Tad 2c17747c82
15.1 March ASB work
Signed-off-by: Tad <tad@spotco.us>
2023-03-22 22:13:31 -04:00

101 lines
4.1 KiB
Diff

From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Tsung-Mao Fang <tmfang@google.com>
Date: Mon, 3 Jan 2022 18:25:04 +0800
Subject: [PATCH] FRP bypass defense in the settings app
Over the last few years, there have been a number of
Factory Reset Protection bypass bugs in the SUW flow.
It's unlikely to defense all points from individual apps.
Therefore, we decide to block some critical pages when
user doesn't complete the SUW flow.
Test: Can't open the certain pages in the suw flow.
Bug: 258422561
Fix: 200746457
Bug: 202975040
Fix: 213091525
Fix: 213090835
Fix: 201561699
Fix: 213090827
Fix: 213090875
Change-Id: Ia18f367109df5af7da0a5acad7702898a459d32e
Merged-In: Ia18f367109df5af7da0a5acad7702898a459d32e
(cherry picked from commit ff5bfb40c8b09ab477efaae6a0199911a0d703dd)
Merged-In: Ia18f367109df5af7da0a5acad7702898a459d32e
---
.../settings/SettingsPreferenceFragment.java | 22 ++++++++++++++++++-
.../system/ResetDashboardFragment.java | 5 +++++
2 files changed, 26 insertions(+), 1 deletion(-)
diff --git a/src/com/android/settings/SettingsPreferenceFragment.java b/src/com/android/settings/SettingsPreferenceFragment.java
index a3d26af8eb..6653dd0ba9 100644
--- a/src/com/android/settings/SettingsPreferenceFragment.java
+++ b/src/com/android/settings/SettingsPreferenceFragment.java
@@ -49,6 +49,7 @@ import com.android.settings.applications.LayoutPreference;
import com.android.settings.core.InstrumentedPreferenceFragment;
import com.android.settings.core.instrumentation.Instrumentable;
import com.android.settings.core.instrumentation.InstrumentedDialogFragment;
+import com.android.settings.Utils;
import com.android.settings.widget.LoadingViewController;
import com.android.settingslib.CustomDialogPreference;
import com.android.settingslib.CustomEditTextPreference;
@@ -69,7 +70,7 @@ public abstract class SettingsPreferenceFragment extends InstrumentedPreferenceF
**/
public static final String HELP_URI_RESOURCE_KEY = "help_uri_resource";
- private static final String TAG = "SettingsPreference";
+ private static final String TAG = "SettingsPreferenceFragment";
@VisibleForTesting
static final int DELAY_HIGHLIGHT_DURATION_MILLIS = 600;
@@ -141,6 +142,15 @@ public abstract class SettingsPreferenceFragment extends InstrumentedPreferenceF
@VisibleForTesting
public boolean mPreferenceHighlighted = false;
+ @Override
+ public void onAttach(Context context) {
+ if (shouldSkipForInitialSUW() && !Utils.isDeviceProvisioned(getContext())) {
+ Log.w(TAG, "Skip " + getClass().getSimpleName() + " before SUW completed.");
+ finish();
+ }
+ super.onAttach(context);
+ }
+
@Override
public void onCreate(Bundle icicle) {
super.onCreate(icicle);
@@ -281,6 +291,16 @@ public abstract class SettingsPreferenceFragment extends InstrumentedPreferenceF
}
}
+ /**
+ * Whether UI should be skipped in the initial SUW flow.
+ *
+ * @return {@code true} when UI should be skipped in the initial SUW flow.
+ * {@code false} when UI should not be skipped in the initial SUW flow.
+ */
+ protected boolean shouldSkipForInitialSUW() {
+ return false;
+ }
+
protected void onDataSetChanged() {
highlightPreferenceIfNeeded();
updateEmptyView();
diff --git a/src/com/android/settings/system/ResetDashboardFragment.java b/src/com/android/settings/system/ResetDashboardFragment.java
index 48295a42e1..add340f230 100644
--- a/src/com/android/settings/system/ResetDashboardFragment.java
+++ b/src/com/android/settings/system/ResetDashboardFragment.java
@@ -56,6 +56,11 @@ public class ResetDashboardFragment extends DashboardFragment {
return buildPreferenceControllers(context, getLifecycle());
}
+ @Override
+ protected boolean shouldSkipForInitialSUW() {
+ return true;
+ }
+
private static List<AbstractPreferenceController> buildPreferenceControllers(Context context,
Lifecycle lifecycle) {
final List<AbstractPreferenceController> controllers = new ArrayList<>();