As part of migrating the pullers to the new API, we modify
permission checks within BatteryStatsService. Previously, a Binder
thread within StatsCompanionService (with statsd's calling identity)
called BatteryStatsService functions, which was why statsd was assigned
the BATTERY_STATS permission. Now, that call is being made from the
system process Background thread. Because enforceCallingPermission
outside of Binder threads, we switched to enforceCallingOrSelfPermission.
Test: m -j
Test: adb shell cmd stats pull-source 10039
Test: adb shell cmd stats pull-source 10040
Test: adb shell cmd stats pull-source 10041
Test: atest CtsStatsdHostTestCases:UidAtomTests#testDeviceCalculatedPowerUse
Test: atest
CtsStatsdHostTestCases:UidAtomTests#testDeviceCalculatedPowerBlameUid
Test: atest CtsStatsdHostTestCases:BatteryStatsValidationTests#testPowerUse
Bug: 145565211
Change-Id: Ie009e6eead3e48ecee6b40d9a38c9d571d4d4117
Add corresponding permission to allow tether offload to update
network usage through new API that requires UPDATE_DEVICE_STATS
permission.
This is the minimum permission that required to update network
usage with the new system api.
Test: atest FrameworksNetTests OffloadControllerTest TetheringTest
Bug: 130855321
Change-Id: I9c0c86e20d4797ea3570feed741be3a07f839c7d
Add SystemConfigService and associated AIDLs and permissions for
accessing SystemConfig. The service returns values obtained from a
static instance of com.android.server.SystemConfig.
Bug: 143112379
Test: atest SystemConfigTest
Change-Id: I1a863ae9f53db21d698376008e5b1da83309b141
Previously we only animated ActivityRecord. When hierarchical animation
is enabled, we find the top most entity from the window hierarchy (i.e.
ActivityRecord < Task < ActivityStack) which we can animate without
user visible changes, and set app transition animation on it.
The hierarchical animation is disabled by default. To enable it,
system property "persist.wm.hierarchical_animations" must be set.
Test: atest AppTransitionControllerTest
Bug: 131661052
Change-Id: I4709fd178de09d289d72cf1833b056b4e34fc92b
Move tethering out of ConnectivityService. All client would
use TetheringManager to talk with TetheringService directly.
Bug: 144320246
Test: -build, flash, boot
-atest TetheringTests
Change-Id: Ib051bea724a256f9c4572b566e46ae7b9c4abe6e
Unwhitelist packages that are not needed on profiles, such as wallpaper,
navbar, and cutout apps. These system packages will therefore not be
pre-installed on profile users.
Bug: 134605778
Test: Confirmed that these packages do not appear in a profile
Change-Id: Icefbcf8def31450a0f2d93cca12f6fcbf6803cb7
Move tethering out of ConnectivityService. All client would
use TetheringManager to talk with TetheringService directly.
Bug: 144320246
Test: -build, flash, boot
-atest TetheringTests
Change-Id: Ib051bea724a256f9c4572b566e46ae7b9c4abe6e
Merged-In: Ib051bea724a256f9c4572b566e46ae7b9c4abe6e
This adds new permissions required when setting the time /zone in
response to telephony signals and when setting the time / zone manually
along the lines of "principle of least privilege".
The intent is to later restrict the number of distinct processes that
can manipulate the device system clock / time zone property directly so
that all time changes go through the time / time zone detector services,
which can enforce policy, log the reasons for changes, and so on.
Bug: 140712361
Test: atest com.android.server.timedetector
Change-Id: Iabd3a5f449ad2ef2b6581475ef2535a4a8a88ef9
As mentioned in b/132780927, we plan to forbid hidden APIs usage in /product partition,
in other word, apps in /product are allowed to use only either public API or system API.
So, this app will be moved to /system_ext, of course, it is not permanent,
they can be moved back to /product if they don't use hidden API anymore.
Bug: 137908189
Test: m
Test: check whether device boots successfully
Change-Id: I623e0dcc1d3bc1a2a69a6cad34ace1f79532654e
* changes:
Migrate SoundTrigger implementation to new service
Implement the soundtrigger_middlewware service
Add a permission for preempting sound trigger sessions
Sound trigger middleware service definition
Add audio.common types AIDL definition
Since tethering is moved from systemServer to networkStack
process, it would lose privileged capability. Grant privileged
permissions for tethering individually. Grant MANAGE_USB to control
usb rndis function. Grant MODIFY_PHONE_STATE to know whether DUN
is required. Grant READ_NETWORK_USAGE_HISTORY to update tethering
usage. Grant UPDATE_APP_OPS_STATS to check WRITE_SETTINGS permission.
Bug: 144320246
Test: -build, flash, boot
-atest TetheringTests
Change-Id: Id6e71b58e027d6ba90551084367ef881652c2555
Grant TETHER_PRIVILEGED permissions to the shell identity
for use within CTS tests.
Bug: 145490751
Test: atest CtsTetheringTest
Change-Id: Ifad265cdc5e0b1b1b2fa8f4f79eeb7dd18493624
Merged-In: Ifad265cdc5e0b1b1b2fa8f4f79eeb7dd18493624
Grant TETHER_PRIVILEGED permissions to the shell identity
for use within CTS tests.
Bug: 145490751
Test: atest CtsTetheringTest
Change-Id: Ifad265cdc5e0b1b1b2fa8f4f79eeb7dd18493624
we plan to forbid hidden API in product partition.
So this app should be moved to /system_ext because it uses hidden API.
It is not permanent, so they can be moved back to /product due to
needs if there isn't hidden usage anymore.
Bug: 137908189
Test: m
Test: check whether device boots successfully
Test: atest SystemUITests
Change-Id: I54f86496d4a0045af3576091cce00e5cd285b4f8
Add CONNECTIVITY_USE_RESTRICTED_NETWORKS permission to phone
package in privapp permission list.
Bug: 146222771
Test: build, flash, boot to home
Change-Id: I1c88b892b1d2f50856b139a5cad5dc8b07a006be
Previously, the power to preempt sound trigger recognition sessions
for the sake of being able to capture audio on platforms that don't
support doing both concurrently, was implicitly granted based on
process (audio_server) co-location with the sound trigger service.
Since this service is now being migrated out of audio_server, a new
permission is introduced and granted to the audio server.
Change-Id: Ifcdfc2a5543d814fb0630a45cdd9bcdba4d92107
Bug: 142070343
