| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This parameter is useful for when a broadcast's intent is not targeting
specific package and it is not wanted to be delievered to a specific
one.
Test: Install two apps and create shell command argument to exlude
packages, verify the correct packages can receive or get
skipped. Verified with manifest and registered receivers.
Bug: 231635380
Bug: 210118427
Merged-In: I9a331f71c7052b294d4eada0f0f658dba989d881
Change-Id: I9a331f71c7052b294d4eada0f0f658dba989d881
|
| |
|
|
|
|
| |
Bug: 215555831
Test: atest android.permission.cts.RevokeSelfPermissionTest
Change-Id: I887e2b8a86868352e772537addd8cd20ef305d7b
|
| |
|
|
|
|
|
|
|
|
|
| |
This CL is mainly from the requirements to receive WindowMetrics
updates in Jetpack Library. It also benefits the developers if
they want to listen to Activity's configuration changes outside
Activity
Test: atest RegisterComponentCallbacksTest
Bug: 199442549
Change-Id: Iff5c0a4d9c61d30b84ff9aee465f1b6b06f1a48d
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Bug: 193247900
Test: WindowContextTest
Test: ContextWrapperTest
Change-Id: Ia070b12eea5631d70a96d6e41d03ab08f6b44caa
|
| |/
|
|
|
|
|
|
| |
Test: atest android.permission.cts.RevokeOwnPermissionTest
Bug: 215555831
Bug: 210575642
Bug: 210387494
Change-Id: I94e29f66d13ac76669fab2ccc08879c30c26b7ea
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Test: Manual test using a non-privileged app, atest
android.permission.cts.SelfRevokeRuntimePermissionTest
When calling the API, the permission (along with any other permissions
from the same group) for the current package is downgraded to a one-time
permission, and a one-time permission session is started.
Bug: 210387494
Change-Id: I9f061cbc8c3db720127c96200fe94a644246b6d7
|
| |\
| |
| |
| |
| |
| |
| |
| | |
am: 5c35d3bce6
Original change: https://android-review.googlesource.com/c/platform/frameworks/base/+/1845059
Change-Id: I90e8a4d567fe2de9ab765806fc7bd3aba4fe0845
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Revert "Revert "Required change for adding overload method for r..."
Revert submission 1842720-revert-1836473-receiverChangesinAOSP-FWJQDTADTI
Reason for revert: DroidMonitor-triggered revert due to breakage, bug b/202144225
Reverted Changes:
I03409ea39:Revert "Required change for adding overload method...
I583a11d2a:Revert "Cherrypicking flags and override methods f...
Change-Id: I5cdf9c74d51a259fdaa43dfdc9423d22145eac60
|
| |\|
| |
| |
| |
| |
| |
| |
| | |
am: 98ff8ecdaa
Original change: https://android-review.googlesource.com/c/platform/frameworks/base/+/1842721
Change-Id: Ieaed4fcc2fa97db551a70f4a3076b4237acfb8ab
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Revert "Required change for adding overload method for registerR..."
Revert submission 1836473-receiverChangesinAOSP
Reason for revert: <INSERT REASONING HERE>
Reverted Changes:Making build break
I906ce9eb0:Required change for adding overload method for reg...
I9a16f566c:Cherrypicking flags and override methods for allow...
Change-Id: I583a11d2a23651db24acde303d522a5faae15c6b
|
| |\|
| |
| |
| |
| |
| |
| |
| | |
registered receivers to mark themselves explicitly as exported or not exported." am: 316e0e8336
Original change: https://android-review.googlesource.com/c/platform/frameworks/base/+/1836473
Change-Id: I39049e42feb66c3fa3f0ebdef8e175ae86d5d410
|
| | |
| |
| |
| |
| |
| |
| |
| | |
registered receivers to mark themselves explicitly as exported or not
exported.
Test: will add tests with enforcement
Change-Id: I9a16f566c54e389743dcf460734ecdc0b1081768
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This reverts commit cb5a80ea57b51fcde117dea253c546dbba9f27f1.
Reason for revert: Was not the cause of the test failure
Fixes: 186622527
Test: atest FrameworksCoreTests:ContextTest
Change-Id: I705854f080200f0465d94a7754e710f05a3ec92c
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Bug: 192242649
5a41b45a85286200f029b6ac06d004cb32c88dd0
Change-Id: Idcebd68e0079e7e87de04ae25069b3a9ff72093c
|
| | |
| |
| |
| |
| |
| |
| |
| | |
This reverts commit c54ebba25be71d77a4c0d92dba2f0b32c03a9792.
Bug: 188059515
Test: atest FrameworksCoreTests:ContextTest
Change-Id: I986563142dac135281889e811e6e5219d728d5d1
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
If an application caches an ApplicationInfo and uses it to call
Context#createApplicationContext, the app will not get the most recent
version of the overlays for that application. To make things worse, the
LoadedApk stored in ActivityThread#mResourcePackages is updated using
the old ApplicationInfo causing further uses of the cached LoadedApk to
return outdated information.
Deprecate Context#createApplicationContext, convert all internal uses
to Context#createPackageContext(String packageName, ...) and log
whenever any one calls Context#createApplicationContext with an
outdated ApplicationInfo to detect debug issues in using old infos.
Bug: 188059515
Test: change wallpaper and observe widgets get reloaded with most
recent overlays
Change-Id: I2aeefa8c0e66264859109975a54c4f73f76ad710
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Add an overloaded version of Context.sendBroadcastMultiplePermissions() that can
specify BroadcastOptions, it is called by com.android.bluetooth package.
Bug: 182816627
Test: atest AdapterServiceTest
Test: atest AvrcpControllerStateMachineTest
Test: atest BondStateMachineTest
Test: atest MapClientStateMachineTest
Test: atest RemoteDevicesTest
Change-Id: I8bb2d2ed98ece70ebbe9d3a1b549b966d690de4f
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
gets sent to
This adds an API to allow sending a broadcast to an app that has permission FOO but not permission BAR.
Earlier, a lack of this option was causing a double send problem for broadcasts, which should now be resolved.
Test: manual
Bug: 183537857
Change-Id: I13287d63e039164694be4daa832bb23709990054
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Besides UI contexts, the context created via
Context#createConfigurationContext with a proper configuration
should be allowed to inflate views or obtain ViewConfiguration.
An example is that a wear device inflate views into bitmap and pass
the bitmap to the Wear OS Companion app on the phone.
Bug: 177847640
Test: atest StrictModeTest
Change-Id: Iab232a80a973f54bf0484262d45af3e4c2f0e5dc
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When an app is proxying access to runtime permission protected
data it needs to check whether the calling app has a permission
to the data it is about to proxy which leaves a trace in app ops
that the requesting app perofmed a data access. However, then the
app doing the work needs to get the protected data itself from the
OS which access gets attributed only to itself. As a result there
are two data accesses in app ops where only the first one is a
proxy one that app A got access to Foo through app B - that is the
one we want to show in the permission tracking UIs - and one
for the data access - that is the one we would want to blame on
the calling app, and in fact, these two accesses should be one -
that app A accessed Foo though B. This limitation requires fragile
one off workarounds where both accesses use the same attribution
tag and sys UI has hardcoded rules to dedupe. Since this is not
documented we cannot expect that the ecosystem would reliably
do this workaround in apps that that the workaround in the OS
would be respected by every OEM.
This change adds a mechaism to resolve this issue. It allows for
an app to create an attribution context for another app and then
any private data access thorugh this context would result in a
single app op blame that A accessed Foo though B, i.e. we no longer
have double accounting. Also this can be nested through apps, e.g.
app A asks app B which asks app C for contacts. In this case app
B creates an attribution context for app A and calls into app C
which creates an attribution context for app B. When app C gets
contacts the entire attribution chain would get a porper, single
blame: that C accessed the data, that B got the data from C, and
that A got the data form B. Furthermore, this mechanism ensures
that apps cannot forget to check permissions for the caller
before proxying private data. In our example B and C don't need
to check the permisisons for A and B, respectively, since the
permisisons for the entire attribution chain are checked before
data delivery. Attribution chains are not forgeable preventing
a bad actor to create an arbitrary one - each attribution is
created by the app it refers to and points to a chain of
attributions created by their corresponding apps.
This change also fixes a bug where all content provider accesses
were double counted in app ops due to double noting. While at
this it also fixes that apps can now access their own last ops.
There was a bug where one could not pass null getting the attributed
ops from a historical package ops while this is a valid use case
since if there is no attribution everything is mapped to the null
tag. There were some app op APIs not being piped thorough the app
ops delegate and by extension through the app ops policy. Also
now that we have nice way to express the permission chain in a
call we no longer need the special casing in activity manager to
handle content provider accesses through the OS. Fixed a bug
where we don't properly handle the android.os.shell calls with
an invlaid tag which was failing while the shell can do any tag.
Finally, to ensure the mechanims is validated and works end-to-end
we are adding support for a voice recognizer to blame the client
app for the mic access. The recognition service can create a blaming
context when opening the mic and if the mic is open, which would
do all permission checks, we would not do so again. Since changes
to PermissionChercker for handling attribution sources were made
the CL also hooks up renounced permissoins in the request permission
flow and in the permission checks.
bug:158792096
bug:180647319
Test:atest CtsPermissionsTestCases
atest CtsPermissions2TestCases
atest CtsPermissions3TestCases
atest CtsPermissions4TestCases
atest CtsPermissions5TestCases
atest CtsAppOpsTestCases
atest CtsAppOps2TestCases
Change-Id: Ib04585515d3dc3956966005ae9d94955b2f3ee08
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Different logical components within an app may have no intention of
interacting with data or services that are protected by specific
permissions.
The new overload added in this change provides the initial mechanism
for a logical component to indicate a set of permissions that should
be treated as "renounced". Interactions performed through the
returned Context will ideally be treated as if the renounced
permissions have not actually been granted to the application,
regardless of their actual grant status.
This is a low-risk change from a security standpoint, since it can
only reduce the set of permissions that might have been granted to
an app; it can never be used to expand the set of permissions.
Note that this change only provides an initial implementation which
only applies to local permission checks within the app; future
changes will begin wiring this up across process boundaries.
Bug: 181812281
Test: atest CtsContentTestCases:android.content.cts.ContextTest
Change-Id: I96439e5344c85300fb6a0f03e572746c3c96ee95
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Optimizes the workflow to check multiple URI permissions, which
currently need to be checked one URI at a time.
New APIs are logically similar to existing APIs: checkUriPermission,
checkCallingUriPermission and checkCallingOrSelfUriPermission. The
new APIs would take input of a collection of URIs instead of just one
URI.
Bug: 179362563
Test: atest ContextTest.java
Test: atest ExternalStorageHostTest#testMediaEscalation_RequestWriteFilePathSupport
Change-Id: I9cd6278f9b865c0532afc337b089771df6aea8c5
|
| |\|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
am: c9e394fc27 am: 796c878352
Original change: https://android-review.googlesource.com/c/platform/frameworks/base/+/1491876
MUST ONLY BE SUBMITTED BY AUTOMERGER
Change-Id: If4d6e07f92301baae6056d0891bc292cbd67450f
|
| | |
| |
| |
| |
| |
| |
| | |
Bug: 177223402
Test: atest FrameworksCoreTests:ContextTest
Test: atest CtsContentTestCases:ContextTest
Change-Id: Ic85419934cf2c9df4e0f9cc287585b3296cec819
|
| |\|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
am: 4b46fb6b09 am: f1f8f956c6
Original change: https://android-review.googlesource.com/c/platform/frameworks/base/+/1541664
MUST ONLY BE SUBMITTED BY AUTOMERGER
Change-Id: If47397df98ebb90c079d110fbfd947aa17abe05b
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Usage has been discovered by an app so reverting this to its previous
state. This is conceptually a partial revert of change 5d123b67756.
NoNonSdkCheck: b/170729553
Bug: 175981568
Test: m
Change-Id: I3e61d3f56f176d573f68ba85f3b1762686aa62ef
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
These are APIs that have @UnsupportedAppUsage but for which we don't
have any evidence of them currently being used, so should be safe to
remove from the unsupported list.
Bug: 170729553
Test: Treehugger
Merged-In: I626caf7c1fe46c5ab1f39c2895b42a34319f771a
Change-Id: I54e5ecd11e76ca1de3c5893e3a98b0108e735413
|
| | |
| |
| |
| |
| |
| |
| | |
Bug: 175416931
Test: atest SplitScreenTests WMShellUnitTests
Change-Id: Id11bfef19076840e46222014e268a553bd94f2ef
|
| | |
| |
| |
| |
| |
| |
| | |
Test: atest ContextIsUiContextTest ContextGetDisplayTest
Test: atest WindowContextPolicyTests
Bug: 174640742
Change-Id: I13bd07fa3a4e79fe44bce34157ee93622cbb431d
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Port Nullable annotations from Context to ContextWrapper.
Bug: 173863972
Test: n/a
Change-Id: I5decbba77149283bc68a2251d472618ca50219b8
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Also consolidate UI context related flags to ContextType.
Bug: 171280916
Test: atest ContextTest ContextAccessTest
Test: atest WindowContextTest WindowContextTests \
WindowMetricsTest WindowMetricsTests
Test atest InputMethodServiceStrictModeTest \
InputMethodMenuControllerTest
Test atest InputMethodServiceTest#testGetDisplay
StrictModeTest#testIncorrectContextuse_*
Change-Id: I7f3a7f951c664d4c329059942e688ee3a625b992
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
These are APIs that have @UnsupportedAppUsage but for which we don't
have any evidence of them currently being used, so should be safe to
remove from the unsupported list.
This is a resubmit of ag/12929664 with some APIs excluded that caused
test failures; see bugs 171886397, 171888296, 171864568.
APIs excluded:
Landroid/bluetooth/le/ScanRecord;->parseFromBytes([B)Landroid/bluetooth/le/ScanRecord;
Landroid/os/Process;->myPpid()I
Landroid/os/SharedMemory;->getFd()I
Landroid/hardware/input/InputManager;->INJECT_INPUT_EVENT_MODE_WAIT_FOR_FINISH:I
Bug: 170729553
Test: Treehugger
Change-Id: I8285daa8530260251ecad6f3f38f98e263629ca7
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
This reverts commit 72f07d6a8a32db4a0dedd7682a0b3385be2b9cd6.
Reason for revert: Droidcop-triggered revert due to breakage https://android-build.googleplex.com/builds/quarterdeck?testMethod=testAppZygotePreload&testClass=android.app.cts.ServiceTest&atpConfigName=suite%2Ftest-mapping-presubmit-retry_cloud-tf&testModule=CtsAppTestCases&fkbb=6936597&lkbb=6936969&lkgb=6936551&testResults=true&branch=git_master&target=cf_x86_phone-userdebug>, bug b/171886397
Bug: 171886397
Change-Id: Ibe0f0430a3451477c1ee8ef56a596e91ea1e7672
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
These are APIs that have @UnsupportedAppUsage but for which we don't
have any evidence of them currently being used, so should be safe to
remove from the unsupported list.
Bug: 170729553
Test: Treehugger
Change-Id: I4c8fd0006f950de9955242e93968fb0996ceb372
|
| |\|
| |
| |
| |
| |
| |
| |
| | |
5c25605da0 am: a91c84fa14 am: 6263253bae am: 9e19211dc0
Original change: https://googleplex-android-review.googlesource.com/c/platform/frameworks/base/+/12105622
Change-Id: Iff671143234e00a2330638011c46be8f064dfad2
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Add null checks in both ContextWrapper and before obtaining
ContextImpl#getOuterContext.
Test: atest ContextTest#testIsUiContext_ContextWrapper
fixes: 160037462
Change-Id: Ic6a71dd9ac4b195d219d6e5431f2f2b199a400fa
|
| |/
|
|
|
|
| |
Bug: 156238511
Test: Treehugger
Change-Id: I349e8628ea77d3051f40f903c3438c3fc0a489ea
|
| |
|
|
|
|
|
|
| |
Before, the documentation said that the passed context is an application context, which is incorrect to get the density, window metrics, and window manager. We should use visual context to get these instead.
Bug: 151474461
Test: StrictModeTest#testIncorrectContextUse_GetViewConfiguration
Change-Id: Iea28d727cafbb3ec8536742c6a0e594f73fe5a51
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In the core functionality this changes everything including aidl's and
field names:
- Context
- ContentProvider
- AppOps*
- Package parsing
For the rest, this is a shallow change to only change to the changed
APIs. This keeps the change small-ish
Exempt-From-Owner-Approval: Rename
Fixes: 148792795
Test: TH
Change-Id: I2a2245fe76e09e62cb13d5785d2efb4a304ba54a
Merged-In: I2a2245fe76e09e62cb13d5785d2efb4a304ba54a
|
| |
|
|
|
|
| |
Fixes: 151156902
Test: make checkapi
Change-Id: I966f8cd305189a54a5de48b03e5b4bdd51700fdf
|
| |
|
|
|
|
|
|
|
|
| |
with appOp as String and options as Bundle
Bug: 139077993
Bug: 146423958
Test: Build
Change-Id: I5325e08d60016741139251813a5df9b42f2efc82
Merged-In: I5325e08d60016741139251813a5df9b42f2efc82
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Make obtaining a visual service from non-visual Context instance
report a strict mode violation and print the stacktrace.
Make calling getDisplay() throw an exception if called on an instance
that is not associated with a display. For existing usages introduce
a new internal method that does not perform the verification until
the usages are properly fixed.
Bug: 128338354
Test: StrictModeTest#testIncorrectContextUse_GetSystemService
Test: StrictModeTest#testIncorrectContextUse_GetDisplay
Change-Id: Id25d590eca6e10066e55d7ed6436d3bc9e433beb
|
| |
|
|
|
|
|
|
|
| |
Add Bundle parameter to createWindowContext method to allow
passing window-related options.
Bug: 128338354
Test: Build, auto test
Change-Id: I19cf9335068ecf94c9d94a99be0e8f1021f78e34
|
| |
|
|
|
|
| |
Test: atest WmTests CtsWindowManagerDeviceTestCases
Bug: 128338354
Change-Id: I9c9dfc5e7f4edd4c968e60d2ffcbb19b5c72a853
|
| |
|
|
|
|
|
|
| |
Existing annotations in libcore/ and frameworks/ will deleted after the migration. This also means that any java library that compiles @UnsupportedAppUsage requires a direct dependency on "unsupportedappusage" java_library.
Bug: 145132366
Test: m && diff unsupportedappusage_index.csv
Change-Id: I6ab53570aca580fbee1fcc927871caa09780f58f
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Context.getCrateDir() creates and returns the File for the
root of the crates for the application context. Any child directories
under the crates root in Context.getDataFile() is called
the crate directory.
For example:
/data/user/0/com.exmaple.app/crates/IAmCratedFolder/decentFiles
/data/user/0/com.exmaple.app/crates/IAmCratedFolder/decentDirs
Context.getCrateDir return the crate dir
--> /data/user/0/com.exmaple.app/crates/IAmCratedFolder
The crate dir
--> IAmCratedFolder
The decent directories or files are not crated folders
--> decentFiles, decentDirs
Test: atest CtsOsTestCases:android.os.storage.cts.StorageCrateTest
Bug: 141660526
Change-Id: If3ec1e121fb8f72bab5571d6190378e3ae208832
|
| |
|
|
|
|
|
|
| |
with appOp as String and options as Bundle
Bug: 139077993
Test: Build, GsmInboundSmsHandlerTest, CdmaInboundSmsHandlerTest and WapPushOverSmsTest
Change-Id: I60e21c7202d1bc7c5d28dfad2e2edde902f28a15
|
| |
|
|
|
|
|
|
|
|
|
| |
Context.registerReceiverForAllUsers are already marked as @SystemApi.
The same method in ContextWrapper overriding it doesn't need to be
annotated as such. In fact, that API is even not recorded in
system-current.txt.
Bug: 144424011
Test: atest CtsSystemApiAnnotationTestCases
Change-Id: I60890104bf20a2c674edd91ec6b487cca1b4e37b
|
| |
|
|
|
|
|
|
|
| |
This API is used by wifi mainline module, so converting it to a formal
API.
Bug: 141943978
Test: Compiles
Change-Id: I563b6b37002975639fde036014cd0955fc8edef9
|
