Security.insertProviderAt uses 1-based positions whereas the
AndroidKeyStoreProvider.install code was incorrectly passing in
0-based positions, thus installing the AndroidKeyStoreBCWorkaround
provider one level higher than intended. This change fixes the issue
in AndroidKeyStoreProvider.
Bug: 25399691
Change-Id: I4a66bf37c0d151edb9a2349db9d91939064c0574
Bug: 25602504
1) Passing floating point values into a script group was broken,
since they were casted to long values. Fixed that in the frameworks
implementation by taking the raw bits instead.
2) Passing 64-bit values into a script group was broken on 32-bit
platforms, since they were casted to pointer-sized integers
(uintptr_t) in the JNI code. Fixed that by casting to int64_t
instead.
3) Setting global variables of Allocation type in a script group was
broken. The special size value -1 was used to indicate the value is an
Allocation. However, size was casted to size_t in the JNI code.
Fixed that by using signed integers.
Change-Id: Ifff099a76be7707df7b67c388395f5a00f9cae66
Although all zero (0000:00:00) is valid time, in most cases it means
that value is not present. According to http://www.exiv2.org/Exif2-2.PDF
in such case those values should be omitted, however
some cameras set them to 0 anyway. With this commit such timestamps
will be treated as they were empty.
Change-Id: I9c762b1fa04ea6bf9c0fba9e2459a20430c71c90
Speedup by telling __android_is_loggable interface it will not
be called within a signal handler. This saves two system calls.
Bug: 25563384
Change-Id: Ib8188641c8c76e5aa848476da98596be6b8e5040
Change-Id: I4013e0700369764a26485d8620ebf16d8bea1951
Test: Built and ran Android in an emulator
Bug: 25242023
Signed-off-by: Casey Dahlin <sadmac@google.com>
When getting trust anchors we need to dedup them based on the
certificate to avoid having multiple trust anchors with the same cert
but different pin override behavior. If there are multiple trust anchors
with the same cert, the trust anchor which overrides pins wins.
Change-Id: Ida31f2551f56997418b8b091bb2598c5593cb069
mPendingConfiguration is a parameter of IWindowSession.relayout.
And IWindowSession.aidl declared "out Configuration outConfig",
it will always create a new configuration for remote side to write.
If remote side does not write (WMS does not have config change),
the new default configuration will be returned.
In original code passes mPendingConfiguration to updateConfiguration
directly, then callbacks (sConfigCallbacks) receive the same
instance of mPendingConfiguration. And because the implementation
of callback may use the configuration after relayout has reset
the configuration to default, then it may have timing that results
"showing hybrid of portrait and landscape modes" which try to fix
in commit e36d6e27.
To avoid this, always create a copy to updateConfiguration.
MSG_RESIZED_REPORT from dispatchResized also did the same thing.
Related commit:
e36d6e277e49475076b7872d36ea6a5c5b996e9d
694f79b5d1196640d1beb680b7d1fc68e6e77cbd
Change-Id: Ic1abd596e384918224b3a7020583d9a04641cccc
X509TrustManagerExtensions assumes that the default X509TrustManager is
an instance of conscrypt's TrustManagerImpl. That's no longer going to
always be the case. Instead use duck typing to support any
X509TrustManagers that have the extra methods required for
X509TrustManagerExtensions.
Change-Id: If23471bda590d5e131bb1e802a60599957bc7f37
Debug overrides are only used if the application is debuggable in
order to help local debugging and development by trusting additional
CAs. In a non-debuggable version of the application the debug-overrides
are ignored.
Trust anchors in the debug override configuration have two key
differences from those in base-config and domain-config:
1) trust anchors in the debug-overrides are trusted for all connections
in addition to any trust anchors included in the relevant base/domain
configs.
2) By default trust anchors in the debug config override pins, as their
purpose is for connecting to non-standard servers for debugging and
testing and those servers should not be pinned in the production
configuration.
Change-Id: I15ee98eae182be0ffaa49b06bc5e1c6c3d22baee
When precache, PathTexture is added to PathCache, and it is released after drawn if we want to clean it.
But the PathCache LRU still holds the entry of the PathTexture object. When trim the cache in
the end of each frame, LRU finds that its mListener is not NULL and invoke the functor, however,
mListerer points to the released PathTexture object and is a dangling pointer, thus leads to crash.
Smart pointer don't help here since they only manage scopes, while PathTexture is also controled by
its cleanup field.
The fix is to also remove the LRU entry of PathTexture*, it will also release the texture object
and there won't be texture leaks.
Change-Id: Iaa0621df5dc71532e9e75b38ad94384353930b95
Symptom:
As issue link:
https://code.google.com/p/android/issues/detail?id=193100
RootCause:
UsageStatsService.onDisplayChanged executed in system main thread,
If calling UsageStatsManager.queryEvents with too many events before it
(i.e. in daily usage event file,
too many activity resume / pause events or configuration change
during monkey test),
System will be blocked then watchdog timeout.
Solution:
Let display listener executed in background thread handler
Change-Id: Ic894d112612400ed8fb7ba843b3309fdc4f66fe1
Add system_server to AID_READPROC, to allow system_server to read
/proc entries associated with other UIDs.
Bug: 23310674
Change-Id: I1602b8ee30670cde4ed56e2f901524c105895352
Nested domain-config inherit unset parameters from the domain-config
they are nested in. This helps avoid copy and pasted configs that are
almost the same except a few minor differences for a domain with
slightly different requirements.
For example: Consider a domain-config for example.com that, among other
settings, does not enforce hsts. Now if you want the rules for
example.com to apply to secure.example.com except that hsts _is_
enforced you can make a nested domain-config for secure.example.com
under example.com that sets hstsEnforced="true" and nothing else.
Change-Id: I9e33f7e62127fd7f4f15c3560fff2f2626477bd4
XmlConfigSource parses an ApplicationConfig from an xml resource.
Currently this supports app-wide default configuration via the
base-config element, per domain via the domain-config element and
inheritance of unset properties at parse time.
Inheritance of unset properties is currently only:
domain-config -> base-config -> platform default configuration
Where the most specific value is used.
For example: If the base-config specifies trust anchors, all connections
will use those anchors except for connections to a domain which has a
domain-config that specifies trust anchors, in which case the
domain-config's trust anchors will be used. If the domain-config or
base-config don't set trust anchors, or don't exist, then the platform
default trust anchors will be used.
Nested domain-config entries, debug-overrides, and thorough
documentation of the xml format will follow in later commits.
Change-Id: I1232ff1e8079a81b340bc12e142f0889f6947aa0
If the user has not added any CAs to the user trust store the user-added
directory will not have been created.
Change-Id: I8b5f73af3c0761c56969874231004fedbf7badda
Symptom:
WindowManagerService throws exception and system crashes.
Root cause:
When the MagnificationGesture is turned off during animation of scale
up/down, WindowManagerService.mAccessibilityController can be null so
exception is thrown.
Solution:
Cancel ongoing animation before turning off MagnificationGesture.
Change-Id: I469d84e024bdd453e3729a69229398233ed2eb61
