From 3c8c235758569018f7877570431874c6dcf22527 Mon Sep 17 00:00:00 2001 From: Tad Date: Sat, 3 Dec 2022 23:05:25 -0500 Subject: [PATCH] Ugly workaround For bug exposed after: https://review.lineageos.org/c/LineageOS/android_frameworks_base/+/344890 Signed-off-by: Tad --- .../0029-NetSDKSandboxCrash.patch | 56 +++++++++++++++++++ Scripts/LineageOS-20.0/Patch.sh | 1 + 2 files changed, 57 insertions(+) create mode 100644 Patches/LineageOS-20.0/android_frameworks_base/0029-NetSDKSandboxCrash.patch diff --git a/Patches/LineageOS-20.0/android_frameworks_base/0029-NetSDKSandboxCrash.patch b/Patches/LineageOS-20.0/android_frameworks_base/0029-NetSDKSandboxCrash.patch new file mode 100644 index 00000000..e56b1dc8 --- /dev/null +++ b/Patches/LineageOS-20.0/android_frameworks_base/0029-NetSDKSandboxCrash.patch @@ -0,0 +1,56 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Tad +Date: Sat, 3 Dec 2022 23:00:52 -0500 +Subject: [PATCH] Don't crash system when adding SDK sandbox rules + +This is an ugly hack to prevent bailing and help debug. + +12-03 17:15:29.395 1406 1737 E AndroidRuntime: *** FATAL EXCEPTION IN SYSTEM PROCESS: NetworkPolicy.uid +12-03 17:15:29.395 1406 1737 E AndroidRuntime: java.lang.ArrayIndexOutOfBoundsException: Array index out of range: 103 +12-03 17:15:29.395 1406 1737 E AndroidRuntime: at android.util.SparseIntArray.keyAt(SparseIntArray.java:183) +12-03 17:15:29.395 1406 1737 E AndroidRuntime: at com.android.server.net.NetworkPolicyManagerService.addSdkSandboxUidsIfNeeded(NetworkPolicyManagerService.java:5982) +12-03 17:15:29.395 1406 1737 E AndroidRuntime: at com.android.server.net.NetworkPolicyManagerService.setUidFirewallRulesUL(NetworkPolicyManagerService.java:6002) +12-03 17:15:29.395 1406 1737 E AndroidRuntime: at com.android.server.net.NetworkPolicyManagerService.updateRestrictedModeAllowlistUL(NetworkPolicyManagerService.java:4454) +12-03 17:15:29.395 1406 1737 E AndroidRuntime: at com.android.server.net.NetworkPolicyManagerService$12.onAvailable(NetworkPolicyManagerService.java:1449) +12-03 17:15:29.395 1406 1737 E AndroidRuntime: at android.net.ConnectivityManager$NetworkCallback.onAvailable(ConnectivityManager.java:3801) +12-03 17:15:29.395 1406 1737 E AndroidRuntime: at android.net.ConnectivityManager$NetworkCallback.onAvailable(ConnectivityManager.java:3783) +12-03 17:15:29.395 1406 1737 E AndroidRuntime: at android.net.ConnectivityManager$CallbackHandler.handleMessage(ConnectivityManager.java:4107) +12-03 17:15:29.395 1406 1737 E AndroidRuntime: at android.os.Handler.dispatchMessage(Handler.java:106) +12-03 17:15:29.395 1406 1737 E AndroidRuntime: at android.os.Looper.loopOnce(Looper.java:201) +12-03 17:15:29.395 1406 1737 E AndroidRuntime: at android.os.Looper.loop(Looper.java:288) +12-03 17:15:29.395 1406 1737 E AndroidRuntime: at android.os.HandlerThread.run(HandlerThread.java:67) +12-03 17:15:29.395 1406 1737 E AndroidRuntime: at com.android.server.ServiceThread.run(ServiceThread.java:44) +12-03 17:15:29.396 1406 1737 I am_crash: [1406,0,system_server,-1,java.lang.ArrayIndexOutOfBoundsException,Array index out of range: 103,SparseIntArray.java,183] + +Change-Id: I97fead6014ba47e107a90c57e12584b656a8e220 +Signed-off-by: Tad +--- + .../server/net/NetworkPolicyManagerService.java | 14 +++++++++----- + 1 file changed, 9 insertions(+), 5 deletions(-) + +diff --git a/services/core/java/com/android/server/net/NetworkPolicyManagerService.java b/services/core/java/com/android/server/net/NetworkPolicyManagerService.java +index 44f8e76c4dd0..030d4f23b11d 100644 +--- a/services/core/java/com/android/server/net/NetworkPolicyManagerService.java ++++ b/services/core/java/com/android/server/net/NetworkPolicyManagerService.java +@@ -5978,12 +5978,16 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub { + private void addSdkSandboxUidsIfNeeded(SparseIntArray uidRules) { + final int size = uidRules.size(); + final SparseIntArray sdkSandboxUids = new SparseIntArray(); +- for (int index = 0; index < size; index++) { +- final int uid = uidRules.keyAt(index); +- final int rule = uidRules.valueAt(index); +- if (Process.isApplicationUid(uid)) { +- sdkSandboxUids.put(Process.toSdkSandboxUid(uid), rule); ++ try { ++ for (int index = 0; index < size; index++) { ++ final int uid = uidRules.keyAt(index); ++ final int rule = uidRules.valueAt(index); ++ if (Process.isApplicationUid(uid)) { ++ sdkSandboxUids.put(Process.toSdkSandboxUid(uid), rule); ++ } + } ++ } catch (Exception e) { ++ Log.e(TAG, "problem setting sandbox uid rules, size: " + size, e); + } + + for (int index = 0; index < sdkSandboxUids.size(); index++) { diff --git a/Scripts/LineageOS-20.0/Patch.sh b/Scripts/LineageOS-20.0/Patch.sh index 77ed9642..335c43b9 100644 --- a/Scripts/LineageOS-20.0/Patch.sh +++ b/Scripts/LineageOS-20.0/Patch.sh @@ -177,6 +177,7 @@ applyPatch "$DOS_PATCHES/android_frameworks_base/0023-Skip_Screen_Animation.patc applyPatch "$DOS_PATCHES/android_frameworks_base/0026-Crash_Details.patch"; #Add an option to show the details of an application error to the user (GrapheneOS) applyPatch "$DOS_PATCHES/android_frameworks_base/0027-Installer_Glitch.patch"; #Make sure PackageInstaller UI returns a result (GrapheneOS) applyPatch "$DOS_PATCHES/android_frameworks_base/0028-Remove_Legacy_Package_Query.patch"; #Don't leak device-wide package list to apps when work profile is present (GrapheneOS) +applyPatch "$DOS_PATCHES/android_frameworks_base/0029-NetSDKSandboxCrash.patch"; #Don't crash system when adding SDK sandbox rules (DivestOS) hardenLocationConf services/core/java/com/android/server/location/gnss/gps_debug.conf; #Harden the default GPS config changeDefaultDNS; #Change the default DNS servers sed -i 's/DEFAULT_USE_COMPACTION = false;/DEFAULT_USE_COMPACTION = true;/' services/core/java/com/android/server/am/CachedAppOptimizer.java; #Enable app compaction by default (GrapheneOS)