Merge tag 'android-security-15.0.0_r9' into lineage-22.2 (ac5d174b) · Commits · e / os / android_frameworks_base

apex/blobstore/framework/java/android/app/blob/BlobStoreManager.java

+28 −0

Original line number	Original line	Diff line number	Diff line
	@@ -32,11 +32,13 @@ import android.os.RemoteCallback;
	import android.os.RemoteException;		import android.os.RemoteException;
	import android.os.UserHandle;		import android.os.UserHandle;

			import com.android.internal.util.Preconditions;
	import com.android.internal.util.function.pooled.PooledLambda;		import com.android.internal.util.function.pooled.PooledLambda;

	import java.io.Closeable;		import java.io.Closeable;
	import java.io.IOException;		import java.io.IOException;
	import java.util.List;		import java.util.List;
			import java.util.Objects;
	import java.util.concurrent.CountDownLatch;		import java.util.concurrent.CountDownLatch;
	import java.util.concurrent.Executor;		import java.util.concurrent.Executor;
	import java.util.concurrent.TimeUnit;		import java.util.concurrent.TimeUnit;
	@@ -153,6 +155,26 @@ public class BlobStoreManager {
	private final Context mContext;		private final Context mContext;
	private final IBlobStoreManager mService;		private final IBlobStoreManager mService;

			// TODO: b/404309424 - Make these constants available using a test-api to avoid hardcoding
			// them in tests.
			/**
			* The maximum allowed length for the package name, provided using
			* {@link BlobStoreManager.Session#allowPackageAccess(String, byte[])}.
			*
			* This is the same limit that is already used for limiting the length of the package names
			* at android.content.pm.parsing.FrameworkParsingPackageUtils#MAX_FILE_NAME_SIZE.
			*
			* @hide
			*/
			public static final int MAX_PACKAGE_NAME_LENGTH = 223;
			/**
			* The maximum allowed length for the certificate, provided using
			* {@link BlobStoreManager.Session#allowPackageAccess(String, byte[])}.
			*
			* @hide
			*/
			public static final int MAX_CERTIFICATE_LENGTH = 32;

	/** @hide */		/** @hide */
	public BlobStoreManager(@NonNull Context context, @NonNull IBlobStoreManager service) {		public BlobStoreManager(@NonNull Context context, @NonNull IBlobStoreManager service) {
	mContext = context;		mContext = context;
	@@ -786,6 +808,12 @@ public class BlobStoreManager {
	*/		*/
	public void allowPackageAccess(@NonNull String packageName, @NonNull byte[] certificate)		public void allowPackageAccess(@NonNull String packageName, @NonNull byte[] certificate)
	throws IOException {		throws IOException {
			Objects.requireNonNull(packageName);
			Preconditions.checkArgument(packageName.length() <= MAX_PACKAGE_NAME_LENGTH,
			"packageName is longer than " + MAX_PACKAGE_NAME_LENGTH + " chars");
			Objects.requireNonNull(certificate);
			Preconditions.checkArgument(certificate.length <= MAX_CERTIFICATE_LENGTH,
			"certificate is longer than " + MAX_CERTIFICATE_LENGTH + " chars");
	try {		try {
	mSession.allowPackageAccess(packageName, certificate);		mSession.allowPackageAccess(packageName, certificate);
	} catch (ParcelableException e) {		} catch (ParcelableException e) {

apex/blobstore/service/java/com/android/server/blob/BlobStoreSession.java

+7 −0

Original line number	Original line	Diff line number	Diff line
	@@ -16,6 +16,8 @@
	package com.android.server.blob;		package com.android.server.blob;

	import static android.app.blob.BlobStoreManager.COMMIT_RESULT_ERROR;		import static android.app.blob.BlobStoreManager.COMMIT_RESULT_ERROR;
			import static android.app.blob.BlobStoreManager.MAX_CERTIFICATE_LENGTH;
			import static android.app.blob.BlobStoreManager.MAX_PACKAGE_NAME_LENGTH;
	import static android.app.blob.XmlTags.ATTR_CREATION_TIME_MS;		import static android.app.blob.XmlTags.ATTR_CREATION_TIME_MS;
	import static android.app.blob.XmlTags.ATTR_ID;		import static android.app.blob.XmlTags.ATTR_ID;
	import static android.app.blob.XmlTags.ATTR_PACKAGE;		import static android.app.blob.XmlTags.ATTR_PACKAGE;
	@@ -328,6 +330,11 @@ class BlobStoreSession extends IBlobStoreSession.Stub {
	@NonNull byte[] certificate) {		@NonNull byte[] certificate) {
	assertCallerIsOwner();		assertCallerIsOwner();
	Objects.requireNonNull(packageName, "packageName must not be null");		Objects.requireNonNull(packageName, "packageName must not be null");
			Preconditions.checkArgument(packageName.length() <= MAX_PACKAGE_NAME_LENGTH,
			"packageName is longer than " + MAX_PACKAGE_NAME_LENGTH + " chars");
			Objects.requireNonNull(certificate, "certificate must not be null");
			Preconditions.checkArgument(certificate.length <= MAX_CERTIFICATE_LENGTH,
			"certificate is longer than " + MAX_CERTIFICATE_LENGTH + " chars");
	synchronized (mSessionLock) {		synchronized (mSessionLock) {
	if (mState != STATE_OPENED) {		if (mState != STATE_OPENED) {
	throw new IllegalStateException("Not allowed to change access type in state: "		throw new IllegalStateException("Not allowed to change access type in state: "

core/java/android/app/AutomaticZenRule.aidl

+3 −1

Original line number	Original line	Diff line number	Diff line
	@@ -17,3 +17,5 @@
	package android.app;		package android.app;

	parcelable AutomaticZenRule;		parcelable AutomaticZenRule;

			parcelable AutomaticZenRule.AzrWithId;
			No newline at end of file

core/java/android/app/AutomaticZenRule.java

+43 −6

Original line number	Original line	Diff line number	Diff line
	@@ -241,7 +241,7 @@ public final class AutomaticZenRule implements Parcelable {
	public AutomaticZenRule(Parcel source) {		public AutomaticZenRule(Parcel source) {
	enabled = source.readInt() == ENABLED;		enabled = source.readInt() == ENABLED;
	if (source.readInt() == ENABLED) {		if (source.readInt() == ENABLED) {
	name = getTrimmedString(source.readString());		name = getTrimmedString(source.readString8());
	}		}
	interruptionFilter = source.readInt();		interruptionFilter = source.readInt();
	conditionId = getTrimmedUri(source.readParcelable(null, android.net.Uri.class));		conditionId = getTrimmedUri(source.readParcelable(null, android.net.Uri.class));
	@@ -252,12 +252,12 @@ public final class AutomaticZenRule implements Parcelable {
	creationTime = source.readLong();		creationTime = source.readLong();
	mZenPolicy = source.readParcelable(null, ZenPolicy.class);		mZenPolicy = source.readParcelable(null, ZenPolicy.class);
	mModified = source.readInt() == ENABLED;		mModified = source.readInt() == ENABLED;
	mPkg = source.readString();		mPkg = source.readString8();
	if (Flags.modesApi()) {		if (Flags.modesApi()) {
	mDeviceEffects = source.readParcelable(null, ZenDeviceEffects.class);		mDeviceEffects = source.readParcelable(null, ZenDeviceEffects.class);
	mAllowManualInvocation = source.readBoolean();		mAllowManualInvocation = source.readBoolean();
	mIconResId = source.readInt();		mIconResId = source.readInt();
	mTriggerDescription = getTrimmedString(source.readString(), MAX_DESC_LENGTH);		mTriggerDescription = getTrimmedString(source.readString8(), MAX_DESC_LENGTH);
	mType = source.readInt();		mType = source.readInt();
	}		}
	}		}
	@@ -561,7 +561,7 @@ public final class AutomaticZenRule implements Parcelable {
	dest.writeInt(enabled ? ENABLED : DISABLED);		dest.writeInt(enabled ? ENABLED : DISABLED);
	if (name != null) {		if (name != null) {
	dest.writeInt(1);		dest.writeInt(1);
	dest.writeString(name);		dest.writeString8(name);
	} else {		} else {
	dest.writeInt(0);		dest.writeInt(0);
	}		}
	@@ -572,12 +572,12 @@ public final class AutomaticZenRule implements Parcelable {
	dest.writeLong(creationTime);		dest.writeLong(creationTime);
	dest.writeParcelable(mZenPolicy, 0);		dest.writeParcelable(mZenPolicy, 0);
	dest.writeInt(mModified ? ENABLED : DISABLED);		dest.writeInt(mModified ? ENABLED : DISABLED);
	dest.writeString(mPkg);		dest.writeString8(mPkg);
	if (Flags.modesApi()) {		if (Flags.modesApi()) {
	dest.writeParcelable(mDeviceEffects, 0);		dest.writeParcelable(mDeviceEffects, 0);
	dest.writeBoolean(mAllowManualInvocation);		dest.writeBoolean(mAllowManualInvocation);
	dest.writeInt(mIconResId);		dest.writeInt(mIconResId);
	dest.writeString(mTriggerDescription);		dest.writeString8(mTriggerDescription);
	dest.writeInt(mType);		dest.writeInt(mType);
	}		}
	}		}
	@@ -905,4 +905,41 @@ public final class AutomaticZenRule implements Parcelable {
	return rule;		return rule;
	}		}
	}		}

			/** @hide */
			public static final class AzrWithId implements Parcelable {
			public final String mId;
			public final AutomaticZenRule mRule;

			public AzrWithId(String id, AutomaticZenRule rule) {
			mId = id;
			mRule = rule;
			}

			public static final Creator<AzrWithId> CREATOR = new Creator<>() {
			@Override
			public AzrWithId createFromParcel(Parcel in) {
			return new AzrWithId(
			in.readString8(),
			in.readParcelable(AutomaticZenRule.class.getClassLoader(),
			AutomaticZenRule.class));
			}

			@Override
			public AzrWithId[] newArray(int size) {
			return new AzrWithId[size];
			}
			};

			@Override
			public void writeToParcel(@NonNull Parcel dest, int flags) {
			dest.writeString8(mId);
			dest.writeParcelable(mRule, flags);
			}

			@Override
			public int describeContents() {
			return 0;
			}
			}
	}		}

core/java/android/app/INotificationManager.aidl

+2 −2

Original line number	Original line	Diff line number	Diff line
	@@ -222,9 +222,9 @@ interface INotificationManager
	void setNotificationPolicyAccessGrantedForUser(String pkg, int userId, boolean granted);		void setNotificationPolicyAccessGrantedForUser(String pkg, int userId, boolean granted);
	ZenPolicy getDefaultZenPolicy();		ZenPolicy getDefaultZenPolicy();
	AutomaticZenRule getAutomaticZenRule(String id);		AutomaticZenRule getAutomaticZenRule(String id);
	Map<String, AutomaticZenRule> getAutomaticZenRules();		ParceledListSlice<AutomaticZenRule.AzrWithId> getAutomaticZenRules();
	// TODO: b/310620812 - Remove getZenRules() when MODES_API is inlined.		// TODO: b/310620812 - Remove getZenRules() when MODES_API is inlined.
	List<ZenModeConfig.ZenRule> getZenRules();		ParceledListSlice<ZenModeConfig.ZenRule> getZenRules();
	String addAutomaticZenRule(in AutomaticZenRule automaticZenRule, String pkg, boolean fromUser);		String addAutomaticZenRule(in AutomaticZenRule automaticZenRule, String pkg, boolean fromUser);
	boolean updateAutomaticZenRule(String id, in AutomaticZenRule automaticZenRule, boolean fromUser);		boolean updateAutomaticZenRule(String id, in AutomaticZenRule automaticZenRule, boolean fromUser);
	boolean removeAutomaticZenRule(String id, boolean fromUser);		boolean removeAutomaticZenRule(String id, boolean fromUser);