MR April 2022 Sec Patch#14
Merged
goodmeow merged 21 commits intoNusantaraProject-ROM:11from May 4, 2022
BayerischeMotorenWerke:11
Merged
MR April 2022 Sec Patch#14goodmeow merged 21 commits intoNusantaraProject-ROM:11from BayerischeMotorenWerke:11
goodmeow merged 21 commits intoNusantaraProject-ROM:11from
BayerischeMotorenWerke:11
Conversation
This reverts commit b45ebca. Reason for revert: adding the fix for system to abandon sessions BUG: 67862680 Test: manual Change-Id: I5b762a29d12f62b516a59a85530386236259308b Merged-In: I91170ba399b3a596320b3bd9c8188912e5c4f1be (cherry picked from commit c98f06c) (cherry picked from commit 8408d434030650c7ab26197030375765b24eeedd) Merged-In:I5b762a29d12f62b516a59a85530386236259308b
Change-Id: I9bf68908bc9a06452b02e461c012a999626a2475
See comment here for the discussion on solution https://b.corp.google.com/issues/169762606#comment14 Change-Id: If212df3a3b7be1de0fb26b8e88b2fcbb8077c253 Bug: 169762606 (cherry picked from commit 11053c1) Change-Id: I3ff7d8f4df086cb4c153e7ec873b85a093810722 Merged-In: If212df3a3b7be1de0fb26b8e88b2fcbb8077c253 (cherry picked from commit c65b81b) Merged-In:I3ff7d8f4df086cb4c153e7ec873b85a093810722
…s off. This adds a force flag, which we will use when turning the screen off to make sure that all UI components are reset to the SHADE state regardless. Bug: 189575031 Test: make a call; lock screen; pull down shade Merged-In: I79baeb71ac5d1ed45602ac55cdca996b3bed0ac3 Change-Id: I79baeb71ac5d1ed45602ac55cdca996b3bed0ac3 (cherry picked from commit 9be6207) Merged-In:I79baeb71ac5d1ed45602ac55cdca996b3bed0ac3
If a profile owner is defined for a specific user, do not delete usage stats for a package on package deletion. Bug: 197399948 Test: atest UsageStatsTest [all] Change-Id: I94a8e3dfca8ef4c7616f77944d61726e06043b85 Merged-In: I94a8e3dfca8ef4c7616f77944d61726e06043b85 (cherry picked from commit d95ce67) Merged-In:I94a8e3dfca8ef4c7616f77944d61726e06043b85
This line was removed in O, S, & P, but somehow survived in the Q and R branches. Bug: 193444889 Merged-In: I56589865427b10e2eab68e1ed2e7c290572a9edc Change-Id: I56589865427b10e2eab68e1ed2e7c290572a9edc (cherry picked from commit 1b13bc8) Merged-In:I56589865427b10e2eab68e1ed2e7c290572a9edc
Recreating the control's intent in SystemUI can be exploited to launch Intent's with SystemUI's privileges, rather than what is limited to the application. Use the fillInIntent parameter to supply additional parameters to the application. Bug: 193445603 Test: Follow directions in bug to retest Change-Id: Ib2b0342af85679c0514fb4d88530376b58e6e12a Merged-In: (cherry picked from commit 0e120a5) (cherry picked from commit d7b16dd) Merged-In:Ib2b0342af85679c0514fb4d88530376b58e6e12a
…without Parcel private APIs. Bug:197228210 Test: atest CtsSecurityTestCases:android.security.cts.AndroidFutureTest (cherry picked from I577da5a3bc4ed537123b7eceaa5addf8f7bb0d92 and Icc5ce702f0cd84e9136dee3c65f63619df697358) Change-Id: I1d488c475f2f7af835a67496535cecdd6987c0cf (cherry picked from commit 562f1bd) Merged-In:I1d488c475f2f7af835a67496535cecdd6987c0cf
Bug: 175430552 Bug: 197399948 Test: build, flash, watch logcat Change-Id: If441946fa278c04ae88122f6243f5a7dedd96ebc Merged-In: If441946fa278c04ae88122f6243f5a7dedd96ebc (cherry picked from commit bd27c36) (cherry picked from commit bcb5ee6) (cherry picked from commit b5fa0a6) Merged-In:If441946fa278c04ae88122f6243f5a7dedd96ebc
The value may be inconsistent between BasePermission.perm.protection-
Level and BasePermission.getProtectionLevel() within the same object.
Update the perm to fix the inconsistency.
Bug: 209607944
Test: manually using the PoC on the buganizer to ensure the symptom
no longer exists.
Change-Id: I19d6135f98bee9392d85e56478c42e06cfea8ba5
(cherry picked from commit b5efdf7)
Merged-In:I19d6135f98bee9392d85e56478c42e06cfea8ba5
Before allowing the group to be deleted, by updating the current check to the method that populates the channel list Test: NotificationManagerServiceTest Bug: 209965481 Change-Id: I9db781c300e96e9c80bd5d21585b8be9b4db08c8 Merged-In: I9db781c300e96e9c80bd5d21585b8be9b4db08c8 (cherry picked from commit 6456b62) Merged-In:I9db781c300e96e9c80bd5d21585b8be9b4db08c8
According to the docs, an onNullBinding requires the service to be manually unbound. Test: test apk that return null on onBind Test: atest ControlsProviderLifecycleManager Fixes: 212286849 Change-Id: I71a59b875bbf9eb411e6e92ddc5a04a7353a46c4 (cherry picked from commit d0e683b) Merged-In:I71a59b875bbf9eb411e6e92ddc5a04a7353a46c4
For all other requests, drop this flag. Test: atest FlagSlipperyTest Bug: 157929241 Change-Id: Ia30f1c38d5ddb351c90b748ea76448a76a9dde7b Merged-In: Ia30f1c38d5ddb351c90b748ea76448a76a9dde7b (cherry picked from commit 07e7aaf) Merged-In:Ia30f1c38d5ddb351c90b748ea76448a76a9dde7b
This permission allows the app to use FLAG_SLIPPERY. This means, windows of the app that has this permission can let touches slip out when the finger moves out of the window bounds. Bug: 157929241 Bug: 206188649 Test: atest FlagSlipperyTest Change-Id: I9ccdfd298f32c36b9c4da68c2e9c355c97dc7593 Merged-In: I9ccdfd298f32c36b9c4da68c2e9c355c97dc7593 (cherry picked from commit cccf191) Merged-In:I9ccdfd298f32c36b9c4da68c2e9c355c97dc7593
It will throw if abandon() is called on a child session. Bug: 211944991 Bug: 67862680 Test: to be added Change-Id: Ib0ba9f3786dda2d3174f3ea8c65d1061a3fcb586 Merged-In: Ib0ba9f3786dda2d3174f3ea8c65d1061a3fcb586 (cherry picked from commit 8b67e7d) (cherry picked from commit c685f8b) Merged-In:Ib0ba9f3786dda2d3174f3ea8c65d1061a3fcb586
Signed-off-by: InVictusXV <aradheakiki123@gmail.com>
setBlocked is a hidden API, so apps should not be calling the method, but fix up the data in case they do Test: PreferencesHelperTest; manual with ApiDemos FGS Bug: 209966086 Change-Id: Icc709a6b0d0a8c5f2d9243959992f1b6764354db Merged-In: I8a27853c7ed05d9dfd38a3142fbbe185946c3992 (cherry picked from commit c5b5453) Merged-In:Icc709a6b0d0a8c5f2d9243959992f1b6764354db
[This is a resbumit, previous fix ag/I0aca484e5a0dd051bbeac379d30b0fb4ecfa2da0 was reverted because the incorrect resetFgsRestrictionLocked() call] Foreground service started from background shall not have while-in-use access like location/camera/microphone. Previously we set mAllowWhileInUsePermissionInFgs only at service start by startService() or bindService() command. But after service start, the Service.startForeground() call may be some time later and at that time the caller may not be in the foreground any more. This CL will add further restriction on that. 1. If the first Service.startForeground() call is more than 10 seconds (can be configured by DeviceConfig key "fgs_start_foreground_timeout") after the Context.startService() call, check the service's app proc state and set mAllowWhileInUsePermissionInFgs again. 2. At Service.stopForeground() call, mAllowWhileInUsePermissionInFgs should be reset to false so FGS while-in-use permission is not allowed. 3. After Context.startForegroundService()(or Context.startService()) -> Service.startForeground() -> Service.stopForeground(), the second or more times Service.startForeground() is called, check the service's app proc state and set mAllowWhileInUsePermissionInFgs again. This CL is the backport of ag/Idc88f274c7a323d175d65bb47eca041772ae9bb7 from S branch. Bug: 183147114 Bug: 183204439 Test: atest cts/tests/app/src/android/app/cts/ActivityManagerFgsBgStartTest.java#testStartForegroundTimeout Test: atest cts/tests/app/src/android/app/cts/ActivityManagerFgsBgStartTest.java#testSecondStartForeground Change-Id: Ie8712b8efe85aa8a6769b811c85a29c4013e58b9 Merged-In: Idc88f274c7a323d175d65bb47eca041772ae9bb7 (cherry picked from commit d5abccf) Merged-In:Ie8712b8efe85aa8a6769b811c85a29c4013e58b9
…arningActivity A malicious application could overlay the activity. The overlay is able to be tapped through, which can trick the user into starting a harmful activity. The CL added the flag SYSTEM_FLAG_HIDE_NON_SYSTEM_OVERLAY_WINDOWS for the activity to prevent the tapjacking/overlay attack. Bug: 205595291 Test: atest CtsHarmfulAppWarningHostTestCases Change-Id: Ia1a1ae0dc451e04bf5c31e3cb8cf30a0d8e32991 (cherry picked from commit a04b366) (cherry picked from commit 2c87a8a) Merged-In:Ia1a1ae0dc451e04bf5c31e3cb8cf30a0d8e32991
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
10 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.