Since emulated external storage paths differ based on execution
context, carefully fix up paths for various use-cases:
1. When sending paths to DefaultContainerService, always scope
OBB paths as belonging to USER_OWNER.
2. When sending paths to vold, always build emulated storage paths
visible to root.
3. Always use the original untouched path when talking with apps.
Mount OBB containers using shared app GID, so that an app can read
the mount point across users.
Handle legacy paths like "/sdcard" by resolving the canonical path
before sending to MountService. Move tests to servicestests, and
add tests for new path generation logic.
Bug: 7212801
Change-Id: I078c52879cd08d9c8a52cc8c83ac7ced1e8035e7
1. This change converts the accessibility manager service to
maintain a state per user. When the user changes the services
for the user that is going away are disconnected, the local
accessibility managers in the processes for this user are
disabled, the state is swapped with the new user's one, and
the new user state is refreshed.
This change updates all calls into the system to use their
user specific versions when applicable. For example, regisetring
content observers, package monitors, calls into other system
services, etc.
There are some components that are shared across users such
as UI created by the system process and the SystemUI package.
Such components are managed as a global state shared across
all users and are updated accordingly on a user switch. Since
the SystemUI is running in a normal app process this change
adds hidden APIs on the local window manager to allow the
SystemUI to notify the accessibility layer that it will run
accross users.
Calls to AccessibiltyManager's isEnabled(), isTouchExplorationEnabled()
and sendAccessibilityEvent return false or a are a nop for a
background user sice he should not send accessibility events,
and should not perform touch exploration.
Update the internal accessibility tests due to changes in the
AccessibilityManager.
This change also fixes several issues that were encountered
such as calling out the accessibility manager service with a
lock held.
Removed some incorrect debugging code from the TouchExplorer
that was leading to a system crash.
bug:6967373
Change-Id: I2cf32ffdee1d827a8197ae4ce717dc0ff798b259
No changes to text at all, just moving the java files to match their
declared packages.
There was no original bug# but this cleans up the code submitted in
the original Change-Id: I42307f58074157b33b6e01216aab10022340d449
Change-Id: I233fa7f21167a42565aadb7ad109600b1a1a5721
For multi-user devices, switch to storing policy per-user instead of
per-app. Also watch for user added/removed broadcasts to clean up
policies and apply global restrictions.
Bug: 7121279
Change-Id: Ia7326bd0ebe0586fa4ec6d3a62f6313dc8814007
This adds the necessary bits to verify and install configuration
updates using system server. It also includes the cert pinning
updater as the first user.
Change-Id: I42307f58074157b33b6e01216aab10022340d449
Replaced all remaining places that used it with explicit user
specification.
While doing this, I ran into stuff that was creating PendingIntent
objects (that now need to specify the explicit user they are for),
which are also posting notifications... but have no way to specify
the user for the notification.
So the notification manager in the system process now also gets a
formal concept of a user associated with the notification, which
is passed in to all the necessary aidl calls. I also removed the
old deprecated aidl interface for posting/cancelling notifications,
since we now always need a user supplied.
There is more work that needs to be done here, though. For example
I think we need to be able to specify USER_ALL for a notification that
should be shown to all users (such as low storage or low battery).
Along with that, the PendingIntent creation needs to be tweaked to
be able to handle USER_CURRENT by evaluating the user at the point the
pending intent is sent.
That's for another change, however.
Change-Id: I468e14dce8def0e13e0870571e7c31ed32b6310c
Use AtomicFile for usermanager files.
Added a MANAGE_USERS permission that apps (signature permission) can use
to create/query/modify/remove users.
Change-Id: I5cf232232d0539e7508df8ec9b216e29c2351cd9
Moved a bunch of methods from PackageManager to UserManager.
Fix launching of activities from recents to correct user.
Guest creation APIs
Change-Id: I0733405e6eb2829675665e225c759d6baa2b708f
Change ConnectivityService to use a factory when creating
NetworkStateTrackers, which gives us a good place to inject mocks
for testing. Add initial tests to verify that network routes are
added and removed as networks changed.
Change-Id: I11cbc61a84c2ed4afa2670036295b1494eab26e1
When XT stats are available, transition to prefer them over DEV,
since they aren't subject to hardware driver bugs. Only switches at
the first atomic XT bucket, and adds a Settings.Secure flag to force
back to DEV if needed. Includes tests to cover transition.
Fix tests where device overlay would change which network types
reflected data usage. Test both history and summary APIs. Fixed
collection timestamps to reflect full buckets.
Bug: 6504744
Change-Id: Idd7f3b2fdb064c36547c85c51c214fd938c59b7e
1. Every accessibility services targeting JellyBean or higher has
to request a special permission for the system to bind to it.
Change-Id: I6e579326bdf3597f148d6c67317455701ec8af68
The CertBlacklister is a mechanism for allowing is to use gservices
to blacklist certs by serial number or public key.
Change-Id: Ie4b0c966a8a43c9823fb550c0b1691204f133ae7
Default is 2MB persist threshold, but even that can be substantial
for devices on 100MB/month plans. This change gradually reduces the
persist threshold up to 8x lower (256kb outstanding) based on lowest
active policy.
Bug: 5382676
Change-Id: Ief4e8cdb169bfb151a3d1b45722a8eaa01926508
Add method to parse new iface_stat_fmt proc stats, or return null
when kernel support is unavailable. Add test and remove older, unused
parsing code. Create new "xt" recorder to persist the new xtables
counters when available.
Add SSID support to NetworkIdentity to fix policy tests.
Bug: 6422414
Change-Id: I77f70e9acb79a559ab626f3af5c4f3599801ed43
Users outside system_server now explicitly communicate their
lifecycle, which keeps a strong-reference chain to any fully loaded
NetworkStatsCollection histories.
Bug: 6236498
Change-Id: I8e22739b6e89a626b676967a736d7117fd000778
Add networkId field to NetworkIdentity to identify Wi-Fi networks by
SSID. Add support for policies without usage cycles.
Only apply mobile policies when SIM state is ready, which is cleaner
than just checking for airplane mode. Also avoids creating no-op
default policies when subscriberId is null.
Bug: 3001465, 3291052
Change-Id: I1f8aaa49a5db306df022c402ea7f3f5d4bc0cfc7
Broadcast intents that get sent out when users are added/removed/switched.
More work on generating user-specific information in package manager queries.
APIs to update user name and query a user by id.
Removed Package.mSetStopped and mSetEnabled, since they're not user specific.
User removal:
- Cleanup ActivityManager, PackageManager, WallpaperManager, AppWidgetService
and AccountManager.
- Shutdown processes belonging to the user.
Don't show vibrate option in long-press power if there's no vibrator.
Lock the screen when switching users, to force unlocking.
Change-Id: Ib23a721cb75285eef5fd6ba8c7272462764038fa
Packages can be enabled/disabled per user.
This requires maintaining stopped/launched states and
enabled / disabled components and packages per user.
Refactored pm.Settings and PackageSettingsBase to keep
track of states per user.
Migrated the stopped-packages.xml to users/<u>/package-restrictions.xml
Changed intent resolution to handle individual user restrictions.
Bunch of IPackageManager calls now have a userId argument.
Make AppWidgetService handle removals of packages.
Added some tests for pm.Settings and PackageManager.
Change-Id: Ia83b529e1df88dbcb3bd55ebfc952a6e9b20e861
Instead of cycle reset at midnight UTC, use midnight of timezone
active when user last set cycle reset date. Tests to verify, and
also to test leap year behavior.
Bug: 5938567
Change-Id: Ie06f7f0fa242d23110f9586a3f4f7037af87b31b
Introduce second snooze timestamp to support dismissal of data usage
warning notification. Also explicitly set notification "when" to
avoid fighting with other notifications, such as ongoing downloads.
Bug: 5443756, 5262414
Change-Id: I03342c25b0410b1b2db84de9a40884f04cb1d8ae
Split existing network stats into two separate classes: a recorder
which generates historical data based on periodic counter snapshots,
and a collection of historical data with persistance logic.
Recorder keeps a pending history in memory until outstanding data
crosses a specific threshold. Persisting is handled through a given
FileRotator. This pattern significantly reduces disk churn and
memory overhead. Separate UID data from UID tag data, enabling a
shorter rotation cycle. Migrate existing stats into new structure.
Remove "xt" stats until iptables hooks are ready. Avoid consuming
Entry values when recording into NetworkStatsHistory. Assign
operation counts to default route interface.
Introduce "Rewriter" interface in FileRotator with methods to enable
rewriteAll(). Introduce IndentingPrintWriter to handle indenting in
dump() methods.
Bug: 5386531
Change-Id: Ibe086230a17999a197206ca62d45f266225fdff1
This separates the definition of "metered network" and "network with
limit." For now, all mobile networks are considered metered.
Bug: 5571454
Change-Id: I394cd385bd33add75e53bfc9cf2fefd06a00208a
- Don't get and cache phone tpe at the initialization time. At this point
TelephonyManager is probably not ready yet.
- Refresh MCC whenever we get the service state changed callback, even when
the state hasn't actually changed, in order to make sure we get refresh
country properly when MCC changes.
- Also remove the initialization of mPhoneStateListener, which prevented us from
registering phone state listener properly.
- Also fix tests which were already failing.
Bug 5670680
Change-Id: Id45abeba1b1e843053ac2c946861b439ca568de4
Perform uniform argument escaping inside NativeDaemonConnector, using
varargs to separate boundaries. Also move to parsed NativeDaemonEvent
instances instead of raw Strings.
Bug: 5472606
Change-Id: I1270733e2b2eeb2f6b810240df82ab24d38ebf40
EntropyService implies that this program provides entropy to other
programs, and is misleading. The EntropyMixer class is designed purely
to stir the existing entropy pool with some possibily random-ish data,
and carryover entropy across device reboots.
Change-Id: I086cd339a3b652d32371521e61e1b1f555ce2280
Instead of trusting NTP time alone, use the most-conservative of
system clock and NTP.
Bug: 5584564
Change-Id: I5dd87fc009959b1cf0a7d660e385a0b1a8be238b
Moved away from BufferedReader, which only reads the first 8KB of
some proc files because it aggresively fills its buffer. Optimized
proc parsing, now double the speed. Tests to cover.
Log when NetworkStats counters roll backwards when subtracting, and
optimizations around findIndex(). When system removes UID, also
remove from last stats snapshot to avoid xt counters from rolling
backwards.
Bug: 5472949, 5458380
Change-Id: I07c08fe5233156fac2b84450f6291868bf9bfaf2
Replace TrafficStats calls by reading values from xt_qtaguid kernel
module. To keep BatteryStatsImpl changes lightweight, cache recently
parsed stats. Tracks mobile ifaces from ConnectivityService.
Refactor xt_qtaguid parsing into factory outside of NMS. Add stats
grouping based on UID, and total based on limiting filters like iface
prefix and UID.
Bug: 4902271
Change-Id: I533f116c434b77f93355bf95b839e7478528505b
When available, use single "iface_stat_all" file instead of reading
values from dozens of files scattered across proc. Tests to verify.
Bug: 5397840
Change-Id: I0247be518436c1f79b32c4b72216739f49a9e8cc
Begin tracking xtables summary of data usage to compare with values
reported from /proc/net/dev. Roll tethering directly into UID stats
to trigger UID stats persisting when crossing threshold.
Include xtables summary and authoritative time in samples.
Bug: 5373561, 5397882, 5381980
Change-Id: Ib7945522caadfbe0864fdf391582dc820f4f371e
* Verifiers can be specified in the AndroidManifest.xml
* Those verifiers can respond to the new Intent action
* PackageManager API for those verifiers: verifyPendingInstall
Change-Id: I4892bce2e6984871e6e93c60a1ca0dae145f5df5
Watch for changes to telephony network subtype, and update iface
mapping to persist stats under correct type. Update network stats
before removing tethering NAT rules.
Skip recording that would create empty historical buckets. Query UID
stats before iface stats to always skew positive when counters are
actively rolling forward.
Bug: 5360042, 5359860, 5335674, 5334448
Change-Id: I8aa37b568e8ffb70647218aa1aff5195d3e44d5a
When sampling network stats, always use atomic buckets instead of
interpolating. Always poll iface and UID together so we distribute
into buckets equally. Move stale bucket trimming to just before
writing stats.
Bug: 5321340
Change-Id: I78a2226778a79c875f3668336e39ea24a7b4d5c4
