Apps without sdcard_r or sdcard_rw are still able to write to
their package-specific directory, but someone needs to first make
that directory on their behalf. This change will delegate the
mkdirs() call through to vold when an app fails to create directly.
MountService validates that the path belongs to the calling user, and
that it's actually on external storage, before passing to vold.
Update Environment to make app-vs-vold paths clearer.
Bug: 10577808
Change-Id: I43b4a77fd6d2b9af2a0d899790da8d9d89386776
Removed boolean param to ask for exception on detached fd. Use a
subclass of IOException instead.
Bug: 10461576
Change-Id: If7db16120297edcdb7d5d5905ed453003be0e38e
Code path to release content provider associated with the PFD was
inadvertently bypassed by a previous change. Reinstate that code
when closing the PFD.
Bug: 10767447
Change-Id: I23306cfb3c28c99e587892b17ca85efd3f7a8a07
This significantly reworks the logging we do when
all cached processes are killed:
- We now collect the list of processes in-place so we
have a snapshot of exactly when the low memory situation
happened.
- In that snapshot we include the key process state: oom
adj, proc state, adj reasons.
- The report then asynchronously collects pss information
for those processes.
- The ultimate data printed to the log looks like a mix
between the "dumpsys meminfo" and "dumpsys activity"
output. This code no longer uses "dumpsys meminfo"
itself, so some of that data is no longer included,
in particular pss organized by allocation type.
In doing this, I realized that the existing code that is
supposed to run "procstats" is not currently working. And
at that point I realized, really, when we are collecting
this pss data we'd really like to include all those native
processes using ghod-only-knows how much RAM. And guess
what, we have a list of processes available in
ProcessCpuTracker.
So we now also collect and print information for native
processes, and we also do this for "dumpsys meminfo" which
really seems like a good thing when we are printing summaries
of all pss and such.
I also improved the code for reading /proc/meminfo to be
able to load all the interesting fields from there, and
am now printing that as well.
Change-Id: I9e7d13e9c07a8249c7a7e12e5433973b2c0fdc11
Documents searches now happen root-wide, instead of only under a
subdirectory. Updates abstract class and flags to match. Add flag
for a root to indicate it's empty, and hide empty roots in UI unless
creating.
Define "Documents" public directory and storage backend to contain
files.
Bug: 10712057, 10710865, 10710758
Change-Id: I8716367568969f9cb1d83927b2bf5a7013809350
java.lang.SecurityException: Operation not allowed
There was a situation I wasn't taking into account -- components
declared by the system has a special ability to run in the processes
of other uids. This means that if that code loaded into another
process tries to do anything needing an app op verification, it will
fail, because it will say it is calling as the system package name but
it is not actually coming from the system uid.
To fix this, we add a new Context.getOpPackageName() to go along-side
getBasePackageName(). This is a special call for use by all app ops
verification, which will be initialized with either the base package
name, the actual package name, or now the default package name of the
process if we are creating a context for system code being loaded into
a non-system process.
I had to update all of the code doing app ops checks to switch to this
method to get the calling package name.
Also improve the security exception throw to have a more descriptive
error message.
Change-Id: Ic04f77b3938585b02fccabbc12d2f0dc62b9ef25
netd now tracks statistics for tethered interfaces across tethering
sessions, so switch to asking for all tethering stats. (Currently
we're double-counting all tethering data, ever since it started
tracking across sessions.)
Also catch OOME to handle corrupt stats files, which we then dump to
DropBox and then start over.
Bug: 5868832, 9796109
Change-Id: I2eb2a1bf01b993dd198597d770fe0e022466c6b9
Fix a race when quitting the looper's message queue that could
cause the mPtr field to be zeroed out and the native object to
be destroyed while still in use.
This happened due to an optimization that was intended to release
the native looper's file descriptor as soon as the last message
was processed rather than waiting for the finalizer to run.
Bug: 9726217
Change-Id: I695a9a657acfdb3ce65a5737ff20cd11113d15fa
Able to config network specific MTU size. Normally, the default size of MTU is 1500.
US - ATT 1410, TMUS 1440, SPRINT 1422
KR - SKT 1440, KT 1450, LGU+ 1428
JP - KDDI 1420, SoftBank 1340
CA - RGS 1430, FIDO 1430, MTS 1430, BELL 1358, SaskTel 1358
AU - TEL 1400
Bug: 10195070
Change-Id: Ie18650b37a3d44af944f2dae4aa97c04fb12cd5e
- Under a normal situation, if an exception happens in managed, the stack trace
will be printed to logcat.
- Hitherto, the Binder#execTransact call silently caught exceptions and passed
them to the remote side with Parcel#writeException
- Although this behavior might be acceptable when there is a remote side,
for FLAG_ONEWAY calls the exception effectively disappeared.
- From the user point of view, it looked like code execution "halted" when an
exception was thrown.
This tries to make the binder exception handling behavior more like normal,
by printing the exception to the log, to give a better indication of what
happened.
Change-Id: I1f37f0468f61e766a71db60d2fda2104936ab096
Using a contract class requires that a provider implement it exactly
with little help. This change introduces a DocumentsProvider abstract
class that provides a client-side implementation of the contract that
greatly reduces developer burden, and improves correctness.
This also moves to first-class DocumentRoot objects, and moves calls
with complex side effects to be ContentProvider.call() invocations,
offering more granular permission control over Uri operations that
shouldn't be available through Uri grants.
This new design also relaxes the requirement that root information be
burned into every Uri. Migrate ExternalDocumentsProvider and
DocumentsUI to adopt new API.
Bug: 10497206
Change-Id: I6f2b3f519bfd62a9d693223ea5628a971ce2e743
1. Added support for selecting a printer from the all printers activity
that is not in the initial printer selection drop down. The user
initially sees a sub set of the printers in the drop down and the
last option is to see all printers in a separate activity. Some
of the printers in the all printers activity are not shown in the
initial drop down.
2. Refactored printer discovery by adding (private for now) printer
discovery app facing APIs. These APIs are needed to support multiple
printer selection activities (print dialog and all printers activities)
and also the settings for showing all printers for a service.
Now multiple apps can request observing for printers and there is
a centralized mediator that ensures the same printer discovery
session is used. The mediator dispatches printer discovery specific
requests to print services. It also aggregates discovered printers
and delivers them to the interested apps. The mediator minimizes
printer discovery session creation and starting and stopping discovery
by sharing the same discovery session and discovery window with
multiple apps. Lastly, the mediator takes care of print services
enabled during discovery by bringing them up to the current
discovery state (create discovery session and start discovery if
needed). The mediator also reports disappearing of the printers
of a service removed during discovery and notifies a newly
registered observers for the currnet printers if the observers are
added during an active printer discovery session.
3. Fixed bugs in the print UI and implemented some UX tweaks.
Change-Id: I4d0b0c5a6c6f1809b2ba5dbc8e9d63ab3d48f1ef
When reading from the end of a pipe or socket, there is no way to
tell if the other end has finished successfully, encountered an error,
or outright crashed. To solve this, we create a second socketpair()
as a communication channel between the two ends of a pipe or
socket pair, sending a status code with details about why the
ParcelFileDescriptor was closed.
The writer end of a pipe or socket can closeWithError() to send a
message to the reader end. When the reader encounters EOF, they
call checkError() to detect if any error occured. This also detects
the case where the remote process died without sending a success
message.
This design is also extended to support regular files on disk, using
the communication channel above to detect various remote close events
or crashes, and delivering that event to a supplied OnCloseListener.
Replaces JNI with best-practice Libcore.os calls, and deprecates
some flags to match Context.
Bug: 10330121
Change-Id: I8cfa1e4fb6f57397667c7f785106193e0faccad3
Provide developer APIs to discover application-specific paths on
secondary external storage devices. Covers files, cache, and OBB
directories. Apps will not have write access outside their package-
specific directories on secondary devices, so only primary storage is
exposed through Environment.
Creation of .nomedia files will be handled by FUSE daemon in future
change.
Change-Id: Ifcce6201a686d80269d7285adb597c008cf8fa7c
Bug #10228005
From the ThreadPoolExecutor documentation:
- If fewer than corePoolSize threads are running, the Executor
always prefers adding a new thread rather than queuing.
- If corePoolSize or more threads are running, the Executor
always prefers queuing a request rather than adding a new thread.
- If a request cannot be queued, a new thread is created unless
this would exceed maximumPoolSize, in which case, the task will
be rejected.
Before this change AsyncTask could create up to 128 threads because
of the limited queue of 10 items (the capacity of a blocking queue
is fixed.)
This change increases the size of the queue to 128 items and reduces
the maximum number of threads to the number of CPU cores * 2 + 1.
Apps can still submit the same number of tasks.
Change-Id: I015d77b53b6a9fda39c618830b34d45a10de5571
The FUSE daemon is using packages.list to map from package name to
appId after it drops permissions, so create a new "package_info" GID
to grant read access.
Also switches FileUtils to use Libcore.os.
Change-Id: I9451ca4e90e8a985526805c6df0888a244a1db36
Also fix a bug where, when parceling the stats, we were
computing the final duration values too late. We need to
do that before we write the long table.
Change-Id: Idb6c1ed95417448c56973fe5866bfb3570e525f4
Available for retrieval via future APIs if desired. Dumped by dumpsys.
Not added to batterystats or ACTION_BATTERY_CHANGED intents at this point.
Also fixes a formatting problem in the existing dumpsys output for voltage.
Change-Id: I5320b19035914256fb872c13095c09c648dd522a
ProcessStats is now called ProcessCpuTracker.
ProcessTracker is now ProcessStatsService, and its inner State
class is broken out into a separate top-level ProcessStats class.
This ProcessStats is moved to the framework, so we will be able
to use it elsewhere.
Change-Id: I6a127bcb835b6b474b72647c0b99b82c2137e5c5
The bindService() and startService() calls have always had
undefined behavior when used with an implicit Intent and there
are multiple matching services. Because of this, it is not
safe for applications to use such Intents when interacting with
services, yet the platform would merrily go about doing... something.
In KLP I want to cause this case to be invalid, resulting in
an exception thrown back to the app. Unfortunately there are
lots of (scary) things relying on this behavior, so we can't
immediately turn it into an exception, even one qualified by the
caller's target SDK version.
In this change, we start loggin a WTF when such a call happens,
and clean up some stuff in Bluetooth that was doing this behavior.
Change-Id: I62e25d07890588d2362104e20b054aebb6c0e007
The Process natives were getting called were getting called while
handling a jdwp packet before the vm had a chance to register them.
(cherry-pick of 5bce6a308fc8a3c1e449cf905b8b6e8ace4ef3e2.)
Change-Id: Ia2b4f79b11e427283a712b2d0c52948f394640bf
