mirror of
https://github.com/Divested-Mobile/DivestOS-Build.git
synced 2024-12-24 23:19:31 -05:00
Fixes
Signed-off-by: Tad <tad@spotco.us>
This commit is contained in:
parent
63cbd1f483
commit
b78f573eb9
@ -13,11 +13,11 @@ export them via the standard sharing UI.
|
||||
core/res/res/layout/app_error_dialog.xml | 4 +-
|
||||
core/res/res/values/strings.xml | 3 +
|
||||
core/res/res/values/symbols.xml | 3 +
|
||||
packages/SystemUI/AndroidManifest.xml | 12 ++
|
||||
packages/SystemUI/AndroidManifest.xml | 13 ++
|
||||
packages/SystemUI/res/values/strings.xml | 5 +
|
||||
.../android/systemui/ErrorReportActivity.kt | 159 ++++++++++++++++++
|
||||
.../java/com/android/server/am/AppErrors.java | 1 +
|
||||
9 files changed, 199 insertions(+), 6 deletions(-)
|
||||
9 files changed, 200 insertions(+), 6 deletions(-)
|
||||
create mode 100644 packages/SystemUI/src/com/android/systemui/ErrorReportActivity.kt
|
||||
|
||||
diff --git a/core/java/android/app/ApplicationErrorReport.java b/core/java/android/app/ApplicationErrorReport.java
|
||||
@ -110,10 +110,10 @@ index c3b149a1e295..a47b82018377 100644
|
||||
|
||||
<Button
|
||||
diff --git a/core/res/res/values/strings.xml b/core/res/res/values/strings.xml
|
||||
index b153a36f65db..3f03f5726b23 100644
|
||||
index 2ea89de7d5cb..94e33f151798 100644
|
||||
--- a/core/res/res/values/strings.xml
|
||||
+++ b/core/res/res/values/strings.xml
|
||||
@@ -6343,4 +6343,7 @@ ul.</string>
|
||||
@@ -6360,4 +6360,7 @@ ul.</string>
|
||||
|
||||
<!-- Title for preference of the system default locale. [CHAR LIMIT=50]-->
|
||||
<string name="system_locale_title">System default</string>
|
||||
@ -122,10 +122,10 @@ index b153a36f65db..3f03f5726b23 100644
|
||||
+ <string name="aerr_show_details">Show details</string>
|
||||
</resources>
|
||||
diff --git a/core/res/res/values/symbols.xml b/core/res/res/values/symbols.xml
|
||||
index 5aecc53bac78..37358f38aaef 100644
|
||||
index 888cd7a79bf6..c9733c9fa4f7 100644
|
||||
--- a/core/res/res/values/symbols.xml
|
||||
+++ b/core/res/res/values/symbols.xml
|
||||
@@ -4803,6 +4803,9 @@
|
||||
@@ -4852,6 +4852,9 @@
|
||||
<java-symbol type="id" name="language_picker_item" />
|
||||
<java-symbol type="id" name="language_picker_header" />
|
||||
|
||||
@ -136,13 +136,14 @@ index 5aecc53bac78..37358f38aaef 100644
|
||||
|
||||
<java-symbol type="bool" name="system_server_plays_face_haptics" />
|
||||
diff --git a/packages/SystemUI/AndroidManifest.xml b/packages/SystemUI/AndroidManifest.xml
|
||||
index b89bdf3991d8..0803cfae3ad5 100644
|
||||
index 2cc47823a109..b1ee372bd61a 100644
|
||||
--- a/packages/SystemUI/AndroidManifest.xml
|
||||
+++ b/packages/SystemUI/AndroidManifest.xml
|
||||
@@ -941,5 +941,17 @@
|
||||
@@ -969,5 +969,18 @@
|
||||
<action android:name="com.android.systemui.action.DISMISS_VOLUME_PANEL_DIALOG" />
|
||||
</intent-filter>
|
||||
</receiver>
|
||||
|
||||
+
|
||||
+ <activity
|
||||
+ android:name=".ErrorReportActivity"
|
||||
+ android:exported="true"
|
||||
@ -158,13 +159,13 @@ index b89bdf3991d8..0803cfae3ad5 100644
|
||||
</application>
|
||||
</manifest>
|
||||
diff --git a/packages/SystemUI/res/values/strings.xml b/packages/SystemUI/res/values/strings.xml
|
||||
index e144b43294c6..2ac23ad4e433 100644
|
||||
index 53f1227383b7..6abeae8f9c35 100644
|
||||
--- a/packages/SystemUI/res/values/strings.xml
|
||||
+++ b/packages/SystemUI/res/values/strings.xml
|
||||
@@ -2552,4 +2552,9 @@
|
||||
=1 {# notification}
|
||||
other {# notifications}
|
||||
}</string>
|
||||
@@ -2607,4 +2607,9 @@
|
||||
|
||||
<!-- Time format for the Dream Time Complication for 24-hour time format [CHAR LIMIT=NONE] -->
|
||||
<string name="dream_time_complication_24_hr_time_format">kk:mm</string>
|
||||
+
|
||||
+ <string name="error_report_title">Error in %1$s</string>
|
||||
+ <string name="copy_to_clipboard">Copy to clipboard</string>
|
||||
|
@ -1,101 +0,0 @@
|
||||
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
||||
From: Tommy Webb <tommy@calyxinstitute.org>
|
||||
Date: Mon, 5 Dec 2022 14:42:38 +0100
|
||||
Subject: [PATCH] Reland "Fix network leaks with split-tunnel VPNs"
|
||||
|
||||
This does two things:
|
||||
1. Revert the portion of I48e08f34 "fw/b: Add support for allowing
|
||||
/disallowing apps on cellular, vpn and wifi networks" that was
|
||||
previously responsible for updating the restricted mode allowlist
|
||||
based on changes to the default network.
|
||||
2. Bring in Ib4bcf5ae "Fix network leaks with split-tunnel VPNs", which
|
||||
meets the same goal of updating the allowlist, but in a wider range
|
||||
of conditions. Retaining the prior implementation led to a race
|
||||
condition which caused crashes and soft reboots, because the calls
|
||||
to `updateRestrictedModeAllowlistUL()` were not being appropriately
|
||||
guarded by `mUidRulesFirstLock`.
|
||||
|
||||
Ultimately, this patch should probably be squashed into I48e08f34.
|
||||
|
||||
Co-authored-by: Oliver Scott <olivercscott@gmail.com>
|
||||
Issue: calyxos#1081
|
||||
Change-Id: I84c7667824cc840724a07e7d0435f5ec59a67986
|
||||
---
|
||||
.../net/NetworkPolicyManagerService.java | 43 ++++++-------------
|
||||
1 file changed, 12 insertions(+), 31 deletions(-)
|
||||
|
||||
diff --git a/services/core/java/com/android/server/net/NetworkPolicyManagerService.java b/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
||||
index 8102d892c2d7..7addf69a28af 100644
|
||||
--- a/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
||||
+++ b/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
||||
@@ -1105,14 +1105,6 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub {
|
||||
ACTION_CARRIER_CONFIG_CHANGED);
|
||||
mContext.registerReceiver(mCarrierConfigReceiver, carrierConfigFilter, null, mHandler);
|
||||
|
||||
- for (UserInfo userInfo : mUserManager.getAliveUsers()) {
|
||||
- mConnManager.registerDefaultNetworkCallbackForUid(
|
||||
- UserHandle.getUid(userInfo.id, Process.myUid()),
|
||||
- mDefaultNetworkCallback,
|
||||
- mUidEventHandler
|
||||
- );
|
||||
- }
|
||||
-
|
||||
// listen for meteredness changes
|
||||
mConnManager.registerNetworkCallback(
|
||||
new NetworkRequest.Builder().build(), mNetworkCallback);
|
||||
@@ -1303,11 +1295,6 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub {
|
||||
ConnectivitySettingsManager.getUidsAllowedOnRestrictedNetworks(
|
||||
mContext);
|
||||
if (action == ACTION_USER_ADDED) {
|
||||
- mConnManager.registerDefaultNetworkCallbackForUid(
|
||||
- UserHandle.getUid(userId, Process.myUid()),
|
||||
- mDefaultNetworkCallback,
|
||||
- mUidEventHandler
|
||||
- );
|
||||
// Add apps that are allowed by default.
|
||||
addDefaultRestrictBackgroundAllowlistUidsUL(userId);
|
||||
try {
|
||||
@@ -1443,24 +1430,6 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub {
|
||||
return changed;
|
||||
}
|
||||
|
||||
- private final NetworkCallback mDefaultNetworkCallback = new NetworkCallback() {
|
||||
- @Override
|
||||
- public void onAvailable(@NonNull Network network) {
|
||||
- updateRestrictedModeAllowlistUL();
|
||||
- }
|
||||
-
|
||||
- @Override
|
||||
- public void onCapabilitiesChanged(@NonNull Network network,
|
||||
- @NonNull NetworkCapabilities networkCapabilities) {
|
||||
- final int[] newTransports = networkCapabilities.getTransportTypes();
|
||||
- final boolean transportsChanged = updateTransportChange(
|
||||
- mNetworkTransports, newTransports, network);
|
||||
- if (transportsChanged) {
|
||||
- updateRestrictedModeAllowlistUL();
|
||||
- }
|
||||
- }
|
||||
- };
|
||||
-
|
||||
private final NetworkCallback mNetworkCallback = new NetworkCallback() {
|
||||
@Override
|
||||
public void onCapabilitiesChanged(@NonNull Network network,
|
||||
@@ -1888,6 +1857,18 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub {
|
||||
updateSubscriptions();
|
||||
|
||||
synchronized (mUidRulesFirstLock) {
|
||||
+ /* With split-tunnel VPNs (those that only include specific apps),
|
||||
+ * the usual NetworkCallback handlers are never called, because the call to
|
||||
+ * registerDefaultNetworkCallbackForUid only detects changes that affect this
|
||||
+ * process; if this process is not covered by the VPN, it won't get callbacks.
|
||||
+ * Ordinarily, updateRestrictedModeAllowlistUL() would be called from those.
|
||||
+ * Firewall restrictions for apps will not be updated properly on VPN connect
|
||||
+ * or disconnect if we don't call it from somewhere else, like here. */
|
||||
+ // TODO: Come up with an appropriate callback that runs more promptly.
|
||||
+ // updateNetworksInternal runs later than NetworkCallback handlers run, so
|
||||
+ // this may present a window of opportunity for unauthorized network access.
|
||||
+ updateRestrictedModeAllowlistUL();
|
||||
+
|
||||
synchronized (mNetworkPoliciesSecondLock) {
|
||||
ensureActiveCarrierPolicyAL();
|
||||
normalizePoliciesNL();
|
@ -177,7 +177,6 @@ applyPatch "$DOS_PATCHES/android_frameworks_base/0023-Skip_Screen_Animation.patc
|
||||
applyPatch "$DOS_PATCHES/android_frameworks_base/0026-Crash_Details.patch"; #Add an option to show the details of an application error to the user (GrapheneOS)
|
||||
applyPatch "$DOS_PATCHES/android_frameworks_base/0027-Installer_Glitch.patch"; #Make sure PackageInstaller UI returns a result (GrapheneOS)
|
||||
applyPatch "$DOS_PATCHES/android_frameworks_base/0028-Remove_Legacy_Package_Query.patch"; #Don't leak device-wide package list to apps when work profile is present (GrapheneOS)
|
||||
applyPatch "$DOS_PATCHES/android_frameworks_base/0029-Split_Tunnel_Fixes.patch"; #Reland "Fix network leaks with split-tunnel VPNs" (CalyxOS)
|
||||
hardenLocationConf services/core/java/com/android/server/location/gnss/gps_debug.conf; #Harden the default GPS config
|
||||
changeDefaultDNS; #Change the default DNS servers
|
||||
sed -i 's/DEFAULT_USE_COMPACTION = false;/DEFAULT_USE_COMPACTION = true;/' services/core/java/com/android/server/am/CachedAppOptimizer.java; #Enable app compaction by default (GrapheneOS)
|
||||
|
Loading…
Reference in New Issue
Block a user