Members modified herein are suspected to be false positives: i.e. things
that were added to the greylist in P, but subsequent data analysis
suggests that they are not, in fact, used after all.
Add a maxTargetSdk=P to these APIs. This is lower-risk that simply
removing these things from the greylist, as none of out data sources are
perfect nor complete.
For APIs that are not supported yet by annotations, move them to
hiddenapi-greylist-max-p.txt instead which has the same effect.
Exempted-From-Owner-Approval: Automatic changes to the codebase
affecting only @UnsupportedAppUsage annotations, themselves added
without requiring owners approval earlier.
Bug: 115609023
Test: m
Change-Id: Ia937d8c41512e7f1b6e7f67b9104c1878b5cc3a0
Merged-In: I020a9c09672ebcae64c5357abc4993e07e744687
The app is not started yet, and does not contain any service for now.
Test: built, booted
Bug: b/112869080
Change-Id: Id5a0fd02c891100e85d86b1040e53beec3581950
extras == null is documented to result in all extras being
erased, and the implementation handles it correctly. The
@NonNull annotation on Bundle extras is therefore wrong.
This CL replaces it with the correct annotation, @Nullable.
The incorrect annotation was introduced in April 2017
(commit 30e06bb668). I've
looked through the other changes to Intent.java in that
commit but have found no further nullability annotation
errors.
Bug: 121438778
Test: Treehugger
Test: Looked through the other nullability annotations on
Intent.java introduced by the same commit
30e06bb668 (Apr 2017)
but found no further errors.
Change-Id: Iebbe17abc5c97146533e82114fbaf1d7036fd03a
This is due to being compatible with other RCS related changes by by other engineers.
Test: Existing tests pass
Bug: 109759350
Change-Id: Id56df22e9c313c5e0700eda3b2c489d2f84ea0cd
Merged-In: Id56df22e9c313c5e0700eda3b2c489d2f84ea0cd
* changes:
Add MATCH_APEX flag to getInstalledPackages.
Rename APEX installPackage method to stagePackage.
Initial support for installing APEX via adb.
If set, PackageManager will query apexservice and ask for activated
packages.
Test: wrote a small app to test the new query.
Bug: 117589375
Merged-In: I498bd97896f3eab65c88e9684874a30713be585e
Change-Id: I498bd97896f3eab65c88e9684874a30713be585e
Change 1/2. Change 2/2 will setup the class loader namespace for
shared libraries.
This change sets up shared libraries class loaders for applications
and for dexopt.
bug: 111174995
Test: DexoptUtilsTest, device boots
Exempt-From-Owner-Approval: PS1 was approved by owner, PS2 is a build fix.
(cherry picked from commit 8d144eb8bd)
Merged-In: Ie9a2b4eaa85cda59951703433f7a2d03bc12095d
Change-Id: I76383308418485ad6739f8a404d02c2771e4afe4
Developers often accept selection clauses from untrusted code, and
SQLiteQueryBuilder already supports a "strict" mode to help catch
SQL injection attacks. This change extends the builder to support
update() and delete() calls, so that we can help secure those
selection clauses too.
Extend it to support selection arguments being provided when
appending appendWhere() clauses, meaning developers no longer need
to manually track their local selection arguments along with
remote arguments.
Extend it to support newer ContentProvider.query() variant that
accepts "Bundle queryArgs", and have all query() callers flow
through that common code path. (This paves the way for a future
CL that will offer to gracefully extract non-WHERE clauses that
callers have tried smashing into their selections.)
Updates ContentValues to internally use more efficient ArrayMap.
Bug: 111268862
Test: atest frameworks/base/core/tests/utiltests/src/com/android/internal/util/ArrayUtilsTest.java
Test: atest cts/tests/tests/database/src/android/database/sqlite/cts/SQLiteQueryBuilderTest.java
Merged-In: I60b6f69045766bb28d2f21a32c120ec8c383b917
Change-Id: I60b6f69045766bb28d2f21a32c120ec8c383b917
New category of hidden API has been created. Update the script
generate_hiddenapi_lists.py with the new flag name.
Test: m, phone boots
Change-Id: I79e5478678880939e20e500cb8dad9b2a56fc84f
This change fixes the RcsManager setup and adds an empty RcsThread class. Please see go/rcs-in-telephony-doc for details.
Test: Builds fine
Bug: 109759350
Merged-in: Ie3fe476ab11d515ffab6dcc6ccf5ec801a4c9057
Change-Id: Ie3fe476ab11d515ffab6dcc6ccf5ec801a4c9057
Remove the distinction between pre-P and P apps and simplify the flags
to ENABLED, DISABLED and JUST_WARN.
Test: m
Merged-In: I87ef00a15ac9a3abfaeb011bbd8804b216f26c90
Change-Id: I31a6464bd95143e6242d043547a6a9ae8f9888bb
Also made sure we can handle null classpaths.
Test: atest -p services/core/java/com/android/server/pm/dex
Bug: 111336847
Change-Id: Idabf3fb9a09a0764e805679ac29cd8455e8dc267
Based on some analysis, these fields/methods are likely false positives.
Set maxTargetSdk=P so that any apps using them are required to migrate off
them in future. See the bug for more details.
Exempted-From-Owner-Approval: Automatic changes to the codebase
affecting only @UnsupportedAppUsage annotations, themselves added
without requiring owners approval earlier.
Bug: 115609023
Test: m
Merged-In: I719b5c94e5b1f4fa562dd5d655953422958ad37e
Change-Id: I719b5c94e5b1f4fa562dd5d655953422958ad37e
(cherry picked from commit 8c854f86a4)
The path-permission element offers prefix or regex style matching of
paths, but most providers internally use UriMatcher to decide what
to do with an incoming Uri.
This causes trouble because UriMatcher uses Uri.getPathSegments(),
which quietly ignores "empty" paths. Consider this example:
<path-permission android:pathPrefix="/private" ... />
uriMatcher.addURI("com.example", "/private", CODE_PRIVATE);
content://com.example//private
The Uri above will pass the security check, since it's not
technically a prefix match. But the UriMatcher will then match it
as CODE_PRIVATE, since it ignores the "//" zero-length path.
Since we can't safely change the behavior of either path-permission
or UriMatcher, we're left with recovering these shady paths by
trimming away zero-length paths.
Bug: 112555574
Test: atest android.appsecurity.cts.AppSecurityTests
Test: atest FrameworksCoreTests:android.content.ContentProviderTest
Merged-In: Ibadbfa4fc904ec54780c8102958735b03293fb9a
Change-Id: Ibadbfa4fc904ec54780c8102958735b03293fb9a
(cherry picked from commit c084ddbf82)
If an app was in the TOP state and immediately moved
to a foreground service state, then try harder to keep it
in memory for another 20 seconds before releasing the
memory to bound foreground services. Using an oom_adj value
of 50 which is between "fore" and "vis". So BFGS apps might
get killed ("vis") before this recently FGS'ed app. That
way any app that has a lot of state in memory that it needs
to persist before getting killed has a chance to do so.
Also bind NotificationListeners with a special bind flag
to rank them below FGS (perceptible adj) so that they
can be killed before any other foreground services or
bound services get killed.
Bug: 110969183
Test: Manual for now. Take a bunch of portrait
pictures and hit home, while being under memory
pressure with a bunch of notification listeners.
Change-Id: Ie8934c2331afe6450c582b209869aeca7272f58a
Merged-In: Ie8934c2331afe6450c582b209869aeca7272f58a
(cherry picked from commit b735830a1e)
These two libraries:
android.hidl.base-V1.0-java
android.hidl.manager-V1.0-java
were removed from BOOT_JARS. This change disallows them to be used on
the classpath >= Q. They are still allowed to be used <= P for legacy
reasons.
Test: atest android.content.pm.AndroidHidlUpdaterTest
Test: build & boot Pixel 2
Fixes: 77307025
Change-Id: I7752812318030cbaa15f42301c168371ceade901
