This avoids loading all AndroidKeyStore crypto SPI classes when the
AndroidKeyStore provider is instantiated and installed. This provider
is installed early on during the initialization of each app. Most apps
don't need these classes loaded.
Bug: 18088752
Change-Id: Ib43c9dd6a7d434b128916e0f9c8652ba61df0d47
autoPadding added.
- This CL fixes recent CTS failures about copyPadded after
lmp-mr1-dev changes pushed to aosp.
Change-Id: Ica1f4fd934cd83ca4357ea7e7c82dcc7f844b689
The code in question talks to KeyStore which returns error codes
which are a mix of keystore and keymaster error codes. To better
match the layering of KeyStore on top of keystore and keymaster,
this CL renames KeymasterException into KeyStoreException. It also
adds human-readable error messages to exceptions raised by keystore
rather than keymaster (e.g., key not found).
Bug: 18088752
Change-Id: I4cd1235e16518c9f2e8c5557a457774c6e687b88
Now that auth token checks are in keystore keys without any auth tags
are invalid.
Also adds a test to check that a key with auth required fails when none
is present.
Change-Id: I0d5d44d70a849978e9b2e809675b8343c6650ff2
When there is a process died, only resume top if
it contains visible activity.
This can fix case 1 in
https://android-review.googlesource.com/#/c/120901/
Change-Id: I45584e76f9e863980d04bbb593d7d26a8900acd0
This defers the start of a new KeyStore operation after Mac.doFinal
until the next Mac.update or .doFinal. Previously, the a new KeyStore
operation was started immediately, at the end of doFinal.
Bug: 18088752
Change-Id: I2d594067ef261f519631d09f7a6087b715801656
This makes the hidden API android.net.Uri.toSafeString omit most parts
of HTTP, HTTPS, and FTP URLs to avoid leaking anything unsafe. Only
the host and port are retained for these URLs.
Bug: 19215516
Change-Id: I2e9e33d9afaa9de5dd07a40532d56f0a2179f62a
Expose ART's -Xzygote-max-boot-retry through a new system property
dalvik.vm.zygote.max-boot-retry.
Bug: 19983101
Change-Id: Ib88f807e0082d71292c14c7af38e02cca5a5602c
Keymaster HAL currently requires that key validity start and end dates
always be specified. The framework API does not. This CL expresses
the framework API's "not specified" instants to Keymaster as instants
in distant past or future.
Bug: 18088752
Change-Id: Ia9d66d5e57bfca30628cdef6e0925a2781a3acfb
scan.cpp gets sys/stat.h inherited from
private/android_filesystem_config.h it should
not rely on this in the future. The intent is
to move fs_config function into libcutils and
thus deprecate any need for sys/stat.h in this
include file.
Bug: 19908228
Change-Id: If547e86513b06c536972138ae571c3d9c714ffe9
app_main.c gets sys/stat.h inherited from
private/android_filesystem_config.h it should
not rely on this in the future. The intent is
to move fs_config function into libcutils and
thus deprecate any need for sys/stat.h in this
include file.
Bug: 19908228
Change-Id: I477b825e582742113f849aaa1df50c41e496b6f6
Symptom:
Report ANR on wrong activity.
Reproduce steps:
(All launchMode, taskAffinity are default and
without additional intent flag)
Case 1:
1.Launch activity A from launcher.
2.Activity A starts B activity.
3.Press home key.
4.Launch activity A from launcher (B is top).
5.Press back key twice to finish B and A,
A sleep 10s in onResume.
6.ANR will report on launcher.
Case 2:
1.Launch activity A from launcher.
2.Press home key.
3.Kill process of A.
4.Launch activity A from launcher.
5.A sleep 10s in onResume, press back key immediately.
6.ANR will report on launcher.
Possible root cause:
Focused activity will not be updated every time when activity
resumed. (the condition to call setFocusedActivityLocked)
Case 1:
Launcher was stopped and not waitingVisible due to launcher
is not the previous one, then getWaitingHistoryRecordLocked
has no chance to correct the real ANR activity.
Case 2:
Due to process of next activity is died, bring existed
task will not set mResumedActivity (it will be set when its
process is started), so when assigning waitingVisible from
processStoppingActivitiesLocked, the return value of
allResumedActivitiesVisible will be true even there is no
mResumedActivity. That results set waitingVisible to false
to previous activity (e.g. launcher), then also cannot
correct ANR target as case 1.
Change-Id: I0b24f46a8fab266382ebc6e2ed84ebeca9358768
Application may use many threads to load data from provider.
If the target provider needs to start process, each access
will occupy one binder thread of system server until the
provider process started and published.
Sometimes application uses more than 16 threads to access
the same provider, and the provider process needs a little
long time to start, then all binder threads of system server
are waiting. But when the provider is ready, it is unable to
publish to notify those waiting threads because no availabe
binder thread to use. And device will become almost hang.
Improvement:
If there is already a thread acquiring provider, let other threads
(which try to acquire the same provider) wait the result of the
first one. That reduces IPC to save binder thread of system server.
Remove calling removeContentProvider in installProvider because
we have ensured only get one provider holder for the same provider,
the original race that gets a new useless holder will not happen.
Change-Id: I521f2603db8ced56912f5dc54342a70451e68381
This adds AndroidKeyStore.getKeyStoreOperationHandle method which can
be used to obtain the KeyStore operation handle corresponding to the
provided JCA cryto primitive (provided it's backed by
AndroidKeyStore).
Bug: 18088752
Change-Id: Iaa3b6f9b2281b2ec2de8fd5946d353dc7fdb3d2d
This factory provides a way to obtain information about a SecretKey
backed by AndroidKeyStore. The information is provided in a form of an
instance of KeyStoreKeySpec class.
EXAMPLE
SecretKeyFactory factory = SecretKeyFactory.getInstance(
key.getAlgorithm(), "AndroidKeyStore");
KeyStoreKeySpec keySpec =
factory.getKeySpec(key, KeyStoreKeySpec.class);
Bug: 18088752
Change-Id: I26c9dd544f80230fe7039501eeb471eaf875452b
