mirror of
https://github.com/Divested-Mobile/DivestOS-Build.git
synced 2024-12-25 23:49:32 -05:00
Minor tweaks
- Cherry pick PPP/CVE-2020-8597 patches - Add some more DNS providers - Switch default DNS to Cloudflare's new malware blocking provider - GCC 10 build fix - Update CVE patchers (select)
This commit is contained in:
parent
d7ef9abf61
commit
c26b3e95c7
@ -1 +1 @@
|
||||
Subproject commit e228ea60cc28d624a4de3b378377a4313098a78f
|
||||
Subproject commit 7a9c4afb7c2de10b84e89421ca96a0b27f2fd165
|
@ -1 +1 @@
|
||||
Subproject commit 93702842d86914e6917ae7665c8a932db023710a
|
||||
Subproject commit 560bcf83f466b8841cb5456ba38ada91bdec65e1
|
@ -464,7 +464,17 @@ changeDefaultDNS() {
|
||||
local dnsSecondary="";
|
||||
local dnsSecondaryV6="";
|
||||
if [ -z "$DNS_PRESET" ]; then
|
||||
if [[ "$DOS_DEFAULT_DNS_PRESET" == "CensurfriDNS" ]]; then #https://uncensoreddns.org
|
||||
if [[ "$DOS_DEFAULT_DNS_PRESET" == "AdGuard" ]]; then #https://adguard.com/en/adguard-dns/overview.html
|
||||
dnsPrimary="176.103.130.130";
|
||||
dnsPrimaryV6="2a00:5a60::ad1:0ff";
|
||||
dnsSecondary="176.103.130.131";
|
||||
dnsSecondaryV6="2a00:5a60::ad2:0ff";
|
||||
elif [[ "$DOS_DEFAULT_DNS_PRESET" == "AdGuard-NOBL" ]]; then #https://adguard.com/en/adguard-dns/overview.html
|
||||
dnsPrimary="176.103.130.136";
|
||||
dnsPrimaryV6="2a00:5a60::01:ff";
|
||||
dnsSecondary="176.103.130.137";
|
||||
dnsSecondaryV6="2a00:5a60::02:ff";
|
||||
elif [[ "$DOS_DEFAULT_DNS_PRESET" == "CensurfriDNS" ]]; then #https://uncensoreddns.org
|
||||
dnsPrimary="91.239.100.100";
|
||||
dnsPrimaryV6="2001:67c:28a4::";
|
||||
dnsSecondary="89.233.43.71";
|
||||
@ -474,6 +484,11 @@ changeDefaultDNS() {
|
||||
dnsPrimaryV6="2606:4700:4700::1001";
|
||||
dnsSecondary="1.1.1.1";
|
||||
dnsSecondaryV6="2606:4700:4700::1111";
|
||||
elif [[ "$DOS_DEFAULT_DNS_PRESET" == "Cloudflare-BL" ]]; then #https://developers.cloudflare.com/1.1.1.1/commitment-to-privacy/privacy-policy/privacy-policy
|
||||
dnsPrimary="1.0.0.2";
|
||||
dnsPrimaryV6="2606:4700:4700::1002";
|
||||
dnsSecondary="1.1.1.2";
|
||||
dnsSecondaryV6="2606:4700:4700::1112";
|
||||
elif [[ "$DOS_DEFAULT_DNS_PRESET" == "OpenNIC" ]]; then #https://servers.opennicproject.org/edit.php?srv=ns3.any.dns.opennic.glue
|
||||
dnsPrimary="169.239.202.202"; #FIXME
|
||||
dnsPrimaryV6="2a05:dfc7:5353::53";
|
||||
@ -499,6 +514,11 @@ changeDefaultDNS() {
|
||||
dnsPrimaryV6="2610:a1:1018::5";
|
||||
dnsSecondary="156.154.71.5";
|
||||
dnsSecondaryV6="2610:a1:1019::5";
|
||||
elif [[ "$DOS_DEFAULT_DNS_PRESET" == "NixNet" ]]; then #https://docs.nixnet.services/DNS
|
||||
dnsPrimary="198.251.90.114";
|
||||
dnsPrimaryV6="2605:6400:20:e6d::1";
|
||||
dnsSecondary="198.251.90.114";
|
||||
dnsSecondaryV6="2605:6400:30:f881::1";
|
||||
elif [[ "$DOS_DEFAULT_DNS_PRESET" == "OpenDNS" ]]; then #https://www.cisco.com/c/en/us/about/legal/privacy-full.html
|
||||
dnsPrimary="208.67.222.222";
|
||||
dnsPrimaryV6="2620:0:ccc::2";
|
||||
|
@ -332,6 +332,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2101/ANY/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2331/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-3459/^5.1/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-8912/^4.20.11/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-9383/^5.5.6/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/LVT-2017-0003/3.10/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6693/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6696/ANY/0001.patch
|
||||
@ -339,5 +340,5 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000111/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-15845/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8281/3.10/0003.patch
|
||||
editKernelLocalversion "-dos.p339"
|
||||
editKernelLocalversion "-dos.p340"
|
||||
cd "$DOS_BUILD_BASE"
|
||||
|
@ -121,7 +121,6 @@ patchWorkspace() {
|
||||
repopick -it n-netd;
|
||||
repopick -i 268803 268804; #sqlite vulns
|
||||
repopick -it n-asb-2020-03;
|
||||
repopick -it CVE-2020-8597_cm-14.1;
|
||||
|
||||
export DOS_GRAPHENE_MALLOC=false; #patches apply, compile fails
|
||||
|
||||
|
@ -75,6 +75,10 @@ enterAndClear "device/qcom/sepolicy";
|
||||
patch -p1 < "$DOS_PATCHES/android_device_qcom_sepolicy/248649.patch"; #msm_irqbalance: Allow read for stats and interrupts
|
||||
patch -p1 < "$DOS_PATCHES/android_device_qcom_sepolicy/0001-Camera_Fix.patch"; #Fix camera on user builds XXX: REMOVE THIS TRASH
|
||||
|
||||
enterAndClear "external/ppp";
|
||||
git fetch "https://github.com/LineageOS/android_external_ppp" refs/changes/64/270364/1 && git cherry-pick FETCH_HEAD; #CVE-2020-8597_cm-14.1
|
||||
git fetch "https://github.com/LineageOS/android_external_ppp" refs/changes/65/270365/1 && git cherry-pick FETCH_HEAD;
|
||||
|
||||
enterAndClear "external/sqlite";
|
||||
patch -p1 < "$DOS_PATCHES/android_external_sqlite/0001-Secure_Delete.patch"; #Enable secure_delete by default (CopperheadOS-13.0)
|
||||
|
||||
@ -306,6 +310,8 @@ sed -i "s/CONFIG_ARM_SMMU=y/# CONFIG_ARM_SMMU is not set/" kernel/motorola/msm89
|
||||
awk -i inplace '!/nfc_enhanced.mk/' device/samsung/toro*/lineage.mk;
|
||||
awk -i inplace '!/TARGET_RECOVERY_UPDATER_LIBS/' device/samsung/toro*/BoardConfig.mk;
|
||||
awk -i inplace '!/TARGET_RELEASETOOLS_EXTENSIONS/' device/samsung/toro*/BoardConfig.mk;
|
||||
|
||||
sed -i 's/YYLTYPE yylloc;/extern YYLTYPE yylloc;/' kernel/*/*/scripts/dtc/dtc-lexer.l*; #Fix builds with GCC 10
|
||||
#
|
||||
#END OF DEVICE CHANGES
|
||||
#
|
||||
|
@ -104,8 +104,7 @@ export -f buildAll;
|
||||
patchWorkspace() {
|
||||
if [ "$DOS_MALWARE_SCAN_ENABLED" = true ]; then scanForMalware false "$DOS_PREBUILT_APPS $DOS_BUILD_BASE/build $DOS_BUILD_BASE/device $DOS_BUILD_BASE/vendor/lineage"; fi;
|
||||
|
||||
source build/envsetup.sh;
|
||||
repopick -it CVE-2020-8597_lineage-15.1;
|
||||
#source build/envsetup.sh;
|
||||
|
||||
export DOS_GRAPHENE_MALLOC=false; #patches apply, compile fails
|
||||
|
||||
|
@ -81,6 +81,10 @@ git revert --no-edit c9b0d95630b82cd0ad1a0fc633c6d59c2cb8aad7 37422f7df389f3ae5a
|
||||
enterAndClear "device/qcom/sepolicy";
|
||||
patch -p1 < "$DOS_PATCHES/android_device_qcom_sepolicy/0001-Camera_Fix.patch"; #Fix camera on -user builds XXX: REMOVE THIS TRASH
|
||||
|
||||
enterAndClear "external/ppp";
|
||||
git fetch "https://github.com/LineageOS/android_external_ppp" refs/changes/62/270362/1 && git cherry-pick FETCH_HEAD; #CVE-2020-8597_lineage-15.1
|
||||
git fetch "https://github.com/LineageOS/android_external_ppp" refs/changes/63/270363/1 && git cherry-pick FETCH_HEAD;
|
||||
|
||||
enterAndClear "external/svox";
|
||||
git revert --no-edit 1419d63b4889a26d22443fd8df1f9073bf229d3d; #Add back Makefiles
|
||||
|
||||
@ -266,6 +270,8 @@ sed -i "s/CONFIG_STRICT_MEMORY_RWX=y/# CONFIG_STRICT_MEMORY_RWX is not set/" ker
|
||||
sed -i "s/CONFIG_DEBUG_RODATA=y/# CONFIG_DEBUG_RODATA is not set/" kernel/motorola/msm8974/arch/arm/configs/lineageos_*_defconfig; #Breaks on compile
|
||||
sed -i "s/CONFIG_STRICT_MEMORY_RWX=y/# CONFIG_STRICT_MEMORY_RWX is not set/" kernel/motorola/msm8996/arch/arm64/configs/*_defconfig; #Breaks on compile
|
||||
sed -i "s/CONFIG_RANDOMIZE_BASE=y/# CONFIG_RANDOMIZE_BASE is not set/" kernel/samsung/universal9810/arch/arm64/configs/*_defconfig; #Breaks on compile
|
||||
|
||||
sed -i 's/YYLTYPE yylloc;/extern YYLTYPE yylloc;/' kernel/*/*/scripts/dtc/dtc-lexer.l*; #Fix builds with GCC 10
|
||||
#
|
||||
#END OF DEVICE CHANGES
|
||||
#
|
||||
|
@ -2,7 +2,6 @@
|
||||
cd "$DOS_BUILD_BASE""kernel/essential/msm8998"
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.10+/0016.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.10+/0020.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0003.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0004.patch
|
||||
@ -18,6 +17,7 @@ git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0013.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0014.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0017.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0018.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7837/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-1583/^4.6.3/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6187/^4.6.5/0001.patch
|
||||
|
@ -163,6 +163,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2290/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-3459/^5.1/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-3460/^5.1/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-8912/^4.20.11/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-9383/^5.5.6/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/Untracked-01/ANY/0002-ozwpan-Use-unsigned-ints-to-prevent-heap-overflow.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/Untracked-01/ANY/0005-tcp-fix-zero-cwnd-in-tcp_cwnd_reduction.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5853/3.18/0002.patch
|
||||
@ -171,5 +172,5 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6696/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0610/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14883/ANY/0001.patch
|
||||
editKernelLocalversion "-dos.p171"
|
||||
editKernelLocalversion "-dos.p172"
|
||||
cd "$DOS_BUILD_BASE"
|
||||
|
@ -115,7 +115,6 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15216/^5.0.14/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15807/^5.1.13/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15926/^5.2.3/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-17052/^5.3.2/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-17133/^5.3.2/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-18806/^5.3.5/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19066/^5.3.11/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19073/^5.3.11/0001.patch
|
||||
@ -126,6 +125,8 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19966/^5.1.6/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20054/^5.0.6/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20096/^5.1/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-8649/^5.5.2/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-9383/^5.5.6/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/LVT-2017-0003/3.10/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/1035495_0001-cnss-Add-NULL-check-for-PM-related-APIs.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/797912_0001-usb-gadget-Fix-synchronization-issue-between-f_audio.patch
|
||||
@ -133,5 +134,5 @@ git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/870057_0001-wcnss-add-null-ch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/kernel.msm.git-9f34c6ebc016cd061ae5ec901221d15fa3d67e49.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2475/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
|
||||
editKernelLocalversion "-dos.p133"
|
||||
editKernelLocalversion "-dos.p134"
|
||||
cd "$DOS_BUILD_BASE"
|
||||
|
@ -112,9 +112,10 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20096/^5.1/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-3459/^5.1/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-7222/^4.20.5/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-8912/^4.20.11/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-9383/^5.5.6/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6693/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6696/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13096/^4.17.3/0001.patch
|
||||
editKernelLocalversion "-dos.p116"
|
||||
editKernelLocalversion "-dos.p117"
|
||||
cd "$DOS_BUILD_BASE"
|
||||
|
@ -1,8 +1,6 @@
|
||||
#!/bin/bash
|
||||
cd "$DOS_BUILD_BASE""kernel/samsung/msm8974"
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc/ANY/0009.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc2/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc2/ANY/0004.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.4/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6544/^3.6/0003.patch
|
||||
@ -76,19 +74,18 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10142/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14040/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15216/^5.0.14/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15807/^5.1.13/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15926/^5.2.3/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-17052/^5.3.2/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-18806/^5.3.5/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19066/^5.3.11/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19073/^5.3.11/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19074/^5.3.11/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19527/^5.2.10/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20054/^5.0.6/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20054/^5.0.6/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20096/^5.1/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-8649/^5.5.2/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-9383/^5.5.6/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/kernel.msm.git-9f34c6ebc016cd061ae5ec901221d15fa3d67e49.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2475/ANY/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
|
||||
editKernelLocalversion "-dos.p90"
|
||||
editKernelLocalversion "-dos.p87"
|
||||
cd "$DOS_BUILD_BASE"
|
||||
|
@ -117,8 +117,7 @@ export -f buildAll;
|
||||
patchWorkspace() {
|
||||
if [ "$DOS_MALWARE_SCAN_ENABLED" = true ]; then scanForMalware false "$DOS_PREBUILT_APPS $DOS_BUILD_BASE/build $DOS_BUILD_BASE/device $DOS_BUILD_BASE/vendor/lineage"; fi;
|
||||
|
||||
source build/envsetup.sh;
|
||||
repopick -it CVE-2020-8597_lineage-16.0;
|
||||
#source build/envsetup.sh;
|
||||
|
||||
source "$DOS_SCRIPTS/Patch.sh";
|
||||
source "$DOS_SCRIPTS/Defaults.sh";
|
||||
|
@ -65,7 +65,7 @@ if [ "$DOS_GRAPHENE_MALLOC" = true ]; then patch -p1 < "$DOS_PATCHES/android_bio
|
||||
|
||||
enterAndClear "bootable/recovery";
|
||||
git revert --no-edit 4d361ff13b5bd61d5a6a5e95063b24b8a37a24ab; #Always enforcing
|
||||
git revert --no-edit 865c6c770816f6e8099d6d93e04aeea35091a9d6; #Remove sideload cache, breaks with large files
|
||||
git revert --no-edit 3f55a863ac34969f95bfb38641747d2fd9939630 865c6c770816f6e8099d6d93e04aeea35091a9d6; #Remove sideload cache, breaks with large files
|
||||
git revert --no-edit 37d729bf; #Fix USB on most devices
|
||||
git revert --no-edit fe2901b144c515c5a90b547198aed37c209b5a82; #Resurrect dm-verity
|
||||
sed -i 's/!= 2048/< 2048/' tools/dumpkey/DumpPublicKey.java; #Allow 4096-bit keys
|
||||
@ -82,6 +82,10 @@ enterAndClear "device/qcom/sepolicy-legacy";
|
||||
patch -p1 < "$DOS_PATCHES/android_device_qcom_sepolicy-legacy/0001-Camera_Fix.patch"; #Fix camera on -user builds XXX: REMOVE THIS TRASH
|
||||
echo "SELINUX_IGNORE_NEVERALLOWS := true" >> sepolicy.mk; #necessary for -user builds of legacy devices
|
||||
|
||||
enterAndClear "external/ppp";
|
||||
git fetch "https://github.com/LineageOS/android_external_ppp" refs/changes/60/270360/1 && git cherry-pick FETCH_HEAD; #CVE-2020-8597_lineage-16.0
|
||||
git fetch "https://github.com/LineageOS/android_external_ppp" refs/changes/61/270361/1 && git cherry-pick FETCH_HEAD;
|
||||
|
||||
enterAndClear "external/svox";
|
||||
git revert --no-edit 1419d63b4889a26d22443fd8df1f9073bf229d3d; #Add back Makefiles
|
||||
sed -i '12iLOCAL_SDK_VERSION := current' pico/Android.mk; #Fix build under Pie
|
||||
@ -314,6 +318,8 @@ sed -i "s/CONFIG_DEBUG_RODATA=y/# CONFIG_DEBUG_RODATA is not set/" kernel/lge/ma
|
||||
sed -i "s/CONFIG_DEBUG_RODATA=y/# CONFIG_DEBUG_RODATA is not set/" kernel/motorola/msm8974/arch/arm/configs/lineageos_*_defconfig; #Breaks on compile
|
||||
sed -i "s/CONFIG_STRICT_MEMORY_RWX=y/# CONFIG_STRICT_MEMORY_RWX is not set/" kernel/motorola/msm8996/arch/arm64/configs/*_defconfig; #Breaks on compile
|
||||
sed -i "s/CONFIG_STRICT_MEMORY_RWX=y/# CONFIG_STRICT_MEMORY_RWX is not set/" kernel/oneplus/msm8996/arch/arm64/configs/lineageos_*_defconfig; #Breaks on compile
|
||||
|
||||
sed -i 's/YYLTYPE yylloc;/extern YYLTYPE yylloc;/' kernel/*/*/scripts/dtc/dtc-lexer.l*; #Fix builds with GCC 10
|
||||
#
|
||||
#END OF DEVICE CHANGES
|
||||
#
|
||||
|
@ -60,7 +60,7 @@ export DOS_STRONG_ENCRYPTION_ENABLED=false; #Switch to true to enable AES-256bit
|
||||
export DOS_WIREGUARD_INCLUDED=false; #Switch to true to enable WireGuard kernel module inclusion
|
||||
|
||||
#Servers
|
||||
export DOS_DEFAULT_DNS_PRESET="Cloudflare"; #Sets default DNS. Options: CensurfriDNS, Cloudflare, OpenNIC, DNSWATCH, Google, Neustar(-NOBL), OpenDNS, Quad9(-NOBL), Verisign, Yandex(-NOBL)
|
||||
export DOS_DEFAULT_DNS_PRESET="Cloudflare-BL"; #Sets default DNS. Options: See changeDefaultDNS() in Scripts/Common/Functions.sh
|
||||
export DOS_GPS_NTP_SERVER="1.android.pool.ntp.org"; #Options: Any NTP pool
|
||||
export DOS_GPS_SUPL_HOST="supl.google.com"; #Options: supl.{google,vodafone,sonyericsson}.com
|
||||
|
||||
@ -125,9 +125,6 @@ if [ ! -d "$DOS_BUILD_BASE" ]; then
|
||||
return 1;
|
||||
fi;
|
||||
|
||||
mkdir $DOS_BUILD_BASE"/out";
|
||||
chattr -f -c $DOS_BUILD_BASE"/out";
|
||||
|
||||
export DOS_TMP_DIR="/tmp/dos_tmp";
|
||||
mkdir -p "$DOS_TMP_DIR";
|
||||
export DOS_HOSTS_FILE="$DOS_TMP_DIR/hosts";
|
||||
|
Loading…
Reference in New Issue
Block a user