This project is mirrored from Pull mirroring updated .
  1. 22 Sep, 2020 2 commits
  2. 13 Sep, 2020 2 commits
  3. 12 Sep, 2020 1 commit
  4. 16 Aug, 2020 1 commit
  5. 15 Aug, 2020 3 commits
  6. 14 Aug, 2020 2 commits
  7. 10 Aug, 2020 1 commit
  8. 09 Aug, 2020 1 commit
  9. 03 Aug, 2020 2 commits
  10. 22 Jul, 2020 1 commit
  11. 18 Jul, 2020 1 commit
  12. 10 Jul, 2020 1 commit
  13. 30 Jun, 2020 4 commits
    • Winson Chiu's avatar
      Revert "Ignores protected broadcasts if not priv-app" · c69f445d
      Winson Chiu authored
      Revert of I5bd2bf3bd7c38fd9cc563a02b24bc569495d79ed
      For now, allow all system apps to declare protected
      broadcasts. This will be cleaned up in a future change.
      Bug: 158570769
      Merged-In: I54d236c0a6daaa934bd64a3bd05e2654e0e868fe
      Change-Id: I54d236c0a6daaa934bd64a3bd05e2654e0e868fe
      (cherry picked from commit b5e3addc5f27149d1b0bbc213ced47b2ade732bf)
    • Christopher Tate's avatar
      Only autoVerify at install for new hosts · e97019f8
      Christopher Tate authored
      Re-run app link verification at update time only when the set of hosts
      has expanded.  Intentionally revoke verify history when an app stops
      using autoVerify, as a one-time measure to place it back into the
      non-autoverify model for tracking the user's launch preferences.  If the
      app starts using autoVerify again later, it behaves identically to an
      app that has never done so before.
      Bug: 151475497
      Bug: 146204120
      Test: described on master CL
      Merged-In: I200d85085ce79842a3ed39377d1f75ec381c8991
      Change-Id: Ibaf087946966ad82d60c7b255e3ee75990716b63
      (cherry picked from commit 3e76c30b7db2cb431e84a3e933c839fefe283c6d)
    • Winson's avatar
      DO NOT MERGE: Verify INSTALL_PACKAGES permissions when adding installer package · 40509362
      Winson authored
      Without this check, any package can set the installer package of
      another package whose installer has been removed or was never set.
      This provides access to other privileged actions and is undesired.
      Bug: 150857253
      Test: manual verify with proof of concept in linked bug
      Test: atest android.appsecurity.cts.PackageSetInstallerTest
      Merged-In: I2159c357911ff39ffd819054b42f96ae86bc98bc
      Change-Id: I2159c357911ff39ffd819054b42f96ae86bc98bc
      (cherry picked from commit 8220483a)
    • Chris Tate's avatar
      Revert "Revoke 'always' web handler status when not autoverifying" · 651c8328
      Chris Tate authored
      This reverts commit ce22265e.
      Reason for revert: Inadvertently broke link handling stickiness even for well behaved apps
      Bug: 146204120
      Test: install app that handles web urls; set to 'always' in Settings;
      install same apk again.  Verify that app is still in 'always' state via
      'adb shell dumpsys package d'
      Merged-In: Ifac4f0c044c2c575a29bdd5ce5d14d12373fbe70
      Merged-In: If9046cb420961b8ef0333e9f1115eb69fb92242e
      Change-Id: Ife6cd66e0bae5738c08962a8fa9397973e33f28e
      (cherry picked from commit 63b6cfd9)
  14. 29 Jun, 2020 2 commits
  15. 23 Jun, 2020 1 commit
  16. 05 Jun, 2020 3 commits
  17. 04 Jun, 2020 5 commits
    • Julia Reynolds's avatar
      DO NOT MERGE Make intents immutable · 6c68f9b4
      Julia Reynolds authored
      Test: make
      Fixes: 154719656
      Change-Id: I212ca5f1a48174ed85311b551259da314718f082
      Merged-In: I212ca5f1a48174ed85311b551259da314718f082
      (cherry picked from commit 36b33527)
      (cherry picked from commit f596432f)
    • Jing Ji's avatar
      More fixes towards the race conditions in AMS · 9caadd4e
      Jing Ji authored
      Bug: 142986887
      Bug: 140108616
      Test: Manual
      Change-Id: I6e0bdc8c02bab54f6278096b3a3acadd97c064c6
      Merged-In: I6e0bdc8c02bab54f6278096b3a3acadd97c064c6
      (cherry picked from commit b2e84f04)
      (cherry picked from commit 9f8923d5)
    • Diksha Gohlyan's avatar
      Add back enforceReadPermission for getmetadata · a4f296fa
      Diksha Gohlyan authored
      Test: manually tested
      Bug: 151095863
      Change-Id: I29ef120c10c488550b85269e598aeb6ff9505038
      Merged-In: I4f04f08f76d039196c2c67bac80d4a46ebec87f2
      (cherry picked from commit 71ec29b0)
    • Linus Tufvesson's avatar
      RESTRICT AUTOMERGE · 0df7ee91
      Linus Tufvesson authored
      This change is the union of
      I2aaab1903dee54190338f7b6e49888aa51437108 and I58834636e092f992e403342e36b475dc60e8f20ai
      Original CL descriptions:
      *** I2aaab1903dee54190338f7b6e49888aa51437108
      Block TYPE_PRESENTATION windows on default display
      ... and any other display that isn't considered a public presentation
      display, as per Display.isPublicPresentation()
      *** I58834636e092f992e403342e36b475dc60e8f20a
      Use TYPE_PRIVATE_PRESENTATION for private presentations
      Detect if the Presenation is targeting a private virtual display, and if they
      are use the windowType TYPE_PRIVATE_PRESENTATION.
      Bug: 141745510
      Test: atest CtsWindowManagerDeviceTestCases:android.server.wm.PresentationTest CtsDisplayTestCases:android.display.cts.VirtualDisplayTest
      Change-Id: I9f1c4b140ab4bc6183151aafc5501e8648fbc3fa
      (cherry picked from commit d663d274)
    • Christopher Tate's avatar
      DO NOT MERGE - Kill apps outright for API contract violations · aa0d786c
      Christopher Tate authored
      ...rather than relying on in-app code to perform the shutdown.
      Backport of security fix.
      Bug: 128649910
      Bug: 140108616
      Test: manual
      Test: atest OsHostTests#testForegroundServiceBadNotification
      Change-Id: I94d9de50bb03c33666471e3dbd9c721e9278f7cb
      Merged-In: I94d9de50bb03c33666471e3dbd9c721e9278f7cb
      (cherry picked from commit a79b6ba5)
  18. 29 May, 2020 1 commit
  19. 27 May, 2020 1 commit
  20. 20 May, 2020 2 commits
  21. 12 May, 2020 1 commit
  22. 08 May, 2020 1 commit
    • Eugene Susla's avatar
      RESTRICT AUTOMERGE · 8d50c49d
      Eugene Susla authored
      Prevent accessing companion records from arbitrary uids
      Test: manual
      Fixes: 129476618
      Change-Id: I7b18cfcdf58e62a445cbb508116c6ce7c1cea8d7
      (cherry picked from commit 84cccfe6)
  23. 05 May, 2020 1 commit
    • Kevin F. Haggerty's avatar
      Merge tag 'android-9.0.0_r56' of... · 5df86086
      Kevin F. Haggerty authored
      Merge tag 'android-9.0.0_r56' of into staging/lineage-16.0_merge-android-9.0.0_r56
      Android 9.0.0 release 56
      * tag 'android-9.0.0_r56' of
        Verify all possible hosts that match web nav
        RESTRICT AUTOMERGE Prevent accessing companion records from arbitrary uids
        Revert "DO NOT MERGE - Kill apps outright for API contract violations"
        RESTRICT AUTOMERGE Use consistent calling uid and package in navigateUpTo
        RESTRICT AUTOMERGE Create separated tasks for different apps from startActivities
        DO NOT MERGE - Kill apps outright for API contract violations
        DO NOT MERGE Ensure package names read from config are system packages.
        RESTRICT AUTOMERGE Update keyguard locked state from TrustManagerService
        Only suspend package from system or shell
      Change-Id: I678145bad18e8b34e462cde9f79f2952085f5e55