Cross Reference: /frameworks/base/services/core/java/com/android/server/am/UserController.java

History log of /frameworks/base/services/core/java/com/android/server/am/UserController.java
Revision	Date	Author	Comments (<<< Hide modified files) (Show modified files >>>)
1219c924bdf98fd5342fe5bb7cd09da1012d2e1a	20-Jun-2016	Nicolas Prevot <nprevot@google.com>	Don't allow showing an activity if user is stopping or shutting down. BUG:29264996 Change-Id: I9fc97c5dc37e6d5656b82b277954b5963eb345c4 /frameworks/base/services/core/java/com/android/server/am/UserController.java
899608a83f9a05d64b3fa4743215c9dd1af66077	27-May-2016	James Hawkins <jhawkins@google.com>	am/UserController: Log system uptime at two 'boot complete' markers. ACTION_LOCKED_BOOT_COMPLETED and ACTION_BOOT_COMPLETED. Bug: 28070626 Change-Id: I6ff8e840a1c1faf804d6889ac0c3ad96cca8d6f3 (cherry picked from commit 64ce4e7e810c9e002771afbe0838742a82fc4ef9) /frameworks/base/services/core/java/com/android/server/am/UserController.java
ac06a4907bff7d5ee0612dbb85180222e1455791	25-May-2016	Fyodor Kupolov <fkupolov@google.com>	Remove ActivityManager calls with PM.mInstallLock held UserController now pushes user state to UMS. PM now checks user running/unlocking/unlocked state by calling UserManagerInternal. Bug: 28090199 Change-Id: I20e62b37f78238f28dd81f49f876732bbd3c6b34 /frameworks/base/services/core/java/com/android/server/am/UserController.java
4266feeb93fae4603e8a43d065160430a4c784a5	23-May-2016	Ricky Wai <rickywai@google.com>	Unlock work profile storage even work mode is off Bug: 28860823 Change-Id: Ic89027f163e4c4e1ba9e8c24174475b6a4a983a4 /frameworks/base/services/core/java/com/android/server/am/UserController.java
ae13e18c5561537e062f46ddda8e5dff30d1fe26	17-May-2016	Tony Mak <tonymak@google.com>	Should check isDeviceSecure in shouldConfirmCredentials The NPE is because createConfirmDeviceCredentialIntent returns a null intent when it founds that user does not set a secure lock. So the fix is we should check is the user set a secure lock screen as well. The reason the crash only happens in multi-window flow because we have null checking in the normal flow (i.e. interceptWithConfirmCredentialsIfNeeded). But I think we better check it explicitly. Bug: 28716456 Change-Id: Ib204cd02c0007bd1df36908bb3b5254ec4ffb914 /frameworks/base/services/core/java/com/android/server/am/UserController.java
6c915ead38db0a2a6393c40d4fbac959399439c5	10-May-2016	Fyodor Kupolov <fkupolov@google.com>	Push unlocking/unlocked state to UserManager Push unlocking/unlocked state to UserManagerInternal when it's changed in UserController. Use UserManagerInternal.isUserUnlockingOrUnlocked when updating flags for filtering in PackageManager. Bug: 28629076 Change-Id: I8440af090f533f93870d0cff0e3871e114c37efa /frameworks/base/services/core/java/com/android/server/am/UserController.java
cca1c654f8d0d2ec4671e3b1342a2db5a5256eab	04-May-2016	Fyodor Kupolov <fkupolov@google.com>	Call unlockUserKey in a synchronized section This will make callers of isUserRunning to wait for the unlock to finish. Bug: 28530527 Change-Id: I272e2166cdc3df8e34c3436c9c18ba6765da0625 /frameworks/base/services/core/java/com/android/server/am/UserController.java
ec6faca0078263dfbf2b41d11cdb14586e40fd75	29-Apr-2016	Amith Yamasani <yamasani@google.com>	Merge "Stop user faster and clear stale broadcasts" into nyc-dev
ad2e4bf9f36cf612db6c397feca8effb125ee541	26-Apr-2016	Amith Yamasani <yamasani@google.com>	Stop user faster and clear stale broadcasts Moved several USER_STOPPING registered receivers to listen to USER_STOPPED, since they don't need to be blocking the shutdown of the user. Clear all stale broadcasts when stopping a user, so that we don't unnecessarily start up processes and deliver stale broadcasts. This was causing code to run when the user was already stopped and resulted in crashes when other providers and services couldn't be started anymore. Hopefully this fixes many of those races. Bug: 28371487 Change-Id: Ic35a7a23fa8fe009a53f8bf7545d4dad5fa34134 /frameworks/base/services/core/java/com/android/server/am/UserController.java
ce18c8167766f92856f94a8e88e19de4698960e6	28-Apr-2016	Jeff Sharkey <jsharkey@android.com>	Introduce "unlocking" vs "unlocked" nuance. There is a narrow window of time during user unlock where we're reconciling user storage and dispatching the "unlock" status to various internal system services. While in this "unlocking" state, apps need to be told that the user still isn't actually "unlocked" so they don't try making calls to AccountManager, etc. The majority of internal services are interested in merging together both the "unlocking" and "unlocked" state, so update them. Clarify naming in AccountManagerService to make it clear that a local list is being used, which mirrors the naming in MountService. To match UX/PM requested behavior, move PRE_BOOT_COMPLETED dispatch after the user is unlocked, but block BOOT_COMPLETED dispatch until after all PRE_BOOT receivers are finished to avoid ANRs. Bug: 28040947, 28164677 Change-Id: I57af2351633d9159f4483f19657ce0b62118d1ce /frameworks/base/services/core/java/com/android/server/am/UserController.java
c94c2493717264641bdfd205fd1f023193caa535	21-Apr-2016	Fyodor Kupolov <fkupolov@google.com>	Broadcast USER_INITIALIZE after user is unlocked Previously USER_INITIALIZE was sent before USER_UNLOCKED. This was leaving BOOT_COMPLETED as the only option for non-directBootAware apps to do one time initialization. Now USER_INITIALIZE is sent immediately after the user is unlocked. Bug: 28278011 Change-Id: Id82eae91af80a66454d4027050120ae841decfeb /frameworks/base/services/core/java/com/android/server/am/UserController.java
fd24108ca9876ac4f3598cf06464b78b61f32a96	19-Apr-2016	Jeff Sharkey <jsharkey@android.com>	Don't block while dispatching PRE_BOOT. While we're waiting on the final UX around PRE_BOOT_COMPLETED, don't frustrate users by giving them a lockscreen that appears frozen for several seconds. Bug: 28164677 Change-Id: I54b62cea9bb83bc0f82fdf7e6e46a4640e1a30de /frameworks/base/services/core/java/com/android/server/am/UserController.java
84a4c971c484f05f2a2494d6353f36f4d954a5e0	18-Apr-2016	Jeff Sharkey <jsharkey@android.com>	Unlock should always wait for pending PRE_BOOT. While processing an unlock request, we might go async to handle long-running operations like dispatching PRE_BOOT_COMPLETED. This change ensures that all unlock requests for a particular user wait in line behind any pending async operations. Without this CL, any subsequent unlock requests would immediately return successful, even though PRE_BOOT_COMPLETED events were still being processed. Bug: 28240584 Change-Id: I307d6aaebfb8f38028f3666a2e19e4399b7cf3a7 /frameworks/base/services/core/java/com/android/server/am/UserController.java
f6ef828a7495be3bfe767ad0bb67ad155c6101de	14-Apr-2016	Ricky Wai <rickywai@google.com>	Fix cannot unlock keyguard when work challege is unified and work mode is off Bug: 28138657 Change-Id: I20e2f571d9ac76c0cd92251de7e068f6c7fb3367 /frameworks/base/services/core/java/com/android/server/am/UserController.java
155e5d6de7059198b21f3f220fbff7bf0baf306c	11-Apr-2016	Jeff Sharkey <jsharkey@android.com>	Send USER_UNLOCKED broadcasts before PRE_BOOT. Apps handling the PRE_BOOT_COMPLETED broadcast expect the user to be fully unlocked and working. Most system internals are using the SystemServer interface, and we dispatch the unlocked event through them before starting the PRE_BOOT process. However, there are still some system internals that haven't been converted to SystemServer, so we need to also send USER_UNLOCKED for them to pick up before starting PRE_BOOT work. Bug: 28086245 Change-Id: Ie847b463ea55a6dddcc49d243ef8fb308e5179a7 /frameworks/base/services/core/java/com/android/server/am/UserController.java
27b5d2e2f992d4f3c3984fa73f1fb861b4c456c5	11-Apr-2016	Jeff Sharkey <jsharkey@android.com>	Skip unlock requests for users who aren't running. Bug: 28111989 Change-Id: I80b6dd1e5a2d919b0a198667e18b7979effe6999 /frameworks/base/services/core/java/com/android/server/am/UserController.java
7661a316b43aed875019e288dcf9d2736c706439	07-Apr-2016	Jeff Sharkey <jsharkey@android.com>	Unlock newly created managed profiles. We only need to delay unlocking managed profiles if the parent user is currently locked. Bug: 28068215 Change-Id: Ic59872a10417cfc166bd6e79cf94719545c7f45a /frameworks/base/services/core/java/com/android/server/am/UserController.java
5dab713ff0c28ff264d5b26dd1a97bc37eee2d55	07-Apr-2016	Jeff Sharkey <jsharkey@android.com>	Delay unlock attempts for managed profiles. Managed profiles may not have a credential challenge, so we need to make sure we don't unlock them until their parent user has been unlocked. Otherwise the managed profile will get into all sorts of trouble trying to reach into its still-locked parent. Bug: 28051109, 27457806 Change-Id: If2ca59834024e5ad039f659d611ef708ed751fad /frameworks/base/services/core/java/com/android/server/am/UserController.java
083807d61cd87f0e7d531612c7d6a139901b1078	06-Apr-2016	Jeff Sharkey <jsharkey@android.com>	Send onUnlockUser() before PRE_BOOT broadcasts. Before this change, a PRE_BOOT_COMPLETED receiver could try calling back into the system to ask for AccountManager details, only to be told the user wasn't unlocked yet. If the broadcast code was probing in a loop, it would force us to wait around for the 60-second ANR timeout. Since typical devices have ~7 PRE_BOOT receivers, this would delay BOOT_COMPLETED and other operations, like mounting the SD card, for up to 7 minutes. Bug: 28024024 Change-Id: Ibf8611e6fe94b0deb5ae5715c86f897ff6779088 /frameworks/base/services/core/java/com/android/server/am/UserController.java
98c0556f4096698003131a68a8dc70b72b89d210	30-Mar-2016	Amith Yamasani <yamasani@google.com>	Fix deadlock during user state transitions performReceive() is called with the activity manager lock held. Don't call out to other system services (such as user state callbacks) with the lock held. Post a runnable to the handler instead. Bug: 27589217 Change-Id: I5c2f8debe1ae365682b27af65e0bf02bcce50d4a /frameworks/base/services/core/java/com/android/server/am/UserController.java
bd91e2f3f6aca512a02be645b2515b5e3331e177	22-Mar-2016	Jeff Sharkey <jsharkey@android.com>	Update PRE_BOOT_COMPLETED for FBE. Now that CE data isn't available until after a user is unlocked, we need to delay the PRE_BOOT_COMPLETED broadcasts. This is done by adding a new RUNNING_UNLOCKING user state to the UserController lifecycle. We now track the last fingerprint a user was logged in under, and we dispatch PRE_BOOT receivers when that fingerprint changes. To work around battery pull issues, we only persist the updated fingerprint once all PRE_BOOT receivers have finished. This is less granular than the original solution, but it's still correct. We only consider a user as "logged in" once it transitions into the RUNNING_UNLOCKED state. When starting a process, track if the user was "unlocked" when started, so that we only spin up unaware providers in processes started before user unlock. Add generic IProgressListener to communicate PRE_BOOT progress and strings up to lock screen. For now, LockSettingsService just blocks until finished, but it could display these strings in the future. Bug: 27220885 Change-Id: I349439776b885acd32f6a578d8951ffd95640be2 /frameworks/base/services/core/java/com/android/server/am/UserController.java
8c536f91f1a72f671d41d54b3aeda4d70ee90d49	21-Mar-2016	Tony Mak <tonymak@google.com>	Show work challenge directly when there is no device lock The trick is to switch to home stack first and then start the activity of the targeted task again to trigger the intercepting code. And back button in the lock screen page brings user to launcher instead of the work app. Change-Id: Ic0305dbcb63fec2a8287b12f3e76e70d4268d423 /frameworks/base/services/core/java/com/android/server/am/UserController.java
d5a3f3df4097e4a57e0d31fba994c91d8996abf8	09-Mar-2016	Paul Lawrence <paullawrence@google.com>	Merge "Add API to IMountService to get encryption state" into nyc-dev
20be5d62471d520eed3a52d90c11944464a71c07	26-Feb-2016	Paul Lawrence <paullawrence@google.com>	Add API to IMountService to get encryption state Bug: 18002358 Change-Id: If7d9c9a5ed38ac37849fcf638ec10c76d2f419a1 /frameworks/base/services/core/java/com/android/server/am/UserController.java
7745c14aa0128da1358ec5d6e6ba4b609a5ac52b	08-Mar-2016	Suprabh Shukla <suprabh@google.com>	Setting TaskRecord#mUserSetupComplete directly from Settings TaskRecord#mUserSetupComplete flag was being set by checking UserController#mSetupCompletedUsers which was being populated by a callback which was getting delayed long enough for some tasks being launched with mUserSetupComplete set to false, which is not expected for any task other than Setup Wizard. This change checks the flag directly from Settings before setting the property. Bug: b/27455564 Change-Id: I9ae2e969b590a95f71002a54c7de224b26e9da79 /frameworks/base/services/core/java/com/android/server/am/UserController.java
1ddda4793c26fd249590fd3549cf060ecb7c157b	12-Feb-2016	Lenka Trochtova <ltrochtova@google.com>	Prevent ephemeral user from being re-entered after stop. Once the ephemeral user stops, the user's deletion is scheduled. It takes a while before the user actually disappears and it is not desirable for the user to be re-entered in the meantime. Mark the user as disabled on stop and check this flag in the activity manager to prevent the user from being switched to again. Also hide the user from user-switching UI. BUG: 26795729 BUG: 26780152 Change-Id: I83a61674958954b5a210114b88ffa5ae55922c1f /frameworks/base/services/core/java/com/android/server/am/UserController.java
b93522a7dbe8167e9f88bacd53463c4ae1b01e1c	23-Feb-2016	Rubin Xu <rubinxu@google.com>	Do not show work challenge when profile is turned off. When the profile is turned off, the associated user is not running so it makes no sense to try to unlock the profile challenge. Also adjust order of activity startup interception so suspend package takes precedence, as that's a state user cannot recover from by his own actions. Bug: 26928131 Change-Id: Ibb4c8ce02ba4ed2e5a5b4366cbe7b59d1535dbd7 /frameworks/base/services/core/java/com/android/server/am/UserController.java
b5f0049f9841dfe877c070e4aba41516ed7df710	15-Feb-2016	Rubin Xu <rubinxu@google.com>	Fix typo in filling ACTION_MANAGED_PROFILE_UNLOCKED extras. Change-Id: Ic949a0d7f72d46d7cc36018b4b0fc54024c3b180 /frameworks/base/services/core/java/com/android/server/am/UserController.java
faf9bdcdba11f53d00b5ad9e03c034ad4840574c	12-Feb-2016	Rubin Xu <rubinxu@google.com>	Small refactoring to eliminate the need to allocate array. Change-Id: Ib08a16e40c342b12e4f7106376f46d6279f29f2b /frameworks/base/services/core/java/com/android/server/am/UserController.java
716a9e189297beba9e2205a335614e1750b9fdd4	12-Feb-2016	Kenny Guy <kennyguy@google.com>	Merge "Support FBE for managed profiles." into nyc-dev
b1b302660cf5b1b1c5b342cc90eca93b8f66890c	09-Feb-2016	Kenny Guy <kennyguy@google.com>	Support FBE for managed profiles. Allow launcher to see and attempt to launch non-crypto aware application when profile is locked. Hide unlock notification until parent user is unlocked. Have unlock notitication use confirm credentials to unlock the profile. Updated notification strings as per suggestions in mocks to make it clearer between users and profiles. Bug: 27038260 Change-Id: If2d2c8148670d814544f4edd44193d15da32a289 /frameworks/base/services/core/java/com/android/server/am/UserController.java
5eb0f3b3008e9983d97f7414f4ff2738741e5ab5	12-Feb-2016	Rubin Xu <rubinxu@google.com>	Maintain mSetupCompletedUsers for profiles correctly When listening for USER_SETUP_COMPLETE changes, refresh the state for the affected user instead of the current foreground user which excludes the active managed profile. Bug: 27061092 Change-Id: Iae525464d3d3faab9afb76aaf4304b9f10382e01 /frameworks/base/services/core/java/com/android/server/am/UserController.java
faeb3eb0ba190e6d6cfe2b82ce20af587848de57	08-Feb-2016	Paul Crowley <paulcrowley@google.com>	Password security for FBE disk encryption keys Add the means to protect FBE keys with a combination of an auth token from Gatekeeper, and a hash of the password. Both of these must be passed to unlock_user_key. Keys are created unprotected, and change_user_key changes the way they are protected. Bug: 22950892 Change-Id: Ie13bc6f82059ce941b0e664a5b60355e52b45f30 /frameworks/base/services/core/java/com/android/server/am/UserController.java
f80170f455c269b8e0264a5441770faf39e69416	05-Feb-2016	Wale Ogunwale <ogunwale@google.com>	Exclude tasks manipulated before user setup is complete from Recents We don't want any tasks manipulated before the user is done setting-up their device included in the tasks list we give to the Recents activity. However, the task can be included back in Recents if it is manipulated after the user set-up is complete. E.g. you go into the gmail activity during setup the task will be exclude, but if the user goes back into gmail after setup then we start including the task. Bug: 25959392 Change-Id: I421d48f0a9bcfc782d1ef19aa2f63e8b34a668e2 /frameworks/base/services/core/java/com/android/server/am/UserController.java
2e6acce4bd2e16c7bf70cb95601aa8bf73d69340	29-Jan-2016	Fyodor Kupolov <fkupolov@google.com>	Synchronously finish boot when user starts in background Previously call to finishUserBoot method was delayed until ActivityManager enters idle state. This could lead to unpredictable timeouts, especially when AM was already idle. Bug: 26762234 Change-Id: Iae90c3a9b09ff675478b42271469866e1604df0f /frameworks/base/services/core/java/com/android/server/am/UserController.java
f13c9801697ccac3171137df10dd15f491dd15bd	21-Jan-2016	Rubin Xu <rubinxu@google.com>	Turn off profile by stopping the user. Bug: 22541941 Change-Id: I713ab9b87f3dd1b7bd6206af137562d20a44d76d /frameworks/base/services/core/java/com/android/server/am/UserController.java
3ee3b9d17b2aec84e791f3efa6b9453cab0d9c9b	16-Jan-2016	Suprabh Shukla <suprabh@google.com>	Merge "Keeping only running users recents in memory"
09a88f5f3e7d4a3bbfce04ac06594ac590c67d27	02-Dec-2015	Suprabh Shukla <suprabh@google.com>	Keeping only running users recents in memory Currently, all the users' recent tasks are loaded into memory and kept in sync with the persistent storage. This changes the system so that it loads a users recents into memory lazily (i.e. when getRecentTasks is called for that user) and unloads them from the memory as soon as the user is stopped. This also required bucketizing the taskIds per user, so that the next available taskId can be assigned without having knowledge of all the tasks that are stored away in persistent storage but are not available in memory. Bug-Id: b/24569398 Change-Id: Ia5cb64d9f4ee727225dce34e45ca63e946ac27a8 /frameworks/base/services/core/java/com/android/server/am/UserController.java
0e62384ccbd00e9f78851929ca88b919679ee32e	14-Jan-2016	Jeff Sharkey <jsharkey@android.com>	Prepare app data only when storage is available. Before this change, scanning a package aggressively tried checking to ensure that private app data was prepared. However, in an FBE world we may not have access to that data at scan time. So this change shifts the preparing of private app data until later: it prepares DE storage when a user is started, and CE storage when a user is unlocked. Wire ourselves into the user lifecycle so we can prepare storage at both user start and unlock. When DE/CE storage becomes available, this change reconciles any found packages against known installed apps, and deletes any orphaned data directories. We now need to store the last-restorecon hash in an xattr on a per-user directory basis, since we can't restorecon CE storage until it's unlocked, or adopted storage until it's mounted. Remove a bunch of used logic for loading dynamic SELinux policy at runtime; our policy always comes from the system image. Bug: 26466827, 26544104 Change-Id: I8d0a4ef862c35f4e4ef5c7f20d3bb8f12ba3fd4b /frameworks/base/services/core/java/com/android/server/am/UserController.java
a1771110d67fa7361f92d92f2e91019882ce3305	18-Dec-2015	Clara Bayarri <clarabayarri@google.com>	Create Work Challenge per-user condition Change the current static condition to a per-user condition so we can check and enable/disable the work challenge properly. Also add an isAllowed API, as the Work Challenge can only be used when the user's DPC targets N or above to maintain backwards compatibility. Change-Id: I0cb8b475838816801868ffb24726407aa257b4de /frameworks/base/services/core/java/com/android/server/am/UserController.java
ea9b10e64419edbd5d3ed13f82007ffed97af418	04-Dec-2015	Clara Bayarri <clarabayarri@google.com>	Work Challenge: Handle Recents launches Intercept calls to start activities from the recents stack and show the Work Challenge if needed. This requires passing the taskId to ConfirmDeviceCredential so it can launch the recents task itself when the credentials are confirmed. Change-Id: I013b134f3f31a35b551ad683c68cc89b8af44499 /frameworks/base/services/core/java/com/android/server/am/UserController.java
63f3b888735994e1157ad4272ba3b75f4b13a536	04-Jan-2016	Fyodor Kupolov <fkupolov@google.com>	Merge "Return USER_OP_SUCCESS when force stopping a user"
7b4a8a4e808c09b2229a1e3d0a0b691662fba396	04-Jan-2016	Fyodor Kupolov <fkupolov@google.com>	Return USER_OP_SUCCESS when force stopping a user Bug: 26379502 Change-Id: I08dc18eec5b8dccf63a806acc9b3bfda890ceedb /frameworks/base/services/core/java/com/android/server/am/UserController.java
d046a013921c2ac67318c1543a8b7b9c83b40d65	24-Dec-2015	Wale Ogunwale <ogunwale@google.com>	Consolidate resume activity code around focused stack. Cleaned up the code to make it obvious that only the top activity in the focused stack should be in the resumes state. Bug: 26273032 Change-Id: I8d60270f707fe022007c59d25f5678b33a005acf /frameworks/base/services/core/java/com/android/server/am/UserController.java
b4484bacf1462fcba7098aa23873cd2f6ed34da3	16-Dec-2015	Lenka Trochtova <ltrochtova@google.com>	Stop and remove the ephemeral user when it goes to background. BUG: 24883058 Change-Id: I0e15487fafe08234cde5eebfb9f1d7b96fc7f9fe /frameworks/base/services/core/java/com/android/server/am/UserController.java
458ac463742cbac35a2dc8aea0f7a68b9eb6f0f4	18-Dec-2015	Amith Yamasani <yamasani@google.com>	Fix broken user removal Check target user instead of current user, when deciding if user can be stopped. Bug: 26207032 Change-Id: Ibf9cb827943f8fbf8fa3b96a9e04c96d11a36d0a /frameworks/base/services/core/java/com/android/server/am/UserController.java
a242f825e67fdef83c2b12e4a2bb4d1d91c8f4bf	17-Dec-2015	Jeff Sharkey <jsharkey@android.com>	Send LOCKED_BOOT_COMPLETED to background apps. This mirrors how we're treating the normal BOOT_COMPLETED broadcast. Bug: 26151835 Change-Id: Ibe1df0df8b89aafbe9af073e14fdd428710a6a40 /frameworks/base/services/core/java/com/android/server/am/UserController.java
af6ec296ec200726ac86ff53efc64e221ed6f2f6	17-Dec-2015	Jeff Sharkey <jsharkey@android.com>	Make AppWidgets encryption-aware. Only parse and load AppWidget configuration details after a user has been unlocked. Yell loudly if someone accidentally tries loading data for a locked user. Tidy up protected broadcast logic a bit more to handle persistent processes. Add backwards compatible behavior for APPWIDGET_UPDATE broadcast simliar to APPWIDGET_CONFIGURE, since some apps are sending it to themselves. Add hidden USER_HANDLE extra to a handful of broadcasts to make logic more consistent. Bug: 26247049, 26219971 Change-Id: I54e4f2e343488571f9baa1a316962f41186c1a2c /frameworks/base/services/core/java/com/android/server/am/UserController.java
6ac42aeed905181b484f97a53db57a17134ef7a8	09-Dec-2015	Dianne Hackborn <hackbod@google.com>	Add a mechanism for broadcasts to control background dispatching. Right now this is just for the BOOT_COMPLETED broadcast to allow all apps to receive it. Also clean up the dumpsys of the broadcast queue to not have every little detail of ResolveInfo+ActivityInfo+ApplicationInfo, which is just not useful and makes reading the broadcast queue debug output a lot harder because of so much noise there is. And rename the package shell query-intent-* commands to a shorter query-* form. Change-Id: I0d01565babb87e68b840c9756a2ea730d699efc7 /frameworks/base/services/core/java/com/android/server/am/UserController.java
b9fe53705ca851c39abe44e980219fd6733bf821	03-Dec-2015	Jeff Sharkey <jsharkey@android.com>	Attempt to unlock users with null token. When starting a locked user, try unlocking their storace will a null token, which will typically succeed if there is an insecure lockscreen (no PIN or pattern). For users with a secure lockscreen, pass through a stub token for now to indicate that it came from a user challenge. Eventually we'll hook that up to gatekeeperd. Without this, we were only unlocking users with secure lockscreens. Bug: 25943941 Change-Id: Ia0324d50f43f55dfe0b8366793ddc5d25d885922 /frameworks/base/services/core/java/com/android/server/am/UserController.java
bedbaa9ea6e41eaa34a35098c913c096ddf2ce0f	03-Dec-2015	Jeff Sharkey <jsharkey@android.com>	Flesh out user locked/unlocked lifecycle. When a user is first started, we assume that they're "locked" meaning that credential-encrypted data is unavailable. Once credentials have been supplied, we can transition the user to a fully running state. To facilitate this lifecycle, UserState now has two separate RUNNING_LOCKED and RUNNING states. To ensure consistent events are sent on all devices, we always step through RUNNING_LOCKED before arriving at RUNNING. This consistency means that apps processing data based on the new ACTION_LOCKED_BOOT_COMPLETED broadcast and system services using the new onUnlockUser() event will be less bug-prone over time. If the user storage is unlocked (which is the case on the majority of legacy devices), we immediately transition from the RUNNING_LOCKED into the RUNNING state. Add logging for all state transitions. When we "recover" a user in the process of being shut down, return to the last known state. Bug: 25943941 Change-Id: I5fec980f10b0d0fb2c272a662d193dc15136f9b9 /frameworks/base/services/core/java/com/android/server/am/UserController.java
f23b5d3d6d6d6d72876603c8f72b82d5de022735	02-Dec-2015	Jeff Sharkey <jsharkey@google.com>	Merge "API to determine user locked/unlocked state."
0825ab284c01402d030a24471ac5a6491d79d28b	02-Dec-2015	Jeff Sharkey <jsharkey@android.com>	API to determine user locked/unlocked state. Bug: 25946804 Change-Id: I2b8c8c75fda161a446d79fac811fdd446aa3a4db /frameworks/base/services/core/java/com/android/server/am/UserController.java
9cbfc9e212151e84910a22387365644916dde446	08-Oct-2015	Fyodor Kupolov <fkupolov@google.com>	Added DISALLOW_RUN_IN_BACKGROUND user restriction It forces the user to stop instead of going into the background. Also changed behavior of stopUser method. Now it also attempts to stop related users along with the specified userId. Based on ag/807976, with the only difference that it's now a user restriction. Bug: 24579258 Bug: 24708668 Change-Id: I357298908816fc58feeed83b7e9979fc33d25da6 /frameworks/base/services/core/java/com/android/server/am/UserController.java
8924e8759f9a8cffb5ad538ca40a7826793aac07	30-Nov-2015	Jeff Sharkey <jsharkey@android.com>	Wire up lifecycle, send unlocked broadcast. When the correct lock pattern is presented, ask the system to also unlock credential-encrypted storage, if enabled. The token passed along is empty for now, but can be wired up to gatekeeper in the future. During each system boot, ask vold to lock all users keys to give us a known starting state. This also has the effect of chmod'ing away any CE data when in emulation mode. Define and send a new foreground broadcast when the CE storage is unlocked for the first time. Add stronger last-ditch checking for encryption-awareness before starting an app. Bug: 22358539 Change-Id: Id1f1bece96a2b4e6f061214d565d51c7396ab521 /frameworks/base/services/core/java/com/android/server/am/UserController.java
edcfc1873a4f35c0e4e92fe4f13ff91f0141a779	24-Nov-2015	Suprabh Shukla <suprabh@google.com>	Merge "Changing the message on user switching dialog."
4fe508b6d3ceb3c72a79471d3a3a424ffeb71a0a	21-Nov-2015	Suprabh Shukla <suprabh@google.com>	Changing the message on user switching dialog. On systems where primary user is different from the system user, the message "Switching to Owner..." is displayed while logging out from any user. Changing it to "Logging out <username>". Bug: b/25749937 Change-Id: Id519bbd444c6b3f951511d6e566c503d06c510a1 /frameworks/base/services/core/java/com/android/server/am/UserController.java
ca0ac5c6b245aca55c7b78c0d1e4929ed9ee3ff5	20-Nov-2015	Amith Yamasani <yamasani@google.com>	Fix missing observer reply callbacks This was causing upto 2 seconds in user switching delay. Also switched to using Log.wtf for the timeout message to track any regressions in this due to new clients. Bug: 25813588 Change-Id: Icf23b021f134a8ccfa2dae470af02b2da7454acc /frameworks/base/services/core/java/com/android/server/am/UserController.java
1fae502824dfb77a109fedd80dad61fe094d8284	19-Nov-2015	Makoto Onuki <omakoto@google.com>	Merge "More work on layered user restrictions."
1a2cd74526113b45d9108b6997609122c4311fb1	16-Nov-2015	Makoto Onuki <omakoto@google.com>	More work on layered user restrictions. - Now when DO/PO sets a user restriction, DPMS pushes it to UMS and then UMS persists it, in order for UserManager.hasUserRestriction() to never have to talk with DPMS, which would cause lock inversion. - Also apply user restrictions when a user start. - This is an updated version of the abandoned CL -- the difference is, ActivityManager no longer has to call DPMS. - Also removed an unnecessary write to userlist.xml in UMS. upgradeIfNecessaryLP(). Bug 23902097 Bug 25388912 Bug 25354031 Bug 25641040 Change-Id: I0948aea06ad7d0f45fe612a431d765faddfe3c58 /frameworks/base/services/core/java/com/android/server/am/UserController.java
ba51235ef5c598d845b77fcf14491329493da34f	13-Nov-2015	Jeff Sharkey <jsharkey@android.com>	More file-based encryption work. Add new "am unlock-user" command so we can trigger changes from the command line. Move FBE check to static method so it can safely be called early during boot before the mount service is ready. Move FBE emulation to persisted system property, and start reading/writing that value. Change default permission grants to ignore current encryption-aware flags, since many of the target apps aren't crypto aware. Always prepare package data directories, which is how we create the new "user_de" paths during boot. Bug: 22358539 Change-Id: I6f58ea2d34b3a466d3775d614f8a13de92272621 /frameworks/base/services/core/java/com/android/server/am/UserController.java
f9fc6d6cc05595241bc7ced6d4cab97b45f9b901	09-Nov-2015	Jeff Sharkey <jsharkey@android.com>	More file-based encryption work. Add granular StorageManager APIs for key creation/destruction and unlocking/locking. Start passing through an opaque token as part of the unlock command, but leave it empty for now. We now have a separate "prepare" method that sanity checks that user directories are correctly setup. Define a handful of system properties used for marking devices that should be operating in FBE mode, and if they're emulating FBE. Wire a command to "sm", but persisting will come later. Start using new "encryptionAware" flag on apps previously marked with coreApp flag, which were apps running in the legacy CryptKeeper model. Small tweaks to handle non-encryptionAware voice interaction services. Switch PackageManager to consult StorageManager about the unlocked state of a user. Bug: 22358539 Change-Id: Ic2865f9b81c10ea39369c441422f7427a3c3c3d6 /frameworks/base/services/core/java/com/android/server/am/UserController.java
e17ac1569793c333bb4dce86607a342e7c982ae7	07-Nov-2015	Jeff Sharkey <jsharkey@android.com>	More APIs for encryption-aware apps. Apps can mark manifest components as being encryption-aware, which means they can safely be run before the credential encrypted storage is available. Start adding filtering logic so that we only return these components when a user is running "with amnesia." That is to say, only device encrypted storage is available, so the user is running but with only partial knowledge of its data. To avoid calling into ActivityManager with the PackageManager lock held, we quickly determine user state and splice the state into the flags for later per-component evaluation. Bug: 22358539 Change-Id: Idc56ec29f1ef04da8963e004314d7f5e47400997 /frameworks/base/services/core/java/com/android/server/am/UserController.java
f63b89c0a10b4e3220b0a4aa1703be3aed0c5a98	28-Oct-2015	Fyodor Kupolov <fkupolov@google.com>	UserController refactoring Addressed comments from the previous cl. Added getters for UserController fields, direct access is no longer allowed. Moved the following methods: - getUserManagerLocked. Became getUserManager() - because locking is not necessary, double checked locking will suffice. - startUserInForeground /showUserSwitchDialog/sendUserSwitchBroadcastsLocked - handleIncomingUser/unsafeConvertIncomingUserLocked/isUserRunningLocked/ getUsers/getProfileIds Bug: 24745840 Change-Id: Id5a5cfb9604e08add29bd9a03c8fe5200bc51fef /frameworks/base/services/core/java/com/android/server/am/UserController.java
610acda80a02317080ebaed79b0c1ce26835b8f9	20-Oct-2015	Fyodor Kupolov <fkupolov@google.com>	Introduced UserController for multi-user functionality The new helper class encapsulates user life-cycle management, provided by ActivityManagerService. Bug: 24745840 Change-Id: I8ebfa38febc4090390d1c45a9fc47398e52693ae /frameworks/base/services/core/java/com/android/server/am/UserController.java