March 2021 Security Updates

This commit is contained in:
Tad 2021-03-04 12:55:50 -05:00
parent f8416a1083
commit f02363ecb4
16 changed files with 120 additions and 48 deletions

View File

@ -1,29 +1,32 @@
Last checked 2021-03-02
https://nvd.nist.gov/vuln/detail/CVE-2017-6247 - no links
https://nvd.nist.gov/vuln/detail/CVE-2017-6248 - no links
https://nvd.nist.gov/vuln/detail/CVE-2019-15126 - vendor shenanigans
https://nvd.nist.gov/vuln/detail/CVE-2019-20794 - no links
https://nvd.nist.gov/vuln/detail/CVE-2019-9501 - vendor shenanigans
https://nvd.nist.gov/vuln/detail/CVE-2019-9502 - vendor shenanigans
https://nvd.nist.gov/vuln/detail/CVE-2020-0068 - no links
https://nvd.nist.gov/vuln/detail/CVE-2020-0220 - no links
https://nvd.nist.gov/vuln/detail/CVE-2020-0221 - vendor shenanigans
https://nvd.nist.gov/vuln/detail/CVE-2020-0261 - no links
https://nvd.nist.gov/vuln/detail/CVE-2020-10708 - withdrawn
https://nvd.nist.gov/vuln/detail/CVE-2020-10774 - not found
https://nvd.nist.gov/vuln/detail/CVE-2020-11147 - no links
https://nvd.nist.gov/vuln/detail/CVE-2020-11148 - no links
https://nvd.nist.gov/vuln/detail/CVE-2020-11201 - vendor shenanigans
https://nvd.nist.gov/vuln/detail/CVE-2020-11202 - vendor shenanigans
https://nvd.nist.gov/vuln/detail/CVE-2020-11206 - vendor shenanigans
https://nvd.nist.gov/vuln/detail/CVE-2020-11207 - vendor shenanigans
https://nvd.nist.gov/vuln/detail/CVE-2020-11208 - vendor shenanigans
https://nvd.nist.gov/vuln/detail/CVE-2020-11211 - not found
https://nvd.nist.gov/vuln/detail/CVE-2020-11223 - no links
https://nvd.nist.gov/vuln/detail/CVE-2020-11277 - no links
https://nvd.nist.gov/vuln/detail/CVE-2020-11305 - not found
https://nvd.nist.gov/vuln/detail/CVE-2020-27066 - no links
https://nvd.nist.gov/vuln/detail/CVE-2020-3623 - no links
https://nvd.nist.gov/vuln/detail/CVE-2020-3648 - vendor shenanigans
https://github.com/bobfuzzer/CVE https://github.com/bobfuzzer/CVE
https://nvd.nist.gov/vuln/detail/CVE-2017-6247
https://nvd.nist.gov/vuln/detail/CVE-2017-6248
https://nvd.nist.gov/vuln/detail/CVE-2019-12881
https://nvd.nist.gov/vuln/detail/CVE-2019-15126
https://nvd.nist.gov/vuln/detail/CVE-2019-20794
https://nvd.nist.gov/vuln/detail/CVE-2019-9501
https://nvd.nist.gov/vuln/detail/CVE-2019-9502
https://nvd.nist.gov/vuln/detail/CVE-2020-0068
https://nvd.nist.gov/vuln/detail/CVE-2020-0220
https://nvd.nist.gov/vuln/detail/CVE-2020-0221
https://nvd.nist.gov/vuln/detail/CVE-2020-0261
https://nvd.nist.gov/vuln/detail/CVE-2020-10708
https://nvd.nist.gov/vuln/detail/CVE-2020-10774
https://nvd.nist.gov/vuln/detail/CVE-2020-11201
https://nvd.nist.gov/vuln/detail/CVE-2020-11202
https://nvd.nist.gov/vuln/detail/CVE-2020-11206
https://nvd.nist.gov/vuln/detail/CVE-2020-11207
https://nvd.nist.gov/vuln/detail/CVE-2020-11208
https://nvd.nist.gov/vuln/detail/CVE-2020-11211
https://nvd.nist.gov/vuln/detail/CVE-2020-3623
https://nvd.nist.gov/vuln/detail/CVE-2020-3648
https://nvd.nist.gov/vuln/detail/CVE-2020-25639
https://nvd.nist.gov/vuln/detail/CVE-2020-27066
https://nvd.nist.gov/vuln/detail/CVE-2020-11148
https://nvd.nist.gov/vuln/detail/CVE-2020-27067
andi34 cve typos andi34 cve typos
CVE-2014-0169 -> CVE-2014-0196 CVE-2014-0169 -> CVE-2014-0196
@ -32,9 +35,3 @@ CVE-2015-8492 -> CVE-2015-8942
CVE-2016-0430 -> CVE-2017-0430 CVE-2016-0430 -> CVE-2017-0430
CVE-2016-0510 -> CVE-2017-0510 CVE-2016-0510 -> CVE-2017-0510
CVE-2016-0525 -> CVE-2017-0525 CVE-2016-0525 -> CVE-2017-0525
https://nvd.nist.gov/vuln/detail/CVE-2020-3625
https://nvd.nist.gov/vuln/detail/CVE-2020-0423
CVE-2020-11277
CVE-2020-11147
CVE-2020-11223

View File

@ -1,11 +1,12 @@
CVE-2017-15841 https://nvd.nist.gov/vuln/detail/CVE-2017-15841 - these are likely all vendor blobs
CVE-2017-18131 https://nvd.nist.gov/vuln/detail/CVE-2017-18131
CVE-2017-18157 https://nvd.nist.gov/vuln/detail/CVE-2017-18157
CVE-2017-18173 https://nvd.nist.gov/vuln/detail/CVE-2017-18173
CVE-2017-18274 https://nvd.nist.gov/vuln/detail/CVE-2017-18274
CVE-2017-18275 https://nvd.nist.gov/vuln/detail/CVE-2017-18275
CVE-2017-18276 https://nvd.nist.gov/vuln/detail/CVE-2017-18276
CVE-2017-18278 https://nvd.nist.gov/vuln/detail/CVE-2017-18278
CVE-2017-18279 https://nvd.nist.gov/vuln/detail/CVE-2017-18279
https://source.android.com/security/bulletin/pixel/2019-09-01 https://source.android.com/security/bulletin/pixel/2019-09-01 - lots of missing links
https://source.android.com/security/bulletin/pixel/2021-03-01

View File

@ -1,4 +1,4 @@
#Last checked 2021/02/03 #Last checked 2021/03/04
CVE-2015-0235 CVE-2015-0235
Link - https://source.codeaurora.org/quic/le//oe/recipes/commit/?id=6025569cb2a156bb6765dc14d66cb83f46a8c338 Link - https://source.codeaurora.org/quic/le//oe/recipes/commit/?id=6025569cb2a156bb6765dc14d66cb83f46a8c338
CVE-2015-3847 CVE-2015-3847

View File

@ -1,4 +1,4 @@
#Last checked 2021/02/03 #Last checked 2021/03/04
CVE-2014-9028 CVE-2014-9028
Link - external/flac - https://android.googlesource.com/platform/external/flac/+/fe03f73d86bb415f5d5145f0de091834d89ae3a9 Link - external/flac - https://android.googlesource.com/platform/external/flac/+/fe03f73d86bb415f5d5145f0de091834d89ae3a9
Link - external/flac - https://android.googlesource.com/platform/external/flac/+/5859ae22db0a2d16af3e3ca19d582de37daf5eb6 Link - external/flac - https://android.googlesource.com/platform/external/flac/+/5859ae22db0a2d16af3e3ca19d582de37daf5eb6
@ -973,6 +973,8 @@ CVE-2017-13322
Link - packages/services/Telephony - https://android.googlesource.com/platform/packages/services/Telephony/+/25b3a8b0af2e479b5eaca40ec5c82a1c7971580a Link - packages/services/Telephony - https://android.googlesource.com/platform/packages/services/Telephony/+/25b3a8b0af2e479b5eaca40ec5c82a1c7971580a
CVE-2017-13323 CVE-2017-13323
Link - system/core - https://android.googlesource.com/platform/system/core/+/8257766e842074adf0fb39ca0c9db12463fe59a2 Link - system/core - https://android.googlesource.com/platform/system/core/+/8257766e842074adf0fb39ca0c9db12463fe59a2
CVE-2017-14491
Link - external/dnsmasq - https://android.googlesource.com/platform/external/dnsmasq/+/10ba39da6b98043989b1a604f533d5b647ee7bda
CVE-2017-14496 CVE-2017-14496
Link - external/dnsmasq - https://android.googlesource.com/platform/external/dnsmasq/+/ff755ca73c98a1f2706fe86996e4bf6215054834 Link - external/dnsmasq - https://android.googlesource.com/platform/external/dnsmasq/+/ff755ca73c98a1f2706fe86996e4bf6215054834
Link - external/dnsmasq - https://android.googlesource.com/platform/external/dnsmasq/+/68a974de72b5091ce608815a349daaeb05cdeab5 Link - external/dnsmasq - https://android.googlesource.com/platform/external/dnsmasq/+/68a974de72b5091ce608815a349daaeb05cdeab5
@ -2069,6 +2071,8 @@ CVE-2020-11167
CVE-2020-11183 CVE-2020-11183
Link - https://source.codeaurora.org/quic/le/platform/hardware/qcom/display/commit/?id=7fd40cc33e2cbb0d20d28c73d648fb65889ad108 Link - https://source.codeaurora.org/quic/le/platform/hardware/qcom/display/commit/?id=7fd40cc33e2cbb0d20d28c73d648fb65889ad108
Link - https://source.codeaurora.org/quic/le/platform/hardware/qcom/display/commit/?id=593f37dcf1c6e9d1adcb2dfbfb84daaa840aab4b Link - https://source.codeaurora.org/quic/le/platform/hardware/qcom/display/commit/?id=593f37dcf1c6e9d1adcb2dfbfb84daaa840aab4b
CVE-2020-11308
Link - https://source.codeaurora.org/quic/le/abl/tianocore/edk2/commit/?id=c468f18421e113057ba72b83edf985c53fe4705d
CVE-2020-12856 CVE-2020-12856
Link - packages/apps/Bluetooth - https://android.googlesource.com/platform/packages/apps/Bluetooth/+/81c1c7d2d1681434413a615eea532e85fee43db0 Link - packages/apps/Bluetooth - https://android.googlesource.com/platform/packages/apps/Bluetooth/+/81c1c7d2d1681434413a615eea532e85fee43db0
Link - system/bt - https://android.googlesource.com/platform/system/bt/+/73b4e5c4ba4c0c96a26ec84564cd9653da50a26c Link - system/bt - https://android.googlesource.com/platform/system/bt/+/73b4e5c4ba4c0c96a26ec84564cd9653da50a26c
@ -2240,5 +2244,34 @@ CVE-2021-0340
CVE-2021-0341 CVE-2021-0341
Link - external/okhttp - https://android.googlesource.com/platform/external/okhttp/+/ddc934efe3ed06ce34f3724d41cfbdcd7e7358fc Link - external/okhttp - https://android.googlesource.com/platform/external/okhttp/+/ddc934efe3ed06ce34f3724d41cfbdcd7e7358fc
Link - libcore - https://android.googlesource.com/platform/libcore/+/4076be9a99bad5ff7651540df976c57462c3b8ce Link - libcore - https://android.googlesource.com/platform/libcore/+/4076be9a99bad5ff7651540df976c57462c3b8ce
CVE-2021-0390
Link - frameworks/opt/net/wifi - https://android.googlesource.com/platform/frameworks/opt/net/wifi/+/23685b8604571ec623e539f4f9c66db65c9dde81
CVE-2021-0391
Link - frameworks/base - https://android.googlesource.com/platform/frameworks/base/+/169f089a26b322b297e8b224e3a7274bc18a986a
CVE-2021-0392
Link - system/connectivity/wificond - https://android.googlesource.com/platform/system/connectivity/wificond/+/93eaaa88bd5820b27ad7c158981c5f8e635b79c2
CVE-2021-0393
Link - external/v8 - https://android.googlesource.com/platform/external/v8/+/a91d71434065cde21f480f5d92432b9a4f2f3521
CVE-2021-0394
Link - art - https://android.googlesource.com/platform/art/+/1358c9faa9766fd470ab2ba002a73479ccf54154
Link - art - https://android.googlesource.com/platform/art/+/4b56bb8ce224408acfef7f2b2c2cee2abd938c9a
Link - art - https://android.googlesource.com/platform/art/+/6444277041f41294d98adac4bb585183e56587f6
Link - art - https://android.googlesource.com/platform/art/+/69fc841b8460943c2b2224f61585942cbc9f3f40
Link - art - https://android.googlesource.com/platform/art/+/7dd48b90bd0968375cba8dffa2141cc9973329f9
Link - art - https://android.googlesource.com/platform/art/+/8c6653177204bfd6ccf03e1b4b3b72d96e362628
Link - art - https://android.googlesource.com/platform/art/+/d0b940349294a363e6d578adf58db8222c425669
Link - art - https://android.googlesource.com/platform/art/+/ed4b3e0958d3de6a92d82abb9f81e49e84d5c673
Link - frameworks/native - https://android.googlesource.com/platform/frameworks/native/+/58f5cfa56d5282e69a7580dc4bb97603c409f003
Link - frameworks/native - https://android.googlesource.com/platform/frameworks/native/+/61d0f84881cfc1bbac513ccd156c56603a48cc90
Link - system/tools/hidl - https://android.googlesource.com/platform/system/tools/hidl/+/e8544d4fae9e8b7f1b31068c1bbd817c792315c7
Link - system/tools/hidl - https://android.googlesource.com/platform/system/tools/hidl/+/f9a784013d8b6d519e66c2bee6384ad8a713ac25
CVE-2021-0395
Link - system/core - https://android.googlesource.com/platform/system/core/+/71bd926bf0cbd8d823507f341cef9b71812afa66
CVE-2021-0396
Link - external/v8 - https://android.googlesource.com/platform/external/v8/+/8daf19b2c8cf7b9325b53e9b93b1eac878759f23
CVE-2021-0397
Link - system/bt - https://android.googlesource.com/platform/system/bt/+/437adc1a143f22fd7792d033d1ff64a364888f44
CVE-2021-0398
Link - frameworks/base - https://android.googlesource.com/platform/frameworks/base/+/86bd39db3595842bae77abe7e768226e412591c8
CVE-0000-0000 CVE-0000-0000
#The above line must be the last line #The above line must be the last line

View File

@ -1,3 +1,4 @@
java -jar $DOS_BINARY_PATCHER scraper "https://www.qualcomm.com/company/product-security/bulletins/march-2021-bulletin" >> cve_list-qc.txt
java -jar $DOS_BINARY_PATCHER scraper "https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin" >> cve_list-qc.txt java -jar $DOS_BINARY_PATCHER scraper "https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin" >> cve_list-qc.txt
java -jar $DOS_BINARY_PATCHER scraper "https://www.qualcomm.com/company/product-security/bulletins/january-2021-bulletin" >> cve_list-qc.txt java -jar $DOS_BINARY_PATCHER scraper "https://www.qualcomm.com/company/product-security/bulletins/january-2021-bulletin" >> cve_list-qc.txt

View File

@ -1,6 +1,8 @@
java -jar $DOS_BINARY_PATCHER scraper "https://source.android.com/security/bulletin/2021-03-01" >> cve_list.txt
java -jar $DOS_BINARY_PATCHER scraper "https://source.android.com/security/bulletin/2021-02-01" >> cve_list.txt java -jar $DOS_BINARY_PATCHER scraper "https://source.android.com/security/bulletin/2021-02-01" >> cve_list.txt
java -jar $DOS_BINARY_PATCHER scraper "https://source.android.com/security/bulletin/2021-01-01" >> cve_list.txt java -jar $DOS_BINARY_PATCHER scraper "https://source.android.com/security/bulletin/2021-01-01" >> cve_list.txt
java -jar $DOS_BINARY_PATCHER scraper "https://source.android.com/security/bulletin/pixel/2021-03-01" >> cve_list.txt
java -jar $DOS_BINARY_PATCHER scraper "https://source.android.com/security/bulletin/pixel/2021-02-01" >> cve_list.txt java -jar $DOS_BINARY_PATCHER scraper "https://source.android.com/security/bulletin/pixel/2021-02-01" >> cve_list.txt
java -jar $DOS_BINARY_PATCHER scraper "https://source.android.com/security/bulletin/pixel/2021-01-01" >> cve_list.txt java -jar $DOS_BINARY_PATCHER scraper "https://source.android.com/security/bulletin/pixel/2021-01-01" >> cve_list.txt

@ -1 +1 @@
Subproject commit 52d5acd9656bc31f62e0f83c8d8edafa1ac3d68f Subproject commit 8a30c3c68eac84cc595f5a5a7f4fcd2eb7d795e5

@ -1 +1 @@
Subproject commit 3ee1e1826d713ba204c7d51f2e4cbeade64345a1 Subproject commit 6a941364ec6493da24247389bbf0745fb090b7d3

View File

@ -125,6 +125,7 @@ patchWorkspace() {
repopick -it n_asb_09-2018-qcom; #TODO: move in tree repopick -it n_asb_09-2018-qcom; #TODO: move in tree
#repopick -it bt-sbc-hd-dualchannel-nougat; #repopick -it bt-sbc-hd-dualchannel-nougat;
repopick -it tzdb2021a_N; repopick -it tzdb2021a_N;
repopick -it n-asb-2021-03;
export DOS_GRAPHENE_MALLOC=false; #patches apply, compile fails export DOS_GRAPHENE_MALLOC=false; #patches apply, compile fails

View File

@ -76,6 +76,9 @@ enterAndClear "device/qcom/sepolicy";
patch -p1 < "$DOS_PATCHES/android_device_qcom_sepolicy/248649.patch"; #msm_irqbalance: Allow read for stats and interrupts patch -p1 < "$DOS_PATCHES/android_device_qcom_sepolicy/248649.patch"; #msm_irqbalance: Allow read for stats and interrupts
patch -p1 < "$DOS_PATCHES/android_device_qcom_sepolicy/0001-Camera_Fix.patch"; #Fix camera on user builds XXX: REMOVE THIS TRASH patch -p1 < "$DOS_PATCHES/android_device_qcom_sepolicy/0001-Camera_Fix.patch"; #Fix camera on user builds XXX: REMOVE THIS TRASH
enterAndClear "external/chromium-webview";
git pull "https://github.com/LineageOS/android_external_chromium-webview" refs/changes/30/304330/1; #update webview
enterAndClear "external/sqlite"; enterAndClear "external/sqlite";
patch -p1 < "$DOS_PATCHES/android_external_sqlite/0001-Secure_Delete.patch"; #Enable secure_delete by default (AndroidHardening-13.0) patch -p1 < "$DOS_PATCHES/android_external_sqlite/0001-Secure_Delete.patch"; #Enable secure_delete by default (AndroidHardening-13.0)

View File

@ -115,7 +115,8 @@ export -f buildAll;
patchWorkspace() { patchWorkspace() {
if [ "$DOS_MALWARE_SCAN_ENABLED" = true ]; then scanForMalware false "$DOS_PREBUILT_APPS $DOS_BUILD_BASE/build $DOS_BUILD_BASE/device $DOS_BUILD_BASE/vendor/lineage"; fi; if [ "$DOS_MALWARE_SCAN_ENABLED" = true ]; then scanForMalware false "$DOS_PREBUILT_APPS $DOS_BUILD_BASE/build $DOS_BUILD_BASE/device $DOS_BUILD_BASE/vendor/lineage"; fi;
#source build/envsetup.sh; source build/envsetup.sh;
repopick -it O_asb_2021-03;
export DOS_GRAPHENE_MALLOC=false; #patches apply, compile fails export DOS_GRAPHENE_MALLOC=false; #patches apply, compile fails

View File

@ -78,6 +78,12 @@ git revert --no-edit c9b0d95630b82cd0ad1a0fc633c6d59c2cb8aad7 37422f7df389f3ae5a
enterAndClear "device/qcom/sepolicy"; enterAndClear "device/qcom/sepolicy";
patch -p1 < "$DOS_PATCHES/android_device_qcom_sepolicy/0001-Camera_Fix.patch"; #Fix camera on -user builds XXX: REMOVE THIS TRASH patch -p1 < "$DOS_PATCHES/android_device_qcom_sepolicy/0001-Camera_Fix.patch"; #Fix camera on -user builds XXX: REMOVE THIS TRASH
enterAndClear "external/chromium-webview";
git pull "https://github.com/LineageOS/android_external_chromium-webview" refs/changes/30/304330/1; #update webview
enterAndClear "external/dnsmasq";
git pull "https://github.com/LineageOS/android_external_dnsmasq" refs/changes/10/305010/1; #O_asb_2021-03
enterAndClear "external/svox"; enterAndClear "external/svox";
git revert --no-edit 1419d63b4889a26d22443fd8df1f9073bf229d3d; #Add back Makefiles git revert --no-edit 1419d63b4889a26d22443fd8df1f9073bf229d3d; #Add back Makefiles

View File

@ -132,8 +132,9 @@ export -f buildAll;
patchWorkspace() { patchWorkspace() {
if [ "$DOS_MALWARE_SCAN_ENABLED" = true ]; then scanForMalware false "$DOS_PREBUILT_APPS $DOS_BUILD_BASE/build $DOS_BUILD_BASE/device $DOS_BUILD_BASE/vendor/lineage"; fi; if [ "$DOS_MALWARE_SCAN_ENABLED" = true ]; then scanForMalware false "$DOS_PREBUILT_APPS $DOS_BUILD_BASE/build $DOS_BUILD_BASE/device $DOS_BUILD_BASE/vendor/lineage"; fi;
#source build/envsetup.sh; source build/envsetup.sh;
#repopick -it pie-firewall; #repopick -it pie-firewall;
repopick -it P_asb_2021-03;
source "$DOS_SCRIPTS/Patch.sh"; source "$DOS_SCRIPTS/Patch.sh";
source "$DOS_SCRIPTS_COMMON/Copy_Keys.sh"; source "$DOS_SCRIPTS_COMMON/Copy_Keys.sh";

View File

@ -77,6 +77,12 @@ enterAndClear "device/qcom/sepolicy-legacy";
patch -p1 < "$DOS_PATCHES/android_device_qcom_sepolicy-legacy/0001-Camera_Fix.patch"; #Fix camera on -user builds XXX: REMOVE THIS TRASH patch -p1 < "$DOS_PATCHES/android_device_qcom_sepolicy-legacy/0001-Camera_Fix.patch"; #Fix camera on -user builds XXX: REMOVE THIS TRASH
echo "SELINUX_IGNORE_NEVERALLOWS := true" >> sepolicy.mk; #necessary for -user builds of legacy devices echo "SELINUX_IGNORE_NEVERALLOWS := true" >> sepolicy.mk; #necessary for -user builds of legacy devices
enterAndClear "external/chromium-webview";
git pull "https://github.com/LineageOS/android_external_chromium-webview" refs/changes/30/304330/1; #update webview
enterAndClear "external/dnsmasq";
git pull "https://github.com/LineageOS/android_external_dnsmasq" refs/changes/00/305000/1; #P_asb_2021-03
enterAndClear "external/svox"; enterAndClear "external/svox";
git revert --no-edit 1419d63b4889a26d22443fd8df1f9073bf229d3d; #Add back Makefiles git revert --no-edit 1419d63b4889a26d22443fd8df1f9073bf229d3d; #Add back Makefiles
sed -i '12iLOCAL_SDK_VERSION := current' pico/Android.mk; #Fix build under Pie sed -i '12iLOCAL_SDK_VERSION := current' pico/Android.mk; #Fix build under Pie
@ -183,6 +189,9 @@ git revert --no-edit 99564aaf0417c9ddf7d6aeb10d326e5b24fa8f55;
patch -p1 < "$DOS_PATCHES/android_packages_services_Telephony/0001-PREREQ_Handle_All_Modes.patch"; patch -p1 < "$DOS_PATCHES/android_packages_services_Telephony/0001-PREREQ_Handle_All_Modes.patch";
patch -p1 < "$DOS_PATCHES/android_packages_services_Telephony/0002-More_Preferred_Network_Modes.patch"; patch -p1 < "$DOS_PATCHES/android_packages_services_Telephony/0002-More_Preferred_Network_Modes.patch";
enterAndClear "system/connectivity/wificond";
git pull "https://github.com/LineageOS/android_system_connectivity_wificond" refs/changes/08/305008/1; #P_asb_2021-03
enterAndClear "system/core"; enterAndClear "system/core";
if [ "$DOS_HOSTS_BLOCKING" = true ]; then cat "$DOS_HOSTS_FILE" >> rootdir/etc/hosts; fi; #Merge in our HOSTS file if [ "$DOS_HOSTS_BLOCKING" = true ]; then cat "$DOS_HOSTS_FILE" >> rootdir/etc/hosts; fi; #Merge in our HOSTS file
git revert --no-edit b3609d82999d23634c5e6db706a3ecbc5348309a; #Always update recovery git revert --no-edit b3609d82999d23634c5e6db706a3ecbc5348309a; #Always update recovery

View File

@ -130,8 +130,9 @@ export -f buildAll;
patchWorkspace() { patchWorkspace() {
if [ "$DOS_MALWARE_SCAN_ENABLED" = true ]; then scanForMalware false "$DOS_PREBUILT_APPS $DOS_BUILD_BASE/build $DOS_BUILD_BASE/device $DOS_BUILD_BASE/vendor/lineage"; fi; if [ "$DOS_MALWARE_SCAN_ENABLED" = true ]; then scanForMalware false "$DOS_PREBUILT_APPS $DOS_BUILD_BASE/build $DOS_BUILD_BASE/device $DOS_BUILD_BASE/vendor/lineage"; fi;
#source build/envsetup.sh; source build/envsetup.sh;
#repopick -it ten-firewall; #repopick -it ten-firewall;
repopick -it Q_asb_2021-03;
source "$DOS_SCRIPTS/Patch.sh"; source "$DOS_SCRIPTS/Patch.sh";
source "$DOS_SCRIPTS_COMMON/Copy_Keys.sh"; source "$DOS_SCRIPTS_COMMON/Copy_Keys.sh";

View File

@ -75,12 +75,22 @@ enterAndClear "device/qcom/sepolicy-legacy";
patch -p1 < "$DOS_PATCHES/android_device_qcom_sepolicy-legacy/0001-Camera_Fix.patch"; #Fix camera on -user builds XXX: REMOVE THIS TRASH patch -p1 < "$DOS_PATCHES/android_device_qcom_sepolicy-legacy/0001-Camera_Fix.patch"; #Fix camera on -user builds XXX: REMOVE THIS TRASH
echo "SELINUX_IGNORE_NEVERALLOWS := true" >> sepolicy.mk; #necessary for -user builds of legacy devices echo "SELINUX_IGNORE_NEVERALLOWS := true" >> sepolicy.mk; #necessary for -user builds of legacy devices
enterAndClear "external/chromium-webview";
git pull "https://github.com/LineageOS/android_external_chromium-webview" refs/changes/30/304330/1; #update webview
enterAndClear "external/dnsmasq";
git pull "https://github.com/LineageOS/android_external_dnsmasq" refs/changes/66/304966/1; #Q_asb_2021-03
enterAndClear "external/svox"; enterAndClear "external/svox";
git revert --no-edit 1419d63b4889a26d22443fd8df1f9073bf229d3d; #Add back Makefiles git revert --no-edit 1419d63b4889a26d22443fd8df1f9073bf229d3d; #Add back Makefiles
sed -i '12iLOCAL_SDK_VERSION := current' pico/Android.mk; #Fix build under Pie sed -i '12iLOCAL_SDK_VERSION := current' pico/Android.mk; #Fix build under Pie
sed -i 's/about to delete/unable to delete/' pico/src/com/svox/pico/LangPackUninstaller.java; sed -i 's/about to delete/unable to delete/' pico/src/com/svox/pico/LangPackUninstaller.java;
awk -i inplace '!/deletePackage/' pico/src/com/svox/pico/LangPackUninstaller.java; awk -i inplace '!/deletePackage/' pico/src/com/svox/pico/LangPackUninstaller.java;
enterAndClear "external/v8";
git pull "https://github.com/LineageOS/android_external_v8" refs/changes/70/304970/1; #Q_asb_2021-03
git pull "https://github.com/LineageOS/android_external_v8" refs/changes/71/304971/1;
enterAndClear "frameworks/av"; enterAndClear "frameworks/av";
if [ "$DOS_GRAPHENE_MALLOC" = true ]; then patch -p1 < "$DOS_PATCHES/android_frameworks_av/0001-HM_A2DP_Fix.patch"; fi; #(GrapheneOS) if [ "$DOS_GRAPHENE_MALLOC" = true ]; then patch -p1 < "$DOS_PATCHES/android_frameworks_av/0001-HM_A2DP_Fix.patch"; fi; #(GrapheneOS)
@ -183,6 +193,9 @@ patch -p1 < "$DOS_PATCHES_COMMON/android_packages_inputmethods_LatinIME/0001-Voi
#patch -p1 < "$DOS_PATCHES/android_packages_services_Telephony/0001-PREREQ_Handle_All_Modes.patch"; #XXX 17REBASE #patch -p1 < "$DOS_PATCHES/android_packages_services_Telephony/0001-PREREQ_Handle_All_Modes.patch"; #XXX 17REBASE
#patch -p1 < "$DOS_PATCHES/android_packages_services_Telephony/0002-More_Preferred_Network_Modes.patch"; #XXX 17REBASE #patch -p1 < "$DOS_PATCHES/android_packages_services_Telephony/0002-More_Preferred_Network_Modes.patch"; #XXX 17REBASE
enterAndClear "system/connectivity/wificond";
git pull "https://github.com/LineageOS/android_system_connectivity_wificond" refs/changes/75/304975/1; #Q_asb_2021-03
enterAndClear "system/core"; enterAndClear "system/core";
if [ "$DOS_HOSTS_BLOCKING" = true ]; then cat "$DOS_HOSTS_FILE" >> rootdir/etc/hosts; fi; #Merge in our HOSTS file if [ "$DOS_HOSTS_BLOCKING" = true ]; then cat "$DOS_HOSTS_FILE" >> rootdir/etc/hosts; fi; #Merge in our HOSTS file
git revert --no-edit 3032c7aa5ce90c0ae9c08fe271052c6e0304a1e7 01266f589e6deaef30b782531ae14435cdd2f18e; #insanity git revert --no-edit 3032c7aa5ce90c0ae9c08fe271052c6e0304a1e7 01266f589e6deaef30b782531ae14435cdd2f18e; #insanity
@ -201,6 +214,9 @@ patch -p1 < "$DOS_PATCHES/android_system_sepolicy/0001-LGE_Fixes.patch" --direct
patch -p1 < "$DOS_PATCHES/android_system_sepolicy/0001-LGE_Fixes.patch" --directory="prebuilts/api/26.0"; patch -p1 < "$DOS_PATCHES/android_system_sepolicy/0001-LGE_Fixes.patch" --directory="prebuilts/api/26.0";
awk -i inplace '!/true cannot be used in user builds/' Android.mk; #Allow ignoring neverallows under -user awk -i inplace '!/true cannot be used in user builds/' Android.mk; #Allow ignoring neverallows under -user
enterAndClear "system/tools/hidl";
git pull "https://github.com/LineageOS/android_system_tools_hidl" refs/changes/76/304976/1; #Q_asb_2021-03
enterAndClear "system/update_engine"; enterAndClear "system/update_engine";
git revert --no-edit c68499e3ff10f2a31f913e14f66aafb4ed94d42d; #Do not skip payload signature verification git revert --no-edit c68499e3ff10f2a31f913e14f66aafb4ed94d42d; #Do not skip payload signature verification