The previous default location of "/sdcard" became painful to use
starting in M, because it required a runtime permission. So now we
default to storing trace files in app-specific directories on shared
storage, which apps always have write access to with no additional
permissions.
Update docs to be consistent between all overloads.
Bug: 22807654
Change-Id: If4feca7c8778dfdf4ccce8cfb68418dc416260b5
There are some scenarios where an app needs access to the whole SD Card,
not subdirectories. For example, user might have a SDCard with
directories like vacation_pictures (instead of Pictures/vacation);
another example is a file management app.
BUG: 27676858
Change-Id: I20ef713de7e4dfa7e2d7d07bab11898af186d673
Add a (configurable) delay between when we start a maintenance
window until the minimum time we will end it.
Also switch to using the alarm manager callback API. (Yay!)
Also fix a little printing problem in the alarm manager dump
so we put the package name and not some class hash in the
summary string of an alarm entry.
Change-Id: I4281e5c80bc8b26ebc1fb6f603ec33ec0e379daa
Also hide a few APIs as requested by council. Add a method to
easily determine if a given File would already be encrypted at rest
by the OS.
Bug: 27531029
Change-Id: Icad5f1cd56411ad3ac707db85fd7449acdcc4b94
Mostly consists of removing the word "encryption" from most APIs,
since we can't actually make promises about the data being encrypted.
Bug: 27531029
Change-Id: Iace9d7c4e64716abf86ed11847c40f3947e1d625
If we have an existing file in the destination directory, which has the
same name with the source file, adding suffix number is
DocumentsProvider's responsibility.
Because MTP does not provide a way to check existance of files with
given name, the logic is implemented as try-and error strategy. The CL
lets If we MtpDocumentsProvider assume we have a file that shares the
same name with the source file if it failed to invoke
MtpDevice#sendObjectInfo. In this case MtpDocumentsProvider retry to
invoke sendObjectInfo with new name with suffix number.
BUG=26991190
Change-Id: I223ac5031f079bc91eb27709b0356f621a1ed55b
It's easy for apps to throw custom Parcelables into Bundles, but
if the system tries peeking inside one of these Bundles, it triggers
a BadParcelableException. If that Bundle was passed away from the
Binder thread that delivered it into the system, we end up with a
nasty runtime restart.
This change mitigates this trouble by "defusing" any Bundles parsed by
the system server. That is, if it encounters BadParcelableException
while unpacking a Bundle, it logs and delivers an empty Bundle as
the result.
Simultaneously, to help catch the system process sticking its
fingers into Bundles that are destined for other processes, a Bundle
now tracks if it's "defusable." For example, any Intents delivered
through ActivityThread are marked as being defusable, since they've
arrived at their final destination. Any other Bundles are considered
to be "in transit" and we log if the system tries unparceling them.
Merges several Parcel boolean fields into a flags int. Add better
docs to several classes.
Bug: 27581063
Change-Id: I28cf3e7439503b5dc9a429bafae5eb48f21f0d93
1. Instead of getting application info in runtime, just retrieve the
one in the context to avoid cross user operation.
2. Functions in PackageManager that retrieve badged icon now return
badged icon if the targer user is managed profile instead of checking
whether target user is a managed profile of the user in mContext.
3. Relax the restriction of getUserInfo, if the caller is asking a user
in the same profile group or having the manage user permission, we let
it go.
Bug: 26469166
Change-Id: Ia1ffc5743f7d94bd489cdb7571eaed51499ebdd9
We added a third parameter to RecoverySystem.installPackage() to let the
caller to indicate the package has been processed (uncrypt'd). We need
to ensure the caller's claim is true by checking the existence of the
block map. Otherwise the device will fail for sure when booting into
recovery.
Bug: 27620932
Change-Id: I6325455253480055f14eb0cf020689ac37328602
Often during development I get runtime exceptions from system
server but I only see client side stacktrace on logcat, which is
pretty much inconvenient.
Change-Id: I9c60fd92f6008d2c3a7eaf848b89ce3f1dffbe8a
Use this in the alarm manager to allow user whitelisted apps
to have free access to scheduling alarms.
Coming next: lifting sync/job restrictions.
Bug #26851107: Allow user whitelist apps more freedom
(Cherry-picked to nyc since it got lost in the branch from master.)
Change-Id: I4dc9f07514627ebdb6b6eff7c7a749f2c51a3797
