Now that we support unreachable routes, use those to block
address families on VPNs. This is a much more elegant solution.
Also update LinkProperties when IP addresses are added and
removed, fixing a TODO.
Bug: 17462989
Change-Id: Ib749d84710dca70d672350b9f129bb91419ec77e
Add the app directory to the arguments for starting a process.
Add a check for NeedsNativeBridge and a call to PreInitializeBridge
in the native fork code.
Change-Id: I0b93da93251c6b4638de786bf98cf99df07c3fc2
In addition to device owners, profile owners on the primary user
can also set user restrictions that are necessary to lock down the
user.
This is to enable the case of a profile owner registered after setup
wizard is completed, on the primary user.
Also make managed profile vs. profile wording consistent in the
DevicePolicyManager docs.
Bug: 17555025
Change-Id: Ib9d08b8af34a99b25e11757fa7dc83673a7deb32
- Add an explicit power manager call to set the low power mode state,
instead of trying manage everything around a single setting.
- When low-power mode is triggered by falling below the configured
threshold, it does not update the setting.
- The "is-enabled" api returns setting || below configured trigger.
- Move the snooze management into the new api call.
- Callers (sysui + settings) updated to use the api instead of the
setting.
- Handles the case where the level does an unpowered leap out of the
low battery level. (Possible if powered in-between while the device
is off)
Bug:17460535
Change-Id: Ic030504c9cad9868a7137abbe837b170da37852b
Right now different code in System UI, Settings app and other places replace the
user icon with their own default. This tries to make it consistent by moving the
mechanism used in Settings in a helper class.
Bug: 17311038
Change-Id: Ic858c65bf82a98b9806dbba029e7cdcf441f372e
Even though Shell user is allowed to perform cross-user actions,
lock that path down if the target user has restrictions imposed by
the profile owner device admin that prevents access via adb.
If the profile owner has imposed DISALLOW_DEBUGGING_FEATURES, don't
allow the shell user to make the following types of calls:
start activities, make service calls, access content providers,
send broadcasts, block/unblock packages, clear user data, etc.
Bug: 15086577
Change-Id: I9669fc165953076f786ed51cbc17d20d6fa995c3
This can be controlled by MDMs via DPM.
Also fixes:
- javadoc for restrictions
- persisting of cross profile copy/paste restriction
Bug: 17387303
Change-Id: Ie148f56189181d2a4c6345c0823d417ab13a94a3
For restore use-case, session creation needs to complete quickly, so
delay ASEC allocation until session is opened. When preflighting
size checks, only consider external when we have a known size for the
container. Also relax size checks when using MODE_INHERIT_EXISTING
on external, since we don't know how much of existing app will be
copied over.
Consider session as "active" while commit is ongoing, until we're
either finished or pending user interaction.
Always publish first client needle movement away from 0. Use 25% of
internal progress to reflect ASEC allocation.
Avoid CloseGuard messages about leaking PFDs.
Bug: 17405741, 17402982
Change-Id: I6247a1d335d26621549c701c4c4575a8d16ef8c2
Dumb, dumb, dumb mistake.
Also fix battery stats wakeup reason tracking to use a SamplingTimer
(like kernel wake locks) so we can track both the duration and count
for each wakeup reason.
Change-Id: I89d69661006dc533622b1b7e68a139166d3a6975
Added a user restriction when creating a guest.
Made sure that guests can't install profile owners that
could undo the restriction.
Bug: 17359648
Change-Id: Icdd919e8b1cbd79a69aacb76e573ec3449f18e4c
