Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / frameworks / base / 8662cab5c6a01ea5c426512e6f6d2cf3e158aea0^! / . / core / res / AndroidManifest.xml
commit8662cab5c6a01ea5c426512e6f6d2cf3e158aea0[log] [tgz]
authorChristopher Tate <ctate@google.com>Thu Feb 23 14:59:36 2012 -0800
committerChristopher Tate <ctate@google.com>Wed Feb 29 14:05:24 2012 -0800
tree3b59cda27e624d46603427888e906e3686c00379
parentc021a119a2b2b274e3a0bc06003e389a00de9112 [diff] [blame]
Merge: Introduce UpdateLocks

An "UpdateLock" works similarly to a wake lock in API: the caller is
providing a hint to the OS that now is not a good time to interrupt
the user/device in order to do intrusive work like applying OTAs.
This is particularly important for headless or kiosk-like products
where ordinarily the update process will be automatically scheduled
and proceed without user or administrator intervention.

UpdateLocks require that the caller hold the new signatureOrSystem
permission android.permission.UPDATE_LOCK.  acquire() and release()
will throw security exceptions if this is not the case.

The "is now convenient?" state is expressed to interested parties
by way of a sticky broadcast sent only to registered listeners.  The
broadcast is protected; only the system can send it, so listeners
can trust it to be accurate.  The broadcast intent also includes a
timestamp (System.currentTimeMillis()) to help inform listeners that
wish to implement scheduling policies based on when the device became
idle.

The API change here is a tiny one: a dump(PrintWriter) method has been
added to the TokenWatcher class to facilitate getting information out
of it for dumpsys purposes.  UpdateLock itself is still @hide.

Bug 5543442

Change-Id: I3709c831fc1883d7cb753cd2d3ee8e10a61e7e48

diff --git a/core/res/AndroidManifest.xml b/core/res/AndroidManifest.xml
index d4d29ae..17d2212 100644
--- a/core/res/AndroidManifest.xml
+++ b/core/res/AndroidManifest.xml

@@ -121,6 +121,7 @@
     <protected-broadcast android:name="android.intent.action.CLEAR_DNS_CACHE" />
     <protected-broadcast android:name="android.intent.action.PROXY_CHANGE" />
 
+    <protected-broadcast android:name="android.os.UpdateLock.UPDATE_LOCK_CHANGED" />
 
     <!-- ====================================== -->
     <!-- Permissions for things that cost money -->
@@ -1538,6 +1539,13 @@
         android:label="@string/permlab_accessContentProvidersExternally"
         android:description="@string/permdesc_accessContentProvidersExternally"
         android:protectionLevel="signature" />
+    <!-- Allows an application to hold an UpdateLock, recommending that a headless
+         OTA reboot *not* occur while the lock is held.
+         @hide -->
+    <permission android:name="android.permission.UPDATE_LOCK"
+        android:label="@string/permlab_updateLock"
+        android:description="@string/permdesc_updateLock"
+        android:protectionLevel="signatureOrSystem" />
 
     <!-- The system process is explicitly the only one allowed to launch the
          confirmation UI for full backup/restore -->