A Device Owner cannot be uninstalled and is available to all users. It must
be registered before the device_provisioned flag is set.
Device admins can be disabled until used, but visible to device policy
manager, so that users wont be bothered with update requests.
Opened up a few related APIs for use by a system-installed Device Owner.
Change-Id: I847b5fe68c0f724863f778a67602b5bddc79d8e5
Patch adds the seinfo label per package to the file.
This is of particular interest to the run-as program
which uses the seinfo tag to correctly label the
app security context before running the shell.
Change-Id: I9d7ea47c920b1bc09a19008345ed7fd0aa426e87
Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil>
Protect app widget broadcasts from abuse.
In this case the app was sending an APPWIDGET_UPDATE broadcast
without specifying a target, which (a) should not be allowed (you
should not be able to send updates to other apps), and (b) resulted
in every single potential app widget in the system being launched...
which was about 75 of them.
Change-Id: I9d48733610ce6d5a7c32e69a3e06b9f33bd79a34
This patch set allows the PMS to parse the
mac_permissions.xml file which contains the
seinfo values. Each package that is installed
on the device will be assigned an seinfo value
based on policy. This seinfo value will help label
the app process and data directory. Modifications
include adjustments to ApplicationInfo.java
to store the seinfo tag per package as well as
adjustments to installd to communicate the seinfo
tag to libselinux.
Change-Id: I61ad1ea12fb6a9a6d0b108ec163bc4bf4c954b58
Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil>
Currently, grantPermission / revokePermission only handles development
permissions. This change extends these two functions to handle normal
and dangerous permissions.
A normal / dangerous permission can modified if it is marked as
optional (android:required="false") using the "am grant" / "am revoke"
commands.
Currently, this change is a no-op. The package parser code
does not currently honor <uses-permission android:required="false"> in
the application's manifest, and assumes a permission is always required.
This change sets the ground for future optional permissions work.
Change-Id: I34f02ffd714e8a9a37b9f87df89cef915b1b6780
- New coordinating class to juggle multiple ActivityStacks.
- First job: take singleton Keyguard dismiss behavior out of
ActivityStack.
Change-Id: I68e4b44411d3ec9401e86ac23703d6540dcb12e8
This patch covers 2 cases. When an app is installed
and the resulting data directory is created for all
existing users. And when a new user is created and
all existing app data directories are created for
the new user.
Change-Id: Iacaba6d9d18d5337e65713960d14efe32006b330
Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil>
This patch set allows the PMS to parse the
mac_permissions.xml file which contains the
seinfo values. Each package that is installed
on the device will be assigned an seinfo value
based on policy. This seinfo value will help label
the app process and data directory. Modifications
include adjustments to ApplicationInfo.java
to store the seinfo tag per package as well as
adjustments to installd to communicate the seinfo
tag to libselinux.
Change-Id: I61ad1ea12fb6a9a6d0b108ec163bc4bf4c954b58
Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil>
8323587: Add feature for supporting app widgets
8323342: Add feature for replacing the home screen
8323590: Add feature for supporting input methods
The app widget service looks for the app widget feature
and refuses to work if it doesn't exist. I didn't do
this for the input method service because some devices
will probably want to still make use of that mechanism
without supporting third party input methods.
Change-Id: Ie3b089105e104f4d767cdb03cdbe4fdb1c17382e
If no accessibility services are enabled, we disable the
accessibility event firing to save resources. When the last
such services is disabled the system was not unbinding. As
a result the user was seeing the touch exploration enable
dialog when the service that requested it is disabled. Also
there is one service the system is bound to that is not used.
bug:8439191
Change-Id: I6f37f2573a815bfb29870298aa0abbb1fa105588
Pause and retry capturing a thumbnail if the window hasn't yet
been drawn. Still will show black thumbnails if recents is pressed
before window has anything drawn.
Improves bug 7552304.
Change-Id: I550c5a60510bfc4547bbb44451d57b4bc9f49880
Since using the discard option for mounting an Ext4 file system
could lead to unpredictable slowdowns of I/O we will explicitly
control when to perform fstrim, i.e. discard unused blocks of the
mounted volume. We are using the idle maintenance intents sent by
the system which specify a window that one can use to perform
expensive maintenance tasks while the user does not use the device.
This change is adding a broadcast receiver for the idle maintenance
start intent to the mount services which then notifies vold when to
start fstrim.
Since fstrim will be run on a daily basis we do not expect fstrim
to be too long, so it is not interruptible. We will implement
interruption only in case we see issues.
bug:8056794
Change-Id: I1438479d2956b61b82d3a130854376f7a144aaf3
