Previously we were modifying the extras of a shared notification
during the notification creation, which breaks if multiple builders
are accessing the same notification. We're now passing these options
as parameters into the various functions.
Test: create low priority group / notification / observe normal behavior
Change-Id: I2aaa5632cff55a87937a2bb3f947f15555d2e897
Fixes: 117150727
and basic rules for enforcement
The setting is on by default. It can be switched off with
a developer option (see accompanying commit) or
"adb shell settings put global background_activity_starts_enabled 0".
The setting is wired into ActivityStarter. When it's switched
off, all unsupported background activity starts are aborted and
it's currently manifested with a toast for quick feedback.
Only basic policy rules are added for now:
0) is it one of the most important UIDs?
1) does the calling app have any foreground activity?
2) is the calling process important enough to always be able
to start an activity?
3) does the calling uid have any visible window?
The policy rules will be extended to allow for more use cases
in forthcoming CLs.
Most notable use cases not currently covered:
1) Notifications
2) Widgets
3) Shortcuts
4) Some of the most important system apps (e.g. com.android.vending)
5) Accessibility services and similar (IMEs covered thanks to
visible window exemption)
6) Recents button double tap to open the previous app
See bluedoc for some more.
Bug: 110956953
Test: atest WmTests:ActivityStarterTests
Manual test:
(on) observe all activities are started as they used to be
(off) starts not satisfying one of the above rules are aborted,
a toast specifying callingPackage is shown instead
Change-Id: I1a3e14828c96f005d975ef6998f3bda678ccab29
This change removes remaining ASEC-related logic from the framework in
preparation for install refactoring.
Bug: 109941548
Test: install still works
Change-Id: Ic7322038e45c026bcc59800a5a9fafdbb461021f
Some time zone related libcore classes are moving from
libcore.util to libcore.timezone.
Bug: 119026403
Test: build only
Change-Id: Ic807977a85276b888362295d1d305effe33076fc
Provides a flag to let the system server and wallpaper picker know
if this wallpaper service supports multiple displays.
Bug: 115486823
Test: Manually test with modified wallpaper sample app.
Change-Id: I0c8b2c5d00bfd97d069511dda9965c557b5733c6
This change updates the permissions design to use app-ops for
controlling write access, which is only extended to the default app
for a particular collection type.
Bug: 119713234
Test: atest android.appsecurity.cts.PermissionsHostTest
Test: atest android.appsecurity.cts.ExternalStorageHostTest
Test: atest cts/tests/tests/provider/src/android/provider/cts/MediaStore*
Change-Id: I40811ff175b3b8410b58ed901948a23a56f8a8c2
1. Introduce Message.USER_LOCAL to allow caller to specify which
message is from the local user.
2. TextClassifierImpl will now encode the Person object to a user
id.
3. Fixed a bug in Person.equals check
BUG: 111437455
BUG: 111406942
Test: atest frameworks/base/core/tests/coretests/src/android/view/textclassifier/ActionsSuggestionsHelperTest.java
Change-Id: I6629f42244a402fa210f87afa88a629c2ca4a510
Adding API to install a system update from a file on the device.
Test: manual in TestDPC, CTS tests for negative cases: atest com.android.cts.devicepolicy.DeviceOwnerTest#testInstallUpdate
Fixes: 116511569
Change-Id: I34b5c6344301a9d2d64c98dedc4ed5e4a75c57d1
The launchers which running on secondary displays can set the desired
wallpaper dimensions and paddings on correct display.
Preset reasonable wallpaper size for newly added displays.
Add some error handling between the binder calls.
Note: We still only save/load wallpaper info for default display, as most of
time secondary displays are not fixed.
Bug: 115486823
Test: atest WallpaperManagerTest
Test: atest WmTests
Test: atest ActivityManagerMultiDisplayTests
Change-Id: Ifd1a96fa185f2d75825c6fe8d3db69466b31c5c8
If an app doesn't add any smart replies or smart (contextual) actions to
their (message) notifications the Android platform fills in smart
replies and actions for the app.
With this CL we add a way to opt out of system generated contextual
actions.
Bug: 119765729
Test: atest NotificationContentViewTest
Change-Id: I6190fd197f74b8353f7113f2d8ba86068c2b78ab
Change 1/2. Change 2/2 will setup the class loader namespace for
shared libraries.
This change sets up shared libraries class loaders for applications
and for dexopt.
bug: 111174995
Test: DexoptUtilsTest, device boots
Change-Id: Ie9a2b4eaa85cda59951703433f7a2d03bc12095d
This will allow apps to better manage many isolated processes,
telling the system how they are grouped together (so should be
managed as one related entity within the LRU cache) and fine-tune
the ordering within that group.
The API is not yet tested... though in theory it is implemented.
But the implementation done for that also fixes a *lot* of problems
with activity LRU management that, even without groups, should
make the ordering of processes in the LRU list much more consistently
match how recently the user has interacted with it.
Also clean up some of the new dumpsys output in the activity manager:
move the new sections to before the process output (so it is still
easy to see the process state at the end of the output), and add and
document the command line options for controlling them. And add a
new "lru" section that gives a clear view of what is going on with
the raw LRU list.
An upcoming change will add tests for the new grouping functionality,
and probably some fixes resulting from that.
Test: atest CtsAppTestCases:ServiceTest
Bug: 111434506
Change-Id: I1f6b6b9de66ccde1573e1a0e9615e8c5f8e6c0d7
Smart Action look similar to Smart Replies with an icon next to the
button text.
Smart Actions can be added either by an app, or by the framework itself
(through NotificationAssistantService).
The idea is that Smart Actions are really actions relating to the
content in the notification message.
The priority order of smart replies vs. actions will be dealt with in a
follow-up CL (i.e. whether we should prioritize showing smart actions
over smart replies).
Example notifications:
System generated:
https://screenshot.googleplex.com/f6p8uOMygeT.png
App generated:
https://screenshot.googleplex.com/VR6On1eh4CW.png
2 app generated actions:
https://screenshot.googleplex.com/QuM5e792xhb.png
Bug: 111406942
Test: manual tests = add custom actions directly in sys ui and ensure
they're shown in message notifications.
Test: atest SystemUITests
Change-Id: I0ce959b74e89bcabc69b76c50c1877e70d6f06df
This change adds RoleManager.setRoleNamesFromController() to allow
RoleControllerService to initialize the roles for a user. This change
also fixes the persistence of roles by calling writeAsyncLocked().
Bug: 110557011
Test: build
Change-Id: I921b6aa691478ca4c0dd1a75fc929a96ce1e7df5
This change fixes various issues realted to the role granting
flow, including allowing permission controller to be granted
SET_PREFERRED_APPLICATIONS for roles, granting
MANAGE_ROLE_HOLDERS permission to shell, and improving
RoleUserState XML parsing.
Bug: 110557011
Test: build
Change-Id: Ia095580ad497af9cf7b29e6bedab70046b09d542
Mostly mirrored off existing READ/WRITE_EXTERNAL_STORAGE app-ops,
but with new Aural/Visual runtime permission groups called out.
Bug: 117777783
Test: atest cts/tests/tests/provider/src/android/provider/cts/MediaStore*
Change-Id: Ibeb93428b6a20b33879117e455e9ef63af58f79e
Adds a hook to AppComponentFactory to allow control over the
instantiation of the main app class loader. LoadedApk creates
the default class loader and uses it to load the base APK. If
AppComponentFactory is declared in the manifest, its new method
instantiateClassLoader is called and its result becomes the
class loader used by LoadedApk to instantiate other classes
declared in the manifest. By default this is simply the class
loader created by LoadedApk.
Second method provides AppComponentFactory with a copy of
ApplicationInfo. The factory otherwise cannot locate any of the
app's resources, including its APK or the data folder.
Bug: 111342996
Test: atest CtsClassLoaderFactoryPathClassLoaderTestCases
Test: atest CtsClassLoaderFactoryInMemoryDexClassLoaderTestCases
Merged-In: Id21d9afaf00b9cb64a107bc9893b952407cff0b5
Change-Id: Id21d9afaf00b9cb64a107bc9893b952407cff0b5
(cherry picked from commit fd6dcc21d9)
The new storage work in Q will extend capabilities to the default
Gallery and default Music apps, and we'll be implementing the
management of those default apps using the new roles feature.
This change starts by defining these roles using a relaxed definition
that only uses the existing CATEGORY_APP_* intent filters.
Bug: 119713234
Test: manual
Change-Id: I9bd32b57313cf712ce7441bcadef702dac866a3f
Collection of the RSS high-water mark is moved to a separate atom to
improve performance, increase flexibility and overcome security
constrainsts.
Performance: avoid reading /proc/pid/status in ProcessMemoryState;
flexibility: allow pulling RSS high-water mark on a different schedule;
security: add single point where we can trigger the high-water mark
reset.
The RSS high-water mark will be removed from ProcessMemoryState and
NativeProcessMemoryState atoms in a followup-up CL to ensure that the
collected data is continuous.
Bug: 119598534
Test: atest UidAtomTests#testProcessMemoryHighWaterMark
Change-Id: I52da7b5e695f771f1551e1f6a6a773bded4504d1
I688e87cf09ad206f4f517a7be960c2aa01af8fc4, restricted privileged apps from silently becoming Device Admins.
Ia4e1ce9b81756e7f84ed0aa22d97e0b968cd8d89 added privileged APIs for locking the device and resetting the password.
We continue that work by providing an alternative for DevicePolicyManager#setKeyguardDisabledFeatures guarded by android.permission.CONTROL_KEYGUARD_SECURE_NOTIFICATIONS
Bug: 111153365
Bug: 112601004
Test: Secure notifications can be redacted on keyguard
Change-Id: If81cecf6e74f7abcff581a122c4b68cc04ff57c6
