Commit Graph

182 Commits

Author SHA1 Message Date
Tad
01843b6b2b Update incrementals 2020-03-02 19:33:43 -05:00
Tad
637bb171c8 Switch to partial 4096 signing keys by default
Update engine <10 doesn't support 4096-bit keys
Make releasekey 2048-bits
Verity has also been 2048-bits
The rest are 4096-bits
2020-02-26 20:14:42 -05:00
Tad
fe54dd26a6 Fix many device issues
- Fix mata
- Fix cheeseburger
- Enable near-entire IMS stack (proprietary)
- Fix many other new devices
2020-02-22 13:29:01 -05:00
Tad
cc28df15f7 Cherry picks + fix 5 failing devices 2020-02-09 13:52:25 -05:00
Tad
2734a075c6 Update CVE patchers 2020-02-03 21:36:49 -05:00
Tad
332807d427 Update CVE patchers 2020-02-02 12:09:49 -05:00
Tad
e13c6c7c9c processRelease features
- support removing device out after complete
- support malware scan before sign
- Update cherry picks
2019-10-15 12:23:46 -04:00
Tad
159e5ea194 Minor tweaks
- Update cherry picks
- Update copyright year
- bacon: fix delta generation
2019-10-11 13:24:38 -04:00
Tad
79ec8a4999 clark: experimental 16.0 2019-09-28 17:37:18 -04:00
Tad
a0e8f9653c Future proofing keys 2019-09-25 21:04:24 -04:00
Tad
e01e457b24 Per-device signing keys
- also fix OTA/recovery key regression
- Update cherrypicks
2019-09-15 22:18:04 -04:00
Tad
e10a865b05 Improve release processing to support deltas and archiving 2019-08-29 19:09:31 -04:00
Tad
db348ab09c Minor tweaks
- 15.1+16.0: Replace in-line build signing patch with bash function
 - From GrapheneOS/script
- 15.1+16.0: Enable fingerprint failed lockout after 5 attempts
 - From GrapheneOS
2019-08-28 00:40:27 -04:00
Tad
89de66bdba Many small changes
- Cherrypicks for ASB patches
- Apps: Switch gallery to Simple Gallery
- Apps: Switch camera to OpenCamera
- PKGBUILD: update with image optimization dependencies
- Deblobber: fix bug introducted in 6d33e4ecbf
2019-08-08 14:22:24 -04:00
Tad
3f8e9a846b Complete tree image optimization
- recursively optimize images using optipng/jpegoptim
benefits:
+ reduces image size
+ decreases load time
+ reduces memory usage
2019-08-05 20:34:08 -04:00
Tad
55c3072089 Going the distance... [pt2] 2019-06-18 13:51:04 -04:00
Tad
40d6db0326 divestos.xyz > divestos.org 2019-05-23 11:34:26 -04:00
Tad
cc976eeffe Minor tweaks 2019-04-16 22:34:31 -04:00
Tad
935795f5bb Minor tweaks 2019-04-04 15:51:00 -04:00
Tad
25cc717ec2 Use GrapheneOS' hardened memory allocator
+ 16.0: some other misc hardening patches from GrapheneOS
  - always restrict access to Build.SERIAL
  - don't grant location permission to system browsers
  - fbe: pad filenames more
+ 16.0: Contacts: remove Privacy Policy and Terms of Service links
2019-04-04 01:07:58 -04:00
Tad
60cf364f19 Minor tweaks
- init.sh: sort options
- overlay: leave radioScanningTimeout default
- hardenDefconfig: disable more components with CVEs
- cherry picks
- 16.0: trebuchet: tmp fix for default workspace overlay
2019-04-03 19:04:37 -04:00
Tad
7223df543a Minor fixes 2019-03-31 22:46:37 -04:00
Tad
3c806603d9 Various fixes 2019-03-25 21:30:26 -04:00
Tad
8f609e9cbe Minor tweaks
+ remove a few more blobs
+ fix broken USB and log spam on hdx*
2019-03-24 16:32:55 -04:00
Tad
c044136234 Remove many more blobs 2019-03-23 14:57:39 -04:00
Tad
fc2e71acbe Remove more blobs 2019-03-22 19:43:29 -04:00
Tad
c64ad2ecdc Make it easier to build all supported branches of a device 2019-03-22 05:38:58 -04:00
Tad
afe719ffc4 16.0: Initial bringup
- 14.1/15.1: Remove @ValdikSS' bluetooth patches
- 15.1: Cleanup
2019-03-04 02:45:54 -05:00
Tad
83478880ef WireGuard kernel module inclusion support 2019-03-04 00:06:22 -05:00
Tad
c9e17ffb52 Many changes
- Add more DNS resolver choices
- Change default DNS resolver back to OpenNIC
- More cleanup
- 15.1: Update some CVE patchers
2019-02-09 20:51:23 -05:00
Tad
aa9b5499e6 Updates 2019-02-07 11:15:29 -05:00
Tad
a7a0a67888 Many changes
- Allow enabling accessibility services without disabling secure start-up
- Disable overclocks
- Update select CVE patchers
- Update submodules
- Support select downloads over Tor
- Update defconfig enablers
- Cherry pick security patches
2019-01-14 03:12:50 -05:00
Tad
715cb32468 11.0: Cherrypick ASB topics 2018-12-18 21:36:02 -05:00
Tad
4f488269ff Minor changes 2018-10-20 13:13:32 -04:00
Tad
95959a0d89 Many changes
- Add back microG support (not enabled)
- Add choice between DNS66 and Blokada when $DOS_HOSTS_BLOCKING=false
2018-10-19 18:28:18 -04:00
Tad
5696da8d0c Many changes
- 15.1: Update some CVE patchers
- 15.1: Address some mako denials
- 14.1: Add cherrypicks for various security patches
- Common: Prepare for F-Droid additional repos
- Common: Disable overclock for mako
- Misc tweaks
2018-10-19 09:55:08 -04:00
Tad
5df567fe3b Cleanup overclocks.sh 2018-10-02 13:55:39 -04:00
Tad
b50352bc8e Updater: Add initial Tor support 2018-09-20 21:45:58 -04:00
Tad
87a7665b5c Support GPG verification of git repos in init.sh 2018-08-31 00:02:52 -04:00
Tad
44a192b7a4 Various fixes 2018-08-26 20:32:19 -04:00
Tad
48d7f11919 Deblobber improvements
Deblobber
- Remove more diag blobs
- Remove more AT blobs
- Remove IPA blobs by default now
- Support removal of IPC security exceptions

+ also disable earjack debugger via hardenDefconfig()
2018-08-24 18:35:53 -04:00
Tad
bf717204e3 GPS improvements 2018-08-07 23:28:38 -04:00
Tad
ce42870cd2 Fixes 2018-08-07 14:26:15 -04:00
Tad
3c2fae77d5 Switch DNS to Cloudflare and fixup F-Droid Provisioner
- OpenNIC anycast seems to have disappeared and their main site is also down
2018-07-15 12:33:16 -04:00
Tad
1dc92478ed Many changes
- Drop Copperhead patches
- More overlay work
2018-07-12 22:05:02 -04:00
Tad
cb8fdaf3f5 Low RAM tweaks 2018-07-11 14:20:15 -04:00
Tad
5af16e1ddd Add build option to enable lowram/go on all devices 2018-07-10 21:45:11 -04:00
Tad
25776910ca Updates 2018-07-09 08:16:36 -04:00
Tad
bd5b0f6146 Tweaks 2018-07-07 02:37:00 -04:00
Tad
ae0d89ee8a Many changes
- Switch to new HOSTS list
- Minor tweaks
- 14.1: Fix default Trebuchet workspaces
2018-07-04 15:35:16 -04:00
Tad
08bb0a87cc Remove Android CVE patches 2018-07-03 03:34:24 -04:00
Tad
c950207b08 Deblobber: Removing more blobs
- Add initial support to remove graphics blobs
- Add initial support to perform OpenGL rendering using SwiftShader
- Add support to remove Peripheral Manager blobs
- Remove more AudioFX blobs
2018-06-30 19:52:46 -04:00
Tad
075064f266 Remove more blobs
- Remove external accessory blobs
- Remove more AudioFX blobs
- Support removal of fingerprint reader blobs
- Support removal of IR blobs
- Remove more HDCP blobs
- Remove more HDR blobs
- Remote more Verizon blobs
2018-06-30 14:49:22 -04:00
Tad
d2ba1ddb20 Overhaul variable names 2018-06-29 13:46:12 -04:00
Tad
4917b3ebc7 Cleanup 2018-06-28 23:17:59 -04:00
Tad
29ace39eb9 Fixup previous 2 commits + misc tweaks 2018-06-27 12:04:42 -04:00
Tad
5d4d12b324 14.1: Add back all devices that were moved to 15.1 2018-06-27 09:17:50 -04:00
Tad
e65234f8eb Many changes
- Allow OTA server to be set from init.sh
- Fix link updating from Rebrand.sh
- Update CVE patchers
2018-06-26 21:47:45 -04:00
Tad
3e931219df Few changes
- Fix F-Droid building
- Update F-Droid preferences
- Add privacy policy links for DNS presets
2018-06-25 19:15:22 -04:00
Tad
c914a655a5 Fixup previous commits 2018-06-25 10:16:32 -04:00
Tad
accb8bba37 Implement choice between gradient and plasma for boot animation shine 2018-06-25 09:35:38 -04:00
Tad
97248d28f2 Implement choice of UnifiedNLP only or full microG 2018-06-25 09:31:31 -04:00
Tad
f6cdc9426c Many changes
- Remove proprietary audio enhancement blobs
- Remove AudioFX to prevent crashes after blobs are removed
- Deduplicate patches a bit with the new Patches/Common directory
- Switch boot animation shine generation from gradient to plasma
- Update submodules
2018-06-25 07:59:24 -04:00
Tad
0eeea28907 Boot animation color improvements 2018-06-24 10:18:19 -04:00
Tad
30a8e0ba07 Minor tweaks 2018-06-24 05:26:03 -04:00
Tad
c44d11fb99 Boot animation customization! 2018-06-24 04:31:38 -04:00
Tad
3a3fe5aca9 Replace DNS patches with a function + some misc fixes 2018-06-24 01:27:33 -04:00
Tad
79429b40a4 Add init.sh option to remove AudioFX 2018-06-23 00:51:10 -04:00
Tad
9c3996bed9 Shellcheck
mainly just double quoting
2018-06-23 00:21:48 -04:00
Tad
9b156f7b66 Allow rebrander to be configured from init.sh + misc changes
- Add caffeine to default quick tiles
2018-06-22 23:41:08 -04:00
Tad
e259807d44 Manifest cleanup 2018-06-13 07:23:59 -04:00
Tad
2ed7a8a874 init.sh: add options to control extra parts of the deblobber 2018-06-13 07:07:47 -04:00
Tad
b10f0a97dc Update CVE patchers + misc fixes 2018-06-05 00:35:42 -04:00
Tad
eeba3fd873 Going the distance... 2018-06-03 14:13:59 -04:00
Tad
3fb3824f6d Misc tweaks 2018-06-03 08:29:15 -04:00
Tad
2ac0a5cd15 Add basic validation to init.sh 2018-06-03 08:03:44 -04:00
Tad
c6f7abd855 Add an option to disable overclocks 2018-06-03 07:48:34 -04:00
Tad
bf8f1e4d3d More fixes and cleanup 2018-06-02 18:34:15 -04:00
Tad
e224489acd Add option to enable strong encryption 2018-06-02 18:04:03 -04:00
Tad
8698ccc0c2 Add option to choose between DNS patches 2018-06-02 18:02:26 -04:00
Tad
747af2bc1c Add option to disable inclusion of our HOSTS file 2018-06-02 17:56:21 -04:00
Tad
ca05b3aca6 Deduplicate 00init.sh 2018-06-02 17:51:18 -04:00