Internal logic relies on Arrays.copyOf(), so always give ourselves
valid arrays, using shared empty objects to save overhead.
Bug: 17502649
Change-Id: I5dbb00545bdfe45bbd48144ab505ea08cc92cbcd
Sessions can now zero-copy data directly into pre-allocated ASEC
containers. Then at commit time, we compute the total size of the
final app, including any inherited APKs and unpacked libraries, and
resize the container in one step.
This supports both brand new ASEC installs and inheriting from
existing ASEC installs. To keep things simple, it currently requires
copying any inherited ASEC contents, but this could be optimized in
the future.
Expose new vold resize command, and allow read-write mounting of ASEC
containers. Move native library extraction into the installer flow,
since it needs to happen before ASEC is sealed. Move multiArch flag
into NativeLibraryHelper, instead of making everyone pass it
around. Migrate size calculation to shared location.
Separate "other" package name in public API, provide a path to a
storage device when relevant, and add more docs.
Bug: 16514385
Change-Id: I06c6ce588d312ee7e64cce02733895d640b88456
This addresses a TODO and also makes it possible to create
routes to destinations that are not valid LinkAddresses, such as
multicast addresses.
Bug: 16875580
Change-Id: Id4c77b00dc3064bf27d78cdcbbe035e645748cfe
Anything which tests public API functionality will be moved to a
compatibility test suite.
The only remaining test is NetworkScorerAppManagerTest, which contains
unit tests for an internal helper class that is not (and should not
be) exposed via @SystemApi or otherwise.
Bug: 16355542
Change-Id: I478da97d3a4d09407992af37e45466dc484fa8cf
Separate definition of public keys and keysets in the manifest to better
represent their relationship. The 'key-set' tags should have nested additional
'public-key' tags that indicate which of the defined 'public-key' tags are
associated with them. The first use of a given 'public-key' name should define
its value; subsequent uses may refer to it only by name. 'key-set' and
'public-key' names may not intersect.
Also, change 'keys' tag to 'key-sets' to avoid issues with previous keysets
implementation.
Bug: 6967056
Change-Id: I7534e4a42326e97b67b55509187c0d3c21a2bb32
Introduces the upgrade-keyset tag to AndroidManifest.xml. This specifies a
KeySet by which an apk must be signed in order to update the app. Multiple
upgrade KeySets may be specified, in which case one of them must be used to
sign the updating apk. If no upgrade-keyset is specified, the current logic
involving signatures is used.
Current Key Rotation Design Decisions:
-Apps using a shared user id may not rotate keys.
-All acceptable upgrade keysets must be specified, including the key signing
the app. This enables key rotation in one update, but also 'locks' an app if
an incorrect upgrade keyset is specified.
-Minimal changes to existing KeySet code.
Bug: 6967056
Change-Id: Ib9bb693d4e9ea1aec375291ecdc182554890d29c
A candidate scorer may have an activity registered to listen for the
ACTION_CUSTOM_ENABLE intent action. If so, when the user attempts to
select this scorer as the active one, this custom activity will be
launched and will be responsible for requesting that the framework
activate the scorer. This is to enable more complex opt-in flows prior
to becoming the active scorer.
Scorers which do not specify this activity will default to using the
framework switcher (currently ActiveNetworkScorerDialog, though this
may change).
Note that all switches must still go through the framework switcher;
the opt-in activity simply allows scorers to first show another screen
and perform the framework switch on their own terms.
Bug: 15775314
Change-Id: I3847e5d3161a8fcc9622abc03218795697c32778
Allows scorer apps to set a custom name for the scoring functionality,
even if the app has other non-scoring responsibilities, in which case
the application's label would be too generic.
Bug: 15775300
Change-Id: I61a7d1966742d463508e6801b7845ced8392db84
In IPv4, a link is provisioned when DHCP succeeds. In IPv6, a
there is no such signal, because addresses and DNS servers can
be notified by the kernel at different times.
Add an isProvisioned method that returns true if we believe that
enough information has configured to use a network. For IPv6,
this requires an IP address, default route, and DNS server. For
IPv4, this requires only an IPv4 address, because we support
static configuration that doesn't have a default route or DNS
server.
To do this we use the existing hasIPv4Address method, rename the
all-but unused hasIPv6Address method to hasGlobalIPv6Address
(which is what we want anyway) and add new hasIPv[46]DefaultRoute
and hasIPv[46]DnsServer methods.
Bug: 9180552
Change-Id: Ib2f5ff8af920f7b6f1edf0e2afaaa0edce9bc72d
1. Realize that mDestination can never be null and update the
code accordingly.
2. Simplify isDefaultRoute.
3. Provide two new hidden utility methods, isIPv4Default() and
isIPv6Default(), that can be used by LinkProperties to
to determine if the system has connectivity.
4. Update tests.
Bug: 9180552
Change-Id: I85028d50556c888261d250925962bdedfe08e0c6
Require that method callers always provide relevant paths, instead of
relying on constructor. Move DisplayMetrics to be an overall parser
parameter, and move PARSE_TRUSTED_OVERLAY to flags.
Parse split APKs and apply deterministic ordering based on split
names. Assert consistent package name and version code across all
split APKs in a package, and enforce unique split names and required
base APK.
Collect certificates for split APKs, enforcing they're all signed
consistently. Better flow control and resource cleanup when
collecting certs. Refactor validation code so it's easier to reason
about. Cleaner maintenance of read buffer when draining stream
contents.
Change-Id: I8bc8c62095fbb933227b9e76ad8771f4b1246fe8
1. Allow IpPrefixes to be created from strings. In order to do
this, factor out the code from LinkAddress which already does
this to a small utility class in NetworkUtils.
2. Truncate prefixes on creation, fixing a TODO.
3. Add a toString method.
4. Write a unit test.
While I'm at it, make RouteInfoTest pass again, and convert it
to use IpPrefix instead of LinkAddress.
Change-Id: I5f68f8af8f4aedb25afaee00e05369f01e82a70b
It previously kept mPath separate from mScanPath for some very odd
edge cases around moving apps-on-SD. This changes it to always use
a single path, refactors moving to keep separate paths.
Refactors method names in PackageParser to be clearer about their
APK-versus-package relationship.
Beginnings of a split package parser. Instead of requiring that
callers check error codes when null, switch to always throwing on
parse errors, to require that callers deal with the error. Longer
term the entire parser should switch to this style, but its too
pervasive for a simple refactoring.
Change-Id: If071d8e55e46e56cc201fadfb51cb471713ae973
If these constants are zero (or, rather, if they're not all
different), the test will fail with more cryptic error messages
whose cause is not obvious. Clearly check for that here.
Bug: 15602893
Change-Id: I7ca4a9c5e3d592fd93fbfa1b50666a1861a0031d
This change uses IpPrefix only in the public API and continues
to use LinkAddress for everything else. It does not change the
callers to use the new APIs, with the exception of changing
all current uses of getDestination to getDestinationLinkAddress
to make room for the new getDestination method that returns an
IpPrefix.
Based on Sreeram's earlier change:
https://googleplex-android-review.git.corp.google.com/#/c/477874/
but a bit simplified and with a bit more documentation.
Bug: 15142362
Bug: 13885501
Change-Id: Ib4cd96b22cbff4ea31bb26a7853989f50da8de4e
(cherry picked from commit 7d3b4b9a3d4de9673119632da0ebd583e50126f7)
1. Rename getNetworkPrefixLength to getPrefixLength. Update all
callers in frameworks/base and add a shim method and a TODO
for the rest.
2. @hide isSameAddressAs. It doesn't add much, and it's just
one-liner that callers can implement if they want.
3. Fix the alignment of the initial paragraph (<ul> should have
been </ul>).
4. Remove the documentation that talks about creating
LinkAddresses, since there's no public API for creating them.
With these changes I think LinkAddress is fine as a public API.
Bug: 15142362
Change-Id: Iaf3b1db577745bb68a9e1dd7f96d666dd3f3ec7c
(cherry picked from commit 9ab53650cfcd91a2a151b44b3fd1381841f76269)
1. Rename getNetworkPrefixLength to getPrefixLength. Update all
callers in frameworks/base and add a shim method and a TODO
for the rest.
2. @hide isSameAddressAs. It doesn't add much, and it's just
one-liner that callers can implement if they want.
3. Fix the alignment of the initial paragraph (<ul> should have
been </ul>).
4. Remove the documentation that talks about creating
LinkAddresses, since there's no public API for creating them.
With these changes I think LinkAddress is fine as a public API.
Bug: 15142362
Change-Id: Iaf3b1db577745bb68a9e1dd7f96d666dd3f3ec7c
This change uses IpPrefix only in the public API and continues
to use LinkAddress for everything else. It does not change the
callers to use the new APIs, with the exception of changing
all current uses of getDestination to getDestinationLinkAddress
to make room for the new getDestination method that returns an
IpPrefix.
Based on Sreeram's earlier change:
https://googleplex-android-review.git.corp.google.com/#/c/477874/
but a bit simplified and with a bit more documentation.
Bug: 15142362
Bug: 13885501
Change-Id: Ib4cd96b22cbff4ea31bb26a7853989f50da8de4e
Adds methods for dealing specifically with long data types. Used by
PackageKeySetData as part of the KeySet work. Add appropriate test methods
to MoreAsserts as well.
Bug: 6967056
Change-Id: I1e263301b353e0cd1b45126be6ef5ec310f311a8
Installers are interested in both streaming APK data and establishing
a happens-after relationship to support resuming downloads after a
process kill or battery pull.
This exposes a generic OutputStream for writing, and hooks up flush()
to be a blocking call which returns only when all outstanding write()
data has been fsync()'ed to disk.
Tests to verify behavior.
Bug: 14975160
Change-Id: I38289867c80ac659163bb0c2158ef12d99cc570d
A network subsystem (e.g. Wi-Fi) will be responsible for implementing
INetworkScoreCache. NetworkScoreService will load caches for each
configured network subsystem. When it receives a call to update
scores, it will separate the networks by type and call updateScores on
the appropriate INetworkScoreCache.
Each subsystem will also be responsible for requesting scores for new
networks by calling NetworkScoreManager#requestScores.
Bug: 14408144
Bug: 14137255
Change-Id: I76e5e5205bc359c39d6b9c1782126fb7f465cd96
Define new FLAG_GRANT_PREFIX_URI_PERMISSION which indicates that a
Uri permission grant should also apply to any other Uris that have
matching scheme, authority, and path segments. For example, a prefix
grant for /foo/ would allow /foo/bar/ but not /foo2/.
Allow persistable and prefix grants to be issued directly through
grantUriPermission(). Relaxing persistable is fine, since it still
requires the receiver to actively take the permission.
Since exact- and prefix-match grants for the same Uri can coexist,
we track them separately using a new UriGrant key. (Consider the
case where an app separately extends READ|PREFIX and WRITE for
the same Uri: we can't let that become READ|WRITE|PREFIX.)
Fix revoke to always take away persisted permissions. Move prefix
matching logic to Uri and add tests. Add new flags to "am" tool, and
various internal uses around Intent and Context. Switch some lagging
users to ArraySet.
Bug: 10607375
Change-Id: Ia8ce2b88421ff9f2fe5a979a27a026fc445d46f1
This service will ultimately be responsible for propagating scores
down to lower-level network subsystems. For now, it just keeps scores
in memory and exposes these for debugging purposes via "adb shell
dumpsys network_score".
This change also adds provisioning of a default scorer. When
NetworkScoreService is first initialized, it checks to see if it has
ever set a default scorer; if not, it reads a package name from a
build config property and attempts to set it as the default.
Also add autogenerated equals/hashCode methods to all parcelables.
Bug: 14111427
Bug: 13786258
Change-Id: I02271171653d42e12acd240b73b9e23950744f6b
Allows listing all possible scorer apps, getting the active scorer
app, setting the active scorer app, and determining whether a given
UID is for the active scorer.
Note that setting a default scorer with a system image will be handled
separately - the plan here is to add a read-only build property
containing a package name to use as the scorer out of the box.
When NetworkScorerService is initialized, it will check a provisioning
bit; if that bit isn't set, it will set the current scorer to the
package specified in this build property (if any) and set the
provisioning bit to true.
Bug: 13769362
Change-Id: I18c0b2ba2aceccc88b70c3611a49149e0bf17ecf
NetworkKey represents the necessary information to identify a network
to be scored. ScoredNetwork contains the key to identify a network as
well as a score to be used when evaluating that network (as a curve
based on RSSI).
Bug: 13767776
Change-Id: I6bfebd105c9381e615513167b4332b767b43a23a
...and now fail conservatively when two apps both attempt to define
the same permission. Apps signed with the same certificate are
permitted to redefine permissions.
We also finally have a (hidden) interface class for observing package
installation so that we can now rev the interface without breaking
existing callers.
Bug 13551375
Change-Id: Ifa4e59154dcccbb286ee46a35a6f25e4ad0f0f01
