Git-Mirrors/DivestOS
1
0
Fork 0
mirror of https://github.com/Divested-Mobile/DivestOS-Build.git synced 2024-10-01 01:35:54 -04:00
Code Issues Packages Projects Releases Wiki Activity
1,624 Commits 1 Branch 0 Tags 101 MiB
12c56938cb
Commit Graph

1448 Commits

Author SHA1 Message Date
Tad
5d57bf13c4 Compile fixes 
The backported fix for CVE-2021-39713 requires CONFIG_MODULES=y
MODULES is default enabled, but some kernels are mutilated and break with it on

Signed-off-by: Tad <tad@spotco.us>
 2022-05-26 22:36:22 -04:00
Tad
28724c4a6e Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-05-25 22:52:22 -04:00
Tad
2c4caa30a1 Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-05-24 00:36:49 -04:00
Tad
de781e9921 Tweaks 
Signed-off-by: Tad <tad@spotco.us>
 2022-05-23 23:15:27 -04:00
Tad
91953c0a45 Remove more blobs 
Signed-off-by: Tad <tad@spotco.us>
 2022-05-21 13:42:51 -04:00
Tad
1ffaf7fe51 Fix 
Signed-off-by: Tad <tad@spotco.us>
 2022-05-20 17:16:51 -04:00
Tad
e8bc36af04 Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-05-20 17:16:29 -04:00
Tad
e5b0a6a429 Make ZRAM great again 
Signed-off-by: Tad <tad@spotco.us>
 2022-05-18 23:04:01 -04:00
Tad
1ea1ce9bc2 Churn 
Signed-off-by: Tad <tad@spotco.us>
 2022-05-18 12:49:54 -04:00
Tad
991e4c0642 Revert "Revert b5224f0" 
I've triple checked that calls/data work fine without these blobs
and also have another report from walleye as the same.

I have no idea what is happening to those who have SIM issues.

This reverts commit dc392b17b6.
 2022-05-17 18:42:38 -04:00
Tad
dc392b17b6 Revert b5224f0 
Calling and data is tested working on my taimen
But there are multiple reports that say otherwise

Signed-off-by: Tad <tad@spotco.us>
 2022-05-17 10:48:28 -04:00
Tad
df4631a493 Churn 
Signed-off-by: Tad <tad@spotco.us>
 2022-05-15 19:14:55 -04:00
Tad
64b4bbe075 Disable older devices tested/reported working on 19.1 
Signed-off-by: Tad <tad@spotco.us>
 2022-05-15 13:16:36 -04:00
Tad
3114ca7157 19.1: Add the Private DNS presets 
Signed-off-by: Tad <tad@spotco.us>
 2022-05-14 22:34:17 -04:00
Tad
05930af014 Various changes 2022-05-14 21:40:50 -04:00
Tad
3e7b657295 Tweaks 
Signed-off-by: Tad <tad@spotco.us>
 2022-05-13 19:47:43 -04:00
Tad
7a168302cf 19.1: Location indicator exemptions 
Credit/References:
26ddac7988
7370657f85
37e2a4e0bc
a5d43c0157
ac60a2117e

Signed-off-by: Tad <tad@spotco.us>
 2022-05-12 23:25:21 -04:00
Tad
bf7c06105c Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-05-12 22:13:06 -04:00
Tad
4dbab20c06 Churn 
Signed-off-by: Tad <tad@spotco.us>
 2022-05-10 15:32:13 -04:00
Tad
9286bdd258 Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-05-10 15:02:03 -04:00
Tad
c4400a9a6f Pick 
Signed-off-by: Tad <tad@spotco.us>
 2022-05-09 22:16:00 -04:00
Tad
1f807b843f Split 
Signed-off-by: Tad <tad@spotco.us>
 2022-05-09 14:37:22 -04:00
Tad
675b1a5da0 Churn 
Signed-off-by: Tad <tad@spotco.us>
 2022-05-09 12:56:03 -04:00
Tad
df398fd6f5 Various 
Signed-off-by: Tad <tad@spotco.us>
 2022-05-07 20:22:49 -04:00
Tad
bc0a9f79b3 19.1: replace OpenCamera with official prebuilt GrapheneOS Camera 
Benefits over OpenCamera
- QR scanner
- no broken panoroma option
- much simpler and cleaner "just works" interface
- selfie self illumination option, try it!

TODO: consider adding to 17.1 and 18.1

Signed-off-by: Tad <tad@spotco.us>
 2022-05-07 20:22:36 -04:00
Tad
4edfa56f1a Tiny tweak 
Signed-off-by: Tad <tad@spotco.us>
 2022-05-04 11:52:22 -04:00
Tad
b2eb3c01b4 Update CVE patchers 
Newly added CVE-2022-20009 is dupe with CVE-2022-25258 and CVE-2022-25375

Signed-off-by: Tad <tad@spotco.us>
 2022-05-03 23:33:17 -04:00
Tad
9c549763a4 Tiny tweak 
Signed-off-by: Tad <tad@spotco.us>
 2022-05-03 21:11:05 -04:00
Tad
b5224f0c79 Remove the Google carrier blobs 
These were previously removed, and added back after a false report of breakage.

Data and VoLTE tested working on taimen

Signed-off-by: Tad <tad@spotco.us>
 2022-05-03 14:28:51 -04:00
Tad
e38aff581e Small tweaks 
- Remove some more blobs
- 19.1: disable FP animation (jesec)
- 18.1: mata: allow major upgrades (to 19.1) (Updater patch by erfanoabdi)
- mata: disable Vulkan, it doesn't work

Signed-off-by: Tad <tad@spotco.us>
 2022-05-02 15:04:12 -04:00
Tad
8491016b84 19.1: add mata, cheeseburger, dumpling 
Signed-off-by: Tad <tad@spotco.us>
 2022-05-01 10:45:33 -04:00
Tad
65883d9bc4 2022 
Signed-off-by: Tad <tad@spotco.us>
 2022-05-01 01:13:49 -04:00
Tad
0086d97848 Put back slub_debug=Z 
Was removed for testing purposes in bfa18cb1

Signed-off-by: Tad <tad@spotco.us>
 2022-04-30 14:35:27 -04:00
Tad
52c3a55140 Another kernel compile fix 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-29 19:34:34 -04:00
Tad
1b6f6909ad Fix compile on some kernels 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-29 17:25:23 -04:00
Tad
b337aef1bb 19.1: Disable kernel update for op6 
While this works on 18.1, on 19.1 it causes breakage

opening a terminal emulator causes instant panic with no logs

Signed-off-by: Tad <tad@spotco.us>
 2022-04-29 16:38:28 -04:00
Tad
e3ff62cda1 FIX 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-29 15:26:15 -04:00
Tad
bfa18cb176 defconfig tweaks 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-29 14:02:29 -04:00
Tad
36fabeca42 Deblob manifest.xml 
Reverts 766219aa
Fixes https://github.com/Divested-Mobile/DivestOS-Build/issues/55

Signed-off-by: Tad <tad@spotco.us>
 2022-04-29 09:44:36 -04:00
Tad
9875334547 Churn 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-28 20:17:13 -04:00
Tad
5fb67c45ae 19.1: add cheryl 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-28 19:57:49 -04:00
Tad
edfbb8b063 Further ensure oem unlock toggle is available 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-28 08:30:54 -04:00
Tad
766219aabd Don't remove source built ClearKey DRM 
Breaks some Chromium browsers like Brave and Kiwi

Signed-off-by: Tad <tad@spotco.us>
 2022-04-28 08:04:28 -04:00
Tad
e9aa53b640 19.1: add guacamoleb 
skipping 18.1

Signed-off-by: Tad <tad@spotco.us>
 2022-04-27 08:35:48 -04:00
Tad
3316cc4824 Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-27 07:46:22 -04:00
Tad
3457fd4151 Device cleanup 
Drop long non-compiling devices:
- 14.1: n7100, jellypro
- 15.1: himaul, oneplus2
- 16.0: zenfone3, fugu
- 17.1: yellowstone, fugu
- 18.1: bonito, sargo

Drop in favor of 19.1:
- 17.1: bonito, sargo
- 18.1: pro1, aura, sunfish, coral, flame, bramble, redfin
(experimental, but these devices don't currently appear to have any users)

Signed-off-by: Tad <tad@spotco.us>
 2022-04-26 15:19:57 -04:00
Tad
13a9997a0c 19.1: aura and beryllium + some fixes 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-26 11:41:28 -04:00
Tad
4f64f7538c 19.1: Add toggle for /etc/hosts 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-20 22:45:12 -04:00
Tad
9a6c7a2684 18.1: Add toggle for /etc/hosts 
TODO: 19.1 and maybe 17.1

Tested working on klte/18.1

Signed-off-by: Tad <tad@spotco.us>
 2022-04-20 16:40:22 -04:00
Tad
1f721c7845 Further credit patches 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-19 23:52:10 -04:00
Tad
18e97c565d 19.1: missed hosts work 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-19 23:28:05 -04:00
Tad
c5b1cc9a35 Simplify 8e3f0438 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-19 20:23:53 -04:00
Tad
e666a4a891 Update CVE patchers 
TODO: maybe split CVE-2022-23960/4.9 to get back?

Signed-off-by: Tad <tad@spotco.us>
 2022-04-19 14:38:44 -04:00
Tad
8e3f043820 Warn when running activity from 32 bit app on ARM64 devices. 
https://android-review.googlesource.com/c/platform/frameworks/base/+/2003790/
https://github.com/GrapheneOS/platform_frameworks_base/pull/182

Signed-off-by: Tad <tad@spotco.us>
 2022-04-19 12:00:22 -04:00
Tad
d4dceffa60 Update supported kernels to latest wireless regulations database 
Applies for ~43 kernel trees

Source: wireless-regdb-2022.04.08

Signed-off-by: Tad <tad@spotco.us>
 2022-04-19 11:30:57 -04:00
Tad
163a162568 Fix boot animation + churn 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-18 23:04:24 -04:00
Tad
0e1266ac1f Drop Silence 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-16 18:53:00 -04:00
Tad
4b6a86a473 Add missing device variants 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-14 19:47:21 -04:00
Tad
be6b03fe96 Churn 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-13 14:54:08 -04:00
Tad
486e358050 More (disabled) lowram tweaks for <2GB devices 
The inprocess variants make very little reduction and likely reduce security.

Signed-off-by: Tad <tad@spotco.us>
 2022-04-12 20:25:26 -04:00
Tad
42c9d22de9 Default disable exec spawning 
Change the property too, so it takes effect next update.
Since 16.0 lacks a toggle, this effectively disables the feature for it.
Even devices with 4GB of RAM have usability severely impacted.

Plus some other tweaks/churn

Signed-off-by: Tad <tad@spotco.us>
 2022-04-12 17:58:04 -04:00
Tad
81d9923cda Don't disable scudo on lowram devices 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-12 15:01:05 -04:00
Tad
30de608a61 Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-12 02:51:44 -04:00
Tad
d078b24ddb lowram tweaks 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-11 23:40:26 -04:00
Tad
293a4d12f4 Churn 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-10 21:20:55 -04:00
Tad
d50a3a043b Switch 16.0/17.1/18.1 to the more robust GrapheneOS sensors permission patchset 
Like done for 19.1

Signed-off-by: Tad <tad@spotco.us>
 2022-04-10 21:12:03 -04:00
Tad
0895190ffa Icon cache fix 
Lineage overhauled icons and old ones are still showing

Signed-off-by: Tad <tad@spotco.us>
 2022-04-10 18:40:12 -04:00
Simon Brand
882c3083c5 Remove duplicte line in Enable_Verity.sh 2022-04-10 16:38:03 +00:00
Tad
5431edd85b Fix boot issues on select devices after recent AVB changes 
alioth, beryllium, davinci, vayu were tested working without this
lavender however would not boot
lmi was not tested

lavender, unlocked, managed to get into some weird broken state
that won't even boot after this, not even with Lineage or TWRP
:(

enchilada/fajita 18.1 use stock vendor and don't boot either
enchilada is tested booting again after this

Signed-off-by: Tad <tad@spotco.us>
 2022-04-09 18:27:48 -04:00
Tad
f747fb36e5 Various 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-08 16:55:30 -04:00
Tad
7da114e755 Tweaks 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-07 11:01:27 -04:00
Tad
a9e250afd9 Cleanup 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-07 00:37:20 -04:00
Tad
258fe8389b Adjust quick tiles for 12 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-06 22:30:56 -04:00
Tad
fd835ca492 Fixup 5a3c64c1 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-06 21:46:49 -04:00
Tad
2de5521a7c Keystore fix from GrapheneOS 
See:
https://nitter.net/GrapheneOS/status/1510736425259573249
https://github.com/Divested-Mobile/DivestOS-Build/discussions/46#discussioncomment-2520009

Signed-off-by: Tad <tad@spotco.us>
 2022-04-06 21:10:26 -04:00
Tad
5a3c64c178 19.1: oneplus/sdm845: 4.9.227 -> 4.9.282 
Just like 18.1

also .282 is the latest qc/4.9 sadly
AOSP/4.9 can be merged but has charging related tweaks that might break things

Broken:
drivers/char/diag/diagmem.c:184:11: error: cast to smaller integer type 'int' from 'void *'

Signed-off-by: Tad <tad@spotco.us>
 2022-04-06 21:09:43 -04:00
Tad
75f3bfd5d0 19.1: More work 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-06 17:09:14 -04:00
Tad
2d7a34a27d 19.1: Initial roster 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-06 17:04:59 -04:00
Tad
c5477f31dc FIX 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-06 16:30:04 -04:00
Tad
18c840222b Simplify: always nochain 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-06 15:45:20 -04:00
Tad
b026a7811c Actually enforce AVB + signing fixes 
- Turns out AVB was set permissive this entire time :(
  --flags 2 == VERIFICATION_DISABLED
- APEX support from GrapheneOS
- Disable vbmeta chaining like GrapheneOS
  and optionally handle it like CalyxOS

taimen 19.1 boots with locked bootloader successfully after this

Signed-off-by: Tad <tad@spotco.us>
 2022-04-06 15:16:12 -04:00
Tad
d1e441e4cb 19.1: More work 
- Adds hosts cache and wildcard support back
- Fixes broken hardened malloc enablement patch
- Drops FDroidPrivExt, non-functional
- Disables captive portal toggle patch, crashes Settings, needs rework
- Rebranding work
- Attempts to fix no boot animation

Signed-off-by: Tad <tad@spotco.us>
 2022-04-06 02:32:33 -04:00
Tad
3a0659b9d8 19.1: more work, it compiles and boots! 
- Add the manifest
- Add Pixel 2 series
- Add some missing patches
- More DNS files
- Drop Silence in 19.1

Signed-off-by: Tad <tad@spotco.us>
 2022-04-05 23:44:15 -04:00
Tad
1705545d22 19.1: Initial bringup 
TODO:
- manifest
- devices
- a few small patches to rebase

Signed-off-by: Tad <tad@spotco.us>
 2022-04-05 00:44:19 -04:00
Tad
b464106cc5 Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-04 15:51:23 -04:00
Tad
deb183d273 Tiny fix 
One of these might not be necessary

Signed-off-by: Tad <tad@spotco.us>
 2022-04-03 17:33:20 -04:00
Tad
1b83b96807 Simplify 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-02 15:15:30 -04:00
Tad
6c5a65622c Page sanitization improvements 
This ensures init_on_alloc/free is used instead of page poisioning where available.

3.4 through 3.18 have a patch without a toggle for page sanitization.

Signed-off-by: Tad <tad@spotco.us>
 2022-04-02 12:57:17 -04:00
Tad
01900ca1c6 Reverts 
WebView overlay is breaking boot on 15.1???

This reverts commit e61e288b4a.
 2022-04-01 17:07:27 -04:00
Tad
3f9b346345 Fix boot breakage 
On devices with quota enabled and impacted by this patch

Signed-off-by: Tad <tad@spotco.us>
 2022-04-01 10:30:30 -04:00
Tad
e1f5d99e51 Fixes 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-01 08:16:28 -04:00
Tad
987122f99e Churn 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-01 02:12:34 -04:00
Tad
8dbdc0f31e Enable Clang's -ftrivial-auto-var-init=zero on 17.1 
Just like Android 11+

Signed-off-by: Tad <tad@spotco.us>
 2022-03-31 22:04:50 -04:00
Tad
e26908b9e0 Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-03-31 21:30:56 -04:00
Tad
e2c499dd24 Enable Clang's -ftrivial-auto-var-init=zero on supported kernels 
Signed-off-by: Tad <tad@spotco.us>
 2022-03-31 21:00:31 -04:00
Tad
256df737a3 Don't set device name as DHCP hostname 
Signed-off-by: Tad <tad@spotco.us>
 2022-03-31 18:46:21 -04:00
Tad
90420610f0 Tiny tweak 
Signed-off-by: Tad <tad@spotco.us>
 2022-03-30 10:46:37 -04:00
Tad
f481055ae9 Add the GrapheneOS always randomize MAC option to 17.1 and 18.1 
The DHCP state patch was backported to 17.1

Signed-off-by: Tad <tad@spotco.us>
 2022-03-29 22:27:09 -04:00
Tad
09834b568f Disable USAP when exec_spawning patchset is enabled 
It seems to increase memory usage and its interactions are unknown

Signed-off-by: Tad <tad@spotco.us>
 2022-03-29 22:26:23 -04:00
Tad
1bbb6f9b4e Fix and enable exec_spawning feature 
This is the missing puzzle piece :)

Signed-off-by: Tad <tad@spotco.us>
 2022-03-28 22:02:52 -04:00