diff options
56 files changed, 673 insertions, 376 deletions
diff --git a/core/java/android/content/ContentResolver.java b/core/java/android/content/ContentResolver.java index 6ede29b9ba15..b378d8ee8201 100644 --- a/core/java/android/content/ContentResolver.java +++ b/core/java/android/content/ContentResolver.java @@ -984,6 +984,7 @@ public abstract class ContentResolver { stableProvider = acquireProvider(uri); } releaseUnstableProvider(unstableProvider); + unstableProvider = null; ParcelFileDescriptor pfd = new ParcelFileDescriptorInner( fd.getParcelFileDescriptor(), stableProvider); @@ -1128,6 +1129,7 @@ public abstract class ContentResolver { stableProvider = acquireProvider(uri); } releaseUnstableProvider(unstableProvider); + unstableProvider = null; ParcelFileDescriptor pfd = new ParcelFileDescriptorInner( fd.getParcelFileDescriptor(), stableProvider); diff --git a/core/java/android/os/Parcel.java b/core/java/android/os/Parcel.java index 1e879f2edca1..ed53d4495a15 100644 --- a/core/java/android/os/Parcel.java +++ b/core/java/android/os/Parcel.java @@ -58,12 +58,12 @@ import java.util.Set; * appropriate to place any Parcel data in to persistent storage: changes * in the underlying implementation of any of the data in the Parcel can * render older data unreadable.</p> - * + * * <p>The bulk of the Parcel API revolves around reading and writing data * of various types. There are six major classes of such functions available.</p> - * + * * <h3>Primitives</h3> - * + * * <p>The most basic data functions are for writing and reading primitive * data types: {@link #writeByte}, {@link #readByte}, {@link #writeDouble}, * {@link #readDouble}, {@link #writeFloat}, {@link #readFloat}, {@link #writeInt}, @@ -71,15 +71,15 @@ import java.util.Set; * {@link #writeString}, {@link #readString}. Most other * data operations are built on top of these. The given data is written and * read using the endianess of the host CPU.</p> - * + * * <h3>Primitive Arrays</h3> - * + * * <p>There are a variety of methods for reading and writing raw arrays * of primitive objects, which generally result in writing a 4-byte length * followed by the primitive data items. The methods for reading can either * read the data into an existing array, or create and return a new array. * These available types are:</p> - * + * * <ul> * <li> {@link #writeBooleanArray(boolean[])}, * {@link #readBooleanArray(boolean[])}, {@link #createBooleanArray()} @@ -101,9 +101,9 @@ import java.util.Set; * <li> {@link #writeSparseBooleanArray(SparseBooleanArray)}, * {@link #readSparseBooleanArray()}. * </ul> - * + * * <h3>Parcelables</h3> - * + * * <p>The {@link Parcelable} protocol provides an extremely efficient (but * low-level) protocol for objects to write and read themselves from Parcels. * You can use the direct methods {@link #writeParcelable(Parcelable, int)} @@ -113,7 +113,7 @@ import java.util.Set; * methods write both the class type and its data to the Parcel, allowing * that class to be reconstructed from the appropriate class loader when * later reading.</p> - * + * * <p>There are also some methods that provide a more efficient way to work * with Parcelables: {@link #writeTypedObject}, {@link #writeTypedArray}, * {@link #writeTypedList}, {@link #readTypedObject}, @@ -126,9 +126,9 @@ import java.util.Set; * call {@link Parcelable#writeToParcel Parcelable.writeToParcel} and * {@link Parcelable.Creator#createFromParcel Parcelable.Creator.createFromParcel} * yourself.)</p> - * + * * <h3>Bundles</h3> - * + * * <p>A special type-safe container, called {@link Bundle}, is available * for key/value maps of heterogeneous values. This has many optimizations * for improved performance when reading and writing data, and its type-safe @@ -136,16 +136,16 @@ import java.util.Set; * data contents into a Parcel. The methods to use are * {@link #writeBundle(Bundle)}, {@link #readBundle()}, and * {@link #readBundle(ClassLoader)}. - * + * * <h3>Active Objects</h3> - * + * * <p>An unusual feature of Parcel is the ability to read and write active * objects. For these objects the actual contents of the object is not * written, rather a special token referencing the object is written. When * reading the object back from the Parcel, you do not get a new instance of * the object, but rather a handle that operates on the exact same object that * was originally written. There are two forms of active objects available.</p> - * + * * <p>{@link Binder} objects are a core facility of Android's general cross-process * communication system. The {@link IBinder} interface describes an abstract * protocol with a Binder object. Any such interface can be written in to @@ -158,7 +158,7 @@ import java.util.Set; * {@link #createBinderArray()}, * {@link #writeBinderList(List)}, {@link #readBinderList(List)}, * {@link #createBinderArrayList()}.</p> - * + * * <p>FileDescriptor objects, representing raw Linux file descriptor identifiers, * can be written and {@link ParcelFileDescriptor} objects returned to operate * on the original file descriptor. The returned file descriptor is a dup @@ -166,9 +166,9 @@ import java.util.Set; * operating on the same underlying file stream, with the same position, etc. * The methods to use are {@link #writeFileDescriptor(FileDescriptor)}, * {@link #readFileDescriptor()}. - * + * * <h3>Untyped Containers</h3> - * + * * <p>A final class of methods are for writing and reading standard Java * containers of arbitrary types. These all revolve around the * {@link #writeValue(Object)} and {@link #readValue(ClassLoader)} methods @@ -229,6 +229,7 @@ public final class Parcel { private static final int VAL_PERSISTABLEBUNDLE = 25; private static final int VAL_SIZE = 26; private static final int VAL_SIZEF = 27; + private static final int VAL_DOUBLEARRAY = 28; // The initial int32 in a Binder call's reply Parcel header: private static final int EX_SECURITY = -1; @@ -642,7 +643,7 @@ public final class Parcel { * growing dataCapacity() if needed. The Map keys must be String objects. * The Map values are written using {@link #writeValue} and must follow * the specification there. - * + * * <p>It is strongly recommended to use {@link #writeBundle} instead of * this method, since the Bundle class provides a type-safe API that * allows you to avoid mysterious type errors at the point of marshalling. @@ -1408,6 +1409,9 @@ public final class Parcel { } else if (v instanceof SizeF) { writeInt(VAL_SIZEF); writeSizeF((SizeF) v); + } else if (v instanceof double[]) { + writeInt(VAL_DOUBLEARRAY); + writeDoubleArray((double[]) v); } else { Class<?> clazz = v.getClass(); if (clazz.isArray() && clazz.getComponentType() == Object.class) { @@ -1483,7 +1487,7 @@ public final class Parcel { * exception will be re-thrown by this function as a RuntimeException * (to be caught by the system's last-resort exception handling when * dispatching a transaction). - * + * * <p>The supported exception types are: * <ul> * <li>{@link BadParcelableException} @@ -1493,7 +1497,7 @@ public final class Parcel { * <li>{@link SecurityException} * <li>{@link NetworkOnMainThreadException} * </ul> - * + * * @param e The Exception to be written. * * @see #writeNoException @@ -1814,7 +1818,7 @@ public final class Parcel { if (Bundle.DEBUG) Log.d(TAG, "null bundle: length=" + length); return null; } - + final Bundle bundle = new Bundle(this, length); if (loader != null) { bundle.setClassLoader(loader); @@ -2325,7 +2329,7 @@ public final class Parcel { return readArrayList(loader); case VAL_BOOLEANARRAY: - return createBooleanArray(); + return createBooleanArray(); case VAL_BYTEARRAY: return createByteArray(); @@ -2375,6 +2379,9 @@ public final class Parcel { case VAL_SIZEF: return readSizeF(); + case VAL_DOUBLEARRAY: + return createDoubleArray(); + default: int off = dataPosition() - 4; throw new RuntimeException( diff --git a/core/java/android/os/StrictMode.java b/core/java/android/os/StrictMode.java index 87ce12cbe37c..58d4d09bcfc7 100644 --- a/core/java/android/os/StrictMode.java +++ b/core/java/android/os/StrictMode.java @@ -1931,9 +1931,9 @@ public final class StrictMode { // so we'll report it and bail on all of the current strict mode violations // we currently are maintaining for this thread. // First, drain the remaining violations from the parcel. - while (i < numViolations) { + i++; // Skip the current entry. + for (; i < numViolations; i++) { info = new ViolationInfo(p, !currentlyGathering); - i++; } // Next clear out all gathered violations. clearGatheredViolations(); diff --git a/core/java/android/security/net/config/ApplicationConfig.java b/core/java/android/security/net/config/ApplicationConfig.java index 48359d47f091..b6276418c49d 100644 --- a/core/java/android/security/net/config/ApplicationConfig.java +++ b/core/java/android/security/net/config/ApplicationConfig.java @@ -144,18 +144,4 @@ public final class ApplicationConfig { return sInstance; } } - - /** @hide */ - public static ApplicationConfig getPlatformDefault() { - return new ApplicationConfig(new ConfigSource() { - @Override - public NetworkSecurityConfig getDefaultConfig() { - return NetworkSecurityConfig.DEFAULT; - } - @Override - public Set<Pair<Domain, NetworkSecurityConfig>> getPerDomainConfigs() { - return null; - } - }); - } } diff --git a/core/java/android/security/net/config/CertificateSource.java b/core/java/android/security/net/config/CertificateSource.java index 386354dc4d57..2b7829eb6a31 100644 --- a/core/java/android/security/net/config/CertificateSource.java +++ b/core/java/android/security/net/config/CertificateSource.java @@ -22,4 +22,5 @@ import java.security.cert.X509Certificate; /** @hide */ public interface CertificateSource { Set<X509Certificate> getCertificates(); + X509Certificate findBySubjectAndPublicKey(X509Certificate cert); } diff --git a/core/java/android/security/net/config/CertificatesEntryRef.java b/core/java/android/security/net/config/CertificatesEntryRef.java index 2ba38c21c330..1d15e19a99f2 100644 --- a/core/java/android/security/net/config/CertificatesEntryRef.java +++ b/core/java/android/security/net/config/CertificatesEntryRef.java @@ -30,6 +30,10 @@ public final class CertificatesEntryRef { mOverridesPins = overridesPins; } + boolean overridesPins() { + return mOverridesPins; + } + public Set<TrustAnchor> getTrustAnchors() { // TODO: cache this [but handle mutable sources] Set<TrustAnchor> anchors = new ArraySet<TrustAnchor>(); @@ -38,4 +42,13 @@ public final class CertificatesEntryRef { } return anchors; } + + public TrustAnchor findBySubjectAndPublicKey(X509Certificate cert) { + X509Certificate foundCert = mSource.findBySubjectAndPublicKey(cert); + if (foundCert == null) { + return null; + } + + return new TrustAnchor(foundCert, mOverridesPins); + } } diff --git a/core/java/android/security/net/config/DirectoryCertificateSource.java b/core/java/android/security/net/config/DirectoryCertificateSource.java new file mode 100644 index 000000000000..92c70920e040 --- /dev/null +++ b/core/java/android/security/net/config/DirectoryCertificateSource.java @@ -0,0 +1,138 @@ +/* + * Copyright (C) 2015 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package android.security.net.config; + +import android.os.Environment; +import android.os.UserHandle; +import android.util.ArraySet; +import android.util.Pair; +import java.io.BufferedInputStream; +import java.io.File; +import java.io.FileInputStream; +import java.io.InputStream; +import java.io.IOException; +import java.security.cert.Certificate; +import java.security.cert.CertificateException; +import java.security.cert.CertificateFactory; +import java.security.cert.X509Certificate; +import java.util.Set; +import libcore.io.IoUtils; + +import com.android.org.conscrypt.NativeCrypto; + +import javax.security.auth.x500.X500Principal; + +/** + * {@link CertificateSource} based on a directory where certificates are stored as individual files + * named after a hash of their SubjectName for more efficient lookups. + * @hide + */ +abstract class DirectoryCertificateSource implements CertificateSource { + private final File mDir; + private final Object mLock = new Object(); + private final CertificateFactory mCertFactory; + + private Set<X509Certificate> mCertificates; + + protected DirectoryCertificateSource(File caDir) { + mDir = caDir; + try { + mCertFactory = CertificateFactory.getInstance("X.509"); + } catch (CertificateException e) { + throw new RuntimeException("Failed to obtain X.509 CertificateFactory", e); + } + } + + protected abstract boolean isCertMarkedAsRemoved(String caFile); + + @Override + public Set<X509Certificate> getCertificates() { + // TODO: loading all of these is wasteful, we should instead use a keystore style API. + synchronized (mLock) { + if (mCertificates != null) { + return mCertificates; + } + + Set<X509Certificate> certs = new ArraySet<X509Certificate>(); + if (mDir.isDirectory()) { + for (String caFile : mDir.list()) { + if (isCertMarkedAsRemoved(caFile)) { + continue; + } + X509Certificate cert = readCertificate(caFile); + if (cert != null) { + certs.add(cert); + } + } + } + mCertificates = certs; + return mCertificates; + } + } + + @Override + public X509Certificate findBySubjectAndPublicKey(final X509Certificate cert) { + return findCert(cert.getSubjectX500Principal(), new CertSelector() { + @Override + public boolean match(X509Certificate ca) { + return ca.getPublicKey().equals(cert.getPublicKey()); + } + }); + } + + private static interface CertSelector { + boolean match(X509Certificate cert); + } + + private X509Certificate findCert(X500Principal subj, CertSelector selector) { + String hash = getHash(subj); + for (int index = 0; index >= 0; index++) { + String fileName = hash + "." + index; + if (!new File(mDir, fileName).exists()) { + break; + } + if (isCertMarkedAsRemoved(fileName)) { + continue; + } + X509Certificate cert = readCertificate(fileName); + if (!subj.equals(cert.getSubjectX500Principal())) { + continue; + } + if (selector.match(cert)) { + return cert; + } + } + return null; + } + + private String getHash(X500Principal name) { + int hash = NativeCrypto.X509_NAME_hash_old(name); + return IntegralToString.intToHexString(hash, false, 8); + } + + private X509Certificate readCertificate(String file) { + InputStream is = null; + try { + is = new BufferedInputStream(new FileInputStream(new File(mDir, file))); + return (X509Certificate) mCertFactory.generateCertificate(is); + } catch (CertificateException | IOException e) { + return null; + } finally { + IoUtils.closeQuietly(is); + } + } +} diff --git a/core/java/android/security/net/config/KeyStoreCertificateSource.java b/core/java/android/security/net/config/KeyStoreCertificateSource.java index 1973ef1825e9..7a01a6488a04 100644 --- a/core/java/android/security/net/config/KeyStoreCertificateSource.java +++ b/core/java/android/security/net/config/KeyStoreCertificateSource.java @@ -24,6 +24,8 @@ import java.security.cert.X509Certificate; import java.util.Enumeration; import java.util.Set; +import com.android.org.conscrypt.TrustedCertificateIndex; + /** * {@link CertificateSource} which provides certificates from trusted certificate entries of a * {@link KeyStore}. @@ -31,6 +33,7 @@ import java.util.Set; class KeyStoreCertificateSource implements CertificateSource { private final Object mLock = new Object(); private final KeyStore mKeyStore; + private TrustedCertificateIndex mIndex; private Set<X509Certificate> mCertificates; public KeyStoreCertificateSource(KeyStore ks) { @@ -39,27 +42,42 @@ class KeyStoreCertificateSource implements CertificateSource { @Override public Set<X509Certificate> getCertificates() { + ensureInitialized(); + return mCertificates; + } + + private void ensureInitialized() { synchronized (mLock) { if (mCertificates != null) { - return mCertificates; + return; } + try { + TrustedCertificateIndex localIndex = new TrustedCertificateIndex(); Set<X509Certificate> certificates = new ArraySet<>(mKeyStore.size()); for (Enumeration<String> en = mKeyStore.aliases(); en.hasMoreElements();) { String alias = en.nextElement(); - if (!mKeyStore.isCertificateEntry(alias)) { - continue; - } X509Certificate cert = (X509Certificate) mKeyStore.getCertificate(alias); if (cert != null) { certificates.add(cert); + localIndex.index(cert); } } + mIndex = localIndex; mCertificates = certificates; - return mCertificates; } catch (KeyStoreException e) { throw new RuntimeException("Failed to load certificates from KeyStore", e); } } } + + @Override + public X509Certificate findBySubjectAndPublicKey(X509Certificate cert) { + ensureInitialized(); + java.security.cert.TrustAnchor anchor = mIndex.findBySubjectAndPublicKey(cert); + if (anchor == null) { + return null; + } + return anchor.getTrustedCert(); + } } diff --git a/core/java/android/security/net/config/ManifestConfigSource.java b/core/java/android/security/net/config/ManifestConfigSource.java new file mode 100644 index 000000000000..bf1fb8a5a721 --- /dev/null +++ b/core/java/android/security/net/config/ManifestConfigSource.java @@ -0,0 +1,100 @@ +/* + * Copyright (C) 2015 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package android.security.net.config; + +import android.content.Context; +import android.content.pm.ApplicationInfo; +import android.content.pm.PackageManager; +import android.util.Log; +import android.util.Pair; +import java.util.Set; + +/** @hide */ +public class ManifestConfigSource implements ConfigSource { + public static final String META_DATA_NETWORK_SECURITY_CONFIG = + "android.security.net.config"; + private static final boolean DBG = true; + private static final String LOG_TAG = "NetworkSecurityConfig"; + + private final Object mLock = new Object(); + private final Context mContext; + + private ConfigSource mConfigSource; + + public ManifestConfigSource(Context context) { + mContext = context; + } + + @Override + public Set<Pair<Domain, NetworkSecurityConfig>> getPerDomainConfigs() { + return getConfigSource().getPerDomainConfigs(); + } + + @Override + public NetworkSecurityConfig getDefaultConfig() { + return getConfigSource().getDefaultConfig(); + } + + private ConfigSource getConfigSource() { + synchronized (mLock) { + if (mConfigSource != null) { + return mConfigSource; + } + ApplicationInfo info; + try { + info = mContext.getPackageManager().getApplicationInfo(mContext.getPackageName(), + PackageManager.GET_META_DATA); + } catch (PackageManager.NameNotFoundException e) { + throw new RuntimeException("Failed to look up ApplicationInfo", e); + } + int configResourceId = 0; + if (info != null && info.metaData != null) { + configResourceId = info.metaData.getInt(META_DATA_NETWORK_SECURITY_CONFIG); + } + + ConfigSource source; + if (configResourceId != 0) { + boolean debugBuild = (info.flags & ApplicationInfo.FLAG_DEBUGGABLE) != 0; + if (DBG) { + Log.d(LOG_TAG, "Using Network Security Config from resource " + + mContext.getResources().getResourceEntryName(configResourceId) + + " debugBuild: " + debugBuild); + } + source = new XmlConfigSource(mContext, configResourceId, debugBuild); + } else { + if (DBG) { + Log.d(LOG_TAG, "No Network Security Config specified, using platform default"); + } + source = new DefaultConfigSource(); + } + mConfigSource = source; + return mConfigSource; + } + } + + private static final class DefaultConfigSource implements ConfigSource { + @Override + public NetworkSecurityConfig getDefaultConfig() { + return NetworkSecurityConfig.DEFAULT; + } + + @Override + public Set<Pair<Domain, NetworkSecurityConfig>> getPerDomainConfigs() { + return null; + } + } +} diff --git a/core/java/android/security/net/config/NetworkSecurityConfig.java b/core/java/android/security/net/config/NetworkSecurityConfig.java index 9eab80ca0771..2ab07b5abf18 100644 --- a/core/java/android/security/net/config/NetworkSecurityConfig.java +++ b/core/java/android/security/net/config/NetworkSecurityConfig.java @@ -22,6 +22,7 @@ import java.security.cert.X509Certificate; import java.util.ArrayList; import java.util.Collection; import java.util.Collections; +import java.util.Comparator; import java.util.List; import java.util.Map; import java.util.Set; @@ -53,6 +54,19 @@ public final class NetworkSecurityConfig { mHstsEnforced = hstsEnforced; mPins = pins; mCertificatesEntryRefs = certificatesEntryRefs; + // Sort the certificates entry refs so that all entries that override pins come before + // non-override pin entries. This allows us to handle the case where a certificate is in + // multiple entry refs by returning the certificate from the first entry ref. + Collections.sort(mCertificatesEntryRefs, new Comparator<CertificatesEntryRef>() { + @Override + public int compare(CertificatesEntryRef lhs, CertificatesEntryRef rhs) { + if (lhs.overridesPins()) { + return rhs.overridesPins() ? 0 : -1; + } else { + return rhs.overridesPins() ? 1 : 0; + } + } + }); } public Set<TrustAnchor> getTrustAnchors() { @@ -63,14 +77,15 @@ public final class NetworkSecurityConfig { // Merge trust anchors based on the X509Certificate. // If we see the same certificate in two TrustAnchors, one with overridesPins and one // without, the one with overridesPins wins. + // Because mCertificatesEntryRefs is sorted with all overridesPins anchors coming first + // this can be simplified to just using the first occurrence of a certificate. Map<X509Certificate, TrustAnchor> anchorMap = new ArrayMap<>(); for (CertificatesEntryRef ref : mCertificatesEntryRefs) { Set<TrustAnchor> anchors = ref.getTrustAnchors(); for (TrustAnchor anchor : anchors) { - if (anchor.overridesPins) { - anchorMap.put(anchor.certificate, anchor); - } else if (!anchorMap.containsKey(anchor.certificate)) { - anchorMap.put(anchor.certificate, anchor); + X509Certificate cert = anchor.certificate; + if (!anchorMap.containsKey(cert)) { + anchorMap.put(cert, anchor); } } } @@ -108,6 +123,17 @@ public final class NetworkSecurityConfig { } } + /** @hide */ + public TrustAnchor findTrustAnchorBySubjectAndPublicKey(X509Certificate cert) { + for (CertificatesEntryRef ref : mCertificatesEntryRefs) { + TrustAnchor anchor = ref.findBySubjectAndPublicKey(cert); + if (anchor != null) { + return anchor; + } + } + return null; + } + /** * Return a {@link Builder} for the default {@code NetworkSecurityConfig}. * diff --git a/core/java/android/security/net/config/NetworkSecurityConfigProvider.java b/core/java/android/security/net/config/NetworkSecurityConfigProvider.java index ac762efe85d2..5ebc7ac5f242 100644 --- a/core/java/android/security/net/config/NetworkSecurityConfigProvider.java +++ b/core/java/android/security/net/config/NetworkSecurityConfigProvider.java @@ -17,20 +17,13 @@ package android.security.net.config; import android.content.Context; -import android.content.pm.ApplicationInfo; -import android.content.pm.PackageManager; -import android.util.Log; import java.security.Security; import java.security.Provider; /** @hide */ public final class NetworkSecurityConfigProvider extends Provider { - private static final String LOG_TAG = "NetworkSecurityConfig"; private static final String PREFIX = NetworkSecurityConfigProvider.class.getPackage().getName() + "."; - public static final String META_DATA_NETWORK_SECURITY_CONFIG = - "android.security.net.config"; - private static final boolean DBG = true; public NetworkSecurityConfigProvider() { // TODO: More clever name than this @@ -40,36 +33,7 @@ public final class NetworkSecurityConfigProvider extends Provider { } public static void install(Context context) { - ApplicationInfo info = null; - // TODO: This lookup shouldn't be done in the app startup path, it should be done lazily. - try { - info = context.getPackageManager().getApplicationInfo(context.getPackageName(), - PackageManager.GET_META_DATA); - } catch (PackageManager.NameNotFoundException e) { - throw new RuntimeException("Failed to look up ApplicationInfo", e); - } - int configResourceId = 0; - if (info != null && info.metaData != null) { - configResourceId = info.metaData.getInt(META_DATA_NETWORK_SECURITY_CONFIG); - } - - ApplicationConfig config; - if (configResourceId != 0) { - boolean debugBuild = (info.flags & ApplicationInfo.FLAG_DEBUGGABLE) != 0; - if (DBG) { - Log.d(LOG_TAG, "Using Network Security Config from resource " - + context.getResources().getResourceEntryName(configResourceId) - + " debugBuild: " + debugBuild); - } - ConfigSource source = new XmlConfigSource(context, configResourceId, debugBuild); - config = new ApplicationConfig(source); - } else { - if (DBG) { - Log.d(LOG_TAG, "No Network Security Config specified, using platform default"); - } - config = ApplicationConfig.getPlatformDefault(); - } - + ApplicationConfig config = new ApplicationConfig(new ManifestConfigSource(context)); ApplicationConfig.setDefaultInstance(config); int pos = Security.insertProviderAt(new NetworkSecurityConfigProvider(), 1); if (pos != 1) { diff --git a/core/java/android/security/net/config/NetworkSecurityTrustManager.java b/core/java/android/security/net/config/NetworkSecurityTrustManager.java index 2b860fac45c1..6013c1e4023e 100644 --- a/core/java/android/security/net/config/NetworkSecurityTrustManager.java +++ b/core/java/android/security/net/config/NetworkSecurityTrustManager.java @@ -133,14 +133,8 @@ public class NetworkSecurityTrustManager implements X509TrustManager { return false; } X509Certificate anchorCert = chain.get(chain.size() - 1); - TrustAnchor chainAnchor = null; - // TODO: faster lookup - for (TrustAnchor anchor : mNetworkSecurityConfig.getTrustAnchors()) { - if (anchor.certificate.equals(anchorCert)) { - chainAnchor = anchor; - break; - } - } + TrustAnchor chainAnchor = + mNetworkSecurityConfig.findTrustAnchorBySubjectAndPublicKey(anchorCert); if (chainAnchor == null) { throw new CertificateException("Trusted chain does not end in a TrustAnchor"); } diff --git a/core/java/android/security/net/config/ResourceCertificateSource.java b/core/java/android/security/net/config/ResourceCertificateSource.java index 06dd9d42e364..b007f8f00a55 100644 --- a/core/java/android/security/net/config/ResourceCertificateSource.java +++ b/core/java/android/security/net/config/ResourceCertificateSource.java @@ -27,26 +27,29 @@ import java.security.cert.X509Certificate; import java.util.Collection; import java.util.Set; +import com.android.org.conscrypt.TrustedCertificateIndex; + /** * {@link CertificateSource} based on certificates contained in an application resource file. * @hide */ public class ResourceCertificateSource implements CertificateSource { - private Set<X509Certificate> mCertificates; + private final Object mLock = new Object(); private final int mResourceId; + + private Set<X509Certificate> mCertificates; private Context mContext; - private final Object mLock = new Object(); + private TrustedCertificateIndex mIndex; public ResourceCertificateSource(int resourceId, Context context) { mResourceId = resourceId; mContext = context.getApplicationContext(); } - @Override - public Set<X509Certificate> getCertificates() { + private void ensureInitialized() { synchronized (mLock) { if (mCertificates != null) { - return mCertificates; + return; } Set<X509Certificate> certificates = new ArraySet<X509Certificate>(); Collection<? extends Certificate> certs; @@ -61,12 +64,30 @@ public class ResourceCertificateSource implements CertificateSource { } finally { IoUtils.closeQuietly(in); } + TrustedCertificateIndex indexLocal = new TrustedCertificateIndex(); for (Certificate cert : certs) { - certificates.add((X509Certificate) cert); + certificates.add((X509Certificate) cert); + indexLocal.index((X509Certificate) cert); } mCertificates = certificates; + mIndex = indexLocal; mContext = null; - return mCertificates; } } + + @Override + public Set<X509Certificate> getCertificates() { + ensureInitialized(); + return mCertificates; + } + + @Override + public X509Certificate findBySubjectAndPublicKey(X509Certificate cert) { + ensureInitialized(); + java.security.cert.TrustAnchor anchor = mIndex.findBySubjectAndPublicKey(cert); + if (anchor == null) { + return null; + } + return anchor.getTrustedCert(); + } } diff --git a/core/java/android/security/net/config/SystemCertificateSource.java b/core/java/android/security/net/config/SystemCertificateSource.java index 7649a977ff5c..abef7b453c79 100644 --- a/core/java/android/security/net/config/SystemCertificateSource.java +++ b/core/java/android/security/net/config/SystemCertificateSource.java @@ -18,29 +18,20 @@ package android.security.net.config; import android.os.Environment; import android.os.UserHandle; -import android.util.ArraySet; -import java.io.BufferedInputStream; import java.io.File; -import java.io.FileInputStream; -import java.io.InputStream; -import java.io.IOException; -import java.security.cert.Certificate; -import java.security.cert.CertificateException; -import java.security.cert.CertificateFactory; -import java.security.cert.X509Certificate; -import java.util.Set; -import libcore.io.IoUtils; /** * {@link CertificateSource} based on the system trusted CA store. * @hide */ -public class SystemCertificateSource implements CertificateSource { +public final class SystemCertificateSource extends DirectoryCertificateSource { private static final SystemCertificateSource INSTANCE = new SystemCertificateSource(); - private Set<X509Certificate> mSystemCerts = null; - private final Object mLock = new Object(); + private final File mUserRemovedCaDir; private SystemCertificateSource() { + super(new File(System.getenv("ANDROID_ROOT") + "/etc/security/cacerts")); + File configDir = Environment.getUserConfigDirectory(UserHandle.myUserId()); + mUserRemovedCaDir = new File(configDir, "cacerts-removed"); } public static SystemCertificateSource getInstance() { @@ -48,54 +39,7 @@ public class SystemCertificateSource implements CertificateSource { } @Override - public Set<X509Certificate> getCertificates() { - // TODO: loading all of these is wasteful, we should instead use a keystore style API. - synchronized (mLock) { - if (mSystemCerts != null) { - return mSystemCerts; - } - CertificateFactory certFactory; - try { - certFactory = CertificateFactory.getInstance("X.509"); - } catch (CertificateException e) { - throw new RuntimeException("Failed to obtain X.509 CertificateFactory", e); - } - - final String ANDROID_ROOT = System.getenv("ANDROID_ROOT"); - final File systemCaDir = new File(ANDROID_ROOT + "/etc/security/cacerts"); - final File configDir = Environment.getUserConfigDirectory(UserHandle.myUserId()); - final File userRemovedCaDir = new File(configDir, "cacerts-removed"); - // Sanity check - if (!systemCaDir.isDirectory()) { - throw new AssertionError(systemCaDir + " is not a directory"); - } - - Set<X509Certificate> systemCerts = new ArraySet<X509Certificate>(); - for (String caFile : systemCaDir.list()) { - // Skip any CAs in the user's deleted directory. - if (new File(userRemovedCaDir, caFile).exists()) { - continue; - } - InputStream is = null; - try { - is = new BufferedInputStream( - new FileInputStream(new File(systemCaDir, caFile))); - systemCerts.add((X509Certificate) certFactory.generateCertificate(is)); - } catch (CertificateException | IOException e) { - // Don't rethrow to be consistent with conscrypt's cert loading code. - continue; - } finally { - IoUtils.closeQuietly(is); - } - } - mSystemCerts = systemCerts; - return mSystemCerts; - } - } - - public void onCertificateStorageChange() { - synchronized (mLock) { - mSystemCerts = null; - } + protected boolean isCertMarkedAsRemoved(String caFile) { + return new File(mUserRemovedCaDir, caFile).exists(); } } diff --git a/core/java/android/security/net/config/UserCertificateSource.java b/core/java/android/security/net/config/UserCertificateSource.java index e9d5aa1e2f34..1a7d92456a3d 100644 --- a/core/java/android/security/net/config/UserCertificateSource.java +++ b/core/java/android/security/net/config/UserCertificateSource.java @@ -18,29 +18,18 @@ package android.security.net.config; import android.os.Environment; import android.os.UserHandle; -import android.util.ArraySet; -import java.io.BufferedInputStream; import java.io.File; -import java.io.FileInputStream; -import java.io.InputStream; -import java.io.IOException; -import java.security.cert.Certificate; -import java.security.cert.CertificateException; -import java.security.cert.CertificateFactory; -import java.security.cert.X509Certificate; -import java.util.Set; -import libcore.io.IoUtils; /** * {@link CertificateSource} based on the user-installed trusted CA store. * @hide */ -public class UserCertificateSource implements CertificateSource { +public final class UserCertificateSource extends DirectoryCertificateSource { private static final UserCertificateSource INSTANCE = new UserCertificateSource(); - private Set<X509Certificate> mUserCerts = null; - private final Object mLock = new Object(); private UserCertificateSource() { + super(new File( + Environment.getUserConfigDirectory(UserHandle.myUserId()), "cacerts-added")); } public static UserCertificateSource getInstance() { @@ -48,45 +37,7 @@ public class UserCertificateSource implements CertificateSource { } @Override - public Set<X509Certificate> getCertificates() { - // TODO: loading all of these is wasteful, we should instead use a keystore style API. - synchronized (mLock) { - if (mUserCerts != null) { - return mUserCerts; - } - CertificateFactory certFactory; - try { - certFactory = CertificateFactory.getInstance("X.509"); - } catch (CertificateException e) { - throw new RuntimeException("Failed to obtain X.509 CertificateFactory", e); - } - final File configDir = Environment.getUserConfigDirectory(UserHandle.myUserId()); - final File userCaDir = new File(configDir, "cacerts-added"); - Set<X509Certificate> userCerts = new ArraySet<X509Certificate>(); - // If the user hasn't added any certificates the directory may not exist. - if (userCaDir.isDirectory()) { - for (String caFile : userCaDir.list()) { - InputStream is = null; - try { - is = new BufferedInputStream( - new FileInputStream(new File(userCaDir, caFile))); - userCerts.add((X509Certificate) certFactory.generateCertificate(is)); - } catch (CertificateException | IOException e) { - // Don't rethrow to be consistent with conscrypt's cert loading code. - continue; - } finally { - IoUtils.closeQuietly(is); - } - } - } - mUserCerts = userCerts; - return mUserCerts; - } - } - - public void onCertificateStorageChange() { - synchronized (mLock) { - mUserCerts = null; - } + protected boolean isCertMarkedAsRemoved(String caFile) { + return false; } } diff --git a/core/java/android/view/WindowManagerPolicy.java b/core/java/android/view/WindowManagerPolicy.java index aaf605274a9a..0a7e594f081c 100644 --- a/core/java/android/view/WindowManagerPolicy.java +++ b/core/java/android/view/WindowManagerPolicy.java @@ -430,6 +430,11 @@ public interface WindowManagerPolicy { public int getLidState(); /** + * Lock the device now. + */ + public void lockDeviceNow(); + + /** * Returns a code that descripbes whether the camera lens is covered or not. */ public int getCameraLensCoverState(); diff --git a/core/java/com/android/internal/inputmethod/InputMethodUtils.java b/core/java/com/android/internal/inputmethod/InputMethodUtils.java index 742173b9b5b3..a5b20f5b367b 100644 --- a/core/java/com/android/internal/inputmethod/InputMethodUtils.java +++ b/core/java/com/android/internal/inputmethod/InputMethodUtils.java @@ -377,17 +377,17 @@ public class InputMethodUtils { } // TODO: Use {@link Locale#toLanguageTag()} and {@link Locale#forLanguageTag(languageTag)}. String[] localeParams = localeStr.split("_", 3); + if (localeParams.length >= 1 && "tl".equals(localeParams[0])) { + // Convert a locale whose language is "tl" to one whose language is "fil". + // For example, "tl_PH" will get converted to "fil_PH". + // Versions of Android earlier than Lollipop did not support three letter language + // codes, and used "tl" (Tagalog) as the language string for "fil" (Filipino). + // On Lollipop and above, the current three letter version must be used. + localeParams[0] = "fil"; + } // The length of localeStr is guaranteed to always return a 1 <= value <= 3 // because localeStr is not empty. if (localeParams.length == 1) { - if (localeParams.length >= 1 && "tl".equals(localeParams[0])) { - // Convert a locale whose language is "tl" to one whose language is "fil". - // For example, "tl_PH" will get converted to "fil_PH". - // Versions of Android earlier than Lollipop did not support three letter language - // codes, and used "tl" (Tagalog) as the language string for "fil" (Filipino). - // On Lollipop and above, the current three letter version must be used. - localeParams[0] = "fil"; - } return new Locale(localeParams[0]); } else if (localeParams.length == 2) { return new Locale(localeParams[0], localeParams[1]); diff --git a/core/jni/android_util_Binder.cpp b/core/jni/android_util_Binder.cpp index c139cd78b4c0..ae109c6566cb 100644 --- a/core/jni/android_util_Binder.cpp +++ b/core/jni/android_util_Binder.cpp @@ -711,6 +711,9 @@ void signalExceptionForError(JNIEnv* env, jobject obj, status_t err, jniThrowException(env, "java/lang/RuntimeException", "Not allowed to write file descriptors here"); break; + case UNEXPECTED_NULL: + jniThrowNullPointerException(env, NULL); + break; case -EBADF: jniThrowException(env, "java/lang/RuntimeException", "Bad file descriptor"); diff --git a/core/res/res/values/config.xml b/core/res/res/values/config.xml index 0859e5a03856..794262e848cd 100644 --- a/core/res/res/values/config.xml +++ b/core/res/res/values/config.xml @@ -673,6 +673,10 @@ closed. The default is 0. --> <integer name="config_lidNavigationAccessibility">0</integer> + <!-- Indicate whether closing the lid causes the lockscreen to appear. + The default is false. --> + <bool name="config_lidControlsScreenLock">false</bool> + <!-- Indicate whether closing the lid causes the device to go to sleep and opening it causes the device to wake up. The default is false. --> diff --git a/core/res/res/values/symbols.xml b/core/res/res/values/symbols.xml index 6d8c38f4100a..0b105f98be11 100644 --- a/core/res/res/values/symbols.xml +++ b/core/res/res/values/symbols.xml @@ -1474,6 +1474,7 @@ <java-symbol type="bool" name="config_enableLockScreenRotation" /> <java-symbol type="bool" name="config_enableLockScreenTranslucentDecor" /> <java-symbol type="bool" name="config_enableTranslucentDecor" /> + <java-symbol type="bool" name="config_lidControlsScreenLock" /> <java-symbol type="bool" name="config_lidControlsSleep" /> <java-symbol type="bool" name="config_reverseDefaultRotation" /> <java-symbol type="bool" name="config_showNavigationBar" /> diff --git a/core/tests/benchmarks/Android.mk b/core/tests/benchmarks/Android.mk new file mode 100644 index 000000000000..b7b295aeca99 --- /dev/null +++ b/core/tests/benchmarks/Android.mk @@ -0,0 +1,32 @@ +# -*- mode: makefile -*- +# Copyright (C) 2015 The Android Open Source Project +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +LOCAL_PATH:= $(call my-dir) + +# build framework base core benchmarks +# ============================================================ + +include $(CLEAR_VARS) +LOCAL_MODULE := frameworks-base-core-benchmarks +LOCAL_MODULE_TAGS := optional +LOCAL_MODULE_CLASS := JAVA_LIBRARIES +LOCAL_SRC_FILES := $(call all-java-files-under, src/) +LOCAL_NO_STANDARD_LIBRARIES := true + +LOCAL_JAVA_LIBRARIES := \ + caliper-api-target \ + framework + +include $(BUILD_JAVA_LIBRARY) diff --git a/core/tests/benchmarks/src/android/net/NetworkStatsBenchmark.java b/core/tests/benchmarks/src/android/net/NetworkStatsBenchmark.java index 1a5043254e09..1b6560322a13 100644 --- a/core/tests/benchmarks/src/android/net/NetworkStatsBenchmark.java +++ b/core/tests/benchmarks/src/android/net/NetworkStatsBenchmark.java @@ -16,10 +16,10 @@ package android.net; +import com.google.caliper.BeforeExperiment; import com.google.caliper.Param; -import com.google.caliper.SimpleBenchmark; -public class NetworkStatsBenchmark extends SimpleBenchmark { +public class NetworkStatsBenchmark { private static final String UNDERLYING_IFACE = "wlan0"; private static final String TUN_IFACE = "tun0"; private static final int TUN_UID = 999999999; @@ -28,10 +28,8 @@ public class NetworkStatsBenchmark extends SimpleBenchmark { private int mSize; private NetworkStats mNetworkStats; - @Override + @BeforeExperiment protected void setUp() throws Exception { - super.setUp(); - mNetworkStats = new NetworkStats(0, mSize + 2); int uid = 0; NetworkStats.Entry recycle = new NetworkStats.Entry(); diff --git a/core/tests/benchmarks/src/android/net/TrafficStatsBenchmark.java b/core/tests/benchmarks/src/android/net/TrafficStatsBenchmark.java index 5a29adc9b000..09de412b5560 100644 --- a/core/tests/benchmarks/src/android/net/TrafficStatsBenchmark.java +++ b/core/tests/benchmarks/src/android/net/TrafficStatsBenchmark.java @@ -16,9 +16,7 @@ package android.net; -import com.google.caliper.SimpleBenchmark; - -public class TrafficStatsBenchmark extends SimpleBenchmark { +public class TrafficStatsBenchmark { public void timeGetUidRxBytes(int reps) { for (int i = 0; i < reps; i++) { TrafficStats.getUidRxBytes(android.os.Process.myUid()); diff --git a/core/tests/benchmarks/src/android/os/ParcelArrayBenchmark.java b/core/tests/benchmarks/src/android/os/ParcelArrayBenchmark.java index 21cfb0988ebd..eff8c8e4abdf 100644 --- a/core/tests/benchmarks/src/android/os/ParcelArrayBenchmark.java +++ b/core/tests/benchmarks/src/android/os/ParcelArrayBenchmark.java @@ -16,10 +16,11 @@ package android.os; +import com.google.caliper.AfterExperiment; +import com.google.caliper.BeforeExperiment; import com.google.caliper.Param; -import com.google.caliper.SimpleBenchmark; -public class ParcelArrayBenchmark extends SimpleBenchmark { +public class ParcelArrayBenchmark { @Param({ "1", "10", "100", "1000" }) private int mSize; @@ -34,7 +35,7 @@ public class ParcelArrayBenchmark extends SimpleBenchmark { private Parcel mIntParcel; private Parcel mLongParcel; - @Override + @BeforeExperiment protected void setUp() { mWriteParcel = Parcel.obtain(); @@ -50,7 +51,7 @@ public class ParcelArrayBenchmark extends SimpleBenchmark { mLongParcel.writeLongArray(mLongArray); } - @Override + @AfterExperiment protected void tearDown() { mWriteParcel.recycle(); mWriteParcel = null; @@ -118,5 +119,4 @@ public class ParcelArrayBenchmark extends SimpleBenchmark { mLongParcel.readLongArray(mLongArray); } } - } diff --git a/core/tests/benchmarks/src/android/os/ParcelBenchmark.java b/core/tests/benchmarks/src/android/os/ParcelBenchmark.java index 6a7b7c890edb..4bd2d009dcf3 100644 --- a/core/tests/benchmarks/src/android/os/ParcelBenchmark.java +++ b/core/tests/benchmarks/src/android/os/ParcelBenchmark.java @@ -16,18 +16,19 @@ package android.os; -import com.google.caliper.SimpleBenchmark; +import com.google.caliper.AfterExperiment; +import com.google.caliper.BeforeExperiment; -public class ParcelBenchmark extends SimpleBenchmark { +public class ParcelBenchmark { private Parcel mParcel; - @Override + @BeforeExperiment protected void setUp() { mParcel = Parcel.obtain(); } - @Override + @AfterExperiment protected void tearDown() { mParcel.recycle(); mParcel = null; diff --git a/core/tests/benchmarks/src/android/os/StrictModeBenchmark.java b/core/tests/benchmarks/src/android/os/StrictModeBenchmark.java index 41af382071ca..a1109062303b 100644 --- a/core/tests/benchmarks/src/android/os/StrictModeBenchmark.java +++ b/core/tests/benchmarks/src/android/os/StrictModeBenchmark.java @@ -18,9 +18,7 @@ package android.os; import android.os.StrictMode.ThreadPolicy; -import com.google.caliper.SimpleBenchmark; - -public class StrictModeBenchmark extends SimpleBenchmark { +public class StrictModeBenchmark { private ThreadPolicy mOff = new ThreadPolicy.Builder().build(); private ThreadPolicy mOn = new ThreadPolicy.Builder().detectAll().build(); diff --git a/core/tests/benchmarks/src/android/util/FloatMathBenchmark.java b/core/tests/benchmarks/src/android/util/FloatMathBenchmark.java index 2858128b3c8d..028dd1d14a18 100644 --- a/core/tests/benchmarks/src/android/util/FloatMathBenchmark.java +++ b/core/tests/benchmarks/src/android/util/FloatMathBenchmark.java @@ -15,13 +15,9 @@ */ package android.util; -import com.google.caliper.Param; -import com.google.caliper.Runner; -import com.google.caliper.SimpleBenchmark; - import android.util.FloatMath; -public class FloatMathBenchmark extends SimpleBenchmark { +public class FloatMathBenchmark { public float timeFloatMathCeil(int reps) { // Keep an answer so we don't optimize the method call away. @@ -112,5 +108,4 @@ public class FloatMathBenchmark extends SimpleBenchmark { } return f; } - } diff --git a/core/tests/benchmarks/src/com/android/internal/net/NetworkStatsFactoryBenchmark.java b/core/tests/benchmarks/src/com/android/internal/net/NetworkStatsFactoryBenchmark.java index 2174be5dc0a3..e62fbd6568f7 100644 --- a/core/tests/benchmarks/src/com/android/internal/net/NetworkStatsFactoryBenchmark.java +++ b/core/tests/benchmarks/src/com/android/internal/net/NetworkStatsFactoryBenchmark.java @@ -18,29 +18,31 @@ package com.android.internal.net; import android.net.NetworkStats; import android.os.SystemClock; - -import com.google.caliper.SimpleBenchmark; - +import com.google.caliper.AfterExperiment; +import com.google.caliper.BeforeExperiment; import java.io.File; -public class NetworkStatsFactoryBenchmark extends SimpleBenchmark { +public class NetworkStatsFactoryBenchmark { private File mStats; // TODO: consider staging stats file with different number of rows - @Override + @BeforeExperiment protected void setUp() { mStats = new File("/proc/net/xt_qtaguid/stats"); } - @Override + @AfterExperiment protected void tearDown() { mStats = null; } public void timeReadNetworkStatsDetailJava(int reps) throws Exception { for (int i = 0; i < reps; i++) { - NetworkStatsFactory.javaReadNetworkStatsDetail(mStats, NetworkStats.UID_ALL); + NetworkStatsFactory.javaReadNetworkStatsDetail(mStats, NetworkStats.UID_ALL, + // Looks like this was broken by change d0c5b9abed60b7bc056d026bf0f2b2235410fb70 + // Fixed compilation problem but needs addressing properly. + new String[0], 999); } } @@ -48,7 +50,10 @@ public class NetworkStatsFactoryBenchmark extends SimpleBenchmark { for (int i = 0; i < reps; i++) { final NetworkStats stats = new NetworkStats(SystemClock.elapsedRealtime(), 0); NetworkStatsFactory.nativeReadNetworkStatsDetail( - stats, mStats.getAbsolutePath(), NetworkStats.UID_ALL); + stats, mStats.getAbsolutePath(), NetworkStats.UID_ALL, + // Looks like this was broken by change d0c5b9abed60b7bc056d026bf0f2b2235410fb70 + // Fixed compilation problem but needs addressing properly. + new String[0], 999); } } } diff --git a/core/tests/benchmarks/src/com/android/internal/util/IndentingPrintWriterBenchmark.java b/core/tests/benchmarks/src/com/android/internal/util/IndentingPrintWriterBenchmark.java index 34c73e831923..1112d5c40e95 100644 --- a/core/tests/benchmarks/src/com/android/internal/util/IndentingPrintWriterBenchmark.java +++ b/core/tests/benchmarks/src/com/android/internal/util/IndentingPrintWriterBenchmark.java @@ -17,15 +17,15 @@ package com.android.internal.util; import com.google.android.collect.Lists; -import com.google.caliper.SimpleBenchmark; - +import com.google.caliper.AfterExperiment; +import com.google.caliper.BeforeExperiment; import java.io.File; import java.io.FileOutputStream; import java.io.IOException; import java.io.PrintWriter; import java.util.ArrayList; -public class IndentingPrintWriterBenchmark extends SimpleBenchmark { +public class IndentingPrintWriterBenchmark { private PrintWriter mDirect; private IndentingPrintWriter mIndenting; @@ -33,7 +33,7 @@ public class IndentingPrintWriterBenchmark extends SimpleBenchmark { private Node mSimple; private Node mComplex; - @Override + @BeforeExperiment protected void setUp() throws IOException { final FileOutputStream os = new FileOutputStream(new File("/dev/null")); mDirect = new PrintWriter(os); @@ -49,7 +49,7 @@ public class IndentingPrintWriterBenchmark extends SimpleBenchmark { manyChildren); } - @Override + @AfterExperiment protected void tearDown() { mIndenting.close(); mIndenting = null; diff --git a/core/tests/coretests/apks/keyset/permUse/AndroidManifest.xml b/core/tests/coretests/apks/keyset/permUse/AndroidManifest.xml index b7645b01033e..c56079f8d3cf 100644 --- a/core/tests/coretests/apks/keyset/permUse/AndroidManifest.xml +++ b/core/tests/coretests/apks/keyset/permUse/AndroidManifest.xml @@ -21,11 +21,11 @@ <key-sets> <key-set android:name="A"> <public-key android:name="keyA" - android:value="MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJoN1Nsgqf0V4C/bbN8wo8O2X/S5D76+5Mb9mlIsHkUTUTbHCNk+LxHIUYLm89YbP9zImrV0bUHLUAZUyoMUCiMCAwEAAQ=="/> + android:value="MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMpNthdOxud7roPDZMMomOqXgJJdRfIWpkKEqmC61Mv+Nf6QY3TorEwJeghjSmqj7IbBKrtvfQq4E2XJO1HuspmQO4Ng2gvn+r+6EwNfKc9k55d6s+27SR867jKurBbHNtZMG+tjL1yH4r+tNzcuJCsgyAFqLmxFdcxEwzNvREyRpoYc5RDR0mmTwkMCUhJ6CId1EYEKiCEdNzxv+fWPEb21u+/MWpleGCILs8kglRVb2q/WOzAAvGr4FY5plfaE6N+lr7+UschQ+aMi1+uqewo2o0qPFVmZP5hnwj55K4UMzu/NhhDqQQsX4cSGES1KgHo5MTqRqZjN/I7emw5pFQIDAQAB"/> </key-set> <key-set android:name="B"> <public-key android:name="keyB" - android:value="MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAMTfQsY8UuXiXmvw/y7Tpr7HoyfAC0nE/8Qdk3ZtEr9asa5qqP0F6xzCI1PGVFV+WLVRwm6FdB9StENL5EKyQFcCAwEAAQ==" /> + android:value="MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEtGr5cL2N7ztHiHmphB1/1eq+43lEAmP36iiEJAfX+cVReGSPFXqNnnM8Vptd2boAe332lrFw9rKPmbkZA+jOTA==" /> </key-set> <upgrade-key-set android:name="A"/> <upgrade-key-set android:name="B"/> diff --git a/core/tests/coretests/apks/keyset/uA/AndroidManifest.xml b/core/tests/coretests/apks/keyset/uA/AndroidManifest.xml index f31b75f9cda8..8c440f54993b 100644 --- a/core/tests/coretests/apks/keyset/uA/AndroidManifest.xml +++ b/core/tests/coretests/apks/keyset/uA/AndroidManifest.xml @@ -20,7 +20,7 @@ <key-sets> <key-set android:name="A" > <public-key android:name="keyA" - android:value="MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJoN1Nsgqf0V4C/bbN8wo8O2X/S5D76+5Mb9mlIsHkUTUTbHCNk+LxHIUYLm89YbP9zImrV0bUHLUAZUyoMUCiMCAwEAAQ=="/> + android:value="MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMpNthdOxud7roPDZMMomOqXgJJdRfIWpkKEqmC61Mv+Nf6QY3TorEwJeghjSmqj7IbBKrtvfQq4E2XJO1HuspmQO4Ng2gvn+r+6EwNfKc9k55d6s+27SR867jKurBbHNtZMG+tjL1yH4r+tNzcuJCsgyAFqLmxFdcxEwzNvREyRpoYc5RDR0mmTwkMCUhJ6CId1EYEKiCEdNzxv+fWPEb21u+/MWpleGCILs8kglRVb2q/WOzAAvGr4FY5plfaE6N+lr7+UschQ+aMi1+uqewo2o0qPFVmZP5hnwj55K4UMzu/NhhDqQQsX4cSGES1KgHo5MTqRqZjN/I7emw5pFQIDAQAB"/> </key-set> <upgrade-key-set android:name="A"/> </key-sets> diff --git a/core/tests/coretests/apks/keyset/uAB/AndroidManifest.xml b/core/tests/coretests/apks/keyset/uAB/AndroidManifest.xml index 8ad3471d72a4..015c3ad2993e 100644 --- a/core/tests/coretests/apks/keyset/uAB/AndroidManifest.xml +++ b/core/tests/coretests/apks/keyset/uAB/AndroidManifest.xml @@ -20,9 +20,9 @@ <key-sets> <key-set android:name="AB" > <public-key android:name="keyA" - android:value="MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJoN1Nsgqf0V4C/bbN8wo8O2X/S5D76+5Mb9mlIsHkUTUTbHCNk+LxHIUYLm89YbP9zImrV0bUHLUAZUyoMUCiMCAwEAAQ==" /> + android:value="MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMpNthdOxud7roPDZMMomOqXgJJdRfIWpkKEqmC61Mv+Nf6QY3TorEwJeghjSmqj7IbBKrtvfQq4E2XJO1HuspmQO4Ng2gvn+r+6EwNfKc9k55d6s+27SR867jKurBbHNtZMG+tjL1yH4r+tNzcuJCsgyAFqLmxFdcxEwzNvREyRpoYc5RDR0mmTwkMCUhJ6CId1EYEKiCEdNzxv+fWPEb21u+/MWpleGCILs8kglRVb2q/WOzAAvGr4FY5plfaE6N+lr7+UschQ+aMi1+uqewo2o0qPFVmZP5hnwj55K4UMzu/NhhDqQQsX4cSGES1KgHo5MTqRqZjN/I7emw5pFQIDAQAB" /> <public-key android:name="keyB" - android:value="MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAMTfQsY8UuXiXmvw/y7Tpr7HoyfAC0nE/8Qdk3ZtEr9asa5qqP0F6xzCI1PGVFV+WLVRwm6FdB9StENL5EKyQFcCAwEAAQ==" /> + android:value="MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEtGr5cL2N7ztHiHmphB1/1eq+43lEAmP36iiEJAfX+cVReGSPFXqNnnM8Vptd2boAe332lrFw9rKPmbkZA+jOTA==" /> </key-set> <upgrade-key-set android:name="AB"/> </key-sets> diff --git a/core/tests/coretests/apks/keyset/uAuB/AndroidManifest.xml b/core/tests/coretests/apks/keyset/uAuB/AndroidManifest.xml index cdbd63936e82..9491dbeacc48 100644 --- a/core/tests/coretests/apks/keyset/uAuB/AndroidManifest.xml +++ b/core/tests/coretests/apks/keyset/uAuB/AndroidManifest.xml @@ -20,11 +20,11 @@ <key-sets> <key-set android:name="A" > <public-key android:name="keyA" - android:value="MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJoN1Nsgqf0V4C/bbN8wo8O2X/S5D76+5Mb9mlIsHkUTUTbHCNk+LxHIUYLm89YbP9zImrV0bUHLUAZUyoMUCiMCAwEAAQ==" /> + android:value="MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMpNthdOxud7roPDZMMomOqXgJJdRfIWpkKEqmC61Mv+Nf6QY3TorEwJeghjSmqj7IbBKrtvfQq4E2XJO1HuspmQO4Ng2gvn+r+6EwNfKc9k55d6s+27SR867jKurBbHNtZMG+tjL1yH4r+tNzcuJCsgyAFqLmxFdcxEwzNvREyRpoYc5RDR0mmTwkMCUhJ6CId1EYEKiCEdNzxv+fWPEb21u+/MWpleGCILs8kglRVb2q/WOzAAvGr4FY5plfaE6N+lr7+UschQ+aMi1+uqewo2o0qPFVmZP5hnwj55K4UMzu/NhhDqQQsX4cSGES1KgHo5MTqRqZjN/I7emw5pFQIDAQAB" /> </key-set> <key-set android:name="B" > <public-key android:name="keyB" - android:value="MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAMTfQsY8UuXiXmvw/y7Tpr7HoyfAC0nE/8Qdk3ZtEr9asa5qqP0F6xzCI1PGVFV+WLVRwm6FdB9StENL5EKyQFcCAwEAAQ==" /> + android:value="MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEtGr5cL2N7ztHiHmphB1/1eq+43lEAmP36iiEJAfX+cVReGSPFXqNnnM8Vptd2boAe332lrFw9rKPmbkZA+jOTA==" /> </key-set> <upgrade-key-set android:name="A"/> <upgrade-key-set android:name="B"/> diff --git a/core/tests/coretests/apks/keyset/uB/AndroidManifest.xml b/core/tests/coretests/apks/keyset/uB/AndroidManifest.xml index 61063c3477ce..f4918400f38b 100644 --- a/core/tests/coretests/apks/keyset/uB/AndroidManifest.xml +++ b/core/tests/coretests/apks/keyset/uB/AndroidManifest.xml @@ -20,7 +20,7 @@ <key-sets> <key-set android:name="B" > <public-key android:name="keyB" - android:value="MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAMTfQsY8UuXiXmvw/y7Tpr7HoyfAC0nE/8Qdk3ZtEr9asa5qqP0F6xzCI1PGVFV+WLVRwm6FdB9StENL5EKyQFcCAwEAAQ==" /> + android:value="MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEtGr5cL2N7ztHiHmphB1/1eq+43lEAmP36iiEJAfX+cVReGSPFXqNnnM8Vptd2boAe332lrFw9rKPmbkZA+jOTA==" /> </key-set> <upgrade-key-set android:name="B"/> </key-sets> diff --git a/core/tests/coretests/certs/keyset_A.pk8 b/core/tests/coretests/certs/keyset_A.pk8 Binary files differindex 3976b941f7d8..407631376ed9 100644 --- a/core/tests/coretests/certs/keyset_A.pk8 +++ b/core/tests/coretests/certs/keyset_A.pk8 diff --git a/core/tests/coretests/certs/keyset_A.x509.pem b/core/tests/coretests/certs/keyset_A.x509.pem index 0fe334eed85e..548bf130593f 100644 --- a/core/tests/coretests/certs/keyset_A.x509.pem +++ b/core/tests/coretests/certs/keyset_A.x509.pem @@ -1,14 +1,18 @@ -----BEGIN CERTIFICATE----- -MIICKjCCAdQCCQCpDXPnNpO5UjANBgkqhkiG9w0BAQUFADCBmzELMAkGA1UEBhMC -VVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDU1vdW50YWluIFZpZXcx -DzANBgNVBAoTBkdvb2dsZTEQMA4GA1UECxMHQW5kcm9pZDEYMBYGA1UEAxMPd3d3 -LmV4YW1wbGUuY29tMSIwIAYJKoZIhvcNAQkBFhNkY2FzaG1hbkBnb29nbGUuY29t -MB4XDTE0MDQyMTE4MTkwM1oXDTE3MDQyMDE4MTkwM1owgZsxCzAJBgNVBAYTAlVT -MRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MQ8w -DQYDVQQKEwZHb29nbGUxEDAOBgNVBAsTB0FuZHJvaWQxGDAWBgNVBAMTD3d3dy5l -eGFtcGxlLmNvbTEiMCAGCSqGSIb3DQEJARYTZGNhc2htYW5AZ29vZ2xlLmNvbTBc -MA0GCSqGSIb3DQEBAQUAA0sAMEgCQQCaDdTbIKn9FeAv22zfMKPDtl/0uQ++vuTG -/ZpSLB5FE1E2xwjZPi8RyFGC5vPWGz/cyJq1dG1By1AGVMqDFAojAgMBAAEwDQYJ -KoZIhvcNAQEFBQADQQCPTVDKxVZpxFH6Nm7sxpRplLzxbs/xyGELLIjEBVrgB0CM -HAxFpPRHDSFpTxGG2mBCSrf+lD2Bf+WiIojx+RLY +MIIC+TCCAeGgAwIBAgIJALuyfpZeCDiwMA0GCSqGSIb3DQEBBQUAMBMxETAPBgNV +BAMMCGtleXNldF9BMB4XDTE1MTIwMjIxMTEzNFoXDTQzMDQxOTIxMTEzNFowEzER +MA8GA1UEAwwIa2V5c2V0X0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB +AQCwyk22F07G53uug8NkwyiY6peAkl1F8hamQoSqYLrUy/41/pBjdOisTAl6CGNK +aqPshsEqu299CrgTZck7Ue6ymZA7g2DaC+f6v7oTA18pz2Tnl3qz7btJHzruMq6s +Fsc21kwb62MvXIfiv603Ny4kKyDIAWoubEV1zETDM29ETJGmhhzlENHSaZPCQwJS +EnoIh3URgQqIIR03PG/59Y8RvbW778xamV4YIguzySCVFVvar9Y7MAC8avgVjmmV +9oTo36Wvv5SxyFD5oyLX66p7CjajSo8VWZk/mGfCPnkrhQzO782GEOpBCxfhxIYR +LUqAejkxOpGpmM38jt6bDmkVAgMBAAGjUDBOMB0GA1UdDgQWBBTVcIVD9u9538W/ +NE2Y36YiPtYmPzAfBgNVHSMEGDAWgBTVcIVD9u9538W/NE2Y36YiPtYmPzAMBgNV +HRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4IBAQCjTN3mgaKep55wR1ULf4ULIc/m +mjfZK7ZnJcynBEIGyjAqt4mMIfKRV/DllLsf997r7bz12qUSLbhWGFSq4a2ceOIp +RG0+CGXV8Ez5Hz4o99MAP37Zdd5Lfq8fdlg2Mro2MMr21Tf3i2Y2LOfkXEZrW7rQ +A5ZRVksoRcPQWaaNA85LGRSCiC2XSjg8TLn1qKwQUXVGQ6fwLKqAeeV2+hynADih +FUaf7HxE5H3bHLByLmLKtab3Ta/g8VXxxRYuyd/rYsWMAHsjZge6xoVajm6Wvj5Q +AvIxV99+PK7dkjVpg3O2oN1O4DQlqqvxdhjNP733DI4cihfJYV9Vn+wKj3TA -----END CERTIFICATE----- diff --git a/core/tests/coretests/certs/keyset_B.pk8 b/core/tests/coretests/certs/keyset_B.pk8 Binary files differindex a44ebb3ffbfc..839d96cb8622 100644 --- a/core/tests/coretests/certs/keyset_B.pk8 +++ b/core/tests/coretests/certs/keyset_B.pk8 diff --git a/core/tests/coretests/certs/keyset_B.x509.pem b/core/tests/coretests/certs/keyset_B.x509.pem index 2806de5f558c..537e047d90e8 100644 --- a/core/tests/coretests/certs/keyset_B.x509.pem +++ b/core/tests/coretests/certs/keyset_B.x509.pem @@ -1,14 +1,10 @@ -----BEGIN CERTIFICATE----- -MIICKjCCAdQCCQC+5GnAgmYS6DANBgkqhkiG9w0BAQUFADCBmzELMAkGA1UEBhMC -VVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDU1vdW50YWluIFZpZXcx -DzANBgNVBAoTBkdvb2dsZTEQMA4GA1UECxMHQW5kcm9pZDEYMBYGA1UEAxMPd3d3 -LmV4YW1wbGUuY29tMSIwIAYJKoZIhvcNAQkBFhNkY2FzaG1hbkBnb29nbGUuY29t -MB4XDTE0MDQyMTE4MjczM1oXDTE3MDQyMDE4MjczM1owgZsxCzAJBgNVBAYTAlVT -MRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MQ8w -DQYDVQQKEwZHb29nbGUxEDAOBgNVBAsTB0FuZHJvaWQxGDAWBgNVBAMTD3d3dy5l -eGFtcGxlLmNvbTEiMCAGCSqGSIb3DQEJARYTZGNhc2htYW5AZ29vZ2xlLmNvbTBc -MA0GCSqGSIb3DQEBAQUAA0sAMEgCQQDE30LGPFLl4l5r8P8u06a+x6MnwAtJxP/E -HZN2bRK/WrGuaqj9BescwiNTxlRVfli1UcJuhXQfUrRDS+RCskBXAgMBAAEwDQYJ -KoZIhvcNAQEFBQADQQCYYyur2/sMB88MOhQE8RHNmdO0zEQYAz66z3ctTNqiNsbK -T9iKj0CT3cjqgfN5ex4onhnoIIPtON7DIHFWke5x +MIIBbDCCAROgAwIBAgIJALP/7jQfVyFBMAoGCCqGSM49BAMCMBMxETAPBgNVBAMM +CGtleXNldF9CMB4XDTE1MTIwMzIwNDgwNFoXDTQzMDQyMDIwNDgwNFowEzERMA8G +A1UEAwwIa2V5c2V0X0IwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAS0avlwvY3v +O0eIeamEHX/V6r7jeUQCY/fqKIQkB9f5xVF4ZI8Veo2eczxWm13ZugB7ffaWsXD2 +so+ZuRkD6M5Mo1AwTjAdBgNVHQ4EFgQUHrv1BwZU/MchAsa3VL0n458IwVswHwYD +VR0jBBgwFoAUHrv1BwZU/MchAsa3VL0n458IwVswDAYDVR0TBAUwAwEB/zAKBggq +hkjOPQQDAgNHADBEAiBp2nTHHhywNIyLpe8mYUsbwozVWM5/2xFidQe9Edua0AIg +Wt9BCfzrcsBh2Rlje9Im9sq6hIyLSS1pe6ZcI3+lDis= -----END CERTIFICATE----- diff --git a/core/tests/hosttests/test-apps/MultiDexLegacyAndException/Android.mk b/core/tests/hosttests/test-apps/MultiDexLegacyAndException/Android.mk index 78e718fbd3b4..edeecb2f62c3 100644 --- a/core/tests/hosttests/test-apps/MultiDexLegacyAndException/Android.mk +++ b/core/tests/hosttests/test-apps/MultiDexLegacyAndException/Android.mk @@ -47,9 +47,9 @@ endif include $(BUILD_PACKAGE) ifndef LOCAL_JACK_ENABLED -$(mainDexList): $(full_classes_proguard_jar) | $(HOST_OUT_EXECUTABLES)/mainDexClasses +$(mainDexList): $(full_classes_proguard_jar) | $(MAINDEXCLASSES) $(hide) mkdir -p $(dir $@) - $(HOST_OUT_EXECUTABLES)/mainDexClasses $< 1>$@ + $(MAINDEXCLASSES) $< 1>$@ echo "com/android/multidexlegacyandexception/Test.class" >> $@ $(built_dex_intermediate): $(mainDexList) diff --git a/core/tests/hosttests/test-apps/MultiDexLegacyTestApp/Android.mk b/core/tests/hosttests/test-apps/MultiDexLegacyTestApp/Android.mk index 7c699b610aed..7e4f0a99afa4 100644 --- a/core/tests/hosttests/test-apps/MultiDexLegacyTestApp/Android.mk +++ b/core/tests/hosttests/test-apps/MultiDexLegacyTestApp/Android.mk @@ -47,9 +47,9 @@ endif include $(BUILD_PACKAGE) ifndef LOCAL_JACK_ENABLED -$(mainDexList): $(full_classes_proguard_jar) | $(HOST_OUT_EXECUTABLES)/mainDexClasses +$(mainDexList): $(full_classes_proguard_jar) | $(MAINDEXCLASSES) $(hide) mkdir -p $(dir $@) - $(HOST_OUT_EXECUTABLES)/mainDexClasses $< 1>$@ + $(MAINDEXCLASSES) $< 1>$@ echo "com/android/multidexlegacytestapp/Test.class" >> $@ $(built_dex_intermediate): $(mainDexList) @@ -88,9 +88,9 @@ endif include $(BUILD_PACKAGE) ifndef LOCAL_JACK_ENABLED -$(mainDexList2): $(full_classes_proguard_jar) | $(HOST_OUT_EXECUTABLES)/mainDexClasses +$(mainDexList2): $(full_classes_proguard_jar) | $(MAINDEXCLASSES) $(hide) mkdir -p $(dir $@) - $(HOST_OUT_EXECUTABLES)/mainDexClasses $< 1>$@ + $(MAINDEXCLASSES) $< 1>$@ echo "com/android/multidexlegacytestapp/Test.class" >> $@ $(built_dex_intermediate): $(mainDexList2) diff --git a/core/tests/hosttests/test-apps/MultiDexLegacyTestServices/Android.mk b/core/tests/hosttests/test-apps/MultiDexLegacyTestServices/Android.mk index b85c02c85ab6..99bcd6c62b56 100644 --- a/core/tests/hosttests/test-apps/MultiDexLegacyTestServices/Android.mk +++ b/core/tests/hosttests/test-apps/MultiDexLegacyTestServices/Android.mk @@ -37,9 +37,9 @@ LOCAL_DEX_PREOPT := false include $(BUILD_PACKAGE) ifndef LOCAL_JACK_ENABLED -$(mainDexList): $(full_classes_proguard_jar) | $(HOST_OUT_EXECUTABLES)/mainDexClasses +$(mainDexList): $(full_classes_proguard_jar) | $(MAINDEXCLASSES) $(hide) mkdir -p $(dir $@) - $(HOST_OUT_EXECUTABLES)/mainDexClasses $< 1>$@ + $(MAINDEXCLASSES) $< 1>$@ $(built_dex_intermediate): $(mainDexList) endif diff --git a/core/tests/hosttests/test-apps/MultiDexLegacyVersionedTestApp_v1/Android.mk b/core/tests/hosttests/test-apps/MultiDexLegacyVersionedTestApp_v1/Android.mk index 0f1d9c037bf2..1c7d80790120 100644 --- a/core/tests/hosttests/test-apps/MultiDexLegacyVersionedTestApp_v1/Android.mk +++ b/core/tests/hosttests/test-apps/MultiDexLegacyVersionedTestApp_v1/Android.mk @@ -46,9 +46,9 @@ endif include $(BUILD_PACKAGE) ifndef LOCAL_JACK_ENABLED -$(mainDexList): $(full_classes_proguard_jar) | $(HOST_OUT_EXECUTABLES)/mainDexClasses +$(mainDexList): $(full_classes_proguard_jar) | $(MAINDEXCLASSES) $(hide) mkdir -p $(dir $@) - $(HOST_OUT_EXECUTABLES)/mainDexClasses $< 1>$@ + $(MAINDEXCLASSES) $< 1>$@ echo "com/android/framework/multidexlegacyversionedtestapp/MultiDexUpdateTest.class" >> $@ $(built_dex_intermediate): $(mainDexList) diff --git a/core/tests/hosttests/test-apps/MultiDexLegacyVersionedTestApp_v2/Android.mk b/core/tests/hosttests/test-apps/MultiDexLegacyVersionedTestApp_v2/Android.mk index 67ca483fe4c2..b77cf31edc62 100644 --- a/core/tests/hosttests/test-apps/MultiDexLegacyVersionedTestApp_v2/Android.mk +++ b/core/tests/hosttests/test-apps/MultiDexLegacyVersionedTestApp_v2/Android.mk @@ -46,9 +46,9 @@ endif include $(BUILD_PACKAGE) ifndef LOCAL_JACK_ENABLED -$(mainDexList): $(full_classes_proguard_jar) | $(HOST_OUT_EXECUTABLES)/mainDexClasses +$(mainDexList): $(full_classes_proguard_jar) | $(MAINDEXCLASSES) $(hide) mkdir -p $(dir $@) - $(HOST_OUT_EXECUTABLES)/mainDexClasses $< 1>$@ + $(MAINDEXCLASSES) $< 1>$@ echo "com/android/framework/multidexlegacyversionedtestapp/MultiDexUpdateTest.class" >> $@ $(built_dex_intermediate): $(mainDexList) diff --git a/core/tests/hosttests/test-apps/MultiDexLegacyVersionedTestApp_v3/Android.mk b/core/tests/hosttests/test-apps/MultiDexLegacyVersionedTestApp_v3/Android.mk index bf2efb1e493f..3631626f6b31 100644 --- a/core/tests/hosttests/test-apps/MultiDexLegacyVersionedTestApp_v3/Android.mk +++ b/core/tests/hosttests/test-apps/MultiDexLegacyVersionedTestApp_v3/Android.mk @@ -46,9 +46,9 @@ endif include $(BUILD_PACKAGE) ifndef LOCAL_JACK_ENABLED -$(mainDexList): $(full_classes_proguard_jar) | $(HOST_OUT_EXECUTABLES)/mainDexClasses +$(mainDexList): $(full_classes_proguard_jar) | $(MAINDEXCLASSES) $(hide) mkdir -p $(dir $@) - $(HOST_OUT_EXECUTABLES)/mainDexClasses $< 1>$@ + $(MAINDEXCLASSES) $< 1>$@ echo "com/android/framework/multidexlegacyversionedtestapp/MultiDexUpdateTest.class" >> $@ $(built_dex_intermediate): $(mainDexList) diff --git a/packages/DocumentsUI/res/values/config.xml b/packages/DocumentsUI/res/values/config.xml new file mode 100644 index 000000000000..a35c4984b72a --- /dev/null +++ b/packages/DocumentsUI/res/values/config.xml @@ -0,0 +1,19 @@ +<?xml version="1.0" encoding="utf-8"?> +<!-- Copyright (C) 2015 The Android Open Source Project + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +--> +<resources> + <!-- Allow Advanced Devices default value to be customised --> + <bool name="config_defaultAdvancedDevices">false</bool> +</resources> diff --git a/packages/DocumentsUI/src/com/android/documentsui/LocalPreferences.java b/packages/DocumentsUI/src/com/android/documentsui/LocalPreferences.java index e6c5ae23c4f5..113e9d7f7357 100644 --- a/packages/DocumentsUI/src/com/android/documentsui/LocalPreferences.java +++ b/packages/DocumentsUI/src/com/android/documentsui/LocalPreferences.java @@ -24,8 +24,10 @@ public class LocalPreferences { private static final String KEY_FILE_SIZE = "fileSize"; public static boolean getDisplayAdvancedDevices(Context context) { + boolean defaultAdvanced = context.getResources() + .getBoolean(R.bool.config_defaultAdvancedDevices); return PreferenceManager.getDefaultSharedPreferences(context) - .getBoolean(KEY_ADVANCED_DEVICES, false); + .getBoolean(KEY_ADVANCED_DEVICES, defaultAdvanced); } public static boolean getDisplayFileSize(Context context) { diff --git a/services/core/java/com/android/server/AppOpsService.java b/services/core/java/com/android/server/AppOpsService.java index c373fb8933cd..8eb01833d484 100644 --- a/services/core/java/com/android/server/AppOpsService.java +++ b/services/core/java/com/android/server/AppOpsService.java @@ -513,33 +513,35 @@ public class AppOpsService extends IAppOpsService.Stub { String[] uidPackageNames = getPackagesForUid(uid); ArrayMap<Callback, ArraySet<String>> callbackSpecs = null; - ArrayList<Callback> callbacks = mOpModeWatchers.get(code); - if (callbacks != null) { - final int callbackCount = callbacks.size(); - for (int i = 0; i < callbackCount; i++) { - Callback callback = callbacks.get(i); - ArraySet<String> changedPackages = new ArraySet<>(); - Collections.addAll(changedPackages, uidPackageNames); - callbackSpecs = new ArrayMap<>(); - callbackSpecs.put(callback, changedPackages); - } - } - - for (String uidPackageName : uidPackageNames) { - callbacks = mPackageModeWatchers.get(uidPackageName); + synchronized (this) { + ArrayList<Callback> callbacks = mOpModeWatchers.get(code); if (callbacks != null) { - if (callbackSpecs == null) { - callbackSpecs = new ArrayMap<>(); - } final int callbackCount = callbacks.size(); for (int i = 0; i < callbackCount; i++) { Callback callback = callbacks.get(i); - ArraySet<String> changedPackages = callbackSpecs.get(callback); - if (changedPackages == null) { - changedPackages = new ArraySet<>(); - callbackSpecs.put(callback, changedPackages); + ArraySet<String> changedPackages = new ArraySet<>(); + Collections.addAll(changedPackages, uidPackageNames); + callbackSpecs = new ArrayMap<>(); + callbackSpecs.put(callback, changedPackages); + } + } + + for (String uidPackageName : uidPackageNames) { + callbacks = mPackageModeWatchers.get(uidPackageName); + if (callbacks != null) { + if (callbackSpecs == null) { + callbackSpecs = new ArrayMap<>(); + } + final int callbackCount = callbacks.size(); + for (int i = 0; i < callbackCount; i++) { + Callback callback = callbacks.get(i); + ArraySet<String> changedPackages = callbackSpecs.get(callback); + if (changedPackages == null) { + changedPackages = new ArraySet<>(); + callbackSpecs.put(callback, changedPackages); + } + changedPackages.add(uidPackageName); } - changedPackages.add(uidPackageName); } } } @@ -1773,7 +1775,7 @@ public class AppOpsService extends IAppOpsService.Stub { private static String[] getPackagesForUid(int uid) { String[] packageNames = null; try { - packageNames= AppGlobals.getPackageManager().getPackagesForUid(uid); + packageNames = AppGlobals.getPackageManager().getPackagesForUid(uid); } catch (RemoteException e) { /* ignore - local call */ } diff --git a/services/core/java/com/android/server/pm/PackageManagerService.java b/services/core/java/com/android/server/pm/PackageManagerService.java index 58e1b33ff35d..151f14da69ea 100644 --- a/services/core/java/com/android/server/pm/PackageManagerService.java +++ b/services/core/java/com/android/server/pm/PackageManagerService.java @@ -8138,9 +8138,9 @@ public class PackageManagerService extends IPackageManager.Stub { } } if ((p.info.protectionLevel&PermissionInfo.PROTECTION_FLAG_APPOP) != 0) { - ArraySet<String> appOpPerms = mAppOpPermissionPackages.get(p.info.name); - if (appOpPerms != null) { - appOpPerms.remove(pkg.packageName); + ArraySet<String> appOpPkgs = mAppOpPermissionPackages.get(p.info.name); + if (appOpPkgs != null) { + appOpPkgs.remove(pkg.packageName); } } } @@ -8154,10 +8154,10 @@ public class PackageManagerService extends IPackageManager.Stub { String perm = pkg.requestedPermissions.get(i); BasePermission bp = mSettings.mPermissions.get(perm); if (bp != null && (bp.protectionLevel&PermissionInfo.PROTECTION_FLAG_APPOP) != 0) { - ArraySet<String> appOpPerms = mAppOpPermissionPackages.get(perm); - if (appOpPerms != null) { - appOpPerms.remove(pkg.packageName); - if (appOpPerms.isEmpty()) { + ArraySet<String> appOpPkgs = mAppOpPermissionPackages.get(perm); + if (appOpPkgs != null) { + appOpPkgs.remove(pkg.packageName); + if (appOpPkgs.isEmpty()) { mAppOpPermissionPackages.remove(perm); } } diff --git a/services/core/java/com/android/server/policy/PhoneWindowManager.java b/services/core/java/com/android/server/policy/PhoneWindowManager.java index 8ad45c935ea1..bfe68b34066e 100644 --- a/services/core/java/com/android/server/policy/PhoneWindowManager.java +++ b/services/core/java/com/android/server/policy/PhoneWindowManager.java @@ -392,6 +392,7 @@ public class PhoneWindowManager implements WindowManagerPolicy { boolean mDeskDockEnablesAccelerometer; int mLidKeyboardAccessibility; int mLidNavigationAccessibility; + boolean mLidControlsScreenLock; boolean mLidControlsSleep; int mShortPressOnPowerBehavior; int mLongPressOnPowerBehavior; @@ -1421,6 +1422,8 @@ public class PhoneWindowManager implements WindowManagerPolicy { com.android.internal.R.integer.config_lidKeyboardAccessibility); mLidNavigationAccessibility = mContext.getResources().getInteger( com.android.internal.R.integer.config_lidNavigationAccessibility); + mLidControlsScreenLock = mContext.getResources().getBoolean( + com.android.internal.R.bool.config_lidControlsScreenLock); mLidControlsSleep = mContext.getResources().getBoolean( com.android.internal.R.bool.config_lidControlsSleep); mTranslucentDecorEnabled = mContext.getResources().getBoolean( @@ -6309,6 +6312,8 @@ public class PhoneWindowManager implements WindowManagerPolicy { mPowerManager.goToSleep(SystemClock.uptimeMillis(), PowerManager.GO_TO_SLEEP_REASON_LID_SWITCH, PowerManager.GO_TO_SLEEP_FLAG_NO_DOZE); + } else if (mLidState == LID_CLOSED && mLidControlsScreenLock) { + mWindowManagerFuncs.lockDeviceNow(); } synchronized (mLock) { @@ -6887,6 +6892,7 @@ public class PhoneWindowManager implements WindowManagerPolicy { pw.print(prefix); pw.print("mLidKeyboardAccessibility="); pw.print(mLidKeyboardAccessibility); pw.print(" mLidNavigationAccessibility="); pw.print(mLidNavigationAccessibility); + pw.print(" mLidControlsScreenLock="); pw.println(mLidControlsScreenLock); pw.print(" mLidControlsSleep="); pw.println(mLidControlsSleep); pw.print(prefix); pw.print("mShortPressOnPowerBehavior="); pw.print(mShortPressOnPowerBehavior); diff --git a/services/core/java/com/android/server/wm/WindowManagerService.java b/services/core/java/com/android/server/wm/WindowManagerService.java index 101f64b84191..267f4a79bb5e 100644 --- a/services/core/java/com/android/server/wm/WindowManagerService.java +++ b/services/core/java/com/android/server/wm/WindowManagerService.java @@ -5634,6 +5634,12 @@ public class WindowManagerService extends IWindowManager.Stub // Called by window manager policy. Not exposed externally. @Override + public void lockDeviceNow() { + lockNow(null); + } + + // Called by window manager policy. Not exposed externally. + @Override public int getCameraLensCoverState() { int sw = mInputManager.getSwitchState(-1, InputDevice.SOURCE_ANY, InputManagerService.SW_CAMERA_LENS_COVER); diff --git a/services/core/jni/com_android_server_UsbMidiDevice.cpp b/services/core/jni/com_android_server_UsbMidiDevice.cpp index 06b9bc3c01ec..e12a01661a44 100644 --- a/services/core/jni/com_android_server_UsbMidiDevice.cpp +++ b/services/core/jni/com_android_server_UsbMidiDevice.cpp @@ -43,12 +43,26 @@ android_server_UsbMidiDevice_get_subdevice_count(JNIEnv *env, jobject /* thiz */ jint card, jint device) { char path[100]; + int fd; + const int kMaxRetries = 10; + const int kSleepMicroseconds = 2000; snprintf(path, sizeof(path), "/dev/snd/controlC%d", card); - int fd = open(path, O_RDWR); - if (fd < 0) { - ALOGE("could not open %s", path); - return 0; + // This control device may not have been created yet. So we should + // try to open it several times to prevent intermittent failure + // from a race condition. + int retryCounter = 0; + while ((fd = open(path, O_RDWR)) < 0) { + if (++retryCounter > kMaxRetries) { + ALOGE("timed out after %d tries, could not open %s", retryCounter, path); + return 0; + } else { + ALOGW("attempt #%d, could not open %s", retryCounter, path); + // Increase the sleep interval each time. + // 10 retries will total 2 * sum(1..10) = 110 milliseconds. + // Typically the device should be ready in 5-10 milliseconds. + usleep(kSleepMicroseconds * retryCounter); + } } struct snd_rawmidi_info info; diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java index dedf1d9ae9f7..1db285ff1b12 100644 --- a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java +++ b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java @@ -3465,42 +3465,33 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { } enforceCrossUserPermission(userHandle); enforceNotManagedProfile(userHandle, "set the active password"); - mContext.enforceCallingOrSelfPermission( android.Manifest.permission.BIND_DEVICE_ADMIN, null); - DevicePolicyData p = getUserData(userHandle); - validateQualityConstant(quality); - synchronized (this) { - if (p.mActivePasswordQuality != quality || p.mActivePasswordLength != length - || p.mFailedPasswordAttempts != 0 || p.mActivePasswordLetters != letters - || p.mActivePasswordUpperCase != uppercase - || p.mActivePasswordLowerCase != lowercase - || p.mActivePasswordNumeric != numbers - || p.mActivePasswordSymbols != symbols - || p.mActivePasswordNonLetter != nonletter) { - long ident = Binder.clearCallingIdentity(); - try { - p.mActivePasswordQuality = quality; - p.mActivePasswordLength = length; - p.mActivePasswordLetters = letters; - p.mActivePasswordLowerCase = lowercase; - p.mActivePasswordUpperCase = uppercase; - p.mActivePasswordNumeric = numbers; - p.mActivePasswordSymbols = symbols; - p.mActivePasswordNonLetter = nonletter; - p.mFailedPasswordAttempts = 0; - saveSettingsLocked(userHandle); - updatePasswordExpirationsLocked(userHandle); - setExpirationAlarmCheckLocked(mContext, p); - sendAdminCommandToSelfAndProfilesLocked( - DeviceAdminReceiver.ACTION_PASSWORD_CHANGED, - DeviceAdminInfo.USES_POLICY_LIMIT_PASSWORD, userHandle); - } finally { - Binder.restoreCallingIdentity(ident); - } + DevicePolicyData policy = getUserData(userHandle); + + long ident = Binder.clearCallingIdentity(); + try { + synchronized (this) { + policy.mActivePasswordQuality = quality; + policy.mActivePasswordLength = length; + policy.mActivePasswordLetters = letters; + policy.mActivePasswordLowerCase = lowercase; + policy.mActivePasswordUpperCase = uppercase; + policy.mActivePasswordNumeric = numbers; + policy.mActivePasswordSymbols = symbols; + policy.mActivePasswordNonLetter = nonletter; + policy.mFailedPasswordAttempts = 0; + saveSettingsLocked(userHandle); + updatePasswordExpirationsLocked(userHandle); + setExpirationAlarmCheckLocked(mContext, policy); + sendAdminCommandToSelfAndProfilesLocked( + DeviceAdminReceiver.ACTION_PASSWORD_CHANGED, + DeviceAdminInfo.USES_POLICY_LIMIT_PASSWORD, userHandle); } + } finally { + Binder.restoreCallingIdentity(ident); } } diff --git a/tests/NetworkSecurityConfigTest/res/xml/override_dedup.xml b/tests/NetworkSecurityConfigTest/res/xml/override_dedup.xml new file mode 100644 index 000000000000..5ba56754e768 --- /dev/null +++ b/tests/NetworkSecurityConfigTest/res/xml/override_dedup.xml @@ -0,0 +1,20 @@ +<?xml version="1.0" encoding="utf-8"?> +<network-security-config> + <!-- Entry with a bad pin. Connections to this will only succeed if overridePins is set. --> + <domain-config> + <domain>android.com</domain> + <pin-set> + <pin digest="SHA-256">aaaaaaaaIAq2Y49orFOOQKurWxmmSFZhBCoQYcRhJ3Y=</pin> + </pin-set> + <trust-anchors> + <certificates src="system" overridePins="false" /> + </trust-anchors> + </domain-config> + <!-- override that contains all of the system CA store. This should completely override the + anchors in the domain config-above with ones that have overridePins set. --> + <debug-overrides> + <trust-anchors> + <certificates src="system" /> + </trust-anchors> + </debug-overrides> +</network-security-config> diff --git a/tests/NetworkSecurityConfigTest/src/android/security/net/config/TestCertificateSource.java b/tests/NetworkSecurityConfigTest/src/android/security/net/config/TestCertificateSource.java index 92eadc06cd49..69b2a9d55642 100644 --- a/tests/NetworkSecurityConfigTest/src/android/security/net/config/TestCertificateSource.java +++ b/tests/NetworkSecurityConfigTest/src/android/security/net/config/TestCertificateSource.java @@ -19,15 +19,29 @@ package android.security.net.config; import java.util.Set; import java.security.cert.X509Certificate; +import com.android.org.conscrypt.TrustedCertificateIndex; + /** @hide */ public class TestCertificateSource implements CertificateSource { private final Set<X509Certificate> mCertificates; + private final TrustedCertificateIndex mIndex = new TrustedCertificateIndex(); public TestCertificateSource(Set<X509Certificate> certificates) { mCertificates = certificates; + for (X509Certificate cert : certificates) { + mIndex.index(cert); + } } public Set<X509Certificate> getCertificates() { return mCertificates; } + + public X509Certificate findBySubjectAndPublicKey(X509Certificate cert) { + java.security.cert.TrustAnchor anchor = mIndex.findBySubjectAndPublicKey(cert); + if (anchor == null) { + return null; + } + return anchor.getTrustedCert(); + } } diff --git a/tests/NetworkSecurityConfigTest/src/android/security/net/config/XmlConfigTests.java b/tests/NetworkSecurityConfigTest/src/android/security/net/config/XmlConfigTests.java index c6f3680f455c..998bb681dd24 100644 --- a/tests/NetworkSecurityConfigTest/src/android/security/net/config/XmlConfigTests.java +++ b/tests/NetworkSecurityConfigTest/src/android/security/net/config/XmlConfigTests.java @@ -402,4 +402,22 @@ public class XmlConfigTests extends AndroidTestCase { context.init(null, tms, null); TestUtils.assertConnectionSucceeds(context, "android.com" , 443); } + + public void testDebugDedup() throws Exception { + XmlConfigSource source = new XmlConfigSource(getContext(), R.xml.override_dedup, true); + ApplicationConfig appConfig = new ApplicationConfig(source); + assertTrue(appConfig.hasPerDomainConfigs()); + // Check android.com. + NetworkSecurityConfig config = appConfig.getConfigForHostname("android.com"); + PinSet pinSet = config.getPins(); + assertFalse(pinSet.pins.isEmpty()); + // Check that all TrustAnchors come from the override pins debug source. + for (TrustAnchor anchor : config.getTrustAnchors()) { + assertTrue(anchor.overridesPins); + } + // Try connections. + SSLContext context = TestUtils.getSSLContext(source); + TestUtils.assertConnectionSucceeds(context, "android.com", 443); + TestUtils.assertUrlConnectionSucceeds(context, "android.com", 443); + } } diff --git a/tools/aapt/pseudolocalize.h b/tools/aapt/pseudolocalize.h index 71b974b0c269..1faecd14172d 100644 --- a/tools/aapt/pseudolocalize.h +++ b/tools/aapt/pseudolocalize.h @@ -1,7 +1,7 @@ #ifndef HOST_PSEUDOLOCALIZE_H #define HOST_PSEUDOLOCALIZE_H -#include <base/macros.h> +#include <android-base/macros.h> #include "StringPool.h" class PseudoMethodImpl { |