add Seedvault as backup provider #1
Closed
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
added 30 commits
July 1, 2020 16:23
Change-Id: I85f1e78bbbdfc3366226573f05c1c40bb2b9e456
Change-Id: Ic0e168037fd4af605bf23bf2b02b6c4caf086050
Change-Id: I9dd41c84330b63b9243b0682ede9efa6eef7bd5c
Change-Id: I9b5a5830fa6b9ffd1935f021b9d503c1a6923d7e
Change-Id: I7a3530343cfc0adad982cd5632837b1cce90b586
Change-Id: Ib61e1081ecc4c63bb680f823acc5f00db2824727
Change-Id: I76caef718a57d7b2f9b3da85677cb5dad1785508
Change-Id: I8128e91cee11b72dde355b310adff6c136fd5d27
Change-Id: Ifd14545d9a0ee2e8021c69010d66a687bd7e43af
Change-Id: Ic15635e0981fa9b70fe89430da995dd1b3298771
Change-Id: Ifffee033cb74f74ce898ad7c85b799a57cb83981
Change-Id: I92d6d9664af5c8b41b304a1933ae6ea831335b8c
Change-Id: I642e886b63d6294cd10a3bcefbe83950833e9da0
Change-Id: I2c0ff03981d110410b45bc5ca70da10239f95669
Change-Id: Iaeecfcdd3b287276a4113cb8827757dbcce3f90e
Change-Id: I327b35284e65a53b9ae4c668efec376a7bbede10
Change-Id: Ifb2a3205761ea235ed0e09f00407a1f034bde522
Change-Id: I9215e4d7d615bab6e2748162675106adec9ad200
Change-Id: Ia96a50a44441af77d91b85b6d325d7eed0e28202
Change-Id: I48a6b3540e97485719fcbd2ca1c9bd7396a1f0f9
Change-Id: Ie3fed896f0f1eaeef149daf260d31a86d150d53c
Change-Id: Iaa6440d88e78cb822ce1cea6ab1568afb20eaf36
Change-Id: I4afcc1c42961d647132b4097c32f5b7fd98d3e57
Change-Id: I9454cc3f648fc16e52439c89ced165c3619c5d43
Change-Id: I65baa9a585925b54fd012a4568cdbf6ba7980a7e
Change-Id: I9472d0e864a798bcabe7237f25b597de06a50d2e
Change-Id: Ib6897d823d9ab349860e9d22563e272f722225fb
Change-Id: I6b1e1d998973d0a305297d147964c0c4408837ad
Change-Id: I6ca0bd985ddb6c8048474c2a86af8cef46c2c91f
Some URIs are used without validating their authorities which can lead to exploitation by malicious apps. Bug: 157294893 Test: Manual using test app in b/157294893 Change-Id: I799509ed5ff7e69140e84d796fe7f96d9dbfd32f Merged-In: I799509ed5ff7e69140e84d796fe7f96d9dbfd32f (cherry picked from commit 75f984bd32a3ee8115d5cea09ab1bd237537ab54) (cherry picked from commit e4bb1d7)
Currently we only validate DocumentsContract.EXTRA_URI, this change validates other URIs suchs as DocumentsContract.EXTRA_TARGET_URI and DocumentsContract.EXTRA_PARENT_URI as well Bug: 157320716 Test: Manually using the test app in b/157320716#comment1 Change-Id: I90fd1e62aa7dc333bf32eb80ccc5b181a1d54e41 Merged-In: I90fd1e62aa7dc333bf32eb80ccc5b181a1d54e41 (cherry picked from commit b9f4fb792812f9a38ac54e69be6f121f7367c017) (cherry picked from commit eca247f)
Improve location checking for apps targeting SDK28 or earlier. Bug: 158484422 Test: (cts) atest TelephonyLocationTests; atest PhoneStateListenerTest Merged-In: I8caa3ea409836ce8469d8d8210b481a0284594f2 Change-Id: I8caa3ea409836ce8469d8d8210b481a0284594f2 (cherry picked from commit 4e0c7d16fd76bd7743a7f46ba63c75e8c65d63be) (cherry picked from commit cc584e7)
Bug: 157472962 Tag: #security Test: build Change-Id: I7737c4f1ad4bf5fec3127526465c78808de03693 (cherry picked from commit a6c09bb)
When user is stopped, the Vpn#onUserStopped() will be called and the value of mLockdown will be set to false then store into setting. This is a wrong behavior because user doesn't change it, so for this kind of case, there is no need to store the value of mLockdown in setting. In fact, there is no need to call Vpn#saveAlwaysOnPackage() when user is stopped because there is nothing changed. Bug: 168500792 Test: atest FrameworksNetTests Change-Id: Ie85a347216614b7873bfdf199165d89527ada3a8 (cherry picked from commit 9226fc3)
Before this change, it was possible for the code to suffer an out of bound error. Bug: 150706572 Test: make Change-Id: I3e8d37f2ee3c942bc9b176edee043557b005c757 (cherry picked from commit 8ff5315e989c1348e313bcb8170b77adc80b2fce) (cherry picked from commit e592700)
A bug was introduced in R where LSS ends up regenerating SP when an escrow token is being auto-activated on unsecured user, due to a logic error in shouldMigrateToSyntheticPasswordLocked(). Fix the bug and add some safeguards as well as unit test to prevent future regressions. Bug: 168692734 Test: atest com.android.server.locksettings Change-Id: If35f2fd26b49faf6e3d0d75c10b1b3bb95f247c2 (cherry picked from commit efc1d53df3a2e7116d7ed83bca9bf8e384d32740) (cherry picked from commit 2d51788)
The libdrmframeworkcommon was statically linked to multiple libraries used by libfwdlockengine. When the shared libraries closes, the same block of static memory will be freed twice. Test: CTS forwardlock tests atest CtsDrmTestCases Bug: 155647761 Change-Id: I45113549772d48e925082d15659b1409cbed6499 (cherry picked from commit 4ed2e6b)
…9, 12820781, 12821235, 12821236, 12820925, 12821237, 12820545, 12821039, 12820926, 12820927, 12820928, 12820929, 12820930, 12820590, 12820471, 12820591, 12820592, 12820593, 12820594, 12821255, 12821256, 12821257, 12820998, 12820932, 12821258, 12820546, 12820933, 12820934, 12820547, 12820548, 12821275, 12821238, 12821239, 12821240, 12821241, 12821199, 12821276, 12821277, 12821278, 12821279, 12821280] into rvc-qpr1-release Change-Id: I4a6407456ea03c0fa5a810bf57b7465cf06c9513
…9, 12841500, 12841101, 12841504] into rvc-qpr1-release Change-Id: I6c1b4c35f34a930ba04c14aa9b10d8aadebe60e4
SlicePermissionActivity reads provider_pkg from intent, which can be modified at will. As a result user might see incorrect package name in the dialog granting slice permission. Bug: 159145361 Test: manual Merged-In: I8b66c02786df4096dad74b7e76255d5ddd1d609d Change-Id: I8b66c02786df4096dad74b7e76255d5ddd1d609d (cherry picked from commit 4344e63)
Bug: 165595677 Test: atest CtsSecurityTestCases:ActivityManagerTest Change-Id: Ia758d32bce6b2ac4c7145a96eccf68a962f0748b (cherry picked from commit e9b1dd4)
…llback Due to a race condition with activity task stack broadcasts, it's currently possible for fingerprint authentication to succeed for a non-top activity. This means, for example, that a malicious overlay could be drawn in order to mislead the user about what they are authenticating for. This commit addresses the issue by adding a check to the biometric authentication client interface that ensures the authenticating activity is on top at the time of authentication. Otherwise, the pending authentication will fail, as if an incorrect biometric had been presented. Test: Follow steps from b/159249069: 1. Install com.pro100svitlo.fingerprintauthdemo from the Play store. 2. Install the PoC attack app from b/159249069. 3. Start the PoC attack app and press the "Launch PoC attack" button. 4. Use fingerprint to authenticate while the overlay is showing. Before: Authentication succeeds, and a new activity is launched. After: Authentication fails, and no new activity is launched. Bug: 159249069 Change-Id: Ie5a0f8c3e9b92d348a78678a6ed192d440c45ffc Merged-In: I289d67e5c7055ed60f7a96725c523d07cd047b23 Merged-In: I3a810cd7e6b97333f648c978e44242662342ec57 (cherry picked from commit 09c1b8e)
Bug: 159145361 Test: manual Change-Id: I8f1be55971672c7e8f5aa8848f65b1b9d9f40fb5 Merged-In: I8f1be55971672c7e8f5aa8848f65b1b9d9f40fb5 (cherry picked from commit 3b6905bf6a39de7789f93a7ce6ca5d65a3fe589e) (cherry picked from commit 1d50760)
Fix CDM package check CDM was using a pckage check that returns a value intead of throwing, resulting in failing to throw on querying other package's associations Test: ensure attached bug no longer reproduces Bug: 167244818 Change-Id: I21319b6f5495dcae681541c76b847aad0c00b8ab (cherry picked from commit 30b022a)
If a permission owner changes, or a permission level is upgraded, revoke the permission from all packages Test: Manual Bug: 154505240 Merged-In: I0dec9eb7c2fecd3147e33e04d3f79f6dffcf7721 Change-Id: I0dec9eb7c2fecd3147e33e04d3f79f6dffcf7721 (cherry picked from commit a28931a09814a89e1c55816c794c1e1f20dc0c91) (cherry picked from commit 84c1247)
Not only on normal -> runtime. Test: atest PermissionEscalationTest Bug: 154505240, 168319670 Change-Id: If3b420067b4d7111dcf67ae6f98e42176158b679 Merged-In: If3b420067b4d7111dcf67ae6f98e42176158b679 (cherry picked from commit 33e24c8)
Test: atest CtsPackageUninstallTestCases Fixes: 171221302 Change-Id: I38b6d85871064d76f2911e20acc74b4ab76406b3 (cherry picked from commit cdec871)
Bug: 169763814 Test: manual Change-Id: I15dd22791fcc61ef02b06ad51d9e4409d11c0181 (cherry picked from commit f45dcfe)
Activity can be used only in two cases. 1) Calling uid matches uid grantee. 2) Calling uid is is system. This flow is used by getToken methods with notifyAuthFailure=true. Test: Existing CTS tests Bug: 158480899 Change-Id: I1421c333b6cebb4f7cddcdd8766298f6872e933b (cherry picked from commit 10d8a11)
…5, 13083736, 13083575, 13083776, 13083778, 13083757, 13083547, 13083530, 13083719, 13083780, 13083739, 13083549, 13083741, 13083742, 13083590, 13083593, 13083594, 13083816, 13083818, 13083820, 13083822, 13083824, 13083827, 13083828, 13083552, 13083760, 13083762, 13083764, 13083782, 13083784, 13083831, 13083787, 13083766, 13083835, 13083745, 13083877, 13083720, 13083489, 13083491, 13083274, 13083859, 13083897] into rvc-qpr1-release Change-Id: I490a0c71254211c7d7451d9eeb87bc879c3c9813
This is needed by microG GmsCore to pretend to be the official Google
Play Services package, because client apps check the package signature
to make sure it matches Google's official certificate.
Changes made for Android 11:
- Updated PackageInfo calls
- Added new permission to public API surface, needed for
PermissionController which is now an updatable APEX on 11
- Added a dummy permission group to allow users to manage the
permission through the PermissionController UI
(by Vachounet <vachounet@live.fr>)
- Updated location provider comment for conciseness
Change-Id: Ied7d6ce0b83a2d2345c3abba0429998d86494a88
Signed-off-by: Pavel Dubrova <pashadubrova@gmail.com>
bartcubbins
requested changes
Feb 3, 2021
Member
bartcubbins
left a comment
bartcubbins
left a comment
There was a problem hiding this comment.
Thanks for the contribution!
I don't mind having Seedvault in our ROM, just let's do everything properly. Below I indicated the correct version of your patch, please update your PR in accordance with it
From e44bb599620afb055208b560831916fe7361b4b6 Mon Sep 17 00:00:00 2001
From: Pavel Dubrova <pashadubrova@gmail.com>
Date: Wed, 3 Feb 2021 18:33:31 +0200
Subject: [PATCH] SettingsProvider: Add ability to change default backup
provider
Signed-off-by: Pavel Dubrova <pashadubrova@gmail.com>
---
.../providers/settings/SettingsProvider.java | 27 ++++++++++++++++++-
1 file changed, 26 insertions(+), 1 deletion(-)
diff --git a/packages/SettingsProvider/src/com/android/providers/settings/SettingsProvider.java b/packages/SettingsProvider/src/com/android/providers/settings/SettingsProvider.java
index b95d34f2966..ca842b4e834 100644
--- a/packages/SettingsProvider/src/com/android/providers/settings/SettingsProvider.java
+++ b/packages/SettingsProvider/src/com/android/providers/settings/SettingsProvider.java
@@ -3513,7 +3513,7 @@ public class SettingsProvider extends ContentProvider {
}
private final class UpgradeController {
- private static final int SETTINGS_VERSION = 191;
+ private static final int SETTINGS_VERSION = 192;
private final int mUserId;
@@ -4882,6 +4882,31 @@ public class SettingsProvider extends ContentProvider {
currentVersion = 191;
}
+ if (currentVersion == 191) {
+ // Version 191: Update default Backup app
+ final SettingsState secureSettings = getSecureSettingsLocked(userId);
+ final Setting currentBackupTransportSetting = secureSettings.getSettingLocked(
+ Secure.BACKUP_TRANSPORT);
+ if (currentBackupTransportSetting.isDefaultFromSystem()) {
+ secureSettings.insertSettingLocked(
+ Settings.Secure.BACKUP_TRANSPORT,
+ getContext().getResources().getString(
+ R.string.def_backup_transport),
+ null, true, SettingsState.SYSTEM_PACKAGE_NAME);
+ }
+
+ final Setting currentBackupEnabledSetting = secureSettings.getSettingLocked(
+ Secure.BACKUP_ENABLED);
+ if (currentBackupEnabledSetting.isDefaultFromSystem()) {
+ secureSettings.insertSettingLocked(
+ Settings.Secure.BACKUP_ENABLED,
+ getContext().getResources().getBoolean(
+ R.bool.def_backup_enabled)? "1" : "0",
+ null, true, SettingsState.SYSTEM_PACKAGE_NAME);
+ }
+ currentVersion = 192;
+ }
+
// vXXX: Add new settings above this point.
if (currentVersion != newVersion) {
--
2.30.0
bartcubbins
requested changes
Feb 3, 2021
Member
bartcubbins
left a comment
bartcubbins
left a comment
There was a problem hiding this comment.
You need to create an overlay in this repository and put it there
https://github.com/ExplosiveLobster/platform_vendor_el
bartcubbins
force-pushed
the
android-11
branch
from
714ee76 to
204afd0
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
7 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
These changes (see also 1 and 2) add support for Seedvault, a backup app that integrates in the system directly.
I've been using it since September in an Android 10 build and works flawlessly. It's also used now in the official Lineageos builds.