Security Patches :D #7
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This reverts commit cff8340. Reason for revert: Remove from July 2021 Android Security Bulletin due to break existing applications. Bug: 176541017 Change-Id: Iacef744056630e85fb43d838a72abfae331cbaf4 Test: install WFD application and check whether it works normally. (cherry picked from commit 955b64a)
Revert "Add test cases for background startForeground() improvement." Revert submission 15081873-cherrypick-security_backport_183147114-an8dvy98fv Reason for revert: https://b.corp.google.com/issues/197066403#comment15 After the app calls Service.startForeground() to put the app into foreground service mode, the service has mAllowWhileInUsePermissionInFgs set, if it is true, the app/service can access location/camera/micophone. Some apps may call Service.startForeground() again (for any reason, could be a app's unintentional redundant call, could be that app want to update the notification of the foreground service), but at this moment the app has went into background mode, although the foreground service is still running. The second or later Service.startForeground() call may set mAllowWhileInUsePermissionInFgs to false and the app may lose location/camera/micophone access. This is incorrect because the foreground service is still running and we expect location/camera/micophone access to continue. The Samsung Voice Recorder app has run into this situation. Reverted Changes: I0aca484e5:BG-FGS-start while-in-use permission restriction i... I4988dbba1:Add test cases for background startForeground() im... Bug: 183147114 Bug: 197066403 Change-Id: Iad32e4391fa15bc252e50f9b858fe2e5225edb19 Merged-In: Idc88f274c7a323d175d65bb47eca041772ae9bb7 (cherry picked from commit c83a949)
Address problems reading/writing: - ParsingPackageImpl mKeySetMapping - ParsingPackageImpl mQueriesIntent Bug: 187043377 Bug: 195962697 Test: atest com.android.server.pm.test.parsing.parcelling Merged-In: I5b33315f8248d5fcbdef2cc04ecf77cc18dbd7b6 Change-Id: I5b33315f8248d5fcbdef2cc04ecf77cc18dbd7b6 (cherry picked from commit f93af7e) (cherry picked from commit 37a0b6d)
Bug: 180747689 Test: manual Change-Id: Ic309f4aad116fd424d5d0d0e2016d61be8826b78 (cherry picked from commit 3c4a917)
Bug: 172251622 Bug: 197035186 Change-Id: Ic3ffcb622af232473adf8a8c8307cce78227bac0 Merged-In: I7e2f95fd85e18127dc481f188ace8ad6effc4831 Test: Manual (cherry picked from commit 7f687d4)
In some cases, enforceCrossUserOrProfilePermission fails for packages which have INTERACT_ACROSS_PROFILE appop granted if it shares the uid with another package that doesn't hold the permission, this is because getPackagesForUid is used to get the callingPackage which could return either packages randomly. I've changed setting the appop to be per uid instead of per package, Test: manual testing Bug: 183188804 Bug: 183730243 Bug: 195630721 Change-Id: I7a72c1d3abd1f83924865326797630ded2f2040f Merged-In: I7a72c1d3abd1f83924865326797630ded2f2040f (cherry picked from commit 4670d1d) (cherry picked from commit be1752c)
Bug: 196970023 Test: presubmits passing. Change-Id: I69f51eb2faac0cf2ee9f7a5f94f7100925f7221c (cherry picked from commit 1903539)
Bug: 193149550 Test: follow repro steps Merged-In: I49e2b8bcec7b2ce0a9776ff30a64c07f24949da7 Change-Id: I49e2b8bcec7b2ce0a9776ff30a64c07f24949da7 (cherry picked from commit 73c3c0a)
…0 bytes. Some older versions of Keymster do not consume any data in certain block modes unless a full block of data was presented. Bug: 199032140 Bug: 200041882 Test: CtsKeyStoreTestcases with KM1.0 backend. Merged-In: Ic2da6e5c12628f11603f51c7a3408aad70947d95 Change-Id: Ic2da6e5c12628f11603f51c7a3408aad70947d95 (cherry picked from commit 395e56a)
Prevents non-system apps from placing a window over the app selection screen. Bug: 143559931 Test: Installed test app and attempted to overlay Change-Id: Ied05088a5007e0f10cd3e1abd8d7da8ffeb3b674 Merged-In: Ied05088a5007e0f10cd3e1abd8d7da8ffeb3b674 (cherry picked from commit 34534e1) (cherry picked from commit 978809e)
BUG:179338675 Auto-generated-cl: translation import Change-Id: I12b153342014721d1ebd202be933fdc54978e0f2 (cherry picked from commit 15331bf) (cherry picked from commit 14eba599b42ec12f72e2dfc07313db9d8d9f70ae)
See comment here for the discussion on solution https://b.corp.google.com/issues/169762606#comment14 Change-Id: If212df3a3b7be1de0fb26b8e88b2fcbb8077c253 Bug: 169762606 (cherry picked from commit 11053c1) Change-Id: I3ff7d8f4df086cb4c153e7ec873b85a093810722 Merged-In: If212df3a3b7be1de0fb26b8e88b2fcbb8077c253 (cherry picked from commit c65b81b) Merged-In:I3ff7d8f4df086cb4c153e7ec873b85a093810722
…s off. This adds a force flag, which we will use when turning the screen off to make sure that all UI components are reset to the SHADE state regardless. Bug: 189575031 Test: make a call; lock screen; pull down shade Merged-In: I79baeb71ac5d1ed45602ac55cdca996b3bed0ac3 Change-Id: I79baeb71ac5d1ed45602ac55cdca996b3bed0ac3 (cherry picked from commit 9be6207) Merged-In:I79baeb71ac5d1ed45602ac55cdca996b3bed0ac3
If a profile owner is defined for a specific user, do not delete usage stats for a package on package deletion. Bug: 197399948 Test: atest UsageStatsTest [all] Change-Id: I94a8e3dfca8ef4c7616f77944d61726e06043b85 Merged-In: I94a8e3dfca8ef4c7616f77944d61726e06043b85 (cherry picked from commit d95ce67) Merged-In:I94a8e3dfca8ef4c7616f77944d61726e06043b85
This reverts commit b45ebca. Reason for revert: adding the fix for system to abandon sessions BUG: 67862680 Test: manual Change-Id: I5b762a29d12f62b516a59a85530386236259308b Merged-In: I91170ba399b3a596320b3bd9c8188912e5c4f1be (cherry picked from commit c98f06c) (cherry picked from commit 8408d434030650c7ab26197030375765b24eeedd) Merged-In:I5b762a29d12f62b516a59a85530386236259308b
This line was removed in O, S, & P, but somehow survived in the Q and R branches. Bug: 193444889 Merged-In: I56589865427b10e2eab68e1ed2e7c290572a9edc Change-Id: I56589865427b10e2eab68e1ed2e7c290572a9edc (cherry picked from commit 1b13bc8) Merged-In:I56589865427b10e2eab68e1ed2e7c290572a9edc
Recreating the control's intent in SystemUI can be exploited to launch Intent's with SystemUI's privileges, rather than what is limited to the application. Use the fillInIntent parameter to supply additional parameters to the application. Bug: 193445603 Test: Follow directions in bug to retest Change-Id: Ib2b0342af85679c0514fb4d88530376b58e6e12a Merged-In: (cherry picked from commit 0e120a5) (cherry picked from commit d7b16dd) Merged-In:Ib2b0342af85679c0514fb4d88530376b58e6e12a
…without Parcel private APIs. Bug:197228210 Test: atest CtsSecurityTestCases:android.security.cts.AndroidFutureTest (cherry picked from I577da5a3bc4ed537123b7eceaa5addf8f7bb0d92 and Icc5ce702f0cd84e9136dee3c65f63619df697358) Change-Id: I1d488c475f2f7af835a67496535cecdd6987c0cf (cherry picked from commit 562f1bd) Merged-In:I1d488c475f2f7af835a67496535cecdd6987c0cf
Bug: 175430552 Bug: 197399948 Test: build, flash, watch logcat Change-Id: If441946fa278c04ae88122f6243f5a7dedd96ebc Merged-In: If441946fa278c04ae88122f6243f5a7dedd96ebc (cherry picked from commit bd27c36) (cherry picked from commit bcb5ee6) (cherry picked from commit b5fa0a6) Merged-In:If441946fa278c04ae88122f6243f5a7dedd96ebc
It will throw if abandon() is called on a child session. Bug: 211944991 Bug: 67862680 Test: to be added Change-Id: Ib0ba9f3786dda2d3174f3ea8c65d1061a3fcb586 Merged-In: Ib0ba9f3786dda2d3174f3ea8c65d1061a3fcb586 (cherry picked from commit 8b67e7d) (cherry picked from commit c685f8b) Merged-In:Ib0ba9f3786dda2d3174f3ea8c65d1061a3fcb586
The value may be inconsistent between BasePermission.perm.protection-
Level and BasePermission.getProtectionLevel() within the same object.
Update the perm to fix the inconsistency.
Bug: 209607944
Test: manually using the PoC on the buganizer to ensure the symptom
no longer exists.
Change-Id: I19d6135f98bee9392d85e56478c42e06cfea8ba5
(cherry picked from commit b5efdf7)
Merged-In:I19d6135f98bee9392d85e56478c42e06cfea8ba5
Before allowing the group to be deleted, by updating the current check to the method that populates the channel list Test: NotificationManagerServiceTest Bug: 209965481 Change-Id: I9db781c300e96e9c80bd5d21585b8be9b4db08c8 Merged-In: I9db781c300e96e9c80bd5d21585b8be9b4db08c8 (cherry picked from commit 6456b62) Merged-In:I9db781c300e96e9c80bd5d21585b8be9b4db08c8
According to the docs, an onNullBinding requires the service to be manually unbound. Test: test apk that return null on onBind Test: atest ControlsProviderLifecycleManager Fixes: 212286849 Change-Id: I71a59b875bbf9eb411e6e92ddc5a04a7353a46c4 (cherry picked from commit d0e683b) Merged-In:I71a59b875bbf9eb411e6e92ddc5a04a7353a46c4
For all other requests, drop this flag. Test: atest FlagSlipperyTest Bug: 157929241 Change-Id: Ia30f1c38d5ddb351c90b748ea76448a76a9dde7b Merged-In: Ia30f1c38d5ddb351c90b748ea76448a76a9dde7b (cherry picked from commit 07e7aaf) Merged-In:Ia30f1c38d5ddb351c90b748ea76448a76a9dde7b
This permission allows the app to use FLAG_SLIPPERY. This means, windows of the app that has this permission can let touches slip out when the finger moves out of the window bounds. Bug: 157929241 Bug: 206188649 Test: atest FlagSlipperyTest Change-Id: I9ccdfd298f32c36b9c4da68c2e9c355c97dc7593 Merged-In: I9ccdfd298f32c36b9c4da68c2e9c355c97dc7593 (cherry picked from commit cccf191) Merged-In:I9ccdfd298f32c36b9c4da68c2e9c355c97dc7593
…ion improve...""" Upstream change 5d30b70 ("BG-FGS-start while-in-use permission restriction improvement") properly fixes what we needed to work-around. This reverts commit b64352d7c66e93ddc2b448f556e265178309d730. Change-Id: I00b3ab4161dceddff015e4f5365cd777acfe2faa
setBlocked is a hidden API, so apps should not be calling the method, but fix up the data in case they do Test: PreferencesHelperTest; manual with ApiDemos FGS Bug: 209966086 Change-Id: Icc709a6b0d0a8c5f2d9243959992f1b6764354db Merged-In: I8a27853c7ed05d9dfd38a3142fbbe185946c3992 (cherry picked from commit c5b5453) Merged-In:Icc709a6b0d0a8c5f2d9243959992f1b6764354db
BUG:286996125 Auto-generated-cl: translation import (cherry picked from https://googleplex-android-review.googlesource.com/q/commit:917729f52b84d8ff1140ece2dd696914426adcd3) Merged-In: I9f1045f17a003528a57cb8e9dfc53e5df40579f3 Change-Id: I9f1045f17a003528a57cb8e9dfc53e5df40579f3
Also added a step to serialize & deserialize the notification in the test, to prevent exceptions about not being able to cast e.g. Parcelable[] to RemoteInputHistoryItem[]. Test: atest NotificationManagerServiceTest & tested with POC from bug Bug: 276729064 (cherry picked from https://googleplex-android-review.googlesource.com/q/commit:88e597d2b31d054ab5286b3a666accb08a8db5d5) Merged-In: I7053ca59f9c7f1df5226418594109cfb8b609b1e Change-Id: I7053ca59f9c7f1df5226418594109cfb8b609b1e
The key mapping information between the native key mappings and the KeyCharacterMap object available in Java is currently shared, which means that a read can be attempted while it's being modified. Because the code changed between R and S, this CL fixes it just for R; the patch for versions S+ is ag/23785419 Bug: 274058082 Test: Presubmit (cherry picked from https://googleplex-android-review.googlesource.com/q/commit:4b3c4620166071561ec44961fb08a56676b4fd6c) Merged-In: I3be94534dcda365da473f82347ae2e3f57bb1b42 Change-Id: I3be94534dcda365da473f82347ae2e3f57bb1b42
Check permissions of URI inside of FillResponse's RemoteViews. If the current user does not have the required permissions to view the URI, the RemoteView is dropped from displaying. This fixes a security spill in which a user can view content of another user through a malicious Autofill provider. Bug: 283137865 Fixes: b/283264674 b/281666022 b/281665050 b/281848557 b/281533566 b/281534749 b/283101289 Test: Verified by POC app attached in bugs Test: atest CtsAutoFillServiceTestCases (added new tests) (cherry picked from https://googleplex-android-review.googlesource.com/q/commit:26beceb9a252a50374d056b162fa7e8ea55051b3) Merged-In: I6f4d2a35e89bbed7bd9e07bf5cd3e2d68b20af9a Change-Id: I6f4d2a35e89bbed7bd9e07bf5cd3e2d68b20af9a
ag/23792288 tried to fix a security issue by cloning the key mappings, but unfortunately the parcel was not being rewinded. Bug: 274058082 Test: Confirmed change works in newer Android versions (cherry picked from https://googleplex-android-review.googlesource.com/q/commit:aaaba6cf190d976efdc5db6c78997dbdc9214c15) Merged-In: I6f75b9202e20d82ebf81a35a2916e653ee1b8372 Change-Id: I6f75b9202e20d82ebf81a35a2916e653ee1b8372
Bug: 278246904 Test: manually, with the PoC app attached to the bug (cherry picked from https://googleplex-android-review.googlesource.com/q/commit:5f5a87d8a0dc9190327ba0e6113d5b80ee96abae) Merged-In: Iecfc1fb962de611cbe3c51a44ba4fded53925a7d Change-Id: Iecfc1fb962de611cbe3c51a44ba4fded53925a7d
Test: tested with POC in bug, also using atest Bug: 224771621 (cherry picked from https://googleplex-android-review.googlesource.com/q/commit:fb4a72e3943d166088407e61aa4439ac349f3f12) Merged-In: Ide65205b83063801971c5778af3154bcf3f0e530 Change-Id: Ide65205b83063801971c5778af3154bcf3f0e530
Test: manual with the steps from the bug Test: manual with a normal icon Test: atest CanUseIconPredicate Test: atest ControlViewHolderTest Bug: 272025416 (cherry picked from https://googleplex-android-review.googlesource.com/q/commit:ffa97f42dd9496bb404e01727c923292d05a4466) (cherry picked from https://googleplex-android-review.googlesource.com/q/commit:331f2f1baaf7b62e90a7d7cb6d4481925b3d9071) Merged-In: I354469a53611c094c7bb695b1c2017c6786dd396 Change-Id: I354469a53611c094c7bb695b1c2017c6786dd396
…sets
When RescueParty detects that a system process is crashing frequently,
it tries to recover in various ways, such as by resetting all settings.
Unfortunately, this included resetting the secure_frp_mode setting,
which is the means by which the system keeps track of whether the
Factory Reset Protection (FRP) challenge has been passed yet. With this
setting reset, some FRP restrictions went away and it became possible to
bypass FRP by setting a new lockscreen credential.
Fix this by excluding secure_frp_mode from resets.
Note: currently this bug isn't reproducible on 'main' due to ag/23727749
disabling much of RescueParty, but that is a temporary change.
Bug: 253043065
Test: With ag/23727749 reverted and with my fix to prevent
com.android.settings from crashing *not* applied, tried repeatedly
setting lockscreen credential while in FRP mode, using the
smartlock setup activity launched by intent via adb. Verified
that although RescueParty is still triggered after 5 attempts,
secure_frp_mode is no longer reset (its value remains "1").
Test: Verified that secure_frp_mode still gets changed from 1 to 0 when
FRP is passed legitimately.
Test: atest com.android.providers.settings.SettingsProviderTest
Test: atest android.provider.SettingsProviderTest
(cherry picked from commit 9890dd7)
(changed Global.SECURE_FRP_MODE to Secure.SECURE_FRP_MODE,
needed because this setting was moved in U)
(removed static keyword from shouldExcludeSettingFromReset(),
needed for compatibility with Java 15 and earlier)
(resolved conflict in resetSettingsLocked())
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:f0f020c21fd29d8076733e07847e6314172a312e)
Merged-In: Id95ed43b9cc2208090064392bcd5dc012710af93
Change-Id: Id95ed43b9cc2208090064392bcd5dc012710af93
Which may be abused by malicious app to create a non-visible PiP window that bypasses the background restriction. Bug: 270368476 Test: Manually, using the POC app (cherry picked from https://googleplex-android-review.googlesource.com/q/commit:a54d763886ffd69aa14360dc999c76cd2af263f2) Merged-In: Ifc0e4ffe8b7a9754053246069cb480aa6a59a7e1 Change-Id: Ifc0e4ffe8b7a9754053246069cb480aa6a59a7e1
This reverts commit 09f0047. Reason for revert: causing a partner bug Fixes: 295205456 Bug: 222446076 (cherry picked from https://googleplex-android-review.googlesource.com/q/commit:8df038265475bb062ead9eec1749ee92a0f5eb4e) Merged-In: Ida11d98117727f63547b096617a4778bea429e22 Change-Id: Ida11d98117727f63547b096617a4778bea429e22
We stripped the token that allows app to retrieve their own notification and fire their own PI to launch activities from background. But we forgot to strip the token from notification.publicVersion Bug: 278558814 Test: NotificationManagerTest#testActivityStartFromRetrievedNotification_isBlocked (cherry picked from commit cf851d8) (cherry picked from https://googleplex-android-review.googlesource.com/q/commit:1896c2e7068c9ec1ab8355d863d7e8107d5d5706) (cherry picked from https://googleplex-android-review.googlesource.com/q/commit:75fcbb37617246c43c2af34b12c9ae4b4043f9ac) Merged-In: I8f25d7a5e47890a0496af023149717e1df482f98 Change-Id: I8f25d7a5e47890a0496af023149717e1df482f98
AM.backupAgentCreated() should enforce that caller belongs the package called in the API. Bug: 289549315 Test: atest android.security.cts.ActivityManagerTest#testActivityManager_backupAgentCreated_rejectIfCallerUidNotEqualsPackageUid (cherry picked from https://googleplex-android-review.googlesource.com/q/commit:52b91363583c4e2b68f1a818b067cefe04809285) Merged-In: I9f3ae5ec0b8f00e020d471cc0eddf8bd8bdbb82d Change-Id: I9f3ae5ec0b8f00e020d471cc0eddf8bd8bdbb82d
Bug: 291299076 Test: Build and flash the device and check if it throws exception for non UsbInterface object Test: atest CtsUsbManagerTestCases (cherry picked from https://googleplex-android-review.googlesource.com/q/commit:85d7e6712a9eeeed3bdd68ea3c3862c7e88bfe70) (cherry picked from https://googleplex-android-review.googlesource.com/q/commit:60bfbde79f2ffb012abced55d358fdf6380c0bae) Merged-In: I2917c8331b6d56caaa9a6479bcd9a2d089f5f503 Change-Id: I2917c8331b6d56caaa9a6479bcd9a2d089f5f503
pushedEventThread references class members after detaching. Making pushedEventThread as class member and joining in statsService destructor. Adding a method to stop readLogs thread. Ignore-AOSP-First: Bug is in still security triage and fuzzer is crashing on startup. Test: atest statsd_test Test: m statsd_service_fuzzer && adb sync data && adb shell /data/fuzz/arm64/statsd_service_fuzzer/statsd_service_fuzzer -runs=10000 Bug: 285645039 (cherry picked from https://googleplex-android-review.googlesource.com/q/commit:03de4e4f1a0546fdd3b002651851bee9ffe0e11b) Merged-In: I1e886f9ccb7203714216da061c35e793b2a63d8a Change-Id: I1e886f9ccb7203714216da061c35e793b2a63d8a
Similar to ag/24422287, but the same URI verification should be done in SettingsProvider as well, which can be called by apps via Settings.System API or ContentProvider APIs without using RingtoneManager. BUG: 227201030 Test: manual with a test app. Will add a CTS test. (cherry picked from https://googleplex-android-review.googlesource.com/q/commit:1b234678ec122994ccbfc52ac48aafdad7fdb1ed) Merged-In: Ic0ffa1db14b5660d02880b632a7f2ad9e6e5d84b Change-Id: Ic0ffa1db14b5660d02880b632a7f2ad9e6e5d84b
Bug: 283962802 Test: atest + manual (POC app now crashes on notify() as expected) (cherry picked from https://googleplex-android-review.googlesource.com/q/commit:a6f44e911f2d7204cc28c710e54f97c96231abab) Merged-In: I0da18c631eb5e4844a48760c7aaedab715a0bfed Change-Id: I0da18c631eb5e4844a48760c7aaedab715a0bfed
Bug: 273729172 Test: manually (cherry picked from https://googleplex-android-review.googlesource.com/q/commit:7f9be7c3c859dc82d37452570d9878b58f6437a9) Merged-In: Ia8094244f908b20d42711b6ea8f58f9b3345b563 Change-Id: Ia8094244f908b20d42711b6ea8f58f9b3345b563
Even if the corresponding styles themselves were not applied to the Notification.Builder. Test: atest NotificationManagerServiceTest Bug: 287640400 (cherry picked from https://googleplex-android-review.googlesource.com/q/commit:a7e0c6585fd155d5bd9354b8b15516f4788c33a7) Merged-In: I25acab19be7dd486aabede8c91dbad5a1a217abf Change-Id: I25acab19be7dd486aabede8c91dbad5a1a217abf
Drop invalid data when writing or reading from XML. PersistableBundle does lazy unparcelling, so checking the values during unparcelling would remove the benefit of the lazy unparcelling. Checking the validity when writing to or reading from XML seems like the best alternative. Bug: 246542285 Bug: 247513680 Test: install test app with invalid job config, start app to schedule job, then check logcat and jobscheduler persisted file (cherry picked from commit 666e8ac) (cherry picked from https://googleplex-android-review.googlesource.com/q/commit:62b37ab21ce27746a79a2071deee98c61b23c8d9) Merged-In: Ie817aa0993e9046cb313a750d2323cadc8c1ef15 Change-Id: Ie817aa0993e9046cb313a750d2323cadc8c1ef15
Bug: 288113797 Test: manual (cherry picked from https://googleplex-android-review.googlesource.com/q/commit:3d41fb7620ffb9c81b23977c8367c323e4721e65) Merged-In: I392f8e923923bf40827a2b6207c4eaa262694fbc Change-Id: I392f8e923923bf40827a2b6207c4eaa262694fbc
Bug: 288896339 Test: Manual, verify that the app which can be found on the bug can no longer call keyguardGoingAway successfully Require permission to unlock keyguard Bug: 288896339 Test: Manual, verify that the app which can be found on the bug can no longer call keyguardGoingAway successfully (cherry picked from https://googleplex-android-review.googlesource.com/q/commit:bd2aa5d309c5bf8e73161975bd5aba7945b25e84) (cherry picked from https://googleplex-android-review.googlesource.com/q/commit:ef1345d278bd2a8944c6362bf65cff7305ca6fc5) (cherry picked from https://googleplex-android-review.googlesource.com/q/commit:ad8e7e3b1db22684988a179e23639567a4096ca6) Merged-In: I7ba7e56f954c8e6f1f734311f735215918975bc6 Change-Id: I7ba7e56f954c8e6f1f734311f735215918975bc6
This CL fixes the issue where, when an app have multiple main activities, the total number of shortcuts can grow indefinitely if they were published through addDynamicShortcuts. Bug: 281061287 Test: manual (cherry picked from https://googleplex-android-review.googlesource.com/q/commit:2d93aabdc4905b36ee684533904029cfc61533b7) Merged-In: Ib3eecefee34517b670c59dd5b8526fe9eb24f463 Change-Id: Ib3eecefee34517b670c59dd5b8526fe9eb24f463
readFileDescriptor doesn't provide ownership of the fds. fdopen needs ownership of the fds. Fds read from parcel should be duped in this scenario and readUniqueFileDescriptor dups fds internally. Test: m incidentd_service_fuzzer && adb sync data && adb shell /data/fuzz/x86_64/incidentd_service_fuzzer/incidentd_service_fuzzer Test: atest incidentd_test Bug: 286931110 Bug: 283699145 (cherry picked from commit ba78ef2) (cherry picked from https://googleplex-android-review.googlesource.com/q/commit:b4aaf180ee8f3e375c7ab411f03cf9c24c1d8055) Merged-In: Ibe03a17dee91ac5bf25d123d4fd9c0bdd3c7d80e Change-Id: Ibe03a17dee91ac5bf25d123d4fd9c0bdd3c7d80e
Bug: 288110451 Test: manual (cherry picked from https://googleplex-android-review.googlesource.com/q/commit:01bfd04ff445db6290ae430d44ea1bf1a115fe3c) Merged-In: Idbde676f871db83825155730e3714f3727e25762 Change-Id: Idbde676f871db83825155730e3714f3727e25762
This reverts commit b23c2d5. Reason for revert: b/300463732 regression Bug: 300463732 Bug: 218495634 (cherry picked from https://googleplex-android-review.googlesource.com/q/commit:f57217125f2b124c16c463ef4507fb054cc1ba4f) Merged-In: I31485d0d8caa3060e998636b071dbe03f6b4fc82 Change-Id: I31485d0d8caa3060e998636b071dbe03f6b4fc82
Test: manual testing on device Bug: b/261709193 (cherry picked from commit b651d29) (cherry picked from https://googleplex-android-review.googlesource.com/q/commit:3ef3f18ba3094c4cc4f954ba23d1da421f9ca8b0) Merged-In: I68903ebd6d3d85f4bc820b745e3233a448b62273 Change-Id: I68903ebd6d3d85f4bc820b745e3233a448b62273
Additionally, don't hide keyguard when it's disabled if the user has locked
down the device.
Manual test steps:
1. Enable app pinning and disable "Ask for PIN before unpinning" setting
2. Pin an app (ie: Settings)
3. Lockdown from the power menu
4. Observe: user is brought to the keyguard, primary auth is
required to enter the device.
=> After entering correct credential, the device is still in
app pinning mode.
=> After entering an incorrect credential, the keyguard remains
showing and the user can attempt again up to the limit
Bug: 300463732
Bug: 218495634
Test: atest KeyguardViewMediatorTest
Test: manual
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:35a6e2f2c952440b1102033b2c3e496438503cff)
Merged-In: I70fdae80f717712b3dfc9df54b9649959b4bb8f0
Change-Id: I70fdae80f717712b3dfc9df54b9649959b4bb8f0
When resumable media is added that has artwork set via URI, check the permissions for the URI before attempting to load it Test: atest MediaDataManagerTest UriGrantsManagerServiceTest Test: manual with test app Bug: 284297452 (cherry picked from https://googleplex-android-review.googlesource.com/q/commit:c13567e39cd906c8544011de537490b70ce29b2f) Merged-In: Ie79915d3d1712f08dc2e8dfbd5bc7fd32bb308a3 Change-Id: Ie79915d3d1712f08dc2e8dfbd5bc7fd32bb308a3
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.