frameworks/base
Revision | 08f7df6c569648c35c739727c7e84a929f389183 (tree) |
---|---|
Zeit | 2018-12-21 17:57:42 |
Autor | Chih-Wei Huang <cwhuang@linu...> |
Commiter | Chih-Wei Huang |
Merge tag 'android-8.1.0_r53' into oreo-x86
Android 8.1.0 release 53
@@ -54,6 +54,7 @@ import java.io.IOException; | ||
54 | 54 | import java.io.PrintWriter; |
55 | 55 | import java.util.ArrayList; |
56 | 56 | import java.util.Arrays; |
57 | +import java.util.Objects; | |
57 | 58 | |
58 | 59 | /** |
59 | 60 | * Content providers are one of the primary building blocks of Android applications, providing |
@@ -208,7 +209,7 @@ public abstract class ContentProvider implements ComponentCallbacks2 { | ||
208 | 209 | @Override |
209 | 210 | public Cursor query(String callingPkg, Uri uri, @Nullable String[] projection, |
210 | 211 | @Nullable Bundle queryArgs, @Nullable ICancellationSignal cancellationSignal) { |
211 | - validateIncomingUri(uri); | |
212 | + uri = validateIncomingUri(uri); | |
212 | 213 | uri = maybeGetUriWithoutUserId(uri); |
213 | 214 | if (enforceReadPermission(callingPkg, uri, null) != AppOpsManager.MODE_ALLOWED) { |
214 | 215 | // The caller has no access to the data, so return an empty cursor with |
@@ -247,14 +248,14 @@ public abstract class ContentProvider implements ComponentCallbacks2 { | ||
247 | 248 | |
248 | 249 | @Override |
249 | 250 | public String getType(Uri uri) { |
250 | - validateIncomingUri(uri); | |
251 | + uri = validateIncomingUri(uri); | |
251 | 252 | uri = maybeGetUriWithoutUserId(uri); |
252 | 253 | return ContentProvider.this.getType(uri); |
253 | 254 | } |
254 | 255 | |
255 | 256 | @Override |
256 | 257 | public Uri insert(String callingPkg, Uri uri, ContentValues initialValues) { |
257 | - validateIncomingUri(uri); | |
258 | + uri = validateIncomingUri(uri); | |
258 | 259 | int userId = getUserIdFromUri(uri); |
259 | 260 | uri = maybeGetUriWithoutUserId(uri); |
260 | 261 | if (enforceWritePermission(callingPkg, uri, null) != AppOpsManager.MODE_ALLOWED) { |
@@ -270,7 +271,7 @@ public abstract class ContentProvider implements ComponentCallbacks2 { | ||
270 | 271 | |
271 | 272 | @Override |
272 | 273 | public int bulkInsert(String callingPkg, Uri uri, ContentValues[] initialValues) { |
273 | - validateIncomingUri(uri); | |
274 | + uri = validateIncomingUri(uri); | |
274 | 275 | uri = maybeGetUriWithoutUserId(uri); |
275 | 276 | if (enforceWritePermission(callingPkg, uri, null) != AppOpsManager.MODE_ALLOWED) { |
276 | 277 | return 0; |
@@ -292,11 +293,12 @@ public abstract class ContentProvider implements ComponentCallbacks2 { | ||
292 | 293 | for (int i = 0; i < numOperations; i++) { |
293 | 294 | ContentProviderOperation operation = operations.get(i); |
294 | 295 | Uri uri = operation.getUri(); |
295 | - validateIncomingUri(uri); | |
296 | 296 | userIds[i] = getUserIdFromUri(uri); |
297 | - if (userIds[i] != UserHandle.USER_CURRENT) { | |
298 | - // Removing the user id from the uri. | |
299 | - operation = new ContentProviderOperation(operation, true); | |
297 | + uri = validateIncomingUri(uri); | |
298 | + uri = maybeGetUriWithoutUserId(uri); | |
299 | + // Rebuild operation if we changed the Uri above | |
300 | + if (!Objects.equals(operation.getUri(), uri)) { | |
301 | + operation = new ContentProviderOperation(operation, uri); | |
300 | 302 | operations.set(i, operation); |
301 | 303 | } |
302 | 304 | if (operation.isReadOperation()) { |
@@ -331,7 +333,7 @@ public abstract class ContentProvider implements ComponentCallbacks2 { | ||
331 | 333 | |
332 | 334 | @Override |
333 | 335 | public int delete(String callingPkg, Uri uri, String selection, String[] selectionArgs) { |
334 | - validateIncomingUri(uri); | |
336 | + uri = validateIncomingUri(uri); | |
335 | 337 | uri = maybeGetUriWithoutUserId(uri); |
336 | 338 | if (enforceWritePermission(callingPkg, uri, null) != AppOpsManager.MODE_ALLOWED) { |
337 | 339 | return 0; |
@@ -347,7 +349,7 @@ public abstract class ContentProvider implements ComponentCallbacks2 { | ||
347 | 349 | @Override |
348 | 350 | public int update(String callingPkg, Uri uri, ContentValues values, String selection, |
349 | 351 | String[] selectionArgs) { |
350 | - validateIncomingUri(uri); | |
352 | + uri = validateIncomingUri(uri); | |
351 | 353 | uri = maybeGetUriWithoutUserId(uri); |
352 | 354 | if (enforceWritePermission(callingPkg, uri, null) != AppOpsManager.MODE_ALLOWED) { |
353 | 355 | return 0; |
@@ -364,7 +366,7 @@ public abstract class ContentProvider implements ComponentCallbacks2 { | ||
364 | 366 | public ParcelFileDescriptor openFile( |
365 | 367 | String callingPkg, Uri uri, String mode, ICancellationSignal cancellationSignal, |
366 | 368 | IBinder callerToken) throws FileNotFoundException { |
367 | - validateIncomingUri(uri); | |
369 | + uri = validateIncomingUri(uri); | |
368 | 370 | uri = maybeGetUriWithoutUserId(uri); |
369 | 371 | enforceFilePermission(callingPkg, uri, mode, callerToken); |
370 | 372 | final String original = setCallingPackage(callingPkg); |
@@ -380,7 +382,7 @@ public abstract class ContentProvider implements ComponentCallbacks2 { | ||
380 | 382 | public AssetFileDescriptor openAssetFile( |
381 | 383 | String callingPkg, Uri uri, String mode, ICancellationSignal cancellationSignal) |
382 | 384 | throws FileNotFoundException { |
383 | - validateIncomingUri(uri); | |
385 | + uri = validateIncomingUri(uri); | |
384 | 386 | uri = maybeGetUriWithoutUserId(uri); |
385 | 387 | enforceFilePermission(callingPkg, uri, mode, null); |
386 | 388 | final String original = setCallingPackage(callingPkg); |
@@ -406,7 +408,7 @@ public abstract class ContentProvider implements ComponentCallbacks2 { | ||
406 | 408 | |
407 | 409 | @Override |
408 | 410 | public String[] getStreamTypes(Uri uri, String mimeTypeFilter) { |
409 | - validateIncomingUri(uri); | |
411 | + uri = validateIncomingUri(uri); | |
410 | 412 | uri = maybeGetUriWithoutUserId(uri); |
411 | 413 | return ContentProvider.this.getStreamTypes(uri, mimeTypeFilter); |
412 | 414 | } |
@@ -415,7 +417,7 @@ public abstract class ContentProvider implements ComponentCallbacks2 { | ||
415 | 417 | public AssetFileDescriptor openTypedAssetFile(String callingPkg, Uri uri, String mimeType, |
416 | 418 | Bundle opts, ICancellationSignal cancellationSignal) throws FileNotFoundException { |
417 | 419 | Bundle.setDefusable(opts, true); |
418 | - validateIncomingUri(uri); | |
420 | + uri = validateIncomingUri(uri); | |
419 | 421 | uri = maybeGetUriWithoutUserId(uri); |
420 | 422 | enforceFilePermission(callingPkg, uri, "r", null); |
421 | 423 | final String original = setCallingPackage(callingPkg); |
@@ -434,7 +436,7 @@ public abstract class ContentProvider implements ComponentCallbacks2 { | ||
434 | 436 | |
435 | 437 | @Override |
436 | 438 | public Uri canonicalize(String callingPkg, Uri uri) { |
437 | - validateIncomingUri(uri); | |
439 | + uri = validateIncomingUri(uri); | |
438 | 440 | int userId = getUserIdFromUri(uri); |
439 | 441 | uri = getUriWithoutUserId(uri); |
440 | 442 | if (enforceReadPermission(callingPkg, uri, null) != AppOpsManager.MODE_ALLOWED) { |
@@ -450,7 +452,7 @@ public abstract class ContentProvider implements ComponentCallbacks2 { | ||
450 | 452 | |
451 | 453 | @Override |
452 | 454 | public Uri uncanonicalize(String callingPkg, Uri uri) { |
453 | - validateIncomingUri(uri); | |
455 | + uri = validateIncomingUri(uri); | |
454 | 456 | int userId = getUserIdFromUri(uri); |
455 | 457 | uri = getUriWithoutUserId(uri); |
456 | 458 | if (enforceReadPermission(callingPkg, uri, null) != AppOpsManager.MODE_ALLOWED) { |
@@ -467,7 +469,7 @@ public abstract class ContentProvider implements ComponentCallbacks2 { | ||
467 | 469 | @Override |
468 | 470 | public boolean refresh(String callingPkg, Uri uri, Bundle args, |
469 | 471 | ICancellationSignal cancellationSignal) throws RemoteException { |
470 | - validateIncomingUri(uri); | |
472 | + uri = validateIncomingUri(uri); | |
471 | 473 | uri = getUriWithoutUserId(uri); |
472 | 474 | if (enforceReadPermission(callingPkg, uri, null) != AppOpsManager.MODE_ALLOWED) { |
473 | 475 | return false; |
@@ -1901,7 +1903,7 @@ public abstract class ContentProvider implements ComponentCallbacks2 { | ||
1901 | 1903 | */ |
1902 | 1904 | if (mContext == null) { |
1903 | 1905 | mContext = context; |
1904 | - if (context != null) { | |
1906 | + if (context != null && mTransport != null) { | |
1905 | 1907 | mTransport.mAppOpsManager = (AppOpsManager) context.getSystemService( |
1906 | 1908 | Context.APP_OPS_SERVICE); |
1907 | 1909 | } |
@@ -2010,7 +2012,7 @@ public abstract class ContentProvider implements ComponentCallbacks2 { | ||
2010 | 2012 | } |
2011 | 2013 | |
2012 | 2014 | /** @hide */ |
2013 | - private void validateIncomingUri(Uri uri) throws SecurityException { | |
2015 | + public Uri validateIncomingUri(Uri uri) throws SecurityException { | |
2014 | 2016 | String auth = uri.getAuthority(); |
2015 | 2017 | if (!mSingleUser) { |
2016 | 2018 | int userId = getUserIdFromAuthority(auth, UserHandle.USER_CURRENT); |
@@ -2029,6 +2031,19 @@ public abstract class ContentProvider implements ComponentCallbacks2 { | ||
2029 | 2031 | } |
2030 | 2032 | throw new SecurityException(message); |
2031 | 2033 | } |
2034 | + | |
2035 | + // Normalize the path by removing any empty path segments, which can be | |
2036 | + // a source of security issues. | |
2037 | + final String encodedPath = uri.getEncodedPath(); | |
2038 | + if (encodedPath != null && encodedPath.indexOf("//") != -1) { | |
2039 | + final Uri normalized = uri.buildUpon() | |
2040 | + .encodedPath(encodedPath.replaceAll("//+", "/")).build(); | |
2041 | + Log.w(TAG, "Normalized " + uri + " to " + normalized | |
2042 | + + " to avoid possible security issues"); | |
2043 | + return normalized; | |
2044 | + } else { | |
2045 | + return uri; | |
2046 | + } | |
2032 | 2047 | } |
2033 | 2048 | |
2034 | 2049 | /** @hide */ |
@@ -94,13 +94,9 @@ public class ContentProviderOperation implements Parcelable { | ||
94 | 94 | } |
95 | 95 | |
96 | 96 | /** @hide */ |
97 | - public ContentProviderOperation(ContentProviderOperation cpo, boolean removeUserIdFromUri) { | |
97 | + public ContentProviderOperation(ContentProviderOperation cpo, Uri withUri) { | |
98 | 98 | mType = cpo.mType; |
99 | - if (removeUserIdFromUri) { | |
100 | - mUri = ContentProvider.getUriWithoutUserId(cpo.mUri); | |
101 | - } else { | |
102 | - mUri = cpo.mUri; | |
103 | - } | |
99 | + mUri = withUri; | |
104 | 100 | mValues = cpo.mValues; |
105 | 101 | mSelection = cpo.mSelection; |
106 | 102 | mSelectionArgs = cpo.mSelectionArgs; |
@@ -110,14 +106,6 @@ public class ContentProviderOperation implements Parcelable { | ||
110 | 106 | mYieldAllowed = cpo.mYieldAllowed; |
111 | 107 | } |
112 | 108 | |
113 | - /** @hide */ | |
114 | - public ContentProviderOperation getWithoutUserIdInUri() { | |
115 | - if (ContentProvider.uriHasUserId(mUri)) { | |
116 | - return new ContentProviderOperation(this, true); | |
117 | - } | |
118 | - return this; | |
119 | - } | |
120 | - | |
121 | 109 | public void writeToParcel(Parcel dest, int flags) { |
122 | 110 | dest.writeInt(mType); |
123 | 111 | Uri.writeToParcel(dest, mUri); |
@@ -806,11 +806,19 @@ public final class Parcel { | ||
806 | 806 | return; |
807 | 807 | } |
808 | 808 | Set<Map.Entry<String,Object>> entries = val.entrySet(); |
809 | - writeInt(entries.size()); | |
809 | + int size = entries.size(); | |
810 | + writeInt(size); | |
811 | + | |
810 | 812 | for (Map.Entry<String,Object> e : entries) { |
811 | 813 | writeValue(e.getKey()); |
812 | 814 | writeValue(e.getValue()); |
815 | + size--; | |
813 | 816 | } |
817 | + | |
818 | + if (size != 0) { | |
819 | + throw new BadParcelableException("Map size does not match number of entries!"); | |
820 | + } | |
821 | + | |
814 | 822 | } |
815 | 823 | |
816 | 824 | /** |
@@ -40,7 +40,7 @@ | ||
40 | 40 | <item>SUPL_PORT=7275</item> |
41 | 41 | <item>SUPL_VER=0x20000</item> |
42 | 42 | <item>SUPL_MODE=1</item> |
43 | - <item>SUPL_ES=0</item> | |
43 | + <item>SUPL_ES=1</item> | |
44 | 44 | <item>LPP_PROFILE=3</item> |
45 | 45 | <item>USE_EMERGENCY_PDN_FOR_EMERGENCY_SUPL=1</item> |
46 | 46 | <item>A_GLONASS_POS_PROTOCOL_SELECT=0</item> |
@@ -38,7 +38,7 @@ | ||
38 | 38 | <item>SUPL_PORT=7275</item> |
39 | 39 | <item>SUPL_VER=0x20000</item> |
40 | 40 | <item>SUPL_MODE=1</item> |
41 | - <item>SUPL_ES=0</item> | |
41 | + <item>SUPL_ES=1</item> | |
42 | 42 | <item>LPP_PROFILE=3</item> |
43 | 43 | <item>USE_EMERGENCY_PDN_FOR_EMERGENCY_SUPL=1</item> |
44 | 44 | <item>A_GLONASS_POS_PROTOCOL_SELECT=0</item> |
@@ -41,7 +41,7 @@ | ||
41 | 41 | <item>SUPL_PORT=7275</item> |
42 | 42 | <item>SUPL_VER=0x20000</item> |
43 | 43 | <item>SUPL_MODE=1</item> |
44 | - <item>SUPL_ES=0</item> | |
44 | + <item>SUPL_ES=1</item> | |
45 | 45 | <item>LPP_PROFILE=2</item> |
46 | 46 | <item>USE_EMERGENCY_PDN_FOR_EMERGENCY_SUPL=1</item> |
47 | 47 | <item>A_GLONASS_POS_PROTOCOL_SELECT=0</item> |
@@ -28,7 +28,7 @@ | ||
28 | 28 | <item>SUPL_PORT=7275</item> |
29 | 29 | <item>SUPL_VER=0x20000</item> |
30 | 30 | <item>SUPL_MODE=1</item> |
31 | - <item>SUPL_ES=0</item> | |
31 | + <item>SUPL_ES=1</item> | |
32 | 32 | <item>LPP_PROFILE=2</item> |
33 | 33 | <item>USE_EMERGENCY_PDN_FOR_EMERGENCY_SUPL=1</item> |
34 | 34 | <item>A_GLONASS_POS_PROTOCOL_SELECT=0</item> |
@@ -24,7 +24,7 @@ | ||
24 | 24 | <item>SUPL_PORT=7275</item> |
25 | 25 | <item>SUPL_VER=0x20000</item> |
26 | 26 | <item>SUPL_MODE=1</item> |
27 | - <item>SUPL_ES=0</item> | |
27 | + <item>SUPL_ES=1</item> | |
28 | 28 | <item>LPP_PROFILE=2</item> |
29 | 29 | <item>USE_EMERGENCY_PDN_FOR_EMERGENCY_SUPL=1</item> |
30 | 30 | <item>A_GLONASS_POS_PROTOCOL_SELECT=0</item> |
@@ -43,7 +43,7 @@ | ||
43 | 43 | <item>SUPL_PORT=7275</item> |
44 | 44 | <item>SUPL_VER=0x20000</item> |
45 | 45 | <item>SUPL_MODE=1</item> |
46 | - <item>SUPL_ES=0</item> | |
46 | + <item>SUPL_ES=1</item> | |
47 | 47 | <item>LPP_PROFILE=2</item> |
48 | 48 | <item>USE_EMERGENCY_PDN_FOR_EMERGENCY_SUPL=1</item> |
49 | 49 | <item>A_GLONASS_POS_PROTOCOL_SELECT=0</item> |
@@ -2497,7 +2497,7 @@ | ||
2497 | 2497 | <item>SUPL_PORT=7275</item> |
2498 | 2498 | <item>SUPL_VER=0x20000</item> |
2499 | 2499 | <item>SUPL_MODE=1</item> |
2500 | - <item>SUPL_ES=0</item> | |
2500 | + <item>SUPL_ES=1</item> | |
2501 | 2501 | <item>LPP_PROFILE=0</item> |
2502 | 2502 | <item>USE_EMERGENCY_PDN_FOR_EMERGENCY_SUPL=1</item> |
2503 | 2503 | <item>A_GLONASS_POS_PROTOCOL_SELECT=0</item> |
@@ -199,6 +199,9 @@ | ||
199 | 199 | <!-- to change themes - light or dark --> |
200 | 200 | <uses-permission android:name="android.permission.CHANGE_OVERLAY_PACKAGES" /> |
201 | 201 | |
202 | + <!-- permission necessary to hide non-system overlay windows from covering up the SystemUI --> | |
203 | + <uses-permission android:name="android.permission.HIDE_NON_SYSTEM_OVERLAY_WINDOWS" /> | |
204 | + | |
202 | 205 | <application |
203 | 206 | android:name=".SystemUIApplication" |
204 | 207 | android:persistent="true" |
@@ -16,6 +16,8 @@ | ||
16 | 16 | |
17 | 17 | package com.android.systemui.media; |
18 | 18 | |
19 | +import static android.view.WindowManager.LayoutParams.PRIVATE_FLAG_HIDE_NON_SYSTEM_OVERLAY_WINDOWS; | |
20 | + | |
19 | 21 | import android.app.Activity; |
20 | 22 | import android.app.AlertDialog; |
21 | 23 | import android.content.DialogInterface; |
@@ -36,6 +38,7 @@ import android.text.TextPaint; | ||
36 | 38 | import android.text.TextUtils; |
37 | 39 | import android.text.style.StyleSpan; |
38 | 40 | import android.util.Log; |
41 | +import android.view.Window; | |
39 | 42 | import android.view.WindowManager; |
40 | 43 | import android.widget.CheckBox; |
41 | 44 | import android.widget.CompoundButton; |
@@ -146,7 +149,9 @@ public class MediaProjectionPermissionActivity extends Activity | ||
146 | 149 | mDialog.getButton(DialogInterface.BUTTON_POSITIVE).setFilterTouchesWhenObscured(true); |
147 | 150 | |
148 | 151 | ((CheckBox) mDialog.findViewById(R.id.remember)).setOnCheckedChangeListener(this); |
149 | - mDialog.getWindow().setType(WindowManager.LayoutParams.TYPE_SYSTEM_ALERT); | |
152 | + final Window w = mDialog.getWindow(); | |
153 | + w.setType(WindowManager.LayoutParams.TYPE_SYSTEM_ALERT); | |
154 | + w.addPrivateFlags(PRIVATE_FLAG_HIDE_NON_SYSTEM_OVERLAY_WINDOWS); | |
150 | 155 | |
151 | 156 | mDialog.show(); |
152 | 157 | } |
@@ -49,6 +49,7 @@ import static android.view.WindowManager.LayoutParams.INPUT_FEATURE_NO_INPUT_CHA | ||
49 | 49 | import static android.view.WindowManager.LayoutParams.LAST_APPLICATION_WINDOW; |
50 | 50 | import static android.view.WindowManager.LayoutParams.LAST_SUB_WINDOW; |
51 | 51 | import static android.view.WindowManager.LayoutParams.PRIVATE_FLAG_COMPATIBLE_WINDOW; |
52 | +import static android.view.WindowManager.LayoutParams.PRIVATE_FLAG_HIDE_NON_SYSTEM_OVERLAY_WINDOWS; | |
52 | 53 | import static android.view.WindowManager.LayoutParams.TYPE_ACCESSIBILITY_OVERLAY; |
53 | 54 | import static android.view.WindowManager.LayoutParams.TYPE_APPLICATION_STARTING; |
54 | 55 | import static android.view.WindowManager.LayoutParams.TYPE_DOCK_DIVIDER; |
@@ -1984,6 +1985,11 @@ public class WindowManagerService extends IWindowManager.Stub | ||
1984 | 1985 | // No move or resize, but the controller checks for title changes as well |
1985 | 1986 | mAccessibilityController.onSomeWindowResizedOrMovedLocked(); |
1986 | 1987 | } |
1988 | + | |
1989 | + if ((flagChanges & PRIVATE_FLAG_HIDE_NON_SYSTEM_OVERLAY_WINDOWS) != 0) { | |
1990 | + updateNonSystemOverlayWindowsVisibilityIfNeeded( | |
1991 | + win, win.mWinAnimator.getShown()); | |
1992 | + } | |
1987 | 1993 | } |
1988 | 1994 | |
1989 | 1995 | if (DEBUG_LAYOUT) Slog.v(TAG_WM, "Relayout " + win + ": viewVisibility=" + viewVisibility |
@@ -7691,7 +7697,8 @@ public class WindowManagerService extends IWindowManager.Stub | ||
7691 | 7697 | } |
7692 | 7698 | |
7693 | 7699 | void updateNonSystemOverlayWindowsVisibilityIfNeeded(WindowState win, boolean surfaceShown) { |
7694 | - if (!win.hideNonSystemOverlayWindowsWhenVisible()) { | |
7700 | + if (!win.hideNonSystemOverlayWindowsWhenVisible() | |
7701 | + && !mHidingNonSystemOverlayWindows.contains(win)) { | |
7695 | 7702 | return; |
7696 | 7703 | } |
7697 | 7704 | final boolean systemAlertWindowsHidden = !mHidingNonSystemOverlayWindows.isEmpty(); |