The owner isn't kept track it URI's writeOwners when
grantUriPermissionUncheckedLocked is invoked to provide both
read and write access to the URI. Fix is to check for both
read and write permissions and add owner to appropriate lists.
Change-Id: Id23688b96aefeb0a4911ee52ad47124bc5904fa0
This reverts commit 6c4d904851772313930f800ac7c323cf90c709bb.
Going with a different tactic that doesn't dump stuff on
PackageManagerService.
Bug: 3214719
Change-Id: I0bbeccf3c21d264deda4256eb53713d2c98284f4
Adding unsolicited events to response queue
results in doCommand() returning the wrong
result.
Pulling this change from master.
Bug: 3258529
Change-Id: I2a4b0bd8bb30b31682d7d61ee94a0d246bf10de2
The copyFrom() method was not written to create a clone of the
PackageSetting, so just create a new constructor that actually does a
clone.
Bug: 3349588
Change-Id: I24bdce6c3559e097ecb64b61585ef3b12bca491f
Adds a new virtualKeyQuietTimeMillis configuration resource that sets
the duration for which virtual keys will be dropped after recent touches
on screen. The default value is 0; it is intended to be overridden
per device using a resource overlay.
This change is designed to help in two cases:
1. Swipes from touchscreen into virtual key area.
2. Accidental taps in virtual key area while using on-screen keyboard.
Bug: 3089163
Change-Id: Id6733c83c2e2bc8d9553aa0e5c1fd74b741bec6e
Previously any updated system apps would not be able to have a greater
than 0 priority on an activity intent filter. Moving the priority check
later in the package scanning allows it to apply to updated system
packages as well.
Bug: 2572398
Change-Id: I9fdf7906809518b28b49ffec31afec1442d85d3c
In order not to clobber the internal system's settings, we duplicate it
before putting it back into mPackages, but the PackageSetting has a
couple extra pieces of information that weren't being copied.
Bug: 3339279
Change-Id: I047087ac3477c7b2d5ce23e5e0a5e8c094bd0d3f
Some restore passes bring an ancestral dataset to the application, but
others instead act to bring an app back into sync with its own most-
recently-saved data. In the latter case the state file written by the
app after the restore is a correct basis for generating future backup
deltas, but in the former case it is not.
The app should not be required to distinguish between these cases;
the framework has all the information necessary to handle the saved
state correctly following any flavor of restore operation. This
patch makes the Backup Manager properly cause a full backup pass
following an ancestral-dataset restore. After a current-set
restore the saved state file is an accurate description for
purposes of continued backup operations, so is preserved.
(Cherrypick from master to gingerbread)
Change-Id: I4bc4e8782a168ecc0795107a340bdbb35060730e
The public API is not supposed to require the BACKUP permission in order
for an application to restore its own last-known-good backup data. However,
as currently implemented, BackupManager.requestRestore() [the public API
in question] depends on private Backup Manager methods that *do* enforce
that permission. The net result is that the method cannot be successfully
used by third party applications: it will throw an exception if attempted.
This CL restructures the permission checking involved.
First, the underlying beginRestoreSession() operation can now be passed a
'null' transport name; if this is done, then the restore session is begun
on whatever the currently-active transport is. Looking up the name of the
active transport is one of the permission-guarded actions that was required
with the initial implementation.
Second, a package name can now be passed to beginRestoreSession(). If
this is done, then the restore session can only be used to perform a
single-package restore of that one application. The BACKUP permission is
not required if the caller is tying the restore to its own package name.
In combination, these changes permit BackupManager.requestRestore() to
function without the calling app needing to hold any special permission.
The no-permission case is intentionally quite narrow: the caller must
hold the permission unless they both (a) pass 'null' for the transport
name, thereby accepting whatever the currently active transport is, and
(b) pass their own package name to restrict the restore session only
to their own app.
External bug http://code.google.com/p/android/issues/detail?id=10094
Internal bug 3197202
(Cherrypick from master to gingerbread)
Change-Id: Ie20b0bd2420345ce6eda178f854680b558f6372a
Cyclic references can occur between a Service object held by an
application and a ServiceRecord object held by the system server.
A part of the problem is that binders are leaked and since many binders
are implemented by inner classes of services these services are also leaked.
This causes low memory problems. The solution is: When a Service is beeing
destroyed, go through the ServiceRecord's all IntentBindRecord and set its
binder references to null. This allows the binder and the service object to
be garbage collected.
Change-Id: I5a257521964851f34c08ffb3908feaad96b1bafe
When using sendOrderedBroadcast(..) with a BroadcastReceiver the
BroadcastReceiver instance was not released. The reason for this was that
the resultTo field in the BroadcastRecord kept a reference until it was pushed
out of the mBroadcastHistory. This reference in turn kept a reference to the
process side IIntentReceiver (implemented in ReceiverDispatcher$InnerReceiver).
This in turn had a strong reference (through mStrongRef) to the Context.
In order to keep the debug output the resultTo is also kept as a String in the
new resultToString variable.
Change-Id: I4382a22a541c27b3694fb2b78a04ee820b235f8f
Cyclic references can occur between a Service object held by an
application and a ServiceRecord object held by the system server.
A part of the problem is that binders are leaked and since many binders
are implemented by inner classes of services these services are also leaked.
This causes low memory problems. The solution is: When a Service is beeing
destroyed, go through the ServiceRecord's all IntentBindRecord and set its
binder references to null. This allows the binder and the service object to
be garbage collected.
Change-Id: I5a257521964851f34c08ffb3908feaad96b1bafe
When using sendOrderedBroadcast(..) with a BroadcastReceiver the
BroadcastReceiver instance was not released. The reason for this was that
the resultTo field in the BroadcastRecord kept a reference until it was pushed
out of the mBroadcastHistory. This reference in turn kept a reference to the
process side IIntentReceiver (implemented in ReceiverDispatcher$InnerReceiver).
This in turn had a strong reference (through mStrongRef) to the Context.
In order to keep the debug output the resultTo is also kept as a String in the
new resultToString variable.
Change-Id: I4382a22a541c27b3694fb2b78a04ee820b235f8f
ServiceRecord's bindings is a hashmap to keep track of all active
bindings to the service. This is not cleared when the service is
brought down by activity manager. This adds up the references to
IntentBindRecords and its references to ServiceRecord. Fix is to
clear the bindings.
ServiceRecord's restarter is a reference to the service and is not
cleared when the service is brought down by activity manager. This
adds up the references to ServiceRecord. Fix is to set the reference
to null when the service is brought down by activity manager.
Change-Id: Ica448cd5f60192c8adb23209b5d0e2cf0c04e446
The service connection to the previous live wallpaper is unbound when
a new wallpaper is effective. Although the service connection is
unbound it is not disconnected and its reference to wallpaper's
service and engine is still effective. This adds up to the total
JNI references and causes dalvik (hosting system_server) to abort.
Fix is to release the references in clearWallpaperComponentLocked.
Change-Id: Idd2bab83a56d2e6c6dd7ab9be08d5e14887aa384
ServiceRecord's bindings is a hashmap to keep track of all active
bindings to the service. This is not cleared when the service is
brought down by activity manager. This adds up the references to
IntentBindRecords and its references to ServiceRecord. Fix is to
clear the bindings.
ServiceRecord's restarter is a reference to the service and is not
cleared when the service is brought down by activity manager. This
adds up the references to ServiceRecord. Fix is to set the reference
to null when the service is brought down by activity manager.
Change-Id: Ica448cd5f60192c8adb23209b5d0e2cf0c04e446
...current process has android.permission.WAKE_LOCK
When updating a system app, we would actually uninstall the package
of the system app, which also meant removing its uid...! It was just
luck that we would get the same uid when installing the update after
that. During that time, if anyone tried to do anything related to
that uid, it would be unknown.
This change tweaks how we go about replacing system apps by making
it more like normal apps -- to make this work, if we need to disable
the system app, we generate a new PackageSetting from the current
system app and replace it into our data structures, so we can update
that without trashing the current correct information about the (still
actually there) system app.
Also fixed a problem where we were not killing the currently running
app before installing, like we do when updating a normal application.
And fixed a problem where we were not deleting the /data .apk when
uninstalling a system app update.
And added a new option to the "pm" command to clear the data associated
with an app.
Change-Id: I0e879677849aa42950a3c360bf78ad820e87674b
Rewrote interceptKeyBeforeQueueing to make the handling more systematic.
Behavior should be identical except:
- We never pass keys to applications when the screen is off and the keyguard
is not showing (the proximity sensor turned off the screen).
Previously we passed all non-wake keys through in this case which
caused a bug on Crespo where the screen would come back on if a soft key
was held at the time of power off because the resulting key up event
would sneak in just before the keyguard was shown. It would then be
passed through to the dispatcher which would poke user activity and
wake up the screen.
- We propagate the key flags when broadcasting media keys which
ensures that recipients can tell when the key is canceled.
- We ignore endcall or power if canceled (shouldn't happen anyways).
Changed the input dispatcher to not poke user activity for canceled
events since they are synthetic and should not wake the device.
Changed the lock screen so that it does not poke the wake lock when the
grab handle is released. This fixes a bug where the screen would come
back on immediately if the power went off while the user was holding
one of the grab handles because the sliding tab would receive an up
event after screen turned off and release the grab handles.
Bug: 3144874
Change-Id: Iebb91e10592b4ef2de4b1dd3a2e1e4254aacb697
