There are OEM provided apps that are able to clear the data of the
device owner. That creates a security hole that this fixes.
Fixes bug 20107015.
Change-Id: I4ef313b394bd8059d19d20aa6533396305d1357d
Create a DevicePolicyManager API which can be used by OTA subsystem
to tell device owners about pending updates. Device owners will get
a callback from its DeviceAdminReceiver when the update service sends
out such notifications.
Bug: 20213644
Change-Id: Ifcc755655e4f441980cf77d76175a046112ca9ae
Nothing stopping an Activity from giving us a
null Intent, and the Intent copy constructor
requires a non-null arg.
Bug: 20419159
Change-Id: I8b12a127431869394697e947e2298d4dbbe08604
Main change is to fix problems in the alarm manager where it
was not doing a good job at scheduling the device idle wakeup
before an alarm. To fix this, we now keep explicit track of
the next "wake from idle" alarm so we can consistently use that
to adjust the time of the device idle alarm if needed.
Also a bunch of debugging stuff to help further diagnose this
problem:
- Alarm summary now includes the last time the alarm went off.
- Improved dumpsys output of alarms.
- New event log tags for changes related to idle state.
Change-Id: Idd2c8d24ae23379f7c75815ddbc6835c2a04656c
They can be Very Very Large, so take advantage of the new BlobBackupHelper
infrastructure to keep them tiny!
Also fix an issue in which the restore path wasn't properly passing
notification payloads along for processing, and an issue in which the
blob helper wasn't handling empty states properly.
Change-Id: I11a7ca3cd2e26f634a8971e874ac97385b0b500c
This new API, NotificationManager.getActiveNotifications(),
allows an app to recover the set of notifications it has
posted that are still active (un-cleared, un-canceled,
visible by the user). Along with the Notification object
you'll get the original tag and id you used to post it,
wrapped up in the somewhat awkwardly-named
StatusBarNotification data structure (previously only used
internally by NoMan/SysUI and NotificationListenerServices).
Bug: 17320461
Change-Id: I8cd610956fafed4e31526b663cebdc31231ad930
A new flag for DPM.resetPassword() method that specifies that the
device should be decrypted without asking for the password or pattern.
Bug 19250601
Related CL in Settings App: https://googleplex-android-review.git.corp.google.com/#/c/670206
Change-Id: I9ca3472dc18e66e618ff772dee16ca4a450e9997
Use the term "SystemUpdate" instead of "OTA", in public
DevicePolicyManager APIs that handle OTA policies.
Bug: 19650524
Change-Id: Iebdaea91337d617147cb411b6f47e0f3fae8671c
Introduce a fairly general "store byte[] blobs as backup keys" helper, and
use that to integrate with the Notification Manager. The helper provides all
the machinery of managing prior state, compressing the blob on the wire, etc.
Bug 19848954
Bug 20105530
Bug 17755700
Change-Id: I4aa808172244af6db0ab2f4440cc266a797655d7
Since packages can be moved to other volumes, all relevant commands
to installd now require an explicit volume UUID parameter.
Bug: 20275577
Change-Id: Ie84f5bc43c7aada5800b8d71692c7928b42b965e
Added the concept of a sleep token to represent a demand to sleep.
We grab this token whenever a dream window is visible.
This change also deletes a special condition in shouldSleepLocked()
which would tend to keep activities running when the lock screen
was shown unless they had previously been sleeping. I believe this
condition is no longer necessary and the policy is much simpler
without it. Let's see if anything breaks.
NOTE: This can currently only be used within the system server process
but it might make sense to move it to IActivityManager (guarded by
DEVICE_POWER permission) so that keyguard can use it. If we added
a callback on release to inform the client that the underlying activity
has finished drawing then we could untangle a bunch of keyguard
specific logic.
Bug: 18866521
Change-Id: I84b2118f5b990a71a1647d1cee536ad3d99f3a24
Currently only one app can write to the SMS provider and it has to
be set as the default SMS app by the user in the UI. The default
SMS app is set by enabling the write SMS app op for it and keeping
this op off for other SMS apps. Hence, this permission does not
guard anything and can be taken out. The API change is fine as if
an app refers to the permission in the manifest as string it will
be ignored and if it was referred in Java the value is statically
compiled in the source.
Change-Id: I1128c3b034e6c7dda4baa051500ac1ef46a53575
The READ_PHONE_STATE permission protects PII information and
is in the Phone group. This change is adding the corrseponding
app op for gating access to the API guarded by READ_POHNE state
which will be used instead as an access control for legacy apps.
Change-Id: I2ff895a5a0e529f26ec0ad706266a30d829268ba
UICC privileged carrier apps will extend CarrierConfigService to provide
carrier-specific configuration. Apps/services will use
CarrierConfigManager to read the current configuration.
CarrierConfigManager also defines the set of configuration variables and
their default values.
Bug: b/19483786
Change-Id: I027211b43276afd6fe893ae50048c52f2aed5cf5
The RecentTaskInfo object returned when getAppTasks#getTaskInfo
is called now contains baseActivity, topActivity, and numActivities.
Bug: 18723935
Change-Id: Ifc0cd68a57ed2c0823c23ac8d27e3b6ea6bc95e2
Add API to determine the possible candidate volumes that a package
can be moved to. For example, it currently knows that we need to
move ASEC-based apps through internal storage before migrating them
to a private volume.
Comparator for consistent VolumeInfo ordering when displayed in UI.
Fix native library symlink to be volume UUID aware.
Bug: 19993667
Change-Id: I68d5fac5f0f776ac1c7dd15e7a984bfe2704f3f7
The ability for tasks to be started in locktask mode or pinned is
dependent on the value of android:lockTaskMode for the root activity
of the task.
For bug 19995702
Change-Id: I514a144a3a0ff7dbdd4987da5361b94bdfe9a437
- Allow apps to read and modify notification policy (currently
which items are prioritized in "priority only" mode), but only
after they've been granted access by noman.
- Access to read/modify notification policy requires a token provided
by noman. Enabled notification listeners are automatically given
tokens (new getter on NLS), but any other app can also request them.
- Currently, all requests are granted.
- Also add a new change intent when the public policy changes.
Bug: 18541928
Change-Id: I482d1c39852d0d961931515e0f0e059a8faee4ed
Let the device owner disable the status bar to achieve multi-app single purpose
mode. When the status bar is disabled, quick settings, notifications and the
assist gesture are blocked.
Bug: 19533026
Change-Id: I72830798135136e5edc53e5e2221aebb9a7c7d57
- Add new API to ask the activity manager what the current
importance of a particular package name is (along with a few
new useful importance levels).
- Fix my last alarm manager change to actually execute the
alarms we have now decided should run even while we are idle.
Change-Id: I1f14712b4e390770d53b185c96a1b36f6aadd687
Pre-M, these were disabled as the ActionMode would be rendered
in the ActionBar, obscuring the originating view. Now that we have
Floating Toolbars, this is no longer the case.
Also the TextViews in this situation used to show the paste popup
which has now been removed, so they require the floating toolbar to
avoid regressions.
BUG: 20205351
Change-Id: Ifdc96c3b0db5b40c890ae807c26b76aa2992edbc
