This project is mirrored from Pull mirroring updated .
  1. 13 Apr, 2021 1 commit
  2. 07 Apr, 2021 1 commit
    • Kevin F. Haggerty's avatar
      Merge tag 'android-security-9.0.0_r67' into staging/lineage-16.0_merge_android-security-9.0.0_r67 · 236afaa4
      Kevin F. Haggerty authored
      Android security 9.0.0 release 67
      * tag 'android-security-9.0.0_r67':
        [DO NOT MERGE] Close screenshot process on user switched
        DO NOT MERGE: Do not inject mock location to chipset
        DO NOT MERGE: WM: Only allow system to use NO_INPUT_CHANNEL.
        RESTRICT AUTOMERGE Allow CDM to hide overlays
        RESTRICT AUTOMERGE Prevent non-system overlays from showing over CDM UI
      Change-Id: Id56b6e80d8ede545578e4f80f141b375626a289a
  3. 07 Mar, 2021 1 commit
  4. 04 Mar, 2021 1 commit
  5. 26 Feb, 2021 2 commits
    • Miranda Kephart's avatar
      [DO NOT MERGE] Close screenshot process on user switched · 3da64c81
      Miranda Kephart authored
      Currently, we keep the process up even if the user switches,
      meaning that in some cases (if the user is switched while the
      screenshot UI is up) we will save images to the wrong profile.
      This change makes ScreenshotHelper listen for user switches and
      close the screenshot service, so that a new screenshot is
      guaranteed to be constructed with the correct user's context.
      Bug: 170474245
      Fix: 170474245
      Test: manual -- verified bad state occurs if user switches within
      the timeout period, ensured that screenshots work immediately
      after switching with this change.
      Change-Id: I9d32d0928e6c2bda161d04555438d0dd7afef0ba
      (cherry picked from commit 7ef1a5dd1506075507412626f2533283d9520144)
      (cherry picked from commit 19f28d7894d4c518b4343e601d745846aaff6562)
    • Yu-Han Yang's avatar
      DO NOT MERGE: Do not inject mock location to chipset · 5a4408a4
      Yu-Han Yang authored
      Bug: 177561690
      Test: on device
      Change-Id: Icafbdf54fe807f8779377b13cb4e4eb265db692e
      (cherry picked from commit 579b74d5cbb08b8dd3461f484cdebcbd9e64c656)
  6. 11 Feb, 2021 3 commits
  7. 07 Feb, 2021 1 commit
  8. 06 Feb, 2021 1 commit
  9. 05 Feb, 2021 5 commits
    • Robert Carr's avatar
      DO NOT MERGE: WM: Only allow system to use NO_INPUT_CHANNEL. · 2608e551
      Robert Carr authored
      NO_INPUT_CHANNEL is a hidden WM flag that allows creation of a window
      without an input channel. Unfortunately in releases prior to Android R
      this would allow creation of a Window which will not be known to the
      InputDispatcher at all. This means that the logic generating
      FLAG_OBSCURED will work and a window will be able to overlay another
      window without the overlayed window being notified. In Android R and
      later this isn't a problem as the InputDispatcher is informed of all
      windows, input channel or not. For past Android releases, this patch
      disables NO_INPUT_CHANNEL for use outside of the WM.
      Bug: 152064592
      Test: Existing tests pass
      Change-Id: I7e1f45cba139eab92e7df88d1e052baba0ae2cc6
      (cherry picked from commit 0fed2d8e7e2b9757c7c40cd445772d52398478b1)
    • Eugene Susla's avatar
      RESTRICT AUTOMERGE · bf7cf4f3
      Eugene Susla authored
      Allow CDM to hide overlays
      Since CDM has sensitive user consent UIs, it should be able to hide
      non-system overlays
      Test: use a 3p overlay app with a visible overlay to ensure overlay disappears when CDM is shown
      Bug: 171221090
      Change-Id: I3274cb7f03f63e1fa99a9ca06759972ce2a51309
      (cherry picked from commit 486773ff4567bbfd63f7f57dc9cb1f0ffb8a6c12)
    • Eugene Susla's avatar
      RESTRICT AUTOMERGE · a7a3bc01
      Eugene Susla authored
      Prevent non-system overlays from showing over CDM UI
      Since CDM grants privileges, it should have the same overlay
      policy as permission UI
      Test: use an app wit ha visible overlay to ensure
      the overlay disappears when CDM is shown
      Fixes: 171221090
      Change-Id: I4daaee7d8b710a72f6166cbb2252ef8af84c2c60
      (cherry picked from commit 068221bbba52ccf652e20f4a42037d9ee05a29c9)
    • Romain Hunault's avatar
      Use the new GitLab CI template · 16bb090d
      Romain Hunault authored
    • Amit Kumar's avatar
      Use correct icons for location, storage and phone_calls permission. · 15f965b2
      Amit Kumar authored
      Change-Id: Ic183158c0d9e835317dbd0ab8d4b0395a96c403c
  10. 02 Feb, 2021 1 commit
  11. 20 Jan, 2021 1 commit
  12. 19 Jan, 2021 2 commits
    • Aaron Kling's avatar
      Add nvcpl hook interfaces · 75ed0a20
      Aaron Kling authored
      NvCPL works in conjunction with the PowerHAL in order to adjust various
      performance knobs based on the app or device specific profiles.
      Change-Id: I4953cbb96d729dbe0cee6d7071b5933586770330
    • Aaron Kling's avatar
      Add nvidia profile manager · a0c71e49
      Aaron Kling authored
      This implements and API for apps to interface with NvCPL and by
      extension the PowerHAL.
      Reverse engineered from the Shield Experience 8.2.0 update then cleaned
      up to match Android standards.
      Change-Id: I774ac62c8867151f21712cfeee25f96a591415ad
  13. 15 Jan, 2021 1 commit
  14. 14 Jan, 2021 1 commit
    • Kevin F. Haggerty's avatar
      Merge tag 'android-security-9.0.0_r64' into staging/lineage-16.0_merge_android-security-9.0.0_r64 · 31664aa5
      Kevin F. Haggerty authored
      Android security 9.0.0 release 64
      * tag 'android-security-9.0.0_r64':
        Ignore GrantCredentials call with unexpected calling uid.
        Protect GrantCredentialsPermissionActivity against overlay.
        [DO NOT MERGE] Make GlobalScreenshot PendingIntents immutable
        Check that Account Parcel has name and type.
        Revoke permission on non-runtime -> runtime upgrade
        Ensure permissions are revoked on state changes
        RESTRICT AUTOMERGE Fix CDM package check
        remove sensitive pii from safetynet logging
        DO NOT MERGE Check fingerprint client against top activity in auth callback
        Fix the issue provider can be wrong when requesting slice permission
      Change-Id: I5686e8a3ed26d5abdec952748e1eb1a33ba8d0c8
  15. 11 Jan, 2021 1 commit
  16. 10 Jan, 2021 1 commit
  17. 08 Jan, 2021 1 commit
    • Dmitry Dementyev's avatar
      Protect account chooser activities against overlay. · 180c0f20
      Dmitry Dementyev authored
      Bug: 172841550
      Test: manual
      Merged-In: I1a16808426934f4a8d12410576d769443e4c2a04
      Merged-In: I3cd5a94386f15cf60a7fe3095b00815e4a6485ae
      Change-Id: I35dc86b5721a4531447a6d99d6c30f23543130cb
      (cherry picked from commit fedbadf57eeeb82813d8fd43aade685659b909c2)
  18. 16 Dec, 2020 2 commits
  19. 15 Dec, 2020 2 commits
  20. 09 Dec, 2020 6 commits
    • Varun Shah's avatar
      RESTRICT AUTOMERGE · 11314107
      Varun Shah authored
      Ensure caller identity is restored in CP quick-path.
      Bug: 172935267
      Test: PoC in bug
      Change-Id: I469bde7d0a0f89c94f1234cf40983395048962e2
      (cherry picked from commit c99b04eb)
    • Winson's avatar
      Remove updateIntentVerificationStatusAsUser from ResolverActivity · f382cadc
      Winson authored
      DO NOT CHERRY PICK ANYWHERE: Security issue
      This API is meant to grant an app complete verification over the
      domains it has declared, meaning it will always resolve the domains it
      declares for web links.
      This can allow an app to take over links that are unowned. Any time a
      user selects "Always" when resolving an Intent in the diambiguation
      dialog, this API would be called, and all subsequent resolutions of any
      domain declared by the app selected would be automatically directed to
      that app, with no prompt to the user.
      From a quick search, it's possible that all usages of this API are
      actually unintended and should be removed. Should be considered for
      deprecation in the future.
      Bug: 163358811
      Test: none, this is not generally testable, see linked bug for context
      Merged-In: Iff7f788a83af68c7fbb1c6b9a8be7b47136be2b6
      Change-Id: Iff7f788a83af68c7fbb1c6b9a8be7b47136be2b6
      (cherry picked from commit 2b1ed5b7)
    • Ivan Chiang's avatar
      Revoke the uri permission when the file is deleted · 4d69266a
      Ivan Chiang authored
      When the file is deleted, renamed or moved, revoke all uri
      permissions with the file
      Bug: 157474195
      Test: manual test with DocumentsUI
      Test: atest DocumentsTest#testAfterMoveDocumentInStorage_revokeUriPermission
      Change-Id: I4ffb183630aadb2d87b0965e8cecf88af15f4534
      Merged-In: I4ffb183630aadb2d87b0965e8cecf88af15f4534
      (cherry picked from commit 9efd606f43abe36f9fcf7f0d1ab0d059c51be514)
      (cherry picked from commit c5c373c2)
    • Bryan Ferris's avatar
      Bryan Ferris authored
      The commit at ag/10876662 did not contain a required import. This change
      fixes the build.
      Bug: 145728687
      Test: `mma` in frameworks/base/services/core/java/com/android/server/wm/
      Change-Id: Ic37e2dc8498b0f6f5308653f4f9935038a486001
      (cherry picked from commit 4236b3e8)
    • lumark's avatar
      [RESTRICT AUTOMERGE] Restrict app transition maximum duration · af8aa1e8
      lumark authored
      As WindowState#startAnimation for restricting window animation duration
      (currently is 10 secs),
      For security reason, we also need to restrict app transition animation
      duration as 3 secs to prevent malicious app may set a long duration or
      infinity repeat counts through ActivityOption#makeCustomAnimation or
      Activity#overridePendingTransition with custom animation set.
      Bug: 145728687
      Test: manual as issue provided test app
      Change-Id: I39051d6e4d2b681ce2becbafe14aab3f3d8ebf6b
      (cherry picked from commit ee11625b)
    • Kevin F. Haggerty's avatar
      Merge tag 'android-security-9.0.0_r63' into staging/lineage-16.0_merge-android-security-9.0.0_r63 · 118a9c5f
      Kevin F. Haggerty authored
      Android Security 9.0.0 Release 63 (6893678)
      * tag 'android-security-9.0.0_r63':
        Fix storing the wrong value of mLockdown in setting
        Make WallpaperMS bind wallpaper component PendingIntent immutable.
      Change-Id: I8ac10ede71fd4707458ddad4cf7dd44efb062b13
  21. 16 Nov, 2020 2 commits
  22. 12 Nov, 2020 3 commits