Merge tag 'android-security-11.0.0_r73' into staging/lineage-18.1_android-security-11.0.0_r73 (ef4a37b3) · Commits · e / os / android_frameworks_base

cmds/statsd/src/StatsService.cpp

+21 −2

Original line number	Diff line number	Diff line
		@@ -163,12 +163,15 @@ StatsService::StatsService(const sp<Looper>& handlerLooper, shared_ptr<LogEventQ
		init_system_properties();

		if (mEventQueue != nullptr) {
		std::thread pushedEventThread([this] { readLogs(); });
		pushedEventThread.detach();
		mLogsReaderThread = std::make_unique<std::thread>([this] { readLogs(); });
		}
		}

		StatsService::~StatsService() {
		if (mEventQueue != nullptr) {
		stopReadingLogs();
		mLogsReaderThread->join();
		}
		}

		/* Runs on a dedicated thread to process pushed events. */
		@@ -177,6 +180,13 @@ void StatsService::readLogs() {
		while (1) {
		// Block until an event is available.
		auto event = mEventQueue->waitPop();

		// Below flag will be set when statsd is exiting and log event will be pushed to break
		// out of waitPop.
		if (mIsStopRequested) {
		break;
		}

		// Pass it to StatsLogProcess to all configs/metrics
		// At this point, the LogEventQueue is not blocked, so that the socketListener
		// can read events from the socket and write to buffer to avoid data drop.
		@@ -1335,6 +1345,15 @@ void StatsService::statsCompanionServiceDiedImpl() {
		mPullerManager->SetStatsCompanionService(nullptr);
		}

		void StatsService::stopReadingLogs() {
		mIsStopRequested = true;
		// Push this event so that readLogs will process and break out of the loop
		// after the stop is requested.
		int64_t timeStamp;
		std::unique_ptr<LogEvent> logEvent = std::make_unique<LogEvent>(/uid=/0, /pid=/0);
		mEventQueue->push(std::move(logEvent), &timeStamp);
		}

		} // namespace statsd
		} // namespace os
		} // namespace android

cmds/statsd/src/StatsService.h

+8 −0

Original line number	Diff line number	Diff line
		@@ -338,6 +338,13 @@ private:
		*/
		void statsCompanionServiceDiedImpl();

		/*
		* This method is used to stop log reader thread.
		*/
		void stopReadingLogs();

		std::atomic<bool> mIsStopRequested = false;

		/**
		* Tracks the uid <--> package name mapping.
		*/
		@@ -380,6 +387,7 @@ private:
		*/
		mutable mutex mShellSubscriberMutex;
		std::shared_ptr<LogEventQueue> mEventQueue;
		std::unique_ptr<std::thread> mLogsReaderThread;

		MultiConditionTrigger mBootCompleteTrigger;
		static const inline string kBootCompleteTag = "BOOT_COMPLETE";

core/java/android/app/Notification.java

+5 −2

Original line number	Diff line number	Diff line
		@@ -3069,8 +3069,11 @@ public class Notification implements Parcelable
		*
		* @hide
		*/
		public void setAllowlistToken(@Nullable IBinder token) {
		mWhitelistToken = token;
		public void clearAllowlistToken() {
		mWhitelistToken = null;
		if (publicVersion != null) {
		publicVersion.clearAllowlistToken();
		}
		}

		/**

core/java/android/hardware/usb/UsbConfiguration.java

+2 −1

Original line number	Diff line number	Diff line
		@@ -172,7 +172,8 @@ public class UsbConfiguration implements Parcelable {
		String name = in.readString();
		int attributes = in.readInt();
		int maxPower = in.readInt();
		Parcelable[] interfaces = in.readParcelableArray(UsbInterface.class.getClassLoader());
		Parcelable[] interfaces = in.readParcelableArray(
		UsbInterface.class.getClassLoader(), UsbInterface.class);
		UsbConfiguration configuration = new UsbConfiguration(id, name, attributes, maxPower);
		configuration.setInterfaces(interfaces);
		return configuration;

packages/SettingsProvider/src/com/android/providers/settings/SettingsProvider.java

+31 −0

Original line number	Diff line number	Diff line
		@@ -1781,6 +1781,9 @@ public class SettingsProvider extends ContentProvider {
		cacheName = Settings.System.ALARM_ALERT_CACHE;
		}
		if (cacheName != null) {
		if (!isValidAudioUri(name, value)) {
		return false;
		}
		final File cacheFile = new File(
		getRingtoneCacheDir(owningUserId), cacheName);
		cacheFile.delete();
		@@ -1813,6 +1816,34 @@ public class SettingsProvider extends ContentProvider {
		}
		}

		private boolean isValidAudioUri(String name, String uri) {
		if (uri != null) {
		Uri audioUri = Uri.parse(uri);
		if (Settings.AUTHORITY.equals(
		ContentProvider.getAuthorityWithoutUserId(audioUri.getAuthority()))) {
		// Don't accept setting the default uri to self-referential URIs like
		// Settings.System.DEFAULT_RINGTONE_URI, which is an alias to the value of this
		// setting.
		return false;
		}
		final String mimeType = getContext().getContentResolver().getType(audioUri);
		if (mimeType == null) {
		Slog.e(LOG_TAG,
		"mutateSystemSetting for setting: " + name + " URI: " + audioUri
		+ " ignored: failure to find mimeType (no access from this context?)");
		return false;
		}
		if (!(mimeType.startsWith("audio/") \|\| mimeType.equals("application/ogg")
		\|\| mimeType.equals("application/x-flac"))) {
		Slog.e(LOG_TAG,
		"mutateSystemSetting for setting: " + name + " URI: " + audioUri
		+ " ignored: associated mimeType: " + mimeType + " is not an audio type");
		return false;
		}
		}
		return true;
		}

		private boolean hasWriteSecureSettingsPermission() {
		// Write secure settings is a more protected permission. If caller has it we are good.
		if (getContext().checkCallingOrSelfPermission(Manifest.permission.WRITE_SECURE_SETTINGS)