Change to call the VpnRunner.exit to stop vpn profile
instead of using prepareInternal to leave the package intact.
This aligns with the way that VpnServices are disconnected
so that the package and other related information will not be
reset unexpectedly.

In current design, Vpn will examine if the current prepared
package matches to prevent an existing always-on VPN from being
dethroned by other apps when the VPN always-on is enabled.
However, when the VPN is disabled using stopVpnProfile, the
current package name will be updated to [LEGACY VPN]. The
current package will no longer be the same with the VPN package.
This resulted in the rejection of the VPN app to start the VPN
using VpnManager.startVpnProfile again.

Test: atest FrameworksNetTests
Test: manually test with VPN app to reconnect VPN when always-on
      is enabled.
Bug: 235322391
Change-Id: I83e1e1edf6c3a6653d87216afcd397f296f59cf2

Update the string without the underscore to prevent conflict with
the existing VPN prefix.

Settings app may get exception when the vpn exclusion list was
set since the logic is used in the Settings relying on the
prefix match. The current app exclusion prefix is also started
with "VPN_", so it will be mis-used by Settings as a VPN profile.

Bug: 237345836
Test: atest FrameworksNetTests
Change-Id: I01e773cc15eb1ae5ffaa12aef124bbbf390cc004

Do not allow oneTouchPlay and getDisplayStatus methods to be called
with null callback as an argument.

Bug: 236687418
Test: None
Change-Id: I9f1b3ec5c1a44fd588068881febd35d34930f031

Bahrain adding 85999 for use case with Android Emergency Location Service in Bahrain.

Bug: 237320943
Bug: 235138474

Test: manual tests conducted as per instructions in go/premiumsms

Change-Id: I90424bee99968b4111d02f1e8a7a7a6fa166a8ab

This commit passes through package added/removed broadcasts,
triggering the VPN to update the allowed/excluded UIDs.

This is required because the VPN app exclusion list is stored
in the keystore. The UID range for the VPN network agent should
be updated when the package status is updated.

As an example, consider the following sequence:
- Package A is installed, and in the exclusion list.
- A is uninstalled
- VPN starts, A is not installed, so no UID A to exclude
- A is re-installed after VPN is started
- The VPN would include the app A, potentially breaking it.

Bug: 231373589
Test: atest FrameworksNetTests
Change-Id: I7ee32103ffdfc97e4c95007f35671cefeb9b22d7

Colombia adding 85517 for use case with Android Emergency Location Service in Colombia.
Mexico adding 91101 for use case with Android Emergency Location Service in Mexico.

Bug:235139281
Bug:235138474

Test: manual tests conducted as per instructions in go/premiumsms

Change-Id: I889a3250d8d54fa000719dab9e0fc1c33111aee3

After onGroupIdChanged, the CsipDeviceManager assigns the first
device with the same groupId as main device. It is not correct
since the main device shouble be the active device. This issue
causes the summary can't shows 'Active' at the Settings.

Bug: 232892046
Test: Build pass
Change-Id: I00e5471b9315c896b8c16723ad37d66a922c27e4
Merged-In: I00e5471b9315c896b8c16723ad37d66a922c27e4

Bug: 216731966
Test: Compile and Test
Cherry-picked from tm-dev
Merged-In: Ic8e9c2db0743738b2b6649451c79a559c3b8edc5

Change-Id: Ic8e9c2db0743738b2b6649451c79a559c3b8edc5

Test: N/A

Change-Id: Ia292ff9ff867d387c7ec7910e51ac730501d00af

scryptN, scryptR, and scryptP are really the log base 2 of the scrypt
parameters N, R, and P -- not N, R, and P themselves as their names
suggest.  Rename them accordingly.

No change in behavior; this is just a cleanup.

Test: atest SyntheticPasswordTests
Change-Id: I2b3bfe73e623ebf6f0f9d4de11f6e7d00d825522

Remove the in-class implementation of hex encoding and just use
HexEncoding, which was already being used in one place.

No change in behavior since the encoding remains the same.  In
particular, upper case A-F is still used instead of lower case a-f.

Test: atest SyntheticPasswordTests
Change-Id: I493e4b894f76670bcb9cba8a8a774f3f5832e769

If an app declares too much hosts for App Link, Statementservice will crash since
it uses Data class of WorkManager to save verify result for all hosts while Data throws
IllegalStateException if it occupies more than 10240 bytes when serialized.
This fix uses SharedPreferences to save verify results instead of Data class of WorkManager.

Test:Disable GMS core and reboot device, then install Google Map; Statementservice does not crash
and framework receives host verify results from Statementservice

Signed-off-by: Bin Wang <bin.wang@oppo.corp-partner.google.com>
Change-Id: I6d1b19fd8ed3158a621a2fb0089d92430482fd61

Detect recycle called twice always (and when DEBUG_RECYCLE is on, we
detect recycle called twice or called zero times, and we show a stack).

Bug: 231799394
Test: manual (calling recycle twice)
Change-Id: I1dd9f392ee916edd9c598085a1c19dbdd3ce957f
Merged-In: I1dd9f392ee916edd9c598085a1c19dbdd3ce957f

The output of derivePassword() is a key (byte array, not hex encoded),
not a password.  Therefore, rename it to deriveSubkey().

No change in behavior; this is just a cleanup.

Test: atest SyntheticPasswordTests
Change-Id: Ie3d74a579963bcbe63fc93c1b4c436c2aba8c342

Bug: 232461611
Test: m -j
Change-Id: I41c9bb1d0fd554e0f598223f8cbf013776275d39

Test: atest MessageDigestPerfTest
Bug: 236922387
Change-Id: I80af7091a1e8229d4ac29437a8b6d46d1c206eb5

Add clarification that this flag can only be applied by privileged apps, and will be ignored otherwise.

Bug: 236932598
Change-Id: I78db484b9d479abed67689c827707b6f141b2c00
Test: N/A

This application can be installed as a signature app. It displays
all available rollbacks, and will manually trigger the rollback of
all selected rollback IDs. This application will not trigger a
reboot in the case of staged rollbacks.

Test: m SampleRollbackApp, adb install. Manually install a train
      with rollback enabled and reboot. Verify that the available
      rollback is displayed, and that the rollback can be committed.
Bug: 220204580
Change-Id: Id2e5afac9e25532d8c24ea2b803c07dcfdb84d85

This is going to be disted instead of the monolithic one being
used currently.

Bug: 235140934
Test: m sdk-annotations{,-system}.zip and diff; manual spot checking
Test: m sdk dist && diff out/dist/system-data/annotations.zip with this
Change-Id: I9874f88e933a8b804a73638e6bac7a9d312c7c9f