Tad
c4666a33b7
Update CVE patchers
...
Signed-off-by: Tad <tad@spotco.us>
2023-07-05 19:42:40 -04:00
Tad
c9a7ff8bba
Override all microG defaults to disabled
...
TODO after fixed:
SafetyNet: https://github.com/microg/GmsCore/issues/1971
Geocoder: https://github.com/microg/GmsCore/issues/1972
Signed-off-by: Tad <tad@spotco.us>
2023-07-04 14:48:18 -04:00
Tad
a96f74ca28
Enable the opt-in unprivileged microG enablement patchset
...
Runtime tested: 17.1, 18.1, 20.0
Compile tested: 19.1
Signed-off-by: Tad <tad@spotco.us>
2023-07-03 21:50:08 -04:00
Tad
b7d37053c3
Further harden signature spoofing with targetSdk and versionCode checks
...
- Also fix compile for 17.1, rest should be fine
Signed-off-by: Tad <tad@spotco.us>
2023-07-03 17:33:34 -04:00
Tad
f2c8005853
16.0: switch to upstream P_asb_2023-06
...
Has two extra patches for Traceur, but misses a patch for CarSettings
Signed-off-by: Tad <tad@spotco.us>
2023-07-03 15:22:32 -04:00
Tad
4282c7c35f
Backports of 0f4044e2
to 17.1/18.1/19.1
...
Also don't grant any special location permissions
Signed-off-by: Tad <tad@spotco.us>
2023-07-03 15:17:56 -04:00
Tad
0f4044e242
20.0: opt-in hardened unprivileged microG ability
...
Unlike other systems which ship privileged microG out of the box:
- User must enable microG repo in F-Droid
- User must install official microG apps (GmsCore/FakeStore/GSF)
- User must enable the microG toggle in Settings
- NOT a privileged app, not all features will work
- gmscore SELinux domain is still disabled
Signed-off-by: Tad <tad@spotco.us>
2023-07-03 13:45:06 -04:00
Tad
2e2ac4557d
Update CVE patchers
...
Signed-off-by: Tad <tad@spotco.us>
2023-06-26 19:41:11 -04:00
Tad
dc4d6b0901
Churn
...
Signed-off-by: Tad <tad@spotco.us>
2023-06-20 18:36:31 -04:00
Tad
1e7f10d6b6
20.0: drop June ASB patches
...
QPR3 has been merged
Signed-off-by: Tad <tad@spotco.us>
2023-06-20 16:22:02 -04:00
Tad
5146f67cee
Churn
...
Signed-off-by: Tad <tad@spotco.us>
2023-06-18 07:34:03 -04:00
Tad
cda898f141
Certificate Authority store updates
...
- Remove some untrustworthy CAs
- Update CA store for all branches to aosp/e302aa968334b3c3fc9cd709a7c7661e0cf534eb
Signed-off-by: Tad <tad@spotco.us>
2023-06-17 15:13:54 -04:00
Tad
41e2669884
17.1: switch to flamefire's ASB topics
...
This gets us ~9 extra patches
Signed-off-by: Tad <tad@spotco.us>
2023-06-17 15:13:46 -04:00
Tad
a07133a064
Update CVE patchers
...
Signed-off-by: Tad <tad@spotco.us>
2023-06-16 11:03:46 -04:00
Tad
e2ca79c607
20.0: add dot.sb DNS preset
...
Signed-off-by: Tad <tad@spotco.us>
2023-06-14 19:42:30 -04:00
Tad
0dde119d7e
20.0 June ASB work + churn
...
QPR3 is delayed a week now
Patches pulled from GrapheneOS and checked against CalyxOS
Signed-off-by: Tad <tad@spotco.us>
2023-06-12 21:06:42 -04:00
Tad
8c7f3daa00
15.1+16.0 June ASB work
...
Signed-off-by: Tad <tad@spotco.us>
2023-06-10 05:16:45 -04:00
Tad
ab52996e4f
16.0: switch to upstream topic for May ASB patches
...
They're identical
I'll likely eventually pull them back in anyway
Signed-off-by: Tad <tad@spotco.us>
2023-06-10 01:57:59 -04:00
Tad
67dd049bf6
17.1 June ASB work
...
Note: 358555 is prone to mismerge
Signed-off-by: Tad <tad@spotco.us>
2023-06-09 23:42:54 -04:00
Tad
e7b390d7e6
Picks
...
https://review.lineageos.org/q/topic:%22n-asb-2023-06%22
Signed-off-by: Tad <tad@spotco.us>
2023-06-09 21:59:53 -04:00
Tad
78fa476749
Churn + Fixes
...
Signed-off-by: Tad <tad@spotco.us>
2023-06-09 16:19:07 -04:00
Tad
04b4a1a45f
Picks + Churn
...
Signed-off-by: Tad <tad@spotco.us>
2023-06-08 22:48:40 -04:00
Tad
ffe020a7a0
Churn
...
Signed-off-by: Tad <tad@spotco.us>
2023-06-07 18:01:35 -04:00
Tad
f31b5f6ac9
Update CVE patchers
...
No change :(
Signed-off-by: Tad <tad@spotco.us>
2023-06-05 16:26:16 -04:00
Tad
11d228c7c3
Switch CensurfriDNS to anycast domain
...
Signed-off-by: Tad <tad@spotco.us>
2023-06-05 15:47:21 -04:00
Tad
2ee99fe3ef
Update CVE patchers
...
CVE-2020-36694 appears to be a duplicate of CVE-2021-29650
Signed-off-by: Tad <tad@spotco.us>
2023-06-01 21:12:08 -04:00
Tad
e696cceac9
20.0 Private DNS work
...
- Simplify Private DNS preset patchsets
based on updated CalyxOS patchset
TODO: backport this
- Add DoH endpoints for all of the presets
Disabled, very few hosts actually support DoH/3
Signed-off-by: Tad <tad@spotco.us>
2023-05-31 19:02:10 -04:00
Tad
8a43be3c58
Churn
...
Signed-off-by: Tad <tad@spotco.us>
2023-05-30 15:17:29 -04:00
Tad
59bda0360e
Fixes
...
Signed-off-by: Tad <tad@spotco.us>
2023-05-30 13:59:28 -04:00
Tad
5aa8f42e7a
Update commons
...
Signed-off-by: Tad <tad@spotco.us>
2023-05-24 11:08:49 -04:00
Tad
8463705798
Update CVE patchers
...
- Includes CVE-2023-32233 fixes for more devices
- Upstream has reverted the LVT patches, maybe consider handling them
Signed-off-by: Tad <tad@spotco.us>
2023-05-22 20:33:47 -04:00
Tad
71c169d326
Promote LGE G5, G6, and V20 to 19.1
...
Signed-off-by: Tad <tad@spotco.us>
2023-05-17 02:52:11 -04:00
Tad
cd0a29d69b
Update CVE patchers
...
Signed-off-by: Tad <tad@spotco.us>
2023-05-12 23:28:44 -04:00
Tad
6fb0a581c3
15.1 and 16.0 May ASB work
...
Signed-off-by: Tad <tad@spotco.us>
2023-05-07 21:28:27 -04:00
Tad
8503986acb
17.1 May ASB work
...
Signed-off-by: Tad <tad@spotco.us>
2023-05-07 14:29:54 -04:00
Tad
21702e1fc7
Churn
...
Signed-off-by: Tad <tad@spotco.us>
2023-05-07 00:36:02 -04:00
Tad
0004c224cf
Picks
...
Signed-off-by: Tad <tad@spotco.us>
2023-05-06 00:15:27 -04:00
Tad
14c191ffb5
Churn
...
Signed-off-by: Tad <tad@spotco.us>
2023-05-04 21:19:33 -04:00
Tad
c544c28b94
Prevent Qualcomm location stack from reading chipset serial number
...
The deblobber already removes xtra-daemon which is what actually performs the requests.
This is just extra sanctity.
Signed-off-by: Tad <tad@spotco.us>
2023-05-03 21:41:20 -04:00
Tad
366b4eb5ef
Update CVE patchers
...
Signed-off-by: Tad <tad@spotco.us>
2023-05-02 18:01:39 -04:00
Tad
39b0c9e036
Remove broken emoji updates
...
Signed-off-by: Tad <tad@spotco.us>
2023-05-02 15:31:57 -04:00
Tad
7b2eb1079a
Update emoji list in LatinIME too and disable
...
tested not working on 15.1
shows as cross boxes or double characters
Signed-off-by: Tad <tad@spotco.us>
2023-04-29 16:56:13 -04:00
Tad
86b7525400
Update the emojis, untested
...
Signed-off-by: Tad <tad@spotco.us>
2023-04-29 16:17:00 -04:00
Tad
e7d8f7598b
17.1 extra backports, credit @Flamefire
...
Includes 2 extra patches from
https://github.com/Flamefire/android_device_sony_lilac/tree/lineage-17.1/patches/asb-2023-04
Santiy checked patches against
https://github.com/Flamefire/android_device_sony_lilac/tree/lineage-17.1/patches/asb-2023-03
Signed-off-by: Tad <tad@spotco.us>
2023-04-29 11:17:21 -04:00
Tad
ab4eceb830
17.1 April ASB work
...
Signed-off-by: Tad <tad@spotco.us>
2023-04-28 17:17:54 -04:00
Tad
18f72663e8
Fix + churn
...
Signed-off-by: Tad <tad@spotco.us>
2023-04-25 02:03:40 -04:00
Tad
47136145e5
Update CVE patchers
...
Signed-off-by: Tad <tad@spotco.us>
2023-04-23 23:20:36 -04:00
Tad
26cf500dad
15.1 April ASB work + picks
...
Signed-off-by: Tad <tad@spotco.us>
2023-04-18 23:12:22 -04:00
Tad
9ba61642de
Update CVE patchers
...
Signed-off-by: Tad <tad@spotco.us>
2023-04-17 23:19:28 -04:00
Tad
aad60b7567
Promotions
...
16.0 santoni/land to 20.0 Mi8937 unified
17.1 griffin to 18.1
17.1 star*/crownlte to 20.0
20.0 add pro1x
Signed-off-by: Tad <tad@spotco.us>
2023-04-17 21:36:49 -04:00