Merge tag 'android-security-13.0.0_r29' into staging/lineage-20.0_android-security-13.0.0_r29

    <!-- Whether we should persist the brightness value in nits for the default display even if

         the underlying display device changes. -->

    <bool name="config_persistBrightnessNitsForDefaultDisplay">false</bool>

    <!-- List of protected packages that require biometric authentication for modification

         (Disable, force-stop or uninstalling updates). -->

    <string-array name="config_biometric_protected_package_names" translatable="false" />

</resources>

  <!-- Whether to show weather on the lockscreen by default. -->

  <java-symbol type="bool" name="config_lockscreenWeatherEnabledByDefault" />

  <!-- List of protected packages that require biometric authentication for modification -->

  <java-symbol type="array" name="config_biometric_protected_package_names" />

</resources>

import android.content.pm.ApplicationInfo;

import android.content.pm.PackageInfo;

import android.content.pm.PackageInstaller;

import android.content.pm.PackageInstaller.SessionInfo;

import android.content.pm.PackageManager;

import android.content.pm.ProviderInfo;

import android.net.Uri;

        // If the activity was started via a PackageInstaller session, we retrieve the calling

        // package from that session

        final int sessionId = (isSessionInstall

                ? intent.getIntExtra(PackageInstaller.EXTRA_SESSION_ID, -1)

                : -1);

        if (callingPackage == null && sessionId != -1) {

            PackageInstaller packageInstaller = getPackageManager().getPackageInstaller();

                ? intent.getIntExtra(PackageInstaller.EXTRA_SESSION_ID, SessionInfo.INVALID_ID)

                : SessionInfo.INVALID_ID);

        if (sessionId != SessionInfo.INVALID_ID) {

            PackageInstaller packageInstaller = mPackageManager.getPackageInstaller();

            PackageInstaller.SessionInfo sessionInfo = packageInstaller.getSessionInfo(sessionId);

            callingPackage = (sessionInfo != null) ? sessionInfo.getInstallerPackageName() : null;

            callingAttributionTag =

                    (sessionInfo != null) ? sessionInfo.getInstallerAttributionTag() : null;

            if (sessionInfo != null) {

                callingPackage = sessionInfo.getInstallerPackageName();

                callingAttributionTag = sessionInfo.getInstallerAttributionTag();

            }

        }

        final ApplicationInfo sourceInfo = getSourceInfo(callingPackage);

    private ApplicationInfo getSourceInfo(@Nullable String callingPackage) {

        if (callingPackage != null) {

            try {

                return getPackageManager().getApplicationInfo(callingPackage, 0);

                return mPackageManager.getApplicationInfo(callingPackage, 0);

            } catch (PackageManager.NameNotFoundException ex) {

                // ignore

            }

    }

    private boolean isSystemDownloadsProvider(int uid) {

        final ProviderInfo downloadProviderPackage = getPackageManager().resolveContentProvider(

        final ProviderInfo downloadProviderPackage = mPackageManager.resolveContentProvider(

                DOWNLOADS_AUTHORITY, 0);

        if (downloadProviderPackage == null) {

            // There seems to be no currently enabled downloads provider on the system.

                            + " (pid=" + Binder.getCallingPid()

                            + ") when registering receiver " + receiver);

                }

                if (callerApp.info.uid != SYSTEM_UID

                        && !callerApp.getPkgList().containsKey(callerPackage)

                        && !"android".equals(callerPackage)) {

                if (!UserHandle.isCore(callerApp.info.uid)

                        && !callerApp.getPkgList().containsKey(callerPackage)) {

                    throw new SecurityException("Given caller package " + callerPackage

                            + " is not running in process " + callerApp);

                }

package com.android.server.am;

import static android.app.ActivityManager.START_SUCCESS;

import static android.os.PowerWhitelistManager.TEMPORARY_ALLOWLIST_TYPE_FOREGROUND_SERVICE_ALLOWED;

import static android.os.PowerWhitelistManager.TEMPORARY_ALLOWLIST_TYPE_FOREGROUND_SERVICE_NOT_ALLOWED;

import static com.android.server.am.ActivityManagerDebugConfig.DEBUG_BROADCAST_LIGHT;

import static com.android.server.am.ActivityManagerDebugConfig.TAG_AM;

import android.util.Slog;

import android.util.TimeUtils;

import com.android.internal.annotations.VisibleForTesting;

import com.android.internal.os.IResultReceiver;

import com.android.internal.util.function.pooled.PooledLambda;

import com.android.server.wm.SafeActivityOptions;

        this.stringName = null;

    }

    @VisibleForTesting TempAllowListDuration getAllowlistDurationLocked(IBinder allowlistToken) {

        return mAllowlistDuration.get(allowlistToken);

    }

    void setAllowBgActivityStarts(IBinder token, int flags) {

        if (token == null) return;

        if ((flags & FLAG_ACTIVITY_SENDER) != 0) {

        mAllowBgActivityStartsForActivitySender.remove(token);

        mAllowBgActivityStartsForBroadcastSender.remove(token);

        mAllowBgActivityStartsForServiceSender.remove(token);

        if (mAllowlistDuration != null) {

            TempAllowListDuration duration = mAllowlistDuration.get(token);

            if (duration != null

                    && duration.type == TEMPORARY_ALLOWLIST_TYPE_FOREGROUND_SERVICE_ALLOWED) {

                duration.type = TEMPORARY_ALLOWLIST_TYPE_FOREGROUND_SERVICE_NOT_ALLOWED;

            }

        }

    }

    public void registerCancelListenerLocked(IResultReceiver receiver) {

        return res;

    }

    @VisibleForTesting boolean getBackgroundStartPrivilegesForActivitySender(

            IBinder allowlistToken) {

        return mAllowBgActivityStartsForActivitySender.contains(allowlistToken);

    }

    @Override

    protected void finalize() throws Throwable {

        try {