summaryrefslogtreecommitdiffstats
path: root/data/etc
Commit message (Collapse)AuthorAgeFilesLines
* Fix issue #22989030: Separate battery whitelistsDianne Hackborn2015-08-071-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | We now have a new whitelist you can put apps in, which opts them out of the old battery saver mode and new app idle, but doesn't keep them from going in to doze. This is for a few special cases that we had previously whitelisted for battery saver, and inherited to the new modes... ultimately we should figure out how to get these apps out of the whitelist completely, but this will help for now. Apps in this new whitelist are not shown in the UI, because they are still significantly restricted by not being able to operate normally in doze. This also means they are still visible in the list of all apps for the user to be able to put them on/off the complete whitelist if that is what they really want. In the course of doing this, I needed to clean up code in the network policy manager to better separate management of the two firewall rules that now have different whitelists applied to them. This also hopefully just generally simplifies and cleans up that code. Hopefully! Change-Id: I92e15f2f85899571dd8b049b5e3eb1354f55f353
* Permission to view shared storage for all users.Jeff Sharkey2015-07-061-0/+1
| | | | | | | | | | | | | | | | Typical apps are restricted so they can only view shared storage belonging to the user they're running as. However, a handful of system components need access to shared storage across all users, such as DefaultContainerService and SystemUI. Since WRITE_MEDIA_STORAGE already offers this functionality by bypassing any FUSE emulation, reuse it to grant the "sdcard_rw" GID which is no longer handed out to third-party apps. Then we change the FUSE daemon to allow the "sdcard_rw" GID to see shared storage of all users. Bug: 19995822 Change-Id: I504c2a179ba74f142ed0d32da5baa69f4212cd82
* Let's reinvent storage, yet again!Jeff Sharkey2015-06-251-15/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Now that we're treating storage as a runtime permission, we need to grant read/write access without killing the app. This is really tricky, since we had been using GIDs for access control, and they're set in stone once Zygote drops privileges. The only thing left that can change dynamically is the filesystem itself, so let's do that. This means changing the FUSE daemon to present itself as three different views: /mnt/runtime_default/foo - view for apps with no access /mnt/runtime_read/foo - view for apps with read access /mnt/runtime_write/foo - view for apps with write access There is still a single location for all the backing files, and filesystem permissions are derived the same way for each view, but the file modes are masked off differently for each mountpoint. During Zygote fork, it wires up the appropriate storage access into an isolated mount namespace based on the current app permissions. When the app is granted permissions dynamically at runtime, the system asks vold to jump into the existing mount namespace and bind mount the newly granted access model into place. Bug: 21858077 Change-Id: I62fb25d126dd815aea699b33d580e3afb90f8fd2
* Introduce per-user GIDs for storage.Jeff Sharkey2015-03-231-2/+2
| | | | | | | This will eventually allow us to have a single unified filesystem instead of requiring zygote to use bind mounts. Change-Id: I29b819ab51498b4bab874e0367b1ab4165f84025
* Move apache specific portions of android.net.http to external/apache-http.Narayan Kamath2015-02-121-1/+0
| | | | | | | | | | | | | | | | | | | We continue to compile external/apache-http into ext.jar. This contains a few changes apart fom the classes moving around : - Makefile changes to build docs and api-stubs for now. A future change will revert these changes and remove these classes from stubs and docs. - Hardcode event IDs in legacyerrorstrings to avoid a dependency between the frameworks and apache. These strings are on their way out and will never change anyway. - Remove imports due to {@link} tags and use {@code} instead. - Remove an accidental(?) dependency on apache commons code that's a part of apache-http. bug: 18027885 Change-Id: I51cd038d846ec7d02c283a4541b10a6a9cf62ecf
* Add library definition for org.apache.http.legacy.Narayan Kamath2015-01-211-1/+4
| | | | | bug: 18027885 Change-Id: I300ab2eb0f87e004ef20157bd23517865133665c
* [FM] Add FM permission to support FM radio appBenson Huang2014-10-011-0/+4
| | | | | | | | | | Add FM permission like KK to support FM radio app. Change-Id: Ifb76f63e3136a5f88306903fd28e9abbb01e69c9 Signed-off-by: Benson Huang <benson.huang@mediatek.com> Conflicts: data/etc/platform.xml
* Give audio GID to MANAGE_VOICE_KEYPHRASES apps.Jeff Sharkey2014-10-011-0/+6
| | | | | | | | | Some system apps doing hotword training need low-level access to audio hardware, beyond what the existing HAL offers. For now, give them the audio GID. Bug: 17763721 Change-Id: I8025c3abacae13a6ffec4e10e4976a67ab505bdf
* Add network access blocking when in battery save mode.Dianne Hackborn2014-07-011-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | The network policy manager now monitors battery save mode and, when in battery save, uses its facility to block access to metered networks to block access to all networks. That is, it tells the network management service that all networks have an (infinite) quota, and puts various app uids to be restricted under quota interfaces as appropriate. This new network blocking needs a new facility to be able to white list apps, such as GmsCore. To do this, I refactored the package manager's permission configuration stuff into a separate SystemConfig class that can be used by others, and it now has a new tag to specify package names that should be white-listed for power save mode. These are retrieved by the network policy manager and used to build a whitelist of uids. The new general config files can now go in system/etc/config, though currently everything still remains in the permissions dir. Still left to be done is changing the semantics of what uids are allowed in this mode, to include all perceptable uids. (So that we can still do things like background music playback.) This will be done in a follow-on CL. Change-Id: I9bb7029f61dae62e6236da5ca60765439f8d76d2
* Add PowerManager method to assign blame to a single uidMarco Nelissen2013-10-031-0/+1
| | | | | | | Currently used by audioflinger to account for recording wakelocks. b/10985160 Change-Id: I18fc8487f2a197bf02b5269a4bcae9e75b6c2207
* Remove deprecated ACCESS_DRM permission.Jeff Sharkey2013-09-031-1/+0
| | | | | | | The permission no longer exists, so don't assign it to media. Bug: 9967611 Change-Id: I5e11fcfc265310cbc3c2a8812a13e68b717fa476
* Add GIDs to packages.list, update SD card perms.Jeff Sharkey2013-08-121-0/+7
| | | | | | | | | | | Write supplementary GIDs to packages.list for lower-level system components to parse. WRITE_EXTERNAL_STORAGE also implies sdcard_r GID. Switch to always enforce READ_EXTERNAL_STORAGE permission. Update permission docs to mention new behavior. Change-Id: I316ba4b21beebb387ac05c80980ae9b38235b37d
* Camera: Remove camera gid from apps with camera permission.Eino-Ville Talvala2013-07-171-4/+0
| | | | | | | | This gid is not needed by camera-using apps, since all camera access is mediated by the camera service, which does not depend on gid for permission checks. Bug: 9904186 Change-Id: I859e6cabc905af9d98e2b09f5bbad086b5eb2b26
* Camera and MediaRecorder: Support AppOpsEino-Ville Talvala2013-02-251-0/+1
| | | | | | | | - Allow media processes to update AppOps state - Pass package name to media services Bug: 8181262 Change-Id: I115d39f0b306cb9eb7cd3d3e663c680b7322fd3f
* App ops: cleanup, handle root and shell, perms.Dianne Hackborn2013-02-111-65/+0
| | | | | | | | | | | | | | | | | | | | Rework how the shell user is defined so that it is associated with an actual apk, instead of being a free roaming uid with special permissions assigned to it. This allows us to correctly account for its operations in app ops. Implement a special case for the root user in app ops -- it is always allowed, always with the package name "root". Add various code to take care of cleaning up package state from app ops -- when packages are uninstalled, and during boot if any packages currently being stored no longer exist. Also fix a bug in the activity manager to correctly grant permissions in all cases when onNewIntent() is being called. Change-Id: Iae9f6d793ee48b93518c984ad957e46ae4582581
* add android.permission.LOOP_RADIO for access to loop radio deviceDoug Zongker2013-01-291-0/+4
| | | | Change-Id: I811d70fa67aa758122678809f32b8aade42ced0f
* grant shell user EXPAND_STATUS_BAR permissionGuang Zhu2012-11-151-0/+1
| | | | | Bug: 7555251 Change-Id: I68cebb26bcee060c56e124941f3ea9289ab2b3bf
* Add multi user support for bluetoothMatthew Xie2012-10-041-0/+5
| | | | | | | | Create a BLUETOOTH_STACK permission to share between all users of Bluetooth apk. Bluetooth Manager binds to apk of current user bug 6925422 Change-Id: I2df5546e977c2d77bc66d97d12479d933826922a
* Fix installing applications from non-primary users.Dianne Hackborn2012-08-271-1/+4
| | | | | | | | | | | | | | | | | We also now send the correct broadcasts to each user. You no longer need to be running the shell as root to be able to create/remove users. Also added some more man page material to the pm command, and got rid of a bunch of showUsage() calls that now make error messages completely buried because of how large the usage info has become. And the package manager now shows the user each historical broadcast was sent to. Change-Id: Iab42498e1352a0c023069139c80fc04d2d69ab4b
* am 406ba831: am 5f61087e: Merge "Get rid of LOCAL_MODULE_TAGS := user"Joe Onorato2012-08-171-4/+0
|\ | | | | | | | | * commit '406ba83154ba17921bc524c479d3339448306fc5': Get rid of LOCAL_MODULE_TAGS := user
| * am 5f61087e: Merge "Get rid of LOCAL_MODULE_TAGS := user"Joe Onorato2012-08-171-4/+0
| |\ | | | | | | | | | | | | * commit '5f61087e26013ea2623aecb1783c74a57a9fa49c': Get rid of LOCAL_MODULE_TAGS := user
| | * Get rid of LOCAL_MODULE_TAGS := userJoe Onorato2012-08-161-4/+0
| | | | | | | | | | | | Change-Id: I1c4e67f935a7c511cda9980f4475dfd0272617a5
* | | am f52dcf32: am da9754e8: Merge "Fix issue #6860828 Non-root shell can\'t ↵Dianne Hackborn2012-07-241-0/+6
|\ \ \ | |/ / | | | | | | | | | | | | | | | grant permissions" into jb-dev * commit 'f52dcf32f2fba7c89bbd127c22f2ee2b933915c6': Fix issue #6860828 Non-root shell can't grant permissions
| * | Fix issue #6860828 Non-root shell can't grant permissionsDianne Hackborn2012-07-231-0/+6
| |/ | | | | | | | | | | | | That, plus a few other permissions. Bug: 6860828 Change-Id: I69f0360471e4fd46e689388cd993e18c1e0bfb02
* | Non persistent adapter servicefredc2012-07-161-0/+4
|/ | | | | | | | | | | | | | | | | | Change-Id: Ib13d5c77416e58161df0e04d7a15ec0dddbde8b5 Conflicts: core/java/android/bluetooth/BluetoothInputDevice.java Conflicts: core/java/com/android/internal/app/ShutdownThread.java services/java/com/android/server/SystemServer.java Conflicts: services/java/com/android/server/SystemServer.java services/java/com/android/server/pm/ShutdownThread.java
* move hardware feature definitionsColin Cross2012-03-2632-760/+0
| | | | | | | Move the hardware feature xml files from frameworks/base/data/etc to frameworks/native/data/etc. Change-Id: If7dc9d68c0c57516adb8e863b68c8252abd6014c
* Add new READ_EXTERNAL_STORAGE permission.Dianne Hackborn2012-03-121-0/+4
| | | | | | Also adds some initial compatibility code for dealing with it. Change-Id: I104bff11798349e4aaa6da9b7be787b257daa1bb
* Adding shell commands for modifying content.Svetoslav Ganov2012-02-151-0/+1
| | | | | | | | | | | | | | 1. Added methods to the ActivityManagerService remote interface that allow accessing content providers outside of an application. These methods are guarded by an internal signature protected permission which is given to the shell user. This enables a shell program to access content providers. 2. Implemented a shell command that takes as input as standart fagls with values and manipulates content via the content provider mechanism. Change-Id: I2943f8b59fbab33eb623458fa01ea61a077b9845
* Adding a feature to indicate specific support for Bluetooth API.Dan Morrill2012-02-101-0/+19
|
* Whoops, need to acquire lock.Dianne Hackborn2011-11-151-0/+1
| | | | | | | Also increase time between reports to try to reduce the amount of redundant spam we get. Change-Id: Iedd7d743826fffa62ee431073cb7dfb49a00cea0
* Various performance and other work.Dianne Hackborn2011-10-311-0/+1
| | | | | | | | | | | | | | | | | | - IME service now switches between visible and perceptible depending on whether it is being showm, allowing us to more aggressively free its memory when not shown. - The activity display time is no longer delayed by the activity transition animation. - New -R (repeat) option for launching activities with the am command. - Improved some documentation on Loader to be clear about some methods that apps should not normally call. - FrameworkPerf test now allows you to select individual tests to run. Change-Id: Id1f73de66dc93d63212183958a72119ad174318b
* Add feature definition for Wi-Fi DirectIrfan Sheriff2011-09-071-0/+20
| | | | | Bug: 5267396 Change-Id: I4f61b0afd1466420ab951f6d74ec444036772b21
* Fix issue #5128639: SystemUI grows by 10MB after taking a screenshotDianne Hackborn2011-08-171-0/+1
| | | | | | | | | | | We now do the screenshot in a separate process. Also change the recents panel to not use hardware acceleration on lower-end devices. And improve how it gets shown to not load all data up-front which results in a long delay when you have lots of recents. Change-Id: Ia309a90f9939e5405758621b3f7114597bd0c02a
* Fix issue 4604090: notification sound interrupted.Eric Laurent2011-07-251-0/+1
| | | | | | | | | | | | | The problem is that the audio HAL fails to acquire the wake lock when playing the notification. This is because of a change that removed the mediaserver process form the system group for honeycomb. The fix consists in requesting the wake lock from PowerManagerService when AudioFlinger mixer wakes up. A consequence of this change is that audio HALs or pcm drivers do not have to hold wake locks anymore as in the past. Change-Id: I4fb3cc84816c9c408ab7fec75886baf801e1ecb5
* Permissions to protect bandwidth statistics.Jeff Sharkey2011-06-221-0/+10
| | | | | | | | | | | Introduces new "net_bw_stats" group which will protect reading detailed bandwidth statistics from the kernel. Also introduce "net_bw_acct" group which will enable specific applications to request that their network traffic be counted against other UIDs. This change associates manifest permissions with the low-level GIDs. Change-Id: If3fc28053afda201ff305d798a8878ff1f35b997
* resolved conflicts for merge of 77fc8b80 to masterDianne Hackborn2011-06-142-0/+4
|\ | | | | | | Change-Id: I014f9a886d6f05607d2a5d101ad2052a6841ee8d
| * am c5193c62: Merge "Add new landscape and portrait orientation features." ↵Dianne Hackborn2011-06-142-0/+4
| |\ | | | | | | | | | | | | | | | | | | into honeycomb-mr2 * commit 'c5193c6285d7094fb86dcb5cd56f44a3788af7c2': Add new landscape and portrait orientation features.
| | * Add new landscape and portrait orientation features.Dianne Hackborn2011-06-142-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Updates aapt to know about these. Also updates aapt badging to: - No longer crash due to the change to how we match unspecified configuration resources. - Report the new "smallest screen" supported screen configs. - Infer old screen size buckets based on new smallest width attrs. - Report all of the different labels and icons in an app. Change-Id: I7376042b817391bd070f549cebbc7f03be4635c8
* | | resolved conflicts for merge of 9dfd7d0a to masterDianne Hackborn2011-06-093-0/+69
|\ \ \ | |/ / | | | | | | Change-Id: I9fbee3209b7fe5c7b5b42b62309eb60dc49bf9e2
| * | am e22fe933: Fix issue #4582417: Need to add new PackageManager...Dianne Hackborn2011-06-083-0/+69
| |\ \ | | |/ | | | | | | | | | * commit 'e22fe9331ad8a9f81470751fdeca7633f654cffa': Fix issue #4582417: Need to add new PackageManager...
| | * Fix issue #4582417: Need to add new PackageManager...Dianne Hackborn2011-06-083-0/+69
| | | | | | | | | | | | | | | | | | ...FEATURE_ constant for FAKE_MULTITOUCH in MR2 Change-Id: Ib6950d9dbdd58618aec593de7e0cf1c01b7d6ef9
| | * DO NOT MERGE Revert "Remove permission android.permission.WRITE_MEDIA_STORAGE"Mike Lockwood2011-05-031-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We need this to allow MTP to access secondary external storage devices This reverts commit 35a2ea2fbf156a503d1b0bc6ca7784e51e2462f4. Conflicts: data/etc/platform.xml Change-Id: I0b139a0f3b369c1080831a5b3a48f5d9a330b1bb Signed-off-by: Mike Lockwood <lockwood@android.com>
| * | DO NOT MERGE Revert "Remove permission android.permission.WRITE_MEDIA_STORAGE"Mike Lockwood2011-05-041-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We need this to allow MTP to access secondary external storage devices This reverts commit 35a2ea2fbf156a503d1b0bc6ca7784e51e2462f4. Conflicts: data/etc/platform.xml Change-Id: Iaf9cf120217e8417d328a51db0d82be6835b0ff0 Signed-off-by: Mike Lockwood <lockwood@android.com>
* | | Interrogation of the view hierarchy from an AccessibilityService.Svetoslav Ganov2011-06-061-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 1. Views are represented as AccessibilityNodeInfos to AccessibilityServices. 2. An accessibility service receives AccessibilityEvents and can ask for its source and gets an AccessibilityNodeInfo which can be used to get its parent and children infos and so on. 3. AccessibilityNodeInfo contains some attributes and actions that can be performed on the source. 4. AccessibilityService can request the system to preform an action on the source of an AccessibilityNodeInfo. 5. ViewAncestor provides an interaction connection to the AccessibiltyManagerService and an accessibility service uses its connection to the latter to interact with screen content. 6. AccessibilityService can interact ONLY with the focused window and all calls are routed through the AccessibilityManagerService which imposes security. 7. Hidden APIs on AccessibilityService can find AccessibilityNodeInfos based on some criteria. These API go through the AccessibilityManagerServcie for security check. 8. Some actions are hidden and are exposes only to eng builds for UI testing. Change-Id: Ie34fa4219f350eb3f4f6f9f45b24f709bd98783c
* | | am ee081bf5: am 3ed0a1ec: Merge "IMS: Provide net_admin permission so that ↵Wink Saville2011-05-031-0/+4
|\ \ \ | |/ / | | | | | | | | | | | | | | | IPSec could be configured/used." into honeycomb-LTE * commit 'ee081bf5ee936396a89d5bd2b29487047b260f49': IMS: Provide net_admin permission so that IPSec could be configured/used.
| * | IMS: Provide net_admin permission so that IPSec could be configured/used.Ramesh Sudini2011-05-031-0/+4
| |/ | | | | | | | | | | IMS configures the security database in kernel with keys generated from ISIM. Change-Id: Iae9fb85f286ff2a627369d784a127bf7d4d8f4b3
* | Revert "Remove permission android.permission.WRITE_MEDIA_STORAGE"Mike Lockwood2011-04-221-0/+4
|/ | | | | | | | | | | | | We need this to allow MTP to access secondary external storage devices This reverts commit 35a2ea2fbf156a503d1b0bc6ca7784e51e2462f4. Conflicts: data/etc/platform.xml Change-Id: I9faf54526182a786a1c0ca1fd01a09baabca186d Signed-off-by: Mike Lockwood <lockwood@android.com>
* Combine the USB accessory support library with the platform featureMike Lockwood2011-03-022-20/+2
| | | | | | | Also renamed the support library to com.android.future.usb.accessory.jar Change-Id: Id6226991ce73f75dfedc497adf1c25bffb670243 Signed-off-by: Mike Lockwood <lockwood@android.com>
* USB accessory support libraryMike Lockwood2011-02-281-0/+20
| | | | | | | | | | | | This provides a mechanism for developing applications to work with USB accessories in versions of android prior to the introduction of the android.hardware.UsbManager APIs. Applications should link against the com.google.android.usb library to use this support. Change-Id: I48ff80467fd9a6667aa84a758eca754132f546b9 Signed-off-by: Mike Lockwood <lockwood@android.com>
* Add platform features for USB host and USB accessory support.Mike Lockwood2011-02-282-0/+41
| | | | | | | Also removed config_hasUsbHostSupport framework resource, which is now obsolete. Change-Id: I6f18cc1c4f68085de8b8363e1b5edff79aff404f Signed-off-by: Mike Lockwood <lockwood@android.com>
generated by cgit v1.1 at 2024-05-16 15:41:17 +0000