From 13a9997a0ce7adc5288b643c33e3fca482cc93f5 Mon Sep 17 00:00:00 2001 From: Tad Date: Mon, 25 Apr 2022 21:27:29 -0400 Subject: [PATCH] 19.1: aura and beryllium + some fixes Signed-off-by: Tad --- Manifests/Manifest_LAOS-18.1.xml | 5 +- Manifests/Manifest_LAOS-19.1.xml | 15 ++++- .../android_bionic/0003-Hosts_Cache.patch | 8 +-- .../0014-Automatic_Reboot.patch | 2 +- .../0015-Bluetooth_Timeout.patch | 2 +- .../0016-WiFi_Timeout.patch | 2 +- .../0012-hosts_toggle.patch | 3 - .../0002-hosts_toggle.patch | 4 +- PrebuiltApps | 2 +- Scripts/Common/Fix_CVE_Patchers.sh | 2 +- Scripts/LineageOS-17.1/Patch.sh | 1 - .../android_kernel_razer_sdm845.sh | 67 +++++++++++++++++++ .../android_kernel_sony_sdm660.sh | 2 +- .../android_kernel_xiaomi_sdm845.sh | 67 +++++++++++++++++++ Scripts/LineageOS-19.1/Functions.sh | 4 +- Scripts/LineageOS-19.1/Patch.sh | 3 +- Scripts/init.sh | 2 +- 17 files changed, 167 insertions(+), 24 deletions(-) create mode 100644 Scripts/LineageOS-19.1/CVE_Patchers/android_kernel_razer_sdm845.sh create mode 100644 Scripts/LineageOS-19.1/CVE_Patchers/android_kernel_xiaomi_sdm845.sh diff --git a/Manifests/Manifest_LAOS-18.1.xml b/Manifests/Manifest_LAOS-18.1.xml index fc6f1bfb..d3a3c076 100644 --- a/Manifests/Manifest_LAOS-18.1.xml +++ b/Manifests/Manifest_LAOS-18.1.xml @@ -66,7 +66,10 @@ --> - + + + + diff --git a/Manifests/Manifest_LAOS-19.1.xml b/Manifests/Manifest_LAOS-19.1.xml index 80bd232e..4c30fdd3 100644 --- a/Manifests/Manifest_LAOS-19.1.xml +++ b/Manifests/Manifest_LAOS-19.1.xml @@ -41,7 +41,10 @@ --> - + + + + @@ -118,6 +121,10 @@ + + + + @@ -129,4 +136,10 @@ + + + + + + diff --git a/Patches/LineageOS-19.1/android_bionic/0003-Hosts_Cache.patch b/Patches/LineageOS-19.1/android_bionic/0003-Hosts_Cache.patch index ceb74978..cadaf0c6 100644 --- a/Patches/LineageOS-19.1/android_bionic/0003-Hosts_Cache.patch +++ b/Patches/LineageOS-19.1/android_bionic/0003-Hosts_Cache.patch @@ -59,10 +59,9 @@ index d0c11d2b0..cc94b21e2 100644 cur = &sentinel; diff --git a/libc/dns/net/hosts_cache.c b/libc/dns/net/hosts_cache.c new file mode 100644 -index 000000000..deafb78b7 --- /dev/null +++ b/libc/dns/net/hosts_cache.c -@@ -0,0 +1,524 @@ +@@ -0,0 +1,520 @@ +/* + * Copyright (C) 2016 The CyanogenMod Project + * @@ -107,10 +106,6 @@ index 000000000..deafb78b7 +#define ESTIMATED_LINELEN 32 +#define HCFILE_ALLOC_SIZE 256 + -+/* From sethostent.c */ -+#define ALIGNBYTES (sizeof(uintptr_t) - 1) -+#define ALIGN(p) (((uintptr_t)(p) + ALIGNBYTES) &~ ALIGNBYTES) -+ +/* + * Host cache entry for hcfile.c_data. + * Offsets are into hcfile.h_data. @@ -617,7 +612,6 @@ index 000000000..fa5488f51 + +int hc_gethtbyname(const char *host, int af, struct getnamaddr *info); diff --git a/libc/dns/net/sethostent.c b/libc/dns/net/sethostent.c -index 483105a95..1399378cd 100644 --- a/libc/dns/net/sethostent.c +++ b/libc/dns/net/sethostent.c @@ -55,6 +55,8 @@ __RCSID("$NetBSD: sethostent.c,v 1.20 2014/03/17 13:24:23 christos Exp $"); diff --git a/Patches/LineageOS-19.1/android_frameworks_base/0014-Automatic_Reboot.patch b/Patches/LineageOS-19.1/android_frameworks_base/0014-Automatic_Reboot.patch index 4e00deb2..9b29ccca 100644 --- a/Patches/LineageOS-19.1/android_frameworks_base/0014-Automatic_Reboot.patch +++ b/Patches/LineageOS-19.1/android_frameworks_base/0014-Automatic_Reboot.patch @@ -13,7 +13,7 @@ Change-Id: If891bfbcc144c9336ba013260bad2b7c7a59c054 4 files changed, 46 insertions(+) diff --git a/core/java/android/provider/Settings.java b/core/java/android/provider/Settings.java -index 01e369779e1e..52103c3a3f99 100644 +index dd5776a51f94..87ed442b0f79 100644 --- a/core/java/android/provider/Settings.java +++ b/core/java/android/provider/Settings.java @@ -16378,6 +16378,13 @@ public final class Settings { diff --git a/Patches/LineageOS-19.1/android_frameworks_base/0015-Bluetooth_Timeout.patch b/Patches/LineageOS-19.1/android_frameworks_base/0015-Bluetooth_Timeout.patch index e89164e3..9c21a34a 100644 --- a/Patches/LineageOS-19.1/android_frameworks_base/0015-Bluetooth_Timeout.patch +++ b/Patches/LineageOS-19.1/android_frameworks_base/0015-Bluetooth_Timeout.patch @@ -9,7 +9,7 @@ Subject: [PATCH] Bluetooth auto turn off 2 files changed, 82 insertions(+) diff --git a/core/java/android/provider/Settings.java b/core/java/android/provider/Settings.java -index 52103c3a3f99..580f9745eea7 100644 +index 87ed442b0f79..069ad604024b 100644 --- a/core/java/android/provider/Settings.java +++ b/core/java/android/provider/Settings.java @@ -16385,6 +16385,12 @@ public final class Settings { diff --git a/Patches/LineageOS-19.1/android_frameworks_base/0016-WiFi_Timeout.patch b/Patches/LineageOS-19.1/android_frameworks_base/0016-WiFi_Timeout.patch index 5ec3541c..b75de797 100644 --- a/Patches/LineageOS-19.1/android_frameworks_base/0016-WiFi_Timeout.patch +++ b/Patches/LineageOS-19.1/android_frameworks_base/0016-WiFi_Timeout.patch @@ -9,7 +9,7 @@ Subject: [PATCH] Wi-Fi auto turn off 2 files changed, 75 insertions(+) diff --git a/core/java/android/provider/Settings.java b/core/java/android/provider/Settings.java -index 580f9745eea7..1d8745501553 100644 +index 069ad604024b..88bf06c5a1b2 100644 --- a/core/java/android/provider/Settings.java +++ b/core/java/android/provider/Settings.java @@ -16379,6 +16379,12 @@ public final class Settings { diff --git a/Patches/LineageOS-19.1/android_packages_apps_Settings/0012-hosts_toggle.patch b/Patches/LineageOS-19.1/android_packages_apps_Settings/0012-hosts_toggle.patch index 147a3c0f..f301987b 100644 --- a/Patches/LineageOS-19.1/android_packages_apps_Settings/0012-hosts_toggle.patch +++ b/Patches/LineageOS-19.1/android_packages_apps_Settings/0012-hosts_toggle.patch @@ -170,6 +170,3 @@ index a940165bed..dbb9987f0c 100644 controllers.add(new PreferenceCategoryController(context, SECURITY_CATEGORY) .setChildren(securityPreferenceControllers)); controllers.addAll(securityPreferenceControllers); --- -2.36.0 - diff --git a/Patches/LineageOS-19.1/android_packages_modules_DnsResolver/0002-hosts_toggle.patch b/Patches/LineageOS-19.1/android_packages_modules_DnsResolver/0002-hosts_toggle.patch index 34c1cb5c..88e5ba28 100644 --- a/Patches/LineageOS-19.1/android_packages_modules_DnsResolver/0002-hosts_toggle.patch +++ b/Patches/LineageOS-19.1/android_packages_modules_DnsResolver/0002-hosts_toggle.patch @@ -10,7 +10,7 @@ Change-Id: Iea165003474e1107dc77980985bf9928c369dbb5 1 file changed, 4 insertions(+) diff --git a/getaddrinfo.cpp b/getaddrinfo.cpp -index 071f6ac..955b5c2 100644 +index f0c0ba8..8548b1a 100644 --- a/getaddrinfo.cpp +++ b/getaddrinfo.cpp @@ -57,6 +57,7 @@ @@ -21,7 +21,7 @@ index 071f6ac..955b5c2 100644 #include "Experiments.h" #include "netd_resolv/resolv.h" -@@ -1556,6 +1557,9 @@ static struct addrinfo* getCustomHosts(const size_t netid, const char* _Nonnull +@@ -1554,6 +1555,9 @@ static struct addrinfo* getCustomHosts(const size_t netid, const char* _Nonnull static bool files_getaddrinfo(const size_t netid, const char* name, const addrinfo* pai, addrinfo** res) { diff --git a/PrebuiltApps b/PrebuiltApps index 2ae71194..577c2358 160000 --- a/PrebuiltApps +++ b/PrebuiltApps @@ -1 +1 @@ -Subproject commit 2ae711949ad51befe9786acca9be93b689b6b98d +Subproject commit 577c2358d82a4c2208f63a70a3af16a204a1fa16 diff --git a/Scripts/Common/Fix_CVE_Patchers.sh b/Scripts/Common/Fix_CVE_Patchers.sh index f3520e25..3ac2dd60 100644 --- a/Scripts/Common/Fix_CVE_Patchers.sh +++ b/Scripts/Common/Fix_CVE_Patchers.sh @@ -87,7 +87,7 @@ commentPatches android_kernel_samsung_smdk4412.sh "CVE-2012-2127" "CVE-2016-8463 commentPatches android_kernel_samsung_tuna.sh "CVE-2012-2127"; commentPatches android_kernel_samsung_universal8890.sh "0008-Graphene-Kernel_Hardening/4.9/0053.patch" "0008-Graphene-Kernel_Hardening/4.9/0055.patch" "CVE-2016-7917" "CVE-2018-1092" "CVE-2018-17972" "CVE-2019-16746" "CVE-2020-0427" "CVE-2020-14381" "CVE-2020-16166"; commentPatches android_kernel_samsung_universal9810.sh "CVE-2020-1749"; -commentPatches android_kernel_sony_sdm660.sh "CVE-2019-19319" "CVE-2020-0305" "CVE-2020-8992" "CVE-2020-16166"; +commentPatches android_kernel_sony_sdm660.sh "0008-Graphene-Kernel_Hardening/4.4/0019.patch" "CVE-2019-19319" "CVE-2020-0305" "CVE-2020-8992" "CVE-2020-16166"; commentPatches android_kernel_sony_sdm845.sh "CVE-2019-19319" "CVE-2020-1749" "CVE-2020-8992"; commentPatches android_kernel_xiaomi_msm8937.sh "CVE-2017-13162" "CVE-2019-14070" "CVE-2019-16746" "CVE-2020-0427" "CVE-2020-16166" "CVE-2021-39715/ANY/0001.patch"; commentPatches android_kernel_xiaomi_sdm660.sh "0008-Graphene-Kernel_Hardening/4.4/0019.patch"; diff --git a/Scripts/LineageOS-17.1/Patch.sh b/Scripts/LineageOS-17.1/Patch.sh index 6c9a0da0..48d3c2d8 100644 --- a/Scripts/LineageOS-17.1/Patch.sh +++ b/Scripts/LineageOS-17.1/Patch.sh @@ -488,7 +488,6 @@ enableLowRam "device/motorola/osprey" "osprey"; enableLowRam "device/motorola/surnia" "surnia"; #Tweaks for <3GB RAM devices enableLowRam "device/cyanogen/msm8916-common" "msm8916-common"; -enableLowRam "device/motorola/clark" "clark"; enableLowRam "device/wileyfox/crackling" "crackling"; #Fix broken options enabled by hardenDefconfig() diff --git a/Scripts/LineageOS-19.1/CVE_Patchers/android_kernel_razer_sdm845.sh b/Scripts/LineageOS-19.1/CVE_Patchers/android_kernel_razer_sdm845.sh new file mode 100644 index 00000000..6d5d7d48 --- /dev/null +++ b/Scripts/LineageOS-19.1/CVE_Patchers/android_kernel_razer_sdm845.sh @@ -0,0 +1,67 @@ +#!/bin/bash +cd "$DOS_BUILD_BASE""kernel/razer/sdm845" +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0024.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0025.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0026.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0027.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0028.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0029.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0030.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0031.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0032.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0033.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0034.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0035.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0036.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0037.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0038.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0039.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0041.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0042.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0043.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0044.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0045.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0046.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0047.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0048.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0049.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0051.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0052.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0053.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0054.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0055.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7837/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3695/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0008.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0009.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7477/4.9/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13693/^4.12.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13694/^4.12.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000252/^4.13/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5897/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9415/ANY/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-20855/^4.18/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12378/^5.1.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12455/^5.1.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12456/^5.1.5/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15291/4.9/0007.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-16921/^4.16/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-16994/4.9/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19051/4.9/0013.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19068/4.9/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20908/^5.2/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-0067/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-3674/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-16119/^5.10/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-24394/^5.8/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-33098/^5.12/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-39792/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-44879/^5.16/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-45469/4.9-^5.16/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-1353/^5.17/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-27950/^5.16/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-28390/^5.17/0001.patch +editKernelLocalversion "-dos.p63" +cd "$DOS_BUILD_BASE" diff --git a/Scripts/LineageOS-19.1/CVE_Patchers/android_kernel_sony_sdm660.sh b/Scripts/LineageOS-19.1/CVE_Patchers/android_kernel_sony_sdm660.sh index 798c67dc..d750cd8d 100644 --- a/Scripts/LineageOS-19.1/CVE_Patchers/android_kernel_sony_sdm660.sh +++ b/Scripts/LineageOS-19.1/CVE_Patchers/android_kernel_sony_sdm660.sh @@ -7,7 +7,7 @@ git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0012.patch git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0013.patch git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0014.patch git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0015.patch -git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0019.patch +#git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0019.patch git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/ANY/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7837/ANY/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-1583/^4.6/0003.patch diff --git a/Scripts/LineageOS-19.1/CVE_Patchers/android_kernel_xiaomi_sdm845.sh b/Scripts/LineageOS-19.1/CVE_Patchers/android_kernel_xiaomi_sdm845.sh new file mode 100644 index 00000000..0aa1f78d --- /dev/null +++ b/Scripts/LineageOS-19.1/CVE_Patchers/android_kernel_xiaomi_sdm845.sh @@ -0,0 +1,67 @@ +#!/bin/bash +cd "$DOS_BUILD_BASE""kernel/xiaomi/sdm845" +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0024.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0025.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0026.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0027.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0028.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0029.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0030.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0031.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0032.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0033.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0034.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0035.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0036.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0037.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0038.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0039.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0041.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0042.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0043.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0044.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0045.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0046.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0047.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0048.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0049.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0051.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0052.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0053.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0054.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0055.patch +git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7837/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3695/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0008.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0009.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7477/4.9/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13693/^4.12.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13694/^4.12.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000252/^4.13/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5897/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9415/ANY/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-20855/^4.18/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12378/^5.1.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12455/^5.1.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12456/^5.1.5/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15291/4.9/0007.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-16921/^4.16/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-16994/4.9/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19051/4.9/0013.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19068/4.9/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20908/^5.2/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-0067/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-3674/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-16119/^5.10/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-24394/^5.8/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-33098/^5.12/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-39792/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-44879/^5.16/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-45469/4.9-^5.16/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-1353/^5.17/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-27950/^5.16/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-28390/^5.17/0001.patch +editKernelLocalversion "-dos.p63" +cd "$DOS_BUILD_BASE" diff --git a/Scripts/LineageOS-19.1/Functions.sh b/Scripts/LineageOS-19.1/Functions.sh index 81188d18..1770c87a 100644 --- a/Scripts/LineageOS-19.1/Functions.sh +++ b/Scripts/LineageOS-19.1/Functions.sh @@ -19,7 +19,7 @@ umask 0022; #Last verified: 2022-04-04 patchAllKernels() { - startPatcher "kernel_fxtec_msm8998 kernel_google_msm-4.9 kernel_google_msm-4.14 kernel_google_redbull kernel_google_wahoo kernel_oneplus_sdm845 kernel_oneplus_sm8150 kernel_sony_sdm660"; + startPatcher "kernel_fxtec_msm8998 kernel_google_msm-4.9 kernel_google_msm-4.14 kernel_google_redbull kernel_google_wahoo kernel_oneplus_sdm845 kernel_oneplus_sm8150 kernel_razer_sdm845 kernel_sony_sdm660 kernel_xiaomi_sdm845"; } export -f patchAllKernels; @@ -62,6 +62,8 @@ buildAll() { buildDevice taimen avb; buildDevice walleye avb; #SD845 + buildDevice aura avb; + buildDevice beryllium avb; buildDevice pro1 avb; buildDevice crosshatch avb; buildDevice blueline avb; diff --git a/Scripts/LineageOS-19.1/Patch.sh b/Scripts/LineageOS-19.1/Patch.sh index 879a1eb9..050c7fb3 100644 --- a/Scripts/LineageOS-19.1/Patch.sh +++ b/Scripts/LineageOS-19.1/Patch.sh @@ -425,13 +425,14 @@ removeBuildFingerprints || true; enableAutoVarInit || true; #Tweaks for <4GB RAM devices -enableLowRam "device/sony/pioneer" "pioneer"; +#enableLowRam "device/sony/pioneer" "pioneer"; #Fix broken options enabled by hardenDefconfig() #none yet sed -i 's/^YYLTYPE yylloc;/extern YYLTYPE yylloc;/' kernel/*/*/scripts/dtc/dtc-lexer.l*; #Fix builds with GCC 10 rm -v kernel/*/*/drivers/staging/greybus/tools/Android.mk || true; +rm -v device/*/*/overlay/frameworks/base/packages/overlays/NoCutoutOverlay/res/values/config.xml || true; # #END OF DEVICE CHANGES # diff --git a/Scripts/init.sh b/Scripts/init.sh index da2f00b2..e2037682 100644 --- a/Scripts/init.sh +++ b/Scripts/init.sh @@ -76,7 +76,7 @@ export DOS_WEBVIEW_LFS=true; #Whether to `git lfs pull` in the WebView repositor #Servers export DOS_DEFAULT_DNS_PRESET="Quad9"; #Sets default DNS. Options: See changeDefaultDNS() in Scripts/Common/Functions.sh export DOS_GPS_NTP_SERVER="2.android.pool.ntp.org"; #Options: Any NTP pool -export DOS_GPS_SUPL_HOST="supl.google.com"; #Options: supl.{google,vodafone,sonyericsson}.com +export DOS_GPS_SUPL_HOST="supl.google.com"; #Options: Any *valid* SUPL server #Release Processing export DOS_MALWARE_SCAN_BEFORE_SIGN=false; #Scan device files for malware before signing