Git-Mirrors/DivestOS
1
0
Fork 0
mirror of https://github.com/Divested-Mobile/DivestOS-Build.git synced 2024-07-01 17:11:41 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,968 Commits 1 Branch 0 Tags 89 MiB
fbf6058e65
Commit Graph

1756 Commits

Author SHA1 Message Date
Tad
a3015c3ad0
Fixup 
Signed-off-by: Tad <tad@spotco.us>
 2022-12-26 16:12:03 -05:00
Tad
06254708be
Many fixes to get bluejay booting & working proper 
- Enable APEX for Pixel 6/7, necessary for camera and pKVM
  - Also drop hack removing pKVM for Pixel 6/7
  - patch from GrapheneOS

- Extend hmalloc workaround to /apex

- Deblobber:
  - actually handle wildcard f/w/b overlays
  - move some stuff around
  - remove some more Pixel blobs
  - flag and disable removal of camera extensions, being able to use the second camera is nice

- Adjust what hardenDefconfig disables, caused boot issues
  minimal impact as most of these are already default-disabled
  can be narrowed down in future

- Disable some of the bionic hardening patches, causing more boot issues
  annoying to lose, but having a phone that boots is more important

- Add LTE only mode to 17.1, 18.1, 19.1, and 20.0, credit GrapheneOS

- Remove Pixel 2 ramdisk compression reverts, fixed upstream

And yes, I know I should've split up this commit...

Signed-off-by: Tad <tad@spotco.us>
 2022-12-25 13:21:37 -05:00
Tad
751d1e8d72
Misc patches 
- 20.0: updated and enabled burnIn patch
- 19.1: fixup apps having data restrictions wrongly applied

Signed-off-by: Tad <tad@spotco.us>
 2022-12-23 10:09:37 -05:00
Tad
7d6b8e3aeb
Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-12-22 11:33:47 -05:00
Tad
82d2066021
Disable removal of aptX 
Bluetooth audio is already awful enough, let's not make it worse

Signed-off-by: Tad <tad@spotco.us>
 2022-12-18 22:58:21 -05:00
Tad
b5bc269743
SBC dualchannel picks 
Signed-off-by: Tad <tad@spotco.us>
 2022-12-18 21:47:22 -05:00
Tad
7277291dd7
Churn 
Signed-off-by: Tad <tad@spotco.us>
 2022-12-18 21:46:00 -05:00
Tad
03293f6b52
Fixup 
Messy, but better to have CVE-2022-42896 applied to *some* 3.18 kernels

Signed-off-by: Tad <tad@spotco.us>
 2022-12-17 00:42:25 -05:00
Tad
77085c00f7
19.1: drop some devices in favor of 20.0 
Signed-off-by: Tad <tad@spotco.us>
 2022-12-16 22:10:31 -05:00
Tad
c2fc228f3b Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-12-16 22:06:13 -05:00
Tad
23a723feb1
Pixel 6/7 compiling 
Signed-off-by: Tad <tad@spotco.us>
 2022-12-16 03:34:58 -05:00
Tad
ad5de60266
More Pixel 6/7 work 
compiles, but fails to generate release due to pvmfw failure

Signed-off-by: Tad <tad@spotco.us>
 2022-12-15 20:49:30 -05:00
Tad
4f1c1b343c
Update commons 
Signed-off-by: Tad <tad@spotco.us>
 2022-12-15 17:45:18 -05:00
Tad
684f4f68f0
Fixup license 
Signed-off-by: Tad <tad@spotco.us>
 2022-12-15 17:39:21 -05:00
Tad
f1b5a8239f
Fix 
Signed-off-by: Tad <tad@spotco.us>
 2022-12-14 22:52:32 -05:00
Tad
7f8ea96535
Pixel 6/7 prep + fixes 
These still need defconfig and deblobber handling

All of these sections were reviewed & sorted

Signed-off-by: Tad <tad@spotco.us>
 2022-12-14 22:23:31 -05:00
Tad
1eb373d1e0
15.1 December ASB work 
Signed-off-by: Tad <tad@spotco.us>
 2022-12-12 21:01:34 -05:00
Tad
5e918c5506
Picks 
Signed-off-by: Tad <tad@spotco.us>
 2022-12-12 19:30:56 -05:00
Tad
7dc3b8ef69
Tiny update 
Signed-off-by: Tad <tad@spotco.us>
 2022-12-11 19:25:10 -05:00
Tad
26f301bd91
Maybe not necessary 
Sync with GrapheneOS/script

Signed-off-by: Tad <tad@spotco.us>
 2022-12-11 10:20:19 -05:00
Tad
29c9826c11
20.0: QPR1 churn 
Signed-off-by: Tad <tad@spotco.us>
 2022-12-10 20:57:17 -05:00
Tad
b78f573eb9
Fixes 
Signed-off-by: Tad <tad@spotco.us>
 2022-12-10 20:30:22 -05:00
Tad
63cbd1f483
14.1 December ASB, thanks to @syphyr 
Signed-off-by: Tad <tad@spotco.us>
 2022-12-10 20:17:48 -05:00
Tad
abb616d2f3
Updates 
Signed-off-by: Tad <tad@spotco.us>
 2022-12-09 17:23:20 -05:00
Tad
ce47fdae34
Small updates + Picks 
Signed-off-by: Tad <tad@spotco.us>
 2022-12-07 18:41:50 -05:00
Tad
a62922e72d
Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-12-06 15:00:40 -05:00
Tad
0aa4fd0fc3
Update CVE patchers 
Appears I skipped 20.0 by accident last update

Signed-off-by: Tad <tad@spotco.us>
 2022-12-05 14:23:06 -05:00
Tad
3c8c235758
Ugly workaround 
For bug exposed after:
https://review.lineageos.org/c/LineageOS/android_frameworks_base/+/344890

Signed-off-by: Tad <tad@spotco.us>
 2022-12-03 23:58:36 -05:00
Tad
178e127338
Small tweaks + churn 
Fixes recovery not booting on 20.0

Signed-off-by: Tad <tad@spotco.us>
 2022-12-03 16:19:31 -05:00
Tad
038fca449b
Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-11-30 08:28:40 -05:00
Tad
680bf51e05
Ugly hack 
Signed-off-by: Tad <tad@spotco.us>
 2022-11-22 07:24:21 -05:00
Tad
fd0e3e8117
Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-11-22 07:11:30 -05:00
Tad
c4fe56a307
Update CVE patchers 
This fixes CVE-2018-9422 which was primarily added via b56fabac

May still need to be fixed:
16.0/kernel_google_yellowstone
16.0/kernel_xiaomi_msm8937

Signed-off-by: Tad <tad@spotco.us>
 2022-11-21 08:39:10 -05:00
Tad
7f24df22f7 Small updates 
Signed-off-by: Tad <tad@spotco.us>
 2022-11-21 06:09:29 -05:00
Tad
ad5f2d7bfa
Fix firmware flash denial for OP7 series 
Signed-off-by: Tad <tad@spotco.us>
 2022-11-16 18:42:17 -05:00
Tad
9d1efb33c3
More 14.1 picks + 15.1 November ASB work 
Signed-off-by: Tad <tad@spotco.us>
 2022-11-13 23:21:41 -05:00
Tad
14f7f1db32
Updates + Churn 
Signed-off-by: Tad <tad@spotco.us>
 2022-11-13 02:06:05 -05:00
Tad
b81d39c969
Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-11-11 16:05:22 -05:00
Tad
27395374e1
Fixup + Churn 
Signed-off-by: Tad <tad@spotco.us>
 2022-11-11 13:54:57 -05:00
Tad
8bfedda18b
14/15/16: Fix compile failure with modern kernels 
https://android-review.googlesource.com/c/platform/art/+/2226578
https://groups.google.com/g/Android-building/c/ZfUQQWt_ABI

Signed-off-by: Tad <tad@spotco.us>
 2022-11-10 18:26:36 -05:00
Tad
8d4d73d65c
Picks 
Signed-off-by: Tad <tad@spotco.us>
 2022-11-09 18:11:48 -05:00
Tad
807a08210a
Tweaks 
- 20.0: pick fixes for the deny usb toggle
- 20.0: pull in a patch from GrapheneOS removing a package list leak

Signed-off-by: Tad <tad@spotco.us>
 2022-11-07 20:30:36 -05:00
Tad
ac3dc319c7
Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-11-07 15:51:17 -05:00
Tad
b9f4074226 20.0: disable the broken monet toggle patch 
Has some weird inconsistencies

Signed-off-by: Tad <tad@spotco.us>
 2022-11-03 14:49:28 -04:00
Tad
7fb334d825
Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-11-03 13:25:38 -04:00
Tad
aa4ffdb014
20.0: add taimen/walleye 
not stable yet, ims crashes invoking rescueparty

Signed-off-by: Tad <tad@spotco.us>
 2022-10-31 18:31:55 -04:00
Tad
11780d890f Churn 
Signed-off-by: Tad <tad@spotco.us>
 2022-10-24 22:53:41 -04:00
Tad
c051cb282d Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-10-22 21:39:01 -04:00
Tad
1338c24d9b
Disable CarrierConfig and carrier_list changes 
I've had reports of non-functional SIM and reboots with select carriers on this last update

Signed-off-by: Tad <tad@spotco.us>
 2022-10-20 19:42:01 -04:00
Tad
dfcbf14c17
Churn 
Signed-off-by: Tad <tad@spotco.us>
 2022-10-19 22:13:14 -04:00
Tad
006f128fc5
15.1: October 2022 ASB picks 
Signed-off-by: Tad <tad@spotco.us>
 2022-10-19 16:08:18 -04:00
Tad
6b07bc77a5
Picks 
Signed-off-by: Tad <tad@spotco.us>
 2022-10-19 15:25:56 -04:00
Tad
8ddbd86d44
20.0: more devices 
Signed-off-by: Tad <tad@spotco.us>
 2022-10-19 15:22:20 -04:00
Tad
148df59b7e
Cleanup: Drop UnifiedNlp, FDroidPrivExt, and Silence 
These haven't been included for a while

+remove some old cruft from 20.0

Signed-off-by: Tad <tad@spotco.us>
 2022-10-19 12:15:24 -04:00
Tad
d2096c86d9
Fixup 
Signed-off-by: Tad <tad@spotco.us>
 2022-10-18 22:44:01 -04:00
Tad
0c4db149e1
20.0: Network & Sensors permission from GrapheneOS 
This revokes the permissions to all user installed apps on update.
Likely an expected quirk of being on 20.0 without the permission.
19.1 upgrades and new 20.0 installs should be fine.

TODO: update 19.1 with the SpecialRuntimePermAppUtils too

Signed-off-by: Tad <tad@spotco.us>
 2022-10-18 22:14:56 -04:00
Tad
cdca2c032e
20.0: add barbet 
Signed-off-by: Tad <tad@spotco.us>
 2022-10-17 07:25:53 -04:00
Tad
91b908a78a
20.0: more fixes 
Signed-off-by: Tad <tad@spotco.us>
 2022-10-17 06:39:55 -04:00
Tad
e8248e4938
20.0: fixes + r11 churn 
Signed-off-by: Tad <tad@spotco.us>
 2022-10-16 17:18:06 -04:00
Tad
4524eb43d3
20.0: It boots! 
Signed-off-by: Tad <tad@spotco.us>
 2022-10-16 08:54:04 -04:00
Tad
5b114cacf8
20.0: More fixes 
It compiles, but fails to sign:
> TypeError: cannot use a string pattern on a bytes-like object

Signed-off-by: Tad <tad@spotco.us>
 2022-10-15 17:20:41 -04:00
Tad
5cada3a769
20.0: Fixes 
Signed-off-by: Tad <tad@spotco.us>
 2022-10-15 15:53:17 -04:00
Tad
20cfa30df0
20.0: Initial roster 
Signed-off-by: Tad <tad@spotco.us>
 2022-10-15 14:42:10 -04:00
Tad
055ed9bfad
20.0: Initial bringup 
Signed-off-by: Tad <tad@spotco.us>
 2022-10-15 10:39:48 -04:00
Tad
2acd454f13
Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-10-13 23:42:20 -04:00
Tad
820c47caea
Update Carrier Configs 
CarrierConfig@6563341442262a4b79a4a2674679615f010b9837
TelephonyProvider@20a6228381b3e89e8c0972d115d422c08e0c9adb

Signed-off-by: Tad <tad@spotco.us>
 2022-10-12 21:41:08 -04:00
Tad
e3125dd7de
Update VVM and MMS configs from GrapheneOS 
VVM: 2637686af5
MMS: 0c7e979f05

Signed-off-by: Tad <tad@spotco.us>
 2022-10-12 21:33:47 -04:00
Tad
1543d2dc17
Cleanup 
Missed from 42306525

Signed-off-by: Tad <tad@spotco.us>
 2022-10-12 17:11:40 -04:00
Tad
2166491d5d
Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-10-12 17:11:06 -04:00
Tad
75abc8b9ec
19.1: add a modified patch from GrapheneOS to disable connectivity checks 
This removes their option for their servers

Signed-off-by: Tad <tad@spotco.us>
 2022-10-12 16:14:41 -04:00
Tad
fe95f700d8 Remove the CNE and DPM blobs + churn 
Just say no!

Signed-off-by: Tad <tad@spotco.us>
 2022-10-12 01:23:45 -04:00
Tad
e7968e1269
Picks + Churn 
Signed-off-by: Tad <tad@spotco.us>
 2022-10-09 16:35:12 -04:00
Tad
4230652540
18.1: Drop all devices working on 19.1 
Signed-off-by: Tad <tad@spotco.us>
 2022-10-03 21:10:04 -04:00
Tad
bf66d5db45
Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-10-03 20:59:55 -04:00
Tad
348b392f03
Picks 
Signed-off-by: Tad <tad@spotco.us>
 2022-10-03 10:24:04 -04:00
Tad
d78121a1c0
Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-10-03 10:22:17 -04:00
Tad
c9b14ae70d
Make hardenDefconfig more manageable 
No functional changes

Signed-off-by: Tad <tad@spotco.us>
 2022-10-03 09:04:02 -04:00
Tad
da2e44c5f3
Add back the CNE and DPM blobs + churn 
Signed-off-by: Tad <tad@spotco.us>
 2022-10-02 11:47:58 -04:00
Tad
598d78bb61
Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-09-25 13:49:45 -04:00
Tad
25568706e1
Various 
- Add back the SIM ToolKit app
- 17.1: CarrierConfig testing
- 19.1: Enable op5 firmware inclusion, needs testing
- Don't disable coresight bits on op8, breaks compile
- 19.1: Add a patch from GrapheneOS to display/share logs when a crash happens

Signed-off-by: Tad <tad@spotco.us>
 2022-09-23 22:53:12 -04:00
Tad
411fcc08e1
Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-09-15 14:11:58 -04:00
Tad
eb200546ea
17.1+: Update carrier configs for improved compatibility 
CarrierConfig@c2819f8
TelephonyProvider@af5c1386

Signed-off-by: Tad <tad@spotco.us>
 2022-09-14 14:58:01 -04:00
Tad
4573f6d7c3
Churn 
Signed-off-by: Tad <tad@spotco.us>
 2022-09-13 22:41:48 -04:00
Tad
ec42acceb6
Various fixes from GrapheneOS 
Signed-off-by: Tad <tad@spotco.us>
 2022-09-13 10:24:26 -04:00
Tad
3b0c05fe7c
Pull VVM config from GrapheneOS instead of LineageOS 
79.0.438914483 instead of 72.0.407683083

Signed-off-by: Tad <tad@spotco.us>
 2022-09-13 10:14:05 -04:00
Tad
202033c013
Pull in old cherrypicks + 5 missing patches from syphyr 
This adds 3 expat patches for n-asb-2022-09
from https://github.com/syphyr/android_external_expat/commits/cm-14.1
and also applies 2 of them to 15.1

Signed-off-by: Tad <tad@spotco.us>
 2022-09-11 14:02:35 -04:00
Tad
df3db92d5a
Churn 
Signed-off-by: Tad <tad@spotco.us>
 2022-09-10 22:09:18 -04:00
Tad
e2b314da3c
15.1+16.0: September 2022 ASB picks 
16.0 backports thanks to MSe1969 as usual:
https://github.com/lin16-microg/android_system_bt/commits/lineage-16.0 - last 3 commits
https://github.com/lin16-microg/android_frameworks_base/commits/lineage-16.0 - last 4 commits
https://github.com/lin16-microg/android_external_expat/commits/lineage-16.0 - last 4 commits

Signed-off-by: Tad <tad@spotco.us>
 2022-09-10 18:32:25 -04:00
Tad
e5eb67f77d
Picks 
Signed-off-by: Tad <tad@spotco.us>
 2022-09-08 16:07:23 -04:00
Tad
2bc43f195c
Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-09-07 10:04:28 -04:00
Tad
b6e9f50cb5
Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-09-04 14:05:36 -04:00
Tad
5fe5a4f898
Compile fixes 
Signed-off-by: Tad <tad@spotco.us>
 2022-08-29 14:26:47 -04:00
Tad
e9f124b52d
Fixup 
Signed-off-by: Tad <tad@spotco.us>
 2022-08-27 15:14:07 -04:00
Tad
86ed884251
More verification 
Signed-off-by: Tad <tad@spotco.us>
 2022-08-26 23:14:15 -04:00
Tad
3618774d9f
GPG verification for all platform repositories 
Signed-off-by: Tad <tad@spotco.us>
 2022-08-26 22:40:27 -04:00
Tad
7854c05aa4
Fixup 
Signed-off-by: Tad <tad@spotco.us>
 2022-08-26 20:09:50 -04:00
Tad
da15dc05d5
Fixup 
Signed-off-by: Tad <tad@spotco.us>
 2022-08-26 14:00:52 -04:00
Tad
adb61b0fb2
Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-08-26 12:15:45 -04:00
Tad
c97f8a1b6a
Only enable CONFIG_DEBUG_NOTIFIERS on kernels <=4.9 
OnePlus 9 failed boot kernel log points to this.
GrapheneOS noted this as an inherent issue on the Pixel 4 and 5 too.

Signed-off-by: Tad <tad@spotco.us>
 2022-08-25 15:20:28 -04:00
Tad
4bfedbc42d
Fixup and enable GPG verification 
Signed-off-by: Tad <tad@spotco.us>
 2022-08-24 15:52:55 -04:00
Tad
d8d8e457a1 Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-08-21 10:44:12 -04:00
Tad
6502a36cf1 Fixup 
These scripts aren't expected to be run from a workspace

Signed-off-by: Tad <tad@spotco.us>
 2022-08-15 16:40:32 -04:00
Tad
7918347d1c Updates 
- Add a script to update commons like APNs, VVM configs, and contributors cloud
- Add the latest contributors cloud to all branches
- Update wireless-regdb to 2022.08.12 release
- Add some shell opts to some scripts

Signed-off-by: Tad <tad@spotco.us>
 2022-08-15 16:37:42 -04:00
Tad
a78f9217c6 Fixes 
Signed-off-by: Tad <tad@spotco.us>
 2022-08-14 19:56:28 -04:00
Tad
cf019edef9 Fixes 
Signed-off-by: Tad <tad@spotco.us>
 2022-08-13 18:54:50 -04:00
Tad
ebdf629cbc 15.1 ASB work 
Compile tested

Signed-off-by: Tad <tad@spotco.us>
 2022-08-12 21:10:31 -04:00
Tad
8b67d5c41e Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-08-10 22:02:37 -04:00
Tad
40d7fac99a Churn 
https://github.com/voron00/android_kernel_lge_mako/pull/1

Signed-off-by: Tad <tad@spotco.us>
 2022-08-10 10:57:49 -04:00
Tad
12c56938cb Improve CVE-2021-1048 patching on 3.x kernels 
It is still actively being used by malware.

This largely handles 3.0, 3.4, and 3.10 kernels.
It works for select 3.18 kernels too.

TODO: need alternate get_file_rcu backport for the following:
15.1/lge_msm8996
15.1/zte_msm8996
16.0/xiaomi_msm8937
17.1/motorola_msm8996
18.1/google_marlin
18.1/lge_msm8996
18.1/oneplus_msm8996

Signed-off-by: Tad <tad@spotco.us>
 2022-08-09 21:39:25 -04:00
Tad
b4f17b39cd Make available some additional scripts 
Signed-off-by: Tad <tad@spotco.us>
 2022-08-09 18:50:49 -04:00
Tad
c69d8aec8b Add the wallpaper resize script 
Should probably be moved into a separate branding repo later

Signed-off-by: Tad <tad@spotco.us>
 2022-08-09 13:42:08 -04:00
Tad
4d9a110970 Pick 
Signed-off-by: Tad <tad@spotco.us>
 2022-08-08 18:47:17 -04:00
Tad
0ffbe79e1a FP4 + Churn 
Signed-off-by: Tad <tad@spotco.us>
 2022-08-08 15:02:14 -04:00
Tad
e0b57197ea Churn 
Signed-off-by: Tad <tad@spotco.us>
 2022-08-06 11:30:49 -04:00
Tad
31a67f054d Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-08-04 11:12:40 -04:00
Tad
933f33ba6b Cherrypicks 
Signed-off-by: Tad <tad@spotco.us>
 2022-08-04 09:57:11 -04:00
Tad
162f4f450a 19.1: add FP4 
Signed-off-by: Tad <tad@spotco.us>
 2022-08-03 12:45:26 -04:00
Tad
0d8ab187e3 Revert past two commits 
Disabling extended sizes classes does not appear to have the savings it does on desktop.
Disabling the quarantine isn't acceptable given that default scudo implements it
 2022-08-03 00:24:39 -04:00
Tad
005ef7882a Fixup a00fa234 
This variant passess all tests instead of failing six tests

Signed-off-by: Tad <tad@spotco.us>
 2022-08-02 22:52:42 -04:00
Tad
a00fa2349e Switch to a memory efficient hardened_malloc variant 
This should help 64-bit devices with <4GB RAM substantially, at reduced hardening.

clark for example only has 2.5GB of usable memory and idles at 1.6GB used.
After this change, idle usage drops to 1.1GB!

Signed-off-by: Tad <tad@spotco.us>
 2022-08-02 20:29:10 -04:00
Tad
178f01958d Cherrypicks 
Signed-off-by: Tad <tad@spotco.us>
 2022-08-02 19:39:09 -04:00
Tad
2b299c1aff Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-07-21 21:28:26 -04:00
Tad
a9d90a06b9 Pick 
Signed-off-by: Tad <tad@spotco.us>
 2022-07-15 11:03:41 -04:00
Tad
c08ce75b03 Churn 
Signed-off-by: Tad <tad@spotco.us>
 2022-07-13 10:01:32 -04:00
Tad
717caac5c6 Churn 
Signed-off-by: Tad <tad@spotco.us>
 2022-07-11 18:17:51 -04:00
Tad
1d64c759a5 Fixes 
Signed-off-by: Tad <tad@spotco.us>
 2022-07-10 00:31:44 -04:00
Tad
d3632c25ce Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-07-07 21:47:59 -04:00
Tad
22f915cc3e Cherrypicks 
Signed-off-by: Tad <tad@spotco.us>
 2022-07-07 18:59:37 -04:00
Tad
1165450d18 Fixup 
Signed-off-by: Tad <tad@spotco.us>
 2022-07-07 01:53:45 -04:00
Tad
f07f288e3a Add a toggle for Monet themeing, credit GrapheneOS 
Signed-off-by: Tad <tad@spotco.us>
 2022-07-06 21:13:40 -04:00
Tad
2c27a88a24 Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-07-06 19:22:21 -04:00
Tad
7b8ef09540 Update CVE patchers 
Effectively no changes

Signed-off-by: Tad <tad@spotco.us>
 2022-07-04 18:30:09 -04:00
Tad
d79d1fcba3 19.1: More promotions 
Signed-off-by: Tad <tad@spotco.us>
 2022-07-01 14:17:18 -04:00
Tad
ac645dd62e Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-06-28 11:32:05 -04:00
Tad
519a474173 Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-06-19 22:44:05 -04:00
Tad
4e09464e86 Pick 
Signed-off-by: Tad <tad@spotco.us>
 2022-06-15 17:17:47 -04:00
Tad
11b9ae5bc4 Churn 
Signed-off-by: Tad <tad@spotco.us>
 2022-06-13 21:24:08 -04:00
Tad
d58279e054 Update wireless-regdb to 2022.06.06 release 
Signed-off-by: Tad <tad@spotco.us>
 2022-06-11 10:17:25 -04:00
Tad
70b8485695 Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-06-09 17:59:48 -04:00
Tad
c092b13a44 Restore star*lte 
Signed-off-by: Tad <tad@spotco.us>
 2022-06-08 22:55:00 -04:00
Tad
2bf84a7643 Increase default max password length to 64, credit GrapheneOS 
Closes https://github.com/Divested-Mobile/DivestOS-Build/pull/119
Closes https://github.com/Divested-Mobile/DivestOS-Build/issues/27

Signed-off-by: Tad <tad@spotco.us>
 2022-06-07 15:33:38 -04:00
Tad
492b6ba291 Tweaks 
Exempt the Fused Location Provider:
5f19508083

Bring the hardened malloc camera workaround in tree, it was dropped upstream

Signed-off-by: Tad <tad@spotco.us>
 2022-06-07 15:06:25 -04:00
Tad
27f8663b00 Tweak 
Signed-off-by: Tad <tad@spotco.us>
 2022-06-06 16:58:55 -04:00
Tad
697bed18fb 17.1+18.1: Drop all devices working on 19.1 
Signed-off-by: Tad <tad@spotco.us>
 2022-06-04 14:26:44 -04:00
Tad
1f41b1c498 Churn 
Signed-off-by: Tad <tad@spotco.us>
 2022-06-04 12:55:32 -04:00
Tad
899ea17d4e Add the missing page sanitization to 3.18 kernels 
All along they only had slub sanization :(

Signed-off-by: Tad <tad@spotco.us>
 2022-06-04 12:00:01 -04:00
Tad
3da5613dfc Add unconditional burnin protection on 18.1 and 19.1, credit @arter97 
Also skip the power on animation on 19.1, credit @kdrag0n

Signed-off-by: Tad <tad@spotco.us>
 2022-06-04 10:54:11 -04:00
Tad
5df4058a15 Chrun 
Signed-off-by: Tad <tad@spotco.us>
 2022-06-03 15:14:35 -04:00
Tad
92c66447f8 Drop slub_debug 
What is lost?
- sanity checks and redzoning on all devices
  - redzoning reportedly however causes issues on some devices such as the Pixel 3/4 and OnePlus 7
- slub sanization on 3.0, 3.4, 4.4 (except google/wahoo), xiaomi/sm6150, and oneplus/sm7250

Note: all 3.4+ devices still have page sanization

Signed-off-by: Tad <tad@spotco.us>
 2022-06-03 13:58:17 -04:00
Tad
d3cb12b41b Skip adding slub_debug=P where not needed 
Signed-off-by: Tad <tad@spotco.us>
 2022-06-03 13:39:08 -04:00
Tad
da63c9e571 Various small patches 
7408144e1b
> extend Network/Sensors permission handling for legacy apps not targeting Android 6
> or above (API 23) to resolve a UI issue where the user choosing to grant the
> Network/Sensors permissions via the legacy permission review interface doesn't
> appear in the Settings app info page

22d32cb61b
suppresses https://github.com/Divested-Mobile/DivestOS-Build/discussions/112

66f406b979
3f69205d06
nice to have

Signed-off-by: Tad <tad@spotco.us>
 2022-06-02 23:17:05 -04:00
Tad
e6a7cd6a14 Tiny fix 
Signed-off-by: Tad <tad@spotco.us>
 2022-06-02 21:48:48 -04:00
Tad
aa61367ace Tweaks 
- Disable slub_debug=P for devices with INIT_ON_ALLOC/FREE_DEFAULT_ON
- Disable slub_debug=Z due to known breakage
- Disable many debug options on Linux 4.x and up
- 19.1: fixup missing manifests for vayu :\

Signed-off-by: Tad <tad@spotco.us>
 2022-06-02 17:13:20 -04:00
Tad
0eaca57fa6 19.1: Add OnePlus 8 and 9 series 
Signed-off-by: Tad <tad@spotco.us>
 2022-06-02 11:52:58 -04:00
Tad
0b4c829b74 Fixes 
Signed-off-by: Tad <tad@spotco.us>
 2022-06-01 07:45:19 -04:00
Tad
6d95c231bc Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-05-31 21:29:22 -04:00
Tad
1132b40666 19.1: add alioth, lmi, and vayu 
Signed-off-by: Tad <tad@spotco.us>
 2022-05-31 19:45:44 -04:00
Tad
735c9e0de8 Revert 5d57bf13 
I don't trust enabling MODULES won't cause weird inane breakage on these legacy devices

Signed-off-by: Tad <tad@spotco.us>
 2022-05-27 23:46:57 -04:00
Tad
5d57bf13c4 Compile fixes 
The backported fix for CVE-2021-39713 requires CONFIG_MODULES=y
MODULES is default enabled, but some kernels are mutilated and break with it on

Signed-off-by: Tad <tad@spotco.us>
 2022-05-26 22:36:22 -04:00
Tad
28724c4a6e Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-05-25 22:52:22 -04:00
Tad
2c4caa30a1 Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-05-24 00:36:49 -04:00
Tad
de781e9921 Tweaks 
Signed-off-by: Tad <tad@spotco.us>
 2022-05-23 23:15:27 -04:00
Tad
91953c0a45 Remove more blobs 
Signed-off-by: Tad <tad@spotco.us>
 2022-05-21 13:42:51 -04:00
Tad
1ffaf7fe51 Fix 
Signed-off-by: Tad <tad@spotco.us>
 2022-05-20 17:16:51 -04:00
Tad
e8bc36af04 Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-05-20 17:16:29 -04:00
Tad
e5b0a6a429 Make ZRAM great again 
Signed-off-by: Tad <tad@spotco.us>
 2022-05-18 23:04:01 -04:00
Tad
1ea1ce9bc2 Churn 
Signed-off-by: Tad <tad@spotco.us>
 2022-05-18 12:49:54 -04:00
Tad
991e4c0642 Revert "Revert b5224f0" 
I've triple checked that calls/data work fine without these blobs
and also have another report from walleye as the same.

I have no idea what is happening to those who have SIM issues.

This reverts commit dc392b17b6.
 2022-05-17 18:42:38 -04:00
Tad
dc392b17b6 Revert b5224f0 
Calling and data is tested working on my taimen
But there are multiple reports that say otherwise

Signed-off-by: Tad <tad@spotco.us>
 2022-05-17 10:48:28 -04:00
Tad
df4631a493 Churn 
Signed-off-by: Tad <tad@spotco.us>
 2022-05-15 19:14:55 -04:00
Tad
64b4bbe075 Disable older devices tested/reported working on 19.1 
Signed-off-by: Tad <tad@spotco.us>
 2022-05-15 13:16:36 -04:00
Tad
3114ca7157 19.1: Add the Private DNS presets 
Signed-off-by: Tad <tad@spotco.us>
 2022-05-14 22:34:17 -04:00
Tad
05930af014 Various changes 2022-05-14 21:40:50 -04:00
Tad
3e7b657295 Tweaks 
Signed-off-by: Tad <tad@spotco.us>
 2022-05-13 19:47:43 -04:00
Tad
7a168302cf 19.1: Location indicator exemptions 
Credit/References:
26ddac7988
7370657f85
37e2a4e0bc
a5d43c0157
ac60a2117e

Signed-off-by: Tad <tad@spotco.us>
 2022-05-12 23:25:21 -04:00
Tad
bf7c06105c Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-05-12 22:13:06 -04:00
Tad
4dbab20c06 Churn 
Signed-off-by: Tad <tad@spotco.us>
 2022-05-10 15:32:13 -04:00
Tad
9286bdd258 Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-05-10 15:02:03 -04:00
Tad
c4400a9a6f Pick 
Signed-off-by: Tad <tad@spotco.us>
 2022-05-09 22:16:00 -04:00
Tad
1f807b843f Split 
Signed-off-by: Tad <tad@spotco.us>
 2022-05-09 14:37:22 -04:00
Tad
675b1a5da0 Churn 
Signed-off-by: Tad <tad@spotco.us>
 2022-05-09 12:56:03 -04:00
Tad
df398fd6f5 Various 
Signed-off-by: Tad <tad@spotco.us>
 2022-05-07 20:22:49 -04:00
Tad
bc0a9f79b3 19.1: replace OpenCamera with official prebuilt GrapheneOS Camera 
Benefits over OpenCamera
- QR scanner
- no broken panoroma option
- much simpler and cleaner "just works" interface
- selfie self illumination option, try it!

TODO: consider adding to 17.1 and 18.1

Signed-off-by: Tad <tad@spotco.us>
 2022-05-07 20:22:36 -04:00
Tad
4edfa56f1a Tiny tweak 
Signed-off-by: Tad <tad@spotco.us>
 2022-05-04 11:52:22 -04:00
Tad
b2eb3c01b4 Update CVE patchers 
Newly added CVE-2022-20009 is dupe with CVE-2022-25258 and CVE-2022-25375

Signed-off-by: Tad <tad@spotco.us>
 2022-05-03 23:33:17 -04:00
Tad
9c549763a4 Tiny tweak 
Signed-off-by: Tad <tad@spotco.us>
 2022-05-03 21:11:05 -04:00
Tad
b5224f0c79 Remove the Google carrier blobs 
These were previously removed, and added back after a false report of breakage.

Data and VoLTE tested working on taimen

Signed-off-by: Tad <tad@spotco.us>
 2022-05-03 14:28:51 -04:00
Tad
e38aff581e Small tweaks 
- Remove some more blobs
- 19.1: disable FP animation (jesec)
- 18.1: mata: allow major upgrades (to 19.1) (Updater patch by erfanoabdi)
- mata: disable Vulkan, it doesn't work

Signed-off-by: Tad <tad@spotco.us>
 2022-05-02 15:04:12 -04:00
Tad
8491016b84 19.1: add mata, cheeseburger, dumpling 
Signed-off-by: Tad <tad@spotco.us>
 2022-05-01 10:45:33 -04:00
Tad
65883d9bc4 2022 
Signed-off-by: Tad <tad@spotco.us>
 2022-05-01 01:13:49 -04:00
Tad
0086d97848 Put back slub_debug=Z 
Was removed for testing purposes in bfa18cb1

Signed-off-by: Tad <tad@spotco.us>
 2022-04-30 14:35:27 -04:00
Tad
52c3a55140 Another kernel compile fix 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-29 19:34:34 -04:00
Tad
1b6f6909ad Fix compile on some kernels 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-29 17:25:23 -04:00
Tad
b337aef1bb 19.1: Disable kernel update for op6 
While this works on 18.1, on 19.1 it causes breakage

opening a terminal emulator causes instant panic with no logs

Signed-off-by: Tad <tad@spotco.us>
 2022-04-29 16:38:28 -04:00
Tad
e3ff62cda1 FIX 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-29 15:26:15 -04:00
Tad
bfa18cb176 defconfig tweaks 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-29 14:02:29 -04:00
Tad
36fabeca42 Deblob manifest.xml 
Reverts 766219aa
Fixes https://github.com/Divested-Mobile/DivestOS-Build/issues/55

Signed-off-by: Tad <tad@spotco.us>
 2022-04-29 09:44:36 -04:00
Tad
9875334547 Churn 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-28 20:17:13 -04:00
Tad
5fb67c45ae 19.1: add cheryl 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-28 19:57:49 -04:00
Tad
edfbb8b063 Further ensure oem unlock toggle is available 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-28 08:30:54 -04:00
Tad
766219aabd Don't remove source built ClearKey DRM 
Breaks some Chromium browsers like Brave and Kiwi

Signed-off-by: Tad <tad@spotco.us>
 2022-04-28 08:04:28 -04:00
Tad
e9aa53b640 19.1: add guacamoleb 
skipping 18.1

Signed-off-by: Tad <tad@spotco.us>
 2022-04-27 08:35:48 -04:00
Tad
3316cc4824 Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-27 07:46:22 -04:00
Tad
3457fd4151 Device cleanup 
Drop long non-compiling devices:
- 14.1: n7100, jellypro
- 15.1: himaul, oneplus2
- 16.0: zenfone3, fugu
- 17.1: yellowstone, fugu
- 18.1: bonito, sargo

Drop in favor of 19.1:
- 17.1: bonito, sargo
- 18.1: pro1, aura, sunfish, coral, flame, bramble, redfin
(experimental, but these devices don't currently appear to have any users)

Signed-off-by: Tad <tad@spotco.us>
 2022-04-26 15:19:57 -04:00
Tad
13a9997a0c 19.1: aura and beryllium + some fixes 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-26 11:41:28 -04:00
Tad
4f64f7538c 19.1: Add toggle for /etc/hosts 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-20 22:45:12 -04:00
Tad
9a6c7a2684 18.1: Add toggle for /etc/hosts 
TODO: 19.1 and maybe 17.1

Tested working on klte/18.1

Signed-off-by: Tad <tad@spotco.us>
 2022-04-20 16:40:22 -04:00
Tad
1f721c7845 Further credit patches 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-19 23:52:10 -04:00
Tad
18e97c565d 19.1: missed hosts work 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-19 23:28:05 -04:00
Tad
c5b1cc9a35 Simplify 8e3f0438 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-19 20:23:53 -04:00
Tad
e666a4a891 Update CVE patchers 
TODO: maybe split CVE-2022-23960/4.9 to get back?

Signed-off-by: Tad <tad@spotco.us>
 2022-04-19 14:38:44 -04:00
Tad
8e3f043820 Warn when running activity from 32 bit app on ARM64 devices. 
https://android-review.googlesource.com/c/platform/frameworks/base/+/2003790/
https://github.com/GrapheneOS/platform_frameworks_base/pull/182

Signed-off-by: Tad <tad@spotco.us>
 2022-04-19 12:00:22 -04:00
Tad
d4dceffa60 Update supported kernels to latest wireless regulations database 
Applies for ~43 kernel trees

Source: wireless-regdb-2022.04.08

Signed-off-by: Tad <tad@spotco.us>
 2022-04-19 11:30:57 -04:00
Tad
163a162568 Fix boot animation + churn 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-18 23:04:24 -04:00
Tad
0e1266ac1f Drop Silence 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-16 18:53:00 -04:00
Tad
4b6a86a473 Add missing device variants 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-14 19:47:21 -04:00
Tad
be6b03fe96 Churn 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-13 14:54:08 -04:00
Tad
486e358050 More (disabled) lowram tweaks for <2GB devices 
The inprocess variants make very little reduction and likely reduce security.

Signed-off-by: Tad <tad@spotco.us>
 2022-04-12 20:25:26 -04:00
Tad
42c9d22de9 Default disable exec spawning 
Change the property too, so it takes effect next update.
Since 16.0 lacks a toggle, this effectively disables the feature for it.
Even devices with 4GB of RAM have usability severely impacted.

Plus some other tweaks/churn

Signed-off-by: Tad <tad@spotco.us>
 2022-04-12 17:58:04 -04:00
Tad
81d9923cda Don't disable scudo on lowram devices 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-12 15:01:05 -04:00
Tad
30de608a61 Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-12 02:51:44 -04:00
Tad
d078b24ddb lowram tweaks 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-11 23:40:26 -04:00
Tad
293a4d12f4 Churn 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-10 21:20:55 -04:00
Tad
d50a3a043b Switch 16.0/17.1/18.1 to the more robust GrapheneOS sensors permission patchset 
Like done for 19.1

Signed-off-by: Tad <tad@spotco.us>
 2022-04-10 21:12:03 -04:00
Tad
0895190ffa Icon cache fix 
Lineage overhauled icons and old ones are still showing

Signed-off-by: Tad <tad@spotco.us>
 2022-04-10 18:40:12 -04:00
Simon Brand
882c3083c5 Remove duplicte line in Enable_Verity.sh 2022-04-10 16:38:03 +00:00
Tad
5431edd85b Fix boot issues on select devices after recent AVB changes 
alioth, beryllium, davinci, vayu were tested working without this
lavender however would not boot
lmi was not tested

lavender, unlocked, managed to get into some weird broken state
that won't even boot after this, not even with Lineage or TWRP
:(

enchilada/fajita 18.1 use stock vendor and don't boot either
enchilada is tested booting again after this

Signed-off-by: Tad <tad@spotco.us>
 2022-04-09 18:27:48 -04:00
Tad
f747fb36e5 Various 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-08 16:55:30 -04:00
Tad
7da114e755 Tweaks 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-07 11:01:27 -04:00
Tad
a9e250afd9 Cleanup 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-07 00:37:20 -04:00
Tad
258fe8389b Adjust quick tiles for 12 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-06 22:30:56 -04:00
Tad
fd835ca492 Fixup 5a3c64c1 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-06 21:46:49 -04:00
Tad
2de5521a7c Keystore fix from GrapheneOS 
See:
https://nitter.net/GrapheneOS/status/1510736425259573249
https://github.com/Divested-Mobile/DivestOS-Build/discussions/46#discussioncomment-2520009

Signed-off-by: Tad <tad@spotco.us>
 2022-04-06 21:10:26 -04:00
Tad
5a3c64c178 19.1: oneplus/sdm845: 4.9.227 -> 4.9.282 
Just like 18.1

also .282 is the latest qc/4.9 sadly
AOSP/4.9 can be merged but has charging related tweaks that might break things

Broken:
drivers/char/diag/diagmem.c:184:11: error: cast to smaller integer type 'int' from 'void *'

Signed-off-by: Tad <tad@spotco.us>
 2022-04-06 21:09:43 -04:00
Tad
75f3bfd5d0 19.1: More work 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-06 17:09:14 -04:00
Tad
2d7a34a27d 19.1: Initial roster 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-06 17:04:59 -04:00
Tad
c5477f31dc FIX 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-06 16:30:04 -04:00
Tad
18c840222b Simplify: always nochain 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-06 15:45:20 -04:00
Tad
b026a7811c Actually enforce AVB + signing fixes 
- Turns out AVB was set permissive this entire time :(
  --flags 2 == VERIFICATION_DISABLED
- APEX support from GrapheneOS
- Disable vbmeta chaining like GrapheneOS
  and optionally handle it like CalyxOS

taimen 19.1 boots with locked bootloader successfully after this

Signed-off-by: Tad <tad@spotco.us>
 2022-04-06 15:16:12 -04:00
Tad
d1e441e4cb 19.1: More work 
- Adds hosts cache and wildcard support back
- Fixes broken hardened malloc enablement patch
- Drops FDroidPrivExt, non-functional
- Disables captive portal toggle patch, crashes Settings, needs rework
- Rebranding work
- Attempts to fix no boot animation

Signed-off-by: Tad <tad@spotco.us>
 2022-04-06 02:32:33 -04:00
Tad
3a0659b9d8 19.1: more work, it compiles and boots! 
- Add the manifest
- Add Pixel 2 series
- Add some missing patches
- More DNS files
- Drop Silence in 19.1

Signed-off-by: Tad <tad@spotco.us>
 2022-04-05 23:44:15 -04:00
Tad
1705545d22 19.1: Initial bringup 
TODO:
- manifest
- devices
- a few small patches to rebase

Signed-off-by: Tad <tad@spotco.us>
 2022-04-05 00:44:19 -04:00
Tad
b464106cc5 Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-04 15:51:23 -04:00
Tad
deb183d273 Tiny fix 
One of these might not be necessary

Signed-off-by: Tad <tad@spotco.us>
 2022-04-03 17:33:20 -04:00
Tad
1b83b96807 Simplify 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-02 15:15:30 -04:00
Tad
6c5a65622c Page sanitization improvements 
This ensures init_on_alloc/free is used instead of page poisioning where available.

3.4 through 3.18 have a patch without a toggle for page sanitization.

Signed-off-by: Tad <tad@spotco.us>
 2022-04-02 12:57:17 -04:00
Tad
01900ca1c6 Reverts 
WebView overlay is breaking boot on 15.1???

This reverts commit e61e288b4a.
 2022-04-01 17:07:27 -04:00
Tad
3f9b346345 Fix boot breakage 
On devices with quota enabled and impacted by this patch

Signed-off-by: Tad <tad@spotco.us>
 2022-04-01 10:30:30 -04:00
Tad
e1f5d99e51 Fixes 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-01 08:16:28 -04:00
Tad
987122f99e Churn 
Signed-off-by: Tad <tad@spotco.us>
 2022-04-01 02:12:34 -04:00