For now, assume a class named <package_name>.ZygotePreload
exists, with a method named doPreload() to do the preload.
This should probably be replaced by having an entry in
the manifest.
Bug: 111434506
Test: preload called
Change-Id: Id632e46087eb5c719e6b310ffe007f76d3cbaf7d
Introduce a new range of app-zygote isolated UIDs, [90000..98999].
For each app that uses an application Zygote, allocate a range of
100 isolated UIDs. The application Zygote for an app will get a
UID out of that range, and all other children that are forked
from that zygote will get a UID from the same range.
Bug: 111434506
Test: app Zygote and its children run in the new range of
isolated UIDs (with SELinux disabled). New set of
tests for UID allocators pass.
Change-Id: I7a6883a5ddb95683932c93ea77f4e52d8f37fa4f
When an application has requested isolated services to be spawned
from an app zygote, we need to spawn the app zygote itself, and then
ask it to fork an isolated service.
The application zygote currently only creates the class loader, and
doesn't do much else. We keep track of the isolated services that
use the app zygote, and when the last isolated service goes away,
we stop the app zygote itself (after a timeout).
The app zygote itself runs with the app's UID and under the app
seccomp filter. That last one is too restricted, so this currently
only works with SELinux disabled.
Future CLs will add an application callback for preloading.
Test: start multiple isolated services with useAppZygote="true",
verify app_zygote starts, services start as a child of
app_zygote. Stopping all services stops app_zygote as well.
Bug: 111434506
Change-Id: I10ee1d4bd148c9298974d434fbc5e5eccbec16cb
This fix is a continuation for fixing 116610086
ResolverComparator identifies that it's dealing with a http/https scheme
The original behaviour was to prefer native apps that can handle that
specific URL over browser apps. This behaviour is preserved with the
exception of the Default Browser, as it will be preferred over all other
apps and will be displayed on top, then will be followed by native apps.
In addition, removed unused imports in ResolverComparator (import
ERRORs that prevented the pre-upload repo hook scripts from passing)
Bug: 116610086
Test: manually tested on device (Pixel 2XL) with multiple users
Test: atest ResolverListControllerTest
Change-Id: Ifd5da932c6f9d9cb4bf0a97985d0f9fb7bc2cb69
Members modified herein are suspected to be false positives: i.e. things
that were added to the greylist in P, but subsequent data analysis
suggests that they are not, in fact, used after all.
Add a maxTargetSdk=P to these APIs. This is lower-risk that simply
removing these things from the greylist, as none of out data sources are
perfect nor complete.
For APIs that are not supported yet by annotations, move them to
hiddenapi-greylist-max-p.txt instead which has the same effect.
Exempted-From-Owner-Approval: Automatic changes to the codebase
affecting only @UnsupportedAppUsage annotations, themselves added
without requiring owners approval earlier.
Bug: 115609023
Test: m
Change-Id: I020a9c09672ebcae64c5357abc4993e07e744687
With my previous CL [1], InputMethodManagerService#setInputMethod() is
now guaranteed to be called only from IInputMethodManager and
IInputMethodPrivilegedOperations as 'adb shell ime set' no longer
directly calls this method (with null IME token).
With this CL, IInputMethodManager#setInputMethod(), which has been
kept just for null IME token rule, is finally gone. This is achieved
by letting InputMethodManager#setInputMethod() directly update
DEFAULT_INPUT_METHOD (and SELECTED_INPUT_METHOD_SUBTYPE) secure
settings if a priviledged component still relies on this undocumented
null IME token rule.
[1]: I6fd47b5cc1e7da7222774df20247a2c69a70f45b
db25df71be
Fix: 114488811
Test: atest CtsInputMethodServiceHostTestCases
Change-Id: I42dd0325b01c527009bf85566ca8ba0766b2294e
Hopefully no one has relied on this undocumented behavior that when
the caller has WRITE_SECURE_SETTINGS then null IME token is allowed in
IMM#setInputMethodAndSubtype().
Note that if the caller had WRITE_SECURE_SETTINGS they can achieve the
same goal by directly updating the following secure settings:
* Settings.Secure.DEFAULT_INPUT_METHOD
* Settings.Secure.SELECTED_INPUT_METHOD_SUBTYPE
Bug: 114488811
Test: CtsInputMethodServiceHostTestCases
Change-Id: Ic5c59299ace16778fc57a4ec2639508564f416a7
It seems that InputMethodManager#getShortcutInputMethodsAndSubtypes()
was designed to be a bit more generalized concept, but in reality it
just ended up being a convenient API that returns a single Voice IME
subtype if exists. As far as we can tell, It has never returned two
or mode pairs. It also has never returned non-voice
InputMethodSubtype.
In order to support per-profile IME mode in InputMethodManagerService
without introducing a bunch of new complexity and technical debt, this
CL re-implements IMM#getShortcutInputMethodsAndSubtypes() based on how
it has been used actually in the ecosystem.
The first thing this CL changes is that
IMM#getShortcutInputMethodsAndSubtypes() no longer takes subtype
locale into account when looking for the best voice IME subtype. This
is because InputMethodSubtype is no longer a recommended way to
represent IME languages. Ignoring subtype locale makes the
implementation much easier to understand and maintain.
The second thing this CL changes is that
IMM#getShortcutInputMethodsAndSubtypes() is now just a utility method
that is implemented in the client side on top of other well-defined
public APIs such as IMM#getEnabledInputMethodList() and
IMM#getEnabledInputMethodSubtypeList(). This means that this API
becomes per-profile IME ready for free once other public APIs become
per-profile IME ready.
[1]: Ibd0f7ef5101013569c303820a3adc9038a97356d
4e4569dab5
Bug: 120709962
Test: AOSP Keyboard still shows voice IME shortcut when the device has
one or more IMEs that expose voice InputMethodSubtype.
Change-Id: Iaf31e9f3213f4e644b64c9658f1b59d371e3c2b4
The initial implementation of AbstractPerUserService assumed the
AbstractRemoteService instances would be created in demand, because that was
the aproach used by Autofill (to minimize the time system service is bound to
the autofill service process).
But for other systems like ContentCapture, it makes more sense to keep a
permanent connection to the remote service, which is running all the time, so
this change changes the infra to allow such permanent connection (which includes
defining an idle timeout value that never unbinds).
Bug: 117779333
Test: atest CtsContentCaptureServiceTestCases CtsAutoFillServiceTestCases
Change-Id: I43386a3fddc56f1dfd6e4e55f243eaa297921123
ResolverActivity now identifies that the intent is a browsable intent,
and thus omits the Always button and replaces it with a settings button
tha can be used to configure the user's wanted behaviour.
Also prints out a message explaining that the user is giving the app
an access to open URLs from a specific host.
Bug: 116610086
Test: manually tested on device (Pixel 2XL) - will add unit test to
document behaviour
Change-Id: I81988b9a4d082bc1e6491186d39532fd283f2ede
Exempted-From-Owner-Approval: Mechanical changes to the codebase
which have been approved by Android API council and announced on
android-eng@
Bug: 121237128
Bug: 120783643
Test: m appcompat
Change-Id: Ib7a8bdf3151290aa8a5ca85dc8650612432f0d59
This change adds simple APIs to watch for noted ops. We are now
reporting a callback for every note which could lead to too many
call but until this is found to be the case we stick to the simple
solution. We already have APIs to watch started and stopped ops
which in theory could have the same frequence as noted ops, so
this is consistent to our approach.
bug:117617221
bug:119323172
Test: atest androidx.test.runner.AndroidJUnitRunner
Change-Id: I46c4b00e765eb14df8c30471d2b80dda905b8125
This is often known by the system, though not always. But when
we do know it, it is really useful to maintain that info so we can
do queries like "give me all of the associations that package X is
involved with".
Bug: 121146315
Test: manual
Change-Id: I0dd7aeb9147ecfd65a510d3b2a8bb4a0fbab57e3
This is needed by making the setup wizard use only system-api.
Test: Built, switched USB port state
Change-Id: I8e56859a5b36e7de91691522a34f7d6f62dcbb20
Fixes: 115301401
Log (using TRON)
1. when smart replies and actions are shown in a notification, and
2. when a smart action is clicked.
Bug: 120767764
Test: manual - use logcat to ensure we log the correct values when a
notification is expanded / smart action is clicked.
Change-Id: I85dbc3ee355997142ad71b7b67a759e8fede94b6
Moving forward as we start enabling isolated storage in various
dogfood groups, we'll need to maintain separate values for the
feature flag for both "local" and "remote" opinions. Any strongly
expressed local opinion will always take precidence over any remote
opinion.
Any changes to these feature flags means that we need to invalidate
any PackageManager parsed APKs, since PackageParser changes it's
output depending on the flag state. Since other feature flags are
likely to need this type of invalidation in the future, define the
PackageManager cache using a SHA-1 hash of a collection of values
that should invalidate the cache.
Bug: 112545973
Test: atest android.os.SystemPropertiesTest
Change-Id: Ifafcdf15e40e694eb4126e06981aeb82df51da33
In general cases, we don't have multiple input methods simultaneously.
So that it may not make sense to have multiple focused window in the
system. Especially when there are multiple blinking cursors of input
boxes on different displays, the user may not be able to know which
input box can receive key events. In these cases, we let the system
has only one focused window.
In some cases, there can be multiple input methods simultaneously (one
for each display). To enable multiple users to interact with the
corresponding displays at the same time, we should let the system have
per-display focused window in these cases.
This CL makes per-display focus optional, and also reverts ag/5312657
Fix: 120241480
Fix: 120790099
Test: atest ActivityManagerMultiDisplayTests \
CtsWindowManagerDeviceTestCases \
WmTests
Change-Id: Ie030eed523599b217060887171710692d050e5d8
