diff options
author | android-build-team Robot <android-build-team-robot@google.com> | 2018-02-26 18:09:31 +0000 |
---|---|---|
committer | android-build-team Robot <android-build-team-robot@google.com> | 2018-02-26 18:09:31 +0000 |
commit | 313ff2895344f4ae69010c23804f4d454ae0b33a (patch) | |
tree | 90e7208ac698be0e259bf72fb3a47bf1b9285bb5 | |
parent | 250714c67ba9d2029bc88284672949a87b243b9a (diff) | |
parent | 68505b3110160bb83b68ef0f61663446593d9c06 (diff) | |
download | base-313ff2895344f4ae69010c23804f4d454ae0b33a.tar.gz |
Snap for 4565141 from 68505b3110160bb83b68ef0f61663446593d9c06 to oc-m4-release
Change-Id: Ibf135d197dba570c2fd622f5942d05e5b1ec0da7
11 files changed, 104 insertions, 29 deletions
diff --git a/core/java/android/content/pm/PackageInfo.java b/core/java/android/content/pm/PackageInfo.java index ba488f6a0518..3230ee715571 100644 --- a/core/java/android/content/pm/PackageInfo.java +++ b/core/java/android/content/pm/PackageInfo.java @@ -286,8 +286,26 @@ public class PackageInfo implements Parcelable { /** @hide */ public int overlayPriority; - /** @hide */ - public boolean isStaticOverlay; + + /** + * Flag for use with {@link #overlayFlags}. Marks the overlay as static, meaning it cannot + * be enabled/disabled at runtime. + * @hide + */ + public static final int FLAG_OVERLAY_STATIC = 1 << 1; + + /** + * Flag for use with {@link #overlayFlags}. Marks the overlay as trusted (not 3rd party). + * @hide + */ + public static final int FLAG_OVERLAY_TRUSTED = 1 << 2; + + /** + * Modifiers that affect the state of this overlay. See {@link #FLAG_OVERLAY_STATIC}, + * {@link #FLAG_OVERLAY_TRUSTED}. + * @hide + */ + public int overlayFlags; public PackageInfo() { } @@ -342,8 +360,8 @@ public class PackageInfo implements Parcelable { dest.writeString(restrictedAccountType); dest.writeString(requiredAccountType); dest.writeString(overlayTarget); - dest.writeInt(isStaticOverlay ? 1 : 0); dest.writeInt(overlayPriority); + dest.writeInt(overlayFlags); } public static final Parcelable.Creator<PackageInfo> CREATOR @@ -394,8 +412,8 @@ public class PackageInfo implements Parcelable { restrictedAccountType = source.readString(); requiredAccountType = source.readString(); overlayTarget = source.readString(); - isStaticOverlay = source.readInt() != 0; overlayPriority = source.readInt(); + overlayFlags = source.readInt(); // The component lists were flattened with the redundant ApplicationInfo // instances omitted. Distribute the canonical one here as appropriate. diff --git a/core/java/android/content/pm/PackageParser.java b/core/java/android/content/pm/PackageParser.java index cb9ecf3e2bd8..4689f45098e2 100644 --- a/core/java/android/content/pm/PackageParser.java +++ b/core/java/android/content/pm/PackageParser.java @@ -678,7 +678,15 @@ public class PackageParser { pi.requiredAccountType = p.mRequiredAccountType; pi.overlayTarget = p.mOverlayTarget; pi.overlayPriority = p.mOverlayPriority; - pi.isStaticOverlay = p.mIsStaticOverlay; + + if (p.mIsStaticOverlay) { + pi.overlayFlags |= PackageInfo.FLAG_OVERLAY_STATIC; + } + + if (p.mTrustedOverlay) { + pi.overlayFlags |= PackageInfo.FLAG_OVERLAY_TRUSTED; + } + pi.firstInstallTime = firstInstallTime; pi.lastUpdateTime = lastUpdateTime; if ((flags&PackageManager.GET_GIDS) != 0) { diff --git a/core/java/android/net/Uri.java b/core/java/android/net/Uri.java index d5377c717366..9edcc0e9b8d4 100644 --- a/core/java/android/net/Uri.java +++ b/core/java/android/net/Uri.java @@ -1066,7 +1066,7 @@ public abstract class Uri implements Parcelable, Comparable<Uri> { return null; } - int end = authority.indexOf('@'); + int end = authority.lastIndexOf('@'); return end == NOT_FOUND ? null : authority.substring(0, end); } @@ -1090,7 +1090,7 @@ public abstract class Uri implements Parcelable, Comparable<Uri> { } // Parse out user info and then port. - int userInfoSeparator = authority.indexOf('@'); + int userInfoSeparator = authority.lastIndexOf('@'); int portSeparator = authority.indexOf(':', userInfoSeparator); String encodedHost = portSeparator == NOT_FOUND @@ -1116,7 +1116,7 @@ public abstract class Uri implements Parcelable, Comparable<Uri> { // Make sure we look for the port separtor *after* the user info // separator. We have URLs with a ':' in the user info. - int userInfoSeparator = authority.indexOf('@'); + int userInfoSeparator = authority.lastIndexOf('@'); int portSeparator = authority.indexOf(':', userInfoSeparator); if (portSeparator == NOT_FOUND) { diff --git a/core/jni/android/graphics/Bitmap.cpp b/core/jni/android/graphics/Bitmap.cpp index ad05a5113dff..108fdbce386f 100755 --- a/core/jni/android/graphics/Bitmap.cpp +++ b/core/jni/android/graphics/Bitmap.cpp @@ -682,6 +682,8 @@ static jobject Bitmap_creator(JNIEnv* env, jobject, jintArray jColors, sk_sp<Bitmap> nativeBitmap = Bitmap::allocateHeapBitmap(&bitmap); if (!nativeBitmap) { + ALOGE("OOM allocating Bitmap with dimensions %i x %i", width, height); + doThrowOOME(env); return NULL; } diff --git a/core/tests/coretests/src/android/net/UriTest.java b/core/tests/coretests/src/android/net/UriTest.java index 6fa28b1ccdaa..27b7f9e185bb 100644 --- a/core/tests/coretests/src/android/net/UriTest.java +++ b/core/tests/coretests/src/android/net/UriTest.java @@ -187,6 +187,11 @@ public class UriTest extends TestCase { uri = Uri.parse("http://localhost"); assertEquals("localhost", uri.getHost()); assertEquals(-1, uri.getPort()); + + uri = Uri.parse("http://a:a@example.com:a@example2.com/path"); + assertEquals("a:a@example.com:a@example2.com", uri.getAuthority()); + assertEquals("example2.com", uri.getHost()); + assertEquals(-1, uri.getPort()); } @SmallTest diff --git a/media/jni/android_mtp_MtpDatabase.cpp b/media/jni/android_mtp_MtpDatabase.cpp index 5b874cd82678..47ec4648f125 100644 --- a/media/jni/android_mtp_MtpDatabase.cpp +++ b/media/jni/android_mtp_MtpDatabase.cpp @@ -951,6 +951,7 @@ void* MyMtpDatabase::getThumbnail(MtpObjectHandle handle, size_t& outThumbSize) outThumbSize = image_data.thumbnail.length; } else { free(result); + result = NULL; } } break; diff --git a/packages/SystemUI/src/com/android/systemui/statusbar/phone/NavigationBarTransitions.java b/packages/SystemUI/src/com/android/systemui/statusbar/phone/NavigationBarTransitions.java index c9500363e9d8..b81a3b0416a4 100644 --- a/packages/SystemUI/src/com/android/systemui/statusbar/phone/NavigationBarTransitions.java +++ b/packages/SystemUI/src/com/android/systemui/statusbar/phone/NavigationBarTransitions.java @@ -80,7 +80,8 @@ public final class NavigationBarTransitions extends BarTransitions { @Override protected boolean isLightsOut(int mode) { - return super.isLightsOut(mode) || (mAutoDim && !mWallpaperVisible); + return super.isLightsOut(mode) || (mAutoDim && !mWallpaperVisible + && mode != MODE_WARNING); } public LightBarTransitionsController getLightTransitionsController() { @@ -108,7 +109,9 @@ public final class NavigationBarTransitions extends BarTransitions { // ok, everyone, stop it right there navButtons.animate().cancel(); - final float navButtonsAlpha = lightsOut ? 0.6f : 1f; + // Bump percentage by 10% if dark. + float darkBump = mLightTransitionsController.getCurrentDarkIntensity() / 10; + final float navButtonsAlpha = lightsOut ? 0.6f + darkBump : 1f; if (!animate) { navButtons.setAlpha(navButtonsAlpha); @@ -130,6 +133,9 @@ public final class NavigationBarTransitions extends BarTransitions { for (int i = buttonDispatchers.size() - 1; i >= 0; i--) { buttonDispatchers.valueAt(i).setDarkIntensity(darkIntensity); } + if (mAutoDim) { + applyLightsOut(false, true); + } } private final View.OnTouchListener mLightsOutListener = new View.OnTouchListener() { diff --git a/services/core/java/com/android/server/locksettings/SyntheticPasswordCrypto.java b/services/core/java/com/android/server/locksettings/SyntheticPasswordCrypto.java index b7bca1fb1c4a..ef94000d3a6b 100644 --- a/services/core/java/com/android/server/locksettings/SyntheticPasswordCrypto.java +++ b/services/core/java/com/android/server/locksettings/SyntheticPasswordCrypto.java @@ -112,7 +112,7 @@ public class SyntheticPasswordCrypto { } } - public static byte[] decryptBlob(String keyAlias, byte[] blob, byte[] applicationId) { + public static byte[] decryptBlobV1(String keyAlias, byte[] blob, byte[] applicationId) { try { KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore"); keyStore.load(null); @@ -120,6 +120,20 @@ public class SyntheticPasswordCrypto { SecretKey decryptionKey = (SecretKey) keyStore.getKey(keyAlias, null); byte[] intermediate = decrypt(applicationId, APPLICATION_ID_PERSONALIZATION, blob); return decrypt(decryptionKey, intermediate); + } catch (Exception e) { + e.printStackTrace(); + throw new RuntimeException("Failed to decrypt blob", e); + } + } + + public static byte[] decryptBlob(String keyAlias, byte[] blob, byte[] applicationId) { + try { + KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore"); + keyStore.load(null); + + SecretKey decryptionKey = (SecretKey) keyStore.getKey(keyAlias, null); + byte[] intermediate = decrypt(decryptionKey, blob); + return decrypt(applicationId, APPLICATION_ID_PERSONALIZATION, intermediate); } catch (CertificateException | IOException | BadPaddingException | IllegalBlockSizeException | KeyStoreException | NoSuchPaddingException | NoSuchAlgorithmException @@ -150,9 +164,8 @@ public class SyntheticPasswordCrypto { keyStore.setEntry(keyAlias, new KeyStore.SecretKeyEntry(secretKey), builder.build()); - byte[] intermediate = encrypt(secretKey, data); - return encrypt(applicationId, APPLICATION_ID_PERSONALIZATION, intermediate); - + byte[] intermediate = encrypt(applicationId, APPLICATION_ID_PERSONALIZATION, data); + return encrypt(secretKey, intermediate); } catch (CertificateException | IOException | BadPaddingException | IllegalBlockSizeException | KeyStoreException | NoSuchPaddingException | NoSuchAlgorithmException diff --git a/services/core/java/com/android/server/locksettings/SyntheticPasswordManager.java b/services/core/java/com/android/server/locksettings/SyntheticPasswordManager.java index 9440f17164aa..ca6c9e78d0a2 100644 --- a/services/core/java/com/android/server/locksettings/SyntheticPasswordManager.java +++ b/services/core/java/com/android/server/locksettings/SyntheticPasswordManager.java @@ -101,7 +101,8 @@ public class SyntheticPasswordManager { private static final byte WEAVER_VERSION = 1; private static final int INVALID_WEAVER_SLOT = -1; - private static final byte SYNTHETIC_PASSWORD_VERSION = 1; + private static final byte SYNTHETIC_PASSWORD_VERSION_V1 = 1; + private static final byte SYNTHETIC_PASSWORD_VERSION = 2; private static final byte SYNTHETIC_PASSWORD_PASSWORD_BASED = 0; private static final byte SYNTHETIC_PASSWORD_TOKEN_BASED = 1; @@ -792,6 +793,7 @@ public class SyntheticPasswordManager { byte[] pwdToken = computePasswordToken(credential, pwd); final byte[] applicationId; + final long sid; int weaverSlot = loadWeaverSlot(handle, userId); if (weaverSlot != INVALID_WEAVER_SLOT) { // Weaver based user password @@ -804,6 +806,7 @@ public class SyntheticPasswordManager { if (result.gkResponse.getResponseCode() != VerifyCredentialResponse.RESPONSE_OK) { return result; } + sid = GateKeeper.INVALID_SECURE_USER_ID; applicationId = transformUnderWeaverSecret(pwdToken, result.gkResponse.getPayload()); } else { byte[] gkPwdToken = passwordTokenToGkInput(pwdToken); @@ -836,12 +839,13 @@ public class SyntheticPasswordManager { result.gkResponse = VerifyCredentialResponse.ERROR; return result; } + sid = sidFromPasswordHandle(pwd.passwordHandle); applicationId = transformUnderSecdiscardable(pwdToken, loadSecdiscardable(handle, userId)); } result.authToken = unwrapSyntheticPasswordBlob(handle, SYNTHETIC_PASSWORD_PASSWORD_BASED, - applicationId, userId); + applicationId, sid, userId); // Perform verifyChallenge to refresh auth tokens for GK if user password exists. result.gkResponse = verifyChallenge(gatekeeper, result.authToken, 0L, userId); @@ -877,7 +881,7 @@ public class SyntheticPasswordManager { } byte[] applicationId = transformUnderSecdiscardable(token, secdiscardable); result.authToken = unwrapSyntheticPasswordBlob(handle, SYNTHETIC_PASSWORD_TOKEN_BASED, - applicationId, userId); + applicationId, 0L, userId); if (result.authToken != null) { result.gkResponse = verifyChallenge(gatekeeper, result.authToken, 0L, userId); if (result.gkResponse == null) { @@ -892,19 +896,26 @@ public class SyntheticPasswordManager { } private AuthenticationToken unwrapSyntheticPasswordBlob(long handle, byte type, - byte[] applicationId, int userId) { + byte[] applicationId, long sid, int userId) { byte[] blob = loadState(SP_BLOB_NAME, handle, userId); if (blob == null) { return null; } - if (blob[0] != SYNTHETIC_PASSWORD_VERSION) { + final byte version = blob[0]; + if (version != SYNTHETIC_PASSWORD_VERSION && version != SYNTHETIC_PASSWORD_VERSION_V1) { throw new RuntimeException("Unknown blob version"); } if (blob[1] != type) { throw new RuntimeException("Invalid blob type"); } - byte[] secret = decryptSPBlob(getHandleName(handle), + final byte[] secret; + if (version == SYNTHETIC_PASSWORD_VERSION_V1) { + secret = SyntheticPasswordCrypto.decryptBlobV1(getHandleName(handle), + Arrays.copyOfRange(blob, 2, blob.length), applicationId); + } else { + secret = decryptSPBlob(getHandleName(handle), Arrays.copyOfRange(blob, 2, blob.length), applicationId); + } if (secret == null) { Log.e(TAG, "Fail to decrypt SP for user " + userId); return null; @@ -919,6 +930,10 @@ public class SyntheticPasswordManager { } else { result.syntheticPassword = new String(secret); } + if (version == SYNTHETIC_PASSWORD_VERSION_V1) { + Log.i(TAG, "Upgrade v1 SP blob for user " + userId + ", type = " + type); + createSyntheticPasswordBlob(handle, type, result, applicationId, sid, userId); + } return result; } diff --git a/services/core/java/com/android/server/om/OverlayManagerService.java b/services/core/java/com/android/server/om/OverlayManagerService.java index 2940a6e3fc8d..0b3efdba212d 100644 --- a/services/core/java/com/android/server/om/OverlayManagerService.java +++ b/services/core/java/com/android/server/om/OverlayManagerService.java @@ -669,7 +669,8 @@ public final class OverlayManagerService extends SystemService { }; private boolean isOverlayPackage(@NonNull final PackageInfo pi) { - return pi != null && pi.overlayTarget != null; + return pi != null && pi.overlayTarget != null + && (pi.overlayFlags & PackageInfo.FLAG_OVERLAY_TRUSTED) != 0; } private final class OverlayChangeListener diff --git a/services/core/java/com/android/server/om/OverlayManagerServiceImpl.java b/services/core/java/com/android/server/om/OverlayManagerServiceImpl.java index db6e9749535b..497d79d6fbc4 100644 --- a/services/core/java/com/android/server/om/OverlayManagerServiceImpl.java +++ b/services/core/java/com/android/server/om/OverlayManagerServiceImpl.java @@ -68,6 +68,11 @@ final class OverlayManagerServiceImpl { mListener = listener; } + private static boolean isPackageStaticOverlay(final PackageInfo packageInfo) { + return packageInfo.overlayTarget != null + && (packageInfo.overlayFlags & PackageInfo.FLAG_OVERLAY_STATIC) != 0; + } + /** * Call this to synchronize the Settings for a user with what PackageManager knows about a user. * Returns a list of target packages that must refresh their overlays. This list is the union @@ -102,11 +107,11 @@ final class OverlayManagerServiceImpl { mSettings.init(overlayPackage.packageName, newUserId, overlayPackage.overlayTarget, overlayPackage.applicationInfo.getBaseCodePath(), - overlayPackage.isStaticOverlay, overlayPackage.overlayPriority); + isPackageStaticOverlay(overlayPackage), overlayPackage.overlayPriority); if (oi == null) { // This overlay does not exist in our settings. - if (overlayPackage.isStaticOverlay || + if (isPackageStaticOverlay(overlayPackage) || mDefaultOverlays.contains(overlayPackage.packageName)) { // Enable this overlay by default. if (DEBUG) { @@ -255,8 +260,8 @@ final class OverlayManagerServiceImpl { mPackageManager.getPackageInfo(overlayPackage.overlayTarget, userId); mSettings.init(packageName, userId, overlayPackage.overlayTarget, - overlayPackage.applicationInfo.getBaseCodePath(), overlayPackage.isStaticOverlay, - overlayPackage.overlayPriority); + overlayPackage.applicationInfo.getBaseCodePath(), + isPackageStaticOverlay(overlayPackage), overlayPackage.overlayPriority); try { if (updateState(targetPackage, overlayPackage, userId)) { mListener.onOverlaysChanged(overlayPackage.overlayTarget, userId); @@ -313,7 +318,7 @@ final class OverlayManagerServiceImpl { } // Ignore static overlays. - if (overlayPackage.isStaticOverlay) { + if (isPackageStaticOverlay(overlayPackage)) { return false; } @@ -363,7 +368,7 @@ final class OverlayManagerServiceImpl { continue; } - if (disabledOverlayPackageInfo.isStaticOverlay) { + if (isPackageStaticOverlay(disabledOverlayPackageInfo)) { // Don't touch static overlays. continue; } @@ -388,7 +393,7 @@ final class OverlayManagerServiceImpl { private boolean isPackageUpdatableOverlay(@NonNull final String packageName, final int userId) { final PackageInfo overlayPackage = mPackageManager.getPackageInfo(packageName, userId); - if (overlayPackage == null || overlayPackage.isStaticOverlay) { + if (overlayPackage == null || isPackageStaticOverlay(overlayPackage)) { return false; } return true; @@ -483,7 +488,8 @@ final class OverlayManagerServiceImpl { throws OverlayManagerSettings.BadKeyException { // Static RROs targeting to "android", ie framework-res.apk, are handled by native layers. if (targetPackage != null && - !("android".equals(targetPackage.packageName) && overlayPackage.isStaticOverlay)) { + !("android".equals(targetPackage.packageName) + && isPackageStaticOverlay(overlayPackage))) { mIdmapManager.createIdmap(targetPackage, overlayPackage, userId); } |