Escrow token provides an alternative way to derive synthetic password for a
given user. In the new flow, a pre-provisioned escrow token
should be able to do anything the user password can do, since they both
derives the synthetici password which is the master key in the new auth flow.
Test: runtest frameworks-services -c com.android.server.SyntheticPasswordTests
Bug: 33126414
Change-Id: Ib5ee38fd61f66de3245427ce992ebc12f1873a26
The user password is used to unlock a per-user synthetic password which
serves the purpose of what the user password previsouly achieves (protect
keystore, vold disk encryption, auth token generation).
Test: runtest frameworks-services -c com.android.server.SyntheticPasswordTests
Test: manual
1. Start with fresh device, enable synthetic password with "adb shell cmd lock_settings sp 1"
1.1 add device lock, reboot and verify (positive & negative); change device lock, reboot and verify.
1.2 Inflate a work profile, reboot and verify device lock. check SID with "adb shell dumpsys lock_settings"
1.3 Un-unify and add work challenge, reboot and verify work challenge and SID.
1.4 Re-unify work challenge, reboot and verify.
1.5 Clear device lock, reboot and verify lock and SID.
2. Start with a fresh device, add a device lock and inflate a work profile.
2.1 Enable synthetic password, note current SID
2.2 Reboot and unlock device. Verify synthetic password is generated and SID remains.
2.3 Clear device lock, reboot and verify (SID should be cleared)
3. Start with a fresh device, inflate a work profile, add separate work challenge
3.1 Enable synthetic password, not current SID
3.2 Reboot and unlock device and profile. Verify synthetic password is generated.
3.3 Clear device lock only, reboot and verify (work profile SID should remain)
All steps tested on marlin (FBE) and bullhead (FDE)
Bug: 33126414
Change-Id: Idb9ebfc7bba2fe40670c5fee2189e873d9704540
Add a --preload-default command that instructs the zygote to preload
resources. The command is a no-op if resources have already been
preloaded.
Test: manual.
Change-Id: I4a846a7d911fa929af472d9071ffbff6df424176
The color of the icon was happening in a
non-animated way. We're now animating the
color properly.
This also fixes an issue where the action
bar could be fully black.
Test: add colorized notification, observe animation
Fixes: 35308322
Change-Id: I4fbc1794fc027efb42eee3ee8f06fd9d8c513456
The same application can run as either an instant app or an installed
app. Store this setting per-user instead of based upon the install
location.
Bug: 25119046
Test: cts-tradefed run commandAndExit cts-dev -m CtsAppSecurityHostTestCases -t android.appsecurity.cts.EphemeralTest
Change-Id: Iff565bb1ac10d631499f0bd0f69b401cb073c10e
The offset used to adjust MotionEvents for swipe velocity tracking
was incorrect, and caused issues when touch points where close
together. Fixed the offset used, which resolved swiping issues.
Bug: 34673753
Change-Id: Ide6060b511510bcf299e3db778e6ffc6afda5e19
By definition, the zygote in question is lower priority if lazy
preloading is enabled. We therefore reset the zygote process'
niceness to 0 as soon as it comes up, rather than having it stick
around as a higher priority process until we eventually ask it
to load the default set of resources.
Test: manual.
Change-Id: I3ccfc0e7c3fdebf5f798d90b53140a554bf64c20
Cancelling swipe-to-dismiss will trigger a check to ensure the window
is reset to its original state. Ensure that the reset is actually
required before setting the new layout attributes.
Bug: 34816397
Change-Id: Idf26ce7c8b63dc44a76effefcb32eb8d8665f605
This is part of work to introduce historical debugging infrastructure
for Android IME.
In this CL, we will focus on the following two event flows.
A1. IMMS#attachNewInputLocked() queues MSG_(RE)START_INPUT to deliver
new InputConnection/EditorInfo to the current IME
A2. The IME triggers IMS#onStartInput()/IMS#onRestartInput() and
updates the following fields:
- InputMethodService#mStartedInputConnection
- InputMethodService#mInputEditorInfo
B1. IME is expected to call back IMM#setImeWindowStatus() to notify
its window visibility change to IMMS.
B2. IMMS updates the following field if the caller is still the
current IME.
- InputMethodManagerService#mImeWindowVis
What this CL aims to do is to enable IMMS to access A1 state when it
was in B2 state, by considering that for given a B1 the last A2
happened before B1 is the cause of B1 and B2.
To do this, IMMS issues a binder token in A1 and each IME keeps it
so that it can be passed in B1. By using this Binder token as a key,
IMMS can keep tracking state snapshot taken from each A1. Note that
those state snapshots keep alive until the Binder token's proxy in the
IME process loses strong reference from its GC root.
Test: Make sure `adb shell dumpsys input_method | grep mImeWindowVis`
matches to the IME window visibility.
Test: Make sure the current IME is not receiving any
InvalidParameterException from IMMS.
Bug: 35079353
Change-Id: I9921b381e02106dbffff5e0b3d13f0a1245ce807
Before introducing new state tracking IDs to IInputConnectionWrapper,
this CL cleans up IInputConnectionWrapper to use
com.android.internal.os.SomeArgs instead of local-defined one in favor
of possible performance improvement thanks to the process grobal
object pool that com.android.internal.os.SomeArgs has.
This is a mechanical refactoring CL. No behavior change is intended.
Test: No new warnings in `adb logcat` from the following TAGs
- IInputConnectionWrapper
- InputMethodManager
- InputMethodManagerService
- InputMethodService
Bug: 35079353
Change-Id: Ic614f112f960382280acd8891b3af56d47679f08
Currently we see two warning messages
"finishComposingText on inactive InputConnection"
"finishComposingText on inactive InputConnection"
every time every time the View focus is switched from one EditText
to another EditText on the same window, which is really spammy.
This is actually not critical if IInputConnectionWrapper was already
finished, because with my previous CL [1] it is guaranteed that
InputConnection#finishComposingText() was already called followed by
InputConnection#closeConnection(), which means that the connection
is closed and should not accept any further requests. Thus ignoring
further #finishComposingText() only means that the system and/or IME
is calling #finishComposingText() unnecessarily, which is worth
showing spammy warnings in production builds.
To reduce logspam this CL hides warnings from the above case behind
DEBUG flag.
[1]: If2a03bc84d318775fd4a197fa43acde086eda442
aaa38c9f1a
Test: Make sure `adb logcat -s IInputConnectionWrapper:*` does not
show "finishComposingText on inactive InputConnection" warnings
while switching focus across different EditText on the same
window.
Bug: 35079353
Bug: 35301295
Change-Id: I17f3a4f500bc19ebf8bae771bf658a93627b3ba3
Doing this allows us to annotate integer values that should corresponds
to WindowManager.LayoutParams#softInputMode.
Test: There should be no behavior change. RetentionPolicy.SOURCE
annotation should change nothing in production code.
Test: checkbuild
Bug: 32784563
Bug: 35079353
Change-Id: I96300b090edce327d0515c740183abe91ded6bac
