Merge cherrypicks of [3199316, 3199473, 3199281, 3199021, 3199022, 3199023, 3199317, 3199318, 3199319, 3199320, 3199455, 3199085, 3199261, 3199246, 3199335, 3199247, 3199209] into oc-r5-releaseandroid-8.0.0_r36 oreo-r5-release

Change-Id: I8e14cceca07d31db540c439dd297efd89e33b579
author: android-build-team Robot <android-build-team-robot@google.com> 2017-11-09 19:16:57 +0000
committer: android-build-team Robot <android-build-team-robot@google.com> 2017-11-09 19:16:57 +0000
commit: b4dd5a57336c84b3df9e1c0f5b5f8b7c1bbe739a (patch)
tree: 0c72d3a4264b690c17a494879b129f1cbe1bf426
parent: 1a85090a85c22ecabdeede559258e48b7abefa74 (diff)
parent: 1dc064f2d0d37c8929c95847584d41b40050ab7c (diff)
download: base-oreo-r5-release.tar.gz
3 files changed, 21 insertions, 12 deletions
diff --git a/core/java/android/os/ParcelableException.java b/core/java/android/os/ParcelableException.java
index d84d62997d93..7f71905d7f28 100644
--- a/core/java/android/os/ParcelableException.java
+++ b/core/java/android/os/ParcelableException.java
@@ -52,10 +52,12 @@ public final class ParcelableException extends RuntimeException implements Parce
         final String msg = in.readString();
         try {
             final Class<?> clazz = Class.forName(name, true, Parcelable.class.getClassLoader());
-            return (Throwable) clazz.getConstructor(String.class).newInstance(msg);
+            if (Throwable.class.isAssignableFrom(clazz)) {
+                return (Throwable) clazz.getConstructor(String.class).newInstance(msg);
+            }
         } catch (ReflectiveOperationException e) {
-            throw new RuntimeException(name + ": " + msg);
         }
+        return new RuntimeException(name + ": " + msg);
     }
 
     /** {@hide} */
diff --git a/services/core/java/com/android/server/accounts/AccountManagerService.java b/services/core/java/com/android/server/accounts/AccountManagerService.java
index f0b1b3baee17..ef8a5758e873 100644
--- a/services/core/java/com/android/server/accounts/AccountManagerService.java
+++ b/services/core/java/com/android/server/accounts/AccountManagerService.java
@@ -4703,6 +4703,10 @@ public class AccountManagerService
         protected void checkKeyIntent(
                 int authUid,
                 Intent intent) throws SecurityException {
+            intent.setFlags(intent.getFlags() & ~(Intent.FLAG_GRANT_READ_URI_PERMISSION
+                    | Intent.FLAG_GRANT_WRITE_URI_PERMISSION
+                    | Intent.FLAG_GRANT_PERSISTABLE_URI_PERMISSION
+                    | Intent.FLAG_GRANT_PREFIX_URI_PERMISSION));
             long bid = Binder.clearCallingIdentity();
             try {
                 PackageManager pm = mContext.getPackageManager();
diff --git a/services/core/java/com/android/server/am/ActivityManagerService.java b/services/core/java/com/android/server/am/ActivityManagerService.java
index 186d0f40f43a..64eb97070d61 100644
--- a/services/core/java/com/android/server/am/ActivityManagerService.java
+++ b/services/core/java/com/android/server/am/ActivityManagerService.java
@@ -8629,6 +8629,19 @@ public class ActivityManagerService extends IActivityManager.Stub
             return -1;
         }
 
+        // Bail early if system is trying to hand out permissions directly; it
+        // must always grant permissions on behalf of someone explicit.
+        final int callingAppId = UserHandle.getAppId(callingUid);
+        if ((callingAppId == SYSTEM_UID) || (callingAppId == ROOT_UID)) {
+            if ("com.android.settings.files".equals(grantUri.uri.getAuthority())) {
+                // Exempted authority for cropping user photos in Settings app
+            } else {
+                Slog.w(TAG, "For security reasons, the system cannot issue a Uri permission"
+                        + " grant to " + grantUri + "; use startActivityAsCaller() instead");
+                return -1;
+            }
+        }
+
         final String authority = grantUri.uri.getAuthority();
         final ProviderInfo pi = getProviderInfoLocked(authority, grantUri.sourceUserId,
                 MATCH_DEBUG_TRIAGED_MISSING);
@@ -8724,16 +8737,6 @@ public class ActivityManagerService extends IActivityManager.Stub
 
         // Third...  does the caller itself have permission to access
         // this uri?
-        final int callingAppId = UserHandle.getAppId(callingUid);
-        if ((callingAppId == SYSTEM_UID) || (callingAppId == ROOT_UID)) {
-            if ("com.android.settings.files".equals(grantUri.uri.getAuthority())) {
-                // Exempted authority for cropping user photos in Settings app
-            } else {
-                Slog.w(TAG, "For security reasons, the system cannot issue a Uri permission"
-                        + " grant to " + grantUri + "; use startActivityAsCaller() instead");
-                return -1;
-            }
-        }
         if (!checkHoldingPermissionsLocked(pm, pi, grantUri, callingUid, modeFlags)) {
             // Require they hold a strong enough Uri permission
             if (!checkUriPermissionLocked(grantUri, callingUid, modeFlags)) {
author	android-build-team Robot <android-build-team-robot@google.com>	2017-11-09 19:16:57 +0000
committer	android-build-team Robot <android-build-team-robot@google.com>	2017-11-09 19:16:57 +0000
commit	b4dd5a57336c84b3df9e1c0f5b5f8b7c1bbe739a (patch)
tree	0c72d3a4264b690c17a494879b129f1cbe1bf426
parent	1a85090a85c22ecabdeede559258e48b7abefa74 (diff)
parent	1dc064f2d0d37c8929c95847584d41b40050ab7c (diff)
download	base-oreo-r5-release.tar.gz