* changes:
Add a TunerResourceManagerService as an Android System Serivce.
Add Lnb related APIs into the TunerResourceManager interface
Add Cas related APIs into the Tuner Resource Manager
Adding ITunerResourceManagerService interface into android.media.tv
v4 is a streaming add-on to the existing v2/v3 schemas.
Flow:
- APK is signed with v2/v3 and v4 signature blocks,
- on installation, v4 signature bytes are stored next to the APK in
hidden block,
- on each read from APK, kernel verifies the v4 signature using
fs-verity-like code,
- on parsing/verification, we extract certificates from kernel and
compare them with certificates extracted from v2/v3 signature block.
By doing this we are making sure that v4 signature is produced by developer and original APK bytes are not changed.
Test: atest PkgInstallSignatureVerificationTest
Bug: b/136132412 b/133435829
Change-Id: Ia2a56c82c9864bf65e1338700dfe51abf6800deb
This mean both switch on/off and add/remove profiles.
The broadcasts already exists for registered receivers, this adds them
for manifest receivers with INTERACT_ACROSS_PROFILES permission and
crossProfile attribute.
The MANAGED_PROFILE_REMOVED broadcast is sent to all application with
android:crossProfile="true". Any cross profile app may be impacted, and
there is no possible transfer of information as the account is already
deleted at the time the signal is emitted.
Change-Id: I17fb9a01b70b28845c5d6aacdcdd497a82391474
Fix: 145135525, 145598120
Test: Demo-app using Digital Wellbeing (automated test underway).
Test: atest com.android.cts.devicepolicy.CrossProfileAppsPermissionHostSideTest
Test: atest 'com.android.cts.devicepolicy.QuietModeHostsideTest#testBroadcastManagedProfileAvailable_withCrossProfileAppsOp'
Test: atest 'com.android.cts.devicepolicy.QuietModeHostsideTest#testBroadcastManagedProfileAvailable_withoutCrossProfileAppsOp'
This service is used to interact with TunerHAL interface and the Tuner
framework to manage the Tuner resources currently used on the device.
Tuner framework claims resource from this service. The service will
handle the requests from multiple applications based on their priority.
Sepolicy changes are in https://android-review.googlesource.com/c/platform/system/sepolicy/+/1161873
Test: cuttlefish
Bug:
Change-Id: Ifedc4e6f120e711aadffdf715d8720e0b64fbe16
This is a follow up CL to a CL [1] that added one more state dump from
ApplicationInfo but forgot to take care of prefix handling.
[1]: I11b5d9919e4463cdaf89826360bc12ae68dbd0af
f9b99f5fa1
Bug: 142538125
Bug: 142537267
Test: Ran the following command to see "crossProfile"
is aligned with other outputs from ApplicationInfo.
adb shell dumpsys input_method
Change-Id: I629d4653b0d9109615feb02718d1228cf4f850d7
This is required for the provisioning cross-profile consent screen which
is used to take some apps off INTERACT_ACROSS_USERS.
Hidden API CrossProfileApps#setInteractAcrossProfilesAppOp is changed
from requiring the broad app-op permissions to requiring
CONFIGURE_INTERACT_ACROSS_PROFILES. It then clears identity before
calling into AppOpsManager. For convenience, we also allow apps (such as
Settings) with the broader app-op permissions to continue to call this
method; in that case, we simply don't clear the identity and let
AppOpsManager check the permissions (so we allow AppOpsManager to set
the requirements if you don't have the new
CONFIGURE_INTERACT_ACROSS_PROFILES).
The CL also adds 'withCleanCallingIdentity' support to
CrossProfileAppsServiceImpl and moves over existing calls.
Bug: 136249261
Bug: 140728653
Test: atest --verbose com.android.managedprovisioning.provisioning.crossprofile.CrossProfileConsentActivityRoboTest
Change-Id: Ibd304563dd1ef5f16784e3502be5ef1ec4675b63
1. Add a new formula type "INSTALLER_ALLOWD_BY_MANIFEST" that evaluates to true
when installer is specified in the manifest.
This CL only adds this class without actually removing the part where we
propagate allowed installers. That will be changed in a new CL.
2. Change the AppIntegrityComponent API so that it is type-safe.
Test: atest frameworks/base/services/tests/servicestests/src/com/android/server/integrity
Test: atest frameworks/base/core/tests/coretests/src/android/content/integrity
Bug: 148780440, 147835536
Change-Id: Icfb996b2f6de241d9790a423dd01992edaf35117
Revert "Adjust monkey to changed internal APIs"
Revert "Test featureId is correctly used in startActivity"
Revert submission 10111030-activityStarter_featureId
Reason for revert: presubmit test breakage
Reverted Changes:
Ic7056b492: Activity start: Send featureId from context->AppOp...
I8e2a07da7: Adjust monkey to changed internal APIs
I7a6af6fb1: Test featureId is correctly used in startActivity
Change-Id: I48c55a962c990b22ea49e923baa7c73b121d179b
- passing V4 signature to IncFS,
- cleanup and use InstallationFile everywhere,
- pass params to DataLoader creation,
- minor refactor for PackageManagerShellCommandDataLoader to prepare for
Incremental data loading.
Test: atest PackageManagerShellCommandTest
Bug: b/136132412 b/133435829
Change-Id: Iacc3e4c51c0fa3410b076147ce153a1303246189
for the case that there might be multiple certificates signing the app.
Bug: 148373316
Test: atest frameworks/base/core/tests/coretests/src/android/content/integrity
Test: atest frameworks/base/services/tests/servicestests/src/com/android/server/integrity
Change-Id: Ic1e86aeff6c087266739682fe4fe206200a87420
The expected usage pattern for noteOp is to get the
Context#getOpPackageName() and Context#getFeatureId() in the calling app
and the call
noteOp(callingPackageName, Binder.getCallingUid(), callingFeatureId)
As the featureId parameter is new this parameter has to been piped all
through from the ...Manager classes running in the app all way deep into
the bowels of the system server.
There is a special featureId==null for the "default" feature. This is
used in two cases:
- In case the system server (packageName == null || packageName ==
"android") makes a call
- In the case there is no caller. In this case I left annotations in the
code to make clear that the default feature is used
Raw binder interfaces (defined in AIDL files) are not supposed to be
used by apps. Still historically this has happened and we ended up with
@UnsupportedAppUsage tags in these files. Also AIDL does not support
two methods with the same name but different parameters. I.e. in the
case when I had to add a paramater to a method tagged as UnsupportedAppUsage I
- created a new method ...WithFeature with the additional paramter
- set a maxTargetSDK for the old method and mention the public API to
use in the deprecation method
This is really not pretty. Once there is no more app using the old
internal API this hack can be removed.
Additionally this change removed all internal calls to
AppOpsService.noteOperation and AppOpsService.checkOperation and
replaces them with the public API equivalent. This sometimes means to
move the resolution of the mAppOpsManager to be lazy.
Exempt-From-Owner-Approval:: Just piping through arguments
Bug: 136595429
Test: atest --test-mapping frameworks/base/services/core/java/com/android/server/am/
atest CtsAppOpsTestCases added test to cover activity start
atest WmTests
Change-Id: Ic7056b492cb1c9a79158e6c2b4864898a0eb5b2a
This change adds support for the <provider> tag inside of the <queries>
tag to support more succinct declaration that an app would like to see
the provider of a given authority.
Test: atest AppEnumerationTests AppsFilterTest
Bug: 136675067
Change-Id: Ie0f73213fae7a3a0619238e44063d4e5be157201
Also, extends the client-side timeout to match that
in ActivityManagerService.
Test: atest FrameworksCoreTests:android.content.ContentResolverTest
Fixes: 148987678
Change-Id: I1daf8625bd0306cc6f6f08c3268fa191d37bda7a
We want the default state to be whitelisted and have the installer
manage un-whitelisting.
Test: lint/presubmit
Bug: 146513245
Change-Id: I993d273bdbd130b59da7c1c81283d6c2c40c379c
* changes:
Rewrite handling of failed sessions (2/n)
Rewrite the broadcast receiver for ACTION_CANCEL_ENABLE_ROLLBACK (1/n)
Remove #mNewRollbacks (10/n)
Put rollbacks into #mRollbacks (9/n)
Add a flag to facilitate merging 2 rollback collections (8/n)
Now we check Rollback#isNewRollback for rollbacks that were originally
in #mNewRollbacks.
for (Rollback newRollback : mNewRollbacks) {
// Do something with newRollback...
}
will be replaced by:
for (Rollback newRollback : mRollbacks) {
if (newRollback.isNewRollback()) {
// Do something with newRollback...
}
}
Since mRollbacks includes new rollbacks, be careful not to apply
operations not appropriate to new rollbacks when iterating over
mRollbacks. Luckily most of the code is future-proof that needs no
changes.
Note now #mNewRollbacks is always empty. We will remove it in the next
CL.
Bug: 147400979
Test: atest RollbackTest StagedRollbackTest
Change-Id: Ia3a4116b352228adc0b152d42c85920f375beb28
Currently, every build a developer creates will be verified
against the Play Store verification system. For developers, this
is a completely useless step, takes up resources, and eats into
iteration time.
This CL disables verification for debug development builds that
are reinstalled over ADB. This keeps users who install OTA safe,
and lets devs avoid the cost of verification.
There is no reduction in safety for the end user as:
1) Verification can only be skipped when installing over ADB and
the "-t" as well as the new "--disable-verification" flags are
specified ("-t" isn't strictly necessary).
2) The user can already disable verification over ADB by simply
setting a flag.
Test: atest PackageVerifierTest#testAdbSkipVerification
Bug: 138672462
Change-Id: Id0bef5126f2fb49a8e30fc235193636a1c2bab2e
Feature is present if ro.incremental.enable set to true.
Test: builds
Bug: b/136132412 b/133435829
Change-Id: I99ad307cbd3428e0b3964a369930658ee1c8ac0f
Because we care if they break.
Putting the change here because this covers changes in at least
android/content/pm and services/core/.../pm (the latter has a
TEST_MAPPING that imports this one).
Test: atest :postsubmit
Bug: 137951074
Change-Id: Ie03397c857d6a94702549ba325631558ed04a9db
This API is used by the GTS to check mainline modules distributed as
apk-in-apex are included in the whitelist.
Bug: 148386485
Test: N/A (included in another CL)
Change-Id: I25b1c0703e3f345756a5ba91de070025042714f4
