Introduces a new file that defines the owners for BAL logic.

Use this file for background activity start related files:
- BackgroundActivityStartController
- BackgroundActivityStartCallback
- BackgroundStartPrivileges
- BackgroundStartPrivilegesTest (in tests)

Change-Id: I3315a0f2216ed22a28b952f30afe0c3d14cfc955
Test: owners change only

* changes:
  LockSettingsService: pass SyntheticPassword to unlockKeystore()
  LockSettingsService: pass SyntheticPassword to setUserKeyProtection()
  LockSettingsService: define string constants for migration keys

* changes:
  Face auth  not eligible if camera in use
  Make face auth ineligible when camera access is disabled

Change-Id: I2877baced8ebfa779c041319dc7b43aa5f411ec2

Change-Id: I57241df8ad477084d8c4b8b501a752312a32ad44

Test: atest PreAuthInfoTest
Bug: 287422904
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:e6f6fc99b0d3beeac22e8d3106c4eaa5c611ebcf)
Merged-In: Ie06600fa9c0ba58a058dac24c7fe0bda226e9aba
Change-Id: Ie06600fa9c0ba58a058dac24c7fe0bda226e9aba

Test: Disable camera access in Settings, Open biometric prompt test app
and try to authenticate; Fingerprint authentication should work normally
Bug: 277854521
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:c35a712ab4308e0281c8b2a7adfae8de42d28a6a)
Merged-In: I19556fa7f861f2f7655e792b1da9d74d3cf2259e
Change-Id: I19556fa7f861f2f7655e792b1da9d74d3cf2259e

mLastTopTime was initialized as 0, meaning early on in the boot
OomAdjuster would mistakenly think apps had recently been in the TOP
state.

Also, changed mLastProviderTime even though it had some logic (now
removed) to avoid the mistake.

Test: atest MockingOomAdjustertest (ideally immediatly after boot)
Fixes: 300106850
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:1e35d99e4a8c394fc8ea11c8e4ed797c85a2e769)
Merged-In: I399d34e1a9a19b7211413e51099721ea49efa7ad
Change-Id: I399d34e1a9a19b7211413e51099721ea49efa7ad

This resolves automerge conflicts in aosp/2745223

Test: atest com.android.mediaframeworktest.unit.MediaMetadataRetrieverTest
Bug: 298965955

Merged-In: I7e29732e1e77e37cfb491521d14d2f3eb07deb36
Merged-In: I81d512e9b21b64a2cca0450cb85c52d8a2125865
Change-Id: I8cb92fd35b3633cf458f8692173124fd1666d6b5

This reverts commit a19c130b.

Reason for revert: culprit of boot memory regression

Original commit message:
"""
Load native GLES driver when specified.

Since ANGLE and native GLES drivers can coexist, when native is
specified, the loader must load the native GLES drivers specified in
ro.hardware.egl. This patch passes this information down to the native
graphics environment so that the EGL loader can properly check.

Bug: b/283858001
Test: atest CtsAngleDeveloperOptionHostTest -c with ANGLE being default
Test: atest CtsAngleDeveloperOptionHostTest -c with native being default
"""

Bug: b/283858001
Bug: b/289956225
Test: forrest test
Change-Id: Idb66f290801de1ef777c909be7b582703fe7e144
Merged-In: Idb66f290801de1ef777c909be7b582703fe7e144

Since ANGLE and native GLES drivers can coexist, when native is
specified, the loader must load the native GLES drivers specified in
ro.hardware.egl. This patch passes this information down to the native
graphics environment so that the EGL loader can properly check.

Bug: b/283858001
Test: atest CtsAngleDeveloperOptionHostTest -c with ANGLE being default
Test: atest CtsAngleDeveloperOptionHostTest -c with native being default
Change-Id: I5b0b6df40daf436eb81009c83a5b585531765f4c
Merged-In: I5b0b6df40daf436eb81009c83a5b585531765f4c

...while moving apps or media content from internal storage to
adopted storage and vice-versa.
Currently, for FBE enabled devices, whenever move is triggered for
either app or media content, there is a prompt for user to enter their
lockscreen credential in order to unlock storage if the user has one.
But if the user does not have a lockscreen credential set and is not
running,the wizard page is stuck. This leads to a bad user experience.

This CL adds a new binder method
ILockSettings#unlockUserKeyIfUnsecured(int) which can be used for
unlocking users which do not have a lockscreen credential. This replaces
the LockSettingsInternal#unlockUserKeyIfUnsecured(int). This method is
used by LockPatternUtils#unlockUserKeyIfUnsecured instead of
LockSettingsInternal#unlockUserKeyIfUnsecured so that Settings app can
unlock users for the use-case explained above. This also modifies
SyntheticPasswordTests to use the binder method.

Bug: 305978187
Test: manual
Steps:
1. Create multiple users with atleast one user with an authentication
   method setup and one without authentication (apart from system user)
2. Install same apps for all users and also add some content to the
   media storage.
3. Format an SD Card as adopted.
4. Attempt to move content.
5. Check that the wizard is not stuck and it is prompting the locked
   users to authenticate.
6. Reboot
7. After reboot, Go to Settings > All Apps > app_name
   > Storage & Cache
8. Tap on "Change" under Storage and Select Adopted storage.
9. Check the same as Step#5

Also, ran atest com.android.server.locksettings and checked that the
all test cases are passing.

Change-Id: I34741c8e25cce256c2bfcc4dafb50e5d3e16f7ea

Test: treehugger
Change-Id: I841125e1e7192abc2fc50ab710a4684e7267e469

* changes:
  Fix system process crash
  Change log priority for ERROR_KEY_DOES_NOT_EXIST in RecoverableKeyStore
  Use a copy of lock screen secret in recoverablekeystore.
  Throw InsecureUserException when LSKF is not set in recoverablekeystore.

This change adds overriding methods that are essential to compile the
stubs generated from the signature files.

More information and the background for this change is available at
go/add-overriding-one-pager.

Test: m checkbuild --build-from-text-stub
Bug: 299366704
Change-Id: Ia8f0ae4b4e47a2974016fd844242aa0564027131
Merged-In: Ifc1876eb60a4b716f72c86003dc9bea0081e9a4c

verifyKnownUsers() might fail due to database error
in low storage which will crash the system process
and cause boot loop.

Bug: 300568641
Test: 1. put large files under /data/local/tmp
         to cause low storage
      2. device can reboot successfully
Change-Id: If1a3ac06b2c02b273afa47e6b0a90bf08408fb6b
Merged-In: If1a3ac06b2c02b273afa47e6b0a90bf08408fb6b
(cherry picked from commit 9ff12f33)

Test: N/A
Bug: 287139350
Change-Id: If9e8177718a5eef63d18de5a16463bff8ebe9e52
Merged-In: If9e8177718a5eef63d18de5a16463bff8ebe9e52
(cherry picked from commit 196cffa1)

LockscreenCredential removes secret from memory.
KeySyncTask.run is delayed and has risk of using array with all zeros.

Bug: 159914786
Test: atest com.google.android.gts.recoverablekeystore
Test: atest com.android.server.locksettings.recoverablekeystore
Change-Id: I0ed183eb3a30c16db77cb12b2347794796dd88d8
Merged-In: I0ed183eb3a30c16db77cb12b2347794796dd88d8
(cherry picked from commit 07b312c8)

Without fix RecoveryController.generateKey and importKey throw generic ServiceSpecificException.

Bug: 283534188
Test: atest com.android.server.locksettings.recoverablekeystore
Change-Id: I8604d3c771e37ca3322d3301037b7443d0a3928b
Merged-In: I8604d3c771e37ca3322d3301037b7443d0a3928b
(cherry picked from commit 26f7222e)

Droidstubs now support using the api-versions.xml from another
droidstubs module, so reuse the one from `api_versions_system`
in `framework-doc-system-stubs`.

Test: m framework-docs-system-stubs
      # Diff stubs before and after
Change-Id: I0aa3a74664e2a9343e90d91b7520ce8bbcadfac5

* changes:
  Load reboot escrow data at PHASE_BOOT_COMPLETED
  Add a verification flow for the user to exit repair mode
  Create a verify flag to support verification for entering repair mode
  Add a settings key to expose the device's repair mode state
  Add a configuration to enable or disable support for repair mode

Previously the per-app opt in only works for ANGLE apk, this patch
refactors the logic to allow per-app opt in to work for system ANGLE.
This patch checks whether system ANGLE is supported and if it presents,
uses it if the ANGLE apk setup fails.

With this patch, the per-app opt in will function this way:

1) When full ANGLE apk is installed
Regardless of whether system ANGLE is present, the "angle" option will
use ANGLE apk, the "native" option will switch to native GLES drivers
specified by ro.hardware.egl, the "default" option will use whatever the
default graphics driver is loaded.

2) When full ANGLE apk is not installed and system ANGLE is present
The "angle" option will use system ANGLE, the "native" option will
switch to native GLES drivers specified by ro.hardware.egl, the
"default" option will use whatever the default graphics driver is
loaded.

3) When full ANGLE apk is not installed and system ANGLE doesn't exist
The per-app option will not function at all.

Minor: clean up unused and unnecessary variables.
Minor: Avoid sending toast when ANGLE apk doesn't present

Bug: b/283858001
Test: test with camera
Test: atest CtsAngleIntegrationHostTestCases
Change-Id: I83b3c2ccbe7cb38f71418afde4254f48153ab6b3
Merged-In: I83b3c2ccbe7cb38f71418afde4254f48153ab6b3

Merge "Add monicamwang and rayhdez to frameworks/base/services/core/java/com/android/server/stats/OWNERS" into main