Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Security Patches :D #2

Open
wants to merge 332 commits into
base: eleven
Choose a base branch
from
Open

Security Patches :D #2

wants to merge 332 commits into from

Conversation

Meghthedev
Copy link

No description provided.

android-build-team Robot added 30 commits August 13, 2019 03:05
Snap for 5797858 from 67d8664 to rvc-release
05e5102 
Change-Id: I76f39be1bc227c103c4e96f1a41206f6495eb3d0
Snap for 5800678 from e68c5e2 to rvc-release
7bd4af5 
Change-Id: Icb154ad0b8e839be3dc3f0f08814fbaebfc293dc
Snap for 5811156 from 89e61c6 to rvc-release
dbc63da 
Change-Id: I37d3895f20490b2dc181deafb35b2d120d80d892
Snap for 5811844 from 13d4b5e to rvc-release
2a771af 
Change-Id: I7786e5da7af2ffc61221c91f417a3107f6c3e52d
Snap for 5814112 from 7a495dc to rvc-release
202cf5b 
Change-Id: I250c31b593e1b5e226a130b2d7461176f414713a
Snap for 5817336 from e74725e to rvc-release
d3f87a7 
Change-Id: I3bb1c92c66462a22a9a158783a75eab81b4cf617
Snap for 5821394 from d624017 to rvc-release
38680c4 
Change-Id: Ie4b5364d032a0e0d8c5a909b5ef983f9c92ab07d
Snap for 5831531 from cd2cd7c to rvc-release
67a89e2 
Change-Id: Ib4a1edd41f6b9e1fa07a72430e2d83b1640f1700
Snap for 5835590 from b0a8def to rvc-release
8f03479 
Change-Id: I79edadccb81432083e1cde9137513a7feab208d8
Snap for 5838830 from 2b6eec5 to rvc-release
c2fb54f 
Change-Id: Ide5bd31c957df8e7f3078c8014e035f67962f656
Snap for 5845878 from 511e0d8 to rvc-release
d3b4b70 
Change-Id: Iaf2ab9b349fdc86c8a0009fffa389335ffd68af5
Snap for 5850082 from 2b38f96 to rvc-release
3d6bff8 
Change-Id: I37ffd3c22d0c4f0f1203a4ec9021f3d190045ae6
Snap for 5853909 from f72a8fd to rvc-release
416157d 
Change-Id: Ia3d81d5b76147ed37e9fa27f79a35dd037b54232
Snap for 5860386 from c2e553e to rvc-release
e73c172 
Change-Id: If9014e7a47ad10643a42d38a8c09305216f98615
Snap for 5867156 from a037cd5 to rvc-release
ccd6fd4 
Change-Id: Ie1ab5a71cdf80a416e394b4fbd89c404922422e6
Snap for 5870090 from 6bc9cd3 to rvc-release
993d036 
Change-Id: I443094a765b3eec60ee4b9a87dd9be24171a5497
Snap for 5876588 from cfa2b5f to rvc-release
edb8cd3 
Change-Id: I23142db36193ebdacfe7fc26ddaa2d6dce6f3ebc
Snap for 5879737 from 1902aae to rvc-release
a33d7b8 
Change-Id: I687d3b19e6b265aac8ddd7174018df7455da0f4c
Snap for 5882600 from aebc5b8 to rvc-release
b45eb0f 
Change-Id: If022d06fda6703e8104a26c14dc08a3a252c1851
Snap for 5885561 from fa7d4b3 to rvc-release
e9e01ce 
Change-Id: I5a41a0e54386032c913c4183d7d0fe64b8bbd4bb
Snap for 5892445 from 477bb7f to rvc-release
2d55fe8 
Change-Id: Iae9ad34592ca8bafeef47507a76d3229757318b6
Snap for 5895720 from 39d2311 to rvc-release
c1dbdc4 
Change-Id: Ia330648b3080b6764374609dfdae47e0dc94b1db
Snap for 5897969 from 98be81d to rvc-release
041b236 
Change-Id: I76746a4e99fa28cdc2ddb091c83c309572dac276
Snap for 5900950 from 4947da7 to rvc-release
c4268d8 
Change-Id: I324675d00bbe89e96bc0375fe4633e28c24b6935
Snap for 5907574 from faef669 to rvc-release
8708d9f 
Change-Id: I26ee8a6068022e5fffd76016d7dea0122f13de04
Snap for 5910202 from b4b7c1c to rvc-release
6566bfe 
Change-Id: I00353d1c493f8fdfb6b2d800d43eebb714e04843
Snap for 5912542 from 9f3b9ba to rvc-release
4bb034d 
Change-Id: I1a554a5614d384e1e2a7de34a4b53081203bcfdf
Snap for 5916059 from 30de7cf to rvc-release
955b53d 
Change-Id: I10b764f17afe713111e158e5524f8ef0ba22e36a
Snap for 5922838 from 3fab70a to rvc-release
072bee2 
Change-Id: I40be161dcf3ccdcc5f449425c5fd8972307ecbc5
Snap for 5926043 from cd6d62c to rvc-release
e2075b3 
Change-Id: I61be2364e51bb1db3a713ebdb952eaa020f97da6
android-build-team Robot and others added 27 commits June 24, 2020 01:05
Snap for 6621766 from 0670127 to rvc-release
18e40d0 
Change-Id: I07dcc26bab05ccde634fe88da5092f02a03b2538
Snap for 6626121 from 6b3d35d to rvc-release
6f7612e 
Change-Id: I5ecb9efad6b3fe31943d3d9c9ff31674990a3f3c
Snap for 6634012 from 3476a0d to rvc-release
a9c9eb3 
Change-Id: I9b65323aff8e04c3d62c65fa43ed42983b61f9ef
Snap for 6657150 from 8927b4a to rvc-release
428d166 
Change-Id: I00c3917dbe6d47962ffba2ed08ebaabae379e1b1
Fix a bug where the subtype is not initialized correctly
a65c2c2 
Note that the initial subtype is still not set correctly at
register() time because there is no way to communicate this
information. This only affects callers that look at the
extra info before the agent is marked connected, so this
should only be internal callers, and they don't actually
rely on this information.

We could fix this by adding a hidden method in NetworkAgentConfig
but this is not strictly necessary, so at this time do the
simplest change only.

Test: FrameworksTelephonyTest
Bug: 161653721
Bug: 161737783
Change-Id: I397d773ac9bb5532d72036d3cb3d37e52c79ee4e
(cherry picked from commit 7403bd5)
Merge cherrypicks of [12257241, 12257478, 12257643, 12257707, 1225729…
1e1f3eb 
…7, 12257742, 12257668, 12257743, 12257513, 12257278, 12257279, 12257514, 12257644, 12257669, 12257670, 12257671] into rvc-release

Change-Id: I36709df5764a57b309b368f1ce4c8fcbf84e3c8e
@anisassigoogle
Add package checking with Uid in EuiccController#getEid
95c2a71 
EuiccController does not validate the calling package name
(i.e. to ensure that it is owned by the calling UID). It is
therefore possible for an app to effectively gain carrier
 privileges in the call to EuiccController#getEid by
passing the package name of another app that does has carrier
 privileges to one or more subscriptions.

Test: safe net log
Bug: 159062405
Change-Id: I0bf7c8b267a0c9cd877328c4ff3169950e1ff64f
(cherry picked from commit 1221ede)
@haggertk
Merge tag 'android-11.0.0_r38' into staging/lineage-18.1_merge-androi…
89cca67 
…d-11.0.0_r38

Android 11.0.0 Release 38 (RQ3A.210605.005)

* tag 'android-11.0.0_r38':
  Public EVENT_EMERGENCY_CALLBACK_MODE_ENTER for testing purpose
  Fixed dangling DC controller
  Get data network type from NetworkRegistrationInfo instead of ServiceState
  Check for timers when checking isCampedOn5G
  CP bugfixes from ag/13300921 to QPR3
  Add tests for network controller
  Fix NR display logic for non-LTE RATs
  Exclude IWLAN from the checks
  Allow TEMP_NOT_METERED on 5G SA network
  Temporary fix to prevent TEMPORARILY_NOT_METERED leak
  Remove unecessary locking to avoid dead lock.
  Fix bug of disabling grouped CBRS during profile switch on primary SIM
  Move permission checks out of synchronized block
  Guard ICC ID card string behind new identifier access requirements
  Guard ICC ID behind new identifier access requirements
  TEMP_NOT_METERED only for 5G override
  Change EuiccConnector to only refresh eSIM profile list when rebinding
  Fixed incorrect unregister from connectivity service

Change-Id: I06751592b424efec39c5a2e29f3293c3e000a568
@anisassigoogle
Check READ_PRIVILEGED_PHONE_STATE instead of READ_PHONE_STATE for get…
a5b1af7 
…AvailableSubscriptionInfoList

Test: atest SubscriptionManagerTest#testSubscriptionGroupingWithPermission; Safety net logging
Bug: 185235454

Change-Id: Ideef8793ac3c42ab30ac3004071d6be19e15b5fe
(cherry picked from commit 9f741b9)
@anisassigoogle
Merge cherrypicks of [14947151, 14946920, 14946921, 14946922, 1494751…
1e5e12c 
…0, 14947511, 14947512, 14947530, 14947531, 14946923, 14947513] into security-aosp-rvc-release

Change-Id: I66bd69cb2ff1077541dc728e504c204642e93f1e
filter deviceIdentifiers for subscriptionInfo if callers without perm
fa47477 
Fix a security issue that app can read iccId of sim card(s) without
requiring READ_PRIVILEGED_PHONE_STATE permission when calling hidden API SubscriptionManager.getAllActiveSubscriptionInfoList. Apply
deviceIdentifier filter to remove those info if the caller does not have proper permissions.

Bug: 183612370
Test: Manual
Merged-in: If7d243c40d187008f8cb314b162228cbad1702a4
Change-Id: If7d243c40d187008f8cb314b162228cbad1702a4
(cherry picked from commit f6bb9b2)
(cherry picked from commit f24c432)
[security] SubscriptionGroup is exposed to unprivileged callers
db51ae5 
SubscriptionInfo.mGroupUUID is not cleared in
conditionallyRemoveIdentifiers if the caller only has READ_PHONE_STATE
(based on a check to checkReadPhoneState) and not READ_DEVICE_IDENTIFIERS.
Bug: 181053462
Test: atest SubscriptionManagerTest

Change-Id: I68d1edb4e7cc2ad6696363ea1dacb09e839a651e
Merged-In: I68d1edb4e7cc2ad6696363ea1dacb09e839a651e
(cherry picked from commit 1399361)
Merge cherrypicks of [15151698, 15151719, 15151903, 15151905, 1515190…
87ca5fb 
…7, 15151908, 15151950, 15151952, 15151953, 15151954, 15151955, 15151956, 15151958, 15151937, 15151938, 15151939, 15151860, 15151990, 15151977, 15151978, 15151979] into security-aosp-rvc-release

Change-Id: I5443bc56eea0b742c33e09e4f226bcd6c4771a43
@haggertk
Merge tag 'android-11.0.0_r40' into staging/lineage-18.1_merge-androi…
e3d255b 
…d-11.0.0_r40

Android 11.0.0 Release 40 (RQ3A.210805.001.A1)

* tag 'android-11.0.0_r40':
  Check READ_PRIVILEGED_PHONE_STATE instead of READ_PHONE_STATE for getAvailableSubscriptionInfoList
  [security] SubscriptionGroup is exposed to unprivileged callers
  filter deviceIdentifiers for subscriptionInfo if callers without perm

Change-Id: I140b8434fd3966e8d3af49d0c0a5026cba8d4b54
fix the issue that clearCallingIdentity before appops check
f367815 
we should restore CallingIndentity when do the appops check for
access device/subscriber identifier

Bug: 187147737
Bug: 183612370
Test: Manual test
Change-Id: Id0abfee602823f56811799a6d5c2bbe8cd5e2cc1
(cherry picked from commit 020d831)
Merged-in: Id0abfee602823f56811799a6d5c2bbe8cd5e2cc1
(cherry picked from commit 02bb0cc)
Merge cherrypicks of [15541536, 15541590, 15541500, 15541501, 1554150…
b1c6fd5 
…2, 15541503, 15541504, 15541505, 15541611, 15541508, 15541612, 15541591, 15541265, 15541266, 15541267, 15541614, 15541593] into security-aosp-rvc-release

Change-Id: I10b51ed5c398fc0c5bde0c686ffc6578b3cd3b9d
fix the issue that clearCallingIdentity before appops check
4277230 
we should restore CallingIndentity when do the appops check for
access device/subscriber identifier

Bug: 187147737
Bug: 183612370
Test: Manual test
Change-Id: Id0abfee602823f56811799a6d5c2bbe8cd5e2cc1
(cherry picked from commit 020d831)
Merged-in: Id0abfee602823f56811799a6d5c2bbe8cd5e2cc1
(cherry picked from commit 5fc2375)
Merge cherrypicks of [15567411, 15567547, 15567447, 15567095, 1556736…
c91164f 
…7, 15566999, 15567396, 15567397, 15567412, 15567413, 15567096, 15567448, 15567449, 15567097, 15567098, 15567450, 15567099, 15567398, 15567100, 15567621, 15567622, 15567468, 15567000] into rvc-qpr3-release

Change-Id: I96be118e302d94ae9adb679b76d4bc149517915e
@haggertk
Merge tag 'android-11.0.0_r46' into staging/lineage-18.1_merge-androi…
d0983ae 
…d-11.0.0_r46

Android 11.0.0 Release 46 (RQ3A.211001.001)

* tag 'android-11.0.0_r46':
  fix the issue that clearCallingIdentity before appops check

Change-Id: Id11eca49446879411c8c893c2c6fcd948eaed56e
@haggertk
Merge tag 'android-security-11.0.0_r49' into staging/lineage-18.1_mer…
e06372a 
…ge-android-security-11.0.0_r49

Android security 11.0.0 release 49

* tag 'android-security-11.0.0_r49':
  fix the issue that clearCallingIdentity before appops check
  [security] SubscriptionGroup is exposed to unprivileged callers
  filter deviceIdentifiers for subscriptionInfo if callers without perm
  Check READ_PRIVILEGED_PHONE_STATE instead of READ_PHONE_STATE for getAvailableSubscriptionInfoList
  Add package checking with Uid in EuiccController#getEid
  Fix a bug where the subtype is not initialized correctly
  Fix potential call crashes in Telephony.
  Fixed deadlock in IccSmsInterfaceManager

Change-Id: I6abc0f714392fc552f10a5614a043c2e00c58bb2
filter deviceIdentifiers for subscriptionInfo if callers without perm
8d84f8b 
Fix a security issue that app can read iccId of sim card(s) without
requiring READ_PRIVILEGED_PHONE_STATE permission when calling hidden
API SubscriptionManager.getAllActiveSubscriptionInfoList. Apply
deviceIdentifier filter to remove those info if the caller does
not have proper permissions. The previous fix forgot to reassign
returned value with filtered result.

Bug: 183612370
Test: Manual
Change-Id: I592a100f274bfe8a9f1b17b9a4c54ae2aadd6fdb
(cherry picked from commit 9845ef5)
Merged-In:I592a100f274bfe8a9f1b17b9a4c54ae2aadd6fdb
Merge cherrypicks of [16206383] into security-aosp-rvc-release.
f235d51 
Change-Id: Iffe0c80f4c954e11959a5a235b5f27b34f1027bb
@haggertk
Merge tag 'android-security-11.0.0_r51' into staging/lineage-18.1_mer…
cfb5618 
…ge-android-security-11.0.0_r51

Android security 11.0.0 release 51

* tag 'android-security-11.0.0_r51':
  filter deviceIdentifiers for subscriptionInfo if callers without perm

Change-Id: I1a853cc522affe00e0a796338e647d74e90efc0f
Enforce privileged phone state for getSubscriptionProperty(GROUP_UUID)
f7248cd 
Bug: 213457638
Test: atest
Change-Id: I8d7cc836402a9a7695c972860d38035c4ec0fa44
Merged-In: I8d7cc836402a9a7695c972860d38035c4ec0fa44
Merged-In: Ie8017c39a495f93603aeb5d1a335fe2fe528cf77
(cherry picked from commit b0e3c5d)
(cherry picked from commit 7f3dd2a)
Merged-In: I8d7cc836402a9a7695c972860d38035c4ec0fa44
Merge cherrypicks of [18168007] into security-aosp-rvc-release.
d1709e5 
Change-Id: I0054af621f908fac44c6e888ac26245e472a352a
@haggertk
Merge tag 'android-security-11.0.0_r57' of https://android.googlesour…
e52741c 
…ce.com/platform/frameworks/opt/telephony into staging/lineage-18.1_merge_android-security-11.0.0_r57

Android security 11.0.0 release 57

* tag 'android-security-11.0.0_r57' of https://android.googlesource.com/platform/frameworks/opt/telephony:
  Enforce privileged phone state for getSubscriptionProperty(GROUP_UUID)

Change-Id: Ia71445de6c943136b96dbccf5d2d388d6e3024ea
@Meghthedev
Merge branch 'lineage-18.1' into eleven
eb3d1c2
@Meghthedev Meghthedev mentioned this pull request Oct 11, 2023
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@Meghthedev @haggertk