Tad
ec42acceb6
Various fixes from GrapheneOS
...
Signed-off-by: Tad <tad@spotco.us>
2022-09-13 10:24:26 -04:00
Tad
86ed884251
More verification
...
Signed-off-by: Tad <tad@spotco.us>
2022-08-26 23:14:15 -04:00
Tad
3618774d9f
GPG verification for all platform repositories
...
Signed-off-by: Tad <tad@spotco.us>
2022-08-26 22:40:27 -04:00
Tad
4bfedbc42d
Fixup and enable GPG verification
...
Signed-off-by: Tad <tad@spotco.us>
2022-08-24 15:52:55 -04:00
Tad
4248904637
Update AOSP CVE list to August 2022
...
Signed-off-by: Tad <tad@spotco.us>
2022-08-04 09:57:00 -04:00
Tad
f07f288e3a
Add a toggle for Monet themeing, credit GrapheneOS
...
Signed-off-by: Tad <tad@spotco.us>
2022-07-06 21:13:40 -04:00
Tad
2c27a88a24
Update CVE patchers
...
Signed-off-by: Tad <tad@spotco.us>
2022-07-06 19:22:21 -04:00
Tad
899ea17d4e
Add the missing page sanitization to 3.18 kernels
...
All along they only had slub sanization :(
Signed-off-by: Tad <tad@spotco.us>
2022-06-04 12:00:01 -04:00
Tad
92c66447f8
Drop slub_debug
...
What is lost?
- sanity checks and redzoning on all devices
- redzoning reportedly however causes issues on some devices such as the Pixel 3/4 and OnePlus 7
- slub sanization on 3.0, 3.4, 4.4 (except google/wahoo), xiaomi/sm6150, and oneplus/sm7250
Note: all 3.4+ devices still have page sanization
Signed-off-by: Tad <tad@spotco.us>
2022-06-03 13:58:17 -04:00
Tad
4a15b0e70e
Move benchmarks to website repo
...
Signed-off-by: Tad <tad@spotco.us>
2022-05-08 00:26:46 -04:00
Tad
83fffd3c64
More benchmarks
...
Signed-off-by: Tad <tad@spotco.us>
2022-05-07 21:59:30 -04:00
Tad
df398fd6f5
Various
...
Signed-off-by: Tad <tad@spotco.us>
2022-05-07 20:22:49 -04:00
Tad
b2eb3c01b4
Update CVE patchers
...
Newly added CVE-2022-20009 is dupe with CVE-2022-25258 and CVE-2022-25375
Signed-off-by: Tad <tad@spotco.us>
2022-05-03 23:33:17 -04:00
Tad
20a95aedcd
Update AOSP CVE list to May 2022
...
Includes 2021/12 - 2022/05
Signed-off-by: Tad <tad@spotco.us>
2022-05-03 22:12:09 -04:00
Tad
d50a3a043b
Switch 16.0/17.1/18.1 to the more robust GrapheneOS sensors permission patchset
...
Like done for 19.1
Signed-off-by: Tad <tad@spotco.us>
2022-04-10 21:12:03 -04:00
Tad
d1e441e4cb
19.1: More work
...
- Adds hosts cache and wildcard support back
- Fixes broken hardened malloc enablement patch
- Drops FDroidPrivExt, non-functional
- Disables captive portal toggle patch, crashes Settings, needs rework
- Rebranding work
- Attempts to fix no boot animation
Signed-off-by: Tad <tad@spotco.us>
2022-04-06 02:32:33 -04:00
Tad
3a0659b9d8
19.1: more work, it compiles and boots!
...
- Add the manifest
- Add Pixel 2 series
- Add some missing patches
- More DNS files
- Drop Silence in 19.1
Signed-off-by: Tad <tad@spotco.us>
2022-04-05 23:44:15 -04:00
Tad
7d9da91f38
Sync APN and VVM configs from 19.1
...
https://github.com/LineageOS/android_vendor_lineage/raw/lineage-19.1/prebuilt/common/etc/apns-conf.xml
https://raw.githubusercontent.com/LineageOS/android_vendor_lineage/lineage-19.1/overlay/common/packages/apps/Dialer/java/com/android/voicemail/impl/res/xml/vvm_config.xml
Signed-off-by: Tad <tad@spotco.us>
2022-03-29 22:58:20 -04:00
Tad
c34b9ef896
Add the source list of ported/pending GrapheneOS patchsets
...
Signed-off-by: Tad <tad@spotco.us>
2022-03-29 22:29:55 -04:00
Tad
1603092c50
Not all kernels have (working) getrandom support
...
hammerhead 16.0 was reported not booting
and shamu 18.1 was reported to take ~15+ minutes to boot
hammerhead does not have getrandom so it failed immediately
shamu does have getrandom BUT it blocks during init
meaning it'll wait until the entropy pool slowly fills
In tested I did not discovery this
I tested on flox/mako/d852/klte/clark/sailfish/mata/cheeseburger/fajita
All the newer ones have working getrandom
All the older ones included a patch to make getrandom non blocking on init
Signed-off-by: Tad <tad@spotco.us>
2022-03-17 13:21:52 -04:00
Tad
015799737e
Update CVE patchers
...
Signed-off-by: Tad <tad@spotco.us>
2022-03-09 17:16:47 -05:00
Tad
54dbcd9e43
Update CVE patchers
...
Signed-off-by: Tad <tad@spotco.us>
2022-03-07 19:12:10 -05:00
Tad
ee0bd8625f
Update CVE patchers
...
Signed-off-by: Tad <tad@spotco.us>
2022-02-07 14:43:05 -05:00
Tad
6329922104
Disable the Hamper Analytics patches
...
Rely on the HOSTS to do any blocking.
With the last update this causes app crashes, due to boolean/string mismatch.
Need to figure out exactly how string in manifest can become a boolean when wanted.
Signed-off-by: Tad <tad@spotco.us>
2022-01-23 16:55:24 -05:00
Tad
b05823bb20
Update CVE patchers
...
Signed-off-by: Tad <tad@spotco.us>
2022-01-04 21:00:25 -05:00
Tad
8b3beeb9fd
More analytics disablement
...
Signed-off-by: Tad <tad@spotco.us>
2021-12-27 23:24:03 -05:00
Tad
ee1f466211
Fixup
...
Signed-off-by: Tad <tad@spotco.us>
2021-12-27 18:16:42 -05:00
Tad
2c1d8d5e78
Hamper analytics improvements
...
Signed-off-by: Tad <tad@spotco.us>
2021-12-27 17:35:53 -05:00
Tad
f31972f8c8
Update AOSP CVE list to December 2021
...
Signed-off-by: Tad <tad@spotco.us>
2021-12-11 13:14:15 -05:00
Tad
202f70b980
Final import of loose versioning work
...
Untested, but likely works.
Signed-off-by: Tad <tad@spotco.us>
2021-12-02 02:47:27 -05:00
Tad
7448c700ba
Update AOSP CVE list to November 2021 patches
...
Qualcomm's anti-scraping/bot protection is still there...
saved pages via Firefox instead
Signed-off-by: Tad <tad@spotco.us>
2021-12-02 02:34:08 -05:00
Tad
bc77ca416c
Verity fixups
...
Not sure how I missed all of these?
Signed-off-by: Tad <tad@spotco.us>
2021-11-01 20:55:22 -04:00
Tad
a9f44dee41
Fix hamper analytics patches
...
These must all be strings.
Sadly meant this likely hasn't worked for years.
:\
Signed-off-by: Tad <tad@spotco.us>
2021-09-13 15:27:29 -04:00
Tad
79227ba97a
Update AOSP CVE list to September 2021 patches
...
Signed-off-by: Tad <tad@spotco.us>
2021-09-11 15:26:26 -04:00
Tad
bdccb5fb39
Hamper ad_personalization_signals
...
Signed-off-by: Tad <tad@spotco.us>
2021-08-27 13:46:11 -04:00
Tad
27d55efdff
Hamper ssaid collection
...
Signed-off-by: Tad <tad@spotco.us>
2021-08-27 13:41:57 -04:00
Tad
4fae8d0445
Update CVE patchers
...
Signed-off-by: Tad <tad@spotco.us>
2021-08-03 12:37:28 -04:00
Tad
70fc6d9acc
Update AOSP CVE list to July 2021 patches
...
QC June/July is not included due to 403
2021-07-12 05:32:37 -04:00
Tad
32856be2d8
Update AOSP CVE list to May 2021 patches
2021-06-01 06:31:29 -04:00
Tad
2cf0b314d8
Various changes
...
- Cherrypick May ASB topics
- 18.1: bump enchilada, fajita, and guacamole
2021-05-06 14:37:52 -04:00
Tad
3c34d5f4d5
Update AOSP CVE list to April 2021 patches
2021-05-03 10:27:54 -04:00
Tad
5f0ae93a0b
Drop the umn patch list
...
Most seem OK
2021-04-25 11:25:32 -04:00
Tad
4c2fcfd883
Removed confirmed OK patches from the potentially bad list [1/n]
2021-04-21 22:20:27 -04:00
Tad
3770bf469d
Add a list of potentially bad commits from umn.edu addresses
2021-04-21 21:40:40 -04:00
Tad
f48738f944
Update CVE patchers
2021-04-06 20:55:55 -04:00
Tad
f02363ecb4
March 2021 Security Updates
2021-03-04 13:02:10 -05:00
Tad
359403efe1
Update AOSP CVE list to February 2021 patches
2021-02-03 11:53:52 -05:00
Tad
31d0b901ae
Update cherrypicks
2021-02-03 09:45:26 -05:00
Tad
2b15897297
Update AOSP CVE list to January 2021 patches
2021-01-09 10:41:59 -05:00
Tad
bd4cb22db1
ASB cherry picks
2021-01-05 12:22:42 -05:00