Soc vendors also want to add their own configs like odms do.
Additionally they should be allowed to add their own app permission
configs because they can install their own apps in /vendor/app.
So Soc vendors should be able to add system configs around libs,
features, permissions and apps.
Additionally this CL modified codes to allow "privapp-permissions"
only on system partition because we won't allow apps on the partner
partitions to count as privileged.
Test: building succeeded and tested on sailfish.
Bug: 35369237
Change-Id: I7d84d6e351d9e7023931757082d9f661c5a9a80a
This is a follow up CL to my previous CL [1], which introduced a
classical fall through bug due to a missing return statement.
[1]: Ic614f112f960382280acd8891b3af56d47679f08
ce82eb2d86
Test: Manually made sure that calling
InputConnection#performPrivateCommand() no longer causes
IllegalStateException("Already recycled.").
Bug: 35079353
Fixes: 35681994
Change-Id: I9aa3c0497385e053718d829aad49495771b22b59
Deprecates com.android.internal.util.Predicate in favour of
java.util.function.Predicate.
Deprecates TestMethod and TestSuiteBuilder in favour of
Android Test Support Library.
Bug: 35089332
Test: make checkbuild
Change-Id: Id8b2be55925d7ca09750fc9681817793517ceb5d
This will now be controlled by individual accessibility services.
We'll provide the password information to them, and they can
present or hide the information as it makes sense for their users.
Password information was anyway provided when a headset was
connected.
Bug: 28139568
Test: Manually verified that TalkBack now speaks passwords on the
lock screen and in text views. Since I'm removing functionality
that didn't have tests, it's tricky to have specific tests.
Change-Id: Ic3c724ccce5762ee9dcd9e7dcbd4eae6734dd05e
When activity that is moved between displays handles all configuration
changes, it won't be restarted. This CL adds a callback to the client
to notify it about display change. Usually it will be followed by
onConfigurationChanged, except when configuration didn't actually change.
When activity is recreated, it won't receive onMovedToDisplay.
Bug: 34862802
Test: android.server.cts.ActivityManagerDisplayTests
Test: #testOnMovedToDisplayCallback
Change-Id: I9a9501cab788623ada15a31efb53e4b2378639fe
being out of sync with total count, due to nesting. Only update
the counter if nesting is 1.
Test: runtest -x
frameworks/base/core/tests/coretests/src/com/android/internal/os/BatteryStatsSensorTest.java
Change-Id: Iabb153550a79afa9902569bbbbdb5815decdc613
Fixes: 34750473
Commit https://android.googlesource.com/kernel/common/+/f0ce0eee added
CAP_SYS_RESOURCE as a capability check which would allow access to
sensitive /proc/PID files. system_server uses this capability to collect
smaps from managed processes. Presumably this was done to avoid the
implications of granting CAP_SYS_PTRACE to system_server.
However, with SELinux enforcement, we can grant CAP_SYS_PTRACE but not
allow ptrace attach() to other processes. The net result of this is that
CAP_SYS_PTRACE and CAP_SYS_RESOURCE have identical security controls, as
long as system_server:process ptrace is never granted.
Add CAP_SYS_PTRACE to the set of capabilities granted to system_server.
Don't delete CAP_SYS_RESOURCE for now. SELinux has blocked the use of
CAP_SYS_RESOURCE, but we still want to generate audit logs if it's
triggered. CAP_SYS_RESOURCE can be deleted in a future commit.
Bug: 34951864
Test: Device boots, functionality remains identical, no sys_resource
denials from system_server.
Change-Id: I2570266165396dba2b600eac7c42c94800d9c65b
Escrow token provides an alternative way to derive synthetic password for a
given user. In the new flow, a pre-provisioned escrow token
should be able to do anything the user password can do, since they both
derives the synthetici password which is the master key in the new auth flow.
Test: runtest frameworks-services -c com.android.server.SyntheticPasswordTests
Bug: 33126414
Change-Id: Ib5ee38fd61f66de3245427ce992ebc12f1873a26
The user password is used to unlock a per-user synthetic password which
serves the purpose of what the user password previsouly achieves (protect
keystore, vold disk encryption, auth token generation).
Test: runtest frameworks-services -c com.android.server.SyntheticPasswordTests
Test: manual
1. Start with fresh device, enable synthetic password with "adb shell cmd lock_settings sp 1"
1.1 add device lock, reboot and verify (positive & negative); change device lock, reboot and verify.
1.2 Inflate a work profile, reboot and verify device lock. check SID with "adb shell dumpsys lock_settings"
1.3 Un-unify and add work challenge, reboot and verify work challenge and SID.
1.4 Re-unify work challenge, reboot and verify.
1.5 Clear device lock, reboot and verify lock and SID.
2. Start with a fresh device, add a device lock and inflate a work profile.
2.1 Enable synthetic password, note current SID
2.2 Reboot and unlock device. Verify synthetic password is generated and SID remains.
2.3 Clear device lock, reboot and verify (SID should be cleared)
3. Start with a fresh device, inflate a work profile, add separate work challenge
3.1 Enable synthetic password, not current SID
3.2 Reboot and unlock device and profile. Verify synthetic password is generated.
3.3 Clear device lock only, reboot and verify (work profile SID should remain)
All steps tested on marlin (FBE) and bullhead (FDE)
Bug: 33126414
Change-Id: Idb9ebfc7bba2fe40670c5fee2189e873d9704540
We already does this on start. Now we also do the same when
the list of options changes.
Test: locally on device
Bug: 34470067
Change-Id: Ib184d67b532c5afd584fb9cd52daac69a7c50d0a
Add a --preload-default command that instructs the zygote to preload
resources. The command is a no-op if resources have already been
preloaded.
Test: manual.
Change-Id: I4a846a7d911fa929af472d9071ffbff6df424176
The color of the icon was happening in a
non-animated way. We're now animating the
color properly.
This also fixes an issue where the action
bar could be fully black.
Test: add colorized notification, observe animation
Fixes: 35308322
Change-Id: I4fbc1794fc027efb42eee3ee8f06fd9d8c513456
The same application can run as either an instant app or an installed
app. Store this setting per-user instead of based upon the install
location.
Bug: 25119046
Test: cts-tradefed run commandAndExit cts-dev -m CtsAppSecurityHostTestCases -t android.appsecurity.cts.EphemeralTest
Change-Id: Iff565bb1ac10d631499f0bd0f69b401cb073c10e
The offset used to adjust MotionEvents for swipe velocity tracking
was incorrect, and caused issues when touch points where close
together. Fixed the offset used, which resolved swiping issues.
Bug: 34673753
Change-Id: Ide6060b511510bcf299e3db778e6ffc6afda5e19
By definition, the zygote in question is lower priority if lazy
preloading is enabled. We therefore reset the zygote process'
niceness to 0 as soon as it comes up, rather than having it stick
around as a higher priority process until we eventually ask it
to load the default set of resources.
Test: manual.
Change-Id: I3ccfc0e7c3fdebf5f798d90b53140a554bf64c20
