Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Unverified Commit e86c9bed authored by Kevin F. Haggerty's avatar Kevin F. Haggerty
Browse files

Merge tag 'android-security-15.0.0_r7' into staging/lineage-22.1_android-security-15.0.0_r7 

Android security 15.0.0 release 7

* tag 'android-security-15.0.0_r7':
  Check cross user permissions for a given UID
  Parse authority to separate userId and non-user parts of it
  Revert "Check IsolatedOwner permissions for known isolated_compute_apps"
  Disable "Developer options" by default for managed profiles.
  RemoteViews - Always load new ApplicationInfo from PackageManager.
  DO NOT MERGE: Update ActivityRecordInputSink using the pending transaction
  Do not allow non-system apps to provide unverified attributions
  Check underlying intent as well as intent selector
  Add permissions check to isInSignificantPlace()
  Remove notification content from icon a11y
  Fix settings activity showing background bp when createConfirmDeviceCredentialIntent() API is used.
  Check sound Uri permission when creating a notification channel
  BaseBundle: fix unparcel error logic
  Fix: Block opening settings app on keyguard without user auth
  Verify that the caller has permissions for the icons it provided.

Conflicts:
	packages/SystemUI/shared/biometrics/src/com/android/systemui/biometrics/Utils.kt

Change-Id: If022a622027c5d7ded9e107004e0b37d31bdad45
parents cd543483 54e1c387

core/java/android/app/trust/ITrustManager.aidl

+1 −0
Original line number Diff line number Diff line
@@ -41,5 +41,6 @@ interface ITrustManager { 
    void unlockedByBiometricForUser(int userId, in BiometricSourceType source);

    void clearAllBiometricRecognized(in BiometricSourceType target, int unlockedUser);

    boolean isActiveUnlockRunning(int userId);

    @EnforcePermission("ACCESS_FINE_LOCATION")

    boolean isInSignificantPlace();

}

core/java/android/app/trust/TrustManager.java

+1 −0
Original line number Diff line number Diff line
@@ -305,6 +305,7 @@ public class TrustManager { 
     *

     * @hide

     */

    @RequiresPermission(Manifest.permission.ACCESS_FINE_LOCATION)

    public boolean isInSignificantPlace() {

        try {

            return mService.isInSignificantPlace();

core/java/android/appwidget/AppWidgetHostView.java

+0 −4
Original line number Diff line number Diff line
@@ -20,7 +20,6 @@ import android.annotation.NonNull; 
import android.annotation.Nullable;

import android.app.Activity;

import android.app.ActivityOptions;

import android.app.LoadedApk;

import android.compat.annotation.UnsupportedAppUsage;

import android.content.ComponentName;

import android.content.Context;
@@ -753,9 +752,6 @@ public class AppWidgetHostView extends FrameLayout implements AppWidgetHost.AppW 
     */

    protected Context getRemoteContextEnsuringCorrectCachedApkPath() {

        try {

            ApplicationInfo expectedAppInfo = mInfo.providerInfo.applicationInfo;

            LoadedApk.checkAndUpdateApkPaths(expectedAppInfo);

            // Return if cloned successfully, otherwise default

            Context newContext = mContext.createApplicationContext(

                    mInfo.providerInfo.applicationInfo,

                    Context.CONTEXT_RESTRICTED);

core/java/android/os/BaseBundle.java

+5 −5
Original line number Diff line number Diff line
@@ -471,10 +471,10 @@ public class BaseBundle { 
            map.erase();

            map.ensureCapacity(count);

        }

        int numLazyValues = 0;

        int[] numLazyValues = new int[]{0};

        try {

            numLazyValues = parcelledData.readArrayMap(map, count, !parcelledByNative,

                    /* lazy */ ownsParcel, mClassLoader);

            parcelledData.readArrayMap(map, count, !parcelledByNative,

                    /* lazy */ ownsParcel, mClassLoader, numLazyValues);

        } catch (BadParcelableException e) {

            if (sShouldDefuse) {

                Log.w(TAG, "Failed to parse Bundle, but defusing quietly", e);
@@ -485,14 +485,14 @@ public class BaseBundle { 
        } finally {

            mWeakParcelledData = null;

            if (ownsParcel) {

                if (numLazyValues == 0) {

                if (numLazyValues[0] == 0) {

                    recycleParcel(parcelledData);

                } else {

                    mWeakParcelledData = new WeakReference<>(parcelledData);

                }

            }



            mLazyValues = numLazyValues;

            mLazyValues = numLazyValues[0];

            mParcelledByNative = false;

            mMap = map;

            // Set field last as it is volatile

core/java/android/os/Parcel.java

+5 −7
Original line number Diff line number Diff line
@@ -5508,7 +5508,7 @@ public final class Parcel { 


    private void readArrayMapInternal(@NonNull ArrayMap<? super String, Object> outVal,

            int size, @Nullable ClassLoader loader) {

        readArrayMap(outVal, size, /* sorted */ true, /* lazy */ false, loader);

        readArrayMap(outVal, size, /* sorted */ true, /* lazy */ false, loader, null);

    }



    /**
@@ -5518,17 +5518,16 @@ public final class Parcel { 
     * @param lazy   Whether to populate the map with lazy {@link Function} objects for

     *               length-prefixed values. See {@link Parcel#readLazyValue(ClassLoader)} for more

     *               details.

     * @return a count of the lazy values in the map

     * @param lazyValueCount number of lazy values added here

     * @hide

     */

    int readArrayMap(ArrayMap<? super String, Object> map, int size, boolean sorted,

            boolean lazy, @Nullable ClassLoader loader) {

        int lazyValues = 0;

    void readArrayMap(ArrayMap<? super String, Object> map, int size, boolean sorted,

            boolean lazy, @Nullable ClassLoader loader, int[] lazyValueCount) {

        while (size > 0) {

            String key = readString();

            Object value = (lazy) ? readLazyValue(loader) : readValue(loader);

            if (value instanceof LazyValue) {

                lazyValues++;

                lazyValueCount[0]++;

            }

            if (sorted) {

                map.append(key, value);
@@ -5540,7 +5539,6 @@ public final class Parcel { 
        if (sorted) {

            map.validate();

        }

        return lazyValues;

    }



    /**