diff options
8 files changed, 75 insertions, 8 deletions
diff --git a/core/java/android/content/Intent.java b/core/java/android/content/Intent.java index e763e951fbc1..6f44a77a3d4a 100644 --- a/core/java/android/content/Intent.java +++ b/core/java/android/content/Intent.java @@ -7855,6 +7855,9 @@ public class Intent implements Parcelable, Cloneable { int eq = uri.indexOf('=', i); if (eq < 0) eq = i-1; int semi = uri.indexOf(';', i); + if (semi < 0) { + throw new URISyntaxException(uri, "uri end not found"); + } String value = eq < semi ? Uri.decode(uri.substring(eq + 1, semi)) : ""; // action diff --git a/core/java/com/android/internal/app/ChooserActivity.java b/core/java/com/android/internal/app/ChooserActivity.java index 2b39bb4eb7a5..f9d553ffc0c1 100644 --- a/core/java/com/android/internal/app/ChooserActivity.java +++ b/core/java/com/android/internal/app/ChooserActivity.java @@ -544,6 +544,14 @@ public class ChooserActivity extends ResolverActivity implements @Override protected void onCreate(Bundle savedInstanceState) { + if (Settings.Secure.getIntForUser(getContentResolver(), + Settings.Secure.SECURE_FRP_MODE, 0, + getUserId()) == 1) { + Log.e(TAG, "Sharing disabled due to active FRP lock."); + super.onCreate(savedInstanceState); + finish(); + return; + } final long intentReceivedTime = System.currentTimeMillis(); mLatencyTracker.onActionStart(ACTION_LOAD_SHARE_SHEET); diff --git a/keystore/java/android/security/AndroidKeyStoreMaintenance.java b/keystore/java/android/security/AndroidKeyStoreMaintenance.java index 919a93b8f107..b2d1755bb860 100644 --- a/keystore/java/android/security/AndroidKeyStoreMaintenance.java +++ b/keystore/java/android/security/AndroidKeyStoreMaintenance.java @@ -18,8 +18,10 @@ package android.security; import android.annotation.NonNull; import android.annotation.Nullable; +import android.os.RemoteException; import android.os.ServiceManager; import android.os.ServiceSpecificException; +import android.os.StrictMode; import android.security.maintenance.IKeystoreMaintenance; import android.system.keystore2.Domain; import android.system.keystore2.KeyDescriptor; @@ -183,4 +185,24 @@ public class AndroidKeyStoreMaintenance { return SYSTEM_ERROR; } } + + /** + * Deletes all keys in all KeyMint devices. + * Called by RecoverySystem before rebooting to recovery in order to delete all KeyMint keys, + * including synthetic password protector keys (used by LockSettingsService), as well as keys + * protecting DE and metadata encryption keys (used by vold). This ensures that FBE-encrypted + * data is unrecoverable even if the data wipe in recovery is interrupted or skipped. + */ + public static void deleteAllKeys() throws KeyStoreException { + StrictMode.noteDiskWrite(); + try { + getService().deleteAllKeys(); + } catch (RemoteException | NullPointerException e) { + throw new KeyStoreException(SYSTEM_ERROR, + "Failure to connect to Keystore while trying to delete all keys."); + } catch (ServiceSpecificException e) { + throw new KeyStoreException(e.errorCode, + "Keystore error while trying to delete all keys."); + } + } } diff --git a/media/java/android/media/RingtoneManager.java b/media/java/android/media/RingtoneManager.java index d2b21ae19162..cce4418fcafc 100644 --- a/media/java/android/media/RingtoneManager.java +++ b/media/java/android/media/RingtoneManager.java @@ -834,9 +834,13 @@ public class RingtoneManager { + " ignored: failure to find mimeType (no access from this context?)"); return; } - if (!(mimeType.startsWith("audio/") || mimeType.equals("application/ogg"))) { + if (!(mimeType.startsWith("audio/") || mimeType.equals("application/ogg") + || mimeType.equals("application/x-flac") + // also check for video ringtones + || mimeType.startsWith("video/") || mimeType.equals("application/mp4"))) { Log.e(TAG, "setActualDefaultRingtoneUri for URI:" + ringtoneUri - + " ignored: associated mimeType:" + mimeType + " is not an audio type"); + + " ignored: associated MIME type:" + mimeType + + " is not a recognized audio or video type"); return; } } diff --git a/packages/SettingsProvider/src/com/android/providers/settings/SettingsProvider.java b/packages/SettingsProvider/src/com/android/providers/settings/SettingsProvider.java index 765edd72cfbd..9f65bb4a131b 100644 --- a/packages/SettingsProvider/src/com/android/providers/settings/SettingsProvider.java +++ b/packages/SettingsProvider/src/com/android/providers/settings/SettingsProvider.java @@ -1948,7 +1948,7 @@ public class SettingsProvider extends ContentProvider { cacheName = Settings.System.ALARM_ALERT_CACHE; } if (cacheName != null) { - if (!isValidAudioUri(name, value)) { + if (!isValidMediaUri(name, value)) { return false; } final File cacheFile = new File( @@ -1983,7 +1983,7 @@ public class SettingsProvider extends ContentProvider { } } - private boolean isValidAudioUri(String name, String uri) { + private boolean isValidMediaUri(String name, String uri) { if (uri != null) { Uri audioUri = Uri.parse(uri); if (Settings.AUTHORITY.equals( @@ -2001,10 +2001,13 @@ public class SettingsProvider extends ContentProvider { return false; } if (!(mimeType.startsWith("audio/") || mimeType.equals("application/ogg") - || mimeType.equals("application/x-flac"))) { + || mimeType.equals("application/x-flac") + // also check for video ringtones + || mimeType.startsWith("video/") || mimeType.equals("application/mp4"))) { Slog.e(LOG_TAG, "mutateSystemSetting for setting: " + name + " URI: " + audioUri - + " ignored: associated mimeType: " + mimeType + " is not an audio type"); + + " ignored: associated MIME type: " + mimeType + + " is not a recognized audio or video type"); return false; } } diff --git a/services/core/java/com/android/server/accounts/AccountManagerService.java b/services/core/java/com/android/server/accounts/AccountManagerService.java index b45bcb405557..b59a5ea5ad1a 100644 --- a/services/core/java/com/android/server/accounts/AccountManagerService.java +++ b/services/core/java/com/android/server/accounts/AccountManagerService.java @@ -4959,6 +4959,9 @@ public class AccountManagerService if (resolveInfo == null) { return false; } + if ("content".equals(intent.getScheme())) { + return false; + } ActivityInfo targetActivityInfo = resolveInfo.activityInfo; int targetUid = targetActivityInfo.applicationInfo.uid; PackageManagerInternal pmi = LocalServices.getService(PackageManagerInternal.class); diff --git a/services/core/java/com/android/server/pm/PackageInstallerService.java b/services/core/java/com/android/server/pm/PackageInstallerService.java index b99e66f68038..d331f31fc545 100644 --- a/services/core/java/com/android/server/pm/PackageInstallerService.java +++ b/services/core/java/com/android/server/pm/PackageInstallerService.java @@ -673,13 +673,18 @@ public class PackageInstallerService extends IPackageInstaller.Stub implements params.appLabel = TextUtils.trimToSize(params.appLabel, PackageItemInfo.MAX_SAFE_LABEL_LENGTH); - // Validate installer package name. + // Validate requested installer package name. if (params.installerPackageName != null && !isValidPackageName( params.installerPackageName)) { params.installerPackageName = null; } - var requestedInstallerPackageName = + // Validate installer package name. + if (installerPackageName != null && !isValidPackageName(installerPackageName)) { + installerPackageName = null; + } + + String requestedInstallerPackageName = params.installerPackageName != null ? params.installerPackageName : installerPackageName; diff --git a/services/core/java/com/android/server/recoverysystem/RecoverySystemService.java b/services/core/java/com/android/server/recoverysystem/RecoverySystemService.java index 9d5173a8da09..91e2803427a8 100644 --- a/services/core/java/com/android/server/recoverysystem/RecoverySystemService.java +++ b/services/core/java/com/android/server/recoverysystem/RecoverySystemService.java @@ -53,6 +53,7 @@ import android.os.ShellCallback; import android.os.SystemProperties; import android.provider.DeviceConfig; import android.sysprop.ApexProperties; +import android.security.AndroidKeyStoreMaintenance; import android.util.ArrayMap; import android.util.ArraySet; import android.util.FastImmutableArraySet; @@ -68,6 +69,7 @@ import com.android.server.LocalServices; import com.android.server.SystemService; import com.android.server.pm.ApexManager; import com.android.server.recoverysystem.hal.BootControlHIDL; +import com.android.server.utils.Slogf; import libcore.io.IoUtils; @@ -119,6 +121,8 @@ public class RecoverySystemService extends IRecoverySystem.Stub implements Reboo static final String LSKF_CAPTURED_TIMESTAMP_PREF = "lskf_captured_timestamp"; static final String LSKF_CAPTURED_COUNT_PREF = "lskf_captured_count"; + static final String RECOVERY_WIPE_DATA_COMMAND = "--wipe_data"; + private final Injector mInjector; private final Context mContext; @@ -522,17 +526,32 @@ public class RecoverySystemService extends IRecoverySystem.Stub implements Reboo @Override // Binder call public void rebootRecoveryWithCommand(String command) { if (DEBUG) Slog.d(TAG, "rebootRecoveryWithCommand: [" + command + "]"); + + boolean isForcedWipe = command != null && command.contains(RECOVERY_WIPE_DATA_COMMAND); synchronized (sRequestLock) { if (!setupOrClearBcb(true, command)) { return; } + if (isForcedWipe) { + deleteSecrets(); + } + // Having set up the BCB, go ahead and reboot. PowerManager pm = mInjector.getPowerManager(); pm.reboot(PowerManager.REBOOT_RECOVERY); } } + private static void deleteSecrets() { + Slogf.w(TAG, "deleteSecrets"); + try { + AndroidKeyStoreMaintenance.deleteAllKeys(); + } catch (android.security.KeyStoreException e) { + Log.wtf(TAG, "Failed to delete all keys from keystore.", e); + } + } + private void enforcePermissionForResumeOnReboot() { if (mContext.checkCallingOrSelfPermission(android.Manifest.permission.RECOVERY) != PackageManager.PERMISSION_GRANTED |