search

GrapheneOS / os-issue-tracker

Issue tracker for GrapheneOS Android Open Source Project hardening work. Standalone projects like Auditor, AttestationServer and hardened_malloc have their own dedicated trackers.
https://grapheneos.org/
348 stars 19 forks source link

Crash in Sandboxed Play Services from unknown tracker alerts settings #3621

Open omentic opened 3 months ago

omentic commented 3 months ago

I had heard Android updated to include location tracking protection, so I went to check it out in Settings. Despite having Bluetooth enabled, I was greeted with this screen: Screenshot_20240609-212224

Tapping "Turn on" crashed the Sandboxed Play Services with the following backtrace:

type: crash
osVersion: google/sunfish/sunfish:13/TQ3A.230805.001.S1/2024060600:user/release-keys
package: com.google.android.gms:242213038
process: com.google.android.gms.ui
processUptime: 13598 + 323 ms
installer: com.android.vending
GmsCompatConfig version: 117

java.lang.SecurityException: Permission Denial: starting Intent { act=android.bluetooth.adapter.action.REQUEST_ENABLE cmp=com.android.settings/.bluetooth.RequestPermissionActivity } from ProcessRecord{cde2cbc 25380:com.google.android.gms.ui/u0a257} (pid=25380, uid=10257) requires android.permission.BLUETOOTH_CONNECT
    at android.os.Parcel.createExceptionOrNull(Parcel.java:3020)
    at android.os.Parcel.createException(Parcel.java:3004)
    at android.os.Parcel.readException(Parcel.java:2980)
    at android.os.Parcel.readException(Parcel.java:2922)
    at android.app.IActivityTaskManager$Stub$Proxy.startActivity(IActivityTaskManager.java:2054)
    at android.app.Instrumentation.execStartActivity(Instrumentation.java:1840)
    at android.app.Activity.startActivityForResult(Activity.java:5554)
    at pqa.platform_startActivityForResult(:com.google.android.gms@242213038@24.22.13 (190400-638740827):2)
    at ajgt.platform_startActivityForResult(:com.google.android.gms@242213038@24.22.13 (190400-638740827):4)
    at ppz.startActivityForResult(:com.google.android.gms@242213038@24.22.13 (190400-638740827):2)
    at com.google.android.chimera.android.Activity.startActivityForResult(:com.google.android.gms@242213038@24.22.13 (190400-638740827):2)
    at ptz.startActivityForResult(:com.google.android.gms@242213038@24.22.13 (190400-638740827):2)
    at ppz.public_startActivityForResult(:com.google.android.gms@242213038@24.22.13 (190400-638740827):2)
    at pqa.startActivityForResult(:com.google.android.gms@242213038@24.22.13 (190400-638740827):3)
    at android.app.Activity.startActivityForResult(Activity.java:5473)
    at pqa.platform_startActivityForResult(:com.google.android.gms@242213038@24.22.13 (190400-638740827):1)
    at ajgt.platform_startActivityForResult(:com.google.android.gms@242213038@24.22.13 (190400-638740827):2)
    at ppz.startActivityForResult(:com.google.android.gms@242213038@24.22.13 (190400-638740827):1)
    at com.google.android.chimera.android.Activity.startActivityForResult(:com.google.android.gms@242213038@24.22.13 (190400-638740827):1)
    at ptz.startActivityForResult(:com.google.android.gms@242213038@24.22.13 (190400-638740827):1)
    at ppz.public_startActivityForResult(:com.google.android.gms@242213038@24.22.13 (190400-638740827):1)
    at pqa.startActivityForResult(:com.google.android.gms@242213038@24.22.13 (190400-638740827):1)
    at android.app.Activity.startActivity(Activity.java:6010)
    at pqa.platform_startActivity(:com.google.android.gms@242213038@24.22.13 (190400-638740827):2)
    at ajgt.platform_startActivity(:com.google.android.gms@242213038@24.22.13 (190400-638740827):4)
    at ppz.startActivity(:com.google.android.gms@242213038@24.22.13 (190400-638740827):2)
    at com.google.android.chimera.android.Activity.startActivity(:com.google.android.gms@242213038@24.22.13 (190400-638740827):2)
    at ppz.public_startActivity(:com.google.android.gms@242213038@24.22.13 (190400-638740827):2)
    at pqa.startActivity(:com.google.android.gms@242213038@24.22.13 (190400-638740827):3)
    at android.app.Activity.startActivity(Activity.java:5977)
    at pqa.platform_startActivity(:com.google.android.gms@242213038@24.22.13 (190400-638740827):1)
    at ajgt.platform_startActivity(:com.google.android.gms@242213038@24.22.13 (190400-638740827):2)
    at ppz.startActivity(:com.google.android.gms@242213038@24.22.13 (190400-638740827):1)
    at com.google.android.chimera.android.Activity.startActivity(:com.google.android.gms@242213038@24.22.13 (190400-638740827):1)
    at eioe.onClick(:com.google.android.gms@242213038@24.22.13 (190400-638740827):18)
    at android.view.View.performClick(View.java:7542)
    at android.view.View.performClickInternal(View.java:7519)
    at android.view.View.-$$Nest$mperformClickInternal(Unknown Source:0)
    at android.view.View$PerformClick.run(View.java:29476)
    at android.os.Handler.handleCallback(Handler.java:942)
    at android.os.Handler.dispatchMessage(Handler.java:99)
    at android.os.Looper.loopOnce(Looper.java:201)
    at android.os.Looper.loop(Looper.java:288)
    at android.app.ActivityThread.main(ActivityThread.java:7940)
    at java.lang.reflect.Method.invoke(Native Method)
    at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:548)
    at com.android.internal.os.ExecInit.main(ExecInit.java:49)
    at com.android.internal.os.RuntimeInit.nativeFinishInit(Native Method)
    at com.android.internal.os.RuntimeInit.main(RuntimeInit.java:355)
Caused by: android.os.RemoteException: Remote stack trace:
    at com.android.server.wm.ActivityTaskSupervisor.checkStartAnyActivityPermission(ActivityTaskSupervisor.java:1113)
    at com.android.server.wm.ActivityStarter.executeRequest(ActivityStarter.java:1021)
    at com.android.server.wm.ActivityStarter.execute(ActivityStarter.java:703)
    at com.android.server.wm.ActivityTaskManagerService.startActivityAsUser(ActivityTaskManagerService.java:1293)
    at com.android.server.wm.ActivityTaskManagerService.startActivityAsUser(ActivityTaskManagerService.java:1234)
thestinger commented 3 months ago

Did you try granting the Nearby Devices permission? That's going to be required. Location may not be, unsure.

omentic commented 3 months ago

The Settings app looks to have access to it, yes. Location is apparently needed for automatic scans (possibly a battery life thing?) but not for manual scans.

thestinger commented 3 months ago

Sandboxed Google Play, not settings.

omentic commented 3 months ago

Ah - yup, that fixes it!

thestinger commented 3 months ago

You may be able to let it work when Bluetooth is off with Bluetooth scanning toggle in Location settings. We haven't tested this and don't know how well it's going to work. It's unfortunate it's part of Google Play but that's to be expected or it couldn't have been backported the way it was.