* changes:
[automerger] Update internal ViewPager's SavedState to match Support Library version am: 187964aca1 am: 4c24e4d831 am: fece305de0 am: cb362192e8 am: bc42f76941 am: c42091667c
[automerger] Update internal ViewPager's SavedState to match Support Library version am: 187964aca1 am: 4c24e4d831 am: fece305de0 am: cb362192e8 am: bc42f76941
[automerger] Update internal ViewPager's SavedState to match Support Library version am: 187964aca1 am: 4c24e4d831 am: fece305de0 am: cb362192e8
[automerger] Update internal ViewPager's SavedState to match Support Library version am: 187964aca1 am: 4c24e4d831 am: fece305de0
[automerger] Update internal ViewPager's SavedState to match Support Library version am: 187964aca1 am: 4c24e4d831
[automerger] Update internal ViewPager's SavedState to match Support Library version am: 187964aca1
Update internal ViewPager's SavedState to match Support Library version
Length of the last array in readFromParcel should be the same as
value of mNextIndex.
Test: PoC app in the bug
Bug: 73252178
Change-Id: I69f935949e945c3a036b19b4f88684d906079ea5
There was an asymmetry between parcelling and unparcelling of
VerifyCredentialResponse that could lead to type confusion if
packed with other objects in a Parcel.
Test: none
Bug: 71714464
Change-Id: Icff68879e249422ccca49f2bb7db85c35b4cb353
Please see commit 3082eb7c72 for an
explanation of this change.
This capability is not used by system_server.
Bug: 34951864
Bug: 38496951
Test: code compiles, device boots, no selinux errors ever reported.
Change-Id: I4242b1abaa8679b9bfa0d31a1df565b46b7b3cc3
(cherry picked from commit 35775783fc)
Commit https://android.googlesource.com/kernel/common/+/f0ce0eee added
CAP_SYS_RESOURCE as a capability check which would allow access to
sensitive /proc/PID files. system_server uses this capability to collect
smaps from managed processes. Presumably this was done to avoid the
implications of granting CAP_SYS_PTRACE to system_server.
However, with SELinux enforcement, we can grant CAP_SYS_PTRACE but not
allow ptrace attach() to other processes. The net result of this is that
CAP_SYS_PTRACE and CAP_SYS_RESOURCE have identical security controls, as
long as system_server:process ptrace is never granted.
Add CAP_SYS_PTRACE to the set of capabilities granted to system_server.
Don't delete CAP_SYS_RESOURCE for now. SELinux has blocked the use of
CAP_SYS_RESOURCE, but we still want to generate audit logs if it's
triggered. CAP_SYS_RESOURCE can be deleted in a future commit.
Bug: 34951864
Bug: 38496951
Test: Device boots, functionality remains identical, no sys_resource
denials from system_server.
Change-Id: I2570266165396dba2b600eac7c42c94800d9c65b
(cherry picked from commit 3082eb7c72)
On FBE devices, don't save the metrics to disk but compute them when the
password is first entered and only store them in RAM.
Merged-in: 5daf273b7e
Bug: 32793550
Change-Id: Icee7f615167761177b224b342970a36c7d90f6ba
The emergency call was not launched in the current user
and therefore was only launching once the user had switched.
Change-Id: If6f3bcf77d88a0658b6e0f91f7e4da5d6264b04f
Fixes: 32424103
Test: manual: switch to secondary user and launch emergency affordance
Allows configuring notification and sensor triggers
separately. Introduces a helper class that hosts the
logic for determining what kinds of triggers a device
supports.
Bug: 32073185
Change-Id: Ie7e8eb6b895dcc54e6f972e70642c7248b9e223a
Test: disable "ambient display", sensor triggers should still work
This is a follow up CL to my previous CL [1] that let
IInputConnectionWrapper to call InputContentInfo#requestPermission()
automatically so that temporary URI permissions can be granted
automatically on API 25+ devices whenever
INPUT_CONTENT_GRANT_READ_URI_PERMISSION is specified.
However, in that CL we forgot to handle exceptions thrown from
InputContentInfo#requestPermission(). This is problematic because it is
actually easy for IMEs to cause SecurityException by specifying a
content URI that does not allow grantUriPermission, e.g.:
inputConnection.commitContent(
new InputContentInfo(Uri.parse("content://call_log/test"),
new ClipDescription("test", new String[]{"image/gif"}));
As a result, IMEs can let the application crash at any time because
InputContentInfo#requestPermission() is automatically called inside the
Framework.
This CL makes sure that exceptions thrown from
InputContentInfo#requestPermission() can be handled gracefully.
[1]: Id955435dd2e72549ee7134f46b3c6951581694ad
f3806f57a5
Bug: 32162481
Change-Id: I08916a1f54518390d3b67ab1673dc901e3f9716a
Added a service that listens whether emergency affordances
are necessary.
If the they are needed, it adds an option to the
global actions dialog that directly launches the
emergency call and also adds a long-press listener
to the keyguard emergency button.
Test: adb shell settings put global force_emergency_affordance 1 && adb shell settings put global emergency_affordance_number 111112
Bug: 30404490
Change-Id: Ib96a15da2ef4b568a8d77140ebca6aa6f20f5ddb
Added a service that listens whether emergency affordances
are necessary.
If the they are needed, it adds an option to the
global actions dialog that directly launches the
emergency call and also adds a long-press listener
to the keyguard emergency button.
Test: adb shell settings put global force_emergency_affordance 1 && adb shell settings put global emergency_affordance_number 111112
Bug: 30404490
Change-Id: Ib96a15da2ef4b568a8d77140ebca6aa6f20f5ddb
Added a service that listens whether emergency affordances
are necessary.
If the they are needed, it adds an option to the
global actions dialog that directly launches the
emergency call and also adds a long-press listener
to the keyguard emergency button.
Test: adb shell settings put global force_emergency_affordance 1 && adb shell settings put global emergency_affordance_number 111112
Bug: 30404490
Change-Id: Ib96a15da2ef4b568a8d77140ebca6aa6f20f5ddb
