mirror of
https://github.com/Divested-Mobile/DivestOS-Build.git
synced 2024-12-25 07:29:24 -05:00
15.1+16.0 June ASB work
Signed-off-by: Tad <tad@spotco.us>
This commit is contained in:
parent
ab52996e4f
commit
8c7f3daa00
75
Patches/LineageOS-15.1/android_frameworks_av/358729.patch
Normal file
75
Patches/LineageOS-15.1/android_frameworks_av/358729.patch
Normal file
@ -0,0 +1,75 @@
|
|||||||
|
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Ray Essick <essick@google.com>
|
||||||
|
Date: Mon, 27 Mar 2023 18:16:46 -0500
|
||||||
|
Subject: [PATCH] Fix NuMediaExtractor::readSampleData buffer Handling
|
||||||
|
|
||||||
|
readSampleData() did not initialize buffer before filling it,
|
||||||
|
leading to OOB memory references. Correct and clarify the book
|
||||||
|
keeping around output buffer management.
|
||||||
|
|
||||||
|
Bug: 275418191
|
||||||
|
Test: CtsMediaExtractorTestCases w/debug messages
|
||||||
|
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:943fc12219b21d2a98f0ddc070b9b316a6f5d412)
|
||||||
|
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:84c69bca81175feb2fd97ebb22e432ee41572786)
|
||||||
|
Merged-In: Ie744f118526f100d82a312c64f7c6fcf20773b6d
|
||||||
|
Change-Id: Ie744f118526f100d82a312c64f7c6fcf20773b6d
|
||||||
|
---
|
||||||
|
media/libstagefright/NuMediaExtractor.cpp | 14 +++++++++-----
|
||||||
|
1 file changed, 9 insertions(+), 5 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/media/libstagefright/NuMediaExtractor.cpp b/media/libstagefright/NuMediaExtractor.cpp
|
||||||
|
index 640cb82282..1fad9301da 100644
|
||||||
|
--- a/media/libstagefright/NuMediaExtractor.cpp
|
||||||
|
+++ b/media/libstagefright/NuMediaExtractor.cpp
|
||||||
|
@@ -484,9 +484,11 @@ status_t NuMediaExtractor::appendVorbisNumPageSamples(TrackInfo *info, const sp<
|
||||||
|
numPageSamples = -1;
|
||||||
|
}
|
||||||
|
|
||||||
|
+ // insert, including accounting for the space used.
|
||||||
|
memcpy((uint8_t *)buffer->data() + info->mSample->range_length(),
|
||||||
|
&numPageSamples,
|
||||||
|
sizeof(numPageSamples));
|
||||||
|
+ buffer->setRange(buffer->offset(), buffer->size() + sizeof(numPageSamples));
|
||||||
|
|
||||||
|
uint32_t type;
|
||||||
|
const void *data;
|
||||||
|
@@ -535,6 +537,8 @@ status_t NuMediaExtractor::readSampleData(const sp<ABuffer> &buffer) {
|
||||||
|
|
||||||
|
ssize_t minIndex = fetchTrackSamples();
|
||||||
|
|
||||||
|
+ buffer->setRange(0, 0); // start with an empty buffer
|
||||||
|
+
|
||||||
|
if (minIndex < 0) {
|
||||||
|
return ERROR_END_OF_STREAM;
|
||||||
|
}
|
||||||
|
@@ -549,25 +553,25 @@ status_t NuMediaExtractor::readSampleData(const sp<ABuffer> &buffer) {
|
||||||
|
sampleSize += sizeof(int32_t);
|
||||||
|
}
|
||||||
|
|
||||||
|
+ // capacity() is ok since we cleared out the buffer
|
||||||
|
if (buffer->capacity() < sampleSize) {
|
||||||
|
return -ENOMEM;
|
||||||
|
}
|
||||||
|
|
||||||
|
+ const size_t srclen = info->mSample->range_length();
|
||||||
|
const uint8_t *src =
|
||||||
|
(const uint8_t *)info->mSample->data()
|
||||||
|
+ info->mSample->range_offset();
|
||||||
|
|
||||||
|
- memcpy((uint8_t *)buffer->data(), src, info->mSample->range_length());
|
||||||
|
+ memcpy((uint8_t *)buffer->data(), src, srclen);
|
||||||
|
+ buffer->setRange(0, srclen);
|
||||||
|
|
||||||
|
status_t err = OK;
|
||||||
|
if (info->mTrackFlags & kIsVorbis) {
|
||||||
|
+ // adjusts range when it inserts the extra bits
|
||||||
|
err = appendVorbisNumPageSamples(info, buffer);
|
||||||
|
}
|
||||||
|
|
||||||
|
- if (err == OK) {
|
||||||
|
- buffer->setRange(0, sampleSize);
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
return err;
|
||||||
|
}
|
||||||
|
|
@ -0,0 +1,167 @@
|
|||||||
|
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Brian Lee <brnlee@google.com>
|
||||||
|
Date: Fri, 17 Feb 2023 16:05:17 -0800
|
||||||
|
Subject: [PATCH] Check key intent for selectors and prohibited flags
|
||||||
|
|
||||||
|
Bug: 265015796
|
||||||
|
Test: atest
|
||||||
|
FrameworksServicesTests: com.android.server.accounts.AccountManagerServiceTest
|
||||||
|
(cherry picked from commit e53a96304352e2965176c8d32ac1b504e52ef185)
|
||||||
|
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:92114886bdce8467c52c655c186f3e7ab1e134d8)
|
||||||
|
Merged-In: Ie16f8654337bd75eaad3156817470674b4f0cee3
|
||||||
|
Change-Id: Ie16f8654337bd75eaad3156817470674b4f0cee3
|
||||||
|
---
|
||||||
|
.../accounts/AccountManagerService.java | 18 +++++++---
|
||||||
|
.../accounts/AccountManagerServiceTest.java | 36 +++++++++++++++++++
|
||||||
|
.../AccountManagerServiceTestFixtures.java | 5 ++-
|
||||||
|
.../TestAccountType1Authenticator.java | 5 +--
|
||||||
|
4 files changed, 54 insertions(+), 10 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/services/core/java/com/android/server/accounts/AccountManagerService.java b/services/core/java/com/android/server/accounts/AccountManagerService.java
|
||||||
|
index ee56b9e3ad9b..39bb08e82b81 100644
|
||||||
|
--- a/services/core/java/com/android/server/accounts/AccountManagerService.java
|
||||||
|
+++ b/services/core/java/com/android/server/accounts/AccountManagerService.java
|
||||||
|
@@ -4765,10 +4765,6 @@ public class AccountManagerService
|
||||||
|
if (intent.getClipData() == null) {
|
||||||
|
intent.setClipData(ClipData.newPlainText(null, null));
|
||||||
|
}
|
||||||
|
- intent.setFlags(intent.getFlags() & ~(Intent.FLAG_GRANT_READ_URI_PERMISSION
|
||||||
|
- | Intent.FLAG_GRANT_WRITE_URI_PERMISSION
|
||||||
|
- | Intent.FLAG_GRANT_PERSISTABLE_URI_PERMISSION
|
||||||
|
- | Intent.FLAG_GRANT_PREFIX_URI_PERMISSION));
|
||||||
|
long bid = Binder.clearCallingIdentity();
|
||||||
|
try {
|
||||||
|
PackageManager pm = mContext.getPackageManager();
|
||||||
|
@@ -4813,7 +4809,19 @@ public class AccountManagerService
|
||||||
|
if (intent == null) {
|
||||||
|
return (simulateIntent == null);
|
||||||
|
}
|
||||||
|
- return intent.filterEquals(simulateIntent);
|
||||||
|
+ if (!intent.filterEquals(simulateIntent)) {
|
||||||
|
+ return false;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if (intent.getSelector() != simulateIntent.getSelector()) {
|
||||||
|
+ return false;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ int prohibitedFlags = Intent.FLAG_GRANT_READ_URI_PERMISSION
|
||||||
|
+ | Intent.FLAG_GRANT_WRITE_URI_PERMISSION
|
||||||
|
+ | Intent.FLAG_GRANT_PERSISTABLE_URI_PERMISSION
|
||||||
|
+ | Intent.FLAG_GRANT_PREFIX_URI_PERMISSION;
|
||||||
|
+ return (simulateIntent.getFlags() & prohibitedFlags) == 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
private boolean isExportedSystemActivity(ActivityInfo activityInfo) {
|
||||||
|
diff --git a/services/tests/servicestests/src/com/android/server/accounts/AccountManagerServiceTest.java b/services/tests/servicestests/src/com/android/server/accounts/AccountManagerServiceTest.java
|
||||||
|
index 68696344220b..b8adbdfaa1bb 100644
|
||||||
|
--- a/services/tests/servicestests/src/com/android/server/accounts/AccountManagerServiceTest.java
|
||||||
|
+++ b/services/tests/servicestests/src/com/android/server/accounts/AccountManagerServiceTest.java
|
||||||
|
@@ -17,6 +17,7 @@
|
||||||
|
package com.android.server.accounts;
|
||||||
|
|
||||||
|
import static android.database.sqlite.SQLiteDatabase.deleteDatabase;
|
||||||
|
+import static org.mockito.ArgumentMatchers.contains;
|
||||||
|
import static org.mockito.Matchers.any;
|
||||||
|
import static org.mockito.Matchers.anyBoolean;
|
||||||
|
import static org.mockito.Matchers.anyInt;
|
||||||
|
@@ -681,6 +682,41 @@ public class AccountManagerServiceTest extends AndroidTestCase {
|
||||||
|
assertNotNull(intent.getParcelableExtra(AccountManagerServiceTestFixtures.KEY_CALLBACK));
|
||||||
|
}
|
||||||
|
|
||||||
|
+ @SmallTest
|
||||||
|
+ public void testStartAddAccountSessionWhereAuthenticatorReturnsIntentWithProhibitedFlags()
|
||||||
|
+ throws Exception {
|
||||||
|
+ unlockSystemUser();
|
||||||
|
+ ResolveInfo resolveInfo = new ResolveInfo();
|
||||||
|
+ resolveInfo.activityInfo = new ActivityInfo();
|
||||||
|
+ resolveInfo.activityInfo.applicationInfo = new ApplicationInfo();
|
||||||
|
+ when(mMockPackageManager.resolveActivityAsUser(
|
||||||
|
+ any(Intent.class), anyInt(), anyInt())).thenReturn(resolveInfo);
|
||||||
|
+ when(mMockPackageManager.checkSignatures(
|
||||||
|
+ anyInt(), anyInt())).thenReturn(PackageManager.SIGNATURE_MATCH);
|
||||||
|
+
|
||||||
|
+ final CountDownLatch latch = new CountDownLatch(1);
|
||||||
|
+ Response response = new Response(latch, mMockAccountManagerResponse);
|
||||||
|
+ Bundle options = createOptionsWithAccountName(
|
||||||
|
+ AccountManagerServiceTestFixtures.ACCOUNT_NAME_INTERVENE);
|
||||||
|
+ int prohibitedFlags = Intent.FLAG_GRANT_READ_URI_PERMISSION
|
||||||
|
+ | Intent.FLAG_GRANT_WRITE_URI_PERMISSION
|
||||||
|
+ | Intent.FLAG_GRANT_PERSISTABLE_URI_PERMISSION
|
||||||
|
+ | Intent.FLAG_GRANT_PREFIX_URI_PERMISSION;
|
||||||
|
+ options.putInt(AccountManagerServiceTestFixtures.KEY_INTENT_FLAGS, prohibitedFlags);
|
||||||
|
+
|
||||||
|
+ mAms.startAddAccountSession(
|
||||||
|
+ response, // response
|
||||||
|
+ AccountManagerServiceTestFixtures.ACCOUNT_TYPE_1, // accountType
|
||||||
|
+ "authTokenType",
|
||||||
|
+ null, // requiredFeatures
|
||||||
|
+ true, // expectActivityLaunch
|
||||||
|
+ options); // optionsIn
|
||||||
|
+ waitForLatch(latch);
|
||||||
|
+
|
||||||
|
+ verify(mMockAccountManagerResponse).onError(
|
||||||
|
+ eq(AccountManager.ERROR_CODE_INVALID_RESPONSE), contains("invalid intent"));
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
@SmallTest
|
||||||
|
public void testStartAddAccountSessionError() throws Exception {
|
||||||
|
unlockSystemUser();
|
||||||
|
diff --git a/services/tests/servicestests/src/com/android/server/accounts/AccountManagerServiceTestFixtures.java b/services/tests/servicestests/src/com/android/server/accounts/AccountManagerServiceTestFixtures.java
|
||||||
|
index 73f30d9f9e79..b98a6a891d55 100644
|
||||||
|
--- a/services/tests/servicestests/src/com/android/server/accounts/AccountManagerServiceTestFixtures.java
|
||||||
|
+++ b/services/tests/servicestests/src/com/android/server/accounts/AccountManagerServiceTestFixtures.java
|
||||||
|
@@ -17,9 +17,6 @@ package com.android.server.accounts;
|
||||||
|
|
||||||
|
import android.accounts.Account;
|
||||||
|
|
||||||
|
-import java.util.ArrayList;
|
||||||
|
-import java.util.List;
|
||||||
|
-
|
||||||
|
/**
|
||||||
|
* Constants shared between test AccountAuthenticators and AccountManagerServiceTest.
|
||||||
|
*/
|
||||||
|
@@ -31,6 +28,8 @@ public final class AccountManagerServiceTestFixtures {
|
||||||
|
"account_manager_service_test:account_status_token_key";
|
||||||
|
public static final String KEY_ACCOUNT_PASSWORD =
|
||||||
|
"account_manager_service_test:account_password_key";
|
||||||
|
+ public static final String KEY_INTENT_FLAGS =
|
||||||
|
+ "account_manager_service_test:intent_flags_key";
|
||||||
|
public static final String KEY_OPTIONS_BUNDLE =
|
||||||
|
"account_manager_service_test:option_bundle_key";
|
||||||
|
public static final String ACCOUNT_NAME_SUCCESS = "success_on_return@fixture.com";
|
||||||
|
diff --git a/services/tests/servicestests/src/com/android/server/accounts/TestAccountType1Authenticator.java b/services/tests/servicestests/src/com/android/server/accounts/TestAccountType1Authenticator.java
|
||||||
|
index 8106364477d9..924443e9d5cf 100644
|
||||||
|
--- a/services/tests/servicestests/src/com/android/server/accounts/TestAccountType1Authenticator.java
|
||||||
|
+++ b/services/tests/servicestests/src/com/android/server/accounts/TestAccountType1Authenticator.java
|
||||||
|
@@ -24,8 +24,6 @@ import android.content.Context;
|
||||||
|
import android.content.Intent;
|
||||||
|
import android.os.Bundle;
|
||||||
|
|
||||||
|
-import com.android.frameworks.servicestests.R;
|
||||||
|
-
|
||||||
|
import java.util.concurrent.atomic.AtomicInteger;
|
||||||
|
|
||||||
|
/**
|
||||||
|
@@ -270,11 +268,13 @@ public class TestAccountType1Authenticator extends AbstractAccountAuthenticator
|
||||||
|
String accountName = null;
|
||||||
|
Bundle sessionBundle = null;
|
||||||
|
String password = null;
|
||||||
|
+ int intentFlags = 0;
|
||||||
|
if (options != null) {
|
||||||
|
accountName = options.getString(AccountManagerServiceTestFixtures.KEY_ACCOUNT_NAME);
|
||||||
|
sessionBundle = options.getBundle(
|
||||||
|
AccountManagerServiceTestFixtures.KEY_ACCOUNT_SESSION_BUNDLE);
|
||||||
|
password = options.getString(AccountManagerServiceTestFixtures.KEY_ACCOUNT_PASSWORD);
|
||||||
|
+ intentFlags = options.getInt(AccountManagerServiceTestFixtures.KEY_INTENT_FLAGS, 0);
|
||||||
|
}
|
||||||
|
|
||||||
|
Bundle result = new Bundle();
|
||||||
|
@@ -302,6 +302,7 @@ public class TestAccountType1Authenticator extends AbstractAccountAuthenticator
|
||||||
|
intent.putExtra(AccountManagerServiceTestFixtures.KEY_RESULT,
|
||||||
|
eventualActivityResultData);
|
||||||
|
intent.putExtra(AccountManagerServiceTestFixtures.KEY_CALLBACK, response);
|
||||||
|
+ intent.setFlags(intentFlags);
|
||||||
|
|
||||||
|
result.putParcelable(AccountManager.KEY_INTENT, intent);
|
||||||
|
} else {
|
@ -0,0 +1,79 @@
|
|||||||
|
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Kweku Adams <kwekua@google.com>
|
||||||
|
Date: Wed, 21 Sep 2022 22:13:01 +0000
|
||||||
|
Subject: [PATCH] Handle invalid data during job loading.
|
||||||
|
|
||||||
|
Catch exceptions that may be thrown if invalid data ended up in the
|
||||||
|
persisted job file.
|
||||||
|
|
||||||
|
Bug: 246541702
|
||||||
|
Bug: 246542132
|
||||||
|
Bug: 246542285
|
||||||
|
Bug: 246542330
|
||||||
|
Test: install test app with invalid job config, start app to schedule job, then reboot device
|
||||||
|
(cherry picked from commit c98fb42b480b3beedc2d94de6110f50212c4aa0b)
|
||||||
|
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:df1ba00dd9f64a3ae9a9e05979dfae6a15c7e203)
|
||||||
|
Merged-In: Id0ceba345942baf21177f687b8dd85ef001c0a9e
|
||||||
|
Change-Id: Id0ceba345942baf21177f687b8dd85ef001c0a9e
|
||||||
|
---
|
||||||
|
.../java/com/android/server/job/JobStore.java | 26 ++++++++++++++++---
|
||||||
|
1 file changed, 23 insertions(+), 3 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/services/core/java/com/android/server/job/JobStore.java b/services/core/java/com/android/server/job/JobStore.java
|
||||||
|
index aa9f77c839e5..446fe3e8a712 100644
|
||||||
|
--- a/services/core/java/com/android/server/job/JobStore.java
|
||||||
|
+++ b/services/core/java/com/android/server/job/JobStore.java
|
||||||
|
@@ -606,6 +606,10 @@ public final class JobStore {
|
||||||
|
}
|
||||||
|
} catch (XmlPullParserException | IOException e) {
|
||||||
|
Slog.wtf(TAG, "Error jobstore xml.", e);
|
||||||
|
+ } catch (Exception e) {
|
||||||
|
+ // Crashing at this point would result in a boot loop, so live with a general
|
||||||
|
+ // Exception for system stability's sake.
|
||||||
|
+ Slog.wtf(TAG, "Unexpected exception", e);
|
||||||
|
} finally {
|
||||||
|
if (mPersistInfo.countAllJobsLoaded < 0) { // Only set them once.
|
||||||
|
mPersistInfo.countAllJobsLoaded = numJobs;
|
||||||
|
@@ -732,6 +736,15 @@ public final class JobStore {
|
||||||
|
} catch (NumberFormatException e) {
|
||||||
|
Slog.d(TAG, "Error reading constraints, skipping.");
|
||||||
|
return null;
|
||||||
|
+ } catch (XmlPullParserException e) {
|
||||||
|
+ Slog.d(TAG, "Error Parser Exception.", e);
|
||||||
|
+ return null;
|
||||||
|
+ } catch (IOException e) {
|
||||||
|
+ Slog.d(TAG, "Error I/O Exception.", e);
|
||||||
|
+ return null;
|
||||||
|
+ } catch (IllegalArgumentException e) {
|
||||||
|
+ Slog.e(TAG, "Constraints contained invalid data", e);
|
||||||
|
+ return null;
|
||||||
|
}
|
||||||
|
parser.next(); // Consume </constraints>
|
||||||
|
|
||||||
|
@@ -827,8 +840,14 @@ public final class JobStore {
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
|
||||||
|
- PersistableBundle extras = PersistableBundle.restoreFromXml(parser);
|
||||||
|
- jobBuilder.setExtras(extras);
|
||||||
|
+ final PersistableBundle extras;
|
||||||
|
+ try {
|
||||||
|
+ extras = PersistableBundle.restoreFromXml(parser);
|
||||||
|
+ jobBuilder.setExtras(extras);
|
||||||
|
+ } catch (IllegalArgumentException e) {
|
||||||
|
+ Slog.e(TAG, "Persisted extras contained invalid data", e);
|
||||||
|
+ return null;
|
||||||
|
+ }
|
||||||
|
parser.nextTag(); // Consume </extras>
|
||||||
|
|
||||||
|
// Migrate sync jobs forward from earlier, incomplete representation
|
||||||
|
@@ -861,7 +880,8 @@ public final class JobStore {
|
||||||
|
return new JobInfo.Builder(jobId, cname);
|
||||||
|
}
|
||||||
|
|
||||||
|
- private void buildConstraintsFromXml(JobInfo.Builder jobBuilder, XmlPullParser parser) {
|
||||||
|
+ private void buildConstraintsFromXml(JobInfo.Builder jobBuilder, XmlPullParser parser)
|
||||||
|
+ throws XmlPullParserException, IOException {
|
||||||
|
String val = parser.getAttributeValue(null, "connectivity");
|
||||||
|
if (val != null) {
|
||||||
|
jobBuilder.setRequiredNetworkType(JobInfo.NETWORK_TYPE_ANY);
|
@ -0,0 +1,77 @@
|
|||||||
|
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Valentin Iftime <valiiftime@google.com>
|
||||||
|
Date: Wed, 22 Feb 2023 09:38:55 +0100
|
||||||
|
Subject: [PATCH] Prevent RemoteViews crashing SystemUi
|
||||||
|
|
||||||
|
Catch canvas drawing exceptions caused by unsuported image sizes.
|
||||||
|
|
||||||
|
Test: 1. Post a custom view notification with a layout
|
||||||
|
containing an ImageView that references a 5k x 5k image
|
||||||
|
2. Add an App Widget to the home screen with that has the
|
||||||
|
layout mentioned above as preview/initial layout.
|
||||||
|
|
||||||
|
Bug: 268193777
|
||||||
|
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:cfc0b34432ab54e3fa472db5c43e620293f64a5d)
|
||||||
|
Merged-In: Ib3bda769c499b4069b49c566b1b227f98f707a8a
|
||||||
|
Change-Id: Ib3bda769c499b4069b49c566b1b227f98f707a8a
|
||||||
|
---
|
||||||
|
.../android/appwidget/AppWidgetHostView.java | 38 ++++++++++++++-----
|
||||||
|
1 file changed, 28 insertions(+), 10 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/core/java/android/appwidget/AppWidgetHostView.java b/core/java/android/appwidget/AppWidgetHostView.java
|
||||||
|
index 1242cb0fbdfa..8b5f56b358b0 100644
|
||||||
|
--- a/core/java/android/appwidget/AppWidgetHostView.java
|
||||||
|
+++ b/core/java/android/appwidget/AppWidgetHostView.java
|
||||||
|
@@ -248,19 +248,26 @@ public class AppWidgetHostView extends FrameLayout {
|
||||||
|
super.onLayout(changed, left, top, right, bottom);
|
||||||
|
} catch (final RuntimeException e) {
|
||||||
|
Log.e(TAG, "Remote provider threw runtime exception, using error view instead.", e);
|
||||||
|
- removeViewInLayout(mView);
|
||||||
|
- View child = getErrorView();
|
||||||
|
- prepareView(child);
|
||||||
|
- addViewInLayout(child, 0, child.getLayoutParams());
|
||||||
|
- measureChild(child, MeasureSpec.makeMeasureSpec(getMeasuredWidth(), MeasureSpec.EXACTLY),
|
||||||
|
- MeasureSpec.makeMeasureSpec(getMeasuredHeight(), MeasureSpec.EXACTLY));
|
||||||
|
- child.layout(0, 0, child.getMeasuredWidth() + mPaddingLeft + mPaddingRight,
|
||||||
|
- child.getMeasuredHeight() + mPaddingTop + mPaddingBottom);
|
||||||
|
- mView = child;
|
||||||
|
- mViewMode = VIEW_MODE_ERROR;
|
||||||
|
+ handleViewError();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
+ /**
|
||||||
|
+ * Remove bad view and replace with error message view
|
||||||
|
+ */
|
||||||
|
+ private void handleViewError() {
|
||||||
|
+ removeViewInLayout(mView);
|
||||||
|
+ View child = getErrorView();
|
||||||
|
+ prepareView(child);
|
||||||
|
+ addViewInLayout(child, 0, child.getLayoutParams());
|
||||||
|
+ measureChild(child, MeasureSpec.makeMeasureSpec(getMeasuredWidth(), MeasureSpec.EXACTLY),
|
||||||
|
+ MeasureSpec.makeMeasureSpec(getMeasuredHeight(), MeasureSpec.EXACTLY));
|
||||||
|
+ child.layout(0, 0, child.getMeasuredWidth() + mPaddingLeft + mPaddingRight,
|
||||||
|
+ child.getMeasuredHeight() + mPaddingTop + mPaddingBottom);
|
||||||
|
+ mView = child;
|
||||||
|
+ mViewMode = VIEW_MODE_ERROR;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
/**
|
||||||
|
* Provide guidance about the size of this widget to the AppWidgetManager. The widths and
|
||||||
|
* heights should correspond to the full area the AppWidgetHostView is given. Padding added by
|
||||||
|
@@ -771,4 +778,15 @@ public class AppWidgetHostView extends FrameLayout {
|
||||||
|
}
|
||||||
|
};
|
||||||
|
}
|
||||||
|
+
|
||||||
|
+ @Override
|
||||||
|
+ protected void dispatchDraw(Canvas canvas) {
|
||||||
|
+ try {
|
||||||
|
+ super.dispatchDraw(canvas);
|
||||||
|
+ } catch (Exception e) {
|
||||||
|
+ // Catch draw exceptions that may be caused by RemoteViews
|
||||||
|
+ Log.e(TAG, "Drawing view failed: " + e);
|
||||||
|
+ post(this::handleViewError);
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
}
|
@ -0,0 +1,28 @@
|
|||||||
|
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Dmitry Dementyev <dementyev@google.com>
|
||||||
|
Date: Tue, 7 Mar 2023 10:36:41 -0800
|
||||||
|
Subject: [PATCH] Convert argument to intent in AddAccountSettings.
|
||||||
|
|
||||||
|
Bug: 265798353
|
||||||
|
Test: manual
|
||||||
|
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:c7e8052b527434ed8660e3babdab718f7f3cd7da)
|
||||||
|
Merged-In: I0051e5d5fc9fd3691504cb5fbb959f701e0bce6a
|
||||||
|
Change-Id: I0051e5d5fc9fd3691504cb5fbb959f701e0bce6a
|
||||||
|
---
|
||||||
|
src/com/android/settings/accounts/AddAccountSettings.java | 3 ++-
|
||||||
|
1 file changed, 2 insertions(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/src/com/android/settings/accounts/AddAccountSettings.java b/src/com/android/settings/accounts/AddAccountSettings.java
|
||||||
|
index cca15c96d3..2e23e93124 100644
|
||||||
|
--- a/src/com/android/settings/accounts/AddAccountSettings.java
|
||||||
|
+++ b/src/com/android/settings/accounts/AddAccountSettings.java
|
||||||
|
@@ -102,7 +102,8 @@ public class AddAccountSettings extends Activity {
|
||||||
|
addAccountOptions.putParcelable(EXTRA_USER, mUserHandle);
|
||||||
|
intent.putExtras(addAccountOptions);
|
||||||
|
intent.addFlags(Intent.FLAG_ACTIVITY_NEW_TASK);
|
||||||
|
- startActivityForResultAsUser(intent, ADD_ACCOUNT_REQUEST, mUserHandle);
|
||||||
|
+ startActivityForResultAsUser(
|
||||||
|
+ new Intent(intent), ADD_ACCOUNT_REQUEST, mUserHandle);
|
||||||
|
} else {
|
||||||
|
setResult(RESULT_OK);
|
||||||
|
if (mPendingIntent != null) {
|
@ -0,0 +1,27 @@
|
|||||||
|
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Dmitry Dementyev <dementyev@google.com>
|
||||||
|
Date: Tue, 7 Mar 2023 10:55:07 -0800
|
||||||
|
Subject: [PATCH] Convert argument to intent in addAccount TvSettings.
|
||||||
|
|
||||||
|
Bug: 265798353
|
||||||
|
Test: manual
|
||||||
|
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:706edcb7532d74788f899968016b7a6273bfbcac)
|
||||||
|
Merged-In: I06a63078f55ee8169123b1dfcf1811e682e0776e
|
||||||
|
Change-Id: I06a63078f55ee8169123b1dfcf1811e682e0776e
|
||||||
|
---
|
||||||
|
.../tv/settings/accounts/AddAccountWithTypeActivity.java | 2 +-
|
||||||
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/Settings/src/com/android/tv/settings/accounts/AddAccountWithTypeActivity.java b/Settings/src/com/android/tv/settings/accounts/AddAccountWithTypeActivity.java
|
||||||
|
index a608bc4fa..ff71ac93b 100644
|
||||||
|
--- a/Settings/src/com/android/tv/settings/accounts/AddAccountWithTypeActivity.java
|
||||||
|
+++ b/Settings/src/com/android/tv/settings/accounts/AddAccountWithTypeActivity.java
|
||||||
|
@@ -52,7 +52,7 @@ public class AddAccountWithTypeActivity extends Activity {
|
||||||
|
Log.e(TAG, "Failed to retrieve add account intent from authenticator");
|
||||||
|
setResultAndFinish(Activity.RESULT_CANCELED);
|
||||||
|
} else {
|
||||||
|
- startActivityForResult(addAccountIntent, REQUEST_ADD_ACCOUNT);
|
||||||
|
+ startActivityForResult(new Intent(addAccountIntent), REQUEST_ADD_ACCOUNT);
|
||||||
|
}
|
||||||
|
} catch (IOException|AuthenticatorException|OperationCanceledException e) {
|
||||||
|
Log.e(TAG, "Failed to get add account intent: ", e);
|
107
Patches/LineageOS-15.1/android_system_bt/358580.patch
Normal file
107
Patches/LineageOS-15.1/android_system_bt/358580.patch
Normal file
@ -0,0 +1,107 @@
|
|||||||
|
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Brian Delwiche <delwiche@google.com>
|
||||||
|
Date: Tue, 11 Oct 2022 21:23:22 +0000
|
||||||
|
Subject: [PATCH] Prevent use-after-free of HID reports
|
||||||
|
|
||||||
|
BTA sends the the HID report pointer to BTIF and deallocates it immediately.
|
||||||
|
This is now prevented by providing a deep copy callback function for HID
|
||||||
|
reports when tranferring context from BTA to BTIF.
|
||||||
|
|
||||||
|
This is a backport of change Icef7a7ed1185b4283ee4fe4f812ca154d8f1b825,
|
||||||
|
already merged on T for b/227620181.
|
||||||
|
|
||||||
|
Bug: 228837201
|
||||||
|
Test: Validated against researcher POC, ran BT unit tests, played audio
|
||||||
|
manually.
|
||||||
|
Tag: #security
|
||||||
|
Ignore-AOSP-First: Security
|
||||||
|
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:874c495c886cd8722625756dc5fd0634b16b4f42)
|
||||||
|
Merged-In: Ib837f395883de2369207f1b3b974d6bff02dcb19
|
||||||
|
Change-Id: Ib837f395883de2369207f1b3b974d6bff02dcb19
|
||||||
|
---
|
||||||
|
btif/src/btif_hh.cc | 50 ++++++++++++++++++++++++++++++++++++++++-----
|
||||||
|
1 file changed, 45 insertions(+), 5 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/btif/src/btif_hh.cc b/btif/src/btif_hh.cc
|
||||||
|
index 7c7352e41..0bb6c9f43 100644
|
||||||
|
--- a/btif/src/btif_hh.cc
|
||||||
|
+++ b/btif/src/btif_hh.cc
|
||||||
|
@@ -1068,6 +1068,38 @@ static void btif_hh_upstreams_evt(uint16_t event, char* p_param) {
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
+/*******************************************************************************
|
||||||
|
+ *
|
||||||
|
+ * Function btif_hh_hsdata_rpt_copy_cb
|
||||||
|
+ *
|
||||||
|
+ * Description Deep copies the tBTA_HH_HSDATA structure
|
||||||
|
+ *
|
||||||
|
+ * Returns void
|
||||||
|
+ *
|
||||||
|
+ ******************************************************************************/
|
||||||
|
+
|
||||||
|
+static void btif_hh_hsdata_rpt_copy_cb(uint16_t event, char* p_dest,
|
||||||
|
+ char* p_src) {
|
||||||
|
+ tBTA_HH_HSDATA* p_dst_data = (tBTA_HH_HSDATA*)p_dest;
|
||||||
|
+ tBTA_HH_HSDATA* p_src_data = (tBTA_HH_HSDATA*)p_src;
|
||||||
|
+ BT_HDR* hdr;
|
||||||
|
+
|
||||||
|
+ if (!p_src) {
|
||||||
|
+ BTIF_TRACE_ERROR("%s: Nothing to copy", __func__);
|
||||||
|
+ return;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ memcpy(p_dst_data, p_src_data, sizeof(tBTA_HH_HSDATA));
|
||||||
|
+
|
||||||
|
+ hdr = p_src_data->rsp_data.p_rpt_data;
|
||||||
|
+ if (hdr != NULL) {
|
||||||
|
+ uint8_t* p_data = ((uint8_t*)p_dst_data) + sizeof(tBTA_HH_HSDATA);
|
||||||
|
+ memcpy(p_data, hdr, BT_HDR_SIZE + hdr->offset + hdr->len);
|
||||||
|
+
|
||||||
|
+ p_dst_data->rsp_data.p_rpt_data = (BT_HDR*)p_data;
|
||||||
|
+ }
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
/*******************************************************************************
|
||||||
|
*
|
||||||
|
* Function bte_hh_evt
|
||||||
|
@@ -1081,6 +1113,7 @@ static void btif_hh_upstreams_evt(uint16_t event, char* p_param) {
|
||||||
|
void bte_hh_evt(tBTA_HH_EVT event, tBTA_HH* p_data) {
|
||||||
|
bt_status_t status;
|
||||||
|
int param_len = 0;
|
||||||
|
+ tBTIF_COPY_CBACK* p_copy_cback = NULL;
|
||||||
|
|
||||||
|
if (BTA_HH_ENABLE_EVT == event)
|
||||||
|
param_len = sizeof(tBTA_HH_STATUS);
|
||||||
|
@@ -1092,11 +1125,18 @@ void bte_hh_evt(tBTA_HH_EVT event, tBTA_HH* p_data) {
|
||||||
|
param_len = sizeof(tBTA_HH_CBDATA);
|
||||||
|
else if (BTA_HH_GET_DSCP_EVT == event)
|
||||||
|
param_len = sizeof(tBTA_HH_DEV_DSCP_INFO);
|
||||||
|
- else if ((BTA_HH_GET_PROTO_EVT == event) || (BTA_HH_GET_RPT_EVT == event) ||
|
||||||
|
- (BTA_HH_GET_IDLE_EVT == event))
|
||||||
|
+ else if ((BTA_HH_GET_PROTO_EVT == event) || (BTA_HH_GET_IDLE_EVT == event))
|
||||||
|
+ param_len = sizeof(tBTA_HH_HSDATA);
|
||||||
|
+ else if (BTA_HH_GET_RPT_EVT == event) {
|
||||||
|
+ BT_HDR* hdr = p_data->hs_data.rsp_data.p_rpt_data;
|
||||||
|
param_len = sizeof(tBTA_HH_HSDATA);
|
||||||
|
- else if ((BTA_HH_SET_PROTO_EVT == event) || (BTA_HH_SET_RPT_EVT == event) ||
|
||||||
|
- (BTA_HH_VC_UNPLUG_EVT == event) || (BTA_HH_SET_IDLE_EVT == event))
|
||||||
|
+
|
||||||
|
+ if (hdr != NULL) {
|
||||||
|
+ p_copy_cback = btif_hh_hsdata_rpt_copy_cb;
|
||||||
|
+ param_len += BT_HDR_SIZE + hdr->offset + hdr->len;
|
||||||
|
+ }
|
||||||
|
+ } else if ((BTA_HH_SET_PROTO_EVT == event) || (BTA_HH_SET_RPT_EVT == event) ||
|
||||||
|
+ (BTA_HH_VC_UNPLUG_EVT == event) || (BTA_HH_SET_IDLE_EVT == event))
|
||||||
|
param_len = sizeof(tBTA_HH_CBDATA);
|
||||||
|
else if ((BTA_HH_ADD_DEV_EVT == event) || (BTA_HH_RMV_DEV_EVT == event))
|
||||||
|
param_len = sizeof(tBTA_HH_DEV_INFO);
|
||||||
|
@@ -1105,7 +1145,7 @@ void bte_hh_evt(tBTA_HH_EVT event, tBTA_HH* p_data) {
|
||||||
|
/* switch context to btif task context (copy full union size for convenience)
|
||||||
|
*/
|
||||||
|
status = btif_transfer_context(btif_hh_upstreams_evt, (uint16_t)event,
|
||||||
|
- (char*)p_data, param_len, NULL);
|
||||||
|
+ (char*)p_data, param_len, p_copy_cback);
|
||||||
|
|
||||||
|
/* catch any failed context transfers */
|
||||||
|
ASSERTC(status == BT_STATUS_SUCCESS, "context transfer failed", status);
|
139
Patches/LineageOS-15.1/android_system_bt/358581-backport.patch
Normal file
139
Patches/LineageOS-15.1/android_system_bt/358581-backport.patch
Normal file
@ -0,0 +1,139 @@
|
|||||||
|
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Brian Delwiche <delwiche@google.com>
|
||||||
|
Date: Tue, 21 Mar 2023 22:35:35 +0000
|
||||||
|
Subject: [PATCH] Revert "Revert "[RESTRICT AUTOMERGE] Validate buffer length
|
||||||
|
in sdpu_build_uuid_seq""
|
||||||
|
|
||||||
|
This reverts commit 487a1079078f3717fdc4665c19a45eca5b3ec5e6.
|
||||||
|
|
||||||
|
Reason for revert: Reinstate original change for QPR
|
||||||
|
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:a681067af2ea4565543238db3025d749923f63ec)
|
||||||
|
Merged-In: If0528519a29dc73ff99163098da2a05592ab15d8
|
||||||
|
Change-Id: If0528519a29dc73ff99163098da2a05592ab15d8
|
||||||
|
---
|
||||||
|
stack/sdp/sdp_discovery.cc | 64 +++++++++++++++++++++++++++++++++-----
|
||||||
|
1 file changed, 57 insertions(+), 7 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/stack/sdp/sdp_discovery.cc b/stack/sdp/sdp_discovery.cc
|
||||||
|
index 11491f790..a797000d3 100644
|
||||||
|
--- a/stack/sdp/sdp_discovery.cc
|
||||||
|
+++ b/stack/sdp/sdp_discovery.cc
|
||||||
|
@@ -72,10 +72,15 @@ static uint8_t* add_attr(uint8_t* p, uint8_t* p_end, tSDP_DISCOVERY_DB* p_db,
|
||||||
|
*
|
||||||
|
******************************************************************************/
|
||||||
|
static uint8_t* sdpu_build_uuid_seq(uint8_t* p_out, uint16_t num_uuids,
|
||||||
|
- tSDP_UUID* p_uuid_list) {
|
||||||
|
+ tSDP_UUID* p_uuid_list, uint16_t& bytes_left) {
|
||||||
|
uint16_t xx;
|
||||||
|
uint8_t* p_len;
|
||||||
|
|
||||||
|
+ if (bytes_left < 2) {
|
||||||
|
+ DCHECK(0) << "SDP: No space for data element header";
|
||||||
|
+ return (p_out);
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
/* First thing is the data element header */
|
||||||
|
UINT8_TO_BE_STREAM(p_out, (DATA_ELE_SEQ_DESC_TYPE << 3) | SIZE_IN_NEXT_BYTE);
|
||||||
|
|
||||||
|
@@ -83,8 +88,18 @@ static uint8_t* sdpu_build_uuid_seq(uint8_t* p_out, uint16_t num_uuids,
|
||||||
|
p_len = p_out;
|
||||||
|
p_out += 1;
|
||||||
|
|
||||||
|
+ /* Account for data element header and length */
|
||||||
|
+ bytes_left -= 2;
|
||||||
|
+
|
||||||
|
/* Now, loop through and put in all the UUID(s) */
|
||||||
|
for (xx = 0; xx < num_uuids; xx++, p_uuid_list++) {
|
||||||
|
+ if (p_uuid_list->len + 1 > bytes_left) {
|
||||||
|
+ DCHECK(0) << "SDP: Too many UUIDs for internal buffer";
|
||||||
|
+ break;
|
||||||
|
+ } else {
|
||||||
|
+ bytes_left -= (p_uuid_list->len + 1);
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
if (p_uuid_list->len == LEN_UUID_16) {
|
||||||
|
UINT8_TO_BE_STREAM(p_out, (UUID_DESC_TYPE << 3) | SIZE_TWO_BYTES);
|
||||||
|
UINT16_TO_BE_STREAM(p_out, p_uuid_list->uu.uuid16);
|
||||||
|
@@ -121,6 +136,7 @@ static void sdp_snd_service_search_req(tCONN_CB* p_ccb, uint8_t cont_len,
|
||||||
|
uint8_t *p, *p_start, *p_param_len;
|
||||||
|
BT_HDR* p_cmd = (BT_HDR*)osi_malloc(SDP_DATA_BUF_SIZE);
|
||||||
|
uint16_t param_len;
|
||||||
|
+ uint16_t bytes_left = SDP_DATA_BUF_SIZE;
|
||||||
|
|
||||||
|
/* Prepare the buffer for sending the packet to L2CAP */
|
||||||
|
p_cmd->offset = L2CAP_MIN_OFFSET;
|
||||||
|
@@ -135,13 +151,30 @@ static void sdp_snd_service_search_req(tCONN_CB* p_ccb, uint8_t cont_len,
|
||||||
|
p_param_len = p;
|
||||||
|
p += 2;
|
||||||
|
|
||||||
|
-/* Build the UID sequence. */
|
||||||
|
+ /* Account for header size, max service record count and
|
||||||
|
+ * continuation state */
|
||||||
|
+ const uint16_t base_bytes = (sizeof(BT_HDR) + L2CAP_MIN_OFFSET +
|
||||||
|
+ 3u + /* service search request header */
|
||||||
|
+ 2u + /* param len */
|
||||||
|
+ 3u + ((p_cont) ? cont_len : 0));
|
||||||
|
+
|
||||||
|
+ if (base_bytes > bytes_left) {
|
||||||
|
+ DCHECK(0) << "SDP: Overran SDP data buffer";
|
||||||
|
+ osi_free(p_cmd);
|
||||||
|
+ return;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ bytes_left -= base_bytes;
|
||||||
|
+
|
||||||
|
+ /* Build the UID sequence. */
|
||||||
|
#if (SDP_BROWSE_PLUS == TRUE)
|
||||||
|
p = sdpu_build_uuid_seq(p, 1,
|
||||||
|
- &p_ccb->p_db->uuid_filters[p_ccb->cur_uuid_idx]);
|
||||||
|
+ &p_ccb->p_db->uuid_filters[p_ccb->cur_uuid_idx],
|
||||||
|
+ bytes_left);
|
||||||
|
#else
|
||||||
|
+ /* Build the UID sequence. */
|
||||||
|
p = sdpu_build_uuid_seq(p, p_ccb->p_db->num_uuid_filters,
|
||||||
|
- p_ccb->p_db->uuid_filters);
|
||||||
|
+ p_ccb->p_db->uuid_filters, bytes_left);
|
||||||
|
#endif
|
||||||
|
|
||||||
|
/* Set max service record count */
|
||||||
|
@@ -633,6 +666,7 @@ static void process_service_search_attr_rsp(tCONN_CB* p_ccb, uint8_t* p_reply,
|
||||||
|
if ((cont_request_needed) || (!p_reply)) {
|
||||||
|
BT_HDR* p_msg = (BT_HDR*)osi_malloc(SDP_DATA_BUF_SIZE);
|
||||||
|
uint8_t* p;
|
||||||
|
+ uint16_t bytes_left = SDP_DATA_BUF_SIZE;
|
||||||
|
|
||||||
|
p_msg->offset = L2CAP_MIN_OFFSET;
|
||||||
|
p = p_start = (uint8_t*)(p_msg + 1) + L2CAP_MIN_OFFSET;
|
||||||
|
@@ -646,13 +680,29 @@ static void process_service_search_attr_rsp(tCONN_CB* p_ccb, uint8_t* p_reply,
|
||||||
|
p_param_len = p;
|
||||||
|
p += 2;
|
||||||
|
|
||||||
|
-/* Build the UID sequence. */
|
||||||
|
+ /* Account for header size, max service record count and
|
||||||
|
+ * continuation state */
|
||||||
|
+ const uint16_t base_bytes = (sizeof(BT_HDR) + L2CAP_MIN_OFFSET +
|
||||||
|
+ 3u + /* service search request header */
|
||||||
|
+ 2u + /* param len */
|
||||||
|
+ 3u + /* max service record count */
|
||||||
|
+ ((p_reply) ? (*p_reply) : 0));
|
||||||
|
+
|
||||||
|
+ if (base_bytes > bytes_left) {
|
||||||
|
+ sdp_disconnect(p_ccb, SDP_INVALID_CONT_STATE);
|
||||||
|
+ return;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ bytes_left -= base_bytes;
|
||||||
|
+
|
||||||
|
+ /* Build the UID sequence. */
|
||||||
|
#if (SDP_BROWSE_PLUS == TRUE)
|
||||||
|
p = sdpu_build_uuid_seq(p, 1,
|
||||||
|
- &p_ccb->p_db->uuid_filters[p_ccb->cur_uuid_idx]);
|
||||||
|
+ &p_ccb->p_db->uuid_filters[p_ccb->cur_uuid_idx],
|
||||||
|
+ bytes_left);
|
||||||
|
#else
|
||||||
|
p = sdpu_build_uuid_seq(p, p_ccb->p_db->num_uuid_filters,
|
||||||
|
- p_ccb->p_db->uuid_filters);
|
||||||
|
+ p_ccb->p_db->uuid_filters, bytes_left);
|
||||||
|
#endif
|
||||||
|
|
||||||
|
/* Max attribute byte count */
|
82
Patches/LineageOS-15.1/android_system_bt/358582.patch
Normal file
82
Patches/LineageOS-15.1/android_system_bt/358582.patch
Normal file
@ -0,0 +1,82 @@
|
|||||||
|
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Brian Delwiche <delwiche@google.com>
|
||||||
|
Date: Tue, 21 Mar 2023 22:39:16 +0000
|
||||||
|
Subject: [PATCH] Revert "Revert "Fix wrong BR/EDR link key downgrades
|
||||||
|
(P_256->P_192)""
|
||||||
|
|
||||||
|
This reverts commit d733c86cbc06ce0ec72216b9d41e172d1939c46f.
|
||||||
|
|
||||||
|
Function btm_sec_encrypt_change() is called at most places
|
||||||
|
with argument "encr_enable" treated as bool and not as per
|
||||||
|
(tHCI_ENCRYPT_MODE = 0/1/2) expected by the function. The
|
||||||
|
function has special handling for "encr_enable=1" to downgrade
|
||||||
|
the link key type for BR/EDR case. This gets executed even
|
||||||
|
when the caller/context did not mean/expect so. It appears
|
||||||
|
this handling in btm_sec_encrypt_change() is not necessary and
|
||||||
|
is removed by this commit to prevent accidental execution of it.
|
||||||
|
|
||||||
|
Test: Verified re-pairing with an iPhone works fine now
|
||||||
|
|
||||||
|
Issue Reproduction Steps:
|
||||||
|
1. Enable Bluetooth Hotspot on Android device (DUT).
|
||||||
|
2. Pair and connect an iPhone to DUT.
|
||||||
|
3. Forget this pairing on DUT.
|
||||||
|
4. On iPhone settings, click on old DUT's paired entry to connect.
|
||||||
|
5. iPhone notifies to click 'Forget Device' and try fresh pairing.
|
||||||
|
6. On iPhone, after doing 'Forget Device', discover DUT again.
|
||||||
|
7. Attempt pairing to DUT by clicking on discovered DUT entry.
|
||||||
|
Pairing will be unsuccessful.
|
||||||
|
|
||||||
|
Issue Cause:
|
||||||
|
During re-pairing, DUT is seen to downgrade
|
||||||
|
BR/EDR link key unexpectedly from link key type 0x8
|
||||||
|
(BTM_LKEY_TYPE_AUTH_COMB_P_256) to 0x5 (BTM_LKEY_TYPE_AUTH_COMB).
|
||||||
|
|
||||||
|
Log snippet (re-pairing time):
|
||||||
|
btm_sec_link_key_notification set new_encr_key_256 to 1
|
||||||
|
btif_dm_auth_cmpl_evt: Storing link key. key_type=0x8, bond_type=1
|
||||||
|
btm_sec_encrypt_change new_encr_key_256 is 1
|
||||||
|
--On DUT, HCI_Encryption_Key_Refresh_Complete event noticed---
|
||||||
|
btm_sec_encrypt_change new_encr_key_256 is 0
|
||||||
|
updated link key type to 5
|
||||||
|
btif_dm_auth_cmpl_evt: Storing link key. key_type=0x5, bond_type=1
|
||||||
|
|
||||||
|
This is a backport of the following patch: aosp/1890096
|
||||||
|
|
||||||
|
Bug: 258834033
|
||||||
|
|
||||||
|
Reason for revert: Reinstate original change for QPR
|
||||||
|
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:56891eedc68c86b40977191dad28d65ebf86a94f)
|
||||||
|
Merged-In: Iba0c220b82bcf6b15368762b7052a3987ccbc0c6
|
||||||
|
Change-Id: Iba0c220b82bcf6b15368762b7052a3987ccbc0c6
|
||||||
|
---
|
||||||
|
stack/btm/btm_sec.cc | 16 ----------------
|
||||||
|
1 file changed, 16 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/stack/btm/btm_sec.cc b/stack/btm/btm_sec.cc
|
||||||
|
index 6116312c1..9be18a42b 100644
|
||||||
|
--- a/stack/btm/btm_sec.cc
|
||||||
|
+++ b/stack/btm/btm_sec.cc
|
||||||
|
@@ -4176,22 +4176,6 @@ void btm_sec_encrypt_change(uint16_t handle, uint8_t status,
|
||||||
|
SMP_BR_PairWith(p_dev_rec->bd_addr);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
- } else {
|
||||||
|
- // BR/EDR is successfully encrypted. Correct LK type if needed
|
||||||
|
- // (BR/EDR LK derived from LE LTK was used for encryption)
|
||||||
|
- if ((encr_enable == 1) && /* encryption is ON for SSP */
|
||||||
|
- /* LK type is for BR/EDR SC */
|
||||||
|
- (p_dev_rec->link_key_type == BTM_LKEY_TYPE_UNAUTH_COMB_P_256 ||
|
||||||
|
- p_dev_rec->link_key_type == BTM_LKEY_TYPE_AUTH_COMB_P_256)) {
|
||||||
|
- if (p_dev_rec->link_key_type == BTM_LKEY_TYPE_UNAUTH_COMB_P_256)
|
||||||
|
- p_dev_rec->link_key_type = BTM_LKEY_TYPE_UNAUTH_COMB;
|
||||||
|
- else /* BTM_LKEY_TYPE_AUTH_COMB_P_256 */
|
||||||
|
- p_dev_rec->link_key_type = BTM_LKEY_TYPE_AUTH_COMB;
|
||||||
|
-
|
||||||
|
- BTM_TRACE_DEBUG("updated link key type to %d",
|
||||||
|
- p_dev_rec->link_key_type);
|
||||||
|
- btm_send_link_key_notif(p_dev_rec);
|
||||||
|
- }
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
75
Patches/LineageOS-16.0/android_frameworks_av/358555.patch
Normal file
75
Patches/LineageOS-16.0/android_frameworks_av/358555.patch
Normal file
@ -0,0 +1,75 @@
|
|||||||
|
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Ray Essick <essick@google.com>
|
||||||
|
Date: Mon, 27 Mar 2023 18:16:46 -0500
|
||||||
|
Subject: [PATCH] Fix NuMediaExtractor::readSampleData buffer Handling
|
||||||
|
|
||||||
|
readSampleData() did not initialize buffer before filling it,
|
||||||
|
leading to OOB memory references. Correct and clarify the book
|
||||||
|
keeping around output buffer management.
|
||||||
|
|
||||||
|
Bug: 275418191
|
||||||
|
Test: CtsMediaExtractorTestCases w/debug messages
|
||||||
|
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:943fc12219b21d2a98f0ddc070b9b316a6f5d412)
|
||||||
|
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:84c69bca81175feb2fd97ebb22e432ee41572786)
|
||||||
|
Merged-In: Ie744f118526f100d82a312c64f7c6fcf20773b6d
|
||||||
|
Change-Id: Ie744f118526f100d82a312c64f7c6fcf20773b6d
|
||||||
|
---
|
||||||
|
media/libstagefright/NuMediaExtractor.cpp | 14 +++++++++-----
|
||||||
|
1 file changed, 9 insertions(+), 5 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/media/libstagefright/NuMediaExtractor.cpp b/media/libstagefright/NuMediaExtractor.cpp
|
||||||
|
index 4a7d6ca7ad..90ddcb81c3 100644
|
||||||
|
--- a/media/libstagefright/NuMediaExtractor.cpp
|
||||||
|
+++ b/media/libstagefright/NuMediaExtractor.cpp
|
||||||
|
@@ -607,9 +607,11 @@ status_t NuMediaExtractor::appendVorbisNumPageSamples(
|
||||||
|
numPageSamples = -1;
|
||||||
|
}
|
||||||
|
|
||||||
|
+ // insert, including accounting for the space used.
|
||||||
|
memcpy((uint8_t *)buffer->data() + mbuf->range_length(),
|
||||||
|
&numPageSamples,
|
||||||
|
sizeof(numPageSamples));
|
||||||
|
+ buffer->setRange(buffer->offset(), buffer->size() + sizeof(numPageSamples));
|
||||||
|
|
||||||
|
uint32_t type;
|
||||||
|
const void *data;
|
||||||
|
@@ -658,6 +660,8 @@ status_t NuMediaExtractor::readSampleData(const sp<ABuffer> &buffer) {
|
||||||
|
|
||||||
|
ssize_t minIndex = fetchAllTrackSamples();
|
||||||
|
|
||||||
|
+ buffer->setRange(0, 0); // start with an empty buffer
|
||||||
|
+
|
||||||
|
if (minIndex < 0) {
|
||||||
|
return ERROR_END_OF_STREAM;
|
||||||
|
}
|
||||||
|
@@ -673,25 +677,25 @@ status_t NuMediaExtractor::readSampleData(const sp<ABuffer> &buffer) {
|
||||||
|
sampleSize += sizeof(int32_t);
|
||||||
|
}
|
||||||
|
|
||||||
|
+ // capacity() is ok since we cleared out the buffer
|
||||||
|
if (buffer->capacity() < sampleSize) {
|
||||||
|
return -ENOMEM;
|
||||||
|
}
|
||||||
|
|
||||||
|
+ const size_t srclen = it->mBuffer->range_length();
|
||||||
|
const uint8_t *src =
|
||||||
|
(const uint8_t *)it->mBuffer->data()
|
||||||
|
+ it->mBuffer->range_offset();
|
||||||
|
|
||||||
|
- memcpy((uint8_t *)buffer->data(), src, it->mBuffer->range_length());
|
||||||
|
+ memcpy((uint8_t *)buffer->data(), src, srclen);
|
||||||
|
+ buffer->setRange(0, srclen);
|
||||||
|
|
||||||
|
status_t err = OK;
|
||||||
|
if (info->mTrackFlags & kIsVorbis) {
|
||||||
|
+ // adjusts range when it inserts the extra bits
|
||||||
|
err = appendVorbisNumPageSamples(it->mBuffer, buffer);
|
||||||
|
}
|
||||||
|
|
||||||
|
- if (err == OK) {
|
||||||
|
- buffer->setRange(0, sampleSize);
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
return err;
|
||||||
|
}
|
||||||
|
|
@ -0,0 +1,167 @@
|
|||||||
|
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Brian Lee <brnlee@google.com>
|
||||||
|
Date: Fri, 17 Feb 2023 16:05:17 -0800
|
||||||
|
Subject: [PATCH] Check key intent for selectors and prohibited flags
|
||||||
|
|
||||||
|
Bug: 265015796
|
||||||
|
Test: atest
|
||||||
|
FrameworksServicesTests: com.android.server.accounts.AccountManagerServiceTest
|
||||||
|
(cherry picked from commit e53a96304352e2965176c8d32ac1b504e52ef185)
|
||||||
|
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:92114886bdce8467c52c655c186f3e7ab1e134d8)
|
||||||
|
Merged-In: Ie16f8654337bd75eaad3156817470674b4f0cee3
|
||||||
|
Change-Id: Ie16f8654337bd75eaad3156817470674b4f0cee3
|
||||||
|
---
|
||||||
|
.../accounts/AccountManagerService.java | 18 +++++++---
|
||||||
|
.../accounts/AccountManagerServiceTest.java | 36 +++++++++++++++++++
|
||||||
|
.../AccountManagerServiceTestFixtures.java | 5 ++-
|
||||||
|
.../TestAccountType1Authenticator.java | 5 +--
|
||||||
|
4 files changed, 54 insertions(+), 10 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/services/core/java/com/android/server/accounts/AccountManagerService.java b/services/core/java/com/android/server/accounts/AccountManagerService.java
|
||||||
|
index d2f5d59e7030..36732273ab6f 100644
|
||||||
|
--- a/services/core/java/com/android/server/accounts/AccountManagerService.java
|
||||||
|
+++ b/services/core/java/com/android/server/accounts/AccountManagerService.java
|
||||||
|
@@ -4785,10 +4785,6 @@ public class AccountManagerService
|
||||||
|
if (intent.getClipData() == null) {
|
||||||
|
intent.setClipData(ClipData.newPlainText(null, null));
|
||||||
|
}
|
||||||
|
- intent.setFlags(intent.getFlags() & ~(Intent.FLAG_GRANT_READ_URI_PERMISSION
|
||||||
|
- | Intent.FLAG_GRANT_WRITE_URI_PERMISSION
|
||||||
|
- | Intent.FLAG_GRANT_PERSISTABLE_URI_PERMISSION
|
||||||
|
- | Intent.FLAG_GRANT_PREFIX_URI_PERMISSION));
|
||||||
|
long bid = Binder.clearCallingIdentity();
|
||||||
|
try {
|
||||||
|
PackageManager pm = mContext.getPackageManager();
|
||||||
|
@@ -4835,7 +4831,19 @@ public class AccountManagerService
|
||||||
|
if (intent == null) {
|
||||||
|
return (simulateIntent == null);
|
||||||
|
}
|
||||||
|
- return intent.filterEquals(simulateIntent);
|
||||||
|
+ if (!intent.filterEquals(simulateIntent)) {
|
||||||
|
+ return false;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if (intent.getSelector() != simulateIntent.getSelector()) {
|
||||||
|
+ return false;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ int prohibitedFlags = Intent.FLAG_GRANT_READ_URI_PERMISSION
|
||||||
|
+ | Intent.FLAG_GRANT_WRITE_URI_PERMISSION
|
||||||
|
+ | Intent.FLAG_GRANT_PERSISTABLE_URI_PERMISSION
|
||||||
|
+ | Intent.FLAG_GRANT_PREFIX_URI_PERMISSION;
|
||||||
|
+ return (simulateIntent.getFlags() & prohibitedFlags) == 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
private boolean isExportedSystemActivity(ActivityInfo activityInfo) {
|
||||||
|
diff --git a/services/tests/servicestests/src/com/android/server/accounts/AccountManagerServiceTest.java b/services/tests/servicestests/src/com/android/server/accounts/AccountManagerServiceTest.java
|
||||||
|
index 73267e4868a6..c063f645a4ea 100644
|
||||||
|
--- a/services/tests/servicestests/src/com/android/server/accounts/AccountManagerServiceTest.java
|
||||||
|
+++ b/services/tests/servicestests/src/com/android/server/accounts/AccountManagerServiceTest.java
|
||||||
|
@@ -17,6 +17,7 @@
|
||||||
|
package com.android.server.accounts;
|
||||||
|
|
||||||
|
import static android.database.sqlite.SQLiteDatabase.deleteDatabase;
|
||||||
|
+import static org.mockito.ArgumentMatchers.contains;
|
||||||
|
import static org.mockito.Matchers.any;
|
||||||
|
import static org.mockito.Matchers.anyBoolean;
|
||||||
|
import static org.mockito.Matchers.anyInt;
|
||||||
|
@@ -681,6 +682,41 @@ public class AccountManagerServiceTest extends AndroidTestCase {
|
||||||
|
assertNotNull(intent.getParcelableExtra(AccountManagerServiceTestFixtures.KEY_CALLBACK));
|
||||||
|
}
|
||||||
|
|
||||||
|
+ @SmallTest
|
||||||
|
+ public void testStartAddAccountSessionWhereAuthenticatorReturnsIntentWithProhibitedFlags()
|
||||||
|
+ throws Exception {
|
||||||
|
+ unlockSystemUser();
|
||||||
|
+ ResolveInfo resolveInfo = new ResolveInfo();
|
||||||
|
+ resolveInfo.activityInfo = new ActivityInfo();
|
||||||
|
+ resolveInfo.activityInfo.applicationInfo = new ApplicationInfo();
|
||||||
|
+ when(mMockPackageManager.resolveActivityAsUser(
|
||||||
|
+ any(Intent.class), anyInt(), anyInt())).thenReturn(resolveInfo);
|
||||||
|
+ when(mMockPackageManager.checkSignatures(
|
||||||
|
+ anyInt(), anyInt())).thenReturn(PackageManager.SIGNATURE_MATCH);
|
||||||
|
+
|
||||||
|
+ final CountDownLatch latch = new CountDownLatch(1);
|
||||||
|
+ Response response = new Response(latch, mMockAccountManagerResponse);
|
||||||
|
+ Bundle options = createOptionsWithAccountName(
|
||||||
|
+ AccountManagerServiceTestFixtures.ACCOUNT_NAME_INTERVENE);
|
||||||
|
+ int prohibitedFlags = Intent.FLAG_GRANT_READ_URI_PERMISSION
|
||||||
|
+ | Intent.FLAG_GRANT_WRITE_URI_PERMISSION
|
||||||
|
+ | Intent.FLAG_GRANT_PERSISTABLE_URI_PERMISSION
|
||||||
|
+ | Intent.FLAG_GRANT_PREFIX_URI_PERMISSION;
|
||||||
|
+ options.putInt(AccountManagerServiceTestFixtures.KEY_INTENT_FLAGS, prohibitedFlags);
|
||||||
|
+
|
||||||
|
+ mAms.startAddAccountSession(
|
||||||
|
+ response, // response
|
||||||
|
+ AccountManagerServiceTestFixtures.ACCOUNT_TYPE_1, // accountType
|
||||||
|
+ "authTokenType",
|
||||||
|
+ null, // requiredFeatures
|
||||||
|
+ true, // expectActivityLaunch
|
||||||
|
+ options); // optionsIn
|
||||||
|
+ waitForLatch(latch);
|
||||||
|
+
|
||||||
|
+ verify(mMockAccountManagerResponse).onError(
|
||||||
|
+ eq(AccountManager.ERROR_CODE_INVALID_RESPONSE), contains("invalid intent"));
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
@SmallTest
|
||||||
|
public void testStartAddAccountSessionError() throws Exception {
|
||||||
|
unlockSystemUser();
|
||||||
|
diff --git a/services/tests/servicestests/src/com/android/server/accounts/AccountManagerServiceTestFixtures.java b/services/tests/servicestests/src/com/android/server/accounts/AccountManagerServiceTestFixtures.java
|
||||||
|
index 73f30d9f9e79..b98a6a891d55 100644
|
||||||
|
--- a/services/tests/servicestests/src/com/android/server/accounts/AccountManagerServiceTestFixtures.java
|
||||||
|
+++ b/services/tests/servicestests/src/com/android/server/accounts/AccountManagerServiceTestFixtures.java
|
||||||
|
@@ -17,9 +17,6 @@ package com.android.server.accounts;
|
||||||
|
|
||||||
|
import android.accounts.Account;
|
||||||
|
|
||||||
|
-import java.util.ArrayList;
|
||||||
|
-import java.util.List;
|
||||||
|
-
|
||||||
|
/**
|
||||||
|
* Constants shared between test AccountAuthenticators and AccountManagerServiceTest.
|
||||||
|
*/
|
||||||
|
@@ -31,6 +28,8 @@ public final class AccountManagerServiceTestFixtures {
|
||||||
|
"account_manager_service_test:account_status_token_key";
|
||||||
|
public static final String KEY_ACCOUNT_PASSWORD =
|
||||||
|
"account_manager_service_test:account_password_key";
|
||||||
|
+ public static final String KEY_INTENT_FLAGS =
|
||||||
|
+ "account_manager_service_test:intent_flags_key";
|
||||||
|
public static final String KEY_OPTIONS_BUNDLE =
|
||||||
|
"account_manager_service_test:option_bundle_key";
|
||||||
|
public static final String ACCOUNT_NAME_SUCCESS = "success_on_return@fixture.com";
|
||||||
|
diff --git a/services/tests/servicestests/src/com/android/server/accounts/TestAccountType1Authenticator.java b/services/tests/servicestests/src/com/android/server/accounts/TestAccountType1Authenticator.java
|
||||||
|
index 8106364477d9..924443e9d5cf 100644
|
||||||
|
--- a/services/tests/servicestests/src/com/android/server/accounts/TestAccountType1Authenticator.java
|
||||||
|
+++ b/services/tests/servicestests/src/com/android/server/accounts/TestAccountType1Authenticator.java
|
||||||
|
@@ -24,8 +24,6 @@ import android.content.Context;
|
||||||
|
import android.content.Intent;
|
||||||
|
import android.os.Bundle;
|
||||||
|
|
||||||
|
-import com.android.frameworks.servicestests.R;
|
||||||
|
-
|
||||||
|
import java.util.concurrent.atomic.AtomicInteger;
|
||||||
|
|
||||||
|
/**
|
||||||
|
@@ -270,11 +268,13 @@ public class TestAccountType1Authenticator extends AbstractAccountAuthenticator
|
||||||
|
String accountName = null;
|
||||||
|
Bundle sessionBundle = null;
|
||||||
|
String password = null;
|
||||||
|
+ int intentFlags = 0;
|
||||||
|
if (options != null) {
|
||||||
|
accountName = options.getString(AccountManagerServiceTestFixtures.KEY_ACCOUNT_NAME);
|
||||||
|
sessionBundle = options.getBundle(
|
||||||
|
AccountManagerServiceTestFixtures.KEY_ACCOUNT_SESSION_BUNDLE);
|
||||||
|
password = options.getString(AccountManagerServiceTestFixtures.KEY_ACCOUNT_PASSWORD);
|
||||||
|
+ intentFlags = options.getInt(AccountManagerServiceTestFixtures.KEY_INTENT_FLAGS, 0);
|
||||||
|
}
|
||||||
|
|
||||||
|
Bundle result = new Bundle();
|
||||||
|
@@ -302,6 +302,7 @@ public class TestAccountType1Authenticator extends AbstractAccountAuthenticator
|
||||||
|
intent.putExtra(AccountManagerServiceTestFixtures.KEY_RESULT,
|
||||||
|
eventualActivityResultData);
|
||||||
|
intent.putExtra(AccountManagerServiceTestFixtures.KEY_CALLBACK, response);
|
||||||
|
+ intent.setFlags(intentFlags);
|
||||||
|
|
||||||
|
result.putParcelable(AccountManager.KEY_INTENT, intent);
|
||||||
|
} else {
|
@ -0,0 +1,79 @@
|
|||||||
|
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Kweku Adams <kwekua@google.com>
|
||||||
|
Date: Wed, 21 Sep 2022 22:13:01 +0000
|
||||||
|
Subject: [PATCH] Handle invalid data during job loading.
|
||||||
|
|
||||||
|
Catch exceptions that may be thrown if invalid data ended up in the
|
||||||
|
persisted job file.
|
||||||
|
|
||||||
|
Bug: 246541702
|
||||||
|
Bug: 246542132
|
||||||
|
Bug: 246542285
|
||||||
|
Bug: 246542330
|
||||||
|
Test: install test app with invalid job config, start app to schedule job, then reboot device
|
||||||
|
(cherry picked from commit c98fb42b480b3beedc2d94de6110f50212c4aa0b)
|
||||||
|
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:df1ba00dd9f64a3ae9a9e05979dfae6a15c7e203)
|
||||||
|
Merged-In: Id0ceba345942baf21177f687b8dd85ef001c0a9e
|
||||||
|
Change-Id: Id0ceba345942baf21177f687b8dd85ef001c0a9e
|
||||||
|
---
|
||||||
|
.../java/com/android/server/job/JobStore.java | 26 ++++++++++++++++---
|
||||||
|
1 file changed, 23 insertions(+), 3 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/services/core/java/com/android/server/job/JobStore.java b/services/core/java/com/android/server/job/JobStore.java
|
||||||
|
index 4f8b1dcc6bb4..7f2d7fb5987d 100644
|
||||||
|
--- a/services/core/java/com/android/server/job/JobStore.java
|
||||||
|
+++ b/services/core/java/com/android/server/job/JobStore.java
|
||||||
|
@@ -623,6 +623,10 @@ public final class JobStore {
|
||||||
|
}
|
||||||
|
} catch (XmlPullParserException | IOException e) {
|
||||||
|
Slog.wtf(TAG, "Error jobstore xml.", e);
|
||||||
|
+ } catch (Exception e) {
|
||||||
|
+ // Crashing at this point would result in a boot loop, so live with a general
|
||||||
|
+ // Exception for system stability's sake.
|
||||||
|
+ Slog.wtf(TAG, "Unexpected exception", e);
|
||||||
|
} finally {
|
||||||
|
if (mPersistInfo.countAllJobsLoaded < 0) { // Only set them once.
|
||||||
|
mPersistInfo.countAllJobsLoaded = numJobs;
|
||||||
|
@@ -753,6 +757,15 @@ public final class JobStore {
|
||||||
|
} catch (NumberFormatException e) {
|
||||||
|
Slog.d(TAG, "Error reading constraints, skipping.");
|
||||||
|
return null;
|
||||||
|
+ } catch (XmlPullParserException e) {
|
||||||
|
+ Slog.d(TAG, "Error Parser Exception.", e);
|
||||||
|
+ return null;
|
||||||
|
+ } catch (IOException e) {
|
||||||
|
+ Slog.d(TAG, "Error I/O Exception.", e);
|
||||||
|
+ return null;
|
||||||
|
+ } catch (IllegalArgumentException e) {
|
||||||
|
+ Slog.e(TAG, "Constraints contained invalid data", e);
|
||||||
|
+ return null;
|
||||||
|
}
|
||||||
|
parser.next(); // Consume </constraints>
|
||||||
|
|
||||||
|
@@ -848,8 +861,14 @@ public final class JobStore {
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
|
||||||
|
- PersistableBundle extras = PersistableBundle.restoreFromXml(parser);
|
||||||
|
- jobBuilder.setExtras(extras);
|
||||||
|
+ final PersistableBundle extras;
|
||||||
|
+ try {
|
||||||
|
+ extras = PersistableBundle.restoreFromXml(parser);
|
||||||
|
+ jobBuilder.setExtras(extras);
|
||||||
|
+ } catch (IllegalArgumentException e) {
|
||||||
|
+ Slog.e(TAG, "Persisted extras contained invalid data", e);
|
||||||
|
+ return null;
|
||||||
|
+ }
|
||||||
|
parser.nextTag(); // Consume </extras>
|
||||||
|
|
||||||
|
// Migrate sync jobs forward from earlier, incomplete representation
|
||||||
|
@@ -887,7 +906,8 @@ public final class JobStore {
|
||||||
|
return new JobInfo.Builder(jobId, cname);
|
||||||
|
}
|
||||||
|
|
||||||
|
- private void buildConstraintsFromXml(JobInfo.Builder jobBuilder, XmlPullParser parser) {
|
||||||
|
+ private void buildConstraintsFromXml(JobInfo.Builder jobBuilder, XmlPullParser parser)
|
||||||
|
+ throws XmlPullParserException, IOException {
|
||||||
|
String val;
|
||||||
|
|
||||||
|
final String netCapabilities = parser.getAttributeValue(null, "net-capabilities");
|
@ -0,0 +1,232 @@
|
|||||||
|
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Julia Reynolds <juliacr@google.com>
|
||||||
|
Date: Tue, 7 Mar 2023 15:44:49 -0500
|
||||||
|
Subject: [PATCH] Allow filtering of services
|
||||||
|
|
||||||
|
Test: ServiceListingTest
|
||||||
|
Bug: 260570119
|
||||||
|
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:44dcb8351e61f4b3a63ec68fa5d8490501e8a823)
|
||||||
|
Merged-In: Ib4740ba401667de62fa1a33334c2c1fbee25b760
|
||||||
|
Change-Id: Ib4740ba401667de62fa1a33334c2c1fbee25b760
|
||||||
|
---
|
||||||
|
.../applications/ServiceListing.java | 19 +++-
|
||||||
|
.../applications/ServiceListingTest.java | 98 ++++++++++++++++++-
|
||||||
|
2 files changed, 113 insertions(+), 4 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/packages/SettingsLib/src/com/android/settingslib/applications/ServiceListing.java b/packages/SettingsLib/src/com/android/settingslib/applications/ServiceListing.java
|
||||||
|
index 3c3c70ac364e..8c1cc256eee4 100644
|
||||||
|
--- a/packages/SettingsLib/src/com/android/settingslib/applications/ServiceListing.java
|
||||||
|
+++ b/packages/SettingsLib/src/com/android/settingslib/applications/ServiceListing.java
|
||||||
|
@@ -37,6 +37,7 @@ import com.android.settingslib.wrapper.PackageManagerWrapper;
|
||||||
|
import java.util.ArrayList;
|
||||||
|
import java.util.HashSet;
|
||||||
|
import java.util.List;
|
||||||
|
+import java.util.function.Predicate;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Class for managing services matching a given intent and requesting a given permission.
|
||||||
|
@@ -52,11 +53,13 @@ public class ServiceListing {
|
||||||
|
private final HashSet<ComponentName> mEnabledServices = new HashSet<>();
|
||||||
|
private final List<ServiceInfo> mServices = new ArrayList<>();
|
||||||
|
private final List<Callback> mCallbacks = new ArrayList<>();
|
||||||
|
+ private final Predicate mValidator;
|
||||||
|
|
||||||
|
private boolean mListening;
|
||||||
|
|
||||||
|
private ServiceListing(Context context, String tag,
|
||||||
|
- String setting, String intentAction, String permission, String noun) {
|
||||||
|
+ String setting, String intentAction, String permission, String noun,
|
||||||
|
+ Predicate validator) {
|
||||||
|
mContentResolver = context.getContentResolver();
|
||||||
|
mContext = context;
|
||||||
|
mTag = tag;
|
||||||
|
@@ -64,6 +67,7 @@ public class ServiceListing {
|
||||||
|
mIntentAction = intentAction;
|
||||||
|
mPermission = permission;
|
||||||
|
mNoun = noun;
|
||||||
|
+ mValidator = validator;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void addCallback(Callback callback) {
|
||||||
|
@@ -133,7 +137,6 @@ public class ServiceListing {
|
||||||
|
new Intent(mIntentAction),
|
||||||
|
PackageManager.GET_SERVICES | PackageManager.GET_META_DATA,
|
||||||
|
user);
|
||||||
|
-
|
||||||
|
for (ResolveInfo resolveInfo : installedServices) {
|
||||||
|
ServiceInfo info = resolveInfo.serviceInfo;
|
||||||
|
|
||||||
|
@@ -144,6 +147,9 @@ public class ServiceListing {
|
||||||
|
+ mPermission);
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
+ if (mValidator != null && !mValidator.test(info)) {
|
||||||
|
+ continue;
|
||||||
|
+ }
|
||||||
|
mServices.add(info);
|
||||||
|
}
|
||||||
|
for (Callback callback : mCallbacks) {
|
||||||
|
@@ -189,6 +195,7 @@ public class ServiceListing {
|
||||||
|
private String mIntentAction;
|
||||||
|
private String mPermission;
|
||||||
|
private String mNoun;
|
||||||
|
+ private Predicate mValidator;
|
||||||
|
|
||||||
|
public Builder(Context context) {
|
||||||
|
mContext = context;
|
||||||
|
@@ -219,8 +226,14 @@ public class ServiceListing {
|
||||||
|
return this;
|
||||||
|
}
|
||||||
|
|
||||||
|
+ public Builder setValidator(Predicate<ServiceInfo> validator) {
|
||||||
|
+ mValidator = validator;
|
||||||
|
+ return this;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
public ServiceListing build() {
|
||||||
|
- return new ServiceListing(mContext, mTag, mSetting, mIntentAction, mPermission, mNoun);
|
||||||
|
+ return new ServiceListing(mContext, mTag, mSetting, mIntentAction, mPermission, mNoun,
|
||||||
|
+ mValidator);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
diff --git a/packages/SettingsLib/tests/robotests/src/com/android/settingslib/applications/ServiceListingTest.java b/packages/SettingsLib/tests/robotests/src/com/android/settingslib/applications/ServiceListingTest.java
|
||||||
|
index 060b716bb435..6cfbd458fd79 100644
|
||||||
|
--- a/packages/SettingsLib/tests/robotests/src/com/android/settingslib/applications/ServiceListingTest.java
|
||||||
|
+++ b/packages/SettingsLib/tests/robotests/src/com/android/settingslib/applications/ServiceListingTest.java
|
||||||
|
@@ -17,21 +17,36 @@
|
||||||
|
package com.android.settingslib.applications;
|
||||||
|
|
||||||
|
import static com.google.common.truth.Truth.assertThat;
|
||||||
|
+import static org.mockito.ArgumentMatchers.any;
|
||||||
|
+import static org.mockito.ArgumentMatchers.anyInt;
|
||||||
|
import static org.mockito.ArgumentMatchers.anyList;
|
||||||
|
import static org.mockito.Mockito.mock;
|
||||||
|
+import static org.mockito.Mockito.spy;
|
||||||
|
import static org.mockito.Mockito.times;
|
||||||
|
import static org.mockito.Mockito.verify;
|
||||||
|
+import static org.mockito.Mockito.spy;
|
||||||
|
|
||||||
|
import android.content.ComponentName;
|
||||||
|
+import android.content.Context;
|
||||||
|
+import android.content.pm.PackageManager;
|
||||||
|
+import android.content.pm.ResolveInfo;
|
||||||
|
+import android.content.pm.ServiceInfo;
|
||||||
|
import android.provider.Settings;
|
||||||
|
|
||||||
|
+import androidx.test.core.app.ApplicationProvider;
|
||||||
|
+
|
||||||
|
import com.android.settingslib.SettingsLibRobolectricTestRunner;
|
||||||
|
|
||||||
|
+import com.google.common.collect.ImmutableList;
|
||||||
|
+
|
||||||
|
import org.junit.Before;
|
||||||
|
import org.junit.Test;
|
||||||
|
import org.junit.runner.RunWith;
|
||||||
|
+import org.mockito.ArgumentCaptor;
|
||||||
|
import org.robolectric.RuntimeEnvironment;
|
||||||
|
|
||||||
|
+import java.util.List;
|
||||||
|
+
|
||||||
|
@RunWith(SettingsLibRobolectricTestRunner.class)
|
||||||
|
public class ServiceListingTest {
|
||||||
|
|
||||||
|
@@ -39,16 +54,97 @@ public class ServiceListingTest {
|
||||||
|
private static final String TEST_INTENT = "com.example.intent";
|
||||||
|
|
||||||
|
private ServiceListing mServiceListing;
|
||||||
|
+ private Context mContext;
|
||||||
|
+ private PackageManager mPm;
|
||||||
|
|
||||||
|
@Before
|
||||||
|
public void setUp() {
|
||||||
|
- mServiceListing = new ServiceListing.Builder(RuntimeEnvironment.application)
|
||||||
|
+ mPm = mock(PackageManager.class);
|
||||||
|
+ mContext = spy(ApplicationProvider.getApplicationContext());
|
||||||
|
+ when(mContext.getPackageManager()).thenReturn(mPm);
|
||||||
|
+
|
||||||
|
+ mServiceListing = new ServiceListing.Builder(mContext)
|
||||||
|
+ .setTag("testTag")
|
||||||
|
+ .setSetting(TEST_SETTING)
|
||||||
|
+ .setNoun("testNoun")
|
||||||
|
+ .setIntentAction(TEST_INTENT)
|
||||||
|
+ .setPermission("testPermission")
|
||||||
|
+ .build();
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ @Test
|
||||||
|
+ public void testValidator() {
|
||||||
|
+ ServiceInfo s1 = new ServiceInfo();
|
||||||
|
+ s1.permission = "testPermission";
|
||||||
|
+ s1.packageName = "pkg";
|
||||||
|
+ ServiceInfo s2 = new ServiceInfo();
|
||||||
|
+ s2.permission = "testPermission";
|
||||||
|
+ s2.packageName = "pkg2";
|
||||||
|
+ ResolveInfo r1 = new ResolveInfo();
|
||||||
|
+ r1.serviceInfo = s1;
|
||||||
|
+ ResolveInfo r2 = new ResolveInfo();
|
||||||
|
+ r2.serviceInfo = s2;
|
||||||
|
+
|
||||||
|
+ when(mPm.queryIntentServicesAsUser(any(), anyInt(), anyInt())).thenReturn(
|
||||||
|
+ ImmutableList.of(r1, r2));
|
||||||
|
+
|
||||||
|
+ mServiceListing = new ServiceListing.Builder(mContext)
|
||||||
|
+ .setTag("testTag")
|
||||||
|
+ .setSetting(TEST_SETTING)
|
||||||
|
+ .setNoun("testNoun")
|
||||||
|
+ .setIntentAction(TEST_INTENT)
|
||||||
|
+ .setValidator(info -> {
|
||||||
|
+ if (info.packageName.equals("pkg")) {
|
||||||
|
+ return true;
|
||||||
|
+ }
|
||||||
|
+ return false;
|
||||||
|
+ })
|
||||||
|
+ .setPermission("testPermission")
|
||||||
|
+ .build();
|
||||||
|
+ ServiceListing.Callback callback = mock(ServiceListing.Callback.class);
|
||||||
|
+ mServiceListing.addCallback(callback);
|
||||||
|
+ mServiceListing.reload();
|
||||||
|
+
|
||||||
|
+ verify(mPm).queryIntentServicesAsUser(any(), anyInt(), anyInt());
|
||||||
|
+ ArgumentCaptor<List<ServiceInfo>> captor = ArgumentCaptor.forClass(List.class);
|
||||||
|
+ verify(callback, times(1)).onServicesReloaded(captor.capture());
|
||||||
|
+
|
||||||
|
+ assertThat(captor.getValue().size()).isEqualTo(1);
|
||||||
|
+ assertThat(captor.getValue().get(0)).isEqualTo(s1);
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ @Test
|
||||||
|
+ public void testNoValidator() {
|
||||||
|
+ ServiceInfo s1 = new ServiceInfo();
|
||||||
|
+ s1.permission = "testPermission";
|
||||||
|
+ s1.packageName = "pkg";
|
||||||
|
+ ServiceInfo s2 = new ServiceInfo();
|
||||||
|
+ s2.permission = "testPermission";
|
||||||
|
+ s2.packageName = "pkg2";
|
||||||
|
+ ResolveInfo r1 = new ResolveInfo();
|
||||||
|
+ r1.serviceInfo = s1;
|
||||||
|
+ ResolveInfo r2 = new ResolveInfo();
|
||||||
|
+ r2.serviceInfo = s2;
|
||||||
|
+
|
||||||
|
+ when(mPm.queryIntentServicesAsUser(any(), anyInt(), anyInt())).thenReturn(
|
||||||
|
+ ImmutableList.of(r1, r2));
|
||||||
|
+
|
||||||
|
+ mServiceListing = new ServiceListing.Builder(mContext)
|
||||||
|
.setTag("testTag")
|
||||||
|
.setSetting(TEST_SETTING)
|
||||||
|
.setNoun("testNoun")
|
||||||
|
.setIntentAction(TEST_INTENT)
|
||||||
|
.setPermission("testPermission")
|
||||||
|
.build();
|
||||||
|
+ ServiceListing.Callback callback = mock(ServiceListing.Callback.class);
|
||||||
|
+ mServiceListing.addCallback(callback);
|
||||||
|
+ mServiceListing.reload();
|
||||||
|
+
|
||||||
|
+ verify(mPm).queryIntentServicesAsUser(any(), anyInt(), anyInt());
|
||||||
|
+ ArgumentCaptor<List<ServiceInfo>> captor = ArgumentCaptor.forClass(List.class);
|
||||||
|
+ verify(callback, times(1)).onServicesReloaded(captor.capture());
|
||||||
|
+
|
||||||
|
+ assertThat(captor.getValue().size()).isEqualTo(2);
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test
|
@ -0,0 +1,85 @@
|
|||||||
|
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Valentin Iftime <valiiftime@google.com>
|
||||||
|
Date: Wed, 22 Feb 2023 09:38:55 +0100
|
||||||
|
Subject: [PATCH] Prevent RemoteViews crashing SystemUi
|
||||||
|
|
||||||
|
Catch canvas drawing exceptions caused by unsuported image sizes.
|
||||||
|
|
||||||
|
Test: 1. Post a custom view notification with a layout
|
||||||
|
containing an ImageView that references a 5k x 5k image
|
||||||
|
2. Add an App Widget to the home screen with that has the
|
||||||
|
layout mentioned above as preview/initial layout.
|
||||||
|
|
||||||
|
Bug: 268193777
|
||||||
|
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:cfc0b34432ab54e3fa472db5c43e620293f64a5d)
|
||||||
|
Merged-In: Ib3bda769c499b4069b49c566b1b227f98f707a8a
|
||||||
|
Change-Id: Ib3bda769c499b4069b49c566b1b227f98f707a8a
|
||||||
|
---
|
||||||
|
.../android/appwidget/AppWidgetHostView.java | 39 ++++++++++++++-----
|
||||||
|
1 file changed, 29 insertions(+), 10 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/core/java/android/appwidget/AppWidgetHostView.java b/core/java/android/appwidget/AppWidgetHostView.java
|
||||||
|
index ab0eb92e1726..02b244bdd9a6 100644
|
||||||
|
--- a/core/java/android/appwidget/AppWidgetHostView.java
|
||||||
|
+++ b/core/java/android/appwidget/AppWidgetHostView.java
|
||||||
|
@@ -21,6 +21,7 @@ import android.content.Context;
|
||||||
|
import android.content.pm.ApplicationInfo;
|
||||||
|
import android.content.pm.PackageManager.NameNotFoundException;
|
||||||
|
import android.content.res.Resources;
|
||||||
|
+import android.graphics.Canvas;
|
||||||
|
import android.graphics.Color;
|
||||||
|
import android.graphics.Rect;
|
||||||
|
import android.os.Build;
|
||||||
|
@@ -248,19 +249,26 @@ public class AppWidgetHostView extends FrameLayout {
|
||||||
|
super.onLayout(changed, left, top, right, bottom);
|
||||||
|
} catch (final RuntimeException e) {
|
||||||
|
Log.e(TAG, "Remote provider threw runtime exception, using error view instead.", e);
|
||||||
|
- removeViewInLayout(mView);
|
||||||
|
- View child = getErrorView();
|
||||||
|
- prepareView(child);
|
||||||
|
- addViewInLayout(child, 0, child.getLayoutParams());
|
||||||
|
- measureChild(child, MeasureSpec.makeMeasureSpec(getMeasuredWidth(), MeasureSpec.EXACTLY),
|
||||||
|
- MeasureSpec.makeMeasureSpec(getMeasuredHeight(), MeasureSpec.EXACTLY));
|
||||||
|
- child.layout(0, 0, child.getMeasuredWidth() + mPaddingLeft + mPaddingRight,
|
||||||
|
- child.getMeasuredHeight() + mPaddingTop + mPaddingBottom);
|
||||||
|
- mView = child;
|
||||||
|
- mViewMode = VIEW_MODE_ERROR;
|
||||||
|
+ handleViewError();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
+ /**
|
||||||
|
+ * Remove bad view and replace with error message view
|
||||||
|
+ */
|
||||||
|
+ private void handleViewError() {
|
||||||
|
+ removeViewInLayout(mView);
|
||||||
|
+ View child = getErrorView();
|
||||||
|
+ prepareView(child);
|
||||||
|
+ addViewInLayout(child, 0, child.getLayoutParams());
|
||||||
|
+ measureChild(child, MeasureSpec.makeMeasureSpec(getMeasuredWidth(), MeasureSpec.EXACTLY),
|
||||||
|
+ MeasureSpec.makeMeasureSpec(getMeasuredHeight(), MeasureSpec.EXACTLY));
|
||||||
|
+ child.layout(0, 0, child.getMeasuredWidth() + mPaddingLeft + mPaddingRight,
|
||||||
|
+ child.getMeasuredHeight() + mPaddingTop + mPaddingBottom);
|
||||||
|
+ mView = child;
|
||||||
|
+ mViewMode = VIEW_MODE_ERROR;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
/**
|
||||||
|
* Provide guidance about the size of this widget to the AppWidgetManager. The widths and
|
||||||
|
* heights should correspond to the full area the AppWidgetHostView is given. Padding added by
|
||||||
|
@@ -646,4 +654,15 @@ public class AppWidgetHostView extends FrameLayout {
|
||||||
|
super.onInitializeAccessibilityNodeInfoInternal(info);
|
||||||
|
info.setClassName(AppWidgetHostView.class.getName());
|
||||||
|
}
|
||||||
|
+
|
||||||
|
+ @Override
|
||||||
|
+ protected void dispatchDraw(Canvas canvas) {
|
||||||
|
+ try {
|
||||||
|
+ super.dispatchDraw(canvas);
|
||||||
|
+ } catch (Exception e) {
|
||||||
|
+ // Catch draw exceptions that may be caused by RemoteViews
|
||||||
|
+ Log.e(TAG, "Drawing view failed: " + e);
|
||||||
|
+ post(this::handleViewError);
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
}
|
@ -0,0 +1,28 @@
|
|||||||
|
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Dmitry Dementyev <dementyev@google.com>
|
||||||
|
Date: Tue, 7 Mar 2023 10:59:38 -0800
|
||||||
|
Subject: [PATCH] Convert argument to Intent in car settings
|
||||||
|
AddAccountActivity.
|
||||||
|
|
||||||
|
Bug: 265798353
|
||||||
|
Test: manual
|
||||||
|
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:3195c559667939b458445b7e133fb4a7c76aaead)
|
||||||
|
Merged-In: I4b035fd370197b7f4838af5fb6e4d0ce27a5f3e7
|
||||||
|
Change-Id: I4b035fd370197b7f4838af5fb6e4d0ce27a5f3e7
|
||||||
|
---
|
||||||
|
src/com/android/car/settings/accounts/AddAccountActivity.java | 2 +-
|
||||||
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/src/com/android/car/settings/accounts/AddAccountActivity.java b/src/com/android/car/settings/accounts/AddAccountActivity.java
|
||||||
|
index 15910abb7..39f4f7b50 100644
|
||||||
|
--- a/src/com/android/car/settings/accounts/AddAccountActivity.java
|
||||||
|
+++ b/src/com/android/car/settings/accounts/AddAccountActivity.java
|
||||||
|
@@ -102,7 +102,7 @@ public class AddAccountActivity extends Activity {
|
||||||
|
intent.putExtras(addAccountOptions);
|
||||||
|
intent.addFlags(Intent.FLAG_ACTIVITY_NEW_TASK);
|
||||||
|
startActivityForResultAsUser(
|
||||||
|
- intent, ADD_ACCOUNT_REQUEST, mUserHandle);
|
||||||
|
+ new Intent(intent), ADD_ACCOUNT_REQUEST, mUserHandle);
|
||||||
|
LOG.v("account added: " + result);
|
||||||
|
} catch (OperationCanceledException | IOException | AuthenticatorException e) {
|
||||||
|
LOG.v("addAccount error: " + e);
|
@ -0,0 +1,28 @@
|
|||||||
|
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Dmitry Dementyev <dementyev@google.com>
|
||||||
|
Date: Tue, 7 Mar 2023 10:36:41 -0800
|
||||||
|
Subject: [PATCH] Convert argument to intent in AddAccountSettings.
|
||||||
|
|
||||||
|
Bug: 265798353
|
||||||
|
Test: manual
|
||||||
|
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:c7e8052b527434ed8660e3babdab718f7f3cd7da)
|
||||||
|
Merged-In: I0051e5d5fc9fd3691504cb5fbb959f701e0bce6a
|
||||||
|
Change-Id: I0051e5d5fc9fd3691504cb5fbb959f701e0bce6a
|
||||||
|
---
|
||||||
|
src/com/android/settings/accounts/AddAccountSettings.java | 3 ++-
|
||||||
|
1 file changed, 2 insertions(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/src/com/android/settings/accounts/AddAccountSettings.java b/src/com/android/settings/accounts/AddAccountSettings.java
|
||||||
|
index cca15c96d3..2e23e93124 100644
|
||||||
|
--- a/src/com/android/settings/accounts/AddAccountSettings.java
|
||||||
|
+++ b/src/com/android/settings/accounts/AddAccountSettings.java
|
||||||
|
@@ -102,7 +102,8 @@ public class AddAccountSettings extends Activity {
|
||||||
|
addAccountOptions.putParcelable(EXTRA_USER, mUserHandle);
|
||||||
|
intent.putExtras(addAccountOptions);
|
||||||
|
intent.addFlags(Intent.FLAG_ACTIVITY_NEW_TASK);
|
||||||
|
- startActivityForResultAsUser(intent, ADD_ACCOUNT_REQUEST, mUserHandle);
|
||||||
|
+ startActivityForResultAsUser(
|
||||||
|
+ new Intent(intent), ADD_ACCOUNT_REQUEST, mUserHandle);
|
||||||
|
} else {
|
||||||
|
setResult(RESULT_OK);
|
||||||
|
if (mPendingIntent != null) {
|
@ -0,0 +1,27 @@
|
|||||||
|
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Dmitry Dementyev <dementyev@google.com>
|
||||||
|
Date: Tue, 7 Mar 2023 10:55:07 -0800
|
||||||
|
Subject: [PATCH] Convert argument to intent in addAccount TvSettings.
|
||||||
|
|
||||||
|
Bug: 265798353
|
||||||
|
Test: manual
|
||||||
|
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:706edcb7532d74788f899968016b7a6273bfbcac)
|
||||||
|
Merged-In: I06a63078f55ee8169123b1dfcf1811e682e0776e
|
||||||
|
Change-Id: I06a63078f55ee8169123b1dfcf1811e682e0776e
|
||||||
|
---
|
||||||
|
.../tv/settings/accounts/AddAccountWithTypeActivity.java | 2 +-
|
||||||
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/Settings/src/com/android/tv/settings/accounts/AddAccountWithTypeActivity.java b/Settings/src/com/android/tv/settings/accounts/AddAccountWithTypeActivity.java
|
||||||
|
index a608bc4fa..ff71ac93b 100644
|
||||||
|
--- a/Settings/src/com/android/tv/settings/accounts/AddAccountWithTypeActivity.java
|
||||||
|
+++ b/Settings/src/com/android/tv/settings/accounts/AddAccountWithTypeActivity.java
|
||||||
|
@@ -52,7 +52,7 @@ public class AddAccountWithTypeActivity extends Activity {
|
||||||
|
Log.e(TAG, "Failed to retrieve add account intent from authenticator");
|
||||||
|
setResultAndFinish(Activity.RESULT_CANCELED);
|
||||||
|
} else {
|
||||||
|
- startActivityForResult(addAccountIntent, REQUEST_ADD_ACCOUNT);
|
||||||
|
+ startActivityForResult(new Intent(addAccountIntent), REQUEST_ADD_ACCOUNT);
|
||||||
|
}
|
||||||
|
} catch (IOException|AuthenticatorException|OperationCanceledException e) {
|
||||||
|
Log.e(TAG, "Failed to get add account intent: ", e);
|
107
Patches/LineageOS-16.0/android_system_bt/358580.patch
Normal file
107
Patches/LineageOS-16.0/android_system_bt/358580.patch
Normal file
@ -0,0 +1,107 @@
|
|||||||
|
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Brian Delwiche <delwiche@google.com>
|
||||||
|
Date: Tue, 11 Oct 2022 21:23:22 +0000
|
||||||
|
Subject: [PATCH] Prevent use-after-free of HID reports
|
||||||
|
|
||||||
|
BTA sends the the HID report pointer to BTIF and deallocates it immediately.
|
||||||
|
This is now prevented by providing a deep copy callback function for HID
|
||||||
|
reports when tranferring context from BTA to BTIF.
|
||||||
|
|
||||||
|
This is a backport of change Icef7a7ed1185b4283ee4fe4f812ca154d8f1b825,
|
||||||
|
already merged on T for b/227620181.
|
||||||
|
|
||||||
|
Bug: 228837201
|
||||||
|
Test: Validated against researcher POC, ran BT unit tests, played audio
|
||||||
|
manually.
|
||||||
|
Tag: #security
|
||||||
|
Ignore-AOSP-First: Security
|
||||||
|
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:874c495c886cd8722625756dc5fd0634b16b4f42)
|
||||||
|
Merged-In: Ib837f395883de2369207f1b3b974d6bff02dcb19
|
||||||
|
Change-Id: Ib837f395883de2369207f1b3b974d6bff02dcb19
|
||||||
|
---
|
||||||
|
btif/src/btif_hh.cc | 50 ++++++++++++++++++++++++++++++++++++++++-----
|
||||||
|
1 file changed, 45 insertions(+), 5 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/btif/src/btif_hh.cc b/btif/src/btif_hh.cc
|
||||||
|
index c5a90218a..b6441e1cc 100644
|
||||||
|
--- a/btif/src/btif_hh.cc
|
||||||
|
+++ b/btif/src/btif_hh.cc
|
||||||
|
@@ -1073,6 +1073,38 @@ static void btif_hh_upstreams_evt(uint16_t event, char* p_param) {
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
+/*******************************************************************************
|
||||||
|
+ *
|
||||||
|
+ * Function btif_hh_hsdata_rpt_copy_cb
|
||||||
|
+ *
|
||||||
|
+ * Description Deep copies the tBTA_HH_HSDATA structure
|
||||||
|
+ *
|
||||||
|
+ * Returns void
|
||||||
|
+ *
|
||||||
|
+ ******************************************************************************/
|
||||||
|
+
|
||||||
|
+static void btif_hh_hsdata_rpt_copy_cb(uint16_t event, char* p_dest,
|
||||||
|
+ char* p_src) {
|
||||||
|
+ tBTA_HH_HSDATA* p_dst_data = (tBTA_HH_HSDATA*)p_dest;
|
||||||
|
+ tBTA_HH_HSDATA* p_src_data = (tBTA_HH_HSDATA*)p_src;
|
||||||
|
+ BT_HDR* hdr;
|
||||||
|
+
|
||||||
|
+ if (!p_src) {
|
||||||
|
+ BTIF_TRACE_ERROR("%s: Nothing to copy", __func__);
|
||||||
|
+ return;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ memcpy(p_dst_data, p_src_data, sizeof(tBTA_HH_HSDATA));
|
||||||
|
+
|
||||||
|
+ hdr = p_src_data->rsp_data.p_rpt_data;
|
||||||
|
+ if (hdr != NULL) {
|
||||||
|
+ uint8_t* p_data = ((uint8_t*)p_dst_data) + sizeof(tBTA_HH_HSDATA);
|
||||||
|
+ memcpy(p_data, hdr, BT_HDR_SIZE + hdr->offset + hdr->len);
|
||||||
|
+
|
||||||
|
+ p_dst_data->rsp_data.p_rpt_data = (BT_HDR*)p_data;
|
||||||
|
+ }
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
/*******************************************************************************
|
||||||
|
*
|
||||||
|
* Function bte_hh_evt
|
||||||
|
@@ -1086,6 +1118,7 @@ static void btif_hh_upstreams_evt(uint16_t event, char* p_param) {
|
||||||
|
void bte_hh_evt(tBTA_HH_EVT event, tBTA_HH* p_data) {
|
||||||
|
bt_status_t status;
|
||||||
|
int param_len = 0;
|
||||||
|
+ tBTIF_COPY_CBACK* p_copy_cback = NULL;
|
||||||
|
|
||||||
|
if (BTA_HH_ENABLE_EVT == event)
|
||||||
|
param_len = sizeof(tBTA_HH_STATUS);
|
||||||
|
@@ -1097,11 +1130,18 @@ void bte_hh_evt(tBTA_HH_EVT event, tBTA_HH* p_data) {
|
||||||
|
param_len = sizeof(tBTA_HH_CBDATA);
|
||||||
|
else if (BTA_HH_GET_DSCP_EVT == event)
|
||||||
|
param_len = sizeof(tBTA_HH_DEV_DSCP_INFO);
|
||||||
|
- else if ((BTA_HH_GET_PROTO_EVT == event) || (BTA_HH_GET_RPT_EVT == event) ||
|
||||||
|
- (BTA_HH_GET_IDLE_EVT == event))
|
||||||
|
+ else if ((BTA_HH_GET_PROTO_EVT == event) || (BTA_HH_GET_IDLE_EVT == event))
|
||||||
|
+ param_len = sizeof(tBTA_HH_HSDATA);
|
||||||
|
+ else if (BTA_HH_GET_RPT_EVT == event) {
|
||||||
|
+ BT_HDR* hdr = p_data->hs_data.rsp_data.p_rpt_data;
|
||||||
|
param_len = sizeof(tBTA_HH_HSDATA);
|
||||||
|
- else if ((BTA_HH_SET_PROTO_EVT == event) || (BTA_HH_SET_RPT_EVT == event) ||
|
||||||
|
- (BTA_HH_VC_UNPLUG_EVT == event) || (BTA_HH_SET_IDLE_EVT == event))
|
||||||
|
+
|
||||||
|
+ if (hdr != NULL) {
|
||||||
|
+ p_copy_cback = btif_hh_hsdata_rpt_copy_cb;
|
||||||
|
+ param_len += BT_HDR_SIZE + hdr->offset + hdr->len;
|
||||||
|
+ }
|
||||||
|
+ } else if ((BTA_HH_SET_PROTO_EVT == event) || (BTA_HH_SET_RPT_EVT == event) ||
|
||||||
|
+ (BTA_HH_VC_UNPLUG_EVT == event) || (BTA_HH_SET_IDLE_EVT == event))
|
||||||
|
param_len = sizeof(tBTA_HH_CBDATA);
|
||||||
|
else if ((BTA_HH_ADD_DEV_EVT == event) || (BTA_HH_RMV_DEV_EVT == event))
|
||||||
|
param_len = sizeof(tBTA_HH_DEV_INFO);
|
||||||
|
@@ -1110,7 +1150,7 @@ void bte_hh_evt(tBTA_HH_EVT event, tBTA_HH* p_data) {
|
||||||
|
/* switch context to btif task context (copy full union size for convenience)
|
||||||
|
*/
|
||||||
|
status = btif_transfer_context(btif_hh_upstreams_evt, (uint16_t)event,
|
||||||
|
- (char*)p_data, param_len, NULL);
|
||||||
|
+ (char*)p_data, param_len, p_copy_cback);
|
||||||
|
|
||||||
|
/* catch any failed context transfers */
|
||||||
|
ASSERTC(status == BT_STATUS_SUCCESS, "context transfer failed", status);
|
141
Patches/LineageOS-16.0/android_system_bt/358581.patch
Normal file
141
Patches/LineageOS-16.0/android_system_bt/358581.patch
Normal file
@ -0,0 +1,141 @@
|
|||||||
|
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Brian Delwiche <delwiche@google.com>
|
||||||
|
Date: Tue, 21 Mar 2023 22:35:35 +0000
|
||||||
|
Subject: [PATCH] Revert "Revert "[RESTRICT AUTOMERGE] Validate buffer length
|
||||||
|
in sdpu_build_uuid_seq""
|
||||||
|
|
||||||
|
This reverts commit 487a1079078f3717fdc4665c19a45eca5b3ec5e6.
|
||||||
|
|
||||||
|
Reason for revert: Reinstate original change for QPR
|
||||||
|
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:a681067af2ea4565543238db3025d749923f63ec)
|
||||||
|
Merged-In: If0528519a29dc73ff99163098da2a05592ab15d8
|
||||||
|
Change-Id: If0528519a29dc73ff99163098da2a05592ab15d8
|
||||||
|
---
|
||||||
|
stack/sdp/sdp_discovery.cc | 65 ++++++++++++++++++++++++++++++++++----
|
||||||
|
1 file changed, 58 insertions(+), 7 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/stack/sdp/sdp_discovery.cc b/stack/sdp/sdp_discovery.cc
|
||||||
|
index 420259800..ffc9586cd 100644
|
||||||
|
--- a/stack/sdp/sdp_discovery.cc
|
||||||
|
+++ b/stack/sdp/sdp_discovery.cc
|
||||||
|
@@ -74,10 +74,15 @@ static uint8_t* add_attr(uint8_t* p, uint8_t* p_end, tSDP_DISCOVERY_DB* p_db,
|
||||||
|
*
|
||||||
|
******************************************************************************/
|
||||||
|
static uint8_t* sdpu_build_uuid_seq(uint8_t* p_out, uint16_t num_uuids,
|
||||||
|
- Uuid* p_uuid_list) {
|
||||||
|
+ Uuid* p_uuid_list, uint16_t& bytes_left) {
|
||||||
|
uint16_t xx;
|
||||||
|
uint8_t* p_len;
|
||||||
|
|
||||||
|
+ if (bytes_left < 2) {
|
||||||
|
+ DCHECK(0) << "SDP: No space for data element header";
|
||||||
|
+ return (p_out);
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
/* First thing is the data element header */
|
||||||
|
UINT8_TO_BE_STREAM(p_out, (DATA_ELE_SEQ_DESC_TYPE << 3) | SIZE_IN_NEXT_BYTE);
|
||||||
|
|
||||||
|
@@ -85,9 +90,20 @@ static uint8_t* sdpu_build_uuid_seq(uint8_t* p_out, uint16_t num_uuids,
|
||||||
|
p_len = p_out;
|
||||||
|
p_out += 1;
|
||||||
|
|
||||||
|
+ /* Account for data element header and length */
|
||||||
|
+ bytes_left -= 2;
|
||||||
|
+
|
||||||
|
/* Now, loop through and put in all the UUID(s) */
|
||||||
|
for (xx = 0; xx < num_uuids; xx++, p_uuid_list++) {
|
||||||
|
int len = p_uuid_list->GetShortestRepresentationSize();
|
||||||
|
+
|
||||||
|
+ if (len + 1 > bytes_left) {
|
||||||
|
+ DCHECK(0) << "SDP: Too many UUIDs for internal buffer";
|
||||||
|
+ break;
|
||||||
|
+ } else {
|
||||||
|
+ bytes_left -= (len + 1);
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
if (len == Uuid::kNumBytes16) {
|
||||||
|
UINT8_TO_BE_STREAM(p_out, (UUID_DESC_TYPE << 3) | SIZE_TWO_BYTES);
|
||||||
|
UINT16_TO_BE_STREAM(p_out, p_uuid_list->As16Bit());
|
||||||
|
@@ -124,6 +140,7 @@ static void sdp_snd_service_search_req(tCONN_CB* p_ccb, uint8_t cont_len,
|
||||||
|
uint8_t *p, *p_start, *p_param_len;
|
||||||
|
BT_HDR* p_cmd = (BT_HDR*)osi_malloc(SDP_DATA_BUF_SIZE);
|
||||||
|
uint16_t param_len;
|
||||||
|
+ uint16_t bytes_left = SDP_DATA_BUF_SIZE;
|
||||||
|
|
||||||
|
/* Prepare the buffer for sending the packet to L2CAP */
|
||||||
|
p_cmd->offset = L2CAP_MIN_OFFSET;
|
||||||
|
@@ -138,13 +155,30 @@ static void sdp_snd_service_search_req(tCONN_CB* p_ccb, uint8_t cont_len,
|
||||||
|
p_param_len = p;
|
||||||
|
p += 2;
|
||||||
|
|
||||||
|
-/* Build the UID sequence. */
|
||||||
|
+ /* Account for header size, max service record count and
|
||||||
|
+ * continuation state */
|
||||||
|
+ const uint16_t base_bytes = (sizeof(BT_HDR) + L2CAP_MIN_OFFSET +
|
||||||
|
+ 3u + /* service search request header */
|
||||||
|
+ 2u + /* param len */
|
||||||
|
+ 3u + ((p_cont) ? cont_len : 0));
|
||||||
|
+
|
||||||
|
+ if (base_bytes > bytes_left) {
|
||||||
|
+ DCHECK(0) << "SDP: Overran SDP data buffer";
|
||||||
|
+ osi_free(p_cmd);
|
||||||
|
+ return;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ bytes_left -= base_bytes;
|
||||||
|
+
|
||||||
|
+ /* Build the UID sequence. */
|
||||||
|
#if (SDP_BROWSE_PLUS == TRUE)
|
||||||
|
p = sdpu_build_uuid_seq(p, 1,
|
||||||
|
- &p_ccb->p_db->uuid_filters[p_ccb->cur_uuid_idx]);
|
||||||
|
+ &p_ccb->p_db->uuid_filters[p_ccb->cur_uuid_idx],
|
||||||
|
+ bytes_left);
|
||||||
|
#else
|
||||||
|
+ /* Build the UID sequence. */
|
||||||
|
p = sdpu_build_uuid_seq(p, p_ccb->p_db->num_uuid_filters,
|
||||||
|
- p_ccb->p_db->uuid_filters);
|
||||||
|
+ p_ccb->p_db->uuid_filters, bytes_left);
|
||||||
|
#endif
|
||||||
|
|
||||||
|
/* Set max service record count */
|
||||||
|
@@ -636,6 +670,7 @@ static void process_service_search_attr_rsp(tCONN_CB* p_ccb, uint8_t* p_reply,
|
||||||
|
if ((cont_request_needed) || (!p_reply)) {
|
||||||
|
BT_HDR* p_msg = (BT_HDR*)osi_malloc(SDP_DATA_BUF_SIZE);
|
||||||
|
uint8_t* p;
|
||||||
|
+ uint16_t bytes_left = SDP_DATA_BUF_SIZE;
|
||||||
|
|
||||||
|
p_msg->offset = L2CAP_MIN_OFFSET;
|
||||||
|
p = p_start = (uint8_t*)(p_msg + 1) + L2CAP_MIN_OFFSET;
|
||||||
|
@@ -649,13 +684,29 @@ static void process_service_search_attr_rsp(tCONN_CB* p_ccb, uint8_t* p_reply,
|
||||||
|
p_param_len = p;
|
||||||
|
p += 2;
|
||||||
|
|
||||||
|
-/* Build the UID sequence. */
|
||||||
|
+ /* Account for header size, max service record count and
|
||||||
|
+ * continuation state */
|
||||||
|
+ const uint16_t base_bytes = (sizeof(BT_HDR) + L2CAP_MIN_OFFSET +
|
||||||
|
+ 3u + /* service search request header */
|
||||||
|
+ 2u + /* param len */
|
||||||
|
+ 3u + /* max service record count */
|
||||||
|
+ ((p_reply) ? (*p_reply) : 0));
|
||||||
|
+
|
||||||
|
+ if (base_bytes > bytes_left) {
|
||||||
|
+ sdp_disconnect(p_ccb, SDP_INVALID_CONT_STATE);
|
||||||
|
+ return;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ bytes_left -= base_bytes;
|
||||||
|
+
|
||||||
|
+ /* Build the UID sequence. */
|
||||||
|
#if (SDP_BROWSE_PLUS == TRUE)
|
||||||
|
p = sdpu_build_uuid_seq(p, 1,
|
||||||
|
- &p_ccb->p_db->uuid_filters[p_ccb->cur_uuid_idx]);
|
||||||
|
+ &p_ccb->p_db->uuid_filters[p_ccb->cur_uuid_idx],
|
||||||
|
+ bytes_left);
|
||||||
|
#else
|
||||||
|
p = sdpu_build_uuid_seq(p, p_ccb->p_db->num_uuid_filters,
|
||||||
|
- p_ccb->p_db->uuid_filters);
|
||||||
|
+ p_ccb->p_db->uuid_filters, bytes_left);
|
||||||
|
#endif
|
||||||
|
|
||||||
|
/* Max attribute byte count */
|
82
Patches/LineageOS-16.0/android_system_bt/358582.patch
Normal file
82
Patches/LineageOS-16.0/android_system_bt/358582.patch
Normal file
@ -0,0 +1,82 @@
|
|||||||
|
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Brian Delwiche <delwiche@google.com>
|
||||||
|
Date: Tue, 21 Mar 2023 22:39:16 +0000
|
||||||
|
Subject: [PATCH] Revert "Revert "Fix wrong BR/EDR link key downgrades
|
||||||
|
(P_256->P_192)""
|
||||||
|
|
||||||
|
This reverts commit d733c86cbc06ce0ec72216b9d41e172d1939c46f.
|
||||||
|
|
||||||
|
Function btm_sec_encrypt_change() is called at most places
|
||||||
|
with argument "encr_enable" treated as bool and not as per
|
||||||
|
(tHCI_ENCRYPT_MODE = 0/1/2) expected by the function. The
|
||||||
|
function has special handling for "encr_enable=1" to downgrade
|
||||||
|
the link key type for BR/EDR case. This gets executed even
|
||||||
|
when the caller/context did not mean/expect so. It appears
|
||||||
|
this handling in btm_sec_encrypt_change() is not necessary and
|
||||||
|
is removed by this commit to prevent accidental execution of it.
|
||||||
|
|
||||||
|
Test: Verified re-pairing with an iPhone works fine now
|
||||||
|
|
||||||
|
Issue Reproduction Steps:
|
||||||
|
1. Enable Bluetooth Hotspot on Android device (DUT).
|
||||||
|
2. Pair and connect an iPhone to DUT.
|
||||||
|
3. Forget this pairing on DUT.
|
||||||
|
4. On iPhone settings, click on old DUT's paired entry to connect.
|
||||||
|
5. iPhone notifies to click 'Forget Device' and try fresh pairing.
|
||||||
|
6. On iPhone, after doing 'Forget Device', discover DUT again.
|
||||||
|
7. Attempt pairing to DUT by clicking on discovered DUT entry.
|
||||||
|
Pairing will be unsuccessful.
|
||||||
|
|
||||||
|
Issue Cause:
|
||||||
|
During re-pairing, DUT is seen to downgrade
|
||||||
|
BR/EDR link key unexpectedly from link key type 0x8
|
||||||
|
(BTM_LKEY_TYPE_AUTH_COMB_P_256) to 0x5 (BTM_LKEY_TYPE_AUTH_COMB).
|
||||||
|
|
||||||
|
Log snippet (re-pairing time):
|
||||||
|
btm_sec_link_key_notification set new_encr_key_256 to 1
|
||||||
|
btif_dm_auth_cmpl_evt: Storing link key. key_type=0x8, bond_type=1
|
||||||
|
btm_sec_encrypt_change new_encr_key_256 is 1
|
||||||
|
--On DUT, HCI_Encryption_Key_Refresh_Complete event noticed---
|
||||||
|
btm_sec_encrypt_change new_encr_key_256 is 0
|
||||||
|
updated link key type to 5
|
||||||
|
btif_dm_auth_cmpl_evt: Storing link key. key_type=0x5, bond_type=1
|
||||||
|
|
||||||
|
This is a backport of the following patch: aosp/1890096
|
||||||
|
|
||||||
|
Bug: 258834033
|
||||||
|
|
||||||
|
Reason for revert: Reinstate original change for QPR
|
||||||
|
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:56891eedc68c86b40977191dad28d65ebf86a94f)
|
||||||
|
Merged-In: Iba0c220b82bcf6b15368762b7052a3987ccbc0c6
|
||||||
|
Change-Id: Iba0c220b82bcf6b15368762b7052a3987ccbc0c6
|
||||||
|
---
|
||||||
|
stack/btm/btm_sec.cc | 16 ----------------
|
||||||
|
1 file changed, 16 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/stack/btm/btm_sec.cc b/stack/btm/btm_sec.cc
|
||||||
|
index 168750140..899b6b908 100644
|
||||||
|
--- a/stack/btm/btm_sec.cc
|
||||||
|
+++ b/stack/btm/btm_sec.cc
|
||||||
|
@@ -4030,22 +4030,6 @@ void btm_sec_encrypt_change(uint16_t handle, uint8_t status,
|
||||||
|
SMP_BR_PairWith(p_dev_rec->bd_addr);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
- } else {
|
||||||
|
- // BR/EDR is successfully encrypted. Correct LK type if needed
|
||||||
|
- // (BR/EDR LK derived from LE LTK was used for encryption)
|
||||||
|
- if ((encr_enable == 1) && /* encryption is ON for SSP */
|
||||||
|
- /* LK type is for BR/EDR SC */
|
||||||
|
- (p_dev_rec->link_key_type == BTM_LKEY_TYPE_UNAUTH_COMB_P_256 ||
|
||||||
|
- p_dev_rec->link_key_type == BTM_LKEY_TYPE_AUTH_COMB_P_256)) {
|
||||||
|
- if (p_dev_rec->link_key_type == BTM_LKEY_TYPE_UNAUTH_COMB_P_256)
|
||||||
|
- p_dev_rec->link_key_type = BTM_LKEY_TYPE_UNAUTH_COMB;
|
||||||
|
- else /* BTM_LKEY_TYPE_AUTH_COMB_P_256 */
|
||||||
|
- p_dev_rec->link_key_type = BTM_LKEY_TYPE_AUTH_COMB;
|
||||||
|
-
|
||||||
|
- BTM_TRACE_DEBUG("updated link key type to %d",
|
||||||
|
- p_dev_rec->link_key_type);
|
||||||
|
- btm_send_link_key_notif(p_dev_rec);
|
||||||
|
- }
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
@ -1,7 +1,8 @@
|
|||||||
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
||||||
From: Songchun Fan <schfan@google.com>
|
From: Songchun Fan <schfan@google.com>
|
||||||
Date: Thu, 2 Feb 2023 10:35:56 -0800
|
Date: Thu, 2 Feb 2023 10:35:56 -0800
|
||||||
Subject: [PATCH] still allow debuggable for system app downgrades
|
Subject: [PATCH] [RESTRICT AUTOMERGE][pm] still allow debuggable for system
|
||||||
|
app downgrades
|
||||||
|
|
||||||
Turns out we do have internal tests that downgrades system apps, so adding this exception to allow for that.
|
Turns out we do have internal tests that downgrades system apps, so adding this exception to allow for that.
|
||||||
|
|
||||||
@ -18,10 +19,10 @@ Merged-In: Ie281bbdc8788ee64ff99a7c5150da7ce7926235e
|
|||||||
1 file changed, 13 insertions(+), 9 deletions(-)
|
1 file changed, 13 insertions(+), 9 deletions(-)
|
||||||
|
|
||||||
diff --git a/services/core/java/com/android/server/pm/PackageManagerService.java b/services/core/java/com/android/server/pm/PackageManagerService.java
|
diff --git a/services/core/java/com/android/server/pm/PackageManagerService.java b/services/core/java/com/android/server/pm/PackageManagerService.java
|
||||||
index 068cb345d463..58a0fdbed498 100644
|
index 37b85cf4fe79..27282c0a2dda 100644
|
||||||
--- a/services/core/java/com/android/server/pm/PackageManagerService.java
|
--- a/services/core/java/com/android/server/pm/PackageManagerService.java
|
||||||
+++ b/services/core/java/com/android/server/pm/PackageManagerService.java
|
+++ b/services/core/java/com/android/server/pm/PackageManagerService.java
|
||||||
@@ -15324,15 +15324,19 @@ public class PackageManagerService extends IPackageManager.Stub
|
@@ -15324,15 +15324,19 @@ private int installLocationPolicy(PackageInfoLite pkgLite) {
|
||||||
if (disabledPs != null) {
|
if (disabledPs != null) {
|
||||||
dataOwnerPkg = disabledPs.pkg;
|
dataOwnerPkg = disabledPs.pkg;
|
||||||
}
|
}
|
||||||
@ -34,7 +35,7 @@ index 068cb345d463..58a0fdbed498 100644
|
|||||||
- + e.getMessage();
|
- + e.getMessage();
|
||||||
- Slog.w(TAG, errorMsg);
|
- Slog.w(TAG, errorMsg);
|
||||||
- return PackageHelper.RECOMMEND_FAILED_VERSION_DOWNGRADE;
|
- return PackageHelper.RECOMMEND_FAILED_VERSION_DOWNGRADE;
|
||||||
+ if (!Build.IS_DEBUGGABLE && !dataOwnerPkg.isDebuggable()) {
|
+ if (!Build.IS_DEBUGGABLE && (dataOwnerPkg.applicationInfo.flags & ApplicationInfo.FLAG_DEBUGGABLE) == 0) {
|
||||||
+ // Only restrict non-debuggable builds and non-debuggable version of
|
+ // Only restrict non-debuggable builds and non-debuggable version of
|
||||||
+ // the app
|
+ // the app
|
||||||
+ try {
|
+ try {
|
||||||
|
@ -73,7 +73,7 @@ applyPatch "$DOS_PATCHES/android_build/0001-OTA_Keys.patch"; #Add correct keys t
|
|||||||
applyPatch "$DOS_PATCHES/android_build/0002-Enable_fwrapv.patch"; #Use -fwrapv at a minimum (GrapheneOS)
|
applyPatch "$DOS_PATCHES/android_build/0002-Enable_fwrapv.patch"; #Use -fwrapv at a minimum (GrapheneOS)
|
||||||
sed -i '57i$(my_res_package): PRIVATE_AAPT_FLAGS += --auto-add-overlay' core/aapt2.mk; #Enable auto-add-overlay for packages, this allows the vendor overlay to easily work across all branches.
|
sed -i '57i$(my_res_package): PRIVATE_AAPT_FLAGS += --auto-add-overlay' core/aapt2.mk; #Enable auto-add-overlay for packages, this allows the vendor overlay to easily work across all branches.
|
||||||
awk -i inplace '!/Email/' target/product/core.mk; #Remove Email
|
awk -i inplace '!/Email/' target/product/core.mk; #Remove Email
|
||||||
sed -i 's/2021-10-05/2023-05-05/' core/version_defaults.mk; #Bump Security String #XXX
|
sed -i 's/2021-10-05/2023-06-05/' core/version_defaults.mk; #Bump Security String #XXX
|
||||||
fi;
|
fi;
|
||||||
|
|
||||||
if enterAndClear "build/soong"; then
|
if enterAndClear "build/soong"; then
|
||||||
@ -125,9 +125,10 @@ if enterAndClear "external/zlib"; then
|
|||||||
applyPatch "$DOS_PATCHES/android_external_zlib/351909.patch"; #P_asb_2023-03 Fix a bug when getting a gzip header extra field with inflate().
|
applyPatch "$DOS_PATCHES/android_external_zlib/351909.patch"; #P_asb_2023-03 Fix a bug when getting a gzip header extra field with inflate().
|
||||||
fi;
|
fi;
|
||||||
|
|
||||||
#if enterAndClear "frameworks/av"; then
|
if enterAndClear "frameworks/av"; then
|
||||||
#if [ "$DOS_GRAPHENE_MALLOC_BROKEN" = true ]; then applyPatch "$DOS_PATCHES/android_frameworks_av/0001-HM-No_RLIMIT_AS.patch"; fi; #(GrapheneOS)
|
#if [ "$DOS_GRAPHENE_MALLOC_BROKEN" = true ]; then applyPatch "$DOS_PATCHES/android_frameworks_av/0001-HM-No_RLIMIT_AS.patch"; fi; #(GrapheneOS)
|
||||||
#fi;
|
applyPatch "$DOS_PATCHES/android_frameworks_av/358729.patch"; #n-asb-2023-06 Fix NuMediaExtractor::readSampleData buffer Handling
|
||||||
|
fi;
|
||||||
|
|
||||||
if enterAndClear "frameworks/base"; then
|
if enterAndClear "frameworks/base"; then
|
||||||
applyPatch "$DOS_PATCHES/android_frameworks_base/330961-backport.patch"; #P_asb_2022-05 Keyguard - Treat messsages to lock with priority
|
applyPatch "$DOS_PATCHES/android_frameworks_base/330961-backport.patch"; #P_asb_2022-05 Keyguard - Treat messsages to lock with priority
|
||||||
@ -181,6 +182,9 @@ applyPatch "$DOS_PATCHES/android_frameworks_base/354245.patch"; #P_asb_2023-04 E
|
|||||||
applyPatch "$DOS_PATCHES/android_frameworks_base/355765-backport.patch"; #R_asb_2023-05 Checks if AccessibilityServiceInfo is within parcelable size.
|
applyPatch "$DOS_PATCHES/android_frameworks_base/355765-backport.patch"; #R_asb_2023-05 Checks if AccessibilityServiceInfo is within parcelable size.
|
||||||
applyPatch "$DOS_PATCHES/android_frameworks_base/355865.patch"; #n-asb-2023-05 Uri: check authority and scheme as part of determining URI path
|
applyPatch "$DOS_PATCHES/android_frameworks_base/355865.patch"; #n-asb-2023-05 Uri: check authority and scheme as part of determining URI path
|
||||||
applyPatch "$DOS_PATCHES/android_frameworks_base/355767.patch"; #R_asb_2023-05 Enforce stricter rules when registering phoneAccounts
|
applyPatch "$DOS_PATCHES/android_frameworks_base/355767.patch"; #R_asb_2023-05 Enforce stricter rules when registering phoneAccounts
|
||||||
|
applyPatch "$DOS_PATCHES/android_frameworks_base/358560-backport.patch"; #R_asb_2023-06 Check key intent for selectors and prohibited flags
|
||||||
|
applyPatch "$DOS_PATCHES/android_frameworks_base/358561-backport.patch"; #R_asb_2023-06 Handle invalid data during job loading.
|
||||||
|
applyPatch "$DOS_PATCHES/android_frameworks_base/358732-backport.patch"; #n-asb-2023-06 Prevent RemoteViews crashing SystemUi
|
||||||
applyPatch "$DOS_PATCHES_COMMON/android_frameworks_base/0001-Browser_No_Location.patch"; #Don't grant location permission to system browsers (GrapheneOS)
|
applyPatch "$DOS_PATCHES_COMMON/android_frameworks_base/0001-Browser_No_Location.patch"; #Don't grant location permission to system browsers (GrapheneOS)
|
||||||
applyPatch "$DOS_PATCHES_COMMON/android_frameworks_base/0003-SUPL_No_IMSI.patch"; #Don't send IMSI to SUPL (MSe1969)
|
applyPatch "$DOS_PATCHES_COMMON/android_frameworks_base/0003-SUPL_No_IMSI.patch"; #Don't send IMSI to SUPL (MSe1969)
|
||||||
applyPatch "$DOS_PATCHES_COMMON/android_frameworks_base/0004-Fingerprint_Lockout.patch"; #Enable fingerprint lockout after five failed attempts (GrapheneOS)
|
applyPatch "$DOS_PATCHES_COMMON/android_frameworks_base/0004-Fingerprint_Lockout.patch"; #Enable fingerprint lockout after five failed attempts (GrapheneOS)
|
||||||
@ -320,6 +324,7 @@ applyPatch "$DOS_PATCHES/android_packages_apps_Settings/335115.patch"; #P_asb_20
|
|||||||
applyPatch "$DOS_PATCHES/android_packages_apps_Settings/345911.patch"; #P_asb_2022-12 Prevent exfiltration of system files via avatar picker.
|
applyPatch "$DOS_PATCHES/android_packages_apps_Settings/345911.patch"; #P_asb_2022-12 Prevent exfiltration of system files via avatar picker.
|
||||||
applyPatch "$DOS_PATCHES/android_packages_apps_Settings/345912-backport.patch"; #P_asb_2022-12 Add FLAG_SECURE for ChooseLockPassword and Pattern
|
applyPatch "$DOS_PATCHES/android_packages_apps_Settings/345912-backport.patch"; #P_asb_2022-12 Add FLAG_SECURE for ChooseLockPassword and Pattern
|
||||||
applyPatch "$DOS_PATCHES/android_packages_apps_Settings/351914-backport.patch"; #P_asb_2023-03 FRP bypass defense in the settings app
|
applyPatch "$DOS_PATCHES/android_packages_apps_Settings/351914-backport.patch"; #P_asb_2023-03 FRP bypass defense in the settings app
|
||||||
|
applyPatch "$DOS_PATCHES/android_packages_apps_Settings/358568-backport.patch"; #R_asb_2023-06 Convert argument to intent in AddAccountSettings.
|
||||||
git revert --no-edit a96df110e84123fe1273bff54feca3b4ca484dcd; #Don't hide OEM unlock
|
git revert --no-edit a96df110e84123fe1273bff54feca3b4ca484dcd; #Don't hide OEM unlock
|
||||||
applyPatch "$DOS_PATCHES/android_packages_apps_Settings/0001-Captive_Portal_Toggle.patch"; #Add option to disable captive portal checks (MSe1969)
|
applyPatch "$DOS_PATCHES/android_packages_apps_Settings/0001-Captive_Portal_Toggle.patch"; #Add option to disable captive portal checks (MSe1969)
|
||||||
if [ "$DOS_SENSORS_PERM" = true ]; then
|
if [ "$DOS_SENSORS_PERM" = true ]; then
|
||||||
@ -334,6 +339,10 @@ if enterAndClear "packages/apps/SetupWizard"; then
|
|||||||
applyPatch "$DOS_PATCHES/android_packages_apps_SetupWizard/0001-Remove_Analytics.patch"; #Remove analytics (DivestOS)
|
applyPatch "$DOS_PATCHES/android_packages_apps_SetupWizard/0001-Remove_Analytics.patch"; #Remove analytics (DivestOS)
|
||||||
fi;
|
fi;
|
||||||
|
|
||||||
|
if enterAndClear "packages/apps/TvSettings"; then
|
||||||
|
applyPatch "$DOS_PATCHES/android_packages_apps_TvSettings/358578.patch"; #R_asb_2023-06 Convert argument to intent in addAccount TvSettings.
|
||||||
|
fi;
|
||||||
|
|
||||||
if enterAndClear "packages/apps/Updater"; then
|
if enterAndClear "packages/apps/Updater"; then
|
||||||
applyPatch "$DOS_PATCHES/android_packages_apps_Updater/0001-Server.patch"; #Switch to our server (DivestOS)
|
applyPatch "$DOS_PATCHES/android_packages_apps_Updater/0001-Server.patch"; #Switch to our server (DivestOS)
|
||||||
applyPatch "$DOS_PATCHES/android_packages_apps_Updater/0002-Tor_Support.patch"; #Add Tor support (DivestOS)
|
applyPatch "$DOS_PATCHES/android_packages_apps_Updater/0002-Tor_Support.patch"; #Add Tor support (DivestOS)
|
||||||
@ -404,6 +413,9 @@ applyPatch "$DOS_PATCHES/android_system_bt/351917.patch"; #P_asb_2023-03 Fix an
|
|||||||
applyPatch "$DOS_PATCHES/android_system_bt/351918.patch"; #P_asb_2023-03 Fix an OOB write in SDP_AddAttribute
|
applyPatch "$DOS_PATCHES/android_system_bt/351918.patch"; #P_asb_2023-03 Fix an OOB write in SDP_AddAttribute
|
||||||
applyPatch "$DOS_PATCHES/android_system_bt/354246.patch"; #P_asb_2023-04 Fix OOB access in avdt_scb_hdl_pkt_no_frag
|
applyPatch "$DOS_PATCHES/android_system_bt/354246.patch"; #P_asb_2023-04 Fix OOB access in avdt_scb_hdl_pkt_no_frag
|
||||||
applyPatch "$DOS_PATCHES/android_system_bt/354247.patch"; #P_asb_2023-04 Fix an OOB bug in register_notification_rsp
|
applyPatch "$DOS_PATCHES/android_system_bt/354247.patch"; #P_asb_2023-04 Fix an OOB bug in register_notification_rsp
|
||||||
|
applyPatch "$DOS_PATCHES/android_system_bt/358580.patch"; #R_asb_2023-06 Prevent use-after-free of HID reports
|
||||||
|
applyPatch "$DOS_PATCHES/android_system_bt/358581-backport.patch"; #R_asb_2023-06 Revert "Revert "[RESTRICT AUTOMERGE] Validate buffer length in sdpu_build_uuid_seq""
|
||||||
|
applyPatch "$DOS_PATCHES/android_system_bt/358582.patch"; #R_asb_2023-06 Revert "Revert "Fix wrong BR/EDR link key downgrades (P_256->P_192)""
|
||||||
fi;
|
fi;
|
||||||
|
|
||||||
if enterAndClear "system/core"; then
|
if enterAndClear "system/core"; then
|
||||||
|
@ -97,7 +97,7 @@ applyPatch "$DOS_PATCHES/android_build/0002-Enable_fwrapv.patch"; #Use -fwrapv a
|
|||||||
sed -i '74i$(my_res_package): PRIVATE_AAPT_FLAGS += --auto-add-overlay' core/aapt2.mk; #Enable auto-add-overlay for packages, this allows the vendor overlay to easily work across all branches.
|
sed -i '74i$(my_res_package): PRIVATE_AAPT_FLAGS += --auto-add-overlay' core/aapt2.mk; #Enable auto-add-overlay for packages, this allows the vendor overlay to easily work across all branches.
|
||||||
sed -i 's/PLATFORM_MIN_SUPPORTED_TARGET_SDK_VERSION := 17/PLATFORM_MIN_SUPPORTED_TARGET_SDK_VERSION := 28/' core/version_defaults.mk; #Set the minimum supported target SDK to Pie (GrapheneOS)
|
sed -i 's/PLATFORM_MIN_SUPPORTED_TARGET_SDK_VERSION := 17/PLATFORM_MIN_SUPPORTED_TARGET_SDK_VERSION := 28/' core/version_defaults.mk; #Set the minimum supported target SDK to Pie (GrapheneOS)
|
||||||
awk -i inplace '!/Email/' target/product/core.mk; #Remove Email
|
awk -i inplace '!/Email/' target/product/core.mk; #Remove Email
|
||||||
sed -i 's/2022-01-05/2023-05-05/' core/version_defaults.mk; #Bump Security String #P_asb_2023-05 #XXX
|
sed -i 's/2022-01-05/2023-06-05/' core/version_defaults.mk; #Bump Security String #P_asb_2023-06 #XXX
|
||||||
fi;
|
fi;
|
||||||
|
|
||||||
if enterAndClear "build/soong"; then
|
if enterAndClear "build/soong"; then
|
||||||
@ -148,9 +148,14 @@ fi;
|
|||||||
|
|
||||||
if enterAndClear "frameworks/av"; then
|
if enterAndClear "frameworks/av"; then
|
||||||
if [ "$DOS_GRAPHENE_MALLOC" = true ]; then applyPatch "$DOS_PATCHES/android_frameworks_av/0001-HM-No_RLIMIT_AS.patch"; fi; #(GrapheneOS)
|
if [ "$DOS_GRAPHENE_MALLOC" = true ]; then applyPatch "$DOS_PATCHES/android_frameworks_av/0001-HM-No_RLIMIT_AS.patch"; fi; #(GrapheneOS)
|
||||||
|
applyPatch "$DOS_PATCHES/android_frameworks_av/358555.patch"; #R_asb_2023-06 Fix NuMediaExtractor::readSampleData buffer Handling
|
||||||
fi;
|
fi;
|
||||||
|
|
||||||
if enterAndClear "frameworks/base"; then
|
if enterAndClear "frameworks/base"; then
|
||||||
|
applyPatch "$DOS_PATCHES/android_frameworks_base/358560-backport.patch"; #R_asb_2023-06 Check key intent for selectors and prohibited flags
|
||||||
|
applyPatch "$DOS_PATCHES/android_frameworks_base/358561-backport.patch"; #R_asb_2023-06 Handle invalid data during job loading.
|
||||||
|
applyPatch "$DOS_PATCHES/android_frameworks_base/358562-backport.patch"; #R_asb_2023-06 Allow filtering of services
|
||||||
|
applyPatch "$DOS_PATCHES/android_frameworks_base/358732-backport.patch"; #n-asb-2023-06 Prevent RemoteViews crashing SystemUi
|
||||||
applyPatch "$DOS_PATCHES/android_frameworks_base/0007-Always_Restict_Serial.patch"; #Always restrict access to Build.SERIAL (GrapheneOS)
|
applyPatch "$DOS_PATCHES/android_frameworks_base/0007-Always_Restict_Serial.patch"; #Always restrict access to Build.SERIAL (GrapheneOS)
|
||||||
applyPatch "$DOS_PATCHES/android_frameworks_base/0008-Browser_No_Location.patch"; #Don't grant location permission to system browsers (GrapheneOS)
|
applyPatch "$DOS_PATCHES/android_frameworks_base/0008-Browser_No_Location.patch"; #Don't grant location permission to system browsers (GrapheneOS)
|
||||||
applyPatch "$DOS_PATCHES/android_frameworks_base/0009-SystemUI_No_Permission_Review.patch"; #Allow SystemUI to directly manage Bluetooth/WiFi (GrapheneOS)
|
applyPatch "$DOS_PATCHES/android_frameworks_base/0009-SystemUI_No_Permission_Review.patch"; #Allow SystemUI to directly manage Bluetooth/WiFi (GrapheneOS)
|
||||||
@ -260,6 +265,10 @@ if enterAndClear "packages/apps/Bluetooth"; then
|
|||||||
if [ "$DOS_GRAPHENE_CONSTIFY" = true ]; then applyPatch "$DOS_PATCHES/android_packages_apps_Bluetooth/0001-constify_JNINativeMethod.patch"; fi; #Constify JNINativeMethod tables (GrapheneOS)
|
if [ "$DOS_GRAPHENE_CONSTIFY" = true ]; then applyPatch "$DOS_PATCHES/android_packages_apps_Bluetooth/0001-constify_JNINativeMethod.patch"; fi; #Constify JNINativeMethod tables (GrapheneOS)
|
||||||
fi;
|
fi;
|
||||||
|
|
||||||
|
if enterAndClear "packages/apps/Car/Settings"; then
|
||||||
|
applyPatch "$DOS_PATCHES/android_packages_apps_Car_Settings/358565-backport.patch"; #R_asb_2023-06 Convert argument to Intent in car settings AddAccountActivity.
|
||||||
|
fi;
|
||||||
|
|
||||||
if enterAndClear "packages/apps/Contacts"; then
|
if enterAndClear "packages/apps/Contacts"; then
|
||||||
applyPatch "$DOS_PATCHES_COMMON/android_packages_apps_Contacts/0001-No_Google_Links.patch"; #Remove Privacy Policy and Terms of Service links (GrapheneOS)
|
applyPatch "$DOS_PATCHES_COMMON/android_packages_apps_Contacts/0001-No_Google_Links.patch"; #Remove Privacy Policy and Terms of Service links (GrapheneOS)
|
||||||
applyPatch "$DOS_PATCHES_COMMON/android_packages_apps_Contacts/0003-Skip_Accounts.patch"; #Don't prompt to add account when creating a contact (CalyxOS)
|
applyPatch "$DOS_PATCHES_COMMON/android_packages_apps_Contacts/0003-Skip_Accounts.patch"; #Don't prompt to add account when creating a contact (CalyxOS)
|
||||||
@ -290,6 +299,7 @@ fi;
|
|||||||
|
|
||||||
if enterAndClear "packages/apps/Settings"; then
|
if enterAndClear "packages/apps/Settings"; then
|
||||||
git revert --no-edit c240992b4c86c7f226290807a2f41f2619e7e5e8; #Don't hide OEM unlock
|
git revert --no-edit c240992b4c86c7f226290807a2f41f2619e7e5e8; #Don't hide OEM unlock
|
||||||
|
applyPatch "$DOS_PATCHES/android_packages_apps_Settings/358568-backport.patch"; #R_asb_2023-06 Convert argument to intent in AddAccountSettings.
|
||||||
applyPatch "$DOS_PATCHES/android_packages_apps_Settings/0001-Captive_Portal_Toggle.patch"; #Add option to disable captive portal checks (MSe1969)
|
applyPatch "$DOS_PATCHES/android_packages_apps_Settings/0001-Captive_Portal_Toggle.patch"; #Add option to disable captive portal checks (MSe1969)
|
||||||
#applyPatch "$DOS_PATCHES/android_packages_apps_Settings/0004-Private_DNS.patch"; #More 'Private DNS' options (heavily based off of a CalyxOS patch) #TODO: Needs work
|
#applyPatch "$DOS_PATCHES/android_packages_apps_Settings/0004-Private_DNS.patch"; #More 'Private DNS' options (heavily based off of a CalyxOS patch) #TODO: Needs work
|
||||||
sed -i 's/private int mPasswordMaxLength = 16;/private int mPasswordMaxLength = 64;/' src/com/android/settings/password/ChooseLockPassword.java; #Increase default max password length to 64 (GrapheneOS)
|
sed -i 's/private int mPasswordMaxLength = 16;/private int mPasswordMaxLength = 64;/' src/com/android/settings/password/ChooseLockPassword.java; #Increase default max password length to 64 (GrapheneOS)
|
||||||
@ -304,6 +314,10 @@ if enterAndClear "packages/apps/Trebuchet"; then
|
|||||||
cp $DOS_BUILD_BASE/vendor/divested/overlay/common/packages/apps/Trebuchet/res/xml/default_workspace_*.xml res/xml/; #XXX: Likely no longer needed
|
cp $DOS_BUILD_BASE/vendor/divested/overlay/common/packages/apps/Trebuchet/res/xml/default_workspace_*.xml res/xml/; #XXX: Likely no longer needed
|
||||||
fi;
|
fi;
|
||||||
|
|
||||||
|
if enterAndClear "packages/apps/TvSettings"; then
|
||||||
|
applyPatch "$DOS_PATCHES/android_packages_apps_TvSettings/358578.patch"; #R_asb_2023-06 Convert argument to intent in addAccount TvSettings.
|
||||||
|
fi;
|
||||||
|
|
||||||
if enterAndClear "packages/apps/Updater"; then
|
if enterAndClear "packages/apps/Updater"; then
|
||||||
applyPatch "$DOS_PATCHES/android_packages_apps_Updater/0001-Server.patch"; #Switch to our server (DivestOS)
|
applyPatch "$DOS_PATCHES/android_packages_apps_Updater/0001-Server.patch"; #Switch to our server (DivestOS)
|
||||||
applyPatch "$DOS_PATCHES/android_packages_apps_Updater/0002-Tor_Support.patch"; #Add Tor support (DivestOS)
|
applyPatch "$DOS_PATCHES/android_packages_apps_Updater/0002-Tor_Support.patch"; #Add Tor support (DivestOS)
|
||||||
@ -324,18 +338,18 @@ fi;
|
|||||||
#cp $DOS_PATCHES_COMMON/android_packages_providers_TelephonyProvider/carrier_list.* assets/;
|
#cp $DOS_PATCHES_COMMON/android_packages_providers_TelephonyProvider/carrier_list.* assets/;
|
||||||
#fi;
|
#fi;
|
||||||
|
|
||||||
if enterAndClear "packages/services/Telecomm"; then
|
|
||||||
fi;
|
|
||||||
|
|
||||||
if enterAndClear "packages/services/Telephony"; then
|
if enterAndClear "packages/services/Telephony"; then
|
||||||
git revert --no-edit 99564aaf0417c9ddf7d6aeb10d326e5b24fa8f55;
|
git revert --no-edit 99564aaf0417c9ddf7d6aeb10d326e5b24fa8f55;
|
||||||
applyPatch "$DOS_PATCHES/android_packages_services_Telephony/0001-PREREQ_Handle_All_Modes.patch"; #(DivestOS)
|
applyPatch "$DOS_PATCHES/android_packages_services_Telephony/0001-PREREQ_Handle_All_Modes.patch"; #(DivestOS)
|
||||||
applyPatch "$DOS_PATCHES/android_packages_services_Telephony/0002-More_Preferred_Network_Modes.patch";
|
applyPatch "$DOS_PATCHES/android_packages_services_Telephony/0002-More_Preferred_Network_Modes.patch";
|
||||||
fi;
|
fi;
|
||||||
|
|
||||||
#if enterAndClear "system/bt"; then
|
if enterAndClear "system/bt"; then
|
||||||
|
applyPatch "$DOS_PATCHES/android_system_bt/358580.patch"; #R_asb_2023-06 Prevent use-after-free of HID reports
|
||||||
|
applyPatch "$DOS_PATCHES/android_system_bt/358581.patch"; #R_asb_2023-06 Revert "Revert "[RESTRICT AUTOMERGE] Validate buffer length in sdpu_build_uuid_seq""
|
||||||
|
applyPatch "$DOS_PATCHES/android_system_bt/358582.patch"; #R_asb_2023-06 Revert "Revert "Fix wrong BR/EDR link key downgrades (P_256->P_192)""
|
||||||
#applyPatch "$DOS_PATCHES_COMMON/android_system_bt/0001-alloc_size.patch"; #Add alloc_size attributes to the allocator (GrapheneOS)
|
#applyPatch "$DOS_PATCHES_COMMON/android_system_bt/0001-alloc_size.patch"; #Add alloc_size attributes to the allocator (GrapheneOS)
|
||||||
#fi;
|
fi;
|
||||||
|
|
||||||
if enterAndClear "system/core"; then
|
if enterAndClear "system/core"; then
|
||||||
if [ "$DOS_HOSTS_BLOCKING" = true ]; then cat "$DOS_HOSTS_FILE" >> rootdir/etc/hosts; fi; #Merge in our HOSTS file
|
if [ "$DOS_HOSTS_BLOCKING" = true ]; then cat "$DOS_HOSTS_FILE" >> rootdir/etc/hosts; fi; #Merge in our HOSTS file
|
||||||
|
@ -158,7 +158,7 @@ applyPatch "$DOS_PATCHES/android_frameworks_base/353949-backport.patch"; #R_asb_
|
|||||||
applyPatch "$DOS_PATCHES/android_frameworks_base/353950-backport.patch"; #R_asb_2023-04 Add a limit on channel group creation
|
applyPatch "$DOS_PATCHES/android_frameworks_base/353950-backport.patch"; #R_asb_2023-04 Add a limit on channel group creation
|
||||||
applyPatch "$DOS_PATCHES/android_frameworks_base/353951-backport.patch"; #R_asb_2023-04 Fix bypass BG-FGS and BAL via package manager APIs #XXX
|
applyPatch "$DOS_PATCHES/android_frameworks_base/353951-backport.patch"; #R_asb_2023-04 Fix bypass BG-FGS and BAL via package manager APIs #XXX
|
||||||
applyPatch "$DOS_PATCHES/android_frameworks_base/355763-backport.patch"; #R_asb_2023-05 [pm] Prevent system app downgrades of versions lower than preload #XXX: really should have next patch
|
applyPatch "$DOS_PATCHES/android_frameworks_base/355763-backport.patch"; #R_asb_2023-05 [pm] Prevent system app downgrades of versions lower than preload #XXX: really should have next patch
|
||||||
#applyPatch "$DOS_PATCHES/android_frameworks_base/355764.patch"; #R_asb_2023-05 [pm] Still allow debuggable for system app downgrades #TODO: needs backport of isDebuggable #XXX: should be safe to ignore for -user builds
|
applyPatch "$DOS_PATCHES/android_frameworks_base/355764.patch"; #R_asb_2023-05 [pm] Still allow debuggable for system app downgrades
|
||||||
applyPatch "$DOS_PATCHES/android_frameworks_base/355765-backport.patch"; #R_asb_2023-05 Checks if AccessibilityServiceInfo is within parcelable size.
|
applyPatch "$DOS_PATCHES/android_frameworks_base/355765-backport.patch"; #R_asb_2023-05 Checks if AccessibilityServiceInfo is within parcelable size.
|
||||||
applyPatch "$DOS_PATCHES/android_frameworks_base/355766-backport.patch"; #R_asb_2023-05 Uri: check authority and scheme as part of determining URI path
|
applyPatch "$DOS_PATCHES/android_frameworks_base/355766-backport.patch"; #R_asb_2023-05 Uri: check authority and scheme as part of determining URI path
|
||||||
applyPatch "$DOS_PATCHES/android_frameworks_base/355767.patch"; #R_asb_2023-05 Enforce stricter rules when registering phoneAccounts
|
applyPatch "$DOS_PATCHES/android_frameworks_base/355767.patch"; #R_asb_2023-05 Enforce stricter rules when registering phoneAccounts
|
||||||
|
Loading…
Reference in New Issue
Block a user