Bluetooth app will indicate BluetoothOppReceiver to receive
device picker intent. But for fix the security issue we
removed the setClassName() method in ag/14111132 to avoid attack.
It causes BluetoothOppReceiver cannot receive the intent.
This CL will compare to calling package name with launch package name.
If they are not equal, the setClassName() will not invoke.
Bug: 186490534
Bug: 179386960
Bug: 179386068
Test: make RunSettingsRoboTests -j56
Change-Id: Ia51528f2a44ab73edbc86899ca0846d3262fe1f0
Fix idea was copied from
frameworks/base/core/java/android/accounts/ChooseAccountActivity.java
Bug: 183710549
Test: verified with POC app from bug that the fix is working
Change-Id: I40131965ed0d1e11cdf4b56daef39a95b80fdd7d
Added a feature that users are able to see/remove the apps' associations
in Settings/Connected devices.
It will display the icon of the associations app, app's name and a button
that users are able to remove the associations. Also it will pop up a
dialog alerting user before remove the associations.
Screenshot:
https://screenshot.googleplex.com/APSRhW2retYmAAK
Bug: 165951651
Test: Manually Test
Change-Id: Iccaeaf516e8a78d4ef33415c1c2d7379139ec88c
This CL use CachedBluetoothDevice#getDrawableWithDescription()
to get bluetooth device icon.
Bug: 178255374
Test: make RunSettingsRoboTests -j56
Change-Id: I45c273e2dd782029da7a3a2724cbca3762cc2d9c
BluetoothPermissionActivity and DevicePickerFragment will send
broadcast to return the result to calling apps. As this broadcast
intent is from Settings with uid 1000, it will be sent to any
protected BroadcastReceivers in the device. It can make an attacker
send broadcast to protected BroadcastReceivers like factory reset intent
(android/com.android.server.MasterClearReceiver) via
BluetoothPermissionActivity or DevicePickerFragment.
This CL will not allow to set package name and class name to avoid
the attacker.
Bug: 179386960
Bug: 179386068
Test: make -j42 RunSettingsRoboTests and use test apk to manually test
to verify factory reset not started and no system UI notification.
Change-Id: Id27a78091ab578077853b8fbb97a4422cff0a158
- Update the usage and the test case
- Update discharging string to follow new string doc
Bug: 183689347
Test: make RunSettingsRoboTests
Change-Id: I1e14e7da8cb02755d8cf6e12626a0d94fad87121
-Hide battery information when it is unknown
Bug: 184017556
Test: make -j50 RunSettingsRoboTests ROBOTEST_FILTER=AdvancedBluetoothDetailsHeaderControllerTest
Change-Id: I5f94ccae364f1420e04af21ba425c29ac6a11dd2
This reverts commit 9d00364da4.
Reason for revert: This fix have a regression, for not blocking b/183344112 revert it.
Change-Id: Ic4366b51e07b43c8d64d2e145563d8a30cb0fc60
-Apply new metadata on aosp/1596412
Bug: 182338346
Test: make -j50 RunSettingsRoboTests ROBOTEST_FILTER=BluetoothDetailsHeaderControllerTest
make -j50 RunSettingsRoboTests ROBOTEST_FILTER=AdvancedBluetoothDetailsHeaderControllerTest
Change-Id: Ic48ed9213111d0c6ec19b317d4c22e1400261706
BluetoothPermissionActivity and DevicePickerFragment will send
broadcast to return the result to calling apps. As this broadcast
intent is from Settings with uid 1000, it will be sent to any
protected BroadcastReceivers in the device. It can make an attacker
send broadcast to protected BroadcastReceivers like factory reset intent
(android/com.android.server.MasterClearReceiver) via
BluetoothPermissionActivity or DevicePickerFragment.
This CL will compare to calling package name with launch package name.
If they are not equal, the broadcast will not send to launch package name.
Bug: 179386960
Bug: 179386068
Test: make -j42 RunSettingsRoboTests and use test apk to manually test
to verify factory reset not started and no system UI notification.
Change-Id: Ib8a5acde663e875912d300dd4912c4e9416f02f1
Before this CL, bluetooth settings update the battery level of earbuds
when receiving first pair status callback. But sometimes the callback
will not send immediately cause the battery level is inconsistent.
This CL will update the earbuds battery level when onResum() to refresh
battery level immediately.
Bug: 174929347
Bug: 159544311
Test: make -j42 RunSettingsRoboTests
Change-Id: I8505f8fed4ec821b9fa2d88bc437bddd7a30f0e2
Set empty preference as not selectable to make talkback
not to detect it.
Bug: 178068585
Bug: 178067426
Test: manually test
Change-Id: Id293a61494cd0bdd79d104918502101cb5caf050
To log Settings metrics, the MainSwitch extends MainSwitchBar and
replace the SwitchBar in SettingsActivity.
Bug: 175181773
Test: Run robotest and apply the widget in Settings and see the ui
Change-Id: I3add3702e9058ad9192b5172c7cf0e2ccfb55a70
The bluetooh slice has an inline control, which means the PendingIntent
of the slice action should be mutable. Update the mutability flag to fix
this issue.
Fixes: 171521962
Test: Use voice command to turn on bluetooth and the bt slice should
work properly.
Change-Id: I488eef5c94b2bf66a67fb97b4102d5da2971bf04
Before this CL, there is a possible phishing attack allowing a malicious
BT device to acquire permissions based on insufficient information
presented to the user in the consent dialog. This could lead to local
escalation of privilege with no additional execution privileges needed.
User interaction is needed for exploitation.
This CL add more prompts presented for users to avoid phishing attacks.
Bug: 167403112
Test: send intent to test right prompts message is pop up. make -j42 RunSettingsRoboTests
Change-Id: Idc6ef558b692115bb82ea58cf223f5919b618633
Add refresh() in onStart() state to fix UI won't update
when resume the activity.
Bug: 174728714
Test: make -j42 RunSettingsRoboTests
Change-Id: I86d21486c1466aa466ef67db667b3a40cd90230c
Limit the component that may resolve this intent to the
bluetooth package.
Bug: 158219161
Test: Security Fix
Tag: #security
Change-Id: If732f940a7aa256f5975349118e8eb6cf5584676
Before this CL, connected devices settings will use ContentResolver
to get advanced device bitmaps on the UI thread. It will have a little
chance to cause ANR.
This CL uses background thread to get a bitmap to fix ANR issue.
Bug: 173283590
Test: Test: make -j42 RunSettingsRoboTests
Change-Id: I987759a775d507003fd4ef54f5376bd24e660b3b
- Android S+ to specify explicitly either FLAG_MUTABLE or FLAG_IMMUTABLE
when creating a PendingIntent.
- Suggest to use the FLAG_IMMUTABLE as default. Change it to
FLAG_MUTABLE while errors occur.
Fixes: 172207262
Fixes: 172207195
Fixes: 172205385
Fixes: 172204525
Fixes: 172205897
Test: build pass, manual test to paring blutooth device and doing
seamless transfer
Change-Id: Ic37b37bdbe6de6bdbad741985d3a920334240d80
