New external storage mount mode for installers so
that they can access obb dirs of all apps.
Bug: 111789719
Test: atest android.appsecurity.cts#testExternalStorageObbGifts
Change-Id: Ifab3c0702a431d542a6a3ae82ca8b67d9fcd7506
This allows the system to be configured so that certain applications
are only allowed to do top-level interactions with a hard-coded set
of other applications. This provides static enforcement of certain
security policies like "app A can only interact with the system and
app B, and even if updated can not directly have incoming or outgoing
interactions with other apps."
For example to limit a the package com.google.android.as to only
interact with telephony and contacts (in addition to the core
system):
<allow-association target="com.google.android.as"
allowed="com.android.providers.telephony" />
<allow-association target="com.google.android.as"
allowed="com.android.providers.contacts" />
Also improve procstats output to be able to print all associations
related to a process. (I wanted to be able to do this by package,
but we don't have enough data in associations. :p)
Bug: 111276913
Test: Manual so far
Change-Id: I61b7f2d2b5c2c3d82b278e6678b600b579b19fb7
As part of storage privacy work in Q, we're trying to help users
understand the impact of OPEN_DOCUMENT_TREE choices, and the best way
is to show statistics about what's actually contained inside a tree.
Define "count" and "size" statistics, and populate them for all
FileSystemProvider instances.
Bug: 117975747
Test: atest android.provider.cts.DocumentsContractTest
Change-Id: Ib3f8f208c619141c26abaee0137641f12b009c8f
Currently checkParcel might throw for instance although this is not
enabled by default.
Test: atest binderLibTest BinderWorkSourceTest BinderCallsStatsServiceTest
Change-Id: Ia836da7daa690dfa176d48cfe86ca4b7eb7cccc6
Bug: 120096113
Test: Build with built-in libraries that declares new depedency flag, no
more boot errors (tested with cheets_x86_64 and crosshatch_userdebug)
Change-Id: I6b3e2ab7626ed8f04c0bf1a5b3c32204a2f2c56b
Sometimes, very similar devices share the same exact images but use
slightly different hardware. In this case, they distinguish themselves
with skus like ro.boot.product.hardware.sku. This SKU is also used to
distinguish between which HALs are exposed in the VINTF manifest.
In this CL, we add the following locations to read from:
odm/etc/sysconf/sku_${sku}/*.xml
odm/etc/permissions/sku_${sku}/*.xml
Only the configurations already available to be set from the ODM image
can be set here.
Bug: 119129238
Test: boot
Test: manually use unavailable-feature from odm sku directory
Change-Id: I465ac818e5c68f1118668f13b45940fd8fa0fa62
Hopefully no one has relied on this undocumented behavior that when
the caller has WRITE_SECURE_SETTINGS then null IME token is allowed in
IMM#switchToLastInputMethod().
Bug: 114488811
Test: CtsInputMethodServiceHostTestCases
Change-Id: Icb02c9bb52b11cff39b222198f4b67984676b9a6
It turns out that we had already rejected null IME token in
InputMethodManager#switchToNextInputMethod() since Android L [1].
Hence there is no need to keep this IPC any more.
There should be no developer-visible behavior change.
[1]: I043aa30a19c821f33effd57dfd6590b0e3ed817b
34c666472137a99a2ce5546b80bd04979d10ab7a
Bug: 114488811
Test: atest CtsInputMethodServiceHostTestCases
Change-Id: I72ee82d62e3bdce44f623604eca86ab3fe3df0bd
Since the NavBar will be supported for multi-display, for
single session IME, it will be possible that IME switcher icon
will shown on external display.
Add IMMS#showInputMethodPickerFromSystem for system modules (i.e.
Settings or SystemUI) to pass displayId for creating right display
context, so that IME switcher dialog can shown on the display
correctly.
Also Add a TODO item for ACTION_SHOW_INPUT_METHOD_PICKER notification
that currently only support showing IME picker for default display,
this should support per display after supporting status bar per display.
Bug: 119933861
Fix: 120050928
Test: manual, verify IME switcher dialog can shown on external display
when tapping IME switcher icon on external navbar.
Test: atest InputMethodManagerTest#testShowInputMethodPicker
Change-Id: Ic7d7c5a7ad8005a3fbd9d1c1b73e3c5a39a07001
When setting a password from DPM.resetPassword(), the actual quality of the
password was not passed to LockSettingsService (instead, the minimum required
quality was passed which is often UNSPECIFIED). As a result, during FRP we
would see inconsistent state and skip it.
Bug: 110172241
Test: Set credential via DPM.resetPassword(), factory reset device to trigger FRP, verify FRP shows.
Change-Id: I54376f60ac53451ace22965d331b47cd8c2e614e
- Set ThreadLocalWorkSource to the work source uid when app has the
UPDATE_DEVICE_STATS permission. We only enable that in system server for
now.
- By default, set ThreadLocalWorkSource to the calling uid since we
always trust this value.
- If an app sets a work source uid without having the right permission,
we just ignore it (we do not throw an exception)
A follow-up commit will update the code to use the worksource from the
beginning of the call. Currently we get the work source at the end
inside of BinderCallStats, however the value might have been changed
when executing onTransact.
Test: atest binderLibTest BinderWorkSourceTest BinderCallsStatsServiceTest
Change-Id: I351b8ac2b31feececc46c73f373f198b9b603c7e
In this CL, we add parameter displayId in some IStatusBar APIs and also
group flags into an inner class and make it exist per display.
TODO: 1. We left SystemUi implementation in later CL.
2. Investigate which part of disable should support multi-display
after main function completes.
3. Refactor registerStatusBar as an IStatusBar API.
Note: remove mLightsOutListener in NavigationBarTransitions since no one uses it.
Test: atest SystemUITests
Bug: 117478341
Change-Id: Ie50a72f5d18e1f055ff2be4f1d7ac06da0117051
Binder/Looper stats data is collected only when the device
is on battery. Adding the time on battery to dumpsys output
will make it easier to analize the data.
Test: UT and manually checked dumpsys output
Change-Id: I0536e718399181cb62f5de6bbd24a6fb73c26e7e
Fixes: 120092266
Test: - install apk https://drive.google.com/file/d/1eh2mCz-0Ymm4TghOaf46ZHdn2-M8bm6i/view?usp=sharing
- hardcode DefaultPermissionGrantPolicy to always run on reboot
- adb reboot
- ensure device bootloobs with an error from attached bug
- apply fix
- ensure device no longer bootloops
- ensure no error in logcat
Change-Id: If2387e963b63231b0b99a55fdb7e75187d07bd07
Inline image will consume 3x memory due to no cache implementation.
This patch apply cache mechanism to each ExpandableNotificationRow and
preloads images before inflation task.
Bug: 77956056
Test: runtest systemui, observe memory usage by AndroidProfiler
Change-Id: I2c488b1d98ddf2d4670904ed4b3e8028c0d0172e
Implements basic API's to control windows generating insets in
the new insets world.
Test: CTS tests will be added at some point in the future
Bug: 118118435
Change-Id: I722d2e58c68734ac131b12da3d9978e946292130
This logic will ensure that we have a limit for the number of items we
track to make sure we do not use too much memory.
We still have an overflow per uid in order to properly attribute the cpu
usage to the uids.
Test: atest BinderCallsStatsTest
Change-Id: Ife9f7249bae35d5c61a6d35ac9d25437d213e959
Change 1/2. Change 2/2 will setup the class loader namespace for
shared libraries.
This change sets up shared libraries class loaders for applications
and for dexopt.
bug: 111174995
Test: DexoptUtilsTest, device boots
Exempt-From-Owner-Approval: PS1 was approved by owner, PS2 is a build fix.
(cherry picked from commit 8d144eb8bd)
Merged-In: Ie9a2b4eaa85cda59951703433f7a2d03bc12095d
Change-Id: I76383308418485ad6739f8a404d02c2771e4afe4
