Gitiles
Code Review Sign In
gerrit.omnirom.org / android_packages_apps_Settings / 07dd833a6a8fcdbec84e8ca12fe63f2a3a0954f0^! / . / src / com / android / settings / SettingsPreferenceFragment.java
commit07dd833a6a8fcdbec84e8ca12fe63f2a3a0954f0[log] [tgz]
authorTsung-Mao Fang <tmfang@google.com>Mon Jan 03 18:25:04 2022 +0800
committerTsung-Mao Fang <tmfang@google.com>Wed Jan 05 12:10:00 2022 +0800
tree4a2b13b6e17d0ba2cc4b4e7df0fa035a2be49841
parent1ee60270dff17242748729fb9d0411219495dbc7 [diff] [blame]
FRP bypass defense in the settings app

Over the last few years, there have been a number of
Factory Reset Protection bypass bugs in the SUW flow.
It's unlikely to defense all points from individual apps.

Therefore, we decide to block some critical pages when
user doesn't complete the SUW flow.

Test: Can't open the certain pages in the suw flow.
Fix: 200746457
Bug: 202975040
Fix: 213091525
Fix: 213090835
Fix: 201561699
Fix: 213090827
Fix: 213090875
Change-Id: Ia18f367109df5af7da0a5acad7702898a459d32e

diff --git a/src/com/android/settings/SettingsPreferenceFragment.java b/src/com/android/settings/SettingsPreferenceFragment.java
index 1d6a48d..d3e1c49 100644
--- a/src/com/android/settings/SettingsPreferenceFragment.java
+++ b/src/com/android/settings/SettingsPreferenceFragment.java

@@ -54,6 +54,7 @@
 import com.android.settingslib.widget.LayoutPreference;
 
 import com.google.android.material.appbar.AppBarLayout;
+import com.google.android.setupcompat.util.WizardManagerHelper;
 
 import java.util.UUID;
 
@@ -63,7 +64,7 @@
 public abstract class SettingsPreferenceFragment extends InstrumentedPreferenceFragment
         implements DialogCreatable, HelpResourceProvider, Indexable {
 
-    private static final String TAG = "SettingsPreference";
+    private static final String TAG = "SettingsPreferenceFragment";
 
     private static final String SAVE_HIGHLIGHTED_KEY = "android:preference_highlighted";
 
@@ -122,6 +123,15 @@
     private boolean mPreferenceHighlighted = false;
 
     @Override
+    public void onAttach(Context context) {
+        if (shouldSkipForInitialSUW() && !WizardManagerHelper.isDeviceProvisioned(getContext())) {
+            Log.w(TAG, "Skip " + getClass().getSimpleName() + " before SUW completed.");
+            finish();
+        }
+        super.onAttach(context);
+    }
+
+    @Override
     public void onCreate(Bundle icicle) {
         super.onCreate(icicle);
 
@@ -267,6 +277,16 @@
                 || (mAdapter.getPreferenceAdapterPosition(preference) != RecyclerView.NO_POSITION));
     }
 
+    /**
+     * Whether UI should be skipped in the initial SUW flow.
+     *
+     * @return {@code true} when UI should be skipped in the initial SUW flow.
+     * {@code false} when UI should not be skipped in the initial SUW flow.
+     */
+    protected boolean shouldSkipForInitialSUW() {
+        return false;
+    }
+
     protected void onDataSetChanged() {
         highlightPreferenceIfNeeded();
         updateEmptyView();