We keep track which process saw and account to whitelist
the app for future access as an optimization to avoid
prompting the user for account access approval. Some apps
use SefeParcelable where the parcels are marshalled
which does not allow the parcel to contain IBinders.
To avoid this we are switching from account tracker remote
objects to unforgeable tokens.
bug:31162498
Change-Id: I3b52bff720655f695ad0c58d420eb35ef93161b9
We keep track which process saw and account to whitelist
the app for future access as an optimization to avoid
prompting the user for account access approval. Some apps
use SefeParcelable where the parcels are marshalled
which does not allow the parcel to contain IBinders.
To avoid this we are switching from account tracker remote
objects to unforgeable tokens.
bug:31162498
Change-Id: I19916b54afd0b47e57c517145aa6b1ff17154144
This patch defines a new metrics service for IpConnectivity events
defined in android.net.metrics, separate from currently existing
MetricsLoggerService.
Similarly to MetricsLoggerService, the new service has an event buffer.
It also implements a dumpsys interface that can be used to flush events
and output a serialized proto.
Bug: 31254800
Change-Id: I0c3faeb4008b283f85d9ba9460371fa68956ea3b
Sync adapters without an account access cannot run until the
user approves the account access (for the case the account
access is not allowed by other policy such as being singed
with the same cert as the authenticator). However, if the
sync adapter package already got the account from another
app which means it already saw the account we white-list
the sync adapter app to access the account as it already
saw it - the bird is out of the cage.
bug:31162498
Change-Id: I2b72f3b0d6307561ed68db2f2e9c900b15e8d098
Pure rename operation - no other functional changes.
(cherry-pick of commit ddb5f646562f31d7e78778a978e546f85312b009)
Bug: 31470256
Test: unit tests, integrated (sl4a) tests.
Change-Id: I5110d1a673b7ba4e39350d723b5984586fec585a
Build serial is non-user resettable freely available deivice
identifier. It can be used by ad-netowrks to track the user
across apps which violates the user's privacy.
This change deprecates Build.SERIAL and adds a new Build.getSerial()
API which requires holding the read_phone_state permission.
The Build.SERIAL value is set to "undefined" for apps targeting
high enough SDK and for legacy app the value is still available.
bug:31402365
Change-Id: Iddd13430b2bd1d9ab4966e31038ecabdbdcec06d
Sync adapters without an account access cannot run until the
user approves the account access (for the case the account
access is not allowed by other policy such as being singed
with the same cert as the authenticator). However, if the
sync adapter package already got the account from another
app which means it already saw the account we white-list
the sync adapter app to access the account as it already
saw it - the bird is out of the cage.
bug:31162498
Change-Id: I2b72f3b0d6307561ed68db2f2e9c900b15e8d098
also update all non-DAC builds to use the "referenceonly" flag for a cleaner output and faster build.
Change-Id: Iebd9791305479c5dc406ba3b81eaf076855bc632
Compiling frameworks source is missing a dependency on the R.stamp file
generated by the frameworks-res aapt rule, likely caused by the switch
to jack. Use LOCAL_ADDITONAL_DEPENDENCIES to insert the dependency
instead of directly using build system internals.
Change-Id: Ifb830da18b3607f87ae283cea04f7d276d4bfde9
