This is a important broadcast that needs to be picked by multiple
components and apps.
Bug: 152655546
Test: build and sanity
Change-Id: I17befbb8814c09c24498b4e534e04f0fbce24c2f
Merged-In: I17befbb8814c09c24498b4e534e04f0fbce24c2f
This permission is needed for wifi CTS tests.
Is the minimally scoped permission that needs to be added?
- Yes, this only allows the app to influnce wifi vs lte network
selection algorithm.
What options did you explore that did not need this permission?
- Without this permission, it would be impossible to test these API's:
WifiManager.setWifiConnectedNetworkScorer()
WifiManager.clearWifiConnectedNetworkScorer()
WifiManager.clearWifiConnectedNetworkScorer()
WifiManager.addOnWifiUsabilityStatsListener()
Bug: 150236894
Test: Device boots up.
Change-Id: Ic173e44ab818cdfecebde80715ddaec347019db6
Merged-In: Ic173e44ab818cdfecebde80715ddaec347019db6
Add MODIFY_DEFAULT_AUDIO_EFFECTS permission to shell which
is needed to run GTS tests on @systemApis for
audio effects control.
Bug: 148703417
Test: run gts -m GtsAudioTestCases -t com.google.android.audio.gts.DeviceEffectTest#testCreateDeviceEffect
Change-Id: Iba579001aeffd85743850727135a6f536579ea17
Merged-In: Iba579001aeffd85743850727135a6f536579ea17
CaptivePortalLogin is not a privileged app, so it cannot get these
permissions anyway.
Test: CaptivePortalLogin working without the permissions
Bug: 151214275
Change-Id: I283b8068b9eada28d92c9d550473106a1b680a27
Permisssion of PanService#setBluetoothTethering is change from
BLUETOOTH_ADMIN to BLUETOOTH_PRIVILEGED.
Tethering service need bluetooth privilege permission to enable
bluetooth tethering.
Bug: 146045934
Test: on/off bluetooth tethering
Change-Id: Ib87a5d5a5bb49390aa55e52713bb3539d4a52348
Whitelisted telephony broadcasts using the intent background flag.
Ensured that each broadcast was protected manually through cts test below.
Bug: 148181747
Bug: 151112539
Test: Switched on ActivityManagerDebugConfig.DEBUG_BACKGROUND_CHECK for SIM_STATE_CHANGED
Test: android.telephony.cts.TelephonyProtectedBroadcastsTest
Merged-In: Id280fc2128b84dda2a8184dfa32ecc5b8f787afb
Change-Id: Id280fc2128b84dda2a8184dfa32ecc5b8f787afb
This permission is needed for some wifi CTS tests.
Is the minimally scoped permission that needs to be added?
- Yes, this only allows the retireval of the saved wifi network
credentials on the device.
What options did you explore that did not need this permission?
- Possibly creating a UI to ask for manual entry of network credentials.
But, that would not let us do automated CTS tests (will need to become
CTS verifier tests then).
Bug: 150236894
Test: atest android.net.wifi.cts.WifiNetworkSpecifierTest
Change-Id: I6881003510191f667950be1ab27a5399fe3914b4
Merged-In: I6881003510191f667950be1ab27a5399fe3914b4
ANGLE is a system library which adds a developer option to control when
it is used as the default OpenGL ES driver.
ANGLE is transitioning from an internal-only prebuilt library to being
built from source in AOSP.
Test: manual, ANGLE.apk's developer options work.
Bug: 142239747
Change-Id: I3e616d6252d0daa0e32c942b05987d17e73a2709
imageValidationThrowOrWarning() logs the error as a warning if device
bootloader is unlocked, else re-throw the error.
Device lock state is queried via PersistentDataBlockManager service.
Bug: 128892201
Test: adb shell am start-activity \
-n com.android.dynsystem/com.android.dynsystem.VerificationActivity \
-a android.os.image.action.START_INSTALL \
--el KEY_USERDATA_SIZE 8192 \
-d file:///storage/emulated/0/Download/aosp_arm64-dsu_test.zip \
--es ${IMAGE_KEY}
Test: Observe the logcat
Change-Id: I895e70d90624afda2bf7cd3b34ea8d21a1702163
- READ_COMPAT_CHANGE_CONFIG is required to read the current state of the
config
- LOG_COMPAT_CHANGE is required to log the status of a compat change for
a package and/or uid to statsd
- OVERRIDE_COMPAT_CHANGE_CONFIG is required to add overrides
The permissions must be signature|privileged, as there are already
examples of code which this would not be sufficient (e.g.
MediaProvider).
This is a re-landing of https://r.android.com/1209240, which was
reverted due to http://b/142942524. The actual fix was done in
http://ag/10234812.
Bug: 142650523
Test: atest PlatformCompatTest
Test: atest PlatformCompatPermissionsTest
Change-Id: Ie9429477c9a1725b5cb67756787bf742038e5d2b
Renames PhoneTime[|Zone]Suggestion to TelephonyTime[|Zone]Suggestion.
Makes changes to generally avoid PHONE and use SLOT_INDEX or telephony
as appropriate for the usage. Removes telephony / phone from a few
variable names where it doesn't add value.
This commit also renames some remaining phoneId instances to slotIndex
which were missed when that rename happened.
Bug: 148842434
Test: treehugger
Change-Id: I4302e68082b802b75b53c02a9c9b1ae39dff6085
Area info cell broadcast messages are not handled
by cell broadcast receiver anymore. Instead, they will
be processed in cell broadcast service. Privileged apps
that are interested in getting the information will need
to get it directly from cell broadcast service.
Note this is only enabled for certain countries and carriers.
Test: Manual
Bug: 141318859
Bug: 141425194
Merged-In: I2245c39f679d0ad94c9a1325edc553f362fdce7c
Change-Id: I2245c39f679d0ad94c9a1325edc553f362fdce7c
(cherry picked from commit 80e432043582a14dc9d7382ed81b0699b9a01e49)
Shell already can reboot a device (via `adb reboot` command). This
change allows shell to also trigger a reboot logic inside the
system_server.
Additionally, it allows to CTS test PowerManager.reboot API.
Test: adb shell svc reboot
Change-Id: I4545c4f3587fee2840a00648c569f75bb57501fc
Merged-In: I4545c4f3587fee2840a00648c569f75bb57501fc
This is required for ambient display tests
Bug: 147874708
Test: Run newly added ambient display tests.
Merged-In: I61c28e15c4e5c3d0ffee4137ecb86e33f7e8f64d
Change-Id: I26ab1cd48816ddb3aa8b30708726a3e1a3a20b9a
* changes:
Move the app to /system_ext
Set sdk_version "current" in test package
Move the permission.xml to /system_ext
Move SystemUI to /system_ext
move privapp_whitelist_com.android.storagemanager to system_ext
Move 'privapp_whitelist_com.android.launcher3' to system_ext
Move 'privapp_whitelist_com.android.settings' to system_ext
move privapp_whitelist_com.android.provision to system_ext
privapp_whitelist_com.android.emergency to system_ext
privapp_whitelist_com.android.carrierconfig to system_ext
As mentioned in b/132780927, we plan to forbid hidden APIs usage in /product partition,
in other word, apps in /product are allowed to use only either public API or system API.
So, this app will be moved to /system_ext, of course, it is not permanent,
they can be moved back to /product if they don't use hidden API anymore.
Bug: 137908189
Test: m
Test: check whether device boots successfully
Change-Id: I623e0dcc1d3bc1a2a69a6cad34ace1f79532654e
Merged-In: I623e0dcc1d3bc1a2a69a6cad34ace1f79532654e
we plan to forbid hidden API in product partition.
So this app should be moved to /system_ext because it uses hidden API.
It is not permanent, so they can be moved back to /product due to
needs if there isn't hidden usage anymore.
Bug: 137908189
Test: m
Test: check whether device boots successfully
Test: atest SystemUITests
Exempt-From-Owner-Approval: cherry-pick from internal
Change-Id: I54f86496d4a0045af3576091cce00e5cd285b4f8
Merged-In: I54f86496d4a0045af3576091cce00e5cd285b4f8
After check the usage of those apps who declared
CONNECTIVITY_INTERNAL permission, they don't access any API which
protected by CONNECTIVITY_INTERNAL. And CONNECTIVITY_INTERNAL
has been removed from their AndroidManifest.xml. So remove the
redudant permission from privapp-permissions-platform.xml.
Bug: 32963470
Test: build, flash, boot to home w/o any permission problem.
Change-Id: I3f31d16163e359b0b16f06129452a758ea149fc1
Add corresponding permission to allow tether offload to update
network usage through new API that requires UPDATE_DEVICE_STATS
permission.
This is the minimum permission that required to update network
usage with the new system api.
Test: atest FrameworksNetTests OffloadControllerTest TetheringTest
Bug: 130855321
Change-Id: I9c0c86e20d4797ea3570feed741be3a07f839c7d
As StorageManager, permissions.xml should follow the app's partition.
Test: m && check booting
Bug: 137908189
Change-Id: Ie791b5fbe1b1906537a57e8f1c34029c0f092afc
Merged-In: Ie791b5fbe1b1906537a57e8f1c34029c0f092afc
As AOSP launcher is moved to system_ext, its permission files will follow the app location.
Test: m
Bug: 137908189
Change-Id: I5d11e3901633be82f375c56a5ef2c79b6e0b0922
Merged-In: I5d11e3901633be82f375c56a5ef2c79b6e0b0922
As Settings is moved to system_ext, its permission files will follow the app location.
Test: m
Bug: 137908189
Change-Id: I58ae29a6454f91f222b15ccbd9d3e5b5d5889289
Merged-In: I58ae29a6454f91f222b15ccbd9d3e5b5d5889289
Move tethering out of ConnectivityService. All client would
use TetheringManager to talk with TetheringService directly.
Bug: 144320246
Test: -build, flash, boot
-atest TetheringTests
Change-Id: Ib051bea724a256f9c4572b566e46ae7b9c4abe6e
Merged-In: Ib051bea724a256f9c4572b566e46ae7b9c4abe6e
This adds new permissions required when setting the time /zone in
response to telephony signals and when setting the time / zone manually
along the lines of "principle of least privilege".
The intent is to later restrict the number of distinct processes that
can manipulate the device system clock / time zone property directly so
that all time changes go through the time / time zone detector services,
which can enforce policy, log the reasons for changes, and so on.
Bug: 140712361
Test: atest com.android.server.timedetector
Change-Id: Iabd3a5f449ad2ef2b6581475ef2535a4a8a88ef9
Since tethering is moved from systemServer to networkStack
process, it would lose privileged capability. Grant privileged
permissions for tethering individually. Grant MANAGE_USB to control
usb rndis function. Grant MODIFY_PHONE_STATE to know whether DUN
is required. Grant READ_NETWORK_USAGE_HISTORY to update tethering
usage. Grant UPDATE_APP_OPS_STATS to check WRITE_SETTINGS permission.
Bug: 144320246
Test: -build, flash, boot
-atest TetheringTests
Change-Id: Id6e71b58e027d6ba90551084367ef881652c2555
Grant TETHER_PRIVILEGED permissions to the shell identity
for use within CTS tests.
Bug: 145490751
Test: atest CtsTetheringTest
Change-Id: Ifad265cdc5e0b1b1b2fa8f4f79eeb7dd18493624
Merged-In: Ifad265cdc5e0b1b1b2fa8f4f79eeb7dd18493624
Add CONNECTIVITY_USE_RESTRICTED_NETWORKS permission to phone
package in privapp permission list.
Bug: 146222771
Test: build, flash, boot to home
Change-Id: I1c88b892b1d2f50856b139a5cad5dc8b07a006be
Settings application needs the previleged permission to retrieve UICC
card information by using Telephony Manager API.
Bug: 141256483
Test: Manual and SimStatusDialogControllerTest
Change-Id: I33d3bb1947d828e283ee62b7cd0936b8baf73acb
