Commit https://android.googlesource.com/kernel/common/+/f0ce0eee added
CAP_SYS_RESOURCE as a capability check which would allow access to
sensitive /proc/PID files. system_server uses this capability to collect
smaps from managed processes. Presumably this was done to avoid the
implications of granting CAP_SYS_PTRACE to system_server.
However, with SELinux enforcement, we can grant CAP_SYS_PTRACE but not
allow ptrace attach() to other processes. The net result of this is that
CAP_SYS_PTRACE and CAP_SYS_RESOURCE have identical security controls, as
long as system_server:process ptrace is never granted.
Add CAP_SYS_PTRACE to the set of capabilities granted to system_server.
Don't delete CAP_SYS_RESOURCE for now. SELinux has blocked the use of
CAP_SYS_RESOURCE, but we still want to generate audit logs if it's
triggered. CAP_SYS_RESOURCE can be deleted in a future commit.
Bug: 34951864
Bug: 38496951
Test: Device boots, functionality remains identical, no sys_resource
denials from system_server.
Change-Id: I2570266165396dba2b600eac7c42c94800d9c65b
(cherry picked from commit 3082eb7c72)
This is done on wear power button doesn't turn off the screen,
when the device wakes from keyguard UI isn't visible yet, so
it needs to react to power press in some way.
Bug: 35147955
Change-Id: I22619ea446770d09b53370e9244215646b60a9db
We already does this on start. Now we also do the same when
the list of options changes.
Test: locally on device
Bug: 34470067
Change-Id: Ib184d67b532c5afd584fb9cd52daac69a7c50d0a
The offset used to adjust MotionEvents for swipe velocity tracking
was incorrect, and caused issues when touch points where close
together. Fixed the offset used, which resolved swiping issues.
Bug: 34673753
Change-Id: Ide6060b511510bcf299e3db778e6ffc6afda5e19
Cancelling swipe-to-dismiss will trigger a check to ensure the window
is reset to its original state. Ensure that the reset is actually
required before setting the new layout attributes.
Bug: 34816397
Change-Id: Idf26ce7c8b63dc44a76effefcb32eb8d8665f605
Preloading GLES drivers in Zygote was removed previously since it is
incompatible with updatable drivers. That caused some app startup
latency and system memory use regressions. This change re-adds GLES
driver preloading, but only on devices that don't support driver
updates.
Bug: 34611670
Bug: 35052548
Test: boot angler, systrace of Calculator app startup
Change-Id: Ibdc6b3c0ba4473574722641d4bfad4b375f908a3
(cherry picked from commit ba0370eef3)
Instead of
(current charge) * (current battery level percentage)
the formula should be
(current charge) / (current battery level percentage)
to estimate the charge at 100% battery level.
Bug: 34255953
Fixes: 34255953
Test: formula change CL. No existing unit tests found.
Change-Id: I56ef7af3fb097a3082e0ef24329f522d2a0229cc
(cherry picked from commit 9238b6124c)
Fixes a bug in MessagingLinearLayout where we would not
recompute the height of it after applying the computed
insets to the text views, leading to incorrect padding
and in rare cases a cut off message at the bottom.
Change-Id: If87a527555158e94e501832e9f49e380cc7da2bb
Test: runtest -x core/tests/coretests/src/com/android/internal/widget/MessagingLinearLayoutTest.java
Fixes: 31463075
(cherry picked from commit 4ac8f40d96)
Preloading EGL in Zygote was originally a memory footprint
optimization, but it turns out to be an important app startup time
optimization as well. Preloading EGL in Zygote is incompatible with
updatable graphics drivers, but we don't want to do it on-demand as
part of drawing the first frame either, since that increases
first-frame latency unacceptably.
This change removes Zygote preload, and instead loads EGL on a
low-priority background thread immediately after choosing which
graphics driver to use. This means it is usually done well before
drawing the first frame, without significantly disrupting other
activity launch work.
Test: observe systrace of Calculator launch on bullhead
Bug: 34404021
Change-Id: I6a0f6b90ade21848a10d51ddae62c936f70151b5
Merged-In: I887aa09bd35b088b16f53a89838a0c7c98f15761
It's not clear this actually makes much difference on modern
devices/drivers. With updatable graphics drivers, we'd have to be able
to unload the preloaded driver from processes that don't use the
system driver, which is additional complexity and risk.
On bullhead and sailfish, meminfo actually showed slightly more memory
available while sitting at launcher just after boot with this change
than previously. Looking at detailed stats, the differences appeared
to mostly within run-to-run variation, but there wasn't evidence of a
regression.
Bug: 33531483
Test: boot through lockscreen/launcher
Change-Id: I1892302c1750cdbeaf5b9979f8da4dc6bd7b3e75
Merged-In: I1892302c1750cdbeaf5b9979f8da4dc6bd7b3e75
On FBE devices, don't save the metrics to disk but compute them when the
password is first entered and only store them in RAM.
Merged-in: 5daf273b7e
Bug: 32793550
Change-Id: Icee7f615167761177b224b342970a36c7d90f6ba
In some cases (e.g. Android Wear) SystemWindowInsets can be non-zero
due to overscan layout hints even when no SystemUI is present.
This change resepects the overscan flag on input method windows
allowing an IME to opt-out of the navigation bar guard and receive
full-height content view.
BUG: 32700226
Change-Id: Ic38f204a892bf34e8dae65990d5aa8c95af555d8
OEMs can overlay the default 9 dots by providing two drawables that represent
those dots:
* lockscreen_notselected: asset to display when a cell has not been selected.
* lockscreen_selected: asset to display when a cell has been selected.
BUG: 33755663
Change-Id: Ic595b01f5e1321696b7a3feb0ff73c1acccfb942
* changes:
DO NOT MERGE IP Connectivity metrics: add connect() statistics
DO NOT MERGE Fix IP connectivity metrics tests
DO NOT MERGE IP connectivity metrics: introduce ConnectStatistics and DNS statistics
DO NOT MERGE IP connectivity metrics: add transport field.
