Loading core/res/AndroidManifest.xml +8 −8 Original line number Diff line number Diff line Loading @@ -2541,7 +2541,7 @@ <!-- Allows an application to start a task from a ActivityManager#RecentTaskInfo. @hide --> <permission android:name="android.permission.START_TASKS_FROM_RECENTS" android:protectionLevel="signature|privileged" /> android:protectionLevel="signature|privileged|recents" /> <!-- @SystemApi @hide Allows an application to call APIs that allow it to do interactions across the users on the device, using singleton services and Loading Loading @@ -2606,7 +2606,7 @@ <!-- @SystemApi @TestApi @hide Allows an application to change to remove/kill tasks --> <permission android:name="android.permission.REMOVE_TASKS" android:protectionLevel="signature|documenter" /> android:protectionLevel="signature|documenter|recents" /> <!-- @deprecated Use MANAGE_ACTIVITY_TASKS instead. @SystemApi @TestApi @hide Allows an application to create/manage/remove stacks --> Loading @@ -2615,7 +2615,7 @@ <!-- @SystemApi @TestApi @hide Allows an application to create/manage/remove tasks --> <permission android:name="android.permission.MANAGE_ACTIVITY_TASKS" android:protectionLevel="signature" /> android:protectionLevel="signature|recents" /> <!-- @SystemApi @TestApi @hide Allows an application to embed other activities --> <permission android:name="android.permission.ACTIVITY_EMBEDDING" Loading Loading @@ -3284,7 +3284,7 @@ and its icons. <p>Not for use by third-party applications. --> <permission android:name="android.permission.STATUS_BAR" android:protectionLevel="signature|privileged" /> android:protectionLevel="signature|privileged|recents" /> <!-- Allows an application to trigger bugreport via shell using the bugreport API. <p>Not for use by third-party applications. Loading Loading @@ -3451,7 +3451,7 @@ critical UI such as the home screen. @hide --> <permission android:name="android.permission.STOP_APP_SWITCHES" android:protectionLevel="signature|privileged" /> android:protectionLevel="signature|privileged|recents" /> <!-- @SystemApi Allows an application to retrieve private information about the current top activity, such as any assist context it can provide. Loading Loading @@ -3836,7 +3836,7 @@ @hide --> <permission android:name="android.permission.SET_ORIENTATION" android:protectionLevel="signature" /> android:protectionLevel="signature|recents" /> <!-- @SystemApi Allows low-level access to setting the pointer speed. <p>Not for use by third-party applications. Loading Loading @@ -4100,7 +4100,7 @@ @hide @removed --> <permission android:name="android.permission.READ_FRAME_BUFFER" android:protectionLevel="signature" /> android:protectionLevel="signature|recents" /> <!-- Allows an application to use InputFlinger's low level features. @hide --> Loading Loading @@ -5277,7 +5277,7 @@ <!-- @SystemApi Allows modifying accessibility state. @hide --> <permission android:name="android.permission.MANAGE_ACCESSIBILITY" android:protectionLevel="signature|setup" /> android:protectionLevel="signature|setup|recents" /> <!-- @SystemApi Allows an app to grant a profile owner access to device identifiers. <p>Not for use by third-party applications. Loading data/etc/com.android.launcher3.xml +3 −0 Original line number Diff line number Diff line Loading @@ -21,5 +21,8 @@ <permission name="android.permission.GET_ACCOUNTS_PRIVILEGED"/> <permission name="android.permission.WRITE_SECURE_SETTINGS"/> <permission name="android.permission.BROADCAST_CLOSE_SYSTEM_DIALOGS"/> <permission name="android.permission.START_TASKS_FROM_RECENTS"/> <permission name="android.permission.STATUS_BAR"/> <permission name="android.permission.STOP_APP_SWITCHES"/> </privapp-permissions> </permissions> services/accessibility/java/com/android/server/accessibility/AccessibilityManagerService.java +2 −8 Original line number Diff line number Diff line Loading @@ -166,8 +166,6 @@ public class AccessibilityManagerService extends IAccessibilityManager.Stub // their capabilities are ready. private static final int WAIT_MOTION_INJECTOR_TIMEOUT_MILLIS = 1000; static final String FUNCTION_REGISTER_SYSTEM_ACTION = "registerSystemAction"; static final String FUNCTION_UNREGISTER_SYSTEM_ACTION = "unregisterSystemAction"; private static final String FUNCTION_REGISTER_UI_TEST_AUTOMATION_SERVICE = "registerUiTestAutomationService"; Loading Loading @@ -748,9 +746,7 @@ public class AccessibilityManagerService extends IAccessibilityManager.Stub */ @Override public void registerSystemAction(RemoteAction action, int actionId) { mSecurityPolicy.enforceCallerIsRecentsOrHasPermission( Manifest.permission.MANAGE_ACCESSIBILITY, FUNCTION_REGISTER_SYSTEM_ACTION); mSecurityPolicy.enforceCallingOrSelfPermission(Manifest.permission.MANAGE_ACCESSIBILITY); getSystemActionPerformer().registerSystemAction(actionId, action); } Loading @@ -761,9 +757,7 @@ public class AccessibilityManagerService extends IAccessibilityManager.Stub */ @Override public void unregisterSystemAction(int actionId) { mSecurityPolicy.enforceCallerIsRecentsOrHasPermission( Manifest.permission.MANAGE_ACCESSIBILITY, FUNCTION_UNREGISTER_SYSTEM_ACTION); mSecurityPolicy.enforceCallingOrSelfPermission(Manifest.permission.MANAGE_ACCESSIBILITY); getSystemActionPerformer().unregisterSystemAction(actionId); } Loading services/accessibility/java/com/android/server/accessibility/AccessibilitySecurityPolicy.java +0 −13 Original line number Diff line number Diff line Loading @@ -38,8 +38,6 @@ import android.util.Slog; import android.view.accessibility.AccessibilityEvent; import com.android.internal.util.ArrayUtils; import com.android.server.LocalServices; import com.android.server.wm.ActivityTaskManagerInternal; import libcore.util.EmptyArray; Loading Loading @@ -88,7 +86,6 @@ public class AccessibilitySecurityPolicy { private final AccessibilityUserManager mAccessibilityUserManager; private AccessibilityWindowManager mAccessibilityWindowManager; private final ActivityTaskManagerInternal mAtmInternal; /** * Constructor for AccessibilityManagerService. Loading @@ -100,7 +97,6 @@ public class AccessibilitySecurityPolicy { mPackageManager = mContext.getPackageManager(); mUserManager = (UserManager) mContext.getSystemService(Context.USER_SERVICE); mAppOpsManager = (AppOpsManager) context.getSystemService(Context.APP_OPS_SERVICE); mAtmInternal = LocalServices.getService(ActivityTaskManagerInternal.class); } /** Loading Loading @@ -572,13 +568,4 @@ public class AccessibilitySecurityPolicy { + permission); } } /** * Enforcing permission check to IPC caller or grant it if it's recents. * * @param permission The permission to check */ public void enforceCallerIsRecentsOrHasPermission(@NonNull String permission, String func) { mAtmInternal.enforceCallerIsRecentsOrHasPermission(permission, func); } } services/core/java/com/android/server/wm/ActivityTaskManagerInternal.java +0 −6 Original line number Diff line number Diff line Loading @@ -278,12 +278,6 @@ public abstract class ActivityTaskManagerInternal { */ public abstract void cancelRecentsAnimation(boolean restoreHomeRootTaskPosition); /** * This enforces {@code func} can only be called if either the caller is Recents activity or * has {@code permission}. */ public abstract void enforceCallerIsRecentsOrHasPermission(String permission, String func); /** * Returns true if the app can close system dialogs. Otherwise it either throws a {@link * SecurityException} or returns false with a logcat message depending on whether the app Loading Loading
core/res/AndroidManifest.xml +8 −8 Original line number Diff line number Diff line Loading @@ -2541,7 +2541,7 @@ <!-- Allows an application to start a task from a ActivityManager#RecentTaskInfo. @hide --> <permission android:name="android.permission.START_TASKS_FROM_RECENTS" android:protectionLevel="signature|privileged" /> android:protectionLevel="signature|privileged|recents" /> <!-- @SystemApi @hide Allows an application to call APIs that allow it to do interactions across the users on the device, using singleton services and Loading Loading @@ -2606,7 +2606,7 @@ <!-- @SystemApi @TestApi @hide Allows an application to change to remove/kill tasks --> <permission android:name="android.permission.REMOVE_TASKS" android:protectionLevel="signature|documenter" /> android:protectionLevel="signature|documenter|recents" /> <!-- @deprecated Use MANAGE_ACTIVITY_TASKS instead. @SystemApi @TestApi @hide Allows an application to create/manage/remove stacks --> Loading @@ -2615,7 +2615,7 @@ <!-- @SystemApi @TestApi @hide Allows an application to create/manage/remove tasks --> <permission android:name="android.permission.MANAGE_ACTIVITY_TASKS" android:protectionLevel="signature" /> android:protectionLevel="signature|recents" /> <!-- @SystemApi @TestApi @hide Allows an application to embed other activities --> <permission android:name="android.permission.ACTIVITY_EMBEDDING" Loading Loading @@ -3284,7 +3284,7 @@ and its icons. <p>Not for use by third-party applications. --> <permission android:name="android.permission.STATUS_BAR" android:protectionLevel="signature|privileged" /> android:protectionLevel="signature|privileged|recents" /> <!-- Allows an application to trigger bugreport via shell using the bugreport API. <p>Not for use by third-party applications. Loading Loading @@ -3451,7 +3451,7 @@ critical UI such as the home screen. @hide --> <permission android:name="android.permission.STOP_APP_SWITCHES" android:protectionLevel="signature|privileged" /> android:protectionLevel="signature|privileged|recents" /> <!-- @SystemApi Allows an application to retrieve private information about the current top activity, such as any assist context it can provide. Loading Loading @@ -3836,7 +3836,7 @@ @hide --> <permission android:name="android.permission.SET_ORIENTATION" android:protectionLevel="signature" /> android:protectionLevel="signature|recents" /> <!-- @SystemApi Allows low-level access to setting the pointer speed. <p>Not for use by third-party applications. Loading Loading @@ -4100,7 +4100,7 @@ @hide @removed --> <permission android:name="android.permission.READ_FRAME_BUFFER" android:protectionLevel="signature" /> android:protectionLevel="signature|recents" /> <!-- Allows an application to use InputFlinger's low level features. @hide --> Loading Loading @@ -5277,7 +5277,7 @@ <!-- @SystemApi Allows modifying accessibility state. @hide --> <permission android:name="android.permission.MANAGE_ACCESSIBILITY" android:protectionLevel="signature|setup" /> android:protectionLevel="signature|setup|recents" /> <!-- @SystemApi Allows an app to grant a profile owner access to device identifiers. <p>Not for use by third-party applications. Loading
data/etc/com.android.launcher3.xml +3 −0 Original line number Diff line number Diff line Loading @@ -21,5 +21,8 @@ <permission name="android.permission.GET_ACCOUNTS_PRIVILEGED"/> <permission name="android.permission.WRITE_SECURE_SETTINGS"/> <permission name="android.permission.BROADCAST_CLOSE_SYSTEM_DIALOGS"/> <permission name="android.permission.START_TASKS_FROM_RECENTS"/> <permission name="android.permission.STATUS_BAR"/> <permission name="android.permission.STOP_APP_SWITCHES"/> </privapp-permissions> </permissions>
services/accessibility/java/com/android/server/accessibility/AccessibilityManagerService.java +2 −8 Original line number Diff line number Diff line Loading @@ -166,8 +166,6 @@ public class AccessibilityManagerService extends IAccessibilityManager.Stub // their capabilities are ready. private static final int WAIT_MOTION_INJECTOR_TIMEOUT_MILLIS = 1000; static final String FUNCTION_REGISTER_SYSTEM_ACTION = "registerSystemAction"; static final String FUNCTION_UNREGISTER_SYSTEM_ACTION = "unregisterSystemAction"; private static final String FUNCTION_REGISTER_UI_TEST_AUTOMATION_SERVICE = "registerUiTestAutomationService"; Loading Loading @@ -748,9 +746,7 @@ public class AccessibilityManagerService extends IAccessibilityManager.Stub */ @Override public void registerSystemAction(RemoteAction action, int actionId) { mSecurityPolicy.enforceCallerIsRecentsOrHasPermission( Manifest.permission.MANAGE_ACCESSIBILITY, FUNCTION_REGISTER_SYSTEM_ACTION); mSecurityPolicy.enforceCallingOrSelfPermission(Manifest.permission.MANAGE_ACCESSIBILITY); getSystemActionPerformer().registerSystemAction(actionId, action); } Loading @@ -761,9 +757,7 @@ public class AccessibilityManagerService extends IAccessibilityManager.Stub */ @Override public void unregisterSystemAction(int actionId) { mSecurityPolicy.enforceCallerIsRecentsOrHasPermission( Manifest.permission.MANAGE_ACCESSIBILITY, FUNCTION_UNREGISTER_SYSTEM_ACTION); mSecurityPolicy.enforceCallingOrSelfPermission(Manifest.permission.MANAGE_ACCESSIBILITY); getSystemActionPerformer().unregisterSystemAction(actionId); } Loading
services/accessibility/java/com/android/server/accessibility/AccessibilitySecurityPolicy.java +0 −13 Original line number Diff line number Diff line Loading @@ -38,8 +38,6 @@ import android.util.Slog; import android.view.accessibility.AccessibilityEvent; import com.android.internal.util.ArrayUtils; import com.android.server.LocalServices; import com.android.server.wm.ActivityTaskManagerInternal; import libcore.util.EmptyArray; Loading Loading @@ -88,7 +86,6 @@ public class AccessibilitySecurityPolicy { private final AccessibilityUserManager mAccessibilityUserManager; private AccessibilityWindowManager mAccessibilityWindowManager; private final ActivityTaskManagerInternal mAtmInternal; /** * Constructor for AccessibilityManagerService. Loading @@ -100,7 +97,6 @@ public class AccessibilitySecurityPolicy { mPackageManager = mContext.getPackageManager(); mUserManager = (UserManager) mContext.getSystemService(Context.USER_SERVICE); mAppOpsManager = (AppOpsManager) context.getSystemService(Context.APP_OPS_SERVICE); mAtmInternal = LocalServices.getService(ActivityTaskManagerInternal.class); } /** Loading Loading @@ -572,13 +568,4 @@ public class AccessibilitySecurityPolicy { + permission); } } /** * Enforcing permission check to IPC caller or grant it if it's recents. * * @param permission The permission to check */ public void enforceCallerIsRecentsOrHasPermission(@NonNull String permission, String func) { mAtmInternal.enforceCallerIsRecentsOrHasPermission(permission, func); } }
services/core/java/com/android/server/wm/ActivityTaskManagerInternal.java +0 −6 Original line number Diff line number Diff line Loading @@ -278,12 +278,6 @@ public abstract class ActivityTaskManagerInternal { */ public abstract void cancelRecentsAnimation(boolean restoreHomeRootTaskPosition); /** * This enforces {@code func} can only be called if either the caller is Recents activity or * has {@code permission}. */ public abstract void enforceCallerIsRecentsOrHasPermission(String permission, String func); /** * Returns true if the app can close system dialogs. Otherwise it either throws a {@link * SecurityException} or returns false with a logcat message depending on whether the app Loading
