If the application that initiate the bonding with
BluetoothDevice#createBond is in foreground, then should dialog only
instead of showing the notification & dialog
Bug: 175931562
Tag: #refactor
Test: manual
Change-Id: I3673a0b58cbf9caabf62c951b84b49e17cfb13b8
The Settings app offers several Bluetooth intents, and they need to
be updated to enforce the new "Nearby devices" runtime permission
model, since the old BLUETOOTH and BLUETOOTH_ADMIN permissions have
been deprecated.
Bug: 191174082
Test: TH
Change-Id: I0d812f486bc3dadc517d5b04d3082d4f56f60ef4
BluetoothPermissionActivity and DevicePickerFragment will send
broadcast to return the result to calling apps. As this broadcast
intent is from Settings with uid 1000, it will be sent to any
protected BroadcastReceivers in the device. It can make an attacker
send broadcast to protected BroadcastReceivers like factory reset intent
(android/com.android.server.MasterClearReceiver) via
BluetoothPermissionActivity or DevicePickerFragment.
This CL will not allow to set package name and class name to avoid
the attacker.
Bug: 179386960
Bug: 179386068
Test: make -j42 RunSettingsRoboTests and use test apk to manually test
to verify factory reset not started and no system UI notification.
Change-Id: Id27a78091ab578077853b8fbb97a4422cff0a158
This reverts commit 9d00364da4.
Reason for revert: This fix have a regression, for not blocking b/183344112 revert it.
Change-Id: Ic4366b51e07b43c8d64d2e145563d8a30cb0fc60
BluetoothPermissionActivity and DevicePickerFragment will send
broadcast to return the result to calling apps. As this broadcast
intent is from Settings with uid 1000, it will be sent to any
protected BroadcastReceivers in the device. It can make an attacker
send broadcast to protected BroadcastReceivers like factory reset intent
(android/com.android.server.MasterClearReceiver) via
BluetoothPermissionActivity or DevicePickerFragment.
This CL will compare to calling package name with launch package name.
If they are not equal, the broadcast will not send to launch package name.
Bug: 179386960
Bug: 179386068
Test: make -j42 RunSettingsRoboTests and use test apk to manually test
to verify factory reset not started and no system UI notification.
Change-Id: Ib8a5acde663e875912d300dd4912c4e9416f02f1
Before this CL, there is a possible phishing attack allowing a malicious
BT device to acquire permissions based on insufficient information
presented to the user in the consent dialog. This could lead to local
escalation of privilege with no additional execution privileges needed.
User interaction is needed for exploitation.
This CL add more prompts presented for users to avoid phishing attacks.
Bug: 167403112
Test: send intent to test right prompts message is pop up. make -j42 RunSettingsRoboTests
Change-Id: Idc6ef558b692115bb82ea58cf223f5919b618633
Limit the component that may resolve this intent to the
bluetooth package.
Bug: 158219161
Test: Security Fix
Tag: #security
Change-Id: If732f940a7aa256f5975349118e8eb6cf5584676
- Android S+ to specify explicitly either FLAG_MUTABLE or FLAG_IMMUTABLE
when creating a PendingIntent.
- Suggest to use the FLAG_IMMUTABLE as default. Change it to
FLAG_MUTABLE while errors occur.
Fixes: 172207262
Fixes: 172207195
Fixes: 172205385
Fixes: 172204525
Fixes: 172205897
Test: build pass, manual test to paring blutooth device and doing
seamless transfer
Change-Id: Ic37b37bdbe6de6bdbad741985d3a920334240d80
1. Use BluetoothDevice.ACCESS_* instead of CachedBluetoothDevice.ACCESS_*
2. Use BluetoothDevice.setPhonebookAccessPermission() directly.
3. Use BluetoothDevice.setMessageAccessPermission() directly.
4. Use BluetoothDevice.getPhonebookAccessPermission() directly.
5. Use BluetoothDevice.getMessageAccessPermission() directly.
6. Use BluetoothDevice.getSimAccessPermission() directly.
Bug: 112517004
Test: make -j42 RunSettingsRoboTests
Change-Id: Ibe6b207b891b9bd2b328a2e2c7264a9a78cb498f
This will prevent them from showing up on external devices where they
would be less than useful.
Test: connect to watch and pair a device
Bug: 34612389
Change-Id: I8b02c20200ce78a73967b8121cf7d5653b68f356
Test Setup:
===========
HW DUT: Pixel O
Remote: MecApp (PBAP Client, MAP Client, SAP Client)
Steps:
=====
1. Enable BT on DUT and bond with Remote.
2. Connect from MecApp for PBAP, MAP, SAP and observe if
connection goes through fine.
Reproducibility:
===============
5/5
Observation:
============
MAP, PBAP and SAP cannot be connected.
Root cause:
In Android O, notifications are hidden by default.
This must be changed to use notification channels so that the
priority of the notifications can be updated.
Test: PBAP/MAP/SAP connection works fine with MecApp.
Bug: 38331825
Change-Id: I51de0ea303037bf88773352d99f092673acda2e3
(cherry picked from commit bd9f532013f0397879101f68f21ac8841fec344b)
This patch acquires a wakelock to turn on the LCD display if the screen
is off during an access request for MAP. Without this patch it was
observed that if the screen was off, the LCD remained off for incoming
connection access request from remote devices and the user only heard
the notification sound without the LDC being lit up.
Change-Id: I87c296fce4cd8e0c133f74169d991eee263fed08
Move the non-ui bluetooth control/tracking code to SettingsLib so
that it can be shared with others.
Mostly just move classes to frameworks/base/packages/SettingsLib,
however a few things had to move around.
- Dock handling had to move back to code still in settings
- Local preference related code had to be moved back to settings
- Added an error flow from SettingsLib to Settings
Depends on I69fd888362c6dbb325f6113b32c4b15cc6a23a41
Bug: 19180466
Change-Id: Ie57fe26a27bbb0adc2ef69e042a05c7290c6a52a
This notification is triggered when a bluetooth device that supports
the PBAP protocol. On managed profiles this functionality is not yet
available and therefore the notification and resulting acvitivity
have no function.
Bug: 18782769
Change-Id: Iaea12eee8ec4727d9448f690861f8344e2296028
Currently, users' preference in phonebook and call history or message
access per each Bluetooth-paired device is stored in Settings application's
shared preferences.
However, some privileged applications other than Settings need to access
such data. So we decided to migrate the data from Settings application's
shared preferences to Bluetooth application's.
Bug: 17158953
Change-Id: I44fde350ea35027df0de77feec1ea19c65f2f1c6
- Fixes to the issues found during review.
- added support for BluetoothProfile ProfileService Classes
- Added new MapProfile.java to comply with new structure
- changed ORDINAL to use BluetoothProfile.MAP directly
- Moved construction of MapProfile to LocalBluetoothProfileManager constructor
- Added support for multiple concurent permission activities and/or multiple notifications (i.e. pbap and map permission request right after each other)
- cleanup
- changed settings to use Notification.Builder
- made the notifications for map/pbab more informative
- added handling of back button + "clear all notifications"
Bug:10692365
Change-Id: I9803c9658a96b1a9c1d4734d2fdd22f1421d2827
Change the always-allowed checkbox to be don't-ask-again checkbox to remember
user's decision so that user will not be bothered agian if he/she checks
the don't-ask-again checkbox
bug 5099661
Change-Id: If32ab8e93313bbd33ff040553083f0cf9359b69e
Show user dialog for incoming BT connection requests from unknown
devices. Move phone book access permission dialog from bluetooth to settings.
The permision dialog pops up to the screen properly instead of
always as notification. AT+CPBR will also use the permission dialog
to ask for user permission.
bug 4489572
Change-Id: Ic1e74b2a9416a462cac4f519240a313691da90c4
