Apps can mark manifest components as being encryption-aware, which
means they can safely be run before the credential encrypted storage
is available.
Start adding filtering logic so that we only return these components
when a user is running "with amnesia." That is to say, only device
encrypted storage is available, so the user is running but with only
partial knowledge of its data.
To avoid calling into ActivityManager with the PackageManager lock
held, we quickly determine user state and splice the state into the
flags for later per-component evaluation.
Bug: 22358539
Change-Id: Idc56ec29f1ef04da8963e004314d7f5e47400997
Resource types that are typically stored outside of the resource table
(like layout, xml, drawable) can only have aliases (reference to another
resource).
Change-Id: Idb768801f02bb142e5be5e438904f221499bd756
Nested domain-config inherit unset parameters from the domain-config
they are nested in. This helps avoid copy and pasted configs that are
almost the same except a few minor differences for a domain with
slightly different requirements.
For example: Consider a domain-config for example.com that, among other
settings, does not enforce hsts. Now if you want the rules for
example.com to apply to secure.example.com except that hsts _is_
enforced you can make a nested domain-config for secure.example.com
under example.com that sets hstsEnforced="true" and nothing else.
Change-Id: I9e33f7e62127fd7f4f15c3560fff2f2626477bd4
Merging local app resources is slightly different than merging
resources from a static library.
Local app resources may not have a package name set, but we do take interest in the
ID set for the package (should be 0x0 or match the ID of the app we're building).
Static library resources have an explicit package name defined for them, so we
only merge resources from that package.
Change-Id: I95e559ae94cc1df6972e77a347b1b37a93674c4d
XmlConfigSource parses an ApplicationConfig from an xml resource.
Currently this supports app-wide default configuration via the
base-config element, per domain via the domain-config element and
inheritance of unset properties at parse time.
Inheritance of unset properties is currently only:
domain-config -> base-config -> platform default configuration
Where the most specific value is used.
For example: If the base-config specifies trust anchors, all connections
will use those anchors except for connections to a domain which has a
domain-config that specifies trust anchors, in which case the
domain-config's trust anchors will be used. If the domain-config or
base-config don't set trust anchors, or don't exist, then the platform
default trust anchors will be used.
Nested domain-config entries, debug-overrides, and thorough
documentation of the xml format will follow in later commits.
Change-Id: I1232ff1e8079a81b340bc12e142f0889f6947aa0
Define two explicit directories where device-encrypted and
credential-encrypted data will be stored. Third-party apps only
need access to the device-encrypted directory, so that's the only
API exposed for now.
General cleanup in how ApplicationInfo details are derived.
Bug: 22358539
Change-Id: If0a0108721a4aa1c3052b4912e08604bbf24e1ae
Before, the ID assigned to a public resource without an explicitly set id
was more difficult to figure out. It would be the next available ID.
AAPT2 introduces a new way to specify public attributes in progress.
<public-group type="attr" first-id="0x0101047f">
<public name="foo" />
<public name="bar" />
...
</public-group>
The IDs assigned to each resource is auto-incremented starting from `first-id`.
This also keeps resource's with the same type grouped together so that
the auto-incrementing nature is evident.
Also, due to how AAPT2 was implemented, this is required :P
Change-Id: I95ea92ad0405e87ed0b1766879bb2f1d9d0b636e
Comments weren't being copied when merged from the various
resource tables.
Also refactored the JavaClassGenerator to omit a class
if no entries exist for it.
Change-Id: I6eaa89b7b3715bc05403635a2baf0d1db3efd142
- Disallow touch while alt-tabbing
- Allow keyboard to focus tab while scrolling
- Cleaning up some old classes that aren’t really being used
Change-Id: Ibabea093afb711b07f398677d25735421b7c7e53
If the user has not added any CAs to the user trust store the user-added
directory will not have been created.
Change-Id: I8b5f73af3c0761c56969874231004fedbf7badda
