Network security watchlist service is a service to monitor all potential
harmful network traffic. By setting a network watchlist, any connections
that visit any site from watchlist will be logged.
Logs will be aggregated everyday and encoded using differential
privacy before exporting it from framework.
This feature is disabled now, run "setprop ro.network_watchlist_enabled true" to enable it.
All network events are handled in an async bg thread, it should not
cause any delay in netd. Also, it uses the hooks in enterprise network logging,
so we can run netd_benchmark to measure the impact to netd.
Here are the things not included in this CL:
- ConfigUpdater to get and set watchlist
- Differential privacy encoding logic and reporting
- CTS
- Memory and performance optimization for internal watchlist data structure
Test: manual - turn on the feature, hard code a watchlist xml, process
that visited that domain is being logged in sqlite.
Test: run netd_benchmark - seems no obvious performance change.
Test: bit FrameworksCoreTests:android.net.NetworkWatchlistManagerTests
Test: runtest frameworks-net
Test: runtest frameworks-services -p com.android.server.net.watchlist
Bug: 63908748
Change-Id: I09595178bac0070a867bc5e0501a7bf2c840e398
Until now, userdebug and eng builds have tracked StrictMode
violations on all system apps, including prebuilts that we have no
control over, which results in a lot of unactionable noise.
This CL narrows the set of enabled apps to only "bundled" system
apps, which gives us a much higher chance of burning these violations
down to 0 and keeping them there. We don't have a good proxy for an
app being "bundled", so we detect it based on being in the "android."
or "com.android." package namespace.
Clean up the entire flow of applying StrictMode defaults to make it
much more human-readable. This resulted in us fixing a bug where
StrictMode was never actually enabled for jank-sensitive threads in
system_server!
Relax I/O checks in a few places where we know we're interacting with
procfs or sysfs. Add internal "allow" methods that avoid object
allocation by returning raw mask.
Test: cts-tradefed run commandAndExit cts-dev -m CtsOsTestCases -t android.os.cts.StrictModeTest
Bug: 68662870
Change-Id: I536e8934fbcdec14915fcb10995fc9704ea98b29
BatteryService is the first service that uses a hwbinder
call, so we need to spawn the threads for BatteryService to receive
callbacks prior to starting BatteryService.
Test: boot test
Test: manually sleep in SensorDeviceUtils, still boots
Bug: 68765551
Bug: 68217725
Change-Id: Iadd88897d4cf9e0e37af706452c15318115f2149
CTS will be in next CL.
APIs for labels/ icons of profile switching are not implemented yet.
Test: Wrote a test app to play around the APIs
Test: bit FrameworksServicesTests:com.android.server.pm.crossprofile.CrossProfileAppsServiceImplTest
BUG: 67765768
Change-Id: I27714aa4a8d61c6df398cbc5112cb4c35316a3fb
They are untested and were committed as part of a legacy refactoring
that appears incomplete.
The Wear team have added a few new config.* flags to disable services
they don't need on watches. These should probably be unified since we
don't really need this fine level of granularity.
Test: make & flash
Bug: 64052650
Change-Id: I5c8ed3f0e78c2ed0d2e733939a82e1ab8940de22
Adds new PROTO flag which requests services to dump sections in proto format. Modifies PriorityDumper helper class to parse proto arguments and set asProto flags. Registers WM and AM with proto dump supprt.
Bug: 67716082
Test: frameworks/base/services/tests/runtests.py -e class "com.android.server.utils.PriorityDumpTest"
Test: adb bugreport ~/tmp/bug.zip
Test: adb shell dumpsys window --proto
Test: adb shell dumpsys activity --proto
Change-Id: Icfc6857c8a9340110a43343734a27e48d0b5a229
Register service with HIGH and NORMAL priority suppport. Dump network diagnostics as part of the HIGH priority bucket.
Test: adb shell setprop dumpstate.version "2.0-dev-priority-dumps" && \
adb bugreport ~/tmp_new.zip
Test: adb shell dumpsys --priority HIGH
Change-Id: I1ad263efbc264c3328e70dc9f7ddeb2d31bc4d41
Introduced in ag/2837473, this stats service is not actually up and
running fully. It is creating boot time selinux denials due to lack of
permissions for system server to start the service. Since it cannot run
due to system server being unable to register it with servicemanager, the
registration code is being removed for now to clean up boot denials.
Removing this boot denial will allow boot-time presubmit tests for SELinux to be
put into place. Service definition and sepolicy for this feature can be
added when the feature is approved in the future.
Bug: 67468181
Test: servicemanager does not generate denials on boot
Change-Id: Id6a29cc6abb8ebf5a3f41da4311a555f41dd80b3
The new string resource contains class names of device specific services
and referred by SystemServer.java.
Bug: 63893131
Test: Manually added device specific service and see if it's launched
Change-Id: I0cf88de5dfcf86dad459c0909073dce7fbfa57b9
For feature type "embedded", launch IoTSystemService from
System Server.
Test: Wrote a IotSystemService and ensured that the service is
successfully started on an iot device.
Bug: 67641069
Change-Id: I5aa0408f35fb4a5b0787cf9b20454720d8ae130f
Cherry-picked and refactored from oc-iot-dev branch
Register services to be called as soon as a bug report is taken so relevant debug info can be captured.
dumpsys --priority CRITICAL times: adb shell dumpsys --priority CRITICAL | grep "was the duration"
0.005s was the duration of dumpsys SurfaceFlinger
0.002s was the duration of dumpsys cpuinfo
0.003s was the duration of dumpsys activity
0.025s was the duration of dumpsys window
Bug: 31774394
Test: adb shell setprop dumpstate.version "2.0-dev-priority-dumps" && \
adb bugreport ~/tmp_new.zip
Test: adb shell dumpsys --priority CRITICAL
Test: adb shell dumpsys --priority HIGH
Test: adb shell dumpsys --priority NORMAL
Change-Id: Ic656a05dd9a838f0b13043b4387dae7b5c691f7e
Test: reboot device - no crashes
Test: Ran privapp_permissions.py for fugu/marlin/taimen
Bug: 64693550
Change-Id: I9522ccaa75858b9a3d153c95c529eff70cd13994
Use the presence of FEATURE_WEBVIEW to determine whether a device is
intended to have a WebView implementation or not, instead of trying to
fall back to NullWebViewFactoryProvider after loading WebView fails.
This removes the need for nullwebview entirely, and eliminates a class
of possible bug where unexpected exceptions during loading cause the
fallback mechanism not to work reliably.
On devices which don't have the feature, don't start
WebViewUpdateService at all. Guard all the places which try to access
the service to return reasonable (empty/null) results when this is the
case, instead of throwing exceptions.
Change-Id: I839adaaf0abee28f4989e3fbc0c49c0732d0ec1c
Bug: 31849211
Fixes: 28529980
Test: on wear and non-wear, cts-tradefed run cts -m CtsWebkitTestCases
Add PackageManager API which allows apps to test whether the platform
officially supports the Wi-Fi RTT API.
Only start the RTT service if the device supports it.
Bug: 65014628
Test: integration tests pass
Change-Id: Ie88bd29ccd592e9a29ff24e8cc346afc360f03b0
Replace existing Wi-Fi RTT manager framework. Creating new framework
in parallel since there's code using the new framework - will be
switched over once new version ready.
New version is AIDL-based.
Bug: 65014552
Test: unit tests and integration tests
Change-Id: Id468c9b2a3c94eb30959f5ac5e4b1688fb8fc633
Keeping the legacy BackupManagerService for now, but we'll remove
it in a few weeks if there's no issues noticed.
In case of any problems, this CL can be cleanly reverted as a fallback.
Test: pretty much all we got in store
1) runtest -p com.android.server.backup frameworks-services
2) make gts -j40 && gts-tradefed run gts -m GtsBackupHostTestCases
3) make cts -j40 && cts-tradefed run cts -m CtsBackupTestCases
4) make pts -j40 && pts-tradefed run pts -m PtsBackupHostSideTestCases
5) manual: "adb shell bmgr backupnow --all" and then cloud restore,
D2D scenarios (both as source and target)
Bug: 65823538
Change-Id: I701764995c4fe2611a4941aecb45315aa457658e
Fix reliability triggering in the time zone update
feature. The reliability triggering is there to
resume an update check when things go wrong. For
example, if the device is turned off after a
time zone data app is updated but before the time
zone update process has finished pulling the data
out and installing it in /data. The reliability
trigger happens when the device is idle and will
complete the work.
The idle triggering currently doesn't work as it
was implemented incorrectly.
The code has been changed to use the
JobScheduler to trigger on idle and scheduling
has been made explicit.
Unit tests run with:
make -j30 FrameworksServicesTests
adb install -r -g \
"out/target/product/marlin/data/app/FrameworksServicesTests/FrameworksServicesTests.apk"
adb shell am instrument -e package com.android.server.timezone -w \
com.android.frameworks.servicestests \
"com.android.frameworks.servicestests/android.support.test.runner.AndroidJUnitRunner"
Test: See above
Test: Manual testing: adb shell am idle-maintenance, adb logcat/adb shell dumpsys timezone
Test: PTS: run pts -m PtsTimeZoneTestCases
Bug: 65657543
Change-Id: Ibb2c537955d09a5d538c50490dae94a518522f19
Merged-In: Ibb2c537955d09a5d538c50490dae94a518522f19
(cherry picked from commit cd1a109b87)
Fix reliability triggering in the time zone update
feature. The reliability triggering is there to
resume an update check when things go wrong. For
example, if the device is turned off after a
time zone data app is updated but before the time
zone update process has finished pulling the data
out and installing it in /data. The reliability
trigger happens when the device is idle and will
complete the work.
The idle triggering currently doesn't work as it
was implemented incorrectly.
The code has been changed to use the
JobScheduler to trigger on idle and scheduling
has been made explicit.
Unit tests run with:
make -j30 FrameworksServicesTests
adb install -r -g \
"out/target/product/marlin/data/app/FrameworksServicesTests/FrameworksServicesTests.apk"
adb shell am instrument -e package com.android.server.timezone -w \
com.android.frameworks.servicestests \
"com.android.frameworks.servicestests/android.support.test.runner.AndroidJUnitRunner"
Test: See above
Test: Manual testing: adb shell am idle-maintenance, adb logcat/adb shell dumpsys timezone
Test: PTS: run pts -m PtsTimeZoneTestCases
Bug: 65657543
Change-Id: Ibb2c537955d09a5d538c50490dae94a518522f19
Merged-In: Ibb2c537955d09a5d538c50490dae94a518522f19
(cherry picked from commit cd1a109b87)
Fix reliability triggering in the time zone update
feature. The reliability triggering is there to
resume an update check when things go wrong. For
example, if the device is turned off after a
time zone data app is updated but before the time
zone update process has finished pulling the data
out and installing it in /data. The reliability
trigger happens when the device is idle and will
complete the work.
The idle triggering currently doesn't work as it
was implemented incorrectly.
The code has been changed to use the
JobScheduler to trigger on idle and scheduling
has been made explicit.
Unit tests run with:
make -j30 FrameworksServicesTests
adb install -r -g \
"out/target/product/marlin/data/app/FrameworksServicesTests/FrameworksServicesTests.apk"
adb shell am instrument -e package com.android.server.timezone -w \
com.android.frameworks.servicestests \
"com.android.frameworks.servicestests/android.support.test.runner.AndroidJUnitRunner"
Test: See above
Test: Manual testing: adb shell am idle-maintenance, adb logcat/adb shell dumpsys timezone
Test: PTS: run pts -m PtsTimeZoneTestCases
Bug: 65657543
Change-Id: Ibb2c537955d09a5d538c50490dae94a518522f19
Introduces StatsCompanionService.java and sets it up as a system service.
This service is a helper for statsd. It will be responsible for setting
and cancelling alarms related to polling stats and anomaly detection.
It currently does not have selinux permission, so must be started
manually (or with selinux temporarily disabled).
Test: disable enforcing selinux, then set and cancel alarms and make
sure they work.
Change-Id: I3bd73acdd998ee424696cce40965134c14220d8f
...VOICE_RECOGNITION_SERVICE that is needed for SearchSpeechServices
System setup was incorrectly completely runing off
VoiceInteractionManagerService if the associated feature is not set,
but the service needs to always be running, and instead rely on
the existing logic of reducing functionality if it should not be
running full voice interaction services.
Test: manually booted and ran
Bug: 65055576
Change-Id: I9a83216d45689440c71d657ba2721faf0662b0ff
Create new BootTimingsTraceLog object for logging when starting HIDL
services from different thread, in order to avoid exception.
Bug: 64111691
Test: Manual - device boots, metrics are logged to system/event log
Change-Id: I05834b7fe8078fbf772f9b29f0dd3aa4288f8f23
Renamed BootTimingsTraceLog to TimingsTraceLog. It is now used for
boot and shutdown logging.
Added measurements for main stages of shutdown in the system server:
ShutdownTiming: SendShutdownBroadcast took to complete: 734ms
ShutdownTiming: ShutdownActivityManager took to complete: 203ms
ShutdownTiming: ShutdownPackageManager took to complete: 17ms
ShutdownTiming: ShutdownBt took to complete: 533ms
ShutdownTiming: ShutdownRadio took to complete: 534ms
ShutdownTiming: ShutdownNfc took to complete: 1536ms
ShutdownTiming: ShutdownRadios took to complete: 1538ms
ShutdownTiming: ShutdownStorageManager took to complete: 906ms
ShutdownTiming: SystemServerShutdown took to complete: 3918ms
Bug: 64569080
Test: shutdown/reboot and check logs
Change-Id: I636c045852cd1ed6be1c58af6608f70e95756389
some additional loggings
Test: manually flashed to device and test calling IncidentManager.java
functions
Change-Id: I69610414edde865b20ba632837f037fbe43f99db
