Tad
d53a4f4e41
Update CVE patchers
...
- Drop tcp_sack=0 sysctl, as most devices are now patched
2020-10-12 18:38:07 -04:00
Tad
f5462dd23c
Minor tweaks
2020-05-13 17:38:39 -04:00
Tad
09b38c1f04
marlin/sailfish: fix MediaProvider using 100% CPU
...
- by disabling mtp over functionfs
- affects both GrapheneOS and LineageOS
- might need to be applied to other devices
[pid 2482] ppoll([{fd=42, events=POLLIN}, {fd=51, events=POLLIN}], 2, {tv_sec=0, tv_nsec=0}, NULL, 0) = 0 (Timeout)
lrwx------ 1 u0_a13 u0_a13 64 2019-09-05 18:47 42 -> /dev/usb-ffs/mtp/ep0
lrwx------ 1 u0_a13 u0_a13 64 2019-09-05 18:47 51 -> anon_inode:[eventfd]
https://forum.xda-developers.com/android/help/pixel2-help-diagnose-android-process-t3863274
https://bugs.chromium.org/p/chromium/issues/detail?id=947901
2019-09-06 09:38:01 -04:00
Tad
330df0983c
16.0: Add GrapheneOS' exec-based spawning feature + misc tweaks
...
- patch credit updates
- 16.0: allow SystemUI to directly manage Bluetooth/WiFi
- from GrapheneOS
- cleanup
2019-08-30 02:30:13 -04:00
Tad
057bedb65b
Minor tweaks
...
- 14.1+15.1+16.0: enable kernel protections for files
- protected_*: hardlinks, symlinks, fifos, regular
- from GrapheneOS
- defconfig: enable more verity options
- cleanup
2019-08-28 20:24:59 -04:00
Tad
db348ab09c
Minor tweaks
...
- 15.1+16.0: Replace in-line build signing patch with bash function
- From GrapheneOS/script
- 15.1+16.0: Enable fingerprint failed lockout after 5 attempts
- From GrapheneOS
2019-08-28 00:40:27 -04:00
Tad
6458d6785f
Enable IPv6 privacy extensions
2019-07-05 16:47:59 -04:00
Tad
c15105d945
Update CVE patchers
2019-06-17 23:26:38 -04:00
Tad
40d6db0326
divestos.xyz > divestos.org
2019-05-23 11:34:26 -04:00
Tad
974cc3b3f8
16.0: recovery has been updated
...
but leave it disabled because it doesn't boot
2019-04-04 23:33:10 -04:00
Tad
25cc717ec2
Use GrapheneOS' hardened memory allocator
...
+ 16.0: some other misc hardening patches from GrapheneOS
- always restrict access to Build.SERIAL
- don't grant location permission to system browsers
- fbe: pad filenames more
+ 16.0: Contacts: remove Privacy Policy and Terms of Service links
2019-04-04 01:07:58 -04:00
Tad
afe719ffc4
16.0: Initial bringup
...
- 14.1/15.1: Remove @ValdikSS' bluetooth patches
- 15.1: Cleanup
2019-03-04 02:45:54 -05:00
Tad
b9ff7a74e6
Updates and fixes
2019-02-12 16:09:41 -05:00
Tad
9178760d1a
Updater: Fix downloads over Tor
...
+ Update TODO
+ Minor tweaks
2019-02-08 20:58:15 -05:00
Tad
c27f226269
Properly fix network mode patch
2018-12-29 12:19:27 -05:00
Tad
0df749ef73
Add more preferred network modes such as LTE Only, LTE/3G only, and 3G only
2018-12-28 08:02:24 -05:00
Tad
776be6f992
Backport Updater Tor support patch to 14.1
2018-09-24 06:46:54 -04:00
Tad
08c65c8334
Patches to add captive portal check toggle from @MSe1969
2018-09-22 21:05:41 -04:00
Tad
642f978509
Experimental Bluetooth audio quailty improvement patches, credit @ValdikSS
2018-08-23 22:31:43 -04:00
Tad
4136ab17b8
Updates
2018-08-04 09:15:22 -04:00
Tad
94f1382077
Updates
2018-07-25 21:56:11 -04:00
Tad
1dc92478ed
Many changes
...
- Drop Copperhead patches
- More overlay work
2018-07-12 22:05:02 -04:00
Tad
79972d393c
DNM: WIP: Migrate to a proper vendor overlay for most changes
2018-07-12 21:27:01 -04:00
Tad
29ace39eb9
Fixup previous 2 commits + misc tweaks
2018-06-27 12:04:42 -04:00
Tad
5d4d12b324
14.1: Add back all devices that were moved to 15.1
2018-06-27 09:17:50 -04:00
Tad
746b695d6a
Deduplicate updater patches
2018-06-27 08:43:12 -04:00
Tad
e65234f8eb
Many changes
...
- Allow OTA server to be set from init.sh
- Fix link updating from Rebrand.sh
- Update CVE patchers
2018-06-26 21:47:45 -04:00
Tad
af9126ffcb
More deduplication
...
- Deduplicate Trebuchet default workspaces
- Deduplicate LatinIME patches
- Deduplicate SetupWizard assets
- And fix a typo with grouper overclock
2018-06-26 21:25:59 -04:00
Tad
f6cdc9426c
Many changes
...
- Remove proprietary audio enhancement blobs
- Remove AudioFX to prevent crashes after blobs are removed
- Deduplicate patches a bit with the new Patches/Common directory
- Switch boot animation shine generation from gradient to plasma
- Update submodules
2018-06-25 07:59:24 -04:00
Tad
3a3fe5aca9
Replace DNS patches with a function + some misc fixes
2018-06-24 01:27:33 -04:00
Tad
af94760587
Remove msm8992 overclocks
2018-06-23 00:23:34 -04:00
Tad
a0ce912d99
Add Provisioner repo to F-Droid and fixup previous deblobber changes
2018-06-17 19:42:17 -04:00
Tad
8eeafdd09f
Changes for trust_interface and other misc tweaks
2018-06-10 19:00:02 -04:00
Tad
eeba3fd873
Going the distance...
2018-06-03 14:13:59 -04:00
Tad
bf8f1e4d3d
More fixes and cleanup
2018-06-02 18:34:15 -04:00
Tad
2fb4b7f5f1
Add option to disable inclusion of microG
2018-06-02 17:37:21 -04:00
Tad
fe6f853746
mako: add back LTE support patch
2018-05-30 03:45:43 -04:00
Tad
f9f893a443
Hamper the ad/analytics libraries!
2018-05-21 05:28:07 -04:00
Tad
67db210756
Many changes
...
- 15.1: Fixup ether here too
- Change F-Droid application id to allow installation of official F-Droid side by side
- Remove FDroidPriv patch and use sed instead
- Optimize: Switch VM_MAX_READAHEAD to 512KB
- Misc tweaks
- Update TODO
2018-05-20 23:30:40 -04:00
Tad
966c9c8509
Change connectivity check URLs
2018-05-08 20:56:02 -04:00
Tad
e22d028cbd
Switch DNS back to OpenNIC for now
2018-05-08 16:04:41 -04:00
Tad
2054759724
Fix inclusion of LocalCalendar
2018-05-03 10:22:04 -04:00
Tad
ee6788df1e
Switch from OpenNIC to Cloudflare DNS
2018-05-03 07:38:32 -04:00
Tad
8220c2fd11
Prepare potential future inclusion of DNS66
2018-04-28 21:50:06 -04:00
Tad
b30c62629b
Revert "Strong AES patch changes"
...
This reverts commit 60b85e10fe
.
2018-04-28 15:35:53 -04:00
Tad
60b85e10fe
Strong AES patch changes
2018-04-28 15:25:42 -04:00
Tad
5f18a38e8f
15.1: Remove Lineage logo from recovery
2018-04-24 12:16:46 -04:00
Tad
f122ccb9f1
Many changes
...
- Disable patches with restrictive licenses by default
- Update LICENSE
- Fixup the fix for F-Droid building
- 15.1: Fix forceencrypt on mako
- 15.1: Fix crashes when accessing factory reset and development settings menus
on devices without support for factory reset protection or oem unlocking
2018-04-23 15:42:27 -04:00
Tad
28600556b4
Many changes
...
- Add a variable to control inclusion of patches under a restrictive license
- Fix F-Droid building
- Add a buildDeviceDebug function that disables signing
- Misc tweaks/cleanup
- 15.1: Revert trust_interface cherry picks until official
2018-04-23 08:44:50 -04:00
Tad
f041047983
15.1: Initial deny new usb support from CopperheadOS
...
This is an extremely powerful security feature with minimal downsides.
Original credit goes to Grsecurity
Android port goes to Copperhead
2018-04-22 11:35:56 -04:00