| Age | Commit message (Collapse) | Author |
|---|
|
This reverts commit dd85e91cea26c7f706af36c852e79d5b4ca1f173.
Bug: 217366135
Reason for revert: Need this to fix a crash bug in tm-dev
Change-Id: I2a94c278edc0681c5b8af6ea0a0171b71d72c650
(cherry picked from commit dbaf406ccb0ed887d4e93057c9ec0d3457f14457)
Merged-In: I2a94c278edc0681c5b8af6ea0a0171b71d72c650
|
|
This reverts commit 02dcbe72b3564559eaa9c2e2714824e4aac6f18c.
Reason for revert: Causing builds to fail b/237471430
Change-Id: I6165d838abf312085050359377f67a68a5f8b51a
(cherry picked from commit f5dd42bbd05e68f7763ccaa9fae5642acc4ceba1)
Merged-In: I6165d838abf312085050359377f67a68a5f8b51a
|
|
Bug: 217366135
Tag: #feature
Test: manual
Ignore-AOSP-First: to be chery-picked
Change-Id: If8ae530a284151888a3f89a51d2c58f2a5cd3644
(cherry picked from commit 02dcbe72b3564559eaa9c2e2714824e4aac6f18c)
Merged-In: If8ae530a284151888a3f89a51d2c58f2a5cd3644
|
|
Since Bluetooth is becoming a mainline module, it can no longer call the
allowBlocking hidden api.
Instead, all interface are moved to be oneway and use a synchronous data
to handle the return value.
Bug: 200200870
Test: Build + start Bt and play something on speaker
Tag: #refactor
Change-Id: I776a6322faadca1504bce24f2b6b041e756b6448
|
|
Attributable is called by bluetooth and it's hidden.
By copying into bluetooth we are now allowed to call it
Bug: 210467788
Test: build
Tag: #refactor
Change-Id: I73ea07c9439988ab5477c82799f718c6d81513be
|
|
Since developers can use a BluetoothDevice object can make remote
calls, it needs to have an accurate AttributionSource. Previous CLs
had updated many places where these BluetoothDevice instances were
passed across Binder interfaces, but this change updates several
remaining locations which had been missed.
Introduces new "Attributable" marker interface to offer consistent
tooling when applying AttributionSource updates.
Bug: 187097694
Test: atest BluetoothInstrumentationTests
Change-Id: Icad3b9726591f0fbad58a493cefa5a0af7648280
|
|
Wires up AttributionSource across the remaining long-tail of
Bluetooth AIDL interfaces, ensuring that developers can accurately
make calls chained back to a specific Context.
Moves "for data delivery" permission checks to happen in a single
location on each interface to ensure they're performed consistently
with the new AttributionSource arguments. Note that "for data
delivery" isn't the best name; it's designed to represent that the
requested action was performed and should result in the relevant
appop being noted for the caller.
This change has the positive side effect of ensuring that all
interfaces are consistently enforcing the BLUETOOTH_CONNECT
permission, even in the case where BLUETOOTH_PRIVILEGED is also
required; this is what ensures that revoking the "Nearby devices"
permission takes effect for all callers.
Additionally, standardizing on enforcing permissions closer to the
AIDL entry point reduces the need for @RequiresPermission annotations
to be carried around inside the Bluetooth stack.
Bug: 183626112
Test: atest BluetoothInstrumentationTests
Change-Id: I8023dda654e325b8bfa2f0cdb994ad63a2b429d4
|
|
To prepare for future work which will plumb AttributionSource values
through all remaining AIDLs, we need profiles to interact directly
with the specific BluetoothAdapter they were created from. This is
how we'll ensure that the relevant AttributionSource can be chained
down from the original Context they're obtained from.
This change also marks getDefaultAdapter() as deprecated to clearly
communicate that BluetoothManager.getAdapter() is the best-practice
path to obtaining a correctly scoped BluetoothAdapter instance.
Bug: 183626112
Test: atest BluetoothInstrumentationTests
Change-Id: I1e15170d7679019bbb6e396279d6e633e3dad4d6
|
|
Recent work has been using Error Prone rules and annotations to
reflect the current state of permission enforcement across the
Bluetooth stack, and we're now in a position were we can add new
permission enforcement that had been missing.
We've currently standardized on saying that APIs that return device
or Bluetooth state information (without sharing details about any
particular remote Bluetooth device) do not need to be permission
protected.
Bug: 183626724
Test: ./build/soong/soong_ui.bash --make-mode Bluetooth RUN_ERROR_PRONE=true
Change-Id: I53ac7a4fe1dea57316048c3cac4fa237b6ba3d38
|
|
Recent work has been using Error Prone rules and annotations to
reflect the current state of permission enforcement across the
Bluetooth stack, and we're now in a position were we can add new
permission enforcement that had been missing.
We've currently standardized on saying that APIs that return device
or Bluetooth state information (without sharing details about any
particular remote Bluetooth device) do not need to be permission
protected.
Bug: 183626724
Test: ./build/soong/soong_ui.bash --make-mode Bluetooth RUN_ERROR_PRONE=true
Change-Id: I37a9e03ecdca6f7a6eb9d7f094e2f95a97036612
|
|
Recent work has introduced a new "Nearby devices" runtime permission
which protects all existing Bluetooth APIs; we've done this by
defining a <split-permission> to convert the old BLUETOOTH and
BLUETOOTH_ADMIN permissions into one of three new permissions:
* BLUETOOTH_ADVERTISE: Required to be able to advertise to nearby
Bluetooth devices.
* BLUETOOTH_CONNECT: Allows applications to connect to paired
bluetooth devices.
* BLUETOOTH_SCAN: Required to be able to discover and pair
nearby Bluetooth devices.
At its core, this change begins updating the Bluetooth APIs to have
correct @RequiresPermission indicating which permission is actually
enforced internally. To ensure alignment across Binder, the newly
added "RequiresPermissionChecker" Error Prone checker was used to
discover any inconsistencies, ensuring correctness from server-side
enforcement up through to the public APIs.
In addition, since developers will continue building apps for both
modern and legacy platforms, this change introduces new auto-doc
annotations which will emit helpful consistent documentation
describing the behavior of older devices that are still using the
old permission model.
Bug: 183626724
Test: ./build/soong/soong_ui.bash --make-mode Bluetooth RUN_ERROR_PRONE=true
Change-Id: I02aa127e8e07f239561f4f2a3bbdfc6fccb82f7f
|
|
* In current design, Bluetooth AdapterState stops all BR/EDR
profiles' service and triggers onServiceDisconnected callback to
all binder clients before BluetoothManagerService invokes
onBluetoothStateChange(false), which means unbind service
would never be called in framework.
* Do unbind service when onServiceDisconnected is invoked.
* Move profile binder logic to BluetoothProfileConnector except:
- BluetoothHeadset: its binder logic is in BluetoothManagerService
- BluetoothPbap: it has an individual ServiceListener
Bug: 129037442
Bug: 129437895
Test: Bluetooth ON/OFF stress test.
adb shell dumpsys activity services | egrep "com.android.bluetooth"
to check whether AppBindRecord for com.android.bluetooth grows
Change-Id: Id0d85866d386962b94d2d966f0a864b1da165d13
|
|
If profile services are created from a singleton process
(like SystemUI), they need to be re-bind to a new foreground user
when we switch to a secondary user.
This is achieved by binding to UserHandle.CURRENT_OR_SELF.
If the process doesn't have adequate permissions to bind to current,
it will bind to self (which is the same as the previous behavior).
Change-Id: Ib1134a1a62887d6f5b2c97301dccd3223ade9ed2
Fixes: 117517812
Test: ran the existing core bluetooth tests; manual testing on a mojave, verifying that the service correctly rebinds from sys ui after user switch.
|
|
The majority of Manager-style classes already use Context.getUserId()
when making calls into the OS, so clean up the remaining callers to
unify behind this strategy.
This gives @SystemApi developers a nice clean interface to interact
across user boundaries, instead of manually adding "AsUser" or
"ForUser" method variants, which would quickly become unsustainable.
Test: builds, boots
Bug: 72863821
Exempt-From-Owner-Approval: trivial changes
Change-Id: Ib772ec4438e57a2ad4950821b9432f9842998451
|
|
* Binder object may become null between null check and actual invocation
if using a instance private variable assignable by service connection
callbacks
* The solution to this problem without locking is to assign existing
binder variable to a local final variable before the null check
* Any further invocation to a disconnected binder object will result in
RemoteException that is caught by the try-catch block
* Read and write to volatile variable is always atomic and hence thread-safe
* Removed unnecessary synchronization in BluetoothAdapter constructor
* Private mConnection objects should be final
* Simplfied several return statements where booleans can be returned
directly
* Removed unnecessary catches for NPE since there won't be any
Bug: 64724692
Test: make, pair and use devices, no functional change
Change-Id: Ifc9d6337c0d451a01484b61243230725d5314f8e
|
|
* Manual style corrections with IDE assistance
* Variable name refactors are done through IDE
* Corrected general style errors such as:
- "final private var" -> "private final var"
- "&&", "+", "||" should not be at the end of line
- Non-static private variable should be like "mVar"
- Private static variable should be like "sVar"
- Code file should always end with newline
- Inherited methods should be annotated with @Override
and no @hide tags
- Public methods should always have a JavaDoc entry
- "int[] array" is preferred over "int array[]"
- private methods should be accessed without "this."
when there is no name collisions.
- "boolean ? true : false" -> boolean
- "boolean ? false : true" -> !boolean
- "boolean == true" OR "boolean != false" -> boolean
- "boolean != true" OR "boolean == false" -> !boolean
Bug: 63596319
Test: make checkbuild, no functional changes
Change-Id: Iabdc2be912a32dd63a53213d175cf1bfef268ccd
|
|
* Automatic style corrections through IDE
Bug: 63596319
Test: make checkbuild, no manual changes, no functional changes
Change-Id: I2397d55abc34c9b7a9b748bec6137778df3421a7
|
|
To protect system stability, any Binder calls leaving the
system_server must carefully be performed using FLAG_ONEWAY (or
the 'oneway' verb in AIDL) which prevents the call from blocking
indefinitely on the remote process.
In this CL, the system_server uses the new Binder.setWarnOnBlocking()
method to enable detection by default for all remote Binder
interfaces. It can also use Binder.allowBlocking() to allow
blocking calls on certain remote interfaces that have been
determined to be safe.
This CL adds the 'oneway' verb to several interfaces and methods
where it should have been added, and marks a handful of system
ContentProviders as being safe to call into. Also, we assume that
any services obtained from ServiceManager are part of the core
OS, and are okay to make blocking calls to.
Test: builds, boots, runs with minimal logs triggered
Bug: 32715088
Change-Id: Ide476e120cb40436a94b7faf7615c943d691f4c0
|
|
This API is now exposed via MediaBrowser.
Bug: b/28791287
Change-Id: I0a8a185934fd7aaa9f2b5eac7398955fa380060f
|
|
* Add metadata support.
* Add player settings support.
* Add playback support.
A2DP Settings App support.
Bluetooth: A2DP Sink support for Settings App
- add support for A2DP Sink in Settings App. This will enable connection
initiation and updation on Settings App
- add framework Apis to support A2DP Sink. Any third party Apps can access
A2DP Sink priority of device and playing state of device
- add support for key to set priority. This manages priority of device for
A2DP Sink profile
Change-Id: If5f9139f37cdb9d200387877c7801075205c78a0
|
|
BluetoothProfile subclass
Change-Id: Id988040a7ce623ed68e0349920301ff48db1fbce
|
