(Night mode comes later, once UiModeManager changes are ready).

Test: atest ZenModeHelperTest
Bug: 308673540

Change-Id: I7deba78255ebe18c088cd3456c56f7801210f876

(This is needed to be able to exercise the new API in a CTS test.)

Test: (see other CLs in this topic)
Bug: 268089816
Change-Id: I63de51fbb837071fbf99b8bdc9135bcfb3b12b52

Move TPL logic from surfaceflinger to system server. When a TPL is
registered, start listening to window info updates and start checking
for whether thresholds will be crossed. This allows us to move the logic
away from the composition hot path and optimize to handle multiple
listeners. This change also consolidates all the TPL logic into its own
thread.

Bug: 290795410
Test: atest TrustedPresentationCallbackTest

Change-Id: Ib649f157ddbb6b5a952cedeb235f6ace6f5e43ae

At the moment Action+Grave will go back, but not Action+Escape;
Escape is the top-left key, not grave.

Bug: 313612728
Test: Flashed build, confirmed Action+Escape goes back
Change-Id: Ieb83fb0373f62e39e2debed72cdbc1b6761760ff
Flag: NONE

Preventively ensure the dimLayer has not been released before trying to access it.

Fix: 308448047
Test: atest CtsWindowManagerDeviceOther:android.server.wm.other.MinimalPostProcessingTests#testTwoVisibleWindowsSecondOnePrefersMinimalPostProcessing --iteration 100
Test: atest DimmerTests
Change-Id: Id08838e0a98ba949382442b8fac8e81156d1aa40

The LayoutParam secure flag set by the client is set on the WSA level.

This causes a few issues:
1. Child windows don't inherit this flag since child windows are added
   beneath WS
2. Prevents moving the WSA's SC to the client since the secure flag
   needs to be set in WMS.

Test: FlagSecureTest
Bug: 308662081
Change-Id: I724ab0d834b0d74b33ccbb6bbd2c6f9c622c2a15

This is required for CtsVoiceInteractionTestCases.

Test: presubmit
Bug: 291656263
Change-Id: I0fa57a0ec0d337f5bf2970a536e20bdc94d4f312

Instead of adding yet another virtual display flag, the API is in
VirtualDisplayConfig and uses WM's DisplayWindowSettings to store the
bit whether home is supported.

The difference with the existing FLAG_SHOULD_SHOW_SYSTEM_DECORATIONS
is that it also adds navigation bar and the new API doesn't. The flag
is hidden but there are existing clients of it.

Several caveats:
 - Need to use displayUniqueId instead of displayId because we should
   tell WM about the home support before the display is actually
   created and the display listeners notified.
 - Interacting with the DisplayWindowSettings requires the WM lock,
   which must not be acquired while DisplayManagerService is holding
   its own lock because this may and will sometimes cause deadlock.
 - So extracting the displayUniqueId generation logic before the DMS
   locked region of actually creating the virtual display and passing
   it to WM to store the settings.
 - Change in the virtual display uniqueId generation: reusing ids per
   package/uid causes problems in when displays with the same name
   are created and released quickly (CTS). When there are no display
   devices, the same unique id is used, but the DisplayWindowSettings
   may not have yet received the previous onDisplayRemoved callback,
   so the setting for that uniqueId is removed. Making the uniqueIds
   truly unique fixes this and there's no realistic danger of an
   overflow.

Fix: 291749213
Fix: 297167917
Test: see CTS in topic
Test: atest VirtualDisplayAdapterTest
Test: atest DisplayWindowSettingsTests
Test: atest DisplayAreaPolicyTests
Change-Id: If72696a793a9c4d63d4f8b72de7433b0dd440909

Fix: 300385158
Test: presubmit
Test: manual, verified that KEYCODE_LANGUAGE_SWITCH reaches the framework

Change-Id: If98addb0f9f3cff93bb0159b8fde171acf6a3998

- Remove embedded window check, EmbeddedWindowController#getByFocusToken
  should search with input token instead of window token, so it always
  return null nowaday.
- Skip search if the closing target isn't visibleRequested, usually that
  means the closing transition is collecting or playing, either case the
  window shouldn't receive another back invoked event. Inject the back
  key then next focus app will handle it.
- Use TYPE_CALLBACK if we cannot find any task below current task, this
  could also happen on some specific device.(e.g. No home)

Bug: 303266152
Bug: 309683765
Test: atest BackNavigationControllerTests
Change-Id: Ia1f5ec664ea7154d9c8ac59cbc247a51226dfdf1

Defines permissions for guarding access to Thread network API.

The permissions are also granted to shell for CTS tests, see the
instructions here: go/ctswrite#write-a-test-to-test-an-api-that-requires-system-permission

Design doc: go/thread-android-api

Bug: 262683651
Merged-In: Ib15d5589bbd304d68840ee52a193676d12110512
Change-Id: Ifc6c1d55cc170a5a200dfb5d531f5e0f86a9507a

Defines permissions for guarding access to Thread network API.

The permissions are also granted to shell for CTS tests, see the
instructions here: go/ctswrite#write-a-test-to-test-an-api-that-requires-system-permission

Design doc: go/thread-android-api

(cherry picked from commit 03aa71cd4b5eabe9310d3c4d4db10038b80853d1)

Bug: 262683651
Change-Id: Ib15d5589bbd304d68840ee52a193676d12110512

Bug: 292533010
Test: atest CtsGetBindingUidImportanceTest
    ... with and without android.app.get_binding_uid_importance set.

Change-Id: Iee6f0e08ba499f2f51d8173e45168c69933cd451

Update ContentRecorder & MediaProjectionManagerService to log a MediaProjectionTargetChanged atom upon recording starting and further updates to windowing mode.

Bug: 304728422
Test: atest WmTests:ContentRecorderTests
Test: atest FrameworksServicesTests:MediaProjectionManagerServiceTest
Test: atest FrameworksServicesTests:MediaProjectionMetricsLoggerTest
Change-Id: I5120ba2571fb2e6e084e72c4fd079767530ccdeb

Test: None
Bug: 308352352
Doc: https://docs.google.com/document/d/15MiUQNkH2cXjrHbsLRxW5v4pyddwgyTBK-9cKB1oD58
Change-Id: Ibe3a336ebb3525a719147fe6f991c910b214e370

Adds logic to UnfoldTransitionHandler that
takes over animating a transition if it contains
changes related to unfold.

Bug: 259220649
Test: atest PhysicalDisplaySwitchTransitionLauncherMixedTest
Test: manual unfold 20 times =>
  verify that there is no black screen delay
Test: artificially increase collecting of rotation transition
  => rotate and unfold device, check that animation works
Flag: handle_mixed_unfold_transitions
Change-Id: I3285c1b6a45da63ac7846e9d5929db9426b069ae

... until we figure out a way to determine if a device supports a
specific HID usage code. Right now, having a usage code mapping means we
automatically assume the device can report the key code. Assuming a
device can support a stylus keycode makes the device get classified as a
stylus, leading to widespread misclassifications.

Bug: 291529805
Test: atest inputflinger_tests
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:5fb192aaec7a1d4ebb1384d96b3f79d4b2ca2f2c)
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:55930e07d69fbd8ffd27d677a06fd0ba71a30bf8)
Merged-In: I580514bdcbbfbe93df83fa3faa6262077e881243
Change-Id: I580514bdcbbfbe93df83fa3faa6262077e881243

This introduces a new ReadyTracker class based around tracking
explicit conditions instead of an arbitrary set of heuristics
mixed with legacy.

Usage involves constructing a ReadyCondition and adding it to
a transition's tracker. Once the condition is met, call `meet()`
on the condition.

The new ReadyTracker considers the transition ready if there
was at-least one condition added and all the added conditions
have been met.

This is just the base implementation so it isn't really
functional yet. This does add ready-conditions in most of
the places where the old method's defer/continue were used.

Bug: 294925498
Test: atest TransitionTests
Change-Id: I6cbd9152d03e707e0e7134fa8ada2902e5af847e

The new scaling takes into account the asymmetry in pixel size on the
external display for better rendering.

Bug: 304248677
Test: atest WmTests:ContentRecorderTests
Change-Id: I7502538c5423343da93c20bfb7c6c8bea33dd7d2

Collect the changes on a dim layer and assign only the last requested to
a transaction
- Avoids issues with transaction ending up in the wrong order
- Allows smooth transactions between different alpha values
- Does not treat the entering animation as a special animation case

Test: DimmerTests
Bug: 281632483
Bug: 295291019

Change-Id: Ic3e6ce1f107bfc3ac925eb167b8bc89a5df478c8

Bug: 281769620
Test: Manually done
Test: atest FontListParserTest TypefaceSystemFallbackTest
Test: atest CtsGraphicsTestCases CtsTextTestCases
Change-Id: Ice5a51024c7fbba2af7c5886c751e2508c3670d7

Bug: 290068850
Test: manual
Change-Id: I394f38d6960deae36237b3a7122fd343dc7a1934

With v4 signature and fs-verity, verifying an APK integrity is O(1)
time. This allows us to enforce signature and detect persistent attack
(via tampering with an APK) across a reboot for updated system apps.

For the first step, we don't implement a policy (e.g. all priv apps)
and only protect the packages in an allowlist specified by a resource
property. This is due to the ecosystem complexity, where some OEM may
preload app from another developer, since developer's v4 signature may
need extra plumbing depending on how they are installed.

Some implementation details:

After a system package is updated, during the boot we still want to
retrieve the SigningDetails from the APK in the dm-verity protected
partition. This is to harden and protect the allowlisted apps from
tampered record in an attacking scenario. The SigningDetails of the
disabled pacakge is then used during the reconcile phase, to ensure
the updated package has consistent signature with the original version.

Originally, canSkipForcedPackageVerification checks splits explicitly.
This is not necessary because ParsingPackageUtils.getSigningDetails can
only succeed (e.g. during collectCertificatesLI, when forced) if the
splits are consistent with the base.

Delete some dead code, e.g. in the skipVerify condition.

Bug: 277344944
Test: 1. locally add com.android.egg to the allowlist
      2. build EasterEgg with v4 signature; and EasterEgg2 with a
         different signing key
      3. adb install-multiple --no-incr EasterEgg.apk EasterEgg.apk.idsig
      4. with root, replace base.apk and base.apk.idsig with EasterEgg2,
         chown and enable fsverity
      5. adb shell stop/start
      6. verify from logcat that the APK is recovered by expected check
        * With some code change to force condition.
Change-Id: I0b62b73208c7d4e6b8613f1ae3aa726de8d8fa65

We don't have a way to determine if devices can actually report HID
usage keys. Marking them as fallback only.

Bug: 297094448
Test: atest inputflinger_tests
Change-Id: I45710f9e6237c86613717fab779dbd7cc5c66c86

Feature flag check is no longer needed and leads to scenarios where partial screen sharing fails despite the device being capable of it, so its better to remove this extra point of failure.

Bug: 301273469
Test: manually built & smoke test
Test: atest WmTests:ContentRecorderTests
Change-Id: Iad8926c377a2cae7c1b08f874926d09cc46274a4

Otherwise the client won't report finishRelaunching to decrease
mPendingRelaunchCount and cause ActivityRecord#isSyncFinished
to return false.

Also skip pre-loading recents(home) if its process is still cached
(e.g. intermediate state when switching user). Otherwise the
transaction may be failed by frozen state.

Bug: 301034389
Test: atest RecentsAnimationTest#testPreloadRecentsActivity
Test: Create multiple users with using different font size, wallpaper,
      dark theme. Launch several apps on each users. Switch between
      the users multiple times. There won't be transition timeout when
      returning from other apps to home.
Merged-In: Ia2761e1e9fadf98ab952440ae884c12cc78697c8
Change-Id: Ia2761e1e9fadf98ab952440ae884c12cc78697c8

There have been a few reports on foldables where rotation lock suddenly
changed, without user interaction.
Adding these logs will make it easier to debug the issue.

Bug: 289023967
Bug: 289534937
Bug: 279685215
Test: Manually - Change rotation lock and check logs in dumpsys
Change-Id: If8de11265355f640a6ec54950bb3250c231b34cf

Otherwise the client won't report finishRelaunching to decrease
mPendingRelaunchCount and cause ActivityRecord#isSyncFinished
to return false.

Also skip pre-loading recents(home) if its process is still cached
(e.g. intermediate state when switching user). Otherwise the
transaction may be failed by frozen state.

Bug: 301034389
Test: atest RecentsAnimationTest#testPreloadRecentsActivity
Test: Create multiple users with using different font size, wallpaper,
      dark theme. Launch several apps on each users. Switch between
      the users multiple times. There won't be transition timeout when
      returning from other apps to home.
Change-Id: Ia2761e1e9fadf98ab952440ae884c12cc78697c8

Aside from resizing the VirtualDisplay from MediaProjection#createVirtualDisplay,
an app may also set a new output surface on the VirtualDisplay. This output
surface is where the mirrored layers are rendered out to, so we must transform
the mirrored layers in response to any Surface size changes.

Bug: 300481174
Test: atest WmTests:ContentRecorderTests
Change-Id: I062379b9d702fb2c3a13e5442ee14036d1a31637

Bug: 300481174
Test: checked logs
Change-Id: I52c62c5c5e09d2e4aa9c37b23b4ef645cf98bc7b

Implement most changes in Core to support
the btn nav + auto-enter pip flow for pip2 experiment.

Design of this flow is described in more detail here: go/pip2-transitions.

The change should not have any effects when pip2 experiment is off.

Bug: 298263450
Test: mp droid

Change-Id: Iba32999a55238a0e5e00df37ec9a2ba4db8d7996

To allow only platform signed apps to access camera
as User 0 in Headless user Mode, add a new permission
android.permission.CAMERA_HEADLESS_SYSTEM_USER with
protection level of "signature".

Bug:296959023
Test: Test that headless system user is not able to access
the camera without the new permission.

Change-Id: I8fab31e1d7e483b476fe1761c8b35e1766119b25

To avoid malformed transformations due to inaccurate bounds
when the task is in PIP. pause recording entirely when the
task enters PIP and resume when the task leaves PIP.

Bug: 297514518
Test: atest WmTests:ContentRecorderTests
Test: manual MediaProjection smoke tests, change windowing modes
Change-Id: I92ba7a211d0c719e60d8a397f2ba1b250903eb01

it is added to the vendor partition.

Bug: 212639052
Test: press the assist button, check that keyboard
Test: events are delivered to the guest (`adb shell getevent -lt`)
Test: and the asistant window appears.
Change-Id: I1b836b975df2fc46383b3f83a6276936874bfea9
Signed-off-by: Roman Kiryanov <rkir@google.com>

Attempted comparing orientations from different enums; manifested as wildly
incorrect transformations when handling a rotation & the virtual display
is resized.

Bug: 289976187
Test: atest WmTests:ContentRecorderTests
Test: manual check full display & single app capture with rotations
Change-Id: I10b03c5169a03b6540181b4bc4a3f47fa421f675

Bug: 290068850
Test: Manual Smoke
Change-Id: I10592f5a2fa628a99a50af32bceb9fbc3abc7610

... until we figure out a way to determine if a device supports a
specific HID usage code. Right now, having a usage code mapping means we
automatically assume the device can report the key code. Assuming a
device can support a stylus keycode makes the device get classified as a
stylus, leading to widespread misclassifications.

Bug: 291529805
Test: atest inputflinger_tests
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:5fb192aaec7a1d4ebb1384d96b3f79d4b2ca2f2c)
Merged-In: I580514bdcbbfbe93df83fa3faa6262077e881243
Change-Id: I580514bdcbbfbe93df83fa3faa6262077e881243

... until we figure out a way to determine if a device supports a
specific HID usage code. Right now, having a usage code mapping means we
automatically assume the device can report the key code. Assuming a
device can support a stylus keycode makes the device get classified as a
stylus, leading to widespread misclassifications.

Bug: 291529805
Test: atest inputflinger_tests
Change-Id: I580514bdcbbfbe93df83fa3faa6262077e881243

Test: atest 'CtsSecurityTestCases:android.security.cts.ActivityManagerTest#testActivityManager_stripTransitionFromActivityOptions'
Bug: 286882367
Bug: 290586831
Bug: 237290578
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:0be0367ece4d946de576f7bb1e6e6777633a736d)
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:8bddf5091e0bf4e8252abc66169a7bcc9459001a)
Merged-In: Iffe5625ae57c21874805ef98b67faac9f56f87f5
Change-Id: Iffe5625ae57c21874805ef98b67faac9f56f87f5

This is necessary for the settings app to set the bt audio device type
on the AudioManager.

Test: manually set the bt audio device type
Bug: 287011781

Merged-In: I4978b56091b1132f112d4ddec500710964854ec7
Change-Id: I4978b56091b1132f112d4ddec500710964854ec7