The path-permission element offers prefix or regex style matching of
paths, but most providers internally use UriMatcher to decide what
to do with an incoming Uri.
This causes trouble because UriMatcher uses Uri.getPathSegments(),
which quietly ignores "empty" paths. Consider this example:
<path-permission android:pathPrefix="/private" ... />
uriMatcher.addURI("com.example", "/private", CODE_PRIVATE);
content://com.example//private
The Uri above will pass the security check, since it's not
technically a prefix match. But the UriMatcher will then match it
as CODE_PRIVATE, since it ignores the "//" zero-length path.
Since we can't safely change the behavior of either path-permission
or UriMatcher, we're left with recovering these shady paths by
trimming away zero-length paths.
Bug: 112555574
Test: atest android.appsecurity.cts.AppSecurityTests
Test: atest FrameworksCoreTests:android.content.ContentProviderTest
Merged-In: Ibadbfa4fc904ec54780c8102958735b03293fb9a
Change-Id: Ibadbfa4fc904ec54780c8102958735b03293fb9a
If an app was in the TOP state and immediately moved
to a foreground service state, then try harder to keep it
in memory for another 20 seconds before releasing the
memory to bound foreground services. Using an oom_adj value
of 50 which is between "fore" and "vis". So BFGS apps might
get killed ("vis") before this recently FGS'ed app. That
way any app that has a lot of state in memory that it needs
to persist before getting killed has a chance to do so.
Also bind NotificationListeners with a special bind flag
to rank them below FGS (perceptible adj) so that they
can be killed before any other foreground services or
bound services get killed.
Bug: 110969183
Test: Manual for now. Take a bunch of portrait
pictures and hit home, while being under memory
pressure with a bunch of notification listeners.
Change-Id: Ie8934c2331afe6450c582b209869aeca7272f58a
Merged-In: Ie8934c2331afe6450c582b209869aeca7272f58a
Removed unused imports android.app.Activity and
android.os.UserHandle because of checkstyle fail.
Test: make ds-docs
Bug: 111760788
Change-Id: I2852fea6c4b55a3422712c113d081abd40d02dfd
Applying this mechanism for system carrier apps to make visibility
reasonable from the user's perspective. In other words, before
hidden system apps have been installed, they wouldn't be listed
via APIs in PackageManager which are used at all apps list and
search in Settings and so on.
Test: atest CarrierAppUtilsTest
Test: atest PackageManagerTest
Test: cts DeviceOwnerTest
Test: gts ManagedProfileProvisioningHostsideTest
Bug: 74068582
Change-Id: I1f23aba589b98351a1871a44a3058b67c416f351
This reverts commit 44c4ca41d8.
Reason for revert: Wanted to go with a different option and this was mistakenly Dr. No'ed.
Bug: 80444486
Test: clean revert
Change-Id: I7fdd13a5bc0f4d9fabf91f3e5497c4065008b531
Update the logic in PackageParser to avoid unistalled system app
can't be found.
Test: follow steps on b/80444486 and can add account normally
Test: PackageManagerTest
Bug: 80444486
Change-Id: Ifafac34111d883e51563018be793655c25d09fba
There's an escape clause that passes the cross user permissions
if the caller UID is identical to the target user ID [eg. we're not
operating across users]. However, the method getInstalledPackagesList()
uses android.permission.INTERACT_ACROSS_USERS to filter the results and
a calling UID check is not sufficient. Ensuure the permission is
actually held, regardless of the calling UID or target user.
Change-Id: Iebf88668766d387a15246d6eea6420610665105a
Fixes: 80435086
Test: atest CtsAppSecurityHostTestCases:ApplicationVisibilityTest
This would be use to determine the right activity state during CTS
test for products that have windowSwipeToDismiss set.
Also, dump ActivityRecord.fullscreen to proto for the same reason.
Bug: 76207986
Bug: 79167358
Test: atest CtsActivityManagerDeviceTestCases:ActivityLifecycleTests
Test: atest CtsActivityManagerDeviceTestCases:ActivityManagerAssistantStackTests
Change-Id: Iadc088e9129be088b8a083ebbafd8d20fe26b673
Applying this mechanism for system carrier apps to make visibility
reasonable from the user's perspective. In other words, before
hidden system apps have been installed, they wouldn't be listed
via APIs in PackageManager which are used at all apps list and
search in Settings and so on.
Test: manual
Test: atest CarrierAppUtilsTest
Test: atest PackageManagerTest
Bug: 74068582
Change-Id: Id3ff138ad529b909d9bbf6719af3a553b909ccbb
Exemption given to a sync request made by a foreground app (including
PROCESS_STATE_IMPORTANT_FOREGROUND).
At the schedule time, we promote the sync adapter app for a higher bucket:
- If the device is not dozing (so the sync will start right away)
promote to ACTIVE for 1 hour.
- If the device is dozing (so the sync *won't* start right away),
promote to WORKING_SET for 4 hours, so it'll get a higher chance to be started once the
device comes out of doze.
- When the sync actually starts, we promote the sync adapter app to ACTIVE for 10 minutes,
so it can schedule and start more syncs without getting throttled, even when the first
operation was canceled and now we're retrying.
Test: atest cts/tests/tests/syncmanager/
Test: Manual test with "requestsync -f" and "am set-standby-bucket", while checking
"dumpsys usagestats"
Test: settings put global app_idle_constants \
exempted_sync_scheduled_nd_duration=1,exempted_sync_scheduled_d_duration=2,exempted_sync_start_duration=3
and check "dumpsys usagestats" and make sure the constants are properly updated.
Fixes: 72443754
Change-Id: I233d8e4be85769150830bac798abc04810f4cc7b
As CDD text is likely to change in this area, rather than attempt to
keep them in sync we'll just defer to CDD for the official definition.
Test: N/A
Bug: 79440478
Change-Id: Ibd352af626f192eac9a4dfa2fafe675a3955270e
MANAGE_USERS is a widely used permission and setPackagesSuspended is a
dangerous API. Also having a lot of apps which can use the api can lead
to complications like them suspending each other.
Test: Existing tests with SUSPEND_APPS pass:
atest com.android.server.pm.SuspendPackagesTest
Existing permission tests without SUSPEND_APPS pass:
atest GtsSuspendAppsPermissionTestCases
Bug: 79773970
Change-Id: I49d81c0254c6ba528c50ece960a0db277c0afd7f
In the current design, IdleController of Job service considers devices as ‘idle’ after 71 minutes of screen off. But under docking use scenario, devices screen might remain on for a very long time and it’s not necessary implying the device being interactive with users.
So create a mechanism for device to enter the ‘idle’ state that JobScheduler can kick off idle tasks.
Bug: 79183658
Test: atest DeviceStatesTest
Change-Id: I5b307ca51e28ffca63f79a9c43984c3b76e51629
All of these activity-start intents might be unimplemented on some
Android products. Document this to make sure that developers are
aware of the need to safeguard against this.
Bug: 68300743
Bug: 62201251
Bug: 69587018
Fixes: 77282739
Test: atest CtsContentTestCases:.AvailableIntentsTest
Change-Id: Ia2346d03ccb7f2bdad2b84ba9efff72413fdc3c2
This change adds much needed detail to the new MATCH_EXTERNAL flag,
explaining some of the behavior changes that come with using it.
Test: none
Bug: 63117034
Bug: 79325769
Change-Id: Iab320d2171ffe8d8012a2928656ea61d5e0f0862
(Minimal change for P, full change already in master)
Test: looked at package installer UI and saw that labels are not
truncated anymore.
Bug: 77964730
Change-Id: Ia181288a90501f4f563d24dacd6edb0c81406b82
Teach the OMS about static RROs (those with <overlay isStatic="true">)
and add a new OVERLAY_ENABLED_STATIC state to OverlayInfo. This makes
isStatic less of an edge case and something that can be reasoned about
together with the other states.
Bug: 78809704
Test: atest OverlayHostTests OverlayDeviceTests
Change-Id: Ia785554ed2bcf7679888c3ccdaeaedca1430a477
When an overlay package has been upgraded, OMS needs to reconcile any
previous settings about the overlay with the new state of affairs.
Sometimes it is possible to rebase the OMS settings on the new
information [e.g. the overlay has changed categories]; sometimes the OMS
settings have to be scrapped [e.g. the overlay has changed target
package]. Update OMS to do The Right Thing.
Bug: 78809704
Test: manual (adb shell stop, adb push specially prepared overlays, adb shell start, adb exec-out cmd overlay dump)
Change-Id: Icd1ae633dbee5b5ca957fa6b652af6209b4b1260
OverlayInfo.category was inadvertently omitted when calculating the hash
code for an OverlayInfo.
Bug: 78809702
Test: atest OverlayHostTests OverlayDeviceTests
Change-Id: Id196307f75569d851503ffd8ef778aec50c2de37
This doesn't make sense on things like watches and appliances,
so make this an optional feature that the device must enable.
If the feature is not set, then the system will ignore
the app's request.
Bug: 76213401
Test: atest CtsAppTestCases:ActivityManagerProcessStateTest
Change-Id: I91abf9d86ec14fa632e3bcc83c4a3febade5d2e4
* limit the absolute maximum size of the label to 50000 characters
[which is probably far more than necessary, but, can be dialed down]
* use a string buffer while processing the string [instead of creating
multiple string objects]
Bug: 62537081
Test: Manual. Install APK in bug and see that it can be uninstalled
Change-Id: Ibf63c2691ad7438a123e92110d95b1f50050f8b1
In certains circumstances, only the base and split APKs were included in
the "old paths" list when updating the application info. Instead, this
list should contain _all_ elements, including any additional libraries
that may be added to the overall classpath.
Bug: 77342775
Test: Manual. Install a package. Install a split with --dont_kill. See that the path doesn't contain duplicate entries
Change-Id: Id9739cce215ab07bff1b17966583c0cf51a0b34a
Periodically remove references from the list whose referents have been
garbage collected.
Bug: 73961798
Test: Device boots.
Test: Take a heap dump of systemui and manually check that the state of
ThemeRefs looks reasonable.
Change-Id: I691027feb5dd217bcb60406b28897b9614e2a845
Clarify that the method does not imply the screen is color-managed.
A global color transform may still be applied depending on the user
settings, such as night light, accessibility, Boosted, or Stretched.
Bug: 78012876
Test: builds
Change-Id: Ie9cdf455cf4ca93be2357a5313cd63555ab91ff9
