Add android.os.UpdateEngine and UpdateEngineCallback classes that
communicate with the update engine via binder APIs for A/B update.
Bug: 26695366
Change-Id: I2471858d28df5443bc0b56d9a20281ccebde4484
Add the means to protect FBE keys with a combination of an auth token
from Gatekeeper, and a hash of the password. Both of these must be
passed to unlock_user_key. Keys are created unprotected, and
change_user_key changes the way they are protected.
Bug: 22950892
Change-Id: Ie13bc6f82059ce941b0e664a5b60355e52b45f30
Wire up preparing of user-specific app storage to existing user
lifecycle hooks. This way we're sure the storage is ready to roll
just before we start reconciling app data directories.
This also has the nice property that we only prepare storage when
we know that keys are unlocked.
Bug: 25796509
Change-Id: Ic7df9ddbcfb1e20649d11b6cf68d424e3c365ee1
A variety of related fixes:
- don't force size enable when browsing from device mounted notifications.
- don't show settings menu item as action (put in overflow).
- add sd card icon (not quite yet used, need to suss that out).
Bug:26880985,26883578,26771127
Change-Id: I36f153c42217f8092f157ded2a756c02525593ab
We used to unconditionally remove the block map file on boot. Because
the package might be half-way uncrypt'd in a corrupt state. CL in [1]
changes uncrypt to ensure that block.map only gets created at the end of
a successful uncrypt. So we can change to keep the fully uncrypt'd
package and the block map. This is to reduce the work for GmsCore to
avoid re-downloading everything again.
[1]: commit 25dd0386fe69460cd1d39de116197dd2c7bf9ec2.
Bug: 26883096
Change-Id: I58ca22064141bf5d42fa48146a980712c8ce21d9
Self closing tags are not legal in HTML and javadoc was updated to better
enforce valid javadoc comments.
https://bugs.openjdk.java.net/browse/JDK-8020619
Change-Id: Ia7644b79be559a2e88fc9850eab570bd926f9a4b
Add DIRECTORY_HOME to android.os.Environment...use that for dir name,
so we don't use a localized name when creating directory.
Mark all of the DIRECTORY_* fields final.
Bug: 26814341
Change-Id: I5a11bcb180674c619de2f5ce9ed598521e60cc25
If the getDatabasePath() caller is using the default getDatabasesDir()
path, that method already handles possible path creation, so no
need for us to retry.
Also fix two small bugs that would have NPE'ed when listing files in
a directory that wasn't created.
Bug: 26895777
Change-Id: Iced16b05cfe95062717da8d0414c48daefcb5648
Specifying the new flag will enable several features in the runtime
required by the native debugger to debug Java and C++ code at the same
time.
The enabled features:
* Force JIT (never use the interpreter)
* Debug info generation
* Disbale some optimizations
Change-Id: Iaf5ab649715a0c274bd1b0fc64e483705da53cd0
Databases and SharedPreferences often involve multiple files under
the hood, so developers wanting to migrate them between different
storage contexts should ask us to make sure all relevant files are
migrated correctly.
This makes a best-effort attempt to recover from battery pulls
during migration, while still trying to alert developers to
conflicting files.
Bug: 26668510, 25860525
Change-Id: I9ffa3e8cb6191dfd4237b9466a081d6d77df3ba0
For several releases now we've told developers that sharing raw files
between apps is a recipe for trouble. There are at least three major
problems with sending raw files:
-- Apps sending generic intents can't know who is at the other end,
so they may not have access to shared storage locations. This is
more likely now that runtime permissions require apps to explicitly
ask users for permission.
-- Apps making files in their private storage world-readable has been
deprecated for several releases, and now in N it's fully blocked. If
we let these intents through, the receiving app would fail to open
the file, when the real blame rests on the sending app.
-- Devices with user profiles can't share raw files when using
cross-profile intent filters, since filesystem access is fully
locked down between users.
The time has finally come to communicate clearly that if you're
sharing content between apps, you need to use content:// Uris. We
added the simple FileProvider several years ago to give apps a clean
way to migrate with minimal work on their part.
Bug: 26860922, 9069185
Change-Id: I075f627f6a0d6c7fca2c090ca133b9aae9801c64
Telephony expsoses a getModemActivity() method, which BatteryStats
will poll when a change in network activity occurs (on the modem).
The time spent in various states (tx, idle, rx) are distributed amongst
the apps that did rx/tx traffic during that window.
Bug:23147562
Change-Id: I480a85df95786f87c382b96816fe2ed4bb2d5a42
Adds a new type of wakelock - SUSTAINED_PERFORMANCE_WAKELOCK. This
wakelock can only be acquired when the application is in the foreground.
And it is not effective when the application is no longer in the
foreground.
Acquiring this wakelock enables the Sustained performance mode which
guarantees a certain level of performance.
Bug: 22864186
Change-Id: Id0ececc756fe014779db6efde7aede23ea181dc5
Signed-off-by: Ruchi Kandoi <kandoiruchi@google.com>
It opens a an alert dialog that tells user application X is requesting
access to folder Y on volume Z; if user accepts, it returns the proper
URI, otherwise it returns RESULT_CANCELED.
The requested path must satisfy the following requirements:
1.It's directory (getName()) must be one of the pre-definied folders on
Environment.
2.It's root (getParent()) must be a valid external storage root.
In order to satisfy #2, DocumentsUI calls the ExternalStorageProvider,
through a custom call() implementation.
BUG: 23011462
Change-Id: I8e491e82ae320df88f7b8923286c4c1ad050ae80
The Storage Access Framework currently provides an
API (OPEN_DOCUMENT_TREE) that lets the user pick a directory to be used
by the application. Although this APIs is very powerful (for example, it
allows the user to create sub-directories, delete and share files,
etc...), it's too complex for simpler use cases like a camera
application trying to have access to the standard Pictures directory.
The new API (OPEN_EXTERNAL_DIRECTORY) simplifies this scenario by
letting the application select a standard, pre-defined directory (as
defined by android.os.Environment). The user still needs to grant access
to the requested directory, but the resulting UI will be simpler and
more straightforward.
Usage example:
// ...
int requestCode = 42;
Intent intent = new Intent(Intent.ACTION_OPEN_EXTERNAL_DIRECTORY);
intent.setData(Uri.fromFile(
new File(Environment.getExternalStorageDirectory(),
Environment.DIRECTORY_PICTURES)));
startActivityForResult(intent, requestCode);
// ...
@Override
public void onActivityResult(int requestCode, int resultCode, Intent data) {
if (resultCode != Activity.RESULT_OK) {
return;
}
Uri uri = data.getData();
int modeFlags = data.getFlags()
& (Intent.FLAG_GRANT_READ_URI_PERMISSION
| Intent.FLAG_GRANT_WRITE_URI_PERMISSION);
getContentResolver().takePersistableUriPermission(uri, modeFlags);
}
BUG: 23011462
Change-Id: Ie832026532f74e681ef220b761667eb66ff3c8b0
Add serive "hardwareproperties" and methods getDeviceTemperatures,
getCpuUsages and getFanSpeeds to retrieve hardware properties:
device temperatures (CPU, GPU and battery), CPU usages and fan speeds.
This is a public API.
Bug: 22407109
Change-Id: If7efcbba7b160256d41704b60d93a7218dcc79d7
Differentiate the top app from other foreground apps in
ActivityManager. This lets us place the top app in its own cpuset, where
it can have its own exclusive core.
Change-Id: I90f5c39272724db37f0da226785b03d08e2e04c4
New API for an app to request creating a new user with
a given user name and seed account information for the
SetupWizard to use when that user is switched into.
Also adds system APIs to read the seed account data from
UserManager.
Bug: 22776757
Change-Id: I0bc3f11ee19c15e0ee2a908c88d98b13296cc30d
Before this change, scanning a package aggressively tried checking
to ensure that private app data was prepared. However, in an FBE
world we may not have access to that data at scan time. So this
change shifts the preparing of private app data until later: it
prepares DE storage when a user is started, and CE storage when a
user is unlocked. Wire ourselves into the user lifecycle so we can
prepare storage at both user start and unlock.
When DE/CE storage becomes available, this change reconciles any
found packages against known installed apps, and deletes any orphaned
data directories.
We now need to store the last-restorecon hash in an xattr on a
per-user directory basis, since we can't restorecon CE storage until
it's unlocked, or adopted storage until it's mounted. Remove a
bunch of used logic for loading dynamic SELinux policy at runtime;
our policy always comes from the system image.
Bug: 26466827, 26544104
Change-Id: I8d0a4ef862c35f4e4ef5c7f20d3bb8f12ba3fd4b
Changes made in the cl:
1. Let DeviceIdleController take listeners on whether background
maintanence services are active. This currently includes JobScheduler,
SyncManager, DownloadService. Note this is the last known
states reported by these services.
2. In JobScheduler, make the idle threshold and alarm window configurable.
So in the car case, we don't need to wait 71 mins after screen off
to kick off any jobs that require device idle.
-------------------------------------------------------------------
* We are not going to suppress JobScheduler, DownloadService, SyncManager
entirely while user is driving. Because apps may not be working properly if
these services are suspended.
* The jobs that we don't allow to run while driving are the
jobs submitted to JobScheduler that require device idle.
And this is already taken care of, because
screen is ON and JobScheduler will not consider the device to be idle
while driving (unless user turns off the head unit).
* We will need to give the JobScheduler a chance to run the device idle
jobs when car is turned off. This is the scope of GarageMode. If
DownloadService and SyncManager want to run, we will allow them to run
too.
* The headunit is treated as wall power device, so it's always charging.
The charging state will not toggle.
Change-Id: I55b92cf92efd61c48dd6c9b8197c2b68078a4439
