Extra patch for 17.1

Signed-off-by: Tavi <tavi@divested.dev>
2025-01-12 07:59:36 -05:00 · 2024-05-07 06:05:28 -04:00 · 2024-05-07 06:05:28 -04:00 · 83b8410de8
commit 83b8410de8
parent 321de1adbc
2 changed files with 108 additions and 1 deletions
--- a/Patches/LineageOS-17.1/android_frameworks_base/389269-backport.patch
+++ b/Patches/LineageOS-17.1/android_frameworks_base/389269-backport.patch
@ -0,0 +1,107 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Beverly <beverlyt@google.com>
+Date: Thu, 18 Jan 2024 20:13:52 +0000
+Subject: [PATCH] isUserInLockDown can be true when there are other strong auth
+ requirements
+
+Bug: 315206668
+Bug: 218495634
+Flag: None
+Test: manual, atest LockPatternUtilsTest
+(cherry picked from commit d341f1ecdb011d24b17358f115391b3f997cb179)
+(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:ba8dfc68aada76127abafdb17d0f0896cc14447a)
+Merged-In: I5e979a7822dd7254b4579ab28ecf96df1db44179
+Change-Id: I5e979a7822dd7254b4579ab28ecf96df1db44179
+---
+ .../internal/widget/LockPatternUtils.java     |  4 +--
+ .../internal/util/LockPatternUtilsTest.java   | 33 ++++++++++++++++---
+ 2 files changed, 30 insertions(+), 7 deletions(-)
+
+diff --git a/core/java/com/android/internal/widget/LockPatternUtils.java b/core/java/com/android/internal/widget/LockPatternUtils.java
+index 1f49cab98972..2857324d524c 100644
+--- a/core/java/com/android/internal/widget/LockPatternUtils.java
+++ b/core/java/com/android/internal/widget/LockPatternUtils.java
+@@ -1794,8 +1794,8 @@ public class LockPatternUtils {
+     }
+ 
+     public boolean isUserInLockdown(int userId) {
+-        return getStrongAuthForUser(userId)
+-                == StrongAuthTracker.STRONG_AUTH_REQUIRED_AFTER_USER_LOCKDOWN;
+        return (getStrongAuthForUser(userId)
+                & StrongAuthTracker.STRONG_AUTH_REQUIRED_AFTER_USER_LOCKDOWN) != 0;
+     }
+ 
+     private ICheckCredentialProgressCallback wrapCallback(
+diff --git a/core/tests/utiltests/src/com/android/internal/util/LockPatternUtilsTest.java b/core/tests/utiltests/src/com/android/internal/util/LockPatternUtilsTest.java
+index 9913531cdf13..517160e74ade 100644
+--- a/core/tests/utiltests/src/com/android/internal/util/LockPatternUtilsTest.java
+++ b/core/tests/utiltests/src/com/android/internal/util/LockPatternUtilsTest.java
+@@ -18,6 +18,8 @@ package com.android.internal.util;
+ 
+ import static android.app.admin.DevicePolicyManager.PASSWORD_QUALITY_MANAGED;
+ import static android.app.admin.DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED;
+import static com.android.internal.widget.LockPatternUtils.StrongAuthTracker.STRONG_AUTH_NOT_REQUIRED;
+import static com.android.internal.widget.LockPatternUtils.StrongAuthTracker.STRONG_AUTH_REQUIRED_AFTER_USER_LOCKDOWN;
+ 
+ import static org.junit.Assert.assertFalse;
+ import static org.junit.Assert.assertTrue;
+@@ -48,12 +50,15 @@ import org.mockito.Mockito;
+ @SmallTest
+ public class LockPatternUtilsTest {
+ 
+    private ILockSettings mLockSettings;
+    private static final int USER_ID = 1;
+     private static final int DEMO_USER_ID = 5;
+ 
+     private LockPatternUtils mLockPatternUtils;
+ 
+     private void configureTest(boolean isSecure, boolean isDemoUser, int deviceDemoMode)
+             throws Exception {
+        mLockSettings = Mockito.mock(ILockSettings.class);
+         final Context context = spy(new ContextWrapper(InstrumentationRegistry.getTargetContext()));
+ 
+         final MockContentResolver cr = new MockContentResolver(context);
+@@ -61,13 +66,12 @@ public class LockPatternUtilsTest {
+         when(context.getContentResolver()).thenReturn(cr);
+         Settings.Global.putInt(cr, Settings.Global.DEVICE_DEMO_MODE, deviceDemoMode);
+ 
+-        final ILockSettings ils = Mockito.mock(ILockSettings.class);
+-        when(ils.havePassword(DEMO_USER_ID)).thenReturn(isSecure);
+-        when(ils.getLong("lockscreen.password_type", PASSWORD_QUALITY_UNSPECIFIED, DEMO_USER_ID))
+-                .thenReturn((long) PASSWORD_QUALITY_MANAGED);
+        when(mLockSettings.getCredentialType(DEMO_USER_ID)).thenReturn(isSecure);
+        when(mLockSettings.getLong("lockscreen.password_type", PASSWORD_QUALITY_UNSPECIFIED,
+                DEMO_USER_ID)).thenReturn((long) PASSWORD_QUALITY_MANAGED);
+         // TODO(b/63758238): stop spying the class under test
+         mLockPatternUtils = spy(new LockPatternUtils(context));
+-        when(mLockPatternUtils.getLockSettings()).thenReturn(ils);
+        when(mLockPatternUtils.getLockSettings()).thenReturn(mLockSettings);
+         doReturn(true).when(mLockPatternUtils).hasSecureLockScreen();
+ 
+         final UserInfo userInfo = Mockito.mock(UserInfo.class);
+@@ -77,6 +81,25 @@ public class LockPatternUtilsTest {
+         when(context.getSystemService(Context.USER_SERVICE)).thenReturn(um);
+     }
+ 
+    @Test
+    public void isUserInLockDown() throws Exception {
+        configureTest(true, false, 2);
+        // GIVEN strong auth not required
+        when(mLockSettings.getStrongAuthForUser(USER_ID)).thenReturn(STRONG_AUTH_NOT_REQUIRED);
+        // THEN user isn't in lockdown
+        assertFalse(mLockPatternUtils.isUserInLockdown(USER_ID));
+        // GIVEN lockdown
+        when(mLockSettings.getStrongAuthForUser(USER_ID)).thenReturn(
+                STRONG_AUTH_REQUIRED_AFTER_USER_LOCKDOWN);
+        // THEN user is in lockdown
+        assertTrue(mLockPatternUtils.isUserInLockdown(USER_ID));
+        // GIVEN lockdown and lockout
+        when(mLockSettings.getStrongAuthForUser(USER_ID)).thenReturn(
+                STRONG_AUTH_REQUIRED_AFTER_USER_LOCKDOWN | STRONG_AUTH_REQUIRED_AFTER_LOCKOUT);
+        // THEN user is in lockdown
+        assertTrue(mLockPatternUtils.isUserInLockdown(USER_ID));
+    }
+
+     @Test
+     public void isLockScreenDisabled_isDemoUser_true() throws Exception {
+         configureTest(false, true, 2);
--- a/Scripts/LineageOS-17.1/Patch.sh
+++ b/Scripts/LineageOS-17.1/Patch.sh
@ -186,7 +186,7 @@ applyPatch "$DOS_PATCHES/android_frameworks_base/385672.patch"; #P_asb_2024-03 R
 applyPatch "$DOS_PATCHES/android_frameworks_base/385538.patch"; #R_asb_2024-03 Disallow system apps to be installed/updated as instant.
 applyPatch "$DOS_PATCHES/android_frameworks_base/385539.patch"; #R_asb_2024-03 Close AccountManagerService.session after timeout.
 applyPatch "$DOS_PATCHES/android_frameworks_base/389014-backport.patch"; #S_asb_2024-04 Fix security vulnerability that creates user with no restrictions when accountOptions are too long.
-#TODO: https://review.lineageos.org/c/LineageOS/android_frameworks_base/+/389269
+applyPatch "$DOS_PATCHES/android_frameworks_base/389269-backport.patch"; #P_asb_2024-04 Close isUserInLockDown can be true when there are other strong auth requirements
 #applyPatch "$DOS_PATCHES/android_frameworks_base/272645.patch"; #ten-bt-sbc-hd-dualchannel: Add CHANNEL_MODE_DUAL_CHANNEL constant (ValdikSS)
 #applyPatch "$DOS_PATCHES/android_frameworks_base/272646-forwardport.patch"; #ten-bt-sbc-hd-dualchannel: Add Dual Channel into Bluetooth Audio Channel Mode developer options menu (ValdikSS)
 #applyPatch "$DOS_PATCHES/android_frameworks_base/272647.patch"; #ten-bt-sbc-hd-dualchannel: Allow SBC as HD audio codec in Bluetooth device configuration (ValdikSS)