Added a new "incidentReportApprover" permission protection flag.
This gives the ONE app installed on the system the permission to
authorize the sharing of incident and bug reports with an app.
Currently that app is PermissionController. Package Manager
enforces that there is only one installed, and refused to boot
if that isn't the case.
Bug: 123543706
Test: bit GooglePermissionControllerTest:*
Change-Id: I76a7fad0ea36359bbb0ff09669df46202d059dab
diff --git a/core/res/AndroidManifest.xml b/core/res/AndroidManifest.xml
index 7184c7a..14143d8 100644
--- a/core/res/AndroidManifest.xml
+++ b/core/res/AndroidManifest.xml
@@ -115,6 +115,7 @@
<protected-broadcast android:name="android.app.action.BUGREPORT_FAILED" />
<protected-broadcast android:name="android.app.action.BUGREPORT_SHARE" />
<protected-broadcast android:name="android.app.action.SHOW_DEVICE_MONITORING_DIALOG" />
+ <protected-broadcast android:name="android.intent.action.PENDING_INCIDENT_REPORTS_CHANGED" />
<protected-broadcast android:name="android.appwidget.action.APPWIDGET_UPDATE_OPTIONS" />
<protected-broadcast android:name="android.appwidget.action.APPWIDGET_DELETED" />
@@ -2798,6 +2799,15 @@
<permission android:name="android.permission.SIGNAL_PERSISTENT_PROCESSES"
android:protectionLevel="signature|privileged|development" />
+ <!-- @hide @SystemApi @TestApi
+ Allow an application to approve incident and bug reports to be
+ shared off-device. There can be only one application installed on the
+ device with this permission, and since this is a privileged permission, it
+ must be in priv-app.
+ <p>Not for use by third-party applications. -->
+ <permission android:name="android.permission.APPROVE_INCIDENT_REPORTS"
+ android:protectionLevel="signature|incidentReportApprover" />
+
<!-- ==================================== -->
<!-- Private permissions -->
<!-- ==================================== -->