The Permission Controller app (a mainline module) needs to be able to
read the SPLIT_PERMISSIONS. Hence this array needs to be exposed at
least as system-api. We need to make sure that the PackageParser,
PackageManager and Permission Controller app agree on which permissions
are split, hence it is best to define them at a single location.
I think exposing the split permissions to developers is useless and
potentially confusing. The app should never request a permission that
was split. The app should just behave as if split permissions do not
exist. The Permission Controller / Package Manager deal with the
split permissions and add them when needed. Hence I don't think we
should expose this data to 3rd parties.
Bug: 110953302
Test: requested permissions
Change-Id: I6951c52979c89ee5c13a4a14da125e1a01f2e234
The path-permission element offers prefix or regex style matching of
paths, but most providers internally use UriMatcher to decide what
to do with an incoming Uri.
This causes trouble because UriMatcher uses Uri.getPathSegments(),
which quietly ignores "empty" paths. Consider this example:
<path-permission android:pathPrefix="/private" ... />
uriMatcher.addURI("com.example", "/private", CODE_PRIVATE);
content://com.example//private
The Uri above will pass the security check, since it's not
technically a prefix match. But the UriMatcher will then match it
as CODE_PRIVATE, since it ignores the "//" zero-length path.
Since we can't safely change the behavior of either path-permission
or UriMatcher, we're left with recovering these shady paths by
trimming away zero-length paths.
Bug: 112555574
Test: atest android.appsecurity.cts.AppSecurityTests
Test: atest FrameworksCoreTests:android.content.ContentProviderTest
Change-Id: Ibadbfa4fc904ec54780c8102958735b03293fb9a
Fixes: 112570477
Test: BiometricPromptDemo works
Test: Able to get/use BiometricManager
Test: Tested with enrolled and non-enrolled biometrics
Change-Id: I26231894eccc87c42b5b3007aa0b7c6f09830452
This is in preparation for BiometricManager. Each Manager should have its
own Service.
Bug: 112570477
Test: BiometricPromptDemo works
Change-Id: Ibbbd499a0fd5a2050b329ee038776c6c9f49cdb2
This reverts commit fa894222e6.
Reason for revert: Resubmitting in a topic with the fix for the bug that required the revert
Change-Id: Ia70f966c8757f340ceb14f187e9726c12457403a
If an app was in the TOP state and immediately moved
to a foreground service state, then try harder to keep it
in memory for another 20 seconds before releasing the
memory to bound foreground services. Using an oom_adj value
of 50 which is between "fore" and "vis". So BFGS apps might
get killed ("vis") before this recently FGS'ed app. That
way any app that has a lot of state in memory that it needs
to persist before getting killed has a chance to do so.
Also bind NotificationListeners with a special bind flag
to rank them below FGS (perceptible adj) so that they
can be killed before any other foreground services or
bound services get killed.
Bug: 110969183
Test: Manual for now. Take a bunch of portrait
pictures and hit home, while being under memory
pressure with a bunch of notification listeners.
Change-Id: Ie8934c2331afe6450c582b209869aeca7272f58a
Based on some analysis, these fields/methods are likely false positives.
Set maxTargetSdk=P so that any apps using them are required to migrate off
them in future. See the bug for more details.
Exempted-From-Owner-Approval: Automatic changes to the codebase
affecting only @UnsupportedAppUsage annotations, themselves added
without requiring owners approval earlier.
Bug: 115609023
Test: m
Change-Id: I719b5c94e5b1f4fa562dd5d655953422958ad37e
This is a refactoring that should help us eventually split
DefaultPermissionGrantPolicy away from package manager
Specifically, this CL:
- Removes usages of PM-internal APIs from DPGP, such as
PackageParser.Package and PackageList
- Introduces APIs in PackageManagerInternal to replace the above
- Removes PackageManagerService as a middleman for default
sms and dialer app changes
This intentionally doesn't move DPGP yet, to make it easier to review what actually changed
Test: gts-tradefed run gts -m GtsPermissionTestCases -t com.google.android.permission.gts.DefaultPermissionGrantPolicyTest
Change-Id: Iff5b1a6b97888c496d982cf2ce656b58ed0a31a6
The PermissonController is going to become a mainline module, hence it
has to compile against @SystemApi. Hence all APIs needed have to be
upgraded.
Bug: 110953302
Test: Built
Change-Id: I329e062040bdb6dc20fd65baf71e025338d01c4e
This saves users from having to create a TypedValue, calling getValue, and then pulling out the float manually.
Test: none, just exposing existing functionality
Bug: 37116599
Change-Id: Ie4fcf51d64ec6113148e1fbf3c199cfff028f579
We created this API to make it easy to pass a given UserHandle into
all Managers obtained from a given Context, which works great for
"normal" users, but we should also support special users like ALL
and CURRENT.
Also add an AutoCloseable marker to make try-with-resources easier.
Bug: 112153259
Test: atest android.content.cts.ContextTest
Change-Id: I261dfcc5cfdfc76bda5d70181785e11c2715a558
These two libraries:
android.hidl.base-V1.0-java
android.hidl.manager-V1.0-java
are being removed from BOOT_JARS. This change facilitates linking to them
for libraries or prebuilts in or before P.
Test: atest android.content.pm.AndroidHidlUpdaterTest
Bug: 77307025
Change-Id: Ic0db24cc68d66f5dbfab126ce7e304eec0bfc969
