Bug: 77600924
Change-Id: I46d765892e8e6839ed5140a3b0d6bb1815ccf9bc
Signed-off-by: Ecco Park <eccopark@google.com>
(cherry picked from commit 9a59cf84)

Test: manual
Bug: 73173182
Change-Id: I7f2201cab36adf7f01d1a794d783cb78a536811f
(cherry picked from commit 24da173b)

(backport from a fix merged in pi-dev)

Bug: 73884967
Test: Treehugger
Change-Id: I9deaae20893184cde36dcd936fe83708fa60b830
Merged-In: I0cf7920e138892fbcab71fae0eed1293f0b2e404
Merged-In: I9e3456e5f1e479b0e2b102f6c90db57cd0e977fe
(cherry picked from commit 7b52a48d)

If a run time permission of a group is already granted we grant the
other permission of the group automatically when requested.

Hence if an already granted permission changed its group during an
update suddenly permission of a potentially not approved group will
get auto-granted.

This is undesirable, hence we revoke the permission during the update
process.

Test: atest android.permission.cts.PermissionGroupChange
Change-Id: Ib2165d1ae53b80455ebe02e07775853e37a2e339
Fixes: 72710897
(cherry picked from commit 0ed1b472)

Adds detection of attacker-modified size and data fields passed to
ResStringPool::setTo(). These attacks are modified apks that AAPT would
not normally generate. In the rare case this occurs, the installation
cannot be allowed to continue.

Bug: 71361168
Bug: 71360999
Test: run cts -m CtsAppSecurityHostTestCases \
          -t android.appsecurity.cts.CorruptApkTests

Change-Id: If7eb93a9e723b16c8a0556fc4e20006aa0391d57
Merged-In: If7eb93a9e723b16c8a0556fc4e20006aa0391d57
(cherry picked from commit 7e54c3f2)

Test: added AccessibilityEndToEndTest#testPackageNameCannotBeFaked
      cts-tradefed run cts -m CtsAccessibilityServiceTestCases
      cts-tradefed run cts -m CtsAccessibilityTestCases

Bug: 69981755
Change-Id: If3752e106aa7fdee4645dc9852289af471ceff18
Merged-In: I13304efbee10d1affa087e9c8bc4ec237643283e
(cherry picked from commit c36db6d4)

Replaced readTypedArrayList/writeTypedArrayList with
writeTypedList/createTypedArrayList(CREATOR)

Bug: 71508348
Test: CtsAutoFillServiceTestCases pass
Merged-In: I2a8321023b40cc74b7026eb0fb32a9cc5f5543a9
Change-Id: Id17d02e40a4ae567bf2d74d2ea8ba4d8a943bdb7
(cherry picked from commit 4921986d)

Bug: 63766886
Test: ran CTS tests
Change-Id: I1f92bb014e275eafe3f42aef1f8c817f187c6608
(cherry picked from commit 6d2096f3)

This method broke on O-MR1 when I3abf999eb6056c1df7982780bae43b58337c0668
was chery-picked from master.

Test: cts-tradefed run commandAndExit cts-dev -m CtsAutoFillServiceTestCases \
      -t android.autofillservice.cts.AttachedContextActivityTest#testAutofill
Test: cts-tradefed run commandAndExit cts-dev -m CtsAutoFillServiceTestCases

Also individually ran tests that failed (due to flakiness) when ran in a suite:

Test: cts-tradefed run commandAndExit cts-dev -m CtsAutoFillServiceTestCases \
-t android.autofillservice.cts.OptionalSaveActivityTest#testDontShowSaveUiWhenUserManuallyFilled_oneDatasetAllRequiredFields

Test: cts-tradefed run commandAndExit cts-dev -m CtsAutoFillServiceTestCases -t android.autofillservice.cts.PreSimpleSaveActivityTest #testTapLink_tapBack_thenStartOverBySayingYesAndManualRequest

Fixes: 71960322

Change-Id: Ia093dcefe6699dc9493c46d671e48c2000214b31
Merged-In: I3abf999eb6056c1df7982780bae43b58337c0668
(cherry picked from commit b25b4736)

Test: adb shell am start com.android.settings/.RadioInfo
Bug: 69981710
Fixes: 70506888

Change-Id: Id29bad2d20b621f7379eb6144c95dcc819949b3d
Merged-In: Id29bad2d20b621f7379eb6144c95dcc819949b3d
(cherry picked from commit 97f16a76db29269619d9a1b45d4cea49026a5b6a)
(cherry picked from commit 92b5d278)

Test: cts-tradefed run commandAndExit cts-dev -m CtsAutoFillServiceTestCases -t android.autofillservice.cts.VirtualContainerActivityTest#testAppCannotFakePackageName
Test: cts-tradefed run commandAndExit cts-dev -m CtsAutoFillServiceTestCases

Bug: 69981710

Change-Id: Id6036cddb51dd8dd0c9128b7212d573f630d693f
Merged-In: Id6036cddb51dd8dd0c9128b7212d573f630d693f
(cherry picked from commit 23e61a90)

Merge cherrypicks of [3898937, 3898958, 3899077, 3897885, 3898496, 3898245, 3898959, 3898960, 3897790, 3898312, 3898313, 3898314, 3899155, 3899156, 3899157, 3898289, 3898290, 3899061, 3898291, 3898292, 3896951, 3899158, 3898961, 3898938, 3898246] into sparse-4657601-L30800000163316240

Change-Id: Ic46c21eef4b216774452afbac399e3d04947f053

The writeToParcel and readFromParcel is not symmetry, fixed it.

Test: no test
Bug: 70721937
Change-Id: I01f6f6b2ab778ee8b638d9b69fe0a6b9aa7ee395
(cherry picked from commit 8c55a707)

Merged-In: Ic4569b21d8a26a62bba91742b442f0c3ea8bcc9e
Change-Id: I17d085be9ce1a139e75264f1e715df7f565cd41b
Fixes: 71992105
Test: manual
(cherry picked from commit 187964ac)

Fixes: 73511076, 73311729
Test: presubmit
Change-Id: Ie98f67ffee4744050ac85d8b229370a16a76a194
(cherry picked from commit 726b51a2)
(cherry picked from commit 5a28e533)

Bug: 63000005
Test: runtest frameworks-net -c com.android.server.connectivity.VpnTest
Test: cts-tradefed run cts-dev -m CtsDevicePolicyManagerTestCases -t com.android.cts.devicepolicy.MixedDeviceOwnerTest#testAlwaysOnVpnLockDown
Merged-In: Ia1a82ee73d8617f3124032986fe6c09c14bf7752
Change-Id: Ia1a82ee73d8617f3124032986fe6c09c14bf7752
(cherry picked from commit f915e04d)

Length of the last array in readFromParcel should be the same as
value of mNextIndex.

Test: PoC app in the bug
Bug: 73252178
Change-Id: I69f935949e945c3a036b19b4f88684d906079ea5
(cherry picked from commit 3b8bc2e4)

Change-Id: Id2935bbe1630247131e87ed78cc70a7e3aaa0f5b

Merge cherrypicks of [3594034, 3594272, 3594273, 3594274, 3594275, 3594347, 3594035, 3592471] into oc-mr1-release

Change-Id: Id0214b5206fd01da1829b1475cef34ecac46f4e2

Bug: 72871435
Test: flashed and verified, also ran runtest framework-net

Change-Id: I69319a7db269489053426bb2d41574180be2d43d
(cherry picked from commit c81ef199)

On Android, if the process containing the service being bound to
crashes before the bind succeeds, the app doing the binding won't
get a success or failure callback.

When that happens in this code, this leaves notif. manager thinking
that a binding is in progress, so it never attempts to rebind until
the device is rebooted.

Bug: 69064494
Test: manual, crashed listener on proc start, verified not unbound forever
Change-Id: Id2082744208e21a709d9453365f282449a2e9407
(cherry picked from commit 4a86a51b)
(cherry picked from commit 1936097a)

The strict whitelist of settings for Instant Apps is leading to too much
unintended breakage, remove the enforcement until better infrastructure
can be added to make sure settings that should be whitelisted are.

Bug: 71009655
Test: Coming in a follow up

(cherry picked from commit b6108d62)

Change-Id: Iaa1d71331407cee86c10105c1e5668ffd0c925a1
(cherry picked from commit 26ae1d35)

Merge cherrypicks of [3581037, 3581038, 3580473, 3580624, 3580656, 3580657, 3580658, 3580382, 3580474, 3580475, 3581039, 3581040, 3580476, 3580206, 3581527, 3580955, 3580956, 3580957, 3580958, 3580959, 3580960, 3580961, 3580962, 3580963, 3580964, 3580965, 3580966, 3581567, 3581568, 3581569, 3581570, 3581571, 3580625, 3580626, 3581587, 3581513, 3581514, 3581515, 3580477, 3581588, 3580659, 3580660, 3580383, 3580384, 3580478, 3580719, 3580479, 3580480, 3581385, 3581528, 3581041, 3581042, 3581043, 3581044, 3581045, 3581046, 3581607, 3580385, 3580481, 3580482, 3580483, 3580661, 3580662, 3580663, 3580664, 3580665, 3580484, 3580485, 3581608, 3581609, 3581610, 3581611, 3581612, 3581589, 3581613, 3580486, 3581519, 3581627, 3581628, 3581529, 3581530, 3581531, 3581629, 3581630] into oc-mr1-release

Change-Id: I107552246742f7f284efd431d810a44d97a223b1

ParcelableRttResults was unparceled incorrectly.

Bug: 70398564
Test: exploit provided in bug no longer works
Change-Id: Ifd6de547e9861bbebc399b43d0cc2899a8160813
(cherry picked from commit e1e5a240)

There was an asymmetry between parcelling and unparcelling of
VerifyCredentialResponse that could lead to type confusion if
packed with other objects in a Parcel.

Test: none
Bug: 71714464
Change-Id: Icff68879e249422ccca49f2bb7db85c35b4cb353
(cherry picked from commit 54813e98)

This updates both the text-based diskstats and the proto-based diskstats
to both have both an aggregated and line-itemed view of app sizes.
Formerly, the code and data sizes were rolled up into the same category
and now they are separated.

Bug: 63908720
Test: FrameworksServicesTest passes
Merged-In: I1434327ffde6ad1f31243218c5201a80f9725a63
(cherry picked from commit b6cc8381)
(cherry picked from commit 41a5ae86)

Change-Id: I0d21ecc0ded5d715e3b5a478e78de2ba1f7e9ec2

The WHATWG URL parsing algorithm [1] used by browsers says that for
"special" URL schemes (which is basically all commonly-used
hierarchical schemes, including http, https, ftp, and file), the host
portion ends if a \ character is seen, whereas this class previously
continued to consider characters part of the hostname.  This meant
that a malicious URL could be seen as having a "safe" host when viewed
by an app but navigate to a different host when passed to a browser.

[1] https://url.spec.whatwg.org/#host-state

Bug: 71360761
Test: vogar frameworks/base/core/tests/coretests/src/android/net/UriTest.java (on NYC branch)
Test: cts -m CtsNetTestCases (on NYC branch)
Change-Id: Id53f7054d1be8d59bbcc7e219159e59a2425106e
(cherry picked from commit fa3afbd0)

All other stringAt methods check for null termination. Be consistent
so that upper levels don't end up with huge corrupt strings.

Bug: 62537081
Test: none
Change-Id: I17bdfb0c1e34507b66c6cad651bbdb12c5d4c417
(cherry picked from commit 3d35a0ea)
(cherry picked from commit 97f8cb01149b35b1832c7f9efe85ff19edf1083e)
(cherry picked from commit 5ec65ae9)

Test: Camera CTS
Bug: 69683251
Merged-In: I7ea4aa8ed4baa5a5e7d25a0073361d827ba86c13
Change-Id: I7ea4aa8ed4baa5a5e7d25a0073361d827ba86c13
(cherry picked from commit 4304a02a)

Bug: 69634768
Test: compilation
Change-Id: Icedfbaf1ba933637e935ada0fd98aea42c73f2b2
Merged-In: Icedfbaf1ba933637e935ada0fd98aea42c73f2b2
(cherry picked from commit 5332988c)

Test: cts-tradefed run cts-dev -m CtsAppSecurityHostTestCases
          -t android.appsecurity.cts.EphemeralTest#testStartForegrondService

bug: 68275646
Bug: 71366502

Change-Id: I196522c49ae8a7e0ec07bf631f04bae51e96db5b

cherry pick from: https://android-review.googlesource.com/c/platform/frameworks/base/+/559340
(cherry picked from commit e32c238ce76151dd6221e6762f841c8f721c45f7)

Change-Id: Idfeae038d42b9dee9f6f57203f2bdb0764f51877
(cherry picked from commit d967610f)

(cherry picked from commit bb367b68)

Bug: 67429363
Bug: 71708302
Test: Wifi unit tests

Change-Id: I2993a02e7b3199c2b50dc2ddb7704fc5b6364025
Merged-In: I315613b8ea3aa1d02810ae376c76083d80865d31
(cherry picked from commit 1b8fe6ef)

This metric was using the RESERVED_FOR_LOGBUILDER_COUNTER and hence was not
being picked up.

Bug: 71863561
Fixes: 72175011

Test: adb shell logcat -b events | grep sysui | grep 1136
Test: cts-tradefed run commandAndExit cts-dev -m CtsAutoFillServiceTestCases

Change-Id: I34f701ff5336a413477fd14172d16d8d1e5403ad
(cherry picked from commit b659adb3)

ACTION_APP_STOP_AND_BACKGROUND_CHECK
FIELD_ANOMALY_ACTION_TYPE
ANOMALY_TYPE_WAKELOCK
ANOMALY_TYPE_WAKEUP_ALARM
ANOMALY_TYPE_UNOPTIMIZED_BT

Bug: 68215016
Test: Build
Merged-In: I66f0465a3b89713060948af31c370e9ac894e0ff
Change-Id: I66f0465a3b89713060948af31c370e9ac894e0ff
(cherry picked from commit 7d36b386)

Test: Manual, added new unit tests.
Bug: 65490850
Change-Id: I7afbd2d1e783aae425ac3fe640a6e92d1600b9a5
(cherry picked from commit 5ce0d3a6)

Test: visual
Bug: 66957450
Change-Id: I6a34a35912e4dd4594565f88636ce89689d26f2f
(cherry picked from commit e7476add)
(cherry picked from commit 12dad0c4)

Add metrics which will help determine Passpoint availability in the
wild. The metrics measure the percentage of time a Passpoint network
is visible to user - by collecting historgrams of observations per
scan result.

(cherry-pick of commit c462a7a4)

Bug: 66951771
Test: unit test
Merged-In: I8c91f490a533f90a4f0630e1cb461e1d2643358b
Change-Id: I08367ab2c45900c76b65cea980a9b4a335b3dcdb
(cherry picked from commit 8c88b5e2)

These properties allow the feature to be propogated from
the outgoing call broadcast, to the connection, to the call,
and finally to the call log as a feature.

Test: no existing unit tests found. could use some pointers
Bug: 35963245
Merged-In: I84343fb0cda16514c01997fd71d1e819b5b7eebb
Change-Id: I086e761ada9a57dca61c3a412561ee54255d6260
(cherry picked from commit 9765e89e)

Add public equals()/hash() methods to PeerHandle. Allows the handle to
be used across multiple calls/sessions.

(partial cherry-pick of commit 3d33d749)
(cherry-pick of commit 0d49c0dd)

Bug: 68931709
Test: builds, unit test, integration test
Change-Id: I87df50edb948a7afc90e496165013235ddca1e48
Merged-In: Idc59269d4275181ed6d9a793213c681dc4e98134
Merged-In: I6848acda9bfef306b8feaae6987ff18f7bc2e6ec
(cherry picked from commit 4454bda0)

There was a case where a app launch started activity A. A step in
the UI finished A and started B in the same task. Next time A was
started it immediately finished itself, putting B at the top of
the task. Now, this launch was considered aborted because A was
finished during launching, making it invisible.

We fix this by modifying the logic to only abort the launch if the
full task is not visible anymore after an activity has been set to
invisible.

There is another case where an app launches A, finishes A, and then
launches B. In this case the home gets visible in between so we
don't consider this an app launch anymore, and correctly cancel
the logging. However it's still useful to know that this is
happening to expose it to the developer, so we log any cancel
events, no matter where they are coming from.

Test: Launch Snapchat, click Sign Up, click home, relaunch
Snapchat from home
Test: Open slow app and press home quickly to test cancel.

Change-Id: I211636c97fd6785adb3fe443a8ffa1ae766946a4
Merged-In: I211636c97fd6785adb3fe443a8ffa1ae766946a4
Fixes: 67094673
(cherry picked from commit a9d40821)