SystemUI needs to be able to enable and disable
overlays in order to invert text and surface colors.
Bug: 38164700
Test: make
Change-Id: I7685d5fddb5a476e10012dab2d6e7ee5da206f80
This CL is in support of another CL c/2048848, topic
'Refactor hid command in /frameworks/base/cmds'
in internal master. Adding the permissions for bluetooth
devices here to access uhid_node as part of the new 'uhid'
group.
Bug: 34052337
Test: Tested on angler, bluetooth mouse works OK.
Change-Id: I63963984a0a3dccb4fccc64bb6fef4e809e2737e
...starting services from jobs
Bring back the correct bg check restrictions on jobs, but also
bring back whitelisting of dmagent so it doesn't crash.
Test: booted and ran
Change-Id: I78892386bdcd4f39e0b1a6d33b224bdff958af37
ensure that ResolverRankerServices are from trust sources.
Test: manually shared images in Camera, and in PTP to confirm it works
as expected.
Change-Id: I3549292d424fec949e9115faea7a0c5bdec06e87
(cherry picked from commit 61cf4d145e)
ensure that ResolverRankerServices are from trust sources.
Test: manually shared images in Camera, and in PTP to confirm it works
as expected.
Change-Id: I3549292d424fec949e9115faea7a0c5bdec06e87
The OEM lock can be implemented with the persistent data block or the
OemLock HAL.
Test: gts-tradefed run gts -m GtsOemLockServiceTestCases -t com.google.android.oemlock.gts.OemLockServiceTest
Bug: 34766843
Change-Id: I16b31785d9af58212a050a299ef024be3139f0c6
We're not actually clearing any files, only deciding how much free
space is available, so we're fine assuming the remote caller has the
permission.
Test: builds, boots
Bug: 37169076
Change-Id: I6cd42f77c43e9d2de40e2b8b937c7f2145f1b869
It already has CLEAR_APP_USER_DATA to clear everything inside app
storage, and clearing cached data is a subset of that.
Test: cts-tradefed run commandAndExit cts-dev -m CtsAppSecurityHostTestCases -t android.appsecurity.cts.StorageHostTest
Bug: 36731175
Change-Id: Iefc5be6c80e2562a95424fd6fe413bdb018201a9
This should be reverted before O is shipped.
Test: Found DMAgent in the whitelist in Settings.
Bug: 36856786
Change-Id: I7828566e4bc93a30457c594471fa43270c0bf3b3
Notice that app put in this list is also exempted from doze.
Also, this only exempts us from the service restriction, but not the broadcast one.
Test: adb shell am make-uid-idle --user 0 com.android.managedprovisioning
&& adb shell am broadcast -a android.intent.action.PRE_BOOT_COMPLETED -n com.android.managedprovisioning/com.android.managedprovisioning.ota.PreBootListener
Observe there is no crash
Change-Id: Ic0a943a9b66c909a6727f9411af519a8c6cf0157
Fix: 36705375
Shell needs to have this permission in order for the deviceidle
tempwhitelist shell command to exist.
Bug 34715096
Test: cts-tradefed run cts -m CtsAppTestCases \
-t android.app.cts.ActivityManagerTest#testBackgroundCheckService
Change-Id: Ic1fdd87b6020649705ba0c9349dd00dd096037f3
Caused b/35926593 because ExternalStorageProvider needs raw
access to underlying devices that aren't mounted visibly, like
USB mass storage devices.
This reverts commit 53d64fc839.
BluetoothManagerService for some reason leaks the Android's Bluetooth
MAC address via Settings.Secure which is normally readable by all
apps. This lets apps bypass the restriction on access to Bluetooth MAC
address from apps.
This commit fixes the issue by restricting access to bluetooth_address
secure setting (Settings.Secure). Only packages which hold the
android.permission.LOCAL_MAC_ADDRESS permission retain access.
This commit accordingly grants LOCAL_MAC_ADDRESS permission to the
system Shell app because a number of scripts (including Android CTS)
use "adb shell settings get secure bluetooth_address" as a convenient
way to query the device's Bluetooth MAC address over ADB. This is
acceptable because the user of the device can see the Bluetooth MAC
address and thus it's fine for shell to be able to see the address as
well.
Test: See CTS test added in the cts project in this topic.
Test: "adb shell settings get secure bluetooth_address" returns the
Bluetooth MAC address of the Android.
Test: "adb shell settings list secure | grep bluetooth_address"
returns the Bluetooth MAC address of the Android.
Test: Bluetooth works (toggling off/on, pairing, file transfer)
Bug: 33701414
Change-Id: I17b110b96eb3794b25c1661e93d29a7a003e3c9a
The Shell application needs access to change which overlays are
enabled in OverlayManagerService.
Test: Manual: invoke adb exec-out cmd overlay enable some.package.name
when shell is not root (adb unroot on eng builds).
Change-Id: I1849f68e244cfc9b1e13eb0e673dde7be03cba6d
The new sdcardfs filesystem requires that we have stricter access
controls around /data/media style locations. Start by taking away
the "media_rw" GID from apps requesting the WRITE_MEDIA_STORAGE
permission.
Common use-cases like music playback appear to continue working fine,
as clients should only be attempting to use /data/media paths after
calling maybeTranslateEmulatedPathToInternal().
Test: builds, boots, music playback works
Bug: 35447080
Change-Id: Iba9f3ef41d3277c75497f675a1fe6d3406cf4542
...when using device on mobile data
Whitelist CellBroadcastReceiver, this is a core OS component anyway
so this probably makes sense.
Test: manual
Change-Id: I1560093640e81064ad123ff0bbcb307583fc47c6
This shouldn't properly be emplaced as a side-effect of partner-
specific configurations; so now we don't do that any more.
Bug 35151478
Test: verify whitelist contents with 'bmgr whitelist'
Change-Id: I854ddfdbcec1def882b24f5ea7955b28d4789806
Camera service will need to a way to query
the process state and oom score.
BUG: 34701266
Test: Manual testing + cts-tradefd run cts -m Camera --abi armeabi-v7a --disable-reboot
Change-Id: I4df704817d2fc728d421daeffbbbcee2e61d8c3b
Adds android.permission.BIND_IMS_SERVICE to the permissions
whitelist xml file.
Bug: 34813244
Test: Manual
Change-Id: I7a7ad1a361c9d2dcc51769bc74a436878ad4adc5
Apps that target O+ are always subject to background restrictions.
Legacy apps' background restriction is subject to the OP_RUN_IN_BACKGROUND
app op.
Apps with these properties are exempted from background restrictions:
- persistent process
- currently on the idle battery whitelist
- global whitelist for things like bluetooth services
Bug 30953212
Change-Id: Icc19b2fbc05f40dcf8c3fc4abf718c373dc8d4f6
Apps that target O+ are always subject to background restrictions.
Legacy apps' background restriction is subject to the OP_RUN_IN_BACKGROUND
app op.
Apps with these properties are exempted from background restrictions:
- persistent process
- currently on the idle battery whitelist
- global whitelist for things like bluetooth services
Bug 30953212
Change-Id: Ib444829a2d222125f64ff19e8218823fa78373f9
Added support for privapp-permissions config element. It allows to explicitly
control what privileged permissions applications should be granted.
Feature is controlled by ro.control_privapp_permissions property.
Possible values:
- 0/false, the feature is completely disabled - signature|privileged
permissions are granted automatically without logging. *Default behavior*
- 1/true, enforce that only whitelisted permissions are granted. Only
devices with ro.control_privapp_permission=1 will pass CTS tests.
Test: Manual
Bug:31008485
Change-Id: I93a8c2782cc72b3953f32c237086d08d82ac0d5b
