Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Unverified Commit d045f50e authored by Kevin F. Haggerty's avatar Kevin F. Haggerty
Browse files

Merge tag 'android-security-11.0.0_r55' into staging/lineage-18.1_merge_android-security-11.0.0_r55 

Android Security 11.0.0 Release 55 (8287685)

* tag 'android-security-11.0.0_r55':
  Always restart apps if base.apk gets updated.
  Verify caller before auto granting slice permission
  [DO NOT MERGE] Keyguard - Treat messsages to lock with priority
  [RESTRICT AUTOMERGE] Do not resume activity if behind a translucent task
  Filter notification APIs by user

Conflicts:
	services/core/java/com/android/server/wm/RootWindowContainer.java

Change-Id: I3de384c44e161c0ad6b2dd0540e9ad0eb5346c11
parents d2150153 cb70b693

core/java/android/content/pm/IPackageInstallerSession.aidl

+1 −0
Original line number Diff line number Diff line
@@ -51,4 +51,5 @@ interface IPackageInstallerSession { 
    int getParentSessionId();



    boolean isStaged();

    int getInstallFlags();

}

core/java/android/content/pm/PackageInstaller.java

+12 −0
Original line number Diff line number Diff line
@@ -1358,6 +1358,18 @@ public class PackageInstaller { 
            }

        }



        /**

         * @return Session's {@link SessionParams#installFlags}.

         * @hide

         */

        public int getInstallFlags() {

            try {

                return mSession.getInstallFlags();

            } catch (RemoteException e) {

                throw e.rethrowFromSystemServer();

            }

        }



        /**

         * @return the session ID of the multi-package session that this belongs to or

         * {@link SessionInfo#INVALID_ID} if it does not belong to a multi-package session.

core/java/com/android/internal/policy/IKeyguardStateCallback.aidl

+1 −1
Original line number Diff line number Diff line
@@ -16,7 +16,7 @@ 
package com.android.internal.policy;



interface IKeyguardStateCallback {

    void onShowingStateChanged(boolean showing);

    void onShowingStateChanged(boolean showing, int userId);

    void onSimSecureStateChanged(boolean simSecure);

    void onInputRestrictedStateChanged(boolean inputRestricted);

    void onTrustedChanged(boolean trusted);

packages/SystemUI/src/com/android/systemui/keyguard/KeyguardViewMediator.java

+11 −5
Original line number Diff line number Diff line
@@ -1325,7 +1325,9 @@ public class KeyguardViewMediator extends SystemUI implements Dumpable { 
    public void doKeyguardTimeout(Bundle options) {

        mHandler.removeMessages(KEYGUARD_TIMEOUT);

        Message msg = mHandler.obtainMessage(KEYGUARD_TIMEOUT, options);

        mHandler.sendMessage(msg);

        // Treat these messages with priority - A call to timeout means the device should lock

        // as soon as possible and not wait for other messages on the thread to process first.

        mHandler.sendMessageAtFrontOfQueue(msg);

    }



    /**
@@ -1539,12 +1541,15 @@ public class KeyguardViewMediator extends SystemUI implements Dumpable { 
     * @see #handleShow

     */

    private void showLocked(Bundle options) {

        Trace.beginSection("KeyguardViewMediator#showLocked aqcuiring mShowKeyguardWakeLock");

        Trace.beginSection("KeyguardViewMediator#showLocked acquiring mShowKeyguardWakeLock");

        if (DEBUG) Log.d(TAG, "showLocked");

        // ensure we stay awake until we are finished displaying the keyguard

        mShowKeyguardWakeLock.acquire();

        Message msg = mHandler.obtainMessage(SHOW, options);

        mHandler.sendMessage(msg);

        // Treat these messages with priority - This call can originate from #doKeyguardTimeout,

        // meaning the device should lock as soon as possible and not wait for other messages on

        // the thread to process first.

        mHandler.sendMessageAtFrontOfQueue(msg);

        Trace.endSection();

    }
@@ -1706,6 +1711,7 @@ public class KeyguardViewMediator extends SystemUI implements Dumpable { 
                case KEYGUARD_TIMEOUT:

                    synchronized (KeyguardViewMediator.this) {

                        doKeyguardLocked((Bundle) msg.obj);

                        notifyDefaultDisplayCallbacks(mShowing);

                    }

                    break;

                case DISMISS:
@@ -2328,7 +2334,7 @@ public class KeyguardViewMediator extends SystemUI implements Dumpable { 
            for (int i = size - 1; i >= 0; i--) {

                IKeyguardStateCallback callback = mKeyguardStateCallbacks.get(i);

                try {

                    callback.onShowingStateChanged(showing);

                    callback.onShowingStateChanged(showing, KeyguardUpdateMonitor.getCurrentUser());

                } catch (RemoteException e) {

                    Slog.w(TAG, "Failed to call onShowingStateChanged", e);

                    if (e instanceof DeadObjectException) {
@@ -2377,7 +2383,7 @@ public class KeyguardViewMediator extends SystemUI implements Dumpable { 
            mKeyguardStateCallbacks.add(callback);

            try {

                callback.onSimSecureStateChanged(mUpdateMonitor.isSimPinSecure());

                callback.onShowingStateChanged(mShowing);

                callback.onShowingStateChanged(mShowing, KeyguardUpdateMonitor.getCurrentUser());

                callback.onInputRestrictedStateChanged(mInputRestricted);

                callback.onTrustedChanged(mUpdateMonitor.getUserHasTrust(

                        KeyguardUpdateMonitor.getCurrentUser()));

services/core/java/com/android/server/notification/NotificationManagerService.java

+28 −9
Original line number Diff line number Diff line
@@ -595,7 +595,14 @@ public class NotificationManagerService extends SystemService { 
            return mBuffer.descendingIterator();

        }



        public StatusBarNotification[] getArray(int count, boolean includeSnoozed) {

        public StatusBarNotification[] getArray(UserManager um, int count, boolean includeSnoozed) {

            ArrayList<Integer> currentUsers = new ArrayList<>();

            currentUsers.add(UserHandle.USER_ALL);

            Binder.withCleanCallingIdentity(() -> {

                for (int user : um.getProfileIds(ActivityManager.getCurrentUser(), false)) {

                    currentUsers.add(user);

                }

            });

            if (count == 0) count = mBufferSize;

            List<StatusBarNotification> a = new ArrayList();

            Iterator<Pair<StatusBarNotification, Integer>> iter = descendingIterator();
@@ -603,10 +610,12 @@ public class NotificationManagerService extends SystemService { 
            while (iter.hasNext() && i < count) {

                Pair<StatusBarNotification, Integer> pair = iter.next();

                if (pair.second != REASON_SNOOZED || includeSnoozed) {

                    if (currentUsers.contains(pair.first.getUserId())) {

                        i++;

                        a.add(pair.first);

                    }

                }

            }

            return  a.toArray(new StatusBarNotification[a.size()]);

        }
@@ -3831,22 +3840,32 @@ public class NotificationManagerService extends SystemService { 
                    android.Manifest.permission.ACCESS_NOTIFICATIONS,

                    "NotificationManagerService.getActiveNotifications");



            StatusBarNotification[] tmp = null;

            ArrayList<StatusBarNotification> tmp = new ArrayList<>();

            int uid = Binder.getCallingUid();



            ArrayList<Integer> currentUsers = new ArrayList<>();

            currentUsers.add(UserHandle.USER_ALL);

            Binder.withCleanCallingIdentity(() -> {

                for (int user : mUm.getProfileIds(ActivityManager.getCurrentUser(), false)) {

                    currentUsers.add(user);

                }

            });



            // noteOp will check to make sure the callingPkg matches the uid

            if (mAppOps.noteOpNoThrow(AppOpsManager.OP_ACCESS_NOTIFICATIONS, uid, callingPkg,

                    callingAttributionTag, null)

                    == AppOpsManager.MODE_ALLOWED) {

                synchronized (mNotificationLock) {

                    tmp = new StatusBarNotification[mNotificationList.size()];

                    final int N = mNotificationList.size();

                    for (int i = 0; i < N; i++) {

                        tmp[i] = mNotificationList.get(i).getSbn();

                        final StatusBarNotification sbn = mNotificationList.get(i).getSbn();

                        if (currentUsers.contains(sbn.getUserId())) {

                            tmp.add(sbn);

                        }

                    }

                }

            return tmp;

            }

            return tmp.toArray(new StatusBarNotification[tmp.size()]);

        }



        /**
@@ -3955,7 +3974,7 @@ public class NotificationManagerService extends SystemService { 
                    callingAttributionTag, null)

                    == AppOpsManager.MODE_ALLOWED) {

                synchronized (mArchive) {

                    tmp = mArchive.getArray(count, includeSnoozed);

                    tmp = mArchive.getArray(mUm, count, includeSnoozed);

                }

            }

            return tmp;