Commit Graph

95 Commits

Author SHA1 Message Date
Tad
9c105b799f O_asb_2021-11
Based off of:
https://review.lineageos.org/q/topic:P_asb_2021-11

Missing:
https://review.lineageos.org/c/LineageOS/android_packages_apps_Settings/+/318655

Maybe missing:
https://review.lineageos.org/c/LineageOS/android_hardware_nxp_nfc/+/318653

Doesn't exist:
https://review.lineageos.org/c/LineageOS/android_frameworks_native/+/318652

Untested

Signed-off-by: Tad <tad@spotco.us>
2021-11-08 17:19:50 -05:00
Tad
621441349e Fixup the sensors permission patches on 7, 8, and 9.
Switch these patches to MODE_ALLOWED from MODE_ASK to fix breakage
of system services.

Also remove some code that adds a likely security issue.

Will need some extra regression testing.

Signed-off-by: Tad <tad@spotco.us>
2021-11-04 10:24:06 -04:00
Tad
33c2725946 More patch refreshing
Signed-off-by: Tad <tad@spotco.us>
2021-10-29 16:08:27 -04:00
Tad
042b9063d1 More fixes
Signed-off-by: Tad <tad@spotco.us>
2021-10-16 17:12:13 -04:00
Tad
4ce35a3c60 Refresh most branch specific patches
Fixed up:
LineageOS-16.0/android_packages_apps_Backgrounds/308977.patch
LineageOS-16.0/android_packages_apps_Settings/0001-Captive_Portal_Toggle.patch
LineageOS-17.1/android_packages_apps_Settings/0001-Captive_Portal_Toggle.patch
LineageOS-18.1/android_packages_apps_Settings/0001-Captive_Portal_Toggle.patch

Must review again:
LineageOS-14.1/android_packages_apps_PackageInstaller/64d8b44.patch

Signed-off-by: Tad <tad@spotco.us>
2021-10-16 15:19:55 -04:00
Tad
84c7d230ab Permission for sensors access patches from @MSe1969
Signed-off-by: Tad <tad@spotco.us>
2021-09-24 23:35:33 -04:00
Tad
a9f44dee41 Fix hamper analytics patches
These must all be strings.
Sadly meant this likely hasn't worked for years.
:\

Signed-off-by: Tad <tad@spotco.us>
2021-09-13 15:27:29 -04:00
Tad
bdccb5fb39 Hamper ad_personalization_signals
Signed-off-by: Tad <tad@spotco.us>
2021-08-27 13:46:11 -04:00
Tad
27d55efdff Hamper ssaid collection
Signed-off-by: Tad <tad@spotco.us>
2021-08-27 13:41:57 -04:00
Tad
881c24d8b2 Various patches from GrapheneOS 2021-06-26 18:57:46 -04:00
Tad
f3e672fb18 Failed attempt at fixing signing
PRODUCT_OTA_PUBLIC_KEYS is meant to be set by a vendor tree, something
we don't use.

Override it at the source and set it explicitely as well.

This ensures that the compiled recovery.img and the one generated by
sign_target_files_apks.py includes the real public keys for verification.

11.0 signing is ignored.

This will need to be extensively tested as breakage can mean brick on locked
devices.
Although in failure cases it seems test-keys are accepted.

--

After much testing there appears to be a deeper issue with how keys
are inserted into the recovery and handled
2021-04-06 04:07:18 -04:00
Tad
5d14e4b4f7 Small changes
- Add m7 and avicii (untested)
- Use low_ram target on <2GB devices
  Silly me, this never did anything due to the git reset...
- Update Chromium WebView cherrypick
2021-03-24 14:43:12 -04:00
Tad
c23646ebd5 More cleanup 2021-03-20 16:37:15 -04:00
Tad
293c386322 More cleanup 2021-03-20 16:21:31 -04:00
Tad
d53a4f4e41 Update CVE patchers
- Drop tcp_sack=0 sysctl, as most devices are now patched
2020-10-12 18:38:07 -04:00
Tad
f5462dd23c Minor tweaks 2020-05-13 17:38:39 -04:00
Tad
09b38c1f04 marlin/sailfish: fix MediaProvider using 100% CPU
- by disabling mtp over functionfs
- affects both GrapheneOS and LineageOS
- might need to be applied to other devices

[pid  2482] ppoll([{fd=42, events=POLLIN}, {fd=51, events=POLLIN}], 2, {tv_sec=0, tv_nsec=0}, NULL, 0) = 0 (Timeout)
lrwx------ 1 u0_a13 u0_a13 64 2019-09-05 18:47 42 -> /dev/usb-ffs/mtp/ep0
lrwx------ 1 u0_a13 u0_a13 64 2019-09-05 18:47 51 -> anon_inode:[eventfd]

https://forum.xda-developers.com/android/help/pixel2-help-diagnose-android-process-t3863274
https://bugs.chromium.org/p/chromium/issues/detail?id=947901
2019-09-06 09:38:01 -04:00
Tad
330df0983c 16.0: Add GrapheneOS' exec-based spawning feature + misc tweaks
- patch credit updates
- 16.0: allow SystemUI to directly manage Bluetooth/WiFi
 - from GrapheneOS
- cleanup
2019-08-30 02:30:13 -04:00
Tad
057bedb65b Minor tweaks
- 14.1+15.1+16.0: enable kernel protections for files
 - protected_*: hardlinks, symlinks, fifos, regular
 - from GrapheneOS
- defconfig: enable more verity options
- cleanup
2019-08-28 20:24:59 -04:00
Tad
db348ab09c Minor tweaks
- 15.1+16.0: Replace in-line build signing patch with bash function
 - From GrapheneOS/script
- 15.1+16.0: Enable fingerprint failed lockout after 5 attempts
 - From GrapheneOS
2019-08-28 00:40:27 -04:00
Tad
6458d6785f Enable IPv6 privacy extensions 2019-07-05 16:47:59 -04:00
Tad
c15105d945 Update CVE patchers 2019-06-17 23:26:38 -04:00
Tad
40d6db0326 divestos.xyz > divestos.org 2019-05-23 11:34:26 -04:00
Tad
974cc3b3f8 16.0: recovery has been updated
but leave it disabled because it doesn't boot
2019-04-04 23:33:10 -04:00
Tad
25cc717ec2 Use GrapheneOS' hardened memory allocator
+ 16.0: some other misc hardening patches from GrapheneOS
  - always restrict access to Build.SERIAL
  - don't grant location permission to system browsers
  - fbe: pad filenames more
+ 16.0: Contacts: remove Privacy Policy and Terms of Service links
2019-04-04 01:07:58 -04:00
Tad
afe719ffc4 16.0: Initial bringup
- 14.1/15.1: Remove @ValdikSS' bluetooth patches
- 15.1: Cleanup
2019-03-04 02:45:54 -05:00
Tad
b9ff7a74e6 Updates and fixes 2019-02-12 16:09:41 -05:00
Tad
9178760d1a Updater: Fix downloads over Tor
+ Update TODO
+ Minor tweaks
2019-02-08 20:58:15 -05:00
Tad
c27f226269 Properly fix network mode patch 2018-12-29 12:19:27 -05:00
Tad
0df749ef73 Add more preferred network modes such as LTE Only, LTE/3G only, and 3G only 2018-12-28 08:02:24 -05:00
Tad
776be6f992 Backport Updater Tor support patch to 14.1 2018-09-24 06:46:54 -04:00
Tad
08c65c8334 Patches to add captive portal check toggle from @MSe1969 2018-09-22 21:05:41 -04:00
Tad
642f978509 Experimental Bluetooth audio quailty improvement patches, credit @ValdikSS 2018-08-23 22:31:43 -04:00
Tad
4136ab17b8 Updates 2018-08-04 09:15:22 -04:00
Tad
94f1382077 Updates 2018-07-25 21:56:11 -04:00
Tad
1dc92478ed Many changes
- Drop Copperhead patches
- More overlay work
2018-07-12 22:05:02 -04:00
Tad
79972d393c DNM: WIP: Migrate to a proper vendor overlay for most changes 2018-07-12 21:27:01 -04:00
Tad
29ace39eb9 Fixup previous 2 commits + misc tweaks 2018-06-27 12:04:42 -04:00
Tad
5d4d12b324 14.1: Add back all devices that were moved to 15.1 2018-06-27 09:17:50 -04:00
Tad
746b695d6a Deduplicate updater patches 2018-06-27 08:43:12 -04:00
Tad
e65234f8eb Many changes
- Allow OTA server to be set from init.sh
- Fix link updating from Rebrand.sh
- Update CVE patchers
2018-06-26 21:47:45 -04:00
Tad
af9126ffcb More deduplication
- Deduplicate Trebuchet default workspaces
- Deduplicate LatinIME patches
- Deduplicate SetupWizard assets
- And fix a typo with grouper overclock
2018-06-26 21:25:59 -04:00
Tad
f6cdc9426c Many changes
- Remove proprietary audio enhancement blobs
- Remove AudioFX to prevent crashes after blobs are removed
- Deduplicate patches a bit with the new Patches/Common directory
- Switch boot animation shine generation from gradient to plasma
- Update submodules
2018-06-25 07:59:24 -04:00
Tad
3a3fe5aca9 Replace DNS patches with a function + some misc fixes 2018-06-24 01:27:33 -04:00
Tad
af94760587 Remove msm8992 overclocks 2018-06-23 00:23:34 -04:00
Tad
a0ce912d99 Add Provisioner repo to F-Droid and fixup previous deblobber changes 2018-06-17 19:42:17 -04:00
Tad
8eeafdd09f Changes for trust_interface and other misc tweaks 2018-06-10 19:00:02 -04:00
Tad
eeba3fd873 Going the distance... 2018-06-03 14:13:59 -04:00
Tad
bf8f1e4d3d More fixes and cleanup 2018-06-02 18:34:15 -04:00
Tad
2fb4b7f5f1 Add option to disable inclusion of microG 2018-06-02 17:37:21 -04:00