729 Commits

Author SHA1 Message Date
Siarhei Vishniakou
4bb8bea04a Merge "Adding 'uhid' permission for bluetooth stack." am: 3e010d1353 am: 96d3b668bb
am: 50c5253c2d

Change-Id: I965b2ad6b603dba82116180a43fc20684d2f1b59
2017-05-12 01:00:34 +00:00
Dianne Hackborn
06640fea7b Finish issue #37815224: DeviceManagementService is incorrectly...
...starting services from jobs

Remove dmagent from whitelist.

Test: manual

Change-Id: Id13b95b9ca4f8fa890f4e20cf133a6f4bc0e3cc5
2017-05-11 12:15:08 -07:00
Siarhei Vishniakou
9e089567fd Adding 'uhid' permission for bluetooth stack.
This CL is in support of another CL c/2048848, topic
'Refactor hid command in /frameworks/base/cmds'
in internal master. Adding the permissions for bluetooth
devices here to access uhid_node as part of the new 'uhid'
group.

Bug: 34052337
Test: Tested on angler, bluetooth mouse works OK.

Change-Id: I63963984a0a3dccb4fccc64bb6fef4e809e2737e
2017-05-11 01:35:25 +00:00
Roozbeh Pournader
6f84f86f59 Move Phags-pa and Yi fonts to the end of fallback chain
There are shared East Asian punctuation defined in the Phags-pa and
Yi fonts, which would override the default Chinese form which we
prefer. This CL moves them to the end of the fallback chain, similar
to Ic2cbc79cecf9539ace8a432f373685eeff81e106.

Test: manual
Change-Id: Ieeb4c04ca785e07a5db94006a6da31ad040b7e7a
Bug: 38182099
2017-05-10 23:26:32 +00:00
Dianne Hackborn
d1f3df43c0 Work on issue #37815224: DeviceManagementService is incorrectly...
...starting services from jobs

Bring back the correct bg check restrictions on jobs, but also
bring back whitelisting of dmagent so it doesn't crash.

Test: booted and ran

Change-Id: I78892386bdcd4f39e0b1a6d33b224bdff958af37
2017-05-01 14:33:57 -07:00
TreeHugger Robot
730bf42e44 Merge "Revert "Whitelist DMAgent from bg check"" into oc-dev 2017-04-25 18:55:08 +00:00
Tony Mak
39d081015a Revert "Whitelist DMAgent from bg check"
This reverts commit ea00f16c8555c765f921f909974a1a426ea51b24.

Reason for revert: <INSERT REASONING HERE>

Change-Id: Id4ef18c858b320a31273f0b68d2a6c14d34d526d
2017-04-24 15:55:56 +00:00
Kang Li
0f80719a6f Moved LRResolverRankerService to ExtServices, and added a permission to
ensure that ResolverRankerServices are from trust sources.

Test: manually shared images in Camera, and in PTP to confirm it works
as expected.

Change-Id: I3549292d424fec949e9115faea7a0c5bdec06e87
(cherry picked from commit 61cf4d145e3f899ff2ff4500c3e46ea2c39adaf3)
2017-04-21 19:56:59 +00:00
Jeff Sharkey
9a4a457622 Clear identity to handle ALLOCATE_AGGRESSIVE.
We're not actually clearing any files, only deciding how much free
space is available, so we're fine assuming the remote caller has the
permission.

Test: builds, boots
Bug: 37169076
Change-Id: I6cd42f77c43e9d2de40e2b8b937c7f2145f1b869
2017-04-14 16:29:04 -06:00
Roozbeh Pournader
d6e9a6028a Add Adlam font to fonts.xml
Change-Id: If6b4b9138b9b761360cfdd3c1ba9659739af6402
Fixes: 37156487
Test: not needed
2017-04-13 16:04:47 -07:00
Jeff Sharkey
a4daf89f0f Grant Shell ability to clear cached app data.
It already has CLEAR_APP_USER_DATA to clear everything inside app
storage, and clearing cached data is a subset of that.

Test: cts-tradefed run commandAndExit cts-dev -m CtsAppSecurityHostTestCases -t android.appsecurity.cts.StorageHostTest
Bug: 36731175
Change-Id: Iefc5be6c80e2562a95424fd6fe413bdb018201a9
2017-04-11 13:03:54 -06:00
TreeHugger Robot
2ac9698271 Merge "Reorganize font enumeration API." into oc-dev 2017-04-04 16:49:56 +00:00
Seigo Nonaka
ff55115121 Reorganize font enumeration API.
This CL cleans up APIs around font variation settings.
- Remove FontConfig and FontManager public API.
- Remove FontManagerService from system service.
- Extract inner class FontConfig.Axis as top-level class FontVariationAxis.
  This is used by Typeface.Builder public API to create new Typeface.
- Introduce and expose FontVariationAxis utility functions from/to string.
- Throws if the invalid font variation settings is passed.

Test: android.text.cts.FontVariationAxisTest passes
Test: android.graphics.cts.TypefaceTest passes
Test: android.graphics.cts.PaintTest passes
Change-Id: I9ccafe7a53935960566243e2856e166878ca59ae
2017-04-03 13:55:07 -07:00
Tony Mak
ea00f16c85 Whitelist DMAgent from bg check
This should be reverted before O is shipped.

Test: Found DMAgent in the whitelist in Settings.

Bug: 36856786

Change-Id: I7828566e4bc93a30457c594471fa43270c0bf3b3
2017-04-03 19:29:51 +01:00
TreeHugger Robot
0c224f9674 Merge "Revert "Whitelist ManagedProvisioning from bg check"" into oc-dev 2017-04-03 11:06:59 +00:00
Tyler Gunn
07891b13f1 Merge "Add SUBSTITUTE_NOTIFICATION_APP_NAME pregrant for Telecom." into oc-dev 2017-04-01 00:54:25 +00:00
Tyler Gunn
e0d00e65ce Add SUBSTITUTE_NOTIFICATION_APP_NAME pregrant for Telecom.
Test: Manual
Bug: 36817809
Change-Id: I2d7439e3d0040b617a842812b6ae8bda3c32f1ee
2017-03-31 17:50:56 -07:00
Jungshik Shin
88b1114010 Use variable fonts for Noto Sans Khmer
Update fonts.xml to use NotoSansKhmer-VF.ttf.

The weight range of Khmer is also extended to have 9 weight instances
(three more than Roboto with 200, 600 and 800).

The width range for Khmer is left alone partly because of an apparent
lack of support in fonts.xml for non-normal width fallback fonts.

Note that Noto Sans Khmer UI is left alone because of a baseline issue.

BUG: 22667753
Test: See the QA instruction in comment 10 of the bug.
Test: fontchain_lint
Change-Id: Idf6d4fec86822663ac08feb8979edacbc6c709a0
2017-03-31 19:31:13 +00:00
Tony Mak
54479c5e23 Revert "Whitelist ManagedProvisioning from bg check"
This reverts commit bbb551cfb5df58512f6d0df889766887d440eb08.

Reason for revert: <INSERT REASONING HERE>

Change-Id: I1d36b8760aac68fc4d3fca106d20cddfddaa9230
2017-03-30 16:27:49 +00:00
Tony Mak
bbb551cfb5 Whitelist ManagedProvisioning from bg check
Notice that app put in this list is also exempted from doze.
Also, this only exempts us from the service restriction, but not the broadcast one.

Test: adb shell am make-uid-idle  --user 0 com.android.managedprovisioning
      && adb shell am broadcast -a android.intent.action.PRE_BOOT_COMPLETED -n com.android.managedprovisioning/com.android.managedprovisioning.ota.PreBootListener
      Observe there is no crash

Change-Id: Ic0a943a9b66c909a6727f9411af519a8c6cf0157
Fix: 36705375
2017-03-29 20:41:17 +00:00
Chris Tate
b1669bf22b Merge "Give shell the CHANGE_DEVICE_IDLE_TEMP_WHITELIST permission" 2017-03-22 18:07:49 +00:00
Christopher Tate
ec3a9f3346 Give shell the CHANGE_DEVICE_IDLE_TEMP_WHITELIST permission
Shell needs to have this permission in order for the deviceidle
tempwhitelist shell command to exist.

Bug 34715096
Test: cts-tradefed run cts -m CtsAppTestCases \
  -t android.app.cts.ActivityManagerTest#testBackgroundCheckService

Change-Id: Ic1fdd87b6020649705ba0c9349dd00dd096037f3
2017-03-21 17:52:42 -07:00
Conrad Chen
6dad6d41b8 Declare privileged permissions of Live TV app
Test: build
Bug: 35782070
Change-Id: Ia1e39dcf8fdd3345837ebec1729ad4d02699763b
2017-03-21 16:59:50 -07:00
Roozbeh Pournader
1d0e57c2f8 Add 25 Noto fonts for historic scripts to fonts.xml
Fonts for Avestan, Brahmi, Carian, Cuneiform, Cypriot, Deseret,
Egyptian Hieroglyphs, Gothic, Imperial Aramaic, Inscriptional
Pahlavi, Inscriptional Parthian, Kaithi, Kharoshthi, Linear B,
Lycian, Lydian, Ogham, Old Italic, Old Persian, Old South Arabian,
Old Turkic, Osmanya, Phoenician, Shavian, and Ugaritic have been
added to fonts.xml.

Test: Manual
Bug: 32046261
Change-Id: I3e8a0cc5b066d88f0655daf99320a992037d9082
2017-03-13 15:03:38 -07:00
Daniel Cardenas
8ac32ec658 Create new Audio include for TVs that doesn't have ringtones.
Copied AllAudio.mk, pseudo sorted the list and removed ringtones.

Bug: 36066803
Test: Build on Fugu
Change-Id: I5a68dc930fae9e694a62a023f7445c752487c492
2017-03-09 13:40:16 -08:00
Jeff Sharkey
5517b73726 Revert "Start locking down /data/media access."
Caused b/35926593 because ExternalStorageProvider needs raw
access to underlying devices that aren't mounted visibly, like
USB mass storage devices.

This reverts commit 53d64fc839ad79be28d783f0f14082310a647dd9.
2017-03-07 14:21:30 -07:00
Jeff Davidson
272fe5c338 Merge "Declare new com.android.phone permission in whitelist." 2017-03-06 18:57:48 +00:00
Jeff Davidson
7344159c71 Declare new com.android.phone permission in whitelist.
Bug: 35948554
Test: Will verify T/H build
Change-Id: I41773160aa6515983a15365905a2cbb6b13e10c6
2017-03-03 17:42:35 -08:00
Alex Klyubin
1991f57230 Restrict access from apps to bluetooth_address setting
BluetoothManagerService for some reason leaks the Android's Bluetooth
MAC address via Settings.Secure which is normally readable by all
apps. This lets apps bypass the restriction on access to Bluetooth MAC
address from apps.

This commit fixes the issue by restricting access to bluetooth_address
secure setting (Settings.Secure). Only packages which hold the
android.permission.LOCAL_MAC_ADDRESS permission retain access.

This commit accordingly grants LOCAL_MAC_ADDRESS permission to the
system Shell app because a number of scripts (including Android CTS)
use "adb shell settings get secure bluetooth_address" as a convenient
way to query the device's Bluetooth MAC address over ADB. This is
acceptable because the user of the device can see the Bluetooth MAC
address and thus it's fine for shell to be able to see the address as
well.

Test: See CTS test added in the cts project in this topic.
Test: "adb shell settings get secure bluetooth_address" returns the
      Bluetooth MAC address of the Android.
Test: "adb shell settings list secure | grep bluetooth_address"
      returns the Bluetooth MAC address of the Android.
Test: Bluetooth works (toggling off/on, pairing, file transfer)
Bug: 33701414

Change-Id: I17b110b96eb3794b25c1661e93d29a7a003e3c9a
2017-03-03 14:25:14 -08:00
TreeHugger Robot
47d663fcb8 Merge "Document future removal or move of fonts.xml" 2017-02-28 04:52:26 +00:00
Roozbeh Pournader
19b05500b7 Document future removal or move of fonts.xml
Users are referred to alternative ways to find the data.

Test: not needed
Change-Id: I399b3aed8d04b0eecf163f61faba8fd5babc74de
2017-02-27 08:32:41 -08:00
Adam Lesinski
aea3cf40d6 Whitelist new CHANGE_OVERLAY_PACKAGES permission
The Shell application needs access to change which overlays are
enabled in OverlayManagerService.

Test: Manual: invoke adb exec-out cmd overlay enable some.package.name
when shell is not root (adb unroot on eng builds).
Change-Id: I1849f68e244cfc9b1e13eb0e673dde7be03cba6d
2017-02-23 18:52:30 -08:00
Jeff Sharkey
53d64fc839 Start locking down /data/media access.
The new sdcardfs filesystem requires that we have stricter access
controls around /data/media style locations.  Start by taking away
the "media_rw" GID from apps requesting the WRITE_MEDIA_STORAGE
permission.

Common use-cases like music playback appear to continue working fine,
as clients should only be attempting to use /data/media paths after
calling maybeTranslateEmulatedPathToInternal().

Test: builds, boots, music playback works
Bug: 35447080
Change-Id: Iba9f3ef41d3277c75497f675a1fe6d3406cf4542
2017-02-22 15:48:46 -07:00
Jerry Zhang
f970636072 Allow the shell to set USB functions.
Bug: 25596495
Test: svc usb setFunction mtp true
Change-Id: I4472464a1c7ed100cb257dbad83d1d8cfef88fc7
2017-02-17 11:50:30 -08:00
Christopher Tate
3283079e5e Put shell on the idle/background whitelist
Bug 35229549

Change-Id: I9f7dd66c37af9c28c9f0714be4358b94930c2d32
2017-02-10 11:42:23 -08:00
Dianne Hackborn
3f13c54f14 Fix issue #34592078: Mobile broadcast crash observed randomly...
...when using device on mobile data

Whitelist CellBroadcastReceiver, this is a core OS component anyway
so this probably makes sense.

Test: manual

Change-Id: I1560093640e81064ad123ff0bbcb307583fc47c6
2017-02-09 11:07:18 -08:00
Christopher Tate
4244c91e27 Whitelist LocalTransport here in the framework sysconfig
This shouldn't properly be emplaced as a side-effect of partner-
specific configurations; so now we don't do that any more.

Bug 35151478
Test: verify whitelist contents with 'bmgr whitelist'

Change-Id: I854ddfdbcec1def882b24f5ea7955b28d4789806
2017-02-08 16:37:57 -08:00
TreeHugger Robot
c15add0040 Merge "Extend permissions of cameraserver" 2017-02-07 10:13:09 +00:00
Emilian Peev
bd8851022e Extend permissions of cameraserver
Camera service will need to a way to query
the process state and oom score.

BUG: 34701266
Test: Manual testing + cts-tradefd run cts -m Camera --abi armeabi-v7a --disable-reboot
Change-Id: I4df704817d2fc728d421daeffbbbcee2e61d8c3b
2017-02-06 17:14:20 +00:00
Brad Ebinger
cab1dad44f Add BIND_IMS_SERVICE to permissions whitelist
Adds android.permission.BIND_IMS_SERVICE to the permissions
whitelist xml file.

Bug: 34813244
Test: Manual
Change-Id: I7a7ad1a361c9d2dcc51769bc74a436878ad4adc5
2017-02-03 10:51:05 -08:00
Nimrod Gileadi
2dac5c7212 Add Wear keycodes to emulator key layout file. am: 119a06ce55 am: 9576ce6696
am: 00620e70d5

Change-Id: Ie9e186901a6d846ee1417b1b1db9ed091e854b89
2017-02-01 18:08:49 +00:00
Nimrod Gileadi
9576ce6696 Add Wear keycodes to emulator key layout file.
am: 119a06ce55

Change-Id: I33d2b0f9b8281c22422677f03d6046a1be0bd94f
2017-02-01 17:57:16 +00:00
Nimrod Gileadi
119a06ce55 Add Wear keycodes to emulator key layout file.
The SLEEP keycode is used by Android Wear to indicate a
"palming" gesture (covering the screen with one's hand).

The STEM_* buttons are used for side buttons on Wear.

The keycode values were added to the emulator in
http://r.android.com/330771

Bug: 19996432
Change-Id: Ib90c3b27209b0059ebc1c2cce46cc732a677d557
2017-02-01 12:13:12 +00:00
TreeHugger Robot
fffa2eb046 Merge "Deliver MEDIA_SCANNER_SCAN_FILE to background receivers" 2017-01-24 22:40:17 +00:00
Christopher Tate
03a1ba2da4 Deliver MEDIA_SCANNER_SCAN_FILE to background receivers
Bug 34630982
Test: download mp3 file in Chrome, see it taken up in Play Music

Change-Id: Ia2d35d266d0066f0c2bd278bc8b6024ba94261bb
2017-01-24 12:45:09 -08:00
Fyodor Kupolov
02616eaac8 Whitelist CHANGE_DEVICE_IDLE_TEMP_WHITELIST for systemui
Test: device starts without warning
Change-Id: Ia13f7cee3da7eb2ac185415b44b6905f0f28c487
2017-01-24 11:39:23 -08:00
Christopher Tate
42a386b771 Enable background restrictions
Apps that target O+ are always subject to background restrictions.
Legacy apps' background restriction is subject to the OP_RUN_IN_BACKGROUND
app op.

Apps with these properties are exempted from background restrictions:
  - persistent process
  - currently on the idle battery whitelist
  - global whitelist for things like bluetooth services

Bug 30953212

Change-Id: Icc19b2fbc05f40dcf8c3fc4abf718c373dc8d4f6
2017-01-19 16:23:02 -08:00
Chris Tate
9e83cbbc10 Revert "Enable background restrictions"
This reverts commit 21f778060badb1e78bffde05e8de7662d275003d.

Change-Id: I65586f9739da84fb32b51b0ea166b8288c41d1b3
2017-01-19 01:12:19 +00:00
Fyodor Kupolov
5c26dc1b54 Merge "Updated platform privileged permissions" 2017-01-18 22:42:45 +00:00
Christopher Tate
21f778060b Enable background restrictions
Apps that target O+ are always subject to background restrictions.
Legacy apps' background restriction is subject to the OP_RUN_IN_BACKGROUND
app op.

Apps with these properties are exempted from background restrictions:
  - persistent process
  - currently on the idle battery whitelist
  - global whitelist for things like bluetooth services

Bug 30953212

Change-Id: Ib444829a2d222125f64ff19e8218823fa78373f9
2017-01-18 11:30:41 -08:00