When activity that is moved between displays handles all configuration
changes, it won't be restarted. This CL adds a callback to the client
to notify it about display change. Usually it will be followed by
onConfigurationChanged, except when configuration didn't actually change.
When activity is recreated, it won't receive onMovedToDisplay.
Bug: 34862802
Test: android.server.cts.ActivityManagerDisplayTests
Test: #testOnMovedToDisplayCallback
Change-Id: I9a9501cab788623ada15a31efb53e4b2378639fe
being out of sync with total count, due to nesting. Only update
the counter if nesting is 1.
Test: runtest -x
frameworks/base/core/tests/coretests/src/com/android/internal/os/BatteryStatsSensorTest.java
Change-Id: Iabb153550a79afa9902569bbbbdb5815decdc613
Fixes: 34750473
Commit https://android.googlesource.com/kernel/common/+/f0ce0eee added
CAP_SYS_RESOURCE as a capability check which would allow access to
sensitive /proc/PID files. system_server uses this capability to collect
smaps from managed processes. Presumably this was done to avoid the
implications of granting CAP_SYS_PTRACE to system_server.
However, with SELinux enforcement, we can grant CAP_SYS_PTRACE but not
allow ptrace attach() to other processes. The net result of this is that
CAP_SYS_PTRACE and CAP_SYS_RESOURCE have identical security controls, as
long as system_server:process ptrace is never granted.
Add CAP_SYS_PTRACE to the set of capabilities granted to system_server.
Don't delete CAP_SYS_RESOURCE for now. SELinux has blocked the use of
CAP_SYS_RESOURCE, but we still want to generate audit logs if it's
triggered. CAP_SYS_RESOURCE can be deleted in a future commit.
Bug: 34951864
Test: Device boots, functionality remains identical, no sys_resource
denials from system_server.
Change-Id: I2570266165396dba2b600eac7c42c94800d9c65b
Escrow token provides an alternative way to derive synthetic password for a
given user. In the new flow, a pre-provisioned escrow token
should be able to do anything the user password can do, since they both
derives the synthetici password which is the master key in the new auth flow.
Test: runtest frameworks-services -c com.android.server.SyntheticPasswordTests
Bug: 33126414
Change-Id: Ib5ee38fd61f66de3245427ce992ebc12f1873a26
The user password is used to unlock a per-user synthetic password which
serves the purpose of what the user password previsouly achieves (protect
keystore, vold disk encryption, auth token generation).
Test: runtest frameworks-services -c com.android.server.SyntheticPasswordTests
Test: manual
1. Start with fresh device, enable synthetic password with "adb shell cmd lock_settings sp 1"
1.1 add device lock, reboot and verify (positive & negative); change device lock, reboot and verify.
1.2 Inflate a work profile, reboot and verify device lock. check SID with "adb shell dumpsys lock_settings"
1.3 Un-unify and add work challenge, reboot and verify work challenge and SID.
1.4 Re-unify work challenge, reboot and verify.
1.5 Clear device lock, reboot and verify lock and SID.
2. Start with a fresh device, add a device lock and inflate a work profile.
2.1 Enable synthetic password, note current SID
2.2 Reboot and unlock device. Verify synthetic password is generated and SID remains.
2.3 Clear device lock, reboot and verify (SID should be cleared)
3. Start with a fresh device, inflate a work profile, add separate work challenge
3.1 Enable synthetic password, not current SID
3.2 Reboot and unlock device and profile. Verify synthetic password is generated.
3.3 Clear device lock only, reboot and verify (work profile SID should remain)
All steps tested on marlin (FBE) and bullhead (FDE)
Bug: 33126414
Change-Id: Idb9ebfc7bba2fe40670c5fee2189e873d9704540
We already does this on start. Now we also do the same when
the list of options changes.
Test: locally on device
Bug: 34470067
Change-Id: Ib184d67b532c5afd584fb9cd52daac69a7c50d0a
Add a --preload-default command that instructs the zygote to preload
resources. The command is a no-op if resources have already been
preloaded.
Test: manual.
Change-Id: I4a846a7d911fa929af472d9071ffbff6df424176
The color of the icon was happening in a
non-animated way. We're now animating the
color properly.
This also fixes an issue where the action
bar could be fully black.
Test: add colorized notification, observe animation
Fixes: 35308322
Change-Id: I4fbc1794fc027efb42eee3ee8f06fd9d8c513456
The same application can run as either an instant app or an installed
app. Store this setting per-user instead of based upon the install
location.
Bug: 25119046
Test: cts-tradefed run commandAndExit cts-dev -m CtsAppSecurityHostTestCases -t android.appsecurity.cts.EphemeralTest
Change-Id: Iff565bb1ac10d631499f0bd0f69b401cb073c10e
The offset used to adjust MotionEvents for swipe velocity tracking
was incorrect, and caused issues when touch points where close
together. Fixed the offset used, which resolved swiping issues.
Bug: 34673753
Change-Id: Ide6060b511510bcf299e3db778e6ffc6afda5e19
By definition, the zygote in question is lower priority if lazy
preloading is enabled. We therefore reset the zygote process'
niceness to 0 as soon as it comes up, rather than having it stick
around as a higher priority process until we eventually ask it
to load the default set of resources.
Test: manual.
Change-Id: I3ccfc0e7c3fdebf5f798d90b53140a554bf64c20
Cancelling swipe-to-dismiss will trigger a check to ensure the window
is reset to its original state. Ensure that the reset is actually
required before setting the new layout attributes.
Bug: 34816397
Change-Id: Idf26ce7c8b63dc44a76effefcb32eb8d8665f605
This is part of work to introduce historical debugging infrastructure
for Android IME.
In this CL, we will focus on the following two event flows.
A1. IMMS#attachNewInputLocked() queues MSG_(RE)START_INPUT to deliver
new InputConnection/EditorInfo to the current IME
A2. The IME triggers IMS#onStartInput()/IMS#onRestartInput() and
updates the following fields:
- InputMethodService#mStartedInputConnection
- InputMethodService#mInputEditorInfo
B1. IME is expected to call back IMM#setImeWindowStatus() to notify
its window visibility change to IMMS.
B2. IMMS updates the following field if the caller is still the
current IME.
- InputMethodManagerService#mImeWindowVis
What this CL aims to do is to enable IMMS to access A1 state when it
was in B2 state, by considering that for given a B1 the last A2
happened before B1 is the cause of B1 and B2.
To do this, IMMS issues a binder token in A1 and each IME keeps it
so that it can be passed in B1. By using this Binder token as a key,
IMMS can keep tracking state snapshot taken from each A1. Note that
those state snapshots keep alive until the Binder token's proxy in the
IME process loses strong reference from its GC root.
Test: Make sure `adb shell dumpsys input_method | grep mImeWindowVis`
matches to the IME window visibility.
Test: Make sure the current IME is not receiving any
InvalidParameterException from IMMS.
Bug: 35079353
Change-Id: I9921b381e02106dbffff5e0b3d13f0a1245ce807
