Commit Graph

1239 Commits

Author SHA1 Message Date
Tad
ff96315fb4 Update CVE patchers 2020-12-30 11:08:19 -05:00
Tad
4c0ac9c46c Small changes 2020-12-24 02:01:10 -05:00
Tad
8b56cd13c6 deblobber: Don't remove CNE
- breaks Wi-Fi calling
- breaks IMS on marlin/sailfish
2020-12-22 13:53:29 -05:00
Tad
d6cf9ec8b0 Many fixes
VoLTE tested working on mata/17.1!
VoWiFi tested working with DOS_DEBLOBBER_REMOVE_CNE=false

- Disable Graphene exec spawning feature, subtly breaks many apps
  Maybe missing some patches?
- Build old versions for devices with broken IMS
- Ensure shell umask is always 0022
- fwb overlay: drop the MMS user-agent overrides
- Drop the BlobBlocker and ModuleBlocker
  They were unused and unkempt.
- Put volteOverride behind DOS_DEBLOBBER_REMOVE_IMS and comment it
2020-12-22 04:00:12 -05:00
Tad
356c743cd8 Update cherrpicks 2020-12-21 03:44:07 -05:00
Tad
1be184bac9 Small tweaks 2020-12-16 07:48:41 -05:00
Tad
39727cb7c7 Update CVE patchers 2020-12-10 14:09:58 -05:00
Tad
5ffefc4dc3 Cherry picks 2020-12-10 12:34:14 -05:00
Tad
3ec13d6bc8 Update CVE patchers 2020-12-08 10:24:24 -05:00
Tad
e36a91facc Update CVE patchers 2020-12-07 09:36:20 -05:00
Tad
9c691d02ab Update CVE patchers 2020-12-03 22:43:23 -05:00
Tad
26cda44016 Add support for rs988, h990, and h870 2020-11-29 19:19:43 -05:00
Tad
09722044b0 Update CVE patchers 2020-11-29 19:06:06 -05:00
Tad
69c8bdfb22 Update CVE patchers 2020-11-26 09:03:45 -05:00
Tad
48e72f67bb Tiny update 2020-11-22 22:12:47 -05:00
Tad
445582fe2a Update CVE patchers 2020-11-19 17:15:55 -05:00
Tad
9d7e5a24a3 License headers 2020-11-17 10:19:06 -05:00
Tad
7b9d90d781 move clark from 14.1 to 17.1 2020-11-15 08:16:29 -05:00
Tad
523264aebb Update CVE patchers 2020-11-12 23:46:38 -05:00
Tad
e7a65ff912 Small fixes 2020-11-09 22:55:36 -05:00
Tad
dfe516fc3d 17.1: update cheeseburger/dumpling kernel 2020-11-07 17:29:55 -05:00
Tad
a21a6acaa8 Update cherrypicks 2020-11-07 17:20:30 -05:00
Tad
dc5b1d91f2 Update CVE patchers 2020-11-06 16:15:16 -05:00
Tad
42053a97e2 ASB cherry picks 2020-11-04 09:48:12 -05:00
Tad
6a5866c01d More failed attempts at fixing IMS
Keeping IMS, RCS, CNE, ATFWD, and allowing ims* to access /dev/diag:
IMS service still fails to register on mata

Is it the carrier?
Is it the phone?
Is it LineageOS?
Is is DivestOS?
Absolute mess.
2020-11-02 19:24:56 -05:00
Tad
e36f4529a3 Fixup 9f01dc03
Enables replacing of vendor fingerprints.
I thought this was broken, turns out it was the AUX camera change instead.
2020-11-02 11:04:49 -05:00
Tad
9f01dc038c Small changes
- SUPL NTP fix
- Remove debug info from dexpreopt, saves a few MB
- 15.1+: enable full dexpreopt, for perf and memory benefits
- 17.1: change oneplus/msm8998-common kernel
- 17.1: add OpenCamera to AUX list
- Resurrect verity for devices missed previously
- Update some CVE patchers
- deblobber: remove some lingering atfwd blobs
2020-11-02 06:28:06 -05:00
Tad
3926f3a44f Small updates
- Various rebranding fixes
- 17.1: hold off on Seedvault inclusion for now
- 17.1: update kernel/fxtec/msm8998 CVE patcher
- 17.1: build cheeseburger/dumpling
2020-10-31 15:16:25 -04:00
Tad
5ec84b9f7b Update CVE patchers 2020-10-30 14:35:12 -04:00
Tad
40f8cebc53 Small updates 2020-10-28 19:09:18 -04:00
Tad
b89cc98001 Small updates 2020-10-27 21:40:20 -04:00
Tad
ff8dfd95db Small updates 2020-10-26 05:24:59 -04:00
Tad
47d064f98c Fixes 2020-10-23 18:50:51 -04:00
Tad
fb2a4df9a0 Add yellowstone, untested and disabled for now 2020-10-23 16:47:06 -04:00
Tad
95077df728 Update CVE patchers 2020-10-23 15:51:19 -04:00
Tad
1b4b86c38d Tiny tweaks 2020-10-23 14:49:16 -04:00
Tad
c7eb6fcbfe deblobber: fixup IMS for a few devices
Don't remove qti-vzw-ims-internal.jar needed by IMS stack.
It is just a shim and doesn't really do anything.

Also put RCS behind a flag.
2020-10-21 20:09:53 -04:00
Tad
0958df7de5 deblobber: remove more blobs 2020-10-20 10:45:57 -04:00
Tad
00a6a86126 deblobber: fixup timekeep replacement, credit Wang Han/aviraxp 2020-10-20 05:39:06 -04:00
Tad
d889ae4642 Update CVE patchers 2020-10-17 15:28:42 -04:00
Tad
6d15a2bb82 Update CVE patchers 2020-10-15 22:36:28 -04:00
Tad
688f4dd953 More CVE patcher fixes 2020-10-15 21:31:46 -04:00
Tad
cc64ce1634 Update CVE patchers 2020-10-14 16:28:07 -04:00
Tad
10d042c3c0 Update CVE patchers 2020-10-14 15:20:06 -04:00
Tad
6c9c91941e Fix errors from compile test of all 14.1 kernels 2020-10-14 14:23:22 -04:00
Tad
d53a4f4e41 Update CVE patchers
- Drop tcp_sack=0 sysctl, as most devices are now patched
2020-10-12 18:38:07 -04:00
Tad
b56929d3d9 Many changes
- Missing credit in LICENSE
- Update TODO
- hardenLocationConf: don't change version
- hardenDefconfig: Fix reboot on shutdown
- changeDefaultDNS: replace a level3 dns straggler for tethering config
- Don't remove CompanionDeviceManager if microG is included
- Update cherry picks
- init.sh: update comment wording
2020-10-12 07:52:54 -04:00
Tad
115dd21832 Many changes
- 17.1: Add Pixel 4/XL
- Promote klte to 17.1
- hardenBootArgs: don't run on klte
- hardenBootArgs: regorganize
- hardenDefconfig: enabler: drop unnecessary options (iommu)
- hardenDefconfig: disabler: comment diag options for now
- deblobber: comment dirac lines to fix cheeseburger headphone jack
- fixup Etar replacement
2020-10-11 07:12:00 -04:00
Tad
496fddb303 Replace calendar with Etar, and drop LocalCalendar 2020-10-11 04:12:16 -04:00
Tad
260140f0a1 Update CVE patchers 2020-10-10 11:56:35 -04:00
Tad
8bdad21040 Update CVE patchers 2020-10-06 23:36:29 -04:00
Tad
b56fabac3b Update CVE patchers
I expect some breakage here
2020-10-06 21:14:18 -04:00
Tad
bf9167f442 Update CVE patchers 2020-10-05 21:38:25 -04:00
Tad
589394a589 Small updates 2020-10-05 21:38:15 -04:00
Tad
55e010fba5 Small updates 2020-10-01 14:56:37 -04:00
Tad
46c1a74ef3 17.1: Fixup TTS 2020-09-25 11:38:26 -04:00
Tad
92f7f37096 Update CVE patchers
Fix CVE-2020-25221 breakage
2020-09-25 09:27:12 -04:00
Tad
bc7cf7af0a Update CVE patchers 2020-09-25 06:55:18 -04:00
Tad
a9812ba729 17.1: Rebase microG patches 2020-09-24 08:02:27 -04:00
Tad
92879ec2a4 Update CVE patchers 2020-09-23 06:31:34 -04:00
Tad
3bc1463017 Update CVE patchers 2020-09-18 10:36:01 -04:00
Tad
8c1e8ee3e3 Update CVE patchers 2020-09-17 15:35:48 -04:00
Tad
40654dbf4b Fixup 556a8529 2020-09-15 15:29:10 -04:00
Tad
6e16320468 Small fixes 2020-09-13 19:52:37 -04:00
Tad
d16a362141 ASB cherry picks + Fixup 2f83043c
TODO: rm -v kernel/*/*/drivers/staging/greybus/tools/Android.mk
2020-09-12 08:29:09 -04:00
Tad
4c29ac36d2 Update CVE patchers 2020-09-09 19:00:03 -04:00
Tad
76fcd8a0d4 Update CVE patchers 2020-09-08 18:19:52 -04:00
Tad
37ff7ddc2d Update CVE patchers 2020-09-02 15:03:00 -04:00
Tad
bca6af1516 Small updates
- recovery: abort on serial number specific updates, credit: GrapheneOS
- Add lists of missing CVEs
- Update cherrypicks
2020-09-02 14:20:51 -04:00
Tad
0808ac1fd0 Many updates
- Add OnePlus 6, 6T, 7, 7 Pro
- Ensure verity/avb keys are *always* copied
- Update cherry picks
2020-09-01 03:26:21 -04:00
Tad
ec17d20f58 Update CVE patchers 2020-08-22 11:03:23 -04:00
Tad
826949e6df Small updates 2020-08-22 10:18:29 -04:00
Tad
98854115be 16.0: Add pro1
- Also initial beryllium support, no builds yet
2020-08-10 15:34:55 -04:00
Tad
f19dbe5958 More fixes for a69326f3 2020-08-10 03:46:36 -04:00
Tad
2f83043c68 14.1+15.1: GPS week rollover fix
16.0: 279492
17.1: 278135

also switch to alternate Xtra servers
https://developer.gemalto.com/threads/gps-time-info-error
2020-08-09 12:30:47 -04:00
Tad
887ebb84c5 Update CVE patchers
Includes many fixes for a69326f3
but probably breaks other things
2020-08-09 07:29:19 -04:00
Tad
a69326f396 Update CVE patchers
Untested. I expect some breakage.
2020-08-08 13:06:39 -04:00
Tad
7cd6df559c Update AOSP CVE list to August patches 2020-08-05 01:53:50 -04:00
Tad
af54500797 Update CVE patchers 2020-08-03 18:15:27 -04:00
Tad
e78a0cc1bc Small changes 2020-07-26 09:19:12 -04:00
Tad
0a979b67fa Small changes
- 17.1: bringup bacon and ether
2020-07-24 10:20:07 -04:00
Tad
dc3cf3405f Small updates
- Fix USB breakage
2020-07-22 08:50:51 -04:00
Tad
a6a59309ed More small fixes 2020-07-13 21:28:17 -04:00
Tad
2675404f86 14.1: move n-netd cherry picks in tree 2020-07-13 20:15:08 -04:00
Tad
820a680d4d Small updates + Many fixes 2020-07-13 17:37:33 -04:00
Tad
e8f13920bb Cherry picks 2020-07-08 16:39:26 -04:00
Tad
c715d549a7 Update CVE patchers 2020-07-07 01:57:39 -04:00
Tad
9bafe76906 Update CVE patchers 2020-06-27 02:29:14 -04:00
Tad
d9a61e1dea Fix GPG signing 2020-06-27 01:45:02 -04:00
Tad
2ef92046af Small changes 2020-06-22 20:41:49 -04:00
Tad
b2b9eb7ffc Potential fix for phone call audio on shamu and others 2020-06-17 15:20:02 -04:00
Tad
900183743d Add GPG signing to processRelease 2020-06-17 13:20:26 -04:00
Tad
70508e2b70 More checksums 2020-06-14 10:05:34 -04:00
Tad
5b9e44794b Fixup broken checksum generation 2020-06-14 09:36:39 -04:00
Tad
4e9f733f27 Small updates 2020-06-12 16:27:45 -04:00
Tad
837fbecc49 More verity resurrection 2020-06-08 11:57:52 -04:00
Tad
d96a421dee 17.1: disable cheeseburger/dumpling 2020-06-07 22:33:50 -04:00
Tad
79c7443c7d 17.1: bring up osprey and cheeseburger/dumpling
- also fix cherrypick mismatch
2020-06-07 16:35:05 -04:00
Tad
850c4ad88c Small updates
- Partial revert of 5106063c
- Cherry picks
- CVE patcher fixes
2020-06-07 04:25:12 -04:00
Tad
5797ea8fc4 Small fixes
CVE-2019-14047/ANY/0002.patch will probably need to be disabled on more devices
2020-06-02 17:33:27 -04:00
Tad
ca77d36357 Update CVE patchers 2020-06-02 02:23:57 -04:00
Tad
694f270d75 Initial bringup of many devices to 17.1 2020-05-31 15:10:32 -04:00
Tad
31d6ab5299 Update CVE patchers 2020-05-28 23:06:53 -04:00
Tad
5106063cb5 Drop many more repositories 2020-05-24 20:07:03 -04:00
Tad
7af3c42325 Minor fixes 2020-05-23 23:31:05 -04:00
Tad
4c1577724f Small changes
- hardenDefconfig: more options from Alexander Popov's checker
- 17.1: A2DP fix from GrapheneOS when hardened_malloc is in use
2020-05-23 18:06:22 -04:00
Tad
25cc3c5a10 Update CVE patchers 2020-05-18 16:25:41 -04:00
Tad
7343973b1d Minor updates
- Update cherrypicks
- 17.1: mata fix usb
- 16.0: whitelist open camera for aux support
2020-05-17 10:04:48 -04:00
Tad
f5462dd23c Minor tweaks 2020-05-13 17:38:39 -04:00
Tad
2aa65e6b16 Cherry picks 2020-05-11 07:57:53 -04:00
Tad
e962fdeb81 Update CVE patchers 2020-05-04 17:18:50 -04:00
Tad
e58ba3e9b2 Disable IMS stack 2020-05-02 22:29:23 -04:00
Tad
2a0352ba1c Many fixes
17.1: recovery: rebranding reverts
17.1: mata: fix vorbis
17.1: g2/g3: fix Wi-Fi under -user
15.1/16.0: g2/g3: improve misc_block_exception patch
2020-04-30 18:37:41 -04:00
Tad
c1e0503390 Update cherry picks 2020-04-28 19:23:49 -04:00
Tad
9fcb91793e Update CVE patchers 2020-04-26 13:24:43 -04:00
Tad
358a0d703b Many changes
- Promote many 16.0 devices to 17.1
- Many build fixes
- Switch to FairEmail
2020-04-25 12:34:49 -04:00
Tad
84300d6611 Small fixes 2020-04-19 13:19:55 -04:00
Tad
98a45b1ee6 Build fixes 2020-04-15 21:38:46 -04:00
Tad
c3bb898eb0 2020 2020-04-14 21:39:51 -04:00
Tad
8012903ba1 17.1: Initial bringup
- See items marked with '17REBASE'
2020-04-14 21:21:13 -04:00
Tad
cdd74148b9 Patcher build fixes 2020-04-12 13:58:02 -04:00
Tad
ee458d0ed1 April ASB cherry picks 2020-04-08 13:44:52 -04:00
Tad
0c89accfb5 Update CVE patchers 2020-04-06 22:23:37 -04:00
Tad
c26b3e95c7 Minor tweaks
- Cherry pick PPP/CVE-2020-8597 patches
- Add some more DNS providers
- Switch default DNS to Cloudflare's new malware blocking provider
- GCC 10 build fix
- Update CVE patchers (select)
2020-04-05 15:53:58 -04:00
Tad
d7ef9abf61 Minor tweaks 2020-03-25 22:08:25 -04:00
Tad
01843b6b2b Update incrementals 2020-03-02 19:33:43 -05:00
Tad
637bb171c8 Switch to partial 4096 signing keys by default
Update engine <10 doesn't support 4096-bit keys
Make releasekey 2048-bits
Verity has also been 2048-bits
The rest are 4096-bits
2020-02-26 20:14:42 -05:00
Tad
50f44d1934 Small changes
- cheeseburger/dumpling: fix ogg vorbis playback, credit @LuK1337
- cheeseburger/dumpling: fix delta ota generation
- remove a few more blobs
- potentially bluetooth when ant is removed on newer devices
- support newer clamav
- commented support for extracting boot.img when recovery.img isn't available
-- fastboot.zip should be preferred
- potentially fix boot on many untested newer devices (diag on msm8996+)
- update cherry picks
2020-02-24 18:53:27 -05:00
Tad
4292bcaa3e recovery: fix sideload with larger files
+ 16.0: add a disabled patch to remove backuptool
+ processRelease: add support for copying recovery image to archive
2020-02-23 16:06:47 -05:00
Tad
fe54dd26a6 Fix many device issues
- Fix mata
- Fix cheeseburger
- Enable near-entire IMS stack (proprietary)
- Fix many other new devices
2020-02-22 13:29:01 -05:00
Tad
4e25046418 Many changes
- Add OnePlus 2, 3/T, 5/T
- Fix flounder
- Cherrypicks
2020-02-17 22:21:47 -05:00
Tad
cc28df15f7 Cherry picks + fix 5 failing devices 2020-02-09 13:52:25 -05:00
Tad
2734a075c6 Update CVE patchers 2020-02-03 21:36:49 -05:00
Tad
332807d427 Update CVE patchers 2020-02-02 12:09:49 -05:00
Tad
d87457630a Update cherrypicks 2020-01-26 21:17:33 -05:00
Tad
84ac696e16 Small updates 2020-01-08 21:22:35 -05:00
Tad
d3f28918e5 Update CVE patchers 2020-01-06 18:25:36 -05:00
Tad
d8c2a56124 Update CVE patchers 2019-12-11 20:21:14 -05:00
Tad
4610cd9bde Update CVE patchers
CVE-2019-19252 was dropped
dependent on d21b0be246
2019-12-03 06:12:46 -05:00
Tad
7ef8a2726d Minor tweaks 2019-11-28 12:03:40 -05:00
Tad
a8cc390c3d 14.1: cherrypicks 2019-11-24 20:14:23 -05:00
Tad
f90b62982b Update CVE patchers 2019-11-24 20:13:55 -05:00
Tad
038ae37376 Minor tweaks 2019-11-24 16:22:58 -05:00
Tad
baabd45a16 Minor tweaks + ASB cherrypicks 2019-11-10 02:34:40 -05:00
Tad
d64534a7c1 Update CVE patchers 2019-11-04 21:04:49 -05:00
Tad
1a7897211a 16.0: add Amber 2019-10-29 17:37:43 -04:00
Tad
791087fefa minor tweaks 2019-10-27 16:20:27 -04:00
Tad
a8af0c3d0d hardenDefconfig: more options from Alexander Popov's checker 2019-10-20 01:53:59 -04:00
Tad
640ef60b83 Move many old cherry picks in tree for archival/support purposes 2019-10-19 22:03:59 -04:00
Tad
204285d7c8 kernel command line: enable hardening options 2019-10-18 22:14:28 -04:00
Tad
e13c6c7c9c processRelease features
- support removing device out after complete
- support malware scan before sign
- Update cherry picks
2019-10-15 12:23:46 -04:00
Tad
bffcd06644 16.0: add zenfone3 2019-10-11 15:16:09 -04:00
Tad
159e5ea194 Minor tweaks
- Update cherry picks
- Update copyright year
- bacon: fix delta generation
2019-10-11 13:24:38 -04:00
Tad
579f340c3c Update CVE patchers 2019-10-04 14:43:19 -04:00
Tad
f20ddfc0f6 Minor tweaks 2019-10-04 10:39:27 -04:00
Tad
79ec8a4999 clark: experimental 16.0 2019-09-28 17:37:18 -04:00
Tad
a0e8f9653c Future proofing keys 2019-09-25 21:04:24 -04:00
Tad
ca734124f9 Generate factory image if needed by device 2019-09-23 12:45:00 -04:00
Tad
f55cdef5b0 Minor tweaks 2019-09-21 15:42:26 -04:00
Tad
ae87cffe34 14.1: add v1awifi 2019-09-18 18:04:22 -04:00
Tad
4a1ebe1b71 Scripts: localize variables in functions 2019-09-17 04:14:35 -04:00
Tad
e01e457b24 Per-device signing keys
- also fix OTA/recovery key regression
- Update cherrypicks
2019-09-15 22:18:04 -04:00
Tad
19d5b66097 Many changes
- ASB chery picks
- 16.0: recovery: fix sideload
- Restore releasetools for some devices
- Only include Backup where supported
- Change some small defaults
- z00t: 14.1 -> 15.1
- himaul: 14.1 -> 15.1
- i9100: 14.1 -> 15.1+16.0
- flo: 15.1 -> 16.0, disabled
- flounder: 15.1 disabled, enable 14.1
2019-09-13 20:24:02 -04:00
Tad
09b38c1f04 marlin/sailfish: fix MediaProvider using 100% CPU
- by disabling mtp over functionfs
- affects both GrapheneOS and LineageOS
- might need to be applied to other devices

[pid  2482] ppoll([{fd=42, events=POLLIN}, {fd=51, events=POLLIN}], 2, {tv_sec=0, tv_nsec=0}, NULL, 0) = 0 (Timeout)
lrwx------ 1 u0_a13 u0_a13 64 2019-09-05 18:47 42 -> /dev/usb-ffs/mtp/ep0
lrwx------ 1 u0_a13 u0_a13 64 2019-09-05 18:47 51 -> anon_inode:[eventfd]

https://forum.xda-developers.com/android/help/pixel2-help-diagnose-android-process-t3863274
https://bugs.chromium.org/p/chromium/issues/detail?id=947901
2019-09-06 09:38:01 -04:00
Tad
1a7291aa36 Minor changes
- Cherry picks
- New default wallpaper, credit: Pawel Czerwinski, UmzGrVna1P0
2019-09-05 04:23:28 -04:00
Tad
9ce8cdb9b6 Add Steve Soltys' Backup app 2019-09-04 06:40:05 -04:00
Tad
ec48a4c89c Update CVE patchers 2019-09-04 01:31:12 -04:00
Tad
db572efa89 Many changes
- processRelease: Support AVB
- sort device build order by SoC

Additions:
- taimen/muskie: 15.1, 16.0
- crosshatch/blueline: 16.0
- bonito/sargo: 16.0
2019-09-03 16:50:50 -04:00
Tad
1bd0e47099 victara: 15.1 -> 16.0
- other fixes
2019-08-30 22:42:10 -04:00
Tad
330df0983c 16.0: Add GrapheneOS' exec-based spawning feature + misc tweaks
- patch credit updates
- 16.0: allow SystemUI to directly manage Bluetooth/WiFi
 - from GrapheneOS
- cleanup
2019-08-30 02:30:13 -04:00
Tad
e10a865b05 Improve release processing to support deltas and archiving 2019-08-29 19:09:31 -04:00
Tad
057bedb65b Minor tweaks
- 14.1+15.1+16.0: enable kernel protections for files
 - protected_*: hardlinks, symlinks, fifos, regular
 - from GrapheneOS
- defconfig: enable more verity options
- cleanup
2019-08-28 20:24:59 -04:00
Tad
db348ab09c Minor tweaks
- 15.1+16.0: Replace in-line build signing patch with bash function
 - From GrapheneOS/script
- 15.1+16.0: Enable fingerprint failed lockout after 5 attempts
 - From GrapheneOS
2019-08-28 00:40:27 -04:00
Tad
68cdef8733 Minor tweaks 2019-08-26 20:50:28 -04:00
Tad
eccf9c6f6d Many new devices
- hammerhead: 15.1 -> 16.0

- axon7: 14.1, 15.1
- cheryl: 16.0
- crackling: 14.1, 15.1, 16.0
- ham: 14.1, 15.1, 16.0
- kipper: 14.1, 15.1, 16.0
- z2_plus: 16.0
2019-08-23 17:27:53 -04:00
Tad
e9b5c06188 Lots of device updates
- d802: 15.1 -> 16.0
- d852: 15.1 -> 16.0
- d855: 15.1 -> 16.0
- fugu: 15.1 -> 16.0
- jfltexx: 14.1 -> 16.0
- m8: 15.1 -> 16.0
- mata: 15.1 -> 16.0
- update cherrypicks
- defconfig: enable MMC_SECDISCARD
2019-08-23 11:47:43 -04:00
Tad
3a080bbcd7 Minor tweaks 2019-08-13 01:56:01 -04:00
Tad
89de66bdba Many small changes
- Cherrypicks for ASB patches
- Apps: Switch gallery to Simple Gallery
- Apps: Switch camera to OpenCamera
- PKGBUILD: update with image optimization dependencies
- Deblobber: fix bug introducted in 6d33e4ecbf
2019-08-08 14:22:24 -04:00
Tad
6d33e4ecbf Parallize many functions invoked by find 2019-08-05 21:09:35 -04:00
Tad
3f8e9a846b Complete tree image optimization
- recursively optimize images using optipng/jpegoptim
benefits:
+ reduces image size
+ decreases load time
+ reduces memory usage
2019-08-05 20:34:08 -04:00
Tad
aee6b66dd8 Update CVE patchers 2019-08-05 16:03:41 -04:00
Tad
bad890614e Update CVE patchers 2019-07-21 09:47:10 -04:00
Tad
34d1bbe155 Minor updates 2019-07-21 07:36:02 -04:00
Tad
6458d6785f Enable IPv6 privacy extensions 2019-07-05 16:47:59 -04:00
Tad
4fe74583a9 Minor tweaks 2019-07-03 10:42:24 -04:00
Tad
a29825f6e1 Update CVE patchers 2019-07-01 18:06:05 -04:00
Tad
fe19e8c830 Minor tweaks 2019-06-30 04:52:57 -04:00
Tad
e41d053f00 Minor updates
- drop usage stats patch, causes Settings to crash
2019-06-27 23:01:28 -04:00
Tad
55c3072089 Going the distance... [pt2] 2019-06-18 13:51:04 -04:00
Tad
c15105d945 Update CVE patchers 2019-06-17 23:26:38 -04:00
Tad
02cf6e4778 Update cherry picks 2019-06-17 14:43:14 -04:00
Tad
1d67143181 Update CVE patchers 2019-06-08 04:09:24 -04:00
Tad
aa4ad7a6da Cherry picks 2019-06-06 10:45:00 -04:00
Tad
d7078bafd6 Update CVE patchers 2019-06-03 18:41:24 -04:00
Tad
bb72bccbeb Two hardening patches from @MSe1969
+ a backport of browser location restriction patch to 14.1 and 15.1
  by @syphyr
2019-06-02 19:25:29 -04:00
Tad
163fdb1f68 Minor updates 2019-05-31 21:13:39 -04:00
Tad
40d6db0326 divestos.xyz > divestos.org 2019-05-23 11:34:26 -04:00
Tad
8030a63a2a 11.0: fixes 2019-05-17 23:26:25 -04:00
Tad
380353773e Fixes 2019-05-17 20:48:26 -04:00
Tad
899812864f Update CVE patchers 2019-05-14 21:04:55 -04:00
Tad
c040d79c9b 16.0: add FP2 2019-05-13 13:51:48 -04:00
Tad
de5a4dda72 Minor tweaks 2019-05-12 09:33:21 -04:00
Tad
30bf0f2fb9 Resurrect verity 2019-05-09 06:16:34 -04:00
Tad
ebaf61eb31 Cherrypicks 2019-05-07 03:10:55 -04:00
Tad
b2e521440e Update CVE patchers 2019-05-06 18:31:06 -04:00
Tad
f59c77f00c Cherrypicks 2019-05-06 16:29:58 -04:00
Tad
08a2506fe9 14.1: support i9300 and n7100
i9300 has less blobs compared to i9305 due to different modem
2019-05-02 16:42:50 -04:00
Tad
cc976eeffe Minor tweaks 2019-04-16 22:34:31 -04:00
Tad
f8cfdbca4f Update CVE patchers 2019-04-07 20:31:27 -04:00
Tad
304f39918c Update cherrypicks 2019-04-07 17:31:23 -04:00
Tad
20c8c7525c Misc tweaks
- 15.1: Contacts: remove Privacy Policy and Terms of Service links
  - from GrapheneOS
- cherry picks
2019-04-06 22:55:14 -04:00
Tad
974cc3b3f8 16.0: recovery has been updated
but leave it disabled because it doesn't boot
2019-04-04 23:33:10 -04:00
Tad
935795f5bb Minor tweaks 2019-04-04 15:51:00 -04:00
Tad
25cc717ec2 Use GrapheneOS' hardened memory allocator
+ 16.0: some other misc hardening patches from GrapheneOS
  - always restrict access to Build.SERIAL
  - don't grant location permission to system browsers
  - fbe: pad filenames more
+ 16.0: Contacts: remove Privacy Policy and Terms of Service links
2019-04-04 01:07:58 -04:00
Tad
60cf364f19 Minor tweaks
- init.sh: sort options
- overlay: leave radioScanningTimeout default
- hardenDefconfig: disable more components with CVEs
- cherry picks
- 16.0: trebuchet: tmp fix for default workspace overlay
2019-04-03 19:04:37 -04:00
Tad
1c49b80da0 Minor tweaks
- CVE patchers were updated with no change
- hardenDefconfig: disable MSM_SMP2P_TEST to mitigate CVE-2019-2247
- 14.1 add a cherry pick
2019-04-01 18:57:04 -04:00
Tad
7223df543a Minor fixes 2019-03-31 22:46:37 -04:00
Tad
61ee2e5757 More minor fixes 2019-03-26 19:37:56 -04:00
Tad
3c806603d9 Various fixes 2019-03-25 21:30:26 -04:00
Tad
8f609e9cbe Minor tweaks
+ remove a few more blobs
+ fix broken USB and log spam on hdx*
2019-03-24 16:32:55 -04:00
Tad
54c68a1e93 Fixup radio on Motorola device 2019-03-23 20:23:42 -04:00
Tad
a8dbb447ed Deblobber cleanup
Break all the really long lines up into the following categories
- libraries (*.so)
- jars (*.jar)
- binaries
- apps (*.apk)
- non-executables (*.xml, *.cfg, *.conf, *.txt)
- firmwares (tz.*)
- treble stuff (vendor.*, com.*)
2019-03-23 18:11:57 -04:00
Tad
c044136234 Remove many more blobs 2019-03-23 14:57:39 -04:00
Tad
fc2e71acbe Remove more blobs 2019-03-22 19:43:29 -04:00
Tad
510fa2163e Cherry picks 2019-03-22 08:10:20 -04:00
Tad
a91a3d427a Remove more blobs 2019-03-22 06:04:29 -04:00
Tad
c64ad2ecdc Make it easier to build all supported branches of a device 2019-03-22 05:38:58 -04:00
Tad
dd7e4c3faf Remove more blobs 2019-03-22 05:28:57 -04:00
Tad
e344b17a36 Build fixes + new blob blocker 2019-03-22 04:20:06 -04:00
Tad
d3d924bd91 16.0: add marlin/sailfish and ether 2019-03-21 12:19:26 -04:00
Tad
3c056c7785 Remove some more blobs 2019-03-21 08:55:01 -04:00
Tad
6a0c39d14f Submodule updates 2019-03-20 22:43:38 -04:00
Tad
cf5a58f447 11.0: misc. fixes 2019-03-17 17:27:51 -04:00
Tad
97dc687812 Update cherry picks 2019-03-15 22:13:32 -04:00
Tad
2367074a0f Update submodules + misc fixes 2019-03-14 16:09:17 -04:00
Tad
31faec9bdc 16.0: Restore TTS 2019-03-12 20:07:28 -04:00
Tad
39bb65e181 Minor changes
15.1: Disabled devices with working 16.0
16.0: Build fixes
16.0: mako: don't touch partitions sizes
2019-03-12 17:18:38 -04:00
Tad
7945ed0e10 16.0: -user on legacy devices 2019-03-11 22:47:11 -04:00
Tad
cfe766be09 Tweaks 2019-03-11 18:19:50 -04:00
Tad
61a8a10c42 Many changes
repo changes
15.1: build fixes
16.0: add unofficial mako
2019-03-11 00:55:21 -04:00
Tad
b1455b641d Update CVE patchers 2019-03-08 15:15:46 -05:00
Tad
913fbcd109 ASB cherry picks + minor tweaks 2019-03-05 22:57:45 -05:00
Tad
5607db2e0b Update CVE patchers
- More aggressively attempt to apply incremental patches by
  ignoring the current subversion, as it is common for it to be 0
  Hopefully I won't have to revert this
2019-03-04 21:41:55 -05:00
Tad
9e897989d1 Update CVE patchers 2019-03-04 20:18:29 -05:00
Tad
f5d99c938b 16.0: More bringup 2019-03-04 05:53:51 -05:00
Tad
23056ddef0 Minor tweaks 2019-03-04 03:11:51 -05:00
Tad
afe719ffc4 16.0: Initial bringup
- 14.1/15.1: Remove @ValdikSS' bluetooth patches
- 15.1: Cleanup
2019-03-04 02:45:54 -05:00
Tad
83478880ef WireGuard kernel module inclusion support 2019-03-04 00:06:22 -05:00
Tad
6eab4c6529 Minor updates 2019-02-22 08:38:24 -05:00
Tad
bc63feedc9 Update CVE patchers 2019-02-21 06:25:47 -05:00
Tad
fccc124868 tuna fixes + fdroid priv changes 2019-02-14 04:36:50 -05:00
Tad
b9ff7a74e6 Updates and fixes 2019-02-12 16:09:41 -05:00
Tad
c9e17ffb52 Many changes
- Add more DNS resolver choices
- Change default DNS resolver back to OpenNIC
- More cleanup
- 15.1: Update some CVE patchers
2019-02-09 20:51:23 -05:00
Tad
ffabfb3616 14.1: fix maguro denials 2019-02-09 14:47:55 -05:00
Tad
a7a4e869fd Many changes
- Remove broken/permissive devices
- Notify user when location is requested via SUPL
- 15.1: skia cherrypicks for Feb ASB
- 15.1: recovery: change selected text color
2019-02-09 14:20:19 -05:00
Tad
9178760d1a Updater: Fix downloads over Tor
+ Update TODO
+ Minor tweaks
2019-02-08 20:58:15 -05:00
Tad
24c291c630 Improve hardenLocation to include fwb and its overlays 2019-02-08 18:46:42 -05:00
Tad
aa9b5499e6 Updates 2019-02-07 11:15:29 -05:00
Tad
3f9d78a4c7 Updates 2019-02-06 17:44:17 -05:00
Tad
15237becbb Update CVE patchers 2019-02-04 16:03:59 -05:00
Tad
929a3d5704 15.1: fix g3 2019-02-04 04:39:31 -05:00
Tad
db260cf1e1 Updates 2019-02-02 06:11:41 -05:00
Tad
378971497c 14.1: Support unified tuna 2019-02-01 02:53:13 -05:00
Tad
0ea1d37f0c Minor changes
- Update cherrypicks
- Update submodules
- Add some comments
2019-01-28 21:54:45 -05:00
Tad
883c22d162 Get d852 building + Update CVE patchers 2019-01-17 18:52:55 -05:00
Tad
a7a0a67888 Many changes
- Allow enabling accessibility services without disabling secure start-up
- Disable overclocks
- Update select CVE patchers
- Update submodules
- Support select downloads over Tor
- Update defconfig enablers
- Cherry pick security patches
2019-01-14 03:12:50 -05:00
Tad
ec3ffa38f2 Fixup CVE patchers 2019-01-07 19:42:25 -05:00
Tad
d8aac4c07b Update CVE patchers 2019-01-07 17:07:00 -05:00
Tad
c27f226269 Properly fix network mode patch 2018-12-29 12:19:27 -05:00
Tad
0df749ef73 Add more preferred network modes such as LTE Only, LTE/3G only, and 3G only 2018-12-28 08:02:24 -05:00
Tad
c07027dd97 Many changes
- Update CVE patchers
- Update submodules
- Update defconfig enablers
- Update DNS IP addresses
- + Misc changes
2018-12-24 23:29:56 -05:00
Tad
6c4eadcdc7 Manifest cleanup + always remove latemount from /cache
formatting/erasing /cache will result in selinux contexts being lost
these are normally restored by system/core/rootdir/init.rc in post-fs
but latemount causes /cache to not be mounted beforehand
preventing it from ever being fixed
result is broken ota and recovery updates
2018-12-20 17:22:34 -05:00
Tad
c5d2f25797 11.0: nex: switch to -user + add disabled overclock 2018-12-19 02:15:15 -05:00
Tad
3a717605d0 11.0: nex: fix wi-fi 2018-12-19 01:15:16 -05:00
Tad
a652eb1e23 11.0: Remove the rest of CMStats
Hmm, I don't remember Dialer having stats.
Goddamn spyware.
2018-12-18 23:39:29 -05:00
Tad
bae3092539 11.0: Remove CMStats 2018-12-18 22:08:57 -05:00
Tad
715cb32468 11.0: Cherrypick ASB topics 2018-12-18 21:36:02 -05:00
Tad
de1d7cf5ed 11.0: Build fixes 2018-12-18 21:36:02 -05:00
Tad
314701f0e8 11.0: Drop grouper + more work 2018-12-18 21:36:01 -05:00
Tad
28b0e915f5 11.0: More restoration work 2018-12-18 21:35:41 -05:00
Tad
01be578137 11.0: Initial restore
I think this is like the 6th time I've done this.
I always remove it, wait a few months, pull out a device that I want to run it on
and then spend hours restoring and bringing it back. I always think to myself
do I really need to toy with this device? No, I don't, but I do it anyway. :)
2018-12-18 21:35:14 -05:00
Tad
c6206ccd7e Minor updates 2018-12-17 17:59:12 -05:00
Tad
982462aa00 Update CVE patchers 2018-12-04 17:21:39 -05:00
Tad
90a967c552 Misc device fixes 2018-11-15 01:25:22 -05:00
Tad
6ea39e0a0f Updates 2018-11-13 17:33:49 -05:00
Tad
a2fd561a9b Temp fix for wrongly versioned CVE patch
- TODO: Regen CVE patchers
2018-11-06 22:22:22 -05:00
Tad
5be6227a8b Minor updates + Update CVE patchers 2018-11-06 21:09:35 -05:00
Tad
8708358645 Minor updates 2018-10-29 21:52:33 -04:00
Tad
34be4797ea Switch to official F-Droid 2018-10-20 16:26:42 -04:00
Tad
4f488269ff Minor changes 2018-10-20 13:13:32 -04:00
Tad
95959a0d89 Many changes
- Add back microG support (not enabled)
- Add choice between DNS66 and Blokada when $DOS_HOSTS_BLOCKING=false
2018-10-19 18:28:18 -04:00
Tad
5696da8d0c Many changes
- 15.1: Update some CVE patchers
- 15.1: Address some mako denials
- 14.1: Add cherrypicks for various security patches
- Common: Prepare for F-Droid additional repos
- Common: Disable overclock for mako
- Misc tweaks
2018-10-19 09:55:08 -04:00
Tad
586f967667 Minor updates 2018-10-14 20:21:06 -04:00
Tad
5df567fe3b Cleanup overclocks.sh 2018-10-02 13:55:39 -04:00
Tad
136bb520aa Update CVE patchers 2018-10-01 22:45:00 -04:00
Tad
776be6f992 Backport Updater Tor support patch to 14.1 2018-09-24 06:46:54 -04:00
Tad
08c65c8334 Patches to add captive portal check toggle from @MSe1969 2018-09-22 21:05:41 -04:00
Tad
137c8d992d Various changes 2018-09-21 16:32:02 -04:00
Tad
8347c07ec1 Deduplicate Overclock.sh and Optimize.sh 2018-09-21 03:55:54 -04:00
Tad
b50352bc8e Updater: Add initial Tor support 2018-09-20 21:45:58 -04:00
Tad
289b110d8f Fix GPS on various devices 2018-09-19 01:03:02 -04:00
Tad
c012af895f Updates 2018-09-18 20:55:45 -04:00
Tad
4929867e95 Build fixes 2018-09-14 19:34:01 -04:00
Tad
51fd815236 Update CVE patchers 2018-09-13 21:53:30 -04:00
Tad
a39764938c Build fixes and updates 2018-09-12 22:51:05 -04:00
Tad
f8a438b32a Update CVE patchers 2018-09-12 15:45:35 -04:00
Tad
d9970b3f77 Minor tweaks and update F-Droid 2018-09-12 13:43:05 -04:00
Tad
298d21a94a Update CVE patchers 2018-09-11 23:13:50 -04:00
Tad
e5b588265c Add function to always ensure discard mount option is enabled 2018-09-11 19:53:50 -04:00
Tad
d231bd3172 Build fixes 2018-09-06 07:48:10 -04:00
Tad
465008cc14 Update CVE patchers 2018-09-05 07:07:38 -04:00
Tad
8d79a008ff hardenDefconfig: Ensure IOMMU is enabled 2018-09-05 04:53:42 -04:00
Tad
87a7665b5c Support GPG verification of git repos in init.sh 2018-08-31 00:02:52 -04:00
Tad
8e79da6971 GPG verify all F-Droid apps before copy 2018-08-30 23:46:17 -04:00
Tad
44b799afb1 Update F-Droid 2018-08-26 23:10:42 -04:00
Tad
44a192b7a4 Various fixes 2018-08-26 20:32:19 -04:00
Tad
09fe9b212a Refinements of previous commits 2018-08-24 23:56:38 -04:00
Tad
54ecd7ae21 hardenDefconfig improvements 2018-08-24 20:00:43 -04:00
Tad
48d7f11919 Deblobber improvements
Deblobber
- Remove more diag blobs
- Remove more AT blobs
- Remove IPA blobs by default now
- Support removal of IPC security exceptions

+ also disable earjack debugger via hardenDefconfig()
2018-08-24 18:35:53 -04:00
Tad
e078d37b82 Enable previously added Bluetooth patches 2018-08-24 13:52:34 -04:00
Tad
9fb6c648d9 Partial revert of 1983d9a8f7 2018-08-24 00:26:35 -04:00
Tad
642f978509 Experimental Bluetooth audio quailty improvement patches, credit @ValdikSS 2018-08-23 22:31:43 -04:00
Tad
1983d9a8f7 Update CVE patchers 2018-08-23 21:26:33 -04:00
Tad
2a427a14bf More geminipda work 2018-08-23 19:25:33 -04:00
Tad
9cbc514c59 Initial support for geminipda 2018-08-23 18:50:13 -04:00
Tad
c3f480b867 Updates 2018-08-17 19:22:00 -04:00
Tad
1c0dfb1839 Update CVE patchers + misc fixes 2018-08-14 14:51:14 -04:00
Tad
17340a0963 Update CVE patchers 2018-08-10 21:03:28 -04:00
Tad
50bdbaedf2 More GPS fixes 2018-08-09 00:42:07 -04:00
Tad
db3b42ae4f Update CVE patchers + misc fixes 2018-08-08 20:23:26 -04:00
Tad
bf717204e3 GPS improvements 2018-08-07 23:28:38 -04:00
Tad
ce42870cd2 Fixes 2018-08-07 14:26:15 -04:00
Tad
46b1b409c9 Update CVE patchers 2018-08-06 21:32:33 -04:00
Tad
4136ab17b8 Updates 2018-08-04 09:15:22 -04:00
Tad
94f1382077 Updates 2018-07-25 21:56:11 -04:00
Tad
13fd3fab51 fugu fixes 2018-07-22 17:08:22 -04:00
Tad
e3dcb260aa Update CVE Patchers
- and add initial rpi3 support
2018-07-22 09:37:23 -04:00
Tad
b384623f16 Deblobber: TimeKeep replacement fixes
- Still needs more fixes
- 14.1: Also update CVE patcher for motorol_msm8916
2018-07-20 20:06:36 -04:00
Tad
9af1881a89 Many changes
- 15.1: Fix build
- 15.1: Add jfltexx
- 15.1: Add CVE patchers for jf and fugu
- Manifests: Add Intel repos back
- Overlay: Add more default apps to launcher
- Remove more blobs
2018-07-19 22:15:20 -04:00
Tad
3c2fae77d5 Switch DNS to Cloudflare and fixup F-Droid Provisioner
- OpenNIC anycast seems to have disappeared and their main site is also down
2018-07-15 12:33:16 -04:00
Tad
bf1256f182 Final overlay fixes 2018-07-13 22:04:42 -04:00
Tad
df213a8b19 Overlay fixes and F-Droid additional repos prep 2018-07-13 17:43:14 -04:00
Tad
2f50e7c142 Overlay fixes 2018-07-13 01:45:38 -04:00
Tad
91a6b29806 More overlay work 2018-07-13 01:02:41 -04:00
Tad
2ee7a13a80 More overlay work 2018-07-12 22:43:28 -04:00
Tad
2c6ba127d4 More overlay work 2018-07-12 22:29:21 -04:00
Tad
f95b73fe06 More overlay work 2018-07-12 22:19:30 -04:00
Tad
9dec3c7018 More overlay work 2018-07-12 22:12:55 -04:00
Tad
1dc92478ed Many changes
- Drop Copperhead patches
- More overlay work
2018-07-12 22:05:02 -04:00
Tad
39740b384f Drop KitKat (for the third time?) 2018-07-12 21:29:43 -04:00