Tad
20c4e75fe1
Fixes
...
Signed-off-by: Tad <tad@spotco.us>
2023-02-01 18:30:29 -05:00
Tad
4155cec7e3
20.0: bringup mata
...
Signed-off-by: Tad <tad@spotco.us>
2023-02-01 17:51:38 -05:00
Tad
baa0252c6b
Allow editing APNs, patch from GrapheneOS
...
Signed-off-by: Tad <tad@spotco.us>
2023-02-01 17:21:32 -05:00
Tad
4f6e21d7f9
Deduplicate Defaults.sh
...
Signed-off-by: Tad <tad@spotco.us>
2023-02-01 15:57:13 -05:00
Tad
af3fe9776b
Small updates
...
Signed-off-by: Tad <tad@spotco.us>
2023-02-01 15:19:21 -05:00
Tad
1511176a07
Update CVE patchers
...
Maybe some breakage
Signed-off-by: Tad <tad@spotco.us>
2023-01-28 20:33:44 -05:00
Tad
eaac744701
Fixes
...
Signed-off-by: Tad <tad@spotco.us>
2023-01-24 23:37:38 -05:00
Tad
3231979ef4
Churn
...
Signed-off-by: Tad <tad@spotco.us>
2023-01-24 20:55:42 -05:00
Tad
fb7bf503b1
Pull in the special permissions reset bugfix from GrapheneOS
...
Signed-off-by: Tad <tad@spotco.us>
2023-01-24 19:20:00 -05:00
Tad
b1da856762
Cleanup
...
Signed-off-by: Tad <tad@spotco.us>
2023-01-24 19:14:26 -05:00
Tad
da1df44c8f
GrapheneOS kernel hardening patches update
...
Maybe some compile breakage
Signed-off-by: Tad <tad@spotco.us>
2023-01-24 19:03:01 -05:00
Tad
e81cd5586d
Add even more captive portal servers + sorting
...
TODO: apply to other branches
Signed-off-by: Tad <tad@spotco.us>
2023-01-23 16:42:00 -05:00
Tad
2529515b33
19.1+: Fixup DHCP hostname handling
...
Signed-off-by: Tad <tad@spotco.us>
2023-01-22 15:52:20 -05:00
Tad
9558a7d0e9
Switch to the Broadcom PSDS server for Pixel 6/7 series
...
Instead of agnss.goog cache
Based off of a patch from GrapheneOS
Signed-off-by: Tad <tad@spotco.us>
2023-01-21 04:08:26 -05:00
Tad
626821d12d
Use HTTPS for GLPals
...
Signed-off-by: Tad <tad@spotco.us>
2023-01-20 21:22:16 -05:00
Tad
ad466bd3e4
Various changes
...
- 17.1: Add more captive portal server options like 18.1+, disabled: needs fixes
- 17.1: Add the hosts toggle like 18.1+
- 18.1: fix junk in patch
- 17.1+: hosts toggle: bugfix: fixup localhost handling by switching to strcmp
- 15.1: fixes to get hmalloc to compile, does NOT boot
Signed-off-by: Tad <tad@spotco.us>
2023-01-20 18:59:02 -05:00
Tad
84a9a1326c
18.1+: add multiple captive potal server options
...
This also switches 18.1 from @MSe1969's patch to the GrapheneOS patch
Can maybe port to 17.1 too
Signed-off-by: Tad <tad@spotco.us>
2023-01-20 00:21:30 -05:00
Tad
91807acf21
various small fixes
...
- loose versioning fixes for 4.9
- remove GPG commit verification for GOS repos, they use SSH now. TODO: support that
- 20.0: fixup AudioFX stray lines
- 20.0: broken fix for gs101/201 stray iwlan lines
Signed-off-by: Tad <tad@spotco.us>
2023-01-18 20:02:11 -05:00
Tad
5ce2d33162
Update CVE patchers
...
Signed-off-by: Tad <tad@spotco.us>
2023-01-18 14:13:33 -05:00
Tad
b01e902988
m8: boost microphone volume patch from @Ke1i
...
Signed-off-by: Tad <tad@spotco.us>
2023-01-14 14:01:30 -05:00
Tad
2153422bb0
Potentially unbreak video playback on vayu, davinci, guacamole*, and hotdog*.
...
Signed-off-by: Tad <tad@spotco.us>
2023-01-13 21:27:18 -05:00
Tad
b82427ce5b
Conservative reverse loose versioning for 3.10
...
This applies 3.4 patches to 3.10 if no other match is available
Note: CVE-2017-13245/3.4/0002.patch ends up applied over CVE-2018-10902/3.18/0003.patch
Signed-off-by: Tad <tad@spotco.us>
2023-01-13 15:51:46 -05:00
Tad
14f40e024f
Update CVE patchers
...
This adds loose versioning applying 4.14 patches to 4.9
Signed-off-by: Tad <tad@spotco.us>
2023-01-13 13:23:12 -05:00
Tad
3e5f1ec5ec
Churn
...
Signed-off-by: Tad <tad@spotco.us>
2023-01-12 16:07:39 -05:00
Tad
207bdd2406
Strict versionCode checks for system apps from GrapheneOS
...
Signed-off-by: Tad <tad@spotco.us>
2023-01-11 12:19:41 -05:00
Tad
312e0d5fc0
19.1: drop devices that are on 20.0
...
Signed-off-by: Tad <tad@spotco.us>
2023-01-10 11:42:17 -05:00
Tad
8eca7f2149
20.0: add xz2 series + churn
...
Signed-off-by: Tad <tad@spotco.us>
2023-01-09 13:47:10 -05:00
Tad
4012c57952
beryllium: fix a stutter
...
Signed-off-by: Tad <tad@spotco.us>
2023-01-09 09:42:13 -05:00
Tad
7dbdcdf751
Tweak Aperture defaults
...
Signed-off-by: Tad <tad@spotco.us>
2023-01-08 21:20:36 -05:00
Tad
c92c084ca1
Churn
...
Signed-off-by: Tad <tad@spotco.us>
2023-01-08 20:49:57 -05:00
Tad
b143ffcd8b
15.1 January ASB work
...
+ a missing patch from 2019-08
Signed-off-by: Tad <tad@spotco.us>
2023-01-08 16:31:54 -05:00
Tad
57d951ccb5
Missing patches for 16.0 + Churn
...
Signed-off-by: Tad <tad@spotco.us>
2023-01-08 13:22:50 -05:00
Tad
10c1d825c2
Revert e10d4b17
...
17.1 is plagued with the same issue, no reason to use it
Signed-off-by: Tad <tad@spotco.us>
2023-01-07 11:17:21 -05:00
Tad
efa31534a9
Picks
...
Signed-off-by: Tad <tad@spotco.us>
2023-01-07 10:52:03 -05:00
Tad
3ac41a1918
Tweaks
...
Signed-off-by: Tad <tad@spotco.us>
2023-01-05 10:09:04 -05:00
Tad
f2d87b1e81
Update CVE patchers
...
Signed-off-by: Tad <tad@spotco.us>
2023-01-03 20:18:40 -05:00
Tad
06eed1fba9
Update CVE patchers
...
Signed-off-by: Tad <tad@spotco.us>
2022-12-31 21:41:46 -05:00
Tad
035ae85e0f
19.1: drop devices that are on 20.0
...
- there have been updater checks for all of these on 20.0, expect for aura
- 20.0 has been my daily driver on fajita (and recently bluejay) since mid October
- there are only some minor issues on 20.0 that aren't much of a blocker
- LineageOS has marked 20.0 stable
Signed-off-by: Tad <tad@spotco.us>
2022-12-31 18:26:42 -05:00
Tad
e10d4b1799
17.1: restore m8
...
18.1 has some display artifacting issues and hangs
Signed-off-by: Tad <tad@spotco.us>
2022-12-28 14:38:05 -05:00
Tad
a3015c3ad0
Fixup
...
Signed-off-by: Tad <tad@spotco.us>
2022-12-26 16:12:03 -05:00
Tad
06254708be
Many fixes to get bluejay booting & working proper
...
- Enable APEX for Pixel 6/7, necessary for camera and pKVM
- Also drop hack removing pKVM for Pixel 6/7
- patch from GrapheneOS
- Extend hmalloc workaround to /apex
- Deblobber:
- actually handle wildcard f/w/b overlays
- move some stuff around
- remove some more Pixel blobs
- flag and disable removal of camera extensions, being able to use the second camera is nice
- Adjust what hardenDefconfig disables, caused boot issues
minimal impact as most of these are already default-disabled
can be narrowed down in future
- Disable some of the bionic hardening patches, causing more boot issues
annoying to lose, but having a phone that boots is more important
- Add LTE only mode to 17.1, 18.1, 19.1, and 20.0, credit GrapheneOS
- Remove Pixel 2 ramdisk compression reverts, fixed upstream
And yes, I know I should've split up this commit...
Signed-off-by: Tad <tad@spotco.us>
2022-12-25 13:21:37 -05:00
Tad
751d1e8d72
Misc patches
...
- 20.0: updated and enabled burnIn patch
- 19.1: fixup apps having data restrictions wrongly applied
Signed-off-by: Tad <tad@spotco.us>
2022-12-23 10:09:37 -05:00
Tad
7d6b8e3aeb
Update CVE patchers
...
Signed-off-by: Tad <tad@spotco.us>
2022-12-22 11:33:47 -05:00
Tad
82d2066021
Disable removal of aptX
...
Bluetooth audio is already awful enough, let's not make it worse
Signed-off-by: Tad <tad@spotco.us>
2022-12-18 22:58:21 -05:00
Tad
b5bc269743
SBC dualchannel picks
...
Signed-off-by: Tad <tad@spotco.us>
2022-12-18 21:47:22 -05:00
Tad
7277291dd7
Churn
...
Signed-off-by: Tad <tad@spotco.us>
2022-12-18 21:46:00 -05:00
Tad
03293f6b52
Fixup
...
Messy, but better to have CVE-2022-42896 applied to *some* 3.18 kernels
Signed-off-by: Tad <tad@spotco.us>
2022-12-17 00:42:25 -05:00
Tad
77085c00f7
19.1: drop some devices in favor of 20.0
...
Signed-off-by: Tad <tad@spotco.us>
2022-12-16 22:10:31 -05:00
Tad
c2fc228f3b
Update CVE patchers
...
Signed-off-by: Tad <tad@spotco.us>
2022-12-16 22:06:13 -05:00
Tad
23a723feb1
Pixel 6/7 compiling
...
Signed-off-by: Tad <tad@spotco.us>
2022-12-16 03:34:58 -05:00
Tad
ad5de60266
More Pixel 6/7 work
...
compiles, but fails to generate release due to pvmfw failure
Signed-off-by: Tad <tad@spotco.us>
2022-12-15 20:49:30 -05:00
Tad
4f1c1b343c
Update commons
...
Signed-off-by: Tad <tad@spotco.us>
2022-12-15 17:45:18 -05:00
Tad
684f4f68f0
Fixup license
...
Signed-off-by: Tad <tad@spotco.us>
2022-12-15 17:39:21 -05:00
Tad
f1b5a8239f
Fix
...
Signed-off-by: Tad <tad@spotco.us>
2022-12-14 22:52:32 -05:00
Tad
7f8ea96535
Pixel 6/7 prep + fixes
...
These still need defconfig and deblobber handling
All of these sections were reviewed & sorted
Signed-off-by: Tad <tad@spotco.us>
2022-12-14 22:23:31 -05:00
Tad
1eb373d1e0
15.1 December ASB work
...
Signed-off-by: Tad <tad@spotco.us>
2022-12-12 21:01:34 -05:00
Tad
5e918c5506
Picks
...
Signed-off-by: Tad <tad@spotco.us>
2022-12-12 19:30:56 -05:00
Tad
7dc3b8ef69
Tiny update
...
Signed-off-by: Tad <tad@spotco.us>
2022-12-11 19:25:10 -05:00
Tad
26f301bd91
Maybe not necessary
...
Sync with GrapheneOS/script
Signed-off-by: Tad <tad@spotco.us>
2022-12-11 10:20:19 -05:00
Tad
29c9826c11
20.0: QPR1 churn
...
Signed-off-by: Tad <tad@spotco.us>
2022-12-10 20:57:17 -05:00
Tad
b78f573eb9
Fixes
...
Signed-off-by: Tad <tad@spotco.us>
2022-12-10 20:30:22 -05:00
Tad
63cbd1f483
14.1 December ASB, thanks to @syphyr
...
Signed-off-by: Tad <tad@spotco.us>
2022-12-10 20:17:48 -05:00
Tad
abb616d2f3
Updates
...
Signed-off-by: Tad <tad@spotco.us>
2022-12-09 17:23:20 -05:00
Tad
ce47fdae34
Small updates + Picks
...
Signed-off-by: Tad <tad@spotco.us>
2022-12-07 18:41:50 -05:00
Tad
a62922e72d
Update CVE patchers
...
Signed-off-by: Tad <tad@spotco.us>
2022-12-06 15:00:40 -05:00
Tad
0aa4fd0fc3
Update CVE patchers
...
Appears I skipped 20.0 by accident last update
Signed-off-by: Tad <tad@spotco.us>
2022-12-05 14:23:06 -05:00
Tad
3c8c235758
Ugly workaround
...
For bug exposed after:
https://review.lineageos.org/c/LineageOS/android_frameworks_base/+/344890
Signed-off-by: Tad <tad@spotco.us>
2022-12-03 23:58:36 -05:00
Tad
178e127338
Small tweaks + churn
...
Fixes recovery not booting on 20.0
Signed-off-by: Tad <tad@spotco.us>
2022-12-03 16:19:31 -05:00
Tad
038fca449b
Update CVE patchers
...
Signed-off-by: Tad <tad@spotco.us>
2022-11-30 08:28:40 -05:00
Tad
680bf51e05
Ugly hack
...
Signed-off-by: Tad <tad@spotco.us>
2022-11-22 07:24:21 -05:00
Tad
fd0e3e8117
Update CVE patchers
...
Signed-off-by: Tad <tad@spotco.us>
2022-11-22 07:11:30 -05:00
Tad
c4fe56a307
Update CVE patchers
...
This fixes CVE-2018-9422 which was primarily added via b56fabac
May still need to be fixed:
16.0/kernel_google_yellowstone
16.0/kernel_xiaomi_msm8937
Signed-off-by: Tad <tad@spotco.us>
2022-11-21 08:39:10 -05:00
Tad
7f24df22f7
Small updates
...
Signed-off-by: Tad <tad@spotco.us>
2022-11-21 06:09:29 -05:00
Tad
ad5f2d7bfa
Fix firmware flash denial for OP7 series
...
Signed-off-by: Tad <tad@spotco.us>
2022-11-16 18:42:17 -05:00
Tad
9d1efb33c3
More 14.1 picks + 15.1 November ASB work
...
Signed-off-by: Tad <tad@spotco.us>
2022-11-13 23:21:41 -05:00
Tad
14f7f1db32
Updates + Churn
...
Signed-off-by: Tad <tad@spotco.us>
2022-11-13 02:06:05 -05:00
Tad
b81d39c969
Update CVE patchers
...
Signed-off-by: Tad <tad@spotco.us>
2022-11-11 16:05:22 -05:00
Tad
27395374e1
Fixup + Churn
...
Signed-off-by: Tad <tad@spotco.us>
2022-11-11 13:54:57 -05:00
Tad
8bfedda18b
14/15/16: Fix compile failure with modern kernels
...
https://android-review.googlesource.com/c/platform/art/+/2226578
https://groups.google.com/g/Android-building/c/ZfUQQWt_ABI
Signed-off-by: Tad <tad@spotco.us>
2022-11-10 18:26:36 -05:00
Tad
8d4d73d65c
Picks
...
Signed-off-by: Tad <tad@spotco.us>
2022-11-09 18:11:48 -05:00
Tad
807a08210a
Tweaks
...
- 20.0: pick fixes for the deny usb toggle
- 20.0: pull in a patch from GrapheneOS removing a package list leak
Signed-off-by: Tad <tad@spotco.us>
2022-11-07 20:30:36 -05:00
Tad
ac3dc319c7
Update CVE patchers
...
Signed-off-by: Tad <tad@spotco.us>
2022-11-07 15:51:17 -05:00
Tad
b9f4074226
20.0: disable the broken monet toggle patch
...
Has some weird inconsistencies
Signed-off-by: Tad <tad@spotco.us>
2022-11-03 14:49:28 -04:00
Tad
7fb334d825
Update CVE patchers
...
Signed-off-by: Tad <tad@spotco.us>
2022-11-03 13:25:38 -04:00
Tad
aa4ffdb014
20.0: add taimen/walleye
...
not stable yet, ims crashes invoking rescueparty
Signed-off-by: Tad <tad@spotco.us>
2022-10-31 18:31:55 -04:00
Tad
11780d890f
Churn
...
Signed-off-by: Tad <tad@spotco.us>
2022-10-24 22:53:41 -04:00
Tad
c051cb282d
Update CVE patchers
...
Signed-off-by: Tad <tad@spotco.us>
2022-10-22 21:39:01 -04:00
Tad
1338c24d9b
Disable CarrierConfig and carrier_list changes
...
I've had reports of non-functional SIM and reboots with select carriers on this last update
Signed-off-by: Tad <tad@spotco.us>
2022-10-20 19:42:01 -04:00
Tad
dfcbf14c17
Churn
...
Signed-off-by: Tad <tad@spotco.us>
2022-10-19 22:13:14 -04:00
Tad
006f128fc5
15.1: October 2022 ASB picks
...
Signed-off-by: Tad <tad@spotco.us>
2022-10-19 16:08:18 -04:00
Tad
6b07bc77a5
Picks
...
Signed-off-by: Tad <tad@spotco.us>
2022-10-19 15:25:56 -04:00
Tad
8ddbd86d44
20.0: more devices
...
Signed-off-by: Tad <tad@spotco.us>
2022-10-19 15:22:20 -04:00
Tad
148df59b7e
Cleanup: Drop UnifiedNlp, FDroidPrivExt, and Silence
...
These haven't been included for a while
+remove some old cruft from 20.0
Signed-off-by: Tad <tad@spotco.us>
2022-10-19 12:15:24 -04:00
Tad
d2096c86d9
Fixup
...
Signed-off-by: Tad <tad@spotco.us>
2022-10-18 22:44:01 -04:00
Tad
0c4db149e1
20.0: Network & Sensors permission from GrapheneOS
...
This revokes the permissions to all user installed apps on update.
Likely an expected quirk of being on 20.0 without the permission.
19.1 upgrades and new 20.0 installs should be fine.
TODO: update 19.1 with the SpecialRuntimePermAppUtils too
Signed-off-by: Tad <tad@spotco.us>
2022-10-18 22:14:56 -04:00
Tad
cdca2c032e
20.0: add barbet
...
Signed-off-by: Tad <tad@spotco.us>
2022-10-17 07:25:53 -04:00
Tad
91b908a78a
20.0: more fixes
...
Signed-off-by: Tad <tad@spotco.us>
2022-10-17 06:39:55 -04:00
Tad
e8248e4938
20.0: fixes + r11 churn
...
Signed-off-by: Tad <tad@spotco.us>
2022-10-16 17:18:06 -04:00
Tad
4524eb43d3
20.0: It boots!
...
Signed-off-by: Tad <tad@spotco.us>
2022-10-16 08:54:04 -04:00
Tad
5b114cacf8
20.0: More fixes
...
It compiles, but fails to sign:
> TypeError: cannot use a string pattern on a bytes-like object
Signed-off-by: Tad <tad@spotco.us>
2022-10-15 17:20:41 -04:00
Tad
5cada3a769
20.0: Fixes
...
Signed-off-by: Tad <tad@spotco.us>
2022-10-15 15:53:17 -04:00
Tad
20cfa30df0
20.0: Initial roster
...
Signed-off-by: Tad <tad@spotco.us>
2022-10-15 14:42:10 -04:00
Tad
055ed9bfad
20.0: Initial bringup
...
Signed-off-by: Tad <tad@spotco.us>
2022-10-15 10:39:48 -04:00
Tad
2acd454f13
Update CVE patchers
...
Signed-off-by: Tad <tad@spotco.us>
2022-10-13 23:42:20 -04:00
Tad
820c47caea
Update Carrier Configs
...
CarrierConfig@6563341442262a4b79a4a2674679615f010b9837
TelephonyProvider@20a6228381b3e89e8c0972d115d422c08e0c9adb
Signed-off-by: Tad <tad@spotco.us>
2022-10-12 21:41:08 -04:00
Tad
e3125dd7de
Update VVM and MMS configs from GrapheneOS
...
VVM: 2637686af5
MMS: 0c7e979f05
Signed-off-by: Tad <tad@spotco.us>
2022-10-12 21:33:47 -04:00
Tad
1543d2dc17
Cleanup
...
Missed from 42306525
Signed-off-by: Tad <tad@spotco.us>
2022-10-12 17:11:40 -04:00
Tad
2166491d5d
Update CVE patchers
...
Signed-off-by: Tad <tad@spotco.us>
2022-10-12 17:11:06 -04:00
Tad
75abc8b9ec
19.1: add a modified patch from GrapheneOS to disable connectivity checks
...
This removes their option for their servers
Signed-off-by: Tad <tad@spotco.us>
2022-10-12 16:14:41 -04:00
Tad
fe95f700d8
Remove the CNE and DPM blobs + churn
...
Just say no!
Signed-off-by: Tad <tad@spotco.us>
2022-10-12 01:23:45 -04:00
Tad
e7968e1269
Picks + Churn
...
Signed-off-by: Tad <tad@spotco.us>
2022-10-09 16:35:12 -04:00
Tad
4230652540
18.1: Drop all devices working on 19.1
...
Signed-off-by: Tad <tad@spotco.us>
2022-10-03 21:10:04 -04:00
Tad
bf66d5db45
Update CVE patchers
...
Signed-off-by: Tad <tad@spotco.us>
2022-10-03 20:59:55 -04:00
Tad
348b392f03
Picks
...
Signed-off-by: Tad <tad@spotco.us>
2022-10-03 10:24:04 -04:00
Tad
d78121a1c0
Update CVE patchers
...
Signed-off-by: Tad <tad@spotco.us>
2022-10-03 10:22:17 -04:00
Tad
c9b14ae70d
Make hardenDefconfig more manageable
...
No functional changes
Signed-off-by: Tad <tad@spotco.us>
2022-10-03 09:04:02 -04:00
Tad
da2e44c5f3
Add back the CNE and DPM blobs + churn
...
Signed-off-by: Tad <tad@spotco.us>
2022-10-02 11:47:58 -04:00
Tad
598d78bb61
Update CVE patchers
...
Signed-off-by: Tad <tad@spotco.us>
2022-09-25 13:49:45 -04:00
Tad
25568706e1
Various
...
- Add back the SIM ToolKit app
- 17.1: CarrierConfig testing
- 19.1: Enable op5 firmware inclusion, needs testing
- Don't disable coresight bits on op8, breaks compile
- 19.1: Add a patch from GrapheneOS to display/share logs when a crash happens
Signed-off-by: Tad <tad@spotco.us>
2022-09-23 22:53:12 -04:00
Tad
411fcc08e1
Update CVE patchers
...
Signed-off-by: Tad <tad@spotco.us>
2022-09-15 14:11:58 -04:00
Tad
eb200546ea
17.1+: Update carrier configs for improved compatibility
...
CarrierConfig@c2819f8
TelephonyProvider@af5c1386
Signed-off-by: Tad <tad@spotco.us>
2022-09-14 14:58:01 -04:00
Tad
4573f6d7c3
Churn
...
Signed-off-by: Tad <tad@spotco.us>
2022-09-13 22:41:48 -04:00
Tad
ec42acceb6
Various fixes from GrapheneOS
...
Signed-off-by: Tad <tad@spotco.us>
2022-09-13 10:24:26 -04:00
Tad
3b0c05fe7c
Pull VVM config from GrapheneOS instead of LineageOS
...
79.0.438914483 instead of 72.0.407683083
Signed-off-by: Tad <tad@spotco.us>
2022-09-13 10:14:05 -04:00
Tad
202033c013
Pull in old cherrypicks + 5 missing patches from syphyr
...
This adds 3 expat patches for n-asb-2022-09
from https://github.com/syphyr/android_external_expat/commits/cm-14.1
and also applies 2 of them to 15.1
Signed-off-by: Tad <tad@spotco.us>
2022-09-11 14:02:35 -04:00
Tad
df3db92d5a
Churn
...
Signed-off-by: Tad <tad@spotco.us>
2022-09-10 22:09:18 -04:00
Tad
e2b314da3c
15.1+16.0: September 2022 ASB picks
...
16.0 backports thanks to MSe1969 as usual:
https://github.com/lin16-microg/android_system_bt/commits/lineage-16.0 - last 3 commits
https://github.com/lin16-microg/android_frameworks_base/commits/lineage-16.0 - last 4 commits
https://github.com/lin16-microg/android_external_expat/commits/lineage-16.0 - last 4 commits
Signed-off-by: Tad <tad@spotco.us>
2022-09-10 18:32:25 -04:00
Tad
e5eb67f77d
Picks
...
Signed-off-by: Tad <tad@spotco.us>
2022-09-08 16:07:23 -04:00
Tad
2bc43f195c
Update CVE patchers
...
Signed-off-by: Tad <tad@spotco.us>
2022-09-07 10:04:28 -04:00
Tad
b6e9f50cb5
Update CVE patchers
...
Signed-off-by: Tad <tad@spotco.us>
2022-09-04 14:05:36 -04:00
Tad
5fe5a4f898
Compile fixes
...
Signed-off-by: Tad <tad@spotco.us>
2022-08-29 14:26:47 -04:00
Tad
e9f124b52d
Fixup
...
Signed-off-by: Tad <tad@spotco.us>
2022-08-27 15:14:07 -04:00
Tad
86ed884251
More verification
...
Signed-off-by: Tad <tad@spotco.us>
2022-08-26 23:14:15 -04:00
Tad
3618774d9f
GPG verification for all platform repositories
...
Signed-off-by: Tad <tad@spotco.us>
2022-08-26 22:40:27 -04:00
Tad
7854c05aa4
Fixup
...
Signed-off-by: Tad <tad@spotco.us>
2022-08-26 20:09:50 -04:00
Tad
da15dc05d5
Fixup
...
Signed-off-by: Tad <tad@spotco.us>
2022-08-26 14:00:52 -04:00
Tad
adb61b0fb2
Update CVE patchers
...
Signed-off-by: Tad <tad@spotco.us>
2022-08-26 12:15:45 -04:00
Tad
c97f8a1b6a
Only enable CONFIG_DEBUG_NOTIFIERS on kernels <=4.9
...
OnePlus 9 failed boot kernel log points to this.
GrapheneOS noted this as an inherent issue on the Pixel 4 and 5 too.
Signed-off-by: Tad <tad@spotco.us>
2022-08-25 15:20:28 -04:00
Tad
4bfedbc42d
Fixup and enable GPG verification
...
Signed-off-by: Tad <tad@spotco.us>
2022-08-24 15:52:55 -04:00
Tad
d8d8e457a1
Update CVE patchers
...
Signed-off-by: Tad <tad@spotco.us>
2022-08-21 10:44:12 -04:00
Tad
6502a36cf1
Fixup
...
These scripts aren't expected to be run from a workspace
Signed-off-by: Tad <tad@spotco.us>
2022-08-15 16:40:32 -04:00
Tad
7918347d1c
Updates
...
- Add a script to update commons like APNs, VVM configs, and contributors cloud
- Add the latest contributors cloud to all branches
- Update wireless-regdb to 2022.08.12 release
- Add some shell opts to some scripts
Signed-off-by: Tad <tad@spotco.us>
2022-08-15 16:37:42 -04:00
Tad
a78f9217c6
Fixes
...
Signed-off-by: Tad <tad@spotco.us>
2022-08-14 19:56:28 -04:00
Tad
cf019edef9
Fixes
...
Signed-off-by: Tad <tad@spotco.us>
2022-08-13 18:54:50 -04:00
Tad
ebdf629cbc
15.1 ASB work
...
Compile tested
Signed-off-by: Tad <tad@spotco.us>
2022-08-12 21:10:31 -04:00
Tad
8b67d5c41e
Update CVE patchers
...
Signed-off-by: Tad <tad@spotco.us>
2022-08-10 22:02:37 -04:00
Tad
40d7fac99a
Churn
...
https://github.com/voron00/android_kernel_lge_mako/pull/1
Signed-off-by: Tad <tad@spotco.us>
2022-08-10 10:57:49 -04:00
Tad
12c56938cb
Improve CVE-2021-1048 patching on 3.x kernels
...
It is still actively being used by malware.
This largely handles 3.0, 3.4, and 3.10 kernels.
It works for select 3.18 kernels too.
TODO: need alternate get_file_rcu backport for the following:
15.1/lge_msm8996
15.1/zte_msm8996
16.0/xiaomi_msm8937
17.1/motorola_msm8996
18.1/google_marlin
18.1/lge_msm8996
18.1/oneplus_msm8996
Signed-off-by: Tad <tad@spotco.us>
2022-08-09 21:39:25 -04:00
Tad
b4f17b39cd
Make available some additional scripts
...
Signed-off-by: Tad <tad@spotco.us>
2022-08-09 18:50:49 -04:00
Tad
c69d8aec8b
Add the wallpaper resize script
...
Should probably be moved into a separate branding repo later
Signed-off-by: Tad <tad@spotco.us>
2022-08-09 13:42:08 -04:00
Tad
4d9a110970
Pick
...
Signed-off-by: Tad <tad@spotco.us>
2022-08-08 18:47:17 -04:00
Tad
0ffbe79e1a
FP4 + Churn
...
Signed-off-by: Tad <tad@spotco.us>
2022-08-08 15:02:14 -04:00
Tad
e0b57197ea
Churn
...
Signed-off-by: Tad <tad@spotco.us>
2022-08-06 11:30:49 -04:00
Tad
31a67f054d
Update CVE patchers
...
Signed-off-by: Tad <tad@spotco.us>
2022-08-04 11:12:40 -04:00
Tad
933f33ba6b
Cherrypicks
...
Signed-off-by: Tad <tad@spotco.us>
2022-08-04 09:57:11 -04:00
Tad
162f4f450a
19.1: add FP4
...
Signed-off-by: Tad <tad@spotco.us>
2022-08-03 12:45:26 -04:00
Tad
0d8ab187e3
Revert past two commits
...
Disabling extended sizes classes does not appear to have the savings it does on desktop.
Disabling the quarantine isn't acceptable given that default scudo implements it
2022-08-03 00:24:39 -04:00
Tad
005ef7882a
Fixup a00fa234
...
This variant passess all tests instead of failing six tests
Signed-off-by: Tad <tad@spotco.us>
2022-08-02 22:52:42 -04:00
Tad
a00fa2349e
Switch to a memory efficient hardened_malloc variant
...
This should help 64-bit devices with <4GB RAM substantially, at reduced hardening.
clark for example only has 2.5GB of usable memory and idles at 1.6GB used.
After this change, idle usage drops to 1.1GB!
Signed-off-by: Tad <tad@spotco.us>
2022-08-02 20:29:10 -04:00
Tad
178f01958d
Cherrypicks
...
Signed-off-by: Tad <tad@spotco.us>
2022-08-02 19:39:09 -04:00
Tad
2b299c1aff
Update CVE patchers
...
Signed-off-by: Tad <tad@spotco.us>
2022-07-21 21:28:26 -04:00
Tad
a9d90a06b9
Pick
...
Signed-off-by: Tad <tad@spotco.us>
2022-07-15 11:03:41 -04:00
Tad
c08ce75b03
Churn
...
Signed-off-by: Tad <tad@spotco.us>
2022-07-13 10:01:32 -04:00
Tad
717caac5c6
Churn
...
Signed-off-by: Tad <tad@spotco.us>
2022-07-11 18:17:51 -04:00
Tad
1d64c759a5
Fixes
...
Signed-off-by: Tad <tad@spotco.us>
2022-07-10 00:31:44 -04:00
Tad
d3632c25ce
Update CVE patchers
...
Signed-off-by: Tad <tad@spotco.us>
2022-07-07 21:47:59 -04:00
Tad
22f915cc3e
Cherrypicks
...
Signed-off-by: Tad <tad@spotco.us>
2022-07-07 18:59:37 -04:00
Tad
1165450d18
Fixup
...
Signed-off-by: Tad <tad@spotco.us>
2022-07-07 01:53:45 -04:00
Tad
f07f288e3a
Add a toggle for Monet themeing, credit GrapheneOS
...
Signed-off-by: Tad <tad@spotco.us>
2022-07-06 21:13:40 -04:00
Tad
2c27a88a24
Update CVE patchers
...
Signed-off-by: Tad <tad@spotco.us>
2022-07-06 19:22:21 -04:00
Tad
7b8ef09540
Update CVE patchers
...
Effectively no changes
Signed-off-by: Tad <tad@spotco.us>
2022-07-04 18:30:09 -04:00
Tad
d79d1fcba3
19.1: More promotions
...
Signed-off-by: Tad <tad@spotco.us>
2022-07-01 14:17:18 -04:00
Tad
ac645dd62e
Update CVE patchers
...
Signed-off-by: Tad <tad@spotco.us>
2022-06-28 11:32:05 -04:00
Tad
519a474173
Update CVE patchers
...
Signed-off-by: Tad <tad@spotco.us>
2022-06-19 22:44:05 -04:00
Tad
4e09464e86
Pick
...
Signed-off-by: Tad <tad@spotco.us>
2022-06-15 17:17:47 -04:00
Tad
11b9ae5bc4
Churn
...
Signed-off-by: Tad <tad@spotco.us>
2022-06-13 21:24:08 -04:00
Tad
d58279e054
Update wireless-regdb to 2022.06.06 release
...
Signed-off-by: Tad <tad@spotco.us>
2022-06-11 10:17:25 -04:00
Tad
70b8485695
Update CVE patchers
...
Signed-off-by: Tad <tad@spotco.us>
2022-06-09 17:59:48 -04:00
Tad
c092b13a44
Restore star*lte
...
Signed-off-by: Tad <tad@spotco.us>
2022-06-08 22:55:00 -04:00
Tad
2bf84a7643
Increase default max password length to 64, credit GrapheneOS
...
Closes https://github.com/Divested-Mobile/DivestOS-Build/pull/119
Closes https://github.com/Divested-Mobile/DivestOS-Build/issues/27
Signed-off-by: Tad <tad@spotco.us>
2022-06-07 15:33:38 -04:00
Tad
492b6ba291
Tweaks
...
Exempt the Fused Location Provider:
5f19508083
Bring the hardened malloc camera workaround in tree, it was dropped upstream
Signed-off-by: Tad <tad@spotco.us>
2022-06-07 15:06:25 -04:00
Tad
27f8663b00
Tweak
...
Signed-off-by: Tad <tad@spotco.us>
2022-06-06 16:58:55 -04:00
Tad
697bed18fb
17.1+18.1: Drop all devices working on 19.1
...
Signed-off-by: Tad <tad@spotco.us>
2022-06-04 14:26:44 -04:00
Tad
1f41b1c498
Churn
...
Signed-off-by: Tad <tad@spotco.us>
2022-06-04 12:55:32 -04:00
Tad
899ea17d4e
Add the missing page sanitization to 3.18 kernels
...
All along they only had slub sanization :(
Signed-off-by: Tad <tad@spotco.us>
2022-06-04 12:00:01 -04:00
Tad
3da5613dfc
Add unconditional burnin protection on 18.1 and 19.1, credit @arter97
...
Also skip the power on animation on 19.1, credit @kdrag0n
Signed-off-by: Tad <tad@spotco.us>
2022-06-04 10:54:11 -04:00
Tad
5df4058a15
Chrun
...
Signed-off-by: Tad <tad@spotco.us>
2022-06-03 15:14:35 -04:00
Tad
92c66447f8
Drop slub_debug
...
What is lost?
- sanity checks and redzoning on all devices
- redzoning reportedly however causes issues on some devices such as the Pixel 3/4 and OnePlus 7
- slub sanization on 3.0, 3.4, 4.4 (except google/wahoo), xiaomi/sm6150, and oneplus/sm7250
Note: all 3.4+ devices still have page sanization
Signed-off-by: Tad <tad@spotco.us>
2022-06-03 13:58:17 -04:00
Tad
d3cb12b41b
Skip adding slub_debug=P where not needed
...
Signed-off-by: Tad <tad@spotco.us>
2022-06-03 13:39:08 -04:00
Tad
da63c9e571
Various small patches
...
7408144e1b
> extend Network/Sensors permission handling for legacy apps not targeting Android 6
> or above (API 23) to resolve a UI issue where the user choosing to grant the
> Network/Sensors permissions via the legacy permission review interface doesn't
> appear in the Settings app info page
22d32cb61b
suppresses https://github.com/Divested-Mobile/DivestOS-Build/discussions/112
66f406b979
3f69205d06
nice to have
Signed-off-by: Tad <tad@spotco.us>
2022-06-02 23:17:05 -04:00
Tad
e6a7cd6a14
Tiny fix
...
Signed-off-by: Tad <tad@spotco.us>
2022-06-02 21:48:48 -04:00
Tad
aa61367ace
Tweaks
...
- Disable slub_debug=P for devices with INIT_ON_ALLOC/FREE_DEFAULT_ON
- Disable slub_debug=Z due to known breakage
- Disable many debug options on Linux 4.x and up
- 19.1: fixup missing manifests for vayu :\
Signed-off-by: Tad <tad@spotco.us>
2022-06-02 17:13:20 -04:00
Tad
0eaca57fa6
19.1: Add OnePlus 8 and 9 series
...
Signed-off-by: Tad <tad@spotco.us>
2022-06-02 11:52:58 -04:00
Tad
0b4c829b74
Fixes
...
Signed-off-by: Tad <tad@spotco.us>
2022-06-01 07:45:19 -04:00
Tad
6d95c231bc
Update CVE patchers
...
Signed-off-by: Tad <tad@spotco.us>
2022-05-31 21:29:22 -04:00
Tad
1132b40666
19.1: add alioth, lmi, and vayu
...
Signed-off-by: Tad <tad@spotco.us>
2022-05-31 19:45:44 -04:00
Tad
735c9e0de8
Revert 5d57bf13
...
I don't trust enabling MODULES won't cause weird inane breakage on these legacy devices
Signed-off-by: Tad <tad@spotco.us>
2022-05-27 23:46:57 -04:00
Tad
5d57bf13c4
Compile fixes
...
The backported fix for CVE-2021-39713 requires CONFIG_MODULES=y
MODULES is default enabled, but some kernels are mutilated and break with it on
Signed-off-by: Tad <tad@spotco.us>
2022-05-26 22:36:22 -04:00
Tad
28724c4a6e
Update CVE patchers
...
Signed-off-by: Tad <tad@spotco.us>
2022-05-25 22:52:22 -04:00
Tad
2c4caa30a1
Update CVE patchers
...
Signed-off-by: Tad <tad@spotco.us>
2022-05-24 00:36:49 -04:00
Tad
de781e9921
Tweaks
...
Signed-off-by: Tad <tad@spotco.us>
2022-05-23 23:15:27 -04:00
Tad
91953c0a45
Remove more blobs
...
Signed-off-by: Tad <tad@spotco.us>
2022-05-21 13:42:51 -04:00
Tad
1ffaf7fe51
Fix
...
Signed-off-by: Tad <tad@spotco.us>
2022-05-20 17:16:51 -04:00
Tad
e8bc36af04
Update CVE patchers
...
Signed-off-by: Tad <tad@spotco.us>
2022-05-20 17:16:29 -04:00
Tad
e5b0a6a429
Make ZRAM great again
...
Signed-off-by: Tad <tad@spotco.us>
2022-05-18 23:04:01 -04:00
Tad
1ea1ce9bc2
Churn
...
Signed-off-by: Tad <tad@spotco.us>
2022-05-18 12:49:54 -04:00
Tad
991e4c0642
Revert "Revert b5224f0"
...
I've triple checked that calls/data work fine without these blobs
and also have another report from walleye as the same.
I have no idea what is happening to those who have SIM issues.
This reverts commit dc392b17b6
.
2022-05-17 18:42:38 -04:00
Tad
dc392b17b6
Revert b5224f0
...
Calling and data is tested working on my taimen
But there are multiple reports that say otherwise
Signed-off-by: Tad <tad@spotco.us>
2022-05-17 10:48:28 -04:00
Tad
df4631a493
Churn
...
Signed-off-by: Tad <tad@spotco.us>
2022-05-15 19:14:55 -04:00
Tad
64b4bbe075
Disable older devices tested/reported working on 19.1
...
Signed-off-by: Tad <tad@spotco.us>
2022-05-15 13:16:36 -04:00
Tad
3114ca7157
19.1: Add the Private DNS presets
...
Signed-off-by: Tad <tad@spotco.us>
2022-05-14 22:34:17 -04:00
Tad
05930af014
Various changes
2022-05-14 21:40:50 -04:00
Tad
3e7b657295
Tweaks
...
Signed-off-by: Tad <tad@spotco.us>
2022-05-13 19:47:43 -04:00
Tad
7a168302cf
19.1: Location indicator exemptions
...
Credit/References:
26ddac7988
7370657f85
37e2a4e0bc
a5d43c0157
ac60a2117e
Signed-off-by: Tad <tad@spotco.us>
2022-05-12 23:25:21 -04:00
Tad
bf7c06105c
Update CVE patchers
...
Signed-off-by: Tad <tad@spotco.us>
2022-05-12 22:13:06 -04:00
Tad
4dbab20c06
Churn
...
Signed-off-by: Tad <tad@spotco.us>
2022-05-10 15:32:13 -04:00
Tad
9286bdd258
Update CVE patchers
...
Signed-off-by: Tad <tad@spotco.us>
2022-05-10 15:02:03 -04:00
Tad
c4400a9a6f
Pick
...
Signed-off-by: Tad <tad@spotco.us>
2022-05-09 22:16:00 -04:00
Tad
1f807b843f
Split
...
Signed-off-by: Tad <tad@spotco.us>
2022-05-09 14:37:22 -04:00
Tad
675b1a5da0
Churn
...
Signed-off-by: Tad <tad@spotco.us>
2022-05-09 12:56:03 -04:00
Tad
df398fd6f5
Various
...
Signed-off-by: Tad <tad@spotco.us>
2022-05-07 20:22:49 -04:00
Tad
bc0a9f79b3
19.1: replace OpenCamera with official prebuilt GrapheneOS Camera
...
Benefits over OpenCamera
- QR scanner
- no broken panoroma option
- much simpler and cleaner "just works" interface
- selfie self illumination option, try it!
TODO: consider adding to 17.1 and 18.1
Signed-off-by: Tad <tad@spotco.us>
2022-05-07 20:22:36 -04:00
Tad
4edfa56f1a
Tiny tweak
...
Signed-off-by: Tad <tad@spotco.us>
2022-05-04 11:52:22 -04:00
Tad
b2eb3c01b4
Update CVE patchers
...
Newly added CVE-2022-20009 is dupe with CVE-2022-25258 and CVE-2022-25375
Signed-off-by: Tad <tad@spotco.us>
2022-05-03 23:33:17 -04:00
Tad
9c549763a4
Tiny tweak
...
Signed-off-by: Tad <tad@spotco.us>
2022-05-03 21:11:05 -04:00
Tad
b5224f0c79
Remove the Google carrier blobs
...
These were previously removed, and added back after a false report of breakage.
Data and VoLTE tested working on taimen
Signed-off-by: Tad <tad@spotco.us>
2022-05-03 14:28:51 -04:00
Tad
e38aff581e
Small tweaks
...
- Remove some more blobs
- 19.1: disable FP animation (jesec)
- 18.1: mata: allow major upgrades (to 19.1) (Updater patch by erfanoabdi)
- mata: disable Vulkan, it doesn't work
Signed-off-by: Tad <tad@spotco.us>
2022-05-02 15:04:12 -04:00
Tad
8491016b84
19.1: add mata, cheeseburger, dumpling
...
Signed-off-by: Tad <tad@spotco.us>
2022-05-01 10:45:33 -04:00
Tad
65883d9bc4
2022
...
Signed-off-by: Tad <tad@spotco.us>
2022-05-01 01:13:49 -04:00
Tad
0086d97848
Put back slub_debug=Z
...
Was removed for testing purposes in bfa18cb1
Signed-off-by: Tad <tad@spotco.us>
2022-04-30 14:35:27 -04:00
Tad
52c3a55140
Another kernel compile fix
...
Signed-off-by: Tad <tad@spotco.us>
2022-04-29 19:34:34 -04:00
Tad
1b6f6909ad
Fix compile on some kernels
...
Signed-off-by: Tad <tad@spotco.us>
2022-04-29 17:25:23 -04:00
Tad
b337aef1bb
19.1: Disable kernel update for op6
...
While this works on 18.1, on 19.1 it causes breakage
opening a terminal emulator causes instant panic with no logs
Signed-off-by: Tad <tad@spotco.us>
2022-04-29 16:38:28 -04:00
Tad
e3ff62cda1
FIX
...
Signed-off-by: Tad <tad@spotco.us>
2022-04-29 15:26:15 -04:00
Tad
bfa18cb176
defconfig tweaks
...
Signed-off-by: Tad <tad@spotco.us>
2022-04-29 14:02:29 -04:00
Tad
36fabeca42
Deblob manifest.xml
...
Reverts 766219aa
Fixes https://github.com/Divested-Mobile/DivestOS-Build/issues/55
Signed-off-by: Tad <tad@spotco.us>
2022-04-29 09:44:36 -04:00
Tad
9875334547
Churn
...
Signed-off-by: Tad <tad@spotco.us>
2022-04-28 20:17:13 -04:00
Tad
5fb67c45ae
19.1: add cheryl
...
Signed-off-by: Tad <tad@spotco.us>
2022-04-28 19:57:49 -04:00
Tad
edfbb8b063
Further ensure oem unlock toggle is available
...
Signed-off-by: Tad <tad@spotco.us>
2022-04-28 08:30:54 -04:00
Tad
766219aabd
Don't remove source built ClearKey DRM
...
Breaks some Chromium browsers like Brave and Kiwi
Signed-off-by: Tad <tad@spotco.us>
2022-04-28 08:04:28 -04:00
Tad
e9aa53b640
19.1: add guacamoleb
...
skipping 18.1
Signed-off-by: Tad <tad@spotco.us>
2022-04-27 08:35:48 -04:00
Tad
3316cc4824
Update CVE patchers
...
Signed-off-by: Tad <tad@spotco.us>
2022-04-27 07:46:22 -04:00
Tad
3457fd4151
Device cleanup
...
Drop long non-compiling devices:
- 14.1: n7100, jellypro
- 15.1: himaul, oneplus2
- 16.0: zenfone3, fugu
- 17.1: yellowstone, fugu
- 18.1: bonito, sargo
Drop in favor of 19.1:
- 17.1: bonito, sargo
- 18.1: pro1, aura, sunfish, coral, flame, bramble, redfin
(experimental, but these devices don't currently appear to have any users)
Signed-off-by: Tad <tad@spotco.us>
2022-04-26 15:19:57 -04:00
Tad
13a9997a0c
19.1: aura and beryllium + some fixes
...
Signed-off-by: Tad <tad@spotco.us>
2022-04-26 11:41:28 -04:00
Tad
4f64f7538c
19.1: Add toggle for /etc/hosts
...
Signed-off-by: Tad <tad@spotco.us>
2022-04-20 22:45:12 -04:00
Tad
9a6c7a2684
18.1: Add toggle for /etc/hosts
...
TODO: 19.1 and maybe 17.1
Tested working on klte/18.1
Signed-off-by: Tad <tad@spotco.us>
2022-04-20 16:40:22 -04:00
Tad
1f721c7845
Further credit patches
...
Signed-off-by: Tad <tad@spotco.us>
2022-04-19 23:52:10 -04:00
Tad
18e97c565d
19.1: missed hosts work
...
Signed-off-by: Tad <tad@spotco.us>
2022-04-19 23:28:05 -04:00
Tad
c5b1cc9a35
Simplify 8e3f0438
...
Signed-off-by: Tad <tad@spotco.us>
2022-04-19 20:23:53 -04:00
Tad
e666a4a891
Update CVE patchers
...
TODO: maybe split CVE-2022-23960/4.9 to get back?
Signed-off-by: Tad <tad@spotco.us>
2022-04-19 14:38:44 -04:00
Tad
8e3f043820
Warn when running activity from 32 bit app on ARM64 devices.
...
https://android-review.googlesource.com/c/platform/frameworks/base/+/2003790/
https://github.com/GrapheneOS/platform_frameworks_base/pull/182
Signed-off-by: Tad <tad@spotco.us>
2022-04-19 12:00:22 -04:00
Tad
d4dceffa60
Update supported kernels to latest wireless regulations database
...
Applies for ~43 kernel trees
Source: wireless-regdb-2022.04.08
Signed-off-by: Tad <tad@spotco.us>
2022-04-19 11:30:57 -04:00
Tad
163a162568
Fix boot animation + churn
...
Signed-off-by: Tad <tad@spotco.us>
2022-04-18 23:04:24 -04:00
Tad
0e1266ac1f
Drop Silence
...
Signed-off-by: Tad <tad@spotco.us>
2022-04-16 18:53:00 -04:00
Tad
4b6a86a473
Add missing device variants
...
Signed-off-by: Tad <tad@spotco.us>
2022-04-14 19:47:21 -04:00
Tad
be6b03fe96
Churn
...
Signed-off-by: Tad <tad@spotco.us>
2022-04-13 14:54:08 -04:00
Tad
486e358050
More (disabled) lowram tweaks for <2GB devices
...
The inprocess variants make very little reduction and likely reduce security.
Signed-off-by: Tad <tad@spotco.us>
2022-04-12 20:25:26 -04:00
Tad
42c9d22de9
Default disable exec spawning
...
Change the property too, so it takes effect next update.
Since 16.0 lacks a toggle, this effectively disables the feature for it.
Even devices with 4GB of RAM have usability severely impacted.
Plus some other tweaks/churn
Signed-off-by: Tad <tad@spotco.us>
2022-04-12 17:58:04 -04:00
Tad
81d9923cda
Don't disable scudo on lowram devices
...
Signed-off-by: Tad <tad@spotco.us>
2022-04-12 15:01:05 -04:00
Tad
30de608a61
Update CVE patchers
...
Signed-off-by: Tad <tad@spotco.us>
2022-04-12 02:51:44 -04:00
Tad
d078b24ddb
lowram tweaks
...
Signed-off-by: Tad <tad@spotco.us>
2022-04-11 23:40:26 -04:00
Tad
293a4d12f4
Churn
...
Signed-off-by: Tad <tad@spotco.us>
2022-04-10 21:20:55 -04:00
Tad
d50a3a043b
Switch 16.0/17.1/18.1 to the more robust GrapheneOS sensors permission patchset
...
Like done for 19.1
Signed-off-by: Tad <tad@spotco.us>
2022-04-10 21:12:03 -04:00
Tad
0895190ffa
Icon cache fix
...
Lineage overhauled icons and old ones are still showing
Signed-off-by: Tad <tad@spotco.us>
2022-04-10 18:40:12 -04:00
Simon Brand
882c3083c5
Remove duplicte line in Enable_Verity.sh
2022-04-10 16:38:03 +00:00
Tad
5431edd85b
Fix boot issues on select devices after recent AVB changes
...
alioth, beryllium, davinci, vayu were tested working without this
lavender however would not boot
lmi was not tested
lavender, unlocked, managed to get into some weird broken state
that won't even boot after this, not even with Lineage or TWRP
:(
enchilada/fajita 18.1 use stock vendor and don't boot either
enchilada is tested booting again after this
Signed-off-by: Tad <tad@spotco.us>
2022-04-09 18:27:48 -04:00
Tad
f747fb36e5
Various
...
Signed-off-by: Tad <tad@spotco.us>
2022-04-08 16:55:30 -04:00
Tad
7da114e755
Tweaks
...
Signed-off-by: Tad <tad@spotco.us>
2022-04-07 11:01:27 -04:00
Tad
a9e250afd9
Cleanup
...
Signed-off-by: Tad <tad@spotco.us>
2022-04-07 00:37:20 -04:00
Tad
258fe8389b
Adjust quick tiles for 12
...
Signed-off-by: Tad <tad@spotco.us>
2022-04-06 22:30:56 -04:00
Tad
fd835ca492
Fixup 5a3c64c1
...
Signed-off-by: Tad <tad@spotco.us>
2022-04-06 21:46:49 -04:00
Tad
2de5521a7c
Keystore fix from GrapheneOS
...
See:
https://nitter.net/GrapheneOS/status/1510736425259573249
https://github.com/Divested-Mobile/DivestOS-Build/discussions/46#discussioncomment-2520009
Signed-off-by: Tad <tad@spotco.us>
2022-04-06 21:10:26 -04:00
Tad
5a3c64c178
19.1: oneplus/sdm845: 4.9.227 -> 4.9.282
...
Just like 18.1
also .282 is the latest qc/4.9 sadly
AOSP/4.9 can be merged but has charging related tweaks that might break things
Broken:
drivers/char/diag/diagmem.c:184:11: error: cast to smaller integer type 'int' from 'void *'
Signed-off-by: Tad <tad@spotco.us>
2022-04-06 21:09:43 -04:00
Tad
75f3bfd5d0
19.1: More work
...
Signed-off-by: Tad <tad@spotco.us>
2022-04-06 17:09:14 -04:00
Tad
2d7a34a27d
19.1: Initial roster
...
Signed-off-by: Tad <tad@spotco.us>
2022-04-06 17:04:59 -04:00
Tad
c5477f31dc
FIX
...
Signed-off-by: Tad <tad@spotco.us>
2022-04-06 16:30:04 -04:00
Tad
18c840222b
Simplify: always nochain
...
Signed-off-by: Tad <tad@spotco.us>
2022-04-06 15:45:20 -04:00
Tad
b026a7811c
Actually enforce AVB + signing fixes
...
- Turns out AVB was set permissive this entire time :(
--flags 2 == VERIFICATION_DISABLED
- APEX support from GrapheneOS
- Disable vbmeta chaining like GrapheneOS
and optionally handle it like CalyxOS
taimen 19.1 boots with locked bootloader successfully after this
Signed-off-by: Tad <tad@spotco.us>
2022-04-06 15:16:12 -04:00
Tad
d1e441e4cb
19.1: More work
...
- Adds hosts cache and wildcard support back
- Fixes broken hardened malloc enablement patch
- Drops FDroidPrivExt, non-functional
- Disables captive portal toggle patch, crashes Settings, needs rework
- Rebranding work
- Attempts to fix no boot animation
Signed-off-by: Tad <tad@spotco.us>
2022-04-06 02:32:33 -04:00
Tad
3a0659b9d8
19.1: more work, it compiles and boots!
...
- Add the manifest
- Add Pixel 2 series
- Add some missing patches
- More DNS files
- Drop Silence in 19.1
Signed-off-by: Tad <tad@spotco.us>
2022-04-05 23:44:15 -04:00
Tad
1705545d22
19.1: Initial bringup
...
TODO:
- manifest
- devices
- a few small patches to rebase
Signed-off-by: Tad <tad@spotco.us>
2022-04-05 00:44:19 -04:00
Tad
b464106cc5
Update CVE patchers
...
Signed-off-by: Tad <tad@spotco.us>
2022-04-04 15:51:23 -04:00
Tad
deb183d273
Tiny fix
...
One of these might not be necessary
Signed-off-by: Tad <tad@spotco.us>
2022-04-03 17:33:20 -04:00
Tad
1b83b96807
Simplify
...
Signed-off-by: Tad <tad@spotco.us>
2022-04-02 15:15:30 -04:00
Tad
6c5a65622c
Page sanitization improvements
...
This ensures init_on_alloc/free is used instead of page poisioning where available.
3.4 through 3.18 have a patch without a toggle for page sanitization.
Signed-off-by: Tad <tad@spotco.us>
2022-04-02 12:57:17 -04:00
Tad
01900ca1c6
Reverts
...
WebView overlay is breaking boot on 15.1???
This reverts commit e61e288b4a
.
2022-04-01 17:07:27 -04:00
Tad
3f9b346345
Fix boot breakage
...
On devices with quota enabled and impacted by this patch
Signed-off-by: Tad <tad@spotco.us>
2022-04-01 10:30:30 -04:00
Tad
e1f5d99e51
Fixes
...
Signed-off-by: Tad <tad@spotco.us>
2022-04-01 08:16:28 -04:00
Tad
987122f99e
Churn
...
Signed-off-by: Tad <tad@spotco.us>
2022-04-01 02:12:34 -04:00
Tad
8dbdc0f31e
Enable Clang's -ftrivial-auto-var-init=zero on 17.1
...
Just like Android 11+
Signed-off-by: Tad <tad@spotco.us>
2022-03-31 22:04:50 -04:00
Tad
e26908b9e0
Update CVE patchers
...
Signed-off-by: Tad <tad@spotco.us>
2022-03-31 21:30:56 -04:00
Tad
e2c499dd24
Enable Clang's -ftrivial-auto-var-init=zero on supported kernels
...
Signed-off-by: Tad <tad@spotco.us>
2022-03-31 21:00:31 -04:00
Tad
256df737a3
Don't set device name as DHCP hostname
...
Signed-off-by: Tad <tad@spotco.us>
2022-03-31 18:46:21 -04:00
Tad
90420610f0
Tiny tweak
...
Signed-off-by: Tad <tad@spotco.us>
2022-03-30 10:46:37 -04:00
Tad
f481055ae9
Add the GrapheneOS always randomize MAC option to 17.1 and 18.1
...
The DHCP state patch was backported to 17.1
Signed-off-by: Tad <tad@spotco.us>
2022-03-29 22:27:09 -04:00
Tad
09834b568f
Disable USAP when exec_spawning patchset is enabled
...
It seems to increase memory usage and its interactions are unknown
Signed-off-by: Tad <tad@spotco.us>
2022-03-29 22:26:23 -04:00
Tad
1bbb6f9b4e
Fix and enable exec_spawning feature
...
This is the missing puzzle piece :)
Signed-off-by: Tad <tad@spotco.us>
2022-03-28 22:02:52 -04:00
Tad
19b03c9ff4
Update CVE patchers
...
Signed-off-by: Tad <tad@spotco.us>
2022-03-28 17:43:48 -04:00
Tad
8a03e46c7e
Add the exec-spawning toggle from GrapheneOS
...
Tested working on 18.1/klte
TODO: backport to 16.0
Signed-off-by: Tad <tad@spotco.us>
2022-03-28 16:14:37 -04:00
Tad
a3266de8df
Tiny fix
...
Signed-off-by: Tad <tad@spotco.us>
2022-03-21 18:25:48 -04:00