This is very expensive and needs to run in the system process, we
don't want apps abusing it.
Also don't allow apps to get information about anything but their
own process, unless they have the appropriate privileged permissions.
Bug: 112537519
Test: manual
Change-Id: I01997d6f888341e8eb2afe6a69545dd5be013744
This is very expensive and needs to run in the system process, we
don't want apps abusing it.
Also don't allow apps to get information about anything but their
own process, unless they have the appropriate privileged permissions.
Bug: 112537519
Test: manual
Change-Id: I103a11f8d5b49fd4536795ea52c05de297698cb5
Apps with WRITE_MEDIA_STORAGE permission will get
full access to external storage.
Bug: 111890351
Test: manual
Change-Id: Icbfe1f68c0bfca77bdc557e9903ded45994f5945
Migrates the existing information collected by diskstats to westworld.
Creates 4 pulled atoms, 2 of which read from a cached file produced by
DiskStatsLoggingService. Most of the logic is taken from
DiskStatsService.java.
Test: Manually verified information is the same as dumpsys. Will look
into cts as well.
Change-Id: I9818ac787de46514bc09ab3887cbfaec6cff273c
This CL is largely an adaptation of Change-Id
I16175933cebd9ec665d190cc5d564b5414a91827 . I also used the same way for
testing the change.
This CL will support the followings.
- installing a RRO package for framework from /product-services/overlay
- installing apps from /product-services/app
- installing priv-apps from /product-services/priv-app
- installing permissions from
/product-services/etc/[default-permissions|permissions|sysconfig]
Bug: 80741439
Test: `mm` under frameworks/base/tests/[libs|privapp]-permissions
adb sync && adb reboot
adb shell cmd package list libraries
=> confirmed com.android.test.libs.product_services library
adb shell cmd package dump \
com.android.framework.permission.privapp.tests.product_services
=> confirmed that the package is a priv-app
And I moved vendor/overlay/framework-res__auto_generated_rro.apk
into system/product-services/overlay/ on taimen, and I confirmed that the
RRO was installed properly.
Change-Id: I7a6a30bf8e8db9f2738594d187bb9148f138b8da
(cherry picked from commit a4af41736894bd3bf5bdc2a279acbeed2a24dd3d)
System components (like MediaProvider) will live in a mount namespace
that has a view of the "real" shared storage device, and normal apps
will have "sandboxed" views of the shared storage device. (Parallel
changes are implementing these namespaces in vold and installd.)
The system components mentioned above will need to translate between
the two namespaces, so this change introduces methods that perform
that translation, along with a nice batch of tests to verify.
Test: atest frameworks/base/services/tests/servicestests/src/com/android/server/StorageManagerServiceTest.java
Bug: 111893193, 111892833, 111268862
Change-Id: Iae91a44ce09eb33d6cd9b90f6c7b4f88c8cd12f0
We now have separate permissions that correspond to the various
MediaStore tables:
-- READ/WRITE_MEDIA_AUDIO
-- READ/WRITE_MEDIA_VIDEO
-- READ/WRITE_MEDIA_IMAGES
From a product point-of-view, Images and Videos will being treated as
a single permission group of "Visual" media in Q. We're also defining
two other special permissions:
-- ACCESS_MEDIA_LOCATION: indicating that the app can see any
geographic location related metadata associated with media, such
as being stored in the EXIF data. We're willing to grant this under
the unbrella of the larger "Visual" runtime permission group, but we
still want apps to request it for full disclosure of their intent.
-- WRITE_OBB: can be held by app stores that need to deliver OBB
files into app-specific sandboxes to keep legacy apps working.
Test: manual
Bug: 111801780, 110228267, 111789719, 111892833
Change-Id: If28247efdd7ac185ad3c6cbceda2e6346c26d032
This change implements the equivalent of the C++ native_handle_t type in
Java. Similar to the C++ type, the NativeHandle class wraps an arraylist
of FileDescriptor objects, along with a raw data stream (integer array).
Bug: 35098567
Test: Ran m, hidl_test (C++ and Java). Functionality tests are included
in a separate CL.
Change-Id: Ic53f9a49ae17ce5708577a586230126ab0e222c7
This is needed to implement Doze for Android TV. The DeviceIdleController needs to know whether the screen turned off due to a timeout and adjust its own timeouts accordingly. This is particularly important if the screen off timeout is longer than 30 minutes which is how long the DeviceIdleController normally waits before going from STATE_INACTIVE to STATE_IDLE_PENDING.
Test: make -j
Bug: 111443261
Change-Id: Icd6a7ba43077fed3ac6ac9f77b5a017c42138337
getInterfaceDescriptor() will return an empty string when the call
to retrieve it into the remote process fails. Proxies to a dead binder
process then show up as having an empty descriptor in the proxy dumps,
and can't be distinguished from live proxies with an empty descriptor.
Instead, if we get an empty string, check if the proxy is still alive,
so we can more accurately dump. This will make it much easier to find
proxy leaks to dead binder nodes.
Bug: 109888955
Test: adb shell dumpsys activity binder-proxies
Change-Id: Ib37ec004f38c99743ffb4a62101c12626b649e5d
For the various Build.VERSION_CODES.<version_name> constants, adding
a link to the appropriate "about this release" page in
/about/versions/ , if there is one.
Staged doc to:
http://go/dac-stage/reference/android/os/Build.VERSION_CODES
Bug: 80546406
Test: make ds-docs
Change-Id: If363445c938d325172da6beeed25e821121c5539
This packageName is passed so that the process initialization
after the zygote fork can mount appropriate package sandbox.
Bug: 111890351
Test: n/a
Change-Id: I99d6c1b53fffd53d7387dc807106efe5e1dc9b07
Binder tokens (Binder objects without an attached interface) are used
a lot with Android. These tokens don't have an interface descriptor,
which means that proxies (references) to these tokens are impossible
to identify when looking at a heap dump.
To make that easier, introduce a new constructor for Binder that allows
the caller to specify a descriptor.
Bug: 109888955
Test: builds, boots
Change-Id: I18fd00483abc29edf87f84945323a10fe4f6cd42
This is the first step to move BinderCallsStats implementation to the
server package in order to have an implementation more specific to the
system server (tracking charger on/off).
Removes the volatile keywords in BinderCallsStats.
Also exposes a clean API to StatsCompanionService instead of
BinderCallsStats directly.
Test: unit test
Change-Id: Ied98c555acc8489420104098561b4608346509b5
