Privileged apps can now be located in the vendor partition. This is
mainly to move SoC-dependent apks to the vendor partition so that the
system partition becomes more generic.
Like existing privileged apps in the system partition, the list of
privileged apps in the vendor partition and the permissions they are
using must be white-listed. The whitelist can be specified via
<privapp-permissions> tags in one of /vendor/etc/permissions/*.xml
files. Note: vendors can only white-list the apps in vendor partition,
but not the apps in system partition.
This change also introduces a new flag 'vendor-privileged' to the
permission protection level. It is used to expose platform-defined
permissions to the privileged vendor apps. If a platform permission does
not have this flag, it is not granted to vendor apps even when the app
is privileged and white-listed.
Bug: 35301609
Test: `mm` under frameworks/base/tests/privapp-permissions
adb sync && adb reboot
adb shell cmd package \
com.android.framework.permission.privapp.tests.vendor
shows that the app is installed.
android.permission.BIND_IMS_SERVICE is in the installed permissions list
android.permission.MANAGE_USE is not in the installed permissions list,
but is in the requested permissions list.
Change-Id: I196375aaaa9ea3a2ba15686ef08cf3f70ade7046
When emitting a method or field, verify that we're able to reference
all mentioned types. This ensures that we don't accidentally
reference undefined classes/interfaces.
Test: manual inspection of API files
Bug: 69791141
Change-Id: I84e0c87fe83daa118661f61dbdf17b58ea5282d4
In several locations we were passing both a parsed Package object
and a scanFile File object. But, the Package object was parsed from
the scanFile! Instead, just pass the singular Package object and
pull the scanned file from it.
Bug: 63539144
Test: bit FrameworksServicesTests:com.android.server.pm.
Change-Id: Ibd200fb567e005869de61d9c123f211fa9a38f0a
Parse flags are often used confusingly to control policy during
APK parsing. Additionally, some flags [such as PARSE_IS_PRIVILEGED
or PARSE_IS_SYSTEM] aren't always determined based upon APK location
[they change based upon which apps are installed]. This means we
have to perform some gymnastics to set them correctly _before_
parsing a package.
Instead, these should be scan flags that can be determined at a
later point during package parsing. Then, based upon the scan flag
we apply policy on the package object to create the resulting
data structures.
Bug: 63539144
Bug: 69663125
Test: Manual; it builds, runs and applications can be installed / removed
Test: bit FrameworksServicesTests:com.android.server.pm.
Change-Id: I53fb18e58544e0a39f35eb6fb53c950e5c696aee
Adds publicly-visible API for compile SDK version and codename. AAPT2 does
not support these yet, but that will be included in a follow-up CL.
Also refactors the Unsupported Display Size dialog out to a generic app
warnings manager class and fixes a bug there where the "always show"
preference was not persisted.
Improves documentation around threading and concurrency guarantees.
Bug: 64107584
Fixes: 68995409
Test: CtsActivityManagerDeviceTestCases
Change-Id: Ic86efa554b8b1caf80e5e004fda897d3483a68e8
Modify "cmd package bg-dexopt-job" to accept an optional list of
packages to run bg-dexopt on to help with testing.
Test: make && flashall && automated tests (ag/2959616)
Test: adb shell cmd package bg-dexopt-job
Test: adb shell cmd package bg-dexopt-job pkg_name
BUG: 64807719
Change-Id: Ibf1fda88810dd4ec19fbbfe3322c35b201727707
Also removed everything needed only for this path
Test: Installed app via package installer, adb, google play store
Bug: 65261282
Change-Id: Ia8a03fa5900687cd2adf844ba7e6c07e0537382e
Tried to find the right middle ground in between
- not exposing potentially changing implementation details
- being clear on what it is for and what not
- being too alarmist vs. being to weak
Test: compiled
Bug: 69177691
Change-Id: Ifb40e350a18bf72c113229f31e129b7e8fdacd2a
This API will primarily be used by GmsCore to send updated configs.
Also, sending a config will implicitly notify the StatsD that this
client wants to know when it should request data for this config.
We send a broadcast so that all interested subscribers can know if
data needs to be pulled.
Test: Manually tested that sending broadcast works via new adb
command added in StatsService.
Change-Id: I23cdd1df706036e14b32c3d01af30c3d4af819fa
Redirect developers to use the Support Library
versions of Fragments and Loaders to ensure that
they get consistent behavior across versions of
Android and all devices as well as access to
Lifecycle improvements.
Test: Confirmed APIs deprecated in current.txt
BUG: 68381801
Change-Id: I58ec599e557fc93c8547c45ba7c9ced96b0c8616
ContentProviderClient has a nice setDetectNotResponding() method
that detects hanging calls to remote providers, and it can trigger
an ANR to kill the app and release the blocked thread.
We typically don't want to perform blocking calls from the system
server, but we're okay allowing them on CPCs that are using
setDetectNotResponding() to watch for hung clients.
Test: builds, boots
Bug: 69128093
Change-Id: I223aaf1d0cef0f8dee28f800d9e3c101d7449952
Network security watchlist service is a service to monitor all potential
harmful network traffic. By setting a network watchlist, any connections
that visit any site from watchlist will be logged.
Logs will be aggregated everyday and encoded using differential
privacy before exporting it from framework.
This feature is disabled now, run "setprop ro.network_watchlist_enabled true" to enable it.
All network events are handled in an async bg thread, it should not
cause any delay in netd. Also, it uses the hooks in enterprise network logging,
so we can run netd_benchmark to measure the impact to netd.
Here are the things not included in this CL:
- ConfigUpdater to get and set watchlist
- Differential privacy encoding logic and reporting
- CTS
- Memory and performance optimization for internal watchlist data structure
Test: manual - turn on the feature, hard code a watchlist xml, process
that visited that domain is being logged in sqlite.
Test: run netd_benchmark - seems no obvious performance change.
Test: bit FrameworksCoreTests:android.net.NetworkWatchlistManagerTests
Test: runtest frameworks-net
Test: runtest frameworks-services -p com.android.server.net.watchlist
Bug: 63908748
Change-Id: I09595178bac0070a867bc5e0501a7bf2c840e398
