The system should never be extending Uri permission grants from
itself, since it automatically holds all the permissions. Instead,
the system should always be a mediator between two specific app, and
it should be using startActivityAsCaller() if it needs to extend
permissions.
Blocking at this level fixes an entire class of confused deputy
security issues.
Test: builds, normal intent resolution UI works
Bug: 33019296
Change-Id: Iaa57c393a386d8068e807d0dd0caccc89d8a11db
Stack visibility is evaluated based on its position in stack list.
In this case we care only about stacks on the same display.
Test: ActivityManagerDisplayTests
Test: #testLaunchActivitiesAffectsVisibility
Change-Id: Ide42e8b5e240bd61c33cc2d4715e44fc9a940952
Unless the app is not targeting O and the user hasn't set
a preference in Settings.
Also apps no longer need the vibration permission to vibrate with
a notification.
Test: runtest systemui-notification
Change-Id: Ia84b1c97d13cb479db07035ca622b1fe52261329
Seems like a line got lost in one of the many refactors :-)
Also adds debug statements for UnknownAppVisibilityController.
Test: Launch camera from lockscreen, make sure no delay.
Change-Id: Idb49b8dcfd2ce351a62d46d93a917a791d38caa1
Core system components (such as those marked as "persistent") are
aggressively restarted by the system, so crashing them as a side
effect of wtf() could easily cause system instability.
Instead, this change now treats persistent processes the same as the
system_server; we still log the wtf() event, but we don't crash
the app.
This change also causes wtf() events to be fatal on "eng" builds,
which will result in bugs being caught earlier during development
instead of later during QA testing.
Test: builds, boots, SystemUI no longer crashes
Bug: 32976626
Change-Id: Ib2d1a73379be40556f8dab5d1f15b9ed91ba7082
When device upgrades from L->N, sid(in gatekeeper) could be 0
even primary profile screenlock is set.
We are now trying to catch the exception so when sid==0 happens,
it will try to tie profile lock again when primary profile is unlocked.
Bug: 32490092
Change-Id: I73011d872ac15e7e09be9bda0165cf7f6a75493a
This CL adds bookkeeping to DPMS which will allow us to tell the user
in the Settings UI whether/when the admin requested a bug report or
retrieved logs from the device.
Bug: 32692748
Test: Full DevicePolicyManagerTest unit test coverage; end-to-end tests
will follow as Settings CTS verifier tests
Change-Id: I89728fce4b7e0ff061b354c73caf3742e95a3a3e
For phase-2, instead of taking a hash prefix, we will send the
hostname to the resolver.
Bug: 25119046
Test: build & install the sample resolver and run 'adb shell am start -a android.intent.action.VIEW -c android.intent.category.BROWSABLE -d "https://www.tripadvisor.com/Tourism-g33020-San_Jose_California-Vacations.html"'
Change-Id: I6e621139e182f9a9cfcf608c26d4763f1379bdb2
For an app to either send or receive content change notifications,
require that they have some level of access to the underlying
provider.
Without these checks, a malicious app could sniff sensitive user data
from the notifications of otherwise private providers.
Test: builds, boots, PoC app now fails
Bug: 32555637
Change-Id: If2dcd45cb0a9f1fb3b93e39fc7b8ae9c34c2fdef
* changes:
Refactored setCurrentFunction and setUsbDataUnlocked into single method.
Clean up persistent usb state on boot.
Fixed handling of usb state during adb changes.
Caused by some recent refactoring. We now make sure the IME
has the higher animation layer in its base layer of the window
it is targeting.
Also, consolidated some of our test functions.
Bug: 32916670
Test: bit FrameworksServicesTests:com.android.server.wm.WindowLayersControllerTests
Change-Id: I0b1abd6fead981cfc810488cc785261abba5341d
