Skip to content

A
android_frameworks_base
Switch branch/tag
This project is mirrored from https://github.com/LineageOS/android_frameworks_base.git. Pull mirroring updated .
  1. 27 May, 2020 1 commit
  3. 20 May, 2020 2 commits
  5. 17 May, 2020 1 commit
  7. 06 May, 2020 1 commit
  9. 28 Apr, 2020 3 commits
    • Christopher Tate's avatar
      Verify all possible hosts that match web nav · 5f03b08b
      Christopher Tate authored 
      Even if an <intent-filter> matches non-web schemes in addition to http
or https, make sure to include its cited hosts in the autoVerify
evaluation.

Bug: 150038428
Test: atest OsHostTests#testIntentFilterHostValidation
Change-Id: If9ef0fc53d96e6581c56d86f89fe63bc9a5fb89a
Merged-In: If9ef0fc53d96e6581c56d86f89fe63bc9a5fb89a
(cherry picked from commit 1fba0f897f276d5d47962534867e764da8061105)
(cherry picked from commit a481c86cd3742c7792f8607c004e0eeb4016b894)
      5f03b08b
    • Eugene Susla's avatar
      RESTRICT AUTOMERGE · 288ce50c
      Eugene Susla authored 
      Prevent accessing companion records from arbitrary uids

Test: manual
Fixes: 129476618
Change-Id: I7b18cfcdf58e62a445cbb508116c6ce7c1cea8d7
(cherry picked from commit 98f45443e1cf397ab92b4cecd9200c2dcccf099b)
      288ce50c
    • Anis Assi's avatar
      Revert "DO NOT MERGE - Kill apps outright for API contract violations" · 6a89d110
      Anis Assi authored 
      This reverts commit c6fd63a7.
      6a89d110
  11. 24 Apr, 2020 1 commit
  13. 16 Apr, 2020 1 commit
  15. 14 Apr, 2020 2 commits
  17. 08 Apr, 2020 3 commits
  19. 07 Apr, 2020 1 commit
  21. 06 Apr, 2020 4 commits
  23. 30 Mar, 2020 1 commit
    • Riddle Hsu's avatar
      RESTRICT AUTOMERGE Create separated tasks for different apps from startActivities · a952197b
      Riddle Hsu authored 
      Assume there are 2 applications A, B with different uids.
There are 4 activities A1, A2, B1, B2 with default task
affinity and launch mode.

After A1 called startActivities(B1, A2, B2):
 Original   : Task(A1, B1, A2, B2)
 This Change: Task(A1, B1), Task(A2, B2)
In other words, the source caller cannot launch its activity
above the activity of other application in the same task, and
it can still launch activity of other application in its task.

Bug: 145669109
Test: run cts --test android.server.cts.StartActivityTests \
      -m CtsServicesHostTestCases
Change-Id: I97bd875146a52f62b8fe82235487ccefb2955e8e
(cherry picked from commit 973ecc619c0bb87a03481774ea9e86d2924601e4)
      a952197b
  25. 16 Mar, 2020 2 commits
  27. 12 Mar, 2020 2 commits
    • Riddle Hsu's avatar
      RESTRICT AUTOMERGE Use consistent calling uid and package in navigateUpTo · d37eb962
      Riddle Hsu authored 
      Originally, if the caller of navigateUpTo is alive, even the calling
uid is set to the caller who launched the existing destination activity,
the uid from caller process has higher priority to replace the given
calling uid. So this change doesn't modify the existing behavior if
the caller process is valid. Besides, the case of delivering new intent
uses the source record as calling identity too, so the case of starting
new activity should be consistent.

Also forbid attaching null application thread to avoid unexpected state
in process record.

Bug: 144285917
Test: bit FrameworksServicesTests:com.android.server.am.ActivityStackTests
Change-Id: I60732f430256d37cb926d08d093581f051c4afed
(cherry picked from commit 0d7e27af30e39fbb6dcafedc854daa639074e5cc)
      d37eb962
    • Christopher Tate's avatar
      DO NOT MERGE - Kill apps outright for API contract violations · c6fd63a7
      Christopher Tate authored 
      ...rather than relying on in-app code to perform the shutdown.

Backport of security fix.

Bug: 128649910
Bug: 140108616
Test: manual
Test: atest OsHostTests#testForegroundServiceBadNotification
Change-Id: I94d9de50bb03c33666471e3dbd9c721e9278f7cb
Merged-In: I94d9de50bb03c33666471e3dbd9c721e9278f7cb
(cherry picked from commit 874c974f73839da761177a4e0a53b7f4a7d29288)
      c6fd63a7
  29. 09 Mar, 2020 1 commit
  31. 03 Mar, 2020 1 commit
  33. 24 Feb, 2020 1 commit
  35. 11 Feb, 2020 2 commits
  37. 10 Feb, 2020 1 commit
  39. 06 Feb, 2020 2 commits
    • Ryan Mitchell's avatar
      Fix potential double destroy of AssetManager · b7a2a333
      Ryan Mitchell authored 
      Assume there is a XmlBlock [X] created by a AssetManager [A]
([A] will have mNumRefs = 2). After [A].close is called
(mNumRefs = 1) and then both [X] and [A] are going to be GCed,
if [A].finalize is called first (nativeDestroy), the later
[X].finalize will invoke [A].xmlBlockGone that triggers the
second nativeDestroy of [A] and leads to crash.

By clearing the mObject in AssetManager.finalize, the
decRefsLocked from other paths won't call nativeDestroy again.

Bug: 144028297
Test: atest android.security.cts.AssetManagerTest

Change-Id: Ia938502d2443f5a6de6a3cabdb7ce1d41d3ff6d1
Merged-In: Ia938502d2443f5a6de6a3cabdb7ce1d41d3ff6d1
(cherry picked from commit 93320661ca9a23c7b38b3f166d0facf048f2a8a3)
      b7a2a333
    • Christopher Tate's avatar
      Revoke 'always' web handler status when not autoverifying · 35c45595
      Christopher Tate authored 
      If an app has previously used autoVerify to make claims about its status
re handling web navigation intents, but is updated such that it no
longer makes those claims, step down its "official handler" status as
though it had never invoked autoVerify in the first place.

Bug: 146204120
Test: manual: as described in bug; observe policy before/after via
      'adb shell dumpsys package d'
Test: atest CtsOsHostTestCases
Change-Id: I58502d1b32d793aba9aa772fa2ad5ac38acca48a
Merged-In: I58502d1b32d793aba9aa772fa2ad5ac38acca48a
(cherry picked from commit ef5220e5b2a4b90d4260eb058475fdcdf30d861d)
      35c45595
  41. 04 Feb, 2020 1 commit
  43. 23 Jan, 2020 1 commit
  45. 21 Jan, 2020 2 commits
  47. 18 Jan, 2020 1 commit
  49. 10 Jan, 2020 2 commits
    • Patrick Baumann's avatar
      Fixes NPE when preparing app data during init · e8ae9fcf
      Patrick Baumann authored 
      When deleting an unused static shared library on Q, the user manager was
fetched via mContext.getSystemService. At this time during boot, the
service wasn't registered and so null was returned. This has already
been addressed in R with a move to injecting dependencies in the
PackageManagerService constructor.

Bug: 142083996
Bug: 141413692
Test: manual; remove static dependency on eng Q build and reboot
Change-Id: I8ae4e331d09b4734c54cdc6887b273705dce88b1
Merged-In: I8ae4e331d09b4734c54cdc6887b273705dce88b1
(cherry picked from commit 5d3fc339)
      e8ae9fcf
    • Patrick Baumann's avatar
      Use KNOWN_PACKAGES when shared lib consumers · 9192cc56
      Patrick Baumann authored 
      This change ensures we find ALL known packages that could be consuming a
shared library, not only currently installed ones. Without this check,
the system may get into a state in which we have currently uninstalled
but on-device apps that depend on a shared library that does not exist
on device.

This change also leaves static shared library packages on device even if
it's not installed for any of the remaining users as it could still be
used, but marked uninstalled for users in which it is consumed.

Bug: 141413692
Bug: 142083996
Test: Manual; attempt to remove shared lib after marking its consumer uninstalled.
Test: atest StaticSharedLibsHostTests
Change-Id: Id4e37c3e4d3ea3ad5fddae5d2c7305e56f50eeea
Merged-In: Id4e37c3e4d3ea3ad5fddae5d2c7305e56f50eeea
(cherry picked from commit 08315953)
      9192cc56