Churn

Signed-off-by: Tad <tad@spotco.us>

Scripts/Common/Fix_CVE_Patchers.sh

@@ -75,9 +75,9 @@ commentPatches android_kernel_oneplus_msm8994.sh "CVE-2018-3585/3.10/0001.patch"
 commentPatches android_kernel_oneplus_msm8996.sh "CVE-2017-13162/3.18/0001.patch" "CVE-2017-15951" "CVE-2017-16939" "CVE-2018-17972" "CVE-2019-2214" "CVE-2019-14070/ANY/0006.patch" "CVE-2019-16746" "CVE-2020-0427" "CVE-2020-14381" "CVE-2020-16166";
 commentPatches android_kernel_oneplus_msm8998.sh "0008-Graphene-Kernel_Hardening/4.4/0011.patch" "0008-Graphene-Kernel_Hardening/4.4/0012.patch" "0008-Graphene-Kernel_Hardening/4.4/0014.patch" "0008-Graphene-Kernel_Hardening/4.4/0019.patch" "CVE-2019-11599" "CVE-2019-19319" "CVE-2020-0305" "CVE-2020-8992" "CVE-2020-16166";
 commentPatches android_kernel_oneplus_sm7250.sh "CVE-2018-5873" "CVE-2020-1749" "CVE-2021-3444" "CVE-2021-3600" "CVE-2021-30324" "CVE-2021-45469";
-commentPatches android_kernel_oneplus_sm8150.sh "CVE-2019-16746" "CVE-2019-19319" "CVE-2020-0067" "CVE-2020-8992" "CVE-2020-24588/4.14/0018.patch" "CVE-2021-30324" "CVE-2021-45469";
+commentPatches android_kernel_oneplus_sm8150.sh "CVE-2019-16746" "CVE-2019-19319" "CVE-2020-0067" "CVE-2020-8992" "CVE-2020-24588/4.14/0018.patch" "CVE-2021-30324" "CVE-2021-45469" "CVE-2022-1184/^5.18/0001.patch";
 commentPatches android_kernel_oneplus_sm8250.sh "CVE-2018-5873" "CVE-2020-1749" "CVE-2021-3444" "CVE-2021-3600";
-commentPatches android_kernel_oneplus_sm8350.sh "CVE-2018-5873";
+commentPatches android_kernel_oneplus_sm8350.sh "CVE-2018-5873" "CVE-2022-1184/^5.18/0001.patch";
 commentPatches android_kernel_razer_msm8998.sh "0008-Graphene-Kernel_Hardening/4.4/0011.patch" "0008-Graphene-Kernel_Hardening/4.4/0012.patch" "0008-Graphene-Kernel_Hardening/4.4/0014.patch" "0008-Graphene-Kernel_Hardening/4.4/0019.patch" "CVE-2019-14070/ANY/0005.patch" "CVE-2020-16166";
 commentPatches android_kernel_samsung_apq8084.sh "0006-AndroidHardening-Kernel_Hardening/3.10/0009.patch";
 commentPatches android_kernel_samsung_d2.sh "CVE-2021-Misc2/3.4/0055.patch" "CVE-2021-Misc2/3.4/0056.patch";

Scripts/LineageOS-18.1/Patch.sh

@@ -386,7 +386,7 @@ patch -p1 < "$DOS_PATCHES/android_system_sepolicy/0001-LGE_Fixes.patch" --direct
 patch -p1 < "$DOS_PATCHES/android_system_sepolicy/0001-LGE_Fixes.patch" --directory="prebuilts/api/27.0";
 patch -p1 < "$DOS_PATCHES/android_system_sepolicy/0001-LGE_Fixes.patch" --directory="prebuilts/api/26.0";
 awk -i inplace '!/true cannot be used in user builds/' Android.mk; #Allow ignoring neverallows under -user
-awk -i inplace '!/domain=gmscore_app/' private/seapp_contexts prebuilts/api/*/private/seapp_contexts; #Disable unused gmscore_app domain (GrapheneOS)
+if [ "$DOS_MICROG_INCLUDED" != "FULL" ]; then awk -i inplace '!/domain=gmscore_app/' private/seapp_contexts prebuilts/api/*/private/seapp_contexts; fi; #Disable unused gmscore_app domain (GrapheneOS)
 fi;
 
 if enterAndClear "system/update_engine"; then

Scripts/LineageOS-19.1/CVE_Patchers/android_kernel_oneplus_sm8150.sh

@@ -299,7 +299,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-1011/4.14/0002.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-1012/4.14/0010.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-1016/4.14/0002.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-1184/4.14/0004.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-1184/^5.18/0001.patch
+#git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-1184/^5.18/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-1198/4.14/0006.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-1280/^5.13/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-1280/^5.13/0002.patch

Scripts/LineageOS-19.1/CVE_Patchers/android_kernel_oneplus_sm8350.sh

@@ -36,7 +36,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-1048/5.4/0024.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-1116/5.4/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-1158/5.4/0004.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-1184/5.4/0013.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-1184/^5.18/0001.patch
+#git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-1184/^5.18/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-1198/5.4/0005.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-1204/5.4/0026.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-1204/5.4/0027.patch

Scripts/LineageOS-19.1/Functions.sh

@@ -97,7 +97,7 @@ buildAll() {
 	buildDevice alioth avb;
 	#SD888
 	buildDevice lemonade avb;
-	buildDevice lemonadep;
+	buildDevice lemonadep avb;
 	#SD765
 	buildDevice bramble avb;
 	buildDevice redfin avb;
@@ -114,9 +114,7 @@ patchWorkspace() {
 	touch DOS_PATCHED_FLAG;
 	if [ "$DOS_MALWARE_SCAN_ENABLED" = true ]; then scanForMalware false "$DOS_PREBUILT_APPS $DOS_BUILD_BASE/build $DOS_BUILD_BASE/device $DOS_BUILD_BASE/vendor/lineage"; fi;
 
-	source build/envsetup.sh;
-	repopick -i 330448; #tools: Let adb secure check depend on "==0" rather than "!=1"
-	#repopick -it S_asb_2022-07;
+	#source build/envsetup.sh;
 
 	sh "$DOS_SCRIPTS/Patch.sh";
 	sh "$DOS_SCRIPTS_COMMON/Enable_Verity.sh";

Scripts/LineageOS-19.1/Patch.sh

@@ -208,6 +208,10 @@ if enterAndClear "frameworks/opt/net/wifi"; then
 applyPatch "$DOS_PATCHES/android_frameworks_opt_net_wifi/0001-Random_MAC.patch"; #Add support for always generating new random MAC (GrapheneOS)
 fi;
 
+if enterAndClear "hardware/qcom-caf/msm8953/audio"; then
+applyPatch "$DOS_PATCHES/android_hardware_qcom_audio/0001-Unused-8998.patch"; #audio_extn: Fix unused parameter warning in utils.c (codeworkx)
+fi;
+
 if enterAndClear "hardware/qcom-caf/msm8998/audio"; then
 applyPatch "$DOS_PATCHES/android_hardware_qcom_audio/0001-Unused-8998.patch"; #audio_extn: Fix unused parameter warning in utils.c (codeworkx)
 fi;
@@ -366,7 +370,7 @@ if enterAndClear "system/sepolicy"; then
 applyPatch "$DOS_PATCHES/android_system_sepolicy/0002-protected_files.patch"; #Label protected_{fifos,regular} as proc_security (GrapheneOS)
 applyPatch "$DOS_PATCHES/android_system_sepolicy/0003-ptrace_scope-1.patch"; #Allow init to control kernel.yama.ptrace_scope (GrapheneOS)
 applyPatch "$DOS_PATCHES/android_system_sepolicy/0003-ptrace_scope-2.patch"; #Allow system to use persist.native_debug (GrapheneOS)
-awk -i inplace '!/domain=gmscore_app/' private/seapp_contexts prebuilts/api/*/private/seapp_contexts; #Disable unused gmscore_app domain (GrapheneOS)
+if [ "$DOS_MICROG_INCLUDED" != "FULL" ]; then awk -i inplace '!/domain=gmscore_app/' private/seapp_contexts prebuilts/api/*/private/seapp_contexts; fi; #Disable unused gmscore_app domain (GrapheneOS)
 fi;
 
 if enterAndClear "system/update_engine"; then
@@ -422,6 +426,10 @@ sed -i '/PRODUCT_SYSTEM_VERITY_PARTITION/iPRODUCT_VENDOR_VERITY_PARTITION := /de
 awk -i inplace '!/vendor_sensors_dbg_prop/' sepolicy/vendor/hal_camera_default.te; #fixup
 fi;
 
+if enterAndClear "kernel/fairphone/sdm632"; then
+sed -i 's|/../../prebuilts/tools-lineage|/../../../prebuilts/tools-lineage|' lib/Makefile; #fixup typo
+fi;
+
 if enterAndClear "kernel/google/wahoo"; then
 sed -i 's/asm(SET_PSTATE_UAO(1));/asm(SET_PSTATE_UAO(1)); return 0;/' arch/arm64/mm/fault.c; #fix build with CONFIG_ARM64_UAO
 fi;
@@ -449,7 +457,7 @@ enableAutoVarInit || true;
 
 #Fix broken options enabled by hardenDefconfig()
 sed -i "s/CONFIG_PREEMPT_TRACER=n/CONFIG_PREEMPT_TRACER=y/" kernel/fairphone/sdm632/arch/arm64/configs/lineageos_*_defconfig; #Breaks on compile
-echo "CONFIG_DEBUG_FS=y" >> kernel/oneplus/sm8150/arch/arm64/configs/vendor/sm8150-perf_defconfig;
+echo -e "\nCONFIG_DEBUG_FS=y" >> kernel/oneplus/sm8150/arch/arm64/configs/vendor/sm8150-perf_defconfig;
 
 sed -i 's/^YYLTYPE yylloc;/extern YYLTYPE yylloc;/' kernel/*/*/scripts/dtc/dtc-lexer.l*; #Fix builds with GCC 10
 rm -v kernel/*/*/drivers/staging/greybus/tools/Android.mk || true;