Block touches from passing through activities by adding a dedicated
surface that consumes all touches that would otherwise pass through the
bounds availble to the Activity.
Bug: 194480991
Test: atest CtsWindowManagerDeviceTestCases:ActivityRecordInputSinkTests
Test: atest CtsWindowManagerDeviceTestCases:CrossAppDragAndDropTests
Test: atest CtsWindowManagerDeviceTestCases:PinnedStackTests
Test: Manually ran through go/wm-smoke (verified pip and splitscreen
still work)
Test: Manually verfied that freeform windows work and don't consume
touches outside their bounds
Change-Id: I01b35e34a63868dead4e728a3d359ae0942302f9
Verify the input PAC Uri before performing follow-up actions.
Check if the URL is a valid URL to filter some invalid URLs since
these invalid URLs could not fall into any subclass of existing
URLConnections. When the PAC Uri is other invalid URL scheme, it
will cause an UnsupportedOperationException if there is no proper
subclass that implements the openConnection() method.
A malformed URL may crash the system.
Even it's a valid URL, some subclasses(e.g. JarURLConnection)
may not have openConnection() implemented. It will also hit the
problem, so convert the possbile exception from openConnection()
to re-throw it to IOException which is handled in the existing
code.
Bug: 219498290
Test: atest FrameworksNetTests CtsNetTestCases
Test: Test with malformed URL
Merged-In: I22903414380b62051f514e43b93af992f45740b4
Merged-In: I2abff75ec59a17628ef006aad348c53fadbed076
Change-Id: I4d6cec1da9cf3f70dec0dcf4223254d3da4f30a3
(cherry picked from commit 6390b37a3b)
This reverts commit 012cace2ee.
Reason for revert: This CL depends on ag/17823648, which is not merged into qt-qpr1-dev.
Change-Id: I503bcc1e979dd4db941cb7754f63a0dc35ce9682
The root task was created with null intent, but the intent,
resize mode and other information were updated from child tasks,
which sets the split-screen-secondary root task to unresizable.
This CL is back porting from f666e494af to prevent setting the
split-screen-secondary root task to unresizable.
Bug: 230435065
Bug: 185810717
Test: atest IntentTests
atest ActivityStarterTests
atest TaskRecordTests
atest testSplitscreenPortraitAppOrientationRequests
Change-Id: I856d66371ac121f681958a7129527f18a5357d0f
Occasionally ILockSettings can fail to be initialized otherwise
Fixes: 232714129
Test: boot (and eventually bootstress/reboot-long)
Change-Id: I2f9f9bdba37f4ebfaea56c1a6662f0474ae8a002
Merged-In: I2f9f9bdba37f4ebfaea56c1a6662f0474ae8a002
(cherry picked from commit 8e278543bd)
Occasionally ILockSettings can fail to be initialized otherwise
Fixes: 232714129
Test: boot (and eventually bootstress/reboot-long)
Change-Id: I2f9f9bdba37f4ebfaea56c1a6662f0474ae8a002
Merged-In: I2f9f9bdba37f4ebfaea56c1a6662f0474ae8a002
(cherry picked from commit 8e278543bd)
Make sure only the app currently interacting with the IME can
query this, and restrict the API to apps targeting SDKs before T
Fixes: 204906124
Test: atest 'InputMethodManagerTest#getInputMethodWindowVisibleHeight_returnsZeroIfNotFocused'
Change-Id: If1da19a3dd8c29542afc970b4b201d87547c27a9
Merged-In: If1da19a3dd8c29542afc970b4b201d87547c27a9
Make sure only the app currently interacting with the IME can
query this, and restrict the API to apps targeting SDKs before T
Fixes: 204906124
Test: atest 'InputMethodManagerTest#getInputMethodWindowVisibleHeight_returnsZeroIfNotFocused'
Change-Id: If1da19a3dd8c29542afc970b4b201d87547c27a9
Merged-In: If1da19a3dd8c29542afc970b4b201d87547c27a9
This is to stop spoofed packageName to pretend to be allowListed
packageName so it can bypass the BG-FGS restriction. This applies to
both BG-FGS while-in-use restriction and BG-FGS-start restriction
since these two restrictions are related.
Bug: 216695100
Bug: 215003903
Test: atest cts/tests/app/src/android/app/cts/ActivityManagerFgsBgStartTest.java#testSpoofPackageName
Change-Id: Ic14fc331a9b5fbdbcfe6e54a31c8b765513bfd89
Merged-In: Ic14fc331a9b5fbdbcfe6e54a31c8b765513bfd89
BYPASS_INCLUSIVE_LANGUAGE_REASON=Legacy API
Clear mInterface before calling resetIkeState() in
onDefaultNetworkChanged().
resetIkeState() will trigger interfaceRemoved() to be called.
If mInterface is set, interfaceRemoved() will clear
Ikev2VpnRunner which makes VPN disconnect.
This issue can be reproduced when device establishes VPN
connection with mobile data first then connects to wifi.
In this case, onLost() for mobile data will not be called
because there is a new network(wifi) can satisfy the request,
so only onAvailable() for wifi will be called.
Which means onSessionLost() will not be called and only
onDefaultNetworkChanged() will be called, which makes that
mInterface is not cleared before interfaceRemoved() is called.
Bug: 219546241
Test: Check if VPN is still there when establishing VPN with
mobile data first, then connect to wifi and disconnect
wifi.
Change-Id: I7f9a1d9afd2a40762e9fac68edf1fb8ae75df8bc
(cherry picked from commit 520cc2fde3)
Merged-In: I7f9a1d9afd2a40762e9fac68edf1fb8ae75df8bc
This reverts commit 1ca6f8ddb8.
Reason for revert: DroidMonitor: Potential culprit for Bug 231171562 - verifying through ABTD before revert submission. This is part of the standard investigation process, and does not mean your CL will be reverted.
Change-Id: Ib5819de2ce4e60deae5676eed9947cbbb759be10
This CL makes the following modifcations:
1. Add LockPatternUtils.StrongAuthTracker to monitor
the lockdown mode status of the phone.
2. Call mListeners.notifyRemovedLocked with all the
notifications in the mNotificationList when entering
the lockdown mode.
3. Call mListeners.notifyPostedLocked with all the
notifications in the mNotificationList when exiting
the lockdown mode.
4. Dismiss the function calls of notifyPostedLocked,
notifyRemovedLocked, and notifyRankingUpdateLocked
during the lockdown mode.
The CL also adds corresponding tests.
Bug: 173721373
Test: atest NotificationManagerServiceTest
Test: atest NotificationListenersTest
Test: manually verify the paired device cannot receive
notifications when the host phone is in lockdown mode.
Ignore-AOSP-First: pending fix for a security issue.
Change-Id: I7e83544863eeadf8272b6ff8a9bb8136d6466203
Merged-In: I7e83544863eeadf8272b6ff8a9bb8136d6466203
(cherry picked from commit 3cb6842a05)
This CL makes the following modifcations:
1. Add LockPatternUtils.StrongAuthTracker to monitor
the lockdown mode status of the phone.
2. Call mListeners.notifyRemovedLocked with all the
notifications in the mNotificationList when entering
the lockdown mode.
3. Call mListeners.notifyPostedLocked with all the
notifications in the mNotificationList when exiting
the lockdown mode.
4. Dismiss the function calls of notifyPostedLocked,
notifyRemovedLocked, and notifyRankingUpdateLocked
during the lockdown mode.
The CL also adds corresponding tests.
Bug: 173721373
Test: atest NotificationManagerServiceTest
Test: atest NotificationListenersTest
Test: manually verify the paired device cannot receive
notifications when the host phone is in lockdown mode.
Ignore-AOSP-First: pending fix for a security issue.
Change-Id: I7e83544863eeadf8272b6ff8a9bb8136d6466203
Merged-In: I7e83544863eeadf8272b6ff8a9bb8136d6466203
(cherry picked from commit 3cb6842a05)
* changes:
[RESTRICT AUTOMERGE] Log to EventLog on prepareUserStorage failure
[RESTRICT AUTOMERGE] Ignore errors preparing user storage for existing users
[RESTRICT AUTOMERGE] UserDataPreparer: reboot to recovery for system user only
[RESTRICT AUTOMERGE] UserDataPreparer: reboot to recovery if preparing user storage fails
[RESTRICT AUTOMERGE] StorageManagerService: don't ignore failures to prepare user storage
Check user unlocked before write to /data/system_ce/0/snapshots
* changes:
[RESTRICT AUTOMERGE] Log to EventLog on prepareUserStorage failure
[RESTRICT AUTOMERGE] Ignore errors preparing user storage for existing users
[RESTRICT AUTOMERGE] UserDataPreparer: reboot to recovery for system user only
[RESTRICT AUTOMERGE] UserDataPreparer: reboot to recovery if preparing user storage fails
[RESTRICT AUTOMERGE] StorageManagerService: don't ignore failures to prepare user storage
MPPE cannot work if PAP is used as authentication, so it is not useful
to allow PAP authentication when MPPE is enforced: establishing the
tunnel would fail anyway with "MPPE required, but MS-CHAP[v2] auth not
performed".
Also users enforcing MPPE may assume that this means PAP will not be
used for authentication, so without this change MPPE enforcement gives a
false sense of security, as PAP uses plain-text credentials.
Bug: 201660636
Test: atest VpnTest
Merged-In: Ie318d45fe44294e97cf38da7f1834cf014cb4417
Change-Id: Ie318d45fe44294e97cf38da7f1834cf014cb4417
(cherry picked from commit 997a4a3926)
NPE happens when there is an orphaned session which we've
tried to prevent in all cases.
Log an error message if this situation happens.
Bug: 227342978
Test: atest CtsRootPackageInstallerHostTestCases
Change-Id: Ia21323926bd9db1a6f05461904deb45b4c3dd0bc
(cherry picked from commit 07e31dfb1e)
Merged-In: Ia21323926bd9db1a6f05461904deb45b4c3dd0bc
