More cleanup

Manifests/Manifest_LAOS-14.1.xml

@@ -63,12 +63,6 @@
 
 <!-- START OF ADDITIONAL REPOS -->
 	<!--<project path="external/swiftshader" name="google/swiftshader" remote="github" revision="master" />-->
-
-	<!-- F-Droid -->
-	<remote name="fdroid" fetch="https://gitlab.com/fdroid/" />
-
-	<!-- GrapheneOS
-	<project path="external/hardened_malloc" name="GrapheneOS/hardened_malloc" remote="github" revision="master" />-->
 <!-- END OF ADDITIONAL REPOS -->
 
 <!-- START OF DEVICE REPOS -->

Manifests/Manifest_LAOS-15.1.xml

@@ -67,18 +67,6 @@
 	<project path="external/swiftshader" name="google/swiftshader" remote="github" revision="master" />-->
 <!-- END OF BRANCH SWITCHING -->
 
-<!-- START OF ADDITIONAL REPOS -->
-	<!-- Backup
-	<remote name="stevesoltys-github" fetch="https://github.com/stevesoltys/" revision="refs/heads/master" />
-	<project path="packages/apps/Backup" name="backup" remote="stevesoltys-github" /> -->
-
-	<!-- F-Droid -->
-	<remote name="fdroid" fetch="https://gitlab.com/fdroid/" />
-
-	<!-- GrapheneOS
-	<project path="external/hardened_malloc" name="GrapheneOS/hardened_malloc" remote="github" revision="master" />-->
-<!-- END OF ADDITIONAL REPOS -->
-
 <!-- START OF DEVICE REPOS -->
 	<!-- Common -->
 	<project path="packages/resources/devicesettings" name="LineageOS/android_packages_resources_devicesettings" remote="github" />

Manifests/Manifest_LAOS-16.0.xml

@@ -66,21 +66,11 @@
 <!-- START OF BRANCH SWITCHING -->
 	<!--<remove-project name="platform/external/swiftshader" />
 	<project path="external/swiftshader" name="google/swiftshader" remote="github" revision="master" />-->
-
-	<!--<remove-project name="LineageOS/android_bootable_recovery" />
-	<project path="bootable/recovery" name="platform/bootable/recovery" groups="pdk" remote="aosp" />-->
 <!-- END OF BRANCH SWITCHING -->
 
 <!-- START OF ADDITIONAL REPOS -->
 	<project path="external/svox" name="platform/external/svox" groups="pdk" remote="aosp" revision="master" />
-	<project path="prebuilts/gcc/linux-x86/arm/arm-eabi-4.8" name="platform/prebuilts/gcc/linux-x86/arm/arm-eabi-4.8" groups="pdk,linux,arm" clone-depth="1" remote="aosp" revision="refs/tags/android-8.1.0_r52" />
-
-	<!-- Backup
-	<remote name="stevesoltys-github" fetch="https://github.com/stevesoltys/" revision="refs/heads/master" />
-	<project path="packages/apps/Backup" name="backup" remote="stevesoltys-github" /> -->
-
-	<!-- F-Droid -->
-	<remote name="fdroid" fetch="https://gitlab.com/fdroid/" />
+	<project path="prebuilts/gcc/linux-x86/arm/arm-eabi-4.8" name="platform/prebuilts/gcc/linux-x86/arm/arm-eabi-4.8" groups="pdk,linux,arm" clone-depth="1" remote="aosp" revision="refs/tags/android-8.1.0_r81" />
 
 	<!-- GrapheneOS -->
 	<project path="external/hardened_malloc" name="GrapheneOS/hardened_malloc" remote="github" revision="464bfd4d829927f19fd5d2729a101ee241319d1e" />

Manifests/Manifest_LAOS-17.1.xml

@@ -64,21 +64,11 @@
 <!-- START OF BRANCH SWITCHING -->
 	<!--<remove-project name="platform/external/swiftshader" />
 	<project path="external/swiftshader" name="google/swiftshader" remote="github" revision="master" />-->
-
-	<!--<remove-project name="LineageOS/android_bootable_recovery" />
-	<project path="bootable/recovery" name="platform/bootable/recovery" groups="pdk" remote="aosp" />-->
 <!-- END OF BRANCH SWITCHING -->
 
 <!-- START OF ADDITIONAL REPOS -->
 	<project path="external/svox" name="platform/external/svox" groups="pdk" remote="aosp" revision="master" />
-	<project path="prebuilts/gcc/linux-x86/arm/arm-eabi-4.8" name="platform/prebuilts/gcc/linux-x86/arm/arm-eabi-4.8" groups="pdk,linux,arm" clone-depth="1" remote="aosp" revision="refs/tags/android-8.1.0_r52" />
-
-	<!-- Backup
-	<remote name="stevesoltys-github" fetch="https://github.com/stevesoltys/" revision="refs/heads/master" />
-	<project path="packages/apps/Backup" name="backup" remote="stevesoltys-github" /> -->
-
-	<!-- F-Droid -->
-	<remote name="fdroid" fetch="https://gitlab.com/fdroid/" />
+	<project path="prebuilts/gcc/linux-x86/arm/arm-eabi-4.8" name="platform/prebuilts/gcc/linux-x86/arm/arm-eabi-4.8" groups="pdk,linux,arm" clone-depth="1" remote="aosp" revision="refs/tags/android-8.1.0_r81" />
 
 	<!-- GrapheneOS -->
 	<project path="external/hardened_malloc" name="GrapheneOS/hardened_malloc" remote="github" revision="526ccd915180ae9d0464f4e92c1c485c2ec91dec" />
@@ -90,7 +80,7 @@
 	<project path="external/bson" name="LineageOS/android_external_bson" remote="github" />
 	<project path="external/sony/boringssl-compat" name="LineageOS/android_external_sony_boringssl-compat" remote="github" />
 	<project path="hardware/sony/thermanager" name="LineageOS/android_hardware_sony_thermanager" remote="github" />
-	<!--<project path="hardware/sony/timekeep" name="LineageOS/android_hardware_sony_timekeep" remote="github" />-->
+	<project path="hardware/sony/timekeep" name="LineageOS/android_hardware_sony_timekeep" remote="github" />
 
 	<!-- Essential PH-1 (mata) -->
 	<project path="device/essential/mata" name="LineageOS/android_device_essential_mata" remote="github" />

Patches/LineageOS-14.1/android_bionic/0001-HM-Use_HM.patch

@@ -1,129 +0,0 @@
-From f6ce62a62d47d3f8469ef6aa4749e07e644de5d0 Mon Sep 17 00:00:00 2001
-From: Daniel Micay <danielmicay@gmail.com>
-Date: Wed, 5 Dec 2018 01:51:56 -0500
-Subject: [PATCH] add hardened_malloc library
-
----
- libc/Android.bp               | 48 ++++++++++++++++++++++++++++-------
- libc/bionic/malloc_common.cpp |  5 ++++
- 2 files changed, 44 insertions(+), 9 deletions(-)
-
-diff --git a/libc/Android.bp b/libc/Android.bp
-index c92acf70b..877ff7f4f 100644
---- a/libc/Android.bp
-+++ b/libc/Android.bp
-@@ -83,6 +83,8 @@ cc_defaults {
-         "-Werror=int-to-pointer-cast",
-         "-Werror=type-limits",
-         "-Werror",
-+
-+        "-DH_MALLOC_PREFIX",
-     ],
-     // TODO: split out the asflags.
-     asflags: [
-@@ -96,10 +98,21 @@ cc_defaults {
-         "-Werror=int-to-pointer-cast",
-         "-Werror=type-limits",
-         "-Werror",
-+
-+        "-DH_MALLOC_PREFIX",
-     ],
-     conlyflags: ["-std=gnu99"],
-     cppflags: [],
--    include_dirs: ["external/jemalloc/include"],
-+    include_dirs: [],
-+
-+    multilib: {
-+        lib32: {
-+            include_dirs: ["external/jemalloc/include"],
-+        },
-+        lib64: {
-+            include_dirs: ["external/hardened_malloc/"],
-+        },
-+    },
- 
-     arch: {
-         // Clang/llvm has incompatible long double (fp128) for x86_64.
-@@ -1601,11 +1614,6 @@ cc_library_static {
-     name: "libc_ndk",
-     defaults: ["libc_defaults"],
-     srcs: libc_common_src_files + ["bionic/malloc_common.cpp"],
--    multilib: {
--        lib32: {
--            srcs: libc_common_src_files_32,
--        },
--    },
-     arch: {
-         arm: {
-             srcs: [
-@@ -1635,8 +1643,17 @@ cc_library_static {
-         "libc_syscalls",
-         "libc_tzcode",
-         "libm",
--        "libjemalloc",
-     ],
-+
-+    multilib: {
-+        lib32: {
-+            srcs: libc_common_src_files_32,
-+            whole_static_libs: ["libjemalloc"],
-+        },
-+        lib64: {
-+            whole_static_libs: ["libhardened_malloc"],
-+        },
-+    },
- }
- 
- // ========================================================
-@@ -1714,7 +1731,11 @@ cc_library_static {
- // ========================================================
- cc_library_static {
-     defaults: ["libc_defaults"],
--    srcs: ["bionic/jemalloc_wrapper.cpp"],
-+    multilib: {
-+        lib32: {
-+            srcs: ["bionic/jemalloc_wrapper.cpp"],
-+        },
-+    },
-     cflags: ["-fvisibility=hidden"],
- 
-     name: "libc_malloc",
-@@ -1765,7 +1786,16 @@ cc_library {
-     // you wanted!
- 
-     shared_libs: ["libdl"],
--    whole_static_libs: ["libc_common", "libjemalloc"],
-+    whole_static_libs: ["libc_common"],
-+
-+    multilib: {
-+        lib32: {
-+            whole_static_libs: ["libjemalloc"],
-+        },
-+        lib64: {
-+            whole_static_libs: ["libhardened_malloc"],
-+        },
-+    },
- 
-     // We'd really like to do this for all architectures, but since this wasn't done
-     // before, these symbols must continue to be exported on LP32 for binary
-diff --git a/libc/bionic/malloc_common.cpp b/libc/bionic/malloc_common.cpp
-index e05061917..af544f3e1 100644
---- a/libc/bionic/malloc_common.cpp
-+++ b/libc/bionic/malloc_common.cpp
-@@ -46,8 +46,13 @@
- #include <private/bionic_globals.h>
- #include <private/bionic_malloc_dispatch.h>
- 
-+#ifdef __LP64__
-+#include "h_malloc.h"
-+#define Malloc(function)  h_ ## function
-+#else
- #include "jemalloc.h"
- #define Malloc(function)  je_ ## function
-+#endif
- 
- static constexpr MallocDispatch __libc_malloc_default_dispatch
-   __attribute__((unused)) = {
--- 
-2.20.1
-

Patches/LineageOS-14.1/android_frameworks_av/0001-HM-No_RLIMIT_AS.patch

@@ -1,36 +0,0 @@
-From 0896379253e9f87f6bdf19147068b800d0a7ef76 Mon Sep 17 00:00:00 2001
-From: Daniel Micay <danielmicay@gmail.com>
-Date: Wed, 5 Dec 2018 09:29:25 -0500
-Subject: [PATCH] avoid setting RLIMIT_AS with hardened malloc
-
-This needs to be ported to a better mechanism like memory control groups
-in order to remain compatible with hardening mechanisms based on large
-PROT_NONE address space reservations.
-
-Change-Id: Ibfb7164d764fcb9244055953bedc9a1c424cedcb
----
- media/libmedia/MediaUtils.cpp | 8 ++++++++
- 1 file changed, 8 insertions(+)
-
-diff --git a/media/libmedia/MediaUtils.cpp b/media/libmedia/MediaUtils.cpp
-index a02ca65a7..bb93e3d27 100644
---- a/media/libmedia/MediaUtils.cpp
-+++ b/media/libmedia/MediaUtils.cpp
-@@ -31,6 +31,14 @@ void limitProcessMemory(
-     size_t numberOfBytes,
-     size_t percentageOfTotalMem) {
- 
-+#ifdef __LP64__
-+    // This needs to be ported to a better mechanism like memory control groups
-+    // in order to remain compatible with hardening mechanisms based on large
-+    // PROT_NONE address space reservations.
-+    ALOGW("Running with hardened malloc implementation, skip enforcing memory limitations.");
-+    return;
-+#endif
-+
-     long pageSize = sysconf(_SC_PAGESIZE);
-     long numPages = sysconf(_SC_PHYS_PAGES);
-     size_t maxMem = SIZE_MAX;
--- 
-2.20.1
-

Patches/LineageOS-15.1/android_bionic/0001-HM-Use_HM.patch

@@ -1,126 +0,0 @@
-From 2fbd005f1c87938133f94b574b96caa5dbd8f3fd Mon Sep 17 00:00:00 2001
-From: Daniel Micay <danielmicay@gmail.com>
-Date: Wed, 5 Dec 2018 01:51:56 -0500
-Subject: [PATCH] add hardened_malloc library
-
----
- libc/Android.bp               | 45 ++++++++++++++++++++++++++++-------
- libc/bionic/malloc_common.cpp |  5 ++++
- 2 files changed, 41 insertions(+), 9 deletions(-)
-
-diff --git a/libc/Android.bp b/libc/Android.bp
-index c339b0451..6b3066e07 100644
---- a/libc/Android.bp
-+++ b/libc/Android.bp
-@@ -48,6 +48,8 @@ libc_common_flags = [
-     "-Werror=int-to-pointer-cast",
-     "-Werror=type-limits",
-     "-Werror",
-+
-+    "-DH_MALLOC_PREFIX",
- ]
- 
- // Define some common cflags
-@@ -61,9 +63,17 @@ cc_defaults {
-     cppflags: [],
-     include_dirs: [
-         "bionic/libc/async_safe/include",
--        "external/jemalloc/include",
-     ],
- 
-+    multilib: {
-+        lib32: {
-+            include_dirs: ["external/jemalloc/include"],
-+        },
-+        lib64: {
-+            include_dirs: ["external/hardened_malloc/"],
-+        },
-+    },
-+
-     stl: "none",
-     system_shared_libs: [],
-     sanitize: {
-@@ -1641,11 +1651,6 @@ cc_library_static {
-     name: "libc_ndk",
-     defaults: ["libc_defaults"],
-     srcs: libc_common_src_files + ["bionic/malloc_common.cpp"],
--    multilib: {
--        lib32: {
--            srcs: libc_common_src_files_32,
--        },
--    },
-     arch: {
-         arm: {
-             srcs: [
-@@ -1676,9 +1681,18 @@ cc_library_static {
-         "libc_syscalls",
-         "libc_tzcode",
-         "libm",
--        "libjemalloc",
-         "libstdc++",
-     ],
-+
-+    multilib: {
-+        lib32: {
-+            srcs: libc_common_src_files_32,
-+            whole_static_libs: ["libjemalloc"],
-+        },
-+        lib64: {
-+            whole_static_libs: ["libhardened_malloc"],
-+        },
-+    },
- }
- 
- // ========================================================
-@@ -1755,7 +1769,11 @@ cc_library_static {
- // ========================================================
- cc_library_static {
-     defaults: ["libc_defaults"],
--    srcs: ["bionic/jemalloc_wrapper.cpp"],
-+    multilib: {
-+        lib32: {
-+            srcs: ["bionic/jemalloc_wrapper.cpp"],
-+        },
-+    },
-     cflags: ["-fvisibility=hidden"],
- 
-     name: "libc_malloc",
-@@ -1814,7 +1832,16 @@ cc_library {
-     // you wanted!
- 
-     shared_libs: ["libdl"],
--    whole_static_libs: ["libc_common", "libjemalloc"],
-+    whole_static_libs: ["libc_common"],
-+
-+    multilib: {
-+        lib32: {
-+            whole_static_libs: ["libjemalloc"],
-+        },
-+        lib64: {
-+            whole_static_libs: ["libhardened_malloc"],
-+        },
-+    },
- 
-     nocrt: true,
- 
-diff --git a/libc/bionic/malloc_common.cpp b/libc/bionic/malloc_common.cpp
-index 1f201d1ca..06f85b40d 100644
---- a/libc/bionic/malloc_common.cpp
-+++ b/libc/bionic/malloc_common.cpp
-@@ -46,8 +46,13 @@
- #include <private/bionic_globals.h>
- #include <private/bionic_malloc_dispatch.h>
- 
-+#ifdef __LP64__
-+#include "h_malloc.h"
-+#define Malloc(function)  h_ ## function
-+#else
- #include "jemalloc.h"
- #define Malloc(function)  je_ ## function
-+#endif
- 
- static constexpr MallocDispatch __libc_malloc_default_dispatch
-   __attribute__((unused)) = {
--- 
-2.20.1
-

Scripts/LineageOS-14.1/Functions.sh

@@ -97,8 +97,6 @@ patchWorkspace() {
 	repopick -it n_asb_09-2018-qcom; #TODO: move in tree
 	#repopick -it bt-sbc-hd-dualchannel-nougat;
 
-	export DOS_GRAPHENE_MALLOC=false; #patches apply, compile fails
-
 	source "$DOS_SCRIPTS/Patch.sh";
 	source "$DOS_SCRIPTS_COMMON/Copy_Keys.sh";
 	source "$DOS_SCRIPTS/Defaults.sh";

Scripts/LineageOS-14.1/Patch.sh

@@ -59,9 +59,6 @@ gpgVerifyDirectory "$DOS_PREBUILT_APPS""android_vendor_FDroid_PrebuiltApps/packa
 cp -r "$DOS_PREBUILT_APPS""android_vendor_FDroid_PrebuiltApps/." "$DOS_BUILD_BASE""vendor/fdroid_prebuilt/"; #Add the prebuilt apps
 cp -r "$DOS_PATCHES_COMMON""android_vendor_divested/." "$DOS_BUILD_BASE""vendor/divested/"; #Add our vendor files
 
-enterAndClear "bionic";
-if [ "$DOS_GRAPHENE_MALLOC" = true ]; then patch -p1 < "$DOS_PATCHES/android_bionic/0001-HM-Use_HM.patch"; fi; #(GrapheneOS)
-
 enterAndClear "bootable/recovery";
 git revert --no-edit 3c0d796b79c7a1ee904e0cef7c0f2e20bf84c237; #remove sideload cache, breaks with large files
 patch -p1 < "$DOS_PATCHES/android_bootable_recovery/0001-Squash_Menus.patch"; #What's a back button?
@@ -84,7 +81,6 @@ patch -p1 < "$DOS_PATCHES/android_external_sqlite/0001-Secure_Delete.patch"; #En
 
 enterAndClear "frameworks/av";
 patch -p1 < "$DOS_PATCHES/android_frameworks_av/212799.patch"; #FLAC extractor CVE-2017-0592. alt: 212827/174106
-if [ "$DOS_GRAPHENE_MALLOC" = true ]; then patch -p1 < "$DOS_PATCHES/android_frameworks_av/0001-HM-No_RLIMIT_AS.patch"; fi; #(GrapheneOS)
 
 enterAndClear "frameworks/base";
 hardenLocationFWB "$DOS_BUILD_BASE";
@@ -204,7 +200,6 @@ sed -i 's/!= 2048/< 2048/' libmincrypt/tools/DumpPublicKey.java; #Allow 4096-bit
 if [ "$DOS_HOSTS_BLOCKING" = true ]; then cat "$DOS_HOSTS_FILE" >> rootdir/etc/hosts; fi; #Merge in our HOSTS file
 git revert --no-edit 0217dddeb5c16903c13ff6c75213619b79ea622b d7aa1231b6a0631f506c0c23816f2cd81645b15f; #Always update recovery XXX: This doesn't seem to work
 patch -p1 < "$DOS_PATCHES/android_system_core/0001-Harden.patch"; #Harden mounts with nodev/noexec/nosuid + misc sysfs changes (GrapheneOS)
-if [ "$DOS_GRAPHENE_MALLOC" = true ]; then patch -p1 < "$DOS_PATCHES_COMMON/android_system_core/0001-HM-Increase_vm_mmc.patch"; fi; #(GrapheneOS)
 
 enterAndClear "system/sepolicy";
 patch -p1 < "$DOS_PATCHES/android_system_sepolicy/248600.patch"; #restrict access to timing information in /proc

Scripts/LineageOS-15.1/Functions.sh

@@ -91,8 +91,6 @@ patchWorkspace() {
 
 	#source build/envsetup.sh;
 
-	export DOS_GRAPHENE_MALLOC=false; #patches apply, compile fails
-
 	source "$DOS_SCRIPTS/Patch.sh";
 	source "$DOS_SCRIPTS_COMMON/Copy_Keys.sh";
 	source "$DOS_SCRIPTS/Defaults.sh";

Scripts/LineageOS-15.1/Patch.sh

@@ -56,9 +56,6 @@ gpgVerifyDirectory "$DOS_PREBUILT_APPS""android_vendor_FDroid_PrebuiltApps/packa
 cp -r "$DOS_PREBUILT_APPS""android_vendor_FDroid_PrebuiltApps/." "$DOS_BUILD_BASE""vendor/fdroid_prebuilt/"; #Add the prebuilt apps
 cp -r "$DOS_PATCHES_COMMON""android_vendor_divested/." "$DOS_BUILD_BASE""vendor/divested/"; #Add our vendor files
 
-enterAndClear "bionic";
-if [ "$DOS_GRAPHENE_MALLOC" = true ]; then patch -p1 < "$DOS_PATCHES/android_bionic/0001-HM-Use_HM.patch"; fi; #(GrapheneOS)
-
 enterAndClear "bootable/recovery";
 git revert --no-edit eb98fde70a6e54a25408eb8c626caecf7841c5df; #remove sideload cache, breaks with large files
 git revert --no-edit ac258a4f4c4b4b91640cc477ad1ac125f206db02; #Resurrect dm-verity
@@ -84,9 +81,6 @@ git pull "https://github.com/LineageOS/android_external_chromium-webview" refs/c
 enterAndClear "external/svox";
 git revert --no-edit 1419d63b4889a26d22443fd8df1f9073bf229d3d; #Add back Makefiles
 
-enterAndClear "frameworks/av";
-if [ "$DOS_GRAPHENE_MALLOC" = true ]; then patch -p1 < "$DOS_PATCHES_COMMON/android_frameworks_av/0001-HM-No_RLIMIT_AS.patch"; fi; #(GrapheneOS)
-
 enterAndClear "frameworks/base";
 hardenLocationFWB "$DOS_BUILD_BASE";
 sed -i 's/DEFAULT_MAX_FILES = 1000;/DEFAULT_MAX_FILES = 0;/' services/core/java/com/android/server/DropBoxManagerService.java; #Disable DropBox
@@ -193,7 +187,6 @@ enterAndClear "system/core";
 if [ "$DOS_HOSTS_BLOCKING" = true ]; then cat "$DOS_HOSTS_FILE" >> rootdir/etc/hosts; fi; #Merge in our HOSTS file
 git revert --no-edit a6a4ce8e9a6d63014047a447c6bb3ac1fa90b3f4; #Always update recovery
 patch -p1 < "$DOS_PATCHES/android_system_core/0001-Harden.patch"; #Harden mounts with nodev/noexec/nosuid + misc sysfs changes (GrapheneOS)
-if [ "$DOS_GRAPHENE_MALLOC" = true ]; then patch -p1 < "$DOS_PATCHES_COMMON/android_system_core/0001-HM-Increase_vm_mmc.patch"; fi; #(GrapheneOS)
 
 enterAndClear "system/sepolicy";
 patch -p1 < "$DOS_PATCHES/android_system_sepolicy/0001-LGE_Fixes.patch"; #Fix -user builds for LGE devices