commit f48bf9a2e7c728d7010f8c9ad047fa76a869d3d4
author Taran Singh <tarandeep@google.com> Mon Oct 14 21:59:07 2024 +0000
committer Android Build Coastguard Worker <android-build-coastguard-worker@google.com> Wed Apr 09 15:17:15 2025 -0700
tree ffe4dc67a29e641d38249a4019308392dfcbc87e
parent 3c1515f4d1942f2453554315a576ed874703f78b

DO NOT MERGE: Verify KeyEvents in IME

Malicious app can inject fabricated InputEvents into IME's FD which can
do tinker with special shortcuts like switching IME.
With this CL, all KeyEvents with modifiers OR indicated sensitive by IME will be
verified before being dispatched to IME.

For any events that are replayed, verify timestamp.

Bug: 331730488
Test: atest CtsInputMethodTestCases InputMethodServiceTest
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:8d730cf69b864336fd492c88049efc937fac6b61)
Merged-In: I6589cc73839acb6b2c3f9256c664b5db7e1ade8a
Change-Id: I6589cc73839acb6b2c3f9256c664b5db7e1ade8a