- 18.1: Fix exempted background tasks when dozing (GrapheneOS)
- 20.0: pick a fix for some colors after qpr2
- 20.0: fix the missing notification backdrop
Signed-off-by: Tad <tad@spotco.us>
- 18.1+: Disable NTP fully when automatic time is off, credit GrapheneOS
- 20.0: Handle Tor-over-Orbot when killswitch enabled, credit CalyxOS, BROKEN
Signed-off-by: Tad <tad@spotco.us>
Some devices still don't have these in 2023
https://gitlab.com/LineageOS/issues/android/-/issues/2193
Note, the following still aren't patched:
15.1
kernel/google/msm
kernel/lge/hammerhead
16.0
kernel/cyanogen/msm8974
kernel/lge/hammerhead
18.1
kernel/motorola/msm8974
Signed-off-by: Tad <tad@spotco.us>
Backports of rfc4941bis from Google/Linaro
and workaround for legacy kernels from GrapheneOS
already has rfc4941bis patch:
fairphone_sdm632
google_gs101
google_gs201
google_msm-4.14
google_msm-4.9
google_redbull
oneplus_sdm845
razer_sdm845
xiaomi_sdm845
Signed-off-by: Tad <tad@spotco.us>
And remove the F-Droid repo for it, will be moved to the 'DivestOS Official' repo
This simplifies release management and also allows other systems to benefit from the repo
Downside is users who don't update to this build won't receive any updates for it anymore
Signed-off-by: Tad <tad@spotco.us>
- loose versioning fixes for 4.9
- remove GPG commit verification for GOS repos, they use SSH now. TODO: support that
- 20.0: fixup AudioFX stray lines
- 20.0: broken fix for gs101/201 stray iwlan lines
Signed-off-by: Tad <tad@spotco.us>
This applies 3.4 patches to 3.10 if no other match is available
Note: CVE-2017-13245/3.4/0002.patch ends up applied over CVE-2018-10902/3.18/0003.patch
Signed-off-by: Tad <tad@spotco.us>
- Enable APEX for Pixel 6/7, necessary for camera and pKVM
- Also drop hack removing pKVM for Pixel 6/7
- patch from GrapheneOS
- Extend hmalloc workaround to /apex
- Deblobber:
- actually handle wildcard f/w/b overlays
- move some stuff around
- remove some more Pixel blobs
- flag and disable removal of camera extensions, being able to use the second camera is nice
- Adjust what hardenDefconfig disables, caused boot issues
minimal impact as most of these are already default-disabled
can be narrowed down in future
- Disable some of the bionic hardening patches, causing more boot issues
annoying to lose, but having a phone that boots is more important
- Add LTE only mode to 17.1, 18.1, 19.1, and 20.0, credit GrapheneOS
- Remove Pixel 2 ramdisk compression reverts, fixed upstream
And yes, I know I should've split up this commit...
Signed-off-by: Tad <tad@spotco.us>
This fixes CVE-2018-9422 which was primarily added via b56fabac
May still need to be fixed:
16.0/kernel_google_yellowstone
16.0/kernel_xiaomi_msm8937
Signed-off-by: Tad <tad@spotco.us>
This revokes the permissions to all user installed apps on update.
Likely an expected quirk of being on 20.0 without the permission.
19.1 upgrades and new 20.0 installs should be fine.
TODO: update 19.1 with the SpecialRuntimePermAppUtils too
Signed-off-by: Tad <tad@spotco.us>
- Add back the SIM ToolKit app
- 17.1: CarrierConfig testing
- 19.1: Enable op5 firmware inclusion, needs testing
- Don't disable coresight bits on op8, breaks compile
- 19.1: Add a patch from GrapheneOS to display/share logs when a crash happens
Signed-off-by: Tad <tad@spotco.us>
- Add a script to update commons like APNs, VVM configs, and contributors cloud
- Add the latest contributors cloud to all branches
- Update wireless-regdb to 2022.08.12 release
- Add some shell opts to some scripts
Signed-off-by: Tad <tad@spotco.us>
It is still actively being used by malware.
This largely handles 3.0, 3.4, and 3.10 kernels.
It works for select 3.18 kernels too.
TODO: need alternate get_file_rcu backport for the following:
15.1/lge_msm8996
15.1/zte_msm8996
16.0/xiaomi_msm8937
17.1/motorola_msm8996
18.1/google_marlin
18.1/lge_msm8996
18.1/oneplus_msm8996
Signed-off-by: Tad <tad@spotco.us>
What is lost?
- sanity checks and redzoning on all devices
- redzoning reportedly however causes issues on some devices such as the Pixel 3/4 and OnePlus 7
- slub sanization on 3.0, 3.4, 4.4 (except google/wahoo), xiaomi/sm6150, and oneplus/sm7250
Note: all 3.4+ devices still have page sanization
Signed-off-by: Tad <tad@spotco.us>
7408144e1b
> extend Network/Sensors permission handling for legacy apps not targeting Android 6
> or above (API 23) to resolve a UI issue where the user choosing to grant the
> Network/Sensors permissions via the legacy permission review interface doesn't
> appear in the Settings app info page
22d32cb61b
suppresses https://github.com/Divested-Mobile/DivestOS-Build/discussions/11266f406b9793f69205d06
nice to have
Signed-off-by: Tad <tad@spotco.us>
- Disable slub_debug=P for devices with INIT_ON_ALLOC/FREE_DEFAULT_ON
- Disable slub_debug=Z due to known breakage
- Disable many debug options on Linux 4.x and up
- 19.1: fixup missing manifests for vayu :\
Signed-off-by: Tad <tad@spotco.us>
- Remove some more blobs
- 19.1: disable FP animation (jesec)
- 18.1: mata: allow major upgrades (to 19.1) (Updater patch by erfanoabdi)
- mata: disable Vulkan, it doesn't work
Signed-off-by: Tad <tad@spotco.us>
Drop long non-compiling devices:
- 14.1: n7100, jellypro
- 15.1: himaul, oneplus2
- 16.0: zenfone3, fugu
- 17.1: yellowstone, fugu
- 18.1: bonito, sargo
Drop in favor of 19.1:
- 17.1: bonito, sargo
- 18.1: pro1, aura, sunfish, coral, flame, bramble, redfin
(experimental, but these devices don't currently appear to have any users)
Signed-off-by: Tad <tad@spotco.us>
Change the property too, so it takes effect next update.
Since 16.0 lacks a toggle, this effectively disables the feature for it.
Even devices with 4GB of RAM have usability severely impacted.
Plus some other tweaks/churn
Signed-off-by: Tad <tad@spotco.us>