From 1951d27669b1e8eab96f4082cb00cb1d030602ec Mon Sep 17 00:00:00 2001 From: Chris Manton Date: Tue, 10 Nov 2020 16:45:44 -0800 Subject: [PATCH 1/3] Add bluetooth package to permission request intent Limit the component that may resolve this intent to the bluetooth package. Bug: 158219161 Test: Security Fix Tag: #security Change-Id: If732f940a7aa256f5975349118e8eb6cf5584676 --- .../android/settings/bluetooth/BluetoothPermissionRequest.java | 1 + 1 file changed, 1 insertion(+) diff --git a/src/com/android/settings/bluetooth/BluetoothPermissionRequest.java b/src/com/android/settings/bluetooth/BluetoothPermissionRequest.java index 85c5e45ec00..ce6f07832cc 100644 --- a/src/com/android/settings/bluetooth/BluetoothPermissionRequest.java +++ b/src/com/android/settings/bluetooth/BluetoothPermissionRequest.java @@ -131,6 +131,7 @@ public final class BluetoothPermissionRequest extends BroadcastReceiver { // "Clear All Notifications" button Intent deleteIntent = new Intent(BluetoothDevice.ACTION_CONNECTION_ACCESS_REPLY); + deleteIntent.setPackage("com.android.bluetooth"); deleteIntent.putExtra(BluetoothDevice.EXTRA_DEVICE, mDevice); deleteIntent.putExtra(BluetoothDevice.EXTRA_CONNECTION_ACCESS_RESULT, BluetoothDevice.CONNECTION_ACCESS_NO); From 4f7edf692f4e8a10521379aaae8c1d52ab275d72 Mon Sep 17 00:00:00 2001 From: Jakub Pawlowski Date: Thu, 19 Nov 2020 13:31:08 +0100 Subject: [PATCH 2/3] Prevent overlay drawing on top of Bluetooth activity dialog Bug: 168504491 Change-Id: I04ebe580db2b299af2bd5e44e0b0f20bd42f8535 --- .../settings/bluetooth/BluetoothPermissionActivity.java | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/com/android/settings/bluetooth/BluetoothPermissionActivity.java b/src/com/android/settings/bluetooth/BluetoothPermissionActivity.java index 4dd9a4042ef..be383dc02ba 100644 --- a/src/com/android/settings/bluetooth/BluetoothPermissionActivity.java +++ b/src/com/android/settings/bluetooth/BluetoothPermissionActivity.java @@ -34,6 +34,8 @@ import com.android.internal.app.AlertActivity; import com.android.internal.app.AlertController; import com.android.settings.R; +import static android.view.WindowManager.LayoutParams.SYSTEM_FLAG_HIDE_NON_SYSTEM_OVERLAY_WINDOWS; + /** * BluetoothPermissionActivity shows a dialog for accepting incoming * profile connection request from untrusted devices. @@ -76,6 +78,7 @@ public class BluetoothPermissionActivity extends AlertActivity implements protected void onCreate(Bundle savedInstanceState) { super.onCreate(savedInstanceState); + getWindow().addPrivateFlags(SYSTEM_FLAG_HIDE_NON_SYSTEM_OVERLAY_WINDOWS); Intent i = getIntent(); String action = i.getAction(); if (!action.equals(BluetoothDevice.ACTION_CONNECTION_ACCESS_REQUEST)) { From b29c03652204239319dc75798dfdfd2f24454a9e Mon Sep 17 00:00:00 2001 From: Jakub Pawlowski Date: Thu, 19 Nov 2020 13:31:08 +0100 Subject: [PATCH 3/3] Prevent overlay drawing on top of Bluetooth activity dialog Bug: 168504491 Merged-In: I04ebe580db2b299af2bd5e44e0b0f20bd42f8535 Change-Id: I04ebe580db2b299af2bd5e44e0b0f20bd42f8535 --- .../settings/bluetooth/BluetoothPermissionActivity.java | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/com/android/settings/bluetooth/BluetoothPermissionActivity.java b/src/com/android/settings/bluetooth/BluetoothPermissionActivity.java index 1ff1fcef01d..44d2130e0ec 100644 --- a/src/com/android/settings/bluetooth/BluetoothPermissionActivity.java +++ b/src/com/android/settings/bluetooth/BluetoothPermissionActivity.java @@ -36,6 +36,8 @@ import com.android.settingslib.bluetooth.CachedBluetoothDevice; import com.android.settingslib.bluetooth.CachedBluetoothDeviceManager; import com.android.settingslib.bluetooth.LocalBluetoothManager; +import static android.view.WindowManager.LayoutParams.PRIVATE_FLAG_HIDE_NON_SYSTEM_OVERLAY_WINDOWS; + /** * BluetoothPermissionActivity shows a dialog for accepting incoming * profile connection request from untrusted devices. @@ -78,6 +80,7 @@ public class BluetoothPermissionActivity extends AlertActivity implements protected void onCreate(Bundle savedInstanceState) { super.onCreate(savedInstanceState); + getWindow().addPrivateFlags(PRIVATE_FLAG_HIDE_NON_SYSTEM_OVERLAY_WINDOWS); Intent i = getIntent(); String action = i.getAction(); if (!action.equals(BluetoothDevice.ACTION_CONNECTION_ACCESS_REQUEST)) {