| Age | Commit message (Collapse) | Author |
|---|
|
am: 9c1cb7a273 am: 6634e90ad7
am: 66ee2296a9
Change-Id: Ib0023b44e521b936ab2f9450ad367b1feda64492
|
|
manual_merge_0a9d537
Change-Id: Ib1a0bbb34edb61666ac5739f0b0eaadbe4c5fe06
|
|
Prevent sending media key events from the non-system app to the global
priority session through the MediaSessionManager.dispatchMediaKeyEvent().
Note that any app can use the API indirectly with
the public API AudioManager.dispatchMediaKeyEvent().
Bug: 29833954
Tested: Installed malicious apps and confirmed that they don't work.
Tested: Run CtsTelecomTestCases and CtsMediaTestCases
Change-Id: I2a9e78196ba7455324e485f098f095d03b47ee15
(cherry picked from commit c282c4f106bea5c5375fdb6062ffd4fdcf8563a7)
|
|
Bug: 30100884
Change-Id: I8fa379a74b5d9467b5b9498bd18de2a043963c6f
(cherry picked from commit baae57ab24db7d3b0bf7f84c05954173f1ee15fe)
|
|
Bug: 30568284
Change-Id: I0b613f8ce0f014320c5ac1bf445699ea2702a0a2
(manually cherry picked from 9b2997d22e6ce2a15065d8e7608dd77b316c2065)
(cherry picked from commit 7bb4c825585d5a6afbb59484ec7db5f5dec1bdaf)
|
|
Don't hold mPidsSelfLocked lock when calling
cleanUpApplicationRecordLocked.
Bug: 31463143
Change-Id: I421962cbfd7c466662edcef805c3e27321dc5a98
(cherry picked from commit b59e73613bbaf252e2ee5892d7a95cbbd7d40b26)
|
|
Bug: 31350622
Change-Id: I6d3f9faec32d54360caa6706d17405e20b50966c
(cherry picked from commit aa394dd42c049479bface1991f11b863dc1a0922)
|
|
setPairingConfirmation was set to only require BLUETOOTH_ADMIN
permission which shouldn't be able to set the confirmation itself.
This is restricted to BLUETOOTH_PRIVILEGED permission.
Bug: 29043989
Change-Id: I887de32d156e672ec44aa0b286cd7ea7f9f8ad55
(cherry picked from commit 93326cfd9fb8a20081baa9b975275772798cfd80)
|
|
change
ExifInterface object can be created with a unsupported file format.
If saveAttribute is called with an unsupported file format, ExifInterface
makes the file corrupted. This CL prevents those cases by throwing
an exception before making any change on the file.
Bug: 30936376
Change-Id: I915f56b00ec9422b53591ac5534e070a1d6798e6
(cherry picked from commit 2ee53c82cc8c8b2e76a19910074672f6204a5d63)
|
|
This is the backport of the following commits :
Commit c5f27a7cb2ec816f483a65255034a1b57a8aa22:
-----------------------------------------------
Reopen whitelisted zygote file descriptors after a fork.
We don't want these descriptors to be shared post-fork, so we'll
have to close and reopen them when the zygote forks. The set of
open descriptors is checked against a whitelist and it is a fatal
error if a non whitelisted FD is opened. It is also a fatal error
if anything other than a regular file / character device or socket
is opened at the time of forking.
This work is done in two stages :
- An initial list of FDs is constructed and cached prior to the
first zygote fork.
- On each subsequent fork, we check whether the list of open FDs
has changed. We are currently tolerant of changes, but in the
longer term, it should be a fatal error if the set of open file
descriptors in the zygote changes.
- Post fork, we traverse the list of open descriptors and reopen
them if necessary.
bug: 30963384
Commit 3764a260f0c90dcb323caeda14baf903cc108759:
-----------------------------------------------
Add a whitelist of sockets on fork.
Maintain a whitelist of AF_UNIX sockets that are permitted
to exist at the time of forking. If an open socket does not belong
to the whitelist (or is not AF_UNIX), the process will abort. If an
open socket is whitelisted, it will be redirected to /dev/null after
a sucessful fork. This allows us to unify our handling of the special
zygote sockets (/dev/socket/zygote[_secondary]) with the existing
whitelist of non socket file descriptors.
This change also removes non-fatal ALOGW messages since they have the
side effect of reopening the logging socket.
bug: 30963384
Commit 0b76d6a28e6978151bf245a775329cdae5e574d5:
-----------------------------------------------
fd_utils: Fix broken usage of iterators.
There were two separate issues here :
- RestatInternal was using an iterator after a call to erase(). This
will not work because it will be invalidated.
- The "standard" for loop idiom for iterating over a map while making
structural changes to it is broken. Switch to a while loop and treat
cases where elements are erased differently from cases where they
aren't.
bug: 31092930
bug: 30963384
Plus additional changes:
-----------------------------------------------
- add /dev/__properties__ to the whitelist.
Change-Id: I709a7f4913e807a8fec8a58c81e98fe5b5222820
(cherry picked from commit 41ca1bce01af7e86aeff9009df54bbc81e3c77d0)
|
|
injected.
-Can potentially crash system with OOM.
Bug: 29555864
Change-Id: I7157f48dddf148a9bcab029cf12e26a58d8054f4
(cherry picked from commit 5439aabb165b5a760d1e580016bf1d6fd963cb65)
|
|
This fixes a bug where it was possible to authenticate the wrong user.
We now bind the userId when we start authentication and confirm it when
authentication completes.
Fixes bug 30744668
Change-Id: I346d92c301414ed81e11fa9c171584c7ae4341c2
(cherry picked from commit b6f4b48df273d210d13631b4c2426482feb40c97)
|
|
Don't write partial requests, and don't return (or throw) early after
partially reading a response.
bug: 30143607
(cherry-picked from commit 448be0a62209c977593d81617853a8a428d013df)
Change-Id: I5881fdd5e81023cd21fb4d23a471a5031987a1f1
(cherry picked from commit e29c6493c07acf1a0b706917e9af0c8d761c8ae9)
|
|
Fixes bug 30003944
Change-Id: I8700d4424c6186c8d5e71d2fdede0223ad86904d
(cherry picked from commit 2d71384a139ae27cbc7b57f06662bf6ee2010f2b)
|
|
Fix for accidental launch of a broadcast receiver in an
incorrect app instance.
Bug: 30202481
Change-Id: I8ec8f19c633f3aec8da084dab5fd5b312443336f
(cherry picked from commit d1eeb5b7b489d47994a71510f1ed5b97b8e32a7a)
|
|
Bug: 29189712
Bug: 30317026
Bug: 30235113
Change-Id: Icced9805a56675e86f894c458c4a5a0048fd54c0
|
|
Bug: 30297223, Bug: 30437363
Change-Id: I7b18af40e4eac2713577204428fbfb96cc346582
|
|
Bug: 29270469
Change-Id: I6a6c8aeab2a842ff1646316363d614851625e78f
|
|
Block the user from entering safe boot mode if the DISALLOW_SAFE_BOOT
policy is set.
Bug: 26251884
Change-Id: I4945d5d676928346c11ea305a5b6a2e1a42e94e6
|
|
Test: ran libaapt2_tests64
Bug: 29250543
Change-Id: I1ebc017af623b6514cf0c493e8cd8e1d59ea26c3
(cherry picked from commit 4781057e78f63e0e99af109cebf3b6a78f4bfbb6)
|
|
Bug: 29421441
Change-Id: I7460268595e932d54660b02007bcd68b95fe8aec
|
|
Don't use "==" to compare strings.
Bug: 25624963
Change-Id: Id25696e4fdcbcf4d48ec74e8ed65c1a33716b30c
|
|
BUG:25624963
Change-Id: I939a12a27d6b915d8a9cc8b142f645fba0ee42ec
|
|
Bug: 29189712
Change-Id: I6fdb3b68dfe3f51119e5ce8008880fc7d9c793df
|
|
Remove MANAGE_USERS permission from shell and whitelist it for
some specific functionality.
Bug: 29189712
Change-Id: Ifb37448c091af91991964511e3efb1bb4dea1ff3
|
|
Also disables app pinning when the "return to call" button is pressed
and brings up the in-call screen when app pinning is stopped if there is
an existing call.
Combination of ag/1091397 and ag/1085584 adapted for MNC.
Bug: 28558307
Bug: 28761672
Change-Id: I82ec4042bff387c845ce571b197a4a86e1dd5ec8
|
|
Since this is a backport, there is only one rule that guards intent
filter priorities:
1) Updates will NOT be granted a priority greater than the priority
defined on the system image.
Bug: 27450489
Change-Id: Ifcec4d7a59e684331399abc41eea1bd6876155a4
|
|
Get the canonical identity and metadata about the package from the
Package Manager at time of usage rather than rely on the caller to
have gotten things right, even when the caller has the system uid.
Bug 28795098
Change-Id: I215786bc894dedf7ca28e9c80cefabd0e40ca877
Merge conflict resolution for ag/1133474 (referencing ag/1148862)
- directly to mnc-mr2-release
(cherry picked from commit b2a6b594827da2f595bf48c04088fb98e71333aa)
Change-Id: Ie82264ad0512d0ab59de8a964e96866088cb1a33
|
|
Sysconfig define a whitelist of permitted backup transports
Previously any apk bundled in priv-app could insert a backup transport.
Reduce risk surface by giving the OEM explicit control over who is
allowed to handle backup data.
Bug 28406080
Backport of 494df791728f4d42d67e935c327910975993ad29 from N
Change-Id: I9f90e324169a68720d608f74754d284a7e59cf87
|
|
Fix a bug where a ChooserTargetService could supply a ChooserTarget
pointing at a non-exported activity outside of its own package and
have it launch.
Bug 28384423
Change-Id: I3f5854f91c5695ad9253d71055ef58224df47008
|
|
The URL path could contain credentials that apps don't want exposed
to a potentially malicious PAC script.
Bug: 27593919
Change-Id: I4bb0362fc91f70ad47c4c7453d77d6f9a1e8eeed
|
|
Fixes bug 28163930
Change-Id: Ic98ef20933b352159b88fdef331e83e9ef6e1f20
|
|
This is a direct reimplementation in L of fixes applied to N in
these two commits:
8dc8d37c1d7d694016f1ec2b3cea5fb723567be8
e8741d23d2dd05c4cb3fed5ee6a4040ee96a60e3
Bug 19285814
Change-Id: I59bcc8f1d41c426e9da635bea9ad1d7c6756d5aa
Resolve merge conflict when cp'ing ag/941553 to mnc-mr1-release branch
|
|
Bug: 26677796
Change-Id: Ic4219b883bb760495e6172ef61e84e9725876ef6
|
|
Disallow existing and newly created guest users from
changing Wifi settings.
BUG: 27411179
TEST: Flashed device, switched to existing guest user, and verified
that Wifi settings are disabled.
TEST: Flashed device, created new guest user, and verified that Wifi
settings are disabled.
Change-Id: Ia1bf4cce0369017b62f69d317c7ab2e30e3949b3
|
|
BUG:26094635
If the caller to ContentResolver#getCurrentSyncs does not hold the
GET_ACCOUNTS permission, return a SyncInfo object that does not
contain any Account information.
Change-Id: I5628ebe1f56c8e3f784aaf1b3281e6b829d19314
(cherry picked from commit b63057e698a01dafcefc7ba09b397b0336bba43d)
|
|
Change-Id: I3efe5476ebd758fc567bfdb035583a01c45aea8b
|
|
This needs the package name passed in, so the aidl changes.
bug:25778215
Change-Id: I72f3456a2774a7ad5104424daea9e046ee9c6360
|
|
|
|
|
|
Sample decoding still occurs in SoundPoolThread
without holding the SoundPool lock.
Bug: 25781119
Change-Id: I11fde005aa9cf5438e0390a0d2dfe0ec1dd282e8
(cherry picked from commit 0275a982abecee683f16c827d405eafe51fb67ae)
|
|
Bug: 25476219
Change-Id: Ibbe621748f7275f8c1ccded84612ca16292559eb
|
|
+ Don't allow contact sharing by default for devices not recognized
as carkit at pair time.
Bug: 23607427
Change-Id: If6babb10117ba7ee5008a4a29450a7cb981bea4a
|
|
This reverts commit f2cb9341ff864e6d9cc6797857665b2281643a74.
Change-Id: I151972052aea47bf8c6823eb8bbf8161c5a7a4f0
|
|
If the device was powered off during first boot, after media scanner
inserted some entries but before the default ringtone settings were
set (or committed to disk), the default settings would not be set
on subsequent boots.
Bug: 18625739
Bug: 22349910
Change-Id: Iff07da59a9c6d53bf2950bd107ee74d02b7f48d6
|
|
When picking documents to return to apps requesting CATEGORY_OPENABLE
we can't let the user select directories.
Bug: 25455200
Change-Id: I8076883ee5b019eab4d2adb841952865f21e413e
|
|
The bulk of package moving already occurs on the handler thread,
but one of the precondition steps requires that we make an installd
call to calculate disk space of the app. If there was already
another long-running installd call going on, we could end up ANR'ing
the caller.
Since movePackage() is already designed to return a moveId and go
async, we can push all the precondition steps onto the handler thread
to prevent the ANR.
Bug: 25490003
Change-Id: I62d555c23bbf81b791f6f4cabc40c3d64c580cf8
|
|
This reverts commit e02ec7c37a92fd63748a610bac6a23d0409788cf.
Change-Id: Iea7fadf04c4ffa62be28f783342ae749f89bf931
|
|
b/25417885
Change-Id: I4b87e35ca68091fd0409cb9fe9b9400af860a507
|
|
b/24534579
Change-Id: Ib3581ec99387ca70ca036026f64857a49657d94b
(cherry picked from commit 8d0ec389531d071529fb0a800f10733b057205d9)
|
