- READ_COMPAT_CHANGE_CONFIG is required to read the current state of the
config
- LOG_COMPAT_CHANGE is required to log the status of a compat change for
a package and/or uid to statsd
- OVERRIDE_COMPAT_CHANGE_CONFIG is required to add overrides
The permissions must be signature|privileged, as there are already
examples of code which this would not be sufficient (e.g.
MediaProvider).
This is a re-landing of https://r.android.com/1209240, which was
reverted due to http://b/142942524. The actual fix was done in
http://ag/10234812.
Bug: 142650523
Test: atest PlatformCompatTest
Test: atest PlatformCompatPermissionsTest
Change-Id: Ie9429477c9a1725b5cb67756787bf742038e5d2b
Renames PhoneTime[|Zone]Suggestion to TelephonyTime[|Zone]Suggestion.
Makes changes to generally avoid PHONE and use SLOT_INDEX or telephony
as appropriate for the usage. Removes telephony / phone from a few
variable names where it doesn't add value.
This commit also renames some remaining phoneId instances to slotIndex
which were missed when that rename happened.
Bug: 148842434
Test: treehugger
Change-Id: I4302e68082b802b75b53c02a9c9b1ae39dff6085
Area info cell broadcast messages are not handled
by cell broadcast receiver anymore. Instead, they will
be processed in cell broadcast service. Privileged apps
that are interested in getting the information will need
to get it directly from cell broadcast service.
Note this is only enabled for certain countries and carriers.
Test: Manual
Bug: 141318859
Bug: 141425194
Merged-In: I2245c39f679d0ad94c9a1325edc553f362fdce7c
Change-Id: I2245c39f679d0ad94c9a1325edc553f362fdce7c
(cherry picked from commit 80e4320435)
Shell already can reboot a device (via `adb reboot` command). This
change allows shell to also trigger a reboot logic inside the
system_server.
Additionally, it allows to CTS test PowerManager.reboot API.
Test: adb shell svc reboot
Change-Id: I4545c4f3587fee2840a00648c569f75bb57501fc
Merged-In: I4545c4f3587fee2840a00648c569f75bb57501fc
This is required for ambient display tests
Bug: 147874708
Test: Run newly added ambient display tests.
Merged-In: I61c28e15c4e5c3d0ffee4137ecb86e33f7e8f64d
Change-Id: I26ab1cd48816ddb3aa8b30708726a3e1a3a20b9a
* changes:
Move the app to /system_ext
Set sdk_version "current" in test package
Move the permission.xml to /system_ext
Move SystemUI to /system_ext
move privapp_whitelist_com.android.storagemanager to system_ext
Move 'privapp_whitelist_com.android.launcher3' to system_ext
Move 'privapp_whitelist_com.android.settings' to system_ext
move privapp_whitelist_com.android.provision to system_ext
privapp_whitelist_com.android.emergency to system_ext
privapp_whitelist_com.android.carrierconfig to system_ext
As mentioned in b/132780927, we plan to forbid hidden APIs usage in /product partition,
in other word, apps in /product are allowed to use only either public API or system API.
So, this app will be moved to /system_ext, of course, it is not permanent,
they can be moved back to /product if they don't use hidden API anymore.
Bug: 137908189
Test: m
Test: check whether device boots successfully
Change-Id: I623e0dcc1d3bc1a2a69a6cad34ace1f79532654e
Merged-In: I623e0dcc1d3bc1a2a69a6cad34ace1f79532654e
we plan to forbid hidden API in product partition.
So this app should be moved to /system_ext because it uses hidden API.
It is not permanent, so they can be moved back to /product due to
needs if there isn't hidden usage anymore.
Bug: 137908189
Test: m
Test: check whether device boots successfully
Test: atest SystemUITests
Exempt-From-Owner-Approval: cherry-pick from internal
Change-Id: I54f86496d4a0045af3576091cce00e5cd285b4f8
Merged-In: I54f86496d4a0045af3576091cce00e5cd285b4f8
After check the usage of those apps who declared
CONNECTIVITY_INTERNAL permission, they don't access any API which
protected by CONNECTIVITY_INTERNAL. And CONNECTIVITY_INTERNAL
has been removed from their AndroidManifest.xml. So remove the
redudant permission from privapp-permissions-platform.xml.
Bug: 32963470
Test: build, flash, boot to home w/o any permission problem.
Change-Id: I3f31d16163e359b0b16f06129452a758ea149fc1
Add corresponding permission to allow tether offload to update
network usage through new API that requires UPDATE_DEVICE_STATS
permission.
This is the minimum permission that required to update network
usage with the new system api.
Test: atest FrameworksNetTests OffloadControllerTest TetheringTest
Bug: 130855321
Change-Id: I9c0c86e20d4797ea3570feed741be3a07f839c7d
As StorageManager, permissions.xml should follow the app's partition.
Test: m && check booting
Bug: 137908189
Change-Id: Ie791b5fbe1b1906537a57e8f1c34029c0f092afc
Merged-In: Ie791b5fbe1b1906537a57e8f1c34029c0f092afc
As AOSP launcher is moved to system_ext, its permission files will follow the app location.
Test: m
Bug: 137908189
Change-Id: I5d11e3901633be82f375c56a5ef2c79b6e0b0922
Merged-In: I5d11e3901633be82f375c56a5ef2c79b6e0b0922
As Settings is moved to system_ext, its permission files will follow the app location.
Test: m
Bug: 137908189
Change-Id: I58ae29a6454f91f222b15ccbd9d3e5b5d5889289
Merged-In: I58ae29a6454f91f222b15ccbd9d3e5b5d5889289
Move tethering out of ConnectivityService. All client would
use TetheringManager to talk with TetheringService directly.
Bug: 144320246
Test: -build, flash, boot
-atest TetheringTests
Change-Id: Ib051bea724a256f9c4572b566e46ae7b9c4abe6e
Merged-In: Ib051bea724a256f9c4572b566e46ae7b9c4abe6e
This adds new permissions required when setting the time /zone in
response to telephony signals and when setting the time / zone manually
along the lines of "principle of least privilege".
The intent is to later restrict the number of distinct processes that
can manipulate the device system clock / time zone property directly so
that all time changes go through the time / time zone detector services,
which can enforce policy, log the reasons for changes, and so on.
Bug: 140712361
Test: atest com.android.server.timedetector
Change-Id: Iabd3a5f449ad2ef2b6581475ef2535a4a8a88ef9
Since tethering is moved from systemServer to networkStack
process, it would lose privileged capability. Grant privileged
permissions for tethering individually. Grant MANAGE_USB to control
usb rndis function. Grant MODIFY_PHONE_STATE to know whether DUN
is required. Grant READ_NETWORK_USAGE_HISTORY to update tethering
usage. Grant UPDATE_APP_OPS_STATS to check WRITE_SETTINGS permission.
Bug: 144320246
Test: -build, flash, boot
-atest TetheringTests
Change-Id: Id6e71b58e027d6ba90551084367ef881652c2555
Grant TETHER_PRIVILEGED permissions to the shell identity
for use within CTS tests.
Bug: 145490751
Test: atest CtsTetheringTest
Change-Id: Ifad265cdc5e0b1b1b2fa8f4f79eeb7dd18493624
Merged-In: Ifad265cdc5e0b1b1b2fa8f4f79eeb7dd18493624
Add CONNECTIVITY_USE_RESTRICTED_NETWORKS permission to phone
package in privapp permission list.
Bug: 146222771
Test: build, flash, boot to home
Change-Id: I1c88b892b1d2f50856b139a5cad5dc8b07a006be
Settings application needs the previleged permission to retrieve UICC
card information by using Telephony Manager API.
Bug: 141256483
Test: Manual and SimStatusDialogControllerTest
Change-Id: I33d3bb1947d828e283ee62b7cd0936b8baf73acb
Since CONNECTIVITY_INTERNAL has been deprecated from Android R
and replace by other permissions. Change CONNECTIVITY_INTERNAL to
another proper peremission.
Bug: 32963470
Test: atest SystemUITests
Change-Id: Ibdaee8c3c06caa3aaf6944d4b258cb5b1d078179
1. Grant ENTER_CAR_MODE and CONTROL_INCALL_EXPERIENCE permissions to the
shell identity for use within CTS tests.
2. Remove un-needed Telecom shell command.
Test: unit tests, telecom CTS tests, manual testing
Bug: 144345414
Change-Id: I54a2e723d6ef9552117e6cadf4ab7c449dd5e3cb
Per design doc (go/android-car-mode-design), added new system API to
enable car mode and specify a priority for the calling app.
Also modified UiModeManager to pass the package name of the caller to
UiModeManagerService.
Bug: 136109592
Test: Added new unit tests and CTS tests.
Test: Added Telecom test app functionality to verify.
Change-Id: I2848039c9ea18ba93e7694e04c4e5dc70759daa3
Merged-In: I2848039c9ea18ba93e7694e04c4e5dc70759daa3
Fix typo after file name introduced
by dc54082abe
Bug: 144470640
Test: add frameworks/base/data/sounds/AudioPackage11.mk in product mk and build
Change-Id: I75101b12596b2b50d8017325f55cd85ea836f6a8
Update the permissions and resource to reflect this move.
Bug: 135956699
Test: manual
Change-Id: I8c798f48e3a342cc2ce29d1f7f199ae1337ff2d0
Merged-In: I8c798f48e3a342cc2ce29d1f7f199ae1337ff2d0
CellBroadcastService is bound to by the platform to handle cell
broadcasts.
Bug: 135956699
Test: manual
Change-Id: I865c09d6d246779b706c06371df685d415618699
