In the past, when GrapheneOS was in a better state, the latest kernel.org LTS branches were promptly merged along with additional fixes not included in the upstream branches. The fix for the bug now assigned CVE-2019-2215 was already applied for the Pixel 1 and 2.
Conversation
Unfortunately, due to lack of resources and support, it hasn't yet been possible to start doing this for the ongoing revival of the project. In the past, I used to do it myself, but don't have the time and energy available anymore and people aren't stepping up to fill that gap.
3
4
7
Replying to
There's supposed to be a stable-base branch with all of the LTS kernel patches cherry picked on top of the AOSP kernel branch for the device. Every month, it needs to be rebased on top of the new AOSP kernel tag. They eventually merge these changes in quarterly / yearly releases.
2
1
It's a moving target, and requires careful review to make sure the patches apply properly (not just resolving conflicts, but making sure things didn't silently go wrong) and to correctly resolve the conflicts that do happen. It adds up to a lot of work, and I can't do it anymore.