A Device Owner cannot be uninstalled and is available to all users. It must
be registered before the device_provisioned flag is set.
Device admins can be disabled until used, but visible to device policy
manager, so that users wont be bothered with update requests.
Opened up a few related APIs for use by a system-installed Device Owner.
Change-Id: I847b5fe68c0f724863f778a67602b5bddc79d8e5
This patch set allows the PMS to parse the
mac_permissions.xml file which contains the
seinfo values. Each package that is installed
on the device will be assigned an seinfo value
based on policy. This seinfo value will help label
the app process and data directory. Modifications
include adjustments to ApplicationInfo.java
to store the seinfo tag per package as well as
adjustments to installd to communicate the seinfo
tag to libselinux.
Change-Id: I61ad1ea12fb6a9a6d0b108ec163bc4bf4c954b58
Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil>
Currently, grantPermission / revokePermission only handles development
permissions. This change extends these two functions to handle normal
and dangerous permissions.
A normal / dangerous permission can modified if it is marked as
optional (android:required="false") using the "am grant" / "am revoke"
commands.
Currently, this change is a no-op. The package parser code
does not currently honor <uses-permission android:required="false"> in
the application's manifest, and assumes a permission is always required.
This change sets the ground for future optional permissions work.
Change-Id: I34f02ffd714e8a9a37b9f87df89cef915b1b6780
This patch covers 2 cases. When an app is installed
and the resulting data directory is created for all
existing users. And when a new user is created and
all existing app data directories are created for
the new user.
Change-Id: Iacaba6d9d18d5337e65713960d14efe32006b330
Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil>
This patch set allows the PMS to parse the
mac_permissions.xml file which contains the
seinfo values. Each package that is installed
on the device will be assigned an seinfo value
based on policy. This seinfo value will help label
the app process and data directory. Modifications
include adjustments to ApplicationInfo.java
to store the seinfo tag per package as well as
adjustments to installd to communicate the seinfo
tag to libselinux.
Change-Id: I61ad1ea12fb6a9a6d0b108ec163bc4bf4c954b58
Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil>
8323587: Add feature for supporting app widgets
8323342: Add feature for replacing the home screen
8323590: Add feature for supporting input methods
The app widget service looks for the app widget feature
and refuses to work if it doesn't exist. I didn't do
this for the input method service because some devices
will probably want to still make use of that mechanism
without supporting third party input methods.
Change-Id: Ie3b089105e104f4d767cdb03cdbe4fdb1c17382e
If no accessibility services are enabled, we disable the
accessibility event firing to save resources. When the last
such services is disabled the system was not unbinding. As
a result the user was seeing the touch exploration enable
dialog when the service that requested it is disabled. Also
there is one service the system is bound to that is not used.
bug:8439191
Change-Id: I6f37f2573a815bfb29870298aa0abbb1fa105588
Pause and retry capturing a thumbnail if the window hasn't yet
been drawn. Still will show black thumbnails if recents is pressed
before window has anything drawn.
Improves bug 7552304.
Change-Id: I550c5a60510bfc4547bbb44451d57b4bc9f49880
Since using the discard option for mounting an Ext4 file system
could lead to unpredictable slowdowns of I/O we will explicitly
control when to perform fstrim, i.e. discard unused blocks of the
mounted volume. We are using the idle maintenance intents sent by
the system which specify a window that one can use to perform
expensive maintenance tasks while the user does not use the device.
This change is adding a broadcast receiver for the idle maintenance
start intent to the mount services which then notifies vold when to
start fstrim.
Since fstrim will be run on a daily basis we do not expect fstrim
to be too long, so it is not interruptible. We will implement
interruption only in case we see issues.
bug:8056794
Change-Id: I1438479d2956b61b82d3a130854376f7a144aaf3
...Tune-In does not work since JWQ77
Instead of crashing the app for it being bad, just go ahead and
show a notification for it anyway that we make up.
You get what you deserve. :p
Change-Id: I92e32b9ff8835dabde63f8e08e991f72de0d0a92
We let the user know when he turns off Wi-Fi that scans will continue to
be available.
User has the option to turn off the dialog and not receive this in the future.
Bug: 8141918
Change-Id: I115ce2ac57125b8ffbb34245dc25effd4b3bebb0
The allowed packages are listed in
Settings.Secure.ENABLED_NOTIFICATION_LISTENERS. (Don't let
the plural fool you: only one listener will be supported in
the UI.)
Change-Id: Ia69f2ba05d8e555fd4d40b0cc89c62ed14af3cac
Adds the ability for apps to export some restrictions. The restrictions
are presented in Settings based on the restriction type. The user's
selections are stored by UserManagerService and provided to the
target user's application as a list of RestrictionEntry objects which
contain the key, value(s).
Also introduce a manifest entry for system apps to request that the
app be automatically installed in all users, so that they cannot be
deselected by the owner user.
Shared account filtering for non-whitelisted apps.
Change-Id: I15b741e3c0f3448883cb364c130783f1f6ea7ce6
The HeartbeatHandler for the System Server Watchdog has been running
on the wrong thread due to a race condition in initialization. It's
designed to run on ServerThread, so that it can catch lockups in the
main looper of the System Server. It has been running on
ActivityManagerThread instead, so it does not detect lockups on the
ServerThread as it should.
ActivityManagerService is calling Watchdog.getInstance() before
ServerThread calls Watchdog.getInstance().init(), so the handler is
being bound to the ActivityManagerThread instead of the ServerThread.
Explicitly bind HeartbeatHandler to ServerThread, so that the Watchdog
catches lockups on this critical thread.
Change-Id: Iccb184ac3adb817feb86ed4ee0e50e443bf74636
Don't automatically grant all normal/dangerous permissions. Instead,
check the value of requestedPermissionsRequired to see if it's required.
If the permission is not required, then only grant it if the permission
was previously granted to the application.
Change-Id: I86b1fae530c006d353f9fa22137598bc88253805
The root cause is:
There is a defect in window manager service: When a new
activity that can be ime target is added into window manager
but the Z order of input method window don't need to be
changed, then the target app token of input method window
would not be updated to new one. This defect may cause that
the layer of input method window is calculated incorrectly.
The solution:
Correct the target app token for input method window.
Change-Id: I008311e3c9b1cf5fc320b614d8675c183c506d50
Currently, NetworkManagementService only catches RemoteExceptions
when calling the BaseNetworkObserver notification methods (e.g.,
interfaceStatusChanged). However, if the observer is in the same
process, unchecked exceptions can occur as well.
When this happens, finishBroadcast does not get called, and no
further notifications can be sent, because any attempt to do so
fails with a "beginBroadcast() called while already in a
broadcast" exception.
Fix this by catching RuntimeException as well.
Bug: 8397534
Bug: 8276725
Change-Id: Icd6f32128707244978943c48a9ea3a2b952a2957
