Allow priv apps MANAGE_VIRTUAL_MACHINE permission
Also add comments to all our various permissions.
Bug: 255286871
Test: Install demo app to system/priv-app, see it work without explicit grant.
Change-Id: I05c89e533b9cb11148cfc477dd25a1f3db5bd9ca
diff --git a/javalib/Android.bp b/javalib/Android.bp
index a6c3b80..51dd381 100644
--- a/javalib/Android.bp
+++ b/javalib/Android.bp
@@ -7,7 +7,7 @@
name: "android.system.virtualmachine.res",
installable: true,
apex_available: ["com.android.virt"],
- sdk_version: "current",
+ platform_apis: true,
}
java_sdk_library {
diff --git a/javalib/AndroidManifest.xml b/javalib/AndroidManifest.xml
index e68b5a4..95b9cfa 100644
--- a/javalib/AndroidManifest.xml
+++ b/javalib/AndroidManifest.xml
@@ -17,12 +17,26 @@
<manifest xmlns:android="http://schemas.android.com/apk/res/android"
package="com.android.virtualmachine.res">
+ <!-- @SystemApi Allows an application to create and run a Virtual Machine
+ using the Virtualization Framework APIs
+ (android.system.virtualmachine.*).
+ <p>Protection level: signature|privileged|development
+ @hide
+ -->
<permission android:name="android.permission.MANAGE_VIRTUAL_MACHINE"
- android:protectionLevel="signature|development" />
+ android:protectionLevel="signature|privileged|development" />
+ <!-- @hide Allows an application to run a Virtual Machine with a custom
+ kernel or a Microdroid configuration file.
+ <p>Not for use by third-party applications.
+ -->
<permission android:name="android.permission.USE_CUSTOM_VIRTUAL_MACHINE"
android:protectionLevel="signature|development" />
+ <!-- @hide Allows an application to access various Virtual Machine debug
+ facilities, e.g. list all running VMs.
+ <p>Not for use by third-party applications.
+ -->
<permission android:name="android.permission.DEBUG_VIRTUAL_MACHINE"
android:protectionLevel="signature" />