From 95cc34cd98709100eeb7a4ceafdb7c8909f815f9 Mon Sep 17 00:00:00 2001 From: Beth Thibodeau Date: Thu, 11 Mar 2021 18:01:35 -0500 Subject: Sanitize text fields Bug: 180518039 Test: manual, verify no ANR and media displays normally Change-Id: I1c99e3257107f71eb5049ef19614e2c6836f808c --- .../SystemUI/src/com/android/systemui/media/MediaControlPanel.java | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/packages/SystemUI/src/com/android/systemui/media/MediaControlPanel.java b/packages/SystemUI/src/com/android/systemui/media/MediaControlPanel.java index bffe05085887..2bf75f2ddb0b 100644 --- a/packages/SystemUI/src/com/android/systemui/media/MediaControlPanel.java +++ b/packages/SystemUI/src/com/android/systemui/media/MediaControlPanel.java @@ -16,6 +16,7 @@ package com.android.systemui.media; +import static android.app.Notification.safeCharSequence; import static android.provider.Settings.ACTION_MEDIA_CONTROLS_SETTINGS; import android.app.PendingIntent; @@ -261,7 +262,7 @@ public class MediaControlPanel { // Song name TextView titleText = mViewHolder.getTitleText(); - titleText.setText(data.getSong()); + titleText.setText(safeCharSequence(data.getSong())); // App title TextView appName = mViewHolder.getAppName(); @@ -269,7 +270,7 @@ public class MediaControlPanel { // Artist name TextView artistText = mViewHolder.getArtistText(); - artistText.setText(data.getArtist()); + artistText.setText(safeCharSequence(data.getArtist())); // Transfer chip mViewHolder.getSeamless().setVisibility(View.VISIBLE); -- cgit v1.2.3-59-g8ed1b From 001d4e68bbebc14132a13b21c38c5fb6af9034a3 Mon Sep 17 00:00:00 2001 From: Beth Thibodeau Date: Thu, 25 Mar 2021 17:19:30 -0400 Subject: Increase maximum allowed size for status bar icons The previous size was causing some apps to crash which otherwise worked fine. This more closely matches the hard limit in RecordingCanvas (which we need to stay below to prevent SystemUI from crashing). Fixes: 182891864 Fixes: 182232777 Bug: 169255797 Test: atest StatusBarIconViewTest Test: manual - posting notifications with different drawable sizes Change-Id: I8deacc651e05a202ec980eeb8bcdf4f92daea8eb (cherry picked from commit 5cd7976f7d2b702f803f0628f61f02491834cd41) --- .../systemui/statusbar/StatusBarIconView.java | 25 ++++++++++++++++++---- .../systemui/statusbar/StatusBarIconViewTest.java | 2 +- 2 files changed, 22 insertions(+), 5 deletions(-) diff --git a/packages/SystemUI/src/com/android/systemui/statusbar/StatusBarIconView.java b/packages/SystemUI/src/com/android/systemui/statusbar/StatusBarIconView.java index 25ae5c2dadef..db9afd6ea799 100644 --- a/packages/SystemUI/src/com/android/systemui/statusbar/StatusBarIconView.java +++ b/packages/SystemUI/src/com/android/systemui/statusbar/StatusBarIconView.java @@ -33,6 +33,7 @@ import android.graphics.Color; import android.graphics.ColorMatrixColorFilter; import android.graphics.Paint; import android.graphics.Rect; +import android.graphics.drawable.BitmapDrawable; import android.graphics.drawable.Drawable; import android.graphics.drawable.Icon; import android.os.Parcelable; @@ -83,8 +84,15 @@ public class StatusBarIconView extends AnimatedImageView implements StatusIconDi public static final int STATE_DOT = 1; public static final int STATE_HIDDEN = 2; - /** Maximum allowed width or height for an icon drawable */ - private static final int MAX_IMAGE_SIZE = 500; + /** + * Maximum allowed byte count for an icon bitmap + * @see android.graphics.RecordingCanvas.MAX_BITMAP_SIZE + */ + private static final int MAX_BITMAP_SIZE = 100 * 1024 * 1024; // 100 MB + /** + * Maximum allowed width or height for an icon drawable, if we can't get byte count + */ + private static final int MAX_IMAGE_SIZE = 5000; private static final String TAG = "StatusBarIconView"; private static final Property ICON_APPEAR_AMOUNT @@ -382,9 +390,18 @@ public class StatusBarIconView extends AnimatedImageView implements StatusIconDi return false; } - if (drawable.getIntrinsicWidth() > MAX_IMAGE_SIZE + if (drawable instanceof BitmapDrawable && ((BitmapDrawable) drawable).getBitmap() != null) { + // If it's a bitmap we can check the size directly + int byteCount = ((BitmapDrawable) drawable).getBitmap().getByteCount(); + if (byteCount > MAX_BITMAP_SIZE) { + Log.w(TAG, "Drawable is too large (" + byteCount + " bytes) " + mIcon); + return false; + } + } else if (drawable.getIntrinsicWidth() > MAX_IMAGE_SIZE || drawable.getIntrinsicHeight() > MAX_IMAGE_SIZE) { - Log.w(TAG, "Drawable is too large " + mIcon); + // Otherwise, check dimensions + Log.w(TAG, "Drawable is too large (" + drawable.getIntrinsicWidth() + "x" + + drawable.getIntrinsicHeight() + ") " + mIcon); return false; } diff --git a/packages/SystemUI/tests/src/com/android/systemui/statusbar/StatusBarIconViewTest.java b/packages/SystemUI/tests/src/com/android/systemui/statusbar/StatusBarIconViewTest.java index daa805a8f6e6..edafa6549027 100644 --- a/packages/SystemUI/tests/src/com/android/systemui/statusbar/StatusBarIconViewTest.java +++ b/packages/SystemUI/tests/src/com/android/systemui/statusbar/StatusBarIconViewTest.java @@ -127,7 +127,7 @@ public class StatusBarIconViewTest extends SysuiTestCase { @Test public void testGiantImageNotAllowed() { - Bitmap largeBitmap = Bitmap.createBitmap(1000, 1000, Bitmap.Config.ARGB_8888); + Bitmap largeBitmap = Bitmap.createBitmap(6000, 6000, Bitmap.Config.ARGB_8888); Icon icon = Icon.createWithBitmap(largeBitmap); StatusBarIcon largeIcon = new StatusBarIcon(UserHandle.ALL, "mockPackage", icon, 0, 0, ""); -- cgit v1.2.3-59-g8ed1b From bca2b3aeabd164c1cf4bdc113366665976b0c831 Mon Sep 17 00:00:00 2001 From: Beth Thibodeau Date: Thu, 25 Mar 2021 17:19:30 -0400 Subject: Increase maximum allowed size for status bar icons The previous size was causing some apps to crash which otherwise worked fine. This more closely matches the hard limit in RecordingCanvas (which we need to stay below to prevent SystemUI from crashing). Fixes: 182891864 Fixes: 182232777 Bug: 169255797 Test: atest StatusBarIconViewTest Test: manual - posting notifications with different drawable sizes Change-Id: I8deacc651e05a202ec980eeb8bcdf4f92daea8eb (cherry picked from commit 5cd7976f7d2b702f803f0628f61f02491834cd41) --- .../systemui/statusbar/StatusBarIconView.java | 25 ++++++++++++++++++---- .../systemui/statusbar/StatusBarIconViewTest.java | 2 +- 2 files changed, 22 insertions(+), 5 deletions(-) diff --git a/packages/SystemUI/src/com/android/systemui/statusbar/StatusBarIconView.java b/packages/SystemUI/src/com/android/systemui/statusbar/StatusBarIconView.java index 25ae5c2dadef..db9afd6ea799 100644 --- a/packages/SystemUI/src/com/android/systemui/statusbar/StatusBarIconView.java +++ b/packages/SystemUI/src/com/android/systemui/statusbar/StatusBarIconView.java @@ -33,6 +33,7 @@ import android.graphics.Color; import android.graphics.ColorMatrixColorFilter; import android.graphics.Paint; import android.graphics.Rect; +import android.graphics.drawable.BitmapDrawable; import android.graphics.drawable.Drawable; import android.graphics.drawable.Icon; import android.os.Parcelable; @@ -83,8 +84,15 @@ public class StatusBarIconView extends AnimatedImageView implements StatusIconDi public static final int STATE_DOT = 1; public static final int STATE_HIDDEN = 2; - /** Maximum allowed width or height for an icon drawable */ - private static final int MAX_IMAGE_SIZE = 500; + /** + * Maximum allowed byte count for an icon bitmap + * @see android.graphics.RecordingCanvas.MAX_BITMAP_SIZE + */ + private static final int MAX_BITMAP_SIZE = 100 * 1024 * 1024; // 100 MB + /** + * Maximum allowed width or height for an icon drawable, if we can't get byte count + */ + private static final int MAX_IMAGE_SIZE = 5000; private static final String TAG = "StatusBarIconView"; private static final Property ICON_APPEAR_AMOUNT @@ -382,9 +390,18 @@ public class StatusBarIconView extends AnimatedImageView implements StatusIconDi return false; } - if (drawable.getIntrinsicWidth() > MAX_IMAGE_SIZE + if (drawable instanceof BitmapDrawable && ((BitmapDrawable) drawable).getBitmap() != null) { + // If it's a bitmap we can check the size directly + int byteCount = ((BitmapDrawable) drawable).getBitmap().getByteCount(); + if (byteCount > MAX_BITMAP_SIZE) { + Log.w(TAG, "Drawable is too large (" + byteCount + " bytes) " + mIcon); + return false; + } + } else if (drawable.getIntrinsicWidth() > MAX_IMAGE_SIZE || drawable.getIntrinsicHeight() > MAX_IMAGE_SIZE) { - Log.w(TAG, "Drawable is too large " + mIcon); + // Otherwise, check dimensions + Log.w(TAG, "Drawable is too large (" + drawable.getIntrinsicWidth() + "x" + + drawable.getIntrinsicHeight() + ") " + mIcon); return false; } diff --git a/packages/SystemUI/tests/src/com/android/systemui/statusbar/StatusBarIconViewTest.java b/packages/SystemUI/tests/src/com/android/systemui/statusbar/StatusBarIconViewTest.java index daa805a8f6e6..edafa6549027 100644 --- a/packages/SystemUI/tests/src/com/android/systemui/statusbar/StatusBarIconViewTest.java +++ b/packages/SystemUI/tests/src/com/android/systemui/statusbar/StatusBarIconViewTest.java @@ -127,7 +127,7 @@ public class StatusBarIconViewTest extends SysuiTestCase { @Test public void testGiantImageNotAllowed() { - Bitmap largeBitmap = Bitmap.createBitmap(1000, 1000, Bitmap.Config.ARGB_8888); + Bitmap largeBitmap = Bitmap.createBitmap(6000, 6000, Bitmap.Config.ARGB_8888); Icon icon = Icon.createWithBitmap(largeBitmap); StatusBarIcon largeIcon = new StatusBarIcon(UserHandle.ALL, "mockPackage", icon, 0, 0, ""); -- cgit v1.2.3-59-g8ed1b From 172f15e5e1a6ed5eee312c078d24c94e03f03fdc Mon Sep 17 00:00:00 2001 From: Sarah Chin Date: Tue, 23 Feb 2021 12:21:24 -0800 Subject: Update carrier privilege check in enforceSubscriptionPlanAccess Remove isEmbedded() check, since this can be called on both PSIM and ESIM. Replace SM#canManageSubscription with TM#hasCarrierPrivileges, since it is a superset of the checks done in SM#canManageSubscription and applies to both PSIMs as well as ESIMS. Updated the documentation for the two APIs to clarify the differences. Test: atest CtsTelephonyTestCases (SubscriptionManagerTest) Fix: 180451446 Change-Id: Icb4e2c619dacaea9e74cedea31865ec1eb689dce --- .../android/server/net/NetworkPolicyManagerService.java | 14 +++++--------- telephony/java/android/telephony/SubscriptionInfo.java | 4 ++-- telephony/java/android/telephony/SubscriptionManager.java | 8 ++++++++ telephony/java/android/telephony/TelephonyManager.java | 6 ++++++ 4 files changed, 21 insertions(+), 11 deletions(-) diff --git a/services/core/java/com/android/server/net/NetworkPolicyManagerService.java b/services/core/java/com/android/server/net/NetworkPolicyManagerService.java index ffa518e266d9..42bd8c512806 100644 --- a/services/core/java/com/android/server/net/NetworkPolicyManagerService.java +++ b/services/core/java/com/android/server/net/NetworkPolicyManagerService.java @@ -3067,23 +3067,19 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub { // Verify they're not lying about package name mAppOps.checkPackage(callingUid, callingPackage); - final SubscriptionManager sm; - final SubscriptionInfo si; final PersistableBundle config; + final TelephonyManager tm; final long token = Binder.clearCallingIdentity(); try { - sm = mContext.getSystemService(SubscriptionManager.class); - si = sm.getActiveSubscriptionInfo(subId); config = mCarrierConfigManager.getConfigForSubId(subId); + tm = mContext.getSystemService(TelephonyManager.class); } finally { Binder.restoreCallingIdentity(token); } - // First check: is caller the CarrierService? - if (si != null) { - if (si.isEmbedded() && sm.canManageSubscription(si, callingPackage)) { - return; - } + // First check: does caller have carrier privilege? + if (tm != null && tm.hasCarrierPrivileges(subId)) { + return; } // Second check: has the CarrierService delegated access? diff --git a/telephony/java/android/telephony/SubscriptionInfo.java b/telephony/java/android/telephony/SubscriptionInfo.java index 11667c83bc6a..0ee6568b6430 100644 --- a/telephony/java/android/telephony/SubscriptionInfo.java +++ b/telephony/java/android/telephony/SubscriptionInfo.java @@ -148,13 +148,14 @@ public class SubscriptionInfo implements Parcelable { /** * The access rules for this subscription, if it is embedded and defines any. + * This does not include access rules for non-embedded subscriptions. */ @Nullable private UiccAccessRule[] mNativeAccessRules; /** * The carrier certificates for this subscription that are saved in carrier configs. - * The other carrier certificates are embedded on Uicc and stored as part of mNativeAccessRules. + * This does not include access rules from the Uicc, whether embedded or non-embedded. */ @Nullable private UiccAccessRule[] mCarrierConfigAccessRules; @@ -661,7 +662,6 @@ public class SubscriptionInfo implements Parcelable { * is authorized to manage this subscription. * TODO and fix it properly in R / master: either deprecate this and have 3 APIs * native + carrier + all, or have this return all by default. - * @throws UnsupportedOperationException if this subscription is not embedded. * @hide */ @SystemApi diff --git a/telephony/java/android/telephony/SubscriptionManager.java b/telephony/java/android/telephony/SubscriptionManager.java index e9ee06c246ba..c8ba919aa40d 100644 --- a/telephony/java/android/telephony/SubscriptionManager.java +++ b/telephony/java/android/telephony/SubscriptionManager.java @@ -2631,6 +2631,10 @@ public class SubscriptionManager { * Checks whether the app with the given context is authorized to manage the given subscription * according to its metadata. * + * Only supported for embedded subscriptions (if {@link SubscriptionInfo#isEmbedded} returns + * true). To check for permissions for non-embedded subscription as well, + * {@see android.telephony.TelephonyManager#hasCarrierPrivileges}. + * * @param info The subscription to check. * @return whether the app is authorized to manage this subscription per its metadata. */ @@ -2643,6 +2647,10 @@ public class SubscriptionManager { * be authorized if it is included in the {@link android.telephony.UiccAccessRule} of the * {@link android.telephony.SubscriptionInfo} with the access status. * + * Only supported for embedded subscriptions (if {@link SubscriptionInfo#isEmbedded} returns + * true). To check for permissions for non-embedded subscription as well, + * {@see android.telephony.TelephonyManager#hasCarrierPrivileges}. + * * @param info The subscription to check. * @param packageName Package name of the app to check. * @return whether the app is authorized to manage this subscription per its access rules. diff --git a/telephony/java/android/telephony/TelephonyManager.java b/telephony/java/android/telephony/TelephonyManager.java index 35e263036694..10c3e6db5205 100644 --- a/telephony/java/android/telephony/TelephonyManager.java +++ b/telephony/java/android/telephony/TelephonyManager.java @@ -8534,6 +8534,9 @@ public class TelephonyManager { * call will return true. This access is granted by the owner of the UICC * card and does not depend on the registered carrier. * + * Note that this API applies to both physical and embedded subscriptions and + * is a superset of the checks done in SubscriptionManager#canManageSubscription. + * * @return true if the app has carrier privileges. */ public boolean hasCarrierPrivileges() { @@ -8547,6 +8550,9 @@ public class TelephonyManager { * call will return true. This access is granted by the owner of the UICC * card and does not depend on the registered carrier. * + * Note that this API applies to both physical and embedded subscriptions and + * is a superset of the checks done in SubscriptionManager#canManageSubscription. + * * @param subId The subscription to use. * @return true if the app has carrier privileges. * @hide -- cgit v1.2.3-59-g8ed1b From 8ddd24d39d777659b7c6f787c21f1fb22dca6ab7 Mon Sep 17 00:00:00 2001 From: Youngjun Kwak Date: Thu, 1 Apr 2021 21:06:39 +0000 Subject: DO NOT MERGE Set focus to PasswordTextView by default. This ensures that password will be entered reliably programmatically in CTS. Bug:183644428 Test: atest CtsWindowManagerDeviceTestCases:KeyguardLockedTests && atest CtsWindowManagerDeviceTestCases:MultiDisplayLockedKeyguardTests Change-Id: I35fa005e4571b150995efe8b0cc07a4556e06619 --- packages/CarSystemUI/res-keyguard/layout-land/keyguard_pin_view.xml | 1 + packages/CarSystemUI/res-keyguard/layout/keyguard_pin_view.xml | 1 + 2 files changed, 2 insertions(+) diff --git a/packages/CarSystemUI/res-keyguard/layout-land/keyguard_pin_view.xml b/packages/CarSystemUI/res-keyguard/layout-land/keyguard_pin_view.xml index 5746102f5f27..f82551b45abe 100644 --- a/packages/CarSystemUI/res-keyguard/layout-land/keyguard_pin_view.xml +++ b/packages/CarSystemUI/res-keyguard/layout-land/keyguard_pin_view.xml @@ -60,6 +60,7 @@ android:layout_width="@dimen/keyguard_security_width" android:layout_height="@dimen/pin_entry_height" android:gravity="center" + android:focusedByDefault="true" app:scaledTextSize="@integer/password_text_view_scale" android:contentDescription="@string/keyguard_accessibility_pin_area" /> diff --git a/packages/CarSystemUI/res-keyguard/layout/keyguard_pin_view.xml b/packages/CarSystemUI/res-keyguard/layout/keyguard_pin_view.xml index 815e67d1e278..424624ffe581 100644 --- a/packages/CarSystemUI/res-keyguard/layout/keyguard_pin_view.xml +++ b/packages/CarSystemUI/res-keyguard/layout/keyguard_pin_view.xml @@ -47,6 +47,7 @@ android:layout_width="@dimen/keyguard_security_width" android:layout_height="@dimen/pin_entry_height" android:gravity="center" + android:focusedByDefault="true" app:scaledTextSize="@integer/password_text_view_scale" android:contentDescription="@string/keyguard_accessibility_pin_area" /> -- cgit v1.2.3-59-g8ed1b