| Age | Commit message (Collapse) | Author |
|---|
|
As a next step they can be moved into separate directories to be
built as separate modules that may or may not be included in a
particular configuration.
Moves AppWidgetService, BackupManagerService, ClipboardService, DevicePolicyMS,
and WallpaperMS.
Change-Id: I33e48d070f38186819d3a1d7a4dc3984b75a9eda
|
|
Bug: 9520957
DevicePolicyManagerService will play dumb if the feature is not installed.
Continue to keep track of failed password attempts for keyguard's use.
Change-Id: I28d258dc09a8b4976b188da6f453d8daabcc4bdd
|
|
In DevicePolicyManagementService, on boot and when certs are installed,
post notification to tell the user that their traffic may be
monitored.
Have QuickSettings use the MonitoringCertInfoActivity instead
of building the dialog itself.
Bug: 10633199
Change-Id: Ie4b97295a9fc25867c87872feccdb17f4bea071d
|
|
Guard install/uninstall by enforcing that the caller have the new system-only permission MANAGE_CA_CERTIFICATES.
Also include API methods for asking whether there are any User CA certs
installed, or if one by a particular name is installed in the keystore.
CA certs will be installed via KeyChain into the TrustedCertificateStore.
Bug: 8232670
Change-Id: I17b47a452e72eb4fe556dc6db823a46c6e854be8
|
|
We will need to display the name of the device owner (the human
readable name of the institution) to the user.
"This device is managed by google.com"
Change-Id: Ic33b6530c19cb14a118245692697205de3911a58
|
|
The previously used permission was doing double duty as the permission
that device admins to check for to ensure that calls are coming from valid
system components.
MANAGE_DEVICE_ADMINS is system|signature and is now required to add/remove
device admins.
Required for:
Bug: 9856348
Change-Id: I64385d2ec734c3957af21b5a5d9cffd8a3bcd299
|
|
* commit '7f3ff133c19ed50dd245e025a44e1de7bcc3d38a':
Fix wrong log information in DevicePolicyManagerService
|
|
When user reset password their password,
if password doesn't match target quality of device,
DPM print a log why can't reset password.
however log message isn't correct information.
in log context, it have to exist current quality
and target quality. this patch can help print correct log.
Change-Id: I5c8fb1c77ddbe1bdbc76e35038c897e2e8efb077
|
|
Change-Id: I2640d3dc2200b589e2beb42a43cc93efd090f06e
|
|
A Device Owner cannot be uninstalled and is available to all users. It must
be registered before the device_provisioned flag is set.
Device admins can be disabled until used, but visible to device policy
manager, so that users wont be bothered with update requests.
Opened up a few related APIs for use by a system-installed Device Owner.
Change-Id: I847b5fe68c0f724863f778a67602b5bddc79d8e5
|
|
Restrictions saved as key/value pairs, mostly booleans right now
but might be expanded to other types later.
Save and restore restrictions in the user manager service.
Enforce some of the restrictions at the framework level. Some
are enforced (also) at the app level, such as in Settings.
Change-Id: Id11ffe129cb6a177e094edf79635727388c26f40
|
|
|
|
Also fix a little problem where the USER_STARTED broadcasts
were not being sent as ordered broadcasts(!).
Change-Id: I3aa3e0a9b3900967cdd2d115ee103371b0a50c41
|
|
When a DeviceAdmin requests a device wipe due to a number of incorrect
password attempts, only primary user can wipe the device. Secondary users
can only remove themselves from the device.
Bug: 7554445
Change-Id: I24331cb4eff37571fcd792abb2efc794f7b3f2d2
|
|
-> Also reduced calls to lockNow, and moved this call in ActivityManagerService
Change-Id: I9ba34ca902f7c0f71fa4ec302104688ca8d11f55
|
|
Bug: 7283501 Exchange Services crash while using Email App after upgrading
Change-Id: I40d13f5d3805ea3139dc3938077a5265ff78c426
|
|
Migrate networking, storage, battery, DropBox, and PackageManager
related Secure settings to Global table.
Bug: 7232014, 7231331, 7231198
Change-Id: I772c2a9586a2f708c9db95622477f235064b8f4d
|
|
This change renames the widget-specific API to be more generic
to allow further disabling of keyguard-specific customizations
in the future. Currently only allows disabling widgets and the
secure camera but can now easily be extended to disable other
features we add.
Fixes bug: 7021368
Change-Id: I3934cc2e7c64e0c6d511efb86980fc38a849708d
|
|
Bug: 7136483
Store device policy information for each user and apply them when user switches.
Global proxy can only be controlled by owner.
Camera restriction applies to all users, if any one has an admin that disables it.
Storage encryption can only be controlled by owner, although other users can query the state.
Wipe data will only remove the user if non-zero, wipe the device, if zero.
Change-Id: I359be46c1bc3828fd13d4be3228f11495081c8f2
|
|
others).
Bug: 7130570
Clear the calling identity before broadcasting to all users.
Change-Id: Ibe84af1ee00aecfe4b2d5bb7731a952f617b4885
|
|
It moved from System to Global, so writes are not automatically redirected
to the new namespace (else apps would start crashing).
Bug 7126575
Change-Id: Ief31fcb5a6107a098da04d30d146e16921dee776
|
|
Change-Id: I5876e9e180b2a995aaa355fbbb2b67cebb86104d
|
|
You can now use ALL and CURRENT when sending broadcasts, to specify
where the broadcast goes.
Sticky broadcasts are now correctly separated per user, and registered
receivers are filtered based on the requested target user.
New Context APIs for more kinds of sending broadcasts as users.
Updating a bunch of system code that sends broadcasts to explicitly
specify which user the broadcast goes to.
Made a single version of the code for interpreting the requested
target user ID that all entries to activity manager (start activity,
send broadcast, start service) use.
Change-Id: Ie29f02dd5242ef8c8fa56c54593a315cd2574e1c
|
|
The major goal of this rewrite is to make it easier to implement
power management policies correctly. According, the new
implementation primarily uses state-based rather than event-based
triggers for applying changes to the current power state.
For example, when an application requests that the proximity
sensor be used to manage the screen state (by way of a wake lock),
the power manager makes note of the fact that the set of
wake locks changed. Then it executes a common update function
that recalculates the entire state, first looking at wake locks,
then considering user activity, and eventually determining whether
the screen should be turned on or off. At this point it may
make a request to a component called the DisplayPowerController
to asynchronously update the display's powe state. Likewise,
DisplayPowerController makes note of the updated power request
and schedules its own update function to figure out what needs
to be changed.
The big benefit of this approach is that it's easy to mutate
multiple properties of the power state simultaneously then
apply their joint effects together all at once. Transitions
between states are detected and resolved by the update in
a consistent manner.
The new power manager service has is implemented as a set of
loosely coupled components. For the most part, information
only flows one way through these components (by issuing a
request to that component) although some components support
sending a message back to indicate when the work has been
completed. For example, the DisplayPowerController posts
a callback runnable asynchronously to tell the PowerManagerService
when the display is ready. An important feature of this
approach is that each component neatly encapsulates its
state and maintains its own invariants. Moreover, we do
not need to worry about deadlocks or awkward mutual exclusion
semantics because most of the requests are asynchronous.
The benefits of this design are especially apparent in
the implementation of the screen on / off and brightness
control animations which are able to take advantage of
framework features like properties, ObjectAnimator
and Choreographer.
The screen on / off animation is now the responsibility
of the power manager (instead of surface flinger). This change
makes it much easier to ensure that the animation is properly
coordinated with other power state changes and eliminates
the cause of race conditions in the older implementation.
The because of the userActivity() function has been changed
so that it never wakes the device from sleep. This change
removes ambiguity around forcing or disabling user activity
for various purposes. To wake the device, use wakeUp().
To put it to sleep, use goToSleep(). Simple.
The power manager service interface and API has been significantly
simplified and consolidated. Also fixed some inconsistencies
related to how the minimum and maximum screen brightness setting
was presented in brightness control widgets and enforced behind
the scenes.
At present the following features are implemented:
- Wake locks.
- User activity.
- Wake up / go to sleep.
- Power state broadcasts.
- Battery stats and event log notifications.
- Dreams.
- Proximity screen off.
- Animated screen on / off transitions.
- Auto-dimming.
- Auto-brightness control for the screen backlight with
different timeouts for ramping up versus ramping down.
- Auto-on when plugged or unplugged.
- Stay on when plugged.
- Device administration maximum user activity timeout.
- Application controlled brightness via window manager.
The following features are not yet implemented:
- Reduced user activity timeout for the key guard.
- Reduced user activity timeout for the phone application.
- Coordinating screen on barriers with the window manager.
- Preventing auto-rotation during power state changes.
- Auto-brightness adjustment setting (feature was disabled
in previous version of the power manager service pending
an improved UI design so leaving it out for now).
- Interpolated brightness control (a proposed new scheme
for more compactly specifying auto-brightness levels
in config.xml).
- Button / keyboard backlight control.
- Change window manager to associated WorkSource with
KEEP_SCREEN_ON_FLAG wake lock instead of talking
directly to the battery stats service.
- Optionally support animating screen brightness when
turning on/off instead of playing electron beam animation
(config_animateScreenLights).
Change-Id: I1d7a52e98f0449f76d70bf421f6a7f245957d1d7
|
|
* commit 'ab294eeb20d884855b038600f94a6e17b88b5772':
DevicePolicyManagerService: dump less
|
|
Reduce the amount of unnecessary information emitted from
the DevicePolicyManagerService.
Bug: 6732364
Change-Id: I639f6beab8471bdbe41ce6cd3a5a378acaf678b2
|
|
awake..." into jb-dev
* commit 'd8bbf96a84cba7c31fa1535fe2467520f2aa0198':
Fix issue #6664140: Time to lock should work even Stay awake...
|
|
...in Developer options is on
Don't respect stay awake while on as long as a time to lock limit
is being enforced. When we start enforcing one, make sure the
setting is off (since we won't be respecting it anyway).
Bug: 6664140
Change-Id: Id07cb528afa0c64c7766341841c51771f507121d
|
|
* commit '541803ccc530b8cc1d8d95aa5a82ebc191fc218c':
Wipe the user data out in any case.
|
|
|
|
Helps get rid of some jank when installing applications.
Change-Id: I97d0022f82d67796e334d37086e5911dd6ca6b62
|
|
When the external storage is not mounted, the android system won't
wipe out the user data (i.e. "/data") if wipeData() is called with
the flag WIPE_EXTERNAL_STORAGE.
We think that the user data should be wiped out in any options and
also wipeData(int) method currently supports also for a external
storage. So we will also change the API reference comment.
If we should care about backward compatibility of this method behavior
with the option WIPE_EXTERNAL_STORAGE, then we would add an another
bitmask something like a ALWAYS_RESET.
Change-Id: Id7bf673c722bacc0480d32e46553b9a348513879
|
|
This fixes a bug where the device fails to lock when DevicePolicyManagerService
requests the device to be locked and the screen was off because the user hit
the power button.
The change allows DPMS to directly invoke screen lock, bypasssing the screen state.
Change-Id: Iecdda6fc61e9c519119de495be23c69c3b983921
|
|
Fix 5783857: Device Policy Manager doesn't allow Face Unlock
This makes it so that if face unlock is enabled and then a device policy
manager that requires something more secure than face unlock is installed,
the user will be forced to choose a new acceptable lock type.
This was previously fixed for the case where the device had been reset, or
the shell was restarted after setting face unlock, but not for the case where the
device remained on between setting face unlock and setting up a device policy
manager.
Also changed the function ordering of saveLockPattern() so that the overloaded
wrapper function is next to the main function.
Change-Id: Ibed8c4ab137ebbc07fb143faef6f047bc6dc4474
|
|
The DPM seemed to always go through ExternalStorageFormatter to wipe the
device and SD card. For SD cards emulated on a fuse filesystem, this
seems to fail unless the device is wholly encrypted. Bypass
ExternalStorageFormatter in those cases and just wipe as normal.
Bug: 5458396
Change-Id: Iec759ef894c6bd3863cb4e7329f4de4584c60c1a
|
|
This fixes a crash caused by permission problems when we try to update
the password history and discover there's no password salt. The code
attempts to create the salt, which triggers the exception.
This could be fixed by wrapping the call with a clearCallingIdentity()/
restoreCallingIdentity(ident). However, while looking at it, it occurred to me
that this can cause unexpected failures if the DPM tries to set the
password twice or happens to set it to something in the password history.
Instead, we should *always* allow the DPM to reset the password to whatever it wants,
provided it passes the minimum password criteria.
Change-Id: I1505b24f9c097ee5c2c44e4bf378ba90095b113b
|
|
This introduces a new policy that a DeviceAdmin can use to disable _all_
cameras on the device. A separate CL will be made on the media side to
watch this policy bit and act accordingly.
Bug: 4185303
Change-Id: I700cfc4a8317bb74087ccae39346d74467fc58b2
|
|
* commit '469465c45e42c66201639feb49db5421f5843bbe':
I am a dummy.
|
|
Due to a copy/paste typo, getStorageEncryption() was protected by
getActiveAdminForCallerLocked(), which made the API unreadable if the
caller is not an admin. This doesn't match the rest of the DPM API which
allows the "get" calls to be made anonymously.
This fix supercedes the proposed workaround CL in the DPM ApiDemo sample.
Change-Id: If1a6237634e97ced09a7c6a8876bb6b0f60c9be9
|
|
Change-Id: Ie6908a8931954f83ab0e9b905173b576dbf3661d
|
|
Also fix not writing the settings file when an admin is removed.
And take care of an old to-do about not removing an admin until
after it has received the broadcast about it being disabled.
Change-Id: I4ebe0ea0461222b65425b2c5438b646b572f18c8
|
|
Change-Id: I3788772c375b916752cd8a98ff5d3751448e4334
|
|
Bug: 3346770
Change-Id: Ie70c14b1b4584a5f340a27102145f7860ba9e14b
|
|
* Add code to persist per-admin setting
* Add hooks for OS-level tie-in (is supported, get / set status)
* Add 3rd API call to get OS status (irrespective of admin settings)
* Remove "REQUESTED" status, no longer relevant with 3rd API
* Fixed bug that impacted global proxy settings
* Update api/11.xml to match current.xml
Bug: 3346770
Change-Id: I56bdf9a7894f6ca4842402c7b82ddb3caf4b37b9
|
|
* New uses-policies value
* Definitions for storage domain and encryption status
* API to get and set encryption status
* Intent to launch encryption changes
* Both new calls bottom out in the DPM service and are suitable for
a device that does not support encryption.
NOTE: Nobody should use ACTION_START_ENCRYPTION yet. It needs a receiver
to be built in Settings (different CL).
Change-Id: I2ae193bedbec59f6ba46c0ec7de12ecf321e5803
|
|
* Allows an app to detect that it needs to have additional policies granted
* Add "refreshing" parameter to setActiveAdmin() to handle this case
* Minor cleanups to eliminate warnings (mostly for unused things)
Bug: 3253179
Change-Id: I4bf639bf560557130bf98e8cfb75f996fac416f1
|
|
* Change alarm math to snap to multiples of 24h before expiration
* Stop recurring alarm when no expirations upcoming
* Fix small bug in update logic when device password is updated
Change-Id: I31ce147e4f8c766245fae3e286fc50eaee4cfa22
|
|
* Fix permissions problem in DevicePolicyManager
* Allow short timeouts (primarily for testing)
* Remove unused debugging code
Bug: 3212583
Change-Id: I3770b1c6f090363e8e8d65db92839cd53de05c45
|
|
bug:2700664
Change-Id: I74cc6e0bd6e66847bf18f524ce851e3e9d2c4e87
|
|
Change-Id: Ib2629ec547c123ac489d7f4cbd4e0a1d4aa07620
|
