mirror of
https://github.com/Divested-Mobile/DivestOS-Build.git
synced 2025-02-17 21:04:26 -05:00
![Tad](/assets/img/avatar_default.png)
wgetb96ee4a2d1
.patch -O telephony-01.patch wgetc16e6e78c1
.patch -O media-01.patch wgetd5771450d7
.patch -O media-02.patch wgeta1370bd00c
.patch -O nn-01.patch wgetce2776f4ca
.patch -O bt-01.patch wget585f583ef5
.patch -O bt-02.patch wgetc9905e7968
.patch -O bt-03.patch wgetc93ec045f5
.patch -O bt-04.patch wget89fb17d172
.patch -O bt-05.patch wget14aed2455e
.patch -O bt-06.patch wgetcd438ebc52
.patch -O bt-07.patch wget27e7cdc4e5
.patch -O nfc-01.patch wgetdfeb4270b8
.patch -O launcher-01.patch wgetb1993f6cec
.patch -O native-01.patch wgetdf4a9362cd
.patch -O fwb-01.patch wgetb55563bb9d
.patch -O fwb-02.patch wgeta80971a281
.patch -O fwb-03.patch wget7e173b4383
.patch -O fwb-04.patch wget44191b1c6b
.patch -O fwb-05.patch wget8dc8dfe572
.patch -O fwb-06.patch wget00a4224100
.patch -O av-01.patch wget21623d1f43
.patch -O settings-01.patch wgetfa5ec443d9
.patch -O settings-02.patch wgetba4da9c7b3
.patch -O settings-03.patch Signed-off-by: Tad <tad@spotco.us>
229 lines
12 KiB
Diff
229 lines
12 KiB
Diff
From ba4da9c7b3a711a5e1c73dcf361b0c14fe02ebf4 Mon Sep 17 00:00:00 2001
|
|
From: Taran Singh <tarandeep@google.com>
|
|
Date: Fri, 19 May 2023 23:17:47 +0000
|
|
Subject: [PATCH] DO NOT MERGE: Prevent non-system IME from becoming device
|
|
admin
|
|
|
|
Currently selected IME can inject KeyEvent on DeviceAdminAdd screen to
|
|
activate itself as device admin and cause various DoS attacks.
|
|
|
|
This CL ensures KeyEvent on "Activate" button can only come from system
|
|
apps.
|
|
|
|
Bug: 280793427
|
|
Test: atest DeviceAdminActivationTest
|
|
(cherry picked from commit 70a501d02e0a6aefd874767a15378ba998759373)
|
|
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:0976cd789d3bfb593e73237b5b0adc39933a1c1c)
|
|
Merged-In: I6470d1684d707f4b1e86f8b456be0b4e0af5f188
|
|
Change-Id: I6470d1684d707f4b1e86f8b456be0b4e0af5f188
|
|
---
|
|
.../deviceadmin/DeviceAdminAdd.java | 129 +++++++++---------
|
|
1 file changed, 68 insertions(+), 61 deletions(-)
|
|
|
|
diff --git a/src/com/android/settings/applications/specialaccess/deviceadmin/DeviceAdminAdd.java b/src/com/android/settings/applications/specialaccess/deviceadmin/DeviceAdminAdd.java
|
|
index fa76a948c06..5746d13666a 100644
|
|
--- a/src/com/android/settings/applications/specialaccess/deviceadmin/DeviceAdminAdd.java
|
|
+++ b/src/com/android/settings/applications/specialaccess/deviceadmin/DeviceAdminAdd.java
|
|
@@ -66,6 +66,7 @@
|
|
import android.util.EventLog;
|
|
import android.util.Log;
|
|
import android.view.Display;
|
|
+import android.view.KeyEvent;
|
|
import android.view.LayoutInflater;
|
|
import android.view.View;
|
|
import android.view.ViewGroup;
|
|
@@ -156,12 +157,12 @@ protected void onCreate(Bundle icicle) {
|
|
|
|
mHandler = new Handler(getMainLooper());
|
|
|
|
- mDPM = (DevicePolicyManager)getSystemService(Context.DEVICE_POLICY_SERVICE);
|
|
- mAppOps = (AppOpsManager)getSystemService(Context.APP_OPS_SERVICE);
|
|
- mLayoutInflaternflater = (LayoutInflater) getSystemService(Context.LAYOUT_INFLATER_SERVICE);
|
|
+ mDPM = getSystemService(DevicePolicyManager.class);
|
|
+ mAppOps = getSystemService(AppOpsManager.class);
|
|
+ mLayoutInflaternflater = getSystemService(LayoutInflater.class);
|
|
PackageManager packageManager = getPackageManager();
|
|
|
|
- if ((getIntent().getFlags()&Intent.FLAG_ACTIVITY_NEW_TASK) != 0) {
|
|
+ if ((getIntent().getFlags() & Intent.FLAG_ACTIVITY_NEW_TASK) != 0) {
|
|
Log.w(TAG, "Cannot start ADD_DEVICE_ADMIN as a new task");
|
|
finish();
|
|
return;
|
|
@@ -171,7 +172,7 @@ protected void onCreate(Bundle icicle) {
|
|
EXTRA_CALLED_FROM_SUPPORT_DIALOG, false);
|
|
|
|
String action = getIntent().getAction();
|
|
- ComponentName who = (ComponentName)getIntent().getParcelableExtra(
|
|
+ ComponentName who = (ComponentName) getIntent().getParcelableExtra(
|
|
DevicePolicyManager.EXTRA_DEVICE_ADMIN);
|
|
if (who == null) {
|
|
String packageName = getIntent().getStringExtra(EXTRA_DEVICE_ADMIN_PACKAGE_NAME);
|
|
@@ -229,7 +230,7 @@ protected void onCreate(Bundle icicle) {
|
|
PackageManager.GET_DISABLED_UNTIL_USED_COMPONENTS);
|
|
int count = avail == null ? 0 : avail.size();
|
|
boolean found = false;
|
|
- for (int i=0; i<count; i++) {
|
|
+ for (int i = 0; i < count; i++) {
|
|
ResolveInfo ri = avail.get(i);
|
|
if (ai.packageName.equals(ri.activityInfo.packageName)
|
|
&& ai.name.equals(ri.activityInfo.name)) {
|
|
@@ -345,22 +346,22 @@ public void onDismiss(DialogInterface dialogInterface) {
|
|
mAdminWarning = dialog.findViewById(R.id.admin_warning_simplified);
|
|
mAdminWarning.setText(
|
|
mDPM.getResources().getString(NEW_DEVICE_ADMIN_WARNING_SIMPLIFIED, () ->
|
|
- getString(R.string.device_admin_warning_simplified,
|
|
- mProfileOwnerName), mProfileOwnerName));
|
|
+ getString(R.string.device_admin_warning_simplified,
|
|
+ mProfileOwnerName), mProfileOwnerName));
|
|
return;
|
|
}
|
|
setContentView(R.layout.device_admin_add);
|
|
|
|
- mAdminIcon = (ImageView)findViewById(R.id.admin_icon);
|
|
- mAdminName = (TextView)findViewById(R.id.admin_name);
|
|
- mAdminDescription = (TextView)findViewById(R.id.admin_description);
|
|
+ mAdminIcon = (ImageView) findViewById(R.id.admin_icon);
|
|
+ mAdminName = (TextView) findViewById(R.id.admin_name);
|
|
+ mAdminDescription = (TextView) findViewById(R.id.admin_description);
|
|
mProfileOwnerWarning = (TextView) findViewById(R.id.profile_owner_warning);
|
|
|
|
mProfileOwnerWarning.setText(
|
|
mDPM.getResources().getString(SET_PROFILE_OWNER_POSTSETUP_WARNING,
|
|
() -> getString(R.string.adding_profile_owner_warning)));
|
|
|
|
- mAddMsg = (TextView)findViewById(R.id.add_msg);
|
|
+ mAddMsg = (TextView) findViewById(R.id.add_msg);
|
|
mAddMsgExpander = (ImageView) findViewById(R.id.add_msg_expander);
|
|
final View.OnClickListener onClickListener = new View.OnClickListener() {
|
|
@Override
|
|
@@ -381,7 +382,7 @@ public void onGlobalLayout() {
|
|
boolean hideMsgExpander = mAddMsg.getLineCount() <= maxLines;
|
|
mAddMsgExpander.setVisibility(hideMsgExpander ? View.GONE : View.VISIBLE);
|
|
if (hideMsgExpander) {
|
|
- ((View)mAddMsgExpander.getParent()).invalidate();
|
|
+ ((View) mAddMsgExpander.getParent()).invalidate();
|
|
}
|
|
mAddMsg.getViewTreeObserver().removeOnGlobalLayoutListener(this);
|
|
}
|
|
@@ -399,7 +400,7 @@ public void onGlobalLayout() {
|
|
mCancelButton.setOnClickListener(new View.OnClickListener() {
|
|
public void onClick(View v) {
|
|
EventLog.writeEvent(EventLogTags.EXP_DET_DEVICE_ADMIN_DECLINED_BY_USER,
|
|
- mDeviceAdmin.getActivityInfo().applicationInfo.uid);
|
|
+ mDeviceAdmin.getActivityInfo().applicationInfo.uid);
|
|
finish();
|
|
}
|
|
});
|
|
@@ -421,58 +422,64 @@ public void onClick(View v) {
|
|
|
|
final View restrictedAction = findViewById(R.id.restricted_action);
|
|
restrictedAction.setFilterTouchesWhenObscured(true);
|
|
- restrictedAction.setOnClickListener(new View.OnClickListener() {
|
|
- public void onClick(View v) {
|
|
- if (!mActionButton.isEnabled()) {
|
|
- showPolicyTransparencyDialogIfRequired();
|
|
- return;
|
|
- }
|
|
- if (mAdding) {
|
|
- addAndFinish();
|
|
- } else if (isManagedProfile(mDeviceAdmin)
|
|
- && mDeviceAdmin.getComponent().equals(mDPM.getProfileOwner())) {
|
|
- final int userId = UserHandle.myUserId();
|
|
- UserDialogs.createRemoveDialog(DeviceAdminAdd.this, userId,
|
|
- new DialogInterface.OnClickListener() {
|
|
- @Override
|
|
- public void onClick(DialogInterface dialog, int which) {
|
|
- UserManager um = UserManager.get(DeviceAdminAdd.this);
|
|
- um.removeUser(userId);
|
|
- finish();
|
|
- }
|
|
+
|
|
+ final View.OnClickListener restrictedActionClickListener = v -> {
|
|
+ if (!mActionButton.isEnabled()) {
|
|
+ showPolicyTransparencyDialogIfRequired();
|
|
+ return;
|
|
+ }
|
|
+ if (mAdding) {
|
|
+ addAndFinish();
|
|
+ } else if (isManagedProfile(mDeviceAdmin)
|
|
+ && mDeviceAdmin.getComponent().equals(mDPM.getProfileOwner())) {
|
|
+ final int userId = UserHandle.myUserId();
|
|
+ UserDialogs.createRemoveDialog(DeviceAdminAdd.this, userId,
|
|
+ new DialogInterface.OnClickListener() {
|
|
+ @Override
|
|
+ public void onClick(DialogInterface dialog, int which) {
|
|
+ UserManager um = UserManager.get(DeviceAdminAdd.this);
|
|
+ um.removeUser(userId);
|
|
+ finish();
|
|
}
|
|
- ).show();
|
|
- } else if (mUninstalling) {
|
|
- mDPM.uninstallPackageWithActiveAdmins(mDeviceAdmin.getPackageName());
|
|
- finish();
|
|
- } else if (!mWaitingForRemoveMsg) {
|
|
- try {
|
|
- // Don't allow the admin to put a dialog up in front
|
|
- // of us while we interact with the user.
|
|
- ActivityManager.getService().stopAppSwitches();
|
|
- } catch (RemoteException e) {
|
|
- }
|
|
- mWaitingForRemoveMsg = true;
|
|
- mDPM.getRemoveWarning(mDeviceAdmin.getComponent(),
|
|
- new RemoteCallback(new RemoteCallback.OnResultListener() {
|
|
- @Override
|
|
- public void onResult(Bundle result) {
|
|
- CharSequence msg = result != null
|
|
- ? result.getCharSequence(
|
|
- DeviceAdminReceiver.EXTRA_DISABLE_WARNING)
|
|
- : null;
|
|
- continueRemoveAction(msg);
|
|
- }
|
|
- }, mHandler));
|
|
- // Don't want to wait too long.
|
|
- getWindow().getDecorView().getHandler().postDelayed(new Runnable() {
|
|
- @Override public void run() {
|
|
- continueRemoveAction(null);
|
|
}
|
|
- }, 2*1000);
|
|
+ ).show();
|
|
+ } else if (mUninstalling) {
|
|
+ mDPM.uninstallPackageWithActiveAdmins(mDeviceAdmin.getPackageName());
|
|
+ finish();
|
|
+ } else if (!mWaitingForRemoveMsg) {
|
|
+ try {
|
|
+ // Don't allow the admin to put a dialog up in front
|
|
+ // of us while we interact with the user.
|
|
+ ActivityManager.getService().stopAppSwitches();
|
|
+ } catch (RemoteException e) {
|
|
}
|
|
+ mWaitingForRemoveMsg = true;
|
|
+ mDPM.getRemoveWarning(mDeviceAdmin.getComponent(),
|
|
+ new RemoteCallback(new RemoteCallback.OnResultListener() {
|
|
+ @Override
|
|
+ public void onResult(Bundle result) {
|
|
+ CharSequence msg = result != null
|
|
+ ? result.getCharSequence(
|
|
+ DeviceAdminReceiver.EXTRA_DISABLE_WARNING)
|
|
+ : null;
|
|
+ continueRemoveAction(msg);
|
|
+ }
|
|
+ }, mHandler));
|
|
+ // Don't want to wait too long.
|
|
+ getWindow().getDecorView().getHandler().postDelayed(
|
|
+ () -> continueRemoveAction(null), 2 * 1000);
|
|
+ }
|
|
+ };
|
|
+ restrictedAction.setOnKeyListener((view, keyCode, keyEvent) -> {
|
|
+ if ((keyEvent.getFlags() & KeyEvent.FLAG_FROM_SYSTEM) == 0) {
|
|
+ Log.e(TAG, "Can not activate device-admin with KeyEvent from non-system app.");
|
|
+ // Consume event to suppress click.
|
|
+ return true;
|
|
}
|
|
+ // Fallback to view click handler.
|
|
+ return false;
|
|
});
|
|
+ restrictedAction.setOnClickListener(restrictedActionClickListener);
|
|
}
|
|
|
|
/**
|