diff --git a/Patches/LineageOS-17.1/android_external_skia/408442.patch b/Patches/LineageOS-17.1/android_external_skia/410984.patch similarity index 95% rename from Patches/LineageOS-17.1/android_external_skia/408442.patch rename to Patches/LineageOS-17.1/android_external_skia/410984.patch index bc8031ab..cfe18437 100644 --- a/Patches/LineageOS-17.1/android_external_skia/408442.patch +++ b/Patches/LineageOS-17.1/android_external_skia/410984.patch @@ -1,4 +1,4 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From 8403f004112570c0974f227e79e82607e12f6c94 Mon Sep 17 00:00:00 2001 From: Brian Osman Date: Tue, 27 Aug 2024 14:22:52 -0400 Subject: [PATCH] RESTRICT AUTOMERGE: Avoid potential overflow when allocating @@ -25,7 +25,7 @@ Change-Id: Ia35860371d45120baca63238e77faa5c0eb25d51 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/src/effects/SkEmbossMaskFilter.cpp b/src/effects/SkEmbossMaskFilter.cpp -index ef26520172..94ff73e908 100644 +index ef265201727..94ff73e9088 100644 --- a/src/effects/SkEmbossMaskFilter.cpp +++ b/src/effects/SkEmbossMaskFilter.cpp @@ -95,11 +95,13 @@ bool SkEmbossMaskFilter::filterMask(SkMask* dst, const SkMask& src, diff --git a/Patches/LineageOS-17.1/android_frameworks_base/405515.patch b/Patches/LineageOS-17.1/android_frameworks_base/408524.patch similarity index 88% rename from Patches/LineageOS-17.1/android_frameworks_base/405515.patch rename to Patches/LineageOS-17.1/android_frameworks_base/408524.patch index a9c581ca..c2e49157 100644 --- a/Patches/LineageOS-17.1/android_frameworks_base/405515.patch +++ b/Patches/LineageOS-17.1/android_frameworks_base/408524.patch @@ -1,4 +1,4 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From c913dee38cbeaae19c5f12c37aec25654d74b671 Mon Sep 17 00:00:00 2001 From: Dmitry Dementyev Date: Thu, 11 Jul 2024 12:39:22 -0700 Subject: [PATCH] Update AccountManagerService checkKeyIntent. @@ -17,10 +17,10 @@ Change-Id: I8b23191d3d60036ca7ddf0ef7dcba6b38fb27b3c 1 file changed, 3 insertions(+) diff --git a/services/core/java/com/android/server/accounts/AccountManagerService.java b/services/core/java/com/android/server/accounts/AccountManagerService.java -index bf577735d037..e8c8b32884e9 100644 +index bf577735d0372..e8c8b32884e96 100644 --- a/services/core/java/com/android/server/accounts/AccountManagerService.java +++ b/services/core/java/com/android/server/accounts/AccountManagerService.java -@@ -4822,6 +4822,9 @@ public class AccountManagerService +@@ -4822,6 +4822,9 @@ protected boolean checkKeyIntent(int authUid, Bundle bundle) { if (resolveInfo == null) { return false; } diff --git a/Patches/LineageOS-17.1/android_frameworks_base/405516.patch b/Patches/LineageOS-17.1/android_frameworks_base/408525.patch similarity index 85% rename from Patches/LineageOS-17.1/android_frameworks_base/405516.patch rename to Patches/LineageOS-17.1/android_frameworks_base/408525.patch index 0b85faf0..474f71f4 100644 --- a/Patches/LineageOS-17.1/android_frameworks_base/405516.patch +++ b/Patches/LineageOS-17.1/android_frameworks_base/408525.patch @@ -1,4 +1,4 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From 4ffd411d62fe0a866c0ed0852260e2834c202630 Mon Sep 17 00:00:00 2001 From: William Loh Date: Mon, 3 Jun 2024 12:56:47 -0700 Subject: [PATCH] Fail parseUri if end is missing @@ -15,10 +15,10 @@ Change-Id: I5f619ced684ff505ce2b7408cd35dd3e9be89dea 1 file changed, 3 insertions(+) diff --git a/core/java/android/content/Intent.java b/core/java/android/content/Intent.java -index 72e0fa615b09..0685466bfa74 100644 +index 72e0fa615b092..0685466bfa74e 100644 --- a/core/java/android/content/Intent.java +++ b/core/java/android/content/Intent.java -@@ -6708,6 +6708,9 @@ public class Intent implements Parcelable, Cloneable { +@@ -6708,6 +6708,9 @@ public static Intent parseUri(String uri, @UriFlags int flags) throws URISyntaxE int eq = uri.indexOf('=', i); if (eq < 0) eq = i-1; int semi = uri.indexOf(';', i); diff --git a/Patches/LineageOS-17.1/android_frameworks_base/405518.patch b/Patches/LineageOS-17.1/android_frameworks_base/408526.patch similarity index 84% rename from Patches/LineageOS-17.1/android_frameworks_base/405518.patch rename to Patches/LineageOS-17.1/android_frameworks_base/408526.patch index c3853e41..29ab26b4 100644 --- a/Patches/LineageOS-17.1/android_frameworks_base/405518.patch +++ b/Patches/LineageOS-17.1/android_frameworks_base/408526.patch @@ -1,8 +1,8 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From d336d741ce6aa201cb81de38153bb367921fdf9d Mon Sep 17 00:00:00 2001 From: Sumedh Sen Date: Wed, 17 Jul 2024 01:00:55 +0000 -Subject: [PATCH] Check whether installerPackageName contains only valid - characters +Subject: [PATCH] [RESTRICT AUTOMERGE] Check whether installerPackageName + contains only valid characters Bug: 341256391 Bug: 307532206 @@ -15,10 +15,10 @@ Change-Id: I74a172c617d6f5b13f0708092156b657b73b5891 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/services/core/java/com/android/server/pm/PackageInstallerService.java b/services/core/java/com/android/server/pm/PackageInstallerService.java -index 8715b183d142..6c77a9575dcb 100644 +index 8715b183d142b..6c77a9575dcb5 100644 --- a/services/core/java/com/android/server/pm/PackageInstallerService.java +++ b/services/core/java/com/android/server/pm/PackageInstallerService.java -@@ -549,12 +549,17 @@ public class PackageInstallerService extends IPackageInstaller.Stub implements +@@ -549,12 +549,17 @@ private int createSessionInternal(SessionParams params, String installerPackageN params.appLabel = TextUtils.trimToSize(params.appLabel, PackageItemInfo.MAX_SAFE_LABEL_LENGTH); diff --git a/Patches/LineageOS-17.1/android_frameworks_base/408443.patch b/Patches/LineageOS-17.1/android_frameworks_base/410985.patch similarity index 89% rename from Patches/LineageOS-17.1/android_frameworks_base/408443.patch rename to Patches/LineageOS-17.1/android_frameworks_base/410985.patch index 14c622c2..89722647 100644 --- a/Patches/LineageOS-17.1/android_frameworks_base/408443.patch +++ b/Patches/LineageOS-17.1/android_frameworks_base/410985.patch @@ -1,4 +1,4 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From 90f15826f146b6487064f3a680f129ea50c32f71 Mon Sep 17 00:00:00 2001 From: Dmitry Dementyev Date: Tue, 2 Jul 2024 11:02:07 -0700 Subject: [PATCH] Remove authenticator data if it was disabled. @@ -15,10 +15,10 @@ Change-Id: I36bd6bf101da03c9c30a6d3c0080b801e7898bc6 1 file changed, 4 insertions(+) diff --git a/services/core/java/com/android/server/accounts/AccountManagerService.java b/services/core/java/com/android/server/accounts/AccountManagerService.java -index e8c8b32884e9..f99e82f74f6e 100644 +index e8c8b32884e96..f99e82f74f6eb 100644 --- a/services/core/java/com/android/server/accounts/AccountManagerService.java +++ b/services/core/java/com/android/server/accounts/AccountManagerService.java -@@ -1165,6 +1165,10 @@ public class AccountManagerService +@@ -1165,6 +1165,10 @@ private void validateAccountsInternal( obsoleteAuthType.add(type); // And delete it from the TABLE_META accountsDb.deleteMetaByAuthTypeAndUid(type, uid); diff --git a/Patches/LineageOS-17.1/android_frameworks_base/408444.patch b/Patches/LineageOS-17.1/android_frameworks_base/410986.patch similarity index 87% rename from Patches/LineageOS-17.1/android_frameworks_base/408444.patch rename to Patches/LineageOS-17.1/android_frameworks_base/410986.patch index 816ccc21..e8c16e4e 100644 --- a/Patches/LineageOS-17.1/android_frameworks_base/408444.patch +++ b/Patches/LineageOS-17.1/android_frameworks_base/410986.patch @@ -1,4 +1,4 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From 52ea93cd8fc8e703ecbad0efef526cd3a7f17617 Mon Sep 17 00:00:00 2001 From: Jean-Michel Trivi Date: Mon, 24 Jun 2024 17:29:14 -0700 Subject: [PATCH] RingtoneManager: allow video ringtone URI @@ -17,10 +17,10 @@ Change-Id: Iac9f27f14bae29e0fabc31e05da2357f6f4f16c7 2 files changed, 13 insertions(+), 6 deletions(-) diff --git a/media/java/android/media/RingtoneManager.java b/media/java/android/media/RingtoneManager.java -index ad4751165d30..ea1cddca99d1 100644 +index ad4751165d306..ea1cddca99d16 100644 --- a/media/java/android/media/RingtoneManager.java +++ b/media/java/android/media/RingtoneManager.java -@@ -824,9 +824,13 @@ public class RingtoneManager { +@@ -824,9 +824,13 @@ public static void setActualDefaultRingtoneUri(Context context, int type, Uri ri + " ignored: failure to find mimeType (no access from this context?)"); return; } @@ -37,10 +37,10 @@ index ad4751165d30..ea1cddca99d1 100644 } } diff --git a/packages/SettingsProvider/src/com/android/providers/settings/SettingsProvider.java b/packages/SettingsProvider/src/com/android/providers/settings/SettingsProvider.java -index 7cb41275984e..02165eb8a213 100644 +index 7cb41275984e4..02165eb8a2137 100644 --- a/packages/SettingsProvider/src/com/android/providers/settings/SettingsProvider.java +++ b/packages/SettingsProvider/src/com/android/providers/settings/SettingsProvider.java -@@ -1734,7 +1734,7 @@ public class SettingsProvider extends ContentProvider { +@@ -1734,7 +1734,7 @@ private boolean mutateSystemSetting(String name, String value, int runAsUserId, cacheName = Settings.System.ALARM_ALERT_CACHE; } if (cacheName != null) { @@ -49,7 +49,7 @@ index 7cb41275984e..02165eb8a213 100644 return false; } final File cacheFile = new File( -@@ -1769,7 +1769,7 @@ public class SettingsProvider extends ContentProvider { +@@ -1769,7 +1769,7 @@ owningUserId, name, value, null, false, getCallingPackage(), } } @@ -58,7 +58,7 @@ index 7cb41275984e..02165eb8a213 100644 if (uri != null) { Uri audioUri = Uri.parse(uri); if (Settings.AUTHORITY.equals( -@@ -1787,10 +1787,13 @@ public class SettingsProvider extends ContentProvider { +@@ -1787,10 +1787,13 @@ private boolean isValidAudioUri(String name, String uri) { return false; } if (!(mimeType.startsWith("audio/") || mimeType.equals("application/ogg") diff --git a/Patches/LineageOS-17.1/android_frameworks_base/410987.patch b/Patches/LineageOS-17.1/android_frameworks_base/410987.patch new file mode 100644 index 00000000..1ebc3c3c --- /dev/null +++ b/Patches/LineageOS-17.1/android_frameworks_base/410987.patch @@ -0,0 +1,144 @@ +From 0fd389af4bbeff48cfb1faff5a31803f55003514 Mon Sep 17 00:00:00 2001 +From: Ioana Alexandru +Date: Wed, 31 Jul 2024 13:46:30 +0000 +Subject: [PATCH] Check more URIs in notifications + +Bug: 281044385 +Test: presubmit + tested in current release + +(cherry picked from commit f47b41a138ebd60f7b518fb6a9d8aa8230488422, +includes changes from commit 57bf60dd7b6a0a0e9785231f8ec25a458fedde64 +and commit 47fa2f79584b0a4e9ca7e9c6b237c4e5cf699032) +(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:e6ed8a4bef3ec5a2517fc80ac88e2fc09b67c226) +Merged-In: I1ce6bebd9452466d005505dc5b99a0fdc0e05e80 +Change-Id: I1ce6bebd9452466d005505dc5b99a0fdc0e05e80 +--- + core/java/android/app/Notification.java | 34 +++++++++++------------ + core/java/android/app/Person.java | 17 ++++++++++++ + core/java/android/widget/RemoteViews.java | 7 +++++ + 3 files changed, 41 insertions(+), 17 deletions(-) + +diff --git a/core/java/android/app/Notification.java b/core/java/android/app/Notification.java +index e7f226d091d6d..61a355ddbc77d 100644 +--- a/core/java/android/app/Notification.java ++++ b/core/java/android/app/Notification.java +@@ -2486,29 +2486,22 @@ public void visitUris(@NonNull Consumer visitor) { + ArrayList people = extras.getParcelableArrayList(EXTRA_PEOPLE_LIST); + if (people != null && !people.isEmpty()) { + for (Person p : people) { +- if (p.getIconUri() != null) { +- visitor.accept(p.getIconUri()); +- } ++ p.visitUris(visitor); + } + } + + // Extras for MessagingStyle. We visit them even if not isStyle(MessagingStyle), since + // Notification Listeners might use directly (without the isStyle check). + final Person person = extras.getParcelable(EXTRA_MESSAGING_PERSON); +- if (person != null && person.getIconUri() != null) { +- visitor.accept(person.getIconUri()); ++ if (person != null) { ++ person.visitUris(visitor); + } + + final Parcelable[] messages = extras.getParcelableArray(EXTRA_MESSAGES); + if (!ArrayUtils.isEmpty(messages)) { + for (MessagingStyle.Message message : MessagingStyle.Message + .getMessagesFromBundleArray(messages)) { +- visitor.accept(message.getDataUri()); +- +- Person senderPerson = message.getSenderPerson(); +- if (senderPerson != null && senderPerson.getIconUri() != null) { +- visitor.accept(senderPerson.getIconUri()); +- } ++ message.visitUris(visitor); + } + } + +@@ -2516,12 +2509,7 @@ public void visitUris(@NonNull Consumer visitor) { + if (!ArrayUtils.isEmpty(historic)) { + for (MessagingStyle.Message message : MessagingStyle.Message + .getMessagesFromBundleArray(historic)) { +- visitor.accept(message.getDataUri()); +- +- Person senderPerson = message.getSenderPerson(); +- if (senderPerson != null && senderPerson.getIconUri() != null) { +- visitor.accept(senderPerson.getIconUri()); +- } ++ message.visitUris(visitor); + } + } + } +@@ -7779,6 +7767,18 @@ static Bundle[] getBundleArrayForMessages(List messages) { + return bundles; + } + ++ /** ++ * See {@link Notification#visitUris(Consumer)}. ++ * ++ * @hide ++ */ ++ public void visitUris(@NonNull Consumer visitor) { ++ visitor.accept(getDataUri()); ++ if (mSender != null) { ++ mSender.visitUris(visitor); ++ } ++ } ++ + /** + * @return A list of messages read from the bundles. + * +diff --git a/core/java/android/app/Person.java b/core/java/android/app/Person.java +index b5820ba70020c..f6b9054ef0cc5 100644 +--- a/core/java/android/app/Person.java ++++ b/core/java/android/app/Person.java +@@ -24,6 +24,7 @@ + import android.os.Parcelable; + + import java.util.Objects; ++import java.util.function.Consumer; + + /** + * Provides an immutable reference to an entity that appears repeatedly on different surfaces of the +@@ -176,6 +177,22 @@ public void writeToParcel(Parcel dest, @WriteFlags int flags) { + dest.writeBoolean(mIsBot); + } + ++ /** ++ * Note all {@link Uri} that are referenced internally, with the expectation that Uri permission ++ * grants will need to be issued to ensure the recipient of this object is able to render its ++ * contents. ++ * See b/281044385 for more context and examples about what happens when this isn't done ++ * correctly. ++ * ++ * @hide ++ */ ++ public void visitUris(@NonNull Consumer visitor) { ++ visitor.accept(getIconUri()); ++ if (mUri != null && !mUri.isEmpty()) { ++ visitor.accept(Uri.parse(mUri)); ++ } ++ } ++ + /** Builder for the immutable {@link Person} class. */ + public static class Builder { + @Nullable private CharSequence mName; +diff --git a/core/java/android/widget/RemoteViews.java b/core/java/android/widget/RemoteViews.java +index c2e591950e25a..9f51fbf025700 100644 +--- a/core/java/android/widget/RemoteViews.java ++++ b/core/java/android/widget/RemoteViews.java +@@ -761,6 +761,13 @@ public int getActionTag() { + return SET_REMOTE_VIEW_ADAPTER_LIST_TAG; + } + ++ @Override ++ public void visitUris(@NonNull Consumer visitor) { ++ for (RemoteViews remoteViews : list) { ++ remoteViews.visitUris(visitor); ++ } ++ } ++ + int viewTypeCount; + ArrayList list; + } diff --git a/Patches/LineageOS-17.1/android_frameworks_base/410988.patch b/Patches/LineageOS-17.1/android_frameworks_base/410988.patch new file mode 100644 index 00000000..2f66f19b --- /dev/null +++ b/Patches/LineageOS-17.1/android_frameworks_base/410988.patch @@ -0,0 +1,82 @@ +From dcb0d9a1881ac39d3fb576c6af07b1f7dd1dc7e1 Mon Sep 17 00:00:00 2001 +From: Puma Hsu +Date: Mon, 9 Mar 2020 16:57:43 +0800 +Subject: [PATCH] Fix function setting failed in Developer options + +One can select USB function in Settings->System-> +Developer options->Default USB configuration without +a cable connected, and the selected function will be +the default function after re-connecting. However, this +function might be restored to NONE due to ENUMERATION_TIMEOUT +if one selected the function without a cable connected. + +When the device is not connected to a host, we should not +queue the ENUMERATION_TIMEOUT while switching function. +Fix it by checking connected status and also make it switch +to corresponding function if an user has selected one in the +Default USB configuration. + +Bug: 150422683 +Test: Switch functions from Default USB configuration for the +both cases cable connecting and disconnecting. And also try it +while there is the secure lock. +Signed-off-by: Puma Hsu +Change-Id: I1933c098e47496b8d6813a5a4e295bcf12027401 +--- + .../com/android/server/usb/UsbDeviceManager.java | 15 ++++++++++----- + 1 file changed, 10 insertions(+), 5 deletions(-) + +diff --git a/services/usb/java/com/android/server/usb/UsbDeviceManager.java b/services/usb/java/com/android/server/usb/UsbDeviceManager.java +index 434592f129b36..dd2198106b32b 100644 +--- a/services/usb/java/com/android/server/usb/UsbDeviceManager.java ++++ b/services/usb/java/com/android/server/usb/UsbDeviceManager.java +@@ -461,7 +461,6 @@ private static void initRndisAddress() { + abstract static class UsbHandler extends Handler { + + // current USB state +- private boolean mConnected; + private boolean mHostConnected; + private boolean mSourcePower; + private boolean mSinkPower; +@@ -489,6 +488,7 @@ abstract static class UsbHandler extends Handler { + private final UsbSettingsManager mSettingsManager; + private NotificationManager mNotificationManager; + ++ protected boolean mConnected; + protected long mScreenUnlockedFunctions; + protected boolean mBootCompleted; + protected boolean mCurrentFunctionsApplied; +@@ -1834,7 +1834,8 @@ public void handleMessage(Message msg) { + case MSG_SET_FUNCTIONS_TIMEOUT: + Slog.e(TAG, "Set functions timed out! no reply from usb hal"); + if (msg.arg1 != 1) { +- setEnabledFunctions(UsbManager.FUNCTION_NONE, false); ++ // Set this since default function may be selected from Developer options ++ setEnabledFunctions(mScreenUnlockedFunctions, false); + } + break; + case MSG_GET_CURRENT_USB_FUNCTIONS: +@@ -1856,7 +1857,8 @@ public void handleMessage(Message msg) { + * Dont force to default when the configuration is already set to default. + */ + if (msg.arg1 != 1) { +- setEnabledFunctions(UsbManager.FUNCTION_NONE, !isAdbEnabled()); ++ // Set this since default function may be selected from Developer options ++ setEnabledFunctions(mScreenUnlockedFunctions, false); + } + break; + case MSG_GADGET_HAL_REGISTERED: +@@ -1957,8 +1959,11 @@ private void setUsbConfig(long config, boolean chargingFunctions) { + SET_FUNCTIONS_TIMEOUT_MS - SET_FUNCTIONS_LEEWAY_MS); + sendMessageDelayed(MSG_SET_FUNCTIONS_TIMEOUT, chargingFunctions, + SET_FUNCTIONS_TIMEOUT_MS); +- sendMessageDelayed(MSG_FUNCTION_SWITCH_TIMEOUT, chargingFunctions, +- SET_FUNCTIONS_TIMEOUT_MS + ENUMERATION_TIME_OUT_MS); ++ if (mConnected) { ++ // Only queue timeout of enumeration when the USB is connected ++ sendMessageDelayed(MSG_FUNCTION_SWITCH_TIMEOUT, chargingFunctions, ++ SET_FUNCTIONS_TIMEOUT_MS + ENUMERATION_TIME_OUT_MS); ++ } + if (DEBUG) Slog.d(TAG, "timeout message queued"); + } catch (RemoteException e) { + Slog.e(TAG, "Remoteexception while calling setCurrentUsbFunctions", e); diff --git a/Patches/LineageOS-17.1/android_frameworks_base/410989.patch b/Patches/LineageOS-17.1/android_frameworks_base/410989.patch new file mode 100644 index 00000000..397e1946 --- /dev/null +++ b/Patches/LineageOS-17.1/android_frameworks_base/410989.patch @@ -0,0 +1,53 @@ +From b798244c86fbd567b1a8ec17e9d267316be4b28e Mon Sep 17 00:00:00 2001 +From: Ashish Kumar Gupta +Date: Wed, 31 Jul 2024 16:02:29 +0000 +Subject: [PATCH] Set no data transfer on function switch timeout for accessory + mode + +In case of function switch times out, we will check whether +the last function set was accessory. If this is the case, it is +recommended to set the function to NONE(No data transfer) rather than +setting it to the default USB function. + +Bug: 353712853 +Test: Build the code, flash the device and test it. +Test: atest CtsUsbManagerTestCases +Test: run CtsVerifier tool +Test: atest CtsUsbTests +(cherry picked from commit 7c6ec68537ba8abf798afd9ab7c3e5889841171f) +(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:b032a602cdad00687e1fe089d66a6c4fa6925d79) +Merged-In: I698e9df0333cbb51dd9bd5917a94d81273a2784a +Change-Id: I698e9df0333cbb51dd9bd5917a94d81273a2784a +--- + .../java/com/android/server/usb/UsbDeviceManager.java | 11 ++++++++--- + 1 file changed, 8 insertions(+), 3 deletions(-) + +diff --git a/services/usb/java/com/android/server/usb/UsbDeviceManager.java b/services/usb/java/com/android/server/usb/UsbDeviceManager.java +index dd2198106b32b..19b86b21216a4 100644 +--- a/services/usb/java/com/android/server/usb/UsbDeviceManager.java ++++ b/services/usb/java/com/android/server/usb/UsbDeviceManager.java +@@ -673,7 +673,7 @@ private void updateCurrentAccessory() { + } + } + +- private void notifyAccessoryModeExit() { ++ protected void notifyAccessoryModeExit() { + // make sure accessory mode is off + // and restore default functions + Slog.d(TAG, "exited USB accessory mode"); +@@ -1857,8 +1857,13 @@ public void handleMessage(Message msg) { + * Dont force to default when the configuration is already set to default. + */ + if (msg.arg1 != 1) { +- // Set this since default function may be selected from Developer options +- setEnabledFunctions(mScreenUnlockedFunctions, false); ++ if (mCurrentFunctions == UsbManager.FUNCTION_ACCESSORY) { ++ notifyAccessoryModeExit(); ++ } else { ++ // Set this since default function may be selected from Developer ++ // options ++ setEnabledFunctions(mScreenUnlockedFunctions, false); ++ } + } + break; + case MSG_GADGET_HAL_REGISTERED: diff --git a/Patches/LineageOS-17.1/android_frameworks_base/408446-backport.patch b/Patches/LineageOS-17.1/android_frameworks_base/410990.patch similarity index 87% rename from Patches/LineageOS-17.1/android_frameworks_base/408446-backport.patch rename to Patches/LineageOS-17.1/android_frameworks_base/410990.patch index 64d31eba..8928317b 100644 --- a/Patches/LineageOS-17.1/android_frameworks_base/408446-backport.patch +++ b/Patches/LineageOS-17.1/android_frameworks_base/410990.patch @@ -1,4 +1,4 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From 07a25bc41ce0a6911255373e096a60f595aca8d8 Mon Sep 17 00:00:00 2001 From: lpeter Date: Tue, 6 Aug 2024 09:22:12 +0000 Subject: [PATCH] Disallow device admin package and protected packages to be @@ -21,10 +21,10 @@ Change-Id: I4e913a12477fd4a64990033eaae533e30863e2a2 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/services/core/java/com/android/server/pm/PackageManagerService.java b/services/core/java/com/android/server/pm/PackageManagerService.java -index d27b5ad0d646..d304f29ec195 100644 +index d27b5ad0d6464..d304f29ec1957 100644 --- a/services/core/java/com/android/server/pm/PackageManagerService.java +++ b/services/core/java/com/android/server/pm/PackageManagerService.java -@@ -13666,6 +13666,9 @@ public class PackageManagerService extends IPackageManager.Stub +@@ -13666,6 +13666,9 @@ int installExistingPackageAsUser(@Nullable String packageName, @UserIdInt int us (installFlags & PackageManager.INSTALL_INSTANT_APP) != 0; final boolean fullApp = (installFlags & PackageManager.INSTALL_FULL_APP) != 0; @@ -34,7 +34,7 @@ index d27b5ad0d646..d304f29ec195 100644 // writer synchronized (mPackages) { -@@ -13673,7 +13676,8 @@ public class PackageManagerService extends IPackageManager.Stub +@@ -13673,7 +13676,8 @@ int installExistingPackageAsUser(@Nullable String packageName, @UserIdInt int us if (pkgSetting == null) { return PackageManager.INSTALL_FAILED_INVALID_URI; } diff --git a/Patches/LineageOS-17.1/android_frameworks_base/408447.patch b/Patches/LineageOS-17.1/android_frameworks_base/410991.patch similarity index 86% rename from Patches/LineageOS-17.1/android_frameworks_base/408447.patch rename to Patches/LineageOS-17.1/android_frameworks_base/410991.patch index 14e8868a..b142cd16 100644 --- a/Patches/LineageOS-17.1/android_frameworks_base/408447.patch +++ b/Patches/LineageOS-17.1/android_frameworks_base/410991.patch @@ -1,4 +1,4 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From 3e0d2fe6c935a72da1862cb6c9010f7adc567f58 Mon Sep 17 00:00:00 2001 From: Ben Murdoch Date: Fri, 30 Aug 2024 17:22:59 +0000 Subject: [PATCH] RESTRICT AUTOMERGE Clear app-provided shortcut icons @@ -18,10 +18,10 @@ Change-Id: If7e291eb2254c3cbec23673c65e7477e6ad45b09 2 files changed, 20 insertions(+), 2 deletions(-) diff --git a/core/java/android/view/KeyboardShortcutInfo.java b/core/java/android/view/KeyboardShortcutInfo.java -index 2660e74dcb20..2075d77a9871 100644 +index 2660e74dcb205..2075d77a9871e 100644 --- a/core/java/android/view/KeyboardShortcutInfo.java +++ b/core/java/android/view/KeyboardShortcutInfo.java -@@ -29,7 +29,7 @@ import android.os.Parcelable; +@@ -29,7 +29,7 @@ */ public final class KeyboardShortcutInfo implements Parcelable { private final CharSequence mLabel; @@ -30,7 +30,7 @@ index 2660e74dcb20..2075d77a9871 100644 private final char mBaseCharacter; private final int mKeycode; private final int mModifiers; -@@ -115,6 +115,15 @@ public final class KeyboardShortcutInfo implements Parcelable { +@@ -115,6 +115,15 @@ public Icon getIcon() { return mIcon; } @@ -46,7 +46,7 @@ index 2660e74dcb20..2075d77a9871 100644 /** * Returns the base keycode that, combined with the modifiers, triggers this shortcut. If the * base character was set instead, returns {@link KeyEvent#KEYCODE_UNKNOWN}. Valid keycodes are -@@ -165,4 +174,4 @@ public final class KeyboardShortcutInfo implements Parcelable { +@@ -165,4 +174,4 @@ public KeyboardShortcutInfo[] newArray(int size) { return new KeyboardShortcutInfo[size]; } }; @@ -54,10 +54,10 @@ index 2660e74dcb20..2075d77a9871 100644 \ No newline at end of file +} diff --git a/packages/SystemUI/src/com/android/systemui/statusbar/KeyboardShortcuts.java b/packages/SystemUI/src/com/android/systemui/statusbar/KeyboardShortcuts.java -index 7e6ddcfea762..cc373d3c8b0f 100644 +index 7e6ddcfea7620..cc373d3c8b0f1 100644 --- a/packages/SystemUI/src/com/android/systemui/statusbar/KeyboardShortcuts.java +++ b/packages/SystemUI/src/com/android/systemui/statusbar/KeyboardShortcuts.java -@@ -378,6 +378,7 @@ public final class KeyboardShortcuts { +@@ -378,6 +378,7 @@ private void showKeyboardShortcuts(int deviceId) { @Override public void onKeyboardShortcutsReceived( final List result) { @@ -65,7 +65,7 @@ index 7e6ddcfea762..cc373d3c8b0f 100644 result.add(getSystemShortcuts()); final KeyboardShortcutGroup appShortcuts = getDefaultApplicationShortcuts(); if (appShortcuts != null) { -@@ -388,6 +389,14 @@ public final class KeyboardShortcuts { +@@ -388,6 +389,14 @@ public void onKeyboardShortcutsReceived( }, deviceId); } diff --git a/Patches/LineageOS-17.1/android_frameworks_opt_net_wifi/408452-backport.patch b/Patches/LineageOS-17.1/android_frameworks_opt_net_wifi/410992.patch similarity index 87% rename from Patches/LineageOS-17.1/android_frameworks_opt_net_wifi/408452-backport.patch rename to Patches/LineageOS-17.1/android_frameworks_opt_net_wifi/410992.patch index 209af552..aa8b0d3d 100644 --- a/Patches/LineageOS-17.1/android_frameworks_opt_net_wifi/408452-backport.patch +++ b/Patches/LineageOS-17.1/android_frameworks_opt_net_wifi/410992.patch @@ -1,7 +1,8 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From bc5e1e951c11a53149083c1b8a2dcc330c9a091d Mon Sep 17 00:00:00 2001 From: Nate Jiang Date: Thu, 8 Aug 2024 18:13:39 +0000 -Subject: [PATCH] Fix security issue by change the field in WifiConfig +Subject: [PATCH] [BACKPORT] Fix security issue by change the field in + WifiConfig Flag: EXEMPT bugfix Bug: 347912017 @@ -13,14 +14,14 @@ Test: atest com.android.server.wifi Merged-In: I8998340ae557660036895dd906808d682b83c6f0 Change-Id: I8998340ae557660036895dd906808d682b83c6f0 --- - .../server/wifi/WifiConfigurationUtil.java | 72 ++++++++++++++++++- - 1 file changed, 71 insertions(+), 1 deletion(-) + .../server/wifi/WifiConfigurationUtil.java | 73 ++++++++++++++++++- + 1 file changed, 72 insertions(+), 1 deletion(-) diff --git a/service/java/com/android/server/wifi/WifiConfigurationUtil.java b/service/java/com/android/server/wifi/WifiConfigurationUtil.java -index b8992a011..98d2cb31a 100644 +index b8992a0119..4d484adfb6 100644 --- a/service/java/com/android/server/wifi/WifiConfigurationUtil.java +++ b/service/java/com/android/server/wifi/WifiConfigurationUtil.java -@@ -82,6 +82,11 @@ public class WifiConfigurationUtil { +@@ -82,6 +82,12 @@ public class WifiConfigurationUtil { private static final int SAE_ASCII_MIN_LEN = 1 + ENCLOSING_QUOTES_LEN; private static final int PSK_SAE_ASCII_MAX_LEN = 63 + ENCLOSING_QUOTES_LEN; private static final int PSK_SAE_HEX_LEN = 64; @@ -29,10 +30,11 @@ index b8992a011..98d2cb31a 100644 + // BACKPORT + private static final int MAX_NUMBER_OF_OI = 36; + private static final long MAX_OI_VALUE = ((long) 1 << 40) - 1; ++ @VisibleForTesting public static final String PASSWORD_MASK = "*"; private static final String MATCH_EMPTY_SSID_PATTERN_PATH = ""; -@@ -688,7 +693,8 @@ public class WifiConfigurationUtil { +@@ -688,7 +694,8 @@ public static boolean validate(WifiConfiguration config, boolean isAdd) { if (!validateSsid(config.SSID, isAdd)) { return false; } @@ -42,7 +44,7 @@ index b8992a011..98d2cb31a 100644 return false; } if (!validateBitSets(config)) { -@@ -697,6 +703,12 @@ public class WifiConfigurationUtil { +@@ -697,6 +704,12 @@ public static boolean validate(WifiConfiguration config, boolean isAdd) { if (!validateKeyMgmt(config.allowedKeyManagement)) { return false; } @@ -55,7 +57,7 @@ index b8992a011..98d2cb31a 100644 if (config.allowedKeyManagement.get(WifiConfiguration.KeyMgmt.WPA_PSK) && !validatePassword(config.preSharedKey, isAdd, false)) { return false; -@@ -732,6 +744,64 @@ public class WifiConfigurationUtil { +@@ -732,6 +745,64 @@ public static boolean validate(WifiConfiguration config, boolean isAdd) { return true; } diff --git a/Patches/LineageOS-17.1/android_libcore/405541.patch b/Patches/LineageOS-17.1/android_libcore/408527.patch similarity index 96% rename from Patches/LineageOS-17.1/android_libcore/405541.patch rename to Patches/LineageOS-17.1/android_libcore/408527.patch index e71f6e20..106cf7f4 100644 --- a/Patches/LineageOS-17.1/android_libcore/405541.patch +++ b/Patches/LineageOS-17.1/android_libcore/408527.patch @@ -1,4 +1,4 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From abc51025abe483fa071a2e1a20db46341e59012b Mon Sep 17 00:00:00 2001 From: Almaz Mingaleev Date: Wed, 10 Jul 2024 13:38:35 +0100 Subject: [PATCH] Do not accept zip files with invalid headers. diff --git a/Patches/LineageOS-17.1/android_packages_apps_Bluetooth/405835-backport.patch b/Patches/LineageOS-17.1/android_packages_apps_Bluetooth/408528.patch similarity index 89% rename from Patches/LineageOS-17.1/android_packages_apps_Bluetooth/405835-backport.patch rename to Patches/LineageOS-17.1/android_packages_apps_Bluetooth/408528.patch index 10cb9419..67228adf 100644 --- a/Patches/LineageOS-17.1/android_packages_apps_Bluetooth/405835-backport.patch +++ b/Patches/LineageOS-17.1/android_packages_apps_Bluetooth/408528.patch @@ -1,7 +1,8 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From f9b4d83aff0d3dac5d73676b251fd1e14c5bf682 Mon Sep 17 00:00:00 2001 From: Himanshu Rawat Date: Mon, 8 Apr 2024 19:44:45 +0000 -Subject: [PATCH] Disallow unexpected incoming HID connections 2/2 +Subject: [PATCH] BACKPORT: RESTRICT AUTOMERGE Disallow unexpected incoming HID + connections 2/2 HID profile accepted any new incoming HID connection. Even when the connection policy disabled HID connection, remote devices could initiate @@ -57,22 +58,22 @@ index 7838ff6ce..60fffc2f3 100644 {"virtualUnPlugNative", "([B)Z", (void*)virtualUnPlugNative}, {"setProtocolModeNative", "([BB)Z", (void*)setProtocolModeNative}, diff --git a/src/com/android/bluetooth/hid/HidHostService.java b/src/com/android/bluetooth/hid/HidHostService.java -index c378f8e89..fea167148 100644 +index c378f8e89..d49edfa7a 100644 --- a/src/com/android/bluetooth/hid/HidHostService.java +++ b/src/com/android/bluetooth/hid/HidHostService.java -@@ -157,7 +157,10 @@ public class HidHostService extends ProfileService { +@@ -157,7 +157,10 @@ public void handleMessage(Message msg) { break; case MESSAGE_DISCONNECT: { BluetoothDevice device = (BluetoothDevice) msg.obj; - if (!disconnectHidNative(Utils.getByteAddress(device))) { -+ int connectionPolicy = getPriority(device); ++ int priority = getPriority(device); + boolean reconnectAllowed = -+ connectionPolicy == BluetoothProfile.PRIORITY_ON; ++ priority == BluetoothProfile.PRIORITY_ON; + if (!disconnectHidNative(Utils.getByteAddress(device), reconnectAllowed)) { broadcastConnectionState(device, BluetoothProfile.STATE_DISCONNECTING); broadcastConnectionState(device, BluetoothProfile.STATE_DISCONNECTED); break; -@@ -871,7 +874,7 @@ public class HidHostService extends ProfileService { +@@ -871,7 +874,7 @@ public void dump(StringBuilder sb) { private native boolean connectHidNative(byte[] btAddress); diff --git a/Patches/LineageOS-17.1/android_packages_apps_Settings/405534.patch b/Patches/LineageOS-17.1/android_packages_apps_Settings/408529.patch similarity index 91% rename from Patches/LineageOS-17.1/android_packages_apps_Settings/405534.patch rename to Patches/LineageOS-17.1/android_packages_apps_Settings/408529.patch index 88ed86d4..8fbe4895 100644 --- a/Patches/LineageOS-17.1/android_packages_apps_Settings/405534.patch +++ b/Patches/LineageOS-17.1/android_packages_apps_Settings/408529.patch @@ -1,4 +1,4 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From 9702e2c9683d87d5bae2009d30bd13df12ae9dd6 Mon Sep 17 00:00:00 2001 From: Yiling Chuang Date: Mon, 8 Jul 2024 03:09:50 +0000 Subject: [PATCH] RESTRICT AUTOMERGE FRP bypass defense in App battery usage @@ -24,7 +24,7 @@ diff --git a/src/com/android/settings/fuelgauge/AdvancedPowerUsageDetail.java b/ index e8d5f3330f2..d17642053e7 100644 --- a/src/com/android/settings/fuelgauge/AdvancedPowerUsageDetail.java +++ b/src/com/android/settings/fuelgauge/AdvancedPowerUsageDetail.java -@@ -210,6 +210,11 @@ public class AdvancedPowerUsageDetail extends DashboardFragment implements +@@ -210,6 +210,11 @@ public void onResume() { initPreference(); } @@ -40,7 +40,7 @@ diff --git a/tests/robotests/src/com/android/settings/fuelgauge/AdvancedPowerUsa index 8eeac8d26b0..37fa511beeb 100644 --- a/tests/robotests/src/com/android/settings/fuelgauge/AdvancedPowerUsageDetailTest.java +++ b/tests/robotests/src/com/android/settings/fuelgauge/AdvancedPowerUsageDetailTest.java -@@ -395,4 +395,9 @@ public class AdvancedPowerUsageDetailTest { +@@ -395,4 +395,9 @@ public void testInitPreference_hasCorrectSummary() { assertThat(mForegroundPreference.getSummary().toString()).isEqualTo("Used for 0 min"); assertThat(mBackgroundPreference.getSummary().toString()).isEqualTo("Active for 0 min"); } diff --git a/Patches/LineageOS-17.1/android_packages_apps_Settings/410993.patch b/Patches/LineageOS-17.1/android_packages_apps_Settings/410993.patch new file mode 100644 index 00000000..8f87cda1 --- /dev/null +++ b/Patches/LineageOS-17.1/android_packages_apps_Settings/410993.patch @@ -0,0 +1,42 @@ +From 38f463ffa95d46bb7a56caefe12f7ed96adbf856 Mon Sep 17 00:00:00 2001 +From: Anna Bauza +Date: Thu, 14 Nov 2024 18:58:26 +0100 +Subject: [PATCH] [PATCH] fix: Security Report - Reveal images across users via + EditUserPhotoController + +This functionality has implemented tests on t+ branches. + +Bug: 296915959 +Test: N/A +(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:ae74e70c36ec027dd55164880d8b7225be4c85a3) +Merged-In: If79af734432b14be74815a47e1026dc8369a304f +Change-Id: If79af734432b14be74815a47e1026dc8369a304f +--- + .../android/settings/users/EditUserPhotoController.java | 7 +++++++ + 1 file changed, 7 insertions(+) + +diff --git a/src/com/android/settings/users/EditUserPhotoController.java b/src/com/android/settings/users/EditUserPhotoController.java +index f1831f7120b..d836d2687bc 100644 +--- a/src/com/android/settings/users/EditUserPhotoController.java ++++ b/src/com/android/settings/users/EditUserPhotoController.java +@@ -18,6 +18,7 @@ + + import android.app.Activity; + import android.content.ClipData; ++import android.content.ContentProvider; + import android.content.ContentResolver; + import android.content.Context; + import android.content.Intent; +@@ -131,6 +132,12 @@ public boolean onActivityResult(int requestCode, int resultCode, Intent data) { + return false; + } + ++ final int currentUserId = UserHandle.myUserId(); ++ if (currentUserId != ContentProvider.getUserIdFromUri(pictureUri, currentUserId)) { ++ Log.e(TAG, "Invalid pictureUri: " + pictureUri); ++ return false; ++ } ++ + switch (requestCode) { + case REQUEST_CODE_CROP_PHOTO: + onPhotoCropped(pictureUri, true); diff --git a/Patches/LineageOS-17.1/android_packages_apps_Settings/408450.patch b/Patches/LineageOS-17.1/android_packages_apps_Settings/410994.patch similarity index 90% rename from Patches/LineageOS-17.1/android_packages_apps_Settings/408450.patch rename to Patches/LineageOS-17.1/android_packages_apps_Settings/410994.patch index 930e609e..b715335d 100644 --- a/Patches/LineageOS-17.1/android_packages_apps_Settings/408450.patch +++ b/Patches/LineageOS-17.1/android_packages_apps_Settings/410994.patch @@ -1,4 +1,4 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From dc193083cea24f184921fbdd46383332f7b26d5a Mon Sep 17 00:00:00 2001 From: Adam Bookatz Date: Mon, 22 Jul 2024 17:03:12 -0700 Subject: [PATCH] startActivityForResult with new Intent @@ -22,7 +22,7 @@ diff --git a/src/com/android/settings/users/AppRestrictionsFragment.java b/src/c index 7cf46b69245..3f06e870a02 100644 --- a/src/com/android/settings/users/AppRestrictionsFragment.java +++ b/src/com/android/settings/users/AppRestrictionsFragment.java -@@ -649,7 +649,7 @@ public class AppRestrictionsFragment extends SettingsPreferenceFragment implemen +@@ -649,7 +649,7 @@ public void onReceive(Context context, Intent intent) { int requestCode = generateCustomActivityRequestCode( RestrictionsResultReceiver.this.preference); AppRestrictionsFragment.this.startActivityForResult( diff --git a/Patches/LineageOS-17.1/android_packages_apps_Settings/408451.patch b/Patches/LineageOS-17.1/android_packages_apps_Settings/410995.patch similarity index 85% rename from Patches/LineageOS-17.1/android_packages_apps_Settings/408451.patch rename to Patches/LineageOS-17.1/android_packages_apps_Settings/410995.patch index 747b4533..f7917f10 100644 --- a/Patches/LineageOS-17.1/android_packages_apps_Settings/408451.patch +++ b/Patches/LineageOS-17.1/android_packages_apps_Settings/410995.patch @@ -1,7 +1,8 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From 99e4f13fcff7a6659d4575c904f3102aa7b4d9e3 Mon Sep 17 00:00:00 2001 From: Fan Wu Date: Mon, 22 Jul 2024 16:12:46 +0800 -Subject: [PATCH] Checks cross user permission before handling intent +Subject: [PATCH] RESTRICT AUTOMERGE Checks cross user permission before + handling intent Bug: 326057017 @@ -17,10 +18,10 @@ Change-Id: I3444e55b22b7487f96b0e3e9deb3f844c4c4723a 1 file changed, 36 insertions(+), 2 deletions(-) diff --git a/src/com/android/settings/applications/AppInfoBase.java b/src/com/android/settings/applications/AppInfoBase.java -index 71043400ff8..ef5297acaec 100644 +index 71043400ff8..9d098000fbc 100644 --- a/src/com/android/settings/applications/AppInfoBase.java +++ b/src/com/android/settings/applications/AppInfoBase.java -@@ -18,7 +18,9 @@ package com.android.settings.applications; +@@ -18,7 +18,9 @@ import static com.android.settingslib.RestrictedLockUtils.EnforcedAdmin; @@ -30,7 +31,7 @@ index 71043400ff8..ef5297acaec 100644 import android.app.Dialog; import android.app.admin.DevicePolicyManager; import android.app.settings.SettingsEnums; -@@ -38,6 +40,7 @@ import android.os.UserManager; +@@ -38,6 +40,7 @@ import android.text.TextUtils; import android.util.Log; @@ -38,7 +39,7 @@ index 71043400ff8..ef5297acaec 100644 import androidx.appcompat.app.AlertDialog; import androidx.fragment.app.DialogFragment; import androidx.fragment.app.Fragment; -@@ -134,8 +137,13 @@ public abstract class AppInfoBase extends SettingsPreferenceFragment +@@ -134,8 +137,13 @@ protected String retrieveAppEntry() { } } if (intent != null && intent.hasExtra(Intent.EXTRA_USER_HANDLE)) { @@ -46,7 +47,7 @@ index 71043400ff8..ef5297acaec 100644 - Intent.EXTRA_USER_HANDLE)).getIdentifier(); + mUserId = ((UserHandle) intent.getParcelableExtra(Intent.EXTRA_USER_HANDLE)) + .getIdentifier(); -+ if (mUserId != UserHandle.myUserId() && !hasInteractAcrossUsersPerm()) { ++ if (mUserId != UserHandle.myUserId() && !hasInteractAcrossUsersPermission()) { + Log.w(TAG, "Intent not valid."); + finish(); + return ""; @@ -54,12 +55,12 @@ index 71043400ff8..ef5297acaec 100644 } else { mUserId = UserHandle.myUserId(); } -@@ -158,6 +166,32 @@ public abstract class AppInfoBase extends SettingsPreferenceFragment +@@ -158,6 +166,32 @@ protected String retrieveAppEntry() { return mPackageName; } + @VisibleForTesting -+ protected boolean hasInteractAcrossUsersPerm() { ++ protected boolean hasInteractAcrossUsersPermission() { + Activity activity = getActivity(); + if (activity == null) { + return false; diff --git a/Patches/LineageOS-17.1/android_packages_providers_MediaProvider/408453-backport.patch b/Patches/LineageOS-17.1/android_packages_providers_MediaProvider/410996.patch similarity index 90% rename from Patches/LineageOS-17.1/android_packages_providers_MediaProvider/408453-backport.patch rename to Patches/LineageOS-17.1/android_packages_providers_MediaProvider/410996.patch index aa48f54b..7fe3d158 100644 --- a/Patches/LineageOS-17.1/android_packages_providers_MediaProvider/408453-backport.patch +++ b/Patches/LineageOS-17.1/android_packages_providers_MediaProvider/410996.patch @@ -1,4 +1,4 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From 4a76c7fef797ae930db774cea0df8fecd6742a56 Mon Sep 17 00:00:00 2001 From: Omar Eissa Date: Tue, 27 Aug 2024 13:24:21 +0000 Subject: [PATCH] Prevent apps from renaming files they don't own @@ -25,10 +25,10 @@ Change-Id: I91e9966c012fe292cebc0b544f77032613516fac 1 file changed, 2 insertions(+) diff --git a/src/com/android/providers/media/MediaProvider.java b/src/com/android/providers/media/MediaProvider.java -index 4cd4452d0..6e9845fc6 100644 +index 4cd4452d0..6e15836ce 100644 --- a/src/com/android/providers/media/MediaProvider.java +++ b/src/com/android/providers/media/MediaProvider.java -@@ -4713,6 +4713,8 @@ public class MediaProvider extends ContentProvider { +@@ -4713,6 +4713,8 @@ && getCallingPackageTargetSdkVersion() <= Build.VERSION_CODES.Q) { case VIDEO_MEDIA_ID: case IMAGES_MEDIA_ID: case DOWNLOADS_ID: diff --git a/Patches/LineageOS-17.1/android_system_bt/408530.patch b/Patches/LineageOS-17.1/android_system_bt/408530.patch new file mode 100644 index 00000000..cd2e375e --- /dev/null +++ b/Patches/LineageOS-17.1/android_system_bt/408530.patch @@ -0,0 +1,49 @@ +From ea63021fbc4a92554c11fc07f1ca7282b41e6641 Mon Sep 17 00:00:00 2001 +From: Chris Manton +Date: Sun, 29 Nov 2020 17:05:05 -0800 +Subject: [PATCH] Add privatize option for bluetooth addresses for logging + +Toward loggable code + +Bug: 163134718 +Tag: #refactor +Test: gd/cert/run --host + +Change-Id: Id568adb9f9497072a79100202501c4d207e40828 +--- + main/shim/dumpsys.h | 26 ++++++++++++++++++++++++++ + 1 file changed, 26 insertions(+) + create mode 100644 main/shim/dumpsys.h + +diff --git a/main/shim/dumpsys.h b/main/shim/dumpsys.h +new file mode 100644 +index 00000000000..0dc0bc2fd94 +--- /dev/null ++++ b/main/shim/dumpsys.h +@@ -0,0 +1,26 @@ ++/* ++ * Copyright 2019 The Android Open Source Project ++ * ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ */ ++ ++#pragma once ++ ++#include ++ ++constexpr char kPrivateAddressPrefix[] = "xx:xx:xx:xx"; ++#define PRIVATE_ADDRESS(addr) \ ++ (addr.ToString() \ ++ .replace(0, strlen(kPrivateAddressPrefix), kPrivateAddressPrefix) \ ++ .c_str()) ++ diff --git a/Patches/LineageOS-17.1/android_system_bt/405536.patch b/Patches/LineageOS-17.1/android_system_bt/408531.patch similarity index 93% rename from Patches/LineageOS-17.1/android_system_bt/405536.patch rename to Patches/LineageOS-17.1/android_system_bt/408531.patch index 5aac371c..c176b96a 100644 --- a/Patches/LineageOS-17.1/android_system_bt/405536.patch +++ b/Patches/LineageOS-17.1/android_system_bt/408531.patch @@ -1,4 +1,4 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From b3e6c7b50e9df35dec9b5a00e6d9dccd51f9ebb2 Mon Sep 17 00:00:00 2001 From: Chris Manton Date: Sun, 14 Mar 2021 09:52:19 -0700 Subject: [PATCH] Add btif/include/btif_hh::btif_hh_status_text @@ -16,7 +16,7 @@ Change-Id: Iab6a4f33a3e498c33f4870abc5abd59e073d03f2 1 file changed, 20 insertions(+), 1 deletion(-) diff --git a/btif/include/btif_hh.h b/btif/include/btif_hh.h -index b71d347c1..f33598d2f 100644 +index b71d347c1a7..f33598d2f19 100644 --- a/btif/include/btif_hh.h +++ b/btif/include/btif_hh.h @@ -46,7 +46,7 @@ diff --git a/Patches/LineageOS-17.1/android_system_bt/405834-backport.patch b/Patches/LineageOS-17.1/android_system_bt/408532.patch similarity index 89% rename from Patches/LineageOS-17.1/android_system_bt/405834-backport.patch rename to Patches/LineageOS-17.1/android_system_bt/408532.patch index 66fc99bc..0034035b 100644 --- a/Patches/LineageOS-17.1/android_system_bt/405834-backport.patch +++ b/Patches/LineageOS-17.1/android_system_bt/408532.patch @@ -1,7 +1,7 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From 26c752cae91c2483bdbc16c49d5f62dffb4a784a Mon Sep 17 00:00:00 2001 From: Himanshu Rawat Date: Mon, 8 Apr 2024 19:42:21 +0000 -Subject: [PATCH] Disallow unexpected incoming HID connections 1/2 +Subject: [PATCH] [BACKPORT] Disallow unexpected incoming HID connections 1/2 HID profile accepted any new incoming HID connection. Even when the connection policy disabled HID connection, remote devices could initiate @@ -21,13 +21,13 @@ Change-Id: I6e9db983e752dd498625078c13b736cd4c668806 --- btif/include/btif_hh.h | 4 +- btif/include/btif_storage.h | 23 ++++++++++ - btif/src/btif_hh.cc | 86 ++++++++++++++++++++++++++++++++++--- - btif/src/btif_storage.cc | 53 ++++++++++++++++++++++- + btif/src/btif_hh.cc | 87 ++++++++++++++++++++++++++++++++++--- + btif/src/btif_storage.cc | 53 +++++++++++++++++++++- include/hardware/bt_hh.h | 2 +- - 5 files changed, 160 insertions(+), 8 deletions(-) + 5 files changed, 161 insertions(+), 8 deletions(-) diff --git a/btif/include/btif_hh.h b/btif/include/btif_hh.h -index f33598d2f..f93341d89 100644 +index f33598d2f19..f93341d89f1 100644 --- a/btif/include/btif_hh.h +++ b/btif/include/btif_hh.h @@ -97,6 +97,7 @@ typedef struct { @@ -49,7 +49,7 @@ index f33598d2f..f93341d89 100644 extern void btif_hh_disconnect(RawAddress* bd_addr); extern void btif_hh_setreport(btif_hh_device_t* p_dev, diff --git a/btif/include/btif_storage.h b/btif/include/btif_storage.h -index 1c1163d14..362ffdc21 100644 +index 1c1163d1428..362ffdc21bb 100644 --- a/btif/include/btif_storage.h +++ b/btif/include/btif_storage.h @@ -178,6 +178,29 @@ bt_status_t btif_storage_remove_bonded_device(const RawAddress* remote_bd_addr); @@ -83,10 +83,18 @@ index 1c1163d14..362ffdc21 100644 * * Function btif_storage_add_hid_device_info diff --git a/btif/src/btif_hh.cc b/btif/src/btif_hh.cc -index 5c57ee80c..b29b6773e 100644 +index 5c57ee80c7a..50ea2d4e386 100644 --- a/btif/src/btif_hh.cc +++ b/btif/src/btif_hh.cc -@@ -338,6 +338,24 @@ btif_hh_device_t* btif_hh_find_connected_dev_by_handle(uint8_t handle) { +@@ -42,6 +42,7 @@ + #include "btif_storage.h" + #include "btif_util.h" + #include "l2c_api.h" ++#include "main/shim/dumpsys.h" + #include "osi/include/log.h" + #include "osi/include/osi.h" + +@@ -338,6 +339,24 @@ btif_hh_device_t* btif_hh_find_connected_dev_by_handle(uint8_t handle) { return NULL; } @@ -111,7 +119,7 @@ index 5c57ee80c..b29b6773e 100644 /******************************************************************************* * * Function btif_hh_find_dev_by_bda -@@ -423,7 +441,8 @@ void btif_hh_start_vup_timer(const RawAddress* bd_addr) { +@@ -423,7 +442,8 @@ void btif_hh_start_vup_timer(const RawAddress* bd_addr) { * * Returns true if add successfully, otherwise false. ******************************************************************************/ @@ -121,7 +129,7 @@ index 5c57ee80c..b29b6773e 100644 int i; for (i = 0; i < BTIF_HH_MAX_ADDED_DEV; i++) { if (btif_hh_cb.added_devices[i].bd_addr == bda) { -@@ -437,6 +456,7 @@ bool btif_hh_add_added_dev(const RawAddress& bda, tBTA_HH_ATTR_MASK attr_mask) { +@@ -437,6 +457,7 @@ bool btif_hh_add_added_dev(const RawAddress& bda, tBTA_HH_ATTR_MASK attr_mask) { btif_hh_cb.added_devices[i].bd_addr = bda; btif_hh_cb.added_devices[i].dev_handle = BTA_HH_INVALID_HANDLE; btif_hh_cb.added_devices[i].attr_mask = attr_mask; @@ -129,7 +137,7 @@ index 5c57ee80c..b29b6773e 100644 return true; } } -@@ -715,6 +735,23 @@ void btif_hh_getreport(btif_hh_device_t* p_dev, bthh_report_type_t r_type, +@@ -715,6 +736,23 @@ void btif_hh_getreport(btif_hh_device_t* p_dev, bthh_report_type_t r_type, * ****************************************************************************/ @@ -138,11 +146,11 @@ index 5c57ee80c..b29b6773e 100644 + * outgoing connection was requested */ + btif_hh_added_device_t* added_dev = btif_hh_find_added_dev(bda); + if (added_dev != nullptr && added_dev->reconnect_allowed) { -+ LOG_VERBOSE(LOG_TAG, "Connection allowed %s", bda.ToString().c_str()); ++ LOG_VERBOSE(LOG_TAG, "Connection allowed %s", PRIVATE_ADDRESS(bda)); + return true; + } else if (btif_hh_cb.pending_conn_address == bda) { + LOG_VERBOSE(LOG_TAG, "Device connection was pending for: %s, status: %s", -+ bda.ToString().c_str(), ++ PRIVATE_ADDRESS(bda), + btif_hh_status_text(btif_hh_cb.status).c_str()); + return true; + } @@ -153,7 +161,7 @@ index 5c57ee80c..b29b6773e 100644 /******************************************************************************* * * Function btif_hh_upstreams_evt -@@ -773,9 +810,26 @@ static void btif_hh_upstreams_evt(uint16_t event, char* p_param) { +@@ -773,9 +811,26 @@ static void btif_hh_upstreams_evt(uint16_t event, char* p_param) { p_data->status); break; @@ -164,7 +172,7 @@ index 5c57ee80c..b29b6773e 100644 + + if (!btif_hh_connection_allowed(p_data->conn.bda)) { + LOG_WARN(LOG_TAG, "Reject Incoming HID Connection, device: %s", -+ p_data->conn.bda.ToString().c_str()); ++ PRIVATE_ADDRESS(p_data->conn.bda)); + btif_hh_device_t* p_dev = + btif_hh_find_connected_dev_by_handle(p_data->conn.handle); + if (p_dev != nullptr) { @@ -181,7 +189,7 @@ index 5c57ee80c..b29b6773e 100644 btif_hh_cb.pending_conn_address = RawAddress::kEmpty; if (p_data->conn.status == BTA_HH_OK) { p_dev = btif_hh_find_connected_dev_by_handle(p_data->conn.handle); -@@ -834,6 +888,7 @@ static void btif_hh_upstreams_evt(uint16_t event, char* p_param) { +@@ -834,6 +889,7 @@ static void btif_hh_upstreams_evt(uint16_t event, char* p_param) { btif_hh_cb.status = (BTIF_HH_STATUS)BTIF_HH_DEV_DISCONNECTED; } break; @@ -189,7 +197,7 @@ index 5c57ee80c..b29b6773e 100644 case BTA_HH_CLOSE_EVT: BTIF_TRACE_DEBUG("BTA_HH_CLOSE_EVT: status = %d, handle = %d", -@@ -986,7 +1041,7 @@ static void btif_hh_upstreams_evt(uint16_t event, char* p_param) { +@@ -986,7 +1042,7 @@ static void btif_hh_upstreams_evt(uint16_t event, char* p_param) { p_data->dscp_info.version, p_data->dscp_info.ctry_code, len, p_data->dscp_info.descriptor.dsc_list); @@ -198,7 +206,7 @@ index 5c57ee80c..b29b6773e 100644 tBTA_HH_DEV_DSCP_INFO dscp_info; bt_status_t ret; btif_hh_copy_hid_info(&dscp_info, &p_data->dscp_info); -@@ -1002,6 +1057,8 @@ static void btif_hh_upstreams_evt(uint16_t event, char* p_param) { +@@ -1002,6 +1058,8 @@ static void btif_hh_upstreams_evt(uint16_t event, char* p_param) { p_data->dscp_info.ssr_min_tout, len, p_data->dscp_info.descriptor.dsc_list); @@ -207,7 +215,7 @@ index 5c57ee80c..b29b6773e 100644 ASSERTC(ret == BT_STATUS_SUCCESS, "storing hid info failed", ret); BTIF_TRACE_WARNING("BTA_HH_GET_DSCP_EVT: Called add device"); -@@ -1283,6 +1340,13 @@ static bt_status_t init(bthh_callbacks_t* callbacks) { +@@ -1283,6 +1341,13 @@ static bt_status_t init(bthh_callbacks_t* callbacks) { ******************************************************************************/ static bt_status_t connect(RawAddress* bd_addr) { if (btif_hh_cb.status != BTIF_HH_DEV_CONNECTING) { @@ -221,7 +229,7 @@ index 5c57ee80c..b29b6773e 100644 btif_transfer_context(btif_hh_handle_evt, BTIF_HH_CONNECT_REQ_EVT, (char*)bd_addr, sizeof(RawAddress), NULL); return BT_STATUS_SUCCESS; -@@ -1299,7 +1363,7 @@ static bt_status_t connect(RawAddress* bd_addr) { +@@ -1299,7 +1364,7 @@ static bt_status_t connect(RawAddress* bd_addr) { * Returns bt_status_t * ******************************************************************************/ @@ -230,14 +238,14 @@ index 5c57ee80c..b29b6773e 100644 CHECK_BTHH_INIT(); BTIF_TRACE_EVENT("BTHH: %s", __func__); btif_hh_device_t* p_dev; -@@ -1309,6 +1373,17 @@ static bt_status_t disconnect(RawAddress* bd_addr) { +@@ -1309,6 +1374,17 @@ static bt_status_t disconnect(RawAddress* bd_addr) { btif_hh_cb.status); return BT_STATUS_FAIL; } + + if (!reconnect_allowed) { + LOG_INFO(LOG_TAG, "Incoming reconnections disabled for device %s", -+ bd_addr->ToString().c_str()); ++ PRIVATE_ADDRESS((*bd_addr))); + btif_hh_added_device_t* added_dev = btif_hh_find_added_dev(*bd_addr); + if (added_dev != nullptr && added_dev->reconnect_allowed) { + added_dev->reconnect_allowed = false; @@ -248,7 +256,7 @@ index 5c57ee80c..b29b6773e 100644 p_dev = btif_hh_find_connected_dev_by_bda(*bd_addr); if (p_dev != NULL) { return btif_transfer_context(btif_hh_handle_evt, BTIF_HH_DISCONNECT_REQ_EVT, -@@ -1440,9 +1515,10 @@ static bt_status_t set_info(RawAddress* bd_addr, bthh_hid_info_t hid_info) { +@@ -1440,9 +1516,10 @@ static bt_status_t set_info(RawAddress* bd_addr, bthh_hid_info_t hid_info) { (uint8_t*)osi_malloc(dscp_info.descriptor.dl_len); memcpy(dscp_info.descriptor.dsc_list, &(hid_info.dsc_list), hid_info.dl_len); @@ -261,7 +269,7 @@ index 5c57ee80c..b29b6773e 100644 osi_free_and_reset((void**)&dscp_info.descriptor.dsc_list); diff --git a/btif/src/btif_storage.cc b/btif/src/btif_storage.cc -index 200ea2c4e..ecbf2b50a 100644 +index 200ea2c4e42..ecbf2b50aea 100644 --- a/btif/src/btif_storage.cc +++ b/btif/src/btif_storage.cc @@ -89,6 +89,8 @@ using bluetooth::Uuid; @@ -347,7 +355,7 @@ index 200ea2c4e..ecbf2b50a 100644 return BT_STATUS_SUCCESS; } diff --git a/include/hardware/bt_hh.h b/include/hardware/bt_hh.h -index b87b129bb..923c62792 100644 +index b87b129bb12..923c6279216 100644 --- a/include/hardware/bt_hh.h +++ b/include/hardware/bt_hh.h @@ -154,7 +154,7 @@ typedef struct { diff --git a/Patches/LineageOS-17.1/android_vendor_qcom_opensource_packages_apps_Bluetooth/405585-backport.patch b/Patches/LineageOS-17.1/android_vendor_qcom_opensource_packages_apps_Bluetooth/408533.patch similarity index 86% rename from Patches/LineageOS-17.1/android_vendor_qcom_opensource_packages_apps_Bluetooth/405585-backport.patch rename to Patches/LineageOS-17.1/android_vendor_qcom_opensource_packages_apps_Bluetooth/408533.patch index 179f8a18..9ece233d 100644 --- a/Patches/LineageOS-17.1/android_vendor_qcom_opensource_packages_apps_Bluetooth/405585-backport.patch +++ b/Patches/LineageOS-17.1/android_vendor_qcom_opensource_packages_apps_Bluetooth/408533.patch @@ -1,7 +1,7 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From 6365a211cfc7a25ba9bcd9fbb65a5becc8fa17cf Mon Sep 17 00:00:00 2001 From: Himanshu Rawat Date: Mon, 8 Apr 2024 19:44:45 +0000 -Subject: [PATCH] RESTRICT AUTOMERGE Disallow unexpected incoming HID +Subject: [PATCH] BACKPORT: RESTRICT AUTOMERGE Disallow unexpected incoming HID connections 2/2 HID profile accepted any new incoming HID connection. Even when the @@ -59,34 +59,34 @@ index b8f4d6530..e4c885b3e 100644 {"virtualUnPlugNative", "([B)Z", (void*)virtualUnPlugNative}, {"setProtocolModeNative", "([BB)Z", (void*)setProtocolModeNative}, diff --git a/src/com/android/bluetooth/hid/HidHostService.java b/src/com/android/bluetooth/hid/HidHostService.java -index bbde61948..a830d07e1 100644 +index bbde61948..63f0bc9a9 100644 --- a/src/com/android/bluetooth/hid/HidHostService.java +++ b/src/com/android/bluetooth/hid/HidHostService.java -@@ -156,7 +156,10 @@ public class HidHostService extends ProfileService { +@@ -156,7 +156,10 @@ public void handleMessage(Message msg) { break; case MESSAGE_DISCONNECT: { BluetoothDevice device = (BluetoothDevice) msg.obj; - if (!disconnectHidNative(Utils.getByteAddress(device))) { -+ int connectionPolicy = getPriority(device); ++ int priority = getPriority(device); + boolean reconnectAllowed = -+ connectionPolicy == BluetoothProfile.PRIORITY_ON; ++ priority == BluetoothProfile.PRIORITY_ON; + if (!disconnectHidNative(Utils.getByteAddress(device), reconnectAllowed)) { broadcastConnectionState(device, BluetoothProfile.STATE_DISCONNECTING); broadcastConnectionState(device, BluetoothProfile.STATE_DISCONNECTED); break; -@@ -181,7 +184,10 @@ public class HidHostService extends ProfileService { +@@ -181,7 +184,10 @@ public void handleMessage(Message msg) { Log.d(TAG, "Incoming HID connection rejected"); } if (disconnectRemote(device)) { - disconnectHidNative(Utils.getByteAddress(device)); -+ int connectionPolicy = getPriority(device); ++ int priority = getPriority(device); + boolean reconnectAllowed = -+ connectionPolicy == BluetoothProfile.PRIORITY_ON; ++ priority == BluetoothProfile.PRIORITY_ON; + disconnectHidNative(Utils.getByteAddress(device), reconnectAllowed); } else { virtualUnPlugNative(Utils.getByteAddress(device)); } -@@ -906,7 +912,7 @@ public class HidHostService extends ProfileService { +@@ -906,7 +912,7 @@ public void dump(StringBuilder sb) { private native boolean connectHidNative(byte[] btAddress); diff --git a/Patches/LineageOS-17.1/android_vendor_qcom_opensource_system_bt/408534.patch b/Patches/LineageOS-17.1/android_vendor_qcom_opensource_system_bt/408534.patch new file mode 100644 index 00000000..8d7fff0a --- /dev/null +++ b/Patches/LineageOS-17.1/android_vendor_qcom_opensource_system_bt/408534.patch @@ -0,0 +1,49 @@ +From 41e0ee3735cdd68949edbedf5ff4fd16f8496b73 Mon Sep 17 00:00:00 2001 +From: Chris Manton +Date: Sun, 29 Nov 2020 17:05:05 -0800 +Subject: [PATCH] Add privatize option for bluetooth addresses for logging + +Toward loggable code + +Bug: 163134718 +Tag: #refactor +Test: gd/cert/run --host + +Change-Id: Id568adb9f9497072a79100202501c4d207e40828 +--- + main/shim/dumpsys.h | 26 ++++++++++++++++++++++++++ + 1 file changed, 26 insertions(+) + create mode 100644 main/shim/dumpsys.h + +diff --git a/main/shim/dumpsys.h b/main/shim/dumpsys.h +new file mode 100644 +index 000000000..0dc0bc2fd +--- /dev/null ++++ b/main/shim/dumpsys.h +@@ -0,0 +1,26 @@ ++/* ++ * Copyright 2019 The Android Open Source Project ++ * ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ */ ++ ++#pragma once ++ ++#include ++ ++constexpr char kPrivateAddressPrefix[] = "xx:xx:xx:xx"; ++#define PRIVATE_ADDRESS(addr) \ ++ (addr.ToString() \ ++ .replace(0, strlen(kPrivateAddressPrefix), kPrivateAddressPrefix) \ ++ .c_str()) ++ diff --git a/Patches/LineageOS-17.1/android_vendor_qcom_opensource_system_bt/405583.patch b/Patches/LineageOS-17.1/android_vendor_qcom_opensource_system_bt/408535.patch similarity index 96% rename from Patches/LineageOS-17.1/android_vendor_qcom_opensource_system_bt/405583.patch rename to Patches/LineageOS-17.1/android_vendor_qcom_opensource_system_bt/408535.patch index 2439164f..6cee0943 100644 --- a/Patches/LineageOS-17.1/android_vendor_qcom_opensource_system_bt/405583.patch +++ b/Patches/LineageOS-17.1/android_vendor_qcom_opensource_system_bt/408535.patch @@ -1,4 +1,4 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From 322c9005d55c5648cd1e6a2cfd25e45d6da73562 Mon Sep 17 00:00:00 2001 From: Chris Manton Date: Sun, 14 Mar 2021 09:52:19 -0700 Subject: [PATCH] Add btif/include/btif_hh::btif_hh_status_text diff --git a/Patches/LineageOS-17.1/android_vendor_qcom_opensource_system_bt/405584.patch b/Patches/LineageOS-17.1/android_vendor_qcom_opensource_system_bt/408536.patch similarity index 98% rename from Patches/LineageOS-17.1/android_vendor_qcom_opensource_system_bt/405584.patch rename to Patches/LineageOS-17.1/android_vendor_qcom_opensource_system_bt/408536.patch index 8c77b79e..1afd098b 100644 --- a/Patches/LineageOS-17.1/android_vendor_qcom_opensource_system_bt/405584.patch +++ b/Patches/LineageOS-17.1/android_vendor_qcom_opensource_system_bt/408536.patch @@ -1,4 +1,4 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From 70750edace71473e69cca83023972066e8233d2e Mon Sep 17 00:00:00 2001 From: Himanshu Rawat Date: Mon, 8 Apr 2024 19:42:21 +0000 Subject: [PATCH] RESTRICT AUTOMERGE Disallow unexpected incoming HID @@ -29,7 +29,7 @@ Change-Id: I6e9db983e752dd498625078c13b736cd4c668806 5 files changed, 160 insertions(+), 8 deletions(-) diff --git a/btif/include/btif_hh.h b/btif/include/btif_hh.h -index 98dc33383..2aa03fddc 100644 +index 98dc33383d..2aa03fddc9 100644 --- a/btif/include/btif_hh.h +++ b/btif/include/btif_hh.h @@ -113,6 +113,7 @@ typedef struct { @@ -51,7 +51,7 @@ index 98dc33383..2aa03fddc 100644 extern void btif_hh_disconnect(RawAddress* bd_addr); extern void btif_hh_service_registration(bool enable); diff --git a/btif/include/btif_storage.h b/btif/include/btif_storage.h -index b1ada4db6..a32b7b8ff 100755 +index b1ada4db61..a32b7b8ffc 100755 --- a/btif/include/btif_storage.h +++ b/btif/include/btif_storage.h @@ -201,6 +201,29 @@ bt_status_t btif_storage_is_device_bonded(RawAddress *remote_bd_addr); @@ -85,7 +85,7 @@ index b1ada4db6..a32b7b8ff 100755 * * Function btif_storage_add_hid_device_info diff --git a/btif/src/btif_hh.cc b/btif/src/btif_hh.cc -index b5135ff2f..0d184a646 100644 +index b5135ff2fe..0d184a6465 100644 --- a/btif/src/btif_hh.cc +++ b/btif/src/btif_hh.cc @@ -340,6 +340,24 @@ btif_hh_device_t* btif_hh_find_connected_dev_by_handle(uint8_t handle) { @@ -263,7 +263,7 @@ index b5135ff2f..0d184a646 100644 osi_free_and_reset((void**)&dscp_info.descriptor.dsc_list); diff --git a/btif/src/btif_storage.cc b/btif/src/btif_storage.cc -index a62d9da6d..db2091d9c 100644 +index a62d9da6d3..db2091d9cf 100644 --- a/btif/src/btif_storage.cc +++ b/btif/src/btif_storage.cc @@ -91,6 +91,8 @@ using bluetooth::Uuid; @@ -349,7 +349,7 @@ index a62d9da6d..db2091d9c 100644 return BT_STATUS_SUCCESS; } diff --git a/include/hardware/bt_hh.h b/include/hardware/bt_hh.h -index c39e3e5b8..c1247cb1c 100644 +index c39e3e5b8a..c1247cb1c7 100644 --- a/include/hardware/bt_hh.h +++ b/include/hardware/bt_hh.h @@ -151,7 +151,7 @@ typedef struct { diff --git a/Scripts/LineageOS-17.1/Patch.sh b/Scripts/LineageOS-17.1/Patch.sh index ba20769b..880b6cc4 100644 --- a/Scripts/LineageOS-17.1/Patch.sh +++ b/Scripts/LineageOS-17.1/Patch.sh @@ -174,7 +174,7 @@ git fetch https://github.com/LineageOS/android_external_pdfium refs/changes/15/3 fi; if enterAndClear "external/skia"; then -applyPatch "$DOS_PATCHES/android_external_skia/408442.patch"; #R_asb_2024-11 Avoid potential overflow when allocating 3D mask from emboss filter +applyPatch "$DOS_PATCHES/android_external_skia/410984.patch"; #Q_asb_2024-11 Avoid potential overflow when allocating 3D mask from emboss filter fi; if enterAndClear "external/sonivox"; then @@ -332,13 +332,16 @@ applyPatch "$DOS_PATCHES/android_frameworks_base/402604.patch"; #Q_asb_2024-08 B applyPatch "$DOS_PATCHES/android_frameworks_base/402605.patch"; #Q_asb_2024-08 Restrict USB poups while setup is in progress applyPatch "$DOS_PATCHES/android_frameworks_base/402606.patch"; #Q_asb_2024-08 Hide SAW subwindows applyPatch "$DOS_PATCHES/android_frameworks_base/403301.patch"; #Q_asb_2024-09 Sanitized uri scheme by removing scheme delimiter -applyPatch "$DOS_PATCHES/android_frameworks_base/405515.patch"; #R_asb_2024-10 Update AccountManagerService checkKeyIntent. -applyPatch "$DOS_PATCHES/android_frameworks_base/405516.patch"; #R_asb_2024-10 Fail parseUri if end is missing -applyPatch "$DOS_PATCHES/android_frameworks_base/405518.patch"; #R_asb_2024-10 Check whether installerPackageName contains only valid characters -applyPatch "$DOS_PATCHES/android_frameworks_base/408443.patch"; #R_asb_2024-11 Remove authenticator data if it was disabled. -applyPatch "$DOS_PATCHES/android_frameworks_base/408444.patch"; #R_asb_2024-11 RingtoneManager: allow video ringtone URI -applyPatch "$DOS_PATCHES/android_frameworks_base/408446-backport.patch"; #R_asb_2024-11 Disallow device admin package and protected packages to be reinstalled as instant. -applyPatch "$DOS_PATCHES/android_frameworks_base/408447.patch"; #R_asb_2024-11 Clear app-provided shortcut icons +applyPatch "$DOS_PATCHES/android_frameworks_base/408524.patch"; #Q_asb_2024-10 Update AccountManagerService checkKeyIntent. +applyPatch "$DOS_PATCHES/android_frameworks_base/408525.patch"; #Q_asb_2024-10 Fail parseUri if end is missing +applyPatch "$DOS_PATCHES/android_frameworks_base/408526.patch"; #Q_asb_2024-10 Check whether installerPackageName contains only valid characters +applyPatch "$DOS_PATCHES/android_frameworks_base/410985.patch"; #Q_asb_2024-11 Remove authenticator data if it was disabled. +applyPatch "$DOS_PATCHES/android_frameworks_base/410986.patch"; #Q_asb_2024-11 RingtoneManager: allow video ringtone URI +applyPatch "$DOS_PATCHES/android_frameworks_base/410987.patch"; #Q_asb_2024-11 Check more URIs in notifications +applyPatch "$DOS_PATCHES/android_frameworks_base/410988.patch"; #Q_asb_2024-11 Fix function setting failed in Developer options +applyPatch "$DOS_PATCHES/android_frameworks_base/410989.patch"; #Q_asb_2024-11 Set no data transfer on function switch timeout for accessory mode +applyPatch "$DOS_PATCHES/android_frameworks_base/410990.patch"; #Q_asb_2024-11 Disallow device admin package and protected packages to be reinstalled as instant. +applyPatch "$DOS_PATCHES/android_frameworks_base/410991.patch"; #Q_asb_2024-11 Clear app-provided shortcut icons #applyPatch "$DOS_PATCHES/android_frameworks_base/272645.patch"; #ten-bt-sbc-hd-dualchannel: Add CHANNEL_MODE_DUAL_CHANNEL constant (ValdikSS) #applyPatch "$DOS_PATCHES/android_frameworks_base/272646-forwardport.patch"; #ten-bt-sbc-hd-dualchannel: Add Dual Channel into Bluetooth Audio Channel Mode developer options menu (ValdikSS) #applyPatch "$DOS_PATCHES/android_frameworks_base/272647.patch"; #ten-bt-sbc-hd-dualchannel: Allow SBC as HD audio codec in Bluetooth device configuration (ValdikSS) @@ -415,7 +418,7 @@ if enterAndClear "frameworks/opt/net/wifi"; then applyPatch "$DOS_PATCHES/android_frameworks_opt_net_wifi/352562.patch"; #Q_asb_2023-03 Revert "wifi: remove certificates for network factory reset" applyPatch "$DOS_PATCHES/android_frameworks_opt_net_wifi/355360.patch"; #Q_asb_2023-04 Revert "Revert "wifi: remove certificates for network factory reset"" applyPatch "$DOS_PATCHES/android_frameworks_opt_net_wifi/378139.patch"; #Q_asb_2023-07 Limit the number of Passpoint per App -applyPatch "$DOS_PATCHES/android_frameworks_opt_net_wifi/408452-backport.patch"; #R_asb_2024-11 Fix security issue by change the field in WifiConfig +applyPatch "$DOS_PATCHES/android_frameworks_opt_net_wifi/410992.patch"; #Q_asb_2024-11 Fix security issue by change the field in WifiConfig applyPatch "$DOS_PATCHES/android_frameworks_opt_net_wifi/0001-constify_JNINativeMethod.patch"; #Constify JNINativeMethod tables (GrapheneOS) applyPatch "$DOS_PATCHES/android_frameworks_opt_net_wifi/0002-Random_MAC.patch"; #Add support for always generating new random MAC (GrapheneOS) fi; @@ -462,7 +465,7 @@ applyPatch "$DOS_PATCHES/android_hardware_qcom_audio/0001-Unused-sm8150.patch"; fi; if enterAndClear "libcore"; then -applyPatch "$DOS_PATCHES/android_libcore/405541.patch"; #R_asb_2024-10 Do not accept zip files with invalid headers. +applyPatch "$DOS_PATCHES/android_libcore/408527.patch"; #Q_asb_2024-10 Do not accept zip files with invalid headers. applyPatch "$DOS_PATCHES/android_libcore/0001-Exec_Based_Spawning-1.patch"; #Add exec-based spawning support (GrapheneOS) applyPatch "$DOS_PATCHES/android_libcore/0001-Exec_Based_Spawning-2.patch"; applyPatch "$DOS_PATCHES/android_libcore/0003-Network_Permission.patch"; #Expose the NETWORK permission (GrapheneOS) @@ -476,7 +479,7 @@ fi; if enterAndClear "packages/apps/Bluetooth"; then applyPatch "$DOS_PATCHES/android_packages_apps_Bluetooth/378135.patch"; #Q_asb_2023-12 Fix UAF in ~CallbackEnv -applyPatch "$DOS_PATCHES/android_packages_apps_Bluetooth/405835-backport.patch"; #P_asb_2024-10 Disallow unexpected incoming HID connections 2/2 +applyPatch "$DOS_PATCHES/android_packages_apps_Bluetooth/408528.patch"; #Q_asb_2024-10 Disallow unexpected incoming HID connections 2/2 #applyPatch "$DOS_PATCHES/android_packages_apps_Bluetooth/272652.patch"; #ten-bt-sbc-hd-dualchannel: SBC Dual Channel (SBC HD Audio) support (ValdikSS) #applyPatch "$DOS_PATCHES/android_packages_apps_Bluetooth/272653.patch"; #ten-bt-sbc-hd-dualchannel: Assume optional codecs are supported if were supported previously (ValdikSS) applyPatch "$DOS_PATCHES/android_packages_apps_Bluetooth/0001-constify_JNINativeMethod.patch"; #Constify JNINativeMethod tables (GrapheneOS) @@ -542,9 +545,10 @@ applyPatch "$DOS_PATCHES/android_packages_apps_Settings/403302.patch"; #Q_asb_20 applyPatch "$DOS_PATCHES/android_packages_apps_Settings/403303.patch"; #Q_asb_2024-09 Replace getCallingActivity() with getLaunchedFromPackage() applyPatch "$DOS_PATCHES/android_packages_apps_Settings/403304.patch"; #Q_asb_2024-09 Ignore fragment attr from ext authenticator resource applyPatch "$DOS_PATCHES/android_packages_apps_Settings/403305.patch"; #Q_asb_2024-09 Restrict Settings Homepage prior to provisioning -applyPatch "$DOS_PATCHES/android_packages_apps_Settings/405534.patch"; #R_asb_2024-10 FRP bypass defense in App battery usage page -applyPatch "$DOS_PATCHES/android_packages_apps_Settings/408450.patch"; #R_asb_2024-11 startActivityForResult with new Intent -applyPatch "$DOS_PATCHES/android_packages_apps_Settings/408451.patch"; #R_asb_2024-11 Checks cross user permission before handling intent +applyPatch "$DOS_PATCHES/android_packages_apps_Settings/408529.patch"; #Q_asb_2024-10 FRP bypass defense in App battery usage page +applyPatch "$DOS_PATCHES/android_packages_apps_Settings/410993.patch"; #Q_asb_2024-11 fix: Security Report - Reveal images across users via EditUserPhotoController +applyPatch "$DOS_PATCHES/android_packages_apps_Settings/410994.patch"; #Q_asb_2024-11 startActivityForResult with new Intent +applyPatch "$DOS_PATCHES/android_packages_apps_Settings/410995.patch"; #Q_asb_2024-11 Checks cross user permission before handling intent git revert --no-edit 486980cfecce2ca64267f41462f9371486308e9d; #Don't hide OEM unlock #applyPatch "$DOS_PATCHES/android_packages_apps_Settings/272651.patch"; #ten-bt-sbc-hd-dualchannel: Add Dual Channel into Bluetooth Audio Channel Mode developer options menu (ValdikSS) applyPatch "$DOS_PATCHES/android_packages_apps_Settings/0001-Captive_Portal_Toggle.patch"; #Add option to disable captive portal checks (MSe1969) @@ -612,7 +616,7 @@ applyPatch "$DOS_PATCHES/android_packages_providers_MediaProvider/355362.patch"; applyPatch "$DOS_PATCHES/android_packages_providers_MediaProvider/378137.patch"; #Q_asb_2023-09 Canonicalize file path for insertion by legacy apps applyPatch "$DOS_PATCHES/android_packages_providers_MediaProvider/378138.patch"; #Q_asb_2023-10 Fix path traversal vulnerabilities in MediaProvider applyPatch "$DOS_PATCHES/android_packages_providers_MediaProvider/399090.patch"; #Q_asb_2024-07 Prevent insertion in other users storage volumes -applyPatch "$DOS_PATCHES/android_packages_providers_MediaProvider/408453-backport.patch"; #R_asb_2024-11 +applyPatch "$DOS_PATCHES/android_packages_providers_MediaProvider/410996.patch"; #Q_asb_2024-11 Prevent apps from renaming files they don't own fi; if enterAndClear "packages/providers/TelephonyProvider"; then @@ -686,8 +690,9 @@ applyPatch "$DOS_PATCHES/android_system_bt/403314.patch"; #Q_asb_2024-09 Use btm applyPatch "$DOS_PATCHES/android_system_bt/403315.patch"; #Q_asb_2024-09 Add support for checking security downgrade applyPatch "$DOS_PATCHES/android_system_bt/403316.patch"; #Q_asb_2024-09 Disallow connect with Secure Connections downgrade applyPatch "$DOS_PATCHES/android_system_bt/403317.patch"; #Q_asb_2024-09 Disallow connect with key length downgrade -applyPatch "$DOS_PATCHES/android_system_bt/405536.patch"; #R_asb_2024-10 Add btif/include/btif_hh::btif_hh_status_text -applyPatch "$DOS_PATCHES/android_system_bt/405834-backport.patch"; #P_asb_2024-10 Disallow unexpected incoming HID connections 1/2 +applyPatch "$DOS_PATCHES/android_system_bt/408530.patch"; #Q_asb_2024-10 Add privatize option for bluetooth addresses for logging +applyPatch "$DOS_PATCHES/android_system_bt/408531.patch"; #Q_asb_2024-10 Add btif/include/btif_hh::btif_hh_status_text +applyPatch "$DOS_PATCHES/android_system_bt/408532.patch"; #Q_asb_2024-10 Disallow unexpected incoming HID connections 1/2 applyPatch "$DOS_PATCHES_COMMON/android_system_bt/0001-alloc_size.patch"; #Add alloc_size attributes to the allocator (GrapheneOS) #applyPatch "$DOS_PATCHES/android_system_bt/272648.patch"; #ten-bt-sbc-hd-dualchannel: Increase maximum Bluetooth SBC codec bitrate for SBC HD (ValdikSS) #applyPatch "$DOS_PATCHES/android_system_bt/272649.patch"; #ten-bt-sbc-hd-dualchannel: Explicit SBC Dual Channel (SBC HD) support (ValdikSS) @@ -769,7 +774,8 @@ fi; if enterAndClear "vendor/qcom/opensource/commonsys/packages/apps/Bluetooth"; then applyPatch "$DOS_PATCHES/android_vendor_qcom_opensource_packages_apps_Bluetooth/378136.patch"; #Q_asb_2023-12 Fix UAF in ~CallbackEnv -applyPatch "$DOS_PATCHES/android_vendor_qcom_opensource_packages_apps_Bluetooth/405585-backport.patch"; #R_asb_2024-10 Disallow unexpected incoming HID connections 2/2 +applyPatch "$DOS_PATCHES/android_vendor_qcom_opensource_packages_apps_Bluetooth/408533.patch"; #Q_asb_2024-10 Disallow unexpected incoming HID connections 2/2 + fi; if enterAndClear "vendor/qcom/opensource/commonsys/system/bt"; then @@ -812,8 +818,9 @@ applyPatch "$DOS_PATCHES/android_vendor_qcom_opensource_system_bt/403324.patch"; applyPatch "$DOS_PATCHES/android_vendor_qcom_opensource_system_bt/403325.patch"; #Q_asb_2024-09 Add support for checking security downgrade applyPatch "$DOS_PATCHES/android_vendor_qcom_opensource_system_bt/403326.patch"; #Q_asb_2024-09 Disallow connect with Secure Connections downgrade applyPatch "$DOS_PATCHES/android_vendor_qcom_opensource_system_bt/403327.patch"; #Q_asb_2024-09 Disallow connect with key length downgrade -applyPatch "$DOS_PATCHES/android_vendor_qcom_opensource_system_bt/405583.patch"; #R_asb_2024-10 Add btif/include/btif_hh::btif_hh_status_text -applyPatch "$DOS_PATCHES/android_vendor_qcom_opensource_system_bt/405584.patch"; #R_asb_2024-10 Disallow unexpected incoming HID connections 1/2 +applyPatch "$DOS_PATCHES/android_vendor_qcom_opensource_system_bt/408535.patch"; #Q_asb_2024-10 Add privatize option for bluetooth addresses for logging +applyPatch "$DOS_PATCHES/android_vendor_qcom_opensource_system_bt/408535.patch"; #Q_asb_2024-10 Add btif/include/btif_hh::btif_hh_status_text +applyPatch "$DOS_PATCHES/android_vendor_qcom_opensource_system_bt/408536.patch"; #Q_asb_2024-10 Disallow unexpected incoming HID connections 1/2 fi; if enterAndClear "vendor/lineage"; then