diff options
| author | 2024-12-10 16:03:49 -0600 | |
|---|---|---|
| committer | 2024-12-10 22:10:55 +0000 | |
| commit | 0debf55438c70c3fef0cfb9968293abeb8f76ed4 (patch) | |
| tree | 6657b97af2abbdead2cdba3991d401e5a79e144d | |
| parent | 24630204c424fae7efd6a9e6e395ab271421fa1c (diff) | |
Add privileged flag to SUBSCRIBE_TO_KEYGUARD_LOCKED_STATE
The privileged flag is being added to the
SUBSCRIBE_TO_KEYGUARD_LOCKED_STATE permission to allow priv-apps
to listen for changes to the device lock state from KeyguardManager.
Bug: 380120712
Flag: android.security.subscribe_to_keyguard_locked_state_perm_priv_flag
Ignore-AOSP-First: Flag req TBD
Test: Manually verified priv-app was granted permission
Change-Id: I1a43eeaafea5192b09bc2b6b1dd5f6fd45ab8b22
| -rw-r--r-- | core/java/android/security/flags.aconfig | 8 | ||||
| -rw-r--r-- | core/res/AndroidManifest.xml | 16 |
2 files changed, 21 insertions, 3 deletions
diff --git a/core/java/android/security/flags.aconfig b/core/java/android/security/flags.aconfig index 34bae46b484c..ebb6fb451699 100644 --- a/core/java/android/security/flags.aconfig +++ b/core/java/android/security/flags.aconfig @@ -137,4 +137,12 @@ flag { description: "Feature flag for Secure Lockdown feature" bug: "373422357" is_exported: true +} + +flag { + name: "subscribe_to_keyguard_locked_state_perm_priv_flag" + namespace: "psap_ai" + description: "Feature flag to add the privileged flag to the SUBSCRIBE_TO_KEYGUARD_LOCKED_STATE permission" + bug: "380120712" + is_fixed_read_only: true }
\ No newline at end of file diff --git a/core/res/AndroidManifest.xml b/core/res/AndroidManifest.xml index 6b8056c77fda..7647784afbfb 100644 --- a/core/res/AndroidManifest.xml +++ b/core/res/AndroidManifest.xml @@ -5639,11 +5639,21 @@ <!-- Allows an application to subscribe to device locked and keyguard locked (i.e., showing) state. - <p>Protection level: signature|role - <p>Intended for use by ROLE_ASSISTANT and signature apps only. + <p>Protection level: signature|module|role + <p>Intended for use by ROLE_ASSISTANT, VDM, and signature apps only. + --> + <permission android:name="android.permission.SUBSCRIBE_TO_KEYGUARD_LOCKED_STATE" + android:protectionLevel="signature|module|role" + android:featureFlag="!android.security.subscribe_to_keyguard_locked_state_perm_priv_flag"/> + + <!-- Allows an application to subscribe to device locked and keyguard locked (i.e., showing) + state. + <p>Protection level: signature|privileged|module|role + <p>Intended for use by ROLE_ASSISTANT, VDM, and signature / privileged apps only. --> <permission android:name="android.permission.SUBSCRIBE_TO_KEYGUARD_LOCKED_STATE" - android:protectionLevel="signature|module|role"/> + android:protectionLevel="signature|privileged|module|role" + android:featureFlag="android.security.subscribe_to_keyguard_locked_state_perm_priv_flag"/> <!-- Must be required by a {@link android.service.autofill.AutofillService}, to ensure that only the system can bind to it. |