DivestOS

mirror of https://github.com/Divested-Mobile/DivestOS-Build.git synced 2024-10-01 01:35:54 -04:00

Author	SHA1	Message	Date
Tad	ad8e5b631a	16.0+17.1: Extra July ASB backport from @MSe1969 Signed-off-by: Tad <tad@spotco.us>	2023-07-09 14:49:51 -04:00
Tad	293f97d678	16.0 July ASB work Signed-off-by: Tad <tad@spotco.us>	2023-07-07 17:24:47 -04:00
Tad	4db68c3de1	Fixup `b92655da` Signed-off-by: Tad <tad@spotco.us>	2023-07-07 15:28:55 -04:00
Tad	b92655dac4	17.1 July ASB work Signed-off-by: Tad <tad@spotco.us>	2023-07-07 14:17:23 -04:00
Tad	a1a3cbb94e	Fix overlay conflicts Should mostly fix https://github.com/Divested-Mobile/DivestOS-Build/issues/219 Signed-off-by: Tad <tad@spotco.us>	2023-07-06 14:51:40 -04:00
Tad	c4666a33b7	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2023-07-05 19:42:40 -04:00
Tad	4282c7c35f	Backports of `0f4044e2` to 17.1/18.1/19.1 Also don't grant any special location permissions Signed-off-by: Tad <tad@spotco.us>	2023-07-03 15:17:56 -04:00
Tad	2e2ac4557d	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2023-06-26 19:41:11 -04:00
Tad	cda898f141	Certificate Authority store updates - Remove some untrustworthy CAs - Update CA store for all branches to aosp/e302aa968334b3c3fc9cd709a7c7661e0cf534eb Signed-off-by: Tad <tad@spotco.us>	2023-06-17 15:13:54 -04:00
Tad	41e2669884	17.1: switch to flamefire's ASB topics This gets us ~9 extra patches Signed-off-by: Tad <tad@spotco.us>	2023-06-17 15:13:46 -04:00
Tad	a07133a064	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2023-06-16 11:03:46 -04:00
Tad	8c7f3daa00	15.1+16.0 June ASB work Signed-off-by: Tad <tad@spotco.us>	2023-06-10 05:16:45 -04:00
Tad	67dd049bf6	17.1 June ASB work Note: 358555 is prone to mismerge Signed-off-by: Tad <tad@spotco.us>	2023-06-09 23:42:54 -04:00
Tad	2ee99fe3ef	Update CVE patchers CVE-2020-36694 appears to be a duplicate of CVE-2021-29650 Signed-off-by: Tad <tad@spotco.us>	2023-06-01 21:12:08 -04:00
Tad	59bda0360e	Fixes Signed-off-by: Tad <tad@spotco.us>	2023-05-30 13:59:28 -04:00
Tad	8463705798	Update CVE patchers - Includes CVE-2023-32233 fixes for more devices - Upstream has reverted the LVT patches, maybe consider handling them Signed-off-by: Tad <tad@spotco.us>	2023-05-22 20:33:47 -04:00
Tad	cd0a29d69b	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2023-05-12 23:28:44 -04:00
Tad	8503986acb	17.1 May ASB work Signed-off-by: Tad <tad@spotco.us>	2023-05-07 14:29:54 -04:00
Tad	6d2a255eef	Remove User-Agent (and serial) from source built libloc Signed-off-by: Tad <tad@spotco.us>	2023-05-05 22:27:27 -04:00
Tad	c544c28b94	Prevent Qualcomm location stack from reading chipset serial number The deblobber already removes xtra-daemon which is what actually performs the requests. This is just extra sanctity. Signed-off-by: Tad <tad@spotco.us>	2023-05-03 21:41:20 -04:00
Tad	366b4eb5ef	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2023-05-02 18:01:39 -04:00
Tad	39b0c9e036	Remove broken emoji updates Signed-off-by: Tad <tad@spotco.us>	2023-05-02 15:31:57 -04:00
Tad	7b2eb1079a	Update emoji list in LatinIME too and disable tested not working on 15.1 shows as cross boxes or double characters Signed-off-by: Tad <tad@spotco.us>	2023-04-29 16:56:13 -04:00
Tad	86b7525400	Update the emojis, untested Signed-off-by: Tad <tad@spotco.us>	2023-04-29 16:17:00 -04:00
Tad	91ec03f096	Fixup davinci Signed-off-by: Tad <tad@spotco.us>	2023-04-29 11:17:32 -04:00
Tad	e7d8f7598b	17.1 extra backports, credit @Flamefire Includes 2 extra patches from https://github.com/Flamefire/android_device_sony_lilac/tree/lineage-17.1/patches/asb-2023-04 Santiy checked patches against https://github.com/Flamefire/android_device_sony_lilac/tree/lineage-17.1/patches/asb-2023-03 Signed-off-by: Tad <tad@spotco.us>	2023-04-29 11:17:21 -04:00
Tad	ab4eceb830	17.1 April ASB work Signed-off-by: Tad <tad@spotco.us>	2023-04-28 17:17:54 -04:00
Tad	47136145e5	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2023-04-23 23:20:36 -04:00
Tad	9ba61642de	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2023-04-17 23:19:28 -04:00
Tad	aad60b7567	Promotions 16.0 santoni/land to 20.0 Mi8937 unified 17.1 griffin to 18.1 17.1 star*/crownlte to 20.0 20.0 add pro1x Signed-off-by: Tad <tad@spotco.us>	2023-04-17 21:36:49 -04:00
Tad	2cc87c4dc7	Switch fingerprint locked to 5 attempts instead of 3 + churn Signed-off-by: Tad <tad@spotco.us>	2023-04-12 15:26:26 -04:00
Tad	9a97c7013b	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2023-04-05 12:43:36 -04:00
Tad	4435c200ed	15.1+: vCard 4.0 support from GrapheneOS `8fbeedd002` Fixes https://github.com/Divested-Mobile/DivestOS-Build/issues/202 Signed-off-by: Tad <tad@spotco.us>	2023-04-04 12:50:42 -04:00
Tad	750f244304	Updates, logging, and churn also add an extra March ASB patch for 17.1 Signed-off-by: Tad <tad@spotco.us>	2023-03-31 12:38:46 -04:00
Tad	ca93ef33ce	Slightly improve compatibility with apps that want GSF `38a5ca05e9` Signed-off-by: Tad <tad@spotco.us>	2023-03-28 23:45:58 -04:00
Tad	9039ae3ed1	17 extra March patch Signed-off-by: Tad <tad@spotco.us>	2023-03-28 23:42:28 -04:00
Tad	2907be1be5	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2023-03-28 00:48:08 -04:00
Tad	fe80137df9	Don't remove CompanionDeviceManager Used by some wearables, not just Android Wear Closes https://github.com/Divested-Mobile/DivestOS-Build/issues/196 Signed-off-by: Tad <tad@spotco.us>	2023-03-25 20:21:38 -04:00
Tad	61a3892314	Drop devices working on 20.0 Removes: - 19.1: mata and FP3 - 17.1: avicii all above tested/reported working on 20.0 Signed-off-by: Tad <tad@spotco.us>	2023-03-25 17:04:25 -04:00
Tad	44fa294eca	17.1 March ASB work Signed-off-by: Tad <tad@spotco.us>	2023-03-21 15:01:12 -04:00
Tad	ec38522af9	Churn Signed-off-by: Tad <tad@spotco.us>	2023-03-18 20:52:59 -04:00
Tad	8bcb5c734d	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2023-03-17 19:27:22 -04:00
Tad	38626e1b0c	Picks + Fixes Signed-off-by: Tad <tad@spotco.us>	2023-03-14 16:58:27 -04:00
Tad	162b40a39d	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2023-03-13 18:13:54 -04:00
Tad	fd1becb8c4	20.0: bringup avicii Signed-off-by: Tad <tad@spotco.us>	2023-03-08 17:29:58 -05:00
Tad	ef2fdb1d3e	More handling improvements Signed-off-by: Tad <tad@spotco.us>	2023-03-08 16:14:51 -05:00
Tad	0b294c1601	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2023-03-08 16:01:49 -05:00
Tad	5d0ab40f0b	Robustness improvements Signed-off-by: Tad <tad@spotco.us>	2023-03-08 01:14:06 -05:00
Tad	6ba784ac33	Some actual error handling 1/n Signed-off-by: Tad <tad@spotco.us>	2023-03-08 00:03:23 -05:00
Tad	097019193e	Don't bail when devices are missing Signed-off-by: Tad <tad@spotco.us>	2023-03-07 23:41:27 -05:00
Tad	804786aa23	Update CVE patchers Fixes https://github.com/Divested-Mobile/DivestOS-Build/issues/193 Signed-off-by: Tad <tad@spotco.us>	2023-03-06 19:54:15 -05:00
Tad	b8f39716f1	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2023-02-26 12:21:36 -05:00
Tad	9f82763c53	Churn Signed-off-by: Tad <tad@spotco.us>	2023-02-17 23:57:04 -05:00
Tad	e9f58cfd3c	VPN fixes Some devices still don't have these in 2023 https://gitlab.com/LineageOS/issues/android/-/issues/2193 Note, the following still aren't patched: 15.1 kernel/google/msm kernel/lge/hammerhead 16.0 kernel/cyanogen/msm8974 kernel/lge/hammerhead 18.1 kernel/motorola/msm8974 Signed-off-by: Tad <tad@spotco.us>	2023-02-12 21:34:23 -05:00
Tad	a845f59546	Fixup persistent IPv6 privacy address issue + churn Backports of rfc4941bis from Google/Linaro and workaround for legacy kernels from GrapheneOS already has rfc4941bis patch: fairphone_sdm632 google_gs101 google_gs201 google_msm-4.14 google_msm-4.9 google_redbull oneplus_sdm845 razer_sdm845 xiaomi_sdm845 Signed-off-by: Tad <tad@spotco.us>	2023-02-11 20:26:24 -05:00
Tad	62b2318078	Backports + Picks Signed-off-by: Tad <tad@spotco.us>	2023-02-11 19:20:28 -05:00
Tad	3047b3b269	Fixup kipper & starlte Signed-off-by: Tad <tad@spotco.us>	2023-02-10 08:19:23 -05:00
Tad	0e9599af6d	Fixup Signed-off-by: Tad <tad@spotco.us>	2023-02-09 22:46:42 -05:00
Tad	fa067a3f89	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2023-02-06 23:06:34 -05:00
Tad	19d5f73b50	Remove silly carrier restrictions Signed-off-by: Tad <tad@spotco.us>	2023-02-03 22:17:13 -05:00
Tad	dc853bfdae	WebView: Switch to dedicated package name And remove the F-Droid repo for it, will be moved to the 'DivestOS Official' repo This simplifies release management and also allows other systems to benefit from the repo Downside is users who don't update to this build won't receive any updates for it anymore Signed-off-by: Tad <tad@spotco.us>	2023-02-02 17:17:30 -05:00
Tad	20c4e75fe1	Fixes Signed-off-by: Tad <tad@spotco.us>	2023-02-01 18:30:29 -05:00
Tad	4f6e21d7f9	Deduplicate Defaults.sh Signed-off-by: Tad <tad@spotco.us>	2023-02-01 15:57:13 -05:00
Tad	af3fe9776b	Small updates Signed-off-by: Tad <tad@spotco.us>	2023-02-01 15:19:21 -05:00
Tad	1511176a07	Update CVE patchers Maybe some breakage Signed-off-by: Tad <tad@spotco.us>	2023-01-28 20:33:44 -05:00
Tad	3231979ef4	Churn Signed-off-by: Tad <tad@spotco.us>	2023-01-24 20:55:42 -05:00
Tad	da1df44c8f	GrapheneOS kernel hardening patches update Maybe some compile breakage Signed-off-by: Tad <tad@spotco.us>	2023-01-24 19:03:01 -05:00
Tad	e81cd5586d	Add even more captive portal servers + sorting TODO: apply to other branches Signed-off-by: Tad <tad@spotco.us>	2023-01-23 16:42:00 -05:00
Tad	9558a7d0e9	Switch to the Broadcom PSDS server for Pixel 6/7 series Instead of agnss.goog cache Based off of a patch from GrapheneOS Signed-off-by: Tad <tad@spotco.us>	2023-01-21 04:08:26 -05:00
Tad	ad466bd3e4	Various changes - 17.1: Add more captive portal server options like 18.1+, disabled: needs fixes - 17.1: Add the hosts toggle like 18.1+ - 18.1: fix junk in patch - 17.1+: hosts toggle: bugfix: fixup localhost handling by switching to strcmp - 15.1: fixes to get hmalloc to compile, does NOT boot Signed-off-by: Tad <tad@spotco.us>	2023-01-20 18:59:02 -05:00
Tad	91807acf21	various small fixes - loose versioning fixes for 4.9 - remove GPG commit verification for GOS repos, they use SSH now. TODO: support that - 20.0: fixup AudioFX stray lines - 20.0: broken fix for gs101/201 stray iwlan lines Signed-off-by: Tad <tad@spotco.us>	2023-01-18 20:02:11 -05:00
Tad	5ce2d33162	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2023-01-18 14:13:33 -05:00
Tad	2153422bb0	Potentially unbreak video playback on vayu, davinci, guacamole, and hotdog. Signed-off-by: Tad <tad@spotco.us>	2023-01-13 21:27:18 -05:00
Tad	b82427ce5b	Conservative reverse loose versioning for 3.10 This applies 3.4 patches to 3.10 if no other match is available Note: CVE-2017-13245/3.4/0002.patch ends up applied over CVE-2018-10902/3.18/0003.patch Signed-off-by: Tad <tad@spotco.us>	2023-01-13 15:51:46 -05:00
Tad	14f40e024f	Update CVE patchers This adds loose versioning applying 4.14 patches to 4.9 Signed-off-by: Tad <tad@spotco.us>	2023-01-13 13:23:12 -05:00
Tad	10c1d825c2	Revert `e10d4b17` 17.1 is plagued with the same issue, no reason to use it Signed-off-by: Tad <tad@spotco.us>	2023-01-07 11:17:21 -05:00
Tad	efa31534a9	Picks Signed-off-by: Tad <tad@spotco.us>	2023-01-07 10:52:03 -05:00
Tad	f2d87b1e81	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2023-01-03 20:18:40 -05:00
Tad	06eed1fba9	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-12-31 21:41:46 -05:00
Tad	e10d4b1799	17.1: restore m8 18.1 has some display artifacting issues and hangs Signed-off-by: Tad <tad@spotco.us>	2022-12-28 14:38:05 -05:00
Tad	06254708be	Many fixes to get bluejay booting & working proper - Enable APEX for Pixel 6/7, necessary for camera and pKVM - Also drop hack removing pKVM for Pixel 6/7 - patch from GrapheneOS - Extend hmalloc workaround to /apex - Deblobber: - actually handle wildcard f/w/b overlays - move some stuff around - remove some more Pixel blobs - flag and disable removal of camera extensions, being able to use the second camera is nice - Adjust what hardenDefconfig disables, caused boot issues minimal impact as most of these are already default-disabled can be narrowed down in future - Disable some of the bionic hardening patches, causing more boot issues annoying to lose, but having a phone that boots is more important - Add LTE only mode to 17.1, 18.1, 19.1, and 20.0, credit GrapheneOS - Remove Pixel 2 ramdisk compression reverts, fixed upstream And yes, I know I should've split up this commit... Signed-off-by: Tad <tad@spotco.us>	2022-12-25 13:21:37 -05:00
Tad	7d6b8e3aeb	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-12-22 11:33:47 -05:00
Tad	b5bc269743	SBC dualchannel picks Signed-off-by: Tad <tad@spotco.us>	2022-12-18 21:47:22 -05:00
Tad	7277291dd7	Churn Signed-off-by: Tad <tad@spotco.us>	2022-12-18 21:46:00 -05:00
Tad	03293f6b52	Fixup Messy, but better to have CVE-2022-42896 applied to some 3.18 kernels Signed-off-by: Tad <tad@spotco.us>	2022-12-17 00:42:25 -05:00
Tad	c2fc228f3b	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-12-16 22:06:13 -05:00
Tad	abb616d2f3	Updates Signed-off-by: Tad <tad@spotco.us>	2022-12-09 17:23:20 -05:00
Tad	ce47fdae34	Small updates + Picks Signed-off-by: Tad <tad@spotco.us>	2022-12-07 18:41:50 -05:00
Tad	a62922e72d	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-12-06 15:00:40 -05:00
Tad	038fca449b	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-11-30 08:28:40 -05:00
Tad	c4fe56a307	Update CVE patchers This fixes CVE-2018-9422 which was primarily added via `b56fabac` May still need to be fixed: 16.0/kernel_google_yellowstone 16.0/kernel_xiaomi_msm8937 Signed-off-by: Tad <tad@spotco.us>	2022-11-21 08:39:10 -05:00
Tad	9d1efb33c3	More 14.1 picks + 15.1 November ASB work Signed-off-by: Tad <tad@spotco.us>	2022-11-13 23:21:41 -05:00
Tad	b81d39c969	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-11-11 16:05:22 -05:00
Tad	27395374e1	Fixup + Churn Signed-off-by: Tad <tad@spotco.us>	2022-11-11 13:54:57 -05:00
Tad	8bfedda18b	14/15/16: Fix compile failure with modern kernels https://android-review.googlesource.com/c/platform/art/+/2226578 https://groups.google.com/g/Android-building/c/ZfUQQWt_ABI Signed-off-by: Tad <tad@spotco.us>	2022-11-10 18:26:36 -05:00
Tad	ac3dc319c7	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-11-07 15:51:17 -05:00
Tad	7fb334d825	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-11-03 13:25:38 -04:00
Tad	c051cb282d	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-10-22 21:39:01 -04:00
Tad	1338c24d9b	Disable CarrierConfig and carrier_list changes I've had reports of non-functional SIM and reboots with select carriers on this last update Signed-off-by: Tad <tad@spotco.us>	2022-10-20 19:42:01 -04:00
Tad	148df59b7e	Cleanup: Drop UnifiedNlp, FDroidPrivExt, and Silence These haven't been included for a while +remove some old cruft from 20.0 Signed-off-by: Tad <tad@spotco.us>	2022-10-19 12:15:24 -04:00
Tad	0c4db149e1	20.0: Network & Sensors permission from GrapheneOS This revokes the permissions to all user installed apps on update. Likely an expected quirk of being on 20.0 without the permission. 19.1 upgrades and new 20.0 installs should be fine. TODO: update 19.1 with the SpecialRuntimePermAppUtils too Signed-off-by: Tad <tad@spotco.us>	2022-10-18 22:14:56 -04:00
Tad	055ed9bfad	20.0: Initial bringup Signed-off-by: Tad <tad@spotco.us>	2022-10-15 10:39:48 -04:00
Tad	2acd454f13	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-10-13 23:42:20 -04:00
Tad	2166491d5d	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-10-12 17:11:06 -04:00
Tad	e7968e1269	Picks + Churn Signed-off-by: Tad <tad@spotco.us>	2022-10-09 16:35:12 -04:00
Tad	bf66d5db45	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-10-03 20:59:55 -04:00
Tad	348b392f03	Picks Signed-off-by: Tad <tad@spotco.us>	2022-10-03 10:24:04 -04:00
Tad	d78121a1c0	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-10-03 10:22:17 -04:00
Tad	598d78bb61	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-09-25 13:49:45 -04:00
Tad	25568706e1	Various - Add back the SIM ToolKit app - 17.1: CarrierConfig testing - 19.1: Enable op5 firmware inclusion, needs testing - Don't disable coresight bits on op8, breaks compile - 19.1: Add a patch from GrapheneOS to display/share logs when a crash happens Signed-off-by: Tad <tad@spotco.us>	2022-09-23 22:53:12 -04:00
Tad	411fcc08e1	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-09-15 14:11:58 -04:00
Tad	eb200546ea	17.1+: Update carrier configs for improved compatibility CarrierConfig@c2819f8 TelephonyProvider@af5c1386 Signed-off-by: Tad <tad@spotco.us>	2022-09-14 14:58:01 -04:00
Tad	ec42acceb6	Various fixes from GrapheneOS Signed-off-by: Tad <tad@spotco.us>	2022-09-13 10:24:26 -04:00
Tad	e2b314da3c	15.1+16.0: September 2022 ASB picks 16.0 backports thanks to MSe1969 as usual: https://github.com/lin16-microg/android_system_bt/commits/lineage-16.0 - last 3 commits https://github.com/lin16-microg/android_frameworks_base/commits/lineage-16.0 - last 4 commits https://github.com/lin16-microg/android_external_expat/commits/lineage-16.0 - last 4 commits Signed-off-by: Tad <tad@spotco.us>	2022-09-10 18:32:25 -04:00
Tad	e5eb67f77d	Picks Signed-off-by: Tad <tad@spotco.us>	2022-09-08 16:07:23 -04:00
Tad	2bc43f195c	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-09-07 10:04:28 -04:00
Tad	b6e9f50cb5	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-09-04 14:05:36 -04:00
Tad	86ed884251	More verification Signed-off-by: Tad <tad@spotco.us>	2022-08-26 23:14:15 -04:00
Tad	3618774d9f	GPG verification for all platform repositories Signed-off-by: Tad <tad@spotco.us>	2022-08-26 22:40:27 -04:00
Tad	da15dc05d5	Fixup Signed-off-by: Tad <tad@spotco.us>	2022-08-26 14:00:52 -04:00
Tad	adb61b0fb2	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-08-26 12:15:45 -04:00
Tad	d8d8e457a1	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-08-21 10:44:12 -04:00
Tad	7918347d1c	Updates - Add a script to update commons like APNs, VVM configs, and contributors cloud - Add the latest contributors cloud to all branches - Update wireless-regdb to 2022.08.12 release - Add some shell opts to some scripts Signed-off-by: Tad <tad@spotco.us>	2022-08-15 16:37:42 -04:00
Tad	8b67d5c41e	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-08-10 22:02:37 -04:00
Tad	12c56938cb	Improve CVE-2021-1048 patching on 3.x kernels It is still actively being used by malware. This largely handles 3.0, 3.4, and 3.10 kernels. It works for select 3.18 kernels too. TODO: need alternate get_file_rcu backport for the following: 15.1/lge_msm8996 15.1/zte_msm8996 16.0/xiaomi_msm8937 17.1/motorola_msm8996 18.1/google_marlin 18.1/lge_msm8996 18.1/oneplus_msm8996 Signed-off-by: Tad <tad@spotco.us>	2022-08-09 21:39:25 -04:00
Tad	31a67f054d	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-08-04 11:12:40 -04:00
Tad	933f33ba6b	Cherrypicks Signed-off-by: Tad <tad@spotco.us>	2022-08-04 09:57:11 -04:00
Tad	178f01958d	Cherrypicks Signed-off-by: Tad <tad@spotco.us>	2022-08-02 19:39:09 -04:00
Tad	2b299c1aff	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-07-21 21:28:26 -04:00
Tad	1d64c759a5	Fixes Signed-off-by: Tad <tad@spotco.us>	2022-07-10 00:31:44 -04:00
Tad	d3632c25ce	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-07-07 21:47:59 -04:00
Tad	22f915cc3e	Cherrypicks Signed-off-by: Tad <tad@spotco.us>	2022-07-07 18:59:37 -04:00
Tad	2c27a88a24	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-07-06 19:22:21 -04:00
Tad	7b8ef09540	Update CVE patchers Effectively no changes Signed-off-by: Tad <tad@spotco.us>	2022-07-04 18:30:09 -04:00
Tad	ac645dd62e	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-06-28 11:32:05 -04:00
Tad	519a474173	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-06-19 22:44:05 -04:00
Tad	d58279e054	Update wireless-regdb to 2022.06.06 release Signed-off-by: Tad <tad@spotco.us>	2022-06-11 10:17:25 -04:00
Tad	70b8485695	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-06-09 17:59:48 -04:00
Tad	c092b13a44	Restore star*lte Signed-off-by: Tad <tad@spotco.us>	2022-06-08 22:55:00 -04:00
Tad	2bf84a7643	Increase default max password length to 64, credit GrapheneOS Closes https://github.com/Divested-Mobile/DivestOS-Build/pull/119 Closes https://github.com/Divested-Mobile/DivestOS-Build/issues/27 Signed-off-by: Tad <tad@spotco.us>	2022-06-07 15:33:38 -04:00
Tad	27f8663b00	Tweak Signed-off-by: Tad <tad@spotco.us>	2022-06-06 16:58:55 -04:00
Tad	697bed18fb	17.1+18.1: Drop all devices working on 19.1 Signed-off-by: Tad <tad@spotco.us>	2022-06-04 14:26:44 -04:00
Tad	899ea17d4e	Add the missing page sanitization to 3.18 kernels All along they only had slub sanization :( Signed-off-by: Tad <tad@spotco.us>	2022-06-04 12:00:01 -04:00
Tad	92c66447f8	Drop slub_debug What is lost? - sanity checks and redzoning on all devices - redzoning reportedly however causes issues on some devices such as the Pixel 3/4 and OnePlus 7 - slub sanization on 3.0, 3.4, 4.4 (except google/wahoo), xiaomi/sm6150, and oneplus/sm7250 Note: all 3.4+ devices still have page sanization Signed-off-by: Tad <tad@spotco.us>	2022-06-03 13:58:17 -04:00
Tad	da63c9e571	Various small patches `7408144e1b` > extend Network/Sensors permission handling for legacy apps not targeting Android 6 > or above (API 23) to resolve a UI issue where the user choosing to grant the > Network/Sensors permissions via the legacy permission review interface doesn't > appear in the Settings app info page `22d32cb61b` suppresses https://github.com/Divested-Mobile/DivestOS-Build/discussions/112 `66f406b979` `3f69205d06` nice to have Signed-off-by: Tad <tad@spotco.us>	2022-06-02 23:17:05 -04:00
Tad	aa61367ace	Tweaks - Disable slub_debug=P for devices with INIT_ON_ALLOC/FREE_DEFAULT_ON - Disable slub_debug=Z due to known breakage - Disable many debug options on Linux 4.x and up - 19.1: fixup missing manifests for vayu :\ Signed-off-by: Tad <tad@spotco.us>	2022-06-02 17:13:20 -04:00
Tad	6d95c231bc	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-05-31 21:29:22 -04:00
Tad	735c9e0de8	Revert `5d57bf13` I don't trust enabling MODULES won't cause weird inane breakage on these legacy devices Signed-off-by: Tad <tad@spotco.us>	2022-05-27 23:46:57 -04:00
Tad	28724c4a6e	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-05-25 22:52:22 -04:00
Tad	2c4caa30a1	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-05-24 00:36:49 -04:00
Tad	e8bc36af04	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-05-20 17:16:29 -04:00
Tad	64b4bbe075	Disable older devices tested/reported working on 19.1 Signed-off-by: Tad <tad@spotco.us>	2022-05-15 13:16:36 -04:00
Tad	05930af014	Various changes	2022-05-14 21:40:50 -04:00
Tad	3e7b657295	Tweaks Signed-off-by: Tad <tad@spotco.us>	2022-05-13 19:47:43 -04:00
Tad	bf7c06105c	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-05-12 22:13:06 -04:00
Tad	4edfa56f1a	Tiny tweak Signed-off-by: Tad <tad@spotco.us>	2022-05-04 11:52:22 -04:00
Tad	b2eb3c01b4	Update CVE patchers Newly added CVE-2022-20009 is dupe with CVE-2022-25258 and CVE-2022-25375 Signed-off-by: Tad <tad@spotco.us>	2022-05-03 23:33:17 -04:00
Tad	65883d9bc4	2022 Signed-off-by: Tad <tad@spotco.us>	2022-05-01 01:13:49 -04:00
Tad	3316cc4824	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-04-27 07:46:22 -04:00
Tad	3457fd4151	Device cleanup Drop long non-compiling devices: - 14.1: n7100, jellypro - 15.1: himaul, oneplus2 - 16.0: zenfone3, fugu - 17.1: yellowstone, fugu - 18.1: bonito, sargo Drop in favor of 19.1: - 17.1: bonito, sargo - 18.1: pro1, aura, sunfish, coral, flame, bramble, redfin (experimental, but these devices don't currently appear to have any users) Signed-off-by: Tad <tad@spotco.us>	2022-04-26 15:19:57 -04:00
Tad	13a9997a0c	19.1: aura and beryllium + some fixes Signed-off-by: Tad <tad@spotco.us>	2022-04-26 11:41:28 -04:00
Tad	9a6c7a2684	18.1: Add toggle for /etc/hosts TODO: 19.1 and maybe 17.1 Tested working on klte/18.1 Signed-off-by: Tad <tad@spotco.us>	2022-04-20 16:40:22 -04:00
Tad	1f721c7845	Further credit patches Signed-off-by: Tad <tad@spotco.us>	2022-04-19 23:52:10 -04:00
Tad	c5b1cc9a35	Simplify `8e3f0438` Signed-off-by: Tad <tad@spotco.us>	2022-04-19 20:23:53 -04:00
Tad	e666a4a891	Update CVE patchers TODO: maybe split CVE-2022-23960/4.9 to get back? Signed-off-by: Tad <tad@spotco.us>	2022-04-19 14:38:44 -04:00
Tad	8e3f043820	Warn when running activity from 32 bit app on ARM64 devices. https://android-review.googlesource.com/c/platform/frameworks/base/+/2003790/ https://github.com/GrapheneOS/platform_frameworks_base/pull/182 Signed-off-by: Tad <tad@spotco.us>	2022-04-19 12:00:22 -04:00
Tad	d4dceffa60	Update supported kernels to latest wireless regulations database Applies for ~43 kernel trees Source: wireless-regdb-2022.04.08 Signed-off-by: Tad <tad@spotco.us>	2022-04-19 11:30:57 -04:00
Tad	163a162568	Fix boot animation + churn Signed-off-by: Tad <tad@spotco.us>	2022-04-18 23:04:24 -04:00
Tad	be6b03fe96	Churn Signed-off-by: Tad <tad@spotco.us>	2022-04-13 14:54:08 -04:00
Tad	486e358050	More (disabled) lowram tweaks for <2GB devices The inprocess variants make very little reduction and likely reduce security. Signed-off-by: Tad <tad@spotco.us>	2022-04-12 20:25:26 -04:00
Tad	42c9d22de9	Default disable exec spawning Change the property too, so it takes effect next update. Since 16.0 lacks a toggle, this effectively disables the feature for it. Even devices with 4GB of RAM have usability severely impacted. Plus some other tweaks/churn Signed-off-by: Tad <tad@spotco.us>	2022-04-12 17:58:04 -04:00
Tad	30de608a61	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-04-12 02:51:44 -04:00
Tad	d078b24ddb	lowram tweaks Signed-off-by: Tad <tad@spotco.us>	2022-04-11 23:40:26 -04:00
Tad	d50a3a043b	Switch 16.0/17.1/18.1 to the more robust GrapheneOS sensors permission patchset Like done for 19.1 Signed-off-by: Tad <tad@spotco.us>	2022-04-10 21:12:03 -04:00
Tad	5431edd85b	Fix boot issues on select devices after recent AVB changes alioth, beryllium, davinci, vayu were tested working without this lavender however would not boot lmi was not tested lavender, unlocked, managed to get into some weird broken state that won't even boot after this, not even with Lineage or TWRP :( enchilada/fajita 18.1 use stock vendor and don't boot either enchilada is tested booting again after this Signed-off-by: Tad <tad@spotco.us>	2022-04-09 18:27:48 -04:00
Tad	7da114e755	Tweaks Signed-off-by: Tad <tad@spotco.us>	2022-04-07 11:01:27 -04:00
Tad	a9e250afd9	Cleanup Signed-off-by: Tad <tad@spotco.us>	2022-04-07 00:37:20 -04:00
Tad	3a0659b9d8	19.1: more work, it compiles and boots! - Add the manifest - Add Pixel 2 series - Add some missing patches - More DNS files - Drop Silence in 19.1 Signed-off-by: Tad <tad@spotco.us>	2022-04-05 23:44:15 -04:00
Tad	b464106cc5	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-04-04 15:51:23 -04:00
Tad	6c5a65622c	Page sanitization improvements This ensures init_on_alloc/free is used instead of page poisioning where available. 3.4 through 3.18 have a patch without a toggle for page sanitization. Signed-off-by: Tad <tad@spotco.us>	2022-04-02 12:57:17 -04:00
Tad	01900ca1c6	Reverts WebView overlay is breaking boot on 15.1??? This reverts commit `e61e288b4a`.	2022-04-01 17:07:27 -04:00
Tad	3f9b346345	Fix boot breakage On devices with quota enabled and impacted by this patch Signed-off-by: Tad <tad@spotco.us>	2022-04-01 10:30:30 -04:00
Tad	e1f5d99e51	Fixes Signed-off-by: Tad <tad@spotco.us>	2022-04-01 08:16:28 -04:00
Tad	8dbdc0f31e	Enable Clang's -ftrivial-auto-var-init=zero on 17.1 Just like Android 11+ Signed-off-by: Tad <tad@spotco.us>	2022-03-31 22:04:50 -04:00
Tad	e26908b9e0	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-03-31 21:30:56 -04:00
Tad	e2c499dd24	Enable Clang's -ftrivial-auto-var-init=zero on supported kernels Signed-off-by: Tad <tad@spotco.us>	2022-03-31 21:00:31 -04:00
Tad	f481055ae9	Add the GrapheneOS always randomize MAC option to 17.1 and 18.1 The DHCP state patch was backported to 17.1 Signed-off-by: Tad <tad@spotco.us>	2022-03-29 22:27:09 -04:00
Tad	1bbb6f9b4e	Fix and enable exec_spawning feature This is the missing puzzle piece :) Signed-off-by: Tad <tad@spotco.us>	2022-03-28 22:02:52 -04:00
Tad	19b03c9ff4	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-03-28 17:43:48 -04:00
Tad	8a03e46c7e	Add the exec-spawning toggle from GrapheneOS Tested working on 18.1/klte TODO: backport to 16.0 Signed-off-by: Tad <tad@spotco.us>	2022-03-28 16:14:37 -04:00
Tad	a53062ca0b	Backports Adds ptrace_scope and timeout options to 17.1, tested working Also adds hardened_malloc to 15.1, but failing to compile: external/hardened_malloc/h_malloc.c:1688:18: error: use of undeclared identifier 'M_PURGE' if (param == M_PURGE) { ^ external/hardened_malloc/h_malloc.c:1743:30: error: missing field 'ordblks' initializer [-Werror,-Wmissing-field-initializers] struct mallinfo info = {0}; ^ Signed-off-by: Tad <tad@spotco.us>	2022-03-21 18:06:49 -04:00
Tad	0c33d328b7	Partially re-enable the bionic hardening patchset These uncommented patches have been ruled out, leaving 7 more to test shamu is tested booting with this Signed-off-by: Tad <tad@spotco.us>	2022-03-19 20:25:24 -04:00
Tad	a56e3a3016	Disable the bionic hardening patchset to fix boot issues 10+4 devices tested working with bionic hardening patches enabled but hammerhead and shamu do not boot... 2 of the patches were already found to have issues and disabled 3 other patches were ruled out: - Stop implicitly marking mappings as mergeable - Make __stack_chk_guard read-only at runtime - On 64-bit, zero the leading stack canary byte Leaves 11+1 patches remaining that need to be tested But I don't have either of the two known impacted devices. Signed-off-by: Tad <tad@spotco.us>	2022-03-19 16:19:00 -04:00
Tad	3207cde72e	Small tweaks Signed-off-by: Tad <tad@spotco.us>	2022-03-19 12:41:49 -04:00
Tad	09353cdcd2	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-03-18 00:07:18 -04:00
Tad	1603092c50	Not all kernels have (working) getrandom support hammerhead 16.0 was reported not booting and shamu 18.1 was reported to take ~15+ minutes to boot hammerhead does not have getrandom so it failed immediately shamu does have getrandom BUT it blocks during init meaning it'll wait until the entropy pool slowly fills In tested I did not discovery this I tested on flox/mako/d852/klte/clark/sailfish/mata/cheeseburger/fajita All the newer ones have working getrandom All the older ones included a patch to make getrandom non blocking on init Signed-off-by: Tad <tad@spotco.us>	2022-03-17 13:21:52 -04:00
Tad	a9f6672fed	hardened_malloc fixes for broken devices - enable the patchset for 18.1 - add an ugly patch that extends the Pixel 3* camera workaround to all camera executables Signed-off-by: Tad <tad@spotco.us>	2022-03-16 02:01:19 -04:00
Tad	1df7c7f1d4	Churn Signed-off-by: Tad <tad@spotco.us>	2022-03-15 19:16:19 -04:00
Tad	181519cf38	Add bionic hardening patchsets from GrapheneOS 11 `b3a0c2c5db` 11 `5412c37195` #explicit zero 11 `31456ac632` #brk 11 `58ebc243ea` #random 11 `5323b39f7e` #undefined 11 `6a91d9dddb` #merge 11 `a042b5a0ba` #vla formatting 11 `9ec639de1b` #pthread 11 `49571a0a49` #read only 11 `149cc5ccb8` #zero 11 `2e613ccbe7` #fork mmap 11 `e239c7dff8` #memprot pthread 11 `0b03d92b7f` #xor 11 `de08419b82` #junk 11 `897d4903e2` #guard 11 `648cd68ca3` #ptrhread guard 11 `0bc4dbcbd2` #stack rand 10 `aa9cc05d07` 10 `a8cdbb6352` #explicit zero 10 `b28302c668` #brk 10 `9f8be7d07c` #random 10 `cb91a7ee3a` #undefined 10 `08279e2fdd` #merge 10 `6a18bd565d` #vla formatting 10 `2f392c2d08` #pthread 10 `8bbce1bc50` #read only 10 `725f61db82` #zero 10 `4cd257135f` #fork mmap 10 `9220cf622b` #memprot pthread 10 `8ef71d1ffd` #memprot exit 10 `0eaef1abbd` #xor 10 `64f1cc2148` #junk 10 `5c42a527cf` #guard 10 `5cc8c34e60` #pthread guard 10 `7f61cc8a1c` #stack rand 9 `abdf523d26` 9 `e4b9b31e6f` #explicit zero 9 `a3a22a63d2` #brk 9 `7444dbc3cf` #random 9 `dcd3b72ac9` #undefined 9 `543e1df342` #merge 9 `611e5691f7` #vla formatting 9 `8de97ce864` #pthread 9 `a475717042` #read only 9 `7f0947cc0e` #zero 9 `e9751d3370` #fork mmap 9 `83cd86d0d5` #memprot pthread 9 `1ebb165455` #memprot exit 9 `488ba483cf` #xor 9 `f9351d884b` #junk 9 `85e5bca0a5` #move Signed-off-by: Tad <tad@spotco.us>	2022-03-15 16:56:46 -04:00
Tad	209481c53e	Fix/Add exec based spawning patchsets from GrapheneOS 11 `14c3c1d4cd` `ac1943345e` `1abb805041` `2e07ab8c24` `0044836677` `c561811fad` `7a848373ef` `89646bdeb1` `2a70bbac4a` `d414dcaa35` `b4cd877e3a` `98634286bb` 11 `4c2635390c` 11 `add34a4bc6` 11 `a2b51906de` 10 `527787f3c8` `ffde474ad7` `aa87e487c4` `c906fe9722` `c69c3eecd4` `b2303adccc` `5bb05db6f7` `536b497688` `24802a832b` `ce6dcc2368` `3d3d5c4d38` `2eda592b79` 10 `29f28b53c0` 10 `13a992c716` 9 `750efbf6bc` `ed563b6f26` `aad3c7d750` `da3180f9a8` `68773a29b7` `283b3fa09c` `f133136b65` `01a01ce5f6` `17c309c098` `8806ec3ef1` Signed-off-by: Tad <tad@spotco.us>	2022-03-15 15:55:13 -04:00

... 2 3 4 5 6 ...

682 Commits