Commit Graph

713 Commits

Author SHA1 Message Date
Tad
5658b56424 Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2021-10-03 20:00:52 -04:00
Tad
7f98aad299 18.1: Drop DnsResolver patches
Merged upstream

Signed-off-by: Tad <tad@spotco.us>
2021-10-01 17:54:54 -04:00
Tad
025ca7df7f compile fixups
after the CVE-2021-Misc2 import and hardenDefconfig overhaul

also sync 18.1 DnsResovler patches with:
6332b25b87
f8490d024a

Signed-off-by: Tad <tad@spotco.us>
2021-10-01 12:34:22 -04:00
Tad
27fe558b76 Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2021-09-29 16:47:50 -04:00
Tad
9f9d418060 18.1: forward port the hosts cache and wildcard support
These were likely missed when resolv/ moved out of netd into DnsResolver.

Signed-off-by: Tad <tad@spotco.us>
2021-09-26 22:41:30 -04:00
Tad
94f342ac37 Tiny tweak
Signed-off-by: Tad <tad@spotco.us>
2021-09-26 16:41:48 -04:00
Tad
c6df37ca23 Expose the Sensors Off tile
This removes the hidden development 'Sensors off' tile from Settings app,
adds it back to SystemUI, and enables it by default.

Tested working on 18.1

Signed-off-by: Tad <tad@spotco.us>
2021-09-26 16:36:15 -04:00
Tad
84c7d230ab Permission for sensors access patches from @MSe1969
Signed-off-by: Tad <tad@spotco.us>
2021-09-24 23:35:33 -04:00
Tad
f5a58bd35f Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2021-09-23 20:56:00 -04:00
Tad
83efa5fe7d Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2021-09-18 13:43:41 -04:00
Tad
083e2048f8 Don't disable slub/slab merging via kernel command line, but by default
I have a sneaking suspicion that the length of some device command lines is
causing boot issues.
eg. with the recent additions, klte boots fine, but recovery doesn't, maybe
bootloader is adding more flags, exceeding a limit?

Signed-off-by: Tad <tad@spotco.us>
2021-09-15 10:17:27 -04:00
Tad
a9f44dee41 Fix hamper analytics patches
These must all be strings.
Sadly meant this likely hasn't worked for years.
:\

Signed-off-by: Tad <tad@spotco.us>
2021-09-13 15:27:29 -04:00
Tad
2f8550d2ae Sync APN list from 18.1
Signed-off-by: Tad <tad@spotco.us>
2021-09-11 16:25:14 -04:00
Tad
907dc0f040 Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2021-09-11 16:06:57 -04:00
Tad
0ade46cc8e Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2021-09-07 16:57:15 -04:00
Tad
e84111aaa8 Small changes
- Include TalkBack
- Fixup hosts inclusion, due to path mismatch
- 14.1: bump patch level to match the picked ASB
- 14.1: m7-common: deblobber fix

Signed-off-by: Tad <tad@spotco.us>
2021-09-06 14:32:37 -04:00
Tad
56e9a75445 14.1+15.1: Support wildcards in cached hosts file
Signed-off-by: Tad <tad@spotco.us>
2021-09-05 16:30:34 -04:00
Tad
809a361e07 Update CVE patchers
Don't introduce https://gitlab.com/LineageOS/issues/android/-/issues/3916

Will consider adding it as a revert

Signed-off-by: Tad <tad@spotco.us>
2021-09-04 14:35:24 -04:00
Tad
e0d300a651 Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2021-09-03 22:52:24 -04:00
Tad
dd4457260f 18.1 Updates
- Update Settings and SetupWizard patches after the big SetupWizard UI update
- Use the latest captive portal patch, was also previously partially broken
  due to mis-apply

Signed-off-by: Tad <tad@spotco.us>
2021-09-03 08:57:40 -04:00
Tad
f77971d38f Small tweaks
Signed-off-by: Tad <tad@spotco.us>
2021-08-31 20:53:17 -04:00
Tad
bdccb5fb39 Hamper ad_personalization_signals
Signed-off-by: Tad <tad@spotco.us>
2021-08-27 13:46:11 -04:00
Tad
27d55efdff Hamper ssaid collection
Signed-off-by: Tad <tad@spotco.us>
2021-08-27 13:41:57 -04:00
Tad
31e615f341 Add the WebView repository
Allows for rapid updates in-between build cycles.
Tested working on many devices.

Signed-off-by: Tad <tad@spotco.us>
2021-08-27 12:46:54 -04:00
Tad
792cb89ed7 Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2021-08-26 12:17:46 -04:00
Tad
0dbabac59a Update CVE patchers
Maybe breakage?

Signed-off-by: Tad <tad@spotco.us>
2021-08-23 15:27:53 -04:00
Tad
1dc0bce913 Disable removal of display color blobs
Removal is still breaking boot on some devices

Signed-off-by: Tad <tad@spotco.us>
2021-08-21 15:34:02 -04:00
Tad
c0debe55c4 Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2021-08-18 08:54:30 -04:00
Tad
4ae1402229 Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2021-08-13 23:54:19 -04:00
Tad
79132fddef Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2021-08-13 11:07:07 -04:00
Tad
2d468d9da2 Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2021-08-09 14:44:48 -04:00
Tad
2db8ac7c70 Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2021-08-04 14:57:55 -04:00
Tad
9e548cabf5 Fixup 3d69ad87
Tested to compile bacon, ether, and griffin kernels

Signed-off-by: Tad <tad@spotco.us>
2021-08-03 18:46:38 -04:00
Tad
3d69ad873e \"\'FIXES\'\" PART 2
There will likely be some breakage here.
Many of these patches have been here since the start and never used.

Signed-off-by: Tad <tad@spotco.us>
2021-08-03 15:14:02 -04:00
Tad
4fae8d0445 Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2021-08-03 12:37:28 -04:00
Tad
2c05482872 Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2021-07-31 09:17:08 -04:00
Tad
914bed8556 Reimplement fe6f8537
LTE tested working with hybrid 33-107 modem.
Phone calls drop to HSPA as expected.
No issues if using stock modem either compared to without this patch.

In my area, without this patch, my makos are useless cell-wise.

Gives extra life to the Nexus 4.

Signed-off-by: Tad <tad@spotco.us>
2021-07-29 15:25:05 -04:00
Tad
36331d6d62 Update CVE patchers 2021-07-28 10:08:52 -04:00
Tad
b61264e3b9 Update CVE patchers 2021-07-27 00:17:14 -04:00
Tad
40c356371a Small tweaks 2021-07-25 22:41:56 -04:00
Tad
ca51db0be0 Update CVE patchers 2021-07-21 22:48:29 -04:00
Tad
9a4c02c3dc Tiny tweaks 2021-07-19 12:05:18 -04:00
Tad
3d67f9e25c Update CVE patchers 2021-07-12 06:31:38 -04:00
Tad
c2b2aa5830 16.0+: Add captive portal toggle from @MSe1969
Source:
0045a97cb4
b483b4e9ab
18.1 is the 17.1 patch rebased

Wording was altered.

Already included in 14.1+15.1
2021-07-10 22:48:45 -04:00
Tad
a43601e77b Update CVE patchers
I expect breakage.
2021-07-10 11:39:14 -04:00
Tad
050da06eba Move n_asb_09-2018-qcom in tree 2021-07-09 21:04:08 -04:00
Tad
c13672b9b7 Update CVE patchers 2021-07-07 15:14:20 -04:00
Tad
12283124b5 Fixup last commit 2021-07-04 17:05:27 -04:00
Tad
f6357512a7 Update CVE patchers 2021-07-04 14:41:44 -04:00
Tad
44003bd2f5 Update CVE patchers 2021-06-30 17:05:59 -04:00
Tad
d7287a6b94 Update CVE patchers 2021-06-27 11:50:15 -04:00
Tad
ef8573b29c Small fixes 2021-06-26 22:59:46 -04:00
Tad
881c24d8b2 Various patches from GrapheneOS 2021-06-26 18:57:46 -04:00
Tad
eb3e51e7e3 Small tweaks 2021-06-23 13:00:43 -04:00
Tad
48f35901c2 Update CVE patchers 2021-06-16 23:17:37 -04:00
Tad
d9d564ebd3 Cherrypick updates 2021-06-16 02:41:22 -04:00
Tad
fe1f9ec7c4 Sync reflog extracted commits with Gerrit originals 2021-06-15 21:04:37 -04:00
Tad
d42c8f033d Small changes
- Fixup CVE-2020-36386 breakage
- Move some cherrypicks in tree (gerrit down right now, pulled from reflog)
- Update cherrypicks
2021-06-15 05:46:30 -04:00
Tad
71fe4d590e Small tweaks
- 14.1: drop z00t, compiles on 15.1
- fix double patch breakage for CVE-2020-36386
- clark: fix recovery firmware extraction, hopefully
2021-06-12 10:49:54 -04:00
Tad
4b044379ec Update CVE patchers 2021-06-11 11:00:54 -04:00
Tad
94b91c6afd Incall privacy warning from CalyxOS 2021-06-08 12:11:13 -04:00
Tad
d9c49b56c3 Update CVE patchers 2021-06-07 22:30:33 -04:00
Tad
1e5df6f42e Update CVE patchers 2021-06-03 13:28:32 -04:00
Tad
f89f0cb983 Small tweaks
Fixes oneplus2 boot
https://github.com/Divested-Mobile/DivestOS-Build/issues/5
2021-05-29 01:12:53 -04:00
Tad
dd938051a5 Small patch fixup 2021-05-27 15:03:47 -04:00
Tad
e9796c45f4 Sync APN list from 18.1 2021-05-27 14:54:50 -04:00
Tad
4af81f4d66 Update CVE patchers 2021-05-27 14:54:07 -04:00
Tad
13bffe05e7 Update CVE patchers 2021-05-21 09:14:31 -04:00
Tad
7b2e2c0bff Sync APN list from 18.1 2021-05-20 06:17:25 -04:00
Tad
ccce1fad9b Update CVE patchers 2021-05-11 17:11:41 -04:00
Tad
731e0e995c Update CVE patchers 2021-05-07 21:48:29 -04:00
Tad
4450921a10 Update CVE patchers 2021-05-03 20:41:32 -04:00
Tad
febec1b60a Update CVE patchers 2021-05-02 17:05:53 -04:00
Tad
5f0ae93a0b Drop the umn patch list
Most seem OK
2021-04-25 11:25:32 -04:00
Tad
5e56dbc90f Use clearer SPDX identifiers 2021-04-22 13:15:43 -04:00
Tad
3770bf469d Add a list of potentially bad commits from umn.edu addresses 2021-04-21 21:40:40 -04:00
Tad
81084a26d7 Update CVE patchers 2021-04-17 11:01:30 -04:00
Tad
d15d4f5757 18.1: updater: fix Tor support 2021-04-17 10:14:29 -04:00
Tad
bdf990a638 Small tweaks
- Remove some changes that have been commented for a while
- Don't remove the QCOM VR repos
- Adjust the default quick tiles
- Don't force hardware layers for recents
- Only generate deltas for update_engine devices
- Cherrypick: Update WebView to 90.0.4430.66
- Adjust yylloc sed line
- Add comments to 17.1 devices explaining why they aren't removed for 18.1 yet
2021-04-14 21:29:12 -04:00
Tad
cc08a358ce 18.1: replace PicoTTS with eSpeak-NG 2021-04-12 21:24:12 -04:00
Tad
a423f977ff Update CVE patchers 2021-04-12 20:53:35 -04:00
Tad
8e496341b5 Small tweaks + ASB cherrypicks 2021-04-08 05:40:22 -04:00
Tad
f48738f944 Update CVE patchers 2021-04-06 20:55:55 -04:00
Tad
d9238f8385 18.1: fix recovery signing
friendly reminder to take a break when dealing with the same issue for extended periods of time
2021-04-06 05:56:47 -04:00
Tad
f3e672fb18 Failed attempt at fixing signing
PRODUCT_OTA_PUBLIC_KEYS is meant to be set by a vendor tree, something
we don't use.

Override it at the source and set it explicitely as well.

This ensures that the compiled recovery.img and the one generated by
sign_target_files_apks.py includes the real public keys for verification.

11.0 signing is ignored.

This will need to be extensively tested as breakage can mean brick on locked
devices.
Although in failure cases it seems test-keys are accepted.

--

After much testing there appears to be a deeper issue with how keys
are inserted into the recovery and handled
2021-04-06 04:07:18 -04:00
Tad
9db9215d6b Small changes
- Disable generation of unused OTA to reduce compile time
- 17.1+: Disable APEX, breaks signing, and is also useless since no Play Store.
- 18.1: Fixup signing
2021-03-31 01:30:17 -04:00
Tad
9ae46b7624 Update CVE patchers
This fixes Fenix causing a reboot on select devices.
2021-03-26 22:51:50 -04:00
Tad
d8712ad62a Update CVE patchers 2021-03-24 16:31:25 -04:00
Tad
5d14e4b4f7 Small changes
- Add m7 and avicii (untested)
- Use low_ram target on <2GB devices
  Silly me, this never did anything due to the git reset...
- Update Chromium WebView cherrypick
2021-03-24 14:43:12 -04:00
Tad
08ea27fd00 Only include Silence when needed
ie. not on tablets without cellular
2021-03-23 21:11:08 -04:00
Tad
529b47039c 18.1: Initial bringup
- Functionality tested on mako and klte
- In-place upgrade from 17.1 tested working on klte
- Compile tested on bacon and klte
- Recovery OTA key patch missing, unsure if still needed.
- Deblobber needs support for removing vintf manifest paths from vendor Android.bp
- Launcher needs more default_workspace grid variants (eg. 4x5)
2021-03-23 12:36:31 -04:00
Tad
c23646ebd5 More cleanup 2021-03-20 16:37:15 -04:00
Tad
add30db605 Drop support for overclocking
These patches have been disabled for years.
2021-03-20 16:23:38 -04:00
Tad
293c386322 More cleanup 2021-03-20 16:21:31 -04:00
Tad
c6f2a5a06d Fixup ef0ee2c3 2021-03-15 01:06:23 -04:00
Tad
ef0ee2c316 Update CVE patchers 2021-03-14 21:59:19 -04:00
Tad
95c2c89271 Add vvm_config.xml to vendor/divsted overlay
Pulled from vendor/lineage on 17.1.
Should fix VVM on 15.1 and 16.0.

d5ecc14106
2021-03-14 19:57:14 -04:00
Tad
a3fbed9da5 Update cherrypicks and small tweaks 2021-03-07 03:04:44 -05:00
Tad
60070a19bd Update CVE patchers
Consider splitting CVE-2020-27067 to restore basic patches.
2021-03-04 15:10:24 -05:00
Tad
f02363ecb4 March 2021 Security Updates 2021-03-04 13:02:10 -05:00