Merge "Prevent some key system applications from losing storage permissions" into main
diff --git a/core/api/current.txt b/core/api/current.txt
index 44865b5..abf3a2f0 100644
--- a/core/api/current.txt
+++ b/core/api/current.txt
@@ -12037,6 +12037,7 @@
field public static final String FEATURE_TELEPHONY_RADIO_ACCESS = "android.hardware.telephony.radio.access";
field public static final String FEATURE_TELEPHONY_SUBSCRIPTION = "android.hardware.telephony.subscription";
field @Deprecated public static final String FEATURE_TELEVISION = "android.hardware.type.television";
+ field public static final String FEATURE_THREADNETWORK = "android.hardware.threadnetwork";
field public static final String FEATURE_TOUCHSCREEN = "android.hardware.touchscreen";
field public static final String FEATURE_TOUCHSCREEN_MULTITOUCH = "android.hardware.touchscreen.multitouch";
field public static final String FEATURE_TOUCHSCREEN_MULTITOUCH_DISTINCT = "android.hardware.touchscreen.multitouch.distinct";
diff --git a/core/java/android/content/pm/PackageManager.java b/core/java/android/content/pm/PackageManager.java
index 4677026..d738d9e 100644
--- a/core/java/android/content/pm/PackageManager.java
+++ b/core/java/android/content/pm/PackageManager.java
@@ -3448,6 +3448,14 @@
/**
* Feature for {@link #getSystemAvailableFeatures} and
* {@link #hasSystemFeature}: The device is capable of communicating with
+ * other devices via Thread network.
+ */
+ @SdkConstant(SdkConstantType.FEATURE)
+ public static final String FEATURE_THREADNETWORK = "android.hardware.threadnetwork";
+
+ /**
+ * Feature for {@link #getSystemAvailableFeatures} and
+ * {@link #hasSystemFeature}: The device is capable of communicating with
* other devices via ultra wideband.
*/
@SdkConstant(SdkConstantType.FEATURE)
diff --git a/core/java/android/database/OWNERS b/core/java/android/database/OWNERS
index 7e19942..53f5bb0 100644
--- a/core/java/android/database/OWNERS
+++ b/core/java/android/database/OWNERS
@@ -1,3 +1,6 @@
+include /SQLITE_OWNERS
+
omakoto@google.com
jsharkey@android.com
yamasani@google.com
+
diff --git a/core/java/android/os/Binder.java b/core/java/android/os/Binder.java
index 5d0a723..3f04ca4 100644
--- a/core/java/android/os/Binder.java
+++ b/core/java/android/os/Binder.java
@@ -943,16 +943,19 @@
* @hide
*/
@VisibleForTesting
- public final @NonNull String getTransactionTraceName(int transactionCode) {
+ public final @Nullable String getTransactionTraceName(int transactionCode) {
+ final boolean isInterfaceUserDefined = getMaxTransactionId() == 0;
if (mTransactionTraceNames == null) {
- final int highestId = Math.min(getMaxTransactionId(), TRANSACTION_TRACE_NAME_ID_LIMIT);
+ final int highestId = isInterfaceUserDefined ? TRANSACTION_TRACE_NAME_ID_LIMIT
+ : Math.min(getMaxTransactionId(), TRANSACTION_TRACE_NAME_ID_LIMIT);
mSimpleDescriptor = getSimpleDescriptor();
mTransactionTraceNames = new AtomicReferenceArray(highestId + 1);
}
- final int index = transactionCode - FIRST_CALL_TRANSACTION;
- if (index < 0 || index >= mTransactionTraceNames.length()) {
- return mSimpleDescriptor + "#" + transactionCode;
+ final int index = isInterfaceUserDefined
+ ? transactionCode : transactionCode - FIRST_CALL_TRANSACTION;
+ if (index >= mTransactionTraceNames.length() || index < 0) {
+ return null;
}
String transactionTraceName = mTransactionTraceNames.getAcquire(index);
@@ -1317,19 +1320,9 @@
final boolean hasFullyQualifiedName = getMaxTransactionId() > 0;
final String transactionTraceName;
- if (tagEnabled && hasFullyQualifiedName) {
+ if (tagEnabled) {
// If tracing enabled and we have a fully qualified name, fetch the name
transactionTraceName = getTransactionTraceName(code);
- } else if (tagEnabled && isStackTrackingEnabled()) {
- // If tracing is enabled and we *don't* have a fully qualified name, fetch the
- // 'best effort' name only for stack tracking. This works around noticeable perf impact
- // on low latency binder calls (<100us). The tracing call itself is between (1-10us) and
- // the perf impact can be quite noticeable while benchmarking such binder calls.
- // The primary culprits are ContentProviders and Cursors which convenienty don't
- // autogenerate their AIDL and hence will not have a fully qualified name.
- //
- // TODO(b/253426478): Relax this constraint after a more robust fix
- transactionTraceName = getTransactionTraceName(code);
} else {
transactionTraceName = null;
}
diff --git a/core/tests/coretests/src/android/os/AidlTest.java b/core/tests/coretests/src/android/os/AidlTest.java
index 5f54b09..d0c3470 100644
--- a/core/tests/coretests/src/android/os/AidlTest.java
+++ b/core/tests/coretests/src/android/os/AidlTest.java
@@ -28,12 +28,14 @@
private IAidlTest mRemote;
private AidlObject mLocal;
+ private NonAutoGeneratedObject mNonAutoGenerated;
@Override
protected void setUp() throws Exception {
super.setUp();
mLocal = new AidlObject();
mRemote = IAidlTest.Stub.asInterface(mLocal);
+ mNonAutoGenerated = new NonAutoGeneratedObject("NonAutoGeneratedObject");
}
private static boolean check(TestParcelable p, int n, String s) {
@@ -84,6 +86,12 @@
}
}
+ private static class NonAutoGeneratedObject extends Binder {
+ NonAutoGeneratedObject(String descriptor) {
+ super(descriptor);
+ }
+ }
+
private static class AidlObject extends IAidlTest.Stub {
public IInterface queryLocalInterface(String descriptor) {
// overriding this to return null makes asInterface always
@@ -194,7 +202,7 @@
TestParcelable[] a1, TestParcelable[] a2) {
return null;
}
-
+
public void voidSecurityException() {
throw new SecurityException("gotcha!");
}
@@ -396,7 +404,7 @@
assertEquals("s2[1]", s2[1]);
assertEquals("s2[2]", s2[2]);
}
-
+
@SmallTest
public void testVoidSecurityException() throws Exception {
boolean good = false;
@@ -407,7 +415,7 @@
}
assertEquals(good, true);
}
-
+
@SmallTest
public void testIntSecurityException() throws Exception {
boolean good = false;
@@ -420,7 +428,7 @@
}
@SmallTest
- public void testGetTransactionName() throws Exception {
+ public void testGetTransactionNameAutoGenerated() throws Exception {
assertEquals(15, mLocal.getMaxTransactionId());
assertEquals("booleanArray",
@@ -430,12 +438,21 @@
assertEquals("parcelableIn",
mLocal.getTransactionName(IAidlTest.Stub.TRANSACTION_parcelableIn));
- assertEquals("IAidlTest:booleanArray",
+ assertEquals("AIDL::java::IAidlTest::booleanArray::server",
mLocal.getTransactionTraceName(IAidlTest.Stub.TRANSACTION_booleanArray));
- assertEquals("IAidlTest:voidSecurityException",
+ assertEquals("AIDL::java::IAidlTest::voidSecurityException::server",
mLocal.getTransactionTraceName(IAidlTest.Stub.TRANSACTION_voidSecurityException));
- assertEquals("IAidlTest:parcelableIn",
+ assertEquals("AIDL::java::IAidlTest::parcelableIn::server",
mLocal.getTransactionTraceName(IAidlTest.Stub.TRANSACTION_parcelableIn));
}
-}
+ @SmallTest
+ public void testGetTransactionNameNonAutoGenerated() throws Exception {
+ assertEquals(0, mNonAutoGenerated.getMaxTransactionId());
+
+ assertEquals("AIDL::java::NonAutoGeneratedObject::#0::server",
+ mNonAutoGenerated.getTransactionTraceName(0));
+ assertEquals("AIDL::java::NonAutoGeneratedObject::#1::server",
+ mNonAutoGenerated.getTransactionTraceName(1));
+ }
+}
diff --git a/services/core/java/com/android/server/audio/AudioService.java b/services/core/java/com/android/server/audio/AudioService.java
index b83ab38..4c234a0 100644
--- a/services/core/java/com/android/server/audio/AudioService.java
+++ b/services/core/java/com/android/server/audio/AudioService.java
@@ -3449,8 +3449,14 @@
hdmiClient = mHdmiTvClient;
}
- if (((mHdmiPlaybackClient != null && isFullVolumeDevice(device))
- || (mHdmiTvClient != null && mHdmiSystemAudioSupported))
+ boolean playbackDeviceConditions = mHdmiPlaybackClient != null
+ && isFullVolumeDevice(device);
+ boolean tvConditions = mHdmiTvClient != null
+ && mHdmiSystemAudioSupported
+ && !isAbsoluteVolumeDevice(device)
+ && !isA2dpAbsoluteVolumeDevice(device);
+
+ if ((playbackDeviceConditions || tvConditions)
&& mHdmiCecVolumeControlEnabled
&& streamTypeAlias == AudioSystem.STREAM_MUSIC) {
int keyCode = KeyEvent.KEYCODE_UNKNOWN;
diff --git a/services/core/java/com/android/server/pm/SELinuxMMAC.java b/services/core/java/com/android/server/pm/SELinuxMMAC.java
index c0e191f..5a941fe 100644
--- a/services/core/java/com/android/server/pm/SELinuxMMAC.java
+++ b/services/core/java/com/android/server/pm/SELinuxMMAC.java
@@ -80,6 +80,8 @@
// Append targetSdkVersion=n to existing seinfo label where n is the app's targetSdkVersion
private static final String TARGETSDKVERSION_STR = ":targetSdkVersion=";
+ private static final String PARTITION_STR = ":partition=";
+
/**
* Allows opt-in to the latest targetSdkVersion enforced changes without changing target SDK.
* Turning this change on for an app targeting the latest SDK or higher is a no-op.
@@ -370,6 +372,23 @@
return pkg.getTargetSdkVersion();
}
+ private static String getPartition(AndroidPackage pkg) {
+ if (pkg.isSystemExt()) {
+ return "system_ext";
+ } else if (pkg.isProduct()) {
+ return "product";
+ } else if (pkg.isVendor()) {
+ return "vendor";
+ } else if (pkg.isOem()) {
+ return "oem";
+ } else if (pkg.isOdm()) {
+ return "odm";
+ } else if (pkg.isSystem()) {
+ return "system";
+ }
+ return "";
+ }
+
/**
* Selects a security label to a package based on input parameters and the seinfo tag taken
* from a matched policy. All signature based policy stanzas are consulted and, if no match
@@ -433,6 +452,11 @@
seInfo += TARGETSDKVERSION_STR + targetSdkVersion;
+ String partition = getPartition(pkg);
+ if (!partition.isEmpty()) {
+ seInfo += PARTITION_STR + partition;
+ }
+
if (DEBUG_POLICY_INSTALL) {
Slog.i(TAG, "package (" + pkg.getPackageName() + ") labeled with "
+ "seinfo=" + seInfo);
diff --git a/services/core/java/com/android/server/wm/TaskFragment.java b/services/core/java/com/android/server/wm/TaskFragment.java
index d947168..15bc60c 100644
--- a/services/core/java/com/android/server/wm/TaskFragment.java
+++ b/services/core/java/com/android/server/wm/TaskFragment.java
@@ -1089,21 +1089,13 @@
}
final int otherWindowingMode = other.getWindowingMode();
- if (otherWindowingMode == WINDOWING_MODE_FULLSCREEN) {
- if (isTranslucent(other, starting)) {
- // Can be visible behind a translucent fullscreen TaskFragment.
- gotTranslucentFullscreen = true;
- continue;
- }
- return TASK_FRAGMENT_VISIBILITY_INVISIBLE;
- } else if (otherWindowingMode == WINDOWING_MODE_MULTI_WINDOW
- && other.matchParentBounds()) {
+ if (otherWindowingMode == WINDOWING_MODE_FULLSCREEN
+ || (otherWindowingMode != WINDOWING_MODE_PINNED && other.matchParentBounds())) {
if (isTranslucent(other, starting)) {
// Can be visible behind a translucent TaskFragment.
gotTranslucentFullscreen = true;
continue;
}
- // Multi-window TaskFragment that matches parent bounds would occlude other children
return TASK_FRAGMENT_VISIBILITY_INVISIBLE;
}