From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 From: Tad Date: Wed, 20 Apr 2022 01:04:27 -0400 Subject: [PATCH] Add a toggle to disable /etc/hosts lookup Copy and pasted from the GrapheneOS exec spawning toggle patch Signed-off-by: Tad Change-Id: Ic01a142722372d9d57f52947025cd9db23e58ef4 --- res/values/strings.xml | 3 + res/xml/security_dashboard_settings.xml | 6 + .../security/HostsPreferenceController.java | 106 ++++++++++++++++++ .../settings/security/SecuritySettings.java | 1 + 4 files changed, 116 insertions(+) create mode 100644 src/com/android/settings/security/HostsPreferenceController.java diff --git a/res/values/strings.xml b/res/values/strings.xml index d723977899..5af3638555 100644 --- a/res/values/strings.xml +++ b/res/values/strings.xml @@ -11969,6 +11969,9 @@ Enables window blurs at compositor level. Requires device reboot. + Disable DNS content blocker + Disables use of the included /etc/hosts database for data collection and malware blocking. + Privacy diff --git a/res/xml/security_dashboard_settings.xml b/res/xml/security_dashboard_settings.xml index 75cc0b261d..62d42246a3 100644 --- a/res/xml/security_dashboard_settings.xml +++ b/res/xml/security_dashboard_settings.xml @@ -75,6 +75,12 @@ android:title="@string/native_debug_title" android:summary="@string/native_debug_summary" android:persistent="false" /> + + diff --git a/src/com/android/settings/security/HostsPreferenceController.java b/src/com/android/settings/security/HostsPreferenceController.java new file mode 100644 index 0000000000..d8af6d2649 --- /dev/null +++ b/src/com/android/settings/security/HostsPreferenceController.java @@ -0,0 +1,106 @@ +/* + * Copyright (C) 2022 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + */ + +package com.android.settings.security; + +import android.content.Context; + +import android.os.UserHandle; +import android.os.UserManager; +import android.os.SystemProperties; + +import android.provider.Settings; + +import androidx.preference.Preference; +import androidx.preference.PreferenceCategory; +import androidx.preference.PreferenceGroup; +import androidx.preference.PreferenceScreen; +import androidx.preference.TwoStatePreference; +import androidx.preference.SwitchPreference; + +import com.android.internal.widget.LockPatternUtils; +import com.android.settings.core.PreferenceControllerMixin; +import com.android.settingslib.core.AbstractPreferenceController; +import com.android.settingslib.core.lifecycle.events.OnResume; + +public class HostsPreferenceController extends AbstractPreferenceController + implements PreferenceControllerMixin, OnResume, Preference.OnPreferenceChangeListener { + + private static final String SYS_KEY_HOSTS_DISABLE = "persist.security.hosts_disable"; + private static final String PREF_KEY_HOSTS_DISABLE = "hosts_disable"; + private static final String PREF_KEY_SECURITY_CATEGORY = "security_category"; + + private PreferenceCategory mSecurityCategory; + private SwitchPreference mHostsDisable; + private boolean mIsAdmin; + private UserManager mUm; + + public HostsPreferenceController(Context context) { + super(context); + mUm = UserManager.get(context); + } + + @Override + public void displayPreference(PreferenceScreen screen) { + super.displayPreference(screen); + mSecurityCategory = screen.findPreference(PREF_KEY_SECURITY_CATEGORY); + updatePreferenceState(); + } + + @Override + public boolean isAvailable() { + mIsAdmin = mUm.isAdminUser(); + return mIsAdmin; + } + + @Override + public String getPreferenceKey() { + return PREF_KEY_HOSTS_DISABLE; + } + + // TODO: should we use onCreatePreferences() instead? + private void updatePreferenceState() { + if (mSecurityCategory == null) { + return; + } + + if (mIsAdmin) { + mHostsDisable = (SwitchPreference) mSecurityCategory.findPreference(PREF_KEY_HOSTS_DISABLE); + mHostsDisable.setChecked(SystemProperties.getInt(SYS_KEY_HOSTS_DISABLE, 0) == 1); + } else { + mSecurityCategory.removePreference(mSecurityCategory.findPreference(PREF_KEY_HOSTS_DISABLE)); + } + } + + @Override + public void onResume() { + updatePreferenceState(); + if (mHostsDisable != null) { + boolean mode = mHostsDisable.isChecked(); + SystemProperties.set(SYS_KEY_HOSTS_DISABLE, mode ? "1" : "0"); + } + } + + @Override + public boolean onPreferenceChange(Preference preference, Object value) { + final String key = preference.getKey(); + if (PREF_KEY_HOSTS_DISABLE.equals(key)) { + final boolean mode = !mHostsDisable.isChecked(); + SystemProperties.set(SYS_KEY_HOSTS_DISABLE, mode ? "1" : "0"); + } + return true; + } +} diff --git a/src/com/android/settings/security/SecuritySettings.java b/src/com/android/settings/security/SecuritySettings.java index 387814c406..0fbcd27104 100644 --- a/src/com/android/settings/security/SecuritySettings.java +++ b/src/com/android/settings/security/SecuritySettings.java @@ -121,6 +121,7 @@ public class SecuritySettings extends DashboardFragment { securityPreferenceControllers.add(new AutoRebootPreferenceController(context)); securityPreferenceControllers.add(new ExecSpawnPreferenceController(context)); securityPreferenceControllers.add(new NativeDebugPreferenceController(context)); + securityPreferenceControllers.add(new HostsPreferenceController(context)); controllers.add(new PreferenceCategoryController(context, SECURITY_CATEGORY) .setChildren(securityPreferenceControllers)); controllers.addAll(securityPreferenceControllers);