Adds a really crappy UI for toggling compat mode.
Persists compat mode selection across boots.
Turns on compat mode by default for newly installed apps.
Change-Id: Idc83494397bd17c41450bc9e9a05e4386c509399
This is the basic infrastructure for pulling a full(*) backup of the
device's data over an adb(**) connection to the local device. The
basic process consists of these interacting pieces:
1. The framework's BackupManagerService, which coordinates the
collection of app data and routing to the destination.
2. A new framework-provided BackupAgent implementation called
FullBackupAgent, which is instantiated in the target applications'
processes in turn, and knows how to emit a datastream that contains
all of the app's saved data files.
3. A new shell-level program called "bu" that is used to bridge from
adb to the framework's Backup Manager.
4. adb itself, which now knows how to use 'bu' to kick off a backup
operation and pull the resulting data stream to the desktop host.
5. A system-provided application that verifies with the user that
an attempted backup/restore operation is in fact expected and to
be allowed.
The full agent implementation is not used during normal operation of
the delta-based app-customized remote backup process. Instead it's
used during user-confirmed *full* backup of applications and all their
data to a local destination, e.g. via the adb connection.
The output format is 'tar'. This makes it very easy for the end
user to examine the resulting dataset, e.g. for purpose of extracting
files for debug purposes; as well as making it easy to contemplate
adding things like a direct gzip stage to the data pipeline during
backup/restore. It also makes it convenient to construct and maintain
synthetic backup datasets for testing purposes.
Within the tar format, certain artificial conventions are used.
All files are stored within top-level directories according to
their semantic origin:
apps/pkgname/a/ : Application .apk file itself
apps/pkgname/obb/: The application's associated .obb containers
apps/pkgname/f/ : The subtree rooted at the getFilesDir() location
apps/pkgname/db/ : The subtree rooted at the getDatabasePath() parent
apps/pkgname/sp/ : The subtree rooted at the getSharedPrefsFile() parent
apps/pkgname/r/ : Files stored relative to the root of the app's file tree
apps/pkgname/c/ : Reserved for the app's getCacheDir() tree; not stored.
For each package, the first entry in the tar stream is a file called
"_manifest", nominally rooted at apps/pkgname. This file contains some
metadata about the package whose data is stored in the archive.
The contents of shared storage can optionally be included in the tar
stream. It is placed in the synthetic location:
shared/...
uid/gid are ignored; app uids are assigned at install time, and the
app's data is handled from within its own execution environment, so
will automatically have the app's correct uid.
Forward-locked .apk files are never backed up. System-partition
.apk files are not backed up unless they have been overridden by a
post-factory upgrade, in which case the current .apk *is* backed up --
i.e. the .apk that matches the on-disk data. The manifest preceding
each application's portion of the tar stream provides version numbers
and signature blocks for version checking, as well as an indication
of whether the restore logic should expect to install the .apk before
extracting the data.
System packages can designate their own full backup agents. This is
to manage things like the settings provider which (a) cannot be shut
down on the fly in order to do a clean snapshot of their file trees,
and (b) manage data that is not only irrelevant but actively hostile
to non-identical devices -- CDMA telephony settings would seriously
mess up a GSM device if emplaced there blind, for example.
When a full backup or restore is initiated from adb, the system will
present a confirmation UI that the user must explicitly respond to
within a short [~ 30 seconds] timeout. This is to avoid the
possibility of malicious desktop-side software secretly grabbing a copy
of all the user's data for nefarious purposes.
(*) The backup is not strictly a full mirror. In particular, the
settings database is not cloned; it is handled the same way that
it is in cloud backup/restore. This is because some settings
are actively destructive if cloned onto a different (or
especially a different-model) device: telephony settings and
AndroidID are good examples of this.
(**) On the framework side it doesn't care that it's adb; it just
sends the tar stream to a file descriptor. This can easily be
retargeted around whatever transport we might decide to use
in the future.
KNOWN ISSUES:
* the security UI is desperately ugly; no proper designs have yet
been done for it
* restore is not yet implemented
* shared storage backup is not yet implemented
* symlinks aren't yet handled, though some infrastructure for
dealing with them has been put in place.
Change-Id: Ia8347611e23b398af36ea22c36dff0a276b1ce91
First step of improving app screen size compatibility mode. When
running in compat mode, an application's windows are scaled up on
the screen rather than being small with 1:1 pixels.
Currently we scale the application to fill the entire screen, so
don't use an even pixel scaling. Though this may have some
negative impact on the appearance (it looks okay to me), it has a
big benefit of allowing us to now treat these apps as normal
full-screens apps and do the normal transition animations as you
move in and out and around in them.
This introduces fun stuff in the input system to take care of
modifying pointer coordinates to account for the app window
surface scaling. The input dispatcher is told about the scale
that is being applied to each window and, when there is one,
adjusts pointer events appropriately as they are being sent
to the transport.
Also modified is CompatibilityInfo, which has been greatly
simplified to not be so insane and incomprehendible. It is
now simple -- when constructed it determines if the given app
is compatible with the current screen size and density, and
that is that.
There are new APIs on ActivityManagerService to put applications
that we would traditionally consider compatible with larger screens
in compatibility mode. This is the start of a facility to have
a UI affordance for a user to switch apps in and out of
compatibility.
To test switching of modes, there is a new variation of the "am"
command to do this: am screen-compat [on|off] [package]
This mode switching has the fundamentals of restarting activities
when it is changed, though the state still needs to be persisted
and the overall mode switch cleaned up.
For the few small apps I have tested, things mostly seem to be
working well. I know of one problem with the text selection
handles being drawn at the wrong position because at some point
the window offset is being scaled incorrectly. There are
probably other similar issues around the interaction between
two windows because the different window coordinate spaces are
done in a hacky way instead of being formally integrated into
the window manager layout process.
Change-Id: Ie038e3746b448135117bd860859d74e360938557
To avoid blowing past the Binder IPC limit, change the
PackageManagerService to have a DB-like interaction where the client
tells the service the last "row" that it read.
The fact that we use a HashMap instead of a TreeMap makes this
problematic. For now we're just making a new ArrayList for the keys and
then sorting them for each call. This can make the API slower for callers
of this, but it's probably greatly overshadowed by the cost of the data
transfer itself.
Bug: 4064282
Change-Id: Ic370fd148d4c3813ae4f2daffa1a7c28d63d5a09
- Create /data/user directory and symlink /data/user/0 -> /data/data for
backward compatibility
- Create data directories for all packages for new user
- Remove data directories when removing a user
- Create data directories for all users when a package is created
- Clear / Remove data for multiple users
- Fixed a bug in verifying the location of a system app
- pm commands for createUser and removeUser (will be disabled later)
- symlink duplicate lib directories to the original lib directory
Change-Id: Id9fdfcf0e62406a8896aa811314dfc08d5f6ed95
This seems simpler and more contained, and I think the comment explaining
why hoop-jumping is necessary is a bit clearer now.
Change-Id: Ief4afd7cbb42188ed835fce23e497520bdb753a8
through listener during video playback.
- Add OnTimedTextListener in the MediaPlayer
For feature request 800939.
Change-Id: I65072c27acb4c0037109a72be38c73e9f667420f
Activity manager now does all dump requests into apps
asynchronously, so it can nicely timeout if there is an
app problem. Also lots of general cleanup of the am
dump output.
Change-Id: Id0dbccffb217315aeb85c964e379833e6aa3f5af
* Add ability to select different personas to generate the path to be
created.
* Move hardcoded paths to read from init's set environment.
* Add unit tests for all the utility functions that build strings to
make sure they're correct.
* Fill in persona with "0" all the time now. Will be plumbed through in
later CL.
Change-Id: I0a7f6e3640cb6b052f8823080886ee79e90b679f
this is the first step in unifying surfacetexture and surface.
for this reason the header files were not moved, as most of them
will eventually go away.
NOTE: currently we keep libsurfaceflinger_client.so as an empty
library to workaround prebuilt binaries wrongly linking against
it.
Change-Id: I130f0de2428e8579033dc41394d093f4e1431a00
o Update the copyright date on InputDispatcher_test.cpp and InputReader_test.cpp
because these two files were moved from other places to the current location,
and were actually created in 2010.
bug - 4119349
Change-Id: Ic93b81ddafb58e9e72a2e9e02ca3d9f173d6dca7
Before the IPackageDeleteObserver only knew whether the deletion
succeeded or failed, but not the reason why.
Bug: 2520191
Change-Id: I1f0d7c04f06c539660b6e17e7e133defb0f61b5b
- Some of the commands used by dumpstate, which drops root, will not collect
anything during a bug report. E.g. df fails on /mnt/secure/asec.
- force flushing of error message
. without the flush (using gingerbread and not master)
*** netcfg: Exit code 255
. with the flush()
*** exec(netcfg): Permission denied
*** netcfg: Exit code 255
- add a check before using WEXITSTATUS()
Change-Id: Ia3924b9cc8a12cecab894cbf7f2c79614a358d34
Signed-off-by: JP Abgrall <jpa@google.com>
o Prepare for publishing MediaMetadataRetriever as public API
step one:
o replaced captureFrame with getFrameAtTime
o removed getMode
o Replace MediaMetadataRetriever.captureFrame() with MediaMetadataRetriever.getFrameAtTime()
as part of the preparation for publishing MediaMetadataRetriever as public Java API
o Remove captureFrame from MediaMetadataRetriever.java class
It has been replaced by getFrameAtTime() method
o Replace extractAlbumArt() with getEmbeddedPicture() in MediaMetadataRetriever.java
o Publish MediaMetadataRetriever.java as public API
o Removed setMode() methods and related mode constants
o Removed some of the unused the metadata keys
o Updated the javadoc
o part of a multi-project change.
bug - 3309041
Change-Id: I2efb6e8b8d52897186b016cb4efda6862f5584c4
o Removed setMode() methods and related mode constants
o Removed some of the unused the metadata keys
o Updated the javadoc
o part of a multi-project change.
bug - 2433195
Change-Id: I5ed167f1fd6a53cb143b7dc385b149431d434438
The public API is not supposed to require the BACKUP permission in order
for an application to restore its own last-known-good backup data. However,
as currently implemented, BackupManager.requestRestore() [the public API
in question] depends on private Backup Manager methods that *do* enforce
that permission. The net result is that the method cannot be successfully
used by third party applications: it will throw an exception if attempted.
This CL restructures the permission checking involved.
First, the underlying beginRestoreSession() operation can now be passed a
'null' transport name; if this is done, then the restore session is begun
on whatever the currently-active transport is. Looking up the name of the
active transport is one of the permission-guarded actions that was required
with the initial implementation.
Second, a package name can now be passed to beginRestoreSession(). If
this is done, then the restore session can only be used to perform a
single-package restore of that one application. The BACKUP permission is
not required if the caller is tying the restore to its own package name.
In combination, these changes permit BackupManager.requestRestore() to
function without the calling app needing to hold any special permission.
The no-permission case is intentionally quite narrow: the caller must
hold the permission unless they both (a) pass 'null' for the transport
name, thereby accepting whatever the currently active transport is, and
(b) pass their own package name to restrict the restore session only
to their own app.
External bug http://code.google.com/p/android/issues/detail?id=10094
Internal bug 3197202
(Cherrypick from master to gingerbread)
Change-Id: Ie20b0bd2420345ce6eda178f854680b558f6372a
Added support for loading the pointer icon from a resource.
Moved the system server related bits of the input manager out
of libui and into libinput since they do not need to be linked into
applications.
Change-Id: Iec11e0725b3add2b905c51f8ea2c3b4b0d1a2d67
commit eaeaa2672d4e0a82891493b2bde8bdd0c0e79a1b
Author: Andreas Huber <andih@google.com>
Date: Thu Dec 23 10:26:48 2010 -0800
Remove lowest bandwidth stream if using the legacy player.
Change-Id: I2f885e26344996de9152f8fda9fd6bdef89bf953
commit 7d652972615b2750fd8f1c21b9fab0e136df2b82
Author: Andreas Huber <andih@google.com>
Date: Thu Dec 23 10:14:36 2010 -0800
Don't clear the packet source's format for legacy discontinuities.
Change-Id: I9bd5a21b9bd28043ad38bd0658ccc8eda3c1079a
commit 2b18a45aac17cbfe1aa089d0f6510957d438dd64
Author: Andreas Huber <andih@google.com>
Date: Thu Dec 23 10:13:55 2010 -0800
Use NuPlayer for HTTP live streaming based on runtime property.
adb shell setprop media.httplive.enable-nuplayer true
Change-Id: I22738df3403985dc8e6992b1ab5da5747309f773
commit 50d899fb7b9ea52c3994b0a58e993998d926aeed
Author: Andreas Huber <andih@google.com>
Date: Wed Dec 22 16:25:22 2010 -0800
Make ACodec a lot less verbose.
Change-Id: I94c7e499b61032321ffaf999f5ad2c913cde6a48
commit b19e1740cb4d02990a56844654b5d019987c6405
Author: Andreas Huber <andih@google.com>
Date: Wed Dec 22 16:22:22 2010 -0800
Wait until we have fresh codec-specific-data before instantiating the decoders
after a discontinuity involving a format change.
Change-Id: I7bcf9b5ae3319f08bf8978a117e8ee5220902e37
commit 06428c006906c9099e430aface3b439ff1d36ecc
Author: Andreas Huber <andih@google.com>
Date: Wed Dec 22 15:20:38 2010 -0800
Disable random seeks in the streaming tool for now.
Change-Id: Ie86fde422dcfc4b2c7a01be51a193fda9c88cd71
commit e19db68f3bea8a61c191f60f6940f30e3a0d5f1b
Author: Andreas Huber <andih@google.com>
Date: Wed Dec 22 15:20:27 2010 -0800
Tweak HTTP live parameters.
Change-Id: If4b71e12485facc523a8a43d8213d0feb190daab
commit 1e9942791538c2256b579d96c6c04264b0d8b087
Author: Andreas Huber <andih@google.com>
Date: Wed Dec 22 14:48:23 2010 -0800
Enable http live streaming through NuPlayer for http URLs containing the string m3u8
Change-Id: I1691fe12ae8f1507fe3673313959cd50bc324624
commit 4c33f96a6e499ee0efe0e70b687094430cb7c1c0
Author: Andreas Huber <andih@google.com>
Date: Wed Dec 22 14:40:27 2010 -0800
Support for HTTP live streaming in NuPlayer.
Change-Id: Iacba1c3ebaeb8d3b972185deaf4cff18c8009c54
commit ddf705ce553708bc5b13d89a878484cf839bd674
Author: Andreas Huber <andih@google.com>
Date: Wed Dec 22 13:42:47 2010 -0800
StreamingSource now a subclass of abstract NuPlayer::Source
Change-Id: Ia6c7c639628910b9d1f37decc55da48b07a70de3
commit 9e04a8406b1882a8e3fdeb7b4d52db5ae70b970a
Author: Andreas Huber <andih@google.com>
Date: Wed Dec 22 13:33:52 2010 -0800
Refactor media data sourcing to NuPlayer::Source.
Change-Id: I1db9fb08c4e527bf7b19c29978cf342c2b0a0bc9
Change-Id: I9610a097481dda58f22142eacda3ac2dba0b63f9
...current process has android.permission.WAKE_LOCK
When updating a system app, we would actually uninstall the package
of the system app, which also meant removing its uid...! It was just
luck that we would get the same uid when installing the update after
that. During that time, if anyone tried to do anything related to
that uid, it would be unknown.
This change tweaks how we go about replacing system apps by making
it more like normal apps -- to make this work, if we need to disable
the system app, we generate a new PackageSetting from the current
system app and replace it into our data structures, so we can update
that without trashing the current correct information about the (still
actually there) system app.
Also fixed a problem where we were not killing the currently running
app before installing, like we do when updating a normal application.
And fixed a problem where we were not deleting the /data .apk when
uninstalling a system app update.
And added a new option to the "pm" command to clear the data associated
with an app.
Change-Id: I0e879677849aa42950a3c360bf78ad820e87674b
