summaryrefslogtreecommitdiffstats
path: root/services
Commit message (Collapse)AuthorAgeFilesLines
* Prevent system uid component from running in an app processWale Ogunwale2015-10-181-3/+8
| | | | | Bug: 21669445 Change-Id: I792c6e676d4b6d54a51228d264130b8125075d98
* Fix issue #8470131: Process thrash kills batteryDianne Hackborn2015-08-253-2/+36
| | | | | | | | | | | | | | Protect app widget broadcasts from abuse. In this case the app was sending an APPWIDGET_UPDATE broadcast without specifying a target, which (a) should not be allowed (you should not be able to send updates to other apps), and (b) resulted in every single potential app widget in the system being launched... which was about 75 of them. Change-Id: I9d48733610ce6d5a7c32e69a3e06b9f33bd79a34 Signed-off-by: Dianne Hackborn <hackbod@google.com> Tested-by: Moritz Bandemer <replicant@posteo.mx>
* Adapt hardware renderer and screen rotation animation for SoftwareGLPaul Kocialkowski2013-10-281-6/+12
| | | | | Change-Id: I0d7809e7ae408c4762982599576be9a78d54a2dc Signed-off-by: Paul Kocialkowski <contact@paulk.fr>
* Always disable StrictModeFlashPaul Kocialkowski2013-10-281-3/+9
| | | | | Change-Id: I6d891cd4b3f40110c8b99a67cd467c2501d30317 Signed-off-by: Paul Kocialkowski <contact@paulk.fr>
* Re-implement orientation aware volume buttons at lower levelnadlabak2013-09-174-9/+89
| | | | | | | | | | | | | | | | | | | | Rework of http://review.cyanogenmod.org/31979 Fixes: 1. inconsistent volume button behaviour depending on app in use - the buttons were not swapped for some NDK/OPENSL ES apps like e.g. MX Player 2. the function of volume buttons on external input devices like BT/USB keyboards should not be affected by the main unit orientation This commit finishes http://review.cyanogenmod.org/18273 - use of system property has been replaced with config push via JNI as suggested during the original review. Patch Set 7: Circumvent the need for "keyboard.orientationAware = 1" idc Patch Set 8: Don't leak implementation details outside InputReader Change-Id: I19cc60cb0acb0005ab13fa069f52e3d468d694e7
* PackageManager: allow build-time disabling of componentsPawit Pornkitprasan2013-09-011-0/+15
| | | | | | | | | | Allow components to be specified as disabled at build time (applied on boot). This allows stock OTA components to be marked as disabled in CM builds. Change-Id: I6e4499cc40a779792a5ea97a10137399dad7d69f
* Merge "am: Allow more hidden apps on devices with lots of RAM" into cm-10.1Ricardo Cerqueira2013-08-201-1/+10
|\
| * am: Allow more hidden apps on devices with lots of RAMSteve Kondik2013-08-201-1/+10
| | | | | | | | | | | | | | | | * If more than 1.5GB is present, allow up to 40 hidden apps. * Number is somewhat arbitrary, but was found to work well on D2. * Also look at the sys.mem.max_hidden_apps value if given. Change-Id: I2d3cf6e0dad1bc0b482cc37bf9c61ed2f2b4be52
* | Merge "Show advanced reboot if using an insecure lock screen" into cm-10.1David van Tonder2013-08-021-1/+1
|\ \
| * | Show advanced reboot if using an insecure lock screenVeeti Paananen2013-07-231-1/+1
| |/ | | | | | | | | | | | | Enables the advanced reboot menu when locked if the selected lock method is insecure (= slide unlock). Change-Id: I759b7b31c5411597e2537a85183d73ec02eb2461
* | BT: Fix memory leak when BT on & off done many timesSumit Bajpai2013-07-241-0/+7
| | | | | | | | | | | | | | | | | | Solves a memory leak in BatteryStatsService when Bluetooth is turn on/off. Solution adds missing close of proxy then Bluetooth is turned off. Change-Id: I65f9db298459c7c15f6a10c752992f1d38469445 CRs-Fixed: 476145
* | Add support for Samsung extended AGPSghepeu2013-07-232-4/+8
|/ | | | | | | | | | | | The AGPS implementation in the GPS chipset used in some Samsung devices (i9100, i9300) can make use of the Psc field. Adapt the relevant functions hiding the changes incompatible with other devices under the AGPS_USE_PSC #define. Credit to Qaweck from xda-developers forum for finding the meaning of the field. Change-Id: Ie4691c79ca379a1f5c0a87500c1b06b56ae7ac0d
* Allow device admin policy to override policy boolean state.Robert Craig2013-07-181-10/+8
| | | | | | | | | | Prior code only allowed a false to true transition for a device admin policy. This was to ensure that a default true was always upheld. Reverse this and allow a device admin policy to take over the setting of all booleans; even those set by the init.rc. Change-Id: I64ae4d397a8118614c83fa611f0191e2f934dade Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil>
* Restore support for labeling non-system apps based on their certificate.Stephen Smalley2013-07-181-12/+0
| | | | | | Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov> Change-Id: I814411cbc8d16eaed99a1389f5487529e36e637b
* Add data validation on seinfo labels.Robert Craig2013-07-181-2/+25
| | | | | | | | Ensure that policy contains a clean seinfo string. Where clean means no whitespace characters. Change-Id: I814411cbc8d16eaed99a1389f5487529e36e617b Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil>
* Follow AOSP behavior for seinfo assignment.Stephen Smalley2013-07-181-3/+2
| | | | | | | | No distinctions can be made among third party apps. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov> Change-Id: Ic894086485bfea884c0e21af13f98a2d54346b15
* Save off the seinfo value with packages.list.Robert Craig2013-07-181-3/+3
| | | | | | | | | | Patch adds the seinfo label per package to the file. This is of particular interest to the run-as program which uses the seinfo tag to correctly label the app security context before running the shell. Change-Id: I9d7ea47c920b1bc09a19008345ed7fd0aa426e87 Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil>
* Bring install-time code inline with AOSP.Robert Craig2013-07-182-25/+38
| | | | | | | | | | | | Recent submissions to AOSP rework some of the internal logic of SELinuxMMAC and the PMS. Bring our maintained version inline with those changes while still allowing policy to dictate all seinfo values regardless of location. Change-Id: I11ff4c4089217e6a9d95ca2841c5bc29bfd763ad Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil>
* Move seinfo and install-time changes to inside PMS.Robert Craig2013-07-1853-20/+2151
| | | | | | | Per request by Google, move the install-time checks entirely inside PMS. Change-Id: I01f2a9084dfe7886087b1497070b0d7f2ad8479e
* Change DPMS code to accommodate enforce states on boot.Robert Craig2013-07-181-86/+95
| | | | | | | | | | We need to respect if setenforce (selinux enforce), setsebool (booleans), or setprop (mmac enforce) are set in the any of the init.rc files. This set of changes will allow the init.rc values to win over any potential device admin wishes. Change-Id: I01f2a9084dfe7886087b1497070b0d7f2ad8473e Signed-off-by: Robert Craig <rpcraig@tycho.ncsc.mil>
* Update location of policy filesWilliam Roberts2013-07-182-16/+10
| | | | | | | | | | | | | The location of policy files has changed from /data/system to /data/security. Also, a name change to mmac enforcing property name to place it under persist.mmac. namesepace. Adds api's for getting and setting the MMAC enforcing mode. Change-Id: I0e9468fe651cd6ec018d5c85d35d693e55479e89
* Proper security labeling of multi-user data directories.rpcraig2013-07-183-3/+6
| | | | | | | | | | | | This patch covers 2 cases. When an app is installed and the resulting data directory is created for all existing users. And when a new user is created and all existing app data directories are created for the new user. Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil> Change-Id: I01f2a9084dfe7886087b1497070b0d7f2ad8478e
* Implement Device Admin API for MMACJoman Chu2013-07-181-0/+278
| | | | | | | | Conflicts: api/current.txt core/java/android/app/admin/DevicePolicyManager.java Change-Id: I1df507ced67fbcab8fdcde9cce78705b5e54e346
* Apply MMAC changes from master.Stephen Smalley2013-07-181-2/+8
| | | | Change-Id: I01f2a9084dfe7886087b1497070b0d7f2ad8477e
* Simplify check during admin removal for whether to cleanup SELinuxJoman Chu2013-07-181-100/+99
| | | | | | Also re-arrange and cleanup Change-Id: I1261e715d8d04b72f8a29b8a24268d75946d24dc
* Add APIs to allow Device Admins to change SELinux settingsJoman Chu2013-07-181-0/+666
| | | | | | | | | | | | | | | | | | | | | These calls, added to the Device Admin API, will allow Device Admin apps to change various SELinux settings, including: * Toggling SELinux enforcing and permissive modes * Toggle SELinux booleans * Load a new SELinux policy file (sepolicy) * Load new SELinux context files ({property,file,seapp}_contexts) In order to use these APIs, a Device Admin must first request USES_POLICY_ENFORCE_SELINUX, then become a SELinux Admin by calling setSELinuxAdmin(). All other set* calls relevant to SELinux are guarded by a check against whether the admin is a SELinux Admin. Otherwise, the style of the set* calls are very similar to the other calls setting device policy in the Device Admin API. That is, these calls change the Admin's internal state and then call a sync method to update the device's state to the Admin's state. Change-Id: I01f2a9084dfe7886087b1497070b0d7f2ad8476e
* Save off the seinfo value with packages.list.rpcraig2013-07-181-0/+3
| | | | | | Patch adds the seinfo label per package to the file. Change-Id: I01f2a9084dfe7886087b1497070b0d7f2ad8475e
* Add seinfo parsing to PackageManagerService.rpcraig2013-07-183-6/+25
| | | | | | | | | | | | | | | | | This patch set allows the PMS to parse the mac_permissions.xml file which contains the seinfo values. Each package that is installed on the device will be assigned an seinfo value based on policy. This seinfo value will help label the app process and data directory. Modifications also include, adjustments to ApplicationInfo.java to store the seinfo tag per package, adjustments to installd to communicate the seinfo tag to libselinux, and finally a set of unit tests. Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil> Change-Id: I61ad1ea12fb6a9a6d0b108ec163bc4bf4c954b58
* Merge "Also backup profiles file via backup manager." into cm-10.1David van Tonder2013-07-102-8/+55
|\
| * Also backup profiles file via backup manager.Danny Baumann2013-07-102-8/+55
| | | | | | | | Change-Id: Id70cb1bce15b7de127e4291e9482ab3fd7270f9f
* | Ensure install-during-restore is like install-then-restoreChristopher Tate2013-07-071-1/+10
| | | | | | | | | | | | | | | | | | | | | | | | When we've installed an apk from the archive, recheck whether to apply the system-uid policy restrictions around file system restores. Bug 8833099 (cherry picked from commit 2baf6dcfcf7fc1705db25e64dc0cb11fa3509d39) Change-Id: I972fe1543f2234aa76baf562d6f806175ac0248e
* | Notification cancellation fixes:Koushik Dutta2013-07-071-3/+7
| | | | | | | | | | | | | | Permission should only allow cancellation of other app notifications, not enqueueing. Fix checkapi breakage. Change-Id: Idbcfd4617057984250dc4d4fa32ff55bfbb155e2
* | Add permission that allows cancelling notifications from other apps.Koushik Dutta2013-07-061-0/+4
| | | | | | | | Change-Id: I055b17873e174f71174898a7649b1e221fd8c436
* | Merge "Frameworks: privacy guard fix UI freeze" into cm-10.1Danny Baumann2013-07-041-5/+5
|\ \ | |/ |/|
| * Frameworks: privacy guard fix UI freezeLars Greiss2013-07-051-5/+5
| | | | | | | | | | | | | | | | | | | | | | randomly sometimes the complete UI freezes when toggle privacy guard. Move out the forcekill from syncronized to fix it so that it kills the app when all threads are open and they can react to the forcekill which cannot result then in unknown states cheers Change-Id: I81514dc5ca9149477ee747a7d90720b83f741baa
* | Merge "Profile: Filter on NETWORK_STATE_CHANGED instead of ↵David van Tonder2013-07-041-17/+22
|\ \ | | | | | | | | | SUPPLICANT_STATE_CHANGED" into cm-10.1
| * | Profile: Filter on NETWORK_STATE_CHANGED instead of SUPPLICANT_STATE_CHANGEDJo De Boeck2013-07-041-17/+22
| |/ | | | | | | | | | | | | | | | | | | | | | | For more reliable network change detection use NETWORK_STATE_CHANGED instead of SUPPLICANT_STATE_CHANGED Only set profile when profile actually changed. Use getWifiSsid instead of getSSID so we dont have to strip double quotes ourselves, add null pointer exception check because function can now be called when WiFi is off. Change-Id: I2b4ea65fdb484edb39a14725c648d9ab0d5d36fb
* | Don't enable GPS if the requesting app is blacklisted.Danny Baumann2013-07-041-1/+2
|/ | | | | | | This is transparent to the app, it just sees no location callbacks as before. It just avoids the additional unneeded battery drain. Change-Id: Iff98bcc3a4ff724aea8763e08b687441bda9ede0
* Allow multiple emulated storages at the same time.Oleg Drokin2013-07-031-6/+6
| | | | | | | | Only do multiuser mapping for primary emulated storage as per google docs. Allow all non-primary emulated storage to have id other than 0 so that it could be distinguished from the primary volume. Change-Id: I7b70b9067fd6211055fb9074710f48107d7b0e8e
* NotificationManager : Fix security exceptionDanesh Mondegarian2013-07-021-2/+2
| | | | | | | If the call is from a user process, using USER_CURRENT_OR_SELF avoids a security exception in such cases. Change-Id: I2f25917ecfabc80d3a193d63020ad11480edf8ec
* Add an option to allow a (subtle) notification vibration during calls.Danny Baumann2013-07-021-17/+47
| | | | | Change-Id: I8a5e1d15d17d56089158b24f9a4b246ae6e60285 JIRA:CYAN-1550
* Merge "When DPM is updated while lock screen is inhibited, don't ↵David van Tonder2013-07-021-15/+26
|\ | | | | | | unconditionally enable lock screen." into cm-10.1
| * When DPM is updated while lock screen is inhibited, don'tDanny Baumann2013-06-301-15/+26
| | | | | | | | | | | | unconditionally enable lock screen. Change-Id: Iab2af06eb8e41fbcfc6adfbeb5b42a9bbf446fe9
* | Frameworks: privacy guard fix possible NPELars Greiss2013-06-301-1/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If the user flash a data app over recovery on clean flash (like a lot themed apps or gapps packages are doing) the user will get into a bootloop because of an NPE due an unknown state of the user due that installedUser == null To fix it Check if installUser exists if yes then call the provider settings value for the current user PatchSet 2+3: message update fix for real now Change-Id: Ie5f94a0d0a11ae24fdfdc8372c0433b26793b66e
* | Merge "am: Fix the privacy guard notification" into cm-10.1Steve Kondik2013-06-301-24/+24
|\ \ | |/ |/|
| * am: Fix the privacy guard notificationSteve Kondik2013-06-291-24/+24
| | | | | | | | | | | | | | | | * The privacy guard notification was not showing everytime. Fix the logic and handle it in the right place so it hits both the create and resume startup path. Change-Id: I80c88ffb0fcb4ed3ea64ceb228bb436975278ecc
* | Add SMS Middleware layer.Koushik Dutta2013-06-293-3/+17
|/ | | | | | | | | | Add fix so ordered broadcasts are delivered to system apps first in the event of a tie. This works around the issue where terrible apps steal SMS notifications from the broadcast queue to simply prevent notifications that could otherwise be removed by a toggle. Change-Id: I4fff0c584f8fce9c5f2f4fe86a82fe6480c307c7
* Keep on notification LED while dreaming.Danny Baumann2013-06-281-2/+16
| | | | | Change-Id: I407e34f9c60d3140f78abca133b4fda5dd45f311 JIRA:CYAN-689
* AssetRedirectionManager: Accept redirections only for whitelisted resource typesRicardo Cerqueira2013-06-261-0/+23
| | | | Change-Id: Idf1ea739a81719b6a196f0114c9fc3b7c7ff428c
* privacy guard: Use LocationBlacklist for location filteringSteve Kondik2013-06-252-57/+11
| | | | | | | | * Google has built a per-package blacklist into the location service. * Let's use this to handle Privacy Guard instead of our one-off code which has a bunch of edge cases and can leave apps in a weird state. Change-Id: I2f2ecd0b75ff51b44b1a6035189355d7bd63eaf4
generated by cgit v1.1 at 2024-12-22 08:45:48 +0000