diff options
| -rw-r--r-- | CleanSpec.mk | 1 | ||||
| -rw-r--r-- | core/java/android/text/method/WordIterator.java | 4 | ||||
| -rw-r--r-- | core/java/android/widget/SpellChecker.java | 22 | ||||
| -rw-r--r-- | core/java/android/widget/TextView.java | 77 | ||||
| -rw-r--r-- | core/java/com/android/internal/widget/LockPatternUtils.java | 41 | ||||
| -rw-r--r-- | data/fonts/Android.mk | 61 | ||||
| -rw-r--r-- | data/fonts/fonts.mk | 17 | ||||
| -rw-r--r-- | docs/html/guide/topics/security/security.jd | 25 | ||||
| -rw-r--r-- | docs/html/resources/faq/security.jd | 84 | ||||
| -rw-r--r-- | include/gui/SurfaceTexture.h | 12 | ||||
| -rw-r--r-- | include/media/stagefright/OMXCodec.h | 2 | ||||
| -rw-r--r-- | libs/gui/SurfaceTexture.cpp | 15 | ||||
| -rw-r--r-- | media/java/android/media/Ringtone.java | 15 | ||||
| -rwxr-xr-x | media/libstagefright/OMXCodec.cpp | 28 |
14 files changed, 257 insertions, 147 deletions
diff --git a/CleanSpec.mk b/CleanSpec.mk index 6ae887b7a1c9..eb8471a74831 100644 --- a/CleanSpec.mk +++ b/CleanSpec.mk @@ -113,6 +113,7 @@ $(call add-clean-step, rm -rf $(OUT_DIR)/target/common/obj/JAVA_LIBRARIES/framew $(call add-clean-step, rm -rf $(PRODUCT_OUT)/system/media/audio/) $(call add-clean-step, rm -rf $(PRODUCT_OUT)/system/fonts/Lohit_Hindi.ttf) $(call add-clean-step, rm -rf $(PRODUCT_OUT)/system/media/audio/) +$(call add-clean-step, rm -rf $(PRODUCT_OUT)/system/fonts/DroidSans*) # ************************************************ # NEWER CLEAN STEPS MUST BE AT THE END OF THE LIST # ************************************************ diff --git a/core/java/android/text/method/WordIterator.java b/core/java/android/text/method/WordIterator.java index 0433ec4d604f..af524eedfe68 100644 --- a/core/java/android/text/method/WordIterator.java +++ b/core/java/android/text/method/WordIterator.java @@ -73,10 +73,6 @@ public class WordIterator implements Selection.PositionIterator { } }; - public void forceUpdate() { - mCurrentDirty = true; - } - public void setCharSequence(CharSequence incoming) { // When incoming is different object, move listeners to new sequence // and mark as dirty so we reload contents. diff --git a/core/java/android/widget/SpellChecker.java b/core/java/android/widget/SpellChecker.java index e9eec100cab3..ac9535a425d8 100644 --- a/core/java/android/widget/SpellChecker.java +++ b/core/java/android/widget/SpellChecker.java @@ -185,18 +185,16 @@ public class SpellChecker implements SpellCheckerSessionListener { if (!isInDictionary && looksLikeTypo) { String[] suggestions = getSuggestions(suggestionsInfo); - if (suggestions.length > 0) { - SuggestionSpan suggestionSpan = new SuggestionSpan( - mTextView.getContext(), suggestions, - SuggestionSpan.FLAG_EASY_CORRECT | - SuggestionSpan.FLAG_MISSPELLED); - final int start = editable.getSpanStart(spellCheckSpan); - final int end = editable.getSpanEnd(spellCheckSpan); - editable.setSpan(suggestionSpan, start, end, - Spanned.SPAN_EXCLUSIVE_EXCLUSIVE); - // TODO limit to the word rectangle region - mTextView.invalidate(); - } + SuggestionSpan suggestionSpan = new SuggestionSpan( + mTextView.getContext(), suggestions, + SuggestionSpan.FLAG_EASY_CORRECT | + SuggestionSpan.FLAG_MISSPELLED); + final int start = editable.getSpanStart(spellCheckSpan); + final int end = editable.getSpanEnd(spellCheckSpan); + editable.setSpan(suggestionSpan, start, end, + Spanned.SPAN_EXCLUSIVE_EXCLUSIVE); + // TODO limit to the word rectangle region + mTextView.invalidate(); } editable.removeSpan(spellCheckSpan); } diff --git a/core/java/android/widget/TextView.java b/core/java/android/widget/TextView.java index b74f9b63de56..5cd79024f7ad 100644 --- a/core/java/android/widget/TextView.java +++ b/core/java/android/widget/TextView.java @@ -7609,9 +7609,6 @@ public class TextView extends View implements ViewTreeObserver.OnPreDrawListener sendOnTextChanged(buffer, start, before, after); onTextChanged(buffer, start, before, after); - // The WordIterator text change listener may be called after this one. - // Make sure this changed text is rescanned before the iterator is used on it. - getWordIterator().forceUpdate(); updateSpellCheckSpans(start, start + after); // Hide the controllers if the amount of content changed @@ -7745,21 +7742,22 @@ public class TextView extends View implements ViewTreeObserver.OnPreDrawListener private void updateSpellCheckSpans(int start, int end) { if (!isTextEditable() || !isSuggestionsEnabled() || !getSpellChecker().isSessionActive()) return; - Editable text = (Editable) mText; - WordIterator wordIterator = getWordIterator(); - wordIterator.setCharSequence(text); + + final int shift = prepareWordIterator(start, end); + final int shiftedStart = start - shift; + final int shiftedEnd = end - shift; // Move back to the beginning of the current word, if any - int wordStart = wordIterator.preceding(start); + int wordStart = mWordIterator.preceding(shiftedStart); int wordEnd; if (wordStart == BreakIterator.DONE) { - wordEnd = wordIterator.following(start); + wordEnd = mWordIterator.following(shiftedStart); if (wordEnd != BreakIterator.DONE) { - wordStart = wordIterator.getBeginning(wordEnd); + wordStart = mWordIterator.getBeginning(wordEnd); } } else { - wordEnd = wordIterator.getEnd(wordStart); + wordEnd = mWordIterator.getEnd(wordStart); } if (wordEnd == BreakIterator.DONE) { return; @@ -7772,22 +7770,22 @@ public class TextView extends View implements ViewTreeObserver.OnPreDrawListener final int numberOfSpellCheckSpans = spellCheckSpans.length; // Iterate over the newly added text and schedule new SpellCheckSpans - while (wordStart <= end) { - if (wordEnd >= start) { + while (wordStart <= shiftedEnd) { + if (wordEnd >= shiftedStart) { // A new word has been created across the interval boundaries. Remove previous spans - if (wordStart < start && wordEnd > start) { + if (wordStart < shiftedStart && wordEnd > shiftedStart) { removeSpansAt(start, spellCheckSpans, text); removeSpansAt(start, suggestionSpans, text); } - if (wordStart < end && wordEnd > end) { + if (wordStart < shiftedEnd && wordEnd > shiftedEnd) { removeSpansAt(end, spellCheckSpans, text); removeSpansAt(end, suggestionSpans, text); } // Do not create new boundary spans if they already exist boolean createSpellCheckSpan = true; - if (wordEnd == start) { + if (wordEnd == shiftedStart) { for (int i = 0; i < numberOfSpellCheckSpans; i++) { final int spanEnd = text.getSpanEnd(spellCheckSpans[i]); if (spanEnd == start) { @@ -7797,9 +7795,9 @@ public class TextView extends View implements ViewTreeObserver.OnPreDrawListener } } - if (wordStart == end) { + if (wordStart == shiftedEnd) { for (int i = 0; i < numberOfSpellCheckSpans; i++) { - final int spanStart = text.getSpanEnd(spellCheckSpans[i]); + final int spanStart = text.getSpanStart(spellCheckSpans[i]); if (spanStart == end) { createSpellCheckSpan = false; break; @@ -7808,16 +7806,16 @@ public class TextView extends View implements ViewTreeObserver.OnPreDrawListener } if (createSpellCheckSpan) { - mSpellChecker.addSpellCheckSpan(wordStart, wordEnd); + mSpellChecker.addSpellCheckSpan(wordStart + shift, wordEnd + shift); } } // iterate word by word - wordEnd = wordIterator.following(wordEnd); + wordEnd = mWordIterator.following(wordEnd); if (wordEnd == BreakIterator.DONE) break; - wordStart = wordIterator.getBeginning(wordEnd); + wordStart = mWordIterator.getBeginning(wordEnd); if (wordStart == BreakIterator.DONE) { - Log.e(LOG_TAG, "Unable to find word beginning from " + wordEnd + "in " + mText); + Log.e(LOG_TAG, "No word beginning from " + (wordEnd + shift) + "in " + mText); break; } } @@ -8941,26 +8939,32 @@ public class TextView extends View implements ViewTreeObserver.OnPreDrawListener selectionStart = ((Spanned) mText).getSpanStart(url); selectionEnd = ((Spanned) mText).getSpanEnd(url); } else { - WordIterator wordIterator = getWordIterator(); - // WordIterator handles text changes, this is a no-op if text in unchanged. - wordIterator.setCharSequence(mText); + final int shift = prepareWordIterator(minOffset, maxOffset); - selectionStart = wordIterator.getBeginning(minOffset); + selectionStart = mWordIterator.getBeginning(minOffset - shift); if (selectionStart == BreakIterator.DONE) return false; + selectionStart += shift; - selectionEnd = wordIterator.getEnd(maxOffset); + selectionEnd = mWordIterator.getEnd(maxOffset - shift); if (selectionEnd == BreakIterator.DONE) return false; + selectionEnd += shift; } Selection.setSelection((Spannable) mText, selectionStart, selectionEnd); return true; } - WordIterator getWordIterator() { + int prepareWordIterator(int start, int end) { if (mWordIterator == null) { mWordIterator = new WordIterator(); } - return mWordIterator; + + final int TEXT_WINDOW_WIDTH = 50; // Should be larger than the longest word's length + final int windowStart = Math.max(0, start - TEXT_WINDOW_WIDTH); + final int windowEnd = Math.min(mText.length(), end + TEXT_WINDOW_WIDTH); + mWordIterator.setCharSequence(mText.subSequence(windowStart, windowEnd)); + + return windowStart; } private SpellChecker getSpellChecker() { @@ -9188,19 +9192,23 @@ public class TextView extends View implements ViewTreeObserver.OnPreDrawListener return true; case ID_CUT: - setPrimaryClip(ClipData.newPlainText(null, mTransformed.subSequence(min, max))); + setPrimaryClip(ClipData.newPlainText(null, getTransformedText(min, max))); ((Editable) mText).delete(min, max); stopSelectionActionMode(); return true; case ID_COPY: - setPrimaryClip(ClipData.newPlainText(null, mTransformed.subSequence(min, max))); + setPrimaryClip(ClipData.newPlainText(null, getTransformedText(min, max))); stopSelectionActionMode(); return true; } return false; } + private CharSequence getTransformedText(int start, int end) { + return removeSuggestionSpans(mTransformed.subSequence(start, end)); + } + /** * Prepare text so that there are not zero or two spaces at beginning and end of region defined * by [min, max] when replacing this region by paste. @@ -9317,7 +9325,7 @@ public class TextView extends View implements ViewTreeObserver.OnPreDrawListener // Start a drag final int start = getSelectionStart(); final int end = getSelectionEnd(); - CharSequence selectedText = mTransformed.subSequence(start, end); + CharSequence selectedText = getTransformedText(start, end); ClipData data = ClipData.newPlainText(null, selectedText); DragLocalState localState = new DragLocalState(this, start, end); startDrag(data, getTextThumbnailBuilder(selectedText), localState, 0); @@ -9900,6 +9908,8 @@ public class TextView extends View implements ViewTreeObserver.OnPreDrawListener suggestionInfo.suggestionIndex = ADD_TO_DICTIONARY; suggestionInfo.text.replace(0, suggestionInfo.text.length(), getContext().getString(com.android.internal.R.string.addToDictionary)); + suggestionInfo.text.setSpan(suggestionInfo.highlightSpan, 0, 0, + Spanned.SPAN_EXCLUSIVE_EXCLUSIVE); mNumberOfSuggestions++; } @@ -9911,6 +9921,8 @@ public class TextView extends View implements ViewTreeObserver.OnPreDrawListener suggestionInfo.suggestionIndex = DELETE_TEXT; suggestionInfo.text.replace(0, suggestionInfo.text.length(), getContext().getString(com.android.internal.R.string.deleteText)); + suggestionInfo.text.setSpan(suggestionInfo.highlightSpan, 0, 0, + Spanned.SPAN_EXCLUSIVE_EXCLUSIVE); mNumberOfSuggestions++; if (mSuggestionRangeSpan == null) mSuggestionRangeSpan = new SuggestionRangeSpan(); @@ -9939,8 +9951,7 @@ public class TextView extends View implements ViewTreeObserver.OnPreDrawListener suggestionInfo.suggestionStart = spanStart - unionStart; suggestionInfo.suggestionEnd = suggestionInfo.suggestionStart + suggestionInfo.text.length(); - - suggestionInfo.text.clearSpans(); + suggestionInfo.text.setSpan(suggestionInfo.highlightSpan, 0, suggestionInfo.text.length(), Spanned.SPAN_EXCLUSIVE_EXCLUSIVE); diff --git a/core/java/com/android/internal/widget/LockPatternUtils.java b/core/java/com/android/internal/widget/LockPatternUtils.java index 81e7c34709a3..4a38775a32a6 100644 --- a/core/java/com/android/internal/widget/LockPatternUtils.java +++ b/core/java/com/android/internal/widget/LockPatternUtils.java @@ -23,6 +23,7 @@ import com.google.android.collect.Lists; import android.app.admin.DevicePolicyManager; import android.content.ContentResolver; import android.content.Context; +import android.content.Intent; import android.os.FileObserver; import android.os.IBinder; import android.os.RemoteException; @@ -371,7 +372,8 @@ public class LockPatternUtils { /** * Clear any lock pattern or password. */ - public void clearLock() { + public void clearLock(boolean isFallback) { + if(!isFallback) deleteGallery(); saveLockPassword(null, DevicePolicyManager.PASSWORD_QUALITY_SOMETHING); setLockPatternEnabled(false); saveLockPattern(null); @@ -408,6 +410,39 @@ public class LockPatternUtils { } /** + * Calls back SetupFaceLock to save the temporary gallery file if this is the backup lock. + * This doesn't have to verify that biometric is enabled because it's only called in that case + */ + void moveTempGallery() { + Intent intent = new Intent().setClassName("com.android.facelock", + "com.android.facelock.SetupFaceLock"); + intent.putExtra("moveTempGallery", true); + mContext.startActivity(intent); + } + + /** + * Calls back SetupFaceLock to delete the temporary gallery file + */ + public void deleteTempGallery() { + Intent intent = new Intent().setClassName("com.android.facelock", + "com.android.facelock.SetupFaceLock"); + intent.putExtra("deleteTempGallery", true); + mContext.startActivity(intent); + } + + /** + * Calls back SetupFaceLock to delete the gallery file when the lock type is changed + */ + void deleteGallery() { + if(isBiometricEnabled()) { + Intent intent = new Intent().setClassName("com.android.facelock", + "com.android.facelock.SetupFaceLock"); + intent.putExtra("deleteGallery", true); + mContext.startActivity(intent); + } + } + + /** * Save a lock pattern. * @param pattern The new pattern to save. * @param isFallback Specifies if this is a fallback to biometric weak @@ -431,11 +466,13 @@ public class LockPatternUtils { keyStore.password(patternToString(pattern)); setBoolean(PATTERN_EVER_CHOSEN_KEY, true); if (!isFallback) { + deleteGallery(); setLong(PASSWORD_TYPE_KEY, DevicePolicyManager.PASSWORD_QUALITY_SOMETHING); } else { setLong(PASSWORD_TYPE_KEY, DevicePolicyManager.PASSWORD_QUALITY_BIOMETRIC_WEAK); setLong(PASSWORD_TYPE_ALTERNATE_KEY, DevicePolicyManager.PASSWORD_QUALITY_SOMETHING); + moveTempGallery(); } dpm.setActivePasswordState(DevicePolicyManager.PASSWORD_QUALITY_SOMETHING, pattern .size(), 0, 0, 0, 0, 0, 0); @@ -547,10 +584,12 @@ public class LockPatternUtils { int computedQuality = computePasswordQuality(password); if (!isFallback) { + deleteGallery(); setLong(PASSWORD_TYPE_KEY, Math.max(quality, computedQuality)); } else { setLong(PASSWORD_TYPE_KEY, DevicePolicyManager.PASSWORD_QUALITY_BIOMETRIC_WEAK); setLong(PASSWORD_TYPE_ALTERNATE_KEY, Math.max(quality, computedQuality)); + moveTempGallery(); } if (computedQuality != DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED) { int letters = 0; diff --git a/data/fonts/Android.mk b/data/fonts/Android.mk new file mode 100644 index 000000000000..db27cdcfac7a --- /dev/null +++ b/data/fonts/Android.mk @@ -0,0 +1,61 @@ +# Copyright (C) 2011 The Android Open Source Project +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# We have to use BUILD_PREBUILT instead of PRODUCT_COPY_FIES, +# because SMALLER_FONT_FOOTPRINT is only available in Android.mks. + +LOCAL_PATH := $(call my-dir) + +ifeq ($(SMALLER_FONT_FOOTPRINT),true) +droidsans_fallback_src := DroidSansFallback.ttf +extra_droidsans_fonts := +else +droidsans_fallback_src := DroidSansFallbackFull.ttf +extra_droidsans_fonts := DroidSans.ttf DroidSans-Bold.ttf DroidSansEthiopic-Regular.ttf +endif + +include $(CLEAR_VARS) +LOCAL_MODULE := DroidSansFallback.ttf +LOCAL_SRC_FILES := $(droidsans_fallback_src) +LOCAL_MODULE_CLASS := ETC +LOCAL_MODULE_TAGS := optional +LOCAL_MODULE_PATH := $(TARGET_OUT)/fonts +LOCAL_REQUIRED_MODULES := $(extra_droidsans_fonts) +droidsans_fallback_src := +extra_droidsans_fonts := +include $(BUILD_PREBUILT) + +include $(CLEAR_VARS) +LOCAL_MODULE := DroidSans.ttf +LOCAL_SRC_FILES := $(LOCAL_MODULE) +LOCAL_MODULE_CLASS := ETC +LOCAL_MODULE_TAGS := optional +LOCAL_MODULE_PATH := $(TARGET_OUT)/fonts +include $(BUILD_PREBUILT) + +include $(CLEAR_VARS) +LOCAL_MODULE := DroidSans-Bold.ttf +LOCAL_SRC_FILES := $(LOCAL_MODULE) +LOCAL_MODULE_CLASS := ETC +LOCAL_MODULE_TAGS := optional +LOCAL_MODULE_PATH := $(TARGET_OUT)/fonts +include $(BUILD_PREBUILT) + +include $(CLEAR_VARS) +LOCAL_MODULE := DroidSansEthiopic-Regular.ttf +LOCAL_SRC_FILES := $(LOCAL_MODULE) +LOCAL_MODULE_CLASS := ETC +LOCAL_MODULE_TAGS := optional +LOCAL_MODULE_PATH := $(TARGET_OUT)/fonts +include $(BUILD_PREBUILT) diff --git a/data/fonts/fonts.mk b/data/fonts/fonts.mk index 67d04c914745..3f51eb3720a4 100644 --- a/data/fonts/fonts.mk +++ b/data/fonts/fonts.mk @@ -39,16 +39,7 @@ PRODUCT_COPY_FILES := \ frameworks/base/data/fonts/system_fonts.xml:system/etc/system_fonts.xml \ frameworks/base/data/fonts/fallback_fonts.xml:system/etc/fallback_fonts.xml -# Next, include additional fonts, depending on how much space we have -ifeq ($(SMALLER_FONT_FOOTPRINT),true) -# Smaller fonts alternatives -PRODUCT_COPY_FILES += \ - frameworks/base/data/fonts/DroidSansFallback.ttf:system/fonts/DroidSansFallback.ttf -else -# Full font set alternatives -PRODUCT_COPY_FILES += \ - frameworks/base/data/fonts/DroidSansFallbackFull.ttf:system/fonts/DroidSansFallback.ttf \ - frameworks/base/data/fonts/DroidSans.ttf:system/fonts/DroidSans.ttf \ - frameworks/base/data/fonts/DroidSans-Bold.ttf:system/fonts/DroidSans-Bold.ttf \ - frameworks/base/data/fonts/DroidSansEthiopic-Regular.ttf:system/fonts/DroidSansEthiopic-Regular.ttf -endif +# Next, include additional fonts, depending on how much space we have. +# Details see module definitions in Android.mk. +PRODUCT_PACKAGES := \ + DroidSansFallback.ttf diff --git a/docs/html/guide/topics/security/security.jd b/docs/html/guide/topics/security/security.jd index 2e31940fdc29..1fd9ba011ce1 100644 --- a/docs/html/guide/topics/security/security.jd +++ b/docs/html/guide/topics/security/security.jd @@ -20,6 +20,10 @@ page.title=Security and Permissions </ol> </div> </div> +<p>This document describes how application developers can use the +security features provided by Android. A more general <a +href="http://source.android.com/tech/security/index.html"> Android Security +Overview</a> is provided in the Android Open Source Project.</p> <p>Android is a privilege-separated operating system, in which each application runs with a distinct system identity (Linux user ID and group @@ -41,7 +45,7 @@ includes reading or writing the user's private data (such as contacts or e-mails), reading or writing another application's files, performing network access, keeping the device awake, etc.</p> -<p>Because the kernel sandboxes applications from each other, applications +<p>Because Android sandboxes applications from each other, applications must explicitly share resources and data. They do this by declaring the <em>permissions</em> they need for additional capabilities not provided by the basic sandbox. Applications statically declare the permissions they @@ -50,11 +54,11 @@ application is installed. Android has no mechanism for granting permissions dynamically (at run-time) because it complicates the user experience to the detriment of security.</p> -<p>The kernel is solely responsible for sandboxing applications from each -other. In particular the Dalvik VM is not a security boundary, and any app -can run native code (see <a href="/sdk/ndk/index.html">the Android NDK</a>). -All types of applications — Java, native, and hybrid — are -sandboxed in the same way and have the same degree of security from each +<p>The application sandbox does not depend on the technology used to build +an application. In particular the Dalvik VM is not a security boundary, and +any app can run native code (see <a href="/sdk/ndk/index.html">the Android +NDK</a>). All types of applications — Java, native, and hybrid — +are sandboxed in the same way and have the same degree of security from each other.</p> <a name="signing"></a> @@ -220,12 +224,13 @@ permission:</p> </pre> <p>You can look at the permissions currently defined in the system with the -shell command <code>adb shell pm list permissions</code>. In particular, -the '-s' option displays the permissions in a form roughly similar to how the -user will see them:</p> +Settings app and the shell command <code>adb shell pm list permissions</code>. +To use the Settings app, go to Settings > Applications. Pick an app and +scroll down to see the permissions that the app uses. For developers, the adb '-s' +option displays the permissions in a form similar to how the user will see them:</p> <pre> -$ adb shell pm list permissions -s +$ adb shell pm list permissions -s All Permissions: Network communication: view Wi-Fi state, create Bluetooth connections, full diff --git a/docs/html/resources/faq/security.jd b/docs/html/resources/faq/security.jd index b0d832b5ad43..52ee0d9d133c 100644 --- a/docs/html/resources/faq/security.jd +++ b/docs/html/resources/faq/security.jd @@ -7,8 +7,7 @@ parent.link=index.html <li><a href="#secure">Is Android Secure?</a></li> <li><a href="#issue">I think I found a security flaw. How do I report it?</a></li> - <li><a href="#informed">How can I stay informed of Android security - announcements?</a></li> + <li><a href="#informed">How can I stay informed about Android security?</a></li> <li><a href="#use">How do I securely use my Android phone?</a></li> <li><a href="#malware">I think I found malicious software being distributed for Android. How can I help?</a></li> @@ -26,9 +25,15 @@ Android Open Source Project. We are dedicated to building and maintaining one of the most secure mobile platforms available while still fulfilling our goal of opening the mobile device space to innovation and competition.</p> -<p>The Android Platform provides a rich <a +<p> A comprehensive overview of the <a +href="http://source.android.com/tech/security/index.html">Android +security model and Android security processes</a> is provided in the Android +Open Source Project Website.</p> + +<p>Application developers play an important part in the security of Android. +The Android Platform provides developers with a rich <a href="http://code.google.com/android/devel/security.html">security model</a> -that allows developers to request the capabilities, or access, needed by their +that to request the capabilities, or access, needed by their application and to define new capabilities that other applications can request. The Android user can choose to grant or deny an application's request for certain capabilities on the handset.</p> @@ -49,27 +54,17 @@ can protect your message using our <a href="http://code.google.com/android/security_at_android_dot_com.txt">PGP key</a>.</p> -<p>We appreciate researchers practicing responsible disclosure by emailing us -with a detailed summary of the issue and keeping the issue confidential while +<p>We appreciate researchers practicing responsible disclosure by emailing us +with a detailed summary of the issue and keeping the issue confidential while users are at risk. In return, we will make sure to keep the researcher informed of our progress in issuing a fix and will properly credit the reporter(s) when -we announce the patch. We will always move swiftly to mitigate or fix an -externally-reported flaw and will publicly announce the fix once patches are -available to users.</p> - +we provide the patch. We will always move swiftly to mitigate or fix an +externally-reported flaw and provide updates to users. </p> -<a name="informed" id="informed"></a><h2>How can I stay informed of Android -security announcements?</h2> -<p>An important part of sustainably securing a platform, such as, Android is -keeping the user and security community informed of bugs and fixes. We will -publicly announce security bugs when the fixes are available via postings to -the <a -href="http://groups.google.com/group/android-security-announce">android-security-announce</a> -group on Google Groups. You can subscribe to this group as you would a mailing -list and view the archives here.</p> +<a name="informed" id="informed"></a><h2>How can I stay informed about Android security?</h2> -<p>For more general discussion of Android platform security, or how to use +<p>For general discussion of Android platform security, or how to use security features in your Android application, please subscribe to <a href="http://groups.google.com/group/android-security-discuss">android-security-discuss</a>. </p> @@ -77,35 +72,39 @@ href="http://groups.google.com/group/android-security-discuss">android-security- <a name="use" id="use"></a><h2>How do I securely use my Android phone?</h2> -<p>As an open platform, Android allows users to load software from any -developer onto a device. As with a home PC, the user must be +<p>Android was designed so that you can safely use your phone without making +any changes to the device or installing any special software. Android applications +run in an Application Sandbox that limits access to sensitive information or data +with the users permission.</p> + +<p>To fully benefit from the security protections in Android, it is important that +users only download and install software from known sources.</p> + +<p>As an open platform, Android allows users to visit any website and load +software from any developer onto a device. As with a home PC, the user must be aware of who is providing the software they are downloading and must decide whether they want to grant the application the capabilities it requests. This decision can be informed by the user's judgment of the software developer's trustworthiness, and where the software came from.</p> -<p>Despite the security protections in Android, it is important -for users to only download and install software from developers they trust. -More details on how Android users can make smart security decisions will be -released when consumer devices become available.</p> - <a name="malware" id="malware"></a><h2>I think I found malicious software being distributed for Android. How can I help?</h2> -<p>Like any other open platform, it will be possible for unethical developers +<p>Like any other platform, it will be possible for unethical developers to create malicious software, known as <a href="http://en.wikipedia.org/wiki/Malware">malware</a>, for Android. If you -think somebody is trying to spread malware, please let us know at <a +think somebody is trying to spread malware, please let us know at <a href="mailto:security@android.com">security@android.com</a>. Please include as much detail about the application as possible, with the location it is being distributed from and why you suspect it of being malicious software.</p> -<p>The term <i>malicious software</i> is subjective, and we cannot make an +<p>The term <i>malicious software</i> is subjective, and we cannot make an exhaustive definition. Some examples of what the Android Security Team believes to be malicious software is any application that: <ul> - <li>drains the device's battery very quickly;</li> + <li>uses a bug or security vulnerability to gain permissions that have not + been granted by the user</li> <li>shows the user unsolicited messages (especially messages urging the user to buy something);</li> <li>resists (or attempts to resist) the user's effort to uninstall it;</li> @@ -122,7 +121,7 @@ to be malicious software is any application that: </p> -<a name="fixes" id="fixes"></a><h2>How will Android-powered devices receive security +<a name="fixes" id="fixes"></a><h2>How do Android-powered devices receive security fixes?</h2> <p>The manufacturer of each device is responsible for distributing software @@ -130,27 +129,24 @@ upgrades for it, including security fixes. Many devices will update themselves automatically with software downloaded "over the air", while some devices require the user to upgrade them manually.</p> -<p>When Android-powered devices are publicly available, this FAQ will provide links how -Open Handset Alliance members release updates.</p> +<p>Google provides software updates for a number of Android devices, including +the <a href="http://www.google.com/nexus">Nexus</a> +series of devices, using an "over the air" (OTA) update. These updates may include +security fixes as well as new features.</p> <a name="directfix" id="directfix"></a><h2>Can I get a fix directly from the Android Platform Project?</h2> -<p>Android is a mobile platform that will be released as open source and -available for free use by anybody. This means that there will be many -Android-based products available to consumers, and most of them will be created +<p>Android is a mobile platform that is released as open source and +available for free use by anybody. This means that there are many +Android-based products available to consumers, and most of them are created without the knowledge or participation of the Android Open Source Project. Like the maintainers of other open source projects, we cannot build and release patches for the entire ecosystem of products using Android. Instead, we will work diligently to find and fix flaws as quickly as possible and to distribute -those fixes to the manufacturers of the products.</p> - -<p>In addition, We will add security fixes to the open source distribution of -Android and publicly announce the changes on <a -href="http://groups.google.com/group/android-security-announce">android-security-announce</a>. -</p> +those fixes to the manufacturers of the products through the open source project.</p> -<p>If you are making an Android-powered device and would like to know how you can +<p>If you are making an Android-powered device and would like to know how you can properly support your customers by keeping abreast of software updates, please contact us at <a href="mailto:info@openhandsetalliance.com">info@openhandsetalliance.com</a>.</p> diff --git a/include/gui/SurfaceTexture.h b/include/gui/SurfaceTexture.h index 926eb9a82c17..e2d6179ef046 100644 --- a/include/gui/SurfaceTexture.h +++ b/include/gui/SurfaceTexture.h @@ -20,6 +20,7 @@ #include <EGL/egl.h> #include <EGL/eglext.h> #include <GLES2/gl2.h> +#include <GLES2/gl2ext.h> #include <gui/ISurfaceTexture.h> @@ -61,7 +62,8 @@ public: // tex indicates the name OpenGL texture to which images are to be streamed. // This texture name cannot be changed once the SurfaceTexture is created. - SurfaceTexture(GLuint tex, bool allowSynchronousMode = true); + SurfaceTexture(GLuint tex, bool allowSynchronousMode = true, + GLenum texTarget = GL_TEXTURE_EXTERNAL_OES); virtual ~SurfaceTexture(); @@ -458,6 +460,14 @@ private: // member variables are accessed. mutable Mutex mMutex; + // mTexTarget is the GL texture target with which the GL texture object is + // associated. It is set in the constructor and never changed. It is + // almost always GL_TEXTURE_EXTERNAL_OES except for one use case in Android + // Browser. In that case it is set to GL_TEXTURE_2D to allow + // glCopyTexSubImage to read from the texture. This is a hack to work + // around a GL driver limitation on the number of FBO attachments, which the + // browser's tile cache exceeds. + const GLenum mTexTarget; }; // ---------------------------------------------------------------------------- diff --git a/include/media/stagefright/OMXCodec.h b/include/media/stagefright/OMXCodec.h index 8baf5ec4b360..21b8c7443916 100644 --- a/include/media/stagefright/OMXCodec.h +++ b/include/media/stagefright/OMXCodec.h @@ -228,7 +228,7 @@ private: void setComponentRole(); void setAMRFormat(bool isWAMR, int32_t bitRate); - void setAACFormat(int32_t numChannels, int32_t sampleRate, int32_t bitRate); + status_t setAACFormat(int32_t numChannels, int32_t sampleRate, int32_t bitRate); void setG711Format(int32_t numChannels); status_t setVideoPortFormatType( diff --git a/libs/gui/SurfaceTexture.cpp b/libs/gui/SurfaceTexture.cpp index dac9418190c0..c72a45b89576 100644 --- a/libs/gui/SurfaceTexture.cpp +++ b/libs/gui/SurfaceTexture.cpp @@ -94,7 +94,8 @@ static int32_t createProcessUniqueId() { return android_atomic_inc(&globalCounter); } -SurfaceTexture::SurfaceTexture(GLuint tex, bool allowSynchronousMode) : +SurfaceTexture::SurfaceTexture(GLuint tex, bool allowSynchronousMode, + GLenum texTarget) : mDefaultWidth(1), mDefaultHeight(1), mPixelFormat(PIXEL_FORMAT_RGBA_8888), @@ -110,7 +111,8 @@ SurfaceTexture::SurfaceTexture(GLuint tex, bool allowSynchronousMode) : mSynchronousMode(false), mAllowSynchronousMode(allowSynchronousMode), mConnectedApi(NO_CONNECTED_API), - mAbandoned(false) { + mAbandoned(false), + mTexTarget(texTarget) { // Choose a name using the PID and a process-unique ID. mName = String8::format("unnamed-%d-%d", getpid(), createProcessUniqueId()); @@ -698,9 +700,8 @@ status_t SurfaceTexture::updateTexImage() { ST_LOGW("updateTexImage: clearing GL error: %#04x", error); } - glBindTexture(GL_TEXTURE_EXTERNAL_OES, mTexName); - glEGLImageTargetTexture2DOES(GL_TEXTURE_EXTERNAL_OES, - (GLeglImageOES)image); + glBindTexture(mTexTarget, mTexName); + glEGLImageTargetTexture2DOES(mTexTarget, (GLeglImageOES)image); bool failed = false; while ((error = glGetError()) != GL_NO_ERROR) { @@ -735,7 +736,7 @@ status_t SurfaceTexture::updateTexImage() { mDequeueCondition.signal(); } else { // We always bind the texture even if we don't update its contents. - glBindTexture(GL_TEXTURE_EXTERNAL_OES, mTexName); + glBindTexture(mTexTarget, mTexName); } return OK; @@ -761,7 +762,7 @@ bool SurfaceTexture::isExternalFormat(uint32_t format) } GLenum SurfaceTexture::getCurrentTextureTarget() const { - return GL_TEXTURE_EXTERNAL_OES; + return mTexTarget; } void SurfaceTexture::getTransformMatrix(float mtx[16]) { diff --git a/media/java/android/media/Ringtone.java b/media/java/android/media/Ringtone.java index 8bb52332f82d..f16ba368d443 100644 --- a/media/java/android/media/Ringtone.java +++ b/media/java/android/media/Ringtone.java @@ -207,21 +207,6 @@ public class Ringtone { openMediaPlayer(); } - /** @hide */ - public void setWakeMode(Context context, int mode) { - if (mAudio == null) { - try { - openMediaPlayer(); - } catch (Exception ex) { - Log.e(TAG, "setWakeMode() caught ", ex); - mAudio = null; - } - } - if (mAudio != null) { - mAudio.setWakeMode(context, mode); - } - } - /** * Plays the ringtone. */ diff --git a/media/libstagefright/OMXCodec.cpp b/media/libstagefright/OMXCodec.cpp index e94a8d712e2f..ccc8a18aa673 100755 --- a/media/libstagefright/OMXCodec.cpp +++ b/media/libstagefright/OMXCodec.cpp @@ -625,7 +625,11 @@ status_t OMXCodec::configureCodec(const sp<MetaData> &meta) { CHECK(meta->findInt32(kKeyChannelCount, &numChannels)); CHECK(meta->findInt32(kKeySampleRate, &sampleRate)); - setAACFormat(numChannels, sampleRate, bitRate); + status_t err = setAACFormat(numChannels, sampleRate, bitRate); + if (err != OK) { + CODEC_LOGE("setAACFormat() failed (err = %d)", err); + return err; + } } else if (!strcasecmp(MEDIA_MIMETYPE_AUDIO_G711_ALAW, mMIME) || !strcasecmp(MEDIA_MIMETYPE_AUDIO_G711_MLAW, mMIME)) { // These are PCM-like formats with a fixed sample rate but @@ -3358,8 +3362,10 @@ void OMXCodec::setAMRFormat(bool isWAMR, int32_t bitRate) { } } -void OMXCodec::setAACFormat(int32_t numChannels, int32_t sampleRate, int32_t bitRate) { - CHECK(numChannels == 1 || numChannels == 2); +status_t OMXCodec::setAACFormat(int32_t numChannels, int32_t sampleRate, int32_t bitRate) { + if (numChannels > 2) + LOGW("Number of channels: (%d) \n", numChannels); + if (mIsEncoder) { //////////////// input port //////////////////// setRawAudioFormat(kPortIndexInput, sampleRate, numChannels); @@ -3410,9 +3416,13 @@ void OMXCodec::setAACFormat(int32_t numChannels, int32_t sampleRate, int32_t bit profile.nAACERtools = OMX_AUDIO_AACERNone; profile.eAACProfile = OMX_AUDIO_AACObjectLC; profile.eAACStreamFormat = OMX_AUDIO_AACStreamFormatMP4FF; - CHECK_EQ(mOMX->setParameter(mNode, OMX_IndexParamAudioAac, - &profile, sizeof(profile)), (status_t)OK); + err = mOMX->setParameter(mNode, OMX_IndexParamAudioAac, + &profile, sizeof(profile)); + if (err != OK) { + CODEC_LOGE("setParameter('OMX_IndexParamAudioAac') failed (err = %d)", err); + return err; + } } else { OMX_AUDIO_PARAM_AACPROFILETYPE profile; InitOMXParams(&profile); @@ -3428,8 +3438,14 @@ void OMXCodec::setAACFormat(int32_t numChannels, int32_t sampleRate, int32_t bit err = mOMX->setParameter( mNode, OMX_IndexParamAudioAac, &profile, sizeof(profile)); - CHECK_EQ(err, (status_t)OK); + + if (err != OK) { + CODEC_LOGE("setParameter('OMX_IndexParamAudioAac') failed (err = %d)", err); + return err; + } } + + return OK; } void OMXCodec::setG711Format(int32_t numChannels) { |