Git-Mirrors/DivestOS
1
0
Fork 0
mirror of https://github.com/Divested-Mobile/DivestOS-Build.git synced 2024-12-13 01:44:26 -05:00
Code Issues Packages Projects Releases Wiki Activity

15: November 2024 ASB work

Browse Source 
Signed-off-by: Tavi <tavi@divested.dev>
This commit is contained in:
Tavi 2024-11-14 11:11:21 -05:00
parent ce2a2ee149
commit 74cbd50ed2
No known key found for this signature in database
GPG Key ID: E599F62ECBAEAF2E
8 changed files with 327 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Logs/resetWorkspace-LineageOS-15.1.txt
View File

@ -68,7 +68,7 @@ external/caliper 4a0d9aba0856d0aa965d5653bfa4c138f0e8a8ba
external/cblas d063db8bdddfcde61e4bad3bfe65941fd73e8094
external/chromium-libpac 0ac78251d11006d764ba1aad8cc0867827fafe5c
external/chromium-trace 8b2c0074e71a8086dee98ca8730acfdc5eddf7a1
external/chromium-webview 298fa43ef0f2a4df8f47a49c20de397ae40d6656
external/chromium-webview a4b0b914b80044a684113e680107138e5bce590a
external/clang 751a76679b0fb5798ea6cab75906df07edcab315
external/cmockery 9199c7bfafefea32d1884182fa655b6e4578c1c4
external/compiler-rt 0c46c9e892a3f68420635032ef2f6152dabd197c

48
Patches/LineageOS-15.1/android_external_skia/408506.patch Normal file
View File

@ -0,0 +1,48 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Brian Osman <brianosman@google.com>
Date: Tue, 27 Aug 2024 14:22:52 -0400
Subject: [PATCH] RESTRICT AUTOMERGE: Avoid potential overflow when allocating
3D mask from emboss filter
Note: the original fix landed after
Iac8b937e516dbfbbcefef54360dd5b7300bacb67 introduced SkMaskBuilder, so
this cherry-pick had to be tweaked to avoid conflicts. Unfortuantely
that means we need RESTRICT AUTOMERGE to prevent this modified version
from flowing through API boundaries into VIC, and we need to manually
cherry-pick it to each API level.
Bug: 344620577
Test: N/A -- unclear if even reachable
Reviewed-on: https://skia-review.googlesource.com/c/skia/+/893738
Commit-Queue: Brian Osman <brianosman@google.com>
Reviewed-by: Ben Wagner <bungeman@google.com>
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:2bc38734eec777bf2574d4b38a7fd4fc05f0ecde)
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:69fc79acf3f05f269c55069ba5e2fbd00e1a76b6)
Merged-In: Ia35860371d45120baca63238e77faa5c0eb25d51
Change-Id: Ia35860371d45120baca63238e77faa5c0eb25d51
---
src/effects/SkEmbossMaskFilter.cpp | 10 ++++++----
1 file changed, 6 insertions(+), 4 deletions(-)
diff --git a/src/effects/SkEmbossMaskFilter.cpp b/src/effects/SkEmbossMaskFilter.cpp
index 4caef9ef0b..5013089a83 100644
--- a/src/effects/SkEmbossMaskFilter.cpp
+++ b/src/effects/SkEmbossMaskFilter.cpp
@@ -78,11 +78,13 @@ bool SkEmbossMaskFilter::filterMask(SkMask* dst, const SkMask& src,
{
uint8_t* alphaPlane = dst->fImage;
- size_t planeSize = dst->computeImageSize();
- if (0 == planeSize) {
- return false; // too big to allocate, abort
+ size_t totalSize = dst->computeTotalImageSize();
+ if (totalSize == 0) {
+ return false; // too big to allocate, abort
}
- dst->fImage = SkMask::AllocImage(planeSize * 3);
+ size_t planeSize = dst->computeImageSize();
+ SkASSERT(planeSize != 0); // if totalSize didn't overflow, this can't either
+ dst->fImage = SkMask::AllocImage(totalSize);
memcpy(dst->fImage, alphaPlane, planeSize);
SkMask::FreeImage(alphaPlane);
}

31
Patches/LineageOS-15.1/android_frameworks_base/408507.patch Normal file
View File

@ -0,0 +1,31 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Dmitry Dementyev <dementyev@google.com>
Date: Tue, 2 Jul 2024 11:02:07 -0700
Subject: [PATCH] Remove authenticator data if it was disabled.
Test: manual
Bug: 343440463
Flag: EXEMPT bugfix
(cherry picked from commit ddfc078af7e89641360b896f99af23a6b371b847)
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:c2660dcf7fca3f652528d219767f65858bbbe622)
Merged-In: I36bd6bf101da03c9c30a6d3c0080b801e7898bc6
Change-Id: I36bd6bf101da03c9c30a6d3c0080b801e7898bc6
---
.../com/android/server/accounts/AccountManagerService.java | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/services/core/java/com/android/server/accounts/AccountManagerService.java b/services/core/java/com/android/server/accounts/AccountManagerService.java
index 95fd335bc11c..d1e032ccc760 100644
--- a/services/core/java/com/android/server/accounts/AccountManagerService.java
+++ b/services/core/java/com/android/server/accounts/AccountManagerService.java
@@ -1155,6 +1155,10 @@ public class AccountManagerService
obsoleteAuthType.add(type);
// And delete it from the TABLE_META
accountsDb.deleteMetaByAuthTypeAndUid(type, uid);
+ } else if (knownUid != null && knownUid != uid) {
+ Slog.w(TAG, "authenticator no longer exist for type " + type);
+ obsoleteAuthType.add(type);
+ accountsDb.deleteMetaByAuthTypeAndUid(type, uid);
}
}
}

76
Patches/LineageOS-15.1/android_frameworks_base/408508.patch Normal file
View File

@ -0,0 +1,76 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Jean-Michel Trivi <jmtrivi@google.com>
Date: Mon, 24 Jun 2024 17:29:14 -0700
Subject: [PATCH] RingtoneManager: allow video ringtone URI
When checking the MIME type for the default ringtone, also
allow it to refer to video content.
Bug: 205837340
Test: see POC + atest android.media.audio.cts.RingtoneManagerTest
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:a8d2785d69314086dc3b5b2531386fefff079ce7)
Merged-In: Iac9f27f14bae29e0fabc31e05da2357f6f4f16c7
Change-Id: Iac9f27f14bae29e0fabc31e05da2357f6f4f16c7
---
media/java/android/media/RingtoneManager.java | 8 ++++++--
.../android/providers/settings/SettingsProvider.java | 11 +++++++----
2 files changed, 13 insertions(+), 6 deletions(-)
diff --git a/media/java/android/media/RingtoneManager.java b/media/java/android/media/RingtoneManager.java
index 38f6deb34f18..8662ebee734d 100644
--- a/media/java/android/media/RingtoneManager.java
+++ b/media/java/android/media/RingtoneManager.java
@@ -854,9 +854,13 @@ public class RingtoneManager {
+ " ignored: failure to find mimeType (no access from this context?)");
return;
}
- if (!(mimeType.startsWith("audio/") || mimeType.equals("application/ogg"))) {
+ if (!(mimeType.startsWith("audio/") || mimeType.equals("application/ogg")
+ || mimeType.equals("application/x-flac")
+ // also check for video ringtones
+ || mimeType.startsWith("video/") || mimeType.equals("application/mp4"))) {
Log.e(TAG, "setActualDefaultRingtoneUri for URI:" + ringtoneUri
- + " ignored: associated mimeType:" + mimeType + " is not an audio type");
+ + " ignored: associated MIME type:" + mimeType
+ + " is not a recognized audio or video type");
return;
}
}
diff --git a/packages/SettingsProvider/src/com/android/providers/settings/SettingsProvider.java b/packages/SettingsProvider/src/com/android/providers/settings/SettingsProvider.java
index a1c6c60a976d..e1a3508d8b25 100644
--- a/packages/SettingsProvider/src/com/android/providers/settings/SettingsProvider.java
+++ b/packages/SettingsProvider/src/com/android/providers/settings/SettingsProvider.java
@@ -1407,7 +1407,7 @@ public class SettingsProvider extends ContentProvider {
cacheName = Settings.System.ALARM_ALERT_CACHE;
}
if (cacheName != null) {
- if (!isValidAudioUri(name, value)) {
+ if (!isValidMediaUri(name, value)) {
return false;
}
final File cacheFile = new File(
@@ -1442,7 +1442,7 @@ public class SettingsProvider extends ContentProvider {
}
}
- private boolean isValidAudioUri(String name, String uri) {
+ private boolean isValidMediaUri(String name, String uri) {
if (uri != null) {
Uri audioUri = Uri.parse(uri);
if (Settings.AUTHORITY.equals(
@@ -1460,10 +1460,13 @@ public class SettingsProvider extends ContentProvider {
return false;
}
if (!(mimeType.startsWith("audio/") || mimeType.equals("application/ogg")
- || mimeType.equals("application/x-flac"))) {
+ || mimeType.equals("application/x-flac")
+ // also check for video ringtones
+ || mimeType.startsWith("video/") || mimeType.equals("application/mp4"))) {
Slog.e(LOG_TAG,
"mutateSystemSetting for setting: " + name + " URI: " + audioUri
- + " ignored: associated mimeType: " + mimeType + " is not an audio type");
+ + " ignored: associated MIME type: " + mimeType
+ + " is not a recognized audio or video type");
return false;
}
}

46
Patches/LineageOS-15.1/android_frameworks_base/408509.patch Normal file
View File

@ -0,0 +1,46 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: lpeter <lpeter@google.com>
Date: Tue, 6 Aug 2024 09:22:12 +0000
Subject: [PATCH] Disallow device admin package and protected packages to be
reinstalled as instant.
We should prevent the following types of apps from being reinstalled with
--install-existing as an instant.
(1)device admin package
(2)protected packages
Flag: EXEMPT bugfix
Bug: 341256043
Test: Manual test
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:77c5ebbd2a83e060577dd584aed7802452339ca5)
Merged-In: I4e913a12477fd4a64990033eaae533e30863e2a2
Change-Id: I4e913a12477fd4a64990033eaae533e30863e2a2
---
.../java/com/android/server/pm/PackageManagerService.java | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/services/core/java/com/android/server/pm/PackageManagerService.java b/services/core/java/com/android/server/pm/PackageManagerService.java
index e2f257e1fce0..743d469a3078 100644
--- a/services/core/java/com/android/server/pm/PackageManagerService.java
+++ b/services/core/java/com/android/server/pm/PackageManagerService.java
@@ -15422,6 +15422,9 @@ public class PackageManagerService extends IPackageManager.Stub
(installFlags & PackageManager.INSTALL_INSTANT_APP) != 0;
final boolean fullApp =
(installFlags & PackageManager.INSTALL_FULL_APP) != 0;
+ final boolean isPackageDeviceAdmin = isPackageDeviceAdmin(packageName, userId);
+ final boolean isProtectedPackage = mProtectedPackages != null
+ && mProtectedPackages.isPackageStateProtected(userId, packageName);
// writer
synchronized (mPackages) {
@@ -15429,7 +15432,8 @@ public class PackageManagerService extends IPackageManager.Stub
if (pkgSetting == null) {
return PackageManager.INSTALL_FAILED_INVALID_URI;
}
- if (instantApp && (pkgSetting.isSystem() || isUpdatedSystemApp(pkgSetting))) {
+ if (instantApp && (pkgSetting.isSystem() || isUpdatedSystemApp(pkgSetting)
+ || isPackageDeviceAdmin || isProtectedPackage)) {
return PackageManager.INSTALL_FAILED_INVALID_URI;
}
if (!canViewInstantApps(callingUid, UserHandle.getUserId(callingUid))) {

82
Patches/LineageOS-15.1/android_frameworks_base/408510.patch Normal file
View File

@ -0,0 +1,82 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Ben Murdoch <benm@google.com>
Date: Fri, 30 Aug 2024 17:22:59 +0000
Subject: [PATCH] Clear app-provided shortcut icons
When displaying keyboard shortcuts provided by an app, clear
any icon that may have been set (this is only possible via
reflection, and is not a intended for usage outside of the system).
Bug: 331180422
Test: Verify on device
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:a031e9f221cf87657c42d3ed0ddbe93fc6d7a9c3)
Merged-In: If7e291eb2254c3cbec23673c65e7477e6ad45b09
Change-Id: If7e291eb2254c3cbec23673c65e7477e6ad45b09
---
core/java/android/view/KeyboardShortcutInfo.java | 13 +++++++++++--
.../systemui/statusbar/KeyboardShortcuts.java | 9 +++++++++
2 files changed, 20 insertions(+), 2 deletions(-)
diff --git a/core/java/android/view/KeyboardShortcutInfo.java b/core/java/android/view/KeyboardShortcutInfo.java
index c934a4e31f98..136c19f3f11e 100644
--- a/core/java/android/view/KeyboardShortcutInfo.java
+++ b/core/java/android/view/KeyboardShortcutInfo.java
@@ -29,7 +29,7 @@ import android.os.Parcelable;
*/
public final class KeyboardShortcutInfo implements Parcelable {
private final CharSequence mLabel;
- private final Icon mIcon;
+ private Icon mIcon;
private final char mBaseCharacter;
private final int mKeycode;
private final int mModifiers;
@@ -115,6 +115,15 @@ public final class KeyboardShortcutInfo implements Parcelable {
return mIcon;
}
+ /**
+ * Removes an icon that was previously set.
+ *
+ * @hide
+ */
+ public void clearIcon() {
+ mIcon = null;
+ }
+
/**
* Returns the base keycode that, combined with the modifiers, triggers this shortcut. If the
* base character was set instead, returns {@link KeyEvent#KEYCODE_UNKNOWN}. Valid keycodes are
@@ -165,4 +174,4 @@ public final class KeyboardShortcutInfo implements Parcelable {
return new KeyboardShortcutInfo[size];
}
};
-}
\ No newline at end of file
+}
diff --git a/packages/SystemUI/src/com/android/systemui/statusbar/KeyboardShortcuts.java b/packages/SystemUI/src/com/android/systemui/statusbar/KeyboardShortcuts.java
index d370a6331ea1..58d55f1b78e2 100644
--- a/packages/SystemUI/src/com/android/systemui/statusbar/KeyboardShortcuts.java
+++ b/packages/SystemUI/src/com/android/systemui/statusbar/KeyboardShortcuts.java
@@ -376,6 +376,7 @@ public final class KeyboardShortcuts {
@Override
public void onKeyboardShortcutsReceived(
final List<KeyboardShortcutGroup> result) {
+ sanitiseShortcuts(result);
result.add(getSystemShortcuts());
final KeyboardShortcutGroup appShortcuts = getDefaultApplicationShortcuts();
if (appShortcuts != null) {
@@ -386,6 +387,14 @@ public final class KeyboardShortcuts {
}, deviceId);
}
+ static void sanitiseShortcuts(List<KeyboardShortcutGroup> shortcutGroups) {
+ for (KeyboardShortcutGroup group : shortcutGroups) {
+ for (KeyboardShortcutInfo info : group.getItems()) {
+ info.clearIcon();
+ }
+ }
+ }
+
private void dismissKeyboardShortcuts() {
if (mKeyboardShortcutsDialog != null) {
mKeyboardShortcutsDialog.dismiss();

33
Patches/LineageOS-15.1/android_packages_apps_Settings/408511.patch Normal file
View File

@ -0,0 +1,33 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Adam Bookatz <bookatz@google.com>
Date: Mon, 22 Jul 2024 17:03:12 -0700
Subject: [PATCH] startActivityForResult with new Intent
Rather than use the raw Intent, we make a copy of it. See bug.
Bug: 330722900
Flag: EXEMPT bugfix
Test: manual
Test: atest com.android.settings.users.UserSettingsTest
com.android.settings.users.UserDetailsSettingsTest
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:1189e24e47571eae86634aeaa7dc60b8fe7f4820)
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:fdb148b6efb16af018a39511001b48286f401512)
Merged-In: Id74e4b7ae261f2916eedaef04a679f83409a4b67
Change-Id: Id74e4b7ae261f2916eedaef04a679f83409a4b67
---
src/com/android/settings/users/AppRestrictionsFragment.java | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/com/android/settings/users/AppRestrictionsFragment.java b/src/com/android/settings/users/AppRestrictionsFragment.java
index bf0f3da8d00..201d23ceab3 100644
--- a/src/com/android/settings/users/AppRestrictionsFragment.java
+++ b/src/com/android/settings/users/AppRestrictionsFragment.java
@@ -648,7 +648,7 @@ public class AppRestrictionsFragment extends SettingsPreferenceFragment implemen
int requestCode = generateCustomActivityRequestCode(
RestrictionsResultReceiver.this.preference);
AppRestrictionsFragment.this.startActivityForResult(
- restrictionsIntent, requestCode);
+ new Intent(restrictionsIntent), requestCode);
}
}
}

11
Scripts/LineageOS-15.1/Patch.sh
View File

@ -76,7 +76,7 @@ applyPatch "$DOS_PATCHES/android_build/0002-Enable_fwrapv.patch"; #Use -fwrapv a
applyPatch "$DOS_PATCHES/android_build/0003-verity-openssl3.patch"; #Fix VB 1.0 failure due to openssl output format change
sed -i '57i$(my_res_package): PRIVATE_AAPT_FLAGS += --auto-add-overlay' core/aapt2.mk; #Enable auto-add-overlay for packages, this allows the vendor overlay to easily work across all branches.
awk -i inplace '!/Email/' target/product/core.mk; #Remove Email
sed -i 's/2021-10-05/2024-10-05/' core/version_defaults.mk; #Bump Security String #XXX
sed -i 's/2021-10-05/2024-11-05/' core/version_defaults.mk; #Bump Security String #XXX
fi;
if enterAndClear "build/soong"; then
@ -154,6 +154,10 @@ if enterAndClear "external/libxml2"; then
applyPatch "$DOS_PATCHES/android_external_libxml2/368053.patch"; #R_asb_2023-10 malloc-fail: Fix OOB read after xmlRegGetCounter
fi;
if enterAndClear "external/skia"; then
applyPatch "$DOS_PATCHES/android_external_skia/408506.patch"; #P_asb_2024-11 Avoid potential overflow when allocating 3D mask from emboss filter
fi;
if enterAndClear "external/sonivox"; then
applyPatch "$DOS_PATCHES_COMMON/android_external_sonivox/391896.patch"; #n-asb-2024-05 Fix buffer overrun in eas_wtengine
fi;
@ -279,6 +283,10 @@ applyPatch "$DOS_PATCHES/android_frameworks_base/399770.patch"; #P_asb_2024-08 H
applyPatch "$DOS_PATCHES/android_frameworks_base/401373-backport.patch"; #S_asb_2024-09 Sanitized uri scheme by removing scheme delimiter
applyPatch "$DOS_PATCHES/android_frameworks_base/405829-backport.patch"; #P_asb_2024-10 Update AccountManagerService checkKeyIntent.
applyPatch "$DOS_PATCHES/android_frameworks_base/405830.patch"; #P_asb_2024-10 Fail parseUri if end is missing
applyPatch "$DOS_PATCHES/android_frameworks_base/408507.patch"; #P_asb_2024-11 Remove authenticator data if it was disabled.
applyPatch "$DOS_PATCHES/android_frameworks_base/408508.patch"; #P_asb_2024-11 RingtoneManager: allow video ringtone URI
applyPatch "$DOS_PATCHES/android_frameworks_base/408509.patch"; #P_asb_2024-11 Disallow device admin package and protected packages to be reinstalled as instant.
applyPatch "$DOS_PATCHES/android_frameworks_base/408510.patch"; #P_asb_2024-11 Clear app-provided shortcut icons
applyPatch "$DOS_PATCHES_COMMON/android_frameworks_base/0001-Browser_No_Location.patch"; #Don't grant location permission to system browsers (GrapheneOS)
applyPatch "$DOS_PATCHES_COMMON/android_frameworks_base/0003-SUPL_No_IMSI.patch"; #Don't send IMSI to SUPL (MSe1969)
applyPatch "$DOS_PATCHES_COMMON/android_frameworks_base/0004-Fingerprint_Lockout.patch"; #Enable fingerprint lockout after five failed attempts (GrapheneOS)
@ -435,6 +443,7 @@ applyPatch "$DOS_PATCHES/android_packages_apps_Settings/367639-backport.patch";
applyPatch "$DOS_PATCHES/android_packages_apps_Settings/401375-backport.patch"; #S_asb_2024-09 Limit wifi item edit content's max length to 500
applyPatch "$DOS_PATCHES/android_packages_apps_Settings/401377-backport.patch"; #S_asb_2024-09 Ignore fragment attr from ext authenticator resource
applyPatch "$DOS_PATCHES/android_packages_apps_Settings/405832-backport.patch"; #P_asb_2024-10 FRP bypass defense in App battery usage page
applyPatch "$DOS_PATCHES/android_packages_apps_Settings/408511.patch"; #P_asb_2024-11 startActivityForResult with new Intent
git revert --no-edit a96df110e84123fe1273bff54feca3b4ca484dcd; #Don't hide OEM unlock
applyPatch "$DOS_PATCHES/android_packages_apps_Settings/0001-Captive_Portal_Toggle.patch"; #Add option to disable captive portal checks (MSe1969)
if [ "$DOS_SENSORS_PERM" = true ]; then