When an upgraded system-bundled app is reverted to the factory
version, we now maintain restricted profiles' access policies
w.r.t. that app.
Bug 8905395
Change-Id: I3f230ac3f70a77fb14c0180b44c9b42fc49250a2
Loading the avatar icons and drawing them into the sized bitmap
turns out to be quite expensive and the cost increases with number
of users. Caching them shaves off several hundred milliseconds from
Keyguard inflation time during user switching on the lockscreen.
For instance, 15ms vs. 750ms with 3 avatars on a certain 7" tablet.
Bug: 7986933
Change-Id: I3e2065bfa25aa263133ba204ca364c3b04d7c0ff
Also be sure to drop any pending package-changed broadcasts
that are targeted to a now-removed user.
Bug 8594153
Change-Id: Ib14874b4a67b968bbf6ca12ee095c85383aff324
...app storage size for apps w/ .so files
The lib directories are tagged with the apk install number,
so must be explicitly passed down to installd.
Change-Id: Ic37b03726f9a7405eb05956703f8198223b22595
I.e. don't bother trying to send a BOOT_COMPLETED broadcast to the
newly-installed/enabled system app when its host user isn't live.
Also use the static isSystemApp()-type helpers instead of duplicating
those tests locally.
Bug 8594153
Change-Id: I4bd0b86351d67f72c44eae8d1afce6a98f034d31
Specifically, send it a BOOT_COMPLETED broadcast just as it would have
received during device (or user) startup.
Bug 8594153
Change-Id: I847c16df56d038a25758e594f951bc15348edc19
Use a Bundle for persisting and passing to the application, but use a
list to return data back from an application that's exposing restrictions.
Changed the xml reading/writing code to store the value type in the Bundle
so that it can be reproduced when reading. Earlier we were assuming only
String and String[].
Bug: 8633967
Change-Id: I523d5553728edcf28a1e9d432f490b4956f34215
When an application's user data is cleared, the keystore entries need to
be cleared as well. Previously we were only clearing entries when the
application was uninstalled for all users. Now we cover the case of
multiuser as well.
Bug: 8566369
Change-Id: I201c92d0893f0d18e87970dcd59ef6cd904584dc
Created constants in current.txt and UserManager.java, modified restrictions access in UserManagerService.java.
Change-Id: If8d778d84af81dcbf5784f6e0afd9ef966cc8ecf
If someone explicitly installs an update to a system-bundled package,
we infer that this means they actually want to use the new code.
Bug 7467302
Change-Id: If2dc6f764bafbb3a5c94cbdd32273c030fd784b9
Some permissions are associated with gids, so we need to
kill any running processes if their permission is revoked.
We will do this for any permission being revoked, since
the association between gids and permissions can change
over time.
Change-Id: Ieb7408e032539c4f21eb089d65a7a7e6c289f010
Add a hook into PackageManagerService so that when app IDs are
completely removed, we erase all entries from keystore for those UIDs
that have gone away.
(cherry picked from commit 95e3ee3971915b323e5c13dcfe3b12a4180850cd)
Bug: 3020069
Change-Id: I374258ccc103f8cb3e238f2bf0d1afda0659db94
This has the full filter functionality, but is currently only
able to block Activity intents. Logging intents, or blocking
service/broadcast intents is not yet implemented.
Change-Id: Ied3d8dedf982e17bcbdff3e328eeb87477954df7
Make grantPermissionsLPw by refactoring some code into a new
function, isNewPlatformPermissionForPackage.
No functional changes.
Change-Id: I467dacfe1fcf7e77cef4cb6df54536eeaafd9064
We can get rid of an indention level by modifying an if/else
block slightly.
No functional changes.
Change-Id: I0404093ea9ebe7729417d825afb6e97e158ad23e
Make grantPermissionsLPw smaller by introducing a new doSignaturePermission
function.
Just a refactoring. No functional code changes.
Change-Id: Ia967fd93e3f7cf3e48fcd13be0b04994b76d36f3
Now that we are smarter about the initialization, we need
to do this after all packages are scanned.
Change-Id: I598f5ef84dcc83779bbff29e4c92136c63fb32de
More getters and setters, better naming.
New extra defined for returning a custom intent that handles showing the
restrictions UI.
Change-Id: I2ee0cdb4edd99e71a9004ff5e929dbe243b45557
Ensure that policy contains a clean seinfo
string. Where clean means no whitespace characters.
Change-Id: I814411cbc8d16eaed99a1389f5487529e36e617b
Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil>
Created constants for these in UserManager and current.txt. Also created
an accessor for individual user restrictions that takes the restriction key
(removing individual methods for particular restrictions).
Change-Id: Ibb5517cbcdffadd3925f52cbe67d7d525813faa9
A Device Owner cannot be uninstalled and is available to all users. It must
be registered before the device_provisioned flag is set.
Device admins can be disabled until used, but visible to device policy
manager, so that users wont be bothered with update requests.
Opened up a few related APIs for use by a system-installed Device Owner.
Change-Id: I847b5fe68c0f724863f778a67602b5bddc79d8e5
Patch adds the seinfo label per package to the file.
This is of particular interest to the run-as program
which uses the seinfo tag to correctly label the
app security context before running the shell.
Change-Id: I9d7ea47c920b1bc09a19008345ed7fd0aa426e87
Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil>
This patch set allows the PMS to parse the
mac_permissions.xml file which contains the
seinfo values. Each package that is installed
on the device will be assigned an seinfo value
based on policy. This seinfo value will help label
the app process and data directory. Modifications
include adjustments to ApplicationInfo.java
to store the seinfo tag per package as well as
adjustments to installd to communicate the seinfo
tag to libselinux.
Change-Id: I61ad1ea12fb6a9a6d0b108ec163bc4bf4c954b58
Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil>
Currently, grantPermission / revokePermission only handles development
permissions. This change extends these two functions to handle normal
and dangerous permissions.
A normal / dangerous permission can modified if it is marked as
optional (android:required="false") using the "am grant" / "am revoke"
commands.
Currently, this change is a no-op. The package parser code
does not currently honor <uses-permission android:required="false"> in
the application's manifest, and assumes a permission is always required.
This change sets the ground for future optional permissions work.
Change-Id: I34f02ffd714e8a9a37b9f87df89cef915b1b6780
This patch covers 2 cases. When an app is installed
and the resulting data directory is created for all
existing users. And when a new user is created and
all existing app data directories are created for
the new user.
Change-Id: Iacaba6d9d18d5337e65713960d14efe32006b330
Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil>
This patch set allows the PMS to parse the
mac_permissions.xml file which contains the
seinfo values. Each package that is installed
on the device will be assigned an seinfo value
based on policy. This seinfo value will help label
the app process and data directory. Modifications
include adjustments to ApplicationInfo.java
to store the seinfo tag per package as well as
adjustments to installd to communicate the seinfo
tag to libselinux.
Change-Id: I61ad1ea12fb6a9a6d0b108ec163bc4bf4c954b58
Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil>
Adds the ability for apps to export some restrictions. The restrictions
are presented in Settings based on the restriction type. The user's
selections are stored by UserManagerService and provided to the
target user's application as a list of RestrictionEntry objects which
contain the key, value(s).
Also introduce a manifest entry for system apps to request that the
app be automatically installed in all users, so that they cannot be
deselected by the owner user.
Shared account filtering for non-whitelisted apps.
Change-Id: I15b741e3c0f3448883cb364c130783f1f6ea7ce6
Don't automatically grant all normal/dangerous permissions. Instead,
check the value of requestedPermissionsRequired to see if it's required.
If the permission is not required, then only grant it if the permission
was previously granted to the application.
Change-Id: I86b1fae530c006d353f9fa22137598bc88253805
