diff options
| -rw-r--r-- | AconfigFlags.bp | 14 | ||||
| -rw-r--r-- | SECURITY_STATE_OWNERS | 5 | ||||
| -rw-r--r-- | api/Android.bp | 4 | ||||
| -rw-r--r-- | core/api/test-lint-baseline.txt | 2 | ||||
| -rw-r--r-- | core/java/android/app/OWNERS | 4 | ||||
| -rw-r--r-- | core/java/android/content/res/flags.aconfig | 19 | ||||
| -rw-r--r-- | core/java/android/os/OWNERS | 3 | ||||
| -rw-r--r-- | core/jni/AndroidRuntime.cpp | 5 | ||||
| -rw-r--r-- | packages/LocalTransport/src/com/android/localtransport/LocalTransport.java | 3 | ||||
| -rw-r--r-- | services/core/java/com/android/server/OWNERS | 1 | ||||
| -rw-r--r-- | services/core/java/com/android/server/am/CachedAppOptimizer.java | 2 | ||||
| -rw-r--r-- | services/core/java/com/android/server/pm/permission/PermissionManagerServiceImpl.java | 4 | ||||
| -rw-r--r-- | services/core/jni/OWNERS | 4 | ||||
| -rw-r--r-- | services/tests/servicestests/src/com/android/server/OWNERS | 3 | ||||
| -rw-r--r-- | telephony/java/android/telephony/AnomalyReporter.java | 13 | ||||
| -rw-r--r-- | tools/lint/global/checks/src/main/java/com/google/android/lint/aidl/EnforcePermissionFix.kt | 4 |
16 files changed, 69 insertions, 21 deletions
diff --git a/AconfigFlags.bp b/AconfigFlags.bp index f96a1de078ed..02fee102b4c3 100644 --- a/AconfigFlags.bp +++ b/AconfigFlags.bp @@ -14,6 +14,7 @@ aconfig_srcjars = [ ":android.content.pm.flags-aconfig-java{.generated_srcjars}", + ":android.content.res.flags-aconfig-java{.generated_srcjars}", ":android.hardware.biometrics.flags-aconfig-java{.generated_srcjars}", ":android.net.vcn.flags-aconfig-java{.generated_srcjars}", ":android.nfc.flags-aconfig-java{.generated_srcjars}", @@ -190,6 +191,19 @@ java_aconfig_library { defaults: ["framework-minus-apex-aconfig-java-defaults"], } +// Resources +aconfig_declarations { + name: "android.content.res.flags-aconfig", + package: "android.content.res", + srcs: ["core/java/android/content/res/*.aconfig"], +} + +java_aconfig_library { + name: "android.content.res.flags-aconfig-java", + aconfig_declarations: "android.content.res.flags-aconfig", + defaults: ["framework-minus-apex-aconfig-java-defaults"], +} + // Biometrics aconfig_declarations { name: "android.hardware.biometrics.flags-aconfig", diff --git a/SECURITY_STATE_OWNERS b/SECURITY_STATE_OWNERS new file mode 100644 index 000000000000..30ddfe2bebe8 --- /dev/null +++ b/SECURITY_STATE_OWNERS @@ -0,0 +1,5 @@ +alxu@google.com +musashi@google.com +maunik@google.com +davidkwak@google.com +willcoster@google.com
\ No newline at end of file diff --git a/api/Android.bp b/api/Android.bp index 179113f9859d..53988cd373b8 100644 --- a/api/Android.bp +++ b/api/Android.bp @@ -318,10 +318,6 @@ stubs_defaults { "framework-protos", ], flags: [ - "--api-lint-ignore-prefix android.icu.", - "--api-lint-ignore-prefix java.", - "--api-lint-ignore-prefix junit.", - "--api-lint-ignore-prefix org.", "--error NoSettingsProvider", "--error UnhiddenSystemApi", "--error UnflaggedApi", diff --git a/core/api/test-lint-baseline.txt b/core/api/test-lint-baseline.txt index 37464a0c81e6..3abd9fe7c7d4 100644 --- a/core/api/test-lint-baseline.txt +++ b/core/api/test-lint-baseline.txt @@ -1221,8 +1221,6 @@ UserHandleName: android.content.ContentCaptureOptions: Classes holding a set of parameters should be called `FooParams`, was `ContentCaptureOptions` -VisiblySynchronized: PsiThisExpression: - Internal locks must not be exposed (synchronizing on this or class is still externally observable): method android.content.res.AssetManager.getApkPaths() VisiblySynchronized: android.content.res.AssetManager#getApkPaths(): Internal locks must not be exposed (synchronizing on this or class is still externally observable): method android.content.res.AssetManager.getApkPaths() VisiblySynchronized: android.content.res.AssetManager#getLastResourceResolution(): diff --git a/core/java/android/app/OWNERS b/core/java/android/app/OWNERS index 164bdbe9f516..27636f27fbc4 100644 --- a/core/java/android/app/OWNERS +++ b/core/java/android/app/OWNERS @@ -81,6 +81,10 @@ per-file IEphemeralResolver.aidl = file:/services/core/java/com/android/server/p per-file IInstantAppResolver.aidl = file:/services/core/java/com/android/server/pm/OWNERS per-file InstantAppResolveInfo.aidl = file:/services/core/java/com/android/server/pm/OWNERS +# BackgroundInstallControlManager +per-file BackgroundInstallControlManager.java = file:/services/core/java/com/android/server/pm/OWNERS +per-file background_install_control_manager.aconfig = file:/services/core/java/com/android/server/pm/OWNERS + # ResourcesManager per-file ResourcesManager.java = file:RESOURCES_OWNERS diff --git a/core/java/android/content/res/flags.aconfig b/core/java/android/content/res/flags.aconfig new file mode 100644 index 000000000000..b0e234232f09 --- /dev/null +++ b/core/java/android/content/res/flags.aconfig @@ -0,0 +1,19 @@ +package: "android.content.res" + +flag { + name: "default_locale" + namespace: "resource_manager" + description: "Feature flag for default locale in LocaleConfig" + bug: "117306409" + # fixed_read_only or device wont boot because of permission issues accessing flags during boot + is_fixed_read_only: true +} + +flag { + name: "manifest_flagging" + namespace: "resource_manager" + description: "Feature flag for flagging manifest entries" + bug: "297373084" + # This flag is read in PackageParser at boot time, and in aapt2 which is a build tool. + is_fixed_read_only: true +} diff --git a/core/java/android/os/OWNERS b/core/java/android/os/OWNERS index 463be37b1253..7f60a2097153 100644 --- a/core/java/android/os/OWNERS +++ b/core/java/android/os/OWNERS @@ -88,3 +88,6 @@ per-file PerformanceHintManager.java = file:/ADPF_OWNERS per-file IThermal* = file:/THERMAL_OWNERS per-file CoolingDevice.java = file:/THERMAL_OWNERS per-file Temperature.java = file:/THERMAL_OWNERS + +# SecurityStateManager +per-file *SecurityStateManager* = file:/SECURITY_STATE_OWNERS
\ No newline at end of file diff --git a/core/jni/AndroidRuntime.cpp b/core/jni/AndroidRuntime.cpp index 4e4c7541a32e..08fb51b8b8e3 100644 --- a/core/jni/AndroidRuntime.cpp +++ b/core/jni/AndroidRuntime.cpp @@ -652,6 +652,8 @@ int AndroidRuntime::startVm(JavaVM** pJavaVM, JNIEnv** pEnv, bool zygote, bool p sizeof("-Xps-save-resolved-classes-delay-ms:")-1 + PROPERTY_VALUE_MAX]; char profileMinSavePeriodOptsBuf[sizeof("-Xps-min-save-period-ms:")-1 + PROPERTY_VALUE_MAX]; char profileMinFirstSaveOptsBuf[sizeof("-Xps-min-first-save-ms:") - 1 + PROPERTY_VALUE_MAX]; + char profileInlineCacheThresholdOptsBuf[ + sizeof("-Xps-inline-cache-threshold:") - 1 + PROPERTY_VALUE_MAX]; char madviseWillNeedFileSizeVdex[ sizeof("-XMadviseWillNeedVdexFileSize:")-1 + PROPERTY_VALUE_MAX]; char madviseWillNeedFileSizeOdex[ @@ -897,6 +899,9 @@ int AndroidRuntime::startVm(JavaVM** pJavaVM, JNIEnv** pEnv, bool zygote, bool p parseRuntimeOption("dalvik.vm.ps-min-first-save-ms", profileMinFirstSaveOptsBuf, "-Xps-min-first-save-ms:"); + parseRuntimeOption("dalvik.vm.ps-inline-cache-threshold", profileInlineCacheThresholdOptsBuf, + "-Xps-inline-cache-threshold:"); + property_get("ro.config.low_ram", propBuf, ""); if (strcmp(propBuf, "true") == 0) { addOption("-XX:LowMemoryMode"); diff --git a/packages/LocalTransport/src/com/android/localtransport/LocalTransport.java b/packages/LocalTransport/src/com/android/localtransport/LocalTransport.java index 933be11bfaf1..6a4bb216b495 100644 --- a/packages/LocalTransport/src/com/android/localtransport/LocalTransport.java +++ b/packages/LocalTransport/src/com/android/localtransport/LocalTransport.java @@ -134,8 +134,7 @@ public class LocalTransport extends BackupTransport { @UsesReflection({ // As the runtime class name is used to generate the returned name, and the returned // name may be used used with reflection, generate the necessary keep rules. - @KeepTarget(classConstant = LocalTransport.class), - @KeepTarget(extendsClassConstant = LocalTransport.class) + @KeepTarget(instanceOfClassConstant = LocalTransport.class) }) @Override public String name() { diff --git a/services/core/java/com/android/server/OWNERS b/services/core/java/com/android/server/OWNERS index 3aa275c8d9b8..a2d7a81b3289 100644 --- a/services/core/java/com/android/server/OWNERS +++ b/services/core/java/com/android/server/OWNERS @@ -27,6 +27,7 @@ per-file **IpSec* = file:/services/core/java/com/android/server/net/OWNERS per-file **IpSec* = file:/services/core/java/com/android/server/vcn/OWNERS per-file *Location* = file:/services/core/java/com/android/server/location/OWNERS per-file *Network* = file:/services/core/java/com/android/server/net/OWNERS +per-file *SecurityStateManager* = file:/SECURITY_STATE_OWNERS per-file *SoundTrigger* = file:/media/java/android/media/soundtrigger/OWNERS per-file *Storage* = file:/core/java/android/os/storage/OWNERS per-file *TimeUpdate* = file:/services/core/java/com/android/server/timezonedetector/OWNERS diff --git a/services/core/java/com/android/server/am/CachedAppOptimizer.java b/services/core/java/com/android/server/am/CachedAppOptimizer.java index db933239874f..0caf26a5175b 100644 --- a/services/core/java/com/android/server/am/CachedAppOptimizer.java +++ b/services/core/java/com/android/server/am/CachedAppOptimizer.java @@ -264,7 +264,7 @@ public final class CachedAppOptimizer { @VisibleForTesting static final String DEFAULT_COMPACT_PROC_STATE_THROTTLE = String.valueOf(ActivityManager.PROCESS_STATE_RECEIVER); @VisibleForTesting static final long DEFAULT_FREEZER_DEBOUNCE_TIMEOUT = 10_000L; - @VisibleForTesting static final boolean DEFAULT_FREEZER_EXEMPT_INST_PKG = true; + @VisibleForTesting static final boolean DEFAULT_FREEZER_EXEMPT_INST_PKG = false; @VisibleForTesting static final boolean DEFAULT_FREEZER_BINDER_ENABLED = true; @VisibleForTesting static final long DEFAULT_FREEZER_BINDER_DIVISOR = 4; @VisibleForTesting static final int DEFAULT_FREEZER_BINDER_OFFSET = 500; diff --git a/services/core/java/com/android/server/pm/permission/PermissionManagerServiceImpl.java b/services/core/java/com/android/server/pm/permission/PermissionManagerServiceImpl.java index 21446549cfbd..574f121b033a 100644 --- a/services/core/java/com/android/server/pm/permission/PermissionManagerServiceImpl.java +++ b/services/core/java/com/android/server/pm/permission/PermissionManagerServiceImpl.java @@ -3379,7 +3379,7 @@ public class PermissionManagerServiceImpl implements PermissionManagerServiceInt final PermissionAllowlist permissionAllowlist = SystemConfig.getInstance().getPermissionAllowlist(); final String packageName = packageState.getPackageName(); - if (packageState.isVendor()) { + if (packageState.isVendor() || packageState.isOdm()) { return permissionAllowlist.getVendorPrivilegedAppAllowlistState(packageName, permissionName); } else if (packageState.isProduct()) { @@ -3474,7 +3474,7 @@ public class PermissionManagerServiceImpl implements PermissionManagerServiceInt // the permission's protectionLevel does not have the extra 'vendorPrivileged' // flag. if (allowed && isPrivilegedPermission && !bp.isVendorPrivileged() - && pkgSetting.isVendor()) { + && (pkgSetting.isVendor() || pkgSetting.isOdm())) { Slog.w(TAG, "Permission " + permissionName + " cannot be granted to privileged vendor apk " + pkg.getPackageName() + " because it isn't a 'vendorPrivileged' permission."); diff --git a/services/core/jni/OWNERS b/services/core/jni/OWNERS index fd9d4a44b65d..d4f6312d19d9 100644 --- a/services/core/jni/OWNERS +++ b/services/core/jni/OWNERS @@ -30,5 +30,5 @@ per-file com_android_server_vibrator_* = file:/services/core/java/com/android/se per-file com_android_server_am_CachedAppOptimizer.cpp = timmurray@google.com, edgararriaga@google.com, dualli@google.com, carmenjackson@google.com, philipcuadra@google.com per-file com_android_server_companion_virtual_InputController.cpp = file:/services/companion/java/com/android/server/companion/virtual/OWNERS -# Bug component : 158088 = per-file com_android_server_utils_AnrTimer*.java -per-file com_android_server_utils_AnrTimer*.java = file:/PERFORMANCE_OWNERS +# Bug component : 158088 = per-file *AnrTimer* +per-file *AnrTimer* = file:/PERFORMANCE_OWNERS diff --git a/services/tests/servicestests/src/com/android/server/OWNERS b/services/tests/servicestests/src/com/android/server/OWNERS index 177d72b05549..f433e4eadb5e 100644 --- a/services/tests/servicestests/src/com/android/server/OWNERS +++ b/services/tests/servicestests/src/com/android/server/OWNERS @@ -4,5 +4,6 @@ per-file *BinaryTransparency* = file:/core/java/android/transparency/OWNERS per-file *Bluetooth* = file:platform/packages/modules/Bluetooth:master:/framework/java/android/bluetooth/OWNERS per-file *Gnss* = file:/services/core/java/com/android/server/location/OWNERS per-file *Network* = file:/services/core/java/com/android/server/net/OWNERS -per-file BatteryServiceTest.java = file:platform/hardware/interfaces:/health/aidl/OWNERS +per-file BatteryServiceTest.java = file:platform/hardware/interfaces:/health/OWNERS per-file GestureLauncherServiceTest.java = file:platform/packages/apps/EmergencyInfo:/OWNERS +per-file SecurityStateTest.java = file:/SECURITY_STATE_OWNERS diff --git a/telephony/java/android/telephony/AnomalyReporter.java b/telephony/java/android/telephony/AnomalyReporter.java index db38f8873a02..575ec27622a5 100644 --- a/telephony/java/android/telephony/AnomalyReporter.java +++ b/telephony/java/android/telephony/AnomalyReporter.java @@ -187,14 +187,15 @@ public final class AnomalyReporter { } for (ResolveInfo r : packages) { - if (r.activityInfo == null - || pm.checkPermission( + if (r.activityInfo == null) { + Rlog.w(TAG, "Found package without activity"); + continue; + } else if (pm.checkPermission( android.Manifest.permission.READ_PRIVILEGED_PHONE_STATE, r.activityInfo.packageName) - != PackageManager.PERMISSION_GRANTED) { - Rlog.w(TAG, - "Found package without proper permissions or no activity" - + r.activityInfo.packageName); + != PackageManager.PERMISSION_GRANTED) { + Rlog.w(TAG, "Found package without proper permissions" + + r.activityInfo.packageName); continue; } Rlog.d(TAG, "Found a valid package " + r.activityInfo.packageName); diff --git a/tools/lint/global/checks/src/main/java/com/google/android/lint/aidl/EnforcePermissionFix.kt b/tools/lint/global/checks/src/main/java/com/google/android/lint/aidl/EnforcePermissionFix.kt index 25d208db14ec..5cbb1aad1851 100644 --- a/tools/lint/global/checks/src/main/java/com/google/android/lint/aidl/EnforcePermissionFix.kt +++ b/tools/lint/global/checks/src/main/java/com/google/android/lint/aidl/EnforcePermissionFix.kt @@ -77,7 +77,9 @@ data class EnforcePermissionFix( .autoFix() .build() - return LintFix.create().composite(annotateFix, *replaceOrRemoveFixes.toTypedArray()) + return LintFix.create() + .name(annotateFix.getDisplayName()) + .composite(annotateFix, *replaceOrRemoveFixes.toTypedArray()) } private val annotation: String |