diff options
author | Bill Yi <byi@google.com> | 2017-04-03 12:39:53 -0700 |
---|---|---|
committer | Bill Yi <byi@google.com> | 2017-04-03 12:39:53 -0700 |
commit | ad6108c182bc32f186878e12dd79d13d4b503198 (patch) | |
tree | 1f4b941f81872b13f358bc7e4865c11c316f5c1f | |
parent | 5549a1f8372a46176486039e0f135f78b42cc0e3 (diff) | |
parent | 9caf6cca41c94e7e590188a4e06ffde75ef1f481 (diff) | |
download | base-ad6108c182bc32f186878e12dd79d13d4b503198.tar.gz |
Merge remote-tracking branch 'goog/security-aosp-mnc-mr1-release' into HEAD
Change-Id: I14308d604566ff36070b220d0da1a3e5044a8694
3 files changed, 48 insertions, 39 deletions
diff --git a/core/jni/com_android_internal_os_Zygote.cpp b/core/jni/com_android_internal_os_Zygote.cpp index 06de18e95c3c..4f9ea68ade5a 100644 --- a/core/jni/com_android_internal_os_Zygote.cpp +++ b/core/jni/com_android_internal_os_Zygote.cpp @@ -474,7 +474,7 @@ static pid_t ForkAndSpecializeCommon(JNIEnv* env, uid_t uid, gid_t gid, jintArra // This would cause failures because the FDs are not whitelisted. // // Note that the zygote process is single threaded at this point. - if (sigprocmask(SIG_BLOCK, &sigchld, NULL) == -1) { + if (sigprocmask(SIG_BLOCK, &sigchld, nullptr) == -1) { ALOGE("sigprocmask(SIG_SETMASK, { SIGCHLD }) failed: %s", strerror(errno)); RuntimeAbort(env, __LINE__, "Call to sigprocmask(SIG_BLOCK, { SIGCHLD }) failed."); } @@ -510,7 +510,7 @@ static pid_t ForkAndSpecializeCommon(JNIEnv* env, uid_t uid, gid_t gid, jintArra RuntimeAbort(env, __LINE__, "Unable to reopen whitelisted descriptors."); } - if (sigprocmask(SIG_UNBLOCK, &sigchld, NULL) == -1) { + if (sigprocmask(SIG_UNBLOCK, &sigchld, nullptr) == -1) { ALOGE("sigprocmask(SIG_SETMASK, { SIGCHLD }) failed: %s", strerror(errno)); RuntimeAbort(env, __LINE__, "Call to sigprocmask(SIG_UNBLOCK, { SIGCHLD }) failed."); } @@ -647,8 +647,13 @@ static pid_t ForkAndSpecializeCommon(JNIEnv* env, uid_t uid, gid_t gid, jintArra } else if (pid > 0) { // the parent process +#ifdef ENABLE_SCHED_BOOST + // unset scheduler knob + SetForkLoad(false); +#endif + // We blocked SIGCHLD prior to a fork, we unblock it here. - if (sigprocmask(SIG_UNBLOCK, &sigchld, NULL) == -1) { + if (sigprocmask(SIG_UNBLOCK, &sigchld, nullptr) == -1) { ALOGE("sigprocmask(SIG_SETMASK, { SIGCHLD }) failed: %s", strerror(errno)); RuntimeAbort(env, __LINE__, "Call to sigprocmask(SIG_UNBLOCK, { SIGCHLD }) failed."); } diff --git a/services/core/java/com/android/server/connectivity/Tethering.java b/services/core/java/com/android/server/connectivity/Tethering.java index c1aaf078da1f..ead44022740a 100644 --- a/services/core/java/com/android/server/connectivity/Tethering.java +++ b/services/core/java/com/android/server/connectivity/Tethering.java @@ -1432,9 +1432,8 @@ public class Tethering extends BaseNetworkObserver { // used to verify this receiver is still current final private int mGenerationNumber; - // we're interested in edge-triggered LOADED notifications, so - // ignore LOADED unless we saw an ABSENT state first - private boolean mSimAbsentSeen = false; + // used to check the sim state transition from non-loaded to loaded + private boolean mSimNotLoadedSeen = false; public SimChangeBroadcastReceiver(int generationNumber) { super(); @@ -1452,14 +1451,14 @@ public class Tethering extends BaseNetworkObserver { final String state = intent.getStringExtra(IccCardConstants.INTENT_KEY_ICC_STATE); - Log.d(TAG, "got Sim changed to state " + state + ", mSimAbsentSeen=" + - mSimAbsentSeen); - if (!mSimAbsentSeen && IccCardConstants.INTENT_VALUE_ICC_ABSENT.equals(state)) { - mSimAbsentSeen = true; + Log.d(TAG, "got Sim changed to state " + state + ", mSimNotLoadedSeen=" + + mSimNotLoadedSeen); + if (!mSimNotLoadedSeen && !IccCardConstants.INTENT_VALUE_ICC_LOADED.equals(state)) { + mSimNotLoadedSeen = true; } - if (mSimAbsentSeen && IccCardConstants.INTENT_VALUE_ICC_LOADED.equals(state)) { - mSimAbsentSeen = false; + if (mSimNotLoadedSeen && IccCardConstants.INTENT_VALUE_ICC_LOADED.equals(state)) { + mSimNotLoadedSeen = false; try { if (mContext.getResources().getString(com.android.internal.R.string. config_mobile_hotspot_provision_app_no_ui).isEmpty() == false) { diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java index dedf1d9ae9f7..5461018d9ce2 100644 --- a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java +++ b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java @@ -3321,7 +3321,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { } } - private void wipeDataLocked(boolean wipeExtRequested, String reason) { + private void wipeDataNoLock(boolean wipeExtRequested, String reason) { if (wipeExtRequested) { StorageManager sm = (StorageManager) mContext.getSystemService( Context.STORAGE_SERVICE); @@ -3340,13 +3340,13 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { return; } enforceCrossUserPermission(userHandle); + final String source; synchronized (this) { // This API can only be called by an active device admin, // so try to retrieve it to check that the caller is one. final ActiveAdmin admin = getActiveAdminForCallerLocked(null, DeviceAdminInfo.USES_POLICY_WIPE_DATA); - final String source; final ComponentName cname = admin.info.getComponent(); if (cname != null) { source = cname.flattenToShortString(); @@ -3371,39 +3371,44 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { manager.wipe(); } } - boolean wipeExtRequested = (flags & WIPE_EXTERNAL_STORAGE) != 0; - wipeDeviceOrUserLocked(wipeExtRequested, userHandle, - "DevicePolicyManager.wipeData() from " + source); } finally { Binder.restoreCallingIdentity(ident); } } + boolean wipeExtRequested = (flags & WIPE_EXTERNAL_STORAGE) != 0; + wipeDeviceNoLock(wipeExtRequested, userHandle, + "DevicePolicyManager.wipeData() from " + source); } - private void wipeDeviceOrUserLocked(boolean wipeExtRequested, final int userHandle, String reason) { - if (userHandle == UserHandle.USER_OWNER) { - wipeDataLocked(wipeExtRequested, reason); - } else { - mHandler.post(new Runnable() { - @Override - public void run() { - try { - IActivityManager am = ActivityManagerNative.getDefault(); - if (am.getCurrentUser().id == userHandle) { - am.switchUser(UserHandle.USER_OWNER); - } + private void wipeDeviceNoLock(boolean wipeExtRequested, final int userHandle, String reason) { + long ident = Binder.clearCallingIdentity(); + try { + if (userHandle == UserHandle.USER_OWNER) { + wipeDataNoLock(wipeExtRequested, reason); + } else { + mHandler.post(new Runnable() { + @Override + public void run() { + try { + IActivityManager am = ActivityManagerNative.getDefault(); + if (am.getCurrentUser().id == userHandle) { + am.switchUser(UserHandle.USER_OWNER); + } - boolean isManagedProfile = isManagedProfile(userHandle); - if (!mUserManager.removeUser(userHandle)) { - Slog.w(LOG_TAG, "Couldn't remove user " + userHandle); - } else if (isManagedProfile) { - sendWipeProfileNotification(); + boolean isManagedProfile = isManagedProfile(userHandle); + if (!mUserManager.removeUser(userHandle)) { + Slog.w(LOG_TAG, "Couldn't remove user " + userHandle); + } else if (isManagedProfile) { + sendWipeProfileNotification(); + } + } catch (RemoteException re) { + // Shouldn't happen } - } catch (RemoteException re) { - // Shouldn't happen } - } - }); + }); + } + } finally { + Binder.restoreCallingIdentity(ident); } } @@ -3561,7 +3566,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { } if (wipeData) { // Call without holding lock. - wipeDeviceOrUserLocked(false, identifier, + wipeDeviceNoLock(false, identifier, "reportFailedPasswordAttempt()"); } } finally { |