- 20.0: pick fixes for the deny usb toggle
- 20.0: pull in a patch from GrapheneOS removing a package list leak

Signed-off-by: Tad <tad@spotco.us>
This commit is contained in:
Tad 2022-11-07 19:18:13 -05:00
parent ac3dc319c7
commit 807a08210a
No known key found for this signature in database
GPG Key ID: B286E9F57A07424B
6 changed files with 63 additions and 4 deletions

View File

@ -59,6 +59,9 @@ nojit
9 https://github.com/GrapheneOS/platform_build/commit/5b9927197e63593b9220d1a9280021252ef205e9
9 https://github.com/GrapheneOS/platform_build/commit/e36c7aefaa78a1ed5b94c7f51d29277008eea232
[implemented] package leak
13 https://github.com/GrapheneOS/platform_frameworks_base/commit/28761ffa183eb719dc991a3ce9afa422fb43c16e
[implemented] auto-var-init
10 https://github.com/GrapheneOS/platform_build_soong/commit/e1b0c965952c47663d4266293b5d0e3f95121260
10 https://github.com/GrapheneOS-Archive/platform_prebuilts_abi-dumps_vndk/commit/f2bd5eaae6a72a07c6be92cbaf2f9defa30fcf38

View File

@ -0,0 +1,52 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Dmitry Muhomor <muhomor.dmitry@gmail.com>
Date: Sat, 5 Nov 2022 12:54:52 +0200
Subject: [PATCH] don't leak device-wide package list to apps when work profile
is present
If the primary user had a work profile, then apps installed in primary user could see packages that
were installed only in secondary user(s). They couldn't see which secondary user had which apps,
only presence of such packages was revealed.
This special handling of MATCH_UNINSTALLED_PACKAGES flag was added in October 2016 for compatibility
with legacy launchers. It is not needed anymore, at least for popular third party launchers.
Note that apps in owner user can still see apps in work profile of owner user, it's part of a public
API. Also, apps that are not installed in primary user are visible in Settings -> Apps, with
"Not installed for this user" subtitle.
See commit 0d1fd8d09163566d2c7eb72037f63b6404ada642 and issue report
https://github.com/GrapheneOS/os-issue-tracker/issues/1634 for more details.
---
.../java/com/android/server/pm/ComputerEngine.java | 12 ------------
1 file changed, 12 deletions(-)
diff --git a/services/core/java/com/android/server/pm/ComputerEngine.java b/services/core/java/com/android/server/pm/ComputerEngine.java
index 259ca655d2b9..1845d7b1cbcf 100644
--- a/services/core/java/com/android/server/pm/ComputerEngine.java
+++ b/services/core/java/com/android/server/pm/ComputerEngine.java
@@ -2845,24 +2845,12 @@ public class ComputerEngine implements Computer {
* Update given flags when being used to request {@link PackageInfo}.
*/
public final long updateFlagsForPackage(long flags, int userId) {
- final boolean isCallerSystemUser = UserHandle.getCallingUserId()
- == UserHandle.USER_SYSTEM;
if ((flags & PackageManager.MATCH_ANY_USER) != 0) {
// require the permission to be held; the calling uid and given user id referring
// to the same user is not sufficient
enforceCrossUserPermission(Binder.getCallingUid(), userId, false, false,
!isRecentsAccessingChildProfiles(Binder.getCallingUid(), userId),
"MATCH_ANY_USER flag requires INTERACT_ACROSS_USERS permission");
- } else if ((flags & PackageManager.MATCH_UNINSTALLED_PACKAGES) != 0
- && isCallerSystemUser
- && mUserManager.hasProfile(UserHandle.USER_SYSTEM)) {
- // If the caller wants all packages and has a profile associated with it,
- // then match all users. This is to make sure that launchers that need to access
- //work
- // profile apps don't start breaking. TODO: Remove this hack when launchers stop
- //using
- // MATCH_UNINSTALLED_PACKAGES to query apps in other profiles. b/31000380
- flags |= PackageManager.MATCH_ANY_USER;
}
return updateFlags(flags, userId);
}

@ -1 +1 @@
Subproject commit 073a081f055e3ef0e5a9153417b3bf0fd35d7105
Subproject commit f754766d7c1715518507f5502462a0197a01a2ab

View File

@ -102,9 +102,9 @@ patchWorkspace() {
gpgVerifyGitTag "$DOS_BUILD_BASE/external/SecureCamera";
gpgVerifyGitHead "$DOS_BUILD_BASE/external/chromium-webview";
#source build/envsetup.sh;
#repopick -i 343790; #usb: have enableUsbDataSignal() call queryPortStatus() if successful
#repopick -i 343791; #UsbManager: enableUsbDataSignal: return early if HAL version is too old
source build/envsetup.sh;
repopick -i 343790; #usb: have enableUsbDataSignal() call queryPortStatus() if successful
repopick -i 343791; #UsbManager: enableUsbDataSignal: return early if HAL version is too old
sh "$DOS_SCRIPTS/Patch.sh";
sh "$DOS_SCRIPTS_COMMON/Enable_Verity.sh";

View File

@ -176,6 +176,7 @@ applyPatch "$DOS_PATCHES/android_frameworks_base/0023-Skip_Screen_Animation.patc
#applyPatch "$DOS_PATCHES/android_frameworks_base/0025-Monet_Toggle.patch"; #Make monet based theming user configurable (GrapheneOS)
applyPatch "$DOS_PATCHES/android_frameworks_base/0026-Crash_Details.patch"; #Add an option to show the details of an application error to the user (GrapheneOS)
applyPatch "$DOS_PATCHES/android_frameworks_base/0027-Installer_Glitch.patch"; #Make sure PackageInstaller UI returns a result (GrapheneOS)
applyPatch "$DOS_PATCHES/android_frameworks_base/0028-Remove_Legacy_Package_Query.patch"; #Don't leak device-wide package list to apps when work profile is present (GrapheneOS)
hardenLocationConf services/core/java/com/android/server/location/gnss/gps_debug.conf; #Harden the default GPS config
changeDefaultDNS; #Change the default DNS servers
sed -i 's/DEFAULT_USE_COMPACTION = false;/DEFAULT_USE_COMPACTION = true;/' services/core/java/com/android/server/am/CachedAppOptimizer.java; #Enable app compaction by default (GrapheneOS)

View File

@ -31,3 +31,6 @@ chmod -v 700 Patches/Linux/*.sh;
#PrebuiltApps has its own fix_permissions.sh
#Patches/Wallpapers has its own fix_permissions.sh
setStrict Scripts;
setRelaxed Repos/firmware;
setRelaxed Repos/firmware-empty;
setRelaxed Repos/firmware-19.1;