This project is mirrored from https://github.com/LineageOS/android_frameworks_base.git.
Pull mirroring updated .
- 13 Jul, 2022 1 commit
-
-
Aayush Gupta authored
-
- 07 Jul, 2022 1 commit
-
-
Kevin F. Haggerty authored
Merge tag 'android-security-11.0.0_r57' of https://android.googlesource.com/platform/frameworks/base into staging/lineage-18.1_merge_android-security-11.0.0_r57 Android security 11.0.0 release 57 * tag 'android-security-11.0.0_r57' of https://android.googlesource.com/platform/frameworks/base: Crash invalid FGS notifications [RESTRICT AUTOMERGE] Log to EventLog on prepareUserStorage failure [RESTRICT AUTOMERGE] Ignore errors preparing user storage for existing users [RESTRICT AUTOMERGE] UserDataPreparer: reboot to recovery for system user only [RESTRICT AUTOMERGE] UserDataPreparer: reboot to recovery if preparing user storage fails [RESTRICT AUTOMERGE] StorageManagerService: don't ignore failures to prepare user storage Change-Id: Ia902573185b3700e03308aa1a5f995b0ad0c9ee0
-
- 13 Jun, 2022 1 commit
-
-
Aayush Gupta authored
-
- 07 Jun, 2022 1 commit
-
-
Kevin F. Haggerty authored
Merge tag 'android-security-11.0.0_r56' of https://android.googlesource.com/platform/frameworks/base into staging/lineage-18.1_merge_android-security-11.0.0_r56 Android Security 11.0.0 Release 56 (8528208) * tag 'android-security-11.0.0_r56' of https://android.googlesource.com/platform/frameworks/base: Disallow PAP authentication when MPPE is requested limit TelecomManager#registerPhoneAccount to 10; api doc update [rvc] RESTRICT AUTOMERGE Add finalizeWorkProfileProvisioning. Fix NPE Prevent non-admin users from deleting system apps. Fix security hole in GateKeeperResponse DO NOT MERGE Add an OEM configurable limit for zen rules Update GeofenceHardwareRequestParcelable to match parcel/unparcel format. Change-Id: I253da8c9f716439e73108e0568f9934a1984c134
-
- 20 May, 2022 2 commits
-
-
Aayush Gupta authored
-
This is for handheld gaming devices that have batteries and are using Android TV. Change-Id: I22592699214d40aac2a733203b05c076b2a1ae70
-
- 16 May, 2022 2 commits
-
-
Android Build Coastguard Worker authored
Merge cherrypicks of [17416247, 17416248, 17416249, 17416250, 17452194, 17874414, 17864680] into security-aosp-rvc-release. Change-Id: I2f6c72a9a9ab7c22c481e167f1215ffcf29028de
-
Julia Reynolds authored
Test: CTS, ActivityManagerProcessStateTest Fixes: 191981182 Change-Id: I13a0202b25c8118db47edba11a93c1939c94b392 (cherry picked from commit 6f657f8f) (cherry picked from commit cb3c5c30092fb8527ff14118ccf04eae3a8363cb) Merged-In: I13a0202b25c8118db47edba11a93c1939c94b392
-
- 13 May, 2022 5 commits
-
-
Eric Biggers authored
Bug: 224585613 Change-Id: Id6dfb4f4c48d5cf4e71f54bdb6d0d6eea527caf5 (cherry picked from commit fbb632ea95ac5b6d9efa89e09d0988a9df4f19e4) Merged-In: Id6dfb4f4c48d5cf4e71f54bdb6d0d6eea527caf5 (cherry picked from commit 0762961674f1454b7c7012a0ab53c427570e836c) Merged-In: Id6dfb4f4c48d5cf4e71f54bdb6d0d6eea527caf5
-
Eric Biggers authored
Unfortunately we can't rule out the existence of devices where the user storage wasn't properly prepared, due to StorageManagerService previously ignoring errors from mVold.prepareUserStorage, combined with OEMs potentially creating files in per-user directories too early. And forcing these broken devices to be factory reset upon taking an OTA is not currently considered to be acceptable. One option is to only check for prepareUserStorage errors on devices that launched with T or later. However, this is a serious issue and it would be strongly preferable to do more than that. Therefore, this CL makes it so that errors are checked for all new users, rather than all new devices. A field ignorePrepareStorageErrors is added to the user record; it is only ever set to true implicitly, when reading a user record from disk that lacks this field. This field is used by StorageManagerService to decide whether to check for errors. Bug: 164488924 Bug: 224585613 Test: Intentionally made a device affected by this issue by reverting the CLs that introduced the error checks, and changing vold to inject an error into prepareUserStorage. Then, flashed a build with this CL without wiping userdata. The device still boots, as expected, and the log shows that the error was intentionally ignored. Tested that if a second user is added, the error is *not* ignored and the second user's storage is destroyed before it can be used. Finally, wiped the device and verified that it won't boot up anymore, as expected since error checking is enabled for the system user in that case. Change-Id: I9bdd1a4bf5b14542adb901f264a91d489115c89b (cherry picked from commit 60d8318c47b7b659716d71243d087b34ab327f64) Merged-In: I9bdd1a4bf5b14542adb901f264a91d489115c89b (cherry picked from commit e03e987337accde646e4e86c1fdfe02c0d78d743) Merged-In: I9bdd1a4bf5b14542adb901f264a91d489115c89b
-
Eric Biggers authored
With the next CL, old devices might contain a combination of old users with prepareUserStorage error checking disabled and new users with prepareUserStorage error checking enabled. Factory resetting the whole device when any user fails to prepare may be too aggressive. Also, UserDataPreparer already destroys the affected user's storage when it fails to prepare, which seems to be fairly effective at breaking things for that user (absent proper error handling by upper layers). Therefore, let's only factory reset the device if the failing user is the system user. Bug: 164488924 Bug: 224585613 Change-Id: Ia1db01ab4ec6b3b17d725f391c3500d92aa00f97 (cherry picked from commit 4c76da76c9831266e4e63c0618150bed10a929a7) Merged-In: Ia1db01ab4ec6b3b17d725f391c3500d92aa00f97 (cherry picked from commit ecf569bd1623231984e9ec9823edb82f52d7846a) Merged-In: Ia1db01ab4ec6b3b17d725f391c3500d92aa00f97
-
Eric Biggers authored
StorageManager.prepareUserStorage() can throw an exception if a directory cannot be encrypted, for example due to already being nonempty. In this case, usage of the directory must not be allowed to proceed. UserDataPreparer currently handles this by deleting the user's directories, but the error is still ultimately suppressed and starting the user is still allowed to proceed. The correct behavior in this case is to reboot into recovery to ask the user to factory reset the device. This is already what happens when 'init' fails to encrypt a directory with the system DE policy. However, this was overlooked for the user directories. Start doing this. Bug: 164488924 Bug: 224585613 Change-Id: Ib5e91d2510b25780d7a161b91b5cee2f6f7a2e54 (cherry picked from commit 5256365e65882b81509ec2f6b9dfe2dcf0025254) Merged-In: Ib5e91d2510b25780d7a161b91b5cee2f6f7a2e54 (cherry picked from commit 69c3ce70c6dcabf57219d338af86e569ea672ef5) Merged-In: Ib5e91d2510b25780d7a161b91b5cee2f6f7a2e54
-
Eric Biggers authored
We must never leave directories unencrypted. Bug: 164488924 Bug: 224585613 Change-Id: I9a38ab5cca1ae9c9ebff81fca04615fd83ebe4b2 (cherry picked from commit 50946dd15fd14cbf92b5c7e32ac7a0f088b8b302) Merged-In: I9a38ab5cca1ae9c9ebff81fca04615fd83ebe4b2 (cherry picked from commit ecffe3ecbf4cb01055bd2f852d95396f2475fc01) Merged-In: I9a38ab5cca1ae9c9ebff81fca04615fd83ebe4b2
-
- 10 May, 2022 1 commit
-
-
Aayush Gupta authored
-
- 04 May, 2022 1 commit
-
-
Kevin F. Haggerty authored
Android Security 11.0.0 Release 55 (8287685) * tag 'android-security-11.0.0_r55': Always restart apps if base.apk gets updated. Verify caller before auto granting slice permission [DO NOT MERGE] Keyguard - Treat messsages to lock with priority [RESTRICT AUTOMERGE] Do not resume activity if behind a translucent task Filter notification APIs by user Conflicts: services/core/java/com/android/server/wm/RootWindowContainer.java Change-Id: I3de384c44e161c0ad6b2dd0540e9ad0eb5346c11
-
- 02 May, 2022 9 commits
-
-
Android Build Coastguard Worker authored
Merge cherrypicks of [16961349, 17186290, 17046136, 17343925, 17408864, 17591190, 17591530, 16908080, 17614780] into security-aosp-rvc-release. Change-Id: I47e20d457154fa79820017454ec6034645ffb1d5
-
Remi NGUYEN VAN authored
MPPE cannot work if PAP is used as authentication, so it is not useful to allow PAP authentication when MPPE is enforced: establishing the tunnel would fail anyway with "MPPE required, but MS-CHAP[v2] auth not performed". Also users enforcing MPPE may assume that this means PAP will not be used for authentication, so without this change MPPE enforcement gives a false sense of security, as PAP uses plain-text credentials. Bug: 201660636 Test: atest VpnTest Merged-In: Ie318d45fe44294e97cf38da7f1834cf014cb4417 Change-Id: Ie318d45fe44294e97cf38da7f1834cf014cb4417 (cherry picked from commit 997a4a39268b4f3af7ccc388269b5eb1972d3624) (cherry picked from commit 4f319df8) Merged-In: Ie318d45fe44294e97cf38da7f1834cf014cb4417
-
Thomas Stuart authored
bug: 209814693 Bug: 217934478 Test: CTS Change-Id: I8e4425a4e7de716f86b1f1f56ea605d93f357a57 Merged-In: I8e4425a4e7de716f86b1f1f56ea605d93f357a57 (cherry picked from commit f0f67b5a) Merged-In: I8e4425a4e7de716f86b1f1f56ea605d93f357a57
-
Jonathan Scott authored
Test: atest android.devicepolicy.cts.DevicePolicyManagerTest Bug: 210469972 Change-Id: I2de99f9ccd8b27ffdc2562fa451f132e73d54317 (cherry picked from commit bde28d28) Merged-In: I2de99f9ccd8b27ffdc2562fa451f132e73d54317
-
JW Wang authored
NPE happens when there is an orphaned session which we've tried to prevent in all cases. Log an error message if this situation happens. Bug: 227342978 Test: atest CtsRootPackageInstallerHostTestCases Change-Id: Ia21323926bd9db1a6f05461904deb45b4c3dd0bc (cherry picked from commit 07e31dfb1efabc8110d64819f26a06e12a35e020) Merged-In: Ia21323926bd9db1a6f05461904deb45b4c3dd0bc (cherry picked from commit e58049a3) Merged-In: Ia21323926bd9db1a6f05461904deb45b4c3dd0bc
-
Oli Lan authored
This addresses a security issue where the guest user can remove updates for system apps. With this CL, attempts to uninstall/downgrade system apps will fail if attempted by a non-admin user. This is a backport of ag/17352264. Bug: 170646036 Test: manual, try uninstalling system app update as guest Change-Id: I79c3bf303e729e00d8fb12c40330bc10c5ffec6e Merged-In: I4e959e296cca9bbdfc8fccc5e5e0e654ca524165 (cherry picked from commit 6c870e15) Merged-In: I79c3bf303e729e00d8fb12c40330bc10c5ffec6e
-
Ayush Sharma authored
GateKeeperResponse has inconsistent writeToParcel() and createFromParcel() methods, making it possible for a malicious app to create a Bundle that changes contents after reserialization. Such Bundles can be used to execute Intents with system privileges. We fixed related issues previously for GateKeeperResponse class, but one of the case was remaining when payload is byte array of size 0, Fixing this case now. Bug: 220303465 Test: With the POC provided in the bug. Change-Id: Ida28d611edd674e76ed39dd8037f52abcba82586 Merged-In: Ida28d611edd674e76ed39dd8037f52abcba82586 (cherry picked from commit 46653a91c30245ca29d41d69174813979a910496) Change-Id: I486348c7a01c6f59c952b20fb4a36429fff22958 (cherry picked from commit 658c53c4) Merged-In: I486348c7a01c6f59c952b20fb4a36429fff22958
-
Julia Reynolds authored
Test: ZenModeHelperTest Bug: 220735360 Change-Id: I3da105951af90007bf48dc6cf00aed3e28778b36 Merged-In: I3da105951af90007bf48dc6cf00aed3e28778b36 (cherry picked from commit 1db5d402) Merged-In: I3da105951af90007bf48dc6cf00aed3e28778b36
-
David Christie authored
Test: manual Bug: 216631962 Change-Id: I3d6d1be9d6c312fe0bf98f600ff8fc9c617f8ec3 (cherry picked from commit ba3acb3e) Merged-In: I3d6d1be9d6c312fe0bf98f600ff8fc9c617f8ec3
-
- 15 Apr, 2022 1 commit
-
-
Aayush Gupta authored
-
- 05 Apr, 2022 2 commits
-
-
Kevin F. Haggerty authored
Android security 11.0.0 release 54 * tag 'android-security-11.0.0_r54': [RESTRICT AUTOMERGE] Add hide-non-system-overlay flag for HarmfulAppWarningActivity BG-FGS-start while-in-use permission restriction improvement. Restrict AdbManager broadcasts to apps with MANAGE_DEBUGGING permission. Prevent apps from creating blocked channel groups Change-Id: I8b6370cb873a42f9c41ca24f24a69a18d3b1e0fc
-
Kevin F. Haggerty authored
Upstream change 5d30b701 ("BG-FGS-start while-in-use permission restriction improvement") properly fixes what we needed to work-around. This reverts commit b64352d7. Change-Id: I00b3ab4161dceddff015e4f5365cd777acfe2faa
-
- 31 Mar, 2022 1 commit
-
-
Aayush Gupta authored
-
- 30 Mar, 2022 4 commits
-
-
Jonathan Klee authored
Pretend the device does not support key attestation See merge request !113
-
Jonathan Klee authored
Indeed, adding this extra space at the end of the model name prevent the enforcement of hardware-backend attestation. This patch is based on kdrag0n's patch: https://github.com/ProtonAOSP/android_frameworks_base/commit/f1d08fac5cc41c7d44961ca8ab554574864f5579
-
Jonathan Klee authored
This allow us to pass SafetyNet. We shunt hardware-backed key attestation to fallback to basic integrity check. This patch is based on kdrag0n's patch: https://github.com/ProtonAOSP/android_frameworks_base/commit/1981f91e9c86aa8284d5858b950364ba0b1859c2
-
jiabin authored
There is no longer a requirement for IEC61937 streams to be stereo. For high bit-rate streams they may have 8 channels. Test: create AudioTrack with 8 channel IEC61937 Bug: 31916412 Change-Id: I4dfd3e78041a81601d5bde47a4deaa0313066028
-
- 23 Mar, 2022 2 commits
-
-
Romain Hunault authored
Location: always return false when querying mock provider See merge request !111
-
Aayush Gupta authored
-
- 22 Mar, 2022 2 commits
-
-
Jeff DeCew authored
Using Resources.getDrawable(int) is deprecated because it lacks theme information, and I was seeing a crash because theme attributes were not fully resolved. Test: manual Change-Id: Idf1b13e16362c2e06227813f4298091ba4406bd5
-
Abhishek Aggarwal authored
-
- 17 Mar, 2022 1 commit
-
-
Aayush Gupta authored
-
- 16 Mar, 2022 1 commit
-
-
Aaron Kling authored
Change-Id: Ib001ce767067e3789ea5957ac9b23ed416341d18
-
- 14 Mar, 2022 1 commit
-
-
Aayush Gupta authored
-
- 10 Mar, 2022 1 commit
-
-
Android Build Coastguard Worker authored
Merge cherrypicks of [16873394, 16811765, 16371387, 17089346, 17112304] into security-aosp-rvc-release. Change-Id: I8b72dbaa21562144b6555532ff531a5edd22b3a5
-