Tad
fc9032513f
Update CVE patchers
...
Likely issue CVE-2023-3773/^6.4
Signed-off-by: Tad <tad@spotco.us>
2023-08-27 17:13:53 -04:00
Tad
bf55f7d572
Remove more face unlock blobs and unbreak camera on Pixel 4 series
...
Signed-off-by: Tad <tad@spotco.us>
2023-08-26 18:22:51 -04:00
Tad
48b3276140
Fixup kebab and lemonades
...
Signed-off-by: Tad <tad@spotco.us>
2023-08-25 19:43:21 -04:00
Tad
7509afb74d
20.0: add Mi8917
...
Signed-off-by: Tad <tad@spotco.us>
2023-08-25 14:47:54 -04:00
Tad
fa030fcbf4
Churn
...
Signed-off-by: Tad <tad@spotco.us>
2023-08-24 21:38:33 -04:00
Alberto García
62ca909711
Push davinci to 20.0
2023-08-24 19:06:22 -04:00
Tad
ee5a62138a
Push z2_plus to 20.0
...
Signed-off-by: Tad <tad@spotco.us>
2023-08-24 18:58:08 -04:00
Tad
7835c2b2ae
18.1+: Restrict tile usage when locked, credit @GrapheneOS
...
TODO: backport to older branches
Signed-off-by: Tad <tad@spotco.us>
2023-08-22 17:54:19 -04:00
Tad
8b51c3cd0f
Fixup OpenEUICC inclusion
...
Signed-off-by: Tad <tad@spotco.us>
2023-08-21 20:00:31 -04:00
Tad
d6c3b6c8fa
More eSIM work
...
- Add the GrapheneOS package hook mechanism
- Ensure OpenEUICC and EuiccSupportPixel are only enabled in the system user
- Prevent EuiccSupportPixel interactions
- Remove INTERNET permission from EuiccSupportPixel
Signed-off-by: Tad <tad@spotco.us>
2023-08-21 16:50:51 -04:00
Tad
c070e856b2
eSIM enablement via @PeterCxy's OpenEUICC
...
tested working on bluejay
Signed-off-by: Tad <tad@spotco.us>
2023-08-21 09:25:10 -04:00
Tad
7fb56809ac
Small fixups
...
Signed-off-by: Tad <tad@spotco.us>
2023-08-18 16:08:10 -04:00
Tad
0afe05ff22
Push apollon to 20.0
...
Signed-off-by: Tad <tad@spotco.us>
2023-08-18 12:36:18 -04:00
Tad
ceec1584a9
Fixup hosts cache thanks to patch from @danielk43
...
Closes https://github.com/Divested-Mobile/DivestOS-Build/issues/198
Signed-off-by: Tad <tad@spotco.us>
2023-08-18 11:17:14 -04:00
Tad
2142e2e763
Update CVE patchers
...
Signed-off-by: Tad <tad@spotco.us>
2023-08-17 17:18:10 -04:00
Tad
9707326c4f
Churn
...
Signed-off-by: Tad <tad@spotco.us>
2023-08-13 16:16:21 -04:00
Tad
974878988b
Fixup
...
Will regen later
Signed-off-by: Tad <tad@spotco.us>
2023-08-09 00:46:44 -04:00
Tad
eef09ae519
Update CVE patchers
...
Signed-off-by: Tad <tad@spotco.us>
2023-08-07 18:07:19 -04:00
Tad
7ef5d9a9c4
Broken EUICC handling
...
Signed-off-by: Tad <tad@spotco.us>
2023-08-05 18:57:32 -04:00
Tad
180280b233
Update CVE patchers
...
TODO: adjust min version of CVE-2023-4132
Signed-off-by: Tad <tad@spotco.us>
2023-08-04 21:00:29 -04:00
Tad
7cbceb9d81
Tweaks
...
Signed-off-by: Tad <tad@spotco.us>
2023-07-27 20:44:56 -04:00
Tad
7b7d5b93dd
Adjust
...
Signed-off-by: Tad <tad@spotco.us>
2023-07-27 13:43:06 -04:00
Tad
73414e76d2
Update CVE patchers
...
two lpes
Signed-off-by: Tad <tad@spotco.us>
2023-07-25 12:04:05 -04:00
Tad
c8d3354113
Patch from CalyxOS to make AOSP less spyware
...
Signed-off-by: Tad <tad@spotco.us>
2023-07-24 14:35:24 -04:00
Tad
3708cee48a
Churn
...
Signed-off-by: Tad <tad@spotco.us>
2023-07-24 14:10:33 -04:00
Tad
e74f861c8e
Fixes + Churn
...
- Fix instances of awk failing on missing globs
- Remove unwanted packages from work/user/managed profiles
- Remove proprietary camera extensions
Signed-off-by: Tad <tad@spotco.us>
2023-07-24 03:59:51 -04:00
Tad
4bab1c31d7
Churn
...
Signed-off-by: Tad <tad@spotco.us>
2023-07-19 16:05:51 -04:00
Tad
0f9a2c7aea
Less aggressive low_ram enablement
...
14.1 <2GB
15.1 <2GB
16.0 <2GB
17.1 <3GB
18.1 <3GB
19.1 <4GB
20.0 <4GB
Signed-off-by: Tad <tad@spotco.us>
2023-07-17 18:44:56 -04:00
Tad
b6308caa37
Update CVE patchers
...
TODO: enable CVE-2023-31084/4.4
Signed-off-by: Tad <tad@spotco.us>
2023-07-15 21:22:18 -04:00
Tad
aa6bfad801
Various
...
- Drop OpenCamera, it doesn't work on lock screens anymore?
- microG on 18.1+:
- set packages forceQueryable
- spoof some sources as Play Store
TODO: backport this to 17.1
- Remove camera extensions
- Churn
- Wording
Signed-off-by: Tad <tad@spotco.us>
2023-07-15 18:22:07 -04:00
Tad
1c9076fffe
KSM tuning
...
- Only enable on Linux 3.0 through 4.9
- Always enable defer option
- Only run twice a second, instead of fifty times a second
Signed-off-by: Tad <tad@spotco.us>
2023-07-14 20:27:10 -04:00
Tad
11c286ecd4
Churn
...
Signed-off-by: Tad <tad@spotco.us>
2023-07-14 17:27:20 -04:00
Tad
192c73146a
Add a toggle for KSM
...
Signed-off-by: Tad <tad@spotco.us>
2023-07-14 17:11:21 -04:00
Tad
b5bb498248
Many tweaks
...
- 19.1/20.0: Enable low ram for <6GB devices
- 20.0: support RROs with exec spawning patch from GrapheneOS
- allow work profiles when low ram is enabled
- churn
- cherrypicks
Signed-off-by: Tad <tad@spotco.us>
2023-07-13 16:40:05 -04:00
Tad
eff7a69bed
Small changes
...
- Another fix
- Deblobber tweaks
- Patch from GrapheneOS
- Cherrypick
Signed-off-by: Tad <tad@spotco.us>
2023-07-13 10:58:41 -04:00
Tad
fdeceb5c9c
Fixups
...
Signed-off-by: Tad <tad@spotco.us>
2023-07-10 22:50:33 -04:00
Tad
7a53edc390
Churn
...
Signed-off-by: Tad <tad@spotco.us>
2023-07-10 17:11:15 -04:00
Tad
fc01bcba7f
Churn
...
Closes https://github.com/Divested-Mobile/DivestOS-Build/issues/222
Signed-off-by: Tad <tad@spotco.us>
2023-07-09 21:23:25 -04:00
Tad
a1a3cbb94e
Fix overlay conflicts
...
Should mostly fix https://github.com/Divested-Mobile/DivestOS-Build/issues/219
Signed-off-by: Tad <tad@spotco.us>
2023-07-06 14:51:40 -04:00
Tad
c4666a33b7
Update CVE patchers
...
Signed-off-by: Tad <tad@spotco.us>
2023-07-05 19:42:40 -04:00
Tad
0f4044e242
20.0: opt-in hardened unprivileged microG ability
...
Unlike other systems which ship privileged microG out of the box:
- User must enable microG repo in F-Droid
- User must install official microG apps (GmsCore/FakeStore/GSF)
- User must enable the microG toggle in Settings
- NOT a privileged app, not all features will work
- gmscore SELinux domain is still disabled
Signed-off-by: Tad <tad@spotco.us>
2023-07-03 13:45:06 -04:00
Tad
2e2ac4557d
Update CVE patchers
...
Signed-off-by: Tad <tad@spotco.us>
2023-06-26 19:41:11 -04:00
Tad
6b94c8cdcb
Fixup
...
Signed-off-by: Tad <tad@spotco.us>
2023-06-21 16:05:11 -04:00
Tad
dc4d6b0901
Churn
...
Signed-off-by: Tad <tad@spotco.us>
2023-06-20 18:36:31 -04:00
Tad
1e7f10d6b6
20.0: drop June ASB patches
...
QPR3 has been merged
Signed-off-by: Tad <tad@spotco.us>
2023-06-20 16:22:02 -04:00
Tad
cda898f141
Certificate Authority store updates
...
- Remove some untrustworthy CAs
- Update CA store for all branches to aosp/e302aa968334b3c3fc9cd709a7c7661e0cf534eb
Signed-off-by: Tad <tad@spotco.us>
2023-06-17 15:13:54 -04:00
Tad
a07133a064
Update CVE patchers
...
Signed-off-by: Tad <tad@spotco.us>
2023-06-16 11:03:46 -04:00
Tad
ee534ada7f
20.0: bringup lmi/alioth
...
Signed-off-by: Tad <tad@spotco.us>
2023-06-14 22:04:04 -04:00
Tad
7ed06bc763
Remove charge control feature from all devices for now
...
Signed-off-by: Tad <tad@spotco.us>
2023-06-14 01:52:58 -04:00
Tad
0dde119d7e
20.0 June ASB work + churn
...
QPR3 is delayed a week now
Patches pulled from GrapheneOS and checked against CalyxOS
Signed-off-by: Tad <tad@spotco.us>
2023-06-12 21:06:42 -04:00