blob: ab9e46ccc6e1ef1b17fb6810158bee2c2688f464 [file] [log] [blame]
<?xml version="1.0" encoding="utf-8"?>
<!--
/* //device/apps/common/AndroidManifest.xml
**
** Copyright 2006, The Android Open Source Project
**
** Licensed under the Apache License, Version 2.0 (the "License");
** you may not use this file except in compliance with the License.
** You may obtain a copy of the License at
**
** http://www.apache.org/licenses/LICENSE-2.0
**
** Unless required by applicable law or agreed to in writing, software
** distributed under the License is distributed on an "AS IS" BASIS,
** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
** See the License for the specific language governing permissions and
** limitations under the License.
*/
-->
<manifest xmlns:android="http://schemas.android.com/apk/res/android"
package="android" coreApp="true" android:sharedUserId="android.uid.system"
android:sharedUserLabel="@string/android_system_label">
<!-- ================================================ -->
<!-- Special broadcasts that only the system can send -->
<!-- ================================================ -->
<eat-comment />
<protected-broadcast android:name="android.intent.action.SCREEN_OFF" />
<protected-broadcast android:name="android.intent.action.SCREEN_ON" />
<protected-broadcast android:name="android.intent.action.USER_PRESENT" />
<protected-broadcast android:name="android.intent.action.TIME_SET" />
<protected-broadcast android:name="android.intent.action.TIME_TICK" />
<protected-broadcast android:name="android.intent.action.TIMEZONE_CHANGED" />
<protected-broadcast android:name="android.intent.action.DATE_CHANGED" />
<protected-broadcast android:name="android.intent.action.PRE_BOOT_COMPLETED" />
<protected-broadcast android:name="android.intent.action.BOOT_COMPLETED" />
<protected-broadcast android:name="android.intent.action.PACKAGE_INSTALL" />
<protected-broadcast android:name="android.intent.action.PACKAGE_ADDED" />
<protected-broadcast android:name="android.intent.action.PACKAGE_REPLACED" />
<protected-broadcast android:name="android.intent.action.MY_PACKAGE_REPLACED" />
<protected-broadcast android:name="android.intent.action.PACKAGE_REMOVED" />
<protected-broadcast android:name="android.intent.action.PACKAGE_REMOVED_INTERNAL" />
<protected-broadcast android:name="android.intent.action.PACKAGE_FULLY_REMOVED" />
<protected-broadcast android:name="android.intent.action.PACKAGE_CHANGED" />
<protected-broadcast android:name="android.intent.action.PACKAGE_FULLY_LOADED" />
<protected-broadcast android:name="android.intent.action.PACKAGE_ENABLE_ROLLBACK" />
<protected-broadcast android:name="android.intent.action.CANCEL_ENABLE_ROLLBACK" />
<protected-broadcast android:name="android.intent.action.ROLLBACK_COMMITTED" />
<protected-broadcast android:name="android.intent.action.PACKAGE_RESTARTED" />
<protected-broadcast android:name="android.intent.action.PACKAGE_UNSTOPPED" />
<protected-broadcast android:name="android.intent.action.PACKAGE_DATA_CLEARED" />
<protected-broadcast android:name="android.intent.action.PACKAGE_FIRST_LAUNCH" />
<protected-broadcast android:name="android.intent.action.PACKAGE_NEEDS_INTEGRITY_VERIFICATION" />
<protected-broadcast android:name="android.intent.action.PACKAGE_NEEDS_VERIFICATION" />
<protected-broadcast android:name="android.intent.action.PACKAGE_VERIFIED" />
<protected-broadcast android:name="android.intent.action.PACKAGES_SUSPENDED" />
<protected-broadcast android:name="android.intent.action.PACKAGES_UNSUSPENDED" />
<protected-broadcast android:name="android.intent.action.PACKAGES_SUSPENSION_CHANGED" />
<protected-broadcast android:name="android.intent.action.PACKAGE_UNSUSPENDED_MANUALLY" />
<protected-broadcast android:name="android.intent.action.DISTRACTING_PACKAGES_CHANGED" />
<protected-broadcast android:name="android.intent.action.ACTION_PREFERRED_ACTIVITY_CHANGED" />
<protected-broadcast android:name="android.intent.action.UID_REMOVED" />
<protected-broadcast android:name="android.intent.action.QUERY_PACKAGE_RESTART" />
<protected-broadcast android:name="android.intent.action.CONFIGURATION_CHANGED" />
<protected-broadcast android:name="android.intent.action.SPLIT_CONFIGURATION_CHANGED" />
<protected-broadcast android:name="android.intent.action.LOCALE_CHANGED" />
<protected-broadcast android:name="android.intent.action.APPLICATION_LOCALE_CHANGED" />
<protected-broadcast android:name="android.intent.action.BATTERY_CHANGED" />
<protected-broadcast android:name="android.intent.action.BATTERY_LEVEL_CHANGED" />
<protected-broadcast android:name="android.intent.action.BATTERY_LOW" />
<protected-broadcast android:name="android.intent.action.BATTERY_OKAY" />
<protected-broadcast android:name="android.intent.action.ACTION_POWER_CONNECTED" />
<protected-broadcast android:name="android.intent.action.ACTION_POWER_DISCONNECTED" />
<protected-broadcast android:name="android.intent.action.ACTION_SHUTDOWN" />
<protected-broadcast android:name="android.intent.action.CHARGING" />
<protected-broadcast android:name="android.intent.action.DISCHARGING" />
<protected-broadcast android:name="android.intent.action.DEVICE_STORAGE_LOW" />
<protected-broadcast android:name="android.intent.action.DEVICE_STORAGE_OK" />
<protected-broadcast android:name="android.intent.action.DEVICE_STORAGE_FULL" />
<protected-broadcast android:name="android.intent.action.DEVICE_STORAGE_NOT_FULL" />
<protected-broadcast android:name="android.intent.action.NEW_OUTGOING_CALL" />
<protected-broadcast android:name="android.intent.action.REBOOT" />
<protected-broadcast android:name="android.intent.action.DOCK_EVENT" />
<protected-broadcast android:name="android.intent.action.THERMAL_EVENT" />
<protected-broadcast android:name="android.intent.action.MASTER_CLEAR_NOTIFICATION" />
<protected-broadcast android:name="android.intent.action.USER_ADDED" />
<protected-broadcast android:name="android.intent.action.USER_REMOVED" />
<protected-broadcast android:name="android.intent.action.USER_STARTING" />
<protected-broadcast android:name="android.intent.action.USER_STARTED" />
<protected-broadcast android:name="android.intent.action.USER_STOPPING" />
<protected-broadcast android:name="android.intent.action.USER_STOPPED" />
<protected-broadcast android:name="android.intent.action.USER_BACKGROUND" />
<protected-broadcast android:name="android.intent.action.USER_FOREGROUND" />
<protected-broadcast android:name="android.intent.action.USER_SWITCHED" />
<protected-broadcast android:name="android.intent.action.USER_INITIALIZE" />
<protected-broadcast android:name="android.intent.action.INTENT_FILTER_NEEDS_VERIFICATION" />
<protected-broadcast android:name="android.intent.action.DOMAINS_NEED_VERIFICATION" />
<protected-broadcast android:name="android.intent.action.OVERLAY_ADDED" />
<protected-broadcast android:name="android.intent.action.OVERLAY_CHANGED" />
<protected-broadcast android:name="android.intent.action.OVERLAY_REMOVED" />
<protected-broadcast android:name="android.intent.action.OVERLAY_PRIORITY_CHANGED" />
<protected-broadcast android:name="android.intent.action.MY_PACKAGE_SUSPENDED" />
<protected-broadcast android:name="android.intent.action.MY_PACKAGE_UNSUSPENDED" />
<protected-broadcast android:name="android.intent.action.UNARCHIVE_PACKAGE" />
<protected-broadcast android:name="android.os.action.POWER_SAVE_MODE_CHANGED" />
<protected-broadcast android:name="android.os.action.DEVICE_IDLE_MODE_CHANGED" />
<protected-broadcast android:name="android.os.action.POWER_SAVE_WHITELIST_CHANGED" />
<protected-broadcast android:name="android.os.action.POWER_SAVE_TEMP_WHITELIST_CHANGED" />
<protected-broadcast android:name="android.os.action.POWER_SAVE_MODE_CHANGED_INTERNAL" />
<protected-broadcast android:name="android.os.action.LOW_POWER_STANDBY_ENABLED_CHANGED" />
<protected-broadcast android:name="android.os.action.LOW_POWER_STANDBY_POLICY_CHANGED" />
<protected-broadcast android:name="android.os.action.LOW_POWER_STANDBY_PORTS_CHANGED" />
<protected-broadcast android:name="android.os.action.ENHANCED_DISCHARGE_PREDICTION_CHANGED" />
<!-- @deprecated This is rarely used and will be phased out soon. -->
<protected-broadcast android:name="android.os.action.SCREEN_BRIGHTNESS_BOOST_CHANGED" />
<protected-broadcast android:name="android.app.action.CLOSE_NOTIFICATION_HANDLER_PANEL" />
<protected-broadcast android:name="android.app.action.ENTER_CAR_MODE" />
<protected-broadcast android:name="android.app.action.EXIT_CAR_MODE" />
<protected-broadcast android:name="android.app.action.ENTER_CAR_MODE_PRIORITIZED" />
<protected-broadcast android:name="android.app.action.EXIT_CAR_MODE_PRIORITIZED" />
<protected-broadcast android:name="android.app.action.ENTER_DESK_MODE" />
<protected-broadcast android:name="android.app.action.EXIT_DESK_MODE" />
<protected-broadcast android:name="android.app.action.NEXT_ALARM_CLOCK_CHANGED" />
<protected-broadcast android:name="android.app.action.USER_ADDED" />
<protected-broadcast android:name="android.app.action.USER_REMOVED" />
<protected-broadcast android:name="android.app.action.USER_STARTED" />
<protected-broadcast android:name="android.app.action.USER_STOPPED" />
<protected-broadcast android:name="android.app.action.USER_SWITCHED" />
<protected-broadcast android:name="android.app.action.BUGREPORT_SHARING_DECLINED" />
<protected-broadcast android:name="android.app.action.BUGREPORT_FAILED" />
<protected-broadcast android:name="android.app.action.BUGREPORT_SHARE" />
<protected-broadcast android:name="android.app.action.SHOW_DEVICE_MONITORING_DIALOG" />
<protected-broadcast android:name="android.intent.action.PENDING_INCIDENT_REPORTS_CHANGED" />
<protected-broadcast android:name="android.intent.action.INCIDENT_REPORT_READY" />
<protected-broadcast android:name="android.appwidget.action.APPWIDGET_UPDATE_OPTIONS" />
<protected-broadcast android:name="android.appwidget.action.APPWIDGET_DELETED" />
<protected-broadcast android:name="android.appwidget.action.APPWIDGET_DISABLED" />
<protected-broadcast android:name="android.appwidget.action.APPWIDGET_ENABLED" />
<protected-broadcast android:name="android.appwidget.action.APPWIDGET_HOST_RESTORED" />
<protected-broadcast android:name="android.appwidget.action.APPWIDGET_RESTORED" />
<protected-broadcast android:name="android.appwidget.action.APPWIDGET_ENABLE_AND_UPDATE" />
<protected-broadcast android:name="android.os.action.SETTING_RESTORED" />
<protected-broadcast android:name="android.app.backup.intent.CLEAR" />
<protected-broadcast android:name="android.app.backup.intent.INIT" />
<protected-broadcast android:name="android.bluetooth.intent.DISCOVERABLE_TIMEOUT" />
<protected-broadcast android:name="android.bluetooth.adapter.action.STATE_CHANGED" />
<protected-broadcast android:name="android.bluetooth.adapter.action.SCAN_MODE_CHANGED" />
<protected-broadcast android:name="android.bluetooth.adapter.action.DISCOVERY_STARTED" />
<protected-broadcast android:name="android.bluetooth.adapter.action.DISCOVERY_FINISHED" />
<protected-broadcast android:name="android.bluetooth.adapter.action.LOCAL_NAME_CHANGED" />
<protected-broadcast android:name="android.bluetooth.adapter.action.BLUETOOTH_ADDRESS_CHANGED" />
<protected-broadcast android:name="android.bluetooth.adapter.action.CONNECTION_STATE_CHANGED" />
<protected-broadcast android:name="android.bluetooth.device.action.UUID" />
<protected-broadcast android:name="android.bluetooth.device.action.MAS_INSTANCE" />
<protected-broadcast android:name="android.bluetooth.device.action.ALIAS_CHANGED" />
<protected-broadcast android:name="android.bluetooth.device.action.FOUND" />
<protected-broadcast android:name="android.bluetooth.device.action.CLASS_CHANGED" />
<protected-broadcast android:name="android.bluetooth.device.action.ACL_CONNECTED" />
<protected-broadcast android:name="android.bluetooth.device.action.ACL_DISCONNECT_REQUESTED" />
<protected-broadcast android:name="android.bluetooth.device.action.ACL_DISCONNECTED" />
<protected-broadcast android:name="android.bluetooth.device.action.NAME_CHANGED" />
<protected-broadcast android:name="android.bluetooth.device.action.BOND_STATE_CHANGED" />
<protected-broadcast android:name="android.bluetooth.device.action.NAME_FAILED" />
<protected-broadcast android:name="android.bluetooth.device.action.PAIRING_REQUEST" />
<protected-broadcast android:name="android.bluetooth.device.action.PAIRING_CANCEL" />
<protected-broadcast android:name="android.bluetooth.device.action.CONNECTION_ACCESS_REPLY" />
<protected-broadcast android:name="android.bluetooth.device.action.CONNECTION_ACCESS_CANCEL" />
<protected-broadcast android:name="android.bluetooth.device.action.CONNECTION_ACCESS_REQUEST" />
<protected-broadcast android:name="android.bluetooth.device.action.SDP_RECORD" />
<protected-broadcast android:name="android.bluetooth.device.action.BATTERY_LEVEL_CHANGED" />
<protected-broadcast android:name="android.bluetooth.device.action.REMOTE_ISSUE_OCCURRED" />
<protected-broadcast android:name="android.bluetooth.devicepicker.action.LAUNCH" />
<protected-broadcast android:name="android.bluetooth.devicepicker.action.DEVICE_SELECTED" />
<protected-broadcast
android:name="android.bluetooth.headset.profile.action.CONNECTION_STATE_CHANGED" />
<protected-broadcast
android:name="android.bluetooth.headset.profile.action.AUDIO_STATE_CHANGED" />
<protected-broadcast
android:name="android.bluetooth.headset.action.VENDOR_SPECIFIC_HEADSET_EVENT" />
<protected-broadcast
android:name="android.bluetooth.headset.action.HF_INDICATORS_VALUE_CHANGED" />
<protected-broadcast
android:name="android.bluetooth.headset.profile.action.ACTIVE_DEVICE_CHANGED" />
<protected-broadcast
android:name="android.bluetooth.headsetclient.profile.action.CONNECTION_STATE_CHANGED" />
<protected-broadcast
android:name="android.bluetooth.headsetclient.profile.action.AUDIO_STATE_CHANGED" />
<protected-broadcast
android:name="android.bluetooth.headsetclient.profile.action.AG_EVENT" />
<protected-broadcast
android:name="android.bluetooth.headsetclient.profile.action.AG_CALL_CHANGED" />
<protected-broadcast
android:name="android.bluetooth.headsetclient.profile.action.RESULT" />
<protected-broadcast
android:name="android.bluetooth.headsetclient.profile.action.LAST_VTAG" />
<protected-broadcast
android:name="android.bluetooth.headsetclient.profile.action.NETWORK_SERVICE_STATE_CHANGED" />
<protected-broadcast
android:name="android.bluetooth.hearingaid.profile.action.CONNECTION_STATE_CHANGED" />
<protected-broadcast
android:name="android.bluetooth.hearingaid.profile.action.PLAYING_STATE_CHANGED" />
<protected-broadcast
android:name="android.bluetooth.hearingaid.profile.action.ACTIVE_DEVICE_CHANGED" />
<protected-broadcast android:name="android.bluetooth.action.CSIS_CONNECTION_STATE_CHANGED" />
<protected-broadcast android:name="android.bluetooth.action.CSIS_DEVICE_AVAILABLE" />
<protected-broadcast android:name="android.bluetooth.action.CSIS_SET_MEMBER_AVAILABLE" />
<protected-broadcast
android:name="android.bluetooth.volume-control.profile.action.CONNECTION_STATE_CHANGED" />
<protected-broadcast
android:name="android.bluetooth.a2dp.profile.action.CONNECTION_STATE_CHANGED" />
<protected-broadcast
android:name="android.bluetooth.a2dp.profile.action.ACTIVE_DEVICE_CHANGED" />
<protected-broadcast
android:name="android.bluetooth.a2dp.profile.action.PLAYING_STATE_CHANGED" />
<protected-broadcast
android:name="android.bluetooth.a2dp.profile.action.CODEC_CONFIG_CHANGED" />
<protected-broadcast
android:name="android.bluetooth.a2dp-sink.profile.action.CONNECTION_STATE_CHANGED" />
<protected-broadcast
android:name="android.bluetooth.a2dp-sink.profile.action.PLAYING_STATE_CHANGED" />
<protected-broadcast
android:name="android.bluetooth.a2dp-sink.profile.action.AUDIO_CONFIG_CHANGED" />
<protected-broadcast
android:name="android.bluetooth.avrcp-controller.profile.action.BROWSE_CONNECTION_STATE_CHANGED" />
<protected-broadcast
android:name="android.bluetooth.avrcp-controller.profile.action.CONNECTION_STATE_CHANGED" />
<protected-broadcast
android:name="android.bluetooth.avrcp-controller.profile.action.FOLDER_LIST" />
<protected-broadcast
android:name="android.bluetooth.avrcp-controller.profile.action.TRACK_EVENT" />
<protected-broadcast
android:name="android.bluetooth.input.profile.action.CONNECTION_STATE_CHANGED" />
<protected-broadcast
android:name="android.bluetooth.input.profile.action.IDLE_TIME_CHANGED" />
<protected-broadcast
android:name="android.bluetooth.input.profile.action.PROTOCOL_MODE_CHANGED" />
<protected-broadcast
android:name="android.bluetooth.input.profile.action.VIRTUAL_UNPLUG_STATUS" />
<protected-broadcast
android:name="android.bluetooth.hiddevice.profile.action.CONNECTION_STATE_CHANGED" />
<protected-broadcast
android:name="android.bluetooth.map.profile.action.CONNECTION_STATE_CHANGED" />
<protected-broadcast android:name="android.bluetooth.mapmce.profile.action.CONNECTION_STATE_CHANGED" />
<protected-broadcast android:name="android.bluetooth.mapmce.profile.action.MESSAGE_RECEIVED" />
<protected-broadcast android:name="android.bluetooth.mapmce.profile.action.MESSAGE_SENT_SUCCESSFULLY" />
<protected-broadcast android:name="android.bluetooth.mapmce.profile.action.MESSAGE_DELIVERED_SUCCESSFULLY" />
<protected-broadcast android:name="android.bluetooth.mapmce.profile.action.MESSAGE_READ_STATUS_CHANGED" />
<protected-broadcast android:name="android.bluetooth.mapmce.profile.action.MESSAGE_DELETED_STATUS_CHANGED" />
<protected-broadcast
android:name="com.android.bluetooth.BluetoothMapContentObserver.action.MESSAGE_SENT" />
<protected-broadcast
android:name="com.android.bluetooth.BluetoothMapContentObserver.action.MESSAGE_DELIVERY" />
<protected-broadcast
android:name="android.bluetooth.pan.profile.action.CONNECTION_STATE_CHANGED" />
<protected-broadcast android:name="android.bluetooth.action.HAP_CONNECTION_STATE_CHANGED" />
<protected-broadcast android:name="android.bluetooth.action.LE_AUDIO_CONNECTION_STATE_CHANGED" />
<protected-broadcast android:name="android.bluetooth.action.LE_AUDIO_ACTIVE_DEVICE_CHANGED" />
<protected-broadcast android:name="android.bluetooth.action.LE_AUDIO_CONF_CHANGED" />
<protected-broadcast android:name="android.bluetooth.action.LE_AUDIO_GROUP_NODE_STATUS_CHANGED" />
<protected-broadcast android:name="android.bluetooth.action.LE_AUDIO_GROUP_STATUS_CHANGED" />
<protected-broadcast
android:name="android.bluetooth.action.TETHERING_STATE_CHANGED" />
<protected-broadcast android:name="android.bluetooth.pbap.profile.action.CONNECTION_STATE_CHANGED" />
<protected-broadcast android:name="android.bluetooth.pbapclient.profile.action.CONNECTION_STATE_CHANGED" />
<protected-broadcast android:name="android.bluetooth.sap.profile.action.CONNECTION_STATE_CHANGED" />
<protected-broadcast android:name="android.btopp.intent.action.INCOMING_FILE_NOTIFICATION" />
<protected-broadcast android:name="android.btopp.intent.action.USER_CONFIRMATION_TIMEOUT" />
<protected-broadcast android:name="android.btopp.intent.action.LIST" />
<protected-broadcast android:name="android.btopp.intent.action.OPEN_OUTBOUND" />
<protected-broadcast android:name="android.btopp.intent.action.HIDE_COMPLETE" />
<protected-broadcast android:name="android.btopp.intent.action.CONFIRM" />
<protected-broadcast android:name="android.btopp.intent.action.HIDE" />
<protected-broadcast android:name="android.btopp.intent.action.RETRY" />
<protected-broadcast android:name="android.btopp.intent.action.OPEN" />
<protected-broadcast android:name="android.btopp.intent.action.OPEN_INBOUND" />
<protected-broadcast android:name="android.btopp.intent.action.TRANSFER_COMPLETE" />
<protected-broadcast android:name="android.btopp.intent.action.ACCEPT" />
<protected-broadcast android:name="android.btopp.intent.action.DECLINE" />
<protected-broadcast android:name="com.android.bluetooth.gatt.REFRESH_BATCHED_SCAN" />
<protected-broadcast android:name="com.android.bluetooth.pbap.authchall" />
<protected-broadcast android:name="com.android.bluetooth.pbap.userconfirmtimeout" />
<protected-broadcast android:name="com.android.bluetooth.pbap.authresponse" />
<protected-broadcast android:name="com.android.bluetooth.pbap.authcancelled" />
<protected-broadcast android:name="com.android.bluetooth.sap.USER_CONFIRM_TIMEOUT" />
<protected-broadcast android:name="com.android.bluetooth.sap.action.DISCONNECT_ACTION" />
<protected-broadcast android:name="android.hardware.display.action.WIFI_DISPLAY_STATUS_CHANGED" />
<protected-broadcast android:name="android.hardware.usb.action.USB_STATE" />
<protected-broadcast android:name="android.hardware.usb.action.USB_PORT_CHANGED" />
<protected-broadcast android:name="android.hardware.usb.action.USB_PORT_COMPLIANCE_CHANGED" />
<protected-broadcast android:name="android.hardware.usb.action.USB_ACCESSORY_ATTACHED" />
<protected-broadcast android:name="android.hardware.usb.action.USB_ACCESSORY_DETACHED" />
<protected-broadcast android:name="android.hardware.usb.action.USB_ACCESSORY_HANDSHAKE" />
<protected-broadcast android:name="android.hardware.usb.action.USB_DEVICE_ATTACHED" />
<protected-broadcast android:name="android.hardware.usb.action.USB_DEVICE_DETACHED" />
<protected-broadcast android:name="android.intent.action.HEADSET_PLUG" />
<protected-broadcast android:name="android.media.action.HDMI_AUDIO_PLUG" />
<protected-broadcast android:name="android.media.action.MICROPHONE_MUTE_CHANGED" />
<protected-broadcast android:name="android.media.action.SPEAKERPHONE_STATE_CHANGED" />
<protected-broadcast android:name="android.media.AUDIO_BECOMING_NOISY" />
<protected-broadcast android:name="android.media.RINGER_MODE_CHANGED" />
<protected-broadcast android:name="android.media.VIBRATE_SETTING_CHANGED" />
<protected-broadcast android:name="android.media.VOLUME_CHANGED_ACTION" />
<protected-broadcast android:name="android.media.MASTER_VOLUME_CHANGED_ACTION" />
<protected-broadcast android:name="android.media.MASTER_MUTE_CHANGED_ACTION" />
<protected-broadcast android:name="android.media.MASTER_MONO_CHANGED_ACTION" />
<protected-broadcast android:name="android.media.MASTER_BALANCE_CHANGED_ACTION" />
<protected-broadcast android:name="android.media.SCO_AUDIO_STATE_CHANGED" />
<protected-broadcast android:name="android.media.ACTION_SCO_AUDIO_STATE_UPDATED" />
<protected-broadcast android:name="com.android.server.audio.action.CHECK_MUSIC_ACTIVE" />
<protected-broadcast android:name="android.intent.action.MEDIA_REMOVED" />
<protected-broadcast android:name="android.intent.action.MEDIA_UNMOUNTED" />
<protected-broadcast android:name="android.intent.action.MEDIA_CHECKING" />
<protected-broadcast android:name="android.intent.action.MEDIA_NOFS" />
<protected-broadcast android:name="android.intent.action.MEDIA_MOUNTED" />
<protected-broadcast android:name="android.intent.action.MEDIA_SHARED" />
<protected-broadcast android:name="android.intent.action.MEDIA_UNSHARED" />
<protected-broadcast android:name="android.intent.action.MEDIA_BAD_REMOVAL" />
<protected-broadcast android:name="android.intent.action.MEDIA_UNMOUNTABLE" />
<protected-broadcast android:name="android.intent.action.MEDIA_EJECT" />
<protected-broadcast android:name="android.net.conn.CAPTIVE_PORTAL" />
<protected-broadcast android:name="android.net.conn.CONNECTIVITY_CHANGE" />
<!-- @deprecated. Only {@link android.net.ConnectivityManager.CONNECTIVITY_ACTION} is sent. -->
<protected-broadcast android:name="android.net.conn.CONNECTIVITY_CHANGE_IMMEDIATE" />
<protected-broadcast android:name="android.net.conn.DATA_ACTIVITY_CHANGE" />
<protected-broadcast android:name="android.net.conn.RESTRICT_BACKGROUND_CHANGED" />
<protected-broadcast android:name="android.net.conn.BACKGROUND_DATA_SETTING_CHANGED" />
<protected-broadcast android:name="android.net.conn.CAPTIVE_PORTAL_TEST_COMPLETED" />
<protected-broadcast android:name="android.net.nsd.STATE_CHANGED" />
<!-- For OMAPI -->
<protected-broadcast android:name="android.se.omapi.action.SECURE_ELEMENT_STATE_CHANGED" />
<protected-broadcast android:name="android.nfc.action.ADAPTER_STATE_CHANGED" />
<protected-broadcast android:name="android.nfc.action.PREFERRED_PAYMENT_CHANGED" />
<protected-broadcast android:name="android.nfc.action.TRANSACTION_DETECTED" />
<protected-broadcast android:name="android.nfc.action.REQUIRE_UNLOCK_FOR_NFC" />
<protected-broadcast android:name="com.android.nfc.action.LLCP_UP" />
<protected-broadcast android:name="com.android.nfc.action.LLCP_DOWN" />
<protected-broadcast android:name="com.android.nfc.cardemulation.action.CLOSE_TAP_DIALOG" />
<protected-broadcast android:name="com.android.nfc.handover.action.ALLOW_CONNECT" />
<protected-broadcast android:name="com.android.nfc.handover.action.DENY_CONNECT" />
<protected-broadcast android:name="com.android.nfc.handover.action.TIMEOUT_CONNECT" />
<protected-broadcast android:name="com.android.nfc_extras.action.RF_FIELD_ON_DETECTED" />
<protected-broadcast android:name="com.android.nfc_extras.action.RF_FIELD_OFF_DETECTED" />
<protected-broadcast android:name="com.android.nfc_extras.action.AID_SELECTED" />
<!-- For NFC to BT handover -->
<protected-broadcast android:name="android.btopp.intent.action.WHITELIST_DEVICE" />
<protected-broadcast android:name="android.btopp.intent.action.STOP_HANDOVER_TRANSFER" />
<protected-broadcast android:name="android.nfc.handover.intent.action.HANDOVER_SEND" />
<protected-broadcast android:name="android.nfc.handover.intent.action.HANDOVER_SEND_MULTIPLE" />
<protected-broadcast android:name="com.android.nfc.handover.action.CANCEL_HANDOVER_TRANSFER" />
<protected-broadcast android:name="android.net.action.CLEAR_DNS_CACHE" />
<protected-broadcast android:name="android.intent.action.PROXY_CHANGE" />
<protected-broadcast android:name="android.os.UpdateLock.UPDATE_LOCK_CHANGED" />
<protected-broadcast android:name="android.intent.action.DREAMING_STARTED" />
<protected-broadcast android:name="android.intent.action.DREAMING_STOPPED" />
<protected-broadcast android:name="android.intent.action.ANY_DATA_STATE" />
<protected-broadcast android:name="com.android.server.stats.action.TRIGGER_COLLECTION" />
<protected-broadcast android:name="com.android.server.WifiManager.action.START_SCAN" />
<protected-broadcast android:name="com.android.server.WifiManager.action.START_PNO" />
<protected-broadcast android:name="com.android.server.WifiManager.action.DELAYED_DRIVER_STOP" />
<protected-broadcast android:name="com.android.server.WifiManager.action.DEVICE_IDLE" />
<protected-broadcast android:name="com.android.server.action.REMOTE_BUGREPORT_SHARING_ACCEPTED" />
<protected-broadcast android:name="com.android.server.action.REMOTE_BUGREPORT_SHARING_DECLINED" />
<protected-broadcast android:name="com.android.internal.action.EUICC_FACTORY_RESET" />
<protected-broadcast
android:name="com.android.internal.action.EUICC_REMOVE_INVISIBLE_SUBSCRIPTIONS" />
<protected-broadcast android:name="com.android.server.usb.ACTION_OPEN_IN_APPS" />
<protected-broadcast android:name="com.android.server.am.DELETE_DUMPHEAP" />
<protected-broadcast android:name="com.android.server.net.action.SNOOZE_WARNING" />
<protected-broadcast android:name="com.android.server.net.action.SNOOZE_RAPID" />
<protected-broadcast android:name="com.android.server.wifi.ACTION_SHOW_SET_RANDOMIZATION_DETAILS" />
<protected-broadcast android:name="com.android.server.wifi.action.NetworkSuggestion.USER_ALLOWED_APP" />
<protected-broadcast android:name="com.android.server.wifi.action.NetworkSuggestion.USER_DISALLOWED_APP" />
<protected-broadcast android:name="com.android.server.wifi.action.NetworkSuggestion.USER_DISMISSED" />
<protected-broadcast android:name="com.android.server.wifi.action.CarrierNetwork.USER_ALLOWED_CARRIER" />
<protected-broadcast android:name="com.android.server.wifi.action.CarrierNetwork.USER_DISALLOWED_CARRIER" />
<protected-broadcast android:name="com.android.server.wifi.action.CarrierNetwork.USER_DISMISSED" />
<protected-broadcast android:name="com.android.server.wifi.ConnectToNetworkNotification.USER_DISMISSED_NOTIFICATION" />
<protected-broadcast android:name="com.android.server.wifi.ConnectToNetworkNotification.CONNECT_TO_NETWORK" />
<protected-broadcast android:name="com.android.server.wifi.ConnectToNetworkNotification.PICK_WIFI_NETWORK" />
<protected-broadcast android:name="com.android.server.wifi.ConnectToNetworkNotification.PICK_NETWORK_AFTER_FAILURE" />
<protected-broadcast android:name="com.android.server.wifi.wakeup.DISMISS_NOTIFICATION" />
<protected-broadcast android:name="com.android.server.wifi.wakeup.OPEN_WIFI_PREFERENCES" />
<protected-broadcast android:name="com.android.server.wifi.wakeup.OPEN_WIFI_SETTINGS" />
<protected-broadcast android:name="com.android.server.wifi.wakeup.TURN_OFF_WIFI_WAKE" />
<protected-broadcast android:name="android.net.wifi.WIFI_STATE_CHANGED" />
<protected-broadcast android:name="android.net.wifi.WIFI_AP_STATE_CHANGED" />
<protected-broadcast android:name="android.net.wifi.WIFI_CREDENTIAL_CHANGED" />
<protected-broadcast android:name="android.net.wifi.aware.action.WIFI_AWARE_STATE_CHANGED" />
<protected-broadcast android:name="android.net.wifi.aware.action.WIFI_AWARE_RESOURCE_CHANGED" />
<protected-broadcast android:name="android.net.wifi.rtt.action.WIFI_RTT_STATE_CHANGED" />
<protected-broadcast android:name="android.net.wifi.SCAN_RESULTS" />
<protected-broadcast android:name="android.net.wifi.RSSI_CHANGED" />
<protected-broadcast android:name="android.net.wifi.STATE_CHANGE" />
<protected-broadcast android:name="android.net.wifi.LINK_CONFIGURATION_CHANGED" />
<protected-broadcast android:name="android.net.wifi.CONFIGURED_NETWORKS_CHANGE" />
<protected-broadcast android:name="android.net.wifi.action.NETWORK_SETTINGS_RESET" />
<protected-broadcast android:name="android.net.wifi.action.PASSPOINT_DEAUTH_IMMINENT" />
<protected-broadcast android:name="android.net.wifi.action.PASSPOINT_ICON" />
<protected-broadcast android:name="android.net.wifi.action.PASSPOINT_OSU_PROVIDERS_LIST" />
<protected-broadcast android:name="android.net.wifi.action.PASSPOINT_SUBSCRIPTION_REMEDIATION" />
<protected-broadcast android:name="android.net.wifi.action.PASSPOINT_LAUNCH_OSU_VIEW" />
<protected-broadcast android:name="android.net.wifi.action.REFRESH_USER_PROVISIONING" />
<protected-broadcast android:name="android.net.wifi.action.WIFI_NETWORK_SUGGESTION_POST_CONNECTION" />
<protected-broadcast android:name="android.net.wifi.action.WIFI_SCAN_AVAILABILITY_CHANGED" />
<protected-broadcast android:name="android.net.wifi.supplicant.CONNECTION_CHANGE" />
<protected-broadcast android:name="android.net.wifi.supplicant.STATE_CHANGE" />
<protected-broadcast android:name="android.net.wifi.p2p.STATE_CHANGED" />
<protected-broadcast android:name="android.net.wifi.p2p.DISCOVERY_STATE_CHANGE" />
<protected-broadcast android:name="android.net.wifi.p2p.THIS_DEVICE_CHANGED" />
<protected-broadcast android:name="android.net.wifi.p2p.PEERS_CHANGED" />
<protected-broadcast android:name="android.net.wifi.p2p.CONNECTION_STATE_CHANGE" />
<protected-broadcast android:name="android.net.wifi.p2p.action.WIFI_P2P_PERSISTENT_GROUPS_CHANGED" />
<protected-broadcast android:name="android.net.conn.TETHER_STATE_CHANGED" />
<protected-broadcast android:name="android.net.conn.INET_CONDITION_ACTION" />
<!-- This broadcast is no longer sent in S but it should stay protected to avoid third party
apps broadcasting this and confusing old system apps that may not have been updated. -->
<protected-broadcast android:name="android.net.conn.NETWORK_CONDITIONS_MEASURED" />
<protected-broadcast
android:name="android.net.ConnectivityService.action.PKT_CNT_SAMPLE_INTERVAL_ELAPSED" />
<protected-broadcast android:name="android.net.scoring.SCORE_NETWORKS" />
<protected-broadcast android:name="android.net.scoring.SCORER_CHANGED" />
<protected-broadcast android:name="android.intent.action.EXTERNAL_APPLICATIONS_AVAILABLE" />
<protected-broadcast android:name="android.intent.action.EXTERNAL_APPLICATIONS_UNAVAILABLE" />
<protected-broadcast android:name="android.intent.action.AIRPLANE_MODE" />
<protected-broadcast android:name="android.intent.action.ADVANCED_SETTINGS" />
<protected-broadcast android:name="android.intent.action.APPLICATION_RESTRICTIONS_CHANGED" />
<protected-broadcast android:name="com.android.server.adb.WIRELESS_DEBUG_PAIRED_DEVICES" />
<protected-broadcast android:name="com.android.server.adb.WIRELESS_DEBUG_PAIRING_RESULT" />
<protected-broadcast android:name="com.android.server.adb.WIRELESS_DEBUG_STATUS" />
<!-- Legacy -->
<protected-broadcast android:name="android.intent.action.ACTION_IDLE_MAINTENANCE_START" />
<protected-broadcast android:name="android.intent.action.ACTION_IDLE_MAINTENANCE_END" />
<protected-broadcast android:name="com.android.server.ACTION_TRIGGER_IDLE" />
<protected-broadcast android:name="android.intent.action.HDMI_PLUGGED" />
<protected-broadcast android:name="android.intent.action.PHONE_STATE" />
<protected-broadcast android:name="android.intent.action.SUB_DEFAULT_CHANGED" />
<protected-broadcast android:name="android.location.PROVIDERS_CHANGED" />
<protected-broadcast android:name="android.location.MODE_CHANGED" />
<protected-broadcast android:name="android.location.action.GNSS_CAPABILITIES_CHANGED" />
<protected-broadcast android:name="android.net.proxy.PAC_REFRESH" />
<protected-broadcast android:name="android.telecom.action.DEFAULT_DIALER_CHANGED" />
<protected-broadcast android:name="android.provider.action.DEFAULT_SMS_PACKAGE_CHANGED" />
<protected-broadcast android:name="android.provider.action.SMS_MMS_DB_CREATED" />
<protected-broadcast android:name="android.provider.action.SMS_MMS_DB_LOST" />
<protected-broadcast android:name="android.intent.action.CONTENT_CHANGED" />
<protected-broadcast android:name="android.provider.Telephony.MMS_DOWNLOADED" />
<protected-broadcast
android:name="com.android.server.connectivityservice.CONNECTED_TO_PROVISIONING_NETWORK_ACTION" />
<!-- Defined in RestrictionsManager -->
<protected-broadcast android:name="android.content.action.PERMISSION_RESPONSE_RECEIVED" />
<protected-broadcast android:name="android.content.action.REQUEST_PERMISSION" />
<protected-broadcast android:name="android.nfc.handover.intent.action.HANDOVER_STARTED" />
<protected-broadcast android:name="android.nfc.handover.intent.action.TRANSFER_DONE" />
<protected-broadcast android:name="android.nfc.handover.intent.action.TRANSFER_PROGRESS" />
<protected-broadcast android:name="android.nfc.handover.intent.action.TRANSFER_DONE" />
<protected-broadcast android:name="android.intent.action.ACTION_DEFAULT_DATA_SUBSCRIPTION_CHANGED" />
<protected-broadcast android:name="android.intent.action.ACTION_DEFAULT_VOICE_SUBSCRIPTION_CHANGED" />
<protected-broadcast android:name="android.intent.action.ACTION_SET_RADIO_CAPABILITY_DONE" />
<protected-broadcast android:name="android.intent.action.ACTION_SET_RADIO_CAPABILITY_FAILED" />
<protected-broadcast android:name="android.internal.policy.action.BURN_IN_PROTECTION" />
<protected-broadcast android:name="android.app.action.SYSTEM_UPDATE_POLICY_CHANGED" />
<protected-broadcast android:name="android.app.action.RESET_PROTECTION_POLICY_CHANGED" />
<protected-broadcast android:name="android.app.action.DEVICE_OWNER_CHANGED" />
<protected-broadcast android:name="android.app.action.MANAGED_USER_CREATED" />
<!-- Added in N -->
<protected-broadcast android:name="android.intent.action.ANR" />
<protected-broadcast android:name="android.intent.action.CALL" />
<protected-broadcast android:name="android.intent.action.CALL_PRIVILEGED" />
<protected-broadcast android:name="android.intent.action.DROPBOX_ENTRY_ADDED" />
<protected-broadcast android:name="android.intent.action.INPUT_METHOD_CHANGED" />
<protected-broadcast android:name="android.intent.action.internal_sim_state_changed" />
<protected-broadcast android:name="android.intent.action.LOCKED_BOOT_COMPLETED" />
<protected-broadcast android:name="android.intent.action.PRECISE_CALL_STATE" />
<protected-broadcast android:name="android.intent.action.SUBSCRIPTION_PHONE_STATE" />
<protected-broadcast android:name="android.intent.action.USER_INFO_CHANGED" />
<protected-broadcast android:name="android.intent.action.USER_UNLOCKED" />
<protected-broadcast android:name="android.intent.action.WALLPAPER_CHANGED" />
<protected-broadcast android:name="android.app.action.DEVICE_POLICY_MANAGER_STATE_CHANGED" />
<protected-broadcast android:name="android.app.action.CHOOSE_PRIVATE_KEY_ALIAS" />
<protected-broadcast android:name="android.app.action.DEVICE_ADMIN_DISABLED" />
<protected-broadcast android:name="android.app.action.DEVICE_ADMIN_DISABLE_REQUESTED" />
<protected-broadcast android:name="android.app.action.DEVICE_ADMIN_ENABLED" />
<protected-broadcast android:name="android.app.action.LOCK_TASK_ENTERING" />
<protected-broadcast android:name="android.app.action.LOCK_TASK_EXITING" />
<protected-broadcast android:name="android.app.action.NOTIFY_PENDING_SYSTEM_UPDATE" />
<protected-broadcast android:name="android.app.action.ACTION_PASSWORD_CHANGED" />
<protected-broadcast android:name="android.app.action.ACTION_PASSWORD_EXPIRING" />
<protected-broadcast android:name="android.app.action.ACTION_PASSWORD_FAILED" />
<protected-broadcast android:name="android.app.action.ACTION_PASSWORD_SUCCEEDED" />
<protected-broadcast android:name="com.android.server.ACTION_EXPIRED_PASSWORD_NOTIFICATION" />
<protected-broadcast android:name="com.android.server.ACTION_PROFILE_OFF_DEADLINE" />
<protected-broadcast android:name="com.android.server.ACTION_TURN_PROFILE_ON_NOTIFICATION" />
<protected-broadcast android:name="android.intent.action.MANAGED_PROFILE_ADDED" />
<protected-broadcast android:name="android.intent.action.MANAGED_PROFILE_UNLOCKED" />
<protected-broadcast android:name="android.intent.action.MANAGED_PROFILE_REMOVED" />
<protected-broadcast android:name="android.app.action.MANAGED_PROFILE_PROVISIONED" />
<protected-broadcast android:name="android.bluetooth.adapter.action.BLE_STATE_CHANGED" />
<protected-broadcast android:name="com.android.bluetooth.map.USER_CONFIRM_TIMEOUT" />
<protected-broadcast android:name="com.android.bluetooth.BluetoothMapContentObserver.action.MESSAGE_SENT" />
<protected-broadcast android:name="com.android.bluetooth.BluetoothMapContentObserver.action.MESSAGE_DELIVERY" />
<protected-broadcast android:name="android.content.jobscheduler.JOB_DELAY_EXPIRED" />
<protected-broadcast android:name="android.content.syncmanager.SYNC_ALARM" />
<protected-broadcast android:name="android.media.INTERNAL_RINGER_MODE_CHANGED_ACTION" />
<protected-broadcast android:name="android.media.STREAM_DEVICES_CHANGED_ACTION" />
<protected-broadcast android:name="android.media.STREAM_MUTE_CHANGED_ACTION" />
<protected-broadcast android:name="android.net.sip.SIP_SERVICE_UP" />
<protected-broadcast android:name="android.nfc.action.ADAPTER_STATE_CHANGED" />
<protected-broadcast android:name="android.os.action.CHARGING" />
<protected-broadcast android:name="android.os.action.DISCHARGING" />
<protected-broadcast android:name="android.search.action.SEARCHABLES_CHANGED" />
<protected-broadcast android:name="android.security.STORAGE_CHANGED" />
<protected-broadcast android:name="android.security.action.TRUST_STORE_CHANGED" />
<protected-broadcast android:name="android.security.action.KEYCHAIN_CHANGED" />
<protected-broadcast android:name="android.security.action.KEY_ACCESS_CHANGED" />
<protected-broadcast android:name="android.telecom.action.NUISANCE_CALL_STATUS_CHANGED" />
<protected-broadcast android:name="android.telecom.action.PHONE_ACCOUNT_REGISTERED" />
<protected-broadcast android:name="android.telecom.action.PHONE_ACCOUNT_UNREGISTERED" />
<protected-broadcast android:name="android.telecom.action.POST_CALL" />
<protected-broadcast android:name="android.telecom.action.SHOW_MISSED_CALLS_NOTIFICATION" />
<protected-broadcast android:name="android.telephony.action.CARRIER_CONFIG_CHANGED" />
<protected-broadcast android:name="android.telephony.action.DEFAULT_SUBSCRIPTION_CHANGED" />
<protected-broadcast android:name="android.telephony.action.DEFAULT_SMS_SUBSCRIPTION_CHANGED" />
<protected-broadcast android:name="android.telephony.action.SECRET_CODE" />
<protected-broadcast android:name="android.telephony.action.SHOW_VOICEMAIL_NOTIFICATION" />
<protected-broadcast android:name="android.telephony.action.SUBSCRIPTION_PLANS_CHANGED" />
<protected-broadcast android:name="com.android.bluetooth.btservice.action.ALARM_WAKEUP" />
<protected-broadcast android:name="com.android.server.action.NETWORK_STATS_POLL" />
<protected-broadcast android:name="com.android.server.action.NETWORK_STATS_UPDATED" />
<protected-broadcast android:name="com.android.server.timedetector.NetworkTimeUpdateService.action.POLL" />
<protected-broadcast android:name="com.android.server.telecom.intent.action.CALLS_ADD_ENTRY" />
<protected-broadcast android:name="com.android.settings.location.MODE_CHANGING" />
<protected-broadcast android:name="com.android.settings.bluetooth.ACTION_DISMISS_PAIRING" />
<protected-broadcast android:name="com.android.settings.network.DELETE_SUBSCRIPTION" />
<protected-broadcast android:name="com.android.settings.network.SWITCH_TO_SUBSCRIPTION" />
<protected-broadcast android:name="com.android.settings.wifi.action.NETWORK_REQUEST" />
<protected-broadcast android:name="NotificationManagerService.TIMEOUT" />
<protected-broadcast android:name="NotificationHistoryDatabase.CLEANUP" />
<protected-broadcast android:name="ScheduleConditionProvider.EVALUATE" />
<protected-broadcast android:name="EventConditionProvider.EVALUATE" />
<protected-broadcast android:name="SnoozeHelper.EVALUATE" />
<protected-broadcast android:name="wifi_scan_available" />
<protected-broadcast android:name="action.cne.started" />
<protected-broadcast android:name="android.content.jobscheduler.JOB_DEADLINE_EXPIRED" />
<protected-broadcast android:name="android.intent.action.ACTION_UNSOL_RESPONSE_OEM_HOOK_RAW" />
<protected-broadcast android:name="android.net.conn.CONNECTIVITY_CHANGE_SUPL" />
<protected-broadcast android:name="android.os.action.LIGHT_DEVICE_IDLE_MODE_CHANGED" />
<protected-broadcast android:name="android.os.storage.action.VOLUME_STATE_CHANGED" />
<protected-broadcast android:name="android.os.storage.action.DISK_SCANNED" />
<protected-broadcast android:name="com.android.server.action.UPDATE_TWILIGHT_STATE" />
<protected-broadcast android:name="com.android.server.action.RESET_TWILIGHT_AUTO" />
<protected-broadcast android:name="com.android.server.device_idle.STEP_IDLE_STATE" />
<protected-broadcast android:name="com.android.server.device_idle.STEP_LIGHT_IDLE_STATE" />
<protected-broadcast android:name="com.android.server.Wifi.action.TOGGLE_PNO" />
<protected-broadcast android:name="intent.action.ACTION_RF_BAND_INFO" />
<protected-broadcast android:name="android.intent.action.MEDIA_RESOURCE_GRANTED" />
<protected-broadcast android:name="android.app.action.NETWORK_LOGS_AVAILABLE" />
<protected-broadcast android:name="android.app.action.SECURITY_LOGS_AVAILABLE" />
<protected-broadcast android:name="android.app.action.COMPLIANCE_ACKNOWLEDGEMENT_REQUIRED" />
<protected-broadcast android:name="android.app.action.INTERRUPTION_FILTER_CHANGED" />
<protected-broadcast android:name="android.app.action.INTERRUPTION_FILTER_CHANGED_INTERNAL" />
<protected-broadcast android:name="android.app.action.NOTIFICATION_POLICY_CHANGED" />
<protected-broadcast android:name="android.app.action.NOTIFICATION_POLICY_ACCESS_GRANTED_CHANGED" />
<protected-broadcast android:name="android.app.action.AUTOMATIC_ZEN_RULE_STATUS_CHANGED" />
<protected-broadcast android:name="android.os.action.ACTION_EFFECTS_SUPPRESSOR_CHANGED" />
<protected-broadcast android:name="android.app.action.NOTIFICATION_CHANNEL_BLOCK_STATE_CHANGED" />
<protected-broadcast android:name="android.app.action.NOTIFICATION_CHANNEL_GROUP_BLOCK_STATE_CHANGED" />
<protected-broadcast android:name="android.app.action.NOTIFICATION_LISTENER_ENABLED_CHANGED" />
<protected-broadcast android:name="android.app.action.APP_BLOCK_STATE_CHANGED" />
<protected-broadcast android:name="android.permission.GET_APP_GRANTED_URI_PERMISSIONS" />
<protected-broadcast android:name="android.permission.CLEAR_APP_GRANTED_URI_PERMISSIONS" />
<protected-broadcast android:name="android.intent.action.DYNAMIC_SENSOR_CHANGED" />
<protected-broadcast android:name="android.accounts.LOGIN_ACCOUNTS_CHANGED" />
<protected-broadcast android:name="android.accounts.action.ACCOUNT_REMOVED" />
<protected-broadcast android:name="android.accounts.action.VISIBLE_ACCOUNTS_CHANGED" />
<protected-broadcast android:name="com.android.sync.SYNC_CONN_STATUS_CHANGED" />
<protected-broadcast android:name="android.net.sip.action.SIP_INCOMING_CALL" />
<protected-broadcast android:name="com.android.phone.SIP_ADD_PHONE" />
<protected-broadcast android:name="android.net.sip.action.SIP_REMOVE_PROFILE" />
<protected-broadcast android:name="android.net.sip.action.SIP_SERVICE_UP" />
<protected-broadcast android:name="android.net.sip.action.SIP_CALL_OPTION_CHANGED" />
<protected-broadcast android:name="android.net.sip.action.START_SIP" />
<protected-broadcast android:name="android.bluetooth.adapter.action.BLE_ACL_CONNECTED" />
<protected-broadcast android:name="android.bluetooth.adapter.action.BLE_ACL_DISCONNECTED" />
<protected-broadcast android:name="android.bluetooth.input.profile.action.HANDSHAKE" />
<protected-broadcast android:name="android.bluetooth.input.profile.action.REPORT" />
<protected-broadcast android:name="android.intent.action.TWILIGHT_CHANGED" />
<protected-broadcast android:name="com.android.server.fingerprint.ACTION_LOCKOUT_RESET" />
<protected-broadcast android:name="android.net.wifi.PASSPOINT_ICON_RECEIVED" />
<protected-broadcast android:name="com.android.server.notification.CountdownConditionProvider" />
<protected-broadcast android:name="android.server.notification.action.ENABLE_NAS" />
<protected-broadcast android:name="android.server.notification.action.DISABLE_NAS" />
<protected-broadcast android:name="android.server.notification.action.LEARNMORE_NAS" />
<protected-broadcast android:name="com.android.internal.location.ALARM_WAKEUP" />
<protected-broadcast android:name="com.android.internal.location.ALARM_TIMEOUT" />
<protected-broadcast android:name="android.intent.action.GLOBAL_BUTTON" />
<protected-broadcast android:name="android.intent.action.MANAGED_PROFILE_AVAILABLE" />
<protected-broadcast android:name="android.intent.action.MANAGED_PROFILE_UNAVAILABLE" />
<protected-broadcast android:name="com.android.server.pm.DISABLE_QUIET_MODE_AFTER_UNLOCK" />
<protected-broadcast android:name="android.intent.action.PROFILE_ACCESSIBLE" />
<protected-broadcast android:name="android.intent.action.PROFILE_INACCESSIBLE" />
<protected-broadcast android:name="com.android.server.retaildemo.ACTION_RESET_DEMO" />
<protected-broadcast android:name="android.intent.action.DEVICE_LOCKED_CHANGED" />
<protected-broadcast android:name="com.android.content.pm.action.CAN_INTERACT_ACROSS_PROFILES_CHANGED"/>
<!-- Added in O -->
<protected-broadcast android:name="android.app.action.APPLICATION_DELEGATION_SCOPES_CHANGED" />
<protected-broadcast android:name="com.android.server.wm.ACTION_REVOKE_SYSTEM_ALERT_WINDOW_PERMISSION" />
<protected-broadcast android:name="android.media.tv.action.PARENTAL_CONTROLS_ENABLED_CHANGED" />
<protected-broadcast android:name="android.content.pm.action.SESSION_COMMITTED" />
<protected-broadcast android:name="android.os.action.USER_RESTRICTIONS_CHANGED" />
<protected-broadcast android:name="android.media.tv.action.PREVIEW_PROGRAM_ADDED_TO_WATCH_NEXT" />
<protected-broadcast android:name="android.media.tv.action.PREVIEW_PROGRAM_BROWSABLE_DISABLED" />
<protected-broadcast android:name="android.media.tv.action.WATCH_NEXT_PROGRAM_BROWSABLE_DISABLED" />
<protected-broadcast android:name="android.media.tv.action.CHANNEL_BROWSABLE_REQUESTED" />
<!-- Made protected in P (was introduced in JB-MR2) -->
<protected-broadcast android:name="android.intent.action.GET_RESTRICTION_ENTRIES" />
<protected-broadcast android:name="android.telephony.euicc.action.OTA_STATUS_CHANGED" />
<!-- Added in P -->
<protected-broadcast android:name="android.app.action.PROFILE_OWNER_CHANGED" />
<protected-broadcast android:name="android.app.action.TRANSFER_OWNERSHIP_COMPLETE" />
<protected-broadcast android:name="android.app.action.AFFILIATED_PROFILE_TRANSFER_OWNERSHIP_COMPLETE" />
<protected-broadcast android:name="android.app.action.STATSD_STARTED" />
<protected-broadcast android:name="com.android.server.biometrics.fingerprint.ACTION_LOCKOUT_RESET" />
<protected-broadcast android:name="com.android.server.biometrics.face.ACTION_LOCKOUT_RESET" />
<!-- For IdleController -->
<protected-broadcast android:name="android.intent.action.DOCK_IDLE" />
<protected-broadcast android:name="android.intent.action.DOCK_ACTIVE" />
<!-- Added in Q -->
<protected-broadcast android:name="android.content.pm.action.SESSION_UPDATED" />
<protected-broadcast android:name="android.settings.action.GRAYSCALE_CHANGED" />
<!-- For CarIdlenessTracker -->
<protected-broadcast android:name="com.android.server.jobscheduler.GARAGE_MODE_ON" />
<protected-broadcast android:name="com.android.server.jobscheduler.GARAGE_MODE_OFF" />
<protected-broadcast android:name="com.android.server.jobscheduler.FORCE_IDLE" />
<protected-broadcast android:name="com.android.server.jobscheduler.UNFORCE_IDLE" />
<protected-broadcast android:name="android.provider.action.DEFAULT_SMS_PACKAGE_CHANGED_INTERNAL" />
<protected-broadcast android:name="android.intent.action.DEVICE_CUSTOMIZATION_READY" />
<!-- Added in R -->
<protected-broadcast android:name="android.app.action.RESET_PROTECTION_POLICY_CHANGED" />
<!-- For tether entitlement recheck-->
<protected-broadcast
android:name="com.android.server.connectivity.tethering.PROVISIONING_RECHECK_ALARM" />
<!-- Made protected in S (was added in R) -->
<protected-broadcast android:name="com.android.internal.intent.action.BUGREPORT_REQUESTED" />
<!-- Added in S -->
<protected-broadcast android:name="android.scheduling.action.REBOOT_READY" />
<protected-broadcast android:name="android.app.action.DEVICE_POLICY_CONSTANTS_CHANGED" />
<protected-broadcast android:name="android.app.action.SCHEDULE_EXACT_ALARM_PERMISSION_STATE_CHANGED" />
<protected-broadcast android:name="android.app.action.SHOW_NEW_USER_DISCLAIMER" />
<!-- Moved from packages/services/Telephony in T -->
<protected-broadcast android:name="android.telecom.action.CURRENT_TTY_MODE_CHANGED" />
<protected-broadcast android:name="android.intent.action.SERVICE_STATE" />
<protected-broadcast android:name="android.intent.action.RADIO_TECHNOLOGY" />
<protected-broadcast android:name="android.intent.action.EMERGENCY_CALLBACK_MODE_CHANGED" />
<protected-broadcast android:name="android.intent.action.EMERGENCY_CALL_STATE_CHANGED" />
<protected-broadcast android:name="android.intent.action.SIG_STR" />
<protected-broadcast android:name="android.intent.action.ANY_DATA_STATE" />
<protected-broadcast android:name="android.intent.action.DATA_STALL_DETECTED" />
<protected-broadcast android:name="android.intent.action.SIM_STATE_CHANGED" />
<protected-broadcast android:name="android.intent.action.USER_ACTIVITY_NOTIFICATION" />
<protected-broadcast android:name="android.telephony.action.SHOW_NOTICE_ECM_BLOCK_OTHERS" />
<protected-broadcast android:name="android.intent.action.ACTION_MDN_STATE_CHANGED" />
<protected-broadcast android:name="android.telephony.action.SERVICE_PROVIDERS_UPDATED" />
<protected-broadcast android:name="android.provider.Telephony.SIM_FULL" />
<protected-broadcast android:name="com.android.internal.telephony.carrier_key_download_alarm" />
<protected-broadcast android:name="com.android.internal.telephony.data-restart-trysetup" />
<protected-broadcast android:name="com.android.internal.telephony.data-stall" />
<protected-broadcast android:name="com.android.internal.telephony.provisioning_apn_alarm" />
<protected-broadcast android:name="android.intent.action.DATA_SMS_RECEIVED" />
<protected-broadcast android:name="android.provider.Telephony.SMS_RECEIVED" />
<protected-broadcast android:name="android.provider.Telephony.SMS_DELIVER" />
<protected-broadcast android:name="android.provider.Telephony.SMS_REJECTED" />
<protected-broadcast android:name="android.provider.Telephony.WAP_PUSH_DELIVER" />
<protected-broadcast android:name="android.provider.Telephony.WAP_PUSH_RECEIVED" />
<protected-broadcast android:name="android.provider.Telephony.SMS_CB_RECEIVED" />
<protected-broadcast android:name="android.provider.action.SMS_EMERGENCY_CB_RECEIVED" />
<protected-broadcast android:name="android.provider.Telephony.SMS_SERVICE_CATEGORY_PROGRAM_DATA_RECEIVED" />
<protected-broadcast android:name="android.provider.Telephony.SECRET_CODE" />
<protected-broadcast android:name="com.android.internal.stk.command" />
<protected-broadcast android:name="com.android.internal.stk.session_end" />
<protected-broadcast android:name="com.android.internal.stk.icc_status_change" />
<protected-broadcast android:name="com.android.internal.stk.alpha_notify" />
<protected-broadcast android:name="com.android.internal.telephony.CARRIER_SIGNAL_REDIRECTED" />
<protected-broadcast android:name="com.android.internal.telephony.CARRIER_SIGNAL_REQUEST_NETWORK_FAILED" />
<protected-broadcast android:name="com.android.internal.telephony.CARRIER_SIGNAL_PCO_VALUE" />
<protected-broadcast android:name="com.android.internal.telephony.CARRIER_SIGNAL_RESET" />
<protected-broadcast android:name="com.android.internal.telephony.CARRIER_SIGNAL_DEFAULT_NETWORK_AVAILABLE" />
<protected-broadcast android:name="com.android.internal.telephony.PROVISION" />
<protected-broadcast android:name="com.android.internal.telephony.ACTION_LINE1_NUMBER_ERROR_DETECTED" />
<protected-broadcast android:name="com.android.internal.provider.action.VOICEMAIL_SMS_RECEIVED" />
<protected-broadcast android:name="com.android.intent.isim_refresh" />
<protected-broadcast android:name="com.android.ims.ACTION_RCS_SERVICE_AVAILABLE" />
<protected-broadcast android:name="com.android.ims.ACTION_RCS_SERVICE_UNAVAILABLE" />
<protected-broadcast android:name="com.android.ims.ACTION_RCS_SERVICE_DIED" />
<protected-broadcast android:name="com.android.ims.ACTION_PRESENCE_CHANGED" />
<protected-broadcast android:name="com.android.ims.ACTION_PUBLISH_STATUS_CHANGED" />
<protected-broadcast android:name="com.android.ims.IMS_SERVICE_UP" />
<protected-broadcast android:name="com.android.ims.IMS_SERVICE_DOWN" />
<protected-broadcast android:name="com.android.ims.IMS_INCOMING_CALL" />
<protected-broadcast android:name="com.android.ims.internal.uce.UCE_SERVICE_UP" />
<protected-broadcast android:name="com.android.ims.internal.uce.UCE_SERVICE_DOWN" />
<protected-broadcast android:name="com.android.imsconnection.DISCONNECTED" />
<protected-broadcast android:name="com.android.intent.action.IMS_FEATURE_CHANGED" />
<protected-broadcast android:name="com.android.intent.action.IMS_CONFIG_CHANGED" />
<protected-broadcast android:name="android.telephony.ims.action.WFC_IMS_REGISTRATION_ERROR" />
<protected-broadcast android:name="com.android.phone.vvm.omtp.sms.REQUEST_SENT" />
<protected-broadcast android:name="com.android.phone.vvm.ACTION_VISUAL_VOICEMAIL_SERVICE_EVENT" />
<protected-broadcast android:name="com.android.internal.telephony.CARRIER_VVM_PACKAGE_INSTALLED" />
<protected-broadcast android:name="com.android.cellbroadcastreceiver.GET_LATEST_CB_AREA_INFO" />
<protected-broadcast android:name="com.android.internal.telephony.ACTION_CARRIER_CERTIFICATE_DOWNLOAD" />
<protected-broadcast android:name="com.android.internal.telephony.action.COUNTRY_OVERRIDE" />
<protected-broadcast android:name="com.android.internal.telephony.OPEN_DEFAULT_SMS_APP" />
<protected-broadcast android:name="com.android.internal.telephony.ACTION_TEST_OVERRIDE_CARRIER_ID" />
<protected-broadcast android:name="android.telephony.action.SIM_CARD_STATE_CHANGED" />
<protected-broadcast android:name="android.telephony.action.SIM_APPLICATION_STATE_CHANGED" />
<protected-broadcast android:name="android.telephony.action.SIM_SLOT_STATUS_CHANGED" />
<protected-broadcast android:name="android.telephony.action.SUBSCRIPTION_CARRIER_IDENTITY_CHANGED" />
<protected-broadcast android:name="android.telephony.action.SUBSCRIPTION_SPECIFIC_CARRIER_IDENTITY_CHANGED" />
<protected-broadcast android:name="android.telephony.action.TOGGLE_PROVISION" />
<protected-broadcast android:name="android.telephony.action.NETWORK_COUNTRY_CHANGED" />
<protected-broadcast android:name="android.telephony.action.PRIMARY_SUBSCRIPTION_LIST_CHANGED" />
<protected-broadcast android:name="android.telephony.action.MULTI_SIM_CONFIG_CHANGED" />
<protected-broadcast android:name="android.telephony.action.CARRIER_SIGNAL_RESET" />
<protected-broadcast android:name="android.telephony.action.CARRIER_SIGNAL_PCO_VALUE" />
<protected-broadcast android:name="android.telephony.action.CARRIER_SIGNAL_DEFAULT_NETWORK_AVAILABLE" />
<protected-broadcast android:name="android.telephony.action.CARRIER_SIGNAL_REDIRECTED" />
<protected-broadcast android:name="android.telephony.action.CARRIER_SIGNAL_REQUEST_NETWORK_FAILED" />
<protected-broadcast android:name="com.android.phone.settings.CARRIER_PROVISIONING" />
<protected-broadcast android:name="com.android.phone.settings.TRIGGER_CARRIER_PROVISIONING" />
<protected-broadcast android:name="com.android.internal.telephony.ACTION_VOWIFI_ENABLED" />
<protected-broadcast android:name="android.telephony.action.ANOMALY_REPORTED" />
<protected-broadcast android:name="android.intent.action.SUBSCRIPTION_INFO_RECORD_ADDED" />
<protected-broadcast android:name="android.intent.action.ACTION_MANAGED_ROAMING_IND" />
<protected-broadcast android:name="android.telephony.ims.action.RCS_SINGLE_REGISTRATION_CAPABILITY_UPDATE" />
<!-- Added in T -->
<protected-broadcast android:name="android.safetycenter.action.REFRESH_SAFETY_SOURCES" />
<protected-broadcast android:name="android.safetycenter.action.SAFETY_CENTER_ENABLED_CHANGED" />
<protected-broadcast android:name="android.app.action.DEVICE_POLICY_RESOURCE_UPDATED" />
<protected-broadcast android:name="android.intent.action.SHOW_FOREGROUND_SERVICE_MANAGER" />
<protected-broadcast android:name="android.service.autofill.action.DELAYED_FILL" />
<protected-broadcast android:name="android.app.action.PROVISIONING_COMPLETED" />
<protected-broadcast android:name="android.app.action.LOST_MODE_LOCATION_UPDATE" />
<!-- Added in U -->
<protected-broadcast android:name="android.intent.action.PROFILE_ADDED" />
<protected-broadcast android:name="android.intent.action.PROFILE_REMOVED" />
<protected-broadcast android:name="com.android.internal.telephony.cat.SMS_SENT_ACTION" />
<protected-broadcast android:name="com.android.internal.telephony.cat.SMS_DELIVERY_ACTION" />
<protected-broadcast android:name="com.android.internal.telephony.data.ACTION_RETRY" />
<protected-broadcast android:name="android.companion.virtual.action.VIRTUAL_DEVICE_REMOVED" />
<protected-broadcast android:name="com.android.internal.intent.action.FLASH_NOTIFICATION_START_PREVIEW" />
<protected-broadcast android:name="com.android.internal.intent.action.FLASH_NOTIFICATION_STOP_PREVIEW" />
<protected-broadcast android:name="android.app.admin.action.DEVICE_FINANCING_STATE_CHANGED" />
<protected-broadcast android:name="android.app.admin.action.DEVICE_POLICY_SET_RESULT" />
<protected-broadcast android:name="android.app.admin.action.DEVICE_POLICY_CHANGED" />
<!-- Added in V -->
<protected-broadcast android:name="android.intent.action.PROFILE_AVAILABLE" />
<protected-broadcast android:name="android.intent.action.PROFILE_UNAVAILABLE" />
<!-- App lock -->
<protected-broadcast android:name="com.android.server.app.AppLockManagerService.APP_LOCK_TIMEOUT" />
<protected-broadcast android:name="android.app.action.UNLOCK_APP" />
<!-- ====================================================================== -->
<!-- RUNTIME PERMISSIONS -->
<!-- ====================================================================== -->
<eat-comment />
<!-- Grouping for platform runtime permissions is not accessible to apps
@hide
@SystemApi
@TestApi
-->
<permission-group android:name="android.permission-group.UNDEFINED"
android:priority="100" />
<!-- ====================================================================== -->
<!-- Permissions for accessing user's contacts including personal profile -->
<!-- ====================================================================== -->
<eat-comment />
<!-- Used for runtime permissions related to contacts and profiles on this
device. -->
<permission-group android:name="android.permission-group.CONTACTS"
android:icon="@drawable/perm_group_contacts"
android:label="@string/permgrouplab_contacts"
android:description="@string/permgroupdesc_contacts"
android:priority="100" />
<!-- Allows an application to read the user's contacts data.
<p>Protection level: dangerous
-->
<permission android:name="android.permission.READ_CONTACTS"
android:permissionGroup="android.permission-group.UNDEFINED"
android:label="@string/permlab_readContacts"
android:description="@string/permdesc_readContacts"
android:protectionLevel="dangerous" />
<uses-permission android:name="android.permission.READ_CONTACTS" />
<!-- Allows an application to write the user's contacts data.
<p>Protection level: dangerous
-->
<permission android:name="android.permission.WRITE_CONTACTS"
android:permissionGroup="android.permission-group.UNDEFINED"
android:label="@string/permlab_writeContacts"
android:description="@string/permdesc_writeContacts"
android:protectionLevel="dangerous" />
<!-- Allows an application to set default account for new contacts.
<p> This permission is only granted to system applications fulfilling the Contacts app role.
<p>Protection level: internal|role
@SystemApi
@hide
-->
<permission android:name="android.permission.SET_DEFAULT_ACCOUNT_FOR_CONTACTS"
android:protectionLevel="internal|role" />
<!-- ====================================================================== -->
<!-- Permissions for accessing user's calendar -->
<!-- ====================================================================== -->
<eat-comment />
<!-- Used for runtime permissions related to user's calendar. -->
<permission-group android:name="android.permission-group.CALENDAR"
android:icon="@drawable/perm_group_calendar"
android:label="@string/permgrouplab_calendar"
android:description="@string/permgroupdesc_calendar"
android:priority="200" />
<!-- Allows an application to read the user's calendar data.
<p>Protection level: dangerous
-->
<permission android:name="android.permission.READ_CALENDAR"
android:permissionGroup="android.permission-group.UNDEFINED"
android:label="@string/permlab_readCalendar"
android:description="@string/permdesc_readCalendar"
android:protectionLevel="dangerous" />
<!-- Allows an application to write the user's calendar data.
<p>Protection level: dangerous
-->
<permission android:name="android.permission.WRITE_CALENDAR"
android:permissionGroup="android.permission-group.UNDEFINED"
android:label="@string/permlab_writeCalendar"
android:description="@string/permdesc_writeCalendar"
android:protectionLevel="dangerous" />
<!-- ====================================================================== -->
<!-- Permissions for accessing and modifying user's SMS messages -->
<!-- ====================================================================== -->
<eat-comment />
<!-- Allows accessing the messages on ICC
@hide Used internally. -->
<permission android:name="android.permission.ACCESS_MESSAGES_ON_ICC"
android:protectionLevel="signature" />
<!-- Used for runtime permissions related to user's SMS messages. -->
<permission-group android:name="android.permission-group.SMS"
android:icon="@drawable/perm_group_sms"
android:label="@string/permgrouplab_sms"
android:description="@string/permgroupdesc_sms"
android:priority="300" />
<!-- Allows an application to send SMS messages.
<p>Protection level: dangerous
<p> This is a hard restricted permission which cannot be held by an app until
the installer on record allowlists the permission. For more details see
{@link android.content.pm.PackageInstaller.SessionParams#setWhitelistedRestrictedPermissions(Set)}.
-->
<permission android:name="android.permission.SEND_SMS"
android:permissionGroup="android.permission-group.UNDEFINED"
android:label="@string/permlab_sendSms"
android:description="@string/permdesc_sendSms"
android:permissionFlags="costsMoney|hardRestricted"
android:protectionLevel="dangerous" />
<!-- Allows an application to receive SMS messages.
<p>Protection level: dangerous
<p> This is a hard restricted permission which cannot be held by an app until
the installer on record allowlists the permission. For more details see
{@link android.content.pm.PackageInstaller.SessionParams#setWhitelistedRestrictedPermissions(Set)}.
-->
<permission android:name="android.permission.RECEIVE_SMS"
android:permissionGroup="android.permission-group.UNDEFINED"
android:label="@string/permlab_receiveSms"
android:description="@string/permdesc_receiveSms"
android:permissionFlags="hardRestricted"
android:protectionLevel="dangerous" />
<!-- Allows an application to read SMS messages.
<p>Protection level: dangerous
<p> This is a hard restricted permission which cannot be held by an app until
the installer on record allowlists the permission. For more details see
{@link android.content.pm.PackageInstaller.SessionParams#setWhitelistedRestrictedPermissions(Set)}.
-->
<permission android:name="android.permission.READ_SMS"
android:permissionGroup="android.permission-group.UNDEFINED"
android:label="@string/permlab_readSms"
android:description="@string/permdesc_readSms"
android:permissionFlags="hardRestricted"
android:protectionLevel="dangerous" />
<!-- Allows an application to receive WAP push messages.
<p>Protection level: dangerous
<p> This is a hard restricted permission which cannot be held by an app until
the installer on record allowlists the permission. For more details see
{@link android.content.pm.PackageInstaller.SessionParams#setWhitelistedRestrictedPermissions(Set)}.
-->
<permission android:name="android.permission.RECEIVE_WAP_PUSH"
android:permissionGroup="android.permission-group.UNDEFINED"
android:label="@string/permlab_receiveWapPush"
android:description="@string/permdesc_receiveWapPush"
android:permissionFlags="hardRestricted"
android:protectionLevel="dangerous" />
<!-- Allows an application to monitor incoming MMS messages.
<p>Protection level: dangerous
<p> This is a hard restricted permission which cannot be held by an app until
the installer on record allowlists the permission. For more details see
{@link android.content.pm.PackageInstaller.SessionParams#setWhitelistedRestrictedPermissions(Set)}.
-->
<permission android:name="android.permission.RECEIVE_MMS"
android:permissionGroup="android.permission-group.UNDEFINED"
android:label="@string/permlab_receiveMms"
android:description="@string/permdesc_receiveMms"
android:permissionFlags="hardRestricted"
android:protectionLevel="dangerous" />
<!-- @SystemApi @TestApi Allows an application to forward cell broadcast messages to the cell
broadcast module. This is required in order to bind to the cell broadcast service, and
ensures that only the system can forward messages to it.
<p>Protection level: signature
@hide -->
<permission android:name="android.permission.BIND_CELL_BROADCAST_SERVICE"
android:label="@string/permlab_bindCellBroadcastService"
android:description="@string/permdesc_bindCellBroadcastService"
android:protectionLevel="signature" />
<!-- @SystemApi @TestApi Allows an application to read previously received cell broadcast
messages and to register a content observer to get notifications when
a cell broadcast has been received and added to the database. For
emergency alerts, the database is updated immediately after the
alert dialog and notification sound/vibration/speech are presented.
The "read" column is then updated after the user dismisses the alert.
This enables supplementary emergency assistance apps to start loading
additional emergency information (if Internet access is available)
when the alert is first received, and to delay presenting the info
to the user until after the initial alert dialog is dismissed.
<p>Protection level: dangerous
<p> This is a hard restricted permission which cannot be held by an app until
the installer on record allowlists the permission. For more details see
{@link android.content.pm.PackageInstaller.SessionParams#setWhitelistedRestrictedPermissions(Set)}.
@hide Pending API council approval -->
<permission android:name="android.permission.READ_CELL_BROADCASTS"
android:permissionGroup="android.permission-group.UNDEFINED"
android:label="@string/permlab_readCellBroadcasts"
android:description="@string/permdesc_readCellBroadcasts"
android:permissionFlags="hardRestricted"
android:protectionLevel="dangerous" />
<!-- @SystemApi @hide Allows an application to communicate over satellite.
Only granted if the application is a system app or privileged app. -->
<permission android:name="android.permission.SATELLITE_COMMUNICATION"
android:protectionLevel="role|signature|privileged" />
<!-- ====================================================================== -->
<!-- Permissions for accessing external storage -->
<!-- ====================================================================== -->
<eat-comment />
<!-- Used for runtime permissions related to the shared external storage. -->
<permission-group android:name="android.permission-group.STORAGE"
android:icon="@drawable/perm_group_storage"
android:label="@string/permgrouplab_storage"
android:description="@string/permgroupdesc_storage"
android:priority="900" />
<!-- Allows an application to read from external storage.
<p class="note"><strong>Note: </strong>Starting in API level 33, this permission has no
effect. If your app accesses other apps' media files, request one or more of these permissions
instead: <a href="#READ_MEDIA_IMAGES"><code>READ_MEDIA_IMAGES</code></a>,
<a href="#READ_MEDIA_VIDEO"><code>READ_MEDIA_VIDEO</code></a>,
<a href="#READ_MEDIA_AUDIO"><code>READ_MEDIA_AUDIO</code></a>. Learn more about the
<a href="{@docRoot}training/data-storage/shared/media#storage-permission">storage
permissions</a> that are associated with media files.</p>
<p>This permission is enforced starting in API level 19. Before API level 19, this
permission is not enforced and all apps still have access to read from external storage.
You can test your app with the permission enforced by enabling <em>Protect USB
storage</em> under <b>Developer options</b> in the Settings app on a device running Android
4.1 or higher.</p>
<p>Also starting in API level 19, this permission is <em>not</em> required to
read or write files in your application-specific directories returned by
{@link android.content.Context#getExternalFilesDir} and
{@link android.content.Context#getExternalCacheDir}.</p>
<p>Starting in API level 29, apps don't need to request this permission to access files in
their app-specific directory on external storage, or their own files in the
<a href="{@docRoot}reference/android/provider/MediaStore"><code>MediaStore</code></a>. Apps
shouldn't request this permission unless they need to access other apps' files in the
<code>MediaStore</code>. Read more about these changes in the
<a href="{@docRoot}training/data-storage#scoped-storage">scoped storage</a> section of the
developer documentation.</p>
<p>If <em>both</em> your <a
href="{@docRoot}guide/topics/manifest/uses-sdk-element.html#min">{@code
minSdkVersion}</a> and <a
href="{@docRoot}guide/topics/manifest/uses-sdk-element.html#target">{@code
targetSdkVersion}</a> values are set to 3 or lower, the system implicitly
grants your app this permission. If you don't need this permission, be sure your <a
href="{@docRoot}guide/topics/manifest/uses-sdk-element.html#target">{@code
targetSdkVersion}</a> is 4 or higher.</p>
<p> This is a soft restricted permission which cannot be held by an app it its
full form until the installer on record allowlists the permission.
Specifically, if the permission is allowlisted the holder app can access
external storage and the visual and aural media collections while if the
permission is not allowlisted the holder app can only access to the visual
and aural medial collections. Also the permission is immutably restricted
meaning that the allowlist state can be specified only at install time and
cannot change until the app is installed. For more details see
{@link android.content.pm.PackageInstaller.SessionParams#setWhitelistedRestrictedPermissions(Set)}.
<p>Protection level: dangerous -->
<permission android:name="android.permission.READ_EXTERNAL_STORAGE"
android:permissionGroup="android.permission-group.UNDEFINED"
android:label="@string/permlab_sdcardRead"
android:description="@string/permdesc_sdcardRead"
android:permissionFlags="softRestricted|immutablyRestricted"
android:protectionLevel="dangerous" />
<!-- Required to be able to read audio files from shared storage.
<p>Protection level: dangerous -->
<permission-group android:name="android.permission-group.READ_MEDIA_AURAL"
android:icon="@drawable/perm_group_read_media_aural"
android:label="@string/permgrouplab_readMediaAural"
android:description="@string/permgroupdesc_readMediaAural"
android:priority="950" />
<!-- Allows an application to read audio files from external storage.
<p>This permission is enforced starting in API level
{@link android.os.Build.VERSION_CODES#TIRAMISU}. An app which targets
{@link android.os.Build.VERSION_CODES#TIRAMISU} or higher and needs to read audio files from
external storage must hold this permission; {@link #READ_EXTERNAL_STORAGE} is not required.
For apps with a <a href="{@docRoot}guide/topics/manifest/uses-sdk-element.html#target">{@code
targetSdkVersion}</a> of {@link android.os.Build.VERSION_CODES#S_V2} or lower, the
{@link #READ_EXTERNAL_STORAGE} permission is required, instead, to read audio files.
<p>Protection level: dangerous -->
<permission android:name="android.permission.READ_MEDIA_AUDIO"
android:permissionGroup="android.permission-group.UNDEFINED"
android:label="@string/permlab_readMediaAudio"
android:description="@string/permdesc_readMediaAudio"
android:protectionLevel="dangerous" />
<!-- Required to be able to read image and video files from shared storage.
<p>Protection level: dangerous -->
<permission-group android:name="android.permission-group.READ_MEDIA_VISUAL"
android:icon="@drawable/perm_group_read_media_visual"
android:label="@string/permgrouplab_readMediaVisual"
android:description="@string/permgroupdesc_readMediaVisual"
android:priority="1000" />
<!-- Allows an application to read video files from external storage.
<p>This permission is enforced starting in API level
{@link android.os.Build.VERSION_CODES#TIRAMISU}. An app which targets
{@link android.os.Build.VERSION_CODES#TIRAMISU} or higher and needs to read video files from
external storage must hold this permission; {@link #READ_EXTERNAL_STORAGE} is not required.
For apps with a <a href="{@docRoot}guide/topics/manifest/uses-sdk-element.html#target">{@code
targetSdkVersion}</a> of {@link android.os.Build.VERSION_CODES#S_V2} or lower, the
{@link #READ_EXTERNAL_STORAGE} permission is required, instead, to read video files.
<p>Protection level: dangerous -->
<permission android:name="android.permission.READ_MEDIA_VIDEO"
android:permissionGroup="android.permission-group.UNDEFINED"
android:label="@string/permlab_readMediaVideo"
android:description="@string/permdesc_readMediaVideo"
android:protectionLevel="dangerous" />
<!-- Allows an application to read image files from external storage.
<p>This permission is enforced starting in API level
{@link android.os.Build.VERSION_CODES#TIRAMISU}. An app which targets
{@link android.os.Build.VERSION_CODES#TIRAMISU} or higher and needs to read image files from
external storage must hold this permission; {@link #READ_EXTERNAL_STORAGE} is not required.
For apps with a <a href="{@docRoot}guide/topics/manifest/uses-sdk-element.html#target">{@code
targetSdkVersion}</a> of {@link android.os.Build.VERSION_CODES#S_V2} or lower, the
{@link #READ_EXTERNAL_STORAGE} permission is required, instead, to read image files.
<p>Protection level: dangerous -->
<permission android:name="android.permission.READ_MEDIA_IMAGES"
android:permissionGroup="android.permission-group.UNDEFINED"
android:label="@string/permlab_readMediaImages"
android:description="@string/permdesc_readMediaImages"
android:protectionLevel="dangerous" />
<!-- Allows an application to read image or video files from external storage that a user has
selected via the permission prompt photo picker. Apps can check this permission to verify that
a user has decided to use the photo picker, instead of granting access to
{@link #READ_MEDIA_IMAGES} or {@link #READ_MEDIA_VIDEO}. It does not prevent apps from
accessing the standard photo picker manually. This permission should be requested alongside
{@link #READ_MEDIA_IMAGES} and/or {@link #READ_MEDIA_VIDEO}, depending on which type of media
is desired.
<p> This permission will be automatically added to an app's manifest if the app requests
{@link #READ_MEDIA_IMAGES}, {@link #READ_MEDIA_VIDEO}, or {@link #ACCESS_MEDIA_LOCATION}
regardless of target SDK. If an app does not request this permission, then the grant dialog
will return `PERMISSION_GRANTED` for {@link #READ_MEDIA_IMAGES} and/or
{@link #READ_MEDIA_VIDEO}, but the app will only have access to the media selected by the
user. This false grant state will persist until the app goes into the background.
<p>Protection level: dangerous -->
<permission android:name="android.permission.READ_MEDIA_VISUAL_USER_SELECTED"
android:permissionGroup="android.permission-group.UNDEFINED"
android:label="@string/permlab_readVisualUserSelect"
android:description="@string/permdesc_readVisualUserSelect"
android:protectionLevel="dangerous" />
<!-- Allows an application to write to external storage.
<p><strong>Note: </strong>If your app targets {@link android.os.Build.VERSION_CODES#R} or
higher, this permission has no effect.
<p>If your app is on a device that runs API level 19 or higher, you don't need to declare
this permission to read and write files in your application-specific directories returned
by {@link android.content.Context#getExternalFilesDir} and
{@link android.content.Context#getExternalCacheDir}.
<p>Learn more about how to
<a href="{@docRoot}training/data-storage/shared/media#update-other-apps-files">modify media
files</a> that your app doesn't own, and how to
<a href="{@docRoot}training/data-storage/shared/documents-files">modify non-media files</a>
that your app doesn't own.
<p>If your app is a file manager and needs broad access to external storage files, then
the system must place your app on an allowlist so that you can successfully request the
<a href="#MANAGE_EXTERNAL_STORAGE><code>MANAGE_EXTERNAL_STORAGE</code></a> permission.
Learn more about the appropriate use cases for
<a href="{@docRoot}training/data-storage/manage-all-files>managing all files on a storage
device</a>.
<p>If <em>both</em> your <a
href="{@docRoot}guide/topics/manifest/uses-sdk-element.html#min">{@code
minSdkVersion}</a> and <a
href="{@docRoot}guide/topics/manifest/uses-sdk-element.html#target">{@code
targetSdkVersion}</a> values are set to 3 or lower, the system implicitly
grants your app this permission. If you don't need this permission, be sure your <a
href="{@docRoot}guide/topics/manifest/uses-sdk-element.html#target">{@code
targetSdkVersion}</a> is 4 or higher.
<p>Protection level: dangerous</p>
-->
<permission android:name="android.permission.WRITE_EXTERNAL_STORAGE"
android:permissionGroup="android.permission-group.UNDEFINED"
android:label="@string/permlab_sdcardWrite"
android:description="@string/permdesc_sdcardWrite"
android:permissionFlags="softRestricted|immutablyRestricted"
android:protectionLevel="dangerous" />
<!-- Allows an application to access any geographic locations persisted in the
user's shared collection.
<p>Protection level: dangerous -->
<permission android:name="android.permission.ACCESS_MEDIA_LOCATION"
android:permissionGroup="android.permission-group.UNDEFINED"
android:label="@string/permlab_mediaLocation"
android:description="@string/permdesc_mediaLocation"
android:protectionLevel="dangerous" />
<!-- @hide @SystemApi @TestApi
Allows an application to modify OBB files visible to other apps. -->
<permission android:name="android.permission.WRITE_OBB"
android:protectionLevel="signature|privileged" />
<!-- Allows an application a broad access to external storage in scoped storage.
Intended to be used by few apps that need to manage files on behalf of the users.
<p>Protection level: signature|appop|preinstalled -->
<permission android:name="android.permission.MANAGE_EXTERNAL_STORAGE"
android:permissionGroup="android.permission-group.UNDEFINED"
android:protectionLevel="signature|appop|preinstalled" />
<!-- Allows an application to modify and delete media files on this device or any connected
storage device without user confirmation. Applications must already be granted the
{@link #READ_EXTERNAL_STORAGE} or {@link #MANAGE_EXTERNAL_STORAGE}} permissions for this
permission to take effect.
<p>Even if applications are granted this permission, if applications want to modify or
delete media files, they also must get the access by calling
{@link android.provider.MediaStore#createWriteRequest(ContentResolver, Collection)},
{@link android.provider.MediaStore#createDeleteRequest(ContentResolver, Collection)}, or
{@link android.provider.MediaStore#createTrashRequest(ContentResolver, Collection, boolean)}.
<p>This permission doesn't give read or write access directly. It only prevents the user
confirmation dialog for these requests.
<p>If applications are not granted {@link #ACCESS_MEDIA_LOCATION}, the system also pops up
the user confirmation dialog for the write request.
<p>Protection level: signature|appop|preinstalled -->
<permission android:name="android.permission.MANAGE_MEDIA"
android:protectionLevel="signature|appop|preinstalled" />
<!-- ====================================================================== -->
<!-- Permissions for accessing the device location -->
<!-- ====================================================================== -->
<eat-comment />
<!-- Used for permissions that allow accessing the device location. -->
<permission-group android:name="android.permission-group.LOCATION"
android:icon="@drawable/perm_group_location"
android:label="@string/permgrouplab_location"
android:description="@string/permgroupdesc_location"
android:priority="400" />
<!-- Allows an app to access precise location.
Alternatively, you might want {@link #ACCESS_COARSE_LOCATION}.
<p>Protection level: dangerous
-->
<permission android:name="android.permission.ACCESS_FINE_LOCATION"
android:permissionGroup="android.permission-group.UNDEFINED"
android:label="@string/permlab_accessFineLocation"
android:description="@string/permdesc_accessFineLocation"
android:backgroundPermission="android.permission.ACCESS_BACKGROUND_LOCATION"
android:protectionLevel="dangerous|instant" />
<!-- Allows an app to access approximate location.
Alternatively, you might want {@link #ACCESS_FINE_LOCATION}.
<p>Protection level: dangerous
-->
<permission android:name="android.permission.ACCESS_COARSE_LOCATION"
android:permissionGroup="android.permission-group.UNDEFINED"
android:label="@string/permlab_accessCoarseLocation"
android:description="@string/permdesc_accessCoarseLocation"
android:backgroundPermission="android.permission.ACCESS_BACKGROUND_LOCATION"
android:protectionLevel="dangerous|instant" />
<!-- Allows an app to access location in the background. If you're requesting this permission,
you must also request either {@link #ACCESS_COARSE_LOCATION} or
{@link #ACCESS_FINE_LOCATION}. Requesting this permission by itself doesn't give you
location access.
<p>Protection level: dangerous
<p> This is a hard restricted permission which cannot be held by an app until
the installer on record allowlists the permission. For more details see
{@link android.content.pm.PackageInstaller.SessionParams#setWhitelistedRestrictedPermissions(Set)}.
-->
<permission android:name="android.permission.ACCESS_BACKGROUND_LOCATION"
android:permissionGroup="android.permission-group.UNDEFINED"
android:label="@string/permlab_accessBackgroundLocation"
android:permissionFlags="hardRestricted"
android:description="@string/permdesc_accessBackgroundLocation"
android:protectionLevel="dangerous|instant" />
<!-- Allows an application (emergency or advanced driver-assistance app) to bypass
location settings.
<p>Not for use by third-party applications.
@SystemApi
@hide
-->
<permission android:name="android.permission.LOCATION_BYPASS"
android:protectionLevel="signature|privileged"/>
<!-- ====================================================================== -->
<!-- Permissions for accessing the call log -->
<!-- ====================================================================== -->
<eat-comment />
<!-- Used for permissions that are associated telephony features. -->
<permission-group android:name="android.permission-group.CALL_LOG"
android:icon="@drawable/perm_group_call_log"
android:label="@string/permgrouplab_calllog"
android:description="@string/permgroupdesc_calllog"
android:priority="450" />
<!-- Allows an application to access the IMS call service: making and
modifying a call
<p>Protection level: signature|privileged
@hide
-->
<permission android:name="android.permission.ACCESS_IMS_CALL_SERVICE"
android:label="@string/permlab_accessImsCallService"
android:description="@string/permdesc_accessImsCallService"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi @hide Allows an application to perform IMS Single Registration related actions.
Only granted if the application is a system app AND is in the Default SMS Role.
The permission is revoked when the app is taken out of the Default SMS Role.
<p>Protection level: internal|role
-->
<permission android:name="android.permission.PERFORM_IMS_SINGLE_REGISTRATION"
android:protectionLevel="internal|role" />
<!-- Allows an application to read the user's call log.
<p class="note"><strong>Note:</strong> If your app uses the
{@link #READ_CONTACTS} permission and <em>both</em> your <a
href="{@docRoot}guide/topics/manifest/uses-sdk-element.html#min">{@code
minSdkVersion}</a> and <a
href="{@docRoot}guide/topics/manifest/uses-sdk-element.html#target">{@code
targetSdkVersion}</a> values are set to 15 or lower, the system implicitly
grants your app this permission. If you don't need this permission, be sure your <a
href="{@docRoot}guide/topics/manifest/uses-sdk-element.html#target">{@code
targetSdkVersion}</a> is 16 or higher.</p>
<p>Protection level: dangerous
<p> This is a hard restricted permission which cannot be held by an app until
the installer on record allowlists the permission. For more details see
{@link android.content.pm.PackageInstaller.SessionParams#setWhitelistedRestrictedPermissions(Set)}.
-->
<permission android:name="android.permission.READ_CALL_LOG"
android:permissionGroup="android.permission-group.UNDEFINED"
android:label="@string/permlab_readCallLog"
android:description="@string/permdesc_readCallLog"
android:permissionFlags="hardRestricted"
android:protectionLevel="dangerous" />
<!-- Allows an application to write and read the user's call log data.
<p class="note"><strong>Note:</strong> If your app uses the
{@link #WRITE_CONTACTS} permission and <em>both</em> your <a
href="{@docRoot}guide/topics/manifest/uses-sdk-element.html#min">{@code
minSdkVersion}</a> and <a
href="{@docRoot}guide/topics/manifest/uses-sdk-element.html#target">{@code
targetSdkVersion}</a> values are set to 15 or lower, the system implicitly
grants your app this permission. If you don't need this permission, be sure your <a
href="{@docRoot}guide/topics/manifest/uses-sdk-element.html#target">{@code
targetSdkVersion}</a> is 16 or higher.</p>
<p>Protection level: dangerous
<p> This is a hard restricted permission which cannot be held by an app until
the installer on record allowlists the permission. For more details see
{@link android.content.pm.PackageInstaller.SessionParams#setWhitelistedRestrictedPermissions(Set)}.
-->
<permission android:name="android.permission.WRITE_CALL_LOG"
android:permissionGroup="android.permission-group.UNDEFINED"
android:label="@string/permlab_writeCallLog"
android:description="@string/permdesc_writeCallLog"
android:permissionFlags="hardRestricted"
android:protectionLevel="dangerous" />
<!-- Allows an application to see the number being dialed during an outgoing
call with the option to redirect the call to a different number or
abort the call altogether.
<p>Protection level: dangerous
<p> This is a hard restricted permission which cannot be held by an app until
the installer on record allowlists the permission. For more details see
{@link android.content.pm.PackageInstaller.SessionParams#setWhitelistedRestrictedPermissions(Set)}.
@deprecated Applications should use {@link android.telecom.CallRedirectionService} instead
of the {@link android.content.Intent#ACTION_NEW_OUTGOING_CALL} broadcast.
-->
<permission android:name="android.permission.PROCESS_OUTGOING_CALLS"
android:permissionGroup="android.permission-group.UNDEFINED"
android:label="@string/permlab_processOutgoingCalls"
android:description="@string/permdesc_processOutgoingCalls"
android:permissionFlags="hardRestricted"
android:protectionLevel="dangerous" />
<!-- ====================================================================== -->
<!-- Permissions for accessing the device telephony -->
<!-- ====================================================================== -->
<eat-comment />
<!-- Used for permissions that are associated telephony features. -->
<permission-group android:name="android.permission-group.PHONE"
android:icon="@drawable/perm_group_phone_calls"
android:label="@string/permgrouplab_phone"
android:description="@string/permgroupdesc_phone"
android:priority="500" />
<!-- Allows read only access to phone state, including the current cellular network information,
the status of any ongoing calls, and a list of any {@link android.telecom.PhoneAccount}s
registered on the device.
<p class="note"><strong>Note:</strong> If <em>both</em> your <a
href="{@docRoot}guide/topics/manifest/uses-sdk-element.html#min">{@code
minSdkVersion}</a> and <a
href="{@docRoot}guide/topics/manifest/uses-sdk-element.html#target">{@code
targetSdkVersion}</a> values are set to 3 or lower, the system implicitly
grants your app this permission. If you don't need this permission, be sure your <a
href="{@docRoot}guide/topics/manifest/uses-sdk-element.html#target">{@code
targetSdkVersion}</a> is 4 or higher.
<p>Protection level: dangerous
-->
<permission android:name="android.permission.READ_PHONE_STATE"
android:permissionGroup="android.permission-group.UNDEFINED"
android:label="@string/permlab_readPhoneState"
android:description="@string/permdesc_readPhoneState"
android:protectionLevel="dangerous" />
<!-- Allows read only access to phone state with a non dangerous permission,
including the information like cellular network type, software version. -->
<permission android:name="android.permission.READ_BASIC_PHONE_STATE"
android:permissionGroup="android.permission-group.UNDEFINED"
android:label="@string/permlab_readBasicPhoneState"
android:description="@string/permdesc_readBasicPhoneState"
android:protectionLevel="normal" />
<!-- Allows read access to the device's phone number(s). This is a subset of the capabilities
granted by {@link #READ_PHONE_STATE} but is exposed to instant applications.
<p>Protection level: dangerous-->
<permission android:name="android.permission.READ_PHONE_NUMBERS"
android:permissionGroup="android.permission-group.UNDEFINED"
android:label="@string/permlab_readPhoneNumbers"
android:description="@string/permdesc_readPhoneNumbers"
android:protectionLevel="dangerous|instant" />
<!-- Allows an application to initiate a phone call without going through
the Dialer user interface for the user to confirm the call.
<p class="note"><b>Note:</b> An app holding this permission can also call carrier MMI
codes to change settings such as call forwarding or call waiting preferences.</p>
<p>Protection level: dangerous</p>
-->
<permission android:name="android.permission.CALL_PHONE"
android:permissionGroup="android.permission-group.UNDEFINED"
android:permissionFlags="costsMoney"
android:label="@string/permlab_callPhone"
android:description="@string/permdesc_callPhone"
android:protectionLevel="dangerous" />
<!-- Allows an application to add voicemails into the system.
<p>Protection level: dangerous
-->
<permission android:name="com.android.voicemail.permission.ADD_VOICEMAIL"
android:permissionGroup="android.permission-group.UNDEFINED"
android:label="@string/permlab_addVoicemail"
android:description="@string/permdesc_addVoicemail"
android:protectionLevel="dangerous" />
<!-- Allows an application to use SIP service.
<p>Protection level: dangerous
-->
<permission android:name="android.permission.USE_SIP"
android:permissionGroup="android.permission-group.UNDEFINED"
android:description="@string/permdesc_use_sip"
android:label="@string/permlab_use_sip"
android:protectionLevel="dangerous"/>
<!-- Allows the app to answer an incoming phone call.
<p>Protection level: dangerous
-->
<permission android:name="android.permission.ANSWER_PHONE_CALLS"
android:permissionGroup="android.permission-group.UNDEFINED"
android:label="@string/permlab_answerPhoneCalls"
android:description="@string/permdesc_answerPhoneCalls"
android:protectionLevel="dangerous|runtime" />
<!-- Allows a calling application which manages its own calls through the self-managed
{@link android.telecom.ConnectionService} APIs. See
{@link android.telecom.PhoneAccount#CAPABILITY_SELF_MANAGED} for more information on the
self-managed ConnectionService APIs.
<p>Protection level: normal
-->
<permission android:name="android.permission.MANAGE_OWN_CALLS"
android:label="@string/permlab_manageOwnCalls"
android:description="@string/permdesc_manageOwnCalls"
android:protectionLevel="normal" />
<!--Allows an app which implements the
{@link android.telecom.InCallService InCallService} API to be eligible to be enabled as a
calling companion app. This means that the Telecom framework will bind to the app's
InCallService implementation when there are calls active. The app can use the InCallService
API to view information about calls on the system and control these calls.
<p>Protection level: normal
-->
<permission android:name="android.permission.CALL_COMPANION_APP"
android:label="@string/permlab_callCompanionApp"
android:description="@string/permdesc_callCompanionApp"
android:protectionLevel="normal" />
<!-- Exempt this uid from restrictions to background audio recoding
<p>Protection level: signature|privileged
@hide
@SystemApi
-->
<permission android:name="android.permission.EXEMPT_FROM_AUDIO_RECORD_RESTRICTIONS"
android:label="@string/permlab_exemptFromAudioRecordRestrictions"
android:description="@string/permdesc_exemptFromAudioRecordRestrictions"
android:protectionLevel="signature|privileged|role" />
<!-- Allows a calling app to continue a call which was started in another app. An example is a
video calling app that wants to continue a voice call on the user's mobile network.<p>
When the handover of a call from one app to another takes place, there are two devices
which are involved in the handover; the initiating and receiving devices. The initiating
device is where the request to handover the call was started, and the receiving device is
where the handover request is confirmed by the other party.<p>
This permission protects access to the
{@link android.telecom.TelecomManager#acceptHandover(Uri, int, PhoneAccountHandle)} which
the receiving side of the handover uses to accept a handover.
<p>Protection level: dangerous
-->
<permission android:name="android.permission.ACCEPT_HANDOVER"
android:permissionGroup="android.permission-group.UNDEFINED"
android.label="@string/permlab_acceptHandover"
android:description="@string/permdesc_acceptHandovers"
android:protectionLevel="dangerous" />
<!-- ====================================================================== -->
<!-- Permissions for accessing the device microphone -->
<!-- ====================================================================== -->
<eat-comment />
<!-- Used for permissions that are associated with accessing
microphone audio from the device. Note that phone calls also capture audio
but are in a separate (more visible) permission group. -->
<permission-group android:name="android.permission-group.MICROPHONE"
android:icon="@drawable/perm_group_microphone"
android:label="@string/permgrouplab_microphone"
android:description="@string/permgroupdesc_microphone"
android:priority="600" />
<!-- Allows an application to record audio.
<p>Protection level: dangerous
-->
<permission android:name="android.permission.RECORD_AUDIO"
android:permissionGroup="android.permission-group.UNDEFINED"
android:label="@string/permlab_recordAudio"
android:description="@string/permdesc_recordAudio"
android:backgroundPermission="android.permission.RECORD_BACKGROUND_AUDIO"
android:protectionLevel="dangerous|instant" />
<!-- @SystemApi @TestApi Allows an application to record audio while in the background.
This permission is not intended to be held by apps.
<p>Protection level: internal
@hide -->
<permission android:name="android.permission.RECORD_BACKGROUND_AUDIO"
android:permissionGroup="android.permission-group.UNDEFINED"
android:label="@string/permlab_recordBackgroundAudio"
android:description="@string/permdesc_recordBackgroundAudio"
android:protectionLevel="internal|role" />
<!-- ====================================================================== -->
<!-- Permissions for activity recognition -->
<!-- ====================================================================== -->
<eat-comment />
<!-- Used for permissions that are associated with activity recognition. -->
<permission-group android:name="android.permission-group.ACTIVITY_RECOGNITION"
android:icon="@drawable/perm_group_activity_recognition"
android:label="@string/permgrouplab_activityRecognition"
android:description="@string/permgroupdesc_activityRecognition"
android:priority="1000" />
<!-- Allows an application to recognize physical activity.
<p>Protection level: dangerous
-->
<permission android:name="android.permission.ACTIVITY_RECOGNITION"
android:permissionGroup="android.permission-group.UNDEFINED"
android:label="@string/permlab_activityRecognition"
android:description="@string/permdesc_activityRecognition"
android:protectionLevel="dangerous|instant" />
<!-- ====================================================================== -->
<!-- Permissions for accessing the vendor UCE Service -->
<!-- ====================================================================== -->
<!-- @hide Allows an application to Access UCE-Presence.
<p>Protection level: signature|privileged
@deprecated Framework should no longer use this permission to access the vendor UCE service
using AIDL, it is instead implemented by RcsCapabilityExchangeImplBase
-->
<permission android:name="android.permission.ACCESS_UCE_PRESENCE_SERVICE"
android:permissionGroup="android.permission-group.PHONE"
android:protectionLevel="signature|privileged"/>
<!-- @hide Allows an application to Access UCE-OPTIONS.
<p>Protection level: signature|privileged
@deprecated Framework should no longer use this permission to access the vendor UCE service
using AIDL, it is instead implemented by RcsCapabilityExchangeImplBase
-->
<permission android:name="android.permission.ACCESS_UCE_OPTIONS_SERVICE"
android:permissionGroup="android.permission-group.PHONE"
android:protectionLevel="signature|privileged"/>
<!-- ====================================================================== -->
<!-- Permissions for accessing the device camera -->
<!-- ====================================================================== -->
<eat-comment />
<!-- Used for permissions that are associated with accessing
camera or capturing images/video from the device. -->
<permission-group android:name="android.permission-group.CAMERA"
android:icon="@drawable/perm_group_camera"
android:label="@string/permgrouplab_camera"
android:description="@string/permgroupdesc_camera"
android:priority="700" />
<!-- Required to be able to access the camera device.
<p>This will automatically enforce the
<a href="{@docRoot}guide/topics/manifest/uses-feature-element.html">
uses-feature</a> manifest element for <em>all</em> camera features.
If you do not require all camera features or can properly operate if a camera
is not available, then you must modify your manifest as appropriate in order to
install on devices that don't support all camera features.</p>
<p>Protection level: dangerous
-->
<permission android:name="android.permission.CAMERA"
android:permissionGroup="android.permission-group.UNDEFINED"
android:label="@string/permlab_camera"
android:description="@string/permdesc_camera"
android:backgroundPermission="android.permission.BACKGROUND_CAMERA"
android:protectionLevel="dangerous|instant" />
<!-- Required to be able to discover and connect to nearby Bluetooth devices.
<p>Protection level: dangerous -->
<permission-group android:name="android.permission-group.NEARBY_DEVICES"
android:icon="@drawable/perm_group_nearby_devices"
android:label="@string/permgrouplab_nearby_devices"
android:description="@string/permgroupdesc_nearby_devices"
android:priority="750" />
<!-- @SystemApi @TestApi Required to be able to access the camera device in the background.
This permission is not intended to be held by apps.
<p>Protection level: internal
@hide -->
<permission android:name="android.permission.BACKGROUND_CAMERA"
android:permissionGroup="android.permission-group.UNDEFINED"
android:label="@string/permlab_backgroundCamera"
android:description="@string/permdesc_backgroundCamera"
android:protectionLevel="internal|role" />
<!-- @SystemApi Required in addition to android.permission.CAMERA to be able to access
system only camera devices.
<p>Protection level: system|signature|role
@hide -->
<permission android:name="android.permission.SYSTEM_CAMERA"
android:permissionGroup="android.permission-group.UNDEFINED"
android:label="@string/permlab_systemCamera"
android:description="@string/permdesc_systemCamera"
android:protectionLevel="system|signature|role" />
<!-- @SystemApi Allows receiving the camera service notifications when a camera is opened
(by a certain application package) or closed.
@hide -->
<permission android:name="android.permission.CAMERA_OPEN_CLOSE_LISTENER"
android:permissionGroup="android.permission-group.UNDEFINED"
android:label="@string/permlab_cameraOpenCloseListener"
android:description="@string/permdesc_cameraOpenCloseListener"
android:protectionLevel="signature" />
<!-- @SystemApi Allows camera access by Headless System User 0 when device is running in
HSUM Mode.
@hide -->
<permission android:name="android.permission.CAMERA_HEADLESS_SYSTEM_USER"
android:permissionGroup="android.permission-group.UNDEFINED"
android:label="@string/permlab_cameraHeadlessSystemUser"
android:description="@string/permdesc_cameraHeadlessSystemUser"
android:protectionLevel="signature" />
<!-- ====================================================================== -->
<!-- Permissions for accessing the device sensors -->
<!-- ====================================================================== -->
<eat-comment />
<!-- Used for permissions that are associated with accessing
body or environmental sensors. -->
<permission-group android:name="android.permission-group.SENSORS"
android:icon="@drawable/perm_group_sensors"
android:label="@string/permgrouplab_sensors"
android:description="@string/permgroupdesc_sensors"
android:priority="800" />
<!-- Allows an app to access sensor data with a sampling rate greater than 200 Hz.
<p>Protection level: normal
-->
<permission android:name="android.permission.HIGH_SAMPLING_RATE_SENSORS"
android:permissionGroup="android.permission-group.SENSORS"
android:label="@string/permlab_highSamplingRateSensors"
android:description="@string/permdesc_highSamplingRateSensors"
android:protectionLevel="normal" />
<!-- Allows an application to access data from sensors that the user uses to
measure what is happening inside their body, such as heart rate.
<p>Protection level: dangerous -->
<permission android:name="android.permission.BODY_SENSORS"
android:permissionGroup="android.permission-group.UNDEFINED"
android:label="@string/permlab_bodySensors"
android:description="@string/permdesc_bodySensors"
android:backgroundPermission="android.permission.BODY_SENSORS_BACKGROUND"
android:protectionLevel="dangerous" />
<!-- Allows an application to access data from sensors that the user uses to measure what is
happening inside their body, such as heart rate. If you're requesting this permission, you
must also request {@link #BODY_SENSORS}. Requesting this permission by itself doesn't give
you Body sensors access.
<p>Protection level: dangerous
<p> This is a hard restricted permission which cannot be held by an app until
the installer on record allowlists the permission. For more details see
{@link android.content.pm.PackageInstaller.SessionParams#setWhitelistedRestrictedPermissions(Set)}.
-->
<permission android:name="android.permission.BODY_SENSORS_BACKGROUND"
android:permissionGroup="android.permission-group.UNDEFINED"
android:label="@string/permlab_bodySensors_background"
android:description="@string/permdesc_bodySensors_background"
android:protectionLevel="dangerous"
android:permissionFlags="hardRestricted" />
<!-- Allows an app to use fingerprint hardware.
<p>Protection level: normal
@deprecated Applications should request {@link
android.Manifest.permission#USE_BIOMETRIC} instead
-->
<permission android:name="android.permission.USE_FINGERPRINT"
android:permissionGroup="android.permission-group.SENSORS"
android:label="@string/permlab_useFingerprint"
android:description="@string/permdesc_useFingerprint"
android:protectionLevel="normal" />
<!-- Allows an app to use device supported biometric modalities.
<p>Protection level: normal
-->
<permission android:name="android.permission.USE_BIOMETRIC"
android:permissionGroup="android.permission-group.SENSORS"
android:label="@string/permlab_useBiometric"
android:description="@string/permdesc_useBiometric"
android:protectionLevel="normal" />
<!-- ====================================================================== -->
<!-- Permissions for posting notifications -->
<!-- ====================================================================== -->
<eat-comment />
<!-- Used for permissions that are associated with posting notifications
-->
<permission-group android:name="android.permission-group.NOTIFICATIONS"
android:icon="@drawable/ic_notifications_alerted"
android:label="@string/permgrouplab_notifications"
android:description="@string/permgroupdesc_notifications"
android:priority="850" />
<!-- Allows an app to post notifications
<p>Protection level: dangerous
-->
<permission android:name="android.permission.POST_NOTIFICATIONS"
android:permissionGroup="android.permission-group.UNDEFINED"
android:label="@string/permlab_postNotification"
android:description="@string/permdesc_postNotification"
android:protectionLevel="dangerous|instant" />
<uses-permission android:name="android.permission.POST_NOTIFICATIONS" />
<!-- ====================================================================== -->
<!-- REMOVED PERMISSIONS -->
<!-- ====================================================================== -->
<!-- @hide We need to keep this around for backwards compatibility -->
<permission android:name="android.permission.READ_PROFILE"
android:protectionLevel="normal"
android:permissionFlags="removed"/>
<!-- @hide We need to keep this around for backwards compatibility -->
<permission android:name="android.permission.WRITE_PROFILE"
android:protectionLevel="normal"
android:permissionFlags="removed"/>
<!-- @hide We need to keep this around for backwards compatibility -->
<permission android:name="android.permission.READ_SOCIAL_STREAM"
android:protectionLevel="normal"
android:permissionFlags="removed"/>
<!-- @hide We need to keep this around for backwards compatibility -->
<permission android:name="android.permission.WRITE_SOCIAL_STREAM"
android:protectionLevel="normal"
android:permissionFlags="removed"/>
<!-- @hide We need to keep this around for backwards compatibility -->
<permission android:name="android.permission.READ_USER_DICTIONARY"
android:protectionLevel="normal"
android:permissionFlags="removed"/>
<!-- @hide We need to keep this around for backwards compatibility -->
<permission android:name="android.permission.WRITE_USER_DICTIONARY"
android:protectionLevel="normal"
android:permissionFlags="removed"/>
<!-- @SystemApi @hide We need to keep this around for backwards compatibility -->
<permission android:name="android.permission.WRITE_SMS"
android:protectionLevel="normal"
android:permissionFlags="removed"/>
<!-- @hide We need to keep this around for backwards compatibility -->
<permission android:name="com.android.browser.permission.READ_HISTORY_BOOKMARKS"
android:protectionLevel="normal"
android:permissionFlags="removed"/>
<!-- @hide We need to keep this around for backwards compatibility -->
<permission android:name="com.android.browser.permission.WRITE_HISTORY_BOOKMARKS"
android:protectionLevel="normal"
android:permissionFlags="removed"/>
<!-- @hide We need to keep this around for backwards compatibility -->
<permission android:name="android.permission.AUTHENTICATE_ACCOUNTS"
android:protectionLevel="normal"
android:permissionFlags="removed"/>
<!-- @hide We need to keep this around for backwards compatibility -->
<permission android:name="android.permission.MANAGE_ACCOUNTS"
android:protectionLevel="normal"
android:permissionFlags="removed"/>
<!-- @hide We need to keep this around for backwards compatibility -->
<permission android:name="android.permission.USE_CREDENTIALS"
android:protectionLevel="normal"
android:permissionFlags="removed"/>
<!-- @hide We need to keep this around for backwards compatibility -->
<permission android:name="android.permission.SUBSCRIBED_FEEDS_READ"
android:protectionLevel="normal"
android:permissionFlags="removed"/>
<!-- @hide We need to keep this around for backwards compatibility -->
<permission android:name="android.permission.SUBSCRIBED_FEEDS_WRITE"
android:protectionLevel="normal"
android:permissionFlags="removed"/>
<!-- @hide We need to keep this around for backwards compatibility -->
<permission android:name="android.permission.FLASHLIGHT"
android:protectionLevel="normal"
android:permissionFlags="removed"/>
<!-- ====================================================================== -->
<!-- INSTALL PERMISSIONS -->
<!-- ====================================================================== -->
<!-- ================================== -->
<!-- Permissions for accessing messages -->
<!-- ================================== -->
<eat-comment />
<!-- Allows an application (Phone) to send a request to other applications
to handle the respond-via-message action during incoming calls.
<p>Not for use by third-party applications. -->
<permission android:name="android.permission.SEND_RESPOND_VIA_MESSAGE"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi Allows an application to send SMS to premium shortcodes without user permission.
<p>Not for use by third-party applications.
@hide -->
<permission android:name="android.permission.SEND_SMS_NO_CONFIRMATION"
android:protectionLevel="signature|privileged" />
<!-- Allows an application to filter carrier specific sms.
@hide -->
<permission android:name="android.permission.CARRIER_FILTER_SMS"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi Allows an application to receive emergency cell broadcast messages,
to record or display them to the user.
<p>Not for use by third-party applications.
@hide -->
<permission android:name="android.permission.RECEIVE_EMERGENCY_BROADCAST"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi Allows an application to monitor incoming Bluetooth MAP messages, to record
or perform processing on them. -->
<!-- @hide -->
<permission android:name="android.permission.RECEIVE_BLUETOOTH_MAP"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi @hide Allows an application to execute contacts directory search.
This should only be used by ContactsProvider.
<p>Not for use by third-party applications. -->
<permission android:name="android.permission.BIND_DIRECTORY_SEARCH"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi @hide Allows an application to modify the cell broadcasts configuration
(i.e. enable or disable channels).
<p>Not for use by third-party applications. -->
<permission android:name="android.permission.MODIFY_CELL_BROADCASTS"
android:protectionLevel="signature|privileged" />
<!-- =============================================================== -->
<!-- Permissions for setting the device alarm -->
<!-- =============================================================== -->
<eat-comment />
<!-- Allows an application to broadcast an Intent to set an alarm for the user.
<p>Protection level: normal
-->
<permission android:name="com.android.alarm.permission.SET_ALARM"
android:label="@string/permlab_setAlarm"
android:description="@string/permdesc_setAlarm"
android:protectionLevel="normal" />
<!-- =============================================================== -->
<!-- Permissions for accessing the user voicemail -->
<!-- =============================================================== -->
<eat-comment />
<!-- Allows an application to modify and remove existing voicemails in the system.
<p>Protection level: signature|privileged|role
-->
<permission android:name="com.android.voicemail.permission.WRITE_VOICEMAIL"
android:protectionLevel="signature|privileged|role" />
<!-- Allows an application to read voicemails in the system.
<p>Protection level: signature|privileged|role
-->
<permission android:name="com.android.voicemail.permission.READ_VOICEMAIL"
android:protectionLevel="signature|privileged|role" />
<!-- ======================================= -->
<!-- Permissions for accessing location info -->
<!-- ======================================= -->
<eat-comment />
<!-- Allows an application to access extra location provider commands.
<p>Protection level: normal
-->
<permission android:name="android.permission.ACCESS_LOCATION_EXTRA_COMMANDS"
android:label="@string/permlab_accessLocationExtraCommands"
android:description="@string/permdesc_accessLocationExtraCommands"
android:protectionLevel="normal" />
<!-- Allows an application to install a location provider into the Location Manager.
<p>Not for use by third-party applications. -->
<permission android:name="android.permission.INSTALL_LOCATION_PROVIDER"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi @hide Allows an application to provide location-based time zone suggestions to
the system server. This is needed because the system server discovers time zone providers
by exposed intent actions and metadata, without it any app could potentially register
itself as time zone provider. The system server checks for this permission.
<p>Not for use by third-party applications.
-->
<permission android:name="android.permission.INSTALL_LOCATION_TIME_ZONE_PROVIDER_SERVICE"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi @hide Allows an application to bind to a android.service.TimeZoneProviderService
for the purpose of detecting the device's time zone. This prevents arbitrary clients
connecting to the time zone provider service. The system server checks that the provider's
intent service explicitly sets this permission via the android:permission attribute of the
service.
This is only expected to be possessed by the system server outside of tests.
<p>Not for use by third-party applications.
-->
<permission android:name="android.permission.BIND_TIME_ZONE_PROVIDER_SERVICE"
android:protectionLevel="signature" />
<!-- @SystemApi @hide Allows HDMI-CEC service to access device and configuration files.
This should only be used by HDMI-CEC service.
-->
<permission android:name="android.permission.HDMI_CEC"
android:protectionLevel="signature|privileged|vendorPrivileged" />
<!-- Allows an application to use location features in hardware,
such as the geofencing api.
<p>Not for use by third-party applications. -->
<permission android:name="android.permission.LOCATION_HARDWARE"
android:protectionLevel="signature|privileged|role" />
<uses-permission android:name="android.permission.LOCATION_HARDWARE"/>
<!-- @SystemApi Allows an application to use the Context Hub.
<p>Not for use by third-party applications.
@hide
-->
<permission android:name="android.permission.ACCESS_CONTEXT_HUB"
android:protectionLevel="signature|privileged" />
<uses-permission android:name="android.permission.ACCESS_CONTEXT_HUB"/>
<!-- @SystemApi Allows an application to create mock location providers for testing.
<p>Protection level: signature
@hide
-->
<permission android:name="android.permission.ACCESS_MOCK_LOCATION"
android:protectionLevel="signature" />
<!-- @hide @SystemApi(client=android.annotation.SystemApi.Client.MODULE_LIBRARIES)
Allows automotive applications to control location
suspend state for power management use cases.
<p>Not for use by third-party applications.
-->
<permission android:name="android.permission.CONTROL_AUTOMOTIVE_GNSS"
android:protectionLevel="signature|privileged" />
<!-- ======================================= -->
<!-- Permissions for accessing networks -->
<!-- ======================================= -->
<eat-comment />
<!-- Allows applications to open network sockets.
<p>Protection level: normal
-->
<permission android:name="android.permission.INTERNET"
android:description="@string/permdesc_createNetworkSockets"
android:label="@string/permlab_createNetworkSockets"
android:protectionLevel="normal|instant" />
<!-- Allows applications to access information about networks.
<p>Protection level: normal
-->
<permission android:name="android.permission.ACCESS_NETWORK_STATE"
android:description="@string/permdesc_accessNetworkState"
android:label="@string/permlab_accessNetworkState"
android:protectionLevel="normal|instant" />
<!-- Allows applications to access information about Wi-Fi networks.
<p>Protection level: normal
-->
<permission android:name="android.permission.ACCESS_WIFI_STATE"
android:description="@string/permdesc_accessWifiState"
android:label="@string/permlab_accessWifiState"
android:protectionLevel="normal" />
<!-- Allows applications to change Wi-Fi connectivity state.
<p>Protection level: normal
-->
<permission android:name="android.permission.CHANGE_WIFI_STATE"
android:description="@string/permdesc_changeWifiState"
android:label="@string/permlab_changeWifiState"
android:protectionLevel="normal" />
<!-- This permission is used to let OEMs grant their trusted app access to a subset of
privileged wifi APIs to improve wifi performance. Allows applications to manage
Wi-Fi network selection related features such as enable or disable global auto-join,
modify connectivity scan intervals, and approve Wi-Fi Direct connections.
<p>Not for use by third-party applications. -->
<permission android:name="android.permission.MANAGE_WIFI_NETWORK_SELECTION"
android:protectionLevel="signature|privileged|knownSigner"
android:knownCerts="@array/wifi_known_signers" />
<!-- Allows applications to get notified when a Wi-Fi interface request cannot
be satisfied without tearing down one or more other interfaces, and provide a decision
whether to approve the request or reject it.
<p>Not for use by third-party applications. -->
<permission android:name="android.permission.MANAGE_WIFI_INTERFACES"
android:protectionLevel="signature|privileged|knownSigner"
android:knownCerts="@array/wifi_known_signers" />
<!-- @SystemApi @hide Allows apps to create and manage IPsec tunnels.
<p>Only granted to applications that are currently bound by the
system for creating and managing IPsec-based interfaces.
-->
<permission android:name="android.permission.MANAGE_IPSEC_TUNNELS"
android:protectionLevel="signature|appop" />
<!-- @SystemApi @hide Allows apps to create and manage Test Networks.
<p>Granted only to shell. CTS tests will use
UiAutomation.AdoptShellPermissionIdentity() to gain access.
-->
<permission android:name="android.permission.MANAGE_TEST_NETWORKS"
android:protectionLevel="signature" />
<!-- Allows direct access to the <RemoteAuth>Service interfaces.
@hide -->
<permission android:name="android.permission.MANAGE_REMOTE_AUTH"
android:protectionLevel="signature" />
<!-- Allows direct access to the <RemoteAuth>Service authentication methods.
@hide -->
<permission android:name="android.permission.USE_REMOTE_AUTH"
android:protectionLevel="signature" />
<!-- @SystemApi @hide Allows applications to read Wi-Fi credential.
<p>Not for use by third-party applications. -->
<permission android:name="android.permission.READ_WIFI_CREDENTIAL"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi @hide Allows applications to change tether state and run
tether carrier provisioning.
<p>Not for use by third-party applications. -->
<permission android:name="android.permission.TETHER_PRIVILEGED"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi @hide Allow system apps to receive broadcast
when a wifi network credential is changed.
<p>Not for use by third-party applications. -->
<permission android:name="android.permission.RECEIVE_WIFI_CREDENTIAL_CHANGE"
android:protectionLevel="signature|privileged" />
<!-- Allows an application to modify any wifi configuration, even if created
by another application. Once reconfigured the original creator cannot make any further
modifications.
<p>Not for use by third-party applications. -->
<permission android:name="android.permission.OVERRIDE_WIFI_CONFIG"
android:protectionLevel="signature|privileged|knownSigner"
android:knownCerts="@array/wifi_known_signers" />
<!-- @deprecated Allows applications to act as network scorers. @hide @SystemApi-->
<permission android:name="android.permission.SCORE_NETWORKS"
android:protectionLevel="signature|privileged" />
<!-- @deprecated Allows applications to request network
recommendations and scores from the NetworkScoreService.
@SystemApi
<p>Not for use by third-party applications. @hide -->
<permission android:name="android.permission.REQUEST_NETWORK_SCORES"
android:protectionLevel="signature|setup" />
<!-- Allows applications to restart the Wi-Fi subsystem.
@SystemApi
<p>Not for use by third-party applications. @hide -->
<permission android:name="android.permission.RESTART_WIFI_SUBSYSTEM"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi @hide Allows applications to toggle airplane mode.
<p>Not for use by third-party or privileged applications.
-->
<permission android:name="android.permission.NETWORK_AIRPLANE_MODE"
android:protectionLevel="signature" />
<!-- Allows network stack services (Connectivity and Wifi) to coordinate
<p>Not for use by third-party or privileged applications.
@SystemApi @TestApi
@hide This should only be used by Connectivity and Wifi Services.
-->
<permission android:name="android.permission.NETWORK_STACK"
android:protectionLevel="signature" />
<!-- @SystemApi @hide Allows an application to observe network policy changes. -->
<permission android:name="android.permission.OBSERVE_NETWORK_POLICY"
android:protectionLevel="signature" />
<!-- @SystemApi @hide Allows applications to register network factory or agent -->
<permission android:name="android.permission.NETWORK_FACTORY"
android:protectionLevel="signature|role" />
<!-- @SystemApi @hide Allows applications to access network stats provider -->
<permission android:name="android.permission.NETWORK_STATS_PROVIDER"
android:protectionLevel="signature" />
<!-- Allows Settings and SystemUI to call methods in Networking services
<p>Not for use by third-party or privileged applications.
@SystemApi @TestApi
@hide This should only be used by Settings and SystemUI.
-->
<permission android:name="android.permission.NETWORK_SETTINGS"
android:protectionLevel="signature" />
<!-- Allows holder to request bluetooth/wifi scan bypassing global "use location" setting and
location permissions.
<p>Not for use by third-party or privileged applications.
@SystemApi
@hide
-->
<permission android:name="android.permission.RADIO_SCAN_WITHOUT_LOCATION"
android:protectionLevel="signature|companion" />
<!-- Allows SetupWizard to call methods in Networking services
<p>Not for use by any other third-party or privileged applications.
@SystemApi
@hide This should only be used by SetupWizard.
-->
<permission android:name="android.permission.NETWORK_SETUP_WIZARD"
android:protectionLevel="signature|setup" />
<!-- Allows Managed Provisioning to call methods in Networking services
<p>Not for use by any other third-party or privileged applications.
@SystemApi
@hide This should only be used by ManagedProvisioning app.
-->
<permission android:name="android.permission.NETWORK_MANAGED_PROVISIONING"
android:protectionLevel="signature|role" />
<!-- Allows Carrier Provisioning to call methods in Networking services
<p>Not for use by any other third-party or privileged applications.
@SystemApi
@hide This should only be used by CarrierProvisioning.
-->
<permission android:name="android.permission.NETWORK_CARRIER_PROVISIONING"
android:protectionLevel="signature|privileged" />
<!-- #SystemApi @hide Allows applications to access information about LoWPAN interfaces.
<p>Not for use by third-party applications. -->
<permission android:name="android.permission.ACCESS_LOWPAN_STATE"
android:protectionLevel="signature|privileged" />
<!-- #SystemApi @hide Allows applications to change LoWPAN connectivity state.
<p>Not for use by third-party applications. -->
<permission android:name="android.permission.CHANGE_LOWPAN_STATE"
android:protectionLevel="signature|privileged" />
<!-- #SystemApi @hide Allows applications to read LoWPAN credential.
<p>Not for use by third-party applications. -->
<permission android:name="android.permission.READ_LOWPAN_CREDENTIAL"
android:protectionLevel="signature|privileged" />
<!-- #SystemApi @hide Allows a service to register or unregister
new LoWPAN interfaces.
<p>Not for use by third-party applications. -->
<permission android:name="android.permission.MANAGE_LOWPAN_INTERFACES"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi @hide Allows changing Thread network state and access to Thread network
credentials such as Network Key and PSKc.
<p>Not for use by third-party applications.
@FlaggedApi("com.android.net.thread.flags.thread_enabled") -->
<permission android:name="android.permission.THREAD_NETWORK_PRIVILEGED"
android:protectionLevel="signature|privileged" />
<!-- #SystemApi @hide Allows an app to bypass Private DNS.
<p>Not for use by third-party applications.
TODO: publish as system API in next API release. -->
<permission android:name="android.permission.NETWORK_BYPASS_PRIVATE_DNS"
android:protectionLevel="signature" />
<!-- @SystemApi @hide Allows device mobility state to be set so that Wifi scan interval can
be increased when the device is stationary in order to save power.
<p>Not for use by third-party applications. -->
<permission android:name="android.permission.WIFI_SET_DEVICE_MOBILITY_STATE"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi @hide Allows privileged system APK to update Wifi usability stats and score.
<p>Not for use by third-party applications. -->
<permission android:name="android.permission.WIFI_UPDATE_USABILITY_STATS_SCORE"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi @hide Allows applications to update Wifi/Cellular coex channels to avoid.
<p>Not for use by third-party applications. -->
<permission android:name="android.permission.WIFI_UPDATE_COEX_UNSAFE_CHANNELS"
android:protectionLevel="signature|role" />
<!-- @SystemApi @hide Allows applications to access Wifi/Cellular coex channels being avoided.
<p>Not for use by third-party applications. -->
<permission android:name="android.permission.WIFI_ACCESS_COEX_UNSAFE_CHANNELS"
android:protectionLevel="signature|role" />
<!-- @SystemApi @hide Allows system APK to manage country code.
<p>Not for use by third-party applications. -->
<permission android:name="android.permission.MANAGE_WIFI_COUNTRY_CODE"
android:protectionLevel="signature" />
<!-- @SystemApi @hide Allows an application to manage an automotive device's application network
preference as it relates to OEM_PAID and OEM_PRIVATE capable networks.
<p>Not for use by third-party or privileged applications. -->
<permission android:name="android.permission.CONTROL_OEM_PAID_NETWORK_PREFERENCE"
android:protectionLevel="signature" />
<!-- @SystemApi @hide Allows an application to manage ethernet networks.
<p>Not for use by third-party or privileged applications. -->
<permission android:name="android.permission.MANAGE_ETHERNET_NETWORKS"
android:protectionLevel="signature" />
<!-- Allows system apps to call methods to register itself as a mDNS offload engine.
<p>Not for use by third-party or privileged applications.
@SystemApi
@FlaggedApi("com.android.net.flags.register_nsd_offload_engine")
@hide This should only be used by system apps.
-->
<permission android:name="android.permission.REGISTER_NSD_OFFLOAD_ENGINE"
android:protectionLevel="signature" />
<!-- ======================================= -->
<!-- Permissions for short range, peripheral networks -->
<!-- ======================================= -->
<eat-comment />
<!-- Allows applications to connect to paired bluetooth devices.
<p>Protection level: normal
-->
<permission android:name="android.permission.BLUETOOTH"
android:description="@string/permdesc_bluetooth"
android:label="@string/permlab_bluetooth"
android:protectionLevel="normal" />
<!-- Required to be able to discover and pair nearby Bluetooth devices.
<p>Protection level: dangerous -->
<permission android:name="android.permission.BLUETOOTH_SCAN"
android:permissionGroup="android.permission-group.UNDEFINED"
android:description="@string/permdesc_bluetooth_scan"
android:label="@string/permlab_bluetooth_scan"
android:protectionLevel="dangerous" />
<!-- Required to be able to connect to paired Bluetooth devices.
<p>Protection level: dangerous -->
<permission android:name="android.permission.BLUETOOTH_CONNECT"
android:permissionGroup="android.permission-group.UNDEFINED"
android:description="@string/permdesc_bluetooth_connect"
android:label="@string/permlab_bluetooth_connect"
android:protectionLevel="dangerous" />
<!-- Required to be able to advertise to nearby Bluetooth devices.
<p>Protection level: dangerous -->
<permission android:name="android.permission.BLUETOOTH_ADVERTISE"
android:permissionGroup="android.permission-group.UNDEFINED"
android:description="@string/permdesc_bluetooth_advertise"
android:label="@string/permlab_bluetooth_advertise"
android:protectionLevel="dangerous" />
<!-- Required to be able to range to devices using ultra-wideband.
<p>Protection level: dangerous -->
<permission android:name="android.permission.UWB_RANGING"
android:permissionGroup="android.permission-group.UNDEFINED"
android:description="@string/permdesc_uwb_ranging"
android:label="@string/permlab_uwb_ranging"
android:protectionLevel="dangerous" />
<!-- Required to be able to advertise and connect to nearby devices via Wi-Fi.
<p>Protection level: dangerous -->
<permission android:name="android.permission.NEARBY_WIFI_DEVICES"
android:permissionGroup="android.permission-group.UNDEFINED"
android:description="@string/permdesc_nearby_wifi_devices"
android:label="@string/permlab_nearby_wifi_devices"
android:protectionLevel="dangerous" />
<!-- @SystemApi @TestApi Allows an application to suspend other apps, which will prevent the
user from using them until they are unsuspended.
@hide
-->
<permission android:name="android.permission.SUSPEND_APPS"
android:protectionLevel="signature|role|verifier" />
<!-- @SystemApi
@hide
@FlaggedApi("android.content.pm.quarantined_enabled")
Allows an application to quarantine other apps, which will prevent
them from running without explicit user action.
-->
<permission android:name="android.permission.QUARANTINE_APPS"
android:protectionLevel="signature|verifier" />
<!-- Allows applications to discover and pair bluetooth devices.
<p>Protection level: normal
-->
<permission android:name="android.permission.BLUETOOTH_ADMIN"
android:description="@string/permdesc_bluetoothAdmin"
android:label="@string/permlab_bluetoothAdmin"
android:protectionLevel="normal" />
<!-- Allows applications to pair bluetooth devices without user interaction, and to
allow or disallow phonebook access or message access.
<p>Not for use by third-party applications. -->
<permission android:name="android.permission.BLUETOOTH_PRIVILEGED"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi Control access to email providers exclusively for Bluetooth
@hide
-->
<permission android:name="android.permission.BLUETOOTH_MAP"
android:protectionLevel="signature|role" />
<!-- Allows bluetooth stack to access files
This should only be granted to the Bluetooth apk.
@hide @SystemApi(client=android.annotation.SystemApi.Client.MODULE_LIBRARIES)
-->
<permission android:name="android.permission.BLUETOOTH_STACK"
android:protectionLevel="signature|role" />
<!-- Allows uhid write access for creating virtual input devices
@hide
-->
<permission android:name="android.permission.VIRTUAL_INPUT_DEVICE"
android:protectionLevel="signature" />
<!-- Allows applications to perform I/O operations over NFC.
<p>Protection level: normal
-->
<permission android:name="android.permission.NFC"
android:description="@string/permdesc_nfc"
android:label="@string/permlab_nfc"
android:protectionLevel="normal" />
<!-- Allows applications to receive NFC transaction events.
<p>Protection level: normal
-->
<permission android:name="android.permission.NFC_TRANSACTION_EVENT"
android:description="@string/permdesc_nfcTransactionEvent"
android:label="@string/permlab_nfcTransactionEvent"
android:protectionLevel="normal" />
<!-- Allows applications to receive NFC preferred payment service information.
<p>Protection level: normal
-->
<permission android:name="android.permission.NFC_PREFERRED_PAYMENT_INFO"
android:description="@string/permdesc_preferredPaymentInfo"
android:label="@string/permlab_preferredPaymentInfo"
android:protectionLevel="normal" />
<!-- @SystemApi Allows access to set NFC controller always on states.
<p>Protection level: signature|privileged
@hide -->
<permission android:name="android.permission.NFC_SET_CONTROLLER_ALWAYS_ON"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi Allows an internal user to use privileged SecureElement APIs.
Applications holding this permission can access OMAPI reset system API
and bypass OMAPI AccessControlEnforcer.
<p>Not for use by third-party applications.
@hide -->
<permission android:name="android.permission.SECURE_ELEMENT_PRIVILEGED_OPERATION"
android:protectionLevel="signature|privileged" />
<!-- @deprecated This permission used to allow too broad access to sensitive methods and all its
uses have been replaced by a more appropriate permission. Most uses have been replaced with
a NETWORK_STACK or NETWORK_SETTINGS check. Please look up the documentation of the
individual functions to figure out what permission now protects the individual function.
@SystemApi Allows an internal user to use privileged ConnectivityManager APIs.
@hide -->
<permission android:name="android.permission.CONNECTIVITY_INTERNAL"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi Allows an internal user to use restricted Networks.
@hide -->
<permission android:name="android.permission.CONNECTIVITY_USE_RESTRICTED_NETWORKS"
android:protectionLevel="signature|privileged" />
<uses-permission android:name="android.permission.CONNECTIVITY_USE_RESTRICTED_NETWORKS"/>
<!-- @SystemApi Allows an internal user to set signal strength in NetworkRequest. This kind of
request will wake up device when signal strength meets the given value.
@hide -->
<permission android:name="android.permission.NETWORK_SIGNAL_STRENGTH_WAKEUP"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi Allows a system application to access hardware packet offload capabilities.
@hide -->
<permission android:name="android.permission.PACKET_KEEPALIVE_OFFLOAD"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi
@hide -->
<permission android:name="android.permission.RECEIVE_DATA_ACTIVITY_CHANGE"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi Allows access to the loop radio (Android@Home mesh network) device.
@hide -->
<permission android:name="android.permission.LOOP_RADIO"
android:protectionLevel="signature|privileged" />
<!-- Allows sending and receiving handover transfer status from Wifi and Bluetooth
@hide -->
<permission android:name="android.permission.NFC_HANDOVER_STATUS"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi Allows internal management of Bluetooth state when on wireless consent mode.
<p>Not for use by third-party applications.
@hide -->
<permission android:name="android.permission.MANAGE_BLUETOOTH_WHEN_WIRELESS_CONSENT_REQUIRED"
android:protectionLevel="signature" />
<!-- @hide Allows the device to be reset, clearing all data and enables Test Harness Mode. -->
<permission android:name="android.permission.ENABLE_TEST_HARNESS_MODE"
android:protectionLevel="signature" />
<!-- @SystemApi Allows access to ultra wideband device.
<p>Not for use by third-party applications.
@hide -->
<permission android:name="android.permission.UWB_PRIVILEGED"
android:protectionLevel="signature|privileged" />
<!-- ================================== -->
<!-- Permissions for accessing accounts -->
<!-- ================================== -->
<eat-comment />
<!-- Allows access to the list of accounts in the Accounts Service.
<p class="note"><strong>Note:</strong> Beginning with Android 6.0 (API level
23), if an app shares the signature of the authenticator that manages an
account, it does not need <code>"GET_ACCOUNTS"</code> permission to read
information about that account. On Android 5.1 and lower, all apps need
<code>"GET_ACCOUNTS"</code> permission to read information about any
account.</p>
<p>Protection level: dangerous
-->
<permission android:name="android.permission.GET_ACCOUNTS"
android:permissionGroup="android.permission-group.UNDEFINED"
android:protectionLevel="dangerous"
android:description="@string/permdesc_getAccounts"
android:label="@string/permlab_getAccounts" />
<uses-permission android:name="android.permission.GET_ACCOUNTS"/>
<!-- Allows applications to call into AccountAuthenticators.
<p>Not for use by third-party applications. -->
<permission android:name="android.permission.ACCOUNT_MANAGER"
android:protectionLevel="signature" />
<!-- ================================== -->
<!-- Permissions for accessing hardware that may effect battery life-->
<!-- ================================== -->
<eat-comment />
<!-- Allows applications to enter Wi-Fi Multicast mode.
<p>Protection level: normal
-->
<permission android:name="android.permission.CHANGE_WIFI_MULTICAST_STATE"
android:description="@string/permdesc_changeWifiMulticastState"
android:label="@string/permlab_changeWifiMulticastState"
android:protectionLevel="normal" />
<!-- Allows access to the vibrator.
<p>Protection level: normal
-->
<permission android:name="android.permission.VIBRATE"
android:label="@string/permlab_vibrate"
android:description="@string/permdesc_vibrate"
android:protectionLevel="normal|instant" />
<!-- Allows access to the vibrator always-on settings.
<p>Protection level: signature
@hide
-->
<permission android:name="android.permission.VIBRATE_ALWAYS_ON"
android:protectionLevel="signature" />
<!-- @SystemApi Allows access to the vibrator state.
<p>Protection level: signature
@hide
-->
<permission android:name="android.permission.ACCESS_VIBRATOR_STATE"
android:label="@string/permdesc_vibrator_state"
android:description="@string/permdesc_vibrator_state"
android:protectionLevel="signature|privileged" />
<!-- Allows using PowerManager WakeLocks to keep processor from sleeping or screen
from dimming.
<p>Protection level: normal
-->
<permission android:name="android.permission.WAKE_LOCK"
android:label="@string/permlab_wakeLock"
android:description="@string/permdesc_wakeLock"
android:protectionLevel="normal|instant" />
<!-- Allows using the device's IR transmitter, if available.
<p>Protection level: normal
-->
<permission android:name="android.permission.TRANSMIT_IR"
android:label="@string/permlab_transmitIr"
android:description="@string/permdesc_transmitIr"
android:protectionLevel="normal" />
<!-- Allows an app to turn on the screen on, e.g. with
{@link android.os.PowerManager#ACQUIRE_CAUSES_WAKEUP}.
<p>Intended to only be used by home automation apps.
-->
<permission android:name="android.permission.TURN_SCREEN_ON"
android:label="@string/permlab_turnScreenOn"
android:description="@string/permdesc_turnScreenOn"
android:protectionLevel="signature|privileged|appop" />
<!-- ==================================================== -->
<!-- Permissions related to changing audio settings -->
<!-- ==================================================== -->
<eat-comment />
<!-- Allows an application to modify global audio settings.
<p>Protection level: normal
-->
<permission android:name="android.permission.MODIFY_AUDIO_SETTINGS"
android:label="@string/permlab_modifyAudioSettings"
android:description="@string/permdesc_modifyAudioSettings"
android:protectionLevel="normal" />
<!-- ==================================================== -->
<!-- Permissions related to screen capture -->
<!-- ==================================================== -->
<eat-comment />
<!-- Allows an application to capture screen content to perform a screenshot using the intent
action {@link android.content.Intent#ACTION_LAUNCH_CAPTURE_CONTENT_ACTIVITY_FOR_NOTE}.
<p>Protection level: internal|role
<p>Intended for use by ROLE_NOTES only.
-->
<permission android:name="android.permission.LAUNCH_CAPTURE_CONTENT_ACTIVITY_FOR_NOTE"
android:protectionLevel="internal|role" />
<!-- Allows an application to get notified when a screen capture of its windows is attempted.
<p>Protection level: normal
-->
<permission android:name="android.permission.DETECT_SCREEN_CAPTURE"
android:label="@string/permlab_detectScreenCapture"
android:description="@string/permdesc_detectScreenCapture"
android:protectionLevel="normal" />
<!-- ======================================== -->
<!-- Permissions for factory reset protection -->
<!-- ======================================== -->
<eat-comment />
<!-- @SystemApi Allows an application to set a factory reset protection (FRP) policy.
<p>Not for use by third-party applications.
@hide
-->
<permission android:name="android.permission.MANAGE_FACTORY_RESET_PROTECTION"
android:protectionLevel="signature|privileged"/>
<!-- ======================================== -->
<!-- Permissions for lost mode -->
<!-- ======================================== -->
<eat-comment />
<!-- @SystemApi Allows an application to trigger lost mode on an organization-owned device.
<p>Not for use by third-party applications.
@hide
-->
<permission android:name="android.permission.TRIGGER_LOST_MODE"
android:protectionLevel="signature|role"/>
<!-- ================================== -->
<!-- Permissions for accessing hardware -->
<!-- ================================== -->
<eat-comment />
<!-- @SystemApi Allows an application to manage preferences and permissions for USB devices
@hide -->
<permission android:name="android.permission.MANAGE_USB"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi Allows an application to manage Android Debug Bridge settings.
<p>Not for use by third-party applications.
@hide -->
<permission android:name="android.permission.MANAGE_DEBUGGING"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi Allows an application to access the MTP USB kernel driver.
For use only by the device side MTP implementation.
@hide -->
<permission android:name="android.permission.ACCESS_MTP"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi Allows access to hardware peripherals. Intended only for hardware testing.
<p>Not for use by third-party applications.
@hide
-->
<permission android:name="android.permission.HARDWARE_TEST"
android:protectionLevel="signature" />
<!-- @hide Allows an application to manage DynamicSystem image -->
<permission android:name="android.permission.MANAGE_DYNAMIC_SYSTEM"
android:protectionLevel="signature" />
<!-- @SystemApi Allows an application to install a DynamicSystem image and get status updates.
@hide -->
<permission android:name="android.permission.INSTALL_DYNAMIC_SYSTEM"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi Allows access to Broadcast Radio
@hide This is not a third-party API (intended for system apps).-->
<permission android:name="android.permission.ACCESS_BROADCAST_RADIO"
android:protectionLevel="signature|privileged" />
<!-- @deprecated @SystemApi Allows access to FM
@hide This is not a third-party API (intended for system apps).-->
<permission android:name="android.permission.ACCESS_FM_RADIO"
android:protectionLevel="signature|privileged" />
<!-- Allows access to configure network interfaces, configure/use IPSec, etc.
@hide -->
<permission android:name="android.permission.NET_ADMIN"
android:protectionLevel="signature|role" />
<!-- Allows registration for remote audio playback. @hide -->
<permission android:name="android.permission.REMOTE_AUDIO_PLAYBACK"
android:protectionLevel="signature" />
<!-- Allows TvInputService to access underlying TV input hardware such as
built-in tuners and HDMI-in's.
<p>This should only be used by OEM's TvInputService's.
@hide @SystemApi -->
<permission android:name="android.permission.TV_INPUT_HARDWARE"
android:protectionLevel="signature|privileged|vendorPrivileged" />
<!-- Allows to capture a frame of TV input hardware such as
built-in tuners and HDMI-in's.
<p>Not for use by third-party applications.
@hide @SystemApi -->
<permission android:name="android.permission.CAPTURE_TV_INPUT"
android:protectionLevel="signature|privileged" />
<!-- @hide Allows TvInputService to access DVB device.
<p>Not for use by third-party applications. -->
<permission android:name="android.permission.DVB_DEVICE"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi Allows reading and enabling/disabling the OEM unlock allowed by carrier state
@hide <p>Not for use by third-party applications. -->
<permission android:name="android.permission.MANAGE_CARRIER_OEM_UNLOCK_STATE"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi Allows reading and enabling/disabling the OEM unlock allowed by user state
@hide <p>Not for use by third-party applications. -->
<permission android:name="android.permission.MANAGE_USER_OEM_UNLOCK_STATE"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi Allows reading the OEM unlock state
@hide <p>Not for use by third-party applications. -->
<permission android:name="android.permission.READ_OEM_UNLOCK_STATE"
android:protectionLevel="signature|privileged" />
<!-- @hide Allows enabling/disabling OEM unlock
<p>Not for use by third-party applications. -->
<permission android:name="android.permission.OEM_UNLOCK_STATE"
android:protectionLevel="signature" />
<!-- @SystemApi @hide Allows querying state of PersistentDataBlock
<p>Not for use by third-party applications. -->
<permission android:name="android.permission.ACCESS_PDB_STATE"
android:protectionLevel="signature|role" />
<!-- Allows testing if a passwords is forbidden by the admins.
@hide <p>Not for use by third-party applications. -->
<permission android:name="android.permission.TEST_BLACKLISTED_PASSWORD"
android:protectionLevel="signature" />
<!-- @hide Allows system update service to notify device owner about pending updates.
<p>Not for use by third-party applications. -->
<permission android:name="android.permission.NOTIFY_PENDING_SYSTEM_UPDATE"
android:protectionLevel="signature|privileged" />
<!-- =========================================== -->
<!-- Permissions associated with camera and image capture -->
<!-- =========================================== -->
<eat-comment />
<!-- @SystemApi Allows disabling the transmit-indicator LED that is normally on when
a camera is in use by an application.
@hide -->
<permission android:name="android.permission.CAMERA_DISABLE_TRANSMIT_LED"
android:protectionLevel="signature|privileged" />
<!-- Allows sending the camera service notifications about system-wide events.
@hide -->
<permission android:name="android.permission.CAMERA_SEND_SYSTEM_EVENTS"
android:protectionLevel="signature|privileged" />
<!-- Allows injecting the external camera to replace the internal camera.
@hide -->
<permission android:name="android.permission.CAMERA_INJECT_EXTERNAL_CAMERA"
android:protectionLevel="signature" />
<!-- =========================================== -->
<!-- Permissions associated with telephony state -->
<!-- =========================================== -->
<eat-comment />
<!-- @SystemApi Allows granting runtime permissions to telephony related components.
@hide -->
<permission android:name="android.permission.GRANT_RUNTIME_PERMISSIONS_TO_TELEPHONY_DEFAULTS"
android:protectionLevel="signature" />
<!-- Allows modification of the telephony state - power on, mmi, etc.
Does not include placing calls.
<p>Not for use by third-party applications. -->
<permission android:name="android.permission.MODIFY_PHONE_STATE"
android:protectionLevel="signature|privileged|role" />
<!-- Allows read only access to precise phone state.
Allows reading of detailed information about phone state for special-use applications
such as dialers, carrier applications, or ims applications. -->
<permission android:name="android.permission.READ_PRECISE_PHONE_STATE"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi @TestApi Allows read access to privileged phone state.
@hide Used internally. -->
<permission android:name="android.permission.READ_PRIVILEGED_PHONE_STATE"
android:protectionLevel="signature|privileged|role" />
<!-- Allows to read device identifiers and use ICC based authentication like EAP-AKA.
Often required in authentication to access the carrier's server and manage services
of the subscriber.
<p>Protection level: signature|appop -->
<permission android:name="android.permission.USE_ICC_AUTH_WITH_DEVICE_IDENTIFIER"
android:protectionLevel="signature|appop" />
<!-- @SystemApi Allows read access to emergency number information for ongoing calls or SMS
sessions.
@hide Used internally. -->
<permission android:name="android.permission.READ_ACTIVE_EMERGENCY_SESSION"
android:protectionLevel="signature" />
<!-- Allows listen permission to always reported system signal strength.
@hide Used internally. -->
<permission android:name="android.permission.LISTEN_ALWAYS_REPORTED_SIGNAL_STRENGTH"
android:protectionLevel="signature|role" />
<!-- @SystemApi Protects the ability to register any PhoneAccount with
PhoneAccount#CAPABILITY_SIM_SUBSCRIPTION. This capability indicates that the PhoneAccount
corresponds to a device SIM.
@hide -->
<permission android:name="android.permission.REGISTER_SIM_SUBSCRIPTION"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi Protects the ability to register any PhoneAccount with
PhoneAccount#CAPABILITY_CALL_PROVIDER.
@hide -->
<permission android:name="android.permission.REGISTER_CALL_PROVIDER"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi Protects the ability to register any PhoneAccount with
PhoneAccount#CAPABILITY_CONNECTION_MANAGER
@hide -->
<permission android:name="android.permission.REGISTER_CONNECTION_MANAGER"
android:protectionLevel="signature|privileged" />
<!-- Must be required by a {@link android.telecom.InCallService},
to ensure that only the system can bind to it.
<p>Protection level: signature|privileged
-->
<permission android:name="android.permission.BIND_INCALL_SERVICE"
android:protectionLevel="signature|privileged" />
<!-- Must be required by a {@link android.telecom.CallStreamingService},
to ensure that only the system can bind to it.
<p>Protection level: signature
@SystemApi @hide-->
<permission android:name="android.permission.BIND_CALL_STREAMING_SERVICE"
android:protectionLevel="signature" />
<!-- Allows to query ongoing call details and manage ongoing calls
<p>Protection level: signature|appop -->
<permission android:name="android.permission.MANAGE_ONGOING_CALLS"
android:protectionLevel="signature|appop"
android:label="@string/permlab_manageOngoingCalls"
android:description="@string/permdesc_manageOngoingCalls" />
<!-- Allows the app to request network scans from telephony.
<p>Not for use by third-party applications.
@SystemApi @hide-->
<permission android:name="android.permission.NETWORK_SCAN"
android:protectionLevel="signature|privileged" />
<!-- Must be required by a link {@link android.telephony.VisualVoicemailService} to ensure that
only the system can bind to it.
<p>Protection level: signature|privileged
-->
<permission
android:name="android.permission.BIND_VISUAL_VOICEMAIL_SERVICE"
android:protectionLevel="signature|privileged"/>
<!-- Must be required by a {@link android.telecom.CallScreeningService},
to ensure that only the system can bind to it.
<p>Protection level: signature|privileged
-->
<permission android:name="android.permission.BIND_SCREENING_SERVICE"
android:protectionLevel="signature|privileged" />
<!-- Must be required by a {@link android.telecom.PhoneAccountSuggestionService},
to ensure that only the system can bind to it.
<p>Protection level: signature
@SystemApi
@hide
-->
<permission android:name="android.permission.BIND_PHONE_ACCOUNT_SUGGESTION_SERVICE"
android:protectionLevel="signature" />
<!-- Must be required by a {@link android.telecom.CallDiagnosticService},
to ensure that only the system can bind to it.
<p>Protection level: signature
@SystemApi
@hide
-->
<permission android:name="android.permission.BIND_CALL_DIAGNOSTIC_SERVICE"
android:protectionLevel="signature" />
<!-- Must be required by a {@link android.telecom.CallRedirectionService},
to ensure that only the system can bind to it.
<p>Protection level: signature|privileged
-->
<permission android:name="android.permission.BIND_CALL_REDIRECTION_SERVICE"
android:protectionLevel="signature|privileged" />
<!-- Must be required by a {@link android.telecom.ConnectionService},
to ensure that only the system can bind to it.
@deprecated {@link android.telecom.ConnectionService}s should require
android.permission.BIND_TELECOM_CONNECTION_SERVICE instead.
@SystemApi
@hide -->
<permission android:name="android.permission.BIND_CONNECTION_SERVICE"
android:protectionLevel="signature|privileged" />
<!-- Must be required by a {@link android.telecom.ConnectionService},
to ensure that only the system can bind to it.
<p>Protection level: signature|privileged
-->
<permission android:name="android.permission.BIND_TELECOM_CONNECTION_SERVICE"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi Allows an application to control the in-call experience.
@hide -->
<permission android:name="android.permission.CONTROL_INCALL_EXPERIENCE"
android:protectionLevel="signature|privileged|role" />
<!-- Allows an application to receive STK related commands.
@hide -->
<permission android:name="android.permission.RECEIVE_STK_COMMANDS"
android:protectionLevel="signature|privileged" />
<!-- Allows an application to send EMBMS download intents to apps
@hide -->
<permission android:name="android.permission.SEND_EMBMS_INTENTS"
android:protectionLevel="signature|privileged" />
<!-- Allows internal management of the sensor framework
@hide -->
<permission android:name="android.permission.MANAGE_SENSORS"
android:protectionLevel="signature" />
<!-- Must be required by an ImsService to ensure that only the
system can bind to it.
<p>Protection level: signature|privileged|vendorPrivileged
@SystemApi
@hide
-->
<permission android:name="android.permission.BIND_IMS_SERVICE"
android:protectionLevel="signature|privileged|vendorPrivileged" />
<!-- Must be required by a SatelliteService to ensure that only the
system can bind to it.
<p>Protection level: signature|privileged|vendorPrivileged
@SystemApi
@hide
-->
<permission android:name="android.permission.BIND_SATELLITE_SERVICE"
android:protectionLevel="signature|privileged|vendorPrivileged" />
<!-- Must be required by a SatelliteGatewayService to ensure that only the
system can bind to it.
<p>Protection level: signature
@hide
-->
<permission android:name="android.permission.BIND_SATELLITE_GATEWAY_SERVICE"
android:protectionLevel="signature" />
<!-- Must be required by a telephony data service to ensure that only the
system can bind to it.
<p>Protection level: signature
@SystemApi
@hide
-->
<permission android:name="android.permission.BIND_TELEPHONY_DATA_SERVICE"
android:protectionLevel="signature" />
<!-- Must be required by a NetworkService to ensure that only the
system can bind to it.
<p>Protection level: signature
@SystemApi
@hide
-->
<permission android:name="android.permission.BIND_TELEPHONY_NETWORK_SERVICE"
android:protectionLevel="signature" />
<!-- @SystemApi Allows an application to manage embedded subscriptions (those on a eUICC)
through EuiccManager APIs.
<p>Protection level: signature|privileged|development
@hide
-->
<permission android:name="android.permission.WRITE_EMBEDDED_SUBSCRIPTIONS"
android:protectionLevel="signature|privileged|development" />
<!-- @SystemApi Must be required by an EuiccService to ensure that only the system can bind to
it.
<p>Protection level: signature
@hide
-->
<permission android:name="android.permission.BIND_EUICC_SERVICE"
android:protectionLevel="signature" />
<!-- Required for reading information about carrier apps from SystemConfigManager.
<p>Protection level: signature
@SystemApi
@hide
-->
<permission android:name="android.permission.READ_CARRIER_APP_INFO"
android:protectionLevel="signature" />
<!-- Must be required by an GbaService to ensure that only the
system can bind to it.
<p>Protection level: signature
@SystemApi
@hide
-->
<permission android:name="android.permission.BIND_GBA_SERVICE"
android:protectionLevel="signature" />
<!-- Required for an Application to access APIs related to RCS User Capability Exchange.
<p> This permission is only granted to system applications fulfilling the SMS, Dialer, and
Contacts app roles.
<p>Protection level: internal|role
@SystemApi
@hide -->
<permission android:name="android.permission.ACCESS_RCS_USER_CAPABILITY_EXCHANGE"
android:protectionLevel="internal|role" />
<!-- ================================== -->
<!-- Permissions for sdcard interaction -->
<!-- ================================== -->
<eat-comment />
<!-- @SystemApi @TestApi Allows an application to write to internal media storage
@deprecated This permission is no longer honored in the system and no longer adds
the media_rw gid as a supplementary gid to the holder. Use the
android.permission.MANAGE_EXTERNAL_STORAGE instead.
@hide -->
<permission android:name="android.permission.WRITE_MEDIA_STORAGE"
android:protectionLevel="signature|privileged" />
<!-- Allows an application to manage access to documents, usually as part
of a document picker.
<p>This permission should <em>only</em> be requested by the platform
document management app. This permission cannot be granted to
third-party apps.
-->
<permission android:name="android.permission.MANAGE_DOCUMENTS"
android:protectionLevel="signature|role" />
<!-- Allows an application to manage access to crates, usually as part
of a crates picker.
<p>This permission should <em>only</em> be requested by the platform
management app. This permission cannot be granted to
third-party apps.
@hide
@TestApi
-->
<permission android:name="android.permission.MANAGE_CRATES"
android:protectionLevel="signature" />
<!-- @hide Allows an application to cache content.
<p>Not for use by third-party applications.
-->
<permission android:name="android.permission.CACHE_CONTENT"
android:protectionLevel="signature|role" />
<!-- @SystemApi @hide
Allows an application to aggressively allocate disk space.
<p>Not for use by third-party applications.
-->
<permission android:name="android.permission.ALLOCATE_AGGRESSIVE"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi @hide
Allows an application to use reserved disk space.
<p>Not for use by third-party applications. Should only be requested by
apps that provide core system functionality, to ensure system stability
when disk is otherwise completely full.
-->
<permission android:name="android.permission.USE_RESERVED_DISK"
android:protectionLevel="signature|privileged" />
<!-- ================================== -->
<!-- Permissions for screenlock -->
<!-- ================================== -->
<eat-comment />
<!-- Allows applications to disable the keyguard if it is not secure.
<p>Protection level: normal
-->
<permission android:name="android.permission.DISABLE_KEYGUARD"
android:description="@string/permdesc_disableKeyguard"
android:label="@string/permlab_disableKeyguard"
android:protectionLevel="normal" />
<!-- Allows an application to request the screen lock complexity and prompt users to update the
screen lock to a certain complexity level.
<p>Protection level: normal
-->
<permission android:name="android.permission.REQUEST_PASSWORD_COMPLEXITY"
android:label="@string/permlab_requestPasswordComplexity"
android:description="@string/permdesc_requestPasswordComplexity"
android:protectionLevel="normal" />
<!-- ================================== -->
<!-- Permissions to access other installed applications -->
<!-- ================================== -->
<eat-comment />
<!-- @deprecated No longer enforced. -->
<permission android:name="android.permission.GET_TASKS"
android:label="@string/permlab_getTasks"
android:description="@string/permdesc_getTasks"
android:protectionLevel="normal" />
<!-- New version of GET_TASKS that apps can request, since GET_TASKS doesn't really
give access to task information. We need this new one because there are
many existing apps that use add libraries and such that have validation
code to ensure the app has requested the GET_TASKS permission by seeing
if it has been granted the permission... if it hasn't, it kills the app
with a message about being upset. So we need to have it continue to look
like the app is getting that permission, even though it will never be
checked, and new privileged apps can now request this one for real access.
@hide
@SystemApi -->
<permission android:name="android.permission.REAL_GET_TASKS"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi Allows an application to start a task from a ActivityManager#RecentTaskInfo.
@hide -->
<permission android:name="android.permission.START_TASKS_FROM_RECENTS"
android:protectionLevel="signature|privileged|recents" />
<!-- @SystemApi @hide Allows an application to call APIs that allow it to do interactions
across the users on the device, using singleton services and
user-targeted broadcasts. This permission is not available to
third party applications. -->
<permission android:name="android.permission.INTERACT_ACROSS_USERS"
android:protectionLevel="signature|privileged|development|role" />
<!-- @SystemApi Fuller form of {@link android.Manifest.permission#INTERACT_ACROSS_USERS}
that removes restrictions on where broadcasts can be sent and allows other
types of interactions
@hide -->
<permission android:name="android.permission.INTERACT_ACROSS_USERS_FULL"
android:protectionLevel="signature|installer|role" />
<uses-permission android:name="android.permission.INTERACT_ACROSS_USERS_FULL" />
<!-- Allows interaction across profiles in the same profile group. -->
<permission android:name="android.permission.INTERACT_ACROSS_PROFILES"
android:protectionLevel="signature|appop" />
<!-- @SystemApi @hide Allows starting activities across profiles in the same profile group. -->
<permission android:name="android.permission.START_CROSS_PROFILE_ACTIVITIES"
android:protectionLevel="signature|role" />
<!-- @SystemApi Allows configuring apps to have the INTERACT_ACROSS_PROFILES permission so that
they can interact across profiles in the same profile group.
@hide -->
<permission android:name="android.permission.CONFIGURE_INTERACT_ACROSS_PROFILES"
android:protectionLevel="signature|role" />
<!-- @SystemApi @hide Allows an application to call APIs that allow it to query and manage
users on the device. This permission is not available to
third party applications. -->
<permission android:name="android.permission.MANAGE_USERS"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi @hide Allows an application to create, remove users and get the list of
users on the device. Applications holding this permission can create users (including
normal, restricted, guest, managed, and demo users) and can optionally endow them with the
ephemeral property. For creating users with other kinds of properties,
{@link android.Manifest.permission#MANAGE_USERS} is needed.
This permission is not available to third party applications. -->
<permission android:name="android.permission.CREATE_USERS"
android:protectionLevel="signature" />
<!-- @SystemApi @hide Allows an application to set user association
with a certain subscription. Used by Enterprise to associate a
subscription with a work or personal profile. -->
<permission android:name="android.permission.MANAGE_SUBSCRIPTION_USER_ASSOCIATION"
android:protectionLevel="signature" />
<!-- @SystemApi @hide Allows an application to call APIs that allow it to query users on the
device. -->
<permission android:name="android.permission.QUERY_USERS"
android:protectionLevel="signature|privileged|role" />
<!-- Allows an application to access data blobs across users. -->
<permission android:name="android.permission.ACCESS_BLOBS_ACROSS_USERS"
android:protectionLevel="signature|privileged|development|role" />
<!-- @SystemApi @hide Allows an application to set the profile owners and the device owner.
This permission is not available to third party applications.-->
<permission android:name="android.permission.MANAGE_PROFILE_AND_DEVICE_OWNERS"
android:protectionLevel="signature|role"
android:label="@string/permlab_manageProfileAndDeviceOwners"
android:description="@string/permdesc_manageProfileAndDeviceOwners" />
<!-- @SystemApi @hide Allows an application to query device policies set by any admin on
the device.-->
<permission android:name="android.permission.QUERY_ADMIN_POLICY"
android:protectionLevel="signature|role" />
<!-- @SystemApi @hide Allows an application to exempt apps from platform restrictions.-->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_APP_EXEMPTIONS"
android:protectionLevel="internal|role" />
<!-- Allows an application to manage device policy relating to time.
<p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS_FULL} is required to call
APIs protected by this permission on users different to the calling user.-->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_TIME"
android:protectionLevel="internal|role" />
<!-- Allows an application to set the grant state of runtime permissions on packages.
<p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS_FULL} is required to call
APIs protected by this permission on users different to the calling user.
-->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_RUNTIME_PERMISSIONS"
android:protectionLevel="internal|role" />
<!-- Allows an application to manage the identity of the managing organization.
<p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS_FULL} is required to call
APIs protected by this permission on users different to the calling user.
-->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_ORGANIZATION_IDENTITY"
android:protectionLevel="internal|role" />
<!-- Allows an application to set support messages for when a user action is affected by an
active policy.
<p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS_FULL} is required to call
APIs protected by this permission on users different to the calling user.
-->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_SUPPORT_MESSAGE"
android:protectionLevel="internal|role" />
<!-- Allows an application to manage backup service policy.
<p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS_FULL} is required to call
APIs protected by this permission on users different to the calling user.
-->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_BACKUP_SERVICE"
android:protectionLevel="internal|role" />
<!-- Allows an application to manage lock task policy.
<p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS_FULL} is required to call
APIs protected by this permission on users different to the calling user.
-->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_LOCK_TASK"
android:protectionLevel="internal|role" />
<!-- Allows an application to manage policy regarding modifying applications.
<p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS_FULL} is required to call
APIs protected by this permission on users different to the calling user.
-->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_APPS_CONTROL"
android:protectionLevel="internal|role" />
<!-- Allows an application to manage installing from unknown sources policy.
<p>MANAGE_SECURITY_CRITICAL_DEVICE_POLICY_ACROSS_USERS is required to call APIs protected
by this permission on users different to the calling user.
-->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_INSTALL_UNKNOWN_SOURCES"
android:protectionLevel="internal|role" />
<!-- Allows an application to manage application restrictions.
<p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS_FULL} is required to call
APIs protected by this permission on users different to the calling user.
-->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_APP_RESTRICTIONS"
android:protectionLevel="internal|role" />
<!-- Allows an application to manage calling policy.
<p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS_FULL} is required to call
APIs protected by this permission on users different to the calling user.
-->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_CALLS"
android:protectionLevel="internal|role" />
<!-- Allows an application to manage debugging features policy.
<p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS_FULL} is required to call
APIs protected by this permission on users different to the calling user.
-->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_DEBUGGING_FEATURES"
android:protectionLevel="internal|role" />
<!-- Allows an application to manage policy preventing users from modifying users.
<p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS_FULL} is required to call
APIs protected by this permission on users different to the calling user
-->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_MODIFY_USERS"
android:protectionLevel="internal|role" />
<!-- Allows an application to manage safe boot policy.
<p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS_FULL} is required to call
APIs protected by this permission on users different to the calling user.
-->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_SAFE_BOOT"
android:protectionLevel="internal|role" />
<!-- Allows an application to set policy related to restricting a user's ability to use or
enable and disable the microphone.
<p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS} is required to call
APIs protected by this permission on users different to the calling user.
-->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_MICROPHONE"
android:protectionLevel="internal|role" />
<!-- Allows an application to set policy related to restricting a user's ability to use or
enable and disable the camera.
<p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS} is required to call
APIs protected by this permission on users different to the calling user.
-->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_CAMERA"
android:protectionLevel="internal|role" />
<!-- Allows an application to manage policy related to keyguard.
<p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS_SECURITY_CRITICAL} is
required to call APIs protected by this permission on users different to the calling user.
-->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_KEYGUARD"
android:protectionLevel="internal|role" />
<!-- Allows an application to set policy related to account management.
<p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS} is required to call
APIs protected by this permission on users different to the calling user.
-->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_ACCOUNT_MANAGEMENT"
android:protectionLevel="internal|role" />
<!-- Allows an application to set policy related to hiding and suspending packages.
<p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS} is required to call
APIs protected by this permission on users different to the calling user.
-->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_PACKAGE_STATE"
android:protectionLevel="internal|role" />
<!-- Allows an application to force set a new device unlock password or a managed profile
challenge on current user.
<p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS_FULL} is required to call
APIs protected by this permission on users different to the calling user.
-->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_RESET_PASSWORD"
android:protectionLevel="internal|role" />
<!-- Allows an application to set policy related to the status bar.-->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_STATUS_BAR"
android:protectionLevel="internal|role" />
<!-- Allows an application to set policy related to bluetooth.
<p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS_FULL} is required to call
APIs protected by this permission on users different to the calling user.
-->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_BLUETOOTH"
android:protectionLevel="internal|role" />
<!-- Allows an application to set policy related to fun.
<p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS_FULL} is required to call
APIs protected by this permission on users different to the calling user.
-->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_FUN"
android:protectionLevel="internal|role" />
<!-- Allows an application to set policy related to airplane mode.
<p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS} is required to call
APIs protected by this permission on users different to the calling user.
-->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_AIRPLANE_MODE"
android:protectionLevel="internal|role" />
<!-- Allows an application to set policy related to mobile networks.
<p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS_FULL} is required to call
APIs protected by this permission on users different to the calling user.
-->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_MOBILE_NETWORK"
android:protectionLevel="internal|role" />
<!-- Allows an application to set policy related to physical media.
<p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS_FULL} is required to call
APIs protected by this permission on users different to the calling user.
-->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_PHYSICAL_MEDIA"
android:protectionLevel="internal|role" />
<!-- Allows an application to set policy related to sms.
<p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS_FULL} is required to call
APIs protected by this permission on users different to the calling user.
-->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_SMS"
android:protectionLevel="internal|role" />
<!-- Allows an application to set policy related to usb file transfers.
<p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS_FULL} is required to call
APIs protected by this permission on users different to the calling user.
-->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_USB_FILE_TRANSFER"
android:protectionLevel="internal|role" />
<!-- Allows an application to set policy related to lock credentials.
<p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS_SECURITY_CRITICAL} is
required to call APIs protected by this permission on users different to the calling user.
-->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_LOCK_CREDENTIALS"
android:protectionLevel="internal|role" />
<!-- Allows an application to set policy related to Wifi.
<p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS} is
required to call APIs protected by this permission on users different to the calling user.
-->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_WIFI"
android:protectionLevel="internal|role" />
<!-- Allows an application to set policy related to screen capture.
<p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS} is
required to call APIs protected by this permission on users different to the calling user.
-->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_SCREEN_CAPTURE"
android:protectionLevel="internal|role" />
<!-- Allows an application to set policy related to input methods.
<p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS} is
required to call APIs protected by this permission on users different to the calling user.
-->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_INPUT_METHODS"
android:protectionLevel="internal|role" />
<!-- Allows an application to set policy related to restricting the user from configuring
private DNS.
<p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS} is
required to call APIs protected by this permission on users different to the calling user.
-->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_RESTRICT_PRIVATE_DNS"
android:protectionLevel="internal|role" />
<!-- Allows an application to set policy related to the default sms application.
<p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS} is
required to call APIs protected by this permission on users different to the calling user.
-->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_DEFAULT_SMS"
android:protectionLevel="internal|role" />
<!-- Allows an application to set policy related to profiles.
<p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS_FULL} is
required to call APIs protected by this permission on users different to the calling user.
-->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_PROFILES"
android:protectionLevel="internal|role" />
<!-- Allows an application to set policy related to interacting with profiles (e.g. Disallowing
cross-profile copy and paste).
<p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS_FULL} is
required to call APIs protected by this permission on users different to the calling user.
-->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_PROFILE_INTERACTION"
android:protectionLevel="internal|role" />
<!-- Allows an application to set policy related to VPNs.
<p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS_FULL} is
required to call APIs protected by this permission on users different to the calling user.
-->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_VPN"
android:protectionLevel="internal|role" />
<!-- Allows an application to set policy related to audio output.
<p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS_FULL} is
required to call APIs protected by this permission on users different to the calling user.
-->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_AUDIO_OUTPUT"
android:protectionLevel="internal|role" />
<!-- Allows an application to set policy related to the display.
<p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS_FULL} is
required to call APIs protected by this permission on users different to the calling user.
-->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_DISPLAY"
android:protectionLevel="internal|role" />
<!-- Allows an application to set policy related to location.
<p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS_FULL} is
required to call APIs protected by this permission on users different to the calling user.
-->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_LOCATION"
android:protectionLevel="internal|role" />
<!-- Allows an application to set policy related to factory reset.
<p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS_FULL} is
required to call APIs protected by this permission on users different to the calling user.
-->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_FACTORY_RESET"
android:protectionLevel="internal|role" />
<!-- Allows an application to set policy related to the wallpaper.
<p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS_FULL} is
required to call APIs protected by this permission on users different to the calling user.
-->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_WALLPAPER"
android:protectionLevel="internal|role" />
<!-- Allows an application to set policy related to the usage of the contents of the screen.
<p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS_FULL} is
required to call APIs protected by this permission on users different to the calling user.
-->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_SCREEN_CONTENT"
android:protectionLevel="internal|role" />
<!-- Allows an application to set policy related to system dialogs.
<p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS_FULL} is
required to call APIs protected by this permission on users different to the calling user.
-->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_SYSTEM_DIALOGS"
android:protectionLevel="internal|role" />
<!-- Allows an application to set policy related to users running in the background.
<p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS_FULL} is
required to call APIs protected by this permission on users different to the calling user.
-->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_RUN_IN_BACKGROUND"
android:protectionLevel="internal|role" />
<!-- Allows an application to set policy related to printing.
<p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS_FULL} is
required to call APIs protected by this permission on users different to the calling user.
-->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_PRINTING"
android:protectionLevel="internal|role" />
<!-- Allows an application to set policy related to nearby communications (e.g. Beam and
nearby streaming).
<p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS_FULL} is
required to call APIs protected by this permission on users different to the calling user.
-->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_NEARBY_COMMUNICATION"
android:protectionLevel="internal|role" />
<!-- Allows an application to set policy related to windows.
<p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS_FULL} is
required to call APIs protected by this permission on users different to the calling user.
-->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_WINDOWS"
android:protectionLevel="internal|role" />
<!-- Allows an application to set policy related to locale.
<p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS_FULL} is
required to call APIs protected by this permission on users different to the calling user.
-->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_LOCALE"
android:protectionLevel="internal|role" />
<!-- Allows an application to set policy related to autofill.
<p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS_FULL} is
required to call APIs protected by this permission on users different to the calling user.
-->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_AUTOFILL"
android:protectionLevel="internal|role" />
<!-- Allows an application to set policy related to users.
<p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS_FULL} is
required to call APIs protected by this permission on users different to the calling user.
-->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_USERS"
android:protectionLevel="internal|role" />
<!-- Allows an application to set policy related to certificates.
<p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS_FULL} is
required to call APIs protected by this permission on users different to the calling user.
-->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_CERTIFICATES"
android:protectionLevel="internal|role" />
<!-- Allows an application to set policy related to override APNs.
<p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS_FULL} is
required to call APIs protected by this permission on users different to the calling user.
-->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_OVERRIDE_APN"
android:protectionLevel="internal|role" />
<!-- Allows an application to set policy related to security logging.
<p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS_FULL} is
required to call APIs protected by this permission on users different to the calling user.
-->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_SECURITY_LOGGING"
android:protectionLevel="internal|role" />
<!-- Allows an application to set policy related to system updates.
<p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS_FULL} is
required to call APIs protected by this permission on users different to the calling user.
-->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_SYSTEM_UPDATES"
android:protectionLevel="internal|role" />
<!-- Allows an application query system updates.
<p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS_FULL} is
required to call APIs protected by this permission on users different to the calling user.
-->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_QUERY_SYSTEM_UPDATES"
android:protectionLevel="internal|role" />
<!-- Allows an application to set policy related to private DNS.
<p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS_FULL} is
required to call APIs protected by this permission on users different to the calling user.
-->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_PRIVATE_DNS"
android:protectionLevel="internal|role" />
<!-- Allows an application to set policy related to settings.
<p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS_FULL} is
required to call APIs protected by this permission on users different to the calling user.
-->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_SETTINGS"
android:protectionLevel="internal|role" />
<!-- Allows an application to set policy related to network logging.
<p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS_FULL} is
required to call APIs protected by this permission on users different to the calling user.
-->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_NETWORK_LOGGING"
android:protectionLevel="internal|role" />
<!-- Allows an application to set policy related to usb data signalling.-->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_USB_DATA_SIGNALLING"
android:protectionLevel="internal|role" />
<!-- Allows an application to set policy related to suspending personal apps.
<p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS_FULL} is
required to call APIs protected by this permission on users different to the calling user.
-->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_SUSPEND_PERSONAL_APPS"
android:protectionLevel="internal|role" />
<!-- Allows an application to set policy related to keeping uninstalled packages.
<p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS_FULL} is
required to call APIs protected by this permission on users different to the calling user.
-->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_KEEP_UNINSTALLED_PACKAGES"
android:protectionLevel="internal|role" />
<!-- Allows an application to manage policy related to accessibility.
<p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS_FULL} is required to call
APIs protected by this permission on users different to the calling user.
-->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_ACCESSIBILITY"
android:protectionLevel="internal|role" />
<!-- Allows an application to manage policy related to common criteria mode.
<p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS_FULL} is required to call
APIs protected by this permission on users different to the calling user.
-->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_COMMON_CRITERIA_MODE"
android:protectionLevel="internal|role" />
<!-- Allows an application to manage policy related to metered data.
<p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS_FULL} is required to call
APIs protected by this permission on users different to the calling user.
-->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_METERED_DATA"
android:protectionLevel="internal|role" />
<!-- Allows an application to set a network-independent global HTTP proxy.
<p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS_FULL} is required to call
APIs protected by this permission on users different to the calling user.
-->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_PROXY"
android:protectionLevel="internal|role" />
<!-- Allows an application to request bugreports with user consent.
<p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS_FULL} is required to call
APIs protected by this permission on users different to the calling user.
-->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_BUGREPORT"
android:protectionLevel="internal|role" />
<!-- Allows an application to manage policy related to application user data.
<p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS_FULL} is required to call
APIs protected by this permission on users different to the calling user.
-->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_APP_USER_DATA"
android:protectionLevel="internal|role" />
<!-- Allows an application to lock a profile or the device with the appropriate cross-user
permission.
<p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS_FULL} is required to call
APIs protected by this permission on users different to the calling user.
-->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_LOCK"
android:protectionLevel="internal|role" />
<!-- Allows an application to manage policy related to system apps.
<p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS_FULL} is required to call
APIs protected by this permission on users different to the calling user.
-->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_SYSTEM_APPS"
android:protectionLevel="internal|role" />
<!-- Allows an application to manage policy related to wiping data.
<p>{@link Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS} is required to call
APIs protected by this permission on users different to the calling user.
-->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_WIPE_DATA"
android:protectionLevel="internal|role" />
<!-- Allows an application to manage policy related to the Memory Tagging Extension (MTE).
-->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_MTE"
android:protectionLevel="internal|role" />
<!-- Allows an application to manage policy related to device identifiers. -->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_DEVICE_IDENTIFIERS"
android:protectionLevel="internal|role" />
<!-- Allows an application to set device policies outside the current user
that are critical for securing data within the current user.
<p>Holding this permission allows the use of other held MANAGE_DEVICE_POLICY_*
permissions across all users on the device provided they are required for securing data
within the current user.-->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_ACROSS_USERS_SECURITY_CRITICAL"
android:protectionLevel="internal|role" />
<!-- Allows an application to set device policies outside the current user
that are required for securing device ownership without accessing user data.
<p>Holding this permission allows the use of other held MANAGE_DEVICE_POLICY_*
permissions across all users on the device provided they do not grant access to user
data. -->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_ACROSS_USERS"
android:protectionLevel="internal|role" />
<!-- Allows an application to set device policies outside the current user.
<p>Fuller form of {@link android.Manifest.permission#MANAGE_DEVICE_POLICY_ACROSS_USERS}
that removes the restriction on accessing user data.
<p>Holding this permission allows the use of any other held MANAGE_DEVICE_POLICY_*
permissions across all users on the device.-->
<permission android:name="android.permission.MANAGE_DEVICE_POLICY_ACROSS_USERS_FULL"
android:protectionLevel="internal|role" />
<!-- @SystemApi @hide Allows an application to set a device owner on retail demo devices.-->
<permission android:name="android.permission.PROVISION_DEMO_DEVICE"
android:protectionLevel="signature|setup|knownSigner"
android:knownCerts="@array/demo_device_provisioning_known_signers" />
<!-- @TestApi @hide Allows an application to reset the record of previous system update freeze
periods. -->
<permission android:name="android.permission.CLEAR_FREEZE_PERIOD"
android:protectionLevel="signature" />
<!-- @TestApi @hide Allows an application to force available DevicePolicyManager logs to
DPC. -->
<permission android:name="android.permission.FORCE_DEVICE_POLICY_MANAGER_LOGS"
android:protectionLevel="signature" />
<!-- Allows an application to get full detailed information about
recently running tasks, with full fidelity to the real state.
@hide -->
<permission android:name="android.permission.GET_DETAILED_TASKS"
android:protectionLevel="signature" />
<!-- Allows an application to change the Z-order of tasks.
<p>Protection level: normal
-->
<permission android:name="android.permission.REORDER_TASKS"
android:label="@string/permlab_reorderTasks"
android:description="@string/permdesc_reorderTasks"
android:protectionLevel="normal" />
<!-- @SystemApi @TestApi @hide Allows an application to change to remove/kill tasks -->
<permission android:name="android.permission.REMOVE_TASKS"
android:protectionLevel="signature|recents|role" />
<!-- @deprecated Use MANAGE_ACTIVITY_TASKS instead.
@SystemApi @TestApi @hide Allows an application to create/manage/remove stacks -->
<permission android:name="android.permission.MANAGE_ACTIVITY_STACKS"
android:protectionLevel="signature" />
<!-- @SystemApi @TestApi @hide Allows an application to create/manage/remove tasks -->
<permission android:name="android.permission.MANAGE_ACTIVITY_TASKS"
android:protectionLevel="signature|recents" />
<!-- @SystemApi @TestApi @hide Allows an application to embed other activities -->
<permission android:name="android.permission.ACTIVITY_EMBEDDING"
android:protectionLevel="signature|privileged" />
<!-- Allows an application to start any activity, regardless of permission
protection or exported state.
@hide -->
<permission android:name="android.permission.START_ANY_ACTIVITY"
android:protectionLevel="signature" />
<!-- @SystemApi @hide Allows an application to start activities from background -->
<permission android:name="android.permission.START_ACTIVITIES_FROM_BACKGROUND"
android:protectionLevel="signature|privileged|vendorPrivileged|oem|verifier|role" />
<!-- Allows an application to start foreground services from the background at any time.
<em>This permission is not for use by third-party applications</em>,
with the only exception being if the app is the default SMS app.
Otherwise, it's only usable by privileged apps, app verifier app, and apps with
any of the EMERGENCY or SYSTEM GALLERY roles.
-->
<permission android:name="android.permission.START_FOREGROUND_SERVICES_FROM_BACKGROUND"
android:protectionLevel="signature|privileged|vendorPrivileged|oem|verifier|role"/>
<!-- Allows an application to request interactive options when sending a broadcast.
@hide -->
<permission android:name="android.permission.BROADCAST_OPTION_INTERACTIVE"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi Must be required by activities that handle the intent action
{@link Intent#ACTION_SEND_SHOW_SUSPENDED_APP_DETAILS}. This is for use by apps that
hold {@link Manifest.permission#SUSPEND_APPS} to interact with the system.
<p>Not for use by third-party applications.
@hide -->
<permission android:name="android.permission.SEND_SHOW_SUSPENDED_APP_DETAILS"
android:protectionLevel="signature" />
<uses-permission android:name="android.permission.SEND_SHOW_SUSPENDED_APP_DETAILS" />
<!-- Allows an application to start an activity as another app, provided that app has been
granted a permissionToken from the ActivityManagerService.
@hide -->
<permission android:name="android.permission.START_ACTIVITY_AS_CALLER"
android:protectionLevel="signature" />
<!-- @deprecated The {@link android.app.ActivityManager#restartPackage}
API is no longer supported. -->
<permission android:name="android.permission.RESTART_PACKAGES"
android:label="@string/permlab_killBackgroundProcesses"
android:description="@string/permdesc_killBackgroundProcesses"
android:protectionLevel="normal" />
<!-- Allows an application to call
{@link android.app.ActivityManager#killBackgroundProcesses}.
<p>As of Android version {@link android.os.Build.VERSION_CODES#UPSIDE_DOWN_CAKE},
the {@link android.app.ActivityManager#killBackgroundProcesses} is no longer available to
third party applications. For backwards compatibility, the background processes of the
caller's own package will still be killed when calling this API. If the caller has
the system permission {@code KILL_ALL_BACKGROUND_PROCESSES}, other processes will be
killed too.
<p>Protection level: normal
-->
<permission android:name="android.permission.KILL_BACKGROUND_PROCESSES"
android:label="@string/permlab_killBackgroundProcesses"
android:description="@string/permdesc_killBackgroundProcesses"
android:protectionLevel="normal" />
<!-- @SystemApi @hide Allows an application to call
{@link android.app.ActivityManager#killBackgroundProcesses}
to kill background processes of other apps.
<p>Not for use by third-party applications.
-->
<permission android:name="android.permission.KILL_ALL_BACKGROUND_PROCESSES"
android:label="@string/permlab_killBackgroundProcesses"
android:description="@string/permdesc_killBackgroundProcesses"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi @hide Allows an application to query process states and current
OOM adjustment scores.
<p>Not for use by third-party applications. -->
<permission android:name="android.permission.GET_PROCESS_STATE_AND_OOM_SCORE"
android:protectionLevel="signature|privileged|development" />
<!-- Allows use of PendingIntent.getIntent(), .
@hide @SystemApi(client=android.annotation.SystemApi.Client.MODULE_LIBRARIES)
-->
<permission android:name="android.permission.GET_INTENT_SENDER_INTENT"
android:protectionLevel="signature" />
<!-- ================================== -->
<!-- Permissions affecting the display of other applications -->
<!-- ================================== -->
<eat-comment />
<!-- Allows an app to create windows using the type
{@link android.view.WindowManager.LayoutParams#TYPE_APPLICATION_OVERLAY},
shown on top of all other apps. Very few apps
should use this permission; these windows are intended for
system-level interaction with the user.
<p class="note"><strong>Note:</strong> If the app
targets API level 23 or higher, the app user must explicitly grant
this permission to the app through a permission management screen. The app requests
the user's approval by sending an intent with action
{@link android.provider.Settings#ACTION_MANAGE_OVERLAY_PERMISSION}.
The app can check whether it has this authorization by calling
{@link android.provider.Settings#canDrawOverlays
Settings.canDrawOverlays()}.
<p>Protection level: signature|setup|appop|installer|pre23|development -->
<permission android:name="android.permission.SYSTEM_ALERT_WINDOW"
android:label="@string/permlab_systemAlertWindow"
android:description="@string/permdesc_systemAlertWindow"
android:protectionLevel="signature|setup|appop|installer|pre23|development" />
<!-- @SystemApi @hide Allows an application to create windows using the type
{@link android.view.WindowManager.LayoutParams#TYPE_APPLICATION_OVERLAY},
shown on top of all other apps.
Allows an application to use
{@link android.view.WindowManager.LayoutsParams#setSystemApplicationOverlay(boolean)}
to create overlays that will stay visible, even if another window is requesting overlays to
be hidden through {@link android.view.Window#setHideOverlayWindows(boolean)}.
<p>Not for use by third-party applications. -->
<permission android:name="android.permission.SYSTEM_APPLICATION_OVERLAY"
android:protectionLevel="signature|recents|role|installer"/>
<!-- @deprecated Use {@link android.Manifest.permission#REQUEST_COMPANION_RUN_IN_BACKGROUND}
@hide
-->
<permission android:name="android.permission.RUN_IN_BACKGROUND"
android:label="@string/permlab_runInBackground"
android:description="@string/permdesc_runInBackground"
android:protectionLevel="signature" />
<!-- @deprecated Use
{@link android.Manifest.permission#REQUEST_COMPANION_USE_DATA_IN_BACKGROUND}
@hide
-->
<permission android:name="android.permission.USE_DATA_IN_BACKGROUND"
android:label="@string/permlab_useDataInBackground"
android:description="@string/permdesc_useDataInBackground"
android:protectionLevel="signature" />
<!-- @hide Allows an application to set display offsets for the screen.
This permission is not available to third party applications. -->
<permission android:name="android.permission.SET_DISPLAY_OFFSET"
android:protectionLevel="signature|privileged" />
<!-- Allows a companion app to run in the background. This permission implies
{@link android.Manifest.permission#REQUEST_COMPANION_START_FOREGROUND_SERVICES_FROM_BACKGROUND},
and allows to start a foreground service from the background.
If an app does not have to run in the background, but only needs to start a foreground
service from the background, consider using
{@link android.Manifest.permission#REQUEST_COMPANION_START_FOREGROUND_SERVICES_FROM_BACKGROUND},
which is less powerful.
<p>Protection level: normal
-->
<permission android:name="android.permission.REQUEST_COMPANION_RUN_IN_BACKGROUND"
android:label="@string/permlab_runInBackground"
android:description="@string/permdesc_runInBackground"
android:protectionLevel="normal" />
<!-- Allows a companion app to start a foreground service from the background.
{@see android.Manifest.permission#REQUEST_COMPANION_RUN_IN_BACKGROUND}
<p>Protection level: normal
-->
<permission android:name="android.permission.REQUEST_COMPANION_START_FOREGROUND_SERVICES_FROM_BACKGROUND"
android:label="@string/permlab_startForegroundServicesFromBackground"
android:description="@string/permdesc_startForegroundServicesFromBackground"
android:protectionLevel="normal"/>
<!-- Allows a companion app to use data in the background.
<p>Protection level: normal
-->
<permission android:name="android.permission.REQUEST_COMPANION_USE_DATA_IN_BACKGROUND"
android:label="@string/permlab_useDataInBackground"
android:description="@string/permdesc_useDataInBackground"
android:protectionLevel="normal" />
<!-- Allows app to request to be associated with a device via
{@link android.companion.CompanionDeviceManager}
as a "watch"
<p>Protection level: normal
-->
<permission android:name="android.permission.REQUEST_COMPANION_PROFILE_WATCH"
android:label="@string/permlab_companionProfileWatch"
android:description="@string/permdesc_companionProfileWatch"
android:protectionLevel="normal" />
<!-- Allows app to request to be associated with a device via
{@link android.companion.CompanionDeviceManager}
as "glasses"
<p>Protection level: normal
-->
<permission android:name="android.permission.REQUEST_COMPANION_PROFILE_GLASSES"
android:protectionLevel="normal" />
<!-- Allows application to request to be associated with a virtual display capable of streaming
Android applications
({@link android.companion.AssociationRequest#DEVICE_PROFILE_APP_STREAMING})
by {@link android.companion.CompanionDeviceManager}.
<p>Not for use by third-party applications.
-->
<permission android:name="android.permission.REQUEST_COMPANION_PROFILE_APP_STREAMING"
android:protectionLevel="signature|privileged" />
<!-- Allows application to request to stream content from an Android host to a nearby device
({@link android.companion.AssociationRequest#DEVICE_PROFILE_NEARBY_DEVICE_STREAMING})
by {@link android.companion.CompanionDeviceManager}.
<p>Not for use by third-party applications.
-->
<permission android:name="android.permission.REQUEST_COMPANION_PROFILE_NEARBY_DEVICE_STREAMING"
android:protectionLevel="signature|privileged" />
<!-- Allows application to request to be associated with a vehicle head unit capable of
automotive projection
({@link android.companion.AssociationRequest#DEVICE_PROFILE_AUTOMOTIVE_PROJECTION})
by {@link android.companion.CompanionDeviceManager}.
<p>Not for use by third-party applications.
-->
<permission android:name="android.permission.REQUEST_COMPANION_PROFILE_AUTOMOTIVE_PROJECTION"
android:protectionLevel="internal|role" />
<!-- Allows application to request to be associated with a computer to share functionality
and/or data with other devices, such as notifications, photos and media
({@link android.companion.AssociationRequest#DEVICE_PROFILE_COMPUTER})
by {@link android.companion.CompanionDeviceManager}.
<p>Not for use by third-party applications.
-->
<permission android:name="android.permission.REQUEST_COMPANION_PROFILE_COMPUTER"
android:protectionLevel="signature|privileged" />
<!-- Allows an application to create a "self-managed" association.
-->
<permission android:name="android.permission.REQUEST_COMPANION_SELF_MANAGED"
android:protectionLevel="signature|privileged" />
<!-- Allows a companion app to associate to Wi-Fi.
<p>Only for use by a single pre-approved app.
@hide
@SystemApi
-->
<permission android:name="android.permission.COMPANION_APPROVE_WIFI_CONNECTIONS"
android:protectionLevel="signature|privileged" />
<!-- Allows an app to read and listen to projection state.
@hide
@SystemApi
-->
<permission android:name="android.permission.READ_PROJECTION_STATE"
android:protectionLevel="signature" />
<!-- Allows an app to set and release automotive projection.
@hide
@SystemApi
-->
<permission android:name="android.permission.TOGGLE_AUTOMOTIVE_PROJECTION"
android:protectionLevel="internal|role" />
<!-- Allows an app to prevent non-system-overlay windows from being drawn on top of it -->
<permission android:name="android.permission.HIDE_OVERLAY_WINDOWS"
android:label="@string/permlab_hideOverlayWindows"
android:description="@string/permdesc_hideOverlayWindows"
android:protectionLevel="normal" />
<!-- ================================== -->
<!-- Permissions affecting the system wallpaper -->
<!-- ================================== -->
<eat-comment />
<!-- Allows applications to set the wallpaper.
<p>Protection level: normal
-->
<permission android:name="android.permission.SET_WALLPAPER"
android:label="@string/permlab_setWallpaper"
android:description="@string/permdesc_setWallpaper"
android:protectionLevel="normal" />
<!-- Allows applications to set the wallpaper hints.
<p>Protection level: normal
-->
<permission android:name="android.permission.SET_WALLPAPER_HINTS"
android:label="@string/permlab_setWallpaperHints"
android:description="@string/permdesc_setWallpaperHints"
android:protectionLevel="normal" />
<!-- Allow the app to read the system and lock wallpaper images.
<p>Not for use by third-party applications.
@hide
@SystemApi
-->
<permission android:name="android.permission.READ_WALLPAPER_INTERNAL"
android:protectionLevel="signature|privileged" />
<!-- Allow apps to always update wallpaper by sending data.
@SystemApi
@hide
@FlaggedApi("com.android.window.flags.always_update_wallpaper_permission")
-->
<permission android:name="android.permission.ALWAYS_UPDATE_WALLPAPER"
android:protectionLevel="internal|role" />
<!-- ===================================================== -->
<!-- Permissions for changing the system clock / time zone -->
<!-- ===================================================== -->
<eat-comment />
<!-- Allows applications to set the system time directly.
<p>Not for use by third-party applications. -->
<permission android:name="android.permission.SET_TIME"
android:protectionLevel="signature|privileged|role" />
<!-- Allows applications to set the system time zone directly.
<p>Not for use by third-party applications.
-->
<permission android:name="android.permission.SET_TIME_ZONE"
android:label="@string/permlab_setTimeZone"
android:description="@string/permdesc_setTimeZone"
android:protectionLevel="signature|privileged|role" />
<!-- Allows telephony to suggest the time / time zone.
<p>Not for use by third-party applications.
@hide
-->
<permission android:name="android.permission.SUGGEST_TELEPHONY_TIME_AND_ZONE"
android:protectionLevel="signature" />
<!-- Allows applications like settings to suggest the user's manually chosen time / time zone.
<p>Not for use by third-party applications.
@hide
-->
<permission android:name="android.permission.SUGGEST_MANUAL_TIME_AND_ZONE"
android:protectionLevel="signature" />
<!-- Allows system clock time suggestions from an external clock / time source to be made.
The nature of "external" could be highly form-factor specific. Example, times
obtained via the VHAL for Android Auto OS.
<p>Not for use by third-party applications.
@SystemApi @hide
-->
<permission android:name="android.permission.SUGGEST_EXTERNAL_TIME"
android:protectionLevel="signature|privileged" />
<!-- Allows applications like settings to manage configuration associated with automatic time
and time zone detection.
<p>Not for use by third-party applications.
@SystemApi @hide
-->
<permission android:name="android.permission.MANAGE_TIME_AND_ZONE_DETECTION"
android:protectionLevel="signature|privileged" />
<!-- ==================================================== -->
<!-- Permissions related to changing status bar -->
<!-- ==================================================== -->
<eat-comment />
<!-- Allows an application to expand or collapse the status bar.
<p>Protection level: normal
-->
<permission android:name="android.permission.EXPAND_STATUS_BAR"
android:label="@string/permlab_expandStatusBar"
android:description="@string/permdesc_expandStatusBar"
android:protectionLevel="normal" />
<!-- ============================================================== -->
<!-- Permissions related to adding/removing shortcuts from Launcher -->
<!-- ============================================================== -->
<eat-comment />
<!-- Allows an application to install a shortcut in Launcher.
<p>In Android O (API level 26) and higher, the <code>INSTALL_SHORTCUT</code> broadcast no
longer has any effect on your app because it's a private, implicit
broadcast. Instead, you should create an app shortcut by using the
{@link android.content.pm.ShortcutManager#requestPinShortcut requestPinShortcut()}
method from the {@link android.content.pm.ShortcutManager} class.
<p>Protection level: normal
-->
<permission android:name="com.android.launcher.permission.INSTALL_SHORTCUT"
android:label="@string/permlab_install_shortcut"
android:description="@string/permdesc_install_shortcut"
android:protectionLevel="normal"/>
<!-- <p class="caution"><strong>Don't use this permission in your app.</strong><br>This
permission is no longer supported.
-->
<permission android:name="com.android.launcher.permission.UNINSTALL_SHORTCUT"
android:label="@string/permlab_uninstall_shortcut"
android:description="@string/permdesc_uninstall_shortcut"
android:protectionLevel="normal"/>
<!-- ==================================================== -->
<!-- Permissions related to accessing sync settings -->
<!-- ==================================================== -->
<eat-comment />
<!-- Allows applications to read the sync settings.
<p>Protection level: normal
-->
<permission android:name="android.permission.READ_SYNC_SETTINGS"
android:description="@string/permdesc_readSyncSettings"
android:label="@string/permlab_readSyncSettings"
android:protectionLevel="normal" />
<!-- Allows applications to write the sync settings.
<p>Protection level: normal
-->
<permission android:name="android.permission.WRITE_SYNC_SETTINGS"
android:description="@string/permdesc_writeSyncSettings"
android:label="@string/permlab_writeSyncSettings"
android:protectionLevel="normal" />
<!-- Allows applications to read the sync stats.
<p>Protection level: normal
-->
<permission android:name="android.permission.READ_SYNC_STATS"
android:description="@string/permdesc_readSyncStats"
android:label="@string/permlab_readSyncStats"
android:protectionLevel="normal" />
<!-- ============================================ -->
<!-- Permissions for low-level system interaction -->
<!-- ============================================ -->
<eat-comment />
<!-- @SystemApi @hide Change the screen compatibility mode of applications -->
<permission android:name="android.permission.SET_SCREEN_COMPATIBILITY"
android:protectionLevel="signature" />
<!-- Allows an application to modify the current configuration, such
as locale.
<p>Protection level: signature|privileged|development -->
<permission android:name="android.permission.CHANGE_CONFIGURATION"
android:protectionLevel="signature|privileged|development|role" />
<!-- Allows an application to read or write the system settings.
<p class="note"><strong>Note:</strong> If the app targets API level 23
or higher, the app user
must explicitly grant this permission to the app through a permission management screen.
The app requests the user's approval by sending an intent with action
{@link android.provider.Settings#ACTION_MANAGE_WRITE_SETTINGS}. The app
can check whether it has this authorization by calling {@link
android.provider.Settings.System#canWrite Settings.System.canWrite()}.
<p>Protection level: signature|preinstalled|appop|pre23
-->
<permission android:name="android.permission.WRITE_SETTINGS"
android:label="@string/permlab_writeSettings"
android:description="@string/permdesc_writeSettings"
android:protectionLevel="signature|preinstalled|appop|pre23|role" />
<!-- Allows an application to modify the Google service map.
<p>Not for use by third-party applications. -->
<permission android:name="android.permission.WRITE_GSERVICES"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi @TestApi @hide Allows an application to modify config settings.
<p>Not for use by third-party applications. -->
<permission android:name="android.permission.WRITE_DEVICE_CONFIG"
android:protectionLevel="signature|verifier|configurator"/>
<!-- @SystemApi @TestApi @hide Allows an application to modify only allowlisted settings.
<p>Not for use by third-party applications. -->
<permission android:name="android.permission.WRITE_ALLOWLISTED_DEVICE_CONFIG"
android:protectionLevel="signature|verifier|configurator"/>
<!-- @SystemApi @TestApi @hide Allows an application to read/write sync disabled mode config.
<p>Not for use by third-party applications. -->
<permission android:name="android.permission.READ_WRITE_SYNC_DISABLED_MODE_CONFIG"
android:protectionLevel="signature|verifier|configurator"/>
<!-- @SystemApi @hide Allows an application to read config settings.
<p>Not for use by third-party applications. -->
<permission android:name="android.permission.READ_DEVICE_CONFIG"
android:protectionLevel="signature|preinstalled" />
<!-- @SystemApi @hide Allows applications like settings to read system-owned
application-specific locale configs.
<p>Not for use by third-party applications. -->
<permission android:name="android.permission.READ_APP_SPECIFIC_LOCALES"
android:protectionLevel="signature|installer" />
<!-- @hide Allows applications to set an application-specific {@link LocaleConfig}.
<p>Not for use by third-party applications. -->
<permission android:name="android.permission.SET_APP_SPECIFIC_LOCALECONFIG"
android:protectionLevel="signature" />
<!-- @SystemApi @hide Allows an application to monitor {@link android.provider.Settings.Config} access.
<p>Not for use by third-party applications. -->
<permission android:name="android.permission.MONITOR_DEVICE_CONFIG_ACCESS"
android:protectionLevel="signature"/>
<!-- @SystemApi @TestApi Allows an application to call
{@link android.app.ActivityManager#forceStopPackage}.
@hide -->
<permission android:name="android.permission.FORCE_STOP_PACKAGES"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi @hide Allows an application to retrieve the content of the active window
An active window is the window that has fired an accessibility event. -->
<permission android:name="android.permission.RETRIEVE_WINDOW_CONTENT"
android:protectionLevel="signature|privileged" />
<!-- Modify the global animation scaling factor.
<p>Not for use by third-party applications. -->
<permission android:name="android.permission.SET_ANIMATION_SCALE"
android:protectionLevel="signature|privileged|development" />
<!-- @deprecated This functionality will be removed in the future; please do
not use. Allow an application to make its activities persistent. -->
<permission android:name="android.permission.PERSISTENT_ACTIVITY"
android:label="@string/permlab_persistentActivity"
android:description="@string/permdesc_persistentActivity"
android:protectionLevel="normal" />
<!-- Allows an application to find out the space used by any package.
<p>Protection level: normal
-->
<permission android:name="android.permission.GET_PACKAGE_SIZE"
android:label="@string/permlab_getPackageSize"
android:description="@string/permdesc_getPackageSize"
android:protectionLevel="normal" />
<!-- Dummy user-facing group for faking package signature -->
<permission-group android:name="android.permission-group.FAKE_PACKAGE"
android:label="@string/permgrouplab_fake_package_signature"
android:description="@string/permgroupdesc_fake_package_signature"
android:request="@string/permgrouprequest_fake_package_signature"
android:priority="100" />
<!-- Allows an application to change the package signature as
seen by applications -->
<permission android:name="android.permission.FAKE_PACKAGE_SIGNATURE"
android:permissionGroup="android.permission-group.UNDEFINED"
android:protectionLevel="signature|privileged"
android:label="@string/permlab_fakePackageSignature"
android:description="@string/permdesc_fakePackageSignature" />
<!-- @deprecated No longer useful, see
{@link android.content.pm.PackageManager#addPackageToPreferred}
for details. -->
<permission android:name="android.permission.SET_PREFERRED_APPLICATIONS"
android:protectionLevel="signature|installer|verifier" />
<!-- Allows an application to receive the
{@link android.content.Intent#ACTION_BOOT_COMPLETED} that is
broadcast after the system finishes booting. If you don't
request this permission, you will not receive the broadcast at
that time. Though holding this permission does not have any
security implications, it can have a negative impact on the
user experience by increasing the amount of time it takes the
system to start and allowing applications to have themselves
running without the user being aware of them. As such, you must
explicitly declare your use of this facility to make that visible
to the user.
<p>Protection level: normal
-->
<permission android:name="android.permission.RECEIVE_BOOT_COMPLETED"
android:label="@string/permlab_receiveBootCompleted"
android:description="@string/permdesc_receiveBootCompleted"
android:protectionLevel="normal" />
<!-- Allows an application to broadcast sticky intents. These are
broadcasts whose data is held by the system after being finished,
so that clients can quickly retrieve that data without having
to wait for the next broadcast.
<p>Protection level: normal
-->
<permission android:name="android.permission.BROADCAST_STICKY"
android:label="@string/permlab_broadcastSticky"
android:description="@string/permdesc_broadcastSticky"
android:protectionLevel="normal" />
<!-- Allows mounting and unmounting file systems for removable storage.
<p>Not for use by third-party applications.-->
<permission android:name="android.permission.MOUNT_UNMOUNT_FILESYSTEMS"
android:protectionLevel="signature|privileged" />
<!-- Allows formatting file systems for removable storage.
<p>Not for use by third-party applications. -->
<permission android:name="android.permission.MOUNT_FORMAT_FILESYSTEMS"
android:protectionLevel="signature|privileged" />
<!-- @hide -->
<permission android:name="android.permission.STORAGE_INTERNAL"
android:protectionLevel="signature" />
<!-- Allows access to ASEC non-destructive API calls
@hide -->
<permission android:name="android.permission.ASEC_ACCESS"
android:protectionLevel="signature" />
<!-- Allows creation of ASEC volumes
@hide -->
<permission android:name="android.permission.ASEC_CREATE"
android:protectionLevel="signature" />
<!-- Allows destruction of ASEC volumes
@hide -->
<permission android:name="android.permission.ASEC_DESTROY"
android:protectionLevel="signature" />
<!-- Allows mount / unmount of ASEC volumes
@hide -->
<permission android:name="android.permission.ASEC_MOUNT_UNMOUNT"
android:protectionLevel="signature" />
<!-- Allows rename of ASEC volumes
@hide -->
<permission android:name="android.permission.ASEC_RENAME"
android:protectionLevel="signature" />
<!-- Allows applications to write the apn settings and read sensitive fields of
an existing apn settings like user and password.
<p>Not for use by third-party applications. -->
<permission android:name="android.permission.WRITE_APN_SETTINGS"
android:protectionLevel="signature|privileged" />
<!-- Allows applications to change network connectivity state.
<p>Protection level: normal
-->
<permission android:name="android.permission.CHANGE_NETWORK_STATE"
android:description="@string/permdesc_changeNetworkState"
android:label="@string/permlab_changeNetworkState"
android:protectionLevel="normal" />
<!-- Allows an application to clear the caches of all installed
applications on the device.
<p>Protection level: signature|privileged
-->
<permission android:name="android.permission.CLEAR_APP_CACHE"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi Allows an application to use any media decoder when decoding for playback
@hide -->
<permission android:name="android.permission.ALLOW_ANY_CODEC_FOR_PLAYBACK"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi Allows an application to install and/or uninstall CA certificates on
behalf of the user.
@hide -->
<permission android:name="android.permission.MANAGE_CA_CERTIFICATES"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi Allows an application to do certain operations needed for
interacting with the recovery (system update) system.
@hide -->
<permission android:name="android.permission.RECOVERY"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi Allows an application to do certain operations needed for
resume on reboot feature.
@hide -->
<permission android:name="android.permission.BIND_RESUME_ON_REBOOT_SERVICE"
android:protectionLevel="signature" />
<!-- @SystemApi Allows an application to read system update info.
@hide -->
<permission android:name="android.permission.READ_SYSTEM_UPDATE_INFO"
android:protectionLevel="signature|privileged" />
<!-- Allows the system to bind to an application's task services
@hide -->
<permission android:name="android.permission.BIND_JOB_SERVICE"
android:protectionLevel="signature" />
<uses-permission android:name="android.permission.BIND_JOB_SERVICE"/>
<!-- Allows an application to initiate configuration updates
<p>An application requesting this permission is responsible for
verifying the source and integrity of any update before passing
it off to the various individual installer components
@hide -->
<permission android:name="android.permission.UPDATE_CONFIG"
android:protectionLevel="signature|privileged" />
<!-- Allows an application to query the current time zone rules state
on device.
@SystemApi @hide
@deprecated Vestigial permission declaration. No longer used. -->
<permission android:name="android.permission.QUERY_TIME_ZONE_RULES"
android:protectionLevel="signature|privileged" />
<!-- Allows a time zone rule updater application to request
the system installs / uninstalls timezone rules.
<p>An application requesting this permission is responsible for
verifying the source and integrity of the update before passing
it off to the installer components.
@SystemApi @hide
@deprecated Vestigial permission declaration. No longer used. -->
<permission android:name="android.permission.UPDATE_TIME_ZONE_RULES"
android:protectionLevel="signature|privileged" />
<!-- Allows the system to reset throttling in shortcut manager.
@hide -->
<permission android:name="android.permission.RESET_SHORTCUT_MANAGER_THROTTLING"
android:protectionLevel="signature" />
<!-- Allows the system to bind to the discovered Network Recommendation Service.
@SystemApi @hide -->
<permission android:name="android.permission.BIND_NETWORK_RECOMMENDATION_SERVICE"
android:protectionLevel="signature" />
<uses-permission android:name="android.permission.BIND_NETWORK_RECOMMENDATION_SERVICE"/>
<!-- Allows an application to enable, disable and change priority of
runtime resource overlays.
@hide -->
<permission android:name="android.permission.CHANGE_OVERLAY_PACKAGES"
android:protectionLevel="signature|privileged" />
<!-- Allows an application to set, update and remove the credential management app.
@hide -->
<permission android:name="android.permission.MANAGE_CREDENTIAL_MANAGEMENT_APP"
android:protectionLevel="signature" />
<!-- Allows a font updater application to request that the system installs/uninstalls/updates
font files. @SystemApi @hide -->
<permission android:name="android.permission.UPDATE_FONTS"
android:protectionLevel="signature|privileged" />
<!-- Allows an application to use the AttestationVerificationService.
@hide -->
<permission android:name="android.permission.USE_ATTESTATION_VERIFICATION_SERVICE"
android:protectionLevel="signature" />
<!-- Allows an application to export a AttestationVerificationService to verify attestations on
behalf of AttestationVerificationManager for system-defined attestation profiles.
@hide -->
<permission android:name="android.permission.VERIFY_ATTESTATION"
android:protectionLevel="signature" />
<!-- Must be required by any AttestationVerificationService to ensure that only the system can
bind to it.
@hide -->
<permission android:name="android.permission.BIND_ATTESTATION_VERIFICATION_SERVICE"
android:protectionLevel="signature" />
<!-- Allows the caller to generate keymint keys with the INCLUDE_UNIQUE_ID tag, which
uniquely identifies the device via the attestation certificate.
@hide @TestApi -->
<permission android:name="android.permission.REQUEST_UNIQUE_ID_ATTESTATION"
android:protectionLevel="signature" />
<!-- Allows an application to get enabled credential manager providers.
@hide -->
<permission android:name="android.permission.LIST_ENABLED_CREDENTIAL_PROVIDERS"
android:protectionLevel="signature|privileged" />
<!-- Allows a system application to be registered with credential manager without
having to be enabled by the user.
@hide @SystemApi -->
<permission android:name="android.permission.PROVIDE_DEFAULT_ENABLED_CREDENTIAL_SERVICE"
android:protectionLevel="signature|privileged" />
<!-- Allows specifying candidate credential providers to be queried in Credential Manager
get flows, or to be preferred as a default in the Credential Manager create flows.
<p>Protection level: normal -->
<permission android:name="android.permission.CREDENTIAL_MANAGER_SET_ALLOWED_PROVIDERS"
android:protectionLevel="normal" />
<!-- Allows a browser to invoke credential manager APIs on behalf of another RP.
<p>Protection level: normal -->
<permission android:name="android.permission.CREDENTIAL_MANAGER_SET_ORIGIN"
android:protectionLevel="normal" />
<!-- Allows a browser to invoke the set of query apis to get metadata about credential
candidates prepared during the CredentialManager.prepareGetCredential API.
<p>Protection level: normal -->
<permission android:name="android.permission.CREDENTIAL_MANAGER_QUERY_CANDIDATE_CREDENTIALS"
android:protectionLevel="normal" />
<!-- Allows permission to use Credential Manager UI for providing and saving credentials
@hide -->
<permission android:name="android.permission.LAUNCH_CREDENTIAL_SELECTOR"
android:protectionLevel="signature" />
<!-- Allows an application to be able to store and retrieve credentials from a remote
device.
<p>Protection level: signature|privileged|role -->
<permission android:name="android.permission.PROVIDE_REMOTE_CREDENTIALS"
android:protectionLevel="signature|privileged|role" />
<!-- ========================================= -->
<!-- Permissions for special development tools -->
<!-- ========================================= -->
<eat-comment />
<!-- Allows an application to read or write the secure system settings.
<p>Not for use by third-party applications. -->
<permission android:name="android.permission.WRITE_SECURE_SETTINGS"
android:protectionLevel="signature|privileged|development|role|installer" />
<!-- Allows an application to retrieve state dump information from system services.
<p>Not for use by third-party applications. -->
<permission android:name="android.permission.DUMP"
android:protectionLevel="signature|privileged|development" />
<!-- Allows an application to start tracing for InputMethod and WindowManager.
<p>Not for use by third-party applications.
@hide -->
<permission android:name="android.permission.CONTROL_UI_TRACING"
android:protectionLevel="signature|privileged|development" />
<!-- Allows an application to read the low-level system log files.
<p>Not for use by third-party applications, because
Log entries can contain the user's private information. -->
<permission android:name="android.permission.READ_LOGS"
android:protectionLevel="signature|privileged|development" />
<!-- Configure an application for debugging.
<p>Not for use by third-party applications. -->
<permission android:name="android.permission.SET_DEBUG_APP"
android:protectionLevel="signature|privileged|development" />
<!-- Allows an application to access the data in Dropbox.
<p>Not for use by third-party applications.
@FlaggedApi("com.android.server.feature.flags.enable_read_dropbox_permission") -->
<permission android:name="android.permission.READ_DROPBOX_DATA"
android:protectionLevel="signature|privileged|development" />
<!-- Allows an application to set the maximum number of (not needed)
application processes that can be running.
<p>Not for use by third-party applications. -->
<permission android:name="android.permission.SET_PROCESS_LIMIT"
android:protectionLevel="signature|privileged|development" />
<!-- Allows an application to control whether activities are immediately
finished when put in the background.
<p>Not for use by third-party applications. -->
<permission android:name="android.permission.SET_ALWAYS_FINISH"
android:protectionLevel="signature|privileged|development" />
<!-- Allow an application to request that a signal be sent to all persistent processes.
<p>Not for use by third-party applications. -->
<permission android:name="android.permission.SIGNAL_PERSISTENT_PROCESSES"
android:protectionLevel="signature|privileged|development" />
<!-- @hide @SystemApi Must be required by a
{@link com.android.service.tracing.TraceReportService}, to ensure that only the system
can bind to it.
<p>Not for use by third-party applications. -->
<permission android:name="android.permission.BIND_TRACE_REPORT_SERVICE"
android:protectionLevel="signature" />
<!-- @hide @SystemApi @TestApi
Allow an application to approve incident and bug reports to be
shared off-device. There can be only one application installed on the
device with this permission, and since this is a privileged permission, it
must be in priv-app.
<p>Not for use by third-party applications. -->
<permission android:name="android.permission.APPROVE_INCIDENT_REPORTS"
android:protectionLevel="signature|incidentReportApprover" />
<!-- @hide Allow an application to approve an incident or bug report approval from
the system. -->
<permission android:name="android.permission.REQUEST_INCIDENT_REPORT_APPROVAL"
android:protectionLevel="signature|privileged" />
<!-- ==================================== -->
<!-- Private permissions -->
<!-- ==================================== -->
<eat-comment />
<!-- Allows access to the list of accounts in the Accounts Service.
<p>Protection level: signature|privileged -->
<permission android:name="android.permission.GET_ACCOUNTS_PRIVILEGED"
android:protectionLevel="signature|privileged" />
<!-- Allows but does not guarantee access to user passwords at the conclusion of add account
@hide -->
<permission android:name="android.permission.GET_PASSWORD"
android:protectionLevel="signature" />
<!-- Allows applications to RW to diagnostic resources.
<p>Not for use by third-party applications. -->
<permission android:name="android.permission.DIAGNOSTIC"
android:protectionLevel="signature" />
<!-- Allows an application to open, close, or disable the status bar
and its icons.
<p>Not for use by third-party applications. -->
<permission android:name="android.permission.STATUS_BAR"
android:protectionLevel="signature|privileged|recents" />
<!-- Allows an application to trigger bugreport via shell using the bugreport API.
<p>Not for use by third-party applications.
@hide
-->
<permission android:name="android.permission.TRIGGER_SHELL_BUGREPORT"
android:protectionLevel="signature" />
<!-- Allows an application to trigger profcollect report upload via shell.
<p>Not for use by third-party applications.
@hide
-->
<permission android:name="android.permission.TRIGGER_SHELL_PROFCOLLECT_UPLOAD"
android:protectionLevel="signature" />
<!-- Allows an application to be the status bar. Currently used only by SystemUI.apk
@hide
@SystemApi -->
<permission android:name="android.permission.STATUS_BAR_SERVICE"
android:protectionLevel="signature|recents" />
<!-- Allows an application to bind to third party quick settings tiles.
<p>Should only be requested by the System, should be required by
TileService declarations.-->
<permission android:name="android.permission.BIND_QUICK_SETTINGS_TILE"
android:protectionLevel="signature|recents" />
<!-- Allows SystemUI to request third party controls.
<p>Should only be requested by the System and required by
{@link android.service.controls.ControlsProviderService} declarations.
-->
<permission android:name="android.permission.BIND_CONTROLS"
android:protectionLevel="signature" />
<!-- @SystemApi Allows an application to force a BACK operation on whatever is the
top activity.
<p>Not for use by third-party applications.
@hide
-->
<permission android:name="android.permission.FORCE_BACK"
android:protectionLevel="signature" />
<!-- Allows an application to update device statistics.
<p>Not for use by third-party applications. -->
<permission android:name="android.permission.UPDATE_DEVICE_STATS"
android:protectionLevel="signature|privileged|role" />
<!-- @SystemApi @hide Allows an application to collect application operation statistics.
Not for use by third party apps. -->
<permission android:name="android.permission.GET_APP_OPS_STATS"
android:protectionLevel="signature|privileged|development" />
<!-- @SystemApi @hide Allows an application to collect historical application operation
statistics.
<p>Not for use by third party applications.
-->
<permission android:name="android.permission.GET_HISTORICAL_APP_OPS_STATS"
android:protectionLevel="internal|role" />
<!-- @SystemApi Allows an application to update application operation statistics. Not for
use by third party apps.
@hide -->
<permission android:name="android.permission.UPDATE_APP_OPS_STATS"
android:protectionLevel="signature|privileged|installer|role" />
<!-- @SystemApi Allows an application to update the user app op restrictions.
Not for use by third party apps.
@hide -->
<permission android:name="android.permission.MANAGE_APP_OPS_RESTRICTIONS"
android:protectionLevel="signature|installer" />
<!-- @TestApi Allows an application to update the user app op modes.
Not for use by third party apps.
@hide -->
<permission android:name="android.permission.MANAGE_APP_OPS_MODES"
android:protectionLevel="signature|installer|verifier|role" />
<!-- @SystemApi Allows an application to open windows that are for use by parts
of the system user interface.
<p>Not for use by third-party applications.
@hide
-->
<permission android:name="android.permission.INTERNAL_SYSTEM_WINDOW"
android:protectionLevel="signature|module|recents" />
<!-- Allows an application to avoid all toast rate limiting restrictions.
<p>Not for use by third-party applications.
@hide
-->
<permission android:name="android.permission.UNLIMITED_TOASTS"
android:protectionLevel="signature" />
<uses-permission android:name="android.permission.UNLIMITED_TOASTS" />
<!-- @SystemApi Allows an application to use
{@link android.view.WindowManager.LayoutsParams#SYSTEM_FLAG_HIDE_NON_SYSTEM_OVERLAY_WINDOWS}
to hide non-system-overlay windows.
<p>Not for use by third-party applications.
@deprecated Use {@link android.Manifest.permission#HIDE_OVERLAY_WINDOWS} instead
@hide
-->
<permission android:name="android.permission.HIDE_NON_SYSTEM_OVERLAY_WINDOWS"
android:protectionLevel="signature|preinstalled" />
<!-- @SystemApi Allows an application to manage (create, destroy,
Z-order) application tokens in the window manager.
<p>Not for use by third-party applications.
@hide
-->
<permission android:name="android.permission.MANAGE_APP_TOKENS"
android:protectionLevel="signature" />
<!-- Allows System UI to register listeners for events from Window Manager.
@hide -->
<permission android:name="android.permission.REGISTER_WINDOW_MANAGER_LISTENERS"
android:protectionLevel="signature" />
<!-- @hide Allows the application to temporarily freeze the screen for a
full-screen transition. -->
<permission android:name="android.permission.FREEZE_SCREEN"
android:protectionLevel="signature" />
<!-- @SystemApi Allows an application to inject user events (keys, touch, trackball)
into the event stream and deliver them to ANY window. Without this
permission, you can only deliver events to windows in your own process.
<p>Not for use by third-party applications.
@hide
-->
<permission android:name="android.permission.INJECT_EVENTS"
android:protectionLevel="signature" />
<!-- @hide Allows an application to register an input filter which filters the stream
of user events (keys, touch, trackball) before they are dispatched to any window. -->
<permission android:name="android.permission.FILTER_EVENTS"
android:protectionLevel="signature" />
<!-- @hide Allows an application to retrieve the window token from the accessibility manager. -->
<permission android:name="android.permission.RETRIEVE_WINDOW_TOKEN"
android:protectionLevel="signature" />
<!-- @hide Allows an application to modify accessibility information from another app. -->
<permission android:name="android.permission.MODIFY_ACCESSIBILITY_DATA"
android:protectionLevel="signature" />
<!-- @hide Allows an application to perform accessibility operations (e.g. send events) on
behalf of another package. -->
<permission android:name="android.permission.ACT_AS_PACKAGE_FOR_ACCESSIBILITY"
android:protectionLevel="signature" />
<!-- @hide Allows an application to change the accessibility volume. -->
<permission android:name="android.permission.CHANGE_ACCESSIBILITY_VOLUME"
android:protectionLevel="signature" />
<!-- @FlaggedApi("com.android.server.accessibility.motion_event_observing")
@hide
@TestApi
Allows an accessibility service to observe motion events without consuming them. -->
<permission android:name="android.permission.ACCESSIBILITY_MOTION_EVENT_OBSERVING"
android:protectionLevel="signature" />
<!-- @hide Allows an application to collect frame statistics -->
<permission android:name="android.permission.FRAME_STATS"
android:protectionLevel="signature" />
<!-- @hide Allows an application to temporary enable accessibility on the device. -->
<permission android:name="android.permission.TEMPORARY_ENABLE_ACCESSIBILITY"
android:protectionLevel="signature" />
<!-- @SystemApi Allows an application to launch detail settings activity of a particular
accessibility service.
<p>Not for use by third-party applications.
@hide -->
<permission android:name="android.permission.OPEN_ACCESSIBILITY_DETAILS_SETTINGS"
android:protectionLevel="signature|installer" />
<!-- @SystemApi Allows an application to watch and control how activities are
started globally in the system. Only for is in debugging
(usually the monkey command).
<p>Not for use by third-party applications.
@hide
-->
<permission android:name="android.permission.SET_ACTIVITY_WATCHER"
android:protectionLevel="signature" />
<!-- @SystemApi Allows an application to call the activity manager shutdown() API
to put the higher-level system there into a shutdown state.
@hide -->
<permission android:name="android.permission.SHUTDOWN"
android:protectionLevel="signature|privileged|role" />
<!-- @SystemApi Allows an application to tell the activity manager to temporarily
stop application switches, putting it into a special mode that
prevents applications from immediately switching away from some
critical UI such as the home screen.
@hide -->
<permission android:name="android.permission.STOP_APP_SWITCHES"
android:protectionLevel="signature|privileged|recents" />
<!-- @SystemApi Allows an application to retrieve private information about
the current top activity, such as any assist context it can provide.
<p>Not for use by third-party applications.
@hide
-->
<permission android:name="android.permission.GET_TOP_ACTIVITY_INFO"
android:protectionLevel="signature|recents" />
<!-- @SystemApi Allows an application to set the system audio caption and its UI
enabled state.
<p>Not for use by third-party applications.
@hide -->
<permission android:name="android.permission.SET_SYSTEM_AUDIO_CAPTION"
android:protectionLevel="signature|role" />
<!-- Allows an application to retrieve the current state of keys and
switches.
<p>Not for use by third-party applications.
@deprecated The API that used this permission has been removed. -->
<permission android:name="android.permission.READ_INPUT_STATE"
android:protectionLevel="signature" />
<!-- Must be required by an {@link android.inputmethodservice.InputMethodService},
to ensure that only the system can bind to it.
<p>Protection level: signature
-->
<permission android:name="android.permission.BIND_INPUT_METHOD"
android:protectionLevel="signature" />
<!-- Allows access to Test APIs defined in {@link android.view.inputmethod.InputMethodManager}.
@hide
@TestApi -->
<permission android:name="android.permission.TEST_INPUT_METHOD"
android:protectionLevel="signature" />
<!-- Must be required by an {@link android.media.midi.MidiDeviceService},
to ensure that only the system can bind to it.
<p>Protection level: signature
-->
<permission android:name="android.permission.BIND_MIDI_DEVICE_SERVICE"
android:protectionLevel="signature" />
<!-- Must be required by an {@link android.accessibilityservice.AccessibilityService},
to ensure that only the system can bind to it.
<p>Protection level: signature
-->
<permission android:name="android.permission.BIND_ACCESSIBILITY_SERVICE"
android:protectionLevel="signature" />
<!-- Must be required by a {@link android.printservice.PrintService},
to ensure that only the system can bind to it.
<p>Protection level: signature
-->
<permission android:name="android.permission.BIND_PRINT_SERVICE"
android:protectionLevel="signature" />
<!-- Must be required by a {@link android.printservice.recommendation.RecommendationService},
to ensure that only the system can bind to it.
@hide
@SystemApi
<p>Protection level: signature
-->
<permission android:name="android.permission.BIND_PRINT_RECOMMENDATION_SERVICE"
android:protectionLevel="signature" />
<!-- Allows applications to get the installed and enabled print services.
@hide
@SystemApi
<p>Protection level: signature|preinstalled
-->
<permission android:name="android.permission.READ_PRINT_SERVICES"
android:protectionLevel="signature|preinstalled" />
<!-- Allows applications to get the currently recommended print services for printers.
@hide
@SystemApi
<p>Protection level: signature|preinstalled
-->
<permission android:name="android.permission.READ_PRINT_SERVICE_RECOMMENDATIONS"
android:protectionLevel="signature|preinstalled" />
<!-- Must be required by a {@link android.nfc.cardemulation.HostApduService}
or {@link android.nfc.cardemulation.OffHostApduService} to ensure that only
the system can bind to it.
<p>Protection level: signature
-->
<permission android:name="android.permission.BIND_NFC_SERVICE"
android:protectionLevel="signature" />
<!-- Must be required by a {@link android.service.quickaccesswallet.QuickAccessWalletService}
to ensure that only the system can bind to it.
<p>Protection level: signature
-->
<permission android:name="android.permission.BIND_QUICK_ACCESS_WALLET_SERVICE"
android:protectionLevel="signature" />
<!-- Must be required by the PrintSpooler to ensure that only the system can bind to it.
@hide -->
<permission android:name="android.permission.BIND_PRINT_SPOOLER_SERVICE"
android:protectionLevel="signature" />
<!-- Must be required by the CompanionDeviceManager to ensure that only the system can bind to it.
@hide -->
<permission android:name="android.permission.BIND_COMPANION_DEVICE_MANAGER_SERVICE"
android:protectionLevel="signature" />
<!-- Must be required by any
{@link android.companion.CompanionDeviceService}s
to ensure that only the system can bind to it. -->
<permission android:name="android.permission.BIND_COMPANION_DEVICE_SERVICE"
android:protectionLevel="signature" />
<!-- @SystemApi Must be required by the RuntimePermissionPresenterService to ensure
that only the system can bind to it.
@hide -->
<permission android:name="android.permission.BIND_RUNTIME_PERMISSION_PRESENTER_SERVICE"
android:protectionLevel="signature" />
<!-- Must be required by a TextService (e.g. SpellCheckerService)
to ensure that only the system can bind to it.
<p>Protection level: signature
-->
<permission android:name="android.permission.BIND_TEXT_SERVICE"
android:protectionLevel="signature" />
<!-- @SystemApi Must be required by a AttentionService
to ensure that only the system can bind to it.
<p>Protection level: signature
@hide
-->
<permission android:name="android.permission.BIND_ATTENTION_SERVICE"
android:protectionLevel="signature" />
<uses-permission android:name="android.permission.BIND_ATTENTION_SERVICE" />
<!-- @SystemApi Must be required by a RotationResolverService
to ensure that only the system can bind to it.
<p>Protection level: signature
@hide
-->
<permission android:name="android.permission.BIND_ROTATION_RESOLVER_SERVICE"
android:protectionLevel="signature" />
<uses-permission android:name="android.permission.BIND_ROTATION_RESOLVER_SERVICE" />
<!-- Must be required by a {@link android.net.VpnService},
to ensure that only the system can bind to it.
<p>Protection level: signature
-->
<permission android:name="android.permission.BIND_VPN_SERVICE"
android:protectionLevel="signature" />
<!-- Must be required by a {@link android.service.wallpaper.WallpaperService},
to ensure that only the system can bind to it.
<p>Protection level: signature|privileged
-->
<permission android:name="android.permission.BIND_WALLPAPER"
android:protectionLevel="signature|privileged" />
<!-- Must be required by a game service to ensure that only the
system can bind to it.
<p>Protection level: signature
@hide
-->
<permission android:name="android.permission.BIND_GAME_SERVICE"
android:protectionLevel="signature" />
<!-- Must be required by a {@link android.service.voice.VoiceInteractionService},
to ensure that only the system can bind to it.
<p>Protection level: signature
-->
<permission android:name="android.permission.BIND_VOICE_INTERACTION"
android:protectionLevel="signature" />
<!-- @SystemApi Must be required by a {@link android.service.voice.HotwordDetectionService},
to ensure that only the system can bind to it.
<p>Protection level: signature
@hide This is not a third-party API (intended for OEMs and system apps).
-->
<permission android:name="android.permission.BIND_HOTWORD_DETECTION_SERVICE"
android:protectionLevel="signature" />
<!-- @SystemApi Allows an application to manage hotword detection and visual query detection
on the device.
<p>Protection level: internal|preinstalled
@hide This is not a third-party API (intended for OEMs and system apps).
-->
<permission android:name="android.permission.MANAGE_HOTWORD_DETECTION"
android:protectionLevel="internal|preinstalled" />
<!-- @SystemApi Must be required by a {@link android.service.voice.VisualQueryDetectionService},
to ensure that only the system can bind to it.
<p>Protection level: signature
@hide This is not a third-party API (intended for OEMs and system apps).
-->
<permission android:name="android.permission.BIND_VISUAL_QUERY_DETECTION_SERVICE"
android:protectionLevel="signature" />
<!-- Allows an application to subscribe to keyguard locked (i.e., showing) state.
<p>Protection level: signature|role
<p>Intended for use by ROLE_ASSISTANT and signature apps only.
-->
<permission android:name="android.permission.SUBSCRIBE_TO_KEYGUARD_LOCKED_STATE"
android:protectionLevel="signature|role"/>
<!-- Must be required by a {@link android.service.autofill.AutofillService},
to ensure that only the system can bind to it.
<p>Protection level: signature
-->
<permission android:name="android.permission.BIND_AUTOFILL_SERVICE"
android:protectionLevel="signature" />
<!-- Must be required by a
{@link android.service.assist.classification.FieldClassificationService},
to ensure that only the system can bind to it.
@SystemApi @hide This is not a third-party API (intended for OEMs and system apps).
<p>Protection level: signature
-->
<permission android:name="android.permission.BIND_FIELD_CLASSIFICATION_SERVICE"
android:protectionLevel="signature" />
<!-- Must be required by a CredentialProviderService to ensure that only the
system can bind to it.
<p>Protection level: signature
-->
<permission android:name="android.permission.BIND_CREDENTIAL_PROVIDER_SERVICE"
android:protectionLevel="signature" />
<!-- Alternative version of android.permission.BIND_AUTOFILL_FIELD_CLASSIFICATION_SERVICE.
This permission was renamed during the O previews but it was supported on the final O
release, so we need to carry it over.
<p>Protection level: signature
@hide
-->
<permission android:name="android.permission.BIND_AUTOFILL"
android:protectionLevel="signature" />
<!-- Must be required by an {@link android.service.autofill.AutofillFieldClassificationService}
to ensure that only the system can bind to it.
@hide This is not a third-party API (intended for OEMs and system apps).
-->
<permission android:name="android.permission.BIND_AUTOFILL_FIELD_CLASSIFICATION_SERVICE"
android:protectionLevel="signature" />
<!-- Must be required by an {@link android.service.autofill.InlineSuggestionRenderService}
to ensure that only the system can bind to it.
@hide This is not a third-party API (intended for OEMs and system apps).
-->
<permission android:name="android.permission.BIND_INLINE_SUGGESTION_RENDER_SERVICE"
android:protectionLevel="signature" />
<!-- Must be required by a android.service.textclassifier.TextClassifierService,
to ensure that only the system can bind to it.
@SystemApi @hide This is not a third-party API (intended for OEMs and system apps).
<p>Protection level: signature
-->
<permission android:name="android.permission.BIND_TEXTCLASSIFIER_SERVICE"
android:protectionLevel="signature" />
<!-- Must be required by a
{@link android.service.remotelockscreenvalidation.RemoteLockscreenValidationService}
to ensure that only the system can bind to it.
@SystemApi @hide This is not a third-party API
<p>Protection level: signature
-->
<permission android:name="android.permission.BIND_REMOTE_LOCKSCREEN_VALIDATION_SERVICE"
android:protectionLevel="signature" />
<!-- Must be required by a android.service.selectiontoolbar.SelectionToolbarRenderService,
to ensure that only the system can bind to it.
@hide This is not a third-party API (intended for OEMs and system apps).
<p>Protection level: signature
-->
<permission android:name="android.permission.BIND_SELECTION_TOOLBAR_RENDER_SERVICE"
android:protectionLevel="signature" />
<!-- Must be required by a android.service.contentcapture.ContentCaptureService,
to ensure that only the system can bind to it.
@SystemApi @hide This is not a third-party API (intended for OEMs and system apps).
<p>Protection level: signature
-->
<permission android:name="android.permission.BIND_CONTENT_CAPTURE_SERVICE"
android:protectionLevel="signature" />
<!-- Must be required by a android.service.translation.TranslationService,
to ensure that only the system can bind to it.
@SystemApi @hide This is not a third-party API (intended for OEMs and system apps).
<p>Protection level: signature
-->
<permission android:name="android.permission.BIND_TRANSLATION_SERVICE"
android:protectionLevel="signature" />
<!-- @SystemApi Allows apps to use ui translation functions.
<p>Protection level: signature|privileged
@hide Not for use by third-party applications.
-->
<permission android:name="android.permission.MANAGE_UI_TRANSLATION"
android:protectionLevel="signature|privileged|role" />
<!-- Must be required by a android.service.contentsuggestions.ContentSuggestionsService,
to ensure that only the system can bind to it.
@SystemApi @hide This is not a third-party API (intended for OEMs and system apps).
<p>Protection level: signature
-->
<permission android:name="android.permission.BIND_CONTENT_SUGGESTIONS_SERVICE"
android:protectionLevel="signature" />
<!-- Must be required by a
android.service.wallpapereffectsgeneration.WallpaperEffectsGenerationService,
to ensure that only the system can bind to it.
@SystemApi @hide This is not a third-party API (intended for OEMs and system apps).
<p>Protection level: signature
-->
<permission android:name="android.permission.BIND_WALLPAPER_EFFECTS_GENERATION_SERVICE"
android:protectionLevel="signature" />
<!-- Must be declared by a android.service.musicrecognition.MusicRecognitionService,
to ensure that only the system can bind to it.
@SystemApi @hide This is not a third-party API (intended for OEMs and system apps).
<p>Protection level: signature
-->
<permission android:name="android.permission.BIND_MUSIC_RECOGNITION_SERVICE"
android:protectionLevel="signature" />
<!-- Must be required by a android.service.autofill.augmented.AugmentedAutofillService,
to ensure that only the system can bind to it.
@SystemApi @hide This is not a third-party API (intended for OEMs and system apps).
<p>Protection level: signature
-->
<permission android:name="android.permission.BIND_AUGMENTED_AUTOFILL_SERVICE"
android:protectionLevel="signature" />
<!-- Must be required by a {@link android.service.voice.VoiceInteractionService} implementation
to enroll its own sound models. This is a more restrictive permission than the higher-level
permission KEYPHRASE_ENROLLMENT_APPLICATION. For the caller to enroll sound models with
this permission, it must hold the permission and be the active VoiceInteractionService in
the system.
{@see Settings.Secure.VOICE_INTERACTION_SERVICE}
@hide -->
<permission android:name="android.permission.MANAGE_VOICE_KEYPHRASES"
android:protectionLevel="signature|privileged" />
<!-- Must be required by a keyphrase enrollment application, to enroll sound models. This is
treated as a higher-level permission to MANAGE_VOICE_KEYPHRASES as a caller can enroll
sound models at any time. This permission should be reserved for system enrollment
applications detected by {@link android.hardware.soundtrigger.KeyphraseEnrollmentInfo}
only.
@hide <p>Not for use by third-party applications.</p> -->
<permission android:name="android.permission.KEYPHRASE_ENROLLMENT_APPLICATION"
android:protectionLevel="signature|privileged" />
<!-- Must be required by a {@link com.android.media.remotedisplay.RemoteDisplayProvider},
to ensure that only the system can bind to it.
@hide -->
<permission android:name="android.permission.BIND_REMOTE_DISPLAY"
android:protectionLevel="signature" />
<!-- Must be required by a {@link android.media.tv.TvInputService}
to ensure that only the system can bind to it.
<p>Protection level: signature|privileged
-->
<permission android:name="android.permission.BIND_TV_INPUT"
android:protectionLevel="signature|privileged" />
<!-- Must be required by a {@link android.media.tv.interactive.TvInteractiveAppService}
to ensure that only the system can bind to it.
<p>Protection level: signature|privileged
-->
<permission android:name="android.permission.BIND_TV_INTERACTIVE_APP"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi
Must be required by a {@link com.android.media.tv.remoteprovider.TvRemoteProvider}
to ensure that only the system can bind to it.
<p>Protection level: signature|privileged
<p>Not for use by third-party applications. </p>
@hide -->
<permission android:name="android.permission.BIND_TV_REMOTE_SERVICE"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi
Must be required for a virtual remote controller for TV.
<p>Protection level: signature|privileged
<p>Not for use by third-party applications. </p>
@hide -->
<permission android:name="android.permission.TV_VIRTUAL_REMOTE_CONTROLLER"
android:protectionLevel="signature|privileged" />
<!-- Allows an application to change HDMI CEC active source.
<p>Not for use by third-party applications.
@hide -->
<permission android:name="android.permission.CHANGE_HDMI_CEC_ACTIVE_SOURCE"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi Allows an application to modify parental controls
<p>Not for use by third-party applications.
@hide -->
<permission android:name="android.permission.MODIFY_PARENTAL_CONTROLS"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi Allows an application to read TvContentRatingSystemInfo
<p>Not for use by third-party applications.
@hide -->
<permission android:name="android.permission.READ_CONTENT_RATING_SYSTEMS"
android:protectionLevel="signature|privileged" />
<!-- Allows an application to notify TV inputs by sending broadcasts.
<p>Protection level: signature|privileged
<p>Not for use by third-party applications.
@hide @SystemApi -->
<permission android:name="android.permission.NOTIFY_TV_INPUTS"
android:protectionLevel="signature|privileged" />
<!-- This permission is required among systems services when accessing
tuner resource management related APIs or information.
<p>Protection level: signature|privileged|vendorPrivileged
<p>This should only be used by the OEM TvInputService.
@hide -->
<permission android:name="android.permission.TUNER_RESOURCE_ACCESS"
android:protectionLevel="signature|privileged|vendorPrivileged" />
<!-- @SystemApi This permission is required by Media Resource Manager Service when
system services create MediaCodecs on behalf of other processes and apps.
<p>Protection level: signature|privileged|vendorPrivileged
<p>Not for use by third-party applications.
@hide -->
<permission android:name="android.permission.MEDIA_RESOURCE_OVERRIDE_PID"
android:protectionLevel="signature|privileged|vendorPrivileged" />
<uses-permission android:name="android.permission.MEDIA_RESOURCE_OVERRIDE_PID" />
<!-- This permission is required by Media Resource Observer Service when
accessing its registerObserver Api.
<p>Protection level: signature|privileged
<p>Not for use by third-party applications.
@hide -->
<permission android:name="android.permission.REGISTER_MEDIA_RESOURCE_OBSERVER"
android:protectionLevel="signature|privileged" />
<!-- Must be required by a {@link android.media.routing.MediaRouteService}
to ensure that only the system can interact with it.
@hide -->
<permission android:name="android.permission.BIND_ROUTE_PROVIDER"
android:protectionLevel="signature" />
<!-- Must be required by device administration receiver, to ensure that only the
system can interact with it.
<p>Protection level: signature
-->
<permission android:name="android.permission.BIND_DEVICE_ADMIN"
android:protectionLevel="signature|role" />
<!-- @SystemApi Required to add or remove another application as a device admin.
<p>Not for use by third-party applications.
@hide -->
<permission android:name="android.permission.MANAGE_DEVICE_ADMINS"
android:protectionLevel="signature|role" />
<!-- @SystemApi Allows an app to reset the device password.
<p>Not for use by third-party applications.
@hide -->
<permission android:name="android.permission.RESET_PASSWORD"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi Allows an app to lock the device.
<p>Not for use by third-party applications.
@hide -->
<permission android:name="android.permission.LOCK_DEVICE"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi Allows low-level access to setting the orientation (actually
rotation) of the screen.
<p>Not for use by third-party applications.
@hide
-->
<permission android:name="android.permission.SET_ORIENTATION"
android:protectionLevel="signature|recents" />
<!-- @SystemApi Allows low-level access to setting the pointer speed.
<p>Not for use by third-party applications.
@hide
-->
<permission android:name="android.permission.SET_POINTER_SPEED"
android:protectionLevel="signature" />
<!-- Allows low-level access to setting input device calibration.
<p>Not for use by normal applications.
@hide -->
<permission android:name="android.permission.SET_INPUT_CALIBRATION"
android:protectionLevel="signature" />
<!-- Allows low-level access to setting the keyboard layout.
<p>Not for use by third-party applications.
@hide
@TestApi -->
<permission android:name="android.permission.SET_KEYBOARD_LAYOUT"
android:protectionLevel="signature" />
<!-- Allows an app to schedule a prioritized alarm that can be used to perform
background work even when the device is in doze.
<p>Not for use by third-party applications.
@hide
@SystemApi
-->
<permission android:name="android.permission.SCHEDULE_PRIORITIZED_ALARM"
android:protectionLevel="signature|privileged"/>
<!-- Allows applications to use exact alarm APIs.
<p>This is a special access permission that can be revoked by the system or the user.
It should only be used to enable <b>user-facing features</b> that require exact alarms.
For more details, please go through the associated
<a href="{@docRoot}training/scheduling/alarms#exact">developer docs</a>.
<p>Apps need to target API {@link android.os.Build.VERSION_CODES#S} or above to be able to
request this permission. Note that apps targeting lower API levels do not need this
permission to use exact alarm APIs.
<p>Apps that hold this permission and target API
{@link android.os.Build.VERSION_CODES#TIRAMISU} and below always stay in the
{@link android.app.usage.UsageStatsManager#STANDBY_BUCKET_WORKING_SET WORKING_SET} or
lower standby bucket.
<p>If your app relies on exact alarms for core functionality, it can instead request
{@link android.Manifest.permission#USE_EXACT_ALARM} once it targets API
{@link android.os.Build.VERSION_CODES#TIRAMISU}. All apps using exact alarms for secondary
features (which should still be user facing) should continue using this permission.
<p>Protection level: signature|privileged|appop
-->
<permission android:name="android.permission.SCHEDULE_EXACT_ALARM"
android:label="@string/permlab_schedule_exact_alarm"
android:description="@string/permdesc_schedule_exact_alarm"
android:protectionLevel="signature|privileged|appop"/>
<!-- Allows apps to use exact alarms just like with {@link
android.Manifest.permission#SCHEDULE_EXACT_ALARM} but without needing to request this
permission from the user.
<p><b> This is only intended for use by apps that rely on exact alarms for their core
functionality.</b> You should continue using {@code SCHEDULE_EXACT_ALARM} if your app needs
exact alarms for a secondary feature that users may or may not use within your app.
<p> Keep in mind that this is a powerful permission and app stores may enforce policies to
audit and review the use of this permission. Such audits may involve removal from the app
store if the app is found to be misusing this permission.
<p> Apps need to target API {@link android.os.Build.VERSION_CODES#TIRAMISU} or above to be
able to request this permission. Note that only one of {@code USE_EXACT_ALARM} or
{@code SCHEDULE_EXACT_ALARM} should be requested on a device. If your app is already using
{@code SCHEDULE_EXACT_ALARM} on older SDKs but needs {@code USE_EXACT_ALARM} on SDK 33 and
above, then {@code SCHEDULE_EXACT_ALARM} should be declared with a max-sdk attribute, like:
<pre>
&lt;uses-permission android:name="android.permission.SCHEDULE_EXACT_ALARM"
&Tab; android:maxSdkVersion="32" /&gt;
</pre>
<p>Apps that hold this permission, always stay in the
{@link android.app.usage.UsageStatsManager#STANDBY_BUCKET_WORKING_SET WORKING_SET} or
lower standby bucket.
-->
<permission android:name="android.permission.USE_EXACT_ALARM"
android:label="@string/permlab_use_exact_alarm"
android:description="@string/permdesc_use_exact_alarm"
android:protectionLevel="normal"/>
<!-- Allows an application to query tablet mode state and monitor changes
in it.
<p>Not for use by third-party applications.
@hide -->
<permission android:name="android.permission.TABLET_MODE"
android:protectionLevel="signature" />
<!-- Allows an application to request installing packages. Apps
targeting APIs greater than 25 must hold this permission in
order to use {@link android.content.Intent#ACTION_INSTALL_PACKAGE}.
<p>Protection level: signature
-->
<permission android:name="android.permission.REQUEST_INSTALL_PACKAGES"
android:label="@string/permlab_requestInstallPackages"
android:description="@string/permdesc_requestInstallPackages"
android:protectionLevel="signature|appop" />
<!-- Allows an application to request deleting packages. Apps
targeting APIs {@link android.os.Build.VERSION_CODES#P} or greater must hold this
permission in order to use {@link android.content.Intent#ACTION_UNINSTALL_PACKAGE} or
{@link android.content.pm.PackageInstaller#uninstall}.
<p>Protection level: normal
-->
<permission android:name="android.permission.REQUEST_DELETE_PACKAGES"
android:label="@string/permlab_requestDeletePackages"
android:description="@string/permdesc_requestDeletePackages"
android:protectionLevel="normal" />
<!-- Allows an application to install packages.
<p>Not for use by third-party applications. -->
<permission android:name="android.permission.INSTALL_PACKAGES"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi Allows an application to install self updates. This is a limited version
of {@link android.Manifest.permission#INSTALL_PACKAGES}.
<p>Not for use by third-party applications.
@hide
-->
<permission android:name="android.permission.INSTALL_SELF_UPDATES"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi Allows an application to install updates. This is a limited version
of {@link android.Manifest.permission#INSTALL_PACKAGES}.
<p>Not for use by third-party applications.
@hide
-->
<permission android:name="android.permission.INSTALL_PACKAGE_UPDATES"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi Allows an application to install existing system packages. This is a limited
version of {@link android.Manifest.permission#INSTALL_PACKAGES}.
<p>Not for use by third-party applications.
TODO(b/80204953): remove this permission once we have a long-term solution.
@hide
-->
<permission android:name="com.android.permission.INSTALL_EXISTING_PACKAGES"
android:protectionLevel="signature|privileged|role" />
<!-- Allows an application to use the package installer v2 APIs.
<p>The package installer v2 APIs are still a work in progress and we're
currently validating they work in all scenarios.
<p>Not for use by third-party applications.
@hide
-->
<permission android:name="com.android.permission.USE_INSTALLER_V2"
android:protectionLevel="signature|privileged" />
<!-- @TestApi Allows a testOnly application to get installed.
<p>Not for use by third-party applications.
@hide
-->
<permission android:name="android.permission.INSTALL_TEST_ONLY_PACKAGE"
android:protectionLevel="signature" />
<!-- @SystemApi Allows an application to install DPCs only, an application is
considered a DPC if it has a {@link android.app.admin.DeviceAdminReceiver}
protected by {@link android.Manifest.permission#BIND_DEVICE_ADMIN).
This is a limited version of
{@link android.Manifest.permission#INSTALL_PACKAGES}.
@hide
-->
<permission android:name="android.permission.INSTALL_DPC_PACKAGES"
android:protectionLevel="signature|role" />
<!-- @SystemApi Allows an application to read resolved paths to the APKs (Base and any splits)
of a session based install.
<p>Not for use by third-party applications.
@hide
-->
<permission android:name="android.permission.READ_INSTALLED_SESSION_PATHS"
android:protectionLevel="signature|installer" />
<uses-permission android:name="android.permission.READ_INSTALLED_SESSION_PATHS" />
<!-- Allows an application to use System Data Loaders.
<p>Not for use by third-party applications.
@hide
-->
<permission android:name="com.android.permission.USE_SYSTEM_DATA_LOADERS"
android:protectionLevel="signature" />
<!-- @SystemApi @TestApi Allows an application to clear user data.
<p>Not for use by third-party applications
@hide
-->
<permission android:name="android.permission.CLEAR_APP_USER_DATA"
android:protectionLevel="signature|installer" />
<!-- @hide Allows an application to get the URI permissions
granted to another application.
<p>Not for use by third-party applications
-->
<permission android:name="android.permission.GET_APP_GRANTED_URI_PERMISSIONS"
android:protectionLevel="signature" />
<!-- @hide Allows an application to clear the URI permissions
granted to another application.
<p>Not for use by third-party applications
-->
<permission
android:name="android.permission.CLEAR_APP_GRANTED_URI_PERMISSIONS"
android:protectionLevel="signature" />
<!-- @hide
Allows an application to change the status of Scoped Access Directory requests granted or
rejected by the user.
<p>This permission should <em>only</em> be requested by the platform
settings app. This permission cannot be granted to third-party apps.
<p>Protection level: signature
-->
<permission
android:name="android.permission.MANAGE_SCOPED_ACCESS_DIRECTORY_PERMISSIONS"
android:protectionLevel="signature" />
<!-- @hide
Allows an application to change the status of a persistable URI permission granted
to another application.
<p>This permission should <em>only</em> be requested by the platform
settings app. This permission cannot be granted to third-party apps.
<p>Protection level: signature
-->
<permission android:name="android.permission.FORCE_PERSISTABLE_URI_PERMISSIONS"
android:protectionLevel="signature" />
<!-- Old permission for deleting an app's cache files, no longer used,
but signals for us to quietly ignore calls instead of throwing an exception.
<p>Protection level: signature|privileged -->
<permission android:name="android.permission.DELETE_CACHE_FILES"
android:protectionLevel="signature|privileged" />
<!-- Allows an application to delete cache files.
@hide -->
<permission android:name="android.permission.INTERNAL_DELETE_CACHE_FILES"
android:protectionLevel="signature" />
<!-- Allows an application to delete packages.
<p>Not for use by third-party applications.
<p>Starting in {@link android.os.Build.VERSION_CODES#N}, user confirmation is requested
when the application deleting the package is not the same application that installed the
package. -->
<permission android:name="android.permission.DELETE_PACKAGES"
android:protectionLevel="signature|privileged|role" />
<!-- @SystemApi Allows an application to move location of installed package.
@hide -->
<permission android:name="android.permission.MOVE_PACKAGE"
android:protectionLevel="signature|privileged" />
<!-- @TestApi Allows an application to keep uninstalled packages as apks.
@hide -->
<permission android:name="android.permission.KEEP_UNINSTALLED_PACKAGES"
android:protectionLevel="signature" />
<!-- Allows an application to change whether an application component (other than its own) is
enabled or not.
<p>Not for use by third-party applications. -->
<permission android:name="android.permission.CHANGE_COMPONENT_ENABLED_STATE"
android:protectionLevel="signature|privileged|role" />
<!-- @SystemApi @TestApi iAllows an application to grant specific permissions.
@hide -->
<permission android:name="android.permission.GRANT_RUNTIME_PERMISSIONS"
android:protectionLevel="signature|installer|verifier" />
<!-- @SystemApi Allows an application to launch the settings page which manages various
permissions.
@hide -->
<permission android:name="android.permission.LAUNCH_PERMISSION_SETTINGS"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi Allows an app that has this permission and the permissions to install packages
to request certain runtime permissions to be granted at installation.
@hide -->
<permission android:name="android.permission.INSTALL_GRANT_RUNTIME_PERMISSIONS"
android:protectionLevel="signature|installer|verifier" />
<!-- @SystemApi Allows an application to revoke specific permissions.
@hide -->
<permission android:name="android.permission.REVOKE_RUNTIME_PERMISSIONS"
android:protectionLevel="signature|installer|verifier" />
<!-- @TestApi Allows an application to revoke the POST_NOTIFICATIONS permission from an app
without killing the app. Only granted to the shell.
@hide -->
<permission android:name="android.permission.REVOKE_POST_NOTIFICATIONS_WITHOUT_KILL"
android:protectionLevel="signature" />
<!-- @SystemApi Allows the system to read runtime permission state.
@hide -->
<permission android:name="android.permission.GET_RUNTIME_PERMISSIONS"
android:protectionLevel="signature" />
<!-- @SystemApi Allows the system to restore runtime permission state. This might grant
permissions, hence this is a more scoped, less powerful variant of GRANT_RUNTIME_PERMISSIONS.
Among other restrictions this cannot override user choices.
@hide -->
<permission android:name="android.permission.RESTORE_RUNTIME_PERMISSIONS"
android:protectionLevel="signature" />
<!-- @SystemApi @TestApi Allows an application to change policy_fixed permissions.
@hide -->
<permission android:name="android.permission.ADJUST_RUNTIME_PERMISSIONS_POLICY"
android:protectionLevel="signature|installer" />
<!-- @SystemApi @TestApi Allows an application to upgrade runtime permissions.
@hide -->
<permission android:name="android.permission.UPGRADE_RUNTIME_PERMISSIONS"
android:protectionLevel="signature" />
<!-- @SystemApi Allows an application to allowlist restricted permissions
on any of the allowlists.
@hide -->
<permission android:name="android.permission.WHITELIST_RESTRICTED_PERMISSIONS"
android:protectionLevel="signature|installer" />
<!-- @SystemApi Allows an application to an exempt an app from having its permission be
auto-revoked when unused for an extended period of time.
@hide -->
<permission android:name="android.permission.WHITELIST_AUTO_REVOKE_PERMISSIONS"
android:protectionLevel="signature|installer" />
<!-- @hide Allows an application to observe permission changes. -->
<permission android:name="android.permission.OBSERVE_GRANT_REVOKE_PERMISSIONS"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi Allows an application to start and stop one time permission sessions
@hide -->
<permission android:name="android.permission.MANAGE_ONE_TIME_PERMISSION_SESSIONS"
android:protectionLevel="signature|installer" />
<!-- @SystemApi Allows an application to manage the holders of a role.
@hide -->
<permission android:name="android.permission.MANAGE_ROLE_HOLDERS"
android:protectionLevel="signature|installer" />
<!-- @SystemApi Allows an application to manage the holders of roles associated with default
applications.
@hide -->
<permission android:name="android.permission.MANAGE_DEFAULT_APPLICATIONS"
android:protectionLevel="signature|role" />
<!-- @SystemApi Allows an application to bypass role qualification. This allows switching role
holders to otherwise non eligible holders. Only the shell is allowed to do this, the
qualification for the shell role itself cannot be bypassed, and each role needs to
explicitly allow bypassing qualification in its definition. The bypass state will not be
persisted across reboot.
@hide -->
<permission android:name="android.permission.BYPASS_ROLE_QUALIFICATION"
android:protectionLevel="internal|role" />
<!-- @SystemApi Allows an application to observe role holder changes.
@hide -->
<permission android:name="android.permission.OBSERVE_ROLE_HOLDERS"
android:protectionLevel="signature|installer" />
<!-- Allows an application to manage the companion devices.
@hide -->
<permission android:name="android.permission.MANAGE_COMPANION_DEVICES"
android:protectionLevel="module|signature|role" />
<!-- Allows an application to subscribe to notifications about the presence status change
of their associated companion device
-->
<permission android:name="android.permission.REQUEST_OBSERVE_COMPANION_DEVICE_PRESENCE"
android:label="@string/permlab_observeCompanionDevicePresence"
android:description="@string/permdesc_observeCompanionDevicePresence"
android:protectionLevel="normal" />
<!-- Allows an application to deliver companion messages to system
-->
<permission android:name="android.permission.DELIVER_COMPANION_MESSAGES"
android:label="@string/permlab_deliverCompanionMessages"
android:description="@string/permdesc_deliverCompanionMessages"
android:protectionLevel="normal" />
<!-- @hide @FlaggedApi("android.companion.flags.companion_transport_apis")
@SystemApi(client=android.annotation.SystemApi.Client.MODULE_LIBRARIES)
Allows an application to send and receive messages via CDM transports.
-->
<permission android:name="android.permission.USE_COMPANION_TRANSPORTS"
android:protectionLevel="signature|module" />
<!-- Allows an application to create new companion device associations.
@SystemApi
@hide -->
<permission android:name="android.permission.ASSOCIATE_COMPANION_DEVICES"
android:protectionLevel="internal|role" />
<!-- @SystemApi Allows an application to use SurfaceFlinger's low level features.
<p>Not for use by third-party applications.
@hide
-->
<permission android:name="android.permission.ACCESS_SURFACE_FLINGER"
android:protectionLevel="signature" />
<!-- @SystemApi Allows an application to rotate a surface by arbitrary degree.
This is a sub-feature of ACCESS_SURFACE_FLINGER and can be granted in a more concrete way.
<p>Not for use by third-party applications.
@hide
-->
<permission android:name="android.permission.ROTATE_SURFACE_FLINGER"
android:protectionLevel="signature|recents" />
<!-- Allows an application to provide hints to SurfaceFlinger that can influence
its wakes up time to compose the next frame. This is a subset of the capabilities granted
by {@link #ACCESS_SURFACE_FLINGER}.
<p>Not for use by third-party applications.
@hide
-->
<permission android:name="android.permission.WAKEUP_SURFACE_FLINGER"
android:protectionLevel="signature|recents" />
<!-- Allows an application to take screen shots and more generally
get access to the frame buffer data.
<p>Not for use by third-party applications.
@hide
@removed -->
<permission android:name="android.permission.READ_FRAME_BUFFER"
android:protectionLevel="signature|recents" />
<!-- Allows an application to change the touch mode state.
Without this permission, an app can only change the touch mode
if it currently has focus.
@hide -->
<permission android:name="android.permission.MODIFY_TOUCH_MODE_STATE"
android:protectionLevel="signature" />
<!-- Allows an application to use InputFlinger's low level features.
@hide -->
<permission android:name="android.permission.ACCESS_INPUT_FLINGER"
android:protectionLevel="signature" />
<!-- Allows an application to disable/enable input devices.
Could be used to prevent unwanted touch events
on a touchscreen, for example during swimming or rain.
@hide -->
<permission android:name="android.permission.DISABLE_INPUT_DEVICE"
android:protectionLevel="signature" />
<!-- Allows an application to configure and connect to Wifi displays -->
<permission android:name="android.permission.CONFIGURE_WIFI_DISPLAY"
android:protectionLevel="signature|knownSigner"
android:knownCerts="@array/wifi_known_signers" />
<!-- Allows an application to control low-level features of Wifi displays
such as opening an RTSP socket. This permission should only be used
by the display manager.
@hide -->
<permission android:name="android.permission.CONTROL_WIFI_DISPLAY"
android:protectionLevel="signature" />
<!-- Allows an application to control the color modes set for displays system-wide.
<p>Not for use by third-party applications.</p>
@hide -->
<permission android:name="android.permission.CONFIGURE_DISPLAY_COLOR_MODE"
android:protectionLevel="signature" />
<!-- Allows an application to control the lights on the device.
@hide
@SystemApi
@TestApi -->
<permission android:name="android.permission.CONTROL_DEVICE_LIGHTS"
android:protectionLevel="signature|privileged" />
<!-- Allows an application to control the color saturation of the display.
@hide
@SystemApi -->
<permission android:name="android.permission.CONTROL_DISPLAY_SATURATION"
android:protectionLevel="signature|privileged" />
<!-- Allows an application to control display color transformations.
<p>Not for use by third-party applications.</p>
@hide
@SystemApi -->
<permission android:name="android.permission.CONTROL_DISPLAY_COLOR_TRANSFORMS"
android:protectionLevel="signature|privileged" />
<!-- Allows an application to collect usage infomation about brightness slider changes.
<p>Not for use by third-party applications.</p>
@hide
@SystemApi
@TestApi -->
<permission android:name="android.permission.BRIGHTNESS_SLIDER_USAGE"
android:protectionLevel="signature|privileged|development" />
<!-- Allows an application to collect ambient light stats.
<p>Not for use by third party applications.</p>
@hide
@SystemApi -->
<permission android:name="android.permission.ACCESS_AMBIENT_LIGHT_STATS"
android:protectionLevel="signature|privileged|development" />
<!-- Allows an application to modify the display brightness configuration
@hide
@SystemApi
@TestApi -->
<permission android:name="android.permission.CONFIGURE_DISPLAY_BRIGHTNESS"
android:protectionLevel="signature|privileged|development" />
<!-- Allows an application to control the system's display brightness
@hide -->
<permission android:name="android.permission.CONTROL_DISPLAY_BRIGHTNESS"
android:protectionLevel="signature" />
<!-- Allows an application to override the display mode requests
so the app requested mode will be selected and user settings and display
policies will be ignored.
@hide
@TestApi -->
<permission android:name="android.permission.OVERRIDE_DISPLAY_MODE_REQUESTS"
android:protectionLevel="signature" />
<!-- Allows an application to modify the refresh rate switching type. This
matches Setting.Secure.MATCH_CONTENT_FRAME_RATE.
@hide
@TestApi -->
<permission android:name="android.permission.MODIFY_REFRESH_RATE_SWITCHING_TYPE"
android:protectionLevel="signature" />
<!-- Allows an application to modify the user preferred display mode.
@hide
@TestApi -->
<permission android:name="android.permission.MODIFY_USER_PREFERRED_DISPLAY_MODE"
android:protectionLevel="signature" />
<!-- Allows an application to modify the HDR conversion mode.
@hide
@TestApi -->
<permission android:name="android.permission.MODIFY_HDR_CONVERSION_MODE"
android:protectionLevel="signature" />
<!-- @SystemApi Allows an application to control VPN.
<p>Not for use by third-party applications.</p>
@hide -->
<permission android:name="android.permission.CONTROL_VPN"
android:protectionLevel="signature|privileged" />
<uses-permission android:name="android.permission.CONTROL_VPN" />
<!-- Allows an application to access and modify always-on VPN configuration.
<p>Not for use by third-party or privileged applications.
@hide -->
<permission android:name="android.permission.CONTROL_ALWAYS_ON_VPN"
android:protectionLevel="signature" />
<!-- @SystemApi Allows an application to capture the audio from tuner input devices types,
such as FM_TUNER.
<p>Not for use by third-party applications.</p>
@hide -->
<permission android:name="android.permission.CAPTURE_TUNER_AUDIO_INPUT"
android:protectionLevel="signature|privileged" />
<!-- Allows an application to capture audio output.
Use the {@code CAPTURE_MEDIA_OUTPUT} permission if only the {@code USAGE_UNKNOWN}),
{@code USAGE_MEDIA}) or {@code USAGE_GAME}) usages are intended to be captured.
<p>Not for use by third-party applications.</p> -->
<permission android:name="android.permission.CAPTURE_AUDIO_OUTPUT"
android:protectionLevel="signature|privileged|role" />
<!-- @SystemApi Allows an application to capture the audio played by other apps
that have set an allow capture policy of
{@link android.media.AudioAttributes#ALLOW_CAPTURE_BY_SYSTEM}.
Without this permission, only audio with an allow capture policy of
{@link android.media.AudioAttributes#ALLOW_CAPTURE_BY_ALL} can be used.
There are strong restriction listed at
{@link android.media.AudioAttributes#ALLOW_CAPTURE_BY_SYSTEM}
on what an app can do with the captured audio.
See {@code CAPTURE_AUDIO_OUTPUT} for capturing audio use cases other than media playback.
<p>Not for use by third-party applications.</p>
@hide -->
<permission android:name="android.permission.CAPTURE_MEDIA_OUTPUT"
android:protectionLevel="signature|privileged|role" />
<!-- @SystemApi Allows an application to capture the audio played by other apps
with the {@code USAGE_VOICE_COMMUNICATION} usage.
The application may opt out of capturing by setting an allow capture policy of
{@link android.media.AudioAttributes#ALLOW_CAPTURE_BY_NONE}.
There are strong restriction listed at
{@link android.media.AudioAttributes#ALLOW_CAPTURE_BY_SYSTEM}
on what an app can do with the captured audio.
See {@code CAPTURE_AUDIO_OUTPUT} and {@code CAPTURE_MEDIA_OUTPUT} for capturing
audio use cases other than voice communication playback.
<p>Not for use by third-party applications.</p>
@hide -->
<permission android:name="android.permission.CAPTURE_VOICE_COMMUNICATION_OUTPUT"
android:protectionLevel="signature|privileged|role" />
<!-- @SystemApi Allows an application to capture audio for hotword detection.
<p>Not for use by third-party applications.</p>
@hide -->
<permission android:name="android.permission.CAPTURE_AUDIO_HOTWORD"
android:protectionLevel="signature|privileged|role" />
<!-- @SystemApi Allows an application to access the ultrasound content.
<p>Not for use by third-party applications.</p>
@hide -->
<permission android:name="android.permission.ACCESS_ULTRASOUND"
android:protectionLevel="signature|privileged" />
<!-- Puts an application in the chain of trust for sound trigger
operations. Being in the chain of trust allows an application to
delegate an identity of a separate entity to the sound trigger system
and vouch for the authenticity of this identity.
<p>Not for use by third-party applications.</p>
@hide -->
<permission android:name="android.permission.SOUNDTRIGGER_DELEGATE_IDENTITY"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi Allows an application to modify audio routing and override policy decisions.
<p>Not for use by third-party applications.</p>
@hide -->
<permission android:name="android.permission.MODIFY_AUDIO_ROUTING"
android:protectionLevel="signature|privileged|role" />
<!--@SystemApi Allows an application to modify system audio settings that shouldn't be
controllable by external apps, such as volume settings or volume behaviors for audio
devices, regardless of their connection status.
<p>Not for use by third-party applications.
@hide -->
<permission android:name="android.permission.MODIFY_AUDIO_SETTINGS_PRIVILEGED"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi Allows an application to access the uplink and downlink audio of an ongoing
call.
<p>Not for use by third-party applications.</p>
@hide -->
<permission android:name="android.permission.CALL_AUDIO_INTERCEPTION"
android:protectionLevel="signature|privileged|role" />
<!-- @TestApi Allows an application to query audio related state.
@hide -->
<permission android:name="android.permission.QUERY_AUDIO_STATE"
android:protectionLevel="signature|role" />
<!-- Allows an application to modify what effects are applied to all audio
(matching certain criteria) from any application.
<p>Not for use by third-party applications.</p>
@hide -->
<permission android:name="android.permission.MODIFY_DEFAULT_AUDIO_EFFECTS"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi Allows an application to disable system sound effects when the user exits one of
the application's activities.
<p>Not for use by third-party applications.</p>
@hide -->
<permission android:name="android.permission.DISABLE_SYSTEM_SOUND_EFFECTS"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi Allows an application to provide remote displays.
<p>Not for use by third-party applications.</p>
@hide -->
<permission android:name="android.permission.REMOTE_DISPLAY_PROVIDER"
android:protectionLevel="signature|privileged" />
<!-- Allows an application to capture video output.
<p>Not for use by third-party applications.</p>
@hide
@removed -->
<permission android:name="android.permission.CAPTURE_VIDEO_OUTPUT"
android:protectionLevel="signature" />
<!-- Allows an application to capture secure video output.
<p>Not for use by third-party applications.</p>
@hide
@removed -->
<permission android:name="android.permission.CAPTURE_SECURE_VIDEO_OUTPUT"
android:protectionLevel="signature" />
<!-- Allows an application to know what content is playing and control its playback.
<p>Not for use by third-party applications due to privacy of media consumption</p> -->
<permission android:name="android.permission.MEDIA_CONTENT_CONTROL"
android:protectionLevel="signature|privileged" />
<!-- Allows an application to control the routing of media apps.
<p>Only for use by role COMPANION_DEVICE_WATCH</p>
@FlaggedApi("com.android.media.flags.enable_privileged_routing_for_media_routing_control")
-->
<permission android:name="android.permission.MEDIA_ROUTING_CONTROL"
android:protectionLevel="signature|appop" />
<!-- @SystemApi @hide Allows an application to set the volume key long-press listener.
<p>When it's set, the application will receive the volume key long-press event
instead of changing volume.</p>
<p>Not for use by third-party applications</p> -->
<permission android:name="android.permission.SET_VOLUME_KEY_LONG_PRESS_LISTENER"
android:protectionLevel="signature|privileged|development" />
<!-- @SystemApi @hide Allows an application to set media key event listener.
<p>When it's set, the application will receive the media key event before
any other media sessions. If the event is handled by the listener, other sessions
cannot get the event.</p>
<p>Not for use by third-party applications</p> -->
<permission android:name="android.permission.SET_MEDIA_KEY_LISTENER"
android:protectionLevel="signature|privileged|development" />
<!-- @SystemApi Required to be able to disable the device (very dangerous!).
<p>Not for use by third-party applications.
@hide
-->
<permission android:name="android.permission.BRICK"
android:protectionLevel="signature" />
<!-- Required to be able to reboot the device.
<p>Not for use by third-party applications. -->
<permission android:name="android.permission.REBOOT"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi Allows low-level access to power management.
<p>Not for use by third-party applications.
@hide
-->
<permission android:name="android.permission.DEVICE_POWER"
android:protectionLevel="signature|role" />
<!-- Allows toggling battery saver on the system.
Superseded by DEVICE_POWER permission. @hide @SystemApi
-->
<permission android:name="android.permission.POWER_SAVER"
android:protectionLevel="signature|privileged" />
<!-- Allows providing the system with battery predictions.
Superseded by DEVICE_POWER permission. @hide @SystemApi
-->
<permission android:name="android.permission.BATTERY_PREDICTION"
android:protectionLevel="signature|privileged" />
<!-- Allows access to the PowerManager.userActivity function.
<p>Not for use by third-party applications. @hide @SystemApi -->
<permission android:name="android.permission.USER_ACTIVITY"
android:protectionLevel="signature|privileged" />
<!-- @hide @SystemApi Allows an application to manage Low Power Standby settings.
<p>Not for use by third-party applications. -->
<permission android:name="android.permission.MANAGE_LOW_POWER_STANDBY"
android:protectionLevel="signature|privileged" />
<!-- @hide @SystemApi Allows an application to request ports to remain open during
Low Power Standby.
<p>Not for use by third-party applications. -->
<permission android:name="android.permission.SET_LOW_POWER_STANDBY_PORTS"
android:protectionLevel="signature|privileged" />
<!-- @hide Allows low-level access to tun tap driver -->
<permission android:name="android.permission.NET_TUNNELING"
android:protectionLevel="signature|role" />
<!-- Run as a manufacturer test application, running as the root user.
Only available when the device is running in manufacturer test mode.
<p>Not for use by third-party applications.
-->
<permission android:name="android.permission.FACTORY_TEST"
android:protectionLevel="signature" />
<!-- @hide @TestApi @SystemApi Allows an application to broadcast the intent {@link
android.content.Intent#ACTION_CLOSE_SYSTEM_DIALOGS}.
<p>Not for use by third-party applications.
-->
<permission android:name="android.permission.BROADCAST_CLOSE_SYSTEM_DIALOGS"
android:protectionLevel="signature|privileged|recents" />
<uses-permission android:name="android.permission.BROADCAST_CLOSE_SYSTEM_DIALOGS" />
<!-- Allows an application to broadcast a notification that an application
package has been removed.
<p>Not for use by third-party applications.
-->
<permission android:name="android.permission.BROADCAST_PACKAGE_REMOVED"
android:protectionLevel="signature" />
<!-- Allows an application to broadcast an SMS receipt notification.
<p>Not for use by third-party applications.
-->
<permission android:name="android.permission.BROADCAST_SMS"
android:protectionLevel="signature" />
<!-- Allows an application to broadcast a WAP PUSH receipt notification.
<p>Not for use by third-party applications.
-->
<permission android:name="android.permission.BROADCAST_WAP_PUSH"
android:protectionLevel="signature" />
<!-- @SystemApi Allows an application to broadcast privileged networking requests.
<p>Not for use by third-party applications.
@hide
@deprecated Use {@link android.Manifest.permission#REQUEST_NETWORK_SCORES} instead
-->
<permission android:name="android.permission.BROADCAST_NETWORK_PRIVILEGED"
android:protectionLevel="signature|privileged" />
<!-- Not for use by third-party applications. -->
<permission android:name="android.permission.MASTER_CLEAR"
android:protectionLevel="signature|privileged|role" />
<!-- Allows an application to call any phone number, including emergency
numbers, without going through the Dialer user interface for the user
to confirm the call being placed.
<p>Not for use by third-party applications. -->
<permission android:name="android.permission.CALL_PRIVILEGED"
android:protectionLevel="signature|privileged" />
<uses-permission android:name="android.permission.CALL_PRIVILEGED" />
<!-- @SystemApi Allows an application to perform CDMA OTA provisioning @hide -->
<permission android:name="android.permission.PERFORM_CDMA_PROVISIONING"
android:protectionLevel="signature|privileged|role" />
<!-- @SystemApi Allows an application to perform SIM Activation @hide -->
<permission android:name="android.permission.PERFORM_SIM_ACTIVATION"
android:protectionLevel="signature|privileged" />
<!-- Allows enabling/disabling location update notifications from
the radio.
<p>Not for use by third-party applications. -->
<permission android:name="android.permission.CONTROL_LOCATION_UPDATES"
android:protectionLevel="signature|privileged" />
<!-- Allows read/write access to the "properties" table in the checkin
database, to change values that get uploaded.
<p>Not for use by third-party applications. -->
<permission android:name="android.permission.ACCESS_CHECKIN_PROPERTIES"
android:protectionLevel="signature|privileged" />
<!-- Allows an application to collect component usage
statistics
<p>Declaring the permission implies intention to use the API and the user of the
device can grant permission through the Settings application.
<p>Protection level: signature|privileged|development|appop|retailDemo -->
<permission android:name="android.permission.PACKAGE_USAGE_STATS"
android:protectionLevel="signature|privileged|development|appop|retailDemo" />
<uses-permission android:name="android.permission.PACKAGE_USAGE_STATS" />
<!-- @SystemApi @hide
@FlaggedApi("android.app.usage.report_usage_stats_permission")
Allows trusted system components to report events to UsageStatsManager -->
<permission android:name="android.permission.REPORT_USAGE_STATS"
android:protectionLevel="signature|module" />
<!-- Allows an application to query broadcast response stats (see
{@link android.app.usage.BroadcastResponseStats}).
@SystemApi
@hide
-->
<permission android:name="android.permission.ACCESS_BROADCAST_RESPONSE_STATS"
android:protectionLevel="signature|privileged|development" />
<!-- Allows a data loader to read a package's access logs. The access logs contain the
set of pages referenced over time.
<p>Declaring the permission implies intention to use the API and the user of the
device can grant permission through the Settings application.
<p>Protection level: signature|privileged|appop
<p>A data loader has to be the one which provides data to install an app.
<p>A data loader has to have both permission:LOADER_USAGE_STATS AND
appop:LOADER_USAGE_STATS allowed to be able to access the read logs. -->
<permission android:name="android.permission.LOADER_USAGE_STATS"
android:protectionLevel="signature|privileged|appop" />
<uses-permission android:name="android.permission.LOADER_USAGE_STATS" />
<!-- @hide @SystemApi Allows an application to observe usage time of apps. The app can register
for callbacks when apps reach a certain usage time limit, etc. -->
<permission android:name="android.permission.OBSERVE_APP_USAGE"
android:protectionLevel="signature|privileged|role" />
<!-- @hide @TestApi @SystemApi Allows an application to change the app idle state of an app.
<p>Not for use by third-party applications. -->
<permission android:name="android.permission.CHANGE_APP_IDLE_STATE"
android:protectionLevel="signature|privileged" />
<!-- @hide @SystemApi Allows an application to change the estimated launch time of an app.
<p>Not for use by third-party applications. -->
<permission android:name="android.permission.CHANGE_APP_LAUNCH_TIME_ESTIMATE"
android:protectionLevel="signature|privileged" />
<!-- @hide @SystemApi Allows an application to temporarily allowlist an inactive app to
access the network and acquire wakelocks.
<p>Not for use by third-party applications. -->
<permission android:name="android.permission.CHANGE_DEVICE_IDLE_TEMP_WHITELIST"
android:protectionLevel="signature|privileged" />
<!-- Permission an application must hold in order to use
{@link android.provider.Settings#ACTION_REQUEST_IGNORE_BATTERY_OPTIMIZATIONS}.
<p>Protection level: normal -->
<permission android:name="android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS"
android:label="@string/permlab_requestIgnoreBatteryOptimizations"
android:description="@string/permdesc_requestIgnoreBatteryOptimizations"
android:protectionLevel="normal" />
<!-- Allows an application to collect battery statistics
<p>Protection level: signature|privileged|development -->
<permission android:name="android.permission.BATTERY_STATS"
android:protectionLevel="signature|privileged|development" />
<!--Allows an application to manage statscompanion.
<p>Not for use by third-party applications.
@hide -->
<permission android:name="android.permission.STATSCOMPANION"
android:protectionLevel="signature" />
<!--@SystemApi @hide Allows an application to register stats pull atom callbacks.
<p>Not for use by third-party applications.-->
<permission android:name="android.permission.REGISTER_STATS_PULL_ATOM"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi @hide Allows an application to read restricted stats from statsd.
<p>Not for use by third-party applications. -->
<permission android:name="android.permission.READ_RESTRICTED_STATS"
android:protectionLevel="internal|privileged" />
<!-- @SystemApi Allows an application to control the backup and restore process.
<p>Not for use by third-party applications.
@hide pending API council -->
<permission android:name="android.permission.BACKUP"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi Allows an application to make modifications to device settings such that these
modifications will be overridden by settings restore..
<p>Not for use by third-party applications.
@hide -->
<permission android:name="android.permission.MODIFY_SETTINGS_OVERRIDEABLE_BY_RESTORE"
android:protectionLevel="signature|setup" />
<!-- @SystemApi Allows application to manage
{@link android.security.keystore.recovery.RecoveryController}.
<p>Not for use by third-party applications.
@hide -->
<permission android:name="android.permission.RECOVER_KEYSTORE"
android:protectionLevel="signature|privileged" />
<!-- Allows a package to launch the secure full-backup confirmation UI.
ONLY the system process may hold this permission.
@hide -->
<permission android:name="android.permission.CONFIRM_FULL_BACKUP"
android:protectionLevel="signature" />
<!-- Must be required by a {@link android.widget.RemoteViewsService},
to ensure that only the system can bind to it.
<p>Protection level: signature|privileged -->
<permission android:name="android.permission.BIND_REMOTEVIEWS"
android:protectionLevel="signature|privileged" />
<!-- Allows an application to tell the AppWidget service which application
can access AppWidget's data. The normal user flow is that a user
picks an AppWidget to go into a particular host, thereby giving that
host application access to the private data from the AppWidget app.
An application that has this permission should honor that contract.
<p>Not for use by third-party applications. -->
<permission android:name="android.permission.BIND_APPWIDGET"
android:protectionLevel="signature|privileged" />
<!-- @hide Allows sysui to manage user grants of slice permissions. -->
<permission android:name="android.permission.MANAGE_SLICE_PERMISSIONS"
android:protectionLevel="signature" />
<!-- @SystemApi Private permission, to restrict who can bring up a dialog to add a new
keyguard widget
@hide -->
<permission android:name="android.permission.BIND_KEYGUARD_APPWIDGET"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi Internal permission allowing an application to query/set which
applications can bind AppWidgets.
@hide -->
<permission android:name="android.permission.MODIFY_APPWIDGET_BIND_PERMISSIONS"
android:protectionLevel="signature|privileged" />
<!-- Allows applications to change the background data setting.
<p>Not for use by third-party applications.
@hide pending API council -->
<permission android:name="android.permission.CHANGE_BACKGROUND_DATA_SETTING"
android:protectionLevel="signature" />
<!-- This permission can be used on content providers to allow the global
search system to access their data. Typically it used when the
provider has some permissions protecting it (which global search
would not be expected to hold), and added as a read-only permission
to the path in the provider where global search queries are
performed. This permission can not be held by regular applications;
it is used by applications to protect themselves from everyone else
besides global search.
<p>Protection level: signature|privileged -->
<permission android:name="android.permission.GLOBAL_SEARCH"
android:protectionLevel="signature|privileged" />
<!-- Internal permission protecting access to the global search
system: ensures that only the system can access the provider
to perform queries (since this otherwise provides unrestricted
access to a variety of content providers), and to write the
search statistics (to keep applications from gaming the source
ranking).
@hide -->
<permission android:name="android.permission.GLOBAL_SEARCH_CONTROL"
android:protectionLevel="signature" />
<!-- @SystemApi Internal permission to allows an application to read indexable data.
@hide -->
<permission android:name="android.permission.READ_SEARCH_INDEXABLES"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi Internal permission to allows an application to bind to suggestion service.
@hide -->
<permission android:name="android.permission.BIND_SETTINGS_SUGGESTIONS_SERVICE"
android:protectionLevel="signature" />
<!-- @hide Internal permission to allows an application to access card content provider. -->
<permission android:name="android.permission.WRITE_SETTINGS_HOMEPAGE_DATA"
android:protectionLevel="signature|privileged" />
<!-- An application needs this permission for
{@link android.provider.Settings#ACTION_SETTINGS_EMBED_DEEP_LINK_ACTIVITY} to show its
{@link android.app.Activity} embedded in Settings app. -->
<permission android:name="android.permission.LAUNCH_MULTI_PANE_SETTINGS_DEEP_LINK"
android:protectionLevel="signature|preinstalled" />
<!-- @SystemApi {@link android.app.Activity} should require this permission to ensure that only
the settings app can embed it in a multi pane window.
@hide -->
<permission android:name="android.permission.ALLOW_PLACE_IN_MULTI_PANE_SETTINGS"
android:protectionLevel="signature" />
<!-- @SystemApi Allows applications to set a live wallpaper.
@hide XXX Change to signature once the picker is moved to its
own apk as Ghod Intended. -->
<permission android:name="android.permission.SET_WALLPAPER_COMPONENT"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi Allows applications to set the wallpaper dim amount.
@hide. -->
<permission android:name="android.permission.SET_WALLPAPER_DIM_AMOUNT"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi Allows applications to read dream settings and dream state.
@hide -->
<permission android:name="android.permission.READ_DREAM_STATE"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi Allows applications to write dream settings, and start or stop dreaming.
@hide -->
<permission android:name="android.permission.WRITE_DREAM_STATE"
android:protectionLevel="signature|privileged" />
<!-- @hide Allows applications to read whether ambient display is suppressed. -->
<permission android:name="android.permission.READ_DREAM_SUPPRESSION"
android:protectionLevel="signature" />
<!-- @SystemApi Allow an application to read and write the cache partition.
@hide -->
<permission android:name="android.permission.ACCESS_CACHE_FILESYSTEM"
android:protectionLevel="signature|privileged" />
<!-- Must be required by default container service so that only
the system can bind to it and use it to copy
protected data to secure containers or files
accessible to the system.
@hide -->
<permission android:name="android.permission.COPY_PROTECTED_DATA"
android:protectionLevel="signature" />
<!-- @SystemApi Internal permission protecting access to the encryption methods
@hide
-->
<permission android:name="android.permission.CRYPT_KEEPER"
android:protectionLevel="signature|privileged|role" />
<!-- @SystemApi Allows an application to read historical network usage for
specific networks and applications. @hide -->
<permission android:name="android.permission.READ_NETWORK_USAGE_HISTORY"
android:protectionLevel="signature|privileged" />
<!-- Allows an application to manage network policies (such as warning and disable
limits) and to define application-specific rules. @hide -->
<permission android:name="android.permission.MANAGE_NETWORK_POLICY"
android:protectionLevel="signature" />
<!-- @SystemApi @hide @deprecated use UPDATE_DEVICE_STATS instead -->
<permission android:name="android.permission.MODIFY_NETWORK_ACCOUNTING"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi @hide Allows an application to manage carrier subscription plans. -->
<permission android:name="android.permission.MANAGE_SUBSCRIPTION_PLANS"
android:protectionLevel="signature|privileged" />
<!-- C2DM permission.
@hide Used internally.
-->
<permission android:name="android.intent.category.MASTER_CLEAR.permission.C2D_MESSAGE"
android:protectionLevel="signature" />
<uses-permission android:name="android.intent.category.MASTER_CLEAR.permission.C2D_MESSAGE"/>
<!-- @SystemApi @hide Package verifier needs to have this permission before the PackageManager will
trust it to verify packages.
-->
<permission android:name="android.permission.PACKAGE_VERIFICATION_AGENT"
android:protectionLevel="signature|privileged" />
<!-- Must be required by package verifier receiver, to ensure that only the
system can interact with it.
@hide
-->
<permission android:name="android.permission.BIND_PACKAGE_VERIFIER"
android:protectionLevel="signature" />
<!-- @hide Rollback manager needs to have this permission before the PackageManager will
trust it to enable rollback.
-->
<permission android:name="android.permission.PACKAGE_ROLLBACK_AGENT"
android:protectionLevel="signature" />
<!-- @SystemApi @TestApi @hide Allows managing apk level rollbacks. -->
<permission android:name="android.permission.MANAGE_ROLLBACKS"
android:protectionLevel="signature|privileged" />
<!-- @TestApi @hide Allows testing apk level rollbacks. -->
<permission android:name="android.permission.TEST_MANAGE_ROLLBACKS"
android:protectionLevel="signature" />
<!-- @SystemApi @hide Allows an application to mark other applications as harmful -->
<permission android:name="android.permission.SET_HARMFUL_APP_WARNINGS"
android:protectionLevel="signature|verifier" />
<!-- @SystemApi @hide Intent filter verifier needs to have this permission before the
PackageManager will trust it to verify intent filters.
-->
<permission android:name="android.permission.INTENT_FILTER_VERIFICATION_AGENT"
android:protectionLevel="signature|privileged" />
<!-- Must be required by intent filter verifier rintent-filtereceiver, to ensure that only the
system can interact with it.
@hide
-->
<permission android:name="android.permission.BIND_INTENT_FILTER_VERIFIER"
android:protectionLevel="signature" />
<!-- @SystemApi @hide Domain verification agent package needs to have this permission before the
system will trust it to verify domains.
TODO(159952358): STOPSHIP: This must be updated to the new "internal" protectionLevel
-->
<permission android:name="android.permission.DOMAIN_VERIFICATION_AGENT"
android:protectionLevel="internal|privileged" />
<!-- @SystemApi @hide Must be required by the domain verification agent's intent
BroadcastReceiver, to ensure that only the system can interact with it.
-->
<permission android:name="android.permission.BIND_DOMAIN_VERIFICATION_AGENT"
android:protectionLevel="signature" />
<!-- @SystemApi @hide Allows an app like Settings to update the user's grants to what domains
an app is allowed to automatically open.
-->
<permission android:name="android.permission.UPDATE_DOMAIN_VERIFICATION_USER_SELECTION"
android:protectionLevel="signature" />
<!-- @SystemApi Allows applications to access serial ports via the SerialManager.
@hide -->
<permission android:name="android.permission.SERIAL_PORT"
android:protectionLevel="signature|privileged" />
<!-- Allows the holder to access content providers from outside an ApplicationThread.
This permission is enforced by the ActivityManagerService on the corresponding APIs,
in particular ActivityManagerService#getContentProviderExternal(String) and
ActivityManagerService#removeContentProviderExternal(String).
@hide
-->
<permission android:name="android.permission.ACCESS_CONTENT_PROVIDERS_EXTERNALLY"
android:protectionLevel="signature" />
<!-- @SystemApi Allows an application to hold an UpdateLock, recommending that a headless
OTA reboot *not* occur while the lock is held.
@hide -->
<permission android:name="android.permission.UPDATE_LOCK"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi Allows an application the opportunity to become a
{@link android.service.notification.NotificationAssistantService}.
User permission is still required before access is granted.
@hide -->
<permission android:name="android.permission.REQUEST_NOTIFICATION_ASSISTANT_SERVICE"
android:protectionLevel="signature|privileged|role" />
<!-- @SystemApi @TestApi Allows an application to read the current set of notifications, including
any metadata and intents attached.
@hide -->
<permission android:name="android.permission.ACCESS_NOTIFICATIONS"
android:protectionLevel="signature|privileged|appop" />
<!-- Marker permission for applications that wish to access notification policy. This permission
is not supported on managed profiles.
<p>Protection level: normal
-->
<permission android:name="android.permission.ACCESS_NOTIFICATION_POLICY"
android:description="@string/permdesc_access_notification_policy"
android:label="@string/permlab_access_notification_policy"
android:protectionLevel="normal" />
<!-- Allows modification of do not disturb rules and policies. Only allowed for system
processes.
@hide -->
<permission android:name="android.permission.MANAGE_NOTIFICATIONS"
android:protectionLevel="signature" />
<!-- @SystemApi @TestApi Allows adding/removing enabled notification listener components.
@hide -->
<permission android:name="android.permission.MANAGE_NOTIFICATION_LISTENERS"
android:protectionLevel="signature|installer" />
<uses-permission android:name="android.permission.MANAGE_NOTIFICATION_LISTENERS" />
<!-- @SystemApi Allows notifications to be colorized
<p>Not for use by third-party applications. @hide -->
<permission android:name="android.permission.USE_COLORIZED_NOTIFICATIONS"
android:protectionLevel="signature|setup|role" />
<!-- Allows access to keyguard secure storage. Only allowed for system processes.
@hide -->
<permission android:name="android.permission.ACCESS_KEYGUARD_SECURE_STORAGE"
android:protectionLevel="signature|setup" />
<!-- Allows applications to set the initial lockscreen state.
<p>Not for use by third-party applications. @hide -->
<permission android:name="android.permission.SET_INITIAL_LOCK"
android:protectionLevel="signature|setup"/>
<!-- @TestApi Allows applications to set and verify lockscreen credentials.
@hide -->
<permission android:name="android.permission.SET_AND_VERIFY_LOCKSCREEN_CREDENTIALS"
android:protectionLevel="signature"/>
<!-- @SystemApi Allows application to verify lockscreen credentials provided by a remote device.
@hide -->
<permission android:name="android.permission.CHECK_REMOTE_LOCKSCREEN"
android:protectionLevel="signature|privileged" />
<!-- Allows managing (adding, removing) fingerprint templates. Reserved for the system. @hide -->
<permission android:name="android.permission.MANAGE_FINGERPRINT"
android:protectionLevel="signature|privileged" />
<!-- Allows managing (adding, removing) face templates. Reserved for the system. @hide -->
<permission android:name="android.permission.MANAGE_FACE"
android:protectionLevel="signature|privileged" />
<!-- Allows an app to reset fingerprint attempt counter. Reserved for the system. @hide -->
<permission android:name="android.permission.RESET_FINGERPRINT_LOCKOUT"
android:protectionLevel="signature" />
<!-- Allows access to TestApis for various components in the biometric stack, including
FingerprintService, FaceService, BiometricService. Used by com.android.server.biometrics
CTS tests. @hide @TestApi -->
<permission android:name="android.permission.TEST_BIOMETRIC"
android:protectionLevel="signature" />
<!-- Allows direct access to the <Biometric>Service interfaces. Reserved for the system. @hide -->
<permission android:name="android.permission.MANAGE_BIOMETRIC"
android:protectionLevel="signature" />
<!-- Allows direct access to the <Biometric>Service authentication methods. Reserved for the system. @hide -->
<permission android:name="android.permission.USE_BIOMETRIC_INTERNAL"
android:protectionLevel="signature" />
<!-- Allows the system to control the BiometricDialog (SystemUI). Reserved for the system. @hide -->
<permission android:name="android.permission.MANAGE_BIOMETRIC_DIALOG"
android:protectionLevel="signature" />
<!-- Allows an application to control keyguard. Only allowed for system processes.
@hide -->
<permission android:name="android.permission.CONTROL_KEYGUARD"
android:protectionLevel="signature" />
<!-- @SystemApi Allows an application to control keyguard features like secure notifications.
@hide -->
<permission android:name="android.permission.CONTROL_KEYGUARD_SECURE_NOTIFICATIONS"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi Allows an application to manage weak escrow token on the device. This permission
is not available to third party applications.
@hide -->
<permission android:name="android.permission.MANAGE_WEAK_ESCROW_TOKEN"
android:protectionLevel="signature|privileged" />
<!-- Allows an application to listen to trust changes. Only allowed for system processes.
@hide -->
<permission android:name="android.permission.TRUST_LISTENER"
android:protectionLevel="signature" />
<!-- @SystemApi Allows an application to provide a trust agent.
@hide For security reasons, this is a platform-only permission. -->
<permission android:name="android.permission.PROVIDE_TRUST_AGENT"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi Allows an application to show a message
on the keyguard when asking to dismiss it.
@hide For security reasons, this is a platform-only permission. -->
<permission android:name="android.permission.SHOW_KEYGUARD_MESSAGE"
android:protectionLevel="signature|privileged" />
<!-- Allows an application to launch the trust agent settings activity.
@hide -->
<permission android:name="android.permission.LAUNCH_TRUST_AGENT_SETTINGS"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi Must be required by an {@link
android.service.trust.TrustAgentService},
to ensure that only the system can bind to it.
@hide -->
<permission android:name="android.permission.BIND_TRUST_AGENT"
android:protectionLevel="signature" />
<!-- Must be required by an {@link
android.service.notification.NotificationListenerService},
to ensure that only the system can bind to it.
<p>Protection level: signature
-->
<permission android:name="android.permission.BIND_NOTIFICATION_LISTENER_SERVICE"
android:protectionLevel="signature" />
<!-- @SystemApi Must be required by an {@link
android.service.notification.NotificationAssistantService} to ensure that only the system
can bind to it.
<p>Protection level: signature
@hide
-->
<permission android:name="android.permission.BIND_NOTIFICATION_ASSISTANT_SERVICE"
android:protectionLevel="signature" />
<!-- Must be required by a {@link
android.service.chooser.ChooserTargetService}, to ensure that
only the system can bind to it.
<p>Protection level: signature
@deprecated For publishing direct share targets, please follow the instructions in
https://developer.android.com/training/sharing/receive.html#providing-direct-share-targets
instead.
-->
<permission android:name="android.permission.BIND_CHOOSER_TARGET_SERVICE"
android:protectionLevel="signature" />
<!-- @SystemApi Must be held by services that extend
{@link android.service.resolver.ResolverRankerService}.
<p>Protection level: signature|privileged
@hide
-->
<permission android:name="android.permission.PROVIDE_RESOLVER_RANKER_SERVICE"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi Must be required by services that extend
{@link android.service.resolver.ResolverRankerService}, to ensure that only the system can
bind to them.
<p>Protection level: signature
@hide
-->
<permission android:name="android.permission.BIND_RESOLVER_RANKER_SERVICE"
android:protectionLevel="signature" />
<!-- Must be required by a {@link
android.service.notification.ConditionProviderService},
to ensure that only the system can bind to it.
<p>Protection level: signature
-->
<permission android:name="android.permission.BIND_CONDITION_PROVIDER_SERVICE"
android:protectionLevel="signature" />
<!-- Must be required by an {@link android.service.dreams.DreamService},
to ensure that only the system can bind to it.
<p>Protection level: signature
-->
<permission android:name="android.permission.BIND_DREAM_SERVICE"
android:protectionLevel="signature" />
<!-- Must be required by an {@link android.app.usage.CacheQuotaService} to ensure that only the
system can bind to it.
@hide This is not a third-party API (intended for OEMs and system apps).
-->
<permission android:name="android.permission.BIND_CACHE_QUOTA_SERVICE"
android:protectionLevel="signature" />
<!-- @SystemApi Allows an application to call into a carrier setup flow. It is up to the
carrier setup application to enforce that this permission is required
@hide This is not a third-party API (intended for OEMs and system apps). -->
<permission android:name="android.permission.INVOKE_CARRIER_SETUP"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi Allows an application to listen for network condition observations.
@hide This is not a third-party API (intended for system apps). -->
<permission android:name="android.permission.ACCESS_NETWORK_CONDITIONS"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi Allows an application to provision and access DRM certificates
@hide This is not a third-party API (intended for system apps). -->
<permission android:name="android.permission.ACCESS_DRM_CERTIFICATES"
android:protectionLevel="signature|privileged" />
<!-- Api Allows an application to manage media projection sessions.
@hide This is not a third-party API (intended for system apps). -->
<permission android:name="android.permission.MANAGE_MEDIA_PROJECTION"
android:protectionLevel="signature" />
<!-- @SystemApi Allows an application to read install sessions
@hide This is not a third-party API (intended for system apps). -->
<permission android:name="android.permission.READ_INSTALL_SESSIONS"
android:label="@string/permlab_readInstallSessions"
android:description="@string/permdesc_readInstallSessions"
android:protectionLevel="normal"/>
<!-- @SystemApi Allows an application to remove DRM certificates
@hide This is not a third-party API (intended for system apps). -->
<permission android:name="android.permission.REMOVE_DRM_CERTIFICATES"
android:protectionLevel="signature|privileged" />
<!-- @deprecated Use {@link android.Manifest.permission#BIND_CARRIER_SERVICES} instead -->
<permission android:name="android.permission.BIND_CARRIER_MESSAGING_SERVICE"
android:protectionLevel="signature|privileged" />
<!-- Allows an application to interact with the currently active
{@link android.service.voice.VoiceInteractionService}.
@hide -->
<permission android:name="android.permission.ACCESS_VOICE_INTERACTION_SERVICE"
android:protectionLevel="signature" />
<!-- The system process that is allowed to bind to services in carrier apps will
have this permission. Carrier apps should use this permission to protect
their services that only the system is allowed to bind to.
<p>Protection level: signature|privileged
-->
<permission android:name="android.permission.BIND_CARRIER_SERVICES"
android:label="@string/permlab_bindCarrierServices"
android:description="@string/permdesc_bindCarrierServices"
android:protectionLevel="signature|privileged" />
<!--
Allows the holder to start the permission usage screen for an app.
<p>Protection level: signature|installer
-->
<permission android:name="android.permission.START_VIEW_PERMISSION_USAGE"
android:label="@string/permlab_startViewPermissionUsage"
android:description="@string/permdesc_startViewPermissionUsage"
android:protectionLevel="signature|installer|module" />
<!--
@SystemApi
Allows the holder to start the screen to review permission decisions.
<p>Protection level: signature|installer
@hide -->
<permission android:name="android.permission.START_REVIEW_PERMISSION_DECISIONS"
android:label="@string/permlab_startReviewPermissionDecisions"
android:description="@string/permdesc_startReviewPermissionDecisions"
android:protectionLevel="signature|installer" />
<!--
Allows the holder to start the screen with a list of app features.
<p>Protection level: signature|installer
-->
<permission android:name="android.permission.START_VIEW_APP_FEATURES"
android:label="@string/permlab_startViewAppFeatures"
android:description="@string/permdesc_startViewAppFeatures"
android:protectionLevel="signature|installer" />
<!-- Allows an application to query whether DO_NOT_ASK_CREDENTIALS_ON_BOOT
flag is set.
@hide -->
<permission android:name="android.permission.QUERY_DO_NOT_ASK_CREDENTIALS_ON_BOOT"
android:protectionLevel="signature" />
<!-- @SystemApi Allows applications to kill UIDs.
<p>This permission can be granted to the SYSTEM_SUPERVISOR role used for parental
controls.
<p>Not for use by third-party applications.
@hide -->
<permission android:name="android.permission.KILL_UID"
android:protectionLevel="signature|installer|role" />
<!-- @SystemApi Allows applications to read the local WiFi and Bluetooth MAC address.
@hide -->
<permission android:name="android.permission.LOCAL_MAC_ADDRESS"
android:protectionLevel="signature|privileged" />
<uses-permission android:name="android.permission.LOCAL_MAC_ADDRESS"/>
<!-- @SystemApi Allows access to MAC addresses of WiFi and Bluetooth peer devices.
@hide -->
<permission android:name="android.permission.PEERS_MAC_ADDRESS"
android:protectionLevel="signature|setup|role" />
<!-- Allows the Nfc stack to dispatch Nfc messages to applications. Applications
can use this permission to ensure incoming Nfc messages are from the Nfc stack
and not simulated by another application.
@hide -->
<permission android:name="android.permission.DISPATCH_NFC_MESSAGE"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi Allows changing day / night mode when system is configured with
config_lockDayNightMode set to true. If requesting app does not have permission,
it will be ignored.
@hide -->
<permission android:name="android.permission.MODIFY_DAY_NIGHT_MODE"
android:protectionLevel="signature|privileged|role" />
<!-- @SystemApi Allows entering or exiting car mode using a specified priority.
This permission is required to use UiModeManager while specifying a priority for the calling
app. A device manufacturer uses this permission to prioritize the apps which can
potentially request to enter car-mode on a device to help establish the correct behavior
where multiple such apps are active at the same time.
@hide -->
<permission android:name="android.permission.ENTER_CAR_MODE_PRIORITIZED"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi Required to receive ACTION_ENTER_CAR_MODE_PRIVILEGED or
ACTION_EXIT_CAR_MODE_PRIVILEGED.
@hide -->
<permission android:name="android.permission.HANDLE_CAR_MODE_CHANGES"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi Allows the holder to send category_car notifications.
@hide -->
<permission
android:name="android.permission.SEND_CATEGORY_CAR_NOTIFICATIONS"
android:protectionLevel="signature|privileged" />
<!-- The system process is explicitly the only one allowed to launch the
confirmation UI for full backup/restore -->
<uses-permission android:name="android.permission.CONFIRM_FULL_BACKUP"/>
<!-- @SystemApi Allows the holder to access and manage instant applications on the device.
@hide -->
<permission android:name="android.permission.ACCESS_INSTANT_APPS"
android:protectionLevel="signature|installer|verifier|role" />
<uses-permission android:name="android.permission.ACCESS_INSTANT_APPS"/>
<!-- Allows the holder to view the instant applications on the device.
@hide -->
<permission android:name="android.permission.VIEW_INSTANT_APPS"
android:protectionLevel="signature|preinstalled" />
<!-- Allows the holder to manage whether the system can bind to services
provided by instant apps. This permission is intended to protect
test/development fucntionality and should be used only in such cases.
@hide -->
<permission android:name="android.permission.MANAGE_BIND_INSTANT_SERVICE"
android:protectionLevel="signature" />
<!-- Allows receiving the usage of media resource e.g. video/audio codec and
graphic memory.
@hide -->
<permission android:name="android.permission.RECEIVE_MEDIA_RESOURCE_USAGE"
android:protectionLevel="signature|privileged" />
<!-- Must be required by system/priv apps when accessing the sound trigger
APIs given by {@link SoundTriggerManager}.
@hide
@SystemApi -->
<permission android:name="android.permission.MANAGE_SOUND_TRIGGER"
android:protectionLevel="signature|privileged|role" />
<!-- Must be required by system/priv apps to run sound trigger recognition sessions while in
battery saver mode.
@hide
@SystemApi -->
<permission android:name="android.permission.SOUND_TRIGGER_RUN_IN_BATTERY_SAVER"
android:protectionLevel="signature|privileged" />
<!-- Must be required by system/priv apps implementing sound trigger detection services
@hide
@SystemApi -->
<permission android:name="android.permission.BIND_SOUND_TRIGGER_DETECTION_SERVICE"
android:protectionLevel="signature" />
<!-- @SystemApi Allows trusted applications to dispatch managed provisioning message to Managed
Provisioning app. If requesting app does not have permission, it will be ignored.
@hide -->
<permission android:name="android.permission.DISPATCH_PROVISIONING_MESSAGE"
android:protectionLevel="signature|privileged" />
<!-- Allows the holder to read blocked numbers. See
{@link android.provider.BlockedNumberContract}.
@hide -->
<permission android:name="android.permission.READ_BLOCKED_NUMBERS"
android:protectionLevel="signature" />
<!-- Allows the holder to write blocked numbers. See
{@link android.provider.BlockedNumberContract}.
@hide -->
<permission android:name="android.permission.WRITE_BLOCKED_NUMBERS"
android:protectionLevel="signature" />
<!-- Must be required by an {@link android.service.vr.VrListenerService}, to ensure that only
the system can bind to it.
<p>Protection level: signature -->
<permission android:name="android.permission.BIND_VR_LISTENER_SERVICE"
android:protectionLevel="signature" />
<!-- Must be required by system apps when accessing restricted VR APIs.
@hide
@SystemApi
<p>Protection level: signature -->
<permission android:name="android.permission.RESTRICTED_VR_ACCESS"
android:protectionLevel="signature|preinstalled" />
<!-- Required to make calls to {@link android.service.vr.IVrManager}.
@hide -->
<permission android:name="android.permission.ACCESS_VR_MANAGER"
android:protectionLevel="signature" />
<!-- Required to access VR-Mode state and state change events via {android.app.VrStateCallback}
@hide -->
<permission android:name="android.permission.ACCESS_VR_STATE"
android:protectionLevel="signature|preinstalled" />
<!-- Allows an application to allowlist tasks during lock task mode
@hide <p>Not for use by third-party applications.</p> -->
<permission android:name="android.permission.UPDATE_LOCK_TASK_PACKAGES"
android:protectionLevel="signature|setup" />
<!-- @SystemApi Allows an application to replace the app name displayed alongside notifications
in the N-release and later.
@hide <p>Not for use by third-party applications.</p> -->
<permission android:name="android.permission.SUBSTITUTE_NOTIFICATION_APP_NAME"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi Allows an application to show notifications before the device is provisioned.
@hide <p>Not for use by third-party applications.</p> -->
<permission android:name="android.permission.NOTIFICATION_DURING_SETUP"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi Allows an application to manage auto-fill sessions.
@hide <p>Not for use by third-party applications.</p> -->
<permission android:name="android.permission.MANAGE_AUTO_FILL"
android:protectionLevel="signature" />
<!-- @SystemApi Allows an application to manage the content capture service.
@hide <p>Not for use by third-party applications.</p> -->
<permission android:name="android.permission.MANAGE_CONTENT_CAPTURE"
android:protectionLevel="signature" />
<!-- @SystemApi Allows an application to manager the rotation resolver service.
@hide <p>Not for use by third-party applications.</p> -->
<permission android:name="android.permission.MANAGE_ROTATION_RESOLVER"
android:protectionLevel="signature"/>
<!-- @SystemApi Allows an application to manage the cloudsearch service.
@hide <p>Not for use by third-party applications.</p> -->
<permission android:name="android.permission.MANAGE_CLOUDSEARCH"
android:protectionLevel="signature|privileged|role" />
<!-- @SystemApi Allows an application to manage the music recognition service.
@hide <p>Not for use by third-party applications.</p> -->
<permission android:name="android.permission.MANAGE_MUSIC_RECOGNITION"
android:protectionLevel="signature|privileged|role" />
<!-- @SystemApi Allows an application to manage speech recognition service.
@hide <p>Not for use by third-party applications.</p> -->
<permission android:name="android.permission.MANAGE_SPEECH_RECOGNITION"
android:protectionLevel="signature" />
<!-- @SystemApi Allows an application to manage the content suggestions service.
@hide <p>Not for use by third-party applications.</p> -->
<permission android:name="android.permission.MANAGE_CONTENT_SUGGESTIONS"
android:protectionLevel="signature" />
<!-- @SystemApi Allows an application to manage the app predictions service.
@hide <p>Not for use by third-party applications.</p> -->
<permission android:name="android.permission.MANAGE_APP_PREDICTIONS"
android:protectionLevel="signature|role" />
<!-- @SystemApi Allows an application to manage the search ui service.
@hide <p>Not for use by third-party applications.</p> -->
<permission android:name="android.permission.MANAGE_SEARCH_UI"
android:protectionLevel="signature|role" />
<!-- @SystemApi Allows an application to manage the smartspace service.
@hide <p>Not for use by third-party applications.</p> -->
<permission android:name="android.permission.MANAGE_SMARTSPACE"
android:protectionLevel="signature" />
<!-- @SystemApi Allows an application to access the smartspace service as a client.
@hide <p>Not for use by third-party applications.</p> -->
<permission android:name="android.permission.ACCESS_SMARTSPACE"
android:protectionLevel="signature|privileged|development" />
<!-- @SystemApi Allows an application to manage the wallpaper effects
generation service.
@hide <p>Not for use by third-party applications.</p> -->
<permission android:name="android.permission.MANAGE_WALLPAPER_EFFECTS_GENERATION"
android:protectionLevel="signature|privileged" />
<!-- Allows an app to set the theme overlay in /vendor/overlay
being used.
@hide <p>Not for use by third-party applications.</p> -->
<permission android:name="android.permission.MODIFY_THEME_OVERLAY"
android:protectionLevel="signature" />
<!-- Allows an instant app to create foreground services.
<p>Protection level: signature|development|instant|appop -->
<permission android:name="android.permission.INSTANT_APP_FOREGROUND_SERVICE"
android:protectionLevel="signature|development|instant|appop" />
<!-- Allows a regular application to use {@link android.app.Service#startForeground
Service.startForeground}.
<p>Protection level: normal
-->
<permission android:name="android.permission.FOREGROUND_SERVICE"
android:description="@string/permdesc_foregroundService"
android:label="@string/permlab_foregroundService"
android:protectionLevel="normal|instant" />
<!-- Allows a regular application to use {@link android.app.Service#startForeground
Service.startForeground} with the type "camera".
<p>Protection level: normal|instant
-->
<permission android:name="android.permission.FOREGROUND_SERVICE_CAMERA"
android:description="@string/permdesc_foregroundServiceCamera"
android:label="@string/permlab_foregroundServiceCamera"
android:protectionLevel="normal|instant" />
<!-- Allows a regular application to use {@link android.app.Service#startForeground
Service.startForeground} with the type "connectedDevice".
<p>Protection level: normal|instant
-->
<permission android:name="android.permission.FOREGROUND_SERVICE_CONNECTED_DEVICE"
android:description="@string/permdesc_foregroundServiceConnectedDevice"
android:label="@string/permlab_foregroundServiceConnectedDevice"
android:protectionLevel="normal|instant" />
<!-- Allows a regular application to use {@link android.app.Service#startForeground
Service.startForeground} with the type "dataSync".
<p>Protection level: normal|instant
-->
<permission android:name="android.permission.FOREGROUND_SERVICE_DATA_SYNC"
android:description="@string/permdesc_foregroundServiceDataSync"
android:label="@string/permlab_foregroundServiceDataSync"
android:protectionLevel="normal|instant" />
<!-- Allows a regular application to use {@link android.app.Service#startForeground
Service.startForeground} with the type "location".
<p>Protection level: normal|instant
-->
<permission android:name="android.permission.FOREGROUND_SERVICE_LOCATION"
android:description="@string/permdesc_foregroundServiceLocation"
android:label="@string/permlab_foregroundServiceLocation"
android:protectionLevel="normal|instant" />
<!-- Allows a regular application to use {@link android.app.Service#startForeground
Service.startForeground} with the type "mediaPlayback".
<p>Protection level: normal|instant
-->
<permission android:name="android.permission.FOREGROUND_SERVICE_MEDIA_PLAYBACK"
android:description="@string/permdesc_foregroundServiceMediaPlayback"
android:label="@string/permlab_foregroundServiceMediaPlayback"
android:protectionLevel="normal|instant" />
<!-- Allows a regular application to use {@link android.app.Service#startForeground
Service.startForeground} with the type "mediaProjection".
<p>Protection level: normal|instant
-->
<permission android:name="android.permission.FOREGROUND_SERVICE_MEDIA_PROJECTION"
android:description="@string/permdesc_foregroundServiceMediaProjection"
android:label="@string/permlab_foregroundServiceMediaProjection"
android:protectionLevel="normal|instant" />
<!-- Allows a regular application to use {@link android.app.Service#startForeground
Service.startForeground} with the type "microphone".
<p>Protection level: normal|instant
-->
<permission android:name="android.permission.FOREGROUND_SERVICE_MICROPHONE"
android:description="@string/permdesc_foregroundServiceMicrophone"
android:label="@string/permlab_foregroundServiceMicrophone"
android:protectionLevel="normal|instant" />
<!-- Allows a regular application to use {@link android.app.Service#startForeground
Service.startForeground} with the type "phoneCall".
<p>Protection level: normal|instant
-->
<permission android:name="android.permission.FOREGROUND_SERVICE_PHONE_CALL"
android:description="@string/permdesc_foregroundServicePhoneCall"
android:label="@string/permlab_foregroundServicePhoneCall"
android:protectionLevel="normal|instant" />
<!-- Allows a regular application to use {@link android.app.Service#startForeground
Service.startForeground} with the type "health".
<p>Protection level: normal|instant
-->
<permission android:name="android.permission.FOREGROUND_SERVICE_HEALTH"
android:description="@string/permdesc_foregroundServiceHealth"
android:label="@string/permlab_foregroundServiceHealth"
android:protectionLevel="normal|instant" />
<!-- Allows a regular application to use {@link android.app.Service#startForeground
Service.startForeground} with the type "remoteMessaging".
<p>Protection level: normal|instant
-->
<permission android:name="android.permission.FOREGROUND_SERVICE_REMOTE_MESSAGING"
android:description="@string/permdesc_foregroundServiceRemoteMessaging"
android:label="@string/permlab_foregroundServiceRemoteMessaging"
android:protectionLevel="normal|instant" />
<!-- Allows a regular application to use {@link android.app.Service#startForeground
Service.startForeground} with the type "systemExempted".
Apps are allowed to use this type only in the use cases listed in
{@link android.content.pm.ServiceInfo#FOREGROUND_SERVICE_TYPE_SYSTEM_EXEMPTED}.
<p>Protection level: normal|instant
-->
<permission android:name="android.permission.FOREGROUND_SERVICE_SYSTEM_EXEMPTED"
android:description="@string/permdesc_foregroundServiceSystemExempted"
android:label="@string/permlab_foregroundServiceSystemExempted"
android:protectionLevel="normal|instant" />
<!-- Allows a regular application to use {@link android.app.Service#startForeground
Service.startForeground} with the type "fileManagement".
<p>Protection level: normal|instant
@hide
-->
<permission android:name="android.permission.FOREGROUND_SERVICE_FILE_MANAGEMENT"
android:description="@string/permdesc_foregroundServiceFileManagement"
android:label="@string/permlab_foregroundServiceFileManagement"
android:protectionLevel="normal|instant" />
<!-- Allows a regular application to use {@link android.app.Service#startForeground
Service.startForeground} with the type "specialUse".
<p>Protection level: normal|appop|instant
-->
<permission android:name="android.permission.FOREGROUND_SERVICE_SPECIAL_USE"
android:description="@string/permdesc_foregroundServiceSpecialUse"
android:label="@string/permlab_foregroundServiceSpecialUse"
android:protectionLevel="normal|appop|instant" />
<!-- @SystemApi Allows to access all app shortcuts.
@hide -->
<permission android:name="android.permission.ACCESS_SHORTCUTS"
android:protectionLevel="signature|role|recents" />
<!-- @SystemApi Allows unlimited calls to shortcut mutation APIs.
@hide -->
<permission android:name="android.permission.UNLIMITED_SHORTCUTS_API_CALLS"
android:protectionLevel="signature|role" />
<!-- @SystemApi Allows an application to read the runtime profiles of other apps.
@hide <p>Not for use by third-party applications. -->
<permission android:name="android.permission.READ_RUNTIME_PROFILES"
android:protectionLevel="signature|privileged" />
<!-- @hide Allows audio policy management. -->
<permission android:name="android.permission.MANAGE_AUDIO_POLICY"
android:protectionLevel="signature" />
<!-- @SystemApi Allows an application to turn on / off quiet mode.
@hide -->
<permission android:name="android.permission.MODIFY_QUIET_MODE"
android:protectionLevel="signature|privileged|development|role" />
<!-- Allows internal management of the camera framework
@hide -->
<permission android:name="android.permission.MANAGE_CAMERA"
android:protectionLevel="signature" />
<!-- Allows an application to control remote animations. See
{@link ActivityOptions#makeRemoteAnimation}
@hide <p>Not for use by third-party applications. -->
<permission android:name="android.permission.CONTROL_REMOTE_APP_TRANSITION_ANIMATIONS"
android:protectionLevel="signature|privileged|recents" />
<!-- Allows an application to watch changes and/or active state of app ops.
@hide <p>Not for use by third-party applications. -->
<permission android:name="android.permission.WATCH_APPOPS"
android:protectionLevel="signature|privileged" />
<!-- Allows hidden API checks to be disabled when starting a process.
@hide <p>Not for use by third-party applications. -->
<permission android:name="android.permission.DISABLE_HIDDEN_API_CHECKS"
android:protectionLevel="signature" />
<!-- @hide Permission that protects the
{@link android.provider.Telephony.Intents#ACTION_DEFAULT_SMS_PACKAGE_CHANGED_INTERNAL}
broadcast -->
<permission android:name="android.permission.MONITOR_DEFAULT_SMS_PACKAGE"
android:protectionLevel="signature|privileged" />
<!-- A subclass of {@link android.service.carrier.CarrierMessagingClientService} must be protected with this permission.
<p>Protection level: signature -->
<permission android:name="android.permission.BIND_CARRIER_MESSAGING_CLIENT_SERVICE"
android:protectionLevel="signature" />
<!-- Must be required by an {@link android.service.watchdog.ExplicitHealthCheckService} to
ensure that only the system can bind to it.
@hide This is not a third-party API (intended for OEMs and system apps).
-->
<permission android:name="android.permission.BIND_EXPLICIT_HEALTH_CHECK_SERVICE"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi Must be required by an {@link android.service.storage.ExternalStorageService} to
ensure that only the system can bind to it.
@hide This is not a third-party API (intended for OEMs and system apps).
-->
<permission android:name="android.permission.BIND_EXTERNAL_STORAGE_SERVICE"
android:protectionLevel="signature" />
<!-- @hide Permission that allows configuring appops.
<p>Not for use by third-party applications. -->
<permission android:name="android.permission.MANAGE_APPOPS"
android:protectionLevel="signature" />
<!-- @SystemApi Permission that allows background clipboard access.
@hide Not for use by third-party applications. -->
<permission android:name="android.permission.READ_CLIPBOARD_IN_BACKGROUND"
android:protectionLevel="signature|role" />
<!-- @SystemApi Permission that allows apps to disable the clipboard access notifications.
@hide
<p>Not for use by third-party applications. -->
<permission android:name="android.permission.MANAGE_CLIPBOARD_ACCESS_NOTIFICATION"
android:protectionLevel="signature|installer" />
<!-- @hide Permission that suppresses the notification when the clipboard is accessed.
<p>Not for use by third-party applications. -->
<permission android:name="android.permission.SUPPRESS_CLIPBOARD_ACCESS_NOTIFICATION"
android:protectionLevel="signature" />
<!-- @SystemApi Allows modifying accessibility state.
<p> The only approved role for this permission is COMPANION_DEVICE_APP_STREAMING.
@hide -->
<permission android:name="android.permission.MANAGE_ACCESSIBILITY"
android:protectionLevel="signature|setup|recents|role" />
<!-- @SystemApi Allows an app to grant a profile owner access to device identifiers.
<p>Not for use by third-party applications.
@deprecated
@hide -->
<permission android:name="android.permission.GRANT_PROFILE_OWNER_DEVICE_IDS_ACCESS"
android:protectionLevel="signature" />
<!-- @SystemApi Allows an app to mark a profile owner as managing an organization-owned device.
<p>Not for use by third-party applications.
@hide -->
<permission android:name="android.permission.MARK_DEVICE_ORGANIZATION_OWNED"
android:protectionLevel="signature|role" />
<!-- Allows financial apps to read filtered sms messages.
Protection level: signature|appop
@deprecated The API that used this permission is no longer functional. -->
<permission android:name="android.permission.SMS_FINANCIAL_TRANSACTIONS"
android:protectionLevel="signature|appop" />
<!-- Required for apps targeting {@link android.os.Build.VERSION_CODES#Q} that want to use
{@link android.app.Notification.Builder#setFullScreenIntent notification full screen
intents}.
<p>Protection level: normal -->
<permission android:name="android.permission.USE_FULL_SCREEN_INTENT"
android:label="@string/permlab_fullScreenIntent"
android:description="@string/permdesc_fullScreenIntent"
android:protectionLevel="normal|appop" />
<!-- @SystemApi Required for the privileged assistant apps targeting
{@link android.os.Build.VERSION_CODES#VANILLA_ICE_CREAM}
that receive voice trigger from a sandboxed {@link HotwordDetectionService}.
<p>Protection level: signature|privileged|appop
@FlaggedApi("android.permission.flags.voice_activation_permission_apis")
@hide -->
<permission android:name="android.permission.RECEIVE_SANDBOX_TRIGGER_AUDIO"
android:protectionLevel="signature|privileged|appop" />
<!-- @SystemApi Required for the privileged assistant apps targeting
{@link android.os.Build.VERSION_CODES#VANILLA_ICE_CREAM}
that receive training data from a sandboxed {@link HotwordDetectionService} or
{@link VisualQueryDetectionService}.
<p>Protection level: internal|appop
@FlaggedApi("android.permission.flags.voice_activation_permission_apis")
@hide -->
<permission android:name="android.permission.RECEIVE_SANDBOXED_DETECTION_TRAINING_DATA"
android:protectionLevel="internal|appop" />
<!-- @SystemApi Allows requesting the framework broadcast the
{@link Intent#ACTION_DEVICE_CUSTOMIZATION_READY} intent.
@hide -->
<permission android:name="android.permission.SEND_DEVICE_CUSTOMIZATION_READY"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi Permission that protects the {@link Intent#ACTION_DEVICE_CUSTOMIZATION_READY}
intent.
@hide -->
<permission android:name="android.permission.RECEIVE_DEVICE_CUSTOMIZATION_READY"
android:protectionLevel="signature|preinstalled" />
<!-- @SystemApi Allows wallpaper to be rendered in ambient mode.
@hide -->
<permission android:name="android.permission.AMBIENT_WALLPAPER"
android:protectionLevel="signature|preinstalled" />
<!-- @SystemApi Allows sensor privacy to be modified.
@hide -->
<permission android:name="android.permission.MANAGE_SENSOR_PRIVACY"
android:protectionLevel="internal|role|installer" />
<!-- @SystemApi Allows sensor privacy changes to be observed.
@hide -->
<permission android:name="android.permission.OBSERVE_SENSOR_PRIVACY"
android:protectionLevel="internal|role|installer" />
<!-- @SystemApi Permission that protects the {@link Intent#ACTION_REVIEW_ACCESSIBILITY_SERVICES}
intent.
@hide -->
<permission android:name="android.permission.REVIEW_ACCESSIBILITY_SERVICES"
android:protectionLevel="signature" />
<!-- @SystemApi Allows an activity to replace the app name and icon displayed in share targets
in the sharesheet for the Q-release and later.
@hide <p>Not for use by third-party applications.</p> -->
<permission android:name="android.permission.SUBSTITUTE_SHARE_TARGET_APP_NAME_AND_ICON"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi Allows an application to access shared libraries.
@hide -->
<permission android:name="android.permission.ACCESS_SHARED_LIBRARIES"
android:protectionLevel="signature|installer" />
<!-- Allows an app to log compat change usage.
@hide <p>Not for use by third-party applications.</p> -->
<permission android:name="android.permission.LOG_COMPAT_CHANGE"
android:protectionLevel="signature|privileged" />
<!-- Allows an app to read compat change config.
@hide <p>Not for use by third-party applications.</p> -->
<permission android:name="android.permission.READ_COMPAT_CHANGE_CONFIG"
android:protectionLevel="signature|privileged" />
<!-- Allows an app to override compat change config.
This permission only allows to override config on debuggable builds or test-apks and is
therefore a less powerful version of OVERRIDE_COMPAT_CHANGE_CONFIG_ON_RELEASE_BUILD.
@hide <p>Not for use by third-party applications.</p> -->
<permission android:name="android.permission.OVERRIDE_COMPAT_CHANGE_CONFIG"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi Allows an app to override compat change config on release builds.
Only ChangeIds that are annotated as @Overridable can be overridden on release builds.
@hide -->
<permission android:name="android.permission.OVERRIDE_COMPAT_CHANGE_CONFIG_ON_RELEASE_BUILD"
android:protectionLevel="signature|privileged" />
<!-- Allows input events to be monitored. Very dangerous! @hide -->
<permission android:name="android.permission.MONITOR_INPUT"
android:protectionLevel="signature|recents" />
<!-- @SystemApi Allows the use of FLAG_SLIPPERY, which permits touch events to slip from the
current window to the window where the touch currently is on top of. @hide -->
<permission android:name="android.permission.ALLOW_SLIPPERY_TOUCHES"
android:protectionLevel="signature|privileged|recents|role" />
<!-- Allows the caller to change the associations between input devices and displays.
Very dangerous! @hide -->
<permission android:name="android.permission.ASSOCIATE_INPUT_DEVICE_TO_DISPLAY"
android:protectionLevel="signature" />
<!-- Allows query of any normal app on the device, regardless of manifest declarations.
<p>Protection level: normal -->
<permission android:name="android.permission.QUERY_ALL_PACKAGES"
android:label="@string/permlab_queryAllPackages"
android:description="@string/permdesc_queryAllPackages"
android:protectionLevel="normal" />
<uses-permission android:name="android.permission.QUERY_ALL_PACKAGES"/>
<!-- @hide Allow the caller to collect debugging data from processes that otherwise
would require USAGE_STATS. Before sharing this data with other apps, holders
of this permission are REQUIRED to themselves check that the caller has
PACKAGE_USAGE_STATS and OP_GET_USAGE_STATS. -->
<permission android:name="android.permission.PEEK_DROPBOX_DATA"
android:protectionLevel="signature" />
<!-- @SystemApi Allows an application to access TV tuner HAL
<p>Not for use by third-party applications.
@hide -->
<permission android:name="android.permission.ACCESS_TV_TUNER"
android:protectionLevel="signature|privileged|vendorPrivileged" />
<!-- @SystemApi Allows an application to access descrambler of TV tuner HAL
<p>Not for use by third-party applications.
@hide -->
<permission android:name="android.permission.ACCESS_TV_DESCRAMBLER"
android:protectionLevel="signature|privileged|vendorPrivileged" />
<!-- @SystemApi Allows an application to access shared filter of TV tuner HAL
<p>Not for use by third-party applications.
@hide -->
<permission android:name="android.permission.ACCESS_TV_SHARED_FILTER"
android:protectionLevel="signature|privileged|vendorPrivileged" />
<!-- Allows an application to create trusted displays. @hide @SystemApi -->
<permission android:name="android.permission.ADD_TRUSTED_DISPLAY"
android:protectionLevel="signature|role" />
<!-- Allows an application to create always-unlocked displays. @hide @SystemApi -->
<permission android:name="android.permission.ADD_ALWAYS_UNLOCKED_DISPLAY"
android:protectionLevel="signature|role"/>
<!-- @hide @SystemApi Allows an application to access locusId events in the usage stats. -->
<permission android:name="android.permission.ACCESS_LOCUS_ID_USAGE_STATS"
android:protectionLevel="signature|role" />
<!-- @hide @SystemApi Allows an application to manage app hibernation state. -->
<permission android:name="android.permission.MANAGE_APP_HIBERNATION"
android:protectionLevel="signature|installer" />
<!-- @hide @TestApi Allows apps to reset the state of {@link com.android.server.am.AppErrors}.
<p>CTS tests will use UiAutomation.adoptShellPermissionIdentity() to gain access. -->
<permission android:name="android.permission.RESET_APP_ERRORS"
android:protectionLevel="signature" />
<!-- @hide Allows an application to create/destroy input consumer. -->
<permission android:name="android.permission.INPUT_CONSUMER"
android:protectionLevel="signature" />
<!-- @hide @TestApi Allows an application to control the system's device state managed by the
{@link android.service.devicestate.DeviceStateManagerService}. For example, on foldable
devices this would grant access to toggle between the folded and unfolded states. -->
<permission android:name="android.permission.CONTROL_DEVICE_STATE"
android:protectionLevel="signature" />
<!-- @hide @SystemApi Must be required by a
{@link android.service.displayhash.DisplayHashingService}
to ensure that only the system can bind to it.
This is not a third-party API (intended for OEMs and system apps).
-->
<permission android:name="android.permission.BIND_DISPLAY_HASHING_SERVICE"
android:protectionLevel="signature" />
<!-- @hide @TestApi Allows an application to enable/disable toast rate limiting.
<p>Not for use by third-party applications.
-->
<permission android:name="android.permission.MANAGE_TOAST_RATE_LIMITING"
android:protectionLevel="signature" />
<!-- @SystemApi Allows managing the Game Mode
@hide -->
<permission android:name="android.permission.MANAGE_GAME_MODE"
android:protectionLevel="signature|privileged" />
<!-- @TestApi Allows setting the game service provider, meant for tests only.
@hide -->
<permission android:name="android.permission.SET_GAME_SERVICE"
android:protectionLevel="signature" />
<!-- @SystemApi Allows accessing the frame rate per second of a given application
@hide -->
<permission android:name="android.permission.ACCESS_FPS_COUNTER"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi Allows the GameService provider to create GameSession and call GameSession
APIs and overlay a view on top of the game's Activity.
@hide -->
<permission android:name="android.permission.MANAGE_GAME_ACTIVITY"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi Allows the holder to register callbacks to inform the RebootReadinessManager
when they are performing reboot-blocking work.
@hide -->
<permission android:name="android.permission.SIGNAL_REBOOT_READINESS"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi Allows the holder to launch an Intent Resolver flow with custom presentation
and/or targets.
@FlaggedApi("android.service.chooser.support_nfc_resolver")
@hide -->
<permission android:name="android.permission.SHOW_CUSTOMIZED_RESOLVER"
android:protectionLevel="signature|privileged" />
<!-- @hide Allows an application to get a People Tile preview for a given shortcut. -->
<permission android:name="android.permission.GET_PEOPLE_TILE_PREVIEW"
android:protectionLevel="signature|recents" />
<!-- @hide @SystemApi Allows an application to retrieve whether shortcut is backed by a
Conversation.
TODO(b/180412052): STOPSHIP: Define a role so it can be granted to Shell and AiAi. -->
<permission android:name="android.permission.READ_PEOPLE_DATA"
android:protectionLevel="signature|recents|role"/>
<!-- @hide @SystemApi Allows a logical component within an application to
temporarily renounce a set of otherwise granted permissions. -->
<permission android:name="android.permission.RENOUNCE_PERMISSIONS"
android:protectionLevel="signature|privileged" />
<!-- Allows an application to read nearby streaming policy. The policy controls
whether to allow the device to stream its notifications and apps to nearby devices.
Applications that are not the device owner will need this permission to call
{@link android.app.admin.DevicePolicyManager#getNearbyNotificationStreamingPolicy} or
{@link android.app.admin.DevicePolicyManager#getNearbyAppStreamingPolicy}. -->
<permission android:name="android.permission.READ_NEARBY_STREAMING_POLICY"
android:protectionLevel="normal" />
<!-- @SystemApi Allows the holder to set the source of the data when setting a clip on the
clipboard.
@hide -->
<permission android:name="android.permission.SET_CLIP_SOURCE"
android:protectionLevel="signature|recents" />
<!-- @SystemApi Allows an application to access TV tuned info
<p>Not for use by third-party applications.
@hide -->
<permission android:name="android.permission.ACCESS_TUNED_INFO"
android:protectionLevel="signature|privileged|vendorPrivileged" />
<!-- Allows an application to indicate via
{@link android.content.pm.PackageInstaller.SessionParams#setRequireUserAction(int)}
that user action should not be required for an app update.
<p>Protection level: normal
-->
<permission android:name="android.permission.UPDATE_PACKAGES_WITHOUT_USER_ACTION"
android:label="@string/permlab_updatePackagesWithoutUserAction"
android:description="@string/permdesc_updatePackagesWithoutUserAction"
android:protectionLevel="normal" />
<uses-permission android:name="android.permission.UPDATE_PACKAGES_WITHOUT_USER_ACTION"/>
<!-- Allows an application to indicate via {@link
android.content.pm.PackageInstaller.SessionParams#setRequestUpdateOwnership}
that it has the intention of becoming the update owner.
<p>Protection level: normal
-->
<permission android:name="android.permission.ENFORCE_UPDATE_OWNERSHIP"
android:protectionLevel="normal" />
<uses-permission android:name="android.permission.ENFORCE_UPDATE_OWNERSHIP" />
<!-- Allows an application to take screenshots of layers that normally would be blacked out when
a screenshot is taken. Specifically, layers that have the flag
{@link android.view.SurfaceControl#SECURE} will be screenshot if the caller requests to
capture secure layers. Normally those layers will be rendered black.
<p>Not for use by third-party applications.
@hide
-->
<permission android:name="android.permission.CAPTURE_BLACKOUT_CONTENT"
android:protectionLevel="signature" />
<!-- @SystemApi Allows an application to query over global data in AppSearch.
@hide -->
<permission android:name="android.permission.READ_GLOBAL_APP_SEARCH_DATA"
android:protectionLevel="internal|role" />
<!-- Allows an application to query over global data in AppSearch that's visible to the
ASSISTANT role. -->
<permission android:name="android.permission.READ_ASSISTANT_APP_SEARCH_DATA"
android:protectionLevel="internal|role" />
<!-- Allows an application to query over global data in AppSearch that's visible to the
HOME role. -->
<permission android:name="android.permission.READ_HOME_APP_SEARCH_DATA"
android:protectionLevel="internal|role" />
<!-- Allows an assistive application to perform actions on behalf of users inside of
applications.
<p>For now, this permission is only granted to the Assistant application selected by
the user.
<p>Protection level: internal|role
-->
<permission android:name="android.permission.EXECUTE_APP_ACTION"
android:protectionLevel="internal|role" />
<!-- Allows an application to display its suggestions using the autofill framework.
<p>For now, this permission is only granted to the Browser application.
<p>Protection level: internal|role
-->
<permission android:name="android.permission.PROVIDE_OWN_AUTOFILL_SUGGESTIONS"
android:protectionLevel="internal|role" />
<!-- @SystemApi Allows an application to create virtual devices in VirtualDeviceManager.
@hide -->
<permission android:name="android.permission.CREATE_VIRTUAL_DEVICE"
android:protectionLevel="internal|role" />
<!-- @SystemApi Must be required by a safety source to send an update using the
{@link android.safetycenter.SafetyCenterManager}.
<p>Protection level: internal|privileged
@hide
-->
<permission android:name="android.permission.SEND_SAFETY_CENTER_UPDATE"
android:protectionLevel="internal|privileged" />
<!-- @SystemApi Allows an application to launch device manager setup screens.
<p>Not for use by third-party applications.
@hide
-->
<permission android:name="android.permission.LAUNCH_DEVICE_MANAGER_SETUP"
android:protectionLevel="signature|role" />
<!-- @SystemApi Allows an application to update certain device management related system
resources.
@hide -->
<permission android:name="android.permission.UPDATE_DEVICE_MANAGEMENT_RESOURCES"
android:protectionLevel="signature|role" />
<!-- @SystemApi Allows an app to read whether SafetyCenter is enabled/disabled.
<p>Protection level: signature|privileged
@hide
-->
<permission android:name="android.permission.READ_SAFETY_CENTER_STATUS"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi Required to access the safety center internal APIs using the
{@link android.safetycenter.SafetyCenterManager}.
<p>Protection level: internal|installer|role
@hide
-->
<permission android:name="android.permission.MANAGE_SAFETY_CENTER"
android:protectionLevel="internal|installer|role" />
<!-- @SystemApi Allows an application to access the AmbientContextEvent service.
@hide
-->
<permission android:name="android.permission.ACCESS_AMBIENT_CONTEXT_EVENT"
android:protectionLevel="signature|privileged|role"/>
<!-- @SystemApi Required by a AmbientContextEventDetectionService
to ensure that only the service with this permission can bind to it.
@hide
-->
<permission android:name="android.permission.BIND_AMBIENT_CONTEXT_DETECTION_SERVICE"
android:protectionLevel="signature" />
<!-- @SystemApi Allows an app to set keep-clear areas without restrictions on the size or
number of keep-clear areas (see {@link android.view.View#setPreferKeepClearRects}).
When the system arranges floating windows onscreen, it might decide to ignore keep-clear
areas from windows, whose owner does not have this permission.
@hide
-->
<permission android:name="android.permission.SET_UNRESTRICTED_KEEP_CLEAR_AREAS"
android:protectionLevel="signature|privileged" />
<!-- Allows an app to set gesture exclusion without restrictions on the vertical extent of the
exclusions (see {@link android.view.View#setSystemGestureExclusionRects}).
@hide
-->
<permission android:name="android.permission.SET_UNRESTRICTED_GESTURE_EXCLUSION"
android:protectionLevel="signature|privileged|recents" />
<!-- @SystemApi Allows TV input apps and TV apps to use TIS extension interfaces for
domain-specific features.
<p>Protection level: signature|privileged|vendorPrivileged
<p>Not for use by third-party applications.
@hide
-->
<permission android:name="android.permission.TIS_EXTENSION_INTERFACE"
android:protectionLevel="signature|privileged|vendorPrivileged" />
<!-- @SystemApi Allows an application to write to the security log buffer in logd.
@hide -->
<permission android:name="android.permission.WRITE_SECURITY_LOG"
android:protectionLevel="signature|privileged" />
<!-- Allows an UID to be visible to the application based on an interaction between the
two apps. This permission is not intended to be held by apps.
@hide @TestApi @SystemApi(client=android.annotation.SystemApi.Client.MODULE_LIBRARIES) -->
<permission android:name="android.permission.MAKE_UID_VISIBLE"
android:protectionLevel="signature" />
<!-- Limits the system as the only handler of the QUERY_PACKAGE_RESTART broadcast
@hide -->
<permission android:name="android.permission.HANDLE_QUERY_PACKAGE_RESTART"
android:protectionLevel="signature" />
<!-- Allows low-level access to re-mapping modifier keys.
<p>Not for use by third-party applications.
@hide
@TestApi -->
<permission android:name="android.permission.REMAP_MODIFIER_KEYS"
android:protectionLevel="signature" />
<!-- Allows low-level access to monitor keyboard backlight changes.
<p>Not for use by third-party applications.
@hide -->
<permission android:name="android.permission.MONITOR_KEYBOARD_BACKLIGHT"
android:protectionLevel="signature" />
<uses-permission android:name="android.permission.HANDLE_QUERY_PACKAGE_RESTART" />
<!-- Allows financed device kiosk apps to perform actions on the Device Lock service
<p>Protection level: internal|role
<p>Intended for use by the FINANCED_DEVICE_KIOSK role only.
-->
<permission android:name="android.permission.MANAGE_DEVICE_LOCK_STATE"
android:protectionLevel="internal|role" />
<!-- @SystemApi Required by a WearableSensingService to
ensure that only the caller with this permission can bind to it.
<p> Protection level: signature
@hide
-->
<permission android:name="android.permission.BIND_WEARABLE_SENSING_SERVICE"
android:protectionLevel="signature" />
<!-- @SystemApi Allows an app to manage the wearable sensing service.
<p>Protection level: signature|privileged
@hide
-->
<permission android:name="android.permission.MANAGE_WEARABLE_SENSING_SERVICE"
android:protectionLevel="signature|privileged" />
<!-- Allows applications to use the user-initiated jobs API. For more details
see {@link android.app.job.JobInfo.Builder#setUserInitiated}.
<p>Protection level: normal
-->
<permission android:name="android.permission.RUN_USER_INITIATED_JOBS"
android:protectionLevel="normal"/>
<!-- Allows an app access to the installer provided app metadata.
@SystemApi
@hide
-->
<permission android:name="android.permission.GET_APP_METADATA"
android:protectionLevel="signature|installer" />
<!-- @hide @SystemApi Allows an application to stage HealthConnect's remote data so that
HealthConnect can later integrate it. -->
<permission android:name="android.permission.STAGE_HEALTH_CONNECT_REMOTE_DATA"
android:protectionLevel="signature|knownSigner"
android:knownCerts="@array/config_healthConnectRestoreKnownSigners"/>
<!-- @hide @TestApi Allows an application to clear HealthConnect's staged remote data for
testing only. For security reasons, this is a platform-only permission. -->
<permission android:name="android.permission.DELETE_STAGED_HEALTH_CONNECT_REMOTE_DATA"
android:protectionLevel="signature" />
<!-- @hide @TestApi Allows tests running in CTS-in-sandbox mode to launch activities -->
<permission android:name="android.permission.START_ACTIVITIES_FROM_SDK_SANDBOX"
android:protectionLevel="signature" />
<!-- @SystemApi Allows the holder to call health connect migration APIs.
@hide -->
<permission android:name="android.permission.MIGRATE_HEALTH_CONNECT_DATA"
android:protectionLevel="signature|knownSigner"
android:knownCerts="@array/config_healthConnectMigrationKnownSigners" />
<!-- @SystemApi Allows an app to query apps in clone profile. The permission is
bidirectional in nature, i.e. cloned apps would be able to query apps in root user.
The permission is not meant for 3P apps as of now.
<p>Protection level: signature|privileged
@hide
-->
<permission android:name="android.permission.QUERY_CLONED_APPS"
android:protectionLevel="signature|privileged" />
<!-- @hide @SystemApi
Allows applications to capture bugreport directly without consent dialog when using the
bugreporting API on userdebug/eng build.
<p>The application still needs to hold {@link android.permission.DUMP} permission and be
bugreport-whitelisted to be able to capture a bugreport using the bugreporting API in the
first place. Then, when the corresponding app op of this permission is ALLOWED, the
bugreport can be captured directly without going through the consent dialog.
<p>Protection level: internal|appop
<p>Intended to only be used on userdebug/eng build.
<p>Not for use by third-party applications. -->
<permission android:name="android.permission.CAPTURE_CONSENTLESS_BUGREPORT_ON_USERDEBUG_BUILD"
android:protectionLevel="internal|appop" />
<!-- @SystemApi Allows to call APIs that log process lifecycle events
@hide -->
<permission android:name="android.permission.LOG_FOREGROUND_RESOURCE_USE"
android:protectionLevel="signature|module" />
<!-- @hide Allows the settings app to access GPU service APIs".
<p>Not for use by third-party applications.
<p>Protection level: signature
-->
<permission android:name="android.permission.ACCESS_GPU_SERVICE"
android:protectionLevel="signature" />
<!-- @hide Allows an application to get type of any provider uri.
<p>Not for use by third-party applications.
<p>Protection level: signature
-->
<permission android:name="android.permission.GET_ANY_PROVIDER_TYPE"
android:protectionLevel="signature" />
<!-- @hide Allows internal applications to read and synchronize non-core flags.
Apps without this permission can only read a subset of flags specifically intended
for use in "core", (i.e. third party apps). Apps with this permission can define their
own flags, and federate those values with other system-level apps.
<p>Not for use by third-party applications.
<p>Protection level: signature
-->
<permission android:name="android.permission.SYNC_FLAGS"
android:protectionLevel="signature" />
<!-- @hide Allows internal applications to override flags in the FeatureFlags service.
<p>Not for use by third-party applications.
<p>Protection level: signature
-->
<permission android:name="android.permission.WRITE_FLAGS"
android:protectionLevel="signature" />
<!-- @hide @SystemApi
@FlaggedApi("android.app.get_binding_uid_importance")
Allows to get the importance of an UID that has a service
binding to the app.
<p>Protection level: signature|privileged
-->
<permission android:name="android.permission.GET_BINDING_UID_IMPORTANCE"
android:protectionLevel="signature|privileged" />
<!-- @hide Allows internal applications to manage displays.
<p>This means intercept internal signals about displays being (dis-)connected
and being able to enable or disable the external displays.
<p>Not for use by third-party applications.
<p>Protection level: signature
-->
<permission android:name="android.permission.MANAGE_DISPLAYS"
android:protectionLevel="signature" />
<!-- @SystemApi Allows apps to reset hotword training data egress count for testing.
<p>CTS tests will use UiAutomation.AdoptShellPermissionIdentity() to gain access.
<p>Protection level: signature
@FlaggedApi("android.service.voice.flags.allow_training_data_egress_from_hds")
@hide -->
<permission android:name="android.permission.RESET_HOTWORD_TRAINING_DATA_EGRESS_COUNT"
android:protectionLevel="signature" />
<!-- @SystemApi Allows an app to track all preparations for a complete factory reset.
<p>Protection level: signature|privileged
@FlaggedApi("android.permission.flags.factory_reset_prep_permission_apis")
@hide -->
<permission android:name="android.permission.PREPARE_FACTORY_RESET"
android:protectionLevel="signature|privileged" />
<!-- @SystemApi Allows focused window to override the default behavior of supported system keys.
The following keycodes are supported:
<p> KEYCODE_STEM_PRIMARY
<p>If an app is granted this permission and has a focused window, it will be allowed to
receive supported key events that are otherwise handled by the system. The app can choose
to consume the key events and trigger its own behavior, in which case the default key
behavior will be skipped.
<p>For example, KEYCODE_STEM_PRIMARY by default opens recent app launcher. If the foreground
fitness app is granted this permission, it can repurpose the KEYCODE_STEM_PRIMARY button
to pause/resume the current fitness session.
<p>Protection level: signature|privileged
@FlaggedApi("com.android.input.flags.override_key_behavior_permission_apis")
@hide -->
<permission android:name="android.permission.OVERRIDE_SYSTEM_KEY_BEHAVIOR_IN_FOCUSED_WINDOW"
android:protectionLevel="signature|privileged" />
<!-- Allows an application to manage app lock
@hide -->
<permission android:name="com.android.permission.MANAGE_APP_LOCK"
android:protectionLevel="signature|privileged" />
<!-- Attribution for Geofencing service. -->
<attribution android:tag="GeofencingService" android:label="@string/geofencing_service"/>
<!-- Attribution for Country Detector. -->
<attribution android:tag="CountryDetector" android:label="@string/country_detector"/>
<!-- Attribution for Location service. -->
<attribution android:tag="LocationService" android:label="@string/location_service"/>
<!-- Attribution for Gnss service. -->
<attribution android:tag="GnssService" android:label="@string/gnss_service"/>
<!-- Attribution for Sensor Notification service. -->
<attribution android:tag="SensorNotificationService"
android:label="@string/sensor_notification_service"/>
<!-- Attribution for Twilight service. -->
<attribution android:tag="TwilightService" android:label="@string/twilight_service"/>
<!-- Attribution for Gnss Time Update service. -->
<attribution android:tag="GnssTimeUpdateService"
android:label="@string/gnss_time_update_service"/>
<!-- LineageHealth -->
<protected-broadcast android:name="lineageos.platform.intent.action.CHARGING_CONTROL_CANCEL_ONCE" />
<!-- Attribution for MusicRecognitionManagerService.
<p>Not for use by third-party applications.</p> -->
<attribution android:tag="MusicRecognitionManagerService"
android:label="@string/music_recognition_manager_service"/>
<!-- Attribution for Device Policy Manager service. -->
<attribution android:tag="DevicePolicyManagerService"
android:label="@string/device_policy_manager_service"/>
<application android:process="system"
android:persistent="true"
android:hasCode="false"
android:label="@string/android_system_label"
android:allowClearUserData="false"
android:backupAgent="com.android.server.backup.SystemBackupAgent"
android:killAfterRestore="false"
android:icon="@drawable/ic_launcher_android"
android:supportsRtl="true"
android:theme="@style/Theme.DeviceDefault.Light.DarkActionBar"
android:defaultToDeviceProtectedStorage="true"
android:forceQueryable="true"
android:directBootAware="true">
<activity android:name="com.android.internal.accessibility.dialog.AccessibilityShortcutChooserActivity"
android:exported="false"
android:theme="@style/Theme.DeviceDefault.Dialog.Alert.DayNight"
android:finishOnCloseSystemDialogs="true"
android:excludeFromRecents="true"
android:documentLaunchMode="never"
android:relinquishTaskIdentity="true"
android:process=":ui"
android:visibleToInstantApps="true">
<intent-filter>
<action android:name="com.android.internal.intent.action.CHOOSE_ACCESSIBILITY_BUTTON" />
<category android:name="android.intent.category.DEFAULT" />
</intent-filter>
</activity>
<activity android:name="com.android.internal.accessibility.dialog.AccessibilityButtonChooserActivity"
android:exported="false"
android:theme="@style/Theme.DeviceDefault.Resolver"
android:finishOnCloseSystemDialogs="true"
android:excludeFromRecents="true"
android:documentLaunchMode="never"
android:relinquishTaskIdentity="true"
android:configChanges="screenSize|smallestScreenSize|screenLayout|orientation|keyboard|keyboardHidden"
android:process=":ui"
android:visibleToInstantApps="true">
<intent-filter>
<action android:name="com.android.internal.intent.action.CHOOSE_ACCESSIBILITY_BUTTON" />
<category android:name="android.intent.category.DEFAULT" />
</intent-filter>
</activity>
<activity android:name="com.android.internal.app.NfcResolverActivity"
android:theme="@style/Theme.Dialog.Alert"
android:finishOnCloseSystemDialogs="true"
android:excludeFromRecents="true"
android:multiprocess="true"
android:permission="android.permission.SHOW_CUSTOMIZED_RESOLVER"
android:exported="true">
<intent-filter>
<action android:name="android.service.chooser.action.SHOW_CUSTOMIZED_RESOLVER" />
<category android:name="android.intent.category.DEFAULT" />
</intent-filter>
</activity>
<activity android:name="com.android.internal.app.IntentForwarderActivity"
android:finishOnCloseSystemDialogs="true"
android:theme="@style/Theme.DeviceDefault.Resolver"
android:excludeFromRecents="true"
android:documentLaunchMode="never"
android:relinquishTaskIdentity="true"
android:configChanges="screenSize|smallestScreenSize|screenLayout|orientation|keyboard|keyboardHidden"
android:label="@string/user_owner_label"
android:exported="true"
android:visibleToInstantApps="true"
>
</activity>
<activity-alias android:name="com.android.internal.app.ForwardIntentToParent"
android:targetActivity="com.android.internal.app.IntentForwarderActivity"
android:exported="true"
android:label="@string/user_owner_label">
</activity-alias>
<activity-alias android:name="com.android.internal.app.ForwardIntentToManagedProfile"
android:targetActivity="com.android.internal.app.IntentForwarderActivity"
android:icon="@drawable/ic_corp_badge"
android:exported="true"
android:label="@string/managed_profile_label">
</activity-alias>
<activity android:name="com.android.internal.app.HeavyWeightSwitcherActivity"
android:theme="@style/Theme.DeviceDefault.System.Dialog.Alert"
android:label="@string/heavy_weight_switcher_title"
android:finishOnCloseSystemDialogs="true"
android:excludeFromRecents="true"
android:process=":ui">
</activity>
<activity android:name="com.android.internal.app.PlatLogoActivity"
android:theme="@style/Theme.NoTitleBar.Fullscreen"
android:configChanges="orientation|screenSize|screenLayout|keyboardHidden"
android:enableOnBackInvokedCallback="true"
android:icon="@drawable/platlogo"
android:process=":ui">
</activity>
<activity android:name="com.android.internal.app.DisableCarModeActivity"
android:theme="@style/Theme.NoDisplay"
android:excludeFromRecents="true"
android:process=":ui">
</activity>
<activity android:name="android.accounts.ChooseAccountActivity"
android:excludeFromRecents="true"
android:exported="true"
android:theme="@style/Theme.DeviceDefault.Light.Dialog"
android:label="@string/choose_account_label"
android:process=":ui"
android:visibleToInstantApps="true">
</activity>
<activity android:name="android.accounts.ChooseTypeAndAccountActivity"
android:excludeFromRecents="true"
android:exported="true"
android:theme="@style/Theme.DeviceDefault.Light.Dialog"
android:label="@string/choose_account_label"
android:process=":ui"
android:visibleToInstantApps="true">
</activity>
<activity android:name="android.accounts.ChooseAccountTypeActivity"
android:excludeFromRecents="true"
android:theme="@style/Theme.DeviceDefault.Light.Dialog"
android:label="@string/choose_account_label"
android:process=":ui"
android:visibleToInstantApps="true">
</activity>
<activity android:name="android.accounts.CantAddAccountActivity"
android:excludeFromRecents="true"
android:exported="true"
android:theme="@style/Theme.DeviceDefault.Light.Dialog.NoActionBar"
android:process=":ui">
</activity>
<activity android:name="android.accounts.GrantCredentialsPermissionActivity"
android:excludeFromRecents="true"
android:exported="true"
android:theme="@style/Theme.DeviceDefault.Light.DialogWhenLarge"
android:process=":ui"
android:visibleToInstantApps="true">
</activity>
<activity android:name="android.content.SyncActivityTooManyDeletes"
android:theme="@style/Theme.DeviceDefault.Light.Dialog"
android:label="@string/sync_too_many_deletes"
android:process=":ui">
</activity>
<activity android:name="com.android.internal.app.ShutdownActivity"
android:permission="android.permission.SHUTDOWN"
android:theme="@style/Theme.NoDisplay"
android:exported="true"
android:excludeFromRecents="true">
<intent-filter>
<action android:name="com.android.internal.intent.action.REQUEST_SHUTDOWN" />
<category android:name="android.intent.category.DEFAULT" />
</intent-filter>
<intent-filter>
<action android:name="android.intent.action.REBOOT" />
<category android:name="android.intent.category.DEFAULT" />
</intent-filter>
</activity>
<activity android:name="com.android.internal.app.SystemUserHomeActivity"
android:enabled="false"
android:process=":ui"
android:systemUserOnly="true"
android:exported="true"
android:theme="@style/Theme.Translucent.NoTitleBar">
<intent-filter android:priority="-100">
<action android:name="android.intent.action.MAIN" />
<category android:name="android.intent.category.HOME" />
</intent-filter>
</activity>
<!-- Activity to prompt user if it's ok to create a new user sandbox for a
specified account. -->
<activity android:name="com.android.internal.app.ConfirmUserCreationActivity"
android:excludeFromRecents="true"
android:process=":ui"
android:exported="true"
android:theme="@style/Theme.Dialog.Confirmation">
<intent-filter android:priority="1000">
<action android:name="android.os.action.CREATE_USER" />
<category android:name="android.intent.category.DEFAULT" />
</intent-filter>
</activity>
<activity android:name="com.android.internal.app.SuspendedAppActivity"
android:theme="@style/Theme.Dialog.Confirmation"
android:excludeFromRecents="true"
android:process=":ui">
</activity>
<activity android:name="com.android.internal.app.UnlaunchableAppActivity"
android:theme="@style/Theme.Dialog.Confirmation"
android:excludeFromRecents="true"
android:process=":ui">
</activity>
<activity android:name="com.android.internal.app.BlockedAppActivity"
android:theme="@style/Theme.Dialog.Confirmation"
android:excludeFromRecents="true"
android:lockTaskMode="always"
android:process=":ui">
</activity>
<activity android:name="com.android.internal.app.BlockedAppStreamingActivity"
android:theme="@style/Theme.Dialog.Confirmation"
android:excludeFromRecents="true"
android:process=":ui">
</activity>
<activity android:name="com.android.internal.app.LaunchAfterAuthenticationActivity"
android:theme="@style/Theme.Translucent.NoTitleBar"
android:excludeFromRecents="true"
android:process=":ui">
</activity>
<activity android:name="com.android.settings.notification.NotificationAccessConfirmationActivity"
android:theme="@style/Theme.Dialog.Confirmation"
android:excludeFromRecents="true">
</activity>
<activity android:name="com.android.internal.app.HarmfulAppWarningActivity"
android:theme="@style/Theme.Dialog.Confirmation"
android:excludeFromRecents="true"
android:process=":ui"
android:label="@string/harmful_app_warning_title"
android:exported="false">
</activity>
<activity android:name="com.android.server.notification.NASLearnMoreActivity"
android:theme="@style/Theme.Dialog.Confirmation"
android:excludeFromRecents="true"
android:exported="false">
</activity>
<activity android:name="android.service.games.GameSessionTrampolineActivity"
android:excludeFromRecents="true"
android:exported="true"
android:permission="android.permission.MANAGE_GAME_ACTIVITY"
android:theme="@style/Theme.GameSessionTrampoline">
</activity>
<receiver android:name="com.android.server.BootReceiver"
android:exported="true"
android:systemUserOnly="true">
<intent-filter android:priority="1000">
<action android:name="android.intent.action.BOOT_COMPLETED" />
</intent-filter>
</receiver>
<receiver android:name="com.android.server.updates.CertPinInstallReceiver"
android:exported="true"
android:permission="android.permission.UPDATE_CONFIG">
<intent-filter>
<action android:name="android.intent.action.UPDATE_PINS" />
<data android:scheme="content" android:host="*" android:mimeType="*/*" />
</intent-filter>
</receiver>
<receiver android:name="com.android.server.updates.IntentFirewallInstallReceiver"
android:exported="true"
android:permission="android.permission.UPDATE_CONFIG">
<intent-filter>
<action android:name="android.intent.action.UPDATE_INTENT_FIREWALL" />
<data android:scheme="content" android:host="*" android:mimeType="*/*" />
</intent-filter>
</receiver>
<receiver android:name="com.android.server.updates.SmsShortCodesInstallReceiver"
android:exported="true"
android:permission="android.permission.UPDATE_CONFIG">
<intent-filter>
<action android:name="android.intent.action.UPDATE_SMS_SHORT_CODES" />
<data android:scheme="content" android:host="*" android:mimeType="*/*" />
</intent-filter>
</receiver>
<receiver android:name="com.android.server.updates.NetworkWatchlistInstallReceiver"
android:exported="true"
android:permission="android.permission.UPDATE_CONFIG">
<intent-filter>
<action android:name="android.intent.action.UPDATE_NETWORK_WATCHLIST" />
<data android:scheme="content" android:host="*" android:mimeType="*/*" />
</intent-filter>
</receiver>
<receiver android:name="com.android.server.updates.ApnDbInstallReceiver"
android:exported="true"
android:permission="android.permission.UPDATE_CONFIG">
<intent-filter>
<action android:name="com.android.internal.intent.action.UPDATE_APN_DB" />
<data android:scheme="content" android:host="*" android:mimeType="*/*" />
</intent-filter>
</receiver>
<receiver android:name="com.android.server.updates.CarrierProvisioningUrlsInstallReceiver"
android:exported="true"
android:permission="android.permission.UPDATE_CONFIG">
<intent-filter>
<action android:name="android.intent.action.UPDATE_CARRIER_PROVISIONING_URLS" />
<data android:scheme="content" android:host="*" android:mimeType="*/*" />
</intent-filter>
</receiver>
<receiver android:name="com.android.server.updates.CertificateTransparencyLogInstallReceiver"
android:exported="true"
android:permission="android.permission.UPDATE_CONFIG">
<intent-filter>
<action android:name="android.intent.action.UPDATE_CT_LOGS" />
<data android:scheme="content" android:host="*" android:mimeType="*/*" />
</intent-filter>
</receiver>
<receiver android:name="com.android.server.updates.LangIdInstallReceiver"
android:exported="true"
android:permission="android.permission.UPDATE_CONFIG">
<intent-filter>
<action android:name="android.intent.action.UPDATE_LANG_ID" />
<data android:scheme="content" android:host="*" android:mimeType="*/*" />
</intent-filter>
</receiver>
<receiver android:name="com.android.server.updates.SmartSelectionInstallReceiver"
android:exported="true"
android:permission="android.permission.UPDATE_CONFIG">
<intent-filter>
<action android:name="android.intent.action.UPDATE_SMART_SELECTION" />
<data android:scheme="content" android:host="*" android:mimeType="*/*" />
</intent-filter>
</receiver>
<receiver android:name="com.android.server.updates.ConversationActionsInstallReceiver"
android:exported="true"
android:permission="android.permission.UPDATE_CONFIG">
<intent-filter>
<action android:name="android.intent.action.UPDATE_CONVERSATION_ACTIONS" />
<data android:scheme="content" android:host="*" android:mimeType="*/*" />
</intent-filter>
</receiver>
<receiver android:name="com.android.server.updates.CarrierIdInstallReceiver"
android:exported="true"
android:permission="android.permission.UPDATE_CONFIG">
<intent-filter>
<action android:name="android.os.action.UPDATE_CARRIER_ID_DB" />
<data android:scheme="content" android:host="*" android:mimeType="*/*" />
</intent-filter>
</receiver>
<receiver android:name="com.android.server.updates.EmergencyNumberDbInstallReceiver"
android:exported="true"
android:permission="android.permission.UPDATE_CONFIG">
<intent-filter>
<action android:name="android.os.action.UPDATE_EMERGENCY_NUMBER_DB" />
<data android:scheme="content" android:host="*" android:mimeType="*/*" />
</intent-filter>
</receiver>
<receiver android:name="com.android.server.MasterClearReceiver"
android:exported="true"
android:permission="android.permission.MASTER_CLEAR">
<intent-filter
android:priority="100" >
<!-- For Checkin, Settings, etc.: action=FACTORY_RESET -->
<action android:name="android.intent.action.FACTORY_RESET" />
<!-- As above until all the references to the deprecated MASTER_CLEAR get updated to
FACTORY_RESET. -->
<action android:name="android.intent.action.MASTER_CLEAR" />
<!-- MCS always uses REMOTE_INTENT: category=MASTER_CLEAR -->
<action android:name="com.google.android.c2dm.intent.RECEIVE" />
<category android:name="android.intent.category.MASTER_CLEAR" />
</intent-filter>
</receiver>
<receiver android:name="com.android.server.WallpaperUpdateReceiver"
android:exported="true"
android:permission="android.permission.RECEIVE_DEVICE_CUSTOMIZATION_READY">
<intent-filter>
<action android:name="android.intent.action.DEVICE_CUSTOMIZATION_READY"/>
</intent-filter>
</receiver>
<service android:name="android.hardware.location.GeofenceHardwareService"
android:permission="android.permission.LOCATION_HARDWARE"
android:exported="false" />
<service android:name="com.android.server.MountServiceIdler"
android:exported="true"
android:permission="android.permission.BIND_JOB_SERVICE" >
</service>
<service android:name="com.android.server.SmartStorageMaintIdler"
android:exported="true"
android:permission="android.permission.BIND_JOB_SERVICE" >
</service>
<service android:name="com.android.server.ZramWriteback"
android:exported="false"
android:permission="android.permission.BIND_JOB_SERVICE" >
</service>
<service android:name="com.android.server.backup.FullBackupJob"
android:exported="true"
android:permission="android.permission.BIND_JOB_SERVICE" >
</service>
<service android:name="com.android.server.backup.KeyValueBackupJob"
android:permission="android.permission.BIND_JOB_SERVICE" >
</service>
<service android:name="com.android.server.content.SyncJobService"
android:permission="android.permission.BIND_JOB_SERVICE" >
</service>
<service android:name="com.android.server.pm.BackgroundDexOptJobService"
android:exported="true"
android:permission="android.permission.BIND_JOB_SERVICE">
</service>
<service android:name="com.android.server.pm.DynamicCodeLoggingService"
android:permission="android.permission.BIND_JOB_SERVICE">
</service>
<service android:name="com.android.server.compos.IsolatedCompilationJobService"
android:permission="android.permission.BIND_JOB_SERVICE">
</service>
<service android:name="com.android.server.PruneInstantAppsJobService"
android:permission="android.permission.BIND_JOB_SERVICE" >
</service>
<service android:name="com.android.server.storage.DiskStatsLoggingService"
android:permission="android.permission.BIND_JOB_SERVICE" >
</service>
<service android:name="com.android.server.PreloadsFileCacheExpirationJobService"
android:permission="android.permission.BIND_JOB_SERVICE" >
</service>
<service android:name="com.android.server.camera.CameraStatsJobService"
android:permission="android.permission.BIND_JOB_SERVICE" >
</service>
<service android:name="com.android.server.usage.UsageStatsIdleService"
android:permission="android.permission.BIND_JOB_SERVICE" >
</service>
<service android:name="com.android.server.net.watchlist.ReportWatchlistJobService"
android:permission="android.permission.BIND_JOB_SERVICE" >
</service>
<service android:name="com.android.server.display.BrightnessIdleJob"
android:permission="android.permission.BIND_JOB_SERVICE" >
</service>
<service android:name="com.android.server.people.data.DataMaintenanceService"
android:permission="android.permission.BIND_JOB_SERVICE" >
</service>
<service android:name="com.android.server.profcollect.ProfcollectForwardingService$ProfcollectBGJobService"
android:permission="android.permission.BIND_JOB_SERVICE" >
</service>
<service android:name="com.android.server.pm.GentleUpdateHelper$Service"
android:permission="android.permission.BIND_JOB_SERVICE" >
</service>
<service
android:name="com.android.server.autofill.AutofillCompatAccessibilityService"
android:permission="android.permission.BIND_ACCESSIBILITY_SERVICE"
android:visibleToInstantApps="true"
android:exported="true">
<meta-data
android:name="android.accessibilityservice"
android:resource="@xml/autofill_compat_accessibility_service" />
</service>
<service android:name="com.android.server.blob.BlobStoreIdleJobService"
android:permission="android.permission.BIND_JOB_SERVICE">
</service>
<service android:name="com.android.server.companion.InactiveAssociationsRemovalService"
android:permission="android.permission.BIND_JOB_SERVICE">
</service>
<service android:name="com.android.server.appsearch.contactsindexer.ContactsIndexerMaintenanceService"
android:permission="android.permission.BIND_JOB_SERVICE">
</service>
<service android:name="com.android.server.BinaryTransparencyService$UpdateMeasurementsJobService"
android:permission="android.permission.BIND_JOB_SERVICE">
</service>
<service android:name="com.android.server.notification.ReviewNotificationPermissionsJobService"
android:permission="android.permission.BIND_JOB_SERVICE">
</service>
<service android:name="com.android.server.notification.NotificationHistoryJobService"
android:permission="android.permission.BIND_JOB_SERVICE" >
</service>
<service android:name="com.android.server.notification.NotificationBitmapJobService"
android:permission="android.permission.BIND_JOB_SERVICE" >
</service>
<service android:name="com.android.server.healthconnect.HealthConnectDailyService"
android:permission="android.permission.BIND_JOB_SERVICE" >
</service>
<service android:name="com.android.server.healthconnect.migration.MigrationBroadcastJobService"
android:permission="android.permission.BIND_JOB_SERVICE">
</service>
<service android:name="com.android.server.healthconnect.backuprestore.BackupRestore$BackupRestoreJobService"
android:permission="android.permission.BIND_JOB_SERVICE">
</service>
<service android:name="com.android.server.pm.PackageManagerShellCommandDataLoader"
android:exported="false">
<intent-filter>
<action android:name="android.intent.action.LOAD_DATA"/>
</intent-filter>
</service>
<!-- TODO: Move to ExtServices or relevant component. -->
<service android:name="android.service.selectiontoolbar.DefaultSelectionToolbarRenderService"
android:permission="android.permission.BIND_SELECTION_TOOLBAR_RENDER_SERVICE"
android:process=":ui"
android:exported="false">
<intent-filter>
<action android:name="android.service.selectiontoolbar.SelectionToolbarRenderService"/>
</intent-filter>
</service>
<service android:name="com.android.server.art.BackgroundDexoptJobService"
android:permission="android.permission.BIND_JOB_SERVICE" >
</service>
<service android:name="com.android.server.companion.datatransfer.contextsync.CallMetadataSyncInCallService"
android:permission="android.permission.BIND_INCALL_SERVICE"
android:exported="true">
<meta-data android:name="android.telecom.INCLUDE_SELF_MANAGED_CALLS"
android:value="true" />
<intent-filter>
<action android:name="android.telecom.InCallService"/>
</intent-filter>
</service>
<service android:name="com.android.server.companion.datatransfer.contextsync.CallMetadataSyncConnectionService"
android:permission="android.permission.BIND_TELECOM_CONNECTION_SERVICE"
android:exported="true">
<intent-filter>
<action android:name="android.telecom.ConnectionService"/>
</intent-filter>
</service>
<provider
android:name="com.android.server.textclassifier.IconsContentProvider"
android:authorities="com.android.textclassifier.icons"
android:singleUser="true"
android:enabled="true"
android:exported="true">
</provider>
<meta-data
android:name="com.android.server.patch.25239169"
android:value="true" />
</application>
</manifest>