Moving forward, all client file access really needs to be going
through explicit APIs like openFileDescriptor(), since that allows
the provider to better protect its underlying files.
This change also changes several classes to use the AutoClosable
pattern, which enables try-with-resources usage. Older release()
methods are deprecated in favor of close().
Uniformly apply CloseGuard across several classes, using
AtomicBoolean to avoid double-freeing, and fix several resource
leaks and bugs related to MediaScanner allocation. Switch
MediaScanner and friends to use public API instead of raw AIDL calls.
Bug: 22958127
Change-Id: Id722379f72c9e4b80d8b72550d7ce90e5e2bc786
This reverts commit 2be787e359c76086b57dc9f35868da9db71099e8.
It adds the missing file from the original commit.
Change-Id: Ia2c4a0f3fcc7ce1de222fa39b7fdf2ef7880468a
Allow tiles to request when they are bound instead of doing it
automatically for them when in the listening state. Only one
of these modes is allowed for a given tile, meaning it can either
push updates when it thinks they matter, or it can be told when
to update.
Change-Id: I165b39dddb836df90d253aeb5ebea48e62ea0dae
This changes the documentation for inPreferQualityOverSpeed,
inDither, and requestCancelDecode().
These changes are a result of modifying the backends of
BitmapFactory and BitmapRegionDecoder to be faster, higher quality,
and to use standard libraries.
BUG:26266063
BUG:25556965
Change-Id: I9008fd276a38c737e242bcc6930ffe4e36d9fd1d
This permissions is not protecting access to the flashlight.
Anyone can use the latter via CameraManager.setTorchMode().
bug:26383626
Change-Id: I44c6395b5a0f80c1c539cffe61715b29b401a775
Many places across the platform query package details without
gracefully handling packages or components that go missing for
various reasons. This can cause annoying user data loss, such as
resetting back to built-in apps or dropping of accounts, etc.
This change verifies that system callers have thought about these
edge cases by logging if they use default matching behaviors without
explicitly marking themselves as being "triaged." (The logging is
currently disabled by default.)
Also creates explicit definitions of supported flags for various
incoming PackageManager calls, and defines a clear distinction
between flag types:
-- GET-style flags are used to request additional data that may have
been elided to save wire space.
-- MATCH-style flags are used to include components or packages that
would have otherwise been omitted from a result set by current system
state.
There are a handful of existing GET flags that better fit under the
MATCH definition, so this change clones them to new constants and
marks the old ones as deprecated.
Fixes bug in JobSchedulerService to consider jobs from apps on
external storage. Revert some dialer behavior back to being
untriaged.
Change-Id: I9b6ab0968241e3479bddbd78de0c51e3b9917318
Added a guest-mode to ManagedServices.
Like system services, the lifecycle of a guest is not managed.
Unlike system services, guests are not considered privledged.
The Assistant gets all the usual listener events.
Implemented adjustImportance.
Future work: enqueued, clicked, visibility, removed, annotations
Bug: 22455414
Change-Id: Ic41c0bf625b5e98cb577b49098bba23a539bb507
Move requestDropPermissions from DragEvent to Activity.
Permissions will be granted using UriPermissionOwner
associated with this activity and revoked when the activity
is destroyed (if DropPermissions.release is not called before that).
Change-Id: Ic8f8fc3f56f57e83b9bc34ae8c96d82c2c9c4e1d
info-activities
The icon is loaded from the discovery session only when it is displayed
to avoid having to store too many icons in memory.
Also the icons are not maintained in the historical printers. Only if
the printers are available nice icons are shown. A historical printer is
updated with the appropriate properties (including icon) once it becomes
available.
Bug: 24135005
Change-Id: Iec389bab514b024634be8fb5fc8928371cba8740
Create distinct flags for encryption aware, unaware, and both, and
name them like the other MATCH_ flags.
Start adding logic to help triage all system internal callers to
verify that they've done their homework and thought about how to
handle apps while locked. Call sites in the system should either
ask for explicit matching behavior, or explicitly use the DEFAULT
match flag to indicate that they've been triaged to use the
default state-based matching.
Bug: 26250295
Change-Id: I86214e5c4f71a6dc72f06930800388713aecd107
In our current design, in-call ui in parent user is used.
We need a way for Telecom to tell in-call ui that is the call a work
call or not show that we can have some UI changes to reflect it.
Bug: 26022174
Change-Id: I5f54371ddac14ffdb50359c2e792b9f24858bcb8
- Implement a "VR mode" that may be enabled by a focused Activity.
- Add a system service that tracks the current VR mode state and notifies
other core framework services of mode changes.
- Extend NotificationListenerService to allow the bind/unbind lifecycle
of specified listeners to be triggered by system events.
Bug: 22855417
Bug: 25479708
Change-Id: I1ac8692bbb5521bb6c7cfb9d2b56b98b720f8568
The device or profile owner can allow another
package to set app restrictions for any app in that user
Similar to the way it can give permission to access
CA certificate related APIs from M.
Bug: 22541936
Change-Id: I0c1b0804ad300dfa4fbdc1c7721c5d8653d77861
Rename DropPermissionHolder to DropPermissions and move
all server-side implementation details into a separate class.
Rename DragEvent.getDropPermissionHolder to
requestDropPermissions and make it take the permissions
implicitly.
Change-Id: Ia83f7cb8af07ce13ba9536d24b0f9d63331d8736
This API checks the SQL syntax by compiling it. This is useful to
detect SQL injection, for example.
Change-Id: I956548a34f664950246856966e5601dcac3daf00
Adds APIs in DevicePolicyManager and PackageManager for allowing
a device admin to suspend a package. PackageManagerService sets
or unsets a new PackageUserState 'suspended' setting. Terminal
command to suspend/unsuspend has been added via
PackageManagerShellCommand (as root).
Next steps:
* use the new 'suspended' setting for denying access to start app
(probably in ActivityStackSupervisor)
* broadcast a PACKAGE_(UN)SUSPENDED intent for launchers to pick up
* remove app from recents (go further and kill it if it is running)
* erase existing notifications for this app
Bug: 22776576
Change-Id: I718b3498f6a53cc0c6fdfb6d15031e53ddca4353
