From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 From: Tad Date: Wed, 20 Apr 2022 01:04:27 -0400 Subject: [PATCH] Add a toggle for microG enablement Copy and pasted from the GrapheneOS exec spawning toggle patch Change-Id: Ibea6ea9bed1c2ae3491f403d9e5c17c1d1c403f1 Signed-off-by: Tad --- res/values/strings.xml | 3 + res/xml/security_dashboard_settings.xml | 7 +- .../settings/security/SecuritySettings.java | 1 + .../SigSpoofPreferenceController.java | 106 ++++++++++++++++++ 4 files changed, 116 insertions(+), 1 deletion(-) create mode 100644 src/com/android/settings/security/SigSpoofPreferenceController.java diff --git a/res/values/strings.xml b/res/values/strings.xml index 9f78d9b654..c5d856095e 100644 --- a/res/values/strings.xml +++ b/res/values/strings.xml @@ -10124,4 +10124,7 @@ Don\u2019t connect Connect + + Unprivileged microG enablement + Allows official builds of microG apps to function. Not supported, not recommended. May break apps and/or degrade their security model. Notes: 1) microG connects directly to Google, 2) apps talking to microG do so using proprietary Google libraries, 3) microG can download/execute proprietary code from Google. diff --git a/res/xml/security_dashboard_settings.xml b/res/xml/security_dashboard_settings.xml index 591d8a7c21..0a861e9b90 100644 --- a/res/xml/security_dashboard_settings.xml +++ b/res/xml/security_dashboard_settings.xml @@ -56,6 +56,11 @@ android:summary="@string/summary_placeholder" settings:keywords="@string/keywords_fingerprint_settings"/> + @@ -165,4 +170,4 @@ android:summary="@string/summary_placeholder" android:fragment="com.android.settings.security.ScreenPinningSettings" /> - \ No newline at end of file + diff --git a/src/com/android/settings/security/SecuritySettings.java b/src/com/android/settings/security/SecuritySettings.java index 0839450a93..34d248ccdf 100644 --- a/src/com/android/settings/security/SecuritySettings.java +++ b/src/com/android/settings/security/SecuritySettings.java @@ -128,6 +128,7 @@ public class SecuritySettings extends DashboardFragment { securityPreferenceControllers.add(new FingerprintStatusPreferenceController(context)); securityPreferenceControllers.add(new LockScreenPreferenceController(context, lifecycle)); securityPreferenceControllers.add(new ChangeScreenLockPreferenceController(context, host)); + securityPreferenceControllers.add(new SigSpoofPreferenceController(context)); controllers.add(new PreferenceCategoryController(context, SECURITY_CATEGORY) .setChildren(securityPreferenceControllers)); controllers.addAll(securityPreferenceControllers); diff --git a/src/com/android/settings/security/SigSpoofPreferenceController.java b/src/com/android/settings/security/SigSpoofPreferenceController.java new file mode 100644 index 0000000000..258b59b0b0 --- /dev/null +++ b/src/com/android/settings/security/SigSpoofPreferenceController.java @@ -0,0 +1,106 @@ +/* + * Copyright (C) 2022 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + */ + +package com.android.settings.security; + +import android.content.Context; + +import android.os.UserHandle; +import android.os.UserManager; +import android.os.SystemProperties; + +import android.provider.Settings; + +import androidx.preference.Preference; +import androidx.preference.PreferenceCategory; +import androidx.preference.PreferenceGroup; +import androidx.preference.PreferenceScreen; +import androidx.preference.TwoStatePreference; +import androidx.preference.SwitchPreference; + +import com.android.internal.widget.LockPatternUtils; +import com.android.settings.core.PreferenceControllerMixin; +import com.android.settingslib.core.AbstractPreferenceController; +import com.android.settingslib.core.lifecycle.events.OnResume; + +public class SigSpoofPreferenceController extends AbstractPreferenceController + implements PreferenceControllerMixin, OnResume, Preference.OnPreferenceChangeListener { + + private static final String SYS_KEY_SIG_SPOOF_ENABLE = "persist.security.sigspoof"; + private static final String PREF_KEY_SIG_SPOOF_ENABLE = "sig_spoof"; + private static final String PREF_KEY_SECURITY_CATEGORY = "security_category"; + + private PreferenceCategory mSecurityCategory; + private SwitchPreference mSigSpoofEnable; + private boolean mIsAdmin; + private UserManager mUm; + + public SigSpoofPreferenceController(Context context) { + super(context); + mUm = UserManager.get(context); + } + + @Override + public void displayPreference(PreferenceScreen screen) { + super.displayPreference(screen); + mSecurityCategory = screen.findPreference(PREF_KEY_SECURITY_CATEGORY); + updatePreferenceState(); + } + + @Override + public boolean isAvailable() { + mIsAdmin = mUm.isAdminUser(); + return mIsAdmin; + } + + @Override + public String getPreferenceKey() { + return PREF_KEY_SIG_SPOOF_ENABLE; + } + + // TODO: should we use onCreatePreferences() instead? + private void updatePreferenceState() { + if (mSecurityCategory == null) { + return; + } + + if (mIsAdmin) { + mSigSpoofEnable = (SwitchPreference) mSecurityCategory.findPreference(PREF_KEY_SIG_SPOOF_ENABLE); + mSigSpoofEnable.setChecked(SystemProperties.getInt(SYS_KEY_SIG_SPOOF_ENABLE, 0) == 1); + } else { + mSecurityCategory.removePreference(mSecurityCategory.findPreference(PREF_KEY_SIG_SPOOF_ENABLE)); + } + } + + @Override + public void onResume() { + updatePreferenceState(); + if (mSigSpoofEnable != null) { + boolean mode = mSigSpoofEnable.isChecked(); + SystemProperties.set(SYS_KEY_SIG_SPOOF_ENABLE, mode ? "1" : "0"); + } + } + + @Override + public boolean onPreferenceChange(Preference preference, Object value) { + final String key = preference.getKey(); + if (PREF_KEY_SIG_SPOOF_ENABLE.equals(key)) { + final boolean mode = !mSigSpoofEnable.isChecked(); + SystemProperties.set(SYS_KEY_SIG_SPOOF_ENABLE, mode ? "1" : "0"); + } + return true; + } +}