The MSG_NOTIFY_UPDATE_APP_WIDGET message is sent asynchronously,
meaning it tries sending RemoteViews without the lock held, possibly
while another Binder thread is trying to mutate it.
Fix this by creating a copy for the thread to safely dispatch.
Bug: 29889779
Change-Id: I341fbbf89abee97a66cd67f1dd2a728282b68bfa
We now have isUserRunning && isUserKeyUnlockedisUserUnlocked instead of
having isUserUnlockingOrUnlocked. The difference is
we now allow stopping unlocked user to access the API.
Testing:
Write a simple widget which keep calling AppWidgetManager API in a loop.
1. In non-FBE mode, place the widget to launcher.
Turn off work mode. No crash is observed.
2. Repeat 1 in FBE mode with separated work challenge.
3. Repeat 1 in FBE mode with no separated work challenge
4. Repeat 2 and reboot the device. Unlock work profile, widget is shown
5. Repeat 3, reboot device, widget is shown after rebot
Change-Id: I2fa9f602dcb0befff41fc6b145e9855e82d8d7a8
Fix: 29264823
- Instead of waiting for the broadcast to start loading the user’s
widgets, handle them in the service callbacks to ensure the app widget
update broadcasts are enqueued earlier.
Bug: 27262341
Change-Id: I095abe5e15fe46412d00438986f7a9aee50872ca
When the widget starts lisnening again, it receives all the pending updates
until that point (restricted to the requested widgetIds). When startListening
is called for the first time, the widgetIds is empty and it does not get
any updated. Further calls to startlisting will give the missed updates
for the bound widgets
Bug: 23892701
Change-Id: I3aa06d3e33a0861c19cfd5ced567d5bb3b93d906
Do not enforce unlocked state when running on the background thread. User can
be in the stopping state or removed by the time the message is being processed.
Bug: 28471878
Change-Id: I1862849661d93b424a07ea94e80563bea7a94ce5
There is a narrow window of time during user unlock where we're
reconciling user storage and dispatching the "unlock" status to
various internal system services. While in this "unlocking" state,
apps need to be told that the user still isn't actually "unlocked"
so they don't try making calls to AccountManager, etc.
The majority of internal services are interested in merging together
both the "unlocking" and "unlocked" state, so update them.
Clarify naming in AccountManagerService to make it clear that a local
list is being used, which mirrors the naming in MountService.
To match UX/PM requested behavior, move PRE_BOOT_COMPLETED dispatch
after the user is unlocked, but block BOOT_COMPLETED dispatch until
after all PRE_BOOT receivers are finished to avoid ANRs.
Bug: 28040947, 28164677
Change-Id: I57af2351633d9159f4483f19657ce0b62118d1ce
Previously many usages of UserManager.getProfiles and getEnabledProfiles
were only using ids of returned users. Given that the list of users needs
to be parceled and unparceled for Binder calls, returning array of ids
minimizes memory usage and serialization time.
A new method getProfileIds was introduced which returns an array of userIds.
Existing method calls were updated where appropriate.
Bug: 27705805
Change-Id: Ic5d5decd77567ba0f749e48837a2c6fa10e812c0
Also associating a lastUpdateTime with every widget. This allows
the host to query the widgets which were updated only after
the last stopListening call.
Change-Id: If9375cf2d8caa0ccca14b6649821d87ada1f3a84
* renamed getPackageSuspended => isPackageSuspended
* does not return false for an error, instead throws
NameNotFoundException if the package could not be
found, or if there is an unknown RemoteException,
wraps it in a RuntimeException and rethrows.
Bug: 27532430
Bug: 22776761
Change-Id: Iee00600089b1c0556a3312b10456826464fa8f9f
Mostly consists of removing the word "encryption" from most APIs,
since we can't actually make promises about the data being encrypted.
Bug: 27531029
Change-Id: Iace9d7c4e64716abf86ed11847c40f3947e1d625
Since the data returned by these calls can grow unbounded based on
various GET flags, we need to switch 'em over.
Bug: 27391893
Change-Id: Ie849ca30dbaaa91158da4c83675657715629a0ee
Stopped profiles may have a parent still running
hosting widgets so providers should remain.
Bug: 26842832
Change-Id: I3ef97222fcfa5b183744033ece133115b3c146c1
Do not show badge icon when the suspended package is not inside
a managed profile. Tapping on a masked widget should bring up the
relevant dialog similar to tapping on the app's launcher icon.
Bug: 26948327
Bug: 26924217
Change-Id: I2bf7ac718e55063bc8ea66573e89a62a97b91ff2
Wait for parent user to be unlocked before attempting
to load widgets for a user.
Fixes issue with profile being unlocked and AppWidgetServiceImpl
thinking it has loaded parents widgets while locked and
therefore not seeing any widgets.
Bug: 27037962
Change-Id: Ice9c5e6e1dd062a622c5f984eeb3531de893f9be
Avoid launchers removing widgets by handling case
where a widget host is in an unlocked parent user and
widget providers are in a locked managed profile.
For this case allow launcher to see the widgets from
non-crypto aware widget providers.
Mask out widgets from locked profiles.
Fix issue with widgets not being masked when adding
new widgets when user is locked / quiet or package
is suspended.
Bug: 26721345
Bug: 27037962
Change-Id: I60b5bd934c1547110e374ab4eefbee6aade37dc6
Instead of always rebuilding the full ApplicationInfo for a
package when callers are only interested in the suspended status
add a new fast API in Packagemanager (which only checks the
suspended user setting for the requested package and returns
a boolean) and change the appropriate caller code too.
Bug: 26794775
Bug: 22776761
Change-Id: Ide8428ef734479360d5a8a75fd8e0ed8ddf2da7a
Finish moving all UID/GID callers to single AIDL method that requires
callers to provide flags.
Triage AppWidgets and PrintServices, which currently can only live on
internal storage; we should revisit that later.
Fix two bugs where we'd drop pending install sessions and persisted
Uri grants for apps installed on external storage.
Bug: 26471205
Change-Id: I66fdfc737fda0042050d81ff8839de55c2b4effd
Only create UserState objects when a user has been unlocked, meaning
we can connect to the spooler. Ignore package events that occur
while a user is locked, since we'll kick off updateIfNeededLocked()
when that user is eventually unlocked.
In all other cases, throw if someone tries obtaining UserState for
a still-locked user. This should help catch any edge cases in the
system, and communicate clearly through public APIs that printing
isn't available until the user is unlocked.
Bug: 26246836
Change-Id: If15744621890baee206d355484fe20933afc65d8
Only parse and load AppWidget configuration details after a user has
been unlocked. Yell loudly if someone accidentally tries loading
data for a locked user.
Tidy up protected broadcast logic a bit more to handle persistent
processes. Add backwards compatible behavior for APPWIDGET_UPDATE
broadcast simliar to APPWIDGET_CONFIGURE, since some apps are sending
it to themselves.
Add hidden USER_HANDLE extra to a handful of broadcasts to make
logic more consistent.
Bug: 26247049, 26219971
Change-Id: I54e4f2e343488571f9baa1a316962f41186c1a2c
If a work profile is in quiet mode, mask widgets belonging to that profile
with a generic RemoteView.
Bug: 22541941
Change-Id: I3baa179630af497afa02b32f236d2bdaa4a75904
When a widget provider is removed from the whitelist
of widgets that work across profiles just remove the
currently bound widgets don't remove the provider.
This allows the provider to be added back to the whitelist
or to be used from widget hosts within the profile.
Bug: 21180997
Change-Id: I5d3a81fb088092b65cc4e8e158be4a292c5c8288
- In the existing logic, the call to onProvidersChanged() is called when a package
with widgets is added or removed, but only called when a package is updated _and_
there is an app widget bound to a host. This differs from what the expected
behavior is based on the documentation and means that packages with widgets that
update have no way of notifying host apps of changes except via package events.
Bug: 20698931
Change-Id: I60af36d51e99ca1ea751d9d9d03a50ef2d5bef98
b/19904873
> Reason: to prevent TransactionTooLargeException from occuring when
binder transaction size goes over the limit.
Change-Id: I054cb161d235234f3ccdaadd70314163e690b0db
Passing null to XmlPullParser.setInput forces it to do additional
work, which can be easily avoided if we know the charset beforehand.
bug: b/20849543
Change-Id: Iaff97be9df2d0f99d7af8f19f65934439c9658e2
Track package names of bound app widgets and use the list when
querying for idle apps.
Bug: 20066058
Change-Id: If8039397a061ef04bb13aa38d57cd7f0221f5fc7
Now that we have a separate foreground service proc state
(above a sleeping top app), update various system services
to put their bindings into this state when appropriate.
There are two new bind flags for this -- one that just always
makes it a foreground service, another that only does it when
the device is awake (useful for things like the wallpaper).
And with all of that, tweak network policy manager to only
include apps that are at least foreground service state when
in power save and device idle modes. This will allow us to
further reduce the set of apps that have network access
(in particular not giving access to the current top app when
the screen is off), hopefully leading to even better battery
life.
Change-Id: I91d85a5c5ed64e856149e9a5d94a634a7925ec7f
When cross profile widget whitelist is updated by device admin
remove providers for removed packages.
Bug: 19293923
Change-Id: I7a5f7b706486055346d906c89d48510bfe1ad352
During restore first the provider records and then the applications
are restored. Therefore, we keep the restored provider records in a
zombie state and once we get the package install broadcasts from the
package manager we update the zombie providers to be real ones. The
bug was that while doing this we were not updating the provider id
from one with an undefined UID to the one with the UID under which
its package now runs.
bug:17869323
Change-Id: I20b7cbfd2f90e2f5bf3a6b858d8da99cc1c82841
PackageManager and AppWidgetHostServiceImpl should
be loading the resources of any shared libraries being
used by the app, as they have references in their Widgets
or application icons/labels, etc.
Bug:17668152
Change-Id: I359662334edb125d7570089916727df4eeba02bb
When restoring app widget state from XML we read all providers,
hosts, and widgets and only after reading all hosts and providers
for all members of the group we hookup the widgets as they may
cross profile boundary. To esntablish the host-widget and provider-
widget relation we use a tag for the host and the provider that
are assigned before saving the state to XML. When restoring we
are using the tags to match widgets with hosts and providers. The
bug was that we were not clearing the tag of all hosts and providers
before reading from XML as we want the only tags that are defined
to be the ones we are reading. This resulted in wrong app widget
restore for a secondary user.
bug:17505027
Change-Id: I035d8f13142c6b9dbc9d658b82390f9cd8d75e0d
Use enforceCallingOrSelfPermission() for throwing a security exception
rather than creating the security exception ourselves. This has the
advantage that the exception is in a well known format expected by
the CTS test android.security.cts.ServicePermissionsTest#testDumpProtected
Bug: 17165920
Change-Id: I7d3c2d2a0852a490fe1d553cd81d1efc79d2fec3
