Allows an activity to always be focusable regardless of if it is in a
stack whose activities are normally not focusable. For example, activities
in pinned stack aren't focusable. This flag allows them to be focusable.
Also, changed ActivityInfo.#{resizeable, supportsPip} to use flags.
Bug: 26273032
Bug: 26034613
Change-Id: I8c63e6d3256757e2e6931e08b8a65269f5169d35
Note: the guts are still trucated to the height of the notification.
The slider initially shows the importance of the individual notification,
but changing the slider changes the importance for the whole group
of notifications.
Bug: 22451710
Change-Id: Id6de3aaace2bdb88a8cc5db517002dc7f0e349ae
Even if the hostname aware method is called if the hostname is null then
the destination is unknown and the configuration can be ambiguous.
Change-Id: I7cacbd57a42604933fdc882371f143dc0a20902d
When an activity is moved to a stack using the
ActivityStack#moveActivityToStack API a new task is created to
hold the activity in the stack. However, when the new task is
created in the window manager side it uses the stack id of the
previous stack the activity was in. We now pass the stack to use
from activity manager to window manager.
Bug: 25987309
Bug: 25961636
Change-Id: Iecc71f6d9b3e70a8d88e134b42f7532ba5327bad
This will be used to create a custom conscrypt TrustedCertificateStore
to avoid loading all of the trusted certificates into memory in a
keystore.
Change-Id: Iaf54b691393ecadae6c7ff56b8adc6a2a2923d29
This allows for faster lookups of TrustAnchors when checking pin
overrides without needing to iterate over all certificates.
Currently only the system and user trusted certificate store are
optimized to avoid reading the entire source before doing the trust
anchor lookup, improvements to the resource source will come in a later
commit.
This also refactors System/UserCertificateSource to avoid code
duplication.
Change-Id: Ice00c5e047140f3d102306937556b761faaf0d0e
Debug overrides are only used if the application is debuggable in
order to help local debugging and development by trusting additional
CAs. In a non-debuggable version of the application the debug-overrides
are ignored.
Trust anchors in the debug override configuration have two key
differences from those in base-config and domain-config:
1) trust anchors in the debug-overrides are trusted for all connections
in addition to any trust anchors included in the relevant base/domain
configs.
2) By default trust anchors in the debug config override pins, as their
purpose is for connecting to non-standard servers for debugging and
testing and those servers should not be pinned in the production
configuration.
Change-Id: I15ee98eae182be0ffaa49b06bc5e1c6c3d22baee
Nested domain-config inherit unset parameters from the domain-config
they are nested in. This helps avoid copy and pasted configs that are
almost the same except a few minor differences for a domain with
slightly different requirements.
For example: Consider a domain-config for example.com that, among other
settings, does not enforce hsts. Now if you want the rules for
example.com to apply to secure.example.com except that hsts _is_
enforced you can make a nested domain-config for secure.example.com
under example.com that sets hstsEnforced="true" and nothing else.
Change-Id: I9e33f7e62127fd7f4f15c3560fff2f2626477bd4
XmlConfigSource parses an ApplicationConfig from an xml resource.
Currently this supports app-wide default configuration via the
base-config element, per domain via the domain-config element and
inheritance of unset properties at parse time.
Inheritance of unset properties is currently only:
domain-config -> base-config -> platform default configuration
Where the most specific value is used.
For example: If the base-config specifies trust anchors, all connections
will use those anchors except for connections to a domain which has a
domain-config that specifies trust anchors, in which case the
domain-config's trust anchors will be used. If the domain-config or
base-config don't set trust anchors, or don't exist, then the platform
default trust anchors will be used.
Nested domain-config entries, debug-overrides, and thorough
documentation of the xml format will follow in later commits.
Change-Id: I1232ff1e8079a81b340bc12e142f0889f6947aa0
The builder supports all the standard builder set* methods as well as
setting a parent builder to use when values are not set (recursively).
This allows us to have a level of inheretence in configurations without
complicating the lookup and trust checking logic by doing inheretence
when building the configs.
Change-Id: I054af83451e52761227479eadf9cb9803437505f
Bug: 25497185
These tests all use deprecated graphics APIs along with unsupported
pragmas. Removing them first will make our pragma cleanup simpler.
Change-Id: Icd0f2690d79dd8deb709724b47607483d6e3dea2
Initial implementation of a unified application wide static
network security configuration.
This currently encompases:
* Trust decisions such as what trust anchors to use as well as static
certificate pinning.
* Policy on what to do with cleartext traffic.
In order to prevent issues due to interplay of various components in an
application and their potentially different security requirements
configuration can be specified at a per-domain granularity in addition
to application wide defaults.
This change contains the internal data structures and trust management
code, hooking these up in application startup will come in a future
commit.
Change-Id: I53ce5ba510a4221d58839e61713262a8f4c6699c
Use different surface composition performance score thresholds for
Andromeda and Android devices.
BUG=24158847
TEST=Flushed Nexus 9 device using volantis and volantis-andromeda
images and confirmed that corresponding threshold is used
for each image.
Change-Id: I8989741200e6584d142479acc1dea7ce8642b1d3
Following metrics are now available for TRANSLUCENT surfaces:
surface-compoistion-peformance-sps
surface-compoistion-bandwidth-gbps
surface-allocation-performance-median-sps
surface-allocation-performance-min-sps
surface-allocation-performance-max-sps
Bug: 24158847
Change-Id: I590fb6194983ce00bd5622b5a7596d05be60ebd4
Using a multi threaded render node to render the window frame
asynchronously from the application relayout.
Bug: 22527834
Bug: 24400680
Bug: 24459827
Bug: 24409773
Bug: 24537510
Change-Id: I1010fc6a8b6e38424178140afa3ca124433ab7e4
The only time AppWindowToken.willBeHidden is used is for determining
if the app should contribute to calculating orientation. In the same
check AppWindowToken.hiddenRequested will be or-ed with willBeHiden,
so it's enough that hiddenRequested to be set.
The only place where willBeHidden is set, is right before
WMS.setAppVisibility is called, which will set hiddenRequested.
Because of this willBeHidden is unnecessary.
Change-Id: Iea35f39f72e7f0dcd76205ef580f3a74cac72d08
Removes unnecessary invalidateSelf() from VD.onStateChange(). This is
handled by the view hosting the drawable.
Bug: 22984152
Change-Id: Idf11a0ffef392cb1d8452aa3f5f836b35027a756
This is adding the renderer side infrastructure to allow
rendering multiple render nodes with different threads.
This is a pre-step for decoupling a non client decor
resize reder from a content resize render.
Multiple render nodes can be added to be drawn, and to
prevent overdrawing, a content bounds area can be set
Bug: 22527834
Change-Id: Ie7271e20895bf38957e5a84aeefc883e282039ad
We crop windows to their stack bounds when the docked stack
exists. We don't want to do this for the home activity since
the docked stack isn't visible when the home activity is visible.
Change-Id: Ibb3157dabbb6c979358ddc2098a01c6ddf6540e8
