summaryrefslogtreecommitdiffstats
path: root/services/core
Commit message (Collapse)AuthorAgeFilesLines
* Merge branch 'cm-13.0' of ↵HEADreplicant-6.0-0001replicant-6.0Wolfgang Wiedmeyer2017-05-026-51/+146
|\ | | | | | | https://github.com/LineageOS/android_frameworks_base into replicant-6.0
| * Fix exploit where can hide the fact that a location was mockedTom O'Neill2017-04-061-1/+16
| | | | | | | | | | | | | | | | | | | | | | | | am: a206a0f17e am: d417e54872 am: 3380a77516 am: 0a8978f04b am: 1684e5f344 am: d28eef0cc2 am: 1f458fdc66 am: d82f8a67fc am: 1ac8affd51 am: 56098f81b6 am: 7cec76de0f am: 2da05d0f9e AOSP-Change-Id: I8c94a06f5fa722312436484609bafcb0585d6d18 CVE-2017-0489 Change-Id: I7bf939b05b7bfc5a855b212fe8c92fc58943e7d6 (cherry picked from commit d22261fef84481651e12995062105239d551cbc6)
| * Fixed the logic for tethering provisioning re-evaluationJack Yu2017-04-051-9/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously we only re-evaluate provisioning for SIM swap case The new logic covers both SIM swap case (ABSENT->NOT_READY->UNKNOWN->READY->LOADED) and modem reset case (NOT_READY->READY->LOADED) Test: Manual bug: 33815946 Merged-In: I9960123605b10d3fa5f3584c6c8b70b616acd6f8 AOSP-Change-Id: I9960123605b10d3fa5f3584c6c8b70b616acd6f8 CVE-2017-0554 Change-Id: I5d55db56b61780eb83e57bc021d36a129416ce5c (cherry picked from commit 3294256ba5b9e2ba2d8619d617e3d900e5386564)
| * Add @GuardedBy annotation to PersistentDataBlockService#mIsWritable.Charles He2017-03-221-0/+3
| | | | | | | | | | | | | | | | | | | | | | | | Test: manual Bug: 30352311 CVE-2017-0498 Change-Id: I1024f2a56badde5c123d025d6fe02f42559cbcb1 (cherry picked from commit f6f1d627483b4dad9d65176769a1ee92c59a4810) (cherry picked from commit 71d2a41dd9c8be8c4bca5eba339802e1e0c2be3c) (cherry picked from commit 5f621b5b1549e8379aee05807652d5111382ccc6)
| * Prevent writing to FRP partition during factory reset.Charles He2017-03-221-6/+14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Avoid potential race condition between FRP wipe and write operations during factory reset by making the FRP partition unwritable after wipe. Bug: 30352311 Test: manual CVE-2017-0498 Change-Id: If3f024a1611366c0677a996705724458094fcfad (cherry picked from commit a629c772f4a7a5ddf7ff9f78fb19f7ab86c2a9c2) (cherry picked from commit a9437bd1caeeb38780d920a81bde8cc7ca280fe0) (cherry picked from commit 1c4d535d0806dbeb6d2fa5cea0373cbd9ab6d33b)
| * DO NOT MERGE. Retain DownloadManager Uri grants when clearing.Jeff Sharkey2017-03-131-0/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | As part of fixing a recent security issue, DownloadManager now needs to issue Uri permission grants for all downloads. However, if an app that requested a download is upgraded or otherwise force-stopped, the required permission grants are removed. We could tell DownloadManager about the app being stopped, but that would be racy (due to background broadcast), and waking it up would degrade system health. Instead, as a special case we now only consider clearing DownloadManager permission grants when app data is being cleared. Bug: 32172542, 30537115 Test: builds, boots, app upgrade doesn't clear grants Change-Id: I7e3d4546fd12bfe5f81b9fb9857ece58d574a6b9 (cherry picked from commit 23ec811266fb728cf159a90ce4882b3c9bac1887) (cherry picked from commit 6eee8e37fd06bd47dd19b8503bc30cc8ccaf72a7) (cherry picked from commit 36772fc2263e06972add737660392afd246da15e)
| * DO NOT MERGE: Check provider access for content changes.Jeff Sharkey2017-03-132-31/+91
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | For an app to either send or receive content change notifications, require that they have some level of access to the underlying provider. Without these checks, a malicious app could sniff sensitive user data from the notifications of otherwise private providers. Test: builds, boots, PoC app now fails Bug: 32555637 Change-Id: If2dcd45cb0a9f1fb3b93e39fc7b8ae9c34c2fdef (cherry picked from commit c813f5dae231bd8f01864227c5dba10d43a89249) (cherry picked from commit db57376d6ccbd4d3e39fc35aa8cfb561bbca4bac) mh0rst: Backport from android-7.1.1_r21
| * Use STREAM_RING on non-voice capable devicesLuK13372017-02-111-4/+7
| | | | | | | | | | | | * That's what Google does. Change-Id: Iac88d161eb1dccbbb5c538d5e04d8d1fc43edef2
* | Merge branch 'cm-13.0' of ↵Wolfgang Wiedmeyer2017-02-111-1/+8
|\ \ | |/ | | | | https://github.com/LineageOS/android_frameworks_base into replicant-6.0
| * Public volumes belong to a single user.Jeff Sharkey2017-02-031-1/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When a public (vfat) device is inserted, it's strongly associated with the current foreground user, and no other users should be able to access it, since otherwise that would be a cross-user data leak. To use the device under a different user, switch users and then eject/remount the device. Test: verified user isolation of USB drive Bug: 32523490 Change-Id: I590c791996f1fea8d78f625dc942d149f1f41614 (cherry picked from commit 8b38d083c42e2706e1ff5a1410fa61d1f5dea3f5) (cherry picked from commit 47e62b7fe6807a274ba760a8fecfd624fe792da9)
* | support separate encryption/lockscreen passwordsDaniel Micay2016-12-161-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | This adds the necessary infrastructure for allowing users to opt-in to a distinct device encryption passphrase. The passwords are still tied together by default. This makes it possible to use a complex encryption passphrase without losing the convenience of a very simple lockscreen pin. This feature can be combined with a forced reboot after a chosen number of failed unlocking attempts to prevent brute-forcing by requiring the entry of the encryption password instead.
* | enable advanced reboot menu by defaultWolfgang Wiedmeyer2016-12-141-1/+1
| | | | | | | | Signed-off-by: Wolfgang Wiedmeyer <wolfgit@wiedmeyer.de>
* | Revert "PhoneWindowManager : Check CM_SETUP_WIZARD_COMPLETED for ↵Wolfgang Wiedmeyer2016-12-131-2/+2
| | | | | | | | | | | | | | | | | | isUserSetupComplete" CyanogenMod's Setup Wizard is currently no in use. But if we fix the setup wizard and use it, this commit needs to be reverted. This reverts commit d4c6db9ce9020148d41234d5f28f0d57cc98f41c.
* | Merge branch 'cm-13.0' of ↵Wolfgang Wiedmeyer2016-12-131-9/+16
|\ \ | |/ | | | | https://github.com/CyanogenMod/android_frameworks_base into replicant-6.0
| * DO NOT MERGE Isolated processes don't get precached system service bindersChristopher Tate2016-12-121-9/+16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | More specifically, they get a PackageManager binder -- necessary for Android process startup and configuration -- but none of the other usual preloaded service binders. CYNGNOS-3312 Bug 30202228 Change-Id: I3810649f504cd631665ece338a83d2e54d41ad05 (cherry picked from commit 2c61c57ac53cbb270b4e76b9d04465f8a3f6eadc) (cherry picked from commit f4d23f30c92bc80808f57677caab0282c8d28dc6) (cherry picked from commit 9357830a380c8174ce5130941a7a53915d680819)
* | Merge branch 'cm-13.0' of ↵Wolfgang Wiedmeyer2016-12-1265-1305/+2642
|\ \ | |/ | | | | https://github.com/CyanogenMod/android_frameworks_base into replicant-6.0
| * AppOps: Do not prune apps that are not presentJorge Ruesga2016-12-031-4/+11
| | | | | | | | | | | | | | | | | | | | | | Do not prune apps that are not currently present in the device (like USB memory ones). While booting, they are not available but must not be purged from AppOps, because they are still present in the Android app database. Issue-Id: CYAN-2811 Change-Id: I6680cbdf0022812b45d966dffee754399e92accb Signed-off-by: Jorge Ruesga <jorge@ruesga.com>
| * frameworks/base: Addition of Changes for ZeroBalance featurePragnya Paramita2016-11-101-0/+35
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | --Addition of code to receive broadcast from ZeroBalanceHelper application for executing command to write block/unblock rule to Iptable. --Addition of ZeroBalanceHelper file to be accesible by other modules to notify ZeroBalanceHelper application about update on change of SIM balance. --Addition of rule to allow browser uid when rest all applications are in blocked state. --Addition of feature flag to control the zerobalance feature. CRs-Fixed: 927258 Change-Id: Ifdf4c46fd63ab78193047a9bc8b62bf41065a665
| * NotificationManager: Concentrate LED light capabilities at a single locationRicardo Cerqueira2016-11-102-14/+58
| | | | | | | | | | | | | | | | | | | | | | | | | | We had(have) a bunch of individual boolean toggles for various LED behaviors and combinations, which end up getting used as a similarly sprawling bunch of getResource() calls across various locations. And they keep piling up... So... create a new overlayable array of LED capabilities (config_deviceLightCapabilities) where we can throw everything (and expand in the future). Also, create a helper to abstract usage of the old (multi-resource) and new (single resource array) formats to avoid breaking any deployed devices. Change-Id: I7d627914b058861048071fc15776031c4152157f
| * am: Fix mismergeBruno Martins2016-11-091-9/+0
| | | | | | | | | | | | | | * The removal of this code was missed out during merge of tag 'android-6.0.1_r74' Change-Id: I57dc035f79b7e20c09a21d5242c20370ad6d34ce
| * Merge tag 'android-6.0.1_r74' into HEADJessica Wagantall2016-11-094-9/+53
| |\ | | | | | | | | | | | | | | | CYNGNOS-3303 Android 6.0.1 release 74
| | * Avoid crashing when downloading MitM'd PAC that is too big am: 7d2198b586 ↵Paul Jensen2016-09-271-4/+30
| | | | | | | | | | | | | | | | | | | | | | | | am: 9c1cb7a273 am: 6634e90ad7 am: 66ee2296a9 Change-Id: Ib0023b44e521b936ab2f9450ad367b1feda64492
| | * DO NOT MERGE Check caller for sending media key to global priority sessionJaewan Kim2016-09-271-0/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Prevent sending media key events from the non-system app to the global priority session through the MediaSessionManager.dispatchMediaKeyEvent(). Note that any app can use the API indirectly with the public API AudioManager.dispatchMediaKeyEvent(). Bug: 29833954 Tested: Installed malicious apps and confirmed that they don't work. Tested: Run CtsTelecomTestCases and CtsMediaTestCases Change-Id: I2a9e78196ba7455324e485f098f095d03b47ee15 (cherry picked from commit c282c4f106bea5c5375fdb6062ffd4fdcf8563a7)
| | * Fix build break due to automerge of 7d2198b5Paul Jensen2016-09-271-1/+1
| | | | | | | | | | | | | | | | | | | | | Bug: 30100884 Change-Id: I8fa379a74b5d9467b5b9498bd18de2a043963c6f (cherry picked from commit baae57ab24db7d3b0bf7f84c05954173f1ee15fe)
| | * DO NOT MERGE: Catch all exceptions when parsing IME meta dataTadashi G. Takaoka2016-09-271-4/+2
| | | | | | | | | | | | | | | | | | | | | | | | Bug: 30568284 Change-Id: I0b613f8ce0f014320c5ac1bf445699ea2702a0a2 (manually cherry picked from 9b2997d22e6ce2a15065d8e7608dd77b316c2065) (cherry picked from commit 7bb4c825585d5a6afbb59484ec7db5f5dec1bdaf)
| | * DO NOT MERGE: Fix deadlock in AcitivityManagerService.Sudheer Shanka2016-09-271-9/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | | Don't hold mPidsSelfLocked lock when calling cleanUpApplicationRecordLocked. Bug: 31463143 Change-Id: I421962cbfd7c466662edcef805c3e27321dc5a98 (cherry picked from commit b59e73613bbaf252e2ee5892d7a95cbbd7d40b26)
| | * DO NOT MERGE: Fix vulnerability where large GPS XTRA data can beDavid Christie2016-08-251-2/+19
| | | | | | | | | | | | | | | | | | | | | | | | | | | injected. -Can potentially crash system with OOM. Bug: 29555864 Change-Id: I7157f48dddf148a9bcab029cf12e26a58d8054f4 (cherry picked from commit 5439aabb165b5a760d1e580016bf1d6fd963cb65)
| | * Bind fingerprint when we start authentication - DO NOT MERGEJim Miller2016-08-251-9/+16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This fixes a bug where it was possible to authenticate the wrong user. We now bind the userId when we start authentication and confirm it when authentication completes. Fixes bug 30744668 Change-Id: I346d92c301414ed81e11fa9c171584c7ae4341c2 (cherry picked from commit b6f4b48df273d210d13631b4c2426482feb40c97)
| | * Fix vulnerability in LockSettings serviceJim Miller2016-08-251-0/+6
| | | | | | | | | | | | | | | | | | | | | Fixes bug 30003944 Change-Id: I8700d4424c6186c8d5e71d2fdede0223ad86904d (cherry picked from commit 2d71384a139ae27cbc7b57f06662bf6ee2010f2b)
| | * DO NOT MERGE: Clean up when recycling a pid with a pending launchAmith Yamasani2016-08-252-4/+22
| | | | | | | | | | | | | | | | | | | | | | | | | | | Fix for accidental launch of a broadcast receiver in an incorrect app instance. Bug: 30202481 Change-Id: I8ec8f19c633f3aec8da084dab5fd5b312443336f (cherry picked from commit d1eeb5b7b489d47994a71510f1ed5b97b8e32a7a)
| * | batteryservice: Remove remnants of CAF's HVDCP changesZhao Wei Liew2016-11-081-31/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Commit ce521ee7de0bf1264abe0cd399f59e505ff28005 removed the usage of isHvdcpPresent(), but did not remove the function itself. Remove isHvdcpPresent() as clean-up. This essentially reverts the rest of the following commits: 64deb448b8ac50587bc90e3506e639e4e1a066ed batteryservice: Avoid exception if device doesn't support HVDCP 4df4f532741d4aaa848d70c2465765a9a8b19d87 batteryservice: add support for charger led blinking Change-Id: Ie39c11ee9811f6af84a55ed85b72123cc449c735
| * | Fix zen priority mode vibration logic.Danny Baumann2016-11-071-1/+1
| | | | | | | | | | | | | | | | | | | | | Even if zen priority mode is active and vibration is allowed, we still want to keep notifications with score below the threshold silent. Change-Id: I0a60bbd787e7f98f721129902054ab37fb9f58a7
| * | services: battery: Don't blink with an hvdcp chargerDiogo Ferreira2016-11-041-8/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Quick charging doesn't really turn the device into a ticking time bomb so there is no use in frantically blinking the led while charging. This is a partial revert of the lights changes in a qualcomm commit (ec43b6d83). Change-Id: I42fdaa4a0af1bfa96c598b4209cbe9936d0de35d Ticket: MARMITE-441
| * | Support enforcing a minimum delay between notification sounds of an app.Danny Baumann2016-10-202-1/+71
| | | | | | | | | | | | | | | | | | Useful e.g. for messenger apps. Change-Id: If8e8cc9e2f02d70537c1f9dc14f22bbd0ec1e9a6
| * | (Optionally) allow vibration during priority zen mode.Danny Baumann2016-10-192-15/+51
| | | | | | | | | | | | Change-Id: I6fb81c5898fbfe9e89a4af3fdc042266c8a9be6c
| * | Fix volume keys wakeup status handlingGabriele M2016-10-081-4/+36
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The same status flag is used for the three different volume keys, however nothing prevents users from pressing multiple keys at the same time. This allows to set the status flag with one volume key and clear it with the other volume key. Use one flag per key so that we never end up in an inconsistent state. This fixes the seldom power button issues that happen when the "volume wake" feature is enabled. Change-Id: I08f5f9ff696bef3dd840cff97d570e44ebe03e4e
| * | Merge tag 'android-6.0.1_r72' into HEADJessica Wagantall2016-10-065-15/+63
| |\ \ | | | | | | | | | | | | | | | | | | | | | | | | Android 6.0.1 Release 72 (M4B30X) # gpg: Signature made Tue 04 Oct 2016 09:47:40 AM PDT using DSA key ID 9AB10E78 # gpg: Can't check signature: public key not found
| | * | DO NOT MERGE: Fix vulnerability where large GPS XTRA data can beDavid Christie2016-08-261-2/+19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | injected. -Can potentially crash system with OOM. Bug: 29555864 Change-Id: I7157f48dddf148a9bcab029cf12e26a58d8054f4 (cherry picked from commit 5439aabb165b5a760d1e580016bf1d6fd963cb65)
| | * | Bind fingerprint when we start authentication - DO NOT MERGEJim Miller2016-08-261-9/+16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This fixes a bug where it was possible to authenticate the wrong user. We now bind the userId when we start authentication and confirm it when authentication completes. Fixes bug 30744668 Change-Id: I346d92c301414ed81e11fa9c171584c7ae4341c2 (cherry picked from commit b6f4b48df273d210d13631b4c2426482feb40c97)
| | * | Fix vulnerability in LockSettings serviceJim Miller2016-08-261-0/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes bug 30003944 Change-Id: I8700d4424c6186c8d5e71d2fdede0223ad86904d (cherry picked from commit 2d71384a139ae27cbc7b57f06662bf6ee2010f2b)
| | * | DO NOT MERGE: Clean up when recycling a pid with a pending launchAmith Yamasani2016-08-262-4/+22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix for accidental launch of a broadcast receiver in an incorrect app instance. Bug: 30202481 Change-Id: I8ec8f19c633f3aec8da084dab5fd5b312443336f (cherry picked from commit d1eeb5b7b489d47994a71510f1ed5b97b8e32a7a)
| | * | Reduce shell power over user management.Sudheer Shanka2016-08-171-5/+75
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Remove MANAGE_USERS permission from shell and whitelist it for some specific functionality. Bug: 29189712 Change-Id: Ifb37448c091af91991964511e3efb1bb4dea1ff3
| | * | DO NOT MERGE: Allow apps with CREATE_USERS permission to call UM.getProfiles.Sudheer Shanka2016-08-161-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Bug: 29189712 Bug: 30317026 Bug: 30235113 Change-Id: Icced9805a56675e86f894c458c4a5a0048fd54c0
| | * | DO NOT MERGE Block the user from entering safe boot modeBenjamin Franz2016-08-161-0/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Block the user from entering safe boot mode if the DISALLOW_SAFE_BOOT policy is set. Bug: 26251884 Change-Id: I4945d5d676928346c11ea305a5b6a2e1a42e94e6
| | * | Check caller's uid before allowing notification policy access.Julia Reynolds2016-08-161-0/+5
| | | | | | | | | | | | | | | | | | | | Bug: 29421441 Change-Id: I7460268595e932d54660b02007bcd68b95fe8aec
| * | | PhoneWindowManager: set focus flags on keyguard panelsRoman Birg2016-09-084-7/+32
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Ticket: CYNGNOS-3251 Change-Id: I394514335bdaeafdc7b89918ece1fe3d2794647f Signed-off-by: Roman Birg <roman@cyngn.com>
| * | | Merge tag 'android-6.0.1_r66' into HEADJessica Wagantall2016-09-073-1/+13
| |\ \ \ | | | |/ | | |/| | | | | | | | | | | | | | | | | Android 6.0.1 release 66 # gpg: Signature made Tue 06 Sep 2016 09:26:45 AM PDT using DSA key ID 9AB10E78 # gpg: Can't check signature: public key not found
| | * | DO NOT MERGE: Allow apps with CREATE_USERS permission to call UM.getProfiles.Sudheer Shanka2016-08-011-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Bug: 29189712 Bug: 30317026 Bug: 30235113 Change-Id: Icced9805a56675e86f894c458c4a5a0048fd54c0
| | * | DO NOT MERGE Block the user from entering safe boot modeBenjamin Franz2016-07-211-0/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Block the user from entering safe boot mode if the DISALLOW_SAFE_BOOT policy is set. Bug: 26251884 Change-Id: I4945d5d676928346c11ea305a5b6a2e1a42e94e6
| | * | Check caller's uid before allowing notification policy access.Julia Reynolds2016-07-211-0/+5
| | | | | | | | | | | | | | | | | | | | Bug: 29421441 Change-Id: I7460268595e932d54660b02007bcd68b95fe8aec
generated by cgit v1.1 at 2024-12-22 17:30:17 +0000