Bluetooth app will indicate BluetoothOppReceiver to receive
device picker intent. But for fix the security issue we
removed the setClassName() method in ag/14111132 to avoid attack.
It causes BluetoothOppReceiver cannot receive the intent.
This CL will compare to calling package name with launch package name.
If they are not equal, the setClassName() will not invoke.
Bug: 186490534
Bug: 179386960
Bug: 179386068
Test: make RunSettingsRoboTests -j56
Change-Id: Ia51528f2a44ab73edbc86899ca0846d3262fe1f0
(cherry picked from commit bb5be240c0)
BluetoothPermissionActivity and DevicePickerFragment will send
broadcast to return the result to calling apps. As this broadcast
intent is from Settings with uid 1000, it will be sent to any
protected BroadcastReceivers in the device. It can make an attacker
send broadcast to protected BroadcastReceivers like factory reset intent
(android/com.android.server.MasterClearReceiver) via
BluetoothPermissionActivity or DevicePickerFragment.
This CL will not allow to set package name and class name to avoid
the attacker.
Bug: 179386960
Bug: 179386068
Test: make -j42 RunSettingsRoboTests and use test apk to manually test
to verify factory reset not started and no system UI notification.
Change-Id: Id27a78091ab578077853b8fbb97a4422cff0a158
(cherry picked from commit 8adedc6249)
Before this CL, there is a possible phishing attack allowing a malicious
BT device to acquire permissions based on insufficient information
presented to the user in the consent dialog. This could lead to local
escalation of privilege with no additional execution privileges needed.
User interaction is needed for exploitation.
This CL add more prompts presented for users to avoid phishing attacks.
Merge Conflict Notes:
There were a number of entries in strings.xml that did not exist on this
branch. However, as the CL only adds new entries rather than modifying
old ones this should not cause a problem. There were no merge conflicts
in the java files.
Bug: 167403112
Test: send intent to test right prompts message is pop up. make -j42 RunSettingsRoboTests
Change-Id: Idc6ef558b692115bb82ea58cf223f5919b618633
Limit the component that may resolve this intent to the
bluetooth package.
Bug: 158219161
Test: Security Fix
Tag: #security
Change-Id: If732f940a7aa256f5975349118e8eb6cf5584676
- Move PreferenceGroup init method out of isAvailable() condition,
then PreferenceGroup will not be null.
- Update getAvailabilityStatus(), since the controller now may have usb
and dock.
Bug: 110712414
Test: make -j42 RunSettingsRoboTests
Change-Id: I4d85a42c26fb20d319e7321177b271933be3fdb0
The issue is happened when BT is disabled then navigate to
"Connected devices". BluetoothDeviceUpdater didn't update
UI when BT is disabled. Remove all device from preference when
BT is disabled.
Bug: 80090956
Test: make -j42 RunSettingsRoboTests
Change-Id: Ia1fd8cfbcf95d712a1a702fdf101ff98186b76cd
* Align with the changes of Bluetooth metadata APIs.
* Move metadata utils from Settings to SettingsLib.
Bug: 124448651
Test: make RunSettingsRoboTests
Change-Id: Ic9ad91536ef3ff6807a08bbffa3dd796ef1ad523
If we recycle it in OnStop() and this page isn't destoried,
it will crash when we revisit it.
Fixes: 130185099
Test: RunSettingsRoboTests
Change-Id: I4d3c1c12debcccb1ee7d676a1c5accece0b42e09
Usecase:
1. Start advertising from DUT (using BLE Smartertooth app).
2. Scan and connect from central device.
3. Now initiate bond from central and accept pairing request.
(Consent Pairing Dialog will be shown on DUT)
4. Notification will be received for PASSKEY CONFIRMATION Dialog.
Do not open notification and let it timeout.
5. Repeat steps 2 and 3. At step 3, Passkey Confirmation pairing
dialog is show instead of Consent pairing dialog.
Issue:
Wrong Pairing Popup is shown. Passkey Confirmation pairing
dialog is show instead of Consent pairing dialog.
Reproducible Rate: 100%
Root Cause:
PendingIntent created for showing pairing notification are getting
reused as only FLAG_ONE_SHOT is used. This flag is not updating new
extra's in the pending intent.
Fix:
Use flag FLAG_UPDATE_CURRENT in pending Intent.
Test: Tested above mentioned testcase and pairing scenarios.
Fix: 129479787
Bug: 129456113
Change-Id: I46813f355cd796cee1b472774b494c8580b39784
notifyHierarchyChanged() is used before when we have
connected/disconnect deivce in same list. So only use it in
DevicePickerFragment.java, not other normal fragments.
Also that call will rebuild whole preference list, which is heavy.
Bug: 119479725
Test: Manual
Change-Id: I06cf221588001b38634fec9f02dee8bc1e561ea8
Add new method to get rainbow bt icon and also refactor
AdaptiveHomepageIcon:
1. Rename
2. Add ConstantState
Bug: 126425211
Test: RunSettingsRoboTests
Change-Id: Idb8aaf253d0d9e2ab33d8852f093e6689ebadde4
Changed out BatteryMeterDrawable to inherit from ThemedBatteryDrawable
instead of BatteryMeterDrawableBase. Also removed warning text paint
because it seemed unused and simplified the interface.
Bug: 123705805
Test: visual
Change-Id: I30496e3d8881803d9d3d8a316c10387482a8f610
If it is updated, we need to refresh UI to display latest information
Fixes: 124455912
Test: RunSettingsRoboTests
Change-Id: I73b03f4931e3c2b0d367bbd2d3b2057b26c84b59
1. Update isAvailable() in controller
2. Update method to get fast pair icon
Bug: 124455912
Test: RunSettingsRoboTests
Change-Id: I24a04c8c91d74e9b8b7e8746ad6279fafa37f0a9
1. Add callback to listen to device update
2. Add charging support for bt battery icon
3. When disconnected, only show main icon
Follow CL will update battery icon to show exclamation when it is
low.
Bug: 124455912
Test: RunSettingsRoboTests
Change-Id: I03fb3bf4c4b77711e14b1f2f53733771b525fe4b
