Reconcile picks + Fixup

SkewedZeppelin · SkewedZeppelin · commit 3e2b2e0c4fa7 · 2024-06-22T20:46:16.000-04:00
Fixes #313 Signed-off-by: Tavi <tavi@divested.dev>
diff --git a/Scripts/Common/Fix_CVE_Patchers.sh b/Scripts/Common/Fix_CVE_Patchers.sh
@@ -55,8 +55,8 @@ commentPatches android_kernel_google_bonito.sh "CVE-2020-0067";
 commentPatches android_kernel_google_coral.sh "CVE-2019-19319" "CVE-2020-1749" "CVE-2020-8992" "CVE-2021-30324";
 commentPatches android_kernel_google_dragon.sh "0006-AndroidHardening-Kernel_Hardening/3.18/0026.patch" "0008-Graphene-Kernel_Hardening-ro" "CVE-2015-4167" "CVE-2017-15951" "CVE-2016-1237" "CVE-2016-6198" "CVE-2017-7374" "CVE-2018-17972" "CVE-2019-2214" "CVE-2021-39715/ANY/0001.patch";
 commentPatches android_kernel_google_crosshatch.sh "CVE-2020-0067";
-commentPatches android_kernel_google_gs101_private_gs-google.sh "CVE-2021-29648/^5.11/0001.patch" "CVE-2023-6817/5.10/0002.patch" "CVE-2023-52462/5.10/0002.patch" "CVE-2023-52672" "CVE-2024-26733/5.10/0002.patch" "CVE-2023-52656/5.10" "CVE-2024-26882";
-commentPatches android_kernel_google_gs201_private_gs-google.sh "CVE-2021-29648/^5.11/0001.patch" "CVE-2023-6817/5.10/0002.patch" "CVE-2023-52462/5.10/0002.patch" "CVE-2023-52672" "CVE-2024-26733/5.10/0002.patch" "CVE-2023-52656/5.10" "CVE-2024-26882";
+commentPatches android_kernel_google_gs101_private_gs-google.sh "CVE-2021-29648/^5.11/0001.patch" "CVE-2023-6817/5.10/0002.patch" "CVE-2023-52462/5.10/0002.patch" "CVE-2023-52672" "CVE-2024-26733/5.10/0002.patch" "CVE-2023-52656/5.10" "CVE-2024-26882" "CVE-2024-38564";
+commentPatches android_kernel_google_gs201_private_gs-google.sh "CVE-2021-29648/^5.11/0001.patch" "CVE-2023-6817/5.10/0002.patch" "CVE-2023-52462/5.10/0002.patch" "CVE-2023-52672" "CVE-2024-26733/5.10/0002.patch" "CVE-2023-52656/5.10" "CVE-2024-26882" "CVE-2024-38564";
 commentPatches android_kernel_google_marlin.sh "0001-LinuxIncrementals/3.18/3.18.0098-0099.patch" "0006-AndroidHardening-Kernel_Hardening/3.18/0048.patch" "0006-AndroidHardening-Kernel_Hardening/3.18/0049.patch" "0008-Graphene-Kernel_Hardening-canaries/4.4/0002.patch" "CVE-2017-13162/3.18/0001.patch" "CVE-2017-14883" "CVE-2017-15951" "CVE-2018-17972" "CVE-2019-16746" "CVE-2020-0427" "CVE-2020-14381" "CVE-2020-16166" "CVE-2021-39715/ANY/0001.patch" "CVE-2022-42896/4.9";
 commentPatches android_kernel_google_msm.sh "CVE-2017-11015/prima" "CVE-2021-Misc2/ANY/0031.patch";
 commentPatches android_kernel_google_msm-4.9.sh "CVE-2019-19319" "CVE-2020-0067" "CVE-2020-1749" "CVE-2020-8992" "CVE-2021-30324" "CVE-2021-45469";
diff --git a/Scripts/LineageOS-19.1/Functions.sh b/Scripts/LineageOS-19.1/Functions.sh
@@ -66,9 +66,8 @@ patchWorkspaceReal() {
 	verifyAllPlatformTags;
 	gpgVerifyGitHead "$DOS_BUILD_BASE/external/chromium-webview";
 
-	source build/envsetup.sh;
+	#source build/envsetup.sh;
 	#repopick -ift twelve-bt-sbc-hd-dualchannel;
-	repopick -it S_asb_2024-06 -e 394523,394543;
 
 	sh "$DOS_SCRIPTS/Patch.sh";
 	sh "$DOS_SCRIPTS_COMMON/Enable_Verity.sh";
diff --git a/Scripts/LineageOS-19.1/Patch.sh b/Scripts/LineageOS-19.1/Patch.sh
@@ -95,7 +95,6 @@ applyPatch "$DOS_PATCHES_COMMON/android_build/0001-verity-openssl3.patch"; #Fix
 sed -i '75i$(my_res_package): PRIVATE_AAPT_FLAGS += --auto-add-overlay' core/aapt2.mk; #Enable auto-add-overlay for packages, this allows the vendor overlay to easily work across all branches.
 awk -i inplace '!/updatable_apex.mk/' target/product/generic_system.mk; #Disable APEX
 sed -i 's/PLATFORM_MIN_SUPPORTED_TARGET_SDK_VERSION := 23/PLATFORM_MIN_SUPPORTED_TARGET_SDK_VERSION := 28/' core/version_defaults.mk; #Set the minimum supported target SDK to Pie (GrapheneOS)
-sed -i 's/2024-05-05/2024-06-05/' core/version_defaults.mk; #Bump Security String #S_asb_2024-06
 fi;
 
 if enterAndClear "build/soong"; then
@@ -395,10 +394,6 @@ if enterAndClear "system/extras"; then
 applyPatch "$DOS_PATCHES/android_system_extras/0001-ext4_pad_filenames.patch"; #FBE: pad filenames more (GrapheneOS)
 fi;
 
-if enterAndClear "system/libfmq"; then
-git fetch https://github.com/LineageOS/android_system_libfmq refs/changes/43/394543/1 && git cherry-pick FETCH_HEAD; #S_asb_2024-06
-fi;
-
 if enterAndClear "system/netd"; then
 applyPatch "$DOS_PATCHES/android_system_netd/0001-Network_Permission.patch"; #Expose the NETWORK permission (GrapheneOS)
 fi;
diff --git a/Scripts/LineageOS-20.0/Functions.sh b/Scripts/LineageOS-20.0/Functions.sh
@@ -162,8 +162,7 @@ patchWorkspaceReal() {
 			verifyAllPlatformTags;
 			gpgVerifyGitHead "$DOS_BUILD_BASE/external/chromium-webview";
 
-			source build/envsetup.sh;
-			repopick -it T_asb_2024-06 -e 394238,394253;
+			#source build/envsetup.sh;
 
 			sh "$DOS_SCRIPTS/Patch.sh";
 			sh "$DOS_SCRIPTS_COMMON/Enable_Verity.sh";
diff --git a/Scripts/LineageOS-20.0/Patch.sh b/Scripts/LineageOS-20.0/Patch.sh
@@ -395,10 +395,6 @@ if enterAndClear "system/extras"; then
 applyPatch "$DOS_PATCHES/android_system_extras/0001-ext4_pad_filenames.patch"; #FBE: pad filenames more (GrapheneOS)
 fi;
 
-if enterAndClear "system/libfmq"; then
-git fetch https://github.com/LineageOS/android_system_libfmq refs/changes/53/394253/1 && git cherry-pick FETCH_HEAD; #T_asb_2024-06
-fi;
-
 if enterAndClear "system/sepolicy"; then
 applyPatch "$DOS_PATCHES/android_system_sepolicy/0002-protected_files.patch"; #Label protected_{fifos,regular} as proc_security (GrapheneOS)
 applyPatch "$DOS_PATCHES/android_system_sepolicy/0003-ptrace_scope-1.patch"; #Allow init to control kernel.yama.ptrace_scope (GrapheneOS)
