mirror of
https://github.com/Divested-Mobile/DivestOS-Build.git
synced 2025-05-02 06:26:20 -04:00
Small updates
- recovery: abort on serial number specific updates, credit: GrapheneOS - Add lists of missing CVEs - Update cherrypicks
This commit is contained in:
Tad
parent
0808ac1fd0
commit
bca6af1516
17 changed files with 155 additions and 22 deletions
|
|
@ -33,7 +33,7 @@ commentPatches android_kernel_asus_grouper.sh "CVE-2017-15868";
|
|||
commentPatches android_kernel_asus_msm8916.sh "CVE-2018-13913/ANY/0001.patch";
|
||||
commentPatches android_kernel_asus_msm8953.sh "CVE-2017-13162/3.18/0001.patch";
|
||||
commentPatches android_kernel_cyanogen_msm8916.sh "CVE-2018-13913/ANY/0001.patch";
|
||||
commentPatches android_kernel_essential_msm8998.sh "0008-Graphene-Kernel_Hardening/4.4/0018.patch" "CVE-2017-13218/4.4/0026.patch" "CVE-2019-14047/ANY/0002.patch";
|
||||
commentPatches android_kernel_essential_msm8998.sh "0008-Graphene-Kernel_Hardening/4.4/0019.patch" "CVE-2017-13218/4.4/0026.patch" "CVE-2019-14047/ANY/0002.patch";
|
||||
commentPatches android_kernel_fxtec_msm8998.sh "CVE-2019-11599" "CVE-2019-16746" "CVE-2019-18282" "CVE-2019-19319" "CVE-2019-ctnl-addr-leak" "CVE-2020-1749" "CVE-2020-8992";
|
||||
commentPatches android_kernel_google_bonito.sh "CVE-2020-0067";
|
||||
commentPatches android_kernel_google_dragon.sh "CVE-2015-4167/^3.19.1/0001.patch";
|
||||
|
|
@ -52,12 +52,12 @@ commentPatches android_kernel_motorola_msm8996.sh "0001-LinuxIncrementals/3.18/3
|
|||
commentPatches android_kernel_nextbit_msm8992.sh "CVE-2018-3585/3.10/0001.patch";
|
||||
commentPatches android_kernel_oneplus_msm8994.sh "CVE-2018-3585/3.10/0001.patch";
|
||||
commentPatches android_kernel_oneplus_msm8996.sh "CVE-2017-13162/3.18/0001.patch" "CVE-2019-14070/ANY/0006.patch";
|
||||
commentPatches android_kernel_oneplus_msm8998.sh "0008-Graphene-Kernel_Hardening/4.4/0010.patch" "0008-Graphene-Kernel_Hardening/4.4/0011.patch" "0008-Graphene-Kernel_Hardening/4.4/0013.patch" "0008-Graphene-Kernel_Hardening/4.4/0018.patch" "CVE-2019-11599";
|
||||
commentPatches android_kernel_oneplus_msm8998.sh "0008-Graphene-Kernel_Hardening/4.4/0011.patch" "0008-Graphene-Kernel_Hardening/4.4/0012.patch" "0008-Graphene-Kernel_Hardening/4.4/0014.patch" "0008-Graphene-Kernel_Hardening/4.4/0019.patch" "CVE-2019-11599";
|
||||
commentPatches android_kernel_oneplus_sm8150.sh "CVE-2019-16746" "CVE-2019-19319" "CVE-2020-0067" "CVE-2020-8992";
|
||||
commentPatches android_kernel_razer_msm8998.sh "0008-Graphene-Kernel_Hardening/4.4/0010.patch" "0008-Graphene-Kernel_Hardening/4.4/0011.patch" "0008-Graphene-Kernel_Hardening/4.4/0013.patch" "CVE-2019-14070/ANY/0005.patch";
|
||||
commentPatches android_kernel_razer_msm8998.sh "0008-Graphene-Kernel_Hardening/4.4/0011.patch" "0008-Graphene-Kernel_Hardening/4.4/0012.patch" "0008-Graphene-Kernel_Hardening/4.4/0014.patch" "CVE-2019-14070/ANY/0005.patch";
|
||||
commentPatches android_kernel_samsung_smdk4412.sh "CVE-2016-8463/ANY/0001.patch";
|
||||
commentPatches android_kernel_samsung_universal8890.sh "CVE-2016-7917" "CVE-2018-1092" "CVE-2018-17972";
|
||||
commentPatches android_kernel_samsung_universal9810.sh "CVE-2020-1749";
|
||||
commentPatches android_kernel_yandex_sdm660.sh "CVE-2019-11599" "CVE-2019-14070/ANY/0005.patch" "CVE-2019-19319" "CVE-2020-1749" "CVE-2020-8992";
|
||||
commentPatches android_kernel_zte_msm8930.sh "CVE-2015-2922/^3.19.6/0001.patch" "CVE-2017-11015/prima";
|
||||
commentPatches android_kernel_zuk_msm8996.sh "0008-Graphene-Kernel_Hardening/4.4/0010.patch" "0008-Graphene-Kernel_Hardening/4.4/0011.patch" "0008-Graphene-Kernel_Hardening/4.4/0013.patch" "CVE-2019-19319" "CVE-2020-1749" "CVE-2020-8992";
|
||||
commentPatches android_kernel_zuk_msm8996.sh "0008-Graphene-Kernel_Hardening/4.4/0011.patch" "0008-Graphene-Kernel_Hardening/4.4/0012.patch" "0008-Graphene-Kernel_Hardening/4.4/0014.patch" "CVE-2019-19319" "CVE-2020-1749" "CVE-2020-8992";
|
||||
|
|
|
|||
|
|
@ -141,8 +141,8 @@ audit2allowADB() {
|
|||
export -f audit2allowADB;
|
||||
|
||||
processRelease() {
|
||||
#Credit: GrapheneOS
|
||||
#https://github.com/GrapheneOS/script/blob/pie/release.sh
|
||||
#Partial Credit: GrapheneOS
|
||||
#https://github.com/GrapheneOS/script/blob/10/release.sh
|
||||
local DEVICE="$1";
|
||||
local BLOCK="$2";
|
||||
local VERITY="$3";
|
||||
|
|
@ -166,6 +166,7 @@ processRelease() {
|
|||
--replace_verity_keyid "$KEY_DIR/verity.x509.pem");
|
||||
echo -e "\e[0;32m\t+ Verified Boot 1.0\e[0m";
|
||||
elif [[ "$VERITY" == "avb" ]]; then
|
||||
#TODO: Verify if both SHA512 and RSA4096 is always supported
|
||||
local VERITY_SWITCHES=(--avb_vbmeta_key "$KEY_DIR/avb.pem" \
|
||||
--avb_vbmeta_algorithm SHA512_RSA4096 \
|
||||
--avb_system_key "$KEY_DIR/avb.pem" \
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue