1. Grant ENTER_CAR_MODE and CONTROL_INCALL_EXPERIENCE permissions to the
shell identity for use within CTS tests.
2. Remove un-needed Telecom shell command.
Test: unit tests, telecom CTS tests, manual testing
Bug: 144345414
Change-Id: I54a2e723d6ef9552117e6cadf4ab7c449dd5e3cb
Per design doc (go/android-car-mode-design), added new system API to
enable car mode and specify a priority for the calling app.
Also modified UiModeManager to pass the package name of the caller to
UiModeManagerService.
Bug: 136109592
Test: Added new unit tests and CTS tests.
Test: Added Telecom test app functionality to verify.
Change-Id: I2848039c9ea18ba93e7694e04c4e5dc70759daa3
Merged-In: I2848039c9ea18ba93e7694e04c4e5dc70759daa3
Update the permissions and resource to reflect this move.
Bug: 135956699
Test: manual
Change-Id: I8c798f48e3a342cc2ce29d1f7f199ae1337ff2d0
Merged-In: I8c798f48e3a342cc2ce29d1f7f199ae1337ff2d0
CellBroadcastService is bound to by the platform to handle cell
broadcasts.
Bug: 135956699
Test: manual
Change-Id: I865c09d6d246779b706c06371df685d415618699
It's needed because when we broadcast ACTION_SIM_SLOT_STATUS_CHANGED
we want to allow the receiving app to start an activity from the
background.
The app already has it implicitly, since it has the same shared UID as
com.android.stk which has the permission for unrelated reasons. Making
it explicit makes it less likely it will lose the permission
accidentally re-introducing a subtly bug.
Bug: 132691768
Test: Builds
Change-Id: I85669423e628b4534a3f28efd17947ca2481454e
Merged-In: I85669423e628b4534a3f28efd17947ca2481454e
This reverts commit b59c74f3026ce1b7f978cb15275ee01dd001cf3b.
Reason for revert: depends on ag/9477322 being CP'd, or else causes breakages downstream (b/142399383)
Change-Id: I25b1695757d5fec8c00f05d033c33501f4fc5389
CellBroadcastService is bound to by the platform to handle cell
broadcasts.
Bug: 135956699
Test: manual
Change-Id: Ib1b20da03d271fc0b2736774b2ca6c6514944093
Merged-In: Ib1b20da03d271fc0b2736774b2ca6c6514944093
This reverts commit 0999f93e4a00a7991d13cfca185e99b9fbecbc38.
Reason for revert: There is a better choice (ag/8051966) than adding the permission to resolve b/130827484
Bug: 130827484
Change-Id: I1b8fd74a173d4b0ef981e51f7e0a9c5f84d5f416
com.android.providers.downloads
Required because DownloadManager needs to whitelist
a broadcast for bg activity starts.
Bug: 135515407
Test: builds, boots (it wouldn't without this)
Change-Id: Id6c22d1397417bbc10e2829e563f29cbccccd8bf
Most of the time MediaProvider is making Binder calls on behalf of
an external caller, so use PropagateWorkSourceTransactListener to
ensure that we record the original source.
Bug: 125725916
Test: atest --test-mapping packages/apps/MediaProvider
Change-Id: I591dfb2903a54239639452954ea2d780e79b280c
Now that we have LocalCallingIdentity, we can start caching it in
very narrow cases. We must be careful to not cache too long, since
any changes to granted permissions for the UID mean we need to
re-evaluate any cached answers.
The best middle-ground for this in the Q release is to use an active
camera session as a proxy for when we should create a cache object
and then later invalidate it. (It's very unlikely that a user
changes permissions while actively using the camera, and this is
a strong signal that the caller is sensitive to performance.)
Many other sprinkled optimizations to avoid extra binder calls into
the OS, such as aggressively caching VolumeInfo related details.
Track IDs that are owned by each LocalCallingIdentity, to speed up
all future security checks.
Dispatch all change notifications asynchronously, and delay them by
several seconds while the camera is being actively used, to give
more important foreground work a fighting chance. Invalidate
thumbnails asynchronously.
Optimizations to ModernMediaScanner where it's safe to skip the
"reconcile" and "clean" steps when we're focused on a single file
that we successfully scanned.
Local tests show this CL improves performance of a test app that
takes 100 rapid shots by 45%. (All the collective optimizations
done so far this week add up to a 70% improvement.)
Bug: 130758409
Test: atest --test-mapping packages/providers/MediaProvider
Exempt-From-Owner-Approval: trivial manifest change
Change-Id: I38cc826af47d41219ef44eae6fbd293caa0c01d5
RoleManager likes to terminate apps when roles are changed which does
not work in CTS tests. We need to use a temp override in Telecom
for now.
Test: Run the CTS tests over, and over and over again.
Bug: 131065482
Change-Id: Id36942f2813abdfa0020ce4805c492a69bd07d0e
(cherry picked from commit 509ef150f23531b18fe29ef85337312f54535300)
When built as part of the system, the network stack and the
captive portal login app should have the BYPASS_PRIVATE_DNS
and CONNECTIVITY_USE_RESTRICTED_NETWORKS permissions.
These are necessary to validate restricted networks, bypass VPNs,
bypass private DNS for captive portal login, etc. Add these
permissions to privapp-permissions-platform.xml.
When installed as mainline modules that cannot use signature
permissions, the modules get this ability by virtue of having the
MAINLINE_NETWORK_STACK permissions.
Additionally, add the CONNECTIVITY_USE_RESTRICTED_NETWORKS
permission to the captive portal login app manifest, which did
not contain it.
Bug: 129789428
Test: builds, boots
Test: dumpsys package shows permissions
Change-Id: I632359f7eff09fed71167733ac75824a5aa57894
Merged-In: I632359f7eff09fed71167733ac75824a5aa57894
(cherry picked from commit 109dbf9c05f325d6f8298ffa81b9e90668fddaf3)
Fixed by granting START_ACTIVITIES_FROM_BACKGROUND
to the cell broadcast receiver.
Test: Manual
Bug: 130384940
Change-Id: Ie563a8f11ac991ab9568f65df6a4d14eebe47c5e
Allows for testing APIs protected by this permission from CTS tests
Test: adb shell dumpsys package com.android.shell | grep "\bSTATUS_BAR:
granted=true" # should find the permission
Bug: 130178313
Change-Id: Ida0950664b98217d9c0801c0f19436c754ee6744
Add NETWORK_SCAN to shell permissions to enable CTS testing of the
network scan changes
Bug: 126779616
Test: CTS
Change-Id: I1f75c9005620b3b0e06f066677cba6190f1d266c
The app is moving to /product, to separate out its permission
grants to a separate file and move that file to /product as well.
Bug: 122353713
Test: boot aosp_arm64 emulator
Change-Id: Ic165aae180a002c3566e3c1b1495a1d50dfd0e4a
This app will pretend to be the Settings app when sending
location access notifications.
Bug: 128608303
Test: boot
Change-Id: I447510bbe323f3de40828a5cb4a37abe1c44c990
Add Shell permission for new CTS tests to test the multi-display
functionality in WallpaperService/WallpaperManagerService.
Bug: 123707989
Test: atest WallpaperManagerMultiDisplayTests
Test: atest ActivityManagerMultiDisplayTests
Change-Id: Id97db050a0b9d1940c2dfaa793fbe526df578105
This change adds PACKET_KEEPALIVE_OFFLOAD to shell, which allows
shell or code with shell permission identity to use privileged
tcp keepalive offload API.
Bug: 114151147
Test: -atest ConnectivityManagerTest#testCreateTcpKeepalive
-build, flash, boot
Change-Id: Ib6660a5eaa72f83042596481452be4d415383f02
Some API changes per API reivew:
- Move DynamicAndroidClient and ~Manager to android.os.image.
- Rename them to DynamicSystemClient and ~Manager.
- Rename permission MANAGE_DYNAMIC_ANDROID to MANAGE_DYNAMIC_SYSTEM
- Corresponding changes in the installation service.
- Corresponding changes in privapp-permissions-platform.xml.
- Add missing annotations.
- Change setOnStatusChangedListener's parameters order.
- Improve documentations.
- Re-generate api/system-current.txt.
Bug: 126613281
Test: adb shell am
Change-Id: Ia920e9ccf6de1dbbd38c52910cb72cb81b9b5b32
This reverts commit 38ea50c63e8a031a6430d26b1f5b561402007243.
Revert and clean up merge conflicts. The checkbox which asks
to remove app data is still here
Fixes:112002130
Test: Build and check that the correct box is gone
atest CtsPackageUninstallTestCases
Change-Id: I47d8632d2fca360c02151ad54a4b927a5c2801f1
Shell app needs the permission when we run KeyguardManager CTS for
allowing private notifications as a privileged app.
Bug: 127351183
Test: m -j
Change-Id: I199bac8c8fed9ff0fc63b8c62f8002a6b273b28f
