Add missing lockscreen drawables #23
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
System settings FCs when trying to add lockscreen targets. Add missing resources for LockscreenTargets.java. Graphics copied from Cyanogenmod CM-11.0 branch. Change-Id: I1a8b70c425d2069e5d432c4f46b2265c7530985d
Looks like I did not understand this feature lol It was correct This reverts commit 927e314. Change-Id: Ie0e088191aa8197ac860d1a9acbd129cc811cda1
Change-Id: I5aa654ef7e0e7d690f4e3bccd6497d4221d8e2e0
Added a dimen-value for selector in landscape-layout to fit screen. Change-Id: I9501c91fed2660e947f1eae617f9a31d95766ed8
Fix Layout for sw360dp devices (for example 1280x720 xhdpi like i9300) Change-Id: Ia7e2476d397cf892c210cc20b182c485f9f3cfcd
When the label is empty the UI will show a blank space. Most operating systems will show it as the uuid, that's what this patch does as well. Change-Id: I8dc41ea70c96229cb0fccc1e19b525fbc4be1808
Change-Id: I23c0213fe3d52280d7338ca62cb7e79b80a16cc6
The single InputFilter that is set in InputManagerService was replaced with a chain of filters that are all listening for InputEvents. The original field mInputFilter was replaced in this patch but not removed. When a new InputFilter is added, we check that this unused field mInputFilter != null before doing necessary teardown of the previous filter. Since this is always null, this causes the previous filter to not be disconnected when a new one is set with setInputFilter(). If the user toggles "Magnification Gestures" on and off twice in Accessibility Settings, this will send the old and new InputFilters into a loop sending and receiving touch events, locking up the device completely until reboot. Remove all references to the unused mInputFilter field. Change-Id: Id28335d150a195af8747b4862deb897ae850d2cb
The cycleDay is referred as a "day of month" (1-31) even when we change to CYCLE_WEEKLY. The calculations are expecting a day of week (1-7). Without this fix, we can fall into the (inconvenient) result of using a completely wrong value for the cycle limit (and corresponding data calculation) or the worse infinite loop that totally breaks data usage. Change-Id: I41e0012805236b14f5e0d52ec39683fe6a96f3aa
…Manager Bug 17969135 Use query (instead of rawQuery) and pass in arguments instead of building the query with a giant string. Add a unit test that fails with the old code but passes with the new code. Change-Id: Id04a1db6fb95fcd923e1f36f5ab3b94402590918
Bug: 18226810. Change-Id: Ica5677da247268306b34dfce38f25394586817fd (cherry picked from commit b27a8a5)
When displaying this view and rotating the screen, mLockPatternUtils has the potential to be null, but the save and restore instance state methods depend on it to be initialized. Work around this by checking if it's null. Change-Id: I351bd63fefbcb92fffe20dca6a0381a20ac796ea Signed-off-by: Roman Birg <roman@cyngn.com>
Allows the usage of a temporary pattern size while setting a new one. Change-Id: I3e62c2da4f290986f6295da8dee6900454b49141
Bug: 21669445 Change-Id: I792c6e676d4b6d54a51228d264130b8125075d98
LordNerevar
force-pushed
the
kk4.4-caf
branch
from
41b1b68
to
1a8d780
Compare
libselinux selinux_android_restorecon API is changing to the more general interface with flags and dropping the older variants. Also get rid of the old, no longer used selinux_android_setfilecon API and rename selinux_android_setfilecon2 to it as it is the only API in use. Change-Id: I1e71ec398ccdc24cac4ec76f1b858d0f680f4925 Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Bug: 21697171 Change-Id: I7649c7341428194963ac74e9ae622dfa76ea738b
Change-Id: Ic639bd7f2aa120caad28f5b8b430a86d1d39f2e6
…O NOT MERGE bug:20883006 Change-Id: Ib47a8ec8696dbc37e958b8dbceb43fcbabf6605b
… number of bytes bug: 20883006 Change-Id: I4f109667fb210a80fbddddf5f1bfb7ef3a02b6ce
When starting the runtime from app_process, we only pass JDWP options if starting zygote. It prevents from opening a JDWP connection in non-zygote programs while Android apps (forked from zygote) remain debuggable. Bug: 23050463 (cherry picked from commit 7a09b83) Change-Id: I2400ecc8aea7579c43300efccf288b69f70eef53
…in Settings b/23946860 Change-Id: I610d4dedf18fe1825d7df5febf29e6f0c006490d (cherry picked from commit bdf7f35)
When reading from the parcel, if the number of colors is invalid, early exit. Add two more checks: setInfo must return true, and Parcel::readInplace must return non-NULL. The former ensures that the previously read values (width, height, etc) were valid, and the latter checks that the Parcel had enough data even if the number of colors was reasonable. Also use an auto-deleter to handle deletion of the SkBitmap. Cherry pick from change-Id: Icbd562d6d1f131a723724883fd31822d337cf5a6 BUG=19666945 Change-Id: Iab0d218c41ae0c39606e333e44cda078eef32291
LordNerevar
force-pushed
the
kk4.4-caf
branch
from
ae91b03
to
241b87f
Compare
* LordNerevar: Ported from LP. Includes fix for additional KK files. * W/ContextImpl( 1772): Calling a method in the system process without a qualified user: android.app.ContextImpl.bindService:1559 android.content.ContextWrapper.bindService:513 android.bluetooth.BluetoothInputDevice.doBind:262 android.bluetooth.BluetoothInputDevice.<init>:255 android.bluetooth.BluetoothAdapter.getProfileProxy:1365 W/ContextImpl( 1772): Calling a method in the system process without a qualified user: android.app.ContextImpl.bindService:1559 android.content.ContextWrapper.bindService:513 android.bluetooth.BluetoothPan.doBind:148 android.bluetooth.BluetoothPan.<init>:140 android.bluetooth.BluetoothAdapter.getProfileProxy:1368 W/ContextImpl( 1772): Calling a method in the system process without a qualified user: android.app.ContextImpl.bindService:1559 android.content.ContextWrapper.bindService:513 android.bluetooth.BluetoothMap.doBind:108 android.bluetooth.BluetoothMap.<init>:101 android.bluetooth.BluetoothAdapter.getProfileProxy:1374 W/ContextImpl( 1772): Calling a method in the system process without a qualified user: android.app.ContextImpl.bindService:1559 android.content.ContextWrapper.bindService:513 android.bluetooth.BluetoothPbap.doBind:163 android.bluetooth.BluetoothPbap.<init>:156 com.android.settings.bluetooth.PbapServerProfile.<init>:68 Change-Id: I0a1e24ee71aef7d796fcee5692b9d19462a93637
Change-Id: I25021a89bb36de8f400ab6ea04dc86cf440bd697
Some caches(PatchCache, TextureCache, PathCache) for HWUI uses deferred removal for their cache entries even though actual resource objects are immediately freed by ResourceCache. For this reason, the uniqueness of a resource address in the caches is not guaranteed in specific cases. (Because malloc() can return the same address when malloc() and free() called very frequently.) So it can be possible the cache have two cache entries for two different resources but the same memory address. (Of course one of the resources is already freed.) It also can be possible mGarbage vector in PatchCache has duplicated addresses and this can lead to duplicated free blocks in the free block list and graphics corruption. (Deferred removal was implmeneted based on an assumption of unique resource addresses.) So this patch makes sure resource objects are freed after the resources are removed from the caches to guarantee the uniqueness of a resource address and prevent graphics corruption. Change-Id: I040f033a4fc783d2c4bc04b113589657c36fb15b Signed-off-by: Sangkyu Lee <sk82.lee@lge.com>
Change-Id: I4bcfd2efc379d347df72425f30484d16e6dbae65
Bug: 23591205 Change-Id: I960dfcc1584c0a17685790d5d722eaf11b930e25 (cherry picked from commit 2f137b7)
There's no direct permission tied to it and fix the op-to-switch entry. Change-Id: I661ef6707ba50adb371e3223a91880c4838df669 Signed-off-by: Roman Birg <roman@cyngn.com> (cherry picked from commit 72a1fbe)
Prevent sending media key events from the non-system app to the telephony service through the AudioManager.dispatchMediaKeyEvent() or sending media key broadcast directly. Bug: 29833954 Tested: Installed malicious apps and confirmed that they don't work. Tested: Run CtsTelecomTestCases and CtsMediaTestCases Change-Id: I2a9e78196ba7455324e485f098f095d03b47ee15 (cherry picked from commit d1641e8)
…efore change ExifInterface object can be created with a unsupported file format. If saveAttribute is called with an unsupported file format, ExifInterface makes the file corrupted. This CL prevents those cases by throwing an exception before making any change on the file. Bug: 30936376 Change-Id: I915f56b00ec9422b53591ac5534e070a1d6798e6 (cherry picked from commit 1bdd10a)
There's two pieces to this fix: 1. Move PAC loading off IoThread which isn't meant for blocking network fetches. If the fetch takes more than 60s Android reboots when the IoThread is used. 2. Limit PAC fetching to 20MB. Any PAC bigger than that is likely evil. MitM of PACs should only be possbile when a non-SSL PAC URL is used. Change-Id: Ie1658a1c705615dc85a7fc68053f0dad8d048294 Fixes: 30100884 (cherry picked from commit 7d2198b)
Bug: 28672558 Change-Id: I4bc14bd7f098e34012c2ae1eeba2d439145901f0 (cherry picked from commit 786e269)
setPairingConfirmation was set to only require BLUETOOTH_ADMIN permission which shouldn't be able to set the confirmation itself. This is restricted to BLUETOOTH_PRIVILEGED permission. Bug: 29043989 Change-Id: Iddc935f0b02f5ff56e930914b4b664377e786184 (cherry picked from commit edae39d)
Bug: 30568284 Change-Id: I0b613f8ce0f014320c5ac1bf445699ea2702a0a2 (manually cherry picked from 9b2997d22e6ce2a15065d8e7608dd77b316c2065) (cherry picked from commit f71d2cd)
Don't hold mPidsSelfLocked lock when calling cleanUpApplicationRecordLocked. Bug: 31463143 Change-Id: I1fddd06f5e35b67fea041741f5746c57a39208ba (cherry picked from commit dce4be6)
…nders More specifically, they get a PackageManager binder -- necessary for Android process startup and configuration -- but none of the other usual preloaded service binders. (backported from commit 2c61c57) Bug: 30202228 Change-Id: I3810649f504cd631665ece338a83d2e54d41ad05 (cherry picked from commit 2aa7e5e)
Bug: 32068647, Bug: 30936376 Change-Id: I22fa2384348c890ca726d2b1632cd54e59d25a8f (cherry picked from commit 418e086)
Check whether specified offset belongs to mData. Also added a default argument bufferSize to check the end offset. Size of the ashmem descriptor can be modified between ashmem_get_size_region call and mmap. createFromParcel method was updated to check ashmem size again immediately after memory is mapped. Test: manual - using the test app from the bug Bug: 34128677 Change-Id: I3ecd1616a870ce20941ce9b20a1843d2b4295750 (cherry picked from commit 45e2e95) (cherry picked from commit acede24)
Bug: 62196835 Test: Created an accessibility service that displays a system and a toast overlay, confirmed that it disappeared when we reached the accessibility permission screen that uses this flag. Change-Id: Ic51ead670fc480e549512ba1d02f49d9c13bc3f0 (cherry picked from commit 41ff538)
KEY_INTENT has no business granting any Uri permissions, so remove any grant flags that malicious apps may have tried sneaking in. Also fix ordering bug in general-purpose security check that was allowing FLAG_GRANT_PERSISTABLE to bypass it. Test: builds, boots Bug: 32990341, 32879915 Change-Id: I657455a770c81f045ccce6abbd2291407a1cfb42 (cherry picked from commit d722e78)
Malformed authority segments can currently cause the parser to produce a hostname that doesn't match the hostname produced by the WHATWG URL parsing algorithm* used by browsers, which means that a URL could be seen as having a "safe" host when checked by an Android app but actually visit a different host when passed to a browser. The WHATWG URL parsing algorithm always produces a hostname based on the last @ in the authority segment, so we do the same. * https://url.spec.whatwg.org/#authority-state resets the "buffer", which is being used to build up the host name, each time an @ is found, so it has the effect of using the content between the final @ and the end of the authority section as the hostname. Bug: 68341964 Test: vogar android.net.UriTest (on NYC branch) Test: cts -m CtsNetTestCases (on NYC branch) (cherry picked from commit cd6228d) Change-Id: Ib791e5d4ad15dba87d65620513f92a71d780762f
Bug: 62187985 Test: manual, backport Change-Id: I89ef535e345d402866a083e0bd8e3fd909fc9662 MERGED-IN: I3bdcd1876cd6dbe8a728bbce74edb52ab79f3e4c MERGED-IN: Ic58ddd6d54e96f522445e67b90760dcfed13c27d
Clipboard should not return data if the device is locked. This CL checks for device locked state before returning values from get/has functions. Test: bit -t CtsContentTestCases:android.content.cts.ClipboardManagerTest Bug: 64934810 Change-Id: Icefac226615fe22a7735dff4ba4c3b528fb2ac12
ClipboardService.isDeviceLocked should clear callingIdentity before accessing KeyguardManager. Test: bit CtsDevicePolicyManagerTestCases:com.android.cts.devicepolicy.ManagedProfileTest Bug: 64934810 Change-Id: I00d491e5fb6d1c5451c7f8c453931b26e6134452
Change-Id: Ibe2f40d6e9f66b5159f3a99caa841b593bda670e
The WHATWG URL parsing algorithm [1] used by browsers says that for "special" URL schemes (which is basically all commonly-used hierarchical schemes, including http, https, ftp, and file), the host portion ends if a \ character is seen, whereas this class previously continued to consider characters part of the hostname. This meant that a malicious URL could be seen as having a "safe" host when viewed by an app but navigate to a different host when passed to a browser. [1] https://url.spec.whatwg.org/#host-state Bug: 71360761 Test: vogar frameworks/base/core/tests/coretests/src/android/net/UriTest.java (on NYC branch) Test: cts -m CtsNetTestCases (on NYC branch) Change-Id: Id53f7054d1be8d59bbcc7e219159e59a2425106e (cherry picked from commit fa3afbd)
All other stringAt methods check for null termination. Be consistent so that upper levels don't end up with huge corrupt strings. Bug: 62537081 Test: none Change-Id: I17bdfb0c1e34507b66c6cad651bbdb12c5d4c417 (cherry picked from commit 3d35a0e) (cherry picked from commit 97f8cb01149b35b1832c7f9efe85ff19edf1083e) (cherry picked from commit 5ec65ae)
Adds detection of attacker-modified size and data fields passed to
ResStringPool::setTo(). These attacks are modified apks that AAPT would
not normally generate. In the rare case this occurs, the installation
cannot be allowed to continue.
Bug: 71361168
Bug: 71360999
Test: run cts -m CtsAppSecurityHostTestCases \
-t android.appsecurity.cts.CorruptApkTests
Change-Id: If7eb93a9e723b16c8a0556fc4e20006aa0391d57
Merged-In: If7eb93a9e723b16c8a0556fc4e20006aa0391d57
(cherry picked from commit 7e54c3f)
Test: manual Bug: 73173182 Change-Id: I7f2201cab36adf7f01d1a794d783cb78a536811f (cherry picked from commit 24da173)
Change Ic51ead670fc480e549512ba1d02f49d9c13bc3f0 incorrectly tries making this permission hidden. While marking it with @hide and only adding it to api/system-current.txt was the proper way on Android 6.0, on 4.4, we need to add system APIs to api/current.txt, without hiding them. This change adapts this permission definition for 4.4. Change-Id: Ib2de017d396aa9dcefa91f7eb1ea210be668234d
Changes the logs adding in a previous security fix to warnings so
devices with malformed APKs currently on them will not undergo DOS when
they are upgraded to P.
Bug: 79724567
Test: run cts -m CtsAppSecurityHostTestCases \
-t android.appsecurity.cts.CorruptApkTests
Change-Id: Ied54e4bb14abdaf79da562022c7ea6075187c1f8
(cherry picked from commit f05f47b)
(cherry picked from commit c31cf80)
When FLAG_GRANT_PERSISTABLE_URI_PERMISSION is requested, we still need to check permissions between the source and target packages, instead of shortcutting past them. The spirit of the original change is remains intact: if the caller requested FLAG_GRANT_PERSISTABLE_URI_PERMISSION, then we avoid returning "-1", which would prevent the grant data structure from being allocated. Bug: 111934948 Test: atest android.appsecurity.cts.AppSecurityTests Change-Id: Ief0fc922aa09fc3d9bb6a126c2ff5855347cd030 Merged-In: Ief0fc922aa09fc3d9bb6a126c2ff5855347cd030 (cherry picked from commit d6a6e71)
SQLiteQueryBuilder has a setStrict() mode which can be used to detect SQL attacks from untrusted sources, which it does by running each query twice: once with an extra set of parentheses, and if that succeeds, it runs the original query verbatim. This sadly doesn't catch inputs of the type "1=1) OR (1=1", which creates valid statements for both tests above, but the final executed query ends up leaking data due to SQLite operator precedence. Instead, we need to continue compiling both variants, but we need to execute the query with the additional parentheses to ensure data won't be leaked. Test: atest cts/tests/tests/database/src/android/database/sqlite/cts/SQLiteQueryBuilderTest.java Bug: 111085900 Change-Id: I6e8746fa48f9de13adae37d2990de11c9c585381 Merged-In: I6e8746fa48f9de13adae37d2990de11c9c585381 (cherry picked from commit 57b04a8)
If a device features a dock with a removable lid, lidOpenRotation overrides the rotation even if it was undocked (technically the lid is still open). This setting tells the framework whether to apply lidOpenRotation to undocked devices. Change-Id: I1051278a45875b2139b75db28467f9b8de2936d6 Conflicts: policy/src/com/android/internal/policy/impl/PhoneWindowManager.java
Make sure the number of entries written by Parcel#writeMapInternal matches the size written. If a mismatch were allowed, an exploitable scenario could occur where the data read from the Parcel would not match the data written. Fixes: 112859604 Test: cts-tradefed run cts -m CtsOsTestCases -t android.os.cts.ParcelTest Change-Id: I325d08a8b66b6e80fe76501359c41b6656848607 Merged-In: I325d08a8b66b6e80fe76501359c41b6656848607 (cherry picked from commit 057a01d)
Bug: 119819889 Test: compilation Change-Id: If51d0e2af74d99758f79a603d40cc2f5c84e4dde (cherry picked from commit 6351921)
Also don't show smart actions for selections in text with unsupported characters. Bug: 116321860 Test: runtest -x cts/tests/tests/text/src/android/text/util/cts/LinkifyTest.java Change-Id: Id271cab8aef6b9b13ef17f1a8654c7616f75cf13 (cherry picked from commit 73f398d)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
System settings FCs when trying to add lockscreen targets. Add missing
resources for LockscreenTargets.java. Graphics copied from Cyanogenmod
CM-11.0 branch.
Change-Id: I1a8b70c425d2069e5d432c4f46b2265c7530985d