Tad
f621ff7dda
Update CVE patchers
...
I have absolutely no idea why kernel_oneplus_msm8998 was downgraded
4.4.241 to 4.4.205
https://github.com/LineageOS/android_kernel_oneplus_msm8998/tree/backup/lineage-17.1_20210108_1948
2021-01-13 04:29:00 -05:00
Tad
b683d40ef3
Small tweaks
...
- Update cherry picks
- Add star2lte to 15.1 and 17.1
2021-01-09 13:37:07 -05:00
Tad
42b94605f8
Cherrypicks and CVE-2019-2306 patching
2021-01-06 14:04:18 -05:00
Tad
bd4cb22db1
ASB cherry picks
2021-01-05 12:22:42 -05:00
Tad
e62afb602b
Sync APN list from 17.1 to all versions
...
- 15.1: enable hammerhead due to reported bt issues on 16.0
2021-01-04 20:16:33 -05:00
Tad
ff96315fb4
Update CVE patchers
2020-12-30 11:08:19 -05:00
Tad
8b56cd13c6
deblobber: Don't remove CNE
...
- breaks Wi-Fi calling
- breaks IMS on marlin/sailfish
2020-12-22 13:53:29 -05:00
Tad
d6cf9ec8b0
Many fixes
...
VoLTE tested working on mata/17.1!
VoWiFi tested working with DOS_DEBLOBBER_REMOVE_CNE=false
- Disable Graphene exec spawning feature, subtly breaks many apps
Maybe missing some patches?
- Build old versions for devices with broken IMS
- Ensure shell umask is always 0022
- fwb overlay: drop the MMS user-agent overrides
- Drop the BlobBlocker and ModuleBlocker
They were unused and unkempt.
- Put volteOverride behind DOS_DEBLOBBER_REMOVE_IMS and comment it
2020-12-22 04:00:12 -05:00
Tad
356c743cd8
Update cherrpicks
2020-12-21 03:44:07 -05:00
Tad
1be184bac9
Small tweaks
2020-12-16 07:48:41 -05:00
Tad
39727cb7c7
Update CVE patchers
2020-12-10 14:09:58 -05:00
Tad
3ec13d6bc8
Update CVE patchers
2020-12-08 10:24:24 -05:00
Tad
e36a91facc
Update CVE patchers
2020-12-07 09:36:20 -05:00
Tad
9c691d02ab
Update CVE patchers
2020-12-03 22:43:23 -05:00
Tad
09722044b0
Update CVE patchers
2020-11-29 19:06:06 -05:00
Tad
69c8bdfb22
Update CVE patchers
2020-11-26 09:03:45 -05:00
Tad
445582fe2a
Update CVE patchers
2020-11-19 17:15:55 -05:00
Tad
9d7e5a24a3
License headers
2020-11-17 10:19:06 -05:00
Tad
523264aebb
Update CVE patchers
2020-11-12 23:46:38 -05:00
Tad
dc5b1d91f2
Update CVE patchers
2020-11-06 16:15:16 -05:00
Tad
6a5866c01d
More failed attempts at fixing IMS
...
Keeping IMS, RCS, CNE, ATFWD, and allowing ims* to access /dev/diag:
IMS service still fails to register on mata
Is it the carrier?
Is it the phone?
Is it LineageOS?
Is is DivestOS?
Absolute mess.
2020-11-02 19:24:56 -05:00
Tad
9f01dc038c
Small changes
...
- SUPL NTP fix
- Remove debug info from dexpreopt, saves a few MB
- 15.1+: enable full dexpreopt, for perf and memory benefits
- 17.1: change oneplus/msm8998-common kernel
- 17.1: add OpenCamera to AUX list
- Resurrect verity for devices missed previously
- Update some CVE patchers
- deblobber: remove some lingering atfwd blobs
2020-11-02 06:28:06 -05:00
Tad
3926f3a44f
Small updates
...
- Various rebranding fixes
- 17.1: hold off on Seedvault inclusion for now
- 17.1: update kernel/fxtec/msm8998 CVE patcher
- 17.1: build cheeseburger/dumpling
2020-10-31 15:16:25 -04:00
Tad
5ec84b9f7b
Update CVE patchers
2020-10-30 14:35:12 -04:00
Tad
b89cc98001
Small updates
2020-10-27 21:40:20 -04:00
Tad
1b4b86c38d
Tiny tweaks
2020-10-23 14:49:16 -04:00
Tad
b0857599d6
Drop ISSUES.md
...
Moved to website
https://divestos.org/index.php?page=browsers
1d5bc9d979
2020-10-21 11:54:36 -04:00
Tad
0958df7de5
deblobber: remove more blobs
2020-10-20 10:45:57 -04:00
Tad
00a6a86126
deblobber: fixup timekeep replacement, credit Wang Han/aviraxp
2020-10-20 05:39:06 -04:00
Tad
d889ae4642
Update CVE patchers
2020-10-17 15:28:42 -04:00
Tad
688f4dd953
More CVE patcher fixes
2020-10-15 21:31:46 -04:00
Tad
cc64ce1634
Update CVE patchers
2020-10-14 16:28:07 -04:00
Tad
6c9c91941e
Fix errors from compile test of all 14.1 kernels
2020-10-14 14:23:22 -04:00
Tad
d53a4f4e41
Update CVE patchers
...
- Drop tcp_sack=0 sysctl, as most devices are now patched
2020-10-12 18:38:07 -04:00
Tad
115dd21832
Many changes
...
- 17.1: Add Pixel 4/XL
- Promote klte to 17.1
- hardenBootArgs: don't run on klte
- hardenBootArgs: regorganize
- hardenDefconfig: enabler: drop unnecessary options (iommu)
- hardenDefconfig: disabler: comment diag options for now
- deblobber: comment dirac lines to fix cheeseburger headphone jack
- fixup Etar replacement
2020-10-11 07:12:00 -04:00
Tad
496fddb303
Replace calendar with Etar, and drop LocalCalendar
2020-10-11 04:12:16 -04:00
Tad
260140f0a1
Update CVE patchers
2020-10-10 11:56:35 -04:00
Tad
83c0570e59
Update AOSP CVE list to October patches
2020-10-07 01:59:48 -04:00
Tad
8bdad21040
Update CVE patchers
2020-10-06 23:36:29 -04:00
Tad
b56fabac3b
Update CVE patchers
...
I expect some breakage here
2020-10-06 21:14:18 -04:00
Tad
bf9167f442
Update CVE patchers
2020-10-05 21:38:25 -04:00
Tad
46c1a74ef3
17.1: Fixup TTS
2020-09-25 11:38:26 -04:00
Tad
92f7f37096
Update CVE patchers
...
Fix CVE-2020-25221 breakage
2020-09-25 09:27:12 -04:00
Tad
bc7cf7af0a
Update CVE patchers
2020-09-25 06:55:18 -04:00
Tad
a9812ba729
17.1: Rebase microG patches
2020-09-24 08:02:27 -04:00
Tad
92879ec2a4
Update CVE patchers
2020-09-23 06:31:34 -04:00
Tad
3bc1463017
Update CVE patchers
2020-09-18 10:36:01 -04:00
Tad
8c1e8ee3e3
Update CVE patchers
2020-09-17 15:35:48 -04:00
Tad
6e16320468
Small fixes
2020-09-13 19:52:37 -04:00
Tad
d16a362141
ASB cherry picks + Fixup 2f83043c
...
TODO: rm -v kernel/*/*/drivers/staging/greybus/tools/Android.mk
2020-09-12 08:29:09 -04:00
Tad
4c29ac36d2
Update CVE patchers
2020-09-09 19:00:03 -04:00
Tad
76fcd8a0d4
Update CVE patchers
2020-09-08 18:19:52 -04:00
Tad
bca6af1516
Small updates
...
- recovery: abort on serial number specific updates, credit: GrapheneOS
- Add lists of missing CVEs
- Update cherrypicks
2020-09-02 14:20:51 -04:00
Tad
826949e6df
Small updates
2020-08-22 10:18:29 -04:00
Tad
2f83043c68
14.1+15.1: GPS week rollover fix
...
16.0: 279492
17.1: 278135
also switch to alternate Xtra servers
https://developer.gemalto.com/threads/gps-time-info-error
2020-08-09 12:30:47 -04:00
Tad
887ebb84c5
Update CVE patchers
...
Includes many fixes for a69326f3
but probably breaks other things
2020-08-09 07:29:19 -04:00
Tad
a69326f396
Update CVE patchers
...
Untested. I expect some breakage.
2020-08-08 13:06:39 -04:00
Tad
af54500797
Update CVE patchers
2020-08-03 18:15:27 -04:00
Tad
a6a59309ed
More small fixes
2020-07-13 21:28:17 -04:00
Tad
2675404f86
14.1: move n-netd cherry picks in tree
2020-07-13 20:15:08 -04:00
Tad
e8f13920bb
Cherry picks
2020-07-08 16:39:26 -04:00
Tad
c715d549a7
Update CVE patchers
2020-07-07 01:57:39 -04:00
Tad
d9a61e1dea
Fix GPG signing
2020-06-27 01:45:02 -04:00
Tad
b2b9eb7ffc
Potential fix for phone call audio on shamu and others
2020-06-17 15:20:02 -04:00
Tad
5797ea8fc4
Small fixes
...
CVE-2019-14047/ANY/0002.patch will probably need to be disabled on more devices
2020-06-02 17:33:27 -04:00
Tad
ca77d36357
Update CVE patchers
2020-06-02 02:23:57 -04:00
Tad
694f270d75
Initial bringup of many devices to 17.1
2020-05-31 15:10:32 -04:00
Tad
31d6ab5299
Update CVE patchers
2020-05-28 23:06:53 -04:00
Tad
5106063cb5
Drop many more repositories
2020-05-24 20:07:03 -04:00
Tad
7af3c42325
Minor fixes
2020-05-23 23:31:05 -04:00
Tad
4c1577724f
Small changes
...
- hardenDefconfig: more options from Alexander Popov's checker
- 17.1: A2DP fix from GrapheneOS when hardened_malloc is in use
2020-05-23 18:06:22 -04:00
Tad
4b376037e0
Update included F-Droid repositories
2020-05-22 22:03:19 -04:00
Tad
25cc3c5a10
Update CVE patchers
2020-05-18 16:25:41 -04:00
Tad
7343973b1d
Minor updates
...
- Update cherrypicks
- 17.1: mata fix usb
- 16.0: whitelist open camera for aux support
2020-05-17 10:04:48 -04:00
Tad
f5462dd23c
Minor tweaks
2020-05-13 17:38:39 -04:00
Tad
2aa65e6b16
Cherry picks
2020-05-11 07:57:53 -04:00
Tad
e962fdeb81
Update CVE patchers
2020-05-04 17:18:50 -04:00
Tad
2a0352ba1c
Many fixes
...
17.1: recovery: rebranding reverts
17.1: mata: fix vorbis
17.1: g2/g3: fix Wi-Fi under -user
15.1/16.0: g2/g3: improve misc_block_exception patch
2020-04-30 18:37:41 -04:00
Tad
9fcb91793e
Update CVE patchers
2020-04-26 13:24:43 -04:00
Tad
358a0d703b
Many changes
...
- Promote many 16.0 devices to 17.1
- Many build fixes
- Switch to FairEmail
2020-04-25 12:34:49 -04:00
Tad
84300d6611
Small fixes
2020-04-19 13:19:55 -04:00
Tad
98a45b1ee6
Build fixes
2020-04-15 21:38:46 -04:00
Tad
8012903ba1
17.1: Initial bringup
...
- See items marked with '17REBASE'
2020-04-14 21:21:13 -04:00
Tad
cdd74148b9
Patcher build fixes
2020-04-12 13:58:02 -04:00
Tad
0c89accfb5
Update CVE patchers
2020-04-06 22:23:37 -04:00
Tad
c26b3e95c7
Minor tweaks
...
- Cherry pick PPP/CVE-2020-8597 patches
- Add some more DNS providers
- Switch default DNS to Cloudflare's new malware blocking provider
- GCC 10 build fix
- Update CVE patchers (select)
2020-04-05 15:53:58 -04:00
Tad
01843b6b2b
Update incrementals
2020-03-02 19:33:43 -05:00
Tad
50f44d1934
Small changes
...
- cheeseburger/dumpling: fix ogg vorbis playback, credit @LuK1337
- cheeseburger/dumpling: fix delta ota generation
- remove a few more blobs
- potentially bluetooth when ant is removed on newer devices
- support newer clamav
- commented support for extracting boot.img when recovery.img isn't available
-- fastboot.zip should be preferred
- potentially fix boot on many untested newer devices (diag on msm8996+)
- update cherry picks
2020-02-24 18:53:27 -05:00
Tad
4292bcaa3e
recovery: fix sideload with larger files
...
+ 16.0: add a disabled patch to remove backuptool
+ processRelease: add support for copying recovery image to archive
2020-02-23 16:06:47 -05:00
Tad
fe54dd26a6
Fix many device issues
...
- Fix mata
- Fix cheeseburger
- Enable near-entire IMS stack (proprietary)
- Fix many other new devices
2020-02-22 13:29:01 -05:00
Tad
2734a075c6
Update CVE patchers
2020-02-03 21:36:49 -05:00
Tad
332807d427
Update CVE patchers
2020-02-02 12:09:49 -05:00
Tad
d87457630a
Update cherrypicks
2020-01-26 21:17:33 -05:00
Tad
d3f28918e5
Update CVE patchers
2020-01-06 18:25:36 -05:00
Tad
d8c2a56124
Update CVE patchers
2019-12-11 20:21:14 -05:00
Tad
4610cd9bde
Update CVE patchers
...
CVE-2019-19252 was dropped
dependent on d21b0be246
2019-12-03 06:12:46 -05:00
Tad
7ef8a2726d
Minor tweaks
2019-11-28 12:03:40 -05:00
Tad
a8cc390c3d
14.1: cherrypicks
2019-11-24 20:14:23 -05:00
Tad
f90b62982b
Update CVE patchers
2019-11-24 20:13:55 -05:00
Tad
038ae37376
Minor tweaks
2019-11-24 16:22:58 -05:00
Tad
baabd45a16
Minor tweaks + ASB cherrypicks
2019-11-10 02:34:40 -05:00
Tad
d64534a7c1
Update CVE patchers
2019-11-04 21:04:49 -05:00
Tad
1a7897211a
16.0: add Amber
2019-10-29 17:37:43 -04:00
Tad
791087fefa
minor tweaks
2019-10-27 16:20:27 -04:00
Tad
640ef60b83
Move many old cherry picks in tree for archival/support purposes
2019-10-19 22:03:59 -04:00
Tad
204285d7c8
kernel command line: enable hardening options
2019-10-18 22:14:28 -04:00
Tad
159e5ea194
Minor tweaks
...
- Update cherry picks
- Update copyright year
- bacon: fix delta generation
2019-10-11 13:24:38 -04:00
Tad
579f340c3c
Update CVE patchers
2019-10-04 14:43:19 -04:00
Tad
f20ddfc0f6
Minor tweaks
2019-10-04 10:39:27 -04:00
Tad
79ec8a4999
clark: experimental 16.0
2019-09-28 17:37:18 -04:00
Tad
e01e457b24
Per-device signing keys
...
- also fix OTA/recovery key regression
- Update cherrypicks
2019-09-15 22:18:04 -04:00
Tad
19d5b66097
Many changes
...
- ASB chery picks
- 16.0: recovery: fix sideload
- Restore releasetools for some devices
- Only include Backup where supported
- Change some small defaults
- z00t: 14.1 -> 15.1
- himaul: 14.1 -> 15.1
- i9100: 14.1 -> 15.1+16.0
- flo: 15.1 -> 16.0, disabled
- flounder: 15.1 disabled, enable 14.1
2019-09-13 20:24:02 -04:00
Tad
09b38c1f04
marlin/sailfish: fix MediaProvider using 100% CPU
...
- by disabling mtp over functionfs
- affects both GrapheneOS and LineageOS
- might need to be applied to other devices
[pid 2482] ppoll([{fd=42, events=POLLIN}, {fd=51, events=POLLIN}], 2, {tv_sec=0, tv_nsec=0}, NULL, 0) = 0 (Timeout)
lrwx------ 1 u0_a13 u0_a13 64 2019-09-05 18:47 42 -> /dev/usb-ffs/mtp/ep0
lrwx------ 1 u0_a13 u0_a13 64 2019-09-05 18:47 51 -> anon_inode:[eventfd]
https://forum.xda-developers.com/android/help/pixel2-help-diagnose-android-process-t3863274
https://bugs.chromium.org/p/chromium/issues/detail?id=947901
2019-09-06 09:38:01 -04:00
Tad
1a7291aa36
Minor changes
...
- Cherry picks
- New default wallpaper, credit: Pawel Czerwinski, UmzGrVna1P0
2019-09-05 04:23:28 -04:00
Tad
9ce8cdb9b6
Add Steve Soltys' Backup app
2019-09-04 06:40:05 -04:00
Tad
ec48a4c89c
Update CVE patchers
2019-09-04 01:31:12 -04:00
Tad
db572efa89
Many changes
...
- processRelease: Support AVB
- sort device build order by SoC
Additions:
- taimen/muskie: 15.1, 16.0
- crosshatch/blueline: 16.0
- bonito/sargo: 16.0
2019-09-03 16:50:50 -04:00
Tad
1bd0e47099
victara: 15.1 -> 16.0
...
- other fixes
2019-08-30 22:42:10 -04:00
Tad
330df0983c
16.0: Add GrapheneOS' exec-based spawning feature + misc tweaks
...
- patch credit updates
- 16.0: allow SystemUI to directly manage Bluetooth/WiFi
- from GrapheneOS
- cleanup
2019-08-30 02:30:13 -04:00
Tad
e10a865b05
Improve release processing to support deltas and archiving
2019-08-29 19:09:31 -04:00
Tad
057bedb65b
Minor tweaks
...
- 14.1+15.1+16.0: enable kernel protections for files
- protected_*: hardlinks, symlinks, fifos, regular
- from GrapheneOS
- defconfig: enable more verity options
- cleanup
2019-08-28 20:24:59 -04:00
Tad
db348ab09c
Minor tweaks
...
- 15.1+16.0: Replace in-line build signing patch with bash function
- From GrapheneOS/script
- 15.1+16.0: Enable fingerprint failed lockout after 5 attempts
- From GrapheneOS
2019-08-28 00:40:27 -04:00
Tad
68cdef8733
Minor tweaks
2019-08-26 20:50:28 -04:00
Tad
89de66bdba
Many small changes
...
- Cherrypicks for ASB patches
- Apps: Switch gallery to Simple Gallery
- Apps: Switch camera to OpenCamera
- PKGBUILD: update with image optimization dependencies
- Deblobber: fix bug introducted in 6d33e4ecbf
2019-08-08 14:22:24 -04:00
Tad
aee6b66dd8
Update CVE patchers
2019-08-05 16:03:41 -04:00
Tad
bad890614e
Update CVE patchers
2019-07-21 09:47:10 -04:00
Tad
34d1bbe155
Minor updates
2019-07-21 07:36:02 -04:00
Tad
6458d6785f
Enable IPv6 privacy extensions
2019-07-05 16:47:59 -04:00
Tad
a29825f6e1
Update CVE patchers
2019-07-01 18:06:05 -04:00
Tad
e41d053f00
Minor updates
...
- drop usage stats patch, causes Settings to crash
2019-06-27 23:01:28 -04:00
Tad
55c3072089
Going the distance... [pt2]
2019-06-18 13:51:04 -04:00
Tad
c15105d945
Update CVE patchers
2019-06-17 23:26:38 -04:00
Tad
1d67143181
Update CVE patchers
2019-06-08 04:09:24 -04:00
Tad
d7078bafd6
Update CVE patchers
2019-06-03 18:41:24 -04:00
Tad
bb72bccbeb
Two hardening patches from @MSe1969
...
+ a backport of browser location restriction patch to 14.1 and 15.1
by @syphyr
2019-06-02 19:25:29 -04:00
Tad
163fdb1f68
Minor updates
2019-05-31 21:13:39 -04:00
Tad
40d6db0326
divestos.xyz > divestos.org
2019-05-23 11:34:26 -04:00
Tad
8030a63a2a
11.0: fixes
2019-05-17 23:26:25 -04:00
Tad
380353773e
Fixes
2019-05-17 20:48:26 -04:00
Tad
899812864f
Update CVE patchers
2019-05-14 21:04:55 -04:00
Tad
223c5d1a2c
Disable temperature monitoring
...
Breaks boot after 9.0 May security ASB:
- thermal service unavailable
- power service hooks thermal service
- keyguard service hooks power service
- no keyguard = no system ui
- no system ui = rescue party engages
- rescue party goes into recovery demanding factory wipe
see commit:
fwb: DO NOT MERGE Implement USB High Temperature warning dialog
2019-05-12 13:42:06 -04:00
Tad
aaa44f058e
Update license
2019-05-09 06:43:09 -04:00
Tad
f59c77f00c
Cherrypicks
2019-05-06 16:29:58 -04:00
Tad
9e2dd548d8
Disable LiveDisplay by default for performance reasons
2019-04-17 00:23:42 -04:00
Tad
20c8c7525c
Misc tweaks
...
- 15.1: Contacts: remove Privacy Policy and Terms of Service links
- from GrapheneOS
- cherry picks
2019-04-06 22:55:14 -04:00
Tad
974cc3b3f8
16.0: recovery has been updated
...
but leave it disabled because it doesn't boot
2019-04-04 23:33:10 -04:00
Tad
25cc717ec2
Use GrapheneOS' hardened memory allocator
...
+ 16.0: some other misc hardening patches from GrapheneOS
- always restrict access to Build.SERIAL
- don't grant location permission to system browsers
- fbe: pad filenames more
+ 16.0: Contacts: remove Privacy Policy and Terms of Service links
2019-04-04 01:07:58 -04:00
Tad
60cf364f19
Minor tweaks
...
- init.sh: sort options
- overlay: leave radioScanningTimeout default
- hardenDefconfig: disable more components with CVEs
- cherry picks
- 16.0: trebuchet: tmp fix for default workspace overlay
2019-04-03 19:04:37 -04:00
Tad
1c49b80da0
Minor tweaks
...
- CVE patchers were updated with no change
- hardenDefconfig: disable MSM_SMP2P_TEST to mitigate CVE-2019-2247
- 14.1 add a cherry pick
2019-04-01 18:57:04 -04:00
Tad
dd7e4c3faf
Remove more blobs
2019-03-22 05:28:57 -04:00