271 Commits

Author	SHA1	Message	Date
Tad	05930af014	Various changes	2022-05-14 21:40:50 -04:00
Tad	3e7b657295	Tweaks ... Signed-off-by: Tad <tad@spotco.us>	2022-05-13 19:47:43 -04:00
Tad	bf7c06105c	Update CVE patchers ... Signed-off-by: Tad <tad@spotco.us>	2022-05-12 22:13:06 -04:00
Tad	9286bdd258	Update CVE patchers ... Signed-off-by: Tad <tad@spotco.us>	2022-05-10 15:02:03 -04:00
Tad	675b1a5da0	Churn ... Signed-off-by: Tad <tad@spotco.us>	2022-05-09 12:56:03 -04:00
Tad	4edfa56f1a	Tiny tweak ... Signed-off-by: Tad <tad@spotco.us>	2022-05-04 11:52:22 -04:00
Tad	b2eb3c01b4	Update CVE patchers ... Newly added CVE-2022-20009 is dupe with CVE-2022-25258 and CVE-2022-25375 Signed-off-by: Tad <tad@spotco.us>	2022-05-03 23:33:17 -04:00
Tad	9c549763a4	Tiny tweak ... Signed-off-by: Tad <tad@spotco.us>	2022-05-03 21:11:05 -04:00
Tad	e38aff581e	Small tweaks ... - Remove some more blobs - 19.1: disable FP animation (jesec) - 18.1: mata: allow major upgrades (to 19.1) (Updater patch by erfanoabdi) - mata: disable Vulkan, it doesn't work Signed-off-by: Tad <tad@spotco.us>	2022-05-02 15:04:12 -04:00
Tad	8491016b84	19.1: add mata, cheeseburger, dumpling ... Signed-off-by: Tad <tad@spotco.us>	2022-05-01 10:45:33 -04:00
Tad	65883d9bc4	2022 ... Signed-off-by: Tad <tad@spotco.us>	2022-05-01 01:13:49 -04:00
Tad	3316cc4824	Update CVE patchers ... Signed-off-by: Tad <tad@spotco.us>	2022-04-27 07:46:22 -04:00
Tad	3457fd4151	Device cleanup ... Drop long non-compiling devices: - 14.1: n7100, jellypro - 15.1: himaul, oneplus2 - 16.0: zenfone3, fugu - 17.1: yellowstone, fugu - 18.1: bonito, sargo Drop in favor of 19.1: - 17.1: bonito, sargo - 18.1: pro1, aura, sunfish, coral, flame, bramble, redfin (experimental, but these devices don't currently appear to have any users) Signed-off-by: Tad <tad@spotco.us>	2022-04-26 15:19:57 -04:00
Tad	9a6c7a2684	18.1: Add toggle for /etc/hosts ... TODO: 19.1 and maybe 17.1 Tested working on klte/18.1 Signed-off-by: Tad <tad@spotco.us>	2022-04-20 16:40:22 -04:00
Tad	1f721c7845	Further credit patches ... Signed-off-by: Tad <tad@spotco.us>	2022-04-19 23:52:10 -04:00
Tad	c5b1cc9a35	Simplify 8e3f0438 ... Signed-off-by: Tad <tad@spotco.us>	2022-04-19 20:23:53 -04:00
Tad	e666a4a891	Update CVE patchers ... TODO: maybe split CVE-2022-23960/4.9 to get back? Signed-off-by: Tad <tad@spotco.us>	2022-04-19 14:38:44 -04:00
Tad	8e3f043820	Warn when running activity from 32 bit app on ARM64 devices. ... https://android-review.googlesource.com/c/platform/frameworks/base/+/2003790/ https://github.com/GrapheneOS/platform_frameworks_base/pull/182 Signed-off-by: Tad <tad@spotco.us>	2022-04-19 12:00:22 -04:00
Tad	d4dceffa60	Update supported kernels to latest wireless regulations database ... Applies for ~43 kernel trees Source: wireless-regdb-2022.04.08 Signed-off-by: Tad <tad@spotco.us>	2022-04-19 11:30:57 -04:00
Tad	163a162568	Fix boot animation + churn ... Signed-off-by: Tad <tad@spotco.us>	2022-04-18 23:04:24 -04:00
Tad	4b6a86a473	Add missing device variants ... Signed-off-by: Tad <tad@spotco.us>	2022-04-14 19:47:21 -04:00
Tad	be6b03fe96	Churn ... Signed-off-by: Tad <tad@spotco.us>	2022-04-13 14:54:08 -04:00
Tad	486e358050	More (disabled) lowram tweaks for <2GB devices ... The inprocess variants make very little reduction and likely reduce security. Signed-off-by: Tad <tad@spotco.us>	2022-04-12 20:25:26 -04:00
Tad	42c9d22de9	Default disable exec spawning ... Change the property too, so it takes effect next update. Since 16.0 lacks a toggle, this effectively disables the feature for it. Even devices with 4GB of RAM have usability severely impacted. Plus some other tweaks/churn Signed-off-by: Tad <tad@spotco.us>	2022-04-12 17:58:04 -04:00
Tad	81d9923cda	Don't disable scudo on lowram devices ... Signed-off-by: Tad <tad@spotco.us>	2022-04-12 15:01:05 -04:00
Tad	30de608a61	Update CVE patchers ... Signed-off-by: Tad <tad@spotco.us>	2022-04-12 02:51:44 -04:00
Tad	d078b24ddb	lowram tweaks ... Signed-off-by: Tad <tad@spotco.us>	2022-04-11 23:40:26 -04:00
Tad	d50a3a043b	Switch 16.0/17.1/18.1 to the more robust GrapheneOS sensors permission patchset ... Like done for 19.1 Signed-off-by: Tad <tad@spotco.us>	2022-04-10 21:12:03 -04:00
Tad	7da114e755	Tweaks ... Signed-off-by: Tad <tad@spotco.us>	2022-04-07 11:01:27 -04:00
Tad	a9e250afd9	Cleanup ... Signed-off-by: Tad <tad@spotco.us>	2022-04-07 00:37:20 -04:00
Tad	d1e441e4cb	19.1: More work ... - Adds hosts cache and wildcard support back - Fixes broken hardened malloc enablement patch - Drops FDroidPrivExt, non-functional - Disables captive portal toggle patch, crashes Settings, needs rework - Rebranding work - Attempts to fix no boot animation Signed-off-by: Tad <tad@spotco.us>	2022-04-06 02:32:33 -04:00
Tad	3a0659b9d8	19.1: more work, it compiles and boots! ... - Add the manifest - Add Pixel 2 series - Add some missing patches - More DNS files - Drop Silence in 19.1 Signed-off-by: Tad <tad@spotco.us>	2022-04-05 23:44:15 -04:00
Tad	1705545d22	19.1: Initial bringup ... TODO: - manifest - devices - a few small patches to rebase Signed-off-by: Tad <tad@spotco.us>	2022-04-05 00:44:19 -04:00
Tad	b464106cc5	Update CVE patchers ... Signed-off-by: Tad <tad@spotco.us>	2022-04-04 15:51:23 -04:00
Tad	deb183d273	Tiny fix ... One of these might not be necessary Signed-off-by: Tad <tad@spotco.us>	2022-04-03 17:33:20 -04:00
Tad	6c5a65622c	Page sanitization improvements ... This ensures init_on_alloc/free is used instead of page poisioning where available. 3.4 through 3.18 have a patch without a toggle for page sanitization. Signed-off-by: Tad <tad@spotco.us>	2022-04-02 12:57:17 -04:00
Tad	01900ca1c6	Reverts ... WebView overlay is breaking boot on 15.1??? This reverts commit e61e288b4a.	2022-04-01 17:07:27 -04:00
Tad	3f9b346345	Fix boot breakage ... On devices with quota enabled and impacted by this patch Signed-off-by: Tad <tad@spotco.us>	2022-04-01 10:30:30 -04:00
Tad	e1f5d99e51	Fixes ... Signed-off-by: Tad <tad@spotco.us>	2022-04-01 08:16:28 -04:00
Tad	e26908b9e0	Update CVE patchers ... Signed-off-by: Tad <tad@spotco.us>	2022-03-31 21:30:56 -04:00
Tad	e2c499dd24	Enable Clang's -ftrivial-auto-var-init=zero on supported kernels ... Signed-off-by: Tad <tad@spotco.us>	2022-03-31 21:00:31 -04:00
Tad	256df737a3	Don't set device name as DHCP hostname ... Signed-off-by: Tad <tad@spotco.us>	2022-03-31 18:46:21 -04:00
Tad	f481055ae9	Add the GrapheneOS always randomize MAC option to 17.1 and 18.1 ... The DHCP state patch was backported to 17.1 Signed-off-by: Tad <tad@spotco.us>	2022-03-29 22:27:09 -04:00
Tad	1bbb6f9b4e	Fix and enable exec_spawning feature ... This is the missing puzzle piece :) Signed-off-by: Tad <tad@spotco.us>	2022-03-28 22:02:52 -04:00
Tad	19b03c9ff4	Update CVE patchers ... Signed-off-by: Tad <tad@spotco.us>	2022-03-28 17:43:48 -04:00
Tad	8a03e46c7e	Add the exec-spawning toggle from GrapheneOS ... Tested working on 18.1/klte TODO: backport to 16.0 Signed-off-by: Tad <tad@spotco.us>	2022-03-28 16:14:37 -04:00
Tad	a53062ca0b	Backports ... Adds ptrace_scope and timeout options to 17.1, tested working Also adds hardened_malloc to 15.1, but failing to compile: external/hardened_malloc/h_malloc.c:1688:18: error: use of undeclared identifier 'M_PURGE' if (param == M_PURGE) { ^ external/hardened_malloc/h_malloc.c:1743:30: error: missing field 'ordblks' initializer [-Werror,-Wmissing-field-initializers] struct mallinfo info = {0}; ^ Signed-off-by: Tad <tad@spotco.us>	2022-03-21 18:06:49 -04:00
Tad	0c33d328b7	Partially re-enable the bionic hardening patchset ... These uncommented patches have been ruled out, leaving 7 more to test shamu is tested booting with this Signed-off-by: Tad <tad@spotco.us>	2022-03-19 20:25:24 -04:00
Tad	a56e3a3016	Disable the bionic hardening patchset to fix boot issues ... 10+4 devices tested working with bionic hardening patches enabled but hammerhead and shamu do not boot... 2 of the patches were already found to have issues and disabled 3 other patches were ruled out: - Stop implicitly marking mappings as mergeable - Make __stack_chk_guard read-only at runtime - On 64-bit, zero the leading stack canary byte Leaves 11+1 patches remaining that need to be tested But I don't have either of the two known impacted devices. Signed-off-by: Tad <tad@spotco.us>	2022-03-19 16:19:00 -04:00
Tad	3207cde72e	Small tweaks ... Signed-off-by: Tad <tad@spotco.us>	2022-03-19 12:41:49 -04:00