Creating a SystemConfig from a non-system process is taking 500+ ms.
This CL instead exposes the needed split permissions from system_server
to optimize performance.
Tested locally and creating PermissionManager / retrieving SystemConfig
is now less than 1 ms.
Bug: 139828734
Bug: 139485700
Fixes: 139828734
Test: Added systrace / logs to PermissionController app and traced
runtime of onGrantDefaultRoles().
Change-Id: I111403e8dae3bc2b0acafc32e61aa5cd890fea29
Redefine the return condition of LPU.saveLock{Password,Pattern}:
1. When password change fails due to the caller providing an
incorrect existing password (or password throttling is still
being enforced), treat this as a normal failure mode and return
false.
2. For all other exceptions thrown during password change,
throw it to the caller so it fails fast, instead of relying
on the caller to check the return value.
Bug: 62410009
Test: atest com.android.server.locksettings
Change-Id: I8fa6320b7134d18ed5dae1af7f6f05002100d291
exposes sound trigger module properties to privileged
system apps with MANAGE_SOUND_TRIGGER permission
Bug: 139071862
Test: GTS test confirmed API accessible and providing valid data
Change-Id: Iec7ba6fc59912f44341fbe8d7f99193b9ead52f0
If private user data is send to an app the data provider should note an
app-op. This change adds a new API AppOpsManager#setNotedAppOpsCollector
that allows an app to get notified every time such an private data access
happens.
This will allow apps to monitor their own private data usage. Esp. with
big, old apps, distributed teams or 3rd party libraries it might not always
be clear what subsystems access private data.
There are three different situations how private data can be accessed and
an app op is noted:
1. Private data access inside a two-way binder call.
E.g. LocationManager#getLastKnownLocation. When we start a two way
binder transaction, we remember the calling uid via
AppOpsManager#collectNotedAppOps. Then when the data providing code
calls AppOpsManager#noteOp->AppOpsManager#markAppOpNoted the noted
app-op is remembered in
AppOpsManager#sAppOpsNotedInThisBinderTransaction. Then when returning
from the binder call, we add the list of noted app-ops to the
reply-parcel via AppOpsManager#prefixParcelWithAppOpsIfNeeded. On the
calling side we check if there were any app-ops noted in
AppOpsManager#readAndLogNotedAppops and then call the collector while
still in the binder code. This allows the collector e.g. collect a stack
trace which can be used to figure out what app code caused the
private data access.
2. Very complex apps might do permissions checks internal to themself.
I.e. an app notes an op for itself. We detect this case in
AppOpsManager#markAppOpNoted and immediately call the collector similar
to case (1).
3. Sometimes private data is accessed outside of a two-way binder call.
E.g. if an app registers a LocationListener an app-op is noted each time
a new location is send to the app. In this case it is not clear to the
framework which app-action triggered this app-op-note. Hence the data
provider has to describe in a AsyncNotedAppOp object when an why the
access happened. These objects are then send to the system server via
IAppOpsService#noteAsyncOp and then the collector in the app. There are
rare cases where a private data access happens before the app is running
(e.g. when a geo-fence is triggered). In this case we cache a small
amount of AsyncNotedAppOps (in AppOpsService#mUnforwardedAsyncNotedOps)
and deliver them when the app is ready for these events (in
AppOpsManager#setNotedAppOpsCollector).
Test: atest CtsAppOpsTestCases (includes new tests covering this
functionality)
Bug: 136505050
Change-Id: I96ded4a8d8d9bcb37a4555d9b1281cb57945ffa9
Remove logic to set heap target utilization to 0.8. The default is
0.75 and this should not have any fragmentation benefit since the
GC is compacting.
Removed some unused logging and a variable.
Test: TH
Change-Id: Ife7219e94fa0aa7f489569e16248cdd23d09089a
This reverts commit 098a533e78.
Reason for revert: Base CL caused slower app startup (I don't know why).
Change-Id: Ib67852b900ff2baeb34f5d553fb0d233f5475888
Added the property profilesystemserver in the RUNTIME_NATIVE_BOOT
namespace. This property is overrides the system one if it is
present.
Bug: 138851258
Test: set the property manually and verify that system server is started
Test: with profiling
Change-Id: Ifd69530e52a717a381b3f91b15a74329614906f2
At the moment isActivePasswordSufficient() can return stale result
immediately after a password change since the latest password metrics
information is pushed from LSS to DPMS asynchronously (this is to
avoid deadlock between LSS and DPMS due to lock inversion). Fix this
by moving the password metrics ground truth to LSS, and make DPMS
query LSS about the password metrics when needed.
Bug: 37090873
Test: atest com.android.server.devicepolicy.DevicePolicyManagerTest
Test: atest com.android.server.locksettings
Test: atest DeviceAdminHostSideTestApi24#testResetPassword_nycRestrictions
Test: atest DeviceAdminHostSideTestApi24#testRunDeviceOwnerPasswordTest
Test: atest MixedManagedProfileOwnerTest#testPasswordQualityWithoutSecureLockScreen
Test: atest MixedManagedProfileOwnerTest#testResetPasswordWithToken
Test: atest MixedManagedProfileOwnerTest#testPasswordSufficientInitially
Change-Id: Ib1d1716024b8a6a6554afdb4ee9824d457ed8308
