mirror of
https://github.com/Divested-Mobile/DivestOS-Build.git
synced 2024-12-24 23:19:31 -05:00
Updates
Signed-off-by: Tad <tad@spotco.us>
This commit is contained in:
parent
ce47fdae34
commit
abb616d2f3
@ -11,10 +11,10 @@ need to be granted by default for all apps to maintain compatibility.
|
||||
2 files changed, 20 insertions(+), 6 deletions(-)
|
||||
|
||||
diff --git a/services/core/java/com/android/server/pm/PackageManagerService.java b/services/core/java/com/android/server/pm/PackageManagerService.java
|
||||
index 6cfb1989262f..dc9ad9e96699 100644
|
||||
index cdab93c57179..a38da93e4aea 100644
|
||||
--- a/services/core/java/com/android/server/pm/PackageManagerService.java
|
||||
+++ b/services/core/java/com/android/server/pm/PackageManagerService.java
|
||||
@@ -20172,7 +20172,8 @@ public class PackageManagerService extends IPackageManager.Stub
|
||||
@@ -20187,7 +20187,8 @@ public class PackageManagerService extends IPackageManager.Stub
|
||||
}
|
||||
|
||||
// If this permission was granted by default, make sure it is.
|
||||
|
@ -61,14 +61,14 @@ commentPatches android_kernel_google_yellowstone.sh "0001-LinuxIncrementals/3.10
|
||||
commentPatches android_kernel_huawei_angler.sh "CVE-2014-8559";
|
||||
commentPatches android_kernel_htc_flounder.sh "CVE-2018-9514";
|
||||
commentPatches android_kernel_htc_msm8960.sh "CVE-2018-10876" "CVE-2021-0695" "CVE-2021-Misc2/3.4/0055.patch" "CVE-2021-Misc2/3.4/0056.patch";
|
||||
commentPatches android_kernel_htc_msm8974.sh "CVE-2016-8393";
|
||||
commentPatches android_kernel_htc_msm8974.sh "CVE-2016-8393" "CVE-2022-22058";
|
||||
commentPatches android_kernel_htc_msm8994.sh "CVE-2016-8394/ANY/0001.patch" "CVE-2017-13166" "CVE-2018-3585" "CVE-2018-9514";
|
||||
commentPatches android_kernel_lge_bullhead.sh "CVE-2014-8559";
|
||||
commentPatches android_kernel_lge_msm8992.sh "CVE-2018-5897" "CVE-2018-11266";
|
||||
commentPatches android_kernel_lge_msm8996.sh "CVE-2016-6198" "CVE-2017-13162/3.18/0001.patch" "CVE-2017-15951" "CVE-2018-17972" "CVE-2019-2214" "CVE-2019-14070/ANY/0006.patch" "CVE-2019-16746" "CVE-2020-0427" "CVE-2020-14381" "CVE-2020-16166";
|
||||
commentPatches android_kernel_moto_shamu.sh "CVE-2014-8559";
|
||||
commentPatches android_kernel_motorola_msm8916.sh "0001-LinuxIncrementals/3.10/3.10.0050-0051.patch" "CVE-2014-8559" "CVE-2017-15817" "CVE-2018-9514";
|
||||
commentPatches android_kernel_motorola_msm8974.sh "CVE-2016-5696" "CVE-2017-7373" "CVE-2017-17770/3.4/0002.patch" "CVE-2019-11599";
|
||||
commentPatches android_kernel_motorola_msm8974.sh "CVE-2016-5696" "CVE-2017-7373" "CVE-2017-17770/3.4/0002.patch" "CVE-2019-11599" "CVE-2022-22058";
|
||||
commentPatches android_kernel_motorola_msm8992.sh "CVE-2017-5551/3.10/0002.patch" "CVE-2017-14880/3.10/0001.patch" "CVE-2018-3585/3.10/0001.patch" "CVE-2019-2297/qcacld-2.0/0001.patch";
|
||||
commentPatches android_kernel_motorola_msm8996.sh "0001-LinuxIncrementals/3.18/3.18.0098-0099.patch" "CVE-2017-8266" "CVE-2017-13162/3.18/0001.patch" "CVE-2017-15951" "CVE-2018-17972" "CVE-2019-2214" "CVE-2019-14070/ANY/0006.patch" "CVE-2019-16746" "CVE-2020-0427" "CVE-2020-14381" "CVE-2020-16166" "CVE-2021-39715/ANY/0001.patch";
|
||||
commentPatches android_kernel_nextbit_msm8992.sh "CVE-2018-3585/3.10/0001.patch" "CVE-2018-9514";
|
||||
|
@ -81,7 +81,7 @@ patchWorkspace() {
|
||||
gpgVerifyGitTag "$DOS_BUILD_BASE/external/hardened_malloc";
|
||||
gpgVerifyGitHead "$DOS_BUILD_BASE/external/chromium-webview";
|
||||
|
||||
#source build/envsetup.sh;
|
||||
source build/envsetup.sh;
|
||||
#repopick -it ten-firewall;
|
||||
repopick -it Q_tzdb2022f;
|
||||
repopick -it Q_asb_2022-12;
|
||||
|
@ -486,7 +486,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-2318/4.4/0008.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-3028/4.4/0008.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-3635/4.4/0008.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-20141/3.4/0008.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-22058/3.4/0003.patch
|
||||
#git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-22058/3.4/0003.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-22064/3.4/0007.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-24958/3.4/0017.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-25258/3.4/0009.patch
|
||||
|
@ -462,7 +462,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-3028/4.4/0008.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-3635/4.4/0008.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-20141/3.4/0008.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-20421/4.4/0008.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-22058/3.4/0003.patch
|
||||
#git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-22058/3.4/0003.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-22064/3.4/0007.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-24958/3.4/0017.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-24958/3.4/0018.patch
|
||||
|
@ -62,9 +62,9 @@ buildAll() {
|
||||
#SD845
|
||||
buildDevice aura avb; #superseded
|
||||
buildDevice beryllium avb; #superseded
|
||||
buildDevice pro1 avb; #superseded
|
||||
buildDevice crosshatch avb; #superseded
|
||||
buildDevice blueline avb; #superseded
|
||||
#buildDevice pro1 avb; #superseded
|
||||
#buildDevice crosshatch avb; #superseded
|
||||
#buildDevice blueline avb; #superseded
|
||||
buildDevice enchilada avb; #superseded
|
||||
buildDevice fajita avb; #superseded
|
||||
buildDevice akari avb;
|
||||
@ -98,8 +98,8 @@ buildAll() {
|
||||
#buildDevice bramble avb; #superseded
|
||||
#buildDevice redfin avb; #superseded
|
||||
#SD670
|
||||
buildDevice bonito avb; #superseded
|
||||
buildDevice sargo avb; #superseded
|
||||
#buildDevice bonito avb; #superseded
|
||||
#buildDevice sargo avb; #superseded
|
||||
}
|
||||
export -f buildAll;
|
||||
|
||||
|
@ -103,9 +103,7 @@ patchWorkspace() {
|
||||
gpgVerifyGitHead "$DOS_BUILD_BASE/external/chromium-webview";
|
||||
|
||||
source build/envsetup.sh;
|
||||
repopick -i 344891; #fixup! Rewrite trust USB restriction handling
|
||||
repopick -it T_tzdb2022f;
|
||||
#repopick -it T_asb_2022-12;
|
||||
|
||||
sh "$DOS_SCRIPTS/Patch.sh";
|
||||
sh "$DOS_SCRIPTS_COMMON/Enable_Verity.sh";
|
||||
|
@ -128,7 +128,6 @@ sed -i '11iLOCAL_OVERRIDES_PACKAGES := Aperture Camera Camera2 LegacyCamera Snap
|
||||
fi;
|
||||
|
||||
if enterAndClear "frameworks/base"; then
|
||||
git revert --no-edit 70cc90b9298ac0b18fe79a4f8f9251c01b8f96d3; #causes soft reboots due to race
|
||||
applyPatch "$DOS_PATCHES/android_frameworks_base/0007-Always_Restict_Serial.patch"; #Always restrict access to Build.SERIAL (GrapheneOS)
|
||||
applyPatch "$DOS_PATCHES/android_frameworks_base/0008-Browser_No_Location.patch"; #Don't grant location permission to system browsers (GrapheneOS)
|
||||
#applyPatch "$DOS_PATCHES/android_frameworks_base/0009-SystemUI_No_Permission_Review.patch"; #Allow SystemUI to directly manage Bluetooth/WiFi (GrapheneOS)
|
||||
|
Loading…
Reference in New Issue
Block a user