From ec42acceb6eafa30666dea154297554989571f20 Mon Sep 17 00:00:00 2001 From: Tad Date: Tue, 13 Sep 2022 09:57:57 -0400 Subject: [PATCH] Various fixes from GrapheneOS Signed-off-by: Tad --- Misc/Features/GrapheneOS.txt | 13 +++ .../337988-backport.patch | 2 +- .../337989-backport.patch | 2 +- .../0010-Exec_Based_Spawning-11.patch | 34 +++++++ .../0010-Exec_Based_Spawning-13.patch | 34 +++++++ .../0018-Exec_Based_Spawning-13.patch | 34 +++++++ .../0018-Exec_Based_Spawning-13.patch | 34 +++++++ .../0001-Sensors_Permission-a1.patch | 54 ++++++++++ .../0001-Network_Permission-4.patch | 48 +++++++++ .../0001-Random_MAC-a1.patch | 98 +++++++++++++++++++ .../0001-Random_MAC-a2.patch | 38 +++++++ Scripts/LineageOS-16.0/Patch.sh | 1 + Scripts/LineageOS-17.1/Patch.sh | 1 + Scripts/LineageOS-18.1/Patch.sh | 1 + Scripts/LineageOS-19.1/Patch.sh | 5 + 15 files changed, 397 insertions(+), 2 deletions(-) create mode 100644 Patches/LineageOS-16.0/android_frameworks_base/0010-Exec_Based_Spawning-11.patch create mode 100644 Patches/LineageOS-17.1/android_frameworks_base/0010-Exec_Based_Spawning-13.patch create mode 100644 Patches/LineageOS-18.1/android_frameworks_base/0018-Exec_Based_Spawning-13.patch create mode 100644 Patches/LineageOS-19.1/android_frameworks_base/0018-Exec_Based_Spawning-13.patch create mode 100644 Patches/LineageOS-19.1/android_frameworks_native/0001-Sensors_Permission-a1.patch create mode 100644 Patches/LineageOS-19.1/android_packages_modules_Connectivity/0001-Network_Permission-4.patch create mode 100644 Patches/LineageOS-19.1/android_packages_modules_Wifi/0001-Random_MAC-a1.patch create mode 100644 Patches/LineageOS-19.1/android_packages_modules_Wifi/0001-Random_MAC-a2.patch diff --git a/Misc/Features/GrapheneOS.txt b/Misc/Features/GrapheneOS.txt index b19bd3b4..e9e4e464 100644 --- a/Misc/Features/GrapheneOS.txt +++ b/Misc/Features/GrapheneOS.txt @@ -1,7 +1,12 @@ +SQ3A.220705.004.2022081800 RQ3A.211001.001.2021100606 QQ3A.200805.001.2020.09.11.14 PQ3B.190801.002.2019.08.25.15 + +show crash details +12 https://github.com/GrapheneOS/platform_frameworks_base/commit/e740f4b78344c5671d022dfe90bed9e2dacd3db6 + https time 12 https://github.com/GrapheneOS/platform_frameworks_base/commit/1d4e3f495b7b544f6314f04243e9d47b3f8e7102 12 https://github.com/GrapheneOS/platform_frameworks_base/commit/2c04a077ec9f3ac6857885199f49f4845b70ec2e @@ -107,6 +112,7 @@ nojit 12 https://github.com/GrapheneOS/platform_packages_modules_Permission/commit/452c474dfae9a312f6e01db5b28de308dbb14cc2 12 https://github.com/GrapheneOS/platform_packages_modules_Permission/commit/daed8c4e3ff8bf94a2a9aa319d32ec2ff5653c8f 12 https://github.com/GrapheneOS/platform_frameworks_native/commit/dcef490d7cab7bb9f96f8bfe19a8779ac140b26d +12 https://github.com/GrapheneOS/platform_frameworks_native/commit/69be2f0d12126cb8047671ed394aec3f7ff236e8 12 https://github.com/GrapheneOS/platform_frameworks_base/commit/a949bd530bdbedf2078119a90a93d7c15bca6975 11 https://github.com/GrapheneOS/platform_packages_modules_Permission/commit/d18b364558ca86fe3d9bbb643f7dc79d1a57aa5d 11 https://github.com/GrapheneOS/platform_packages_modules_Permission/commit/cc9b673157996228e8096f83b993cce33a717e14 @@ -122,6 +128,9 @@ nojit 9 https://github.com/GrapheneOS/platform_frameworks_base/commit/899441075ddbfc945cff97e433c9e1c9d6bde7af [implemented] network permission +12xhttps://github.com/GrapheneOS/platform_frameworks_base/commit/30370e36ac6945d4c837fb217ea747f66a6a7361 +12xhttps://github.com/GrapheneOS/platform_frameworks_base/commit/3dbe45681a043d44080e8c579e36a3a4562e75a1 +12xhttps://github.com/GrapheneOS/platform_frameworks_base/commit/fdf369f81209a9dea42ad0f4eff8e3912d48b8af 12 https://github.com/GrapheneOS/platform_frameworks_base/commit/947744f753638c82775186a3876f2b2ffd7c0244 12 https://github.com/GrapheneOS/platform_frameworks_base/commit/7f33d084d32a5f95f53d1919f92f5b14cd310d15 12 https://github.com/GrapheneOS/platform_frameworks_base/commit/0a0fdab36ba9c582e9abafc6f42f4e761d1112b5 @@ -135,6 +144,7 @@ nojit 12 https://github.com/GrapheneOS/platform_packages_modules_Connectivity/commit/9c4a5ac0cb34b751dbd8cda9f75f21f39b566681 12 https://github.com/GrapheneOS/platform_packages_modules_Connectivity/commit/dbf6ae4cd96450a21be0a4dd85fb5addeba67462 12 https://github.com/GrapheneOS/platform_packages_modules_Connectivity/commit/34cded990ebd8da8c47cab88f0b1ef523a05d122 +12xhttps://github.com/GrapheneOS/platform_packages_modules_Connectivity/commit/4b0ab9a58728b59558d690582c39c84d5d8b5bf6 12 https://github.com/GrapheneOS/platform_libcore/commit/7110daa77503720bbd2f233df53be90b742ce85a 11 https://github.com/GrapheneOS/platform_packages_modules_Permission/commit/d4b073b2c17f382a4bc922c3f12dc3673e3d8472 11 https://github.com/GrapheneOS/platform_packages_modules_Permission/commit/7396a2da80a06f1405b34370a9e2883dca57ba79 @@ -165,6 +175,8 @@ nojit [implemented] always random mac 12 https://github.com/GrapheneOS/platform_packages_apps_Settings/commit/2e67bc8b420752bec795235ab6d5c27d0956b017 12 https://github.com/GrapheneOS/platform_packages_modules_Wifi/commit/9a9e6eb3232720776230eebd70ab9816d5127c53 +12 https://github.com/GrapheneOS/platform_packages_modules_Wifi/commit/8bd5c19549b782a23c44afe313c52fc3253b5024 +12 https://github.com/GrapheneOS/platform_packages_modules_Wifi/commit/ebbd3e73c6c460c95169200ca26779748e7abe38 12 https://github.com/GrapheneOS/platform_packages_modules_NetworkStack/commit/dbc7cd419cdddcae2fc0c10d3cef6b8cdb31e2c4 12 https://github.com/GrapheneOS/platform_frameworks_opt_net_wifi/commit/776beebd3d221740ac1b77d8535f745415d171a0 11 https://github.com/GrapheneOS/platform_packages_apps_Settings/commit/9bc33b2f1a94c5b801f2c7078b996478cd4d11ac @@ -347,6 +359,7 @@ nojit 12 https://github.com/GrapheneOS/platform_frameworks_base/commit/46b912e1646989a525b9f948711813beb445e9b6 12 https://github.com/GrapheneOS/platform_frameworks_base/commit/067d641615de51032ee8e34d2939bcd4894c2e6d 12 https://github.com/GrapheneOS/platform_frameworks_base/commit/8bc4887e3f0be372867537ae1e6b9bed86957412 +12 https://github.com/GrapheneOS/platform_frameworks_base/commit/88104aed9e07391d2479eee8d60c954cd01fa1d1 12 https://github.com/GrapheneOS/platform_build/commit/8e01dd93f29aba79e15a211084582afd9681e8ab 12 https://github.com/GrapheneOS/platform_libcore/commit/c5ee98157523315b3829d0158082433f8b9f96a3 12 https://github.com/GrapheneOS/platform_libcore/commit/7f186c7a6745e1ce9e407e10782086fa35ef746e diff --git a/Patches/LineageOS-15.1/android_external_expat/337988-backport.patch b/Patches/LineageOS-15.1/android_external_expat/337988-backport.patch index aebadec3..12b5b14a 100644 --- a/Patches/LineageOS-15.1/android_external_expat/337988-backport.patch +++ b/Patches/LineageOS-15.1/android_external_expat/337988-backport.patch @@ -1,7 +1,7 @@ From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 From: Sadaf Ebrahimi Date: Fri, 3 Jun 2022 03:40:21 +0000 -Subject: [PATCH 1/2] Prevent integer overflow in function doProlog +Subject: [PATCH] Prevent integer overflow in function doProlog Bug: http://b/221256678 Change-Id: I6fe381103f4eb287726d1ccb5bfec99db160ffe4 diff --git a/Patches/LineageOS-15.1/android_external_expat/337989-backport.patch b/Patches/LineageOS-15.1/android_external_expat/337989-backport.patch index 5c7e30d9..25163e9c 100644 --- a/Patches/LineageOS-15.1/android_external_expat/337989-backport.patch +++ b/Patches/LineageOS-15.1/android_external_expat/337989-backport.patch @@ -1,7 +1,7 @@ From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 From: Sadaf Ebrahimi Date: Wed, 15 Jun 2022 04:14:33 +0000 -Subject: [PATCH 2/2] Prevent more integer overflows +Subject: [PATCH] Prevent more integer overflows Bug: http://b/219942275 Change-Id: I7489f59564e0053a4a46bb8c362f7c36ab0b3c9d diff --git a/Patches/LineageOS-16.0/android_frameworks_base/0010-Exec_Based_Spawning-11.patch b/Patches/LineageOS-16.0/android_frameworks_base/0010-Exec_Based_Spawning-11.patch new file mode 100644 index 00000000..7523c418 --- /dev/null +++ b/Patches/LineageOS-16.0/android_frameworks_base/0010-Exec_Based_Spawning-11.patch @@ -0,0 +1,34 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Dmitry Muhomor +Date: Mon, 8 Aug 2022 18:42:19 +0300 +Subject: [PATCH] exec spawning: don't close the binder connection when the app + crashes + +When an unhandled exception occured, binder connections were closed with +IPCThreadState::stopProcess() before the invocation of java.lang.Thread#dispatchUncaughtException(). +By default, that method tries to report the crash via ActivityManager#handleApplicationCrash(), +which always failed due to the closed binder connection. +This meant that the crash dialog was never shown and additional crash handling was skipped. + +Zygote-based spawning never calls IPCThreadState::stopProcess(). +--- + cmds/app_process/app_main.cpp | 6 ++++-- + 1 file changed, 4 insertions(+), 2 deletions(-) + +diff --git a/cmds/app_process/app_main.cpp b/cmds/app_process/app_main.cpp +index 12083b6fe20b..4ca8b1e18431 100644 +--- a/cmds/app_process/app_main.cpp ++++ b/cmds/app_process/app_main.cpp +@@ -85,8 +85,10 @@ public: + AndroidRuntime* ar = AndroidRuntime::getRuntime(); + ar->callMain(mClassName, mClass, mArgs); + +- IPCThreadState::self()->stopProcess(); +- hardware::IPCThreadState::self()->stopProcess(); ++ if (mClassName != "com.android.internal.os.ExecInit") { ++ IPCThreadState::self()->stopProcess(); ++ hardware::IPCThreadState::self()->stopProcess(); ++ } + } + + virtual void onZygoteInit() diff --git a/Patches/LineageOS-17.1/android_frameworks_base/0010-Exec_Based_Spawning-13.patch b/Patches/LineageOS-17.1/android_frameworks_base/0010-Exec_Based_Spawning-13.patch new file mode 100644 index 00000000..7523c418 --- /dev/null +++ b/Patches/LineageOS-17.1/android_frameworks_base/0010-Exec_Based_Spawning-13.patch @@ -0,0 +1,34 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Dmitry Muhomor +Date: Mon, 8 Aug 2022 18:42:19 +0300 +Subject: [PATCH] exec spawning: don't close the binder connection when the app + crashes + +When an unhandled exception occured, binder connections were closed with +IPCThreadState::stopProcess() before the invocation of java.lang.Thread#dispatchUncaughtException(). +By default, that method tries to report the crash via ActivityManager#handleApplicationCrash(), +which always failed due to the closed binder connection. +This meant that the crash dialog was never shown and additional crash handling was skipped. + +Zygote-based spawning never calls IPCThreadState::stopProcess(). +--- + cmds/app_process/app_main.cpp | 6 ++++-- + 1 file changed, 4 insertions(+), 2 deletions(-) + +diff --git a/cmds/app_process/app_main.cpp b/cmds/app_process/app_main.cpp +index 12083b6fe20b..4ca8b1e18431 100644 +--- a/cmds/app_process/app_main.cpp ++++ b/cmds/app_process/app_main.cpp +@@ -85,8 +85,10 @@ public: + AndroidRuntime* ar = AndroidRuntime::getRuntime(); + ar->callMain(mClassName, mClass, mArgs); + +- IPCThreadState::self()->stopProcess(); +- hardware::IPCThreadState::self()->stopProcess(); ++ if (mClassName != "com.android.internal.os.ExecInit") { ++ IPCThreadState::self()->stopProcess(); ++ hardware::IPCThreadState::self()->stopProcess(); ++ } + } + + virtual void onZygoteInit() diff --git a/Patches/LineageOS-18.1/android_frameworks_base/0018-Exec_Based_Spawning-13.patch b/Patches/LineageOS-18.1/android_frameworks_base/0018-Exec_Based_Spawning-13.patch new file mode 100644 index 00000000..7523c418 --- /dev/null +++ b/Patches/LineageOS-18.1/android_frameworks_base/0018-Exec_Based_Spawning-13.patch @@ -0,0 +1,34 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Dmitry Muhomor +Date: Mon, 8 Aug 2022 18:42:19 +0300 +Subject: [PATCH] exec spawning: don't close the binder connection when the app + crashes + +When an unhandled exception occured, binder connections were closed with +IPCThreadState::stopProcess() before the invocation of java.lang.Thread#dispatchUncaughtException(). +By default, that method tries to report the crash via ActivityManager#handleApplicationCrash(), +which always failed due to the closed binder connection. +This meant that the crash dialog was never shown and additional crash handling was skipped. + +Zygote-based spawning never calls IPCThreadState::stopProcess(). +--- + cmds/app_process/app_main.cpp | 6 ++++-- + 1 file changed, 4 insertions(+), 2 deletions(-) + +diff --git a/cmds/app_process/app_main.cpp b/cmds/app_process/app_main.cpp +index 12083b6fe20b..4ca8b1e18431 100644 +--- a/cmds/app_process/app_main.cpp ++++ b/cmds/app_process/app_main.cpp +@@ -85,8 +85,10 @@ public: + AndroidRuntime* ar = AndroidRuntime::getRuntime(); + ar->callMain(mClassName, mClass, mArgs); + +- IPCThreadState::self()->stopProcess(); +- hardware::IPCThreadState::self()->stopProcess(); ++ if (mClassName != "com.android.internal.os.ExecInit") { ++ IPCThreadState::self()->stopProcess(); ++ hardware::IPCThreadState::self()->stopProcess(); ++ } + } + + virtual void onZygoteInit() diff --git a/Patches/LineageOS-19.1/android_frameworks_base/0018-Exec_Based_Spawning-13.patch b/Patches/LineageOS-19.1/android_frameworks_base/0018-Exec_Based_Spawning-13.patch new file mode 100644 index 00000000..7523c418 --- /dev/null +++ b/Patches/LineageOS-19.1/android_frameworks_base/0018-Exec_Based_Spawning-13.patch @@ -0,0 +1,34 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Dmitry Muhomor +Date: Mon, 8 Aug 2022 18:42:19 +0300 +Subject: [PATCH] exec spawning: don't close the binder connection when the app + crashes + +When an unhandled exception occured, binder connections were closed with +IPCThreadState::stopProcess() before the invocation of java.lang.Thread#dispatchUncaughtException(). +By default, that method tries to report the crash via ActivityManager#handleApplicationCrash(), +which always failed due to the closed binder connection. +This meant that the crash dialog was never shown and additional crash handling was skipped. + +Zygote-based spawning never calls IPCThreadState::stopProcess(). +--- + cmds/app_process/app_main.cpp | 6 ++++-- + 1 file changed, 4 insertions(+), 2 deletions(-) + +diff --git a/cmds/app_process/app_main.cpp b/cmds/app_process/app_main.cpp +index 12083b6fe20b..4ca8b1e18431 100644 +--- a/cmds/app_process/app_main.cpp ++++ b/cmds/app_process/app_main.cpp +@@ -85,8 +85,10 @@ public: + AndroidRuntime* ar = AndroidRuntime::getRuntime(); + ar->callMain(mClassName, mClass, mArgs); + +- IPCThreadState::self()->stopProcess(); +- hardware::IPCThreadState::self()->stopProcess(); ++ if (mClassName != "com.android.internal.os.ExecInit") { ++ IPCThreadState::self()->stopProcess(); ++ hardware::IPCThreadState::self()->stopProcess(); ++ } + } + + virtual void onZygoteInit() diff --git a/Patches/LineageOS-19.1/android_frameworks_native/0001-Sensors_Permission-a1.patch b/Patches/LineageOS-19.1/android_frameworks_native/0001-Sensors_Permission-a1.patch new file mode 100644 index 00000000..92015395 --- /dev/null +++ b/Patches/LineageOS-19.1/android_frameworks_native/0001-Sensors_Permission-a1.patch @@ -0,0 +1,54 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Dmitry Muhomor +Date: Sun, 24 Jul 2022 13:07:00 +0300 +Subject: [PATCH] protect step sensors with OTHER_SENSORS permission for + targetSdk<29 apps + +--- + services/sensorservice/SensorService.cpp | 24 +++++++++++++++--------- + 1 file changed, 15 insertions(+), 9 deletions(-) + +diff --git a/services/sensorservice/SensorService.cpp b/services/sensorservice/SensorService.cpp +index bdbae7b1ec..e1f0300407 100644 +--- a/services/sensorservice/SensorService.cpp ++++ b/services/sensorservice/SensorService.cpp +@@ -1938,17 +1938,9 @@ bool SensorService::canAccessSensor(const Sensor& sensor, const char* operation, + } + + const int32_t opCode = sensor.getRequiredAppOp(); +- int targetSdkVersion = getTargetSdkVersion(opPackageName); + + bool canAccess = false; +- if (targetSdkVersion > 0 && targetSdkVersion <= __ANDROID_API_P__ && +- (sensor.getType() == SENSOR_TYPE_STEP_COUNTER || +- sensor.getType() == SENSOR_TYPE_STEP_DETECTOR)) { +- // Allow access to step sensors if the application targets pre-Q, which is before the +- // requirement to hold the AR permission to access Step Counter and Step Detector events +- // was introduced. +- canAccess = true; +- } else if (hasPermissionForSensor(sensor)) { ++ if (hasPermissionForSensor(sensor)) { + // Ensure that the AppOp is allowed, or that there is no necessary app op for the sensor + if (opCode >= 0) { + const int32_t appOpMode = sAppOpsManager.checkOp(opCode, +@@ -1957,6 +1949,20 @@ bool SensorService::canAccessSensor(const Sensor& sensor, const char* operation, + } else { + canAccess = true; + } ++ } else { ++ int targetSdkVersion = getTargetSdkVersion(opPackageName); ++ if (targetSdkVersion > 0 && targetSdkVersion <= __ANDROID_API_P__ && ++ (sensor.getType() == SENSOR_TYPE_STEP_COUNTER || ++ sensor.getType() == SENSOR_TYPE_STEP_DETECTOR)) { ++ ++ // upstream allows access to these sensors without the ACTIVITY_RECOGNITION permission ++ // for targetSdk < 29 apps, enforce the OTHER_SENSORS permission instead ++ const String16 requiredPermission("android.permission.OTHER_SENSORS"); ++ ++ // copied from hasPermissionForSensor() below ++ canAccess = checkPermission(requiredPermission, ++ IPCThreadState::self()->getCallingPid(), IPCThreadState::self()->getCallingUid()); ++ } + } + + if (!canAccess) { diff --git a/Patches/LineageOS-19.1/android_packages_modules_Connectivity/0001-Network_Permission-4.patch b/Patches/LineageOS-19.1/android_packages_modules_Connectivity/0001-Network_Permission-4.patch new file mode 100644 index 00000000..7aebb6df --- /dev/null +++ b/Patches/LineageOS-19.1/android_packages_modules_Connectivity/0001-Network_Permission-4.patch @@ -0,0 +1,48 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Dmitry Muhomor +Date: Fri, 29 Jul 2022 20:45:30 +0300 +Subject: [PATCH] bugfix: reportNetworkConnectivity() wasn't switched to + isInternetCompatEnabled() + +--- + framework/src/android/net/ConnectivityManager.java | 11 +++++------ + 1 file changed, 5 insertions(+), 6 deletions(-) + +diff --git a/framework/src/android/net/ConnectivityManager.java b/framework/src/android/net/ConnectivityManager.java +index 8857b7996..0fa34a46b 100644 +--- a/framework/src/android/net/ConnectivityManager.java ++++ b/framework/src/android/net/ConnectivityManager.java +@@ -25,7 +25,6 @@ import static android.net.NetworkRequest.Type.TRACK_DEFAULT; + import static android.net.NetworkRequest.Type.TRACK_SYSTEM_DEFAULT; + import static android.net.QosCallback.QosCallbackRegistrationException; + +-import android.Manifest; + import android.annotation.CallbackExecutor; + import android.annotation.IntDef; + import android.annotation.NonNull; +@@ -43,7 +42,7 @@ import android.compat.annotation.UnsupportedAppUsage; + import android.content.ComponentName; + import android.content.Context; + import android.content.Intent; +-import android.content.pm.PackageManager; ++import android.content.pm.SpecialRuntimePermAppUtils; + import android.net.ConnectivityDiagnosticsManager.DataStallReport.DetectionMethod; + import android.net.IpSecManager.UdpEncapsulationSocket; + import android.net.SocketKeepalive.Callback; +@@ -3141,12 +3140,12 @@ public class ConnectivityManager { + */ + public void reportNetworkConnectivity(@Nullable Network network, boolean hasConnectivity) { + printStackTrace(); +- if (mContext.checkSelfPermission(Manifest.permission.INTERNET) != PackageManager.PERMISSION_GRANTED) { +- // ConnectivityService enforces this by throwing an unexpected SecurityException, +- // which puts GMS into a crash loop. Also useful for other apps that don't expect that +- // INTERNET permission might get revoked. ++ ++ if (SpecialRuntimePermAppUtils.isInternetCompatEnabled()) { ++ // caller doesn't have INTERNET, but expects to always have it + return; + } ++ + try { + mService.reportNetworkConnectivity(network, hasConnectivity); + } catch (RemoteException e) { diff --git a/Patches/LineageOS-19.1/android_packages_modules_Wifi/0001-Random_MAC-a1.patch b/Patches/LineageOS-19.1/android_packages_modules_Wifi/0001-Random_MAC-a1.patch new file mode 100644 index 00000000..75375c95 --- /dev/null +++ b/Patches/LineageOS-19.1/android_packages_modules_Wifi/0001-Random_MAC-a1.patch @@ -0,0 +1,98 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: xshu +Date: Thu, 4 Nov 2021 16:51:09 +0800 +Subject: [PATCH 1/2] Fix MAC address leak after SSR + +Re-randomize MAC at interface up if the previous attempt to re-randomize +failed. + +Bug: 197776883 +Test: atest com.android.server.wifi +Change-Id: Ifffec40276171583f07868b81098bc7d17288ae1 +CRs-Fixed: 3011538 +(Cherry-picked from 85daf5384212f7892ca72a924e14298b2fade1c7) +--- + .../android/server/wifi/ClientModeImpl.java | 34 ++++++++++++++++--- + .../wifi/ConcreteClientModeManager.java | 3 ++ + 2 files changed, 32 insertions(+), 5 deletions(-) + +diff --git a/service/java/com/android/server/wifi/ClientModeImpl.java b/service/java/com/android/server/wifi/ClientModeImpl.java +index cff2c0258..cacfeb874 100644 +--- a/service/java/com/android/server/wifi/ClientModeImpl.java ++++ b/service/java/com/android/server/wifi/ClientModeImpl.java +@@ -249,6 +249,7 @@ public class ClientModeImpl extends StateMachine implements ClientMode { + private final String mInterfaceName; + private final ConcreteClientModeManager mClientModeManager; + ++ private boolean mFailedToResetMacAddress = false; + private int mLastSignalLevel = -1; + private int mLastTxKbps = -1; + private int mLastRxKbps = -1; +@@ -1201,6 +1202,27 @@ public class ClientModeImpl extends StateMachine implements ClientMode { + return sb.toString(); + } + ++ /** ++ * receives changes in the interface up/down events for the interface associated with this ++ * ClientModeImpl. This is expected to be called from the ClientModeManager running on the ++ * wifi handler thread. ++ */ ++ public void onUpChanged(boolean isUp) { ++ if (isUp && mFailedToResetMacAddress) { ++ // When the firmware does a subsystem restart, wifi will disconnect but we may fail to ++ // re-randomize the MAC address of the interface since it's undergoing recovery. Thus, ++ // check every time the interface goes up and re-randomize if the failure was detected. ++ if (mWifiGlobals.isConnectedMacRandomizationEnabled()) { ++ mFailedToResetMacAddress = !mWifiNative.setStaMacAddress( ++ mInterfaceName, MacAddressUtils.createRandomUnicastAddress()); ++ if (mFailedToResetMacAddress) { ++ Log.e(getTag(), "Failed to set random MAC address on interface up"); ++ } ++ } ++ } ++ // No need to handle interface down since it's already handled in the ClientModeManager. ++ } ++ + public WifiLinkLayerStats getWifiLinkLayerStats() { + if (mInterfaceName == null) { + loge("getWifiLinkLayerStats called without an interface"); +@@ -3205,9 +3227,10 @@ public class ClientModeImpl extends StateMachine implements ClientMode { + mLastSimBasedConnectionCarrierName = null; + mLastSignalLevel = -1; + if (mWifiGlobals.isConnectedMacRandomizationEnabled()) { +- if (!mWifiNative.setStaMacAddress( +- mInterfaceName, MacAddressUtils.createRandomUnicastAddress())) { +- Log.e(getTag(), "Failed to set random MAC address on bootup"); ++ mFailedToResetMacAddress = !mWifiNative.setStaMacAddress( ++ mInterfaceName, MacAddressUtils.createRandomUnicastAddress()); ++ if (mFailedToResetMacAddress) { ++ Log.e(getTag(), "Failed to set random MAC address on ClientMode creation"); + } + } + mWifiInfo.setMacAddress(mWifiNative.getMacAddress(mInterfaceName)); +@@ -4253,8 +4276,9 @@ public class ClientModeImpl extends StateMachine implements ClientMode { + // 2. Set a random MAC address to ensure that we're not leaking the MAC address. + mWifiNative.disableNetwork(mInterfaceName); + if (mWifiGlobals.isConnectedMacRandomizationEnabled()) { +- if (!mWifiNative.setStaMacAddress( +- mInterfaceName, MacAddressUtils.createRandomUnicastAddress())) { ++ mFailedToResetMacAddress = !mWifiNative.setStaMacAddress( ++ mInterfaceName, MacAddressUtils.createRandomUnicastAddress()); ++ if (mFailedToResetMacAddress) { + Log.e(getTag(), "Failed to set random MAC address on disconnect"); + } + } +diff --git a/service/java/com/android/server/wifi/ConcreteClientModeManager.java b/service/java/com/android/server/wifi/ConcreteClientModeManager.java +index 1e6d63d31..0c6183d58 100644 +--- a/service/java/com/android/server/wifi/ConcreteClientModeManager.java ++++ b/service/java/com/android/server/wifi/ConcreteClientModeManager.java +@@ -856,6 +856,9 @@ public class ConcreteClientModeManager implements ClientModeManager { + Log.d(getTag(), "interface down!"); + mStateMachine.sendMessage(CMD_INTERFACE_DOWN); + } ++ if (mClientModeImpl != null) { ++ mClientModeImpl.onUpChanged(isUp); ++ } + } + + @Override diff --git a/Patches/LineageOS-19.1/android_packages_modules_Wifi/0001-Random_MAC-a2.patch b/Patches/LineageOS-19.1/android_packages_modules_Wifi/0001-Random_MAC-a2.patch new file mode 100644 index 00000000..68ce124c --- /dev/null +++ b/Patches/LineageOS-19.1/android_packages_modules_Wifi/0001-Random_MAC-a2.patch @@ -0,0 +1,38 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Khanjan Desai +Date: Fri, 9 Jul 2021 22:24:50 +0530 +Subject: [PATCH 2/2] WifiService: Capture BackendBusyException in + MacRandomization + +While obtaining hash for Mac Randomization, the framework is +rebooting due to BackendBusyException. + +Added cache for BackendBusyException to avoid reboot. + +Change-Id: I7bb606f00e311e4435e30dd86cb77d3507e38627 +CRs-Fixed: 2987402 +--- + service/java/com/android/server/wifi/MacAddressUtil.java | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/service/java/com/android/server/wifi/MacAddressUtil.java b/service/java/com/android/server/wifi/MacAddressUtil.java +index 3ea265491..b6526ccf4 100644 +--- a/service/java/com/android/server/wifi/MacAddressUtil.java ++++ b/service/java/com/android/server/wifi/MacAddressUtil.java +@@ -26,6 +26,7 @@ import java.nio.ByteBuffer; + import java.nio.charset.StandardCharsets; + import java.security.InvalidAlgorithmParameterException; + import java.security.InvalidKeyException; ++import android.security.keystore.BackendBusyException; + import java.security.Key; + import java.security.KeyStore; + import java.security.KeyStoreException; +@@ -101,7 +102,7 @@ public class MacAddressUtil { + result.init(key); + return result; + } catch (KeyStoreException | NoSuchAlgorithmException | InvalidKeyException +- | UnrecoverableKeyException | NoSuchProviderException e) { ++ | UnrecoverableKeyException | NoSuchProviderException | BackendBusyException e) { + Log.e(TAG, "Failure in obtainMacRandHashFunction", e); + return null; + } diff --git a/Scripts/LineageOS-16.0/Patch.sh b/Scripts/LineageOS-16.0/Patch.sh index 338587f1..cb522a11 100644 --- a/Scripts/LineageOS-16.0/Patch.sh +++ b/Scripts/LineageOS-16.0/Patch.sh @@ -163,6 +163,7 @@ applyPatch "$DOS_PATCHES/android_frameworks_base/0010-Exec_Based_Spawning-7.patc applyPatch "$DOS_PATCHES/android_frameworks_base/0010-Exec_Based_Spawning-8.patch"; applyPatch "$DOS_PATCHES/android_frameworks_base/0010-Exec_Based_Spawning-9.patch"; applyPatch "$DOS_PATCHES/android_frameworks_base/0010-Exec_Based_Spawning-10.patch"; +applyPatch "$DOS_PATCHES/android_frameworks_base/0010-Exec_Based_Spawning-11.patch"; sed -i 's/sys.spawn.exec/persist.security.exec_spawn_new/' core/java/com/android/internal/os/ZygoteConnection.java; fi; applyPatch "$DOS_PATCHES_COMMON/android_frameworks_base/0003-SUPL_No_IMSI.patch"; #Don't send IMSI to SUPL (MSe1969) diff --git a/Scripts/LineageOS-17.1/Patch.sh b/Scripts/LineageOS-17.1/Patch.sh index c49c21da..ebbf7e93 100644 --- a/Scripts/LineageOS-17.1/Patch.sh +++ b/Scripts/LineageOS-17.1/Patch.sh @@ -148,6 +148,7 @@ applyPatch "$DOS_PATCHES/android_frameworks_base/0010-Exec_Based_Spawning-9.patc applyPatch "$DOS_PATCHES/android_frameworks_base/0010-Exec_Based_Spawning-10.patch"; applyPatch "$DOS_PATCHES/android_frameworks_base/0010-Exec_Based_Spawning-11.patch"; applyPatch "$DOS_PATCHES/android_frameworks_base/0010-Exec_Based_Spawning-12.patch"; +applyPatch "$DOS_PATCHES/android_frameworks_base/0010-Exec_Based_Spawning-13.patch"; sed -i 's/sys.spawn.exec/persist.security.exec_spawn_new/' core/java/com/android/internal/os/ZygoteConnection.java; fi; applyPatch "$DOS_PATCHES/android_frameworks_base/0003-SUPL_No_IMSI.patch"; #Don't send IMSI to SUPL (MSe1969) diff --git a/Scripts/LineageOS-18.1/Patch.sh b/Scripts/LineageOS-18.1/Patch.sh index dddd8486..80e3aa1c 100644 --- a/Scripts/LineageOS-18.1/Patch.sh +++ b/Scripts/LineageOS-18.1/Patch.sh @@ -157,6 +157,7 @@ applyPatch "$DOS_PATCHES/android_frameworks_base/0018-Exec_Based_Spawning-9.patc applyPatch "$DOS_PATCHES/android_frameworks_base/0018-Exec_Based_Spawning-10.patch"; applyPatch "$DOS_PATCHES/android_frameworks_base/0018-Exec_Based_Spawning-11.patch"; applyPatch "$DOS_PATCHES/android_frameworks_base/0018-Exec_Based_Spawning-12.patch"; +applyPatch "$DOS_PATCHES/android_frameworks_base/0018-Exec_Based_Spawning-13.patch"; sed -i 's/sys.spawn.exec/persist.security.exec_spawn_new/' core/java/com/android/internal/os/ZygoteConnection.java; fi; applyPatch "$DOS_PATCHES/android_frameworks_base/0019-Random_MAC.patch"; #Add option of always randomizing MAC addresses (GrapheneOS) diff --git a/Scripts/LineageOS-19.1/Patch.sh b/Scripts/LineageOS-19.1/Patch.sh index a16b78c1..74604177 100644 --- a/Scripts/LineageOS-19.1/Patch.sh +++ b/Scripts/LineageOS-19.1/Patch.sh @@ -157,6 +157,7 @@ applyPatch "$DOS_PATCHES/android_frameworks_base/0018-Exec_Based_Spawning-9.patc applyPatch "$DOS_PATCHES/android_frameworks_base/0018-Exec_Based_Spawning-10.patch"; applyPatch "$DOS_PATCHES/android_frameworks_base/0018-Exec_Based_Spawning-11.patch"; applyPatch "$DOS_PATCHES/android_frameworks_base/0018-Exec_Based_Spawning-12.patch"; +applyPatch "$DOS_PATCHES/android_frameworks_base/0018-Exec_Based_Spawning-13.patch"; sed -i 's/sys.spawn.exec/persist.security.exec_spawn_new/' core/java/com/android/internal/os/ZygoteConnection.java; fi; applyPatch "$DOS_PATCHES/android_frameworks_base/0020-Location_Indicators.patch"; #SystemUI: Use new privacy indicators for location (GrapheneOS) @@ -196,6 +197,7 @@ fi; if enterAndClear "frameworks/native"; then applyPatch "$DOS_PATCHES/android_frameworks_native/0001-Sensors_Permission.patch"; #Require OTHER_SENSORS permission for sensors (GrapheneOS) +applyPatch "$DOS_PATCHES/android_frameworks_native/0001-Sensors_Permission-a1.patch"; #Protect step sensors with OTHER_SENSORS permission for targetSdk<29 apps (GrapheneOS) fi; if [ "$DOS_DEBLOBBER_REMOVE_IMS" = true ]; then @@ -313,6 +315,7 @@ if enterAndClear "packages/modules/Connectivity"; then applyPatch "$DOS_PATCHES/android_packages_modules_Connectivity/0001-Network_Permission-1.patch"; #Add callback for enforcing INTERNET permission changes (GrapheneOS) applyPatch "$DOS_PATCHES/android_packages_modules_Connectivity/0001-Network_Permission-2.patch"; #Use uid instead of app id (GrapheneOS) applyPatch "$DOS_PATCHES/android_packages_modules_Connectivity/0001-Network_Permission-3.patch"; #Skip reportNetworkConnectivity() when permission is revoked (GrapheneOS) +#applyPatch "$DOS_PATCHES/android_packages_modules_Connectivity/0001-Network_Permission-4.patch"; #bugfix: reportNetworkConnectivity() wasn't switched to isInternetCompatEnabled() (GrapheneOS) applyPatch "$DOS_PATCHES/android_packages_modules_Connectivity/0002-Private_DNS.patch"; #More 'Private DNS' options (heavily based off of a CalyxOS patch) fi; @@ -341,6 +344,8 @@ fi; if enterAndClear "packages/modules/Wifi"; then applyPatch "$DOS_PATCHES/android_packages_modules_Wifi/0001-Random_MAC.patch"; #Add support for always generating new random MAC (GrapheneOS) +applyPatch "$DOS_PATCHES/android_packages_modules_Wifi/0001-Random_MAC-a1.patch"; #Fix MAC address leak after SSR (AOSP) +applyPatch "$DOS_PATCHES/android_packages_modules_Wifi/0001-Random_MAC-a2.patch"; #WifiService: Capture BackendBusyException in MacRandomization (CodeAurora) fi; if enterAndClear "packages/providers/DownloadProvider"; then