DivestOS

mirror of https://github.com/Divested-Mobile/DivestOS-Build.git synced 2024-10-01 01:35:54 -04:00

Author	SHA1	Message	Date
Tad	2c4caa30a1	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-05-24 00:36:49 -04:00
Tad	e8bc36af04	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-05-20 17:16:29 -04:00
Tad	c4400a9a6f	Pick Signed-off-by: Tad <tad@spotco.us>	2022-05-09 22:16:00 -04:00
Tad	b2eb3c01b4	Update CVE patchers Newly added CVE-2022-20009 is dupe with CVE-2022-25258 and CVE-2022-25375 Signed-off-by: Tad <tad@spotco.us>	2022-05-03 23:33:17 -04:00
Tad	9c549763a4	Tiny tweak Signed-off-by: Tad <tad@spotco.us>	2022-05-03 21:11:05 -04:00
Tad	65883d9bc4	2022 Signed-off-by: Tad <tad@spotco.us>	2022-05-01 01:13:49 -04:00
Tad	3316cc4824	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-04-27 07:46:22 -04:00
Tad	3457fd4151	Device cleanup Drop long non-compiling devices: - 14.1: n7100, jellypro - 15.1: himaul, oneplus2 - 16.0: zenfone3, fugu - 17.1: yellowstone, fugu - 18.1: bonito, sargo Drop in favor of 19.1: - 17.1: bonito, sargo - 18.1: pro1, aura, sunfish, coral, flame, bramble, redfin (experimental, but these devices don't currently appear to have any users) Signed-off-by: Tad <tad@spotco.us>	2022-04-26 15:19:57 -04:00
Tad	1f721c7845	Further credit patches Signed-off-by: Tad <tad@spotco.us>	2022-04-19 23:52:10 -04:00
Tad	e666a4a891	Update CVE patchers TODO: maybe split CVE-2022-23960/4.9 to get back? Signed-off-by: Tad <tad@spotco.us>	2022-04-19 14:38:44 -04:00
Tad	d4dceffa60	Update supported kernels to latest wireless regulations database Applies for ~43 kernel trees Source: wireless-regdb-2022.04.08 Signed-off-by: Tad <tad@spotco.us>	2022-04-19 11:30:57 -04:00
Tad	163a162568	Fix boot animation + churn Signed-off-by: Tad <tad@spotco.us>	2022-04-18 23:04:24 -04:00
Tad	4b6a86a473	Add missing device variants Signed-off-by: Tad <tad@spotco.us>	2022-04-14 19:47:21 -04:00
Tad	be6b03fe96	Churn Signed-off-by: Tad <tad@spotco.us>	2022-04-13 14:54:08 -04:00
Tad	42c9d22de9	Default disable exec spawning Change the property too, so it takes effect next update. Since 16.0 lacks a toggle, this effectively disables the feature for it. Even devices with 4GB of RAM have usability severely impacted. Plus some other tweaks/churn Signed-off-by: Tad <tad@spotco.us>	2022-04-12 17:58:04 -04:00
Tad	30de608a61	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-04-12 02:51:44 -04:00
Tad	f747fb36e5	Various Signed-off-by: Tad <tad@spotco.us>	2022-04-08 16:55:30 -04:00
Tad	a9e250afd9	Cleanup Signed-off-by: Tad <tad@spotco.us>	2022-04-07 00:37:20 -04:00
Tad	b464106cc5	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-04-04 15:51:23 -04:00
Tad	6c5a65622c	Page sanitization improvements This ensures init_on_alloc/free is used instead of page poisioning where available. 3.4 through 3.18 have a patch without a toggle for page sanitization. Signed-off-by: Tad <tad@spotco.us>	2022-04-02 12:57:17 -04:00
Tad	01900ca1c6	Reverts WebView overlay is breaking boot on 15.1??? This reverts commit `e61e288b4a`.	2022-04-01 17:07:27 -04:00
Tad	3f9b346345	Fix boot breakage On devices with quota enabled and impacted by this patch Signed-off-by: Tad <tad@spotco.us>	2022-04-01 10:30:30 -04:00
Tad	e26908b9e0	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-03-31 21:30:56 -04:00
Tad	19b03c9ff4	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-03-28 17:43:48 -04:00
Tad	a56e3a3016	Disable the bionic hardening patchset to fix boot issues 10+4 devices tested working with bionic hardening patches enabled but hammerhead and shamu do not boot... 2 of the patches were already found to have issues and disabled 3 other patches were ruled out: - Stop implicitly marking mappings as mergeable - Make __stack_chk_guard read-only at runtime - On 64-bit, zero the leading stack canary byte Leaves 11+1 patches remaining that need to be tested But I don't have either of the two known impacted devices. Signed-off-by: Tad <tad@spotco.us>	2022-03-19 16:19:00 -04:00
Tad	3207cde72e	Small tweaks Signed-off-by: Tad <tad@spotco.us>	2022-03-19 12:41:49 -04:00
Tad	09353cdcd2	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-03-18 00:07:18 -04:00
Tad	e61e288b4a	Optionally allow the official Bromite WebView to be used, credit @MSe1969 This also replaces the overrides for all versions And should allow the Google WebView on 14/15/16 And lastly only leaves the bundled version as default This is a merge of the LineageOS 14/15/16 and 17/18 overlay With the addition of the Bromite signature from @MSe1969 Signed-off-by: Tad <tad@spotco.us>	2022-03-14 22:59:40 -04:00
Tad	f65c7a4ccd	Tweaks Signed-off-by: Tad <tad@spotco.us>	2022-03-12 11:48:23 -05:00
Tad	015799737e	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-03-09 17:16:47 -05:00
Tad	4f75a8272a	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-03-09 11:59:30 -05:00
Tad	902239e2b5	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-03-08 23:20:43 -05:00
Tad	54dbcd9e43	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-03-07 19:12:10 -05:00
Tad	bda848a0a1	Fixup `057bedb6` Sadly this means the option was never enabled :( Note: these options are only available on 4.4+ kernels Signed-off-by: Tad <tad@spotco.us>	2022-03-06 23:05:13 -05:00
Tad	ac1e89f0c8	Update CVE patchers [the big fixup] This removes many duplicately or wrongly applied patches. Correctly removed: - CVE-2011-4132 can apply infinitely - CVE-2013-2891 can apply infinitely - CVE-2014-9781 can apply once to fb_cmap_to_user correctly and incorrectly to fb_copy_cmap - CVE-2015-0571 can apply incorrectly and was disabled in patch repo as a result - CVE-2016-2475 can apply infinitely - CVE-2017-0627 can apply infinitely - CVE-2017-0750 can apply infinitely - CVE-2017-14875 can apply infinitely - CVE-2017-14883 can apply infinitely - CVE-2020-11146 can apply infinitely - CVE-2020-11608 can apply infinitely - CVE-2021-42008 can apply infinitely Questionable (might actually be beneficial to "incorrectly" apply again): - CVE-2012-6544 can apply once to hci_sock_getsockopt correctly and incorrectly to hci_sock_setsockopt - CVE-2013-2898 can apply once to sensor_hub_get_feature correctly and incorrectly to sensor_hub_set_feature - CVE-2015-8575 can apply once to sco_sock_bind correctly and incorrectly to sco_sock_connect - CVE-2017-8281 can apply once to diagchar_ioctl correctly and incorrectly to diagchar_compat_ioctl - CVE-2019-10622 can apply once to qdsp_cvp_callback correctly and incorrectly to qdsp_cvs_callback - CVE-2019-14104 can apply once to cam_context_handle_start/stop_dev and incorrectly to cam_context_handle_crm_process_evt and cam_context_handle_flush_dev Other notes: - CVE-2016-6693 can be applied again if it was already applied in combination with CVE-2016-6696 then the dupe check will fail and mark CVE-2016-6696 as already applied, effectively reverting it. This was seemingly fixed with a hand merged patch in patch repo. Wrongly removed: - CVE-2013-2147 is meant for cciss_ioctl32_passthru but is detected in cciss_ioctl32_big_passthru - CVE-2015-8746 is meant for nfs_v4_2_minor_ops but is detected in nfs_v4_1_minor_ops - CVE-2021-Misc2/ANY/0043.patch is meant for WLANTL_RxCachedFrames but is detected in WLANTL_RxFrames Signed-off-by: Tad <tad@spotco.us>	2022-03-04 00:42:28 -05:00
Tad	f4fbe65756	Various changes - 15.1: asb picks - 17.1: drop marlin, sailfish, z2_plus, m8 - 4.9 loose versioning fixes	2022-02-24 19:51:44 -05:00
Tad	8b39498b1c	Initial loose versioning work for 4.9 This applies 4.9 patches to 4.4 and 3.18 now that 4.4 is EOL Untested, but looks mild Signed-off-by: Tad <tad@spotco.us>	2022-02-22 13:44:47 -05:00
Tad	5245109cc1	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-02-19 23:22:19 -05:00
Tad	a23bae5cd5	Tiny tweak Signed-off-by: Tad <tad@spotco.us>	2022-02-11 23:35:22 -05:00
Tad	b6da59d24f	Drop FairEmail, Vanilla, and their AOSP equivalents Signed-off-by: Tad <tad@spotco.us>	2022-02-11 14:25:30 -05:00
Tad	65584e96ce	Switch to official Etar The Lineage forks have fallen behind Signed-off-by: Tad <tad@spotco.us>	2022-02-08 14:10:04 -05:00
Tad	51003bff5a	Add an option to clobber after every run Signed-off-by: Tad <tad@spotco.us>	2022-01-24 18:01:21 -05:00
Tad	2400cf0964	App updates - Drops Calendar, Eleven, and Email - Adds a variable for Silence inclusion - Adds a NONE option for microG inclusion flag to disable NLP inclusion Signed-off-by: Tad <tad@spotco.us>	2022-01-24 06:30:15 -05:00
Tad	6329922104	Disable the Hamper Analytics patches Rely on the HOSTS to do any blocking. With the last update this causes app crashes, due to boolean/string mismatch. Need to figure out exactly how string in manifest can become a boolean when wanted. Signed-off-by: Tad <tad@spotco.us>	2022-01-23 16:55:24 -05:00
Tad	6ec0c63126	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-01-13 11:08:22 -05:00
Tad	bfcf6b18b7	Fixup Signed-off-by: Tad <tad@spotco.us>	2022-01-12 05:57:08 -05:00
Tad	ce6ee9d8e4	Update CVE patchers CVE-2021-0961 should be fine now Signed-off-by: Tad <tad@spotco.us>	2022-01-11 05:41:26 -05:00
Tad	b9c7839110	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-01-11 01:19:31 -05:00
Tad	207e45fe6a	Update oneplus/sdm845 to 4.9.295 Signed-off-by: Tad <tad@spotco.us>	2022-01-06 15:21:00 -05:00
Tad	e08349a202	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2021-12-29 11:51:58 -05:00
Tad	3c1931bcc9	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2021-12-19 05:15:32 -05:00
Tad	8cf90d055e	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2021-12-11 01:12:41 -05:00
Tad	359ce4608f	Small updates Signed-off-by: Tad <tad@spotco.us>	2021-12-07 20:57:54 -05:00
Tad	ed1c151ce5	Update CVE patchers CVE-2021-0961/ANY/0001.patch likely causes breakage Signed-off-by: Tad <tad@spotco.us>	2021-12-06 17:43:34 -05:00
Tad	c5c3998593	Guess what? f̵͖̲̙̝̩̌̌̌̑͆̔͐̏͋̓̅̔̒̈́͠i̴͍̗̦͕̅̓̿͋̓̑̽͌͐͊͘͠͠s̵̡̬͙͚̃͑̓̊̌́̾́͠ḥ̴̬͓͚̹̱̰͕͚͈̞̳͒̊ ̵̢̟̞̖͈͖͕̥̙̤͉̮̍́̅̀̾b̵̛̹̝̙̖̱̲͉͚̝̪̲̓̿͛̔̆͋̎́͐̃͆̀̕͝u̸̞̺͓͎̰̦̯̘̺̬͔̬͆͛̋̍̂͒̓͛̐̈́̋̚͝ṫ̵̠t̶̻̳̜̪̗͖͛̂̒̃̑̏͝ Tested on 14.1 and 15.1 targets Signed-off-by: Tad <tad@spotco.us>	2021-11-29 21:14:00 -05:00
Tad	67b5a166fc	16.0: extreme loose versioning work Signed-off-by: Tad <tad@spotco.us>	2021-11-27 22:44:29 -05:00
Tad	7d54ee4be7	14.1: extreme loose versioning work This will apply 3.10 and 3.18 specific patches to 3.0 Example of tuna 3.0 kernel: 199 without loose versioning 311 with loose versioning 364 with extreme loose versioning Signed-off-by: Tad <tad@spotco.us>	2021-11-27 21:06:26 -05:00
Tad	9b84cebf92	17.1: loose versioning work Signed-off-by: Tad <tad@spotco.us>	2021-11-27 15:50:11 -05:00
Tad	c153981b3f	15.1: loose versioning work Signed-off-by: Tad <tad@spotco.us>	2021-11-26 22:40:07 -05:00
Tad	1b1db41869	Initial use of loose versioning for 3.x CVE patches This will for example apply a 3.4 specific patch to 3.0 if no 3.0 specific patch is available. Tested compiling on 14.1 and booting on toroplus. Will be applied to other branches soon. Signed-off-by: Tad <tad@spotco.us>	2021-11-26 18:56:03 -05:00
Tad	1b8df47bd5	14.1: add jellypro Tis a broken device Signed-off-by: Tad <tad@spotco.us>	2021-11-09 11:27:21 -05:00
Tad	f2b9eb8e8b	Small tweaks Signed-off-by: Tad <tad@spotco.us>	2021-11-06 11:22:43 -04:00
Tad	5c8250bbdd	Disable the per-app sensor permission patches Breaks camera on angler Signed-off-by: Tad <tad@spotco.us>	2021-11-05 14:46:32 -04:00
Tad	97d0b239d5	Small tweaks Signed-off-by: Tad <tad@spotco.us>	2021-11-05 08:54:08 -04:00
Tad	621441349e	Fixup the sensors permission patches on 7, 8, and 9. Switch these patches to MODE_ALLOWED from MODE_ASK to fix breakage of system services. Also remove some code that adds a likely security issue. Will need some extra regression testing. Signed-off-by: Tad <tad@spotco.us>	2021-11-04 10:24:06 -04:00
Tad	f7295a0f74	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2021-11-02 23:50:35 -04:00
Tad	b6575a362e	Small tweaks Signed-off-by: Tad <tad@spotco.us>	2021-11-02 22:47:34 -04:00
Tad	f3277f3c07	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2021-11-02 12:01:36 -04:00
Tad	809e03833e	Verity enablement overhaul No change to AVB devices except for enabling on more Verity devices have the potential to regress by not booting No change to non-verity/avb devices Tested working on: mata, cheeseburger, fajita Signed-off-by: Tad <tad@spotco.us>	2021-11-02 10:24:07 -04:00
Tad	ec043e961e	Update CVE patchers CVE-2021-20317 might need to be disabled due to QC timer breakage. Signed-off-by: Tad <tad@spotco.us>	2021-10-27 15:26:53 -04:00
Tad	5d7d710076	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2021-10-20 15:01:18 -04:00
Tad	bc443ffee3	14.1: Add apollo Signed-off-by: Tad <tad@spotco.us>	2021-10-17 14:01:31 -04:00
Tad	b78944933c	More fixes Ensure new shells have the correct settings too. Signed-off-by: Tad <tad@spotco.us>	2021-10-16 22:57:43 -04:00
Tad	042b9063d1	More fixes Signed-off-by: Tad <tad@spotco.us>	2021-10-16 17:12:13 -04:00
Tad	256b1db98b	Hard fail on error Signed-off-by: Tad <tad@spotco.us>	2021-10-16 16:08:43 -04:00
Tad	a5cdb9ab58	Fix patch ordering Signed-off-by: Tad <tad@spotco.us>	2021-10-16 15:21:22 -04:00
Tad	4ce35a3c60	Refresh most branch specific patches Fixed up: LineageOS-16.0/android_packages_apps_Backgrounds/308977.patch LineageOS-16.0/android_packages_apps_Settings/0001-Captive_Portal_Toggle.patch LineageOS-17.1/android_packages_apps_Settings/0001-Captive_Portal_Toggle.patch LineageOS-18.1/android_packages_apps_Settings/0001-Captive_Portal_Toggle.patch Must review again: LineageOS-14.1/android_packages_apps_PackageInstaller/64d8b44.patch Signed-off-by: Tad <tad@spotco.us>	2021-10-16 15:19:55 -04:00
Tad	f7194d1f13	Switch to applyPatch Signed-off-by: Tad <tad@spotco.us>	2021-10-16 14:01:44 -04:00
Tad	7ba42f052a	Small changes Signed-off-by: Tad <tad@spotco.us>	2021-10-14 15:58:22 -04:00
Tad	dd2e8b4b5c	Tiny tweaks Signed-off-by: Tad <tad@spotco.us>	2021-10-08 21:26:11 -04:00
Tad	939c6aa7ed	Small tweaks Signed-off-by: Tad <tad@spotco.us>	2021-10-07 20:07:49 -04:00
Tad	2af0e1201e	Re-enable the recovery downgrade check Signed-off-by: Tad <tad@spotco.us>	2021-10-06 17:03:22 -04:00
Tad	f2e1d32eba	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2021-10-06 16:54:45 -04:00
Tad	7b28a193f1	Include the Support app This is a very basic app with zero permissions and has quick links to various related resources. Signed-off-by: Tad <tad@spotco.us>	2021-10-06 06:21:38 -04:00
Tad	e4a4e7f8de	Fix BT on apollo/thor Closes https://github.com/Divested-Mobile/DivestOS-Build/issues/16 Signed-off-by: Tad <tad@spotco.us>	2021-10-06 04:52:14 -04:00
Tad	59bd09a807	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2021-10-05 14:44:23 -04:00
Tad	870382ff40	Switch to the Mulch WebView Signed-off-by: Tad <tad@spotco.us>	2021-10-02 01:44:46 -04:00
Tad	025ca7df7f	compile fixups after the CVE-2021-Misc2 import and hardenDefconfig overhaul also sync 18.1 DnsResovler patches with: `6332b25b87` `f8490d024a` Signed-off-by: Tad <tad@spotco.us>	2021-10-01 12:34:22 -04:00
Tad	27fe558b76	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2021-09-29 16:47:50 -04:00
Tad	84c7d230ab	Permission for sensors access patches from @MSe1969 Signed-off-by: Tad <tad@spotco.us>	2021-09-24 23:35:33 -04:00
Tad	f5a58bd35f	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2021-09-23 20:56:00 -04:00
Tad	4917af86cc	Update copyright dates Signed-off-by: Tad <tad@spotco.us>	2021-09-15 10:30:08 -04:00
Tad	cf3a12cb5a	Move some changes into a new Post.sh Signed-off-by: Tad <tad@spotco.us>	2021-09-15 10:26:37 -04:00
Tad	bf5d9bc778	Small tweaks - disable disablement of PROC_PAGE_MONITOR to fix memory stats calculation - enable slub_nomerge, similar to slab_nomerge for pre 3.18 kernels slub_nomerge was already default enabled on many 3.10 devices via: 0006-AndroidHardening-Kernel_Hardening/3.10/0010.patch Signed-off-by: Tad <tad@spotco.us>	2021-09-13 10:39:33 -04:00
Tad	35036e694d	Small tweaks Signed-off-by: Tad <tad@spotco.us>	2021-09-08 22:59:33 -04:00
Tad	0ade46cc8e	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2021-09-07 16:57:15 -04:00
Tad	e84111aaa8	Small changes - Include TalkBack - Fixup hosts inclusion, due to path mismatch - 14.1: bump patch level to match the picked ASB - 14.1: m7-common: deblobber fix Signed-off-by: Tad <tad@spotco.us>	2021-09-06 14:32:37 -04:00
Tad	56e9a75445	14.1+15.1: Support wildcards in cached hosts file Signed-off-by: Tad <tad@spotco.us>	2021-09-05 16:30:34 -04:00
Tad	809a361e07	Update CVE patchers Don't introduce https://gitlab.com/LineageOS/issues/android/-/issues/3916 Will consider adding it as a revert Signed-off-by: Tad <tad@spotco.us>	2021-09-04 14:35:24 -04:00
Tad	043b194210	17.1: add surnia + other changes - 17.1: fixup invalid line in marlin from deblobber - 18.1: fixup audiofx removal - all: change repo sync to 8 threads from 20, for google HTTP 429 error Signed-off-by: Tad <tad@spotco.us>	2021-08-26 21:02:28 -04:00
Tad	792cb89ed7	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2021-08-26 12:17:46 -04:00
Tad	79132fddef	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2021-08-13 11:07:07 -04:00
Tad	2d468d9da2	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2021-08-09 14:44:48 -04:00
Tad	3f311f84ad	Changes - WebView update - 14.1: drop osprey, tested compiling on 17.1 - comment updates - small patcher fixes Signed-off-by: Tad <tad@spotco.us>	2021-08-06 18:36:57 -04:00
Tad	189cf4d801	Update comments Signed-off-by: Tad <tad@spotco.us>	2021-08-04 22:18:00 -04:00
Tad	477b0a1a62	More fixes Signed-off-by: Tad <tad@spotco.us>	2021-08-04 10:58:22 -04:00
Tad	9e548cabf5	Fixup `3d69ad87` Tested to compile bacon, ether, and griffin kernels Signed-off-by: Tad <tad@spotco.us>	2021-08-03 18:46:38 -04:00
Tad	3d69ad873e	\"\'FIXES\'\" PART 2 There will likely be some breakage here. Many of these patches have been here since the start and never used. Signed-off-by: Tad <tad@spotco.us>	2021-08-03 15:14:02 -04:00
Tad	4fae8d0445	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2021-08-03 12:37:28 -04:00
Tad	2c05482872	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2021-07-31 09:17:08 -04:00
Tad	b61264e3b9	Update CVE patchers	2021-07-27 00:17:14 -04:00
Tad	ca51db0be0	Update CVE patchers	2021-07-21 22:48:29 -04:00
Tad	9a4c02c3dc	Tiny tweaks	2021-07-19 12:05:18 -04:00
Tad	a43601e77b	Update CVE patchers I expect breakage.	2021-07-10 11:39:14 -04:00
Tad	050da06eba	Move n_asb_09-2018-qcom in tree	2021-07-09 21:04:08 -04:00
Tad	0c53c40b7b	Cherrypicks	2021-07-09 20:54:14 -04:00
Tad	ca857913ef	Directory sanity	2021-07-09 07:09:27 -04:00
Tad	dd3a611d0e	Cherrypicks	2021-07-08 20:08:24 -04:00
Tad	12283124b5	Fixup last commit	2021-07-04 17:05:27 -04:00
Tad	f6357512a7	Update CVE patchers	2021-07-04 14:41:44 -04:00
Tad	44003bd2f5	Update CVE patchers	2021-06-30 17:05:59 -04:00
Tad	c2ce9572fa	umask 0022 all the things umask 0077 breaks things in subtle ways	2021-06-27 14:14:34 -04:00
Tad	881c24d8b2	Various patches from GrapheneOS	2021-06-26 18:57:46 -04:00
Tad	d6dca6e66d	Small tweaks	2021-06-26 14:13:03 -04:00
Tad	eb3e51e7e3	Small tweaks	2021-06-23 13:00:43 -04:00
Tad	48f35901c2	Update CVE patchers	2021-06-16 23:17:37 -04:00
Tad	d42c8f033d	Small changes - Fixup CVE-2020-36386 breakage - Move some cherrypicks in tree (gerrit down right now, pulled from reflog) - Update cherrypicks	2021-06-15 05:46:30 -04:00
Tad	71fe4d590e	Small tweaks - 14.1: drop z00t, compiles on 15.1 - fix double patch breakage for CVE-2020-36386 - clark: fix recovery firmware extraction, hopefully	2021-06-12 10:49:54 -04:00
Tad	4b044379ec	Update CVE patchers	2021-06-11 11:00:54 -04:00
Tad	50c670c477	Small tweaks - June ASB cherrypicks - Change default NTP. only 2*.pool.ntp.org supports IPv6	2021-06-10 22:45:32 -04:00
Tad	94b91c6afd	Incall privacy warning from CalyxOS	2021-06-08 12:11:13 -04:00
Tad	d9c49b56c3	Update CVE patchers	2021-06-07 22:30:33 -04:00
Tad	143bec97a9	Small tweaks	2021-06-07 21:32:10 -04:00
Tad	1e5df6f42e	Update CVE patchers	2021-06-03 13:28:32 -04:00
Tad	4af81f4d66	Update CVE patchers	2021-05-27 14:54:07 -04:00
Tad	13bffe05e7	Update CVE patchers	2021-05-21 09:14:31 -04:00
Tad	1cde58eaa4	Tiny tweaks	2021-05-12 03:15:41 -04:00
Tad	731e0e995c	Update CVE patchers	2021-05-07 21:48:29 -04:00
Tad	2cf0b314d8	Various changes - Cherrypick May ASB topics - 18.1: bump enchilada, fajita, and guacamole	2021-05-06 14:37:52 -04:00
Tad	5f0ae93a0b	Drop the umn patch list Most seem OK	2021-04-25 11:25:32 -04:00
Tad	3770bf469d	Add a list of potentially bad commits from umn.edu addresses	2021-04-21 21:40:40 -04:00
Tad	81084a26d7	Update CVE patchers	2021-04-17 11:01:30 -04:00
Tad	83fe8f0434	More small tweaks - Really fix yylloc sed line - Drop merged ASB cherrypicks - Edit vendor gps.conf files too	2021-04-16 20:31:57 -04:00
Tad	1ba3585c9b	14.1: drop axon7, it compiles on 15.1	2021-04-14 23:41:31 -04:00
Tad	bdf990a638	Small tweaks - Remove some changes that have been commented for a while - Don't remove the QCOM VR repos - Adjust the default quick tiles - Don't force hardware layers for recents - Only generate deltas for update_engine devices - Cherrypick: Update WebView to 90.0.4430.66 - Adjust yylloc sed line - Add comments to 17.1 devices explaining why they aren't removed for 18.1 yet	2021-04-14 21:29:12 -04:00
Tad	2f2d94c9b5	Small tweaks	2021-04-13 11:59:08 -04:00
Tad	a423f977ff	Update CVE patchers	2021-04-12 20:53:35 -04:00
Tad	8e496341b5	Small tweaks + ASB cherrypicks	2021-04-08 05:40:22 -04:00
Tad	f48738f944	Update CVE patchers	2021-04-06 20:55:55 -04:00
Tad	f3e672fb18	Failed attempt at fixing signing PRODUCT_OTA_PUBLIC_KEYS is meant to be set by a vendor tree, something we don't use. Override it at the source and set it explicitely as well. This ensures that the compiled recovery.img and the one generated by sign_target_files_apks.py includes the real public keys for verification. 11.0 signing is ignored. This will need to be extensively tested as breakage can mean brick on locked devices. Although in failure cases it seems test-keys are accepted. -- After much testing there appears to be a deeper issue with how keys are inserted into the recovery and handled	2021-04-06 04:07:18 -04:00

1 2 3 4 5 ...

817 Commits