Escrow token provides an alternative way to derive synthetic password for a
given user. In the new flow, a pre-provisioned escrow token
should be able to do anything the user password can do, since they both
derives the synthetici password which is the master key in the new auth flow.
Test: runtest frameworks-services -c com.android.server.SyntheticPasswordTests
Bug: 33126414
Change-Id: Ib5ee38fd61f66de3245427ce992ebc12f1873a26
The user password is used to unlock a per-user synthetic password which
serves the purpose of what the user password previsouly achieves (protect
keystore, vold disk encryption, auth token generation).
Test: runtest frameworks-services -c com.android.server.SyntheticPasswordTests
Test: manual
1. Start with fresh device, enable synthetic password with "adb shell cmd lock_settings sp 1"
1.1 add device lock, reboot and verify (positive & negative); change device lock, reboot and verify.
1.2 Inflate a work profile, reboot and verify device lock. check SID with "adb shell dumpsys lock_settings"
1.3 Un-unify and add work challenge, reboot and verify work challenge and SID.
1.4 Re-unify work challenge, reboot and verify.
1.5 Clear device lock, reboot and verify lock and SID.
2. Start with a fresh device, add a device lock and inflate a work profile.
2.1 Enable synthetic password, note current SID
2.2 Reboot and unlock device. Verify synthetic password is generated and SID remains.
2.3 Clear device lock, reboot and verify (SID should be cleared)
3. Start with a fresh device, inflate a work profile, add separate work challenge
3.1 Enable synthetic password, not current SID
3.2 Reboot and unlock device and profile. Verify synthetic password is generated.
3.3 Clear device lock only, reboot and verify (work profile SID should remain)
All steps tested on marlin (FBE) and bullhead (FDE)
Bug: 33126414
Change-Id: Idb9ebfc7bba2fe40670c5fee2189e873d9704540
Implement support for downloadable font requests in xml. Given the
xml fonts feature in O, this adds support to not only declare
local font files as font resources, but also Downloadable fonts
from a fonts provider.
A provider returns a font family (of one or more files) given a
query, so the new attributes are added to the font-family tag.
Additionally, add support to pre-declare downloadable font resources
in the Android Manifest. These will then be fetched at app startup
time so they are available to use from the Typeface cache asap.
When retrieving downloadable fonts via resources, the cache is
checked to see if the font is already there and is used, otherwise
a request is sent to the provider and the default font is returned
as we need a result synchronously.
To do this, the developer declares an additional fonts xml resource
file with the list of fonts to preload and links it in the manifest
with a meta-data tag.
E.g.:
res/font/mydownloadedfont.xml
<font-family xmlns:android="http://schemas.android.com/apk/res/android"
android:fontProviderAuthority="com.example.test.fontprovider"
android:fontProviderQuery="myrequestedfont">
</font-family>
res/font/preloaded_fonts.xml
<?xml version="1.0" encoding="utf-8"?>
<font-family xmlns:android="http://schemas.android.com/apk/res/android">
<font android:font="@font/mydownloadedfont" />
</font-family>
and in the AndroidManifest.xml
<meta-data android:name="preloaded_fonts"
android:resource="@font/preloaded_fonts" />
Bug: 34660500, 34658116
Test: WIP, need to add more
Change-Id: I1d92555e115e241bf23b59e6f5c6cca6c7361de7
* Fix a layering issue where auto-fill manager which is in view
depended on activity which is in app
* Moved auto-fill classes to view or service based on their
purpose and removed dependecy on the classes in view to the
classes in service
* Push state to local auto-fill manager whether auto-fill is
enabled to avoid making IPC for every focus transition if
the user did not enable the feature
* Remove unnecessary offload to messages when handling calls
to auto-fill manager service as these are made over a oneway
interface and in general they do almost no work and typically
we do these on the binder thread
* Removed id from data set and fill response as the provider
can embed everything it needs to id them in the auth pending
intent
* Enforce the auth UI to be only an activity as this will work
with multi-window, recents, and back and also does not require
draw on top of other app special permission
* Authentication also no longer requires passing a remotable
callback to the auth activity but the activity handles the
request as if called for a result
* Handling stopping of a user to clean up in-memory state as
well as handling when a user gets unlocked as a provider may
be non-direct boot aware
* User the correct context when creating an auto-fill manager
* Move the receiver that listens for requests to hide system
windows to the manager service as the UI is a singleton and
no need every per-user state to register its own
* Removed extras from dataset as the only case a provider needs
to associate state with a dataset is for auth and the provider
can embed this data in the auth pending intent
Test: manual and CTS
Change-Id: I4bc54c13cf779d7f6fdb3ab894637f9fac73f603
Cancelling swipe-to-dismiss will trigger a check to ensure the window
is reset to its original state. Ensure that the reset is actually
required before setting the new layout attributes.
Bug: 34816397
Change-Id: Idf26ce7c8b63dc44a76effefcb32eb8d8665f605
setImeWindowStatus() introduced in the previous CL [1] can help
WindowManagerService (WMS) address Bug 34628091. As a preparation
this CL has InputMethodManagerService propagate relevant information
to WMS WMS for later use.
[1]: I9921b381e02106dbffff5e0b3d13f0a1245ce807
db2afde0e584904ee4ce115ce176a4dfe1773990
Test: Verified the callback in WindowManagerService as follows:
1. Rebuild the system with DEBUG_INPUT_METHOD=true
2. adb logcat -s WindowManager:*
to make sure the visibility passed to
WindowManagerService#updateInputMethodWindowStatus matches
to the actual IME window visibility
Bug: 34628091
Bug: 35079353
Change-Id: I54fb1faf513883a54293a756e4c9d2ae9453d778
This is part of work to introduce historical debugging infrastructure
for Android IME.
In this CL, we will focus on the following two event flows.
A1. IMMS#attachNewInputLocked() queues MSG_(RE)START_INPUT to deliver
new InputConnection/EditorInfo to the current IME
A2. The IME triggers IMS#onStartInput()/IMS#onRestartInput() and
updates the following fields:
- InputMethodService#mStartedInputConnection
- InputMethodService#mInputEditorInfo
B1. IME is expected to call back IMM#setImeWindowStatus() to notify
its window visibility change to IMMS.
B2. IMMS updates the following field if the caller is still the
current IME.
- InputMethodManagerService#mImeWindowVis
What this CL aims to do is to enable IMMS to access A1 state when it
was in B2 state, by considering that for given a B1 the last A2
happened before B1 is the cause of B1 and B2.
To do this, IMMS issues a binder token in A1 and each IME keeps it
so that it can be passed in B1. By using this Binder token as a key,
IMMS can keep tracking state snapshot taken from each A1. Note that
those state snapshots keep alive until the Binder token's proxy in the
IME process loses strong reference from its GC root.
Test: Make sure `adb shell dumpsys input_method | grep mImeWindowVis`
matches to the IME window visibility.
Test: Make sure the current IME is not receiving any
InvalidParameterException from IMMS.
Bug: 35079353
Change-Id: I9921b381e02106dbffff5e0b3d13f0a1245ce807
...Intent { flg=0x100 cmp=com.android.systemui/.SystemUIService }
to com.android.systemui/.SystemUIService from pid=28245 uid=1000 pkg=android
Rework the persistent app check to just directly look at the package
manager (but as efficiently as possible). My idea for trying to keep
this in the UidRecord was stupid. :p
Test: manually tested it boots
Change-Id: I5a88717a27fa3529048d37a853518a3ec04055db
Currently ACTION_DOWN and ACTION_SCROLL cause
entering touch mode regardless of the event source.
This is especially awkward for mouse.
This should only happen when the event source is
SOURCE_TOUCHSCREEN.
Bug: 35314124
Test: android.cts.view.ViewTest#testTouchMode
Change-Id: I2205d4240be4afcbd9a3ac5558e701f7cac51926
It won't throw SecurityException, but it'll pretend there's
no apps on the other profile.
- Also log an error about it, in the client side process.
- Also still send WTF() about the reverse access.
Bug: 34650921
Bug: 34340531
Test: adb shell am instrument -e class com.android.server.pm.ShortcutManagerTest1 -w com.android.frameworks.servicestests
Test: adb shell am instrument -e class com.android.server.pm.ShortcutManagerTest2 -w com.android.frameworks.servicestests
Test: adb shell am instrument -e class com.android.server.pm.ShortcutManagerTest3 -w com.android.frameworks.servicestests
Test: adb shell am instrument -e class com.android.server.pm.ShortcutManagerTest4 -w com.android.frameworks.servicestests
Test: adb shell am instrument -e class com.android.server.pm.ShortcutManagerTest5 -w com.android.frameworks.servicestests
Test: adb shell am instrument -e class com.android.server.pm.ShortcutManagerTest6 -w com.android.frameworks.servicestests
Test: adb shell am instrument -e class com.android.server.pm.ShortcutManagerTest7 -w com.android.frameworks.servicestests
Test: adb shell am instrument -e class com.android.server.pm.ShortcutManagerTest8 -w com.android.frameworks.servicestests
Test: adb shell am instrument -e class com.android.server.pm.ShortcutManagerTest9 -w com.android.frameworks.servicestests
Test: adb shell am instrument -e class com.android.server.pm.ShortcutManagerTest10 -w com.android.frameworks.servicestests
Test: cts-tradefed run cts --skip-device-info --skip-preconditions --skip-system-status-check com.android.compatibility.common.tradefed.targetprep.NetworkConnectivityChecker -a armeabi-v7a -m CtsShortcutHostTestCases -t 'android.content.pm.cts.shortcuthost.ShortcutManagerMultiuserTest'
Test: cts-tradefed run cts --skip-device-info --skip-preconditions --skip-system-status-check com.android.compatibility.common.tradefed.targetprep.NetworkConnectivityChecker -a armeabi-v7a -m CtsDevicePolicyManagerTestCases -t 'com.android.cts.devicepolicy.LauncherAppsProfileTest'
Change-Id: I6164014685009db3f34a176a3f12c517766b2b49
