This is a partial revert of http://ag/738523 , but not a full
revert because M apps that have gone through the WRITE_SETTINGS
route to obtain permission to change network state should
continue to have permission to do so.
Specifically:
1. Change the protection level of CHANGE_NETWORK_STATE back from
"signature|preinstalled|appop|pre23" to "normal". This allows
apps that declare CHANGE_NETWORK_STATE in their manifest to
acquire it, even if they target the M SDK or above.
2. Change the ConnectivityManager permission checks so that they
first check CHANGE_NETWORK_STATE, and then ask Settings
if the app has the WRITE_SETTINGS runtime permission.
3. Slightly simplify the code in the Settings provider code that
deals specifically with the ability to change network state.
4. Make the ConnectivityService permissions checks use the
ConnectivityManager code to avoid code duplication.
5. Update the ConnectivityManager public Javadoc to list both
CHANGE_NETWORK_STATE and WRITE_SETTINGS.
Bug: 21588539
Bug: 23597341
Change-Id: Ic06a26517c95f9ad94183f6d126fd0de45de346e
Add a new SystemUI component to watch for keyboard attachment /
detachment. If the config specifies the name of a keyboard that is
packaged with the device, then SystemUI will ask the user if they
would like to enable BT (if disabled) and then attempt to pair to the
device.
Bug: 22876536
Change-Id: I786db35524d49706d5e61d8b8bc71194d50113f3
Previously, when CHANGE_NETWORK_STATE's protection level was raised to
signature from normal, the documentation was not changed. This CL
addresses the documentation to reflect the correct protection level.
Change-Id: I0a4d2fcef5f30c58b38250865543e72b5eb1ab06
We need to keep in the manifest as normal hidden permissions
all removed dangerous ones to ensure backwards compatibility
as apps may be gating operations based on whether they have
a removed permission.
bug:23377184
Change-Id: I105bd646c4594d85c501f53a10ea393ee50046bc
Merge the CHANGE_NETWORK_STATE permission with WRITE_SETTINGS.
AndroidManifest.xml:
Raised the protection level of CHANGE_NETWORK_STATE permission from
normal to signature|appops and pre23|preinstall for compatibility
provider/Settings:
Wrote new helper methods to check if app is allowed to change network
state.
ConnectivityManager.java & ConnectivityService.java:
Replace enforcement checks for CHANGE_NETWORK_STATE with
checkAndNoteChangeNetworkStateOperations instead.
Change-Id: If8c2dd3c76a5324ca43f1d90fa17973216c2bcc5
1. When a permission is revoked we kill the app immediately but do
not do an immediate kill for shared uid processes. This fixes it.
2. Remove system APIs that are used only by the package installer.
bug:22984670
Change-Id: I3d4ae52ea8679f894aa7c5972941263903479183
Introduced signature-level permission android.permission.PEERS_MAC_ADDRESS.
It allows access to MAC addresses of WiFi and Bluetooth peer devices, without
having location permission or even if location is turned off.
Bug: 21852542
Bug: 22728628
Change-Id: If0ff80636e57b38dbedc8fcf5f520a3a6d6f734e
Add some new internal APIs to enumerate USB Type C ports, query their
status, determine whether they support changing power or data roles,
and doing so. The API also adds a new ACTION_USB_PORT_CHANGED broadcast
for port state changes.
The implementation includes a mechanism for simulating the behavior
of the USB stack. See 'adb shell dumpsys usb -h' for details.
Note that the underlying kernel driver interface is still subject
to change but its behavior has been encapsulated as much as possible.
Bug: 21615151
Change-Id: I0c853ae179248a4550b3e60d02a7a7e65e4546b2
The permission was lowered in protection level to normal
allowing apps to assess migration strategy. This change
makes the permission dangerous again allowing apps to
implement this strategy.
bug:22385299
Change-Id: I3694c06236a33b97f63761b48745b1df654a2bf4
Raised the protection level of WRITE_SETTINGS permission to appop and also
allowed backwards compatibility with pre23 flag. Also made sure that this
permission is not added as RuntimePermission in DefaultPermissionGrantPolicy as
that breaks a lot of gmscore stuff.
Introduced new action to manage write system settings as a new API and
renamed the string that describes the managing of overlay permission.
Change-Id: Ifd25a6ddc06de68ee37015cb9fb23452e4ef10f4
This allows fingerprint enrollment to be done from
system-installed apps, such as Setup Wizard.
Fixes bug 21695577
Change-Id: I990912dcf229aa03f6350f96a09ff4588b20ca48
This allows you to specify that a permission can be granted to
any pre-installed system app (not just privileged ones).
And as long as I am doing this, clean up the old "system" permission
flag, renaming it to "privileged" which is what it really is today,
deprecating the old names. And switch the platform's permission
declarations to use the new name.
Change-Id: Iabf484746af232144786851ec7fe90e3de9dddb2
Raised the protection level of WRITE_SETTINGS permission to appop and also
allowed backwards compatibility with pre23 flag.
Introduced new action to manage write system settings as a new API and
renamed the string that describes the managing of overlay permission.
Change-Id: I939a95b9a8b1ae75bf67aa6d8190c92a8d2001d3
Typical apps are restricted so they can only view shared storage
belonging to the user they're running as. However, a handful of
system components need access to shared storage across all users,
such as DefaultContainerService and SystemUI.
Since WRITE_MEDIA_STORAGE already offers this functionality by
bypassing any FUSE emulation, reuse it to grant the "sdcard_rw" GID
which is no longer handed out to third-party apps. Then we change
the FUSE daemon to allow the "sdcard_rw" GID to see shared storage
of all users.
Bug: 19995822
Change-Id: I504c2a179ba74f142ed0d32da5baa69f4212cd82
...to an explicit toggle to enable in Settings
Add a new permission flag, saying the permission can be automatically
granted to pre-api-23 apps. Apply this to SYSTEM_ALERT_WINDOW.
Change-Id: I24a0ceabe7e9f5e458a864d30eda2696ad14a699
