- Also update vold to create sandboxes for secondary storage devices.
- Since bind mounts are created in the process specific namespaces, we
don't need /mnt/storage anymore which we were using it to prevent
some bind mounts from propagating onto /mnt/runtime/write.
- Create bind mounts for {media,obb} dirs similar to data dir in
per process namespace.
- Also fix a bug where we are not passing correct packages to vold when
a new user starts.
Bug: 111890351
Test: manual
Change-Id: I1abbafabc58993860305e5a928c980420f89f289
Updating the CPU stats can be quite slow and blocks the ActivityManager
handler thread.
Bug: 115506775
Change-Id: I9f67acfe2724c11d117703b2c4ccdbcc1f61c5ab
Test: manual - dumpsys batterystats | grep CPU
Bug: 65536124
When we pass null for TransitionManager.go() there is a special logic where we forgot to call previousScene.exit(), only newscene.enter() is called.
Test: added unit tests and tested manually
Change-Id: Ibd4d5a2cc17bbfe4aaa586357446da28d4b355af
The value is read from /proc/PID/status or memory.max_usage_in_bytes (for devices with per-app memcg enabled).
Reading the value takes about 2ms per process.
Full snapshot taken by statsd is around 300ms.
Results: https://docs.google.com/spreadsheets/d/1vG9ku8Uu8104CmKbO4cNeEKVeeByvHY--p0_dK1GAdA/edit?usp=sharing
Bug: 115477992
Test: atest FrameworksServicesTests
Change-Id: I87995cbd85085375ade685f29e986ba173f9693e
Added PendingIntentController and centralize pending intent handling
in that class. Pending intents are used by activities and other components
like services and broadcasts. Since, activity handling is going to be moving
to the wm package, we need a way to access pending intents from both am and
wm packages. The PendingIntentController allows this to by not holding any
service level locks.
Bug: 80414790
Test: Existing tests pass.
Change-Id: I52f6f233b24e62839a85067556f3560dec27f0c7
This deprecates public-exposed constructors. These constructors were
exposed by accident. These classes shouldn't be instantiated by
applications, but should only be instantiated by WebView.
In some cases, the app should get a singleton instance using
a #getInstance method. In these cases, we document this explicitly in
the deprecation note.
Bug: 110807530
Test: make docs, manually verify docs look good.
Change-Id: Ibe73b3399c9ced0cf4fbb01e1df13564476df252
In addition to the legacy "apk-verity" Merkle tree that skips the
Signing Block, now the builder supports the regular Merkle tree.
The class and methods are made public because it will be used in
different package.
Test: atest PtsApkVerityTestCases
Test: With other changes, observe the hash matches what other tool
generates.
Bug: 112037636
Change-Id: I3d96932cd16f4f330170547d6a7689d2997e4b85
Add api to collect committed procstats data.
Use highwatermark from the user to filter which files to include. This
way multiple users in the system can use this api.
Also allow ProcessStats.java to dump optional ProcessStatsSectionProto
so that other users can use it.
Test: will add cts test
Change-Id: If37c0fd25814460a1c8d5996d24d138295ff6421
ExternalStorageProvider always throw exception when renameDocument
because it will check file exist when getFileForDocId. However,
beforeVisibleFile is not exist after rename, it will throw
exception. Fix it by put getting beforeVisibleFile before rename.
Test: manual test rename in DocumentsUI
Test: atest RenameActualProviderUiTest
Fix: 113302685
Fix: 115304092
Change-Id: I45d60d2f940e3dbc2b121f7cd28acc3c2d085ec4
Merged-In: I45d60d2f940e3dbc2b121f7cd28acc3c2d085ec4
Historically ViewRootImpl#mContext has been just pointing to the
Context instance associated with whatever first View instance that is
being added to a Window. In other words, ViewRootImpl#mContext is not
owned by ViewRootImpl.
This can become a problem if ViewRootImpl is moved from a display to
another display with ViewRootImpl#updateInternalDisplay(), which was
added last year to support multiple displays [1], because there is no
guarantee that the target Contaxt that is pointed from
ViewRootImpl#mContext is also updated to have the new display ID.
In order to support multi-display we need to use the right Context at
least when interacting with InputMethodManager. Hence as a short term
solution this CL introduces ViewRootImpl#mDisplayContext so that the
right instance of InputMethodManager can receive callback from
ViewRootImpl. In this way, we can make sure that the behavior change
in ViewRootImple is limited to how InputMethodManager instance is
obtained.
Longer term solution will be discussed in Bug 116349163.
[1]: I9a9501cab788623ada15a31efb53e4b2378639fe
b047b8bd7e
Bug: 115893206
Test: atest ActivityManagerMultiDisplayTests
Test: atest CtsInputMethodTestCases CtsInputMethodServiceHostTestCases
Change-Id: Ifa0ca24e9cf764caf492ee065606680b6a06751a
For each lifecycle event exposed in
ActivityLifecycleCallbacks, an additional pair of
methods have been added to give developers a reliable
callback before and after each lifecycle event.
The existing callbacks cannot be used for this as they
are called as part of the super implementation and
therefore can run at any point in relation to the
other code in the Activity.
Test: manual
BUG: 116118635
Change-Id: If91f3f3248f9d7cf14aac2fe24ce14d92b8d05d3
The Permission Controller app (a mainline module) needs to be able to
read the SPLIT_PERMISSIONS. Hence this array needs to be exposed at
least as system-api. We need to make sure that the PackageParser,
PackageManager and Permission Controller app agree on which permissions
are split, hence it is best to define them at a single location.
I think exposing the split permissions to developers is useless and
potentially confusing. The app should never request a permission that
was split. The app should just behave as if split permissions do not
exist. The Permission Controller / Package Manager deal with the
split permissions and add them when needed. Hence I don't think we
should expose this data to 3rd parties.
Bug: 110953302
Test: requested permissions
Change-Id: I6951c52979c89ee5c13a4a14da125e1a01f2e234
The path-permission element offers prefix or regex style matching of
paths, but most providers internally use UriMatcher to decide what
to do with an incoming Uri.
This causes trouble because UriMatcher uses Uri.getPathSegments(),
which quietly ignores "empty" paths. Consider this example:
<path-permission android:pathPrefix="/private" ... />
uriMatcher.addURI("com.example", "/private", CODE_PRIVATE);
content://com.example//private
The Uri above will pass the security check, since it's not
technically a prefix match. But the UriMatcher will then match it
as CODE_PRIVATE, since it ignores the "//" zero-length path.
Since we can't safely change the behavior of either path-permission
or UriMatcher, we're left with recovering these shady paths by
trimming away zero-length paths.
Bug: 112555574
Test: atest android.appsecurity.cts.AppSecurityTests
Test: atest FrameworksCoreTests:android.content.ContentProviderTest
Change-Id: Ibadbfa4fc904ec54780c8102958735b03293fb9a
