| Age | Commit message (Collapse) | Author |
|---|
|
4689866, 4689868, 4689869, 4689870, 4691132, 4689456, 4689963, 4691133, 4691134, 4691156, 4691157, 4691159, 4691161, 4690581, 4689964, 4689460, 4691112, 4690582, 4690583, 4691165, 4691166, 4691167, 4691168, 4691169, 4691170, 4691211, 4691212, 4691213, 4691214, 4691215, 4691216, 4691217, 4691218, 4691219, 4691232, 4691233, 4691234, 4691235, 4691236, 4691237, 4691238, 4691239, 4691240, 4691241, 4691243, 4691245, 4691247, 4691249, 4691250, 4691291, 4691292, 4691293, 4691294, 4691295, 4691296, 4691255, 4689476, 4689477, 4689478, 4691223, 4691224, 4691136, 4689479, 4689480, 4691137, 4691225, 4691226, 4691227, 4691371, 4691228, 4691328, 4689967, 4691138, 4691139, 4691140, 4691433, 4689968, 4689969, 4691395, 4691230, 4691297, 4691298, 4691299, 4691300, 4691396, 4691397, 4691398, 4691399, 4691400, 4691401, 4691402, 4691403, 4691404, 4691405, 4691406, 4691407, 4691408, 4691409, 4691410, 4691471, 4691472, 4691473, 4691474, 4691475, 4691476, 4691477, 4691478, 4691479, 4691480, 4691481, 4691482, 4691483, 4691484, 4691485, 4691486, 4691487, 4691488, 4691143, 4691144, 4691511, 4691113, 4689482, 4691533, 4691145, 4691146, 4691147, 4691148, 4691536] into sparse-4732991-L01200000196794104
Change-Id: Ia22e17bb167b1d67bcce73a5f95c44c9649f2c08
|
|
Bug: 77600398
Change-Id: Ia316f1c5dc4879f6851fdb78fe8b9039579be7bc
(cherry picked from commit 0d2dc943dcaa3d7c8479e22ae62be9753ea2643c)
|
|
This won't leak any traffic outside the VPN as long as there are no
processes owned by uid 0 which generate network traffic (which is
currently the case).
Bug: 69873852
Test: compared the output of 'adb shell ip rule show' before and after
Test: runtest -x frameworks/base/tests/net/java/com/android/server/connectivity/VpnTest.java
Test: local CTS tests run: android.net.cts.VpnServiceTest
Test: local CTS tests run: com.android.cts.devicepolicy.MixedDeviceOwnerTest
Change-Id: I8758e576c9d961d73f62bfcf0559dd7ecee6e8e6
Merged-In: I8758e576c9d961d73f62bfcf0559dd7ecee6e8e6
Merged-In: I1f9b78c8f828ec2df7aba71b39d62be0c4db2550
Merged-In: I8edeb0942e661c8385ff0cd3fdb72e6f62a8f218
(cherry picked from commit 00000fe55a4729f8339afdc7eab5c970b2549813)
(cherry picked from commit ef2910dc709d698b6476e8d462c608d04c784a26)
|
|
Bug: 77599679
Test: Compile only
Change-Id: Ib417a5cb4d51744442d2fb14437cabbe5fd1c266
(cherry picked from commit abe5a73a4a81e312a1690fbc10a6b99ce98b699a)
|
|
Test: cts-tradefed run cts -m CtsShortcutManagerTestCases -t android.content.pm.cts.shortcutmanager.ShortcutManagerFakingPublisherTest
Bug: 109824443
Change-Id: I90443973aaef157d357b98b739572866125b2bbc
Merged-In: I78948446a63b428ae750464194558fd44a658493
(cherry picked from commit 9e21579a11219581a0c08ff5dd6ac4dc22e988a4)
|
|
DynamicRefTables parsed from apks are missing bounds checks that prevent
buffer overflows. This changes verifies the bounds of the header before
attempting to preform operations on the chunk.
Bug: 79488511
Test: run cts -m CtsAppSecurityHostTestCases \
-t android.appsecurity.cts.CorruptApkTests
Change-Id: I02c8ad957da244fce777ac68a482e4e8fa70f846
Merged-In: I02c8ad957da244fce777ac68a482e4e8fa70f846
(cherry picked from commit 18a6ada4aa136da4f50f03fff91d61d448ced195)
|
|
Changes the logs adding in a previous security fix to warnings so
devices with malformed APKs currently on them will not undergo DOS when
they are upgraded to P.
Bug: 79724567
Test: run cts -m CtsAppSecurityHostTestCases \
-t android.appsecurity.cts.CorruptApkTests
Change-Id: Ied54e4bb14abdaf79da562022c7ea6075187c1f8
(cherry picked from commit f05f47b2c1838529e682ad8f931d3da72244b1a1)
(cherry picked from commit c31cf80008fdb06ea8e1eab9764096653e7854b1)
|
|
* limit the absolute maximum size of the label to 50000 characters
[which is probably far more than necessary, but, can be dialed down]
* use a string buffer while processing the string [instead of creating
multiple string objects]
Bug: 62537081
Test: Manual. Install APK in bug and see that it can be uninstalled
Change-Id: Ibf63c2691ad7438a123e92110d95b1f50050f8b1
Merged-In: Ibf63c2691ad7438a123e92110d95b1f50050f8b1
(cherry picked from commit 2263da9539daef134395226a2718ba2d7af7547d)
|
|
Fixes an issue where input intended for the keyguard could end up going
to a different display.
To prevent this, make sure that only the default display can get focused
when the keyguard is showing.
Change-Id: I6463c44aedca06930d2c9bda7c45ffd93141308c
Merged-In: I6463c44aedca06930d2c9bda7c45ffd93141308c
Fixes: 71786287
Test: atest DisplayContentTests
(cherry picked from commit 3cd5e3d9bbb3255e874b8fa27d7ed506164905dd)
|
|
These new tests ensure that VPNs report the meteredness of their
underlying networks correctly. The added test verifies VPN meteredness
for cases of metered and unmetered WiFi and Cell
Bug: 78644887
Test: This; ran on walleye-eng
Change-Id: I28bdc71a336bfd97f7908455d4781d774df44b87
(cherry picked from commit 66bc52884b1009fca7917ae89e72e8aa40f394d1)
|
|
This patch corrects ConnectivityController's meteredness checks to
perform correct meteredness checks while VPNs are running. This fixes a
bug in O-MR1 where any apps using the DownloadProvider with unmetered
network constraints fail to start while the VPN is enabled.
This change adds a bespoke method for ConnectivityController, allowing
it to correctly identify the meteredness without affecting public API
surfaces.
Bug: 78644887
Test: Built, flashed on Walleye, and tested.
Test: Additional test coverage in subsequent patch(es).
Change-Id: Ie1d11d93d51d936ce81cd5984af61bde30325983
(cherry picked from commit d08ab5a641d9d81314c9439724dd34338fa81d58)
|
|
Fix: 70585244
Bug: 69981755
Test: Enable any accessibility service -> inflate work profile
-> Tap on any work app -> no longer crash
Test: cts-tradefed run cts-dev --module DevicePolicyManager --test com.android.cts.devicepolicy.CrossProfileAppsHostSideTest.testPrimaryUserToManagedProfile
Change-Id: I80d18f4e2ab76a228cb0aa2c8312c323a9b5c84d
(cherry picked from commit 857326e3731939f6ec7979e1d86585bf0ea484f4)
|
|
Test: presubmit
Fixes: 70506475
Bug: 69981755
Change-Id: I187bed4889a4901a7137a2995178ea651ed09186
(cherry picked from commit 6c68a692880b7cc981e130aace0edb9f2fcffff6)
|
|
Bug: 77600924
Change-Id: I46d765892e8e6839ed5140a3b0d6bb1815ccf9bc
Signed-off-by: Ecco Park <eccopark@google.com>
(cherry picked from commit 9a59cf84506e9fa841524ac2c70ae683449e709a)
|
|
Test: manual
Bug: 73173182
Change-Id: I7f2201cab36adf7f01d1a794d783cb78a536811f
(cherry picked from commit 24da173b63b17a0bc6c80b2fcfefa7fe4574a15b)
|
|
(backport from a fix merged in pi-dev)
Bug: 73884967
Test: Treehugger
Change-Id: I9deaae20893184cde36dcd936fe83708fa60b830
Merged-In: I0cf7920e138892fbcab71fae0eed1293f0b2e404
Merged-In: I9e3456e5f1e479b0e2b102f6c90db57cd0e977fe
(cherry picked from commit 7b52a48d6b10e3ed2806b57d39a2d9211dd4b585)
|
|
If a run time permission of a group is already granted we grant the
other permission of the group automatically when requested.
Hence if an already granted permission changed its group during an
update suddenly permission of a potentially not approved group will
get auto-granted.
This is undesirable, hence we revoke the permission during the update
process.
Test: atest android.permission.cts.PermissionGroupChange
Change-Id: Ib2165d1ae53b80455ebe02e07775853e37a2e339
Fixes: 72710897
(cherry picked from commit 0ed1b472af194896fcf421dc862c443343c7c127)
|
|
Adds detection of attacker-modified size and data fields passed to
ResStringPool::setTo(). These attacks are modified apks that AAPT would
not normally generate. In the rare case this occurs, the installation
cannot be allowed to continue.
Bug: 71361168
Bug: 71360999
Test: run cts -m CtsAppSecurityHostTestCases \
-t android.appsecurity.cts.CorruptApkTests
Change-Id: If7eb93a9e723b16c8a0556fc4e20006aa0391d57
Merged-In: If7eb93a9e723b16c8a0556fc4e20006aa0391d57
(cherry picked from commit 7e54c3f261d81316b75cb734075319108d8bc1d1)
|
|
(backport to oc-mr1-dev)
Test: added AccessibilityEndToEndTest#testPackageNameCannotBeFaked
cts-tradefed run cts -m CtsAccessibilityServiceTestCases
cts-tradefed run cts -m CtsAccessibilityTestCases
Bug: 69981755
Change-Id: If3752e106aa7fdee4645dc9852289af471ceff18
Merged-In: I13304efbee10d1affa087e9c8bc4ec237643283e
(cherry picked from commit c36db6d473c9988496cd614924ee113b67f7e333)
|
|
Replaced readTypedArrayList/writeTypedArrayList with
writeTypedList/createTypedArrayList(CREATOR)
Bug: 71508348
Test: CtsAutoFillServiceTestCases pass
Merged-In: I2a8321023b40cc74b7026eb0fb32a9cc5f5543a9
Change-Id: Id17d02e40a4ae567bf2d74d2ea8ba4d8a943bdb7
(cherry picked from commit 4921986db76b1580bcb6ec8b2fd381d1364a6325)
|
|
Bug: 63766886
Test: ran CTS tests
Change-Id: I1f92bb014e275eafe3f42aef1f8c817f187c6608
(cherry picked from commit 6d2096f3889d38da60099b1b5678347de4f042bf)
|
|
Test: adb shell am start com.android.settings/.RadioInfo
Bug: 69981710
Fixes: 70506888
Change-Id: Id29bad2d20b621f7379eb6144c95dcc819949b3d
Merged-In: Id29bad2d20b621f7379eb6144c95dcc819949b3d
(cherry picked from commit 97f16a76db29269619d9a1b45d4cea49026a5b6a)
(cherry picked from commit 92b5d2783a1b97bee476f04754481403839b4e45)
|
|
3783029, 3783030, 3783164, 3783165, 3783167, 3783168, 3783170, 3783171, 3783172, 3782288, 3783031, 3782196, 3782955] into oc-m4-release
Change-Id: Ie5bb0080290b16322833b5ca450689b3ff66892a
|
|
The writeToParcel and readFromParcel is not symmetry, fixed it.
Test: no test
Bug: 70721937
Change-Id: I01f6f6b2ab778ee8b638d9b69fe0a6b9aa7ee395
(cherry picked from commit 8c55a70728fdb0a7b0585fac08629b0137dca51e)
|
|
Merged-In: Ic4569b21d8a26a62bba91742b442f0c3ea8bcc9e
Change-Id: I17d085be9ce1a139e75264f1e715df7f565cd41b
Fixes: 71992105
Test: manual
(cherry picked from commit 187964aca12115c7ab66f59d1ebb95e4f4130ac6)
|
|
RcognitionService
Fixes: 73511076, 73311729
Test: presubmit
Change-Id: Ie98f67ffee4744050ac85d8b229370a16a76a194
(cherry picked from commit 726b51a26e9a54b7352aad90ed15edccc44dd60d)
(cherry picked from commit 5a28e533fe8865ed371b5c0fd909a4ec89f63633)
|
|
Bug: 63000005
Test: runtest frameworks-net -c com.android.server.connectivity.VpnTest
Test: cts-tradefed run cts-dev -m CtsDevicePolicyManagerTestCases -t com.android.cts.devicepolicy.MixedDeviceOwnerTest#testAlwaysOnVpnLockDown
Merged-In: Ia1a82ee73d8617f3124032986fe6c09c14bf7752
Change-Id: Ia1a82ee73d8617f3124032986fe6c09c14bf7752
(cherry picked from commit f915e04d5010c4dfffad263fa70c1e412e856314)
|
|
Length of the last array in readFromParcel should be the same as
value of mNextIndex.
Test: PoC app in the bug
Bug: 73252178
Change-Id: I69f935949e945c3a036b19b4f88684d906079ea5
(cherry picked from commit 3b8bc2e45048527d7682b24b96957c34433da382)
|
|
This method broke on O-MR1 when I3abf999eb6056c1df7982780bae43b58337c0668
was chery-picked from master.
Test: cts-tradefed run commandAndExit cts-dev -m CtsAutoFillServiceTestCases \
-t android.autofillservice.cts.AttachedContextActivityTest#testAutofill
Test: cts-tradefed run commandAndExit cts-dev -m CtsAutoFillServiceTestCases
Also individually ran tests that failed (due to flakiness) when ran in a suite:
Test: cts-tradefed run commandAndExit cts-dev -m CtsAutoFillServiceTestCases \
-t android.autofillservice.cts.OptionalSaveActivityTest#testDontShowSaveUiWhenUserManuallyFilled_oneDatasetAllRequiredFields
Test: cts-tradefed run commandAndExit cts-dev -m CtsAutoFillServiceTestCases -t android.autofillservice.cts.PreSimpleSaveActivityTest #testTapLink_tapBack_thenStartOverBySayingYesAndManualRequest
Fixes: 71960322
Change-Id: Ia093dcefe6699dc9493c46d671e48c2000214b31
Merged-In: I3abf999eb6056c1df7982780bae43b58337c0668
(cherry picked from commit b25b4736db2ea05dce6b9f03e8a9920ab338dd5a)
|
|
Test: cts-tradefed run commandAndExit cts-dev -m CtsAutoFillServiceTestCases -t android.autofillservice.cts.VirtualContainerActivityTest#testAppCannotFakePackageName
Test: cts-tradefed run commandAndExit cts-dev -m CtsAutoFillServiceTestCases
Bug: 69981710
Change-Id: Id6036cddb51dd8dd0c9128b7212d573f630d693f
Merged-In: Id6036cddb51dd8dd0c9128b7212d573f630d693f
(cherry picked from commit 23e61a9086a34405e277868474e003b37ed1b711)
|
|
Change-Id: I549a4ec71b46c202ed9209ddea8b147f91b8f294
|
|
Change-Id: Id2935bbe1630247131e87ed78cc70a7e3aaa0f5b
|
|
3661580, 3662430, 3661547, 3661548, 3661549, 3661550, 3662578, 3662579, 3662580, 3662581, 3662582, 3662583, 3661597, 3661598, 3661551, 3661552, 3661553, 3661554, 3661555, 3662596, 3662597, 3662598, 3662599, 3662584, 3662585, 3662586, 3662616, 3662617, 3662618] into oc-m4-release
Change-Id: I7c9c46ea767f4332fbcb7bca50eabaa446acacdc
|
|
ParcelableRttResults was unparceled incorrectly.
Bug: 70398564
Test: exploit provided in bug no longer works
Change-Id: Ifd6de547e9861bbebc399b43d0cc2899a8160813
(cherry picked from commit e1e5a2409c8bef2481e68d9329f87bb8037afa45)
|
|
There was an asymmetry between parcelling and unparcelling of
VerifyCredentialResponse that could lead to type confusion if
packed with other objects in a Parcel.
Test: none
Bug: 71714464
Change-Id: Icff68879e249422ccca49f2bb7db85c35b4cb353
(cherry picked from commit 54813e988884f0d604d5358569f10feda8622f46)
|
|
The WHATWG URL parsing algorithm [1] used by browsers says that for
"special" URL schemes (which is basically all commonly-used
hierarchical schemes, including http, https, ftp, and file), the host
portion ends if a \ character is seen, whereas this class previously
continued to consider characters part of the hostname. This meant
that a malicious URL could be seen as having a "safe" host when viewed
by an app but navigate to a different host when passed to a browser.
[1] https://url.spec.whatwg.org/#host-state
Bug: 71360761
Test: vogar frameworks/base/core/tests/coretests/src/android/net/UriTest.java (on NYC branch)
Test: cts -m CtsNetTestCases (on NYC branch)
Change-Id: Id53f7054d1be8d59bbcc7e219159e59a2425106e
(cherry picked from commit fa3afbd0e7a9a0d8fc8c55ceefdb4ddf9d0115af)
|
|
All other stringAt methods check for null termination. Be consistent
so that upper levels don't end up with huge corrupt strings.
Bug: 62537081
Test: none
Change-Id: I17bdfb0c1e34507b66c6cad651bbdb12c5d4c417
(cherry picked from commit 3d35a0ea307693a97583a61973e729a5e7db2687)
(cherry picked from commit 97f8cb01149b35b1832c7f9efe85ff19edf1083e)
(cherry picked from commit 5ec65ae909a85d13d03c030be357c8c14a50d306)
|
|
Test: Camera CTS
Bug: 69683251
Merged-In: I7ea4aa8ed4baa5a5e7d25a0073361d827ba86c13
Change-Id: I7ea4aa8ed4baa5a5e7d25a0073361d827ba86c13
(cherry picked from commit 4304a02ac990c1af5fb8f479bdd2b04c8af4fddb)
|
|
Bug: 69634768
Test: compilation
Change-Id: Icedfbaf1ba933637e935ada0fd98aea42c73f2b2
Merged-In: Icedfbaf1ba933637e935ada0fd98aea42c73f2b2
(cherry picked from commit 5332988c62e2f2ededb29ac3bfc4774551fe956f)
|
|
Change-Id: Ibf135d197dba570c2fd622f5942d05e5b1ec0da7
|
|
3594035, 3592471] into oc-mr1-release
Change-Id: Id0214b5206fd01da1829b1475cef34ecac46f4e2
|
|
Bug: 72871435
Test: flashed and verified, also ran runtest framework-net
Change-Id: I69319a7db269489053426bb2d41574180be2d43d
(cherry picked from commit c81ef199549c552003e78a2b9383d5d38aaed8d0)
|
|
On Android, if the process containing the service being bound to
crashes before the bind succeeds, the app doing the binding won't
get a success or failure callback.
When that happens in this code, this leaves notif. manager thinking
that a binding is in progress, so it never attempts to rebind until
the device is rebooted.
Bug: 69064494
Test: manual, crashed listener on proc start, verified not unbound forever
Change-Id: Id2082744208e21a709d9453365f282449a2e9407
(cherry picked from commit 4a86a51b672617b02994fc812e4f96342daf424e)
(cherry picked from commit 1936097afc3188ed5f2bb4e7211bb404364eeb38)
|
|
The strict whitelist of settings for Instant Apps is leading to too much
unintended breakage, remove the enforcement until better infrastructure
can be added to make sure settings that should be whitelisted are.
Bug: 71009655
Test: Coming in a follow up
(cherry picked from commit b6108d621002d4de708ae526e7c2bc95dabef080)
Change-Id: Iaa1d71331407cee86c10105c1e5668ffd0c925a1
(cherry picked from commit 26ae1d359e02fe5871177c9adfc90ca571fd0f86)
|
|
3580658, 3580382, 3580474, 3580475, 3581039, 3581040, 3580476, 3580206, 3581527, 3580955, 3580956, 3580957, 3580958, 3580959, 3580960, 3580961, 3580962, 3580963, 3580964, 3580965, 3580966, 3581567, 3581568, 3581569, 3581570, 3581571, 3580625, 3580626, 3581587, 3581513, 3581514, 3581515, 3580477, 3581588, 3580659, 3580660, 3580383, 3580384, 3580478, 3580719, 3580479, 3580480, 3581385, 3581528, 3581041, 3581042, 3581043, 3581044, 3581045, 3581046, 3581607, 3580385, 3580481, 3580482, 3580483, 3580661, 3580662, 3580663, 3580664, 3580665, 3580484, 3580485, 3581608, 3581609, 3581610, 3581611, 3581612, 3581589, 3581613, 3580486, 3581519, 3581627, 3581628, 3581529, 3581530, 3581531, 3581629, 3581630] into oc-mr1-release
Change-Id: I107552246742f7f284efd431d810a44d97a223b1
|
|
ParcelableRttResults was unparceled incorrectly.
Bug: 70398564
Test: exploit provided in bug no longer works
Change-Id: Ifd6de547e9861bbebc399b43d0cc2899a8160813
(cherry picked from commit e1e5a2409c8bef2481e68d9329f87bb8037afa45)
|
|
There was an asymmetry between parcelling and unparcelling of
VerifyCredentialResponse that could lead to type confusion if
packed with other objects in a Parcel.
Test: none
Bug: 71714464
Change-Id: Icff68879e249422ccca49f2bb7db85c35b4cb353
(cherry picked from commit 54813e988884f0d604d5358569f10feda8622f46)
|
|
This updates both the text-based diskstats and the proto-based diskstats
to both have both an aggregated and line-itemed view of app sizes.
Formerly, the code and data sizes were rolled up into the same category
and now they are separated.
Bug: 63908720
Test: FrameworksServicesTest passes
Merged-In: I1434327ffde6ad1f31243218c5201a80f9725a63
(cherry picked from commit b6cc838142d2390eaec99670bb6caf6bee0ec96f)
(cherry picked from commit 41a5ae86f1d51204995af617ef3d1f31b178a618)
Change-Id: I0d21ecc0ded5d715e3b5a478e78de2ba1f7e9ec2
|
|
The WHATWG URL parsing algorithm [1] used by browsers says that for
"special" URL schemes (which is basically all commonly-used
hierarchical schemes, including http, https, ftp, and file), the host
portion ends if a \ character is seen, whereas this class previously
continued to consider characters part of the hostname. This meant
that a malicious URL could be seen as having a "safe" host when viewed
by an app but navigate to a different host when passed to a browser.
[1] https://url.spec.whatwg.org/#host-state
Bug: 71360761
Test: vogar frameworks/base/core/tests/coretests/src/android/net/UriTest.java (on NYC branch)
Test: cts -m CtsNetTestCases (on NYC branch)
Change-Id: Id53f7054d1be8d59bbcc7e219159e59a2425106e
(cherry picked from commit fa3afbd0e7a9a0d8fc8c55ceefdb4ddf9d0115af)
|
|
All other stringAt methods check for null termination. Be consistent
so that upper levels don't end up with huge corrupt strings.
Bug: 62537081
Test: none
Change-Id: I17bdfb0c1e34507b66c6cad651bbdb12c5d4c417
(cherry picked from commit 3d35a0ea307693a97583a61973e729a5e7db2687)
(cherry picked from commit 97f8cb01149b35b1832c7f9efe85ff19edf1083e)
(cherry picked from commit 5ec65ae909a85d13d03c030be357c8c14a50d306)
|
