Tavi
5589be638e
Update commons
...
Signed-off-by: Tavi <tavi@divested.dev>
2024-10-07 20:32:38 -04:00
Tavi
34f1239007
Update commons
...
Signed-off-by: Tavi <tavi@divested.dev>
2024-09-28 09:43:43 -04:00
Tavi
c709a5eb41
Update commons
...
Signed-off-by: Tavi <tavi@divested.dev>
2024-09-05 23:02:08 -04:00
Tavi
d2b34c7a34
Update commons & pull in the latest helplines too
...
Signed-off-by: Tavi <tavi@divested.dev>
2024-09-04 14:02:43 -04:00
Tavi
aed895e1ad
More backports
...
Signed-off-by: Tavi <tavi@divested.dev>
2024-08-05 16:49:08 -04:00
Tavi
5fb3319508
Update commons
...
Signed-off-by: Tavi <tavi@divested.dev>
2024-07-31 20:31:27 -04:00
Tavi
3096e8ad9e
Update commons
...
Signed-off-by: Tavi <tavi@divested.dev>
2024-06-13 15:58:40 -04:00
Tavi
afe1135384
Cleanup
...
- Removes unused files/patches
- Removes many guards, these likely don't work anyway due to patchsets having dependencies
- No functional change
Signed-off-by: Tavi <tavi@divested.dev>
2024-05-20 13:25:08 -04:00
Tavi
d782ef887b
Reconcile
...
Signed-off-by: Tavi <tavi@divested.dev>
2024-05-11 12:33:31 -04:00
Tavi
c31e67b2f8
May ASB work
...
untested
Signed-off-by: Tavi <tavi@divested.dev>
2024-05-10 19:56:31 -04:00
Tavi
e195e38150
16.0: switch to latest hardened_malloc revision
...
kipper compiles
Signed-off-by: Tavi <tavi@divested.dev>
2024-05-10 19:26:53 -04:00
Tavi
321de1adbc
17.1: switch to latest hardened_malloc revision
...
+ dedupe the other hmalloc patches
Signed-off-by: Tavi <tavi@divested.dev>
2024-05-06 19:29:31 -04:00
Tavi
7fcfd8782f
Update commons
...
Signed-off-by: Tavi <tavi@divested.dev>
2024-05-03 08:56:50 -04:00
Tavi
8eb40b7a97
Optimize images
...
Signed-off-by: Tavi <tavi@divested.dev>
2024-04-21 14:30:59 -04:00
Tavi
3307463ffb
Update commons
...
Signed-off-by: Tavi <tavi@divested.dev>
2024-03-05 13:07:52 -05:00
Tavi
533749cffd
14.1: January ASB Picks
...
Signed-off-by: Tavi <tavi@divested.dev>
2024-01-06 02:41:36 -05:00
Tavi
fac5f2568f
Change gallery app
...
Signed-off-by: Tavi <tavi@divested.dev>
2024-01-05 12:29:17 -05:00
Tad
ba1e29a1b1
Reconcile picks
...
This gains one us patch: 376607
Signed-off-by: Tad <tad@spotco.us>
2023-12-11 18:59:08 -05:00
Tad
56aa41bf47
Picks
...
Signed-off-by: Tad <tad@spotco.us>
2023-12-05 20:45:24 -05:00
Tad
c45a1db5e2
17.1 November ASB work
...
Plus a bonus October patch from @flamefire
https://github.com/Flamefire/android_device_sony_lilac/blob/lineage-17.1/patches/asb-2023-10/android_packages_providers_MediaProvider/0001-Fix-path-traversal-vulnerabilities-in-MediaProvider.patch
Signed-off-by: Tad <tad@spotco.us>
2023-11-13 16:25:48 -05:00
Tad
77b7de4b1e
Picks
...
Signed-off-by: Tad <tad@spotco.us>
2023-11-09 17:59:22 -05:00
Tad
01a196e055
Pull in Messaging notifications fix
...
Likely solves https://github.com/Divested-Mobile/DivestOS-Build/issues/141
Signed-off-by: Tad <tad@spotco.us>
2023-11-05 19:32:30 -05:00
Tad
bf565cd578
Switch to upstream ASB patchsets
...
Signed-off-by: Tad <tad@spotco.us>
2023-10-08 22:52:14 -04:00
Tad
8ca9d55a57
Update commons
...
Signed-off-by: Tad <tad@spotco.us>
2023-10-03 15:33:07 -04:00
Tad
7d2c184d1f
Bonus patches
...
Signed-off-by: Tad <tad@spotco.us>
2023-10-03 15:17:06 -04:00
Tad
fcf4f812cc
CVE-2023-5217
...
untested
Signed-off-by: Tad <tad@spotco.us>
2023-09-28 09:17:29 -04:00
Tad
25f02f4177
14.1 though 17.1: patch CVE-2023-4863, thanks to @syphyr
...
run tested on 14.1, 15.1, and 17.1
compile tested on 16.0
Signed-off-by: Tad <tad@spotco.us>
2023-09-20 04:16:17 -04:00
Tad
8b51c3cd0f
Fixup OpenEUICC inclusion
...
Signed-off-by: Tad <tad@spotco.us>
2023-08-21 20:00:31 -04:00
Tad
d6c3b6c8fa
More eSIM work
...
- Add the GrapheneOS package hook mechanism
- Ensure OpenEUICC and EuiccSupportPixel are only enabled in the system user
- Prevent EuiccSupportPixel interactions
- Remove INTERNET permission from EuiccSupportPixel
Signed-off-by: Tad <tad@spotco.us>
2023-08-21 16:50:51 -04:00
Tad
c070e856b2
eSIM enablement via @PeterCxy's OpenEUICC
...
tested working on bluejay
Signed-off-by: Tad <tad@spotco.us>
2023-08-21 09:25:10 -04:00
Tad
160aee5049
Backport patch to handle verity with openssl 3.0
...
ref: https://github.com/Divested-Mobile/DivestOS-Website/pull/19
Signed-off-by: Tad <tad@spotco.us>
2023-08-11 18:53:01 -04:00
Tad
566decb5dd
Churn
...
Signed-off-by: Tad <tad@spotco.us>
2023-08-08 05:14:44 -04:00
Tad
7ef5d9a9c4
Broken EUICC handling
...
Signed-off-by: Tad <tad@spotco.us>
2023-08-05 18:57:32 -04:00
Tad
95a57748ea
Fix the fix
...
Signed-off-by: Tad <tad@spotco.us>
2023-07-25 13:03:44 -04:00
Tad
e458e9ddd4
Unbreak the F-Droid additional repos
...
microG pubkey was wrongly spanning multiple lines
likely from copy/paste of old diff
addresses https://gitlab.com/fdroid/fdroidclient/-/issues/2662
Signed-off-by: Tad <tad@spotco.us>
2023-07-25 13:01:45 -04:00
Tad
e74f861c8e
Fixes + Churn
...
- Fix instances of awk failing on missing globs
- Remove unwanted packages from work/user/managed profiles
- Remove proprietary camera extensions
Signed-off-by: Tad <tad@spotco.us>
2023-07-24 03:59:51 -04:00
Tad
aa6bfad801
Various
...
- Drop OpenCamera, it doesn't work on lock screens anymore?
- microG on 18.1+:
- set packages forceQueryable
- spoof some sources as Play Store
TODO: backport this to 17.1
- Remove camera extensions
- Churn
- Wording
Signed-off-by: Tad <tad@spotco.us>
2023-07-15 18:22:07 -04:00
Tad
192c73146a
Add a toggle for KSM
...
Signed-off-by: Tad <tad@spotco.us>
2023-07-14 17:11:21 -04:00
Tad
b5bb498248
Many tweaks
...
- 19.1/20.0: Enable low ram for <6GB devices
- 20.0: support RROs with exec spawning patch from GrapheneOS
- allow work profiles when low ram is enabled
- churn
- cherrypicks
Signed-off-by: Tad <tad@spotco.us>
2023-07-13 16:40:05 -04:00
Tad
eff7a69bed
Small changes
...
- Another fix
- Deblobber tweaks
- Patch from GrapheneOS
- Cherrypick
Signed-off-by: Tad <tad@spotco.us>
2023-07-13 10:58:41 -04:00
Tad
fdeceb5c9c
Fixups
...
Signed-off-by: Tad <tad@spotco.us>
2023-07-10 22:50:33 -04:00
Tad
5bc210f135
Adjust microg config path
...
/product can't be used for now
https://github.com/microg/GmsCore/issues/1976
also move the wording around so it can be easier to remove later
after a new release is tagged
Signed-off-by: Tad <tad@spotco.us>
2023-07-07 13:33:48 -04:00
Tad
492ed24ca2
Fixups
...
Signed-off-by: Tad <tad@spotco.us>
2023-07-06 17:59:25 -04:00
Tad
34f2d0d15a
Tweak micorG defaults
...
New options added
4772008582
Signed-off-by: Tad <tad@spotco.us>
2023-07-06 14:39:38 -04:00
Tad
c9a7ff8bba
Override all microG defaults to disabled
...
TODO after fixed:
SafetyNet: https://github.com/microg/GmsCore/issues/1971
Geocoder: https://github.com/microg/GmsCore/issues/1972
Signed-off-by: Tad <tad@spotco.us>
2023-07-04 14:48:18 -04:00
Tad
4282c7c35f
Backports of 0f4044e2
to 17.1/18.1/19.1
...
Also don't grant any special location permissions
Signed-off-by: Tad <tad@spotco.us>
2023-07-03 15:17:56 -04:00
Tad
0f4044e242
20.0: opt-in hardened unprivileged microG ability
...
Unlike other systems which ship privileged microG out of the box:
- User must enable microG repo in F-Droid
- User must install official microG apps (GmsCore/FakeStore/GSF)
- User must enable the microG toggle in Settings
- NOT a privileged app, not all features will work
- gmscore SELinux domain is still disabled
Signed-off-by: Tad <tad@spotco.us>
2023-07-03 13:45:06 -04:00
Tad
dc4d6b0901
Churn
...
Signed-off-by: Tad <tad@spotco.us>
2023-06-20 18:36:31 -04:00
Tad
cda898f141
Certificate Authority store updates
...
- Remove some untrustworthy CAs
- Update CA store for all branches to aosp/e302aa968334b3c3fc9cd709a7c7661e0cf534eb
Signed-off-by: Tad <tad@spotco.us>
2023-06-17 15:13:54 -04:00
Tad
0dde119d7e
20.0 June ASB work + churn
...
QPR3 is delayed a week now
Patches pulled from GrapheneOS and checked against CalyxOS
Signed-off-by: Tad <tad@spotco.us>
2023-06-12 21:06:42 -04:00