I am trying to determine the storage encryption status of my Android device from within my application. Following the recommendations of the relevant Android Developer page, here is my code:
DevicePolicyManager mDPM = (DevicePolicyManager) getSystemService(Context.DEVICE_POLICY_SERVICE);
int encryptionStatus = mDPM.getStorageEncryptionStatus();
if (DEBUG) Log.v(TAG, "checkSecuritySettingsSufficient: encryptionStatus=" + encryptionStatus);
Here's the trouble: when I run this code on a device (I've tried it on a Motorola Droid Maxx running Android 4.4.4 and a Nexus 7 running Android 5.0.2) which I have previously encrypted, DevicePolicyManager.getStorageEncryptionStatus() will always return a value of 1, i.e. ENCRYPTION_STATUS_INACTIVE.
Android is therefore reporting that the device is not encrypted, despite the fact that the file system is definitely encrypted (I checked its status from the Settings > Security page).
Is this function broken? There doesn't seem to be any mention of that on SO or on other web sources. This leads me to believe that I am not doing something correctly with respect to DevicePolicyManager.
UPDATE After running through the encryption steps again with the Motorola device, DevicePolicyManager.getStorageEncryptionStatus() is returning the correct value, but it's still failing on the Nexus 7.
I just ran into this same issue and found out it was happening because the device had disk encryption enabled, but did not require the passcode be entered at startup. Changing the passcode, and forcing the require PIN at startup option to be true made DevicePolicyManager.getStorageEncryptionStatus() correctly return ENCRYPTION_STATUS_ACTIVE.
Related
My Android app is currently in open beta and I am receiving crash reports from my beloved testers. Audio processing is the app's primary focus therefore the render thread is cpu intensive and time sensitive. In an attempt to achieve the best performance possible, I am reserving exclusive cores for the process by calling:
int exclusiveCores[] = {};
if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.N) {
exclusiveCores = android.os.Process.getExclusiveCores();
}
then sending the int array on through the JNI to be handled by the engine.
This has worked fine until recently when I received a crash report stating a RuntimeException was thrown on the getExclusiveCores() call. The device was a Samsung J7 (SM-J727T) running Android 7.0. This is the only device so far that has given me this report.
Has anyone else experienced this issue? Is this API not available for this specific device? Is there another limitation I should be checking for before calling getExclusiveCores?
The documentation states:
To support an exclusive core on a device:
Enable cpusets and configure a cpuset that contains only the top foreground application.
Ensure one core (this is the exclusive core) is reserved for threads from this cpuset.
but I am unable to find any other documentation on how to enable cpusets and configure a cpuset.
Can anyone provide an example of this implementation or point me in the right direction?
Also, I personally do not have this device and Firebase Testlab does not have this device running android 7.0 so testing any solution will have its own complications.
Thanks
I also ran into this on a Samsung Galaxy S6 running Android 7.0.
Unfortunately it looks like getExclusiveCores isn't implemented on some devices (despite being a mandatory API, specified in the Android CDD).
The best advice is to wrap calls to this method in a try/catch block and catch the RuntimeException:
try {
exclusiveCores = android.os.Process.getExclusiveCores();
} catch (RuntimeException e){
Log.w(TAG, "getExclusiveCores() is not supported on this device.");
}
I have created an Android app that runs on a Samsung Galaxy Tab Pro (SM-T900). The main feature of this app is RS232/USB communication using the USB host mode and the USB-to-Serial library.
This app has been working perfectly without the need for any code updates for over a year. However, since the latest Samsung/Android update to Android 5.1, I get a security error and I am no longer able to communicate with USB/RS232 devices. Apart from that, my app runs fine without any crashing. I am simply no longer able to perform USB/RS232 communication.
Here's the logcat:
03-24 17:03:09.015 2798-3149/? D/UsbSettingsManager: requestPermission:/dev/bus/usb/002/008 ,packageName com.example.pumpconnector ,pi PendingIntent{338f59ea: PendingIntentRecord{1fd58866 com.example.pumpconnector broadcastIntent}}
03-24 17:03:09.020 2798-3149/? D/ApplicationPolicy: isUsbDevicePermittedForPackage vendorId: 1027, productId: 24577, package: com.example.pumpconnector
03-24 17:03:09.020 13313-13332/com.example.pumpconnector V/MainActivity: java.lang.SecurityException: Admin does not have android.permission.sec.MDM_APP_MGMT
The app has been configured to start whenever a USB device is attached to the device, which still works on the Samsung tablet. The app works perfectly fine on other (non-Samsung) devices. It's fully functioning on a LG Nexus 5 with Android 6.0.1. installed and also on a Moto G with Android 5.1. A little Google search on the exception quickly points to Samsung specific update/bug that prevent USB communication (check this thread).
I tried to put the following line in the Manifest (without result):
<uses-permission android:name="android.permission.sec.MDM_APP_MGMT"/>
Is there any way to get my app to get the android.permission.sec.MDM_APP_MGMT without having to wait for Samsung to fix it? All help is appreciated.
Check Knox version on device (maybe have been upgraded between) and follow migration guide in knox web site.
Also be sure you'r validating KLM license using KnoxEnterpriseLicenseManager and using EnterpriseLicenseManager For Basic License. Ofc you should check for license in receiver with convenient manager.
My app is working fine, until Android 5.0.2 doesn't allow third party app to connect to HID device over Bluetooth low energy.
myGatt.setCharacteristicNotification(gattChar, true);
06-01 17:39:35.356: W/BluetoothGatt(21599):
java.lang.SecurityException: Need BLUETOOTH_PRIVILEGED permission:Neither
user 10157 nor current process has android.permission.BLUETOOTH_PRIVILEGED.
<uses-permission android:name="android.permission.BLUETOOTH_PRIVILEGED" />
BLUETOOTH_PRIVILEGED permission doesn't work on a third party app. It's only for system or manufacturer apps.
The latest changes from Android note:
Enforce BLUETOOTH_PRIVILEGED permission for HID-over-GATT
https://android.googlesource.com/platform/packages/apps/Bluetooth/+/02bebee
Code snippet:
private static final UUID[] HID_UUIDS = {
UUID.fromString("00002A4A-0000-1000-8000-00805F9B34FB"),
UUID.fromString("00002A4B-0000-1000-8000-00805F9B34FB"),
UUID.fromString("00002A4C-0000-1000-8000-00805F9B34FB"),
UUID.fromString("00002A4D-0000-1000-8000-00805F9B34FB") };
if (isHidUuid(charUuid)) enforcePrivilegedPermission();
My question: is there a way to overwrite HID_UUIDS or enforcePrivilegedPermission? Can I use reflection to by pass it?
Every times Android released a new version, it breaks the previous code.
Thanks!
The question is old, but still worth answering.
The HID (and FIDO https://fidoalliance.org/) service is protected and indeed requires system permission source. Only apps signed with the system key may use this service, that is only Bluetooth settings. This is to ensure that 3rd party apps are not able to listen to keys typed on a wireless keyboards, as all notifications and indications are transferred to all BluetoothGatt objects. Without this protection you would be able to connect to a HID device (you still can), enable notifications using gatt.setCharacteristicNotification(.., true) and receive updates whenever a key is typed. With a bit of knowledge about Report characteristics you can then get all the keys and mouse positions, including passwords, etc. So it's not a break, but a bug fix. On KitKat you still may do this.
The only solution is to compile your own AOSP Android version and sign your app with the same key. Otherwise it would be useless protection.
Btw, starting form Android 8 or perhaps earlier you don't get SecurityException. The call just returns true as if any other and you never get any callback.
This might have been changed here: https://android.googlesource.com/platform/packages/apps/Bluetooth/+/32dc7a6b919375aede777f3c821fa316d85449ae%5E%21/#F2
I'm facing a problem in android version 4.3 to control airplane mode by code.For this I converted the user app into system using system/ app mover application available in google play.Once the user enables the airplane mode, the background service have the control to check the airplane mode and reset it to off state and send the broadcast changes to the device.Below the snippet I implemented in my code to keep the airplane mode state in off.But it fails in android version 4.3. It throws an exception called "permission denied". Let me know is these any additional permission need to added in manifest or else let me know your suggestions on these issue to fixed.
try {
Settings.Global.putInt(context.getContentResolver(),
"airplane_mode_on", 0);
isAirplaneModeOn = isAirplaneModeOn(context);
Intent localIntent2 = new Intent(
"android.intent.action.AIRPLANE_MODE");
localIntent2.putExtra("state", isAirplaneModeOn);
context.sendBroadcast(localIntent2);
} catch (Exception e) {
Log.v("TAG",
e.toString() + "\n" + e.getMessage());
}
Moving an App into the /system/app folder does not turn it into a System App - it simply makes the App uninstallable because /system is normally mounted read-only.
What you are trying to do requires full System App privileges. You can only get these by signing your app with the same key used to sign the original firmware Apps - the platform key. In other words, you need access to whoever built the version of Android you are running on and get them to sign your APK.
Actually you cannot do it starting from Android 4.2. Because that settings was relocated here from either Settings.System or Settings.Secure. But on previous vesions it works fine.
http://developer.android.com/about/versions/android-4.2.html
If your app is currently making changes to settings previously defined
in Settings.System (such as AIRPLANE_MODE_ON), then you should expect
that doing so will no longer work on a device running Android 4.2 or
higher if those settings were moved to Settings.Global.
Related question on StackOverflow
I'm working on a special version of my App which should run in Bluestacks. It's a windows/mac application which allows to run Android apps on the computer.
I would like to implement special behaviour when the app runs in Bluestacks. Nothing complicated, maybe showing a dialog or disabling some buttons.
But for that purpose I need to know whether the app is running on a Bluestacks device. I checked the device model (Build.MODEL) and manufacturer (Build.MANUFACTURER), but I get that the device is a Samsung GT i900.
Does someone know an unambiguous way to know whether an app is running on Bluestacks?
I know it´s rather a quite localized question, but it would be fine if I get some ideas about where to look at, or what to try.
Try this:
/**
* Returns true if device is Android port to x86
*/
public static boolean isx86Port()
{
String kernelVersion = System.getProperty("os.version");
if(kernelVersion != null && kernelVersion.contains("x86")) // for BlueStacks returns "2.6.38-android-x86+"
return true;
return false;
}
try below code:
File test = new File("/data/Bluestacks.prop");
boolean isRunningInBluestacks = test.exists();
Finally I decided to build a new app for Bluestacks using an Android library. This allows me to add special behaviour for the bluestacks app.
I tried to get all the info using the Build class, but it returns the same as a Samsung Galaxy GT i9000 device, so it's impossible to know that the device is running in bluestacks.
This Will be unique.
There is no bluetooth device in Bluestack.
So try to get The Bluetooth Address string which is always 'null' on Bluestack or Any emulator.Make sure you are adding Bluetooth permission on your project manifest.
BluetoothAdapter m_BluetoothAdapter = BluetoothAdapter.getDefaultAdapter();
String m_bluetoothAdd = m_BluetoothAdapter.getAddress();