Owners source of truth is now in AOSP but has merge conflicts with
internal so submitting a separate CL here (AOSP change at
aosp/813915).
Test: N/A
Change-Id: I0e96914bb339874a30c80776596f2d84e508df85
Change 1/2. Change 2/2 will setup the class loader namespace for
shared libraries.
This change sets up shared libraries class loaders for applications
and for dexopt.
bug: 111174995
Test: DexoptUtilsTest, device boots
Change-Id: Ie9a2b4eaa85cda59951703433f7a2d03bc12095d
This will allow apps to better manage many isolated processes,
telling the system how they are grouped together (so should be
managed as one related entity within the LRU cache) and fine-tune
the ordering within that group.
The API is not yet tested... though in theory it is implemented.
But the implementation done for that also fixes a *lot* of problems
with activity LRU management that, even without groups, should
make the ordering of processes in the LRU list much more consistently
match how recently the user has interacted with it.
Also clean up some of the new dumpsys output in the activity manager:
move the new sections to before the process output (so it is still
easy to see the process state at the end of the output), and add and
document the command line options for controlling them. And add a
new "lru" section that gives a clear view of what is going on with
the raw LRU list.
An upcoming change will add tests for the new grouping functionality,
and probably some fixes resulting from that.
Test: atest CtsAppTestCases:ServiceTest
Bug: 111434506
Change-Id: I1f6b6b9de66ccde1573e1a0e9615e8c5f8e6c0d7
Smart Action look similar to Smart Replies with an icon next to the
button text.
Smart Actions can be added either by an app, or by the framework itself
(through NotificationAssistantService).
The idea is that Smart Actions are really actions relating to the
content in the notification message.
The priority order of smart replies vs. actions will be dealt with in a
follow-up CL (i.e. whether we should prioritize showing smart actions
over smart replies).
Example notifications:
System generated:
https://screenshot.googleplex.com/f6p8uOMygeT.png
App generated:
https://screenshot.googleplex.com/VR6On1eh4CW.png
2 app generated actions:
https://screenshot.googleplex.com/QuM5e792xhb.png
Bug: 111406942
Test: manual tests = add custom actions directly in sys ui and ensure
they're shown in message notifications.
Test: atest SystemUITests
Change-Id: I0ce959b74e89bcabc69b76c50c1877e70d6f06df
This change adds RoleManager.setRoleNamesFromController() to allow
RoleControllerService to initialize the roles for a user. This change
also fixes the persistence of roles by calling writeAsyncLocked().
Bug: 110557011
Test: build
Change-Id: I921b6aa691478ca4c0dd1a75fc929a96ce1e7df5
This change fixes various issues realted to the role granting
flow, including allowing permission controller to be granted
SET_PREFERRED_APPLICATIONS for roles, granting
MANAGE_ROLE_HOLDERS permission to shell, and improving
RoleUserState XML parsing.
Bug: 110557011
Test: build
Change-Id: Ia095580ad497af9cf7b29e6bedab70046b09d542
Mostly mirrored off existing READ/WRITE_EXTERNAL_STORAGE app-ops,
but with new Aural/Visual runtime permission groups called out.
Bug: 117777783
Test: atest cts/tests/tests/provider/src/android/provider/cts/MediaStore*
Change-Id: Ibeb93428b6a20b33879117e455e9ef63af58f79e
The new storage work in Q will extend capabilities to the default
Gallery and default Music apps, and we'll be implementing the
management of those default apps using the new roles feature.
This change starts by defining these roles using a relaxed definition
that only uses the existing CATEGORY_APP_* intent filters.
Bug: 119713234
Test: manual
Change-Id: I9bd32b57313cf712ce7441bcadef702dac866a3f
Collection of the RSS high-water mark is moved to a separate atom to
improve performance, increase flexibility and overcome security
constrainsts.
Performance: avoid reading /proc/pid/status in ProcessMemoryState;
flexibility: allow pulling RSS high-water mark on a different schedule;
security: add single point where we can trigger the high-water mark
reset.
The RSS high-water mark will be removed from ProcessMemoryState and
NativeProcessMemoryState atoms in a followup-up CL to ensure that the
collected data is continuous.
Bug: 119598534
Test: atest UidAtomTests#testProcessMemoryHighWaterMark
Change-Id: I52da7b5e695f771f1551e1f6a6a773bded4504d1
I688e87cf09ad206f4f517a7be960c2aa01af8fc4, restricted privileged apps from silently becoming Device Admins.
Ia4e1ce9b81756e7f84ed0aa22d97e0b968cd8d89 added privileged APIs for locking the device and resetting the password.
We continue that work by providing an alternative for DevicePolicyManager#setKeyguardDisabledFeatures guarded by android.permission.CONTROL_KEYGUARD_SECURE_NOTIFICATIONS
Bug: 111153365
Bug: 112601004
Test: Secure notifications can be redacted on keyguard
Change-Id: If81cecf6e74f7abcff581a122c4b68cc04ff57c6
Adds a hook to AppComponentFactory to allow control over the
instantiation of the main app class loader. LoadedApk creates
the default class loader and uses it to load the base APK. If
AppComponentFactory is declared in the manifest, its new method
instantiateClassLoader is called and its result becomes the
class loader used by LoadedApk to instantiate other classes
declared in the manifest. By default this is simply the class
loader created by LoadedApk.
Second method provides AppComponentFactory with a copy of
ApplicationInfo. The factory otherwise cannot locate any of the
app's resources, including its APK or the data folder.
Bug: 111342996
Test: atest CtsClassLoaderFactoryPathClassLoaderTestCases
Test: atest CtsClassLoaderFactoryInMemoryDexClassLoaderTestCases
Change-Id: Id21d9afaf00b9cb64a107bc9893b952407cff0b5
Not that we're starting to change appops' default values
for sms/calllog permissions, default grants by DefaultPermissionGrantPolicy
must take care to also flip the appops, otherwise permission grants don't
take the desired effect.
This also fixes the `appops get` shell command to reflect both uid and
package mode, consistent with how appops are checked
Bug: 117623587
Test: - enable kill switch for sms access restriction
- adb install -g $ANDROID_BUILD_TOP/out/target/product/sailfish/data/app/CellBroadcastReceiverTests/CellBroadcastReceiverTests.apk
- launch the app and press any button
- ensure no "Appop denial" warning in logcat
----
- adb shell appops get com.android.cellbroadcastreceiver android:receive_sms
- ensure result reflects uid mode
Change-Id: I59bb0c89423d3636c310c21b7a1cbf0481c992eb
In order to allow inclusion of device identifiers in the key attestation
record generated by the profile owner, the platform needs an explicit
signal that it is OK for the profile owner to access those identifiers.
Add a system-privileged method to the DevicePolicyManager that allows
system applications, as well as Managed Provisioning to indicate that the
profile owner may access those identifiers.
In the DevicePolicyManagerService the following has changed:
* The OwnerInfo now contains a flag indicating whether the profile owner
was granted access to the device identifiers or not.
* The permission check for use of the Device ID Attestation flags in
generateKeyPair has been adjusted to allow profile owner (or its
delegate) to use them, if device identifiers access has been granted.
* A couple of utility methods have been added to ease checking of
profile owner presence for a user and whether the profile owner can
access device identifiers.
Additionally, a new adb command has been added to give this grant to an
existing profile owner for testing purposes.
Bug: 111335970
Test: Manual, using TestDPC + ADB command.
Test: atest FrameworksServicesTests:DevicePolicyManagerTest
Test: Additional CTS tests, see cts change in the same topic.
Change-Id: I05f2323d5edacd774cd3ce082ee9c551100f4afd
Exposing canSuspendPackage so apps with SUSPEND_APPS can query whether a
package is considered too critical to suspend by the system.
Test: atest GtsSuspendAppsTestCases
Fixes: 117968270
Change-Id: I9c316dae7e7a7259d28e271c3901465244d6c93d
Also add method that returns the number of apps
that are bypassing dnd
Test: atest PreferencesHelperTest
Fixes: 115972200
Bug: 111475013
Change-Id: Id75093f9f42d00d05cca7700f64493d702c6a518
With this CL we add a new semantic action to Notification.Action to
represent contextual actions - i.e. actions specific to the current
notification. Contextual actions will be displayed differnently to
regular actions.
If the app itself does not provide smart replies or smart actions the
framework will generate smart replies and actions and put those in the
notification.
The UI for smart actions will be added in a separate CL.
With this CL we also remove a couple of unnecessary fields, namely:
NotificationInflater.mSmartActions
NotificationInflater.AsyncInflationTask.mSmartActions
the actions stored in these fields are stored in
NotificationData.Entry anyway.
Bug: 119010281
Test: write an app adding an Action with the new semantic type and
ensure that (contextual) action doesn't show up with the other actions.
Test: atest SystemUITests
Change-Id: Icd192fe2273b0474729dd4e413e0a6c2d75ff0fa
Instead of waiting for the first time we get the app op default mode,
just register the content observer for the sms & call log restriction.
This is temporary code anyway and will be removed according to a
STOPSHIP comment. So, the minor hit taken during system start is okay
for now.
Test: Device boots.
Change-Id: I55cc57ddfe80acf304b5126db16f5813a97c7042
Fixes: 119080532
This allows clients to run multiple instances of the same
manifest service declaration. It only works for isolated
services, to avoid too much abuse temptation. This is part
of the "Chrome site isolation" work, to allow chrome to have
many more render processes running and help it manage them.
Bug: 111434506
Test: atest CtsAppTestCases:ServiceTest
Change-Id: I22e65758678a07075ed32ed6463082ddf846d3a4
1. Send FOREGROUND_SERVICE_START event when foreground service starts.
Send FOREGROUND_SERVICE_STOP event when foreground service stops.
2. One app can multiple foreground services and multiple services can be
started. Because this, in UsageStats, change mLastForegroundEvent to
className to event map, do this for both activity and foreground
service. Change UsageStatsProto and UsageStatsXmlV1 to support this
change.
3. Add more test cases in UsageStatsTest.java.
Test: start music player which is foreground service, observce these
two events when start play and pause play.
Change-Id: I3dc14f5b73cc114a53b8c51f90d3011d9ace35ac
Bug: 112002260
Test: atest UsageStatsTest#testForegroundService
atest frameworks/base/services/tests/servicestests/src/com/android/server/usage/UsageStatsDatabaseTest.java
atest frameworks/base/core/tests/coretests/src/android/app/usage/UsageStatsTest.java
This change fixes the RcsManager setup and adds an empty RcsThread class. Please see go/rcs-in-telephony-doc for details.
Test: Builds fine
Bug: 109759350
Change-Id: Ie3fe476ab11d515ffab6dcc6ccf5ec801a4c9057
Update these methods to consider if the app is sandboxed or not.
Earlier, only apps with WRITE_MEDIA_STORAGE have access to full
external storage. So, clients had to check this before calling
these translate methods. Now, apps under instrumention might also
have full storage access and DownloadProvider will also start
using these translate methods. So, instead of having the clients
deal with it, move the logic of checking if an app is sandboxed or
not into these translate methods.
Bug: 117229024
Bug: 119265456
Test: atest MediaProviderTests
Test: atest cts/tests/tests/provider/src/android/provider/cts/MediaStore*
Test: atest services/tests/servicestests/src/com/android/server/StorageManagerServiceTest.java
Change-Id: If679e71a906bb2106752721409b4410557fb3e28
Both the comment and the usage suggest that this index should be
exclusive, not inclusive.
Bug: 111061782
Test: Call getBackgroundAccessCount without crashing
Change-Id: Ie4eb5a59874afd27bed0706cd177757155351b49
