Google Git
Sign in
android / platform / frameworks / base / fbe92b6c53460073be08ed8eefdca60cacdda7e5^! / .
commitfbe92b6c53460073be08ed8eefdca60cacdda7e5[log] [tgz]
authorHwangoo Park <[email protected]>Tue Nov 14 14:32:43 2023 +0000
committerHwangoo Park <[email protected]>Tue Jan 09 00:35:51 2024 +0000
tree9d727cd7fd15ddd6d4ef96b58fa70f1a512b657b
parent5325f2b2b37c6197174b4dbb2e6095ebeb2ed9e6 [diff]
Add a new permission for domain selection service

This change adds BIND_DOMAIN_SELECTION_SERVICE permission to be used by
a DomainSelectionService to ensure that only the system binds to it.
It also grants the permission to the Phone process.

Bug: 258112541
Test: build
Change-Id: I5f544136c5227d1154bd817be3c53b2584f44ca1

diff --git a/core/api/system-current.txt b/core/api/system-current.txt
index d96925d..397117a 100644
--- a/core/api/system-current.txt
+++ b/core/api/system-current.txt

@@ -55,6 +55,7 @@
     field public static final String BIND_CONTENT_SUGGESTIONS_SERVICE = "android.permission.BIND_CONTENT_SUGGESTIONS_SERVICE";
     field public static final String BIND_DIRECTORY_SEARCH = "android.permission.BIND_DIRECTORY_SEARCH";
     field public static final String BIND_DISPLAY_HASHING_SERVICE = "android.permission.BIND_DISPLAY_HASHING_SERVICE";
+    field @FlaggedApi("com.android.internal.telephony.flags.ap_domain_selection_enabled") public static final String BIND_DOMAIN_SELECTION_SERVICE = "android.permission.BIND_DOMAIN_SELECTION_SERVICE";
     field public static final String BIND_DOMAIN_VERIFICATION_AGENT = "android.permission.BIND_DOMAIN_VERIFICATION_AGENT";
     field public static final String BIND_EUICC_SERVICE = "android.permission.BIND_EUICC_SERVICE";
     field public static final String BIND_EXTERNAL_STORAGE_SERVICE = "android.permission.BIND_EXTERNAL_STORAGE_SERVICE";

diff --git a/core/res/AndroidManifest.xml b/core/res/AndroidManifest.xml
index 6859f1f..442d4dc 100644
--- a/core/res/AndroidManifest.xml
+++ b/core/res/AndroidManifest.xml

@@ -2951,6 +2951,16 @@
     <permission android:name="android.permission.MANAGE_SENSORS"
         android:protectionLevel="signature" />
 
+    <!-- Must be required by a DomainSelectionService to ensure that only the
+         system can bind to it.
+         <p>Protection level: signature
+         @SystemApi
+         @hide
+         @FlaggedApi("com.android.internal.telephony.flags.ap_domain_selection_enabled")
+    -->
+    <permission android:name="android.permission.BIND_DOMAIN_SELECTION_SERVICE"
+        android:protectionLevel="signature" />
+
     <!-- Must be required by an ImsService to ensure that only the
          system can bind to it.
          <p>Protection level: signature|privileged|vendorPrivileged

diff --git a/data/etc/privapp-permissions-platform.xml b/data/etc/privapp-permissions-platform.xml
index 32186667..4ac7714 100644
--- a/data/etc/privapp-permissions-platform.xml
+++ b/data/etc/privapp-permissions-platform.xml

@@ -121,6 +121,7 @@
         <permission name="android.permission.BIND_CARRIER_MESSAGING_SERVICE"/>
         <permission name="android.permission.BIND_CARRIER_SERVICES"/>
         <permission name="android.permission.BIND_CELL_BROADCAST_SERVICE"/>
+        <permission name="android.permission.BIND_DOMAIN_SELECTION_SERVICE"/>
         <permission name="android.permission.BIND_IMS_SERVICE"/>
         <permission name="android.permission.BIND_SATELLITE_GATEWAY_SERVICE"/>
         <permission name="android.permission.BIND_SATELLITE_SERVICE"/>