Validates that the caller of an OverlayManager API that mutates state
is actually allowed to act on the target as defined in the target's
overlayable tag.
<overlayable name="MyResources" actor="namespace/name">
An actor is valid if any of the following is true:
- is root/system
- is the target overlay package
- has the CHANGE_OVERLAY_PACKAGES permission and an actor is not defined
- is the same package name as the sole resolved Activity for the actor specified
in the overlayable definition, with only pre-installed, namespaced actors
currently supported
Bug: 119442583
Bug: 135052950
Test: atest SystemConfigNamedActorTest
Test: atest com.android.server.om
Change-Id: If56b9e8366852eaef84f6bb25c3e6871eaa3f219
go/cleanup-greylist-txt
These have already been greylisted, however due to bugs/omissions in the tooling have been kept in go/greylist-txt instead of being annotated in the code.
This is partial merge of aosp/Id6c1f5e403a0e66edb1102ee45f3bf19f244fb09. Telephony greylist cleanup has been done separately. Note that annotations outside of frameworks/base/ have been merged from AOSP.
Bug: 137350495
Test: m
Exempt-From-Owner-Approval: merge
Change-Id: I015c466e8b69cc0fed5e9d394ba865aad11d8ba6
AuthService in its current form is a thin wrapper around
BiometricService. It initializes BiometricService in onStart();
registers fingerprint, face, and iris authenticators; and forwards all
of the incoming calls to the corresponding methonds in BiometricService.
The next step will be to move non-biometric related functionality from
BiometricService to AuthService, and turn BiometricService into a module
with a stable API.
Bug: 141025588
Test: atest AuthServiceTest
Test: atest BiometricServiceTest
Test: BiometricPrompt works in BiometricPromptDemo
Change-Id: Ia861b7c2d80bfca386c3e0b44ec35b4aca3b0ffc
To assess app compatibility problems early on, this CL blocks background
custom toasts in a non-secure way. We create a new method in the AIDL called
enqueueTextToast() that now contain the same parameters as
enqueueToast(), receiving the view created inside the app's process. But this
method will, in the future, contain a CharSequence instead of
ITransientNotification, for window creation inside the system.
We use PlatformCompat infrastructure to check if the change is enabled.
I learned with this change that if user blocks notifications for an app, it
won't be able to show background toasts, allowing me to re-use the foreground
check that was already in place.
This change will display a text toast (from the system) in case the app's
custom toast gets blocked, this is temporary to get feedback from
dogfood.
Test: With sample app targeting SDK 29, verify that:
1. Posting text toast in bg works
2. Posting custom toast in fg works
3. Posting custom toast in bg does NOT work
Test: With sample app targeting SDK 28, verify that 1, 2 and 3 above work.
Test: Working on CTS
Bug: 128611929
Change-Id: Icecbbeff081fa5e7c4329bf3b383d6859520b517
for oems which take telephony mainline module, all telephony related
apks will be signed with non-platform certificate. that said apks won't
be able to grant platform signature permission. Solution is to add a new
telephony protection level.
Bug: 141479803
Test: cts & manual
Change-Id: Ib3be016080d42fd76e7c131f4e44d815ce431e6e
(cherry picked from commit 45c183d201)
Merged-in: Ib3be016080d42fd76e7c131f4e44d815ce431e6e
* changes:
Expand ContentProviderOperation support of extras.
Extend insert/update/delete to provide extras.
Query arguments for grouping, other SQL clauses.
