Signed-off-by: Tavi <tavi@divested.dev>
This commit is contained in:
Tavi 2024-09-08 09:48:56 -04:00
parent 363b0ad58a
commit 6ac71b418a
No known key found for this signature in database
GPG Key ID: E599F62ECBAEAF2E
8 changed files with 23 additions and 98 deletions

View File

@ -1,4 +1,4 @@
From 42e379fa4967a4841931310b9308e5ff66e2be00 Mon Sep 17 00:00:00 2001
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Pinyao Ting <pinyaoting@google.com>
Date: Thu, 30 Nov 2023 23:12:39 +0000
Subject: [PATCH] Added throttle when reporting shortcut usage
@ -15,10 +15,10 @@ Change-Id: I96370cbd4f6a55f894c1a93307e5f82dfd394652
3 files changed, 41 insertions(+), 8 deletions(-)
diff --git a/services/core/java/com/android/server/pm/ShortcutPackage.java b/services/core/java/com/android/server/pm/ShortcutPackage.java
index 38d69ed287e1c..b8d0120f3db62 100644
index 0a98002feb14..36e775a3a237 100644
--- a/services/core/java/com/android/server/pm/ShortcutPackage.java
+++ b/services/core/java/com/android/server/pm/ShortcutPackage.java
@@ -19,17 +19,20 @@
@@ -19,17 +19,20 @@ import android.annotation.NonNull;
import android.annotation.Nullable;
import android.annotation.UserIdInt;
import android.content.ComponentName;
@ -61,7 +61,7 @@ index 38d69ed287e1c..b8d0120f3db62 100644
private ShortcutPackage(ShortcutUser shortcutUser,
int packageUserId, String packageName, ShortcutPackageInfo spi) {
super(shortcutUser, packageUserId, packageName,
@@ -1144,6 +1155,30 @@ public boolean hasNonManifestShortcuts() {
@@ -1144,6 +1155,30 @@ class ShortcutPackage extends ShortcutPackageItem {
return false;
}
@ -93,10 +93,10 @@ index 38d69ed287e1c..b8d0120f3db62 100644
pw.println();
diff --git a/services/core/java/com/android/server/pm/ShortcutService.java b/services/core/java/com/android/server/pm/ShortcutService.java
index 944f75345df6f..02b923384a836 100644
index 2cfc3461c697..6d57f7163b87 100644
--- a/services/core/java/com/android/server/pm/ShortcutService.java
+++ b/services/core/java/com/android/server/pm/ShortcutService.java
@@ -290,7 +290,7 @@ public boolean test(PackageInfo pi) {
@@ -290,7 +290,7 @@ public class ShortcutService extends IShortcutService.Stub {
private CompressFormat mIconPersistFormat;
private int mIconPersistQuality;
@ -105,7 +105,7 @@ index 944f75345df6f..02b923384a836 100644
private final IPackageManager mIPackageManager;
private final PackageManagerInternal mPackageManagerInternal;
@@ -2041,10 +2041,11 @@ public void reportShortcutUsed(String packageName, String shortcutId, int userId
@@ -2045,10 +2045,11 @@ public class ShortcutService extends IShortcutService.Stub {
shortcutId, packageName, userId));
}
@ -118,7 +118,7 @@ index 944f75345df6f..02b923384a836 100644
if (ps.findShortcutById(shortcutId) == null) {
Log.w(TAG, String.format("reportShortcutUsed: package %s doesn't have shortcut %s",
@@ -2053,12 +2054,7 @@ public void reportShortcutUsed(String packageName, String shortcutId, int userId
@@ -2057,12 +2058,7 @@ public class ShortcutService extends IShortcutService.Stub {
}
}
@ -133,10 +133,10 @@ index 944f75345df6f..02b923384a836 100644
/**
diff --git a/services/tests/servicestests/src/com/android/server/pm/ShortcutManagerTest2.java b/services/tests/servicestests/src/com/android/server/pm/ShortcutManagerTest2.java
index d25923c019cac..149037df2ff16 100644
index 6b86ef0e0704..579657981ff9 100644
--- a/services/tests/servicestests/src/com/android/server/pm/ShortcutManagerTest2.java
+++ b/services/tests/servicestests/src/com/android/server/pm/ShortcutManagerTest2.java
@@ -1799,6 +1799,8 @@ public void testThrottling_resetByInternalCall() throws Exception {
@@ -1809,6 +1809,8 @@ public class ShortcutManagerTest2 extends BaseShortcutManagerTest {
public void testReportShortcutUsed() {
mRunningUsers.put(USER_10, true);

View File

@ -1,4 +1,4 @@
From 973d345da476bc0b9ce7618625dac9184d6d001e Mon Sep 17 00:00:00 2001
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Kiran Ramachandra <kiranmr@google.com>
Date: Thu, 30 May 2024 21:21:12 +0000
Subject: [PATCH] DO NOT MERGE Ignore - Sanitized uri scheme by removing scheme
@ -14,83 +14,8 @@ No-Typo-Check: The unit test is specifically written to test few cases, string "
NOTE FOR REVIEWERS - original patch and result patch are not identical.
PLEASE REVIEW CAREFULLY.
Diffs between the patches:
@AsbSecurityTest(cveBugId = 261721900)
> + @SmallTest
> + public void testSchemeSanitization() {
> + Uri uri = new Uri.Builder()
> + .scheme("http://https://evil.com:/te:st/")
> + .authority("google.com").path("one/way").build();
> + assertEquals("httphttpsevil.com:/te:st/", uri.getScheme());
> + assertEquals("httphttpsevil.com:/te:st/://google.com/one/way", uri.toString());
> + }
> +
[tad: comment removed as am reporting "corrupt patch"]
Original patch:
diff --git a/core/java/android/net/Uri.java b/core/java/android/net/Uri.java
old mode 100644
new mode 100644
Change-Id: I3c78085473351b6f424ced5e6365d5ced05ee689
--- a/core/java/android/net/Uri.java
+++ b/core/java/android/net/Uri.java
@@ -1388,7 +1388,11 @@
* @param scheme name or {@code null} if this is a relative Uri
*/
public Builder scheme(String scheme) {
- this.scheme = scheme;
+ if (scheme != null) {
+ this.scheme = scheme.replace("://", "");
+ } else {
+ this.scheme = null;
+ }
return this;
}
diff --git a/core/tests/coretests/src/android/net/UriTest.java b/core/tests/coretests/src/android/net/UriTest.java
old mode 100644
new mode 100644
--- a/core/tests/coretests/src/android/net/UriTest.java
+++ b/core/tests/coretests/src/android/net/UriTest.java
@@ -87,6 +87,16 @@
assertNull(u.getAuthority());
assertNull(u.getHost());
}
+
+ @AsbSecurityTest(cveBugId = 261721900)
+ @SmallTest
+ public void testSc
[[[Original patch trimmed due to size. Decoded string size: 1426. Decoded string SHA1: 55d69e9f854938457b2d98b18776898b16c2dd54.]]]
Result patch:
diff --git a/core/java/android/net/Uri.java b/core/java/android/net/Uri.java
index 3da696a..f0262e9 100644
--- a/core/java/android/net/Uri.java
+++ b/core/java/android/net/Uri.java
@@ -1388,7 +1388,11 @@
* @param scheme name or {@code null} if this is a relative Uri
*/
public Builder scheme(String scheme) {
- this.scheme = scheme;
+ if (scheme != null) {
+ this.scheme = scheme.replace("://", "");
+ } else {
+ this.scheme = null;
+ }
return this;
}
diff --git a/core/tests/coretests/src/android/net/UriTest.java b/core/tests/coretests/src/android/net/UriTest.java
index 89632a4..8c130ee 100644
--- a/core/tests/coretests/src/android/net/UriTest.java
+++ b/core/tests/coretests/src/android/net/UriTest.java
@@ -88,6 +88,16 @@
assertNull(u.getHost());
}
+ @AsbSecurityTest(cveBugId = 261721900)
+ @SmallTest
+ public void testSchemeSanitization() {
+ Uri uri = new
[[[Result patch trimmed due to size. Decoded string size: 1417. Decoded string SHA1: f9ce831a369872ae9bfd9f50f01dd394682e0f3f.]]]
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:557941ca0cf59da66db4fad12c2139ce80922f4a)
Merged-In: Icab100bd4ae9b1c8245e6f891ad22101bda5eea5
@ -101,10 +26,10 @@ Change-Id: Icab100bd4ae9b1c8245e6f891ad22101bda5eea5
2 files changed, 16 insertions(+), 1 deletion(-)
diff --git a/core/java/android/net/Uri.java b/core/java/android/net/Uri.java
index 6c069be07e3ec..9b7153ba7076e 100644
index 24941a4055f3..f413896e4576 100644
--- a/core/java/android/net/Uri.java
+++ b/core/java/android/net/Uri.java
@@ -1347,7 +1347,11 @@ public Builder() {}
@@ -1350,7 +1350,11 @@ public abstract class Uri implements Parcelable, Comparable<Uri> {
* @param scheme name or {@code null} if this is a relative Uri
*/
public Builder scheme(String scheme) {
@ -118,10 +43,10 @@ index 6c069be07e3ec..9b7153ba7076e 100644
}
diff --git a/core/tests/coretests/src/android/net/UriTest.java b/core/tests/coretests/src/android/net/UriTest.java
index ea0347d67ad74..6c9fdd5a83a78 100644
index ea0347d67ad7..6c9fdd5a83a7 100644
--- a/core/tests/coretests/src/android/net/UriTest.java
+++ b/core/tests/coretests/src/android/net/UriTest.java
@@ -18,6 +18,7 @@
@@ -18,6 +18,7 @@ package android.net;
import android.content.ContentUris;
import android.os.Parcel;
@ -129,7 +54,7 @@ index ea0347d67ad74..6c9fdd5a83a78 100644
import android.test.suitebuilder.annotation.SmallTest;
import junit.framework.TestCase;
@@ -83,6 +84,16 @@ public void testBuildUponOpaqueStringUri() {
@@ -83,6 +84,16 @@ public class UriTest extends TestCase {
assertNull(u.getHost());
}

View File

@ -1,4 +1,4 @@
From 16cf36cd7d7beb9d108da511da90ab4b404ea7bb Mon Sep 17 00:00:00 2001
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Chaohui Wang <chaohuiw@google.com>
Date: Thu, 2 Nov 2023 11:43:00 +0800
Subject: [PATCH] Limit wifi item edit content's max length to 500

View File

@ -177,7 +177,7 @@ enableAVB "device/xiaomi/whyred";
[[ -d kernel/essential/msm8998 ]] && sed -i 's/slotselect/slotselect,verify/' kernel/essential/msm8998/arch/arm64/boot/dts/essential/msm8998-mata-lineage.dtsi &>/dev/null; #/vendor
[[ -d kernel/google/marlin ]] && sed -i 's/wait,slotselect/wait,slotselect,verify/' kernel/google/marlin/arch/arm64/boot/dts/htc/msm8996-htc-common.dtsi &>/dev/null; #/vendor
#[[ -d kernel/htc/flounder ]] && sed -i 's/wait/wait,verify/g' kernel/htc/flounder/arch/arm64/boot/dts/tegra132.dtsi &>/dev/null; #/system #XXX: no boot
[[ -d kernel/moto/shamu ]] && sed -i 's/wait/wait,verify/g' kernel/moto/shamu/arch/arm/boot/dts/qcom/apq8084.dtsi &>/dev/null; #/system
[[ -d kernel/moto/shamu ]] && sed -i 's/wait/wait,verify/g' kernel/moto/shamu/arch/arm/boot/dts/qcom/apq8084.dtsi &>/dev/null; #/system
[[ -d kernel/oneplus/msm8996 ]] && sed -i 's/wait/wait,verify/g' kernel/oneplus/msm8996/arch/arm/boot/dts/qcom/15801/msm8996-mtp.dtsi &>/dev/null; #/system
[[ -d kernel/oneplus/msm8998 ]] && sed -i 's/wait/wait,verify/g' kernel/oneplus/msm8998/arch/arm/boot/dts/qcom/cheeseburger.dtsi &>/dev/null; #/system and /vendor
[[ -d kernel/oneplus/msm8998 ]] && sed -i 's/wait/wait,verify/g' kernel/oneplus/msm8998/arch/arm/boot/dts/qcom/dumpling.dtsi &>/dev/null; #/system and /vendor

View File

@ -157,7 +157,7 @@ do
done
#4.14
declare -a fourDotFourteen=("${fourDotNine[@]}" "android_kernel_google_msm-4.14.sh" "android_kernel_xiaomi_sm6150.sh" "android_kernel_oneplus_sm8150.sh" "android_kernel_xiaomi_sm8150.sh" "android_kernel_xiaomi_vayu.sh");
declare -a fourDotFourteen=("${fourDotNine[@]}" "android_kernel_google_msm-4.14.sh" "android_kernel_xiaomi_sm6150.sh" "android_kernel_oneplus_sm8150.sh" "android_kernel_xiaomi_sm8150.sh" "android_kernel_xiaomi_vayu.sh");
for script in "${fourDotFourteen[@]}"
do
commentPatches $script "CVE-2019-19252/4.19" "CVE-2021-46921/4.19" "CVE-2023-51043/4.19" "CVE-2024-38618" "CVE-2023-52486/^6.7" "CVE-2024-35910";

View File

@ -297,7 +297,7 @@ applyPatch "$DOS_PATCHES/android_frameworks_base/393648.patch"; #n-asb-2024-06 C
applyPatch "$DOS_PATCHES/android_frameworks_base/393649.patch"; #n-asb-2024-06 AccessibilityManagerService: remove uninstalled services from enabled list after service update.
applyPatch "$DOS_PATCHES/android_frameworks_base/396611.patch"; #n-asb-2024-07 Verify UID of incoming Zygote connections.
applyPatch "$DOS_PATCHES/android_frameworks_base/399269.patch"; #n-asb-2024-08 Restrict USB poups while setup is in progress
applyPatch "$DOS_PATCHES/android_frameworks_base/400926.patch"; #n-asb-2024-09 Sanitized uri scheme by removing scheme delimiter
applyPatch "$DOS_PATCHES/android_frameworks_base/400926.patch"; #n-asb-2024-09 Sanitized uri scheme by removing scheme delimiter
git revert --no-edit 0326bb5e41219cf502727c3aa44ebf2daa19a5b3; #Re-enable doze on devices without gms
applyPatch "$DOS_PATCHES/android_frameworks_base/248599.patch"; #Make SET_TIME_ZONE permission match SET_TIME (AOSP)
applyPatch "$DOS_PATCHES/android_frameworks_base/0001-Reduced_Resolution.patch"; #Allow reducing resolution to save power TODO: Add 800x480 (DivestOS)

View File

@ -147,7 +147,7 @@ enableDexPreOpt() {
echo "WITH_DEXPREOPT := true" >> BoardConfig.mk;
echo "WITH_DEXPREOPT_DEBUG_INFO := false" >> BoardConfig.mk;
#m8*, jflte*: /system partition too small
if [ "$1" != "device/htc/m8" ] && [ "$1" != "device/htc/m8d" ] && [ "$1" != "device/samsung/jactivelte" ] && [ "$1" != "device/samsung/jfltexx" ] && [ "$1" != "device/samsung/jflteatt" ] && [ "$1" != "device/samsung/jfltespr" ] && [ "$1" != "device/samsung/jfltevzw" ] && [ "$1" != "device/samsung/jfvelte" ]; then
if [ "$1" != "device/htc/m8" ] && [ "$1" != "device/htc/m8d" ] && [ "$1" != "device/samsung/jactivelte" ] && [ "$1" != "device/samsung/jfltexx" ] && [ "$1" != "device/samsung/jflteatt" ] && [ "$1" != "device/samsung/jfltespr" ] && [ "$1" != "device/samsung/jfltevzw" ] && [ "$1" != "device/samsung/jfvelte" ]; then
echo "WITH_DEXPREOPT_BOOT_IMG_AND_SYSTEM_SERVER_ONLY := false" >> BoardConfig.mk;
echo "Enabled full dexpreopt for $1";
else

View File

@ -537,7 +537,7 @@ awk -i inplace '!/speed-profile/' build/target/product/lowram.mk; #breaks compil
if [ -d "$DOS_BUILD_BASE"/vendor/divested-carriersettings ]; then
echo "Including CarrierConfig2 & CarrierSettings2";
echo 'ifneq ($(BOARD_WITHOUT_RADIO),true)' >> divestos.mk;
echo "PRODUCT_PACKAGES += CarrierConfig2" >> divestos.mk;
echo "PRODUCT_PACKAGES += CarrierConfig2" >> divestos.mk;
echo "include vendor/divested-carriersettings/CarrierSettings2.mk" >> divestos.mk;
echo "endif" >> divestos.mk;
fi;