Android Protected Confirmation is deprecated due to the high
support/maintenance cost for Android device makers and low adoption rate
among app developers. APC requires Android device makers to have a
substantial amount of device-specific UI code running in the trusted
execution environment. That has proven to be expensive to maintain and
non-scalable, as there cannot be a single implementations device makers
can share or use as a reference. Additionally, app developers have not
adopted this feature, as the Android platform offers other mechanisms
for authentication a user's intent. These mechanisms, such as
authentication-bound Keystore keys, are less secure than Trusted UI, but
are more wide-spread. While we explore alternatives to APC that are
viable to the device makers ecosystem, we sunset the APC API.

Test: atest CtsKeystoreTestCases
Bug: 313856313
Change-Id: I529150af4ce70371ba8c279dc91550a12640f109

Revert submission 2517535-curve_25519_validation

Reason for revert: b/322323243

Reverted changes: /q/submissionid:2517535-curve_25519_validation

Change-Id: I75d731672140f827c4574ef1a23851522fa53e92

Added a ED25519 key pair generator algorithm in AndroidKeyStoreProvider.
This will allow user to generate ED25519 key pair using
KeyPairGenerator.

Key pair generator for algorithm XDH (Agree-Key) and ED25519
(Signing-Key) should only allow curve X25519 and curve Ed25519
respectively. This expectation is checked in
AndroidKeyStoreKeyPairGeneratorSpi.

Bug: 223547517
Test: atest CtsKeystoreTestCases:android.keystore.cts.Curve25519Test
Change-Id: Ib664637ffa90eec4fd4605007c53aca584eb3799

Bug: 319044650
Bug: 321624552
Merged-In: I838f722c6640b467379ebb890aed6af6570239e7
Change-Id: I838f722c6640b467379ebb890aed6af6570239e7

* changes:
  Apply bpfmt to native/graphics/jni/Android.bp
  Add stubs to libjnigraphics

Bug: n/a
Test: nothing
Change-Id: Ia8b0005335c5533b1c7980a20e950c6a95750d7e

This is okay because libjnigraphics is an NDK library. When used by an
APEX, it needs to be loaded from the system, not bundlend in APEX.

Bug: n/a
Test: TH
Change-Id: I98851ea9fbc9f1779d628cc98875ee5310a1a478

In kernel, /proc/<pid>/status reporting calculates total_rss as:
total_rss = anon + file + shmem
Currently Process.getRss() only returns value of total_rss, anon,
file and swap, without shmem. This patch adds shmem reporting in
getRss(), to provide all components of total_rss calculation.

Bug: 318788245
Signed-off-by:  <xueguolun@xiaomi.corp-partner.google.com>
Change-Id: I7dbb4d00a08e6d93ee77768740f2acab5a58a9ea

Outside of power saving modes like battery saver and doze, network
is freely available to any app that is in memory and can run code on
the processor. However, networking is a power expensive resource and
needs to be used judiciously.

The platform policy will now restrict any apps that are in cached or
nearby process-states that are not important to the user. Any user
critical networking task must be done while being in active and valid
lifecycle states only.
The system will allow a grace period of few seconds to reduce any churn
from quick proc-state transitions but apps should ideally not rely on
this implementation detail.

Apps that are in any of the power allowlists will be exempt from this
restriction.

Refactored some code to use more inclusive language.

Test: atest FrameworksServicesTests:com.android.server.net
Test: atest CtsHostsideNetworkTests

BYPASS_INCLUSIVE_LANGUAGE_REASON=Existing code

Bug: 304347838
Change-Id: I02d82dc88c46ee7eec7e428fd46d0a538481494d
Merged-In: I02d82dc88c46ee7eec7e428fd46d0a538481494d

When native audio server dies, the audio service needs to
re-send the current state of BT profiles. This is needed for
the AIDL HAL which tracks the state of profiles at the module
context and makes decisions based on it. Previously, the
state was only affecting the state of HAL streams.

Bug: 320838889
Test: kill audio_server, check `System setParameters` in AF dump
Change-Id: I8ea732ee6dfcfce1123fb744bb69d0c4201d2285

* changes:
  Report primary auth attempts from LockSettingsService
  Add flag for reporting primary auth attempts from LockSettingsService

Report authentication attempts with PIN/pattern/password from
LockSettingsService as the source of truth. Also add a new listener to
allow other system components to response to primary auth results

Bug: 285053096
Test: m -j
Test: atest LockSettingsServiceTests
Change-Id: I9115b70742cb724b373c028d8e00d178aa1a8096

Because `system.img` is a dependency of `fontchain_lint`, and
`system.img` is currently not generated inside `Soong`, it is not
possible to directly convert `fontchain_lint` to `Android.bp`.
Move it to build/core/task first.

Bug: 319050958
Test: m fontchain_lint
Change-Id: Iad483117a609786ecfb885b13015f18dda113155

Bug: 285053096
Test: builds
Change-Id: I1912b8ada49aa22f1bcad4dd252368a3f95bbed1

SetProcessProfilesCached() can only set cgroup attributes in the v2
cgroup hierarchy if it is passed the correct user ID. Hence this CL.
This CL makes SetProcessProfilesCached() apply IO controller cgroup
attributes for processes with a user ID that is not zero.

Bug: 320456702
Bug: 213617178
Change-Id: I84d072c14ff01422560c241a69cb9f4e02c47e74
Signed-off-by: Bart Van Assche <bvanassche@google.com>

Change-Id: Iacacba4e4cf03b1c9fd02ffef39ca99e4c597160

1. mDamageGenerationId is a random value when initialized. When this random value happens to be equal to info.damageGenerationId, the dirty range will reach the maximum DIRTY_MAX.
2. When info.damageGenerationId is equal to 0, which is when the first frame of the APP is drawn, there is no need to reach the maximum DIRTY_MAX in the dirty range.

Bug: 321612817
Test: build

Change-Id: Iab6a04170926d10cdf2a62ae0fbf9cbe5eeb8bbf
Signed-off-by: qiubowen <qiubowen@xiaomi.com>

Add this permission for Thread user restrictions control.

See go/ae-v-thread-admin-control

Bug: 319198393
Merged-In: Ie8393cf876435a3ffb77a4b27bcf419b529fd785
Change-Id: Ie8393cf876435a3ffb77a4b27bcf419b529fd785

Merge "Fix crash issue when gallery app with Ultra HDR photo is moved to the virtual display." into main