Commit Graph

2287 Commits

Author SHA1 Message Date
Tavi
8383cd716d
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-06-06 15:47:27 -04:00
Tavi
1636f68138
Update CVE patchers
Fixes https://github.com/Divested-Mobile/DivestOS-Build/issues/308

Signed-off-by: Tavi <tavi@divested.dev>
2024-06-03 16:27:15 -04:00
Tavi
fbc61bfcc7
17.1: reconcile picks
Signed-off-by: Tavi <tavi@divested.dev>
2024-06-03 14:39:13 -04:00
Tavi
f91f45a7bd
Update CVE patchers
Maybe some breakage

Signed-off-by: Tavi <tavi@divested.dev>
2024-06-01 12:35:18 -04:00
Tavi
97ad0c69fe
Update CVE patchers
This expands loose versioning for 4.9 and 4.14

compile tested:
- cheeseburger/4.4
- fajita/4.9
- flame/4.14
- FP4/4.19
- lemonadep/5.4
- bluejay/5.10

CVE-2023-52879/5.4 may need to be expanded to other 5.4 kernels

this also patches CVE-2024-1086 for 4.9, 4.14, and 5.10

Signed-off-by: Tavi <tavi@divested.dev>
2024-05-31 20:55:45 -04:00
Tavi
4cf2b308ff Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-05-30 13:52:45 -04:00
Tavi
42a5da8f16
CI: enable shellcheck
Signed-off-by: Tavi <tavi@divested.dev>
2024-05-29 12:04:44 -04:00
Tavi
03e48ad81b
Fixup
Signed-off-by: Tavi <tavi@divested.dev>
2024-05-28 10:56:42 -04:00
Tavi
3e9d2b9bb0
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-05-28 10:30:53 -04:00
Tavi
b5e04a00ae
Fixup
Closes https://github.com/Divested-Mobile/DivestOS-Build/issues/306

Signed-off-by: Tavi <tavi@divested.dev>
2024-05-27 12:36:17 -04:00
Tavi
a136f27ae6
Fixup
Signed-off-by: Tavi <tavi@divested.dev>
2024-05-26 22:50:29 -04:00
Tavi
028541103d
Fixup
Manually checked 3.4 and 4.4
Likely still more breakage

Signed-off-by: Tavi <tavi@divested.dev>
2024-05-26 19:26:14 -04:00
Tavi
d2330cce15
Update CVE patchers
This probably breaks all of them

Signed-off-by: Tavi <tavi@divested.dev>
2024-05-26 18:29:36 -04:00
Tavi
ec9a38452d
21.0: trying to compile
frameworks/base/core/java/android/util/NtpTrustedTime.java:275: error: cannot find symbol
            final ContentResolver resolver = getContext().getContentResolver();

frameworks/base/core/java/android/content/pm/SpecialRuntimePermAppUtils.java:38: error: method checkPermission in class PermissionManager cannot be applied to given types;
        return PermissionManager.checkPermission(Manifest.permission.INTERNET, Process.myPid(), Process.myUid())

Signed-off-by: Tavi <tavi@divested.dev>
2024-05-20 19:23:31 -04:00
Tavi
23a2127669
21.0: More work
Signed-off-by: Tavi <tavi@divested.dev>
2024-05-20 18:50:40 -04:00
Tavi
07951955d3
21.0: more work
Signed-off-by: Tavi <tavi@divested.dev>
2024-05-20 18:13:59 -04:00
Tavi
26f1ce99a9
21.0: more work
packages/apps/Settings done

Signed-off-by: Tavi <tavi@divested.dev>
2024-05-20 14:13:53 -04:00
Tavi
afe1135384
Cleanup
- Removes unused files/patches
- Removes many guards, these likely don't work anyway due to patchsets having dependencies
- No functional change

Signed-off-by: Tavi <tavi@divested.dev>
2024-05-20 13:25:08 -04:00
Tavi
af25d96aee
Commit to sign
Signed-off-by: Tavi <tavi@divested.dev>
2024-05-20 11:55:22 -04:00
Tavi
d98f33a337 21.0: Initial bringup
TODO:
- f/w/b
- settings

Signed-off-by: Tavi <tavi@divested.dev>
2024-05-20 11:53:38 -04:00
Tavi
ce0dac994c
Fixup
Signed-off-by: Tavi <tavi@divested.dev>
2024-05-19 15:17:27 -04:00
Tavi
dd9f51c8ee
Update CVE patchers
maybe some breakage

Signed-off-by: Tavi <tavi@divested.dev>
2024-05-19 12:35:44 -04:00
Tavi
1607155923
Backport the server choices patch to 18.1 and 19.1
Tested working on 20.0

Signed-off-by: Tavi <tavi@divested.dev>
2024-05-18 17:31:59 -04:00
Tavi
9ddc388f03
Churn
Signed-off-by: Tavi <tavi@divested.dev>
2024-05-18 16:49:16 -04:00
Tavi
67e962e0f6
20.0: Updater: Add server choices
Also fixes .onion support

TODO: Test and backport to previous branches

Signed-off-by: Tavi <tavi@divested.dev>
2024-05-18 13:00:15 -04:00
Tavi
d01a7b9e92
Update submodules
Signed-off-by: Tavi <tavi@divested.dev>
2024-05-18 10:52:21 -04:00
Tavi
79df8d06d0
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-05-14 15:34:02 -04:00
Tavi
674c84855d
Churn
Signed-off-by: Tavi <tavi@divested.dev>
2024-05-13 19:00:38 -04:00
Tavi
89ab1d69ef
Churn
Signed-off-by: Tavi <tavi@divested.dev>
2024-05-12 11:44:47 -04:00
Tavi
055af41678
Fixup
Signed-off-by: Tavi <tavi@divested.dev>
2024-05-11 13:51:51 -04:00
Tavi
9c2914272a
Reconcile
Signed-off-by: Tavi <tavi@divested.dev>
2024-05-11 13:39:40 -04:00
Tavi
d782ef887b
Reconcile
Signed-off-by: Tavi <tavi@divested.dev>
2024-05-11 12:33:31 -04:00
Tavi
151caed4da
Reconcile
Signed-off-by: Tavi <tavi@divested.dev>
2024-05-11 12:29:37 -04:00
Tavi
0dcdeb029a
Import Q_asb_2024-04 and R_asb_2024-05 + fixups
Signed-off-by: Tavi <tavi@divested.dev>
2024-05-11 11:14:58 -04:00
Tavi
c31e67b2f8
May ASB work
untested

Signed-off-by: Tavi <tavi@divested.dev>
2024-05-10 19:56:31 -04:00
Tavi
e195e38150
16.0: switch to latest hardened_malloc revision
kipper compiles

Signed-off-by: Tavi <tavi@divested.dev>
2024-05-10 19:26:53 -04:00
Tavi
ae523985ca
Correct ordering
Signed-off-by: Tavi <tavi@divested.dev>
2024-05-09 14:23:03 -04:00
Tavi
0c88720caa
14.1: work on integrating hardened_malloc
untested as all currently supported 14.1 devices are 32-bit

Signed-off-by: Tavi <tavi@divested.dev>
2024-05-09 13:46:19 -04:00
Tavi
31a147ab98
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-05-09 13:24:43 -04:00
Tavi
90b8722b67
Fixup handling of Tensor kernels
Signed-off-by: Tavi <tavi@divested.dev>
2024-05-09 12:23:17 -04:00
Tavi
319f57d098
Enable BPF JIT hardening by default
as per GrapheneOS, eg.
65f68fd04f

Signed-off-by: Tavi <tavi@divested.dev>
2024-05-09 12:16:26 -04:00
Tavi
28d2113957
15.1: switch to latest hardened_malloc revision and enable it
verified working on bullhead via:
- top
- /proc/self/maps with -DLABEL_MEMORY
- Sanitizer Test App and logcat

Signed-off-by: Tavi <tavi@divested.dev>
2024-05-09 11:18:05 -04:00
Tavi
650fc2ec27
Churn
Signed-off-by: Tavi <tavi@divested.dev>
2024-05-08 16:31:39 -04:00
Tavi
1fdedf21a5
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-05-08 14:09:13 -04:00
Tavi
4c48bf84e1 19.1+: fixup rebrand
Signed-off-by: Tavi <tavi@divested.dev>
2024-05-08 12:54:23 -04:00
Tavi
abddd5231f
Quick verify of patchWorkspace for 14.1 through 19.1
Signed-off-by: Tavi <tavi@divested.dev>
2024-05-08 12:51:25 -04:00
Tavi
59bf3b75c7
17.1: Import and verify picks
https://review.lineageos.org/c/LineageOS/android_frameworks_base/+/353117
https://review.lineageos.org/q/topic:Q_asb_2023-03
https://review.lineageos.org/q/topic:Q_asb_2023-04
https://review.lineageos.org/q/topic:Q_asb_2023-05
https://review.lineageos.org/q/topic:Q_asb_2023-06
https://review.lineageos.org/q/topic:Q_asb_2023-07
https://review.lineageos.org/q/topic:Q_asb_2023-08
	accounted for via patches:
	https://review.lineageos.org/c/LineageOS/android_system_ca-certificates/+/376560
	https://review.lineageos.org/c/LineageOS/android_system_ca-certificates/+/376561
	https://review.lineageos.org/c/LineageOS/android_system_ca-certificates/+/376562
https://review.lineageos.org/q/topic:Q_asb_2023-09
https://review.lineageos.org/q/topic:Q_asb_2023-10
https://review.lineageos.org/q/topic:Q_asb_2023-11
	accounted for via patches:
	https://review.lineageos.org/c/LineageOS/android_system_ca-certificates/+/376563
	accounted for via manifest change:
	https://review.lineageos.org/c/LineageOS/android_external_webp/+/376568
https://review.lineageos.org/q/topic:Q_asb_2023-12
https://review.lineageos.org/q/topic:Q_asb_2024-01
https://review.lineageos.org/q/topic:Q_asb_2024-02
https://review.lineageos.org/q/topic:Q_asb_2024-03

Signed-off-by: Tavi <tavi@divested.dev>
2024-05-08 12:26:07 -04:00
Tavi
f6ad120484
Fixup 082bc48c
these were not accounted for via manifest

Signed-off-by: Tavi <tavi@divested.dev>
2024-05-08 11:13:09 -04:00
Tavi
1816472bac
17.1: reconcile picks
Signed-off-by: Tavi <tavi@divested.dev>
2024-05-08 11:01:06 -04:00
Tavi
bea8f92380
18.1: Import and verify picks
https://review.lineageos.org/q/topic:R_asb_2024-03
https://review.lineageos.org/q/topic:R_asb_2024-04

Signed-off-by: Tavi <tavi@divested.dev>
2024-05-08 09:07:38 -04:00