Compare commits
No commits in common. "3f7132d419501712107cdb8dff3e8ffed14fa79f" and "4765d3bfd83f1868fe84961068c81a1dbc222f03" have entirely different histories.
3f7132d419
...
4765d3bfd8
4 changed files with 2 additions and 222 deletions
|
|
@ -1,7 +1,7 @@
|
|||
From 0f7b66cc9930141f645569f354e901bef5ae384b Mon Sep 17 00:00:00 2001
|
||||
From: Peter Cai <peter@typeblog.net>
|
||||
Date: Tue, 12 Oct 2021 21:37:22 -0400
|
||||
Subject: [PATCH 1/3] PackageParser: support glob matching for properties
|
||||
Subject: [PATCH 1/2] PackageParser: support glob matching for properties
|
||||
|
||||
Needed to make phh's vendor overlays work
|
||||
---
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
From 381aa92ab038fc6c0157c5b9396218e80ed3ae65 Mon Sep 17 00:00:00 2001
|
||||
From: dhacker29 <dhackerdvm@gmail.com>
|
||||
Date: Tue, 24 Nov 2015 01:53:47 -0500
|
||||
Subject: [PATCH 2/3] fw/b: Use ro.build.version.incremental to signal OTA
|
||||
Subject: [PATCH 2/2] fw/b: Use ro.build.version.incremental to signal OTA
|
||||
upgrades
|
||||
|
||||
[PeterCxy]: On T, there is a new class PackagePartitions that is
|
||||
|
|
|
|||
|
|
@ -1,163 +0,0 @@
|
|||
From effc76211ce9b665c4f9418d86d2b1a8aa67d42b Mon Sep 17 00:00:00 2001
|
||||
From: Danny Lin <danny@kdrag0n.dev>
|
||||
Date: Sat, 16 Oct 2021 05:27:57 -0700
|
||||
Subject: [PATCH 3/3] Add support for app signature spoofing
|
||||
|
||||
This is needed by microG GmsCore to pretend to be the official Google
|
||||
Play Services package, because client apps check the package signature
|
||||
to make sure it matches Google's official certificate.
|
||||
|
||||
This was forward-ported from the Android 10 patch by gudenau:
|
||||
https://github.com/microg/android_packages_apps_GmsCore/pull/957
|
||||
|
||||
Changes made for Android 11:
|
||||
- Updated PackageInfo calls
|
||||
- Added new permission to public API surface, needed for
|
||||
PermissionController which is now an updatable APEX on 11
|
||||
- Added a dummy permission group to allow users to manage the
|
||||
permission through the PermissionController UI
|
||||
(by Vachounet <vachounet@live.fr>)
|
||||
- Updated location provider comment for conciseness
|
||||
|
||||
Changes made for Android 12:
|
||||
- Moved mayFakeSignature into lock-free Computer subclass
|
||||
- Always get permissions for packages that request signature spoofing
|
||||
(otherwise permissions are usually ommitted and thus the permission
|
||||
check doesn't work properly)
|
||||
- Optimize mayFakeSignature check order to improve performance
|
||||
|
||||
Changes made for Android 13:
|
||||
- Computer subclass is now an independent class.
|
||||
|
||||
Change-Id: Ied7d6ce0b83a2d2345c3abba0429998d86494a88
|
||||
---
|
||||
core/api/current.txt | 2 ++
|
||||
core/res/AndroidManifest.xml | 15 ++++++++++
|
||||
core/res/res/values/strings.xml | 12 ++++++++
|
||||
.../com/android/server/pm/ComputerEngine.java | 30 +++++++++++++++++--
|
||||
4 files changed, 56 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/core/api/current.txt b/core/api/current.txt
|
||||
index c8a43db2f9c2..277183036c60 100644
|
||||
--- a/core/api/current.txt
|
||||
+++ b/core/api/current.txt
|
||||
@@ -87,6 +87,7 @@ package android {
|
||||
field public static final String DUMP = "android.permission.DUMP";
|
||||
field public static final String EXPAND_STATUS_BAR = "android.permission.EXPAND_STATUS_BAR";
|
||||
field public static final String FACTORY_TEST = "android.permission.FACTORY_TEST";
|
||||
+ field public static final String FAKE_PACKAGE_SIGNATURE = "android.permission.FAKE_PACKAGE_SIGNATURE";
|
||||
field public static final String FOREGROUND_SERVICE = "android.permission.FOREGROUND_SERVICE";
|
||||
field public static final String GET_ACCOUNTS = "android.permission.GET_ACCOUNTS";
|
||||
field public static final String GET_ACCOUNTS_PRIVILEGED = "android.permission.GET_ACCOUNTS_PRIVILEGED";
|
||||
@@ -222,6 +223,7 @@ package android {
|
||||
field public static final String CALL_LOG = "android.permission-group.CALL_LOG";
|
||||
field public static final String CAMERA = "android.permission-group.CAMERA";
|
||||
field public static final String CONTACTS = "android.permission-group.CONTACTS";
|
||||
+ field public static final String FAKE_PACKAGE = "android.permission-group.FAKE_PACKAGE";
|
||||
field public static final String LOCATION = "android.permission-group.LOCATION";
|
||||
field public static final String MICROPHONE = "android.permission-group.MICROPHONE";
|
||||
field public static final String NEARBY_DEVICES = "android.permission-group.NEARBY_DEVICES";
|
||||
diff --git a/core/res/AndroidManifest.xml b/core/res/AndroidManifest.xml
|
||||
index 7439b2f0921f..eadcac3af765 100644
|
||||
--- a/core/res/AndroidManifest.xml
|
||||
+++ b/core/res/AndroidManifest.xml
|
||||
@@ -3534,6 +3534,21 @@
|
||||
android:description="@string/permdesc_getPackageSize"
|
||||
android:protectionLevel="normal" />
|
||||
|
||||
+ <!-- Dummy user-facing group for faking package signature -->
|
||||
+ <permission-group android:name="android.permission-group.FAKE_PACKAGE"
|
||||
+ android:label="@string/permgrouplab_fake_package_signature"
|
||||
+ android:description="@string/permgroupdesc_fake_package_signature"
|
||||
+ android:request="@string/permgrouprequest_fake_package_signature"
|
||||
+ android:priority="100" />
|
||||
+
|
||||
+ <!-- Allows an application to change the package signature as
|
||||
+ seen by applications -->
|
||||
+ <permission android:name="android.permission.FAKE_PACKAGE_SIGNATURE"
|
||||
+ android:permissionGroup="android.permission-group.UNDEFINED"
|
||||
+ android:protectionLevel="signature|privileged"
|
||||
+ android:label="@string/permlab_fakePackageSignature"
|
||||
+ android:description="@string/permdesc_fakePackageSignature" />
|
||||
+
|
||||
<!-- @deprecated No longer useful, see
|
||||
{@link android.content.pm.PackageManager#addPackageToPreferred}
|
||||
for details. -->
|
||||
diff --git a/core/res/res/values/strings.xml b/core/res/res/values/strings.xml
|
||||
index e5d90f00f327..7ac26e536f2a 100644
|
||||
--- a/core/res/res/values/strings.xml
|
||||
+++ b/core/res/res/values/strings.xml
|
||||
@@ -974,6 +974,18 @@
|
||||
|
||||
<!-- Permissions -->
|
||||
|
||||
+ <!-- Title of an application permission, listed so the user can choose whether they want to allow the application to do this. -->
|
||||
+ <string name="permlab_fakePackageSignature">Spoof package signature</string>
|
||||
+ <!-- Description of an application permission, listed so the user can choose whether they want to allow the application to do this. -->
|
||||
+ <string name="permdesc_fakePackageSignature">Allows the app to pretend to be a different app. Malicious applications might be able to use this to access private application data. Legitimate uses include an emulator pretending to be what it emulates. Grant this permission with caution only!</string>
|
||||
+ <!-- Title of a category of application permissions, listed so the user can choose whether they want to allow the application to do this. -->
|
||||
+ <string name="permgrouplab_fake_package_signature">Spoof package signature</string>
|
||||
+ <!-- Description of a category of application permissions, listed so the user can choose whether they want to allow the application to do this. -->
|
||||
+ <string name="permgroupdesc_fake_package_signature">allow to spoof package signature</string>
|
||||
+ <!-- Message shown to the user when the apps requests permission from this group. If ever possible this should stay below 80 characters (assuming the parameters takes 20 characters). Don't abbreviate until the message reaches 120 characters though. [CHAR LIMIT=120] -->
|
||||
+ <string name="permgrouprequest_fake_package_signature">Allow
|
||||
+ <b><xliff:g id="app_name" example="Gmail">%1$s</xliff:g></b> to spoof package signature?</string>
|
||||
+
|
||||
<!-- Title of an application permission, listed so the user can choose whether they want to allow the application to do this. -->
|
||||
<string name="permlab_statusBar">disable or modify status bar</string>
|
||||
<!-- Description of an application permission, listed so the user can choose whether they want to allow the application to do this. -->
|
||||
diff --git a/services/core/java/com/android/server/pm/ComputerEngine.java b/services/core/java/com/android/server/pm/ComputerEngine.java
|
||||
index 259ca655d2b9..674b22e28a83 100644
|
||||
--- a/services/core/java/com/android/server/pm/ComputerEngine.java
|
||||
+++ b/services/core/java/com/android/server/pm/ComputerEngine.java
|
||||
@@ -1591,6 +1591,29 @@ public class ComputerEngine implements Computer {
|
||||
return result;
|
||||
}
|
||||
|
||||
+ private boolean requestsFakeSignature(AndroidPackage p) {
|
||||
+ return p.getMetaData() != null &&
|
||||
+ p.getMetaData().getString("fake-signature") != null;
|
||||
+ }
|
||||
+
|
||||
+ private PackageInfo mayFakeSignature(AndroidPackage p, PackageInfo pi,
|
||||
+ Set<String> permissions) {
|
||||
+ try {
|
||||
+ if (p.getMetaData() != null &&
|
||||
+ p.getTargetSdkVersion() > Build.VERSION_CODES.LOLLIPOP_MR1) {
|
||||
+ String sig = p.getMetaData().getString("fake-signature");
|
||||
+ if (sig != null &&
|
||||
+ permissions.contains("android.permission.FAKE_PACKAGE_SIGNATURE")) {
|
||||
+ pi.signatures = new Signature[] {new Signature(sig)};
|
||||
+ }
|
||||
+ }
|
||||
+ } catch (Throwable t) {
|
||||
+ // We should never die because of any failures, this is system code!
|
||||
+ Log.w("PackageManagerService.FAKE_PACKAGE_SIGNATURE", t);
|
||||
+ }
|
||||
+ return pi;
|
||||
+ }
|
||||
+
|
||||
public final PackageInfo generatePackageInfo(PackageStateInternal ps,
|
||||
@PackageManager.PackageInfoFlagsBits long flags, int userId) {
|
||||
if (!mUserManager.exists(userId)) return null;
|
||||
@@ -1620,13 +1643,14 @@ public class ComputerEngine implements Computer {
|
||||
final int[] gids = (flags & PackageManager.GET_GIDS) == 0 ? EMPTY_INT_ARRAY
|
||||
: mPermissionManager.getGidsForUid(UserHandle.getUid(userId, ps.getAppId()));
|
||||
// Compute granted permissions only if package has requested permissions
|
||||
- final Set<String> permissions = ((flags & PackageManager.GET_PERMISSIONS) == 0
|
||||
+ final Set<String> permissions = (((flags & PackageManager.GET_PERMISSIONS) == 0
|
||||
+ && !requestsFakeSignature(p))
|
||||
|| ArrayUtils.isEmpty(p.getRequestedPermissions())) ? Collections.emptySet()
|
||||
: mPermissionManager.getGrantedPermissions(ps.getPackageName(), userId);
|
||||
|
||||
- PackageInfo packageInfo = PackageInfoUtils.generate(p, gids, flags,
|
||||
+ PackageInfo packageInfo = mayFakeSignature(p, PackageInfoUtils.generate(p, gids, flags,
|
||||
state.getFirstInstallTime(), ps.getLastUpdateTime(), permissions, state, userId,
|
||||
- ps);
|
||||
+ ps), permissions);
|
||||
|
||||
if (packageInfo == null) {
|
||||
return null;
|
||||
--
|
||||
2.37.2
|
||||
|
||||
|
|
@ -1,57 +0,0 @@
|
|||
From a1d10cb31ae386c01a66c8bf0a028b8f33e5bd32 Mon Sep 17 00:00:00 2001
|
||||
From: "tzu-hsien.huang" <tzu-hsien.huang@mediatek.com>
|
||||
Date: Wed, 20 Jul 2022 15:12:01 +0800
|
||||
Subject: [PATCH] Additionally check le_set_event_mask command resturn status
|
||||
with UNSUPPORTED_LMP_OR_LL_PARAMETER
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=UTF-8
|
||||
Content-Transfer-Encoding: 8bit
|
||||
|
||||
In GD BT stack, stack will check each return status of HCI Commands. E.g. reset , le_set_event_mask, set_event_mask …etc.
|
||||
In BT spec 5.2, SIG add some parameters for le_set_event_mask for le audio, like LE Terminate BIG Complete event: Supported.
|
||||
However, some legacy chips do not support LE Audio feature, and controller will return Status: Unsupported LMP Parameter Value when it receives this HCI Command
|
||||
When it checks the return value and find the status is not SUCCESS, it will cause FAIL and cannot be compatible with old legacy chip.
|
||||
After brushing GSI, Bluetooth will turn off automatically when it is turned on.
|
||||
So all CTS test will always fail.
|
||||
|
||||
Check le_set_event_mask command return status with SUCCESS or UNSUPPORTED_LMP_OR_LL_PARAMETER
|
||||
|
||||
Bug: 239662211
|
||||
Test: CtsBluetoothTestCases
|
||||
Change-Id: I2b0cede7f47eecd2124a386e958773289eb6f11c
|
||||
---
|
||||
system/gd/hci/controller.cc | 11 ++++++++++-
|
||||
1 file changed, 10 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/system/gd/hci/controller.cc b/system/gd/hci/controller.cc
|
||||
index da5986fcb7..8be21a20a3 100644
|
||||
--- a/system/gd/hci/controller.cc
|
||||
+++ b/system/gd/hci/controller.cc
|
||||
@@ -540,7 +540,7 @@ struct Controller::impl {
|
||||
void le_set_event_mask(uint64_t le_event_mask) {
|
||||
std::unique_ptr<LeSetEventMaskBuilder> packet = LeSetEventMaskBuilder::Create(le_event_mask);
|
||||
hci_->EnqueueCommand(std::move(packet), module_.GetHandler()->BindOnceOn(
|
||||
- this, &Controller::impl::check_status<LeSetEventMaskCompleteView>));
|
||||
+ this, &Controller::impl::check_event_mask_status<LeSetEventMaskCompleteView>));
|
||||
}
|
||||
|
||||
template <class T>
|
||||
@@ -551,6 +551,15 @@ struct Controller::impl {
|
||||
ASSERT(status_view.GetStatus() == ErrorCode::SUCCESS);
|
||||
}
|
||||
|
||||
+ template <class T>
|
||||
+ void check_event_mask_status(CommandCompleteView view) {
|
||||
+ ASSERT(view.IsValid());
|
||||
+ auto status_view = T::Create(view);
|
||||
+ ASSERT(status_view.IsValid());
|
||||
+ ASSERT(status_view.GetStatus() == ErrorCode::SUCCESS ||
|
||||
+ status_view.GetStatus() == ErrorCode::UNSUPPORTED_LMP_OR_LL_PARAMETER);
|
||||
+ }
|
||||
+
|
||||
#define OP_CODE_MAPPING(name) \
|
||||
case OpCode::name: { \
|
||||
uint16_t index = (uint16_t)OpCodeIndex::name; \
|
||||
--
|
||||
2.37.2
|
||||
|
||||
Loading…
Add table
Reference in a new issue