Cherrypick updates

This commit is contained in:
Tad 2021-06-16 02:41:22 -04:00
parent fe1f9ec7c4
commit d9d564ebd3
3 changed files with 0 additions and 138 deletions

View File

@ -1,56 +0,0 @@
From 61685846ab27c87dd0646478c4d3c5098d584daa Mon Sep 17 00:00:00 2001
From: Bruno Martins <bgcngm@gmail.com>
Date: Sun, 6 Jun 2021 14:18:24 +0100
Subject: [PATCH] profiles: Add FLAG_IMMUTABLE flag for security purposes
Prevent the intent to be altered by a malicious app.
Change-Id: Id5144fb3f11fc98380de0188df0f32330e976398
---
.../lineageos/lineageparts/profiles/NFCProfileWriter.java | 5 +++--
.../lineageparts/profiles/triggers/NfcTriggerFragment.java | 4 ++--
2 files changed, 5 insertions(+), 4 deletions(-)
diff --git a/src/org/lineageos/lineageparts/profiles/NFCProfileWriter.java b/src/org/lineageos/lineageparts/profiles/NFCProfileWriter.java
index d477d6969..d651e9b5c 100644
--- a/src/org/lineageos/lineageparts/profiles/NFCProfileWriter.java
+++ b/src/org/lineageos/lineageparts/profiles/NFCProfileWriter.java
@@ -1,6 +1,6 @@
/*
* Copyright (C) 2012 The CyanogenMod Project
- * 2017-2018 The LineageOS Project
+ * 2017-2018,2021 The LineageOS Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -84,7 +84,8 @@ protected void onPause() {
private PendingIntent getPendingIntent() {
return PendingIntent.getActivity(this, 0,
- new Intent(this, getClass()).addFlags(Intent.FLAG_ACTIVITY_SINGLE_TOP), 0);
+ new Intent(this, getClass()).addFlags(Intent.FLAG_ACTIVITY_SINGLE_TOP),
+ PendingIntent.FLAG_IMMUTABLE);
}
private void disableTagWriteMode() {
diff --git a/src/org/lineageos/lineageparts/profiles/triggers/NfcTriggerFragment.java b/src/org/lineageos/lineageparts/profiles/triggers/NfcTriggerFragment.java
index adb684c32..aac98393c 100644
--- a/src/org/lineageos/lineageparts/profiles/triggers/NfcTriggerFragment.java
+++ b/src/org/lineageos/lineageparts/profiles/triggers/NfcTriggerFragment.java
@@ -1,6 +1,6 @@
/*
* Copyright (C) 2014 The CyanogenMod Project
- * 2017 The LineageOS Project
+ * 2017,2021 The LineageOS Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -89,7 +89,7 @@ public void onPause() {
private PendingIntent getPendingIntent() {
Intent intent = new Intent(getActivity(), getActivity().getClass())
.addFlags(Intent.FLAG_ACTIVITY_SINGLE_TOP);
- return PendingIntent.getActivity(getActivity(), 0, intent, 0);
+ return PendingIntent.getActivity(getActivity(), 0, intent, PendingIntent.FLAG_IMMUTABLE);
}
private void disableTagWriteMode() {

View File

@ -1,78 +0,0 @@
From 519ce7dd4887a31a9a8dc60ebae589234aab9e1d Mon Sep 17 00:00:00 2001
From: Bruno Martins <bgcngm@gmail.com>
Date: Sun, 6 Jun 2021 14:26:57 +0100
Subject: [PATCH] SoundRecorderService: Flag all pending intents as immutable
Following Google's approach to fix these vulnerabilities,
require that the PendingIntent be immutable so that a malicious app
isn't able to hijack and mutate any of the details.
Change-Id: Id1ebbfabb7e6282f371d10d0a9648aa99822cadc
---
.../service/SoundRecorderService.java | 21 ++++++++++++-------
1 file changed, 13 insertions(+), 8 deletions(-)
diff --git a/app/src/main/java/org/lineageos/recorder/service/SoundRecorderService.java b/app/src/main/java/org/lineageos/recorder/service/SoundRecorderService.java
index 20bf748d..b28763f9 100644
--- a/app/src/main/java/org/lineageos/recorder/service/SoundRecorderService.java
+++ b/app/src/main/java/org/lineageos/recorder/service/SoundRecorderService.java
@@ -13,6 +13,7 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
+
package org.lineageos.recorder.service;
import android.app.Notification;
@@ -277,10 +278,11 @@ private Notification createRecordingNotification() {
}
Intent intent = new Intent(this, RecorderActivity.class);
- PendingIntent pi = PendingIntent.getActivity(this, 0, intent, 0);
+ PendingIntent pi = PendingIntent.getActivity(this, 0, intent,
+ PendingIntent.FLAG_IMMUTABLE);
PendingIntent stopPIntent = PendingIntent.getService(this, 0,
new Intent(this, SoundRecorderService.class).setAction(ACTION_STOP),
- 0);
+ PendingIntent.FLAG_IMMUTABLE);
String duration = DateUtils.formatElapsedTime(mSbRecycle, mElapsedTime.get());
NotificationCompat.Builder nb = new NotificationCompat.Builder(this, NOTIFICATION_CHANNEL)
@@ -293,11 +295,13 @@ private Notification createRecordingNotification() {
if (mIsPaused) {
PendingIntent resumePIntent = PendingIntent.getService(this, 0,
- new Intent(this, SoundRecorderService.class).setAction(ACTION_RESUME), 0);
+ new Intent(this, SoundRecorderService.class).setAction(ACTION_RESUME),
+ PendingIntent.FLAG_IMMUTABLE);
nb.addAction(R.drawable.ic_resume, getString(R.string.resume), resumePIntent);
} else {
PendingIntent pausePIntent = PendingIntent.getService(this, 0,
- new Intent(this, SoundRecorderService.class).setAction(ACTION_PAUSE), 0);
+ new Intent(this, SoundRecorderService.class).setAction(ACTION_PAUSE),
+ PendingIntent.FLAG_IMMUTABLE);
nb.addAction(R.drawable.ic_pause, getString(R.string.pause), pausePIntent);
}
nb.addAction(R.drawable.ic_stop, getString(R.string.stop), stopPIntent);
@@ -314,16 +318,17 @@ private void createShareNotification(@Nullable String uri) {
String mimeType = mRecorder.getMimeType();
Intent intent = new Intent(this, ListActivity.class);
- PendingIntent pi = PendingIntent.getActivity(this, 0, intent, 0);
+ PendingIntent pi = PendingIntent.getActivity(this, 0, intent,
+ PendingIntent.FLAG_IMMUTABLE);
PendingIntent playPIntent = PendingIntent.getActivity(this, 0,
LastRecordHelper.getOpenIntent(fileUri, mimeType),
- PendingIntent.FLAG_CANCEL_CURRENT);
+ PendingIntent.FLAG_CANCEL_CURRENT | PendingIntent.FLAG_IMMUTABLE);
PendingIntent sharePIntent = PendingIntent.getActivity(this, 0,
LastRecordHelper.getShareIntent(fileUri, mimeType),
- PendingIntent.FLAG_CANCEL_CURRENT);
+ PendingIntent.FLAG_CANCEL_CURRENT | PendingIntent.FLAG_IMMUTABLE);
PendingIntent deletePIntent = PendingIntent.getActivity(this, 0,
LastRecordHelper.getDeleteIntent(this),
- PendingIntent.FLAG_CANCEL_CURRENT);
+ PendingIntent.FLAG_CANCEL_CURRENT | PendingIntent.FLAG_IMMUTABLE);
String duration = DateUtils.formatElapsedTime(mSbRecycle, mElapsedTime.get());
Notification notification = new NotificationCompat.Builder(this, NOTIFICATION_CHANNEL)

View File

@ -134,14 +134,10 @@ patch -p1 < "$DOS_PATCHES_COMMON/android_packages_apps_Contacts/0001-No_Google_L
enterAndClear "packages/apps/LineageParts"; enterAndClear "packages/apps/LineageParts";
rm -rf src/org/lineageos/lineageparts/lineagestats/ res/xml/anonymous_stats.xml res/xml/preview_data.xml; #Nuke part of the analytics rm -rf src/org/lineageos/lineageparts/lineagestats/ res/xml/anonymous_stats.xml res/xml/preview_data.xml; #Nuke part of the analytics
patch -p1 < "$DOS_PATCHES/android_packages_apps_LineageParts/0001-Remove_Analytics.patch"; #Remove analytics patch -p1 < "$DOS_PATCHES/android_packages_apps_LineageParts/0001-Remove_Analytics.patch"; #Remove analytics
patch -p1 < "$DOS_PATCHES/android_packages_apps_LineageParts/311606.patch"; #intent security fix
enterAndClear "packages/apps/PermissionController"; enterAndClear "packages/apps/PermissionController";
if [ "$DOS_MICROG_INCLUDED" = "FULL" ]; then patch -p1 < "$DOS_PATCHES/android_packages_apps_PermissionController/0001-Signature_Spoofing.patch"; fi; #Allow packages to spoof their signature (microG) if [ "$DOS_MICROG_INCLUDED" = "FULL" ]; then patch -p1 < "$DOS_PATCHES/android_packages_apps_PermissionController/0001-Signature_Spoofing.patch"; fi; #Allow packages to spoof their signature (microG)
enterAndClear "packages/apps/Recorder";
patch -p1 < "$DOS_PATCHES/android_packages_apps_Recorder/311607.patch"; #intent security fix
enterAndClear "packages/apps/Settings"; enterAndClear "packages/apps/Settings";
sed -i 's/if (isFullDiskEncrypted()) {/if (false) {/' src/com/android/settings/accessibility/*AccessibilityService*.java; #Never disable secure start-up when enabling an accessibility service sed -i 's/if (isFullDiskEncrypted()) {/if (false) {/' src/com/android/settings/accessibility/*AccessibilityService*.java; #Never disable secure start-up when enabling an accessibility service
if [ "$DOS_MICROG_INCLUDED" = "FULL" ]; then sed -i 's/GSETTINGS_PROVIDER = "com.google.settings";/GSETTINGS_PROVIDER = "com.google.oQuae4av";/' src/com/android/settings/backup/PrivacySettingsUtils.java; fi; #microG doesn't support Backup, hide the options if [ "$DOS_MICROG_INCLUDED" = "FULL" ]; then sed -i 's/GSETTINGS_PROVIDER = "com.google.settings";/GSETTINGS_PROVIDER = "com.google.oQuae4av";/' src/com/android/settings/backup/PrivacySettingsUtils.java; fi; #microG doesn't support Backup, hide the options