Drop down the limit on when we log, since under normal operation we
will never get more than a few K of data due to strict mode.
Try to clean up the code paths coming in and out of binder IPCs to
plug any places where we could disrupt the gather flag of a thread,
causing it to keep gathering stack crawls (which is the thing that
is causing our strict mode data to become so large).
Change-Id: I9a46512283d33e863c429840b465855d1fabb74e
32 bit processes will always see values from SUPPORTED_32_BIT_ABIS
and 64 bit processes will always see values from SUPPORTED_64_BIT_ABIS.
bug: 17367265
Change-Id: I9996034c190f9213986b9b1a4ee0e38eca91c7ad
Remove the checks for large parcel sizes. Those were triggering,
and identifyng the area of the problem, but also cause a lot of
trouble by making the unsafe deadlocky code there much more likely
to deadlock.
Add logging for strict mode IPCs, since those seem to be the
problem. Only log when things look bad.
Also add a log when battery stats are reset, to diagnose why they
are getting reset when they shouldn't be.
Change-Id: I588c858fb8d8c45f3c9c164ae2de9ae01547b304
Add the app directory to the arguments for starting a process.
Add a check for NeedsNativeBridge and a call to PreInitializeBridge
in the native fork code.
(cherry picked from commit 2eacd06bfb)
Bug: 17671501
Change-Id: I970db5b284b0c12e2d8a45df3950c1fff2927a4e
Now that we support unreachable routes, use those to block
address families on VPNs. This is a much more elegant solution.
Also update LinkProperties when IP addresses are added and
removed, fixing a TODO.
Bug: 17462989
Change-Id: Ib749d84710dca70d672350b9f129bb91419ec77e
In addition to device owners, profile owners on the primary user
can also set user restrictions that are necessary to lock down the
user.
This is to enable the case of a profile owner registered after setup
wizard is completed, on the primary user.
Also make managed profile vs. profile wording consistent in the
DevicePolicyManager docs.
Bug: 17555025
Change-Id: Ib9d08b8af34a99b25e11757fa7dc83673a7deb32
- Add an explicit power manager call to set the low power mode state,
instead of trying manage everything around a single setting.
- When low-power mode is triggered by falling below the configured
threshold, it does not update the setting.
- The "is-enabled" api returns setting || below configured trigger.
- Move the snooze management into the new api call.
- Callers (sysui + settings) updated to use the api instead of the
setting.
- Handles the case where the level does an unpowered leap out of the
low battery level. (Possible if powered in-between while the device
is off)
Bug:17460535
Change-Id: Ic030504c9cad9868a7137abbe837b170da37852b
Right now different code in System UI, Settings app and other places replace the
user icon with their own default. This tries to make it consistent by moving the
mechanism used in Settings in a helper class.
Bug: 17311038
Change-Id: Ic858c65bf82a98b9806dbba029e7cdcf441f372e
Even though Shell user is allowed to perform cross-user actions,
lock that path down if the target user has restrictions imposed by
the profile owner device admin that prevents access via adb.
If the profile owner has imposed DISALLOW_DEBUGGING_FEATURES, don't
allow the shell user to make the following types of calls:
start activities, make service calls, access content providers,
send broadcasts, block/unblock packages, clear user data, etc.
Bug: 15086577
Change-Id: I9669fc165953076f786ed51cbc17d20d6fa995c3
This can be controlled by MDMs via DPM.
Also fixes:
- javadoc for restrictions
- persisting of cross profile copy/paste restriction
Bug: 17387303
Change-Id: Ie148f56189181d2a4c6345c0823d417ab13a94a3
For restore use-case, session creation needs to complete quickly, so
delay ASEC allocation until session is opened. When preflighting
size checks, only consider external when we have a known size for the
container. Also relax size checks when using MODE_INHERIT_EXISTING
on external, since we don't know how much of existing app will be
copied over.
Consider session as "active" while commit is ongoing, until we're
either finished or pending user interaction.
Always publish first client needle movement away from 0. Use 25% of
internal progress to reflect ASEC allocation.
Avoid CloseGuard messages about leaking PFDs.
Bug: 17405741, 17402982
Change-Id: I6247a1d335d26621549c701c4c4575a8d16ef8c2
Dumb, dumb, dumb mistake.
Also fix battery stats wakeup reason tracking to use a SamplingTimer
(like kernel wake locks) so we can track both the duration and count
for each wakeup reason.
Change-Id: I89d69661006dc533622b1b7e68a139166d3a6975
Added a user restriction when creating a guest.
Made sure that guests can't install profile owners that
could undo the restriction.
Bug: 17359648
Change-Id: Icdd919e8b1cbd79a69aacb76e573ec3449f18e4c
Due to the async nature of switching users, it's not possible to
switch and remove immediately. So mark the switch target user as
soon as the user switch is requested, so that a remove will proceed
without failing at stopUserLocked().
Also, fix a similar problem with deleting the current guest and
switching to a new guest. It was attempting to remove the current
user which will result in a failed stopping of the user.
Added a way to mark the current guest
for deletion so that a new one can be created, switched to and the
old one deleted. If runtime fails, old guest is already marked for
deletion and will be cleaned up on restart.
Bug: 17321533
Change-Id: I4be0fb956227e0bb95588b5b1f2867fb1e655c0d
This makes tethered clients use the correct DNS servers when
tethering to non-default networks like the DUN APN.
Bug: 16357676
Change-Id: I8933b6de198a92c2aaf0291931ace8966ddba275
Even though we've grabbed the underlying FD, the PFD could be GC'ed
and when finalized it would end up closing the underlying FD. This
fix ties the PFD object lifecycle to the returned OutputStream.
Bug: 17183379
Change-Id: Ibee8f4cf78fee357181a250d15f2a653294b2877
Sessions can now zero-copy data directly into pre-allocated ASEC
containers. Then at commit time, we compute the total size of the
final app, including any inherited APKs and unpacked libraries, and
resize the container in one step.
This supports both brand new ASEC installs and inheriting from
existing ASEC installs. To keep things simple, it currently requires
copying any inherited ASEC contents, but this could be optimized in
the future.
Expose new vold resize command, and allow read-write mounting of ASEC
containers. Move native library extraction into the installer flow,
since it needs to happen before ASEC is sealed. Move multiArch flag
into NativeLibraryHelper, instead of making everyone pass it
around. Migrate size calculation to shared location.
Separate "other" package name in public API, provide a path to a
storage device when relevant, and add more docs.
Bug: 16514385
Change-Id: I06c6ce588d312ee7e64cce02733895d640b88456
