git.osdn.net Git - android-x86/frameworks-base.git/log

DO NOT MERGE - SUPL ES Extension - Safer Init and Not After Boot

Safe order of pointer setting and background thread start
Verifying mCallEndElapsedRealtimeMillis is not the initial value

Bug: 112159033
Bug: 115361555
Bug: 125124724
Test: Verified not-after-boot with test code b/115361555#comment14
Test: Reproed NPE with test thread sleep and verify fix
Change-Id: Icd2ea91d71da71c8fda109ceb70514733d35060b
(cherry picked from commit a7cb82eb85cd361b90c9700ff935ba614c94f490)

Merge cherrypicks of [6072696, 6072074, 6072757, 6072120, 6072121, 6072122, 6072123, 6072575, 6072576, 6072577, 6072578, 6072579, 6072193, 6072131, 6072194, 6072076, 6072210, 6072759, 6072760, 6072698, 6072699, 6072700, 6072701, 6072702, 6072703, 6072704, 6072905, 6072906, 6072907, 6072761] into oc-m8-release

Change-Id: Ia83e95b299ccfe815cca1abec869db1456fca295

DPM: Fix regression from I54376f60ac53451ace22965d331b47cd8c2e614e

Fixes an issue where setting a password via DPM would never
satisfy a QUALITY_COMPLEX password requirement.

Change-Id: I3fbc952bd44291ac22728c626b128fc0c1aae232
Merged-In: I3fbc952bd44291ac22728c626b128fc0c1aae232
Fixes: 120915644
Bug: 110172241
Test: atest 'com.android.cts.devicepolicy.DeviceAdminHostSideTestApi24#testRunDeviceOwnerPasswordTest'
Test: Set credential via DPM.resetPassword(), factory reset device to trigger FRP, verify FRP shows.
(cherry picked from commit 48d06522c66cac586a859a628729d26c6fa5d64c)

RESTRICT AUTOMERGE Do not linkify text with RLO/LRO characters.

Also don't show smart actions for selections in text with unsupported
characters.

Bug: 116321860
Test: runtest -x cts/tests/tests/text/src/android/text/util/cts/LinkifyTest.java
Change-Id: Ib2ee544b5783234fba8ee2f93adf0b36b039520f
(cherry picked from commit 4e3507d544741ba08d871a235b6ec11e1e674853)

Adding SUPL NI Emergency Extension Time

Configurable by carrier config.xml resource

Bug: 118839234
Bug: 115361555
Bug: 112159033
Test: On device, see b/115361555#comment14
Change-Id: I52e61656cca8b6fa6468d32d2e69bf60f4c83c61
Merged-In: I52e61656cca8b6fa6468d32d2e69bf60f4c83c61
(cherry picked from commit 1cd7883a76d7bb28edc9c29bdabb3753a0c63396)

FRP: save password quality in DPM.resetPassword

When setting a password from DPM.resetPassword(), the actual quality of the
password was not passed to LockSettingsService (instead, the minimum required
quality was passed which is often UNSPECIFIED). As a result, during FRP we
would see inconsistent state and skip it.

Bug: 110172241
Test: Set credential via DPM.resetPassword(), factory reset device to trigger FRP, verify FRP shows.
Change-Id: I54376f60ac53451ace22965d331b47cd8c2e614e
Merged-In: I54376f60ac53451ace22965d331b47cd8c2e614e
(cherry picked from commit ef116def7c91fd4492a8df03355e1dbdbde02a85)

Merge cherrypicks of [5745882, 5746123, 5746124, 5746125, 5745544, 5745819, 5746700, 5745883, 5745545, 5746720, 5746344, 5745884, 5745885, 5745886, 5746740, 5746741] into oc-m8-release

Change-Id: Id37012cba82213c4eceac91277a0914ce7c50cf8

Bluetooth: Check descriptors size in BluetoothHidDeviceAppSdpSettings

Bug: 119819889
Test: compilation
Change-Id: If51d0e2af74d99758f79a603d40cc2f5c84e4dde
Merged-In: If51d0e2af74d99758f79a603d40cc2f5c84e4dde
(cherry picked from commit f843ccbf9e3791b426af78389e276c46dbec75e1)

RESTRICT AUTOMERGE: Added an app id security check in isAppForeground.

ActivityManagerService#isAppForeground now checks if the caller has the
permission to view if an app is in the foreground.

Bug: 115384617
Test: cts-tradefed run cts -m CtsSecurityTestCases -t android.security.cts.ActivityManagerTest#testIsAppInForegroundNormal
Test: cts-tradefed run cts -m CtsSecurityTestCases -t android.security.cts.ActivityManagerTest#testIsAppInForegroundMalicious
Change-Id: I9602c89b2d40036e525c38960a08326dc74c6682
(cherry picked from commit ad02e59ac2cd3e6180e02fd60e6dedd8177c7b6e)

Merge cherrypicks of [5313290, 5313323, 5313343, 5313415, 5313291, 5313441, 5313557, 5313344, 5313383, 5313384, 5313324, 5313325, 5313326, 5313294, 5313295, 5313296, 5313498] into oc-m8-release

Change-Id: I46b1483089554a4bec18c984d21c8b56ee8bcb85

RESTRICT AUTOMERGE: Recover shady content:// paths.

The path-permission element offers prefix or regex style matching of
paths, but most providers internally use UriMatcher to decide what
to do with an incoming Uri.

This causes trouble because UriMatcher uses Uri.getPathSegments(),
which quietly ignores "empty" paths.  Consider this example:

    <path-permission android:pathPrefix="/private" ... />

    uriMatcher.addURI("com.example", "/private", CODE_PRIVATE);

    content://com.example//private

The Uri above will pass the security check, since it's not
technically a prefix match.  But the UriMatcher will then match it
as CODE_PRIVATE, since it ignores the "//" zero-length path.

Since we can't safely change the behavior of either path-permission
or UriMatcher, we're left with recovering these shady paths by
trimming away zero-length paths.

Bug: 112555574
Test: cts-tradefed run cts -m CtsAppSecurityHostTestCases -t android.appsecurity.cts.AppSecurityTests
Change-Id: Ibadbfa4fc904ec54780c8102958735b03293fb9a
(cherry picked from commit a1ec7b115cc378f0547f10cf1074a5248d42d94f)

[DO NOT MERGE] Changing SUPL_ES=1 for SUPL end point control

SUPL_ES=1 ensures the GnssLocationProvider and related framework code
accepts incoming SMS SUPL_INIT messages with ES-bit=1
(which allow redirection of the ESLP
end-point e.g. to the current local emergency services provider when
you are travelling) only during an emergency call

Bug: 115331218
Bug: 112159033
Test: Build pass
Change-Id: I5075f7887a184ce18bb1815b35a2ce7acd8bca10
(cherry picked from commit 02f38c7284f183d5e1fc39fe56903a567ff3fc20)

Merge cherrypicks of [5141855] into oc-m8-release

Change-Id: I6cad0b3abf3d6310ad835765629eaa5fc57d2e2f

RESTRICT AUTOMERGE: Revert "RESTRICT AUTOMERGE: Check both self and shared user id package for requested permissions."

This reverts commit 05dc947c63a2304adce53a0aef6b0e0a9db9343a.

Reason for revert: Not a security fix and the security fix needs this cl is reverted.
Bug: 114365189

Change-Id: Id667b1c4d1a1af27837f553d7461283b22e5e41f
(cherry picked from commit bb4dcd1099cac4e0b3602e3d2ac088b796df3691)

Merge cherrypicks of [4995494, 4995495, 4995496, 4995497, 4997652, 4997881, 4997052, 4997883, 4995518, 4997653, 4997654] into oc-m8-release

Change-Id: Ib795e893dd306cb76180e8b18e1af21e2cd0598a

Verify number of Map entries written to Parcel

Make sure the number of entries written by Parcel#writeMapInternal
matches the size written. If a mismatch were allowed, an exploitable
scenario could occur where the data read from the Parcel would not
match the data written.

Fixes: 112859604
Test: cts-tradefed run cts -m CtsOsTestCases -t android.os.cts.ParcelTest

Change-Id: I325d08a8b66b6e80fe76501359c41b6656848607
Merged-In: I325d08a8b66b6e80fe76501359c41b6656848607
(cherry picked from commit 057a01d1f38e9b46d3faa4059fdd7c8717681ea0)

RESTRICT AUTOMERGE: Check both self and shared user id package for requested permissions.

Bug: 111752150
Test: Manual local test
Change-Id: I0b48a20525f87fc6f5ab8d7e70aa7d11cd747f97
(cherry picked from commit 05dc947c63a2304adce53a0aef6b0e0a9db9343a)

RESTRICT AUTOMERGE: Hide overlay windows when requesting media projection permission.

1: Cherry-pick ag/4067454 - Setting PRIVATE_FLAG_HIDE_NON_SYSTEM_OVERLAY_WINDOWS
updateNonSystemOverlayWindowsVisibilityIfNeeded on relayoutWindow

2: Cherry-pick ag/3650369 - If PRIVATE_FLAG_HIDE_NON_SYSTEM_OVERLAY_WINDOWS changed on
relayoutWindow() then updateNonSystemOverlayWindowsVisibilityIfNeeded

3: Add permissions to SystemUI to allow it to hide non-system overlays

Bug: 34170870
Test: manual (see bug for poc)
Change-Id: I57cb0f390d9a78e721c5ddce49a377d385002753
(cherry picked from commit 40f7b5832291ec81b921d9d7598447653d926604)

Merge cherrypicks of [4897833, 4897834, 4897835] into oc-m8-release

Change-Id: I641b54fb04008ba92c1fc4473ddfccabe947ab7e

Revert "RESTRICT AUTOMERGE: Revoke permissions defined in a to-be removed package."

This reverts commit 821076440434443af4257c5ba0b7b1f037735041.

Reason for revert: b/111752150

Change-Id: I035cfcacaeaf798b8aea7fe62376624d06c64388
(cherry picked from commit 9cd13a2bd5ca2546da7a15182b0ddf1a81f2e7da)

Merge cherrypicks of [4787660, 4787680, 4787071, 4787700, 4787592, 4787701, 4787720, 4787721, 4787072, 4787073, 4787074, 4787075, 4787076, 4787077, 4787740, 4787760, 4787722, 4787723, 4787724, 4787725, 4787726, 4787727, 4787728, 4787729, 4787730, 4787731] into oc-m8-release

Change-Id: I38f40dabd3b571920f41b122978558e0eac4d060

Fix crash during cursor moving on BiDi text

The crash was introduced by Ib66ef392c19c937718e7101f6d48fac3abe51ad0
The root cause of the crashing is requesting out-of-line access for the
horizontal width. This invalid access is silently ignored by
TextLine#measure() method but new implementation end up with out of
bounds access.

To makes behavior as old implementation, calling getHorizontal instead
of accessing measured result array.

Bug: 78464361, 111580019
Test: Manually done
Change-Id: I5c5778718f6b397adbb1e4f2cf95e9f635f6e5c8
(cherry picked from commit 960647d582911ae7ab8b9491097898e6c313aaf1)
Merged-In: I5c5778718f6b397adbb1e4f2cf95e9f635f6e5c8
(cherry picked from commit d30c55e3ccf25668fcbccf29c94224fd1d2e67b6)

RESTRICT AUTOMERGE: Revoke permissions defined in a to-be removed package.

Bug: 67319274
Test: run cts-dev --module CtsPermissionTestCases --test android.permission.cts.RemovePermissionTest#permissionShouldBeRevokedIfRemoved
Change-Id: I2771c048e13529e168121c5a5501aa26fc21e30f
(cherry picked from commit 821076440434443af4257c5ba0b7b1f037735041)

DO NOT MERGE. Extend SQLiteQueryBuilder for update and delete.

Developers often accept selection clauses from untrusted code, and
SQLiteQueryBuilder already supports a "strict" mode to help catch
SQL injection attacks. This change extends the builder to support
update() and delete() calls, so that we can help secure those
selection clauses too.

Bug: 111085900
Test: atest packages/providers/DownloadProvider/tests/
Test: atest cts/tests/app/src/android/app/cts/DownloadManagerTest.java
Test: atest cts/tests/tests/database/src/android/database/sqlite/cts/SQLiteQueryBuilderTest.java
Change-Id: Ib4fc8400f184755ee7e971ab5f2095186341730c
Merged-In: Ib4fc8400f184755ee7e971ab5f2095186341730c
(cherry picked from commit 09d49531334ce6bc4ac45de1d3d0edb1495c0566)

DO NOT MERGE. Execute "strict" queries with extra parentheses.

SQLiteQueryBuilder has a setStrict() mode which can be used to
detect SQL attacks from untrusted sources, which it does by running
each query twice: once with an extra set of parentheses, and if that
succeeds, it runs the original query verbatim.

This sadly doesn't catch inputs of the type "1=1) OR (1=1", which
creates valid statements for both tests above, but the final executed
query ends up leaking data due to SQLite operator precedence.

Instead, we need to continue compiling both variants, but we need
to execute the query with the additional parentheses to ensure
data won't be leaked.

Test: atest cts/tests/tests/database/src/android/database/sqlite/cts/SQLiteQueryBuilderTest.java
Bug: 111085900
Change-Id: I6e8746fa48f9de13adae37d2990de11c9c585381
Merged-In: I6e8746fa48f9de13adae37d2990de11c9c585381
(cherry picked from commit 5a55a72fcd18fb676eb4c114e62048068f71c01a)

DO NOT MERGE. Persistable Uri grants still require permissions.

When FLAG_GRANT_PERSISTABLE_URI_PERMISSION is requested, we still
need to check permissions between the source and target packages,
instead of shortcutting past them.

The spirit of the original change is remains intact: if the caller
requested FLAG_GRANT_PERSISTABLE_URI_PERMISSION, then we avoid
returning "-1", which would prevent the grant data structure from
being allocated.

Bug: 111934948
Test: atest android.appsecurity.cts.AppSecurityTests
Change-Id: Ief0fc922aa09fc3d9bb6a126c2ff5855347cd030
Merged-In: Ief0fc922aa09fc3d9bb6a126c2ff5855347cd030
(cherry picked from commit 05519b7e3d0f3d16ddfe6ee3892c8468a2c10c62)

Optimise the hit test algorithm

Layout#getOffsetForHorizontal was running in O(n^2) time, where n is the
length of the current line. The method is used when a touch event
happens on a text line, to compute the cursor offset (and the character)
where it happened. Although this is not an issue in common usecases,
where the number of characters on a line is relatively small, this can
be very inefficient as a consequence of Unicode containing 0-width
(invisible) characters. Specifically, there are characters defining the
text direction (LTR or RTL), which cause our algorithm to touch the
worst case quadratic runtime. For example, a person is able to send a
message containing a few visible characters, and also a lot of these
direction changing invisible ones. When the receiver touches the message
(causing the Layout#getOffsetForHorizontal method to be called), the
receiver's application would become not responsive.

This CL optimizes the method to run in O(n) worst case. This is achieved
by computing the measurements of all line prefixes at first, which can
be done in a single pass. Then, all the prefix measurement queries will
be answered in O(1), rather than O(n) as it was happening before.

Bug: 79215201
Test: manual testing
Change-Id: Ib66ef392c19c937718e7101f6d48fac3abe51ad0
Merged-In: Ib66ef392c19c937718e7101f6d48fac3abe51ad0
(cherry picked from commit 69b589b21d02cd380a6827c39e56cbd12a804ffd)

Merge cherrypicks of [4691111, 4689862, 4690575, 4690576, 4690577, 4690578, 4689866, 4689868, 4689869, 4689870, 4691132, 4689456, 4689963, 4691133, 4691134, 4691156, 4691157, 4691159, 4691161, 4690581, 4689964, 4689460, 4691112, 4690582, 4690583, 4691165, 4691166, 4691167, 4691168, 4691169, 4691170, 4691211, 4691212, 4691213, 4691214, 4691215, 4691216, 4691217, 4691218, 4691219, 4691232, 4691233, 4691234, 4691235, 4691236, 4691237, 4691238, 4691239, 4691240, 4691241, 4691243, 4691245, 4691247, 4691249, 4691250, 4691291, 4691292, 4691293, 4691294, 4691295, 4691296, 4691255, 4689476, 4689477, 4689478, 4691223, 4691224, 4691136, 4689479, 4689480, 4691137, 4691225, 4691226, 4691227, 4691371, 4691228, 4691328, 4689967, 4691138, 4691139, 4691140, 4691433, 4689968, 4689969, 4691395, 4691230, 4691297, 4691298, 4691299, 4691300, 4691396, 4691397, 4691398, 4691399, 4691400, 4691401, 4691402, 4691403, 4691404, 4691405, 4691406, 4691407, 4691408, 4691409, 4691410, 4691471, 4691472, 4691473, 4691474, 4691475, 4691476, 4691477, 4691478, 4691479, 4691480, 4691481, 4691482, 4691483, 4691484, 4691485, 4691486, 4691487, 4691488, 4691143, 4691144, 4691511, 4691113, 4689482, 4691533, 4691145, 4691146, 4691147, 4691148, 4691536] into sparse-4732991-L01200000196794104

Change-Id: Ia22e17bb167b1d67bcce73a5f95c44c9649f2c08

Fix TrackInfo parcel write

Bug: 77600398
Change-Id: Ia316f1c5dc4879f6851fdb78fe8b9039579be7bc
(cherry picked from commit 0d2dc943dcaa3d7c8479e22ae62be9753ea2643c)

vpn: allow IPSec traffic through Always-on VPN

This won't leak any traffic outside the VPN as long as there are no
processes owned by uid 0 which generate network traffic (which is
currently the case).

Bug: 69873852
Test: compared the output of 'adb shell ip rule show' before and after
Test: runtest -x frameworks/base/tests/net/java/com/android/server/connectivity/VpnTest.java
Test: local CTS tests run: android.net.cts.VpnServiceTest
Test: local CTS tests run: com.android.cts.devicepolicy.MixedDeviceOwnerTest
Change-Id: I8758e576c9d961d73f62bfcf0559dd7ecee6e8e6
Merged-In: I8758e576c9d961d73f62bfcf0559dd7ecee6e8e6
Merged-In: I1f9b78c8f828ec2df7aba71b39d62be0c4db2550
Merged-In: I8edeb0942e661c8385ff0cd3fdb72e6f62a8f218
(cherry picked from commit 00000fe55a4729f8339afdc7eab5c970b2549813)
(cherry picked from commit ef2910dc709d698b6476e8d462c608d04c784a26)

Resolve inconsistent parcel read in NanoAppFilter

Bug: 77599679
Test: Compile only
Change-Id: Ib417a5cb4d51744442d2fb14437cabbe5fd1c266
(cherry picked from commit abe5a73a4a81e312a1690fbc10a6b99ce98b699a)

Backport Prevent shortcut info package name spoofing

Test: cts-tradefed run cts -m CtsShortcutManagerTestCases -t android.content.pm.cts.shortcutmanager.ShortcutManagerFakingPublisherTest
Bug: 109824443

Change-Id: I90443973aaef157d357b98b739572866125b2bbc
Merged-In: I78948446a63b428ae750464194558fd44a658493
(cherry picked from commit 9e21579a11219581a0c08ff5dd6ac4dc22e988a4)

Fix DynamicRefTable::load security bug

DynamicRefTables parsed from apks are missing bounds checks that prevent
buffer overflows. This changes verifies the bounds of the header before
attempting to preform operations on the chunk.

Bug: 79488511
Test: run cts -m CtsAppSecurityHostTestCases \
-t android.appsecurity.cts.CorruptApkTests

Change-Id: I02c8ad957da244fce777ac68a482e4e8fa70f846
Merged-In: I02c8ad957da244fce777ac68a482e4e8fa70f846
(cherry picked from commit 18a6ada4aa136da4f50f03fff91d61d448ced195)

ResStringPool: Prevenet boot loop from se fix

Changes the logs adding in a previous security fix to warnings so
devices with malformed APKs currently on them will not undergo DOS when
they are upgraded to P.

Bug: 79724567
Test: run cts -m CtsAppSecurityHostTestCases \
-t android.appsecurity.cts.CorruptApkTests

Change-Id: Ied54e4bb14abdaf79da562022c7ea6075187c1f8
(cherry picked from commit f05f47b2c1838529e682ad8f931d3da72244b1a1)
(cherry picked from commit c31cf80008fdb06ea8e1eab9764096653e7854b1)

Make safe label more safe

* limit the absolute maximum size of the label to 50000 characters
[which is probably far more than necessary, but, can be dialed down]

* use a string buffer while processing the string [instead of creating
multiple string objects]

Bug: 62537081
Test: Manual. Install APK in bug and see that it can be uninstalled
Change-Id: Ibf63c2691ad7438a123e92110d95b1f50050f8b1
Merged-In: Ibf63c2691ad7438a123e92110d95b1f50050f8b1
(cherry picked from commit 2263da9539daef134395226a2718ba2d7af7547d)

WM: Prevent secondary display focus while keyguard is up

Fixes an issue where input intended for the keyguard could end up going
to a different display.

To prevent this, make sure that only the default display can get focused
when the keyguard is showing.

Change-Id: I6463c44aedca06930d2c9bda7c45ffd93141308c
Merged-In: I6463c44aedca06930d2c9bda7c45ffd93141308c
Fixes: 71786287
Test: atest DisplayContentTests
(cherry picked from commit 3cd5e3d9bbb3255e874b8fa27d7ed506164905dd)

DO NOT MERGE: Add unit tests to ensure VPN meteredness

These new tests ensure that VPNs report the meteredness of their
underlying networks correctly. The added test verifies VPN meteredness
for cases of metered and unmetered WiFi and Cell

Bug: 78644887
Test: This; ran on walleye-eng
Change-Id: I28bdc71a336bfd97f7908455d4781d774df44b87
(cherry picked from commit 66bc52884b1009fca7917ae89e72e8aa40f394d1)

DO NOT MERGE: Fix ConnectivityController meteredness checks

This patch corrects ConnectivityController's meteredness checks to
perform correct meteredness checks while VPNs are running. This fixes a
bug in O-MR1 where any apps using the DownloadProvider with unmetered
network constraints fail to start while the VPN is enabled.

This change adds a bespoke method for ConnectivityController, allowing
it to correctly identify the meteredness without affecting public API
surfaces.

Bug: 78644887
Test: Built, flashed on Walleye, and tested.
Test: Additional test coverage in subsequent patch(es).
Change-Id: Ie1d11d93d51d936ce81cd5984af61bde30325983
(cherry picked from commit d08ab5a641d9d81314c9439724dd34338fa81d58)

clearCallingIdentity before calling into getPackageUidAsUser

Fix: 70585244
Bug: 69981755

Test: Enable any accessibility service -> inflate work profile
-> Tap on any work app -> no longer crash

Test: cts-tradefed run cts-dev --module DevicePolicyManager --test com.android.cts.devicepolicy.CrossProfileAppsHostSideTest.testPrimaryUserToManagedProfile
Change-Id: I80d18f4e2ab76a228cb0aa2c8312c323a9b5c84d
(cherry picked from commit 857326e3731939f6ec7979e1d86585bf0ea484f4)

Nullcheck to fix Autofill CTS

Test: presubmit
Fixes: 70506475
Bug: 69981755
Change-Id: I187bed4889a4901a7137a2995178ea651ed09186
(cherry picked from commit 6c68a692880b7cc981e130aace0edb9f2fcffff6)

Osu: fixed Mismatch between createFromParcel and writeToParcel

Bug: 77600924
Change-Id: I46d765892e8e6839ed5140a3b0d6bb1815ccf9bc
Signed-off-by: Ecco Park <eccopark@google.com>
(cherry picked from commit 9a59cf84506e9fa841524ac2c70ae683449e709a)

DO NOT MERGE Truncate newline and tab characters in BluetoothDevice name

Test: manual
Bug: 73173182
Change-Id: I7f2201cab36adf7f01d1a794d783cb78a536811f
(cherry picked from commit 24da173b63b17a0bc6c80b2fcfefa7fe4574a15b)

Fix broken check for TelephonyManager#getForbiddenPlmns

(backport from a fix merged in pi-dev)

Bug: 73884967
Test: Treehugger
Change-Id: I9deaae20893184cde36dcd936fe83708fa60b830
Merged-In: I0cf7920e138892fbcab71fae0eed1293f0b2e404
Merged-In: I9e3456e5f1e479b0e2b102f6c90db57cd0e977fe
(cherry picked from commit 7b52a48d6b10e3ed2806b57d39a2d9211dd4b585)

DO NOT MERGE (O) Revoke permision when group changed

If a run time permission of a group is already granted we grant the
other permission of the group automatically when requested.

Hence if an already granted permission changed its group during an
update suddenly permission of a potentially not approved group will
get auto-granted.

This is undesirable, hence we revoke the permission during the update
process.

Test: atest android.permission.cts.PermissionGroupChange
Change-Id: Ib2165d1ae53b80455ebe02e07775853e37a2e339
Fixes: 72710897
(cherry picked from commit 0ed1b472af194896fcf421dc862c443343c7c127)

ResStringPool: Fix security vulnerability

Adds detection of attacker-modified size and data fields passed to
ResStringPool::setTo(). These attacks are modified apks that AAPT would
not normally generate. In the rare case this occurs, the installation
cannot be allowed to continue.

Bug: 71361168
Bug: 71360999
Test: run cts -m CtsAppSecurityHostTestCases \
-t android.appsecurity.cts.CorruptApkTests

Change-Id: If7eb93a9e723b16c8a0556fc4e20006aa0391d57
Merged-In: If7eb93a9e723b16c8a0556fc4e20006aa0391d57
(cherry picked from commit 7e54c3f261d81316b75cb734075319108d8bc1d1)

RESTRICT AUTOMERGE: Prevent reporting fake package name - framework (backport to oc-mr1-dev)

Test: added AccessibilityEndToEndTest#testPackageNameCannotBeFaked
cts-tradefed run cts -m CtsAccessibilityServiceTestCases
cts-tradefed run cts -m CtsAccessibilityTestCases

Bug: 69981755
Change-Id: If3752e106aa7fdee4645dc9852289af471ceff18
Merged-In: I13304efbee10d1affa087e9c8bc4ec237643283e
(cherry picked from commit c36db6d473c9988496cd614924ee113b67f7e333)

Use concrete CREATOR instance for parceling lists

Replaced readTypedArrayList/writeTypedArrayList with
writeTypedList/createTypedArrayList(CREATOR)

Bug: 71508348
Test: CtsAutoFillServiceTestCases pass
Merged-In: I2a8321023b40cc74b7026eb0fb32a9cc5f5543a9
Change-Id: Id17d02e40a4ae567bf2d74d2ea8ba4d8a943bdb7
(cherry picked from commit 4921986db76b1580bcb6ec8b2fd381d1364a6325)

Rework thumbnail cleanup

Bug: 63766886
Test: ran CTS tests
Change-Id: I1f92bb014e275eafe3f42aef1f8c817f187c6608
(cherry picked from commit 6d2096f3889d38da60099b1b5678347de4f042bf)

Proper autofill fix to let phone process autofill Settings activity.

Test: adb shell am start com.android.settings/.RadioInfo
Bug: 69981710
Fixes: 70506888

Change-Id: Id29bad2d20b621f7379eb6144c95dcc819949b3d
Merged-In: Id29bad2d20b621f7379eb6144c95dcc819949b3d
(cherry picked from commit 97f16a76db29269619d9a1b45d4cea49026a5b6a)
(cherry picked from commit 92b5d2783a1b97bee476f04754481403839b4e45)

Merge cherrypicks of [3782287, 3782954, 3783025, 3783026, 3783027, 3783028, 3783029, 3783030, 3783164, 3783165, 3783167, 3783168, 3783170, 3783171, 3783172, 3782288, 3783031, 3782196, 3782955] into oc-m4-release

Change-Id: Ie5bb0080290b16322833b5ca450689b3ff66892a

Fixed Security Vulnerability of DcParamObject

The writeToParcel and readFromParcel is not symmetry, fixed it.

Test: no test
Bug: 70721937
Change-Id: I01f6f6b2ab778ee8b638d9b69fe0a6b9aa7ee395
(cherry picked from commit 8c55a70728fdb0a7b0585fac08629b0137dca51e)

Update internal ViewPager's SavedState to match Support Library version

Merged-In: Ic4569b21d8a26a62bba91742b442f0c3ea8bcc9e
Change-Id: I17d085be9ce1a139e75264f1e715df7f565cd41b
Fixes: 71992105
Test: manual
(cherry picked from commit 187964aca12115c7ab66f59d1ebb95e4f4130ac6)

[DO NOT MERGE] Copy PermissionChecker from support lib and use in RcognitionService

Fixes: 73511076, 73311729
Test: presubmit
Change-Id: Ie98f67ffee4744050ac85d8b229370a16a76a194
(cherry picked from commit 726b51a26e9a54b7352aad90ed15edccc44dd60d)
(cherry picked from commit 5a28e533fe8865ed371b5c0fd909a4ec89f63633)

[DO NOT MERGE] Add permission check to setAllowOnlyVpnForUids

Bug: 63000005
Test: runtest frameworks-net -c com.android.server.connectivity.VpnTest
Test: cts-tradefed run cts-dev -m CtsDevicePolicyManagerTestCases -t com.android.cts.devicepolicy.MixedDeviceOwnerTest#testAlwaysOnVpnLockDown
Merged-In: Ia1a82ee73d8617f3124032986fe6c09c14bf7752
Change-Id: Ia1a82ee73d8617f3124032986fe6c09c14bf7752
(cherry picked from commit f915e04d5010c4dfffad263fa70c1e412e856314)

Verify last array's length in readFromParcel

Length of the last array in readFromParcel should be the same as
value of mNextIndex.

Test: PoC app in the bug
Bug: 73252178
Change-Id: I69f935949e945c3a036b19b4f88684d906079ea5
(cherry picked from commit 3b8bc2e45048527d7682b24b96957c34433da382)

DO NOT MERGE - fix AFM.getComponentNameFromContext()

This method broke on O-MR1 when I3abf999eb6056c1df7982780bae43b58337c0668
was chery-picked from master.

Test: cts-tradefed run commandAndExit cts-dev -m CtsAutoFillServiceTestCases \
-t android.autofillservice.cts.AttachedContextActivityTest#testAutofill
Test: cts-tradefed run commandAndExit cts-dev -m CtsAutoFillServiceTestCases

Also individually ran tests that failed (due to flakiness) when ran in a suite:

Test: cts-tradefed run commandAndExit cts-dev -m CtsAutoFillServiceTestCases \
-t android.autofillservice.cts.OptionalSaveActivityTest#testDontShowSaveUiWhenUserManuallyFilled_oneDatasetAllRequiredFields

Test: cts-tradefed run commandAndExit cts-dev -m CtsAutoFillServiceTestCases -t android.autofillservice.cts.PreSimpleSaveActivityTest #testTapLink_tapBack_thenStartOverBySayingYesAndManualRequest

Fixes: 71960322

Change-Id: Ia093dcefe6699dc9493c46d671e48c2000214b31
Merged-In: I3abf999eb6056c1df7982780bae43b58337c0668
(cherry picked from commit b25b4736db2ea05dce6b9f03e8a9920ab338dd5a)

Make sure apps cannot forge package name on AssistStructure used for Autofill.

Test: cts-tradefed run commandAndExit cts-dev -m CtsAutoFillServiceTestCases -t android.autofillservice.cts.VirtualContainerActivityTest#testAppCannotFakePackageName
Test: cts-tradefed run commandAndExit cts-dev -m CtsAutoFillServiceTestCases

Bug: 69981710

Change-Id: Id6036cddb51dd8dd0c9128b7212d573f630d693f
Merged-In: Id6036cddb51dd8dd0c9128b7212d573f630d693f
(cherry picked from commit 23e61a9086a34405e277868474e003b37ed1b711)

Snap for 4657601 from 65ff5247cb85e2bd1fb7f65228542fe8266f6d9e to oc-m4-release

Change-Id: I549a4ec71b46c202ed9209ddea8b147f91b8f294

Snap for 4603989 from 833770d26f7813768e195d22ca9c8e41dc83448a to oc-m2-release

Change-Id: Id2935bbe1630247131e87ed78cc70a7e3aaa0f5b

Merge cherrypicks of [3661626, 3661980, 3662429, 3661545, 3661546, 3661579, 3661580, 3662430, 3661547, 3661548, 3661549, 3661550, 3662578, 3662579, 3662580, 3662581, 3662582, 3662583, 3661597, 3661598, 3661551, 3661552, 3661553, 3661554, 3661555, 3662596, 3662597, 3662598, 3662599, 3662584, 3662585, 3662586, 3662616, 3662617, 3662618] into oc-m4-release

Change-Id: I7c9c46ea767f4332fbcb7bca50eabaa446acacdc

[RTT] ParcelableRttResults parcel code fix

ParcelableRttResults was unparceled incorrectly.

Bug: 70398564
Test: exploit provided in bug no longer works
Change-Id: Ifd6de547e9861bbebc399b43d0cc2899a8160813
(cherry picked from commit e1e5a2409c8bef2481e68d9329f87bb8037afa45)

Fix VerifyCredentialResponse parcelling code

There was an asymmetry between parcelling and unparcelling of
VerifyCredentialResponse that could lead to type confusion if
packed with other objects in a Parcel.

Test: none
Bug: 71714464
Change-Id: Icff68879e249422ccca49f2bb7db85c35b4cb353
(cherry picked from commit 54813e988884f0d604d5358569f10feda8622f46)

Adjust URI host parsing to stop on \ character.

The WHATWG URL parsing algorithm [1] used by browsers says that for
"special" URL schemes (which is basically all commonly-used
hierarchical schemes, including http, https, ftp, and file), the host
portion ends if a \ character is seen, whereas this class previously
continued to consider characters part of the hostname. This meant
that a malicious URL could be seen as having a "safe" host when viewed
by an app but navigate to a different host when passed to a browser.

[1] https://url.spec.whatwg.org/#host-state

Bug: 71360761
Test: vogar frameworks/base/core/tests/coretests/src/android/net/UriTest.java (on NYC branch)
Test: cts -m CtsNetTestCases (on NYC branch)
Change-Id: Id53f7054d1be8d59bbcc7e219159e59a2425106e
(cherry picked from commit fa3afbd0e7a9a0d8fc8c55ceefdb4ddf9d0115af)

Check for null-terminator in ResStringPool::string8At

All other stringAt methods check for null termination. Be consistent
so that upper levels don't end up with huge corrupt strings.

Bug: 62537081
Test: none
Change-Id: I17bdfb0c1e34507b66c6cad651bbdb12c5d4c417
(cherry picked from commit 3d35a0ea307693a97583a61973e729a5e7db2687)
(cherry picked from commit 97f8cb01149b35b1832c7f9efe85ff19edf1083e)
(cherry picked from commit 5ec65ae909a85d13d03c030be357c8c14a50d306)

OutputConfiguration: Fix missing mIsShared in parcel read

Test: Camera CTS
Bug: 69683251
Merged-In: I7ea4aa8ed4baa5a5e7d25a0073361d827ba86c13
Change-Id: I7ea4aa8ed4baa5a5e7d25a0073361d827ba86c13
(cherry picked from commit 4304a02ac990c1af5fb8f479bdd2b04c8af4fddb)

Fix bad type for txPower in PeriodicAdvertisingReport serialization

Bug: 69634768
Test: compilation
Change-Id: Icedfbaf1ba933637e935ada0fd98aea42c73f2b2
Merged-In: Icedfbaf1ba933637e935ada0fd98aea42c73f2b2
(cherry picked from commit 5332988c62e2f2ededb29ac3bfc4774551fe956f)

Snap for 4565141 from 68505b3110160bb83b68ef0f61663446593d9c06 to oc-m4-release

Change-Id: Ibf135d197dba570c2fd622f5942d05e5b1ec0da7

Merge cherrypicks of [3594034, 3594272, 3594273, 3594274, 3594275, 3594347, 3594035, 3592471] into oc-mr1-release

Change-Id: Id0214b5206fd01da1829b1475cef34ecac46f4e2

fix isActiveNetworkMetered with VPNs

Bug: 72871435
Test: flashed and verified, also ran runtest framework-net

Change-Id: I69319a7db269489053426bb2d41574180be2d43d
(cherry picked from commit c81ef199549c552003e78a2b9383d5d38aaed8d0)

Handle onBindingDied in notification manager

On Android, if the process containing the service being bound to
crashes before the bind succeeds, the app doing the binding won't
get a success or failure callback.

When that happens in this code, this leaves notif. manager thinking
that a binding is in progress, so it never attempts to rebind until
the device is rebooted.

Bug: 69064494
Test: manual, crashed listener on proc start, verified not unbound forever
Change-Id: Id2082744208e21a709d9453365f282449a2e9407
(cherry picked from commit 4a86a51b672617b02994fc812e4f96342daf424e)
(cherry picked from commit 1936097afc3188ed5f2bb4e7211bb404364eeb38)

Relax Instant Apps Settings whitelist enforcement

The strict whitelist of settings for Instant Apps is leading to too much
unintended breakage, remove the enforcement until better infrastructure
can be added to make sure settings that should be whitelisted are.

Bug: 71009655
Test: Coming in a follow up

(cherry picked from commit b6108d621002d4de708ae526e7c2bc95dabef080)

Change-Id: Iaa1d71331407cee86c10105c1e5668ffd0c925a1
(cherry picked from commit 26ae1d359e02fe5871177c9adfc90ca571fd0f86)

Merge cherrypicks of [3581037, 3581038, 3580473, 3580624, 3580656, 3580657, 3580658, 3580382, 3580474, 3580475, 3581039, 3581040, 3580476, 3580206, 3581527, 3580955, 3580956, 3580957, 3580958, 3580959, 3580960, 3580961, 3580962, 3580963, 3580964, 3580965, 3580966, 3581567, 3581568, 3581569, 3581570, 3581571, 3580625, 3580626, 3581587, 3581513, 3581514, 3581515, 3580477, 3581588, 3580659, 3580660, 3580383, 3580384, 3580478, 3580719, 3580479, 3580480, 3581385, 3581528, 3581041, 3581042, 3581043, 3581044, 3581045, 3581046, 3581607, 3580385, 3580481, 3580482, 3580483, 3580661, 3580662, 3580663, 3580664, 3580665, 3580484, 3580485, 3581608, 3581609, 3581610, 3581611, 3581612, 3581589, 3581613, 3580486, 3581519, 3581627, 3581628, 3581529, 3581530, 3581531, 3581629, 3581630] into oc-mr1-release

Change-Id: I107552246742f7f284efd431d810a44d97a223b1

[RTT] ParcelableRttResults parcel code fix

ParcelableRttResults was unparceled incorrectly.

Bug: 70398564
Test: exploit provided in bug no longer works
Change-Id: Ifd6de547e9861bbebc399b43d0cc2899a8160813
(cherry picked from commit e1e5a2409c8bef2481e68d9329f87bb8037afa45)

Fix VerifyCredentialResponse parcelling code

There was an asymmetry between parcelling and unparcelling of
VerifyCredentialResponse that could lead to type confusion if
packed with other objects in a Parcel.

Test: none
Bug: 71714464
Change-Id: Icff68879e249422ccca49f2bb7db85c35b4cb353
(cherry picked from commit 54813e988884f0d604d5358569f10feda8622f46)

Update diskstats to break out code & data.

This updates both the text-based diskstats and the proto-based diskstats
to both have both an aggregated and line-itemed view of app sizes.
Formerly, the code and data sizes were rolled up into the same category
and now they are separated.

Bug: 63908720
Test: FrameworksServicesTest passes
Merged-In: I1434327ffde6ad1f31243218c5201a80f9725a63
(cherry picked from commit b6cc838142d2390eaec99670bb6caf6bee0ec96f)
(cherry picked from commit 41a5ae86f1d51204995af617ef3d1f31b178a618)

Change-Id: I0d21ecc0ded5d715e3b5a478e78de2ba1f7e9ec2

Adjust URI host parsing to stop on \ character.

The WHATWG URL parsing algorithm [1] used by browsers says that for
"special" URL schemes (which is basically all commonly-used
hierarchical schemes, including http, https, ftp, and file), the host
portion ends if a \ character is seen, whereas this class previously
continued to consider characters part of the hostname. This meant
that a malicious URL could be seen as having a "safe" host when viewed
by an app but navigate to a different host when passed to a browser.

[1] https://url.spec.whatwg.org/#host-state

Bug: 71360761
Test: vogar frameworks/base/core/tests/coretests/src/android/net/UriTest.java (on NYC branch)
Test: cts -m CtsNetTestCases (on NYC branch)
Change-Id: Id53f7054d1be8d59bbcc7e219159e59a2425106e
(cherry picked from commit fa3afbd0e7a9a0d8fc8c55ceefdb4ddf9d0115af)

Check for null-terminator in ResStringPool::string8At

All other stringAt methods check for null termination. Be consistent
so that upper levels don't end up with huge corrupt strings.

Bug: 62537081
Test: none
Change-Id: I17bdfb0c1e34507b66c6cad651bbdb12c5d4c417
(cherry picked from commit 3d35a0ea307693a97583a61973e729a5e7db2687)
(cherry picked from commit 97f8cb01149b35b1832c7f9efe85ff19edf1083e)
(cherry picked from commit 5ec65ae909a85d13d03c030be357c8c14a50d306)

OutputConfiguration: Fix missing mIsShared in parcel read

Test: Camera CTS
Bug: 69683251
Merged-In: I7ea4aa8ed4baa5a5e7d25a0073361d827ba86c13
Change-Id: I7ea4aa8ed4baa5a5e7d25a0073361d827ba86c13
(cherry picked from commit 4304a02ac990c1af5fb8f479bdd2b04c8af4fddb)

Fix bad type for txPower in PeriodicAdvertisingReport serialization

Bug: 69634768
Test: compilation
Change-Id: Icedfbaf1ba933637e935ada0fd98aea42c73f2b2
Merged-In: Icedfbaf1ba933637e935ada0fd98aea42c73f2b2
(cherry picked from commit 5332988c62e2f2ededb29ac3bfc4774551fe956f)

Use correct user id for permission check for instant foreground service

Test: cts-tradefed run cts-dev -m CtsAppSecurityHostTestCases
-t android.appsecurity.cts.EphemeralTest#testStartForegrondService

bug: 68275646
Bug: 71366502

Change-Id: I196522c49ae8a7e0ec07bf631f04bae51e96db5b

cherry pick from: https://android-review.googlesource.com/c/platform/frameworks/base/+/559340
(cherry picked from commit e32c238ce76151dd6221e6762f841c8f721c45f7)

Change-Id: Idfeae038d42b9dee9f6f57203f2bdb0764f51877
(cherry picked from commit d967610fb865ce2ac5f8c379a13e21feee98fbe0)

Metrics wifi.proto for connected wifi score

(cherry picked from commit bb367b689605d0ca3641984b4d59bbe13e6861df)

Bug: 67429363
Bug: 71708302
Test: Wifi unit tests

Change-Id: I2993a02e7b3199c2b50dc2ddb7704fc5b6364025
Merged-In: I315613b8ea3aa1d02810ae376c76083d80865d31
(cherry picked from commit 1b8fe6ef73cdeff9ad7faf6bf695657c9b8df7ff)

Fixed AUTOFILL_UI_LATENCY metric.

This metric was using the RESERVED_FOR_LOGBUILDER_COUNTER and hence was not
being picked up.

Bug: 71863561
Fixes: 72175011

Test: adb shell logcat -b events | grep sysui | grep 1136
Test: cts-tradefed run commandAndExit cts-dev -m CtsAutoFillServiceTestCases

Change-Id: I34f701ff5336a413477fd14172d16d8d1e5403ad
(cherry picked from commit b659adb3f3d13049ca1c08fcec2d419ffd7a386b)

Add metric for anomaly detection

ACTION_APP_STOP_AND_BACKGROUND_CHECK
FIELD_ANOMALY_ACTION_TYPE
ANOMALY_TYPE_WAKELOCK
ANOMALY_TYPE_WAKEUP_ALARM
ANOMALY_TYPE_UNOPTIMIZED_BT

Bug: 68215016
Test: Build
Merged-In: I66f0465a3b89713060948af31c370e9ac894e0ff
Change-Id: I66f0465a3b89713060948af31c370e9ac894e0ff
(cherry picked from commit 7d36b386902117eaec68679499342e35fa7743e9)

Add support for notification of LTE to WIFI handover for video calls.

Test: Manual, added new unit tests.
Bug: 65490850
Change-Id: I7afbd2d1e783aae425ac3fe640a6e92d1600b9a5
(cherry picked from commit 5ce0d3a6b590c59855f9a8091e62d7e8361d0dd8)

Turn default gradient into solid black

Test: visual
Bug: 66957450
Change-Id: I6a34a35912e4dd4594565f88636ce89689d26f2f
(cherry picked from commit e7476addecb4fec6abd08cfb7aa27c473ce5c1f0)
(cherry picked from commit 12dad0c4fc5fc8f0988dca0fffd2d26f2cb04195)

[PASSPOINT] Add metrics to determine deployment/avail of Passpoint

Add metrics which will help determine Passpoint availability in the
wild. The metrics measure the percentage of time a Passpoint network
is visible to user - by collecting historgrams of observations per
scan result.

(cherry-pick of commit c462a7a4c15ca7c35002c84de4ff115be12b28a1)

Bug: 66951771
Test: unit test
Merged-In: I8c91f490a533f90a4f0630e1cb461e1d2643358b
Change-Id: I08367ab2c45900c76b65cea980a9b4a335b3dcdb
(cherry picked from commit 8c88b5e2e17fdee5eb192c4bb388472878b79811)

Add assisted dialing properties to the framework.

These properties allow the feature to be propogated from
the outgoing call broadcast, to the connection, to the call,
and finally to the call log as a feature.

Test: no existing unit tests found. could use some pointers
Bug: 35963245
Merged-In: I84343fb0cda16514c01997fd71d1e819b5b7eebb
Change-Id: I086e761ada9a57dca61c3a412561ee54255d6260
(cherry picked from commit 9765e89e1ed533d844583bae5de0026452bf9e70)

[AWARE] Make PeerHandle comparable/hashable

Add public equals()/hash() methods to PeerHandle. Allows the handle to
be used across multiple calls/sessions.

(partial cherry-pick of commit 3d33d7495ffbf12966299df8359d71a6f0926e7a)
(cherry-pick of commit 0d49c0dda8bfef0267d81e8490e4882e51a15af4)

Bug: 68931709
Test: builds, unit test, integration test
Change-Id: I87df50edb948a7afc90e496165013235ddca1e48
Merged-In: Idc59269d4275181ed6d9a793213c681dc4e98134
Merged-In: I6848acda9bfef306b8feaae6987ff18f7bc2e6ec
(cherry picked from commit 4454bda052aea4087880674bb0e0f81ce2647009)

Fix issues with TRON app transition logging

There was a case where a app launch started activity A. A step in
the UI finished A and started B in the same task. Next time A was
started it immediately finished itself, putting B at the top of
the task. Now, this launch was considered aborted because A was
finished during launching, making it invisible.

We fix this by modifying the logic to only abort the launch if the
full task is not visible anymore after an activity has been set to
invisible.

There is another case where an app launches A, finishes A, and then
launches B. In this case the home gets visible in between so we
don't consider this an app launch anymore, and correctly cancel
the logging. However it's still useful to know that this is
happening to expose it to the developer, so we log any cancel
events, no matter where they are coming from.

Test: Launch Snapchat, click Sign Up, click home, relaunch
Snapchat from home
Test: Open slow app and press home quickly to test cancel.

Change-Id: I211636c97fd6785adb3fe443a8ffa1ae766946a4
Merged-In: I211636c97fd6785adb3fe443a8ffa1ae766946a4
Fixes: 67094673
(cherry picked from commit a9d408214cd73709ff25f235cf6817eaaf7a23d6)

Merge cherrypicks of [3551537, 3552808, 3552809, 3551513, 3551514, 3554326, 3555207, 3555208, 3555209, 3555210, 3552110, 3555154, 3555155] into oc-m2-release

Change-Id: I70e258cf97c5073fad0c58c4d801ff2ec8076728

Adjust URI host parsing to stop on \ character.

The WHATWG URL parsing algorithm [1] used by browsers says that for
"special" URL schemes (which is basically all commonly-used
hierarchical schemes, including http, https, ftp, and file), the host
portion ends if a \ character is seen, whereas this class previously
continued to consider characters part of the hostname. This meant
that a malicious URL could be seen as having a "safe" host when viewed
by an app but navigate to a different host when passed to a browser.

[1] https://url.spec.whatwg.org/#host-state

Bug: 71360761
Test: vogar frameworks/base/core/tests/coretests/src/android/net/UriTest.java (on NYC branch)
Test: cts -m CtsNetTestCases (on NYC branch)
Change-Id: Id53f7054d1be8d59bbcc7e219159e59a2425106e
(cherry picked from commit fa3afbd0e7a9a0d8fc8c55ceefdb4ddf9d0115af)

Check for null-terminator in ResStringPool::string8At

All other stringAt methods check for null termination. Be consistent
so that upper levels don't end up with huge corrupt strings.

Bug: 62537081
Test: none
Change-Id: I17bdfb0c1e34507b66c6cad651bbdb12c5d4c417
(cherry picked from commit 3d35a0ea307693a97583a61973e729a5e7db2687)
(cherry picked from commit 97f8cb01149b35b1832c7f9efe85ff19edf1083e)
(cherry picked from commit 5ec65ae909a85d13d03c030be357c8c14a50d306)

OutputConfiguration: Fix missing mIsShared in parcel read

Test: Camera CTS
Bug: 69683251
Merged-In: I7ea4aa8ed4baa5a5e7d25a0073361d827ba86c13
Change-Id: I7ea4aa8ed4baa5a5e7d25a0073361d827ba86c13
(cherry picked from commit 4304a02ac990c1af5fb8f479bdd2b04c8af4fddb)

Fix bad type for txPower in PeriodicAdvertisingReport serialization

Bug: 69634768
Test: compilation
Change-Id: Icedfbaf1ba933637e935ada0fd98aea42c73f2b2
Merged-In: Icedfbaf1ba933637e935ada0fd98aea42c73f2b2
(cherry picked from commit 5332988c62e2f2ededb29ac3bfc4774551fe956f)

Use correct user id for permission check for instant foreground service

Test: cts-tradefed run cts-dev -m CtsAppSecurityHostTestCases
-t android.appsecurity.cts.EphemeralTest#testStartForegrondService

bug: 68275646
Bug: 71366502

Change-Id: I196522c49ae8a7e0ec07bf631f04bae51e96db5b

cherry pick from: https://android-review.googlesource.com/c/platform/frameworks/base/+/559340
(cherry picked from commit e32c238ce76151dd6221e6762f841c8f721c45f7)

Change-Id: Idfeae038d42b9dee9f6f57203f2bdb0764f51877
(cherry picked from commit d967610fb865ce2ac5f8c379a13e21feee98fbe0)

Merge cherrypicks of [3536650, 3536562, 3536563, 3536481, 3535874, 3536495, 3536496, 3536632, 3536633, 3536434, 3535900] into oc-m2-release

Change-Id: I5665b657607cd31a5ca9ce74371037726ba43145

Metrics wifi.proto for connected wifi score

(cherry picked from commit bb367b689605d0ca3641984b4d59bbe13e6861df)

Bug: 67429363
Bug: 71708302
Test: Wifi unit tests

Change-Id: I2993a02e7b3199c2b50dc2ddb7704fc5b6364025
Merged-In: I315613b8ea3aa1d02810ae376c76083d80865d31
(cherry picked from commit 1b8fe6ef73cdeff9ad7faf6bf695657c9b8df7ff)

Merge cherrypicks of [3519487, 3519488, 3520743, 3521264, 3521265] into oc-m2-release

Change-Id: I890e0abea705523c9dc9c38818a74b6d0a939a61

Relax Instant Apps Settings whitelist enforcement

The strict whitelist of settings for Instant Apps is leading to too much
unintended breakage, remove the enforcement until better infrastructure
can be added to make sure settings that should be whitelisted are.

Bug: 71009655
Test: Coming in a follow up

(cherry picked from commit b6108d621002d4de708ae526e7c2bc95dabef080)

Change-Id: Iaa1d71331407cee86c10105c1e5668ffd0c925a1
(cherry picked from commit 26ae1d359e02fe5871177c9adfc90ca571fd0f86)

Fixed AUTOFILL_UI_LATENCY metric.

This metric was using the RESERVED_FOR_LOGBUILDER_COUNTER and hence was not
being picked up.

Bug: 71863561
Fixes: 72175011

Test: adb shell logcat -b events | grep sysui | grep 1136
Test: cts-tradefed run commandAndExit cts-dev -m CtsAutoFillServiceTestCases

Change-Id: I34f701ff5336a413477fd14172d16d8d1e5403ad
(cherry picked from commit b659adb3f3d13049ca1c08fcec2d419ffd7a386b)