OSDN Git Service
Robert Carr [Fri, 15 Feb 2019 23:48:11 +0000 (15:48 -0800)]
[RESTRICT AUTOMERGE]: Exclude secure layers from most screenshots taken by the system server.
In pre-P versions of Android, it was allowed to screenshot secure layers if the
buffer queue producer which was the target of the screenshot was owned by
the system (in this case SurfaceFlinger). This really was a synonym for:
The screen rotation animation was allowed to capture secure layers, but the other
code paths weren't. In O we mistakenly changed this check to always allow the system server
to capture secure layers via the captureScreen path (the captureLayers path used for
TaskSnapshots was unaffected). This can result in data leakage in cases where the
system server takes screenshots on behalf of other parts of the system (e.g. for
the assistant). To mitigate this we provide an explicit switch for the system server
to specify whether it wishes to capture Secure layers. While this is dangerous, I think
it is less dangerous than the previous implicit switch of capturing secure layers based on which
type of BufferQueue was passed in. The flag defaults to not capturing secure layers
and we set it to true in the one place we need it (for the screen rotation animation).
Non privileged clients can still not capture secure layers at all directly.
Test: TransactionTest.cpp#SetFlagsSecureEUidSystem
Bug:
120610669
Change-Id: I9d32c5ac2b005059be9f464859a415167d9ddbd4
(cherry picked from commit
dc49e0088a05108a0616704ca5565136f89c0a1f)
Steven Moreland [Thu, 18 Apr 2019 23:32:42 +0000 (16:32 -0700)]
HwBlob: s/malloc/calloc/
Since this blob is passed between processes.
We could potentially only memset portions of the blob as it is
written to. However, the JHwBlob API itself doesn't have to have
writes in order (even though known usages of it do write in order).
Because of this, keeping track of which bytes to pad would be too
expensive.
Bug:
131356202
Test: boot, hidl_test_java
Change-Id: I48f4d7cb20c4bfe747dd323ae3744d323ad097c9
Merged-In: I48f4d7cb20c4bfe747dd323ae3744d323ad097c9
(cherry picked from commit
d8157bc094569bee74976df2585d632f1793e226)
Greg Wroblewski [Fri, 19 Apr 2019 21:04:01 +0000 (14:04 -0700)]
SUPL ES Extension - June 2019 rollup
Bug:
112159033
ASB: 2019-06
Change-Id: Iaf4b0295e726658852272de1cf857d9d55b63276
Julia Reynolds [Wed, 27 Mar 2019 16:15:57 +0000 (12:15 -0400)]
Add cross user permission check - areNotificationsEnabledForPackage
Test: atest
Fixes:
128599467
Change-Id: I13a0ca7590f8c4b44379730e0ee2088aba400c2a
Merged-In: I13a0ca7590f8c4b44379730e0ee2088aba400c2a
(cherry picked from commit
657d164136199126ae241848887de0230699cea0)
(cherry picked from commit
63846a7093ca7c6d89b73fc77bdff267b3ecb4ef)
Pavel Grafov [Wed, 10 Apr 2019 11:47:25 +0000 (12:47 +0100)]
Limit IsSeparateProfileChallengeAllowed to system callers
Fixes:
128599668
Test: build, set up separate challenge
Change-Id: I2fef9ab13614627c0f1bcca04759d0974fc6181a
(cherry picked from commit
1b6301cf2430f192c9842a05fc22984d782bade9)
Varun Shah [Wed, 20 Mar 2019 18:10:33 +0000 (11:10 -0700)]
Added missing permission check to isPackageDeviceAdminOnAnyUser.
Added a check for the MANAGE_USERS permission to
PackageManagerService#isPackageDeviceAdminOnAnyUser.
To test that the method is still usable:
1) Enable virtual storage via: adb shell sm set-virtual-disk true
2) Follow instructions by clicking on notification to set up virtual storage
3) Go to Settings -> Apps & notifications -> See all X apps
4) Click on any non-system app (example Instagram)
5) Tap Storage and you should see a "Change" button (if not, choose another app)
6) Tap Change and you should see Internal and Virtual storage options listed
7) The above step confirms the method is still usable by Settings
Bug:
128599183
Test: SafetyNet logging (steps listed above)
Change-Id: I989f1daf52a71f6c778ebd81baa6f1bf83e9a718
Merged-In: I36521fa43daab399e08869647326a7ac32d1e512
(cherry picked from commit
18e7dedf6c35f07daf8b7239d501737745ac7f43)
Jack He [Thu, 21 Mar 2019 00:38:11 +0000 (17:38 -0700)]
DO NOT MERGE Atoms: Add BluetoothClassicPairingEvent
* Add BluetoothClassicPairingEvent to log pairing and encryption
related statistics
Bug:
124301137
Test: test drive with statsd
Change-Id: Idca6f6d340e03af91c5a6fb4102666d44167635b
(cherry picked from commit
6110c95184c6ca0265ebc39235ca81da21c0483d)
WyattRiley [Thu, 28 Feb 2019 20:05:56 +0000 (12:05 -0800)]
DO NOT MERGE - SUPL ES Extension - Safer Init and Not After Boot
Safe order of pointer setting and background thread start
Verifying mCallEndElapsedRealtimeMillis is not the initial value
Bug:
112159033
Bug:
115361555
Bug:
125124724
Test: Verified not-after-boot with test code b/
115361555#comment14
Test: Reproed NPE with test thread sleep and verify fix
Change-Id: I25dcd5a5b36c218ea8b7ab88d6909382709fd7ab
(cherry picked from commit
fbcb41f9fbc4e91e023f3103a391182600312ef7)
JP Sugarbroad [Mon, 25 Feb 2019 21:55:49 +0000 (13:55 -0800)]
Revert "Adding SUPL NI Emergency Extension Time"
This reverts commit
13d3aecd1b00d4a0b323d007e997d2546d2babc4.
Adrian Roos [Mon, 7 Jan 2019 15:57:31 +0000 (16:57 +0100)]
DPM: Fix regression from I54376f60ac53451ace22965d331b47cd8c2e614e
Fixes an issue where setting a password via DPM would never
satisfy a QUALITY_COMPLEX password requirement.
Change-Id: I3fbc952bd44291ac22728c626b128fc0c1aae232
Merged-In: I3fbc952bd44291ac22728c626b128fc0c1aae232
Fixes:
120915644
Bug:
110172241
Test: atest 'com.android.cts.devicepolicy.DeviceAdminHostSideTestApi24#testRunDeviceOwnerPasswordTest'
Test: Set credential via DPM.resetPassword(), factory reset device to trigger FRP, verify FRP shows.
(cherry picked from commit
ea8d82c08a9d489a48ef810d7c40a4d20f806aa0)
(cherry picked from commit
b122ae9660526c83d4a7bf1c1f99107afee23001)
Abodunrinwa Toki [Thu, 29 Nov 2018 13:51:56 +0000 (13:51 +0000)]
RESTRICT AUTOMERGE Do not linkify text with RLO/LRO characters.
Also don't show smart actions for selections in text with unsupported
characters.
Bug:
116321860
Test: atest android.view.textclassifier.TextClassificationManagerTest \
android.text.util.cts.LinkifyTest \
android.text.util.LinkifyTest \
android.widget.TextViewActivityTest
Change-Id: I01b5e936aa4dfc937a98f50e9fc8171666861a61
(cherry picked from commit
a69950ce18f85ea8514083a5e175450e17e93565)
WyattRiley [Thu, 6 Dec 2018 19:43:58 +0000 (11:43 -0800)]
Adding SUPL NI Emergency Extension Time
Configurable by carrier config.xml resource
Bug:
118839234
Bug:
115361555
Bug:
112159033
Test: On device, see b/
115361555#comment14
Change-Id: I52e61656cca8b6fa6468d32d2e69bf60f4c83c61
(cherry picked from commit
a725dd6650846090f70ed9811f1a94f036ab3f29)
Adrian Roos [Thu, 6 Dec 2018 16:50:41 +0000 (17:50 +0100)]
FRP: save password quality in DPM.resetPassword
When setting a password from DPM.resetPassword(), the actual quality of the
password was not passed to LockSettingsService (instead, the minimum required
quality was passed which is often UNSPECIFIED). As a result, during FRP we
would see inconsistent state and skip it.
Bug:
110172241
Test: Set credential via DPM.resetPassword(), factory reset device to trigger FRP, verify FRP shows.
Change-Id: I54376f60ac53451ace22965d331b47cd8c2e614e
Merged-In: I54376f60ac53451ace22965d331b47cd8c2e614e
(cherry picked from commit
7923b3c10cad5059a7d187fa6abc39abdb4173ec)
Jakub Pawlowski [Thu, 29 Nov 2018 17:54:21 +0000 (18:54 +0100)]
Bluetooth: Check descriptors size in BluetoothHidDeviceAppSdpSettings
Bug:
119819889
Test: compilation
Change-Id: If51d0e2af74d99758f79a603d40cc2f5c84e4dde
(cherry picked from commit
63519217e8c0682369b5b3dc11417f79b3b48b7e)
Jeff Sharkey [Mon, 24 Sep 2018 19:23:57 +0000 (13:23 -0600)]
Recover shady content:// paths.
The path-permission element offers prefix or regex style matching of
paths, but most providers internally use UriMatcher to decide what
to do with an incoming Uri.
This causes trouble because UriMatcher uses Uri.getPathSegments(),
which quietly ignores "empty" paths. Consider this example:
<path-permission android:pathPrefix="/private" ... />
uriMatcher.addURI("com.example", "/private", CODE_PRIVATE);
content://com.example//private
The Uri above will pass the security check, since it's not
technically a prefix match. But the UriMatcher will then match it
as CODE_PRIVATE, since it ignores the "//" zero-length path.
Since we can't safely change the behavior of either path-permission
or UriMatcher, we're left with recovering these shady paths by
trimming away zero-length paths.
Bug:
112555574
Test: atest android.appsecurity.cts.AppSecurityTests
Test: atest FrameworksCoreTests:android.content.ContentProviderTest
Merged-In: Ibadbfa4fc904ec54780c8102958735b03293fb9a
Change-Id: Ibadbfa4fc904ec54780c8102958735b03293fb9a
(cherry picked from commit
c084ddbf826b25808c4553e4b5992c6723eac4ea)
Michael Wachenschwanz [Sat, 25 Aug 2018 04:50:35 +0000 (21:50 -0700)]
Verify number of Map entries written to Parcel
Make sure the number of entries written by Parcel#writeMapInternal
matches the size written. If a mismatch were allowed, an exploitable
scenario could occur where the data read from the Parcel would not
match the data written.
Fixes:
112859604
Test: cts-tradefed run cts -m CtsOsTestCases -t android.os.cts.ParcelTest
Change-Id: I325d08a8b66b6e80fe76501359c41b6656848607
Merged-In: I325d08a8b66b6e80fe76501359c41b6656848607
(cherry picked from commit
057a01d1f38e9b46d3faa4059fdd7c8717681ea0)
Wayne Lin [Thu, 30 Aug 2018 09:25:56 +0000 (17:25 +0800)]
Changing SUPL_ES=1 for SUPL end point control
SUPL_ES=1 ensures the GnssLocationProvider and related framework code
accepts incoming SMS SUPL_INIT messages with ES-bit=1
(which allow redirection of the ESLP
end-point e.g. to the current local emergency services provider when
you are travelling) only during an emergency call
Bug:
111899241
Bug:
112159033
Test: Build pass
Change-Id: I7dcd9c173a1d56fcf0da15257db5b8d1322b39d6
(cherry picked from commit
5b63dcc6a617cbab74dbda1f4cd759c75efa3aa5)
dwchen [Mon, 20 Aug 2018 17:17:48 +0000 (10:17 -0700)]
Fixes possible issue with no-op creator.
Leaving a no-op CREATOR can lead to issues. We throw a run-time
exception to prevent anyone from using this. The StatsLogEventWrapper is
meant to be write-only since it's only used to send data to statsd.
Bug:
112550251
Test: Tested with provided POC app by external researcher.
Change-Id: I001d84e2a61a1cd8a4f59aa156ca52f73ad0f6e1
(cherry picked from commit
78622d57ad102c054306b01321b6b2dbec3f9d1d)
Ryan Longair [Wed, 5 Sep 2018 17:38:09 +0000 (10:38 -0700)]
Revert "RESTRICT AUTOMERGE: Revoke permissions defined in a to-be removed package."
This reverts commit
49419138ef2bd3049eeb4b94a6868647e22fb938.
Seigo Nonaka [Thu, 19 Jul 2018 23:22:02 +0000 (16:22 -0700)]
Fix crash during cursor moving on BiDi text
The crash was introduced by Ib66ef392c19c937718e7101f6d48fac3abe51ad0
The root cause of the crashing is requesting out-of-line access for the
horizontal width. This invalid access is silently ignored by
TextLine#measure() method but new implementation end up with out of
bounds access.
To makes behavior as old implementation, calling getHorizontal instead
of accessing measured result array.
Bug:
78464361,
111580019
Test: Manually done
Change-Id: I5c5778718f6b397adbb1e4f2cf95e9f635f6e5c8
(cherry picked from commit
960647d582911ae7ab8b9491097898e6c313aaf1)
Merged-In: I5c5778718f6b397adbb1e4f2cf95e9f635f6e5c8
(cherry picked from commit
a1076fdaa54ebf56bb32bea43fb278f7470ff307)
Jeff Sharkey [Tue, 7 Aug 2018 21:02:17 +0000 (15:02 -0600)]
DO NOT MERGE. Persistable Uri grants still require permissions.
When FLAG_GRANT_PERSISTABLE_URI_PERMISSION is requested, we still
need to check permissions between the source and target packages,
instead of shortcutting past them.
The spirit of the original change is remains intact: if the caller
requested FLAG_GRANT_PERSISTABLE_URI_PERMISSION, then we avoid
returning "-1", which would prevent the grant data structure from
being allocated.
Bug:
111934948
Test: atest android.appsecurity.cts.AppSecurityTests
Change-Id: Ief0fc922aa09fc3d9bb6a126c2ff5855347cd030
Merged-In: Ief0fc922aa09fc3d9bb6a126c2ff5855347cd030
(cherry picked from commit
d6a6e7127cc341ca875d9d13cf7a864d9f20b479)
Jeff Sharkey [Wed, 25 Jul 2018 20:52:14 +0000 (14:52 -0600)]
DO NOT MERGE. Extend SQLiteQueryBuilder for update and delete.
Developers often accept selection clauses from untrusted code, and
SQLiteQueryBuilder already supports a "strict" mode to help catch
SQL injection attacks. This change extends the builder to support
update() and delete() calls, so that we can help secure those
selection clauses too.
Bug:
111085900
Test: atest packages/providers/DownloadProvider/tests/
Test: atest cts/tests/app/src/android/app/cts/DownloadManagerTest.java
Test: atest cts/tests/tests/database/src/android/database/sqlite/cts/SQLiteQueryBuilderTest.java
Change-Id: Ib4fc8400f184755ee7e971ab5f2095186341730c
Merged-In: Ib4fc8400f184755ee7e971ab5f2095186341730c
(cherry picked from commit
506994268bc4fa07d8798b7737a2952f74b8fd04)
Jeff Sharkey [Wed, 25 Jul 2018 20:01:59 +0000 (14:01 -0600)]
DO NOT MERGE. Execute "strict" queries with extra parentheses.
SQLiteQueryBuilder has a setStrict() mode which can be used to
detect SQL attacks from untrusted sources, which it does by running
each query twice: once with an extra set of parentheses, and if that
succeeds, it runs the original query verbatim.
This sadly doesn't catch inputs of the type "1=1) OR (1=1", which
creates valid statements for both tests above, but the final executed
query ends up leaking data due to SQLite operator precedence.
Instead, we need to continue compiling both variants, but we need
to execute the query with the additional parentheses to ensure
data won't be leaked.
Test: atest cts/tests/tests/database/src/android/database/sqlite/cts/SQLiteQueryBuilderTest.java
Bug:
111085900
Change-Id: I6e8746fa48f9de13adae37d2990de11c9c585381
Merged-In: I6e8746fa48f9de13adae37d2990de11c9c585381
(cherry picked from commit
57b04a86802ff879af78e782a8582462323e34e7)
Hongming Jin [Tue, 19 Jun 2018 19:35:37 +0000 (12:35 -0700)]
RESTRICT AUTOMERGE: Revoke permissions defined in a to-be removed package.
Bug:
67319274
Test: run cts-dev --module CtsPermissionTestCases --test android.permission.cts.RemovePermissionTest#permissionShouldBeRevokedIfRemoved
Change-Id: Id23535d6c4d2fcf5c86dc1338af13a561b32154c
(cherry picked from commit
fde947837c848b51a830b74b28f96f9808405492)
Mihai Popa [Wed, 9 May 2018 16:31:48 +0000 (17:31 +0100)]
Optimise the hit test algorithm
Layout#getOffsetForHorizontal was running in O(n^2) time, where n is the
length of the current line. The method is used when a touch event
happens on a text line, to compute the cursor offset (and the character)
where it happened. Although this is not an issue in common usecases,
where the number of characters on a line is relatively small, this can
be very inefficient as a consequence of Unicode containing 0-width
(invisible) characters. Specifically, there are characters defining the
text direction (LTR or RTL), which cause our algorithm to touch the
worst case quadratic runtime. For example, a person is able to send a
message containing a few visible characters, and also a lot of these
direction changing invisible ones. When the receiver touches the message
(causing the Layout#getOffsetForHorizontal method to be called), the
receiver's application would become not responsive.
This CL optimizes the method to run in O(n) worst case. This is achieved
by computing the measurements of all line prefixes at first, which can
be done in a single pass. Then, all the prefix measurement queries will
be answered in O(1), rather than O(n) as it was happening before.
Bug:
79215201
Test: manual testing
Change-Id: Ib66ef392c19c937718e7101f6d48fac3abe51ad0
Merged-In: Ib66ef392c19c937718e7101f6d48fac3abe51ad0
(cherry picked from commit
138b106402d86653eaf296a02708737a6e360b58)
Robert Shih [Mon, 9 Jul 2018 20:38:31 +0000 (13:38 -0700)]
Fix TrackInfo parcel write
Bug:
77600398
Change-Id: Ia316f1c5dc4879f6851fdb78fe8b9039579be7bc
(cherry picked from commit
0d2dc943dcaa3d7c8479e22ae62be9753ea2643c)
Arthur Ishiguro [Mon, 25 Jun 2018 18:31:33 +0000 (11:31 -0700)]
Resolve inconsistent parcel read in NanoAppFilter
Bug:
77599679
Test: Compile only
Change-Id: Ib417a5cb4d51744442d2fb14437cabbe5fd1c266
(cherry picked from commit
abe5a73a4a81e312a1690fbc10a6b99ce98b699a)
Makoto Onuki [Tue, 12 Jun 2018 20:01:42 +0000 (13:01 -0700)]
Backport Prevent shortcut info package name spoofing
Test: cts-tradefed run cts -m CtsShortcutManagerTestCases -t android.content.pm.cts.shortcutmanager.ShortcutManagerFakingPublisherTest
Bug:
109824443
Change-Id: I90443973aaef157d357b98b739572866125b2bbc
Merged-In: I78948446a63b428ae750464194558fd44a658493
(cherry picked from commit
9e21579a11219581a0c08ff5dd6ac4dc22e988a4)
Bernie Innocenti [Mon, 28 May 2018 13:04:37 +0000 (22:04 +0900)]
vpn: allow IPSec traffic through Always-on VPN
This won't leak any traffic outside the VPN as long as there are no
processes owned by uid 0 which generate network traffic (which is
currently the case).
Bug:
69873852
Test: compared the output of 'adb shell ip rule show' before and after
Test: runtest -x frameworks/base/tests/net/java/com/android/server/connectivity/VpnTest.java
Test: local CTS tests run: android.net.cts.VpnServiceTest
Test: local CTS tests run: com.android.cts.devicepolicy.MixedDeviceOwnerTest
Change-Id: I8758e576c9d961d73f62bfcf0559dd7ecee6e8e6
Merged-In: I8758e576c9d961d73f62bfcf0559dd7ecee6e8e6
Merged-In: I1f9b78c8f828ec2df7aba71b39d62be0c4db2550
Merged-In: I8edeb0942e661c8385ff0cd3fdb72e6f62a8f218
(cherry picked from commit
00000fe55a4729f8339afdc7eab5c970b2549813)
(cherry picked from commit
ae07a6bf53cc9650039c4f2918baf58d522b49f9)
android-build-team Robot [Tue, 17 Jul 2018 23:29:14 +0000 (23:29 +0000)]
Merge cherrypicks of [
4562103,
4560827,
4563998,
4563999,
4564000,
4564001,
4564351,
4564352,
4564333,
4564033,
4560455,
4564034,
4560674,
4560675,
4563620,
4561607,
4561062,
4561063] into pi-release
Change-Id: I8b6494e6539f685ea265cd74dfbfa88ab3cb289f
Todd Kennedy [Thu, 12 Jul 2018 20:15:54 +0000 (13:15 -0700)]
Loosen resource file verification
Bug:
77808145
Test: Tried to install corrupt APK prior to the change, install failed
Test: Tried to install corrupt APK after the change, install succeeded
Test: atest CtsAppSecurityHostTestCases:CorruptApkTests
Change-Id: I19a69e52a17c1080beaf2cc575c32f564b1033a3
(cherry picked from commit
28e663cbed28fb6c8c8dec0849e0277daf67651b)
Amith Yamasani [Wed, 11 Jul 2018 17:44:17 +0000 (10:44 -0700)]
Fix crash on calling getAppStandbyBucket()
MATCH_ANY_USER, which was locked down recently, is not
really needed in this context, so removed it.
Bug:
111145886
Test: cts CtsAppUsageHostTestCases
Change-Id: I1bb9df0c7370015365bea414599b2b83084a1846
(cherry picked from commit
99e1424e0aa9e7dc4a5ccbff011d7161201921d1)
Wale Ogunwale [Wed, 11 Jul 2018 22:22:01 +0000 (15:22 -0700)]
Acquire service lock in AppTaskImpl.moveToFront()
Oversight from previous refactor in O release done in ag/
2987716
Change-Id: I2e2d6e55251eb319ddee0db97eedc1c574736ead
Merged-In: I2e2d6e55251eb319ddee0db97eedc1c574736ead
Fixes:
111336376
Test: builds
(cherry picked from commit
bc4d0326a04c19500f44283fbfab581257d3c75e)
Lei Yu [Thu, 28 Jun 2018 21:06:29 +0000 (14:06 -0700)]
Add active admin app to power white list.
So user can't restrict it in settings app.
Bug:
110337989
Test: RunSettingsLibTests
Change-Id: Ie32dc8b2204369c9ca8f704436d5c988f76481ae
Merged-In: Ie32dc8b2204369c9ca8f704436d5c988f76481ae
(cherry picked from commit
f5a13f8b3a0ce1a3ee6e49802e32db3f3fb38d6d)
android-build-team Robot [Thu, 21 Jun 2018 00:58:45 +0000 (00:58 +0000)]
Merge cherrypicks of [
4392181,
4392182,
4392183,
4392184,
4392201,
4392202] into pi-release
Change-Id: I8e1428f12ab9bf4cc2b1a322e64b4aa41aa0ae41
David Brazdil [Fri, 15 Jun 2018 13:05:42 +0000 (14:05 +0100)]
Stabilize hidden API lists
Hidden API lists are auto-generated using a combination of Doclava
/Makefile rules and manually curated lists. As OEMs make their own
changes to the framework, they might arrive at slightly different
lists. This is not desirable as the entire ecosystem should enforce
the same rules. This patch adds the files generated by Doclava to
the code base, which will stabilize the lists for everyone.
The problem is exacerbated by the fact that the Doclava-generated
private-dex.txt contains only classes explored by Doclava. This can
change rather unexpectedly as OEMs make changes and start/stop using
internal classes otherwise only used in unexplored code. If the file
is extended, they might start blacklisting new APIs. If the file
shrinks, they might start whitelisting APIs they should restrict
access to and have trouble passing CTS.
(Avoid merging out of pi trees)
Test: m ; check that produced lists have not changed
Bug:
109824927
Merged-In: I0e9653d9cd7e4b748870bacb6fbcecae535ebb2a
Change-Id: I1463a06d6510e7051a64d5d516f4c589638ca11c
(cherry picked from commit
5999830557004ec70158e91cde2e9ff4e52dbb74)
Nicolas Geoffray [Wed, 13 Jun 2018 20:22:06 +0000 (21:22 +0100)]
More light grey APIs.
bug:
110157261
bug:
110065832
bug:
110179435
bug:
110174713
bug:
110191494
bug:
110282922
bug:
110289776
bug:
110314356
bug:
110340642
bug:
110382035
Bug:
110444248
Bug:
110447432
bug:
110378707
Test: m
Change-Id: I5d7c0f9d471eab22e23cc335f03cebecb642f871
(cherry picked from commit
43536175f2c29b1dcb15e3e104bd1aa11a0f3a4a)
Marco Nelissen [Tue, 19 Jun 2018 19:38:23 +0000 (12:38 -0700)]
Fix race condition in MediaHTTPConnection
getSize() and getMIMEType() rely on seekTo() having completed.
If seekTo() was called on a different thread, for example because
NuCachedSource2 was doing reads on a background thread, getSize()
could return -1 if it was called after connection was established,
but before the response had been parsed.
Bug:
110230427
Test: manual
Change-Id: I469b47e025f1c7a7ef3123d3347668f0541e6f2d
(cherry picked from commit
d4f64f27b0de1c5d21c93b4d73acd05ede28fde2)
Julia Reynolds [Wed, 13 Jun 2018 14:45:21 +0000 (10:45 -0400)]
Don't throw uri exceptions for user chosen sounds
Bug:
109889733
Test: runtest systemui-notification
Change-Id: I5ed599deca83f97899affce44e3ed8fbcacae366
(cherry picked from commit
218871ee3ffffea964658be327ffd06e1e3eed61)
(cherry picked from commit
89945c5a222ab2761ab086588c1ac5434cca661f)
android-build-team Robot [Mon, 18 Jun 2018 23:34:45 +0000 (23:34 +0000)]
Merge cherrypicks of [
4368877,
4369031,
4369032,
4369033,
4369034,
4368878,
4369035,
4369036,
4369008] into pi-release
Change-Id: I961d7c7e4922defecafaa3976c69491a2b20c71e
Eric Laurent [Thu, 14 Jun 2018 02:36:42 +0000 (19:36 -0700)]
audioservice: fix a2dp connection race condition
In case of fast (< 1 second) A2DP disconnect/connect sequence, there
is a potential race condition where the delayed disconnection message
(due to becoming noisy intent) is received after the not delayed
connection message.
- Make sure all messages related to device connection/disconnection
(including MSG_A2DP_DEVICE_CONFIG_CHANGE and MSG_BTA2DP_DOCK_TIMEOUT)
are handled by queueMsgUnderWakeLock().
- Make sure messages are processed in the same order as API calls.
- Add check for null address in makeA2dpDeviceUnavailableNow().
Bug:
109903807
Bug:
78837311
Test: repro steps in bugs. A2DP connection and playback
Change-Id: Ib81b3805f945f7206b1a60de74e9bbeeef89bdd0
(cherry picked from commit
3c4636c7127cd34728050d051ef3bd62829e877d)
Philip P. Moltmann [Thu, 14 Jun 2018 18:52:14 +0000 (11:52 -0700)]
Abbreviate permission labels less aggressively
We switched the package installer app to always abbreviate all labels
loaded from foreign packages. This is done so that a foreign app cannot
crorrupt the UI via super-long strings.
The default abbreviation is very aggressive and abbreviates to ~5 cm.
When an app with a targetSDK <= M gets installed, all permissions will
get auto-granted. Hence when a user side-loads such an app, we show the
permissions during install so that the user is aware of this.
Unfortunately most permission labels and restrictions do not fit into a
single line.
This change allows much longer strings for permissions names and
descriptions. It still abbreviates eventually and handles permission
descriptions with weird characters (such as back-space) correctly.
Fixes:
110209410
Test: Side-loaded old app and verified that permission labels and
descriptions are not abbreviated.
Change-Id: Ie1db240883c9f5cb9c1b74ca7bdcb80625e3f7f2
(cherry picked from commit
004e489a251d6adf94922368e98a730185642123)
Wale Ogunwale [Thu, 14 Jun 2018 15:55:42 +0000 (08:55 -0700)]
Make testSplitscreenPortraitAppOrientationRequests pass to unblock release
Work around to unblock the release for failing test
ActivityManagerAppConfigurationTests#testSplitscreenPortraitAppOrientationRequests
which shouldn't be failing since home stack shouldn't be visible. We need
to dig deeper to see why it is failing.
NOTE: Not failing on current master...
Bug:
110159357
Test: atest ActivityManagerAppConfigurationTests#testSplitscreenPortraitAppOrientationRequests
Change-Id: I69423eef3661133b2a032a166745157b3e344751
(cherry picked from commit
cf2d6475f9fc885e8bc9761ef2d839eaad3f32b4)
Laura Davis [Thu, 7 Jun 2018 17:41:49 +0000 (10:41 -0700)]
docs: repaired link to internal section
Test: make ds-docs
Bug:
79236136
Change-Id: Idf48cf7a055a0aa3841d6b4d0540724b43c61241
(cherry picked from commit
22dbf294bb0cc3bf4975a6836d3ad74b2f22a0b4)
Suprabh Shukla [Mon, 11 Jun 2018 22:11:01 +0000 (15:11 -0700)]
Allow unsuspending critical packages
PackageManager prevents certain packages from being suspended to ensure
device is in a sane state. It should not disallow unsuspening these
packages for the same reason.
Test: Existing tests:
atest FrameworksServicesTests:SuspendPackagesTest
Manually, changed the default dialer, then
adb shell pm suspend com.android.dialer
change the default dialer to com.android.dialer, then
adb shell pm unsuspend com.android.dialer
should succeeed.
Bug:
79846500
Change-Id: Ie198f61bf3b092e497f978e60a27f9d52cdda9c7
(cherry picked from commit
4d74d50f53882560ac20c06de53b40f030e31fec)
Mike Digman [Mon, 11 Jun 2018 18:41:33 +0000 (11:41 -0700)]
Make rotate nav+qs icon consistent, understandable
Now using the same iconography (but different angle) for nav
and qs. Note nav viewport, size and pivot (for motion) change
is intentional to match other navbar icon sizing.
Test: manual
Change-Id: I1abb33130cc724b6e63e008cf7301ebce383c8d1
Fixes:
110052596
(cherry picked from commit
2657757c432a95100ad6a2aed5a36c7dcd296aae)
Selim Cinek [Tue, 12 Jun 2018 00:26:34 +0000 (17:26 -0700)]
Keeping the lockdown state in sync with the notification list
Whenever the lockdown was changed, the UI wasn't consistently
updated, but only once another notification / update came
in, which lead to notifications being invisisible or visible
when they shouldn't have been.
Change-Id: I17c1b4e0ef58d6aa05f4404e52e07a098d4fce4e
Fixes:
78020486
Test: manual, hit lockdown observe notification gone, coming back when unlocked
(cherry picked from commit
ddb7b47dd0c875318669cc2d68f84de49710d138)
android-build-team Robot [Tue, 12 Jun 2018 01:49:32 +0000 (01:49 +0000)]
Merge cherrypicks of [
4315359,
4315389,
4315390,
4315519,
4315520,
4315360,
4317665,
4317701,
4315391,
4316085] into pi-release
Change-Id: I35248f1228a04b847fdb7ecdb15d48190fbaf759
Winson Chung [Mon, 11 Jun 2018 23:58:27 +0000 (23:58 +0000)]
Revert "Defer stop for all activities becoming invisible"
This reverts commit
b824f87c65216e4dfe5e9ab0e63795466836bc0f (for b/
80313326)
Reason for revert: Cts issues (b/
110032866)
Bug:
80313326
Bug:
110032866
Change-Id: Iaca3a8650d30b475ef4331e98b4b14377072ee4d
(cherry picked from commit
f49b106dca1b878319a09a1acf8582c05c360a30)
Jean-Michel Trivi [Thu, 7 Jun 2018 19:28:27 +0000 (12:28 -0700)]
AudioService: fix deallock setBluetoothScoOn vs setMode
In AudioService:
setBluetoothScoOn()
> setBluetoothScoOnInt()
> synchronized(mSettingsLock)
> muteRingerModeStreams()
> synchronized (VolumeStreamState.class)
vs
setMode()
> setModeInt()
> synchronized (mSettingsLock)
> synchronized (VolumeStreamState.class)
The issue comes from setBluetoothScoOnInt() releasing the lock
on mSettingsLock before calling muteRingerModeStreams(). This
breaks the expected lock ordering in AudioService, where
mSettingsLock must be locked before VolumeStreamState.class.
Bug:
109746821
Test: see bug
Change-Id: I853ca60781efc506626b6345f27da701655ac359
(cherry picked from commit
c106d9f958be76ab14a6724525f39bc3fec03fd2)
android-build-team Robot [Sun, 10 Jun 2018 19:04:32 +0000 (19:04 +0000)]
Snap for
4832339 from
9b1f560ee56e0c7538f6656a9459a905416509f0 to pi-release
Change-Id: Ib743f4471d6d2db801d874d397b68a81ff59c6cc
bsears [Sun, 10 Jun 2018 05:50:30 +0000 (05:50 +0000)]
Merge "Include "emergency calls only" in disabled SIM strings." into pi-dev
TreeHugger Robot [Fri, 8 Jun 2018 23:45:29 +0000 (23:45 +0000)]
Merge "Revert "Fix DefaultPermissionGrantPolicyTest"" into pi-dev
Nan Zhang [Fri, 8 Jun 2018 23:26:16 +0000 (23:26 +0000)]
Merge "Revert "Added online-sdk & off-sdk for Metalava"" into pi-dev
Nan Zhang [Fri, 8 Jun 2018 23:11:18 +0000 (23:11 +0000)]
Revert "Added online-sdk & off-sdk for Metalava"
This reverts commit
726df7efc9e8faad94ee8133fcb4fd976b66ebda.
Reason for revert: <Didn't add Merged-in which flows this change down to pi-dev-plus-aosp>
Bug: b/
78245848
Change-Id: Ie15181bcb91314718ee9902402179cd010f17553
Selim Cinek [Fri, 8 Jun 2018 22:51:07 +0000 (22:51 +0000)]
Merge "Revert "Consider icon scale when calculating icon offset in shelf"" into pi-dev
Selim Cinek [Fri, 8 Jun 2018 22:50:12 +0000 (22:50 +0000)]
Merge "Fixed a flickering of the icon when it goes into the shelf" into pi-dev
Eugene Susla [Fri, 8 Jun 2018 21:39:58 +0000 (21:39 +0000)]
Revert "Fix DefaultPermissionGrantPolicyTest"
This ended up being not the right fix for the bug, and
had a consequence of AiAi permissions becoming fixed.
Per recent email thread, reverting this back to how it was
This reverts commit
0988f24dfff1529552c857fb1c28592070ecc1b8.
Fixes:
109665265
Change-Id: Ibf39c3b788c09f189d941f830ebbe8f371fc6f6a
TreeHugger Robot [Fri, 8 Jun 2018 21:21:29 +0000 (21:21 +0000)]
Merge "More light grey APIs." into pi-dev
Dan Sandler [Fri, 8 Jun 2018 19:34:52 +0000 (15:34 -0400)]
Include "emergency calls only" in disabled SIM strings.
This message appears in the QS footer when the SIM has been
disabled permanently (IccCardConstants.State.PERM_DISABLED).
Required in Australia, harmless elsewhere.
Test: runtest systemui
Bug:
109874640
Change-Id: Ib2b3fcf2bd84c54b61f0bd45fe0b83209d9c9bd0
Nan Zhang [Fri, 8 Jun 2018 18:50:42 +0000 (11:50 -0700)]
Added online-sdk & off-sdk for Metalava
Test: m -j metalava online-sdk-docs
Bug: b/
78245848
Change-Id: I2cf92b14d20ecb2898e90c5e5956612f49acd33c
Nan Zhang [Fri, 8 Jun 2018 17:28:37 +0000 (17:28 +0000)]
Merge "Enabled annotations for api-stubs, system-api-stubs, and test-api-stubs" into pi-dev
TreeHugger Robot [Fri, 8 Jun 2018 17:20:27 +0000 (17:20 +0000)]
Merge "Fixed typo on TextValueSanitizer sample." into pi-dev
Selim Cinek [Fri, 8 Jun 2018 07:26:48 +0000 (00:26 -0700)]
Fixed a flickering of the icon when it goes into the shelf
We can adjust the Pivot such that the scaling doesn't happen
irregularly and that the animation is smooth.
Change-Id: Ib2e42a20430e1c10950a197a4c04e7c64c7dec67
Test: add notification, no flicker
Fixes:
80270979
Nicolas Geoffray [Fri, 8 Jun 2018 12:09:18 +0000 (13:09 +0100)]
More light grey APIs.
bug:
109894533
bug:
109889637
Test: m
Change-Id: I3bf3f5b846a48fe189131fb0f6a3be217c274554
Bill Lin [Fri, 8 Jun 2018 09:07:13 +0000 (17:07 +0800)]
Revert "Consider icon scale when calculating icon offset in shelf"
This reverts commit
5dad60e6928f29d5a959cb4e2fb45e17253ca88c.
The patch may cause latest Notification do not align center
Bug:
109868942
Test: atest & manual use notify observe only last 1 notification visual
Change-Id: I81e5de4d0a2822c96ce9a815519bb0413f26f27c
android-build-team Robot [Fri, 8 Jun 2018 07:27:45 +0000 (07:27 +0000)]
Snap for
4829593 from
551328eaaa90e770076079a80f8c4e4565787493 to pi-release
Change-Id: I9fd67c3d6af565d3aac7aaeb54485637c53cdc53
Chris Forbes [Fri, 8 Jun 2018 05:14:12 +0000 (05:14 +0000)]
Merge "pm: Exposing Vulkan 1.1 does not guarantee AHB extension support" into pi-dev
TreeHugger Robot [Fri, 8 Jun 2018 04:49:39 +0000 (04:49 +0000)]
Merge "Don't access keyguard from instant apps." into pi-dev
TreeHugger Robot [Fri, 8 Jun 2018 03:48:21 +0000 (03:48 +0000)]
Merge "Revert "Let sendShowMessage called from hide to show"" into pi-dev
TreeHugger Robot [Fri, 8 Jun 2018 03:38:01 +0000 (03:38 +0000)]
Merge "Animate owner info during wake-up transition" into pi-dev
Svet Ganov [Fri, 8 Jun 2018 03:20:34 +0000 (20:20 -0700)]
Don't access keyguard from instant apps.
Test: cts-instant-tradefed run cts-instant -m CtsViewTestCases
bug:
109652548
Change-Id: I6f8bb714bd98fd53068b2662633a9155d64b274c
TreeHugger Robot [Fri, 8 Jun 2018 03:00:26 +0000 (03:00 +0000)]
Merge "Revert "Allow instant apps to send broadcasts to themselves"" into pi-dev
TreeHugger Robot [Fri, 8 Jun 2018 02:24:22 +0000 (02:24 +0000)]
Merge "Docs: noted that setting proxy hostnames on an ApnSetting requires an internet connection for DNS." into pi-dev
TreeHugger Robot [Fri, 8 Jun 2018 01:58:10 +0000 (01:58 +0000)]
Merge changes from topic "volume-change-flags" into pi-dev
* changes:
Only show the volume dialog if the AudioManager.FLAG_SHOW_UI bit is set
Comply with the volume callback change
Lin Guo [Fri, 8 Jun 2018 00:08:30 +0000 (17:08 -0700)]
Only show the volume dialog if the AudioManager.FLAG_SHOW_UI bit is set
Bug:
109841417
Test: manual
Change-Id: Icc803a4b22ceccff7d3e788b9164975a8e395a3b
Anarghya Mitra [Thu, 7 Jun 2018 20:26:14 +0000 (13:26 -0700)]
Change Quick Settings to account for branded VPNs.
Screenshots: https://photos.app.goo.gl/FrnK69TXR86npFmY2
Test: runtest --path frameworks/base/packages/SystemUI/tests/src/com/android/systemui/qs
Bug:
109837832
Change-Id: Ie447e6598ff593ff5d14ec8787db82ba39c9ea54
Yu-Han Yang [Thu, 7 Jun 2018 23:50:08 +0000 (23:50 +0000)]
Merge "Disable REQUEST_LOCATION from GNSS HAL by default" into pi-dev
Chris Forbes [Thu, 7 Jun 2018 23:41:19 +0000 (16:41 -0700)]
pm: Exposing Vulkan 1.1 does not guarantee AHB extension support
Bug: b/
109875843
Change-Id: Ib53fb1a4f7a5a6c055b575b4d8775f8bd62db7a8
Svetoslav Ganov [Thu, 7 Jun 2018 23:23:39 +0000 (23:23 +0000)]
Revert "Allow instant apps to send broadcasts to themselves"
This reverts commit
7b40358fa316038ce6a3243b8706c6f5b7a49536.
Reason for revert: False positive - this works and patch not needed.
bug:
109583877
Change-Id: If708350b03292cfa3bf9841199739e06c82f6c4f
Hongwei Wang [Thu, 7 Jun 2018 19:35:08 +0000 (12:35 -0700)]
Comply with the volume callback change
Bug:
109841417
Test: m -j
Change-Id: I43a139b97f89a666088db39579b068dc76babd56
TreeHugger Robot [Thu, 7 Jun 2018 22:23:12 +0000 (22:23 +0000)]
Merge "Remove usage of deprecated DayNightStyle values." into pi-dev
TreeHugger Robot [Thu, 7 Jun 2018 22:14:51 +0000 (22:14 +0000)]
Merge "Move nulling of nextFrameCallback" into pi-dev
TreeHugger Robot [Thu, 7 Jun 2018 21:43:50 +0000 (21:43 +0000)]
Merge "Increase Binder Proxy Limit to 6000 for SYSTEM" into pi-dev
TreeHugger Robot [Thu, 7 Jun 2018 21:42:59 +0000 (21:42 +0000)]
Merge "Show the bouncer at start up if the headless user flag is set" into pi-dev
TreeHugger Robot [Thu, 7 Jun 2018 21:33:59 +0000 (21:33 +0000)]
Merge "Camera: update tonemap image in html doc" into pi-dev
Benjamin Miller [Thu, 7 Jun 2018 19:10:08 +0000 (19:10 +0000)]
Docs: noted that setting proxy hostnames on an ApnSetting requires an internet connection for DNS.
Doc-only change.
Also improved the class descriptions and fixed some typos.
Staged at:
http://go/dac-stage/reference/android/telephony/data/ApnSetting_new
http://go/dac-stage/reference/android/telephony/data/ApnSetting.Builder_new
Bug:
80238372
Test: make ds-docs with visual inspection of generated HTML
Change-Id: Id4a00c1a44dc3cbbaefc94c0438eb1a077f06e5e
Jaewan Kim [Thu, 7 Jun 2018 21:19:03 +0000 (21:19 +0000)]
Merge "MediaSessionService: Fix NPE" into pi-dev
Yao Chen [Thu, 7 Jun 2018 21:10:16 +0000 (21:10 +0000)]
Merge "Disable statsd and make StatsLog no-op if ro.statsd.enable=false" into pi-dev
TreeHugger Robot [Thu, 7 Jun 2018 20:40:33 +0000 (20:40 +0000)]
Merge "Hide backdrop when waking up from fp" into pi-dev
TreeHugger Robot [Thu, 7 Jun 2018 20:28:36 +0000 (20:28 +0000)]
Merge "Fixed flickering when quick tap on brightness bar" into pi-dev
Nan Zhang [Thu, 7 Jun 2018 02:11:33 +0000 (19:11 -0700)]
Enabled annotations for api-stubs, system-api-stubs, and test-api-stubs
Test: manually cp stub-annotations.jar to pi-dev; and m -j metalava_android_stubs
Bug: b/
78245848
Change-Id: Ib7ea5d847d50e3c863891e0f59228a40d1b8c41b
Merged-In: I116643925a3a9594e8590c3714e93d0fb0ac372f
Benjamin Miller [Thu, 7 Jun 2018 20:12:43 +0000 (20:12 +0000)]
Merge "docs: Backup requestRestore() doesn't kill app during restore." into pi-dev
Nicolas Geoffray [Thu, 7 Jun 2018 20:03:42 +0000 (20:03 +0000)]
Merge "Add more APIs to light grey list" into pi-dev
Yu-Han Yang [Thu, 7 Jun 2018 18:58:52 +0000 (11:58 -0700)]
Disable REQUEST_LOCATION from GNSS HAL by default
Bug:
109883154
Fixes:
109883154
Test: manually tested and verified it's disabled.
Change-Id: Ib42a14c776e32d20d79d8ce76a4acdbfa13a70a1
TreeHugger Robot [Thu, 7 Jun 2018 19:48:14 +0000 (19:48 +0000)]
Merge "Do not preload NoPreloadHolder classes" into pi-dev
TreeHugger Robot [Thu, 7 Jun 2018 19:11:12 +0000 (19:11 +0000)]
Merge "One more light grey addition." into pi-dev
Winson Chung [Thu, 7 Jun 2018 18:59:48 +0000 (18:59 +0000)]
Merge "Consider window background opacity when determining snapshot translucency" into pi-dev
Chad Brubaker [Thu, 7 Jun 2018 18:40:57 +0000 (11:40 -0700)]
Do not preload NoPreloadHolder classes
These classes cannot be statically preloaded in Zygote.
Change-Id: I7d9f10e634409bedfdd71f8daa43b8e23516638e
Fixes:
109652611
Test: atest com.android.cts.devicepolicy.MixedManagedProfileOwnerTest#testCaCertManagement
TreeHugger Robot [Thu, 7 Jun 2018 18:25:14 +0000 (18:25 +0000)]
Merge "Only use the pre-animation bounds when an animation is running and is set" into pi-dev