grant post_notifications to terminal app by default
Bug: 376790482
Test: flash and check permissions
Change-Id: If35bb385ce24383831bdc54354a9cdd4a30bccf2
diff --git a/build/apex/Android.bp b/build/apex/Android.bp
index 0bff52e..e940e71 100644
--- a/build/apex/Android.bp
+++ b/build/apex/Android.bp
@@ -174,6 +174,12 @@
"true": ["virtualizationservice.xml"],
default: unset,
}),
+ required: select(release_flag("RELEASE_AVF_SUPPORT_CUSTOM_VM_WITH_PARAVIRTUALIZED_DEVICES"), {
+ true: [
+ "default-permissions_com.android.virt.xml",
+ ],
+ default: [],
+ }),
}
apex_defaults {
diff --git a/build/apex/permissions/Android.bp b/build/apex/permissions/Android.bp
index 678a4f2..d773df6 100644
--- a/build/apex/permissions/Android.bp
+++ b/build/apex/permissions/Android.bp
@@ -23,3 +23,9 @@
src: "features_com.android.virt.xml",
soc_specific: true,
}
+
+prebuilt_etc {
+ name: "default-permissions_com.android.virt.xml",
+ sub_dir: "default-permissions",
+ src: "default-permissions_com.android.virt.xml",
+}
diff --git a/build/apex/permissions/default-permissions_com.android.virt.xml b/build/apex/permissions/default-permissions_com.android.virt.xml
new file mode 100644
index 0000000..ac15708
--- /dev/null
+++ b/build/apex/permissions/default-permissions_com.android.virt.xml
@@ -0,0 +1,44 @@
+<?xml version='1.0' encoding='utf-8' standalone='yes' ?>
+<!--
+ Copyright (C) 2024 The Android Open Source Project
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License
+-->
+
+<!--
+ This file contains permissions to be granted by default. Default
+ permissions are granted to special platform components and to apps
+ that are approved to get default grants. The special components
+ are apps that are expected tto work out-of-the-box as they provide
+ core use cases such as default dialer, default email, etc. These
+ grants are managed by the platform. The apps that are additionally
+ approved for default grants are ones that provide carrier specific
+ functionality, ones legally required at some location, ones providing
+ alternative disclosure and opt-out UI, ones providing highlight features
+ of a dedicated device, etc. This file contains only the latter exceptions.
+ Fixed permissions cannot be controlled by the user and need a special
+ approval. Typically these are to ensure either legally mandated functions
+ or the app is considered a part of the OS.
+-->
+<exceptions>
+ <!-- This is an example of an exception:
+ <exception
+ package="foo.bar.permission"
+ <permission name="android.permission.READ_CONTACTS" fixed="true"/>
+ <permission name="android.permission.READ_CALENDAR" fixed="false"/>
+ </exception>
+ -->
+ <exception package="com.android.virtualization.terminal">
+ <permission name="android.permission.POST_NOTIFICATIONS" fixed="true"/>
+ </exception>
+</exceptions>