DivestOS/Patches/LineageOS-15.1/android_frameworks_base/0007-Sensors.patch
Tad 621441349e Fixup the sensors permission patches on 7, 8, and 9.
Switch these patches to MODE_ALLOWED from MODE_ASK to fix breakage
of system services.

Also remove some code that adds a likely security issue.

Will need some extra regression testing.

Signed-off-by: Tad <tad@spotco.us>
2021-11-04 10:24:06 -04:00

199 lines
8.1 KiB
Diff

From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: MSe1969 <mse1969@posteo.de>
Date: Sun, 17 Jun 2018 10:49:09 +0200
Subject: [PATCH] - AppOps/PrivacyGuard: New Sensor checks [base]
Add two AppOps for sensor access:
- OP_MOTION_SENSORS (default: allow, strict)
- OP_OTHER_SENSORS (default: allow)
Change-Id: Id12b91720f1e02ea5ca606ecefb30121d19b92bb
---
core/java/android/app/AppOpsManager.java | 34 +++++++++++++++++++++---
core/res/res/values-de/cm_strings.xml | 2 ++
core/res/res/values-fr/cm_strings.xml | 2 ++
core/res/res/values/cm_strings.xml | 2 ++
core/res/res/values/lineage_arrays.xml | 4 +++
5 files changed, 41 insertions(+), 3 deletions(-)
diff --git a/core/java/android/app/AppOpsManager.java b/core/java/android/app/AppOpsManager.java
index 2db36c8f4e02..e59869c11e90 100644
--- a/core/java/android/app/AppOpsManager.java
+++ b/core/java/android/app/AppOpsManager.java
@@ -280,8 +280,12 @@ public class AppOpsManager {
public static final int OP_DATA_CONNECT_CHANGE = 74;
/** @hide SU access */
public static final int OP_SU = 75;
+ /** @hide Motion Sensors */
+ public static final int OP_MOTION_SENSORS = 76;
+ /** @hide Other Sensors */
+ public static final int OP_OTHER_SENSORS = 77;
/** @hide */
- public static final int _NUM_OP = 76;
+ public static final int _NUM_OP = 78;
/** Access to coarse location information. */
public static final String OPSTR_COARSE_LOCATION = "android:coarse_location";
@@ -407,6 +411,10 @@ public class AppOpsManager {
= "android:data_connect_change";
private static final String OPSTR_SU
= "android:su";
+ private static final String OPSTR_MOTION_SENSORS =
+ "android:motion_sensors";
+ private static final String OPSTR_OTHER_SENSORS =
+ "android:other_sensors";
// Warning: If an permission is added here it also has to be added to
// com.android.packageinstaller.permission.utils.EventLogger
@@ -540,7 +548,9 @@ public class AppOpsManager {
OP_BOOT_COMPLETED,
OP_NFC_CHANGE,
OP_DATA_CONNECT_CHANGE,
- OP_SU
+ OP_SU,
+ OP_MOTION_SENSORS,
+ OP_OTHER_SENSORS
};
/**
@@ -624,6 +634,8 @@ public class AppOpsManager {
OPSTR_NFC_CHANGE,
OPSTR_DATA_CONNECT_CHANGE,
OPSTR_SU,
+ OPSTR_MOTION_SENSORS,
+ OPSTR_OTHER_SENSORS,
};
/**
@@ -707,6 +719,8 @@ public class AppOpsManager {
"NFC_CHANGE",
"DATA_CONNECT_CHANGE",
"SU",
+ "MOTION_SENSORS",
+ "OTHER_SENSORS",
};
/**
@@ -790,6 +804,8 @@ public class AppOpsManager {
Manifest.permission.NFC,
Manifest.permission.MODIFY_PHONE_STATE,
null,
+ null,
+ null,
};
/**
@@ -874,6 +890,8 @@ public class AppOpsManager {
null, //NFC_CHANGE
null, //DATA_CONNECT_CHANGE
UserManager.DISALLOW_SU, //SU TODO: this should really be investigated.
+ null, //MOTION_SENSORS
+ null, //OTHER_SENSORS
};
/**
@@ -957,6 +975,8 @@ public class AppOpsManager {
true, // NFC_CHANGE
true, //DATA_CONNECT_CHANGE
false, //SU
+ false, //MOTION_SENSORS
+ false, //OTHER_SENSORS
};
/**
@@ -1038,7 +1058,9 @@ public class AppOpsManager {
AppOpsManager.MODE_ALLOWED, // OP_BOOT_COMPLETED
AppOpsManager.MODE_ALLOWED, // OP_NFC_CHANGE
AppOpsManager.MODE_ALLOWED,
- AppOpsManager.MODE_ASK, // OP_SU
+ AppOpsManager.MODE_ASK, // OP_SU
+ AppOpsManager.MODE_ALLOWED, // OP_MOTION_SENSORS
+ AppOpsManager.MODE_ALLOWED, // OP_OTHER_SENSORS
};
/**
@@ -1122,6 +1144,8 @@ public class AppOpsManager {
AppOpsManager.MODE_ASK, // OP_NFC_CHANGE
AppOpsManager.MODE_ASK, // OP_DATA_CONNECT_CHANGE
AppOpsManager.MODE_ASK, // OP_SU
+ AppOpsManager.MODE_ALLOWED, // OP_MOTION_SENSORS
+ AppOpsManager.MODE_ALLOWED, // OP_OTHER_SENSORS
};
/**
@@ -1204,6 +1228,8 @@ public class AppOpsManager {
true, // OP_NFC_CHANGE
true, // OP_DATA_CONNECT_CHANGE
true, // OP_SU
+ true, // OP_MOTION_SENSORS
+ false, // OP_OTHER_SENSORS
};
/**
@@ -1290,6 +1316,8 @@ public class AppOpsManager {
false, // OP_NFC_CHANGE
false, // OP_DATA_CONNECT_CHANGE
false, // OP_SU
+ false, // OP_MOTION_SENSORS
+ false, // OP_OTHER_SENSORS
};
/**
diff --git a/core/res/res/values-de/cm_strings.xml b/core/res/res/values-de/cm_strings.xml
index af5c3fbe12f0..6a8a1e0fc45a 100644
--- a/core/res/res/values-de/cm_strings.xml
+++ b/core/res/res/values-de/cm_strings.xml
@@ -57,7 +57,9 @@
<string name="app_ops_modify_clipboard">die Zwischenablage zu ändern</string>
<string name="app_ops_modify_contacts">Kontakte zu ändern</string>
<string name="app_ops_modify_settings">Einstellungen zu ändern</string>
+ <string name="app_ops_motion_sensors">Bewegungssensoren zu nutzen</string>
<string name="app_ops_mute_unmute_microphone">das Mikrofon zu aktivieren/deaktivieren</string>
+ <string name="app_ops_other_sensors">sonstige Sensoren zu nutzen</string>
<string name="app_ops_phone_calls">Anrufe zu beantworten</string>
<string name="app_ops_picture_in_picture">Bild im Bild zu verwenden</string>
<string name="app_ops_play_audio">Audio wiederzugeben</string>
diff --git a/core/res/res/values-fr/cm_strings.xml b/core/res/res/values-fr/cm_strings.xml
index c223ccbc5dd8..28ee5ba28dcf 100644
--- a/core/res/res/values-fr/cm_strings.xml
+++ b/core/res/res/values-fr/cm_strings.xml
@@ -57,7 +57,9 @@
<string name="app_ops_modify_clipboard">modifier le presse-papiers</string>
<string name="app_ops_modify_contacts">mettre à jour vos contacts</string>
<string name="app_ops_modify_settings">mettre à jour les paramètres du système</string>
+ <string name="app_ops_motion_sensors">utiliser les capteurs de mouvement</string>
<string name="app_ops_mute_unmute_microphone">activer/désactiver le microphone</string>
+ <string name="app_ops_other_sensors">utiliser d\'autres capteurs</string>
<string name="app_ops_phone_calls">répondre aux appels téléphoniques</string>
<string name="app_ops_picture_in_picture">utiliser le mode Picture-in-Picture</string>
<string name="app_ops_play_audio">lecture audio</string>
diff --git a/core/res/res/values/cm_strings.xml b/core/res/res/values/cm_strings.xml
index 4c34888c94ab..d0ec04891c8d 100644
--- a/core/res/res/values/cm_strings.xml
+++ b/core/res/res/values/cm_strings.xml
@@ -70,7 +70,9 @@
<string name="app_ops_modify_clipboard">modify the clipboard</string>
<string name="app_ops_modify_contacts">update your contacts</string>
<string name="app_ops_modify_settings">update system settings</string>
+ <string name="app_ops_motion_sensors">use the motion sensors</string>
<string name="app_ops_mute_unmute_microphone">mute/unmute the microphone</string>
+ <string name="app_ops_other_sensors">use other sensors</string>
<string name="app_ops_phone_calls">answer phone calls</string>
<string name="app_ops_picture_in_picture">use picture in picture</string>
<string name="app_ops_play_audio">play audio</string>
diff --git a/core/res/res/values/lineage_arrays.xml b/core/res/res/values/lineage_arrays.xml
index 65149d2a9e54..5cb3120dbc47 100644
--- a/core/res/res/values/lineage_arrays.xml
+++ b/core/res/res/values/lineage_arrays.xml
@@ -170,6 +170,10 @@
<item>@string/app_ops_toggle_mobile_data</item>
<!-- OP_SU -->
<item>@string/app_ops_su</item>
+ <!-- OP_MOTION_SENSORS -->
+ <item>@string/app_ops_motion_sensors</item>
+ <!-- OP_OTHER_SENSORS -->
+ <item>@string/app_ops_other_sensors</item>
</string-array>
</resources>