1<?xml version="1.0" encoding="utf-8"?>
2<!--
3/*
4 * Copyright (C) 2019 The Android Open Source Project
5 *
6 * Licensed under the Apache License, Version 2.0 (the "License");
7 * you may not use this file except in compliance with the License.
8 * You may obtain a copy of the License at
9 *
10 *      http://www.apache.org/licenses/LICENSE-2.0
11 *
12 * Unless required by applicable law or agreed to in writing, software
13 * distributed under the License is distributed on an "AS IS" BASIS,
14 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 * See the License for the specific language governing permissions and
16 * limitations under the License.
17 */
18-->
19
20<!-- versionCode is set to placeholder module version which will
21     be replaced during build. Do not change it!  -->
22<manifest xmlns:android="http://schemas.android.com/apk/res/android"
23  package="com.android.networkstack"
24  android:sharedUserId="android.uid.networkstack"
25  android:versionCode="0"
26  coreApp="true"
27>
28    <!--- Defines the MAINLINE_NETWORK_STACK permission used by the networkstack process. -->
29    <permission android:name="android.permission.MAINLINE_NETWORK_STACK"
30                android:protectionLevel="signature"/>
31    <!-- Permissions must be defined here, and not in the base manifest, as the network stack
32         running in the system server process does not need any permission, and having privileged
33         permissions added would cause crashes on startup unless they are also added to the
34         privileged permissions allowlist for that package. -->
35    <uses-permission android:name="android.permission.INTERNET" />
36    <uses-permission android:name="android.permission.ACCESS_FINE_LOCATION" />
37    <uses-permission android:name="android.permission.ACCESS_COARSE_LOCATION" />
38    <uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" />
39    <uses-permission android:name="android.permission.ACCESS_WIFI_STATE" />
40    <uses-permission android:name="android.permission.CONNECTIVITY_INTERNAL" />
41    <!-- Send latency broadcast as current user -->
42    <uses-permission android:name="android.permission.INTERACT_ACROSS_USERS" />
43    <uses-permission android:name="android.permission.WAKE_LOCK" />
44    <uses-permission android:name="android.permission.READ_PRIVILEGED_PHONE_STATE" />
45    <uses-permission android:name="android.permission.READ_DEVICE_CONFIG" />
46    <!-- Signature permission defined in NetworkStackStub -->
47    <uses-permission android:name="android.permission.MAINLINE_NETWORK_STACK" />
48    <!-- Crash while reading deviceownerName security exception  -->
49    <uses-permission android:name="android.permission.MANAGE_USERS"/>
50    <!-- ends here -->
51
52    <application
53        android:extractNativeLibs="false"
54        android:persistent="true"
55        android:process="com.android.networkstack.process">
56        <service android:name="com.android.server.NetworkStackService"
57                 android:exported="true"
58                 android:permission="android.permission.MAINLINE_NETWORK_STACK">
59            <intent-filter>
60                <action android:name="android.net.INetworkStackConnector"/>
61            </intent-filter>
62        </service>
63        <!-- Test instrumentation service, only usable on debuggable builds.
64             The service is protected by NETWORK_SETTINGS permissions as there is no better
65             networking-related permission that exists on Q, is sufficiently protected (signature),
66             and can be obtained via shell permissions. -->
67        <!-- (The name starting with a dot means the package prefix is the APK package name) -->
68        <service android:name=".TestNetworkStackService"
69                 android:permission="android.permission.NETWORK_SETTINGS"
70                 android:exported="true">
71            <intent-filter>
72                <action android:name="android.net.INetworkStackConnector.Test"/>
73            </intent-filter>
74        </service>
75        <service android:name=".ipmemorystore.RegularMaintenanceJobService"
76                 android:permission="android.permission.BIND_JOB_SERVICE" >
77        </service>
78    </application>
79</manifest>
80