mirror of
https://github.com/Divested-Mobile/DivestOS-Build.git
synced 2024-10-01 01:35:54 -04:00
Picks
Signed-off-by: Tavi <tavi@divested.dev>
This commit is contained in:
parent
e3894395a7
commit
4b0bf74d68
38
Patches/LineageOS-18.1/android_frameworks_av/399741.patch
Normal file
38
Patches/LineageOS-18.1/android_frameworks_av/399741.patch
Normal file
@ -0,0 +1,38 @@
|
|||||||
|
From c68f62f62fc3ffe077098e45f26ffa2fb3300d6c Mon Sep 17 00:00:00 2001
|
||||||
|
From: Rakesh Kumar <rakesh.kumar@ittiam.com>
|
||||||
|
Date: Thu, 30 May 2024 11:17:48 +0000
|
||||||
|
Subject: [PATCH] StagefrightRecoder: Disabling B-frame support
|
||||||
|
|
||||||
|
Disabling b-frame support from stagefright recorder in case of
|
||||||
|
audio source as mic and video source is surface use case only
|
||||||
|
because screen recorder with microphone doesn't play in sync
|
||||||
|
if b-frame is enabled.
|
||||||
|
If the audio source selected is INTERNAL (i.e. device) or
|
||||||
|
MIC_AND_INTERNAL with screen recorder then b frame is supported.
|
||||||
|
|
||||||
|
Bug: 288549440
|
||||||
|
Test: manually check screen recording with audio from mic has audio/video in synch
|
||||||
|
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:af685c66bab17b71fe1624f76b5d55628f79e6fa)
|
||||||
|
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:da3407f7688f35eb2dce79f1405feeb182241a3c)
|
||||||
|
Merged-In: I4098655eb9687fb633085333bc140634441566e6
|
||||||
|
Change-Id: I4098655eb9687fb633085333bc140634441566e6
|
||||||
|
---
|
||||||
|
media/libmediaplayerservice/StagefrightRecorder.cpp | 5 +++++
|
||||||
|
1 file changed, 5 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/media/libmediaplayerservice/StagefrightRecorder.cpp b/media/libmediaplayerservice/StagefrightRecorder.cpp
|
||||||
|
index a7344de402b..c66def491b9 100644
|
||||||
|
--- a/media/libmediaplayerservice/StagefrightRecorder.cpp
|
||||||
|
+++ b/media/libmediaplayerservice/StagefrightRecorder.cpp
|
||||||
|
@@ -1843,6 +1843,11 @@ status_t StagefrightRecorder::setupVideoEncoder(
|
||||||
|
|
||||||
|
if (tsLayers > 1) {
|
||||||
|
uint32_t bLayers = std::min(2u, tsLayers - 1); // use up-to 2 B-layers
|
||||||
|
+ // TODO(b/341121900): Remove this once B frames are handled correctly in screen recorder
|
||||||
|
+ // use case in case of mic only
|
||||||
|
+ if (mAudioSource == AUDIO_SOURCE_MIC && mVideoSource == VIDEO_SOURCE_SURFACE) {
|
||||||
|
+ bLayers = 0;
|
||||||
|
+ }
|
||||||
|
uint32_t pLayers = tsLayers - bLayers;
|
||||||
|
format->setString(
|
||||||
|
"ts-schema", AStringPrintf("android.generic.%u+%u", pLayers, bLayers));
|
76
Patches/LineageOS-18.1/android_frameworks_base/399738.patch
Normal file
76
Patches/LineageOS-18.1/android_frameworks_base/399738.patch
Normal file
@ -0,0 +1,76 @@
|
|||||||
|
From d532c7c42dbb9298ac64d7f38d56214af754a336 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Nan Wu <wnan@google.com>
|
||||||
|
Date: Tue, 30 Apr 2024 17:20:29 +0000
|
||||||
|
Subject: [PATCH] RESTRICT AUTOMERGE Backport preventing BAL bypass via bound
|
||||||
|
service
|
||||||
|
|
||||||
|
Apply similar fix for WallpaperService to TextToSpeech Service,
|
||||||
|
Job Service, Print Service, Sync Service and MediaRoute2Provider Service
|
||||||
|
|
||||||
|
Bug: 232798473, 232798676, 336490997
|
||||||
|
Test: Manual test. BackgroundActivityLaunchTest
|
||||||
|
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:8fdf4a345e140eba9b4e736d24ab95c67c55a247)
|
||||||
|
Merged-In: Ib113e45aa18296b4475b90d6dcec5dd5664f4c80
|
||||||
|
Change-Id: Ib113e45aa18296b4475b90d6dcec5dd5664f4c80
|
||||||
|
---
|
||||||
|
.../service/java/com/android/server/job/JobServiceContext.java | 2 +-
|
||||||
|
services/core/java/com/android/server/content/SyncManager.java | 3 ++-
|
||||||
|
.../android/server/media/MediaRoute2ProviderServiceProxy.java | 3 ++-
|
||||||
|
.../java/com/android/server/print/RemotePrintService.java | 3 ++-
|
||||||
|
4 files changed, 7 insertions(+), 4 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/apex/jobscheduler/service/java/com/android/server/job/JobServiceContext.java b/apex/jobscheduler/service/java/com/android/server/job/JobServiceContext.java
|
||||||
|
index 565ed959aeb4d..51ffc7f9379c7 100644
|
||||||
|
--- a/apex/jobscheduler/service/java/com/android/server/job/JobServiceContext.java
|
||||||
|
+++ b/apex/jobscheduler/service/java/com/android/server/job/JobServiceContext.java
|
||||||
|
@@ -252,7 +252,7 @@ boolean executeRunnableJob(JobStatus job) {
|
||||||
|
try {
|
||||||
|
binding = mContext.bindServiceAsUser(intent, this,
|
||||||
|
Context.BIND_AUTO_CREATE | Context.BIND_NOT_FOREGROUND
|
||||||
|
- | Context.BIND_NOT_PERCEPTIBLE,
|
||||||
|
+ | Context.BIND_NOT_PERCEPTIBLE | Context.BIND_DENY_ACTIVITY_STARTS,
|
||||||
|
UserHandle.of(job.getUserId()));
|
||||||
|
} catch (SecurityException e) {
|
||||||
|
// Some permission policy, for example INTERACT_ACROSS_USERS and
|
||||||
|
diff --git a/services/core/java/com/android/server/content/SyncManager.java b/services/core/java/com/android/server/content/SyncManager.java
|
||||||
|
index ec12a971e445a..7ce6104262373 100644
|
||||||
|
--- a/services/core/java/com/android/server/content/SyncManager.java
|
||||||
|
+++ b/services/core/java/com/android/server/content/SyncManager.java
|
||||||
|
@@ -221,7 +221,8 @@ public class SyncManager {
|
||||||
|
|
||||||
|
/** Flags used when connecting to a sync adapter service */
|
||||||
|
private static final int SYNC_ADAPTER_CONNECTION_FLAGS = Context.BIND_AUTO_CREATE
|
||||||
|
- | Context.BIND_NOT_FOREGROUND | Context.BIND_ALLOW_OOM_MANAGEMENT;
|
||||||
|
+ | Context.BIND_NOT_FOREGROUND | Context.BIND_ALLOW_OOM_MANAGEMENT
|
||||||
|
+ | Context.BIND_DENY_ACTIVITY_STARTS;
|
||||||
|
|
||||||
|
/** Singleton instance. */
|
||||||
|
@GuardedBy("SyncManager.class")
|
||||||
|
diff --git a/services/core/java/com/android/server/media/MediaRoute2ProviderServiceProxy.java b/services/core/java/com/android/server/media/MediaRoute2ProviderServiceProxy.java
|
||||||
|
index ab38dca2387d8..66502179ba895 100644
|
||||||
|
--- a/services/core/java/com/android/server/media/MediaRoute2ProviderServiceProxy.java
|
||||||
|
+++ b/services/core/java/com/android/server/media/MediaRoute2ProviderServiceProxy.java
|
||||||
|
@@ -224,7 +224,8 @@ private void bind() {
|
||||||
|
service.setComponent(mComponentName);
|
||||||
|
try {
|
||||||
|
mBound = mContext.bindServiceAsUser(service, this,
|
||||||
|
- Context.BIND_AUTO_CREATE | Context.BIND_FOREGROUND_SERVICE,
|
||||||
|
+ Context.BIND_AUTO_CREATE | Context.BIND_FOREGROUND_SERVICE
|
||||||
|
+ | Context.BIND_DENY_ACTIVITY_STARTS,
|
||||||
|
new UserHandle(mUserId));
|
||||||
|
if (!mBound && DEBUG) {
|
||||||
|
Slog.d(TAG, this + ": Bind failed");
|
||||||
|
diff --git a/services/print/java/com/android/server/print/RemotePrintService.java b/services/print/java/com/android/server/print/RemotePrintService.java
|
||||||
|
index 502cd2c60f4aa..702ddbb9f912a 100644
|
||||||
|
--- a/services/print/java/com/android/server/print/RemotePrintService.java
|
||||||
|
+++ b/services/print/java/com/android/server/print/RemotePrintService.java
|
||||||
|
@@ -572,7 +572,8 @@ private void ensureBound() {
|
||||||
|
|
||||||
|
boolean wasBound = mContext.bindServiceAsUser(mIntent, mServiceConnection,
|
||||||
|
Context.BIND_AUTO_CREATE | Context.BIND_FOREGROUND_SERVICE
|
||||||
|
- | Context.BIND_INCLUDE_CAPABILITIES | Context.BIND_ALLOW_INSTANT,
|
||||||
|
+ | Context.BIND_INCLUDE_CAPABILITIES | Context.BIND_ALLOW_INSTANT
|
||||||
|
+ | Context.BIND_DENY_ACTIVITY_STARTS,
|
||||||
|
new UserHandle(mUserId));
|
||||||
|
|
||||||
|
if (!wasBound) {
|
65
Patches/LineageOS-18.1/android_frameworks_base/399739.patch
Normal file
65
Patches/LineageOS-18.1/android_frameworks_base/399739.patch
Normal file
@ -0,0 +1,65 @@
|
|||||||
|
From 45ee08b07a12600ead2f3a789d60094c9d886fb8 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Kiran S <krns@google.com>
|
||||||
|
Date: Mon, 13 May 2024 05:49:06 +0000
|
||||||
|
Subject: [PATCH] Restrict USB poups while setup is in progress
|
||||||
|
|
||||||
|
Test: Cherry pick of http://ag/27094197
|
||||||
|
Bug: 294105066
|
||||||
|
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:2ce2e54a040342373e401f9c2e70035ede4e63ad)
|
||||||
|
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:ec96cc3e3a81d21f2249db381c10638bb307cf39)
|
||||||
|
Merged-In: I7d54534696fd73f3b94c5b4250142eed9341c5d8
|
||||||
|
Change-Id: I7d54534696fd73f3b94c5b4250142eed9341c5d8
|
||||||
|
---
|
||||||
|
.../usb/UsbProfileGroupSettingsManager.java | 21 +++++++++++++++++++
|
||||||
|
1 file changed, 21 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/services/usb/java/com/android/server/usb/UsbProfileGroupSettingsManager.java b/services/usb/java/com/android/server/usb/UsbProfileGroupSettingsManager.java
|
||||||
|
index d7b6b5d0d36a2..de49091759df3 100644
|
||||||
|
--- a/services/usb/java/com/android/server/usb/UsbProfileGroupSettingsManager.java
|
||||||
|
+++ b/services/usb/java/com/android/server/usb/UsbProfileGroupSettingsManager.java
|
||||||
|
@@ -16,6 +16,8 @@
|
||||||
|
|
||||||
|
package com.android.server.usb;
|
||||||
|
|
||||||
|
+import static android.provider.Settings.Secure.USER_SETUP_COMPLETE;
|
||||||
|
+
|
||||||
|
import static com.android.internal.app.IntentForwarderActivity.FORWARD_INTENT_TO_MANAGED_PROFILE;
|
||||||
|
|
||||||
|
import android.annotation.NonNull;
|
||||||
|
@@ -42,6 +44,7 @@
|
||||||
|
import android.os.Environment;
|
||||||
|
import android.os.UserHandle;
|
||||||
|
import android.os.UserManager;
|
||||||
|
+import android.provider.Settings;
|
||||||
|
import android.service.usb.UsbProfileGroupSettingsManagerProto;
|
||||||
|
import android.service.usb.UsbSettingsAccessoryPreferenceProto;
|
||||||
|
import android.service.usb.UsbSettingsDevicePreferenceProto;
|
||||||
|
@@ -900,10 +903,28 @@ private void resolveActivity(Intent intent, UsbDevice device, boolean showMtpNot
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
+ if (shouldRestrictOverlayActivities()) {
|
||||||
|
+ return;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
// Start activity with registered intent
|
||||||
|
resolveActivity(intent, matches, defaultActivity, device, null);
|
||||||
|
}
|
||||||
|
|
||||||
|
+ private boolean shouldRestrictOverlayActivities() {
|
||||||
|
+ if (Settings.Secure.getIntForUser(
|
||||||
|
+ mContext.getContentResolver(),
|
||||||
|
+ USER_SETUP_COMPLETE,
|
||||||
|
+ /* defaultValue= */ 1,
|
||||||
|
+ UserHandle.CURRENT.getIdentifier())
|
||||||
|
+ == 0) {
|
||||||
|
+ Slog.d(TAG, "restricting usb overlay activities as setup is not complete");
|
||||||
|
+ return true;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ return false;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
public void deviceAttachedForFixedHandler(UsbDevice device, ComponentName component) {
|
||||||
|
final Intent intent = createDeviceAttachedIntent(device);
|
||||||
|
|
33
Patches/LineageOS-18.1/android_frameworks_base/399740.patch
Normal file
33
Patches/LineageOS-18.1/android_frameworks_base/399740.patch
Normal file
@ -0,0 +1,33 @@
|
|||||||
|
From 644e95940f57497b7dd155d42f6b0bf42b5540b3 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Linus Tufvesson <lus@google.com>
|
||||||
|
Date: Mon, 29 Apr 2024 16:32:15 +0200
|
||||||
|
Subject: [PATCH] Hide SAW subwindows
|
||||||
|
|
||||||
|
.. when top window is hidden through Window#setHideOverlayWindows
|
||||||
|
|
||||||
|
Bug: 318683640
|
||||||
|
Test: atest CtsWindowManagerDeviceWindow:HideOverlayWindowsTest
|
||||||
|
Flag: EXEMPT securityfix
|
||||||
|
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:c37bc9147086f497ac7b1595083836014f524d5f)
|
||||||
|
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:89bc634cb534b8e0ffd798ac9f9f89ac1be0f785)
|
||||||
|
Merged-In: If19240f5aec2e048de80d75cbbdc00be47622d7f
|
||||||
|
Change-Id: If19240f5aec2e048de80d75cbbdc00be47622d7f
|
||||||
|
---
|
||||||
|
services/core/java/com/android/server/wm/WindowState.java | 3 ++-
|
||||||
|
1 file changed, 2 insertions(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/services/core/java/com/android/server/wm/WindowState.java b/services/core/java/com/android/server/wm/WindowState.java
|
||||||
|
index 319b7e88258db..12c301b300d69 100644
|
||||||
|
--- a/services/core/java/com/android/server/wm/WindowState.java
|
||||||
|
+++ b/services/core/java/com/android/server/wm/WindowState.java
|
||||||
|
@@ -3041,8 +3041,9 @@ boolean hideLw(boolean doAnimation, boolean requestAnim) {
|
||||||
|
}
|
||||||
|
|
||||||
|
void setForceHideNonSystemOverlayWindowIfNeeded(boolean forceHide) {
|
||||||
|
+ final int baseType = getBaseType();
|
||||||
|
if (mOwnerCanAddInternalSystemWindow
|
||||||
|
- || (!isSystemAlertWindowType(mAttrs.type) && mAttrs.type != TYPE_TOAST)) {
|
||||||
|
+ || (!isSystemAlertWindowType(baseType) && baseType != TYPE_TOAST)) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
if (mForceHideNonSystemOverlayWindow == forceHide) {
|
60
Patches/LineageOS-18.1/android_system_bt/399742.patch
Normal file
60
Patches/LineageOS-18.1/android_system_bt/399742.patch
Normal file
@ -0,0 +1,60 @@
|
|||||||
|
From 2c0deba7d780ae11d16fc675fc6aa9abba344fd7 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Brian Delwiche <delwiche@google.com>
|
||||||
|
Date: Mon, 22 Apr 2024 16:43:29 +0000
|
||||||
|
Subject: [PATCH] Fix heap-buffer overflow in sdp_utils.cc
|
||||||
|
|
||||||
|
Fuzzer identifies a case where sdpu_compare_uuid_with_attr crashes with
|
||||||
|
an out of bounds comparison. Although the bug claims this is due to a
|
||||||
|
comparison of a uuid with a smaller data field thana the discovery
|
||||||
|
attribute, my research suggests that this instead stems from a
|
||||||
|
comparison of a 128 bit UUID with a discovery attribute of some other,
|
||||||
|
invalid size.
|
||||||
|
|
||||||
|
Add checks for discovery attribute size.
|
||||||
|
|
||||||
|
Bug: 287184435
|
||||||
|
Test: atest bluetooth_test_gd_unit, net_test_stack_sdp
|
||||||
|
Tag: #security
|
||||||
|
Ignore-AOSP-First: Security
|
||||||
|
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:99210e2f251e2189c1eede15942c832e017404c2)
|
||||||
|
Merged-In: Ib536cbeac454efbf6af3d713c05c8e3e077e069b
|
||||||
|
Change-Id: Ib536cbeac454efbf6af3d713c05c8e3e077e069b
|
||||||
|
---
|
||||||
|
stack/sdp/sdp_utils.cc | 24 ++++++++++++++++++++++--
|
||||||
|
1 file changed, 22 insertions(+), 2 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/stack/sdp/sdp_utils.cc b/stack/sdp/sdp_utils.cc
|
||||||
|
index f8cde2c34c5..9581dc72a77 100644
|
||||||
|
--- a/stack/sdp/sdp_utils.cc
|
||||||
|
+++ b/stack/sdp/sdp_utils.cc
|
||||||
|
@@ -949,8 +949,28 @@ bool sdpu_compare_uuid_arrays(uint8_t* p_uuid1, uint32_t len1, uint8_t* p_uuid2,
|
||||||
|
******************************************************************************/
|
||||||
|
bool sdpu_compare_uuid_with_attr(const Uuid& uuid, tSDP_DISC_ATTR* p_attr) {
|
||||||
|
int len = uuid.GetShortestRepresentationSize();
|
||||||
|
- if (len == 2) return uuid.As16Bit() == p_attr->attr_value.v.u16;
|
||||||
|
- if (len == 4) return uuid.As32Bit() == p_attr->attr_value.v.u32;
|
||||||
|
+ if (len == 2) {
|
||||||
|
+ if (SDP_DISC_ATTR_LEN(p_attr->attr_len_type) == Uuid::kNumBytes16) {
|
||||||
|
+ return uuid.As16Bit() == p_attr->attr_value.v.u16;
|
||||||
|
+ } else {
|
||||||
|
+ LOG(ERROR) << "invalid length for discovery attribute";
|
||||||
|
+ return (false);
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
+ if (len == 4) {
|
||||||
|
+ if (SDP_DISC_ATTR_LEN(p_attr->attr_len_type) == Uuid::kNumBytes32) {
|
||||||
|
+ return uuid.As32Bit() == p_attr->attr_value.v.u32;
|
||||||
|
+ } else {
|
||||||
|
+ LOG(ERROR) << "invalid length for discovery attribute";
|
||||||
|
+ return (false);
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if (SDP_DISC_ATTR_LEN(p_attr->attr_len_type) != Uuid::kNumBytes128) {
|
||||||
|
+ LOG(ERROR) << "invalid length for discovery attribute";
|
||||||
|
+ return (false);
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
if (memcmp(uuid.To128BitBE().data(), (void*)p_attr->attr_value.v.array,
|
||||||
|
Uuid::kNumBytes128) == 0)
|
||||||
|
return (true);
|
@ -0,0 +1,60 @@
|
|||||||
|
From f33554bf3b2998d04a78d19c46d9db26f2d27478 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Brian Delwiche <delwiche@google.com>
|
||||||
|
Date: Mon, 22 Apr 2024 16:43:29 +0000
|
||||||
|
Subject: [PATCH] Fix heap-buffer overflow in sdp_utils.cc
|
||||||
|
|
||||||
|
Fuzzer identifies a case where sdpu_compare_uuid_with_attr crashes with
|
||||||
|
an out of bounds comparison. Although the bug claims this is due to a
|
||||||
|
comparison of a uuid with a smaller data field thana the discovery
|
||||||
|
attribute, my research suggests that this instead stems from a
|
||||||
|
comparison of a 128 bit UUID with a discovery attribute of some other,
|
||||||
|
invalid size.
|
||||||
|
|
||||||
|
Add checks for discovery attribute size.
|
||||||
|
|
||||||
|
Bug: 287184435
|
||||||
|
Test: atest bluetooth_test_gd_unit, net_test_stack_sdp
|
||||||
|
Tag: #security
|
||||||
|
Ignore-AOSP-First: Security
|
||||||
|
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:99210e2f251e2189c1eede15942c832e017404c2)
|
||||||
|
Merged-In: Ib536cbeac454efbf6af3d713c05c8e3e077e069b
|
||||||
|
Change-Id: Ib536cbeac454efbf6af3d713c05c8e3e077e069b
|
||||||
|
---
|
||||||
|
stack/sdp/sdp_utils.cc | 24 ++++++++++++++++++++++--
|
||||||
|
1 file changed, 22 insertions(+), 2 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/stack/sdp/sdp_utils.cc b/stack/sdp/sdp_utils.cc
|
||||||
|
index ec48361fd..66f52c32f 100644
|
||||||
|
--- a/stack/sdp/sdp_utils.cc
|
||||||
|
+++ b/stack/sdp/sdp_utils.cc
|
||||||
|
@@ -739,8 +739,28 @@ bool sdpu_compare_uuid_arrays(uint8_t* p_uuid1, uint32_t len1, uint8_t* p_uuid2,
|
||||||
|
******************************************************************************/
|
||||||
|
bool sdpu_compare_uuid_with_attr(const Uuid& uuid, tSDP_DISC_ATTR* p_attr) {
|
||||||
|
int len = uuid.GetShortestRepresentationSize();
|
||||||
|
- if (len == 2) return uuid.As16Bit() == p_attr->attr_value.v.u16;
|
||||||
|
- if (len == 4) return uuid.As32Bit() == p_attr->attr_value.v.u32;
|
||||||
|
+ if (len == 2) {
|
||||||
|
+ if (SDP_DISC_ATTR_LEN(p_attr->attr_len_type) == Uuid::kNumBytes16) {
|
||||||
|
+ return uuid.As16Bit() == p_attr->attr_value.v.u16;
|
||||||
|
+ } else {
|
||||||
|
+ LOG(ERROR) << "invalid length for discovery attribute";
|
||||||
|
+ return (false);
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
+ if (len == 4) {
|
||||||
|
+ if (SDP_DISC_ATTR_LEN(p_attr->attr_len_type) == Uuid::kNumBytes32) {
|
||||||
|
+ return uuid.As32Bit() == p_attr->attr_value.v.u32;
|
||||||
|
+ } else {
|
||||||
|
+ LOG(ERROR) << "invalid length for discovery attribute";
|
||||||
|
+ return (false);
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if (SDP_DISC_ATTR_LEN(p_attr->attr_len_type) != Uuid::kNumBytes128) {
|
||||||
|
+ LOG(ERROR) << "invalid length for discovery attribute";
|
||||||
|
+ return (false);
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
if (memcmp(uuid.To128BitBE().data(), (void*)p_attr->attr_value.v.array,
|
||||||
|
Uuid::kNumBytes128) == 0)
|
||||||
|
return (true);
|
@ -93,7 +93,7 @@ applyPatch "$DOS_PATCHES_COMMON/android_build/0001-verity-openssl3.patch"; #Fix
|
|||||||
sed -i '75i$(my_res_package): PRIVATE_AAPT_FLAGS += --auto-add-overlay' core/aapt2.mk; #Enable auto-add-overlay for packages, this allows the vendor overlay to easily work across all branches.
|
sed -i '75i$(my_res_package): PRIVATE_AAPT_FLAGS += --auto-add-overlay' core/aapt2.mk; #Enable auto-add-overlay for packages, this allows the vendor overlay to easily work across all branches.
|
||||||
awk -i inplace '!/updatable_apex.mk/' target/product/mainline_system.mk; #Disable APEX
|
awk -i inplace '!/updatable_apex.mk/' target/product/mainline_system.mk; #Disable APEX
|
||||||
sed -i 's/PLATFORM_MIN_SUPPORTED_TARGET_SDK_VERSION := 23/PLATFORM_MIN_SUPPORTED_TARGET_SDK_VERSION := 28/' core/version_defaults.mk; #Set the minimum supported target SDK to Pie (GrapheneOS)
|
sed -i 's/PLATFORM_MIN_SUPPORTED_TARGET_SDK_VERSION := 23/PLATFORM_MIN_SUPPORTED_TARGET_SDK_VERSION := 28/' core/version_defaults.mk; #Set the minimum supported target SDK to Pie (GrapheneOS)
|
||||||
sed -i 's/2024-02-05/2024-07-05/' core/version_defaults.mk; #Bump Security String #R_asb_2024-07
|
sed -i 's/2024-02-05/2024-08-05/' core/version_defaults.mk; #Bump Security String #R_asb_2024-08
|
||||||
fi;
|
fi;
|
||||||
|
|
||||||
if enterAndClear "build/soong"; then
|
if enterAndClear "build/soong"; then
|
||||||
@ -133,6 +133,7 @@ if enterAndClear "frameworks/av"; then
|
|||||||
applyPatch "$DOS_PATCHES/android_frameworks_av/385529.patch"; #R_asb_2024-03 Validate OMX Params for VPx encoders
|
applyPatch "$DOS_PATCHES/android_frameworks_av/385529.patch"; #R_asb_2024-03 Validate OMX Params for VPx encoders
|
||||||
applyPatch "$DOS_PATCHES/android_frameworks_av/385530.patch"; #R_asb_2024-03 SoftVideoDecodeOMXComponent: validate OMX params for dynamic HDR
|
applyPatch "$DOS_PATCHES/android_frameworks_av/385530.patch"; #R_asb_2024-03 SoftVideoDecodeOMXComponent: validate OMX params for dynamic HDR
|
||||||
applyPatch "$DOS_PATCHES/android_frameworks_av/385531.patch"; #R_asb_2024-03 Fix out of bounds read and write in onQueueFilled in outQueue
|
applyPatch "$DOS_PATCHES/android_frameworks_av/385531.patch"; #R_asb_2024-03 Fix out of bounds read and write in onQueueFilled in outQueue
|
||||||
|
applyPatch "$DOS_PATCHES/android_frameworks_av/399741.patch"; #R_asb_2024-08 StagefrightRecoder: Disabling B-frame support
|
||||||
fi;
|
fi;
|
||||||
|
|
||||||
if enterAndClear "frameworks/base"; then
|
if enterAndClear "frameworks/base"; then
|
||||||
@ -161,6 +162,9 @@ applyPatch "$DOS_PATCHES/android_frameworks_base/394563.patch"; #R_asb_2024-06 C
|
|||||||
applyPatch "$DOS_PATCHES/android_frameworks_base/397541.patch"; #R_asb_2024-07 [PM] Send ACTION_PACKAGE_CHANGED when mimeGroups are changed
|
applyPatch "$DOS_PATCHES/android_frameworks_base/397541.patch"; #R_asb_2024-07 [PM] Send ACTION_PACKAGE_CHANGED when mimeGroups are changed
|
||||||
applyPatch "$DOS_PATCHES/android_frameworks_base/397542.patch"; #R_asb_2024-07 Verify UID of incoming Zygote connections.
|
applyPatch "$DOS_PATCHES/android_frameworks_base/397542.patch"; #R_asb_2024-07 Verify UID of incoming Zygote connections.
|
||||||
applyPatch "$DOS_PATCHES/android_frameworks_base/397543.patch"; #R_asb_2024-07 Fix security vulnerability of non-dynamic permission removal
|
applyPatch "$DOS_PATCHES/android_frameworks_base/397543.patch"; #R_asb_2024-07 Fix security vulnerability of non-dynamic permission removal
|
||||||
|
applyPatch "$DOS_PATCHES/android_frameworks_base/399738.patch"; #R_asb_2024-08 Backport preventing BAL bypass via bound service
|
||||||
|
applyPatch "$DOS_PATCHES/android_frameworks_base/399739.patch"; #R_asb_2024-08 Restrict USB poups while setup is in progress
|
||||||
|
applyPatch "$DOS_PATCHES/android_frameworks_base/399740.patch"; #R_asb_2024-08 Hide SAW subwindows
|
||||||
git revert --no-edit 438d9feacfcad73d3ee918541574132928a93644; #Reverts "Allow signature spoofing for microG Companion/Services" in favor of below patch
|
git revert --no-edit 438d9feacfcad73d3ee918541574132928a93644; #Reverts "Allow signature spoofing for microG Companion/Services" in favor of below patch
|
||||||
applyPatch "$DOS_PATCHES/android_frameworks_base/0007-Always_Restict_Serial.patch"; #Always restrict access to Build.SERIAL (GrapheneOS)
|
applyPatch "$DOS_PATCHES/android_frameworks_base/0007-Always_Restict_Serial.patch"; #Always restrict access to Build.SERIAL (GrapheneOS)
|
||||||
applyPatch "$DOS_PATCHES/android_frameworks_base/0008-Browser_No_Location.patch"; #Don't grant location permission to system browsers (GrapheneOS)
|
applyPatch "$DOS_PATCHES/android_frameworks_base/0008-Browser_No_Location.patch"; #Don't grant location permission to system browsers (GrapheneOS)
|
||||||
@ -431,6 +435,7 @@ applyPatch "$DOS_PATCHES/android_system_bt/385557.patch"; #R_asb_2024-03 Fix an
|
|||||||
applyPatch "$DOS_PATCHES/android_system_bt/385558.patch"; #R_asb_2024-03 Reland: Fix an OOB write bug in attp_build_value_cmd
|
applyPatch "$DOS_PATCHES/android_system_bt/385558.patch"; #R_asb_2024-03 Reland: Fix an OOB write bug in attp_build_value_cmd
|
||||||
applyPatch "$DOS_PATCHES/android_system_bt/385559.patch"; #R_asb_2024-03 Fix a security bypass issue in access_secure_service_from_temp_bond
|
applyPatch "$DOS_PATCHES/android_system_bt/385559.patch"; #R_asb_2024-03 Fix a security bypass issue in access_secure_service_from_temp_bond
|
||||||
applyPatch "$DOS_PATCHES/android_system_bt/397545.patch"; #R_asb_2024-07 Fix an authentication bypass bug in SMP
|
applyPatch "$DOS_PATCHES/android_system_bt/397545.patch"; #R_asb_2024-07 Fix an authentication bypass bug in SMP
|
||||||
|
applyPatch "$DOS_PATCHES/android_system_bt/399742.patch"; #R_asb_2024-08 Fix heap-buffer overflow in sdp_utils.cc
|
||||||
git am "$DOS_PATCHES/android_system_bt/a2dp-master-fixes.patch"; #topic (AOSP)
|
git am "$DOS_PATCHES/android_system_bt/a2dp-master-fixes.patch"; #topic (AOSP)
|
||||||
applyPatch "$DOS_PATCHES_COMMON/android_system_bt/0001-alloc_size.patch"; #Add alloc_size attributes to the allocator (GrapheneOS)
|
applyPatch "$DOS_PATCHES_COMMON/android_system_bt/0001-alloc_size.patch"; #Add alloc_size attributes to the allocator (GrapheneOS)
|
||||||
fi;
|
fi;
|
||||||
@ -490,6 +495,7 @@ applyPatch "$DOS_PATCHES/android_vendor_qcom_opensource_system_bt/385591.patch";
|
|||||||
applyPatch "$DOS_PATCHES/android_vendor_qcom_opensource_system_bt/385592.patch"; #R_asb_2024-03 Reland: Fix an OOB write bug in attp_build_value_cmd
|
applyPatch "$DOS_PATCHES/android_vendor_qcom_opensource_system_bt/385592.patch"; #R_asb_2024-03 Reland: Fix an OOB write bug in attp_build_value_cmd
|
||||||
applyPatch "$DOS_PATCHES/android_vendor_qcom_opensource_system_bt/385593.patch"; #R_asb_2024-03 Fix a security bypass issue in access_secure_service_from_temp_bond
|
applyPatch "$DOS_PATCHES/android_vendor_qcom_opensource_system_bt/385593.patch"; #R_asb_2024-03 Fix a security bypass issue in access_secure_service_from_temp_bond
|
||||||
applyPatch "$DOS_PATCHES/android_vendor_qcom_opensource_system_bt/397546.patch"; #R_asb_2024-07 Fix an authentication bypass bug in SMP
|
applyPatch "$DOS_PATCHES/android_vendor_qcom_opensource_system_bt/397546.patch"; #R_asb_2024-07 Fix an authentication bypass bug in SMP
|
||||||
|
applyPatch "$DOS_PATCHES/android_vendor_qcom_opensource_system_bt/399743.patch"; #R_asb_2024-08 Fix heap-buffer overflow in sdp_utils.cc
|
||||||
fi;
|
fi;
|
||||||
|
|
||||||
if enterAndClear "vendor/lineage"; then
|
if enterAndClear "vendor/lineage"; then
|
||||||
|
Loading…
Reference in New Issue
Block a user