OSDN Git Service
TreeHugger Robot [Sat, 14 Sep 2019 12:10:43 +0000 (12:10 +0000)]
Merge "Revert "don't compute outside of visible range"" into qt-dev
Adam Seaton [Fri, 13 Sep 2019 22:08:30 +0000 (22:08 +0000)]
Revert "don't compute outside of visible range"
bug:
141016653
This reverts commit
0a57fe099a55ab3a7583b229fa7cfb905d6106f3.
Reason for revert: CL is implicated in https://b.corp.google.com/issues/
141016653
Change-Id: I39954226cb8971ee17e367692b3fd0e29871ad48
Jeff Sharkey [Thu, 12 Sep 2019 20:24:04 +0000 (13:24 -0700)]
Merge changes from topic "bp-
135269143-p" into pi-dev
am:
604d91d713
Change-Id: I4732eced6b91fd0f7a3e83197f4fcbf63b9c977d
Jeff Sharkey [Thu, 12 Sep 2019 20:23:56 +0000 (13:23 -0700)]
[automerger skipped] RESTRICT AUTOMERGE Strict SQLiteQueryBuilder needs to be stricter.
am:
216bbc2a2e -s ours
am skip reason: subject contains skip directive
Change-Id: I34ab810a0ce6c747236b6e0660b0f69b8e12d4a1
Jeff Sharkey [Thu, 12 Sep 2019 19:59:29 +0000 (19:59 +0000)]
Merge changes from topic "bp-
135269143-p" into pi-dev
* changes:
RESTRICT AUTOMERGE Strict SQLiteQueryBuilder needs to be stricter.
RESTRICT AUTOMERGE Enable stricter SQLiteQueryBuilder options.
Jeff Sharkey [Tue, 16 Jul 2019 22:50:42 +0000 (16:50 -0600)]
RESTRICT AUTOMERGE
Strict SQLiteQueryBuilder needs to be stricter.
Malicious callers can leak side-channel information by using
subqueries in any untrusted inputs where SQLite allows "expr" values.
This change offers setStrictGrammar() to prevent this by outright
blocking subqueries in WHERE and HAVING clauses, and by requiring
that GROUP BY and ORDER BY clauses be composed only of valid columns.
This change also offers setStrictColumns() to require that all
untrusted column names are valid, such as those in ContentValues.
Relaxes to always allow aggregation operators on returned columns,
since untrusted callers can always calculate these manually.
Bug:
135270103
Bug:
135269143
Test: atest android.database.sqlite.cts.SQLiteQueryBuilderTest
Test: atest FrameworksCoreTests:android.database.sqlite.SQLiteTokenizerTest
Exempt-From-Owner-Approval: already approved in downstream branch
Change-Id: I6290afd19c966a8bdca71c377c88210d921a9f25
Jeff Sharkey [Thu, 12 Sep 2019 17:49:27 +0000 (10:49 -0700)]
[automerger skipped] Merge "RESTRICT AUTOMERGE Enable stricter SQLiteQueryBuilder options." into oc-dev am:
f8a2d069b4 am:
f6aa7b8d8f am:
8acb456949 -s ours
am:
fd58ea607e -s ours
am skip reason: subject contains skip directive
Change-Id: I046483ec092ef5b4bbc9f736184d328f954974c7
Jeff Sharkey [Thu, 12 Sep 2019 17:49:22 +0000 (10:49 -0700)]
[automerger skipped] RESTRICT AUTOMERGE Enable stricter SQLiteQueryBuilder options. am:
f683c688d5 am:
fc095efde0 am:
e89348b54b -s ours
am:
01787e9e4d -s ours
am skip reason: subject contains skip directive
Change-Id: I412ec10b29cb494e473bbfe8f50385676f50a00c
Jeff Sharkey [Thu, 12 Sep 2019 17:41:38 +0000 (10:41 -0700)]
[automerger skipped] Merge "RESTRICT AUTOMERGE Strict SQLiteQueryBuilder needs to be stricter." into oc-dev am:
7633a081ab am:
b0054f0518 am:
c97dfb57a8 -s ours
am:
40a236db41 -s ours
am skip reason: subject contains skip directive
Change-Id: Ia508b84e09af199cd841d37c89a41c722d63a101
Jeff Sharkey [Thu, 12 Sep 2019 17:41:24 +0000 (10:41 -0700)]
[automerger skipped] RESTRICT AUTOMERGE Strict SQLiteQueryBuilder needs to be stricter. am:
92e5e5e45c am:
37e2229257 am:
bba6744ff4 -s ours
am:
2ccbb35723 -s ours
am skip reason: subject contains skip directive
Change-Id: Ib655f9d604bfecbd6be64b1e4cfe9996a58fcbaa
Jeff Sharkey [Thu, 12 Sep 2019 17:31:54 +0000 (10:31 -0700)]
[automerger skipped] Merge "RESTRICT AUTOMERGE Enable stricter SQLiteQueryBuilder options." into oc-dev am:
f8a2d069b4 am:
f6aa7b8d8f
am:
8acb456949 -s ours
am skip reason: subject contains skip directive
Change-Id: Id9934307cef63a331bb1fad3ba4fddee11393d98
Jeff Sharkey [Thu, 12 Sep 2019 17:31:49 +0000 (10:31 -0700)]
[automerger skipped] RESTRICT AUTOMERGE Enable stricter SQLiteQueryBuilder options. am:
f683c688d5 am:
fc095efde0
am:
e89348b54b -s ours
am skip reason: subject contains skip directive
Change-Id: I80528a71e90049489b85b5c95baf93cbd3a17808
Jeff Sharkey [Thu, 12 Sep 2019 17:27:55 +0000 (10:27 -0700)]
[automerger skipped] Merge "RESTRICT AUTOMERGE Strict SQLiteQueryBuilder needs to be stricter." into oc-dev am:
7633a081ab am:
b0054f0518
am:
c97dfb57a8 -s ours
am skip reason: subject contains skip directive
Change-Id: I6467326680d2164bb4e2a9e54dc22cc490e2492d
Jeff Sharkey [Thu, 12 Sep 2019 17:27:37 +0000 (10:27 -0700)]
[automerger skipped] RESTRICT AUTOMERGE Strict SQLiteQueryBuilder needs to be stricter. am:
92e5e5e45c am:
37e2229257
am:
bba6744ff4 -s ours
am skip reason: subject contains skip directive
Change-Id: I8711dac1ad4d2512d64dc489d87ffd4a18c0ebd6
Jeff Sharkey [Thu, 12 Sep 2019 17:18:26 +0000 (10:18 -0700)]
Merge "RESTRICT AUTOMERGE Enable stricter SQLiteQueryBuilder options." into oc-dev am:
f8a2d069b4
am:
f6aa7b8d8f
Change-Id: I466630af8385d6da164196f2420d040b2aa6e2ac
Jeff Sharkey [Thu, 12 Sep 2019 17:18:22 +0000 (10:18 -0700)]
RESTRICT AUTOMERGE Enable stricter SQLiteQueryBuilder options. am:
f683c688d5
am:
fc095efde0
Change-Id: I9bbeb106c1abe977439420d8005f33f5a7c1eaa1
Jeff Sharkey [Thu, 12 Sep 2019 17:14:15 +0000 (10:14 -0700)]
Merge "RESTRICT AUTOMERGE Strict SQLiteQueryBuilder needs to be stricter." into oc-dev am:
7633a081ab
am:
b0054f0518
Change-Id: I491c415de567d0375296f293fcbb35ee21413ce6
Jeff Sharkey [Thu, 12 Sep 2019 17:14:00 +0000 (10:14 -0700)]
RESTRICT AUTOMERGE Strict SQLiteQueryBuilder needs to be stricter. am:
92e5e5e45c
am:
37e2229257
Change-Id: I3d7696be9733e40f31c160a77505c4e96ca05b5e
Jeff Sharkey [Thu, 12 Sep 2019 17:06:14 +0000 (10:06 -0700)]
Merge "RESTRICT AUTOMERGE Enable stricter SQLiteQueryBuilder options." into oc-dev
am:
f8a2d069b4
Change-Id: If9534450fac2cd9b328f105be73f53c92ab14dbd
Jeff Sharkey [Thu, 12 Sep 2019 17:06:09 +0000 (10:06 -0700)]
RESTRICT AUTOMERGE Enable stricter SQLiteQueryBuilder options.
am:
f683c688d5
Change-Id: I64ae89ecc92127de21503fbcfdd34c60a6f620bc
Jeff Sharkey [Thu, 12 Sep 2019 17:02:13 +0000 (10:02 -0700)]
Merge "RESTRICT AUTOMERGE Strict SQLiteQueryBuilder needs to be stricter." into oc-dev
am:
7633a081ab
Change-Id: Ia3853da8933c8c21fe06acad79059a3589eeb835
Jeff Sharkey [Thu, 12 Sep 2019 17:02:05 +0000 (10:02 -0700)]
RESTRICT AUTOMERGE Strict SQLiteQueryBuilder needs to be stricter.
am:
92e5e5e45c
Change-Id: I2e0a5c5cd35f9abcf362d3db4514e1bbd6bd7035
Jeff Sharkey [Thu, 12 Sep 2019 16:33:21 +0000 (16:33 +0000)]
Merge "RESTRICT AUTOMERGE Enable stricter SQLiteQueryBuilder options." into oc-dev
Jeff Sharkey [Thu, 12 Sep 2019 16:33:13 +0000 (16:33 +0000)]
Merge "RESTRICT AUTOMERGE Strict SQLiteQueryBuilder needs to be stricter." into oc-dev
Elias Wald [Thu, 12 Sep 2019 05:20:48 +0000 (05:20 +0000)]
Merge "Add keylayout for original xbox controller" into qt-dev
Jeff Sharkey [Thu, 18 Jul 2019 00:51:28 +0000 (18:51 -0600)]
RESTRICT AUTOMERGE
Enable stricter SQLiteQueryBuilder options.
Malicious callers can leak side-channel information by using
subqueries in any untrusted inputs where SQLite allows "expr" values.
This change starts using setStrictColumns() and setStrictGrammar()
on SQLiteQueryBuilder to block this class of attacks. This means we
now need to define the projection mapping of valid columns, which
consists of both the columns defined in the public API and columns
read internally by DownloadInfo.Reader.
We're okay growing sAppReadableColumnsSet like this, since we're
relying on our trusted WHERE clause to filter away any rows that
don't belong to the calling UID.
Remove the legacy Lexer code, since we're now internally relying on
the robust and well-tested SQLiteTokenizer logic.
Bug:
135270103,
135269143
Test: cts-tradefed run cts -m CtsAppTestCases -t android.app.cts.DownloadManagerTest
Change-Id: Iec1e8ce18dc4a9564318e0473d9d3863c8c2988a
Bryan Ferris [Wed, 11 Sep 2019 22:59:15 +0000 (22:59 +0000)]
Merge changes from topic "bp-
135269143-q" into qt-dev
* changes:
RESTRICT AUTOMERGE Strict SQLiteQueryBuilder needs to be stricter.
RESTRICT AUTOMERGE Enable stricter SQLiteQueryBuilder options.
TreeHugger Robot [Wed, 11 Sep 2019 21:38:08 +0000 (21:38 +0000)]
Merge "don't compute outside of visible range" into qt-dev
Siarhei Vishniakou [Wed, 11 Sep 2019 21:03:01 +0000 (22:03 +0100)]
Add keylayout for original xbox controller
We are still missing a key layout for the original xbox controller with
product id 02dd. Add the missing layout here.
Bug:
140808513
Test: manual test by plugging in the actual joystick and using the
custom tester app
Change-Id: Ib84e3ac04ff58f890ce7743423cc9b869af347db
Seigo Nonaka [Fri, 6 Sep 2019 23:34:07 +0000 (16:34 -0700)]
don't compute outside of visible range
Bug:
140632678
Test: manually done
Test: TreeHugger
Change-Id: I646851973b3816bf9ba32dfe26748c0345a5a081
TreeHugger Robot [Wed, 11 Sep 2019 16:14:10 +0000 (16:14 +0000)]
Merge "Update Xbox BT controller mapping for new FW" into qt-dev
Jared Henderson [Wed, 21 Aug 2019 22:37:59 +0000 (15:37 -0700)]
Update Xbox BT controller mapping for new FW
The Xbox controller (product id 0x02fd) is going to have a new firmware
update this fall that sends a different keycode (316/BUTTON_MODE) for
the Xbox button. The goal is to enable the Xbox button to make it to
apps on all Android versions -- with our without a controller-specific
key mapping file.
Unfortunately, the new Vendor_045e_Product_02fd.kl key mapping file
that was added to Android Q maps the pre-firmware-update
Xbox key code (172) to BUTTON_MODE, yet it makes no mention of key 316.
This results in apps getting a raw 316 scan code instead of
a BUTTON_MODE KeyEvent when using a controller with the latest firmware
on Android Q.
The fix is to add an additional key mapping for 316 that *also* maps to
BUTTON_MODE. With both mappings in place, both pre and post
firmware-updated controllers will get the correct behavior for the
Xbox button on Android Q.
Test: AFAIK, no CTS tests exist for Xbox controller key mappings;
we'll need to add some at a later date. I was unable to test this
change because I'm unable to write to the system directory on any
of my devices, but I know that mapping 316 to BUTTON_MODE will
fix the issue.
Signed-off-by: Jared Henderson <jaredh.microsoft@gmail.com>
Bug:
139512030
Bug:
140808513
Merged-In: I8600ea79a0aa8557267d6ca712e5d56680e7a98b
Change-Id: I8600ea79a0aa8557267d6ca712e5d56680e7a98b
TreeHugger Robot [Wed, 11 Sep 2019 06:05:23 +0000 (06:05 +0000)]
Merge "Use language tags to store Configuration's locale list." into qt-dev
Zongheng Wang [Wed, 11 Sep 2019 01:55:09 +0000 (18:55 -0700)]
[automerger skipped] Set default phonebook access to ACCESS_REJECTED when user didn't choose one am:
1f9309bd11 am:
a376239229 -s ours am:
aee078eae7 -s ours
am:
870474af0c -s ours
am skip reason: change_id Iefabeb731b941f09fe1272ac7b7cd2feba75c8df with SHA1
9b3cb0f06b is in history
Change-Id: I5c210241a714fc4064e8f83cc35e77315616337e
Zongheng Wang [Wed, 11 Sep 2019 01:41:23 +0000 (18:41 -0700)]
[automerger skipped] Set default phonebook access to ACCESS_REJECTED when user didn't choose one am:
1f9309bd11 am:
a376239229 -s ours
am:
aee078eae7 -s ours
am skip reason: change_id Iefabeb731b941f09fe1272ac7b7cd2feba75c8df with SHA1
9b3cb0f06b is in history
Change-Id: Ifb20decfdf6a48b599931f87a733e97013538888
Zongheng Wang [Wed, 11 Sep 2019 01:30:59 +0000 (18:30 -0700)]
[automerger skipped] Set default phonebook access to ACCESS_REJECTED when user didn't choose one am:
02046b4f2c -s ours
am:
a6c49f091d -s ours
am skip reason: change_id Iefabeb731b941f09fe1272ac7b7cd2feba75c8df with SHA1
9b3cb0f06b is in history
Change-Id: Iebe662b90075b9fcc0fdeabcd6424b84355b05fb
Zongheng Wang [Wed, 11 Sep 2019 01:30:55 +0000 (18:30 -0700)]
[automerger skipped] Set default phonebook access to ACCESS_REJECTED when user didn't choose one am:
1f9309bd11
am:
a376239229 -s ours
am skip reason: change_id Iefabeb731b941f09fe1272ac7b7cd2feba75c8df with SHA1
02046b4f2c is in history
Change-Id: I3cc4d873250f924af768b37e97338024ee236e6e
Zongheng Wang [Wed, 11 Sep 2019 01:21:53 +0000 (18:21 -0700)]
[automerger skipped] Merge "Set default phonebook access to ACCESS_REJECTED when user didn't choose one" into pi-dev
am:
20d46e4bf1 -s ours
am skip reason: change_id Iefabeb731b941f09fe1272ac7b7cd2feba75c8df with SHA1
efdcff2452 is in history
Change-Id: I695edafa45fc296fff1b84d786c8a804f5996934
Zongheng Wang [Wed, 11 Sep 2019 01:20:49 +0000 (18:20 -0700)]
[automerger skipped] Set default phonebook access to ACCESS_REJECTED when user didn't choose one
am:
02046b4f2c -s ours
am skip reason: change_id Iefabeb731b941f09fe1272ac7b7cd2feba75c8df with SHA1
9b3cb0f06b is in history
Change-Id: I6003b908b417a8bb1d687b5eafe2f2646f63e814
Zongheng Wang [Wed, 11 Sep 2019 01:16:49 +0000 (18:16 -0700)]
Set default phonebook access to ACCESS_REJECTED when user didn't choose one
am:
1f9309bd11
Change-Id: I142d2737f6444b5148963c1ca7af84e8cf0eded3
TreeHugger Robot [Wed, 11 Sep 2019 00:46:54 +0000 (00:46 +0000)]
Merge "Set default phonebook access to ACCESS_REJECTED when user didn't choose one" into pi-dev
TreeHugger Robot [Wed, 11 Sep 2019 00:46:08 +0000 (00:46 +0000)]
Merge "Set default phonebook access to ACCESS_REJECTED when user didn't choose one" into qt-dev
Jeff Sharkey [Tue, 16 Jul 2019 22:50:42 +0000 (16:50 -0600)]
RESTRICT AUTOMERGE Strict SQLiteQueryBuilder needs to be stricter.
Malicious callers can leak side-channel information by using
subqueries in any untrusted inputs where SQLite allows "expr" values.
This change offers setStrictGrammar() to prevent this by outright
blocking subqueries in WHERE and HAVING clauses, and by requiring
that GROUP BY and ORDER BY clauses be composed only of valid columns.
This change also offers setStrictColumns() to require that all
untrusted column names are valid, such as those in ContentValues.
Relaxes to always allow aggregation operators on returned columns,
since untrusted callers can always calculate these manually.
Bug:
135270103,
135269143
Test: atest android.database.sqlite.cts.SQLiteQueryBuilderTest
Test: atest FrameworksCoreTests:android.database.sqlite.SQLiteTokenizerTest
Change-Id: I0dacb53170ce573a2fe103cbff455782bfdb5d41
Varun Shah [Tue, 10 Sep 2019 18:41:00 +0000 (14:41 -0400)]
Use language tags to store Configuration's locale list.
Instead of storing each Locale within a Configuration object's locale
list by its language, country, variant, and script to proto, store the
entire locale list by its language tags representation which accurately
describes each locale.
Bug:
140197723
Test: atest ConfigurationTest
Test: atest UsageStatsDatabaseTest
Test: manually with bad data
Merged-In: I53946ed4e31de0ffe9c84875c391a7dec6f5375a
Change-Id: Idaae690f79a5c680ad0059a52be62160d9dfb5e7
Colin Cross [Tue, 10 Sep 2019 19:18:48 +0000 (19:18 +0000)]
Merge "Revert "Use language tags to store Configuration's locale list."" into qt-dev
Varun Shah [Tue, 10 Sep 2019 18:30:47 +0000 (18:30 +0000)]
Revert "Use language tags to store Configuration's locale list."
This reverts commit
ff43f4e6a62bf04742bdcb205ba932de00e4da7c.
Reason for revert: b/
140813780
Change-Id: Id5988b9ec959ca9b294f6bd5caa30c8156238d0a
Jeff Sharkey [Tue, 16 Jul 2019 22:50:42 +0000 (16:50 -0600)]
RESTRICT AUTOMERGE
Strict SQLiteQueryBuilder needs to be stricter.
Malicious callers can leak side-channel information by using
subqueries in any untrusted inputs where SQLite allows "expr" values.
This change offers setStrictGrammar() to prevent this by outright
blocking subqueries in WHERE and HAVING clauses, and by requiring
that GROUP BY and ORDER BY clauses be composed only of valid columns.
This change also offers setStrictColumns() to require that all
untrusted column names are valid, such as those in ContentValues.
Relaxes to always allow aggregation operators on returned columns,
since untrusted callers can always calculate these manually.
Bug:
135270103,
135269143
Test: cts-tradefed run cts -m CtsDatabaseTestCases -t android.database.sqlite.cts.SQLiteQueryBuilderTest
Change-Id: I6290afd19c966a8bdca71c377c88210d921a9f25
Jeff Sharkey [Thu, 18 Jul 2019 00:51:28 +0000 (18:51 -0600)]
RESTRICT AUTOMERGE
Enable stricter SQLiteQueryBuilder options.
Malicious callers can leak side-channel information by using
subqueries in any untrusted inputs where SQLite allows "expr" values.
This change starts using setStrictColumns() and setStrictGrammar()
on SQLiteQueryBuilder to block this class of attacks. This means we
now need to define the projection mapping of valid columns, which
consists of both the columns defined in the public API and columns
read internally by DownloadInfo.Reader.
We're okay growing sAppReadableColumnsSet like this, since we're
relying on our trusted WHERE clause to filter away any rows that
don't belong to the calling UID.
Remove the legacy Lexer code, since we're now internally relying on
the robust and well-tested SQLiteTokenizer logic.
Bug:
135270103
Bug:
135269143
Test: atest DownloadProviderTests
Test: atest CtsAppTestCases:android.app.cts.DownloadManagerTest
Change-Id: Iec1e8ce18dc4a9564318e0473d9d3863c8c2988a
Varun Shah [Tue, 10 Sep 2019 16:51:37 +0000 (16:51 +0000)]
Merge "Use language tags to store Configuration's locale list." into qt-dev
Zongheng Wang [Thu, 5 Sep 2019 20:44:28 +0000 (13:44 -0700)]
Set default phonebook access to ACCESS_REJECTED when user didn't choose
one
When there's no users' choice to tell us whether to share their
phonebook information to the Bluetooth device, set the phonebook access
permission to ACCESS_REJECTED.
Bug:
138529441
Test: Manual test
Change-Id: Iefabeb731b941f09fe1272ac7b7cd2feba75c8df
Merged-In: Iefabeb731b941f09fe1272ac7b7cd2feba75c8df
Varun Shah [Sun, 8 Sep 2019 08:31:31 +0000 (01:31 -0700)]
Use language tags to store Configuration's locale list.
Instead of storing each Locale within a Configuration object's locale
list by its language, country, variant, and script to proto, store the
entire locale list by its language tags representation which accurately
describes each locale.
Bug:
140197723
Test: atest ConfigurationTest
Test: atest UsageStatsDatabaseTest
Test: manually with bad data
Change-Id: Id0e63ae4a7be578d1e93838b371320f86a787e0e
Zongheng Wang [Thu, 5 Sep 2019 20:44:28 +0000 (13:44 -0700)]
Set default phonebook access to ACCESS_REJECTED when user didn't choose
one
When there's no users' choice to tell us whether to share their
phonebook information to the Bluetooth device, set the phonebook access
permission to ACCESS_REJECTED.
Bug:
138529441
Test: Manual test
Change-Id: Iefabeb731b941f09fe1272ac7b7cd2feba75c8df
Merged-In: Iefabeb731b941f09fe1272ac7b7cd2feba75c8df
Varun Shah [Wed, 4 Sep 2019 19:04:02 +0000 (12:04 -0700)]
Fix bootloop issue with UsageStatsService.
When the configurations are being read from the proto file, if a
duplicate locale is found in the list, an exception is thrown from
LocaleList which causes the UsageStatsService to crash. Instead, we'll
now log a WTF if duplicate locales are found when parsing the
configuration proto and not add the duplicate locale to the list.
Bug:
140197723
Test: atest UsageStatsDatabaseTest
Change-Id: Ie178b3cfdd45e6771a7c0e4bb42e47f79b5c30cc
(cherry picked from commit
5d9031dbee2fad9b29e6477f5d7af8b622f2b456)
Zongheng Wang [Thu, 5 Sep 2019 20:44:28 +0000 (13:44 -0700)]
Set default phonebook access to ACCESS_REJECTED when user didn't choose
one
When there's no users' choice to tell us whether to share their
phonebook information to the Bluetooth device, set the phonebook access
permission to ACCESS_REJECTED.
Bug:
138529441
Test: Manual test
Change-Id: Iefabeb731b941f09fe1272ac7b7cd2feba75c8df
Merged-In: Iefabeb731b941f09fe1272ac7b7cd2feba75c8df
Zongheng Wang [Thu, 5 Sep 2019 20:44:28 +0000 (13:44 -0700)]
Set default phonebook access to ACCESS_REJECTED when user didn't choose
one
When there's no users' choice to tell us whether to share their
phonebook information to the Bluetooth device, set the phonebook access
permission to ACCESS_REJECTED.
Bug:
138529441
Test: Manual test
Change-Id: Iefabeb731b941f09fe1272ac7b7cd2feba75c8df
Merged-In: Iefabeb731b941f09fe1272ac7b7cd2feba75c8df
(cherry picked from commit
810c6d2117aeec7ca749e707b2e3a297eb8a265e)
Jonathan Scott [Mon, 9 Sep 2019 20:09:27 +0000 (13:09 -0700)]
[automerger skipped] [automerger] Add MANAGED_PROVISIONING_DPC_DOWNLOADED (nyc). am:
20e5d92613 am:
c1ec4d6e8e am:
80e1c4fd36 am:
7b6a04fceb am:
743846742d am:
0b1d526f50 am:
e4ddc22035 am:
5f619835ed
am:
a6ce09aaec -s ours
am skip reason: change_id I2bce277ff8f2de4614e19d5385fe6712b076f9c9 with SHA1
a5e4422d14 is in history
Change-Id: I8b70e43d7ef03f0f86c75270508a6757d90c8561
Jonathan Scott [Mon, 9 Sep 2019 19:50:26 +0000 (12:50 -0700)]
[automerger] Add MANAGED_PROVISIONING_DPC_DOWNLOADED (nyc). am:
20e5d92613 am:
c1ec4d6e8e am:
80e1c4fd36 am:
7b6a04fceb am:
743846742d am:
0b1d526f50 am:
e4ddc22035
am:
5f619835ed
Change-Id: Ie2c9fb05e3245f3045f3c9a4919760e70285fa37
Jonathan Scott [Mon, 9 Sep 2019 19:35:53 +0000 (12:35 -0700)]
[automerger] Add MANAGED_PROVISIONING_DPC_DOWNLOADED (nyc). am:
20e5d92613 am:
c1ec4d6e8e am:
80e1c4fd36 am:
7b6a04fceb am:
743846742d am:
0b1d526f50
am:
e4ddc22035
Change-Id: I4084d344b3c92b5a4459852837e323f44d2b0b72
Jonathan Scott [Mon, 9 Sep 2019 19:20:54 +0000 (12:20 -0700)]
[automerger] Add MANAGED_PROVISIONING_DPC_DOWNLOADED (nyc). am:
20e5d92613 am:
c1ec4d6e8e am:
80e1c4fd36 am:
7b6a04fceb am:
743846742d
am:
0b1d526f50
Change-Id: Ie3f10bbed4bdb2bb7e141d7bb8d34e0b818c3f30
Android Build Merger (Role) [Mon, 9 Sep 2019 16:55:54 +0000 (16:55 +0000)]
[automerger] Add MANAGED_PROVISIONING_DPC_DOWNLOADED (nyc). am:
20e5d92613 am:
c1ec4d6e8e am:
80e1c4fd36 am:
7b6a04fceb am:
743846742d
Change-Id: Ia84a02b1b3ff3e9f4849554c6b2f0e904daadd05
Android Build Merger (Role) [Mon, 9 Sep 2019 16:55:50 +0000 (16:55 +0000)]
[automerger] Add MANAGED_PROVISIONING_DPC_DOWNLOADED (nyc). am:
20e5d92613 am:
c1ec4d6e8e am:
80e1c4fd36 am:
7b6a04fceb
Change-Id: I8914a6337a6e6c905b42cc498f34db5142db7a1a
Android Build Merger (Role) [Mon, 9 Sep 2019 16:55:45 +0000 (16:55 +0000)]
[automerger] Add MANAGED_PROVISIONING_DPC_DOWNLOADED (nyc). am:
20e5d92613 am:
c1ec4d6e8e am:
80e1c4fd36
Change-Id: I6ef1648f805c48ef37c8921ddfa1d147a8e5e032
Android Build Merger (Role) [Mon, 9 Sep 2019 16:55:42 +0000 (16:55 +0000)]
[automerger] Add MANAGED_PROVISIONING_DPC_DOWNLOADED (nyc). am:
20e5d92613 am:
c1ec4d6e8e
Change-Id: I641d14a61338365b5da7f6c55ead2baff29e811c
Android Build Merger (Role) [Mon, 9 Sep 2019 16:55:35 +0000 (16:55 +0000)]
[automerger] Add MANAGED_PROVISIONING_DPC_DOWNLOADED (nyc). am:
20e5d92613
Change-Id: I6b5ad877382a352cb5b4bcdd05a2d19da502945a
Jeff Sharkey [Thu, 18 Jul 2019 00:51:28 +0000 (18:51 -0600)]
RESTRICT AUTOMERGE
Enable stricter SQLiteQueryBuilder options.
Malicious callers can leak side-channel information by using
subqueries in any untrusted inputs where SQLite allows "expr" values.
This change starts using setStrictColumns() and setStrictGrammar()
on SQLiteQueryBuilder to block this class of attacks. This means we
now need to define the projection mapping of valid columns, which
consists of both the columns defined in the public API and columns
read internally by DownloadInfo.Reader.
We're okay growing sAppReadableColumnsSet like this, since we're
relying on our trusted WHERE clause to filter away any rows that
don't belong to the calling UID.
Remove the legacy Lexer code, since we're now internally relying on
the robust and well-tested SQLiteTokenizer logic.
Bug:
135270103
Bug:
135269143
Test: atest DownloadProviderTests
Test: atest CtsAppTestCases:android.app.cts.DownloadManagerTest
Change-Id: Iec1e8ce18dc4a9564318e0473d9d3863c8c2988a
Jonathan Scott [Fri, 6 Sep 2019 11:20:56 +0000 (11:20 +0000)]
Merge "Add MANAGED_PROVISIONING_DPC_DOWNLOADED." into qt-dev
Pinyao Ting [Thu, 5 Sep 2019 19:05:29 +0000 (12:05 -0700)]
[automerger skipped] fixes a security vulnerability in slice provider
am:
46368e4f5c -s ours
am skip reason: change_id Ib1b4fba54ebd3599fe11021d21dc9b09d34e8965 with SHA1
a6364d92ed is in history
Change-Id: I62e3dde45298fd57b903cd4dfa1210041789c214
Jonathan Scott [Thu, 5 Sep 2019 16:31:12 +0000 (17:31 +0100)]
Add MANAGED_PROVISIONING_DPC_DOWNLOADED.
Test: Just adding a constant
Bug:
132261064
Change-Id: I2bce277ff8f2de4614e19d5385fe6712b076f9c9
Merged-In: I2bce277ff8f2de4614e19d5385fe6712b076f9c9
TreeHugger Robot [Thu, 5 Sep 2019 02:17:20 +0000 (02:17 +0000)]
Merge "Use UnlockMethodCache#canSkipBouncer in user switcher" into qt-dev
TreeHugger Robot [Wed, 4 Sep 2019 23:17:52 +0000 (23:17 +0000)]
Merge "fixes a security vulnerability in slice provider" into qt-dev
Fabian Kozynski [Wed, 4 Sep 2019 20:53:37 +0000 (16:53 -0400)]
Use UnlockMethodCache#canSkipBouncer in user switcher
KeyguardMonitor#canSkipBouncer was not updated properly when the phone
was unlocked using fingerprint.
This CL removes that method and changes UserSwitcherController to query
UnlockMethodCache directly, as it was KeyguardMonitor's only client for
that method.
Test: manual unlocking with FP and with pattern
Test: no automated test yet
Bug:
140486529
Merged-In: Idbff4fbabca962c632ff5d78b25418c0502db9a7
Change-Id: Idbff4fbabca962c632ff5d78b25418c0502db9a7
Kevin Hufnagle [Fri, 30 Aug 2019 01:26:35 +0000 (01:26 +0000)]
Merge "docs: Improved tick/click effect descriptions" into qt-dev
TreeHugger Robot [Thu, 29 Aug 2019 21:47:30 +0000 (21:47 +0000)]
Merge "Unset INSTALL_DISABLE_VERIFICATION flag if install is not from system" into qt-dev
Kevin Hufnagle [Thu, 29 Aug 2019 04:29:08 +0000 (04:29 +0000)]
docs: Improved tick/click effect descriptions
Test: make ds-docs -j32
Bug:
139888074
Change-Id: I939aaa4cf81ddab1705611222c12a60823493d38
Pinyao Ting [Thu, 8 Aug 2019 22:35:20 +0000 (15:35 -0700)]
fixes a security vulnerability in slice provider
Bug:
138441555
Test: Manual
Change-Id: Ib1b4fba54ebd3599fe11021d21dc9b09d34e8965
Merged-In: Ib1b4fba54ebd3599fe11021d21dc9b09d34e8965
(cherry picked from commit
2b415a4c4465a6294e51ad1a8fcf2e6c1497853b)
Kevin Hufnagle [Wed, 28 Aug 2019 22:08:47 +0000 (22:08 +0000)]
Merge "docs: Added desc. of launcher app criteria in Q" into qt-dev
Andrew Solovay [Wed, 28 Aug 2019 18:11:44 +0000 (18:11 +0000)]
Merge "Docs: clarify getSharedPreferences behavior" into qt-dev
Kevin Hufnagle [Thu, 15 Aug 2019 00:23:58 +0000 (17:23 -0700)]
docs: Added desc. of launcher app criteria in Q
As of Android Q, an app is included in the return value of
LauncherApps#getActivityList() unless it fulfills specific criteria.
This CL describes the conditions necessary for an app's activities
to *not* appear in the list.
Test: make ds-docs -j32
Bug:
130352392
Change-Id: I6a6e17351a6c1234229d1d7eb8147ee2c24ee2c9
TreeHugger Robot [Wed, 28 Aug 2019 01:39:59 +0000 (01:39 +0000)]
Merge "aw: Correct doc of addJavascriptInterface()" into qt-dev
Nate Fischer [Tue, 27 Aug 2019 23:37:00 +0000 (16:37 -0700)]
Docs: clarify getSharedPreferences behavior
No change to logic, only documentation.
This updates Context#getSharedPreferences docs:
* Fix a typo ("thead" -> "thread")
* Formatting: use <p> when appropriate, {@link} to other APIs, limit
the @param to only a single sentence
* Mention getSharedPreferences() may actually perform disk IO (this was
undocumented)
* Mention Editor#apply() as well as #commit()
Fixes:
140137651
Test: make docs
Change-Id: I245371d13d4f317c6c522debcdf7938ab783f897
Nikita Ioffe [Tue, 30 Jul 2019 16:10:27 +0000 (17:10 +0100)]
Unset INSTALL_DISABLE_VERIFICATION flag if install is not from system
Bug:
138650665
Test: pushed manual privapp that attempts an install
with INSTALL_DISABLE_VERIFICATION flag.
Checked that PackageVerifier was called.
Change-Id: I041d2e5f6d2609bfe9475f24eefb936f0c8e2a32
Merged-In: I041d2e5f6d2609bfe9475f24eefb936f0c8e2a32
Daniel Rosenberg [Tue, 27 Aug 2019 02:29:45 +0000 (19:29 -0700)]
Use mContext directly
We already have the context saved, so we can just use that.
Test: Edited code to force expection path to be called, confirmed
reboot happens
Bug:
138952436
Bug:
140111727
Change-Id: I40e95d72c63f864131f0028c47f121463d0f6dff
Kevin Hufnagle [Mon, 26 Aug 2019 21:05:37 +0000 (21:05 +0000)]
Merge "docs: Added content desc in ImageView example." into qt-dev
Shimi Zhang [Mon, 26 Aug 2019 18:01:12 +0000 (11:01 -0700)]
aw: Correct doc of addJavascriptInterface()
The Javadoc of addJavascriptInterface() mentioned that the injected
Java object will be injected to main frame, but this is not telling
a full picture. The current implementation will inject the Java
object to all the frames actually.
This CL corrected the misleading wording and add a new warning to
explicitly call it out as a security risk.
Bug:
113336656
Test: make ds-docs
Change-Id: Ia79381d1ab38afa963ea7365526749c14e25238c
Paul Hu [Tue, 18 Jun 2019 11:26:29 +0000 (04:26 -0700)]
Add SocketUtils CTS tests
Test APIs below:
makeNetlinkSocketAddress(int, int)
makePacketSocketAddress(short, int)
makePacketSocketAddress(int, byte[])
closeSocket(java.io.FileDescriptor)
Bug:
129200596
Test: atest FrameworksNetTests
atest CtsNetTestCases --instant
Merged-In: I36252fdf516cf4a9d4506b615cdb38f5413739e5
(cherry picked from commit
93a53224d3a1cd6fc1de7d94955e03116b744e4a)
Change-Id: I0963acaf00c5bdd93db0503c426f190f409ca076
Selim Cinek [Tue, 20 Aug 2019 23:39:13 +0000 (23:39 +0000)]
Merge "DO NOT MERGE: Fixed an issue where the notification icons wouldn't show while docked" into qt-dev
Selim Cinek [Mon, 19 Aug 2019 18:57:11 +0000 (11:57 -0700)]
DO NOT MERGE: Fixed an issue where the notification icons wouldn't show while docked
Since we're using the pulsing state for docking, the icons would now
become clipped while pulsing.
Fixes:
139096431
Test: dock, observe notification icons showing
Change-Id: If251e6b18c03b2824b4d3ea4dab82d4a403565f1
Merged-In: I8f7bd7a6a0562942ed3e12f28705043722d177e8
TreeHugger Robot [Mon, 19 Aug 2019 19:06:32 +0000 (19:06 +0000)]
Merge "WebView: prettyprint docs" into qt-dev
Pinyao Ting [Thu, 8 Aug 2019 22:35:20 +0000 (15:35 -0700)]
fixes a security vulnerability in slice provider
Bug:
138441555
Test: Manual
Change-Id: Ib1b4fba54ebd3599fe11021d21dc9b09d34e8965
Merged-In: Ib1b4fba54ebd3599fe11021d21dc9b09d34e8965
(cherry picked from commit
2b415a4c4465a6294e51ad1a8fcf2e6c1497853b)
TreeHugger Robot [Thu, 15 Aug 2019 18:07:32 +0000 (18:07 +0000)]
Merge "API: Explicitly track incompatibilities with previous API versions" into qt-dev
Kevin Hufnagle [Thu, 15 Aug 2019 00:50:17 +0000 (17:50 -0700)]
docs: Added content desc in ImageView example.
The example ImageView at the beginning of the class description now
includes a content description attribute. Also updated the links in
the first paragraph where code fonts aren't necessary.
Test: make ds-docs -j32
Bug:
138856073
Change-Id: I33a75dc31d68289d955979d2fe8afe2ae3d4770e
Kevin Hufnagle [Wed, 14 Aug 2019 23:32:22 +0000 (23:32 +0000)]
Merge "Revert "docs: Added desc. of launcher app criteria in Q"" into qt-dev
Kevin Hufnagle [Wed, 14 Aug 2019 19:22:59 +0000 (19:22 +0000)]
Revert "docs: Added desc. of launcher app criteria in Q"
This reverts commit
786f22e4169126c82358490ad6e9c70028fc102b.
Reason for revert: Need further feedback from SMEs
Bug:
130352392
Change-Id: I51b3bd19e27d28fe3aea300893da50bbf889ec73
Kevin Hufnagle [Wed, 14 Aug 2019 19:22:11 +0000 (19:22 +0000)]
Merge "docs: Added desc. of launcher app criteria in Q" into qt-dev
Brian Duddie [Wed, 14 Aug 2019 17:32:05 +0000 (17:32 +0000)]
Merge "docs: Correct sensor runtime permission documentation" into qt-dev
TreeHugger Robot [Wed, 14 Aug 2019 06:42:05 +0000 (06:42 +0000)]
Merge "apply empty transaction in startActivitySync" into qt-dev
Nate Fischer [Tue, 13 Aug 2019 03:44:51 +0000 (20:44 -0700)]
WebView: prettyprint docs
No change to logic, only docs.
Use class=prettyprint so docs are syntax highlighted. This also fixes a
section which should have been an ordered list but abused <pre> instead.
Bug:
125526827
Test: make -j4 docs
Change-Id: Iac780ace066be35620d5121b1977df404eaf18c1
Brian Duddie [Tue, 13 Aug 2019 18:42:19 +0000 (11:42 -0700)]
docs: Correct sensor runtime permission documentation
The ACTIVITY_RECOGNITION permission applies to TYPE_STEP_DETECTOR, not
TYPE_GEOMAGNETIC_ROTATION_VECTOR.
Bug:
139363621
Test: n/a, comment update only
Change-Id: Ibce74be1e704ded04ae710988d0e03df43ab1cf9
Kevin Hufnagle [Mon, 12 Aug 2019 23:52:41 +0000 (16:52 -0700)]
docs: Added desc. of launcher app criteria in Q
As of Android Q, an app is included in the return value of
LauncherApps#getActivityList() unless it fulfills specific criteria.
This CL describes the conditions necessary for an app's activities
to *not* appear in the list.
Test: make ds-docs -j32
Bug:
130352392
Change-Id: Iad888a7a7f47d090da1b143ac152705577144d20
Adrian Roos [Mon, 12 Aug 2019 15:47:39 +0000 (17:47 +0200)]
API: Explicitly track incompatibilities with previous API versions
Bug:
139128921
Test: make checkapi
Change-Id: I1f17b57705e2f7350b55ab278e06fc4e988771ff
Merged-In: I1f17b57705e2f7350b55ab278e06fc4e988771ff