Skip to content

A
android_frameworks_base
Switch branch/tag
This project is mirrored from https://github.com/LineageOS/android_frameworks_base.git. Pull mirroring updated .
  1. 13 Jul, 2020 2 commits
  3. 29 Jun, 2020 2 commits
  5. 09 Jun, 2020 1 commit
  7. 06 Jun, 2020 1 commit
  9. 27 May, 2020 1 commit
  11. 20 May, 2020 2 commits
  13. 06 May, 2020 3 commits
    • Christopher Tate's avatar
      Verify all possible hosts that match web nav · c227c2f1
      Christopher Tate authored 
      Even if an <intent-filter> matches non-web schemes in addition to http
or https, make sure to include its cited hosts in the autoVerify
evaluation.

Bug: 150038428
Test: atest OsHostTests#testIntentFilterHostValidation
Change-Id: If9ef0fc53d96e6581c56d86f89fe63bc9a5fb89a
Merged-In: If9ef0fc53d96e6581c56d86f89fe63bc9a5fb89a
(cherry picked from commit 1fba0f897f276d5d47962534867e764da8061105)
(cherry picked from commit a481c86c)
      c227c2f1
    • Riddle Hsu's avatar
      RESTRICT AUTOMERGE Use consistent calling uid and package in navigateUpTo · 0cd8f186
      Riddle Hsu authored 
      Originally, if the caller of navigateUpTo is alive, even the calling
uid is set to the caller who launched the existing destination activity,
the uid from caller process has higher priority to replace the given
calling uid. So this change doesn't modify the existing behavior if
the caller process is valid. Besides, the case of delivering new intent
uses the source record as calling identity too, so the case of starting
new activity should be consistent.

Also forbid attaching null application thread to avoid unexpected state
in process record.

Bug: 144285917
Test: bit FrameworksServicesTests:ActivityStackTests
Test: bit CtsSecurityTestCases:ActivityManagerTest# \
      testActivityManager_attachNullApplication
Merged-In: I60732f430256d37cb926d08d093581f051c4afed
Change-Id: I60732f430256d37cb926d08d093581f051c4afed
(cherry picked from commit 1c9bf5cc)
      0cd8f186
    • Riddle Hsu's avatar
      RESTRICT AUTOMERGE Create separated tasks for different apps from startActivities · db8d9ce6
      Riddle Hsu authored 
      Assume there are 2 applications A, B with different uids.
There are 4 activities A1, A2, B1, B2 with default task
affinity and launch mode.

After A1 called startActivities(B1, A2, B2):
 Original   : Task(A1, B1, A2, B2)
 This Change: Task(A1, B1), Task(A2, B2)
In other words, the source caller cannot launch its activity
above the activity of other application in the same task, and
it can still launch activity of other application in its task.

Bug: 145669109
Test: run cts --test android.server.cts.StartActivityTests \
      -m CtsServicesHostTestCases

[basilgello: Back-ported to 14.1:
 - Added definition for ActivityRecord.getUid() from
   fwb/82ea6cb9]
Signed-off-by: default avatarVasyl Gello <vasek.gello@gmail.com>

Change-Id: I97bd875146a52f62b8fe82235487ccefb2955e8e
(cherry picked from commit 2be3ba49)
      db8d9ce6
  15. 29 Apr, 2020 1 commit
  17. 14 Apr, 2020 1 commit
  19. 08 Apr, 2020 2 commits
  21. 07 Apr, 2020 3 commits
    • /e/ robot's avatar
      Merge remote-tracking branch 'origin/cm-14.1' into v1-nougat · 78c6ee22
      /e/ robot authored
      78c6ee22
    • Ryan Mitchell's avatar
      Fix potential double destroy of AssetManager · c90263e2
      Ryan Mitchell authored 
      Assume there is a XmlBlock [X] created by a AssetManager [A]
([A] will have mNumRefs = 2). After [A].close is called
(mNumRefs = 1) and then both [X] and [A] are going to be GCed,
if [A].finalize is called first (nativeDestroy), the later
[X].finalize will invoke [A].xmlBlockGone that triggers the
second nativeDestroy of [A] and leads to crash.

By clearing the mObject in AssetManager.finalize, the
decRefsLocked from other paths won't call nativeDestroy again.

Bug: 144028297
Test: atest android.security.cts.AssetManagerTest

Change-Id: Ia938502d2443f5a6de6a3cabdb7ce1d41d3ff6d1
Merged-In: Ia938502d2443f5a6de6a3cabdb7ce1d41d3ff6d1
(cherry picked from commit 93320661)
      c90263e2
    • Christopher Tate's avatar
      Revoke 'always' web handler status when not autoverifying · f697cd3b
      Christopher Tate authored 
      If an app has previously used autoVerify to make claims about its status
re handling web navigation intents, but is updated such that it no
longer makes those claims, step down its "official handler" status as
though it had never invoked autoVerify in the first place.

Bug: 146204120
Test: manual: as described in bug; observe policy before/after via
      'adb shell dumpsys package d'
Test: atest CtsOsHostTestCases
Change-Id: I58502d1b32d793aba9aa772fa2ad5ac38acca48a
Merged-In: I58502d1b32d793aba9aa772fa2ad5ac38acca48a
(cherry picked from commit 6cf5f928)
      f697cd3b
  23. 06 Apr, 2020 3 commits
  25. 16 Mar, 2020 2 commits
  27. 12 Mar, 2020 1 commit
  29. 06 Mar, 2020 2 commits
  31. 03 Mar, 2020 3 commits
    • Patrick Baumann's avatar
      Fixes NPE when preparing app data during init · 331107d7
      Patrick Baumann authored 
      When deleting an unused static shared library on Q, the user manager was
fetched via mContext.getSystemService. At this time during boot, the
service wasn't registered and so null was returned. This has already
been addressed in R with a move to injecting dependencies in the
PackageManagerService constructor.

Bug: 142083996
Bug: 141413692
Test: manual; remove static dependency on eng Q build and reboot
Change-Id: I8ae4e331d09b4734c54cdc6887b273705dce88b1
Merged-In: I8ae4e331d09b4734c54cdc6887b273705dce88b1
(cherry picked from commit 5d3fc339)
      331107d7
    • Patrick Baumann's avatar
      Handles null outInfo in deleteSystemPackageLI · 2c0a05d0
      Patrick Baumann authored 
      This change adds null checks before accessing outInfo in
deleteSystemPackageLI.

Bug: 142083996
Bug: 141413692
Test: manual; remove static dependency on eng build and reboot
Change-Id: If0fd48343e89cbb77ccd25826656194195d5b0cd
(cherry picked from commit 17471016508bb9c9ffb8c3946dda0b4897d722f1)
Merged-In: If0fd48343e89cbb77ccd25826656194195d5b0cd
(cherry picked from commit 6afabce5)
      2c0a05d0
    • paulhu's avatar
      Fix security problem on PermissionMonitor#hasPermission · caf3c621
      paulhu authored 
      PermissionMonitor#hasPermission only checks permssions that app
requested but it doesn't check whether the permission can be
granted to this app. If requested permission doens't be granted
to app, this method still returns that app has this permission.
Then PermissionMonitor will pass this info to netd that means
this app still can use network even restricted network without
granted privileged permission like CONNECTIVITY_INTERNAL or
CONNECTIVITY_USE_RESTRICTED_NETWORKS.

Bug: 144679405
Test: Build, flash, manual test
Change-Id: I5eba4909e4c2e1d9f275f66be90ac36466b93e90
Merged-In: I8a1575dedd6e3b7a8b60ee2ffd475d790aec55c4
Merged-In: Iae9c273af822b18c2e6fce04848a86f8dea6410a
(cherry picked from commit 305946b9)
      caf3c621
  33. 25 Feb, 2020 3 commits
  35. 24 Feb, 2020 1 commit
  37. 21 Feb, 2020 2 commits
  39. 14 Feb, 2020 1 commit
  41. 11 Feb, 2020 1 commit
  43. 10 Feb, 2020 1 commit
  45. 05 Feb, 2020 1 commit
    • Sterling Huber's avatar
      RESTRICT AUTOMERGE Make toasts non-clickable · 2dbe94c0
      Sterling Huber authored 
      Since enforcement was only on client-side, in Toast class, an app could
use reflection (or other means) to make the Toast clickable. This is a
security vulnerability since it allows tapjacking, that is, intercept touch
events and do stuff like steal PINs and passwords.

This CL brings the enforcement to the system by applying flag
FLAG_NOT_TOUCHABLE.

Test: atest CtsWindowManagetDeviceTestCases:ToastTest
Test: Construct app that uses reflection to remove flag FLAG_NOT_TOUCHABLE and
      log click events. Then:
      1) Observe click events are logged without this CL.
      2) Observer click events are not logged with this CL.
Bug: 128674520

(cherry picked from commit 6bf18c39)
Change-Id: Ica346c853dcb9a1e494f7143ba1c38d22c0003d0
      2dbe94c0