OSDN Git Service
Android Build Merger (Role) [Fri, 9 Mar 2018 04:18:45 +0000 (04:18 +0000)]
[automerger] Fixed Security Vulnerability of DcParamObject am:
8c55a70728
Change-Id: Ic9cf5392057bfb47945e9a1b06abb19697468610
Pengquan Meng [Fri, 9 Mar 2018 04:08:25 +0000 (20:08 -0800)]
Fixed Security Vulnerability of DcParamObject
The writeToParcel and readFromParcel is not symmetry, fixed it.
Test: no test
Bug:
70721937
Change-Id: I01f6f6b2ab778ee8b638d9b69fe0a6b9aa7ee395
Siyamed Sinir [Thu, 15 Feb 2018 00:14:36 +0000 (00:14 +0000)]
Merge "DO NOT MERGE Fix mTrustManager NPE" into mnc-dev
Android Build Merger (Role) [Thu, 15 Feb 2018 00:05:38 +0000 (00:05 +0000)]
[automerger] DO NOT MERGE Fix mTrustManager NPE am:
a381c4ced3
Change-Id: Ib622af453781a1769e820c10d6ab46c140809c57
Etan Cohen [Wed, 7 Feb 2018 23:21:17 +0000 (23:21 +0000)]
Merge "[RTT] ParcelableRttResults parcel code fix" into mnc-dev
am:
e137462b2c
Change-Id: I4132c2ccfc0db161c6a89a6c62fb276f0874d39b
Etan Cohen [Wed, 7 Feb 2018 22:41:26 +0000 (22:41 +0000)]
Merge "[RTT] ParcelableRttResults parcel code fix" into mnc-dev
Etan Cohen [Wed, 7 Feb 2018 22:41:26 +0000 (22:41 +0000)]
Merge changes from topic "am-
8cd2288f-c3e9-422f-8fde-
02d5b6100d12" into mnc-dr-dev
* changes:
[automerger] [RTT] ParcelableRttResults parcel code fix am:
e1e5a2409c
[RTT] ParcelableRttResults parcel code fix
Android Build Merger (Role) [Wed, 7 Feb 2018 08:18:02 +0000 (08:18 +0000)]
[automerger] Fix VerifyCredentialResponse parcelling code am:
54813e9888
Change-Id: Ib1b60818cddeefe3031cf6c9880f5b790775aa62
Rubin Xu [Wed, 7 Feb 2018 08:10:08 +0000 (08:10 +0000)]
Fix VerifyCredentialResponse parcelling code
There was an asymmetry between parcelling and unparcelling of
VerifyCredentialResponse that could lead to type confusion if
packed with other objects in a Parcel.
Test: none
Bug:
71714464
Change-Id: Icff68879e249422ccca49f2bb7db85c35b4cb353
Android Build Merger (Role) [Fri, 2 Feb 2018 18:15:53 +0000 (18:15 +0000)]
[automerger] [RTT] ParcelableRttResults parcel code fix am:
e1e5a2409c
Change-Id: I46bbee504ea7a64d39b98a2a8336b3bcf593869a
Etan Cohen [Fri, 2 Feb 2018 16:07:20 +0000 (08:07 -0800)]
[RTT] ParcelableRttResults parcel code fix
ParcelableRttResults was unparceled incorrectly.
Bug:
70398564
Test: exploit provided in bug no longer works
Change-Id: Ifd6de547e9861bbebc399b43d0cc2899a8160813
Android Build Merger (Role) [Thu, 1 Feb 2018 14:14:11 +0000 (14:14 +0000)]
[automerger] Merge "Adjust URI host parsing to stop on \ character." into lmp-mr1-dev am:
5ed5d15e66 am:
8a0c7fd99e
Change-Id: If53ecf0654e883fa43e2f543561f0f7994763698
Adam Vartanian [Thu, 1 Feb 2018 14:13:34 +0000 (14:13 +0000)]
Merge "Adjust URI host parsing to stop on \ character." into lmp-mr1-dev
am:
5ed5d15e66
Change-Id: I7eb106b0db3ab568a7d8845ddd2025d80eeced3c
Adam Vartanian [Thu, 1 Feb 2018 10:02:43 +0000 (10:02 +0000)]
Merge changes from topic "am-
f1eb5cc5-7ac1-4540-b9cf-
e0577f9334e7" into mnc-dr-dev
* changes:
[automerger] Adjust URI host parsing to stop on \ character. am:
fa3afbd0e7 am:
97668ae137
[automerger] Adjust URI host parsing to stop on \ character. am:
fa3afbd0e7
Adjust URI host parsing to stop on \ character.
Adam Vartanian [Thu, 1 Feb 2018 10:02:43 +0000 (10:02 +0000)]
Merge changes from topic "am-
f1eb5cc5-7ac1-4540-b9cf-
e0577f9334e7" into mnc-dev
* changes:
[automerger] Adjust URI host parsing to stop on \ character. am:
fa3afbd0e7
Adjust URI host parsing to stop on \ character.
Adam Vartanian [Thu, 1 Feb 2018 10:02:42 +0000 (10:02 +0000)]
Merge "Adjust URI host parsing to stop on \ character." into lmp-mr1-dev
Android Build Merger (Role) [Wed, 31 Jan 2018 11:20:08 +0000 (11:20 +0000)]
[automerger] Adjust URI host parsing to stop on \ character. am:
fa3afbd0e7 am:
97668ae137
Change-Id: Ic336b5fafebabdd4a5ad4d775a96d76739189a09
Android Build Merger (Role) [Wed, 31 Jan 2018 11:19:56 +0000 (11:19 +0000)]
[automerger] Adjust URI host parsing to stop on \ character. am:
fa3afbd0e7
Change-Id: I20336a5786e753e6941b9a784068480475415110
Adam Vartanian [Wed, 31 Jan 2018 11:05:10 +0000 (11:05 +0000)]
Adjust URI host parsing to stop on \ character.
The WHATWG URL parsing algorithm [1] used by browsers says that for
"special" URL schemes (which is basically all commonly-used
hierarchical schemes, including http, https, ftp, and file), the host
portion ends if a \ character is seen, whereas this class previously
continued to consider characters part of the hostname. This meant
that a malicious URL could be seen as having a "safe" host when viewed
by an app but navigate to a different host when passed to a browser.
[1] https://url.spec.whatwg.org/#host-state
Bug:
71360761
Test: vogar frameworks/base/core/tests/coretests/src/android/net/UriTest.java (on NYC branch)
Test: cts -m CtsNetTestCases (on NYC branch)
Change-Id: Id53f7054d1be8d59bbcc7e219159e59a2425106e
Android Build Merger (Role) [Wed, 17 Jan 2018 22:20:14 +0000 (22:20 +0000)]
[automerger] Check for null-terminator in ResStringPool::string8At am:
5ec65ae909 am:
c3d7250b99
Change-Id: I43a4eb54f67bd3dbcffd0432c3988b0377463fff
Android Build Merger (Role) [Wed, 17 Jan 2018 22:20:03 +0000 (22:20 +0000)]
[automerger] Check for null-terminator in ResStringPool::string8At am:
5ec65ae909
Change-Id: I1ea52e1ccd7bf5467438e3dc2e670cf8f325c629
Adam Lesinski [Fri, 10 Nov 2017 01:12:17 +0000 (17:12 -0800)]
Check for null-terminator in ResStringPool::string8At
All other stringAt methods check for null termination. Be consistent
so that upper levels don't end up with huge corrupt strings.
Bug:
62537081
Test: none
Change-Id: I17bdfb0c1e34507b66c6cad651bbdb12c5d4c417
(cherry picked from commit
3d35a0ea307693a97583a61973e729a5e7db2687)
(cherry picked from commit
97f8cb01149b35b1832c7f9efe85ff19edf1083e)
Siyamed Sinir [Tue, 28 Nov 2017 21:29:18 +0000 (13:29 -0800)]
DO NOT MERGE Fix mTrustManager NPE
When isDeviceLocked function is called in KeyguardManager, mTrustManager
can be null. To prevent NPE during this call, moved the mTrustManager
access to a synchronized getter.
Test: run cts -c android.print.cts.PageRangeAdjustmentTest -m testWantedPagesAlreadyWrittenForPreview
Test: run cts -c android.accessibilityservice.cts.AccessibilityEndToEndTest -m testTypeViewTextChangedAccessibilityEvent
Test: run cts -c com.android.cts.appsecurity.DocumentsTest -m testCreateExisting
Test: run cts -c com.android.cts.devicepolicy.ManagedProfileTest -m testCrossProfileCopyPaste
Test: run cts -c android.text.method.cts.PasswordTransformationMethodTest
Bug:
69471788
Change-Id: I4b4a0bb3b127424fecdad85ba559ce861af165e4
Adam Vartanian [Tue, 7 Nov 2017 21:02:07 +0000 (21:02 +0000)]
Adjust Uri host parsing to use last instead of first @. am:
cd6228dd37 am:
6a9c7c4814
am:
4158c9fbf3
Change-Id: I61bc0f5471d8f7a9a59136f320d465f2ee81b518
Adam Vartanian [Tue, 7 Nov 2017 20:51:02 +0000 (20:51 +0000)]
Adjust Uri host parsing to use last instead of first @. am:
cd6228dd37
am:
6a9c7c4814
Change-Id: I80bedf58833511d336839df9f17daf65cfebfacf
Adam Vartanian [Tue, 7 Nov 2017 20:41:28 +0000 (20:41 +0000)]
Adjust Uri host parsing to use last instead of first @.
am:
cd6228dd37
Change-Id: I5db66a5a2073acaffe0560999c914a78df362c51
Adam Vartanian [Tue, 7 Nov 2017 12:22:23 +0000 (12:22 +0000)]
Adjust Uri host parsing to use last instead of first @.
Malformed authority segments can currently cause the parser to produce
a hostname that doesn't match the hostname produced by the WHATWG URL
parsing algorithm* used by browsers, which means that a URL could be seen
as having a "safe" host when checked by an Android app but actually visit
a different host when passed to a browser. The WHATWG URL parsing
algorithm always produces a hostname based on the last @ in the authority
segment, so we do the same.
* https://url.spec.whatwg.org/#authority-state resets the "buffer", which
is being used to build up the host name, each time an @ is found, so it
has the effect of using the content between the final @ and the end
of the authority section as the hostname.
Bug:
68341964
Test: vogar android.net.UriTest (on NYC branch)
Test: cts -m CtsNetTestCases (on NYC branch)
Change-Id: Idca79f35a886de042c94d6ab66787c2e98ac8376
Siyamed Sinir [Tue, 31 Oct 2017 16:25:26 +0000 (16:25 +0000)]
Merge "Use calling user ID when calling isDeviceLocked" into mnc-dev
am:
a0c253d07a
Change-Id: I9040d5dcde6228ea3f10bc03077800d2b070cbb1
Siyamed Sinir [Tue, 31 Oct 2017 16:17:06 +0000 (16:17 +0000)]
Merge "Use calling user ID when calling isDeviceLocked" into mnc-dev
Jeff Sharkey [Thu, 19 Oct 2017 22:32:13 +0000 (22:32 +0000)]
DO NOT MERGE. KEY_INTENT shouldn't grant permissions. am:
ca7ffa06bc -s ours am:
edb6b17ebc -s ours
am:
08bd3a75fb
Change-Id: I18e61b7280df672c91bb076f3ed894f895e075a0
Jeff Sharkey [Thu, 19 Oct 2017 22:25:25 +0000 (22:25 +0000)]
DO NOT MERGE. KEY_INTENT shouldn't grant permissions. am:
1f2a5d3622 -s ours
am:
b52056d549
Change-Id: I520162dc90c1855d0a6324e62507f78d6ce5b329
Siyamed Sinir [Thu, 19 Oct 2017 22:16:30 +0000 (22:16 +0000)]
Fix ClipboardService device lock check for cross profile am:
0595b5a94b am:
9e5a4ed6c3 -s ours
am:
1c7cdde2d3
Change-Id: Iee9737ebbb5e9f3d476ddb54d9ae9898b2d01d14
Jeff Sharkey [Thu, 19 Oct 2017 22:14:01 +0000 (22:14 +0000)]
DO NOT MERGE. KEY_INTENT shouldn't grant permissions. am:
ca7ffa06bc -s ours
am:
edb6b17ebc -s ours
Change-Id: Ie31aff669dfbabd860c123d4448362af4903973d
Jeff Sharkey [Thu, 19 Oct 2017 22:10:20 +0000 (22:10 +0000)]
DO NOT MERGE. KEY_INTENT shouldn't grant permissions.
am:
1f2a5d3622 -s ours
Change-Id: I2bf88a0e4808e7d3db67e7944696121c284ed7ae
Siyamed Sinir [Thu, 19 Oct 2017 22:04:10 +0000 (22:04 +0000)]
Fix ClipboardService device lock check for cross profile am:
0595b5a94b
am:
9e5a4ed6c3 -s ours
Change-Id: Ie6822b787e5777688faadcf125637b9c66c202de
Beverly Tai [Thu, 19 Oct 2017 21:35:03 +0000 (21:35 +0000)]
Merge "DO NOT MERGE Backporting potential usb tapjacking precaution." into lmp-mr1-dev am:
f2b592726d -s ours
am:
dfbaa1fd8b
Change-Id: I3bcc1adb52f00e95ef31dc17fc29b2e0242bc753
Suprabh Shukla [Thu, 19 Oct 2017 21:25:06 +0000 (21:25 +0000)]
Clearing up invalid entries when SyncStorageEngine starts am:
271702fc28 am:
8b438236ce -s ours
am:
159648d6e5
Change-Id: I34260f4fd841084a9e91b89905d84004efb40b23
Beverly Tai [Thu, 19 Oct 2017 21:18:55 +0000 (21:18 +0000)]
Merge "DO NOT MERGE Backporting potential usb tapjacking precaution." into lmp-mr1-dev
am:
f2b592726d -s ours
Change-Id: Idd1243bb1cddc91f34f6e47e9cea88b72cff29d0
Suprabh Shukla [Thu, 19 Oct 2017 20:57:26 +0000 (20:57 +0000)]
Clearing up invalid entries when SyncStorageEngine starts am:
271702fc28
am:
8b438236ce -s ours
Change-Id: Ib8c3a4e6e8e39e42aa640c9988d0dd2022f486ec
Beverly Tai [Thu, 19 Oct 2017 01:38:56 +0000 (01:38 +0000)]
Merge "DO NOT MERGE Backporting potential usb tapjacking precaution." into lmp-dev am:
e1adf2240f -s ours am:
3ca0cc0ae6 -s ours
am:
01ae445966
Change-Id: Ia2dff6ee69c4c7f10413aa98ba17ca717cb492d2
Siyamed Sinir [Thu, 19 Oct 2017 01:30:16 +0000 (01:30 +0000)]
Merge "Prevent getting data from Clipboard if device is locked" into lmp-dev am:
9f496fbbe0 am:
4973227cbf -s ours
am:
dcdb0e6bbe
Change-Id: I245194dbfd5da9eb5f5d13977b12b5dde39c1bb2
Beverly Tai [Thu, 19 Oct 2017 01:23:57 +0000 (01:23 +0000)]
Merge "DO NOT MERGE Backporting potential usb tapjacking precaution." into lmp-dev am:
e1adf2240f -s ours
am:
3ca0cc0ae6 -s ours
Change-Id: Id5662a7d789e3e17e365d99b439cc8e8ab5d1c37
Siyamed Sinir [Thu, 19 Oct 2017 01:20:25 +0000 (01:20 +0000)]
Merge "Prevent getting data from Clipboard if device is locked" into lmp-dev am:
9f496fbbe0
am:
4973227cbf -s ours
Change-Id: I9f53bf5a896885860e204764a8a282f77eff50cd
Suprabh Shukla [Thu, 19 Oct 2017 00:18:17 +0000 (00:18 +0000)]
Revert "Clearing up invalid entries when SyncStorageEngine starts" am:
4a9d358448 am:
0597a93629 -s ours
am:
d2455f8fa2
Change-Id: I20c7da32465a525b0a0bcd21f862a0a49cf727cb
Suprabh Shukla [Thu, 19 Oct 2017 00:07:54 +0000 (00:07 +0000)]
Revert "Clearing up invalid entries when SyncStorageEngine starts" am:
4a9d358448
am:
0597a93629 -s ours
Change-Id: I08d261935eb00ae8e8a929ff9ab54f6ec48fac88
Suprabh Shukla [Wed, 18 Oct 2017 18:19:39 +0000 (18:19 +0000)]
Clearing up invalid entries when SyncStorageEngine starts am:
89c0dbca0f am:
53a2e46036 -s ours
am:
5bd2c48ac0 -s ours
Change-Id: Ib09d2326565a43d3ff0c4d0a88041703658a8804
Suprabh Shukla [Wed, 18 Oct 2017 18:04:15 +0000 (18:04 +0000)]
Clearing up invalid entries when SyncStorageEngine starts am:
89c0dbca0f
am:
53a2e46036 -s ours
Change-Id: Ic0fa17750a252a75912c4a2da73d45ff9a9fea1d
Fyodor Kupolov [Thu, 12 Oct 2017 18:22:57 +0000 (11:22 -0700)]
Use calling user ID when calling isDeviceLocked
If isDeviceLocked is called with clearCallingIdentity,
original userId should be explicitly passed
Bug:
67621847
Test: Manual
Change-Id: I2bcb92572898811cc96bda1149ef806e6239e929
Jeff Sharkey [Wed, 11 Oct 2017 22:55:00 +0000 (22:55 +0000)]
DO NOT MERGE. KEY_INTENT shouldn't grant permissions.
am:
ca7ffa06bc -s ours
Change-Id: I306c63c1922f29f1df3cb225bd2d3153cadecaa3
Jeff Sharkey [Wed, 11 Oct 2017 20:31:35 +0000 (20:31 +0000)]
DO NOT MERGE. KEY_INTENT shouldn't grant permissions.
am:
d87d2746a9
Change-Id: Ia5455efc69556e5a52b1cc945e99b2ef51fdcd23
Jeff Sharkey [Mon, 12 Jun 2017 23:33:07 +0000 (17:33 -0600)]
DO NOT MERGE. KEY_INTENT shouldn't grant permissions.
KEY_INTENT has no business granting any Uri permissions, so remove
any grant flags that malicious apps may have tried sneaking in.
Test: builds, boots
Bug:
32990341,
32879915
Change-Id: I657455a770c81f045ccce6abbd2291407a1cfb42
Jeff Sharkey [Mon, 12 Jun 2017 23:33:07 +0000 (17:33 -0600)]
DO NOT MERGE. KEY_INTENT shouldn't grant permissions.
KEY_INTENT has no business granting any Uri permissions, so remove
any grant flags that malicious apps may have tried sneaking in.
Test: builds, boots
Bug:
32990341,
32879915
Change-Id: I657455a770c81f045ccce6abbd2291407a1cfb42
Jeff Sharkey [Mon, 12 Jun 2017 23:33:07 +0000 (17:33 -0600)]
DO NOT MERGE. KEY_INTENT shouldn't grant permissions.
KEY_INTENT has no business granting any Uri permissions, so remove
any grant flags that malicious apps may have tried sneaking in.
Test: builds, boots
Bug:
32990341,
32879915
Change-Id: I657455a770c81f045ccce6abbd2291407a1cfb42
Jeff Sharkey [Mon, 12 Jun 2017 23:33:07 +0000 (17:33 -0600)]
DO NOT MERGE. KEY_INTENT shouldn't grant permissions.
KEY_INTENT has no business granting any Uri permissions, so remove
any grant flags that malicious apps may have tried sneaking in.
Test: builds, boots
Bug:
32990341,
32879915
Change-Id: I657455a770c81f045ccce6abbd2291407a1cfb42
Siyamed Sinir [Sat, 30 Sep 2017 00:12:41 +0000 (00:12 +0000)]
Fix ClipboardService device lock check for cross profile
am:
6d79675e0c
Change-Id: Icea573859a6d441e18665d9da855370582f2992a
Siyamed Sinir [Sat, 30 Sep 2017 00:03:48 +0000 (00:03 +0000)]
Fix ClipboardService device lock check for cross profile
am:
0595b5a94b
Change-Id: I6aeaaef43a8e8c5ede049ae9e97fbf6d0129bac4
Beverly Tai [Thu, 14 Sep 2017 14:18:07 +0000 (14:18 +0000)]
Merge "DO NOT MERGE Backporting potential usb tapjacking precaution." into mnc-dr-dev
Beverly Tai [Thu, 14 Sep 2017 13:11:10 +0000 (13:11 +0000)]
Merge "DO NOT MERGE Backporting potential usb tapjacking precaution." into lmp-mr1-dev
Siyamed Sinir [Wed, 13 Sep 2017 23:32:21 +0000 (16:32 -0700)]
Fix ClipboardService device lock check for cross profile
ClipboardService.isDeviceLocked should clear callingIdentity before
accessing KeyguardManager.
Test: bit CtsDevicePolicyManagerTestCases:com.android.cts.devicepolicy.ManagedProfileTest
Bug:
64934810
Change-Id: I81a7adac8c9d56ed801ffc1380fcbc987d5df3e6
Merged-In: I712abfe8d542cd1be9c1816f407c8912321ac480
Siyamed Sinir [Wed, 13 Sep 2017 22:09:24 +0000 (15:09 -0700)]
Fix ClipboardService device lock check for cross profile
ClipboardService.isDeviceLocked should clear callingIdentity before
accessing KeyguardManager.
Test: bit CtsDevicePolicyManagerTestCases:com.android.cts.devicepolicy.ManagedProfileTest
Bug:
64934810
Change-Id: Iffc8e73dd3ee14a94958bb50dd11a696eab7f052
Suprabh Shukla [Wed, 13 Sep 2017 20:21:09 +0000 (20:21 +0000)]
Clearing up invalid entries when SyncStorageEngine starts
am:
271702fc28
Change-Id: I4943cf417be41679c2fa332223825dd01a477814
Suprabh Shukla [Mon, 11 Sep 2017 22:20:35 +0000 (22:20 +0000)]
Clearing up invalid entries when SyncStorageEngine starts
Fixing the original change which was reverted. Using the
available api Context.getSystemService(String) instead of
the unavailable Context.getSystemService(Class)
Test: cts-tradefed run cts -p android.content.syncmanager
Bug:
35028827
This reverts commit
4a9d358448ef150cae259e9c5b5ed1227a1d6d9c.
Change-Id: I725430401eaec861f45bb91ee1352bb1307a6915
Beverly Tai [Tue, 12 Sep 2017 15:53:38 +0000 (15:53 +0000)]
Merge "DO NOT MERGE Backporting potential usb tapjacking precaution." into mnc-dev
am:
89a94b706d -s ours
Change-Id: Ibe0d0ddfa57cf5c52ff5f70c301c0e1f715e5e36
Beverly Tai [Tue, 12 Sep 2017 15:29:21 +0000 (15:29 +0000)]
Merge "DO NOT MERGE Backporting potential usb tapjacking precaution." into mnc-dev
Beverly [Thu, 7 Sep 2017 18:25:02 +0000 (14:25 -0400)]
DO NOT MERGE Backporting potential usb tapjacking precaution.
Bug:
62187985
Test: manual, backport
Change-Id: Ic7a81cf130fc70bc18f6990a662e921eb0d22635
Beverly [Wed, 6 Sep 2017 17:24:46 +0000 (13:24 -0400)]
DO NOT MERGE Backporting potential usb tapjacking precaution.
Bug:
62187985
Test: manual, backport
Change-Id: I1a2150b795425a68ad45ee0134e31a317076d806
Beverly [Fri, 1 Sep 2017 15:14:03 +0000 (11:14 -0400)]
DO NOT MERGE Backporting potential usb tapjacking precaution.
Bug:
62187985
Test: manual, backport
Change-Id: Id9fff28cf54969cbcbdc8a3bfaeadc02ff597c89
Beverly Tai [Tue, 12 Sep 2017 14:11:10 +0000 (14:11 +0000)]
Merge "DO NOT MERGE Backporting potential usb tapjacking precaution." into lmp-dev
am:
e1adf2240f -s ours
Change-Id: I02b0df60257429b5f2ed4ce2f0f4ee817abf585c
Beverly Tai [Tue, 12 Sep 2017 14:03:19 +0000 (14:03 +0000)]
Merge "DO NOT MERGE Backporting potential usb tapjacking precaution." into lmp-dev
Beverly [Thu, 31 Aug 2017 19:32:36 +0000 (15:32 -0400)]
DO NOT MERGE Backporting potential usb tapjacking precaution.
Bug:
62187985
Test: manual, backport
Change-Id: I52e27f84338fdcf63cad0ee7436233736499d87b
Siyamed Sinir [Mon, 11 Sep 2017 23:42:42 +0000 (23:42 +0000)]
Merge "Prevent getting data from Clipboard if device is locked" into mnc-dev
am:
06183a57a6
Change-Id: Ia69682e87705f3ede14ab87b2c496037e00d3c5a
Siyamed Sinir [Mon, 11 Sep 2017 23:42:10 +0000 (23:42 +0000)]
Merge "Prevent getting data from Clipboard if device is locked" into lmp-dev
am:
9f496fbbe0
Change-Id: Ibc57c285fec0bf1fcf560854971770e1353a88ac
Siyamed Sinir [Mon, 11 Sep 2017 23:31:44 +0000 (23:31 +0000)]
Merge "Prevent getting data from Clipboard if device is locked" into mnc-dev
Siyamed Sinir [Mon, 11 Sep 2017 23:30:34 +0000 (23:30 +0000)]
Merge "Prevent getting data from Clipboard if device is locked" into lmp-dev
Suprabh Shukla [Mon, 11 Sep 2017 22:25:29 +0000 (22:25 +0000)]
Revert "Clearing up invalid entries when SyncStorageEngine starts"
am:
4a9d358448
Change-Id: I3844594302279f859f7834a6bb29093162914ae6
Suprabh Shukla [Mon, 11 Sep 2017 19:50:51 +0000 (19:50 +0000)]
Revert "Clearing up invalid entries when SyncStorageEngine starts"
API getSystemService(Class) was not present in lmp-dev.
This reverts commit
89c0dbca0f52987571b62e929f114f3126c29455.
Bug:
35028827
Change-Id: I19846d2a3ee27aecbae2367a74ee49082eea154d
Tony Mak [Mon, 11 Sep 2017 08:26:32 +0000 (08:26 +0000)]
Merge "DPC should not be allowed to grant development permission" into mnc-dev
am:
328c129f4c
Change-Id: If2d6418cf2a71b2ae3094349101e71903c016224
TreeHugger Robot [Mon, 11 Sep 2017 08:14:19 +0000 (08:14 +0000)]
Merge "DPC should not be allowed to grant development permission" into mnc-dev
Suprabh Shukla [Mon, 11 Sep 2017 04:13:16 +0000 (04:13 +0000)]
Clearing up invalid entries when SyncStorageEngine starts
am:
89c0dbca0f
Change-Id: Ib6a256a22d703feae8067366d8dc2622593c1142
Suprabh Shukla [Sun, 10 Sep 2017 19:32:12 +0000 (19:32 +0000)]
Clearing up invalid entries when SyncStorageEngine starts
am:
5470469d73
Change-Id: I8ffaaf35be0e2586a5bdbbe5de6e6bd440e26017
Siyamed Sinir [Thu, 7 Sep 2017 01:02:23 +0000 (18:02 -0700)]
Prevent getting data from Clipboard if device is locked
Clipboard should not return data if the device is locked. This CL checks
for device locked state before returning values from get/has functions.
Bug:
64934810
Change-Id: I856a9079fe64db0af44383fae1a9a418de959420
Merged-In: Icefac226615fe22a7735dff4ba4c3b528fb2ac12
Siyamed Sinir [Thu, 7 Sep 2017 01:02:23 +0000 (18:02 -0700)]
Prevent getting data from Clipboard if device is locked
Clipboard should not return data if the device is locked. This CL checks
for device locked state before returning values from get/has functions.
Bug:
64934810
Change-Id: I856a9079fe64db0af44383fae1a9a418de959420
Suprabh Shukla [Fri, 12 May 2017 22:26:54 +0000 (15:26 -0700)]
Clearing up invalid entries when SyncStorageEngine starts
Any app with permission WRITE_SYNC_SETTINGS could write sync settings
for authorities or accounts that are not valid. This results in invalid
data being persisted to disk which can effectively lead to a DOS style
attack. Clearing such entries on boot will make sure that a reboot fixes
any such issues.
Test: cts-tradefed run cts-dev -m CtsSyncContentHostTestCases
Bug:
35028827
Change-Id: I9e206a42508e3cba65d7523bf47fff743f47dcb2
Merged-In: I9e206a42508e3cba65d7523bf47fff743f47dcb2
(cherry picked from commit
042a478b73c3b7f7cd73f5bb1af657cfe07d0571)
Suprabh Shukla [Fri, 12 May 2017 22:26:54 +0000 (15:26 -0700)]
Clearing up invalid entries when SyncStorageEngine starts
Any app with permission WRITE_SYNC_SETTINGS could write sync settings
for authorities or accounts that are not valid. This results in invalid
data being persisted to disk which can effectively lead to a DOS style
attack. Clearing such entries on boot will make sure that a reboot fixes
any such issues.
Test: cts-tradefed run cts-dev -m CtsSyncContentHostTestCases
Bug:
35028827
Change-Id: I9e206a42508e3cba65d7523bf47fff743f47dcb2
Merged-In: I9e206a42508e3cba65d7523bf47fff743f47dcb2
(cherry picked from commit
042a478b73c3b7f7cd73f5bb1af657cfe07d0571)
Tony Mak [Tue, 15 Aug 2017 18:56:39 +0000 (19:56 +0100)]
DPC should not be allowed to grant development permission
Test: cts-tradefed run cts-dev --module CtsDevicePolicyManagerTestCases --t com.android.cts.devicepolicy.MixedDeviceOwnerTest#testPermissionGrant_developmentPermission
Test: cts-tradefed run cts-dev --module CtsDevicePolicyManagerTestCases --t com.android.cts.devicepolicy.MixedProfileOwnerTest#testPermissionGrant_developmentPermission
Test: cts-tradefed run cts-dev --module CtsDevicePolicyManagerTestCases --t com.android.cts.devicepolicy.MixedDeviceOwnerTest#testPermissionGrant
Test: cts-tradefed run cts-dev --module CtsDevicePolicyManagerTestCases --t com.android.cts.devicepolicy.MixedProfileOwnerTest#testPermissionGrant
Test: Run "Permissions lockdown" test in CtsVerifier
Merged-In: If83d8edd0eea99145421e967ae47fdc264a5cf7c
Merged-In: I129bfe850981cf0b3646b7c1cf19c8a3ec69f512
Bug:
62623498
Change-Id: Ief96a23fa49f1ea923574840f8ff590a5ea2456e
Siarhei Vishniakou [Wed, 16 Aug 2017 21:26:49 +0000 (21:26 +0000)]
DO NOT MERGE Remove window obscurement information. am:
c3c2ed94ff am:
96fe6421f6 am:
9d99b0001e -s ours am:
3280efe50e -s ours am:
b737365553 am:
3d1931d4e3 -s ours
am:
6a7c6a24a7
Change-Id: I72398c99878637d26dbb976bab05aca315368729
Siarhei Vishniakou [Wed, 16 Aug 2017 21:15:05 +0000 (21:15 +0000)]
DO NOT MERGE Remove window obscurement information. am:
c3c2ed94ff am:
96fe6421f6 am:
9d99b0001e -s ours am:
3280efe50e -s ours am:
b737365553
am:
3d1931d4e3 -s ours
Change-Id: Ieb19904cf060072d2525836ebba9f310da515b4b
Siarhei Vishniakou [Wed, 16 Aug 2017 20:50:20 +0000 (20:50 +0000)]
DO NOT MERGE Remove window obscurement information. am:
c3c2ed94ff am:
96fe6421f6 am:
9d99b0001e -s ours am:
3280efe50e -s ours
am:
b737365553
Change-Id: I375324a937478c584e95cb6550d98293162656fc
Siarhei Vishniakou [Wed, 16 Aug 2017 20:35:40 +0000 (20:35 +0000)]
DO NOT MERGE Remove window obscurement information. am:
c3c2ed94ff am:
96fe6421f6 am:
9d99b0001e -s ours
am:
3280efe50e -s ours
Change-Id: Ia7bf4d6991be15c732ba8b55c37f2c9e447b1dbd
Siarhei Vishniakou [Wed, 16 Aug 2017 20:19:29 +0000 (20:19 +0000)]
DO NOT MERGE Remove window obscurement information. am:
c3c2ed94ff am:
96fe6421f6
am:
9d99b0001e -s ours
Change-Id: Ib0fb40f990138b3729b66bdb6d6a095bd3ad231d
Siarhei Vishniakou [Wed, 16 Aug 2017 20:03:29 +0000 (20:03 +0000)]
DO NOT MERGE Remove window obscurement information. am:
c3c2ed94ff
am:
96fe6421f6
Change-Id: Ia2ce3f8b95b578253c5336407ae85880d3d317f4
Siarhei Vishniakou [Wed, 16 Aug 2017 19:48:22 +0000 (19:48 +0000)]
DO NOT MERGE Remove window obscurement information.
am:
c3c2ed94ff
Change-Id: Ib9552165e9b1c2dfcd235d1f7930d85c258b2ece
Charles He [Wed, 16 Aug 2017 18:37:17 +0000 (18:37 +0000)]
Merge "Fix security hole in GateKeeperResponse." into mnc-dev
am:
039b357a46 -s ours
Change-Id: Ia916a0c1a5ec5d63e4e76ed9da9d563fd39d3823
TreeHugger Robot [Tue, 15 Aug 2017 19:30:53 +0000 (19:30 +0000)]
Merge "Fix security hole in GateKeeperResponse." into mnc-dev
Charles He [Tue, 15 Aug 2017 17:51:28 +0000 (17:51 +0000)]
[automerger] Fix security hole in GateKeeperResponse. am:
e74cae8f7c
Change-Id: Ic72c354aaec594f02567949e294be2c10da47853
Tony Mak [Fri, 28 Jul 2017 10:53:56 +0000 (11:53 +0100)]
Enforce policy for camera gesture in keyguard
Test:
1. Set lock screen, set keyguard policy. Lock the device.
Observe that double tap is not showing camera
2. Set lock screen, unset the keyguard policy. Lock the device.
Observe that double tap is showing camera
3. Unset lock screen (swipe), set the keyguard policy. Lock the device.
Observe that double tap is showing camera.
4. Unset lock screen (swipe), unset the keyguard policy. Lock the device.
Observe that double tap is showing camera.
Bug:
63787722
Merged-In: I104688eaad719528376e2851f837d5956a6a1169
Change-Id: I42e6d9015682998176fe41971356bde22e1b37b2
Siarhei Vishniakou [Fri, 28 Jul 2017 01:24:01 +0000 (18:24 -0700)]
DO NOT MERGE Remove window obscurement information.
If ACTION_OUTSIDE_EVENTS contain information about whether the touch is
obscured, then a pattern of invisible, untouchable, unfocusable
SYSTEM_ALERT_WINDOWS can be placed across the screen to determine
approximate locations of touch events without the user knowing.
Bug:
31097064
Test: cts-tradefed run cts --class android.security.cts.MotionEventTest
Change-Id: I081a483c491dd384e252f0b615affee96038fdda
Phil Weaver [Tue, 18 Jul 2017 23:28:55 +0000 (23:28 +0000)]
Merge "Back-port fixes for b/
62196835" into mnc-dev
am:
093c7a8e56
Change-Id: I7f734c7878cf065d15335602f9b0a6e02a786d53
Phil Weaver [Tue, 18 Jul 2017 23:21:16 +0000 (23:21 +0000)]
Merge "Back-port fixes for b/
62196835" into mnc-dev
Phil Weaver [Tue, 18 Jul 2017 20:44:05 +0000 (20:44 +0000)]
Merge "DO NOT MERGE Back-port fixes for b/
62196835" into lmp-dev am:
a620b21828 -s ours am:
954deb1c6e am:
37cf6265db -s ours
am:
5d46833d9c
Change-Id: I6b332afcc0e73fb8eddc27585c08da900c4f9ba4