Test: I solemnly swear I tested this conflict resolution.
Merged-In: Idd73c9938592c5c4d67cfb9efefdffed0dd5f262
Change-Id: I3d1aeb30b755ca05f32dcd3c46335d1611e0bb50
This CL adds the basics to set black, dark gray or light gray list
enforcement, rather than just black as before. It's not possible to
actually set the policy per-package yet.
PackageDexOptimizer still uses a single bit, for API checks on/off, rather
than the new enum. It assumes blacklist enforcement internally. This can
be improved in a follow up CL.
(cherry-picked from commit e52130ae4c)
Test: m
Test: Boot device
BUG: 73337509
Change-Id: Ic0d5b8fa631c2bd583b6fc52b2ee3708c8113f59
Merged-In: Idd73c9938592c5c4d67cfb9efefdffed0dd5f262
Changed the existing hidden api setPackagesSuspendedAsUser to a system
api setPackagesSuspended that can be called by apps with either
MANAGE_USERS or SUSPEND_APPS permission. Additionally, the suspending
app can now specify optional extra information meant to be used by the
suspended apps and the launcher to deal with this state.
The following other APIs are added:
- isPackageSuspended(): Apps can query whether they are in a suspended
state
- @SystemApi getPackageSuspendedAppExtras(String): Apps with permission
SUSPEND_APPS can get the appExtras passed to PM when suspending the
app.
- @SystemApi setPackageSuspendedAppExtras(String, PersistableBundle):
Apps with permission SUSPEND_APPS can update app extras for a
suspended package.
- getPackageSuspendedAppExtras(): Apps can call to get the appExtras
passed in to PM when they were suspended.
Test: Can be run via:
atest com.android.server.pm.PackageManagerSettingsTests
atest com.android.server.pm.PackageUserStateTest
atest com.android.server.pm.SuspendPackagesTest
Bug: 74336673
Change-Id: I3b9ed2c8478b34ee2e8986f5f5fddb2839d102e3
The service is meant to replace the PendingIntent based API. Once all
users of the PendingIntent based API switched the PendingIntent based API
will be removed.
To have as little as possible impact on the whole SoundTrigger framework
the RemoteSoundTriggerDetectionService class implements the same
interface as the PendingIntent based class. Hence the exising code has
very little change. Further once the old code can be removed the amount
of changed (and added) code is limited.
The RemoteSoundTriggerDetectionService -> SoundTriggerDetectionService
is a vanilla as possible service implementation. The special behaviors
are:
- The system holds a wakelock while service operations are in progress
and the service is bound as foreground. Hence the service can e.g.
listen to the microphone.
- Service operations have a certain amount of time they are allowed to
run. Once every operation is either finished or the the operation
exceeded the allotted time, the system calls onStopOperation for each
still pending operation. This is a similar model as for the commonly
used JobService.
Please note that if the time allowed for an operation is 15s and
op1 was run as 0si, and op1 was run at 5s, the service is allowed to run
until 20s. Hence _both_ onStopOperations will happen at 20s. This is
done for ease of implementation but should not give the service more
power than calling onStopOperation exactly 15s after each operation is
triggered.
- If an operation is done before the allotted time is reached, the
service can declare the operation as finished manually by calling
onOperationFinished. This is a call back into the system, hence a
'client' binder is sent to the service. If the operation is finished
by calling this method onStopOperation will not be called.
- As the service instance might be killed and restored between
operations we add a opaque bundle 'params' to each operations. The users
of the API can use this to send data from the start command to the
operations. It can also just be set to null. The params are not meant to
store changing state in between operations. Such state needs to be
persisted using the regular methods (e.g. write it to disk)
- A service can be used for multiple recognition sessions. Each
recognition is uniquelity defined by its sound model UUID. Hence each
operation gets at least tree arguments: Operation ID, sound mode UUID, params
- As a small optimization the params are cached inside of the service
instance.
The time allowed for each operation is in a @SystemAPI global setting,
so the service can make sure it finishes the operations before they are
stopped. It might take some time to deliver the operations via the
binder, hence it is not recommended to try to use every last ms of
allotted time.
Test: atest SoundTriggerDetectionServiceTest (added in separate CL)
atest android.provider.SettingsBackupTest
Change-Id: I47f813b7a5138a6f24732197813a605d29f85a93
Fixes: 73829108
Describe that AbstractThreadedSyncAdapter.onUnsyncableAccount should return
immediately and call it on main thread.
Test: atest android.content.cts.AccountAccessSameCertTest
android.content.cts.DeferSyncTest
android.content.cts.ContentResolverSyncTestCase
com.android.cts.content.CtsSyncAccountAccessOtherCertTestCases
Fixes: 73750859
Change-Id: Ie9e1aefafe3a4a1b3f0fe8a65803554f07a94c42
This is a follow up CL to a CL [1] that added one more state dump from
ApplicationInfo regarding whether the app is exampted from the API
restriction but forgot to take care of prefix handling.
[1]: I01e837253d00c6ffa841a9e5c226204a3e11b827
974290b032
Bug: 64382372
Test: Ran the following command to see "isAllowedToUseHiddenApi"
is aligned with other outputs from ApplicationInfo.
adb shell ime list -a
Change-Id: I9c77d9b557245b7f3b51631140bd564feef601ce
When getting the set of searchable activities, fetch instant
applications. But, this means that the set needs a final
filter to prevent leaking application existence.
Change-Id: I6b9daf031ce54061c4500d9edae1d738848158c4
Fixes: 68211791
Test: atest -it CtsAppSecurityHostTestCases:EphemeralTest#testGetSearchableInfo
(cherry picked from commit 8b9d664cae)
If no network security config is set the default value of
cleartextTrafficPermitted comes from the legacy
android:cleartextTrafficPermitted, default this to false for apps
targeting P to track the network security config behavior as was
intended.
Bug: 74587672
Test: atest CtsNetSecPolicyUsesCleartextTrafficUnspecifiedTestCases
Change-Id: I6367723befa1b947063554c9c061bdfc5be3d116
Sent when the current battery level changes.
It has EXTRA_EVENTS that carries a list of Bundle instances representing
individual battery level changes with associated extras from
ACTION_BATTERY_CHANGED
Each event has EXTRA_EVENT_TIMESTAMP representing time when it occured.
Test: manual
Bug: 74020080
Change-Id: I993005950299c5298c9111ca51cc7717e1f029de
Commit 042f4bb6 'pm: Modify getPackage() to only return non-null
packages' prevents the NullPointerException. b/
This reverts commit 00b4fa8b13.
Bug: 74214574
Bug: 72290969
Test: Same tests run on original commit.
Test: successfully flash and boot from bild 4504078 to ToT master.
Change-Id: Ia1e900ebe0eb8f9d10fd0eddbf658f52e1ea79b4
(cherry picked from commit 32ef1c2eb0)
Also include in system dump which packages are exempt from the api
restrictions.
This is a cherry-pick of 974290b032
from master.
Test: Verified that the device boots.
Bug: 64382372
Change-Id: Iaeca91478f53c8b4e9608246aab42bdb90f899bb
Assign the targetSdkVersion component of SeInfo using the lowest
targetSdkVersion of all apps within a SharedUserId.
Bug: 72290969
Test: cts-tradefed run cts -m CtsAppSecurityHostTestCases
Test: cts-tradefed run cts -m CtsSelinuxTargetSdk{current,25,27}TestCases
Test: install sharedUserId app with targetSdkVersion=28, then install
app with targetSdkVersion=26. Verify that they share the same domain
and data is correctly labeled.
Change-Id: I9476d10bf3c6a769d63a45a4314aaa91203880b8
It's too easy for code to accidentally use loadLabel() when building
strings for security sensitive contexts, so add ability for a process
to always force loading of safe strings.
Test: builds, boots
Bug: 73657770
Change-Id: I1c7645bd7bebed0cfb6bc3e5bfd36c8cb11d4838
Now include Gl extensions (thanks to whoever wrote the code
I copied!).
Tweak the protos a bit to include missing info and correct
some things.
Add some new test APIs that are needed for CTS.
Bug: 73301635
Test: atest CtsActivityManagerDeviceTestCases:ActivityManagerGetConfigTests
Change-Id: Ie3f8173d217468246e8b6c7f45b7cbfcb352d60f
When multiple activities match the same Intent, allow app developers
to reorder matched results within their own application. This is not
a replacement for priority which reorders matched results between
applications.
Change-Id: I12ee987622e12e40d6b5b48f616cc362d01381de
Fixes: 64582537
Test: atest -it CtsAppSecurityHostTestCases:PackageResolutionHostTest
- Update the minimized state when docking an app from home to ensure that
the animation of the docked task goes to the right bounds
- Temporarily block the invocation of the old recents activity when showing
recents as a part of setting the windowing mode of another task (this is
fine right now because quickstep only allows docking via the UI and not
from the nav bar while another task is open).
- Add proto field so we can determine whether to check the recents activity
from the split screen CTS tests
- Also fix issue with invisible docked task due to wrong bounds calculated
due to launcher not notifying the divider of the first docked frame
Bug: 73118672
Test: go/wm-smoke
Test: atest CtsActivityManagerDeviceTestCases:ActivityManagerSplitScreenTests
Test: atest CtsActivityManagerDeviceTestCases:ActivityManagerTransitionSelectionTests
Change-Id: Ib1208501c311de009a9e706103134865c521cb63
Instead of parcel and unparceling locales in LocaleList in
Configuration use LocaleList.read/writeParcel.
Bug: 73891437
Test: atest android.content.res.cts.ConfigurationTest
Test: atest android.content.res.ConfigurationTest
Change-Id: Id65a7e36487375f0e3a2c2da44ad8d7c5ea49734
