Commit Graph

53110 Commits

Author SHA1 Message Date
Pablo Ceballos
07cd4cdf21 Region: Detect malicious overflow in unflatten
Bug 29983260

Change-Id: Ib6e1cb8ae279010c5e9960aaa03513f55b7d873b
2016-08-16 15:52:32 -07:00
Marco Nelissen
54cb02ad73 Correctly handle dup() failure in Parcel::readNativeHandle
bail out if dup() fails, instead of creating an invalid native_handle_t

Bug: 28395952

Change-Id: Ia1a6198c0f45165b9c6a55a803e5f64d8afa0572
2016-05-27 11:31:22 -07:00
Michael Wright
03a53d1c77 Add new MotionEvent flag for partially obscured windows.
Due to more complex window layouts resulting in lots of overlapping
windows, the policy around FLAG_WINDOW_IS_OBSCURED has changed to
only be set when the point at which the window was touched is
obscured. Unfortunately, this doesn't prevent tapjacking attacks that
overlay the dialog's text, making a potentially dangerous operation
seem innocuous. To avoid this on particularly sensitive dialogs,
introduce a new flag that really does tell you when your window is
being even partially overlapped.

We aren't exposing this as API since we plan on making the original
flag more robust. This is really a workaround for system dialogs
since we generally know their layout and screen position, and that
they're unlikely to be overlapped by other applications.

Bug: 26677796
Change-Id: I9e336afe90f262ba22015876769a9c510048fd47
2016-04-21 19:11:18 -07:00
Dianne Hackborn
a59b827869 Fix issue #27252896: Security Vulnerability -- weak binder
Sending transaction to freed BBinder through weak handle
can cause use of a (mostly) freed object.  We need to try to
safely promote to a strong reference first.

Change-Id: Ic9c6940fa824980472e94ed2dfeca52a6b0fd342
(cherry picked from commit c11146106f94e07016e8e26e4f8628f9a0c73199)
2016-03-25 17:47:54 -07:00
Pablo Ceballos
a30d7d90c4 BQ: fix some uninitialized variables
Bug 27555981
Bug 27556038

Change-Id: I436b6fec589677d7e36c0e980f6e59808415dc0e
2016-03-25 17:47:54 -07:00
Pablo Ceballos
5243afa8fa Add SN logging
Bug 27046057

Change-Id: Iede7c92e59e60795df1ec7768ebafd6b090f1c27
2016-02-26 16:56:15 -08:00
Christopher Tate
25719f6e1f Sanity check IMemory access versus underlying mmap
Bug 26877992

Change-Id: Ibbf4b1061e4675e4e96bc944a865b53eaf6984fe
2016-02-26 16:56:14 -08:00
Pablo Ceballos
b3a9e6d04d BQ: Add permission check to BufferQueueConsumer::dump
Bug 27046057

Change-Id: Id7bd8cf95045b497943ea39dde49e877aa6f5c4e
2016-02-26 16:56:14 -08:00
Robert Shih
daca8c3407 IGraphicBufferProducer: fix QUEUE_BUFFER info leak
Bug: 26338109
Change-Id: I8a979469bfe1e317ebdefa43685e19f9302baea8
2016-01-22 13:37:17 -08:00
Robert Shih
93312a3a38 IGraphicBufferConsumer: fix ATTACH_BUFFER info leak
Bug: 26338113
Change-Id: I019c4df2c6adbc944122df96968ddd11a02ebe33
2016-01-22 13:37:16 -08:00
Peng Xu
a78c2e65e1 Merge "Avoiding flush on-change sensors at subscription" into mnc-dr-dev 2015-10-27 22:23:21 +00:00
Peng Xu
20483c4937 Avoiding flush on-change sensors at subscription
Initial sensor flush at subscription is a mechanism to avoid sensors
to get stale samples before subscription happens. However, there is a
slight chance that a most recent sample will be lost during the flush
process. This is OK for continuous sensors but problematic in
on-change sensor as on-change event does not come continuously and
a lost event can cause inconsistent state in client. Flush at
subscription of on-change sensor is disabled in this CL to avoid new
important on-change event to be discarded during the initial flush
process.

Bugs: b/24647069
      b/25241873
      b/24804819
     
Change-Id: Ibda099c6b9f5fb6e200f13cf13a850b0026e9e7c
2015-10-27 21:46:40 +00:00
Nick Kralevich
574145ea31 DO NOT MERGE: fix build try #2 am: 778b6f4902 am: 034bc1799c -s ours am: dbc9a47831 -s ours am: a2685ebb1e am: 1d94a1d036 -s ours
am: bce101e79b

* commit 'bce101e79b5ee9715a8329db8fd760f7ba829de1':
  DO NOT MERGE: fix build try #2
2015-10-23 21:22:14 +00:00
Adrian Roos
cf33d50d25 Merge changes from topic 'parcel-v2' into mnc-dr-dev
* changes:
  Maintain Parcel ABI
  Revert "Revert "Track ashmem memory usage in Parcel""
2015-10-23 17:21:23 +00:00
Nick Kralevich
bce101e79b DO NOT MERGE: fix build try #2 am: 778b6f4902 am: 034bc1799c -s ours am: dbc9a47831 -s ours am: a2685ebb1e
am: 1d94a1d036  -s ours

* commit '1d94a1d036cb4bc8d9b178f56fa3bbddc81b7f10':
  DO NOT MERGE: fix build try #2
2015-10-23 04:36:16 +00:00
Nick Kralevich
1d94a1d036 DO NOT MERGE: fix build try #2 am: 778b6f4902 am: 034bc1799c -s ours am: dbc9a47831 -s ours
am: a2685ebb1e

* commit 'a2685ebb1ec5ed523fb4800d2593f2ae0c10ed22':
  DO NOT MERGE: fix build try #2
2015-10-23 04:32:47 +00:00
Nick Kralevich
a2685ebb1e DO NOT MERGE: fix build try #2 am: 778b6f4902 am: 034bc1799c -s ours
am: dbc9a47831  -s ours

* commit 'dbc9a478311e8728c8148a80abb103fca697891d':
  DO NOT MERGE: fix build try #2
2015-10-23 04:26:03 +00:00
Nick Kralevich
18e7c64ea8 resolve merge conflicts of 834ac204ce to klp-modular-dev. am: 7f1ea80d65 am: fa632f6ad7 am: 9ec978732f am: 1b28b05d2e
am: 0370a03b6e

* commit '0370a03b6e74e40d5110b83fed2243bf072aee73':
  DO NOT MERGE: fix build breakage
2015-10-23 04:19:58 +00:00
Nick Kralevich
dbc9a47831 DO NOT MERGE: fix build try #2 am: 778b6f4902
am: 034bc1799c  -s ours

* commit '034bc1799cbbc4184aa507eba181573c0a3b9b35':
  DO NOT MERGE: fix build try #2
2015-10-23 04:19:51 +00:00
Flanker
711c7becb0 add number constraint for samples per MotionEvent am: 5d17838ade am: 72c8ca4a01 am: 9964d83869 am: 90dc6dc825 am: 9830f11dc6
am: a82ace99f7

* commit 'a82ace99f76ed815e16ab64eae2e9e55871a8b8f':
  add number constraint for samples per MotionEvent
2015-10-23 04:19:51 +00:00
Nick Kralevich
0370a03b6e resolve merge conflicts of 834ac204ce to klp-modular-dev. am: 7f1ea80d65 am: fa632f6ad7 am: 9ec978732f
am: 1b28b05d2e

* commit '1b28b05d2edf11f49717b53cd49a9161892f0388':
  DO NOT MERGE: fix build breakage
2015-10-23 04:15:24 +00:00
Nick Kralevich
034bc1799c DO NOT MERGE: fix build try #2
am: 778b6f4902

* commit '778b6f4902ad824d5fc62071caaa837bb47deee5':
  DO NOT MERGE: fix build try #2
2015-10-23 04:15:21 +00:00
Nick Kralevich
1b28b05d2e resolve merge conflicts of 834ac204ce to klp-modular-dev. am: 7f1ea80d65 am: fa632f6ad7
am: 9ec978732f

* commit '9ec978732f8dd82e7adef3e37097eaca3fbd65f0':
  DO NOT MERGE: fix build breakage
2015-10-23 02:02:42 +00:00
Nick Kralevich
9ec978732f resolve merge conflicts of 834ac204ce to klp-modular-dev. am: 7f1ea80d65
am: fa632f6ad7

* commit 'fa632f6ad7be6b1f488dd3d1b825a82456db5097':
  DO NOT MERGE: fix build breakage
2015-10-23 01:52:34 +00:00
Nick Kralevich
fa632f6ad7 resolve merge conflicts of 834ac204ce to klp-modular-dev.
am: 7f1ea80d65

* commit '7f1ea80d65996ab687ff56a884da915535cdc176':
  DO NOT MERGE: fix build breakage
2015-10-23 01:44:26 +00:00
Adrian Roos
6bb3114246 Maintain Parcel ABI
Makes sure we don't change the memory layout of the Parcel class
to maintain binary compatibility with prebuilts linking against
libbinder.

Bug: 25004154
Change-Id: I656687497f08bb85cefda796aafa2341e601e30a
2015-10-22 17:48:16 -07:00
Adrian Roos
cbf3726357 Revert "Revert "Track ashmem memory usage in Parcel""
This reverts commit 6880307e8e.

Bug: 25004154
Change-Id: I9b432d1ebc39f3bbcd7afdefc403f0fb6ced8158
2015-10-22 17:47:27 -07:00
Nick Kralevich
7f1ea80d65 resolve merge conflicts of 834ac204ce to klp-modular-dev.
Bug: 23905002
Change-Id: Ic7262861af91a8fff27692c0f68761cb3ab12aa3
2015-10-22 17:26:28 -07:00
Flanker
a82ace99f7 add number constraint for samples per MotionEvent am: 5d17838ade am: 72c8ca4a01 am: 9964d83869 am: 90dc6dc825
am: 9830f11dc6

* commit '9830f11dc6b6aa4001c79147966fdb9eaa71c2f2':
  add number constraint for samples per MotionEvent
2015-10-22 22:28:01 +00:00
Ian Pedowitz
6880307e8e Revert "Track ashmem memory usage in Parcel"
This reverts commit e2f499fb73.

Bug: 25169267
Bug: 25191602
Bug: 25004154
Change-Id: I24bb0da4e8739ee5a0c251e4adac9904827144e0
2015-10-22 22:09:16 +00:00
Nick Kralevich
778b6f4902 DO NOT MERGE: fix build try #2
On klp-dev, UINT16_MAX isn't available unless __STDINT_LIMITS
is defined, which it's not for this code. This isn't relevant
for later branches due to bionic commit
e2a292d278b94fec3d078b1f1b27c1f89942c276

Don't use UINT16_MAX when we can just hardcode 65535.

Bug: 23905002
Change-Id: Ia1fd0f749cb7a4d19866075abc28ed6960424e54
2015-10-22 14:50:53 -07:00
Nick Kralevich
834ac204ce DO NOT MERGE: fix build breakage
fix klp-dev only build breakage.

  frameworks/native/libs/input/Input.cpp: In member function 'android::status_t android::MotionEvent::readFromParcel(android::Parcel*)':
  frameworks/native/libs/input/Input.cpp:494:47: error: 'UINT16_MAX' was not declared in this scope

Bug: 23905002
Change-Id: I4b6b864ca64d39a8873d045a61e0ddaea2ab9109
2015-10-22 07:09:23 -07:00
Flanker
9830f11dc6 add number constraint for samples per MotionEvent am: 5d17838ade am: 72c8ca4a01 am: 9964d83869
am: 90dc6dc825

* commit '90dc6dc825ebd1f0f4c9474fad887cd7eac8e9bd':
  add number constraint for samples per MotionEvent
2015-10-22 02:15:13 +00:00
Flanker
90dc6dc825 add number constraint for samples per MotionEvent am: 5d17838ade am: 72c8ca4a01
am: 9964d83869

* commit '9964d83869565cf4dda432129cfe50f6ede19338':
  add number constraint for samples per MotionEvent
2015-10-22 02:10:12 +00:00
Flanker
9964d83869 add number constraint for samples per MotionEvent am: 5d17838ade
am: 72c8ca4a01

* commit '72c8ca4a0191827fd3265c0820b685a6cf420be1':
  add number constraint for samples per MotionEvent
2015-10-22 02:04:55 +00:00
Flanker
72c8ca4a01 add number constraint for samples per MotionEvent
am: 5d17838ade

* commit '5d17838adef13062717322e79d4db0b9bb6b2395':
  add number constraint for samples per MotionEvent
2015-10-22 02:02:46 +00:00
Adrian Roos
e2f499fb73 Track ashmem memory usage in Parcel
Bug: 25004154
Change-Id: Id9d5656dd0605f1b50525596b75601309f67ebdc
2015-10-21 22:32:35 +00:00
Flanker
5d17838ade add number constraint for samples per MotionEvent
Bug:23905002

Signed-off-by: Adam Lesinski <adamlesinski@google.com>

(cherry picked from commit 552a8a5d8d)

Change-Id: I9b7ea859889b7697bee4165a2746602212120543
2015-10-20 12:28:15 -07:00
Naveen Leekha
7135d2768b am 18165848: am e2c4f4fb: am c1e6fbb5: Initialize local variables to avoid data leak am: 7534e4e63a -s ours am: 7b4863f606
am: 8121177b5e

* commit '8121177b5e8c406570f0eaf6593c6fd1db232ddf':
  Initialize local variables to avoid data leak
2015-10-20 17:02:33 +00:00
Naveen Leekha
8121177b5e am 18165848: am e2c4f4fb: am c1e6fbb5: Initialize local variables to avoid data leak am: 7534e4e63a -s ours
am: 7b4863f606

* commit '7b4863f606bdb48b188b0235447dfaba6c8c3cf0':
  Initialize local variables to avoid data leak
2015-10-20 16:54:09 +00:00
Naveen Leekha
7b4863f606 am 18165848: am e2c4f4fb: am c1e6fbb5: Initialize local variables to avoid data leak
am: 7534e4e63a  -s ours

* commit '7534e4e63afedeb826a8d8a4b0cf3f9d40d243ea':
  Initialize local variables to avoid data leak
2015-10-20 16:42:34 +00:00
Aravind Akella
2ac7405bda Merge "Set DATA_INJECTION mode flag for sensors." into mnc-dr-dev 2015-10-14 21:03:07 +00:00
Jesse Hall
312d7555cb egl: Remove window disconnect before calling driver eglDestroySurface
This was originally added for b/14445579. An in-development app was
attempting to render to a window as an EGLSurface, then tear that
down, change some window properties, and create a new EGLSurface. The
second eglCreateWindowSurface failed because the window was already
connected. This change went in, but it turned out the real problem was
that the app still (unintentionally) had the surface current. After
the app bug was fixed, nobody revisited whether this change was
actually needed.

Turns out it wasn't needed. After an EGLSurface is both destroyed
*AND* not current (basically refcount==0), we were already
disconnecting the window in ~egl_surface_t().

Apart from being unnecessary and redundant, disconnecting the window
here is wrong for two reasons:

(a) The surface may still be in use after eglDestroySurface, if it was
still current. Rendering is undefined in that case, but disconnecting
the window leads to more catastrophic results than necessary.

(b) It's being called before calling the driver's eglDestroySurface.
The driver will almost definitely have a buffer dequeued that it needs
to cancel, and by disconnecting first we turn that into an error that
they don't have a graceful way to deal with.

Bug: 24524053
Change-Id: Ib063134413d25d3526f794aafb5e333e3417ea42
2015-10-14 11:21:25 -07:00
Adam Lesinski
16b0ae105e Merge "add number constraint for samples per MotionEvent" into mnc-dr-dev 2015-10-12 22:15:50 +00:00
Flanker
552a8a5d8d add number constraint for samples per MotionEvent
Bug:23905002
Change-Id: Ifd24802977c3dcdd1dbc5120a78aac41beae4603

Signed-off-by: Adam Lesinski <adamlesinski@google.com>
2015-10-12 11:22:37 -07:00
Puneet Kumar
a2f78b44ee Merge "Inputflinger: hook up key event replacement processing" into mnc-dr-dev 2015-10-08 08:16:58 +00:00
Puneet Kumar
2f3c3eb4e4 Merge "Allow defining replacement key events in keymap" into mnc-dr-dev 2015-10-08 08:16:31 +00:00
Andrew de los Reyes
de18f6c32a InputResampling: Don't extrapolate for very low frame rates.
In very low framerate situations, extrapolation is generally going to
either cause no benefit or make a mistake. We can safely turn it off
with no user-visible negative impact.

BUG=https://buganizer.corp.google.com/u/0/issues/24550942
TEST=Scrolled very slowly and saw mispredictions on Angler. With change,
saw the log message that the mispredictions were suppressed.

Change-Id: Ic9747d3ff098d7918047ada2ed1c2d21282c65b0
2015-10-01 15:57:25 -07:00
Dmitry Torokhov
0faaa0bd7a Inputflinger: hook up key event replacement processing
Add handling of "replacement" key events in InputReader and EventHub by
consulting device's character key map (if exists) for presence of
replacement key code for given get code and meta state combination,
before passing it to InputDispatcher.

This enables defining special keys, such as ESC, on keyboards lacking
enough physical keys, via combination of normal keys and modifiers, for
example AltR + 1 => ESC.

Bug: 24504154

Change-Id: I7e36104808bedcf724436c1fbb63d37c35cca8af
2015-09-29 13:27:16 -07:00
Dmitry Torokhov
115f93eeeb Allow defining replacement key events in keymap
Currently keyboard maps allow to assign character sequences to key
events and allow specifying a so-called "fallback" key events that are
re-injected into input stream if target application indicates that it
was not able to handle the original key event. Unfortunately there is no
way to perform substitution before handing the event to applicationis.

This change adds a new keymap keyword "replace" that allows users query
"replacement" actions for key (if any), with the intent that such
replacement happens early in the event handling process.

Bug: 24504154

Change-Id: I3e6a2476c856524171df00ad22ff56f2018c1278
2015-09-29 13:26:30 -07:00