Forward-locked apps aren't very prevalent, but it needed to be
restructured to make sure both streams and ZipFile objects are closed.
Change-Id: I41f863224fecd24069e525e9ce3738de8237bd5e
It's difficult to see in bugreports when this situation arises. Add a
small log so we can easily determine installation failure reason.
Change-Id: Ie59c205cf731cad7b3d04ceb995e58a093c62455
Enable default enforcement of READ_EXTERNAL_STORAGE on non-user
builds. Users can still explicitly enable enforcement in Settings.
Bug: 6131916
Change-Id: I7dc66b624ad252ed2a2ad3647f3ea85dda7f8e82
Broadcast intents that get sent out when users are added/removed/switched.
More work on generating user-specific information in package manager queries.
APIs to update user name and query a user by id.
Removed Package.mSetStopped and mSetEnabled, since they're not user specific.
User removal:
- Cleanup ActivityManager, PackageManager, WallpaperManager, AppWidgetService
and AccountManager.
- Shutdown processes belonging to the user.
Don't show vibrate option in long-press power if there's no vibrator.
Lock the screen when switching users, to force unlocking.
Change-Id: Ib23a721cb75285eef5fd6ba8c7272462764038fa
When READ_EXTERNAL_STORAGE isn't enforced, grant its GID to all
launched processes. When changing enforcement, kill all processes
below foreground adjustment, causing them to be relaunched with
update GIDs.
Bug: 6131916
Change-Id: I6d83efc937919f13a1a7d9caac902e572869406a
Packages can be enabled/disabled per user.
This requires maintaining stopped/launched states and
enabled / disabled components and packages per user.
Refactored pm.Settings and PackageSettingsBase to keep
track of states per user.
Migrated the stopped-packages.xml to users/<u>/package-restrictions.xml
Changed intent resolution to handle individual user restrictions.
Bunch of IPackageManager calls now have a userId argument.
Make AppWidgetService handle removals of packages.
Added some tests for pm.Settings and PackageManager.
Change-Id: Ia83b529e1df88dbcb3bd55ebfc952a6e9b20e861
Store enforcement state of specific permissions, allowing them to be
selectively enforced. Currently supports READ_EXTERNAL_STORAGE, which
by default isn't enforced, but enforcement can be enabled at runtime.
Bug: 6131916
Change-Id: I4bcc215a2eb5e6507d6257b577311cbd13c77acf
The code for this was fairly conservative since the components of the
apps could change, leaving junk in the preferred app list. Now we
don't pro-actively clear them, but try to catch missing components
later.
Change-Id: I793063449dcc577fd3d56bb56495b308f0c95ea8
These are permissions that an application can request, but won't
normally be granted. To have the permission granted, the user
must explicitly do so through a new "adb shell pm grant" command.
I put these permissions in the "development tools" permission
group. Looking at the stuff there, I think all of the permissions
we already had in that group should be turned to development
permissions; I don't think any of them are protecting public APIs,
and they are really not things normal applications should use.
The support this, the protectionLevel of a permission has been
modified to consist of a base protection type with additional
flags. The signatureOrSystem permission has thus been converted
to a signature base type with a new "system" flag; you can use
"system" and/or "dangerous" flags with signature permissions as
desired.
The permissions UI has been updated to understand these new types
of permissions and know when to display them. Along with doing
that, it also now shows you which permissions are new when updating
an existing application.
This also starts laying the ground-work for "optional" permissions
(which development permissions are a certain specialized form of).
Completing that work requires some more features in the package
manager to understand generic optional permissions (having a
facility to not apply them when installing), along with the
appropriate UI for the app and user to manage those permissions.
Change-Id: I6571785c6bb5f6b291862b7a9be584885f88f3a5
Switching activity stacks
Cache ContentProvider per user
Long-press power to switch users (on phone)
Added ServiceMap for separating services by user
Launch PendingIntents on the correct user's uid
Fix task switching from Recents list
AppWidgetService is mostly working.
Commands added to pm and am to allow creating and switching profiles.
Change-Id: I15810e8cfbe50a04bd3323a7ef5a8ff4230870ed
Ensure that all requests to read the list of installed packages
go through the PackageManager directly. Don't allow non-system
program to directly read the raw package list files.
Change-Id: Id083e6b3de4dd9173abfdc741ebf3f60997a1052
New API to let you build an Intent whose base configuration is correct,
but has an additional "selector" to pick out the specific app that you
would like launched.
Change-Id: Ide9db6dc60e2844b7696cfe09b28337fe7dd63db
...through setup wizard after wipe data
Deal with finish() being called when there are no running activities
on the stack.
Also some improved debugging output.
Change-Id: Ia1d3f3f7e7b79c06ca95c738081322fc80282e0d
...the "Complete action using" dialog
When an application goes idle, it sends back to the activity manager
the configuration it last used, to make sure the two don't get out
of sync. Fix a bunch of edge cases here in dealing with that, and
be sure to also send the current configuration when launching an
activity so the client is always up-to-date when launching.
Also a small fix to not show the upgrading dialog during first boot.
Change-Id: I14ed366a87cd689d1c78787369e052422290ac6f
* Verifiers can be specified in the AndroidManifest.xml
* Those verifiers can respond to the new Intent action
* PackageManager API for those verifiers: verifyPendingInstall
Change-Id: I4892bce2e6984871e6e93c60a1ca0dae145f5df5
The message when something is not an APK that is submitted for dexopt is
not extremely helpful. Make it more precise and remove the useless
traceback.
Change-Id: Ibb34b2b2c10ee28ea98662c3f6fd070529cf8c4f
If the app had activities still finishing, when we checked whether it was
now stopped we would get told no. Also some other improvements:
- Schedule an idle as part of the force stop, to get any finishing
activities out of the stack soon rather than waiting for some activity
to idle.
- Don't filter out stopped system apps. This is dangerous because
system apps may have no way for the user to explicitly launch them,
so they could get put into a stopped state for which there is no way
to get them out. Also if the user really wants a system app to not
run, the new disabling mechanism is more appropriate.
Change-Id: I34003f21dac29e2ca0f66a23b88c710de41bab99
This adds a special device identifier that is usable only for device
validation. The user will be presented with this number encoded in
easily-transcribable Base32 in the Developer options of Settings.
Change-Id: I4843f55ee90d689a51d0269b22454ca04c1be7ec
A core app is one that has coreApp="true" in its manifest tag.
The system can successfully boot (though a little painfully) with
only framework-res.apk, SettingsProvider.apk, SystemUI.apk,
DefaultContainerService.apk, and Launcher2.apk set as core apps.
Currently this boot mode is always turned off.
Change-Id: Ieaa4a8031c2c391a12996aa8d8b1d65fc2b09d6b
...opening after selecting option "Youtube" as a luncher.
Also:
* Tweak window animations so that the wallpaper exist animations do not
stop too early (causing the wallpaper to suddenly disappear).
* Make sure no input is being processed while booting, to avoid
accidentally doing things especially in the upgrade dialog.
* Some other small cleanup.
Change-Id: I40a6b53731991d4e31ac4502e3d85f0e47507481
This introduces a new facility for code during the boot process
to display messages to the user through a progress dialog. This
is only for use when performing longer-than-usual post-upgrade
operations such as running dexopt on applications or upgrading
databases.
Change-Id: I0e78439ccec3850fb67872c22f235bf12a158dae
Copy resource would fail without a good error code when the file
couldn't be found during copy.
Also destroy the target container ID during move operations since it
might exist. If the copy failed due to it existing, it would get
destroyed anyway. This way the user has a chance to have a good outcome
the first time.
Bug: 3375299
Bug: 5113898
Change-Id: I00559833f0801bc50e7cc031b462495e37a6b4ab
The activity manager now take care of plugging the correct settings
into the OOM killer in the kernel. This is a lot cleaner because
it is really central to how the activity manager works, and nobody
else cares about them.
Taking advantage of this, the activity manager computes what it
thinks are appropriate OOM levels based on the RAM and display
size of the device.
Also a small optization to the package manager to keep a binding
to the package install helper for a bit after done using it, to
avoid thrashing on it.
And some new APIs that are now needed by Settings.
Change-Id: I2b2d379194445d8305bde331c19bde91c8f24751
The old version of this code would silently truncate odd-length
Signatures. However, this masks some bugs. Add a throw of
IllegalArgumentException so users can easily see where they're getting
bad input for Signatures.
Also, go through the existing code and catch this exception or
pre-check the input strings so system_server doesn't crash later.
Bug: 5092338
Change-Id: I8c672c5eaeb738a92c4581ce0df09baf719980ef
Make sure that files that don't exist aren't returning bogus 'out of
space' error codes.
Add some Javadoc so I can remember what each thing does in an IDE.
Add copyright header to NativeLibraryHelper
Bug: 3375299
Change-Id: Iac46019160921daca65b21d38897e5165063316e
When moving from SD card to internal, the PackageManager should check if
the native library directory parent's canonical path matches the
canonical data directory.
However, it was checking the canonical native library directory's
parent matches the data directory which makes tests concerning moving
from SD card to internal storage fail.
Change-Id: I16420efbb6f52fd6877a8f62ad060f8a1b8b0033
The built-in ZipFile class was quite a long time to find an unpack
libraries. Move everything to using the libutils ZipFileRO class that
goes quite a bit faster. Initial measurements are 6 times faster than
the Java code.
Also, read files off the disk and compare their CRC against the APK's
CRC to see if we need to write the new file to disk. This also cuts down
the bootup time by up to a second per APK that has native files.
Change-Id: Ic464a7969a17368fb6a6b81d026888c4136c7603
