mirror of
https://github.com/Divested-Mobile/DivestOS-Build.git
synced 2024-10-01 01:35:54 -04:00
19.1: July 2024 ASB work
Signed-off-by: Tavi <tavi@divested.dev>
This commit is contained in:
parent
236a403d12
commit
7182e4d63a
@ -23,7 +23,7 @@ index c33437d946d8..0526ce1ef25d 100644
|
||||
<!-- Allows applications to access information about networks.
|
||||
<p>Protection level: normal
|
||||
diff --git a/services/core/java/com/android/server/pm/permission/PermissionManagerService.java b/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
|
||||
index fb0167d80fda..1aa703adee58 100644
|
||||
index c3a2332e8a16..e098943661b0 100644
|
||||
--- a/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
|
||||
+++ b/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
|
||||
@@ -2633,7 +2633,7 @@ public class PermissionManagerService extends IPermissionManager.Stub {
|
||||
|
@ -99,7 +99,7 @@ index 27c9026c863a..4a8624222ae8 100644
|
||||
<string name="permlab_readCalendar">Read calendar events and details</string>
|
||||
<!-- Description of an application permission, listed so the user can choose whether they want to allow the application to do this. -->
|
||||
diff --git a/services/core/java/com/android/server/pm/permission/PermissionManagerService.java b/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
|
||||
index 1aa703adee58..b4240a3a944e 100644
|
||||
index e098943661b0..534377d269b9 100644
|
||||
--- a/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
|
||||
+++ b/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
|
||||
@@ -2633,7 +2633,7 @@ public class PermissionManagerService extends IPermissionManager.Stub {
|
||||
|
@ -8,7 +8,7 @@ Subject: [PATCH] extend special runtime permission implementation
|
||||
1 file changed, 5 insertions(+), 5 deletions(-)
|
||||
|
||||
diff --git a/services/core/java/com/android/server/pm/permission/PermissionManagerService.java b/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
|
||||
index 917a32193409..fb0167d80fda 100644
|
||||
index ab4f7821eba9..c3a2332e8a16 100644
|
||||
--- a/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
|
||||
+++ b/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
|
||||
@@ -1882,7 +1882,7 @@ public class PermissionManagerService extends IPermissionManager.Stub {
|
||||
|
@ -20,7 +20,7 @@ Signed-off-by: Danny Lin <danny@kdrag0n.dev>
|
||||
1 file changed, 20 insertions(+), 5 deletions(-)
|
||||
|
||||
diff --git a/services/core/java/com/android/server/pm/permission/PermissionManagerService.java b/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
|
||||
index 31babe0418b8..917a32193409 100644
|
||||
index 93f9e1c2295c..ab4f7821eba9 100644
|
||||
--- a/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
|
||||
+++ b/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
|
||||
@@ -1526,7 +1526,8 @@ public class PermissionManagerService extends IPermissionManager.Stub {
|
||||
|
@ -145,7 +145,7 @@ index 6860759eea8a..a2eef62f80be 100644
|
||||
OsConstants._LINUX_CAPABILITY_VERSION_3, 0);
|
||||
StructCapUserData[] data;
|
||||
diff --git a/core/java/com/android/internal/os/ZygoteConnection.java b/core/java/com/android/internal/os/ZygoteConnection.java
|
||||
index 993e4e7b4b3d..c3e6e0453b50 100644
|
||||
index 765901a043a0..199ab0093f55 100644
|
||||
--- a/core/java/com/android/internal/os/ZygoteConnection.java
|
||||
+++ b/core/java/com/android/internal/os/ZygoteConnection.java
|
||||
@@ -29,6 +29,7 @@ import android.net.Credentials;
|
||||
@ -156,7 +156,7 @@ index 993e4e7b4b3d..c3e6e0453b50 100644
|
||||
import android.os.Trace;
|
||||
import android.system.ErrnoException;
|
||||
import android.system.Os;
|
||||
@@ -247,7 +248,7 @@ class ZygoteConnection {
|
||||
@@ -250,7 +251,7 @@ class ZygoteConnection {
|
||||
fdsToClose[1] = zygoteFd.getInt$();
|
||||
}
|
||||
|
||||
@ -165,7 +165,7 @@ index 993e4e7b4b3d..c3e6e0453b50 100644
|
||||
|| !multipleOK || peer.getUid() != Process.SYSTEM_UID) {
|
||||
// Continue using old code for now. TODO: Handle these cases in the other path.
|
||||
pid = Zygote.forkAndSpecialize(parsedArgs.mUid, parsedArgs.mGid,
|
||||
@@ -535,6 +536,13 @@ class ZygoteConnection {
|
||||
@@ -538,6 +539,13 @@ class ZygoteConnection {
|
||||
throw new IllegalStateException("WrapperInit.execApplication unexpectedly returned");
|
||||
} else {
|
||||
if (!isZygote) {
|
||||
|
@ -78,10 +78,10 @@ index 6d4b8c5ea1ad..1f0ac0bd6520 100644
|
||||
+ public static native void nativeHandleRuntimeFlags(int runtimeFlags);
|
||||
}
|
||||
diff --git a/core/java/com/android/internal/os/ZygoteConnection.java b/core/java/com/android/internal/os/ZygoteConnection.java
|
||||
index 4573cb2c0b59..9cc90f3ac142 100644
|
||||
index d4844be2b381..f58d6102257a 100644
|
||||
--- a/core/java/com/android/internal/os/ZygoteConnection.java
|
||||
+++ b/core/java/com/android/internal/os/ZygoteConnection.java
|
||||
@@ -539,7 +539,7 @@ class ZygoteConnection {
|
||||
@@ -542,7 +542,7 @@ class ZygoteConnection {
|
||||
if (SystemProperties.getBoolean("sys.spawn.exec", false) &&
|
||||
(parsedArgs.mRuntimeFlags & ApplicationInfo.FLAG_DEBUGGABLE) == 0) {
|
||||
ExecInit.execApplication(parsedArgs.mNiceName, parsedArgs.mTargetSdkVersion,
|
||||
|
@ -10,10 +10,10 @@ spawning when doing debugging.
|
||||
1 file changed, 2 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/core/java/com/android/internal/os/ZygoteConnection.java b/core/java/com/android/internal/os/ZygoteConnection.java
|
||||
index c3e6e0453b50..4573cb2c0b59 100644
|
||||
index 199ab0093f55..d4844be2b381 100644
|
||||
--- a/core/java/com/android/internal/os/ZygoteConnection.java
|
||||
+++ b/core/java/com/android/internal/os/ZygoteConnection.java
|
||||
@@ -536,7 +536,8 @@ class ZygoteConnection {
|
||||
@@ -539,7 +539,8 @@ class ZygoteConnection {
|
||||
throw new IllegalStateException("WrapperInit.execApplication unexpectedly returned");
|
||||
} else {
|
||||
if (!isZygote) {
|
||||
|
@ -0,0 +1,13 @@
|
||||
diff --git a/core/java/android/companion/AssociationRequest.java b/core/java/android/companion/AssociationRequest.java
|
||||
index bb8fa9e..6b836ad 100644
|
||||
--- a/core/java/android/companion/AssociationRequest.java
|
||||
+++ b/core/java/android/companion/AssociationRequest.java
|
||||
@@ -148,7 +148,7 @@
|
||||
|
||||
/** @hide */
|
||||
public void setSkipPrompt(boolean value) {
|
||||
- mSkipPrompt = true;
|
||||
+ mSkipPrompt = value;
|
||||
}
|
||||
|
||||
/** @hide */
|
82
Patches/LineageOS-19.1/android_frameworks_base/397375.patch
Normal file
82
Patches/LineageOS-19.1/android_frameworks_base/397375.patch
Normal file
@ -0,0 +1,82 @@
|
||||
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
||||
From: Bishoy Gendy <bishoygendy@google.com>
|
||||
Date: Thu, 11 Apr 2024 16:37:10 +0000
|
||||
Subject: [PATCH] Fix security vulnerability allowing apps to start from
|
||||
background
|
||||
|
||||
Bug: 317048338
|
||||
Test: Using the steps in b/317048338#comment12
|
||||
(cherry picked from commit c5fc8ea92c0aabbb2fdccc23b743c18a8bf62e64)
|
||||
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:df3584bb93ab89d7e174f7d39e42d4b22cb92fe0)
|
||||
Merged-In: Ia91199fdb23beed27bde687fdca8fe5d3a5a4759
|
||||
Change-Id: Ia91199fdb23beed27bde687fdca8fe5d3a5a4759
|
||||
---
|
||||
.../media/session/ParcelableListBinder.java | 13 +++++++++++--
|
||||
.../android/server/media/MediaSessionRecord.java | 14 ++++++++------
|
||||
2 files changed, 19 insertions(+), 8 deletions(-)
|
||||
|
||||
diff --git a/media/java/android/media/session/ParcelableListBinder.java b/media/java/android/media/session/ParcelableListBinder.java
|
||||
index bbf1e0889b68..d78828462b1e 100644
|
||||
--- a/media/java/android/media/session/ParcelableListBinder.java
|
||||
+++ b/media/java/android/media/session/ParcelableListBinder.java
|
||||
@@ -45,6 +45,7 @@ public class ParcelableListBinder<T extends Parcelable> extends Binder {
|
||||
private static final int END_OF_PARCEL = 0;
|
||||
private static final int ITEM_CONTINUED = 1;
|
||||
|
||||
+ private final Class<T> mListElementsClass;
|
||||
private final Consumer<List<T>> mConsumer;
|
||||
|
||||
private final Object mLock = new Object();
|
||||
@@ -61,9 +62,11 @@ public class ParcelableListBinder<T extends Parcelable> extends Binder {
|
||||
/**
|
||||
* Creates an instance.
|
||||
*
|
||||
+ * @param listElementsClass the class of the list elements.
|
||||
* @param consumer a consumer that consumes the list received
|
||||
*/
|
||||
- public ParcelableListBinder(@NonNull Consumer<List<T>> consumer) {
|
||||
+ public ParcelableListBinder(Class<T> listElementsClass, @NonNull Consumer<List<T>> consumer) {
|
||||
+ mListElementsClass = listElementsClass;
|
||||
mConsumer = consumer;
|
||||
}
|
||||
|
||||
@@ -83,7 +86,13 @@ public class ParcelableListBinder<T extends Parcelable> extends Binder {
|
||||
mCount = data.readInt();
|
||||
}
|
||||
while (i < mCount && data.readInt() != END_OF_PARCEL) {
|
||||
- mList.add(data.readParcelable(null));
|
||||
+ Object object = data.readParcelable(null);
|
||||
+ if (mListElementsClass.isAssignableFrom(object.getClass())) {
|
||||
+ // Checking list items are of compaitible types to validate against malicious
|
||||
+ // apps calling it directly via reflection with non compilable items.
|
||||
+ // See b/317048338 for more details
|
||||
+ mList.add((T) object);
|
||||
+ }
|
||||
i++;
|
||||
}
|
||||
if (i >= mCount) {
|
||||
diff --git a/services/core/java/com/android/server/media/MediaSessionRecord.java b/services/core/java/com/android/server/media/MediaSessionRecord.java
|
||||
index 66adbad5372e..a0679d7457a0 100644
|
||||
--- a/services/core/java/com/android/server/media/MediaSessionRecord.java
|
||||
+++ b/services/core/java/com/android/server/media/MediaSessionRecord.java
|
||||
@@ -1095,12 +1095,14 @@ public class MediaSessionRecord implements IBinder.DeathRecipient, MediaSessionR
|
||||
|
||||
@Override
|
||||
public IBinder getBinderForSetQueue() throws RemoteException {
|
||||
- return new ParcelableListBinder<QueueItem>((list) -> {
|
||||
- synchronized (mLock) {
|
||||
- mQueue = list;
|
||||
- }
|
||||
- mHandler.post(MessageHandler.MSG_UPDATE_QUEUE);
|
||||
- });
|
||||
+ return new ParcelableListBinder<QueueItem>(
|
||||
+ QueueItem.class,
|
||||
+ (list) -> {
|
||||
+ synchronized (mLock) {
|
||||
+ mQueue = list;
|
||||
+ }
|
||||
+ mHandler.post(MessageHandler.MSG_UPDATE_QUEUE);
|
||||
+ });
|
||||
}
|
||||
|
||||
@Override
|
@ -0,0 +1,37 @@
|
||||
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
||||
From: Yi-an Chen <theianchen@google.com>
|
||||
Date: Tue, 23 Apr 2024 21:17:44 +0000
|
||||
Subject: [PATCH] Fix security vulnerability of non-dynamic permission removal
|
||||
|
||||
The original removePermission() code in PermissionManagerServiceImpl
|
||||
missed a logical negation operator when handling non-dynamic
|
||||
permissions, causing both
|
||||
testPermissionPermission_nonDynamicPermission_permissionUnchanged and
|
||||
testRemovePermission_dynamicPermission_permissionRemoved tests in
|
||||
DynamicPermissionsTest to fail.
|
||||
|
||||
The corresponding test DynamicPermissionsTest is also updated in the
|
||||
other CL: ag/27073864
|
||||
|
||||
Bug: 321711213
|
||||
Test: DynamicPermissionsTest on sc-dev and tm-dev locally
|
||||
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:0ead58f69f5de82b00406316b333366d556239f1)
|
||||
Merged-In: Ia146d4098643d9c473f8c83d33a8a125a53101fc
|
||||
Change-Id: Ia146d4098643d9c473f8c83d33a8a125a53101fc
|
||||
---
|
||||
.../android/server/pm/permission/PermissionManagerService.java | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/services/core/java/com/android/server/pm/permission/PermissionManagerService.java b/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
|
||||
index 31babe0418b8..93f9e1c2295c 100644
|
||||
--- a/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
|
||||
+++ b/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
|
||||
@@ -687,7 +687,7 @@ public class PermissionManagerService extends IPermissionManager.Stub {
|
||||
if (bp == null) {
|
||||
return;
|
||||
}
|
||||
- if (bp.isDynamic()) {
|
||||
+ if (!bp.isDynamic()) {
|
||||
// TODO: switch this back to SecurityException
|
||||
Slog.wtf(TAG, "Not allowed to modify non-dynamic permission "
|
||||
+ permName);
|
@ -0,0 +1,175 @@
|
||||
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
||||
From: Martijn Coenen <maco@google.com>
|
||||
Date: Thu, 29 Feb 2024 12:03:05 +0000
|
||||
Subject: [PATCH] Verify UID of incoming Zygote connections.
|
||||
|
||||
Only the system UID should be allowed to connect to the Zygote. While
|
||||
for generic Zygotes this is also covered by SELinux policy, this is not
|
||||
true for App Zygotes: the preload code running in an app zygote could
|
||||
connect to another app zygote socket, if it had access to its (random)
|
||||
socket address.
|
||||
|
||||
On the Java layer, simply check the UID when the connection is made. In
|
||||
the native layer, this check was already present, but it actually didn't
|
||||
work in the case where we receive a new incoming connection on the
|
||||
socket, and receive a 'non-fork' command: in that case, we will simply
|
||||
exit the native loop, and let the Java layer handle the command, without
|
||||
any further UID checking.
|
||||
|
||||
Modified the native logic to drop new connections with a mismatching
|
||||
UID, and to keep serving the existing connection (if it was still
|
||||
there).
|
||||
|
||||
Bug: 319081336
|
||||
Test: manual
|
||||
(cherry picked from commit 2ffc7cb220e4220b7e108c4043a3f0f2a85b6508)
|
||||
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:f1d4b34ad51b6ccb84ab042486923da8b2451e0f)
|
||||
Merged-In: I3f85a17107849e2cd3e82d6ef15c90b9e2f26532
|
||||
Change-Id: I3f85a17107849e2cd3e82d6ef15c90b9e2f26532
|
||||
---
|
||||
.../android/internal/os/ZygoteConnection.java | 3 +
|
||||
...ndroid_internal_os_ZygoteCommandBuffer.cpp | 81 ++++++++++++-------
|
||||
2 files changed, 56 insertions(+), 28 deletions(-)
|
||||
|
||||
diff --git a/core/java/com/android/internal/os/ZygoteConnection.java b/core/java/com/android/internal/os/ZygoteConnection.java
|
||||
index 993e4e7b4b3d..765901a043a0 100644
|
||||
--- a/core/java/com/android/internal/os/ZygoteConnection.java
|
||||
+++ b/core/java/com/android/internal/os/ZygoteConnection.java
|
||||
@@ -93,6 +93,9 @@ class ZygoteConnection {
|
||||
throw ex;
|
||||
}
|
||||
|
||||
+ if (peer.getUid() != Process.SYSTEM_UID) {
|
||||
+ throw new ZygoteSecurityException("Only system UID is allowed to connect to Zygote.");
|
||||
+ }
|
||||
isEof = false;
|
||||
}
|
||||
|
||||
diff --git a/core/jni/com_android_internal_os_ZygoteCommandBuffer.cpp b/core/jni/com_android_internal_os_ZygoteCommandBuffer.cpp
|
||||
index 248db76da71d..1ad64d58b7c9 100644
|
||||
--- a/core/jni/com_android_internal_os_ZygoteCommandBuffer.cpp
|
||||
+++ b/core/jni/com_android_internal_os_ZygoteCommandBuffer.cpp
|
||||
@@ -341,6 +341,18 @@ jstring com_android_internal_os_ZygoteCommandBuffer_nativeNextArg(JNIEnv* env, j
|
||||
return result;
|
||||
}
|
||||
|
||||
+static uid_t getSocketPeerUid(int socket, const std::function<void(const std::string&)>& fail_fn) {
|
||||
+ struct ucred credentials;
|
||||
+ socklen_t cred_size = sizeof credentials;
|
||||
+ if (getsockopt(socket, SOL_SOCKET, SO_PEERCRED, &credentials, &cred_size) == -1
|
||||
+ || cred_size != sizeof credentials) {
|
||||
+ fail_fn(CREATE_ERROR("Failed to get socket credentials, %s",
|
||||
+ strerror(errno)));
|
||||
+ }
|
||||
+
|
||||
+ return credentials.uid;
|
||||
+}
|
||||
+
|
||||
// Read all lines from the current command into the buffer, and then reset the buffer, so
|
||||
// we will start reading again at the beginning of the command, starting with the argument
|
||||
// count. And we don't need access to the fd to do so.
|
||||
@@ -398,18 +410,12 @@ jboolean com_android_internal_os_ZygoteCommandBuffer_nativeForkRepeatedly(
|
||||
fail_fn_z("Failed to retrieve session socket timeout");
|
||||
}
|
||||
|
||||
- struct ucred credentials;
|
||||
- socklen_t cred_size = sizeof credentials;
|
||||
- if (getsockopt(n_buffer->getFd(), SOL_SOCKET, SO_PEERCRED, &credentials, &cred_size) == -1
|
||||
- || cred_size != sizeof credentials) {
|
||||
- fail_fn_1(CREATE_ERROR("ForkMany failed to get initial credentials, %s", strerror(errno)));
|
||||
+ uid_t peerUid = getSocketPeerUid(session_socket, fail_fn_1);
|
||||
+ if (peerUid != static_cast<uid_t>(expected_uid)) {
|
||||
+ return JNI_FALSE;
|
||||
}
|
||||
-
|
||||
bool first_time = true;
|
||||
do {
|
||||
- if (credentials.uid != expected_uid) {
|
||||
- return JNI_FALSE;
|
||||
- }
|
||||
n_buffer->readAllLines(first_time ? fail_fn_1 : fail_fn_n);
|
||||
n_buffer->reset();
|
||||
int pid = zygote::forkApp(env, /* no pipe FDs */ -1, -1, session_socket_fds,
|
||||
@@ -439,30 +445,56 @@ jboolean com_android_internal_os_ZygoteCommandBuffer_nativeForkRepeatedly(
|
||||
// Clear buffer and get count from next command.
|
||||
n_buffer->clear();
|
||||
for (;;) {
|
||||
+ bool valid_session_socket = true;
|
||||
// Poll isn't strictly necessary for now. But without it, disconnect is hard to detect.
|
||||
int poll_res = TEMP_FAILURE_RETRY(poll(fd_structs, 2, -1 /* infinite timeout */));
|
||||
if ((fd_structs[SESSION_IDX].revents & POLLIN) != 0) {
|
||||
if (n_buffer->getCount(fail_fn_z) != 0) {
|
||||
break;
|
||||
- } // else disconnected;
|
||||
+ } else {
|
||||
+ // Session socket was disconnected
|
||||
+ valid_session_socket = false;
|
||||
+ close(session_socket);
|
||||
+ }
|
||||
} else if (poll_res == 0 || (fd_structs[ZYGOTE_IDX].revents & POLLIN) == 0) {
|
||||
fail_fn_z(
|
||||
CREATE_ERROR("Poll returned with no descriptors ready! Poll returned %d", poll_res));
|
||||
}
|
||||
- // We've now seen either a disconnect or connect request.
|
||||
- close(session_socket);
|
||||
- int new_fd = TEMP_FAILURE_RETRY(accept(zygote_socket_fd, nullptr, nullptr));
|
||||
+ int new_fd = -1;
|
||||
+ do {
|
||||
+ // We've now seen either a disconnect or connect request.
|
||||
+ new_fd = TEMP_FAILURE_RETRY(accept(zygote_socket_fd, nullptr, nullptr));
|
||||
+ if (new_fd == -1) {
|
||||
+ fail_fn_z(CREATE_ERROR("Accept(%d) failed: %s", zygote_socket_fd, strerror(errno)));
|
||||
+ }
|
||||
+ uid_t newPeerUid = getSocketPeerUid(new_fd, fail_fn_1);
|
||||
+ if (newPeerUid != static_cast<uid_t>(expected_uid)) {
|
||||
+ ALOGW("Dropping new connection with a mismatched uid %d\n", newPeerUid);
|
||||
+ close(new_fd);
|
||||
+ new_fd = -1;
|
||||
+ } else {
|
||||
+ // If we still have a valid session socket, close it now
|
||||
+ if (valid_session_socket) {
|
||||
+ close(session_socket);
|
||||
+ }
|
||||
+ valid_session_socket = true;
|
||||
+ }
|
||||
+ } while (!valid_session_socket);
|
||||
+
|
||||
+ // At this point we either have a valid new connection (new_fd > 0), or
|
||||
+ // an existing session socket we can poll on
|
||||
if (new_fd == -1) {
|
||||
- fail_fn_z(CREATE_ERROR("Accept(%d) failed: %s", zygote_socket_fd, strerror(errno)));
|
||||
+ // The new connection wasn't valid, and we still have an old one; retry polling
|
||||
+ continue;
|
||||
}
|
||||
if (new_fd != session_socket) {
|
||||
- // Move new_fd back to the old value, so that we don't have to change Java-level data
|
||||
- // structures to reflect a change. This implicitly closes the old one.
|
||||
- if (TEMP_FAILURE_RETRY(dup2(new_fd, session_socket)) != session_socket) {
|
||||
- fail_fn_z(CREATE_ERROR("Failed to move fd %d to %d: %s",
|
||||
- new_fd, session_socket, strerror(errno)));
|
||||
- }
|
||||
- close(new_fd); // On Linux, fd is closed even if EINTR is returned.
|
||||
+ // Move new_fd back to the old value, so that we don't have to change Java-level data
|
||||
+ // structures to reflect a change. This implicitly closes the old one.
|
||||
+ if (TEMP_FAILURE_RETRY(dup2(new_fd, session_socket)) != session_socket) {
|
||||
+ fail_fn_z(CREATE_ERROR("Failed to move fd %d to %d: %s",
|
||||
+ new_fd, session_socket, strerror(errno)));
|
||||
+ }
|
||||
+ close(new_fd); // On Linux, fd is closed even if EINTR is returned.
|
||||
}
|
||||
// If we ever return, we effectively reuse the old Java ZygoteConnection.
|
||||
// None of its state needs to change.
|
||||
@@ -474,13 +506,6 @@ jboolean com_android_internal_os_ZygoteCommandBuffer_nativeForkRepeatedly(
|
||||
fail_fn_z(CREATE_ERROR("Failed to set send timeout for socket %d: %s",
|
||||
session_socket, strerror(errno)));
|
||||
}
|
||||
- if (getsockopt(session_socket, SOL_SOCKET, SO_PEERCRED, &credentials, &cred_size) == -1) {
|
||||
- fail_fn_z(CREATE_ERROR("ForkMany failed to get credentials: %s", strerror(errno)));
|
||||
- }
|
||||
- if (cred_size != sizeof credentials) {
|
||||
- fail_fn_z(CREATE_ERROR("ForkMany credential size = %d, should be %d",
|
||||
- cred_size, static_cast<int>(sizeof credentials)));
|
||||
- }
|
||||
}
|
||||
first_time = false;
|
||||
} while (n_buffer->isSimpleForkCommand(minUid, fail_fn_n));
|
@ -11,8 +11,8 @@ Signed-off-by: Tavi <tavi@divested.dev>
|
||||
src/app/grapheneos/carrierconfig2/Utils.java | 6 +++---
|
||||
src/app/grapheneos/carrierconfig2/loader/Apns.java | 9 +++------
|
||||
.../carrierconfig2/loader/CarrierConfigLoader.java | 8 ++++----
|
||||
.../grapheneos/carrierconfig2/loader/Filters.java | 7 ++-----
|
||||
6 files changed, 16 insertions(+), 28 deletions(-)
|
||||
.../grapheneos/carrierconfig2/loader/Filters.java | 4 ++--
|
||||
6 files changed, 16 insertions(+), 25 deletions(-)
|
||||
|
||||
diff --git a/src/app/grapheneos/carrierconfig2/ApnServiceImpl.java b/src/app/grapheneos/carrierconfig2/ApnServiceImpl.java
|
||||
index 1fc2339..1ac28fc 100644
|
||||
@ -28,6 +28,7 @@ index 1fc2339..1ac28fc 100644
|
||||
Log.e(TAG, "CSettingsDir is missing");
|
||||
return emptyList();
|
||||
diff --git a/src/app/grapheneos/carrierconfig2/CarrierServiceImpl.java b/src/app/grapheneos/carrierconfig2/CarrierServiceImpl.java
|
||||
index 166272f..37b430c 100644
|
||||
--- a/src/app/grapheneos/carrierconfig2/CarrierServiceImpl.java
|
||||
+++ b/src/app/grapheneos/carrierconfig2/CarrierServiceImpl.java
|
||||
@@ -14,10 +14,10 @@ public class CarrierServiceImpl extends CarrierService {
|
||||
@ -56,6 +57,7 @@ diff --git a/src/app/grapheneos/carrierconfig2/CarrierServiceImpl.java b/src/app
|
||||
- }
|
||||
}
|
||||
diff --git a/src/app/grapheneos/carrierconfig2/Utils.java b/src/app/grapheneos/carrierconfig2/Utils.java
|
||||
index 7300925..06abf09 100644
|
||||
--- a/src/app/grapheneos/carrierconfig2/Utils.java
|
||||
+++ b/src/app/grapheneos/carrierconfig2/Utils.java
|
||||
@@ -22,7 +22,7 @@ public class Utils {
|
||||
@ -84,6 +86,7 @@ diff --git a/src/app/grapheneos/carrierconfig2/Utils.java b/src/app/grapheneos/c
|
||||
return baos.toString();
|
||||
}
|
||||
diff --git a/src/app/grapheneos/carrierconfig2/loader/Apns.java b/src/app/grapheneos/carrierconfig2/loader/Apns.java
|
||||
index ff0082f..357e6ea 100644
|
||||
--- a/src/app/grapheneos/carrierconfig2/loader/Apns.java
|
||||
+++ b/src/app/grapheneos/carrierconfig2/loader/Apns.java
|
||||
@@ -39,7 +39,7 @@ public class Apns {
|
||||
@ -124,6 +127,7 @@ diff --git a/src/app/grapheneos/carrierconfig2/loader/Apns.java b/src/app/graphe
|
||||
|
||||
for (ApnItem.ApnType apnType : list) {
|
||||
diff --git a/src/app/grapheneos/carrierconfig2/loader/CarrierConfigLoader.java b/src/app/grapheneos/carrierconfig2/loader/CarrierConfigLoader.java
|
||||
index 1d77aac..97a07be 100644
|
||||
--- a/src/app/grapheneos/carrierconfig2/loader/CarrierConfigLoader.java
|
||||
+++ b/src/app/grapheneos/carrierconfig2/loader/CarrierConfigLoader.java
|
||||
@@ -65,7 +65,7 @@ public class CarrierConfigLoader {
|
||||
@ -163,6 +167,7 @@ diff --git a/src/app/grapheneos/carrierconfig2/loader/CarrierConfigLoader.java b
|
||||
b.append('-');
|
||||
b.append(cs.getVersion());
|
||||
diff --git a/src/app/grapheneos/carrierconfig2/loader/Filters.java b/src/app/grapheneos/carrierconfig2/loader/Filters.java
|
||||
index 75764db..56081b9 100644
|
||||
--- a/src/app/grapheneos/carrierconfig2/loader/Filters.java
|
||||
+++ b/src/app/grapheneos/carrierconfig2/loader/Filters.java
|
||||
@@ -107,7 +107,7 @@ class Filters {
|
||||
|
@ -0,0 +1,291 @@
|
||||
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
||||
From: Weng Su <wengsu@google.com>
|
||||
Date: Wed, 3 Apr 2024 10:45:43 +0800
|
||||
Subject: [PATCH] Restrict WifiDppConfiguratorActivity
|
||||
|
||||
- Don't show WifiDppConfiguratorActivity if user has DISALLOW_ADD_WIFI_CONFIG
|
||||
|
||||
- Don't show AddNetworkFragment if user has DISALLOW_ADD_WIFI_CONFIG
|
||||
|
||||
Fix: 299931076
|
||||
Flag: None
|
||||
Test: manual test with TestDPC
|
||||
atest -c SettingsUnitTests:AddNetworkFragmentTest \
|
||||
SettingsUnitTests:WifiDppConfiguratorActivityTest
|
||||
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:254ba087c29503e8bcf01cc10082c3f393e7701f)
|
||||
Merged-In: I34afe0f698e2dc43eba59b25f5f3f4f61e70166a
|
||||
Change-Id: I34afe0f698e2dc43eba59b25f5f3f4f61e70166a
|
||||
---
|
||||
.../settings/wifi/AddNetworkFragment.java | 20 +++++
|
||||
.../wifi/dpp/WifiDppConfiguratorActivity.java | 20 +++++
|
||||
.../settings/wifi/AddNetworkFragmentTest.java | 74 +++++++++++++++++++
|
||||
.../dpp/WifiDppConfiguratorActivityTest.java | 74 +++++++++++++++++++
|
||||
4 files changed, 188 insertions(+)
|
||||
create mode 100644 tests/unit/src/com/android/settings/wifi/AddNetworkFragmentTest.java
|
||||
create mode 100644 tests/unit/src/com/android/settings/wifi/dpp/WifiDppConfiguratorActivityTest.java
|
||||
|
||||
diff --git a/src/com/android/settings/wifi/AddNetworkFragment.java b/src/com/android/settings/wifi/AddNetworkFragment.java
|
||||
index 01d5ef1ca4..c50ab9ae24 100644
|
||||
--- a/src/com/android/settings/wifi/AddNetworkFragment.java
|
||||
+++ b/src/com/android/settings/wifi/AddNetworkFragment.java
|
||||
@@ -16,11 +16,16 @@
|
||||
|
||||
package com.android.settings.wifi;
|
||||
|
||||
+import static android.os.UserManager.DISALLOW_ADD_WIFI_CONFIG;
|
||||
+
|
||||
import android.app.Activity;
|
||||
import android.app.settings.SettingsEnums;
|
||||
+import android.content.Context;
|
||||
import android.content.Intent;
|
||||
import android.net.wifi.WifiConfiguration;
|
||||
import android.os.Bundle;
|
||||
+import android.os.UserManager;
|
||||
+import android.util.Log;
|
||||
import android.view.LayoutInflater;
|
||||
import android.view.View;
|
||||
import android.view.ViewGroup;
|
||||
@@ -40,6 +45,7 @@ import com.android.settings.wifi.dpp.WifiDppUtils;
|
||||
*/
|
||||
public class AddNetworkFragment extends InstrumentedFragment implements WifiConfigUiBase2,
|
||||
View.OnClickListener {
|
||||
+ private static final String TAG = "AddNetworkFragment";
|
||||
|
||||
public static final String WIFI_CONFIG_KEY = "wifi_config_key";
|
||||
@VisibleForTesting
|
||||
@@ -57,6 +63,10 @@ public class AddNetworkFragment extends InstrumentedFragment implements WifiConf
|
||||
@Override
|
||||
public void onCreate(Bundle savedInstanceState) {
|
||||
super.onCreate(savedInstanceState);
|
||||
+ if (!isAddWifiConfigAllowed(getContext())) {
|
||||
+ getActivity().finish();
|
||||
+ return;
|
||||
+ }
|
||||
}
|
||||
|
||||
@Override
|
||||
@@ -204,4 +214,14 @@ public class AddNetworkFragment extends InstrumentedFragment implements WifiConf
|
||||
activity.setResult(Activity.RESULT_CANCELED);
|
||||
activity.finish();
|
||||
}
|
||||
+
|
||||
+ @VisibleForTesting
|
||||
+ static boolean isAddWifiConfigAllowed(Context context) {
|
||||
+ UserManager userManager = context.getSystemService(UserManager.class);
|
||||
+ if (userManager != null && userManager.hasUserRestriction(DISALLOW_ADD_WIFI_CONFIG)) {
|
||||
+ Log.e(TAG, "The user is not allowed to add Wi-Fi configuration.");
|
||||
+ return false;
|
||||
+ }
|
||||
+ return true;
|
||||
+ }
|
||||
}
|
||||
diff --git a/src/com/android/settings/wifi/dpp/WifiDppConfiguratorActivity.java b/src/com/android/settings/wifi/dpp/WifiDppConfiguratorActivity.java
|
||||
index ecaf9ee8fc..a658c16a8c 100644
|
||||
--- a/src/com/android/settings/wifi/dpp/WifiDppConfiguratorActivity.java
|
||||
+++ b/src/com/android/settings/wifi/dpp/WifiDppConfiguratorActivity.java
|
||||
@@ -16,6 +16,8 @@
|
||||
|
||||
package com.android.settings.wifi.dpp;
|
||||
|
||||
+import static android.os.UserManager.DISALLOW_ADD_WIFI_CONFIG;
|
||||
+
|
||||
import android.app.settings.SettingsEnums;
|
||||
import android.content.Intent;
|
||||
import android.net.Uri;
|
||||
@@ -96,6 +98,10 @@ public class WifiDppConfiguratorActivity extends WifiDppBaseActivity implements
|
||||
@Override
|
||||
protected void onCreate(Bundle savedInstanceState) {
|
||||
super.onCreate(savedInstanceState);
|
||||
+ if (!isAddWifiConfigAllowed(getApplicationContext())) {
|
||||
+ finish();
|
||||
+ return;
|
||||
+ }
|
||||
|
||||
if (savedInstanceState != null) {
|
||||
String qrCode = savedInstanceState.getString(KEY_QR_CODE);
|
||||
@@ -116,6 +122,10 @@ public class WifiDppConfiguratorActivity extends WifiDppBaseActivity implements
|
||||
|
||||
@Override
|
||||
protected void handleIntent(Intent intent) {
|
||||
+ if (!isAddWifiConfigAllowed(getApplicationContext())) {
|
||||
+ finish();
|
||||
+ return;
|
||||
+ }
|
||||
String action = intent != null ? intent.getAction() : null;
|
||||
if (action == null) {
|
||||
finish();
|
||||
@@ -384,4 +394,14 @@ public class WifiDppConfiguratorActivity extends WifiDppBaseActivity implements
|
||||
|
||||
return null;
|
||||
}
|
||||
+
|
||||
+ @VisibleForTesting
|
||||
+ static boolean isAddWifiConfigAllowed(Context context) {
|
||||
+ UserManager userManager = context.getSystemService(UserManager.class);
|
||||
+ if (userManager != null && userManager.hasUserRestriction(DISALLOW_ADD_WIFI_CONFIG)) {
|
||||
+ Log.e(TAG, "The user is not allowed to add Wi-Fi configuration.");
|
||||
+ return false;
|
||||
+ }
|
||||
+ return true;
|
||||
+ }
|
||||
}
|
||||
diff --git a/tests/unit/src/com/android/settings/wifi/AddNetworkFragmentTest.java b/tests/unit/src/com/android/settings/wifi/AddNetworkFragmentTest.java
|
||||
new file mode 100644
|
||||
index 0000000000..22d43c9bb4
|
||||
--- /dev/null
|
||||
+++ b/tests/unit/src/com/android/settings/wifi/AddNetworkFragmentTest.java
|
||||
@@ -0,0 +1,74 @@
|
||||
+/*
|
||||
+ * Copyright (C) 2024 The Android Open Source Project
|
||||
+ *
|
||||
+ * Licensed under the Apache License, Version 2.0 (the "License");
|
||||
+ * you may not use this file except in compliance with the License.
|
||||
+ * You may obtain a copy of the License at
|
||||
+ *
|
||||
+ * http://www.apache.org/licenses/LICENSE-2.0
|
||||
+ *
|
||||
+ * Unless required by applicable law or agreed to in writing, software
|
||||
+ * distributed under the License is distributed on an "AS IS" BASIS,
|
||||
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
+ * See the License for the specific language governing permissions and
|
||||
+ * limitations under the License.
|
||||
+ */
|
||||
+
|
||||
+package com.android.settings.wifi;
|
||||
+
|
||||
+import static android.os.UserManager.DISALLOW_ADD_WIFI_CONFIG;
|
||||
+
|
||||
+import static com.google.common.truth.Truth.assertThat;
|
||||
+
|
||||
+import static org.mockito.Mockito.when;
|
||||
+
|
||||
+import android.content.Context;
|
||||
+import android.os.UserManager;
|
||||
+
|
||||
+import androidx.test.annotation.UiThreadTest;
|
||||
+import androidx.test.core.app.ApplicationProvider;
|
||||
+import androidx.test.ext.junit.runners.AndroidJUnit4;
|
||||
+
|
||||
+import org.junit.Before;
|
||||
+import org.junit.Rule;
|
||||
+import org.junit.Test;
|
||||
+import org.junit.runner.RunWith;
|
||||
+import org.mockito.Mock;
|
||||
+import org.mockito.Spy;
|
||||
+import org.mockito.junit.MockitoJUnit;
|
||||
+import org.mockito.junit.MockitoRule;
|
||||
+
|
||||
+@RunWith(AndroidJUnit4.class)
|
||||
+@UiThreadTest
|
||||
+public class AddNetworkFragmentTest {
|
||||
+
|
||||
+ @Rule
|
||||
+ public final MockitoRule mMockitoRule = MockitoJUnit.rule();
|
||||
+ @Spy
|
||||
+ private final Context mContext = ApplicationProvider.getApplicationContext();
|
||||
+ @Mock
|
||||
+ private UserManager mUserManager;
|
||||
+
|
||||
+ private AddNetworkFragment mFragment;
|
||||
+
|
||||
+ @Before
|
||||
+ public void setUp() {
|
||||
+ when(mContext.getSystemService(UserManager.class)).thenReturn(mUserManager);
|
||||
+
|
||||
+ mFragment = new AddNetworkFragment();
|
||||
+ }
|
||||
+
|
||||
+ @Test
|
||||
+ public void isAddWifiConfigAllowed_hasNoUserRestriction_returnTrue() {
|
||||
+ when(mUserManager.hasUserRestriction(DISALLOW_ADD_WIFI_CONFIG)).thenReturn(false);
|
||||
+
|
||||
+ assertThat(mFragment.isAddWifiConfigAllowed(mContext)).isTrue();
|
||||
+ }
|
||||
+
|
||||
+ @Test
|
||||
+ public void isAddWifiConfigAllowed_hasUserRestriction_returnFalse() {
|
||||
+ when(mUserManager.hasUserRestriction(DISALLOW_ADD_WIFI_CONFIG)).thenReturn(true);
|
||||
+
|
||||
+ assertThat(mFragment.isAddWifiConfigAllowed(mContext)).isFalse();
|
||||
+ }
|
||||
+}
|
||||
diff --git a/tests/unit/src/com/android/settings/wifi/dpp/WifiDppConfiguratorActivityTest.java b/tests/unit/src/com/android/settings/wifi/dpp/WifiDppConfiguratorActivityTest.java
|
||||
new file mode 100644
|
||||
index 0000000000..4d723dc184
|
||||
--- /dev/null
|
||||
+++ b/tests/unit/src/com/android/settings/wifi/dpp/WifiDppConfiguratorActivityTest.java
|
||||
@@ -0,0 +1,74 @@
|
||||
+/*
|
||||
+ * Copyright (C) 2024 The Android Open Source Project
|
||||
+ *
|
||||
+ * Licensed under the Apache License, Version 2.0 (the "License");
|
||||
+ * you may not use this file except in compliance with the License.
|
||||
+ * You may obtain a copy of the License at
|
||||
+ *
|
||||
+ * http://www.apache.org/licenses/LICENSE-2.0
|
||||
+ *
|
||||
+ * Unless required by applicable law or agreed to in writing, software
|
||||
+ * distributed under the License is distributed on an "AS IS" BASIS,
|
||||
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
+ * See the License for the specific language governing permissions and
|
||||
+ * limitations under the License.
|
||||
+ */
|
||||
+
|
||||
+package com.android.settings.wifi.dpp;
|
||||
+
|
||||
+import static android.os.UserManager.DISALLOW_ADD_WIFI_CONFIG;
|
||||
+
|
||||
+import static com.google.common.truth.Truth.assertThat;
|
||||
+
|
||||
+import static org.mockito.Mockito.when;
|
||||
+
|
||||
+import android.content.Context;
|
||||
+import android.os.UserManager;
|
||||
+
|
||||
+import androidx.test.annotation.UiThreadTest;
|
||||
+import androidx.test.core.app.ApplicationProvider;
|
||||
+import androidx.test.ext.junit.runners.AndroidJUnit4;
|
||||
+
|
||||
+import org.junit.Before;
|
||||
+import org.junit.Rule;
|
||||
+import org.junit.Test;
|
||||
+import org.junit.runner.RunWith;
|
||||
+import org.mockito.Mock;
|
||||
+import org.mockito.Spy;
|
||||
+import org.mockito.junit.MockitoJUnit;
|
||||
+import org.mockito.junit.MockitoRule;
|
||||
+
|
||||
+@RunWith(AndroidJUnit4.class)
|
||||
+@UiThreadTest
|
||||
+public class WifiDppConfiguratorActivityTest {
|
||||
+
|
||||
+ @Rule
|
||||
+ public final MockitoRule mMockitoRule = MockitoJUnit.rule();
|
||||
+ @Spy
|
||||
+ private final Context mContext = ApplicationProvider.getApplicationContext();
|
||||
+ @Mock
|
||||
+ private UserManager mUserManager;
|
||||
+
|
||||
+ private WifiDppConfiguratorActivity mActivity;
|
||||
+
|
||||
+ @Before
|
||||
+ public void setUp() {
|
||||
+ when(mContext.getSystemService(UserManager.class)).thenReturn(mUserManager);
|
||||
+
|
||||
+ mActivity = new WifiDppConfiguratorActivity();
|
||||
+ }
|
||||
+
|
||||
+ @Test
|
||||
+ public void isAddWifiConfigAllowed_hasNoUserRestriction_returnTrue() {
|
||||
+ when(mUserManager.hasUserRestriction(DISALLOW_ADD_WIFI_CONFIG)).thenReturn(false);
|
||||
+
|
||||
+ assertThat(mActivity.isAddWifiConfigAllowed(mContext)).isTrue();
|
||||
+ }
|
||||
+
|
||||
+ @Test
|
||||
+ public void isAddWifiConfigAllowed_hasUserRestriction_returnFalse() {
|
||||
+ when(mUserManager.hasUserRestriction(DISALLOW_ADD_WIFI_CONFIG)).thenReturn(true);
|
||||
+
|
||||
+ assertThat(mActivity.isAddWifiConfigAllowed(mContext)).isFalse();
|
||||
+ }
|
||||
+}
|
@ -0,0 +1,260 @@
|
||||
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
||||
From: Vova Sharaienko <sharaienko@google.com>
|
||||
Date: Thu, 20 Jul 2023 23:25:31 +0000
|
||||
Subject: [PATCH] Make executor thread a class member of MultiConditionTrigger
|
||||
|
||||
executorThread references class members after detaching. Making
|
||||
executorThread as class member and joining in MultiConditionTrigger
|
||||
destructor.
|
||||
|
||||
Ignore-AOSP-First: Security bugs merged into internal branch first
|
||||
Test: atest statsd_test
|
||||
Bug: 292160348
|
||||
Flag: NONE mainline module bug fix
|
||||
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:262e2c8a5293483c98be498e60e1e5d15c6a0145)
|
||||
Merged-In: I7036eb3d506e8ca88e4a5faa6275dc4cba8020ee
|
||||
Change-Id: I7036eb3d506e8ca88e4a5faa6275dc4cba8020ee
|
||||
---
|
||||
statsd/src/utils/MultiConditionTrigger.cpp | 21 ++-
|
||||
statsd/src/utils/MultiConditionTrigger.h | 10 +-
|
||||
.../utils/MultiConditionTrigger_test.cpp | 121 ++++++++++++++++++
|
||||
3 files changed, 144 insertions(+), 8 deletions(-)
|
||||
|
||||
diff --git a/statsd/src/utils/MultiConditionTrigger.cpp b/statsd/src/utils/MultiConditionTrigger.cpp
|
||||
index 43a69337..3088453e 100644
|
||||
--- a/statsd/src/utils/MultiConditionTrigger.cpp
|
||||
+++ b/statsd/src/utils/MultiConditionTrigger.cpp
|
||||
@@ -14,11 +14,10 @@
|
||||
* limitations under the License.
|
||||
*/
|
||||
#define DEBUG false // STOPSHIP if true
|
||||
+#include "Log.h"
|
||||
|
||||
#include "MultiConditionTrigger.h"
|
||||
|
||||
-#include <thread>
|
||||
-
|
||||
using namespace std;
|
||||
|
||||
namespace android {
|
||||
@@ -31,8 +30,7 @@ MultiConditionTrigger::MultiConditionTrigger(const set<string>& conditionNames,
|
||||
mTrigger(trigger),
|
||||
mCompleted(mRemainingConditionNames.empty()) {
|
||||
if (mCompleted) {
|
||||
- thread executorThread([this] { mTrigger(); });
|
||||
- executorThread.detach();
|
||||
+ startExecutorThread();
|
||||
}
|
||||
}
|
||||
|
||||
@@ -48,10 +46,21 @@ void MultiConditionTrigger::markComplete(const string& conditionName) {
|
||||
doTrigger = mCompleted;
|
||||
}
|
||||
if (doTrigger) {
|
||||
- std::thread executorThread([this] { mTrigger(); });
|
||||
- executorThread.detach();
|
||||
+ startExecutorThread();
|
||||
}
|
||||
}
|
||||
+
|
||||
+void MultiConditionTrigger::startExecutorThread() {
|
||||
+ mExecutorThread = make_unique<thread>([this] { mTrigger(); });
|
||||
+}
|
||||
+
|
||||
+MultiConditionTrigger::~MultiConditionTrigger() {
|
||||
+ if (mExecutorThread != nullptr && mExecutorThread->joinable()) {
|
||||
+ VLOG("MultiConditionTrigger waiting on execution thread termination");
|
||||
+ mExecutorThread->join();
|
||||
+ }
|
||||
+}
|
||||
+
|
||||
} // namespace statsd
|
||||
} // namespace os
|
||||
} // namespace android
|
||||
diff --git a/statsd/src/utils/MultiConditionTrigger.h b/statsd/src/utils/MultiConditionTrigger.h
|
||||
index 51f60299..dee00713 100644
|
||||
--- a/statsd/src/utils/MultiConditionTrigger.h
|
||||
+++ b/statsd/src/utils/MultiConditionTrigger.h
|
||||
@@ -19,6 +19,7 @@
|
||||
|
||||
#include <mutex>
|
||||
#include <set>
|
||||
+#include <thread>
|
||||
|
||||
namespace android {
|
||||
namespace os {
|
||||
@@ -27,8 +28,8 @@ namespace statsd {
|
||||
/**
|
||||
* This class provides a utility to wait for a set of named conditions to occur.
|
||||
*
|
||||
- * It will execute the trigger runnable in a detached thread once all conditions have been marked
|
||||
- * true.
|
||||
+ * It will execute the trigger runnable in a separate thread (which will be joined at instance
|
||||
+ * destructor time) once all conditions have been marked true.
|
||||
*/
|
||||
class MultiConditionTrigger {
|
||||
public:
|
||||
@@ -37,19 +38,24 @@ public:
|
||||
|
||||
MultiConditionTrigger(const MultiConditionTrigger&) = delete;
|
||||
MultiConditionTrigger& operator=(const MultiConditionTrigger&) = delete;
|
||||
+ ~MultiConditionTrigger();
|
||||
|
||||
// Mark a specific condition as true. If this condition has called markComplete already or if
|
||||
// the event was not specified in the constructor, the function is a no-op.
|
||||
void markComplete(const std::string& eventName);
|
||||
|
||||
private:
|
||||
+ void startExecutorThread();
|
||||
+
|
||||
mutable std::mutex mMutex;
|
||||
std::set<std::string> mRemainingConditionNames;
|
||||
std::function<void()> mTrigger;
|
||||
bool mCompleted;
|
||||
+ std::unique_ptr<std::thread> mExecutorThread;
|
||||
|
||||
FRIEND_TEST(MultiConditionTriggerTest, TestCountDownCalledBySameEventName);
|
||||
};
|
||||
+
|
||||
} // namespace statsd
|
||||
} // namespace os
|
||||
} // namespace android
|
||||
diff --git a/statsd/tests/utils/MultiConditionTrigger_test.cpp b/statsd/tests/utils/MultiConditionTrigger_test.cpp
|
||||
index 32cecd3b..b525f75e 100644
|
||||
--- a/statsd/tests/utils/MultiConditionTrigger_test.cpp
|
||||
+++ b/statsd/tests/utils/MultiConditionTrigger_test.cpp
|
||||
@@ -22,6 +22,8 @@
|
||||
#include <thread>
|
||||
#include <vector>
|
||||
|
||||
+#include "tests/statsd_test_util.h"
|
||||
+
|
||||
#ifdef __ANDROID__
|
||||
|
||||
using namespace std;
|
||||
@@ -166,6 +168,125 @@ TEST(MultiConditionTrigger, TestTriggerOnlyCalledOnce) {
|
||||
}
|
||||
}
|
||||
|
||||
+namespace {
|
||||
+
|
||||
+class TriggerDependency {
|
||||
+public:
|
||||
+ TriggerDependency(mutex& lock, condition_variable& cv, bool& triggerCalled, int& triggerCount)
|
||||
+ : mLock(lock), mCv(cv), mTriggerCalled(triggerCalled), mTriggerCount(triggerCount) {
|
||||
+ }
|
||||
+
|
||||
+ void someMethod() {
|
||||
+ lock_guard lg(mLock);
|
||||
+ mTriggerCount++;
|
||||
+ mTriggerCalled = true;
|
||||
+ mCv.notify_all();
|
||||
+ }
|
||||
+
|
||||
+private:
|
||||
+ mutex& mLock;
|
||||
+ condition_variable& mCv;
|
||||
+ bool& mTriggerCalled;
|
||||
+ int& mTriggerCount;
|
||||
+};
|
||||
+
|
||||
+} // namespace
|
||||
+
|
||||
+TEST(MultiConditionTrigger, TestTriggerHasSleep) {
|
||||
+ const string t1 = "t1";
|
||||
+ set<string> conditionNames = {t1};
|
||||
+
|
||||
+ mutex lock;
|
||||
+ condition_variable cv;
|
||||
+ bool triggerCalled = false;
|
||||
+ int triggerCount = 0;
|
||||
+
|
||||
+ {
|
||||
+ TriggerDependency dependency(lock, cv, triggerCalled, triggerCount);
|
||||
+ MultiConditionTrigger trigger(conditionNames, [&dependency] {
|
||||
+ std::this_thread::sleep_for(std::chrono::milliseconds(50));
|
||||
+ dependency.someMethod();
|
||||
+ });
|
||||
+ trigger.markComplete(t1);
|
||||
+
|
||||
+ // Here dependency instance will go out of scope and the thread within MultiConditionTrigger
|
||||
+ // after delay will try to call method of already destroyed class instance
|
||||
+ // with leading crash if trigger execution thread is detached in MultiConditionTrigger
|
||||
+ // Instead since the MultiConditionTrigger destructor happens before TriggerDependency
|
||||
+ // destructor, MultiConditionTrigger destructor is waiting on execution thread termination
|
||||
+ // with thread::join
|
||||
+ }
|
||||
+ // At this moment the executor thread guaranteed terminated by MultiConditionTrigger destructor
|
||||
+
|
||||
+ // Ensure that the trigger fired.
|
||||
+ {
|
||||
+ unique_lock<mutex> unique_lk(lock);
|
||||
+ cv.wait(unique_lk, [&triggerCalled] { return triggerCalled; });
|
||||
+ EXPECT_TRUE(triggerCalled);
|
||||
+ EXPECT_EQ(triggerCount, 1);
|
||||
+ }
|
||||
+}
|
||||
+
|
||||
+TEST(MultiConditionTrigger, TestTriggerHasSleepEarlyTermination) {
|
||||
+ const string t1 = "t1";
|
||||
+ set<string> conditionNames = {t1};
|
||||
+
|
||||
+ mutex lock;
|
||||
+ condition_variable cv;
|
||||
+ bool triggerCalled = false;
|
||||
+ int triggerCount = 0;
|
||||
+
|
||||
+ std::condition_variable triggerTerminationFlag;
|
||||
+ std::mutex triggerTerminationFlagMutex;
|
||||
+ bool terminationRequested = false;
|
||||
+
|
||||
+ // used for error threshold tolerance due to wait_for() is involved
|
||||
+ const int64_t errorThresholdMs = 25;
|
||||
+ const int64_t triggerEarlyTerminationDelayMs = 100;
|
||||
+ const int64_t triggerStartNs = getElapsedRealtimeNs();
|
||||
+ {
|
||||
+ TriggerDependency dependency(lock, cv, triggerCalled, triggerCount);
|
||||
+ MultiConditionTrigger trigger(
|
||||
+ conditionNames, [&dependency, &triggerTerminationFlag, &triggerTerminationFlagMutex,
|
||||
+ &lock, &triggerCalled, &cv, &terminationRequested] {
|
||||
+ std::unique_lock<std::mutex> lk(triggerTerminationFlagMutex);
|
||||
+ if (triggerTerminationFlag.wait_for(
|
||||
+ lk, std::chrono::seconds(1),
|
||||
+ [&terminationRequested] { return terminationRequested; })) {
|
||||
+ // triggerTerminationFlag was notified - early termination is requested
|
||||
+ lock_guard lg(lock);
|
||||
+ triggerCalled = true;
|
||||
+ cv.notify_all();
|
||||
+ return;
|
||||
+ }
|
||||
+ dependency.someMethod();
|
||||
+ });
|
||||
+ trigger.markComplete(t1);
|
||||
+
|
||||
+ // notify to terminate trigger executor thread after triggerEarlyTerminationDelayMs
|
||||
+ std::this_thread::sleep_for(std::chrono::milliseconds(triggerEarlyTerminationDelayMs));
|
||||
+ {
|
||||
+ std::unique_lock<std::mutex> lk(triggerTerminationFlagMutex);
|
||||
+ terminationRequested = true;
|
||||
+ }
|
||||
+ triggerTerminationFlag.notify_all();
|
||||
+ }
|
||||
+ // At this moment the executor thread guaranteed terminated by MultiConditionTrigger destructor
|
||||
+
|
||||
+ // check that test duration is closer to 100ms rather to 1s
|
||||
+ const int64_t triggerEndNs = getElapsedRealtimeNs();
|
||||
+ EXPECT_LE(NanoToMillis(triggerEndNs - triggerStartNs),
|
||||
+ triggerEarlyTerminationDelayMs + errorThresholdMs);
|
||||
+
|
||||
+ // Ensure that the trigger fired but not the dependency.someMethod().
|
||||
+ {
|
||||
+ unique_lock<mutex> unique_lk(lock);
|
||||
+ cv.wait(unique_lk, [&triggerCalled] { return triggerCalled; });
|
||||
+ EXPECT_TRUE(triggerCalled);
|
||||
+ EXPECT_EQ(triggerCount, 0);
|
||||
+ }
|
||||
+}
|
||||
+
|
||||
} // namespace statsd
|
||||
} // namespace os
|
||||
} // namespace android
|
@ -0,0 +1,51 @@
|
||||
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
||||
From: Omar Eissa <oeissa@google.com>
|
||||
Date: Mon, 15 Apr 2024 12:04:56 +0000
|
||||
Subject: [PATCH] Prevent insertion in other users storage volumes
|
||||
|
||||
Don't allow file insertion in other users storage volumes.
|
||||
This was already handled if DATA was explicitly set in content values,
|
||||
but was allowed if DATA was generated based on other values like RELATIVE_PATH and DISPLAY_NAME.
|
||||
|
||||
Insertion of files in other users storage volumes can be used by malicious apps
|
||||
to get access to other users files, since the same file would exist in both users MP databases
|
||||
which would lead to MP falsely assuming that the user has access to this file.
|
||||
|
||||
Bug: 294406604
|
||||
Test: atest MediaProviderTests
|
||||
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:df39f8486b25473d0bdbeed896ad917e3c793bf9)
|
||||
Merged-In: Ie219bbdbe28819421040e4c083b65ab47d8ebde6
|
||||
Change-Id: Ie219bbdbe28819421040e4c083b65ab47d8ebde6
|
||||
---
|
||||
src/com/android/providers/media/MediaProvider.java | 1 +
|
||||
tests/src/com/android/providers/media/MediaProviderTest.java | 5 ++---
|
||||
2 files changed, 3 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/src/com/android/providers/media/MediaProvider.java b/src/com/android/providers/media/MediaProvider.java
|
||||
index 0d220aa5..71b652f1 100644
|
||||
--- a/src/com/android/providers/media/MediaProvider.java
|
||||
+++ b/src/com/android/providers/media/MediaProvider.java
|
||||
@@ -3275,6 +3275,7 @@ public class MediaProvider extends ContentProvider {
|
||||
|
||||
FileUtils.sanitizeValues(values, /*rewriteHiddenFileName*/ !isFuseThread());
|
||||
FileUtils.computeDataFromValues(values, volumePath, isFuseThread());
|
||||
+ assertFileColumnsConsistent(match, uri, values);
|
||||
|
||||
// Create result file
|
||||
File res = new File(values.getAsString(MediaColumns.DATA));
|
||||
diff --git a/tests/src/com/android/providers/media/MediaProviderTest.java b/tests/src/com/android/providers/media/MediaProviderTest.java
|
||||
index 11fc327b..28463477 100644
|
||||
--- a/tests/src/com/android/providers/media/MediaProviderTest.java
|
||||
+++ b/tests/src/com/android/providers/media/MediaProviderTest.java
|
||||
@@ -377,9 +377,8 @@ public class MediaProviderTest {
|
||||
@Test
|
||||
public void testInsertionWithInvalidFilePath_throwsIllegalArgumentException() {
|
||||
final ContentValues values = new ContentValues();
|
||||
- values.put(MediaStore.MediaColumns.RELATIVE_PATH, "Android/media/com.example");
|
||||
- values.put(MediaStore.Images.Media.DISPLAY_NAME,
|
||||
- "./../../../../../../../../../../../data/media/test.txt");
|
||||
+ values.put(MediaStore.MediaColumns.RELATIVE_PATH, "Android/media/com.example/");
|
||||
+ values.put(MediaStore.Images.Media.DISPLAY_NAME, "data/media/test.txt");
|
||||
|
||||
IllegalArgumentException illegalArgumentException = Assert.assertThrows(
|
||||
IllegalArgumentException.class, () -> sIsolatedResolver.insert(
|
@ -1,25 +0,0 @@
|
||||
From 3ee1dde662b9b42c1a344fc9c6613b12e96b80cf Mon Sep 17 00:00:00 2001
|
||||
From: Daniel Micay <danielmicay@gmail.com>
|
||||
Date: Sat, 1 Jul 2017 13:21:18 -0400
|
||||
Subject: [PATCH] add alloc_size attributes to the allocator
|
||||
|
||||
This results in expanded _FORTIFY_SOURCE coverage.
|
||||
---
|
||||
osi/include/allocator.h | 4 ++--
|
||||
1 file changed, 2 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/osi/include/allocator.h b/osi/include/allocator.h
|
||||
index 3a4141f384..4fa059eb14 100644
|
||||
--- a/osi/include/allocator.h
|
||||
+++ b/osi/include/allocator.h
|
||||
@@ -37,8 +37,8 @@ extern const allocator_t allocator_calloc;
|
||||
char* osi_strdup(const char* str);
|
||||
char* osi_strndup(const char* str, size_t len);
|
||||
|
||||
-void* osi_malloc(size_t size);
|
||||
-void* osi_calloc(size_t size);
|
||||
+void* osi_malloc(size_t size) __attribute__((alloc_size(1)));
|
||||
+void* osi_calloc(size_t size) __attribute__((alloc_size(1)));
|
||||
void osi_free(void* ptr);
|
||||
|
||||
// Free a buffer that was previously allocated with function |osi_malloc|
|
@ -0,0 +1,63 @@
|
||||
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
||||
From: Brian Delwiche <delwiche@google.com>
|
||||
Date: Mon, 22 Apr 2024 21:10:09 +0000
|
||||
Subject: [PATCH] Fix an authentication bypass bug in SMP
|
||||
|
||||
When pairing with BLE legacy pairing initiated
|
||||
from remote, authentication can be bypassed.
|
||||
This change fixes it.
|
||||
|
||||
Bug: 251514170
|
||||
Test: m com.android.btservices
|
||||
Test: manual run against PoC
|
||||
Ignore-AOSP-First: security
|
||||
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:25a3fcd487c799d5d9029b8646159a0b10143d97)
|
||||
Merged-In: I369a8fdd675eca731a7a488ed6a2be645058b795
|
||||
Change-Id: I369a8fdd675eca731a7a488ed6a2be645058b795
|
||||
---
|
||||
stack/smp/smp_act.cc | 12 ++++++++++++
|
||||
stack/smp/smp_int.h | 1 +
|
||||
2 files changed, 13 insertions(+)
|
||||
|
||||
diff --git a/stack/smp/smp_act.cc b/stack/smp/smp_act.cc
|
||||
index 1863fdf51..47be844aa 100644
|
||||
--- a/stack/smp/smp_act.cc
|
||||
+++ b/stack/smp/smp_act.cc
|
||||
@@ -294,6 +294,7 @@ void smp_send_pair_rsp(tSMP_CB* p_cb, tSMP_INT_DATA* p_data) {
|
||||
void smp_send_confirm(tSMP_CB* p_cb, tSMP_INT_DATA* p_data) {
|
||||
SMP_TRACE_DEBUG("%s", __func__);
|
||||
smp_send_cmd(SMP_OPCODE_CONFIRM, p_cb);
|
||||
+ p_cb->flags |= SMP_PAIR_FLAGS_CMD_CONFIRM_SENT;
|
||||
}
|
||||
|
||||
/*******************************************************************************
|
||||
@@ -655,6 +656,17 @@ void smp_proc_init(tSMP_CB* p_cb, tSMP_INT_DATA* p_data) {
|
||||
return;
|
||||
}
|
||||
|
||||
+ if (!((p_cb->loc_auth_req & SMP_SC_SUPPORT_BIT) &&
|
||||
+ (p_cb->peer_auth_req & SMP_SC_SUPPORT_BIT)) &&
|
||||
+ !(p_cb->flags & SMP_PAIR_FLAGS_CMD_CONFIRM_SENT)) {
|
||||
+ // in legacy pairing, the peer should send its rand after
|
||||
+ // we send our confirm
|
||||
+ tSMP_INT_DATA smp_int_data{};
|
||||
+ smp_int_data.status = SMP_INVALID_PARAMETERS;
|
||||
+ smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &smp_int_data);
|
||||
+ return;
|
||||
+ }
|
||||
+
|
||||
/* save the SRand for comparison */
|
||||
STREAM_TO_ARRAY(p_cb->rrand.data(), p, OCTET16_LEN);
|
||||
}
|
||||
diff --git a/stack/smp/smp_int.h b/stack/smp/smp_int.h
|
||||
index c13120182..b8c1a5b95 100644
|
||||
--- a/stack/smp/smp_int.h
|
||||
+++ b/stack/smp/smp_int.h
|
||||
@@ -211,6 +211,7 @@ typedef union {
|
||||
(1 << 7) /* used to resolve race condition */
|
||||
#define SMP_PAIR_FLAG_HAVE_LOCAL_PUBL_KEY \
|
||||
(1 << 8) /* used on peripheral to resolve race condition */
|
||||
+#define SMP_PAIR_FLAGS_CMD_CONFIRM_SENT (1 << 9)
|
||||
|
||||
/* check if authentication requirement need MITM protection */
|
||||
#define SMP_NO_MITM_REQUIRED(x) (((x)&SMP_AUTH_YN_BIT) == 0)
|
@ -172,7 +172,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-10153/4.9/0002.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-10208/3.18/0005.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-10741/3.18/0005.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-10906/4.4/0003.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-20022/3.18/0001.patch
|
||||
#git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-20022/3.18/0001.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-GadgetFS/^4.10/0006.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-GadgetFS/^4.10/0007.patch
|
||||
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-GadgetFS/^4.10/0008.patch
|
||||
|
@ -95,6 +95,7 @@ applyPatch "$DOS_PATCHES_COMMON/android_build/0001-verity-openssl3.patch"; #Fix
|
||||
sed -i '75i$(my_res_package): PRIVATE_AAPT_FLAGS += --auto-add-overlay' core/aapt2.mk; #Enable auto-add-overlay for packages, this allows the vendor overlay to easily work across all branches.
|
||||
awk -i inplace '!/updatable_apex.mk/' target/product/generic_system.mk; #Disable APEX
|
||||
sed -i 's/PLATFORM_MIN_SUPPORTED_TARGET_SDK_VERSION := 23/PLATFORM_MIN_SUPPORTED_TARGET_SDK_VERSION := 28/' core/version_defaults.mk; #Set the minimum supported target SDK to Pie (GrapheneOS)
|
||||
sed -i 's/2024-06-05/2024-07-05/' core/version_defaults.mk; #Bump Security String #X_asb_2024-07
|
||||
fi;
|
||||
|
||||
if enterAndClear "build/soong"; then
|
||||
@ -125,6 +126,10 @@ sed -i '11iLOCAL_OVERRIDES_PACKAGES := Camera Camera2 LegacyCamera Snap OpenCame
|
||||
fi;
|
||||
|
||||
if enterAndClear "frameworks/base"; then
|
||||
applyPatch "$DOS_PATCHES/android_frameworks_base/329230490-1.patch"; #X_asb_2024-07 [CDM] Fix setSkipPrompt on Android S
|
||||
applyPatch "$DOS_PATCHES/android_frameworks_base/397375.patch"; #T_asb_2024-07 Fix security vulnerability allowing apps to start from background
|
||||
applyPatch "$DOS_PATCHES/android_frameworks_base/397376-backport.patch"; #T_asb_2024-07 Fix security vulnerability of non-dynamic permission removal
|
||||
applyPatch "$DOS_PATCHES/android_frameworks_base/397377-backport.patch"; #T_asb_2024-07 Verify UID of incoming Zygote connections.
|
||||
git revert --no-edit 83fe523914728a3674debba17a6019cb74803045; #Reverts "Allow signature spoofing for microG Companion/Services" in favor of below patch
|
||||
applyPatch "$DOS_PATCHES/android_frameworks_base/344888-backport.patch"; #fixup! fw/b: Add support for allowing/disallowing apps on cellular, vpn and wifi networks (CalyxOS)
|
||||
applyPatch "$DOS_PATCHES/android_frameworks_base/0007-Always_Restict_Serial.patch"; #Always restrict access to Build.SERIAL (GrapheneOS)
|
||||
@ -299,6 +304,7 @@ fi;
|
||||
|
||||
if enterAndClear "packages/apps/Settings"; then
|
||||
applyPatch "$DOS_PATCHES/android_packages_apps_Settings/316891059-19.patch"; #x-asb_2024-05 Replace getCallingActivity() with getLaunchedFromPackage()
|
||||
#applyPatch "$DOS_PATCHES/android_packages_apps_Settings/397378-backport.patch"; #T_asb_2024-07 Restrict WifiDppConfiguratorActivity
|
||||
applyPatch "$DOS_PATCHES/android_packages_apps_Settings/0004-Private_DNS.patch"; #More 'Private DNS' options (heavily based off of a CalyxOS patch)
|
||||
applyPatch "$DOS_PATCHES/android_packages_apps_Settings/0005-Automatic_Reboot.patch"; #Timeout for reboot (GrapheneOS)
|
||||
applyPatch "$DOS_PATCHES/android_packages_apps_Settings/0006-Bluetooth_Timeout.patch"; #Timeout for Bluetooth (CalyxOS)
|
||||
@ -372,6 +378,10 @@ applyPatch "$DOS_PATCHES/android_packages_modules_Permission/0005-Browser_No_Loc
|
||||
applyPatch "$DOS_PATCHES/android_packages_modules_Permission/0006-Location_Indicators.patch"; #SystemUI: Use new privacy indicators for location (GrapheneOS)
|
||||
fi;
|
||||
|
||||
if enterAndClear "packages/modules/StatsD"; then
|
||||
applyPatch "$DOS_PATCHES/android_packages_modules_StatsD/397380-backport.patch"; #T_asb_2024-07 Make executor thread a class member of MultiConditionTrigger
|
||||
fi;
|
||||
|
||||
if enterAndClear "packages/modules/Wifi"; then
|
||||
applyPatch "$DOS_PATCHES/android_packages_modules_Wifi/0001-Random_MAC.patch"; #Add support for always generating new random MAC (GrapheneOS)
|
||||
applyPatch "$DOS_PATCHES/android_packages_modules_Wifi/0001-Random_MAC-a1.patch"; #Fix MAC address leak after SSR (AOSP)
|
||||
@ -382,11 +392,16 @@ if enterAndClear "packages/providers/DownloadProvider"; then
|
||||
applyPatch "$DOS_PATCHES/android_packages_providers_DownloadProvider/0001-Network_Permission.patch"; #Expose the NETWORK permission (GrapheneOS)
|
||||
fi;
|
||||
|
||||
if enterAndClear "packages/providers/MediaProvider"; then
|
||||
applyPatch "$DOS_PATCHES/android_packages_providers_MediaProvider/397381.patch"; #T_asb_2024-07 Prevent insertion in other users storage volumes
|
||||
fi
|
||||
|
||||
if enterAndClear "packages/services/Telephony"; then
|
||||
if [ -d "$DOS_BUILD_BASE"/vendor/divested-carriersettings ]; then applyPatch "$DOS_PATCHES/android_packages_services_Telephony/0001-CC2.patch"; fi; #Runtime control of platform carrier config package (DivestOS)
|
||||
fi;
|
||||
|
||||
if enterAndClear "system/bt"; then
|
||||
applyPatch "$DOS_PATCHES/android_system_bt/397379-backport.patch"; #T_asb_2024-07 Fix an authentication bypass bug in SMP
|
||||
applyPatch "$DOS_PATCHES_COMMON/android_system_bt/0001-alloc_size.patch"; #Add alloc_size attributes to the allocator (GrapheneOS)
|
||||
fi;
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user