This project is mirrored from https://github.com/LineageOS/android_frameworks_base.git.
Pull mirroring updated .
- 06 May, 2022 1 commit
-
-
/e/ robot authored
-
- 12 Apr, 2022 1 commit
-
-
Jeff Chang authored
A malicious application could overlay the activity. The overlay is able to be tapped through, which can trick the user into starting a harmful activity. The CL added the flag SYSTEM_FLAG_HIDE_NON_SYSTEM_OVERLAY_WINDOWS for the activity to prevent the tapjacking/overlay attack. Bug: 205595291 Test: atest CtsHarmfulAppWarningHostTestCases Change-Id: Ia1a1ae0dc451e04bf5c31e3cb8cf30a0d8e32991 (cherry picked from commit a04b3666b8619e09e08646c6d5c529d016cbfb47) (cherry picked from commit f36b7b9f) Merged-In: Ia1a1ae0dc451e04bf5c31e3cb8cf30a0d8e32991
-
- 10 Apr, 2022 1 commit
-
-
/e/ robot authored
-
- 12 Mar, 2022 1 commit
-
-
Julia Reynolds authored
Before allowing the group to be deleted, by updating the current check to the method that populates the channel list Test: NotificationManagerServiceTest Bug: 209965481 Change-Id: I9db781c300e96e9c80bd5d21585b8be9b4db08c8 Merged-In: I9db781c300e96e9c80bd5d21585b8be9b4db08c8 (cherry picked from commit 331b6179) (cherry picked from commit adf4be190e39691c99578ee01fc3b19ca0dd16d1) Merged-In: I9db781c300e96e9c80bd5d21585b8be9b4db08c8
-
- 16 Feb, 2022 1 commit
-
-
/e/ robot authored
-
- 13 Feb, 2022 1 commit
-
-
Michael Bestas authored
Change-Id: I5223c5489769390202395ea0ce0f9f73f742bf12
-
- 28 Jan, 2022 1 commit
-
-
/e/ robot authored
-
- 09 Jan, 2022 1 commit
-
-
Kevin F. Haggerty authored
Android security 9.0.0 release 76 * tag 'android-security-9.0.0_r76': Force-set a ClipData to prevent later migration. Revert "Revert "[pm] remove old stage dirs on low storage"" Prevent apps from spamming addAccountExplicitly. See comment here for the discussion on solution https://b.corp.google.com/issues/169762606#comment14 Change-Id: I4c7c703cc3b9990d4ff96cb6b26725942f6b1419
-
- 19 Dec, 2021 1 commit
-
-
/e/ robot authored
-
- 16 Dec, 2021 1 commit
-
-
Kevin F. Haggerty authored
Android security 9.0.0 release 75 * tag 'android-security-9.0.0_r75': Import translations. DO NOT MERGE ANYWHERE Fix serialization bug in GpsNavigationMessage Change-Id: I7da966391a3aae5f689dc7efa0f78dc62aa18e2b
-
- 12 Nov, 2021 4 commits
-
-
Android Build Coastguard Worker authored
Change-Id: Idfc9a60f6a24b6f545b31df366f95e0aa776acf2
-
Jeff Sharkey authored
migrateExtraStreamToClipData() will only offer to promote Uri values if a ClipData isn't already defined, so we ensure that a ClipData value is always defined. This blocks later promotion and granting. Bug: 200683077 Bug: 123700107 Test: manual Change-Id: I99c1411e8b4eb01eb27ac4306e3bf6cc88cb4273 (cherry picked from commit 6ebf410b) (cherry picked from commit 3cf2b049) Merged-In:I99c1411e8b4eb01eb27ac4306e3bf6cc88cb4273
-
Songchun Fan authored
This reverts commit b45ebca772a77bf3fd269d0dcfc1a7af7c73861d. Reason for revert: adding the fix for system to abandon sessions BUG: 67862680 Test: manual Change-Id: I2b735e4860dce6eb6d5d8ddc158e8b3165910dc7 Merged-In: I91170ba399b3a596320b3bd9c8188912e5c4f1be (cherry picked from commit bd25f706) Merged-In:I2b735e4860dce6eb6d5d8ddc158e8b3165910dc7
-
Aseem Kumar authored
See comment here for the discussion on solution https://b.corp.google.com/issues/169762606#comment14 Change-Id: If212df3a3b7be1de0fb26b8e88b2fcbb8077c253 Bug: 169762606 (cherry picked from commit 11053c17b397db67b20e96ce769508766cef7db9) Change-Id: I6494366a5695daedc3f4f0046da9e130a5363f5f Merged-In: If212df3a3b7be1de0fb26b8e88b2fcbb8077c253 (cherry picked from commit 5beff34b) Merged-In:I6494366a5695daedc3f4f0046da9e130a5363f5f
-
- 11 Nov, 2021 1 commit
-
-
/e/ robot authored
-
- 03 Nov, 2021 1 commit
-
-
Kevin F. Haggerty authored
Android security 9.0.0 release 74 * tag 'android-security-9.0.0_r74': TIF: fix issue of using caller-aware methods after clearCallingIdentity() Backporting the change of ag/15629060 to pi-dev DO NOT MERGE Bluetooth: Fix formatting in getAlias() camera2: Fix exception swallowing in params classes createFromParcel Change-Id: Icd47301ba051b4e0d449b7f723870383247a49bd
-
- 17 Oct, 2021 1 commit
-
-
/e/ robot authored
-
- 16 Oct, 2021 1 commit
-
-
Bernardo Rufino authored
This is a CP of ag/14736230 to qt-dev. Apps were able to bypass BAL and BG-FGS restrictions by retrieving their own notifications and firing their PI since those were allowlisted for those operations. Now we strip the token that granted them that ability from notifications returned via NM.getActiveNotifications(), which returns the notifications of the caller. Notifications returned via notification listener APIs still contain such token, as they should. Bug: 185388103 Bug: 169821287 Test: Manually tested Change-Id: I2ede0d639a560f6acacec3864a0a7d23af152ba5 Merged-In: I2ede0d639a560f6acacec3864a0a7d23af152ba5 (cherry picked from commit 5fbeff59) (cherry picked from commit 14c1c7b4)
-
- 08 Oct, 2021 3 commits
-
-
Android Build Coastguard Worker authored
Merge cherrypicks of [16009369, 16012240, 16012308, 16012309, 16012331, 16012215, 16012281, 16012282, 16012283, 16012332, 16012284] into security-aosp-pi-release Change-Id: I60162ffb8663acfcb950bd6db00b84ecf1058a46
-
Yu-Han Yang authored
Bug: 196970023 Test: presubmits passing. Change-Id: I69f51eb2faac0cf2ee9f7a5f94f7100925f7221c (cherry picked from commit 8bcd86e6)
-
- 06 Oct, 2021 1 commit
-
-
Kevin F. Haggerty authored
Android Security 9.0.0 Release 73 (7678331) * tag 'android-security-9.0.0_r73': Send targeted broadcasts to prevent other apps from receiving them. Guard DISABLE_PLUGIN with PLUGIN permission. DO NOT MERGE Apply a maximum char count to the load label api Change ownership of the account request notification. Fix a potential thread safety issue in VectorDrawable Change-Id: Ic686d5035a5995e34f2373177a34fab6e6114020
-
- 01 Oct, 2021 4 commits
-
-
Android Build Coastguard Worker authored
Merge cherrypicks of [15800877, 15799943, 15800878, 15799944, 15800879, 15800987, 15800365, 15799765] into security-aosp-pi-release Change-Id: If13bed92167e933c947ad98410bd3b0f178f5341
-
Hansong Zhang authored
Bug: 180747689 Test: manual Change-Id: Ic309f4aad116fd424d5d0d0e2016d61be8826b78 (cherry picked from commit 3bdad2df)
-
- 20 Sep, 2021 1 commit
-
-
/e/ robot authored
-
- 11 Sep, 2021 1 commit
-
-
Kevin F. Haggerty authored
Android security 9.0.0 release 72 * tag 'android-security-9.0.0_r72': Don't attach private Notification to A11yEvent when user locked Improve ellipsize performance Fix side effects of trace-ipc and dumpheap commands Fix race condition between lockNow() and updateLockscreenTimeout Conflicts: services/core/java/com/android/server/notification/NotificationManagerService.java services/core/java/com/android/server/policy/PhoneWindowManager.java services/tests/uiservicestests/src/com/android/server/notification/BuzzBeepBlinkTest.java Change-Id: I1c3c9e0cb63673d606f81657c5c93c722e6ec147
-
- 10 Sep, 2021 1 commit
-
-
Jayant Chowdhary authored
Do not catch exceptions when we attempt to create the following classes from a parcel - OutputConfiguration - VendorTagDescriptor - VendorTagDescriptorCache - SessionConfiguration This could cause subsequent parcel information to be read incorrectly. Bug: 188675581 Test: Sample app which tries to write invalid data into an OutputConfiguration parcel to send in an intent via Broadcast. When read by the receiving app, gets an exception (not swallowed). Merged-In: I745ca49daa6ca36b1020d518e9f346b52684f2b1 Change-Id: I745ca49daa6ca36b1020d518e9f346b52684f2b1 Signed-off-by:
Jayant Chowdhary <jchowdhary@google.com> (cherry picked from commit 6b0bcd60) (cherry picked from commit 8a115381)
-
- 12 Aug, 2021 6 commits
-
-
Android Build Coastguard Worker authored
Merge cherrypicks of [15539627, 15541570, 15541571, 15541572, 15541573, 15541574] into security-aosp-pi-release Change-Id: Ifcbfac5bd7afd1e1cf7f51b68c807062e11e55e0
-
Sudheer Shanka authored
When sending broadcasts ACTION_SNOOZE_WARNING in NPMS, which may contain sensitive information, explicitly set the package name that should receive it to prevent other apps from receiving them. Bug: 177931370 Test: manual Change-Id: I11d736771d859d2af27d5c84a502ab038974e2e2 Merged-In: I11d736771d859d2af27d5c84a502ab038974e2e2 (cherry picked from commit 1494979a) (cherry picked from commit c72848f9)
-
Dave Mankoff authored
Fixes a p0 security bug. We already have the plugin permission defined in our manifest. Ensure that senders of the DISABLE_PLUGIN broadcast have that permission. Bug: 193444889 Test: manual Change-Id: Iebaba435c17c5644c5357c0683858447f5ffb897 Merged-In: Iebaba435c17c5644c5357c0683858447f5ffb897 (cherry picked from commit c279a42a)
-
Rhed Jao authored
The system is overwhelmed by an enormous label string returned by the load label api. This cl truncates the label string if it exceeds the maximum safe length. Also update the max safe label length to 1000 characters, which is enough. Bug: 67013844 Test: atest PackageManagerTest Change-Id: Ia4d768cc93a47cfb8b6f7c4b6dc73abd801809bd Merged-in: Ia4d768cc93a47cfb8b6f7c4b6dc73abd801809bd (cherry picked from commit b55d314f)
-
Dmitry Dementyev authored
Add "Permission requested by Application..." string. Test: manual Bug: 179338675 Change-Id: Ib66ccc1b39bd1f3f8fa3b1efc38a9d413b72a321 (cherry picked from commit 26de0c23)
-
- 10 Aug, 2021 3 commits
-
-
/e/ robot authored
-
-
- 04 Aug, 2021 1 commit
-
-
Kevin F. Haggerty authored
Android Security 9.0.0 Release 71 (7449186) * tag 'android-security-9.0.0_r71': [RESTRICT AUTOMERGE] Fix OOB write in noteAtomLogged Change-Id: I1442ecb375fb46399606b754191186ad6640b092
-
- 18 Jul, 2021 1 commit
-
-
/e/ robot authored
-