Remove MANAGE_USERS permission from shell and whitelist it for
some specific functionality.
Bug: 29189712
Change-Id: Ifb37448c091af91991964511e3efb1bb4dea1ff3
New privileged permission READ_OEM_UNLOCK_STATE added
for system privileged apps.
Changing the unlock state still requires the old
permission OEM_UNLOCK_STATE, which is signature protected.
Bug: 28953956
Change-Id: Iedd2ad1d2d1dc3ae91122d7c406e3ee623a47d61
More broadcasts (from telephony) that should be protected.
Also put a little more information in the wtf message to
help determine where broadcasts from out of the system process
are coming from.
Change-Id: Ie3df25c883482ca54c7a7c5db57ca609950f5cbc
It's a protected broadcast, so sending it directly from 'am' is
no longer an option. This is needed for CTS as well as being
generally useful during app development.
Bug 28406044
Change-Id: I101915a8c6f19454330a8db2079a75023c112582
Both of these activities do additional work and look janky when
rebuilding for a config change, especially in the presence of
multiwindow. As neither of them use layouts or other resources that
vary based on configuration, mark them as handling the relevant config
changes.
Bug 27171954
Change-Id: I38df1d875bcb063d72316b586c4d3f8074c4fad9
- Change back the throttling quota to 10 calls / day
- Foreground apps are no longer throttled, and when an app comes to
foreground the call counter will be reset.
- When the system locale changes, reset throttling for all packages
for all users.
See LocalService.onSystemLocaleChangedNoLock() for how it's performed.
Because the reset must happen before any other apps have a chance to
publish shortcuts, the logic is not straightforward.
- Added an internal API to reset the throttling upon inline-reply
from a notification.
- Stop supporting icons from "content:" URIs
- Improved javadoc on several APIs.
Also internal refactor needed to this:
- ShortcutUser.getAllPackages()/getAllLaunchers() are no longer
accessible to outer code to prevent accidentally adding/removing the
content. Outer code should use forAllPackages() / forAllLaunchers().
Bug 27923857
Change-Id: I002511193d1d33718163bb1dabe77610bde58198
The PackageInstaller app manages side-loading apps as well
as permission management. It should be updatable, hence
should rely on system APIs to talk to the platform. This
is the first step of defining an API boundary.
Change-Id: I9814eafd0b22ae03b4b847a7007cdbf14c9e5466
- New service TVRemoteService triggered by SystemServer
- Provider service proxy and watcher for maintaining connections to unbundled
services which have the BIND_TV_REMOTE_SERVICE permission.
- Shared library to facilitate connections between unbundled service and
TVRemoteService.
- Unbundled service needs TV_VIRTUAL_REMOTE_CONTROLLER
permission to be fully functional.
b/23792608
Change-Id: Ief5c6995883d1f7268a73bdd0c920c4c3f42cddb
This undoes the automerger skip which occured in
commit e740c84dc32180214a7fd157105d6c18d30408ee and
replays it as a standard (NOT -s ours) merge.
Change-Id: If5a47be26f73d6a0735c425cd66310a3e2a89086
This is a privileged permission and is only to be used by
the core OS and related packages whose names are confusing
or misleading when shown in notifications.
The user will always be able to see the true package name by
accessing the notification inspector (longpress or swipe
gesture on the notification row in SystemUI).
Fixes: 26517701
Change-Id: I2b021c9da0757b99df76399666af263668d88070
Adds android.permission.UPDATE_LOCK_TASK_PACKAGES, available only to
the system and setup wizard, providing access to
updateLockTaskPackages() without registering with the device policy
manager as a device owner.
Bug: 20016740
Change-Id: I6eceb5cece9407c84eabf3a818bb908f95989b91
This service connects through the print manager to the print spooler:
PrintSpooler.AddPrintersActivity <-> PrintManager <-> PrintManagerService <-> UserState <-> RemotePrintServiceRecommendationService <-> PrintRecommendationService <-> PrintRecommendationServiceImpl
Hence there is a lot of mindless plumming.
The actual changes are only in the AddPrintersActivity which is extended
to show another list of services: The recommended services.
The PrintServiceRecommendationService is based on the experimenal print
service stubs provider. This provider was contributed the Android by
Mopria. As this services uses Android own network discovery service most
code from the experimental provider goes away. In fact the only logic
left over is the selections of mdns-txt fields to look at and the
printer vendor configuration.
This relies on the Android MDNS to get fixed (Bug: 27696905). This also
does not deal with how to update the recommendation service.
Bug: 24533249
Change-Id: I6edc6e25fc08a50d478b61c71bb8ea158b08624c
Mostly consists of removing the word "encryption" from most APIs,
since we can't actually make promises about the data being encrypted.
Bug: 27531029
Change-Id: Iace9d7c4e64716abf86ed11847c40f3947e1d625
There are a handful of core system services that collect data from
third-party ContentProviders by spinning them up and then caching the
results locally in memory. However, if those apps are killed due to
low-memory pressure, they lose that cached data and have to collect
it again from scratch. It's impossible for those apps to maintain a
correct cache when not running, since they'll miss out on Uri change
notifications.
To work around this, this change introducing a narrowly-scoped
caching mechanism that maps from Uris to Bundles. The cache is
isolated per-user and per-calling-package, and internally it's
optimized to keep the Uri notification flow as fast as possible.
Each Bundle is invalidated whenever a notification event for a Uri
key is sent, or when the package hosting the provider is changed.
This change also wires up DocumentsUI to use this new mechanism,
which improves cold-start performance from 3300ms to 1800ms. The
more DocumentsProviders a system has, the more pronounced this
benefit is. Use BOOT_COMPLETED to build the cache at boot.
Add more permission docs, send a missing extra in DATA_CLEARED
broadcast.
Bug: 18406595
Change-Id: If3eae14bb3c69a8b83a65f530e081efc3b34d4bc
Second attempt. Still need to add strict mode violation checks and
logging.
Bug: 21901286
This reverts commit bf33bd4d31cfec895c96990525b0cb856407c8d6.
Change-Id: I5d73343544c32ce4fc4c377ba44db8e677a1287d
Bug: 22855417
Bug: 26724891
Bug: 27364145
- Add an API for VrListenerService, which is bound/unbound
from the framework when the system VR mode changes.
- Allow only a single bound VrListenerService at a time.
- Monitor allowed VrListenerService implementations from
VrManagerService and evict services as needed when packages,
users, or settings change.
- Remove previous VR functionality in NotificationListenerService.
- Add component target to Activity#setVrMode to allow
explicit selection of the running VrListenerService from
the current VR activity.
Change-Id: I776335f4441be0e793d3126f2d16faf86a8c621a
