All but a few lines of this is for issue #16013164, which allowed
apps to do some operations as the media uid by having it call
back to them to open a file. The problem here is with the tempory
identity stuff in the activity manager, allowing us to make the open
call as the original caller... ideally we should figure out a way
to just get rid of all of that, but the solution here is actually
easier (even though it doesn't look it) -- we now hand a token over
to the openFile() call that it can use when doing permission checks
to say "yes I would like the check to be against whoever is responsible
for the open". This allows us to do the uid remapping for only this
one specific set of permission checks, and nothing else.
Also fix issue #17487348: Isolated services can access system services
they shouldn't be able to. Don't send any system service IBinder objects
down for the first initialization of an isolated process.
Change-Id: I3c70e16e0899d7eef0bae458e83958b41ed2b75e
If the creation of an Activity fails, it is impossible to determine what
went wrong. We should log the exception immediately before failing on assert.
Change-Id: Ie6cbe87ff342b8d60989f5e1a6ffa3efc058c585
Currently, Mockito tests don't run on ART (KitKat & L) due to an extra
NoClassDefFoundError exception being thrown while trying to resolve
internal test runner classes. These exceptions are benign, Mockito's
internal test runners all inherit from org.junit.runner.Runner, which is
not included in the setup, but none of them are actually used in tests.
The same apks succeed on Dalvik, and logcat shows the same exceptions
going by, minus the NCDFE's.
Section 5.3 of the VM spec says the virtual machine has to wrap a
ClassNotFoundException in NoClassDefFoundError if the first exception
arises from verification or resolution but not initialization of that
particular class.
Bug: 17042833
Change-Id: I3af20f6884d9fa3afc3fbf9fcb238be10267827a
The motivation is an API change: FloatMath is going to be
deprecated and/or removed. Performance is not the goal of
this change.
That said...
Math is faster than FloatMath with AOT compilation.
While making the change, occurances of:
{Float}Math.sqrt(x * x + y * y) and
{Float}Math.sqrt({Float}Math.pow(x, 2) + {Float}Math.pow(y, 2))
have been replaced with:
{(float)} Math.hypot(x, y)
Right now there is no runtime intrinsic for hypot so is not faster
in all cases for AOT compilation:
Math.sqrt(x * x + y * y) is faster than Math.hypot(x, y) with
AOT, but all other combinations of FloatMath, use of pow() etc.
are slower than hypot().
hypot() has the advantage of being self documenting and
could be optimized in future. None of the behavior differences
around NaN and rounding appear to be important for the cases
looked at: they all assume results and arguments are in range
and usually the results are cast to float.
Different implementations measured on hammerhead / L:
AOT compiled:
[FloatMath.hypot(x, y)]
benchmark=Hypot_FloatMathHypot} 633.85 ns; σ=0.32 ns @ 3 trials
[FloatMath.sqrt(x*x + y*y)]
benchmark=Hypot_FloatMathSqrtMult} 684.17 ns; σ=4.83 ns @ 3 trials
[FloatMath.sqrt(FloatMath.pow(x, 2) + FloatMath.pow(y, 2))]
benchmark=Hypot_FloatMathSqrtPow} 1270.65 ns; σ=12.20 ns @ 6 trials
[(float) Math.hypot(x, y)]
benchmark=Hypot_MathHypot} 96.80 ns; σ=0.05 ns @ 3 trials
[(float) Math.sqrt(x*x + y*y)]
benchmark=Hypot_MathSqrtMult} 23.97 ns; σ=0.01 ns @ 3 trials
[(float) Math.sqrt(Math.pow(x, 2) + Math.pow(y, 2))]
benchmark=Hypot_MathSqrtPow} 156.19 ns; σ=0.12 ns @ 3 trials
benchmark=Hypot_FloatMathHypot} 1180.54 ns; σ=5.13 ns @ 3 trials
benchmark=Hypot_FloatMathSqrtMult} 1121.05 ns; σ=3.80 ns @ 3 trials
benchmark=Hypot_FloatMathSqrtPow} 3327.14 ns; σ=7.33 ns @ 3 trials
benchmark=Hypot_MathHypot} 856.57 ns; σ=1.41 ns @ 3 trials
benchmark=Hypot_MathSqrtMult} 1028.92 ns; σ=9.11 ns @ 3 trials
benchmark=Hypot_MathSqrtPow} 2539.47 ns; σ=24.44 ns @ 3 trials
Change-Id: I06c91f682095e627cb547d60d936ef87941be692
TouchUtil's drag method tries to sync after sending
each event which is not necessary. Sync are slow so
removing them greatly improves test running time.
Bug: 17323559
Change-Id: Ia4ed02b2af44da0d821d93d28f963005d9d7ea79
1. ProviderTestCase2 passes a null as a ProviderInfo to the ContentProvider
2. mAuthority and mAuthorities will be null during the test
3. ContentProvider.matchesOurAuthorities will throw an NPE.
Supply a ProviderInfo with authority.
Example bug:
Change-Id: Ia533313c0994727ef81f337a4e31a57ae7ec3c15
Hide KeySet API. Change getKeySetByAlias to not require aliases from the calling
package. Make KeySet parcelable. Add hashCode method.
Bug: 16895228
Bug: 17009318
Change-Id: I75951947dfc7a3cca9f8873bda72576d11abaaf0
The goal of this change is to enable support for appwidget from
user profiles to the user main profile. A user profile is a user
which is associated as a child of the main user profile. For example,
a user may have a personal (parent) and corporate (child) profile.
The device policy should be able to control whether adding a widget
from a child profile and given packages is allowed. This change
assumes that all packages from managed profiles are white listed.
Another change will add the device policy changes.
Change-Id: I267260b55d74c48b112a29979a9f59eef7a8194e
This corrects the expected behavior of the app state. Hidden apps
can be installed by the store to be brought out of hidden state.
Bug: 16191518
Change-Id: Id128ce971ceee99ba1dea14ba07ce03bd8d77335
This provides a directory where apps can cache compiled or optimized
code generated at runtime. The platform will delete all files in
this location on both app and platform upgrade.
Bug: 16187224
Change-Id: I641b21d841c436247f35ff235317e3a4ba520441
Flesh out documentation and finalize first cut of API. Also surface
installLocation and splitNames through PackageInfo.
Bug: 14975160, 15348430
Change-Id: Ic27696d20ed06e508aa3526218e9cb20835af6a0
This is an app-private filesystem space exactly like the one
reported by Context.getFilesDir(), with one exception: files
placed here are never backed up by the full-backup infrastructure.
If an app attempts to back up any of its contents via the normal
API it's immediately ignored with a logged warning.
The restriction is also enforced on the restore side, because
apps using support libraries might wind up creating full backup
archives containing no_backup subdirs on pre-L devices (via
adb backup, Helium, &c.). We check for this before passing the
restore data to the app, and drop it if we detect the situation
so that the app never sees the bits.
Bug 16240573
Change-Id: I11216a391f1d32117ec7ce15aafc9cd93d0337de
So, corporate apps in disambiguation dialogs are badged.
And updating the way we show the icon of the personal space to this new design.
BUG: 14377051
Change-Id: Idc707773a64a8feb2d9d4df88c425d5100542636
In an intent disambiguation dialog from a managed profile,
when the intent can be forwarded to the personal space:
show the icon of the parent next to "Personal apps".
And put it at the bottom of the dialog.
Change-Id: I523222aac5dde9653e784eb26cf23cdaf018b86c
For these crossProfileIntentFilters, the activities in the current profile cannot
respond to the intent.
Only activities in the target profile can respond to the intent.
BUG: 14936725
Change-Id: I5e2704c2b56ff50a8339dd49284956391d7fad7e
Adds methods for dealing specifically with long data types. Used by
PackageKeySetData as part of the KeySet work. Add appropriate test methods
to MoreAsserts as well.
Bug: 6967056
Change-Id: I1e263301b353e0cd1b45126be6ef5ec310f311a8
This change defines per-app directories on external storage that
will be scanned and included in MediaStore. This gives apps a way
to write content to secondary shared storage in a way that can
easily be surfaced to other apps.
Bug: 14382377
Change-Id: I4cb367c870509e76f0c2c598f01e2f699780030a
Defines a new PackageInstaller class that will be used for installing
and upgrading packages. An application desiring to install an
application creates a session, stages one or more package files in
that session, and then kicks off the install.
Previously, PackageManager would always make its own copy of a package
before inspecting it, to ensure the data could be trusted. This new
session concept allows the installer to write package data directly to
its final resting place on disk, reducing disk I/O and footprint
requirements. Writes are directed through an intermediate pipe
to ensure we can prevent mutations once an install has been initiated.
Also uses fallocate() internally to support optimal ext4 block
allocation using extents to reduce fragmentation.
Sessions are also the way we support installing multiple "split" APKs
in a single atomic operation. For a set of packages to form a valid
application, they must have exactly the same package name, version
code, and certificates. A session can also be used to add a small
handful of splits to an application by inheriting existing packages
when not performing a full install.
Add PackageParser support for extracting split names and certificates.
Bug: 14975160
Change-Id: I23d1bf4fbeb9f99a8c83be0c458900a0f0d1bccc
...and now fail conservatively when two apps both attempt to define
the same permission. Apps signed with the same certificate are
permitted to redefine permissions.
We also finally have a (hidden) interface class for observing package
installation so that we can now rev the interface without breaking
existing callers.
Bug 13551375
Change-Id: Ifa4e59154dcccbb286ee46a35a6f25e4ad0f0f01
...and now fail conservatively when two apps both attempt to define
the same permission.
We also finally have a (hidden) interface class for observing package
installation so that we can now rev the interface without breaking
existing callers.
Bug 13551375
Change-Id: I3a286d024a30e812ee4b098f345401df3c00e178