Signed-off-by: Tad <tad@spotco.us>
This commit is contained in:
Tad 2023-01-08 20:31:33 -05:00
parent b143ffcd8b
commit c92c084ca1
No known key found for this signature in database
GPG Key ID: B286E9F57A07424B
14 changed files with 31 additions and 55 deletions

View File

@ -9,7 +9,7 @@ Ported from 12: b294a2ce1d0d185dbc438ac3c06c90386d5f5949
1 file changed, 30 insertions(+), 9 deletions(-) 1 file changed, 30 insertions(+), 9 deletions(-)
diff --git a/services/core/java/com/android/server/pm/permission/PermissionManagerServiceImpl.java b/services/core/java/com/android/server/pm/permission/PermissionManagerServiceImpl.java diff --git a/services/core/java/com/android/server/pm/permission/PermissionManagerServiceImpl.java b/services/core/java/com/android/server/pm/permission/PermissionManagerServiceImpl.java
index 014d580e520f..c5694882f5cc 100644 index 554e2690b878..71b1b3ed0ca9 100644
--- a/services/core/java/com/android/server/pm/permission/PermissionManagerServiceImpl.java --- a/services/core/java/com/android/server/pm/permission/PermissionManagerServiceImpl.java
+++ b/services/core/java/com/android/server/pm/permission/PermissionManagerServiceImpl.java +++ b/services/core/java/com/android/server/pm/permission/PermissionManagerServiceImpl.java
@@ -1409,7 +1409,8 @@ public class PermissionManagerServiceImpl implements PermissionManagerServiceInt @@ -1409,7 +1409,8 @@ public class PermissionManagerServiceImpl implements PermissionManagerServiceInt
@ -62,7 +62,7 @@ index 014d580e520f..c5694882f5cc 100644
// PermissionPolicyService will handle the app op for runtime permissions later. // PermissionPolicyService will handle the app op for runtime permissions later.
grantRuntimePermissionInternal(packageName, permName, false, grantRuntimePermissionInternal(packageName, permName, false,
Process.SYSTEM_UID, userId, delayingPermCallback); Process.SYSTEM_UID, userId, delayingPermCallback);
@@ -2478,6 +2483,10 @@ public class PermissionManagerServiceImpl implements PermissionManagerServiceInt @@ -2518,6 +2523,10 @@ public class PermissionManagerServiceImpl implements PermissionManagerServiceInt
} }
} }
@ -73,7 +73,7 @@ index 014d580e520f..c5694882f5cc 100644
/** /**
* Restore the permission state for a package. * Restore the permission state for a package.
* *
@@ -2602,6 +2611,8 @@ public class PermissionManagerServiceImpl implements PermissionManagerServiceInt @@ -2642,6 +2651,8 @@ public class PermissionManagerServiceImpl implements PermissionManagerServiceInt
synchronized (mLock) { synchronized (mLock) {
for (final int userId : userIds) { for (final int userId : userIds) {
final UserPermissionState userState = mState.getOrCreateUserState(userId); final UserPermissionState userState = mState.getOrCreateUserState(userId);
@ -82,7 +82,7 @@ index 014d580e520f..c5694882f5cc 100644
final UidPermissionState uidState = userState.getOrCreateUidState(ps.getAppId()); final UidPermissionState uidState = userState.getOrCreateUidState(ps.getAppId());
if (uidState.isMissing()) { if (uidState.isMissing()) {
@@ -2618,7 +2629,7 @@ public class PermissionManagerServiceImpl implements PermissionManagerServiceInt @@ -2658,7 +2669,7 @@ public class PermissionManagerServiceImpl implements PermissionManagerServiceInt
FLAG_PERMISSION_RESTRICTION_UPGRADE_EXEMPT, FLAG_PERMISSION_RESTRICTION_UPGRADE_EXEMPT,
FLAG_PERMISSION_RESTRICTION_UPGRADE_EXEMPT); FLAG_PERMISSION_RESTRICTION_UPGRADE_EXEMPT);
} }
@ -91,7 +91,7 @@ index 014d580e520f..c5694882f5cc 100644
uidState.updatePermissionFlags(permission, uidState.updatePermissionFlags(permission,
PackageManager.FLAG_PERMISSION_REVIEW_REQUIRED PackageManager.FLAG_PERMISSION_REVIEW_REQUIRED
| PackageManager.FLAG_PERMISSION_REVOKED_COMPAT, | PackageManager.FLAG_PERMISSION_REVOKED_COMPAT,
@@ -2788,7 +2799,7 @@ public class PermissionManagerServiceImpl implements PermissionManagerServiceInt @@ -2828,7 +2839,7 @@ public class PermissionManagerServiceImpl implements PermissionManagerServiceInt
boolean restrictionApplied = (origState.getPermissionFlags( boolean restrictionApplied = (origState.getPermissionFlags(
bp.getName()) & FLAG_PERMISSION_APPLY_RESTRICTION) != 0; bp.getName()) & FLAG_PERMISSION_APPLY_RESTRICTION) != 0;
@ -100,7 +100,7 @@ index 014d580e520f..c5694882f5cc 100644
// If hard restricted we don't allow holding it // If hard restricted we don't allow holding it
if (permissionPolicyInitialized && hardRestricted) { if (permissionPolicyInitialized && hardRestricted) {
if (!restrictionExempt) { if (!restrictionExempt) {
@@ -2841,6 +2852,16 @@ public class PermissionManagerServiceImpl implements PermissionManagerServiceInt @@ -2881,6 +2892,16 @@ public class PermissionManagerServiceImpl implements PermissionManagerServiceInt
} }
} }
} }
@ -117,7 +117,7 @@ index 014d580e520f..c5694882f5cc 100644
} else { } else {
if (origPermState == null) { if (origPermState == null) {
// New permission // New permission
@@ -2875,7 +2896,7 @@ public class PermissionManagerServiceImpl implements PermissionManagerServiceInt @@ -2915,7 +2936,7 @@ public class PermissionManagerServiceImpl implements PermissionManagerServiceInt
if (restrictionApplied) { if (restrictionApplied) {
flags &= ~FLAG_PERMISSION_APPLY_RESTRICTION; flags &= ~FLAG_PERMISSION_APPLY_RESTRICTION;
// Dropping restriction on a legacy app implies a review // Dropping restriction on a legacy app implies a review
@ -126,7 +126,7 @@ index 014d580e520f..c5694882f5cc 100644
flags |= FLAG_PERMISSION_REVIEW_REQUIRED; flags |= FLAG_PERMISSION_REVIEW_REQUIRED;
} }
wasChanged = true; wasChanged = true;
@@ -3606,7 +3627,7 @@ public class PermissionManagerServiceImpl implements PermissionManagerServiceInt @@ -3646,7 +3667,7 @@ public class PermissionManagerServiceImpl implements PermissionManagerServiceInt
if (shouldGrantPermission) { if (shouldGrantPermission) {
final int flags = getPermissionFlagsInternal(pkg.getPackageName(), permission, final int flags = getPermissionFlagsInternal(pkg.getPackageName(), permission,
myUid, userId); myUid, userId);

View File

@ -9,7 +9,7 @@ Subject: [PATCH] srt permissions: don't auto-grant denied ones when
1 file changed, 3 insertions(+), 1 deletion(-) 1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/services/core/java/com/android/server/pm/permission/PermissionManagerServiceImpl.java b/services/core/java/com/android/server/pm/permission/PermissionManagerServiceImpl.java diff --git a/services/core/java/com/android/server/pm/permission/PermissionManagerServiceImpl.java b/services/core/java/com/android/server/pm/permission/PermissionManagerServiceImpl.java
index 57cab81a565c..621f5ccad5fc 100644 index 17d35cee6e53..239a44b48483 100644
--- a/services/core/java/com/android/server/pm/permission/PermissionManagerServiceImpl.java --- a/services/core/java/com/android/server/pm/permission/PermissionManagerServiceImpl.java
+++ b/services/core/java/com/android/server/pm/permission/PermissionManagerServiceImpl.java +++ b/services/core/java/com/android/server/pm/permission/PermissionManagerServiceImpl.java
@@ -1810,7 +1810,9 @@ public class PermissionManagerServiceImpl implements PermissionManagerServiceInt @@ -1810,7 +1810,9 @@ public class PermissionManagerServiceImpl implements PermissionManagerServiceInt

View File

@ -67,10 +67,10 @@ index 5763345aba4d..cfcc305988bc 100644
<string name="capability_title_canRetrieveWindowContent">Retrieve window content</string> <string name="capability_title_canRetrieveWindowContent">Retrieve window content</string>
<!-- Description for the capability of an accessibility service to retrieve window content. --> <!-- Description for the capability of an accessibility service to retrieve window content. -->
diff --git a/services/core/java/com/android/server/pm/permission/PermissionManagerServiceImpl.java b/services/core/java/com/android/server/pm/permission/PermissionManagerServiceImpl.java diff --git a/services/core/java/com/android/server/pm/permission/PermissionManagerServiceImpl.java b/services/core/java/com/android/server/pm/permission/PermissionManagerServiceImpl.java
index c5694882f5cc..746a5f06768d 100644 index 71b1b3ed0ca9..714bf540468c 100644
--- a/services/core/java/com/android/server/pm/permission/PermissionManagerServiceImpl.java --- a/services/core/java/com/android/server/pm/permission/PermissionManagerServiceImpl.java
+++ b/services/core/java/com/android/server/pm/permission/PermissionManagerServiceImpl.java +++ b/services/core/java/com/android/server/pm/permission/PermissionManagerServiceImpl.java
@@ -2484,7 +2484,7 @@ public class PermissionManagerServiceImpl implements PermissionManagerServiceInt @@ -2524,7 +2524,7 @@ public class PermissionManagerServiceImpl implements PermissionManagerServiceInt
} }
public static boolean isSpecialRuntimePermission(final String permission) { public static boolean isSpecialRuntimePermission(final String permission) {

View File

@ -86,10 +86,10 @@ index cfcc305988bc..2ea89de7d5cb 100644
<string name="permlab_readCalendar">Read calendar events and details</string> <string name="permlab_readCalendar">Read calendar events and details</string>
<!-- Description of an application permission, listed so the user can choose whether they want to allow the application to do this. --> <!-- Description of an application permission, listed so the user can choose whether they want to allow the application to do this. -->
diff --git a/services/core/java/com/android/server/pm/permission/PermissionManagerServiceImpl.java b/services/core/java/com/android/server/pm/permission/PermissionManagerServiceImpl.java diff --git a/services/core/java/com/android/server/pm/permission/PermissionManagerServiceImpl.java b/services/core/java/com/android/server/pm/permission/PermissionManagerServiceImpl.java
index 746a5f06768d..57cab81a565c 100644 index 714bf540468c..17d35cee6e53 100644
--- a/services/core/java/com/android/server/pm/permission/PermissionManagerServiceImpl.java --- a/services/core/java/com/android/server/pm/permission/PermissionManagerServiceImpl.java
+++ b/services/core/java/com/android/server/pm/permission/PermissionManagerServiceImpl.java +++ b/services/core/java/com/android/server/pm/permission/PermissionManagerServiceImpl.java
@@ -2484,7 +2484,7 @@ public class PermissionManagerServiceImpl implements PermissionManagerServiceInt @@ -2524,7 +2524,7 @@ public class PermissionManagerServiceImpl implements PermissionManagerServiceInt
} }
public static boolean isSpecialRuntimePermission(final String permission) { public static boolean isSpecialRuntimePermission(final String permission) {

View File

@ -13,10 +13,10 @@ Change-Id: If891bfbcc144c9336ba013260bad2b7c7a59c054
4 files changed, 47 insertions(+) 4 files changed, 47 insertions(+)
diff --git a/core/java/android/provider/Settings.java b/core/java/android/provider/Settings.java diff --git a/core/java/android/provider/Settings.java b/core/java/android/provider/Settings.java
index 6e1ae8ac9fe1..d9e423d3d9ce 100644 index 801c7d28fec2..c7abb8901cad 100644
--- a/core/java/android/provider/Settings.java --- a/core/java/android/provider/Settings.java
+++ b/core/java/android/provider/Settings.java +++ b/core/java/android/provider/Settings.java
@@ -17220,6 +17220,14 @@ public final class Settings { @@ -17237,6 +17237,14 @@ public final class Settings {
public static final String REVIEW_PERMISSIONS_NOTIFICATION_STATE = public static final String REVIEW_PERMISSIONS_NOTIFICATION_STATE =
"review_permissions_notification_state"; "review_permissions_notification_state";

View File

@ -12,10 +12,10 @@ Co-authored-by: Pratyush <codelab@pratyush.dev>
create mode 100644 services/core/java/com/android/server/ext/BluetoothAutoOff.java create mode 100644 services/core/java/com/android/server/ext/BluetoothAutoOff.java
diff --git a/core/java/android/provider/Settings.java b/core/java/android/provider/Settings.java diff --git a/core/java/android/provider/Settings.java b/core/java/android/provider/Settings.java
index b0def536be93..4516c28f9c6a 100644 index 823177ed7b57..e12274516a55 100644
--- a/core/java/android/provider/Settings.java --- a/core/java/android/provider/Settings.java
+++ b/core/java/android/provider/Settings.java +++ b/core/java/android/provider/Settings.java
@@ -17234,6 +17234,12 @@ public final class Settings { @@ -17251,6 +17251,12 @@ public final class Settings {
*/ */
public static final String WIFI_OFF_TIMEOUT = "wifi_off_timeout"; public static final String WIFI_OFF_TIMEOUT = "wifi_off_timeout";

View File

@ -12,10 +12,10 @@ Co-authored-by: Pratyush <codelab@pratyush.dev>
create mode 100644 services/core/java/com/android/server/ext/WifiAutoOff.java create mode 100644 services/core/java/com/android/server/ext/WifiAutoOff.java
diff --git a/core/java/android/provider/Settings.java b/core/java/android/provider/Settings.java diff --git a/core/java/android/provider/Settings.java b/core/java/android/provider/Settings.java
index d9e423d3d9ce..b0def536be93 100644 index c7abb8901cad..823177ed7b57 100644
--- a/core/java/android/provider/Settings.java --- a/core/java/android/provider/Settings.java
+++ b/core/java/android/provider/Settings.java +++ b/core/java/android/provider/Settings.java
@@ -17228,6 +17228,12 @@ public final class Settings { @@ -17245,6 +17245,12 @@ public final class Settings {
*/ */
public static final String SETTINGS_REBOOT_AFTER_TIMEOUT = "settings_reboot_after_timeout"; public static final String SETTINGS_REBOOT_AFTER_TIMEOUT = "settings_reboot_after_timeout";

View File

@ -221,10 +221,10 @@ index ea5a9793d..49b23ee61 100644
allow init dev_type:blk_file r_file_perms; allow init dev_type:blk_file r_file_perms;
allowxperm init dev_type:blk_file ioctl BLKROSET; allowxperm init dev_type:blk_file ioctl BLKROSET;
diff --git a/prebuilts/api/33.0/private/domain.te b/prebuilts/api/33.0/private/domain.te diff --git a/prebuilts/api/33.0/private/domain.te b/prebuilts/api/33.0/private/domain.te
index 2ef688c39..2ff442563 100644 index bcb9d52e3..cb2140740 100644
--- a/prebuilts/api/33.0/private/domain.te --- a/prebuilts/api/33.0/private/domain.te
+++ b/prebuilts/api/33.0/private/domain.te +++ b/prebuilts/api/33.0/private/domain.te
@@ -136,6 +136,7 @@ neverallow { @@ -139,6 +139,7 @@ neverallow {
# with other UIDs to these allowlisted domains. # with other UIDs to these allowlisted domains.
neverallow { neverallow {
domain domain
@ -259,10 +259,10 @@ index ce0d130fe..52cbf33e8 100644
allow init dev_type:blk_file r_file_perms; allow init dev_type:blk_file r_file_perms;
allowxperm init dev_type:blk_file ioctl BLKROSET; allowxperm init dev_type:blk_file ioctl BLKROSET;
diff --git a/private/domain.te b/private/domain.te diff --git a/private/domain.te b/private/domain.te
index 2ef688c39..2ff442563 100644 index bcb9d52e3..cb2140740 100644
--- a/private/domain.te --- a/private/domain.te
+++ b/private/domain.te +++ b/private/domain.te
@@ -136,6 +136,7 @@ neverallow { @@ -139,6 +139,7 @@ neverallow {
# with other UIDs to these allowlisted domains. # with other UIDs to these allowlisted domains.
neverallow { neverallow {
domain domain

@ -1 +1 @@
Subproject commit 4347dd9dafdcc99e00ebde20e05b7aa8ca5f230b Subproject commit f390aade68c2f39846bdd3991a06f7d6e4031f73

View File

@ -20,9 +20,6 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-4034/5.10/0005.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-4037/5.10/0002.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-4037/5.10/0002.patch
#git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-29648/^5.11/0001.patch #git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-29648/^5.11/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-33061/^5.17/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-33061/^5.17/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-33655/5.10/0005.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-33655/5.10/0006.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-33655/5.10/0007.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-33656/5.10/0005.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-33656/5.10/0005.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-39633/5.10/0005.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-39633/5.10/0005.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-0171/5.10/0003.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-0171/5.10/0003.patch
@ -140,14 +137,10 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-39842/5.10/0005.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-40307/5.10/0004.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-40307/5.10/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-40768/5.10/0002.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-40768/5.10/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-41218/^6.1/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-41218/^6.1/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-41674/5.10/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-41849/5.10/0005.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-41849/5.10/0005.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-41850/5.10/0005.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-41850/5.10/0005.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-41858/5.10/0006.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-41858/5.10/0006.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-42703/5.10/0005.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-42703/5.10/0005.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-42719/5.10/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-42721/5.10/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-42722/5.10/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-42895/5.10/0005.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-42895/5.10/0005.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-42896/4.5-^6.1/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-42896/4.5-^6.1/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-42896-extra/^6.1/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-42896-extra/^6.1/0001.patch
@ -158,11 +151,6 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-47519/5.10/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-47520/5.10/0002.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-47520/5.10/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-47521/5.10/0002.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-47521/5.10/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-47946/5.10/0002.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-47946/5.10/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-MiscWireless/^6.0/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-MiscWireless/^6.0/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-MiscWireless/^6.0/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-OctWirelessASB/ANY/0006.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-OctWirelessASB/ANY/0009.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-OctWirelessASB/ANY/0009.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-20928/ANY/0001.patch editKernelLocalversion "-dos.p152"
editKernelLocalversion "-dos.p164"
cd "$DOS_BUILD_BASE" cd "$DOS_BUILD_BASE"

View File

@ -20,9 +20,6 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-4034/5.10/0005.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-4037/5.10/0002.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-4037/5.10/0002.patch
#git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-29648/^5.11/0001.patch #git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-29648/^5.11/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-33061/^5.17/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-33061/^5.17/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-33655/5.10/0005.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-33655/5.10/0006.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-33655/5.10/0007.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-33656/5.10/0005.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-33656/5.10/0005.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-39633/5.10/0005.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-39633/5.10/0005.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-0171/5.10/0003.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-0171/5.10/0003.patch
@ -140,14 +137,10 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-39842/5.10/0005.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-40307/5.10/0004.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-40307/5.10/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-40768/5.10/0002.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-40768/5.10/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-41218/^6.1/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-41218/^6.1/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-41674/5.10/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-41849/5.10/0005.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-41849/5.10/0005.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-41850/5.10/0005.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-41850/5.10/0005.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-41858/5.10/0006.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-41858/5.10/0006.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-42703/5.10/0005.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-42703/5.10/0005.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-42719/5.10/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-42721/5.10/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-42722/5.10/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-42895/5.10/0005.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-42895/5.10/0005.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-42896/4.5-^6.1/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-42896/4.5-^6.1/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-42896-extra/^6.1/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-42896-extra/^6.1/0001.patch
@ -158,11 +151,6 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-47519/5.10/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-47520/5.10/0002.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-47520/5.10/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-47521/5.10/0002.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-47521/5.10/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-47946/5.10/0002.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-47946/5.10/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-MiscWireless/^6.0/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-MiscWireless/^6.0/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-MiscWireless/^6.0/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-OctWirelessASB/ANY/0006.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-OctWirelessASB/ANY/0009.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-OctWirelessASB/ANY/0009.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-20928/ANY/0001.patch editKernelLocalversion "-dos.p152"
editKernelLocalversion "-dos.p164"
cd "$DOS_BUILD_BASE" cd "$DOS_BUILD_BASE"

View File

@ -1,6 +1,5 @@
#!/bin/bash #!/bin/bash
cd "$DOS_BUILD_BASE""kernel/oneplus/sm8250" cd "$DOS_BUILD_BASE""kernel/oneplus/sm8250"
git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/4.19/4.19.0268-0269.patch --exclude=Makefile
git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc/ANY/0008.patch git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc/ANY/0008.patch
git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc2/ANY/0001.patch git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc2/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.19/0087.patch git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.19/0087.patch
@ -46,6 +45,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19051/4.19/0010.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19068/4.19/0003.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19068/4.19/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19602/^5.4/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19602/^5.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20908/^5.2/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20908/^5.2/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11146/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-15780/^5.8/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-15780/^5.8/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-16119/^5.10/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-16119/^5.10/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-16119/^5.10/0002.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-16119/^5.10/0002.patch

View File

@ -50,13 +50,13 @@ buildAll() {
if [ "$DOS_MALWARE_SCAN_ENABLED" = true ]; then scanWorkspaceForMalware; fi; if [ "$DOS_MALWARE_SCAN_ENABLED" = true ]; then scanWorkspaceForMalware; fi;
#frontloaded for testing #frontloaded for testing
buildDevice bluejay avb; #unb buildDevice bluejay avb; #unb
buildDevice taimen avb; #unb
buildDevice fajita avb;
#SD835 #SD835
buildDevice taimen avb; #unb
buildDevice walleye avb; #unb buildDevice walleye avb; #unb
buildDevice cheeseburger verity; buildDevice cheeseburger verity;
buildDevice dumpling verity; buildDevice dumpling verity;
#SD845 #SD845
buildDevice fajita avb;
buildDevice enchilada avb; buildDevice enchilada avb;
buildDevice aura avb; buildDevice aura avb;
buildDevice beryllium avb; buildDevice beryllium avb;

View File

@ -29,11 +29,11 @@ wget "https://github.com/LineageOS/android_packages_apps_LineageParts/raw/lineag
#TODO: wireless-regdb #TODO: wireless-regdb
#https://mirrors.edge.kernel.org/pub/software/network/wireless-regdb/ #https://mirrors.edge.kernel.org/pub/software/network/wireless-regdb/
#Last: 2022/12/15 #Last: 2023/01/08
#TODO: MMS Configs #TODO: MMS Configs
#https://github.com/GrapheneOS/platform_packages_apps_Messaging #https://github.com/GrapheneOS/platform_packages_apps_Messaging
#Last: 2022/12/15 #Last: 2023/01/08
#TODO: Carrier List #TODO: Carrier List
#https://android.googlesource.com/platform/packages/providers/TelephonyProvider/ #https://android.googlesource.com/platform/packages/providers/TelephonyProvider/