System settings FCs when trying to add lockscreen targets. Add missing
resources for LockscreenTargets.java. Graphics copied from Cyanogenmod
CM-11.0 branch.

Change-Id: I1a8b70c425d2069e5d432c4f46b2265c7530985d

Looks like I did not understand this feature lol

It was correct

This reverts commit 927e314.

Change-Id: Ie0e088191aa8197ac860d1a9acbd129cc811cda1

Change-Id: I5aa654ef7e0e7d690f4e3bccd6497d4221d8e2e0

Added a dimen-value for selector in landscape-layout to fit screen.

Change-Id: I9501c91fed2660e947f1eae617f9a31d95766ed8

Fix Layout for sw360dp devices (for example 1280x720 xhdpi like i9300)


Change-Id: Ia7e2476d397cf892c210cc20b182c485f9f3cfcd

When the label is empty the UI will show a blank space. Most operating
systems will show it as the uuid, that's what this patch does as well.

Change-Id: I8dc41ea70c96229cb0fccc1e19b525fbc4be1808

Change-Id: I23c0213fe3d52280d7338ca62cb7e79b80a16cc6

The single InputFilter that is set in InputManagerService was replaced
with a chain of filters that are all listening for InputEvents.

The original field mInputFilter was replaced in this patch but not
removed. When a new InputFilter is added, we check that this unused
field mInputFilter != null before doing necessary teardown of the previous
filter. Since this is always null, this causes the previous filter to
not be disconnected when a new one is set with setInputFilter().

If the user toggles "Magnification Gestures" on and off twice in
Accessibility Settings, this will send the old and new InputFilters into a loop
sending and receiving touch events, locking up the device completely
until reboot.

Remove all references to the unused mInputFilter field.

Change-Id: Id28335d150a195af8747b4862deb897ae850d2cb

The cycleDay is referred as a "day of month" (1-31) even when we change to
CYCLE_WEEKLY. The calculations are expecting a day of week (1-7).

Without this fix, we can fall into the (inconvenient) result of using a
completely wrong value for the cycle limit (and corresponding data calculation)
or the worse infinite loop that totally breaks data usage.

Change-Id: I41e0012805236b14f5e0d52ec39683fe6a96f3aa

…Manager

Bug 17969135

Use query (instead of rawQuery) and pass in arguments instead of building
the query with a giant string. Add a unit test that fails with the old
code but passes with the new code.

Change-Id: Id04a1db6fb95fcd923e1f36f5ab3b94402590918

Bug: 18226810.
Change-Id: Ica5677da247268306b34dfce38f25394586817fd
(cherry picked from commit b27a8a5)

When displaying this view and rotating the screen, mLockPatternUtils has
the potential to be null, but the save and restore instance state
methods depend on it to be initialized. Work around this by checking if
it's null.

Change-Id: I351bd63fefbcb92fffe20dca6a0381a20ac796ea
Signed-off-by: Roman Birg <roman@cyngn.com>

Allows the usage of a temporary pattern size while setting a new one.

Change-Id: I3e62c2da4f290986f6295da8dee6900454b49141

Bug: 21669445
Change-Id: I792c6e676d4b6d54a51228d264130b8125075d98

libselinux selinux_android_restorecon API is changing to the more
general interface with flags and dropping the older variants.

Also get rid of the old, no longer used selinux_android_setfilecon API
and rename selinux_android_setfilecon2 to it as it is the only API in use.

Change-Id: I1e71ec398ccdc24cac4ec76f1b858d0f680f4925
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>

Bug: 21697171
Change-Id: I7649c7341428194963ac74e9ae622dfa76ea738b

Change-Id: Ic639bd7f2aa120caad28f5b8b430a86d1d39f2e6

…O NOT MERGE

bug:20883006
Change-Id: Ib47a8ec8696dbc37e958b8dbceb43fcbabf6605b

… number of bytes

bug: 20883006
Change-Id: I4f109667fb210a80fbddddf5f1bfb7ef3a02b6ce

When starting the runtime from app_process, we only pass JDWP options
if starting zygote. It prevents from opening a JDWP connection in
non-zygote programs while Android apps (forked from zygote) remain
debuggable.

Bug: 23050463

(cherry picked from commit 7a09b83)

Change-Id: I2400ecc8aea7579c43300efccf288b69f70eef53

…in Settings

b/23946860

Change-Id: I610d4dedf18fe1825d7df5febf29e6f0c006490d
(cherry picked from commit bdf7f35)

When reading from the parcel, if the number of colors is invalid, early
exit.

Add two more checks: setInfo must return true, and Parcel::readInplace
must return non-NULL. The former ensures that the previously read values
(width, height, etc) were valid, and the latter checks that the Parcel
had enough data even if the number of colors was reasonable.

Also use an auto-deleter to handle deletion of the SkBitmap.

Cherry pick from change-Id: Icbd562d6d1f131a723724883fd31822d337cf5a6

BUG=19666945

Change-Id: Iab0d218c41ae0c39606e333e44cda078eef32291

* LordNerevar: Ported from LP. Includes fix for additional KK files. *

W/ContextImpl( 1772): Calling a method in the system process without a qualified user: android.app.ContextImpl.bindService:1559 android.content.ContextWrapper.bindService:513 android.bluetooth.BluetoothInputDevice.doBind:262 android.bluetooth.BluetoothInputDevice.<init>:255 android.bluetooth.BluetoothAdapter.getProfileProxy:1365
W/ContextImpl( 1772): Calling a method in the system process without a qualified user: android.app.ContextImpl.bindService:1559 android.content.ContextWrapper.bindService:513 android.bluetooth.BluetoothPan.doBind:148 android.bluetooth.BluetoothPan.<init>:140 android.bluetooth.BluetoothAdapter.getProfileProxy:1368
W/ContextImpl( 1772): Calling a method in the system process without a qualified user: android.app.ContextImpl.bindService:1559 android.content.ContextWrapper.bindService:513 android.bluetooth.BluetoothMap.doBind:108 android.bluetooth.BluetoothMap.<init>:101 android.bluetooth.BluetoothAdapter.getProfileProxy:1374
W/ContextImpl( 1772): Calling a method in the system process without a qualified user: android.app.ContextImpl.bindService:1559 android.content.ContextWrapper.bindService:513 android.bluetooth.BluetoothPbap.doBind:163 android.bluetooth.BluetoothPbap.<init>:156 com.android.settings.bluetooth.PbapServerProfile.<init>:68

Change-Id: I0a1e24ee71aef7d796fcee5692b9d19462a93637

Change-Id: I25021a89bb36de8f400ab6ea04dc86cf440bd697

Some caches(PatchCache, TextureCache, PathCache) for HWUI
uses deferred removal for their cache entries even though
actual resource objects are immediately freed by
ResourceCache.
For this reason, the uniqueness of a resource address in
the caches is not guaranteed in specific cases.
(Because malloc() can return the same address when malloc()
and free() called very frequently.)

So it can be possible the cache have two cache entries for
two different resources but the same memory address.
(Of course one of the resources is already freed.)
It also can be possible mGarbage vector in PatchCache has
duplicated addresses and this can lead to duplicated free
blocks in the free block list and graphics corruption.
(Deferred removal was implmeneted based on an assumption of
unique resource addresses.)

So this patch makes sure resource objects are freed after
the resources are removed from the caches to guarantee
the uniqueness of a resource address and prevent graphics
corruption.

Change-Id: I040f033a4fc783d2c4bc04b113589657c36fb15b
Signed-off-by: Sangkyu Lee <sk82.lee@lge.com>

Change-Id: I4bcfd2efc379d347df72425f30484d16e6dbae65

Bug: 23591205
Change-Id: I960dfcc1584c0a17685790d5d722eaf11b930e25
(cherry picked from commit 2f137b7)

There's no direct permission tied to it and fix the op-to-switch entry.

Change-Id: I661ef6707ba50adb371e3223a91880c4838df669
Signed-off-by: Roman Birg <roman@cyngn.com>
(cherry picked from commit 72a1fbe)

* No longer support a package name stanza outside of
  a signature tag. Package names, by themselves, have
  no security associated with them in Android and thus we
  should not be allowing or encouraging this
  type of policy.

* Allow for nested package name stanzas inside
  signature stanzas. There are cases where a finer
  distinction needs to be made among apps signed with
  the same cert. New code allows a different seinfo
  tag to be assigned to the listed package names
  signed by the parent cert. When a determination needs
  to be made concerning seinfo assignments, the inner
  seinfo tag takes precedence over the outer seinfo
  labels which are assigned to just the signature.

* Temp structures are now used to parse new policy files
  until the entire xml file is parsed and deemed correct,
  at which time the temp structures are copied over to the
  permanent class structures. This ensures that any structural
  errors with the policy will not result in partial loads.

* Valid stanzas look like the following with the inner
  package piece being optional.

   <signer signature="">
     <seinfo value=""/>
     <package name="">
       <seinfo value=""/>
     </package>
   <signer>

   <default>
     <seinfo value=""/>
   </default>

Change-Id: Ia204d71211776dcf9b2dcc86ad6d77c4ad39dc25

This change applies a relabel to both /data/data and
/data/user directories on boot. Not every boot will
apply this relabeling however. The appropriate
seapp_contexts is hashed and compared to
/data/system/seapp_hash to decide if the relabel
should occur.

Change-Id: I05e8b438950ddb908e46c9168ea6ee601e6d674f
Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil>

This patch covers 2 cases. When an app is installed
and the resulting data directory is created for all
existing users. And when a new user is created and
all existing app data directories are created for
the new user.

Change-Id: Iaba7c40645bc7b6cc823d613da0c3782acf6ddd5
Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil>

- Updating the string used to identify TD-SCDMA network type
  to be consistent with the ServiceState string.

Change-Id: I5aee8728ee80dc199f37414aba9019523082862c
CRs-Fixed: 564062

At present in Android all ICC Card states other than
ICC PRESENT are treated as ICC ABSENT.Adding functionality
to handle ICC IO error card state.

Change-Id: I229bd80cb5e487f4345bef9fb7fee60850f085d9
CRs-Fixed: 184479
(cherry picked from commit 5f414649d354f5b5f3208524e9827d488d183c76)
(cherry picked from commit fa5fb0852573189c107847da711ed61489cf92b5)
(cherry picked from commit 49e48d07a9cb7660d65ee3de30cf6e9f05bbc0ec)

This event constant is used in DcTracker

Change-Id: I1f9b34a8689c43c2586e9e3a92f0453649775d73
(cherry picked from commit f7ca98035479b670ff51bc9298fd7928a5e0f80d)
(cherry picked from commit f4d8f7b8fa390302b9cc51a5640e017ff393dfcc)
(cherry picked from commit 77d810390fbca8cb1d10bce148035fada414e0eb)

Add static constant variables required for OMH support

Change-Id: Idfeb2f3f1a3aa0403a7ff0ab7c69fc945d9e7083
(cherry picked from commit cf61f807ee07b4497da78c6bb753a835fa46b5b5)
(cherry picked from commit 8e68d056ca7c14fdefecbcf9b2b69048f092754a)
(cherry picked from commit 4a3b31e38c92bb1943c9290d8a4dd535b42bbd07)

- Added async handling of NetStatPoll.

Change-Id: Ic77bb949ffb72fb3c54bacc6ad2a6ee87e877023

…nterfaces.

Change-Id: I5d3601b05a41d4c59cff3b39ddfb66d00cb23c45
Signed-off-by: Stacy Devino <swylie@oceusnetworks.com>

- Introduce new RAT as IWLAN.
- Allow MDST to enable non-default APN availability when radio is off.

CRs-Fixed: 600118
Change-Id: Ifc9a0928cbda1d89a95d27a276a20a2d8e1cc8ca

PS10: add new drawables, I need to add new QS drawables and also RTL support
PS11: fix blank space and prevents checkapi to fail
PS13: fixed tile icon and rebase

Change-Id: I1503c464b2db841fc193e57311e62415f5ff40f2

This reverts commit 9c3c49b
since it picked up the wrong patch for merge
CRs-fixed: 582614

Change-Id: I6e1d45856fa26d470209396980f46ea13e5041db

Add masks for BeiDou amd Glonass
to delete aiding data
CRs-fixed: 582614

Change-Id: I651adcf4f5486c827bea8487e3437f15cd6d8013

Change-Id: I7f8d30bdd3ade31a91ea29c6fd1d175c0a1ff32c

Add a null check after an authority is read
from disk.

Bug: 26513719
Change-Id: I18f01828141110e776cc96f3b3be3d80125e70c1
(cherry picked from commit a962d9e)

BUG:26094635
If the caller to ContentResolver#getCurrentSyncs does not hold the
GET_ACCOUNTS permission, return a SyncInfo object that does not
contain any Account information.

Change-Id: I5628ebe1f56c8e3f784aaf1b3281e6b829d19314
(cherry picked from commit b63057e)
(cherry picked from commit a5cafd2)

The URL path could contain credentials that apps don't want exposed
to a potentially malicious PAC script.

Bug: 27593919
Change-Id: I4bb0362fc91f70ad47c4c7453d77d6f9a1e8eeed

…nt()

Get the canonical identity and metadata about the package from the
Package Manager at time of usage rather than rely on the caller to
have gotten things right, even when the caller has the system uid.

Bug 28795098

Change-Id: I62710b15bb601fdfedd68e32349168c10725eb45
(cherry picked from commit d85a4ed)

Also document that it returns local time.

Bug: 20638367
Change-Id: I6a1c35925e0555bcdcb079be0ca5b19a279a05a6

Since these are being CTS tested, they should be public.

Bug: 21568414
Change-Id: I3f9f6e5da240b2ac0b2b88b5d25ec3c8c4704b8d

Bug: 29270469
Change-Id: I6a6c8aeab2a842ff1646316363d614851625e78f

 * Not sure who to blame, but it's probably themes... :)

Change-Id: I0c534354a699f756d809aff10843ebea21f3f369

BUG:25624963
Change-Id: I939a12a27d6b915d8a9cc8b142f645fba0ee42ec

Change-Id: I4333d6aa6fbbc9ca7131990b959f4d0cc4da8ad3

Don't use "==" to compare strings.

Bug: 25624963
Change-Id: Id25696e4fdcbcf4d48ec74e8ed65c1a33716b30c

Bug: 30297223, Bug: 30437363
Change-Id: I7b18af40e4eac2713577204428fbfb96cc346582

Don't write partial requests, and don't return (or throw) early after
partially reading a response.

bug: 30143607

(cherry-picked from commit 448be0a)

Change-Id: I5881fdd5e81023cd21fb4d23a471a5031987a1f1
(cherry picked from commit 8e69dd2)

Fix for accidental launch of a broadcast receiver in an
incorrect app instance.

Bug: 30202481
Change-Id: I84b74edc29ca3fb88048b44af682ecbeb176b774
(cherry picked from commit a3af5c6)

…entially crash system with OOM. Bug: 29555864

Change-Id: I7157f48dddf148a9bcab029cf12e26a58d8054f4
(cherry picked from commit dde12c6)

Prevent sending media key events from the non-system app to the
telephony service through the AudioManager.dispatchMediaKeyEvent()
or sending media key broadcast directly.

Bug: 29833954
Tested: Installed malicious apps and confirmed that they don't work.
Tested: Run CtsTelecomTestCases and CtsMediaTestCases
Change-Id: I2a9e78196ba7455324e485f098f095d03b47ee15
(cherry picked from commit d1641e8)

…efore change

ExifInterface object can be created with a unsupported file format.
If saveAttribute is called with an unsupported file format, ExifInterface
makes the file corrupted. This CL prevents those cases by throwing
an exception before making any change on the file.

Bug: 30936376
Change-Id: I915f56b00ec9422b53591ac5534e070a1d6798e6
(cherry picked from commit 1bdd10a)

There's two pieces to this fix:
1. Move PAC loading off IoThread which isn't meant for
   blocking network fetches.  If the fetch takes more than
   60s Android reboots when the IoThread is used.
2. Limit PAC fetching to 20MB.  Any PAC bigger than that
   is likely evil.
MitM of PACs should only be possbile when a non-SSL PAC URL
is used.

Change-Id: Ie1658a1c705615dc85a7fc68053f0dad8d048294
Fixes: 30100884
(cherry picked from commit 7d2198b)

Bug: 28672558
Change-Id: I4bc14bd7f098e34012c2ae1eeba2d439145901f0
(cherry picked from commit 786e269)

setPairingConfirmation was set to only require BLUETOOTH_ADMIN
permission which shouldn't be able to set the confirmation itself.

This is restricted to BLUETOOTH_PRIVILEGED permission.

Bug: 29043989
Change-Id: Iddc935f0b02f5ff56e930914b4b664377e786184
(cherry picked from commit edae39d)

Bug: 30568284
Change-Id: I0b613f8ce0f014320c5ac1bf445699ea2702a0a2
(manually cherry picked from 9b2997d22e6ce2a15065d8e7608dd77b316c2065)
(cherry picked from commit f71d2cd)

Don't hold mPidsSelfLocked lock when calling
cleanUpApplicationRecordLocked.

Bug: 31463143
Change-Id: I1fddd06f5e35b67fea041741f5746c57a39208ba
(cherry picked from commit dce4be6)

…nders

More specifically, they get a PackageManager binder -- necessary for
Android process startup and configuration -- but none of the other
usual preloaded service binders.
(backported from commit 2c61c57)

Bug: 30202228

Change-Id: I3810649f504cd631665ece338a83d2e54d41ad05
(cherry picked from commit 2aa7e5e)

Bug: 32068647, Bug: 30936376
Change-Id: I22fa2384348c890ca726d2b1632cd54e59d25a8f
(cherry picked from commit 418e086)

…06a0f am: d417e54 am: 3380a77 am: 0a8978f am: 1684e5f am: d28eef0 am: 1f458fd am: d82f8a6 am: 1ac8aff am: 56098f8 am: 7cec76d

am: 2da05d0

Change-Id: I8c94a06f5fa722312436484609bafcb0585d6d18

Check whether specified offset belongs to mData.
Also added a default argument bufferSize to check the end offset.

Size of the ashmem descriptor can be modified between
ashmem_get_size_region call and mmap. createFromParcel method was updated
to check ashmem size again immediately after memory is mapped.

Test: manual - using the test app from the bug
Bug: 34128677
Change-Id: I3ecd1616a870ce20941ce9b20a1843d2b4295750
(cherry picked from commit 45e2e95)
(cherry picked from commit acede24)

Bug: 62196835
Test: Created an accessibility service that displays a system
and a toast overlay, confirmed that it disappeared when we
reached the accessibility permission screen that uses this
flag.

Change-Id: Ic51ead670fc480e549512ba1d02f49d9c13bc3f0
(cherry picked from commit 41ff538)

KEY_INTENT has no business granting any Uri permissions, so remove
any grant flags that malicious apps may have tried sneaking in.

Also fix ordering bug in general-purpose security check that was
allowing FLAG_GRANT_PERSISTABLE to bypass it.

Test: builds, boots
Bug: 32990341, 32879915
Change-Id: I657455a770c81f045ccce6abbd2291407a1cfb42
(cherry picked from commit d722e78)

Malformed authority segments can currently cause the parser to produce
a hostname that doesn't match the hostname produced by the WHATWG URL
parsing algorithm* used by browsers, which means that a URL could be seen
as having a "safe" host when checked by an Android app but actually visit
a different host when passed to a browser.  The WHATWG URL parsing
algorithm always produces a hostname based on the last @ in the authority
segment, so we do the same.

* https://url.spec.whatwg.org/#authority-state resets the "buffer", which
  is being used to build up the host name, each time an @ is found, so it
  has the effect of using the content between the final @ and the end
  of the authority section as the hostname.

Bug: 68341964
Test: vogar android.net.UriTest (on NYC branch)
Test: cts -m CtsNetTestCases (on NYC branch)
(cherry picked from commit cd6228d)

Change-Id: Ib791e5d4ad15dba87d65620513f92a71d780762f

Bug: 62187985
Test: manual, backport
Change-Id: I89ef535e345d402866a083e0bd8e3fd909fc9662
MERGED-IN: I3bdcd1876cd6dbe8a728bbce74edb52ab79f3e4c
MERGED-IN: Ic58ddd6d54e96f522445e67b90760dcfed13c27d

Clipboard should not return data if the device is locked. This CL checks
for device locked state before returning values from get/has functions.

Test: bit -t CtsContentTestCases:android.content.cts.ClipboardManagerTest

Bug: 64934810
Change-Id: Icefac226615fe22a7735dff4ba4c3b528fb2ac12

ClipboardService.isDeviceLocked should clear callingIdentity before
accessing KeyguardManager.

Test: bit
CtsDevicePolicyManagerTestCases:com.android.cts.devicepolicy.ManagedProfileTest

Bug: 64934810
Change-Id: I00d491e5fb6d1c5451c7f8c453931b26e6134452

Change-Id: Ibe2f40d6e9f66b5159f3a99caa841b593bda670e

The WHATWG URL parsing algorithm [1] used by browsers says that for
"special" URL schemes (which is basically all commonly-used
hierarchical schemes, including http, https, ftp, and file), the host
portion ends if a \ character is seen, whereas this class previously
continued to consider characters part of the hostname.  This meant
that a malicious URL could be seen as having a "safe" host when viewed
by an app but navigate to a different host when passed to a browser.

[1] https://url.spec.whatwg.org/#host-state

Bug: 71360761
Test: vogar frameworks/base/core/tests/coretests/src/android/net/UriTest.java (on NYC branch)
Test: cts -m CtsNetTestCases (on NYC branch)
Change-Id: Id53f7054d1be8d59bbcc7e219159e59a2425106e
(cherry picked from commit fa3afbd)

All other stringAt methods check for null termination. Be consistent
so that upper levels don't end up with huge corrupt strings.

Bug: 62537081
Test: none
Change-Id: I17bdfb0c1e34507b66c6cad651bbdb12c5d4c417
(cherry picked from commit 3d35a0e)
(cherry picked from commit 97f8cb01149b35b1832c7f9efe85ff19edf1083e)
(cherry picked from commit 5ec65ae)

Adds detection of attacker-modified size and data fields passed to
ResStringPool::setTo(). These attacks are modified apks that AAPT would
not normally generate. In the rare case this occurs, the installation
cannot be allowed to continue.

Bug: 71361168
Bug: 71360999
Test: run cts -m CtsAppSecurityHostTestCases \
          -t android.appsecurity.cts.CorruptApkTests

Change-Id: If7eb93a9e723b16c8a0556fc4e20006aa0391d57
Merged-In: If7eb93a9e723b16c8a0556fc4e20006aa0391d57
(cherry picked from commit 7e54c3f)

Test: manual
Bug: 73173182
Change-Id: I7f2201cab36adf7f01d1a794d783cb78a536811f
(cherry picked from commit 24da173)

Change Ic51ead670fc480e549512ba1d02f49d9c13bc3f0 incorrectly tries making
this permission hidden.
While marking it with @hide and only adding it to api/system-current.txt
was the proper way on Android 6.0, on 4.4, we need to add system APIs to
api/current.txt, without hiding them.

This change adapts this permission definition for 4.4.

Change-Id: Ib2de017d396aa9dcefa91f7eb1ea210be668234d

Changes the logs adding in a previous security fix to warnings so
devices with malformed APKs currently on them will not undergo DOS when
they are upgraded to P.

Bug: 79724567
Test: run cts -m CtsAppSecurityHostTestCases \
          -t android.appsecurity.cts.CorruptApkTests

Change-Id: Ied54e4bb14abdaf79da562022c7ea6075187c1f8
(cherry picked from commit f05f47b)
(cherry picked from commit c31cf80)

When FLAG_GRANT_PERSISTABLE_URI_PERMISSION is requested, we still
need to check permissions between the source and target packages,
instead of shortcutting past them.

The spirit of the original change is remains intact: if the caller
requested FLAG_GRANT_PERSISTABLE_URI_PERMISSION, then we avoid
returning "-1", which would prevent the grant data structure from
being allocated.

Bug: 111934948
Test: atest android.appsecurity.cts.AppSecurityTests
Change-Id: Ief0fc922aa09fc3d9bb6a126c2ff5855347cd030
Merged-In: Ief0fc922aa09fc3d9bb6a126c2ff5855347cd030
(cherry picked from commit d6a6e71)

SQLiteQueryBuilder has a setStrict() mode which can be used to
detect SQL attacks from untrusted sources, which it does by running
each query twice: once with an extra set of parentheses, and if that
succeeds, it runs the original query verbatim.

This sadly doesn't catch inputs of the type "1=1) OR (1=1", which
creates valid statements for both tests above, but the final executed
query ends up leaking data due to SQLite operator precedence.

Instead, we need to continue compiling both variants, but we need
to execute the query with the additional parentheses to ensure
data won't be leaked.

Test: atest cts/tests/tests/database/src/android/database/sqlite/cts/SQLiteQueryBuilderTest.java
Bug: 111085900
Change-Id: I6e8746fa48f9de13adae37d2990de11c9c585381
Merged-In: I6e8746fa48f9de13adae37d2990de11c9c585381
(cherry picked from commit 57b04a8)

If a device features a dock with a removable lid, lidOpenRotation
overrides the rotation even if it was undocked (technically the lid is
still open).

This setting tells the framework whether to apply lidOpenRotation to
undocked devices.

Change-Id: I1051278a45875b2139b75db28467f9b8de2936d6

Conflicts:
	policy/src/com/android/internal/policy/impl/PhoneWindowManager.java

Make sure the number of entries written by Parcel#writeMapInternal
matches the size written. If a mismatch were allowed, an exploitable
scenario could occur where the data read from the Parcel would not
match the data written.

Fixes: 112859604
Test: cts-tradefed run cts -m CtsOsTestCases -t android.os.cts.ParcelTest

Change-Id: I325d08a8b66b6e80fe76501359c41b6656848607
Merged-In: I325d08a8b66b6e80fe76501359c41b6656848607
(cherry picked from commit 057a01d)

Bug: 119819889
Test: compilation
Change-Id: If51d0e2af74d99758f79a603d40cc2f5c84e4dde
(cherry picked from commit 6351921)

Also don't show smart actions for selections in text with unsupported
characters.

Bug: 116321860
Test: runtest -x cts/tests/tests/text/src/android/text/util/cts/LinkifyTest.java

Change-Id: Id271cab8aef6b9b13ef17f1a8654c7616f75cf13
(cherry picked from commit 73f398d)