Now that we have LocalCallingIdentity, we can start caching it in
very narrow cases. We must be careful to not cache too long, since
any changes to granted permissions for the UID mean we need to
re-evaluate any cached answers.
The best middle-ground for this in the Q release is to use an active
camera session as a proxy for when we should create a cache object
and then later invalidate it. (It's very unlikely that a user
changes permissions while actively using the camera, and this is
a strong signal that the caller is sensitive to performance.)
Many other sprinkled optimizations to avoid extra binder calls into
the OS, such as aggressively caching VolumeInfo related details.
Track IDs that are owned by each LocalCallingIdentity, to speed up
all future security checks.
Dispatch all change notifications asynchronously, and delay them by
several seconds while the camera is being actively used, to give
more important foreground work a fighting chance. Invalidate
thumbnails asynchronously.
Optimizations to ModernMediaScanner where it's safe to skip the
"reconcile" and "clean" steps when we're focused on a single file
that we successfully scanned.
Local tests show this CL improves performance of a test app that
takes 100 rapid shots by 45%. (All the collective optimizations
done so far this week add up to a 70% improvement.)
Bug: 130758409
Test: atest --test-mapping packages/providers/MediaProvider
Exempt-From-Owner-Approval: trivial manifest change
Change-Id: I38cc826af47d41219ef44eae6fbd293caa0c01d5
USAP improve app startup by ~5ms, so enable it for the
jitzygote experiment.
Bug: 119800099
Test: boots and usap processes live
Change-Id: I918d81f56cc7e9fcc8a053feadd7878108e6d590
If application process handles motion events late, it requests to start
moving task after MotionEvent.ACTION_UP is already fired. In that case,
system will wait for event that is not comming and cannot end drag state.
It's expected that the system finishes moving task when system receives
ACTION_UP by transfering touch focus. In a problem case, ACTION_UP event
is already sent to the application process before transfering touch focus.
If application receives ACTION_UP event after requesting moving task,
notify the system of finishing previous request.
Test: Quickly try to resize freeform windowing app repeatedly.
Test: atest WmTests:TaskPositioningControllerTests
Bug: 129507487
Change-Id: Ifa457ddc55524cae6da455e770472781a7805282
(cherry picked from commit 9a1cd7b5063229da536a1281916ae15ec9246d1a)
This is @hide for Q now that we're past API freeze, and will be
@SystemApi in master.
Bug: 126700920
Bug: 126701153
Bug: 130351719
Test: bit GtsIncidentConfirmationTestCases
Test: bit GtsIncidentManagerTestCases
Change-Id: Iac6a058017a86c1927502c529e5a7f3881eb56a7
When the Tile is created, we don't have its actual state, so it has to
start with some default state. Between the tile being bound and the
first time the state is updated by TileService, this is the default
state.
When the Tile for CustomTile is created, set its default state to
INACTIVE. On the first update it after it's bound it will be set
correctly. This is probably less upsetting than an ACTIVE tile that
suddenly becomes INACTIVE.
Test: manual using logs to verify that the Tile is never ACTIVE when it
shouldn't.
Fixes: 132813963
Change-Id: I58bad0a2a16ca42366a5772f62fe82c74a6e2fb7
The logic in MediaProvider is technically correct, but it's sometimes
inefficient in calling into the OS multiple times with the same
questions, such as validating getCallingPackage().
To mitigate this overhead, and start paving the way for more dynamic
delegation of permission checks, collect these details into a
LocalCallingIdentity object. We carefully perform all permissions
checking against this new object, and avoid using any other
thread-local values from ContentProvider or Binder.
Local tests show this CL improves performance of a test app that
takes 100 rapid shots by 37%.
This change is a no-op refactoring.
Bug: 130758409, 115619667
Test: atest --test-mapping packages/providers/MediaProvider
Change-Id: If250a7675f2246cd10881acf615619d6d6061f3d
According to the API documentation, output size queries must
return 'null' in case the respective format is not supported.
Bug: 132594990
Test: Camera CTS
Change-Id: I832efe73dae8753baa635b359a68062f2ef63476
The code allows to also whitelist only a select set of permissions, but
this is not yet exposed in the API.
Also: Fix up shell commands for restricted permissions
Fixes: 132368462
Test: - Enabled app via device admin in secondary profile
-> verified that permissions were whitelisted
- Installed existing and new app using --restrictpermissions and
not
-> verified that permissions were whitelisted or not
atest AppRestrictionsHelperTest
RestrictedPermissionsTest
Change-Id: I9cd76c555b40663f2e25ad86e8a54991baae346c
Merged-In: I9787e63d8beb8f6b1ba2d15532d4c0f69dbdf863
Two SecurityEvents should be considered identical as long as
their event content equals, disregarding the id field.
Test: manual
Change-Id: I811f9a104ed3a0d9e02991aeb9e3653c5c02efc3
Fix: 132367517
Similar to how we target DE and CE storage areas, callers need to
specifically ask to work with EXTERNAL storage. This is because
external storage often lives on a separate device from where internal
DE and CE data lives.
As one specific example, if we're moving an app between two
"internal" storage devices, we don't want to clean up the data
for that package on external storage, since it's not being moved.
This change also expands to all mounted external storage devices,
not just the storage backed by the incoming UUID.
Bug: 113277754
Test: atest android.appsecurity.cts.StorageHostTest
Test: atest android.appsecurity.cts.ExternalStorageHostTest
Test: atest --test-mapping frameworks/base/services/core/java/com/android/server/pm/
Change-Id: Ie125303726dd757ee45bd373f53addb35569c2f7
Bug: b/132455654
Test: build and run on automotive hardware. Use kitchen sink to send
and receive messages.
Change-Id: Ic0f04640f1894d6cf336ba7e641df9cf148a2bbd
Fixes: 131411751
Test: atest CtsVoiceInteractionTestCases # ran a few times on different devices, got no failures
Change-Id: I484db53772bf503f091f30f67ae92c8ae52d4105
