Minor updates

- drop usage stats patch, causes Settings to crash

Patches/Common/android_frameworks_base/0002-Disable_usage_stats.patch

@@ -1,44 +0,0 @@
-From 20a90f9fcf1bfd3da10210cc06f1428edbe92389 Mon Sep 17 00:00:00 2001
-From: MSe1969 <mse1969@posteo.de>
-Date: Thu, 20 Dec 2018 22:12:35 +0100
-Subject: [PATCH] AppOps: Default GET_USAGE_STATS to MODE_IGNORED
-
-The AppOp OP_GET_USAGE_STATS is defaulted with MODE_DEFAULT and this is
-resolved to default to ALLOW, if the permission PACKAGE_USAGE_STATS is
-requested. This can be switched off in a specific settings menu, hence
-an opt-out is implemented in AOSP.
-
-Letting 3rd parties analyze the behavior does not really add any value
-for the device holder, hence an opt-in makes more sense. Usage stats
-collection is now disabled by default for apps requesting that permission.
-
-If the user wants to allow stats collection, he can enter the respective
-menu in settings and allow the app to collect usage data.
-
-Change-Id: I9e08822851cf660277e45f3023aa80d8918f45ae
----
- core/java/android/app/AppOpsManager.java | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/core/java/android/app/AppOpsManager.java b/core/java/android/app/AppOpsManager.java
-index e13947335d2a..19287b3c13a4 100644
---- a/core/java/android/app/AppOpsManager.java
-+++ b/core/java/android/app/AppOpsManager.java
-@@ -930,7 +930,7 @@
-             AppOpsManager.MODE_ALLOWED,
-             AppOpsManager.MODE_ALLOWED,
-             AppOpsManager.MODE_ALLOWED,
--            AppOpsManager.MODE_DEFAULT, // OP_GET_USAGE_STATS
-+            AppOpsManager.MODE_IGNORED, // OP_GET_USAGE_STATS
-             AppOpsManager.MODE_ALLOWED,
-             AppOpsManager.MODE_ALLOWED,
-             AppOpsManager.MODE_IGNORED, // OP_PROJECT_MEDIA
-@@ -1007,7 +1007,7 @@
-             AppOpsManager.MODE_ALLOWED, // OP_WAKE_LOCK
-             AppOpsManager.MODE_ALLOWED, // OP_MONITOR_LOCATION
-             AppOpsManager.MODE_ASK,     // OP_MONITOR_HIGH_POWER_LOCATION
--            AppOpsManager.MODE_DEFAULT, // OP_GET_USAGE_STATS
-+            AppOpsManager.MODE_IGNORED, // OP_GET_USAGE_STATS
-             AppOpsManager.MODE_ALLOWED, // OP_MUTE_MICROPHONE
-             AppOpsManager.MODE_ALLOWED, // OP_TOAST_WINDOW
-             AppOpsManager.MODE_IGNORED, // OP_PROJECT_MEDIA

Scripts/LineageOS-14.1/Patch.sh

@@ -94,7 +94,6 @@ changeDefaultDNS;
 #patch -p1 < "$DOS_PATCHES/android_frameworks_base/0007-Connectivity.patch"; #Change connectivity check URLs to ours
 patch -p1 < "$DOS_PATCHES/android_frameworks_base/0008-Disable_Analytics.patch"; #Disable/reduce functionality of various ad/analytics libraries
 patch -p1 < "$DOS_PATCHES_COMMON/android_frameworks_base/0001-Browser_No_Location.patch"; #don't grant location permission to system browsers
-patch -p1 < "$DOS_PATCHES_COMMON/android_frameworks_base/0002-Disable_usage_stats.patch"; #don't grant usage stats permission to apps by default
 patch -p1 < "$DOS_PATCHES_COMMON/android_frameworks_base/0003-SUPL_No_IMSI.patch"; #don't send IMSI to SUPL
 rm -rf packages/PrintRecommendationService; #App that just creates popups to install proprietary print apps
 

Scripts/LineageOS-15.1/Patch.sh

@@ -98,7 +98,6 @@ changeDefaultDNS;
 #patch -p1 < "$DOS_PATCHES/android_frameworks_base/0005-Connectivity.patch"; #Change connectivity check URLs to ours
 patch -p1 < "$DOS_PATCHES/android_frameworks_base/0006-Disable_Analytics.patch"; #Disable/reduce functionality of various ad/analytics libraries
 patch -p1 < "$DOS_PATCHES_COMMON/android_frameworks_base/0001-Browser_No_Location.patch"; #don't grant location permission to system browsers
-#patch -p1 < "$DOS_PATCHES_COMMON/android_frameworks_base/0002-Disable_usage_stats.patch"; #don't grant usage stats permission to apps by default XXX: breaks stuff
 patch -p1 < "$DOS_PATCHES_COMMON/android_frameworks_base/0003-SUPL_No_IMSI.patch"; #don't send IMSI to SUPL
 rm -rf packages/PrintRecommendationService; #App that just creates popups to install proprietary print apps
 

Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_lge_mako.sh

@@ -1,6 +1,5 @@
 #!/bin/bash
 cd "$DOS_BUILD_BASE""kernel/lge/mako"
-git apply $DOS_PATCHES_LINUX_CVES/0003-syskaller-Misc/ANY/0008.patch
 git apply $DOS_PATCHES_LINUX_CVES/0003-syskaller-Misc/ANY/0009.patch
 git apply $DOS_PATCHES_LINUX_CVES/0005-Copperhead-Deny_USB/3.4/3.4-Backport.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6544/^3.6/0003.patch
@@ -28,11 +27,9 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2185/^4.5.1/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2186/^4.5.1/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2384/^4.5/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2543/^4.4.1/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2544/^4.4.1/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2549/^4.4.1/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3138/^4.5.1/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3857/ANY/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3894/ANY/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-4485/^4.5.5/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-4580/^4.5.5/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-4913/^4.5.5/0001.patch
@@ -40,24 +37,16 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5244/^4.6.3/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5828/^4.6.3/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5829/ANY/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6480/^4.7/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6753/ANY/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6791/ANY/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6828/^4.7.5/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-7910/^4.7.1/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-7915/^4.6/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8399/ANY/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8406/ANY/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8463/ANY/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8650/^4.8.11/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-9576/3.4/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-9604/^4.11/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-9793/^4.8.14/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-9794/^4.7/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0403/3.0-^3.18/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0404/^3.18/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0611/3.4/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0648/ANY/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0710/ANY/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0751/ANY/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0786/ANY/0001.patch
@@ -65,15 +54,11 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0861/ANY/0002.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000363/ANY/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11176/^4.11.9/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11473/^4.12.2/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13305/ANY/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13695/^4.12.9/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14106/^4.12/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14489/^4.13.2/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16525/^4.13.8/0002.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16526/^4.13.6/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16532/^4.13.11/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16533/^4.13.8/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16535/^4.13.10/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16537/^4.13.11/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16650/^4.13.11/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0001.patch
@@ -82,19 +67,13 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0006.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17450/^4.14.4/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17558/^4.14.5/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17805/^4.14.8/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17806/^4.14.8/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18079/^4.12.4/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18203/^4.14.3/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18360/^4.11.3/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-2671/^4.10.8/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-6074/^4.9.11/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-6345/^4.9.13/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-6348/^4.9.13/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-6951/^3.14.79/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7184/^4.10.6/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7184/^4.10.6/0002.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7308/^4.10.6/0003.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7487/^4.11.1/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7645/^4.10.11/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8246/3.4/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8246/3.4/0002.patch
@@ -102,14 +81,12 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8247/ANY/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8254/3.4/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8254/3.4/0002.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8824/^4.14.3/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8890/3.4/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9242/^4.11.3/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9984/^4.11.7/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10021/^4.16/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10087/^4.13/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10124/^4.13/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10675/^4.12.9/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-1068/ANY/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-1068/ANY/0002.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10879/3.4/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10879/3.4/0003.patch
@@ -131,7 +108,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7492/^4.14.7/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7757/^4.15.7/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-8781/^4.15/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9389/ANY/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9416/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9439/ANY/0002.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9516/ANY/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10142/ANY/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2001/^3.10/0001.patch
@@ -139,13 +116,11 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2101/ANY/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-3459/^5.1/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-8912/^4.20.11/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/LVT-2017-0004/3.4/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/797912_0001-usb-gadget-Fix-synchronization-issue-between-f_audio.patch
 git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/870057_0001-wcnss-add-null-check-in-pm_ops-unregister.patch
 git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/kernel.msm.git-5d89eb01c93d8a62998e3bdccae28a7732e3bd51.patch
 git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/kernel.msm.git-7be3e08d7a523207486701b2d34607137558066f.patch
 git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/kernel.msm.git-9f34c6ebc016cd061ae5ec901221d15fa3d67e49.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000111/ANY/0001.patch
-editKernelLocalversion "-dos.p147"
+editKernelLocalversion "-dos.p122"
 cd "$DOS_BUILD_BASE"

Scripts/LineageOS-16.0/Patch.sh

@@ -100,7 +100,6 @@ changeDefaultDNS;
 patch -p1 < "$DOS_PATCHES/android_frameworks_base/0006-Disable_Analytics.patch"; #Disable/reduce functionality of various ad/analytics libraries
 patch -p1 < "$DOS_PATCHES/android_frameworks_base/0007-Always_Restict_Serial.patch"; #always restrict access to Build.SERIAL
 patch -p1 < "$DOS_PATCHES/android_frameworks_base/0008-Browser_No_Location.patch"; #don't grant location permission to system browsers
-patch -p1 < "$DOS_PATCHES_COMMON/android_frameworks_base/0002-Disable_usage_stats.patch"; #don't grant usage stats permission to apps by default
 patch -p1 < "$DOS_PATCHES_COMMON/android_frameworks_base/0003-SUPL_No_IMSI.patch"; #don't send IMSI to SUPL
 rm -rf packages/PrintRecommendationService; #App that just creates popups to install proprietary print apps
 
@@ -209,9 +208,6 @@ echo "allow system_server sensors_data_file:dir r_file_perms;" >> sepolicy/syste
 sed -i 's/1333788672/880803840/' BoardConfig.mk; #don't touch partitions! DOS -user fits with 75M free
 awk -i inplace '!/TARGET_RELEASETOOLS_EXTENSIONS/' BoardConfig.mk;
 
-enterAndClear "device/oneplus/bacon";
-sed -i 's/android.hardware.nfc@1.0-impl/android.hardware.nfc@1.0-impl.so/' device-proprietary-files.txt;
-
 enterAndClear "device/oppo/msm8974-common";
 sed -i "s/TZ.BF.2.0-2.0.0134/TZ.BF.2.0-2.0.0134|TZ.BF.2.0-2.0.0137/" board-info.txt; #Suport new TZ firmware https://review.lineageos.org/#/c/178999/