The value of the field will be verified in CTS.
Bug: 112837428
Test: atest CtsActivityManagerDeviceTestCases
Change-Id: I7f8e4b20c75077c77f4d723946d6596737523479
This intent action will be used by Settings to launched the new
special app access list UI in PermissionController.
Bug: 110557011
Test: build
Change-Id: Ib3570cf8110d75e443e2c3d63eecea0aa6eaee5c
The manifest permission usage info declarations are limited in what they
allow the applications to specify. Applications can have an activity for
that handles this intent in order to provide free form application
specific details such as privacy policies, specific examples, etc.
Test: API definition, usage will follow
Bug: 111207567
Change-Id: I90b292e4c1cb8847a9a9d7b8071aaff2ee7d11fb
* changes:
Add test for multi-package rollback.
Fix bug where RollbackManagerService ignores package name.
Add test for user data rollback.
Move rollback manager implementation to RollbackManagerServiceImpl
Don't expose RollbackManagerService's internal Handler.
Make RollbackManager @SystemApi.
Known files (e.g. base apk, split apks and dex metadata) in installer
session can now be optionally installed with fs-verity signature
(PKCS#7) stored in the corresponding file with addional extension of
".fsv_sig".
For example, fs-verity signature files of foo.apk of foo.dm are
foo.apk.fsv_sig and foo.dm.fsv_sig, respecitvely.
Test: adb install-multiple with .fsv_sig
# with change in adb to accept .fsv_sig, see the setup happened
Test: adb install-multiple with missing .fsv_sig
# failed as expected
Test: atest com.android.cts.dexmetadata.InstallDexMetadataHostTest
Test: atest android.appsecurity.cts.SplitTests # same pass/fail
Test: atest com.android.cts.apkverity.ApkVerityTest # test WIP
Bug: 112037636
Change-Id: I109f580f637f1f538d0bf0bfacb499702dd72937
As this has already evolved from just presenting data. In the future any
permission related calls to the permission controller will be added here.
As the calls are protected by different permissions the binding will not
require a permission anymore, but each individual call checks the
permission.
Bug: 120221960
Test: Looked at settings UI showing data from this interface
Change-Id: I6b4a5c3b7ee17b145e11e2c1b6e11a8a232bffed
This attribute is default to false, and if set to true, indicates that
the app wants to run with strong integrity guarantee currently the
platform can provide the best.
In this change, this flag implies that on install time,
1) .dex and .so must be stored uncompressed and aligned to install
2) android:extractNativeLibs must be false to install
At run time, ART will run from the dex within the APK directly, and NDK
libraries will be mapped directly from the APK. This way, thest files
stay protected by signature.
The attribute currently stays in private to make development progress.
We plan to make it public once we confirm the demand from some apps.
Test: atest AppIntegrityTest (to be added in ag/5554864 after publicized)
Bug: 112037137
Change-Id: Ifde90cb0666fbb57e8b61f90b4ba1a2dd2a2b4ae
Require callers hold a new MANAGE_ROLLBACKS permission to interact with
the RollbackManager.
Bug: 112431924
Test: atest RollbackTest, with new test for permissions added,
and with selinux in permissive mode.
Test: atest CtsPermission2TestCases:PermissionPolicyTest
Change-Id: I73f4f3457d85be580670cd69c89066d2cc348186
This change adds RollbackManagerService as a new system service for
managing apk level rollbacks.
To work properly this requires additional selinux policy changes. Fails
gracefully in case of selinux denials, until we have a chance to sort
out the proper selinux policy.
Bug: 112431924
Bug: 116512606
Test: atest RollbackTest, with selinux enforcement off.
Test: atest CtsPermission2TestCases:PermissionPolicyTest
Change-Id: Id72aae9c4d8da9aaab3922ec9233ba335bc0198f
Members modified herein are suspected to be false positives: i.e. things
that were added to the greylist in P, but subsequent data analysis
suggests that they are not, in fact, used after all.
Add a maxTargetSdk=P to these APIs. This is lower-risk that simply
removing these things from the greylist, as none of out data sources are
perfect nor complete.
For APIs that are not supported yet by annotations, move them to
hiddenapi-greylist-max-p.txt instead which has the same effect.
Exempted-From-Owner-Approval: Automatic changes to the codebase
affecting only @UnsupportedAppUsage annotations, themselves added
without requiring owners approval earlier.
Bug: 115609023
Test: m
Change-Id: Ia937d8c41512e7f1b6e7f67b9104c1878b5cc3a0
Merged-In: I020a9c09672ebcae64c5357abc4993e07e744687
Members modified herein are suspected to be false positives: i.e. things
that were added to the greylist in P, but subsequent data analysis
suggests that they are not, in fact, used after all.
Add a maxTargetSdk=P to these APIs. This is lower-risk that simply
removing these things from the greylist, as none of out data sources are
perfect nor complete.
For APIs that are not supported yet by annotations, move them to
hiddenapi-greylist-max-p.txt instead which has the same effect.
Exempted-From-Owner-Approval: Automatic changes to the codebase
affecting only @UnsupportedAppUsage annotations, themselves added
without requiring owners approval earlier.
Bug: 115609023
Test: m
Change-Id: I020a9c09672ebcae64c5357abc4993e07e744687
The app is not started yet, and does not contain any service for now.
Test: built, booted
Bug: b/112869080
Change-Id: Id5a0fd02c891100e85d86b1040e53beec3581950
extras == null is documented to result in all extras being
erased, and the implementation handles it correctly. The
@NonNull annotation on Bundle extras is therefore wrong.
This CL replaces it with the correct annotation, @Nullable.
The incorrect annotation was introduced in April 2017
(commit 30e06bb668). I've
looked through the other changes to Intent.java in that
commit but have found no further nullability annotation
errors.
Bug: 121438778
Test: Treehugger
Test: Looked through the other nullability annotations on
Intent.java introduced by the same commit
30e06bb668 (Apr 2017)
but found no further errors.
Change-Id: Iebbe17abc5c97146533e82114fbaf1d7036fd03a
This change breaks current modification of shared lib state in the
system into object creation and a commit step so that multiple packages
may be interrogated before committing anything to the system.
Change-Id: I466d588be3e9690cffc8a04e025145d747fcbb2f
Bug: 109941548
Test: atest StaticSharedLibsHostTests
Bug: 118865310
Bug: 112669193
Bug: 120487127
Test: wrote small app to receive broadcast, ran adb install --staged
some.apk and verified that the broadcast is received successfully.
Change-Id: Ib8672a03a0e7033bcdc0ffbbbb5c65b8929e8e08
Test: Manual inspection of the code and javadocs to make nullability
annotations reflect the state of these methods.
Change-Id: I0baac0549c274213d99c7169033052c996eab122
The state is only kept up-to-date for staged sessions. Clients are in
charge of checking whether the session has the isStaged bit set, before
considering reading the StagedSessionState associated to that session.
Test: retrieved mock staged session from a small app and verified state
is correctly set.
Bug: 118865310
Bug: 112669193
Bug: 120487127
Change-Id: I03590476dc353fee6d6edffb7ae579a9f9664664
Add a new config value for recording the component name of secondary
launcher.
This secondary launcher with corresponding launch mode set in
AndroidManifest could be used on secondary displays that support system
decorations.
OEMs can easily replace their own secondary launcher by overlay it.
Bug: 118206886
Bug: 111363427
Test: atest RootActivityContainerTests
Test: atest ActivityManagerMultiDisplayTests
Change-Id: Iceab096fd369127231f2085313ee617c7cdea226
Taking a list of packages to reduce the number of IPCs the
client has to make.
Test: atest GtsSuspendAppsTestCases:SuspendPackagesTest
Bug: 120908380
Bug: 117968270
Change-Id: Ife7a6acfe2f21e7f4419bcf67630e7b8be50a560
- Get rid of activity-level events.
- Renamed InteractionSessionId and InteractionContext to
ContentCaptureSessionId and ContentCaptureContext (and made them public)
- Create the explicit concept of ContentCaptureSesssion (and moved notification
APIs to it).
- Added APIs to let apps create new sessions (not implemented yet).
- Added APIs to remove user data based on some context properties (like URI).
The reasoning behind this change is to let app developers explicitly associate
the captured content with some app-level domain (and also let the app ask the
service to clear such data at user's request). For example, a browser app
(and WebView) can use these APIs to associate the content capture events with
the URL being rendered.
Bug: 117944706
Fixes: 121034139
Test: atest CtsContentCaptureServiceTestCases
Test: m update-api && m
Change-Id: I7841da303b6a39c825651b03a07e3081fbd0bdf5
Initial prototype disabling location/sensors and enabling airplane mode.
Camera/Mic will come in a followup.
Test: manual
Bug: 110842805
Change-Id: I26132fcc9ffea83e3e78a0e54882d23c99ee590c
Adds logic to enforce a minimum aspect ratio and a new manifest
attribute for requesting a minimum aspect ratio.
Bug: 120129697
Test: atest AspectRatioTests
Change-Id: Ie714541241dcdfae2bdf3bfd969a4e26829fbb4b
