DivestOS

mirror of https://github.com/Divested-Mobile/DivestOS-Build.git synced 2024-07-06 03:21:15 +00:00

Author	SHA1	Message	Date
Tad	ad579b6681	Misc hardening from GrapheneOS 11 `62f81c237b` 11 `1f05db99ab` 11 `f242089d3f` 10 `abcf485dcf` 9x `c5db5a9f9e` Signed-off-by: Tad <tad@spotco.us>	2022-03-15 14:40:05 -04:00
Tad	e61e288b4a	Optionally allow the official Bromite WebView to be used, credit @MSe1969 This also replaces the overrides for all versions And should allow the Google WebView on 14/15/16 And lastly only leaves the bundled version as default This is a merge of the LineageOS 14/15/16 and 17/18 overlay With the addition of the Bromite signature from @MSe1969 Signed-off-by: Tad <tad@spotco.us>	2022-03-14 22:59:40 -04:00
Tad	f65c7a4ccd	Tweaks Signed-off-by: Tad <tad@spotco.us>	2022-03-12 11:48:23 -05:00
Tad	015799737e	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-03-09 17:16:47 -05:00
Tad	4f75a8272a	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-03-09 11:59:30 -05:00
Tad	902239e2b5	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-03-08 23:20:43 -05:00
Tad	de764885b3	Fixup Signed-off-by: Tad <tad@spotco.us>	2022-03-08 12:56:52 -05:00
Tad	54dbcd9e43	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-03-07 19:12:10 -05:00
Tad	bda848a0a1	Fixup `057bedb6` Sadly this means the option was never enabled :( Note: these options are only available on 4.4+ kernels Signed-off-by: Tad <tad@spotco.us>	2022-03-06 23:05:13 -05:00
Tad	ac1e89f0c8	Update CVE patchers [the big fixup] This removes many duplicately or wrongly applied patches. Correctly removed: - CVE-2011-4132 can apply infinitely - CVE-2013-2891 can apply infinitely - CVE-2014-9781 can apply once to fb_cmap_to_user correctly and incorrectly to fb_copy_cmap - CVE-2015-0571 can apply incorrectly and was disabled in patch repo as a result - CVE-2016-2475 can apply infinitely - CVE-2017-0627 can apply infinitely - CVE-2017-0750 can apply infinitely - CVE-2017-14875 can apply infinitely - CVE-2017-14883 can apply infinitely - CVE-2020-11146 can apply infinitely - CVE-2020-11608 can apply infinitely - CVE-2021-42008 can apply infinitely Questionable (might actually be beneficial to "incorrectly" apply again): - CVE-2012-6544 can apply once to hci_sock_getsockopt correctly and incorrectly to hci_sock_setsockopt - CVE-2013-2898 can apply once to sensor_hub_get_feature correctly and incorrectly to sensor_hub_set_feature - CVE-2015-8575 can apply once to sco_sock_bind correctly and incorrectly to sco_sock_connect - CVE-2017-8281 can apply once to diagchar_ioctl correctly and incorrectly to diagchar_compat_ioctl - CVE-2019-10622 can apply once to qdsp_cvp_callback correctly and incorrectly to qdsp_cvs_callback - CVE-2019-14104 can apply once to cam_context_handle_start/stop_dev and incorrectly to cam_context_handle_crm_process_evt and cam_context_handle_flush_dev Other notes: - CVE-2016-6693 can be applied again if it was already applied in combination with CVE-2016-6696 then the dupe check will fail and mark CVE-2016-6696 as already applied, effectively reverting it. This was seemingly fixed with a hand merged patch in patch repo. Wrongly removed: - CVE-2013-2147 is meant for cciss_ioctl32_passthru but is detected in cciss_ioctl32_big_passthru - CVE-2015-8746 is meant for nfs_v4_2_minor_ops but is detected in nfs_v4_1_minor_ops - CVE-2021-Misc2/ANY/0043.patch is meant for WLANTL_RxCachedFrames but is detected in WLANTL_RxFrames Signed-off-by: Tad <tad@spotco.us>	2022-03-04 00:42:28 -05:00
Tad	927b9bfbc5	Fix random reboots on broken kernels when an app has data restricted I don't like this Reading: - `24b3bdcf71` - https://review.lineageos.org/c/LineageOS/android_kernel_essential_msm8998/+/320470 - https://review.lineageos.org/c/LineageOS/android_system_bpf/+/264702 - https://gitlab.com/LineageOS/issues/android/-/issues/2514 - https://gitlab.com/LineageOS/issues/android/-/issues/3144 - https://gitlab.com/LineageOS/issues/android/-/issues/3287 Test: - restrict mobile data for an app - toggle wifi on and off a few times - watch systemui crash and soft-reboot Tested working on cheeseburger Signed-off-by: Tad <tad@spotco.us>	2022-03-03 17:51:46 -05:00
Tad	0d0104b4bb	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-03-02 22:57:34 -05:00
Tad	5e1521700f	Port the GrapheneOS NETWORK permission to 17.1 and 18.1 Some patches were ported from 12 to 10/11 Some patches from 11 were ported to 10 This 10/11 port should be very close to 12 BOUNS: 16.0 patches, disabled Signed-off-by: Tad <tad@spotco.us>	2022-02-25 16:52:51 -05:00
Tad	f4fbe65756	Various changes - 15.1: asb picks - 17.1: drop marlin, sailfish, z2_plus, m8 - 4.9 loose versioning fixes	2022-02-24 19:51:44 -05:00
Tad	8b39498b1c	Initial loose versioning work for 4.9 This applies 4.9 patches to 4.4 and 3.18 now that 4.4 is EOL Untested, but looks mild Signed-off-by: Tad <tad@spotco.us>	2022-02-22 13:44:47 -05:00
Tad	5245109cc1	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-02-19 23:22:19 -05:00
Tad	48b009a02e	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-02-12 06:56:28 -05:00
Tad	b6da59d24f	Drop FairEmail, Vanilla, and their AOSP equivalents Signed-off-by: Tad <tad@spotco.us>	2022-02-11 14:25:30 -05:00
Tad	55cdea3c9b	17.1: small fixes Signed-off-by: Tad <tad@spotco.us>	2022-02-11 14:05:14 -05:00
Tad	f767a8ea87	Hopefully fix the broken radio on Pixels Thank you Google for all these great proprietary apps. Signed-off-by: Tad <tad@spotco.us>	2022-02-10 15:36:44 -05:00
Tad	65584e96ce	Switch to official Etar The Lineage forks have fallen behind Signed-off-by: Tad <tad@spotco.us>	2022-02-08 14:10:04 -05:00
Tad	ee0bd8625f	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-02-07 14:43:05 -05:00
Tad	0a664cc22c	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-02-03 21:12:02 -05:00
Tad	c0aac415aa	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-01-29 09:35:59 -05:00
Tad	58b53de17a	Multi user tweaks from GrapheneOS Signed-off-by: Tad <tad@spotco.us>	2022-01-24 06:30:39 -05:00
Tad	2400cf0964	App updates - Drops Calendar, Eleven, and Email - Adds a variable for Silence inclusion - Adds a NONE option for microG inclusion flag to disable NLP inclusion Signed-off-by: Tad <tad@spotco.us>	2022-01-24 06:30:15 -05:00
Tad	6329922104	Disable the Hamper Analytics patches Rely on the HOSTS to do any blocking. With the last update this causes app crashes, due to boolean/string mismatch. Need to figure out exactly how string in manifest can become a boolean when wanted. Signed-off-by: Tad <tad@spotco.us>	2022-01-23 16:55:24 -05:00
Tad	dbd2a71722	Update CVE patchers Hopefully fixes boot breakage Signed-off-by: Tad <tad@spotco.us>	2022-01-17 01:23:10 -05:00
Tad	6ec0c63126	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-01-13 11:08:22 -05:00
Tad	208c7800c8	Fixup Signed-off-by: Tad <tad@spotco.us>	2022-01-12 17:44:18 -05:00
Tad	ce6ee9d8e4	Update CVE patchers CVE-2021-0961 should be fine now Signed-off-by: Tad <tad@spotco.us>	2022-01-11 05:41:26 -05:00
Tad	b9c7839110	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-01-11 01:19:31 -05:00
Tad	b05823bb20	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-01-04 21:00:25 -05:00
Tad	e08349a202	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2021-12-29 11:51:58 -05:00
Tad	3c1931bcc9	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2021-12-19 05:15:32 -05:00
Tad	11141d3bc9	Small tweaks Signed-off-by: Tad <tad@spotco.us>	2021-12-17 14:31:13 -05:00
Tad	20e1023627	Small changes - 16.0: drop wallpaper optimization patch, questionable source - deblobber: don't remove libmmparser_lite.so, potentially used by camera - 17.1: pick Q_asb_2021-12, excluding a broken patch - clark 17.1: some camera denial fixes - alioth: unmark broken - 17.1: switch to upstream glibc fix - 17.1/18.1: disable per app sensors permission patchset, potential camera issues Signed-off-by: Tad <tad@spotco.us>	2021-12-13 20:28:54 -05:00
Tad	8b85bf9719	Small change Signed-off-by: Tad <tad@spotco.us>	2021-12-12 12:10:47 -05:00
Tad	8cf90d055e	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2021-12-11 01:12:41 -05:00
Tad	359ce4608f	Small updates Signed-off-by: Tad <tad@spotco.us>	2021-12-07 20:57:54 -05:00
Tad	ed1c151ce5	Update CVE patchers CVE-2021-0961/ANY/0001.patch likely causes breakage Signed-off-by: Tad <tad@spotco.us>	2021-12-06 17:43:34 -05:00
Tad	c5c3998593	Guess what? f̵͖̲̙̝̩̌̌̌̑͆̔͐̏͋̓̅̔̒̈́͠i̴͍̗̦͕̅̓̿͋̓̑̽͌͐͊͘͠͠s̵̡̬͙͚̃͑̓̊̌́̾́͠ḥ̴̬͓͚̹̱̰͕͚͈̞̳͒̊ ̵̢̟̞̖͈͖͕̥̙̤͉̮̍́̅̀̾b̵̛̹̝̙̖̱̲͉͚̝̪̲̓̿͛̔̆͋̎́͐̃͆̀̕͝u̸̞̺͓͎̰̦̯̘̺̬͔̬͆͛̋̍̂͒̓͛̐̈́̋̚͝ṫ̵̠t̶̻̳̜̪̗͖͛̂̒̃̑̏͝ Tested on 14.1 and 15.1 targets Signed-off-by: Tad <tad@spotco.us>	2021-11-29 21:14:00 -05:00
Tad	bf129b729d	17.1: extreme loose versioning work Signed-off-by: Tad <tad@spotco.us>	2021-11-27 23:25:35 -05:00
Tad	c4dbc73c56	Alter the glibc fix Signed-off-by: Tad <tad@spotco.us>	2021-11-27 15:52:09 -05:00
Tad	9b84cebf92	17.1: loose versioning work Signed-off-by: Tad <tad@spotco.us>	2021-11-27 15:50:11 -05:00
Tad	62166d1ea5	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2021-11-26 11:54:59 -05:00
Tad	f950398fa1	glibc 2.34 fix Tested working to compile mako on Fedora 35 Signed-off-by: Tad <tad@spotco.us>	2021-11-14 20:16:48 -05:00
Tad	b8f5d8a510	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2021-11-12 11:51:02 -05:00
Tad	ebab5c9407	17.1: add harpia and merlin Signed-off-by: Tad <tad@spotco.us>	2021-11-11 10:22:00 -05:00
Tad	9c105b799f	O_asb_2021-11 Based off of: https://review.lineageos.org/q/topic:P_asb_2021-11 Missing: https://review.lineageos.org/c/LineageOS/android_packages_apps_Settings/+/318655 Maybe missing: https://review.lineageos.org/c/LineageOS/android_hardware_nxp_nfc/+/318653 Doesn't exist: https://review.lineageos.org/c/LineageOS/android_frameworks_native/+/318652 Untested Signed-off-by: Tad <tad@spotco.us>	2021-11-08 17:19:50 -05:00
Tad	e882cf16c7	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2021-11-06 18:47:57 -04:00
Tad	f2b9eb8e8b	Small tweaks Signed-off-by: Tad <tad@spotco.us>	2021-11-06 11:22:43 -04:00
Tad	5c8250bbdd	Disable the per-app sensor permission patches Breaks camera on angler Signed-off-by: Tad <tad@spotco.us>	2021-11-05 14:46:32 -04:00
Tad	6567937b05	ASB picks Signed-off-by: Tad <tad@spotco.us>	2021-11-05 13:29:50 -04:00
Tad	f7295a0f74	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2021-11-02 23:50:35 -04:00
Tad	f3277f3c07	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2021-11-02 12:01:36 -04:00
Tad	809e03833e	Verity enablement overhaul No change to AVB devices except for enabling on more Verity devices have the potential to regress by not booting No change to non-verity/avb devices Tested working on: mata, cheeseburger, fajita Signed-off-by: Tad <tad@spotco.us>	2021-11-02 10:24:07 -04:00
Tad	bc77ca416c	Verity fixups Not sure how I missed all of these? Signed-off-by: Tad <tad@spotco.us>	2021-11-01 20:55:22 -04:00
Tad	ecc4688ce0	Denial fixes for clark, osprey, surnia, and g3-common Signed-off-by: Tad <tad@spotco.us>	2021-10-28 00:47:59 -04:00
Tad	ec043e961e	Update CVE patchers CVE-2021-20317 might need to be disabled due to QC timer breakage. Signed-off-by: Tad <tad@spotco.us>	2021-10-27 15:26:53 -04:00
Tad	fe8e8201a9	Add more 'Private DNS' options Based off of patches from CalyxOS as noted in each included patch. Tested and verified working on klte and mata 18.1 Signed-off-by: Tad <tad@spotco.us>	2021-10-21 23:39:46 -04:00
Tad	5d7d710076	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2021-10-20 15:01:18 -04:00
Tad	b78944933c	More fixes Ensure new shells have the correct settings too. Signed-off-by: Tad <tad@spotco.us>	2021-10-16 22:57:43 -04:00
Tad	042b9063d1	More fixes Signed-off-by: Tad <tad@spotco.us>	2021-10-16 17:12:13 -04:00
Tad	256b1db98b	Hard fail on error Signed-off-by: Tad <tad@spotco.us>	2021-10-16 16:08:43 -04:00
Tad	a5cdb9ab58	Fix patch ordering Signed-off-by: Tad <tad@spotco.us>	2021-10-16 15:21:22 -04:00
Tad	f7194d1f13	Switch to applyPatch Signed-off-by: Tad <tad@spotco.us>	2021-10-16 14:01:44 -04:00
Tad	7ba42f052a	Small changes Signed-off-by: Tad <tad@spotco.us>	2021-10-14 15:58:22 -04:00
Tad	df60bfceda	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2021-10-13 12:20:44 -04:00
Tad	d5d3846f2c	Small tweaks Signed-off-by: Tad <tad@spotco.us>	2021-10-10 19:44:59 -04:00
Tad	939c6aa7ed	Small tweaks Signed-off-by: Tad <tad@spotco.us>	2021-10-07 20:07:49 -04:00
Tad	2af0e1201e	Re-enable the recovery downgrade check Signed-off-by: Tad <tad@spotco.us>	2021-10-06 17:03:22 -04:00
Tad	f2e1d32eba	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2021-10-06 16:54:45 -04:00
Tad	7b28a193f1	Include the Support app This is a very basic app with zero permissions and has quick links to various related resources. Signed-off-by: Tad <tad@spotco.us>	2021-10-06 06:21:38 -04:00
Tad	59bd09a807	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2021-10-05 14:44:23 -04:00
Tad	5658b56424	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2021-10-03 20:00:52 -04:00
Tad	870382ff40	Switch to the Mulch WebView Signed-off-by: Tad <tad@spotco.us>	2021-10-02 01:44:46 -04:00
Tad	27fe558b76	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2021-09-29 16:47:50 -04:00
Tad	c6df37ca23	Expose the Sensors Off tile This removes the hidden development 'Sensors off' tile from Settings app, adds it back to SystemUI, and enables it by default. Tested working on 18.1 Signed-off-by: Tad <tad@spotco.us>	2021-09-26 16:36:15 -04:00
Tad	84c7d230ab	Permission for sensors access patches from @MSe1969 Signed-off-by: Tad <tad@spotco.us>	2021-09-24 23:35:33 -04:00
Tad	f5a58bd35f	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2021-09-23 20:56:00 -04:00
Tad	7e093e0500	Ensure all used defconfigs are altered	2021-09-18 21:28:13 -04:00
Tad	83efa5fe7d	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2021-09-18 13:43:41 -04:00
Tad	4917af86cc	Update copyright dates Signed-off-by: Tad <tad@spotco.us>	2021-09-15 10:30:08 -04:00
Tad	cf3a12cb5a	Move some changes into a new Post.sh Signed-off-by: Tad <tad@spotco.us>	2021-09-15 10:26:37 -04:00
Tad	bf5d9bc778	Small tweaks - disable disablement of PROC_PAGE_MONITOR to fix memory stats calculation - enable slub_nomerge, similar to slab_nomerge for pre 3.18 kernels slub_nomerge was already default enabled on many 3.10 devices via: 0006-AndroidHardening-Kernel_Hardening/3.10/0010.patch Signed-off-by: Tad <tad@spotco.us>	2021-09-13 10:39:33 -04:00
Tad	907dc0f040	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2021-09-11 16:06:57 -04:00
Tad	faf681a0c6	17.1: add davinci Closes https://github.com/Divested-Mobile/DivestOS-Build/issues/10 Signed-off-by: Tad <tad@spotco.us>	2021-09-11 14:55:27 -04:00
Tad	35036e694d	Small tweaks Signed-off-by: Tad <tad@spotco.us>	2021-09-08 22:59:33 -04:00
Tad	0ade46cc8e	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2021-09-07 16:57:15 -04:00
Tad	e84111aaa8	Small changes - Include TalkBack - Fixup hosts inclusion, due to path mismatch - 14.1: bump patch level to match the picked ASB - 14.1: m7-common: deblobber fix Signed-off-by: Tad <tad@spotco.us>	2021-09-06 14:32:37 -04:00
Tad	e0d300a651	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2021-09-03 22:52:24 -04:00
Tad	043b194210	17.1: add surnia + other changes - 17.1: fixup invalid line in marlin from deblobber - 18.1: fixup audiofx removal - all: change repo sync to 8 threads from 20, for google HTTP 429 error Signed-off-by: Tad <tad@spotco.us>	2021-08-26 21:02:28 -04:00
Tad	792cb89ed7	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2021-08-26 12:17:46 -04:00
Tad	0dbabac59a	Update CVE patchers Maybe breakage? Signed-off-by: Tad <tad@spotco.us>	2021-08-23 15:27:53 -04:00
Tad	c0debe55c4	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2021-08-18 08:54:30 -04:00
Tad	4ae1402229	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2021-08-13 23:54:19 -04:00
Tad	79132fddef	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2021-08-13 11:07:07 -04:00
Tad	2d468d9da2	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2021-08-09 14:44:48 -04:00
Tad	3f311f84ad	Changes - WebView update - 14.1: drop osprey, tested compiling on 17.1 - comment updates - small patcher fixes Signed-off-by: Tad <tad@spotco.us>	2021-08-06 18:36:57 -04:00
Tad	189cf4d801	Update comments Signed-off-by: Tad <tad@spotco.us>	2021-08-04 22:18:00 -04:00
Tad	2db8ac7c70	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2021-08-04 14:57:55 -04:00
Tad	6f1512b63a	crackling for 17.1 - try 2 Signed-off-by: Tad <tad@spotco.us>	2021-08-04 14:22:16 -04:00
Tad	477b0a1a62	More fixes Signed-off-by: Tad <tad@spotco.us>	2021-08-04 10:58:22 -04:00
Tad	9e548cabf5	Fixup `3d69ad87` Tested to compile bacon, ether, and griffin kernels Signed-off-by: Tad <tad@spotco.us>	2021-08-03 18:46:38 -04:00
Tad	3d69ad873e	\"\'FIXES\'\" PART 2 There will likely be some breakage here. Many of these patches have been here since the start and never used. Signed-off-by: Tad <tad@spotco.us>	2021-08-03 15:14:02 -04:00
Tad	4fae8d0445	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2021-08-03 12:37:28 -04:00
Tad	2c05482872	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2021-07-31 09:17:08 -04:00
Tad	702ea9c91f	Move FP3 to 18.1 Signed-off-by: Tad <tad@spotco.us>	2021-07-30 11:55:03 -04:00
Tad	36331d6d62	Update CVE patchers	2021-07-28 10:08:52 -04:00
Tad	b61264e3b9	Update CVE patchers	2021-07-27 00:17:14 -04:00
Tad	ca51db0be0	Update CVE patchers	2021-07-21 22:48:29 -04:00
Tad	ac4d8ab822	17.1: move fp2 to 18.1	2021-07-19 14:42:37 -04:00
Tad	9a4c02c3dc	Tiny tweaks	2021-07-19 12:05:18 -04:00
Tad	48ff571fbb	Small updates and fixes	2021-07-13 16:10:30 -04:00
Tad	3d67f9e25c	Update CVE patchers	2021-07-12 06:31:38 -04:00
Tad	c2b2aa5830	16.0+: Add captive portal toggle from @MSe1969 Source: `0045a97cb4` `b483b4e9ab` 18.1 is the 17.1 patch rebased Wording was altered. Already included in 14.1+15.1	2021-07-10 22:48:45 -04:00
Tad	a43601e77b	Update CVE patchers I expect breakage.	2021-07-10 11:39:14 -04:00
Tad	ca857913ef	Directory sanity	2021-07-09 07:09:27 -04:00
Tad	dd3a611d0e	Cherrypicks	2021-07-08 20:08:24 -04:00
Tad	c13672b9b7	Update CVE patchers	2021-07-07 15:14:20 -04:00
Tad	12283124b5	Fixup last commit	2021-07-04 17:05:27 -04:00
Tad	f6357512a7	Update CVE patchers	2021-07-04 14:41:44 -04:00
Tad	44003bd2f5	Update CVE patchers	2021-06-30 17:05:59 -04:00
Tad	c2ce9572fa	umask 0022 all the things umask 0077 breaks things in subtle ways	2021-06-27 14:14:34 -04:00
Tad	d7287a6b94	Update CVE patchers	2021-06-27 11:50:15 -04:00
Tad	ef8573b29c	Small fixes	2021-06-26 22:59:46 -04:00
Tad	08d522fd9b	17.1: drop mako 18.1 is functional now	2021-06-26 19:58:14 -04:00
Tad	881c24d8b2	Various patches from GrapheneOS	2021-06-26 18:57:46 -04:00
Tad	d6dca6e66d	Small tweaks	2021-06-26 14:13:03 -04:00
Tad	eb3e51e7e3	Small tweaks	2021-06-23 13:00:43 -04:00
Tad	48f35901c2	Update CVE patchers	2021-06-16 23:17:37 -04:00
Tad	d42c8f033d	Small changes - Fixup CVE-2020-36386 breakage - Move some cherrypicks in tree (gerrit down right now, pulled from reflog) - Update cherrypicks	2021-06-15 05:46:30 -04:00
Tad	8af1c6a2ee	17.1: restore m8 for now	2021-06-14 02:06:49 -04:00
Tad	47ca4c5954	Tiny tweaks	2021-06-12 17:17:11 -04:00
Tad	71fe4d590e	Small tweaks - 14.1: drop z00t, compiles on 15.1 - fix double patch breakage for CVE-2020-36386 - clark: fix recovery firmware extraction, hopefully	2021-06-12 10:49:54 -04:00
Tad	4b044379ec	Update CVE patchers	2021-06-11 11:00:54 -04:00
Tad	50c670c477	Small tweaks - June ASB cherrypicks - Change default NTP. only 2*.pool.ntp.org supports IPv6	2021-06-10 22:45:32 -04:00
Tad	94b91c6afd	Incall privacy warning from CalyxOS	2021-06-08 12:11:13 -04:00
Tad	d9c49b56c3	Update CVE patchers	2021-06-07 22:30:33 -04:00
Tad	143bec97a9	Small tweaks	2021-06-07 21:32:10 -04:00
Tad	1e5df6f42e	Update CVE patchers	2021-06-03 13:28:32 -04:00
Tad	8e32de7253	More oneplus2 camera fixes Closes https://github.com/divested-mobile/divestos-build/issues/9	2021-05-31 13:37:46 -04:00
Tad	5c3d3b4d35	Reverts + disable mm-pp removal Revert `d7fd127e5f` Partial revert `1c9a66f896`	2021-05-30 10:39:34 -04:00
Tad	d7fd127e5f	Only dexpreopt boot and system server Full dexpreopt has repeatedly shown to cause many problems over the years. The slight gains are not worth the headache it incurs.	2021-05-30 00:36:57 -04:00
Tad	3052a52964	oneplus2 fix camera	2021-05-29 22:46:37 -04:00
Tad	1c9a66f896	Ensure mm-pp-daemon is disabled When not in late_start appears to break boot if not available. Seems to fix oneplus2 and likely ether + others	2021-05-29 18:24:37 -04:00
Tad	f89f0cb983	Small tweaks Fixes oneplus2 boot https://github.com/Divested-Mobile/DivestOS-Build/issues/5	2021-05-29 01:12:53 -04:00
Tad	4af81f4d66	Update CVE patchers	2021-05-27 14:54:07 -04:00
Tad	13bffe05e7	Update CVE patchers	2021-05-21 09:14:31 -04:00
Tad	1cde58eaa4	Tiny tweaks	2021-05-12 03:15:41 -04:00
Tad	ccce1fad9b	Update CVE patchers	2021-05-11 17:11:41 -04:00
Tad	1f372eca69	17.1: drop support for all devices compiling on 18.1	2021-05-10 13:06:30 -04:00
Tad	4bbc70d5a8	17.1: drop support for all devices compiling on 18.1	2021-05-10 09:12:58 -04:00
Tad	731e0e995c	Update CVE patchers	2021-05-07 21:48:29 -04:00
Tad	2cf0b314d8	Various changes - Cherrypick May ASB topics - 18.1: bump enchilada, fajita, and guacamole	2021-05-06 14:37:52 -04:00
Tad	4450921a10	Update CVE patchers	2021-05-03 20:41:32 -04:00
Tad	febec1b60a	Update CVE patchers	2021-05-02 17:05:53 -04:00
Tad	82014e469a	Update CVE patchers	2021-04-25 11:55:12 -04:00
Tad	3770bf469d	Add a list of potentially bad commits from umn.edu addresses	2021-04-21 21:40:40 -04:00
Tad	81084a26d7	Update CVE patchers	2021-04-17 11:01:30 -04:00
Tad	83fe8f0434	More small tweaks - Really fix yylloc sed line - Drop merged ASB cherrypicks - Edit vendor gps.conf files too	2021-04-16 20:31:57 -04:00
Tad	bdf990a638	Small tweaks - Remove some changes that have been commented for a while - Don't remove the QCOM VR repos - Adjust the default quick tiles - Don't force hardware layers for recents - Only generate deltas for update_engine devices - Cherrypick: Update WebView to 90.0.4430.66 - Adjust yylloc sed line - Add comments to 17.1 devices explaining why they aren't removed for 18.1 yet	2021-04-14 21:29:12 -04:00
Tad	b07a8f3058	Move g3 to 18.1 d852 tested working	2021-04-14 13:42:03 -04:00
Tad	866f1c9b5f	17.1: drop support for devices broken that are also broken in 18.1	2021-04-13 13:33:53 -04:00
Tad	0c3c89ffc4	17.1: drop support for all devices compiling on 18.1	2021-04-13 13:29:45 -04:00
Tad	9c2002465c	17.1: drop support for all devices tested working on 18.1 Try 2	2021-04-13 13:20:36 -04:00
Tad	2f2d94c9b5	Small tweaks	2021-04-13 11:59:08 -04:00
Tad	a423f977ff	Update CVE patchers	2021-04-12 20:53:35 -04:00
Tad	8e496341b5	Small tweaks + ASB cherrypicks	2021-04-08 05:40:22 -04:00
Tad	f48738f944	Update CVE patchers	2021-04-06 20:55:55 -04:00
Tad	9293f48b0c	Revert "17.1: drop support for all devices tested working on 18.1" This reverts commit `2bbbd6d87f`. 18.1 recovery is refusing to compile properly.	2021-04-06 04:12:46 -04:00
Tad	f3e672fb18	Failed attempt at fixing signing PRODUCT_OTA_PUBLIC_KEYS is meant to be set by a vendor tree, something we don't use. Override it at the source and set it explicitely as well. This ensures that the compiled recovery.img and the one generated by sign_target_files_apks.py includes the real public keys for verification. 11.0 signing is ignored. This will need to be extensively tested as breakage can mean brick on locked devices. Although in failure cases it seems test-keys are accepted. -- After much testing there appears to be a deeper issue with how keys are inserted into the recovery and handled	2021-04-06 04:07:18 -04:00
Tad	ad178961e4	Improvements and fixes - 18.1: disable m8, thermanager is not yet ready - 17.1: drop cheeseburger/dumpling, it is absolutely broken - deblobber: remove euicc + others - deblobber: hack to remove vintf fragments	2021-04-05 18:09:22 -04:00
Tad	2a0e74864b	17.1: Add fugu	2021-04-02 15:41:28 -04:00
Tad	a2d6d77b4c	Update CVE patchers	2021-04-02 12:20:40 -04:00
Tad	2bbbd6d87f	17.1: drop support for all devices tested working on 18.1	2021-04-02 02:32:15 -04:00
Tad	c3271c38da	Small fixes	2021-04-01 20:58:04 -04:00
Tad	9db9215d6b	Small changes - Disable generation of unused OTA to reduce compile time - 17.1+: Disable APEX, breaks signing, and is also useless since no Play Store. - 18.1: Fixup signing	2021-03-31 01:30:17 -04:00
Tad	398f663e47	Small changes	2021-03-29 23:14:33 -04:00
Tad	9c70bfc6a3	Small fixes - Bring 17.1 recovery in line with 18.1 - flox: fix sensors on 17.1 - flo 15.1: sensors might still be broken due to denial - flox 17.1: reboot issue is likely fixed - 18.1: fix my Wi-Fi (wpa2-eap with a cert, but no domain)	2021-03-27 13:48:55 -04:00
Tad	d8712ad62a	Update CVE patchers	2021-03-24 16:31:25 -04:00
Tad	5d14e4b4f7	Small changes - Add m7 and avicii (untested) - Use low_ram target on <2GB devices Silly me, this never did anything due to the git reset... - Update Chromium WebView cherrypick	2021-03-24 14:43:12 -04:00
Tad	08ea27fd00	Only include Silence when needed ie. not on tablets without cellular	2021-03-23 21:11:08 -04:00
Tad	529b47039c	18.1: Initial bringup - Functionality tested on mako and klte - In-place upgrade from 17.1 tested working on klte - Compile tested on bacon and klte - Recovery OTA key patch missing, unsure if still needed. - Deblobber needs support for removing vintf manifest paths from vendor Android.bp - Launcher needs more default_workspace grid variants (eg. 4x5)	2021-03-23 12:36:31 -04:00
Tad	add30db605	Drop support for overclocking These patches have been disabled for years.	2021-03-20 16:23:38 -04:00
Tad	92dcea3b7d	Update CVE patchers	2021-03-20 16:04:14 -04:00
Tad	10b157418d	14.1: drop support for all devices compiling on 15.1 or 16.0 or 17.1	2021-03-20 14:28:41 -04:00
Tad	caeb3d5199	Add FP3 to 16.0 and 17.1 Untested	2021-03-19 21:53:28 -04:00
Tad	c6f2a5a06d	Fixup `ef0ee2c3`	2021-03-15 01:06:23 -04:00
Tad	ef0ee2c316	Update CVE patchers	2021-03-14 21:59:19 -04:00
Tad	a3fbed9da5	Update cherrypicks and small tweaks	2021-03-07 03:04:44 -05:00
Tad	60070a19bd	Update CVE patchers Consider splitting CVE-2020-27067 to restore basic patches.	2021-03-04 15:10:24 -05:00
Tad	f02363ecb4	March 2021 Security Updates	2021-03-04 13:02:10 -05:00
Tad	5a3b13e650	Update CVE patchers	2021-02-28 17:56:07 -05:00
Tad	07e46913d9	Fixup verity enablement for cheryl cheryl was already supported in Copy_Keys.sh	2021-02-14 22:50:34 -05:00
Tad	6d0bc0c57e	Update CVE patchers	2021-02-11 15:04:46 -05:00
Tad	41a04ebd36	Update CVE patchers	2021-02-10 15:55:51 -05:00
Tad	553299c409	Small updates	2021-02-08 18:49:01 -05:00
Tad	f1e2e43642	Update CVE patchers	2021-02-07 19:41:46 -05:00

... 2 3 4 5 6 ...

481 Commits