show certificate fingerprint in PackageInstaller

apex/jobscheduler/framework/java/android/app/AlarmManager.java

@@ -26,6 +26,7 @@
 import android.annotation.SystemApi;
 import android.annotation.SystemService;
 import android.annotation.TestApi;
+import android.app.compat.gms.GmsCompat;
 import android.compat.annotation.ChangeId;
 import android.compat.annotation.EnabledSince;
 import android.compat.annotation.UnsupportedAppUsage;
@@ -1049,6 +1050,17 @@ private void setImpl(@AlarmType int type, long triggerAtMillis, long windowMilli
             long intervalMillis, int flags, PendingIntent operation, final OnAlarmListener listener,
             String listenerTag, Executor targetExecutor, WorkSource workSource,
             AlarmClockInfo alarmClock) {
+        if (GmsCompat.isEnabled()) {
+            if (windowMillis == WINDOW_EXACT && !canScheduleExactAlarms()) {
+                windowMillis = WINDOW_HEURISTIC;
+            }
+            // non-null WorkSource requires privileged UPDATE_DEVICE_STATS permission
+            workSource = null;
+
+            // requires privileged SCHEDULE_PRIORITIZED_ALARM permission
+            flags &= ~FLAG_PRIORITIZE;
+        }
+
         if (triggerAtMillis < 0) {
             /* NOTYET
             if (mAlwaysExact) {

apex/jobscheduler/framework/java/android/os/PowerExemptionManager.java

@@ -30,8 +30,11 @@
 import android.annotation.SystemApi;
 import android.annotation.SystemService;
 import android.annotation.UserHandleAware;
+import android.app.compat.gms.GmsCompat;
 import android.content.Context;
 
+import com.android.internal.gmscompat.client.ClientPriorityManager;
+
 import java.lang.annotation.Retention;
 import java.lang.annotation.RetentionPolicy;
 import java.util.Collections;
@@ -609,6 +612,11 @@ public void removeFromPermanentAllowList(@NonNull String packageName) {
     @RequiresPermission(android.Manifest.permission.CHANGE_DEVICE_IDLE_TEMP_WHITELIST)
     public void addToTemporaryAllowList(@NonNull String packageName, @ReasonCode int reasonCode,
             @Nullable String reason, long durationMs) {
+        if (GmsCompat.isEnabled()) {
+            ClientPriorityManager.raiseToForeground(packageName, durationMs, reason, reasonCode);
+            return;
+        }
+
         try {
             mService.addPowerSaveTempWhitelistApp(packageName, durationMs, mContext.getUserId(),
                     reasonCode, reason);

apex/jobscheduler/framework/java/com/android/server/DeviceIdleInternal.java

@@ -73,7 +73,7 @@ void addPowerSaveTempWhitelistAppDirect(int uid, long duration,
 
     boolean isAppOnWhitelist(int appid);
 
-    int[] getPowerSaveWhitelistUserAppIds();
+    int[] getPowerSaveWhitelistAppIds();
 
     int[] getPowerSaveTempWhitelistAppIds();
 

apex/jobscheduler/service/java/com/android/server/DeviceIdleController.java

@@ -2294,14 +2294,14 @@ public boolean isAppOnWhitelist(int appid) {
         }
 
         /**
-         * Returns the array of app ids whitelisted by user. Take care not to
+         * Returns the array of whitelisted app ids. Take care not to
          * modify this, as it is a reference to the original copy. But the reference
          * can change when the list changes, so it needs to be re-acquired when
          * {@link PowerManager#ACTION_POWER_SAVE_WHITELIST_CHANGED} is sent.
          */
         @Override
-        public int[] getPowerSaveWhitelistUserAppIds() {
-            return DeviceIdleController.this.getPowerSaveWhitelistUserAppIds();
+        public int[] getPowerSaveWhitelistAppIds() {
+            return DeviceIdleController.this.getAppIdWhitelistInternal();
         }
 
         @Override

apex/jobscheduler/service/java/com/android/server/job/controllers/DeviceIdleJobsController.java

@@ -90,7 +90,7 @@ public void onReceive(Context context, Intent intent) {
                 case PowerManager.ACTION_POWER_SAVE_WHITELIST_CHANGED:
                     synchronized (mLock) {
                         mDeviceIdleWhitelistAppIds =
-                                mLocalDeviceIdleController.getPowerSaveWhitelistUserAppIds();
+                                mLocalDeviceIdleController.getPowerSaveWhitelistAppIds();
                         if (DEBUG) {
                             Slog.d(TAG, "Got whitelist "
                                     + Arrays.toString(mDeviceIdleWhitelistAppIds));
@@ -133,7 +133,7 @@ public DeviceIdleJobsController(JobSchedulerService service) {
         mPowerManager = (PowerManager) mContext.getSystemService(Context.POWER_SERVICE);
         mLocalDeviceIdleController =
                 LocalServices.getService(DeviceIdleInternal.class);
-        mDeviceIdleWhitelistAppIds = mLocalDeviceIdleController.getPowerSaveWhitelistUserAppIds();
+        mDeviceIdleWhitelistAppIds = mLocalDeviceIdleController.getPowerSaveWhitelistAppIds();
         mPowerSaveTempWhitelistAppIds =
                 mLocalDeviceIdleController.getPowerSaveTempWhitelistAppIds();
         mDeviceIdleUpdateFunctor = new DeviceIdleUpdateFunctor();
@@ -194,7 +194,7 @@ public void setUidActiveLocked(int uid, boolean active) {
     }
 
     /**
-     * Checks if the given job's scheduling app id exists in the device idle user whitelist.
+     * Checks if the given job's scheduling app id exists in the device idle whitelist.
      */
     boolean isWhitelistedLocked(JobStatus job) {
         return Arrays.binarySearch(mDeviceIdleWhitelistAppIds,

apex/jobscheduler/service/java/com/android/server/job/controllers/JobStatus.java

@@ -2275,6 +2275,23 @@ private boolean isConstraintsSatisfied(int satisfiedConstraints) {
             return true;
         }
 
+        if ((mRequiredConstraintsOfInterest & CONSTRAINT_CONNECTIVITY) != 0) {
+            if ((satisfiedConstraints & CONSTRAINT_CONNECTIVITY) != 0) {
+                var pmi = LocalServices.getService(
+                        com.android.server.pm.permission.PermissionManagerServiceInternal.class);
+
+                if (pmi.checkUidPermission(getSourceUid(), android.Manifest.permission.INTERNET) !=
+                        android.content.pm.PackageManager.PERMISSION_GRANTED) {
+                    if (DEBUG) {
+                        Slog.d(TAG, "skipping job " + getJobId() + " for " + getSourcePackageName()
+                                + " in user " + getSourceUserId() + ": it has CONSTRAINT_CONNECTIVITY, "
+                                + "but its UID doesn't have the INTERNET permission");
+                    }
+                    return false;
+                }
+            }
+        }
+
         int sat = satisfiedConstraints;
         if (overrideState == OVERRIDE_SOFT) {
             // override: pretend all 'soft' requirements are satisfied

cmds/app_process/app_main.cpp

@@ -85,8 +85,10 @@ class AppRuntime : public AndroidRuntime
         AndroidRuntime* ar = AndroidRuntime::getRuntime();
         ar->callMain(mClassName, mClass, mArgs);
 
-        IPCThreadState::self()->stopProcess();
-        hardware::IPCThreadState::self()->stopProcess();
+        if (mClassName != "com.android.internal.os.ExecInit") {
+            IPCThreadState::self()->stopProcess();
+            hardware::IPCThreadState::self()->stopProcess();
+        }
     }
 
     virtual void onZygoteInit()

cmds/hid/jni/com_android_commands_hid_Device.cpp

@@ -368,7 +368,7 @@ static void closeDevice(JNIEnv* /* env */, jclass /* clazz */, jlong ptr) {
     }
 }
 
-static JNINativeMethod sMethods[] = {
+static const JNINativeMethod sMethods[] = {
         {"nativeOpenDevice",
          "(Ljava/lang/String;IIII[B"
          "Lcom/android/commands/hid/Device$DeviceCallback;)J",

cmds/uinput/jni/com_android_commands_uinput_Device.cpp

@@ -307,7 +307,7 @@ static void setAbsInfo(JNIEnv* env, jclass /* clazz */, jint handle, jint axisCo
     ::ioctl(static_cast<int>(handle), UI_ABS_SETUP, &absSetup);
 }
 
-static JNINativeMethod sMethods[] = {
+static const JNINativeMethod sMethods[] = {
         {"nativeOpenUinputDevice",
          "(Ljava/lang/String;IIIIILjava/lang/String;"
          "Lcom/android/commands/uinput/Device$DeviceCallback;)J",

core/api/current.txt

@@ -219,6 +219,7 @@ package android {
     field public static final String NFC = "android.permission.NFC";
     field public static final String NFC_PREFERRED_PAYMENT_INFO = "android.permission.NFC_PREFERRED_PAYMENT_INFO";
     field public static final String NFC_TRANSACTION_EVENT = "android.permission.NFC_TRANSACTION_EVENT";
+    field public static final String OTHER_SENSORS = "android.permission.OTHER_SENSORS";
     field public static final String OVERRIDE_WIFI_CONFIG = "android.permission.OVERRIDE_WIFI_CONFIG";
     field public static final String PACKAGE_USAGE_STATS = "android.permission.PACKAGE_USAGE_STATS";
     field @Deprecated public static final String PERSISTENT_ACTIVITY = "android.permission.PERSISTENT_ACTIVITY";
@@ -329,7 +330,9 @@ package android {
     field public static final String LOCATION = "android.permission-group.LOCATION";
     field public static final String MICROPHONE = "android.permission-group.MICROPHONE";
     field public static final String NEARBY_DEVICES = "android.permission-group.NEARBY_DEVICES";
+    field public static final String NETWORK = "android.permission-group.NETWORK";
     field public static final String NOTIFICATIONS = "android.permission-group.NOTIFICATIONS";
+    field public static final String OTHER_SENSORS = "android.permission-group.OTHER_SENSORS";
     field public static final String PHONE = "android.permission-group.PHONE";
     field public static final String READ_MEDIA_AURAL = "android.permission-group.READ_MEDIA_AURAL";
     field public static final String READ_MEDIA_VISUAL = "android.permission-group.READ_MEDIA_VISUAL";
@@ -42970,7 +42973,7 @@ package android.telecom {
     method public android.telecom.PhoneAccountHandle getSimCallManager();
     method @Nullable public android.telecom.PhoneAccountHandle getSimCallManagerForSubscription(int);
     method @Nullable public String getSystemDialerPackage();
-    method @Nullable @RequiresPermission(android.Manifest.permission.READ_PHONE_STATE) public android.telecom.PhoneAccountHandle getUserSelectedOutgoingPhoneAccount();
+    method @Nullable @RequiresPermission(anyOf={"android.permission.READ_PRIVILEGED_PHONE_STATE", "android.permission.READ_PRIVILEGED_PHONE_STATE_ANDROID_AUTO"}) public android.telecom.PhoneAccountHandle getUserSelectedOutgoingPhoneAccount();
     method @RequiresPermission(android.Manifest.permission.READ_PHONE_STATE) public String getVoiceMailNumber(android.telecom.PhoneAccountHandle);
     method @RequiresPermission(android.Manifest.permission.MODIFY_PHONE_STATE) public boolean handleMmi(String);
     method @RequiresPermission(android.Manifest.permission.MODIFY_PHONE_STATE) public boolean handleMmi(String, android.telecom.PhoneAccountHandle);

core/api/module-lib-current.txt

@@ -80,6 +80,19 @@ package android.app.admin {
 
 }
 
+package android.app.compat.gms {
+
+  public class GmsModuleHooks {
+    method @Nullable public static String deviceConfigGetProperty(@NonNull String, @NonNull String);
+    method public static boolean deviceConfigSetProperties(@NonNull android.provider.DeviceConfig.Properties);
+    method public static boolean deviceConfigSetProperty(@NonNull String, @NonNull String, @Nullable String);
+    method @Nullable public static Boolean enableBluetoothAdapter();
+    method public static boolean interceptSynchronousResultReceiverException(@NonNull RuntimeException);
+    method public static void makeBluetoothAdapterDiscoverable();
+  }
+
+}
+
 package android.content {
 
   public abstract class ContentProvider implements android.content.ComponentCallbacks2 {
@@ -128,6 +141,31 @@ package android.content.pm {
 
 }
 
+package android.ext.settings {
+
+  public class ConnChecksSetting {
+    method public static int get();
+    method public static boolean put(int);
+    field public static final int VAL_DEFAULT = 0; // 0x0
+    field public static final int VAL_DISABLED = 2; // 0x2
+    field public static final int VAL_GRAPHENEOS = 0; // 0x0
+    field public static final int VAL_STANDARD = 1; // 0x1
+  }
+
+  public class RemoteKeyProvisioningSettings {
+    method @Nullable public static String getServerUrlOverride(@NonNull android.content.Context);
+    field public static final int GRAPHENEOS_PROXY = 0; // 0x0
+    field public static final int STANDARD_SERVER = 1; // 0x1
+  }
+
+  public class WidevineProvisioningSettings {
+    method @Nullable public static String getServerHostnameOverride(@NonNull android.content.Context);
+    field public static final int WV_GRAPHENEOS_PROXY = 0; // 0x0
+    field public static final int WV_STANDARD_SERVER = 1; // 0x1
+  }
+
+}
+
 package android.hardware.usb {
 
   public class UsbManager {
@@ -450,6 +488,11 @@ package android.os {
     field public static final long TRACE_TAG_NETWORK = 2097152L; // 0x200000L
   }
 
+  public final class UserHandle implements android.os.Parcelable {
+    method public static int getUid(int, int);
+    method public static int getUserId(int);
+  }
+
 }
 
 package android.os.storage {