From 31d0b901ae946daf347d66e8039c5c027becf4ac Mon Sep 17 00:00:00 2001 From: Tad Date: Wed, 3 Feb 2021 09:21:04 -0500 Subject: [PATCH] Update cherrypicks --- Misc/Missing_CVEs.txt | 3 +++ Misc/aosp-cves/gen_cve_list-qc.sh | 1 + Misc/aosp-cves/gen_cve_list.sh | 2 ++ Patches/Linux | 2 +- Scripts/LineageOS-14.1/Functions.sh | 1 + Scripts/LineageOS-14.1/Patch.sh | 2 +- Scripts/LineageOS-15.1/Functions.sh | 1 + Scripts/LineageOS-15.1/Patch.sh | 8 +++++++- Scripts/LineageOS-16.0/Functions.sh | 1 + Scripts/LineageOS-16.0/Patch.sh | 11 ++++++++++- Scripts/LineageOS-17.1/Functions.sh | 1 + Scripts/LineageOS-17.1/Patch.sh | 12 +++++++++++- 12 files changed, 40 insertions(+), 5 deletions(-) diff --git a/Misc/Missing_CVEs.txt b/Misc/Missing_CVEs.txt index e8219090..ce003dce 100644 --- a/Misc/Missing_CVEs.txt +++ b/Misc/Missing_CVEs.txt @@ -35,3 +35,6 @@ CVE-2016-0525 -> CVE-2017-0525 https://nvd.nist.gov/vuln/detail/CVE-2020-3625 https://nvd.nist.gov/vuln/detail/CVE-2020-0423 +CVE-2020-11277 +CVE-2020-11147 +CVE-2020-11223 diff --git a/Misc/aosp-cves/gen_cve_list-qc.sh b/Misc/aosp-cves/gen_cve_list-qc.sh index c509c2ad..577f1cf4 100644 --- a/Misc/aosp-cves/gen_cve_list-qc.sh +++ b/Misc/aosp-cves/gen_cve_list-qc.sh @@ -1,3 +1,4 @@ +java -jar $DOS_BINARY_PATCHER scraper "https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin" >> cve_list-qc.txt java -jar $DOS_BINARY_PATCHER scraper "https://www.qualcomm.com/company/product-security/bulletins/january-2021-bulletin" >> cve_list-qc.txt java -jar $DOS_BINARY_PATCHER scraper "https://www.qualcomm.com/company/product-security/bulletins/december-2020-security-bulletin" >> cve_list-qc.txt diff --git a/Misc/aosp-cves/gen_cve_list.sh b/Misc/aosp-cves/gen_cve_list.sh index f0417067..13dca2ca 100644 --- a/Misc/aosp-cves/gen_cve_list.sh +++ b/Misc/aosp-cves/gen_cve_list.sh @@ -1,5 +1,7 @@ +java -jar $DOS_BINARY_PATCHER scraper "https://source.android.com/security/bulletin/2021-02-01" >> cve_list.txt java -jar $DOS_BINARY_PATCHER scraper "https://source.android.com/security/bulletin/2021-01-01" >> cve_list.txt +java -jar $DOS_BINARY_PATCHER scraper "https://source.android.com/security/bulletin/pixel/2021-02-01" >> cve_list.txt java -jar $DOS_BINARY_PATCHER scraper "https://source.android.com/security/bulletin/pixel/2021-01-01" >> cve_list.txt java -jar $DOS_BINARY_PATCHER scraper "https://source.android.com/security/bulletin/2020-12-01" >> cve_list.txt diff --git a/Patches/Linux b/Patches/Linux index f9c22aa3..bc7b4d1e 160000 --- a/Patches/Linux +++ b/Patches/Linux @@ -1 +1 @@ -Subproject commit f9c22aa3ea0c4fb4c760790c51e33987924e069d +Subproject commit bc7b4d1e1a6e952d746a49b162fc44e64f1bb62d diff --git a/Scripts/LineageOS-14.1/Functions.sh b/Scripts/LineageOS-14.1/Functions.sh index 4dc46e25..9e1fe961 100644 --- a/Scripts/LineageOS-14.1/Functions.sh +++ b/Scripts/LineageOS-14.1/Functions.sh @@ -125,6 +125,7 @@ patchWorkspace() { repopick -it n_asb_09-2018-qcom; #repopick -it bt-sbc-hd-dualchannel-nougat; repopick -it n-asb-2021-01; + repopick -it n-asb-2021-02; export DOS_GRAPHENE_MALLOC=false; #patches apply, compile fails diff --git a/Scripts/LineageOS-14.1/Patch.sh b/Scripts/LineageOS-14.1/Patch.sh index 0da19782..340cb552 100644 --- a/Scripts/LineageOS-14.1/Patch.sh +++ b/Scripts/LineageOS-14.1/Patch.sh @@ -77,7 +77,7 @@ patch -p1 < "$DOS_PATCHES/android_device_qcom_sepolicy/248649.patch"; #msm_irqba patch -p1 < "$DOS_PATCHES/android_device_qcom_sepolicy/0001-Camera_Fix.patch"; #Fix camera on user builds XXX: REMOVE THIS TRASH enterAndClear "external/chromium-webview"; -git fetch "https://github.com/LineageOS/android_external_chromium-webview" refs/changes/71/302271/1 && git checkout FETCH_HEAD; #update webview +git fetch "https://github.com/LineageOS/android_external_chromium-webview" refs/changes/71/302271/2 && git checkout FETCH_HEAD; #update webview enterAndClear "external/sqlite"; patch -p1 < "$DOS_PATCHES/android_external_sqlite/0001-Secure_Delete.patch"; #Enable secure_delete by default (CopperheadOS-13.0) diff --git a/Scripts/LineageOS-15.1/Functions.sh b/Scripts/LineageOS-15.1/Functions.sh index 6121422d..3c95f32c 100644 --- a/Scripts/LineageOS-15.1/Functions.sh +++ b/Scripts/LineageOS-15.1/Functions.sh @@ -117,6 +117,7 @@ patchWorkspace() { source build/envsetup.sh; repopick -it tzdb2020f_O; + repopick -it O_asb_2021-02; export DOS_GRAPHENE_MALLOC=false; #patches apply, compile fails diff --git a/Scripts/LineageOS-15.1/Patch.sh b/Scripts/LineageOS-15.1/Patch.sh index a5c33dea..e69d64f1 100644 --- a/Scripts/LineageOS-15.1/Patch.sh +++ b/Scripts/LineageOS-15.1/Patch.sh @@ -79,7 +79,10 @@ enterAndClear "device/qcom/sepolicy"; patch -p1 < "$DOS_PATCHES/android_device_qcom_sepolicy/0001-Camera_Fix.patch"; #Fix camera on -user builds XXX: REMOVE THIS TRASH enterAndClear "external/chromium-webview"; -git fetch "https://github.com/LineageOS/android_external_chromium-webview" refs/changes/71/302271/1 && git checkout FETCH_HEAD; #update webview +git fetch "https://github.com/LineageOS/android_external_chromium-webview" refs/changes/71/302271/2 && git checkout FETCH_HEAD; #update webview + +enterAndClear "external/okhttp"; +git fetch "https://github.com/LineageOS/android_external_okhttp" refs/changes/47/303347/1 && git cherry-pick FETCH_HEAD; #O_asb_2021-02 enterAndClear "external/svox"; git revert --no-edit 1419d63b4889a26d22443fd8df1f9073bf229d3d; #Add back Makefiles @@ -149,6 +152,9 @@ git apply "$DOS_PATCHES_COMMON/android_hardware_qcom_display/CVE-2019-2306-msm89 enterAndClear "hardware/qcom/gps"; git apply "$DOS_PATCHES_COMMON/android_hardware_qcom_gps/0001-rollover.patch"; #fix week rollover +enterAndClear "libcore"; +git fetch "https://github.com/LineageOS/android_libcore" refs/changes/53/303353/1 && git cherry-pick FETCH_HEAD; #O_asb_2021-02 + enterAndClear "lineage-sdk"; awk -i inplace '!/WeatherManagerServiceBroker/' lineage/res/res/values/config.xml; #Disable Weather if [ "$DOS_DEBLOBBER_REMOVE_AUDIOFX" = true ]; then awk -i inplace '!/LineageAudioService/' lineage/res/res/values/config.xml; fi; diff --git a/Scripts/LineageOS-16.0/Functions.sh b/Scripts/LineageOS-16.0/Functions.sh index f79d890a..54af668e 100644 --- a/Scripts/LineageOS-16.0/Functions.sh +++ b/Scripts/LineageOS-16.0/Functions.sh @@ -137,6 +137,7 @@ patchWorkspace() { repopick -i 232948; #wahoo: liblight: close fd #repopick -it pie-firewall; repopick -it tzdb2020f_P; + repopick -it P_asb_2021-02; source "$DOS_SCRIPTS/Patch.sh"; source "$DOS_SCRIPTS_COMMON/Copy_Keys.sh"; diff --git a/Scripts/LineageOS-16.0/Patch.sh b/Scripts/LineageOS-16.0/Patch.sh index c34945ee..29210fbf 100644 --- a/Scripts/LineageOS-16.0/Patch.sh +++ b/Scripts/LineageOS-16.0/Patch.sh @@ -78,7 +78,10 @@ patch -p1 < "$DOS_PATCHES/android_device_qcom_sepolicy-legacy/0001-Camera_Fix.pa echo "SELINUX_IGNORE_NEVERALLOWS := true" >> sepolicy.mk; #necessary for -user builds of legacy devices enterAndClear "external/chromium-webview"; -git fetch "https://github.com/LineageOS/android_external_chromium-webview" refs/changes/71/302271/1 && git checkout FETCH_HEAD; #update webview +git fetch "https://github.com/LineageOS/android_external_chromium-webview" refs/changes/71/302271/2 && git checkout FETCH_HEAD; #update webview + +enterAndClear "external/okhttp"; +git fetch "https://github.com/LineageOS/android_external_okhttp" refs/changes/26/303326/1 && git cherry-pick FETCH_HEAD; #P_asb_2021-02 enterAndClear "external/svox"; git revert --no-edit 1419d63b4889a26d22443fd8df1f9073bf229d3d; #Add back Makefiles @@ -86,6 +89,9 @@ sed -i '12iLOCAL_SDK_VERSION := current' pico/Android.mk; #Fix build under Pie sed -i 's/about to delete/unable to delete/' pico/src/com/svox/pico/LangPackUninstaller.java; awk -i inplace '!/deletePackage/' pico/src/com/svox/pico/LangPackUninstaller.java; +enterAndClear "external/wpa_supplicant_8"; +git fetch "https://github.com/LineageOS/android_external_wpa_supplicant_8" refs/changes/27/303327/1 && git cherry-pick FETCH_HEAD; #P_asb_2021-02 + enterAndClear "frameworks/av"; if [ "$DOS_GRAPHENE_MALLOC" = true ]; then patch -p1 < "$DOS_PATCHES_COMMON/android_frameworks_av/0001-HM-No_RLIMIT_AS.patch"; fi; #(GrapheneOS) @@ -149,6 +155,9 @@ git apply "$DOS_PATCHES_COMMON/android_hardware_qcom_display/CVE-2019-2306-msm89 enterAndClear "hardware/qcom/display-caf/msm8998"; git apply "$DOS_PATCHES_COMMON/android_hardware_qcom_display/CVE-2019-2306-msm8998.patch"; +enterAndClear "libcore"; +git fetch "https://github.com/LineageOS/android_libcore" refs/changes/33/303333/1 && git cherry-pick FETCH_HEAD; #P_asb_2021-02 + enterAndClear "lineage-sdk"; awk -i inplace '!/LineageWeatherManagerService/' lineage/res/res/values/config.xml; #Disable Weather if [ "$DOS_DEBLOBBER_REMOVE_AUDIOFX" = true ]; then awk -i inplace '!/LineageAudioService/' lineage/res/res/values/config.xml; fi; diff --git a/Scripts/LineageOS-17.1/Functions.sh b/Scripts/LineageOS-17.1/Functions.sh index 53f20661..7c4feeb9 100644 --- a/Scripts/LineageOS-17.1/Functions.sh +++ b/Scripts/LineageOS-17.1/Functions.sh @@ -134,6 +134,7 @@ patchWorkspace() { repopick -i 271361; #releasetools: python3 fix, 287339 (alt) #repopick -it ten-firewall; repopick -it tzdb2020f_Q; + repopick -it Q_asb_2021-02; source "$DOS_SCRIPTS/Patch.sh"; source "$DOS_SCRIPTS_COMMON/Copy_Keys.sh"; diff --git a/Scripts/LineageOS-17.1/Patch.sh b/Scripts/LineageOS-17.1/Patch.sh index 954a775d..9346db60 100644 --- a/Scripts/LineageOS-17.1/Patch.sh +++ b/Scripts/LineageOS-17.1/Patch.sh @@ -76,7 +76,13 @@ patch -p1 < "$DOS_PATCHES/android_device_qcom_sepolicy-legacy/0001-Camera_Fix.pa echo "SELINUX_IGNORE_NEVERALLOWS := true" >> sepolicy.mk; #necessary for -user builds of legacy devices enterAndClear "external/chromium-webview"; -git fetch "https://github.com/LineageOS/android_external_chromium-webview" refs/changes/71/302271/1 && git checkout FETCH_HEAD; #update webview +git fetch "https://github.com/LineageOS/android_external_chromium-webview" refs/changes/71/302271/2 && git checkout FETCH_HEAD; #update webview + +enterAndClear "external/libavc"; +git fetch "https://github.com/LineageOS/android_external_libavc" refs/changes/75/303275/1 && git cherry-pick FETCH_HEAD; #Q_asb_2021-02 + +enterAndClear "external/okhttp"; +git fetch "https://github.com/LineageOS/android_external_okhttp" refs/changes/98/303298/2 && git cherry-pick FETCH_HEAD; #Q_asb_2021-02 enterAndClear "external/svox"; git revert --no-edit 1419d63b4889a26d22443fd8df1f9073bf229d3d; #Add back Makefiles @@ -84,6 +90,9 @@ sed -i '12iLOCAL_SDK_VERSION := current' pico/Android.mk; #Fix build under Pie sed -i 's/about to delete/unable to delete/' pico/src/com/svox/pico/LangPackUninstaller.java; awk -i inplace '!/deletePackage/' pico/src/com/svox/pico/LangPackUninstaller.java; +enterAndClear "external/wpa_supplicant_8"; +git fetch "https://github.com/LineageOS/android_external_wpa_supplicant_8" refs/changes/99/303299/1 && git cherry-pick FETCH_HEAD; #Q_asb_2021-02 + enterAndClear "frameworks/av"; if [ "$DOS_GRAPHENE_MALLOC" = true ]; then patch -p1 < "$DOS_PATCHES/android_frameworks_av/0001-HM_A2DP_Fix.patch"; fi; #(GrapheneOS) @@ -146,6 +155,7 @@ enterAndClear "hardware/qcom-caf/msm8998/audio"; patch -p1 < "$DOS_PATCHES/android_hardware_qcom_audio/0001-Unused-8998.patch"; #audio_extn: Fix unused parameter warning in utils.c enterAndClear "libcore"; +git fetch "https://github.com/LineageOS/android_libcore" refs/changes/06/303306/1 && git cherry-pick FETCH_HEAD; #Q_asb_2021-02 if [ "$DOS_GRAPHENE_EXEC" = true ]; then patch -p1 < "$DOS_PATCHES/android_libcore/0001-Exec_Preload.patch"; fi; #add exec-based spawning support (GrapheneOS) if [ "$DOS_GRAPHENE_EXEC" = true ]; then patch -p1 < "$DOS_PATCHES/android_libcore/0002-Exec_Based_Spawning.patch"; fi; #add exec-based spawning support (GrapheneOS)