Git-Mirrors/DivestOS
1
0
Fork 0
mirror of https://github.com/Divested-Mobile/DivestOS-Build.git synced 2025-05-02 06:26:20 -04:00
Code Issues Projects Releases Packages Wiki Activity

20.0: October ASB picks

Browse source 
wget c873988898.patch -O telecomm-01.patch
wget 0fb5786dbf.patch -O mediaprovider-01.patch
wget 1a4b9ef510.patch -O wifi-01.patch
wget 364a1d9962.patch -O bluetooth-01.patch
wget 87a06448b9.patch -O settings-01.patch
wget aaba724a68.patch -O settings-02.patch
wget 507304e1f5.patch -O native-01.patch
wget 89489ff5dd.patch -O base-01.patch
wget d1765c4715.patch -O base-02.patch
wget cbb1a0ecd6.patch -O base-03.patch
wget 4725772c0b.patch -O base-04.patch
wget 19747f6923.patch -O base-05.patch
wget e7a1aa9ed0.patch -O base-06.patch
wget 922a7860b1.patch -O base-07.patch
wget ed183ed912.patch -O base-08.patch
wget c6fbe1330a.patch -O base-09.patch
wget 9141cac175.patch -O base-10.patch
wget 41235bcc67.patch -O av-01.patch
wget a89f704701.patch -O av-02.patch
wget 6d7cd80d77.patch -O av-03.patch
wget 75fc175a08.patch -O av-04.patch
wget b023ec300f.patch -O av-05.patch
wget c8117d1539.patch -O av-06.patch
wget f06d23d824.patch -O av-07.patch
wget 9c7408ab07.patch -O av-08.patch
wget cfbfcefb3c.patch -O launcher-01.patch
wget 4a27a7f162.patch -O libxml-01.patch

Signed-off-by: Tad <tad@spotco.us>
This commit is contained in:
Tad 2023-10-03 14:30:46 -04:00
parent d80f272b54
commit af360bc9ea
No known key found for this signature in database
GPG key ID: B286E9F57A07424B
29 changed files with 4063 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

28
Scripts/LineageOS-20.0/Patch.sh
View file

@ -97,7 +97,7 @@ applyPatch "$DOS_PATCHES/android_build/0004-Selective_APEX.patch"; #Only enable
sed -i '75i$(my_res_package): PRIVATE_AAPT_FLAGS += --auto-add-overlay' core/aapt2.mk; #Enable auto-add-overlay for packages, this allows the vendor overlay to easily work across all branches.
sed -i 's/PLATFORM_MIN_SUPPORTED_TARGET_SDK_VERSION := 23/PLATFORM_MIN_SUPPORTED_TARGET_SDK_VERSION := 28/' core/version_util.mk; #Set the minimum supported target SDK to Pie (GrapheneOS)
#sed -i 's/PRODUCT_OTA_ENFORCE_VINTF_KERNEL_REQUIREMENTS := true/PRODUCT_OTA_ENFORCE_VINTF_KERNEL_REQUIREMENTS := false/' core/product_config.mk; #broken by hardenDefconfig
sed -i 's/2023-08-05/2023-09-01/' core/version_defaults.mk; #Bump Security String #XXX
sed -i 's/2023-09-05/2023-10-01/' core/version_defaults.mk; #Bump Security String #XXX ASB-2023-10
fi;
if enterAndClear "build/soong"; then
@ -127,7 +127,16 @@ if enterAndClear "external/libvpx"; then
applyPatch "$DOS_PATCHES_COMMON/android_external_libvpx/CVE-2023-5217.patch"; #VP8: disallow thread count changes
fi;
if enterAndClear "external/libxml2"; then
git am $DOS_PATCHES/ASB-2023-10/libxml-*.patch;
fi;
if enterAndClear "frameworks/av"; then
git am $DOS_PATCHES/ASB-2023-10/av-*.patch;
fi;
if enterAndClear "frameworks/base"; then
git am $DOS_PATCHES/ASB-2023-10/base-*.patch;
git revert --no-edit d36faad3267522c6d3ff91ba9dcca8f6274bccd1; #Reverts "JobScheduler: Respect allow-in-power-save perm" in favor of below patch
git revert --no-edit 90d6826548189ca850d91692e71fcc1be426f453; #Reverts "Remove sensitive info from SUPL requests" in favor of below patch
applyPatch "$DOS_PATCHES/android_frameworks_base/0007-Always_Restict_Serial.patch"; #Always restrict access to Build.SERIAL (GrapheneOS)
@ -218,6 +227,7 @@ applyPatch "$DOS_PATCHES/android_frameworks_libs_systemui/0001-Icon_Cache.patch"
fi;
if enterAndClear "frameworks/native"; then
git am $DOS_PATCHES/ASB-2023-10/native-*.patch;
applyPatch "$DOS_PATCHES/android_frameworks_native/0001-Sensors_Permission.patch"; #Require OTHER_SENSORS permission for sensors (GrapheneOS)
applyPatch "$DOS_PATCHES/android_frameworks_native/0001-Sensors_Permission-a1.patch"; #Protect step sensors with OTHER_SENSORS permission for targetSdk<29 apps (GrapheneOS)
fi;
@ -306,6 +316,7 @@ applyPatch "$DOS_PATCHES/android_packages_apps_OpenEUICC/0001-hacky-fix.patch";
fi;
if enterAndClear "packages/apps/Settings"; then
git am $DOS_PATCHES/ASB-2023-10/settings-*.patch;
git revert --no-edit 41b4ed345a91da1dd46c00ee11a151c2b5ff4f43;
applyPatch "$DOS_PATCHES/android_packages_apps_Settings/0004-Private_DNS.patch"; #More 'Private DNS' options (heavily based off of a CalyxOS patch)
applyPatch "$DOS_PATCHES/android_packages_apps_Settings/0005-Automatic_Reboot.patch"; #Timeout for reboot (GrapheneOS)
@ -334,6 +345,7 @@ git revert --no-edit fcf658d2005dc557a95d5a7fb89cb90d06b31d33; #grant permission
fi;
if enterAndClear "packages/apps/Trebuchet"; then
git am $DOS_PATCHES/ASB-2023-10/launcher-*.patch;
cp $DOS_BUILD_BASE/vendor/divested/overlay/common/packages/apps/Trebuchet/res/xml/default_workspace_*.xml res/xml/; #XXX: Likely no longer needed
fi;
@ -349,6 +361,10 @@ applyPatch "$DOS_PATCHES/android_packages_inputmethods_LatinIME/0001-Voice.patch
applyPatch "$DOS_PATCHES/android_packages_inputmethods_LatinIME/0002-Disable_Personalization.patch"; #Disable personalization dictionary by default (GrapheneOS)
fi;
if enterAndClear "packages/modules/Bluetooth"; then
git am $DOS_PATCHES/ASB-2023-10/bluetooth-*.patch;
fi;
if enterAndClear "packages/modules/Connectivity"; then
applyPatch "$DOS_PATCHES/android_packages_modules_Connectivity/0001-Network_Permission-1.patch"; #Skip reportNetworkConnectivity() when permission is revoked (GrapheneOS)
applyPatch "$DOS_PATCHES/android_packages_modules_Connectivity/0001-Network_Permission-2.patch"; #Enforce INTERNET permission per-uid instead of per-appId (GrapheneOS)
@ -375,6 +391,7 @@ applyPatch "$DOS_PATCHES/android_packages_modules_Permission/0006-Location_Indic
fi;
if enterAndClear "packages/modules/Wifi"; then
git am $DOS_PATCHES/ASB-2023-10/wifi-*.patch;
applyPatch "$DOS_PATCHES/android_packages_modules_Wifi/344228.patch"; #wifi: resurrect mWifiLinkLayerStatsSupported counter (sassmann)
applyPatch "$DOS_PATCHES/android_packages_modules_Wifi/0001-Random_MAC.patch"; #Add support for always generating new random MAC (GrapheneOS)
fi;
@ -383,10 +400,19 @@ if enterAndClear "packages/providers/DownloadProvider"; then
applyPatch "$DOS_PATCHES/android_packages_providers_DownloadProvider/0001-Network_Permission.patch"; #Expose the NETWORK permission (GrapheneOS)
fi;
if enterAndClear "packages/providers/MediaProvider"; then
git am $DOS_PATCHES/ASB-2023-10/mediaprovider-*.patch;
fi;
#if enterAndClear "packages/providers/TelephonyProvider"; then
#cp $DOS_PATCHES_COMMON/android_packages_providers_TelephonyProvider/carrier_list.* assets/latest_carrier_id/;
#fi;
if enterAndClear "packages/services/Telecomm"; then
git am $DOS_PATCHES/ASB-2023-10/telecomm-*.patch;
fi;
if enterAndClear "system/ca-certificates"; then
rm -rf files; #Remove old certs
cp -r "$DOS_PATCHES_COMMON/android_system_ca-certificates/files" .; #Copy the new ones into place