mirror of
https://github.com/Divested-Mobile/DivestOS-Build.git
synced 2024-12-29 01:16:26 -05:00
Small tweaks
Signed-off-by: Tad <tad@spotco.us>
This commit is contained in:
parent
dd2e8b4b5c
commit
d5d3846f2c
@ -72,7 +72,7 @@ commentPatches android_kernel_razer_msm8998.sh "0008-Graphene-Kernel_Hardening/4
|
||||
commentPatches android_kernel_samsung_exynos5420.sh "CVE-2021-Misc2/3.4/0061.patch" "CVE-2021-Misc2/3.4/0062.patch";
|
||||
commentPatches android_kernel_samsung_jf.sh "CVE-2019-11599";
|
||||
commentPatches android_kernel_samsung_manta.sh "CVE-2021-Misc2/3.4/0055.patch" "CVE-2021-Misc2/3.4/0056.patch";
|
||||
commentPatches android_kernel_samsung_msm8930-common.sh "CVE-2017-11015/prima" "CVE-2019-11599";
|
||||
commentPatches android_kernel_samsung_msm8930-common.sh "CVE-2017-11015/prima" "CVE-2019-11599" "CVE-2021-Misc2/ANY/0031.patch";
|
||||
commentPatches android_kernel_samsung_smdk4412.sh "CVE-2012-2127" "CVE-2016-8463/ANY/0001.patch";
|
||||
commentPatches android_kernel_samsung_tuna.sh "CVE-2012-2127";
|
||||
commentPatches android_kernel_samsung_universal8890.sh "CVE-2016-7917" "CVE-2018-1092" "CVE-2018-17972" "CVE-2019-16746" "CVE-2020-0427" "CVE-2020-14381" "CVE-2020-16166";
|
||||
|
@ -69,7 +69,6 @@ patch -p1 < "$DOS_PATCHES/android_build/0001-OTA_Keys.patch"; #Add correct keys
|
||||
patch -p1 < "$DOS_PATCHES/android_build/0002-Enable_fwrapv.patch"; #Use -fwrapv at a minimum (GrapheneOS)
|
||||
sed -i '57i$(my_res_package): PRIVATE_AAPT_FLAGS += --auto-add-overlay' core/aapt2.mk; #Enable auto-add-overlay for packages, this allows the vendor overlay to easily work across all branches.
|
||||
sed -i 's/messaging/Silence/' target/product/aosp_base_telephony.mk target/product/treble_common.mk; #Replace the Messaging app with Silence
|
||||
sed -i 's/2021-09-05/2021-10-05/' core/version_defaults.mk; #Bump Security String #O_asb_2021-10 #XXX
|
||||
fi;
|
||||
|
||||
if enterAndClear "build/soong"; then
|
||||
|
@ -73,7 +73,6 @@ patch -p1 < "$DOS_PATCHES/android_build/0002-Enable_fwrapv.patch"; #Use -fwrapv
|
||||
sed -i '74i$(my_res_package): PRIVATE_AAPT_FLAGS += --auto-add-overlay' core/aapt2.mk; #Enable auto-add-overlay for packages, this allows the vendor overlay to easily work across all branches.
|
||||
sed -i 's/messaging/Silence/' target/product/aosp_base_telephony.mk target/product/treble_common.mk; #Replace the Messaging app with Silence
|
||||
sed -i 's/PLATFORM_MIN_SUPPORTED_TARGET_SDK_VERSION := 17/PLATFORM_MIN_SUPPORTED_TARGET_SDK_VERSION := 28/' core/version_defaults.mk; #Set the minimum supported target SDK to Pie (GrapheneOS)
|
||||
sed -i 's/2021-09-05/2021-10-05/' core/version_defaults.mk; #Bump Security String #P_asb_2021-10 #XXX
|
||||
fi;
|
||||
|
||||
if enterAndClear "build/soong"; then
|
||||
|
@ -92,9 +92,9 @@ patchWorkspace() {
|
||||
umask 0022;
|
||||
if [ "$DOS_MALWARE_SCAN_ENABLED" = true ]; then scanForMalware false "$DOS_PREBUILT_APPS $DOS_BUILD_BASE/build $DOS_BUILD_BASE/device $DOS_BUILD_BASE/vendor/lineage"; fi;
|
||||
|
||||
source build/envsetup.sh;
|
||||
#source build/envsetup.sh;
|
||||
#repopick -it ten-firewall;
|
||||
repopick -it Q_asb_2021-10;
|
||||
#repopick -it Q_tzdb2021a1;
|
||||
|
||||
source "$DOS_SCRIPTS/Patch.sh";
|
||||
source "$DOS_SCRIPTS_COMMON/Copy_Keys.sh";
|
||||
|
@ -70,7 +70,6 @@ sed -i '75i$(my_res_package): PRIVATE_AAPT_FLAGS += --auto-add-overlay' core/aap
|
||||
sed -i 's/messaging/Silence/' target/product/aosp_base_telephony.mk target/product/gsi_common.mk; #Replace the Messaging app with Silence
|
||||
awk -i inplace '!/updatable_apex.mk/' target/product/mainline_system.mk; #Disable APEX
|
||||
sed -i 's/PLATFORM_MIN_SUPPORTED_TARGET_SDK_VERSION := 23/PLATFORM_MIN_SUPPORTED_TARGET_SDK_VERSION := 28/' core/version_defaults.mk; #Set the minimum supported target SDK to Pie (GrapheneOS)
|
||||
sed -i 's/2021-09-05/2021-10-05/' core/version_defaults.mk; #Bump Security String #Q_asb_2021-10 #XXX
|
||||
fi;
|
||||
|
||||
if enterAndClear "build/soong"; then
|
||||
|
@ -1,7 +1,5 @@
|
||||
#!/bin/bash
|
||||
cd "$DOS_BUILD_BASE""kernel/essential/msm8998"
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/4.4/4.4.0285-0286.patch --exclude=Makefile
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/4.4/4.4.0286-0287.patch --exclude=Makefile
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0003.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0004.patch
|
||||
@ -98,9 +96,8 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11608/4.4/0006.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11608/^5.6.1/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-14386/3.10-^4.4/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-16119/^5.10/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-24587/qca-wifi-host-cmn/0016.patch --directory=drivers/staging/qca-wifi-host-cmn
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-0936/ANY/0005.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-0936/ANY/0011.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-1963/ANY/0003.patch
|
||||
editKernelLocalversion "-dos.p102"
|
||||
editKernelLocalversion "-dos.p99"
|
||||
cd "$DOS_BUILD_BASE"
|
||||
|
@ -43,19 +43,11 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15291/4.4/0006.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-16994/^5.0/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19051/4.4/0012.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19068/4.4/0004.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-3702/4.4/0026.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-3702/4.4/0027.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-3702/4.4/0028.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-3702/4.4/0029.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-3702/4.4/0030.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11160/4.4/0003.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11608/4.4/0006.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11608/^5.6.1/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-14386/3.10-^4.4/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-16119/4.4/0006.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-16119/^5.10/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-24587/qca-wifi-host-cmn/0016.patch --directory=drivers/staging/qca-wifi-host-cmn
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3655/^5.13/0003.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-40490/3.9-^5.14/0001.patch
|
||||
editKernelLocalversion "-dos.p57"
|
||||
editKernelLocalversion "-dos.p49"
|
||||
cd "$DOS_BUILD_BASE"
|
||||
|
@ -388,7 +388,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-Misc2/ANY/0026.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-Misc2/ANY/0028.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-Misc2/ANY/0029.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-Misc2/ANY/0030.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-Misc2/ANY/0031.patch
|
||||
#git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-Misc2/ANY/0031.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-Misc2/ANY/0032.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-Misc2/ANY/0033.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-Misc2/ANY/0034.patch
|
||||
|
@ -128,7 +128,7 @@ patchWorkspace() {
|
||||
|
||||
#source build/envsetup.sh;
|
||||
#repopick -it eleven-firewall;
|
||||
#repopick -it android-11.0.0_r46;
|
||||
#repopick -it R_tzdb2021a1;
|
||||
|
||||
source "$DOS_SCRIPTS/Patch.sh";
|
||||
source "$DOS_SCRIPTS_COMMON/Copy_Keys.sh";
|
||||
|
@ -328,6 +328,7 @@ fi;
|
||||
|
||||
if enterAndClear "device/google/redbull"; then
|
||||
enableVerity; #Resurrect dm-verity
|
||||
awk -i inplace '!/sctp/' BoardConfig-common.mk modules.load; #fix compile after hardenDefconfig
|
||||
fi;
|
||||
|
||||
if enterAndClear "device/google/redfin"; then
|
||||
|
Loading…
Reference in New Issue
Block a user