This project is mirrored from https://github.com/LineageOS/android_frameworks_base.git. Pull mirroring updated .
  1. 19 Mar, 2021 1 commit
  2. 18 Mar, 2021 2 commits
  3. 11 Feb, 2021 3 commits
  4. 07 Feb, 2021 1 commit
  5. 06 Feb, 2021 1 commit
  6. 05 Feb, 2021 2 commits
  7. 02 Feb, 2021 1 commit
  8. 20 Jan, 2021 1 commit
  9. 19 Jan, 2021 2 commits
    • Aaron Kling's avatar
      Add nvcpl hook interfaces · 75ed0a20
      Aaron Kling authored
      NvCPL works in conjunction with the PowerHAL in order to adjust various
      performance knobs based on the app or device specific profiles.
      
      Change-Id: I4953cbb96d729dbe0cee6d7071b5933586770330
      75ed0a20
    • Aaron Kling's avatar
      Add nvidia profile manager · a0c71e49
      Aaron Kling authored
      This implements and API for apps to interface with NvCPL and by
      extension the PowerHAL.
      
      Reverse engineered from the Shield Experience 8.2.0 update then cleaned
      up to match Android standards.
      
      Change-Id: I774ac62c8867151f21712cfeee25f96a591415ad
      a0c71e49
  10. 15 Jan, 2021 1 commit
  11. 14 Jan, 2021 1 commit
    • Kevin F. Haggerty's avatar
      Merge tag 'android-security-9.0.0_r64' into staging/lineage-16.0_merge_android-security-9.0.0_r64 · 31664aa5
      Kevin F. Haggerty authored
      Android security 9.0.0 release 64
      
      * tag 'android-security-9.0.0_r64':
        Ignore GrantCredentials call with unexpected calling uid.
        Protect GrantCredentialsPermissionActivity against overlay.
        [DO NOT MERGE] Make GlobalScreenshot PendingIntents immutable
        Check that Account Parcel has name and type.
        Revoke permission on non-runtime -> runtime upgrade
        Ensure permissions are revoked on state changes
        RESTRICT AUTOMERGE Fix CDM package check
        remove sensitive pii from safetynet logging
        DO NOT MERGE Check fingerprint client against top activity in auth callback
        Fix the issue provider can be wrong when requesting slice permission
      
      Change-Id: I5686e8a3ed26d5abdec952748e1eb1a33ba8d0c8
      31664aa5
  12. 11 Jan, 2021 1 commit
  13. 10 Jan, 2021 1 commit
  14. 16 Dec, 2020 2 commits
  15. 15 Dec, 2020 2 commits
  16. 09 Dec, 2020 6 commits
    • Varun Shah's avatar
      RESTRICT AUTOMERGE · 11314107
      Varun Shah authored
      Ensure caller identity is restored in CP quick-path.
      
      Bug: 172935267
      Test: PoC in bug
      Change-Id: I469bde7d0a0f89c94f1234cf40983395048962e2
      (cherry picked from commit c99b04eb)
      11314107
    • Winson's avatar
      Remove updateIntentVerificationStatusAsUser from ResolverActivity · f382cadc
      Winson authored
      DO NOT CHERRY PICK ANYWHERE: Security issue
      
      This API is meant to grant an app complete verification over the
      domains it has declared, meaning it will always resolve the domains it
      declares for web links.
      
      This can allow an app to take over links that are unowned. Any time a
      user selects "Always" when resolving an Intent in the diambiguation
      dialog, this API would be called, and all subsequent resolutions of any
      domain declared by the app selected would be automatically directed to
      that app, with no prompt to the user.
      
      From a quick search, it's possible that all usages of this API are
      actually unintended and should be removed. Should be considered for
      deprecation in the future.
      
      Bug: 163358811
      
      Test: none, this is not generally testable, see linked bug for context
      
      Merged-In: Iff7f788a83af68c7fbb1c6b9a8be7b47136be2b6
      Change-Id: Iff7f788a83af68c7fbb1c6b9a8be7b47136be2b6
      (cherry picked from commit 2b1ed5b7)
      f382cadc
    • Ivan Chiang's avatar
      Revoke the uri permission when the file is deleted · 4d69266a
      Ivan Chiang authored
      When the file is deleted, renamed or moved, revoke all uri
      permissions with the file
      
      Bug: 157474195
      Test: manual test with DocumentsUI
      Test: atest DocumentsTest#testAfterMoveDocumentInStorage_revokeUriPermission
      Change-Id: I4ffb183630aadb2d87b0965e8cecf88af15f4534
      Merged-In: I4ffb183630aadb2d87b0965e8cecf88af15f4534
      (cherry picked from commit 9efd606f)
      (cherry picked from commit c5c373c2)
      4d69266a
    • Bryan Ferris's avatar
      [RESTRICT AUTOMERGE] Add import of MAX_APP_TRANSITION_DURATION · 7a844649
      Bryan Ferris authored
      The commit at ag/10876662 did not contain a required import. This change
      fixes the build.
      
      Bug: 145728687
      Test: `mma` in frameworks/base/services/core/java/com/android/server/wm/
      
      Change-Id: Ic37e2dc8498b0f6f5308653f4f9935038a486001
      (cherry picked from commit 4236b3e8)
      7a844649
    • lumark's avatar
      [RESTRICT AUTOMERGE] Restrict app transition maximum duration · af8aa1e8
      lumark authored
      As WindowState#startAnimation for restricting window animation duration
      (currently is 10 secs),
      
      For security reason, we also need to restrict app transition animation
      duration as 3 secs to prevent malicious app may set a long duration or
      infinity repeat counts through ActivityOption#makeCustomAnimation or
      Activity#overridePendingTransition with custom animation set.
      
      Bug: 145728687
      Test: manual as issue provided test app
      Change-Id: I39051d6e4d2b681ce2becbafe14aab3f3d8ebf6b
      (cherry picked from commit ee11625b)
      af8aa1e8
    • Kevin F. Haggerty's avatar
      Merge tag 'android-security-9.0.0_r63' into staging/lineage-16.0_merge-android-security-9.0.0_r63 · 118a9c5f
      Kevin F. Haggerty authored
      Android Security 9.0.0 Release 63 (6893678)
      
      * tag 'android-security-9.0.0_r63':
        Fix storing the wrong value of mLockdown in setting
        Make WallpaperMS bind wallpaper component PendingIntent immutable.
      
      Change-Id: I8ac10ede71fd4707458ddad4cf7dd44efb062b13
      118a9c5f
  17. 16 Nov, 2020 2 commits
  18. 12 Nov, 2020 10 commits
    • Dmitry Dementyev's avatar
      Ignore GrantCredentials call with unexpected calling uid. · 97961294
      Dmitry Dementyev authored
      Activity can be used only in two cases.
      1) Calling uid matches uid grantee.
      2) Calling uid is is system. This flow is used by getToken methods with
      notifyAuthFailure=true.
      
      Test: Existing CTS tests
      Bug: 158480899
      Merged-In: I1421c333b6cebb4f7cddcdd8766298f6872e933b
      Change-Id: I18af48cf3cb4ad23a3e5b02a8ea1416aa5570dba
      (cherry picked from commit ece586e3)
      97961294
    • Dmitry Dementyev's avatar
      Protect GrantCredentialsPermissionActivity against overlay. · 5f77856b
      Dmitry Dementyev authored
      Bug: 169763814
      Test: manual
      Merged-In: I15dd22791fcc61ef02b06ad51d9e4409d11c0181
      Change-Id: I0d8f901d100a5e2a022c96fa6c2be75a11c58059
      (cherry picked from commit deddb784)
      5f77856b
    • Miranda Kephart's avatar
      [DO NOT MERGE] Make GlobalScreenshot PendingIntents immutable · 9f42cf00
      Miranda Kephart authored
      Mutable pending intents are a security risk. This change adds the
      IMMUTABLE flag to all PendingIntents created in GlobalScreenshot.
      
      Bug: 162738636
      Test: manual
      Change-Id: I1044b6aaf2b1650ff91d9a72181684d2aaea9a62
      (cherry picked from commit ed450d77)
      9f42cf00
    • Dmitry Dementyev's avatar
      Check that Account Parcel has name and type. · 29de6913
      Dmitry Dementyev authored
      Bug: 129287265
      Test: manual
      Change-Id: I8431eb27cc4c6dfd3048b28ff635474f14433308
      (cherry picked from commit 32e85796)
      (cherry picked from commit 0992000a)
      29de6913
    • Philip P. Moltmann's avatar
      Revoke permission on non-runtime -> runtime upgrade · b581af12
      Philip P. Moltmann authored
      Not only on normal -> runtime.
      
      Test: atest android.appsecurity.cts.PermissionsHostTest#testNoPermissionEscalationAfterReboot
      Bug: 154505240, 168319670
      Change-Id: If3b420067b4d7111dcf67ae6f98e42176158b679
      Merged-In: If3b420067b4d7111dcf67ae6f98e42176158b679
      (cherry picked from commit 60c41ae4)
      b581af12
    • Nate Myren's avatar
      Ensure permissions are revoked on state changes · 45ac3b66
      Nate Myren authored
      If a permission owner changes, or a permission level is upgraded, revoke
      the permission from all packages
      
      Test: Manual
      Bug: 154505240
      Merged-In: I0dec9eb7c2fecd3147e33e04d3f79f6dffcf7721
      Change-Id: I0dec9eb7c2fecd3147e33e04d3f79f6dffcf7721
      (cherry picked from commit a28931a0)
      (cherry picked from commit a162e959)
      45ac3b66
    • Eugene Susla's avatar
      RESTRICT AUTOMERGE · 3fd32559
      Eugene Susla authored
      Fix CDM package check
      
      CDM was using a pckage check that returns a value intead of throwing,
      resulting in failing to throw on querying other package's associations
      
      Test: ensure attached bug no longer reproduces
      Bug: 167244818
      Change-Id: I21319b6f5495dcae681541c76b847aad0c00b8ab
      (cherry picked from commit feb4dd91)
      3fd32559
    • Pinyao Ting's avatar
      remove sensitive pii from safetynet logging · 3932e33e
      Pinyao Ting authored
      Bug: 159145361
      Test: manual
      Change-Id: I8f1be55971672c7e8f5aa8848f65b1b9d9f40fb5
      Merged-In: I8f1be55971672c7e8f5aa8848f65b1b9d9f40fb5
      (cherry picked from commit 3b6905bf)
      (cherry picked from commit 6d9794aa)
      3932e33e
    • Curtis Belmonte's avatar
      DO NOT MERGE Check fingerprint client against top activity in auth callback · 9899b14c
      Curtis Belmonte authored
      Due to a race condition with activity task stack broadcasts, it's
      currently possible for fingerprint authentication to succeed for a
      non-top activity. This means, for example, that a malicious overlay
      could be drawn in order to mislead the user about what they are
      authenticating for.
      
      This commit addresses the issue by adding a check to the fingerprint
      authentication client interface that ensures the authenticating
      activity is on top at the time of authentication. Otherwise, the
      pending authentication will fail, as if an incorrect biometric
      been presented.
      
      Test: Follow steps from b/159249069:
      1. Install com.pro100svitlo.fingerprintauthdemo from the Play store.
      2. Install the PoC attack app from b/159249069.
      3. Start the PoC attack app and press the "Launch PoC attack" button.
      4. Use fingerprint to authenticate while the overlay is showing.
      
      Before: Authentication succeeds, and a new activity is launched.
      After: Authentication fails, and no new activity is launched.
      
      Bug: 159249069
      Change-Id: If5cdf8ffaf3aa7d8a1ac81272e3bfb2cc7cdddf1
      Merged-In: Iee6af379515385777984da55048c1efd9339ed88
      Merged-In: I9b242a9fee0acbfb430875061e2d809c00fe4b97
      Merged-In: I1241a12eafa0bdbac59a8ddd4cf6a0637d467b19
      Merged-In: Ie5a0f8c3e9b92d348a78678a6ed192d440c45ffc
      Merged-In: I289d67e5c7055ed60f7a96725c523d07cd047b23
      (cherry picked from commit d4774f91)
      9899b14c
    • Pinyao Ting's avatar
      Fix the issue provider can be wrong when requesting slice permission · becd1fa9
      Pinyao Ting authored
      SlicePermissionActivity reads provider_pkg from intent, which can be
      modified at will. As a result user might see incorrect package name in
      the dialog granting slice permission.
      
      Bug: 159145361
      Test: manual
      Merged-In: I8b66c02786df4096dad74b7e76255d5ddd1d609d
      Change-Id: I8b66c02786df4096dad74b7e76255d5ddd1d609d
      (cherry picked from commit 0ad32a2d)
      (cherry picked from commit 4cab9c38)
      becd1fa9