• R/O
  • HTTP
  • SSH
  • HTTPS

List of commits

Tags
No Tags

Frequently used words (click to add to your profile)

javac++androidlinuxc#windowsobjective-ccocoa誰得qtpythonphprubygameguibathyscaphec計画中(planning stage)翻訳omegatframeworktwitterdomtestvb.netdirectxゲームエンジンbtronarduinopreviewer

frameworks/base


RSS
Rev. Time Author
c63970d marshmallow-x86 android-x86-6.0-r3 2017-03-25 04:13:40 Chih-Wei Huang

DiskInfo: support CD/DVD type

b2fa297 2017-03-24 00:10:31 Chih-Wei Huang

Android 6.0.1 release 79
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iEYEABECAAYFAli9mFkACgkQ6K0/gZqxDngFgACfeq0Hi0FWD6zynxqdzEdZX0R2
R5kAni6WRHmuxJPz+hRfiwJQp3s/Zxvh
=8yxY
-----END PGP SIGNATURE-----

Merge tag 'android-6.0.1_r79' into marshmallow-x86

Android 6.0.1 release 79

12033dd 2017-01-25 09:41:15 Jeff Sharkey

DO NOT MERGE. Retain DownloadManager Uri grants when clearing.

As part of fixing a recent security issue, DownloadManager now needs
to issue Uri permission grants for all downloads. However, if an app
that requested a download is upgraded or otherwise force-stopped,
the required permission grants are removed.

We could tell DownloadManager about the app being stopped, but that
would be racy (due to background broadcast), and waking it up would
degrade system health. Instead, as a special case we now only
consider clearing DownloadManager permission grants when app data
is being cleared.

Bug: 32172542, 30537115
Test: builds, boots, app upgrade doesn't clear grants
Change-Id: I7e3d4546fd12bfe5f81b9fb9857ece58d574a6b9
(cherry picked from commit 23ec811266fb728cf159a90ce4882b3c9bac1887)
(cherry picked from commit fbf395c220ab07d0596426ea3e7f596e9015ee63)

cefaefa 2017-01-25 09:41:14 Jeff Sharkey

DO NOT MERGE: Check provider access for content changes.

For an app to either send or receive content change notifications,
require that they have some level of access to the underlying
provider.

Without these checks, a malicious app could sniff sensitive user data
from the notifications of otherwise private providers.

Test: builds, boots, PoC app now fails
Bug: 32555637
Change-Id: If2dcd45cb0a9f1fb3b93e39fc7b8ae9c34c2fdef
(cherry picked from commit ff2fede0ddd9464d4c65e6218a032036adb73099)

cc8c138 android-x86-6.0-r2 2017-01-10 23:10:09 Chih-Wei Huang

fd_utils: fix DEBUG mode booting issue

Remove the "/android/" prefix before the white list checking.

Suggested by Chris Vandomelen <chris@sightworks.com>.

cfa7883 2017-01-10 23:08:30 Chih-Wei Huang

Android 6.0.1 release 74
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iEYEABECAAYFAlgczssACgkQ6K0/gZqxDngq9wCdHv6RKynT3mm2Vll1EXgDnUb5
6SUAn3zCdEse9JCp57B457LkzKtbbY/o
=VDQb
-----END PGP SIGNATURE-----

Merge tag 'android-6.0.1_r74' into marshmallow-x86

Android 6.0.1 release 74

db66afe 2016-12-07 09:33:28 Hugo Benichi

resolve merge conflicts of 89aa6fb to mnc-dr-dev

Change-Id: I9e4e538081600be6a8199060bcb0d4040c071a22
(cherry picked from commit a0cfb157ecf69c948e37db5a9df6cb8a8102874c)

9494689 2016-12-07 09:31:18 neo.chae

Fix idmap leak in zygote process

Fix a idmap leak in AssetManager::addSystemOverlays.
And, The fix could also prevent fd leak of idmap.

Test: none
Bug: 32691930

Signed-off-by: Hyangseok Chae <neo.chae@lge.com>

(cherry picked from commit 6a742a38509693f8b39ee9a5ad2803fca12688bf)

Change-Id: Idc4af77db2b0cb739bd6b009b6af0f9123be1aac
(cherry picked from commit 0244ca8d10dfc27e14f481fe649b89f7638c48eb)

c3ee762 2016-12-07 09:31:17 Narayan Kamath

Zygote: Additional whitelisting for legacy devices.

On M and below, we provide a blanket whitelist for all files under
"/vendor/zygote_whitelist". This path is whitelisted purely to allow
this patch to be applied easily on legacy devices and configurations.

Note that this does not amount to a loosening of our security policy
because whitelisted files are reopened anyway.

Bug: 32691930
Test: manual
Change-Id: If5b53f6f0a707f8d36603c09bfd3f72dbfbbbb99
(cherry picked from commit 5e2f7c6229d7191183888d685b57a7d0a2835fce)

7aa8ec2 2016-12-07 09:31:16 Narayan Kamath

Zygote: Additional whitelists for runtime overlay / other static resources.

Partially cherry picked from commit 1c15c635785c64a.

These files are safe to reopen for the same reason that files in
/system/framework are. They're regular files and will not change after
the first zygote fork.

Bug: 32618130

Change-Id: I119e0bfcbf397cb331064adf148d92a5cd3ea92f
(cherry picked from commit 4e8ba1d73eee1311bb78144be43862b393548d5d)

80b6292 2016-12-07 09:31:15 Jeff Sharkey

Public volumes belong to a single user.

When a public (vfat) device is inserted, it's strongly associated
with the current foreground user, and no other users should be able
to access it, since otherwise that would be a cross-user data leak.

To use the device under a different user, switch users and then
eject/remount the device.

Test: verified user isolation of USB drive
Bug: 32523490
Change-Id: I590c791996f1fea8d78f625dc942d149f1f41614
(cherry picked from commit 6b0079d3bc970d48e71cf9211d178e447f7f8a7c)

cc3a845 2016-12-01 08:40:59 Narayan Kamath

Zygote : Block SIGCHLD during fork.

Fix merge conflict into mnc-mr2-release
We close the android logging related sockets prior as late as possible
before every fork to avoid having to whitelist them. If one of the
zygote's children dies after this point (but prior to the fork), we can
end up reopening the logging sockets from the SIGCHLD signal handler.

To prevent this from happening, block SIGCHLD during this critical
section.

Bug: 32693692
Test: Manual

(cherry picked from commit e9a525829a354c92983a35455ccab16d1b0d3892)

Zygote: Unblock SIGCHLD in the parent after fork.

Follow up to change e9a525829a354c92983a. Allows the zygote to
receive SIGCHLD again and prevents the zygote from getting into a
zombie state if it's killed.

Contributed-By: rhed_jao <rhed_jao@htc.com>
Bug: 32693692
Test: manual

(cherry picked from commit 1480dc3e97b661f5bfa3a5c2fbce72385b8d2be6)

Change-Id: If89903a29c84dfc9b056f9e19618046874bba689

1695305 2016-11-22 17:26:15 Chih-Wei Huang

Print more switch events

c66a38c 2016-11-22 12:24:35 John Stultz

Zygote: Add CAP_WAKE_ALARM to system_server to properly support timerfd alarms

The when the timerfd alarm logic was added to the kernel, an oversight was made
and the interface does not check for the CAP_WAKE_ALARM permissions as required
via other kernel methods to trigger an alarm timer.

In v4.8-rc kernels, the change 2895a5e5b3a ("timerfd: Reject ALARM timerfds
without CAP_WAKE_ALARM") was added by Eric Caruso <ejcaruso@google.com>.

After this change (which may be backported to -stable), the AlarmManager will
fail on the first timerfd_create call, and will not be able to set the time
or handle other necessary functions.

The solution here is to add CAP_WAKE_ALARM to the system_server process.

Change-Id: Ifdb16f3ef42711e553f727165de3922d484b5be4
Signed-off-by: John Stultz <john.stultz@linaro.org>

81a958f 2016-11-04 05:59:59 Sungsoo

DO NOT MERGE) ExifInterface: Close the file when an exception happens

Bug: 32068647, Bug: 30936376
Change-Id: I22fa2384348c890ca726d2b1632cd54e59d25a8f
(cherry picked from commit cb17930077de640411407636eebc000e2d06dd9c)

37648d4 2016-11-04 05:59:58 Christopher Tate

DO NOT MERGE Isolated processes don't get precached system service binders

More specifically, they get a PackageManager binder -- necessary for
Android process startup and configuration -- but none of the other
usual preloaded service binders.

Bug 30202228

Change-Id: I3810649f504cd631665ece338a83d2e54d41ad05
(cherry picked from commit 2c61c57ac53cbb270b4e76b9d04465f8a3f6eadc)
(cherry picked from commit f4d23f30c92bc80808f57677caab0282c8d28dc6)

248c3ab 2016-11-04 05:59:57 Sungsoo

DO NOT MERGE) ExifInterface: Provide backward compatibility

ExifInterface.saveAttribute() didn't throw UnsupportedOperationException
before. Use IOException instead of UnsupportedOperationException for
backward compatibility.

Bug: 30936376, Bug: 32068647, Bug: 31319086
Change-Id: Iacc7b4d91d49edd7bece8f2e738a633a91025eca
(cherry picked from commit 7ce9243087b04bce719e1f3d10a14b9b26b8ea81)

94cd881 2016-10-19 00:37:21 Chih-Wei Huang

Ignore screen size when determines mForceDefaultOrientation

ef525e8 2016-09-28 08:29:58 Paul Jensen

Avoid crashing when downloading MitM'd PAC that is too big am: 7d2198b586 am: 9c1cb7a273 am: 6634e90ad7
am: 66ee2296a9

Change-Id: Ib0023b44e521b936ab2f9450ad367b1feda64492

f653d36 2016-09-28 08:28:39 Jeff Sharkey

Merge commit '0a9d537f623b2c11dce707fb9b91fea016fd0e9f' into manual_merge_0a9d537

Change-Id: Ib1a0bbb34edb61666ac5739f0b0eaadbe4c5fe06

4c95059 2016-09-28 07:58:52 Jaewan Kim

DO NOT MERGE Check caller for sending media key to global priority session

Prevent sending media key events from the non-system app to the global
priority session through the MediaSessionManager.dispatchMediaKeyEvent().
Note that any app can use the API indirectly with
the public API AudioManager.dispatchMediaKeyEvent().

Bug: 29833954
Tested: Installed malicious apps and confirmed that they don't work.
Tested: Run CtsTelecomTestCases and CtsMediaTestCases
Change-Id: I2a9e78196ba7455324e485f098f095d03b47ee15
(cherry picked from commit c282c4f106bea5c5375fdb6062ffd4fdcf8563a7)

4f0dec2 2016-09-28 07:58:51 Paul Jensen

Fix build break due to automerge of 7d2198b5

Bug: 30100884

Change-Id: I8fa379a74b5d9467b5b9498bd18de2a043963c6f
(cherry picked from commit baae57ab24db7d3b0bf7f84c05954173f1ee15fe)

9e812be 2016-09-28 07:58:50 Tadashi G. Takaoka

DO NOT MERGE: Catch all exceptions when parsing IME meta data

Bug: 30568284
Change-Id: I0b613f8ce0f014320c5ac1bf445699ea2702a0a2
(manually cherry picked from 9b2997d22e6ce2a15065d8e7608dd77b316c2065)

(cherry picked from commit 7bb4c825585d5a6afbb59484ec7db5f5dec1bdaf)

115baf8 2016-09-28 07:58:49 Sudheer Shanka

DO NOT MERGE: Fix deadlock in AcitivityManagerService.

Don't hold mPidsSelfLocked lock when calling
cleanUpApplicationRecordLocked.

Bug: 31463143
Change-Id: I421962cbfd7c466662edcef805c3e27321dc5a98
(cherry picked from commit b59e73613bbaf252e2ee5892d7a95cbbd7d40b26)

77fa5d9 2016-09-28 07:58:48 John Reck

Ensure munmap matches mmap

Bug: 31350622
Change-Id: I6d3f9faec32d54360caa6706d17405e20b50966c
(cherry picked from commit aa394dd42c049479bface1991f11b863dc1a0922)

26f6eb7 2016-09-28 07:58:47 Marie Janssen

Fix setPairingConfirmation permissions issue (2/2)

setPairingConfirmation was set to only require BLUETOOTH_ADMIN
permission which shouldn't be able to set the confirmation itself.

This is restricted to BLUETOOTH_PRIVILEGED permission.

Bug: 29043989
Change-Id: I887de32d156e672ec44aa0b286cd7ea7f9f8ad55
(cherry picked from commit 93326cfd9fb8a20081baa9b975275772798cfd80)

23e6629 2016-09-28 07:58:46 Sungsoo

DO NOT MERGE) ExifInterface: Make saveAttributes throw an exception before change

ExifInterface object can be created with a unsupported file format.
If saveAttribute is called with an unsupported file format, ExifInterface
makes the file corrupted. This CL prevents those cases by throwing
an exception before making any change on the file.

Bug: 30936376
Change-Id: I915f56b00ec9422b53591ac5534e070a1d6798e6
(cherry picked from commit 2ee53c82cc8c8b2e76a19910074672f6204a5d63)

b8be33b 2016-09-28 07:58:45 Narayan Kamath

Backport changes to whitelist sockets opened by the zygote.

This is the backport of the following commits :

Commit c5f27a7cb2ec816f483a65255034a1b57a8aa22:
-----------------------------------------------

Reopen whitelisted zygote file descriptors after a fork.

We don't want these descriptors to be shared post-fork, so we'll
have to close and reopen them when the zygote forks. The set of
open descriptors is checked against a whitelist and it is a fatal
error if a non whitelisted FD is opened. It is also a fatal error
if anything other than a regular file / character device or socket
is opened at the time of forking.

This work is done in two stages :
- An initial list of FDs is constructed and cached prior to the
first zygote fork.

- On each subsequent fork, we check whether the list of open FDs
has changed. We are currently tolerant of changes, but in the
longer term, it should be a fatal error if the set of open file
descriptors in the zygote changes.

- Post fork, we traverse the list of open descriptors and reopen
them if necessary.

bug: 30963384

Commit 3764a260f0c90dcb323caeda14baf903cc108759:
-----------------------------------------------

Add a whitelist of sockets on fork.

Maintain a whitelist of AF_UNIX sockets that are permitted
to exist at the time of forking. If an open socket does not belong
to the whitelist (or is not AF_UNIX), the process will abort. If an
open socket is whitelisted, it will be redirected to /dev/null after
a sucessful fork. This allows us to unify our handling of the special
zygote sockets (/dev/socket/zygote[_secondary]) with the existing
whitelist of non socket file descriptors.

This change also removes non-fatal ALOGW messages since they have the
side effect of reopening the logging socket.

bug: 30963384

Commit 0b76d6a28e6978151bf245a775329cdae5e574d5:
-----------------------------------------------

fd_utils: Fix broken usage of iterators.

There were two separate issues here :
- RestatInternal was using an iterator after a call to erase(). This
will not work because it will be invalidated.
- The "standard" for loop idiom for iterating over a map while making
structural changes to it is broken. Switch to a while loop and treat
cases where elements are erased differently from cases where they
aren't.

bug: 31092930
bug: 30963384

Plus additional changes:
-----------------------------------------------
- add /dev/__properties__ to the whitelist.

Change-Id: I709a7f4913e807a8fec8a58c81e98fe5b5222820
(cherry picked from commit 41ca1bce01af7e86aeff9009df54bbc81e3c77d0)

716804e 2016-09-22 01:01:28 Chih-Wei Huang

Fix improper Chinese translation

4c12d8c android-x86-6.0-r1 2016-09-13 18:43:11 Chih-Wei Huang

Detect HDMI audio by switch events

If detect SW_VIDEOOUT_INSERT, assume HDMI is plugged.