* Introduce a new "charger only" mode. In this mode, MTP is disabled,
and no file transfers can occur.
* Make charger only mode the default.
* Modify "persist.sys.usb.config" so it now only holds the adb status.
* Make the USB settings non-persistent. Unplugging the USB connection will
reset the device back to "charger only" mode.
* Fixup wording per UI guidelines.
TODO: Re-implement MDM restrictions for USB / MTP access controls.
Bug: 18905620
Change-Id: I99a50d9132a81e98187f431166fd9fef4d437e4f
- The mechanism to stop windows drawing while window animator was
animating was somehow flaky. It relied on the fact that the client
would call relayout() whenever the animating state changed. This is
mostly the case, but not for lockscreen animations. Instead, we now
use a push model, where window manager tells the app that the state
has changed.
- In addition, it only stopped drawing if that window was animating,
but then only resumed drawing after all windows have finished
animating. Now, we do this per window, so we only stop drawing for
windows that are currently animating.
- We resume the top activity now at the very beginning of the
unlocking sequence. This gives the app a chance to draw a frame
before the user sees anything. If it's to slow, then we just use the
outdated framebuffer.
Bug: 19964562
Change-Id: Ifef8abd189a3146d854b81b9b948861e4d38c155
bug 20822382
This corrects a copy&paste error placing F16 into F32.
Fixes an error disallowing vectors of fp16 types.
Change-Id: I34be1aa9a323d61a7121581ab9599d2c2d32dd42
If the hostname verifier calls SSLSocket#getSession() before the
handshake has been started, it will implicitly start the handshake.
However, it will swallow any errors and return the canonical invalid
SSLSession instead. This makes it extremely difficult to debug issues.
Instead start the handshake before calling into the verifier since we
are guaranteed to be the first caller of #startHandshake() and won't
cause a renegotiation. That will allow us to see the actual
SSLHandshakeException if it occurs.
Follow up for change 317c0a4959df0361431d5fbf7dacc162bfb48cd2
Bug: 21118659
Change-Id: I8c606a78ba8a990b4e0d28880b566867261fefbc
This CL addresses the comments from API Council about Android KeyStore
KeyPairGeneratorSpec, KeyGeneratorSpec and KeyStoreParameter:
1. These abstractions should not take or hold references to Context.
2. The Builders of these abstractions should take all mandatory
parameters in their constructors rather than expose them as
setters -- only optional paratemers should be exposed via setters.
These comments cannot be addressed without deprecation in the already
launched KeyPairGeneratorSpec and KeyStoreParameter. Instead of
deprecating just the getContext methods and Builder constructors, this
CL goes for the nuclear option of deprecating KeyPairGeneratorSpec and
KeyStoreParameter as a whole and exposing all of the AndroidKeyStore
API in the new package android.security.keystore. This enables this CL
to correct all of the accrued design issues with KeyPairGeneratorSpec
(e.g., naming of certificate-related methods) and KeyStoreParameter.
This also makes the transition to API Level M more clear for existing
users of the AndroidKeyStore API. These users will only have to deal
with the new always-mandatory parameters (e.g., purposes) and
sometimes-mandatory (e.g., digests, block modes, paddings) if they
switch to the new API. Prior to this CL they would've had to deal with
this if they invoked any of the new methods of KeyPairGeneratorSpec
or KeyStoreParameter introduced in API Level M.
This CL rips out all the new API introduced into KeyPairGeneratorSpec
and KeyStoreParameter classes for Android M, thus reverting these
classes to the API launched in L MR1. This is because the new API is
now in android.security.keystore.KeyGenParameterSpec and KeyProtection
respectively.
Bug: 21039983
Change-Id: I59672b3c6ef7bc25c40aa85f1c47d9d8a05d627c
When Android KeyStore loads an HMAC key, it needs to compose the JCA
key algorithm name (e.g., HmacSHA256) based on the digests the key is
authorized for. A key can be authorized for multiple digests. Thus,
the approach is to use the first one for constructing the JCA key
algorithm name.
This CL ensures that when importing HMAC keys the first KM_TAG_DIGEST
tag is set to the digest of the JCA key algorithm name.
Bug: 18088752
Change-Id: I911ca7427b249ee823d06e988687af6146ebaff8
