When creating or renaming files on external storage, sanitize the
requested display names to be valid FAT filenames. This also fixes
a handful of directory traversal bugs.
Also relax logic around generating display names to allow any
extension which maps to the requested MIME type. Tests to verify.
Bug: 18512473, 18504132
Change-Id: I89e632019ee145f53d9d9d2050932f8939a756af
The current heuristics depend on devices being alive at midnight+ in
order to run periodic background fstrim operations. This unfortunately
means that people who routinely turn their devices off overnight wind
up with their devices *never* running fstrim, and this causes major
performance and disk-life problems.
We now backstop this very-friendly schedule with an increasingly
aggressive one. If the device goes a defined time without a background
fstrim, we then force the fstrim at the next reboot. Once the
device hits the midnight+ idle fstrim request time, then we already
aggressively attempt to fstrim at the first available moment
thereafter, even if it's days/weeks later without a reboot.
'Available' here means charging + device idle. If the device never
becomes idle then we can't do much without rendering an in-use device
inoperable for some number of minutes -- but we have no evidence of
devices ever failing to run fstrim due to this usage pattern.
A new Settings.Global element (type 'long', called
"fstrim_mandatory_interval") is the source of the backstop time. If
this element is zero or negative, no mandatory boot-time fstrim will
ever be performed. If the element is not supplied on a given device,
the default backstop is 3 days.
Adds a new string to display in the upgrading dialog when doing
the fstrim. Note it is too late for this to be localized, but since
this operation can take a long time it is probably better to have
it show *something* even if not localized, rather than just sit there.
Bug 18486922
Change-Id: I5b265ca0a65570fb8931251aa1ac37b530635a2c
If the lock screen is not shown, then let activities keep running
while dozing. This is important to support ambient mode on watches
since it allows the home app to keep running.
To make this possible, we need to inform the activity manager about
the exact wakefulness state, not just the overall boolean
interactive state.
Bug: 18284212
Change-Id: Ia35c99127ce51ffc178f3a2f51fca67d24061c71
It seems we were sort of trying to do this by forcing the AsyncTask
static initializer to run at certain times but it was not sufficiently
reliable. In particular, this resulted in occasional system
server crashes.
Bug: 18192406
Change-Id: Ief73210c60e7680fbed6df74e3e58809b7ec7e4d
We're now shipping devices with several partitions which may end up
mismatched, causing subtle runtime issues. To help manufacturers and
users catch this case, show wanring when we detected mismatched
fingerprints.
Bug: 18357469
Change-Id: I897d7ee8cbf3b8042d3d7d282afab277d242ed3f
There are many cases in real world applications where it is desirable
to continue processing messages on the Looper even when most other
messages have been suspended by a synchronization barrier pending
completion of the next drawing frame on vsync.
Internally the framework is able to mark certain messages as being
independent of these higher level synchronization invariants by
flagging them as asynchronous.
This change exposes the existing function and improves on the
documentation so that it is clearer what is meant by asynchronous.
Bug: 18283959
Change-Id: I775e4c95938123a364b21a9f2c39019bf37e1afd
installd can then clear the ".booting" marker from the dalvik-cache
(owned by root). This marker is used to detect boot loops.
bug: 18280671
Change-Id: I878f1463c7f523892605c17b980a51ac3b6645e2
The setting was previously exposed in IPowerManager but it
doesn't need to be there.
Bug: 17656076
Change-Id: If3ed0cbe89f67c60aa00376be0c54b1bd9656144
- Add in category for graphics driver, and knowledge about it
for N5 (more devices will be added later).
- Renaming the labels for the .oat and .art files to be just
that, so it is clear what they are talking about.
Change-Id: I663ca8bd2febce41fcdde74b0d3a96ef9325edf1
When PowerManager.boostScreenBrightness() is called, the screen
brightness is set to maximum for 5 seconds. This action is
also considered to be user activity.
Bug: 17934954
Change-Id: I1cb4a03a60705c6c1c5cc9ff84b1c5dbd2932fcd
1. Add a command to NetworkManagementService to enable/disable
IPv6 ND offload via netd.
2. Make Nat464Xlat enable offload if clatd successfully comes up
on a wifi network (which means it detected a NAT64), and
correspondingly re-enable offload when the clatd interface
goes down.
This change does not enable clatd on wifi yet, that requires an
extra 2 lines to enable it.
Bug: 12111730
Change-Id: I4318611762a37487c9a84f8c4867ec5aece98be8
1. Make Nat464Xlat a per-network object, one for every network
requiring clat, instead of a ConnectivityService singleton.
2. Make the NetworkManagementService clatd commands take an
interface.
3. When we attempt to start clatd on a network, store its
Nat464Xlat object in the NetworkAgentInfo, so we have an
authoritative way of knowing whether clat is running on a
given network.
4. Rework Nat464Xlat, hopefully simplifying it.
Bug: 12111730
Change-Id: I1fa5508ef020cd1c3d1c7a1f7b06370ac5fc2ae2
We now use Mapped to not double-count cached pages that are
mapped in to app processes. Also read in some more values that
count towards kernel RAM use, and count buffers as free rather
than used RAM.
It also looks like the zram accounting is broken -- it was never
collecting the total zram reserved space. I need to figure out
how I was finding that before.
Change-Id: I883f6fc93966774b5c7d2801d1801666dd11ed41
- Add docs to Binder, Messenger, ResultReceier to explain their
relation (or lack there-of) to process lifecycle.
- Clarify some aspects of process lifecycle for services.
- Fix help text of am command.
- Fix per-package dumping of battery stats to not include history.
- Fix per-package dumping of proc stats to only include aggregated
and current stats and fix some formatting.
- Fix per-process dumping of meminfo to have an option to interpret
the input as a package, so including all processes that are
running code of that package.
- Fix top-level per-package debug output to correctly include all
of these improvements and give them a little more time (10s) to
complete for timing out.
Change-Id: I2a04c0f862bd47b08329443d722345a13ad9b6e2
When creating a user via the UI, disallow phone calls and SMS by
default. Primary user must explicitly enable it via Settings.
Bug: 17832802
Change-Id: I18cad4be8493ddc8890b5d90da2df256cb3f1ec9
Fix Slog.wtf to not acquire the activity manager lock in its code
path, so that it can never deadlock. This was the original intention
of it, but part was missed.
Now we can put back in the code to detect when strict mode data is
getting large (a little more targeted now to the actual problem),
and use Slog.wtf to report it. And as a bonus, when this happens
we will now clear all of the collected violations, to avoid getting
in to the bad case where IPCs start failing. So this should be
good enough for L to fix the problem, with wtf reports for us to
see if the underlying issue is still happening.
Finally, switch a butch of stuff in the system process from Log.wtf
to Slog.wtf, since many of those are deadlocks waiting to happen.
Oh and fix a crash in the settings provider I noticed in APR.
Change-Id: I307d51b7a4db238fd1e5fe2f3f9bf1b9c6f1c041
Drop down the limit on when we log, since under normal operation we
will never get more than a few K of data due to strict mode.
Try to clean up the code paths coming in and out of binder IPCs to
plug any places where we could disrupt the gather flag of a thread,
causing it to keep gathering stack crawls (which is the thing that
is causing our strict mode data to become so large).
Change-Id: I9a46512283d33e863c429840b465855d1fabb74e
