Git-Mirrors/DivestOS
1
0
Fork 0
mirror of https://github.com/Divested-Mobile/DivestOS-Build.git synced 2024-06-28 15:42:31 +00:00
Code Issues Packages Projects Releases Wiki Activity
2,213 Commits 1 Branch 0 Tags 89 MiB
44358b5ba2
Commit Graph

144 Commits

Author SHA1 Message Date
Tad
d8d8e457a1 Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-08-21 10:44:12 -04:00
Tad
a78f9217c6 Fixes 
Signed-off-by: Tad <tad@spotco.us>
 2022-08-14 19:56:28 -04:00
Tad
8b67d5c41e Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-08-10 22:02:37 -04:00
Tad
12c56938cb Improve CVE-2021-1048 patching on 3.x kernels 
It is still actively being used by malware.

This largely handles 3.0, 3.4, and 3.10 kernels.
It works for select 3.18 kernels too.

TODO: need alternate get_file_rcu backport for the following:
15.1/lge_msm8996
15.1/zte_msm8996
16.0/xiaomi_msm8937
17.1/motorola_msm8996
18.1/google_marlin
18.1/lge_msm8996
18.1/oneplus_msm8996

Signed-off-by: Tad <tad@spotco.us>
 2022-08-09 21:39:25 -04:00
Tad
2b299c1aff Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-07-21 21:28:26 -04:00
Tad
d3632c25ce Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-07-07 21:47:59 -04:00
Tad
2c27a88a24 Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-07-06 19:22:21 -04:00
Tad
ac645dd62e Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-06-28 11:32:05 -04:00
Tad
6d95c231bc Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-05-31 21:29:22 -04:00
Tad
735c9e0de8 Revert 5d57bf13 
I don't trust enabling MODULES won't cause weird inane breakage on these legacy devices

Signed-off-by: Tad <tad@spotco.us>
 2022-05-27 23:46:57 -04:00
Tad
28724c4a6e Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-05-25 22:52:22 -04:00
Tad
2c4caa30a1 Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-05-24 00:36:49 -04:00
Tad
e8bc36af04 Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-05-20 17:16:29 -04:00
Tad
b2eb3c01b4 Update CVE patchers 
Newly added CVE-2022-20009 is dupe with CVE-2022-25258 and CVE-2022-25375

Signed-off-by: Tad <tad@spotco.us>
 2022-05-03 23:33:17 -04:00
Tad
e666a4a891 Update CVE patchers 
TODO: maybe split CVE-2022-23960/4.9 to get back?

Signed-off-by: Tad <tad@spotco.us>
 2022-04-19 14:38:44 -04:00
Tad
30de608a61 Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-12 02:51:44 -04:00
Tad
01900ca1c6 Reverts 
WebView overlay is breaking boot on 15.1???

This reverts commit e61e288b4a.
 2022-04-01 17:07:27 -04:00
Tad
3f9b346345 Fix boot breakage 
On devices with quota enabled and impacted by this patch

Signed-off-by: Tad <tad@spotco.us>
 2022-04-01 10:30:30 -04:00
Tad
19b03c9ff4 Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-03-28 17:43:48 -04:00
Tad
015799737e Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-03-09 17:16:47 -05:00
Tad
902239e2b5 Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-03-08 23:20:43 -05:00
Tad
54dbcd9e43 Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-03-07 19:12:10 -05:00
Tad
ac1e89f0c8 Update CVE patchers [the big fixup] 
This removes many duplicately or wrongly applied patches.

Correctly removed:
- CVE-2011-4132 can apply infinitely
- CVE-2013-2891 can apply infinitely
- CVE-2014-9781 can apply once to fb_cmap_to_user correctly and incorrectly to fb_copy_cmap
- CVE-2015-0571 can apply incorrectly and was disabled in patch repo as a result
- CVE-2016-2475 can apply infinitely
- CVE-2017-0627 can apply infinitely
- CVE-2017-0750 can apply infinitely
- CVE-2017-14875 can apply infinitely
- CVE-2017-14883 can apply infinitely
- CVE-2020-11146 can apply infinitely
- CVE-2020-11608 can apply infinitely
- CVE-2021-42008 can apply infinitely

Questionable (might actually be beneficial to "incorrectly" apply again):
- CVE-2012-6544 can apply once to hci_sock_getsockopt correctly and incorrectly to hci_sock_setsockopt
- CVE-2013-2898 can apply once to sensor_hub_get_feature correctly and incorrectly to sensor_hub_set_feature
- CVE-2015-8575 can apply once to sco_sock_bind correctly and incorrectly to sco_sock_connect
- CVE-2017-8281 can apply once to diagchar_ioctl correctly and incorrectly to diagchar_compat_ioctl
- CVE-2019-10622 can apply once	to qdsp_cvp_callback correctly and incorrectly to qdsp_cvs_callback
- CVE-2019-14104 can apply once to cam_context_handle_start/stop_dev and incorrectly to cam_context_handle_crm_process_evt and cam_context_handle_flush_dev

Other notes:
- CVE-2016-6693 can be applied again if it was already applied in combination with CVE-2016-6696
  then the dupe check will fail and mark CVE-2016-6696 as already applied, effectively reverting it.
  This was seemingly fixed with a hand merged patch in patch repo.

Wrongly removed:
- CVE-2013-2147 is meant for cciss_ioctl32_passthru but is detected in cciss_ioctl32_big_passthru
- CVE-2015-8746 is meant for nfs_v4_2_minor_ops but is detected in nfs_v4_1_minor_ops
- CVE-2021-Misc2/ANY/0043.patch is meant for WLANTL_RxCachedFrames but is detected in WLANTL_RxFrames

Signed-off-by: Tad <tad@spotco.us>
 2022-03-04 00:42:28 -05:00
Tad
6ec0c63126 Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-01-13 11:08:22 -05:00
Tad
ce6ee9d8e4 Update CVE patchers 
CVE-2021-0961 should be fine now

Signed-off-by: Tad <tad@spotco.us>
 2022-01-11 05:41:26 -05:00
Tad
e08349a202 Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2021-12-29 11:51:58 -05:00
Tad
8cf90d055e Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2021-12-11 01:12:41 -05:00
Tad
359ce4608f Small updates 
Signed-off-by: Tad <tad@spotco.us>
 2021-12-07 20:57:54 -05:00
Tad
ed1c151ce5 Update CVE patchers 
CVE-2021-0961/ANY/0001.patch likely causes breakage

Signed-off-by: Tad <tad@spotco.us>
 2021-12-06 17:43:34 -05:00
Tad
c5c3998593 Guess what? f̵͖̲̙̝̩̌̌̌̑͆̔͐̏͋̓̅̔̒̈́͠i̴͍̗̦͕̅̓̿͋̓̑̽͌͐͊͘͠͠s̵̡̬͙͚̃͑̓̊̌́̾́͠ḥ̴̬͓͚̹̱̰͕͚͈̞̳͒̊ ̵̢̟̞̖͈͖͕̥̙̤͉̮̍́̅̀̾b̵̛̹̝̙̖̱̲͉͚̝̪̲̓̿͛̔̆͋̎́͐̃͆̀̕͝u̸̞̺͓͎̰̦̯̘̺̬͔̬͆͛̋̍̂͒̓͛̐̈́̋̚͝ṫ̵̠t̶̻̳̜̪̗͖͛̂̒̃̑̏͝ 
Tested on 14.1 and 15.1 targets

Signed-off-by: Tad <tad@spotco.us>
 2021-11-29 21:14:00 -05:00
Tad
67b5a166fc 16.0: extreme loose versioning work 
Signed-off-by: Tad <tad@spotco.us>
 2021-11-27 22:44:29 -05:00
Tad
0e539e6f92 16.0: loose versioning work 
Signed-off-by: Tad <tad@spotco.us>
 2021-11-26 22:53:46 -05:00
Tad
f7295a0f74 Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2021-11-02 23:50:35 -04:00
Tad
f3277f3c07 Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2021-11-02 12:01:36 -04:00
Tad
ec043e961e Update CVE patchers 
CVE-2021-20317 might need to be disabled due to QC timer breakage.

Signed-off-by: Tad <tad@spotco.us>
 2021-10-27 15:26:53 -04:00
Tad
5d7d710076 Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2021-10-20 15:01:18 -04:00
Tad
f5a58bd35f Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2021-09-23 20:56:00 -04:00
Tad
0ade46cc8e Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2021-09-07 16:57:15 -04:00
Tad
79132fddef Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2021-08-13 11:07:07 -04:00
Tad
9e548cabf5 Fixup 3d69ad87 
Tested to compile bacon, ether, and griffin kernels

Signed-off-by: Tad <tad@spotco.us>
 2021-08-03 18:46:38 -04:00
Tad
3d69ad873e \"\'FIXES\'\" PART 2 
There will likely be some breakage here.
Many of these patches have been here since the start and never used.

Signed-off-by: Tad <tad@spotco.us>
 2021-08-03 15:14:02 -04:00
Tad
b61264e3b9 Update CVE patchers 2021-07-27 00:17:14 -04:00
Tad
ca51db0be0 Update CVE patchers 2021-07-21 22:48:29 -04:00
Tad
a43601e77b Update CVE patchers 
I expect breakage.
 2021-07-10 11:39:14 -04:00
Tad
12283124b5 Fixup last commit 2021-07-04 17:05:27 -04:00
Tad
f6357512a7 Update CVE patchers 2021-07-04 14:41:44 -04:00
Tad
48f35901c2 Update CVE patchers 2021-06-16 23:17:37 -04:00
Tad
4b044379ec Update CVE patchers 2021-06-11 11:00:54 -04:00
Tad
d9c49b56c3 Update CVE patchers 2021-06-07 22:30:33 -04:00
Tad
a423f977ff Update CVE patchers 2021-04-12 20:53:35 -04:00
Tad
8e496341b5 Small tweaks + ASB cherrypicks 2021-04-08 05:40:22 -04:00
Tad
d8712ad62a Update CVE patchers 2021-03-24 16:31:25 -04:00
Tad
ef0ee2c316 Update CVE patchers 2021-03-14 21:59:19 -04:00
Tad
f1e2e43642 Update CVE patchers 2021-02-07 19:41:46 -05:00
Tad
6a1fb99cc9 Unbreak last commit 
This should be most of it

also
- properly update webview, repopick doesn't seem to handle the branch
- always cd back to base, to prevent script breakage
 2021-01-25 13:31:57 -05:00
Tad
08142c2c9d Update CVE patchers 
I expect breakage.
 2021-01-24 00:30:24 -05:00
Tad
ff96315fb4 Update CVE patchers 2020-12-30 11:08:19 -05:00
Tad
9c691d02ab Update CVE patchers 2020-12-03 22:43:23 -05:00
Tad
69c8bdfb22 Update CVE patchers 2020-11-26 09:03:45 -05:00
Tad
445582fe2a Update CVE patchers 2020-11-19 17:15:55 -05:00
Tad
523264aebb Update CVE patchers 2020-11-12 23:46:38 -05:00
Tad
dc5b1d91f2 Update CVE patchers 2020-11-06 16:15:16 -05:00
Tad
6d15a2bb82 Update CVE patchers 2020-10-15 22:36:28 -04:00
Tad
688f4dd953 More CVE patcher fixes 2020-10-15 21:31:46 -04:00
Tad
d53a4f4e41 Update CVE patchers 
- Drop tcp_sack=0 sysctl, as most devices are now patched
 2020-10-12 18:38:07 -04:00
Tad
260140f0a1 Update CVE patchers 2020-10-10 11:56:35 -04:00
Tad
8bdad21040 Update CVE patchers 2020-10-06 23:36:29 -04:00
Tad
b56fabac3b Update CVE patchers 
I expect some breakage here
 2020-10-06 21:14:18 -04:00
Tad
bf9167f442 Update CVE patchers 2020-10-05 21:38:25 -04:00
Tad
92879ec2a4 Update CVE patchers 2020-09-23 06:31:34 -04:00
Tad
3bc1463017 Update CVE patchers 2020-09-18 10:36:01 -04:00
Tad
8c1e8ee3e3 Update CVE patchers 2020-09-17 15:35:48 -04:00
Tad
76fcd8a0d4 Update CVE patchers 2020-09-08 18:19:52 -04:00
Tad
37ff7ddc2d Update CVE patchers 2020-09-02 15:03:00 -04:00
Tad
ec17d20f58 Update CVE patchers 2020-08-22 11:03:23 -04:00
Tad
887ebb84c5 Update CVE patchers 
Includes many fixes for a69326f3
but probably breaks other things
 2020-08-09 07:29:19 -04:00
Tad
a69326f396 Update CVE patchers 
Untested. I expect some breakage.
 2020-08-08 13:06:39 -04:00
Tad
af54500797 Update CVE patchers 2020-08-03 18:15:27 -04:00
Tad
c715d549a7 Update CVE patchers 2020-07-07 01:57:39 -04:00
Tad
9bafe76906 Update CVE patchers 2020-06-27 02:29:14 -04:00
Tad
31d6ab5299 Update CVE patchers 2020-05-28 23:06:53 -04:00
Tad
25cc3c5a10 Update CVE patchers 2020-05-18 16:25:41 -04:00
Tad
e962fdeb81 Update CVE patchers 2020-05-04 17:18:50 -04:00
Tad
9fcb91793e Update CVE patchers 2020-04-26 13:24:43 -04:00
Tad
0c89accfb5 Update CVE patchers 2020-04-06 22:23:37 -04:00
Tad
01843b6b2b Update incrementals 2020-03-02 19:33:43 -05:00
Tad
2734a075c6 Update CVE patchers 2020-02-03 21:36:49 -05:00
Tad
332807d427 Update CVE patchers 2020-02-02 12:09:49 -05:00
Tad
d8c2a56124 Update CVE patchers 2019-12-11 20:21:14 -05:00
Tad
4610cd9bde Update CVE patchers 
CVE-2019-19252 was dropped
dependent on d21b0be246
 2019-12-03 06:12:46 -05:00
Tad
f90b62982b Update CVE patchers 2019-11-24 20:13:55 -05:00
Tad
579f340c3c Update CVE patchers 2019-10-04 14:43:19 -04:00
Tad
ec48a4c89c Update CVE patchers 2019-09-04 01:31:12 -04:00
Tad
eccf9c6f6d Many new devices 
- hammerhead: 15.1 -> 16.0

- axon7: 14.1, 15.1
- cheryl: 16.0
- crackling: 14.1, 15.1, 16.0
- ham: 14.1, 15.1, 16.0
- kipper: 14.1, 15.1, 16.0
- z2_plus: 16.0
 2019-08-23 17:27:53 -04:00