Commit Graph

1004 Commits

Author SHA1 Message Date
Tad
1b4b86c38d Tiny tweaks 2020-10-23 14:49:16 -04:00
Tad
c7eb6fcbfe deblobber: fixup IMS for a few devices
Don't remove qti-vzw-ims-internal.jar needed by IMS stack.
It is just a shim and doesn't really do anything.

Also put RCS behind a flag.
2020-10-21 20:09:53 -04:00
Tad
0958df7de5 deblobber: remove more blobs 2020-10-20 10:45:57 -04:00
Tad
00a6a86126 deblobber: fixup timekeep replacement, credit Wang Han/aviraxp 2020-10-20 05:39:06 -04:00
Tad
d889ae4642 Update CVE patchers 2020-10-17 15:28:42 -04:00
Tad
6d15a2bb82 Update CVE patchers 2020-10-15 22:36:28 -04:00
Tad
688f4dd953 More CVE patcher fixes 2020-10-15 21:31:46 -04:00
Tad
cc64ce1634 Update CVE patchers 2020-10-14 16:28:07 -04:00
Tad
10d042c3c0 Update CVE patchers 2020-10-14 15:20:06 -04:00
Tad
6c9c91941e Fix errors from compile test of all 14.1 kernels 2020-10-14 14:23:22 -04:00
Tad
d53a4f4e41 Update CVE patchers
- Drop tcp_sack=0 sysctl, as most devices are now patched
2020-10-12 18:38:07 -04:00
Tad
b56929d3d9 Many changes
- Missing credit in LICENSE
- Update TODO
- hardenLocationConf: don't change version
- hardenDefconfig: Fix reboot on shutdown
- changeDefaultDNS: replace a level3 dns straggler for tethering config
- Don't remove CompanionDeviceManager if microG is included
- Update cherry picks
- init.sh: update comment wording
2020-10-12 07:52:54 -04:00
Tad
115dd21832 Many changes
- 17.1: Add Pixel 4/XL
- Promote klte to 17.1
- hardenBootArgs: don't run on klte
- hardenBootArgs: regorganize
- hardenDefconfig: enabler: drop unnecessary options (iommu)
- hardenDefconfig: disabler: comment diag options for now
- deblobber: comment dirac lines to fix cheeseburger headphone jack
- fixup Etar replacement
2020-10-11 07:12:00 -04:00
Tad
496fddb303 Replace calendar with Etar, and drop LocalCalendar 2020-10-11 04:12:16 -04:00
Tad
260140f0a1 Update CVE patchers 2020-10-10 11:56:35 -04:00
Tad
8bdad21040 Update CVE patchers 2020-10-06 23:36:29 -04:00
Tad
b56fabac3b Update CVE patchers
I expect some breakage here
2020-10-06 21:14:18 -04:00
Tad
bf9167f442 Update CVE patchers 2020-10-05 21:38:25 -04:00
Tad
589394a589 Small updates 2020-10-05 21:38:15 -04:00
Tad
55e010fba5 Small updates 2020-10-01 14:56:37 -04:00
Tad
46c1a74ef3 17.1: Fixup TTS 2020-09-25 11:38:26 -04:00
Tad
92f7f37096 Update CVE patchers
Fix CVE-2020-25221 breakage
2020-09-25 09:27:12 -04:00
Tad
bc7cf7af0a Update CVE patchers 2020-09-25 06:55:18 -04:00
Tad
a9812ba729 17.1: Rebase microG patches 2020-09-24 08:02:27 -04:00
Tad
92879ec2a4 Update CVE patchers 2020-09-23 06:31:34 -04:00
Tad
3bc1463017 Update CVE patchers 2020-09-18 10:36:01 -04:00
Tad
8c1e8ee3e3 Update CVE patchers 2020-09-17 15:35:48 -04:00
Tad
40654dbf4b Fixup 556a8529 2020-09-15 15:29:10 -04:00
Tad
6e16320468 Small fixes 2020-09-13 19:52:37 -04:00
Tad
d16a362141 ASB cherry picks + Fixup 2f83043c
TODO: rm -v kernel/*/*/drivers/staging/greybus/tools/Android.mk
2020-09-12 08:29:09 -04:00
Tad
4c29ac36d2 Update CVE patchers 2020-09-09 19:00:03 -04:00
Tad
76fcd8a0d4 Update CVE patchers 2020-09-08 18:19:52 -04:00
Tad
37ff7ddc2d Update CVE patchers 2020-09-02 15:03:00 -04:00
Tad
bca6af1516 Small updates
- recovery: abort on serial number specific updates, credit: GrapheneOS
- Add lists of missing CVEs
- Update cherrypicks
2020-09-02 14:20:51 -04:00
Tad
0808ac1fd0 Many updates
- Add OnePlus 6, 6T, 7, 7 Pro
- Ensure verity/avb keys are *always* copied
- Update cherry picks
2020-09-01 03:26:21 -04:00
Tad
ec17d20f58 Update CVE patchers 2020-08-22 11:03:23 -04:00
Tad
826949e6df Small updates 2020-08-22 10:18:29 -04:00
Tad
98854115be 16.0: Add pro1
- Also initial beryllium support, no builds yet
2020-08-10 15:34:55 -04:00
Tad
f19dbe5958 More fixes for a69326f3 2020-08-10 03:46:36 -04:00
Tad
2f83043c68 14.1+15.1: GPS week rollover fix
16.0: 279492
17.1: 278135

also switch to alternate Xtra servers
https://developer.gemalto.com/threads/gps-time-info-error
2020-08-09 12:30:47 -04:00
Tad
887ebb84c5 Update CVE patchers
Includes many fixes for a69326f3
but probably breaks other things
2020-08-09 07:29:19 -04:00
Tad
a69326f396 Update CVE patchers
Untested. I expect some breakage.
2020-08-08 13:06:39 -04:00
Tad
7cd6df559c Update AOSP CVE list to August patches 2020-08-05 01:53:50 -04:00
Tad
af54500797 Update CVE patchers 2020-08-03 18:15:27 -04:00
Tad
e78a0cc1bc Small changes 2020-07-26 09:19:12 -04:00
Tad
0a979b67fa Small changes
- 17.1: bringup bacon and ether
2020-07-24 10:20:07 -04:00
Tad
dc3cf3405f Small updates
- Fix USB breakage
2020-07-22 08:50:51 -04:00
Tad
a6a59309ed More small fixes 2020-07-13 21:28:17 -04:00
Tad
2675404f86 14.1: move n-netd cherry picks in tree 2020-07-13 20:15:08 -04:00
Tad
820a680d4d Small updates + Many fixes 2020-07-13 17:37:33 -04:00
Tad
e8f13920bb Cherry picks 2020-07-08 16:39:26 -04:00
Tad
c715d549a7 Update CVE patchers 2020-07-07 01:57:39 -04:00
Tad
9bafe76906 Update CVE patchers 2020-06-27 02:29:14 -04:00
Tad
d9a61e1dea Fix GPG signing 2020-06-27 01:45:02 -04:00
Tad
2ef92046af Small changes 2020-06-22 20:41:49 -04:00
Tad
b2b9eb7ffc Potential fix for phone call audio on shamu and others 2020-06-17 15:20:02 -04:00
Tad
900183743d Add GPG signing to processRelease 2020-06-17 13:20:26 -04:00
Tad
70508e2b70 More checksums 2020-06-14 10:05:34 -04:00
Tad
5b9e44794b Fixup broken checksum generation 2020-06-14 09:36:39 -04:00
Tad
4e9f733f27 Small updates 2020-06-12 16:27:45 -04:00
Tad
837fbecc49 More verity resurrection 2020-06-08 11:57:52 -04:00
Tad
d96a421dee 17.1: disable cheeseburger/dumpling 2020-06-07 22:33:50 -04:00
Tad
79c7443c7d 17.1: bring up osprey and cheeseburger/dumpling
- also fix cherrypick mismatch
2020-06-07 16:35:05 -04:00
Tad
850c4ad88c Small updates
- Partial revert of 5106063c
- Cherry picks
- CVE patcher fixes
2020-06-07 04:25:12 -04:00
Tad
5797ea8fc4 Small fixes
CVE-2019-14047/ANY/0002.patch will probably need to be disabled on more devices
2020-06-02 17:33:27 -04:00
Tad
ca77d36357 Update CVE patchers 2020-06-02 02:23:57 -04:00
Tad
694f270d75 Initial bringup of many devices to 17.1 2020-05-31 15:10:32 -04:00
Tad
31d6ab5299 Update CVE patchers 2020-05-28 23:06:53 -04:00
Tad
5106063cb5 Drop many more repositories 2020-05-24 20:07:03 -04:00
Tad
7af3c42325 Minor fixes 2020-05-23 23:31:05 -04:00
Tad
4c1577724f Small changes
- hardenDefconfig: more options from Alexander Popov's checker
- 17.1: A2DP fix from GrapheneOS when hardened_malloc is in use
2020-05-23 18:06:22 -04:00
Tad
25cc3c5a10 Update CVE patchers 2020-05-18 16:25:41 -04:00
Tad
7343973b1d Minor updates
- Update cherrypicks
- 17.1: mata fix usb
- 16.0: whitelist open camera for aux support
2020-05-17 10:04:48 -04:00
Tad
f5462dd23c Minor tweaks 2020-05-13 17:38:39 -04:00
Tad
2aa65e6b16 Cherry picks 2020-05-11 07:57:53 -04:00
Tad
e962fdeb81 Update CVE patchers 2020-05-04 17:18:50 -04:00
Tad
e58ba3e9b2 Disable IMS stack 2020-05-02 22:29:23 -04:00
Tad
2a0352ba1c Many fixes
17.1: recovery: rebranding reverts
17.1: mata: fix vorbis
17.1: g2/g3: fix Wi-Fi under -user
15.1/16.0: g2/g3: improve misc_block_exception patch
2020-04-30 18:37:41 -04:00
Tad
c1e0503390 Update cherry picks 2020-04-28 19:23:49 -04:00
Tad
9fcb91793e Update CVE patchers 2020-04-26 13:24:43 -04:00
Tad
358a0d703b Many changes
- Promote many 16.0 devices to 17.1
- Many build fixes
- Switch to FairEmail
2020-04-25 12:34:49 -04:00
Tad
84300d6611 Small fixes 2020-04-19 13:19:55 -04:00
Tad
98a45b1ee6 Build fixes 2020-04-15 21:38:46 -04:00
Tad
c3bb898eb0 2020 2020-04-14 21:39:51 -04:00
Tad
8012903ba1 17.1: Initial bringup
- See items marked with '17REBASE'
2020-04-14 21:21:13 -04:00
Tad
cdd74148b9 Patcher build fixes 2020-04-12 13:58:02 -04:00
Tad
ee458d0ed1 April ASB cherry picks 2020-04-08 13:44:52 -04:00
Tad
0c89accfb5 Update CVE patchers 2020-04-06 22:23:37 -04:00
Tad
c26b3e95c7 Minor tweaks
- Cherry pick PPP/CVE-2020-8597 patches
- Add some more DNS providers
- Switch default DNS to Cloudflare's new malware blocking provider
- GCC 10 build fix
- Update CVE patchers (select)
2020-04-05 15:53:58 -04:00
Tad
d7ef9abf61 Minor tweaks 2020-03-25 22:08:25 -04:00
Tad
01843b6b2b Update incrementals 2020-03-02 19:33:43 -05:00
Tad
637bb171c8 Switch to partial 4096 signing keys by default
Update engine <10 doesn't support 4096-bit keys
Make releasekey 2048-bits
Verity has also been 2048-bits
The rest are 4096-bits
2020-02-26 20:14:42 -05:00
Tad
50f44d1934 Small changes
- cheeseburger/dumpling: fix ogg vorbis playback, credit @LuK1337
- cheeseburger/dumpling: fix delta ota generation
- remove a few more blobs
- potentially bluetooth when ant is removed on newer devices
- support newer clamav
- commented support for extracting boot.img when recovery.img isn't available
-- fastboot.zip should be preferred
- potentially fix boot on many untested newer devices (diag on msm8996+)
- update cherry picks
2020-02-24 18:53:27 -05:00
Tad
4292bcaa3e recovery: fix sideload with larger files
+ 16.0: add a disabled patch to remove backuptool
+ processRelease: add support for copying recovery image to archive
2020-02-23 16:06:47 -05:00
Tad
fe54dd26a6 Fix many device issues
- Fix mata
- Fix cheeseburger
- Enable near-entire IMS stack (proprietary)
- Fix many other new devices
2020-02-22 13:29:01 -05:00
Tad
4e25046418 Many changes
- Add OnePlus 2, 3/T, 5/T
- Fix flounder
- Cherrypicks
2020-02-17 22:21:47 -05:00
Tad
cc28df15f7 Cherry picks + fix 5 failing devices 2020-02-09 13:52:25 -05:00
Tad
2734a075c6 Update CVE patchers 2020-02-03 21:36:49 -05:00
Tad
332807d427 Update CVE patchers 2020-02-02 12:09:49 -05:00
Tad
d87457630a Update cherrypicks 2020-01-26 21:17:33 -05:00
Tad
84ac696e16 Small updates 2020-01-08 21:22:35 -05:00
Tad
d3f28918e5 Update CVE patchers 2020-01-06 18:25:36 -05:00
Tad
d8c2a56124 Update CVE patchers 2019-12-11 20:21:14 -05:00
Tad
4610cd9bde Update CVE patchers
CVE-2019-19252 was dropped
dependent on d21b0be246
2019-12-03 06:12:46 -05:00
Tad
7ef8a2726d Minor tweaks 2019-11-28 12:03:40 -05:00
Tad
a8cc390c3d 14.1: cherrypicks 2019-11-24 20:14:23 -05:00
Tad
f90b62982b Update CVE patchers 2019-11-24 20:13:55 -05:00
Tad
038ae37376 Minor tweaks 2019-11-24 16:22:58 -05:00
Tad
baabd45a16 Minor tweaks + ASB cherrypicks 2019-11-10 02:34:40 -05:00
Tad
d64534a7c1 Update CVE patchers 2019-11-04 21:04:49 -05:00
Tad
1a7897211a 16.0: add Amber 2019-10-29 17:37:43 -04:00
Tad
791087fefa minor tweaks 2019-10-27 16:20:27 -04:00
Tad
a8af0c3d0d hardenDefconfig: more options from Alexander Popov's checker 2019-10-20 01:53:59 -04:00
Tad
640ef60b83 Move many old cherry picks in tree for archival/support purposes 2019-10-19 22:03:59 -04:00
Tad
204285d7c8 kernel command line: enable hardening options 2019-10-18 22:14:28 -04:00
Tad
e13c6c7c9c processRelease features
- support removing device out after complete
- support malware scan before sign
- Update cherry picks
2019-10-15 12:23:46 -04:00
Tad
bffcd06644 16.0: add zenfone3 2019-10-11 15:16:09 -04:00
Tad
159e5ea194 Minor tweaks
- Update cherry picks
- Update copyright year
- bacon: fix delta generation
2019-10-11 13:24:38 -04:00
Tad
579f340c3c Update CVE patchers 2019-10-04 14:43:19 -04:00
Tad
f20ddfc0f6 Minor tweaks 2019-10-04 10:39:27 -04:00
Tad
79ec8a4999 clark: experimental 16.0 2019-09-28 17:37:18 -04:00
Tad
a0e8f9653c Future proofing keys 2019-09-25 21:04:24 -04:00
Tad
ca734124f9 Generate factory image if needed by device 2019-09-23 12:45:00 -04:00
Tad
f55cdef5b0 Minor tweaks 2019-09-21 15:42:26 -04:00
Tad
ae87cffe34 14.1: add v1awifi 2019-09-18 18:04:22 -04:00
Tad
4a1ebe1b71 Scripts: localize variables in functions 2019-09-17 04:14:35 -04:00
Tad
e01e457b24 Per-device signing keys
- also fix OTA/recovery key regression
- Update cherrypicks
2019-09-15 22:18:04 -04:00
Tad
19d5b66097 Many changes
- ASB chery picks
- 16.0: recovery: fix sideload
- Restore releasetools for some devices
- Only include Backup where supported
- Change some small defaults
- z00t: 14.1 -> 15.1
- himaul: 14.1 -> 15.1
- i9100: 14.1 -> 15.1+16.0
- flo: 15.1 -> 16.0, disabled
- flounder: 15.1 disabled, enable 14.1
2019-09-13 20:24:02 -04:00
Tad
09b38c1f04 marlin/sailfish: fix MediaProvider using 100% CPU
- by disabling mtp over functionfs
- affects both GrapheneOS and LineageOS
- might need to be applied to other devices

[pid  2482] ppoll([{fd=42, events=POLLIN}, {fd=51, events=POLLIN}], 2, {tv_sec=0, tv_nsec=0}, NULL, 0) = 0 (Timeout)
lrwx------ 1 u0_a13 u0_a13 64 2019-09-05 18:47 42 -> /dev/usb-ffs/mtp/ep0
lrwx------ 1 u0_a13 u0_a13 64 2019-09-05 18:47 51 -> anon_inode:[eventfd]

https://forum.xda-developers.com/android/help/pixel2-help-diagnose-android-process-t3863274
https://bugs.chromium.org/p/chromium/issues/detail?id=947901
2019-09-06 09:38:01 -04:00
Tad
1a7291aa36 Minor changes
- Cherry picks
- New default wallpaper, credit: Pawel Czerwinski, UmzGrVna1P0
2019-09-05 04:23:28 -04:00
Tad
9ce8cdb9b6 Add Steve Soltys' Backup app 2019-09-04 06:40:05 -04:00
Tad
ec48a4c89c Update CVE patchers 2019-09-04 01:31:12 -04:00
Tad
db572efa89 Many changes
- processRelease: Support AVB
- sort device build order by SoC

Additions:
- taimen/muskie: 15.1, 16.0
- crosshatch/blueline: 16.0
- bonito/sargo: 16.0
2019-09-03 16:50:50 -04:00
Tad
1bd0e47099 victara: 15.1 -> 16.0
- other fixes
2019-08-30 22:42:10 -04:00
Tad
330df0983c 16.0: Add GrapheneOS' exec-based spawning feature + misc tweaks
- patch credit updates
- 16.0: allow SystemUI to directly manage Bluetooth/WiFi
 - from GrapheneOS
- cleanup
2019-08-30 02:30:13 -04:00
Tad
e10a865b05 Improve release processing to support deltas and archiving 2019-08-29 19:09:31 -04:00
Tad
057bedb65b Minor tweaks
- 14.1+15.1+16.0: enable kernel protections for files
 - protected_*: hardlinks, symlinks, fifos, regular
 - from GrapheneOS
- defconfig: enable more verity options
- cleanup
2019-08-28 20:24:59 -04:00
Tad
db348ab09c Minor tweaks
- 15.1+16.0: Replace in-line build signing patch with bash function
 - From GrapheneOS/script
- 15.1+16.0: Enable fingerprint failed lockout after 5 attempts
 - From GrapheneOS
2019-08-28 00:40:27 -04:00
Tad
68cdef8733 Minor tweaks 2019-08-26 20:50:28 -04:00
Tad
eccf9c6f6d Many new devices
- hammerhead: 15.1 -> 16.0

- axon7: 14.1, 15.1
- cheryl: 16.0
- crackling: 14.1, 15.1, 16.0
- ham: 14.1, 15.1, 16.0
- kipper: 14.1, 15.1, 16.0
- z2_plus: 16.0
2019-08-23 17:27:53 -04:00
Tad
e9b5c06188 Lots of device updates
- d802: 15.1 -> 16.0
- d852: 15.1 -> 16.0
- d855: 15.1 -> 16.0
- fugu: 15.1 -> 16.0
- jfltexx: 14.1 -> 16.0
- m8: 15.1 -> 16.0
- mata: 15.1 -> 16.0
- update cherrypicks
- defconfig: enable MMC_SECDISCARD
2019-08-23 11:47:43 -04:00
Tad
3a080bbcd7 Minor tweaks 2019-08-13 01:56:01 -04:00
Tad
89de66bdba Many small changes
- Cherrypicks for ASB patches
- Apps: Switch gallery to Simple Gallery
- Apps: Switch camera to OpenCamera
- PKGBUILD: update with image optimization dependencies
- Deblobber: fix bug introducted in 6d33e4ecbf
2019-08-08 14:22:24 -04:00
Tad
6d33e4ecbf Parallize many functions invoked by find 2019-08-05 21:09:35 -04:00
Tad
3f8e9a846b Complete tree image optimization
- recursively optimize images using optipng/jpegoptim
benefits:
+ reduces image size
+ decreases load time
+ reduces memory usage
2019-08-05 20:34:08 -04:00
Tad
aee6b66dd8 Update CVE patchers 2019-08-05 16:03:41 -04:00
Tad
bad890614e Update CVE patchers 2019-07-21 09:47:10 -04:00
Tad
34d1bbe155 Minor updates 2019-07-21 07:36:02 -04:00
Tad
6458d6785f Enable IPv6 privacy extensions 2019-07-05 16:47:59 -04:00
Tad
4fe74583a9 Minor tweaks 2019-07-03 10:42:24 -04:00