Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

October/November/December 2024 ASBs for crDroid 9 #1200

Open
wants to merge 12 commits into
base: 13.0
Choose a base branch
from
Open

October/November/December 2024 ASBs for crDroid 9 #1200

wants to merge 12 commits into from
+389 −112

Conversation

Lost-Entrepreneur439
Copy link
Member

No description provided.

Miranda Kephart and others added 12 commits January 7, 2025 18:15
@Lost-Entrepreneur439
Block clipboard UI when device is locked
e16cab3 
In some situations (see bug for details) it's possible to enter the
clipboard even while the device is locked, and from there access the
provided intents. Users should not be able to access intents from this
state; this change adds an additional check before showing the interactive UI.

The behavior is identical to what we do when user setup is not complete
(b/251778420): we show a toast to note that content has been copied, but no interactive UI.

Interactive UI is only blocked when device is locked (i.e. requiring pin
entry/password/biometric/etc), not if the keyguard is up but trivially
dismissable.

Bug: 317048495
Test: atest ClipboardListenerTest; verification using steps in linked
bug as well as forcing text content to appear client-side, to verify
that even if text content is received in the ClipboardListener, no
interactive UI appears.

(cherry picked from commit 2976ca8)
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:b9ffec803b31f1b57756105c9fbfd0cb672fcfde)
Merged-In: I1a48cbe64852dce3fba69915ca11dad8878f66eb
Change-Id: I1a48cbe64852dce3fba69915ca11dad8878f66eb
@pinyaoting @Lost-Entrepreneur439
Properly handle onNullBinding() in appwidget service.
98ee198 
Bug: 340239088
Test: manually verified with the PoC app
Flag: EXEMPT CVE
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:9e1c31ba46178a8cfc68a2dd9984b8223f694c81)
Merged-In: I12fccb572e159a73785aa33a4f5204e094ccd1b7
Change-Id: I12fccb572e159a73785aa33a4f5204e094ccd1b7
@haggertk @Lost-Entrepreneur439
Merge tag 'android-security-13.0.0_r22' into staging/lineage-20.0_and…
fbed306 
…roid-security-13.0.0_r22

Android Security 13.0.0 Release 22 (12199512)

* tag 'android-security-13.0.0_r22':
  [RESTRICT AUTOMERGE] Check whether installerPackageName contains only valid characters
  Prevent Sharing when FRP enforcement is in effect
  Update AccountManagerService checkKeyIntent.
  Fail parseUri if end is missing

Change-Id: Iccd749146efb9d31b6f4caba8817f07038dffe4f
@althafvly @Lost-Entrepreneur439
Revert "BatteryMeterView: Hide icon on battery-less devices"
1f12760 
This reverts commit eece668.

This reverts commit 3948337.

This reverts commit 4d1a869.

This reverts commit c9f788e.

Reason: Still breaking battery powered devices.

Change-Id: Ie7fb6f3fbb77d9a7cff330c32d8eb761beea5c0b
@lineageos-gerrit @Lost-Entrepreneur439
Automatic translation import
8574e51 
Change-Id: Ied023cea1828fe754362c241166412c107d4e818
@lineageos-gerrit @Lost-Entrepreneur439
Automatic translation import
6bdc118 
Change-Id: Ie07318055a213fc8355a9ac8197a0c92c27e6bf2
@haggertk @Lost-Entrepreneur439
Merge tag 'android-security-13.0.0_r23' into staging/lineage-20.0_and…
bb523fe 
…roid-security-13.0.0_r23

Android security 13.0.0 release 23

* tag 'android-security-13.0.0_r23':
  Restrict access to directories
  RESTRICT AUTOMERGE Clear app-provided shortcut icons
  Disallow device admin package and protected packages to be reinstalled as instant.
  Set no data transfer on function switch timeout for accessory mode
  Check more URIs in notifications
  RingtoneManager: allow video ringtone URI
  Remove authenticator data if it was disabled.

Change-Id: I06facb522f9f84cff97eb166ed3ed4f9fc282e1f
@lineageos-gerrit @Lost-Entrepreneur439
Automatic translation import
9844824 
Change-Id: I62f1d9fc7c6e65b8db5425bdfbfe217d74188494
@haggertk @Lost-Entrepreneur439
Merge tag 'android-security-13.0.0_r24' into staging/lineage-20.0_and…
888030e 
…roid-security-13.0.0_r24

Android Security 13.0.0 Release 24 (12496786)

* tag 'android-security-13.0.0_r24':
  Properly handle onNullBinding() in appwidget service.
  Block clipboard UI when device is locked

Conflicts:
	packages/SystemUI/src/com/android/systemui/clipboardoverlay/ClipboardListener.java
	packages/SystemUI/tests/src/com/android/systemui/clipboardoverlay/ClipboardListenerTest.java

Change-Id: I5b6dc92631dfc2d7b02a8ab8958dcb9c7d5ebf90
@Lost-Entrepreneur439
Allow uninstalling DMRH when not used for management
7b029a1 
Bug: 360807442
Test: btest a.d.c.DevicePolicyManagementRoleHolderTest
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:da522df80568c158fe30896f9a571d05556ee51a)
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:085f90a604ac24e45f44301257ae8a12da0054c1)
Merged-In: I023f78cef11fb7e8e9a92e2896cf94c9fcd1113b
Change-Id: I023f78cef11fb7e8e9a92e2896cf94c9fcd1113b
@lineageos-gerrit @Lost-Entrepreneur439
Automatic translation import
037fff1 
Change-Id: I0dc3b22c09cc6de253ca383a36ef255f29b92c6d
@jonathanklee @Lost-Entrepreneur439
Allow spoofing signingInfo for microG Companion/Services
e2fb616 
- Spoof PackageInfo signingInfo + signatures so that
  G suite apps do not complain anymore.

Change-Id: I86f182c9e1d18b0e997803842577a90ef740cfd1
Signed-off-by: althafvly <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
enhancement
Projects
crDroid 9
Status: To Do
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
7 participants
@Lost-Entrepreneur439 @gwolf2u @pinyaoting @haggertk @althafvly @lineageos-gerrit @jonathanklee