Merge "Ignore other IKE options if IkeTunnelConnectionParams is set"
diff --git a/apct-tests/perftests/core/src/android/libcore/OWNERS b/apct-tests/perftests/core/src/android/libcore/OWNERS
new file mode 100644
index 0000000..2d36574
--- /dev/null
+++ b/apct-tests/perftests/core/src/android/libcore/OWNERS
@@ -0,0 +1,2 @@
+# Bug component: 24949
+include platform/libcore:/OWNERS
diff --git a/core/api/test-current.txt b/core/api/test-current.txt
index 6b588f9..59db4d6 100644
--- a/core/api/test-current.txt
+++ b/core/api/test-current.txt
@@ -34,6 +34,7 @@
field public static final String READ_PRIVILEGED_PHONE_STATE = "android.permission.READ_PRIVILEGED_PHONE_STATE";
field public static final String RECORD_BACKGROUND_AUDIO = "android.permission.RECORD_BACKGROUND_AUDIO";
field public static final String REMOVE_TASKS = "android.permission.REMOVE_TASKS";
+ field public static final String REQUEST_UNIQUE_ID_ATTESTATION = "android.permission.REQUEST_UNIQUE_ID_ATTESTATION";
field public static final String RESET_APP_ERRORS = "android.permission.RESET_APP_ERRORS";
field public static final String SET_AND_VERIFY_LOCKSCREEN_CREDENTIALS = "android.permission.SET_AND_VERIFY_LOCKSCREEN_CREDENTIALS";
field public static final String START_TASKS_FROM_RECENTS = "android.permission.START_TASKS_FROM_RECENTS";
diff --git a/core/java/android/net/TEST_MAPPING b/core/java/android/net/TEST_MAPPING
index a379c33..3df5616 100644
--- a/core/java/android/net/TEST_MAPPING
+++ b/core/java/android/net/TEST_MAPPING
@@ -17,7 +17,7 @@
"path": "frameworks/opt/net/wifi"
}
],
- "postsubmit": [
+ "presubmit": [
{
"name": "FrameworksCoreTests",
"options": [
diff --git a/core/res/AndroidManifest.xml b/core/res/AndroidManifest.xml
index b87befb..f81ac3d 100644
--- a/core/res/AndroidManifest.xml
+++ b/core/res/AndroidManifest.xml
@@ -3409,6 +3409,12 @@
<permission android:name="android.permission.UPDATE_FONTS"
android:protectionLevel="signature|privileged" />
+ <!-- Allows the caller to generate keymint keys with the INCLUDE_UNIQUE_ID tag, which
+ uniquely identifies the device via the attestation certificate.
+ @hide @TestApi -->
+ <permission android:name="android.permission.REQUEST_UNIQUE_ID_ATTESTATION"
+ android:protectionLevel="signature" />
+
<!-- ========================================= -->
<!-- Permissions for special development tools -->
<!-- ========================================= -->
diff --git a/packages/Shell/AndroidManifest.xml b/packages/Shell/AndroidManifest.xml
index c03ed03..208bfbbf 100644
--- a/packages/Shell/AndroidManifest.xml
+++ b/packages/Shell/AndroidManifest.xml
@@ -609,6 +609,9 @@
<!-- Permission required for ATS test - CarDevicePolicyManagerTest -->
<uses-permission android:name="android.permission.LOCK_DEVICE" />
+ <!-- Permission required for CTS test - CtsKeystoreTestCases -->
+ <uses-permission android:name="android.permission.REQUEST_UNIQUE_ID_ATTESTATION" />
+
<application android:label="@string/app_label"
android:theme="@android:style/Theme.DeviceDefault.DayNight"
android:defaultToDeviceProtectedStorage="true"
diff --git a/packages/SystemUI/src/com/android/systemui/globalactions/GlobalActionsImpl.java b/packages/SystemUI/src/com/android/systemui/globalactions/GlobalActionsImpl.java
index 96ae646..290bf0d 100644
--- a/packages/SystemUI/src/com/android/systemui/globalactions/GlobalActionsImpl.java
+++ b/packages/SystemUI/src/com/android/systemui/globalactions/GlobalActionsImpl.java
@@ -41,26 +41,23 @@
import javax.inject.Inject;
-import dagger.Lazy;
-
public class GlobalActionsImpl implements GlobalActions, CommandQueue.Callbacks {
private final Context mContext;
- private final Lazy<GlobalActionsDialogLite> mGlobalActionsDialogLazy;
private final KeyguardStateController mKeyguardStateController;
private final DeviceProvisionedController mDeviceProvisionedController;
private final BlurUtils mBlurUtils;
private final CommandQueue mCommandQueue;
- private GlobalActionsDialogLite mGlobalActionsDialog;
+ private final GlobalActionsDialogLite mGlobalActionsDialog;
private boolean mDisabled;
@Inject
public GlobalActionsImpl(Context context, CommandQueue commandQueue,
- Lazy<GlobalActionsDialogLite> globalActionsDialogLazy, BlurUtils blurUtils,
+ GlobalActionsDialogLite globalActionsDialog, BlurUtils blurUtils,
KeyguardStateController keyguardStateController,
DeviceProvisionedController deviceProvisionedController) {
mContext = context;
- mGlobalActionsDialogLazy = globalActionsDialogLazy;
+ mGlobalActionsDialog = globalActionsDialog;
mKeyguardStateController = keyguardStateController;
mDeviceProvisionedController = deviceProvisionedController;
mCommandQueue = commandQueue;
@@ -71,16 +68,12 @@
@Override
public void destroy() {
mCommandQueue.removeCallback(this);
- if (mGlobalActionsDialog != null) {
- mGlobalActionsDialog.destroy();
- mGlobalActionsDialog = null;
- }
+ mGlobalActionsDialog.destroy();
}
@Override
public void showGlobalActions(GlobalActionsManager manager) {
if (mDisabled) return;
- mGlobalActionsDialog = mGlobalActionsDialogLazy.get();
mGlobalActionsDialog.showOrHideDialog(mKeyguardStateController.isShowing(),
mDeviceProvisionedController.isDeviceProvisioned(), null /* view */);
}
@@ -189,7 +182,7 @@
final boolean disabled = (state2 & DISABLE2_GLOBAL_ACTIONS) != 0;
if (displayId != mContext.getDisplayId() || disabled == mDisabled) return;
mDisabled = disabled;
- if (disabled && mGlobalActionsDialog != null) {
+ if (disabled) {
mGlobalActionsDialog.dismissDialog();
}
}
diff --git a/services/core/java/com/android/server/locksettings/LockSettingsShellCommand.java b/services/core/java/com/android/server/locksettings/LockSettingsShellCommand.java
index a73c8e0..0e4bbbb 100644
--- a/services/core/java/com/android/server/locksettings/LockSettingsShellCommand.java
+++ b/services/core/java/com/android/server/locksettings/LockSettingsShellCommand.java
@@ -18,12 +18,14 @@
import static com.android.internal.widget.LockPatternUtils.CREDENTIAL_TYPE_NONE;
import static com.android.internal.widget.LockPatternUtils.CREDENTIAL_TYPE_PATTERN;
+import static com.android.internal.widget.LockPatternUtils.StrongAuthTracker.STRONG_AUTH_REQUIRED_AFTER_USER_LOCKDOWN;
import android.app.ActivityManager;
import android.app.admin.PasswordMetrics;
import android.content.Context;
import android.os.ShellCommand;
import android.os.SystemProperties;
+import android.os.UserHandle;
import android.text.TextUtils;
import android.util.Slog;
@@ -48,6 +50,8 @@
private static final String COMMAND_REMOVE_CACHE = "remove-cache";
private static final String COMMAND_SET_ROR_PROVIDER_PACKAGE =
"set-resume-on-reboot-provider-package";
+ private static final String COMMAND_REQUIRE_STRONG_AUTH =
+ "require-strong-auth";
private static final String COMMAND_HELP = "help";
private int mCurrentUserId;
@@ -97,6 +101,9 @@
case COMMAND_SET_ROR_PROVIDER_PACKAGE:
runSetResumeOnRebootProviderPackage();
return 0;
+ case COMMAND_REQUIRE_STRONG_AUTH:
+ runRequireStrongAuth();
+ return 0;
case COMMAND_HELP:
onHelp();
return 0;
@@ -192,6 +199,10 @@
pw.println(" Sets the package name for server based resume on reboot service "
+ "provider.");
pw.println("");
+ pw.println(" require-strong-auth [--user USER_ID] <reason>");
+ pw.println(" Requires the strong authentication. The current supported reasons: "
+ + "STRONG_AUTH_REQUIRED_AFTER_USER_LOCKDOWN.");
+ pw.println("");
}
}
@@ -288,6 +299,24 @@
return true;
}
+ private boolean runRequireStrongAuth() {
+ final String reason = mNew;
+ int strongAuthReason;
+ switch (reason) {
+ case "STRONG_AUTH_REQUIRED_AFTER_USER_LOCKDOWN":
+ strongAuthReason = STRONG_AUTH_REQUIRED_AFTER_USER_LOCKDOWN;
+ mCurrentUserId = UserHandle.USER_ALL;
+ break;
+ default:
+ getErrPrintWriter().println("Unsupported reason: " + reason);
+ return false;
+ }
+ mLockPatternUtils.requireStrongAuth(strongAuthReason, mCurrentUserId);
+ getOutPrintWriter().println("Require strong auth for USER_ID "
+ + mCurrentUserId + " because of " + mNew);
+ return true;
+ }
+
private boolean runClear() {
LockscreenCredential none = LockscreenCredential.createNone();
if (!isNewCredentialSufficient(none)) {
diff --git a/services/core/java/com/android/server/net/TEST_MAPPING b/services/core/java/com/android/server/net/TEST_MAPPING
index 02095eb..4ccf09e 100644
--- a/services/core/java/com/android/server/net/TEST_MAPPING
+++ b/services/core/java/com/android/server/net/TEST_MAPPING
@@ -2,12 +2,8 @@
"presubmit-large": [
{
"name": "CtsHostsideNetworkTests",
- "file_patterns": ["(/|^)NetworkPolicy[^/]*\\.java"],
"options": [
{
- "include-filter": "com.android.cts.net.HostsideRestrictBackgroundNetworkTests"
- },
- {
"exclude-annotation": "androidx.test.filters.FlakyTest"
},
{
diff --git a/services/tests/servicestests/src/com/android/server/locksettings/LockSettingsShellCommandTest.java b/services/tests/servicestests/src/com/android/server/locksettings/LockSettingsShellCommandTest.java
index 33ea710..b9ae670 100644
--- a/services/tests/servicestests/src/com/android/server/locksettings/LockSettingsShellCommandTest.java
+++ b/services/tests/servicestests/src/com/android/server/locksettings/LockSettingsShellCommandTest.java
@@ -25,6 +25,8 @@
import static android.app.admin.DevicePolicyManager.PASSWORD_QUALITY_SOMETHING;
import static android.app.admin.DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED;
+import static com.android.internal.widget.LockPatternUtils.StrongAuthTracker.STRONG_AUTH_REQUIRED_AFTER_USER_LOCKDOWN;
+
import static junit.framework.Assert.assertEquals;
import static org.mockito.ArgumentMatchers.anyInt;
@@ -48,6 +50,7 @@
import android.os.Process;
import android.os.ResultReceiver;
import android.os.ShellCallback;
+import android.os.UserHandle;
import android.platform.test.annotations.Presubmit;
import androidx.test.InstrumentationRegistry;
@@ -370,6 +373,19 @@
mUserId);
}
+ @Test
+ public void testRequireStrongAuth_STRONG_AUTH_REQUIRED_AFTER_USER_LOCKDOWN() throws Exception {
+ when(mLockPatternUtils.isSecure(mUserId)).thenReturn(true);
+
+ assertEquals(0, mCommand.exec(new Binder(), in, out, err,
+ new String[] { "require-strong-auth", "STRONG_AUTH_REQUIRED_AFTER_USER_LOCKDOWN"},
+ mShellCallback, mResultReceiver));
+
+ verify(mLockPatternUtils).requireStrongAuth(
+ STRONG_AUTH_REQUIRED_AFTER_USER_LOCKDOWN,
+ UserHandle.USER_ALL);
+ }
+
private List<LockPatternView.Cell> stringToPattern(String str) {
return LockPatternUtils.byteArrayToPattern(str.getBytes());
}
diff --git a/telephony/java/android/telephony/data/DataServiceCallback.java b/telephony/java/android/telephony/data/DataServiceCallback.java
index ec73471..77d4837 100644
--- a/telephony/java/android/telephony/data/DataServiceCallback.java
+++ b/telephony/java/android/telephony/data/DataServiceCallback.java
@@ -50,12 +50,13 @@
*/
@Retention(RetentionPolicy.SOURCE)
@IntDef({RESULT_SUCCESS, RESULT_ERROR_UNSUPPORTED, RESULT_ERROR_INVALID_ARG, RESULT_ERROR_BUSY,
- RESULT_ERROR_ILLEGAL_STATE})
+ RESULT_ERROR_ILLEGAL_STATE, RESULT_ERROR_TEMPORARILY_UNAVAILABLE,
+ RESULT_ERROR_INVALID_RESPONSE})
public @interface ResultCode {}
/** Request is completed successfully */
public static final int RESULT_SUCCESS = 0;
- /** Request is not support */
+ /** Request is not supported */
public static final int RESULT_ERROR_UNSUPPORTED = 1;
/** Request contains invalid arguments */
public static final int RESULT_ERROR_INVALID_ARG = 2;
@@ -68,6 +69,11 @@
* @hide
*/
public static final int RESULT_ERROR_TEMPORARILY_UNAVAILABLE = 5;
+ /**
+ * Request failed to complete due to an invalid response.
+ * @hide
+ */
+ public static final int RESULT_ERROR_INVALID_RESPONSE = 6;
private final IDataServiceCallback mCallback;
@@ -255,6 +261,8 @@
return "RESULT_ERROR_ILLEGAL_STATE";
case RESULT_ERROR_TEMPORARILY_UNAVAILABLE:
return "RESULT_ERROR_TEMPORARILY_UNAVAILABLE";
+ case RESULT_ERROR_INVALID_RESPONSE:
+ return "RESULT_ERROR_INVALID_RESPONSE";
default:
return "Unknown(" + resultCode + ")";
}
diff --git a/tools/aapt2/Android.bp b/tools/aapt2/Android.bp
index 740b44e..50cd455 100644
--- a/tools/aapt2/Android.bp
+++ b/tools/aapt2/Android.bp
@@ -165,6 +165,7 @@
],
proto: {
export_proto_headers: true,
+ type: "full",
},
defaults: ["aapt2_defaults"],
}