Commit Graph

1883 Commits

Author SHA1 Message Date
Tad
209481c53e Fix/Add exec based spawning patchsets from GrapheneOS
11 14c3c1d4cd
   ac1943345e
   1abb805041
   2e07ab8c24
   0044836677
   c561811fad
   7a848373ef
   89646bdeb1
   2a70bbac4a
   d414dcaa35
   b4cd877e3a
   98634286bb
11 4c2635390c
11 add34a4bc6
11 a2b51906de
10 527787f3c8
   ffde474ad7
   aa87e487c4
   c906fe9722
   c69c3eecd4
   b2303adccc
   5bb05db6f7
   536b497688
   24802a832b
   ce6dcc2368
   3d3d5c4d38
   2eda592b79
10 29f28b53c0
10 13a992c716
9  750efbf6bc
   ed563b6f26
   aad3c7d750
   da3180f9a8
   68773a29b7
   283b3fa09c
   f133136b65
   01a01ce5f6
   17c309c098
   8806ec3ef1

Signed-off-by: Tad <tad@spotco.us>
2022-03-15 15:55:13 -04:00
Tad
f015dd348f Add the JNINativeMethod table constification patchsets from GrapheneOS
11 63b9f96a12
11 d8a62b5156
11 e3a4d64f29
11 e41f1d7f8e
11 c34b037486
11 dce2d0f64f
11 c99c35cb2a
10 07071814db
10 a48ba29b98
10 157fa78115
10 b914409e05
10 20a51f508b
10 b8afb8af37
10 e1b6653db7
9 ff688b68a7
9 866f0df315
9 77c9fa981a
9 fbf620e59c
9 ceaf63c790
9 253247fc39
9 76bf4c46f0

Signed-off-by: Tad <tad@spotco.us>
2022-03-15 15:26:48 -04:00
Tad
ad579b6681 Misc hardening from GrapheneOS
11 62f81c237b

11 1f05db99ab

11 f242089d3f
10 abcf485dcf
9x c5db5a9f9e

Signed-off-by: Tad <tad@spotco.us>
2022-03-15 14:40:05 -04:00
Tad
844227a4f4 18.1: add the ptrace_scope patchset from GrapheneOS
ad017fba58
3b89605581
8b0419ac04
52ea603339

Signed-off-by: Tad <tad@spotco.us>
2022-03-15 14:29:34 -04:00
Tad
07bd5a3a0e Automatic reboot and Bluetooth/Wi-Fi shutoff from GrapheneOS and CalyxOS
Closes https://github.com/Divested-Mobile/DivestOS-Build/issues/59
Tested on 18.1
Untested on 17.1

Signed-off-by: Tad <tad@spotco.us>
2022-03-15 01:27:08 -04:00
Tad
e61e288b4a Optionally allow the official Bromite WebView to be used, credit @MSe1969
This also replaces the overrides for all versions
And should allow the Google WebView on 14/15/16
And lastly only leaves the bundled version as default

This is a merge of the LineageOS 14/15/16 and 17/18 overlay
With the addition of the Bromite signature from @MSe1969

Signed-off-by: Tad <tad@spotco.us>
2022-03-14 22:59:40 -04:00
Tad
9ba3a061c6 Tweak
Signed-off-by: Tad <tad@spotco.us>
2022-03-14 11:57:34 -04:00
Tad
f65c7a4ccd Tweaks
Signed-off-by: Tad <tad@spotco.us>
2022-03-12 11:48:23 -05:00
Tad
015799737e Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2022-03-09 17:16:47 -05:00
Tad
4f75a8272a Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2022-03-09 11:59:30 -05:00
Tad
902239e2b5 Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2022-03-08 23:20:43 -05:00
Tad
de764885b3 Fixup
Signed-off-by: Tad <tad@spotco.us>
2022-03-08 12:56:52 -05:00
Tad
54dbcd9e43 Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2022-03-07 19:12:10 -05:00
Tad
bda848a0a1 Fixup 057bedb6
Sadly this means the option was never enabled :(
Note: these options are only available on 4.4+ kernels

Signed-off-by: Tad <tad@spotco.us>
2022-03-06 23:05:13 -05:00
Tad
ac1e89f0c8 Update CVE patchers [the big fixup]
This removes many duplicately or wrongly applied patches.

Correctly removed:
- CVE-2011-4132 can apply infinitely
- CVE-2013-2891 can apply infinitely
- CVE-2014-9781 can apply once to fb_cmap_to_user correctly and incorrectly to fb_copy_cmap
- CVE-2015-0571 can apply incorrectly and was disabled in patch repo as a result
- CVE-2016-2475 can apply infinitely
- CVE-2017-0627 can apply infinitely
- CVE-2017-0750 can apply infinitely
- CVE-2017-14875 can apply infinitely
- CVE-2017-14883 can apply infinitely
- CVE-2020-11146 can apply infinitely
- CVE-2020-11608 can apply infinitely
- CVE-2021-42008 can apply infinitely

Questionable (might actually be beneficial to "incorrectly" apply again):
- CVE-2012-6544 can apply once to hci_sock_getsockopt correctly and incorrectly to hci_sock_setsockopt
- CVE-2013-2898 can apply once to sensor_hub_get_feature correctly and incorrectly to sensor_hub_set_feature
- CVE-2015-8575 can apply once to sco_sock_bind correctly and incorrectly to sco_sock_connect
- CVE-2017-8281 can apply once to diagchar_ioctl correctly and incorrectly to diagchar_compat_ioctl
- CVE-2019-10622 can apply once	to qdsp_cvp_callback correctly and incorrectly to qdsp_cvs_callback
- CVE-2019-14104 can apply once to cam_context_handle_start/stop_dev and incorrectly to cam_context_handle_crm_process_evt and cam_context_handle_flush_dev

Other notes:
- CVE-2016-6693 can be applied again if it was already applied in combination with CVE-2016-6696
  then the dupe check will fail and mark CVE-2016-6696 as already applied, effectively reverting it.
  This was seemingly fixed with a hand merged patch in patch repo.

Wrongly removed:
- CVE-2013-2147 is meant for cciss_ioctl32_passthru but is detected in cciss_ioctl32_big_passthru
- CVE-2015-8746 is meant for nfs_v4_2_minor_ops but is detected in nfs_v4_1_minor_ops
- CVE-2021-Misc2/ANY/0043.patch is meant for WLANTL_RxCachedFrames but is detected in WLANTL_RxFrames

Signed-off-by: Tad <tad@spotco.us>
2022-03-04 00:42:28 -05:00
Tad
927b9bfbc5 Fix random reboots on broken kernels when an app has data restricted
I don't like this

Reading:
- 24b3bdcf71
- https://review.lineageos.org/c/LineageOS/android_kernel_essential_msm8998/+/320470
- https://review.lineageos.org/c/LineageOS/android_system_bpf/+/264702
- https://gitlab.com/LineageOS/issues/android/-/issues/2514
- https://gitlab.com/LineageOS/issues/android/-/issues/3144
- https://gitlab.com/LineageOS/issues/android/-/issues/3287

Test:
- restrict mobile data for an app
- toggle wifi on and off a few times
- watch systemui crash and soft-reboot

Tested working on cheeseburger

Signed-off-by: Tad <tad@spotco.us>
2022-03-03 17:51:46 -05:00
Tad
0d0104b4bb Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2022-03-02 22:57:34 -05:00
Tad
893e425321 Add the script to generate vbhashes.txt
Output has been verified as correct on mata, cheeseburger, fajita, and guacamole

Signed-off-by: Tad <tad@spotco.us>
2022-02-28 01:32:24 -05:00
Tad
0d59c18c85 Enable the NETWORK permission patchset for 16.0 too
Likely has issues with secondary users.
As in the permission affects all copies of the same app.

Signed-off-by: Tad <tad@spotco.us>
2022-02-28 01:27:38 -05:00
Tad
5e1521700f Port the GrapheneOS NETWORK permission to 17.1 and 18.1
Some patches were ported from 12 to 10/11
Some patches from 11 were ported to 10
This 10/11 port should be very close to 12

BOUNS: 16.0 patches, disabled

Signed-off-by: Tad <tad@spotco.us>
2022-02-25 16:52:51 -05:00
Tad
f4fbe65756 Various changes
- 15.1: asb picks
- 17.1: drop marlin, sailfish, z2_plus, m8
- 4.9 loose versioning fixes
2022-02-24 19:51:44 -05:00
Tad
a8cfa8157c Fixup last commit
Signed-off-by: Tad <tad@spotco.us>
2022-02-23 14:52:29 -05:00
Tad
512673d97d Bump marlin/sailfish to 18.1
Signed-off-by: Tad <tad@spotco.us>
2022-02-23 13:33:28 -05:00
Tad
8b39498b1c Initial loose versioning work for 4.9
This applies 4.9 patches to 4.4 and 3.18 now that 4.4 is EOL

Untested, but looks mild

Signed-off-by: Tad <tad@spotco.us>
2022-02-22 13:44:47 -05:00
Tad
21c97c6967 Tweak
Signed-off-by: Tad <tad@spotco.us>
2022-02-21 23:30:45 -05:00
Tad
5245109cc1 Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2022-02-19 23:22:19 -05:00
Tad
5283db6f05 Drop the broken PDB patch
Why'd past me write this trash?

Signed-off-by: Tad <tad@spotco.us>
2022-02-14 07:43:45 -05:00
Tad
143b6fa164 18.1: Refresh for recent upstream Updater changes
Untested, should work

Signed-off-by: Tad <tad@spotco.us>
2022-02-14 03:05:32 -05:00
Tad
2eda5086fc Tiny tweak
Signed-off-by: Tad <tad@spotco.us>
2022-02-13 23:57:59 -05:00
Tad
a38d544f8b 18.1: small fixes
Signed-off-by: Tad <tad@spotco.us>
2022-02-12 07:32:29 -05:00
Tad
48b009a02e Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2022-02-12 06:56:28 -05:00
Tad
a23bae5cd5 Tiny tweak
Signed-off-by: Tad <tad@spotco.us>
2022-02-11 23:35:22 -05:00
Tad
b6da59d24f Drop FairEmail, Vanilla, and their AOSP equivalents
Signed-off-by: Tad <tad@spotco.us>
2022-02-11 14:25:30 -05:00
Tad
55cdea3c9b 17.1: small fixes
Signed-off-by: Tad <tad@spotco.us>
2022-02-11 14:05:14 -05:00
Tad
f767a8ea87 Hopefully fix the broken radio on Pixels
Thank you Google for all these great proprietary apps.

Signed-off-by: Tad <tad@spotco.us>
2022-02-10 15:36:44 -05:00
Tad
bc3a9cddba Small tweaks
Signed-off-by: Tad <tad@spotco.us>
2022-02-09 00:22:02 -05:00
Tad
65584e96ce Switch to official Etar
The Lineage forks have fallen behind

Signed-off-by: Tad <tad@spotco.us>
2022-02-08 14:10:04 -05:00
Tad
ee0bd8625f Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2022-02-07 14:43:05 -05:00
Tad
0a664cc22c Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2022-02-03 21:12:02 -05:00
Tad
c0aac415aa Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2022-01-29 09:35:59 -05:00
Tad
82cc1bc979 Tiny update
Signed-off-by: Tad <tad@spotco.us>
2022-01-28 09:09:10 -05:00
Tad
51003bff5a Add an option to clobber after every run
Signed-off-by: Tad <tad@spotco.us>
2022-01-24 18:01:21 -05:00
Tad
58b53de17a Multi user tweaks from GrapheneOS
Signed-off-by: Tad <tad@spotco.us>
2022-01-24 06:30:39 -05:00
Tad
2400cf0964 App updates
- Drops Calendar, Eleven, and Email
- Adds a variable for Silence inclusion
- Adds a NONE option for microG inclusion flag to disable NLP inclusion

Signed-off-by: Tad <tad@spotco.us>
2022-01-24 06:30:15 -05:00
Tad
6329922104 Disable the Hamper Analytics patches
Rely on the HOSTS to do any blocking.
With the last update this causes app crashes, due to boolean/string mismatch.
Need to figure out exactly how string in manifest can become a boolean when wanted.

Signed-off-by: Tad <tad@spotco.us>
2022-01-23 16:55:24 -05:00
Tad
8004a11c52 Add the OEM unlocking toggle where missing
Signed-off-by: Tad <tad@spotco.us>
2022-01-20 23:25:58 -05:00
Tad
6864156bd6 Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2022-01-20 22:22:22 -05:00
Tad
7ccaecd6d6 Small tweak
Signed-off-by: Tad <tad@spotco.us>
2022-01-20 19:13:08 -05:00
Tad
8a60bbc0a6 Silly radio fix
Signed-off-by: Tad <tad@spotco.us>
2022-01-18 13:22:57 -05:00
Tad
dbd2a71722 Update CVE patchers
Hopefully fixes boot breakage

Signed-off-by: Tad <tad@spotco.us>
2022-01-17 01:23:10 -05:00
Tad
5e18ec4dfe Tiny tweak
Signed-off-by: Tad <tad@spotco.us>
2022-01-16 16:42:26 -05:00
Tad
6ec0c63126 Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2022-01-13 11:08:22 -05:00
Tad
208c7800c8 Fixup
Signed-off-by: Tad <tad@spotco.us>
2022-01-12 17:44:18 -05:00
Tad
bfcf6b18b7 Fixup
Signed-off-by: Tad <tad@spotco.us>
2022-01-12 05:57:08 -05:00
Tad
ce6ee9d8e4 Update CVE patchers
CVE-2021-0961 should be fine now

Signed-off-by: Tad <tad@spotco.us>
2022-01-11 05:41:26 -05:00
Tad
b9c7839110 Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2022-01-11 01:19:31 -05:00
Tad
8a45dc4696 18.1: Device additions
h910
lavender
pioneer, voyager, discovery
akari, aurora, xz2c

Signed-off-by: Tad <tad@spotco.us>
2022-01-06 21:04:17 -05:00
Tad
207e45fe6a Update oneplus/sdm845 to 4.9.295
Signed-off-by: Tad <tad@spotco.us>
2022-01-06 15:21:00 -05:00
Tad
b05823bb20 Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2022-01-04 21:00:25 -05:00
Tad
daf98f8197 Small tweaks
Signed-off-by: Tad <tad@spotco.us>
2021-12-31 21:39:04 -05:00
Tad
e08349a202 Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2021-12-29 11:51:58 -05:00
Tad
68771721d5 Update oneplus/sdm845 to 4.8.282
Signed-off-by: Tad <tad@spotco.us>
2021-12-29 11:51:52 -05:00
Tad
567c46fdd1 Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2021-12-27 18:00:43 -05:00
Tad
2c1d8d5e78 Hamper analytics improvements
Signed-off-by: Tad <tad@spotco.us>
2021-12-27 17:35:53 -05:00
Tad
3c1931bcc9 Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2021-12-19 05:15:32 -05:00
Tad
11141d3bc9 Small tweaks
Signed-off-by: Tad <tad@spotco.us>
2021-12-17 14:31:13 -05:00
Tad
6c38ece551 Update CVE patchers
User report confirms fixing wifi on lmi

Signed-off-by: Tad <tad@spotco.us>
2021-12-15 17:10:35 -05:00
Tad
6e604e8703 Small update
Signed-off-by: Tad <tad@spotco.us>
2021-12-13 21:33:04 -05:00
Tad
20e1023627 Small changes
- 16.0: drop wallpaper optimization patch, questionable source
- deblobber: don't remove libmmparser_lite.so, potentially used by camera
- 17.1: pick Q_asb_2021-12, excluding a broken patch
- clark 17.1: some camera denial fixes
- alioth: unmark broken
- 17.1: switch to upstream glibc fix
- 17.1/18.1: disable per app sensors permission patchset, potential camera issues

Signed-off-by: Tad <tad@spotco.us>
2021-12-13 20:28:54 -05:00
Tad
8b85bf9719 Small change
Signed-off-by: Tad <tad@spotco.us>
2021-12-12 12:10:47 -05:00
Tad
8cf90d055e Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2021-12-11 01:12:41 -05:00
Tad
9f494c3e1d Fixup
Signed-off-by: Tad <tad@spotco.us>
2021-12-11 00:23:52 -05:00
Tad
359ce4608f Small updates
Signed-off-by: Tad <tad@spotco.us>
2021-12-07 20:57:54 -05:00
Tad
ed1c151ce5 Update CVE patchers
CVE-2021-0961/ANY/0001.patch likely causes breakage

Signed-off-by: Tad <tad@spotco.us>
2021-12-06 17:43:34 -05:00
Tad
202f70b980 Final import of loose versioning work
Untested, but likely works.

Signed-off-by: Tad <tad@spotco.us>
2021-12-02 02:47:27 -05:00
Tad
c5c3998593 Guess what? f̵͖̲̙̝̩̌̌̌̑͆̔͐̏͋̓̅̔̒̈́͠i̴͍̗̦͕̅̓̿͋̓̑̽͌͐͊͘͠͠s̵̡̬͙͚̃͑̓̊̌́̾́͠ḥ̴̬͓͚̹̱̰͕͚͈̞̳͒̊ ̵̢̟̞̖͈͖͕̥̙̤͉̮̍́̅̀̾b̵̛̹̝̙̖̱̲͉͚̝̪̲̓̿͛̔̆͋̎́͐̃͆̀̕͝u̸̞̺͓͎̰̦̯̘̺̬͔̬͆͛̋̍̂͒̓͛̐̈́̋̚͝ṫ̵̠t̶̻̳̜̪̗͖͛̂̒̃̑̏͝
Tested on 14.1 and 15.1 targets

Signed-off-by: Tad <tad@spotco.us>
2021-11-29 21:14:00 -05:00
Tad
b9929ea959 18.1: (extreme) loose versioning work [untested]
Signed-off-by: Tad <tad@spotco.us>
2021-11-28 01:24:39 -05:00
Tad
bf129b729d 17.1: extreme loose versioning work
Signed-off-by: Tad <tad@spotco.us>
2021-11-27 23:25:35 -05:00
Tad
67b5a166fc 16.0: extreme loose versioning work
Signed-off-by: Tad <tad@spotco.us>
2021-11-27 22:44:29 -05:00
Tad
de89333a03 15.1: extreme loose versioning work
Signed-off-by: Tad <tad@spotco.us>
2021-11-27 22:09:30 -05:00
Tad
7d54ee4be7 14.1: extreme loose versioning work
This will apply 3.10 and 3.18 specific patches to 3.0
Example of tuna 3.0 kernel:
199 without loose versioning
311 with loose versioning
364 with extreme loose versioning

Signed-off-by: Tad <tad@spotco.us>
2021-11-27 21:06:26 -05:00
Tad
c4dbc73c56 Alter the glibc fix
Signed-off-by: Tad <tad@spotco.us>
2021-11-27 15:52:09 -05:00
Tad
9b84cebf92 17.1: loose versioning work
Signed-off-by: Tad <tad@spotco.us>
2021-11-27 15:50:11 -05:00
Tad
0e539e6f92 16.0: loose versioning work
Signed-off-by: Tad <tad@spotco.us>
2021-11-26 22:53:46 -05:00
Tad
c153981b3f 15.1: loose versioning work
Signed-off-by: Tad <tad@spotco.us>
2021-11-26 22:40:07 -05:00
Tad
1b1db41869 Initial use of loose versioning for 3.x CVE patches
This will for example apply a 3.4 specific patch to 3.0 if no 3.0 specific patch is available.
Tested compiling on 14.1 and booting on toroplus.

Will be applied to other branches soon.

Signed-off-by: Tad <tad@spotco.us>
2021-11-26 18:56:03 -05:00
Tad
62166d1ea5 Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2021-11-26 11:54:59 -05:00
Tad
df3b54fa20 Fixup camera on flox
Camera works in OpenCamera, but it can't actually take pictures.
Switch to Camera2 instead, tested pictures and videos working.

Also fixup compile issue with oneplus/msm8998-common
And refresh some patchers

Signed-off-by: Tad <tad@spotco.us>
2021-11-15 18:01:27 -05:00
Tad
f950398fa1 glibc 2.34 fix
Tested working to compile mako on Fedora 35

Signed-off-by: Tad <tad@spotco.us>
2021-11-14 20:16:48 -05:00
Tad
b8f5d8a510 Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2021-11-12 11:51:02 -05:00
Tad
ebab5c9407 17.1: add harpia and merlin
Signed-off-by: Tad <tad@spotco.us>
2021-11-11 10:22:00 -05:00
Tad
1b8df47bd5 14.1: add jellypro
Tis a broken device

Signed-off-by: Tad <tad@spotco.us>
2021-11-09 11:27:21 -05:00
Tad
c95421b6d2 Fixup 9c105b79
Signed-off-by: Tad <tad@spotco.us>
2021-11-08 18:45:29 -05:00
Tad
9c105b799f O_asb_2021-11
Based off of:
https://review.lineageos.org/q/topic:P_asb_2021-11

Missing:
https://review.lineageos.org/c/LineageOS/android_packages_apps_Settings/+/318655

Maybe missing:
https://review.lineageos.org/c/LineageOS/android_hardware_nxp_nfc/+/318653

Doesn't exist:
https://review.lineageos.org/c/LineageOS/android_frameworks_native/+/318652

Untested

Signed-off-by: Tad <tad@spotco.us>
2021-11-08 17:19:50 -05:00
Tad
1ce0093d9f More verified boot fixes
Signed-off-by: Tad <tad@spotco.us>
2021-11-08 09:36:56 -05:00
Tad
3e62262e88 Small fixup
Signed-off-by: Tad <tad@spotco.us>
2021-11-07 13:37:37 -05:00
Tad
e882cf16c7 Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2021-11-06 18:47:57 -04:00
Tad
f2b9eb8e8b Small tweaks
Signed-off-by: Tad <tad@spotco.us>
2021-11-06 11:22:43 -04:00
Tad
5c8250bbdd Disable the per-app sensor permission patches
Breaks camera on angler

Signed-off-by: Tad <tad@spotco.us>
2021-11-05 14:46:32 -04:00
Tad
fdd549ee98 16.0: add kccat6 and lentislte
Signed-off-by: Tad <tad@spotco.us>
2021-11-05 14:16:18 -04:00
Tad
6567937b05 ASB picks
Signed-off-by: Tad <tad@spotco.us>
2021-11-05 13:29:50 -04:00
Tad
97d0b239d5 Small tweaks
Signed-off-by: Tad <tad@spotco.us>
2021-11-05 08:54:08 -04:00
Tad
621441349e Fixup the sensors permission patches on 7, 8, and 9.
Switch these patches to MODE_ALLOWED from MODE_ASK to fix breakage
of system services.

Also remove some code that adds a likely security issue.

Will need some extra regression testing.

Signed-off-by: Tad <tad@spotco.us>
2021-11-04 10:24:06 -04:00
Tad
f7295a0f74 Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2021-11-02 23:50:35 -04:00
Tad
b6575a362e Small tweaks
Signed-off-by: Tad <tad@spotco.us>
2021-11-02 22:47:34 -04:00
Tad
f3277f3c07 Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2021-11-02 12:01:36 -04:00
Tad
809e03833e Verity enablement overhaul
No change to AVB devices except for enabling on more
Verity devices have the potential to regress by not booting
No change to non-verity/avb devices
Tested working on: mata, cheeseburger, fajita

Signed-off-by: Tad <tad@spotco.us>
2021-11-02 10:24:07 -04:00
Tad
bc77ca416c Verity fixups
Not sure how I missed all of these?

Signed-off-by: Tad <tad@spotco.us>
2021-11-01 20:55:22 -04:00
Tad
a9f445ad47 16.0: add land and santoni
Signed-off-by: Tad <tad@spotco.us>
2021-10-28 19:07:31 -04:00
Tad
ecc4688ce0 Denial fixes for clark, osprey, surnia, and g3-common
Signed-off-by: Tad <tad@spotco.us>
2021-10-28 00:47:59 -04:00
Tad
ec043e961e Update CVE patchers
CVE-2021-20317 might need to be disabled due to QC timer breakage.

Signed-off-by: Tad <tad@spotco.us>
2021-10-27 15:26:53 -04:00
Tad
e6beba4b15 Small tweaks
Sad churn from git version.
Will be removed next build cycle.

Signed-off-by: Tad <tad@spotco.us>
2021-10-27 14:16:37 -04:00
Tad
b77444f84d Deblobber tweaks
- Put more blobs behind flags for testing purposes
- Potential graphics fix for newer devices
- Removes more Wi-Fi display blobs
- Remove some misc blobs

Signed-off-by: Tad <tad@spotco.us>
2021-10-23 19:49:27 -04:00
Tad
0c793835da Expand the available Private DNS options
Signed-off-by: Tad <tad@spotco.us>
2021-10-22 18:33:06 -04:00
Tad
a0918b5222 18.1: add z2_plus
Signed-off-by: Tad <tad@spotco.us>
2021-10-22 13:37:53 -04:00
Tad
fbd97dd24a Extend changeDefaultDNS to additional files
Signed-off-by: Tad <tad@spotco.us>
2021-10-22 00:55:50 -04:00
Tad
fe8e8201a9 Add more 'Private DNS' options
Based off of patches from CalyxOS as noted in each included patch.

Tested and verified working on klte and mata 18.1

Signed-off-by: Tad <tad@spotco.us>
2021-10-21 23:39:46 -04:00
Tad
70b96aa211 Update oneplus/sdm845 from 4.9.227 to 4.9.277
Pulls us into August 2021

Tested working:
- boot
- usb mtp
- wifi
- bluetooth
- cameras
- audio
- gps
- brightness

Signed-off-by: Tad <tad@spotco.us>
2021-10-21 00:12:59 -04:00
Tad
5d7d710076 Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2021-10-20 15:01:18 -04:00
Tad
bc443ffee3 14.1: Add apollo
Signed-off-by: Tad <tad@spotco.us>
2021-10-17 14:01:31 -04:00
Tad
b78944933c More fixes
Ensure new shells have the correct settings too.

Signed-off-by: Tad <tad@spotco.us>
2021-10-16 22:57:43 -04:00
Tad
042b9063d1 More fixes
Signed-off-by: Tad <tad@spotco.us>
2021-10-16 17:12:13 -04:00
Tad
256b1db98b Hard fail on error
Signed-off-by: Tad <tad@spotco.us>
2021-10-16 16:08:43 -04:00
Tad
a5cdb9ab58 Fix patch ordering
Signed-off-by: Tad <tad@spotco.us>
2021-10-16 15:21:22 -04:00
Tad
4ce35a3c60 Refresh most branch specific patches
Fixed up:
LineageOS-16.0/android_packages_apps_Backgrounds/308977.patch
LineageOS-16.0/android_packages_apps_Settings/0001-Captive_Portal_Toggle.patch
LineageOS-17.1/android_packages_apps_Settings/0001-Captive_Portal_Toggle.patch
LineageOS-18.1/android_packages_apps_Settings/0001-Captive_Portal_Toggle.patch

Must review again:
LineageOS-14.1/android_packages_apps_PackageInstaller/64d8b44.patch

Signed-off-by: Tad <tad@spotco.us>
2021-10-16 15:19:55 -04:00
Tad
f7194d1f13 Switch to applyPatch
Signed-off-by: Tad <tad@spotco.us>
2021-10-16 14:01:44 -04:00
Tad
f296ec0346 Support refreshing patches
Signed-off-by: Tad <tad@spotco.us>
2021-10-16 13:51:54 -04:00
Tad
5b630620f8 Drop 11.0
It has been over 2,500 days since the last release of 4.4.4.
And over 600 days since I last compiled this.

Signed-off-by: Tad <tad@spotco.us>
2021-10-14 20:08:44 -04:00
Tad
7ba42f052a Small changes
Signed-off-by: Tad <tad@spotco.us>
2021-10-14 15:58:22 -04:00
Tad
df60bfceda Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2021-10-13 12:20:44 -04:00
Tad
d5d3846f2c Small tweaks
Signed-off-by: Tad <tad@spotco.us>
2021-10-10 19:44:59 -04:00
Tad
dd2e8b4b5c Tiny tweaks
Signed-off-by: Tad <tad@spotco.us>
2021-10-08 21:26:11 -04:00
Tad
939c6aa7ed Small tweaks
Signed-off-by: Tad <tad@spotco.us>
2021-10-07 20:07:49 -04:00
Tad
2af0e1201e Re-enable the recovery downgrade check
Signed-off-by: Tad <tad@spotco.us>
2021-10-06 17:03:22 -04:00
Tad
f2e1d32eba Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2021-10-06 16:54:45 -04:00
Tad
7b28a193f1 Include the Support app
This is a very basic app with zero permissions and has quick links to
various related resources.

Signed-off-by: Tad <tad@spotco.us>
2021-10-06 06:21:38 -04:00
Tad
e4a4e7f8de Fix BT on apollo/thor
Closes https://github.com/Divested-Mobile/DivestOS-Build/issues/16

Signed-off-by: Tad <tad@spotco.us>
2021-10-06 04:52:14 -04:00
Tad
59bd09a807 Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2021-10-05 14:44:23 -04:00
Tad
5658b56424 Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2021-10-03 20:00:52 -04:00
Tad
870382ff40 Switch to the Mulch WebView
Signed-off-by: Tad <tad@spotco.us>
2021-10-02 01:44:46 -04:00
Tad
7f98aad299 18.1: Drop DnsResolver patches
Merged upstream

Signed-off-by: Tad <tad@spotco.us>
2021-10-01 17:54:54 -04:00
Tad
025ca7df7f compile fixups
after the CVE-2021-Misc2 import and hardenDefconfig overhaul

also sync 18.1 DnsResovler patches with:
6332b25b87
f8490d024a

Signed-off-by: Tad <tad@spotco.us>
2021-10-01 12:34:22 -04:00
Tad
27fe558b76 Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2021-09-29 16:47:50 -04:00
Tad
9f9d418060 18.1: forward port the hosts cache and wildcard support
These were likely missed when resolv/ moved out of netd into DnsResolver.

Signed-off-by: Tad <tad@spotco.us>
2021-09-26 22:41:30 -04:00
Tad
c6df37ca23 Expose the Sensors Off tile
This removes the hidden development 'Sensors off' tile from Settings app,
adds it back to SystemUI, and enables it by default.

Tested working on 18.1

Signed-off-by: Tad <tad@spotco.us>
2021-09-26 16:36:15 -04:00
Tad
35372142ed Small tweak
Signed-off-by: Tad <tad@spotco.us>
2021-09-25 20:24:14 -04:00
Tad
84c7d230ab Permission for sensors access patches from @MSe1969
Signed-off-by: Tad <tad@spotco.us>
2021-09-24 23:35:33 -04:00
Tad
f5a58bd35f Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2021-09-23 20:56:00 -04:00
Tad
c753abf1b2 Small update
Signed-off-by: Tad <tad@spotco.us>
2021-09-20 12:12:58 -04:00
Tad
e7dd0af4b6 hardenDefconfig: pull in some more options
Signed-off-by: Tad <tad@spotco.us>
2021-09-19 01:20:41 -04:00
Tad
ba07cfb300 Optimize hardenDefconfig 2021-09-18 21:53:03 -04:00
Tad
7e093e0500 Ensure all used defconfigs are altered 2021-09-18 21:28:13 -04:00
Tad
83efa5fe7d Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2021-09-18 13:43:41 -04:00
Tad
038ab89982 More kernel cmdline work
Signed-off-by: Tad <tad@spotco.us>
2021-09-15 11:48:07 -04:00
Tad
4917af86cc Update copyright dates
Signed-off-by: Tad <tad@spotco.us>
2021-09-15 10:30:08 -04:00
Tad
cf3a12cb5a Move some changes into a new Post.sh
Signed-off-by: Tad <tad@spotco.us>
2021-09-15 10:26:37 -04:00
Tad
083e2048f8 Don't disable slub/slab merging via kernel command line, but by default
I have a sneaking suspicion that the length of some device command lines is
causing boot issues.
eg. with the recent additions, klte boots fine, but recovery doesn't, maybe
bootloader is adding more flags, exceeding a limit?

Signed-off-by: Tad <tad@spotco.us>
2021-09-15 10:17:27 -04:00
Tad
3bb1199c34 Small fix
Signed-off-by: Tad <tad@spotco.us>
2021-09-14 09:16:17 -04:00
Tad
bf5d9bc778 Small tweaks
- disable disablement of PROC_PAGE_MONITOR to fix memory stats calculation
- enable slub_nomerge, similar to slab_nomerge for pre 3.18 kernels
  slub_nomerge was already default enabled on many 3.10 devices via:
  0006-AndroidHardening-Kernel_Hardening/3.10/0010.patch

Signed-off-by: Tad <tad@spotco.us>
2021-09-13 10:39:33 -04:00
Tad
907dc0f040 Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2021-09-11 16:06:57 -04:00
Tad
faf681a0c6 17.1: add davinci
Closes https://github.com/Divested-Mobile/DivestOS-Build/issues/10

Signed-off-by: Tad <tad@spotco.us>
2021-09-11 14:55:27 -04:00
Tad
35036e694d Small tweaks
Signed-off-by: Tad <tad@spotco.us>
2021-09-08 22:59:33 -04:00
Tad
0ade46cc8e Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2021-09-07 16:57:15 -04:00
Tad
e84111aaa8 Small changes
- Include TalkBack
- Fixup hosts inclusion, due to path mismatch
- 14.1: bump patch level to match the picked ASB
- 14.1: m7-common: deblobber fix

Signed-off-by: Tad <tad@spotco.us>
2021-09-06 14:32:37 -04:00
Tad
b589976f7b Switch to the more efficient HOSTS blocking list
Signed-off-by: Tad <tad@spotco.us>
2021-09-05 21:27:18 -04:00
Tad
56e9a75445 14.1+15.1: Support wildcards in cached hosts file
Signed-off-by: Tad <tad@spotco.us>
2021-09-05 16:30:34 -04:00
Tad
809a361e07 Update CVE patchers
Don't introduce https://gitlab.com/LineageOS/issues/android/-/issues/3916

Will consider adding it as a revert

Signed-off-by: Tad <tad@spotco.us>
2021-09-04 14:35:24 -04:00
Tad
e0d300a651 Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2021-09-03 22:52:24 -04:00
Tad
f77971d38f Small tweaks
Signed-off-by: Tad <tad@spotco.us>
2021-08-31 20:53:17 -04:00
Tad
043b194210 17.1: add surnia + other changes
- 17.1: fixup invalid line in marlin from deblobber
- 18.1: fixup audiofx removal
- all: change repo sync to 8 threads from 20, for google HTTP 429 error

Signed-off-by: Tad <tad@spotco.us>
2021-08-26 21:02:28 -04:00
Tad
792cb89ed7 Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2021-08-26 12:17:46 -04:00
Tad
0dbabac59a Update CVE patchers
Maybe breakage?

Signed-off-by: Tad <tad@spotco.us>
2021-08-23 15:27:53 -04:00
Tad
1dc0bce913 Disable removal of display color blobs
Removal is still breaking boot on some devices

Signed-off-by: Tad <tad@spotco.us>
2021-08-21 15:34:02 -04:00
Tad
c0debe55c4 Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2021-08-18 08:54:30 -04:00
Tad
de22605785 18.1: add sunfish, bramble, and redfin
Signed-off-by: Tad <tad@spotco.us>
2021-08-14 04:52:08 -04:00
Tad
4ae1402229 Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2021-08-13 23:54:19 -04:00
Tad
441a66bbb0 Breakup hardenDefconfig for readbility and debugging purposes
Signed-off-by: Tad <tad@spotco.us>
2021-08-13 22:55:21 -04:00
Tad
79132fddef Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2021-08-13 11:07:07 -04:00
Tad
3a79316ddb Fix camera on taimen/walleye/alioth
+ typo fix for last commit
+ cherrypick cleanups

Signed-off-by: Tad <tad@spotco.us>
2021-08-10 00:21:02 -04:00
Tad
0b4ad0e7cc 18.1: add raphael, lmi, alioth
+ verity fixes
+ 16.0: drop beryllium, 18.1 builds now
+ deblob: better handle device makefiles

Signed-off-by: Tad <tad@spotco.us>
2021-08-09 20:54:44 -04:00
Tad
2d468d9da2 Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2021-08-09 14:44:48 -04:00
Tad
3f311f84ad Changes
- WebView update
- 14.1: drop osprey, tested compiling on 17.1
- comment updates
- small patcher fixes

Signed-off-by: Tad <tad@spotco.us>
2021-08-06 18:36:57 -04:00
Tad
189cf4d801 Update comments
Signed-off-by: Tad <tad@spotco.us>
2021-08-04 22:18:00 -04:00
Tad
2db8ac7c70 Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2021-08-04 14:57:55 -04:00
Tad
6f1512b63a crackling for 17.1 - try 2
Signed-off-by: Tad <tad@spotco.us>
2021-08-04 14:22:16 -04:00
Tad
e9b730d83a USB enablement
Signed-off-by: Tad <tad@spotco.us>
2021-08-04 14:21:50 -04:00
Tad
477b0a1a62 More fixes
Signed-off-by: Tad <tad@spotco.us>
2021-08-04 10:58:22 -04:00
Tad
9e548cabf5 Fixup 3d69ad87
Tested to compile bacon, ether, and griffin kernels

Signed-off-by: Tad <tad@spotco.us>
2021-08-03 18:46:38 -04:00
Tad
3d69ad873e \"\'FIXES\'\" PART 2
There will likely be some breakage here.
Many of these patches have been here since the start and never used.

Signed-off-by: Tad <tad@spotco.us>
2021-08-03 15:14:02 -04:00
Tad
4fae8d0445 Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2021-08-03 12:37:28 -04:00
Tad
2c05482872 Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2021-07-31 09:17:08 -04:00
Tad
702ea9c91f Move FP3 to 18.1
Signed-off-by: Tad <tad@spotco.us>
2021-07-30 11:55:03 -04:00
Tad
914bed8556 Reimplement fe6f8537
LTE tested working with hybrid 33-107 modem.
Phone calls drop to HSPA as expected.
No issues if using stock modem either compared to without this patch.

In my area, without this patch, my makos are useless cell-wise.

Gives extra life to the Nexus 4.

Signed-off-by: Tad <tad@spotco.us>
2021-07-29 15:25:05 -04:00
Tad
36331d6d62 Update CVE patchers 2021-07-28 10:08:52 -04:00
Tad
b61264e3b9 Update CVE patchers 2021-07-27 00:17:14 -04:00
Tad
40c356371a Small tweaks 2021-07-25 22:41:56 -04:00
Tad
ca51db0be0 Update CVE patchers 2021-07-21 22:48:29 -04:00
Tad
eea1d0e7cd 18.1: add hotdog, hotdogb, aura 2021-07-20 12:58:22 -04:00
Tad
ac4d8ab822 17.1: move fp2 to 18.1 2021-07-19 14:42:37 -04:00
Tad
9a4c02c3dc Tiny tweaks 2021-07-19 12:05:18 -04:00
Tad
48ff571fbb Small updates and fixes 2021-07-13 16:10:30 -04:00
Tad
3d67f9e25c Update CVE patchers 2021-07-12 06:31:38 -04:00
Tad
c2b2aa5830 16.0+: Add captive portal toggle from @MSe1969
Source:
0045a97cb4
b483b4e9ab
18.1 is the 17.1 patch rebased

Wording was altered.

Already included in 14.1+15.1
2021-07-10 22:48:45 -04:00
Tad
a43601e77b Update CVE patchers
I expect breakage.
2021-07-10 11:39:14 -04:00
Tad
050da06eba Move n_asb_09-2018-qcom in tree 2021-07-09 21:04:08 -04:00
Tad
0c53c40b7b Cherrypicks 2021-07-09 20:54:14 -04:00
Tad
ca857913ef Directory sanity 2021-07-09 07:09:27 -04:00
Tad
dd3a611d0e Cherrypicks 2021-07-08 20:08:24 -04:00
Tad
c13672b9b7 Update CVE patchers 2021-07-07 15:14:20 -04:00
Tad
12283124b5 Fixup last commit 2021-07-04 17:05:27 -04:00
Tad
f6357512a7 Update CVE patchers 2021-07-04 14:41:44 -04:00
Tad
44003bd2f5 Update CVE patchers 2021-06-30 17:05:59 -04:00
Tad
c2ce9572fa umask 0022 all the things
umask 0077 breaks things in subtle ways
2021-06-27 14:14:34 -04:00
Tad
d7287a6b94 Update CVE patchers 2021-06-27 11:50:15 -04:00
Tad
ef8573b29c Small fixes 2021-06-26 22:59:46 -04:00
Tad
08d522fd9b 17.1: drop mako
18.1 is functional now
2021-06-26 19:58:14 -04:00
Tad
881c24d8b2 Various patches from GrapheneOS 2021-06-26 18:57:46 -04:00
Tad
d6dca6e66d Small tweaks 2021-06-26 14:13:03 -04:00
Tad
24379944ab 18.1: Add serrano 2021-06-23 13:51:58 -04:00
Tad
eb3e51e7e3 Small tweaks 2021-06-23 13:00:43 -04:00
Tad
1078b6bdb6 Don't break netmgrd on victara and m8 2021-06-17 09:34:21 -04:00
Tad
48f35901c2 Update CVE patchers 2021-06-16 23:17:37 -04:00
Tad
d9d564ebd3 Cherrypick updates 2021-06-16 02:41:22 -04:00
Tad
d42c8f033d Small changes
- Fixup CVE-2020-36386 breakage
- Move some cherrypicks in tree (gerrit down right now, pulled from reflog)
- Update cherrypicks
2021-06-15 05:46:30 -04:00
Tad
8af1c6a2ee 17.1: restore m8 for now 2021-06-14 02:06:49 -04:00
Tad
47ca4c5954 Tiny tweaks 2021-06-12 17:17:11 -04:00
Tad
71fe4d590e Small tweaks
- 14.1: drop z00t, compiles on 15.1
- fix double patch breakage for CVE-2020-36386
- clark: fix recovery firmware extraction, hopefully
2021-06-12 10:49:54 -04:00
Tad
4b044379ec Update CVE patchers 2021-06-11 11:00:54 -04:00
Tad
50c670c477 Small tweaks
- June ASB cherrypicks
- Change default NTP. only 2*.pool.ntp.org supports IPv6
2021-06-10 22:45:32 -04:00
Tad
94b91c6afd Incall privacy warning from CalyxOS 2021-06-08 12:11:13 -04:00
Tad
d9c49b56c3 Update CVE patchers 2021-06-07 22:30:33 -04:00
Tad
143bec97a9 Small tweaks 2021-06-07 21:32:10 -04:00
Tad
1e5df6f42e Update CVE patchers 2021-06-03 13:28:32 -04:00
Tad
32856be2d8 Update AOSP CVE list to May 2021 patches 2021-06-01 06:31:29 -04:00
Tad
8e32de7253 More oneplus2 camera fixes
Closes https://github.com/divested-mobile/divestos-build/issues/9
2021-05-31 13:37:46 -04:00
Tad
5c3d3b4d35 Reverts + disable mm-pp removal
Revert d7fd127e5f
Partial revert 1c9a66f896
2021-05-30 10:39:34 -04:00
Tad
d7fd127e5f Only dexpreopt boot and system server
Full dexpreopt has repeatedly shown to cause many problems over the years.
The slight gains are not worth the headache it incurs.
2021-05-30 00:36:57 -04:00
Tad
3052a52964 oneplus2 fix camera 2021-05-29 22:46:37 -04:00
Tad
1c9a66f896 Ensure mm-pp-daemon is disabled
When not in late_start appears to break boot if not available.
Seems to fix oneplus2 and likely ether + others
2021-05-29 18:24:37 -04:00
Tad
f89f0cb983 Small tweaks
Fixes oneplus2 boot
https://github.com/Divested-Mobile/DivestOS-Build/issues/5
2021-05-29 01:12:53 -04:00
Tad
4af81f4d66 Update CVE patchers 2021-05-27 14:54:07 -04:00
Tad
13bffe05e7 Update CVE patchers 2021-05-21 09:14:31 -04:00
Tad
1cde58eaa4 Tiny tweaks 2021-05-12 03:15:41 -04:00
Tad
ccce1fad9b Update CVE patchers 2021-05-11 17:11:41 -04:00
Tad
1f372eca69 17.1: drop support for all devices compiling on 18.1 2021-05-10 13:06:30 -04:00
Tad
d601ecc611 18.1: bump crosshatch/blueline 2021-05-10 09:15:17 -04:00
Tad
4bbc70d5a8 17.1: drop support for all devices compiling on 18.1 2021-05-10 09:12:58 -04:00
Tad
731e0e995c Update CVE patchers 2021-05-07 21:48:29 -04:00
Tad
2cf0b314d8 Various changes
- Cherrypick May ASB topics
- 18.1: bump enchilada, fajita, and guacamole
2021-05-06 14:37:52 -04:00
Tad
4450921a10 Update CVE patchers 2021-05-03 20:41:32 -04:00
Tad
febec1b60a Update CVE patchers 2021-05-02 17:05:53 -04:00
Tad
82014e469a Update CVE patchers 2021-04-25 11:55:12 -04:00
Tad
5f0ae93a0b Drop the umn patch list
Most seem OK
2021-04-25 11:25:32 -04:00
Tad
3770bf469d Add a list of potentially bad commits from umn.edu addresses 2021-04-21 21:40:40 -04:00
Tad
e9fa7b0127 Tiny fixes 2021-04-19 15:55:00 -04:00
Tad
4362cf4e63 Small changes
- 16.0: drop cheeseburger/dumpling, tested working on 18.1
- Fix some conflicts
2021-04-18 13:42:23 -04:00
Tad
81084a26d7 Update CVE patchers 2021-04-17 11:01:30 -04:00
Tad
d15d4f5757 18.1: updater: fix Tor support 2021-04-17 10:14:29 -04:00
Tad
83fe8f0434 More small tweaks
- Really fix yylloc sed line
- Drop merged ASB cherrypicks
- Edit vendor gps.conf files too
2021-04-16 20:31:57 -04:00
Tad
1ba3585c9b 14.1: drop axon7, it compiles on 15.1 2021-04-14 23:41:31 -04:00
Tad
bdf990a638 Small tweaks
- Remove some changes that have been commented for a while
- Don't remove the QCOM VR repos
- Adjust the default quick tiles
- Don't force hardware layers for recents
- Only generate deltas for update_engine devices
- Cherrypick: Update WebView to 90.0.4430.66
- Adjust yylloc sed line
- Add comments to 17.1 devices explaining why they aren't removed for 18.1 yet
2021-04-14 21:29:12 -04:00
Tad
b07a8f3058 Move g3 to 18.1
d852 tested working
2021-04-14 13:42:03 -04:00
Tad
4bc2c66124 Small updates 2021-04-14 11:34:51 -04:00
Tad
866f1c9b5f 17.1: drop support for devices broken that are also broken in 18.1 2021-04-13 13:33:53 -04:00
Tad
0c3c89ffc4 17.1: drop support for all devices compiling on 18.1 2021-04-13 13:29:45 -04:00
Tad
9c2002465c 17.1: drop support for all devices tested working on 18.1
Try 2
2021-04-13 13:20:36 -04:00
Tad
2f2d94c9b5 Small tweaks 2021-04-13 11:59:08 -04:00
Tad
cc08a358ce 18.1: replace PicoTTS with eSpeak-NG 2021-04-12 21:24:12 -04:00
Tad
a423f977ff Update CVE patchers 2021-04-12 20:53:35 -04:00
Tad
8e496341b5 Small tweaks + ASB cherrypicks 2021-04-08 05:40:22 -04:00
Tad
f48738f944 Update CVE patchers 2021-04-06 20:55:55 -04:00
Tad
4d31a97c3f Set forceencrypt for devices using footer 2021-04-06 15:36:20 -04:00
Tad
d9238f8385 18.1: fix recovery signing
friendly reminder to take a break when dealing with the same issue for extended periods of time
2021-04-06 05:56:47 -04:00
Tad
9293f48b0c Revert "17.1: drop support for all devices tested working on 18.1"
This reverts commit 2bbbd6d87f.

18.1 recovery is refusing to compile properly.
2021-04-06 04:12:46 -04:00
Tad
f3e672fb18 Failed attempt at fixing signing
PRODUCT_OTA_PUBLIC_KEYS is meant to be set by a vendor tree, something
we don't use.

Override it at the source and set it explicitely as well.

This ensures that the compiled recovery.img and the one generated by
sign_target_files_apks.py includes the real public keys for verification.

11.0 signing is ignored.

This will need to be extensively tested as breakage can mean brick on locked
devices.
Although in failure cases it seems test-keys are accepted.

--

After much testing there appears to be a deeper issue with how keys
are inserted into the recovery and handled
2021-04-06 04:07:18 -04:00
Tad
ad178961e4 Improvements and fixes
- 18.1: disable m8, thermanager is not yet ready
- 17.1: drop cheeseburger/dumpling, it is absolutely broken
- deblobber: remove euicc + others
- deblobber: hack to remove vintf fragments
2021-04-05 18:09:22 -04:00
Tad
2a0e74864b 17.1: Add fugu 2021-04-02 15:41:28 -04:00
Tad
a2d6d77b4c Update CVE patchers 2021-04-02 12:20:40 -04:00
Tad
d60f2ab05c 18.1 Add victara 2021-04-02 11:58:28 -04:00
Tad
2bbbd6d87f 17.1: drop support for all devices tested working on 18.1 2021-04-02 02:32:15 -04:00
Tad
c3271c38da Small fixes 2021-04-01 20:58:04 -04:00
Tad
9db9215d6b Small changes
- Disable generation of unused OTA to reduce compile time
- 17.1+: Disable APEX, breaks signing, and is also useless since no Play Store.
- 18.1: Fixup signing
2021-03-31 01:30:17 -04:00
Tad
398f663e47 Small changes 2021-03-29 23:14:33 -04:00
Tad
9c70bfc6a3 Small fixes
- Bring 17.1 recovery in line with 18.1
- flox: fix sensors on 17.1
- flo 15.1: sensors might still be broken due to denial
- flox 17.1: reboot issue is likely fixed
- 18.1: fix my Wi-Fi (wpa2-eap with a cert, but no domain)
2021-03-27 13:48:55 -04:00
Tad
9ae46b7624 Update CVE patchers
This fixes Fenix causing a reboot on select devices.
2021-03-26 22:51:50 -04:00
Tad
32b5369cbf 15.1: restore flo support
17.1 flox powers off when unused for a random period of time.
repeated power off leads to corruption of /data, requiring a wipe.
2021-03-26 21:02:17 -04:00
Tad
38ad988924 Potentially fixup manta
- Deblobber: don't remove mfc_fw.bin, used for media decode
- Deblobber: don't remove es305_fw.bin, used for audio processing
- don't force dexpreopt on manta, likely breaks Wi-Fi
- fix some SELinux denials on manta
2021-03-26 16:39:55 -04:00
Tad
4d902672df More cleanup 2021-03-25 10:16:38 -04:00
Tad
d8712ad62a Update CVE patchers 2021-03-24 16:31:25 -04:00
Tad
5d14e4b4f7 Small changes
- Add m7 and avicii (untested)
- Use low_ram target on <2GB devices
  Silly me, this never did anything due to the git reset...
- Update Chromium WebView cherrypick
2021-03-24 14:43:12 -04:00
Tad
08ea27fd00 Only include Silence when needed
ie. not on tablets without cellular
2021-03-23 21:11:08 -04:00
Tad
ecd0094b6e Fixup dragon 2021-03-23 17:14:19 -04:00
Tad
529b47039c 18.1: Initial bringup
- Functionality tested on mako and klte
- In-place upgrade from 17.1 tested working on klte
- Compile tested on bacon and klte
- Recovery OTA key patch missing, unsure if still needed.
- Deblobber needs support for removing vintf manifest paths from vendor Android.bp
- Launcher needs more default_workspace grid variants (eg. 4x5)
2021-03-23 12:36:31 -04:00
Tad
c23646ebd5 More cleanup 2021-03-20 16:37:15 -04:00
Tad
add30db605 Drop support for overclocking
These patches have been disabled for years.
2021-03-20 16:23:38 -04:00
Tad
62cba6a878 More cleanup 2021-03-20 16:15:01 -04:00
Tad
92dcea3b7d Update CVE patchers 2021-03-20 16:04:14 -04:00
Tad
10b157418d 14.1: drop support for all devices compiling on 15.1 or 16.0 or 17.1 2021-03-20 14:28:41 -04:00
Tad
70b1007dec 15.1: drop support for all devices compiling on 16.0 or 17.1 2021-03-20 14:28:36 -04:00
Tad
aa3d0aeac5 16.0: drop support for all devices compiling on 17.1 2021-03-20 14:03:01 -04:00
Tad
96d6d74534 14.1: drop support for all devices tested working on 15.1 or 16.0 or 17.1 2021-03-20 13:52:15 -04:00
Tad
3067ecca23 15.1: drop support for all devices tested working on 16.0 or 17.1 2021-03-20 13:45:37 -04:00
Tad
d87ae7d12c 16.0: drop support for all devices tested working on 17.1 2021-03-20 13:38:05 -04:00
Tad
caeb3d5199 Add FP3 to 16.0 and 17.1
Untested
2021-03-19 21:53:28 -04:00
Tad
c6f2a5a06d Fixup ef0ee2c3 2021-03-15 01:06:23 -04:00
Tad
ef0ee2c316 Update CVE patchers 2021-03-14 21:59:19 -04:00
Tad
a3fbed9da5 Update cherrypicks and small tweaks 2021-03-07 03:04:44 -05:00
Tad
60070a19bd Update CVE patchers
Consider splitting CVE-2020-27067 to restore basic patches.
2021-03-04 15:10:24 -05:00
Tad
f02363ecb4 March 2021 Security Updates 2021-03-04 13:02:10 -05:00
Tad
f8416a1083 Legal goodies 2021-03-01 21:05:42 -05:00
Tad
5a3b13e650 Update CVE patchers 2021-02-28 17:56:07 -05:00
Tad
701f336185 Tiny tweaks 2021-02-28 13:25:55 -05:00
Tad
07e46913d9 Fixup verity enablement for cheryl
cheryl was already supported in Copy_Keys.sh
2021-02-14 22:50:34 -05:00
Tad
6d0bc0c57e Update CVE patchers 2021-02-11 15:04:46 -05:00
Tad
41a04ebd36 Update CVE patchers 2021-02-10 15:55:51 -05:00
Tad
553299c409 Small updates 2021-02-08 18:49:01 -05:00
Tad
f1e2e43642 Update CVE patchers 2021-02-07 19:41:46 -05:00
Tad
d003ee6ea7 Update cherrypicks 2021-02-06 15:24:31 -05:00
Tad
3c0aaaa803 Update CVE patchers 2021-02-06 13:04:52 -05:00
Tad
820c637f20 Move many old cherry picks in tree for archival/support purposes 2021-02-05 20:00:43 -05:00
Tad
ebd992580c Update cherrypicks 2021-02-05 16:53:25 -05:00
Tad
d44eca7187 Update CVE patchers 2021-02-03 19:40:55 -05:00
Tad
fc5ba24098 Fixup 2021-02-03 12:19:37 -05:00
Tad
8fbe6a4bd2 Update CVE patchers 2021-02-03 11:50:22 -05:00
Tad
31d0b901ae Update cherrypicks 2021-02-03 09:45:26 -05:00
Tad
bac552732f Small tweaks 2021-01-30 21:34:50 -05:00
Tad
6a1fb99cc9 Unbreak last commit
This should be most of it

also
- properly update webview, repopick doesn't seem to handle the branch
- always cd back to base, to prevent script breakage
2021-01-25 13:31:57 -05:00
Tad
08142c2c9d Update CVE patchers
I expect breakage.
2021-01-24 00:30:24 -05:00
Tad
bef3ba0049 Small changes 2021-01-23 23:08:00 -05:00
Tad
38da3e202e Re-enable the SOUND_TRIGGER removal bits disabled in e9fd952b
It does not fix the phone call audio issues on mata like I hoped it would.
2021-01-18 09:11:37 -05:00
Tad
b99e1865fe deblobber improvements
- fixup CNE removal to disable Wi-Fi calling
- extend system.prop edits to cover all .props
- remove persist. and ro. from edits to cover all properties
2021-01-18 07:15:11 -05:00
Tad
c17623a87a Update CVE patchers 2021-01-16 22:48:28 -05:00
Tad
e9fd952ba2 Many small tweaks
- Remove leftover WireGuard repo missed in 31898834
- Enable the volteOverride, to ensure VoLTE enablement on supported devices on unknown carriers
- Extend volteOverride to support system.prop if vendor.prop doesn't exist (to cover eg. marlin/sailfish)
- Disable commenting of SOUND_TRIGGER flags.
  sountrigger blobs are not removed due to boot breakage.
  disable this and stop patching hardware/qcom/audio.
  Intended to potentially fix phone call audio issues on mata
- Small CVE patcher updates
2021-01-16 21:16:02 -05:00
Tad
a4333daefe Update cherrypicks
I managed to miss 300243 in the recent 17.1 rebuilds
2021-01-14 12:08:46 -05:00
Tad
55a9da29b0 Small fix 2021-01-14 05:26:49 -05:00
Tad
318988345b Drop WireGuard kernel module support
It was never used or enabled.
Silly me didn't acknowledge that it requires root for any app to use.

The app itself will still be included in the PrebuiltApps submodule for anyone who needs.
2021-01-13 06:30:44 -05:00
Tad
d757d84331 Fixup typo from 42b94605 2021-01-13 04:57:27 -05:00
Tad
f621ff7dda Update CVE patchers
I have absolutely no idea why kernel_oneplus_msm8998 was downgraded
4.4.241 to 4.4.205
https://github.com/LineageOS/android_kernel_oneplus_msm8998/tree/backup/lineage-17.1_20210108_1948
2021-01-13 04:29:00 -05:00
Tad
b683d40ef3 Small tweaks
- Update cherry picks
- Add star2lte to 15.1 and 17.1
2021-01-09 13:37:07 -05:00
Tad
42b94605f8 Cherrypicks and CVE-2019-2306 patching 2021-01-06 14:04:18 -05:00
Tad
e557ca3710 Update CVE patchers 2021-01-05 14:26:15 -05:00
Tad
bd4cb22db1 ASB cherry picks 2021-01-05 12:22:42 -05:00
Tad
e62afb602b Sync APN list from 17.1 to all versions
- 15.1: enable hammerhead due to reported bt issues on 16.0
2021-01-04 20:16:33 -05:00
Tad
3b8750cdff Deblobber: don't remove aonvr*.bin
breaks microphone on shamu and victara
2021-01-01 20:16:19 -05:00
Tad
ff96315fb4 Update CVE patchers 2020-12-30 11:08:19 -05:00
Tad
4c0ac9c46c Small changes 2020-12-24 02:01:10 -05:00
Tad
8b56cd13c6 deblobber: Don't remove CNE
- breaks Wi-Fi calling
- breaks IMS on marlin/sailfish
2020-12-22 13:53:29 -05:00
Tad
d6cf9ec8b0 Many fixes
VoLTE tested working on mata/17.1!
VoWiFi tested working with DOS_DEBLOBBER_REMOVE_CNE=false

- Disable Graphene exec spawning feature, subtly breaks many apps
  Maybe missing some patches?
- Build old versions for devices with broken IMS
- Ensure shell umask is always 0022
- fwb overlay: drop the MMS user-agent overrides
- Drop the BlobBlocker and ModuleBlocker
  They were unused and unkempt.
- Put volteOverride behind DOS_DEBLOBBER_REMOVE_IMS and comment it
2020-12-22 04:00:12 -05:00
Tad
356c743cd8 Update cherrpicks 2020-12-21 03:44:07 -05:00
Tad
1be184bac9 Small tweaks 2020-12-16 07:48:41 -05:00
Tad
39727cb7c7 Update CVE patchers 2020-12-10 14:09:58 -05:00
Tad
5ffefc4dc3 Cherry picks 2020-12-10 12:34:14 -05:00
Tad
3ec13d6bc8 Update CVE patchers 2020-12-08 10:24:24 -05:00
Tad
e36a91facc Update CVE patchers 2020-12-07 09:36:20 -05:00
Tad
9c691d02ab Update CVE patchers 2020-12-03 22:43:23 -05:00
Tad
26cda44016 Add support for rs988, h990, and h870 2020-11-29 19:19:43 -05:00
Tad
09722044b0 Update CVE patchers 2020-11-29 19:06:06 -05:00
Tad
69c8bdfb22 Update CVE patchers 2020-11-26 09:03:45 -05:00
Tad
48e72f67bb Tiny update 2020-11-22 22:12:47 -05:00
Tad
445582fe2a Update CVE patchers 2020-11-19 17:15:55 -05:00
Tad
9d7e5a24a3 License headers 2020-11-17 10:19:06 -05:00
Tad
7b9d90d781 move clark from 14.1 to 17.1 2020-11-15 08:16:29 -05:00
Tad
523264aebb Update CVE patchers 2020-11-12 23:46:38 -05:00
Tad
e7a65ff912 Small fixes 2020-11-09 22:55:36 -05:00
Tad
dfe516fc3d 17.1: update cheeseburger/dumpling kernel 2020-11-07 17:29:55 -05:00
Tad
a21a6acaa8 Update cherrypicks 2020-11-07 17:20:30 -05:00
Tad
dc5b1d91f2 Update CVE patchers 2020-11-06 16:15:16 -05:00
Tad
42053a97e2 ASB cherry picks 2020-11-04 09:48:12 -05:00
Tad
6a5866c01d More failed attempts at fixing IMS
Keeping IMS, RCS, CNE, ATFWD, and allowing ims* to access /dev/diag:
IMS service still fails to register on mata

Is it the carrier?
Is it the phone?
Is it LineageOS?
Is is DivestOS?
Absolute mess.
2020-11-02 19:24:56 -05:00
Tad
e36f4529a3 Fixup 9f01dc03
Enables replacing of vendor fingerprints.
I thought this was broken, turns out it was the AUX camera change instead.
2020-11-02 11:04:49 -05:00
Tad
9f01dc038c Small changes
- SUPL NTP fix
- Remove debug info from dexpreopt, saves a few MB
- 15.1+: enable full dexpreopt, for perf and memory benefits
- 17.1: change oneplus/msm8998-common kernel
- 17.1: add OpenCamera to AUX list
- Resurrect verity for devices missed previously
- Update some CVE patchers
- deblobber: remove some lingering atfwd blobs
2020-11-02 06:28:06 -05:00
Tad
3926f3a44f Small updates
- Various rebranding fixes
- 17.1: hold off on Seedvault inclusion for now
- 17.1: update kernel/fxtec/msm8998 CVE patcher
- 17.1: build cheeseburger/dumpling
2020-10-31 15:16:25 -04:00
Tad
5ec84b9f7b Update CVE patchers 2020-10-30 14:35:12 -04:00
Tad
40f8cebc53 Small updates 2020-10-28 19:09:18 -04:00
Tad
b89cc98001 Small updates 2020-10-27 21:40:20 -04:00
Tad
ff8dfd95db Small updates 2020-10-26 05:24:59 -04:00
Tad
47d064f98c Fixes 2020-10-23 18:50:51 -04:00
Tad
fb2a4df9a0 Add yellowstone, untested and disabled for now 2020-10-23 16:47:06 -04:00
Tad
95077df728 Update CVE patchers 2020-10-23 15:51:19 -04:00
Tad
1b4b86c38d Tiny tweaks 2020-10-23 14:49:16 -04:00
Tad
c7eb6fcbfe deblobber: fixup IMS for a few devices
Don't remove qti-vzw-ims-internal.jar needed by IMS stack.
It is just a shim and doesn't really do anything.

Also put RCS behind a flag.
2020-10-21 20:09:53 -04:00
Tad
0958df7de5 deblobber: remove more blobs 2020-10-20 10:45:57 -04:00
Tad
00a6a86126 deblobber: fixup timekeep replacement, credit Wang Han/aviraxp 2020-10-20 05:39:06 -04:00
Tad
d889ae4642 Update CVE patchers 2020-10-17 15:28:42 -04:00
Tad
6d15a2bb82 Update CVE patchers 2020-10-15 22:36:28 -04:00
Tad
688f4dd953 More CVE patcher fixes 2020-10-15 21:31:46 -04:00
Tad
cc64ce1634 Update CVE patchers 2020-10-14 16:28:07 -04:00
Tad
10d042c3c0 Update CVE patchers 2020-10-14 15:20:06 -04:00
Tad
6c9c91941e Fix errors from compile test of all 14.1 kernels 2020-10-14 14:23:22 -04:00
Tad
d53a4f4e41 Update CVE patchers
- Drop tcp_sack=0 sysctl, as most devices are now patched
2020-10-12 18:38:07 -04:00
Tad
b56929d3d9 Many changes
- Missing credit in LICENSE
- Update TODO
- hardenLocationConf: don't change version
- hardenDefconfig: Fix reboot on shutdown
- changeDefaultDNS: replace a level3 dns straggler for tethering config
- Don't remove CompanionDeviceManager if microG is included
- Update cherry picks
- init.sh: update comment wording
2020-10-12 07:52:54 -04:00
Tad
115dd21832 Many changes
- 17.1: Add Pixel 4/XL
- Promote klte to 17.1
- hardenBootArgs: don't run on klte
- hardenBootArgs: regorganize
- hardenDefconfig: enabler: drop unnecessary options (iommu)
- hardenDefconfig: disabler: comment diag options for now
- deblobber: comment dirac lines to fix cheeseburger headphone jack
- fixup Etar replacement
2020-10-11 07:12:00 -04:00
Tad
496fddb303 Replace calendar with Etar, and drop LocalCalendar 2020-10-11 04:12:16 -04:00
Tad
260140f0a1 Update CVE patchers 2020-10-10 11:56:35 -04:00
Tad
8bdad21040 Update CVE patchers 2020-10-06 23:36:29 -04:00
Tad
b56fabac3b Update CVE patchers
I expect some breakage here
2020-10-06 21:14:18 -04:00
Tad
bf9167f442 Update CVE patchers 2020-10-05 21:38:25 -04:00
Tad
589394a589 Small updates 2020-10-05 21:38:15 -04:00
Tad
55e010fba5 Small updates 2020-10-01 14:56:37 -04:00
Tad
46c1a74ef3 17.1: Fixup TTS 2020-09-25 11:38:26 -04:00
Tad
92f7f37096 Update CVE patchers
Fix CVE-2020-25221 breakage
2020-09-25 09:27:12 -04:00
Tad
bc7cf7af0a Update CVE patchers 2020-09-25 06:55:18 -04:00
Tad
a9812ba729 17.1: Rebase microG patches 2020-09-24 08:02:27 -04:00
Tad
92879ec2a4 Update CVE patchers 2020-09-23 06:31:34 -04:00
Tad
3bc1463017 Update CVE patchers 2020-09-18 10:36:01 -04:00
Tad
8c1e8ee3e3 Update CVE patchers 2020-09-17 15:35:48 -04:00
Tad
40654dbf4b Fixup 556a8529 2020-09-15 15:29:10 -04:00
Tad
6e16320468 Small fixes 2020-09-13 19:52:37 -04:00
Tad
d16a362141 ASB cherry picks + Fixup 2f83043c
TODO: rm -v kernel/*/*/drivers/staging/greybus/tools/Android.mk
2020-09-12 08:29:09 -04:00
Tad
4c29ac36d2 Update CVE patchers 2020-09-09 19:00:03 -04:00
Tad
76fcd8a0d4 Update CVE patchers 2020-09-08 18:19:52 -04:00
Tad
37ff7ddc2d Update CVE patchers 2020-09-02 15:03:00 -04:00
Tad
bca6af1516 Small updates
- recovery: abort on serial number specific updates, credit: GrapheneOS
- Add lists of missing CVEs
- Update cherrypicks
2020-09-02 14:20:51 -04:00
Tad
0808ac1fd0 Many updates
- Add OnePlus 6, 6T, 7, 7 Pro
- Ensure verity/avb keys are *always* copied
- Update cherry picks
2020-09-01 03:26:21 -04:00
Tad
ec17d20f58 Update CVE patchers 2020-08-22 11:03:23 -04:00
Tad
826949e6df Small updates 2020-08-22 10:18:29 -04:00
Tad
98854115be 16.0: Add pro1
- Also initial beryllium support, no builds yet
2020-08-10 15:34:55 -04:00
Tad
f19dbe5958 More fixes for a69326f3 2020-08-10 03:46:36 -04:00
Tad
2f83043c68 14.1+15.1: GPS week rollover fix
16.0: 279492
17.1: 278135

also switch to alternate Xtra servers
https://developer.gemalto.com/threads/gps-time-info-error
2020-08-09 12:30:47 -04:00
Tad
887ebb84c5 Update CVE patchers
Includes many fixes for a69326f3
but probably breaks other things
2020-08-09 07:29:19 -04:00
Tad
a69326f396 Update CVE patchers
Untested. I expect some breakage.
2020-08-08 13:06:39 -04:00
Tad
7cd6df559c Update AOSP CVE list to August patches 2020-08-05 01:53:50 -04:00
Tad
af54500797 Update CVE patchers 2020-08-03 18:15:27 -04:00
Tad
e78a0cc1bc Small changes 2020-07-26 09:19:12 -04:00
Tad
0a979b67fa Small changes
- 17.1: bringup bacon and ether
2020-07-24 10:20:07 -04:00
Tad
dc3cf3405f Small updates
- Fix USB breakage
2020-07-22 08:50:51 -04:00
Tad
a6a59309ed More small fixes 2020-07-13 21:28:17 -04:00
Tad
2675404f86 14.1: move n-netd cherry picks in tree 2020-07-13 20:15:08 -04:00
Tad
820a680d4d Small updates + Many fixes 2020-07-13 17:37:33 -04:00
Tad
e8f13920bb Cherry picks 2020-07-08 16:39:26 -04:00
Tad
c715d549a7 Update CVE patchers 2020-07-07 01:57:39 -04:00
Tad
9bafe76906 Update CVE patchers 2020-06-27 02:29:14 -04:00
Tad
d9a61e1dea Fix GPG signing 2020-06-27 01:45:02 -04:00
Tad
2ef92046af Small changes 2020-06-22 20:41:49 -04:00
Tad
b2b9eb7ffc Potential fix for phone call audio on shamu and others 2020-06-17 15:20:02 -04:00
Tad
900183743d Add GPG signing to processRelease 2020-06-17 13:20:26 -04:00
Tad
70508e2b70 More checksums 2020-06-14 10:05:34 -04:00
Tad
5b9e44794b Fixup broken checksum generation 2020-06-14 09:36:39 -04:00
Tad
4e9f733f27 Small updates 2020-06-12 16:27:45 -04:00
Tad
837fbecc49 More verity resurrection 2020-06-08 11:57:52 -04:00
Tad
d96a421dee 17.1: disable cheeseburger/dumpling 2020-06-07 22:33:50 -04:00
Tad
79c7443c7d 17.1: bring up osprey and cheeseburger/dumpling
- also fix cherrypick mismatch
2020-06-07 16:35:05 -04:00
Tad
850c4ad88c Small updates
- Partial revert of 5106063c
- Cherry picks
- CVE patcher fixes
2020-06-07 04:25:12 -04:00
Tad
5797ea8fc4 Small fixes
CVE-2019-14047/ANY/0002.patch will probably need to be disabled on more devices
2020-06-02 17:33:27 -04:00
Tad
ca77d36357 Update CVE patchers 2020-06-02 02:23:57 -04:00
Tad
694f270d75 Initial bringup of many devices to 17.1 2020-05-31 15:10:32 -04:00
Tad
31d6ab5299 Update CVE patchers 2020-05-28 23:06:53 -04:00
Tad
5106063cb5 Drop many more repositories 2020-05-24 20:07:03 -04:00
Tad
7af3c42325 Minor fixes 2020-05-23 23:31:05 -04:00
Tad
4c1577724f Small changes
- hardenDefconfig: more options from Alexander Popov's checker
- 17.1: A2DP fix from GrapheneOS when hardened_malloc is in use
2020-05-23 18:06:22 -04:00
Tad
25cc3c5a10 Update CVE patchers 2020-05-18 16:25:41 -04:00
Tad
7343973b1d Minor updates
- Update cherrypicks
- 17.1: mata fix usb
- 16.0: whitelist open camera for aux support
2020-05-17 10:04:48 -04:00
Tad
f5462dd23c Minor tweaks 2020-05-13 17:38:39 -04:00
Tad
2aa65e6b16 Cherry picks 2020-05-11 07:57:53 -04:00
Tad
e962fdeb81 Update CVE patchers 2020-05-04 17:18:50 -04:00
Tad
e58ba3e9b2 Disable IMS stack 2020-05-02 22:29:23 -04:00
Tad
2a0352ba1c Many fixes
17.1: recovery: rebranding reverts
17.1: mata: fix vorbis
17.1: g2/g3: fix Wi-Fi under -user
15.1/16.0: g2/g3: improve misc_block_exception patch
2020-04-30 18:37:41 -04:00
Tad
c1e0503390 Update cherry picks 2020-04-28 19:23:49 -04:00
Tad
9fcb91793e Update CVE patchers 2020-04-26 13:24:43 -04:00
Tad
358a0d703b Many changes
- Promote many 16.0 devices to 17.1
- Many build fixes
- Switch to FairEmail
2020-04-25 12:34:49 -04:00
Tad
84300d6611 Small fixes 2020-04-19 13:19:55 -04:00
Tad
98a45b1ee6 Build fixes 2020-04-15 21:38:46 -04:00
Tad
c3bb898eb0 2020 2020-04-14 21:39:51 -04:00
Tad
8012903ba1 17.1: Initial bringup
- See items marked with '17REBASE'
2020-04-14 21:21:13 -04:00
Tad
cdd74148b9 Patcher build fixes 2020-04-12 13:58:02 -04:00
Tad
ee458d0ed1 April ASB cherry picks 2020-04-08 13:44:52 -04:00
Tad
0c89accfb5 Update CVE patchers 2020-04-06 22:23:37 -04:00
Tad
c26b3e95c7 Minor tweaks
- Cherry pick PPP/CVE-2020-8597 patches
- Add some more DNS providers
- Switch default DNS to Cloudflare's new malware blocking provider
- GCC 10 build fix
- Update CVE patchers (select)
2020-04-05 15:53:58 -04:00
Tad
d7ef9abf61 Minor tweaks 2020-03-25 22:08:25 -04:00
Tad
01843b6b2b Update incrementals 2020-03-02 19:33:43 -05:00
Tad
637bb171c8 Switch to partial 4096 signing keys by default
Update engine <10 doesn't support 4096-bit keys
Make releasekey 2048-bits
Verity has also been 2048-bits
The rest are 4096-bits
2020-02-26 20:14:42 -05:00
Tad
50f44d1934 Small changes
- cheeseburger/dumpling: fix ogg vorbis playback, credit @LuK1337
- cheeseburger/dumpling: fix delta ota generation
- remove a few more blobs
- potentially bluetooth when ant is removed on newer devices
- support newer clamav
- commented support for extracting boot.img when recovery.img isn't available
-- fastboot.zip should be preferred
- potentially fix boot on many untested newer devices (diag on msm8996+)
- update cherry picks
2020-02-24 18:53:27 -05:00
Tad
4292bcaa3e recovery: fix sideload with larger files
+ 16.0: add a disabled patch to remove backuptool
+ processRelease: add support for copying recovery image to archive
2020-02-23 16:06:47 -05:00
Tad
fe54dd26a6 Fix many device issues
- Fix mata
- Fix cheeseburger
- Enable near-entire IMS stack (proprietary)
- Fix many other new devices
2020-02-22 13:29:01 -05:00
Tad
4e25046418 Many changes
- Add OnePlus 2, 3/T, 5/T
- Fix flounder
- Cherrypicks
2020-02-17 22:21:47 -05:00
Tad
cc28df15f7 Cherry picks + fix 5 failing devices 2020-02-09 13:52:25 -05:00
Tad
2734a075c6 Update CVE patchers 2020-02-03 21:36:49 -05:00
Tad
332807d427 Update CVE patchers 2020-02-02 12:09:49 -05:00
Tad
d87457630a Update cherrypicks 2020-01-26 21:17:33 -05:00
Tad
84ac696e16 Small updates 2020-01-08 21:22:35 -05:00
Tad
d3f28918e5 Update CVE patchers 2020-01-06 18:25:36 -05:00
Tad
d8c2a56124 Update CVE patchers 2019-12-11 20:21:14 -05:00
Tad
4610cd9bde Update CVE patchers
CVE-2019-19252 was dropped
dependent on d21b0be246
2019-12-03 06:12:46 -05:00
Tad
7ef8a2726d Minor tweaks 2019-11-28 12:03:40 -05:00
Tad
a8cc390c3d 14.1: cherrypicks 2019-11-24 20:14:23 -05:00
Tad
f90b62982b Update CVE patchers 2019-11-24 20:13:55 -05:00
Tad
038ae37376 Minor tweaks 2019-11-24 16:22:58 -05:00
Tad
baabd45a16 Minor tweaks + ASB cherrypicks 2019-11-10 02:34:40 -05:00
Tad
d64534a7c1 Update CVE patchers 2019-11-04 21:04:49 -05:00
Tad
1a7897211a 16.0: add Amber 2019-10-29 17:37:43 -04:00
Tad
791087fefa minor tweaks 2019-10-27 16:20:27 -04:00
Tad
a8af0c3d0d hardenDefconfig: more options from Alexander Popov's checker 2019-10-20 01:53:59 -04:00
Tad
640ef60b83 Move many old cherry picks in tree for archival/support purposes 2019-10-19 22:03:59 -04:00
Tad
204285d7c8 kernel command line: enable hardening options 2019-10-18 22:14:28 -04:00
Tad
e13c6c7c9c processRelease features
- support removing device out after complete
- support malware scan before sign
- Update cherry picks
2019-10-15 12:23:46 -04:00
Tad
bffcd06644 16.0: add zenfone3 2019-10-11 15:16:09 -04:00
Tad
159e5ea194 Minor tweaks
- Update cherry picks
- Update copyright year
- bacon: fix delta generation
2019-10-11 13:24:38 -04:00
Tad
579f340c3c Update CVE patchers 2019-10-04 14:43:19 -04:00
Tad
f20ddfc0f6 Minor tweaks 2019-10-04 10:39:27 -04:00
Tad
79ec8a4999 clark: experimental 16.0 2019-09-28 17:37:18 -04:00
Tad
a0e8f9653c Future proofing keys 2019-09-25 21:04:24 -04:00
Tad
ca734124f9 Generate factory image if needed by device 2019-09-23 12:45:00 -04:00
Tad
f55cdef5b0 Minor tweaks 2019-09-21 15:42:26 -04:00
Tad
ae87cffe34 14.1: add v1awifi 2019-09-18 18:04:22 -04:00
Tad
4a1ebe1b71 Scripts: localize variables in functions 2019-09-17 04:14:35 -04:00
Tad
e01e457b24 Per-device signing keys
- also fix OTA/recovery key regression
- Update cherrypicks
2019-09-15 22:18:04 -04:00
Tad
19d5b66097 Many changes
- ASB chery picks
- 16.0: recovery: fix sideload
- Restore releasetools for some devices
- Only include Backup where supported
- Change some small defaults
- z00t: 14.1 -> 15.1
- himaul: 14.1 -> 15.1
- i9100: 14.1 -> 15.1+16.0
- flo: 15.1 -> 16.0, disabled
- flounder: 15.1 disabled, enable 14.1
2019-09-13 20:24:02 -04:00
Tad
09b38c1f04 marlin/sailfish: fix MediaProvider using 100% CPU
- by disabling mtp over functionfs
- affects both GrapheneOS and LineageOS
- might need to be applied to other devices

[pid  2482] ppoll([{fd=42, events=POLLIN}, {fd=51, events=POLLIN}], 2, {tv_sec=0, tv_nsec=0}, NULL, 0) = 0 (Timeout)
lrwx------ 1 u0_a13 u0_a13 64 2019-09-05 18:47 42 -> /dev/usb-ffs/mtp/ep0
lrwx------ 1 u0_a13 u0_a13 64 2019-09-05 18:47 51 -> anon_inode:[eventfd]

https://forum.xda-developers.com/android/help/pixel2-help-diagnose-android-process-t3863274
https://bugs.chromium.org/p/chromium/issues/detail?id=947901
2019-09-06 09:38:01 -04:00
Tad
1a7291aa36 Minor changes
- Cherry picks
- New default wallpaper, credit: Pawel Czerwinski, UmzGrVna1P0
2019-09-05 04:23:28 -04:00
Tad
9ce8cdb9b6 Add Steve Soltys' Backup app 2019-09-04 06:40:05 -04:00
Tad
ec48a4c89c Update CVE patchers 2019-09-04 01:31:12 -04:00
Tad
db572efa89 Many changes
- processRelease: Support AVB
- sort device build order by SoC

Additions:
- taimen/muskie: 15.1, 16.0
- crosshatch/blueline: 16.0
- bonito/sargo: 16.0
2019-09-03 16:50:50 -04:00
Tad
1bd0e47099 victara: 15.1 -> 16.0
- other fixes
2019-08-30 22:42:10 -04:00
Tad
330df0983c 16.0: Add GrapheneOS' exec-based spawning feature + misc tweaks
- patch credit updates
- 16.0: allow SystemUI to directly manage Bluetooth/WiFi
 - from GrapheneOS
- cleanup
2019-08-30 02:30:13 -04:00
Tad
e10a865b05 Improve release processing to support deltas and archiving 2019-08-29 19:09:31 -04:00
Tad
057bedb65b Minor tweaks
- 14.1+15.1+16.0: enable kernel protections for files
 - protected_*: hardlinks, symlinks, fifos, regular
 - from GrapheneOS
- defconfig: enable more verity options
- cleanup
2019-08-28 20:24:59 -04:00
Tad
db348ab09c Minor tweaks
- 15.1+16.0: Replace in-line build signing patch with bash function
 - From GrapheneOS/script
- 15.1+16.0: Enable fingerprint failed lockout after 5 attempts
 - From GrapheneOS
2019-08-28 00:40:27 -04:00
Tad
68cdef8733 Minor tweaks 2019-08-26 20:50:28 -04:00
Tad
eccf9c6f6d Many new devices
- hammerhead: 15.1 -> 16.0

- axon7: 14.1, 15.1
- cheryl: 16.0
- crackling: 14.1, 15.1, 16.0
- ham: 14.1, 15.1, 16.0
- kipper: 14.1, 15.1, 16.0
- z2_plus: 16.0
2019-08-23 17:27:53 -04:00
Tad
e9b5c06188 Lots of device updates
- d802: 15.1 -> 16.0
- d852: 15.1 -> 16.0
- d855: 15.1 -> 16.0
- fugu: 15.1 -> 16.0
- jfltexx: 14.1 -> 16.0
- m8: 15.1 -> 16.0
- mata: 15.1 -> 16.0
- update cherrypicks
- defconfig: enable MMC_SECDISCARD
2019-08-23 11:47:43 -04:00
Tad
3a080bbcd7 Minor tweaks 2019-08-13 01:56:01 -04:00
Tad
89de66bdba Many small changes
- Cherrypicks for ASB patches
- Apps: Switch gallery to Simple Gallery
- Apps: Switch camera to OpenCamera
- PKGBUILD: update with image optimization dependencies
- Deblobber: fix bug introducted in 6d33e4ecbf
2019-08-08 14:22:24 -04:00
Tad
6d33e4ecbf Parallize many functions invoked by find 2019-08-05 21:09:35 -04:00
Tad
3f8e9a846b Complete tree image optimization
- recursively optimize images using optipng/jpegoptim
benefits:
+ reduces image size
+ decreases load time
+ reduces memory usage
2019-08-05 20:34:08 -04:00
Tad
aee6b66dd8 Update CVE patchers 2019-08-05 16:03:41 -04:00
Tad
bad890614e Update CVE patchers 2019-07-21 09:47:10 -04:00
Tad
34d1bbe155 Minor updates 2019-07-21 07:36:02 -04:00
Tad
6458d6785f Enable IPv6 privacy extensions 2019-07-05 16:47:59 -04:00
Tad
4fe74583a9 Minor tweaks 2019-07-03 10:42:24 -04:00
Tad
a29825f6e1 Update CVE patchers 2019-07-01 18:06:05 -04:00
Tad
fe19e8c830 Minor tweaks 2019-06-30 04:52:57 -04:00
Tad
e41d053f00 Minor updates
- drop usage stats patch, causes Settings to crash
2019-06-27 23:01:28 -04:00
Tad
55c3072089 Going the distance... [pt2] 2019-06-18 13:51:04 -04:00
Tad
c15105d945 Update CVE patchers 2019-06-17 23:26:38 -04:00
Tad
02cf6e4778 Update cherry picks 2019-06-17 14:43:14 -04:00
Tad
1d67143181 Update CVE patchers 2019-06-08 04:09:24 -04:00
Tad
aa4ad7a6da Cherry picks 2019-06-06 10:45:00 -04:00
Tad
d7078bafd6 Update CVE patchers 2019-06-03 18:41:24 -04:00
Tad
bb72bccbeb Two hardening patches from @MSe1969
+ a backport of browser location restriction patch to 14.1 and 15.1
  by @syphyr
2019-06-02 19:25:29 -04:00
Tad
163fdb1f68 Minor updates 2019-05-31 21:13:39 -04:00
Tad
40d6db0326 divestos.xyz > divestos.org 2019-05-23 11:34:26 -04:00
Tad
8030a63a2a 11.0: fixes 2019-05-17 23:26:25 -04:00
Tad
380353773e Fixes 2019-05-17 20:48:26 -04:00
Tad
899812864f Update CVE patchers 2019-05-14 21:04:55 -04:00
Tad
c040d79c9b 16.0: add FP2 2019-05-13 13:51:48 -04:00
Tad
de5a4dda72 Minor tweaks 2019-05-12 09:33:21 -04:00
Tad
30bf0f2fb9 Resurrect verity 2019-05-09 06:16:34 -04:00
Tad
ebaf61eb31 Cherrypicks 2019-05-07 03:10:55 -04:00
Tad
b2e521440e Update CVE patchers 2019-05-06 18:31:06 -04:00
Tad
f59c77f00c Cherrypicks 2019-05-06 16:29:58 -04:00
Tad
08a2506fe9 14.1: support i9300 and n7100
i9300 has less blobs compared to i9305 due to different modem
2019-05-02 16:42:50 -04:00
Tad
cc976eeffe Minor tweaks 2019-04-16 22:34:31 -04:00
Tad
f8cfdbca4f Update CVE patchers 2019-04-07 20:31:27 -04:00
Tad
304f39918c Update cherrypicks 2019-04-07 17:31:23 -04:00
Tad
20c8c7525c Misc tweaks
- 15.1: Contacts: remove Privacy Policy and Terms of Service links
  - from GrapheneOS
- cherry picks
2019-04-06 22:55:14 -04:00
Tad
974cc3b3f8 16.0: recovery has been updated
but leave it disabled because it doesn't boot
2019-04-04 23:33:10 -04:00
Tad
935795f5bb Minor tweaks 2019-04-04 15:51:00 -04:00
Tad
25cc717ec2 Use GrapheneOS' hardened memory allocator
+ 16.0: some other misc hardening patches from GrapheneOS
  - always restrict access to Build.SERIAL
  - don't grant location permission to system browsers
  - fbe: pad filenames more
+ 16.0: Contacts: remove Privacy Policy and Terms of Service links
2019-04-04 01:07:58 -04:00
Tad
60cf364f19 Minor tweaks
- init.sh: sort options
- overlay: leave radioScanningTimeout default
- hardenDefconfig: disable more components with CVEs
- cherry picks
- 16.0: trebuchet: tmp fix for default workspace overlay
2019-04-03 19:04:37 -04:00
Tad
1c49b80da0 Minor tweaks
- CVE patchers were updated with no change
- hardenDefconfig: disable MSM_SMP2P_TEST to mitigate CVE-2019-2247
- 14.1 add a cherry pick
2019-04-01 18:57:04 -04:00
Tad
7223df543a Minor fixes 2019-03-31 22:46:37 -04:00
Tad
61ee2e5757 More minor fixes 2019-03-26 19:37:56 -04:00
Tad
3c806603d9 Various fixes 2019-03-25 21:30:26 -04:00
Tad
8f609e9cbe Minor tweaks
+ remove a few more blobs
+ fix broken USB and log spam on hdx*
2019-03-24 16:32:55 -04:00
Tad
54c68a1e93 Fixup radio on Motorola device 2019-03-23 20:23:42 -04:00
Tad
a8dbb447ed Deblobber cleanup
Break all the really long lines up into the following categories
- libraries (*.so)
- jars (*.jar)
- binaries
- apps (*.apk)
- non-executables (*.xml, *.cfg, *.conf, *.txt)
- firmwares (tz.*)
- treble stuff (vendor.*, com.*)
2019-03-23 18:11:57 -04:00
Tad
c044136234 Remove many more blobs 2019-03-23 14:57:39 -04:00
Tad
fc2e71acbe Remove more blobs 2019-03-22 19:43:29 -04:00
Tad
510fa2163e Cherry picks 2019-03-22 08:10:20 -04:00
Tad
a91a3d427a Remove more blobs 2019-03-22 06:04:29 -04:00
Tad
c64ad2ecdc Make it easier to build all supported branches of a device 2019-03-22 05:38:58 -04:00
Tad
dd7e4c3faf Remove more blobs 2019-03-22 05:28:57 -04:00
Tad
e344b17a36 Build fixes + new blob blocker 2019-03-22 04:20:06 -04:00
Tad
d3d924bd91 16.0: add marlin/sailfish and ether 2019-03-21 12:19:26 -04:00
Tad
3c056c7785 Remove some more blobs 2019-03-21 08:55:01 -04:00
Tad
6a0c39d14f Submodule updates 2019-03-20 22:43:38 -04:00
Tad
cf5a58f447 11.0: misc. fixes 2019-03-17 17:27:51 -04:00
Tad
97dc687812 Update cherry picks 2019-03-15 22:13:32 -04:00
Tad
2367074a0f Update submodules + misc fixes 2019-03-14 16:09:17 -04:00
Tad
31faec9bdc 16.0: Restore TTS 2019-03-12 20:07:28 -04:00
Tad
39bb65e181 Minor changes
15.1: Disabled devices with working 16.0
16.0: Build fixes
16.0: mako: don't touch partitions sizes
2019-03-12 17:18:38 -04:00
Tad
7945ed0e10 16.0: -user on legacy devices 2019-03-11 22:47:11 -04:00
Tad
cfe766be09 Tweaks 2019-03-11 18:19:50 -04:00
Tad
61a8a10c42 Many changes
repo changes
15.1: build fixes
16.0: add unofficial mako
2019-03-11 00:55:21 -04:00
Tad
b1455b641d Update CVE patchers 2019-03-08 15:15:46 -05:00
Tad
913fbcd109 ASB cherry picks + minor tweaks 2019-03-05 22:57:45 -05:00
Tad
5607db2e0b Update CVE patchers
- More aggressively attempt to apply incremental patches by
  ignoring the current subversion, as it is common for it to be 0
  Hopefully I won't have to revert this
2019-03-04 21:41:55 -05:00
Tad
9e897989d1 Update CVE patchers 2019-03-04 20:18:29 -05:00
Tad
f5d99c938b 16.0: More bringup 2019-03-04 05:53:51 -05:00
Tad
23056ddef0 Minor tweaks 2019-03-04 03:11:51 -05:00
Tad
afe719ffc4 16.0: Initial bringup
- 14.1/15.1: Remove @ValdikSS' bluetooth patches
- 15.1: Cleanup
2019-03-04 02:45:54 -05:00
Tad
83478880ef WireGuard kernel module inclusion support 2019-03-04 00:06:22 -05:00
Tad
6eab4c6529 Minor updates 2019-02-22 08:38:24 -05:00
Tad
bc63feedc9 Update CVE patchers 2019-02-21 06:25:47 -05:00
Tad
fccc124868 tuna fixes + fdroid priv changes 2019-02-14 04:36:50 -05:00
Tad
b9ff7a74e6 Updates and fixes 2019-02-12 16:09:41 -05:00
Tad
c9e17ffb52 Many changes
- Add more DNS resolver choices
- Change default DNS resolver back to OpenNIC
- More cleanup
- 15.1: Update some CVE patchers
2019-02-09 20:51:23 -05:00
Tad
ffabfb3616 14.1: fix maguro denials 2019-02-09 14:47:55 -05:00
Tad
a7a4e869fd Many changes
- Remove broken/permissive devices
- Notify user when location is requested via SUPL
- 15.1: skia cherrypicks for Feb ASB
- 15.1: recovery: change selected text color
2019-02-09 14:20:19 -05:00
Tad
9178760d1a Updater: Fix downloads over Tor
+ Update TODO
+ Minor tweaks
2019-02-08 20:58:15 -05:00
Tad
24c291c630 Improve hardenLocation to include fwb and its overlays 2019-02-08 18:46:42 -05:00
Tad
aa9b5499e6 Updates 2019-02-07 11:15:29 -05:00
Tad
3f9d78a4c7 Updates 2019-02-06 17:44:17 -05:00
Tad
15237becbb Update CVE patchers 2019-02-04 16:03:59 -05:00
Tad
929a3d5704 15.1: fix g3 2019-02-04 04:39:31 -05:00
Tad
db260cf1e1 Updates 2019-02-02 06:11:41 -05:00
Tad
378971497c 14.1: Support unified tuna 2019-02-01 02:53:13 -05:00
Tad
0ea1d37f0c Minor changes
- Update cherrypicks
- Update submodules
- Add some comments
2019-01-28 21:54:45 -05:00
Tad
883c22d162 Get d852 building + Update CVE patchers 2019-01-17 18:52:55 -05:00
Tad
a7a0a67888 Many changes
- Allow enabling accessibility services without disabling secure start-up
- Disable overclocks
- Update select CVE patchers
- Update submodules
- Support select downloads over Tor
- Update defconfig enablers
- Cherry pick security patches
2019-01-14 03:12:50 -05:00
Tad
ec3ffa38f2 Fixup CVE patchers 2019-01-07 19:42:25 -05:00
Tad
d8aac4c07b Update CVE patchers 2019-01-07 17:07:00 -05:00
Tad
c27f226269 Properly fix network mode patch 2018-12-29 12:19:27 -05:00
Tad
0df749ef73 Add more preferred network modes such as LTE Only, LTE/3G only, and 3G only 2018-12-28 08:02:24 -05:00
Tad
c07027dd97 Many changes
- Update CVE patchers
- Update submodules
- Update defconfig enablers
- Update DNS IP addresses
- + Misc changes
2018-12-24 23:29:56 -05:00
Tad
6c4eadcdc7 Manifest cleanup + always remove latemount from /cache
formatting/erasing /cache will result in selinux contexts being lost
these are normally restored by system/core/rootdir/init.rc in post-fs
but latemount causes /cache to not be mounted beforehand
preventing it from ever being fixed
result is broken ota and recovery updates
2018-12-20 17:22:34 -05:00
Tad
c5d2f25797 11.0: nex: switch to -user + add disabled overclock 2018-12-19 02:15:15 -05:00
Tad
3a717605d0 11.0: nex: fix wi-fi 2018-12-19 01:15:16 -05:00
Tad
a652eb1e23 11.0: Remove the rest of CMStats
Hmm, I don't remember Dialer having stats.
Goddamn spyware.
2018-12-18 23:39:29 -05:00
Tad
bae3092539 11.0: Remove CMStats 2018-12-18 22:08:57 -05:00
Tad
715cb32468 11.0: Cherrypick ASB topics 2018-12-18 21:36:02 -05:00
Tad
de1d7cf5ed 11.0: Build fixes 2018-12-18 21:36:02 -05:00
Tad
314701f0e8 11.0: Drop grouper + more work 2018-12-18 21:36:01 -05:00
Tad
28b0e915f5 11.0: More restoration work 2018-12-18 21:35:41 -05:00
Tad
01be578137 11.0: Initial restore
I think this is like the 6th time I've done this.
I always remove it, wait a few months, pull out a device that I want to run it on
and then spend hours restoring and bringing it back. I always think to myself
do I really need to toy with this device? No, I don't, but I do it anyway. :)
2018-12-18 21:35:14 -05:00
Tad
c6206ccd7e Minor updates 2018-12-17 17:59:12 -05:00
Tad
982462aa00 Update CVE patchers 2018-12-04 17:21:39 -05:00
Tad
90a967c552 Misc device fixes 2018-11-15 01:25:22 -05:00
Tad
6ea39e0a0f Updates 2018-11-13 17:33:49 -05:00
Tad
a2fd561a9b Temp fix for wrongly versioned CVE patch
- TODO: Regen CVE patchers
2018-11-06 22:22:22 -05:00
Tad
5be6227a8b Minor updates + Update CVE patchers 2018-11-06 21:09:35 -05:00
Tad
8708358645 Minor updates 2018-10-29 21:52:33 -04:00
Tad
34be4797ea Switch to official F-Droid 2018-10-20 16:26:42 -04:00
Tad
4f488269ff Minor changes 2018-10-20 13:13:32 -04:00
Tad
95959a0d89 Many changes
- Add back microG support (not enabled)
- Add choice between DNS66 and Blokada when $DOS_HOSTS_BLOCKING=false
2018-10-19 18:28:18 -04:00
Tad
5696da8d0c Many changes
- 15.1: Update some CVE patchers
- 15.1: Address some mako denials
- 14.1: Add cherrypicks for various security patches
- Common: Prepare for F-Droid additional repos
- Common: Disable overclock for mako
- Misc tweaks
2018-10-19 09:55:08 -04:00
Tad
586f967667 Minor updates 2018-10-14 20:21:06 -04:00
Tad
5df567fe3b Cleanup overclocks.sh 2018-10-02 13:55:39 -04:00
Tad
136bb520aa Update CVE patchers 2018-10-01 22:45:00 -04:00
Tad
776be6f992 Backport Updater Tor support patch to 14.1 2018-09-24 06:46:54 -04:00
Tad
08c65c8334 Patches to add captive portal check toggle from @MSe1969 2018-09-22 21:05:41 -04:00
Tad
137c8d992d Various changes 2018-09-21 16:32:02 -04:00
Tad
8347c07ec1 Deduplicate Overclock.sh and Optimize.sh 2018-09-21 03:55:54 -04:00
Tad
b50352bc8e Updater: Add initial Tor support 2018-09-20 21:45:58 -04:00
Tad
289b110d8f Fix GPS on various devices 2018-09-19 01:03:02 -04:00
Tad
c012af895f Updates 2018-09-18 20:55:45 -04:00
Tad
4929867e95 Build fixes 2018-09-14 19:34:01 -04:00
Tad
51fd815236 Update CVE patchers 2018-09-13 21:53:30 -04:00
Tad
a39764938c Build fixes and updates 2018-09-12 22:51:05 -04:00
Tad
f8a438b32a Update CVE patchers 2018-09-12 15:45:35 -04:00