Redesigned how ViewRootImpl delivers input events to views,
the IME and to native activities to fix several issues.
The prior change to make IME input event delegation use
InputChannels failed to take into account that InputMethodManager
is a singleton attached to the main looper whereas UI may be
attached to any looper. Consequently interactions with the
InputChannel might occur on the wrong thread. Fixed this
problem by checking the current thread and posting input
events or callbacks to the correct looper when necessary.
NativeActivity has also been broken for a while because the
default event handling logic for joysticks and touch navigation
was unable to dispatch events back into the native activity.
In particular, this meant that DPad synthesis from touch navigation
would not work in any native activity. The plan is to fix
this problem by passing all events through ViewRootImpl as usual
then forwarding them to native activity as needed. This should
greatly simplify IME pre-dispatch and system key handling
and make everything more robust overall.
Fixed issues related to when input events are synthesized.
In particular, added a more robust mechanism to ensure that
synthetic events are canceled appropriately when we discover
that events are no longer being resynthesized (because the
application or IME is handling or dropping them).
The new design is structured as a pipeline with a chain of
responsibility consisting of InputStage objects. Each InputStage
is responsible for some part of handling each input event
such as dispatching to the view hierarchy or to the IME.
As a stage processes an input event, it has the option of
finishing the event, forwarding the event to the next stage
or handling the event asynchronously. Some queueing logic
takes care to ensure that events are forwarded downstream in
the correct order even if they are handled out of order
by a given stage.
Cleaned up the InputMethodManager singleton initialization logic
to make it clearer that it must be attached to the main looper.
We don't actually need to pass this looper around.
Deleted the LatencyTimer class since no one uses it and we have
better ways of measuring latency these days using systrace.
Added a hidden helper to Looper to determine whether the current
thread is the indicated Looper thread.
Note: NativeActivity's IME dispatch is broken by this patch.
This will be fixed later in another patch.
Bug: 8473020
Change-Id: Iac2a1277545195a7a0137bbbdf04514c29165c60
Don't install packages where we have multiple, conflicting
<uses-permission> lines for the same permission.
For example, a package which contains:
<uses-permission android:name="android.permission.INTERNET" android:required="false" />
<uses-permission android:name="android.permission.INTERNET" android:required="true" />
will now fail to install.
In addition, this change slightly refactors the code, and creates a new
parseUsesPermission() method.
Change-Id: I0f4bb8b51dc4a0c5b73458a70f706e19829275d2
Don't honor <uses-permission android:required="false"> on older apps.
Lots of apps in the wild are improperly using this, and we don't
want to break them.
Bug: 8528162
Change-Id: I6e0a10bc9feac58d13ef624239c6b91e9fc34590
Check for file:// Uris inside Intents, ClipData, Notifications and
RemoteViews when StrictMode option is enabled.
Also introduces Intent.prepareToLeaveProcess() to uniformly handle
Intents about to leave an app process.
Bug: 8529070
Change-Id: I8efb43877cbc5f21eb029fc6492b3ee1415059ef
Add global key configuration file. A global key is one that is handled by
PhoneWindowManager before dispatching and sent to a given component via
broadcast instead of going to the foreground app.
Bug: 8510681
Change-Id: Ic6a8e559680d005613ed22874b27eb78bbfc4499
This makes it faster for applications that don't want to collect all the
certificates but do want the AndroidManifest.xml digest.
Bug: 8528639
Change-Id: Ide9498d0981188960af194a9568387337c075bcc
More getters and setters, better naming.
New extra defined for returning a custom intent that handles showing the
restrictions UI.
Change-Id: I2ee0cdb4edd99e71a9004ff5e929dbe243b45557
Updated API headers. Add BluetoothManager to be retrieved by
context.getSystemService(Context.BLUETOOTH_SERVICE).
LE scan functions are placed in BluetoothAdapter
The GATT API are device driven instead of a profile-driver.
bug 8450158
Change-Id: I424a4cedaac3ef8120a05996500008dd210d2553
When accounts are shared to a restricted/limited user, apps can
opt-in to viewing accounts of a certain type. Other shared accounts
are not visible to the app.
App would specify the account type in the manifest <application> tag
with the attribute restrictedAccountType="foo.bar", where "foo.bar"
is the account type as defined by the authenticator.
Change-Id: I7586da04d6d6d32aae15adc6b1366f325bb07384
Modify the package parsing code to understand optional permissions
(android:required="false"). This is essentially a rollback of
e824120016 with some minor changes.
Expose the requestPermission API to third party apps. This allows
an app to request an Intent which, when passed to
startActivityForResult, will prompt the user to approve permissions
for an app.
In the event we decide to not launch with this feature, this change
can be rolled back.
Change-Id: Ie3626deae9b16e510323f94a2c80377f7c84b26f
Add the buildPermissionRequestIntent API to PackageManager. This allows
an app to request an Intent which, when passed to
startActivityForResult, will prompt the user to approve permissions
for an app.
Currently, the API is @hide. It will be unhidden in a future change.
Change-Id: I4ec677002afa799a6eb5c2657c28452c91012436
The original documentation for this class indicated a leading slash was possible
but the code did not support it. Since then, the docs were changed to reflect
what the code does.
The purpose of this change is to allow the use of uri.getPath() as an argument.
With this change, the following can be done
matcher.addURI(ContactsContract.AUTHORITY,
ContactsContract.CONTENT_FILTER_URI.getPath(), CONTACTS_FILTER)
instead of
matcher.addURI(ContactsContract.AUTHORITY,
"contacts/filter", CONTACTS_FILTER)
Change-Id: I76a9e3133365be9fe7a8de86eae57f9eea1cd2a3
This patch set allows the PMS to parse the
mac_permissions.xml file which contains the
seinfo values. Each package that is installed
on the device will be assigned an seinfo value
based on policy. This seinfo value will help label
the app process and data directory. Modifications
include adjustments to ApplicationInfo.java
to store the seinfo tag per package as well as
adjustments to installd to communicate the seinfo
tag to libselinux.
Change-Id: I61ad1ea12fb6a9a6d0b108ec163bc4bf4c954b58
Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil>
This patch set allows the PMS to parse the
mac_permissions.xml file which contains the
seinfo values. Each package that is installed
on the device will be assigned an seinfo value
based on policy. This seinfo value will help label
the app process and data directory. Modifications
include adjustments to ApplicationInfo.java
to store the seinfo tag per package as well as
adjustments to installd to communicate the seinfo
tag to libselinux.
Change-Id: I61ad1ea12fb6a9a6d0b108ec163bc4bf4c954b58
Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil>
If the caller supplied an empty selection string (instead
of null) we would crash due to creating a bad SQLite statement.
Change-Id: I462803b80c81815ed9a3a320c23060daa28e8114
8323587: Add feature for supporting app widgets
8323342: Add feature for replacing the home screen
8323590: Add feature for supporting input methods
The app widget service looks for the app widget feature
and refuses to work if it doesn't exist. I didn't do
this for the input method service because some devices
will probably want to still make use of that mechanism
without supporting third party input methods.
Change-Id: Ie3b089105e104f4d767cdb03cdbe4fdb1c17382e
Adds the ability for apps to export some restrictions. The restrictions
are presented in Settings based on the restriction type. The user's
selections are stored by UserManagerService and provided to the
target user's application as a list of RestrictionEntry objects which
contain the key, value(s).
Also introduce a manifest entry for system apps to request that the
app be automatically installed in all users, so that they cannot be
deselected by the owner user.
Shared account filtering for non-whitelisted apps.
Change-Id: I15b741e3c0f3448883cb364c130783f1f6ea7ce6
If AsyncTaskLoader starts a background update due to a
content change, and that update is cancelled, we drop the
data when it finally arrives and forget that the content changed.
If we later come back to the loader, we then end up showing
stale data because we don't know that we still need to update
due to the old content change.
This change adds a couple new APIs to Loader to deal with the
time between when you ask for whether there is a content change
and finally either commit the data or cancel the update.
AsyncTaskLoader is changed to make use of this so that it doesn't
lose changes.
Change-Id: I3866236b1c22bb9138f2d9f6032b126aeaee2e6e
You can now declare shared libraries in apks that are
on the system image. This is like the existing mechanism
of using raw jar files as shared libraries, but since they
are contained in an apk the library can actually be updated
from the Play Store. And this even (mostly) works.
There are some deliberate limitations on this feature. A
new shared library *must* be declared by an apk on the system
image. Installing an update to a system image apk does not
allow you to add new shared libraries; they must be defined
by everything on the base system image. This allows us to
get rid of a lot of ugly edge cases (shared libraries that were
there disappearing after an update is uninstalled for example)
and give some brakes on apps that happen to be pre-installed
on devices from being able to throw in new shared libraries
after the fact.
In working on this, I ran into a recently introduced bug where
uninstalling updated to system apps would fail. This was done
to allow for the new restricted users that don't have all
system apps, but conflicts with the existing semantics for
uninstalling system apps. To fix this I added a new uninstall
flag that lets you switch on the new mode if desired.
Also to implement the desired logic for limitations on declaring
new shared libraries in app updates, I needed to slightly tweak
the initial boot to keep the Package object for hidden system
packages associated with their PackageSetting, so we can look at
it to determine which shared libraries are allowed. I think
this is probably more right than it was before -- we already
need to parse the package anyway, so we have it, and when you
install an update to a system app we are in this same state
until you reboot anyway.
And having this fixed also allowed me to fix another bug where
we wouldn't grant a new permission to an updated app if its
system image version is updated to request the permission but
its version is still older than whatever is currently installed
as an update. So that's good.
Also add new sample code showing the implementation of an apk
shared library and a client app using it.
Change-Id: I8ccca8f3c3bffd036c5968e22bd7f8a73e69be22
