Commit Graph

526 Commits

Author SHA1 Message Date
Tad
c05be35867
Picks
Signed-off-by: Tad <tad@spotco.us>
2023-10-07 17:10:36 -04:00
Tad
7d2c184d1f
Bonus patches
Signed-off-by: Tad <tad@spotco.us>
2023-10-03 15:17:06 -04:00
Tad
d80f272b54
Update CVE patchers
CVE-2023-4128 replaces CVE-2023-4208

Signed-off-by: Tad <tad@spotco.us>
2023-10-02 21:41:34 -04:00
Tad
fcf4f812cc
CVE-2023-5217
untested

Signed-off-by: Tad <tad@spotco.us>
2023-09-28 09:17:29 -04:00
Tad
4b47141bac
Update picks
You must still set pixel/android-13.0.0_r0.127 in .repo/manifests/snippets/pixel.xml

Signed-off-by: Tad <tad@spotco.us>
2023-09-25 15:14:52 -04:00
Tad
19f4964036
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-09-21 16:52:35 -04:00
Tad
b39b2f2feb
Churn + Picks
Signed-off-by: Tad <tad@spotco.us>
2023-09-21 16:12:28 -04:00
Tad
25f02f4177
14.1 though 17.1: patch CVE-2023-4863, thanks to @syphyr
run tested on 14.1, 15.1, and 17.1
compile tested on 16.0

Signed-off-by: Tad <tad@spotco.us>
2023-09-20 04:16:17 -04:00
Tad
337ae6012d
Fixup
TODO: regen

Signed-off-by: Tad <tad@spotco.us>
2023-09-17 20:26:44 -04:00
Tad
968676650e
Update picks
Signed-off-by: Tad <tad@spotco.us>
2023-09-17 01:32:03 -04:00
Tad
1b4f6d3bd8
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-09-17 01:30:23 -04:00
Tad
cbf76ea4eb
18.1+: patch CVE-2023-4863
TODO:
- 17.1 uses v1.0.2, needs backport
  patch for v1.0.3: 8d9916da90

Signed-off-by: Tad <tad@spotco.us>
2023-09-15 14:38:14 -04:00
Tad
84a84c4742
Picks + Churn
Signed-off-by: Tad <tad@spotco.us>
2023-09-10 21:12:24 -04:00
Tad
0ec3c25d86
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-09-05 20:42:14 -04:00
Tad
ca83e7bc40
Unbreak
Signed-off-by: Tad <tad@spotco.us>
2023-08-31 22:40:38 -04:00
Tad
6d52d2f6ce
m8: Fix display corruption
Fixes the screen shifting vertically when in a full screen task like camera

Signed-off-by: Tad <tad@spotco.us>
2023-08-31 21:55:13 -04:00
Tad
fc9032513f
Update CVE patchers
Likely issue CVE-2023-3773/^6.4

Signed-off-by: Tad <tad@spotco.us>
2023-08-27 17:13:53 -04:00
Tad
ee5a62138a
Push z2_plus to 20.0
Signed-off-by: Tad <tad@spotco.us>
2023-08-24 18:58:08 -04:00
Tad
7835c2b2ae
18.1+: Restrict tile usage when locked, credit @GrapheneOS
TODO: backport to older branches

Signed-off-by: Tad <tad@spotco.us>
2023-08-22 17:54:19 -04:00
Tad
7fb56809ac
Small fixups
Signed-off-by: Tad <tad@spotco.us>
2023-08-18 16:08:10 -04:00
Tad
ceec1584a9
Fixup hosts cache thanks to patch from @danielk43
Closes https://github.com/Divested-Mobile/DivestOS-Build/issues/198

Signed-off-by: Tad <tad@spotco.us>
2023-08-18 11:17:14 -04:00
Tad
2142e2e763
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-08-17 17:18:10 -04:00
Tad
9707326c4f
Churn
Signed-off-by: Tad <tad@spotco.us>
2023-08-13 16:16:21 -04:00
Tad
160aee5049
Backport patch to handle verity with openssl 3.0
ref: https://github.com/Divested-Mobile/DivestOS-Website/pull/19

Signed-off-by: Tad <tad@spotco.us>
2023-08-11 18:53:01 -04:00
Tad
974878988b
Fixup
Will regen later

Signed-off-by: Tad <tad@spotco.us>
2023-08-09 00:46:44 -04:00
Tad
067c50a81d
Cherrypicks
ca-cert picks are ignored as we already use the mainline repo

Signed-off-by: Tad <tad@spotco.us>
2023-08-08 05:05:34 -04:00
Tad
eef09ae519
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-08-07 18:07:19 -04:00
Tad
180280b233
Update CVE patchers
TODO: adjust min version of CVE-2023-4132

Signed-off-by: Tad <tad@spotco.us>
2023-08-04 21:00:29 -04:00
Tad
7b7d5b93dd
Adjust
Signed-off-by: Tad <tad@spotco.us>
2023-07-27 13:43:06 -04:00
Tad
73414e76d2
Update CVE patchers
two lpes

Signed-off-by: Tad <tad@spotco.us>
2023-07-25 12:04:05 -04:00
Tad
e74f861c8e
Fixes + Churn
- Fix instances of awk failing on missing globs
- Remove unwanted packages from work/user/managed profiles
- Remove proprietary camera extensions

Signed-off-by: Tad <tad@spotco.us>
2023-07-24 03:59:51 -04:00
Tad
05bb9b039b
18.1: add debx
Signed-off-by: Tad <tad@spotco.us>
2023-07-22 19:20:39 -04:00
Tad
e408e7e19a
Drop devices with newer versions available
14.1: clark
15.1: deb, flo, hammerhead, shamu, ether
16.0: hammerhead
19.1: alioth

Signed-off-by: Tad <tad@spotco.us>
2023-07-22 19:17:42 -04:00
Tad
fbf6058e65
18.1: unofficial hammerhead bringup by @z3DD3r
not broken like 16.0 and way more updated than 15.1

Signed-off-by: Tad <tad@spotco.us>
2023-07-22 19:06:23 -04:00
Tad
0f9a2c7aea
Less aggressive low_ram enablement
14.1 <2GB
15.1 <2GB
16.0 <2GB
17.1 <3GB
18.1 <3GB
19.1 <4GB
20.0 <4GB

Signed-off-by: Tad <tad@spotco.us>
2023-07-17 18:44:56 -04:00
Tad
b6308caa37
Update CVE patchers
TODO: enable CVE-2023-31084/4.4

Signed-off-by: Tad <tad@spotco.us>
2023-07-15 21:22:18 -04:00
Tad
aa6bfad801
Various
- Drop OpenCamera, it doesn't work on lock screens anymore?
- microG on 18.1+:
  - set packages forceQueryable
  - spoof some sources as Play Store
    TODO: backport this to 17.1
- Remove camera extensions
- Churn
- Wording

Signed-off-by: Tad <tad@spotco.us>
2023-07-15 18:22:07 -04:00
Tad
1c9076fffe
KSM tuning
- Only enable on Linux 3.0 through 4.9
- Always enable defer option
- Only run twice a second, instead of fifty times a second

Signed-off-by: Tad <tad@spotco.us>
2023-07-14 20:27:10 -04:00
Tad
192c73146a
Add a toggle for KSM
Signed-off-by: Tad <tad@spotco.us>
2023-07-14 17:11:21 -04:00
Tad
15de8ed2e8
Expand the low_ram coverage
As follows
14.1 <3GB
15.1 <3GB
16.0 <3GB
17.1 <3GB
18.1 <4GB
19.1 <6GB
20.0 <6GB

Signed-off-by: Tad <tad@spotco.us>
2023-07-13 18:31:03 -04:00
Tad
b5bb498248
Many tweaks
- 19.1/20.0: Enable low ram for <6GB devices
- 20.0: support RROs with exec spawning patch from GrapheneOS
- allow work profiles when low ram is enabled
- churn
- cherrypicks

Signed-off-by: Tad <tad@spotco.us>
2023-07-13 16:40:05 -04:00
Tad
eff7a69bed
Small changes
- Another fix
- Deblobber tweaks
- Patch from GrapheneOS
- Cherrypick

Signed-off-by: Tad <tad@spotco.us>
2023-07-13 10:58:41 -04:00
Tad
83cbcfa39b
Churn
Signed-off-by: Tad <tad@spotco.us>
2023-07-08 15:21:06 -04:00
Tad
2651f33e5c
ASB cherrypicks
Signed-off-by: Tad <tad@spotco.us>
2023-07-07 13:44:00 -04:00
Tad
a1a3cbb94e
Fix overlay conflicts
Should mostly fix https://github.com/Divested-Mobile/DivestOS-Build/issues/219

Signed-off-by: Tad <tad@spotco.us>
2023-07-06 14:51:40 -04:00
Tad
c4666a33b7
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-07-05 19:42:40 -04:00
Tad
a96f74ca28
Enable the opt-in unprivileged microG enablement patchset
Runtime tested: 17.1, 18.1, 20.0
Compile tested: 19.1

Signed-off-by: Tad <tad@spotco.us>
2023-07-03 21:50:08 -04:00
Tad
4282c7c35f
Backports of 0f4044e2 to 17.1/18.1/19.1
Also don't grant any special location permissions

Signed-off-by: Tad <tad@spotco.us>
2023-07-03 15:17:56 -04:00
Tad
2e2ac4557d
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-06-26 19:41:11 -04:00
Tad
0bc93038ac
Cleanup
Signed-off-by: Tad <tad@spotco.us>
2023-06-18 20:35:34 -04:00
Tad
cda898f141
Certificate Authority store updates
- Remove some untrustworthy CAs
- Update CA store for all branches to aosp/e302aa968334b3c3fc9cd709a7c7661e0cf534eb

Signed-off-by: Tad <tad@spotco.us>
2023-06-17 15:13:54 -04:00
Tad
41e2669884
17.1: switch to flamefire's ASB topics
This gets us ~9 extra patches

Signed-off-by: Tad <tad@spotco.us>
2023-06-17 15:13:46 -04:00
Tad
a07133a064
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-06-16 11:03:46 -04:00
Tad
0dde119d7e
20.0 June ASB work + churn
QPR3 is delayed a week now

Patches pulled from GrapheneOS and checked against CalyxOS

Signed-off-by: Tad <tad@spotco.us>
2023-06-12 21:06:42 -04:00
Tad
04b4a1a45f
Picks + Churn
Signed-off-by: Tad <tad@spotco.us>
2023-06-08 22:48:40 -04:00
Tad
2ee99fe3ef
Update CVE patchers
CVE-2020-36694 appears to be a duplicate of CVE-2021-29650

Signed-off-by: Tad <tad@spotco.us>
2023-06-01 21:12:08 -04:00
Tad
8463705798
Update CVE patchers
- Includes CVE-2023-32233 fixes for more devices
- Upstream has reverted the LVT patches, maybe consider handling them

Signed-off-by: Tad <tad@spotco.us>
2023-05-22 20:33:47 -04:00
Tad
289d01c66e
m8: artifacting workaround
Signed-off-by: Tad <tad@spotco.us>
2023-05-19 12:45:16 -04:00
Tad
71c169d326
Promote LGE G5, G6, and V20 to 19.1
Signed-off-by: Tad <tad@spotco.us>
2023-05-17 02:52:11 -04:00
Tad
cd0a29d69b
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-05-12 23:28:44 -04:00
Tad
2856ebd8c2
More device additions
18.1:
	- serranodsdd
	- jactivelte, jfvelte
	- jasmine_sprout, platina, twolip, wayne, whyred

Signed-off-by: Tad <tad@spotco.us>
2023-05-10 17:20:57 -04:00
polkaulfield
30ac119aa5 Fixed a couple of typos 2023-05-10 14:37:08 -04:00
polkaulfield
32c6195acf Added support for Samsung Galaxy Note 3 (hlte) 2023-05-10 14:37:08 -04:00
Tad
0004c224cf
Picks
Signed-off-by: Tad <tad@spotco.us>
2023-05-06 00:15:27 -04:00
Tad
6d2a255eef
Remove User-Agent (and serial) from source built libloc
Signed-off-by: Tad <tad@spotco.us>
2023-05-05 22:27:27 -04:00
Tad
e4abf9aeab
Drop picks
Merged upstream

Signed-off-by: Tad <tad@spotco.us>
2023-05-03 21:45:47 -04:00
Tad
c544c28b94
Prevent Qualcomm location stack from reading chipset serial number
The deblobber already removes xtra-daemon which is what actually performs the requests.
This is just extra sanctity.

Signed-off-by: Tad <tad@spotco.us>
2023-05-03 21:41:20 -04:00
Tad
366b4eb5ef
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-05-02 18:01:39 -04:00
Tad
3f40c8fb7c
Picks
Signed-off-by: Tad <tad@spotco.us>
2023-05-02 17:09:25 -04:00
Tad
39b0c9e036
Remove broken emoji updates
Signed-off-by: Tad <tad@spotco.us>
2023-05-02 15:31:57 -04:00
Tad
7b2eb1079a
Update emoji list in LatinIME too and disable
tested not working on 15.1
shows as cross boxes or double characters

Signed-off-by: Tad <tad@spotco.us>
2023-04-29 16:56:13 -04:00
Tad
86b7525400
Update the emojis, untested
Signed-off-by: Tad <tad@spotco.us>
2023-04-29 16:17:00 -04:00
Tad
47136145e5
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-04-23 23:20:36 -04:00
Tad
9ba61642de
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-04-17 23:19:28 -04:00
Tad
aad60b7567
Promotions
16.0 santoni/land to 20.0 Mi8937 unified
17.1 griffin to 18.1
17.1 star*/crownlte to 20.0
20.0 add pro1x

Signed-off-by: Tad <tad@spotco.us>
2023-04-17 21:36:49 -04:00
Tad
baeec11627
Picks + Churn
Signed-off-by: Tad <tad@spotco.us>
2023-04-16 01:24:20 -04:00
Tad
2cc87c4dc7
Switch fingerprint locked to 5 attempts instead of 3 + churn
Signed-off-by: Tad <tad@spotco.us>
2023-04-12 15:26:26 -04:00
Tad
9a97c7013b
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-04-05 12:43:36 -04:00
Tad
4435c200ed
15.1+: vCard 4.0 support from GrapheneOS
8fbeedd002

Fixes https://github.com/Divested-Mobile/DivestOS-Build/issues/202

Signed-off-by: Tad <tad@spotco.us>
2023-04-04 12:50:42 -04:00
Tad
750f244304
Updates, logging, and churn
also add an extra March ASB patch for 17.1

Signed-off-by: Tad <tad@spotco.us>
2023-03-31 12:38:46 -04:00
Tad
ca93ef33ce
Slightly improve compatibility with apps that want GSF
38a5ca05e9

Signed-off-by: Tad <tad@spotco.us>
2023-03-28 23:45:58 -04:00
Tad
2907be1be5
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-03-28 00:48:08 -04:00
Tad
fe80137df9
Don't remove CompanionDeviceManager
Used by some wearables, not just Android Wear

Closes https://github.com/Divested-Mobile/DivestOS-Build/issues/196

Signed-off-by: Tad <tad@spotco.us>
2023-03-25 20:21:38 -04:00
Tad
472ec96915
Churn
Signed-off-by: Tad <tad@spotco.us>
2023-03-22 16:23:26 -04:00
Tad
b4dbe27f23
Fixes
- 18.1: Fix exempted background tasks when dozing (GrapheneOS)
- 20.0: pick a fix for some colors after qpr2
- 20.0: fix the missing notification backdrop

Signed-off-by: Tad <tad@spotco.us>
2023-03-20 17:51:09 -04:00
Tad
ec38522af9
Churn
Signed-off-by: Tad <tad@spotco.us>
2023-03-18 20:52:59 -04:00
Tad
d261ab1107
Updates
Signed-off-by: Tad <tad@spotco.us>
2023-03-17 19:27:37 -04:00
Tad
8bcb5c734d
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-03-17 19:27:22 -04:00
Tad
38626e1b0c
Picks + Fixes
Signed-off-by: Tad <tad@spotco.us>
2023-03-14 16:58:27 -04:00
Tad
162b40a39d
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-03-13 18:13:54 -04:00
Tad
ef2fdb1d3e
More handling improvements
Signed-off-by: Tad <tad@spotco.us>
2023-03-08 16:14:51 -05:00
Tad
0b294c1601
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-03-08 16:01:49 -05:00
Tad
5d0ab40f0b
Robustness improvements
Signed-off-by: Tad <tad@spotco.us>
2023-03-08 01:14:06 -05:00
Tad
6ba784ac33
Some actual error handling 1/n
Signed-off-by: Tad <tad@spotco.us>
2023-03-08 00:03:23 -05:00
Tad
097019193e
Don't bail when devices are missing
Signed-off-by: Tad <tad@spotco.us>
2023-03-07 23:41:27 -05:00
Tad
804786aa23
Update CVE patchers
Fixes https://github.com/Divested-Mobile/DivestOS-Build/issues/193

Signed-off-by: Tad <tad@spotco.us>
2023-03-06 19:54:15 -05:00
Tad
b8f39716f1
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-02-26 12:21:36 -05:00
Tad
b08bf0356f
Small additions + churn
- 18.1+: Disable NTP fully when automatic time is off, credit GrapheneOS
- 20.0: Handle Tor-over-Orbot when killswitch enabled, credit CalyxOS, BROKEN

Signed-off-by: Tad <tad@spotco.us>
2023-02-18 13:52:46 -05:00
Tad
9f82763c53
Churn
Signed-off-by: Tad <tad@spotco.us>
2023-02-17 23:57:04 -05:00
Tad
e9f58cfd3c
VPN fixes
Some devices still don't have these in 2023
https://gitlab.com/LineageOS/issues/android/-/issues/2193

Note, the following still aren't patched:
15.1
kernel/google/msm
kernel/lge/hammerhead

16.0
kernel/cyanogen/msm8974
kernel/lge/hammerhead

18.1
kernel/motorola/msm8974

Signed-off-by: Tad <tad@spotco.us>
2023-02-12 21:34:23 -05:00