git.osdn.net Git - android-x86/frameworks-base.git/log

(root) / android-x86 / frameworks-base.git / log

Charles He [Tue, 15 Aug 2017 17:52:57 +0000 (17:52 +0000)]

[automerger] Fix security hole in GateKeeperResponse. am: e74cae8f7c am: b1141b6ff0 am: 1cd9e8096f am: 6dfc8d8d4d

Change-Id: Ia5ad4b5d36d92caa26fa69951180320848c372e7

commit | commitdiff | tree

Charles He [Tue, 15 Aug 2017 17:52:27 +0000 (17:52 +0000)]

[automerger] Fix security hole in GateKeeperResponse. am: e74cae8f7c am: b1141b6ff0 am: 1cd9e8096f

Change-Id: I2fce56d688cc0a4111668c695c9cf9b1c930faf8

commit | commitdiff | tree

Charles He [Tue, 15 Aug 2017 17:51:58 +0000 (17:51 +0000)]

[automerger] Fix security hole in GateKeeperResponse. am: e74cae8f7c am: b1141b6ff0

Change-Id: Ia0d267bb2013d7ddfe26dddfa35f3f396cca7f20

commit | commitdiff | tree

Charles He [Tue, 15 Aug 2017 17:51:28 +0000 (17:51 +0000)]

[automerger] Fix security hole in GateKeeperResponse. am: e74cae8f7c

Change-Id: Ic72c354aaec594f02567949e294be2c10da47853

commit | commitdiff | tree

Tony Mak [Fri, 11 Aug 2017 21:10:58 +0000 (21:10 +0000)]

[automerger] Enforce policy for camera gesture in keyguard am: 65f02e8ba7 am: 6acee639af am: 569af6584a

Change-Id: Ic65e9bb19e46a8d16406a3d02e5b60f375338334

commit | commitdiff | tree

Tony Mak [Fri, 11 Aug 2017 21:09:58 +0000 (21:09 +0000)]

[automerger] Enforce policy for camera gesture in keyguard am: 65f02e8ba7 am: 6acee639af

Change-Id: I877b0cba326b85e894d52f24a694a1ef666cdb1c

commit | commitdiff | tree

Tony Mak [Fri, 11 Aug 2017 21:09:21 +0000 (21:09 +0000)]

[automerger] Enforce policy for camera gesture in keyguard am: 65f02e8ba7

Change-Id: Ia91fe8b88c04f1b430f8cf90f5691b6b2791610b

commit | commitdiff | tree

Tony Mak [Fri, 28 Jul 2017 10:53:56 +0000 (11:53 +0100)]

Enforce policy for camera gesture in keyguard

Test:
1. Set lock screen, set keyguard policy. Lock the device.
   Observe that double tap is not showing camera

2. Set lock screen, unset the keyguard policy. Lock the device.
   Observe that double tap is showing camera

3. Unset lock screen (swipe), set the keyguard policy. Lock the device.
   Observe that double tap is showing camera.

4. Unset lock screen (swipe), unset the keyguard policy. Lock the device.
   Observe that double tap is showing camera.

Bug: 63787722
Merged-In: I104688eaad719528376e2851f837d5956a6a1169

Change-Id: I42e6d9015682998176fe41971356bde22e1b37b2

commit | commitdiff | tree

Phil Weaver [Tue, 18 Jul 2017 23:58:28 +0000 (23:58 +0000)]

Merge "Back-port fixes for b/62196835" into mnc-dev am: 093c7a8e56 am: 0ddd7e4714 am: 9625d164e4
am: 996bc6bc12 -s ours

Change-Id: Iccbeb4cec6e40c00e7f875b5e3faa94772f1b819

commit | commitdiff | tree

Phil Weaver [Tue, 18 Jul 2017 23:41:26 +0000 (23:41 +0000)]

Merge "Back-port fixes for b/62196835" into mnc-dev am: 093c7a8e56 am: 0ddd7e4714
am: 9625d164e4

Change-Id: I0aa09448467dae806c9c5670ba8ed77e95a59da1

commit | commitdiff | tree

Phil Weaver [Tue, 18 Jul 2017 23:35:25 +0000 (23:35 +0000)]

Merge "Back-port fixes for b/62196835" into mnc-dev am: 093c7a8e56
am: 0ddd7e4714

Change-Id: If39e3e66871aed33dfa0a9949cfd70a7ec45231f

commit | commitdiff | tree

Phil Weaver [Tue, 18 Jul 2017 23:28:55 +0000 (23:28 +0000)]

Merge "Back-port fixes for b/62196835" into mnc-dev
am: 093c7a8e56

Change-Id: I7f734c7878cf065d15335602f9b0a6e02a786d53

commit | commitdiff | tree

Phil Weaver [Tue, 18 Jul 2017 23:21:16 +0000 (23:21 +0000)]

Merge "Back-port fixes for b/62196835" into mnc-dev

commit | commitdiff | tree

Phil Weaver [Tue, 18 Jul 2017 21:23:16 +0000 (21:23 +0000)]

Merge "Back-port fixes for b/62196835" into nyc-dev

commit | commitdiff | tree

Phil Weaver [Tue, 18 Jul 2017 21:07:43 +0000 (21:07 +0000)]

Merge "DO NOT MERGE Back-port fixes for b/62196835" into lmp-dev am: a620b21828 -s ours am: 954deb1c6e am: 37cf6265db -s ours am: 5d46833d9c am: 68f7106cf4 am: 5264237c94
am: 7e82d6204f -s ours

Change-Id: Ieb56ecb0867261e487f92fd5cdf845c99d577d78

commit | commitdiff | tree

Phil Weaver [Tue, 18 Jul 2017 21:00:36 +0000 (21:00 +0000)]

DO NOT MERGE Back-port fixes for b/62196835 am: 24fdc53cfe -s ours am: ff115bffb1 am: ccbac7e9e0 -s ours am: 76007bb240 am: 219d9b5dfb am: f05a6fc52d
am: cf7ce06abd -s ours

Change-Id: Ibef3aded20e00e9beef1ec189f1a471d978354e2

commit | commitdiff | tree

Phil Weaver [Tue, 18 Jul 2017 20:59:54 +0000 (20:59 +0000)]

Merge "DO NOT MERGE Back-port fixes for b/62196835" into lmp-dev am: a620b21828 -s ours am: 954deb1c6e am: 37cf6265db -s ours am: 5d46833d9c am: 68f7106cf4
am: 5264237c94

Change-Id: I6ca7d132a0df35af8763c3cb7baee375bfb6b178

commit | commitdiff | tree

Phil Weaver [Tue, 18 Jul 2017 20:55:18 +0000 (20:55 +0000)]

Back-port fixes for b/62196835 am: fd0ca151a6 am: 3c4d24923c -s ours am: 68efc2e5b5 am: e06843fe7e am: e11e076fed
am: 62eca82f89

Change-Id: I9a274bfc59f545076adeb2a82cde269457eecc67

commit | commitdiff | tree

Phil Weaver [Tue, 18 Jul 2017 20:55:02 +0000 (20:55 +0000)]

DO NOT MERGE Back-port fixes for b/62196835 am: 24fdc53cfe -s ours am: ff115bffb1 am: ccbac7e9e0 -s ours am: 76007bb240 am: 219d9b5dfb
am: f05a6fc52d

Change-Id: I3070db9b698328aa5778fa14825eba526a6a1b33

commit | commitdiff | tree

Phil Weaver [Tue, 18 Jul 2017 20:53:07 +0000 (20:53 +0000)]

Merge "DO NOT MERGE Back-port fixes for b/62196835" into lmp-dev am: a620b21828 -s ours am: 954deb1c6e am: 37cf6265db -s ours am: 5d46833d9c
am: 68f7106cf4

Change-Id: I19110cf28c6fda3fe3f8857bd8590a6a24ade91e

commit | commitdiff | tree

Phil Weaver [Tue, 18 Jul 2017 20:51:15 +0000 (20:51 +0000)]

Back-port fixes for b/62196835 am: fd0ca151a6 am: 3c4d24923c -s ours am: 68efc2e5b5 am: e06843fe7e
am: e11e076fed

Change-Id: Ide9b723cf1a31f8fd8b8f5ae848c3cd73c6a12b5

commit | commitdiff | tree

Phil Weaver [Tue, 18 Jul 2017 20:46:29 +0000 (20:46 +0000)]

DO NOT MERGE Back-port fixes for b/62196835 am: 24fdc53cfe -s ours am: ff115bffb1 am: ccbac7e9e0 -s ours am: 76007bb240
am: 219d9b5dfb

Change-Id: I1973a5936ceda80873ee03886b64905d46dc6623

commit | commitdiff | tree

Phil Weaver [Tue, 18 Jul 2017 20:44:05 +0000 (20:44 +0000)]

Merge "DO NOT MERGE Back-port fixes for b/62196835" into lmp-dev am: a620b21828 -s ours am: 954deb1c6e am: 37cf6265db -s ours
am: 5d46833d9c

Change-Id: I6b332afcc0e73fb8eddc27585c08da900c4f9ba4

commit | commitdiff | tree

Phil Weaver [Tue, 18 Jul 2017 20:44:03 +0000 (20:44 +0000)]

Back-port fixes for b/62196835 am: fd0ca151a6 am: 3c4d24923c -s ours am: 68efc2e5b5
am: e06843fe7e

Change-Id: I0faad26b07ab16c7b853b2bbe3eb1304ba70d6f2

commit | commitdiff | tree

Phil Weaver [Tue, 18 Jul 2017 20:38:43 +0000 (20:38 +0000)]

DO NOT MERGE Back-port fixes for b/62196835 am: 24fdc53cfe -s ours am: ff115bffb1 am: ccbac7e9e0 -s ours
am: 76007bb240

Change-Id: I143ebc6b57fe5c458e373dad1ac566f5d419aef2

commit | commitdiff | tree

Phil Weaver [Tue, 18 Jul 2017 20:35:51 +0000 (20:35 +0000)]

Back-port fixes for b/62196835 am: fd0ca151a6 am: 3c4d24923c -s ours
am: 68efc2e5b5

Change-Id: I4bb03e87b259faa45a8a2511d05c340f20fe2a6e

commit | commitdiff | tree

Phil Weaver [Tue, 18 Jul 2017 20:30:39 +0000 (20:30 +0000)]

Merge "DO NOT MERGE Back-port fixes for b/62196835" into lmp-dev am: a620b21828 -s ours am: 954deb1c6e
am: 37cf6265db -s ours

Change-Id: I28f848331e5379736dd777995fe844aa5c5df689

commit | commitdiff | tree

Phil Weaver [Tue, 18 Jul 2017 20:28:22 +0000 (20:28 +0000)]

DO NOT MERGE Back-port fixes for b/62196835 am: 24fdc53cfe -s ours am: ff115bffb1
am: ccbac7e9e0 -s ours

Change-Id: I28a499e21a6a6d6a4df26317712c09f658383d37

commit | commitdiff | tree

Phil Weaver [Tue, 18 Jul 2017 20:25:44 +0000 (20:25 +0000)]

Back-port fixes for b/62196835 am: fd0ca151a6
am: 3c4d24923c -s ours

Change-Id: Ie8d7f1d4840bcea7538f99b2eb1bfb2bc472549f

commit | commitdiff | tree

Phil Weaver [Tue, 18 Jul 2017 18:41:22 +0000 (18:41 +0000)]

Merge "DO NOT MERGE Back-port fixes for b/62196835" into lmp-dev am: a620b21828 -s ours
am: 954deb1c6e

Change-Id: I929c9dfa84b25fdbeadfedf0e0e9ecd914a74483

commit | commitdiff | tree

Phil Weaver [Tue, 18 Jul 2017 18:36:23 +0000 (18:36 +0000)]

Merge "DO NOT MERGE Back-port fixes for b/62196835" into lmp-dev
am: a620b21828 -s ours

Change-Id: Iaa4e8eb83ebf2036999a31e3487c6157bcefecbf

commit | commitdiff | tree

Phil Weaver [Tue, 18 Jul 2017 18:36:21 +0000 (18:36 +0000)]

DO NOT MERGE Back-port fixes for b/62196835 am: 24fdc53cfe -s ours
am: ff115bffb1

Change-Id: Ieca157f60b7c57f60900b55b10fcf8e585852e70

commit | commitdiff | tree

Phil Weaver [Tue, 18 Jul 2017 18:26:58 +0000 (18:26 +0000)]

Back-port fixes for b/62196835
am: fd0ca151a6

Change-Id: I442d26b476e3e83602b5f2eb61a01386e4d6d247

commit | commitdiff | tree

Phil Weaver [Tue, 18 Jul 2017 18:26:57 +0000 (18:26 +0000)]

DO NOT MERGE Back-port fixes for b/62196835
am: 24fdc53cfe -s ours

Change-Id: I01a6f574df5cc1b133b7f761062a6259aac07476

commit | commitdiff | tree

Phil Weaver [Tue, 18 Jul 2017 18:19:45 +0000 (18:19 +0000)]

Merge "DO NOT MERGE Back-port fixes for b/62196835" into lmp-dev

commit | commitdiff | tree

Phil Weaver [Wed, 12 Jul 2017 21:04:16 +0000 (14:04 -0700)]

Back-port fixes for b/62196835

Bug: 62196835
Test: Created an accessibility service that displays a system
and a toast overlay, confirmed that it disappeared when we
reached the accessibility permission screen that uses this
flag.

Change-Id: Ic51ead670fc480e549512ba1d02f49d9c13bc3f0

commit | commitdiff | tree

Phil Weaver [Wed, 12 Jul 2017 21:04:16 +0000 (14:04 -0700)]

commit | commitdiff | tree

Charles He [Fri, 14 Jul 2017 13:41:06 +0000 (14:41 +0100)]

Fix security hole in GateKeeperResponse.

GateKeeperResponse has inconsistent writeToParcel() and
createFromParcel() methods, making it possible for a malicious app to
create a Bundle that changes contents after reserialization. Such
Bundles can be used to execute Intents with system privileges.

This CL changes writeToParcel() to make serialization and
deserialization consistent, thus fixing the issue.

Bug: 62998805
Test: use the debug app (see bug)
Change-Id: Ie1c64172c454c3a4b7a0919eb3454f0e38efcd09

commit | commitdiff | tree

Phil Weaver [Wed, 12 Jul 2017 21:04:16 +0000 (14:04 -0700)]

commit | commitdiff | tree

Phil Weaver [Wed, 12 Jul 2017 21:04:16 +0000 (14:04 -0700)]

DO NOT MERGE Back-port fixes for b/62196835

Bug: 62196835
Test: Created an accessibility service that displays a system
and a toast overlay, confirmed that it disappeared when we
reached the accessibility permission screen that uses this
flag.

Change-Id: Ic51ead670fc480e549512ba1d02f49d9c13bc3f0

commit | commitdiff | tree

Phil Weaver [Wed, 12 Jul 2017 22:41:32 +0000 (22:41 +0000)]

Back-port fixes for b/62196835 am: 5bdffc5d57 am: 5a7eb970e2 -s ours am: f433884a84 am: ba928bd522 am: 1add6be25e am: ba46064323 am: 111a2c7987 am: 4d608d2f35 am: a6e0a6e31d
am: cba64fb461

Change-Id: I9c4fc2279ffa79ee85dc8a46be21095918fa52ad

commit | commitdiff | tree

Phil Weaver [Wed, 12 Jul 2017 22:35:35 +0000 (22:35 +0000)]

Back-port fixes for b/62196835 am: 5bdffc5d57 am: 5a7eb970e2 -s ours am: f433884a84 am: ba928bd522 am: 1add6be25e am: ba46064323 am: 111a2c7987 am: 4d608d2f35
am: a6e0a6e31d

Change-Id: Ia5af67f07974b520d8c3e7424c07402793a486f2

commit | commitdiff | tree

Phil Weaver [Wed, 12 Jul 2017 22:30:08 +0000 (22:30 +0000)]

Back-port fixes for b/62196835 am: 5bdffc5d57 am: 5a7eb970e2 -s ours am: f433884a84 am: ba928bd522 am: 1add6be25e am: ba46064323 am: 111a2c7987
am: 4d608d2f35

Change-Id: Id1626217e80920f162b735336ac708c4dd9467f9

commit | commitdiff | tree

Phil Weaver [Wed, 12 Jul 2017 22:24:06 +0000 (22:24 +0000)]

Back-port fixes for b/62196835 am: 5bdffc5d57 am: 5a7eb970e2 -s ours am: f433884a84 am: ba928bd522 am: 1add6be25e am: ba46064323
am: 111a2c7987

Change-Id: Idb7d3c789c6241aa8d77eb6077930b47c7ba69e4

commit | commitdiff | tree

Phil Weaver [Wed, 12 Jul 2017 22:18:59 +0000 (22:18 +0000)]

Back-port fixes for b/62196835 am: 5bdffc5d57 am: 5a7eb970e2 -s ours am: f433884a84 am: ba928bd522 am: 1add6be25e
am: ba46064323

Change-Id: I7119e3f003562f6d826d40ad3577b9db0e44c2c6

commit | commitdiff | tree

Phil Weaver [Wed, 12 Jul 2017 22:14:01 +0000 (22:14 +0000)]

Back-port fixes for b/62196835 am: 5bdffc5d57 am: 5a7eb970e2 -s ours am: f433884a84 am: ba928bd522
am: 1add6be25e

Change-Id: I83a6c654862443a69bfeeaf675a8c038b3f7fb53

commit | commitdiff | tree

Phil Weaver [Wed, 12 Jul 2017 22:06:27 +0000 (22:06 +0000)]

Back-port fixes for b/62196835 am: 5bdffc5d57 am: 5a7eb970e2 -s ours am: f433884a84
am: ba928bd522

Change-Id: I74a7b0488371606dd9bdccab854d23c0e09b1ac9

commit | commitdiff | tree

Phil Weaver [Wed, 12 Jul 2017 22:00:31 +0000 (22:00 +0000)]

Back-port fixes for b/62196835 am: 5bdffc5d57 am: 5a7eb970e2 -s ours
am: f433884a84

Change-Id: I737838098a36efafe1509c4814ac1120a3bb8297

commit | commitdiff | tree

Phil Weaver [Wed, 12 Jul 2017 21:55:31 +0000 (21:55 +0000)]

Back-port fixes for b/62196835 am: 5bdffc5d57
am: 5a7eb970e2 -s ours

Change-Id: Ifd4b5ff2487c8b8035ffaf6ed7e55539f26a463e

commit | commitdiff | tree

Phil Weaver [Wed, 12 Jul 2017 21:43:46 +0000 (21:43 +0000)]

Back-port fixes for b/62196835
am: 5bdffc5d57

Change-Id: Ia5dafc7a8724d296e710f32d936bb493b51951de

commit | commitdiff | tree

Phil Weaver [Tue, 11 Jul 2017 00:27:20 +0000 (17:27 -0700)]

commit | commitdiff | tree

Marco Nelissen [Fri, 16 Jun 2017 16:41:20 +0000 (16:41 +0000)]

libmedia_jni.so doesn't need libjhead.so am: 9a4a34afd8 -s ours am: 398d50feeb -s ours am: 49fc959be3 -s ours am: 23118a9b77 -s ours am: 45cd809caa -s ours am: ce4c7df6a0 -s ours
am: 035e2a5c37 -s ours

Change-Id: Ib6f84a832e27329e0eabf000b89e93145c43a31a

commit | commitdiff | tree

Marco Nelissen [Fri, 16 Jun 2017 16:26:30 +0000 (16:26 +0000)]

libmedia_jni.so doesn't need libjhead.so am: 9a4a34afd8 -s ours am: 398d50feeb -s ours am: 49fc959be3 -s ours am: 23118a9b77 -s ours am: 45cd809caa -s ours
am: ce4c7df6a0 -s ours

Change-Id: I1fb798481ca56b8c81386792b5642a544aae1c7e

commit | commitdiff | tree

Marco Nelissen [Fri, 16 Jun 2017 16:19:02 +0000 (16:19 +0000)]

libmedia_jni.so doesn't need libjhead.so am: 9a4a34afd8 -s ours am: 398d50feeb -s ours am: 49fc959be3 -s ours am: 23118a9b77 -s ours
am: 45cd809caa -s ours

Change-Id: Idd7b2d2536d1c25072794ba228f33fc2459f2aaa

commit | commitdiff | tree

Marco Nelissen [Fri, 16 Jun 2017 16:11:01 +0000 (16:11 +0000)]

libmedia_jni.so doesn't need libjhead.so am: 9a4a34afd8 -s ours am: 398d50feeb -s ours am: 49fc959be3 -s ours
am: 23118a9b77 -s ours

Change-Id: Id314511cf3e6af08e0f00e84e8945ea404b85c6a

commit | commitdiff | tree

Marco Nelissen [Fri, 16 Jun 2017 16:02:19 +0000 (16:02 +0000)]

libmedia_jni.so doesn't need libjhead.so am: 9a4a34afd8 -s ours am: 398d50feeb -s ours
am: 49fc959be3 -s ours

Change-Id: I0eb248911ce1a582a4939e2bd5419659c586128f

commit | commitdiff | tree

Marco Nelissen [Fri, 16 Jun 2017 15:51:48 +0000 (15:51 +0000)]

libmedia_jni.so doesn't need libjhead.so am: 9a4a34afd8 -s ours
am: 398d50feeb -s ours

Change-Id: Ide31821909dde91443cdf650216a6ada7277ce9a

commit | commitdiff | tree

Marco Nelissen [Fri, 16 Jun 2017 15:43:46 +0000 (15:43 +0000)]

libmedia_jni.so doesn't need libjhead.so
am: 9a4a34afd8 -s ours

Change-Id: I557d7e96401b742d916e2eef5aa03949018382c7

commit | commitdiff | tree

Marco Nelissen [Fri, 9 Jun 2017 22:07:38 +0000 (15:07 -0700)]

libmedia_jni.so doesn't need libjhead.so

Bug: 37776688
Merged-In: I0e0e6209be7a9d3e493abdcee8619cae6d4b9501
Change-Id: I18f0b6b88a9c0b117839497f081549404d5edc40

commit | commitdiff | tree

Marco Nelissen [Tue, 6 Jun 2017 23:39:57 +0000 (23:39 +0000)]

Merge "Close connection before retrying" into lmp-dev am: a8648ecebb am: 5181a7ab64 am: 4b78a79546 am: 6d5bc9a3c2 am: 3272cf26c1 am: e18e8c4113
am: 69b6a382a3

Change-Id: I2c599bac680bda5d4dcfa4f3b9fb5f1413839da0

commit | commitdiff | tree

Marco Nelissen [Tue, 6 Jun 2017 23:33:50 +0000 (23:33 +0000)]

Merge "Close connection before retrying" into lmp-dev am: a8648ecebb am: 5181a7ab64 am: 4b78a79546 am: 6d5bc9a3c2 am: 3272cf26c1
am: e18e8c4113

Change-Id: I5c34b680b1c7abcfd33c8719406516fe796afebb

commit | commitdiff | tree

Marco Nelissen [Tue, 6 Jun 2017 23:28:27 +0000 (23:28 +0000)]

Merge "Close connection before retrying" into lmp-dev am: a8648ecebb am: 5181a7ab64 am: 4b78a79546 am: 6d5bc9a3c2
am: 3272cf26c1

Change-Id: I92f069aa6f3a897f9bfba4405dcd64dc066db944

commit | commitdiff | tree

Marco Nelissen [Tue, 6 Jun 2017 23:22:14 +0000 (23:22 +0000)]

Merge "Close connection before retrying" into lmp-dev am: a8648ecebb am: 5181a7ab64 am: 4b78a79546
am: 6d5bc9a3c2

Change-Id: I8165c2218d0d5de41468f8acff86a720c03d1f52

commit | commitdiff | tree

Marco Nelissen [Tue, 6 Jun 2017 23:16:24 +0000 (23:16 +0000)]

Merge "Close connection before retrying" into lmp-dev am: a8648ecebb am: 5181a7ab64
am: 4b78a79546

Change-Id: Iceb4edfd80a0a483d28f2624669eff9dd86bfcb8

commit | commitdiff | tree

Marco Nelissen [Tue, 6 Jun 2017 23:10:16 +0000 (23:10 +0000)]

Merge "Close connection before retrying" into lmp-dev am: a8648ecebb
am: 5181a7ab64

Change-Id: I34a176a0da235836eaa9e44b843ec5d5654b8db9

commit | commitdiff | tree

Marco Nelissen [Tue, 6 Jun 2017 23:02:35 +0000 (23:02 +0000)]

Merge "Close connection before retrying" into lmp-dev
am: a8648ecebb

Change-Id: I744fdb979aa2803b53d3ff6f4e3e72f6f1160d74

commit | commitdiff | tree

TreeHugger Robot [Tue, 6 Jun 2017 22:53:55 +0000 (22:53 +0000)]

Merge "Close connection before retrying" into lmp-dev

commit | commitdiff | tree

Marco Nelissen [Fri, 2 Jun 2017 19:16:44 +0000 (12:16 -0700)]

Close connection before retrying

Otherwise the (CTS) server might run out of connections.
Bug: 38391487
Bug: 22771132
Test: build, run CTS, stream music

Change-Id: I92c782a6799ab36eec8df3f7c3217bea667b838a

commit | commitdiff | tree

Nick Kralevich [Mon, 22 May 2017 23:51:48 +0000 (23:51 +0000)]

ZygoteInit: Remove CAP_SYS_RESOURCE am: 4911af2b8c am: 1cc9ec47c8 am: 8965cd6a39 am: 47beaa8fab am: 55c8a1ede9 am: 66a08a5413
am: 7a06357519

Change-Id: I9301189268f519d4b87d8c9bfa88d1da4e8a53cd

commit | commitdiff | tree

Nick Kralevich [Mon, 22 May 2017 23:50:57 +0000 (23:50 +0000)]

system_server: add CAP_SYS_PTRACE am: 966619d0ab am: b8d972e973 am: c46889e2d2 am: f5bd84b82d am: 982b8018af am: 7fd2d8ea31
am: 5bfe82c3ee

Change-Id: I95333a7ff3d6ee1a3161d436a2a0b312931b663e

commit | commitdiff | tree

Nick Kralevich [Mon, 22 May 2017 23:36:12 +0000 (23:36 +0000)]

ZygoteInit: Remove CAP_SYS_RESOURCE am: 4911af2b8c am: 1cc9ec47c8 am: 8965cd6a39 am: 47beaa8fab am: 55c8a1ede9
am: 66a08a5413

Change-Id: Ica5cb7828a37bd597dc0d83f7a65e89380d1e31c

commit | commitdiff | tree

Nick Kralevich [Mon, 22 May 2017 23:35:04 +0000 (23:35 +0000)]

system_server: add CAP_SYS_PTRACE am: 966619d0ab am: b8d972e973 am: c46889e2d2 am: f5bd84b82d am: 982b8018af
am: 7fd2d8ea31

Change-Id: I4b57d119b9b8d512a017ede0fb62658fb25f9580

commit | commitdiff | tree

Nick Kralevich [Mon, 22 May 2017 23:19:09 +0000 (23:19 +0000)]

ZygoteInit: Remove CAP_SYS_RESOURCE am: 4911af2b8c am: 1cc9ec47c8 am: 8965cd6a39 am: 47beaa8fab
am: 55c8a1ede9

Change-Id: Ia3e4d749c5b5475640325fd47eb4260d52e61365

commit | commitdiff | tree

Nick Kralevich [Mon, 22 May 2017 23:18:24 +0000 (23:18 +0000)]

system_server: add CAP_SYS_PTRACE am: 966619d0ab am: b8d972e973 am: c46889e2d2 am: f5bd84b82d
am: 982b8018af

Change-Id: I8cb5052694668ee8021f75778244e4d1b6cc3bb5

commit | commitdiff | tree

Nick Kralevich [Mon, 22 May 2017 23:02:54 +0000 (23:02 +0000)]

ZygoteInit: Remove CAP_SYS_RESOURCE am: 4911af2b8c am: 1cc9ec47c8 am: 8965cd6a39
am: 47beaa8fab

Change-Id: Ie697e5e8bfb7664b410d564a84ae5784be890f90

commit | commitdiff | tree

Nick Kralevich [Mon, 22 May 2017 23:02:13 +0000 (23:02 +0000)]

system_server: add CAP_SYS_PTRACE am: 966619d0ab am: b8d972e973 am: c46889e2d2
am: f5bd84b82d

Change-Id: I163a9224d6b0ff5f42f52656773e1c297661b977

commit | commitdiff | tree

Nick Kralevich [Mon, 22 May 2017 22:46:18 +0000 (22:46 +0000)]

ZygoteInit: Remove CAP_SYS_RESOURCE am: 4911af2b8c am: 1cc9ec47c8
am: 8965cd6a39

Change-Id: If549cda5fd1a640fee746311745b9b08ebf63b91

commit | commitdiff | tree

Nick Kralevich [Mon, 22 May 2017 22:45:44 +0000 (22:45 +0000)]

system_server: add CAP_SYS_PTRACE am: 966619d0ab am: b8d972e973
am: c46889e2d2

Change-Id: I840740012d9ba0c434f7de0fd9ca83a44926d018

commit | commitdiff | tree

Nick Kralevich [Mon, 22 May 2017 22:24:39 +0000 (22:24 +0000)]

ZygoteInit: Remove CAP_SYS_RESOURCE am: 4911af2b8c
am: 1cc9ec47c8

Change-Id: Ic81685686dabbc1f0004a30785a021bf89420846

commit | commitdiff | tree

Nick Kralevich [Mon, 22 May 2017 22:23:47 +0000 (22:23 +0000)]

system_server: add CAP_SYS_PTRACE am: 966619d0ab
am: b8d972e973

Change-Id: I4d9e2d9b53523b9182a9f9272d06a93a87b0c61b

commit | commitdiff | tree

Nick Kralevich [Mon, 22 May 2017 22:05:18 +0000 (22:05 +0000)]

ZygoteInit: Remove CAP_SYS_RESOURCE
am: 4911af2b8c

Change-Id: I4aa46981edb8fd711e1aec8c889528e596e5c233

commit | commitdiff | tree

Nick Kralevich [Mon, 22 May 2017 22:04:57 +0000 (22:04 +0000)]

system_server: add CAP_SYS_PTRACE
am: 966619d0ab

Change-Id: Ie5f95f2c078cd0bec7a2b2321c3303301ec9ec74

commit | commitdiff | tree

Nick Kralevich [Tue, 14 Mar 2017 17:25:35 +0000 (10:25 -0700)]

ZygoteInit: Remove CAP_SYS_RESOURCE

Please see commit 3082eb7c7253c62a06aa151a80487a4eabd49914 for an
explanation of this change.

This capability is not used by system_server.

Bug: 34951864
Bug: 38496951
Test: code compiles, device boots, no selinux errors ever reported.
Change-Id: I4242b1abaa8679b9bfa0d31a1df565b46b7b3cc3
(cherry picked from commit 35775783fc6609035136184e3843bc743b59945d)

commit | commitdiff | tree

Nick Kralevich [Wed, 15 Feb 2017 23:12:31 +0000 (15:12 -0800)]

system_server: add CAP_SYS_PTRACE

Commit https://android.googlesource.com/kernel/common/+/f0ce0eee added
CAP_SYS_RESOURCE as a capability check which would allow access to
sensitive /proc/PID files. system_server uses this capability to collect
smaps from managed processes. Presumably this was done to avoid the
implications of granting CAP_SYS_PTRACE to system_server.

However, with SELinux enforcement, we can grant CAP_SYS_PTRACE but not
allow ptrace attach() to other processes. The net result of this is that
CAP_SYS_PTRACE and CAP_SYS_RESOURCE have identical security controls, as
long as system_server:process ptrace is never granted.

Add CAP_SYS_PTRACE to the set of capabilities granted to system_server.

Don't delete CAP_SYS_RESOURCE for now. SELinux has blocked the use of
CAP_SYS_RESOURCE, but we still want to generate audit logs if it's
triggered. CAP_SYS_RESOURCE can be deleted in a future commit.

Bug: 34951864
Bug: 38496951
Test: Device boots, functionality remains identical, no sys_resource
denials from system_server.
Change-Id: I2570266165396dba2b600eac7c42c94800d9c65b
(cherry picked from commit 3082eb7c7253c62a06aa151a80487a4eabd49914)

commit | commitdiff | tree

Dave Friedman [Mon, 10 Apr 2017 21:50:24 +0000 (14:50 -0700)]

Docs: Fixes broken link in Javadoc.

Bug: 37198106
Change-Id: If005bf563f7bd97f794261e03d46c7b092955a89

commit | commitdiff | tree

Phil Weaver [Sat, 8 Apr 2017 00:09:44 +0000 (00:09 +0000)]

Merge "Make a11y node info parceling more robust" into lmp-mr1-dev am: 88698afd01 am: 7cb5e1dfd1 am: d7552dc819 am: e3a1b81c8f am: 879bdbeb37
am: f580a2c257

Change-Id: I25bc8884d004bfc9790d40cb8f1ad1a285203e98

commit | commitdiff | tree

Phil Weaver [Sat, 8 Apr 2017 00:02:02 +0000 (00:02 +0000)]

Merge "Make a11y node info parceling more robust" into lmp-mr1-dev am: 88698afd01 am: 7cb5e1dfd1 am: d7552dc819 am: e3a1b81c8f
am: 879bdbeb37

Change-Id: I7e7f391e2fe53d60a13b8c96d5ba1cab6e880b48

commit | commitdiff | tree

Phil Weaver [Fri, 7 Apr 2017 23:58:02 +0000 (23:58 +0000)]

Merge "Make a11y node info parceling more robust" into lmp-mr1-dev am: 88698afd01 am: 7cb5e1dfd1 am: d7552dc819
am: e3a1b81c8f

Change-Id: I221aecc956ab769246b0aaee7507a468c106c43d

commit | commitdiff | tree

Phil Weaver [Fri, 7 Apr 2017 23:54:43 +0000 (23:54 +0000)]

Make a11y node info parceling more robust am: 1d8eb49073 am: 93c47c9d07 am: 3a7cf1f057 -s ours am: d3a4f4a33c am: 384e51767d am: e4beeeb423
am: 8e6d10c65f

Change-Id: I6ce318f51b1a7ead1898c6a6c61d9ca5e48f2fd1

commit | commitdiff | tree

Phil Weaver [Fri, 7 Apr 2017 23:51:01 +0000 (23:51 +0000)]

Merge "Make a11y node info parceling more robust" into lmp-mr1-dev am: 88698afd01 am: 7cb5e1dfd1
am: d7552dc819

Change-Id: I926e8b686895d4dcb401e0274b786702a5648307

commit | commitdiff | tree

Phil Weaver [Fri, 7 Apr 2017 23:47:07 +0000 (23:47 +0000)]

Make a11y node info parceling more robust am: 1d8eb49073 am: 93c47c9d07 am: 3a7cf1f057 -s ours am: d3a4f4a33c am: 384e51767d
am: e4beeeb423

Change-Id: I6a369b43c54463330d6aa8a2f4ad9b5f5e46e887

commit | commitdiff | tree

Phil Weaver [Fri, 7 Apr 2017 23:43:28 +0000 (23:43 +0000)]

Merge "Make a11y node info parceling more robust" into lmp-mr1-dev am: 88698afd01
am: 7cb5e1dfd1

Change-Id: I8e51350ae38384dfb9ae034d73fe9087837b27f7

commit | commitdiff | tree

Phil Weaver [Fri, 7 Apr 2017 23:43:01 +0000 (23:43 +0000)]

Make a11y node info parceling more robust am: 1d8eb49073 am: 93c47c9d07 am: 3a7cf1f057 -s ours am: d3a4f4a33c
am: 384e51767d

Change-Id: I566fa4ea9d3d15e1a65fbae11d20defb37868dd6

commit | commitdiff | tree

Phil Weaver [Fri, 7 Apr 2017 23:36:29 +0000 (23:36 +0000)]

Merge "Make a11y node info parceling more robust" into lmp-mr1-dev
am: 88698afd01

Change-Id: I37194d958aa5fc21ece027c288e2f9a0a239cd93

commit | commitdiff | tree

Phil Weaver [Fri, 7 Apr 2017 23:36:29 +0000 (23:36 +0000)]

Make a11y node info parceling more robust am: 1d8eb49073 am: 93c47c9d07 am: 3a7cf1f057 -s ours
am: d3a4f4a33c

Change-Id: I2c1d0fb08ed990e4deb03361dddb1075d1ac7fad

commit | commitdiff | tree

Phil Weaver [Fri, 7 Apr 2017 23:30:19 +0000 (23:30 +0000)]

Make a11y node info parceling more robust am: 1d8eb49073 am: 93c47c9d07
am: 3a7cf1f057 -s ours

Change-Id: I0000c6df3ca0375022535be19cf0f9a76ed07e39

commit | commitdiff | tree

Phil Weaver [Fri, 7 Apr 2017 23:27:47 +0000 (23:27 +0000)]

Merge "Make a11y node info parceling more robust" into lmp-mr1-dev

commit | commitdiff | tree

Phil Weaver [Fri, 7 Apr 2017 23:16:55 +0000 (23:16 +0000)]

Make a11y node info parceling more robust am: 1d8eb49073
am: 93c47c9d07

Change-Id: I8677c77968c202c8c6a0553db919610a140fda58

commit | commitdiff | tree

Phil Weaver [Fri, 7 Apr 2017 23:10:27 +0000 (23:10 +0000)]

Merge "Make a11y node info parceling more robust" into nyc-dev