Services now must explicitly opt in to being accessed by isolated
processes. Currently only the activity manager and surface flinger
allow this. Activity manager is needed so that we can actually
bring up the process; SurfaceFlinger is needed to be able to get the
display information for creating the Configuration. The SurfaceFlinger
should be safe because the app doesn't have access to the window
manager so can't actually get a surface to do anything with.
The activity manager now protects most of its entry points against
isolated processes.
Change-Id: I0dad8cb2c873575c4c7659c3c2a7eda8e98f46b0
This reserves a range of uids (for each user) in which these processes
run. These uids are not associated with an application, so they
effectively run with no permissions. When a Service requests to
run in such a process through android:isolatedProcess="true", each
time it is brought up a new isolated process is started with its
own unique uid.
What we have so far gives us the basic infrastructure; more work
remains to further lock down what these uids have access to.
Change-Id: Ibfd27c75619cba61f528f46ede9113f98dc5f45b
Other:
- add a comment to nextUniqueId
- made ThreadBase::mId const, since it is only assigned in constructor.
Change-Id: I4e8b7bec4e45badcde6274d574b8a9aabd046837
Reverting because it seems to break `adb reboot`
This reverts commit 813af8d46467f41ed2d492917cbb9f9f45d2a3d7.
Change-Id: I75d827664a08799de15369c24c84cc3f49a8f297
We can do this now that we ensure processes are not killed until
they have been stopped. If the two activities are in the same
process, the ordering will still be correct because we schedule
the pause before the resume.
Change-Id: I209ba739b41e832d35db3edd34d1e7af354cc183
Need changes in core.
Still possible for netd to get wedged but system won't die because of it.
Leads the way to having forking netd - then only individual commands would
wedge, promoting stability.
bug:5864209
Change-Id: Ifcd37511c8239fe3df7e9070869b63a9c5649bd2
When changing global restrict background status, send connectivity
change broadcast, since it radically changes DISCONNECTED/BLOCKED
status system-wide.
Also reduce verbose stats logging.
Bug: 5854466
Change-Id: I3b612c520f50cc3000a3a569b7e0ab5f691cc2bd
SF could end-up in an infinite crash-loop during startup if it
was stopped while the screen was off. This happened because
the thread that manages screen blanking was started before
other important pieces of SF were initialized.
Change-Id: I0dded11dbf2395fdd57b673859a7aa0fa9eb32b6
we're seeing UI freezes when window updates and
composition are separated. for now we workaround this
by always doing a composition after window updates on
vsync. triple buffering is reenabled for performance.
Change-Id: I693d705000b7452489bb0b4918fbeadb9879315c
In some situations SF would mark a window as "has a pending update"
but would never process that update because the window is not
visible (fully transparent, hidden by another window, etc...), this
window would then be "stuck" until some other window updated.
Change-Id: Ifa18a9aef3a53f2593b473556702688ae62d9503
recent changes in SF introduced a hang where some windows would
stop being refreshed.
This is an attemp to fix that.
Change-Id: I6aa32ac0d6f1c0a6aea8f6195825dc4f4e6f93f9
Fortunately audio_track_cblk_t doesn't have a destructor, but for clarity
remove the double destruction.
Also add warning not to add any virtuals to audio_track_cblk_t.
Change-Id: I70ebe1a70460c7002145b2cdf10f9f137396e6f3
This is just documentation, as C++ method const-ness doesn't mean anything
for a binder API. Instead, here const means "no side effects".
Change-Id: Iaa9cd2fe477db10ae9a40cac4f79f0faa9b4e5e6
It turns out to be just a comment, as all except AudioMixer are RefBase.
There are only a few performance-sensitive cases where it's worth thinking
about whether you need a virtual destructor, and the headache usually
outweighs the benefit.
Change-Id: I716292f9556ec17c29ce8c76ac8ae602cb496533
Switching activity stacks
Cache ContentProvider per user
Long-press power to switch users (on phone)
Added ServiceMap for separating services by user
Launch PendingIntents on the correct user's uid
Fix task switching from Recents list
AppWidgetService is mostly working.
Commands added to pm and am to allow creating and switching profiles.
Change-Id: I15810e8cfbe50a04bd3323a7ef5a8ff4230870ed
