Introduces new module that provides network-related features for
the StrictMode developer API. The first feature offers to detect
sockets sending data not wrapped inside a layer of SSL/TLS
encryption.
When a developer enables, we ask netd to watch all outgoing traffic
from our UID, and penalize us accordingly if cleartext sockets are
detected. When enabled, netd captures the offending packet and
passes it back to the owning process to aid investigations. When
death penalty is requested, all future traffic on the socket is
blocked, which usually results in a useful stacktrace before the
app is actually killed.
Bug: 18335678
Change-Id: I3adbc974efd8d3766b4b1a23257563bb82d53c29
If the manifest doesn't specify large heaps, we now call
VMRuntime.clampGrowthLimit to release heap virtual address space
which won't ever get used.
Bug: 18387825
Bug: 17131630
Change-Id: I61fdcd70c70234256637eeebefe3abb22b91095d
Symptom:
Assume a foreground broadcast FG and a background BG.
If a recevier registers both FG and BG. When sending
BG and FG to the receiver, and the receiver BG receiver
completes first, its finishReceiver will trigger next FG
receiver rather than BG, and also deliver wrong result
code/data to the next.
More detail and sample:
https://code.google.com/p/android/issues/detail?id=92917
Root cause:
Due to BroadcastQueue:getMatchingOrderedReceiver will match
by receiver(IBinder), so the caller ActivityManagerService:
broadcastRecordForReceiverLocked will always match the first
queue(fg) if a receiver is both receiving fg and bg.
Solution:
Add a parameter flags to finishReceiver, then server side
could know the finished receiver should belong to which queue.
Another general solution but with bigger scope:
I60dce4a48e20c1002a61a979e4d78b9b0a8b94a0
Change-Id: I913ca6f101ac8ec6c7a8e42754e6781f80247b7f
Some of the admin policies are throwing security exceptions in
a managed profile without being documented correctly and others
shouldn't be throwing security exceptions.
Changed setCameraDisabled() to not throw an exception. It now just
prevents work profile apps from using the camera.
Changed wipeData() to allow passing in ERASE_EXTERNAL_STORAGE. In
secondary users/profiles, this is just going to remove the user, so
the flag is harmless.
Updated documentation for setKeyguardDisabledFeatures() and resetPassword()
to indicate that they cannot be called in a managed profile.
Bug: 17987913
Change-Id: I8060be4c2d32bdd4edb46ce543551fabb9c8c983
We used to set this from LoadedApk.getClassLoader. This had
the unfortunate side effect of clobbering the threads default
classloader when Context.createPackageContext().getClassLoader()
was called. This happens, for example, to every app that uses
a updatable webview.
bug: 17986934
Change-Id: If2b5938a19f836ea5fe60c94ea53a7125c2098c0
The system should always be using new startActivityAsCaller() when
starting activities on behalf of someone else, to ensure that
security checks are enforced as the original caller.
Bug: 17983737
Change-Id: Ic40816a797cfdb13c0adb48b86ed4ed7d6aae8eb
...handler for its Intents
Fix bug when a third party app is installed as an additional but
worse match for the intent.
Also raise up the limit for when we start printing logs about
overly large strict mode data.
And turn off the logs about services being created and destroyed,
since with the way things are using services these days these have
become way too spammy.
Change-Id: I8fe301dfd80fb4b70213cb7783b7c5426245278d
Raise the height ratio threshold slightly in order to start accepting
restores of height=1920 images onto height=2560 devices.
Bug 17882661
Change-Id: I63b47817fdf754cda9a052bddb62aee764522c6f
- Add docs to Binder, Messenger, ResultReceier to explain their
relation (or lack there-of) to process lifecycle.
- Clarify some aspects of process lifecycle for services.
- Fix help text of am command.
- Fix per-package dumping of battery stats to not include history.
- Fix per-package dumping of proc stats to only include aggregated
and current stats and fix some formatting.
- Fix per-process dumping of meminfo to have an option to interpret
the input as a package, so including all processes that are
running code of that package.
- Fix top-level per-package debug output to correctly include all
of these improvements and give them a little more time (10s) to
complete for timing out.
Change-Id: I2a04c0f862bd47b08329443d722345a13ad9b6e2
After completely iterating over a UsageEvents object, the internal parcel
is recycled. If resetToStart is called then, it does nothing.
Bug:17909428
Change-Id: I7bc68d3429e4621a50dedbfc1789576d44dbb3be
PackageManager and AppWidgetHostServiceImpl should
be loading the resources of any shared libraries being
used by the app, as they have references in their Widgets
or application icons/labels, etc.
Bug:17668152
Change-Id: I359662334edb125d7570089916727df4eeba02bb
Keep around GET_TASKS as a permission available to apps, so apps still
think they have it and don't get all uppity because they don't.
Add a new REAL_GET_TASKS that is the actual permission now.
Plus some temporary compatibility code until everyone can transition
fromn GET_TASKS to REAL_GET_TASKS.
Change-Id: I12c1102eed24844685dcbd2fa3b612811603958f
We now accept for restore any image that is at least wide enough to
fit the screen, and has a height within a comfortable margin of the
previously stated target.
Bug 17677006
Change-Id: I5937a82ddfbfa0bbb30d568621eb48e4b3533fac
