If a UID is idle (being in the background for more than
cartain amount of time) it should not be able to use the
camera. If the UID becomes idle we generate an eror and
close the cameras for this UID. If an app in an idle UID
tries to use the camera we immediately generate an error.
Since apps already should handle these errors it is safe
to apply this policy to all apps to protect user privacy.
Test: Pass - cts-tradefed run cts -m CtsCameraTestCases
Added - CameraTest#testCameraAccessForIdleUid
Change-Id: If6ad1662f2af6592b6aca1aeee4bd481389b5e00
Adds the ability for another app to control an entire app
transition. It does so by creating an ActivityOptions object that
contains a RemoteAnimationAdapter object that describes how the
animation should be run: Along of some meta-data, this object
contains a callback that gets invoked from WM when the transition
is ready to be started.
Window manager supplies a list of RemoteAnimationApps into the
callback. Each app contains information about the app as well as
the animation leash. The controlling app can modify the leash like
any other surface, including the possibility to synchronize
updating the leash's surface properties with a frame to be drawn
using the Transaction.deferUntil API.
When the animation is done, the app can invoke the finished
callback to get WM out of the animating state, which will also
clean up any closing apps.
We use a timeout of 2000ms such that a buggy controlling app can
not break window manager forever (duration subject to change).
Test: go/wm-smoke
Test: RemoteAnimationControllerTest
Bug: 64674361
Change-Id: I34e0c9a91b28badebac74896f95c6390f1b947ab
+ Assign permission android.permission.STATSCOMPANION to statsd
+ Fixes in StatsCompanionService to allow statsd to get uid mapping
Test: manual
Change-Id: I3e6ca79eefed7f93a4588578c156321c4c278fd3
We recently created a new GID that can be granted to critical system
processes, so that the system is usable enough for the user to free
up disk space used by abusive apps.
Define a permission for the GID so we can grant it to system apps,
and add the GID to core apps needed for system stability. (The list
was mostly derived from filling a disk and seeing what caused the
device to fall over.)
Test: builds, boots
Bug: 62024591
Change-Id: Icdf471ed3bed4eeb8c01f1d39f0b40c1ea098396
This permission is needed for displaying the WIFI MAC address.
Bug: 70638295
Test: Wifi network details page shows the wifi MAC address.
Change-Id: Iaa595d520abf36ba55cfa9e888b169baae6ea1fb
This permission used to be Settings. With new settings suggestion
system we need the permission in the unbundled app (SettingsIntelligence)
Bug: 69427300
Test: rebuild
Change-Id: Iaf8dd3281f4cdf5460dd544f50391ca241716d37
If a UID is in an idle state we don't allow recording to protect
user's privacy. If the UID is in an idle state we allow recording
but report empty data (all zeros in the byte array) and once
the process goes in an active state we report the real mic data.
This avoids the race between the app being notified aboout its
lifecycle and the audio system being notified about the state
of a UID.
Test: Added - AudioRecordTest#testRecordNoDataForIdleUids
Passing - cts-tradefed run cts-dev -m CtsMediaTestCases
-t android.media.cts.AudioRecordTest
bug:63938985
Change-Id: I15264c5c4b47813ca60280bce30b22b8b1f87eab
This permission used to be Settings. With moving ranking to
SettingsIntelligence we need to move permission whitelisting as well
In a follow up we will remove the permission from Settings list.
Bug: 65065268
Test: flash with a clean build
Change-Id: I81fafe0b390df5990989da81629e4c6d67f1480a
Allows a privileged app to set standby bucket states for apps.
Bug: 63527785
Test: adb shell am set-standby-bucket com.example.foo 0
Change-Id: I613f8872ae816e39b167aad1c289187362aa6094
Optional message that lives under the clock and also
in AoD. Implemented using a slice.
Test: launch sysui, look at the date in AoD
Test: runtest -x packages/SystemUI/tests/src/com/android/systemui/keyguard/KeyguardSliceProviderTest.java
Change-Id: I9dbc827bd48c6a3d1b25b0a481ffaecc0dd37f25
Permission grant changes need explicit approval from product and
SWE leadership to ensure that CTS/CDD requirements are met.
Change-Id: I0a84712b5c5b4e11e72bf5921b72ef6a47e7fdc1
Some apps in frameworks/base are only included in AOSP targets and
discrepancies weren't discovered by CI tests.
Test: manual
Bug: 67718369
Change-Id: If88aa90f4dcab51b6e11562cadbe003948b6c149
Test: reboot device - no crashes
Test: Ran privapp_permissions.py for fugu/marlin/taimen
Bug: 64693550
Change-Id: I9522ccaa75858b9a3d153c95c529eff70cd13994
Updated data/etc/platform.xml to make the org.apache.http.legacy library
usable by applications. The runtime location of the
org.apache.http.legacy library is
/system/framework/org.apache.http.legacy.boot.jar not
/system/framework/org.apache.http.legacy.jar.
Stop removing org.apache.http.legacy from the required and optional
shared library lists and instead add it to the required list if it is
not present in either and the package is targeted at SDK
version <= O_MR1.
Bug: 18027885
Test: make FrameworksCoreTests, install and run
Change-Id: I686e3c20f5860e58825e1b88f220f9b8c335849c
This is needed for calling AM.registerUidObserver.
Fixes: 64400666
Test: cts-tradefed run singleCommand cts-dev -m CtsAppTestCases -t \
android.app.cts.ActivityManagerProcessStateTest
Change-Id: I4f500d0d8d516b6b8961ea2f8c083add3ae949a9
Currently audio effect panel can't receive session
intent if app targetSdkVersion is Android O or later.
Because the intent is limited on background.
However this kind of application needs to receive
the intent when application plays music.
Bug: 62777192
Test: manual
Cherrypick of partner CL 870245
Change-Id: Ibcebb938fa9177a9b0a7be079b1c7374ba9424ee
1. new actions to allow default carrier app dynamically enable/disable
app-link filtering
2. new intent to notify registered carrier apps of other default
networks
3. signal-to-actions config to sepcify carrier actions on default
network change
default network available -> disable intent filter for app-link
defaut network lost -> enable intent filter for app-link
4. new carrier actions to allow carrier apps to register/unregister
other network status dynmacially
Bug: 62487488
Test: Manual
Change-Id: Ie9fa9f3f4ca38f9f26a90a3dbf95f7f20a8ad773
This is a backwards incompatible change against System API,
but as there are no existing radio apps, nobody uses it.
Bug: b/63405337
Test: manual
Change-Id: Iaf6085914434be01e1c1e363609e5b0087ffe127
1. Added permission ACTIVITY_EMBEDDING which allows apps to launch
activities on virtual displays.
2. Allow owner of display to launch activities from same app without
permission check to owned display.
3. Added permission checks for launching on secondary displays to
more target task/stack resolution paths in ActivityStarter.
Bug: 63117330
Test: android.server.cts.ActivityManagerDisplayTests
Test: go/wm-smoke
Change-Id: If169a77fb56241e06f7de20168dc38c4b0a217f5
(cherry picked from commit 7158764983)
The UPDATE_DEVICE_STATS permission has become the de-facto mechanism
that platform components use to shift blame for resource usage, so
it's confusing to also have a separate MODIFY_NETWORK_ACCOUNTING
permission. So this change replaces MODIFY_NETWORK_ACCOUNTING with
UPDATE_DEVICE_STATS.
Bug: 62483389
Test: builds, boots
Exempt-From-Owner-Approval: Bug 63673347
Change-Id: I872759f02327b6d531ec2338bd876890aded60ad
This is needed in order to make the following manifest entry work
properly.
<uses-library android:name="android.test.mock"/>
Tested by adding the entry to an APK and installing it which caused an
error about an unknown library. Then updated this file, rebuilt,
reflashed and installed APK again at which point it worked.
Follow up change to cts/tests/signature will add proper test for this
library.
Bug: 30188076
Test: see above
Change-Id: I630b7bc48a50ab1c52bb5feed54c2e4deb876339
Grant "READ_NETWORK_USAGE_HISTORY" permission to phone because
"Datat usage" button summary needs it. Settings provides new
intent to open mobile data usage page.
Bug: 62201918
Test: Manual
Change-Id: Ie317109c723f3946ace4d34c743081a7ae046462
SystemUI needs to be able to enable and disable
overlays in order to invert text and surface colors.
Bug: 38164700
Test: make
Change-Id: I7685d5fddb5a476e10012dab2d6e7ee5da206f80
This CL is in support of another CL c/2048848, topic
'Refactor hid command in /frameworks/base/cmds'
in internal master. Adding the permissions for bluetooth
devices here to access uhid_node as part of the new 'uhid'
group.
Bug: 34052337
Test: Tested on angler, bluetooth mouse works OK.
Change-Id: I63963984a0a3dccb4fccc64bb6fef4e809e2737e
...starting services from jobs
Bring back the correct bg check restrictions on jobs, but also
bring back whitelisting of dmagent so it doesn't crash.
Test: booted and ran
Change-Id: I78892386bdcd4f39e0b1a6d33b224bdff958af37
