After an app publishes a shortcut that contains malformed intent, the
system can be stuck in boot-loop due to uncaught exception caused by
parsing the malformed intent.
This CL ignores that particular malformed entry. Since shortcuts are
constantly writes back into the xml from system memory, the malformed
entry will be removed from the xml the next time system persists
shortcuts from memory to file system.
Bug: 246540168
Change-Id: Ie1e39005a5f9d8038bd703a5bc845779c2f46e94
Test: manual
This app-generated input needs to not be too long to avoid errors in the process of writing to disk.
Bug: 242846316
Test: cts ConditionTest; atest ConditionTest; manually verified exploit apk is OK
Change-Id: Ic2fa8f06cc7a4c1f262115764fbd1be2a226b4b9
Merged-In: Ic2fa8f06cc7a4c1f262115764fbd1be2a226b4b9
(cherry picked from commit 81352c3775)
This will prevent bouncer interactions from showing up in
screenrecords or screenshots.
Fixes: 215005011
Test: atest StatusBarWindowControllerTest && take screenshot
with bouncer up
Merged-In: I3f59df865dc2dd13d4b9ac54bb2dacb7b23f0aa1
Change-Id: I8df2258863b8cede5ba112331e0446f534267ba2
After PUK unlock, multiple calls to
KeyguardSecurityContainerController#dismiss() were being called from
the KeyguardSimPukViewController, which begins the transition to the
next security screen, if any. At the same time, other parts of the
system, also listening to SIM events, recognize the PUK unlock and
call KeyguardSecurityContainer#showSecurityScreen, which updates which
security method comes next. After boot, this should be one of PIN,
Password, Pattern, assuming they have a security method. If one of the
first dismiss() calls comes AFTER the security method changes, this is
incorrectly recognized by the code as a successful
PIN/pattern/password unlock. This causes the keyguard to be marked as
done, causing screen flickers and incorrect system state.
The solution: every call to dismiss() should include a new parameter
for the security method used. If there is a difference between this
parameter and the current value in KeyguardSecurityContainerCallback,
ignore the request, as the system state has changed.
Bug: 218500036
Test: atest KeyguardSecurityContainerTest
Merged-In: I7c8714a177bc85fbce92f6e8fe911f74ca2ac243
Change-Id: I30226bc7b5eda9480d471b35fe81e106b0491ff8
BUG: 242996180
Test: adb shell pm uninstall --user 0 com.google.android.apps.work.oobconfig
Test: Verified with the command above. Before this CL, the package can
be deleted. After this CL, the deletion will fail.
Change-Id: Iba408e536b340ea5d66ab499442c0c4f828fa36f
(cherry picked from commit 15f85c7fa9)
Merged-In: Iba408e536b340ea5d66ab499442c0c4f828fa36f
Previously were unable to add new zen rules because rules added via the settings pages were getting registered under package "com.android.settings", which then were not considered "system rules". These rules should have package android, so when we can trust the caller (via checking that the caller is system) we should be taking the package name from the owner of the rule.
Bug: 245236706
Bug: 242537431
Test: NMSTest; manual
Change-Id: Id69b671592396ac3304862dadbe73de328a8e27a
Merged-In: Id69b671592396ac3304862dadbe73de328a8e27a
This change both prevents any rules from being unable to be written to disk and also avoids risk of running out of memory while handling all the zen rules.
Bug: 242703460
Bug: 242703505
Bug: 242703780
Bug: 242704043
Bug: 243794204
Test: cts AutomaticZenRuleTest; atest android.app.AutomaticZenRuleTest; manually confirmed each exploit example either saves the rule successfully with a truncated string (in the case of name & conditionId) or may fail to save the rule at all (if the owner/configactivity is invalid). Additionally ran the memory-exhausting PoC without device crashes.
Change-Id: I110172a43f28528dd274b3b346eb29c3796ff2c6
Merged-In: I110172a43f28528dd274b3b346eb29c3796ff2c6
(cherry picked from commit de172ba0d4)
This adds validation that the package name passed to
setApplicationRestrictions is in the correct format. This will avoid
an issue where a path could be entered resulting in a file being
written to an unexpected place.
Bug: 239701237
Test: atest UserManagerServiceTest
Change-Id: I1ab2b7228470f10ec26fe3a608ae540cfc9e9a96
(cherry picked from commit 31a582490d)
Merged-In: I1ab2b7228470f10ec26fe3a608ae540cfc9e9a96
instead of checking that of the configuration activity, which is potentially spoofable. The package name is verified to be the same app as the caller by NMS.
This change removes isSystemRule (called only once) in favor of checking the provided package name directly.
Bug: 242537431
Test: ZenModeHelperTest, manual by verifying via provided exploit apk
Change-Id: Ic7f350618c26a613df455a4128c9195f4b424a4d
Merged-In: Ic7f350618c26a613df455a4128c9195f4b424a4d
The service must have the CAPTURE_AUDIO_HOTWORD permission to access
AlwaysOnHotwordDetector. If it doesn't have the permission, return
STATE_HARDWARE_UNAVAILABLE state. If it is not granted the
RECORD_AUDIO permisison, it also can't start to recognize the audio.
Test: manual
Test: atest CtsVoiceInteractionTestCases
Test: atest CtsAssistTestCases
Bug: 229793943
Change-Id: I7d0f8d2f6af4bc4210060f0a44469db2afc7a1bb
Merged-In: I7d0f8d2f6af4bc4210060f0a44469db2afc7a1bb
The new Intent was delivered to a non-exported activity while
#navigateUpTo was called from an Activity of a different uid.
Bug: 238605611
Test: atest StartActivityTests
Change-Id: I854dd825bfd9a2c08851980d480d1f3a177af6cf
Merged-In: I854dd825bfd9a2c08851980d480d1f3a177af6cf
This addresses a security issue where the guest user can remove updates
for system apps.
With this CL, attempts to uninstall/downgrade system apps will fail if
attempted by a non-admin user, unless the DELETE_SYSTEM_APP flag is
specified.
This is a fixed version of ag/17400663, to address b/236578018.
Bug: 170646036
Test: manual, try uninstalling system app update as guest
Change-Id: I5eab215cba6528aa4316ed7b20bee544915c1486
These windows can only be placed on private virtual displays, and as
such they should not be considered when deciding if an application has
any visible windows or not.
Bug:205130886
Test:Manually verified that sample from 205130886 no longer allows
background activity launches
Test: atest CtsActivityManagerBackgroundActivityTestCases
Change-Id: I76208722bbb7a407ba1f2dc4305a28226166414d
Merged-In: I76208722bbb7a407ba1f2dc4305a28226166414d
It was shown that given a large phoneAccountHandles that are
over 1 mb, a TransactionTooLarge exception can be silently thrown
causing an empty list to be returned.
In order to prevent this behavior, all Lists that return a
PhoneAccountHandle or PhoneAccount have been switched to
ParceledListSlice.
bug: 236263294
Test: atest android.telecom.cts.PhoneAccountRegistrarTest
#testRegisterPhoneAccountHandleWithFieldOverLimit
Change-Id: I025245b2a6f8cfaca86f268851a9d8f0817e07dd
Merged-In: I025245b2a6f8cfaca86f268851a9d8f0817e07dd
Exempting the system as a runtime restart is not clearly
better than extreme memory and computation pressure that can result from
the originating spam.
Callers in the system should guard against any spammy requests that lead
them to create a lot of alarms.
Test: Builds, boots and existing tests should pass.
atest CtsAlarmManagerTestCases:UidCapTests
atest FrameworksMockingServicesTests:AlarmManagerServiceTest
Bug: 234441463
Change-Id: Id5e94d44ac9ab24870a8213ec7583da0f592a5ff
(cherry picked from commit 3b9f3f4a0f)
Merged-In: Id5e94d44ac9ab24870a8213ec7583da0f592a5ff
This reverts commit a7621e0ce0.
Reason for revert: Regression, DELETE_SYSTEM_APP flag no longer works
Change-Id: I7386d1ba3d61b95836b85c52214c83b216c478e8
This means that a single package with multiple different condition providers or configuration activities will correctly have all of their zen rules associated with the same package rather than each owner/activity having their rules counted separately.
Bug: 235823407
Test: ZenModeHelperTest
Change-Id: I35daf9a24f546ae25a78a2d841be39072cdc5641
Merged-In: I35daf9a24f546ae25a78a2d841be39072cdc5641
(cherry picked from commit f4e69394ee)
Test: manually revoke access for a DND app that has rules
created before and after b/189332346
Bug: 191773100
Bug: 189332346
Bug: 235823407
Change-Id: I069fcc124af24227fa50b61d4fc55d6dadc7a20b
Merged-In: I069fcc124af24227fa50b61d4fc55d6dadc7a20b
(cherry picked from commit b4fe101e5e)
