Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 28eb83d9 authored by Android Build Coastguard Worker's avatar Android Build Coastguard Worker
Browse files

Merge cherrypicks of ['ag/20581119', 'ag/20690600', 'ag/20727211',... 

Merge cherrypicks of ['ag/20581119', 'ag/20690600', 'ag/20727211', 'ag/20665167', 'ag/20871702', 'ag/20844713'] into security-aosp-tm-release.

Change-Id: Ica3a7ef7a6264760f09f93d42a1aae4b72bf688a
parents 68441c0c 021f36b3

AndroidManifest.xml

+0 −7
Original line number Diff line number Diff line
@@ -3026,13 +3026,6 @@ 
                       android:value="true" />

        </activity>



        <activity

            android:name=".users.AddSupervisedUserActivity"

            android:label="@*android:string/supervised_user_creation_label"

            android:icon="@drawable/ic_settings_multiuser"

            android:exported="true">

        </activity>



        <activity

            android:name="Settings$PaymentSettingsActivity"

            android:label="@string/nfc_payment_settings_title"

res/layout/add_supervised_user.xml

deleted100644 → 0
+0 −32
Original line number Diff line number Diff line 
<?xml version="1.0" encoding="utf-8"?>

<!--

  ~ Copyright (C) 2021 The Android Open Source Project

  ~

  ~ Licensed under the Apache License, Version 2.0 (the "License");

  ~ you may not use this file except in compliance with the License.

  ~ You may obtain a copy of the License at

  ~

  ~      http://www.apache.org/licenses/LICENSE-2.0

  ~

  ~ Unless required by applicable law or agreed to in writing, software

  ~ distributed under the License is distributed on an "AS IS" BASIS,

  ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

  ~ See the License for the specific language governing permissions and

  ~ limitations under the License.

  -->



<LinearLayout xmlns:android="http://schemas.android.com/apk/res/android"

              android:layout_width="match_parent"

              android:layout_height="match_parent"

              android:layout_margin="16dp"

              android:orientation="vertical">

    <Button

        android:id="@+id/createSupervisedUser"

        android:layout_height="wrap_content"

        android:layout_width="wrap_content"

        android:text="@*android:string/supervised_user_creation_label" />

    <TextView

        android:layout_height="wrap_content"

        android:layout_width="wrap_content"

        android:text="@string/placeholder_activity" />

</LinearLayout>
 
 No newline at end of file

res/values/strings.xml

+0 −3
Original line number Diff line number Diff line
@@ -14128,9 +14128,6 @@ 
    <!-- Text on the dialog button to reboot the device later [CHAR LIMIT=50] -->

    <string name="reboot_dialog_reboot_later">Reboot later</string>









    <!-- Text to explain an activity is a temporary placeholder [CHAR LIMIT=none] -->









    <string name="placeholder_activity" translatable="false">*This is a temporary placeholder fallback activity.</string>

















    <!-- The title of the spatial audio [CHAR LIMIT=none] -->









    <string name="bluetooth_details_spatial_audio_title">Spatial Audio</string>









    <!-- The summary of the spatial audio [CHAR LIMIT=none] -->

























src/com/android/settings/applications/appinfo/AppInfoDashboardFragment.java



+7
−1






























Original line number
Diff line number
Diff line







@@ -408,7 +408,13 @@ public class AppInfoDashboardFragment extends DashboardFragment







            return;









        }









        super.onPrepareOptionsMenu(menu);









        menu.findItem(UNINSTALL_ALL_USERS_MENU).setVisible(shouldShowUninstallForAll(mAppEntry));









        final MenuItem uninstallAllUsersItem = menu.findItem(UNINSTALL_ALL_USERS_MENU);









        uninstallAllUsersItem.setVisible(









                shouldShowUninstallForAll(mAppEntry) && !mAppsControlDisallowedBySystem);









        if (uninstallAllUsersItem.isVisible()) {









            RestrictedLockUtilsInternal.setMenuItemAsDisabledByAdmin(getActivity(),









                    uninstallAllUsersItem, mAppsControlDisallowedAdmin);









        }









        menu.findItem(ACCESS_RESTRICTED_SETTINGS).setVisible(shouldShowAccessRestrictedSettings());









        mUpdatedSysApp = (mAppEntry.info.flags & ApplicationInfo.FLAG_UPDATED_SYSTEM_APP) != 0;









        final MenuItem uninstallUpdatesItem = menu.findItem(UNINSTALL_UPDATES);
































src/com/android/settings/homepage/SettingsHomepageActivity.java



+91
−0






























Original line number
Diff line number
Diff line







@@ -27,9 +27,13 @@ import android.app.ActivityManager;







import android.app.settings.SettingsEnums;









import android.content.ComponentName;









import android.content.Intent;









import android.content.pm.ActivityInfo;









import android.content.pm.PackageManager;









import android.content.pm.UserInfo;









import android.content.res.Configuration;









import android.os.Bundle;









import android.os.Process;









import android.os.RemoteException;









import android.os.UserHandle;









import android.os.UserManager;









import android.text.TextUtils;








@@ -43,6 +47,7 @@ import android.widget.FrameLayout;







import android.widget.ImageView;









import android.widget.Toolbar;



















import androidx.annotation.VisibleForTesting;









import androidx.core.graphics.Insets;









import androidx.core.view.ViewCompat;









import androidx.core.view.WindowCompat;








@@ -65,6 +70,7 @@ import com.android.settings.core.CategoryMixin;







import com.android.settings.core.FeatureFlags;









import com.android.settings.homepage.contextualcards.ContextualCardsFragment;









import com.android.settings.overlay.FeatureFactory;









import com.android.settings.password.PasswordUtils;









import com.android.settingslib.Utils;









import com.android.settingslib.core.lifecycle.HideNonSystemOverlayMixin;


















@@ -431,6 +437,40 @@ public class SettingsHomepageActivity extends FragmentActivity implements







            finish();









            return;









        }



















        ActivityInfo targetActivityInfo = null;









        try {









            targetActivityInfo = getPackageManager().getActivityInfo(targetComponentName,









                    /* flags= */ 0);









        } catch (PackageManager.NameNotFoundException e) {









            Log.e(TAG, "Failed to get target ActivityInfo: " + e);









            finish();









            return;









        }



















        int callingUid = -1;









        try {









            callingUid = ActivityManager.getService().getLaunchedFromUid(getActivityToken());









        } catch (RemoteException re) {









            Log.e(TAG, "Not able to get callingUid: " + re);









            finish();









            return;









        }



















        if (!hasPrivilegedAccess(callingUid, targetActivityInfo)) {









            if (!targetActivityInfo.exported) {









                Log.e(TAG, "Target Activity is not exported");









                finish();









                return;









            }



















            if (!isCallingAppPermitted(targetActivityInfo.permission)) {









                Log.e(TAG, "Calling app must have the permission of deep link Activity");









                finish();









                return;









            }









        }



















        targetIntent.setComponent(targetComponentName);



















        // To prevent launchDeepLinkIntentToRight again for configuration change.








@@ -448,6 +488,19 @@ public class SettingsHomepageActivity extends FragmentActivity implements







        targetIntent.setData(intent.getParcelableExtra(









                SettingsHomepageActivity.EXTRA_SETTINGS_LARGE_SCREEN_DEEP_LINK_INTENT_DATA));



















        // Only allow FLAG_GRANT_READ/WRITE_URI_PERMISSION if calling app has the permission to









        // access specified Uri.









        int uriPermissionFlags = targetIntent.getFlags()









                & (Intent.FLAG_GRANT_READ_URI_PERMISSION | Intent.FLAG_GRANT_WRITE_URI_PERMISSION);









        if (targetIntent.getData() != null









                && uriPermissionFlags != 0









                && checkUriPermission(targetIntent.getData(), /* pid= */ -1, callingUid,









                        uriPermissionFlags) == PackageManager.PERMISSION_DENIED) {









            Log.e(TAG, "Calling app must have the permission to access Uri and grant permission");









            finish();









            return;









        }



















        // Set 2-pane pair rule for the deep link page.









        ActivityEmbeddingRulesController.registerTwoPanePairRule(this,









                new ComponentName(getApplicationContext(), getClass()),








@@ -472,6 +525,44 @@ public class SettingsHomepageActivity extends FragmentActivity implements







        }









    }



















    // Check if calling app has privileged access to launch Activity of activityInfo.









    private boolean hasPrivilegedAccess(int callingUid, ActivityInfo activityInfo) {









        if (TextUtils.equals(PasswordUtils.getCallingAppPackageName(getActivityToken()),









                    getPackageName())) {









            return true;









        }



















        int targetUid = -1;









        try {









            targetUid = getPackageManager().getApplicationInfo(activityInfo.packageName,









                    /* flags= */ 0).uid;









        } catch (PackageManager.NameNotFoundException nnfe) {









            Log.e(TAG, "Not able to get targetUid: " + nnfe);









            return false;









        }



















        // When activityInfo.exported is false, Activity still can be launched if applications have









        // the same user ID.









        if (UserHandle.isSameApp(callingUid, targetUid)) {









            return true;









        }



















        // When activityInfo.exported is false, Activity still can be launched if calling app has









        // root or system privilege.









        int callingAppId = UserHandle.getAppId(callingUid);









        if (callingAppId == Process.ROOT_UID || callingAppId == Process.SYSTEM_UID) {









            return true;









        }



















        return false;









    }



















    @VisibleForTesting









    boolean isCallingAppPermitted(String permission) {









        return TextUtils.isEmpty(permission) || PasswordUtils.isCallingAppPermitted(









                this, getActivityToken(), permission);









    }



















    private String getHighlightMenuKey() {









        final Intent intent = getIntent();









        if (intent != null && TextUtils.equals(intent.getAction(),