Commit Graph

1383 Commits

Author SHA1 Message Date
Tad
bc3a9cddba Small tweaks
Signed-off-by: Tad <tad@spotco.us>
2022-02-09 00:22:02 -05:00
Tad
ee0bd8625f Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2022-02-07 14:43:05 -05:00
Tad
0a664cc22c Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2022-02-03 21:12:02 -05:00
Tad
c0aac415aa Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2022-01-29 09:35:59 -05:00
Tad
58b53de17a Multi user tweaks from GrapheneOS
Signed-off-by: Tad <tad@spotco.us>
2022-01-24 06:30:39 -05:00
Tad
2400cf0964 App updates
- Drops Calendar, Eleven, and Email
- Adds a variable for Silence inclusion
- Adds a NONE option for microG inclusion flag to disable NLP inclusion

Signed-off-by: Tad <tad@spotco.us>
2022-01-24 06:30:15 -05:00
Tad
6864156bd6 Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2022-01-20 22:22:22 -05:00
Tad
dbd2a71722 Update CVE patchers
Hopefully fixes boot breakage

Signed-off-by: Tad <tad@spotco.us>
2022-01-17 01:23:10 -05:00
Tad
5e18ec4dfe Tiny tweak
Signed-off-by: Tad <tad@spotco.us>
2022-01-16 16:42:26 -05:00
Tad
6ec0c63126 Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2022-01-13 11:08:22 -05:00
Tad
bfcf6b18b7 Fixup
Signed-off-by: Tad <tad@spotco.us>
2022-01-12 05:57:08 -05:00
Tad
ce6ee9d8e4 Update CVE patchers
CVE-2021-0961 should be fine now

Signed-off-by: Tad <tad@spotco.us>
2022-01-11 05:41:26 -05:00
Tad
b9c7839110 Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2022-01-11 01:19:31 -05:00
Tad
8a45dc4696 18.1: Device additions
h910
lavender
pioneer, voyager, discovery
akari, aurora, xz2c

Signed-off-by: Tad <tad@spotco.us>
2022-01-06 21:04:17 -05:00
Tad
207e45fe6a Update oneplus/sdm845 to 4.9.295
Signed-off-by: Tad <tad@spotco.us>
2022-01-06 15:21:00 -05:00
Tad
b05823bb20 Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2022-01-04 21:00:25 -05:00
Tad
daf98f8197 Small tweaks
Signed-off-by: Tad <tad@spotco.us>
2021-12-31 21:39:04 -05:00
Tad
39e520a03f Sync APN list from 18.1
Signed-off-by: Tad <tad@spotco.us>
2021-12-31 21:12:24 -05:00
Tad
e08349a202 Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2021-12-29 11:51:58 -05:00
Tad
68771721d5 Update oneplus/sdm845 to 4.8.282
Signed-off-by: Tad <tad@spotco.us>
2021-12-29 11:51:52 -05:00
Tad
8b3beeb9fd More analytics disablement
Signed-off-by: Tad <tad@spotco.us>
2021-12-27 23:24:03 -05:00
Tad
ee1f466211 Fixup
Signed-off-by: Tad <tad@spotco.us>
2021-12-27 18:16:42 -05:00
Tad
2c1d8d5e78 Hamper analytics improvements
Signed-off-by: Tad <tad@spotco.us>
2021-12-27 17:35:53 -05:00
Tad
3c1931bcc9 Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2021-12-19 05:15:32 -05:00
Tad
11141d3bc9 Small tweaks
Signed-off-by: Tad <tad@spotco.us>
2021-12-17 14:31:13 -05:00
Tad
6c38ece551 Update CVE patchers
User report confirms fixing wifi on lmi

Signed-off-by: Tad <tad@spotco.us>
2021-12-15 17:10:35 -05:00
Tad
20e1023627 Small changes
- 16.0: drop wallpaper optimization patch, questionable source
- deblobber: don't remove libmmparser_lite.so, potentially used by camera
- 17.1: pick Q_asb_2021-12, excluding a broken patch
- clark 17.1: some camera denial fixes
- alioth: unmark broken
- 17.1: switch to upstream glibc fix
- 17.1/18.1: disable per app sensors permission patchset, potential camera issues

Signed-off-by: Tad <tad@spotco.us>
2021-12-13 20:28:54 -05:00
Tad
8b85bf9719 Small change
Signed-off-by: Tad <tad@spotco.us>
2021-12-12 12:10:47 -05:00
Tad
8cf90d055e Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2021-12-11 01:12:41 -05:00
Tad
359ce4608f Small updates
Signed-off-by: Tad <tad@spotco.us>
2021-12-07 20:57:54 -05:00
Tad
ed1c151ce5 Update CVE patchers
CVE-2021-0961/ANY/0001.patch likely causes breakage

Signed-off-by: Tad <tad@spotco.us>
2021-12-06 17:43:34 -05:00
Tad
c5c3998593 Guess what? f̵͖̲̙̝̩̌̌̌̑͆̔͐̏͋̓̅̔̒̈́͠i̴͍̗̦͕̅̓̿͋̓̑̽͌͐͊͘͠͠s̵̡̬͙͚̃͑̓̊̌́̾́͠ḥ̴̬͓͚̹̱̰͕͚͈̞̳͒̊ ̵̢̟̞̖͈͖͕̥̙̤͉̮̍́̅̀̾b̵̛̹̝̙̖̱̲͉͚̝̪̲̓̿͛̔̆͋̎́͐̃͆̀̕͝u̸̞̺͓͎̰̦̯̘̺̬͔̬͆͛̋̍̂͒̓͛̐̈́̋̚͝ṫ̵̠t̶̻̳̜̪̗͖͛̂̒̃̑̏͝
Tested on 14.1 and 15.1 targets

Signed-off-by: Tad <tad@spotco.us>
2021-11-29 21:14:00 -05:00
Tad
62166d1ea5 Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2021-11-26 11:54:59 -05:00
Tad
df3b54fa20 Fixup camera on flox
Camera works in OpenCamera, but it can't actually take pictures.
Switch to Camera2 instead, tested pictures and videos working.

Also fixup compile issue with oneplus/msm8998-common
And refresh some patchers

Signed-off-by: Tad <tad@spotco.us>
2021-11-15 18:01:27 -05:00
Tad
f950398fa1 glibc 2.34 fix
Tested working to compile mako on Fedora 35

Signed-off-by: Tad <tad@spotco.us>
2021-11-14 20:16:48 -05:00
Tad
b8f5d8a510 Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2021-11-12 11:51:02 -05:00
Tad
c95421b6d2 Fixup 9c105b79
Signed-off-by: Tad <tad@spotco.us>
2021-11-08 18:45:29 -05:00
Tad
9c105b799f O_asb_2021-11
Based off of:
https://review.lineageos.org/q/topic:P_asb_2021-11

Missing:
https://review.lineageos.org/c/LineageOS/android_packages_apps_Settings/+/318655

Maybe missing:
https://review.lineageos.org/c/LineageOS/android_hardware_nxp_nfc/+/318653

Doesn't exist:
https://review.lineageos.org/c/LineageOS/android_frameworks_native/+/318652

Untested

Signed-off-by: Tad <tad@spotco.us>
2021-11-08 17:19:50 -05:00
Tad
3e62262e88 Small fixup
Signed-off-by: Tad <tad@spotco.us>
2021-11-07 13:37:37 -05:00
Tad
e882cf16c7 Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2021-11-06 18:47:57 -04:00
Tad
f2b9eb8e8b Small tweaks
Signed-off-by: Tad <tad@spotco.us>
2021-11-06 11:22:43 -04:00
Tad
fdd549ee98 16.0: add kccat6 and lentislte
Signed-off-by: Tad <tad@spotco.us>
2021-11-05 14:16:18 -04:00
Tad
621441349e Fixup the sensors permission patches on 7, 8, and 9.
Switch these patches to MODE_ALLOWED from MODE_ASK to fix breakage
of system services.

Also remove some code that adds a likely security issue.

Will need some extra regression testing.

Signed-off-by: Tad <tad@spotco.us>
2021-11-04 10:24:06 -04:00
Tad
f7295a0f74 Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2021-11-02 23:50:35 -04:00
Tad
b6575a362e Small tweaks
Signed-off-by: Tad <tad@spotco.us>
2021-11-02 22:47:34 -04:00
Tad
f3277f3c07 Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2021-11-02 12:01:36 -04:00
Tad
809e03833e Verity enablement overhaul
No change to AVB devices except for enabling on more
Verity devices have the potential to regress by not booting
No change to non-verity/avb devices
Tested working on: mata, cheeseburger, fajita

Signed-off-by: Tad <tad@spotco.us>
2021-11-02 10:24:07 -04:00
Tad
898c040ead More useless churn
Signed-off-by: Tad <tad@spotco.us>
2021-11-01 21:04:59 -04:00
Tad
33c2725946 More patch refreshing
Signed-off-by: Tad <tad@spotco.us>
2021-10-29 16:08:27 -04:00
Tad
a9f445ad47 16.0: add land and santoni
Signed-off-by: Tad <tad@spotco.us>
2021-10-28 19:07:31 -04:00
Tad
ecc4688ce0 Denial fixes for clark, osprey, surnia, and g3-common
Signed-off-by: Tad <tad@spotco.us>
2021-10-28 00:47:59 -04:00
Tad
ec043e961e Update CVE patchers
CVE-2021-20317 might need to be disabled due to QC timer breakage.

Signed-off-by: Tad <tad@spotco.us>
2021-10-27 15:26:53 -04:00
Tad
e6beba4b15 Small tweaks
Sad churn from git version.
Will be removed next build cycle.

Signed-off-by: Tad <tad@spotco.us>
2021-10-27 14:16:37 -04:00
Tad
b77444f84d Deblobber tweaks
- Put more blobs behind flags for testing purposes
- Potential graphics fix for newer devices
- Removes more Wi-Fi display blobs
- Remove some misc blobs

Signed-off-by: Tad <tad@spotco.us>
2021-10-23 19:49:27 -04:00
Tad
0c793835da Expand the available Private DNS options
Signed-off-by: Tad <tad@spotco.us>
2021-10-22 18:33:06 -04:00
Tad
fe8e8201a9 Add more 'Private DNS' options
Based off of patches from CalyxOS as noted in each included patch.

Tested and verified working on klte and mata 18.1

Signed-off-by: Tad <tad@spotco.us>
2021-10-21 23:39:46 -04:00
Tad
70b96aa211 Update oneplus/sdm845 from 4.9.227 to 4.9.277
Pulls us into August 2021

Tested working:
- boot
- usb mtp
- wifi
- bluetooth
- cameras
- audio
- gps
- brightness

Signed-off-by: Tad <tad@spotco.us>
2021-10-21 00:12:59 -04:00
Tad
5d7d710076 Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2021-10-20 15:01:18 -04:00
Tad
042b9063d1 More fixes
Signed-off-by: Tad <tad@spotco.us>
2021-10-16 17:12:13 -04:00
Tad
4ce35a3c60 Refresh most branch specific patches
Fixed up:
LineageOS-16.0/android_packages_apps_Backgrounds/308977.patch
LineageOS-16.0/android_packages_apps_Settings/0001-Captive_Portal_Toggle.patch
LineageOS-17.1/android_packages_apps_Settings/0001-Captive_Portal_Toggle.patch
LineageOS-18.1/android_packages_apps_Settings/0001-Captive_Portal_Toggle.patch

Must review again:
LineageOS-14.1/android_packages_apps_PackageInstaller/64d8b44.patch

Signed-off-by: Tad <tad@spotco.us>
2021-10-16 15:19:55 -04:00
Tad
52fd9c9ddb Tiny cleanup
Signed-off-by: Tad <tad@spotco.us>
2021-10-15 14:05:14 -04:00
Tad
5b630620f8 Drop 11.0
It has been over 2,500 days since the last release of 4.4.4.
And over 600 days since I last compiled this.

Signed-off-by: Tad <tad@spotco.us>
2021-10-14 20:08:44 -04:00
Tad
7ba42f052a Small changes
Signed-off-by: Tad <tad@spotco.us>
2021-10-14 15:58:22 -04:00
Tad
df60bfceda Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2021-10-13 12:20:44 -04:00
Tad
939c6aa7ed Small tweaks
Signed-off-by: Tad <tad@spotco.us>
2021-10-07 20:07:49 -04:00
Tad
f2e1d32eba Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2021-10-06 16:54:45 -04:00
Tad
7b28a193f1 Include the Support app
This is a very basic app with zero permissions and has quick links to
various related resources.

Signed-off-by: Tad <tad@spotco.us>
2021-10-06 06:21:38 -04:00
Tad
0ac035a48e Fixup e4a4e7f8
Signed-off-by: Tad <tad@spotco.us>
2021-10-06 05:31:40 -04:00
Tad
e4a4e7f8de Fix BT on apollo/thor
Closes https://github.com/Divested-Mobile/DivestOS-Build/issues/16

Signed-off-by: Tad <tad@spotco.us>
2021-10-06 04:52:14 -04:00
Tad
59bd09a807 Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2021-10-05 14:44:23 -04:00
Tad
5658b56424 Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2021-10-03 20:00:52 -04:00
Tad
7f98aad299 18.1: Drop DnsResolver patches
Merged upstream

Signed-off-by: Tad <tad@spotco.us>
2021-10-01 17:54:54 -04:00
Tad
025ca7df7f compile fixups
after the CVE-2021-Misc2 import and hardenDefconfig overhaul

also sync 18.1 DnsResovler patches with:
6332b25b87
f8490d024a

Signed-off-by: Tad <tad@spotco.us>
2021-10-01 12:34:22 -04:00
Tad
27fe558b76 Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2021-09-29 16:47:50 -04:00
Tad
9f9d418060 18.1: forward port the hosts cache and wildcard support
These were likely missed when resolv/ moved out of netd into DnsResolver.

Signed-off-by: Tad <tad@spotco.us>
2021-09-26 22:41:30 -04:00
Tad
94f342ac37 Tiny tweak
Signed-off-by: Tad <tad@spotco.us>
2021-09-26 16:41:48 -04:00
Tad
c6df37ca23 Expose the Sensors Off tile
This removes the hidden development 'Sensors off' tile from Settings app,
adds it back to SystemUI, and enables it by default.

Tested working on 18.1

Signed-off-by: Tad <tad@spotco.us>
2021-09-26 16:36:15 -04:00
Tad
84c7d230ab Permission for sensors access patches from @MSe1969
Signed-off-by: Tad <tad@spotco.us>
2021-09-24 23:35:33 -04:00
Tad
f5a58bd35f Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2021-09-23 20:56:00 -04:00
Tad
83efa5fe7d Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2021-09-18 13:43:41 -04:00
Tad
083e2048f8 Don't disable slub/slab merging via kernel command line, but by default
I have a sneaking suspicion that the length of some device command lines is
causing boot issues.
eg. with the recent additions, klte boots fine, but recovery doesn't, maybe
bootloader is adding more flags, exceeding a limit?

Signed-off-by: Tad <tad@spotco.us>
2021-09-15 10:17:27 -04:00
Tad
a9f44dee41 Fix hamper analytics patches
These must all be strings.
Sadly meant this likely hasn't worked for years.
:\

Signed-off-by: Tad <tad@spotco.us>
2021-09-13 15:27:29 -04:00
Tad
2f8550d2ae Sync APN list from 18.1
Signed-off-by: Tad <tad@spotco.us>
2021-09-11 16:25:14 -04:00
Tad
907dc0f040 Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2021-09-11 16:06:57 -04:00
Tad
0ade46cc8e Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2021-09-07 16:57:15 -04:00
Tad
e84111aaa8 Small changes
- Include TalkBack
- Fixup hosts inclusion, due to path mismatch
- 14.1: bump patch level to match the picked ASB
- 14.1: m7-common: deblobber fix

Signed-off-by: Tad <tad@spotco.us>
2021-09-06 14:32:37 -04:00
Tad
56e9a75445 14.1+15.1: Support wildcards in cached hosts file
Signed-off-by: Tad <tad@spotco.us>
2021-09-05 16:30:34 -04:00
Tad
809a361e07 Update CVE patchers
Don't introduce https://gitlab.com/LineageOS/issues/android/-/issues/3916

Will consider adding it as a revert

Signed-off-by: Tad <tad@spotco.us>
2021-09-04 14:35:24 -04:00
Tad
e0d300a651 Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2021-09-03 22:52:24 -04:00
Tad
dd4457260f 18.1 Updates
- Update Settings and SetupWizard patches after the big SetupWizard UI update
- Use the latest captive portal patch, was also previously partially broken
  due to mis-apply

Signed-off-by: Tad <tad@spotco.us>
2021-09-03 08:57:40 -04:00
Tad
f77971d38f Small tweaks
Signed-off-by: Tad <tad@spotco.us>
2021-08-31 20:53:17 -04:00
Tad
bdccb5fb39 Hamper ad_personalization_signals
Signed-off-by: Tad <tad@spotco.us>
2021-08-27 13:46:11 -04:00
Tad
27d55efdff Hamper ssaid collection
Signed-off-by: Tad <tad@spotco.us>
2021-08-27 13:41:57 -04:00
Tad
31e615f341 Add the WebView repository
Allows for rapid updates in-between build cycles.
Tested working on many devices.

Signed-off-by: Tad <tad@spotco.us>
2021-08-27 12:46:54 -04:00
Tad
792cb89ed7 Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2021-08-26 12:17:46 -04:00
Tad
0dbabac59a Update CVE patchers
Maybe breakage?

Signed-off-by: Tad <tad@spotco.us>
2021-08-23 15:27:53 -04:00
Tad
1dc0bce913 Disable removal of display color blobs
Removal is still breaking boot on some devices

Signed-off-by: Tad <tad@spotco.us>
2021-08-21 15:34:02 -04:00
Tad
c0debe55c4 Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2021-08-18 08:54:30 -04:00
Tad
4ae1402229 Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2021-08-13 23:54:19 -04:00
Tad
79132fddef Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2021-08-13 11:07:07 -04:00
Tad
2d468d9da2 Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2021-08-09 14:44:48 -04:00
Tad
2db8ac7c70 Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2021-08-04 14:57:55 -04:00
Tad
9e548cabf5 Fixup 3d69ad87
Tested to compile bacon, ether, and griffin kernels

Signed-off-by: Tad <tad@spotco.us>
2021-08-03 18:46:38 -04:00
Tad
3d69ad873e \"\'FIXES\'\" PART 2
There will likely be some breakage here.
Many of these patches have been here since the start and never used.

Signed-off-by: Tad <tad@spotco.us>
2021-08-03 15:14:02 -04:00
Tad
4fae8d0445 Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2021-08-03 12:37:28 -04:00
Tad
2c05482872 Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2021-07-31 09:17:08 -04:00
Tad
914bed8556 Reimplement fe6f8537
LTE tested working with hybrid 33-107 modem.
Phone calls drop to HSPA as expected.
No issues if using stock modem either compared to without this patch.

In my area, without this patch, my makos are useless cell-wise.

Gives extra life to the Nexus 4.

Signed-off-by: Tad <tad@spotco.us>
2021-07-29 15:25:05 -04:00
Tad
36331d6d62 Update CVE patchers 2021-07-28 10:08:52 -04:00
Tad
b61264e3b9 Update CVE patchers 2021-07-27 00:17:14 -04:00
Tad
40c356371a Small tweaks 2021-07-25 22:41:56 -04:00
Tad
ca51db0be0 Update CVE patchers 2021-07-21 22:48:29 -04:00
Tad
9a4c02c3dc Tiny tweaks 2021-07-19 12:05:18 -04:00
Tad
3d67f9e25c Update CVE patchers 2021-07-12 06:31:38 -04:00
Tad
c2b2aa5830 16.0+: Add captive portal toggle from @MSe1969
Source:
0045a97cb4
b483b4e9ab
18.1 is the 17.1 patch rebased

Wording was altered.

Already included in 14.1+15.1
2021-07-10 22:48:45 -04:00
Tad
a43601e77b Update CVE patchers
I expect breakage.
2021-07-10 11:39:14 -04:00
Tad
050da06eba Move n_asb_09-2018-qcom in tree 2021-07-09 21:04:08 -04:00
Tad
c13672b9b7 Update CVE patchers 2021-07-07 15:14:20 -04:00
Tad
12283124b5 Fixup last commit 2021-07-04 17:05:27 -04:00
Tad
f6357512a7 Update CVE patchers 2021-07-04 14:41:44 -04:00
Tad
44003bd2f5 Update CVE patchers 2021-06-30 17:05:59 -04:00
Tad
d7287a6b94 Update CVE patchers 2021-06-27 11:50:15 -04:00
Tad
ef8573b29c Small fixes 2021-06-26 22:59:46 -04:00
Tad
881c24d8b2 Various patches from GrapheneOS 2021-06-26 18:57:46 -04:00
Tad
eb3e51e7e3 Small tweaks 2021-06-23 13:00:43 -04:00
Tad
48f35901c2 Update CVE patchers 2021-06-16 23:17:37 -04:00
Tad
d9d564ebd3 Cherrypick updates 2021-06-16 02:41:22 -04:00
Tad
fe1f9ec7c4 Sync reflog extracted commits with Gerrit originals 2021-06-15 21:04:37 -04:00
Tad
d42c8f033d Small changes
- Fixup CVE-2020-36386 breakage
- Move some cherrypicks in tree (gerrit down right now, pulled from reflog)
- Update cherrypicks
2021-06-15 05:46:30 -04:00
Tad
71fe4d590e Small tweaks
- 14.1: drop z00t, compiles on 15.1
- fix double patch breakage for CVE-2020-36386
- clark: fix recovery firmware extraction, hopefully
2021-06-12 10:49:54 -04:00
Tad
4b044379ec Update CVE patchers 2021-06-11 11:00:54 -04:00
Tad
94b91c6afd Incall privacy warning from CalyxOS 2021-06-08 12:11:13 -04:00
Tad
d9c49b56c3 Update CVE patchers 2021-06-07 22:30:33 -04:00
Tad
1e5df6f42e Update CVE patchers 2021-06-03 13:28:32 -04:00
Tad
f89f0cb983 Small tweaks
Fixes oneplus2 boot
https://github.com/Divested-Mobile/DivestOS-Build/issues/5
2021-05-29 01:12:53 -04:00
Tad
dd938051a5 Small patch fixup 2021-05-27 15:03:47 -04:00
Tad
e9796c45f4 Sync APN list from 18.1 2021-05-27 14:54:50 -04:00
Tad
4af81f4d66 Update CVE patchers 2021-05-27 14:54:07 -04:00
Tad
13bffe05e7 Update CVE patchers 2021-05-21 09:14:31 -04:00
Tad
7b2e2c0bff Sync APN list from 18.1 2021-05-20 06:17:25 -04:00
Tad
ccce1fad9b Update CVE patchers 2021-05-11 17:11:41 -04:00
Tad
731e0e995c Update CVE patchers 2021-05-07 21:48:29 -04:00
Tad
4450921a10 Update CVE patchers 2021-05-03 20:41:32 -04:00
Tad
febec1b60a Update CVE patchers 2021-05-02 17:05:53 -04:00
Tad
5f0ae93a0b Drop the umn patch list
Most seem OK
2021-04-25 11:25:32 -04:00
Tad
5e56dbc90f Use clearer SPDX identifiers 2021-04-22 13:15:43 -04:00
Tad
3770bf469d Add a list of potentially bad commits from umn.edu addresses 2021-04-21 21:40:40 -04:00
Tad
81084a26d7 Update CVE patchers 2021-04-17 11:01:30 -04:00
Tad
d15d4f5757 18.1: updater: fix Tor support 2021-04-17 10:14:29 -04:00
Tad
bdf990a638 Small tweaks
- Remove some changes that have been commented for a while
- Don't remove the QCOM VR repos
- Adjust the default quick tiles
- Don't force hardware layers for recents
- Only generate deltas for update_engine devices
- Cherrypick: Update WebView to 90.0.4430.66
- Adjust yylloc sed line
- Add comments to 17.1 devices explaining why they aren't removed for 18.1 yet
2021-04-14 21:29:12 -04:00
Tad
cc08a358ce 18.1: replace PicoTTS with eSpeak-NG 2021-04-12 21:24:12 -04:00
Tad
a423f977ff Update CVE patchers 2021-04-12 20:53:35 -04:00
Tad
8e496341b5 Small tweaks + ASB cherrypicks 2021-04-08 05:40:22 -04:00
Tad
f48738f944 Update CVE patchers 2021-04-06 20:55:55 -04:00
Tad
d9238f8385 18.1: fix recovery signing
friendly reminder to take a break when dealing with the same issue for extended periods of time
2021-04-06 05:56:47 -04:00
Tad
f3e672fb18 Failed attempt at fixing signing
PRODUCT_OTA_PUBLIC_KEYS is meant to be set by a vendor tree, something
we don't use.

Override it at the source and set it explicitely as well.

This ensures that the compiled recovery.img and the one generated by
sign_target_files_apks.py includes the real public keys for verification.

11.0 signing is ignored.

This will need to be extensively tested as breakage can mean brick on locked
devices.
Although in failure cases it seems test-keys are accepted.

--

After much testing there appears to be a deeper issue with how keys
are inserted into the recovery and handled
2021-04-06 04:07:18 -04:00
Tad
9db9215d6b Small changes
- Disable generation of unused OTA to reduce compile time
- 17.1+: Disable APEX, breaks signing, and is also useless since no Play Store.
- 18.1: Fixup signing
2021-03-31 01:30:17 -04:00
Tad
9ae46b7624 Update CVE patchers
This fixes Fenix causing a reboot on select devices.
2021-03-26 22:51:50 -04:00
Tad
d8712ad62a Update CVE patchers 2021-03-24 16:31:25 -04:00
Tad
5d14e4b4f7 Small changes
- Add m7 and avicii (untested)
- Use low_ram target on <2GB devices
  Silly me, this never did anything due to the git reset...
- Update Chromium WebView cherrypick
2021-03-24 14:43:12 -04:00
Tad
08ea27fd00 Only include Silence when needed
ie. not on tablets without cellular
2021-03-23 21:11:08 -04:00
Tad
529b47039c 18.1: Initial bringup
- Functionality tested on mako and klte
- In-place upgrade from 17.1 tested working on klte
- Compile tested on bacon and klte
- Recovery OTA key patch missing, unsure if still needed.
- Deblobber needs support for removing vintf manifest paths from vendor Android.bp
- Launcher needs more default_workspace grid variants (eg. 4x5)
2021-03-23 12:36:31 -04:00
Tad
c23646ebd5 More cleanup 2021-03-20 16:37:15 -04:00
Tad
add30db605 Drop support for overclocking
These patches have been disabled for years.
2021-03-20 16:23:38 -04:00
Tad
293c386322 More cleanup 2021-03-20 16:21:31 -04:00
Tad
c6f2a5a06d Fixup ef0ee2c3 2021-03-15 01:06:23 -04:00
Tad
ef0ee2c316 Update CVE patchers 2021-03-14 21:59:19 -04:00
Tad
95c2c89271 Add vvm_config.xml to vendor/divsted overlay
Pulled from vendor/lineage on 17.1.
Should fix VVM on 15.1 and 16.0.

d5ecc14106
2021-03-14 19:57:14 -04:00
Tad
a3fbed9da5 Update cherrypicks and small tweaks 2021-03-07 03:04:44 -05:00
Tad
60070a19bd Update CVE patchers
Consider splitting CVE-2020-27067 to restore basic patches.
2021-03-04 15:10:24 -05:00
Tad
f02363ecb4 March 2021 Security Updates 2021-03-04 13:02:10 -05:00
Tad
5a3b13e650 Update CVE patchers 2021-02-28 17:56:07 -05:00
Tad
701f336185 Tiny tweaks 2021-02-28 13:25:55 -05:00
Tad
6d0bc0c57e Update CVE patchers 2021-02-11 15:04:46 -05:00
Tad
41a04ebd36 Update CVE patchers 2021-02-10 15:55:51 -05:00
Tad
553299c409 Small updates 2021-02-08 18:49:01 -05:00
Tad
f1e2e43642 Update CVE patchers 2021-02-07 19:41:46 -05:00
Tad
3c0aaaa803 Update CVE patchers 2021-02-06 13:04:52 -05:00
Tad
820c637f20 Move many old cherry picks in tree for archival/support purposes 2021-02-05 20:00:43 -05:00
Tad
d44eca7187 Update CVE patchers 2021-02-03 19:40:55 -05:00
Tad
31d0b901ae Update cherrypicks 2021-02-03 09:45:26 -05:00
Tad
bac552732f Small tweaks 2021-01-30 21:34:50 -05:00
Tad
6a1fb99cc9 Unbreak last commit
This should be most of it

also
- properly update webview, repopick doesn't seem to handle the branch
- always cd back to base, to prevent script breakage
2021-01-25 13:31:57 -05:00
Tad
bef3ba0049 Small changes 2021-01-23 23:08:00 -05:00
Tad
b99e1865fe deblobber improvements
- fixup CNE removal to disable Wi-Fi calling
- extend system.prop edits to cover all .props
- remove persist. and ro. from edits to cover all properties
2021-01-18 07:15:11 -05:00
Tad
e9fd952ba2 Many small tweaks
- Remove leftover WireGuard repo missed in 31898834
- Enable the volteOverride, to ensure VoLTE enablement on supported devices on unknown carriers
- Extend volteOverride to support system.prop if vendor.prop doesn't exist (to cover eg. marlin/sailfish)
- Disable commenting of SOUND_TRIGGER flags.
  sountrigger blobs are not removed due to boot breakage.
  disable this and stop patching hardware/qcom/audio.
  Intended to potentially fix phone call audio issues on mata
- Small CVE patcher updates
2021-01-16 21:16:02 -05:00
Tad
f621ff7dda Update CVE patchers
I have absolutely no idea why kernel_oneplus_msm8998 was downgraded
4.4.241 to 4.4.205
https://github.com/LineageOS/android_kernel_oneplus_msm8998/tree/backup/lineage-17.1_20210108_1948
2021-01-13 04:29:00 -05:00
Tad
b683d40ef3 Small tweaks
- Update cherry picks
- Add star2lte to 15.1 and 17.1
2021-01-09 13:37:07 -05:00
Tad
42b94605f8 Cherrypicks and CVE-2019-2306 patching 2021-01-06 14:04:18 -05:00
Tad
bd4cb22db1 ASB cherry picks 2021-01-05 12:22:42 -05:00
Tad
e62afb602b Sync APN list from 17.1 to all versions
- 15.1: enable hammerhead due to reported bt issues on 16.0
2021-01-04 20:16:33 -05:00
Tad
ff96315fb4 Update CVE patchers 2020-12-30 11:08:19 -05:00
Tad
8b56cd13c6 deblobber: Don't remove CNE
- breaks Wi-Fi calling
- breaks IMS on marlin/sailfish
2020-12-22 13:53:29 -05:00
Tad
d6cf9ec8b0 Many fixes
VoLTE tested working on mata/17.1!
VoWiFi tested working with DOS_DEBLOBBER_REMOVE_CNE=false

- Disable Graphene exec spawning feature, subtly breaks many apps
  Maybe missing some patches?
- Build old versions for devices with broken IMS
- Ensure shell umask is always 0022
- fwb overlay: drop the MMS user-agent overrides
- Drop the BlobBlocker and ModuleBlocker
  They were unused and unkempt.
- Put volteOverride behind DOS_DEBLOBBER_REMOVE_IMS and comment it
2020-12-22 04:00:12 -05:00
Tad
356c743cd8 Update cherrpicks 2020-12-21 03:44:07 -05:00
Tad
1be184bac9 Small tweaks 2020-12-16 07:48:41 -05:00
Tad
39727cb7c7 Update CVE patchers 2020-12-10 14:09:58 -05:00
Tad
3ec13d6bc8 Update CVE patchers 2020-12-08 10:24:24 -05:00
Tad
e36a91facc Update CVE patchers 2020-12-07 09:36:20 -05:00
Tad
9c691d02ab Update CVE patchers 2020-12-03 22:43:23 -05:00
Tad
09722044b0 Update CVE patchers 2020-11-29 19:06:06 -05:00
Tad
69c8bdfb22 Update CVE patchers 2020-11-26 09:03:45 -05:00
Tad
445582fe2a Update CVE patchers 2020-11-19 17:15:55 -05:00
Tad
9d7e5a24a3 License headers 2020-11-17 10:19:06 -05:00
Tad
523264aebb Update CVE patchers 2020-11-12 23:46:38 -05:00
Tad
dc5b1d91f2 Update CVE patchers 2020-11-06 16:15:16 -05:00
Tad
6a5866c01d More failed attempts at fixing IMS
Keeping IMS, RCS, CNE, ATFWD, and allowing ims* to access /dev/diag:
IMS service still fails to register on mata

Is it the carrier?
Is it the phone?
Is it LineageOS?
Is is DivestOS?
Absolute mess.
2020-11-02 19:24:56 -05:00
Tad
9f01dc038c Small changes
- SUPL NTP fix
- Remove debug info from dexpreopt, saves a few MB
- 15.1+: enable full dexpreopt, for perf and memory benefits
- 17.1: change oneplus/msm8998-common kernel
- 17.1: add OpenCamera to AUX list
- Resurrect verity for devices missed previously
- Update some CVE patchers
- deblobber: remove some lingering atfwd blobs
2020-11-02 06:28:06 -05:00
Tad
3926f3a44f Small updates
- Various rebranding fixes
- 17.1: hold off on Seedvault inclusion for now
- 17.1: update kernel/fxtec/msm8998 CVE patcher
- 17.1: build cheeseburger/dumpling
2020-10-31 15:16:25 -04:00
Tad
5ec84b9f7b Update CVE patchers 2020-10-30 14:35:12 -04:00
Tad
b89cc98001 Small updates 2020-10-27 21:40:20 -04:00
Tad
1b4b86c38d Tiny tweaks 2020-10-23 14:49:16 -04:00
Tad
b0857599d6 Drop ISSUES.md
Moved to website
https://divestos.org/index.php?page=browsers
1d5bc9d979
2020-10-21 11:54:36 -04:00
Tad
0958df7de5 deblobber: remove more blobs 2020-10-20 10:45:57 -04:00
Tad
00a6a86126 deblobber: fixup timekeep replacement, credit Wang Han/aviraxp 2020-10-20 05:39:06 -04:00
Tad
d889ae4642 Update CVE patchers 2020-10-17 15:28:42 -04:00
Tad
688f4dd953 More CVE patcher fixes 2020-10-15 21:31:46 -04:00
Tad
cc64ce1634 Update CVE patchers 2020-10-14 16:28:07 -04:00
Tad
6c9c91941e Fix errors from compile test of all 14.1 kernels 2020-10-14 14:23:22 -04:00
Tad
d53a4f4e41 Update CVE patchers
- Drop tcp_sack=0 sysctl, as most devices are now patched
2020-10-12 18:38:07 -04:00
Tad
115dd21832 Many changes
- 17.1: Add Pixel 4/XL
- Promote klte to 17.1
- hardenBootArgs: don't run on klte
- hardenBootArgs: regorganize
- hardenDefconfig: enabler: drop unnecessary options (iommu)
- hardenDefconfig: disabler: comment diag options for now
- deblobber: comment dirac lines to fix cheeseburger headphone jack
- fixup Etar replacement
2020-10-11 07:12:00 -04:00
Tad
496fddb303 Replace calendar with Etar, and drop LocalCalendar 2020-10-11 04:12:16 -04:00
Tad
260140f0a1 Update CVE patchers 2020-10-10 11:56:35 -04:00
Tad
83c0570e59 Update AOSP CVE list to October patches 2020-10-07 01:59:48 -04:00
Tad
8bdad21040 Update CVE patchers 2020-10-06 23:36:29 -04:00
Tad
b56fabac3b Update CVE patchers
I expect some breakage here
2020-10-06 21:14:18 -04:00
Tad
bf9167f442 Update CVE patchers 2020-10-05 21:38:25 -04:00
Tad
46c1a74ef3 17.1: Fixup TTS 2020-09-25 11:38:26 -04:00
Tad
92f7f37096 Update CVE patchers
Fix CVE-2020-25221 breakage
2020-09-25 09:27:12 -04:00
Tad
bc7cf7af0a Update CVE patchers 2020-09-25 06:55:18 -04:00
Tad
a9812ba729 17.1: Rebase microG patches 2020-09-24 08:02:27 -04:00
Tad
92879ec2a4 Update CVE patchers 2020-09-23 06:31:34 -04:00
Tad
3bc1463017 Update CVE patchers 2020-09-18 10:36:01 -04:00
Tad
8c1e8ee3e3 Update CVE patchers 2020-09-17 15:35:48 -04:00
Tad
6e16320468 Small fixes 2020-09-13 19:52:37 -04:00
Tad
d16a362141 ASB cherry picks + Fixup 2f83043c
TODO: rm -v kernel/*/*/drivers/staging/greybus/tools/Android.mk
2020-09-12 08:29:09 -04:00
Tad
4c29ac36d2 Update CVE patchers 2020-09-09 19:00:03 -04:00
Tad
76fcd8a0d4 Update CVE patchers 2020-09-08 18:19:52 -04:00
Tad
bca6af1516 Small updates
- recovery: abort on serial number specific updates, credit: GrapheneOS
- Add lists of missing CVEs
- Update cherrypicks
2020-09-02 14:20:51 -04:00
Tad
826949e6df Small updates 2020-08-22 10:18:29 -04:00
Tad
2f83043c68 14.1+15.1: GPS week rollover fix
16.0: 279492
17.1: 278135

also switch to alternate Xtra servers
https://developer.gemalto.com/threads/gps-time-info-error
2020-08-09 12:30:47 -04:00
Tad
887ebb84c5 Update CVE patchers
Includes many fixes for a69326f3
but probably breaks other things
2020-08-09 07:29:19 -04:00
Tad
a69326f396 Update CVE patchers
Untested. I expect some breakage.
2020-08-08 13:06:39 -04:00
Tad
af54500797 Update CVE patchers 2020-08-03 18:15:27 -04:00
Tad
a6a59309ed More small fixes 2020-07-13 21:28:17 -04:00
Tad
2675404f86 14.1: move n-netd cherry picks in tree 2020-07-13 20:15:08 -04:00
Tad
e8f13920bb Cherry picks 2020-07-08 16:39:26 -04:00
Tad
c715d549a7 Update CVE patchers 2020-07-07 01:57:39 -04:00
Tad
d9a61e1dea Fix GPG signing 2020-06-27 01:45:02 -04:00
Tad
b2b9eb7ffc Potential fix for phone call audio on shamu and others 2020-06-17 15:20:02 -04:00
Tad
5797ea8fc4 Small fixes
CVE-2019-14047/ANY/0002.patch will probably need to be disabled on more devices
2020-06-02 17:33:27 -04:00
Tad
ca77d36357 Update CVE patchers 2020-06-02 02:23:57 -04:00
Tad
694f270d75 Initial bringup of many devices to 17.1 2020-05-31 15:10:32 -04:00
Tad
31d6ab5299 Update CVE patchers 2020-05-28 23:06:53 -04:00
Tad
5106063cb5 Drop many more repositories 2020-05-24 20:07:03 -04:00
Tad
7af3c42325 Minor fixes 2020-05-23 23:31:05 -04:00
Tad
4c1577724f Small changes
- hardenDefconfig: more options from Alexander Popov's checker
- 17.1: A2DP fix from GrapheneOS when hardened_malloc is in use
2020-05-23 18:06:22 -04:00
Tad
4b376037e0 Update included F-Droid repositories 2020-05-22 22:03:19 -04:00
Tad
25cc3c5a10 Update CVE patchers 2020-05-18 16:25:41 -04:00
Tad
7343973b1d Minor updates
- Update cherrypicks
- 17.1: mata fix usb
- 16.0: whitelist open camera for aux support
2020-05-17 10:04:48 -04:00
Tad
f5462dd23c Minor tweaks 2020-05-13 17:38:39 -04:00
Tad
2aa65e6b16 Cherry picks 2020-05-11 07:57:53 -04:00
Tad
e962fdeb81 Update CVE patchers 2020-05-04 17:18:50 -04:00
Tad
2a0352ba1c Many fixes
17.1: recovery: rebranding reverts
17.1: mata: fix vorbis
17.1: g2/g3: fix Wi-Fi under -user
15.1/16.0: g2/g3: improve misc_block_exception patch
2020-04-30 18:37:41 -04:00
Tad
9fcb91793e Update CVE patchers 2020-04-26 13:24:43 -04:00
Tad
358a0d703b Many changes
- Promote many 16.0 devices to 17.1
- Many build fixes
- Switch to FairEmail
2020-04-25 12:34:49 -04:00
Tad
84300d6611 Small fixes 2020-04-19 13:19:55 -04:00
Tad
98a45b1ee6 Build fixes 2020-04-15 21:38:46 -04:00
Tad
8012903ba1 17.1: Initial bringup
- See items marked with '17REBASE'
2020-04-14 21:21:13 -04:00
Tad
cdd74148b9 Patcher build fixes 2020-04-12 13:58:02 -04:00
Tad
0c89accfb5 Update CVE patchers 2020-04-06 22:23:37 -04:00
Tad
c26b3e95c7 Minor tweaks
- Cherry pick PPP/CVE-2020-8597 patches
- Add some more DNS providers
- Switch default DNS to Cloudflare's new malware blocking provider
- GCC 10 build fix
- Update CVE patchers (select)
2020-04-05 15:53:58 -04:00
Tad
01843b6b2b Update incrementals 2020-03-02 19:33:43 -05:00
Tad
50f44d1934 Small changes
- cheeseburger/dumpling: fix ogg vorbis playback, credit @LuK1337
- cheeseburger/dumpling: fix delta ota generation
- remove a few more blobs
- potentially bluetooth when ant is removed on newer devices
- support newer clamav
- commented support for extracting boot.img when recovery.img isn't available
-- fastboot.zip should be preferred
- potentially fix boot on many untested newer devices (diag on msm8996+)
- update cherry picks
2020-02-24 18:53:27 -05:00
Tad
4292bcaa3e recovery: fix sideload with larger files
+ 16.0: add a disabled patch to remove backuptool
+ processRelease: add support for copying recovery image to archive
2020-02-23 16:06:47 -05:00
Tad
fe54dd26a6 Fix many device issues
- Fix mata
- Fix cheeseburger
- Enable near-entire IMS stack (proprietary)
- Fix many other new devices
2020-02-22 13:29:01 -05:00
Tad
2734a075c6 Update CVE patchers 2020-02-03 21:36:49 -05:00
Tad
332807d427 Update CVE patchers 2020-02-02 12:09:49 -05:00
Tad
d87457630a Update cherrypicks 2020-01-26 21:17:33 -05:00
Tad
d3f28918e5 Update CVE patchers 2020-01-06 18:25:36 -05:00
Tad
d8c2a56124 Update CVE patchers 2019-12-11 20:21:14 -05:00
Tad
4610cd9bde Update CVE patchers
CVE-2019-19252 was dropped
dependent on d21b0be246
2019-12-03 06:12:46 -05:00
Tad
7ef8a2726d Minor tweaks 2019-11-28 12:03:40 -05:00
Tad
a8cc390c3d 14.1: cherrypicks 2019-11-24 20:14:23 -05:00
Tad
f90b62982b Update CVE patchers 2019-11-24 20:13:55 -05:00
Tad
038ae37376 Minor tweaks 2019-11-24 16:22:58 -05:00
Tad
baabd45a16 Minor tweaks + ASB cherrypicks 2019-11-10 02:34:40 -05:00
Tad
d64534a7c1 Update CVE patchers 2019-11-04 21:04:49 -05:00
Tad
1a7897211a 16.0: add Amber 2019-10-29 17:37:43 -04:00
Tad
791087fefa minor tweaks 2019-10-27 16:20:27 -04:00
Tad
640ef60b83 Move many old cherry picks in tree for archival/support purposes 2019-10-19 22:03:59 -04:00
Tad
204285d7c8 kernel command line: enable hardening options 2019-10-18 22:14:28 -04:00
Tad
159e5ea194 Minor tweaks
- Update cherry picks
- Update copyright year
- bacon: fix delta generation
2019-10-11 13:24:38 -04:00
Tad
579f340c3c Update CVE patchers 2019-10-04 14:43:19 -04:00
Tad
f20ddfc0f6 Minor tweaks 2019-10-04 10:39:27 -04:00
Tad
79ec8a4999 clark: experimental 16.0 2019-09-28 17:37:18 -04:00
Tad
e01e457b24 Per-device signing keys
- also fix OTA/recovery key regression
- Update cherrypicks
2019-09-15 22:18:04 -04:00
Tad
19d5b66097 Many changes
- ASB chery picks
- 16.0: recovery: fix sideload
- Restore releasetools for some devices
- Only include Backup where supported
- Change some small defaults
- z00t: 14.1 -> 15.1
- himaul: 14.1 -> 15.1
- i9100: 14.1 -> 15.1+16.0
- flo: 15.1 -> 16.0, disabled
- flounder: 15.1 disabled, enable 14.1
2019-09-13 20:24:02 -04:00
Tad
09b38c1f04 marlin/sailfish: fix MediaProvider using 100% CPU
- by disabling mtp over functionfs
- affects both GrapheneOS and LineageOS
- might need to be applied to other devices

[pid  2482] ppoll([{fd=42, events=POLLIN}, {fd=51, events=POLLIN}], 2, {tv_sec=0, tv_nsec=0}, NULL, 0) = 0 (Timeout)
lrwx------ 1 u0_a13 u0_a13 64 2019-09-05 18:47 42 -> /dev/usb-ffs/mtp/ep0
lrwx------ 1 u0_a13 u0_a13 64 2019-09-05 18:47 51 -> anon_inode:[eventfd]

https://forum.xda-developers.com/android/help/pixel2-help-diagnose-android-process-t3863274
https://bugs.chromium.org/p/chromium/issues/detail?id=947901
2019-09-06 09:38:01 -04:00
Tad
1a7291aa36 Minor changes
- Cherry picks
- New default wallpaper, credit: Pawel Czerwinski, UmzGrVna1P0
2019-09-05 04:23:28 -04:00
Tad
9ce8cdb9b6 Add Steve Soltys' Backup app 2019-09-04 06:40:05 -04:00
Tad
ec48a4c89c Update CVE patchers 2019-09-04 01:31:12 -04:00
Tad
db572efa89 Many changes
- processRelease: Support AVB
- sort device build order by SoC

Additions:
- taimen/muskie: 15.1, 16.0
- crosshatch/blueline: 16.0
- bonito/sargo: 16.0
2019-09-03 16:50:50 -04:00
Tad
1bd0e47099 victara: 15.1 -> 16.0
- other fixes
2019-08-30 22:42:10 -04:00
Tad
330df0983c 16.0: Add GrapheneOS' exec-based spawning feature + misc tweaks
- patch credit updates
- 16.0: allow SystemUI to directly manage Bluetooth/WiFi
 - from GrapheneOS
- cleanup
2019-08-30 02:30:13 -04:00
Tad
e10a865b05 Improve release processing to support deltas and archiving 2019-08-29 19:09:31 -04:00
Tad
057bedb65b Minor tweaks
- 14.1+15.1+16.0: enable kernel protections for files
 - protected_*: hardlinks, symlinks, fifos, regular
 - from GrapheneOS
- defconfig: enable more verity options
- cleanup
2019-08-28 20:24:59 -04:00
Tad
db348ab09c Minor tweaks
- 15.1+16.0: Replace in-line build signing patch with bash function
 - From GrapheneOS/script
- 15.1+16.0: Enable fingerprint failed lockout after 5 attempts
 - From GrapheneOS
2019-08-28 00:40:27 -04:00
Tad
68cdef8733 Minor tweaks 2019-08-26 20:50:28 -04:00
Tad
89de66bdba Many small changes
- Cherrypicks for ASB patches
- Apps: Switch gallery to Simple Gallery
- Apps: Switch camera to OpenCamera
- PKGBUILD: update with image optimization dependencies
- Deblobber: fix bug introducted in 6d33e4ecbf
2019-08-08 14:22:24 -04:00
Tad
aee6b66dd8 Update CVE patchers 2019-08-05 16:03:41 -04:00
Tad
bad890614e Update CVE patchers 2019-07-21 09:47:10 -04:00
Tad
34d1bbe155 Minor updates 2019-07-21 07:36:02 -04:00
Tad
6458d6785f Enable IPv6 privacy extensions 2019-07-05 16:47:59 -04:00
Tad
a29825f6e1 Update CVE patchers 2019-07-01 18:06:05 -04:00
Tad
e41d053f00 Minor updates
- drop usage stats patch, causes Settings to crash
2019-06-27 23:01:28 -04:00
Tad
55c3072089 Going the distance... [pt2] 2019-06-18 13:51:04 -04:00
Tad
c15105d945 Update CVE patchers 2019-06-17 23:26:38 -04:00
Tad
1d67143181 Update CVE patchers 2019-06-08 04:09:24 -04:00
Tad
d7078bafd6 Update CVE patchers 2019-06-03 18:41:24 -04:00
Tad
bb72bccbeb Two hardening patches from @MSe1969
+ a backport of browser location restriction patch to 14.1 and 15.1
  by @syphyr
2019-06-02 19:25:29 -04:00
Tad
163fdb1f68 Minor updates 2019-05-31 21:13:39 -04:00
Tad
40d6db0326 divestos.xyz > divestos.org 2019-05-23 11:34:26 -04:00
Tad
8030a63a2a 11.0: fixes 2019-05-17 23:26:25 -04:00
Tad
380353773e Fixes 2019-05-17 20:48:26 -04:00
Tad
899812864f Update CVE patchers 2019-05-14 21:04:55 -04:00
Tad
223c5d1a2c Disable temperature monitoring
Breaks boot after 9.0 May security ASB:
- thermal service unavailable
- power service hooks thermal service
- keyguard service hooks power service
- no keyguard = no system ui
- no system ui = rescue party engages
- rescue party goes into recovery demanding factory wipe

see commit:
fwb: DO NOT MERGE Implement USB High Temperature warning dialog
2019-05-12 13:42:06 -04:00
Tad
aaa44f058e Update license 2019-05-09 06:43:09 -04:00
Tad
f59c77f00c Cherrypicks 2019-05-06 16:29:58 -04:00
Tad
9e2dd548d8 Disable LiveDisplay by default for performance reasons 2019-04-17 00:23:42 -04:00
Tad
20c8c7525c Misc tweaks
- 15.1: Contacts: remove Privacy Policy and Terms of Service links
  - from GrapheneOS
- cherry picks
2019-04-06 22:55:14 -04:00
Tad
974cc3b3f8 16.0: recovery has been updated
but leave it disabled because it doesn't boot
2019-04-04 23:33:10 -04:00
Tad
25cc717ec2 Use GrapheneOS' hardened memory allocator
+ 16.0: some other misc hardening patches from GrapheneOS
  - always restrict access to Build.SERIAL
  - don't grant location permission to system browsers
  - fbe: pad filenames more
+ 16.0: Contacts: remove Privacy Policy and Terms of Service links
2019-04-04 01:07:58 -04:00
Tad
60cf364f19 Minor tweaks
- init.sh: sort options
- overlay: leave radioScanningTimeout default
- hardenDefconfig: disable more components with CVEs
- cherry picks
- 16.0: trebuchet: tmp fix for default workspace overlay
2019-04-03 19:04:37 -04:00
Tad
1c49b80da0 Minor tweaks
- CVE patchers were updated with no change
- hardenDefconfig: disable MSM_SMP2P_TEST to mitigate CVE-2019-2247
- 14.1 add a cherry pick
2019-04-01 18:57:04 -04:00
Tad
dd7e4c3faf Remove more blobs 2019-03-22 05:28:57 -04:00
Tad
e344b17a36 Build fixes + new blob blocker 2019-03-22 04:20:06 -04:00
Tad
23f8759937 Remove some unneeded packages 2019-03-12 20:40:31 -04:00
Tad
cfe766be09 Tweaks 2019-03-11 18:19:50 -04:00
Tad
b1455b641d Update CVE patchers 2019-03-08 15:15:46 -05:00
Tad
5607db2e0b Update CVE patchers
- More aggressively attempt to apply incremental patches by
  ignoring the current subversion, as it is common for it to be 0
  Hopefully I won't have to revert this
2019-03-04 21:41:55 -05:00
Tad
9e897989d1 Update CVE patchers 2019-03-04 20:18:29 -05:00
Tad
f5d99c938b 16.0: More bringup 2019-03-04 05:53:51 -05:00
Tad
afe719ffc4 16.0: Initial bringup
- 14.1/15.1: Remove @ValdikSS' bluetooth patches
- 15.1: Cleanup
2019-03-04 02:45:54 -05:00
Tad
83478880ef WireGuard kernel module inclusion support 2019-03-04 00:06:22 -05:00
Tad
bc63feedc9 Update CVE patchers 2019-02-21 06:25:47 -05:00
Tad
fccc124868 tuna fixes + fdroid priv changes 2019-02-14 04:36:50 -05:00
Tad
b9ff7a74e6 Updates and fixes 2019-02-12 16:09:41 -05:00
Tad
ffabfb3616 14.1: fix maguro denials 2019-02-09 14:47:55 -05:00
Tad
9178760d1a Updater: Fix downloads over Tor
+ Update TODO
+ Minor tweaks
2019-02-08 20:58:15 -05:00
Tad
aa9b5499e6 Updates 2019-02-07 11:15:29 -05:00
Tad
15237becbb Update CVE patchers 2019-02-04 16:03:59 -05:00
Tad
378971497c 14.1: Support unified tuna 2019-02-01 02:53:13 -05:00
Tad
0ea1d37f0c Minor changes
- Update cherrypicks
- Update submodules
- Add some comments
2019-01-28 21:54:45 -05:00
Tad
ec3ffa38f2 Fixup CVE patchers 2019-01-07 19:42:25 -05:00
Tad
d8aac4c07b Update CVE patchers 2019-01-07 17:07:00 -05:00
Tad
c27f226269 Properly fix network mode patch 2018-12-29 12:19:27 -05:00
Tad
66a38a4705 Fixup network modes patch on 14.1 2018-12-28 14:53:23 -05:00
Tad
0df749ef73 Add more preferred network modes such as LTE Only, LTE/3G only, and 3G only 2018-12-28 08:02:24 -05:00
Tad
c07027dd97 Many changes
- Update CVE patchers
- Update submodules
- Update defconfig enablers
- Update DNS IP addresses
- + Misc changes
2018-12-24 23:29:56 -05:00
Tad
6c4eadcdc7 Manifest cleanup + always remove latemount from /cache
formatting/erasing /cache will result in selinux contexts being lost
these are normally restored by system/core/rootdir/init.rc in post-fs
but latemount causes /cache to not be mounted beforehand
preventing it from ever being fixed
result is broken ota and recovery updates
2018-12-20 17:22:34 -05:00
Tad
c5d2f25797 11.0: nex: switch to -user + add disabled overclock 2018-12-19 02:15:15 -05:00
Tad
a652eb1e23 11.0: Remove the rest of CMStats
Hmm, I don't remember Dialer having stats.
Goddamn spyware.
2018-12-18 23:39:29 -05:00
Tad
bae3092539 11.0: Remove CMStats 2018-12-18 22:08:57 -05:00
Tad
875d6505af F-Droid changes
- Drop Briar repo, its in main repos now and seems to keep in sync
- Switch to official builds of PrivExt
2018-12-18 21:37:35 -05:00
Tad
715cb32468 11.0: Cherrypick ASB topics 2018-12-18 21:36:02 -05:00
Tad
314701f0e8 11.0: Drop grouper + more work 2018-12-18 21:36:01 -05:00
Tad
28b0e915f5 11.0: More restoration work 2018-12-18 21:35:41 -05:00
Tad
01be578137 11.0: Initial restore
I think this is like the 6th time I've done this.
I always remove it, wait a few months, pull out a device that I want to run it on
and then spend hours restoring and bringing it back. I always think to myself
do I really need to toy with this device? No, I don't, but I do it anyway. :)
2018-12-18 21:35:14 -05:00
Tad
c6206ccd7e Minor updates 2018-12-17 17:59:12 -05:00
Tad
982462aa00 Update CVE patchers 2018-12-04 17:21:39 -05:00
Tad
6ea39e0a0f Updates 2018-11-13 17:33:49 -05:00
Tad
5be6227a8b Minor updates + Update CVE patchers 2018-11-06 21:09:35 -05:00
Tad
34be4797ea Switch to official F-Droid 2018-10-20 16:26:42 -04:00
Tad
95959a0d89 Many changes
- Add back microG support (not enabled)
- Add choice between DNS66 and Blokada when $DOS_HOSTS_BLOCKING=false
2018-10-19 18:28:18 -04:00
Tad
5696da8d0c Many changes
- 15.1: Update some CVE patchers
- 15.1: Address some mako denials
- 14.1: Add cherrypicks for various security patches
- Common: Prepare for F-Droid additional repos
- Common: Disable overclock for mako
- Misc tweaks
2018-10-19 09:55:08 -04:00
Tad
586f967667 Minor updates 2018-10-14 20:21:06 -04:00
Tad
136bb520aa Update CVE patchers 2018-10-01 22:45:00 -04:00
Tad
776be6f992 Backport Updater Tor support patch to 14.1 2018-09-24 06:46:54 -04:00
Tad
08c65c8334 Patches to add captive portal check toggle from @MSe1969 2018-09-22 21:05:41 -04:00
Tad
b50352bc8e Updater: Add initial Tor support 2018-09-20 21:45:58 -04:00
Tad
51fd815236 Update CVE patchers 2018-09-13 21:53:30 -04:00
Tad
f8a438b32a Update CVE patchers 2018-09-12 15:45:35 -04:00
Tad
e5b588265c Add function to always ensure discard mount option is enabled 2018-09-11 19:53:50 -04:00
Tad
8d79a008ff hardenDefconfig: Ensure IOMMU is enabled 2018-09-05 04:53:42 -04:00
Tad
98762a1ccf Update included apps 2018-08-30 23:11:14 -04:00
Tad
54ecd7ae21 hardenDefconfig improvements 2018-08-24 20:00:43 -04:00
Tad
9fb6c648d9 Partial revert of 1983d9a8f7 2018-08-24 00:26:35 -04:00
Tad
642f978509 Experimental Bluetooth audio quailty improvement patches, credit @ValdikSS 2018-08-23 22:31:43 -04:00
Tad
9cbc514c59 Initial support for geminipda 2018-08-23 18:50:13 -04:00
Tad
c3f480b867 Updates 2018-08-17 19:22:00 -04:00
Tad
17340a0963 Update CVE patchers 2018-08-10 21:03:28 -04:00
Tad
db3b42ae4f Update CVE patchers + misc fixes 2018-08-08 20:23:26 -04:00
Tad
46b1b409c9 Update CVE patchers 2018-08-06 21:32:33 -04:00
Tad
4136ab17b8 Updates 2018-08-04 09:15:22 -04:00
Tad
94f1382077 Updates 2018-07-25 21:56:11 -04:00
Tad
e3dcb260aa Update CVE Patchers
- and add initial rpi3 support
2018-07-22 09:37:23 -04:00
Tad
9af1881a89 Many changes
- 15.1: Fix build
- 15.1: Add jfltexx
- 15.1: Add CVE patchers for jf and fugu
- Manifests: Add Intel repos back
- Overlay: Add more default apps to launcher
- Remove more blobs
2018-07-19 22:15:20 -04:00
Tad
3c2fae77d5 Switch DNS to Cloudflare and fixup F-Droid Provisioner
- OpenNIC anycast seems to have disappeared and their main site is also down
2018-07-15 12:33:16 -04:00
Tad
bf1256f182 Final overlay fixes 2018-07-13 22:04:42 -04:00
Tad
3027afedd8 Overlay tweaks 2018-07-13 17:54:16 -04:00
Tad
df213a8b19 Overlay fixes and F-Droid additional repos prep 2018-07-13 17:43:14 -04:00
Tad
5ae0eb7a92 More overlay work 2018-07-13 15:35:09 -04:00
Tad
2f50e7c142 Overlay fixes 2018-07-13 01:45:38 -04:00
Tad
91a6b29806 More overlay work 2018-07-13 01:02:41 -04:00
Tad
2ee7a13a80 More overlay work 2018-07-12 22:43:28 -04:00
Tad
2c6ba127d4 More overlay work 2018-07-12 22:29:21 -04:00
Tad
f95b73fe06 More overlay work 2018-07-12 22:19:30 -04:00
Tad
9dec3c7018 More overlay work 2018-07-12 22:12:55 -04:00
Tad
1dc92478ed Many changes
- Drop Copperhead patches
- More overlay work
2018-07-12 22:05:02 -04:00
Tad
39740b384f Drop KitKat (for the third time?) 2018-07-12 21:29:43 -04:00
Tad
79972d393c DNM: WIP: Migrate to a proper vendor overlay for most changes 2018-07-12 21:27:01 -04:00
Tad
db0bcf60f3 Official F-Droid preparation 2018-07-12 21:25:43 -04:00
Tad
cb8fdaf3f5 Low RAM tweaks 2018-07-11 14:20:15 -04:00
Tad
5af16e1ddd Add build option to enable lowram/go on all devices 2018-07-10 21:45:11 -04:00
Tad
746c925a22 14.1: Improved grouper perf tweaks 2018-07-10 19:45:48 -04:00
Tad
8b2902fd94 Tweaks 2018-07-10 17:59:03 -04:00
Tad
da5485d873 11.0: More work 2018-07-10 09:28:01 -04:00
Tad
966f4a5baf 11.0: More work 2018-07-10 08:29:08 -04:00
Tad
5716c58485 11.0: More work 2018-07-10 08:07:19 -04:00
Tad
05a5c7c38c 11.0: More fixes 2018-07-09 22:16:52 -04:00
Tad
bd5b0f6146 Tweaks 2018-07-07 02:37:00 -04:00
Tad
ae0d89ee8a Many changes
- Switch to new HOSTS list
- Minor tweaks
- 14.1: Fix default Trebuchet workspaces
2018-07-04 15:35:16 -04:00
Tad
08bb0a87cc Remove Android CVE patches 2018-07-03 03:34:24 -04:00
Tad
33c6980b88 Cleanup 2018-07-03 03:29:08 -04:00
Tad
31444ad3c8 Update CVE patchers 2018-07-02 23:16:36 -04:00
Tad
60a651008e Changes
- Deblobber improvements and cleanup
- Fixup starlte
2018-07-01 00:34:34 -04:00
Tad
303fe971ed Many changes
- 14.1: Fixup previous commits
- 15.1: Add mata
- Deblobber: Remove more blobs (audiofx, cne, hdr, ims-rtp)
2018-06-28 20:11:20 -04:00
Tad
29ace39eb9 Fixup previous 2 commits + misc tweaks 2018-06-27 12:04:42 -04:00
Tad
5d4d12b324 14.1: Add back all devices that were moved to 15.1 2018-06-27 09:17:50 -04:00
Tad
746b695d6a Deduplicate updater patches 2018-06-27 08:43:12 -04:00
Tad
e65234f8eb Many changes
- Allow OTA server to be set from init.sh
- Fix link updating from Rebrand.sh
- Update CVE patchers
2018-06-26 21:47:45 -04:00
Tad
af9126ffcb More deduplication
- Deduplicate Trebuchet default workspaces
- Deduplicate LatinIME patches
- Deduplicate SetupWizard assets
- And fix a typo with grouper overclock
2018-06-26 21:25:59 -04:00
Tad
14b5b95cb8 Add overclocks for grouper 2018-06-26 13:58:08 -04:00
Tad
6746942f30 14.1: Add grouper 2018-06-26 05:57:22 -04:00
Tad
ee4ea5072b Many changes
- Fixed UnifiedNLP not registering
- Inlined location provider patch
- Simplified generateBootAnimationShine
- Add notes about inclusion of other apps
- Replaced microG with just UnifiedNLP
2018-06-25 14:19:38 -04:00
Tad
c914a655a5 Fixup previous commits 2018-06-25 10:16:32 -04:00
Tad
97248d28f2 Implement choice of UnifiedNLP only or full microG 2018-06-25 09:31:31 -04:00
Tad
f6cdc9426c Many changes
- Remove proprietary audio enhancement blobs
- Remove AudioFX to prevent crashes after blobs are removed
- Deduplicate patches a bit with the new Patches/Common directory
- Switch boot animation shine generation from gradient to plasma
- Update submodules
2018-06-25 07:59:24 -04:00
Tad
3a3fe5aca9 Replace DNS patches with a function + some misc fixes 2018-06-24 01:27:33 -04:00
Tad
5772b68224 Update CVE patches + more globbing fixes 2018-06-23 03:39:01 -04:00
Tad
af94760587 Remove msm8992 overclocks 2018-06-23 00:23:34 -04:00
Tad
a0ce912d99 Add Provisioner repo to F-Droid and fixup previous deblobber changes 2018-06-17 19:42:17 -04:00
Tad
2ed7a8a874 init.sh: add options to control extra parts of the deblobber 2018-06-13 07:07:47 -04:00
Tad
8eeafdd09f Changes for trust_interface and other misc tweaks 2018-06-10 19:00:02 -04:00
Tad
b10f0a97dc Update CVE patchers + misc fixes 2018-06-05 00:35:42 -04:00
Tad
eeba3fd873 Going the distance... 2018-06-03 14:13:59 -04:00
Tad
bf8f1e4d3d More fixes and cleanup 2018-06-02 18:34:15 -04:00
Tad
2fb4b7f5f1 Add option to disable inclusion of microG 2018-06-02 17:37:21 -04:00
Tad
fe6f853746 mako: add back LTE support patch 2018-05-30 03:45:43 -04:00
Tad
ab9487fea1 Tweaks 2018-05-29 13:30:37 -04:00
Tad
f9f893a443 Hamper the ad/analytics libraries! 2018-05-21 05:28:07 -04:00
Tad
67db210756 Many changes
- 15.1: Fixup ether here too
- Change F-Droid application id to allow installation of official F-Droid side by side
- Remove FDroidPriv patch and use sed instead
- Optimize: Switch VM_MAX_READAHEAD to 512KB
- Misc tweaks
- Update TODO
2018-05-20 23:30:40 -04:00
Tad
dfaf44387b Update CVE patchers 2018-05-17 16:42:42 -04:00
Tad
f30d5cd7f2 Update links 2018-05-13 22:21:42 -04:00
Tad
5695712cf4 Many changes
- Add support to scan for malware in certain directories
- 15.1: Add new device, griffin
- Note deprecation status of various devices
- Add a few blobs to the deblobber
2018-05-10 23:46:18 -04:00
Tad
966c9c8509 Change connectivity check URLs 2018-05-08 20:56:02 -04:00
Tad
e22d028cbd Switch DNS back to OpenNIC for now 2018-05-08 16:04:41 -04:00
Tad
f5fd480f56 Update CVE patchers 2018-05-07 16:20:58 -04:00
Tad
2054759724 Fix inclusion of LocalCalendar 2018-05-03 10:22:04 -04:00
Tad
ee6788df1e Switch from OpenNIC to Cloudflare DNS 2018-05-03 07:38:32 -04:00
Tad
8220c2fd11 Prepare potential future inclusion of DNS66 2018-04-28 21:50:06 -04:00
Tad
b30c62629b Revert "Strong AES patch changes"
This reverts commit 60b85e10fe.
2018-04-28 15:35:53 -04:00
Tad
60b85e10fe Strong AES patch changes 2018-04-28 15:25:42 -04:00
Tad
999c94d2de Update CVE patchers 2018-04-28 00:43:08 -04:00
Tad
5f18a38e8f 15.1: Remove Lineage logo from recovery 2018-04-24 12:16:46 -04:00
Tad
f122ccb9f1 Many changes
- Disable patches with restrictive licenses by default
- Update LICENSE
- Fixup the fix for F-Droid building
- 15.1: Fix forceencrypt on mako
- 15.1: Fix crashes when accessing factory reset and development settings menus
 on devices without support for factory reset protection or oem unlocking
2018-04-23 15:42:27 -04:00
Tad
28600556b4 Many changes
- Add a variable to control inclusion of patches under a restrictive license
- Fix F-Droid building
- Add a buildDeviceDebug function that disables signing
- Misc tweaks/cleanup
- 15.1: Revert trust_interface cherry picks until official
2018-04-23 08:44:50 -04:00
Tad
f041047983 15.1: Initial deny new usb support from CopperheadOS
This is an extremely powerful security feature with minimal downsides.
Original credit goes to Grsecurity
Android port goes to Copperhead
2018-04-22 11:35:56 -04:00
Tad
28de039beb Update CVE patchers 2018-04-22 02:41:18 -04:00
Tad
a45a9be0e9 15.1: Updates & Fixes 2018-04-19 21:26:11 -04:00
Tad
b8937a6400 14.1: Fix herolte, both: replace Gallery2 with CameraRoll 2018-04-14 02:27:01 -04:00
Tad
de78fb8b9a Update CVE patchers 2018-04-13 15:29:21 -04:00
Tad
1fa75dcb65 15.1: More fixes 2018-04-12 09:26:03 -04:00
Tad
a914c813b0 15.1: Fixes, 14.1: Cleanup 2018-04-10 19:24:39 -04:00
Tad
f3a92223a5 Fix updater 2018-04-06 21:50:20 -04:00
Tad
fcea2b8d1d Lots of cleanup
- Some overclocks might be missing'
2018-04-06 14:10:43 -04:00
Tad
a661c4cde5 14.1: Drop mako 2018-04-06 13:58:48 -04:00
Tad
b2d1b93dcb 14.1: Drop bacon and m8, 15.1: Many more fixes 2018-04-04 21:24:08 -04:00
Tad
7933a5a1fc Many changes
- Remove LineageOS 11.0 again
- 15.1: Cleanup
- 15.1: More cherry picks
2018-04-03 18:36:22 -04:00
Tad
7a29793ee5 15.1: Really fix build signing 2018-04-03 14:55:28 -04:00
Tad
8e475113ef Update build signing patches 2018-04-03 12:34:00 -04:00
Tad
fa2987d3dc 15.1: More fixes and cleanup 2018-04-03 10:56:28 -04:00
Tad
42da60142c 15.1: Many fixes 2018-04-03 09:10:49 -04:00
Tad
f186d33fdb 15.1: minor fixes 2018-04-03 05:08:13 -04:00
Tad
421cbe65b3 Add back LineageOS 11.0 support again
Why do I keep doing this?
2018-03-31 19:03:43 -04:00
Tad
4f9299f900 Update CVE patchers 2018-03-30 21:47:33 -04:00
Tad
147ab4667e SetupWizard: Switch to our (temp) logo 2018-03-28 16:14:03 -04:00
Tad
8a9cd5c57c SetupWizard: Remove Lineage logo until we can replace it 2018-03-28 01:15:59 -04:00
Tad
e634a22758 14.1: Update default workspaces 2018-03-28 01:07:36 -04:00
Tad
2d8bab800c Many Changes
- Remove more projects via manifests
- Fix FDroidPrivExt inclusion
- 14.1: Remove Jelly
- Remove leftovers from LG G2
2018-03-23 12:37:26 -04:00
Tad
800bd2f985 Move Fennec DOS shim to PrebuiltApps repo 2018-03-23 10:00:33 -04:00
Tad
d9318b61e6 Fix zip name and Fennec DOS shim 2018-03-23 09:37:08 -04:00
Tad
e533bc7607 Cleanup 2018-03-22 08:32:01 -04:00
Tad
3ceff683a8 Rebase FDroidPriv patch and cleanup privacy guard changes 2018-03-21 20:50:45 -04:00
Tad
2a1b88cab3 Cleanup 2018-03-18 12:48:08 -04:00
Tad
f5e2d2dece Many fixes 2018-03-14 14:31:08 -04:00
Tad
e4435f9eac Tweaks and cleanup 2018-03-14 00:41:05 -04:00
Tad
4053ad6082 Initial support for including prebuilt apps from F-Droid
FDroid will come later, microG will probably stay as is.
2018-03-13 23:07:41 -04:00
Tad
d111027f4d Many changes
15.1: Update CVE patchers
15.1: Add back automated build signing
14.1: Disable herolte (broken)
14.1: March 2018 Security Bulletin
2018-03-08 22:06:18 -05:00
Tad
9c2272bc03 14.1: Update CVE patchers 2018-03-07 00:07:45 -05:00
Tad
eea5b71bd4 14.1: Drop 5 devices supported by 15.1 2018-03-01 09:51:05 -05:00
Tad
90ecbd9857 15.1: More fixes 2018-02-28 08:22:35 -05:00
Tad
199ffada5b 15.1: Remove analytics from SUW 2018-02-28 08:13:34 -05:00
Tad
ac990f0491 15.1: Cleanup 2018-02-28 08:12:30 -05:00
Tad
994a069deb Remove JustArchi's compiler flag optimizations
While some tasks complete slightly faster overall there are too many downsides
- Too large system images
- Weird compiler errors
- Performance regressions on some devices
- General maintenance overhead

Maybe a less aggressive variant can be brought back in the future
2018-02-25 19:56:29 -05:00
Tad
9cdfc59d5e 14.1: Update CVE patchers 2018-02-19 15:01:57 -05:00
Tad
f7abbe151d 15.1: Even more build fixes 2018-02-12 07:28:04 -05:00
Tad
9b391e88f9 15.1: More build fixes 2018-02-12 07:10:10 -05:00
Tad
910ee5ad76 15.1: Build fixes 2018-02-12 05:28:24 -05:00
Tad
e16aa10199 15.1: Initial building support 2018-02-12 04:57:49 -05:00
Tad
4ee1a52cef 15.1: More aux work on rebase 2018-02-12 04:00:28 -05:00
Tad
96edc2acc6 15.1: Much more work on rebase 2018-02-12 03:43:26 -05:00
Tad
48d9b9daaa Update CVE patchers and add a helper patch function 2018-02-05 19:21:44 -05:00
Tad
d3a231e2be Many build fixes
- Deblobber: sh -> bash (potential fix)
- Mark h815 as broken upstream
- Fix h850
- Fix herolte
- Fix Z00T
2018-01-31 13:14:19 -05:00
Tad
f5e79a3d11 Minor tweaks and update CVE patchers 2018-01-30 02:18:38 -05:00
Tad
ed6b73793b Many changes
- Recovery: Squash menus
- dexpreopt boot of all devices
- Update device todo list
2018-01-20 07:36:08 -05:00
Tad
4b5717b6b7 -O3 ALL THE THINGS! Use JustArchi's compiler flags 2018-01-19 05:41:08 -05:00
Tad
e3d6171053 Update CVE patchers 2018-01-16 19:55:07 -05:00
Tad
a84bf140fe Fix thor overclock and clark recovery 2018-01-12 09:26:54 -05:00
Tad
bad18d67fc Improved thor overclocks 2018-01-11 20:39:49 -05:00
Tad
3491639412 Overclock thor 2018-01-11 20:29:37 -05:00
Tad
96104d6a2d Overclock mako 2018-01-11 15:58:04 -05:00
Tad
7ec6b4cf88 Overclocks for msm8992 2018-01-11 15:00:46 -05:00
Tad
77cc7f1341 More overclocks 2018-01-11 14:31:17 -05:00
Tad
6fb82b7907 Attempt to improve AES performance 2018-01-11 14:16:13 -05:00
Tad
85895baa66 Update CVE patchers 2018-01-10 15:24:05 -05:00
Tad
97bb50e125 Update CVE patchers 2018-01-10 02:20:35 -05:00
Tad
86234066dc Patch most 3.10 kernels against Spectre 2018-01-04 19:52:32 -05:00
Tad
a4cde9bb89 Update CVE patchers 2018-01-04 13:34:44 -05:00
Tad
1402e9b041 Update CVE patchers 2018-01-04 13:17:29 -05:00
Tad
e5cbc542ea Misc changes 2018-01-03 21:55:04 -05:00
Tad
eb32600c0b Fix AES256 encryption patch, and update CVE patchers 2018-01-03 12:15:58 -05:00
Tad
7446b2d304 Move enter to functions.sh, and move overclocks to overclock.sh 2018-01-02 20:19:09 -05:00
Tad
a350cd92f1 Patch for AES256 encryption 2018-01-01 14:49:15 -05:00
Tad
8a4f0bef72 Many changes
- Disable removal of AudioFX blobs, as it breaks audio on some devices
- Enable LG G3 overclocks
- Switch mako from test to release
- Disable force-enabling of GLONASS
2017-12-31 09:09:46 -05:00
Tad
758088bde2 Update CVE patchers 2017-12-30 07:11:23 -05:00
Tad
0861d217ae General updated, and LG G3 overclocking 2017-12-30 04:39:32 -05:00
Tad
406a4ebf6e Disable Fennec DOS shim 2017-12-24 20:59:00 -05:00
Tad
176d22c6bb Update CVE patchers 2017-12-20 14:29:33 -05:00
Tad
d3cf423227 Add a shim to install Fennec DOS 2017-12-19 20:01:17 -05:00
Tad
d740b10822 DNS changes 2017-12-19 17:03:38 -05:00
Tad
ba66e7477c Compile DejaVu 2017-12-19 16:55:30 -05:00
Tad
fe6e553cbb Remove n800 2017-12-19 16:32:07 -05:00
Tad
397ab78e21 Remove some broken patches 2017-12-19 00:18:10 -05:00
Tad
fcc8ffc5bd Tweaks and Fixes 2017-12-15 16:42:36 -05:00
Tad
f65bbb8ee0 Many improvements to the hardenDefconfig function 2017-12-09 13:27:49 -05:00
Tad
07b6c89e07 Fix bootloops with hardened defconfig 2017-12-09 05:52:59 -05:00
Tad
ef401964f7 Improvements 2017-12-09 02:07:54 -05:00
Tad
2091d44aa3 Add CVE patchers for various Android repos 2017-12-08 23:13:11 -05:00
Tad
0bda7c939e Android CVE patches submodule 2017-12-08 22:25:37 -05:00
Tad
b5c8ef6bc3 Update CVE patchers 2017-12-08 18:59:55 -05:00
Tad
11cc70ef35 Privacy guard improvements and update CVE patchers 2017-12-08 08:18:39 -05:00
Tad
1bd7aab805 Update CVE patchers 2017-12-07 20:20:48 -05:00
Tad
90d7413c04 Update CVE patchers 2017-12-05 19:42:36 -05:00
Tad
3dd9a262df Update CVE patchers with CopperheadOS kernel hardning patches 2017-12-05 18:22:31 -05:00
Tad
dd460da4c3 Build fixes 2017-12-05 11:26:57 -05:00
Tad
face62a675 Fixes 2017-12-04 22:48:33 -05:00
Tad
f93366c8e7 Update CVE patchers 2017-12-04 19:08:04 -05:00
Tad
9bed70363b Update CVE patchers 2017-12-04 18:49:19 -05:00
Tad
dd7454b664 Update CVE patchers 2017-12-01 17:02:23 -05:00
Tad
98dcb87cc8 Update submodules 2017-12-01 16:20:29 -05:00
Tad
9202c0a972 Submodules? 2017-12-01 16:19:36 -05:00
Tad
8e7e492c04 Submodules! 2017-11-28 12:28:55 -05:00
Tad
30e0d5e980 Move Linux patches out of repo 2017-11-28 12:18:40 -05:00
Tad
39337477bf Fixes 2017-11-26 12:43:47 -05:00
Tad
67e224cb1a Many new CVE patches 2017-11-25 19:39:02 -05:00
Tad
5e6208ece9 Firmware deblobber fixes 2017-11-12 09:23:12 -05:00
Tad
557d18a471 Firmware deblobber: Fix mounting /firmware 2017-11-11 09:40:23 -05:00
Tad
35a449dc82 Firmware Deblobber: Make device agnostic, remove more blobs 2017-11-11 07:27:00 -05:00
Tad
5dfb34d47d Inline the firmware deblobber 2017-11-11 06:46:58 -05:00
Tad
dec73c392c Add a qs tile for controlling radio power 2017-11-10 17:28:44 -05:00
Tad
7d4faa1ef8 More patches 2017-11-10 12:23:07 -05:00
Tad
1b74baddf0 Patch against towelroot 2017-11-10 03:06:09 -05:00
Tad
2711871d50 PAPP: Add more apps 2017-11-09 20:56:11 -05:00
Tad
b84f0881b0 Version the previous USB patches 2017-11-08 13:13:06 -05:00
Tad
7b3c994731 Update CVE patchers 2017-11-08 03:42:33 -05:00
Tad
aaa94329a5 Add more patches 2017-11-08 03:23:39 -05:00
Tad
397e66c977 CVE Build fixes 2017-11-07 23:45:28 -05:00
Tad
2bec4f071d Actually add the patches 2017-11-07 22:50:43 -05:00
Tad
d86c2f7d55 More CVE patches 2017-11-07 22:47:52 -05:00
Tad
42e8062935 More patches 2017-11-07 22:03:58 -05:00
Tad
7c0049f494 Update CVE patchers 2017-11-07 21:54:21 -05:00
Tad
6ce51b2775 More patches 2017-11-07 21:38:42 -05:00
Tad
e2e5a3d9e1 Patch fixes 2017-11-07 20:32:38 -05:00
Tad
8ed308c888 Update CVE pathcers against new patches 2017-11-07 20:00:37 -05:00
Tad
529ce03a13 Fixup wireless patches 2017-11-07 18:55:10 -05:00
Tad
11c7037780 Switch to new CVE patchset 2017-11-07 17:32:46 -05:00
Tad
57ce42402b Patch list fixes 2017-11-07 16:31:15 -05:00
Tad
4b3a3a4e50 Replace CVE list with a sorted list 2017-11-07 14:42:05 -05:00
Tad
f5e47ed233 Even more CVEs 2017-11-07 05:29:23 -05:00
Tad
7d50b9bcfa Add more CVE patces from LineageOS 2017-11-07 05:20:31 -05:00
Tad
58be4b7c58 Add an extremely detailed list of Linux CVE patches
It only took 7 hours!
2017-11-07 04:35:41 -05:00
Tad
0a2f23c228 LAOS-11.0 and nex Fixes 2017-11-06 20:26:28 -05:00
Tad
5bc79a7ad7 Restore nex/11.0 and cleanup 2017-11-06 15:34:40 -05:00
Tad
db7f521c28 Update FDroid repos 2017-11-05 23:19:53 -05:00
Tad
848056f0ff Remove more blobs, update FDroid repos 2017-11-05 18:39:54 -05:00
Tad
112384f039 Fixes 2017-11-05 16:49:52 -05:00
Tad
a42e8a5243 Add initial support for 7 more devices 2017-11-05 13:56:37 -05:00
Tad
7ffb675a15 Licensing fixes, and misc fixes 2017-11-05 10:58:01 -05:00
Tad
b1b71f43c6 Replace wallpapers with out own better ones, Replace FDroid repo patch with just the file instead 2017-11-04 09:47:54 -04:00
Tad
f5e96522e1 Fixes 2017-11-02 19:35:27 -04:00
Tad
5cce7e4c37 Add CVE patcher for nex 2017-11-02 19:09:39 -04:00
Tad
6cb184876a More KRACK patches 2017-11-02 16:48:37 -04:00
Tad
c3c75e7b73 Revert "CVE Patchers: Switch to 3way, patch ~552 CVEs"
This reverts commit 7d24041ae3.

A quick sanity check against cve.lineageos.org shows most of these are patched already.
--3way == bad way
2017-11-02 16:01:55 -04:00
Tad
7d24041ae3 CVE Patchers: Switch to 3way, patch ~552 CVEs
I hope this doesn't break compile... it probably will and this will end up reverted :(
2017-11-02 15:57:46 -04:00
Tad
79daadb5ef Update CVE patchers for ranged versions, patching 1 CVE 2017-11-02 15:26:49 -04:00
Tad
7c31506e56 CVE Patches: ranged versions 2017-11-02 15:07:05 -04:00
Tad
43e4a7035d Patch 30 more CVEs 2017-10-31 13:44:26 -04:00
Tad
77fc7b452c Fix empty CVE patches 2017-10-31 13:24:35 -04:00
Tad
9a09d20695 Disable patch for CVE-2016-0819 2017-10-30 22:46:23 -04:00
Tad
64d490d95e Remove network hardening patches, disable mako LTE patch, add function to enable forceencrypt 2017-10-30 17:38:00 -04:00
Tad
41b11b0273 Fully patch against KRACK 2017-10-30 01:13:51 -04:00
Tad
3afd709762 Remove duplicate cve patches and update CVE patchers 2017-10-29 22:33:38 -04:00
Tad
3989a1b20b Update Linux CVE patches 2017-10-29 22:14:37 -04:00
Tad
12b63c12b7 Remove some duplicate CVE patches and add back fixed CVE patcher scripts 2017-10-29 21:26:04 -04:00
Tad
548fbd1b50 New patchers 2017-10-29 16:25:37 -04:00
Tad
942c68a4d1 Remove invalid CVE patches 2017-10-29 16:01:30 -04:00
Tad
948a8760e2 Update CVE patches 2017-10-29 15:58:20 -04:00
Tad
92a0187dfb Overhaul CVE patches 2017-10-29 14:23:02 -04:00
Tad
ce59045163 Add some more Linux CVE patches 2017-10-29 04:19:13 -04:00
Tad
86c2d7a648 Remove many duplicate linux CVE patches and update patchers 2017-10-29 03:46:24 -04:00
Tad
75099b9404 Add patches for many Linux CVEs, and overhaul script paths 2017-10-29 01:48:53 -04:00
Tad
8c8dc284c9 Last patch prob doesnt fix that 2017-10-22 23:29:46 -04:00
Tad
106e5d1708 Add a patch to fix the keystore 2017-10-22 23:24:07 -04:00
Tad
d2d343b49c More fixes 2017-10-21 11:53:21 -04:00
Tad
f6fc3918aa More fixes 2017-10-21 09:10:23 -04:00
Tad
d9f56cc8ff More fixes 2017-10-21 00:39:22 -04:00
Tad
0975c5251b More fixes 2017-10-20 19:57:01 -04:00
Tad
8890e8cadd Fixup last 2 commits 2017-10-20 19:00:24 -04:00
Tad
0a238fd21e Overhaul last commit 2017-10-20 16:54:46 -04:00
Tad
b3108b9e7f Initial implementation of allowing the user to reduce screen resolution to save power 2017-10-20 15:31:04 -04:00
Tad
8168ab2db7 Replace theming patch with script 2017-10-18 12:11:10 -04:00
Tad
ffe640b21d Fix setupwizard patch and change the default accent color system wide 2017-10-18 11:59:50 -04:00
Tad
f810d0691d Fixes and remove boot anim 2017-10-18 10:00:05 -04:00
Tad
26acf27638 Add a temporary boot animation 2017-10-18 08:16:12 -04:00
Tad
4dc9f05915 Add a rebranding script and remove cmstats from SetupWizard 2017-10-18 07:54:56 -04:00
Tad
c4cdf17325 Fixes 2017-10-16 14:25:36 -04:00
Tad
c9df695f0c Fixes and switch to new updater parameters 2017-10-06 20:44:56 -04:00
Tad
f835a6e5f1 Add a patch for tri-state torch on clark 2017-10-04 20:32:48 -04:00
Tad
1535a984ae Remove SVOX patch, enable GLONASS and XTRA HTTPS for all devices 2017-10-03 05:41:25 -04:00
Tad
61fd3702ce Fixes 2017-09-15 20:16:51 -04:00
Tad
70ad6ff700 Switch from CM to LAOS updater 2017-08-26 16:07:10 -04:00
Tad
343cb8ee5b Fix LTE only patch 2017-08-16 11:27:10 -04:00
Tad
36691a61cb PAPP add two more apps 2017-07-25 13:57:27 -04:00
Tad
79975a9112 PAPP more apps 2017-07-23 18:45:12 -04:00
Tad
612c0a8cbf Disable LTE only patch 2017-07-19 04:10:19 -04:00
Tad
ce9c9f83c9 Quick fix 2017-07-18 22:47:31 -04:00
Tad
7bcd9ce09f Update changelog 2017-07-18 21:45:21 -04:00
Tad
4c2626ffea Modified LTE Only option from CopperheadOS 2017-07-18 20:34:46 -04:00
Tad
ca242f5baa Updater: Add back clobbered incremental support 2017-07-12 05:19:47 -04:00
Tad
77e6eb2014 Cleanup 2017-07-05 23:26:46 -04:00
Tad
af2b58f436 Cleanup, ZRAM, comments 2017-07-04 02:57:50 -04:00
Tad
dd09109ddd Fix per app performance profiles 2017-07-03 03:34:13 -04:00
Tad
38dada1aef Fixes 2017-07-02 23:29:47 -04:00
Tad
c70b735064 setup-makefiles.sh fixes 2017-07-02 18:34:41 -04:00
Tad
73d0b61dba Fix Silence replacement, RIP CustomTiles 2017-07-02 15:38:00 -04:00
Tad
1ef1ada003 PAPP: More apps 2017-07-01 22:58:11 -04:00
Tad
e07a7cdacf Fix PAPP 2017-07-01 22:25:51 -04:00
Tad
46aa453a5e Per app performance profiles, disable time replacement, drop vs985
PAPPv2 only took 4 years, amirite?
2017-07-01 19:54:38 -04:00
Tad
7bcac24b49 Only ship Silence on phones 2017-06-29 10:47:10 -04:00
Tad
285c6701dd Renable network hardening, fix tethering 2017-06-28 12:31:45 -04:00
Tad
219ee0ae4b Fix network hardening 2017-06-28 09:25:59 -04:00
Tad
82be2c12f5 Improved network hardening 2017-06-28 08:20:24 -04:00
Tad
e343f5b465 Fix the iptables hardening patch 2017-06-27 23:19:26 -04:00
Tad
15d3d2a540 Cleanup 2017-06-21 18:53:55 -04:00
Tad
edc740e60c Rebase update server patch 2017-06-18 10:20:47 -04:00
Tad
e73befa37b Fixes 2017-06-16 04:41:21 -04:00
Tad
61e242811c Fix Profiles tile, Ship Silence, Inline build-tools update patches 2017-06-15 23:41:35 -04:00
Tad
5d7e5735fd Update F-Droid repos patch and update network traffic cherry picks 2017-06-12 10:41:12 -04:00
Tad
df959d5fa6 Improvements 2017-06-10 10:06:06 -04:00
Tad
ced13482a0 Update profiles and tweak comments 2017-06-06 21:48:32 -04:00
Tad
b49d739e89 Remove msm8992 overclock, fix IMS,, fix credits, update changelog, and general cleanup 2017-06-06 21:18:51 -04:00
Tad
394c599e95 Bootloops, bootloops everywhere
I guess there is a bit more to CVE patches then just seeing if they apply cleanly
2017-06-04 22:34:28 -04:00
Tad
6d640639bd Fix more kernel CVEs 2017-06-04 22:32:03 -04:00
Tad
a812869b6c Fix some kernel CVEs using using raymanfxs android-cve-checker 2017-06-04 22:12:03 -04:00
Tad
97c43ced26 Switch to new domain 2017-06-04 12:48:26 -04:00
Tad
e947eb4edb Tweaks 2017-06-04 12:16:35 -04:00
Tad
1efaef9820 Repository cleanup, Update credits, Add copyright, Fix Gradle 2017-06-04 09:29:47 -04:00
Tad
d8f5c8b8ab Ship Nominatim and Ichnaea UnifiedNLP backends 2017-06-04 08:07:50 -04:00
Tad
f54c5bf914 Switch back to proprietary mpdecision/perfd 2017-06-02 01:24:25 -04:00
Tad
3d45e9a719 Replace proprietary mpdecision/perfd with msm_mpdecision 2017-06-02 00:10:57 -04:00
Tad
1fe7864416 Repository cleanup 2017-05-31 18:51:32 -04:00
Tad
fd6e4cf72b Update to use new PHP json responder 2017-05-30 15:05:36 -04:00
Tad
cb93855a57 OTA! 2017-05-30 14:31:08 -04:00
Tad
3a6815c4eb Fixes 2017-05-29 22:38:33 -04:00
Tad
188d9632ec Fixes 2017-05-29 20:48:36 -04:00
Tad
dc4f821e44 LatinIME: Remove voice input key 2017-05-29 20:38:31 -04:00
Tad
f5af24bbcb Fix patch authors 2017-05-29 20:38:31 -04:00
Tad
8bfe75a1b3 Netd: Harden using iptables, Build: Override build user/host, NFC: Disable NFC/NDEF 2017-05-29 20:35:30 -04:00
Tad
e0b4631ee6 CMSDK: Better profiles, Dialer: Disable FLP/PLP, Settings: Remove backup 2017-05-29 20:33:56 -04:00
Tad
e87dff56cd Disable Chromium for now 2017-05-27 14:38:27 -04:00
Tad
f1631ac1f3 LAOS 11.0 Manifest and Chromium 2017-05-27 03:27:26 -04:00
Tad
8cb18b837a Add the Nextbit Robin 2017-05-13 20:30:29 -04:00
Tad
4358c37749 Cleanup 2017-05-13 13:22:33 -04:00
Tad
7e1db8f854 Fix build failure 2017-05-05 12:40:20 -04:00
Tad
6163a38192 Renable IMS remove and add patch to fix calling 2017-05-04 21:42:25 -04:00
Tad
d41f7f93a0 Remove another blob and remove an unused patch 2017-03-19 13:19:51 -04:00
Tad
1842ad7ab8 CustomTiles is now official 2017-03-16 14:14:43 -04:00
Tad
3b95e5fb2c Fix camera on user builds 2017-03-15 12:54:07 -04:00
Tad
d39c8339b9 Remove more blobs, delete old patches 2017-03-15 06:22:24 -04:00