Loading packages/SettingsProvider/src/com/android/providers/settings/SettingsProvider.java +13 −4 Original line number Diff line number Diff line Loading @@ -3075,6 +3075,15 @@ public class SettingsProvider extends ContentProvider { return settingsState.getSettingLocked(name); } private boolean shouldExcludeSettingFromReset(Setting setting, String prefix) { // If a prefix was specified, exclude settings whose names don't start with it. if (prefix != null && !setting.getName().startsWith(prefix)) { return true; } // Never reset SECURE_FRP_MODE, as it could be abused to bypass FRP via RescueParty. return Secure.SECURE_FRP_MODE.equals(setting.getName()); } public void resetSettingsLocked(int type, int userId, String packageName, int mode, String tag) { resetSettingsLocked(type, userId, packageName, mode, tag, /*prefix=*/ Loading @@ -3097,7 +3106,7 @@ public class SettingsProvider extends ContentProvider { Setting setting = settingsState.getSettingLocked(name); if (packageName.equals(setting.getPackageName())) { if ((tag != null && !tag.equals(setting.getTag())) || (prefix != null && !setting.getName().startsWith(prefix))) { || shouldExcludeSettingFromReset(setting, prefix)) { continue; } if (settingsState.resetSettingLocked(name)) { Loading @@ -3117,7 +3126,7 @@ public class SettingsProvider extends ContentProvider { Setting setting = settingsState.getSettingLocked(name); if (!SettingsState.isSystemPackage(getContext(), setting.getPackageName())) { if (prefix != null && !setting.getName().startsWith(prefix)) { if (shouldExcludeSettingFromReset(setting, prefix)) { continue; } if (settingsState.resetSettingLocked(name)) { Loading @@ -3137,7 +3146,7 @@ public class SettingsProvider extends ContentProvider { Setting setting = settingsState.getSettingLocked(name); if (!SettingsState.isSystemPackage(getContext(), setting.getPackageName())) { if (prefix != null && !setting.getName().startsWith(prefix)) { if (shouldExcludeSettingFromReset(setting, prefix)) { continue; } if (setting.isDefaultFromSystem()) { Loading @@ -3160,7 +3169,7 @@ public class SettingsProvider extends ContentProvider { for (String name : settingsState.getSettingNamesLocked()) { Setting setting = settingsState.getSettingLocked(name); boolean someSettingChanged = false; if (prefix != null && !setting.getName().startsWith(prefix)) { if (shouldExcludeSettingFromReset(setting, prefix)) { continue; } if (setting.isDefaultFromSystem()) { Loading packages/SettingsProvider/test/src/com/android/providers/settings/SettingsProviderTest.java +25 −0 Original line number Diff line number Diff line Loading @@ -466,6 +466,31 @@ public class SettingsProviderTest extends BaseSettingsProviderTest { } } // To prevent FRP bypasses, the SECURE_FRP_MODE setting should not be reset when all other // settings are reset. But it should still be possible to explicitly set its value. @Test public void testSecureFrpModeSettingCannotBeReset() throws Exception { final String name = Settings.Secure.SECURE_FRP_MODE; final String origValue = getSetting(SETTING_TYPE_GLOBAL, name); setSettingViaShell(SETTING_TYPE_GLOBAL, name, "1", false); try { assertEquals("1", getSetting(SETTING_TYPE_GLOBAL, name)); for (int type : new int[] { SETTING_TYPE_GLOBAL, SETTING_TYPE_SECURE }) { resetSettingsViaShell(type, Settings.RESET_MODE_UNTRUSTED_DEFAULTS); resetSettingsViaShell(type, Settings.RESET_MODE_UNTRUSTED_CHANGES); resetSettingsViaShell(type, Settings.RESET_MODE_TRUSTED_DEFAULTS); } // The value should still be "1". It should not have been reset to null. assertEquals("1", getSetting(SETTING_TYPE_GLOBAL, name)); // It should still be possible to explicitly set the value to "0". setSettingViaShell(SETTING_TYPE_GLOBAL, name, "0", false); assertEquals("0", getSetting(SETTING_TYPE_GLOBAL, name)); } finally { setSettingViaShell(SETTING_TYPE_GLOBAL, name, origValue, false); assertEquals(origValue, getSetting(SETTING_TYPE_GLOBAL, name)); } } private void doTestQueryStringInBracketsViaProviderApiForType(int type) { // Make sure we have a clean slate. deleteStringViaProviderApi(type, FAKE_SETTING_NAME); Loading Loading
packages/SettingsProvider/src/com/android/providers/settings/SettingsProvider.java +13 −4 Original line number Diff line number Diff line Loading @@ -3075,6 +3075,15 @@ public class SettingsProvider extends ContentProvider { return settingsState.getSettingLocked(name); } private boolean shouldExcludeSettingFromReset(Setting setting, String prefix) { // If a prefix was specified, exclude settings whose names don't start with it. if (prefix != null && !setting.getName().startsWith(prefix)) { return true; } // Never reset SECURE_FRP_MODE, as it could be abused to bypass FRP via RescueParty. return Secure.SECURE_FRP_MODE.equals(setting.getName()); } public void resetSettingsLocked(int type, int userId, String packageName, int mode, String tag) { resetSettingsLocked(type, userId, packageName, mode, tag, /*prefix=*/ Loading @@ -3097,7 +3106,7 @@ public class SettingsProvider extends ContentProvider { Setting setting = settingsState.getSettingLocked(name); if (packageName.equals(setting.getPackageName())) { if ((tag != null && !tag.equals(setting.getTag())) || (prefix != null && !setting.getName().startsWith(prefix))) { || shouldExcludeSettingFromReset(setting, prefix)) { continue; } if (settingsState.resetSettingLocked(name)) { Loading @@ -3117,7 +3126,7 @@ public class SettingsProvider extends ContentProvider { Setting setting = settingsState.getSettingLocked(name); if (!SettingsState.isSystemPackage(getContext(), setting.getPackageName())) { if (prefix != null && !setting.getName().startsWith(prefix)) { if (shouldExcludeSettingFromReset(setting, prefix)) { continue; } if (settingsState.resetSettingLocked(name)) { Loading @@ -3137,7 +3146,7 @@ public class SettingsProvider extends ContentProvider { Setting setting = settingsState.getSettingLocked(name); if (!SettingsState.isSystemPackage(getContext(), setting.getPackageName())) { if (prefix != null && !setting.getName().startsWith(prefix)) { if (shouldExcludeSettingFromReset(setting, prefix)) { continue; } if (setting.isDefaultFromSystem()) { Loading @@ -3160,7 +3169,7 @@ public class SettingsProvider extends ContentProvider { for (String name : settingsState.getSettingNamesLocked()) { Setting setting = settingsState.getSettingLocked(name); boolean someSettingChanged = false; if (prefix != null && !setting.getName().startsWith(prefix)) { if (shouldExcludeSettingFromReset(setting, prefix)) { continue; } if (setting.isDefaultFromSystem()) { Loading
packages/SettingsProvider/test/src/com/android/providers/settings/SettingsProviderTest.java +25 −0 Original line number Diff line number Diff line Loading @@ -466,6 +466,31 @@ public class SettingsProviderTest extends BaseSettingsProviderTest { } } // To prevent FRP bypasses, the SECURE_FRP_MODE setting should not be reset when all other // settings are reset. But it should still be possible to explicitly set its value. @Test public void testSecureFrpModeSettingCannotBeReset() throws Exception { final String name = Settings.Secure.SECURE_FRP_MODE; final String origValue = getSetting(SETTING_TYPE_GLOBAL, name); setSettingViaShell(SETTING_TYPE_GLOBAL, name, "1", false); try { assertEquals("1", getSetting(SETTING_TYPE_GLOBAL, name)); for (int type : new int[] { SETTING_TYPE_GLOBAL, SETTING_TYPE_SECURE }) { resetSettingsViaShell(type, Settings.RESET_MODE_UNTRUSTED_DEFAULTS); resetSettingsViaShell(type, Settings.RESET_MODE_UNTRUSTED_CHANGES); resetSettingsViaShell(type, Settings.RESET_MODE_TRUSTED_DEFAULTS); } // The value should still be "1". It should not have been reset to null. assertEquals("1", getSetting(SETTING_TYPE_GLOBAL, name)); // It should still be possible to explicitly set the value to "0". setSettingViaShell(SETTING_TYPE_GLOBAL, name, "0", false); assertEquals("0", getSetting(SETTING_TYPE_GLOBAL, name)); } finally { setSettingViaShell(SETTING_TYPE_GLOBAL, name, origValue, false); assertEquals(origValue, getSetting(SETTING_TYPE_GLOBAL, name)); } } private void doTestQueryStringInBracketsViaProviderApiForType(int type) { // Make sure we have a clean slate. deleteStringViaProviderApi(type, FAKE_SETTING_NAME); Loading
