The PackageInstaller app manages side-loading apps as well
as permission management. It should be updatable, hence
should rely on system APIs to talk to the platform. This
is the first step of defining an API boundary.
Change-Id: I9814eafd0b22ae03b4b847a7007cdbf14c9e5466
Adds setSustainedPerformanceMode(boolean) API for applications to set
the mode for a given window. The mode will be disabled automatically when the
window is no longer in focus.
Bug: 28150358
Change-Id: Ibe8bc564eeaaccbcaad5c4f792cda16da931dffd
Signed-off-by: Ruchi Kandoi <kandoiruchi@google.com>
BatteryStats uses a mix of microseconds and milliseconds, and keeping
which one is which straight is difficult. The internal bookkeeping
is left using us where it already does, for the extra precision. But
having the API be mixed will only make it harder for developers, and
lead them to make the same mistake that I did in the API where I
missed some conversions.
Bug: 28197858
Change-Id: I99114bae259b9bdd47ce5c22e724d87bbd63336d
Instead of calling out to external processes with a blocking IPC,
pass along a Binder on which the external process can pass back
the response. The calling process can then wait for the reply with
a timeout.
This eliminates watchdog restarts of the system_server when an external
process like telephony or bluetooth hangs.
Bug:26842468
Change-Id: I1b242e4ed22a63f1a4a0be8c78de8ac4d7bf56c5
Don't return null from createUserCreationIntent()
Provide a way for apps to query if the device
supports multiple users.
Some additional documentation for UserManager class to
make things clear about the types of users and relationship
with accounts.
Change-Id: I768d816e73a1d7f61cdc415f9e482adc79e2715a
Fixes: 28150359
Preparing and destroying users currently needs to be split across
installd, system_server, and vold, since no single party has all the
required SELinux permissions.
When preparing user directories on a storage device, always enforce
the serial number and destroy data if we run into a mismatch. When
deleting a user, write the updated user list first before we start
destroying data. Also start reconciling users on internal storage
at boot, so we can recover from stale data left behind from partially
destroyed users.
Check both CE and DE user directories when reconciling user storage
on a newly mounted storage device.
Bug: 27896918
Change-Id: I4536c82b0196e2720628c4f73fccb742c233350b
When quiet mode is disabled for a user and that user is not currently
decrypted, we show a confirm credentials screen to trigger decryption
of that user. Only if that was successful, do we actually disable quiet
mode.
Bug: 27764124
Change-Id: Ib1f649194d89e225dad62c14f3ddba1fa3d79da2
Previously many usages of UserManager.getProfiles and getEnabledProfiles
were only using ids of returned users. Given that the list of users needs
to be parceled and unparceled for Binder calls, returning array of ids
minimizes memory usage and serialization time.
A new method getProfileIds was introduced which returns an array of userIds.
Existing method calls were updated where appropriate.
Bug: 27705805
Change-Id: Ic5d5decd77567ba0f749e48837a2c6fa10e812c0
Instead of relying only on kernel support for sdcardfs, give each
device the ability to quickly toggle between sdcardfs and FUSE. Also
add the ability to users to explicitly enable/disable the behavior
for testing and debugging purposes.
Bug: 27991427
Change-Id: Ia57f12f6ead888ab85101004bdd8c8003537b116
There are a handful of looper threads in the system_process that
are shared by dozens of different internal services. To help track
down what these operations are, tag the processing of each message
with a string that tries describing where it originated from: the
class name of the Handler, and the message number or class name of the
Runnable.
Bug: 28046299
Change-Id: I409ec43fea8daaae4fd70df05d4fed929a7249ae
This forces everyone to go through sdcardfs, instead of letting them
around the back door.
Bug: 27992761
Change-Id: If1d4d5daa4b32bb3be7de10102bab24d63552b65
Since Lollipop, routes are isolated within Networks. Flushing a
Network's DNS cache whenever that same Network's routes are updated
doesn't provide any benefit. Any system components depending on this
behaviour need to uncovered and fixed.
Additionally, clean up no-longer-used flushNetworkDnsCache(). This
should be replaced, when needed, by a proper binder interface to netd.
Change-Id: I34bf79e4839da014d466058a876d754209d0c007
isSustainedPerformanceModeSupported() returns true if the device
supports the mode. It checks for the boolean config
"config_sustainedPerformanceModeSupported" to be set.
Bug: 22864186
Change-Id: I0f9f0bcbb8c02b19f37e9c87570d88e8f78f7992
Signed-off-by: Ruchi Kandoi <kandoiruchi@google.com>
Removing entries from a Bundle may change its has-FDs state, so now
induce a recheck after removals. In support of that, make the
recheck set the known state in all cases, not just in the has-FDs
case; and note that filterValues() inherently produces a result that
is known to have no FDs.
Bug 26676151
Change-Id: Ida07b77ad2046aeafb98e0b164cd571ce45d064f
Remove some Context methods that leaked through. Add lint rule to
recommend using List<? extends Parcelable> instead of Parcelable[].
Bug: 27932224, 27930145, 27932911
Change-Id: Ia302de46cdb0c5101fa175a09316df91aeefcf0d
Use Slog.wtf instead of Log.wtf, so that it is
asynchronously reported.
Mark incoming application restrictions as defusable
since they are being unparceled.
Bug: 27811728
Change-Id: I166de69a74417e439ec5ef9159fbbfbfe711dde6
- Only allow entire directory access on non-primary volumes.
- Do not display primary storage label on scoped access.
BUG: 27743842
BUG: 27676858
Change-Id: I9884fb1e2df3534fceebc5d5bef44adfb758724c
The purpose of the new StorageVolume API is to grant access to
volumes that aren't typically "visible" to a developer, so include
them in the returned results.
Also return the real mounted state instead of augmenting based on
the caller's storage permissions. Clean up API naming slightly and
return as List.
Bug: 27615770
Change-Id: Ida921a4b91e5af81e418e76f672d9108f45a9781
