GitLab

Change-Id: I84ab04363ea56450f6e75ac8ee2d5cbbd0c61852

migrateExtraStreamToClipData() will only offer to promote Uri values
if a ClipData isn't already defined, so we ensure that a ClipData
value is always defined.  This blocks later promotion and granting.

Bug: 200683077
Bug: 123700107
Test: manual
Change-Id: I99c1411e8b4eb01eb27ac4306e3bf6cc88cb4273
(cherry picked from commit 6ebf410b)
(cherry picked from commit 3cf2b049)
Merged-In: I99c1411e8b4eb01eb27ac4306e3bf6cc88cb4273

This reverts commit b45ebca772a77bf3fd269d0dcfc1a7af7c73861d.

Reason for revert: adding the fix for system to abandon sessions

BUG: 67862680
Test: manual
Change-Id: I2b735e4860dce6eb6d5d8ddc158e8b3165910dc7
Merged-In: I91170ba399b3a596320b3bd9c8188912e5c4f1be
(cherry picked from commit bd25f706)
Merged-In:I2b735e4860dce6eb6d5d8ddc158e8b3165910dc7

See comment here for the discussion on solution
https://b.corp.google.com/issues/169762606#comment14

Change-Id: If212df3a3b7be1de0fb26b8e88b2fcbb8077c253

Bug: 169762606
(cherry picked from commit 11053c17b397db67b20e96ce769508766cef7db9)

Change-Id: I6494366a5695daedc3f4f0046da9e130a5363f5f
Merged-In: If212df3a3b7be1de0fb26b8e88b2fcbb8077c253
(cherry picked from commit 5beff34b)
Merged-In:I6494366a5695daedc3f4f0046da9e130a5363f5f

BUG:179338675

Auto-generated-cl: translation import
Change-Id: I197c41477e0d8b17bb1171d60dd97efff6290a58
(cherry picked from commit 735bca53)
(cherry picked from commit 7a3fe6aaf4ea9f7c84a1dddebb9f30ff4438a5c9)

Bug: 196970023
Test: presubmits passing.
Change-Id: I69f51eb2faac0cf2ee9f7a5f94f7100925f7221c
(cherry picked from commit 8bcd86e6)

Bug: 189824175
Test: atest android.media.tv.cts.TvInputManagerTest
Change-Id: Iced6c2245c0099bc4bcdaceb51f8cce4dbc0a392
(cherry picked from commit a2ab2772)
(cherry picked from commit 05363ef1)

Bug: 172251622
Bug: 197035186
Change-Id: Ic3ffcb622af232473adf8a8c8307cce78227bac0
Merged-In: I7e2f95fd85e18127dc481f188ace8ad6effc4831
Test: Manual
(cherry picked from commit 95ff59db)

Bug: 180747689
Test: manual
Change-Id: Ic309f4aad116fd424d5d0d0e2016d61be8826b78
(cherry picked from commit 3bdad2df)

Do not catch exceptions when we attempt to create the following classes
from a parcel
- OutputConfiguration
- VendorTagDescriptor
- VendorTagDescriptorCache
- SessionConfiguration
This could cause subsequent parcel information to be read incorrectly.

Bug: 188675581

Test: Sample app which tries to write invalid data into an
      OutputConfiguration parcel to send in an intent via Broadcast. When read by the receiving app,
      gets an exception (not swallowed).

Merged-In: I745ca49daa6ca36b1020d518e9f346b52684f2b1
Change-Id: I745ca49daa6ca36b1020d518e9f346b52684f2b1
Signed-off-by: Jayant Chowdhary <jchowdhary@google.com>
(cherry picked from commit 6b0bcd60)
(cherry picked from commit 8a115381)

Android Security 8.1.0 Release 93 (7678330)

* tag 'android-security-8.1.0_r93':
  Send targeted broadcasts to prevent other apps from receiving them.
  Guard DISABLE_PLUGIN with PLUGIN permission.
  DO NOT MERGE Apply a maximum char count to the load label api
  Fix a potential thread safety issue in VectorDrawable
  Change ownership of the account request notification.

Change-Id: I3ea07a1348f9a8e3f1e9cccc8bede251e7632168

Android security 8.1.0 release 92

* tag 'android-security-8.1.0_r92':
  Don't attach private Notification to A11yEvent when user locked
  Improve ellipsize performance
  Fix side effects of trace-ipc and dumpheap commands
  Fix race condition between lockNow() and updateLockscreenTimeout

Change-Id: I58ec12d101222bf5071f82bc91ee2daf9a50873d

Merge cherrypicks of [15541535, 15541187, 15541188, 15541497, 15541189, 15541499] into security-aosp-oc-mr1-release

Change-Id: I496e2eda4b0c82c19f5b98089ba63a34bfd5dce4

When sending broadcasts ACTION_SNOOZE_WARNING in NPMS, which may
contain sensitive information, explicitly set the package name
that should receive it to prevent other apps from receiving them.

Bug: 177931370
Test: manual
Change-Id: I2a0a0dc09e27791de829bacfb2e865ffea993715
Merged-In: I11d736771d859d2af27d5c84a502ab038974e2e2
(cherry picked from commit fdbcf17a)

Fixes a p0 security bug. We already have the plugin permission
defined in our manifest. Ensure that senders of the DISABLE_PLUGIN
broadcast have that permission.

Fixes: 193444889
Test: manual
Change-Id: Iebaba435c17c5644c5357c0683858447f5ffb897
Merged-In: Iebaba435c17c5644c5357c0683858447f5ffb897
(cherry picked from commit de779f81)

The system is overwhelmed by an enormous label string returned by
the load label api. This cl truncates the label string if it exceeds
the maximum safe length.

Also update the max safe label length to 1000 characters, which is
enough.

Bug: 67013844
Test: atest PackageManagerTest
Change-Id: Ia4d768cc93a47cfb8b6f7c4b6dc73abd801809bd
Merged-in: Ia4d768cc93a47cfb8b6f7c4b6dc73abd801809bd
(cherry picked from commit 7380c153)

Bug: 158839504
Bug: 185178568
Test: speculative
Change-Id: Id9f229f08fe5897dda25441fbaa15c98f8130de9
(cherry picked from commit 32207ceb)

Add "Permission requested by Application..." string.
Test: manual
Bug: 179338675

Change-Id: Ib66ccc1b39bd1f3f8fa3b1efc38a9d413b72a321
(cherry picked from commit 26de0c23)

Allow empty tokens in SQLiteQueryBuilder's strict grammar enforcement

Bug: 143230980
Test: atest SQLiteQueryBuilderTest, manual
Change-Id: Ie82dded77a3eaa75095333b0e77f10e21c9f7caf
(cherry picked from commit ea5b2c08)
Merged-In: Ie82dded77a3eaa75095333b0e77f10e21c9f7caf

Android security 8.1.0 release 90

* tag 'android-security-8.1.0_r90':
  Fix the security issue that preloaded apps can get SSID & BSSID
  Restrict alarm broadcast
  Detects all activities for whether showing work challenge

Change-Id: Ib066afdae77cc775c88ed440b85a21470e42081b

Merge cherrypicks of [15151695, 15151716, 15151891, 15151892, 15151894, 15151896, 15150908, 15151384, 15151699, 15151700, 15151701] into security-aosp-oc-mr1-release

Change-Id: Ib577512a4d38e7111f1c13feba1c58f478c6c458

Fixes: 159624555
Test: manual, atest
Change-Id: Ib44f1d3695d2b31bee4f8ccae3f948c83f3b40b6
Merged-In: Ib44f1d3695d2b31bee4f8ccae3f948c83f3b40b6
(cherry picked from commit 54fbccc2)
(cherry picked from commit 93f167b8)

Instead of iterate all ellipsized characters, only iterate the necessary
ranges for copying.

Bug: 188913943
Test: atest CtsTextTestCases CtsGraphicsTestCases CtsWidgetTestCases
Change-Id: I3d03b1e3897e427c23fbe51315f412c57a4ce9e9
Merged-In: I3d03b1e3897e427c23fbe51315f412c57a4ce9e9
(cherry picked from commit ae1912b6)

These shell commands were implicitly deleting any client-named file for
which the system uid had deletion capability.  They no longer do this,
instead using only the client's own capabilities and file manipulation
modes.

Bug: 185398942
Test: manual "adb shell cmd activity dumpheap system_server /data/system/last-fstrim"
Test: atest CtsPermissionTestCases:ShellCommandPermissionTest
Merged-In: Ie61ab2c3f4bfbd04de09ca99c1116d1129461e8f
Change-Id: Ie61ab2c3f4bfbd04de09ca99c1116d1129461e8f
(cherry picked from commit 6984eaa9)

If updateLockscreenTimeout gets called before the Runnable queued
from lockNow gets executed, lockNow request will be ignored. Fix
this by not clearing out the runnable if it's pending lock request.

Test: Switch user, ensure lockscreen comes up
Bug: 161149543
Change-Id: Ie486396fd7328edf8ca0912df92524bb82a1fb7f
(cherry picked from commit 875fa991)
Merged-In: Ie486396fd7328edf8ca0912df92524bb82a1fb7f
(cherry picked from commit 1692babe)

Android Security 8.1.0 Release 89 (7269716)

* tag 'android-security-8.1.0_r89':
  DO NOT MERGE - Disallow deletion of channels with FGS notifications
  Increase maximum allowed size for status bar icons
  Limit maximum allowed size for a status bar icon
  Adds caller check to getAllPackages()

Change-Id: I375d11991f1f3b6de37482182a3c89eaf259af02

Merge cherrypicks of [14554374, 14554375, 14554376, 14554377, 14554421, 14554378, 14554522, 14554523, 14554381, 14554563, 14554564, 14554566, 14554568, 14554570, 14554571, 14554573, 14554526, 14554576] into security-aosp-oc-mr1-release

Change-Id: I0e31b90f001d9959d05757095b9dc3a778f0c7f3

NetworkMonitor sends "android.net.conn.NETWORK_CONDITIONS_MEASURED"
broadcast with Wifi SSID & BSSID. The receiver of this broadcast
is only required to have "android.permission.ACCESS_NETWORK_CONDITIONS"
permission but not the "android.permission.ACCESS_FINE_LOCATION".
It's incorrect because if the apps want to know the Wifi SSID and
BSSID, they should get the run-time permission with user consent.
Since this broadcast is not used anymore, delete it and the related
code.

Bug: 175213041
Test: atest NetworkStackNextTests NetworkStackTests
Change-Id: I12050737291c7fa0ebff4e7411b91f4c6f57a413
Merged-In: I12050737291c7fa0ebff4e7411b91f4c6f57a413
Merged-In: I7b43940dc32826c70fa82f471b35bc5cb8394aad
(cherry picked from commit 0684e7a6)

To android only

Test: NotificationManagerTest, NotificationManagerServiceTest
Bug: 175614289
Change-Id: I4f8e56729d90f8f5288d08881129b1c45d5790e7
Merged-In: I4f8e56729d90f8f5288d08881129b1c45d5790e7
(cherry picked from commit abf15b73)
(cherry picked from commit 7dfcfe85)

Work challenge did not show when a work activity is not on top, but
still visible after screen turns on.

Also show work challenge even if the work activity is behind a top
fullscreen activity of another profile because the user can still
navigate back to the work activity when top activity finishes.

Bug: 177457096
Test: ActivityStackSupervisorTests

Change-Id: I5e09b09be547d04fdfd709cb9cd4bcd4a94bbf21
Merged-In: I5e09b09be547d04fdfd709cb9cd4bcd4a94bbf21
(cherry picked from commit 6820d708)

Android Security 8.1.0 Release 88 (7249334)

* tag 'android-security-8.1.0_r88':
  Add pkg target to snoozing alarm

Change-Id: I9f51f5d03bef99841997bf906c2fe3b300a64b64