A malicious application could overlay the activity. The overlay is
able to be tapped through, which can trick the user into starting a
harmful activity.
The CL added the flag SYSTEM_FLAG_HIDE_NON_SYSTEM_OVERLAY_WINDOWS for
the activity to prevent the tapjacking/overlay attack.
Bug: 205595291
Test: atest CtsHarmfulAppWarningHostTestCases
Change-Id: Ia1a1ae0dc451e04bf5c31e3cb8cf30a0d8e32991
(cherry picked from commit a04b3666b8)
Prevents non-system apps from placing a window over the app selection
screen.
Bug: 143559931
Test: Installed test app and attempted to overlay
Change-Id: Ied05088a5007e0f10cd3e1abd8d7da8ffeb3b674
Merged-In: Ied05088a5007e0f10cd3e1abd8d7da8ffeb3b674
(cherry picked from commit 34534e1fd2)
Currently, we keep the process up even if the user switches,
meaning that in some cases (if the user is switched while the
screenshot UI is up) we will save images to the wrong profile.
This change makes ScreenshotHelper listen for user switches and
close the screenshot service, so that a new screenshot is
guaranteed to be constructed with the correct user's context.
Bug: 170474245
Fix: 170474245
Test: manual -- verified bad state occurs if user switches within
the timeout period, ensured that screenshots work immediately
after switching with this change.
Change-Id: I9d32d0928e6c2bda161d04555438d0dd7afef0ba
(cherry picked from commit 7ef1a5dd15)
DO NOT CHERRY PICK ANYWHERE: Security issue
This API is meant to grant an app complete verification over the
domains it has declared, meaning it will always resolve the domains it
declares for web links.
This can allow an app to take over links that are unowned. Any time a
user selects "Always" when resolving an Intent in the diambiguation
dialog, this API would be called, and all subsequent resolutions of any
domain declared by the app selected would be automatically directed to
that app, with no prompt to the user.
From a quick search, it's possible that all usages of this API are
actually unintended and should be removed. Should be considered for
deprecation in the future.
Bug: 163358811
Test: none, this is not generally testable, see linked bug for context
Merged-In: Iff7f788a83af68c7fbb1c6b9a8be7b47136be2b6
Change-Id: Iff7f788a83af68c7fbb1c6b9a8be7b47136be2b6
When the file is deleted, renamed or moved, revoke all uri
permissions with the file
Bug: 157474195
Test: manual test with DocumentsUI
Test: atest DocumentsTest#testAfterMoveDocumentInStorage_revokeUriPermission
Change-Id: I4ffb183630aadb2d87b0965e8cecf88af15f4534
Merged-In: I4ffb183630aadb2d87b0965e8cecf88af15f4534
(cherry picked from commit 9efd606f43)
Some apps rely on not updating the window format when changing the
background of the DecorView. To keep the compatibilty with these app we
add only call DecoreView.drawableChanged() when the window background is
changed on app targetting Q and above.
Test: Manually test by lunching Instagram TV and pressing return twice.
The window should aninate with no flickering.
Bug: 136987724
Change-Id: I3593d30dc6f10519008151974e475f0dad86fc64
This is a CP of http://ag/8687829
Bug: 138308096
Test: atest SystemUITests
Change-Id: I9e2b22b157c45da1606466acdfff3c5de7f182e1
Merged-In: I9fa4d1344bb184dea00f92f8d265667f0be11466
(Goodbye, hypno-P and your '90s tech magazine color palette.)
Bug: 123903304
Test: adb shell am start -n android/com.android.internal.app.PlatLogoActivity
Test: adb shell am start -c com.android.internal.category.PLATLOGO -a android.intent.action.MAIN
Test: adb shell am start -n com.android.egg/.paint.PaintActivity # still works
Change-Id: I4865024a14b6a78e7a043c56d2330b5f9dd214c6
Merged-In: I4865024a14b6a78e7a043c56d2330b5f9dd214c6
Users are incorrectly being directed to the settings app when
selecting 'Always', making them unable to actually open an app through
the resolver.
Bug: 132071949
Test: Steps are reported in b/136451610
Change-Id: I11775d7b0b780195f08273ad2b90b8ecd2ee1db4
When mutiple apps share shortcuts and are given to the UI to display,
the ranked order from both the App Prediction Service and the legacy
ranker is inadvertently being discarded. This means that targets the
user almost never uses will now be shown as high priority, causing
confusion and pretty horrible user experience.
Address the issue by adding in a score for shortcuts, based on the
index in the ordered list.
Bug: 136201796
Test: atest ChooserActivityTest and manually compare results from
AppPredictionService to verify order is consistent
Change-Id: I1fe2c2d2e13195f6f6c3a5818fade4844c15488e
In Q, these APIs were either:
- removed from the greylist entirely without good reason
- Moved to the restricted greylist without any public alternative
information added
So they are being moved back to the greylist for Q.
Test: Treehugger
Bug: 136102585
Change-Id: I5ac8b8b9b23c3789d80239cf456072cc7dfa1203
When a URL is detected and all resolved targets are browsers, allow
the user to set a default browser from the Resolver. If one of the
options is an App and not a browser (as defined by
ResolveInfo.handleAllWebDataURI) then direct the user to the settings
page where they can make changes to set the default app for particular
URLs.
On the settings page, highlight the correct setting to change so it's
clear to the user.
Bug: 132071949
Test: Manually resolve URLs with multiple browsers and apps like Reddit/Twitter
Change-Id: Ib8f867a020ecfbb73fa5f1d7db84890c72e4842d
...because only invalidating the root window node will ensure that
onPostDraw() will be called again.
Test: Open com.planeth.rhythm
Fixes: 135207159
Change-Id: I03f814eb7435d91287968f3dcb72f579ab4a35ed
Also adds a phenotype flag to enable handles in the learned state once
per day.
Test: Tested locally
BUG:132983599
Change-Id: I21e422382e62ee098cd6ff76d6b764db98be0cb7
Merged-In: I21e422382e62ee098cd6ff76d6b764db98be0cb7
- Also save the scale with the snapshot data instead of trying to infer it
from the state
- Also recycle the reduced resolution snapshot copy after writing it
Bug: 135150767
Test: atest TaskSnapshotPersisterLoaderTest
Change-Id: I64a9ccf16f3966ad5c6d07ff0b6ce8e9dd710e40
When starting a new batteystats history file, before inserting a new
CMD_CURRENT_TIME HistoryItem at beginning of the history
buffer, make a copy of the current HistoryItem. Otherwise the current
HistoryItem could be overriden by the CMD_CURRENT_TIME and we lose
a HistoryItem.
In b/130083227, the longwake start event happends before opening the new
history file, after CMD_CURRENT_TIME event, the longwake finish event
is missing. The fix is to make a copy of current HistoryItem before
adding CMD_CURRENT_TIME event.
Change-Id: I5048f98b6b47f54336fb01e354fb5a6284c84b43
Fix: 130083227
Test: b/130083227 can be reproduced by createFakeHistoryEvents() call,
missing longwake finish event can be seen after "TIME:" record. With the
fix, no more missing longwake finish event after "TIME:" record.
“adb shell dumpsys batterystats --history-create-events 50000” to
create enough events to start new history files,
“adb shell dumpsys batterystats --history” to observe all history records.
If we only use a view for it, it may not be visible depending on
what the app will do with the DecorView, i.e. set a weird clip
region. To fix that, we also draw the legacy navigation bar
background separately in a post-draw callback.
Test: TikTok
Test: Material app is still able to set bar color
Fixes: 131211797
Change-Id: Id744b98780f8f7f6dcd3482803a680a8f93be4c5
- Always use white text with shadows on media
- Use lock screen colors for shade theme
- Remove legacy wallpaper visibility listener
- Remove shadow from black title
Test: set white wallpaper
Test: set dark wallpaper
Test: set dark wallpaper on home, light on ls
Test: set dark wallpaper on ls, light on home
Test: atest SysuiColorExtractorTests
Fixes: 134119878
Change-Id: I64ee2dee14322b2c02891c3ffe5fc0b25d1f100b
Merged-In: I64ee2dee14322b2c02891c3ffe5fc0b25d1f100b
This patch partially reversts ag/6991475 and ag/7161709. These changes
are no longer needed due to a change in the graphics driver strategy for
Q.
In addition, the preloading of the graphics driver in the USAPs need to
be removed to avoid causing a memory regression on devices with graphics
driver preloading in the Zygote disabled.
Bug: 134526352
Test: Treehugger
Change-Id: I570037866d1ae90794c711622e6045ebbffa5b9c
Merged-In: I570037866d1ae90794c711622e6045ebbffa5b9c
(cherry picked from commit fcd68fd74b)
Fixes several issues with the status guard:
- poor background color for light status bar background
- guard & action mode need insets for the navigation bar in landscape
- status guard was not properly dismissed after completion of the action mode
- uses the proper non-zero root inset when LAYOUT_HIDE_NAVIGATION is unset & in landscape
Bug: 132924796
Test: make ApiDemos, use SystemUiModes activity to trigger action mode
Change-Id: Ie9ba2b6fb2c87a1825df85f756ffb062a45d4f55
