Commit Graph

1860 Commits

Author SHA1 Message Date
Tad
b388727945
Churn
Signed-off-by: Tad <tad@spotco.us>
2023-02-27 10:12:12 -05:00
danielk43
11039a156d Update LOS20 hardened_malloc patches 2023-02-27 10:10:41 -05:00
Tad
b8f39716f1
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-02-26 12:21:36 -05:00
Tad
2706fc9d59
Missing pick
Signed-off-by: Tad <tad@spotco.us>
2023-02-19 15:37:16 -05:00
Tad
b2913e8170
15.1 February ASB work + Picks
Signed-off-by: Tad <tad@spotco.us>
2023-02-19 13:07:11 -05:00
Tad
2993b459f0
Fixes
Signed-off-by: Tad <tad@spotco.us>
2023-02-18 23:53:28 -05:00
Tad
b08bf0356f
Small additions + churn
- 18.1+: Disable NTP fully when automatic time is off, credit GrapheneOS
- 20.0: Handle Tor-over-Orbot when killswitch enabled, credit CalyxOS, BROKEN

Signed-off-by: Tad <tad@spotco.us>
2023-02-18 13:52:46 -05:00
Tad
9f82763c53
Churn
Signed-off-by: Tad <tad@spotco.us>
2023-02-17 23:57:04 -05:00
Tad
742a2fb7e2
Churn
Signed-off-by: Tad <tad@spotco.us>
2023-02-13 10:32:56 -05:00
Tad
29ef757ac6
Bump FP3 to 20.0
Signed-off-by: Tad <tad@spotco.us>
2023-02-13 10:07:47 -05:00
Tad
e9f58cfd3c
VPN fixes
Some devices still don't have these in 2023
https://gitlab.com/LineageOS/issues/android/-/issues/2193

Note, the following still aren't patched:
15.1
kernel/google/msm
kernel/lge/hammerhead

16.0
kernel/cyanogen/msm8974
kernel/lge/hammerhead

18.1
kernel/motorola/msm8974

Signed-off-by: Tad <tad@spotco.us>
2023-02-12 21:34:23 -05:00
Tad
a845f59546
Fixup persistent IPv6 privacy address issue + churn
Backports of rfc4941bis from Google/Linaro
and workaround for legacy kernels from GrapheneOS

already has rfc4941bis patch:
fairphone_sdm632
google_gs101
google_gs201
google_msm-4.14
google_msm-4.9
google_redbull
oneplus_sdm845
razer_sdm845
xiaomi_sdm845

Signed-off-by: Tad <tad@spotco.us>
2023-02-11 20:26:24 -05:00
Tad
62b2318078 Backports + Picks
Signed-off-by: Tad <tad@spotco.us>
2023-02-11 19:20:28 -05:00
Tad
49f5f1c674
19.1+: Add the SUPL toggle setting from GrapheneOS
Will need some work to apply on 17.1/18.1

Signed-off-by: Tad <tad@spotco.us>
2023-02-10 23:57:04 -05:00
Tad
3047b3b269
Fixup kipper & starlte
Signed-off-by: Tad <tad@spotco.us>
2023-02-10 08:19:23 -05:00
Tad
0e9599af6d
Fixup
Signed-off-by: Tad <tad@spotco.us>
2023-02-09 22:46:42 -05:00
Tad
046f35c66c
Picks
Signed-off-by: Tad <tad@spotco.us>
2023-02-08 15:00:42 -05:00
Tad
9c2c5a444e
Update CVE patchers
no actual changes

Signed-off-by: Tad <tad@spotco.us>
2023-02-07 20:12:03 -05:00
Tad
fa067a3f89
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-02-06 23:06:34 -05:00
Tad
19d5f73b50
Remove silly carrier restrictions
Signed-off-by: Tad <tad@spotco.us>
2023-02-03 22:17:13 -05:00
Tad
ef51b5e5af
Updated strict package check patches from GrapheneOS
Signed-off-by: Tad <tad@spotco.us>
2023-02-03 17:57:15 -05:00
Tad
6e75c0dbd3
Fix boot failure after WebView signature changes
Tested working on:
- 14.1: toroplus
- 15.1: bullhead, hammerhead
- 17.1: clark

This is the same issue which resulted in e61e288b being reverted.
Still unclear why this happens.

Signed-off-by: Tad <tad@spotco.us>
2023-02-03 00:02:44 -05:00
Tad
dc853bfdae
WebView: Switch to dedicated package name
And remove the F-Droid repo for it, will be moved to the 'DivestOS Official' repo
This simplifies release management and also allows other systems to benefit from the repo

Downside is users who don't update to this build won't receive any updates for it anymore

Signed-off-by: Tad <tad@spotco.us>
2023-02-02 17:17:30 -05:00
Tad
48ce0ad7d9 Fixup + Churn
Signed-off-by: Tad <tad@spotco.us>
2023-02-01 21:36:47 -05:00
Tad
64e717151a
19.1: mata: allow major upgrade
Signed-off-by: Tad <tad@spotco.us>
2023-02-01 20:25:47 -05:00
Tad
20c4e75fe1
Fixes
Signed-off-by: Tad <tad@spotco.us>
2023-02-01 18:30:29 -05:00
Tad
4155cec7e3
20.0: bringup mata
Signed-off-by: Tad <tad@spotco.us>
2023-02-01 17:51:38 -05:00
Tad
baa0252c6b
Allow editing APNs, patch from GrapheneOS
Signed-off-by: Tad <tad@spotco.us>
2023-02-01 17:21:32 -05:00
Tad
4f6e21d7f9 Deduplicate Defaults.sh
Signed-off-by: Tad <tad@spotco.us>
2023-02-01 15:57:13 -05:00
Tad
af3fe9776b Small updates
Signed-off-by: Tad <tad@spotco.us>
2023-02-01 15:19:21 -05:00
Tad
1511176a07
Update CVE patchers
Maybe some breakage

Signed-off-by: Tad <tad@spotco.us>
2023-01-28 20:33:44 -05:00
Tad
eaac744701 Fixes
Signed-off-by: Tad <tad@spotco.us>
2023-01-24 23:37:38 -05:00
Tad
3231979ef4
Churn
Signed-off-by: Tad <tad@spotco.us>
2023-01-24 20:55:42 -05:00
Tad
fb7bf503b1
Pull in the special permissions reset bugfix from GrapheneOS
Signed-off-by: Tad <tad@spotco.us>
2023-01-24 19:20:00 -05:00
Tad
b1da856762
Cleanup
Signed-off-by: Tad <tad@spotco.us>
2023-01-24 19:14:26 -05:00
Tad
8abf9a0031
Finish e81cd558
Signed-off-by: Tad <tad@spotco.us>
2023-01-24 19:12:05 -05:00
Tad
da1df44c8f
GrapheneOS kernel hardening patches update
Maybe some compile breakage

Signed-off-by: Tad <tad@spotco.us>
2023-01-24 19:03:01 -05:00
Tad
e81cd5586d
Add even more captive portal servers + sorting
TODO: apply to other branches

Signed-off-by: Tad <tad@spotco.us>
2023-01-23 16:42:00 -05:00
Tad
2529515b33
19.1+: Fixup DHCP hostname handling
Signed-off-by: Tad <tad@spotco.us>
2023-01-22 15:52:20 -05:00
Tad
a96d2221cd
Fix off-by one
Signed-off-by: Tad <tad@spotco.us>
2023-01-22 00:09:02 -05:00
Tad
9558a7d0e9 Switch to the Broadcom PSDS server for Pixel 6/7 series
Instead of agnss.goog cache
Based off of a patch from GrapheneOS

Signed-off-by: Tad <tad@spotco.us>
2023-01-21 04:08:26 -05:00
Tad
626821d12d
Use HTTPS for GLPals
Signed-off-by: Tad <tad@spotco.us>
2023-01-20 21:22:16 -05:00
Tad
3943ebc749
Submodule bump
Signed-off-by: Tad <tad@spotco.us>
2023-01-20 21:06:23 -05:00
Tad
ad466bd3e4
Various changes
- 17.1: Add more captive portal server options like 18.1+, disabled: needs fixes
- 17.1: Add the hosts toggle like 18.1+
- 18.1: fix junk in patch
- 17.1+: hosts toggle: bugfix: fixup localhost handling by switching to strcmp
- 15.1: fixes to get hmalloc to compile, does NOT boot

Signed-off-by: Tad <tad@spotco.us>
2023-01-20 18:59:02 -05:00
Tad
84a9a1326c
18.1+: add multiple captive potal server options
This also switches 18.1 from @MSe1969's patch to the GrapheneOS patch
Can maybe port to 17.1 too

Signed-off-by: Tad <tad@spotco.us>
2023-01-20 00:21:30 -05:00
Tad
91807acf21
various small fixes
- loose versioning fixes for 4.9
- remove GPG commit verification for GOS repos, they use SSH now. TODO: support that
- 20.0: fixup AudioFX stray lines
- 20.0: broken fix for gs101/201 stray iwlan lines

Signed-off-by: Tad <tad@spotco.us>
2023-01-18 20:02:11 -05:00
Tad
5ce2d33162
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-01-18 14:13:33 -05:00
Tad
b01e902988 m8: boost microphone volume patch from @Ke1i
Signed-off-by: Tad <tad@spotco.us>
2023-01-14 14:01:30 -05:00
Tad
2153422bb0
Potentially unbreak video playback on vayu, davinci, guacamole*, and hotdog*.
Signed-off-by: Tad <tad@spotco.us>
2023-01-13 21:27:18 -05:00
Tad
b82427ce5b Conservative reverse loose versioning for 3.10
This applies 3.4 patches to 3.10 if no other match is available

Note: CVE-2017-13245/3.4/0002.patch ends up applied over CVE-2018-10902/3.18/0003.patch

Signed-off-by: Tad <tad@spotco.us>
2023-01-13 15:51:46 -05:00