Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add missing lockscreen drawables #23

Open
wants to merge 87 commits into
base: kk4.4-caf
Choose a base branch
from

Conversation

LordNerevar
Copy link

System settings FCs when trying to add lockscreen targets. Add missing
resources for LockscreenTargets.java. Graphics copied from Cyanogenmod
CM-11.0 branch.

Change-Id: I1a8b70c425d2069e5d432c4f46b2265c7530985d

LordNerevar and others added 14 commits December 9, 2014 01:22
System settings FCs when trying to add lockscreen targets. Add missing
resources for LockscreenTargets.java. Graphics copied from Cyanogenmod
CM-11.0 branch.

Change-Id: I1a8b70c425d2069e5d432c4f46b2265c7530985d
Looks like I did not understand this feature lol

It was correct

This reverts commit 927e314.

Change-Id: Ie0e088191aa8197ac860d1a9acbd129cc811cda1
Change-Id: I5aa654ef7e0e7d690f4e3bccd6497d4221d8e2e0
Added a dimen-value for selector in landscape-layout to fit screen.

Change-Id: I9501c91fed2660e947f1eae617f9a31d95766ed8
Fix Layout for sw360dp devices (for example 1280x720 xhdpi like i9300)


Change-Id: Ia7e2476d397cf892c210cc20b182c485f9f3cfcd
When the label is empty the UI will show a blank space. Most operating
systems will show it as the uuid, that's what this patch does as well.

Change-Id: I8dc41ea70c96229cb0fccc1e19b525fbc4be1808
Change-Id: I23c0213fe3d52280d7338ca62cb7e79b80a16cc6
The single InputFilter that is set in InputManagerService was replaced
with a chain of filters that are all listening for InputEvents.

The original field mInputFilter was replaced in this patch but not
removed. When a new InputFilter is added, we check that this unused
field mInputFilter != null before doing necessary teardown of the previous
filter. Since this is always null, this causes the previous filter to
not be disconnected when a new one is set with setInputFilter().

If the user toggles "Magnification Gestures" on and off twice in
Accessibility Settings, this will send the old and new InputFilters into a loop
sending and receiving touch events, locking up the device completely
until reboot.

Remove all references to the unused mInputFilter field.

Change-Id: Id28335d150a195af8747b4862deb897ae850d2cb
The cycleDay is referred as a "day of month" (1-31) even when we change to
CYCLE_WEEKLY. The calculations are expecting a day of week (1-7).

Without this fix, we can fall into the (inconvenient) result of using a
completely wrong value for the cycle limit (and corresponding data calculation)
or the worse infinite loop that totally breaks data usage.

Change-Id: I41e0012805236b14f5e0d52ec39683fe6a96f3aa
…Manager

Bug 17969135

Use query (instead of rawQuery) and pass in arguments instead of building
the query with a giant string. Add a unit test that fails with the old
code but passes with the new code.

Change-Id: Id04a1db6fb95fcd923e1f36f5ab3b94402590918
Bug: 18226810.
Change-Id: Ica5677da247268306b34dfce38f25394586817fd
(cherry picked from commit b27a8a5)
When displaying this view and rotating the screen, mLockPatternUtils has
the potential to be null, but the save and restore instance state
methods depend on it to be initialized. Work around this by checking if
it's null.

Change-Id: I351bd63fefbcb92fffe20dca6a0381a20ac796ea
Signed-off-by: Roman Birg <[email protected]>
Allows the usage of a temporary pattern size while setting a new one.

Change-Id: I3e62c2da4f290986f6295da8dee6900454b49141
Bug: 21669445
Change-Id: I792c6e676d4b6d54a51228d264130b8125075d98
stephensmalley and others added 8 commits September 11, 2015 21:09
libselinux selinux_android_restorecon API is changing to the more
general interface with flags and dropping the older variants.

Also get rid of the old, no longer used selinux_android_setfilecon API
and rename selinux_android_setfilecon2 to it as it is the only API in use.

Change-Id: I1e71ec398ccdc24cac4ec76f1b858d0f680f4925
Signed-off-by: Stephen Smalley <[email protected]>
Bug: 21697171
Change-Id: I7649c7341428194963ac74e9ae622dfa76ea738b
Change-Id: Ic639bd7f2aa120caad28f5b8b430a86d1d39f2e6
…O NOT MERGE

bug:20883006
Change-Id: Ib47a8ec8696dbc37e958b8dbceb43fcbabf6605b
… number of bytes

bug: 20883006
Change-Id: I4f109667fb210a80fbddddf5f1bfb7ef3a02b6ce
When starting the runtime from app_process, we only pass JDWP options
if starting zygote. It prevents from opening a JDWP connection in
non-zygote programs while Android apps (forked from zygote) remain
debuggable.

Bug: 23050463

(cherry picked from commit 7a09b83)

Change-Id: I2400ecc8aea7579c43300efccf288b69f70eef53
…in Settings

b/23946860

Change-Id: I610d4dedf18fe1825d7df5febf29e6f0c006490d
(cherry picked from commit bdf7f35)
When reading from the parcel, if the number of colors is invalid, early
exit.

Add two more checks: setInfo must return true, and Parcel::readInplace
must return non-NULL. The former ensures that the previously read values
(width, height, etc) were valid, and the latter checks that the Parcel
had enough data even if the number of colors was reasonable.

Also use an auto-deleter to handle deletion of the SkBitmap.

Cherry pick from change-Id: Icbd562d6d1f131a723724883fd31822d337cf5a6

BUG=19666945

Change-Id: Iab0d218c41ae0c39606e333e44cda078eef32291
Dianne Hackborn and others added 6 commits December 21, 2015 17:45
* LordNerevar: Ported from LP. Includes fix for additional KK files. *

W/ContextImpl( 1772): Calling a method in the system process without a qualified user: android.app.ContextImpl.bindService:1559 android.content.ContextWrapper.bindService:513 android.bluetooth.BluetoothInputDevice.doBind:262 android.bluetooth.BluetoothInputDevice.<init>:255 android.bluetooth.BluetoothAdapter.getProfileProxy:1365
W/ContextImpl( 1772): Calling a method in the system process without a qualified user: android.app.ContextImpl.bindService:1559 android.content.ContextWrapper.bindService:513 android.bluetooth.BluetoothPan.doBind:148 android.bluetooth.BluetoothPan.<init>:140 android.bluetooth.BluetoothAdapter.getProfileProxy:1368
W/ContextImpl( 1772): Calling a method in the system process without a qualified user: android.app.ContextImpl.bindService:1559 android.content.ContextWrapper.bindService:513 android.bluetooth.BluetoothMap.doBind:108 android.bluetooth.BluetoothMap.<init>:101 android.bluetooth.BluetoothAdapter.getProfileProxy:1374
W/ContextImpl( 1772): Calling a method in the system process without a qualified user: android.app.ContextImpl.bindService:1559 android.content.ContextWrapper.bindService:513 android.bluetooth.BluetoothPbap.doBind:163 android.bluetooth.BluetoothPbap.<init>:156 com.android.settings.bluetooth.PbapServerProfile.<init>:68

Change-Id: I0a1e24ee71aef7d796fcee5692b9d19462a93637
Change-Id: I25021a89bb36de8f400ab6ea04dc86cf440bd697
Some caches(PatchCache, TextureCache, PathCache) for HWUI
uses deferred removal for their cache entries even though
actual resource objects are immediately freed by
ResourceCache.
For this reason, the uniqueness of a resource address in
the caches is not guaranteed in specific cases.
(Because malloc() can return the same address when malloc()
and free() called very frequently.)

So it can be possible the cache have two cache entries for
two different resources but the same memory address.
(Of course one of the resources is already freed.)
It also can be possible mGarbage vector in PatchCache has
duplicated addresses and this can lead to duplicated free
blocks in the free block list and graphics corruption.
(Deferred removal was implmeneted based on an assumption of
unique resource addresses.)

So this patch makes sure resource objects are freed after
the resources are removed from the caches to guarantee
the uniqueness of a resource address and prevent graphics
corruption.

Change-Id: I040f033a4fc783d2c4bc04b113589657c36fb15b
Signed-off-by: Sangkyu Lee <[email protected]>
Change-Id: I4bcfd2efc379d347df72425f30484d16e6dbae65
Bug: 23591205
Change-Id: I960dfcc1584c0a17685790d5d722eaf11b930e25
(cherry picked from commit 2f137b7)
There's no direct permission tied to it and fix the op-to-switch entry.

Change-Id: I661ef6707ba50adb371e3223a91880c4838df669
Signed-off-by: Roman Birg <[email protected]>
(cherry picked from commit 72a1fbe)
jaewan-github and others added 30 commits December 7, 2016 14:51
Prevent sending media key events from the non-system app to the
telephony service through the AudioManager.dispatchMediaKeyEvent()
or sending media key broadcast directly.

Bug: 29833954
Tested: Installed malicious apps and confirmed that they don't work.
Tested: Run CtsTelecomTestCases and CtsMediaTestCases
Change-Id: I2a9e78196ba7455324e485f098f095d03b47ee15
(cherry picked from commit d1641e8)
…efore change

ExifInterface object can be created with a unsupported file format.
If saveAttribute is called with an unsupported file format, ExifInterface
makes the file corrupted. This CL prevents those cases by throwing
an exception before making any change on the file.

Bug: 30936376
Change-Id: I915f56b00ec9422b53591ac5534e070a1d6798e6
(cherry picked from commit 1bdd10a)
There's two pieces to this fix:
1. Move PAC loading off IoThread which isn't meant for
   blocking network fetches.  If the fetch takes more than
   60s Android reboots when the IoThread is used.
2. Limit PAC fetching to 20MB.  Any PAC bigger than that
   is likely evil.
MitM of PACs should only be possbile when a non-SSL PAC URL
is used.

Change-Id: Ie1658a1c705615dc85a7fc68053f0dad8d048294
Fixes: 30100884
(cherry picked from commit 7d2198b)
Bug: 28672558
Change-Id: I4bc14bd7f098e34012c2ae1eeba2d439145901f0
(cherry picked from commit 786e269)
setPairingConfirmation was set to only require BLUETOOTH_ADMIN
permission which shouldn't be able to set the confirmation itself.

This is restricted to BLUETOOTH_PRIVILEGED permission.

Bug: 29043989
Change-Id: Iddc935f0b02f5ff56e930914b4b664377e786184
(cherry picked from commit edae39d)
Bug: 30568284
Change-Id: I0b613f8ce0f014320c5ac1bf445699ea2702a0a2
(manually cherry picked from 9b2997d22e6ce2a15065d8e7608dd77b316c2065)
(cherry picked from commit f71d2cd)
Don't hold mPidsSelfLocked lock when calling
cleanUpApplicationRecordLocked.

Bug: 31463143
Change-Id: I1fddd06f5e35b67fea041741f5746c57a39208ba
(cherry picked from commit dce4be6)
…nders

More specifically, they get a PackageManager binder -- necessary for
Android process startup and configuration -- but none of the other
usual preloaded service binders.
(backported from commit 2c61c57)

Bug: 30202228

Change-Id: I3810649f504cd631665ece338a83d2e54d41ad05
(cherry picked from commit 2aa7e5e)
Bug: 32068647, Bug: 30936376
Change-Id: I22fa2384348c890ca726d2b1632cd54e59d25a8f
(cherry picked from commit 418e086)
…06a0f am: d417e54 am: 3380a77 am: 0a8978f am: 1684e5f am: d28eef0 am: 1f458fd am: d82f8a6 am: 1ac8aff am: 56098f8 am: 7cec76d

am: 2da05d0

Change-Id: I8c94a06f5fa722312436484609bafcb0585d6d18
Check whether specified offset belongs to mData.
Also added a default argument bufferSize to check the end offset.

Size of the ashmem descriptor can be modified between
ashmem_get_size_region call and mmap. createFromParcel method was updated
to check ashmem size again immediately after memory is mapped.

Test: manual - using the test app from the bug
Bug: 34128677
Change-Id: I3ecd1616a870ce20941ce9b20a1843d2b4295750
(cherry picked from commit 45e2e95)
(cherry picked from commit acede24)
Bug: 62196835
Test: Created an accessibility service that displays a system
and a toast overlay, confirmed that it disappeared when we
reached the accessibility permission screen that uses this
flag.

Change-Id: Ic51ead670fc480e549512ba1d02f49d9c13bc3f0
(cherry picked from commit 41ff538)
KEY_INTENT has no business granting any Uri permissions, so remove
any grant flags that malicious apps may have tried sneaking in.

Also fix ordering bug in general-purpose security check that was
allowing FLAG_GRANT_PERSISTABLE to bypass it.

Test: builds, boots
Bug: 32990341, 32879915
Change-Id: I657455a770c81f045ccce6abbd2291407a1cfb42
(cherry picked from commit d722e78)
Malformed authority segments can currently cause the parser to produce
a hostname that doesn't match the hostname produced by the WHATWG URL
parsing algorithm* used by browsers, which means that a URL could be seen
as having a "safe" host when checked by an Android app but actually visit
a different host when passed to a browser.  The WHATWG URL parsing
algorithm always produces a hostname based on the last @ in the authority
segment, so we do the same.

* https://url.spec.whatwg.org/#authority-state resets the "buffer", which
  is being used to build up the host name, each time an @ is found, so it
  has the effect of using the content between the final @ and the end
  of the authority section as the hostname.

Bug: 68341964
Test: vogar android.net.UriTest (on NYC branch)
Test: cts -m CtsNetTestCases (on NYC branch)
(cherry picked from commit cd6228d)

Change-Id: Ib791e5d4ad15dba87d65620513f92a71d780762f
Bug: 62187985
Test: manual, backport
Change-Id: I89ef535e345d402866a083e0bd8e3fd909fc9662
MERGED-IN: I3bdcd1876cd6dbe8a728bbce74edb52ab79f3e4c
MERGED-IN: Ic58ddd6d54e96f522445e67b90760dcfed13c27d
Clipboard should not return data if the device is locked. This CL checks
for device locked state before returning values from get/has functions.

Test: bit -t CtsContentTestCases:android.content.cts.ClipboardManagerTest

Bug: 64934810
Change-Id: Icefac226615fe22a7735dff4ba4c3b528fb2ac12
ClipboardService.isDeviceLocked should clear callingIdentity before
accessing KeyguardManager.

Test: bit
CtsDevicePolicyManagerTestCases:com.android.cts.devicepolicy.ManagedProfileTest

Bug: 64934810
Change-Id: I00d491e5fb6d1c5451c7f8c453931b26e6134452
Change-Id: Ibe2f40d6e9f66b5159f3a99caa841b593bda670e
The WHATWG URL parsing algorithm [1] used by browsers says that for
"special" URL schemes (which is basically all commonly-used
hierarchical schemes, including http, https, ftp, and file), the host
portion ends if a \ character is seen, whereas this class previously
continued to consider characters part of the hostname.  This meant
that a malicious URL could be seen as having a "safe" host when viewed
by an app but navigate to a different host when passed to a browser.

[1] https://url.spec.whatwg.org/#host-state

Bug: 71360761
Test: vogar frameworks/base/core/tests/coretests/src/android/net/UriTest.java (on NYC branch)
Test: cts -m CtsNetTestCases (on NYC branch)
Change-Id: Id53f7054d1be8d59bbcc7e219159e59a2425106e
(cherry picked from commit fa3afbd)
All other stringAt methods check for null termination. Be consistent
so that upper levels don't end up with huge corrupt strings.

Bug: 62537081
Test: none
Change-Id: I17bdfb0c1e34507b66c6cad651bbdb12c5d4c417
(cherry picked from commit 3d35a0e)
(cherry picked from commit 97f8cb01149b35b1832c7f9efe85ff19edf1083e)
(cherry picked from commit 5ec65ae)
Adds detection of attacker-modified size and data fields passed to
ResStringPool::setTo(). These attacks are modified apks that AAPT would
not normally generate. In the rare case this occurs, the installation
cannot be allowed to continue.

Bug: 71361168
Bug: 71360999
Test: run cts -m CtsAppSecurityHostTestCases \
          -t android.appsecurity.cts.CorruptApkTests

Change-Id: If7eb93a9e723b16c8a0556fc4e20006aa0391d57
Merged-In: If7eb93a9e723b16c8a0556fc4e20006aa0391d57
(cherry picked from commit 7e54c3f)
Test: manual
Bug: 73173182
Change-Id: I7f2201cab36adf7f01d1a794d783cb78a536811f
(cherry picked from commit 24da173)
Change Ic51ead670fc480e549512ba1d02f49d9c13bc3f0 incorrectly tries making
this permission hidden.
While marking it with @hide and only adding it to api/system-current.txt
was the proper way on Android 6.0, on 4.4, we need to add system APIs to
api/current.txt, without hiding them.

This change adapts this permission definition for 4.4.

Change-Id: Ib2de017d396aa9dcefa91f7eb1ea210be668234d
Changes the logs adding in a previous security fix to warnings so
devices with malformed APKs currently on them will not undergo DOS when
they are upgraded to P.

Bug: 79724567
Test: run cts -m CtsAppSecurityHostTestCases \
          -t android.appsecurity.cts.CorruptApkTests

Change-Id: Ied54e4bb14abdaf79da562022c7ea6075187c1f8
(cherry picked from commit f05f47b)
(cherry picked from commit c31cf80)
When FLAG_GRANT_PERSISTABLE_URI_PERMISSION is requested, we still
need to check permissions between the source and target packages,
instead of shortcutting past them.

The spirit of the original change is remains intact: if the caller
requested FLAG_GRANT_PERSISTABLE_URI_PERMISSION, then we avoid
returning "-1", which would prevent the grant data structure from
being allocated.

Bug: 111934948
Test: atest android.appsecurity.cts.AppSecurityTests
Change-Id: Ief0fc922aa09fc3d9bb6a126c2ff5855347cd030
Merged-In: Ief0fc922aa09fc3d9bb6a126c2ff5855347cd030
(cherry picked from commit d6a6e71)
SQLiteQueryBuilder has a setStrict() mode which can be used to
detect SQL attacks from untrusted sources, which it does by running
each query twice: once with an extra set of parentheses, and if that
succeeds, it runs the original query verbatim.

This sadly doesn't catch inputs of the type "1=1) OR (1=1", which
creates valid statements for both tests above, but the final executed
query ends up leaking data due to SQLite operator precedence.

Instead, we need to continue compiling both variants, but we need
to execute the query with the additional parentheses to ensure
data won't be leaked.

Test: atest cts/tests/tests/database/src/android/database/sqlite/cts/SQLiteQueryBuilderTest.java
Bug: 111085900
Change-Id: I6e8746fa48f9de13adae37d2990de11c9c585381
Merged-In: I6e8746fa48f9de13adae37d2990de11c9c585381
(cherry picked from commit 57b04a8)
If a device features a dock with a removable lid, lidOpenRotation
overrides the rotation even if it was undocked (technically the lid is
still open).

This setting tells the framework whether to apply lidOpenRotation to
undocked devices.

Change-Id: I1051278a45875b2139b75db28467f9b8de2936d6

Conflicts:
	policy/src/com/android/internal/policy/impl/PhoneWindowManager.java
Make sure the number of entries written by Parcel#writeMapInternal
matches the size written. If a mismatch were allowed, an exploitable
scenario could occur where the data read from the Parcel would not
match the data written.

Fixes: 112859604
Test: cts-tradefed run cts -m CtsOsTestCases -t android.os.cts.ParcelTest

Change-Id: I325d08a8b66b6e80fe76501359c41b6656848607
Merged-In: I325d08a8b66b6e80fe76501359c41b6656848607
(cherry picked from commit 057a01d)
Bug: 119819889
Test: compilation
Change-Id: If51d0e2af74d99758f79a603d40cc2f5c84e4dde
(cherry picked from commit 6351921)
Also don't show smart actions for selections in text with unsupported
characters.

Bug: 116321860
Test: runtest -x cts/tests/tests/text/src/android/text/util/cts/LinkifyTest.java

Change-Id: Id271cab8aef6b9b13ef17f1a8654c7616f75cf13
(cherry picked from commit 73f398d)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.