-2017-11045/ANY/0001.patch git apply $cvePatches/CVE-2017-11046/ANY/0001.patch -git apply $cvePatches/CVE-2017-11048/ANY/0001.patch +git apply $cvePatches/CVE-2017-11049/ANY/0001.patch git apply $cvePatches/CVE-2017-11057/ANY/0001.patch git apply $cvePatches/CVE-2017-11067/ANY/0001.patch git apply $cvePatches/CVE-2017-11089/ANY/0001.patch @@ -70,7 +77,9 @@ git apply $cvePatches/CVE-2017-11090/ANY/0001.patch git apply $cvePatches/CVE-2017-11091/3.18/0001.patch git apply $cvePatches/CVE-2017-11093/3.18/0001.patch git apply $cvePatches/CVE-2017-12146/3.16+/0001.patch +git apply $cvePatches/CVE-2017-14897/ANY/0001.patch git apply $cvePatches/CVE-2017-15265/^4.14/0001.patch +git apply $cvePatches/CVE-2017-15868/ANY/0001.patch git apply $cvePatches/CVE-2017-16525/^4.13/0002.patch git apply $cvePatches/CVE-2017-16526/^4.13/0001.patch git apply $cvePatches/CVE-2017-16530/^4.13/0001.patch @@ -113,8 +122,10 @@ git apply $cvePatches/CVE-2017-9686/ANY/0001.patch git apply $cvePatches/CVE-2017-9687/3.18/0001.patch git apply $cvePatches/CVE-2017-9690/3.18/0001.patch git apply $cvePatches/CVE-2017-9697/3.18/0001.patch +git apply $cvePatches/CVE-2017-9700/ANY/0001.patch git apply $cvePatches/CVE-2017-9719/3.18/0001.patch git apply $cvePatches/CVE-2017-9720/3.18/0002.patch +git apply $cvePatches/CVE-2017-9722/3.18/0001.patch git apply $cvePatches/Untracked/ANY/0002-ozwpan-Use-unsigned-ints-to-prevent-heap-overflow.patch git apply $cvePatches/Untracked/ANY/0003-tunnels-Don-t-apply-GRO-to-multiple-layers-of-encaps.patch git apply $cvePatches/Untracked/ANY/0005-tcp-fix-zero-cwnd-in-tcp_cwnd_reduction.patch diff --git a/Scripts/LineageOS-14.1/CVE_Patchers/android_kernel_htc_msm8994.sh b/Scripts/LineageOS-14.1/CVE_Patchers/android_kernel_htc_msm8994.sh index d1d8091c..9615dfda 100644 --- a/Scripts/LineageOS-14.1/CVE_Patchers/android_kernel_htc_msm8994.sh +++ b/Scripts/LineageOS-14.1/CVE_Patchers/android_kernel_htc_msm8994.sh @@ -95,9 +95,10 @@ git apply $cvePatches/CVE-2017-0862/3.10/0001.patch git apply $cvePatches/CVE-2017-1000365/3.10/0001.patch git apply $cvePatches/CVE-2017-1000380/^4.11/0001.patch git apply $cvePatches/CVE-2017-10999/ANY/0001.patch +git apply $cvePatches/CVE-2017-11019/ANY/0001.patch git apply $cvePatches/CVE-2017-11024/ANY/0001.patch +git apply $cvePatches/CVE-2017-11033/3.10/0001.patch git apply $cvePatches/CVE-2017-11046/ANY/0001.patch -git apply $cvePatches/CVE-2017-11048/ANY/0001.patch git apply $cvePatches/CVE-2017-11056/ANY/0001.patch git apply $cvePatches/CVE-2017-11059/ANY/0001.patch git apply $cvePatches/CVE-2017-11085/3.10/0001.patch diff --git a/Scripts/LineageOS-14.1/CVE_Patchers/android_kernel_huawei_angler.sh b/Scripts/LineageOS-14.1/CVE_Patchers/android_kernel_huawei_angler.sh index 939a20a2..835437a8 100644 --- a/Scripts/LineageOS-14.1/CVE_Patchers/android_kernel_huawei_angler.sh +++ b/Scripts/LineageOS-14.1/CVE_Patchers/android_kernel_huawei_angler.sh @@ -57,6 +57,8 @@ git apply $cvePatches/CVE-2017-0648/ANY/0001.patch git apply $cvePatches/CVE-2017-0824/ANY/0001.patch git apply $cvePatches/CVE-2017-1000365/3.10/0001.patch git apply $cvePatches/CVE-2017-1000380/^4.11/0001.patch +git apply $cvePatches/CVE-2017-11016/ANY/0001.patch +git apply $cvePatches/CVE-2017-11033/3.10/0001.patch git apply $cvePatches/CVE-2017-11600/3.10/0001.patch git apply $cvePatches/CVE-2017-12153/3.2-^3.16/0001.patch git apply $cvePatches/CVE-2017-15265/^4.14/0001.patch diff --git a/Scripts/LineageOS-14.1/CVE_Patchers/android_kernel_lge_bullhead.sh b/Scripts/LineageOS-14.1/CVE_Patchers/android_kernel_lge_bullhead.sh index 514d37ab..c63861fc 100644 --- a/Scripts/LineageOS-14.1/CVE_Patchers/android_kernel_lge_bullhead.sh +++ b/Scripts/LineageOS-14.1/CVE_Patchers/android_kernel_lge_bullhead.sh @@ -51,6 +51,8 @@ git apply $cvePatches/CVE-2017-0537/ANY/0001.patch git apply $cvePatches/CVE-2017-0648/ANY/0001.patch git apply $cvePatches/CVE-2017-1000365/3.10/0001.patch git apply $cvePatches/CVE-2017-1000380/^4.11/0001.patch +git apply $cvePatches/CVE-2017-11016/ANY/0001.patch +git apply $cvePatches/CVE-2017-11033/3.10/0001.patch git apply $cvePatches/CVE-2017-11600/3.10/0001.patch git apply $cvePatches/CVE-2017-12153/3.2-^3.16/0001.patch git apply $cvePatches/CVE-2017-15265/^4.14/0001.patch diff --git a/Scripts/LineageOS-14.1/CVE_Patchers/android_kernel_motorola_msm8916.sh b/Scripts/LineageOS-14.1/CVE_Patchers/android_kernel_motorola_msm8916.sh index 53c41ff9..f93ecb0f 100644 --- a/Scripts/LineageOS-14.1/CVE_Patchers/android_kernel_motorola_msm8916.sh +++ b/Scripts/LineageOS-14.1/CVE_Patchers/android_kernel_motorola_msm8916.sh @@ -32,7 +32,9 @@ git apply $cvePatches/CVE-2017-0648/ANY/0001.patch git apply $cvePatches/CVE-2017-0750/ANY/0001.patch git apply $cvePatches/CVE-2017-0861/3.10/0001.patch git apply $cvePatches/CVE-2017-0862/3.10/0001.patch +git apply $cvePatches/CVE-2017-11016/ANY/0001.patch git apply $cvePatches/CVE-2017-11024/ANY/0001.patch +git apply $cvePatches/CVE-2017-11033/3.10/0001.patch git apply $cvePatches/CVE-2017-11085/3.10/0001.patch git apply $cvePatches/CVE-2017-11089/ANY/0001.patch git apply $cvePatches/CVE-2017-11090/ANY/0001.patch diff --git a/Scripts/LineageOS-14.1/CVE_Patchers/android_kernel_motorola_msm8992.sh b/Scripts/LineageOS-14.1/CVE_Patchers/android_kernel_motorola_msm8992.sh index 5fc19c45..9ae290e1 100644 --- a/Scripts/LineageOS-14.1/CVE_Patchers/android_kernel_motorola_msm8992.sh +++ b/Scripts/LineageOS-14.1/CVE_Patchers/android_kernel_motorola_msm8992.sh @@ -69,8 +69,9 @@ git apply $cvePatches/CVE-2017-1000365/3.10/0001.patch git apply $cvePatches/CVE-2017-1000380/^4.11/0001.patch git apply $cvePatches/CVE-2017-10997/3.10/0001.patch git apply $cvePatches/CVE-2017-10998/3.10/0001.patch +git apply $cvePatches/CVE-2017-11019/ANY/0001.patch git apply $cvePatches/CVE-2017-11024/ANY/0001.patch -git apply $cvePatches/CVE-2017-11048/ANY/0001.patch +git apply $cvePatches/CVE-2017-11033/3.10/0001.patch git apply $cvePatches/CVE-2017-11056/ANY/0001.patch git apply $cvePatches/CVE-2017-11059/ANY/0001.patch git apply $cvePatches/CVE-2017-11085/3.10/0001.patch diff --git a/Scripts/LineageOS-14.1/CVE_Patchers/android_kernel_oneplus_msm8974.sh b/Scripts/LineageOS-14.1/CVE_Patchers/android_kernel_oneplus_msm8974.sh index 5dfe38a7..1016ffc6 100644 --- a/Scripts/LineageOS-14.1/CVE_Patchers/android_kernel_oneplus_msm8974.sh +++ b/Scripts/LineageOS-14.1/CVE_Patchers/android_kernel_oneplus_msm8974.sh @@ -17,7 +17,7 @@ git apply $cvePatches/CVE-2017-0751/ANY/0001.patch git apply $cvePatches/CVE-2017-0786/ANY/0001.patch git apply $cvePatches/CVE-2017-1000380/^4.11/0001.patch git apply $cvePatches/CVE-2017-11000/ANY/0002.patch -git apply $cvePatches/CVE-2017-11048/ANY/0001.patch +git apply $cvePatches/CVE-2017-11019/ANY/0001.patch git apply $cvePatches/CVE-2017-11059/ANY/0001.patch git apply $cvePatches/CVE-2017-11090/ANY/0001.patch git apply $cvePatches/CVE-2017-12153/3.2-^3.16/0001.patch diff --git a/Scripts/LineageOS-14.1/CVE_Patchers/android_kernel_samsung_universal8890.sh b/Scripts/LineageOS-14.1/CVE_Patchers/android_kernel_samsung_universal8890.sh index d7f7da28..a68fcac1 100644 --- a/Scripts/LineageOS-14.1/CVE_Patchers/android_kernel_samsung_universal8890.sh +++ b/Scripts/LineageOS-14.1/CVE_Patchers/android_kernel_samsung_universal8890.sh @@ -63,6 +63,7 @@ git apply $cvePatches/CVE-2017-1000380/^4.11/0001.patch git apply $cvePatches/CVE-2017-10996/ANY/0001.patch git apply $cvePatches/CVE-2017-11089/ANY/0001.patch git apply $cvePatches/CVE-2017-11090/ANY/0001.patch +git apply $cvePatches/CVE-2017-15868/ANY/0001.patch git apply $cvePatches/CVE-2017-16525/^4.13/0002.patch git apply $cvePatches/CVE-2017-16526/^4.13/0001.patch git apply $cvePatches/CVE-2017-16529/^4.13/0001.patch diff --git a/Scripts/LineageOS-14.1/Patch.sh b/Scripts/LineageOS-14.1/Patch.sh index 78fae9b6..018c81c2 100755 --- a/Scripts/LineageOS-14.1/Patch.sh +++ b/Scripts/LineageOS-14.1/Patch.sh @@ -129,10 +129,11 @@ patch -p1 < $patches"android_external_sqlite/0001-Secure_Delete.patch" #Enable s enter "frameworks/base" git revert 0326bb5e41219cf502727c3aa44ebf2daa19a5b3 #re-enable doze on devices without gms -git fetch https://review.lineageos.org/LineageOS/android_frameworks_base refs/changes/75/151975/37 && git cherry-pick FETCH_HEAD #network traffic +git fetch https://review.lineageos.org/LineageOS/android_frameworks_base refs/changes/75/151975/38 && git cherry-pick FETCH_HEAD #network traffic sed -i 's/DEFAULT_MAX_FILES = 1000;/DEFAULT_MAX_FILES = 0;/' services/core/java/com/android/server/DropBoxManagerService.java; #Disable DropBox sed -i 's/com.android.messaging/org.smssecure.smssecure/' core/res/res/values/config.xml; #Change default SMS app to Silence #sed -i 's|config_permissionReviewRequired">false|config_permissionReviewRequired">true|' core/res/res/values/config.xml; #XXX: Super awesome, but breaks quick tiles +#See https://github.com/CopperheadOS/platform_frameworks_opt_net_wifi/commit/c2a2f077a902226093b25c563e0117e923c7495b patch -p1 < $patches"android_frameworks_base/0001-Reduced_Resolution.patch" #Allow reducing resolution to save power TODO: Add 800x480 #patch -p1 < $patches"android_frameworks_base/0002-Radio.patch" #Add a QS tile to control radio power #TODO: Breaks cell and SystemUI patch -p1 < $patches"android_frameworks_base/0003-Signature_Spoofing.patch" #Allow packages to spoof their signature (MicroG) @@ -145,7 +146,7 @@ rm core/res/res/values/config.xml.orig core/res/res/values/strings.xml.orig enter "packages/apps/CMParts" rm -rf src/org/cyanogenmod/cmparts/cmstats/ res/xml/anonymous_stats.xml res/xml/preview_data.xml #Nuke part of CMStats -git fetch https://review.lineageos.org/LineageOS/android_packages_apps_CMParts refs/changes/15/113415/25 && git cherry-pick FETCH_HEAD #network traffic +git fetch https://review.lineageos.org/LineageOS/android_packages_apps_CMParts refs/changes/15/113415/26 && git cherry-pick FETCH_HEAD #network traffic sed -i 's|config_showWeatherMenu">true|config_showWeatherMenu">false|' res/values/config.xml; #Disable Weather patch -p1 < $patches"android_packages_apps_CMParts/0001-Remove_Analytics.patch" #Remove the rest of CMStats patch -p1 < $patches"android_packages_apps_CMParts/0002-Reduced_Resolution.patch" #Allow reducing resolution to save power