Do this both on input from apps (giving error) and between wifi and
ConnectivityService (ignoring bad data). This means removing all
addresses beyond the first and all routes but the first default and
the implied direct-connect routes.
We do this because the user can't monitor the others (no UI), their
support wasn't intended, they allow redirection of all traffic
without user knowledge and they allow circumvention of legacy VPNs.
This should not move forward from JB as it breaks IPv6 and K has
a more resilient VPN.
Bug:12663469
Change-Id: I80912cc08ffa1e4b63008c94630006cf316e7a64
In particular, if a 3rd party app tries to define a permission that
turns out to be defined by system packages following an upgrade,
the system package gets ownership and grants are re-evaluated
on that basis.
Bug 11242510
(Cherry-pick backport to JB)
Change-Id: Iabf7b6280e6c6674a51af5624142bd19ea0750ed
When we've installed an apk from the archive, recheck whether
to apply the system-uid policy restrictions around file system
restores.
Bug 8833099
(cherry picked from commit 2baf6dcfcf7fc1705db25e64dc0cb11fa3509d39)
Change-Id: I972fe1543f2234aa76baf562d6f806175ac0248e
Ensure that policy contains a clean seinfo
string. Where clean means no whitespace characters.
Change-Id: I814411cbc8d16eaed99a1389f5487529e36e617b
Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil>
Patch adds the seinfo label per package to the file.
This is of particular interest to the run-as program
which uses the seinfo tag to correctly label the
app security context before running the shell.
Change-Id: I9d7ea47c920b1bc09a19008345ed7fd0aa426e87
Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil>
This patch covers 2 cases. When an app is installed
and the resulting data directory is created for all
existing users. And when a new user is created and
all existing app data directories are created for
the new user.
Change-Id: Iacaba6d9d18d5337e65713960d14efe32006b330
Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil>
This patch set allows the PMS to parse the
mac_permissions.xml file which contains the
seinfo values. Each package that is installed
on the device will be assigned an seinfo value
based on policy. This seinfo value will help label
the app process and data directory. Modifications
include adjustments to ApplicationInfo.java
to store the seinfo tag per package as well as
adjustments to installd to communicate the seinfo
tag to libselinux.
Change-Id: I61ad1ea12fb6a9a6d0b108ec163bc4bf4c954b58
Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil>
The HeartbeatHandler for the System Server Watchdog has been running
on the wrong thread due to a race condition in initialization. It's
designed to run on ServerThread, so that it can catch lockups in the
main looper of the System Server. It has been running on
ActivityManagerThread instead, so it does not detect lockups on the
ServerThread as it should.
ActivityManagerService is calling Watchdog.getInstance() before
ServerThread calls Watchdog.getInstance().init(), so the handler is
being bound to the ActivityManagerThread instead of the ServerThread.
Explicitly bind HeartbeatHandler to ServerThread, so that the Watchdog
catches lockups on this critical thread.
Change-Id: Iccb184ac3adb817feb86ed4ee0e50e443bf74636
The root cause is:
There is a defect in window manager service: When a new
activity that can be ime target is added into window manager
but the Z order of input method window don't need to be
changed, then the target app token of input method window
would not be updated to new one. This defect may cause that
the layer of input method window is calculated incorrectly.
The solution:
Correct the target app token for input method window.
Change-Id: I008311e3c9b1cf5fc320b614d8675c183c506d50
Hotplug events say which display they're for and whether the display
was connected or disconnected. Before, this info was ignored, and the
event just triggered a rescan of all displays. If a display was
disconnected and then reconnected quickly, the rescan would treat this
as a no-op or a device property change and wouldn't turn the display
on.
Now the display manager attempts to update its state with the change
the event describes. So a quick disconnect/connect cycle will cause
the display to be turned on since the display manager will have
updated its internal state to reflect the disconnect event, and will
treat the connect event as a new display rather than a device property
change.
Bug: 7491120
Change-Id: Ia83f7c96b7f16f4c1bed2a73e9b56b0bf7ee3984
# By Arun Ravindran
# Via Gerrit Code Review (1) and Shuo Gao (1)
* commit '9434c112d1fef52ade78d7ef818daf981bf63bef':
Services: Adding HSPAP info in Android
The getServiceInfo() call directly to IPackageManager does not throw an exception.
The return value needed to be checked for null.
Bug: 8031032
Change-Id: I701b9e8cf3b2406a3b35a486183330489b3d46f5
