Commit Graph

873 Commits

Author SHA1 Message Date
Tavi
d2330cce15
Update CVE patchers
This probably breaks all of them

Signed-off-by: Tavi <tavi@divested.dev>
2024-05-26 18:29:36 -04:00
Tavi
07951955d3
21.0: more work
Signed-off-by: Tavi <tavi@divested.dev>
2024-05-20 18:13:59 -04:00
Tavi
afe1135384
Cleanup
- Removes unused files/patches
- Removes many guards, these likely don't work anyway due to patchsets having dependencies
- No functional change

Signed-off-by: Tavi <tavi@divested.dev>
2024-05-20 13:25:08 -04:00
Tavi
d98f33a337 21.0: Initial bringup
TODO:
- f/w/b
- settings

Signed-off-by: Tavi <tavi@divested.dev>
2024-05-20 11:53:38 -04:00
Tavi
dd9f51c8ee
Update CVE patchers
maybe some breakage

Signed-off-by: Tavi <tavi@divested.dev>
2024-05-19 12:35:44 -04:00
Tavi
67e962e0f6
20.0: Updater: Add server choices
Also fixes .onion support

TODO: Test and backport to previous branches

Signed-off-by: Tavi <tavi@divested.dev>
2024-05-18 13:00:15 -04:00
Tavi
79df8d06d0
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-05-14 15:34:02 -04:00
Tavi
c31e67b2f8
May ASB work
untested

Signed-off-by: Tavi <tavi@divested.dev>
2024-05-10 19:56:31 -04:00
Tavi
e195e38150
16.0: switch to latest hardened_malloc revision
kipper compiles

Signed-off-by: Tavi <tavi@divested.dev>
2024-05-10 19:26:53 -04:00
Tavi
ae523985ca
Correct ordering
Signed-off-by: Tavi <tavi@divested.dev>
2024-05-09 14:23:03 -04:00
Tavi
28d2113957
15.1: switch to latest hardened_malloc revision and enable it
verified working on bullhead via:
- top
- /proc/self/maps with -DLABEL_MEMORY
- Sanitizer Test App and logcat

Signed-off-by: Tavi <tavi@divested.dev>
2024-05-09 11:18:05 -04:00
Tavi
1fdedf21a5
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-05-08 14:09:13 -04:00
Tavi
321de1adbc
17.1: switch to latest hardened_malloc revision
+ dedupe the other hmalloc patches

Signed-off-by: Tavi <tavi@divested.dev>
2024-05-06 19:29:31 -04:00
Tavi
11b5815f14
18.1: switch to latest hardened_malloc revision
+ other fixes

Signed-off-by: Tavi <tavi@divested.dev>
2024-05-06 16:30:20 -04:00
Tavi
8ce5a0e671
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-05-05 12:01:44 -04:00
Tavi
5b05eb4100
Update CVE patchers
maybe breakage

Signed-off-by: Tavi <tavi@divested.dev>
2024-05-03 08:50:55 -04:00
Tavi
7a42c9eb17
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-04-30 16:50:36 -04:00
Tavi
94c0f5fa4d
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-04-27 11:56:40 -04:00
Tavi
44358b5ba2
Update CVE patchers
maybe some breakage

Signed-off-by: Tavi <tavi@divested.dev>
2024-04-22 09:22:16 -04:00
Tavi
5be2789897
2024
Signed-off-by: Tavi <tavi@divested.dev>
2024-04-22 07:52:49 -04:00
Tavi
a16b5a89c7
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-04-16 08:41:35 -04:00
Tavi
25da5b3f74
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-04-10 11:21:10 -04:00
Tavi
835fbb7d2c
Fixup
Signed-off-by: Tavi <tavi@divested.dev>
2024-04-08 15:12:49 -04:00
Tavi
9d6325e2a0
15.1: April ASB work
Signed-off-by: Tavi <tavi@divested.dev>
2024-04-08 13:36:38 -04:00
Tavi
450ad03159
Update CVE patchers
maybe some breakage

Signed-off-by: Tavi <tavi@divested.dev>
2024-04-04 13:55:38 -04:00
Tavi
768f46c3bd
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-04-02 08:54:59 -04:00
Tavi
2a78a4cfc0
Update CVE patchers
for realz

Signed-off-by: Tavi <tavi@divested.dev>
2024-03-27 22:09:10 -04:00
Tavi
dc9ed7c46c
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-03-21 14:54:23 -04:00
Tavi
26d99a04f0
15.1: March ASB work
Signed-off-by: Tavi <tavi@divested.dev>
2024-03-14 23:35:21 -04:00
Tavi
1e8e187ede
17.1: March ASB work
+ a bonus February patch for 15.1

Signed-off-by: Tavi <tavi@divested.dev>
2024-03-14 21:15:15 -04:00
Tavi
dee7abe09d Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-03-14 14:58:24 -04:00
Tavi
0b8f1a2c57
Churn
Signed-off-by: Tavi <tavi@divested.dev>
2024-03-09 12:02:14 -05:00
Tavi
f5a44efdff
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-03-07 12:13:52 -05:00
Tavi
5aefd27519
Update CVE patchers
Fixes https://github.com/Divested-Mobile/DivestOS-Build/issues/294

Signed-off-by: Tavi <tavi@divested.dev>
2024-03-05 12:42:34 -05:00
Tavi
cd38073ad2
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-03-04 15:39:53 -05:00
Tavi
fdbd1a090f
Update CVE patchers
I made a pass through removing some obvious wrongly applied patches
but there is likely some more breakage here

Signed-off-by: Tavi <tavi@divested.dev>
2024-03-02 12:31:51 -05:00
Tavi
45e87b4a1c
Update CVE patchers
Potential breakage

Signed-off-by: Tavi <tavi@divested.dev>
2024-02-27 03:15:54 -05:00
Tavi
20c8abcbc1
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-02-19 22:35:04 -05:00
Tavi
af57acc085
15.1: February ASB work
Signed-off-by: Tavi <tavi@divested.dev>
2024-02-09 00:59:52 -05:00
Tavi
4e2c426be3
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-01-31 13:33:41 -05:00
Tavi
00f1589cb8
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-01-22 13:27:55 -05:00
Tavi
4fae529ddc
15.1: January ASB work
+ a bonus patch for 16.0 and 17.1 as pointed out by @syphyr

Signed-off-by: Tavi <tavi@divested.dev>
2024-01-09 15:03:36 -05:00
Thaddeus
9d230974a2
Update CVE patchers
Signed-off-by: Thaddeus <tad@spotco.us>
2024-01-04 15:51:27 -05:00
Tad
7c46f43fc4
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-12-20 12:28:48 -05:00
Tad
0310c702c7
15/16: two missing system/bt fixes
Signed-off-by: Tad <tad@spotco.us>
2023-12-12 13:58:25 -05:00
Tad
9926f25ada
15.1 December ASB work
Signed-off-by: Tad <tad@spotco.us>
2023-12-12 01:21:38 -05:00
Tad
ba1e29a1b1
Reconcile picks
This gains one us patch: 376607

Signed-off-by: Tad <tad@spotco.us>
2023-12-11 18:59:08 -05:00
Tad
af0cea3572
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-11-16 22:59:28 -05:00
Tad
5a87cd6bcb
15.1 November ASB work
Signed-off-by: Tad <tad@spotco.us>
2023-11-13 22:16:47 -05:00
Tad
ad298935a2
16.0 November ASB work
Signed-off-by: Tad <tad@spotco.us>
2023-11-13 20:10:40 -05:00
Tad
acd2484816
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-11-07 17:37:16 -05:00
Tad
01a196e055
Pull in Messaging notifications fix
Likely solves https://github.com/Divested-Mobile/DivestOS-Build/issues/141

Signed-off-by: Tad <tad@spotco.us>
2023-11-05 19:32:30 -05:00
Tad
548aec9c9d
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-11-05 18:58:11 -05:00
Tad
90979e494c
Updater: point the changelog button to our news page
Closes https://github.com/Divested-Mobile/DivestOS-Build/issues/257

Signed-off-by: Tad <tad@spotco.us>
2023-10-20 18:44:05 -04:00
Tad
f64285f6fd
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-10-15 21:06:16 -04:00
Tad
f5da93c4e5
15.1 October ASB work
Signed-off-by: Tad <tad@spotco.us>
2023-10-09 22:02:07 -04:00
Tad
bf565cd578
Switch to upstream ASB patchsets
Signed-off-by: Tad <tad@spotco.us>
2023-10-08 22:52:14 -04:00
Tad
7d2c184d1f
Bonus patches
Signed-off-by: Tad <tad@spotco.us>
2023-10-03 15:17:06 -04:00
Tad
d80f272b54
Update CVE patchers
CVE-2023-4128 replaces CVE-2023-4208

Signed-off-by: Tad <tad@spotco.us>
2023-10-02 21:41:34 -04:00
Tad
fcf4f812cc
CVE-2023-5217
untested

Signed-off-by: Tad <tad@spotco.us>
2023-09-28 09:17:29 -04:00
Tad
19f4964036
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-09-21 16:52:35 -04:00
Tad
25f02f4177
14.1 though 17.1: patch CVE-2023-4863, thanks to @syphyr
run tested on 14.1, 15.1, and 17.1
compile tested on 16.0

Signed-off-by: Tad <tad@spotco.us>
2023-09-20 04:16:17 -04:00
Tad
337ae6012d
Fixup
TODO: regen

Signed-off-by: Tad <tad@spotco.us>
2023-09-17 20:26:44 -04:00
Tad
1b4f6d3bd8
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-09-17 01:30:23 -04:00
Tad
5eb6190931
Fixup 15.1/16.0 backport: system/bt: Fix UAF in gatt_cl.cc
thanks to @syphyr for this!

Signed-off-by: Tad <tad@spotco.us>
2023-09-12 16:55:46 -04:00
Tad
3aa7e02455
15.1 September ASB work
Signed-off-by: Tad <tad@spotco.us>
2023-09-11 20:09:30 -04:00
Tad
84a84c4742
Picks + Churn
Signed-off-by: Tad <tad@spotco.us>
2023-09-10 21:12:24 -04:00
Tad
0ec3c25d86
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-09-05 20:42:14 -04:00
Tad
fc9032513f
Update CVE patchers
Likely issue CVE-2023-3773/^6.4

Signed-off-by: Tad <tad@spotco.us>
2023-08-27 17:13:53 -04:00
Tad
52a0c55c41
Fixups
- Revert Freetype branch switching for 15.1+, broken
- Don't include OpenEUICC on Pixel 2 and 3 series, they won't work
- Churn

Signed-off-by: Tad <tad@spotco.us>
2023-08-24 03:06:02 -04:00
Tad
1fde0f9c45
More branch switching, thanks to @syphyr
Signed-off-by: Tad <tad@spotco.us>
2023-08-23 11:05:05 -04:00
Tad
7ad46d58f1
Switch to @syphyr's security backport branches
Signed-off-by: Tad <tad@spotco.us>
2023-08-18 11:34:39 -04:00
Tad
2142e2e763
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-08-17 17:18:10 -04:00
Tad
160aee5049
Backport patch to handle verity with openssl 3.0
ref: https://github.com/Divested-Mobile/DivestOS-Website/pull/19

Signed-off-by: Tad <tad@spotco.us>
2023-08-11 18:53:01 -04:00
Tad
974878988b
Fixup
Will regen later

Signed-off-by: Tad <tad@spotco.us>
2023-08-09 00:46:44 -04:00
Tad
79e3fb6fb4
15.1 August ASB work
Signed-off-by: Tad <tad@spotco.us>
2023-08-08 09:35:44 -04:00
Tad
eef09ae519
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-08-07 18:07:19 -04:00
Tad
180280b233
Update CVE patchers
TODO: adjust min version of CVE-2023-4132

Signed-off-by: Tad <tad@spotco.us>
2023-08-04 21:00:29 -04:00
Tad
73414e76d2
Update CVE patchers
two lpes

Signed-off-by: Tad <tad@spotco.us>
2023-07-25 12:04:05 -04:00
Tad
e408e7e19a
Drop devices with newer versions available
14.1: clark
15.1: deb, flo, hammerhead, shamu, ether
16.0: hammerhead
19.1: alioth

Signed-off-by: Tad <tad@spotco.us>
2023-07-22 19:17:42 -04:00
Tad
0f9a2c7aea
Less aggressive low_ram enablement
14.1 <2GB
15.1 <2GB
16.0 <2GB
17.1 <3GB
18.1 <3GB
19.1 <4GB
20.0 <4GB

Signed-off-by: Tad <tad@spotco.us>
2023-07-17 18:44:56 -04:00
Tad
b6308caa37
Update CVE patchers
TODO: enable CVE-2023-31084/4.4

Signed-off-by: Tad <tad@spotco.us>
2023-07-15 21:22:18 -04:00
Tad
1c9076fffe
KSM tuning
- Only enable on Linux 3.0 through 4.9
- Always enable defer option
- Only run twice a second, instead of fifty times a second

Signed-off-by: Tad <tad@spotco.us>
2023-07-14 20:27:10 -04:00
Tad
15de8ed2e8
Expand the low_ram coverage
As follows
14.1 <3GB
15.1 <3GB
16.0 <3GB
17.1 <3GB
18.1 <4GB
19.1 <6GB
20.0 <6GB

Signed-off-by: Tad <tad@spotco.us>
2023-07-13 18:31:03 -04:00
Tad
9d6662dee7
15.1 July ASB work
Signed-off-by: Tad <tad@spotco.us>
2023-07-07 18:00:23 -04:00
Tad
a1a3cbb94e
Fix overlay conflicts
Should mostly fix https://github.com/Divested-Mobile/DivestOS-Build/issues/219

Signed-off-by: Tad <tad@spotco.us>
2023-07-06 14:51:40 -04:00
Tad
2e2ac4557d
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-06-26 19:41:11 -04:00
Tad
cda898f141
Certificate Authority store updates
- Remove some untrustworthy CAs
- Update CA store for all branches to aosp/e302aa968334b3c3fc9cd709a7c7661e0cf534eb

Signed-off-by: Tad <tad@spotco.us>
2023-06-17 15:13:54 -04:00
Tad
a07133a064
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-06-16 11:03:46 -04:00
Tad
8c7f3daa00
15.1+16.0 June ASB work
Signed-off-by: Tad <tad@spotco.us>
2023-06-10 05:16:45 -04:00
Tad
2ee99fe3ef
Update CVE patchers
CVE-2020-36694 appears to be a duplicate of CVE-2021-29650

Signed-off-by: Tad <tad@spotco.us>
2023-06-01 21:12:08 -04:00
Tad
71c169d326
Promote LGE G5, G6, and V20 to 19.1
Signed-off-by: Tad <tad@spotco.us>
2023-05-17 02:52:11 -04:00
Tad
cd0a29d69b
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-05-12 23:28:44 -04:00
Tad
6fb0a581c3
15.1 and 16.0 May ASB work
Signed-off-by: Tad <tad@spotco.us>
2023-05-07 21:28:27 -04:00
Tad
6d2a255eef
Remove User-Agent (and serial) from source built libloc
Signed-off-by: Tad <tad@spotco.us>
2023-05-05 22:27:27 -04:00
Tad
c544c28b94
Prevent Qualcomm location stack from reading chipset serial number
The deblobber already removes xtra-daemon which is what actually performs the requests.
This is just extra sanctity.

Signed-off-by: Tad <tad@spotco.us>
2023-05-03 21:41:20 -04:00
Tad
366b4eb5ef
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-05-02 18:01:39 -04:00
Tad
39b0c9e036
Remove broken emoji updates
Signed-off-by: Tad <tad@spotco.us>
2023-05-02 15:31:57 -04:00
Tad
7b2eb1079a
Update emoji list in LatinIME too and disable
tested not working on 15.1
shows as cross boxes or double characters

Signed-off-by: Tad <tad@spotco.us>
2023-04-29 16:56:13 -04:00
Tad
86b7525400
Update the emojis, untested
Signed-off-by: Tad <tad@spotco.us>
2023-04-29 16:17:00 -04:00