Git-Mirrors/DivestOS
1
0
Fork 0
mirror of https://github.com/Divested-Mobile/DivestOS-Build.git synced 2024-07-06 03:21:15 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,628 Commits 1 Branch 0 Tags 89 MiB
cf019edef9
Commit Graph

409 Commits

Author SHA1 Message Date
Tad
8b67d5c41e Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-08-10 22:02:37 -04:00
Tad
12c56938cb Improve CVE-2021-1048 patching on 3.x kernels 
It is still actively being used by malware.

This largely handles 3.0, 3.4, and 3.10 kernels.
It works for select 3.18 kernels too.

TODO: need alternate get_file_rcu backport for the following:
15.1/lge_msm8996
15.1/zte_msm8996
16.0/xiaomi_msm8937
17.1/motorola_msm8996
18.1/google_marlin
18.1/lge_msm8996
18.1/oneplus_msm8996

Signed-off-by: Tad <tad@spotco.us>
 2022-08-09 21:39:25 -04:00
Tad
31a67f054d Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-08-04 11:12:40 -04:00
Tad
933f33ba6b Cherrypicks 
Signed-off-by: Tad <tad@spotco.us>
 2022-08-04 09:57:11 -04:00
Tad
178f01958d Cherrypicks 
Signed-off-by: Tad <tad@spotco.us>
 2022-08-02 19:39:09 -04:00
Tad
2b299c1aff Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-07-21 21:28:26 -04:00
Tad
1d64c759a5 Fixes 
Signed-off-by: Tad <tad@spotco.us>
 2022-07-10 00:31:44 -04:00
Tad
d3632c25ce Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-07-07 21:47:59 -04:00
Tad
22f915cc3e Cherrypicks 
Signed-off-by: Tad <tad@spotco.us>
 2022-07-07 18:59:37 -04:00
Tad
2c27a88a24 Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-07-06 19:22:21 -04:00
Tad
7b8ef09540 Update CVE patchers 
Effectively no changes

Signed-off-by: Tad <tad@spotco.us>
 2022-07-04 18:30:09 -04:00
Tad
ac645dd62e Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-06-28 11:32:05 -04:00
Tad
519a474173 Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-06-19 22:44:05 -04:00
Tad
d58279e054 Update wireless-regdb to 2022.06.06 release 
Signed-off-by: Tad <tad@spotco.us>
 2022-06-11 10:17:25 -04:00
Tad
70b8485695 Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-06-09 17:59:48 -04:00
Tad
c092b13a44 Restore star*lte 
Signed-off-by: Tad <tad@spotco.us>
 2022-06-08 22:55:00 -04:00
Tad
2bf84a7643 Increase default max password length to 64, credit GrapheneOS 
Closes https://github.com/Divested-Mobile/DivestOS-Build/pull/119
Closes https://github.com/Divested-Mobile/DivestOS-Build/issues/27

Signed-off-by: Tad <tad@spotco.us>
 2022-06-07 15:33:38 -04:00
Tad
27f8663b00 Tweak 
Signed-off-by: Tad <tad@spotco.us>
 2022-06-06 16:58:55 -04:00
Tad
697bed18fb 17.1+18.1: Drop all devices working on 19.1 
Signed-off-by: Tad <tad@spotco.us>
 2022-06-04 14:26:44 -04:00
Tad
899ea17d4e Add the missing page sanitization to 3.18 kernels 
All along they only had slub sanization :(

Signed-off-by: Tad <tad@spotco.us>
 2022-06-04 12:00:01 -04:00
Tad
92c66447f8 Drop slub_debug 
What is lost?
- sanity checks and redzoning on all devices
  - redzoning reportedly however causes issues on some devices such as the Pixel 3/4 and OnePlus 7
- slub sanization on 3.0, 3.4, 4.4 (except google/wahoo), xiaomi/sm6150, and oneplus/sm7250

Note: all 3.4+ devices still have page sanization

Signed-off-by: Tad <tad@spotco.us>
 2022-06-03 13:58:17 -04:00
Tad
da63c9e571 Various small patches 
7408144e1b
> extend Network/Sensors permission handling for legacy apps not targeting Android 6
> or above (API 23) to resolve a UI issue where the user choosing to grant the
> Network/Sensors permissions via the legacy permission review interface doesn't
> appear in the Settings app info page

22d32cb61b
suppresses https://github.com/Divested-Mobile/DivestOS-Build/discussions/112

66f406b979
3f69205d06
nice to have

Signed-off-by: Tad <tad@spotco.us>
 2022-06-02 23:17:05 -04:00
Tad
aa61367ace Tweaks 
- Disable slub_debug=P for devices with INIT_ON_ALLOC/FREE_DEFAULT_ON
- Disable slub_debug=Z due to known breakage
- Disable many debug options on Linux 4.x and up
- 19.1: fixup missing manifests for vayu :\

Signed-off-by: Tad <tad@spotco.us>
 2022-06-02 17:13:20 -04:00
Tad
6d95c231bc Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-05-31 21:29:22 -04:00
Tad
735c9e0de8 Revert 5d57bf13 
I don't trust enabling MODULES won't cause weird inane breakage on these legacy devices

Signed-off-by: Tad <tad@spotco.us>
 2022-05-27 23:46:57 -04:00
Tad
28724c4a6e Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-05-25 22:52:22 -04:00
Tad
2c4caa30a1 Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-05-24 00:36:49 -04:00
Tad
e8bc36af04 Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-05-20 17:16:29 -04:00
Tad
64b4bbe075 Disable older devices tested/reported working on 19.1 
Signed-off-by: Tad <tad@spotco.us>
 2022-05-15 13:16:36 -04:00
Tad
05930af014 Various changes 2022-05-14 21:40:50 -04:00
Tad
3e7b657295 Tweaks 
Signed-off-by: Tad <tad@spotco.us>
 2022-05-13 19:47:43 -04:00
Tad
bf7c06105c Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-05-12 22:13:06 -04:00
Tad
4edfa56f1a Tiny tweak 
Signed-off-by: Tad <tad@spotco.us>
 2022-05-04 11:52:22 -04:00
Tad
b2eb3c01b4 Update CVE patchers 
Newly added CVE-2022-20009 is dupe with CVE-2022-25258 and CVE-2022-25375

Signed-off-by: Tad <tad@spotco.us>
 2022-05-03 23:33:17 -04:00
Tad
65883d9bc4 2022 
Signed-off-by: Tad <tad@spotco.us>
 2022-05-01 01:13:49 -04:00
Tad
3316cc4824 Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-27 07:46:22 -04:00
Tad
3457fd4151 Device cleanup 
Drop long non-compiling devices:
- 14.1: n7100, jellypro
- 15.1: himaul, oneplus2
- 16.0: zenfone3, fugu
- 17.1: yellowstone, fugu
- 18.1: bonito, sargo

Drop in favor of 19.1:
- 17.1: bonito, sargo
- 18.1: pro1, aura, sunfish, coral, flame, bramble, redfin
(experimental, but these devices don't currently appear to have any users)

Signed-off-by: Tad <tad@spotco.us>
 2022-04-26 15:19:57 -04:00
Tad
13a9997a0c 19.1: aura and beryllium + some fixes 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-26 11:41:28 -04:00
Tad
9a6c7a2684 18.1: Add toggle for /etc/hosts 
TODO: 19.1 and maybe 17.1

Tested working on klte/18.1

Signed-off-by: Tad <tad@spotco.us>
 2022-04-20 16:40:22 -04:00
Tad
1f721c7845 Further credit patches 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-19 23:52:10 -04:00
Tad
c5b1cc9a35 Simplify 8e3f0438 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-19 20:23:53 -04:00
Tad
e666a4a891 Update CVE patchers 
TODO: maybe split CVE-2022-23960/4.9 to get back?

Signed-off-by: Tad <tad@spotco.us>
 2022-04-19 14:38:44 -04:00
Tad
8e3f043820 Warn when running activity from 32 bit app on ARM64 devices. 
https://android-review.googlesource.com/c/platform/frameworks/base/+/2003790/
https://github.com/GrapheneOS/platform_frameworks_base/pull/182

Signed-off-by: Tad <tad@spotco.us>
 2022-04-19 12:00:22 -04:00
Tad
d4dceffa60 Update supported kernels to latest wireless regulations database 
Applies for ~43 kernel trees

Source: wireless-regdb-2022.04.08

Signed-off-by: Tad <tad@spotco.us>
 2022-04-19 11:30:57 -04:00
Tad
163a162568 Fix boot animation + churn 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-18 23:04:24 -04:00
Tad
be6b03fe96 Churn 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-13 14:54:08 -04:00
Tad
486e358050 More (disabled) lowram tweaks for <2GB devices 
The inprocess variants make very little reduction and likely reduce security.

Signed-off-by: Tad <tad@spotco.us>
 2022-04-12 20:25:26 -04:00
Tad
42c9d22de9 Default disable exec spawning 
Change the property too, so it takes effect next update.
Since 16.0 lacks a toggle, this effectively disables the feature for it.
Even devices with 4GB of RAM have usability severely impacted.

Plus some other tweaks/churn

Signed-off-by: Tad <tad@spotco.us>
 2022-04-12 17:58:04 -04:00
Tad
30de608a61 Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-12 02:51:44 -04:00
Tad
d078b24ddb lowram tweaks 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-11 23:40:26 -04:00