Commit Graph

398 Commits

Author SHA1 Message Date
Tad
cc64ce1634 Update CVE patchers 2020-10-14 16:28:07 -04:00
Tad
10d042c3c0 Update CVE patchers 2020-10-14 15:20:06 -04:00
Tad
6c9c91941e Fix errors from compile test of all 14.1 kernels 2020-10-14 14:23:22 -04:00
Tad
d53a4f4e41 Update CVE patchers
- Drop tcp_sack=0 sysctl, as most devices are now patched
2020-10-12 18:38:07 -04:00
Tad
260140f0a1 Update CVE patchers 2020-10-10 11:56:35 -04:00
Tad
8bdad21040 Update CVE patchers 2020-10-06 23:36:29 -04:00
Tad
b56fabac3b Update CVE patchers
I expect some breakage here
2020-10-06 21:14:18 -04:00
Tad
bf9167f442 Update CVE patchers 2020-10-05 21:38:25 -04:00
Tad
92879ec2a4 Update CVE patchers 2020-09-23 06:31:34 -04:00
Tad
3bc1463017 Update CVE patchers 2020-09-18 10:36:01 -04:00
Tad
8c1e8ee3e3 Update CVE patchers 2020-09-17 15:35:48 -04:00
Tad
d16a362141 ASB cherry picks + Fixup 2f83043c
TODO: rm -v kernel/*/*/drivers/staging/greybus/tools/Android.mk
2020-09-12 08:29:09 -04:00
Tad
76fcd8a0d4 Update CVE patchers 2020-09-08 18:19:52 -04:00
Tad
37ff7ddc2d Update CVE patchers 2020-09-02 15:03:00 -04:00
Tad
ec17d20f58 Update CVE patchers 2020-08-22 11:03:23 -04:00
Tad
f19dbe5958 More fixes for a69326f3 2020-08-10 03:46:36 -04:00
Tad
887ebb84c5 Update CVE patchers
Includes many fixes for a69326f3
but probably breaks other things
2020-08-09 07:29:19 -04:00
Tad
a69326f396 Update CVE patchers
Untested. I expect some breakage.
2020-08-08 13:06:39 -04:00
Tad
af54500797 Update CVE patchers 2020-08-03 18:15:27 -04:00
Tad
c715d549a7 Update CVE patchers 2020-07-07 01:57:39 -04:00
Tad
9bafe76906 Update CVE patchers 2020-06-27 02:29:14 -04:00
Tad
5797ea8fc4 Small fixes
CVE-2019-14047/ANY/0002.patch will probably need to be disabled on more devices
2020-06-02 17:33:27 -04:00
Tad
ca77d36357 Update CVE patchers 2020-06-02 02:23:57 -04:00
Tad
31d6ab5299 Update CVE patchers 2020-05-28 23:06:53 -04:00
Tad
25cc3c5a10 Update CVE patchers 2020-05-18 16:25:41 -04:00
Tad
2aa65e6b16 Cherry picks 2020-05-11 07:57:53 -04:00
Tad
e962fdeb81 Update CVE patchers 2020-05-04 17:18:50 -04:00
Tad
9fcb91793e Update CVE patchers 2020-04-26 13:24:43 -04:00
Tad
cdd74148b9 Patcher build fixes 2020-04-12 13:58:02 -04:00
Tad
0c89accfb5 Update CVE patchers 2020-04-06 22:23:37 -04:00
Tad
c26b3e95c7 Minor tweaks
- Cherry pick PPP/CVE-2020-8597 patches
- Add some more DNS providers
- Switch default DNS to Cloudflare's new malware blocking provider
- GCC 10 build fix
- Update CVE patchers (select)
2020-04-05 15:53:58 -04:00
Tad
01843b6b2b Update incrementals 2020-03-02 19:33:43 -05:00
Tad
4e25046418 Many changes
- Add OnePlus 2, 3/T, 5/T
- Fix flounder
- Cherrypicks
2020-02-17 22:21:47 -05:00
Tad
cc28df15f7 Cherry picks + fix 5 failing devices 2020-02-09 13:52:25 -05:00
Tad
2734a075c6 Update CVE patchers 2020-02-03 21:36:49 -05:00
Tad
332807d427 Update CVE patchers 2020-02-02 12:09:49 -05:00
Tad
d8c2a56124 Update CVE patchers 2019-12-11 20:21:14 -05:00
Tad
4610cd9bde Update CVE patchers
CVE-2019-19252 was dropped
dependent on d21b0be246
2019-12-03 06:12:46 -05:00
Tad
f90b62982b Update CVE patchers 2019-11-24 20:13:55 -05:00
Tad
d64534a7c1 Update CVE patchers 2019-11-04 21:04:49 -05:00
Tad
640ef60b83 Move many old cherry picks in tree for archival/support purposes 2019-10-19 22:03:59 -04:00
Tad
579f340c3c Update CVE patchers 2019-10-04 14:43:19 -04:00
Tad
ae87cffe34 14.1: add v1awifi 2019-09-18 18:04:22 -04:00
Tad
e01e457b24 Per-device signing keys
- also fix OTA/recovery key regression
- Update cherrypicks
2019-09-15 22:18:04 -04:00
Tad
ec48a4c89c Update CVE patchers 2019-09-04 01:31:12 -04:00
Tad
eccf9c6f6d Many new devices
- hammerhead: 15.1 -> 16.0

- axon7: 14.1, 15.1
- cheryl: 16.0
- crackling: 14.1, 15.1, 16.0
- ham: 14.1, 15.1, 16.0
- kipper: 14.1, 15.1, 16.0
- z2_plus: 16.0
2019-08-23 17:27:53 -04:00
Tad
aee6b66dd8 Update CVE patchers 2019-08-05 16:03:41 -04:00
Tad
bad890614e Update CVE patchers 2019-07-21 09:47:10 -04:00
Tad
a29825f6e1 Update CVE patchers 2019-07-01 18:06:05 -04:00
Tad
55c3072089 Going the distance... [pt2] 2019-06-18 13:51:04 -04:00
Tad
c15105d945 Update CVE patchers 2019-06-17 23:26:38 -04:00
Tad
1d67143181 Update CVE patchers 2019-06-08 04:09:24 -04:00
Tad
d7078bafd6 Update CVE patchers 2019-06-03 18:41:24 -04:00
Tad
380353773e Fixes 2019-05-17 20:48:26 -04:00
Tad
899812864f Update CVE patchers 2019-05-14 21:04:55 -04:00
Tad
b2e521440e Update CVE patchers 2019-05-06 18:31:06 -04:00
Tad
08a2506fe9 14.1: support i9300 and n7100
i9300 has less blobs compared to i9305 due to different modem
2019-05-02 16:42:50 -04:00
Tad
f8cfdbca4f Update CVE patchers 2019-04-07 20:31:27 -04:00
Tad
b1455b641d Update CVE patchers 2019-03-08 15:15:46 -05:00
Tad
913fbcd109 ASB cherry picks + minor tweaks 2019-03-05 22:57:45 -05:00
Tad
5607db2e0b Update CVE patchers
- More aggressively attempt to apply incremental patches by
  ignoring the current subversion, as it is common for it to be 0
  Hopefully I won't have to revert this
2019-03-04 21:41:55 -05:00
Tad
9e897989d1 Update CVE patchers 2019-03-04 20:18:29 -05:00
Tad
bc63feedc9 Update CVE patchers 2019-02-21 06:25:47 -05:00
Tad
b9ff7a74e6 Updates and fixes 2019-02-12 16:09:41 -05:00
Tad
a7a4e869fd Many changes
- Remove broken/permissive devices
- Notify user when location is requested via SUPL
- 15.1: skia cherrypicks for Feb ASB
- 15.1: recovery: change selected text color
2019-02-09 14:20:19 -05:00
Tad
15237becbb Update CVE patchers 2019-02-04 16:03:59 -05:00
Tad
378971497c 14.1: Support unified tuna 2019-02-01 02:53:13 -05:00
Tad
a7a0a67888 Many changes
- Allow enabling accessibility services without disabling secure start-up
- Disable overclocks
- Update select CVE patchers
- Update submodules
- Support select downloads over Tor
- Update defconfig enablers
- Cherry pick security patches
2019-01-14 03:12:50 -05:00
Tad
ec3ffa38f2 Fixup CVE patchers 2019-01-07 19:42:25 -05:00
Tad
d8aac4c07b Update CVE patchers 2019-01-07 17:07:00 -05:00
Tad
c07027dd97 Many changes
- Update CVE patchers
- Update submodules
- Update defconfig enablers
- Update DNS IP addresses
- + Misc changes
2018-12-24 23:29:56 -05:00
Tad
982462aa00 Update CVE patchers 2018-12-04 17:21:39 -05:00
Tad
6ea39e0a0f Updates 2018-11-13 17:33:49 -05:00
Tad
a2fd561a9b Temp fix for wrongly versioned CVE patch
- TODO: Regen CVE patchers
2018-11-06 22:22:22 -05:00
Tad
5be6227a8b Minor updates + Update CVE patchers 2018-11-06 21:09:35 -05:00
Tad
136bb520aa Update CVE patchers 2018-10-01 22:45:00 -04:00
Tad
51fd815236 Update CVE patchers 2018-09-13 21:53:30 -04:00
Tad
f8a438b32a Update CVE patchers 2018-09-12 15:45:35 -04:00
Tad
465008cc14 Update CVE patchers 2018-09-05 07:07:38 -04:00
Tad
44a192b7a4 Various fixes 2018-08-26 20:32:19 -04:00
Tad
9fb6c648d9 Partial revert of 1983d9a8f7 2018-08-24 00:26:35 -04:00
Tad
1983d9a8f7 Update CVE patchers 2018-08-23 21:26:33 -04:00
Tad
9cbc514c59 Initial support for geminipda 2018-08-23 18:50:13 -04:00
Tad
1c0dfb1839 Update CVE patchers + misc fixes 2018-08-14 14:51:14 -04:00
Tad
17340a0963 Update CVE patchers 2018-08-10 21:03:28 -04:00
Tad
db3b42ae4f Update CVE patchers + misc fixes 2018-08-08 20:23:26 -04:00
Tad
46b1b409c9 Update CVE patchers 2018-08-06 21:32:33 -04:00
Tad
94f1382077 Updates 2018-07-25 21:56:11 -04:00
Tad
13fd3fab51 fugu fixes 2018-07-22 17:08:22 -04:00
Tad
e3dcb260aa Update CVE Patchers
- and add initial rpi3 support
2018-07-22 09:37:23 -04:00
Tad
b384623f16 Deblobber: TimeKeep replacement fixes
- Still needs more fixes
- 14.1: Also update CVE patcher for motorol_msm8916
2018-07-20 20:06:36 -04:00
Tad
31444ad3c8 Update CVE patchers 2018-07-02 23:16:36 -04:00
Tad
30d59ea53d More devices
- 14.1: dragon, manta, us996, us997, victara
- 15.1: dragon, us996, us997, victara
- Deblobber: Remove more blobs
2018-06-30 14:03:11 -04:00
Tad
d2ba1ddb20 Overhaul variable names 2018-06-29 13:46:12 -04:00
Tad
29ace39eb9 Fixup previous 2 commits + misc tweaks 2018-06-27 12:04:42 -04:00
Tad
d0dd1893c6 14.1: Add back CVE patchers for removed devices + misc fixes 2018-06-27 10:09:26 -04:00
Tad
6746942f30 14.1: Add grouper 2018-06-26 05:57:22 -04:00
Tad
5772b68224 Update CVE patches + more globbing fixes 2018-06-23 03:39:01 -04:00
Tad
b10f0a97dc Update CVE patchers + misc fixes 2018-06-05 00:35:42 -04:00
Tad
cd98cee42f Update CVE patchers 2018-05-29 14:49:15 -04:00
Tad
fe66b008c0 Changes 2018-05-23 06:25:41 -04:00
Tad
29e49a5147 Fixup ether 2018-05-20 14:57:54 -04:00
Tad
dfaf44387b Update CVE patchers 2018-05-17 16:42:42 -04:00
Tad
f5fd480f56 Update CVE patchers 2018-05-07 16:20:58 -04:00
Tad
999c94d2de Update CVE patchers 2018-04-28 00:43:08 -04:00
Tad
4011255c53 14.1: Fixes 2018-04-25 22:28:42 -04:00
Tad
28de039beb Update CVE patchers 2018-04-22 02:41:18 -04:00
Tad
4b04593376 Fixup de78fb8b9a 2018-04-14 11:30:05 -04:00
Tad
b8937a6400 14.1: Fix herolte, both: replace Gallery2 with CameraRoll 2018-04-14 02:27:01 -04:00
Tad
de78fb8b9a Update CVE patchers 2018-04-13 15:29:21 -04:00
Tad
a914c813b0 15.1: Fixes, 14.1: Cleanup 2018-04-10 19:24:39 -04:00
Tad
f3a92223a5 Fix updater 2018-04-06 21:50:20 -04:00
Tad
fcea2b8d1d Lots of cleanup
- Some overclocks might be missing'
2018-04-06 14:10:43 -04:00
Tad
fec8fecf5f 14.1: Drop marlin/sailfish 2018-04-06 13:38:55 -04:00
Tad
b2d1b93dcb 14.1: Drop bacon and m8, 15.1: Many more fixes 2018-04-04 21:24:08 -04:00
Tad
c3a3beb907 Update CVE patchers 2018-04-03 06:10:03 -04:00
Tad
4f9299f900 Update CVE patchers 2018-03-30 21:47:33 -04:00
Tad
2d8bab800c Many Changes
- Remove more projects via manifests
- Fix FDroidPrivExt inclusion
- 14.1: Remove Jelly
- Remove leftovers from LG G2
2018-03-23 12:37:26 -04:00
Tad
9c2272bc03 14.1: Update CVE patchers 2018-03-07 00:07:45 -05:00
Tad
eea5b71bd4 14.1: Drop 5 devices supported by 15.1 2018-03-01 09:51:05 -05:00
Tad
9cdfc59d5e 14.1: Update CVE patchers 2018-02-19 15:01:57 -05:00
Tad
48d9b9daaa Update CVE patchers and add a helper patch function 2018-02-05 19:21:44 -05:00
Tad
d3a231e2be Many build fixes
- Deblobber: sh -> bash (potential fix)
- Mark h815 as broken upstream
- Fix h850
- Fix herolte
- Fix Z00T
2018-01-31 13:14:19 -05:00
Tad
f5e79a3d11 Minor tweaks and update CVE patchers 2018-01-30 02:18:38 -05:00
Tad
47ae3584a7 Build fixes and update CVE patchers 2018-01-17 17:06:40 -05:00
Tad
e3d6171053 Update CVE patchers 2018-01-16 19:55:07 -05:00
Tad
6fb82b7907 Attempt to improve AES performance 2018-01-11 14:16:13 -05:00
Tad
8e8c1d5834 Update CVE patchers 2018-01-10 18:29:28 -05:00
Tad
c47dee71d8 Add a function to update the kernel localversion 2018-01-10 17:52:20 -05:00
Tad
ffa80a1341 Update CVE patchers 2018-01-10 15:49:48 -05:00
Tad
85895baa66 Update CVE patchers 2018-01-10 15:24:05 -05:00
Tad
97bb50e125 Update CVE patchers 2018-01-10 02:20:35 -05:00
Tad
86234066dc Patch most 3.10 kernels against Spectre 2018-01-04 19:52:32 -05:00
Tad
a4cde9bb89 Update CVE patchers 2018-01-04 13:34:44 -05:00
Tad
1402e9b041 Update CVE patchers 2018-01-04 13:17:29 -05:00
Tad
e5cbc542ea Misc changes 2018-01-03 21:55:04 -05:00
Tad
eb32600c0b Fix AES256 encryption patch, and update CVE patchers 2018-01-03 12:15:58 -05:00
Tad
758088bde2 Update CVE patchers 2017-12-30 07:11:23 -05:00
Tad
ef211a5107 Fix flo, update CVE patchers 2017-12-24 10:59:48 -05:00
Tad
f35e6c2779 Add d852 2017-12-22 20:32:56 -05:00
Tad
176d22c6bb Update CVE patchers 2017-12-20 14:29:33 -05:00
Tad
cbe5dc9e9d Add support for LG G2, G3, G4, G5 and update CVE patchers 2017-12-20 13:42:28 -05:00
Tad
fcc8ffc5bd Tweaks and Fixes 2017-12-15 16:42:36 -05:00
Tad
4de3a166c4 Remove Android CVE patchers
If a patch affects 4.4.4-8.0, the patch is against 8.0 and will break <8.0
some patches will get backported to older branches others not
Will attempt to automate again later
2017-12-08 23:24:48 -05:00
Tad
2091d44aa3 Add CVE patchers for various Android repos 2017-12-08 23:13:11 -05:00
Tad
8db2dfcde2 Fix patcher paths 2017-12-08 19:29:47 -05:00
Tad
b5c8ef6bc3 Update CVE patchers 2017-12-08 18:59:55 -05:00
Tad
11cc70ef35 Privacy guard improvements and update CVE patchers 2017-12-08 08:18:39 -05:00
Tad
1bd7aab805 Update CVE patchers 2017-12-07 20:20:48 -05:00
Tad
426d32fda5 Update CVE patchers using recoded patcher 2017-12-07 01:04:22 -05:00
Tad
90d7413c04 Update CVE patchers 2017-12-05 19:42:36 -05:00
Tad
3dd9a262df Update CVE patchers with CopperheadOS kernel hardning patches 2017-12-05 18:22:31 -05:00
Tad
dd460da4c3 Build fixes 2017-12-05 11:26:57 -05:00
Tad
face62a675 Fixes 2017-12-04 22:48:33 -05:00
Tad
f93366c8e7 Update CVE patchers 2017-12-04 19:08:04 -05:00
Tad
9bed70363b Update CVE patchers 2017-12-04 18:49:19 -05:00
Tad
dd7454b664 Update CVE patchers 2017-12-01 17:02:23 -05:00
Tad
39337477bf Fixes 2017-11-26 12:43:47 -05:00
Tad
f17b6e477d Update CVE patchers 2017-11-25 19:55:55 -05:00
Tad
8ead3072ca Linux incremental patches - little benefit 2017-11-10 04:13:11 -05:00
Tad
1b74baddf0 Patch against towelroot 2017-11-10 03:06:09 -05:00
Tad
d1f4933957 Many fixes 2017-11-09 22:59:37 -05:00
Tad
b84f0881b0 Version the previous USB patches 2017-11-08 13:13:06 -05:00
Tad
7b3c994731 Update CVE patchers 2017-11-08 03:42:33 -05:00
Tad
aaa94329a5 Add more patches 2017-11-08 03:23:39 -05:00
Tad
397e66c977 CVE Build fixes 2017-11-07 23:45:28 -05:00
Tad
93795db152 Update CVE patchers 2017-11-07 23:07:05 -05:00
Tad
09fac4ca19 Update CVE patchers 2017-11-07 22:09:45 -05:00
Tad
7c0049f494 Update CVE patchers 2017-11-07 21:54:21 -05:00
Tad
3a5e68f927 Update patchers 2017-11-07 20:35:49 -05:00
Tad
fc6fc0f96e Rewrite CVE patchers 2017-11-07 20:11:50 -05:00
Tad
8ed308c888 Update CVE pathcers against new patches 2017-11-07 20:00:37 -05:00
Tad
7da9d77ed3 Patcher updates 2017-11-07 19:12:41 -05:00
Tad
529ce03a13 Fixup wireless patches 2017-11-07 18:55:10 -05:00
Tad
5bc79a7ad7 Restore nex/11.0 and cleanup 2017-11-06 15:34:40 -05:00
Tad
db7f521c28 Update FDroid repos 2017-11-05 23:19:53 -05:00
Tad
e0c764492d Add CVE patchers and commands for new devices 2017-11-05 14:15:54 -05:00
Tad
7ffb675a15 Licensing fixes, and misc fixes 2017-11-05 10:58:01 -05:00
Tad
d636b7c598 Many fixes 2017-11-04 16:56:52 -04:00
Tad
f5e96522e1 Fixes 2017-11-02 19:35:27 -04:00
Tad
5cce7e4c37 Add CVE patcher for nex 2017-11-02 19:09:39 -04:00
Tad
6cb184876a More KRACK patches 2017-11-02 16:48:37 -04:00
Tad
c3c75e7b73 Revert "CVE Patchers: Switch to 3way, patch ~552 CVEs"
This reverts commit 7d24041ae3.

A quick sanity check against cve.lineageos.org shows most of these are patched already.
--3way == bad way
2017-11-02 16:01:55 -04:00
Tad
7d24041ae3 CVE Patchers: Switch to 3way, patch ~552 CVEs
I hope this doesn't break compile... it probably will and this will end up reverted :(
2017-11-02 15:57:46 -04:00
Tad
79daadb5ef Update CVE patchers for ranged versions, patching 1 CVE 2017-11-02 15:26:49 -04:00
Tad
f638b1434e Fixes 2017-10-31 14:06:04 -04:00
Tad
43e4a7035d Patch 30 more CVEs 2017-10-31 13:44:26 -04:00
Tad
9a09d20695 Disable patch for CVE-2016-0819 2017-10-30 22:46:23 -04:00
Tad
64d490d95e Remove network hardening patches, disable mako LTE patch, add function to enable forceencrypt 2017-10-30 17:38:00 -04:00
Tad
41b11b0273 Fully patch against KRACK 2017-10-30 01:13:51 -04:00
Tad
3afd709762 Remove duplicate cve patches and update CVE patchers 2017-10-29 22:33:38 -04:00
Tad
12b63c12b7 Remove some duplicate CVE patches and add back fixed CVE patcher scripts 2017-10-29 21:26:04 -04:00
Tad
e1a0ab6afd Fixes 2017-10-29 21:10:36 -04:00
Tad
548fbd1b50 New patchers 2017-10-29 16:25:37 -04:00
Tad
92a0187dfb Overhaul CVE patches 2017-10-29 14:23:02 -04:00
Tad
ce59045163 Add some more Linux CVE patches 2017-10-29 04:19:13 -04:00
Tad
86c2d7a648 Remove many duplicate linux CVE patches and update patchers 2017-10-29 03:46:24 -04:00
Tad
f5425a4c97 More tweaks, add many scripts for patching kernel cves 2017-10-29 02:21:16 -04:00