This permission is needed for wifi CTS tests.
Is the minimally scoped permission that needs to be added?
- Yes, this only allows the app to influnce wifi vs lte network
selection algorithm.
What options did you explore that did not need this permission?
- Without this permission, it would be impossible to test these API's:
WifiManager.setWifiConnectedNetworkScorer()
WifiManager.clearWifiConnectedNetworkScorer()
WifiManager.clearWifiConnectedNetworkScorer()
WifiManager.addOnWifiUsabilityStatsListener()
Bug: 150236894
Test: Device boots up.
Change-Id: Ic173e44ab818cdfecebde80715ddaec347019db6
Merged-In: Ic173e44ab818cdfecebde80715ddaec347019db6
Add MODIFY_DEFAULT_AUDIO_EFFECTS permission to shell which
is needed to run GTS tests on @systemApis for
audio effects control.
Bug: 148703417
Test: run gts -m GtsAudioTestCases -t com.google.android.audio.gts.DeviceEffectTest#testCreateDeviceEffect
Change-Id: Iba579001aeffd85743850727135a6f536579ea17
Merged-In: Iba579001aeffd85743850727135a6f536579ea17
This reverts commit 7df351b66f.
Reason for revert: It is not appropriate from a security perspective for the shell to have this permission.
Test: None
Bug: 150236894
Change-Id: I1f2b69320540731f6d3044f31e2bc999281f8342
Merged-In: I5b933fe6850ebd5b5f230c16722357ead4ec4286
(This change was merged internally first.)
This permission is needed for some wifi CTS tests.
Is the minimally scoped permission that needs to be added?
- Yes, this only allows the retireval of the saved wifi network
credentials on the device.
What options did you explore that did not need this permission?
- Possibly creating a UI to ask for manual entry of network credentials.
But, that would not let us do automated CTS tests (will need to become
CTS verifier tests then).
Bug: 150236894
Test: atest android.net.wifi.cts.WifiNetworkSpecifierTest
Change-Id: I6881003510191f667950be1ab27a5399fe3914b4
Merged-In: I6881003510191f667950be1ab27a5399fe3914b4
Grant NETWORK_STACK permission to the shell so
that CTS can use the shell identity to call
APIs protected with this permission.
Bug: 150236894
Test: atest android.net.wifi.cts.WifiManagerTest#testGetCountryCode
Change-Id: I4f93e76bcda83c528f1f2c7bcf800965886ea8da
This reverts commit 349b2c11e9.
Reason for revert: This change was already made in aosp/1205113 and now Shell requests the permission twice.
Change-Id: Ice5522d7095f9b0dbc96c2ff31a976bfdd942c5a
In configurations where AOSP Settings.apk is not included, there might
not be any home activity. E.g. CSI doesn't have Settings.apk.
This CL adds a null home activity to Shell.apk, which is in CSI,
so the framework can be in a sane state. Without such null home
activity in CSI, package manager fails to install any APKs.
Bug: 148044842
Test: $ lunch csi_arm64-userdebug; m -j
# Flash CSI to a Pixel (with AVB disabled) and reboot
$ m DeviceHealthChecks
$ adb install $OUT/testcases/DeviceHealthTests/arm64/DeviceHealthTests.apk
Performing Streamed Install
Success
Change-Id: I87999e30298bbe42af64f28e88fc6dc5975f1ca3
- READ_COMPAT_CHANGE_CONFIG is required to read the current state of the
config
- LOG_COMPAT_CHANGE is required to log the status of a compat change for
a package and/or uid to statsd
- OVERRIDE_COMPAT_CHANGE_CONFIG is required to add overrides
The permissions must be signature|privileged, as there are already
examples of code which this would not be sufficient (e.g.
MediaProvider).
This is a re-landing of https://r.android.com/1209240, which was
reverted due to http://b/142942524. The actual fix was done in
http://ag/10234812.
Bug: 142650523
Test: atest PlatformCompatTest
Test: atest PlatformCompatPermissionsTest
Change-Id: Ie9429477c9a1725b5cb67756787bf742038e5d2b
Shell already can reboot a device (via `adb reboot` command). This
change allows shell to also trigger a reboot logic inside the
system_server.
Additionally, it allows to CTS test PowerManager.reboot API.
Test: adb shell svc reboot
Change-Id: I4545c4f3587fee2840a00648c569f75bb57501fc
Merged-In: I4545c4f3587fee2840a00648c569f75bb57501fc
> Is the minimally scoped permission that needs to be added?
This is a minimal permission for always listening to signal strength.
> What options did you explore that did not need this permission?
CTS is required by API council; Telephony CTS is using shell to have
system permission. I don't see other options.
Integrate the callback of LISTEN_ALWAYS_REPORTED_SIGNAL_STRENGTH
Test: CTS; https://paste.googleplex.com/5811446241820672
Bug: 147322848
Change-Id: Id5afd261a7f00c25e3af3558f30fb92aad42f060
This is required for ambient display tests
Bug: 147874708
Test: Run newly added ambient display tests.
Merged-In: I61c28e15c4e5c3d0ffee4137ecb86e33f7e8f64d
Change-Id: I26ab1cd48816ddb3aa8b30708726a3e1a3a20b9a
With the deprecation of WRITE_MEDIA_STORAGE in R. Apps should migrate
to requesting MANAGE_EXTERNAL_STORAGE permission
Test: m
Bug: 144914977
Change-Id: Ie42b5ceaf01111a1d3151f697ce173ddc3c7fd9b
This helps in testing using adoptShellPermissionIdentity.
Also, as a nice side-effect, it solves the problem where Settings app
crashes if no packages are requesting the permission.
Bug: 146778323
Fixes: 147434040
Test: device boots
Change-Id: I0982f854ad8260cab247882d04aea9bdcdf5d586
Previously added "android:theme="@android:style/Theme.
DeviceDefault.DayNight" to the application tag in this manifest file to
enable dark theme for bugreport info.
BugreportWarningActivity is nested within this application tag, so
assumed all the child tags to have DayNight theme.
android:theme="@android:style/Theme.DeviceDefault.Dialog.Alert" shows
the dialog always as Dark mode.
android:theme="@android:style/Theme.DeviceDefault.Light.Dialog.Alert"
shows the dialog always as Light mode.
This bug is not easily notice-able as "Do not show this again" checkbox
is checked by default for this dialog. Unless one wipes data partition,
this dialog doesn't come up even after flashing new builds.
Bug: 141663298
Bug: 146400225
Test: Normal (light mode) Trigger interactive/full/wifi bugreport.
Click on bugreport finished "Share" notification.
Light mode warning dialog should appear. (with white background)
Uncheck the "Do not show this again" checkbox to test with dark
mode.
Test: Go to Settings. Turn on Dark theme.
Trigger interactive/full/wifi bugreport.
Click on bugreport finished "Share" notification.
Dark mode warning dialog should appear. (with dark grey background)
Merged-In: I200c592608261665e4c2416303f573522c6bc59a
Change-Id: I200c592608261665e4c2416303f573522c6bc59a
(cherry picked from commit 43bbe8a2fc)
This bug was introduced when fixing dark theme for bugreport dialogs.
Bug: 135446537
Bug: 146400225
Test: manually (both in light and dark theme)
Merged-In: Ib8c16d068c00632d009033c2eab7d2d6cb7e4eea
Change-Id: Ib8c16d068c00632d009033c2eab7d2d6cb7e4eea
(cherry picked from commit f90de9746b)
Grant TETHER_PRIVILEGED permissions to the shell identity
for use within CTS tests.
Bug: 145490751
Test: atest CtsTetheringTest
Change-Id: Ifad265cdc5e0b1b1b2fa8f4f79eeb7dd18493624
Merged-In: Ifad265cdc5e0b1b1b2fa8f4f79eeb7dd18493624
1. Grant ENTER_CAR_MODE and CONTROL_INCALL_EXPERIENCE permissions to the
shell identity for use within CTS tests.
2. Remove un-needed Telecom shell command.
Test: unit tests, telecom CTS tests, manual testing
Bug: 144345414
Change-Id: I54a2e723d6ef9552117e6cadf4ab7c449dd5e3cb
Per design doc (go/android-car-mode-design), added new system API to
enable car mode and specify a priority for the calling app.
Also modified UiModeManager to pass the package name of the caller to
UiModeManagerService.
Bug: 136109592
Test: Added new unit tests and CTS tests.
Test: Added Telecom test app functionality to verify.
Change-Id: I2848039c9ea18ba93e7694e04c4e5dc70759daa3
Merged-In: I2848039c9ea18ba93e7694e04c4e5dc70759daa3
The system shouldn't be granting read URI permissions as itself. This
means that heap dumps aren't successfully shared. Moving the heap dump
sharing mechanism to SHELL, which already has the permission to dump
heaps so that dumps can be shared properly.
The ActivityManagerService changes are submitted separately.
Bug: 126885951
Bug: 135150619
Test: collect a heap dump and confirm it's successfully shared with an app
Test: do manual test on a secondary user & confirm it's not available to
other user
Change-Id: I6fad69280b5124c8ec2d3b4bef0f7dddb6a9422c
android.permission.INSTALL_GRANT_RUNTIME_PERMISSIONS
It would be duplicated and we can remove it.
Bug:
Test: refactoring CL
Change-Id: I75bf3761be64d850781c29b734c2f7e60ef3b6a2
Signed-off-by: jay <jdragon.bae@gmail.com>
Bugreport info dialog is used in the BugreportProgressService; services
are not themeable from the manifest file. Added themed context wrapper
in the service file.
Text view underlines are no longer black, and are white in color.
Bug: 128364209
Test: build and flash to device, manually verified the color of the dialog
Change-Id: Ia42c1c7c2b6f2e30d91a5522f1d6b3507b032cdb
Now that we have LocalCallingIdentity, we can start caching it in
very narrow cases. We must be careful to not cache too long, since
any changes to granted permissions for the UID mean we need to
re-evaluate any cached answers.
The best middle-ground for this in the Q release is to use an active
camera session as a proxy for when we should create a cache object
and then later invalidate it. (It's very unlikely that a user
changes permissions while actively using the camera, and this is
a strong signal that the caller is sensitive to performance.)
Many other sprinkled optimizations to avoid extra binder calls into
the OS, such as aggressively caching VolumeInfo related details.
Track IDs that are owned by each LocalCallingIdentity, to speed up
all future security checks.
Dispatch all change notifications asynchronously, and delay them by
several seconds while the camera is being actively used, to give
more important foreground work a fighting chance. Invalidate
thumbnails asynchronously.
Optimizations to ModernMediaScanner where it's safe to skip the
"reconcile" and "clean" steps when we're focused on a single file
that we successfully scanned.
Local tests show this CL improves performance of a test app that
takes 100 rapid shots by 45%. (All the collective optimizations
done so far this week add up to a 70% improvement.)
Bug: 130758409
Test: atest --test-mapping packages/providers/MediaProvider
Exempt-From-Owner-Approval: trivial manifest change
Change-Id: I38cc826af47d41219ef44eae6fbd293caa0c01d5
Allows for testing APIs protected by this permission from CTS tests
Test: adb shell dumpsys package com.android.shell | grep "\bSTATUS_BAR:
granted=true" # should find the permission
Bug: 130178313
Change-Id: Ida0950664b98217d9c0801c0f19436c754ee6744
This change adds a mechanism for restricting permissions (only runtime
for now), so that an app cannot hold the permission if it is not white
listed. The whitelisting can happen at install or at any later point.
There are three whitelists: system: OS managed with default grants
and role holders being on it; upgrade: only OS puts on this list
apps when upgrading from a pre to post restriction permission database
version and OS and installer on record can remove; installer: only
the installer on record can add and remove (and the system of course).
Added a permission policy service that sits on top of permissions
and app ops and is responsible to sync between permissions and app
ops when there is an interdependecy in any direction.
Added versioning to the runtime permissions database to allow operations
that need to be done once on upgrade such as adding all permissions held
by apps pre upgrade to the upgrade whitelist if the new permisison version
inctroduces a new restricted permission. The upgrade logic is in the
permission controller and we will eventually put the default grants there.
NOTE: This change is reacting to a VP feedback for how we would handle
SMS/CallLog restriction as we pivoted from role based approach to roles
for things the user would understand plus whitelist for everything else.
This would also help us roll out softly the storage permisison as there
is too much churm coming from developer feedback.
Exempt-From-Owner-Approval: trivial change due to APi adjustment
Test: atest CtsAppSecurityHostTestCases:android.appsecurity.cts.PermissionsHostTest
Test: atest CtsPermissionTestCases
Test: atest CtsPermission2TestCases
Test: atest RoleManagerTestCases
bug:124769181
Change-Id: Ic48e3c728387ecf02f89d517ba1fe785ab9c75fd
Add NETWORK_SCAN to shell permissions to enable CTS testing of the
network scan changes
Bug: 126779616
Test: CTS
Change-Id: I1f75c9005620b3b0e06f066677cba6190f1d266c
