This change adds the system APIs to query intent components and
application info, which is required for the Default apps UI in
permission controller to work for work profile.
Bug: 110557011
Test: build
Change-Id: I7e2d92f9ccae2e764a1ce0040a7f84bc4f21dbb5
Previously a Device Owner or an affliated Profile Owner of the DO can silently
install APKs via PackageInstaller APIs. This CL additionally grants delegates
of DO the same access.
Bug: 112982695
Test: atest com.android.cts.devicepolicy.MixedProfileOwnerTest#testDelegation
Test: atest com.android.cts.devicepolicy.MixedDeviceOwnerTest#testDelegation
Test: atest com.android.cts.devicepolicy.MixedManagedProfileOwnerTest#testDelegation
Change-Id: I777ee6aa1ecd036ee56270fc6b4e86b74d1042a6
If an app declares that is has flagile user data, all the user to choose
to keep the app-data on uninstall.
Test: Unistalled apps that set the new flag and app that did not.
Verified that the KEEP_DATA flag was set when checkbox was
clicked.
Change-Id: I032fb21854352bbc175934ae5eb68a1430b1d403
Fixes: 117578306
This is due to being compatible with other RCS related changes by breadley@
Reviwed in aosp/840289, CP'ed here due to merge conflict.
Test: Existing tests pass
Bug: 109759350
Change-Id: Id56df22e9c313c5e0700eda3b2c489d2f84ea0cd
The ModuleInfo class contains details about mainline modules. We're
not sure about what kind of information we'll need, so, creating
a placeholder structure and accessor methods that can be adjusted
later.
While the package manager does not know anything about what a "module"
is, we use the package manager as convenience to not creating a new
MainlineManager class.
Bug: 119220828
Test: Workspace still builds
Change-Id: I42cbc5e119652edd3eda155ddef861e3e0889479
This CL just adds the isStaged setting on SessionParams, and if it is
set the session info are cached in a local variable. This allows
getStagedSession() (new APIs) to return the session information.
This should unblock upstream development while we implement the feature.
Test: adb install --staged, adb install-multi-package --staged. Wrote
small app to verify getStagedSessions returns correct info.
Bug: 118865310
Bug: 112669193
Bug: 120487127
Change-Id: I822be9e1737fe5cde6a6dd63621631cdef4f6fff
Offer an explicit DELETE_CONTRIBUTED_MEDIA flag that can be used when
uninstalling an app to indicate that any contributed media should be
deleted.
Adjust APIs to accept a specific UserHandle so we can pre-flight
check for valid UserManager state.
Bug: 116344240
Test: atest android.provider.cts.MediaStoreTest
Change-Id: Ief0ba27c913791d60f86a5d7252525c9c4539fc6
Similar to what we've done for services like the installer, verifier,
and text classifier, we're creating a new permission protection level
for the "document manager" on the device, called the "documenter" in
this change.
There should be exactly one "documenter" on the device, since it
handles the sensitive MANAGE_DOCUMENTS permission.
Bug: 117745631
Test: atest CtsPermission2TestCases
Test: atest android.permission.cts.ProviderPermissionTest
Change-Id: I92c9fcfee24feae8dc3a7516cde093e8f3bf0e56
Changed PackageManager#getWellbeingPackage from System to Test API since
the related GTS using the API is now being built against the test sdk.
Bug: 119330345
Test: atest com.google.android.wellbeing.permissionpolicy.gts.WellbeingPermissionPolicyTest
Change-Id: Id80f52a327f3faa292e7c647cac2b1fa0e03275f
Bug: 120096113
Test: Build with built-in libraries that declares new depedency flag, no
more boot errors (tested with cheets_x86_64 and crosshatch_userdebug)
Change-Id: I6b3e2ab7626ed8f04c0bf1a5b3c32204a2f2c56b
* Expose getCache and putCache to @Public. Filed a bug
b/117636111 to implement the maximum bounds
* Expose getTypeDrawable to @SystemApi
Change-Id: I81ab2e2198d2da1a2fa1c327ed7f9f66cb999755
Fix: 117636111
Test: make
If a system component calls to a remote provider, and that provider
hangs, we end up burning that Binder thread until the remote process
is killed for some unrelated reason.
This change adds an API to detect these hangs, and kill the remote
process after a specific timeout, but only when the caller holds a
permission that lets them kill other apps.
Bug: 117635768
Test: atest android.content.cts.ContentResolverTest
Change-Id: I81b0d993d9d585cdeb5e2559c68052ba6cbbced9
Accepting only ContentResolver arguments was quite limiting, so use
the newly created super-interface ContentInterface, which lets
callers use a ContentResolver, and ContentProviderClient, or even a
specific ContentProvider.
This is a safe API change, since we're accepting a more-general
argument, and existing API users can continue passing ContentResolver
to these methods.
Bug: 117635768
Test: atest DocumentsUITests
Test: atest android.appsecurity.cts.DocumentsTest
Change-Id: I8f0cd1335c9b763dd81eeb237fb0517e9073b625
Existing APIs that accept a ContentResolver are too restrictive when
the caller has their own ContentProviderClient already bound and
configured, so we're in the market for a solution to open those
existing APIs to accept a wider range of inputs.
The solution we've come up with is to introduce a super-interface
which contains the common ContentProvider APIs, and then make
ContentProvider, ContentResolver, and ContentProviderClient all
implement that interface for consistency.
After this change lands, we can then safely relax existing APIs to
accept this new ContentInterface, offering a clean path to solving
the problem outlined above.
Bug: 117635768
Test: atest android.content.cts
Test: atest android.provider.cts
Change-Id: Ic5ae08107f7dd3dd23dcaec2df40c16543e0d86e
Exempted-From-Owner-Approval: keep tests working
Permissions that have the new wellbeing protection flag will be granted
to the wellbeing app, as defined by the OEM in the system resource.
The ACCESS_INSTANT_APPS permission is updated to use the wellbeing
flag. The SUSPEND_APPS permission will also follow the same model now.
Bug: 119330345
Test: atest CtsPermission2TestCases:PermissionPolicyTest
Test: atest com.android.server.pm.SuspendPackagesTest
Test: atest com.google.android.suspendapps.permissionpolicy.gts.SuspendAppsPermissionPolicyTest
Change-Id: Iffedc7704824292be48a4ef198fff97c1e5c39da
Introduced a new INTERACT_ACROSS_PROFILES privileged permission which
allows an application to start a managed profile activity from its personal
profile activity.
Added CrossProfileApps#startAnyActivity(ComponentName, UserHandle) which
requires the INTERACT_ACROSS_PROFILES permission and enables an app from
a personal profile to launch an activity within its managed profile app.
Bug: 118186373
Test: atest com.android.server.pm.CrossProfileAppsServiceImplTest
Test: atest cts/hostsidetests/devicepolicy/src/com/android/cts/devicepolicy/CrossProfileAppsHostSideTest.java
Change-Id: I28aa05c7e54f60eb6144275d31eaf8813e2f10ad
Foreground service must use attribute foregroundServiceType to
specify its foreground service type in <sevice> element of manifest
file, otherwise a warning message is printed when startForeground()
method is called. (We will replace the warning message with a security
exception when the feature is formally activiated.)
The manifest attribute is:
android:foregroundServiceType="<type>"
Allowed types are: "sync", "mediaPlay", "phoneCall",
"location", "deviceCompanion", "ongoingProcess".
Bug: 111453223
Test: atest frameworks/base/tests/FrameworkPerf
Change-Id: I5d2ab203d400f3c549cd153480b6252a2f9adb3c
Bunch of changes:
- Split public SmartSuggestionsService info ContentCaptureService and
AugmentedAutofillService
- Renamed 'intelligence' packages to either 'contentcapture' or
'autofil.augmented'
- Renamed internal packages and classes.
- Changed permissions, resource names, etc...
- Moved Augmented Autofill logic from IntelligeceManagerService (R.I.P.) to
Autofill.
- Optimized IPCs by passing a String instead of the InteractionSessionId
(that also solves the view -> service dependency).
Test: atest CtsContentCaptureServiceTestCases \
CtsAutoFillServiceTestCases \
FrameworksCoreTests:SettingsBackupTest
Test: manual verification with Augmented Autofill Service
Bug: 119638877
Bug: 117944706
Change-Id: I787fc2a0dbd9ad53e4d5edb0d2a9242346e4652d
This patch adds a feature flag for IPsec Tunnel Mode. This implies VTI
(with output-mark updating), or XFRM-I in the kernels.
Bug: 117183273
Test: Compiles
Change-Id: I6dd0e429cc0bd100f2ef1140a6651f6ef5294c79
Everything needed to get the CTS tests to work.
Also:
- Change process names to be unique per isolated instance,
and no longer use isolated uid in proc stats, so we don't
have a crazy number of process entries there.
- Again move activity manager dumpsys output so we aren't
spewing less useful stuff at the end where it hides the
core state about processes.
- Fix protos so that we can read InstrumentationInfo from the
activity manager protos. (There was confusion about writing
protos for a PackageItemInfo vs. an ApplicationInfo.)
Test: atest CtsAppTestCases:ServiceTest\#testActivityServiceBindingLru
Bug: 111434506
Change-Id: I2c86bd1daa582a5c60950173ca12e8ec21b13ead
This change is for "Open with" feature in DocumentsUI.
If this is public, other apps also can have this
feature.
Test: make
Bug: 110959821
Change-Id: I9c1255419869f9983eac7e820c42a96400f15bfd
REVIEW_PERMISSION_USAGE now supports being passed a permission name.
Document that in the comment.
Bug: 120222495
Test: Compile
Change-Id: Iedd2d98b5150bdf21fa80489889a0672d58dd1f2
Consolidate all permission related code in a single java package.
Test: atest SettingsLibRoboTests
Looked at Settings AppInfo UI (uses RuntimePermissionPresenter)
Bug: 120221960
Change-Id: If135e984a8273e9bed80cab9fbf2d70f40a05c7f
Make sure testers have a way to quickly determine when an app is trying to access
call logs or SMS without being the default handler, so we don't get inundated with
bugs about correct behavior
Test: proofread
Change-Id: I46b9dc86073101f8ca08ac1bc90c79338afd114f
And check parameters at trust boundaries
Test: Looked at AppInfo in Settings (uses RuntimePermissionPresenterService)
Change-Id: Ie70f64c1bc5435e1d284c37cc6fec208468b3a0a
