Merge "docs: Added AfW item to DP4 "Behavior Changes" page" into nyc-dev
diff --git a/core/java/android/hardware/location/ContextHubService.java b/core/java/android/hardware/location/ContextHubService.java
index 8176189..43e596f 100644
--- a/core/java/android/hardware/location/ContextHubService.java
+++ b/core/java/android/hardware/location/ContextHubService.java
@@ -21,12 +21,15 @@
import android.content.pm.PackageManager;
import android.os.RemoteCallbackList;
import android.os.RemoteException;
+import android.os.ServiceManager;
+import android.service.vr.IVrManager;
+import android.service.vr.IVrStateCallbacks;
import android.util.Log;
import java.io.FileDescriptor;
import java.io.PrintWriter;
import java.util.ArrayList;
-import java.util.HashMap;
+import java.util.concurrent.ConcurrentHashMap;
/**
* @hide
@@ -57,8 +60,11 @@
private static final int OS_APP_INSTANCE = -1;
+ private static final long APP_ID_ACTIVITY_RECOGNITION = 0x476f6f676c001000L;
+
private final Context mContext;
- private final HashMap<Integer, NanoAppInstanceInfo> mNanoAppHash = new HashMap<>();
+ private final ConcurrentHashMap<Integer, NanoAppInstanceInfo> mNanoAppHash =
+ new ConcurrentHashMap<>();
private final ContextHubInfo[] mContextHubInfo;
private final RemoteCallbackList<IContextHubCallback> mCallbacksList =
new RemoteCallbackList<>();
@@ -66,6 +72,18 @@
private native int nativeSendMessage(int[] header, byte[] data);
private native ContextHubInfo[] nativeInitialize();
+ private final IVrStateCallbacks mVrStateCallbacks = new IVrStateCallbacks.Stub() {
+ @Override
+ public void onVrStateChanged(boolean enabled) {
+ for (NanoAppInstanceInfo app : mNanoAppHash.values()) {
+ if (app.getAppId() == APP_ID_ACTIVITY_RECOGNITION) {
+ sendVrStateChangeMessageToApp(app, enabled);
+ break;
+ }
+ }
+ }
+ };
+
public ContextHubService(Context context) {
mContext = context;
mContextHubInfo = nativeInitialize();
@@ -74,6 +92,18 @@
Log.d(TAG, "ContextHub[" + i + "] id: " + mContextHubInfo[i].getId()
+ ", name: " + mContextHubInfo[i].getName());
}
+
+ if (context.getPackageManager().hasSystemFeature(PackageManager.FEATURE_VR_MODE)) {
+ IVrManager vrManager =
+ IVrManager.Stub.asInterface(ServiceManager.getService("vrmanager"));
+ if (vrManager != null) {
+ try {
+ vrManager.registerListener(mVrStateCallbacks);
+ } catch (RemoteException e) {
+ Log.e(TAG, "VR state listener registration failed", e);
+ }
+ }
+ }
}
@Override
@@ -277,4 +307,19 @@
return 0;
}
+
+ private void sendVrStateChangeMessageToApp(NanoAppInstanceInfo app, boolean vrModeEnabled) {
+ int[] msgHeader = new int[MSG_HEADER_SIZE];
+ msgHeader[MSG_FIELD_TYPE] = 0;
+ msgHeader[MSG_FIELD_VERSION] = 0;
+ msgHeader[MSG_FIELD_HUB_HANDLE] = ANY_HUB;
+ msgHeader[MSG_FIELD_APP_INSTANCE] = app.getHandle();
+
+ byte[] data = new byte[1];
+ data[0] = (byte) ((vrModeEnabled) ? 1 : 0);
+ int ret = nativeSendMessage(msgHeader, data);
+ if (ret != 0) {
+ Log.e(TAG, "Couldn't send VR state change notification (" + ret + ")!");
+ }
+ }
}
diff --git a/core/java/android/os/RecoverySystem.java b/core/java/android/os/RecoverySystem.java
index 7ff01da..dd7be53 100644
--- a/core/java/android/os/RecoverySystem.java
+++ b/core/java/android/os/RecoverySystem.java
@@ -730,7 +730,7 @@
if (line.startsWith("time")) {
timeTotal = scaled;
- } else if (line.startsWith("source_version")) {
+ } else if (line.startsWith("source_build")) {
sourceVersion = scaled;
} else if (line.startsWith("bytes_written")) {
bytesWrittenInMiB = (bytesWrittenInMiB == -1) ? scaled :
diff --git a/docs/html/guide/topics/security/security-config.jd b/docs/html/guide/topics/security/security-config.jd
deleted file mode 100644
index 4cee253..0000000
--- a/docs/html/guide/topics/security/security-config.jd
+++ /dev/null
@@ -1,539 +0,0 @@
-page.title=Network Security Config
-@jd:body
-
-<div id="qv-wrapper">
-<div id="qv">
-
-<h2>In this document</h2>
-<ol>
-<li><a href="#SupportedFeatures">Features</a></li>
-<li><a href="#Examples">Examples</a>
- <ol>
- <li><a href="#TrustingCustomCas">Trusting Custom CAs</a>
- <ol>
- <li><a href="#TrustingACustomCa">Trusting a Custom CA</a></li>
- <li><a href="#LimitingCas">Limiting the Set of Trusted CAs</a></li>
- <li><a href="#TrustingAdditionalCas">Trusting Additional CAs</a></li>
- </ol>
- </li>
- <li><a href="#TrustingDebugCa">Debugging-only CAs</a></li>
- <li><a href="#UsesCleartextTraffic">Cleartext Traffic Opt-Out</a></li>
- <li><a href="#CertificatePinning">Certificate Pinning</a></li>
- <li><a href="#ConfigInheritance">Configuration Inheritance</a></li>
- </ol>
-</li>
-<li><a href="#FileFormat">Configuration File Format</a></li>
-</ol>
-</div>
-</div>
-
-<p>The Android Network Security Config lets apps customize their network security settings
-in a safe, declarative configuration file without modifying application code.
-These settings can be configured for specific domains and app-wide.</p>
-
-<h2 id="SupportedFeatures">Features</h2>
-<ul>
-<li><b>Custom trust anchors.</b> Lets an application customize which Certificate Authorities (CA) are trusted
-for its secure connections. For example, trusting particular self-signed certificates or restricting the set of public
-CAs that the app trusts.
-</li>
-<li><b>Debug-only overrides.</b> Lets an application developer safely debug secure connections of their
-application without added risk to the installed base.
-</li>
-<li><b>Cleartext traffic opt-out.</b> Lets an application protect itself from accidental usage of cleartext traffic.</li>
-<li><b>Certificate pinning.</b> An advanced feature that lets an application restrict pin its secure connection
-to particular certificates.</li>
-</ul>
-
-<h2 id="Examples">Examples</h2>
-<h3 id="TrustingCustomCas">Trusting Custom CAs</h3>
-<p>An application may want to trust a custom set of CAs instead of the platform
-default. The most common reasons of this are:
-<ul>
-<li>Connecting to a host with a custom certificate authority(self-signed, issued by an internal corporate CA, etc).</li>
-<li>Limiting the set of CAs to only the CAs you trust instead of every preinstalled CA.</li>
-<li>Trusting additional CAs not included in the system.</li>
-</ul>
-</p>
-<p>By default secure (e.g. TLS, HTTPS) connections from all applications trust the pre-installed system CAs, and
-applications targeting API level 23 (Android M) and below also trust the user-added CA store by default.
-An application can customize its own connections using {@code base-config} (for app-wide customization) or
-{@code domain-config} (for per-domain customization).</p>
-
-<h4 id="TrustingACustomCa">Trusting a Custom CA</h4>
-<p>Assume you want to connect to your host which uses a self-signed SSL certificate or to
-a host whose SSL certificate is issued by a non-public CA which you trust, e.g., your company's internal
-CA.</p>
-<p>
-<code>res/xml/network_security_config.xml</code>:
-<pre>
-<?xml version="1.0" encoding="utf-8"?>
-<network-security-config>
- <domain-config>
- <domain includeSubdomains="true">example.com</domain>
- <trust-anchors>
- <certificates src="@raw/my_ca"/>
- </trust-anchors>
- </domain-config>
-</network-security-config>
-</pre>
-</p>
-<p>Add the self-signed or non-public CA certificate, in PEM or DER format, to {@code res/raw/my_ca}.</p>
-<p>
-In <code>AndroidManifest.xml</code> reference the above config
-<pre>
-<?xml version="1.0" encoding="utf-8"?>
-...
-<application ...>
- <meta-data android:name="android.security.net.config"
- android:resource="@xml/network_security_config" />
- ...
-</pre>
-</p>
-<h4 id="LimitingCas">Limiting the Set of Trusted CAs</h4>
-<p>An application that does not want to trust all CAs trusted by system can instead specify its own
-reduced set of CAs to trust. This protects the application from fradulent certificates issued by any
-of the other CAs.</p>
-
-<p>The config to limit the set of trusted CAs is similar to <a href="#TrustingACustomCa">trusting a custom CA</a>
-for a specific domain except that multiple CAs are provided in the resource.</p>
-
-<p>
-<code>res/xml/network_security_config.xml</code>:
-<pre>
-<?xml version="1.0" encoding="utf-8"?>
-<network-security-config>
- <domain-config>
- <domain includeSubdomains="true">secure.example.com</domain>
- <domain includeSubdomains="true">cdn.example.com</domain>
- <trust-anchors>
- <certificates src="@raw/trusted_roots"/>
- </trust-anchors>
- </domain-config>
-</network-security-config>
-</pre>
-</p>
-<p>Add the trusted CAs, in PEM or DER format, to {@code res/raw/trusted_roots}.
-Note that if using PEM format the file must contain <em>only</em> PEM data and no extra text.
-You can also provide multiple <a href="certificates"><code><certificates></code></a> elements instead
-of one.</p>
-<p>
-In <code>AndroidManifest.xml</code> reference the above config
-<pre>
-<?xml version="1.0" encoding="utf-8"?>
-...
-<application ...>
- <meta-data android:name="android.security.net.config"
- android:resource="@xml/network_security_config" />
- ...
-</pre>
-</p>
-
-<h4 id="TrustingAdditionalCas">Trusting Additional CAs</h4>
-<p>An application may want to trust additional CAs not trusted by the system, this could be due to
-the system not yet including the CA or a CA that does not meet the requirements for inclusion into
-the Android system. An application can do this by specifying multiple certificate sources for a configuration.
-</p>
-<p>
-<code>res/xml/network_security_config.xml</code>:
-<pre>
-<?xml version="1.0" encoding="utf-8"?>
-<network-security-config>
- <base-config>
- <trust-anchors>
- <certificates src="@raw/extracas"/>
- <certificates src="system"/>
- </trust-anchors>
- </base-config>
-</network-security-config>
-</pre>
-</p>
-<p>
-In <code>AndroidManifest.xml</code> reference the above config
-<pre>
-<?xml version="1.0" encoding="utf-8"?>
-...
-<application ...>
- <meta-data android:name="android.security.net.config"
- android:resource="@xml/network_security_config" />
- ...
-</pre>
-</p>
-
-<h3 id="TrustingDebugCa">Debugging-only CAs</h3>
-<p>When debugging an application that connects over HTTPS you may want to connect to a local development
-server, which does not have the SSL certificate for your production server. In order to support this
-without any modification to your application's code you can specify debug-only CAs that are
-<i>only</i> trusted when <a href="{@docRoot}guide/topics/manifest/application-element.html#debug">android:debuggable</a>
-is {@code true} by using {@code debug-overrides}. Normally IDEs and build tools set this flag automatically for non-release builds.</p>
-<p>This is safer than the usual conditional code because, as a security precaution, application stores
-do not accept applications which are marked debuggable.</p>
-
-<p>
-<code>res/xml/network_security_config.xml</code>:
-<pre>
-<?xml version="1.0" encoding="utf-8"?>
-<network-security-config>
- <debug-overrides>
- <trust-anchors>
- <certificates src="@raw/debug_cas"/>
- </trust-anchors>
- </debug-overrides>
-</network-security-config>
-</pre>
-</p>
-<p>
-In <code>AndroidManifest.xml</code> reference the above config
-<pre>
-<?xml version="1.0" encoding="utf-8"?>
-...
-<application ...>
- <meta-data android:name="android.security.net.config"
- android:resource="@xml/network_security_config" />
- ...
-</pre>
-</p>
-
-<h3 id="UsesCleartextTraffic">Cleartext Traffic Opt-Out</h3>
-<p>Applications which intend to connect to destinations using only secure connections can opt-out
-of supporting cleartext (i.e. plain HTTP instead of HTTPS) to those destinations. This helps prevent
-accidental regressions in applications due to changes in URLs provided by external sources such as
-backend servers.</p>
-<p>See {a href="{@docRoot}reference/android/security/NetworkSecurityPolicy.html#isCleartextTrafficPermitted()} for more details.</p>
-
-<p>For example, an application may want to ensure that all connections to {@code secure.example.com} are always
-done over HTTPS to protect sensitive traffic from hostile networks.</p>
-
-<p>
-<code>res/xml/network_security_config.xml</code>:
-<pre>
-<?xml version="1.0" encoding="utf-8"?>
-<network-security-config>
- <domain-config usesCleartextTraffic="false">
- <domain includeSubdomains="true">secure.example.com</domain>
- </domain-config>
-</network-security-config>
-</pre>
-</p>
-<p>
-In <code>AndroidManifest.xml</code> reference the above config
-<pre>
-<?xml version="1.0" encoding="utf-8"?>
-...
-<application ...>
- <meta-data android:name="android.security.net.config"
- android:resource="@xml/network_security_config" />
- ...
-</pre>
-</p>
-
-<h3 id="CertificatePinning">Certificate Pinning</h3>
-<p>Normally an application trusts all preinstalled CAs. If any of these CAs were to issue a fradulent certificate
-the application would be at risk from a MiTM attack. Some applications choose to limit the set of
-certificates they accept by either limiting the set of CAs they trust or by certificate pinning.</p>
-
-<p>Certificate pinning is done by providing a set of certificates by hash of the public key (SubjectPublicKeyInfo
-of the X.509 certificate). A certificate chain is then only valid if the certificate chain contains at least
-one of the pinned public keys.</p>
-
-<p>Note that when using certificate pinning you should always include a backup key so that if you
-are forced to switch to new keys, or change CAs (when pinning to a CA certificate or an intermediate of that CA),
-your application's connectivity is unaffected. Otherwise you will have to push out an update to the
-application to restore connectivity.</p>
-
-<p>Additionally it is possible to set an expiration time for pins after which pinning will not be
-performed. This helps prevent connectivity issues in applications which have not been updated.
-However, setting an expiration time on pins may enable pinning bypass.
-</p>
-
-<p>
-<code>res/xml/network_security_config.xml</code>:
-<pre>
-<?xml version="1.0" encoding="utf-8"?>
-<network-security-config>
- <domain-config>
- <domain includeSubdomains="true">example.com</domain>
- <pin-set expiration="2018-01-01">
- <pin digest="SHA-256">7HIpactkIAq2Y49orFOOQKurWxmmSFZhBCoQYcRhJ3Y=</pin>
- <!-- backup pin -->
- <pin digest="SHA-256">fwza0LRMXouZHRC8Ei+4PyuldPDcf3UKgO/04cDM1oE=</pin>
- </domain-config>
-</network-security-config>
-</pre>
-</p>
-<p>
-In <code>AndroidManifest.xml</code> reference the above config
-<pre>
-<?xml version="1.0" encoding="utf-8"?>
-...
-<application ...>
- <meta-data android:name="android.security.net.config"
- android:resource="@xml/network_security_config" />
- ...
-</pre>
-</p>
-
-<h3 id="ConfigInheritance">Configuration Inheritance</h3>
-<p>Values not set in a specific config will be inherited.
-This allows more complex configurations while keeping the configuration file readable.</p>
-
-<p>If a value is not set in a specific entry then value from the next more general entry will be used.
-Values not set in a {@code domain-config} will be taken from the parent {@code domain-config}, if nested, or
-from the {@code base-config} if not. Values not set in the {@code base-config} will use
-the platform default values.
-
-<p>For example consider, where all connections to subdomains of {@code example.com}
-must use a custom set of CAs. Additonally cleartext traffic to these domains is permitted
-<em>except</em> when connecting to {@code secure.example.com}. By nesting the configuration
-for {@code secure.example.com} inside the configuration for {@code example.com} the
-{@code trust-anchors} does not need to be duplicated.</p>
-
-<p>
-<code>res/xml/network_security_config.xml</code>:
-<pre>
-<?xml version="1.0" encoding="utf-8"?>
-<network-security-config>
- <domain-config>
- <domain includeSubdomains="true">example.com</domain>
- <trust-anchors>
- <certificates src="@raw/my_ca"/>
- </trust-anchors>
- <domain-config cleartextTrafficPermitted="false">
- <domain includeSubdomains="true">secure.example.com</domain>
- </domain-config>
- </domain-config>
-</network-security-config>
-</pre>
-</p>
-<p>
-In <code>AndroidManifest.xml</code> reference the above config
-<pre>
-<?xml version="1.0" encoding="utf-8"?>
-...
-<application ...>
- <meta-data android:name="android.security.net.config"
- android:resource="@xml/network_security_config" />
- ...
-</pre>
-</p>
-
-<h2 id="FileFormat">Configuration File Format</h2>
-<p>The configuration file is XML. Here is what it can contain:</p>
-</p>
-<pre>
-<?xml version="1.0" encoding="utf-8"?>
-<network-security-config>
- <base-config>
- <trust-anchors>
- <certificates src="..."/>
- ...
- </trust-anchors>
- </base-config>
-
- <domain-config>
- <domain>android.com</domain>
- ...
- <trust-anchors>
- <certificates src="..."/>
- ...
- </trust-anchors>
- <pin-set>
- <pin digest="...">...</pin>
- ...
- </pin-set>
- </domain-config>
- ...
- <debug-overrides>
- <trust-anchors>
- <certificates src="..."/>
- ...
- </trust-anchors>
- </debug-overrides>
-</network-security-config>
-</pre>
-
-<h3 id="network-security-config"><network-security-config></h3>
-<dl class="xml">
-<dt>can contain:</dt>
-<dd>0 or 1 <code><a href="#base-config"><base-config></a></code>
-<br/>Any number of <code><a href="#domain-config"><domain-config></a></code>
-<br/>0 or 1<code><a href="#debug-overrides"><debug-overrides></a></code>
-</dd>
-</dl>
-
-
-<h3 id="base-config"><base-config></h3>
-<dl class="xml">
-<dt>syntax:</dt>
-<dd><pre class="stx"><base-config <a href="#usesCleartextTraffic">usesCleartextTraffic</a>=["true" | "false"]>
- ...
-</base-config></pre></dd>
-<dt>can contain:</dt>
-<dd><code><a href="#trust-anchors"><trust-anchors></a></code></dd>
-<dt>descrption:</dt>
-<dd>
-The default configuration used by all connections whose destination is not covered by a
-<a href="#domain-config"><code>domain-config</code></a>.
-
-<p>Any values that are not set will use the platform default values.
-The default configuration for applications targeting above API level 24 and above:
-<pre>
-<base-config usesCleartextTraffic="true">
- <trust-anchors>
- <certificates src="system" />
- </trust-anchors>
-</base-config>
-</pre>
-The default configuration for applications targeting API level 23 and below is:
-<pre>
-<base-config usesCleartextTraffic="true">
- <trust-anchors>
- <certificates src="system" />
- <certificates src="user" />
- </trust-anchors>
-</base-config>
-</pre>
-</p>
-</dd>
-</dl>
-
-<h3 id="domain-config"><domain-config></h3>
-<dl class="xml">
-<dt>syntax:</dt>
-<dd><pre class="stx"><domain-config <a href="#usesCleartextTraffic">usesCleartextTraffic</a>=["true" | "false"]>
- ...
-</domain-config></pre></dd>
-<dt>Can Contain:</dt>
-
-<dd>
-1 or more <code><a href="#domain"><domain></a></code>
-<br/>0 or 1 <code><a href="#trust-anchors"><trust-anchors></a></code>
-<br/>0 or 1 <code><a href="#pin-set"><pin-set></code></a>
-<br/>Any number of nested <code><domain-config></code></dd>
-
-<dt>Descrption</dt>
-<dd>Configuration used for connections to specific destinations as the defined by {@code domain} elements.
-
-<p>Note that if multiple {@code domain-config} elements cover a destination the config with the most specific (longest)
-matching domain rule will be used.</p></dd>
-</dl>
-
-<h3 id="domain"><domain></h3>
-<dl class="xml">
-<dt>syntax:</dt>
-<dd><pre class="stx"><domain includeSubdomains=["true" | "false"]>example.com</domain></pre></dd>
-<dt>Attributes:</dt>
-<dd><dl class="attr">
-<dt>{@code includeSubdomains}</dt>
-<dd>If {@code "true"} then this domain rule will match the domain and all subdomains, including
-subdomains of subdomains, otherwise the rule only applies to exact matches.</dd>
-</dl>
-</dd>
-
-<dt>Descrption:</dt>
-</dl>
-
-<h3 id="debug-overrides"><debug-overrides></h3>
-<dl class="xml">
-<dt>syntax:</dt>
-<dd><pre class="stx"><debug-overrides>
- ...
-</debug-overrides></pre></dd>
-<dt>Can Contain:</dt>
-<dd>0 or 1 <code><a href="#trust-anchors"><trust-anchors></a></code></dd>
-<dt>Description:</dt>
-<dd>Overrides to be applied when
-<a href="{@docRoot}guide/topics/manifest/application-element.html#debug">android:debuggable</a> is
-{@code "true"} which is normally the case for non-release builds generated by IDEs and build tools.
-Trust anchors specified in {@code debug-overrides} are added to all other configurations and certificate
-pinning is not performed when the server's certificate chain uses one of these debug-only trust anchors.
-If <a href="{@docRoot}guide/topics/manifest/application-element.html#debug">android:debuggable</a> is
-{@code "false"} then this section is completely ignored.
-</dd>
-</dl>
-
-<h3 id="trust-anchors"><trust-anchors></h3>
-<dl class="xml">
-<dt>syntax:</dt>
-<dd>
-<pre class="stx"><trust-anchors>
-...
-</trust-anchors>
-</pre></dd>
-<dt>Can Contain:</dt>
-<dd>Any number of <code><a href="#certificates"><certificates></a></code></dd>
-<dt>Description:</dt>
-<dd>Set of trust anchors for secure connections.</dd>
-</dl>
-
-
-<h3 id="certificates"><certificates></h3>
-<dl class="xml">
-<dt>syntax:</dt>
-<dd><pre class="stx"><certificates src=["system" | "user" | "<i>raw resource</i>"]
- overridePins=["true" | "false"] />
-</pre></dd>
-<dt>description:</dt>
-<dd>Set of X.509 certificates for {@code trust-anchors} elements.</dd>
-
-<dt>attributes:</dt>
-<dd><dl class="attr">
-<dt>{@code src}</dt>
-<dd>
-The source of CA certificates, can be one of
-<ul>
- <li>a raw resource id pointing to a file containing X.509 certificates. Certificates must be encoded in DER or PEM format.
- In the case of PEM certificates the file <em>must not</em> contain extra non-PEM data such as comments.</li>
- <li>{@code "system"} for the pre-installed system CA certificates</li>
- <li>{@code "user"} for user-added CA certificates</li>
-</ul>
-</dd>
-
-<dt>{@code overridePins}</dt>
-<dd>
-Specifies if the CAs from this source bypass certificate pinning. If {@code "true"} then certificate chains which
-chain through one of the CAs from this source then pinning will not be performed. This can be useful
-for debug CAs or to support letting the user MiTM your app's secure traffic.
-<p>
-Default is {@code "false"} unless specified in a {@code debug-overrides} element, in which case the default is {@code "true"}.
-</p>
-</dd>
-</dl>
-</dd>
-
-<h3 id="pin-set"><pin-set></h3>
-<dl class="xml">
-<dt>syntax:</dt>
-<dd>
-<pre class="stx"><pin-set expiration="date">
-...
-</pin-set>
-</pre></dd>
-<dt>Can Contain:</dt>
-<dd>Any number of <code><a href="#pin"><pin></a></code></dd>
-<dt>Description:</dt>
-<dd>A set of public key pins. For a secure connection to be trusted, one of the public keys in the chain of trust must
-be in the set of pins. See <code><a href="#pin"><pin></a></code> for the format of pins.</dd>
-<dt>Attributes:</dt>
-<dd><dl class="attr">
-<dt>{@code expiration}</dt>
-<dd>The date, in {@code yyyy-MM-dd} format, at and after which the pins expire, thus disabling pinning.
-If the attribute is not set then the pins do not expire.
-<p>Expiration helps prevent connectivity issues in applications which do not get updates to their
-pin set, for example because the user disabled application updates.</p>
-</dd>
-</dl>
-</dd>
-
-<h3 id="pin"><pin></h3>
-<dl class="xml">
-<dt>syntax:</dt>
-<dd>
-<pre class="stx"><pin digest=["SHA-256"]>base64 encoded digest of X.509 SubjectPublicKeyInfo (SPKI)</pin></pre></dd>
-<dt>Attributes:</dt>
-<dd><dl class="attr">
-<dt>{@code digest}</dt>
-<dd>The digest algorithm used to generate the pin. Currently only {@code "SHA-256"} is supported.</dd>
-</dl>
-</dd>
-</dl>
diff --git a/docs/html/preview/support.jd b/docs/html/preview/support.jd
index ba30fe34..5328fd8 100644
--- a/docs/html/preview/support.jd
+++ b/docs/html/preview/support.jd
@@ -257,6 +257,26 @@
server when in a Work profile. This issue will be resolved in the next
Developer Preview.
</li>
+
+ <li>After reboot with work mode off, solving work challenge does not switch
+ on work mode.
+ </li>
+
+ <li>Users receiving a video call in Hangouts have to unlock work challenge
+ first.
+ </li>
+
+ <li>Accessing Settings > Security > Device Security crash observed when
+ separating primary and work challenge.
+ </li>
+
+ <li>If {@link android.os.UserManager#DISALLOW_CONFIG_VPN} is set before
+ calling {@link android.app.admin.DevicePolicyManager#setAlwaysOnVpnPackage
+ DevicePolicyManager.setAlwaysOnVpnPackage()}, then setting always on VPN does
+ not work. That is, after rebooting the device with the {@link
+ android.os.UserManager#DISALLOW_CONFIG_VPN} restriction set, VPN is not
+ autostarted.
+ </li>
</ul>
<!-- TBA, if any
diff --git a/packages/SettingsLib/src/com/android/settingslib/drawer/SettingsDrawerActivity.java b/packages/SettingsLib/src/com/android/settingslib/drawer/SettingsDrawerActivity.java
index ce916cb..37e3c53 100644
--- a/packages/SettingsLib/src/com/android/settingslib/drawer/SettingsDrawerActivity.java
+++ b/packages/SettingsLib/src/com/android/settingslib/drawer/SettingsDrawerActivity.java
@@ -308,6 +308,13 @@
}
@Override
+ protected void onPreExecute() {
+ if (sConfigTracker == null || sTileCache == null) {
+ getDashboardCategories();
+ }
+ }
+
+ @Override
protected void onPostExecute(List<DashboardCategory> dashboardCategories) {
for (int i = 0; i < dashboardCategories.size(); i++) {
DashboardCategory category = dashboardCategories.get(i);
diff --git a/services/core/java/com/android/server/AnyMotionDetector.java b/services/core/java/com/android/server/AnyMotionDetector.java
index e98b4aa..a8ae914d 100644
--- a/services/core/java/com/android/server/AnyMotionDetector.java
+++ b/services/core/java/com/android/server/AnyMotionDetector.java
@@ -308,7 +308,7 @@
/**
* A timestamped three dimensional vector and some vector operations.
*/
- private static class Vector3 {
+ public static final class Vector3 {
public long timeMillisSinceBoot;
public float x;
public float y;
@@ -321,11 +321,11 @@
this.z = z;
}
- private float norm() {
+ public float norm() {
return (float) Math.sqrt(dotProduct(this));
}
- private Vector3 normalized() {
+ public Vector3 normalized() {
float mag = norm();
return new Vector3(timeMillisSinceBoot, x / mag, y / mag, z / mag);
}
@@ -338,12 +338,20 @@
* @return angle between this vector and the other given one.
*/
public float angleBetween(Vector3 other) {
- double degrees = Math.toDegrees(Math.acos(this.dotProduct(other)));
- float returnValue = (float) degrees;
+ Vector3 crossVector = cross(other);
+ float degrees = Math.abs((float)Math.toDegrees(
+ Math.atan2(crossVector.norm(), dotProduct(other))));
Slog.d(TAG, "angleBetween: this = " + this.toString() +
- ", other = " + other.toString());
- Slog.d(TAG, " degrees = " + degrees + ", returnValue = " + returnValue);
- return returnValue;
+ ", other = " + other.toString() + ", degrees = " + degrees);
+ return degrees;
+ }
+
+ public Vector3 cross(Vector3 v) {
+ return new Vector3(
+ v.timeMillisSinceBoot,
+ y * v.z - z * v.y,
+ z * v.x - x * v.z,
+ x * v.y - y * v.x);
}
@Override
diff --git a/services/tests/servicestests/src/com/android/server/Vector3Test.java b/services/tests/servicestests/src/com/android/server/Vector3Test.java
new file mode 100644
index 0000000..88dbe70
--- /dev/null
+++ b/services/tests/servicestests/src/com/android/server/Vector3Test.java
@@ -0,0 +1,164 @@
+/*
+ * Copyright (C) 2016 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.server;
+
+import android.test.AndroidTestCase;
+
+import java.lang.Exception;
+import java.lang.Math;
+
+/**
+ * Tests for {@link com.android.server.AnyMotionDetector.Vector3}
+ */
+public class Vector3Test extends AndroidTestCase {
+ private static final float tolerance = 1.0f / (1 << 12);
+ private static final float STATIONARY_ANGLE_THRESHOLD = 0.05f;
+
+ private AnyMotionDetector.Vector3 unitXAxis;
+ private AnyMotionDetector.Vector3 unitYAxis;
+ private AnyMotionDetector.Vector3 unitZAxis;
+ private AnyMotionDetector.Vector3 x3;
+ private AnyMotionDetector.Vector3 case1A;
+ private AnyMotionDetector.Vector3 case1B;
+ private AnyMotionDetector.Vector3 case2A;
+ private AnyMotionDetector.Vector3 case2B;
+ private AnyMotionDetector.Vector3 x1y1;
+ private AnyMotionDetector.Vector3 xn1y1;
+ private AnyMotionDetector.Vector3 x1z1;
+ private AnyMotionDetector.Vector3 y1z1;
+ private AnyMotionDetector.Vector3 piOverSixUnitCircle;
+
+
+ private boolean nearlyEqual(float a, float b) {
+ return Math.abs(a - b) <= tolerance;
+ }
+
+ public void setUp() throws Exception {
+ super.setUp();
+ unitXAxis = new AnyMotionDetector.Vector3(0, 1, 0, 0);
+ unitYAxis = new AnyMotionDetector.Vector3(0, 0, 1, 0);
+ unitZAxis = new AnyMotionDetector.Vector3(0, 0, 0, 1);
+ x3 = new AnyMotionDetector.Vector3(0, 3, 0, 0);
+ x1y1 = new AnyMotionDetector.Vector3(0, 1, 1, 0);
+ xn1y1 = new AnyMotionDetector.Vector3(0, -1, 1, 0);
+ x1z1 = new AnyMotionDetector.Vector3(0, 1, 0, 1);
+ y1z1 = new AnyMotionDetector.Vector3(0, 0, 1, 1);
+ piOverSixUnitCircle = new AnyMotionDetector.Vector3(
+ 0, (float)Math.sqrt(3)/2, (float)0.5, 0);
+
+ case1A = new AnyMotionDetector.Vector3(0, -9.81f, -0.02f, 0.3f);
+ case1B = new AnyMotionDetector.Vector3(0, -9.80f, -0.02f, 0.3f);
+ case2A = new AnyMotionDetector.Vector3(0, 1f, 2f, 3f);
+ case2B = new AnyMotionDetector.Vector3(0, 4f, 5f, 6f);
+ }
+
+ public void testVector3Norm() {
+ assertTrue(nearlyEqual(unitXAxis.norm(), 1.0f));
+ assertTrue(nearlyEqual(unitYAxis.norm(), 1.0f));
+ assertTrue(nearlyEqual(unitZAxis.norm(), 1.0f));
+ assertTrue(nearlyEqual(x1y1.norm(), (float)Math.sqrt(2)));
+ }
+
+ public void testVector3AngleBetween() {
+ // Zero angle.
+ assertTrue(nearlyEqual(unitXAxis.angleBetween(unitXAxis), 0.0f));
+ assertTrue(nearlyEqual(unitYAxis.angleBetween(unitYAxis), 0.0f));
+ assertTrue(nearlyEqual(unitZAxis.angleBetween(unitZAxis), 0.0f));
+
+ // Unit axes should be perpendicular.
+ assertTrue(nearlyEqual(unitXAxis.angleBetween(unitYAxis), 90.0f));
+ assertTrue(nearlyEqual(unitXAxis.angleBetween(unitZAxis), 90.0f));
+ assertTrue(nearlyEqual(unitYAxis.angleBetween(unitZAxis), 90.0f));
+
+ // 45 degree angles.
+ assertTrue(nearlyEqual(unitXAxis.angleBetween(x1y1), 45.0f));
+ assertTrue(nearlyEqual(unitYAxis.angleBetween(x1y1), 45.0f));
+
+ // 135 degree angles.
+ assertTrue(nearlyEqual(xn1y1.angleBetween(unitXAxis), 135.0f));
+
+ // 30 degree angles.
+ assertTrue(nearlyEqual(piOverSixUnitCircle.angleBetween(unitXAxis), 30.0f));
+
+ // These vectors are expected to be still.
+ assertTrue(case1A.angleBetween(case1A) < STATIONARY_ANGLE_THRESHOLD);
+ assertTrue(case1A.angleBetween(case1B) < STATIONARY_ANGLE_THRESHOLD);
+ assertTrue(unitXAxis.angleBetween(unitXAxis) < STATIONARY_ANGLE_THRESHOLD);
+ assertTrue(unitYAxis.angleBetween(unitYAxis) < STATIONARY_ANGLE_THRESHOLD);
+ assertTrue(unitZAxis.angleBetween(unitZAxis) < STATIONARY_ANGLE_THRESHOLD);
+ }
+
+ public void testVector3Normalized() {
+ AnyMotionDetector.Vector3 unitXAxisNormalized = unitXAxis.normalized();
+ assertTrue(nearlyEqual(unitXAxisNormalized.x, unitXAxis.x));
+ assertTrue(nearlyEqual(unitXAxisNormalized.y, unitXAxis.y));
+ assertTrue(nearlyEqual(unitXAxisNormalized.z, unitXAxis.z));
+
+ // Normalizing the vector created by multiplying the unit vector by 3 gets the unit vector.
+ AnyMotionDetector.Vector3 x3Normalized = x3.normalized();
+ assertTrue(nearlyEqual(x3Normalized.x, unitXAxis.x));
+ assertTrue(nearlyEqual(x3Normalized.y, unitXAxis.y));
+ assertTrue(nearlyEqual(x3Normalized.z, unitXAxis.z));
+ }
+
+ public void testVector3Cross() {
+ AnyMotionDetector.Vector3 xCrossX = unitXAxis.cross(unitXAxis);
+ assertTrue(nearlyEqual(xCrossX.x, 0f));
+ assertTrue(nearlyEqual(xCrossX.y, 0f));
+ assertTrue(nearlyEqual(xCrossX.z, 0f));
+
+ AnyMotionDetector.Vector3 xCrossNx = unitXAxis.cross(unitXAxis.times(-1));
+ assertTrue(nearlyEqual(xCrossNx.x, 0f));
+ assertTrue(nearlyEqual(xCrossNx.y, 0f));
+ assertTrue(nearlyEqual(xCrossNx.z, 0f));
+
+ AnyMotionDetector.Vector3 cross2 = case2A.cross(case2B);
+ assertTrue(nearlyEqual(cross2.x, -3));
+ assertTrue(nearlyEqual(cross2.y, 6));
+ assertTrue(nearlyEqual(cross2.z, -3));
+ }
+
+ public void testVector3Times() {
+ AnyMotionDetector.Vector3 yTimes2 = unitYAxis.times(2);
+ assertTrue(nearlyEqual(yTimes2.x, 0f));
+ assertTrue(nearlyEqual(yTimes2.y, 2f));
+ assertTrue(nearlyEqual(yTimes2.z, 0f));
+ }
+
+ public void testVector3Plus() {
+ AnyMotionDetector.Vector3 xPlusY = unitXAxis.plus(unitYAxis);
+ assertTrue(nearlyEqual(xPlusY.x, 1f));
+ assertTrue(nearlyEqual(xPlusY.y, 1f));
+ assertTrue(nearlyEqual(xPlusY.z, 0f));
+ }
+
+ public void testVector3Minus() {
+ AnyMotionDetector.Vector3 xMinusY = unitXAxis.minus(unitYAxis);
+ assertTrue(nearlyEqual(xMinusY.x, 1f));
+ assertTrue(nearlyEqual(xMinusY.y, -1f));
+ assertTrue(nearlyEqual(xMinusY.z, 0f));
+ }
+
+ public void testVector3DotProduct() {
+ float xDotX = unitXAxis.dotProduct(unitXAxis);
+ float xDotY = unitXAxis.dotProduct(unitYAxis);
+ float xDotZ = unitXAxis.dotProduct(unitZAxis);
+ assertTrue(nearlyEqual(xDotX, 1f));
+ assertTrue(nearlyEqual(xDotY, 0f));
+ assertTrue(nearlyEqual(xDotZ, 0f));
+ }
+}