Commits · 29a8f8ba705e627d879fd0006ad1c4e2e5e3b191 · LMODroid / platform_packages_modules_Bluetooth

Jun 13, 2024

Fix permission bypasses to multiple methods · 29a8f8ba

Brian Delwiche authored 10 months ago

Researcher reports that some BT calls across Binder are validating only
BT's own permissions and not the calling app's permissions.  On
investigation this seems to be due to a missing null check in several BT
permissions checks, which allows a malicious app to pass in a null
AttributionSource and therefore produce a stub AttributionSource chain
which does not properly check for the caller's permissions.

Add null checks, and correct tests which assumed a null was a valid
input.

Bug: 242996380
Test: atest UtilsTest
Test: researcher POC
Tag: #security
Ignore-AOSP-First: Security
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:8098771bca75166d06f9591d0d2110ed089ee6a7)
Merged-In: I76f49fee440726a7c0714385564ddf0e3e8522b5
Change-Id: I76f49fee440726a7c0714385564ddf0e3e8522b5

29a8f8ba

Apr 09, 2024

Merge cherrypicks of ['googleplex-android-review.googlesource.com/26879386'] into 24Q2-release. · 8786b78c
Android Build Coastguard Worker authored 11 months ago
```
Change-Id: I971792158f583f17c653c9bf2e17e0c703d3e150
```
8786b78c

Revert "Fix an authentication bypass bug in SMP" · 5bfa62ae

Thomas Girardier authored 11 months ago

This reverts commit bac3e50f.

Reason for revert: b/331855635
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:34ee990ee72693cd534d7d696f3a52c9c5a5bfd8)
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:e214741ee05dd6bad9bf1d7a62c1448c7eee4332)
Merged-In: I471269cb5ecd4aef32c6648ad575baea44b562d1
Change-Id: I471269cb5ecd4aef32c6648ad575baea44b562d1

5bfa62ae

Mar 29, 2024

Merge cherrypicks of ['googleplex-android-review.googlesource.com/26719406'] into 24Q2-release. · 50e71dd5
Android Build Coastguard Worker authored 11 months ago
```
Change-Id: Ibda0c1ebf514223bdc1f60b5542307ebd0cd4166
```
50e71dd5

Import translations. DO NOT MERGE ANYWHERE · 3bae0545

Bill Yi authored 11 months ago

Auto-generated-cl: translation import

Bug: 328603775
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:377f331adca25c74ea51630071f06f4aa19c2ffb)
Merged-In: I6ad3ce64bf7c9c67bd414a2e4a373ccbe7eb572f
Change-Id: I6ad3ce64bf7c9c67bd414a2e4a373ccbe7eb572f

3bae0545

Mar 28, 2024

Merge cherrypicks of ['android-review.googlesource.com/3002654',... · 71fefa73

Android Build Coastguard Worker authored 11 months ago

Merge cherrypicks of ['android-review.googlesource.com/3002654', 'googleplex-android-review.googlesource.com/26539688'] into 24Q2-release.

Change-Id: I13dfe3b6183ef0a9507c034b6190bda544e2b80a

71fefa73

leaudio: Fix crash on metadata update · 5e5b1526

Łukasz Rymanowski authored 1 year ago

When moving metadata to Bluetooth mainthread, make sure that Bluetooth
gets metadata and not just a pointer to memory on the stack.

`sink_metadata_v7` contained a pointer to array of either (record|playback)_track_metadata_v7,
so we can't rely on simple struct copy constructor. Pass the array content as vector instead.

Bug: 329067188
Test: mmm packages/modules/Bluetooth
Test: manual LeAudio streaming with different contexs (including call)
Test: atest bluetooth_le_audio_client_test
Ignore-AOSP-First: security
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:c8a5763f89b84a4614bfe21a9de75e07589c6322)
Merged-In: I9c01c81c0094df87efc1b3885ad69d82b0970404
Change-Id: I9c01c81c0094df87efc1b3885ad69d82b0970404

5e5b1526

api: GetConnectionState OR state of identity address · 80dd31fe

Chienyuan Huang authored 11 months ago

Bug: 295010253
Bug: 319471537
Test: atest net_test_btif_stack
Flag: api_get_connection_state_using_identity_address
(cherry picked from https://android-review.googlesource.com/q/commit:c27997fab1a48b66ff7a23b3ed81a92401e89458)
Merged-In: I53d288f9170eb0914a0add74f7bf1e321f9c4ee8
Change-Id: I53d288f9170eb0914a0add74f7bf1e321f9c4ee8

80dd31fe

Mar 05, 2024
- Snap for 11526283 from 6330ce35 to 24Q2-release · 8ff7c7c1
  Android Build Coastguard Worker authored 1 year ago
  
  Change-Id: I9d3bfbb9a63b57570f5bf105b066cbcf99dcd6a8
  8ff7c7c1
Mar 04, 2024

Merge "Use a single mock LE Advertising Manager" into main am: am: · 6330ce35

Myles Watson authored 1 year ago

Original change: https://android-review.googlesource.com/c/platform/packages/modules/Bluetooth/+/2927779

Change-Id: I27bb19fe7a4007067fddfde962c0aa44d8e0e80c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>

6330ce35

Merge "system/btif: Migrate to libbluetooth_log" into main am: am: · a98231e1

Henri Chataing authored 1 year ago

Original change: https://android-review.googlesource.com/c/platform/packages/modules/Bluetooth/+/2979621

Change-Id: I213fed7cf58cdc558990834a97d15fb88450297c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>

a98231e1

Merge "system/btif/src: Migrate to libbluetooth_log" into main am: am: · 6cd95729

Henri Chataing authored 1 year ago

Original change: https://android-review.googlesource.com/c/platform/packages/modules/Bluetooth/+/2978757

Change-Id: I180dd9e5885575e99fdc8ec0058e854b40697a69
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>

6cd95729

Merge "Use a single mock LE Advertising Manager" into main am: · 6952cde6

Myles Watson authored 1 year ago

Original change: https://android-review.googlesource.com/c/platform/packages/modules/Bluetooth/+/2927779

Change-Id: I51c1271969e5ebfe9c3467fb2219a92d86cbad24
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>

6952cde6

Merge "system/btif: Migrate to libbluetooth_log" into main am: · 27353d2f

Henri Chataing authored 1 year ago

Original change: https://android-review.googlesource.com/c/platform/packages/modules/Bluetooth/+/2979621

Change-Id: I61941a8bf32bf8c0a6cf371af533c5896a6bd43a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>

27353d2f

Merge "system/btif/src: Migrate to libbluetooth_log" into main am: · d339c19f

Henri Chataing authored 1 year ago

Original change: https://android-review.googlesource.com/c/platform/packages/modules/Bluetooth/+/2978757

Change-Id: I191148ee316bb50c9cba263c242bf1cd15678652
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>

d339c19f

Merge "Use a single mock LE Advertising Manager" into main · 683a833f
Myles Watson authored 1 year ago

683a833f
Merge "system/btif: Migrate to libbluetooth_log" into main · 5c03a6e6
Henri Chataing authored 1 year ago

5c03a6e6
Merge "system/btif/src: Migrate to libbluetooth_log" into main · 0b4c0bb6
Henri Chataing authored 1 year ago

0b4c0bb6

Mar 02, 2024

Snap for 11521484 from adb85f11 to 24Q2-release · 10230fa6
Android Build Coastguard Worker authored 1 year ago
```
Change-Id: I25528eb186c68c4d6f20d66285e1d1b60105365a
```
10230fa6

Merge "api: GetConnectionState OR state of resolved address" into main am:... · adb85f11

Chienyuan Huang authored 1 year ago

Merge "api: GetConnectionState OR state of resolved address" into main am: c3aa1ff8 am: 28599121

Original change: https://android-review.googlesource.com/c/platform/packages/modules/Bluetooth/+/2985431

Change-Id: I97c8130e92fd65cfe2c15ae07f3001dca7fd0662
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>

adb85f11

Merge "api: GetConnectionState OR state of resolved address" into main am: · 28599121

Chienyuan Huang authored 1 year ago

Original change: https://android-review.googlesource.com/c/platform/packages/modules/Bluetooth/+/2985431

Change-Id: I992266859c661092916056e67a37bf6d40b1bf2c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>

28599121

Merge "api: GetConnectionState OR state of resolved address" into main · c3aa1ff8
Chienyuan Huang authored 1 year ago

c3aa1ff8
Snap for 11520864 from 03cfb518 to 24Q2-release · 6327e3f7
Android Build Coastguard Worker authored 1 year ago
```
Change-Id: I1a9d7f3cf9afec929a40d0983d43e6b4b88ac2a6
```
6327e3f7

Mar 01, 2024

system/btif: Migrate to libbluetooth_log · 39203e70

Henri Chataing authored 1 year ago

Test: m com.android.btservices
Bug: 305066880
Flag: EXEMPT, mechanical refactor
Change-Id: I116f9af9cfdb7402ad2da8346f1d6c18baf5a87e

39203e70

system/btif/src: Migrate to libbluetooth_log · ee02f4df

Henri Chataing authored 1 year ago

Test: m com.android.btservices
Bug: 305066880
Flag: EXEMPT, mechanical refactor
Change-Id: I9168fdc9c2b5ce47686336e8e1673df62586974b

ee02f4df

Merge "system/log: Add protection against nullptr string parameters" into main... · 03cfb518

Henri Chataing authored 1 year ago

Merge "system/log: Add protection against nullptr string parameters" into main am: 7704d54d am: a8a400f7

Original change: https://android-review.googlesource.com/c/platform/packages/modules/Bluetooth/+/2982908

Change-Id: I903d05289b05166c9b20d040bc7a8382d58d1d54
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>

03cfb518

Merge "Move active_peer and codec config to a separate state." into main am:... · fe3f9086

Treehugger Robot authored 1 year ago

Merge "Move active_peer and codec config to a separate state." into main am: b1f4c70d am: 47351726

Original change: https://android-review.googlesource.com/c/platform/packages/modules/Bluetooth/+/2984232

Change-Id: I3fbf1340f9defdba5e1fb036e49ade3efd4f4fad
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>

fe3f9086

Merge "system/log: Add protection against nullptr string parameters" into main am: · a8a400f7

Henri Chataing authored 1 year ago

Original change: https://android-review.googlesource.com/c/platform/packages/modules/Bluetooth/+/2982908

Change-Id: I14191194b87eeb8028befe5bfecfbfc5c1b935ae
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>

a8a400f7

Merge "Move active_peer and codec config to a separate state." into main am: · 47351726

Treehugger Robot authored 1 year ago

Original change: https://android-review.googlesource.com/c/platform/packages/modules/Bluetooth/+/2984232

Change-Id: Ied9d5ec8316129a42ab246fb584fba0804eac7db
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>

47351726

Merge "Update the imports to androidx.test.filters.*" into main am: am: · ff54ad92

Ram Peri authored 1 year ago

Original change: https://android-review.googlesource.com/c/platform/packages/modules/Bluetooth/+/2984971

Change-Id: I8f2260c09ca1b4f4d571bbeb8c7fd29870ad4f5b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>

ff54ad92

Merge "system/log: Add protection against nullptr string parameters" into main · 7704d54d
Henri Chataing authored 1 year ago

7704d54d
Merge "Move active_peer and codec config to a separate state." into main · b1f4c70d
Treehugger Robot authored 1 year ago

b1f4c70d

Merge "Update the imports to androidx.test.filters.*" into main am: · cdfba4f5

Ram Peri authored 1 year ago

Original change: https://android-review.googlesource.com/c/platform/packages/modules/Bluetooth/+/2984971

Change-Id: Icbeee25d9cd1509885664b3020ec6dc196743225
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>

cdfba4f5

Merge "Update the imports to androidx.test.filters.*" into main · 82171dc6
Ram Peri authored 1 year ago

82171dc6

Merge "LeAudio: Remove the invalid audio set configurations" into main am:... · 8ebcb3e5

Jakub Tyszkowski authored 1 year ago

Merge "LeAudio: Remove the invalid audio set configurations" into main am: d685a0c5 am: e4d88c05

Original change: https://android-review.googlesource.com/c/platform/packages/modules/Bluetooth/+/2969551

Change-Id: I04f5e4b77390c5f011e828db5f30db1820169078
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>

8ebcb3e5

api: GetConnectionState OR state of resolved address · 0a9bc290

Chienyuan Huang authored 1 year ago

Bug: 295010253
Bug: 325333712
Bug: 325333718
Test: atest net_test_btif_stack
Flag: api_get_connection_state_sync_on_main
Change-Id: I002783e030c41be60c17cbb38b217f59010a62c7

0a9bc290