Collection of the RSS high-water mark is moved to a separate atom to
improve performance, increase flexibility and overcome security
constrainsts.
Performance: avoid reading /proc/pid/status in ProcessMemoryState;
flexibility: allow pulling RSS high-water mark on a different schedule;
security: add single point where we can trigger the high-water mark
reset.
The RSS high-water mark will be removed from ProcessMemoryState and
NativeProcessMemoryState atoms in a followup-up CL to ensure that the
collected data is continuous.
Bug: 119598534
Test: atest UidAtomTests#testProcessMemoryHighWaterMark
Change-Id: I52da7b5e695f771f1551e1f6a6a773bded4504d1
I688e87cf09ad206f4f517a7be960c2aa01af8fc4, restricted privileged apps from silently becoming Device Admins.
Ia4e1ce9b81756e7f84ed0aa22d97e0b968cd8d89 added privileged APIs for locking the device and resetting the password.
We continue that work by providing an alternative for DevicePolicyManager#setKeyguardDisabledFeatures guarded by android.permission.CONTROL_KEYGUARD_SECURE_NOTIFICATIONS
Bug: 111153365
Bug: 112601004
Test: Secure notifications can be redacted on keyguard
Change-Id: If81cecf6e74f7abcff581a122c4b68cc04ff57c6
Adds a hook to AppComponentFactory to allow control over the
instantiation of the main app class loader. LoadedApk creates
the default class loader and uses it to load the base APK. If
AppComponentFactory is declared in the manifest, its new method
instantiateClassLoader is called and its result becomes the
class loader used by LoadedApk to instantiate other classes
declared in the manifest. By default this is simply the class
loader created by LoadedApk.
Second method provides AppComponentFactory with a copy of
ApplicationInfo. The factory otherwise cannot locate any of the
app's resources, including its APK or the data folder.
Bug: 111342996
Test: atest CtsClassLoaderFactoryPathClassLoaderTestCases
Test: atest CtsClassLoaderFactoryInMemoryDexClassLoaderTestCases
Change-Id: Id21d9afaf00b9cb64a107bc9893b952407cff0b5
Not that we're starting to change appops' default values
for sms/calllog permissions, default grants by DefaultPermissionGrantPolicy
must take care to also flip the appops, otherwise permission grants don't
take the desired effect.
This also fixes the `appops get` shell command to reflect both uid and
package mode, consistent with how appops are checked
Bug: 117623587
Test: - enable kill switch for sms access restriction
- adb install -g $ANDROID_BUILD_TOP/out/target/product/sailfish/data/app/CellBroadcastReceiverTests/CellBroadcastReceiverTests.apk
- launch the app and press any button
- ensure no "Appop denial" warning in logcat
----
- adb shell appops get com.android.cellbroadcastreceiver android:receive_sms
- ensure result reflects uid mode
Change-Id: I59bb0c89423d3636c310c21b7a1cbf0481c992eb
Exposing canSuspendPackage so apps with SUSPEND_APPS can query whether a
package is considered too critical to suspend by the system.
Test: atest GtsSuspendAppsTestCases
Fixes: 117968270
Change-Id: I9c316dae7e7a7259d28e271c3901465244d6c93d
Also add method that returns the number of apps
that are bypassing dnd
Test: atest PreferencesHelperTest
Fixes: 115972200
Bug: 111475013
Change-Id: Id75093f9f42d00d05cca7700f64493d702c6a518
With this CL we add a new semantic action to Notification.Action to
represent contextual actions - i.e. actions specific to the current
notification. Contextual actions will be displayed differnently to
regular actions.
If the app itself does not provide smart replies or smart actions the
framework will generate smart replies and actions and put those in the
notification.
The UI for smart actions will be added in a separate CL.
With this CL we also remove a couple of unnecessary fields, namely:
NotificationInflater.mSmartActions
NotificationInflater.AsyncInflationTask.mSmartActions
the actions stored in these fields are stored in
NotificationData.Entry anyway.
Bug: 119010281
Test: write an app adding an Action with the new semantic type and
ensure that (contextual) action doesn't show up with the other actions.
Test: atest SystemUITests
Change-Id: Icd192fe2273b0474729dd4e413e0a6c2d75ff0fa
Instead of waiting for the first time we get the app op default mode,
just register the content observer for the sms & call log restriction.
This is temporary code anyway and will be removed according to a
STOPSHIP comment. So, the minor hit taken during system start is okay
for now.
Test: Device boots.
Change-Id: I55cc57ddfe80acf304b5126db16f5813a97c7042
Fixes: 119080532
This allows clients to run multiple instances of the same
manifest service declaration. It only works for isolated
services, to avoid too much abuse temptation. This is part
of the "Chrome site isolation" work, to allow chrome to have
many more render processes running and help it manage them.
Bug: 111434506
Test: atest CtsAppTestCases:ServiceTest
Change-Id: I22e65758678a07075ed32ed6463082ddf846d3a4
1. Send FOREGROUND_SERVICE_START event when foreground service starts.
Send FOREGROUND_SERVICE_STOP event when foreground service stops.
2. One app can multiple foreground services and multiple services can be
started. Because this, in UsageStats, change mLastForegroundEvent to
className to event map, do this for both activity and foreground
service. Change UsageStatsProto and UsageStatsXmlV1 to support this
change.
3. Add more test cases in UsageStatsTest.java.
Test: start music player which is foreground service, observce these
two events when start play and pause play.
Change-Id: I3dc14f5b73cc114a53b8c51f90d3011d9ace35ac
Bug: 112002260
Test: atest UsageStatsTest#testForegroundService
atest frameworks/base/services/tests/servicestests/src/com/android/server/usage/UsageStatsDatabaseTest.java
atest frameworks/base/core/tests/coretests/src/android/app/usage/UsageStatsTest.java
This change fixes the RcsManager setup and adds an empty RcsThread class. Please see go/rcs-in-telephony-doc for details.
Test: Builds fine
Bug: 109759350
Change-Id: Ie3fe476ab11d515ffab6dcc6ccf5ec801a4c9057
Update these methods to consider if the app is sandboxed or not.
Earlier, only apps with WRITE_MEDIA_STORAGE have access to full
external storage. So, clients had to check this before calling
these translate methods. Now, apps under instrumention might also
have full storage access and DownloadProvider will also start
using these translate methods. So, instead of having the clients
deal with it, move the logic of checking if an app is sandboxed or
not into these translate methods.
Bug: 117229024
Bug: 119265456
Test: atest MediaProviderTests
Test: atest cts/tests/tests/provider/src/android/provider/cts/MediaStore*
Test: atest services/tests/servicestests/src/com/android/server/StorageManagerServiceTest.java
Change-Id: If679e71a906bb2106752721409b4410557fb3e28
Both the comment and the usage suggest that this index should be
exclusive, not inclusive.
Bug: 111061782
Test: Call getBackgroundAccessCount without crashing
Change-Id: Ie4eb5a59874afd27bed0706cd177757155351b49
This change modifies the various components which treat high-priority
notifications differently, including the status bar, the lockscreen, and
the notification layout algorithm, such that foreground service
notifications are always included among the high-priority notifications.
This logic is now centralized in NotificationData.
Bug: 116622974
Bug: 118805186
Test: manually
Change-Id: Ia13c1aac0cf91c400594df96ce267e768133f8d1
Refactor the pulling code to avoid going to AcitivityManagerService.
Instead call MemoryStatUtil that reads procfs directly from
StatsCompanionService.
Bug: 118736433
Test: atest UidAtomTest
Change-Id: Idf57e3cd33058651f363c89828f71d19f25e6450
This change adds RoleManager into SystemServiceRegistry so that
Context.getSystemService() can work properly for RoleManager.
Bug: 110557011
Test: build
Change-Id: I81b7ed87e71f0deee090252f5bedf42eb79806aa
Add an API to allow adopting a subset of shell UID permissions.
Test: added - android.app.uiautomation.cts.UiAutomationTest#testAdoptSomeShellPermissions
passed - atest atest android.app.uiautomation.cts.UiAutomationTest
bug:80415658
Change-Id: I5cd8beeed7e586b2ac4e0cb16686cef738641e23
- This would allow the AiAi service to cross-reference assist data with
streaming text data and snapshots
- Pre-fill the task id/activity when receiving the assist data from the
activity and remove unnecessary autofill santization down the line
Bug: 117268952
Test: adb shell dumpsys window all
Test: atest CtsAutoFillServiceTestCases
Test: atest CtsAssistTestCases
Change-Id: I0d0d2c85426777cc77397716db34b520593db100
Instead of calling AMS synchronously, release the wm lock and pass it to AMS. Wait for AMS to
notify us when its done.
Fixes: 119265867, 119275681
Test: adb shell am start-activity -S -W com.google.android.apps.maps/com.google.android.maps.MapsActivity
Test: atest CtsSampleHostTestCases
Change-Id: Idc2895c14ccd92524e88ce3dda24b3d0e8dce2c1
Previously reverted due to b/72554856, fix for that in topic.
Original commit message:
Security model for moving sharesheet to systemui
ResolverActivity (still in frameworks) now requests a "permission token"
that it hands to a stubbed system ui activity ChooserActivity.
This permission token allows an app (SysUI) with the signed permission
"START_ACTIVITY_AS_CALLER" to call
ActivityManagerService#startActivityAsCaller. Permission tokens are a
one-time use, limited-time offer.
Test: runtest systemui && manual testing
Bug: 69850752
Change-Id: Ia50e21e2f8c6b6d0ed7207625e3b5aef214396bb
If the CallLog/SMS permission restriction is not enabled we keep
the old default app op state for the relevant ops and if the
feature is enabled we switch to the new default value.
Test: Manual
Change-Id: I93c0e059741f475ebdffce682e1d0d9149b41159
Split out the View/ViewRootImpl bits from the
hardware rendering bits.
Create a potential public API surface for
hardware rendering
Bug: 112709971
Test: builds & boots
Change-Id: I9e6f44b07a170574a905f42338282c4bb7e95f56
