Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Unverified Commit e6254956 authored by Michael Bestas's avatar Michael Bestas
Browse files

Merge tag 'android-14.0.0_r53' into staging/lineage-21.0_merge-android-14.0.0_r53 

Android 14.0.0 release 53

# -----BEGIN PGP SIGNATURE-----
#
# iF0EABECAB0WIQRDQNE1cO+UXoOBCWTorT+BmrEOeAUCZoRX5AAKCRDorT+BmrEO
# eNztAJwL49zXuIdAUa6fEb0OhVDR1cYB4ACeOVBE7F4xTYdZIRH3Gn5DeFwAkLQ=
# =jkFb
# -----END PGP SIGNATURE-----
# gpg: Signature made Tue Jul  2 22:41:24 2024 EEST
# gpg:                using DSA key 4340D13570EF945E83810964E8AD3F819AB10E78
# gpg: Good signature from "The Android Open Source Project <initial-contribution@android.com>" [marginal]
# gpg: initial-contribution@android.com: Verified 2554 signatures in the past
#      2 years.  Encrypted 4 messages in the past 2 years.
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg:          It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 4340 D135 70EF 945E 8381  0964 E8AD 3F81 9AB1 0E78

# By Ivan Chiang (2) and others
# Via Android Build Coastguard Worker
* tag 'android-14.0.0_r53':
  Fix HardwareRenderers becoming invalidated by TRIM
  Ensure that EdgeBackGestureHandler receives all configuration updates
  Don't prevent group volume adjustment in SysUI
  Don't cancel PendingIntents unless the stay_stopped flag is on.
  Fix update failure if font family was installed and upgraded to 14
  Allow to collect moving back task in open transition
  Prevent TextView refocus on escape key press
  Fix security vulnerability allowing apps to start from background
  [PM] Send ACTION_PACKAGE_CHANGED when the app is installed
  [PM] Send ACTION_PACKAGE_CHANGED when mimeGroups are changed
  Verify UID of incoming Zygote connections.

 Conflicts:
	packages/SystemUI/src/com/android/systemui/navigationbar/NavigationBarControllerImpl.java

Change-Id: I032368d140bb3adea5530189f0999c369da966ad
parents 3e39d48f 4d553c25

core/java/android/view/View.java

+2 −1
Original line number Diff line number Diff line
@@ -8430,8 +8430,9 @@ public class View implements Drawable.Callback, KeyEvent.Callback, 
     *            hierarchy

     * @param refocus when propagate is true, specifies whether to request the

     *            root view place new focus

     * @hide

     */

    void clearFocusInternal(View focused, boolean propagate, boolean refocus) {

    public void clearFocusInternal(View focused, boolean propagate, boolean refocus) {

        if ((mPrivateFlags & PFLAG_FOCUSED) != 0) {

            mPrivateFlags &= ~PFLAG_FOCUSED;

            clearParentsWantFocus();

core/java/android/widget/TextView.java

+1 −1
Original line number Diff line number Diff line
@@ -9733,7 +9733,7 @@ public class TextView extends View implements ViewTreeObserver.OnPreDrawListener 
                        return KEY_EVENT_HANDLED;

                    }

                    if (hasFocus()) {

                        clearFocus();

                        clearFocusInternal(null, /* propagate */ true, /* refocus */ false);

                        InputMethodManager imm = getInputMethodManager();

                        if (imm != null) {

                            imm.hideSoftInputFromView(this, 0);

core/java/com/android/internal/os/ZygoteConnection.java

+3 −0
Original line number Diff line number Diff line
@@ -93,6 +93,9 @@ class ZygoteConnection { 
            throw ex;

        }



        if (peer.getUid() != Process.SYSTEM_UID) {

            throw new ZygoteSecurityException("Only system UID is allowed to connect to Zygote.");

        }

        isEof = false;

    }

core/jni/com_android_internal_os_ZygoteCommandBuffer.cpp

+53 −29
Original line number Diff line number Diff line
@@ -354,6 +354,18 @@ jstring com_android_internal_os_ZygoteCommandBuffer_nativeNextArg(JNIEnv* env, j 
  return result;

}



static uid_t getSocketPeerUid(int socket, const std::function<void(const std::string&)>& fail_fn) {

  struct ucred credentials;

  socklen_t cred_size = sizeof credentials;

  if (getsockopt(socket, SOL_SOCKET, SO_PEERCRED, &credentials, &cred_size) == -1

      || cred_size != sizeof credentials) {

    fail_fn(CREATE_ERROR("Failed to get socket credentials, %s",

                         strerror(errno)));

  }



  return credentials.uid;

}



// Read all lines from the current command into the buffer, and then reset the buffer, so

// we will start reading again at the beginning of the command, starting with the argument

// count. And we don't need access to the fd to do so.
@@ -413,19 +425,12 @@ jboolean com_android_internal_os_ZygoteCommandBuffer_nativeForkRepeatedly( 
    fail_fn_z("Failed to retrieve session socket timeout");

  }



  struct ucred credentials;

  socklen_t cred_size = sizeof credentials;

  if (getsockopt(n_buffer->getFd(), SOL_SOCKET, SO_PEERCRED, &credentials, &cred_size) == -1

      || cred_size != sizeof credentials) {

    fail_fn_1(CREATE_ERROR("ForkRepeatedly failed to get initial credentials, %s",

                           strerror(errno)));

  uid_t peerUid = getSocketPeerUid(session_socket, fail_fn_1);

  if (peerUid != static_cast<uid_t>(expected_uid)) {

    return JNI_FALSE;

  }



  bool first_time = true;

  do {

    if (credentials.uid != static_cast<uid_t>(expected_uid)) {

      return JNI_FALSE;

    }

    n_buffer->readAllLines(first_time ? fail_fn_1 : fail_fn_n);

    n_buffer->reset();

    int pid = zygote::forkApp(env, /* no pipe FDs */ -1, -1, session_socket_fds,
@@ -453,6 +458,7 @@ jboolean com_android_internal_os_ZygoteCommandBuffer_nativeForkRepeatedly( 
      }

    }

    for (;;) {

      bool valid_session_socket = true;

      // Clear buffer and get count from next command.

      n_buffer->clear();

      // Poll isn't strictly necessary for now. But without it, disconnect is hard to detect.
@@ -463,17 +469,42 @@ jboolean com_android_internal_os_ZygoteCommandBuffer_nativeForkRepeatedly( 
      if ((fd_structs[SESSION_IDX].revents & POLLIN) != 0) {

        if (n_buffer->getCount(fail_fn_z) != 0) {

          break;

        }  // else disconnected;

        } else {

          // Session socket was disconnected

          valid_session_socket = false;

          close(session_socket);

        }

      } else if (poll_res == 0 || (fd_structs[ZYGOTE_IDX].revents & POLLIN) == 0) {

        fail_fn_z(

            CREATE_ERROR("Poll returned with no descriptors ready! Poll returned %d", poll_res));

      }

      int new_fd = -1;

      do {

        // We've now seen either a disconnect or connect request.

      close(session_socket);

      int new_fd = TEMP_FAILURE_RETRY(accept(zygote_socket_fd, nullptr, nullptr));

        new_fd = TEMP_FAILURE_RETRY(accept(zygote_socket_fd, nullptr, nullptr));

        if (new_fd == -1) {

          fail_fn_z(CREATE_ERROR("Accept(%d) failed: %s", zygote_socket_fd, strerror(errno)));

        }

        uid_t newPeerUid = getSocketPeerUid(new_fd, fail_fn_1);

        if (newPeerUid != static_cast<uid_t>(expected_uid)) {

          ALOGW("Dropping new connection with a mismatched uid %d\n", newPeerUid);

          close(new_fd);

          new_fd = -1;

        } else {

          // If we still have a valid session socket, close it now

          if (valid_session_socket) {

              close(session_socket);

          }

          valid_session_socket = true;

        }

      } while (!valid_session_socket);



      // At this point we either have a valid new connection (new_fd > 0), or

      // an existing session socket we can poll on

      if (new_fd == -1) {

        // The new connection wasn't valid, and we still have an old one; retry polling

        continue;

      }

      if (new_fd != session_socket) {

        // Move new_fd back to the old value, so that we don't have to change Java-level data

        // structures to reflect a change. This implicitly closes the old one.
@@ -493,13 +524,6 @@ jboolean com_android_internal_os_ZygoteCommandBuffer_nativeForkRepeatedly( 
        fail_fn_z(CREATE_ERROR("Failed to set send timeout for socket %d: %s",

                               session_socket, strerror(errno)));

      }

      if (getsockopt(session_socket, SOL_SOCKET, SO_PEERCRED, &credentials, &cred_size) == -1) {

        fail_fn_z(CREATE_ERROR("ForkMany failed to get credentials: %s", strerror(errno)));

      }

      if (cred_size != sizeof credentials) {

        fail_fn_z(CREATE_ERROR("ForkMany credential size = %d, should be %d",

                               cred_size, static_cast<int>(sizeof credentials)));

      }

    }

    first_time = false;

  } while (n_buffer->isSimpleForkCommand(minUid, fail_fn_n));

libs/hwui/renderthread/CanvasContext.cpp

+9 −1
Original line number Diff line number Diff line
@@ -994,7 +994,15 @@ void CanvasContext::destroyHardwareResources() { 
}



void CanvasContext::onContextDestroyed() {

    destroyHardwareResources();

    // We don't want to destroyHardwareResources as that will invalidate display lists which

    // the client may not be expecting. Instead just purge all scratch resources

    if (mRenderPipeline->isContextReady()) {

        freePrefetchedLayers();

        for (const sp<RenderNode>& node : mRenderNodes) {

            node->destroyLayers();

        }

        mRenderPipeline->onDestroyHardwareResources();

    }

}



DeferredLayerUpdater* CanvasContext::createTextureLayer() {