Commit Graph

120 Commits

Author SHA1 Message Date
Tad
35372142ed Small tweak
Signed-off-by: Tad <tad@spotco.us>
2021-09-25 20:24:14 -04:00
Tad
83efa5fe7d Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2021-09-18 13:43:41 -04:00
Tad
4917af86cc Update copyright dates
Signed-off-by: Tad <tad@spotco.us>
2021-09-15 10:30:08 -04:00
Tad
bf5d9bc778 Small tweaks
- disable disablement of PROC_PAGE_MONITOR to fix memory stats calculation
- enable slub_nomerge, similar to slab_nomerge for pre 3.18 kernels
  slub_nomerge was already default enabled on many 3.10 devices via:
  0006-AndroidHardening-Kernel_Hardening/3.10/0010.patch

Signed-off-by: Tad <tad@spotco.us>
2021-09-13 10:39:33 -04:00
Tad
b589976f7b Switch to the more efficient HOSTS blocking list
Signed-off-by: Tad <tad@spotco.us>
2021-09-05 21:27:18 -04:00
Tad
1dc0bce913 Disable removal of display color blobs
Removal is still breaking boot on some devices

Signed-off-by: Tad <tad@spotco.us>
2021-08-21 15:34:02 -04:00
Tad
de22605785 18.1: add sunfish, bramble, and redfin
Signed-off-by: Tad <tad@spotco.us>
2021-08-14 04:52:08 -04:00
Tad
3a79316ddb Fix camera on taimen/walleye/alioth
+ typo fix for last commit
+ cherrypick cleanups

Signed-off-by: Tad <tad@spotco.us>
2021-08-10 00:21:02 -04:00
Tad
3f311f84ad Changes
- WebView update
- 14.1: drop osprey, tested compiling on 17.1
- comment updates
- small patcher fixes

Signed-off-by: Tad <tad@spotco.us>
2021-08-06 18:36:57 -04:00
Tad
40c356371a Small tweaks 2021-07-25 22:41:56 -04:00
Tad
9a4c02c3dc Tiny tweaks 2021-07-19 12:05:18 -04:00
Tad
d6dca6e66d Small tweaks 2021-06-26 14:13:03 -04:00
Tad
47ca4c5954 Tiny tweaks 2021-06-12 17:17:11 -04:00
Tad
50c670c477 Small tweaks
- June ASB cherrypicks
- Change default NTP. only 2*.pool.ntp.org supports IPv6
2021-06-10 22:45:32 -04:00
Tad
bdf990a638 Small tweaks
- Remove some changes that have been commented for a while
- Don't remove the QCOM VR repos
- Adjust the default quick tiles
- Don't force hardware layers for recents
- Only generate deltas for update_engine devices
- Cherrypick: Update WebView to 90.0.4430.66
- Adjust yylloc sed line
- Add comments to 17.1 devices explaining why they aren't removed for 18.1 yet
2021-04-14 21:29:12 -04:00
Tad
f3e672fb18 Failed attempt at fixing signing
PRODUCT_OTA_PUBLIC_KEYS is meant to be set by a vendor tree, something
we don't use.

Override it at the source and set it explicitely as well.

This ensures that the compiled recovery.img and the one generated by
sign_target_files_apks.py includes the real public keys for verification.

11.0 signing is ignored.

This will need to be extensively tested as breakage can mean brick on locked
devices.
Although in failure cases it seems test-keys are accepted.

--

After much testing there appears to be a deeper issue with how keys
are inserted into the recovery and handled
2021-04-06 04:07:18 -04:00
Tad
529b47039c 18.1: Initial bringup
- Functionality tested on mako and klte
- In-place upgrade from 17.1 tested working on klte
- Compile tested on bacon and klte
- Recovery OTA key patch missing, unsure if still needed.
- Deblobber needs support for removing vintf manifest paths from vendor Android.bp
- Launcher needs more default_workspace grid variants (eg. 4x5)
2021-03-23 12:36:31 -04:00
Tad
add30db605 Drop support for overclocking
These patches have been disabled for years.
2021-03-20 16:23:38 -04:00
Tad
62cba6a878 More cleanup 2021-03-20 16:15:01 -04:00
Tad
b99e1865fe deblobber improvements
- fixup CNE removal to disable Wi-Fi calling
- extend system.prop edits to cover all .props
- remove persist. and ro. from edits to cover all properties
2021-01-18 07:15:11 -05:00
Tad
318988345b Drop WireGuard kernel module support
It was never used or enabled.
Silly me didn't acknowledge that it requires root for any app to use.

The app itself will still be included in the PrebuiltApps submodule for anyone who needs.
2021-01-13 06:30:44 -05:00
Tad
ff96315fb4 Update CVE patchers 2020-12-30 11:08:19 -05:00
Tad
8b56cd13c6 deblobber: Don't remove CNE
- breaks Wi-Fi calling
- breaks IMS on marlin/sailfish
2020-12-22 13:53:29 -05:00
Tad
d6cf9ec8b0 Many fixes
VoLTE tested working on mata/17.1!
VoWiFi tested working with DOS_DEBLOBBER_REMOVE_CNE=false

- Disable Graphene exec spawning feature, subtly breaks many apps
  Maybe missing some patches?
- Build old versions for devices with broken IMS
- Ensure shell umask is always 0022
- fwb overlay: drop the MMS user-agent overrides
- Drop the BlobBlocker and ModuleBlocker
  They were unused and unkempt.
- Put volteOverride behind DOS_DEBLOBBER_REMOVE_IMS and comment it
2020-12-22 04:00:12 -05:00
Tad
9d7e5a24a3 License headers 2020-11-17 10:19:06 -05:00
Tad
6a5866c01d More failed attempts at fixing IMS
Keeping IMS, RCS, CNE, ATFWD, and allowing ims* to access /dev/diag:
IMS service still fails to register on mata

Is it the carrier?
Is it the phone?
Is it LineageOS?
Is is DivestOS?
Absolute mess.
2020-11-02 19:24:56 -05:00
Tad
1b4b86c38d Tiny tweaks 2020-10-23 14:49:16 -04:00
Tad
c7eb6fcbfe deblobber: fixup IMS for a few devices
Don't remove qti-vzw-ims-internal.jar needed by IMS stack.
It is just a shim and doesn't really do anything.

Also put RCS behind a flag.
2020-10-21 20:09:53 -04:00
Tad
0958df7de5 deblobber: remove more blobs 2020-10-20 10:45:57 -04:00
Tad
b56929d3d9 Many changes
- Missing credit in LICENSE
- Update TODO
- hardenLocationConf: don't change version
- hardenDefconfig: Fix reboot on shutdown
- changeDefaultDNS: replace a level3 dns straggler for tethering config
- Don't remove CompanionDeviceManager if microG is included
- Update cherry picks
- init.sh: update comment wording
2020-10-12 07:52:54 -04:00
Tad
826949e6df Small updates 2020-08-22 10:18:29 -04:00
Tad
900183743d Add GPG signing to processRelease 2020-06-17 13:20:26 -04:00
Tad
2aa65e6b16 Cherry picks 2020-05-11 07:57:53 -04:00
Tad
e58ba3e9b2 Disable IMS stack 2020-05-02 22:29:23 -04:00
Tad
c3bb898eb0 2020 2020-04-14 21:39:51 -04:00
Tad
ee458d0ed1 April ASB cherry picks 2020-04-08 13:44:52 -04:00
Tad
c26b3e95c7 Minor tweaks
- Cherry pick PPP/CVE-2020-8597 patches
- Add some more DNS providers
- Switch default DNS to Cloudflare's new malware blocking provider
- GCC 10 build fix
- Update CVE patchers (select)
2020-04-05 15:53:58 -04:00
Tad
d7ef9abf61 Minor tweaks 2020-03-25 22:08:25 -04:00
Tad
01843b6b2b Update incrementals 2020-03-02 19:33:43 -05:00
Tad
637bb171c8 Switch to partial 4096 signing keys by default
Update engine <10 doesn't support 4096-bit keys
Make releasekey 2048-bits
Verity has also been 2048-bits
The rest are 4096-bits
2020-02-26 20:14:42 -05:00
Tad
fe54dd26a6 Fix many device issues
- Fix mata
- Fix cheeseburger
- Enable near-entire IMS stack (proprietary)
- Fix many other new devices
2020-02-22 13:29:01 -05:00
Tad
cc28df15f7 Cherry picks + fix 5 failing devices 2020-02-09 13:52:25 -05:00
Tad
2734a075c6 Update CVE patchers 2020-02-03 21:36:49 -05:00
Tad
332807d427 Update CVE patchers 2020-02-02 12:09:49 -05:00
Tad
e13c6c7c9c processRelease features
- support removing device out after complete
- support malware scan before sign
- Update cherry picks
2019-10-15 12:23:46 -04:00
Tad
159e5ea194 Minor tweaks
- Update cherry picks
- Update copyright year
- bacon: fix delta generation
2019-10-11 13:24:38 -04:00
Tad
79ec8a4999 clark: experimental 16.0 2019-09-28 17:37:18 -04:00
Tad
a0e8f9653c Future proofing keys 2019-09-25 21:04:24 -04:00
Tad
e01e457b24 Per-device signing keys
- also fix OTA/recovery key regression
- Update cherrypicks
2019-09-15 22:18:04 -04:00
Tad
e10a865b05 Improve release processing to support deltas and archiving 2019-08-29 19:09:31 -04:00