diff options
| author | android-build-team Robot <android-build-team-robot@google.com> | 2018-07-27 18:48:23 +0000 |
|---|---|---|
| committer | android-build-team Robot <android-build-team-robot@google.com> | 2018-07-27 18:48:23 +0000 |
| commit | cbaaaff2a1fed59a7bbb6d41a3b62d305a09feba (patch) | |
| tree | 4bedd21e9d6f059d594721a8298888a61b67fd92 | |
| parent | 6549309f6c473b792ec62d1aebadec62bcf07827 (diff) | |
| parent | 586b9102f322731d604e6280143e16cb6f1c9f76 (diff) | |
| download | base-pie-r2-s1-release.tar.gz | |
Merge cherrypicks of [4647037, 4647038, 4647883, 4647039, 4647933, 4648530, 4648550, 4648551, 4648552, 4648553, 4646931, 4646932, 4646933, 4646934, 4648391, 4647976, 4647977, 4647978, 4647526, 4646972, 4646935, 4646936, 4646937, 4646938, 4646939, 4646940, 4646941, 4648392, 4647509, 4648630, 4648631, 4647934] into pi-release-2android-9.0.0_r8android-9.0.0_r7android-9.0.0_r6pie-r2-s1-releasepie-r2-release
Change-Id: Ica51ebde16d3c566e9439daed8903f202956e265
4 files changed, 40 insertions, 5 deletions
diff --git a/core/java/android/hardware/location/NanoAppFilter.java b/core/java/android/hardware/location/NanoAppFilter.java index 4d8e7344cd75..562065e20815 100644 --- a/core/java/android/hardware/location/NanoAppFilter.java +++ b/core/java/android/hardware/location/NanoAppFilter.java @@ -85,7 +85,7 @@ public class NanoAppFilter implements Parcelable { mAppId = in.readLong(); mAppVersion = in.readInt(); mVersionRestrictionMask = in.readInt(); - mAppIdVendorMask = in.readInt(); + mAppIdVendorMask = in.readLong(); } public int describeContents() { @@ -93,7 +93,6 @@ public class NanoAppFilter implements Parcelable { } public void writeToParcel(Parcel out, int flags) { - out.writeLong(mAppId); out.writeInt(mAppVersion); out.writeInt(mVersionRestrictionMask); diff --git a/media/java/android/media/MediaPlayer.java b/media/java/android/media/MediaPlayer.java index ada91be9ca4d..d532e526f2fb 100644 --- a/media/java/android/media/MediaPlayer.java +++ b/media/java/android/media/MediaPlayer.java @@ -2510,10 +2510,10 @@ public class MediaPlayer extends PlayerBase @Override public void writeToParcel(Parcel dest, int flags) { dest.writeInt(mTrackType); + dest.writeString(mFormat.getString(MediaFormat.KEY_MIME)); dest.writeString(getLanguage()); if (mTrackType == MEDIA_TRACK_TYPE_SUBTITLE) { - dest.writeString(mFormat.getString(MediaFormat.KEY_MIME)); dest.writeInt(mFormat.getInteger(MediaFormat.KEY_IS_AUTOSELECT)); dest.writeInt(mFormat.getInteger(MediaFormat.KEY_IS_DEFAULT)); dest.writeInt(mFormat.getInteger(MediaFormat.KEY_IS_FORCED_SUBTITLE)); diff --git a/services/core/java/com/android/server/connectivity/Vpn.java b/services/core/java/com/android/server/connectivity/Vpn.java index b77c1443e850..2a80f0e7c291 100644 --- a/services/core/java/com/android/server/connectivity/Vpn.java +++ b/services/core/java/com/android/server/connectivity/Vpn.java @@ -100,8 +100,6 @@ import com.android.server.DeviceIdleController; import com.android.server.LocalServices; import com.android.server.net.BaseNetworkObserver; -import libcore.io.IoUtils; - import java.io.File; import java.io.IOException; import java.io.InputStream; @@ -123,6 +121,8 @@ import java.util.SortedSet; import java.util.TreeSet; import java.util.concurrent.atomic.AtomicInteger; +import libcore.io.IoUtils; + /** * @hide */ @@ -1327,6 +1327,18 @@ public class Vpn { /* allowedApplications */ null, /* disallowedApplications */ exemptedPackages); + // The UID range of the first user (0-99999) would block the IPSec traffic, which comes + // directly from the kernel and is marked as uid=0. So we adjust the range to allow + // it through (b/69873852). + for (UidRange range : addedRanges) { + if (range.start == 0) { + addedRanges.remove(range); + if (range.stop != 0) { + addedRanges.add(new UidRange(1, range.stop)); + } + } + } + removedRanges.removeAll(addedRanges); addedRanges.removeAll(mBlockedUsers); } diff --git a/services/core/java/com/android/server/pm/ShortcutService.java b/services/core/java/com/android/server/pm/ShortcutService.java index 599e5a573437..b9c304890420 100644 --- a/services/core/java/com/android/server/pm/ShortcutService.java +++ b/services/core/java/com/android/server/pm/ShortcutService.java @@ -132,6 +132,7 @@ import java.nio.charset.StandardCharsets; import java.util.ArrayList; import java.util.Collections; import java.util.List; +import java.util.Objects; import java.util.concurrent.atomic.AtomicBoolean; import java.util.function.Consumer; import java.util.function.Predicate; @@ -1573,6 +1574,24 @@ public class ShortcutService extends IShortcutService.Stub { "Ephemeral apps can't use ShortcutManager"); } + private void verifyShortcutInfoPackage(String callerPackage, ShortcutInfo si) { + if (si == null) { + return; + } + if (!Objects.equals(callerPackage, si.getPackage())) { + android.util.EventLog.writeEvent(0x534e4554, "109824443", -1, ""); + throw new SecurityException("Shortcut package name mismatch"); + } + } + + private void verifyShortcutInfoPackages( + String callerPackage, List<ShortcutInfo> list) { + final int size = list.size(); + for (int i = 0; i < size; i++) { + verifyShortcutInfoPackage(callerPackage, list.get(i)); + } + } + // Overridden in unit tests to execute r synchronously. void injectPostToHandler(Runnable r) { mHandler.post(r); @@ -1720,6 +1739,7 @@ public class ShortcutService extends IShortcutService.Stub { verifyCaller(packageName, userId); final List<ShortcutInfo> newShortcuts = (List<ShortcutInfo>) shortcutInfoList.getList(); + verifyShortcutInfoPackages(packageName, newShortcuts); final int size = newShortcuts.size(); final boolean unlimited = injectHasUnlimitedShortcutsApiCallsPermission( @@ -1774,6 +1794,7 @@ public class ShortcutService extends IShortcutService.Stub { verifyCaller(packageName, userId); final List<ShortcutInfo> newShortcuts = (List<ShortcutInfo>) shortcutInfoList.getList(); + verifyShortcutInfoPackages(packageName, newShortcuts); final int size = newShortcuts.size(); final boolean unlimited = injectHasUnlimitedShortcutsApiCallsPermission( @@ -1859,6 +1880,7 @@ public class ShortcutService extends IShortcutService.Stub { verifyCaller(packageName, userId); final List<ShortcutInfo> newShortcuts = (List<ShortcutInfo>) shortcutInfoList.getList(); + verifyShortcutInfoPackages(packageName, newShortcuts); final int size = newShortcuts.size(); final boolean unlimited = injectHasUnlimitedShortcutsApiCallsPermission( @@ -1921,6 +1943,7 @@ public class ShortcutService extends IShortcutService.Stub { Preconditions.checkNotNull(shortcut); Preconditions.checkArgument(shortcut.isEnabled(), "Shortcut must be enabled"); verifyCaller(packageName, userId); + verifyShortcutInfoPackage(packageName, shortcut); final Intent ret; synchronized (mLock) { @@ -1942,6 +1965,7 @@ public class ShortcutService extends IShortcutService.Stub { private boolean requestPinItem(String packageName, int userId, ShortcutInfo shortcut, AppWidgetProviderInfo appWidget, Bundle extras, IntentSender resultIntent) { verifyCaller(packageName, userId); + verifyShortcutInfoPackage(packageName, shortcut); final boolean ret; synchronized (mLock) { |