forked from aosp-mirror/platform_frameworks_base
-
Notifications
You must be signed in to change notification settings - Fork 32
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
November patches #16
Open
OhMyVenyx
wants to merge
42
commits into
NusantaraProject-ROM:12.1
Choose a base branch
from
IDN-Labs:12.1
base: 12.1
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Open
November patches #16
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Move accountname and typeName length check from Account.java to AccountManagerService. Bug: 169762606 Test: atest AccountManagerServiceTest Change-Id: I80fabf3a64c55837db98ff316e7e5420129c001b (cherry picked from commit 0adcadb) (cherry picked from commit c48f540) Merged-In: I80fabf3a64c55837db98ff316e7e5420129c001b
It was shown that given a large phoneAccountHandles that are over 1 mb, a TransactionTooLarge exception can be silently thrown causing an empty list to be returned. In order to prevent this behavior, all Lists that return a PhoneAccountHandle or PhoneAccount have been switched to ParceledListSlice. bug: 236263294 Test: atest android.telecom.cts.PhoneAccountRegistrarTest #testRegisterPhoneAccountHandleWithFieldOverLimit Change-Id: I025245b2a6f8cfaca86f268851a9d8f0817e07dd Merged-In: I025245b2a6f8cfaca86f268851a9d8f0817e07dd (cherry picked from commit d54a48f) Merged-In: I025245b2a6f8cfaca86f268851a9d8f0817e07dd
…when navigateUpTo The new Intent was delivered to a non-exported activity while #navigateUpTo was called from an Activity of a different uid. Bug: 238605611 Test: atest StartActivityTests Change-Id: I854dd825bfd9a2c08851980d480d1f3a177af6cf Merged-In: I854dd825bfd9a2c08851980d480d1f3a177af6cf (cherry picked from commit 89ebc8c) Merged-In: I854dd825bfd9a2c08851980d480d1f3a177af6cf
Bug: 237540408 Test: BuzzBeepBlinkTest#testA11yCrossUserEventNotSent Change-Id: I62a875e26e214847ec72ce3c41b4f2fa8e597e07 (cherry picked from commit a367c0a) Merged-In: I62a875e26e214847ec72ce3c41b4f2fa8e597e07
…rading from pre-Q Test: Manually install app apks targeting Q and verifying that AR permission is not auto-granted Test: atest ActivityRecognitionPermissionTest Bug: 210065877 Change-Id: I5b2f25218fcbb34a940dfa2ff722cc6595732cfa (cherry picked from commit 23aac9c) Merged-In: I5b2f25218fcbb34a940dfa2ff722cc6595732cfa
instead of checking that of the configuration activity, which is potentially spoofable. The package name is verified to be the same app as the caller by NMS. This change removes isSystemRule (called only once) in favor of checking the provided package name directly. Bug: 242537431 Test: ZenModeHelperTest, manual by verifying via provided exploit apk Change-Id: Ic7f350618c26a613df455a4128c9195f4b424a4d (cherry picked from commit 59732d6) Merged-In: Ic7f350618c26a613df455a4128c9195f4b424a4d
This change both prevents any rules from being unable to be written to disk and also avoids risk of running out of memory while handling all the zen rules. Bug: 242703460 Bug: 242703505 Bug: 242703780 Bug: 242704043 Bug: 243794204 Test: cts AutomaticZenRuleTest; atest android.app.AutomaticZenRuleTest; manually confirmed each exploit example either saves the rule successfully with a truncated string (in the case of name & conditionId) or may fail to save the rule at all (if the owner/configactivity is invalid). Additionally ran the memory-exhausting PoC without device crashes. Change-Id: I110172a43f28528dd274b3b346eb29c3796ff2c6 Merged-In: I110172a43f28528dd274b3b346eb29c3796ff2c6 (cherry picked from commit de172ba) (cherry picked from commit 19bc2c3) Merged-In: I110172a43f28528dd274b3b346eb29c3796ff2c6
Previously were unable to add new zen rules because rules added via the settings pages were getting registered under package "com.android.settings", which then were not considered "system rules". These rules should have package android, so when we can trust the caller (via checking that the caller is system) we should be taking the package name from the owner of the rule. Bug: 245236706 Bug: 242537431 Test: NMSTest; manual Change-Id: Id69b671592396ac3304862dadbe73de328a8e27a Merged-In: Id69b671592396ac3304862dadbe73de328a8e27a (cherry picked from commit 7824556) Merged-In: Id69b671592396ac3304862dadbe73de328a8e27a
Bug: 211029161 Bug: 210118427 Test: atest android.content.cts.ContextWrapperTest#testSendBroadcastRequireNoneOfPermissions_receiverHasExcludedPermissions Merged-In: Ib4fafe2423c7ded1daf1b763f8103601c0e2c852 Change-Id: Ib4fafe2423c7ded1daf1b763f8103601c0e2c852 (cherry picked from commit 0eee4fa) Merged-In: Ib4fafe2423c7ded1daf1b763f8103601c0e2c852
This reverts commit bfb1cd5. Reason for revert: regression if multiple crop system crop handlers are present Change-Id: I570c736ffbd55891bcb2e08110ee4111c5e88d59 Merged-In: Idf1ab60878d619ee30505d71e8afe31d8b0c0ebe (cherry picked from commit 3cfba99) Merged-In: I570c736ffbd55891bcb2e08110ee4111c5e88d59
This addresses a security issue where the guest user can remove updates for system apps. With this CL, attempts to uninstall/downgrade system apps will fail if attempted by a non-admin user, unless the DELETE_SYSTEM_APP flag is specified. This is a fixed version of ag/17408864, to address b/236578018. Bug: 170646036 Test: manual, try uninstalling system app update as guest Merged-In: I4e959e296cca9bbdfc8fccc5e5e0e654ca524165 Change-Id: I6ecfef50294c9000a6ce539bdec6f372c872a40b (cherry picked from commit fbfa268) Merged-In: I6ecfef50294c9000a6ce539bdec6f372c872a40b
Test: android.app.NotificationChannelGroupTest Test: android.app.NotificationChannelTest Test: cts NotificationChannelTest Test: cts NotificationChannelGroupTest Bug: 241764350 Bug: 241764340 Bug: 241764135 Bug: 242702935 Bug: 242703118 Bug: 242703202 Bug: 242702851 Bug: 242703217 Bug: 242703556 Change-Id: I0925583ab54d6c81c415859618f6b907ab7baada (cherry picked from commit 3850857) (cherry picked from commit b664159) Merged-In: I0925583ab54d6c81c415859618f6b907ab7baada
Bug: 243849844 Test: m sts; sts-tradefed run sts-dynamic-develop -m CtsAccessibilityTestCases Change-Id: I4f93e06d1066085bd64e8f09882de2f4a72a0633 (cherry picked from commit 2bc4d49) Merged-In: I4f93e06d1066085bd64e8f09882de2f4a72a0633
BUG: 242996180 Test: adb shell pm uninstall --user 0 com.google.android.apps.work.oobconfig Test: Verified with the command above. Before this CL, the package can be deleted. After this CL, the deletion will fail. Change-Id: Iba408e536b340ea5d66ab499442c0c4f828fa36f (cherry picked from commit 15f85c7) Merged-In: Iba408e536b340ea5d66ab499442c0c4f828fa36f (cherry picked from commit dba7ceb) Merged-In: Iba408e536b340ea5d66ab499442c0c4f828fa36f
This app-generated input needs to not be too long to avoid errors in the process of writing to disk. Bug: 242846316 Test: cts ConditionTest; atest ConditionTest; manually verified exploit apk is OK Change-Id: Ic2fa8f06cc7a4c1f262115764fbd1be2a226b4b9 Merged-In: Ic2fa8f06cc7a4c1f262115764fbd1be2a226b4b9 (cherry picked from commit 81352c3) (cherry picked from commit 7059638) Merged-In: Ic2fa8f06cc7a4c1f262115764fbd1be2a226b4b9
Test: NotificationChannelGroupTest Test: view notification settings for an app that doesn't use groups Fixes: 244574602 Bug: 241764350 Bug: 241764340 Bug: 241764135 Bug: 242702935 Bug: 242703118 Bug: 242703202 Bug: 242702851 Bug: 242703217 Bug: 242703556 Change-Id: I9c681106f6d645e62b0e44903d40aa523fee0e95 (cherry picked from commit 6f02c07) Merged-In: I9c681106f6d645e62b0e44903d40aa523fee0e95 (cherry picked from commit e51c402) Merged-In: I9c681106f6d645e62b0e44903d40aa523fee0e95
…arenting is applied Any malicious application could hijack tasks by android:allowTaskReparenting. This vulnerability can perform UI spoofing or spying on user’s activities. This CL only allows activities to be reparent while android:allowTaskReparenting is applied and the affinity of activity is same with the target task. Bug: 240663194 Test: atest IntentTests Change-Id: I73abb9ec05af95bc14f887ae825a9ada9600f771 (cherry picked from commit 7af50c4) Merged-In: I73abb9ec05af95bc14f887ae825a9ada9600f771
This will prevent bouncer interactions from showing up in screenrecords or screenshots. Fixes: 215005011 Test: atest NotificationShadeWindowControllerImpl && take screenshot with bouncer up Change-Id: I3f59df865dc2dd13d4b9ac54bb2dacb7b23f0aa1 Merged-In: I3f59df865dc2dd13d4b9ac54bb2dacb7b23f0aa1 (cherry picked from commit 6888543) (cherry picked from commit 18ddad1) Merged-In: I3f59df865dc2dd13d4b9ac54bb2dacb7b23f0aa1
This adds mitigations to prevent system files being exfiltrated via the settings content provider when a content URI is provided as a chosen user image. The mitigations are: 1) Copy the image to a new URI rather than the existing takePictureUri prior to cropping. 2) Only allow a system handler to respond to the CROP intent. This is a fixed version of ag/17071224, to address b/239513606. Bug: 187702830 Test: build and check functionality Change-Id: Ie352d07bbcfc7e0b0a1db1dbe3fd43085e0ecbb6 Merged-In: Idf1ab60878d619ee30505d71e8afe31d8b0c0ebe (cherry picked from commit 1b48ca6) Merged-In: Ie352d07bbcfc7e0b0a1db1dbe3fd43085e0ecbb6
After an app publishes a shortcut that contains malformed intent, the system can be stuck in boot-loop due to uncaught exception caused by parsing the malformed intent. This CL ignores that particular malformed entry. Since shortcuts are constantly writes back into the xml from system memory, the malformed entry will be removed from the xml the next time system persists shortcuts from memory to file system. Bug: 246540168 Change-Id: Ibbfd0891eabdce72f76571798382fe949d8f453d Test: manual (cherry picked from commit 36338a3) Merged-In: Ibbfd0891eabdce72f76571798382fe949d8f453d
…dSetting Do not update invalid component enabled settings to prevent the malicious apps from exhausting system server memory. Bug: 240936919 Test: atest android.security.cts.PackageManagerTest Change-Id: I08165337895e89f13a2b9fcce1201cba9ad13d7d (cherry picked from commit 2447359) Merged-In: I08165337895e89f13a2b9fcce1201cba9ad13d7d
For many years, Parcel mismatch typed exploits has been using the AccoungManagerService's passing of KEY_INTENT workflow, as a foothold of launching arbitrary intents. We are adding an extra check on the service side to simulate the final deserialization of the KEY_INTENT value, to make sure the client side won't get a mismatched KEY_INTENT value. Bug: 250588548 Bug: 240138294 Test: atest CtsAccountManagerTestCases Test: local test, also see b/250588548 Change-Id: I433e34f6e21ce15c89825044a15b1dec46bb25cc (cherry picked from commit eb9a056) Merged-In: I433e34f6e21ce15c89825044a15b1dec46bb25cc
This adds validation that the package name passed to setApplicationRestrictions is in the correct format. This will avoid an issue where a path could be entered resulting in a file being written to an unexpected place. Bug: 239701237 Test: atest UserManagerServiceTest Change-Id: I1ab2b7228470f10ec26fe3a608ae540cfc9e9a96 (cherry picked from commit 31a5824) Merged-In: I1ab2b7228470f10ec26fe3a608ae540cfc9e9a96 (cherry picked from commit cfcfe6c) (cherry picked from commit 91a821d2e4d80558cf39a6d728213d3df0826908) Merged-In: I1ab2b7228470f10ec26fe3a608ae540cfc9e9a96
Limit character length of MIME types to 255. If this length is exceeded then a IllegalArugmentException is thrown. The number of MIME types that can be set is also limited to 500 per MIME group with the number of total MIME Groups also limited to 500. A IllegalStateException is thrown if this number is exceeded. Bug: 237291548 Test: Installed and ran POC app from b/237291548 Change-Id: I1d57e674f778cfacdc89225ac3273c432a39af63 Merged-In: I1d57e674f778cfacdc89225ac3273c432a39af63 (cherry picked from commit 3ae3406) Merged-In: I1d57e674f778cfacdc89225ac3273c432a39af63
Previous logic would exit the loop after removing the first service matching the uninstalled package. Bug: 243378132 Test: atest AccessibilityEndToEndTest Test: m sts; sts-tradefed run sts-dynamic-develop -m \ CtsAccessibilityServiceTestCases Change-Id: I4ba30345d8600674ee8a9ea3ff411aecbf3655a3 (cherry picked from commit e1f343a) Merged-In: I4ba30345d8600674ee8a9ea3ff411aecbf3655a3
This change only applies to S branches and earlier. Bug: 253085433 Bug: 242703460 Bug: 242703505 Bug: 242703780 Bug: 242704043 Bug: 243794204 Test: AutomaticZenRuleTest Change-Id: Iae423d93b777df8946ecf1c3baf640fcf74990ec Merged-In: Iae423d93b777df8946ecf1c3baf640fcf74990ec (cherry picked from commit 7533d04) Merged-In: Iae423d93b777df8946ecf1c3baf640fcf74990ec
…efore settings are updated Previously, a setting is updated before the memory usage limit check, which can be exploited by malicious apps and cause OoM DoS. This CL changes the logic to checkMemLimit -> update -> updateMemUsage. BUG: 239415861 Test: atest com.android.providers.settings.SettingsStateTest (cherry picked from commit 8eeb929) Merged-In: I20551a2dba9aa79efa0c064824f349f551c2c2e4 Change-Id: I20551a2dba9aa79efa0c064824f349f551c2c2e4 (cherry picked from commit 966b597) Merged-In: I20551a2dba9aa79efa0c064824f349f551c2c2e4
- This was fixed in T in ag/16820166, but the original code was submitted in S. This ensures that the caller of this method is either holding the ACCESS_SHORTCUTS permission or is the default launcher. Bug: 229256049 Test: atest WMShellUnitTests Change-Id: Ib233ad754a6c6e3c4e0d0e10ed788ab8e055cccc Merged-In: Ib233ad754a6c6e3c4e0d0e10ed788ab8e055cccc (cherry picked from commit f4ed441) (cherry picked from commit b319280) Merged-In: Ib233ad754a6c6e3c4e0d0e10ed788ab8e055cccc
Bug: 242537498 Test: manual Change-Id: I15343e84c1802d6b89249106263319a6539fa73b (cherry picked from commit 1d86c8b) Merged-In: I15343e84c1802d6b89249106263319a6539fa73b
…ttings Prior to targetSdk 22, apps could add random system settings keys which opens an opportunity for OOM attacks. This CL adds a key size limit. BUG: 239415997 Test: manual; will add cts test Merged-In: Ic9e88c0cc3d7206c64ba5b5c7d15b50d1ffc9adc Change-Id: Ic9e88c0cc3d7206c64ba5b5c7d15b50d1ffc9adc (cherry picked from commit 783bcba) (cherry picked from commit 0123e87) Merged-In: Ic9e88c0cc3d7206c64ba5b5c7d15b50d1ffc9adc
…ilege The activity info could be from another uid which is different from the app that hosts the task. The information should be trimmed if the caller app doesn't have the privilege. Bug: 243130512 Test: verified locally Test: atest RecentTasksTest Change-Id: Ia343ac70e5bb9aeae718fca6674e1ca491a14512 Merged-In: Ia343ac70e5bb9aeae718fca6674e1ca491a14512 (cherry picked from commit fa8d636) Merged-In: Ia343ac70e5bb9aeae718fca6674e1ca491a14512
Bug: 221040577 Test: atest PermissionTest23#testPre23AppsWithSystemAlertWindowGetDeniedOnUpgrade Change-Id: I4b4605aaae107875811070dea6d031c5d9f25c96 (cherry picked from commit 5e80fcf) Merged-In: I4b4605aaae107875811070dea6d031c5d9f25c96
…DeviceConnection is closed. Bug: 204584366 Test: CTS Verifier: USB Accessory Test & USB Device Test Test: No HWASan use-after-free reports with a test app Change-Id: Ia3a9b10349efc0236b1539c81465f479cb32e02b (cherry picked from commit 1691b54) Merged-In: Ia3a9b10349efc0236b1539c81465f479cb32e02b
Moves the fixUris call from onTargetSelected directly to the intent launch to ensure the intent which is actually started is updated with userId specific URIs. This is a backport of ag/19657256 and ag/20063949. Bug:242165528 Bug:244876518 Bug:242605257 Test: manually share image from personal profile to work gmail, first with chat target then backing up and selecting the main target Test: manually share image from work Photos app to personal WhatsApp's frequent contact target. Change-Id: Id815984e691bf962e19e30a54f7247d16060b3b8 Merged-In: Id815984e691bf962e19e30a54f7247d16060b3b8 Merged-In: Ib41c8a3c46afcc2d62a4c1a924212bcd98bcfbe4 Merged-In: Iabf5dcf2612fe718f2f0886e2e5e9b76f37af1e1 (cherry picked from commit f50ced5) Merged-In: Id815984e691bf962e19e30a54f7247d16060b3b8
- Originally added in ag/5139951, this method ensured that activities launched from widgets are always started in a new task (if the activity is launched in the home task, the task is not brough forward with the recents transition). We can restrict this to only recents callers since this only applies to 1p launchers in gesture nav (both the gesture with 3p launchers and button nav in general will always start the home intent directly, which makes adding the NEW_TASK flag unnecessary). Bug: 243794108 Test: Ensure that the original bug b/112508020 still works (with the test app in the bug, swipe up still works after launching an activity from the widget, and fails without applying the override flags) Change-Id: Id53c6a2aa6da5933d488ca06a0bfc4ef89a4c343 (cherry picked from commit c4d3106) Merged-In: Id53c6a2aa6da5933d488ca06a0bfc4ef89a4c343
Signed-off-by: Rahmad Adi Pratama <[email protected]>
OhMyVenyx
force-pushed
the
12.1
branch
2 times, most recently
from
January 19, 2023 21:19
7fa74c6
to
02a4ef7
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.