Commit Graph

342 Commits

Author SHA1 Message Date
Tavi
9936408a59
Better patching of CVE-2024-41012
Signed-off-by: Tavi <tavi@divested.dev>
2024-08-05 21:02:44 -04:00
Tavi
2187d4bf36
Better patching of CVE-2024-36971
4.6 and higher is impacted
need backport for 4.9 and 4.14

not patched kernels:
	LineageOS-17.1
		kernel_xiaomi_sm6150

	LineageOS-19.1
		kernel_xiaomi_sm8150

	LineageOS-20.0
		kernel_fairphone_sdm632
		kernel_google_msm-4.14
		kernel_google_msm-4.9
		kernel_oneplus_sdm845
		kernel_oneplus_sm8150
		kernel_razer_sdm845
		kernel_samsung_exynos9810
		kernel_sony_sdm845
		kernel_xiaomi_msm8937
		kernel_xiaomi_sdm845
		kernel_xiaomi_sm6150
		kernel_xiaomi_vayu

Signed-off-by: Tavi <tavi@divested.dev>
2024-08-05 20:25:40 -04:00
Tavi
f07e0f4722
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-08-05 16:01:39 -04:00
Tavi
2bb4d94f88
Fixup + Churn
Signed-off-by: Tavi <tavi@divested.dev>
2024-08-01 00:28:48 -04:00
Tavi
9c4c46478d
Disable 72ff1b1a for now due to more compatibility issues
Signed-off-by: Tavi <tavi@divested.dev>
2024-07-31 22:19:53 -04:00
Tavi
094b4f4f41 Update CVE patchers
Likely breakage

Signed-off-by: Tavi <tavi@divested.dev>
2024-07-31 22:19:43 -04:00
Tavi
72ff1b1a4d
16.0+: Relaxed fix for DNS leaks with app based VPNs from GrapheneOS
Signed-off-by: Tavi <tavi@divested.dev>
2024-07-31 20:50:20 -04:00
Tavi
59b9517c08
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-07-29 18:28:29 -04:00
Tavi
9f5886d80b
Fixup
Signed-off-by: Tavi <tavi@divested.dev>
2024-07-27 18:31:21 -04:00
Tavi
c45060675e
Going the distance... [pt3]
Signed-off-by: Tavi <tavi@divested.dev>
2024-07-27 18:00:56 -04:00
Tavi
33ee2a1c28
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-07-24 17:24:31 -04:00
Tavi
1f65053495
Fixup
Signed-off-by: Tavi <tavi@divested.dev>
2024-07-18 21:44:00 -04:00
Tavi
e6f816f4a0
Update CVE patchers
Likely breakage
CVE-2022-48781 maybe change to 5.16-^5.17

Signed-off-by: Tavi <tavi@divested.dev>
2024-07-18 14:34:16 -04:00
Tavi
30b658da98
Reconcile picks
Signed-off-by: Tavi <tavi@divested.dev>
2024-07-14 16:53:44 -04:00
Tavi
f0de4dbf4c
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-07-11 14:14:49 -04:00
Tavi
9efddf820f
20.0: July 2024 ASB picks
ce7b9fd0f5
d39bbaa57e
df49ae67f1
a0afe17e81
cb2db1244c
93a2c9a876
ed52683e9c
09e6330796

Signed-off-by: Tavi <tavi@divested.dev>
2024-07-11 13:26:47 -04:00
Tavi
ef65af8a8e
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-07-10 15:50:57 -04:00
Tavi
a970293398
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-07-08 14:43:28 -04:00
Tavi
9d69c5aee8
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-07-06 12:47:56 -04:00
Tavi
fa6322126d
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-07-05 13:35:38 -04:00
Tavi
1e2d7e9218
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-07-02 09:50:28 -04:00
Tavi
c7c759afd4
20.0: Add "Smart Pixels" screen filter feature
never starts, missing something

de9aa33971
af0aa9c4c3

aa5684f586

not used
dbc6f643b9
50d3f972a9

Signed-off-by: Tavi <tavi@divested.dev>
2024-06-29 11:56:16 -04:00
Tavi
4b5bd17510
Update CVE patchers
likely some breakage

Signed-off-by: Tavi <tavi@divested.dev>
2024-06-27 01:01:08 -04:00
Tavi
2e84510f6f
Fixup
Signed-off-by: Tavi <tavi@divested.dev>
2024-06-25 21:57:56 -04:00
Tavi
e96e53ff68
Backport CarrierConfig2 to 18.1 and 19.1
Signed-off-by: Tavi <tavi@divested.dev>
2024-06-25 08:40:49 -04:00
Tavi
637ace8214
Fixup
Signed-off-by: Tavi <tavi@divested.dev>
2024-06-25 04:19:17 -04:00
Tavi
2850ff678a Runtime control of CarrierConfig2
Signed-off-by: Tavi <tavi@divested.dev>
2024-06-25 04:19:06 -04:00
Tavi
4328ec6c65
20.0: Switch to CarrierConfig2 from GrapheneOS
And provide latest Google CarrierSettings to all devices
Tested working to enable VoLTE on additional carriers

Signed-off-by: Tavi <tavi@divested.dev>
2024-06-24 09:47:53 -04:00
Tavi
336ac67fd9
Fixup 3e2b2e0c
Signed-off-by: Tavi <tavi@divested.dev>
2024-06-22 20:47:23 -04:00
Tavi
3e2b2e0c4f
Reconcile picks + Fixup
Fixes https://github.com/Divested-Mobile/DivestOS-Build/issues/313

Signed-off-by: Tavi <tavi@divested.dev>
2024-06-22 20:46:16 -04:00
Tavi
d09584417e
Update CVE patchers
maybe some breakage

Signed-off-by: Tavi <tavi@divested.dev>
2024-06-20 15:27:45 -04:00
Tavi
416482ff52
Fixup + Churn
Signed-off-by: Tavi <tavi@divested.dev>
2024-06-18 01:10:49 -04:00
Tavi
ba9e22dc77
Reconcile picks
Signed-off-by: Tavi <tavi@divested.dev>
2024-06-16 15:55:36 -04:00
Tavi
0b746cecf4
Fixup
Signed-off-by: Tavi <tavi@divested.dev>
2024-06-16 14:24:40 -04:00
Tavi
7f00fd1dde
20.0: June 2024 ASB picks
Signed-off-by: Tavi <tavi@divested.dev>
2024-06-13 15:11:11 -04:00
Tavi
8383cd716d
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-06-06 15:47:27 -04:00
Tavi
1636f68138
Update CVE patchers
Fixes https://github.com/Divested-Mobile/DivestOS-Build/issues/308

Signed-off-by: Tavi <tavi@divested.dev>
2024-06-03 16:27:15 -04:00
Tavi
f91f45a7bd
Update CVE patchers
Maybe some breakage

Signed-off-by: Tavi <tavi@divested.dev>
2024-06-01 12:35:18 -04:00
Tavi
97ad0c69fe
Update CVE patchers
This expands loose versioning for 4.9 and 4.14

compile tested:
- cheeseburger/4.4
- fajita/4.9
- flame/4.14
- FP4/4.19
- lemonadep/5.4
- bluejay/5.10

CVE-2023-52879/5.4 may need to be expanded to other 5.4 kernels

this also patches CVE-2024-1086 for 4.9, 4.14, and 5.10

Signed-off-by: Tavi <tavi@divested.dev>
2024-05-31 20:55:45 -04:00
Tavi
4cf2b308ff Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-05-30 13:52:45 -04:00
Tavi
03e48ad81b
Fixup
Signed-off-by: Tavi <tavi@divested.dev>
2024-05-28 10:56:42 -04:00
Tavi
3e9d2b9bb0
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-05-28 10:30:53 -04:00
Tavi
b5e04a00ae
Fixup
Closes https://github.com/Divested-Mobile/DivestOS-Build/issues/306

Signed-off-by: Tavi <tavi@divested.dev>
2024-05-27 12:36:17 -04:00
Tavi
a136f27ae6
Fixup
Signed-off-by: Tavi <tavi@divested.dev>
2024-05-26 22:50:29 -04:00
Tavi
028541103d
Fixup
Manually checked 3.4 and 4.4
Likely still more breakage

Signed-off-by: Tavi <tavi@divested.dev>
2024-05-26 19:26:14 -04:00
Tavi
d2330cce15
Update CVE patchers
This probably breaks all of them

Signed-off-by: Tavi <tavi@divested.dev>
2024-05-26 18:29:36 -04:00
Tavi
ec9a38452d
21.0: trying to compile
frameworks/base/core/java/android/util/NtpTrustedTime.java:275: error: cannot find symbol
            final ContentResolver resolver = getContext().getContentResolver();

frameworks/base/core/java/android/content/pm/SpecialRuntimePermAppUtils.java:38: error: method checkPermission in class PermissionManager cannot be applied to given types;
        return PermissionManager.checkPermission(Manifest.permission.INTERNET, Process.myPid(), Process.myUid())

Signed-off-by: Tavi <tavi@divested.dev>
2024-05-20 19:23:31 -04:00
Tavi
07951955d3
21.0: more work
Signed-off-by: Tavi <tavi@divested.dev>
2024-05-20 18:13:59 -04:00
Tavi
afe1135384
Cleanup
- Removes unused files/patches
- Removes many guards, these likely don't work anyway due to patchsets having dependencies
- No functional change

Signed-off-by: Tavi <tavi@divested.dev>
2024-05-20 13:25:08 -04:00
Tavi
d98f33a337 21.0: Initial bringup
TODO:
- f/w/b
- settings

Signed-off-by: Tavi <tavi@divested.dev>
2024-05-20 11:53:38 -04:00