When user reset password their password,
if password doesn't match target quality of device,
DPM print a log why can't reset password.
however log message isn't correct information.
in log context, it have to exist current quality
and target quality. this patch can help print correct log.
Change-Id: I5c8fb1c77ddbe1bdbc76e35038c897e2e8efb077
Add the encrypted flag for the KeyPairGenerator and the KeyStore so that
applications can choose to allow entries when there is no lockscreen.
(partial cherry pick from commit 2eeda7286f3c7cb79f7eb71ae6464cad213d12a3)
Bug: 8122243
Change-Id: I5ecd9251ec79ec53a3b68c0fff8dfba10873e36e
In order to let apps use keystore more productively, make the blob
encryption optional. As more hardware-assisted keystores (i.e., hardware
that has a Keymaster HAL) come around, encrypting blobs start to make
less sense since the thing it's encrypting is usually a token and not
any raw key material.
(cherry picked from commit a3788b00bb221e20abdd42f747d2af419e0a088c)
Bug: 8122243
Change-Id: Ifc1c64743651b23a4eace208ade0176af47ea989
When an application's user data is cleared, the keystore entries need to
be cleared as well. Previously we were only clearing entries when the
application was uninstalled for all users. Now we cover the case of
multiuser as well.
(cherry picked from commit 6fd1c85d7f909580582e5ebc357564331ecef283)
Bug: 8566369
Change-Id: Id4df5e50661b676b8f6507b915764400982c01a0
Only call keystore if outInfo is not null
(cherry picked from commit 3b9933d0c2f2b9a2e973dca296ee45a69087e31c)
Bug: 8568820
Change-Id: I764980fd396dbc637732ad290eea2bd11036ec28
/data/system is no longer the right location for mac_permissions.xml.
Remove it.
Change-Id: Iabefb734b40d6785013bd6f6427931939fd0648b
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
/data/security is now the preferred location for updated policy files.
Add it for mac_permissions.xml.
Separate change will remove the old /data/system location.
Change-Id: I2774661e84c858c9b698ec60e224bbbcdac732f3
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
This adds a script that can generate the list from the other
makefiles.
This also regenerates the list.
Bug: 6336895
Change-Id: If1546c4a3f5b1f0d7c3ca79d29383e9843b2a89d
Add a hook into PackageManagerService so that when app IDs are
completely removed, we erase all entries from keystore for those UIDs
that have gone away.
Bug: 3020069
Change-Id: Id4b1d51a5fa4c418865055635a84bebcf5b65ec8
If LockScreen is enhanced using SurfaceView/GLSurfaceView,
deadlock problem between LockScreen and WindowManagerService
can occur because of IWindow.resized() callback.
And it must lead to watchdog and reset.
IWindow.resized() callback is one-way function so calling resized()
callback of a remote IWindow object is never blocked.
However, calling resized() callback of a local IWindow object
(LockScreen is running on the same system_server process)
is always blocked until resized() callback returns.
Because resized() callback of SurfaceView/GLSurfaceView can lead to
WindowManagerService.relayoutWindow() call, deadlock can occur
between relayoutWindow() and performLayoutAndPlaceSurfacesLockedInner().
(Both functions need locking mWindowMap)
So this patch simulate one-way call when calling resized() callback
of a local IWindow object.
Change-Id: I2a6a5c74ed22d8e6b7a3bea3424ff2879d227105
Signed-off-by: Sangkyu Lee <sk82.lee@lge.com>
Add support for the following physical keyboard layouts:
English US international and Brazilian layout.
Change-Id: Iae928713a94611de18a92f6959adf7fa3500b2b2
Signed-off-by: Olivier Gay <ogay@logitech.com>
Signed-off-by: Myriam Galaret <mgalaret@logitech.com>
We need the ability to install from the system UID to wifi UID
to explicitly bind WiFi credentials to the WiFi profile. This adds the
ability for Wifi Settings to invoke installation of a PKCS12 file for
the wifi UID.
Bug: 8183258
Change-Id: I652b7e6fa93deda6d6d310be33f224e5a356c787
Ensure that policy contains a clean seinfo
string. Where clean means no whitespace characters.
Change-Id: I814411cbc8d16eaed99a1389f5487529e36e617b
Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil>
Fix a bug in unstable ContentProvider.
IllegalStateException: ref counts can't go to zero here: stable=0 unstable=0
IllegalStateException: unstable count < 0: -1
There is a race between main thread and background database thread. Main thread
is responsible for handling the REMOVE_PROVIDER message. Database thread starts
insert or query request again and again. acquireProvider in db thread will often
snatch provider from the jaws of death, sometime it fails to remove REMOVE_PROVIDER
which is already fired out from MessageQueue. But completeRemoveProvider in main
thread gets suspended when trying to execute the critical section. If db thread
released the provider before main thread resumes the execution, then two
REMOVE_PROVIDER messages will be executed.
Change-Id: I8588aa1d1a8bc444dcd2adf6f8bc3f055cebbdc4
Signed-off-by: Guobin Zhang <guobin.zhang@intel.com>
Also rewrite @deprecated comments to use an initial capital so they
look right in the generated documentation.
Also improve formatIpAddress documentation.
Change-Id: I317ebe411ef76e16a4535318ce73e00b63af38da
It was possible to overrun this buffer, and even if you did fill
the buffer in a single read and exit the loop, the "string" still
wouldn't be terminated.
Bug: 8468088
Change-Id: Ia19f4d26dfd79e7b63807a7ec9540b932163d246
Patch adds the seinfo label per package to the file.
This is of particular interest to the run-as program
which uses the seinfo tag to correctly label the
app security context before running the shell.
Change-Id: I9d7ea47c920b1bc09a19008345ed7fd0aa426e87
Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil>
