Tad
881c24d8b2
Various patches from GrapheneOS
2021-06-26 18:57:46 -04:00
Tad
f3e672fb18
Failed attempt at fixing signing
...
PRODUCT_OTA_PUBLIC_KEYS is meant to be set by a vendor tree, something
we don't use.
Override it at the source and set it explicitely as well.
This ensures that the compiled recovery.img and the one generated by
sign_target_files_apks.py includes the real public keys for verification.
11.0 signing is ignored.
This will need to be extensively tested as breakage can mean brick on locked
devices.
Although in failure cases it seems test-keys are accepted.
--
After much testing there appears to be a deeper issue with how keys
are inserted into the recovery and handled
2021-04-06 04:07:18 -04:00
Tad
5d14e4b4f7
Small changes
...
- Add m7 and avicii (untested)
- Use low_ram target on <2GB devices
Silly me, this never did anything due to the git reset...
- Update Chromium WebView cherrypick
2021-03-24 14:43:12 -04:00
Tad
c23646ebd5
More cleanup
2021-03-20 16:37:15 -04:00
Tad
293c386322
More cleanup
2021-03-20 16:21:31 -04:00
Tad
d53a4f4e41
Update CVE patchers
...
- Drop tcp_sack=0 sysctl, as most devices are now patched
2020-10-12 18:38:07 -04:00
Tad
f5462dd23c
Minor tweaks
2020-05-13 17:38:39 -04:00
Tad
09b38c1f04
marlin/sailfish: fix MediaProvider using 100% CPU
...
- by disabling mtp over functionfs
- affects both GrapheneOS and LineageOS
- might need to be applied to other devices
[pid 2482] ppoll([{fd=42, events=POLLIN}, {fd=51, events=POLLIN}], 2, {tv_sec=0, tv_nsec=0}, NULL, 0) = 0 (Timeout)
lrwx------ 1 u0_a13 u0_a13 64 2019-09-05 18:47 42 -> /dev/usb-ffs/mtp/ep0
lrwx------ 1 u0_a13 u0_a13 64 2019-09-05 18:47 51 -> anon_inode:[eventfd]
https://forum.xda-developers.com/android/help/pixel2-help-diagnose-android-process-t3863274
https://bugs.chromium.org/p/chromium/issues/detail?id=947901
2019-09-06 09:38:01 -04:00
Tad
330df0983c
16.0: Add GrapheneOS' exec-based spawning feature + misc tweaks
...
- patch credit updates
- 16.0: allow SystemUI to directly manage Bluetooth/WiFi
- from GrapheneOS
- cleanup
2019-08-30 02:30:13 -04:00
Tad
057bedb65b
Minor tweaks
...
- 14.1+15.1+16.0: enable kernel protections for files
- protected_*: hardlinks, symlinks, fifos, regular
- from GrapheneOS
- defconfig: enable more verity options
- cleanup
2019-08-28 20:24:59 -04:00
Tad
db348ab09c
Minor tweaks
...
- 15.1+16.0: Replace in-line build signing patch with bash function
- From GrapheneOS/script
- 15.1+16.0: Enable fingerprint failed lockout after 5 attempts
- From GrapheneOS
2019-08-28 00:40:27 -04:00
Tad
6458d6785f
Enable IPv6 privacy extensions
2019-07-05 16:47:59 -04:00
Tad
c15105d945
Update CVE patchers
2019-06-17 23:26:38 -04:00
Tad
40d6db0326
divestos.xyz > divestos.org
2019-05-23 11:34:26 -04:00
Tad
974cc3b3f8
16.0: recovery has been updated
...
but leave it disabled because it doesn't boot
2019-04-04 23:33:10 -04:00
Tad
25cc717ec2
Use GrapheneOS' hardened memory allocator
...
+ 16.0: some other misc hardening patches from GrapheneOS
- always restrict access to Build.SERIAL
- don't grant location permission to system browsers
- fbe: pad filenames more
+ 16.0: Contacts: remove Privacy Policy and Terms of Service links
2019-04-04 01:07:58 -04:00
Tad
afe719ffc4
16.0: Initial bringup
...
- 14.1/15.1: Remove @ValdikSS' bluetooth patches
- 15.1: Cleanup
2019-03-04 02:45:54 -05:00
Tad
b9ff7a74e6
Updates and fixes
2019-02-12 16:09:41 -05:00
Tad
9178760d1a
Updater: Fix downloads over Tor
...
+ Update TODO
+ Minor tweaks
2019-02-08 20:58:15 -05:00
Tad
c27f226269
Properly fix network mode patch
2018-12-29 12:19:27 -05:00
Tad
0df749ef73
Add more preferred network modes such as LTE Only, LTE/3G only, and 3G only
2018-12-28 08:02:24 -05:00
Tad
776be6f992
Backport Updater Tor support patch to 14.1
2018-09-24 06:46:54 -04:00
Tad
08c65c8334
Patches to add captive portal check toggle from @MSe1969
2018-09-22 21:05:41 -04:00
Tad
642f978509
Experimental Bluetooth audio quailty improvement patches, credit @ValdikSS
2018-08-23 22:31:43 -04:00
Tad
4136ab17b8
Updates
2018-08-04 09:15:22 -04:00
Tad
94f1382077
Updates
2018-07-25 21:56:11 -04:00
Tad
1dc92478ed
Many changes
...
- Drop Copperhead patches
- More overlay work
2018-07-12 22:05:02 -04:00
Tad
79972d393c
DNM: WIP: Migrate to a proper vendor overlay for most changes
2018-07-12 21:27:01 -04:00
Tad
29ace39eb9
Fixup previous 2 commits + misc tweaks
2018-06-27 12:04:42 -04:00
Tad
5d4d12b324
14.1: Add back all devices that were moved to 15.1
2018-06-27 09:17:50 -04:00
Tad
746b695d6a
Deduplicate updater patches
2018-06-27 08:43:12 -04:00
Tad
e65234f8eb
Many changes
...
- Allow OTA server to be set from init.sh
- Fix link updating from Rebrand.sh
- Update CVE patchers
2018-06-26 21:47:45 -04:00
Tad
af9126ffcb
More deduplication
...
- Deduplicate Trebuchet default workspaces
- Deduplicate LatinIME patches
- Deduplicate SetupWizard assets
- And fix a typo with grouper overclock
2018-06-26 21:25:59 -04:00
Tad
f6cdc9426c
Many changes
...
- Remove proprietary audio enhancement blobs
- Remove AudioFX to prevent crashes after blobs are removed
- Deduplicate patches a bit with the new Patches/Common directory
- Switch boot animation shine generation from gradient to plasma
- Update submodules
2018-06-25 07:59:24 -04:00
Tad
3a3fe5aca9
Replace DNS patches with a function + some misc fixes
2018-06-24 01:27:33 -04:00
Tad
af94760587
Remove msm8992 overclocks
2018-06-23 00:23:34 -04:00
Tad
a0ce912d99
Add Provisioner repo to F-Droid and fixup previous deblobber changes
2018-06-17 19:42:17 -04:00
Tad
8eeafdd09f
Changes for trust_interface and other misc tweaks
2018-06-10 19:00:02 -04:00
Tad
eeba3fd873
Going the distance...
2018-06-03 14:13:59 -04:00
Tad
bf8f1e4d3d
More fixes and cleanup
2018-06-02 18:34:15 -04:00
Tad
2fb4b7f5f1
Add option to disable inclusion of microG
2018-06-02 17:37:21 -04:00
Tad
fe6f853746
mako: add back LTE support patch
2018-05-30 03:45:43 -04:00
Tad
f9f893a443
Hamper the ad/analytics libraries!
2018-05-21 05:28:07 -04:00
Tad
67db210756
Many changes
...
- 15.1: Fixup ether here too
- Change F-Droid application id to allow installation of official F-Droid side by side
- Remove FDroidPriv patch and use sed instead
- Optimize: Switch VM_MAX_READAHEAD to 512KB
- Misc tweaks
- Update TODO
2018-05-20 23:30:40 -04:00
Tad
966c9c8509
Change connectivity check URLs
2018-05-08 20:56:02 -04:00
Tad
e22d028cbd
Switch DNS back to OpenNIC for now
2018-05-08 16:04:41 -04:00
Tad
2054759724
Fix inclusion of LocalCalendar
2018-05-03 10:22:04 -04:00
Tad
ee6788df1e
Switch from OpenNIC to Cloudflare DNS
2018-05-03 07:38:32 -04:00
Tad
8220c2fd11
Prepare potential future inclusion of DNS66
2018-04-28 21:50:06 -04:00
Tad
b30c62629b
Revert "Strong AES patch changes"
...
This reverts commit 60b85e10fe
.
2018-04-28 15:35:53 -04:00