Please review - security-patch-bunch [until Android 4.4.3 r1] #1

Moritz Bandemer replicant at posteo.mx
Thu Apr 2 22:29:17 UTC 2015


I've merged the following patches to the Replicant sources and 
successfully recompiled/flashed Replicant after that for/on my device:

#	https://android.googlesource.com/platform/frameworks/base/+/68b13ba
# 
	https://android.googlesource.com/platform/packages/apps/Phone/+/fff2f9b
	Secure broadcasts, which prevents 3rd party spoofing.
	Bug: 7622253
	Patch-file #1: Bugfix-7622253.patch
	Patch-file #2: Bugfix-7622253-Phone.patch
#	https://android.googlesource.com/platform/frameworks/base/+/a2bdffe
	Prevent SecurityException from crashing Recents
	Bug: 6787477
	Patch-file: Bugfix-6787477.patch
#	https://android.googlesource.com/platform/libcore/+/67ff477
	Fix Security2Test counting
	The test was counting the wrong thing. The alias code path is only 
triggered by X509 and X.509. This worked when there was only 2 providers 
that pointed at the opposites. When there were three the problem showed 
up since it wasn't incrementing the right one.
	Patch-file: Fix-Security2Test-counting.patch
#	https://android.googlesource.com/platform/cts/+/1b08aab
	Add character devices to the insecure devices test.
	Patch-file: Add-char-dvc2insec-dvc-test.patch
#	https://android.googlesource.com/platform/cts/+/96bc825
	BannedFilesTest: Detect devices vulnerable to the cmdclient privilege 
escalation bug.
	Patch-file: Fix-cmdclient-BannedFilesTest.patch
#	https://android.googlesource.com/platform/packages/apps/Email/+/54c88ff
	Show an error on security exception for attachments.
	This uses an existing notification for bad forwarding. The text is a 
bit odd ("Attachment not forwarded") but avoids adding new text right 
now, and at least conveys the error.
	Bug: 8417004
	Patch-file: Bugfix-8417004.patch
#	https://android.googlesource.com/platform/packages/apps/Email/+/5ab92ca
	Ensure security policy notifications are shown
	Bug: 8510828
	Patch-file: Bugfix-8510828.patch

Finally I've tested this productive device several weeks without any 
misbehavior.

Replicant ticket reference: http://redmine.replicant.us/issues/1263

Please review the patches attached [one by one or all together] and 
apply them, if you like.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Add-char-dvc2insec-dvc-test.patch
Type: text/x-diff
Size: 4372 bytes
Desc: not available
URL: <http://lists.osuosl.org/pipermail/replicant/attachments/20150403/e3d467d7/attachment-0008.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Bugfix-6787477.patch
Type: text/x-diff
Size: 1636 bytes
Desc: not available
URL: <http://lists.osuosl.org/pipermail/replicant/attachments/20150403/e3d467d7/attachment-0009.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Bugfix-7622253.patch
Type: text/x-diff
Size: 1206 bytes
Desc: not available
URL: <http://lists.osuosl.org/pipermail/replicant/attachments/20150403/e3d467d7/attachment-0010.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Bugfix-7622253-Phone.patch
Type: text/x-diff
Size: 1340 bytes
Desc: not available
URL: <http://lists.osuosl.org/pipermail/replicant/attachments/20150403/e3d467d7/attachment-0011.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Bugfix-8417004.patch
Type: text/x-diff
Size: 3272 bytes
Desc: not available
URL: <http://lists.osuosl.org/pipermail/replicant/attachments/20150403/e3d467d7/attachment-0012.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Bugfix-8510828.patch
Type: text/x-diff
Size: 1578 bytes
Desc: not available
URL: <http://lists.osuosl.org/pipermail/replicant/attachments/20150403/e3d467d7/attachment-0013.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Fix-cmdclient-BannedFilesTest.patch
Type: text/x-diff
Size: 1443 bytes
Desc: not available
URL: <http://lists.osuosl.org/pipermail/replicant/attachments/20150403/e3d467d7/attachment-0014.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Fix-Security2Test-counting.patch
Type: text/x-diff
Size: 2778 bytes
Desc: not available
URL: <http://lists.osuosl.org/pipermail/replicant/attachments/20150403/e3d467d7/attachment-0015.bin>


More information about the Replicant mailing list