This reverts commit 106ff7a0a1.
Test: All the unit tests (ShortcutManagerTest1*) CtsShortcutHostTestCases and CtsShortcutManagerTestCases
Change-Id: Iadce2b3785cbf728daa60c4e2ff103e516d85896
This is to prevent apps which do not support density
(so essentially pre-Doughnut) from being resized and / or
windowed in free form mode.
These apps are rendered into a smaller sized buffer and
then scaled onto the screen. Using freeform window mode with
these apps uncovered many different problems.
Bug: 33843467
Test: Pre-N as well as Pre-Doughnut applications are presented
properly in free form mode. (Pre-Doughnut cannot be windowed /
resized, many M apps can).
Change-Id: I3c0eb3681486dc85ace15955432d79200743bce3
This API is designed to provide both UID-level stats and overall
summary data for a given storage device, as identified by UUID.
The use of UID-level granularity might appear a bit clunky, but it
matches other usage statistics (such as network and battery), and it
allows us to implement it using an extremely fast quota kernel
feature.
A future CL will wire up the implementation to installd.
Test: builds, boots
Bug: 32206268
Change-Id: I7b51877682d0370c2402c19346f57809f0e7ac53
Fixes: 33814858
Works around a crash for apps that inject custom
TypedArrays, which is completely unsupported, but
given the ease with which the crash can be worked
just going with higher compatibility on this one.
Test: App referenced in bug launches
Change-Id: Iac9a9b4fefd08815544211ffa49b02259920381f
This makes Package Manager require APK Signature Scheme v2 signatures
for ephemeral APKs. This part of the effort to deprecate the v1
signature scheme based on JAR signing.
Test: cts-tradefed run singleCommand cts --skip-device-info --skip-preconditions --skip-connectivity-check --abi arm64-v8a --module CtsAppSecurityHostTestCases -t android.appsecurity.cts.PkgInstallSignatureVerificationTest
Bug: 33700225
Change-Id: I3b408487c07085c0a7924d3eca495bdcb344b32d
Test: Manual test and all the unit tests:
adb shell am instrument -e class com.android.server.pm.ShortcutManagerTest1 -w com.android.frameworks.servicestests
... to test9
adb shell am instrument -e class com.android.server.appwidget.AppWidgetServiceImplTest -w com.android.frameworks.servicestests
Bug 32404406
Change-Id: Icd6d4cbd25d9cdf4508da725d95d6401cc3a46a7
Also adds unit tests that assert that the cached value is equivalent
to the parsed value.
bug: 30792387
Test: PackageParserTest
Change-Id: Ibf6dfd1225243b436e3d7473170c2ccc31cfbbd7
This change allows the system to perform iterative reset
of changes to settings in order to recover from bad a
state such as a reboot loop.
To enable this we add the notion of a default value. The
default can be set by any package but if the package that
set it is a part of the system, i.e. trusted, then other
packages that are not a part of the system, i.e. untrusted,
cannot change the default. The settings setter APIs that
do not take a default effectively clear the default. Putting
a setting from a system component always makes it the
default and if the package in not trusted then value is
not made the default. The rationale is that the system is
tested and its values are safe but third-party components
are not trusted and their values are not safe.
The reset modes from the least intrusive are: untrusted
defaults - reset only settings set by untrusted components
to their defaults or clear them otherwise; untrusted clear
- clear settings set by untrusted components (or snap to
default if provided by the system); trusted defaults - reset
all settings to defaults set by the system or clear them
otherwise.
Also a package can reset to defaults changes it made to
the global and secure settings. It is also possible to
associate a setting with an optional token which can then
be used to reset settings set by this package and
associated with the token allowing parallel experiments
over disjoint settings subsets.
The default values are also useful for experiment (or
more precisely iterative tuning of devices' behavior in
production) as the stable configuration can be set to
the "graduated" safe defaults and set the values to the
experimental ones to measure impact.
Test: tests pass
Change-Id: I838955ea3bb28337f416ee244dff2fb1199b6943
Feature is already built under the hood, but it needs it's own public
StrictMode API so it can be independently enabled.
Test: builds, boots
Bug: 32447617
Change-Id: I3c0c6d62dd36aaf25f30e0ef8e0e7b40cf32c6d2
On userdebug/eng devices, the shell can run as non-shell UIDs, so
define a flag to identify broadcasts coming from the shell, and
don't yell if they're non-protected.
Test: builds, boots, root shell can send broadcasts
Bug: 32369665
Change-Id: I5f55930ee434cb8318c86aaf05eba3c59a326694
This change allows the system to perform iterative reset
of changes to settings in order to recover from bad a
state such as a reboot loop.
To enable this we add the notion of a default value. The
default can be set by any package but if the package that
set it is a part of the system, i.e. trusted, then other
packages that are not a part of the system, i.e. untrusted,
cannot change the default. The settings setter APIs that
do not take a default effectively clear the default. Putting
a setting from a system component always makes it the
default and if the package in not trusted then value is
not made the default. The rationale is that the system is
tested and its values are safe but third-party components
are not trusted and their values are not safe.
The reset modes from the least intrusive are: untrusted
defaults - reset only settings set by untrusted components
to their defaults or clear them otherwise; untrusted clear
- clear settings set by untrusted components (or snap to
default if provided by the system); trusted defaults - reset
all settings to defaults set by the system or clear them
otherwise.
Also a package can reset to defaults changes it made to
the global and secure settings. It is also possible to
associate a setting with an optional token which can then
be used to reset settings set by this package and
associated with the token allowing parallel experiments
over disjoint settings subsets.
The default values are also useful for experiment (or
more precisely iterative tuning of devices' behavior in
production) as the stable configuration can be set to
the "graduated" safe defaults and set the values to the
experimental ones to measure impact.
Test: tests pass
Change-Id: I8c23b145d4f8ee0de2f29dedaa4641ac59343d6a
Tests were added and verified before refactoring to ensure no behavior
changes. This is the first step in revising compat checks for O policy.
Bug: 33455703
Test: PackageParserTest#testComputeMinSdkVersion
Test: PackageParserTest#testComputeTargetSdkVersion
Change-Id: I483b4d23945183702b7e077fa1bd6d3ab5065acc
Activities that have a browsable web intent filter [action.VIEW,
category.BROWSABLE and http(s) scheme] are implicitly exposed to
instant apps. Authors can explicitly hide these activities by
using the attribute android:visibleToInstantApp="false".
Bug: 25119046
Test: cts-tradefed run commandAndExit cts-dev -m CtsAppSecurityHostTestCases -t android.appsecurity.cts.EphemeralTest
Change-Id: I88b277a719e7ecd5631f8cbd281757eb3e3d2ce6
Test: Manual test and all the unit tests:
adb shell am instrument -e class com.android.server.pm.ShortcutManagerTest1 -w com.android.frameworks.servicestests
... to test8
Bug 32908854
Change-Id: I30ba421e9730741776c1936e40ccf7b7431289da
There are a few major pieces here:
incidentd
---------
This daemon (started by init) runs and accepts incoming requests to take
incident reports. When prompted, it calls into various system services
and fills in an IncidentProto data structure, and then writes the report
into dropbox.
The next steps for incidentd:
- Security review of SELinux policies. These will be a subset of
the dumpstate permissions. Until this is done, incidentd is
not started at boot time.
incident
--------
This shell command calls into incidentd, and can initiate an incident
report and either capture the output or leave for dropbox.
incident_report
---------------
This host side tool can call adb shell with the correct parameters
and also format the incident report as text. This formatting code
was left of the device on purpose. Right now it's pretty small, but
as the number of fields increases, the metadata and code to do the
formatting will start to grow.
The incident_report command also contains a workaround to let it
work before incidentd is turned on by default. Right now, it is
implemented to call adb shell dumpsys <service> --proto directly,
whereas in the future it will go through the full incidentd flow.
incident_section_gen
--------------------
A build-time tool that generates a stripped down set of information
about the fields that are available.
libincident
-----------
This library contains the code to connect to incidentd, and the
meta proto definitions that are used by the framework protos.
The basics are here now, but they are not fully fleshed out yet.
The privacy.proto file contains annotations that can go in the
proto file that we will later use to filter which fields are
uploaded, and which are used by local sources. For example, a
device in a test lab is safe to upload much much more information
than a real user. These will share the same mechanism, but the
user's output will be filtered according to these annotations.
frameworks/core/proto
---------------------
These .proto files contain the definitions of the system's
output. There is one master android.os.IncidentProto file that
is the top level of an incident report, but some other services
(notification, fingerprint, batterystats, etc) will have others
that are used directly by the logging mechanism.
Other files which are shared by several of the services also go
here, such as ComponentName, Locale, Configuration, etc. There
will be many more.
There is also a first iplementation of a dump method handling
--proto in the fingerprint service.
IncidentManager
---------------
The java API to trigger an incident report.
Test: Not written yet
Change-Id: I59568b115ac7fcf73af70c946c95752bf33ae67f
This is needed for unbundling of the OobConfig apk.
Test: gts-tradefed run gts -m GtsGmscoreHostTestCases --test com.google.android.gts.devicepolicy.DeviceOwnerUserRestrictionTest#testFactoryReset_disallowFactoryReset
Bug: 32974361
Change-Id: I71e7270bb4c3234ec0516382b18a2ca35aab4c81
... so that multiple applies can be combined into a single write.
Do do this I replaces the executor in the QueuedWork by a more Android-y
handler.
Test: Ran shared preferences CTS tests. Looked at log and saw a lot of
skipped writes
Bug: 33385963
Change-Id: I8f33df717be7091532930ccf6ca8c48940e4edd4
