Commit Graph

134 Commits

Author SHA1 Message Date
Tad
899ea17d4e Add the missing page sanitization to 3.18 kernels
All along they only had slub sanization :(

Signed-off-by: Tad <tad@spotco.us>
2022-06-04 12:00:01 -04:00
Tad
92c66447f8 Drop slub_debug
What is lost?
- sanity checks and redzoning on all devices
  - redzoning reportedly however causes issues on some devices such as the Pixel 3/4 and OnePlus 7
- slub sanization on 3.0, 3.4, 4.4 (except google/wahoo), xiaomi/sm6150, and oneplus/sm7250

Note: all 3.4+ devices still have page sanization

Signed-off-by: Tad <tad@spotco.us>
2022-06-03 13:58:17 -04:00
Tad
4a15b0e70e Move benchmarks to website repo
Signed-off-by: Tad <tad@spotco.us>
2022-05-08 00:26:46 -04:00
Tad
83fffd3c64 More benchmarks
Signed-off-by: Tad <tad@spotco.us>
2022-05-07 21:59:30 -04:00
Tad
df398fd6f5 Various
Signed-off-by: Tad <tad@spotco.us>
2022-05-07 20:22:49 -04:00
Tad
b2eb3c01b4 Update CVE patchers
Newly added CVE-2022-20009 is dupe with CVE-2022-25258 and CVE-2022-25375

Signed-off-by: Tad <tad@spotco.us>
2022-05-03 23:33:17 -04:00
Tad
20a95aedcd Update AOSP CVE list to May 2022
Includes 2021/12 - 2022/05

Signed-off-by: Tad <tad@spotco.us>
2022-05-03 22:12:09 -04:00
Tad
d50a3a043b Switch 16.0/17.1/18.1 to the more robust GrapheneOS sensors permission patchset
Like done for 19.1

Signed-off-by: Tad <tad@spotco.us>
2022-04-10 21:12:03 -04:00
Tad
d1e441e4cb 19.1: More work
- Adds hosts cache and wildcard support back
- Fixes broken hardened malloc enablement patch
- Drops FDroidPrivExt, non-functional
- Disables captive portal toggle patch, crashes Settings, needs rework
- Rebranding work
- Attempts to fix no boot animation

Signed-off-by: Tad <tad@spotco.us>
2022-04-06 02:32:33 -04:00
Tad
3a0659b9d8 19.1: more work, it compiles and boots!
- Add the manifest
- Add Pixel 2 series
- Add some missing patches
- More DNS files
- Drop Silence in 19.1

Signed-off-by: Tad <tad@spotco.us>
2022-04-05 23:44:15 -04:00
Tad
7d9da91f38 Sync APN and VVM configs from 19.1
https://github.com/LineageOS/android_vendor_lineage/raw/lineage-19.1/prebuilt/common/etc/apns-conf.xml
https://raw.githubusercontent.com/LineageOS/android_vendor_lineage/lineage-19.1/overlay/common/packages/apps/Dialer/java/com/android/voicemail/impl/res/xml/vvm_config.xml

Signed-off-by: Tad <tad@spotco.us>
2022-03-29 22:58:20 -04:00
Tad
c34b9ef896 Add the source list of ported/pending GrapheneOS patchsets
Signed-off-by: Tad <tad@spotco.us>
2022-03-29 22:29:55 -04:00
Tad
1603092c50 Not all kernels have (working) getrandom support
hammerhead 16.0 was reported not booting
and shamu 18.1 was reported to take ~15+ minutes to boot

hammerhead does not have getrandom so it failed immediately

shamu does have getrandom BUT it blocks during init
meaning it'll wait until the entropy pool slowly fills

In tested I did not discovery this
I tested on flox/mako/d852/klte/clark/sailfish/mata/cheeseburger/fajita
All the newer ones have working getrandom
All the older ones included a patch to make getrandom non blocking on init

Signed-off-by: Tad <tad@spotco.us>
2022-03-17 13:21:52 -04:00
Tad
015799737e Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2022-03-09 17:16:47 -05:00
Tad
54dbcd9e43 Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2022-03-07 19:12:10 -05:00
Tad
ee0bd8625f Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2022-02-07 14:43:05 -05:00
Tad
6329922104 Disable the Hamper Analytics patches
Rely on the HOSTS to do any blocking.
With the last update this causes app crashes, due to boolean/string mismatch.
Need to figure out exactly how string in manifest can become a boolean when wanted.

Signed-off-by: Tad <tad@spotco.us>
2022-01-23 16:55:24 -05:00
Tad
b05823bb20 Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2022-01-04 21:00:25 -05:00
Tad
8b3beeb9fd More analytics disablement
Signed-off-by: Tad <tad@spotco.us>
2021-12-27 23:24:03 -05:00
Tad
ee1f466211 Fixup
Signed-off-by: Tad <tad@spotco.us>
2021-12-27 18:16:42 -05:00
Tad
2c1d8d5e78 Hamper analytics improvements
Signed-off-by: Tad <tad@spotco.us>
2021-12-27 17:35:53 -05:00
Tad
f31972f8c8 Update AOSP CVE list to December 2021
Signed-off-by: Tad <tad@spotco.us>
2021-12-11 13:14:15 -05:00
Tad
202f70b980 Final import of loose versioning work
Untested, but likely works.

Signed-off-by: Tad <tad@spotco.us>
2021-12-02 02:47:27 -05:00
Tad
7448c700ba Update AOSP CVE list to November 2021 patches
Qualcomm's anti-scraping/bot protection is still there...
saved pages via Firefox instead

Signed-off-by: Tad <tad@spotco.us>
2021-12-02 02:34:08 -05:00
Tad
bc77ca416c Verity fixups
Not sure how I missed all of these?

Signed-off-by: Tad <tad@spotco.us>
2021-11-01 20:55:22 -04:00
Tad
a9f44dee41 Fix hamper analytics patches
These must all be strings.
Sadly meant this likely hasn't worked for years.
:\

Signed-off-by: Tad <tad@spotco.us>
2021-09-13 15:27:29 -04:00
Tad
79227ba97a Update AOSP CVE list to September 2021 patches
Signed-off-by: Tad <tad@spotco.us>
2021-09-11 15:26:26 -04:00
Tad
bdccb5fb39 Hamper ad_personalization_signals
Signed-off-by: Tad <tad@spotco.us>
2021-08-27 13:46:11 -04:00
Tad
27d55efdff Hamper ssaid collection
Signed-off-by: Tad <tad@spotco.us>
2021-08-27 13:41:57 -04:00
Tad
4fae8d0445 Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2021-08-03 12:37:28 -04:00
Tad
70fc6d9acc Update AOSP CVE list to July 2021 patches
QC June/July is not included due to 403
2021-07-12 05:32:37 -04:00
Tad
32856be2d8 Update AOSP CVE list to May 2021 patches 2021-06-01 06:31:29 -04:00
Tad
2cf0b314d8 Various changes
- Cherrypick May ASB topics
- 18.1: bump enchilada, fajita, and guacamole
2021-05-06 14:37:52 -04:00
Tad
3c34d5f4d5 Update AOSP CVE list to April 2021 patches 2021-05-03 10:27:54 -04:00
Tad
5f0ae93a0b Drop the umn patch list
Most seem OK
2021-04-25 11:25:32 -04:00
Tad
4c2fcfd883 Removed confirmed OK patches from the potentially bad list [1/n] 2021-04-21 22:20:27 -04:00
Tad
3770bf469d Add a list of potentially bad commits from umn.edu addresses 2021-04-21 21:40:40 -04:00
Tad
f48738f944 Update CVE patchers 2021-04-06 20:55:55 -04:00
Tad
f02363ecb4 March 2021 Security Updates 2021-03-04 13:02:10 -05:00
Tad
359403efe1 Update AOSP CVE list to February 2021 patches 2021-02-03 11:53:52 -05:00
Tad
31d0b901ae Update cherrypicks 2021-02-03 09:45:26 -05:00
Tad
2b15897297 Update AOSP CVE list to January 2021 patches 2021-01-09 10:41:59 -05:00
Tad
bd4cb22db1 ASB cherry picks 2021-01-05 12:22:42 -05:00
Tad
7e47d62835 Update AOSP CVE list to December patches 2/2 2020-12-18 21:19:19 -05:00
Tad
97a7b0e33f Update AOSP CVE list to December patches 1/2 2020-12-10 12:33:57 -05:00
Tad
3ec13d6bc8 Update CVE patchers 2020-12-08 10:24:24 -05:00
Tad
5d5be8dee8 Update AOSP CVE list to November patches 2020-11-07 17:26:31 -05:00
Tad
6d15a2bb82 Update CVE patchers 2020-10-15 22:36:28 -04:00
Tad
6c9c91941e Fix errors from compile test of all 14.1 kernels 2020-10-14 14:23:22 -04:00
Tad
83c0570e59 Update AOSP CVE list to October patches 2020-10-07 01:59:48 -04:00