Hi, I would go for the option reverting this one security patch since there has been no solution from anybody yet. This way at least the other security fixes get to the people and we are not just delaying the 0004 release and thus having all those other security vulnerabilities open to be exploited.
I will start working on the revert today. Joonas Kurtis Hanna: > Hello all, > > CVE-2017-13154 was announced in Google's security bulletin here: > https://source.android.com/security/bulletin/pixel/2017-12-01 > > Their patch to fix this is here: > https://android.googlesource.com/platform/frameworks/av/+/271defe729a10db25b45759c8ccfb5abed24c647 > > The patch that fixes CVE-2017-13154 was backported to LineageOS 13 on > Jan 12, 2018 here: > https://github.com/LineageOS/android_frameworks_av/commit/19d12edc1aad955ecd2e2b1bc786f1e7acb5fe0c#diff-26fac486080a94be3c3dd15b0775665a > > When testing and reviewing the patch on LOS 13, multiple people observed > that it breaks the camera functionality and causes system crashes. > https://review.lineageos.org/c/LineageOS/android_frameworks_av/+/198403 > > This patch also seemed to break video playback / YouTube on LOS 11: > https://review.lineageos.org/c/LineageOS/android_frameworks_av/+/211067/11 > > Due to this, instead of properly backporting the patch to prevent the > camera from breaking and system from crashing, a workaround to the patch > was made. The commit message describes it this way: > > Backport: Wrap into #ifndef/#endif statement to allow skipping this > patch for specific devices by adding the following directive into the > BoardConfig.mk or BoardConfigCommon.mk file of the device repo: > TARGET_RELEASE_CPPFLAGS += -DSKIP_CVE_2017_13154 > > On May 7, 2018 it was determined that the method used in the backported > patch, where a C/C++ flag was used in BoardConfig.mk / > BoardConfigCommon.mk, was a bad idea and that a Boardflag should be used > instead, so this patch was applied: > https://review.lineageos.org/c/LineageOS/android_frameworks_av/+/212842 > > Since LineageOS upstream doesn't have a fix for this, I suggest that we > either revert both of these two patches or add the > 'BOARD_SKIP_CVE_2017_13154' boardflag for any 6.0 devices that are > currently experiencing system crashes on our alpha 0004 builds. > > The two patches are on our cgit here: > https://git.replicant.us/replicant/frameworks_av/commit/?id=19d12edc1aad955ecd2e2b1bc786f1e7acb5fe0c > https://git.replicant.us/replicant/frameworks_av/commit/?id=a794b89fe00d214c8c1ced6a9519dd48b1ceb4af > > Sure, it'd be great to figure out how to properly backport the upstream > patch, but we already are missing a number of other upstream patches > because they never were fixed in LOS 13. When we release this new Rom, > we can emphasize to everyone that Replicant 6.0 0004 is supposed to just > be a stop gap between 6.0 0003 and Replicant 9 and that it doesn't have > all of Google's security patches applied. > > As a side note, it seems as though LineageOS only lets you sign into > their gerrit instance if you have a Google account. I don't have a > google account though and don't particularly want one. It might be worth > asking them to provide a different login option so that we can > collaborate with them closer. > > Cordially, > Kurtis > > Joonas Kylmälä: >> Hi, >> >> yeah, this was just linked to #replicant IRC channel: >> <https://forum.xda-developers.com/droid-ultra/development/rom-cyanogenmod-13-obake-t3319958/page36>. >> So the patch was ifdef'd because it broke on one device. I think we >> might be using software audio/video decoding/encoding and in lineageos >> it might be hardware so they might use different libraries and not have >> come across this on other than that 1 device which was then not fixed. >> >> Joonas >> >> Marcos Marado: >>> That ifdef is in there because this will happen to some devices but >>> not others (and we should investigate each replicant device to see >>> which of them are affected, it might be all as you assume, but it >>> might be none). Unfortunately, for the devices you see this happen, it >>> probably means that one of the propriatery files you are copying from >>> the device was depending on the old behavior. >>> >>> On Mon, Oct 14, 2019 at 9:38 PM Joonas Kylmälä <joonas.kylm...@iki.fi> >>> wrote: >>>> >>>> Hi, >>>> >>>> we investigated today a system server crash: >>>> <http://paste.debian.net/plain/1106710>. It was bisected to commit >>>> <https://git.replicant.us/replicant/frameworks_av/commit/?id=19d12edc1aad955ecd2e2b1bc786f1e7acb5fe0c>. >>>> If anybody has suggestions how to fix this please let us know! >>>> >>>> This is causing most likely the audio issues people have reported >>>> happening on the dev branch and it causes the boot time to be much much >>>> longer and most likely other issues. It is blocking the 0004 we were >>>> planning to do this Sunday. >>>> >>>> Joonas >>>> _______________________________________________ >>>> Replicant mailing list >>>> Replicant@osuosl.org >>>> https://lists.osuosl.org/mailman/listinfo/replicant >>> >> _______________________________________________ >> Replicant mailing list >> Replicant@osuosl.org >> https://lists.osuosl.org/mailman/listinfo/replicant >> > _______________________________________________ > Replicant mailing list > Replicant@osuosl.org > https://lists.osuosl.org/mailman/listinfo/replicant > _______________________________________________ Replicant mailing list Replicant@osuosl.org https://lists.osuosl.org/mailman/listinfo/replicant
