Enforce that apps with delegated powers to exist on device before
empowering them. This is consistent with DevicePolicyManagerService's
internal logic to clear the delegation power once the package is removed.
For delegated cert installer, only enforce this new restriction on
device admins targeting N or later.
Bug: 26233778
Change-Id: Ia8f45dfd5290958cebb36991c4b6baa03e8c28ae
With this it's possible for callers to:
Network network = ...
LinkProperties lp = ...
NetworkDiagnostics netdiag = new NetworkDiagnostics(network, lp, 5000);
netdiag.startMeasurements();
netdiag.waitForMeasurements();
boolean result = true;
for (Measurement m : netdiag.getMeasurements()) {
if (!m.checkSucceeded()) {
result = false;
// Additional error handling here.
}
}
return result;
Bug: 21832299
Bug: 26780890
Change-Id: Iaf7ff029e2c6a998b574c23d0dcde8d57a467a22
The servcies shared lib contains components apps can invoke such
as services to bind to, activities to start, UI choosers, etc.
This lib is built from AOSP code but an OEM may chage its
package name. For example, Google renames the package names for
GMS apps from android.foo.bar to com.google.android.foo.bar.
While we have more than one shared lib that are a part of the
platform (currently shared and services libs) the serivces lib
is the only one clients need to start components in, thus need
to know its package name. This change adds an API to query the
package name of the services shared lib. The API is hidden as
currently the only clients are a part of the system.
Change-Id: Ied48fa4819024522791764b22b3336d4f4b42cc3
Most of these callers are okay having results omitted when a package
is uninstalled or encryption unaware. For example, jobs and
notifications can only be enqueued by already running apps.
When clearing zen rules, keep around rules inserted by apps on
ejected external storage devices.
Make ServiceWatcher stricter by requiring that the matching package
be in the system image.
Bug: 26471205, 27105254
Change-Id: Ie41ea8042ac1a54e9cbe0c35cec89e70521e9bed
- Don’t launch Pip overlay activities during pinned stack animation.
This causes extra CPU load and takes a way resources from the running
animation.
- Finish Pip overlay activities before starting pinned stack resize
animation. Reduces the amount of work the system needs to do to keep
the overlays in-sync with the other activities in the pinned stack.
- Use AM.resizeStack with null bounds to take Pip to fullscreen so that
we can animate the bounds changed.
- Also, fixed Activity.enterPictureInPicture API to animate the transition
if Pip is entered from the app instead of Pip manager.
Bug: 25672053
Change-Id: I82399c10f1b8c675ea3861ba973dc8ecfbfbe50f
Bug: 26874366
On Multiarch apps, it might be necessary to prioritize 32bit Abi ahead
of 64bit ones. The use32bitAbi flag enables this.
This CL also reverts the public api changes in I2c1fd1d036efe72b28b5fe996416df69a583959f and Ie3ecea6d84e2cb1522e736a21c3a3a24ac62eb27. Previously
the same functionality was provided using a raw abi string that
utilized cpuabioverride flag.
Change-Id: Idce3cbfedd11ef9079ce8a2901e69d30b1cf9ef4
This utility class automates the process of binding to the best
matching service, including rebinding as packages change over time.
This design means it's easy to become encryption-aware: we use the
default PackageManager behavior that filters components based on
their encryption-aware status, and we just kick off another
evaluation pass once the user is unlocked.
This change cleans up some of the internal logic so we only rebind
when the implementation switches, and it fixes several bugs along
the way. For example, we would never trigger a rebind if a service
was refactored to a different ComponentName. Another subtle bug was
that we'd never fallback to an older implementation if a higher
version was uninstalled/disabled. And finally, if all implementations
were uninstalled/disabled, we'd leave the last connection bound.
Bug: 26280056
Change-Id: I259af78e6564d61353a772ac03cf5799a398d535
This makes the animation when exiting docked mode a bit nicer
when you fling the divider towards to the navigation bar. However,
since the divider ends at the navigation bar, we need to immediately
dismiss it instead of fading out when the divider is fully occluded
by the navigation bar.
Change-Id: Ic5432fd118cb71be36485667b2c537caf5065ce5
Closing two small holes in the implementation:
1. The gesture was dispatched before the callback was registered. It
was possible for gestures that failed quickly to fail to report any
status.
2. Gestures could be dispatched before the input filter was
installed. Adding a wait to give the filter a chance to install
before reporting a failure.
Also removing an unused method on the input filter.
Change-Id: I77cd80dcd2cec6c72b3761169aba5eaecf62250b
(cherry picked from commit 03465fb874ccf35ead2228b66ec03afc31d7694e)
673cbd2b6932b39d6804cda2969b7f059c1ce748 introduced logic to make
non-top activities in the home stack invisible under certain
conditions. However, this caused problems with the set-up wizard which
uses the home stack to launch all its activties. Changed the logic to
determine if the next task in the home stack should be visible behind
vs. the next activity in the same task. So, activities in the same task
in the home stack can be visible at the same time, but not activities
in different tasks.
Bug: 26922407
Bug: 26571156
Change-Id: Ied20d45cd27a1adcc105703d8ca21861d1856700
Fix two bugs: one where Instrumentation did not properly
handle destroyed UiAutomations, another where UiAutomation
did not properly disable running accessibility services.
Change-Id: I1773dbd373f4d5b0e7c9917ff18d8d9b1a0e07c7
(cherry picked from commit 846522cea043d3113b3b96daa8f3a1b70e3beb5e)
This change introduces the ability to have multiple packages per
APK. The feature is currently restricted to privileged apps and
updates to such apps.
In essence the manifest can have multiple child package declarations.
A child package can declare everything an Android package can except
some tags or attributes that are not applicable and instead inherited
from the parent when needed. For example, the target SDK of the parent
applies to all children.
A child package can be updated only through the parent package.
A package with multiple child packages is installed, uninstalled
atomically - no partial installs where some child packages are not
installed.
The remaining work is to ensure broadcasts are also sent for child
packages. This will come in a subsequent change.
Sample app:ag/848432
Design doc: https://docs.google.com/document/d/18nFWtJuZchLxrHf5SBbJW03-Ky9Rh_G0-OVB14b6u78
Change-Id: I6fd021d981bf5786290e0c53502724a14c97358c
When animating the pinned stack, we set drag resizing on the top
most task in the stack. This has a couple of issues.
- Only the top most task is put in drag sizing mode and all other
task in the stack will not be in resizing mode.
- The top most task of the stack can change during the animation,
so we fail to clear the drag resize flag on the previous top task.
We now track drag sizing at the stack level and have the stack
drag resizing state affect its tasks drag resizing states.
Also added concept of continuing a bounds animation if the same
target called BoundsAnimationController.animateBounds before the
current animation is done. We don't send onAnimationEnd() for the
current animation that is been cancelled and don't send
onAnimationStarted() for the animation that will be replacing it.
Bug: 25672053
Change-Id: I64e89ed09d81e4802dacebc5818dfa1deb0d588f
In resumeTopActivityInnerLocked we only update the visibility
if not already visible, to avoid a black flicker. However, in the
interaction when docking a task from recents, makeVisible was
called but the conditions weren't met to make it actually visible,
but Record.visible was still set, leading that we didn't call
WM.setAppVisibility in resumeTopActivityInnerLocked
Bug: 27041808
Change-Id: I400470a5b31881542fedd3edb6a97e524666a8a3
- When the window doesn't have a surface, do not add it to
mResizingWindows, so we don't report unnecessary resizes
- computeDragResizing => false when window is not visible, so we
never enter resizing mode even if the window decides to relayout
in the background
Change-Id: I8e6cdef86f1579d128973d4f2f12e87bf9b65524
Prior to this commit in this case of activity pause, with finishing=true
the activity manager will notify us of app visibility and we will begin
an exit animation. When this exit animation finishes, we will destroy
the application surface (unless its eligible for saving). However there
are two cases where this breaks down:
1. The exit animation finishes before the activity thread handles
the stop transition. Many activities stop rendering on Pause
but many do not and it is totally legal to do so. Sometimes this
results in non fatal dequeue buffer errors and sometimes results in
fatal errors with Pixel Buffers, etc...
2. We may resume the activity shortly after asking the window manager
to pause it. If the window wasn't eligible for animation, we will
immediately destroy it after being told of the visibility change
following PAUSE_FINISHING. It's possible for this to complete
before we process the resume. On the other hand the client
happilly processes the resume and transitions back from PAUSE
and then crashes once it attempts to use it's surface.
In this commit we have the activity manager notify the window manager
when an application has actually finished (or we have timed out
waiting). For windows which have not been explicitly removed by the
client, we defer destruction until we have received both this signal
and the animation has completed.
Bug: 26793431
Change-Id: Ib6ee8fbdd1f03450fbbfd62468a19e97774befab
Prior to this change it was relying on NMPS.getNetworkPolicies(), which
would not return networks that never had any policy attribute (like
metered) set.
This change fix this problem by also querying the WifiManager for the
list of saved wi-fi networks. In fact, the new logic is very similar to
what's done on SettingLib's NetworkPolicyEditor.
BUG: 26685616
Change-Id: I42f37de3a7367718036f45b15c6b5d37b67e7d01
+ Camera permission is required for QR provisioning in SetupWizard.
Bug: 26932941
Change-Id: I1573cdd3b8ac708f457a9c7efbbf02c3c8ce6d8d
(cherry picked from commit 950b2dee6648a90bd2e9fedecde137f41f7c4513)
We confirmed with the graphics and JIT teams that no sensitive
user data is written to these caches, so they're safe to point at DE
storage.
Since we don't have control over what is written by the app, we need
to keep the cache environment variable pointing at CE storage.
Fix ensurePrivateDirExists() to always return a path, instead of
returning null which can cause scary bugs.
Change packages.list to no longer canonicalize data paths, since
these fail when CE storage is still locked.
Bug: 27069522
Change-Id: Ifff64a036fa4aa1e61aa0dd98486bc711fbf8f4a
Add the means to protect FBE keys with a combination of an auth token
from Gatekeeper, and a hash of the password. Both of these must be
passed to unlock_user_key. Keys are created unprotected, and
change_user_key changes the way they are protected.
Bug: 22950892
Change-Id: Ie13bc6f82059ce941b0e664a5b60355e52b45f30
Also, this is supposed to be a "machine-parseable" format,
but it's not versioned at all. Added a version field so we
can change the format in the future if desired.
Change-Id: I6aa8ea46e030def04dc10634d01557a044545a9b
libc++.so is no longer accessible to the app, so it must be
bundled in the app. This should get ApfTest passing again.
Change-Id: Ide004cb84f7f50feffb8f5acb46b7001dcffd208
