Compare commits
8 commits
Author | SHA1 | Date | |
---|---|---|---|
Peter Cai | f63374e53c | ||
Peter Cai | ec7870219a | ||
Peter Cai | 43a3af91c0 | ||
Peter Cai | 2bcc86538e | ||
Peter Cai | 4207e6af29 | ||
Peter Cai | 22526128c0 | ||
Peter Cai | 8c4bc15e8f | ||
Peter Cai | c1d481b27d |
|
@ -1,7 +1,7 @@
|
|||
From ffc51e7cf3896389a5e015ea1774d59bb200d806 Mon Sep 17 00:00:00 2001
|
||||
From 8100be359a6806e589c0b8846e34daac00a450ed Mon Sep 17 00:00:00 2001
|
||||
From: Peter Cai <peter@typeblog.net>
|
||||
Date: Tue, 19 Oct 2021 21:16:55 -0400
|
||||
Subject: [PATCH] APM: Restore R and Q behavior respectively for telephony
|
||||
Subject: [PATCH 1/2] APM: Restore R and Q behavior respectively for telephony
|
||||
audio
|
||||
|
||||
This conditionally reverts part of 51c9cc (S) and afd4ce (R) when the
|
||||
|
@ -34,7 +34,7 @@ Change-Id: I56d36d2aef4319935cb88a3e4771b23c6d5b2145
|
|||
2 files changed, 28 insertions(+), 4 deletions(-)
|
||||
|
||||
diff --git a/services/audiopolicy/managerdefault/AudioPolicyManager.cpp b/services/audiopolicy/managerdefault/AudioPolicyManager.cpp
|
||||
index cc2d8e8cf4..8defaad32c 100644
|
||||
index e334532ebc..5a15e235e0 100644
|
||||
--- a/services/audiopolicy/managerdefault/AudioPolicyManager.cpp
|
||||
+++ b/services/audiopolicy/managerdefault/AudioPolicyManager.cpp
|
||||
@@ -601,6 +601,11 @@ status_t AudioPolicyManager::updateCallRoutingInternal(
|
||||
|
@ -90,10 +90,10 @@ index cc2d8e8cf4..8defaad32c 100644
|
|||
// on other HW module, SinkMetaData of telephony input should handle it
|
||||
// assuming the device uses audio HAL V5.0 and above
|
||||
diff --git a/services/audiopolicy/managerdefault/AudioPolicyManager.h b/services/audiopolicy/managerdefault/AudioPolicyManager.h
|
||||
index 98f96d1951..e8b19091d5 100644
|
||||
index 967aa10441..a1e875f559 100644
|
||||
--- a/services/audiopolicy/managerdefault/AudioPolicyManager.h
|
||||
+++ b/services/audiopolicy/managerdefault/AudioPolicyManager.h
|
||||
@@ -827,6 +827,7 @@ protected:
|
||||
@@ -839,6 +839,7 @@ protected:
|
||||
SoundTriggerSessionCollection mSoundTriggerSessions;
|
||||
|
||||
sp<AudioPatch> mCallTxPatch;
|
||||
|
@ -102,5 +102,5 @@ index 98f96d1951..e8b19091d5 100644
|
|||
HwAudioOutputCollection mHwOutputs;
|
||||
SourceClientCollection mAudioSources;
|
||||
--
|
||||
2.33.1
|
||||
2.36.1
|
||||
|
||||
|
|
|
@ -0,0 +1,62 @@
|
|||
From 899e3cf94287d412a5a00274749575973075cd87 Mon Sep 17 00:00:00 2001
|
||||
From: Peter Cai <peter@typeblog.net>
|
||||
Date: Wed, 1 Jun 2022 16:56:46 -0400
|
||||
Subject: [PATCH 2/2] camera: Implement property to override default camera
|
||||
|
||||
Complement to the frameworks/base patch.
|
||||
|
||||
Change-Id: I002bfa974bafc2cc01365eeea31c7a5dcb5a2028
|
||||
---
|
||||
.../common/CameraProviderManager.cpp | 22 +++++++++++++++++++
|
||||
1 file changed, 22 insertions(+)
|
||||
|
||||
diff --git a/services/camera/libcameraservice/common/CameraProviderManager.cpp b/services/camera/libcameraservice/common/CameraProviderManager.cpp
|
||||
index 2f74df9770..d1326b6047 100644
|
||||
--- a/services/camera/libcameraservice/common/CameraProviderManager.cpp
|
||||
+++ b/services/camera/libcameraservice/common/CameraProviderManager.cpp
|
||||
@@ -33,6 +33,7 @@
|
||||
#include <functional>
|
||||
#include <camera_metadata_hidden.h>
|
||||
#include <android-base/parseint.h>
|
||||
+#include <android-base/properties.h>
|
||||
#include <android-base/logging.h>
|
||||
#include <cutils/properties.h>
|
||||
#include <hwbinder/IPCThreadState.h>
|
||||
@@ -142,6 +143,15 @@ std::vector<std::string> CameraProviderManager::getCameraDeviceIds() const {
|
||||
deviceIds.push_back(id);
|
||||
}
|
||||
}
|
||||
+
|
||||
+ int32_t altPrimaryCamera = property_get_int32("persist.sys.alt_primary_camera", 0);
|
||||
+
|
||||
+ if (altPrimaryCamera != 0 && deviceIds.size() > (size_t) altPrimaryCamera) {
|
||||
+ const std::string origPrimary = deviceIds[0];
|
||||
+ deviceIds[0] = deviceIds[altPrimaryCamera];
|
||||
+ deviceIds[altPrimaryCamera] = origPrimary;
|
||||
+ }
|
||||
+
|
||||
return deviceIds;
|
||||
}
|
||||
|
||||
@@ -208,6 +218,18 @@ std::vector<std::string> CameraProviderManager::getAPI1CompatibleCameraDeviceIds
|
||||
std::sort(systemDeviceIds.begin(), systemDeviceIds.end(), sortFunc);
|
||||
deviceIds.insert(deviceIds.end(), publicDeviceIds.begin(), publicDeviceIds.end());
|
||||
deviceIds.insert(deviceIds.end(), systemDeviceIds.begin(), systemDeviceIds.end());
|
||||
+
|
||||
+ // Default camera ID hack should match with android.hardware.camera2.CameraManager.sortCameraIds
|
||||
+ // Note that the alt primary camera may not be available here due to filterLogicalCameraIdsLocked()
|
||||
+ // in which case we will just ignore it.
|
||||
+ int altPrimaryCameraId = base::GetIntProperty("persist.sys.alt_primary_camera", -1);
|
||||
+
|
||||
+ if (altPrimaryCameraId > 0 && altPrimaryCameraId < (int) deviceIds.size()) {
|
||||
+ std::string origPrimary = deviceIds[0];
|
||||
+ deviceIds[0] = deviceIds[altPrimaryCameraId];
|
||||
+ deviceIds[altPrimaryCameraId] = origPrimary;
|
||||
+ }
|
||||
+
|
||||
return deviceIds;
|
||||
}
|
||||
|
||||
--
|
||||
2.36.1
|
||||
|
|
@ -1,7 +1,7 @@
|
|||
From 70f7d35dda51036f04d31d507e4c30ee0a033ec5 Mon Sep 17 00:00:00 2001
|
||||
From a26d483d257bdb33553f43719cdad0b392fc6ea4 Mon Sep 17 00:00:00 2001
|
||||
From: Peter Cai <peter@typeblog.net>
|
||||
Date: Tue, 12 Oct 2021 21:37:22 -0400
|
||||
Subject: [PATCH 1/2] PackageParser: support glob matching for properties
|
||||
Subject: [PATCH 1/5] PackageParser: support glob matching for properties
|
||||
|
||||
Needed to make phh's vendor overlays work
|
||||
---
|
||||
|
@ -9,10 +9,10 @@ Needed to make phh's vendor overlays work
|
|||
1 file changed, 10 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/core/java/android/content/pm/PackageParser.java b/core/java/android/content/pm/PackageParser.java
|
||||
index bbb0b8e30938..45ebe8e1aaaf 100644
|
||||
index 80058d31245c..0ea286c1591a 100644
|
||||
--- a/core/java/android/content/pm/PackageParser.java
|
||||
+++ b/core/java/android/content/pm/PackageParser.java
|
||||
@@ -2500,8 +2500,16 @@ public class PackageParser {
|
||||
@@ -2504,8 +2504,16 @@ public class PackageParser {
|
||||
for (int i = 0; i < propNames.length; i++) {
|
||||
// Check property value: make sure it is both set and equal to expected value
|
||||
final String currValue = SystemProperties.get(propNames[i]);
|
||||
|
@ -32,5 +32,5 @@ index bbb0b8e30938..45ebe8e1aaaf 100644
|
|||
}
|
||||
return true;
|
||||
--
|
||||
2.33.1
|
||||
2.36.1
|
||||
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
From 214f184c91b39047046f5cc14af7541e5fb1b458 Mon Sep 17 00:00:00 2001
|
||||
From 4182ca99bed1bed96178c382a75d4f747f206b1e Mon Sep 17 00:00:00 2001
|
||||
From: Danny Lin <danny@kdrag0n.dev>
|
||||
Date: Sat, 7 Nov 2020 23:47:30 -0800
|
||||
Subject: [PATCH 2/2] core: Use real security patch level property
|
||||
Subject: [PATCH 2/5] core: Use real security patch level property
|
||||
|
||||
The standard platform security patch level property may not reflect the
|
||||
real patch level due to SafetyNet hacks, so we need to check the custom
|
||||
|
@ -14,7 +14,7 @@ Change-Id: I18f8b6812335f132a935e0cfc04523cf693d1101
|
|||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/core/java/android/os/Build.java b/core/java/android/os/Build.java
|
||||
index 95bcdf42f739..49ced75734d0 100755
|
||||
index f0fab3f64113..449336dd53ab 100755
|
||||
--- a/core/java/android/os/Build.java
|
||||
+++ b/core/java/android/os/Build.java
|
||||
@@ -306,7 +306,7 @@ public class Build {
|
||||
|
@ -27,5 +27,5 @@ index 95bcdf42f739..49ced75734d0 100755
|
|||
/**
|
||||
* The media performance class of the device or 0 if none.
|
||||
--
|
||||
2.33.1
|
||||
2.36.1
|
||||
|
||||
|
|
|
@ -0,0 +1,59 @@
|
|||
From b2c3942e6eb0f899039f6be96f87b7b0727b41d3 Mon Sep 17 00:00:00 2001
|
||||
From: Peter Cai <peter@typeblog.net>
|
||||
Date: Wed, 1 Jun 2022 16:56:20 -0400
|
||||
Subject: [PATCH 3/5] Implement a persistent property to override the default
|
||||
primary camera (0)
|
||||
|
||||
Change-Id: I49b45d00bf71d7932591b3516d49a680e1b6568b
|
||||
---
|
||||
core/java/android/hardware/Camera.java | 6 ++++++
|
||||
core/java/android/hardware/camera2/CameraManager.java | 9 +++++++++
|
||||
2 files changed, 15 insertions(+)
|
||||
|
||||
diff --git a/core/java/android/hardware/Camera.java b/core/java/android/hardware/Camera.java
|
||||
index 3bdd39f5d7d7..fff46f20342b 100644
|
||||
--- a/core/java/android/hardware/Camera.java
|
||||
+++ b/core/java/android/hardware/Camera.java
|
||||
@@ -45,6 +45,7 @@ import android.os.Message;
|
||||
import android.os.Process;
|
||||
import android.os.RemoteException;
|
||||
import android.os.ServiceManager;
|
||||
+import android.os.SystemProperties;
|
||||
import android.renderscript.Allocation;
|
||||
import android.renderscript.Element;
|
||||
import android.renderscript.RSIllegalArgumentException;
|
||||
@@ -408,6 +409,11 @@ public class Camera {
|
||||
* @see #open(int)
|
||||
*/
|
||||
public static Camera open() {
|
||||
+ int altPrimaryCamera = SystemProperties.getInt("persist.sys.alt_primary_camera", -1);
|
||||
+ if (altPrimaryCamera > 0) {
|
||||
+ return new Camera(altPrimaryCamera);
|
||||
+ }
|
||||
+
|
||||
int numberOfCameras = getNumberOfCameras();
|
||||
CameraInfo cameraInfo = new CameraInfo();
|
||||
for (int i = 0; i < numberOfCameras; i++) {
|
||||
diff --git a/core/java/android/hardware/camera2/CameraManager.java b/core/java/android/hardware/camera2/CameraManager.java
|
||||
index b7c5644df107..72b4b8e7799a 100644
|
||||
--- a/core/java/android/hardware/camera2/CameraManager.java
|
||||
+++ b/core/java/android/hardware/camera2/CameraManager.java
|
||||
@@ -1595,6 +1595,15 @@ public final class CameraManager {
|
||||
}
|
||||
}});
|
||||
|
||||
+ // HAXX: Allow overriding default primary camera (assumed to be camera 0) via property
|
||||
+ // Should match with libcameraservice/common/CameraProviderManager.cpp
|
||||
+ int altPrimaryCamera = SystemProperties.getInt("persist.sys.alt_primary_camera", -1);
|
||||
+ if (altPrimaryCamera > 0 && altPrimaryCamera < cameraIds.length) {
|
||||
+ String origPrimary = cameraIds[0];
|
||||
+ cameraIds[0] = cameraIds[altPrimaryCamera];
|
||||
+ cameraIds[altPrimaryCamera] = origPrimary;
|
||||
+ }
|
||||
+
|
||||
}
|
||||
|
||||
public static boolean cameraStatusesContains(CameraStatus[] cameraStatuses, String id) {
|
||||
--
|
||||
2.36.1
|
||||
|
|
@ -0,0 +1,273 @@
|
|||
From 6da03d0eadcabe836e71d2d88d7d2d057ba9efa4 Mon Sep 17 00:00:00 2001
|
||||
From: dhacker29 <dhackerdvm@gmail.com>
|
||||
Date: Tue, 24 Nov 2015 01:53:47 -0500
|
||||
Subject: [PATCH 4/5] fw/b: Use ro.build.version.incremental to signal OTA
|
||||
upgrades
|
||||
|
||||
Squash of:
|
||||
|
||||
Author: dhacker29 <dhackerdvm@gmail.com>
|
||||
Date: Tue Nov 24 01:53:47 2015 -0500
|
||||
Core: Use ro.build.date to signal mIsUpgrade
|
||||
|
||||
M: We use a static fingerprint that is only changed when a new OEM build is released, so
|
||||
every flash shows Android is starting instead of upgrading. This will fix that.
|
||||
N: even though we dont have the dexopt sceen on N, this is still needed to delete the
|
||||
correct caches, and grant/deny specific runtime permissions like a true oem update
|
||||
would do.
|
||||
Updated for Nougat By: BeansTown106
|
||||
|
||||
Change-Id: I0e3ed5c8f0351e48944432ae6a0c5194ddeff1fa
|
||||
|
||||
Author: Sam Mortimer <sam@mortimer.me.uk>
|
||||
Date: Fri Sep 28 13:45:00 2018 -0700
|
||||
fw/b UserManagerService: Use ro.build.date to signal upgrades
|
||||
|
||||
*) We changed PackageManagerService to use Build.DATE instead of
|
||||
Build.FINGERPRINT to detect upgrade. Do the same for
|
||||
UserManagerService.
|
||||
*) Affects generation of preboot intent and app data migration.
|
||||
|
||||
Change-Id: I56887b7ca842afdcf3cf84b27b4c04667cf43307
|
||||
|
||||
Author: Wang Han <416810799@qq.com>
|
||||
Date: Sat Dec 29 23:33:20 2018 +0800
|
||||
ShortcutService: Use ro.build.date to signal package scanning
|
||||
|
||||
* Affects system apps scanning.
|
||||
|
||||
Change-Id: I5f6d6647929f5b5ae7e820b18e95bf5ed2ec8d1c
|
||||
|
||||
Author: maxwen <max.weninger@gmail.com>
|
||||
Date: Tue Nov 19 01:02:01 2019 +0100
|
||||
base: Use ro.build.date to clear cache dirs on update
|
||||
|
||||
instead of using ro.build.fingerprint we explictly need to use ro.build.date
|
||||
|
||||
Change-Id: Ib3e80e58eb8c9a21c108e9f5cd2dbdb7ada8e3a4
|
||||
|
||||
Author: maxwen <max.weninger@gmail.com>
|
||||
Date: Wed Oct 28 07:07:10 2020 -0400
|
||||
One more Build.FINGERPRINT to Build.DATE change
|
||||
|
||||
Change-Id: I13dbf3d7f6587d3fcd6591cc0f861b34b6d5561c
|
||||
|
||||
Change-Id: If0eb969ba509981f9209ffa37a949d9042ef4c2a
|
||||
---
|
||||
.../android/app/admin/SystemUpdateInfo.java | 4 ++--
|
||||
.../com/android/server/am/UserController.java | 2 +-
|
||||
.../server/pm/PackageManagerService.java | 24 ++++++++++---------
|
||||
.../java/com/android/server/pm/Settings.java | 6 ++---
|
||||
.../android/server/pm/ShortcutService.java | 2 +-
|
||||
.../android/server/pm/UserManagerService.java | 10 ++++----
|
||||
6 files changed, 26 insertions(+), 22 deletions(-)
|
||||
|
||||
diff --git a/core/java/android/app/admin/SystemUpdateInfo.java b/core/java/android/app/admin/SystemUpdateInfo.java
|
||||
index b88bf76c96ca..fdf2b3f54311 100644
|
||||
--- a/core/java/android/app/admin/SystemUpdateInfo.java
|
||||
+++ b/core/java/android/app/admin/SystemUpdateInfo.java
|
||||
@@ -132,7 +132,7 @@ public final class SystemUpdateInfo implements Parcelable {
|
||||
out.startTag(null, tag);
|
||||
out.attributeLong(null, ATTR_RECEIVED_TIME, mReceivedTime);
|
||||
out.attributeInt(null, ATTR_SECURITY_PATCH_STATE, mSecurityPatchState);
|
||||
- out.attribute(null, ATTR_ORIGINAL_BUILD , Build.FINGERPRINT);
|
||||
+ out.attribute(null, ATTR_ORIGINAL_BUILD , Build.VERSION.INCREMENTAL);
|
||||
out.endTag(null, tag);
|
||||
}
|
||||
|
||||
@@ -141,7 +141,7 @@ public final class SystemUpdateInfo implements Parcelable {
|
||||
public static SystemUpdateInfo readFromXml(TypedXmlPullParser parser) {
|
||||
// If an OTA has been applied (build fingerprint has changed), discard stale info.
|
||||
final String buildFingerprint = parser.getAttributeValue(null, ATTR_ORIGINAL_BUILD );
|
||||
- if (!Build.FINGERPRINT.equals(buildFingerprint)) {
|
||||
+ if (!Build.VERSION.INCREMENTAL.equals(buildFingerprint)) {
|
||||
return null;
|
||||
}
|
||||
try {
|
||||
diff --git a/services/core/java/com/android/server/am/UserController.java b/services/core/java/com/android/server/am/UserController.java
|
||||
index b28b1a66cd97..4187a1387f02 100644
|
||||
--- a/services/core/java/com/android/server/am/UserController.java
|
||||
+++ b/services/core/java/com/android/server/am/UserController.java
|
||||
@@ -711,7 +711,7 @@ class UserController implements Handler.Callback {
|
||||
// purposefully block sending BOOT_COMPLETED until after all
|
||||
// PRE_BOOT receivers are finished to avoid ANR'ing apps
|
||||
final UserInfo info = getUserInfo(userId);
|
||||
- if (!Objects.equals(info.lastLoggedInFingerprint, Build.FINGERPRINT)
|
||||
+ if (!Objects.equals(info.lastLoggedInFingerprint, Build.VERSION.INCREMENTAL)
|
||||
|| SystemProperties.getBoolean("persist.pm.mock-upgrade", false)) {
|
||||
// Suppress double notifications for managed profiles that
|
||||
// were unlocked automatically as part of their parent user
|
||||
diff --git a/services/core/java/com/android/server/pm/PackageManagerService.java b/services/core/java/com/android/server/pm/PackageManagerService.java
|
||||
index 88435c12f0a7..048987482e65 100644
|
||||
--- a/services/core/java/com/android/server/pm/PackageManagerService.java
|
||||
+++ b/services/core/java/com/android/server/pm/PackageManagerService.java
|
||||
@@ -7126,7 +7126,7 @@ public class PackageManagerService extends IPackageManager.Stub
|
||||
}
|
||||
|
||||
PackageManagerService m = new PackageManagerService(injector, onlyCore, factoryTest,
|
||||
- Build.FINGERPRINT, Build.IS_ENG, Build.IS_USERDEBUG, Build.VERSION.SDK_INT,
|
||||
+ Build.VERSION.INCREMENTAL, Build.IS_ENG, Build.IS_USERDEBUG, Build.VERSION.SDK_INT,
|
||||
Build.VERSION.INCREMENTAL);
|
||||
t.traceEnd(); // "create package manager"
|
||||
|
||||
@@ -7616,7 +7616,7 @@ public class PackageManagerService extends IPackageManager.Stub
|
||||
!buildFingerprint.equals(ver.fingerprint);
|
||||
if (mIsUpgrade) {
|
||||
PackageManagerServiceUtils.logCriticalInfo(Log.INFO,
|
||||
- "Upgrading from " + ver.fingerprint + " to " + Build.FINGERPRINT);
|
||||
+ "Upgrading from " + ver.fingerprint + " to " + Build.VERSION.INCREMENTAL);
|
||||
}
|
||||
|
||||
// when upgrading from pre-M, promote system app permissions from install to runtime
|
||||
@@ -8003,8 +8003,9 @@ public class PackageManagerService extends IPackageManager.Stub
|
||||
// allow... it would be nice to have some better way to handle
|
||||
// this situation.
|
||||
if (mIsUpgrade) {
|
||||
- Slog.i(TAG, "Build fingerprint changed from " + ver.fingerprint + " to "
|
||||
- + Build.FINGERPRINT + "; regranting permissions for internal storage");
|
||||
+ Slog.i(TAG, "Build incremental version changed from " + ver.fingerprint + " to "
|
||||
+ + Build.VERSION.INCREMENTAL +
|
||||
+ "; regranting permissions for internal storage");
|
||||
}
|
||||
mPermissionManager.onStorageVolumeMounted(
|
||||
StorageManager.UUID_PRIVATE_INTERNAL, mIsUpgrade);
|
||||
@@ -8087,7 +8088,7 @@ public class PackageManagerService extends IPackageManager.Stub
|
||||
// across OTAs and are used to drive profile verification (post OTA) and
|
||||
// profile compilation (without waiting to collect a fresh set of profiles).
|
||||
if (mIsUpgrade && !mOnlyCore) {
|
||||
- Slog.i(TAG, "Build fingerprint changed; clearing code caches");
|
||||
+ Slog.i(TAG, "Build incremental version changed; clearing code caches");
|
||||
for (int i = 0; i < packageSettings.size(); i++) {
|
||||
final PackageSetting ps = packageSettings.valueAt(i);
|
||||
if (Objects.equals(StorageManager.UUID_PRIVATE_INTERNAL, ps.volumeUuid)) {
|
||||
@@ -8098,7 +8099,7 @@ public class PackageManagerService extends IPackageManager.Stub
|
||||
| Installer.FLAG_CLEAR_APP_DATA_KEEP_ART_PROFILES);
|
||||
}
|
||||
}
|
||||
- ver.fingerprint = Build.FINGERPRINT;
|
||||
+ ver.fingerprint = Build.VERSION.INCREMENTAL;
|
||||
}
|
||||
|
||||
// Legacy existing (installed before Q) non-system apps to hide
|
||||
@@ -8535,7 +8536,7 @@ public class PackageManagerService extends IPackageManager.Stub
|
||||
// identify cached items. In particular, changing the value of certain
|
||||
// feature flags should cause us to invalidate any caches.
|
||||
final String cacheName = FORCE_PACKAGE_PARSED_CACHE_ENABLED ? "debug"
|
||||
- : SystemProperties.digestOf("ro.build.fingerprint");
|
||||
+ : SystemProperties.digestOf("ro.build.version.incremental");
|
||||
|
||||
// Reconcile cache directories, keeping only what we'd actually use.
|
||||
for (File cacheDir : FileUtils.listFilesOrEmpty(cacheBaseDir)) {
|
||||
@@ -25579,7 +25580,7 @@ public class PackageManagerService extends IPackageManager.Stub
|
||||
Slog.w(TAG, "Failed to scan " + ps.getPath() + ": " + e.getMessage());
|
||||
}
|
||||
|
||||
- if (!Build.FINGERPRINT.equals(ver.fingerprint)) {
|
||||
+ if (!Build.VERSION.INCREMENTAL.equals(ver.fingerprint)) {
|
||||
clearAppDataLIF(ps.pkg, UserHandle.USER_ALL, FLAG_STORAGE_DE | FLAG_STORAGE_CE
|
||||
| FLAG_STORAGE_EXTERNAL | Installer.FLAG_CLEAR_CODE_CACHE_ONLY
|
||||
| Installer.FLAG_CLEAR_APP_DATA_KEEP_ART_PROFILES);
|
||||
@@ -25614,10 +25615,11 @@ public class PackageManagerService extends IPackageManager.Stub
|
||||
}
|
||||
|
||||
synchronized (mLock) {
|
||||
- final boolean isUpgrade = !Build.FINGERPRINT.equals(ver.fingerprint);
|
||||
+ final boolean isUpgrade = !Build.VERSION.INCREMENTAL.equals(ver.fingerprint);
|
||||
if (isUpgrade) {
|
||||
- logCriticalInfo(Log.INFO, "Build fingerprint changed from " + ver.fingerprint
|
||||
- + " to " + Build.FINGERPRINT + "; regranting permissions for "
|
||||
+ logCriticalInfo(Log.INFO, "Build incremental version changed from "
|
||||
+ + ver.fingerprint
|
||||
+ + " to " + Build.VERSION.INCREMENTAL + "; regranting permissions for "
|
||||
+ volumeUuid);
|
||||
}
|
||||
mPermissionManager.onStorageVolumeMounted(volumeUuid, isUpgrade);
|
||||
diff --git a/services/core/java/com/android/server/pm/Settings.java b/services/core/java/com/android/server/pm/Settings.java
|
||||
index 26aebbc1ea93..3bf3e1a1e3a3 100644
|
||||
--- a/services/core/java/com/android/server/pm/Settings.java
|
||||
+++ b/services/core/java/com/android/server/pm/Settings.java
|
||||
@@ -433,7 +433,7 @@ public final class Settings implements Watchable, Snappable {
|
||||
public void forceCurrent() {
|
||||
sdkVersion = Build.VERSION.SDK_INT;
|
||||
databaseVersion = CURRENT_DATABASE_VERSION;
|
||||
- fingerprint = Build.FINGERPRINT;
|
||||
+ fingerprint = Build.VERSION.INCREMENTAL;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -2972,7 +2972,7 @@ public final class Settings implements Watchable, Snappable {
|
||||
// on update drop the files before loading them.
|
||||
if (PackageManagerService.CLEAR_RUNTIME_PERMISSIONS_ON_UPGRADE) {
|
||||
final VersionInfo internal = getInternalVersion();
|
||||
- if (!Build.FINGERPRINT.equals(internal.fingerprint)) {
|
||||
+ if (!Build.VERSION.INCREMENTAL.equals(internal.fingerprint)) {
|
||||
for (UserInfo user : users) {
|
||||
mRuntimePermissionsPersistence.deleteUserRuntimePermissionsFile(user.id);
|
||||
}
|
||||
@@ -5346,7 +5346,7 @@ public final class Settings implements Watchable, Snappable {
|
||||
}
|
||||
|
||||
private String getExtendedFingerprint(long version) {
|
||||
- return Build.FINGERPRINT + "?pc_version=" + version;
|
||||
+ return Build.VERSION.INCREMENTAL + "?pc_version=" + version;
|
||||
}
|
||||
|
||||
public void writeStateForUserAsyncLPr(int userId) {
|
||||
diff --git a/services/core/java/com/android/server/pm/ShortcutService.java b/services/core/java/com/android/server/pm/ShortcutService.java
|
||||
index 62d6717e847a..4e9e7a026a90 100644
|
||||
--- a/services/core/java/com/android/server/pm/ShortcutService.java
|
||||
+++ b/services/core/java/com/android/server/pm/ShortcutService.java
|
||||
@@ -5240,7 +5240,7 @@ public class ShortcutService extends IShortcutService.Stub {
|
||||
|
||||
// Injection point.
|
||||
String injectBuildFingerprint() {
|
||||
- return Build.FINGERPRINT;
|
||||
+ return Build.VERSION.INCREMENTAL;
|
||||
}
|
||||
|
||||
final void wtf(String message) {
|
||||
diff --git a/services/core/java/com/android/server/pm/UserManagerService.java b/services/core/java/com/android/server/pm/UserManagerService.java
|
||||
index 6d8137e74061..826370006dca 100644
|
||||
--- a/services/core/java/com/android/server/pm/UserManagerService.java
|
||||
+++ b/services/core/java/com/android/server/pm/UserManagerService.java
|
||||
@@ -3657,7 +3657,7 @@ public class UserManagerService extends IUserManager.Stub {
|
||||
userInfo.creationTime = getCreationTime();
|
||||
userInfo.partial = true;
|
||||
userInfo.preCreated = preCreate;
|
||||
- userInfo.lastLoggedInFingerprint = Build.FINGERPRINT;
|
||||
+ userInfo.lastLoggedInFingerprint = Build.VERSION.INCREMENTAL;
|
||||
if (userTypeDetails.hasBadge() && parentId != UserHandle.USER_NULL) {
|
||||
userInfo.profileBadge = getFreeProfileBadgeLU(parentId, userType);
|
||||
}
|
||||
@@ -4785,7 +4785,8 @@ public class UserManagerService extends IUserManager.Stub {
|
||||
t.traceBegin("onBeforeStartUser-" + userId);
|
||||
final int userSerial = userInfo.serialNumber;
|
||||
// Migrate only if build fingerprints mismatch
|
||||
- boolean migrateAppsData = !Build.FINGERPRINT.equals(userInfo.lastLoggedInFingerprint);
|
||||
+ boolean migrateAppsData =
|
||||
+ !Build.VERSION.INCREMENTAL.equals(userInfo.lastLoggedInFingerprint);
|
||||
t.traceBegin("prepareUserData");
|
||||
mUserDataPreparer.prepareUserData(userId, userSerial, StorageManager.FLAG_STORAGE_DE);
|
||||
t.traceEnd();
|
||||
@@ -4814,7 +4815,8 @@ public class UserManagerService extends IUserManager.Stub {
|
||||
}
|
||||
final int userSerial = userInfo.serialNumber;
|
||||
// Migrate only if build fingerprints mismatch
|
||||
- boolean migrateAppsData = !Build.FINGERPRINT.equals(userInfo.lastLoggedInFingerprint);
|
||||
+ boolean migrateAppsData =
|
||||
+ !Build.VERSION.INCREMENTAL.equals(userInfo.lastLoggedInFingerprint);
|
||||
mUserDataPreparer.prepareUserData(userId, userSerial, StorageManager.FLAG_STORAGE_CE);
|
||||
|
||||
StorageManagerInternal smInternal = LocalServices.getService(StorageManagerInternal.class);
|
||||
@@ -4851,7 +4853,7 @@ public class UserManagerService extends IUserManager.Stub {
|
||||
if (now > EPOCH_PLUS_30_YEARS) {
|
||||
userData.info.lastLoggedInTime = now;
|
||||
}
|
||||
- userData.info.lastLoggedInFingerprint = Build.FINGERPRINT;
|
||||
+ userData.info.lastLoggedInFingerprint = Build.VERSION.INCREMENTAL;
|
||||
scheduleWriteUser(userData);
|
||||
}
|
||||
|
||||
--
|
||||
2.36.1
|
||||
|
|
@ -0,0 +1,116 @@
|
|||
From 9ae7ba267da4f6bf098bc3dd1ea0edc6aea59894 Mon Sep 17 00:00:00 2001
|
||||
From: Peter Cai <peter@typeblog.net>
|
||||
Date: Sun, 12 Jun 2022 13:17:38 -0400
|
||||
Subject: [PATCH 5/5] ShortcutPackage: Acquire the service's lock before
|
||||
reporting usage
|
||||
|
||||
When `ShortcutPackage.pushDynamicShortcut()` is called from
|
||||
`ShortcutService.pushDynamicShortcut()`, the lock
|
||||
`ShortcutService.mLock` is acquired. However, the final
|
||||
`injectPostToHandler()` call drops this lock before calling
|
||||
`awaitInAppSearch()`.
|
||||
|
||||
The `awaitInAppSearch()` method assumes that it is called while being
|
||||
guarded by the `ShortcutService` lock. When called without acquiring the
|
||||
lock, it will end up acquiring `ShortcutPackage.mLock` first, then
|
||||
acquiring `ShortcutService.mLock` anyway due to various calls into
|
||||
`ShortcutService` methods. This creates an opportunity for a dead lock
|
||||
to happen, since two threads can wait on each other for releasing the
|
||||
other lock they are currently trying to acquire. On one of my
|
||||
development devices, this happens quite regularly:
|
||||
|
||||
> "android.bg" prio=5 tid=22 Blocked
|
||||
> | group="main" sCount=1 ucsCount=0 flags=1 obj=0x16040c48 self=0xb40000709b1a3c00
|
||||
> | sysTid=1515 nice=10 cgrp=default sched=0/0 handle=0x70904ebcb0
|
||||
> | state=S schedstat=( 14737747935 45952650258 46431 ) utm=610 stm=862 core=0 HZ=100
|
||||
> | stack=0x70903e8000-0x70903ea000 stackSize=1039KB
|
||||
> | held mutexes=
|
||||
> at com.android.server.pm.ShortcutService.scheduleSaveInner(ShortcutService.java:1176)
|
||||
> - waiting to lock <0x0a5766e4> (a java.lang.Object) held by thread 122
|
||||
> at com.android.server.pm.ShortcutService.scheduleSaveUser(ShortcutService.java:1166)
|
||||
> at com.android.server.pm.ShortcutService.packageShortcutsChanged(ShortcutService.java:1769)
|
||||
> at com.android.server.pm.ShortcutPackage.rescanPackage(ShortcutPackage.java:1224)
|
||||
> at com.android.server.pm.ShortcutPackage.awaitInAppSearch(ShortcutPackage.java:2627)
|
||||
> - locked <0x00e8774d> (a java.lang.Object)
|
||||
> at com.android.server.pm.ShortcutPackage.awaitInAppSearch(ShortcutPackage.java:2593)
|
||||
> at com.android.server.pm.ShortcutPackage.lambda$pushDynamicShortcut$3$ShortcutPackage(ShortcutPackage.java:452)
|
||||
> at com.android.server.pm.ShortcutPackage$$ExternalSyntheticLambda3.run(unavailable:-1)
|
||||
> at android.os.Handler.handleCallback(Handler.java:938)
|
||||
> at android.os.Handler.dispatchMessage(Handler.java:99)
|
||||
> at android.os.Looper.loopOnce(Looper.java:201)
|
||||
> at android.os.Looper.loop(Looper.java:288)
|
||||
> at android.os.HandlerThread.run(HandlerThread.java:67)
|
||||
|
||||
Meanwhile, in thread 122:
|
||||
|
||||
> "Binder:1489_6" prio=5 tid=122 Blocked
|
||||
> | group="main" sCount=1 ucsCount=0 flags=1 obj=0x16047388 self=0xb400007074947c00
|
||||
> | sysTid=2070 nice=0 cgrp=default sched=0/0 handle=0x70218e4cb0
|
||||
> | state=S schedstat=( 10396689438 3745391103 31237 ) utm=808 stm=231 core=1 HZ=100
|
||||
> | stack=0x70217ed000-0x70217ef000 stackSize=991KB
|
||||
> | held mutexes=
|
||||
> at com.android.server.pm.ShortcutPackage.awaitInAppSearch(ShortcutPackage.java:2605)
|
||||
> - waiting to lock <0x00e8774d> (a java.lang.Object) held by thread 22
|
||||
> at com.android.server.pm.ShortcutPackage.awaitInAppSearch(ShortcutPackage.java:2593)
|
||||
> at com.android.server.pm.ShortcutPackage.forEachShortcutStopWhen(ShortcutPackage.java:2542)
|
||||
> at com.android.server.pm.ShortcutPackage.forEachShortcutStopWhen(ShortcutPackage.java:2524)
|
||||
> at com.android.server.pm.ShortcutPackage.areAllActivitiesStillEnabled(ShortcutPackage.java:1039)
|
||||
> at com.android.server.pm.ShortcutPackage.rescanPackageIfNeeded(ShortcutPackage.java:1096)
|
||||
> at com.android.server.pm.ShortcutUser.rescanPackageIfNeeded(ShortcutUser.java:338)
|
||||
> at com.android.server.pm.ShortcutUser.onCalledByPublisher(ShortcutUser.java:294)
|
||||
> at com.android.server.pm.ShortcutService.getPackageShortcutsForPublisherLocked(ShortcutService.java:1355)
|
||||
> at com.android.server.pm.ShortcutService.lambda$pushDynamicShortcut$9$ShortcutService(ShortcutService.java:2210)
|
||||
> - locked <0x0a5766e4> (a java.lang.Object)
|
||||
> at com.android.server.pm.ShortcutService$$ExternalSyntheticLambda14.run(unavailable:-1)
|
||||
> at com.android.server.pm.ShortcutService.injectPostToHandlerIfAppSearch(ShortcutService.java:1740)
|
||||
> at com.android.server.pm.ShortcutService.pushDynamicShortcut(ShortcutService.java:2200)
|
||||
> at android.content.pm.IShortcutService$Stub.onTransact(IShortcutService.java:715)
|
||||
> at android.os.Binder.execTransactInternal(Binder.java:1201)
|
||||
> at android.os.Binder.execTransact(Binder.java:1164)
|
||||
|
||||
The straightforward fix here seems to be just taking the
|
||||
`ShortcutService` lock before calling `awaitInAppSearch()`. This commit
|
||||
also added a method in `ShortcutService` to facilitate this interaction.
|
||||
|
||||
Test: manual
|
||||
Change-Id: I0f997a02820b1598ca2a4ec25415c03f8f87fc87
|
||||
---
|
||||
.../core/java/com/android/server/pm/ShortcutPackage.java | 2 +-
|
||||
.../core/java/com/android/server/pm/ShortcutService.java | 8 ++++++++
|
||||
2 files changed, 9 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/services/core/java/com/android/server/pm/ShortcutPackage.java b/services/core/java/com/android/server/pm/ShortcutPackage.java
|
||||
index b4bd086af272..d4f5a237f250 100644
|
||||
--- a/services/core/java/com/android/server/pm/ShortcutPackage.java
|
||||
+++ b/services/core/java/com/android/server/pm/ShortcutPackage.java
|
||||
@@ -449,7 +449,7 @@ class ShortcutPackage extends ShortcutPackageItem {
|
||||
|
||||
forceReplaceShortcutInner(newShortcut);
|
||||
if (isAppSearchEnabled()) {
|
||||
- mShortcutUser.mService.injectPostToHandler(() -> awaitInAppSearch("reportUsage",
|
||||
+ mShortcutUser.mService.injectPostToHandlerWithLock(() -> awaitInAppSearch("reportUsage",
|
||||
session -> {
|
||||
final AndroidFuture<Boolean> future = new AndroidFuture<>();
|
||||
session.reportUsage(
|
||||
diff --git a/services/core/java/com/android/server/pm/ShortcutService.java b/services/core/java/com/android/server/pm/ShortcutService.java
|
||||
index 4e9e7a026a90..c688943d2838 100644
|
||||
--- a/services/core/java/com/android/server/pm/ShortcutService.java
|
||||
+++ b/services/core/java/com/android/server/pm/ShortcutService.java
|
||||
@@ -1731,6 +1731,14 @@ public class ShortcutService extends IShortcutService.Stub {
|
||||
mHandler.post(r);
|
||||
}
|
||||
|
||||
+ void injectPostToHandlerWithLock(Runnable r) {
|
||||
+ injectPostToHandler(() -> {
|
||||
+ synchronized (mLock) {
|
||||
+ r.run();
|
||||
+ }
|
||||
+ });
|
||||
+ }
|
||||
+
|
||||
void injectRunOnNewThread(Runnable r) {
|
||||
new Thread(r).start();
|
||||
}
|
||||
--
|
||||
2.36.1
|
||||
|
|
@ -1,7 +1,7 @@
|
|||
From 2a6fd2529fa57658fb503f43ffd11bcddd22aacb Mon Sep 17 00:00:00 2001
|
||||
From 6e17845221ec781e003432b96c1d08dc582859f3 Mon Sep 17 00:00:00 2001
|
||||
From: Pierre-Hugues Husson <phh@phh.me>
|
||||
Date: Thu, 7 Oct 2021 15:48:11 -0400
|
||||
Subject: [PATCH 1/2] Stop overriding system properties from vendor
|
||||
Subject: [PATCH 1/4] Stop overriding system properties from vendor
|
||||
|
||||
This is annoying to disable apexes, or force adb
|
||||
|
||||
|
@ -11,7 +11,7 @@ Change-Id: Ifd0072c631349b23945df4ab401ba26eca07131f
|
|||
1 file changed, 1 deletion(-)
|
||||
|
||||
diff --git a/init/property_service.cpp b/init/property_service.cpp
|
||||
index 4805a7b9f..a2b424386 100644
|
||||
index 6711e7d66..6bf0e81bd 100644
|
||||
--- a/init/property_service.cpp
|
||||
+++ b/init/property_service.cpp
|
||||
@@ -725,7 +725,6 @@ static void LoadProperties(char* data, const char* filter, const char* filename,
|
||||
|
@ -23,5 +23,5 @@ index 4805a7b9f..a2b424386 100644
|
|||
} else {
|
||||
LOG(ERROR) << "Do not have permissions to set '" << key << "' to '" << value
|
||||
--
|
||||
2.33.1
|
||||
2.36.0
|
||||
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
From 3dc5868ed984b0ec01e5d3d96ad7a6e6af31f585 Mon Sep 17 00:00:00 2001
|
||||
From 40f60ce5f786f8121aebcb8e1521d2edb5bb7f43 Mon Sep 17 00:00:00 2001
|
||||
From: Isaac Chen <tingyi364@gmail.com>
|
||||
Date: Wed, 23 Jun 2021 13:07:30 +0800
|
||||
Subject: [PATCH 2/2] init: Do not start console service when debuggable
|
||||
Subject: [PATCH 2/4] init: Do not start console service when debuggable
|
||||
|
||||
Google added a check for this in R, when it's running it will show a
|
||||
notification about that performance is impacted.
|
||||
|
@ -13,10 +13,10 @@ Change-Id: I34cfd6b42d3b9aee4b3e63181480cfb8b1255f29
|
|||
1 file changed, 3 deletions(-)
|
||||
|
||||
diff --git a/rootdir/init.rc b/rootdir/init.rc
|
||||
index d38eb5d4a..1680aebcc 100644
|
||||
index c59cbf0cc..d262be761 100644
|
||||
--- a/rootdir/init.rc
|
||||
+++ b/rootdir/init.rc
|
||||
@@ -1217,9 +1217,6 @@ on property:ro.debuggable=1
|
||||
@@ -1235,9 +1235,6 @@ on property:ro.debuggable=1
|
||||
# Give reads to anyone for the accessibility trace folder on debug builds.
|
||||
chmod 0775 /data/misc/a11ytrace
|
||||
|
||||
|
@ -27,5 +27,5 @@ index d38eb5d4a..1680aebcc 100644
|
|||
# TODO(b/135984674): reset all necessary properties here.
|
||||
setprop sys.boot_completed ""
|
||||
--
|
||||
2.33.1
|
||||
2.36.0
|
||||
|
||||
|
|
|
@ -0,0 +1,38 @@
|
|||
From 74faf05b941682bd1930b92ae879c8baba09d6ac Mon Sep 17 00:00:00 2001
|
||||
From: Leo Yan <leo.yan@linaro.org>
|
||||
Date: Fri, 4 Jun 2021 15:19:33 +0100
|
||||
Subject: [PATCH 3/4] remount: Fix failure for system-as-root
|
||||
|
||||
Since commit 5ad7b3cbc5c1 ("Try to remount mounted points only"), the
|
||||
system-as-root cannot be remounted successfully when execute command
|
||||
"adb remount". This is because the mount point "/system" cannot be
|
||||
found and directly bails out with failure.
|
||||
|
||||
Add an extra checking for the mount point "/system" for the
|
||||
system-as-root case, takes it as a found entry; thus the function can
|
||||
continue to run and fix up to remount root.
|
||||
|
||||
Suggested-by: David Anderson <dvander@google.com>
|
||||
Signed-off-by: Leo Yan <leo.yan@linaro.org>
|
||||
Change-Id: Ia936c9d97bed951184813a087c70fe591cb33fe0
|
||||
---
|
||||
fs_mgr/fs_mgr_remount.cpp | 3 ++-
|
||||
1 file changed, 2 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/fs_mgr/fs_mgr_remount.cpp b/fs_mgr/fs_mgr_remount.cpp
|
||||
index e685070a8..5411acacf 100644
|
||||
--- a/fs_mgr/fs_mgr_remount.cpp
|
||||
+++ b/fs_mgr/fs_mgr_remount.cpp
|
||||
@@ -420,7 +420,8 @@ static int do_remount(int argc, char* argv[]) {
|
||||
break;
|
||||
}
|
||||
// Find overlayfs mount point?
|
||||
- if ((mount_point == "/") && (rentry.mount_point == "/system")) {
|
||||
+ if ((mount_point == "/" && rentry.mount_point == "/system") ||
|
||||
+ (mount_point == "/system" && rentry.mount_point == "/")) {
|
||||
blk_device = rentry.blk_device;
|
||||
mount_point = "/system";
|
||||
found = true;
|
||||
--
|
||||
2.36.0
|
||||
|
|
@ -0,0 +1,35 @@
|
|||
From df349dcccc43dc45f4ff0ba8eb10c3f59f4f4f17 Mon Sep 17 00:00:00 2001
|
||||
From: Peter Cai <peter@typeblog.net>
|
||||
Date: Thu, 28 Apr 2022 21:22:30 -0400
|
||||
Subject: [PATCH 4/4] fs_mgr: trigger the use of overlayfs earlier
|
||||
|
||||
At 1%, it's barely useable to do anything at all if remounted rw
|
||||
---
|
||||
fs_mgr/fs_mgr_overlayfs.cpp | 4 ++--
|
||||
1 file changed, 2 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/fs_mgr/fs_mgr_overlayfs.cpp b/fs_mgr/fs_mgr_overlayfs.cpp
|
||||
index 4d32bda80..ec6fef89a 100644
|
||||
--- a/fs_mgr/fs_mgr_overlayfs.cpp
|
||||
+++ b/fs_mgr/fs_mgr_overlayfs.cpp
|
||||
@@ -176,7 +176,7 @@ bool fs_mgr_dir_is_writable(const std::string& path) {
|
||||
return ret | !rmdir(test_directory.c_str());
|
||||
}
|
||||
|
||||
-// At less than 1% or 8MB of free space return value of false,
|
||||
+// At less than 20% or 8MB of free space return value of false,
|
||||
// means we will try to wrap with overlayfs.
|
||||
bool fs_mgr_filesystem_has_space(const std::string& mount_point) {
|
||||
// If we have access issues to find out space remaining, return true
|
||||
@@ -188,7 +188,7 @@ bool fs_mgr_filesystem_has_space(const std::string& mount_point) {
|
||||
return true;
|
||||
}
|
||||
|
||||
- static constexpr int kPercentThreshold = 1; // 1%
|
||||
+ static constexpr int kPercentThreshold = 20; // 20%
|
||||
static constexpr unsigned long kSizeThreshold = 8 * 1024 * 1024; // 8MB
|
||||
|
||||
return (vst.f_bfree >= (vst.f_blocks * kPercentThreshold / 100)) &&
|
||||
--
|
||||
2.36.0
|
||||
|
|
@ -0,0 +1,68 @@
|
|||
From 0c610f5f6935977142a7dbb9dbca4b9b1bc83c55 Mon Sep 17 00:00:00 2001
|
||||
From: Janis Danisevskis <jdanis@google.com>
|
||||
Date: Mon, 20 Dec 2021 13:16:23 -0800
|
||||
Subject: [PATCH] Keystore 2.0: Add CREATION_DATETIME only for Keymint V1 and
|
||||
higher.
|
||||
|
||||
Adding CREATION_DATETIME unconditionally should be accepted by all
|
||||
keymaster implementations. Alas, VTS tests never covered this before
|
||||
Keymint V1 and so there are implementations that fail when the caller
|
||||
presents the tag.
|
||||
|
||||
Test: CtsKeystoreTestCases for regression testing.
|
||||
Bug: 210792876
|
||||
Bug: 204578637
|
||||
Change-Id: I3cf7e8def7a369839844ef1b3628f477d8fe6b53
|
||||
---
|
||||
keystore2/src/security_level.rs | 33 ++++++++++++++++++---------------
|
||||
1 file changed, 18 insertions(+), 15 deletions(-)
|
||||
|
||||
diff --git a/keystore2/src/security_level.rs b/keystore2/src/security_level.rs
|
||||
index 1b2e3485..0f4c0f7d 100644
|
||||
--- a/keystore2/src/security_level.rs
|
||||
+++ b/keystore2/src/security_level.rs
|
||||
@@ -405,23 +405,26 @@ impl KeystoreSecurityLevel {
|
||||
);
|
||||
}
|
||||
|
||||
- result.push(KeyParameter {
|
||||
- tag: Tag::CREATION_DATETIME,
|
||||
- value: KeyParameterValue::DateTime(
|
||||
- SystemTime::now()
|
||||
- .duration_since(SystemTime::UNIX_EPOCH)
|
||||
- .context(
|
||||
- "In KeystoreSecurityLevel::add_required_parameters: \
|
||||
+ // Add CREATION_DATETIME only if the backend version Keymint V1 (100) or newer.
|
||||
+ if self.hw_info.versionNumber >= 100 {
|
||||
+ result.push(KeyParameter {
|
||||
+ tag: Tag::CREATION_DATETIME,
|
||||
+ value: KeyParameterValue::DateTime(
|
||||
+ SystemTime::now()
|
||||
+ .duration_since(SystemTime::UNIX_EPOCH)
|
||||
+ .context(
|
||||
+ "In KeystoreSecurityLevel::add_required_parameters: \
|
||||
Failed to get epoch time.",
|
||||
- )?
|
||||
- .as_millis()
|
||||
- .try_into()
|
||||
- .context(
|
||||
- "In KeystoreSecurityLevel::add_required_parameters: \
|
||||
+ )?
|
||||
+ .as_millis()
|
||||
+ .try_into()
|
||||
+ .context(
|
||||
+ "In KeystoreSecurityLevel::add_required_parameters: \
|
||||
Failed to convert epoch time.",
|
||||
- )?,
|
||||
- ),
|
||||
- });
|
||||
+ )?,
|
||||
+ ),
|
||||
+ });
|
||||
+ }
|
||||
|
||||
// If there is an attestation challenge we need to get an application id.
|
||||
if params.iter().any(|kp| kp.tag == Tag::ATTESTATION_CHALLENGE) {
|
||||
--
|
||||
2.35.3
|
||||
|
|
@ -1,4 +1,4 @@
|
|||
From d64b74058176dedbe0c7f209956ecb1a9377f079 Mon Sep 17 00:00:00 2001
|
||||
From 2586397a0d9f1d7ade0e9919821a6a194f011475 Mon Sep 17 00:00:00 2001
|
||||
From: Peter Cai <peter@typeblog.net>
|
||||
Date: Wed, 20 Oct 2021 16:01:00 -0400
|
||||
Subject: [PATCH] Protect real SPL property
|
||||
|
@ -6,14 +6,27 @@ Subject: [PATCH] Protect real SPL property
|
|||
Label it with the same SELinux context as the original SPL property.
|
||||
---
|
||||
prebuilts/api/31.0/private/property_contexts | 1 +
|
||||
prebuilts/api/32.0/private/property_contexts | 1 +
|
||||
private/property_contexts | 1 +
|
||||
2 files changed, 2 insertions(+)
|
||||
3 files changed, 3 insertions(+)
|
||||
|
||||
diff --git a/prebuilts/api/31.0/private/property_contexts b/prebuilts/api/31.0/private/property_contexts
|
||||
index 8ac1e7005..b8be6dbf2 100644
|
||||
index 192e55e56..f7aba0c96 100644
|
||||
--- a/prebuilts/api/31.0/private/property_contexts
|
||||
+++ b/prebuilts/api/31.0/private/property_contexts
|
||||
@@ -710,6 +710,7 @@ ro.build.version.release u:object_r:build_prop:s0 exact string
|
||||
@@ -711,6 +711,7 @@ ro.build.version.release u:object_r:build_prop:s0 exact string
|
||||
ro.build.version.release_or_codename u:object_r:build_prop:s0 exact string
|
||||
ro.build.version.sdk u:object_r:build_prop:s0 exact int
|
||||
ro.build.version.security_patch u:object_r:build_prop:s0 exact string
|
||||
+ro.build.version.real_security_patch u:object_r:build_prop:s0 exact string
|
||||
|
||||
ro.actionable_compatible_property.enabled u:object_r:build_prop:s0 exact bool
|
||||
|
||||
diff --git a/prebuilts/api/32.0/private/property_contexts b/prebuilts/api/32.0/private/property_contexts
|
||||
index 1c7151837..709328436 100644
|
||||
--- a/prebuilts/api/32.0/private/property_contexts
|
||||
+++ b/prebuilts/api/32.0/private/property_contexts
|
||||
@@ -716,6 +716,7 @@ ro.build.version.release u:object_r:build_prop:s0 exact string
|
||||
ro.build.version.release_or_codename u:object_r:build_prop:s0 exact string
|
||||
ro.build.version.sdk u:object_r:build_prop:s0 exact int
|
||||
ro.build.version.security_patch u:object_r:build_prop:s0 exact string
|
||||
|
@ -22,10 +35,10 @@ index 8ac1e7005..b8be6dbf2 100644
|
|||
ro.actionable_compatible_property.enabled u:object_r:build_prop:s0 exact bool
|
||||
|
||||
diff --git a/private/property_contexts b/private/property_contexts
|
||||
index 8ac1e7005..b8be6dbf2 100644
|
||||
index 1c7151837..709328436 100644
|
||||
--- a/private/property_contexts
|
||||
+++ b/private/property_contexts
|
||||
@@ -710,6 +710,7 @@ ro.build.version.release u:object_r:build_prop:s0 exact string
|
||||
@@ -716,6 +716,7 @@ ro.build.version.release u:object_r:build_prop:s0 exact string
|
||||
ro.build.version.release_or_codename u:object_r:build_prop:s0 exact string
|
||||
ro.build.version.sdk u:object_r:build_prop:s0 exact int
|
||||
ro.build.version.security_patch u:object_r:build_prop:s0 exact string
|
||||
|
@ -34,5 +47,5 @@ index 8ac1e7005..b8be6dbf2 100644
|
|||
ro.actionable_compatible_property.enabled u:object_r:build_prop:s0 exact bool
|
||||
|
||||
--
|
||||
2.33.1
|
||||
2.36.0
|
||||
|
||||
|
|
|
@ -1,54 +0,0 @@
|
|||
From 6d24663905ec1735eefc4b13b60f09465b28111a Mon Sep 17 00:00:00 2001
|
||||
From: Pierre-Hugues Husson <phh@phh.me>
|
||||
Date: Tue, 5 Oct 2021 16:17:15 -0400
|
||||
Subject: [PATCH] Fallback to non-rollback resistant keys if not available
|
||||
|
||||
Boot on Mediatek devices was broken with:
|
||||
~ Add ROLLBACK_RESISTANCE tag to key usage
|
||||
|
||||
Change-Id: I0ab7103c317c70779dee03dce25ba9c9da1629f4
|
||||
---
|
||||
KeyStorage.cpp | 16 +++++++++++-----
|
||||
1 file changed, 11 insertions(+), 5 deletions(-)
|
||||
|
||||
diff --git a/KeyStorage.cpp b/KeyStorage.cpp
|
||||
index 93c5c29..ef089ad 100644
|
||||
--- a/KeyStorage.cpp
|
||||
+++ b/KeyStorage.cpp
|
||||
@@ -378,12 +378,15 @@ static KeymasterOperation BeginKeymasterOp(Keymaster& keymaster, const std::stri
|
||||
static bool encryptWithKeymasterKey(Keymaster& keymaster, const std::string& dir,
|
||||
const km::AuthorizationSet& keyParams,
|
||||
const KeyBuffer& message, std::string* ciphertext) {
|
||||
- km::AuthorizationSet opParams =
|
||||
+ auto opParams =
|
||||
km::AuthorizationSetBuilder()
|
||||
- .Authorization(km::TAG_ROLLBACK_RESISTANCE)
|
||||
.Authorization(km::TAG_PURPOSE, km::KeyPurpose::ENCRYPT);
|
||||
+ auto opParamsWithRollback = opParams;
|
||||
+ opParamsWithRollback.Authorization(km::TAG_ROLLBACK_RESISTANCE);
|
||||
+
|
||||
km::AuthorizationSet outParams;
|
||||
- auto opHandle = BeginKeymasterOp(keymaster, dir, keyParams, opParams, &outParams);
|
||||
+ auto opHandle = BeginKeymasterOp(keymaster, dir, keyParams, opParamsWithRollback, &outParams);
|
||||
+ if (!opHandle) opHandle = BeginKeymasterOp(keymaster, dir, keyParams, opParams, &outParams);
|
||||
if (!opHandle) return false;
|
||||
auto nonceBlob = outParams.GetTagValue(km::TAG_NONCE);
|
||||
if (!nonceBlob) {
|
||||
@@ -410,9 +413,12 @@ static bool decryptWithKeymasterKey(Keymaster& keymaster, const std::string& dir
|
||||
auto bodyAndMac = ciphertext.substr(GCM_NONCE_BYTES);
|
||||
auto opParams = km::AuthorizationSetBuilder()
|
||||
.Authorization(km::TAG_NONCE, nonce)
|
||||
- .Authorization(km::TAG_ROLLBACK_RESISTANCE)
|
||||
.Authorization(km::TAG_PURPOSE, km::KeyPurpose::DECRYPT);
|
||||
- auto opHandle = BeginKeymasterOp(keymaster, dir, keyParams, opParams, nullptr);
|
||||
+ auto opParamsWithRollback = opParams;
|
||||
+ opParamsWithRollback.Authorization(km::TAG_ROLLBACK_RESISTANCE);
|
||||
+
|
||||
+ auto opHandle = BeginKeymasterOp(keymaster, dir, keyParams, opParamsWithRollback, nullptr);
|
||||
+ if (!opHandle) opHandle = BeginKeymasterOp(keymaster, dir, keyParams, opParams, nullptr);
|
||||
if (!opHandle) return false;
|
||||
if (!opHandle.updateCompletely(bodyAndMac, message)) return false;
|
||||
if (!opHandle.finish(nullptr)) return false;
|
||||
--
|
||||
2.33.0
|
||||
|
Loading…
Reference in a new issue