From 1bd0e470995728405f2f1d80edd7278d70dfbcb9 Mon Sep 17 00:00:00 2001 From: Tad Date: Fri, 30 Aug 2019 02:33:53 -0400 Subject: [PATCH] victara: 15.1 -> 16.0 - other fixes --- Manifests/Manifest_LAOS-16.0.xml | 4 + Patches/Linux | 2 +- Scripts/Common/Functions.sh | 2 +- Scripts/LineageOS-14.1/Functions.sh | 17 ++- Scripts/LineageOS-15.1/Functions.sh | 5 +- .../android_kernel_google_marlin.sh | 8 +- .../CVE_Patchers/android_kernel_lge_g3.sh | 4 +- .../CVE_Patchers/android_kernel_lge_mako.sh | 4 +- .../android_kernel_motorola_msm8974.sh | 141 ++++++++++++++++++ .../android_kernel_oppo_msm8974.sh | 4 +- Scripts/LineageOS-16.0/Functions.sh | 9 +- Scripts/LineageOS-16.0/Patch.sh | 1 + 12 files changed, 182 insertions(+), 19 deletions(-) create mode 100644 Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_motorola_msm8974.sh diff --git a/Manifests/Manifest_LAOS-16.0.xml b/Manifests/Manifest_LAOS-16.0.xml index 3f7c0238..d25a2116 100644 --- a/Manifests/Manifest_LAOS-16.0.xml +++ b/Manifests/Manifest_LAOS-16.0.xml @@ -115,6 +115,10 @@ + + + + diff --git a/Patches/Linux b/Patches/Linux index 2a54ecc6..d63087ce 160000 --- a/Patches/Linux +++ b/Patches/Linux @@ -1 +1 @@ -Subproject commit 2a54ecc6fde758e4ba8746e714d5ec9c0fa34427 +Subproject commit d63087ceb6c0f1aea77b6b91b212463900966dbe diff --git a/Scripts/Common/Functions.sh b/Scripts/Common/Functions.sh index a4852d75..42cb3b77 100644 --- a/Scripts/Common/Functions.sh +++ b/Scripts/Common/Functions.sh @@ -187,7 +187,7 @@ processRelease() { for LAST_TARGET_FILES in $ARCHIVE/target_files/$DOS_BRANDING_ZIP_PREFIX-$VERSION-*-dos-$DEVICE-target_files.zip; do if [[ -f "$LAST_TARGET_FILES.id" ]]; then LAST_INCREMENTAL_ID=$(cat "$LAST_TARGET_FILES.id"); - build/tools/releasetools/ota_from_target_files $BLOCK_SWITCHES -t 8 -k "$KEY_DIR" -i \ + build/tools/releasetools/ota_from_target_files $BLOCK_SWITCHES -t 8 -k "$KEY_DIR/releasekey" -i \ "$LAST_TARGET_FILES" \ $OUT_DIR/$PREFIX-target_files.zip \ $OUT_DIR/$PREFIX-incremental_$LAST_INCREMENTAL_ID.zip; diff --git a/Scripts/LineageOS-14.1/Functions.sh b/Scripts/LineageOS-14.1/Functions.sh index dacf3b70..85b1bf19 100644 --- a/Scripts/LineageOS-14.1/Functions.sh +++ b/Scripts/LineageOS-14.1/Functions.sh @@ -54,8 +54,8 @@ buildAll() { if [ "$DOS_MALWARE_SCAN_ENABLED" = true ]; then scanWorkspaceForMalware; fi; if [ "$DOS_OPTIMIZE_IMAGES" = true ]; then optimizeImagesRecursive "$DOS_BUILD_BASE"; fi; #Select devices are userdebug due to SELinux policy issues - buildDevice clark; buildDeviceUserDebug thor; + buildDevice clark; buildDevice grouper; #needs manual patching - one-repo vendor blob patch buildDevice h815; buildDevice herolte; @@ -74,18 +74,18 @@ buildAll() { #The following are all superseded, and should only be enabled if the newer version is broken (not building/booting/etc.) if [ "$DOS_BUILDALL_SUPERSEDED" = true ]; then - buildDevice angler; + buildDevice angler true; buildDevice axon7; - buildDevice bullhead; + buildDevice bullhead true; buildDevice bacon; buildDevice crackling; buildDevice d802; buildDevice d852; buildDevice d855; - buildDevice dragon; + buildDevice dragon true; buildDevice ether; buildDevice flo; - buildDevice flounder; + buildDevice flounder true; buildDevice FP2; buildDevice fugu; buildDevice griffin; @@ -97,9 +97,9 @@ buildAll() { buildDevice klte; buildDevice m8; buildDevice mako; - buildDevice marlin; - buildDevice sailfish; - buildDevice shamu; + buildDevice marlin true; + buildDevice sailfish true; + buildDevice shamu true; buildDevice us996; buildDevice us997; buildDevice victara; #needs manual patching - fwb xml: fused: dangling tag @@ -123,6 +123,7 @@ patchWorkspace() { repopick 248599; #restrict SET_TIME_ZONE permission repopick 248600 248649; #/proc hardening repopick -it nougat-mr2-security-release-residue; + repopick 255328; #update webview export DOS_GRAPHENE_MALLOC=false; #patches apply, compile fails diff --git a/Scripts/LineageOS-15.1/Functions.sh b/Scripts/LineageOS-15.1/Functions.sh index 9960dd85..2d2cc3b8 100644 --- a/Scripts/LineageOS-15.1/Functions.sh +++ b/Scripts/LineageOS-15.1/Functions.sh @@ -58,7 +58,6 @@ buildAll() { buildDevice starlte; #broken - device/samsung/universal9810-common/audio: MODULE.TARGET.SHARED_LIBRARIES.libshim_audio_32 already defined by device/samsung/star-common/audio buildDevice us996; buildDevice us997; - buildDevice victara; #The following are all superseded, and should only be enabled if the newer version is broken (not building/booting/etc.) buildDevice fugu; @@ -81,6 +80,7 @@ buildAll() { buildDevice mata true; buildDevice sailfish true; buildDevice shamu true; + buildDevice victara; fi; } export -f buildAll; @@ -88,7 +88,8 @@ export -f buildAll; patchWorkspace() { if [ "$DOS_MALWARE_SCAN_ENABLED" = true ]; then scanForMalware false "$DOS_PREBUILT_APPS $DOS_BUILD_BASE/build $DOS_BUILD_BASE/device $DOS_BUILD_BASE/vendor/lineage"; fi; - #source build/envsetup.sh; + source build/envsetup.sh; + repopick 255328; #update webview source "$DOS_SCRIPTS/Patch.sh"; source "$DOS_SCRIPTS/Defaults.sh"; diff --git a/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_google_marlin.sh b/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_google_marlin.sh index a0681a6f..d8592440 100644 --- a/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_google_marlin.sh +++ b/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_google_marlin.sh @@ -131,6 +131,12 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12614/^5.1.6/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12818/^4.20.15/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12819/^5.0/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-13631/^5.2.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15098/^5.2.8/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15212/^5.1.8/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15213/^5.2.3/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15214/^5.0.10/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15216/^5.0.14/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15807/^5.1.13/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2263/ANY/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2290/ANY/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2341/ANY/0001.patch @@ -146,5 +152,5 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6696/ANY/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0610/ANY/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14883/ANY/0001.patch -editKernelLocalversion "-dos.p146" +editKernelLocalversion "-dos.p152" cd "$DOS_BUILD_BASE" diff --git a/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_lge_g3.sh b/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_lge_g3.sh index 6ec87aad..d5b4d8e5 100644 --- a/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_lge_g3.sh +++ b/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_lge_g3.sh @@ -88,6 +88,8 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7492/^4.14.7/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7757/^4.15.7/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-8781/^4.15/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10142/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15216/^5.0.14/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15807/^5.1.13/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2101/ANY/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-3459/^5.1/0001.patch @@ -95,5 +97,5 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-8912/^4.20.11/0001.patch git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/kernel.msm.git-9f34c6ebc016cd061ae5ec901221d15fa3d67e49.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6544/^3.6/0003.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch -editKernelLocalversion "-dos.p95" +editKernelLocalversion "-dos.p97" cd "$DOS_BUILD_BASE" diff --git a/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_lge_mako.sh b/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_lge_mako.sh index db694be2..314ed224 100644 --- a/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_lge_mako.sh +++ b/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_lge_mako.sh @@ -113,6 +113,8 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9389/ANY/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9439/ANY/0002.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9516/ANY/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10142/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15216/^5.0.14/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15807/^5.1.13/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2001/^3.10/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2101/ANY/0001.patch @@ -124,5 +126,5 @@ git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/kernel.msm.git-5d89eb01c93d8a git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/kernel.msm.git-7be3e08d7a523207486701b2d34607137558066f.patch git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/kernel.msm.git-9f34c6ebc016cd061ae5ec901221d15fa3d67e49.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch -editKernelLocalversion "-dos.p124" +editKernelLocalversion "-dos.p126" cd "$DOS_BUILD_BASE" diff --git a/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_motorola_msm8974.sh b/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_motorola_msm8974.sh new file mode 100644 index 00000000..d028ac1d --- /dev/null +++ b/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_motorola_msm8974.sh @@ -0,0 +1,141 @@ +#!/bin/bash +cd "$DOS_BUILD_BASE""kernel/motorola/msm8974" +git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc/ANY/0008.patch +git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc/ANY/0009.patch +git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc2/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc2/ANY/0004.patch +git apply $DOS_PATCHES_LINUX_CVES/0005-Copperhead-Deny_USB/3.4/3.4-Backport.patch +git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6544/^3.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6544/^3.6/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6544/^3.6/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6545/^3.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6545/^3.6/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6545/^3.6/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3076/^3.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3222/^3.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3225/^3.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3227/^3.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3228/^3.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3229/^3.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3231/^3.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-4470/^3.12/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-3688/^3.17.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-7975/^3.17/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-2042/^3.19/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-6937/^4.2.3/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7566/^4.4.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8746/^4.2.2/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8812/^4.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2085/^4.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2443/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2543/^4.4.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3865/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-4485/^4.5.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-4580/^4.5.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-4913/^4.5.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5244/^4.6.3/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5828/^4.6.3/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6480/^4.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6672/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-7117/^4.5.2/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8406/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0524/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0611/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0648/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0710/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0751/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0786/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0861/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000111/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000363/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11000/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11090/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11176/^4.11.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11473/^4.12.2/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-12153/3.2-^3.16/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13215/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13246/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13305/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13695/^4.12.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14106/^4.12/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14489/^4.13.2/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-15265/^4.13/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-15868/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-15868/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-15868/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16525/^4.13.8/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16526/^4.13.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16532/^4.13.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16533/^4.13.8/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16535/^4.13.10/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16537/^4.13.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16650/^4.13.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0005.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0006.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17450/^4.14.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17558/^4.14.5/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17805/^4.14.8/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17806/^4.14.8/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18079/^4.12.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18203/^4.14.3/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18360/^4.11.3/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-6348/^4.9.13/0001.patch +#git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7373/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7487/^4.11.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7645/^4.10.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8246/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8247/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8254/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8254/3.4/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8266/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8824/^4.14.3/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9684/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9984/^4.11.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10021/^4.16/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10087/^4.13/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10124/^4.13/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10675/^4.12.9/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-1068/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-1068/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10879/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10879/3.4/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10880/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10882/3.4/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10883/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10902/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10940/^4.16.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11832/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11939/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13053/^4.17.3/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-14634/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-15594/^4.18.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-16658/^4.18.6/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-18710/^4.19/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-20511/^4.18.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5332/^4.14.13/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5333/^4.14.13/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5750/^4.14.15/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5858/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7492/^4.14.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7757/^4.15.7/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-8781/^4.15/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9389/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9416/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9439/ANY/0002.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9516/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10142/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2001/^3.10/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2101/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-3459/^5.1/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-8912/^4.20.11/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/797912_0001-usb-gadget-Fix-synchronization-issue-between-f_audio.patch +git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/kernel.msm.git-9f34c6ebc016cd061ae5ec901221d15fa3d67e49.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6544/^3.6/0003.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch +editKernelLocalversion "-dos.p137" +cd "$DOS_BUILD_BASE" diff --git a/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_oppo_msm8974.sh b/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_oppo_msm8974.sh index 1a458dad..d38577c8 100644 --- a/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_oppo_msm8974.sh +++ b/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_oppo_msm8974.sh @@ -110,6 +110,8 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7492/^4.14.7/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7757/^4.15.7/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-8781/^4.15/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10142/ANY/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15216/^5.0.14/0001.patch +git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15807/^5.1.13/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2001/^3.10/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0001.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2101/ANY/0001.patch @@ -118,5 +120,5 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-8912/^4.20.11/0001.patch git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/kernel.msm.git-9f34c6ebc016cd061ae5ec901221d15fa3d67e49.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6544/^3.6/0003.patch git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch -editKernelLocalversion "-dos.p118" +editKernelLocalversion "-dos.p120" cd "$DOS_BUILD_BASE" diff --git a/Scripts/LineageOS-16.0/Functions.sh b/Scripts/LineageOS-16.0/Functions.sh index 359d9a48..1757dec4 100644 --- a/Scripts/LineageOS-16.0/Functions.sh +++ b/Scripts/LineageOS-16.0/Functions.sh @@ -18,7 +18,7 @@ #Last verified: 2018-04-27 patchAllKernels() { - startPatcher "kernel_asus_fugu kernel_cyanogen_msm8916 kernel_cyanogen_msm8974 kernel_essential_msm8998 kernel_fairphone_msm8974 kernel_google_marlin kernel_htc_msm8974 kernel_lge_g3 kernel_lge_hammerhead kernel_lge_mako kernel_lge_msm8974 kernel_moto_shamu kernel_motorola_msm8996 kernel_nextbit_msm8992 kernel_oppo_msm8974 kernel_razer_msm8998 kernel_samsung_jf kernel_samsung_msm8974 kernel_zuk_msm8996"; + startPatcher "kernel_asus_fugu kernel_cyanogen_msm8916 kernel_cyanogen_msm8974 kernel_essential_msm8998 kernel_fairphone_msm8974 kernel_google_marlin kernel_htc_msm8974 kernel_lge_g3 kernel_lge_hammerhead kernel_lge_mako kernel_lge_msm8974 kernel_moto_shamu kernel_motorola_msm8974 kernel_motorola_msm8996 kernel_nextbit_msm8992 kernel_oppo_msm8974 kernel_razer_msm8998 kernel_samsung_jf kernel_samsung_msm8974 kernel_zuk_msm8996"; } export -f patchAllKernels; @@ -49,11 +49,12 @@ buildAll() { if [ "$DOS_MALWARE_SCAN_ENABLED" = true ]; then scanWorkspaceForMalware; fi; if [ "$DOS_OPTIMIZE_IMAGES" = true ]; then optimizeImagesRecursive "$DOS_BUILD_BASE"; fi; buildDevice mako; + buildDevice sailfish true; buildDevice bacon; + buildDevice d852; buildDevice cheryl; #broken buildDevice crackling; #broken buildDevice d802; - buildDevice d852; buildDevice d855; buildDevice ether; buildDevice FP2; @@ -67,8 +68,8 @@ buildAll() { buildDevice m8; buildDevice marlin true; buildDevice mata true; - buildDevice sailfish true; buildDevice shamu true; + buildDevice victara; buildDevice z2_plus true; #broken } export -f buildAll; @@ -78,6 +79,8 @@ patchWorkspace() { source build/envsetup.sh; repopick -f 254249; #g3 nfc + repopick 255360; #fp2 fix + repopick 255328; #update webview source "$DOS_SCRIPTS/Patch.sh"; source "$DOS_SCRIPTS/Defaults.sh"; diff --git a/Scripts/LineageOS-16.0/Patch.sh b/Scripts/LineageOS-16.0/Patch.sh index 9dfbcdef..853acb2c 100644 --- a/Scripts/LineageOS-16.0/Patch.sh +++ b/Scripts/LineageOS-16.0/Patch.sh @@ -226,6 +226,7 @@ cd "$DOS_BUILD_BASE"; #Fix broken options enabled by hardenDefconfig() sed -i "s/CONFIG_DEBUG_RODATA=y/# CONFIG_DEBUG_RODATA is not set/" kernel/lge/mako/arch/arm/configs/lineageos_*_defconfig; #Breaks on compile +sed -i "s/CONFIG_DEBUG_RODATA=y/# CONFIG_DEBUG_RODATA is not set/" kernel/motorola/msm8974/arch/arm/configs/lineageos_*_defconfig; #Breaks on compile sed -i "s/CONFIG_STRICT_MEMORY_RWX=y/# CONFIG_STRICT_MEMORY_RWX is not set/" kernel/motorola/msm8996/arch/arm64/configs/*_defconfig; #Breaks on compile # #END OF DEVICE CHANGES