- Includes CVE-2023-32233 fixes for more devices
- Upstream has reverted the LVT patches, maybe consider handling them
Signed-off-by: Tad <tad@spotco.us>
The deblobber already removes xtra-daemon which is what actually performs the requests.
This is just extra sanctity.
Signed-off-by: Tad <tad@spotco.us>
Some devices still don't have these in 2023
https://gitlab.com/LineageOS/issues/android/-/issues/2193
Note, the following still aren't patched:
15.1
kernel/google/msm
kernel/lge/hammerhead
16.0
kernel/cyanogen/msm8974
kernel/lge/hammerhead
18.1
kernel/motorola/msm8974
Signed-off-by: Tad <tad@spotco.us>
Backports of rfc4941bis from Google/Linaro
and workaround for legacy kernels from GrapheneOS
already has rfc4941bis patch:
fairphone_sdm632
google_gs101
google_gs201
google_msm-4.14
google_msm-4.9
google_redbull
oneplus_sdm845
razer_sdm845
xiaomi_sdm845
Signed-off-by: Tad <tad@spotco.us>
And remove the F-Droid repo for it, will be moved to the 'DivestOS Official' repo
This simplifies release management and also allows other systems to benefit from the repo
Downside is users who don't update to this build won't receive any updates for it anymore
Signed-off-by: Tad <tad@spotco.us>
- 17.1: Add more captive portal server options like 18.1+, disabled: needs fixes
- 17.1: Add the hosts toggle like 18.1+
- 18.1: fix junk in patch
- 17.1+: hosts toggle: bugfix: fixup localhost handling by switching to strcmp
- 15.1: fixes to get hmalloc to compile, does NOT boot
Signed-off-by: Tad <tad@spotco.us>
- loose versioning fixes for 4.9
- remove GPG commit verification for GOS repos, they use SSH now. TODO: support that
- 20.0: fixup AudioFX stray lines
- 20.0: broken fix for gs101/201 stray iwlan lines
Signed-off-by: Tad <tad@spotco.us>
This applies 3.4 patches to 3.10 if no other match is available
Note: CVE-2017-13245/3.4/0002.patch ends up applied over CVE-2018-10902/3.18/0003.patch
Signed-off-by: Tad <tad@spotco.us>
- Enable APEX for Pixel 6/7, necessary for camera and pKVM
- Also drop hack removing pKVM for Pixel 6/7
- patch from GrapheneOS
- Extend hmalloc workaround to /apex
- Deblobber:
- actually handle wildcard f/w/b overlays
- move some stuff around
- remove some more Pixel blobs
- flag and disable removal of camera extensions, being able to use the second camera is nice
- Adjust what hardenDefconfig disables, caused boot issues
minimal impact as most of these are already default-disabled
can be narrowed down in future
- Disable some of the bionic hardening patches, causing more boot issues
annoying to lose, but having a phone that boots is more important
- Add LTE only mode to 17.1, 18.1, 19.1, and 20.0, credit GrapheneOS
- Remove Pixel 2 ramdisk compression reverts, fixed upstream
And yes, I know I should've split up this commit...
Signed-off-by: Tad <tad@spotco.us>
This fixes CVE-2018-9422 which was primarily added via b56fabac
May still need to be fixed:
16.0/kernel_google_yellowstone
16.0/kernel_xiaomi_msm8937
Signed-off-by: Tad <tad@spotco.us>
This revokes the permissions to all user installed apps on update.
Likely an expected quirk of being on 20.0 without the permission.
19.1 upgrades and new 20.0 installs should be fine.
TODO: update 19.1 with the SpecialRuntimePermAppUtils too
Signed-off-by: Tad <tad@spotco.us>
- Add back the SIM ToolKit app
- 17.1: CarrierConfig testing
- 19.1: Enable op5 firmware inclusion, needs testing
- Don't disable coresight bits on op8, breaks compile
- 19.1: Add a patch from GrapheneOS to display/share logs when a crash happens
Signed-off-by: Tad <tad@spotco.us>
- Add a script to update commons like APNs, VVM configs, and contributors cloud
- Add the latest contributors cloud to all branches
- Update wireless-regdb to 2022.08.12 release
- Add some shell opts to some scripts
Signed-off-by: Tad <tad@spotco.us>
It is still actively being used by malware.
This largely handles 3.0, 3.4, and 3.10 kernels.
It works for select 3.18 kernels too.
TODO: need alternate get_file_rcu backport for the following:
15.1/lge_msm8996
15.1/zte_msm8996
16.0/xiaomi_msm8937
17.1/motorola_msm8996
18.1/google_marlin
18.1/lge_msm8996
18.1/oneplus_msm8996
Signed-off-by: Tad <tad@spotco.us>
What is lost?
- sanity checks and redzoning on all devices
- redzoning reportedly however causes issues on some devices such as the Pixel 3/4 and OnePlus 7
- slub sanization on 3.0, 3.4, 4.4 (except google/wahoo), xiaomi/sm6150, and oneplus/sm7250
Note: all 3.4+ devices still have page sanization
Signed-off-by: Tad <tad@spotco.us>
7408144e1b
> extend Network/Sensors permission handling for legacy apps not targeting Android 6
> or above (API 23) to resolve a UI issue where the user choosing to grant the
> Network/Sensors permissions via the legacy permission review interface doesn't
> appear in the Settings app info page
22d32cb61b
suppresses https://github.com/Divested-Mobile/DivestOS-Build/discussions/11266f406b9793f69205d06
nice to have
Signed-off-by: Tad <tad@spotco.us>
- Disable slub_debug=P for devices with INIT_ON_ALLOC/FREE_DEFAULT_ON
- Disable slub_debug=Z due to known breakage
- Disable many debug options on Linux 4.x and up
- 19.1: fixup missing manifests for vayu :\
Signed-off-by: Tad <tad@spotco.us>
Drop long non-compiling devices:
- 14.1: n7100, jellypro
- 15.1: himaul, oneplus2
- 16.0: zenfone3, fugu
- 17.1: yellowstone, fugu
- 18.1: bonito, sargo
Drop in favor of 19.1:
- 17.1: bonito, sargo
- 18.1: pro1, aura, sunfish, coral, flame, bramble, redfin
(experimental, but these devices don't currently appear to have any users)
Signed-off-by: Tad <tad@spotco.us>
Change the property too, so it takes effect next update.
Since 16.0 lacks a toggle, this effectively disables the feature for it.
Even devices with 4GB of RAM have usability severely impacted.
Plus some other tweaks/churn
Signed-off-by: Tad <tad@spotco.us>
alioth, beryllium, davinci, vayu were tested working without this
lavender however would not boot
lmi was not tested
lavender, unlocked, managed to get into some weird broken state
that won't even boot after this, not even with Lineage or TWRP
:(
enchilada/fajita 18.1 use stock vendor and don't boot either
enchilada is tested booting again after this
Signed-off-by: Tad <tad@spotco.us>
This ensures init_on_alloc/free is used instead of page poisioning where available.
3.4 through 3.18 have a patch without a toggle for page sanitization.
Signed-off-by: Tad <tad@spotco.us>
Adds ptrace_scope and timeout options to 17.1, tested working
Also adds hardened_malloc to 15.1, but failing to compile:
external/hardened_malloc/h_malloc.c:1688:18: error: use of undeclared identifier 'M_PURGE'
if (param == M_PURGE) {
^
external/hardened_malloc/h_malloc.c:1743:30: error: missing field 'ordblks' initializer [-Werror,-Wmissing-field-initializers]
struct mallinfo info = {0};
^
Signed-off-by: Tad <tad@spotco.us>
10+4 devices tested working with bionic hardening patches enabled
but hammerhead and shamu do not boot...
2 of the patches were already found to have issues and disabled
3 other patches were ruled out:
- Stop implicitly marking mappings as mergeable
- Make __stack_chk_guard read-only at runtime
- On 64-bit, zero the leading stack canary byte
Leaves 11+1 patches remaining that need to be tested
But I don't have either of the two known impacted devices.
Signed-off-by: Tad <tad@spotco.us>
hammerhead 16.0 was reported not booting
and shamu 18.1 was reported to take ~15+ minutes to boot
hammerhead does not have getrandom so it failed immediately
shamu does have getrandom BUT it blocks during init
meaning it'll wait until the entropy pool slowly fills
In tested I did not discovery this
I tested on flox/mako/d852/klte/clark/sailfish/mata/cheeseburger/fajita
All the newer ones have working getrandom
All the older ones included a patch to make getrandom non blocking on init
Signed-off-by: Tad <tad@spotco.us>
- enable the patchset for 18.1
- add an ugly patch that extends the Pixel 3* camera workaround to all camera executables
Signed-off-by: Tad <tad@spotco.us>
This also replaces the overrides for all versions
And should allow the Google WebView on 14/15/16
And lastly only leaves the bundled version as default
This is a merge of the LineageOS 14/15/16 and 17/18 overlay
With the addition of the Bromite signature from @MSe1969
Signed-off-by: Tad <tad@spotco.us>
This removes many duplicately or wrongly applied patches.
Correctly removed:
- CVE-2011-4132 can apply infinitely
- CVE-2013-2891 can apply infinitely
- CVE-2014-9781 can apply once to fb_cmap_to_user correctly and incorrectly to fb_copy_cmap
- CVE-2015-0571 can apply incorrectly and was disabled in patch repo as a result
- CVE-2016-2475 can apply infinitely
- CVE-2017-0627 can apply infinitely
- CVE-2017-0750 can apply infinitely
- CVE-2017-14875 can apply infinitely
- CVE-2017-14883 can apply infinitely
- CVE-2020-11146 can apply infinitely
- CVE-2020-11608 can apply infinitely
- CVE-2021-42008 can apply infinitely
Questionable (might actually be beneficial to "incorrectly" apply again):
- CVE-2012-6544 can apply once to hci_sock_getsockopt correctly and incorrectly to hci_sock_setsockopt
- CVE-2013-2898 can apply once to sensor_hub_get_feature correctly and incorrectly to sensor_hub_set_feature
- CVE-2015-8575 can apply once to sco_sock_bind correctly and incorrectly to sco_sock_connect
- CVE-2017-8281 can apply once to diagchar_ioctl correctly and incorrectly to diagchar_compat_ioctl
- CVE-2019-10622 can apply once to qdsp_cvp_callback correctly and incorrectly to qdsp_cvs_callback
- CVE-2019-14104 can apply once to cam_context_handle_start/stop_dev and incorrectly to cam_context_handle_crm_process_evt and cam_context_handle_flush_dev
Other notes:
- CVE-2016-6693 can be applied again if it was already applied in combination with CVE-2016-6696
then the dupe check will fail and mark CVE-2016-6696 as already applied, effectively reverting it.
This was seemingly fixed with a hand merged patch in patch repo.
Wrongly removed:
- CVE-2013-2147 is meant for cciss_ioctl32_passthru but is detected in cciss_ioctl32_big_passthru
- CVE-2015-8746 is meant for nfs_v4_2_minor_ops but is detected in nfs_v4_1_minor_ops
- CVE-2021-Misc2/ANY/0043.patch is meant for WLANTL_RxCachedFrames but is detected in WLANTL_RxFrames
Signed-off-by: Tad <tad@spotco.us>
Some patches were ported from 12 to 10/11
Some patches from 11 were ported to 10
This 10/11 port should be very close to 12
BOUNS: 16.0 patches, disabled
Signed-off-by: Tad <tad@spotco.us>
- Drops Calendar, Eleven, and Email
- Adds a variable for Silence inclusion
- Adds a NONE option for microG inclusion flag to disable NLP inclusion
Signed-off-by: Tad <tad@spotco.us>
Rely on the HOSTS to do any blocking.
With the last update this causes app crashes, due to boolean/string mismatch.
Need to figure out exactly how string in manifest can become a boolean when wanted.
Signed-off-by: Tad <tad@spotco.us>
- 16.0: drop wallpaper optimization patch, questionable source
- deblobber: don't remove libmmparser_lite.so, potentially used by camera
- 17.1: pick Q_asb_2021-12, excluding a broken patch
- clark 17.1: some camera denial fixes
- alioth: unmark broken
- 17.1: switch to upstream glibc fix
- 17.1/18.1: disable per app sensors permission patchset, potential camera issues
Signed-off-by: Tad <tad@spotco.us>
No change to AVB devices except for enabling on more
Verity devices have the potential to regress by not booting
No change to non-verity/avb devices
Tested working on: mata, cheeseburger, fajita
Signed-off-by: Tad <tad@spotco.us>