account arrowhead-down arrowhead-up mobile-menu search sm-bold-x x-skinny-rounded x-skinny arrowhead-right social-facebook social-googleplus social-instagram social-linkedin social-pinterest social-qzone social-renren social-tencent social-twitter social-vkontakt social-weibo social-youku social-youtube

Please help us improve our website

Take our customer survey to evaluate your visit.

It should only take a few minutes to answer five quick questions. Just click the Launch survey button at the end of your visit to begin.

cancel
Showing results for 
Search instead for 
Did you mean: 
Tips & Tricks

If you want to get the max out of your Xperia phone then check out Xperia tips page.

Temp Fix Bluetooth Connectivity (File TX, Tether, Stream): Vulnerability found CVE-2017-0781 -0785

SOLVED
Scavenger Hunt Winner
Message 1 of 16
5,494 Views
Message 1 of 16

Temp Fix Bluetooth Connectivity (File TX, Tether, Stream): Vulnerability found CVE-2017-0781 -0785

UPDATED: 12OCT2017

I'm sure google will change things again if they haven't already. But if the latest patch 32.4.A.1.54 did not include the Bluetooth Security Patches - there will be another change to the BT API no doubt.

There's a security Vulnerability to do with Bluetooth discovered in Sept. It's probably the junk I ran in to ... anyhoo... I'm busy compiling the new changes for 32.4.A.1.54  on the Z5C for a rebuild of the TWRP Recovery.

Adios.

CVE-2017-0781 to 0785

 

 

edit wow... i been out of action for a while... just looking at the last date there...

Spoiler
trolling microsoft by shrinking windows 10 pro, home and education on to 1 dvd and down to 3.9GB and posting screenshots on the MSDN forums hurrrrrr hueheu
Spoiler
lelele.PNG

 

 

UPDATED: 20JULY2017

 

Spoiler

one of my devices stored the correct names, the other didn't
the (W)hite device had never been paired to the pc before, while my main Black device had been previously

http://i.imgur.com/xiVkZvu.jpg
http://i.imgur.com/xiVkZvum.jpg


http://i.imgur.com/avyWCNFm.jpg http://i.imgur.com/QnPkCmZm.jpg

 

 

Standard Users having Bluetooth Problems:

  1. Remove All Paired Devices: Done via Bluetooth Settings Menu Page.
  2. Clear Android Bluetooth Data: Done via Apps Menu in Main Settings:
    - Settings >> Apps >> Vertical Triple Dot Menu and "Show System"
    - Find "Bluetooth Share" and select "Storage"
    - "Clear Data" and "Clear Cache"
  3. Turn Off Bluetooth.
  4. Reboot Device with Cache Clear: Done by pressing "Power Button" and "Volume Up" until Device display turns off and device vibrates once.
  5. Turn on device.
  6. Reset Bluetooth Notifications: Done by accessing Bluetooth Share in Apps Menu
    - Settings >> Apps >> Vertical Triple Dot Menu and "Show System"
    - Go to "Notifications"
    - Toggle all settings again, by turning it off and then back to the setting desired
    - Ensure "On the lock screen remains as "Show all notification content" & "Interupts in Priority Only" is left on for next test.
  7. Before pairing new devices, launch the Bluetooth App Menu, and turn on Bluetooth.
  8. Wait in the Bluetooth Menu Page, and select the Vertical Triple Dot Menu and select "Show Received Files"
    - If the "Show Received Files" page does not appear immediately, do not attempt to load other applications. If you are using a 3rd party "Home" launcher app, temporarily go back to the Sony Default Home App.
    - At the "Show Received Files" - if there are any files here, clear all by long press and clear.

    IF THERE WAS A DELAY FOR "SHOW RECEIVED FILES", WAIT UNTIL THERE IS NO DELAY WHEN LAUNCHING OR REPEAT STEP 1 TO 8

    DO NOT REPEATEDLY SELECT "SHOW RECEIVED FILES" AS THIS WILL CAUSE A BACKLOG OF PAGES TO APPEAR

    ONLY ONCE SELECT ONCE, AND WAIT OR REPEAT STEP 1 TO 8

    Screenshot_20170612-140801.png

  9. Pair a computer or another device capable of file transfer.
    - Ensure pairing code matches & that both devices display a successful pairing.
  10. Use Android Storage to access files: Done via Settings Menu >> Storage
    Select a file for transfer with your problem device set to receive the file:
    - Use Bluetooth Share via the "Share" Icon from the Storage app.
    Screenshot_20170612-140627.png  Screenshot_20170612-135552.png  Screenshot_20170612-141127.png
    - Test using a capture taken by the device, but make sure the image file extension is LOWER CASE: <filename>.jpg <filename>.jpeg <filename>.png
    - Test using a text file: ensure that extension is not <filename>.TXT but lower case.

    A POPUP DIALOG SHOULD APPEAR TO ACCEPT ANY FILE TRANSFER.
    IF IT DOES NOT: REPEAT STEP 8


  11. Test transfer with Sending files from the problem device.
    If a file transfer encounters a problem, select the notification from the Notification bar, and repeat the process for "Outbound transfer" menu page - (Step 8 Received File Page)

    Screenshot_20170612-140941.png


    Before Proceeding with Other Bluetooth Connectivity: Ensure that "Outbound Transfer" and "Bluetooth Received" pages are clear.


    Screenshot_20170612-140924.png  Screenshot_20170612-140807.png  Screenshot_20170612aaa-140924.jpg
    ACCESSING THESE PAGES SHOULD BE ALMOST INSTANTANEOUS, IF THERE IS A DELAY, THEN REPEAT THE CACHE CLEAR OR WAIT UNTIL THERE IS NO DELAY


  12. Pair audio device.
    - Test pairing with music stream.
  •   OPTIONAL:
    Test with Bluetooth Tether
    Test with Mirror Link, Miracast, or other Bluetooth services (3rd Party Apps)

 

Root Users Having Bluetooth Problems:

  • Clear Dalvik and ART Cache. Reboot using Power + Volume Up. Clear Cache in Recovery.
  • Repeat Process Above

 

 

 ____________

09 June 2017

Found the cause for some of the problems.

Shared Pref in User_De is missing pretty much all the configurations it needs.

 ____________

05 June 17

Included btopps database corruption examples - view last post

https://talk.sonymobile.com/t5/Xperia-Z5-Z5-Compact-Z5-Premium/Bluetooth-Android-API-Changes-and-Per...

 

 

 

 

=========================================================

ORIGINAL POST

=========================================================

I've been doing some trawling through my log, as I've finally been able to recreate the Nougat issues on my phone that everyone else seems to have that I didn't.

From what I read ( could have misunderstood) the bluetooth and wireless api have had changes from Google to do with security. The result of this means that older hardware does not send the device sufficient parameters for a handshake or data transfer.

Older written apps will cause the system to check for things that it won't find because of permissions, so it loops causing battery drain.

I blame Google for a large part of this

//----------------- C:\》$ Path- Thyme: .trawler //-----------------Auto-Correct Disclaimer: Not sorry. //----------------- Batteries not included.
1 ACCEPTED SOLUTION

Accepted Solutions
Scavenger Hunt Winner
Message 7 of 16
9,182 Views
Message 7 of 16

Re: Bluetooth Android API Changes and Permissions causing port lockout and battery drain

I've figured it out - for File Transfer - the Android Bluettoth App doesn't have sufficient permissions to write to the device.

I'm assuming that these permissions where somehow lost during firmware updates.

I'm able to reproduce the bug, and either force a fail, or a successful transfer.

 

The other apps will have a similar issue regarding Bluetooth connectivity.

 

Now that I know what is causing it - I can start looking at where abouts in the code I should be looking.

 

 

It's more than likely due to a database corruption with during upgrades with Nougat and Marshmallow using Android Runtime, and with Lollipop optimised dexopt
(See first post for temporary solutions)

 

//----------------- C:\》$ Path- Thyme: .trawler //-----------------Auto-Correct Disclaimer: Not sorry. //----------------- Batteries not included.

View solution in original post

15 REPLIES 15
Learner
Message 2 of 16
5,470 Views
Message 2 of 16

Re: Bluetooth Android API Changes and Permissions causing port lockout and battery drain

I have the same problem since the android update 7.
The battery no longer holds. In the settings the bluetooth consumes 55% of the battery, before updating about 5%.
I did not change anything in my use.

Scavenger Hunt Winner
Message 3 of 16
5,450 Views
Message 3 of 16

Re: Bluetooth Android API Changes and Permissions causing port lockout and battery drain

EDIT: I think the 32.3.A.2.33 update may have fixed the Bluetooth issues... I'm going to flash back to 32.3.A.0.376 and just check, I might extract the APK and check that way too

//----------------- C:\》$ Path- Thyme: .trawler //-----------------Auto-Correct Disclaimer: Not sorry. //----------------- Batteries not included.
Scavenger Hunt Winner
Message 4 of 16
5,426 Views
Message 4 of 16

Re: Bluetooth Android API Changes and Permissions causing port lockout and battery drain

Nope.... who's stupid idea was it to lock out Bluetooth app File Receive Folder? Sony or Google?

There's not even an easy way to access Outbound and Inbound transfers... zzzzzzzzzzzzzzzzzzzzzzzzzzzz

You only need one bad connection and it starts a chain reaction where RFCOMM starts being stupid.

com.android.bluetooth means a Google Problem right? Not Sony? or both?

To fix things, everyday users need access to:  rootfs:  /data/user_de/com.android.bluetooth

Which they won't have... because they don't have sufficient privileges.

Cache clearing every error isn't really going to be super effective because it's slow.... and restart is needed.

 

 

//----------------- C:\》$ Path- Thyme: .trawler //-----------------Auto-Correct Disclaimer: Not sorry. //----------------- Batteries not included.
Scavenger Hunt Winner
Message 5 of 16
5,345 Views
Message 5 of 16

Re: Bluetooth Android API Changes and Permissions causing port lockout and battery drain

The deeper I get in to the Android Repo and start looking at language I understand, the more I dislike Android... Google still haven't released a fix because it will break security for other subsystems.

//----------------- C:\》$ Path- Thyme: .trawler //-----------------Auto-Correct Disclaimer: Not sorry. //----------------- Batteries not included.
Scavenger Hunt Winner
Message 6 of 16
5,333 Views
Message 6 of 16

Re: Bluetooth Android API Changes and Permissions causing port lockout and battery drain

Hello,

 

I think I found the reason why some bluetooth activity is failing,

 

Bluetooth share is missing

<uses-permission android:name="android.permission.BLUETOOTH_ADMIN" />

 

 But, I think there are some other issues regarding Bluetooth LE - because of the package upgrade from Lollipop to Marshmallow to Nougat.

It has BLUETOOTH_PRIVILEGED, but I can't see it using or calling any functions from it, and I think Bluetooth share tries to access everything directly, which needs Admin.

 

I'm going to post something at the Xperia Github to discuss

 

Screenshot_20170602-143542.png  Screenshot_20170602-143550.png

 

 

Nope, this isn't it, I just found where the permissions are hiding.

//----------------- C:\》$ Path- Thyme: .trawler //-----------------Auto-Correct Disclaimer: Not sorry. //----------------- Batteries not included.
Scavenger Hunt Winner
Message 7 of 16
9,183 Views
Message 7 of 16

Re: Bluetooth Android API Changes and Permissions causing port lockout and battery drain

I've figured it out - for File Transfer - the Android Bluettoth App doesn't have sufficient permissions to write to the device.

I'm assuming that these permissions where somehow lost during firmware updates.

I'm able to reproduce the bug, and either force a fail, or a successful transfer.

 

The other apps will have a similar issue regarding Bluetooth connectivity.

 

Now that I know what is causing it - I can start looking at where abouts in the code I should be looking.

 

 

It's more than likely due to a database corruption with during upgrades with Nougat and Marshmallow using Android Runtime, and with Lollipop optimised dexopt
(See first post for temporary solutions)

 

//----------------- C:\》$ Path- Thyme: .trawler //-----------------Auto-Correct Disclaimer: Not sorry. //----------------- Batteries not included.

View solution in original post

Highlighted
Scavenger Hunt Winner
Message 8 of 16
5,276 Views
Message 8 of 16

Re: Bluetooth Android API Changes and Permissions causing port lockout and battery drain

I've included some examples of how the database for com.android.bluetooth can become corrupted.

Any users reading this; this is not a Sony fault, but an Android fault, so blame Google.

 

 

I don't know who to contact on the Google end of things, but the whole Bluetooth section for Android is a mess.

Because of how they decided to interface bluetooth on our devices, we don't have a proper management for the "App" and what we have available to us, isn't good enough to rectify the problem.

You won't be able to get Bluetooth working unless you override the security and clear the faults yourself, which no general domestic market user should be expected to have knowledge, or even have to.

 

Screenshot_20170605-205012.pngScreenshot_20170605-205022.png

 

The last data table for Bluetooth keeps track of the sequence - sqlite_sequence

Screenshot_20170605-210938.png  If the sequence doesn't match the final seuquence of what is in the main data table - this is where problems start happenening. I rectified mine to reflect the last working record, and deleted records 34,35,36.

Because the Android Bluetooth app has those operations in it's queue; 34,35,36, it tries to resolve them.

But, because it has no idea what to do, it just throws errors. The next time it loads up, it says... oh I have jobs, let's do them.. 34,35,36.... wait... **bleep** is this... oh crap... .....

 

There's no way for any 3rd party app to fix this, because com.android.bluetooth is a System app.

I could probably hack the build environment and push out a quick fix, but that is not an ideal option... because only Root Access users will be able to install the app, but I don't really see anything where Google has any decent changes to how Bluetooth works in their source server.

 

http://android.googlesource.com/platform/system/bt/

http://android.googlesource.com/platform/packages/apps/Bluetooth/

 

I don't even know which patches will be applied to the final firmware release for the Z5 family.

But I know that nothing has been done about the total lack of user administration for bluetooth, and that's just not good enough.

 

Any advice from the Sony team would be appreciated.

//----------------- C:\》$ Path- Thyme: .trawler //-----------------Auto-Correct Disclaimer: Not sorry. //----------------- Batteries not included.
Adept
Message 9 of 16
5,243 Views
Message 9 of 16

Re: Bluetooth Android API Changes and Permissions causing port lockout and battery drain

after submitting my video, i think i should have posted it here instead to be more accurate anyway.

Scavenger Hunt Winner
Message 10 of 16
5,201 Views
Message 10 of 16

Re: Bluetooth Android API Changes and Permissions causing port lockout and battery drain


@JAI0073 wrote:

after submitting my video, i think i should have posted it here instead to be more accurate anyway.


hi,

yes, currently, there is a very big lag between when bluetooth turns on, and icon display, and when services are actually functional.

you can soft test "show received files".

when that no longer lags in displaying the page fragment for downloaded files, then bluetooth is ready to be used.

 

 

NB:____________

I've factory reset my device and I'm currently diagnosing a working bluetooth framework so I can run a comparison when I force a corruption

//----------------- C:\》$ Path- Thyme: .trawler //-----------------Auto-Correct Disclaimer: Not sorry. //----------------- Batteries not included.