As part of fixing a recent security issue, DownloadManager now needs
to issue Uri permission grants for all downloads. However, if an app
that requested a download is upgraded or otherwise force-stopped,
the required permission grants are removed.
We could tell DownloadManager about the app being stopped, but that
would be racy (due to background broadcast), and waking it up would
degrade system health. Instead, as a special case we now only
consider clearing DownloadManager permission grants when app data
is being cleared.
Bug: 32172542, 30537115
Test: builds, boots, app upgrade doesn't clear grants
Change-Id: I7e3d4546fd12bfe5f81b9fb9857ece58d574a6b9
(cherry picked from commit 23ec811266)
For an app to either send or receive content change notifications,
require that they have some level of access to the underlying
provider.
Without these checks, a malicious app could sniff sensitive user data
from the notifications of otherwise private providers.
Test: builds, boots, PoC app now fails
Bug: 32555637
Change-Id: If2dcd45cb0a9f1fb3b93e39fc7b8ae9c34c2fdef
This patch creates a new permission used by ConnectivityService to give
access to restricted networks without the NET_CAPABILITY_NOT_RESTRICTED
capability bit on.
Bug: 24497316
Change-Id: I5b6c8a9ef14395b2f1ab26cb17b24d7876ec79f1
We close the android logging related sockets prior as late as possible
before every fork to avoid having to whitelist them. If one of the
zygote's children dies after this point (but prior to the fork), we can
end up reopening the logging sockets from the SIGCHLD signal handler.
To prevent this from happening, block SIGCHLD during this critical
section.
Bug: 32693692
Test: Manual
(cherry picked from commit e9a525829a)
Zygote: Unblock SIGCHLD in the parent after fork.
Follow up to change e9a525829a. Allows the zygote to
receive SIGCHLD again and prevents the zygote from getting into a
zombie state if it's killed.
Contributed-By: rhed_jao <rhed_jao@htc.com>
Bug: 32693692
Test: manual
(cherry picked from commit c7161f756e86b98f2244a04d9207b47149965fd7)
Change-Id: If89903a29c84dfc9b056f9e19618046874bba689
On M and below, we provide a blanket whitelist for all files under
"/vendor/zygote_whitelist". This path is whitelisted purely to allow
this patch to be applied easily on legacy devices and configurations.
Note that this does not amount to a loosening of our security policy
because whitelisted files are reopened anyway.
Bug: 32691930
Test: manual
Change-Id: If5b53f6f0a707f8d36603c09bfd3f72dbfbbbb99
Partially cherry picked from commit 1c15c63578.
These files are safe to reopen for the same reason that files in
/system/framework are. They're regular files and will not change after
the first zygote fork.
Bug: 32618130
Change-Id: I119e0bfcbf397cb331064adf148d92a5cd3ea92f
Partially cherry picked from commit 1c15c63578.
These files are safe to reopen for the same reason that files in
/system/framework are. They're regular files and will not change after
the first zygote fork.
Bug: 32618130
Change-Id: I119e0bfcbf397cb331064adf148d92a5cd3ea92f
from AOSP: https://android-review.googlesource.com/#/c/209490/
Frameworks supported a mature mechanism for shader cache per each package already,
but as a special case such as Settings APP, if there are several packages in this
application which means that multiple packages shared the same SharedUserID with it,
it won't initialize the graphics disk caches, thereby APP like Settings have to
rebuild and relink shader every time during launch, which cause a bad launching
performance, so here to enable the GFX and RS cache initialization for multiple
shared packages case too.
Change-Id: If0f927e3399b775804abf1d9a868887951f471c5
Signed-off-by: Shuo Gao <shuo.gao@intel.com>
Signed-off-by: Zhiquan Liu <zhiquan.liu@intel.com>
from AOSP: https://android-review.googlesource.com/#/c/183305/
On the critical path of the cold launch of applications
the main thread of the started application tells the RenderThread
to create a surface. This process is synchronous and blocks
the main thread of the application until the creation
of the EGLContext is complete.
As a consequence the launch time of the application is delayed
by time spent allocating the EGL Context in the RenderThread.
With this optimization the launch time of any application
is improved (for example settings by 20 to 40 ms).
Change-Id: Ibf47aaa0abb8dedf7aa00693073db3785d9d6b08
Signed-off-by: Thomas Buhot <thomas.buhot@intel.com>
Signed-off-by: Zhiquan Liu <zhiquan.liu@intel.com>
Added a service that listens whether emergency affordances
are necessary.
If the they are needed, it adds an option to the
global actions dialog that directly launches the
emergency call and also adds a long-press listener
to the keyguard emergency button.
Test: adb shell settings put global force_emergency_affordance 1 && adb shell settings put global emergency_affordance_number 111112
Bug: 30404490
Change-Id: Ib96a15da2ef4b568a8d77140ebca6aa6f20f5ddb
