Git-Mirrors/DivestOS
1
0
Fork 0
mirror of https://github.com/Divested-Mobile/DivestOS-Build.git synced 2024-10-01 01:35:54 -04:00
Code Issues Packages Projects Releases Wiki Activity
1,786 Commits 1 Branch 0 Tags 101 MiB
64e717151a
Commit Graph

196 Commits

Author SHA1 Message Date
Tad
28724c4a6e Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-05-25 22:52:22 -04:00
Tad
2c4caa30a1 Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-05-24 00:36:49 -04:00
Tad
e8bc36af04 Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-05-20 17:16:29 -04:00
Tad
bf7c06105c Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-05-12 22:13:06 -04:00
Tad
675b1a5da0 Churn 
Signed-off-by: Tad <tad@spotco.us>
 2022-05-09 12:56:03 -04:00
Tad
4edfa56f1a Tiny tweak 
Signed-off-by: Tad <tad@spotco.us>
 2022-05-04 11:52:22 -04:00
Tad
b2eb3c01b4 Update CVE patchers 
Newly added CVE-2022-20009 is dupe with CVE-2022-25258 and CVE-2022-25375

Signed-off-by: Tad <tad@spotco.us>
 2022-05-03 23:33:17 -04:00
Tad
3316cc4824 Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-27 07:46:22 -04:00
Tad
3457fd4151 Device cleanup 
Drop long non-compiling devices:
- 14.1: n7100, jellypro
- 15.1: himaul, oneplus2
- 16.0: zenfone3, fugu
- 17.1: yellowstone, fugu
- 18.1: bonito, sargo

Drop in favor of 19.1:
- 17.1: bonito, sargo
- 18.1: pro1, aura, sunfish, coral, flame, bramble, redfin
(experimental, but these devices don't currently appear to have any users)

Signed-off-by: Tad <tad@spotco.us>
 2022-04-26 15:19:57 -04:00
Tad
e666a4a891 Update CVE patchers 
TODO: maybe split CVE-2022-23960/4.9 to get back?

Signed-off-by: Tad <tad@spotco.us>
 2022-04-19 14:38:44 -04:00
Tad
42c9d22de9 Default disable exec spawning 
Change the property too, so it takes effect next update.
Since 16.0 lacks a toggle, this effectively disables the feature for it.
Even devices with 4GB of RAM have usability severely impacted.

Plus some other tweaks/churn

Signed-off-by: Tad <tad@spotco.us>
 2022-04-12 17:58:04 -04:00
Tad
30de608a61 Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-12 02:51:44 -04:00
Tad
b464106cc5 Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-04 15:51:23 -04:00
Tad
01900ca1c6 Reverts 
WebView overlay is breaking boot on 15.1???

This reverts commit e61e288b4a.
 2022-04-01 17:07:27 -04:00
Tad
3f9b346345 Fix boot breakage 
On devices with quota enabled and impacted by this patch

Signed-off-by: Tad <tad@spotco.us>
 2022-04-01 10:30:30 -04:00
Tad
e1f5d99e51 Fixes 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-01 08:16:28 -04:00
Tad
e26908b9e0 Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-03-31 21:30:56 -04:00
Tad
19b03c9ff4 Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-03-28 17:43:48 -04:00
Tad
a56e3a3016 Disable the bionic hardening patchset to fix boot issues 
10+4 devices tested working with bionic hardening patches enabled
but hammerhead and shamu do not boot...

2 of the patches were already found to have issues and disabled
3 other patches were ruled out:
- Stop implicitly marking mappings as mergeable
- Make __stack_chk_guard read-only at runtime
- On 64-bit, zero the leading stack canary byte
Leaves 11+1 patches remaining that need to be tested
But I don't have either of the two known impacted devices.

Signed-off-by: Tad <tad@spotco.us>
 2022-03-19 16:19:00 -04:00
Tad
09353cdcd2 Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-03-18 00:07:18 -04:00
Tad
9ba3a061c6 Tweak 
Signed-off-by: Tad <tad@spotco.us>
 2022-03-14 11:57:34 -04:00
Tad
015799737e Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-03-09 17:16:47 -05:00
Tad
4f75a8272a Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-03-09 11:59:30 -05:00
Tad
902239e2b5 Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-03-08 23:20:43 -05:00
Tad
54dbcd9e43 Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-03-07 19:12:10 -05:00
Tad
ac1e89f0c8 Update CVE patchers [the big fixup] 
This removes many duplicately or wrongly applied patches.

Correctly removed:
- CVE-2011-4132 can apply infinitely
- CVE-2013-2891 can apply infinitely
- CVE-2014-9781 can apply once to fb_cmap_to_user correctly and incorrectly to fb_copy_cmap
- CVE-2015-0571 can apply incorrectly and was disabled in patch repo as a result
- CVE-2016-2475 can apply infinitely
- CVE-2017-0627 can apply infinitely
- CVE-2017-0750 can apply infinitely
- CVE-2017-14875 can apply infinitely
- CVE-2017-14883 can apply infinitely
- CVE-2020-11146 can apply infinitely
- CVE-2020-11608 can apply infinitely
- CVE-2021-42008 can apply infinitely

Questionable (might actually be beneficial to "incorrectly" apply again):
- CVE-2012-6544 can apply once to hci_sock_getsockopt correctly and incorrectly to hci_sock_setsockopt
- CVE-2013-2898 can apply once to sensor_hub_get_feature correctly and incorrectly to sensor_hub_set_feature
- CVE-2015-8575 can apply once to sco_sock_bind correctly and incorrectly to sco_sock_connect
- CVE-2017-8281 can apply once to diagchar_ioctl correctly and incorrectly to diagchar_compat_ioctl
- CVE-2019-10622 can apply once	to qdsp_cvp_callback correctly and incorrectly to qdsp_cvs_callback
- CVE-2019-14104 can apply once to cam_context_handle_start/stop_dev and incorrectly to cam_context_handle_crm_process_evt and cam_context_handle_flush_dev

Other notes:
- CVE-2016-6693 can be applied again if it was already applied in combination with CVE-2016-6696
  then the dupe check will fail and mark CVE-2016-6696 as already applied, effectively reverting it.
  This was seemingly fixed with a hand merged patch in patch repo.

Wrongly removed:
- CVE-2013-2147 is meant for cciss_ioctl32_passthru but is detected in cciss_ioctl32_big_passthru
- CVE-2015-8746 is meant for nfs_v4_2_minor_ops but is detected in nfs_v4_1_minor_ops
- CVE-2021-Misc2/ANY/0043.patch is meant for WLANTL_RxCachedFrames but is detected in WLANTL_RxFrames

Signed-off-by: Tad <tad@spotco.us>
 2022-03-04 00:42:28 -05:00
Tad
0d0104b4bb Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-03-02 22:57:34 -05:00
Tad
512673d97d Bump marlin/sailfish to 18.1 
Signed-off-by: Tad <tad@spotco.us>
 2022-02-23 13:33:28 -05:00
Tad
8b39498b1c Initial loose versioning work for 4.9 
This applies 4.9 patches to 4.4 and 3.18 now that 4.4 is EOL

Untested, but looks mild

Signed-off-by: Tad <tad@spotco.us>
 2022-02-22 13:44:47 -05:00
Tad
5245109cc1 Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-02-19 23:22:19 -05:00
Tad
a38d544f8b 18.1: small fixes 
Signed-off-by: Tad <tad@spotco.us>
 2022-02-12 07:32:29 -05:00
Tad
48b009a02e Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-02-12 06:56:28 -05:00
Tad
55cdea3c9b 17.1: small fixes 
Signed-off-by: Tad <tad@spotco.us>
 2022-02-11 14:05:14 -05:00
Tad
ee0bd8625f Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-02-07 14:43:05 -05:00
Tad
0a664cc22c Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-02-03 21:12:02 -05:00
Tad
c0aac415aa Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-01-29 09:35:59 -05:00
Tad
6864156bd6 Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-01-20 22:22:22 -05:00
Tad
dbd2a71722 Update CVE patchers 
Hopefully fixes boot breakage

Signed-off-by: Tad <tad@spotco.us>
 2022-01-17 01:23:10 -05:00
Tad
6ec0c63126 Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-01-13 11:08:22 -05:00
Tad
208c7800c8 Fixup 
Signed-off-by: Tad <tad@spotco.us>
 2022-01-12 17:44:18 -05:00
Tad
ce6ee9d8e4 Update CVE patchers 
CVE-2021-0961 should be fine now

Signed-off-by: Tad <tad@spotco.us>
 2022-01-11 05:41:26 -05:00
Tad
b9c7839110 Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-01-11 01:19:31 -05:00
Tad
8a45dc4696 18.1: Device additions 
h910
lavender
pioneer, voyager, discovery
akari, aurora, xz2c

Signed-off-by: Tad <tad@spotco.us>
 2022-01-06 21:04:17 -05:00
Tad
b05823bb20 Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-01-04 21:00:25 -05:00
Tad
e08349a202 Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2021-12-29 11:51:58 -05:00
Tad
68771721d5 Update oneplus/sdm845 to 4.8.282 
Signed-off-by: Tad <tad@spotco.us>
 2021-12-29 11:51:52 -05:00
Tad
567c46fdd1 Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2021-12-27 18:00:43 -05:00
Tad
3c1931bcc9 Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2021-12-19 05:15:32 -05:00
Tad
6c38ece551 Update CVE patchers 
User report confirms fixing wifi on lmi

Signed-off-by: Tad <tad@spotco.us>
 2021-12-15 17:10:35 -05:00
Tad
8cf90d055e Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2021-12-11 01:12:41 -05:00
Tad
359ce4608f Small updates 
Signed-off-by: Tad <tad@spotco.us>
 2021-12-07 20:57:54 -05:00
Tad
ed1c151ce5 Update CVE patchers 
CVE-2021-0961/ANY/0001.patch likely causes breakage

Signed-off-by: Tad <tad@spotco.us>
 2021-12-06 17:43:34 -05:00
Tad
202f70b980 Final import of loose versioning work 
Untested, but likely works.

Signed-off-by: Tad <tad@spotco.us>
 2021-12-02 02:47:27 -05:00
Tad
b9929ea959 18.1: (extreme) loose versioning work [untested] 
Signed-off-by: Tad <tad@spotco.us>
 2021-11-28 01:24:39 -05:00
Tad
62166d1ea5 Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2021-11-26 11:54:59 -05:00
Tad
df3b54fa20 Fixup camera on flox 
Camera works in OpenCamera, but it can't actually take pictures.
Switch to Camera2 instead, tested pictures and videos working.

Also fixup compile issue with oneplus/msm8998-common
And refresh some patchers

Signed-off-by: Tad <tad@spotco.us>
 2021-11-15 18:01:27 -05:00
Tad
b8f5d8a510 Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2021-11-12 11:51:02 -05:00
Tad
3e62262e88 Small fixup 
Signed-off-by: Tad <tad@spotco.us>
 2021-11-07 13:37:37 -05:00
Tad
e882cf16c7 Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2021-11-06 18:47:57 -04:00
Tad
f2b9eb8e8b Small tweaks 
Signed-off-by: Tad <tad@spotco.us>
 2021-11-06 11:22:43 -04:00
Tad
f7295a0f74 Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2021-11-02 23:50:35 -04:00
Tad
f3277f3c07 Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2021-11-02 12:01:36 -04:00
Tad
ec043e961e Update CVE patchers 
CVE-2021-20317 might need to be disabled due to QC timer breakage.

Signed-off-by: Tad <tad@spotco.us>
 2021-10-27 15:26:53 -04:00
Tad
e6beba4b15 Small tweaks 
Sad churn from git version.
Will be removed next build cycle.

Signed-off-by: Tad <tad@spotco.us>
 2021-10-27 14:16:37 -04:00
Tad
0c793835da Expand the available Private DNS options 
Signed-off-by: Tad <tad@spotco.us>
 2021-10-22 18:33:06 -04:00
Tad
a0918b5222 18.1: add z2_plus 
Signed-off-by: Tad <tad@spotco.us>
 2021-10-22 13:37:53 -04:00
Tad
70b96aa211 Update oneplus/sdm845 from 4.9.227 to 4.9.277 
Pulls us into August 2021

Tested working:
- boot
- usb mtp
- wifi
- bluetooth
- cameras
- audio
- gps
- brightness

Signed-off-by: Tad <tad@spotco.us>
 2021-10-21 00:12:59 -04:00
Tad
5d7d710076 Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2021-10-20 15:01:18 -04:00
Tad
df60bfceda Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2021-10-13 12:20:44 -04:00
Tad
d5d3846f2c Small tweaks 
Signed-off-by: Tad <tad@spotco.us>
 2021-10-10 19:44:59 -04:00
Tad
939c6aa7ed Small tweaks 
Signed-off-by: Tad <tad@spotco.us>
 2021-10-07 20:07:49 -04:00
Tad
f2e1d32eba Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2021-10-06 16:54:45 -04:00
Tad
59bd09a807 Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2021-10-05 14:44:23 -04:00
Tad
5658b56424 Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2021-10-03 20:00:52 -04:00
Tad
27fe558b76 Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2021-09-29 16:47:50 -04:00
Tad
35372142ed Small tweak 
Signed-off-by: Tad <tad@spotco.us>
 2021-09-25 20:24:14 -04:00
Tad
f5a58bd35f Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2021-09-23 20:56:00 -04:00
Tad
83efa5fe7d Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2021-09-18 13:43:41 -04:00
Tad
3bb1199c34 Small fix 
Signed-off-by: Tad <tad@spotco.us>
 2021-09-14 09:16:17 -04:00
Tad
bf5d9bc778 Small tweaks 
- disable disablement of PROC_PAGE_MONITOR to fix memory stats calculation
- enable slub_nomerge, similar to slab_nomerge for pre 3.18 kernels
  slub_nomerge was already default enabled on many 3.10 devices via:
  0006-AndroidHardening-Kernel_Hardening/3.10/0010.patch

Signed-off-by: Tad <tad@spotco.us>
 2021-09-13 10:39:33 -04:00
Tad
907dc0f040 Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2021-09-11 16:06:57 -04:00
Tad
0ade46cc8e Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2021-09-07 16:57:15 -04:00
Tad
e0d300a651 Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2021-09-03 22:52:24 -04:00
Tad
f77971d38f Small tweaks 
Signed-off-by: Tad <tad@spotco.us>
 2021-08-31 20:53:17 -04:00
Tad
792cb89ed7 Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2021-08-26 12:17:46 -04:00
Tad
0dbabac59a Update CVE patchers 
Maybe breakage?

Signed-off-by: Tad <tad@spotco.us>
 2021-08-23 15:27:53 -04:00
Tad
c0debe55c4 Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2021-08-18 08:54:30 -04:00
Tad
de22605785 18.1: add sunfish, bramble, and redfin 
Signed-off-by: Tad <tad@spotco.us>
 2021-08-14 04:52:08 -04:00
Tad
4ae1402229 Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2021-08-13 23:54:19 -04:00
Tad
79132fddef Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2021-08-13 11:07:07 -04:00
Tad
0b4ad0e7cc 18.1: add raphael, lmi, alioth 
+ verity fixes
+ 16.0: drop beryllium, 18.1 builds now
+ deblob: better handle device makefiles

Signed-off-by: Tad <tad@spotco.us>
 2021-08-09 20:54:44 -04:00
Tad
2d468d9da2 Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2021-08-09 14:44:48 -04:00
Tad
3f311f84ad Changes 
- WebView update
- 14.1: drop osprey, tested compiling on 17.1
- comment updates
- small patcher fixes

Signed-off-by: Tad <tad@spotco.us>
 2021-08-06 18:36:57 -04:00
Tad
2db8ac7c70 Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2021-08-04 14:57:55 -04:00
Tad
9e548cabf5 Fixup 3d69ad87 
Tested to compile bacon, ether, and griffin kernels

Signed-off-by: Tad <tad@spotco.us>
 2021-08-03 18:46:38 -04:00
Tad
3d69ad873e \"\'FIXES\'\" PART 2 
There will likely be some breakage here.
Many of these patches have been here since the start and never used.

Signed-off-by: Tad <tad@spotco.us>
 2021-08-03 15:14:02 -04:00
Tad
4fae8d0445 Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2021-08-03 12:37:28 -04:00
Tad
2c05482872 Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2021-07-31 09:17:08 -04:00
Tad
702ea9c91f Move FP3 to 18.1 
Signed-off-by: Tad <tad@spotco.us>
 2021-07-30 11:55:03 -04:00
Tad
914bed8556 Reimplement fe6f8537 
LTE tested working with hybrid 33-107 modem.
Phone calls drop to HSPA as expected.
No issues if using stock modem either compared to without this patch.

In my area, without this patch, my makos are useless cell-wise.

Gives extra life to the Nexus 4.

Signed-off-by: Tad <tad@spotco.us>
 2021-07-29 15:25:05 -04:00