- Extend the concept if "isPrivilidged" to a generic "RestrictionBypass"
class so that we can add more variants of bypassing.
- Add a new way of bypassing by using a new permission.
- Always except resolvable UIDs (root, shell, media_uid, audioserver,
cameraserver, system server) from restrictions.
Fixes: 141210120
Test: atest -m CtsAppOpsTestCases FrameworksMockingServicesTests:AppOpsServiceTest FrameworksMockingServicesTests:AppOpsUpgradeTest
Change-Id: I3ca555e9370aa0003400429ee7ab12e95c62a042
Update the documentation for settings-related and affiliation-related
methods:
* The methods for setting a global and secure settings are documented
to be mostly deprecated, because there are methods for the settings
that are honoured and some other settings no longer apply.
* The methods for setting affiliation or binding to a service on another
user can no longer work between a device owner and profile owner
since this combination is no longer a valid one.
Bug: 147795815
Test: manual, m update-docs
Change-Id: I316148cb1d90fbe94999f9d1c242f08554869e97
- SysUI can determine what to do based on the type of activity launched
(ie. expand PIP/Bubbles to fullscreen)
Bug: 148977481
Test: atest TaskStackChangedListenerTest
Test: Launch app in split primary, ensure launching app again triggers
recents
Test: Launch app in PIP, ensure launching app again triggers it to go
fullscreen
Test: Launch app in bubble, ensure launching app again triggers bubble
to expand
Change-Id: I754a71a72dd0e660930b19acbf9fe6ccbb453152
Added functionality to collect noteOp noteProxyOp startOp operations for permissions data validation, this functionality is for
developers and can be enabled by modifying the flag. This data will be utilized to ensure permissions are
requested only when necessary.
Bug: 150890258
Test: Manually tested on crosshatch to ensure files are
written/formatted properly with the necessary data and does not
interfere with normal behavior
Design Document: https://docs.google.com/document/d/1RRs3cPgCzF5S1TkTD11MBKJedUp2DAUEGtCQXtrk0XQ/edit?usp=sharing
Change-Id: Ia7fba6ec5e47b7ddd13ca964ae5f6c1afa1cc186
StatsLogInternal will be removed in R as part of statsd becoming a
Mainline mdoule.
Bug: 150630484
Test: m
Change-Id: I67481e85f98f6d84ae1dde28e2eabff485eebb36
In previous CL[1], WindowMetrics#WindowInsets is provided
with legacy insets, which are stable insets and system
window insets. With the new insets mode enabled, we
should provide insets with new insets API.
[1]: f65e022caa
Bug: 150095967
Test: atest WindowMetricsTests
Change-Id: I251313b4b8c033dbad8b54e58cd166e2e1665d37
This is no longer needed because native Incremental Service directly
uses IDataLoaderManager.
BUG: 150406132
Test: atest service.incremental_test
Test: atest PackageManagerShellCommandIncrementalTest
Change-Id: Idbde2988883becbf3eb707d42c0558774a6073e8
1. Clarify the distinction between the prioritized and non-prioritized
intents.
2. Make the priority ordering and choice of them more clear.
Test: make -j offline; preview updated docs for formatting.
Fixes: 150685399
Change-Id: I493bca75db44f25eedb07964e3dc8c8ab38827c2
When a service or activity attaches to a base context, add the
loaders from the application context to the base context. Activity
and service contexts are created before creating the Application
context, so in order to add the app loaders before the component
onCreate method is called, we must add the app loaders to the
component after the app has been initialized.
Bug: 148630842
Test: launch AppResourcesLoaders
Change-Id: I44aa718779c574094590d25fd839f1d9f9134edb
Bug: 150037560
Make HasSystemFeatureQuery static so that it does not retain a handle
to ApplicationPackageManager.
Test: Boot with an instrumented image to verify that caching still works
as expected. Took a heap profile to verify that there were no leaks in
the cache.
Change-Id: I2cd39a6dfab9cc1bf04bb7f55638a572213f04ce
This reverts commit c7956f0d91.
Reason for revert: Network access for ContentProvider will be broken by this change.
Bug: 149500958
Change-Id: I10337ab5840c517ec7712b0d2312a26cac6a4326
(cherry picked from commit 76ee3424c6)
The code for caching permission queries incorrectly used the UID of
the calling process instead of the Context UID when asking
PermissionManagerService whether a package (identified by name) has a
permission. As a result, permission checks produced incorrect results
for certain cross-user scenarios. This CL makes the checking UID part
of the package-name-based permission query.
Test: atest com.android.car.VmsPublisherSubscriberTest
Bug: 150172373
Bug: 150025558
Bug: 150140220
Change-Id: I903a9e79fbbba97ea987120066817eeea9b01d51
with appOp as String and options as Bundle
Bug: 139077993
Bug: 146423958
Test: Build
Change-Id: I5325e08d60016741139251813a5df9b42f2efc82
Merged-In: I5325e08d60016741139251813a5df9b42f2efc82
If a Resources object associated with an Activity has its underlying
ResourcesImpl changed to an impl that did not originate from
ResourcesManager, do attempt to propagate configuration change events
to the Resources object.
Bug: 148196042
Test: manual
Change-Id: I58cc03ae50f082f75e9ed181e0f0401f5890910b
statsd logs when an sensitive appop is accessed while a foreground
service is held. These appops include
OP_FINE_LOCATION
OP_COARSE_LOCATION
OP_RECORD_AUDIO
OP_CAMERA
It logs the number of times each of these appops is requested per session
during which the uid holds any foreground service.
Appops requested while the app's process state is TOP are ignored.
Also, the pre-existing ForegroundServiceStateChanged atom has an
additional field that logs whether the fgs is considered 'in-use' in the
context of being allowed while-in-use permissions.
Bug: 149497535
Test: atest UidAtomTests#testForegroundServiceState UidAtomTests#testForegroundServiceAccessAppOp
Test: manually monitor: adb shell cmd stats print-logs && adb logcat -v uid -s statsd | grep "statsd : {" | egrep '\((60|256)\)'
Change-Id: I991a427dc2ab00399188b10b266ab2d9aa92696d
Merged-In: I991a427dc2ab00399188b10b266ab2d9aa92696d
(cherry picked from commit 0c8637c067)
Cached call values are kept in ChangeIdStateCache (per-process cache).
Use "cache_key.is_compat_change_enabled" system property to
invalidate the cache (i.e. any value different from the last observed
will trigger an invalidation).
Any process can read that property, but only system server can change it.
Rolling forward the original caching with invalidating the cache upon
package install/update.
Tested fix locally by using the API in SoftRestrictedPermissionPolicy.java,
and running android.permission2.cts.RestrictedStoragePermissionSharedUidTest
which installs some apps with the same uid, which modifies the result of
isChangeEnabled. With the additional cache invalidation the test passes.
ToDo: add CTS test for the caching.
Bug: 140441727
Test: atest PlatformCompatTest
Test: atest CompatConfigTest
Test: atest CompatChangesTest
Test: atest PlatformCompatGating
Change-Id: I0265df1c427b43592e4f4d32fe9cfeb8fbc1bfa9
