DivestOS

mirror of https://github.com/Divested-Mobile/DivestOS-Build.git synced 2024-10-01 01:35:54 -04:00

Author	SHA1	Message	Date
Tad	1fde0f9c45	More branch switching, thanks to @syphyr Signed-off-by: Tad <tad@spotco.us>	2023-08-23 11:05:05 -04:00
Tad	7ad46d58f1	Switch to @syphyr's security backport branches Signed-off-by: Tad <tad@spotco.us>	2023-08-18 11:34:39 -04:00
Tad	2142e2e763	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2023-08-17 17:18:10 -04:00
Tad	974878988b	Fixup Will regen later Signed-off-by: Tad <tad@spotco.us>	2023-08-09 00:46:44 -04:00
Tad	51bcf23dac	14.1 August ASB work Signed-off-by: Tad <tad@spotco.us>	2023-08-08 23:41:40 -04:00
Tad	eef09ae519	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2023-08-07 18:07:19 -04:00
Tad	180280b233	Update CVE patchers TODO: adjust min version of CVE-2023-4132 Signed-off-by: Tad <tad@spotco.us>	2023-08-04 21:00:29 -04:00
Tad	73414e76d2	Update CVE patchers two lpes Signed-off-by: Tad <tad@spotco.us>	2023-07-25 12:04:05 -04:00
Tad	e408e7e19a	Drop devices with newer versions available 14.1: clark 15.1: deb, flo, hammerhead, shamu, ether 16.0: hammerhead 19.1: alioth Signed-off-by: Tad <tad@spotco.us>	2023-07-22 19:17:42 -04:00
Tad	fbf6058e65	18.1: unofficial hammerhead bringup by @z3DD3r not broken like 16.0 and way more updated than 15.1 Signed-off-by: Tad <tad@spotco.us>	2023-07-22 19:06:23 -04:00
Tad	0f9a2c7aea	Less aggressive low_ram enablement 14.1 <2GB 15.1 <2GB 16.0 <2GB 17.1 <3GB 18.1 <3GB 19.1 <4GB 20.0 <4GB Signed-off-by: Tad <tad@spotco.us>	2023-07-17 18:44:56 -04:00
Tad	b6308caa37	Update CVE patchers TODO: enable CVE-2023-31084/4.4 Signed-off-by: Tad <tad@spotco.us>	2023-07-15 21:22:18 -04:00
Tad	1c9076fffe	KSM tuning - Only enable on Linux 3.0 through 4.9 - Always enable defer option - Only run twice a second, instead of fifty times a second Signed-off-by: Tad <tad@spotco.us>	2023-07-14 20:27:10 -04:00
Tad	15de8ed2e8	Expand the low_ram coverage As follows 14.1 <3GB 15.1 <3GB 16.0 <3GB 17.1 <3GB 18.1 <4GB 19.1 <6GB 20.0 <6GB Signed-off-by: Tad <tad@spotco.us>	2023-07-13 18:31:03 -04:00
Tad	2651f33e5c	ASB cherrypicks Signed-off-by: Tad <tad@spotco.us>	2023-07-07 13:44:00 -04:00
Tad	a1a3cbb94e	Fix overlay conflicts Should mostly fix https://github.com/Divested-Mobile/DivestOS-Build/issues/219 Signed-off-by: Tad <tad@spotco.us>	2023-07-06 14:51:40 -04:00
Tad	2e2ac4557d	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2023-06-26 19:41:11 -04:00
Tad	cda898f141	Certificate Authority store updates - Remove some untrustworthy CAs - Update CA store for all branches to aosp/e302aa968334b3c3fc9cd709a7c7661e0cf534eb Signed-off-by: Tad <tad@spotco.us>	2023-06-17 15:13:54 -04:00
Tad	41e2669884	17.1: switch to flamefire's ASB topics This gets us ~9 extra patches Signed-off-by: Tad <tad@spotco.us>	2023-06-17 15:13:46 -04:00
Tad	a07133a064	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2023-06-16 11:03:46 -04:00
Tad	e7b390d7e6	Picks https://review.lineageos.org/q/topic:%22n-asb-2023-06%22 Signed-off-by: Tad <tad@spotco.us>	2023-06-09 21:59:53 -04:00
Tad	2ee99fe3ef	Update CVE patchers CVE-2020-36694 appears to be a duplicate of CVE-2021-29650 Signed-off-by: Tad <tad@spotco.us>	2023-06-01 21:12:08 -04:00
Tad	59bda0360e	Fixes Signed-off-by: Tad <tad@spotco.us>	2023-05-30 13:59:28 -04:00
Tad	cd0a29d69b	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2023-05-12 23:28:44 -04:00
Tad	2717b1aad7	14.1: Switch n51xx to -userdebug like i93xx For https://github.com/Divested-Mobile/DivestOS-Build/issues/209 Signed-off-by: Tad <tad@spotco.us>	2023-05-08 22:19:48 -04:00
Tad	0004c224cf	Picks Signed-off-by: Tad <tad@spotco.us>	2023-05-06 00:15:27 -04:00
Tad	6d2a255eef	Remove User-Agent (and serial) from source built libloc Signed-off-by: Tad <tad@spotco.us>	2023-05-05 22:27:27 -04:00
Tad	c544c28b94	Prevent Qualcomm location stack from reading chipset serial number The deblobber already removes xtra-daemon which is what actually performs the requests. This is just extra sanctity. Signed-off-by: Tad <tad@spotco.us>	2023-05-03 21:41:20 -04:00
Tad	366b4eb5ef	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2023-05-02 18:01:39 -04:00
Tad	39b0c9e036	Remove broken emoji updates Signed-off-by: Tad <tad@spotco.us>	2023-05-02 15:31:57 -04:00
Tad	7b2eb1079a	Update emoji list in LatinIME too and disable tested not working on 15.1 shows as cross boxes or double characters Signed-off-by: Tad <tad@spotco.us>	2023-04-29 16:56:13 -04:00
Tad	86b7525400	Update the emojis, untested Signed-off-by: Tad <tad@spotco.us>	2023-04-29 16:17:00 -04:00
Tad	47136145e5	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2023-04-23 23:20:36 -04:00
Tad	9ba61642de	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2023-04-17 23:19:28 -04:00
Tad	ed25b69f5f	Pull in n-asb-2023-04 Signed-off-by: Tad <tad@spotco.us>	2023-04-12 15:30:59 -04:00
Tad	9a97c7013b	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2023-04-05 12:43:36 -04:00
Tad	750f244304	Updates, logging, and churn also add an extra March ASB patch for 17.1 Signed-off-by: Tad <tad@spotco.us>	2023-03-31 12:38:46 -04:00
Tad	790eeebc90	14/15 extra March patch Signed-off-by: Tad <tad@spotco.us>	2023-03-25 20:35:40 -04:00
Tad	8bcb5c734d	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2023-03-17 19:27:22 -04:00
Tad	38626e1b0c	Picks + Fixes Signed-off-by: Tad <tad@spotco.us>	2023-03-14 16:58:27 -04:00
Tad	162b40a39d	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2023-03-13 18:13:54 -04:00
Tad	ef2fdb1d3e	More handling improvements Signed-off-by: Tad <tad@spotco.us>	2023-03-08 16:14:51 -05:00
Tad	0b294c1601	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2023-03-08 16:01:49 -05:00
Tad	5d0ab40f0b	Robustness improvements Signed-off-by: Tad <tad@spotco.us>	2023-03-08 01:14:06 -05:00
Tad	6ba784ac33	Some actual error handling 1/n Signed-off-by: Tad <tad@spotco.us>	2023-03-08 00:03:23 -05:00
Tad	097019193e	Don't bail when devices are missing Signed-off-by: Tad <tad@spotco.us>	2023-03-07 23:41:27 -05:00
Tad	804786aa23	Update CVE patchers Fixes https://github.com/Divested-Mobile/DivestOS-Build/issues/193 Signed-off-by: Tad <tad@spotco.us>	2023-03-06 19:54:15 -05:00
Tad	a845f59546	Fixup persistent IPv6 privacy address issue + churn Backports of rfc4941bis from Google/Linaro and workaround for legacy kernels from GrapheneOS already has rfc4941bis patch: fairphone_sdm632 google_gs101 google_gs201 google_msm-4.14 google_msm-4.9 google_redbull oneplus_sdm845 razer_sdm845 xiaomi_sdm845 Signed-off-by: Tad <tad@spotco.us>	2023-02-11 20:26:24 -05:00
Tad	0e9599af6d	Fixup Signed-off-by: Tad <tad@spotco.us>	2023-02-09 22:46:42 -05:00
Tad	046f35c66c	Picks Signed-off-by: Tad <tad@spotco.us>	2023-02-08 15:00:42 -05:00
Tad	fa067a3f89	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2023-02-06 23:06:34 -05:00
Tad	dc853bfdae	WebView: Switch to dedicated package name And remove the F-Droid repo for it, will be moved to the 'DivestOS Official' repo This simplifies release management and also allows other systems to benefit from the repo Downside is users who don't update to this build won't receive any updates for it anymore Signed-off-by: Tad <tad@spotco.us>	2023-02-02 17:17:30 -05:00
Tad	20c4e75fe1	Fixes Signed-off-by: Tad <tad@spotco.us>	2023-02-01 18:30:29 -05:00
Tad	4f6e21d7f9	Deduplicate Defaults.sh Signed-off-by: Tad <tad@spotco.us>	2023-02-01 15:57:13 -05:00
Tad	af3fe9776b	Small updates Signed-off-by: Tad <tad@spotco.us>	2023-02-01 15:19:21 -05:00
Tad	1511176a07	Update CVE patchers Maybe some breakage Signed-off-by: Tad <tad@spotco.us>	2023-01-28 20:33:44 -05:00
Tad	da1df44c8f	GrapheneOS kernel hardening patches update Maybe some compile breakage Signed-off-by: Tad <tad@spotco.us>	2023-01-24 19:03:01 -05:00
Tad	9558a7d0e9	Switch to the Broadcom PSDS server for Pixel 6/7 series Instead of agnss.goog cache Based off of a patch from GrapheneOS Signed-off-by: Tad <tad@spotco.us>	2023-01-21 04:08:26 -05:00
Tad	626821d12d	Use HTTPS for GLPals Signed-off-by: Tad <tad@spotco.us>	2023-01-20 21:22:16 -05:00
Tad	5ce2d33162	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2023-01-18 14:13:33 -05:00
Tad	b82427ce5b	Conservative reverse loose versioning for 3.10 This applies 3.4 patches to 3.10 if no other match is available Note: CVE-2017-13245/3.4/0002.patch ends up applied over CVE-2018-10902/3.18/0003.patch Signed-off-by: Tad <tad@spotco.us>	2023-01-13 15:51:46 -05:00
Tad	14f40e024f	Update CVE patchers This adds loose versioning applying 4.14 patches to 4.9 Signed-off-by: Tad <tad@spotco.us>	2023-01-13 13:23:12 -05:00
Tad	efa31534a9	Picks Signed-off-by: Tad <tad@spotco.us>	2023-01-07 10:52:03 -05:00
Tad	06eed1fba9	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-12-31 21:41:46 -05:00
Tad	7d6b8e3aeb	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-12-22 11:33:47 -05:00
Tad	b5bc269743	SBC dualchannel picks Signed-off-by: Tad <tad@spotco.us>	2022-12-18 21:47:22 -05:00
Tad	03293f6b52	Fixup Messy, but better to have CVE-2022-42896 applied to some 3.18 kernels Signed-off-by: Tad <tad@spotco.us>	2022-12-17 00:42:25 -05:00
Tad	c2fc228f3b	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-12-16 22:06:13 -05:00
Tad	63cbd1f483	14.1 December ASB, thanks to @syphyr Signed-off-by: Tad <tad@spotco.us>	2022-12-10 20:17:48 -05:00
Tad	038fca449b	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-11-30 08:28:40 -05:00
Tad	fd0e3e8117	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-11-22 07:11:30 -05:00
Tad	c4fe56a307	Update CVE patchers This fixes CVE-2018-9422 which was primarily added via `b56fabac` May still need to be fixed: 16.0/kernel_google_yellowstone 16.0/kernel_xiaomi_msm8937 Signed-off-by: Tad <tad@spotco.us>	2022-11-21 08:39:10 -05:00
Tad	9d1efb33c3	More 14.1 picks + 15.1 November ASB work Signed-off-by: Tad <tad@spotco.us>	2022-11-13 23:21:41 -05:00
Tad	14f7f1db32	Updates + Churn Signed-off-by: Tad <tad@spotco.us>	2022-11-13 02:06:05 -05:00
Tad	b81d39c969	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-11-11 16:05:22 -05:00
Tad	27395374e1	Fixup + Churn Signed-off-by: Tad <tad@spotco.us>	2022-11-11 13:54:57 -05:00
Tad	8bfedda18b	14/15/16: Fix compile failure with modern kernels https://android-review.googlesource.com/c/platform/art/+/2226578 https://groups.google.com/g/Android-building/c/ZfUQQWt_ABI Signed-off-by: Tad <tad@spotco.us>	2022-11-10 18:26:36 -05:00
Tad	8d4d73d65c	Picks Signed-off-by: Tad <tad@spotco.us>	2022-11-09 18:11:48 -05:00
Tad	ac3dc319c7	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-11-07 15:51:17 -05:00
Tad	7fb334d825	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-11-03 13:25:38 -04:00
Tad	c051cb282d	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-10-22 21:39:01 -04:00
Tad	148df59b7e	Cleanup: Drop UnifiedNlp, FDroidPrivExt, and Silence These haven't been included for a while +remove some old cruft from 20.0 Signed-off-by: Tad <tad@spotco.us>	2022-10-19 12:15:24 -04:00
Tad	055ed9bfad	20.0: Initial bringup Signed-off-by: Tad <tad@spotco.us>	2022-10-15 10:39:48 -04:00
Tad	e7968e1269	Picks + Churn Signed-off-by: Tad <tad@spotco.us>	2022-10-09 16:35:12 -04:00
Tad	bf66d5db45	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-10-03 20:59:55 -04:00
Tad	d78121a1c0	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-10-03 10:22:17 -04:00
Tad	598d78bb61	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-09-25 13:49:45 -04:00
Tad	202033c013	Pull in old cherrypicks + 5 missing patches from syphyr This adds 3 expat patches for n-asb-2022-09 from https://github.com/syphyr/android_external_expat/commits/cm-14.1 and also applies 2 of them to 15.1 Signed-off-by: Tad <tad@spotco.us>	2022-09-11 14:02:35 -04:00
Tad	e5eb67f77d	Picks Signed-off-by: Tad <tad@spotco.us>	2022-09-08 16:07:23 -04:00
Tad	2bc43f195c	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-09-07 10:04:28 -04:00
Tad	b6e9f50cb5	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-09-04 14:05:36 -04:00
Tad	5fe5a4f898	Compile fixes Signed-off-by: Tad <tad@spotco.us>	2022-08-29 14:26:47 -04:00
Tad	86ed884251	More verification Signed-off-by: Tad <tad@spotco.us>	2022-08-26 23:14:15 -04:00
Tad	3618774d9f	GPG verification for all platform repositories Signed-off-by: Tad <tad@spotco.us>	2022-08-26 22:40:27 -04:00
Tad	adb61b0fb2	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-08-26 12:15:45 -04:00
Tad	d8d8e457a1	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-08-21 10:44:12 -04:00
Tad	7918347d1c	Updates - Add a script to update commons like APNs, VVM configs, and contributors cloud - Add the latest contributors cloud to all branches - Update wireless-regdb to 2022.08.12 release - Add some shell opts to some scripts Signed-off-by: Tad <tad@spotco.us>	2022-08-15 16:37:42 -04:00
Tad	cf019edef9	Fixes Signed-off-by: Tad <tad@spotco.us>	2022-08-13 18:54:50 -04:00
Tad	8b67d5c41e	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-08-10 22:02:37 -04:00
Tad	12c56938cb	Improve CVE-2021-1048 patching on 3.x kernels It is still actively being used by malware. This largely handles 3.0, 3.4, and 3.10 kernels. It works for select 3.18 kernels too. TODO: need alternate get_file_rcu backport for the following: 15.1/lge_msm8996 15.1/zte_msm8996 16.0/xiaomi_msm8937 17.1/motorola_msm8996 18.1/google_marlin 18.1/lge_msm8996 18.1/oneplus_msm8996 Signed-off-by: Tad <tad@spotco.us>	2022-08-09 21:39:25 -04:00
Tad	e0b57197ea	Churn Signed-off-by: Tad <tad@spotco.us>	2022-08-06 11:30:49 -04:00
Tad	31a67f054d	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-08-04 11:12:40 -04:00
Tad	178f01958d	Cherrypicks Signed-off-by: Tad <tad@spotco.us>	2022-08-02 19:39:09 -04:00
Tad	2b299c1aff	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-07-21 21:28:26 -04:00
Tad	d3632c25ce	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-07-07 21:47:59 -04:00
Tad	22f915cc3e	Cherrypicks Signed-off-by: Tad <tad@spotco.us>	2022-07-07 18:59:37 -04:00
Tad	2c27a88a24	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-07-06 19:22:21 -04:00
Tad	7b8ef09540	Update CVE patchers Effectively no changes Signed-off-by: Tad <tad@spotco.us>	2022-07-04 18:30:09 -04:00
Tad	ac645dd62e	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-06-28 11:32:05 -04:00
Tad	519a474173	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-06-19 22:44:05 -04:00
Tad	70b8485695	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-06-09 17:59:48 -04:00
Tad	c092b13a44	Restore star*lte Signed-off-by: Tad <tad@spotco.us>	2022-06-08 22:55:00 -04:00
Tad	2bf84a7643	Increase default max password length to 64, credit GrapheneOS Closes https://github.com/Divested-Mobile/DivestOS-Build/pull/119 Closes https://github.com/Divested-Mobile/DivestOS-Build/issues/27 Signed-off-by: Tad <tad@spotco.us>	2022-06-07 15:33:38 -04:00
Tad	899ea17d4e	Add the missing page sanitization to 3.18 kernels All along they only had slub sanization :( Signed-off-by: Tad <tad@spotco.us>	2022-06-04 12:00:01 -04:00
Tad	92c66447f8	Drop slub_debug What is lost? - sanity checks and redzoning on all devices - redzoning reportedly however causes issues on some devices such as the Pixel 3/4 and OnePlus 7 - slub sanization on 3.0, 3.4, 4.4 (except google/wahoo), xiaomi/sm6150, and oneplus/sm7250 Note: all 3.4+ devices still have page sanization Signed-off-by: Tad <tad@spotco.us>	2022-06-03 13:58:17 -04:00
Tad	da63c9e571	Various small patches `7408144e1b` > extend Network/Sensors permission handling for legacy apps not targeting Android 6 > or above (API 23) to resolve a UI issue where the user choosing to grant the > Network/Sensors permissions via the legacy permission review interface doesn't > appear in the Settings app info page `22d32cb61b` suppresses https://github.com/Divested-Mobile/DivestOS-Build/discussions/112 `66f406b979` `3f69205d06` nice to have Signed-off-by: Tad <tad@spotco.us>	2022-06-02 23:17:05 -04:00
Tad	6d95c231bc	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-05-31 21:29:22 -04:00
Tad	735c9e0de8	Revert `5d57bf13` I don't trust enabling MODULES won't cause weird inane breakage on these legacy devices Signed-off-by: Tad <tad@spotco.us>	2022-05-27 23:46:57 -04:00
Tad	5d57bf13c4	Compile fixes The backported fix for CVE-2021-39713 requires CONFIG_MODULES=y MODULES is default enabled, but some kernels are mutilated and break with it on Signed-off-by: Tad <tad@spotco.us>	2022-05-26 22:36:22 -04:00
Tad	28724c4a6e	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-05-25 22:52:22 -04:00
Tad	2c4caa30a1	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-05-24 00:36:49 -04:00
Tad	e8bc36af04	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-05-20 17:16:29 -04:00
Tad	c4400a9a6f	Pick Signed-off-by: Tad <tad@spotco.us>	2022-05-09 22:16:00 -04:00
Tad	b2eb3c01b4	Update CVE patchers Newly added CVE-2022-20009 is dupe with CVE-2022-25258 and CVE-2022-25375 Signed-off-by: Tad <tad@spotco.us>	2022-05-03 23:33:17 -04:00
Tad	9c549763a4	Tiny tweak Signed-off-by: Tad <tad@spotco.us>	2022-05-03 21:11:05 -04:00
Tad	65883d9bc4	2022 Signed-off-by: Tad <tad@spotco.us>	2022-05-01 01:13:49 -04:00
Tad	3316cc4824	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-04-27 07:46:22 -04:00
Tad	3457fd4151	Device cleanup Drop long non-compiling devices: - 14.1: n7100, jellypro - 15.1: himaul, oneplus2 - 16.0: zenfone3, fugu - 17.1: yellowstone, fugu - 18.1: bonito, sargo Drop in favor of 19.1: - 17.1: bonito, sargo - 18.1: pro1, aura, sunfish, coral, flame, bramble, redfin (experimental, but these devices don't currently appear to have any users) Signed-off-by: Tad <tad@spotco.us>	2022-04-26 15:19:57 -04:00
Tad	1f721c7845	Further credit patches Signed-off-by: Tad <tad@spotco.us>	2022-04-19 23:52:10 -04:00
Tad	e666a4a891	Update CVE patchers TODO: maybe split CVE-2022-23960/4.9 to get back? Signed-off-by: Tad <tad@spotco.us>	2022-04-19 14:38:44 -04:00
Tad	d4dceffa60	Update supported kernels to latest wireless regulations database Applies for ~43 kernel trees Source: wireless-regdb-2022.04.08 Signed-off-by: Tad <tad@spotco.us>	2022-04-19 11:30:57 -04:00
Tad	163a162568	Fix boot animation + churn Signed-off-by: Tad <tad@spotco.us>	2022-04-18 23:04:24 -04:00
Tad	4b6a86a473	Add missing device variants Signed-off-by: Tad <tad@spotco.us>	2022-04-14 19:47:21 -04:00
Tad	be6b03fe96	Churn Signed-off-by: Tad <tad@spotco.us>	2022-04-13 14:54:08 -04:00
Tad	42c9d22de9	Default disable exec spawning Change the property too, so it takes effect next update. Since 16.0 lacks a toggle, this effectively disables the feature for it. Even devices with 4GB of RAM have usability severely impacted. Plus some other tweaks/churn Signed-off-by: Tad <tad@spotco.us>	2022-04-12 17:58:04 -04:00
Tad	30de608a61	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-04-12 02:51:44 -04:00
Tad	f747fb36e5	Various Signed-off-by: Tad <tad@spotco.us>	2022-04-08 16:55:30 -04:00
Tad	a9e250afd9	Cleanup Signed-off-by: Tad <tad@spotco.us>	2022-04-07 00:37:20 -04:00
Tad	b464106cc5	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-04-04 15:51:23 -04:00
Tad	6c5a65622c	Page sanitization improvements This ensures init_on_alloc/free is used instead of page poisioning where available. 3.4 through 3.18 have a patch without a toggle for page sanitization. Signed-off-by: Tad <tad@spotco.us>	2022-04-02 12:57:17 -04:00
Tad	01900ca1c6	Reverts WebView overlay is breaking boot on 15.1??? This reverts commit `e61e288b4a`.	2022-04-01 17:07:27 -04:00
Tad	3f9b346345	Fix boot breakage On devices with quota enabled and impacted by this patch Signed-off-by: Tad <tad@spotco.us>	2022-04-01 10:30:30 -04:00
Tad	e26908b9e0	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-03-31 21:30:56 -04:00
Tad	19b03c9ff4	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-03-28 17:43:48 -04:00
Tad	a56e3a3016	Disable the bionic hardening patchset to fix boot issues 10+4 devices tested working with bionic hardening patches enabled but hammerhead and shamu do not boot... 2 of the patches were already found to have issues and disabled 3 other patches were ruled out: - Stop implicitly marking mappings as mergeable - Make __stack_chk_guard read-only at runtime - On 64-bit, zero the leading stack canary byte Leaves 11+1 patches remaining that need to be tested But I don't have either of the two known impacted devices. Signed-off-by: Tad <tad@spotco.us>	2022-03-19 16:19:00 -04:00
Tad	3207cde72e	Small tweaks Signed-off-by: Tad <tad@spotco.us>	2022-03-19 12:41:49 -04:00
Tad	09353cdcd2	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-03-18 00:07:18 -04:00
Tad	e61e288b4a	Optionally allow the official Bromite WebView to be used, credit @MSe1969 This also replaces the overrides for all versions And should allow the Google WebView on 14/15/16 And lastly only leaves the bundled version as default This is a merge of the LineageOS 14/15/16 and 17/18 overlay With the addition of the Bromite signature from @MSe1969 Signed-off-by: Tad <tad@spotco.us>	2022-03-14 22:59:40 -04:00
Tad	f65c7a4ccd	Tweaks Signed-off-by: Tad <tad@spotco.us>	2022-03-12 11:48:23 -05:00
Tad	015799737e	Update CVE patchers Signed-off-by: Tad <tad@spotco.us>	2022-03-09 17:16:47 -05:00

1 2 3 4 5 ...

937 Commits