OSDN Git Service
Jeff Sharkey [Fri, 2 Dec 2016 18:55:07 +0000 (18:55 +0000)]
Merge "DO NOT MERGE. Check provider access for content changes." into lmp-mr1-dev am:
6b89229d14 am:
a7efe16fe1 -s ours
am:
f1085f2dc8
Change-Id: I565994dc5bbfc11b3293cb77aabca77b908a9039
Jeff Sharkey [Fri, 2 Dec 2016 18:53:57 +0000 (18:53 +0000)]
DO NOT MERGE. Check provider access for content changes. am:
91add43ae7 am:
792d49dfb5 -s ours
am:
32af84320b
Change-Id: I73fe93944c2c2aebca02ca85d441905c2075bc65
Jeff Sharkey [Fri, 2 Dec 2016 18:38:01 +0000 (18:38 +0000)]
Merge "DO NOT MERGE. Check provider access for content changes." into lmp-mr1-dev am:
6b89229d14
am:
a7efe16fe1 -s ours
Change-Id: I17b84f1e8d8432292568c0adb2b3d89563a72b50
Jeff Sharkey [Fri, 2 Dec 2016 18:36:33 +0000 (18:36 +0000)]
DO NOT MERGE. Check provider access for content changes. am:
91add43ae7
am:
792d49dfb5 -s ours
Change-Id: I50ab47cb03b65cc8be78c9a139561e4befbb1a95
Jeff Sharkey [Fri, 2 Dec 2016 18:20:02 +0000 (18:20 +0000)]
Merge "DO NOT MERGE: Check provider access for content changes." into mnc-dev
am:
8e14278209
Change-Id: I31e403ccc5207073d327a144f9b82fb93e01b865
Jeff Sharkey [Fri, 2 Dec 2016 18:19:56 +0000 (18:19 +0000)]
Merge "DO NOT MERGE. Check provider access for content changes." into lmp-mr1-dev
am:
6b89229d14
Change-Id: I8f09aaed1be7f86cfb0a2cbe91ae5b4fe881df07
Jeff Sharkey [Fri, 2 Dec 2016 18:19:51 +0000 (18:19 +0000)]
DO NOT MERGE. Check provider access for content changes.
am:
91add43ae7
Change-Id: I158a5dab0643fb5d2c07393f0df030e93b3c006a
Jeff Sharkey [Fri, 2 Dec 2016 18:19:50 +0000 (18:19 +0000)]
DO NOT MERGE: Check provider access for content changes.
am:
4ddbf942a0
Change-Id: I9895591df11a2416cd3191ac9c790ecac167ece5
Jeff Sharkey [Fri, 2 Dec 2016 18:10:04 +0000 (18:10 +0000)]
Merge "DO NOT MERGE. Check provider access for content changes." into lmp-mr1-dev
Jeff Sharkey [Fri, 2 Dec 2016 18:10:03 +0000 (18:10 +0000)]
Merge "DO NOT MERGE: Check provider access for content changes." into mnc-dr-dev
Jeff Sharkey [Fri, 2 Dec 2016 18:10:01 +0000 (18:10 +0000)]
Merge "DO NOT MERGE: Check provider access for content changes." into mnc-dev
Jeff Sharkey [Fri, 2 Dec 2016 01:13:04 +0000 (01:13 +0000)]
DO NOT MERGE. Retain DownloadManager Uri grants when clearing. am:
f279a5bc0d -s ours am:
704085119d am:
8bd3aa70ad -s ours
am:
60cc001b28
Change-Id: Ic21f6cc9072ae65ba67f117a21c4703e8f8cf6ea
Jeff Sharkey [Fri, 2 Dec 2016 01:01:52 +0000 (01:01 +0000)]
DO NOT MERGE. Retain DownloadManager Uri grants when clearing. am:
f279a5bc0d -s ours am:
704085119d
am:
8bd3aa70ad -s ours
Change-Id: I3ef5d68391566fc428906799a6ec6d166b9479a4
Jeff Sharkey [Fri, 2 Dec 2016 01:01:51 +0000 (01:01 +0000)]
DO NOT MERGE. Retain DownloadManager Uri grants when clearing. am:
1de465bec2 am:
b9a0b79675 -s ours
am:
1da786d723
Change-Id: I09b766396a8334551917723a47d5bba2590cb2bd
Jeff Sharkey [Fri, 2 Dec 2016 00:56:36 +0000 (00:56 +0000)]
DO NOT MERGE. Retain DownloadManager Uri grants when clearing. am:
1de465bec2
am:
b9a0b79675 -s ours
Change-Id: I82040d83bc780656b5deaa4fbe664700567e2138
Jeff Sharkey [Fri, 2 Dec 2016 00:56:32 +0000 (00:56 +0000)]
DO NOT MERGE. Retain DownloadManager Uri grants when clearing. am:
f279a5bc0d -s ours
am:
704085119d
Change-Id: Ic687581a9bf5f0906cdb7642e59b81d9b6175aca
Jeff Sharkey [Fri, 2 Dec 2016 00:56:31 +0000 (00:56 +0000)]
DO NOT MERGE. Retain DownloadManager Uri grants when clearing.
am:
3b0aa060a3
Change-Id: I3ba9a8dedfda4d878b99cc7de8a41418d424495c
Jeff Sharkey [Fri, 2 Dec 2016 00:50:29 +0000 (00:50 +0000)]
DO NOT MERGE. Retain DownloadManager Uri grants when clearing.
am:
1de465bec2
Change-Id: I14f82fa9c555bea0e71553713436a6836a421691
Jeff Sharkey [Fri, 2 Dec 2016 00:50:27 +0000 (00:50 +0000)]
DO NOT MERGE. Retain DownloadManager Uri grants when clearing.
am:
f279a5bc0d -s ours
Change-Id: I7fde8a3cd529bc495aa7e886988d73e22815c0b4
Jeff Sharkey [Wed, 30 Nov 2016 23:07:00 +0000 (16:07 -0700)]
DO NOT MERGE. Retain DownloadManager Uri grants when clearing.
As part of fixing a recent security issue, DownloadManager now needs
to issue Uri permission grants for all downloads. However, if an app
that requested a download is upgraded or otherwise force-stopped,
the required permission grants are removed.
We could tell DownloadManager about the app being stopped, but that
would be racy (due to background broadcast), and waking it up would
degrade system health. Instead, as a special case we now only
consider clearing DownloadManager permission grants when app data
is being cleared.
Bug:
32172542,
30537115
Test: builds, boots, app upgrade doesn't clear grants
Change-Id: I7e3d4546fd12bfe5f81b9fb9857ece58d574a6b9
(cherry picked from commit
23ec811266fb728cf159a90ce4882b3c9bac1887)
Jeff Sharkey [Wed, 30 Nov 2016 23:07:00 +0000 (16:07 -0700)]
DO NOT MERGE. Retain DownloadManager Uri grants when clearing.
As part of fixing a recent security issue, DownloadManager now needs
to issue Uri permission grants for all downloads. However, if an app
that requested a download is upgraded or otherwise force-stopped,
the required permission grants are removed.
We could tell DownloadManager about the app being stopped, but that
would be racy (due to background broadcast), and waking it up would
degrade system health. Instead, as a special case we now only
consider clearing DownloadManager permission grants when app data
is being cleared.
Bug:
32172542,
30537115
Test: builds, boots, app upgrade doesn't clear grants
Change-Id: I7e3d4546fd12bfe5f81b9fb9857ece58d574a6b9
(cherry picked from commit
23ec811266fb728cf159a90ce4882b3c9bac1887)
Jeff Sharkey [Wed, 30 Nov 2016 23:07:00 +0000 (16:07 -0700)]
DO NOT MERGE. Retain DownloadManager Uri grants when clearing.
As part of fixing a recent security issue, DownloadManager now needs
to issue Uri permission grants for all downloads. However, if an app
that requested a download is upgraded or otherwise force-stopped,
the required permission grants are removed.
We could tell DownloadManager about the app being stopped, but that
would be racy (due to background broadcast), and waking it up would
degrade system health. Instead, as a special case we now only
consider clearing DownloadManager permission grants when app data
is being cleared.
Bug:
32172542,
30537115
Test: builds, boots, app upgrade doesn't clear grants
Change-Id: I7e3d4546fd12bfe5f81b9fb9857ece58d574a6b9
(cherry picked from commit
23ec811266fb728cf159a90ce4882b3c9bac1887)
Jeff Sharkey [Wed, 30 Nov 2016 23:07:00 +0000 (16:07 -0700)]
DO NOT MERGE. Retain DownloadManager Uri grants when clearing.
As part of fixing a recent security issue, DownloadManager now needs
to issue Uri permission grants for all downloads. However, if an app
that requested a download is upgraded or otherwise force-stopped,
the required permission grants are removed.
We could tell DownloadManager about the app being stopped, but that
would be racy (due to background broadcast), and waking it up would
degrade system health. Instead, as a special case we now only
consider clearing DownloadManager permission grants when app data
is being cleared.
Bug:
32172542,
30537115
Test: builds, boots, app upgrade doesn't clear grants
Change-Id: I7e3d4546fd12bfe5f81b9fb9857ece58d574a6b9
(cherry picked from commit
23ec811266fb728cf159a90ce4882b3c9bac1887)
Jeff Sharkey [Fri, 18 Nov 2016 22:31:22 +0000 (15:31 -0700)]
DO NOT MERGE. Check provider access for content changes.
For an app to either send or receive content change notifications,
require that they have some level of access to the underlying
provider.
Without these checks, a malicious app could sniff sensitive user data
from the notifications of otherwise private providers.
Test: builds, boots, PoC app now fails
Bug:
32555637
Change-Id: If2dcd45cb0a9f1fb3b93e39fc7b8ae9c34c2fdef
Jeff Sharkey [Thu, 17 Nov 2016 00:22:48 +0000 (17:22 -0700)]
DO NOT MERGE: Check provider access for content changes.
For an app to either send or receive content change notifications,
require that they have some level of access to the underlying
provider.
Without these checks, a malicious app could sniff sensitive user data
from the notifications of otherwise private providers.
Test: builds, boots, PoC app now fails
Bug:
32555637
Change-Id: If2dcd45cb0a9f1fb3b93e39fc7b8ae9c34c2fdef
Jeff Sharkey [Thu, 17 Nov 2016 00:22:48 +0000 (17:22 -0700)]
DO NOT MERGE: Check provider access for content changes.
For an app to either send or receive content change notifications,
require that they have some level of access to the underlying
provider.
Without these checks, a malicious app could sniff sensitive user data
from the notifications of otherwise private providers.
Test: builds, boots, PoC app now fails
Bug:
32555637
Change-Id: If2dcd45cb0a9f1fb3b93e39fc7b8ae9c34c2fdef
Brian Carlstrom [Fri, 11 Nov 2016 04:02:58 +0000 (04:02 +0000)]
Merge "Zygote : Block SIGCHLD during fork." into mnc-dr-dev
Narayan Kamath [Fri, 11 Nov 2016 01:56:28 +0000 (01:56 +0000)]
Zygote : Block SIGCHLD during fork. am:
b1f1209d9a am:
35b8453338 am:
14bd75fa79
am:
50b0c3be57 -s ours
Change-Id: I745d1c8e0066b0a7864d931b268b04a9458c7984
Narayan Kamath [Mon, 7 Nov 2016 16:22:48 +0000 (16:22 +0000)]
Zygote : Block SIGCHLD during fork.
We close the android logging related sockets prior as late as possible
before every fork to avoid having to whitelist them. If one of the
zygote's children dies after this point (but prior to the fork), we can
end up reopening the logging sockets from the SIGCHLD signal handler.
To prevent this from happening, block SIGCHLD during this critical
section.
Bug:
32693692
Test: Manual
(cherry picked from commit
e9a525829a354c92983a35455ccab16d1b0d3892)
Zygote: Unblock SIGCHLD in the parent after fork.
Follow up to change
e9a525829a354c92983a. Allows the zygote to
receive SIGCHLD again and prevents the zygote from getting into a
zombie state if it's killed.
Contributed-By: rhed_jao <rhed_jao@htc.com>
Bug:
32693692
Test: manual
(cherry picked from commit
c7161f756e86b98f2244a04d9207b47149965fd7)
Change-Id: If89903a29c84dfc9b056f9e19618046874bba689
(cherry picked from commit
dfcc79ee8ecd4166cba19be7493c6175cb0c65a9)
Narayan Kamath [Thu, 10 Nov 2016 23:48:38 +0000 (23:48 +0000)]
Merge "Zygote: Additional whitelisting for legacy devices." into lmp-dev am:
7bd25ab485 am:
a045aed7a2 am:
846f64c6fc
am:
83b46a1590
Change-Id: Ib859c8848a05004a5de36aaf67b4dd3ac72899e9
Narayan Kamath [Thu, 10 Nov 2016 23:47:45 +0000 (23:47 +0000)]
Zygote: Additional whitelisting for legacy devices. am:
7d302e018d am:
f369b3ce75 am:
e82866df3f
am:
f8335b6a59
Change-Id: Iecd1ad8590d30eea4031eeeea3d455199221379c
Narayan Kamath [Thu, 10 Nov 2016 23:46:36 +0000 (23:46 +0000)]
Merge "Zygote: Additional whitelists for runtime overlay / other static resources." into lmp-dev am:
d60156dfc6 am:
fd23b9d509 am:
b0a7831375
am:
5594cfc2c3
Change-Id: I04a81810d474bedf7a8fcc4e089a95e1c7c030ba
Narayan Kamath [Thu, 10 Nov 2016 23:45:32 +0000 (23:45 +0000)]
Zygote: Additional whitelists for runtime overlay / other static resources. am:
0ad0e859f6 am:
1e6a5d11a6 am:
f0cd32619e -s ours
am:
4c26a969e9
Change-Id: I708b2d077eaad2c7bcf7d39a0d0449a5265779f1
neo.chae [Thu, 10 Nov 2016 23:44:32 +0000 (23:44 +0000)]
Fix idmap leak in zygote process am:
0244ca8d10 am:
82537abc3b am:
85afb42c16
am:
b4b2203c5e
Change-Id: Ifd540b5f9cb1e32a002ed86c67eda30189f4e23f
Xin Li [Thu, 10 Nov 2016 23:43:39 +0000 (23:43 +0000)]
Merge "Merge "Merge "DO NOT MERGE - Added Emergency affordance feature" into lollipop-mr1-dev" into lmp-mr1-dev." into lmp-mr1-dev am:
78f15948fb am:
34de2a2d45 -s ours
am:
a5c82e7dd9
Change-Id: I5ee94abbb8f6f4e8f98e8b81349ba58da3601407
Xin Li [Thu, 10 Nov 2016 23:42:19 +0000 (23:42 +0000)]
Merge "Merge "DO NOT MERGE - Added Emergency affordance feature" into lollipop-mr1-dev" into lmp-mr1-dev. am:
7e0483fcec -s ours am:
16090c6177 -s ours
am:
0a568ae56e
Change-Id: I49e2be8c77a13c939fe5f7bf6c16e0e80fb3bbbb
Narayan Kamath [Thu, 10 Nov 2016 23:40:40 +0000 (23:40 +0000)]
Merge "Zygote: Additional whitelisting for legacy devices." into mnc-dev
am:
75c6b8c324
Change-Id: I4fb2f20ad4391915fe4ea734158274af5e879e10
Narayan Kamath [Thu, 10 Nov 2016 23:40:36 +0000 (23:40 +0000)]
Zygote: Additional whitelisting for legacy devices.
am:
5e2f7c6229
Change-Id: I36adcd8393eab2bb4421f9e3e72302c5db37422a
Narayan Kamath [Thu, 10 Nov 2016 23:39:07 +0000 (23:39 +0000)]
Merge "Zygote: Additional whitelists for runtime overlay / other static resources." into mnc-dev
am:
b3b03a9d78
Change-Id: Iafd7fc34df0fb88710003ea94219301d77ca78ed
Narayan Kamath [Thu, 10 Nov 2016 23:39:03 +0000 (23:39 +0000)]
Zygote: Additional whitelists for runtime overlay / other static resources.
am:
4e8ba1d73e
Change-Id: I52347c0024cc230d6e3db739eaafd78989c18430
Hugo Benichi [Thu, 10 Nov 2016 23:37:51 +0000 (23:37 +0000)]
Merge "DhcpClient: guard against failure to parse packets" into mnc-dev
am:
fce4e43167
Change-Id: I9bf79e439213358381668b8c15d2d3061fa1170d
Narayan Kamath [Thu, 10 Nov 2016 11:17:48 +0000 (11:17 +0000)]
Zygote : Block SIGCHLD during fork. am:
b1f1209d9a am:
35b8453338
am:
14bd75fa79
Change-Id: I9b2acc6d40cc0f4724598f97b704c040bba15417
Narayan Kamath [Thu, 10 Nov 2016 11:12:11 +0000 (11:12 +0000)]
Zygote : Block SIGCHLD during fork. am:
b1f1209d9a
am:
35b8453338
Change-Id: I7c73b1a37d79f31ad8fff6d0b83426debbfd88f9
Narayan Kamath [Thu, 10 Nov 2016 11:05:42 +0000 (11:05 +0000)]
Zygote : Block SIGCHLD during fork.
am:
b1f1209d9a
Change-Id: I3658f583c82dd6243089aaa74ad731a5bfa85b01
Narayan Kamath [Mon, 7 Nov 2016 16:22:48 +0000 (16:22 +0000)]
Zygote : Block SIGCHLD during fork.
We close the android logging related sockets prior as late as possible
before every fork to avoid having to whitelist them. If one of the
zygote's children dies after this point (but prior to the fork), we can
end up reopening the logging sockets from the SIGCHLD signal handler.
To prevent this from happening, block SIGCHLD during this critical
section.
Bug:
32693692
Test: Manual
(cherry picked from commit
e9a525829a354c92983a35455ccab16d1b0d3892)
Zygote: Unblock SIGCHLD in the parent after fork.
Follow up to change
e9a525829a354c92983a. Allows the zygote to
receive SIGCHLD again and prevents the zygote from getting into a
zombie state if it's killed.
Contributed-By: rhed_jao <rhed_jao@htc.com>
Bug:
32693692
Test: manual
(cherry picked from commit
1480dc3e97b661f5bfa3a5c2fbce72385b8d2be6)
Change-Id: If89903a29c84dfc9b056f9e19618046874bba689
Hugo Benichi [Thu, 10 Nov 2016 01:31:31 +0000 (10:31 +0900)]
resolve merge conflicts of
89aa6fb to mnc-dr-dev
Change-Id: I9e4e538081600be6a8199060bcb0d4040c071a22
Narayan Kamath [Wed, 9 Nov 2016 20:31:32 +0000 (20:31 +0000)]
Merge "Zygote: Additional whitelisting for legacy devices." into lmp-dev am:
7bd25ab485 am:
a045aed7a2
am:
846f64c6fc
Change-Id: Id2d5000722d160df14dd33aa937a36388b971b76
Narayan Kamath [Wed, 9 Nov 2016 20:30:33 +0000 (20:30 +0000)]
Zygote: Additional whitelisting for legacy devices. am:
7d302e018d am:
f369b3ce75
am:
e82866df3f
Change-Id: Icb4fcfc35784e5fbe913f8efb810879fd3011154
Narayan Kamath [Wed, 9 Nov 2016 20:29:37 +0000 (20:29 +0000)]
Merge "Zygote: Additional whitelists for runtime overlay / other static resources." into lmp-dev am:
d60156dfc6 am:
fd23b9d509
am:
b0a7831375
Change-Id: Ifb6032bd3c392ad90236b2ecaa18fa53894c4620
Narayan Kamath [Wed, 9 Nov 2016 20:28:35 +0000 (20:28 +0000)]
Zygote: Additional whitelists for runtime overlay / other static resources. am:
0ad0e859f6 am:
1e6a5d11a6
am:
f0cd32619e -s ours
Change-Id: I1b1a0428d1cc49ee4096f5459a5aa1a1f62ed700
neo.chae [Wed, 9 Nov 2016 20:25:12 +0000 (20:25 +0000)]
Fix idmap leak in zygote process am:
0244ca8d10 am:
82537abc3b
am:
85afb42c16
Change-Id: Ibb5ac24b2149637bf19b9a16153b1fcde5dbb45f
Xin Li [Wed, 9 Nov 2016 20:24:12 +0000 (20:24 +0000)]
Merge "Merge "Merge "DO NOT MERGE - Added Emergency affordance feature" into lollipop-mr1-dev" into lmp-mr1-dev." into lmp-mr1-dev am:
78f15948fb
am:
34de2a2d45 -s ours
Change-Id: Ifbc0ae4b514592e5e731b555bd4d393e46ad136d
Xin Li [Wed, 9 Nov 2016 20:23:04 +0000 (20:23 +0000)]
Merge "Merge "DO NOT MERGE - Added Emergency affordance feature" into lollipop-mr1-dev" into lmp-mr1-dev. am:
7e0483fcec -s ours
am:
16090c6177 -s ours
Change-Id: I25ba4f5731ecaed22faa95e3948e389405dca7e7
Narayan Kamath [Wed, 9 Nov 2016 20:17:01 +0000 (20:17 +0000)]
Merge "Zygote: Additional whitelisting for legacy devices." into lmp-dev am:
7bd25ab485
am:
a045aed7a2
Change-Id: Iec015c0607286511a0d82db7fd6c82f6e17379aa
Narayan Kamath [Wed, 9 Nov 2016 20:16:06 +0000 (20:16 +0000)]
Zygote: Additional whitelisting for legacy devices. am:
7d302e018d
am:
f369b3ce75
Change-Id: Id0794434479585b2cf4b4996256a3cb9374fd9a7
Narayan Kamath [Wed, 9 Nov 2016 20:15:05 +0000 (20:15 +0000)]
Merge "Zygote: Additional whitelists for runtime overlay / other static resources." into lmp-dev am:
d60156dfc6
am:
fd23b9d509
Change-Id: I86ad3b0fe5c3da67014540c1aa35c4326ee4f33b
Narayan Kamath [Wed, 9 Nov 2016 20:14:07 +0000 (20:14 +0000)]
Zygote: Additional whitelists for runtime overlay / other static resources. am:
0ad0e859f6
am:
1e6a5d11a6
Change-Id: Ia98abb9cb437dd3c42b80de5c0cd98c965e6603e
neo.chae [Wed, 9 Nov 2016 20:13:07 +0000 (20:13 +0000)]
Fix idmap leak in zygote process am:
0244ca8d10
am:
82537abc3b
Change-Id: I83d338ebfdefd0f935c4cfb14c3b15efca1cce0f
Xin Li [Wed, 9 Nov 2016 20:11:44 +0000 (20:11 +0000)]
Merge "Merge "Merge "DO NOT MERGE - Added Emergency affordance feature" into lollipop-mr1-dev" into lmp-mr1-dev." into lmp-mr1-dev
am:
78f15948fb
Change-Id: I5f5509cd98a6a98ce9edc782e9d8ef9093fa86e4
Xin Li [Wed, 9 Nov 2016 20:11:42 +0000 (20:11 +0000)]
Merge "Merge "Merge "DO NOT MERGE - Added Emergency affordance feature" into marshmallow-dev" into mnc-dev." into mnc-dev
am:
cc115c5931
Change-Id: I9e226ffdca4c3633061f0202da367e2be0eeeb1f
Xin Li [Wed, 9 Nov 2016 20:11:40 +0000 (20:11 +0000)]
Merge "Merge "DO NOT MERGE - Added Emergency affordance feature" into lollipop-mr1-dev" into lmp-mr1-dev.
am:
7e0483fcec -s ours
Change-Id: I3a351771548f827aeecf9a4c8305b907c106abc5
Xin Li [Wed, 9 Nov 2016 20:11:37 +0000 (20:11 +0000)]
Merge "Merge "DO NOT MERGE - Added Emergency affordance feature" into marshmallow-dev" into mnc-dev.
am:
ee2903686f -s ours
Change-Id: I565953c9962f328055512615185de735c33a50bb
Narayan Kamath [Wed, 9 Nov 2016 11:26:09 +0000 (11:26 +0000)]
Merge "Zygote: Additional whitelisting for legacy devices." into mnc-dev
Narayan Kamath [Wed, 9 Nov 2016 10:24:57 +0000 (10:24 +0000)]
Merge "Zygote: Additional whitelisting for legacy devices." into lmp-dev
am:
7bd25ab485
Change-Id: I0266e2fe129ac5ae0c7bbd84e7890d5c41872655
Narayan Kamath [Wed, 9 Nov 2016 10:24:53 +0000 (10:24 +0000)]
Zygote: Additional whitelisting for legacy devices.
am:
7d302e018d
Change-Id: I15f8e0ec93f502ca45a9b00d93baa66780701996
Narayan Kamath [Wed, 9 Nov 2016 10:20:00 +0000 (10:20 +0000)]
Merge "Zygote: Additional whitelisting for legacy devices." into lmp-dev
Narayan Kamath [Wed, 9 Nov 2016 09:45:32 +0000 (09:45 +0000)]
Merge "Zygote: Additional whitelists for runtime overlay / other static resources." into mnc-dev
Narayan Kamath [Wed, 9 Nov 2016 09:39:23 +0000 (09:39 +0000)]
Merge "Zygote: Additional whitelists for runtime overlay / other static resources." into lmp-dev
am:
d60156dfc6
Change-Id: I3696ed3639492ae446ccd1c9ad4feaaa9e15a5ef
Narayan Kamath [Wed, 9 Nov 2016 09:39:20 +0000 (09:39 +0000)]
Zygote: Additional whitelists for runtime overlay / other static resources.
am:
0ad0e859f6
Change-Id: Id24798deebb738ba6c6b6abef28ca96c0c61dc79
Narayan Kamath [Wed, 9 Nov 2016 09:30:47 +0000 (09:30 +0000)]
Merge "Zygote: Additional whitelists for runtime overlay / other static resources." into lmp-dev
neo.chae [Wed, 9 Nov 2016 09:21:46 +0000 (09:21 +0000)]
Fix idmap leak in zygote process
am:
0244ca8d10
Change-Id: Ia35ded23161ad5c5c6fe4dea388e74b8d8af2955
Hugo Benichi [Wed, 9 Nov 2016 02:24:41 +0000 (02:24 +0000)]
Merge "DhcpClient: guard against failure to parse packets" into mnc-dev
Xin Li [Tue, 8 Nov 2016 21:25:38 +0000 (21:25 +0000)]
Merge "Merge "Merge "DO NOT MERGE - Added Emergency affordance feature" into marshmallow-dev" into mnc-dev." into mnc-dev
Xin Li [Tue, 8 Nov 2016 21:24:12 +0000 (21:24 +0000)]
Merge "Merge "Merge "DO NOT MERGE - Added Emergency affordance feature" into lollipop-mr1-dev" into lmp-mr1-dev." into lmp-mr1-dev
neo.chae [Mon, 31 Oct 2016 15:02:38 +0000 (00:02 +0900)]
Fix idmap leak in zygote process
Fix a idmap leak in AssetManager::addSystemOverlays.
And, The fix could also prevent fd leak of idmap.
Test: none
Bug:
32691930
Signed-off-by: Hyangseok Chae <neo.chae@lge.com>
(cherry picked from commit
6a742a38509693f8b39ee9a5ad2803fca12688bf)
Change-Id: Idc4af77db2b0cb739bd6b009b6af0f9123be1aac
Narayan Kamath [Mon, 7 Nov 2016 19:59:29 +0000 (19:59 +0000)]
Zygote: Additional whitelisting for legacy devices.
On M and below, we provide a blanket whitelist for all files under
"/vendor/zygote_whitelist". This path is whitelisted purely to allow
this patch to be applied easily on legacy devices and configurations.
Note that this does not amount to a loosening of our security policy
because whitelisted files are reopened anyway.
Bug:
32691930
Test: manual
(cherry picked from commit
5e2f7c6229d7191183888d685b57a7d0a2835fce)
Change-Id: I9700fc7b469d0bc4d876c52292f25888b94a5223
Narayan Kamath [Fri, 23 Sep 2016 08:07:11 +0000 (09:07 +0100)]
Zygote: Additional whitelists for runtime overlay / other static resources.
Partially cherry picked from commit
1c15c635785c64a.
These files are safe to reopen for the same reason that files in
/system/framework are. They're regular files and will not change after
the first zygote fork.
Bug:
32618130
Change-Id: I119e0bfcbf397cb331064adf148d92a5cd3ea92f
Jeff Sharkey [Mon, 7 Nov 2016 23:43:23 +0000 (23:43 +0000)]
Merge "Public volumes belong to a single user." into mnc-dr-dev
Jeff Sharkey [Mon, 7 Nov 2016 23:35:40 +0000 (23:35 +0000)]
Merge "Public volumes belong to a single user." into mnc-dev
am:
34849c22e7
Change-Id: I5c57bb60ad565b4382184dbe55fc0e61d2fc3f0f
Jeff Sharkey [Mon, 7 Nov 2016 23:35:34 +0000 (23:35 +0000)]
Public volumes belong to a single user.
am:
3a062a67fa
Change-Id: Ibe40a7985bde6ff6d8bc307c28b94f7b1445c961
Jeff Sharkey [Mon, 7 Nov 2016 23:27:52 +0000 (23:27 +0000)]
Merge "Public volumes belong to a single user." into mnc-dev
Narayan Kamath [Mon, 7 Nov 2016 19:59:29 +0000 (19:59 +0000)]
Zygote: Additional whitelisting for legacy devices.
On M and below, we provide a blanket whitelist for all files under
"/vendor/zygote_whitelist". This path is whitelisted purely to allow
this patch to be applied easily on legacy devices and configurations.
Note that this does not amount to a loosening of our security policy
because whitelisted files are reopened anyway.
Bug:
32691930
Test: manual
Change-Id: If5b53f6f0a707f8d36603c09bfd3f72dbfbbbb99
Narayan Kamath [Fri, 23 Sep 2016 08:07:11 +0000 (09:07 +0100)]
Zygote: Additional whitelists for runtime overlay / other static resources.
Partially cherry picked from commit
1c15c635785c64a.
These files are safe to reopen for the same reason that files in
/system/framework are. They're regular files and will not change after
the first zygote fork.
Bug:
32618130
Change-Id: I119e0bfcbf397cb331064adf148d92a5cd3ea92f
Jeff Sharkey [Wed, 2 Nov 2016 21:26:01 +0000 (15:26 -0600)]
Public volumes belong to a single user.
When a public (vfat) device is inserted, it's strongly associated
with the current foreground user, and no other users should be able
to access it, since otherwise that would be a cross-user data leak.
To use the device under a different user, switch users and then
eject/remount the device.
Test: verified user isolation of USB drive
Bug:
32523490
Change-Id: I590c791996f1fea8d78f625dc942d149f1f41614
Jeff Sharkey [Wed, 2 Nov 2016 21:26:01 +0000 (15:26 -0600)]
Public volumes belong to a single user.
When a public (vfat) device is inserted, it's strongly associated
with the current foreground user, and no other users should be able
to access it, since otherwise that would be a cross-user data leak.
To use the device under a different user, switch users and then
eject/remount the device.
Test: verified user isolation of USB drive
Bug:
32523490
Change-Id: I590c791996f1fea8d78f625dc942d149f1f41614
Hugo Benichi [Tue, 11 Oct 2016 02:39:39 +0000 (11:39 +0900)]
DhcpClient: guard against failure to parse packets
DhcpPacket.decodeFullPacket() is not exception safe and can throw
various runtime exceptions when trying to parse malicious or malformed
packets.
This patch adds a generic catch-all-exception in DhcpClient to avoid
propagating the exception and killing the framework process on reception
of such malformed packets.
Bug:
31850211
Change-Id: I2e723a792ff067ada2834da875700d4df16c5159
Sungsoo [Tue, 18 Oct 2016 18:07:19 +0000 (18:07 +0000)]
DO NOT MERGE) ExifInterface: Close the file when an exception happens am:
418e0869ba am:
a5affb045e am:
9a15881184 -s ours am:
21c4e6d532 -s ours am:
ec44540d42 am:
583a7017ce -s ours
am:
8c94179f51
Change-Id: I8abecc3855c2dd92fbf25717bd56481dd1ee37ea
Sungsoo [Tue, 18 Oct 2016 18:00:54 +0000 (18:00 +0000)]
DO NOT MERGE) ExifInterface: Close the file when an exception happens am:
418e0869ba am:
a5affb045e am:
9a15881184 -s ours am:
21c4e6d532 -s ours am:
ec44540d42
am:
583a7017ce -s ours
Change-Id: I39976fd7bf943dd9b4e38c084270c977cf0511ca
Sungsoo [Tue, 18 Oct 2016 17:54:57 +0000 (17:54 +0000)]
DO NOT MERGE) ExifInterface: Close the file when an exception happens am:
418e0869ba am:
a5affb045e am:
9a15881184 -s ours am:
21c4e6d532 -s ours
am:
ec44540d42
Change-Id: Id4fd3422c443d5e7363d3ff27b2ba0eeb532f1dd
Sungsoo [Tue, 18 Oct 2016 17:47:58 +0000 (17:47 +0000)]
DO NOT MERGE) ExifInterface: Close the file when an exception happens am:
418e0869ba am:
a5affb045e am:
9a15881184 -s ours
am:
21c4e6d532 -s ours
Change-Id: Ibf02e62ee13accd5d204c44faeb6aa8c05afb709
Sungsoo [Tue, 18 Oct 2016 17:47:56 +0000 (17:47 +0000)]
DO NOT MERGE) ExifInterface: Close the file when an exception happens am:
135524f2c5 -s ours am:
02cd808ab8 am:
8e2451759d -s ours
am:
9cf942973d
Change-Id: Ice1c96b49f7350a41cf35779f0f1fb06f6ff0c77
Sungsoo [Tue, 18 Oct 2016 17:41:55 +0000 (17:41 +0000)]
DO NOT MERGE) ExifInterface: Close the file when an exception happens am:
418e0869ba am:
a5affb045e
am:
9a15881184 -s ours
Change-Id: I67ba2d8b8d3c3f32fca417303ee422482acc40d8
Sungsoo [Tue, 18 Oct 2016 17:41:49 +0000 (17:41 +0000)]
DO NOT MERGE) ExifInterface: Close the file when an exception happens am:
135524f2c5 -s ours am:
02cd808ab8
am:
8e2451759d -s ours
Change-Id: Id0d69d1bddcf0d6059b53bd3a4b2b55df493899c
Sungsoo [Tue, 18 Oct 2016 17:41:45 +0000 (17:41 +0000)]
DO NOT MERGE) ExifInterface: Close the file when an exception happens am:
ad74e88f1d am:
41b775b40a -s ours
am:
8be090868e
Change-Id: I9e9954d2d058b6552d4d9900df51a4050a90c1fe
Sungsoo [Tue, 18 Oct 2016 17:35:23 +0000 (17:35 +0000)]
DO NOT MERGE) ExifInterface: Close the file when an exception happens am:
418e0869ba
am:
a5affb045e
Change-Id: I4bb4440c019839073b4fcf6df54d726a02286680
Sungsoo [Tue, 18 Oct 2016 17:35:22 +0000 (17:35 +0000)]
DO NOT MERGE) ExifInterface: Close the file when an exception happens am:
ad74e88f1d
am:
41b775b40a -s ours
Change-Id: I6ce63b74988fb4f87565be611a47c2f4a28cbc9b
Sungsoo [Tue, 18 Oct 2016 17:35:16 +0000 (17:35 +0000)]
DO NOT MERGE) ExifInterface: Close the file when an exception happens am:
135524f2c5 -s ours
am:
02cd808ab8
Change-Id: Ic14a5adecb6fb0732a5b3c2a68a28fdcf1eb1bc4
Sungsoo [Tue, 18 Oct 2016 17:29:03 +0000 (17:29 +0000)]
DO NOT MERGE) ExifInterface: Close the file when an exception happens
am:
135524f2c5 -s ours
Change-Id: I34fc1b37171ad6ea5d79035df6c4730260a0b47b
Sungsoo [Tue, 18 Oct 2016 17:29:00 +0000 (17:29 +0000)]
DO NOT MERGE) ExifInterface: Close the file when an exception happens
am:
cb17930077
Change-Id: I4b8f9270f75800e1390c3a840b41316c20ea4aa8
Sungsoo [Tue, 18 Oct 2016 17:28:58 +0000 (17:28 +0000)]
DO NOT MERGE) ExifInterface: Close the file when an exception happens
am:
418e0869ba
Change-Id: Ifad08d681f67abc4dd9ad5d8c4e82b038cbd8322