Loading core/res/AndroidManifest.xml +40 −0 Original line number Diff line number Diff line Loading @@ -700,6 +700,46 @@ android:label="@string/permlab_mount_format_filesystems" android:description="@string/permdesc_mount_format_filesystems" /> <!-- Allows access to ASEC non-destructive API calls @hide --> <permission android:name="android.permission.ASEC_ACCESS" android:permissionGroup="android.permission-group.SYSTEM_TOOLS" android:protectionLevel="dangerous" android:label="@string/permlab_asec_access" android:description="@string/permdesc_asec_access" /> <!-- Allows creation of ASEC volumes @hide --> <permission android:name="android.permission.ASEC_CREATE" android:permissionGroup="android.permission-group.SYSTEM_TOOLS" android:protectionLevel="dangerous" android:label="@string/permlab_asec_create" android:description="@string/permdesc_asec_create" /> <!-- Allows destruction of ASEC volumes @hide --> <permission android:name="android.permission.ASEC_DESTROY" android:permissionGroup="android.permission-group.SYSTEM_TOOLS" android:protectionLevel="dangerous" android:label="@string/permlab_asec_destroy" android:description="@string/permdesc_asec_destroy" /> <!-- Allows mount / unmount of ASEC volumes @hide --> <permission android:name="android.permission.ASEC_MOUNT_UNMOUNT" android:permissionGroup="android.permission-group.SYSTEM_TOOLS" android:protectionLevel="dangerous" android:label="@string/permlab_asec_mount_unmount" android:description="@string/permdesc_asec_mount_unmount" /> <!-- Allows rename of ASEC volumes @hide --> <permission android:name="android.permission.ASEC_RENAME" android:permissionGroup="android.permission-group.SYSTEM_TOOLS" android:protectionLevel="dangerous" android:label="@string/permlab_asec_rename" android:description="@string/permdesc_asec_rename" /> <!-- Allows applications to disable the keyguard --> <permission android:name="android.permission.DISABLE_KEYGUARD" android:permissionGroup="android.permission-group.SYSTEM_TOOLS" Loading core/res/res/values/strings.xml +25 −0 Original line number Diff line number Diff line Loading @@ -876,6 +876,31 @@ <!-- Description of an application permission, listed so the user can choose whether they want to allow the application to do this. --> <string name="permdesc_mount_format_filesystems">Allows the application to format removable storage.</string> <!-- Title of an application permission, listed so the user can choose whether they want to allow the application to do this. --> <string name="permlab_asec_access">get information on secure storage</string> <!-- Description of an application permission, listed so the user can choose whether they want to allow the application to do this. --> <string name="permdesc_asec_access">Allows the application to get information on secure storage.</string> <!-- Title of an application permission, listed so the user can choose whether they want to allow the application to do this. --> <string name="permlab_asec_create">create secure storage</string> <!-- Description of an application permission, listed so the user can choose whether they want to allow the application to do this. --> <string name="permdesc_asec_create">Allows the application to create secure storage.</string> <!-- Title of an application permission, listed so the user can choose whether they want to allow the application to do this. --> <string name="permlab_asec_destroy">destroy secure storage</string> <!-- Description of an application permission, listed so the user can choose whether they want to allow the application to do this. --> <string name="permdesc_asec_destroy">Allows the application to destroy secure storage.</string> <!-- Title of an application permission, listed so the user can choose whether they want to allow the application to do this. --> <string name="permlab_asec_mount_unmount">mount / unmount secure storage</string> <!-- Description of an application permission, listed so the user can choose whether they want to allow the application to do this. --> <string name="permdesc_asec_mount_unmount">Allows the application to mount / unmount secure storage.</string> <!-- Title of an application permission, listed so the user can choose whether they want to allow the application to do this. --> <string name="permlab_asec_rename">rename secure storage</string> <!-- Description of an application permission, listed so the user can choose whether they want to allow the application to do this. --> <string name="permdesc_asec_rename">Allows the application to rename secure storage.</string> <!-- Title of an application permission, listed so the user can choose whether they want to allow the application to do this. --> <string name="permlab_vibrate">control vibrator</string> <!-- Description of an application permission, listed so the user can choose whether they want to allow the application to do this. --> Loading services/java/com/android/server/MountService.java +41 −0 Original line number Diff line number Diff line Loading @@ -1058,11 +1058,21 @@ class MountService extends IMountService.Stub } public String[] getSecureContainerList() throws IllegalStateException { if (mContext.checkCallingOrSelfPermission( android.Manifest.permission.ASEC_ACCESS) != PackageManager.PERMISSION_GRANTED) { throw new SecurityException("Requires ASEC_ACCESS permission"); } return mConnector.doListCommand("list_asec", VoldResponseCode.AsecListResult); } public String createSecureContainer(String id, int sizeMb, String fstype, String key, int ownerUid) throws IllegalStateException { if (mContext.checkCallingOrSelfPermission( android.Manifest.permission.ASEC_CREATE) != PackageManager.PERMISSION_GRANTED) { throw new SecurityException("Requires ASEC_CREATE permission"); } String cmd = String.format("create_asec %s %d %s %s %d", id, sizeMb, fstype, key, ownerUid); mConnector.doCommand(cmd); Loading @@ -1070,15 +1080,31 @@ class MountService extends IMountService.Stub } public void finalizeSecureContainer(String id) throws IllegalStateException { if (mContext.checkCallingOrSelfPermission( android.Manifest.permission.ASEC_CREATE) != PackageManager.PERMISSION_GRANTED) { throw new SecurityException("Requires ASEC_CREATE permission"); } mConnector.doCommand(String.format("finalize_asec %s", id)); } public void destroySecureContainer(String id) throws IllegalStateException { if (mContext.checkCallingOrSelfPermission( android.Manifest.permission.ASEC_DESTROY) != PackageManager.PERMISSION_GRANTED) { throw new SecurityException("Requires ASEC_DESTROY permission"); } mConnector.doCommand(String.format("destroy_asec %s", id)); } public String mountSecureContainer(String id, String key, int ownerUid) throws IllegalStateException { if (mContext.checkCallingOrSelfPermission( android.Manifest.permission.ASEC_MOUNT_UNMOUNT) != PackageManager.PERMISSION_GRANTED) { throw new SecurityException("Requires ASEC_MOUNT_UNMOUNT permission"); } mConnector.doCommand(String.format("destroy_asec %s", id)); String cmd = String.format("mount_asec %s %s %d", id, key, ownerUid); mConnector.doCommand(cmd); Loading @@ -1086,16 +1112,31 @@ class MountService extends IMountService.Stub } public void unmountSecureContainer(String id) throws IllegalStateException { if (mContext.checkCallingOrSelfPermission( android.Manifest.permission.ASEC_MOUNT_UNMOUNT) != PackageManager.PERMISSION_GRANTED) { throw new SecurityException("Requires ASEC_MOUNT_UNMOUNT permission"); } String cmd = String.format("unmount_asec %s", id); mConnector.doCommand(cmd); } public void renameSecureContainer(String oldId, String newId) throws IllegalStateException { if (mContext.checkCallingOrSelfPermission( android.Manifest.permission.ASEC_RENAME) != PackageManager.PERMISSION_GRANTED) { throw new SecurityException("Requires ASEC_RENAME permission"); } String cmd = String.format("rename_asec %s %s", oldId, newId); mConnector.doCommand(cmd); } public String getSecureContainerPath(String id) throws IllegalStateException { if (mContext.checkCallingOrSelfPermission( android.Manifest.permission.ASEC_ACCESS) != PackageManager.PERMISSION_GRANTED) { throw new SecurityException("Requires ASEC_ACCESS permission"); } ArrayList<String> rsp = mConnector.doCommand("asec_path " + id); for (String line : rsp) { Loading Loading
core/res/AndroidManifest.xml +40 −0 Original line number Diff line number Diff line Loading @@ -700,6 +700,46 @@ android:label="@string/permlab_mount_format_filesystems" android:description="@string/permdesc_mount_format_filesystems" /> <!-- Allows access to ASEC non-destructive API calls @hide --> <permission android:name="android.permission.ASEC_ACCESS" android:permissionGroup="android.permission-group.SYSTEM_TOOLS" android:protectionLevel="dangerous" android:label="@string/permlab_asec_access" android:description="@string/permdesc_asec_access" /> <!-- Allows creation of ASEC volumes @hide --> <permission android:name="android.permission.ASEC_CREATE" android:permissionGroup="android.permission-group.SYSTEM_TOOLS" android:protectionLevel="dangerous" android:label="@string/permlab_asec_create" android:description="@string/permdesc_asec_create" /> <!-- Allows destruction of ASEC volumes @hide --> <permission android:name="android.permission.ASEC_DESTROY" android:permissionGroup="android.permission-group.SYSTEM_TOOLS" android:protectionLevel="dangerous" android:label="@string/permlab_asec_destroy" android:description="@string/permdesc_asec_destroy" /> <!-- Allows mount / unmount of ASEC volumes @hide --> <permission android:name="android.permission.ASEC_MOUNT_UNMOUNT" android:permissionGroup="android.permission-group.SYSTEM_TOOLS" android:protectionLevel="dangerous" android:label="@string/permlab_asec_mount_unmount" android:description="@string/permdesc_asec_mount_unmount" /> <!-- Allows rename of ASEC volumes @hide --> <permission android:name="android.permission.ASEC_RENAME" android:permissionGroup="android.permission-group.SYSTEM_TOOLS" android:protectionLevel="dangerous" android:label="@string/permlab_asec_rename" android:description="@string/permdesc_asec_rename" /> <!-- Allows applications to disable the keyguard --> <permission android:name="android.permission.DISABLE_KEYGUARD" android:permissionGroup="android.permission-group.SYSTEM_TOOLS" Loading
core/res/res/values/strings.xml +25 −0 Original line number Diff line number Diff line Loading @@ -876,6 +876,31 @@ <!-- Description of an application permission, listed so the user can choose whether they want to allow the application to do this. --> <string name="permdesc_mount_format_filesystems">Allows the application to format removable storage.</string> <!-- Title of an application permission, listed so the user can choose whether they want to allow the application to do this. --> <string name="permlab_asec_access">get information on secure storage</string> <!-- Description of an application permission, listed so the user can choose whether they want to allow the application to do this. --> <string name="permdesc_asec_access">Allows the application to get information on secure storage.</string> <!-- Title of an application permission, listed so the user can choose whether they want to allow the application to do this. --> <string name="permlab_asec_create">create secure storage</string> <!-- Description of an application permission, listed so the user can choose whether they want to allow the application to do this. --> <string name="permdesc_asec_create">Allows the application to create secure storage.</string> <!-- Title of an application permission, listed so the user can choose whether they want to allow the application to do this. --> <string name="permlab_asec_destroy">destroy secure storage</string> <!-- Description of an application permission, listed so the user can choose whether they want to allow the application to do this. --> <string name="permdesc_asec_destroy">Allows the application to destroy secure storage.</string> <!-- Title of an application permission, listed so the user can choose whether they want to allow the application to do this. --> <string name="permlab_asec_mount_unmount">mount / unmount secure storage</string> <!-- Description of an application permission, listed so the user can choose whether they want to allow the application to do this. --> <string name="permdesc_asec_mount_unmount">Allows the application to mount / unmount secure storage.</string> <!-- Title of an application permission, listed so the user can choose whether they want to allow the application to do this. --> <string name="permlab_asec_rename">rename secure storage</string> <!-- Description of an application permission, listed so the user can choose whether they want to allow the application to do this. --> <string name="permdesc_asec_rename">Allows the application to rename secure storage.</string> <!-- Title of an application permission, listed so the user can choose whether they want to allow the application to do this. --> <string name="permlab_vibrate">control vibrator</string> <!-- Description of an application permission, listed so the user can choose whether they want to allow the application to do this. --> Loading
services/java/com/android/server/MountService.java +41 −0 Original line number Diff line number Diff line Loading @@ -1058,11 +1058,21 @@ class MountService extends IMountService.Stub } public String[] getSecureContainerList() throws IllegalStateException { if (mContext.checkCallingOrSelfPermission( android.Manifest.permission.ASEC_ACCESS) != PackageManager.PERMISSION_GRANTED) { throw new SecurityException("Requires ASEC_ACCESS permission"); } return mConnector.doListCommand("list_asec", VoldResponseCode.AsecListResult); } public String createSecureContainer(String id, int sizeMb, String fstype, String key, int ownerUid) throws IllegalStateException { if (mContext.checkCallingOrSelfPermission( android.Manifest.permission.ASEC_CREATE) != PackageManager.PERMISSION_GRANTED) { throw new SecurityException("Requires ASEC_CREATE permission"); } String cmd = String.format("create_asec %s %d %s %s %d", id, sizeMb, fstype, key, ownerUid); mConnector.doCommand(cmd); Loading @@ -1070,15 +1080,31 @@ class MountService extends IMountService.Stub } public void finalizeSecureContainer(String id) throws IllegalStateException { if (mContext.checkCallingOrSelfPermission( android.Manifest.permission.ASEC_CREATE) != PackageManager.PERMISSION_GRANTED) { throw new SecurityException("Requires ASEC_CREATE permission"); } mConnector.doCommand(String.format("finalize_asec %s", id)); } public void destroySecureContainer(String id) throws IllegalStateException { if (mContext.checkCallingOrSelfPermission( android.Manifest.permission.ASEC_DESTROY) != PackageManager.PERMISSION_GRANTED) { throw new SecurityException("Requires ASEC_DESTROY permission"); } mConnector.doCommand(String.format("destroy_asec %s", id)); } public String mountSecureContainer(String id, String key, int ownerUid) throws IllegalStateException { if (mContext.checkCallingOrSelfPermission( android.Manifest.permission.ASEC_MOUNT_UNMOUNT) != PackageManager.PERMISSION_GRANTED) { throw new SecurityException("Requires ASEC_MOUNT_UNMOUNT permission"); } mConnector.doCommand(String.format("destroy_asec %s", id)); String cmd = String.format("mount_asec %s %s %d", id, key, ownerUid); mConnector.doCommand(cmd); Loading @@ -1086,16 +1112,31 @@ class MountService extends IMountService.Stub } public void unmountSecureContainer(String id) throws IllegalStateException { if (mContext.checkCallingOrSelfPermission( android.Manifest.permission.ASEC_MOUNT_UNMOUNT) != PackageManager.PERMISSION_GRANTED) { throw new SecurityException("Requires ASEC_MOUNT_UNMOUNT permission"); } String cmd = String.format("unmount_asec %s", id); mConnector.doCommand(cmd); } public void renameSecureContainer(String oldId, String newId) throws IllegalStateException { if (mContext.checkCallingOrSelfPermission( android.Manifest.permission.ASEC_RENAME) != PackageManager.PERMISSION_GRANTED) { throw new SecurityException("Requires ASEC_RENAME permission"); } String cmd = String.format("rename_asec %s %s", oldId, newId); mConnector.doCommand(cmd); } public String getSecureContainerPath(String id) throws IllegalStateException { if (mContext.checkCallingOrSelfPermission( android.Manifest.permission.ASEC_ACCESS) != PackageManager.PERMISSION_GRANTED) { throw new SecurityException("Requires ASEC_ACCESS permission"); } ArrayList<String> rsp = mConnector.doCommand("asec_path " + id); for (String line : rsp) { Loading
San Mehat <san@google.com>San Mehat <san@google.com>