Small tweaks

Patches/Linux

@@ -1 +1 @@
-Subproject commit a867b0a2807d1cad0f2243250d31547524b33945
+Subproject commit f9c22aa3ea0c4fb4c760790c51e33987924e069d

Scripts/Common/Deblob.sh

@@ -619,10 +619,12 @@ deblobDevice() {
 	sed -i 's/bt.enableAptXHD=true/bt.enableAptXHD=false/' *.prop *.mk &>/dev/null || true; #Disable aptX
 	if [ "$DOS_DEBLOBBER_REMOVE_CNE" = true ]; then sed -i 's/cne.feature=./cne.feature=0/' *.prop *.mk &>/dev/null || true; fi; #Disable CNE
 	sed -i 's/dpm.feature=./dpm.feature=0/' *.prop *.mk &>/dev/null || true; #Disable DPM
+	sed -i 's/dpm.feature=11/dpm.feature=0/' *.prop *.mk &>/dev/null || true; #Disable DPM
 	sed -i 's/gps.qc_nlp_in_use=./gps.qc_nlp_in_use=0/' *.prop *.mk &>/dev/null || true; #Disable QC Location Provider
 	sed -i 's/sys.dpmd.nsrm=./sys.dpmd.nsrm=0/' *.prop *.mk &>/dev/null || true; #Disable DPM
 	sed -i 's/bluetooth.emb_wp_mode=true/bluetooth.emb_wp_mode=false/' *.prop *.mk &>/dev/null || true; #Disable WiPower
 	sed -i 's/bluetooth.wipower=true/bluetooth.wipower=false/' *.prop *.mk &>/dev/null || true; #Disable WiPower
+	sed -i 's/wfd.enable=1/wfd.enable=0/' *.prop *.mk &>/dev/null || true; #Disable Wi-Fi display
 	if [ -f system.prop ]; then
 		if ! grep -q "drm.service.enabled=false" system.prop; then echo "drm.service.enabled=false" >> system.prop; fi; #Disable DRM server
 		if [ "$DOS_DEBLOBBER_REMOVE_GRAPHICS" = true ]; then

Scripts/Common/Functions.sh

@@ -682,6 +682,7 @@ hardenDefconfig() {
 		#optionsNo+=("DIAG_CHAR" "DIAG_OVER_USB" "USB_QCOM_DIAG_BRIDGE" "DIAGFWD_BRIDGE_CODE" "DIAG_SDIO_PIPE" "DIAG_HSIC_PIPE");
 	#fi;
 	if [ "$DOS_DEBLOBBER_REMOVE_IPA" = true ]; then optionsNo+=("IPA" "RMNET_IPA"); fi;
+	optionsNo+=("WIREGUARD"); #Requires root access, which we do not provide
 	for option in "${optionsNo[@]}"
 	do
 		sed -i 's/'"CONFIG_$option"'=y/# '"CONFIG_$option"' is not set/' $defconfigPath &>/dev/null || true;

Scripts/LineageOS-15.1/Functions.sh

@@ -115,7 +115,8 @@ export -f buildAll;
 patchWorkspace() {
 	if [ "$DOS_MALWARE_SCAN_ENABLED" = true ]; then scanForMalware false "$DOS_PREBUILT_APPS $DOS_BUILD_BASE/build $DOS_BUILD_BASE/device $DOS_BUILD_BASE/vendor/lineage"; fi;
 
-	#source build/envsetup.sh;
+	source build/envsetup.sh;
+	repopick -it tzdb2020f_O;
 
 	export DOS_GRAPHENE_MALLOC=false; #patches apply, compile fails
 

Scripts/LineageOS-16.0/Functions.sh

@@ -136,6 +136,7 @@ patchWorkspace() {
 	repopick -it hh-p-sepolicy;
 	repopick -i 232948; #wahoo: liblight: close fd
 	#repopick -it pie-firewall;
+	repopick -it tzdb2020f_P;
 
 	source "$DOS_SCRIPTS/Patch.sh";
 	source "$DOS_SCRIPTS_COMMON/Copy_Keys.sh";

Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_essential_msm8998.sh

@@ -96,6 +96,5 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11608/^5.6.1/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-12352/ANY/0011.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-14386/3.10-^4.4/0002.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-16119/^5.10/0002.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3178/4.4/0004.patch
-editKernelLocalversion "-dos.p97"
+editKernelLocalversion "-dos.p96"
 cd "$DOS_BUILD_BASE"

Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_oppo_msm8974.sh

@@ -46,6 +46,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6480/^4.7/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6672/ANY/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-7117/^4.5.2/0002.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8404/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-10142/ANY/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-10318/^4.7.4/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0005.patch
@@ -140,5 +141,5 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-28974/^5.10/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-29371/^5.9/0002.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3178/^5.11/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19051/^5.3.11/0001.patch
-editKernelLocalversion "-dos.p140"
+editKernelLocalversion "-dos.p141"
 cd "$DOS_BUILD_BASE"