Most of these callers are okay having results omitted when a package
is uninstalled or encryption unaware. For example, jobs and
notifications can only be enqueued by already running apps.
When clearing zen rules, keep around rules inserted by apps on
ejected external storage devices.
Make ServiceWatcher stricter by requiring that the matching package
be in the system image.
Bug: 26471205, 27105254
Change-Id: Ie41ea8042ac1a54e9cbe0c35cec89e70521e9bed
This is a follow up CL to the previous CL [1], which unintentionally
relied on whether the entire application rather than the
InputMethodService is marked to be encryption-aware. This wasn't
obvious because right now LatinIME is entirely marked to be
encryption-aware, which probably needs to be reconsidered in subsequent
CLs.
This CL drops "encryptionAware" line from InputMethodInfo#dump() as it
is redundant. The same information is already dumped in the
'ServiceInfo' section.
[1] Icf921fe3661eccf4a589b08b616d05decc561356
69811a98f1
Bug: 26279466
Change-Id: I6cea5fe5731f4a6a64ea722b854b99c5154a15ae
- Don’t launch Pip overlay activities during pinned stack animation.
This causes extra CPU load and takes a way resources from the running
animation.
- Finish Pip overlay activities before starting pinned stack resize
animation. Reduces the amount of work the system needs to do to keep
the overlays in-sync with the other activities in the pinned stack.
- Use AM.resizeStack with null bounds to take Pip to fullscreen so that
we can animate the bounds changed.
- Also, fixed Activity.enterPictureInPicture API to animate the transition
if Pip is entered from the app instead of Pip manager.
Bug: 25672053
Change-Id: I82399c10f1b8c675ea3861ba973dc8ecfbfbe50f
- Rename to FrameMetrics to avoid collision with existing
android.view.FrameStats class
- Make FrameMetricsObserver implementation detail,
exposing FrameMetricsListener interface as public API
and wrapping in FrameStatsObserver to maintain state
- Remove dropped frame count call, in favor of passing as
parameter to callback method.
- Move away from raw timestamp access in favor of Metric IDs
which represent higher-level, more stable stages in a frame
lifecycle and match the categories exposed in the onscreen
bars.
- Support many-to-many Window<->FrameMetricsListener relationship
Change-Id: I00e741d664d4c868b1b6d0131a23f8316bd8c5c2
Bug: 26874366
On Multiarch apps, it might be necessary to prioritize 32bit Abi ahead
of 64bit ones. The use32bitAbi flag enables this.
This CL also reverts the public api changes in I2c1fd1d036efe72b28b5fe996416df69a583959f and Ie3ecea6d84e2cb1522e736a21c3a3a24ac62eb27. Previously
the same functionality was provided using a raw abi string that
utilized cpuabioverride flag.
Change-Id: Idce3cbfedd11ef9079ce8a2901e69d30b1cf9ef4
This is another preparation for Bug 26279466. Whether an input method
is marked to be encryption-aware or not would become the thing here and
there in the Framework code. Having a utility method and debug info
in dumpsys should make our lives easier.
Bug: 26279466
Change-Id: Icf921fe3661eccf4a589b08b616d05decc561356
This has nothing to do with Bug 26279466 but might be something nice to
fix just as a preparation.
Bug: 26279466
Change-Id: Ie1a8ee2248081a70728c29e52c657b3a0ed919b1
This makes the animation when exiting docked mode a bit nicer
when you fling the divider towards to the navigation bar. However,
since the divider ends at the navigation bar, we need to immediately
dismiss it instead of fading out when the divider is fully occluded
by the navigation bar.
Change-Id: Ic5432fd118cb71be36485667b2c537caf5065ce5
Closing two small holes in the implementation:
1. The gesture was dispatched before the callback was registered. It
was possible for gestures that failed quickly to fail to report any
status.
2. Gestures could be dispatched before the input filter was
installed. Adding a wait to give the filter a chance to install
before reporting a failure.
Also removing an unused method on the input filter.
Change-Id: I77cd80dcd2cec6c72b3761169aba5eaecf62250b
(cherry picked from commit 03465fb874)
Fix two bugs: one where Instrumentation did not properly
handle destroyed UiAutomations, another where UiAutomation
did not properly disable running accessibility services.
Change-Id: I1773dbd373f4d5b0e7c9917ff18d8d9b1a0e07c7
(cherry picked from commit 846522cea0)
This change introduces the ability to have multiple packages per
APK. The feature is currently restricted to privileged apps and
updates to such apps.
In essence the manifest can have multiple child package declarations.
A child package can declare everything an Android package can except
some tags or attributes that are not applicable and instead inherited
from the parent when needed. For example, the target SDK of the parent
applies to all children.
A child package can be updated only through the parent package.
A package with multiple child packages is installed, uninstalled
atomically - no partial installs where some child packages are not
installed.
The remaining work is to ensure broadcasts are also sent for child
packages. This will come in a subsequent change.
Sample app:ag/848432
Design doc: https://docs.google.com/document/d/18nFWtJuZchLxrHf5SBbJW03-Ky9Rh_G0-OVB14b6u78
Change-Id: I6fd021d981bf5786290e0c53502724a14c97358c
EditText tried to draw outside of the padding boundaries because of a
cursor positioning issue in RTL. This CL removes that fix and instead
clamps the cursor position if cursor is outside of the clipped view
boundary.
Bug: 23397961
Change-Id: Id5f1fbe2a0f571100c89b21758fbb81b14d5da57
Currently TextView state is saved whenever selection is set even if
freezesText is false. This causes inconsistencies with the described
behavior for the attribute. This CL updates the behavior as:
- Always save the text for EditText
- Always save the selection if there are any.
- Do not save the text for TextView if freezesText is false.
- During onRestoreInstanceState if selection is out of the text
boundaries, do not restore the selection.
Bug: 22076905
Change-Id: I5e05d343e752a7d106c8881993e4d95ae21a38ce
(cherry picked from commit 8535836673)
Prior to this commit in this case of activity pause, with finishing=true
the activity manager will notify us of app visibility and we will begin
an exit animation. When this exit animation finishes, we will destroy
the application surface (unless its eligible for saving). However there
are two cases where this breaks down:
1. The exit animation finishes before the activity thread handles
the stop transition. Many activities stop rendering on Pause
but many do not and it is totally legal to do so. Sometimes this
results in non fatal dequeue buffer errors and sometimes results in
fatal errors with Pixel Buffers, etc...
2. We may resume the activity shortly after asking the window manager
to pause it. If the window wasn't eligible for animation, we will
immediately destroy it after being told of the visibility change
following PAUSE_FINISHING. It's possible for this to complete
before we process the resume. On the other hand the client
happilly processes the resume and transitions back from PAUSE
and then crashes once it attempts to use it's surface.
In this commit we have the activity manager notify the window manager
when an application has actually finished (or we have timed out
waiting). For windows which have not been explicitly removed by the
client, we defer destruction until we have received both this signal
and the animation has completed.
Bug: 26793431
Change-Id: Ib6ee8fbdd1f03450fbbfd62468a19e97774befab
Bug 26963113
When a Fade transition is interrupted and reversed, the
View started the animation from the beginning. This change
captures the previous transitionAlpha and starts the animation
from the previous alpha state.
Change-Id: I801fe9ade6af4cf8446838e231bdc71841668a18
(cherry picked from commit 3cf9fa3db0)
We confirmed with the graphics and JIT teams that no sensitive
user data is written to these caches, so they're safe to point at DE
storage.
Since we don't have control over what is written by the app, we need
to keep the cache environment variable pointing at CE storage.
Fix ensurePrivateDirExists() to always return a path, instead of
returning null which can cause scary bugs.
Change packages.list to no longer canonicalize data paths, since
these fail when CE storage is still locked.
Bug: 27069522
Change-Id: Ifff64a036fa4aa1e61aa0dd98486bc711fbf8f4a
Save arbitrarily nested fragments across config changes as
nonconfiguration objects. This permits the use of retain-instance
child fragments as arbitrary opaque dependencies within other
fragments.
Change-Id: Ia6640b76cfcf7ec28ba252628957a0c14863e957
(cherry picked from commit 7466be6626)
Offer commitNow and commitNowAllowingStateLoss methods on Fragment for
use by encapsulated components using fragments as implementation
details. This can help prevent unexpected ordering side effects at the
app level when a call to a library method wants to commit and
immediately initialize a fragment as an implementation detail.
Note that this change still does not permit reentrant FragmentManager
operations. It is still an error to add/remove/change fragments in the
same FragmentManager while a fragment transaction is being executed.
Have the commonly used ViewPager adapters use commitNow instead of
executePendingTransactions.
Change-Id: Ia37a871234a287423063f0c2c3e4c93d69116cad
(cherry picked from commit f6b30662f8)
Have the new showContextMenuForChild(View, float, float) call through
to the old showContextMenuForChild(View) before recursing up to its
parent. This ensures that existing apps with custom views that
override the old method still get called as expected if they implement
custom behavior.
Unlike some other similar circumstances we aren't implementing this to
be bidirectional as the new behavior doesn't need to be triggered by
invoking the old. If the older method is invoked explicitly we will
still show old-style dialog context menus instead of the newer popup
style since we won't have a good place to visually anchor a popup.
Bug 26919262
Change-Id: Ie09f922d322b5a24789c7867820c4bc43824c385
(cherry picked from commit 759a4c5400)
Add android.os.UpdateEngine and UpdateEngineCallback classes that
communicate with the update engine via binder APIs for A/B update.
Bug: 26695366
Change-Id: I2471858d28df5443bc0b56d9a20281ccebde4484
Add the means to protect FBE keys with a combination of an auth token
from Gatekeeper, and a hash of the password. Both of these must be
passed to unlock_user_key. Keys are created unprotected, and
change_user_key changes the way they are protected.
Bug: 22950892
Change-Id: Ie13bc6f82059ce941b0e664a5b60355e52b45f30
When a system app requests "forceDeviceEncrypted" they expect their
default app storage to point at a consistent location regardless of
device FBE support. So when booting upgraded non-FBE devices, we
may need to migrate any data from CE to DE. Note that on non-FBE
devices these are just semantic locations with identical protection.
This migration *only* works for non-FBE devices; changing
forceDeviceEncrypted flags on an FBE device always requires a full
data wipe.
Bug: 26668510
Change-Id: Ic5dfeaaf2db26c385901a638ca8ec35eb3c52859
Whitelist two more legacy intent actions, and don't enforce the
StrictMode checks when resolving intents that might be coming from
legacy apps. Newer apps would have already been yelled at directly
before getting to the resolver.
Bug: 26976516, 26977622
Change-Id: Ibf72a361ed68c52cfaac16c32ab40e79005a42e7
