Commit Graph

215 Commits

Author SHA1 Message Date
Tavi
54469e0693
Fixup
Signed-off-by: Tavi <tavi@divested.dev>
2024-03-11 07:22:03 -04:00
Tavi
cdfbce9dfd
Fixups
Signed-off-by: Tavi <tavi@divested.dev>
2024-03-10 12:10:49 -04:00
Tavi
c3b07f5e01
Churn
Signed-off-by: Tavi <tavi@divested.dev>
2024-03-09 16:35:22 -05:00
Tavi
f5a44efdff
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-03-07 12:13:52 -05:00
Tavi
5aefd27519
Update CVE patchers
Fixes https://github.com/Divested-Mobile/DivestOS-Build/issues/294

Signed-off-by: Tavi <tavi@divested.dev>
2024-03-05 12:42:34 -05:00
Tavi
cd38073ad2
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-03-04 15:39:53 -05:00
Tavi
fdbd1a090f
Update CVE patchers
I made a pass through removing some obvious wrongly applied patches
but there is likely some more breakage here

Signed-off-by: Tavi <tavi@divested.dev>
2024-03-02 12:31:51 -05:00
Tavi
d1be2eaa2f
Fixup
Fixes https://github.com/Divested-Mobile/DivestOS-Build/issues/292

Signed-off-by: Tavi <tavi@divested.dev>
2024-02-28 09:44:10 -05:00
Tavi
45e87b4a1c
Update CVE patchers
Potential breakage

Signed-off-by: Tavi <tavi@divested.dev>
2024-02-27 03:15:54 -05:00
Tavi
20c8abcbc1
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-02-19 22:35:04 -05:00
Tavi
c1f58ea419
Churn
Signed-off-by: Tavi <tavi@divested.dev>
2024-02-14 12:46:59 -05:00
Tavi
b7ce879d83
Picks
Signed-off-by: Tavi <tavi@divested.dev>
2024-02-11 19:20:38 -05:00
Tavi
215f358d58
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-02-05 18:23:16 -05:00
Tavi
4e2c426be3
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-01-31 13:33:41 -05:00
Tavi
d29b69b70d
Churn
Signed-off-by: Tavi <tavi@divested.dev>
2024-01-24 14:08:23 -05:00
Tavi
00f1589cb8
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-01-22 13:27:55 -05:00
Thaddeus
9d230974a2
Update CVE patchers
Signed-off-by: Thaddeus <tad@spotco.us>
2024-01-04 15:51:27 -05:00
Tad
7c46f43fc4
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-12-20 12:28:48 -05:00
Tad
26c0951cd2
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-12-04 15:51:53 -05:00
Tad
af0cea3572
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-11-16 22:59:28 -05:00
Tad
77b7de4b1e
Picks
Signed-off-by: Tad <tad@spotco.us>
2023-11-09 17:59:22 -05:00
Tad
4eed156d14
Fixup 09494a1c
compile tested: vayu, pioneer

Signed-off-by: Tad <tad@spotco.us>
2023-11-07 21:19:43 -05:00
Tad
acd2484816
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-11-07 17:37:16 -05:00
Tad
09494a1c71
Move all 19.1 devices to 20.0
Signed-off-by: Tad <tad@spotco.us>
2023-11-07 16:50:54 -05:00
Tad
548aec9c9d
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-11-05 18:58:11 -05:00
Tad
f64285f6fd
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-10-15 21:06:16 -04:00
Tad
d80f272b54
Update CVE patchers
CVE-2023-4128 replaces CVE-2023-4208

Signed-off-by: Tad <tad@spotco.us>
2023-10-02 21:41:34 -04:00
Tad
19f4964036
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-09-21 16:52:35 -04:00
Tad
337ae6012d
Fixup
TODO: regen

Signed-off-by: Tad <tad@spotco.us>
2023-09-17 20:26:44 -04:00
Tad
1b4f6d3bd8
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-09-17 01:30:23 -04:00
Tad
0ec3c25d86
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-09-05 20:42:14 -04:00
Tad
4afb99b6d1
Fixup fc903251
Signed-off-by: Tad <tad@spotco.us>
2023-08-30 12:48:37 -04:00
Tad
fc9032513f
Update CVE patchers
Likely issue CVE-2023-3773/^6.4

Signed-off-by: Tad <tad@spotco.us>
2023-08-27 17:13:53 -04:00
Tad
fa030fcbf4
Churn
Signed-off-by: Tad <tad@spotco.us>
2023-08-24 21:38:33 -04:00
Alberto García
62ca909711
Push davinci to 20.0 2023-08-24 19:06:22 -04:00
Tad
ee5a62138a
Push z2_plus to 20.0
Signed-off-by: Tad <tad@spotco.us>
2023-08-24 18:58:08 -04:00
Tad
2142e2e763
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-08-17 17:18:10 -04:00
Tad
9707326c4f
Churn
Signed-off-by: Tad <tad@spotco.us>
2023-08-13 16:16:21 -04:00
Tad
974878988b
Fixup
Will regen later

Signed-off-by: Tad <tad@spotco.us>
2023-08-09 00:46:44 -04:00
Tad
eef09ae519
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-08-07 18:07:19 -04:00
Tad
180280b233
Update CVE patchers
TODO: adjust min version of CVE-2023-4132

Signed-off-by: Tad <tad@spotco.us>
2023-08-04 21:00:29 -04:00
Tad
73414e76d2
Update CVE patchers
two lpes

Signed-off-by: Tad <tad@spotco.us>
2023-07-25 12:04:05 -04:00
Tad
3708cee48a
Churn
Signed-off-by: Tad <tad@spotco.us>
2023-07-24 14:10:33 -04:00
Tad
4bab1c31d7
Churn
Signed-off-by: Tad <tad@spotco.us>
2023-07-19 16:05:51 -04:00
Tad
b6308caa37
Update CVE patchers
TODO: enable CVE-2023-31084/4.4

Signed-off-by: Tad <tad@spotco.us>
2023-07-15 21:22:18 -04:00
Tad
1c9076fffe
KSM tuning
- Only enable on Linux 3.0 through 4.9
- Always enable defer option
- Only run twice a second, instead of fifty times a second

Signed-off-by: Tad <tad@spotco.us>
2023-07-14 20:27:10 -04:00
Tad
11c286ecd4
Churn
Signed-off-by: Tad <tad@spotco.us>
2023-07-14 17:27:20 -04:00
Tad
7a53edc390
Churn
Signed-off-by: Tad <tad@spotco.us>
2023-07-10 17:11:15 -04:00
Tad
c4666a33b7
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-07-05 19:42:40 -04:00
Tad
2e2ac4557d
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-06-26 19:41:11 -04:00
Tad
6b94c8cdcb
Fixup
Signed-off-by: Tad <tad@spotco.us>
2023-06-21 16:05:11 -04:00
Tad
dc4d6b0901
Churn
Signed-off-by: Tad <tad@spotco.us>
2023-06-20 18:36:31 -04:00
Tad
a07133a064
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-06-16 11:03:46 -04:00
Tad
ee534ada7f
20.0: bringup lmi/alioth
Signed-off-by: Tad <tad@spotco.us>
2023-06-14 22:04:04 -04:00
Tad
0dde119d7e
20.0 June ASB work + churn
QPR3 is delayed a week now

Patches pulled from GrapheneOS and checked against CalyxOS

Signed-off-by: Tad <tad@spotco.us>
2023-06-12 21:06:42 -04:00
Tad
2ee99fe3ef
Update CVE patchers
CVE-2020-36694 appears to be a duplicate of CVE-2021-29650

Signed-off-by: Tad <tad@spotco.us>
2023-06-01 21:12:08 -04:00
Tad
8a43be3c58
Churn
Signed-off-by: Tad <tad@spotco.us>
2023-05-30 15:17:29 -04:00
Tad
8463705798
Update CVE patchers
- Includes CVE-2023-32233 fixes for more devices
- Upstream has reverted the LVT patches, maybe consider handling them

Signed-off-by: Tad <tad@spotco.us>
2023-05-22 20:33:47 -04:00
Tad
cd0a29d69b
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-05-12 23:28:44 -04:00
Tad
1a203ab5ad
Nine device additions
20.0:
	- akatsuki
	- lemonades
	- dipper, equuleus, polaris, ursa

19.1:
	- kirin, mermaid
	- apollon

note lemonades is failing like kebab:
> Sum of sizes in oneplus_dynamic_partitions_partition_list is 3765178368, which is greater than oneplus_dynamic_partitions_size (3753902080)

Signed-off-by: Tad <tad@spotco.us>
2023-05-09 02:48:56 -04:00
Tad
14c191ffb5
Churn
Signed-off-by: Tad <tad@spotco.us>
2023-05-04 21:19:33 -04:00
Tad
366b4eb5ef
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-05-02 18:01:39 -04:00
Tad
47136145e5
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-04-23 23:20:36 -04:00
Tad
9ba61642de
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-04-17 23:19:28 -04:00
Tad
aad60b7567
Promotions
16.0 santoni/land to 20.0 Mi8937 unified
17.1 griffin to 18.1
17.1 star*/crownlte to 20.0
20.0 add pro1x

Signed-off-by: Tad <tad@spotco.us>
2023-04-17 21:36:49 -04:00
Tad
7263a6fd6e
Churn
Signed-off-by: Tad <tad@spotco.us>
2023-04-17 12:27:05 -04:00
Tad
2cc87c4dc7
Switch fingerprint locked to 5 attempts instead of 3 + churn
Signed-off-by: Tad <tad@spotco.us>
2023-04-12 15:26:26 -04:00
Tad
9a97c7013b
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-04-05 12:43:36 -04:00
Tad
2907be1be5
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-03-28 00:48:08 -04:00
Tad
c4a23756a5 Churn
Signed-off-by: Tad <tad@spotco.us>
2023-03-25 20:44:13 -04:00
Tad
5f366227bd cheryl: promote to 20.0
Signed-off-by: Tad <tad@spotco.us>
2023-03-25 20:04:22 -04:00
Tad
b522a16298
Churn
Signed-off-by: Tad <tad@spotco.us>
2023-03-22 07:21:15 -04:00
Tad
9475615e77
A13 QPR2 Churn
Signed-off-by: Tad <tad@spotco.us>
2023-03-19 20:52:48 -04:00
Tad
8bcb5c734d
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-03-17 19:27:22 -04:00
Tad
162b40a39d
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-03-13 18:13:54 -04:00
Tad
fd1becb8c4
20.0: bringup avicii
Signed-off-by: Tad <tad@spotco.us>
2023-03-08 17:29:58 -05:00
Tad
0b294c1601
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-03-08 16:01:49 -05:00
Tad
804786aa23
Update CVE patchers
Fixes https://github.com/Divested-Mobile/DivestOS-Build/issues/193

Signed-off-by: Tad <tad@spotco.us>
2023-03-06 19:54:15 -05:00
Tad
b8f39716f1
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-02-26 12:21:36 -05:00
Tad
b08bf0356f
Small additions + churn
- 18.1+: Disable NTP fully when automatic time is off, credit GrapheneOS
- 20.0: Handle Tor-over-Orbot when killswitch enabled, credit CalyxOS, BROKEN

Signed-off-by: Tad <tad@spotco.us>
2023-02-18 13:52:46 -05:00
Tad
742a2fb7e2
Churn
Signed-off-by: Tad <tad@spotco.us>
2023-02-13 10:32:56 -05:00
Tad
29ef757ac6
Bump FP3 to 20.0
Signed-off-by: Tad <tad@spotco.us>
2023-02-13 10:07:47 -05:00
Tad
a845f59546
Fixup persistent IPv6 privacy address issue + churn
Backports of rfc4941bis from Google/Linaro
and workaround for legacy kernels from GrapheneOS

already has rfc4941bis patch:
fairphone_sdm632
google_gs101
google_gs201
google_msm-4.14
google_msm-4.9
google_redbull
oneplus_sdm845
razer_sdm845
xiaomi_sdm845

Signed-off-by: Tad <tad@spotco.us>
2023-02-11 20:26:24 -05:00
Tad
fa067a3f89
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-02-06 23:06:34 -05:00
Tad
4155cec7e3
20.0: bringup mata
Signed-off-by: Tad <tad@spotco.us>
2023-02-01 17:51:38 -05:00
Tad
1511176a07
Update CVE patchers
Maybe some breakage

Signed-off-by: Tad <tad@spotco.us>
2023-01-28 20:33:44 -05:00
Tad
da1df44c8f
GrapheneOS kernel hardening patches update
Maybe some compile breakage

Signed-off-by: Tad <tad@spotco.us>
2023-01-24 19:03:01 -05:00
Tad
e81cd5586d
Add even more captive portal servers + sorting
TODO: apply to other branches

Signed-off-by: Tad <tad@spotco.us>
2023-01-23 16:42:00 -05:00
Tad
91807acf21
various small fixes
- loose versioning fixes for 4.9
- remove GPG commit verification for GOS repos, they use SSH now. TODO: support that
- 20.0: fixup AudioFX stray lines
- 20.0: broken fix for gs101/201 stray iwlan lines

Signed-off-by: Tad <tad@spotco.us>
2023-01-18 20:02:11 -05:00
Tad
5ce2d33162
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-01-18 14:13:33 -05:00
Tad
2153422bb0
Potentially unbreak video playback on vayu, davinci, guacamole*, and hotdog*.
Signed-off-by: Tad <tad@spotco.us>
2023-01-13 21:27:18 -05:00
Tad
14f40e024f
Update CVE patchers
This adds loose versioning applying 4.14 patches to 4.9

Signed-off-by: Tad <tad@spotco.us>
2023-01-13 13:23:12 -05:00
Tad
3e5f1ec5ec Churn
Signed-off-by: Tad <tad@spotco.us>
2023-01-12 16:07:39 -05:00
Tad
8eca7f2149
20.0: add xz2 series + churn
Signed-off-by: Tad <tad@spotco.us>
2023-01-09 13:47:10 -05:00
Tad
c92c084ca1
Churn
Signed-off-by: Tad <tad@spotco.us>
2023-01-08 20:49:57 -05:00
Tad
f2d87b1e81
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-01-03 20:18:40 -05:00
Tad
06eed1fba9
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2022-12-31 21:41:46 -05:00
Tad
7d6b8e3aeb
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2022-12-22 11:33:47 -05:00
Tad
7277291dd7
Churn
Signed-off-by: Tad <tad@spotco.us>
2022-12-18 21:46:00 -05:00
Tad
03293f6b52
Fixup
Messy, but better to have CVE-2022-42896 applied to *some* 3.18 kernels

Signed-off-by: Tad <tad@spotco.us>
2022-12-17 00:42:25 -05:00
Tad
c2fc228f3b Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2022-12-16 22:06:13 -05:00
Tad
ad5de60266
More Pixel 6/7 work
compiles, but fails to generate release due to pvmfw failure

Signed-off-by: Tad <tad@spotco.us>
2022-12-15 20:49:30 -05:00
Tad
29c9826c11
20.0: QPR1 churn
Signed-off-by: Tad <tad@spotco.us>
2022-12-10 20:57:17 -05:00
Tad
a62922e72d
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2022-12-06 15:00:40 -05:00
Tad
0aa4fd0fc3
Update CVE patchers
Appears I skipped 20.0 by accident last update

Signed-off-by: Tad <tad@spotco.us>
2022-12-05 14:23:06 -05:00
Tad
fd0e3e8117
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2022-11-22 07:11:30 -05:00
Tad
c4fe56a307
Update CVE patchers
This fixes CVE-2018-9422 which was primarily added via b56fabac

May still need to be fixed:
16.0/kernel_google_yellowstone
16.0/kernel_xiaomi_msm8937

Signed-off-by: Tad <tad@spotco.us>
2022-11-21 08:39:10 -05:00
Tad
b81d39c969
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2022-11-11 16:05:22 -05:00
Tad
ac3dc319c7
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2022-11-07 15:51:17 -05:00
Tad
7fb334d825
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2022-11-03 13:25:38 -04:00
Tad
aa4ffdb014
20.0: add taimen/walleye
not stable yet, ims crashes invoking rescueparty

Signed-off-by: Tad <tad@spotco.us>
2022-10-31 18:31:55 -04:00
Tad
c051cb282d Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2022-10-22 21:39:01 -04:00
Tad
8ddbd86d44
20.0: more devices
Signed-off-by: Tad <tad@spotco.us>
2022-10-19 15:22:20 -04:00
Tad
e8248e4938
20.0: fixes + r11 churn
Signed-off-by: Tad <tad@spotco.us>
2022-10-16 17:18:06 -04:00
Tad
20cfa30df0
20.0: Initial roster
Signed-off-by: Tad <tad@spotco.us>
2022-10-15 14:42:10 -04:00