DivestOS

mirror of https://github.com/Divested-Mobile/DivestOS-Build.git synced 2024-07-03 10:02:28 +00:00

Author	SHA1	Message	Date
Tad	f015dd348f	Add the JNINativeMethod table constification patchsets from GrapheneOS 11 `63b9f96a12` 11 `d8a62b5156` 11 `e3a4d64f29` 11 `e41f1d7f8e` 11 `c34b037486` 11 `dce2d0f64f` 11 `c99c35cb2a` 10 `07071814db` 10 `a48ba29b98` 10 `157fa78115` 10 `b914409e05` 10 `20a51f508b` 10 `b8afb8af37` 10 `e1b6653db7` 9 `ff688b68a7` 9 `866f0df315` 9 `77c9fa981a` 9 `fbf620e59c` 9 `ceaf63c790` 9 `253247fc39` 9 `76bf4c46f0` Signed-off-by: Tad <tad@spotco.us>	2022-03-15 15:26:48 -04:00
Tad	ad579b6681	Misc hardening from GrapheneOS 11 `62f81c237b` 11 `1f05db99ab` 11 `f242089d3f` 10 `abcf485dcf` 9x `c5db5a9f9e` Signed-off-by: Tad <tad@spotco.us>	2022-03-15 14:40:05 -04:00
Tad	844227a4f4	18.1: add the ptrace_scope patchset from GrapheneOS `ad017fba58` `3b89605581` `8b0419ac04` `52ea603339` Signed-off-by: Tad <tad@spotco.us>	2022-03-15 14:29:34 -04:00
Tad	07bd5a3a0e	Automatic reboot and Bluetooth/Wi-Fi shutoff from GrapheneOS and CalyxOS Closes https://github.com/Divested-Mobile/DivestOS-Build/issues/59 Tested on 18.1 Untested on 17.1 Signed-off-by: Tad <tad@spotco.us>	2022-03-15 01:27:08 -04:00
Tad	e61e288b4a	Optionally allow the official Bromite WebView to be used, credit @MSe1969 This also replaces the overrides for all versions And should allow the Google WebView on 14/15/16 And lastly only leaves the bundled version as default This is a merge of the LineageOS 14/15/16 and 17/18 overlay With the addition of the Bromite signature from @MSe1969 Signed-off-by: Tad <tad@spotco.us>	2022-03-14 22:59:40 -04:00
Tad	9ba3a061c6	Tweak Signed-off-by: Tad <tad@spotco.us>	2022-03-14 11:57:34 -04:00
Tad	015799737e	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-03-09 17:16:47 -05:00
Tad	4f75a8272a	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-03-09 11:59:30 -05:00
Tad	902239e2b5	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-03-08 23:20:43 -05:00
Tad	de764885b3	Fixup Signed-off-by: Tad <tad@spotco.us>	2022-03-08 12:56:52 -05:00
Tad	54dbcd9e43	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-03-07 19:12:10 -05:00
Tad	bda848a0a1	Fixup `057bedb6` Sadly this means the option was never enabled :( Note: these options are only available on 4.4+ kernels Signed-off-by: Tad <tad@spotco.us>	2022-03-06 23:05:13 -05:00
Tad	9a6c3f99ed	Verify authorship and Change-Id of all contained patches - No patches were found with incorrect authorship/From: lines - The older AndroidHardening patch repos are no longer available to verify CID. - New GrapheneOS patches do not include a CID. - Signature_Spoofing.patch CID could not be found. - Fixed CID of Harden_Sig_Spoofing.patch to match 14.1 - Fixed CID of LGE_Fixes.patch to match 14.1 - Fixed CID of Harden.patch to match 14.1 - Added edit note to Harden.patch - Fixed CID of PREREQ_Handle_All_Modes.patch to match 14.1 - Fixed CID of More_Preferred_Network_Modes.patch to match 14.1 - Fixed CID of AES256.patch to match 14.1 - Fixed CID of 0001-OTA_Keys.patch to match 18.1 - Fixed CID of Camera_Fix.patch to match 15.1 - Fixed CID of Connectivity.patch to match 14.1 - Fixed CID of Fix_Calling.patch to match 14.1 - Fixed CID of Remove_Analytics.patch to match 14.1 - Fixed CID of Unused-.patch/audio_extn to match original Signed-off-by: Tad <tad@spotco.us>	2022-03-05 13:13:30 -05:00
Tad	ac1e89f0c8	Update CVE patchers [the big fixup] This removes many duplicately or wrongly applied patches. Correctly removed: - CVE-2011-4132 can apply infinitely - CVE-2013-2891 can apply infinitely - CVE-2014-9781 can apply once to fb_cmap_to_user correctly and incorrectly to fb_copy_cmap - CVE-2015-0571 can apply incorrectly and was disabled in patch repo as a result - CVE-2016-2475 can apply infinitely - CVE-2017-0627 can apply infinitely - CVE-2017-0750 can apply infinitely - CVE-2017-14875 can apply infinitely - CVE-2017-14883 can apply infinitely - CVE-2020-11146 can apply infinitely - CVE-2020-11608 can apply infinitely - CVE-2021-42008 can apply infinitely Questionable (might actually be beneficial to "incorrectly" apply again): - CVE-2012-6544 can apply once to hci_sock_getsockopt correctly and incorrectly to hci_sock_setsockopt - CVE-2013-2898 can apply once to sensor_hub_get_feature correctly and incorrectly to sensor_hub_set_feature - CVE-2015-8575 can apply once to sco_sock_bind correctly and incorrectly to sco_sock_connect - CVE-2017-8281 can apply once to diagchar_ioctl correctly and incorrectly to diagchar_compat_ioctl - CVE-2019-10622 can apply once to qdsp_cvp_callback correctly and incorrectly to qdsp_cvs_callback - CVE-2019-14104 can apply once to cam_context_handle_start/stop_dev and incorrectly to cam_context_handle_crm_process_evt and cam_context_handle_flush_dev Other notes: - CVE-2016-6693 can be applied again if it was already applied in combination with CVE-2016-6696 then the dupe check will fail and mark CVE-2016-6696 as already applied, effectively reverting it. This was seemingly fixed with a hand merged patch in patch repo. Wrongly removed: - CVE-2013-2147 is meant for cciss_ioctl32_passthru but is detected in cciss_ioctl32_big_passthru - CVE-2015-8746 is meant for nfs_v4_2_minor_ops but is detected in nfs_v4_1_minor_ops - CVE-2021-Misc2/ANY/0043.patch is meant for WLANTL_RxCachedFrames but is detected in WLANTL_RxFrames Signed-off-by: Tad <tad@spotco.us>	2022-03-04 00:42:28 -05:00
Tad	927b9bfbc5	Fix random reboots on broken kernels when an app has data restricted I don't like this Reading: - `24b3bdcf71` - https://review.lineageos.org/c/LineageOS/android_kernel_essential_msm8998/+/320470 - https://review.lineageos.org/c/LineageOS/android_system_bpf/+/264702 - https://gitlab.com/LineageOS/issues/android/-/issues/2514 - https://gitlab.com/LineageOS/issues/android/-/issues/3144 - https://gitlab.com/LineageOS/issues/android/-/issues/3287 Test: - restrict mobile data for an app - toggle wifi on and off a few times - watch systemui crash and soft-reboot Tested working on cheeseburger Signed-off-by: Tad <tad@spotco.us>	2022-03-03 17:51:46 -05:00
Tad	0d0104b4bb	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-03-02 22:57:34 -05:00
Tad	0d59c18c85	Enable the NETWORK permission patchset for 16.0 too Likely has issues with secondary users. As in the permission affects all copies of the same app. Signed-off-by: Tad <tad@spotco.us>	2022-02-28 01:27:38 -05:00
Tad	bbdfcdc2a2	Tiny fix Signed-off-by: Tad <tad@spotco.us>	2022-02-26 11:47:52 -05:00
Tad	5e1521700f	Port the GrapheneOS NETWORK permission to 17.1 and 18.1 Some patches were ported from 12 to 10/11 Some patches from 11 were ported to 10 This 10/11 port should be very close to 12 BOUNS: 16.0 patches, disabled Signed-off-by: Tad <tad@spotco.us>	2022-02-25 16:52:51 -05:00
Tad	5245109cc1	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-02-19 23:22:19 -05:00
Tad	5283db6f05	Drop the broken PDB patch Why'd past me write this trash? Signed-off-by: Tad <tad@spotco.us>	2022-02-14 07:43:45 -05:00
Tad	143b6fa164	18.1: Refresh for recent upstream Updater changes Untested, should work Signed-off-by: Tad <tad@spotco.us>	2022-02-14 03:05:32 -05:00
Tad	2eda5086fc	Tiny tweak Signed-off-by: Tad <tad@spotco.us>	2022-02-13 23:57:59 -05:00
Tad	48b009a02e	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-02-12 06:56:28 -05:00
Tad	b6da59d24f	Drop FairEmail, Vanilla, and their AOSP equivalents Signed-off-by: Tad <tad@spotco.us>	2022-02-11 14:25:30 -05:00
Tad	5b783483e6	Cleanup Signed-off-by: Tad <tad@spotco.us>	2022-02-11 14:23:51 -05:00
Tad	bc3a9cddba	Small tweaks Signed-off-by: Tad <tad@spotco.us>	2022-02-09 00:22:02 -05:00
Tad	ee0bd8625f	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-02-07 14:43:05 -05:00
Tad	0a664cc22c	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-02-03 21:12:02 -05:00
Tad	c0aac415aa	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-01-29 09:35:59 -05:00
Tad	58b53de17a	Multi user tweaks from GrapheneOS Signed-off-by: Tad <tad@spotco.us>	2022-01-24 06:30:39 -05:00
Tad	2400cf0964	App updates - Drops Calendar, Eleven, and Email - Adds a variable for Silence inclusion - Adds a NONE option for microG inclusion flag to disable NLP inclusion Signed-off-by: Tad <tad@spotco.us>	2022-01-24 06:30:15 -05:00
Tad	6864156bd6	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-01-20 22:22:22 -05:00
Tad	dbd2a71722	Update CVE patchers Hopefully fixes boot breakage Signed-off-by: Tad <tad@spotco.us>	2022-01-17 01:23:10 -05:00
Tad	5e18ec4dfe	Tiny tweak Signed-off-by: Tad <tad@spotco.us>	2022-01-16 16:42:26 -05:00
Tad	6ec0c63126	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-01-13 11:08:22 -05:00
Tad	bfcf6b18b7	Fixup Signed-off-by: Tad <tad@spotco.us>	2022-01-12 05:57:08 -05:00
Tad	ce6ee9d8e4	Update CVE patchers CVE-2021-0961 should be fine now Signed-off-by: Tad <tad@spotco.us>	2022-01-11 05:41:26 -05:00
Tad	b9c7839110	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-01-11 01:19:31 -05:00
Tad	8a45dc4696	18.1: Device additions h910 lavender pioneer, voyager, discovery akari, aurora, xz2c Signed-off-by: Tad <tad@spotco.us>	2022-01-06 21:04:17 -05:00
Tad	207e45fe6a	Update oneplus/sdm845 to 4.9.295 Signed-off-by: Tad <tad@spotco.us>	2022-01-06 15:21:00 -05:00
Tad	b05823bb20	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-01-04 21:00:25 -05:00
Tad	daf98f8197	Small tweaks Signed-off-by: Tad <tad@spotco.us>	2021-12-31 21:39:04 -05:00
Tad	39e520a03f	Sync APN list from 18.1 Signed-off-by: Tad <tad@spotco.us>	2021-12-31 21:12:24 -05:00
Tad	e08349a202	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2021-12-29 11:51:58 -05:00
Tad	68771721d5	Update oneplus/sdm845 to 4.8.282 Signed-off-by: Tad <tad@spotco.us>	2021-12-29 11:51:52 -05:00
Tad	8b3beeb9fd	More analytics disablement Signed-off-by: Tad <tad@spotco.us>	2021-12-27 23:24:03 -05:00
Tad	ee1f466211	Fixup Signed-off-by: Tad <tad@spotco.us>	2021-12-27 18:16:42 -05:00
Tad	2c1d8d5e78	Hamper analytics improvements Signed-off-by: Tad <tad@spotco.us>	2021-12-27 17:35:53 -05:00
Tad	3c1931bcc9	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2021-12-19 05:15:32 -05:00

1 2 3 4 5 ...

759 Commits