Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Unverified Commit 411dc624 authored by Kevin F. Haggerty's avatar Kevin F. Haggerty
Browse files

Merge tag 'android-security-14.0.0_r21' into staging/lineage-21.0_android-security-14.0.0_r21 

Android security 14.0.0 release 21

* tag 'android-security-14.0.0_r21':
  PM: Restrict subclass construction.
  Guard against excessively long package names and certificates.
  fix: Unbind an A11yService from onNullBinding
  Fixing the default values for pending intent at LocationPendingIntentTransport.
  Use ParceledListSlice for ZenModeConfig and AutomaticZenRules
  DO NOT MERGE: Verify KeyEvents in IME
  Zero-initialize CursorWindow buffer
  Only allow load frro drawables from frro directory

Conflicts:
	core/java/android/app/AutomaticZenRule.java
	core/java/android/app/INotificationManager.aidl
	core/java/android/app/NotificationManager.java
	core/java/android/content/res/ResourcesImpl.java
	core/java/android/service/notification/ZenModeConfig.java
	services/core/java/com/android/server/notification/NotificationManagerService.java
	services/tests/uiservicestests/src/com/android/server/notification/ZenModeConfigTest.java

Change-Id: I4129c2999da5132d225280e52d9f583b21faec98
parents 388d4eee 97a40b9d

apex/blobstore/framework/java/android/app/blob/BlobStoreManager.java

+28 −0
Original line number Diff line number Diff line
@@ -32,11 +32,13 @@ import android.os.RemoteCallback; 
import android.os.RemoteException;

import android.os.UserHandle;



import com.android.internal.util.Preconditions;

import com.android.internal.util.function.pooled.PooledLambda;



import java.io.Closeable;

import java.io.IOException;

import java.util.List;

import java.util.Objects;

import java.util.concurrent.CountDownLatch;

import java.util.concurrent.Executor;

import java.util.concurrent.TimeUnit;
@@ -153,6 +155,26 @@ public class BlobStoreManager { 
    private final Context mContext;

    private final IBlobStoreManager mService;



    // TODO: b/404309424 - Make these constants available using a test-api to avoid hardcoding

    // them in tests.

    /**

     * The maximum allowed length for the package name, provided using

     * {@link BlobStoreManager.Session#allowPackageAccess(String, byte[])}.

     *

     * This is the same limit that is already used for limiting the length of the package names

     * at android.content.pm.parsing.FrameworkParsingPackageUtils#MAX_FILE_NAME_SIZE.

     *

     * @hide

     */

    public static final int MAX_PACKAGE_NAME_LENGTH = 223;

    /**

     * The maximum allowed length for the certificate, provided using

     * {@link BlobStoreManager.Session#allowPackageAccess(String, byte[])}.

     *

     * @hide

     */

    public static final int MAX_CERTIFICATE_LENGTH = 32;



    /** @hide */

    public BlobStoreManager(@NonNull Context context, @NonNull IBlobStoreManager service) {

        mContext = context;
@@ -786,6 +808,12 @@ public class BlobStoreManager { 
         */

        public void allowPackageAccess(@NonNull String packageName, @NonNull byte[] certificate)

                throws IOException {

            Objects.requireNonNull(packageName);

            Preconditions.checkArgument(packageName.length() <= MAX_PACKAGE_NAME_LENGTH,

                    "packageName is longer than " + MAX_PACKAGE_NAME_LENGTH + " chars");

            Objects.requireNonNull(certificate);

            Preconditions.checkArgument(certificate.length <= MAX_CERTIFICATE_LENGTH,

                    "certificate is longer than " + MAX_CERTIFICATE_LENGTH + " chars");

            try {

                mSession.allowPackageAccess(packageName, certificate);

            } catch (ParcelableException e) {

apex/blobstore/service/java/com/android/server/blob/BlobStoreSession.java

+7 −0
Original line number Diff line number Diff line
@@ -16,6 +16,8 @@ 
package com.android.server.blob;



import static android.app.blob.BlobStoreManager.COMMIT_RESULT_ERROR;

import static android.app.blob.BlobStoreManager.MAX_CERTIFICATE_LENGTH;

import static android.app.blob.BlobStoreManager.MAX_PACKAGE_NAME_LENGTH;

import static android.app.blob.XmlTags.ATTR_CREATION_TIME_MS;

import static android.app.blob.XmlTags.ATTR_ID;

import static android.app.blob.XmlTags.ATTR_PACKAGE;
@@ -328,6 +330,11 @@ class BlobStoreSession extends IBlobStoreSession.Stub { 
            @NonNull byte[] certificate) {

        assertCallerIsOwner();

        Objects.requireNonNull(packageName, "packageName must not be null");

        Preconditions.checkArgument(packageName.length() <= MAX_PACKAGE_NAME_LENGTH,

                "packageName is longer than " + MAX_PACKAGE_NAME_LENGTH + " chars");

        Objects.requireNonNull(certificate, "certificate must not be null");

        Preconditions.checkArgument(certificate.length <= MAX_CERTIFICATE_LENGTH,

                "certificate is longer than " + MAX_CERTIFICATE_LENGTH + " chars");

        synchronized (mSessionLock) {

            if (mState != STATE_OPENED) {

                throw new IllegalStateException("Not allowed to change access type in state: "

core/java/android/app/AutomaticZenRule.aidl

+3 −1
Original line number Diff line number Diff line
@@ -17,3 +17,5 @@ 
package android.app;



parcelable AutomaticZenRule;



parcelable AutomaticZenRule.AzrWithId;
 
 No newline at end of file

core/java/android/app/AutomaticZenRule.java

+43 −6
Original line number Diff line number Diff line
@@ -234,7 +234,7 @@ public final class AutomaticZenRule implements Parcelable { 
    public AutomaticZenRule(Parcel source) {

        enabled = source.readInt() == ENABLED;

        if (source.readInt() == ENABLED) {

            name = getTrimmedString(source.readString());

            name = getTrimmedString(source.readString8());

        }

        interruptionFilter = source.readInt();

        conditionId = getTrimmedUri(source.readParcelable(null, android.net.Uri.class));
@@ -245,12 +245,12 @@ public final class AutomaticZenRule implements Parcelable { 
        creationTime = source.readLong();

        mZenPolicy = source.readParcelable(null, ZenPolicy.class);

        mModified = source.readInt() == ENABLED;

        mPkg = source.readString();

        mPkg = source.readString8();

        if (Flags.modesApi()) {

            mDeviceEffects = source.readParcelable(null, ZenDeviceEffects.class);

            mAllowManualInvocation = source.readBoolean();

            mIconResId = source.readInt();

            mTriggerDescription = getTrimmedString(source.readString(), MAX_DESC_LENGTH);

            mTriggerDescription = getTrimmedString(source.readString8(), MAX_DESC_LENGTH);

            mType = source.readInt();

        }

    }
@@ -516,7 +516,7 @@ public final class AutomaticZenRule implements Parcelable { 
        dest.writeInt(enabled ? ENABLED : DISABLED);

        if (name != null) {

            dest.writeInt(1);

            dest.writeString(name);

            dest.writeString8(name);

        } else {

            dest.writeInt(0);

        }
@@ -527,12 +527,12 @@ public final class AutomaticZenRule implements Parcelable { 
        dest.writeLong(creationTime);

        dest.writeParcelable(mZenPolicy, 0);

        dest.writeInt(mModified ? ENABLED : DISABLED);

        dest.writeString(mPkg);

        dest.writeString8(mPkg);

        if (Flags.modesApi()) {

            dest.writeParcelable(mDeviceEffects, 0);

            dest.writeBoolean(mAllowManualInvocation);

            dest.writeInt(mIconResId);

            dest.writeString(mTriggerDescription);

            dest.writeString8(mTriggerDescription);

            dest.writeInt(mType);

        }

    }
@@ -848,4 +848,41 @@ public final class AutomaticZenRule implements Parcelable { 
            return rule;

        }

    }



    /** @hide */

    public static final class AzrWithId implements Parcelable {

        public final String mId;

        public final AutomaticZenRule mRule;



        public AzrWithId(String id, AutomaticZenRule rule) {

            mId = id;

            mRule = rule;

        }



        public static final Creator<AzrWithId> CREATOR = new Creator<>() {

            @Override

            public AzrWithId createFromParcel(Parcel in) {

                return new AzrWithId(

                        in.readString8(),

                        in.readParcelable(AutomaticZenRule.class.getClassLoader(),

                                AutomaticZenRule.class));

            }



            @Override

            public AzrWithId[] newArray(int size) {

                return new AzrWithId[size];

            }

        };



        @Override

        public void writeToParcel(@NonNull Parcel dest, int flags) {

            dest.writeString8(mId);

            dest.writeParcelable(mRule, flags);

        }



        @Override

        public int describeContents() {

            return 0;

        }

    }

}

core/java/android/app/INotificationManager.aidl

+2 −2
Original line number Diff line number Diff line
@@ -219,9 +219,9 @@ interface INotificationManager 
    void setNotificationPolicyAccessGrantedForUser(String pkg, int userId, boolean granted);

    ZenPolicy getDefaultZenPolicy();

    AutomaticZenRule getAutomaticZenRule(String id);

    Map<String, AutomaticZenRule> getAutomaticZenRules();

    ParceledListSlice<AutomaticZenRule.AzrWithId> getAutomaticZenRules();

    // TODO: b/310620812 - Remove getZenRules() when MODES_API is inlined.

    List<ZenModeConfig.ZenRule> getZenRules();

    ParceledListSlice<ZenModeConfig.ZenRule> getZenRules();

    String addAutomaticZenRule(in AutomaticZenRule automaticZenRule, String pkg, boolean fromUser);

    boolean updateAutomaticZenRule(String id, in AutomaticZenRule automaticZenRule, boolean fromUser);

    boolean removeAutomaticZenRule(String id, boolean fromUser);