Exempted-From-Owner-Approval: Mechanical changes to the codebase
which have been approved by Android API council and announced on
android-eng@
Bug: 121237128
Bug: 120783643
Test: m appcompat
Change-Id: Ib7a8bdf3151290aa8a5ca85dc8650612432f0d59
This change adds simple APIs to watch for noted ops. We are now
reporting a callback for every note which could lead to too many
call but until this is found to be the case we stick to the simple
solution. We already have APIs to watch started and stopped ops
which in theory could have the same frequence as noted ops, so
this is consistent to our approach.
bug:117617221
bug:119323172
Test: atest androidx.test.runner.AndroidJUnitRunner
Change-Id: I46c4b00e765eb14df8c30471d2b80dda905b8125
This is often known by the system, though not always. But when
we do know it, it is really useful to maintain that info so we can
do queries like "give me all of the associations that package X is
involved with".
Bug: 121146315
Test: manual
Change-Id: I0dd7aeb9147ecfd65a510d3b2a8bb4a0fbab57e3
This is needed by making the setup wizard use only system-api.
Test: Built, switched USB port state
Change-Id: I8e56859a5b36e7de91691522a34f7d6f62dcbb20
Fixes: 115301401
Log (using TRON)
1. when smart replies and actions are shown in a notification, and
2. when a smart action is clicked.
Bug: 120767764
Test: manual - use logcat to ensure we log the correct values when a
notification is expanded / smart action is clicked.
Change-Id: I85dbc3ee355997142ad71b7b67a759e8fede94b6
Moving forward as we start enabling isolated storage in various
dogfood groups, we'll need to maintain separate values for the
feature flag for both "local" and "remote" opinions. Any strongly
expressed local opinion will always take precidence over any remote
opinion.
Any changes to these feature flags means that we need to invalidate
any PackageManager parsed APKs, since PackageParser changes it's
output depending on the flag state. Since other feature flags are
likely to need this type of invalidation in the future, define the
PackageManager cache using a SHA-1 hash of a collection of values
that should invalidate the cache.
Bug: 112545973
Test: atest android.os.SystemPropertiesTest
Change-Id: Ifafcdf15e40e694eb4126e06981aeb82df51da33
In general cases, we don't have multiple input methods simultaneously.
So that it may not make sense to have multiple focused window in the
system. Especially when there are multiple blinking cursors of input
boxes on different displays, the user may not be able to know which
input box can receive key events. In these cases, we let the system
has only one focused window.
In some cases, there can be multiple input methods simultaneously (one
for each display). To enable multiple users to interact with the
corresponding displays at the same time, we should let the system have
per-display focused window in these cases.
This CL makes per-display focus optional, and also reverts ag/5312657
Fix: 120241480
Fix: 120790099
Test: atest ActivityManagerMultiDisplayTests \
CtsWindowManagerDeviceTestCases \
WmTests
Change-Id: Ie030eed523599b217060887171710692d050e5d8
If apps have already been running on a device before the new isolated
storage feature is enabled, then they should get a "legacy" view
to continue working with minimal disruption. End users will be able
to revoke this legacy access through Settings UI.
This offers the best trade-off possible between keeping existing apps
working, and preserving user privacy moving forward.
Note that this legacy behavior only applies to apps that are already
installed and actively using storage before the feature was enabled;
all newly installed/reinstalled apps will always receive a sandbox.
Bug: 120287776
Test: atest android.appsecurity.cts.ExternalStorageHostTest#testExternalStorageIsolatedLegacy
Change-Id: Ie98e9f89be44ffdb17fe5a0929711ecf5688297a
ART expects the parent of the system server class loader to
be the boot class loader during AOT, so use that at runtime too.
bug: 120039104
Test: boot test
Change-Id: I164f98d319f875d24baa360a4b3d152e8e2fc4d9
New external storage mount mode for installers so
that they can access obb dirs of all apps.
Bug: 111789719
Test: atest android.appsecurity.cts#testExternalStorageObbGifts
Change-Id: Ifab3c0702a431d542a6a3ae82ca8b67d9fcd7506
This allows the system to be configured so that certain applications
are only allowed to do top-level interactions with a hard-coded set
of other applications. This provides static enforcement of certain
security policies like "app A can only interact with the system and
app B, and even if updated can not directly have incoming or outgoing
interactions with other apps."
For example to limit a the package com.google.android.as to only
interact with telephony and contacts (in addition to the core
system):
<allow-association target="com.google.android.as"
allowed="com.android.providers.telephony" />
<allow-association target="com.google.android.as"
allowed="com.android.providers.contacts" />
Also improve procstats output to be able to print all associations
related to a process. (I wanted to be able to do this by package,
but we don't have enough data in associations. :p)
Bug: 111276913
Test: Manual so far
Change-Id: I61b7f2d2b5c2c3d82b278e6678b600b579b19fb7
As part of storage privacy work in Q, we're trying to help users
understand the impact of OPEN_DOCUMENT_TREE choices, and the best way
is to show statistics about what's actually contained inside a tree.
Define "count" and "size" statistics, and populate them for all
FileSystemProvider instances.
Bug: 117975747
Test: atest android.provider.cts.DocumentsContractTest
Change-Id: Ib3f8f208c619141c26abaee0137641f12b009c8f
Currently checkParcel might throw for instance although this is not
enabled by default.
Test: atest binderLibTest BinderWorkSourceTest BinderCallsStatsServiceTest
Change-Id: Ia836da7daa690dfa176d48cfe86ca4b7eb7cccc6
Bug: 120096113
Test: Build with built-in libraries that declares new depedency flag, no
more boot errors (tested with cheets_x86_64 and crosshatch_userdebug)
Change-Id: I6b3e2ab7626ed8f04c0bf1a5b3c32204a2f2c56b
Sometimes, very similar devices share the same exact images but use
slightly different hardware. In this case, they distinguish themselves
with skus like ro.boot.product.hardware.sku. This SKU is also used to
distinguish between which HALs are exposed in the VINTF manifest.
In this CL, we add the following locations to read from:
odm/etc/sysconf/sku_${sku}/*.xml
odm/etc/permissions/sku_${sku}/*.xml
Only the configurations already available to be set from the ODM image
can be set here.
Bug: 119129238
Test: boot
Test: manually use unavailable-feature from odm sku directory
Change-Id: I465ac818e5c68f1118668f13b45940fd8fa0fa62
