summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Merge branch 'cm-13.0' of ↵HEADreplicant-6.0-0001replicant-6.0Wolfgang Wiedmeyer2017-05-02105-2155/+4550
|\ | | | | | | https://github.com/LineageOS/android_frameworks_base into replicant-6.0
| * Automatic translation importAbhisek Devkota2017-04-2858-1927/+869
| | | | | | | | Change-Id: Ifeae1515729fc73ba3198e72b3479870092af3c1
| * Fix exploit where can hide the fact that a location was mockedTom O'Neill2017-04-061-1/+16
| | | | | | | | | | | | | | | | | | | | | | | | am: a206a0f17e am: d417e54872 am: 3380a77516 am: 0a8978f04b am: 1684e5f344 am: d28eef0cc2 am: 1f458fdc66 am: d82f8a67fc am: 1ac8affd51 am: 56098f81b6 am: 7cec76de0f am: 2da05d0f9e AOSP-Change-Id: I8c94a06f5fa722312436484609bafcb0585d6d18 CVE-2017-0489 Change-Id: I7bf939b05b7bfc5a855b212fe8c92fc58943e7d6 (cherry picked from commit d22261fef84481651e12995062105239d551cbc6)
| * Do not call RecoverySystem with DPMS lock heldMakoto Onuki2017-04-061-27/+33
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Note DPM.wipeData() on a secondary user is now blocking, just like it's been always blocking on the primary user. Test: Manually tested wipeData() with ApiDemos, both on 1) the primary user, 2) a secondary user and 3) work profile. Test: adb shell am instrument -e class com.android.server.devicepolicy.DevicePolicyManagerTest -w com.android.frameworks.servicestests Bug 30681079 AOSP-Change-Id: Ia832bed0f22396998d6307ab46e262dae9463838 Merged-in: Ib97a92a6af87a5589d2643b9ae0522395735e1a5 CVE-2017-0560 Change-Id: Icc6a5e655ed184e2a386e79bd5cf2c231f22e403 (cherry picked from commit efdec8f5688ce6b0a287eddb6d5dad93ffa0e1ee)
| * Fixed the logic for tethering provisioning re-evaluationJack Yu2017-04-051-9/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously we only re-evaluate provisioning for SIM swap case The new logic covers both SIM swap case (ABSENT->NOT_READY->UNKNOWN->READY->LOADED) and modem reset case (NOT_READY->READY->LOADED) Test: Manual bug: 33815946 Merged-In: I9960123605b10d3fa5f3584c6c8b70b616acd6f8 AOSP-Change-Id: I9960123605b10d3fa5f3584c6c8b70b616acd6f8 CVE-2017-0554 Change-Id: I5d55db56b61780eb83e57bc021d36a129416ce5c (cherry picked from commit 3294256ba5b9e2ba2d8619d617e3d900e5386564)
| * Add @GuardedBy annotation to PersistentDataBlockService#mIsWritable.Charles He2017-03-221-0/+3
| | | | | | | | | | | | | | | | | | | | | | | | Test: manual Bug: 30352311 CVE-2017-0498 Change-Id: I1024f2a56badde5c123d025d6fe02f42559cbcb1 (cherry picked from commit f6f1d627483b4dad9d65176769a1ee92c59a4810) (cherry picked from commit 71d2a41dd9c8be8c4bca5eba339802e1e0c2be3c) (cherry picked from commit 5f621b5b1549e8379aee05807652d5111382ccc6)
| * Prevent writing to FRP partition during factory reset.Charles He2017-03-222-6/+19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Avoid potential race condition between FRP wipe and write operations during factory reset by making the FRP partition unwritable after wipe. Bug: 30352311 Test: manual CVE-2017-0498 Change-Id: If3f024a1611366c0677a996705724458094fcfad (cherry picked from commit a629c772f4a7a5ddf7ff9f78fb19f7ab86c2a9c2) (cherry picked from commit a9437bd1caeeb38780d920a81bde8cc7ca280fe0) (cherry picked from commit 1c4d535d0806dbeb6d2fa5cea0373cbd9ab6d33b)
| * DO NOT MERGE. Retain DownloadManager Uri grants when clearing.Jeff Sharkey2017-03-132-0/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | As part of fixing a recent security issue, DownloadManager now needs to issue Uri permission grants for all downloads. However, if an app that requested a download is upgraded or otherwise force-stopped, the required permission grants are removed. We could tell DownloadManager about the app being stopped, but that would be racy (due to background broadcast), and waking it up would degrade system health. Instead, as a special case we now only consider clearing DownloadManager permission grants when app data is being cleared. Bug: 32172542, 30537115 Test: builds, boots, app upgrade doesn't clear grants Change-Id: I7e3d4546fd12bfe5f81b9fb9857ece58d574a6b9 (cherry picked from commit 23ec811266fb728cf159a90ce4882b3c9bac1887) (cherry picked from commit 6eee8e37fd06bd47dd19b8503bc30cc8ccaf72a7) (cherry picked from commit 36772fc2263e06972add737660392afd246da15e)
| * DO NOT MERGE: Check provider access for content changes.Jeff Sharkey2017-03-133-31/+97
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | For an app to either send or receive content change notifications, require that they have some level of access to the underlying provider. Without these checks, a malicious app could sniff sensitive user data from the notifications of otherwise private providers. Test: builds, boots, PoC app now fails Bug: 32555637 Change-Id: If2dcd45cb0a9f1fb3b93e39fc7b8ae9c34c2fdef (cherry picked from commit c813f5dae231bd8f01864227c5dba10d43a89249) (cherry picked from commit db57376d6ccbd4d3e39fc35aa8cfb561bbca4bac) mh0rst: Backport from android-7.1.1_r21
| * Automatic translation importAbhisek Devkota2017-02-1945-151/+3483
| | | | | | | | Change-Id: I80e32cc003cc9c8707732b27a683e87cdd67375d
| * Use STREAM_RING on non-voice capable devicesLuK13372017-02-112-7/+17
| | | | | | | | | | | | * That's what Google does. Change-Id: Iac88d161eb1dccbbb5c538d5e04d8d1fc43edef2
* | revert back to default Android adb iconWolfgang Wiedmeyer2017-02-121-5/+15
| | | | | | | | Signed-off-by: Wolfgang Wiedmeyer <wolfgit@wiedmeyer.de>
* | Merge branch 'cm-13.0' of ↵Wolfgang Wiedmeyer2017-02-11150-468/+1942
|\ \ | |/ | | | | https://github.com/LineageOS/android_frameworks_base into replicant-6.0
| * resolve merge conflicts of 89aa6fb to mnc-dr-devHugo Benichi2017-02-031-0/+9
| | | | | | | | | | Change-Id: I9e4e538081600be6a8199060bcb0d4040c071a22 (cherry picked from commit a0cfb157ecf69c948e37db5a9df6cb8a8102874c)
| * Fix idmap leak in zygote processneo.chae2017-02-031-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix a idmap leak in AssetManager::addSystemOverlays. And, The fix could also prevent fd leak of idmap. Test: none Bug: 32691930 Signed-off-by: Hyangseok Chae <neo.chae@lge.com> (cherry picked from commit 6a742a38509693f8b39ee9a5ad2803fca12688bf) Change-Id: Idc4af77db2b0cb739bd6b009b6af0f9123be1aac (cherry picked from commit 0244ca8d10dfc27e14f481fe649b89f7638c48eb)
| * Zygote: Additional whitelisting for legacy devices.Narayan Kamath2017-02-031-0/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | On M and below, we provide a blanket whitelist for all files under "/vendor/zygote_whitelist". This path is whitelisted purely to allow this patch to be applied easily on legacy devices and configurations. Note that this does not amount to a loosening of our security policy because whitelisted files are reopened anyway. Bug: 32691930 Test: manual Change-Id: If5b53f6f0a707f8d36603c09bfd3f72dbfbbbb99 (cherry picked from commit 5e2f7c6229d7191183888d685b57a7d0a2835fce)
| * Zygote: Additional whitelists for runtime overlay / other static resources.Narayan Kamath2017-02-031-3/+41
| | | | | | | | | | | | | | | | | | | | | | | | | | Partially cherry picked from commit 1c15c635785c64a. These files are safe to reopen for the same reason that files in /system/framework are. They're regular files and will not change after the first zygote fork. Bug: 32618130 Change-Id: I119e0bfcbf397cb331064adf148d92a5cd3ea92f (cherry picked from commit 4e8ba1d73eee1311bb78144be43862b393548d5d)
| * Zygote : Block SIGCHLD during fork.Narayan Kamath2017-02-031-5/+24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix merge conflict into mnc-mr2-release We close the android logging related sockets prior as late as possible before every fork to avoid having to whitelist them. If one of the zygote's children dies after this point (but prior to the fork), we can end up reopening the logging sockets from the SIGCHLD signal handler. To prevent this from happening, block SIGCHLD during this critical section. Bug: 32693692 Test: Manual (cherry picked from commit e9a525829a354c92983a35455ccab16d1b0d3892) Zygote: Unblock SIGCHLD in the parent after fork. Follow up to change e9a525829a354c92983a. Allows the zygote to receive SIGCHLD again and prevents the zygote from getting into a zombie state if it's killed. Contributed-By: rhed_jao <rhed_jao@htc.com> Bug: 32693692 Test: manual (cherry picked from commit 1480dc3e97b661f5bfa3a5c2fbce72385b8d2be6) Change-Id: If89903a29c84dfc9b056f9e19618046874bba689
| * DO NOT MERGE) ExifInterface: Provide backward compatibilitySungsoo2017-02-031-2/+1
| | | | | | | | | | | | | | | | | | | | ExifInterface.saveAttribute() didn't throw UnsupportedOperationException before. Use IOException instead of UnsupportedOperationException for backward compatibility. Bug: 30936376, Bug: 32068647, Bug: 31319086 Change-Id: Iacc7b4d91d49edd7bece8f2e738a633a91025eca (cherry picked from commit 7ce9243087b04bce719e1f3d10a14b9b26b8ea81)
| * Do not crash on malformed DHCP packets.Hugo Benichi2017-02-032-35/+181
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This fixes possible crashes with malformed DHCP packets. It is part of Android Security Bulletin of January 2017 and mitigates CVE CVE-2017-0389. Squash of: Author: Lorenzo Colitti <lorenzo@google.com> Date: Wed Mar 02 13:31:52 2016 +0900 Don't crash if we get a DHCP packet with the wrong port. This should only happen if we get a packet in the small time window between binding the packet socket and programming the BPF filter on it. Bug: 26696823 Change-Id: I481f1bc74bbaeb9646d96e1841d2a69acdb47d62 Author: Hugo Benichi <hugobenichi@google.com> Date: Wed Oct 05 18:33:21 2016 +0900 Catch runtime exceptions when parsing DHCP packets This patch adds a try catch all to DHCP packet parsing so that DhcpClient does not choke on malformed packets, brinding down with it the whole framework. Test: added new unit tests catching the issue fixed in this patch. Bug: 31850211 Change-Id: I3c50a149fed6b2cbc4f40bb4f0e5bb2b56859b44 Author: Hugo Benichi <hugobenichi@google.com> Date: Wed Oct 05 21:07:19 2016 +0900 Reject DHCP packets with no magic cookie This patch adds an explicit check in the DHCP packet parser for rejecting packets without a magic cookie, instead of relying on the top-level try-catch-all in the parser. This allows to add to DHCP error metrics this specific error. It also allows to add two poor man's fuzzing tests that tries to find additional gaps in the DHCP packet parser by - trying to parse all subslices of a valid offer packet. - trying to parse random byte arrays. Test: covered by previously introduced malformed DHCP packet unit tests + additional fuzzing tests. Bug: 31850211 Change-Id: If53c9ba9df78d7604ec018c9d67c237ae59c4833 Change-Id: Ic5a8fa4feb46cca325cb5c47616ee63b22d2e7c8 mh0rst: Backported to cm-13.0.
| * Public volumes belong to a single user.Jeff Sharkey2017-02-032-2/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When a public (vfat) device is inserted, it's strongly associated with the current foreground user, and no other users should be able to access it, since otherwise that would be a cross-user data leak. To use the device under a different user, switch users and then eject/remount the device. Test: verified user isolation of USB drive Bug: 32523490 Change-Id: I590c791996f1fea8d78f625dc942d149f1f41614 (cherry picked from commit 8b38d083c42e2706e1ff5a1410fa61d1f5dea3f5) (cherry picked from commit 47e62b7fe6807a274ba760a8fecfd624fe792da9)
| * Automatic translation importAbhisek Devkota2017-02-032-2/+3
| | | | | | | | Change-Id: Ifa3700c8e74716373712ebb84270eecbc3d94f45
| * Automatic translation importAbhisek Devkota2017-02-028-15/+29
| | | | | | | | Change-Id: Id277710144095d2411baed890eeff40899482491
| * Automatic translation importAbhisek Devkota2017-01-2788-741/+137
| | | | | | | | Change-Id: Ib115f3813214bfffb935cf522d0e31e8c95be4de
| * Revert "Add overlay option for Settings.System.ACCELEROMETER_ROTATION_ANGLES"Zhao Wei Liew2017-01-242-10/+0
| | | | | | | | | | | | | | | | | | | | | | | | The default of 11 (90, 270 and 360 degrees) is perfectly fine. Thus, this overlay is pretty useless. Only 1 device currently uses this (and not due to any major issue), so we aren't losing anything by removing this overlay. This reverts commit 936c4bfa7c64ce4403d519d0f0df72523da1ec21. Change-Id: I7eb81d00af1672638689daddd1e78c7e12b21c4d
| * base: Switch to LineageOS ADB iconJoey Rizzoli2016-12-311-15/+5
| | | | | | | | | | | | | | Credit: @vazguard Change-Id: I8362cb30fa3ca3d10798e4723458e127d3dab327 Signed-off-by: Joey Rizzoli <joey@lineageos.it>
| * Telephony: Don't crash for too long baseband versionMichael W2016-12-301-0/+6
| | | | | | | | | | | | | | | | Add a check and truncate the baseband version when it's longer than the allowed value for a SystemProperty (currently 91) Change-Id: I845b331650eb4446aa251e48d7594ecb10146d54 Reference: BugDumps 13-20161216-22 L#22
| * Revert "Add CM PlatLogo (1/2)"Zhao Wei Liew2016-12-298-266/+4
| | | | | | | | | | | | | | | | As part of the rebrand to LineageOS. This reverts commit aed50cbe3c3dbe175dac695764df586d8dda14c9. Change-Id: I7ee6125f6c8d4ec8e57e5a1673bf2e095a11cb76
| * Revert "Update ADB status bar icon"Zhao Wei Liew2016-12-291-22/+19
| | | | | | | | | | | | | | | | Bring in the new icon when it's done. This reverts commit 5ead120b6274841fe4a4c7552c44383e611478a7. Change-Id: I92ebb56b2bff9c03868002f6ef12ae017d197e7e
| * Merge "Automatic translation import" into cm-13.0Abhisek Devkota2016-12-283-9/+9
| |\
| | * Automatic translation importinky@build012016-12-243-9/+9
| | | | | | | | | | | | | | | Change-Id: Id213522b9303ea0bde8b5620cf88fbdb36414015 Ticket: -
| * | StatusBarIconView: Enable notification icon count by defaultZhao Wei Liew2016-12-231-2/+2
| | | | | | | | | | | | | | | | | | This used to be enabled by default in previous releases. Change-Id: I24766bed58d081a0dd4763b9602379ff6435e092
| * | SettingsProvider: Remove def_notif_count overlayZhao Wei Liew2016-12-231-3/+0
| |/ | | | | | | | | | | This is no longer used. Change-Id: Ifd8eaa1d9d1f156dbfa4fdf278f95213ee32271e
| * Automatic translation importblinky@build012016-12-22103-7/+1041
| | | | | | | | | | Change-Id: I251ee7b9d1508a91692a8a8c1ba863730fcf125b Ticket: -
| * Fix "Error parsing XML: not well-formed"Omico2016-12-231-1/+1
| | | | | | | | | | | | frameworks/base/packages/SystemUI/res/values-zh-rTW/cm_strings.xml:65: error: Error parsing XML: not well-formed (invalid token) Change-Id: Ic29b77776c48d4a663656bf6ea40c8c4f0253414
| * Automatic translation importblinky@build012016-12-214-34/+78
| | | | | | | | | | Change-Id: Ic49d5ed34f92ca0298510b6ca8a3a279a0ea6e4d Ticket: -
| * Automatic translation importclyde@build012016-12-2045-0/+945
| | | | | | | | | | Change-Id: Icd3adceb4cfd523f56b7072934a037a203fd0b81 Ticket: -
| * Automatic translation importblinky@build012016-12-182-2/+2
| | | | | | | | | | Change-Id: I7eff0ec212cba24f97f35bddf3310e39b5fd1ce6 Ticket: -
| * Automatic translation importclyde@build012016-12-164-0/+96
| | | | | | | | | | Change-Id: I86e57b89e58d2cf5985e62b8d582f49285c265f3 Ticket: -
| * Automatic translation importpinky@build012016-12-153-3/+3
| | | | | | | | | | Change-Id: I53e8f93c43ddb93433c81d457e9721c0fff07b81 Ticket: -
* | Camera: Working barcode scanning with software renderingWolfgang Wiedmeyer2017-01-042-1/+64
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Barcode scanner apps expect YUV as preview format. However, the software renderer cannot handle YUV. Thus, RGB 565 is used. Barcode scanner apps only need the first plane Y which is basically greyscale. The solution is a conversion from RGB to greyscale of preview frames that are requested by apps for processing. Apps request preview frames via onPreviewFrame(). The conversion is done using native code for optimal speed. The conversion algorithm is based on the implementations in the RGBLuminanceSource class of ZXing[1] and the RGB565LuminanceSource class of FastBarcodeScanner[2]. Signed-off-by: Wolfgang Wiedmeyer <wolfgit@wiedmeyer.de> [1] https://github.com/zxing/zxing/blob/cc16a72c85e4958ce406af9547764e5eee9adb6e/core/src/main/java/com/google/zxing/RGBLuminanceSource.java [2] https://github.com/tschaumburg/FastBarcodeScanner/blob/5a4c166a722730d0099d4c6a1c15d312b93547da/tracking-barcode-scanner/src/main/java/dk/schaumburgit/trackingbarcodescanner/RGB565LuminanceSource.java
* | LockPatternUtils: userId is requiredWolfgang Wiedmeyer2016-12-161-2/+2
| | | | | | | | Signed-off-by: Wolfgang Wiedmeyer <wolfgit@wiedmeyer.de>
* | remove analytics supportDaniel Micay2016-12-161-2/+0
| |
* | defend against lockscreen brute forcingDaniel Micay2016-12-162-0/+7
| |
* | support separate encryption/lockscreen passwordsDaniel Micay2016-12-163-3/+77
| | | | | | | | | | | | | | | | | | | | | | | | This adds the necessary infrastructure for allowing users to opt-in to a distinct device encryption passphrase. The passwords are still tied together by default. This makes it possible to use a complex encryption passphrase without losing the convenience of a very simple lockscreen pin. This feature can be combined with a forced reboot after a chosen number of failed unlocking attempts to prevent brute-forcing by requiring the entry of the encryption password instead.
* | enable advanced reboot menu by defaultWolfgang Wiedmeyer2016-12-141-1/+1
| | | | | | | | Signed-off-by: Wolfgang Wiedmeyer <wolfgit@wiedmeyer.de>
* | Revert "Keyguard: switch to cm-specific device provisioned flag"Wolfgang Wiedmeyer2016-12-133-17/+11
| | | | | | | | This reverts commit ab5c226f688080d714f3eee987bd97e13cc348d5.
* | Revert "Keyguard: Register for the correct CMSW completed Uri"Wolfgang Wiedmeyer2016-12-131-1/+1
| | | | | | | | This reverts commit cbd2e76d14e07e4c01d0e451fced038272b897bc.
* | Revert "PhoneWindowManager : Check CM_SETUP_WIZARD_COMPLETED for ↵Wolfgang Wiedmeyer2016-12-131-2/+2
| | | | | | | | | | | | | | | | | | isUserSetupComplete" CyanogenMod's Setup Wizard is currently no in use. But if we fix the setup wizard and use it, this commit needs to be reverted. This reverts commit d4c6db9ce9020148d41234d5f28f0d57cc98f41c.
* | Merge branch 'cm-13.0' of ↵Wolfgang Wiedmeyer2016-12-132-10/+19
|\ \ | |/ | | | | https://github.com/CyanogenMod/android_frameworks_base into replicant-6.0
generated by cgit v1.1 at 2024-04-19 12:33:03 +0000