diff --git a/Patches/LineageOS-15.1/android_build/0001-Automated_Build_Signing.patch b/Patches/LineageOS-15.1/android_build/0001-Automated_Build_Signing.patch new file mode 100644 index 00000000..558e36c0 --- /dev/null +++ b/Patches/LineageOS-15.1/android_build/0001-Automated_Build_Signing.patch @@ -0,0 +1,100 @@ +From 3548eba76a04254a32fb16c3a39192aba8e4d187 Mon Sep 17 00:00:00 2001 +From: Daniel Micay +Date: Thu, 8 Mar 2018 22:03:43 -0500 +Subject: [PATCH] Add optional automated signing + +Change-Id: If38730428255a0de3939dfe1a0526b03ac948113 +--- + core/Makefile | 41 ++++++++++++++++++++++++++++++++++++++--- + 1 file changed, 38 insertions(+), 3 deletions(-) + +diff --git a/core/Makefile b/core/Makefile +index b3f719a4f..b48328394 100644 +--- a/core/Makefile ++++ b/core/Makefile +@@ -520,6 +520,10 @@ $(call dist-for-goals,droidcore,$(SOONG_TO_CONVERT)) + # exist with the suffixes ".x509.pem" and ".pk8". + DEFAULT_KEY_CERT_PAIR := $(DEFAULT_SYSTEM_DEV_CERTIFICATE) + ++ifneq ($(SIGNING_KEY_DIR),) ++ KEY_CERT_DIR := $(SIGNING_KEY_DIR) ++ DEFAULT_KEY_CERT_PAIR := $(SIGNING_KEY_DIR)/releasekey ++endif + + # Rules that need to be present for the all targets, even + # if they don't do anything. +@@ -1220,6 +1224,16 @@ endif + # substitute other keys for this one. + OTA_PUBLIC_KEYS := $(DEFAULT_SYSTEM_DEV_CERTIFICATE).x509.pem + ++ifneq ($(SIGNING_KEY_DIR),) ++ OTA_PUBLIC_KEYS := $(SIGNING_KEY_DIR)/releasekey.x509.pem ++ PRODUCT_EXTRA_RECOVERY_KEYS += $(SIGNING_KEY_DIR)/extra ++else ++ ifneq ($(OTA_PACKAGE_SIGNING_KEY),) ++ OTA_PUBLIC_KEYS := $(OTA_PACKAGE_SIGNING_KEY).x509.pem ++ PRODUCT_EXTRA_RECOVERY_KEYS := $(DEFAULT_SYSTEM_DEV_CERTIFICATE) ++ endif ++endif ++ + # Generate a file containing the keys that will be read by the + # recovery binary. + RECOVERY_INSTALL_OTA_KEYS := \ +@@ -2316,6 +2330,13 @@ $(BUILT_TARGET_FILES_PACKAGE): intermediates := $(intermediates) + $(BUILT_TARGET_FILES_PACKAGE): \ + zip_root := $(intermediates)/$(name) + ++SIGNED_TARGET_FILES_PACKAGE := $(intermediates)/signed-$(name).zip ++MAYBE_SIGNED_TARGET_FILES_PACKAGE := $(BUILT_TARGET_FILES_PACKAGE) ++ ++ifneq ($(SIGNING_KEY_DIR),) ++ MAYBE_SIGNED_TARGET_FILES_PACKAGE := $(SIGNED_TARGET_FILES_PACKAGE) ++endif ++ + # $(1): Directory to copy + # $(2): Location to copy it to + # The "ls -A" is to prevent "acp s/* d" from failing if s is empty. +@@ -2774,6 +2795,12 @@ else + OTA_SCRIPT_OVERRIDE_DEVICE := $(TARGET_OTA_ASSERT_DEVICE) + endif + ++ifeq ($(TARGET_RELEASETOOL_SIGN_TARGET_SCRIPT),) ++ SIGN_TARGET_SCRIPT := ./build/tools/releasetools/sign_target_files_apks ++else ++ SIGN_TARGET_SCRIPT := $(TARGET_RELEASETOOL_SIGN_TARGET_SCRIPT) ++endif ++ + ifeq ($(WITH_GMS),true) + $(INTERNAL_OTA_PACKAGE_TARGET): backuptool := false + else +@@ -2784,8 +2811,16 @@ else + endif + endif + +-$(INTERNAL_OTA_PACKAGE_TARGET): $(BUILT_TARGET_FILES_PACKAGE) \ +- build/tools/releasetools/ota_from_target_files ++$(SIGNED_TARGET_FILES_PACKAGE): $(BUILT_TARGET_FILES_PACKAGE) build/tools/releasetools/ota_from_target_files ++ @echo "$(SIGN_TARGET_SCRIPT)" > $(PRODUCT_OUT)/sign_script_path ++ @echo -e ${CL_YLW}"Sign target files:"${CL_RST}" $@" ++ $(hide) $(SIGN_TARGET_SCRIPT) \ ++ -d $(KEY_CERT_DIR) \ ++ -o \ ++ $(BUILT_TARGET_FILES_PACKAGE) \ ++ $(SIGNED_TARGET_FILES_PACKAGE) ++ ++$(INTERNAL_OTA_PACKAGE_TARGET): $(MAYBE_SIGNED_TARGET_FILES_PACKAGE) build/tools/releasetools/ota_from_target_files + @echo "Package OTA: $@" + $(hide) PATH=$(foreach p,$(INTERNAL_USERIMAGES_BINARY_PATHS),$(p):)$$PATH MKBOOTIMG=$(MKBOOTIMG) \ + ./build/tools/releasetools/ota_from_target_files -v \ +@@ -2795,7 +2830,7 @@ $(INTERNAL_OTA_PACKAGE_TARGET): $(BUILT_TARGET_FILES_PACKAGE) \ + -k $(KEY_CERT_PAIR) \ + --backup=$(backuptool) \ + $(if $(OEM_OTA_CONFIG), -o $(OEM_OTA_CONFIG)) \ +- $(BUILT_TARGET_FILES_PACKAGE) $@ ++ $(MAYBE_SIGNED_TARGET_FILES_PACKAGE) $@ + + .PHONY: otapackage + otapackage: $(INTERNAL_OTA_PACKAGE_TARGET) +-- +2.16.2 + diff --git a/Scripts/LineageOS-14.1/Functions.sh b/Scripts/LineageOS-14.1/Functions.sh index 42642273..1cc04900 100644 --- a/Scripts/LineageOS-14.1/Functions.sh +++ b/Scripts/LineageOS-14.1/Functions.sh @@ -69,7 +69,7 @@ buildAll() { # brunch lineage_h815-user; - (UPSTREAM) drivers/input/touchscreen/DS5/RefCode_CustomerImplementation.c:147:1: warning: the frame size of 2064 bytes is larger than 2048 bytes brunch lineage_h850-userdebug; brunch lineage_hammerhead-user; - brunch lineage_herolte-user; +# brunch lineage_herolte-user; - net/netfilter/nfnetlink.c:328:14: error: 'NFNL_BATCH_FAILURE' undeclared (first use in this function) brunch lineage_himaul-user; brunch lineage_i9100-userdebug; brunch lineage_i9305-user; diff --git a/Scripts/LineageOS-14.1/Patch.sh b/Scripts/LineageOS-14.1/Patch.sh index d6d35346..d12a273c 100755 --- a/Scripts/LineageOS-14.1/Patch.sh +++ b/Scripts/LineageOS-14.1/Patch.sh @@ -34,6 +34,8 @@ #Generate firmware deblobber #mka firmware_deblobber +#repopick -t n_asb_03-2018 + # #START OF PREPRATION # diff --git a/Scripts/LineageOS-15.1/00init.sh b/Scripts/LineageOS-15.1/00init.sh index 4b7e76a6..dbaa5865 100644 --- a/Scripts/LineageOS-15.1/00init.sh +++ b/Scripts/LineageOS-15.1/00init.sh @@ -20,6 +20,9 @@ export androidWorkspace="/mnt/Drive-3/"; export base=$androidWorkspace"Build/LineageOS-15.1/"; +export SIGNING_KEY_DIR=$androidWorkspace"Signing_Keys"; +export OTA_PACKAGE_SIGNING_KEY=$SIGNING_KEY_DIR"/releasekey" + export patches=$androidWorkspace"Patches/LineageOS-15.1/"; export cvePatchesLinux=$androidWorkspace"Patches/Linux/"; export cvePatchesAndroid=$androidWorkspace"Patches/Android/"; diff --git a/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_fairphone_msm8974.sh b/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_fairphone_msm8974.sh index fed09891..d1b99e60 100644 --- a/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_fairphone_msm8974.sh +++ b/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_fairphone_msm8974.sh @@ -8,6 +8,7 @@ git apply $cvePatchesLinux/CVE-2016-0774/ANY/0001.patch git apply $cvePatchesLinux/CVE-2016-7117/^4.5/0002.patch git apply $cvePatchesLinux/CVE-2017-0750/ANY/0001.patch git apply $cvePatchesLinux/CVE-2017-0786/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-1000111/ANY/0001.patch git apply $cvePatchesLinux/CVE-2017-11473/ANY/0001.patch git apply $cvePatchesLinux/CVE-2017-12153/3.2-^3.16/0001.patch git apply $cvePatchesLinux/CVE-2017-13080/ANY/0002.patch @@ -30,5 +31,5 @@ git apply $cvePatchesLinux/CVE-2017-6348/^4.9/0001.patch git apply $cvePatchesLinux/CVE-2017-7533/3.4/0001.patch git apply $cvePatchesLinux/Untracked/ANY/0008-nfsd-check-for-oversized-NFSv2-v3-arguments.patch git apply $cvePatchesLinux/CVE-2017-0750/ANY/0001.patch -editKernelLocalversion "-dos.p30" +editKernelLocalversion "-dos.p31" cd $base diff --git a/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_google_marlin.sh b/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_google_marlin.sh index 0a2e33c8..842e6bbd 100644 --- a/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_google_marlin.sh +++ b/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_google_marlin.sh @@ -71,6 +71,8 @@ git apply $cvePatchesLinux/CVE-2017-0627/ANY/0001.patch git apply $cvePatchesLinux/CVE-2017-0750/ANY/0001.patch git apply $cvePatchesLinux/CVE-2017-0866/3.18/0001.patch git apply $cvePatchesLinux/CVE-2017-14883/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-15649/ANY/0002.patch +git apply $cvePatchesLinux/CVE-2017-15834/ANY/0001.patch git apply $cvePatchesLinux/CVE-2017-16525/^4.13/0002.patch git apply $cvePatchesLinux/CVE-2017-16526/^4.13/0001.patch git apply $cvePatchesLinux/CVE-2017-16530/^4.13/0001.patch @@ -104,5 +106,5 @@ git apply $cvePatchesLinux/CVE-2016-6696/ANY/0001.patch git apply $cvePatchesLinux/CVE-2017-0610/ANY/0001.patch git apply $cvePatchesLinux/CVE-2017-0750/ANY/0001.patch git apply $cvePatchesLinux/CVE-2017-14883/ANY/0001.patch -editKernelLocalversion "-dos.p104" +editKernelLocalversion "-dos.p106" cd $base diff --git a/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_google_msm.sh b/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_google_msm.sh index 31404c3c..5955493b 100644 --- a/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_google_msm.sh +++ b/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_google_msm.sh @@ -13,6 +13,7 @@ git apply $cvePatchesLinux/CVE-2017-0710/ANY/0001.patch git apply $cvePatchesLinux/CVE-2017-0750/ANY/0001.patch git apply $cvePatchesLinux/CVE-2017-0751/ANY/0001.patch git apply $cvePatchesLinux/CVE-2017-0786/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-1000111/ANY/0001.patch #git apply $cvePatchesLinux/CVE-2017-11015/prima/0001.patch #git apply $cvePatchesLinux/CVE-2017-11015/prima/0002.patch git apply $cvePatchesLinux/CVE-2017-11473/ANY/0001.patch @@ -36,5 +37,5 @@ git apply $cvePatchesLinux/CVE-2017-8254/3.4/0001.patch git apply $cvePatchesLinux/CVE-2017-8254/3.4/0002.patch git apply $cvePatchesLinux/Untracked/ANY/0008-nfsd-check-for-oversized-NFSv2-v3-arguments.patch git apply $cvePatchesLinux/CVE-2017-0750/ANY/0001.patch -editKernelLocalversion "-dos.p36" +editKernelLocalversion "-dos.p37" cd $base diff --git a/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_htc_flounder.sh b/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_htc_flounder.sh index 12359c8f..f16528df 100644 --- a/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_htc_flounder.sh +++ b/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_htc_flounder.sh @@ -63,9 +63,10 @@ git apply $cvePatchesLinux/CVE-2017-6348/^4.9/0001.patch git apply $cvePatchesLinux/CVE-2017-6951/^3.14/0001.patch git apply $cvePatchesLinux/CVE-2017-7472/ANY/0001.patch git apply $cvePatchesLinux/CVE-2017-7533/3.10/0002.patch +git apply $cvePatchesLinux/CVE-2017-7533/3.10/0003.patch git apply $cvePatchesLinux/CVE-2017-9242/^4.11/0001.patch git apply $cvePatchesLinux/LVT-2017-0003/3.10/0001.patch git apply $cvePatchesLinux/Untracked/ANY/0008-nfsd-check-for-oversized-NFSv2-v3-arguments.patch git apply $cvePatchesLinux/CVE-2016-2475/ANY/0001.patch -editKernelLocalversion "-dos.p67" +editKernelLocalversion "-dos.p68" cd $base diff --git a/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_huawei_angler.sh b/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_huawei_angler.sh index aaca85a0..9936d4a0 100644 --- a/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_huawei_angler.sh +++ b/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_huawei_angler.sh @@ -75,10 +75,7 @@ git apply $cvePatchesLinux/CVE-2017-11600/3.10/0001.patch git apply $cvePatchesLinux/CVE-2017-12153/3.2-^3.16/0001.patch git apply $cvePatchesLinux/CVE-2017-14877/3.10/0001.patch git apply $cvePatchesLinux/CVE-2017-16526/^4.13/0001.patch -git apply $cvePatchesLinux/CVE-2017-16531/^4.13/0001.patch git apply $cvePatchesLinux/CVE-2017-16532/^4.13/0001.patch -git apply $cvePatchesLinux/CVE-2017-16533/^4.13/0001.patch -git apply $cvePatchesLinux/CVE-2017-16535/^4.13/0001.patch git apply $cvePatchesLinux/CVE-2017-16537/^4.13/0001.patch git apply $cvePatchesLinux/CVE-2017-16538/^4.13/0001.patch git apply $cvePatchesLinux/CVE-2017-16538/^4.13/0002.patch @@ -99,6 +96,7 @@ git apply $cvePatchesLinux/CVE-2017-6348/^4.9/0001.patch git apply $cvePatchesLinux/CVE-2017-6951/^3.14/0001.patch git apply $cvePatchesLinux/CVE-2017-7472/ANY/0001.patch git apply $cvePatchesLinux/CVE-2017-7487/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-7533/3.10/0003.patch git apply $cvePatchesLinux/CVE-2017-8269/3.10/0002.patch git apply $cvePatchesLinux/CVE-2017-8280/ANY/0001.patch git apply $cvePatchesLinux/CVE-2017-9242/^4.11/0001.patch @@ -108,5 +106,5 @@ git apply $cvePatchesLinux/CVE-2016-2475/ANY/0001.patch git apply $cvePatchesLinux/CVE-2016-6693/ANY/0001.patch git apply $cvePatchesLinux/CVE-2016-6696/ANY/0001.patch git apply $cvePatchesLinux/CVE-2017-15845/ANY/0001.patch -editKernelLocalversion "-dos.p108" +editKernelLocalversion "-dos.p106" cd $base diff --git a/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_lge_bullhead.sh b/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_lge_bullhead.sh index e4b421a4..8e929d53 100644 --- a/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_lge_bullhead.sh +++ b/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_lge_bullhead.sh @@ -68,10 +68,7 @@ git apply $cvePatchesLinux/CVE-2017-11600/3.10/0001.patch git apply $cvePatchesLinux/CVE-2017-12153/3.2-^3.16/0001.patch git apply $cvePatchesLinux/CVE-2017-14877/3.10/0001.patch git apply $cvePatchesLinux/CVE-2017-16526/^4.13/0001.patch -git apply $cvePatchesLinux/CVE-2017-16531/^4.13/0001.patch git apply $cvePatchesLinux/CVE-2017-16532/^4.13/0001.patch -git apply $cvePatchesLinux/CVE-2017-16533/^4.13/0001.patch -git apply $cvePatchesLinux/CVE-2017-16535/^4.13/0001.patch git apply $cvePatchesLinux/CVE-2017-16537/^4.13/0001.patch git apply $cvePatchesLinux/CVE-2017-16538/^4.13/0001.patch git apply $cvePatchesLinux/CVE-2017-16538/^4.13/0002.patch @@ -92,11 +89,12 @@ git apply $cvePatchesLinux/CVE-2017-6348/^4.9/0001.patch git apply $cvePatchesLinux/CVE-2017-6951/^3.14/0001.patch git apply $cvePatchesLinux/CVE-2017-7472/ANY/0001.patch git apply $cvePatchesLinux/CVE-2017-7487/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-7533/3.10/0003.patch git apply $cvePatchesLinux/CVE-2017-8269/3.10/0002.patch git apply $cvePatchesLinux/CVE-2017-9242/^4.11/0001.patch git apply $cvePatchesLinux/LVT-2017-0003/3.10/0001.patch git apply $cvePatchesLinux/Untracked/ANY/0008-nfsd-check-for-oversized-NFSv2-v3-arguments.patch git apply $cvePatchesLinux/CVE-2016-6693/ANY/0001.patch git apply $cvePatchesLinux/CVE-2016-6696/ANY/0001.patch -editKernelLocalversion "-dos.p98" +editKernelLocalversion "-dos.p96" cd $base diff --git a/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_lge_g3.sh b/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_lge_g3.sh index 8bd634b5..64c62b14 100644 --- a/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_lge_g3.sh +++ b/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_lge_g3.sh @@ -13,6 +13,7 @@ git apply $cvePatchesLinux/CVE-2017-0610/ANY/0001.patch git apply $cvePatchesLinux/CVE-2017-0611/3.4/0001.patch git apply $cvePatchesLinux/CVE-2017-0750/ANY/0001.patch git apply $cvePatchesLinux/CVE-2017-0786/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-1000111/ANY/0001.patch git apply $cvePatchesLinux/CVE-2017-11090/ANY/0001.patch git apply $cvePatchesLinux/CVE-2017-11473/ANY/0001.patch git apply $cvePatchesLinux/CVE-2017-13215/ANY/0001.patch @@ -31,5 +32,5 @@ git apply $cvePatchesLinux/CVE-2017-17558/ANY/0001.patch git apply $cvePatchesLinux/CVE-2017-8246/3.4/0002.patch git apply $cvePatchesLinux/Untracked/ANY/0008-nfsd-check-for-oversized-NFSv2-v3-arguments.patch git apply $cvePatchesLinux/CVE-2017-0750/ANY/0001.patch -editKernelLocalversion "-dos.p31" +editKernelLocalversion "-dos.p32" cd $base diff --git a/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_lge_hammerhead.sh b/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_lge_hammerhead.sh index 89a23501..407eaf42 100644 --- a/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_lge_hammerhead.sh +++ b/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_lge_hammerhead.sh @@ -14,6 +14,7 @@ git apply $cvePatchesLinux/CVE-2017-0710/ANY/0001.patch git apply $cvePatchesLinux/CVE-2017-0750/ANY/0001.patch git apply $cvePatchesLinux/CVE-2017-0751/ANY/0001.patch git apply $cvePatchesLinux/CVE-2017-0786/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-1000111/ANY/0001.patch git apply $cvePatchesLinux/CVE-2017-11089/ANY/0001.patch git apply $cvePatchesLinux/CVE-2017-11090/ANY/0001.patch git apply $cvePatchesLinux/CVE-2017-11473/ANY/0001.patch @@ -42,5 +43,5 @@ git apply $cvePatchesLinux/CVE-2017-9242/^4.11/0001.patch git apply $cvePatchesLinux/CVE-2017-9684/ANY/0001.patch git apply $cvePatchesLinux/Untracked/ANY/0008-nfsd-check-for-oversized-NFSv2-v3-arguments.patch git apply $cvePatchesLinux/CVE-2017-0750/ANY/0001.patch -editKernelLocalversion "-dos.p42" +editKernelLocalversion "-dos.p43" cd $base diff --git a/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_lge_msm8974.sh b/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_lge_msm8974.sh index 7cd9f6be..ce108ea6 100644 --- a/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_lge_msm8974.sh +++ b/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_lge_msm8974.sh @@ -9,6 +9,7 @@ git apply $cvePatchesLinux/CVE-2016-0806/prima/0010.patch git apply $cvePatchesLinux/CVE-2016-6751/ANY/0001.patch git apply $cvePatchesLinux/CVE-2017-0648/ANY/0001.patch git apply $cvePatchesLinux/CVE-2017-0750/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-1000111/ANY/0001.patch git apply $cvePatchesLinux/CVE-2017-11473/ANY/0001.patch git apply $cvePatchesLinux/CVE-2017-16525/^4.13/0002.patch git apply $cvePatchesLinux/CVE-2017-16526/^4.13/0001.patch @@ -23,5 +24,5 @@ git apply $cvePatchesLinux/CVE-2017-16USB/ANY/0006.patch git apply $cvePatchesLinux/CVE-2017-7487/ANY/0001.patch git apply $cvePatchesLinux/Untracked/ANY/0008-nfsd-check-for-oversized-NFSv2-v3-arguments.patch git apply $cvePatchesLinux/CVE-2017-0750/ANY/0001.patch -editKernelLocalversion "-dos.p23" +editKernelLocalversion "-dos.p24" cd $base diff --git a/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_moto_shamu.sh b/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_moto_shamu.sh index c4a5f2f6..9087b45c 100644 --- a/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_moto_shamu.sh +++ b/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_moto_shamu.sh @@ -62,10 +62,11 @@ git apply $cvePatchesLinux/CVE-2017-17558/ANY/0001.patch git apply $cvePatchesLinux/CVE-2017-5972/ANY/0002.patch git apply $cvePatchesLinux/CVE-2017-6345/^4.9/0001.patch git apply $cvePatchesLinux/CVE-2017-7487/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-7533/3.10/0003.patch git apply $cvePatchesLinux/CVE-2017-8269/ANY/0001.patch git apply $cvePatchesLinux/CVE-2017-9242/^4.11/0001.patch git apply $cvePatchesLinux/LVT-2017-0003/3.10/0001.patch git apply $cvePatchesLinux/CVE-2016-2475/ANY/0001.patch git apply $cvePatchesLinux/CVE-2017-0750/ANY/0001.patch -editKernelLocalversion "-dos.p67" +editKernelLocalversion "-dos.p68" cd $base diff --git a/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_nextbit_msm8992.sh b/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_nextbit_msm8992.sh index 0a777cd2..bf627cf1 100644 --- a/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_nextbit_msm8992.sh +++ b/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_nextbit_msm8992.sh @@ -55,6 +55,7 @@ git apply $cvePatchesLinux/CVE-2017-17558/ANY/0001.patch git apply $cvePatchesLinux/CVE-2017-17762/ANY/0001.patch git apply $cvePatchesLinux/CVE-2017-6345/^4.9/0001.patch git apply $cvePatchesLinux/CVE-2017-7533/3.10/0002.patch +git apply $cvePatchesLinux/CVE-2017-7533/3.10/0003.patch git apply $cvePatchesLinux/CVE-2017-8243/3.10/0001.patch git apply $cvePatchesLinux/CVE-2017-8281/3.10/0001.patch git apply $cvePatchesLinux/CVE-2017-8281/3.10/0003.patch @@ -63,5 +64,5 @@ git apply $cvePatchesLinux/LVT-2017-0003/3.10/0001.patch git apply $cvePatchesLinux/CVE-2016-6693/ANY/0001.patch git apply $cvePatchesLinux/CVE-2016-6696/ANY/0001.patch git apply $cvePatchesLinux/CVE-2017-0750/ANY/0001.patch -editKernelLocalversion "-dos.p63" +editKernelLocalversion "-dos.p64" cd $base diff --git a/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_oppo_msm8974.sh b/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_oppo_msm8974.sh index 25f24942..11f57b9c 100644 --- a/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_oppo_msm8974.sh +++ b/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_oppo_msm8974.sh @@ -18,6 +18,7 @@ git apply $cvePatchesLinux/CVE-2017-0648/ANY/0001.patch git apply $cvePatchesLinux/CVE-2017-0750/ANY/0001.patch git apply $cvePatchesLinux/CVE-2017-0751/ANY/0001.patch git apply $cvePatchesLinux/CVE-2017-0786/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-1000111/ANY/0001.patch git apply $cvePatchesLinux/CVE-2017-1000380/^4.11/0001.patch git apply $cvePatchesLinux/CVE-2017-11000/ANY/0002.patch git apply $cvePatchesLinux/CVE-2017-11019/ANY/0001.patch @@ -47,5 +48,5 @@ git apply $cvePatchesLinux/CVE-2017-9684/ANY/0001.patch git apply $cvePatchesLinux/CVE-2017-9706/ANY/0001.patch git apply $cvePatchesLinux/Untracked/ANY/0008-nfsd-check-for-oversized-NFSv2-v3-arguments.patch git apply $cvePatchesLinux/CVE-2017-0750/ANY/0001.patch -editKernelLocalversion "-dos.p47" +editKernelLocalversion "-dos.p48" cd $base diff --git a/Scripts/LineageOS-15.1/Patch.sh b/Scripts/LineageOS-15.1/Patch.sh index c6c105c8..2c68e604 100755 --- a/Scripts/LineageOS-15.1/Patch.sh +++ b/Scripts/LineageOS-15.1/Patch.sh @@ -61,7 +61,7 @@ cp -r $patches"Fennec_DOS-Shim" $base"packages/apps/"; #Add a shim to install Fe #optipng -strip all res*/images/*.png; enterAndClear "build/make" -#patch -p1 < $patches"android_build/0001-Automated_Build_Signing.patch" #Automated build signing. Disclaimer: From CopperheadOS 13.0 #TODO: Rebase +patch -p1 < $patches"android_build/0001-Automated_Build_Signing.patch" #Automated build signing. Disclaimer: From CopperheadOS 13.0 sed -i 's/messaging/Silence/' target/product/*.mk; #Replace AOSP Messaging app with Silence enterAndClear "device/qcom/sepolicy"