diff options
| author | paulhu <paulhu@google.com> | 2019-08-12 16:25:11 +0800 |
|---|---|---|
| committer | paulhu <paulhu@google.com> | 2019-12-04 11:45:51 +0800 |
| commit | a6af6b6c2aafa54bf3b9dc9d7c162ab43f470b62 (patch) | |
| tree | 8dc8f4c5f3457d8abe49fef634ea7c452fd69ffb | |
| parent | c751dfc630243a2189ee7b2539d4ab3ef50dc743 (diff) | |
Replace the permission of internal connectivity checks
A number of connectivity checks that protect system-only methods
check for CONNECTIVITY_INTERNAL, but CONNECTIVITY_INTERNAL is a
signature|privileged permission. We should audit the permission
checks, and convert checks that protect code that should not be
called outside the system to a signature permission. So replace
all CONNECTIVITY_INTERNAL to other proper permissions.
Bug: 32963470
Test: atest FrameworksNetTests NetworkPolicyManagerServiceTest
Change-Id: I8f2dd1cd0609056494eaf612d39820e273ae093f
19 files changed, 190 insertions, 138 deletions
diff --git a/api/system-current.txt b/api/system-current.txt index 7cd31df6da91..7a361c934ee7 100644 --- a/api/system-current.txt +++ b/api/system-current.txt @@ -58,7 +58,7 @@ package android { field public static final String CLEAR_APP_USER_DATA = "android.permission.CLEAR_APP_USER_DATA"; field public static final String CONFIGURE_DISPLAY_BRIGHTNESS = "android.permission.CONFIGURE_DISPLAY_BRIGHTNESS"; field public static final String CONFIGURE_WIFI_DISPLAY = "android.permission.CONFIGURE_WIFI_DISPLAY"; - field public static final String CONNECTIVITY_INTERNAL = "android.permission.CONNECTIVITY_INTERNAL"; + field @Deprecated public static final String CONNECTIVITY_INTERNAL = "android.permission.CONNECTIVITY_INTERNAL"; field public static final String CONNECTIVITY_USE_RESTRICTED_NETWORKS = "android.permission.CONNECTIVITY_USE_RESTRICTED_NETWORKS"; field public static final String CONTROL_DISPLAY_COLOR_TRANSFORMS = "android.permission.CONTROL_DISPLAY_COLOR_TRANSFORMS"; field public static final String CONTROL_DISPLAY_SATURATION = "android.permission.CONTROL_DISPLAY_SATURATION"; @@ -126,6 +126,7 @@ package android { field public static final String MODIFY_QUIET_MODE = "android.permission.MODIFY_QUIET_MODE"; field public static final String MOVE_PACKAGE = "android.permission.MOVE_PACKAGE"; field public static final String NETWORK_CARRIER_PROVISIONING = "android.permission.NETWORK_CARRIER_PROVISIONING"; + field public static final String NETWORK_FACTORY = "android.permission.NETWORK_FACTORY"; field public static final String NETWORK_MANAGED_PROVISIONING = "android.permission.NETWORK_MANAGED_PROVISIONING"; field public static final String NETWORK_SCAN = "android.permission.NETWORK_SCAN"; field public static final String NETWORK_SETTINGS = "android.permission.NETWORK_SETTINGS"; @@ -135,6 +136,7 @@ package android { field public static final String NOTIFICATION_DURING_SETUP = "android.permission.NOTIFICATION_DURING_SETUP"; field public static final String NOTIFY_TV_INPUTS = "android.permission.NOTIFY_TV_INPUTS"; field public static final String OBSERVE_APP_USAGE = "android.permission.OBSERVE_APP_USAGE"; + field public static final String OBSERVE_NETWORK_POLICY = "android.permission.OBSERVE_NETWORK_POLICY"; field public static final String OBSERVE_ROLE_HOLDERS = "android.permission.OBSERVE_ROLE_HOLDERS"; field public static final String OPEN_ACCESSIBILITY_DETAILS_SETTINGS = "android.permission.OPEN_ACCESSIBILITY_DETAILS_SETTINGS"; field public static final String OVERRIDE_WIFI_CONFIG = "android.permission.OVERRIDE_WIFI_CONFIG"; @@ -4340,7 +4342,7 @@ package android.net { public class ConnectivityManager { method @NonNull @RequiresPermission(android.Manifest.permission.PACKET_KEEPALIVE_OFFLOAD) public android.net.SocketKeepalive createNattKeepalive(@NonNull android.net.Network, @NonNull android.os.ParcelFileDescriptor, @NonNull java.net.InetAddress, @NonNull java.net.InetAddress, @NonNull java.util.concurrent.Executor, @NonNull android.net.SocketKeepalive.Callback); method @NonNull @RequiresPermission(android.Manifest.permission.PACKET_KEEPALIVE_OFFLOAD) public android.net.SocketKeepalive createSocketKeepalive(@NonNull android.net.Network, @NonNull java.net.Socket, @NonNull java.util.concurrent.Executor, @NonNull android.net.SocketKeepalive.Callback); - method @RequiresPermission(android.Manifest.permission.LOCAL_MAC_ADDRESS) public String getCaptivePortalServerUrl(); + method @Deprecated @RequiresPermission(android.Manifest.permission.NETWORK_SETTINGS) public String getCaptivePortalServerUrl(); method @RequiresPermission(android.Manifest.permission.TETHER_PRIVILEGED) public void getLatestTetheringEntitlementResult(int, boolean, @NonNull java.util.concurrent.Executor, @NonNull android.net.ConnectivityManager.OnTetheringEntitlementResultListener); method @RequiresPermission(anyOf={android.Manifest.permission.TETHER_PRIVILEGED, android.Manifest.permission.WRITE_SETTINGS}) public boolean isTetheringSupported(); method @RequiresPermission(android.Manifest.permission.TETHER_PRIVILEGED) public void registerTetheringEventCallback(@NonNull java.util.concurrent.Executor, @NonNull android.net.ConnectivityManager.OnTetheringEventCallback); diff --git a/core/java/android/net/ConnectivityManager.java b/core/java/android/net/ConnectivityManager.java index 194068cd7455..d95da91d2009 100644 --- a/core/java/android/net/ConnectivityManager.java +++ b/core/java/android/net/ConnectivityManager.java @@ -1006,7 +1006,7 @@ public class ConnectivityManager { * * @hide */ - @RequiresPermission(android.Manifest.permission.CONNECTIVITY_INTERNAL) + @RequiresPermission(android.Manifest.permission.NETWORK_STACK) @Nullable public Network getActiveNetworkForUid(int uid) { return getActiveNetworkForUid(uid, false); @@ -1135,7 +1135,7 @@ public class ConnectivityManager { * * {@hide} */ - @RequiresPermission(android.Manifest.permission.CONNECTIVITY_INTERNAL) + @RequiresPermission(android.Manifest.permission.NETWORK_STACK) @UnsupportedAppUsage public NetworkInfo getActiveNetworkInfoForUid(int uid) { return getActiveNetworkInfoForUid(uid, false); @@ -1370,10 +1370,14 @@ public class ConnectivityManager { * The system network validation may be using different strategies to detect captive portals, * so this method does not necessarily return a URL used by the system. It only returns a URL * that may be relevant for other components trying to detect captive portals. + * * @hide + * @deprecated This API returns URL which is not guaranteed to be one of the URLs used by the + * system. */ + @Deprecated @SystemApi - @RequiresPermission(android.Manifest.permission.LOCAL_MAC_ADDRESS) + @RequiresPermission(android.Manifest.permission.NETWORK_SETTINGS) public String getCaptivePortalServerUrl() { try { return mService.getCaptivePortalServerUrl(); @@ -2399,6 +2403,7 @@ public class ConnectivityManager { * @return an array of 0 or more {@code String} of tethered dhcp ranges. * {@hide} */ + @RequiresPermission(android.Manifest.permission.NETWORK_SETTINGS) public String[] getTetheredDhcpRanges() { try { return mService.getTetheredDhcpRanges(); @@ -2978,7 +2983,7 @@ public class ConnectivityManager { * HTTP proxy. A {@code null} value will clear the global HTTP proxy. * @hide */ - @RequiresPermission(android.Manifest.permission.CONNECTIVITY_INTERNAL) + @RequiresPermission(android.Manifest.permission.NETWORK_STACK) public void setGlobalProxy(ProxyInfo p) { try { mService.setGlobalProxy(p); @@ -3123,6 +3128,7 @@ public class ConnectivityManager { * Get the mobile provisioning url. * {@hide} */ + @RequiresPermission(android.Manifest.permission.NETWORK_SETTINGS) public String getMobileProvisioningUrl() { try { return mService.getMobileProvisioningUrl(); @@ -3169,6 +3175,7 @@ public class ConnectivityManager { /** {@hide} - returns the factory serial number */ @UnsupportedAppUsage + @RequiresPermission(android.Manifest.permission.NETWORK_FACTORY) public int registerNetworkFactory(Messenger messenger, String name) { try { return mService.registerNetworkFactory(messenger, name); @@ -3179,6 +3186,7 @@ public class ConnectivityManager { /** {@hide} */ @UnsupportedAppUsage(maxTargetSdk = Build.VERSION_CODES.P, trackingBug = 115609023) + @RequiresPermission(android.Manifest.permission.NETWORK_FACTORY) public void unregisterNetworkFactory(Messenger messenger) { try { mService.unregisterNetworkFactory(messenger); @@ -3196,6 +3204,7 @@ public class ConnectivityManager { * Register a NetworkAgent with ConnectivityService. * @return NetID corresponding to NetworkAgent. */ + @RequiresPermission(android.Manifest.permission.NETWORK_FACTORY) public int registerNetworkAgent(Messenger messenger, NetworkInfo ni, LinkProperties lp, NetworkCapabilities nc, int score, NetworkMisc misc) { return registerNetworkAgent(messenger, ni, lp, nc, score, misc, @@ -3207,6 +3216,7 @@ public class ConnectivityManager { * Register a NetworkAgent with ConnectivityService. * @return NetID corresponding to NetworkAgent. */ + @RequiresPermission(android.Manifest.permission.NETWORK_FACTORY) public int registerNetworkAgent(Messenger messenger, NetworkInfo ni, LinkProperties lp, NetworkCapabilities nc, int score, NetworkMisc misc, int factorySerialNumber) { try { @@ -4201,7 +4211,7 @@ public class ConnectivityManager { * * @hide */ - @RequiresPermission(android.Manifest.permission.CONNECTIVITY_INTERNAL) + @RequiresPermission(android.Manifest.permission.NETWORK_SETTINGS) public void startCaptivePortalApp(Network network) { try { mService.startCaptivePortalApp(network); @@ -4317,6 +4327,7 @@ public class ConnectivityManager { * Resets all connectivity manager settings back to factory defaults. * @hide */ + @RequiresPermission(android.Manifest.permission.NETWORK_SETTINGS) public void factoryReset() { try { mService.factoryReset(); diff --git a/core/res/AndroidManifest.xml b/core/res/AndroidManifest.xml index 936099f51ff6..4492fec38cd6 100644 --- a/core/res/AndroidManifest.xml +++ b/core/res/AndroidManifest.xml @@ -1614,6 +1614,14 @@ <permission android:name="android.permission.NETWORK_STACK" android:protectionLevel="signature" /> + <!-- @SystemApi @hide Allows an application to observe network policy changes. --> + <permission android:name="android.permission.OBSERVE_NETWORK_POLICY" + android:protectionLevel="signature" /> + + <!-- @SystemApi @hide Allows applications to register network factory or agent --> + <permission android:name="android.permission.NETWORK_FACTORY" + android:protectionLevel="signature" /> + <!-- Allows Settings and SystemUI to call methods in Networking services <p>Not for use by third-party or privileged applications. @SystemApi @@ -1744,7 +1752,11 @@ <permission android:name="android.permission.NFC_TRANSACTION_EVENT" android:protectionLevel="normal" /> - <!-- @SystemApi Allows an internal user to use privileged ConnectivityManager APIs. + <!-- @deprecated This permission used to allow too broad access to sensitive methods and all its + uses have been replaced by a more appropriate permission. Most uses have been replaced with + a NETWORK_STACK or NETWORK_SETTINGS check. Please look up the documentation of the + individual functions to figure out what permission now protects the individual function. + @SystemApi Allows an internal user to use privileged ConnectivityManager APIs. @hide --> <permission android:name="android.permission.CONNECTIVITY_INTERNAL" android:protectionLevel="signature|privileged" /> diff --git a/core/res/res/values/config.xml b/core/res/res/values/config.xml index 6741feabe8b7..dfe80343a2e7 100644 --- a/core/res/res/values/config.xml +++ b/core/res/res/values/config.xml @@ -508,7 +508,7 @@ --> <string translatable="false" name="config_mobile_hotspot_provision_app_no_ui"></string> <!-- Sent in response to a provisioning check. The caller must hold the - permission android.permission.CONNECTIVITY_INTERNAL for Settings to + permission android.permission.TETHER_PRIVILEGED for Settings to receive this response. See config_mobile_hotspot_provision_response diff --git a/core/tests/ConnectivityManagerTest/AndroidManifest.xml b/core/tests/ConnectivityManagerTest/AndroidManifest.xml index a391e1feb28f..796d7e8ff407 100644 --- a/core/tests/ConnectivityManagerTest/AndroidManifest.xml +++ b/core/tests/ConnectivityManagerTest/AndroidManifest.xml @@ -73,9 +73,9 @@ <uses-permission android:name="android.permission.CHANGE_NETWORK_STATE" /> <uses-permission android:name="android.permission.WRITE_SETTINGS" /> <uses-permission android:name="android.permission.WRITE_SECURE_SETTINGS" /> - <!-- This permission is added for API call setAirplaneMode() in ConnectivityManager --> - <uses-permission android:name="android.permission.CONNECTIVITY_INTERNAL" /> <uses-permission android:name="android.permission.TETHER_PRIVILEGED" /> + <!-- This permission is added for API call setAirplaneMode() in ConnectivityManager --> + <uses-permission android:name="android.permission.NETWORK_SETTINGS" /> <uses-permission android:name="android.permission.WAKE_LOCK" /> <uses-permission android:name="android.permission.DEVICE_POWER" /> <uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE" /> diff --git a/core/tests/utiltests/AndroidManifest.xml b/core/tests/utiltests/AndroidManifest.xml index 4ef4b1fe9120..8e0f1d244c52 100644 --- a/core/tests/utiltests/AndroidManifest.xml +++ b/core/tests/utiltests/AndroidManifest.xml @@ -30,7 +30,6 @@ <uses-permission android:name="android.permission.MANAGE_NETWORK_POLICY" /> <uses-permission android:name="android.permission.READ_NETWORK_USAGE_HISTORY" /> - <uses-permission android:name="android.permission.CONNECTIVITY_INTERNAL" /> <uses-permission android:name="android.permission.ACCESS_WIFI_STATE" /> <uses-permission android:name="android.permission.MANAGE_USERS" /> <uses-permission android:name="android.permission.INTERACT_ACROSS_USERS_FULL" /> diff --git a/packages/VpnDialogs/AndroidManifest.xml b/packages/VpnDialogs/AndroidManifest.xml index 469bdc69c78a..e4de6259e07d 100644 --- a/packages/VpnDialogs/AndroidManifest.xml +++ b/packages/VpnDialogs/AndroidManifest.xml @@ -21,7 +21,6 @@ <uses-permission android:name="android.permission.CONTROL_VPN" /> <uses-permission android:name="android.permission.CONTROL_ALWAYS_ON_VPN" /> - <uses-permission android:name="android.permission.CONNECTIVITY_INTERNAL" /> <uses-permission android:name="android.permission.HIDE_NON_SYSTEM_OVERLAY_WINDOWS"/> <application android:label="VpnDialogs" diff --git a/services/core/java/com/android/server/ConnectivityService.java b/services/core/java/com/android/server/ConnectivityService.java index 36f44e48b877..b6e8db03a5cc 100644 --- a/services/core/java/com/android/server/ConnectivityService.java +++ b/services/core/java/com/android/server/ConnectivityService.java @@ -1395,7 +1395,7 @@ public class ConnectivityService extends IConnectivityManager.Stub @Override public Network getActiveNetworkForUid(int uid, boolean ignoreBlocked) { - enforceConnectivityInternalPermission(); + NetworkStack.checkNetworkStackPermission(mContext); return getActiveNetworkForUidInternal(uid, ignoreBlocked); } @@ -1437,7 +1437,7 @@ public class ConnectivityService extends IConnectivityManager.Stub @Override public NetworkInfo getActiveNetworkInfoForUid(int uid, boolean ignoreBlocked) { - enforceConnectivityInternalPermission(); + NetworkStack.checkNetworkStackPermission(mContext); final NetworkState state = getUnfilteredActiveNetworkState(uid); filterNetworkStateForUid(state, uid, ignoreBlocked); return state.networkInfo; @@ -1656,8 +1656,8 @@ public class ConnectivityService extends IConnectivityManager.Stub @Override public NetworkState[] getAllNetworkState() { - // Require internal since we're handing out IMSI details - enforceConnectivityInternalPermission(); + // This contains IMSI details, so make sure the caller is privileged. + NetworkStack.checkNetworkStackPermission(mContext); final ArrayList<NetworkState> result = Lists.newArrayList(); for (Network network : getAllNetworks()) { @@ -1735,7 +1735,7 @@ public class ConnectivityService extends IConnectivityManager.Stub } enforceChangePermission(); if (mProtectedNetworks.contains(networkType)) { - enforceConnectivityInternalPermission(); + enforceConnectivityRestrictedNetworksPermission(); } InetAddress addr; @@ -2005,6 +2005,12 @@ public class ConnectivityService extends IConnectivityManager.Stub NetworkStack.PERMISSION_MAINLINE_NETWORK_STACK); } + private void enforceNetworkFactoryPermission() { + mContext.enforceCallingOrSelfPermission( + android.Manifest.permission.NETWORK_FACTORY, + "ConnectivityService"); + } + private boolean checkSettingsPermission() { return checkAnyPermissionOf( android.Manifest.permission.NETWORK_SETTINGS, @@ -2024,18 +2030,19 @@ public class ConnectivityService extends IConnectivityManager.Stub "ConnectivityService"); } - private void enforceConnectivityInternalPermission() { - enforceAnyPermissionOf( - android.Manifest.permission.CONNECTIVITY_INTERNAL, - NetworkStack.PERMISSION_MAINLINE_NETWORK_STACK); - } - private void enforceControlAlwaysOnVpnPermission() { mContext.enforceCallingOrSelfPermission( android.Manifest.permission.CONTROL_ALWAYS_ON_VPN, "ConnectivityService"); } + private void enforceNetworkStackOrSettingsPermission() { + enforceAnyPermissionOf( + android.Manifest.permission.NETWORK_SETTINGS, + android.Manifest.permission.NETWORK_STACK, + NetworkStack.PERMISSION_MAINLINE_NETWORK_STACK); + } + private void enforceNetworkStackSettingsOrSetup() { enforceAnyPermissionOf( android.Manifest.permission.NETWORK_SETTINGS, @@ -2063,7 +2070,11 @@ public class ConnectivityService extends IConnectivityManager.Stub "ConnectivityService"); return; } catch (SecurityException e) { /* fallback to ConnectivityInternalPermission */ } - enforceConnectivityInternalPermission(); + // TODO: Remove this fallback check after all apps have declared + // CONNECTIVITY_USE_RESTRICTED_NETWORKS. + mContext.enforceCallingOrSelfPermission( + android.Manifest.permission.CONNECTIVITY_INTERNAL, + "ConnectivityService"); } private void enforceKeepalivePermission() { @@ -2072,7 +2083,7 @@ public class ConnectivityService extends IConnectivityManager.Stub // Public because it's used by mLockdownTracker. public void sendConnectedBroadcast(NetworkInfo info) { - enforceConnectivityInternalPermission(); + NetworkStack.checkNetworkStackPermission(mContext); sendGeneralBroadcast(info, CONNECTIVITY_ACTION); } @@ -3589,7 +3600,7 @@ public class ConnectivityService extends IConnectivityManager.Stub @Override public void startCaptivePortalApp(Network network) { - enforceConnectivityInternalPermission(); + enforceNetworkStackOrSettingsPermission(); mHandler.post(() -> { NetworkAgentInfo nai = getNetworkAgentInfoForNetwork(network); if (nai == null) return; @@ -4080,7 +4091,7 @@ public class ConnectivityService extends IConnectivityManager.Stub @Override public String[] getTetheredDhcpRanges() { - enforceConnectivityInternalPermission(); + enforceSettingsPermission(); return mTetheringManager.getTetheredDhcpRanges(); } @@ -4304,7 +4315,7 @@ public class ConnectivityService extends IConnectivityManager.Stub @Override public void setGlobalProxy(final ProxyInfo proxyProperties) { - enforceConnectivityInternalPermission(); + NetworkStack.checkNetworkStackPermission(mContext); mProxyTracker.setGlobalProxy(proxyProperties); } @@ -4843,7 +4854,7 @@ public class ConnectivityService extends IConnectivityManager.Stub @Override public String getMobileProvisioningUrl() { - enforceConnectivityInternalPermission(); + enforceSettingsPermission(); String url = getProvisioningUrlBaseFromFile(); if (TextUtils.isEmpty(url)) { url = mContext.getResources().getString(R.string.mobile_provisioning_url); @@ -4869,7 +4880,7 @@ public class ConnectivityService extends IConnectivityManager.Stub @Override public void setProvisioningNotificationVisible(boolean visible, int networkType, String action) { - enforceConnectivityInternalPermission(); + enforceSettingsPermission(); if (!ConnectivityManager.isNetworkTypeValid(networkType)) { return; } @@ -5457,7 +5468,7 @@ public class ConnectivityService extends IConnectivityManager.Stub @Override public int registerNetworkFactory(Messenger messenger, String name) { - enforceConnectivityInternalPermission(); + enforceNetworkFactoryPermission(); NetworkFactoryInfo nfi = new NetworkFactoryInfo(name, messenger, new AsyncChannel(), NetworkFactory.SerialNumber.nextSerialNumber()); mHandler.sendMessage(mHandler.obtainMessage(EVENT_REGISTER_NETWORK_FACTORY, nfi)); @@ -5472,7 +5483,7 @@ public class ConnectivityService extends IConnectivityManager.Stub @Override public void unregisterNetworkFactory(Messenger messenger) { - enforceConnectivityInternalPermission(); + enforceNetworkFactoryPermission(); mHandler.sendMessage(mHandler.obtainMessage(EVENT_UNREGISTER_NETWORK_FACTORY, messenger)); } @@ -5571,7 +5582,7 @@ public class ConnectivityService extends IConnectivityManager.Stub public int registerNetworkAgent(Messenger messenger, NetworkInfo networkInfo, LinkProperties linkProperties, NetworkCapabilities networkCapabilities, int currentScore, NetworkMisc networkMisc, int factorySerialNumber) { - enforceConnectivityInternalPermission(); + enforceNetworkFactoryPermission(); LinkProperties lp = new LinkProperties(linkProperties); lp.ensureDirectlyConnectedRoutes(); @@ -6935,7 +6946,7 @@ public class ConnectivityService extends IConnectivityManager.Stub @Override public String getCaptivePortalServerUrl() { - enforceConnectivityInternalPermission(); + enforceNetworkStackOrSettingsPermission(); String settingUrl = mContext.getResources().getString( R.string.config_networkCaptivePortalServerUrl); @@ -6988,7 +6999,7 @@ public class ConnectivityService extends IConnectivityManager.Stub @Override public void factoryReset() { - enforceConnectivityInternalPermission(); + enforceSettingsPermission(); if (mUserManager.hasUserRestriction(UserManager.DISALLOW_NETWORK_RESET)) { return; diff --git a/services/core/java/com/android/server/NetworkManagementService.java b/services/core/java/com/android/server/NetworkManagementService.java index 9efaad848ccc..e79a2897d86a 100644 --- a/services/core/java/com/android/server/NetworkManagementService.java +++ b/services/core/java/com/android/server/NetworkManagementService.java @@ -16,9 +16,8 @@ package com.android.server; -import static android.Manifest.permission.CONNECTIVITY_INTERNAL; import static android.Manifest.permission.NETWORK_SETTINGS; -import static android.Manifest.permission.NETWORK_STACK; +import static android.Manifest.permission.OBSERVE_NETWORK_POLICY; import static android.Manifest.permission.SHUTDOWN; import static android.net.INetd.FIREWALL_BLACKLIST; import static android.net.INetd.FIREWALL_CHAIN_DOZABLE; @@ -54,6 +53,7 @@ import android.net.IpPrefix; import android.net.LinkAddress; import android.net.Network; import android.net.NetworkPolicyManager; +import android.net.NetworkStack; import android.net.NetworkStats; import android.net.NetworkUtils; import android.net.RouteInfo; @@ -312,13 +312,13 @@ public class NetworkManagementService extends INetworkManagementService.Stub { @Override public void registerObserver(INetworkManagementEventObserver observer) { - mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); + NetworkStack.checkNetworkStackPermission(mContext); mObservers.register(observer); } @Override public void unregisterObserver(INetworkManagementEventObserver observer) { - mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); + NetworkStack.checkNetworkStackPermission(mContext); mObservers.unregister(observer); } @@ -453,7 +453,7 @@ public class NetworkManagementService extends INetworkManagementService.Stub { @Override public void registerTetheringStatsProvider(ITetheringStatsProvider provider, String name) { - mContext.enforceCallingOrSelfPermission(NETWORK_STACK, TAG); + NetworkStack.checkNetworkStackPermission(mContext); Preconditions.checkNotNull(provider); synchronized(mTetheringStatsProviders) { mTetheringStatsProviders.put(provider, name); @@ -462,7 +462,7 @@ public class NetworkManagementService extends INetworkManagementService.Stub { @Override public void unregisterTetheringStatsProvider(ITetheringStatsProvider provider) { - mContext.enforceCallingOrSelfPermission(NETWORK_STACK, TAG); + NetworkStack.checkNetworkStackPermission(mContext); synchronized(mTetheringStatsProviders) { mTetheringStatsProviders.remove(provider); } @@ -470,7 +470,7 @@ public class NetworkManagementService extends INetworkManagementService.Stub { @Override public void tetherLimitReached(ITetheringStatsProvider provider) { - mContext.enforceCallingOrSelfPermission(NETWORK_STACK, TAG); + NetworkStack.checkNetworkStackPermission(mContext); synchronized(mTetheringStatsProviders) { if (!mTetheringStatsProviders.containsKey(provider)) { return; @@ -737,7 +737,7 @@ public class NetworkManagementService extends INetworkManagementService.Stub { // @Override public String[] listInterfaces() { - mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); + NetworkStack.checkNetworkStackPermission(mContext); try { return mNetdService.interfaceGetList(); } catch (RemoteException | ServiceSpecificException e) { @@ -787,7 +787,7 @@ public class NetworkManagementService extends INetworkManagementService.Stub { @Override public InterfaceConfiguration getInterfaceConfig(String iface) { - mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); + NetworkStack.checkNetworkStackPermission(mContext); final InterfaceConfigurationParcel result; try { result = mNetdService.interfaceGetCfg(iface); @@ -805,7 +805,7 @@ public class NetworkManagementService extends INetworkManagementService.Stub { @Override public void setInterfaceConfig(String iface, InterfaceConfiguration cfg) { - mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); + NetworkStack.checkNetworkStackPermission(mContext); LinkAddress linkAddr = cfg.getLinkAddress(); if (linkAddr == null || linkAddr.getAddress() == null) { throw new IllegalStateException("Null LinkAddress given"); @@ -822,7 +822,7 @@ public class NetworkManagementService extends INetworkManagementService.Stub { @Override public void setInterfaceDown(String iface) { - mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); + NetworkStack.checkNetworkStackPermission(mContext); final InterfaceConfiguration ifcg = getInterfaceConfig(iface); ifcg.setInterfaceDown(); setInterfaceConfig(iface, ifcg); @@ -830,7 +830,7 @@ public class NetworkManagementService extends INetworkManagementService.Stub { @Override public void setInterfaceUp(String iface) { - mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); + NetworkStack.checkNetworkStackPermission(mContext); final InterfaceConfiguration ifcg = getInterfaceConfig(iface); ifcg.setInterfaceUp(); setInterfaceConfig(iface, ifcg); @@ -838,7 +838,7 @@ public class NetworkManagementService extends INetworkManagementService.Stub { @Override public void setInterfaceIpv6PrivacyExtensions(String iface, boolean enable) { - mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); + NetworkStack.checkNetworkStackPermission(mContext); try { mNetdService.interfaceSetIPv6PrivacyExtensions(iface, enable); } catch (RemoteException | ServiceSpecificException e) { @@ -850,7 +850,7 @@ public class NetworkManagementService extends INetworkManagementService.Stub { IPv6 addresses on interface down, but we need to do full clean up here */ @Override public void clearInterfaceAddresses(String iface) { - mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); + NetworkStack.checkNetworkStackPermission(mContext); try { mNetdService.interfaceClearAddrs(iface); } catch (RemoteException | ServiceSpecificException e) { @@ -860,7 +860,7 @@ public class NetworkManagementService extends INetworkManagementService.Stub { @Override public void enableIpv6(String iface) { - mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); + NetworkStack.checkNetworkStackPermission(mContext); try { mNetdService.interfaceSetEnableIPv6(iface, true); } catch (RemoteException | ServiceSpecificException e) { @@ -879,7 +879,7 @@ public class NetworkManagementService extends INetworkManagementService.Stub { @Override public void disableIpv6(String iface) { - mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); + NetworkStack.checkNetworkStackPermission(mContext); try { mNetdService.interfaceSetEnableIPv6(iface, false); } catch (RemoteException | ServiceSpecificException e) { @@ -898,7 +898,7 @@ public class NetworkManagementService extends INetworkManagementService.Stub { } private void modifyRoute(boolean add, int netId, RouteInfo route) { - mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); + NetworkStack.checkNetworkStackPermission(mContext); final String ifName = route.getInterface(); final String dst = route.getDestination().toString(); @@ -963,7 +963,7 @@ public class NetworkManagementService extends INetworkManagementService.Stub { @Override public void setMtu(String iface, int mtu) { - mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); + NetworkStack.checkNetworkStackPermission(mContext); try { mNetdService.interfaceSetMtu(iface, mtu); @@ -982,7 +982,7 @@ public class NetworkManagementService extends INetworkManagementService.Stub { @Override public boolean getIpForwardingEnabled() throws IllegalStateException{ - mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); + NetworkStack.checkNetworkStackPermission(mContext); try { final boolean isEnabled = mNetdService.ipfwdEnabled(); @@ -994,7 +994,7 @@ public class NetworkManagementService extends INetworkManagementService.Stub { @Override public void setIpForwardingEnabled(boolean enable) { - mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); + NetworkStack.checkNetworkStackPermission(mContext); try { if (enable) { mNetdService.ipfwdEnableForwarding("tethering"); @@ -1013,7 +1013,7 @@ public class NetworkManagementService extends INetworkManagementService.Stub { @Override public void startTetheringWithConfiguration(boolean usingLegacyDnsProxy, String[] dhcpRange) { - mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); + NetworkStack.checkNetworkStackPermission(mContext); // an odd number of addrs will fail try { mNetdService.tetherStartWithConfiguration(usingLegacyDnsProxy, dhcpRange); @@ -1024,7 +1024,7 @@ public class NetworkManagementService extends INetworkManagementService.Stub { @Override public void stopTethering() { - mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); + NetworkStack.checkNetworkStackPermission(mContext); try { mNetdService.tetherStop(); } catch (RemoteException | ServiceSpecificException e) { @@ -1034,7 +1034,7 @@ public class NetworkManagementService extends INetworkManagementService.Stub { @Override public boolean isTetheringStarted() { - mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); + NetworkStack.checkNetworkStackPermission(mContext); try { final boolean isEnabled = mNetdService.tetherIsEnabled(); @@ -1046,7 +1046,7 @@ public class NetworkManagementService extends INetworkManagementService.Stub { @Override public void tetherInterface(String iface) { - mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); + NetworkStack.checkNetworkStackPermission(mContext); try { mNetdService.tetherInterfaceAdd(iface); } catch (RemoteException | ServiceSpecificException e) { @@ -1061,7 +1061,7 @@ public class NetworkManagementService extends INetworkManagementService.Stub { @Override public void untetherInterface(String iface) { - mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); + NetworkStack.checkNetworkStackPermission(mContext); try { mNetdService.tetherInterfaceRemove(iface); } catch (RemoteException | ServiceSpecificException e) { @@ -1073,7 +1073,7 @@ public class NetworkManagementService extends INetworkManagementService.Stub { @Override public String[] listTetheredInterfaces() { - mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); + NetworkStack.checkNetworkStackPermission(mContext); try { return mNetdService.tetherInterfaceList(); } catch (RemoteException | ServiceSpecificException e) { @@ -1083,7 +1083,7 @@ public class NetworkManagementService extends INetworkManagementService.Stub { @Override public void setDnsForwarders(Network network, String[] dns) { - mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); + NetworkStack.checkNetworkStackPermission(mContext); int netId = (network != null) ? network.netId : ConnectivityManager.NETID_UNSET; @@ -1096,7 +1096,7 @@ public class NetworkManagementService extends INetworkManagementService.Stub { @Override public String[] getDnsForwarders() { - mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); + NetworkStack.checkNetworkStackPermission(mContext); try { return mNetdService.tetherDnsList(); } catch (RemoteException | ServiceSpecificException e) { @@ -1127,19 +1127,19 @@ public class NetworkManagementService extends INetworkManagementService.Stub { @Override public void startInterfaceForwarding(String fromIface, String toIface) { - mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); + NetworkStack.checkNetworkStackPermission(mContext); modifyInterfaceForward(true, fromIface, toIface); } @Override public void stopInterfaceForwarding(String fromIface, String toIface) { - mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); + NetworkStack.checkNetworkStackPermission(mContext); modifyInterfaceForward(false, fromIface, toIface); } @Override public void enableNat(String internalInterface, String externalInterface) { - mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); + NetworkStack.checkNetworkStackPermission(mContext); try { mNetdService.tetherAddForward(internalInterface, externalInterface); } catch (RemoteException | ServiceSpecificException e) { @@ -1149,7 +1149,7 @@ public class NetworkManagementService extends INetworkManagementService.Stub { @Override public void disableNat(String internalInterface, String externalInterface) { - mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); + NetworkStack.checkNetworkStackPermission(mContext); try { mNetdService.tetherRemoveForward(internalInterface, externalInterface); } catch (RemoteException | ServiceSpecificException e) { @@ -1159,7 +1159,7 @@ public class NetworkManagementService extends INetworkManagementService.Stub { @Override public void addIdleTimer(String iface, int timeout, final int type) { - mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); + NetworkStack.checkNetworkStackPermission(mContext); if (DBG) Slog.d(TAG, "Adding idletimer"); @@ -1189,7 +1189,7 @@ public class NetworkManagementService extends INetworkManagementService.Stub { @Override public void removeIdleTimer(String iface) { - mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); + NetworkStack.checkNetworkStackPermission(mContext); if (DBG) Slog.d(TAG, "Removing idletimer"); @@ -1213,7 +1213,7 @@ public class NetworkManagementService extends INetworkManagementService.Stub { @Override public void setInterfaceQuota(String iface, long quotaBytes) { - mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); + NetworkStack.checkNetworkStackPermission(mContext); synchronized (mQuotaLock) { if (mActiveQuotas.containsKey(iface)) { @@ -1244,7 +1244,7 @@ public class NetworkManagementService extends INetworkManagementService.Stub { @Override public void removeInterfaceQuota(String iface) { - mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); + NetworkStack.checkNetworkStackPermission(mContext); synchronized (mQuotaLock) { if (!mActiveQuotas.containsKey(iface)) { @@ -1277,7 +1277,7 @@ public class NetworkManagementService extends INetworkManagementService.Stub { @Override public void setInterfaceAlert(String iface, long alertBytes) { - mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); + NetworkStack.checkNetworkStackPermission(mContext); // quick sanity check if (!mActiveQuotas.containsKey(iface)) { @@ -1301,7 +1301,7 @@ public class NetworkManagementService extends INetworkManagementService.Stub { @Override public void removeInterfaceAlert(String iface) { - mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); + NetworkStack.checkNetworkStackPermission(mContext); synchronized (mQuotaLock) { if (!mActiveAlerts.containsKey(iface)) { @@ -1321,7 +1321,7 @@ public class NetworkManagementService extends INetworkManagementService.Stub { @Override public void setGlobalAlert(long alertBytes) { - mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); + NetworkStack.checkNetworkStackPermission(mContext); try { mNetdService.bandwidthSetGlobalAlert(alertBytes); @@ -1331,7 +1331,7 @@ public class NetworkManagementService extends INetworkManagementService.Stub { } private void setUidOnMeteredNetworkList(int uid, boolean blacklist, boolean enable) { - mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); + NetworkStack.checkNetworkStackPermission(mContext); synchronized (mQuotaLock) { boolean oldEnable; @@ -1431,7 +1431,7 @@ public class NetworkManagementService extends INetworkManagementService.Stub { @Override public void setAllowOnlyVpnForUids(boolean add, UidRange[] uidRanges) throws ServiceSpecificException { - mContext.enforceCallingOrSelfPermission(NETWORK_STACK, TAG); + NetworkStack.checkNetworkStackPermission(mContext); try { mNetdService.networkRejectNonSecureVpn(add, toStableParcels(uidRanges)); } catch (ServiceSpecificException e) { @@ -1472,7 +1472,7 @@ public class NetworkManagementService extends INetworkManagementService.Stub { @Override public void setUidCleartextNetworkPolicy(int uid, int policy) { if (Binder.getCallingUid() != uid) { - mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); + NetworkStack.checkNetworkStackPermission(mContext); } synchronized (mQuotaLock) { @@ -1506,7 +1506,6 @@ public class NetworkManagementService extends INetworkManagementService.Stub { @Override public boolean isBandwidthControlEnabled() { - mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); return true; } @@ -1557,7 +1556,7 @@ public class NetworkManagementService extends INetworkManagementService.Stub { @Override public NetworkStats getNetworkStatsTethering(int how) { - mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); + NetworkStack.checkNetworkStackPermission(mContext); final NetworkStats stats = new NetworkStats(SystemClock.elapsedRealtime(), 1); synchronized (mTetheringStatsProviders) { @@ -1575,7 +1574,7 @@ public class NetworkManagementService extends INetworkManagementService.Stub { @Override public void addVpnUidRanges(int netId, UidRange[] ranges) { - mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); + NetworkStack.checkNetworkStackPermission(mContext); try { mNetdService.networkAddUidRanges(netId, toStableParcels(ranges)); @@ -1586,7 +1585,7 @@ public class NetworkManagementService extends INetworkManagementService.Stub { @Override public void removeVpnUidRanges(int netId, UidRange[] ranges) { - mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); + NetworkStack.checkNetworkStackPermission(mContext); try { mNetdService.networkRemoveUidRanges(netId, toStableParcels(ranges)); } catch (RemoteException | ServiceSpecificException e) { @@ -2020,7 +2019,7 @@ public class NetworkManagementService extends INetworkManagementService.Stub { } private void modifyInterfaceInNetwork(boolean add, int netId, String iface) { - mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); + NetworkStack.checkNetworkStackPermission(mContext); try { if (add) { mNetdService.networkAddInterface(netId, iface); @@ -2034,7 +2033,7 @@ public class NetworkManagementService extends INetworkManagementService.Stub { @Override public void addLegacyRouteForNetId(int netId, RouteInfo routeInfo, int uid) { - mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); + NetworkStack.checkNetworkStackPermission(mContext); final LinkAddress la = routeInfo.getDestinationLinkAddress(); final String ifName = routeInfo.getInterface(); @@ -2055,7 +2054,7 @@ public class NetworkManagementService extends INetworkManagementService.Stub { @Override public void setDefaultNetId(int netId) { - mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); + NetworkStack.checkNetworkStackPermission(mContext); try { mNetdService.networkSetDefault(netId); @@ -2066,7 +2065,7 @@ public class NetworkManagementService extends INetworkManagementService.Stub { @Override public void clearDefaultNetId() { - mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); + NetworkStack.checkNetworkStackPermission(mContext); try { mNetdService.networkClearDefault(); @@ -2077,7 +2076,7 @@ public class NetworkManagementService extends INetworkManagementService.Stub { @Override public void setNetworkPermission(int netId, int permission) { - mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); + NetworkStack.checkNetworkStackPermission(mContext); try { mNetdService.networkSetPermissionForNetwork(netId, permission); @@ -2088,7 +2087,7 @@ public class NetworkManagementService extends INetworkManagementService.Stub { @Override public void allowProtect(int uid) { - mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); + NetworkStack.checkNetworkStackPermission(mContext); try { mNetdService.networkSetProtectAllow(uid); @@ -2099,7 +2098,7 @@ public class NetworkManagementService extends INetworkManagementService.Stub { @Override public void denyProtect(int uid) { - mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); + NetworkStack.checkNetworkStackPermission(mContext); try { mNetdService.networkSetProtectDeny(uid); @@ -2145,7 +2144,7 @@ public class NetworkManagementService extends INetworkManagementService.Stub { @Override public boolean isNetworkRestricted(int uid) { - mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); + mContext.enforceCallingOrSelfPermission(OBSERVE_NETWORK_POLICY, TAG); return isNetworkRestrictedInternal(uid); } diff --git a/services/core/java/com/android/server/NsdService.java b/services/core/java/com/android/server/NsdService.java index 3efef017d24f..b9b7bf73c1e6 100644 --- a/services/core/java/com/android/server/NsdService.java +++ b/services/core/java/com/android/server/NsdService.java @@ -16,19 +16,18 @@ package com.android.server; -import android.content.Context; import android.content.ContentResolver; +import android.content.Context; import android.content.Intent; -import android.content.pm.PackageManager; import android.database.ContentObserver; +import android.net.NetworkStack; import android.net.Uri; -import android.net.nsd.NsdServiceInfo; import android.net.nsd.DnsSdTxtRecord; import android.net.nsd.INsdManager; import android.net.nsd.NsdManager; -import android.os.Binder; -import android.os.HandlerThread; +import android.net.nsd.NsdServiceInfo; import android.os.Handler; +import android.os.HandlerThread; import android.os.Message; import android.os.Messenger; import android.os.UserHandle; @@ -38,6 +37,12 @@ import android.util.Slog; import android.util.SparseArray; import android.util.SparseIntArray; +import com.android.internal.annotations.VisibleForTesting; +import com.android.internal.util.AsyncChannel; +import com.android.internal.util.DumpUtils; +import com.android.internal.util.State; +import com.android.internal.util.StateMachine; + import java.io.FileDescriptor; import java.io.PrintWriter; import java.net.InetAddress; @@ -45,13 +50,6 @@ import java.util.Arrays; import java.util.HashMap; import java.util.concurrent.CountDownLatch; -import com.android.internal.annotations.VisibleForTesting; -import com.android.internal.util.AsyncChannel; -import com.android.internal.util.DumpUtils; -import com.android.internal.util.Protocol; -import com.android.internal.util.State; -import com.android.internal.util.StateMachine; - /** * Network Service Discovery Service handles remote service discovery operation requests by * implementing the INsdManager interface. @@ -565,8 +563,7 @@ public class NsdService extends INsdManager.Stub { } public void setEnabled(boolean isEnabled) { - mContext.enforceCallingOrSelfPermission(android.Manifest.permission.CONNECTIVITY_INTERNAL, - "NsdService"); + NetworkStack.checkNetworkStackPermission(mContext); mNsdSettings.putEnabledStatus(isEnabled); notifyEnabled(isEnabled); } diff --git a/services/core/java/com/android/server/connectivity/IpConnectivityMetrics.java b/services/core/java/com/android/server/connectivity/IpConnectivityMetrics.java index 79b56c6027f8..33f6ed597204 100644 --- a/services/core/java/com/android/server/connectivity/IpConnectivityMetrics.java +++ b/services/core/java/com/android/server/connectivity/IpConnectivityMetrics.java @@ -20,6 +20,7 @@ import android.content.Context; import android.net.ConnectivityMetricsEvent; import android.net.IIpConnectivityMetrics; import android.net.INetdEventCallback; +import android.net.NetworkStack; import android.net.metrics.ApfProgramEvent; import android.net.metrics.IpConnectivityLog; import android.os.Binder; @@ -276,7 +277,7 @@ final public class IpConnectivityMetrics extends SystemService { @Override public int logEvent(ConnectivityMetricsEvent event) { - enforceConnectivityInternalPermission(); + NetworkStack.checkNetworkStackPermission(getContext()); return append(event); } @@ -299,10 +300,6 @@ final public class IpConnectivityMetrics extends SystemService { } } - private void enforceConnectivityInternalPermission() { - enforcePermission(android.Manifest.permission.CONNECTIVITY_INTERNAL); - } - private void enforceDumpPermission() { enforcePermission(android.Manifest.permission.DUMP); } diff --git a/services/core/java/com/android/server/connectivity/PermissionMonitor.java b/services/core/java/com/android/server/connectivity/PermissionMonitor.java index 56f4959a9714..f0b7150dd84f 100644 --- a/services/core/java/com/android/server/connectivity/PermissionMonitor.java +++ b/services/core/java/com/android/server/connectivity/PermissionMonitor.java @@ -17,7 +17,6 @@ package com.android.server.connectivity; import static android.Manifest.permission.CHANGE_NETWORK_STATE; -import static android.Manifest.permission.CONNECTIVITY_INTERNAL; import static android.Manifest.permission.CONNECTIVITY_USE_RESTRICTED_NETWORKS; import static android.Manifest.permission.INTERNET; import static android.Manifest.permission.NETWORK_STACK; @@ -25,6 +24,7 @@ import static android.Manifest.permission.UPDATE_DEVICE_STATS; import static android.content.pm.PackageInfo.REQUESTED_PERMISSION_GRANTED; import static android.content.pm.PackageManager.GET_PERMISSIONS; import static android.content.pm.PackageManager.MATCH_ANY_USER; +import static android.net.NetworkStack.PERMISSION_MAINLINE_NETWORK_STACK; import static android.os.Process.INVALID_UID; import static android.os.Process.SYSTEM_UID; @@ -259,7 +259,8 @@ public class PermissionMonitor { return true; } } - return hasPermission(app, CONNECTIVITY_INTERNAL) + + return hasPermission(app, PERMISSION_MAINLINE_NETWORK_STACK) || hasPermission(app, NETWORK_STACK) || hasPermission(app, CONNECTIVITY_USE_RESTRICTED_NETWORKS); } diff --git a/services/core/java/com/android/server/net/LockdownVpnTracker.java b/services/core/java/com/android/server/net/LockdownVpnTracker.java index 77fbe41ebb88..4cb41da026c7 100644 --- a/services/core/java/com/android/server/net/LockdownVpnTracker.java +++ b/services/core/java/com/android/server/net/LockdownVpnTracker.java @@ -16,7 +16,7 @@ package com.android.server.net; -import static android.Manifest.permission.CONNECTIVITY_INTERNAL; +import static android.Manifest.permission.NETWORK_STACK; import static android.provider.Settings.ACTION_VPN_SETTINGS; import android.annotation.NonNull; @@ -202,8 +202,7 @@ public class LockdownVpnTracker { mVpn.setLockdown(true); final IntentFilter resetFilter = new IntentFilter(ACTION_LOCKDOWN_RESET); - mContext.registerReceiver(mResetReceiver, resetFilter, CONNECTIVITY_INTERNAL, mHandler); - + mContext.registerReceiver(mResetReceiver, resetFilter, NETWORK_STACK, mHandler); handleStateChangedLocked(); } diff --git a/services/core/java/com/android/server/net/NetworkPolicyManagerService.java b/services/core/java/com/android/server/net/NetworkPolicyManagerService.java index 32d4b726f011..dfdc2c13dcb7 100644 --- a/services/core/java/com/android/server/net/NetworkPolicyManagerService.java +++ b/services/core/java/com/android/server/net/NetworkPolicyManagerService.java @@ -20,6 +20,9 @@ import static android.Manifest.permission.ACCESS_NETWORK_STATE; import static android.Manifest.permission.CONNECTIVITY_INTERNAL; import static android.Manifest.permission.MANAGE_NETWORK_POLICY; import static android.Manifest.permission.MANAGE_SUBSCRIPTION_PLANS; +import static android.Manifest.permission.NETWORK_SETTINGS; +import static android.Manifest.permission.NETWORK_STACK; +import static android.Manifest.permission.OBSERVE_NETWORK_POLICY; import static android.Manifest.permission.READ_NETWORK_USAGE_HISTORY; import static android.Manifest.permission.READ_PHONE_STATE; import static android.Manifest.permission.READ_PRIVILEGED_PHONE_STATE; @@ -33,6 +36,7 @@ import static android.content.pm.PackageManager.MATCH_DIRECT_BOOT_AWARE; import static android.content.pm.PackageManager.MATCH_DIRECT_BOOT_UNAWARE; import static android.content.pm.PackageManager.MATCH_DISABLED_COMPONENTS; import static android.content.pm.PackageManager.MATCH_UNINSTALLED_PACKAGES; +import static android.content.pm.PackageManager.PERMISSION_GRANTED; import static android.net.ConnectivityManager.CONNECTIVITY_ACTION; import static android.net.ConnectivityManager.RESTRICT_BACKGROUND_STATUS_DISABLED; import static android.net.ConnectivityManager.RESTRICT_BACKGROUND_STATUS_ENABLED; @@ -153,6 +157,7 @@ import android.net.NetworkPolicyManager; import android.net.NetworkQuotaInfo; import android.net.NetworkRequest; import android.net.NetworkSpecifier; +import android.net.NetworkStack; import android.net.NetworkState; import android.net.NetworkStats; import android.net.NetworkTemplate; @@ -825,7 +830,7 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub { // watch for network interfaces to be claimed final IntentFilter connFilter = new IntentFilter(CONNECTIVITY_ACTION); - mContext.registerReceiver(mConnReceiver, connFilter, CONNECTIVITY_INTERNAL, mHandler); + mContext.registerReceiver(mConnReceiver, connFilter, NETWORK_STACK, mHandler); // listen for package changes to update policy final IntentFilter packageFilter = new IntentFilter(); @@ -1128,7 +1133,7 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub { @Override public void limitReached(String limitName, String iface) { // only someone like NMS should be calling us - mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); + NetworkStack.checkNetworkStackPermission(mContext); if (!LIMIT_GLOBAL_ALERT.equals(limitName)) { mHandler.obtainMessage(MSG_LIMIT_REACHED, iface).sendToTarget(); @@ -1483,7 +1488,7 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub { private BroadcastReceiver mConnReceiver = new BroadcastReceiver() { @Override public void onReceive(Context context, Intent intent) { - // on background handler thread, and verified CONNECTIVITY_INTERNAL + // on background handler thread, and verified NETWORK_STACK // permission above. updateNetworksInternal(); } @@ -2721,17 +2726,35 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub { return changed; } + private boolean checkAnyPermissionOf(String... permissions) { + for (String permission : permissions) { + if (mContext.checkCallingOrSelfPermission(permission) == PERMISSION_GRANTED) { + return true; + } + } + return false; + } + + private void enforceAnyPermissionOf(String... permissions) { + if (!checkAnyPermissionOf(permissions)) { + throw new SecurityException("Requires one of the following permissions: " + + String.join(", ", permissions) + "."); + } + } + @Override public void registerListener(INetworkPolicyListener listener) { - // TODO: create permission for observing network policy - mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); + // TODO: Remove CONNECTIVITY_INTERNAL and the *AnyPermissionOf methods above after all apps + // have declared OBSERVE_NETWORK_POLICY. + enforceAnyPermissionOf(CONNECTIVITY_INTERNAL, OBSERVE_NETWORK_POLICY); mListeners.register(listener); } @Override public void unregisterListener(INetworkPolicyListener listener) { - // TODO: create permission for observing network policy - mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); + // TODO: Remove CONNECTIVITY_INTERNAL and the *AnyPermissionOf methods above after all apps + // have declared OBSERVE_NETWORK_POLICY. + enforceAnyPermissionOf(CONNECTIVITY_INTERNAL, OBSERVE_NETWORK_POLICY); mListeners.unregister(listener); } @@ -4965,7 +4988,7 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub { @Override public void factoryReset(String subscriber) { - mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); + mContext.enforceCallingOrSelfPermission(NETWORK_SETTINGS, TAG); if (mUserManager.hasUserRestriction(UserManager.DISALLOW_NETWORK_RESET)) { return; @@ -4998,7 +5021,7 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub { public boolean isUidNetworkingBlocked(int uid, boolean isNetworkMetered) { final long startTime = mStatLogger.getTime(); - mContext.enforceCallingOrSelfPermission(MANAGE_NETWORK_POLICY, TAG); + mContext.enforceCallingOrSelfPermission(OBSERVE_NETWORK_POLICY, TAG); final int uidRules; final boolean isBackgroundRestricted; synchronized (mUidRulesFirstLock) { diff --git a/services/core/java/com/android/server/net/NetworkStatsService.java b/services/core/java/com/android/server/net/NetworkStatsService.java index e473c96980b6..16424f2fef76 100644 --- a/services/core/java/com/android/server/net/NetworkStatsService.java +++ b/services/core/java/com/android/server/net/NetworkStatsService.java @@ -17,7 +17,6 @@ package com.android.server.net; import static android.Manifest.permission.ACCESS_NETWORK_STATE; -import static android.Manifest.permission.CONNECTIVITY_INTERNAL; import static android.Manifest.permission.READ_NETWORK_USAGE_HISTORY; import static android.content.Intent.ACTION_SHUTDOWN; import static android.content.Intent.ACTION_UID_REMOVED; @@ -91,6 +90,7 @@ import android.net.Network; import android.net.NetworkCapabilities; import android.net.NetworkIdentity; import android.net.NetworkInfo; +import android.net.NetworkStack; import android.net.NetworkState; import android.net.NetworkStats; import android.net.NetworkStats.NonMonotonicObserver; @@ -1020,8 +1020,6 @@ public class NetworkStatsService extends INetworkStatsService.Stub { private BroadcastReceiver mTetherReceiver = new BroadcastReceiver() { @Override public void onReceive(Context context, Intent intent) { - // on background handler thread, and verified CONNECTIVITY_INTERNAL - // permission above. performPoll(FLAG_PERSIST_NETWORK); } }; @@ -1095,7 +1093,7 @@ public class NetworkStatsService extends INetworkStatsService.Stub { @Override public void limitReached(String limitName, String iface) { // only someone like NMS should be calling us - mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); + NetworkStack.checkNetworkStackPermission(mContext); if (LIMIT_GLOBAL_ALERT.equals(limitName)) { // kick off background poll to collect network stats unless there is already diff --git a/services/tests/servicestests/AndroidManifest.xml b/services/tests/servicestests/AndroidManifest.xml index c1bbb307c9f5..fb42507f87c2 100644 --- a/services/tests/servicestests/AndroidManifest.xml +++ b/services/tests/servicestests/AndroidManifest.xml @@ -34,7 +34,7 @@ <uses-permission android:name="android.permission.REORDER_TASKS" /> <uses-permission android:name="android.permission.MANAGE_NETWORK_POLICY" /> <uses-permission android:name="android.permission.READ_NETWORK_USAGE_HISTORY" /> - <uses-permission android:name="android.permission.CONNECTIVITY_INTERNAL" /> + <uses-permission android:name="android.permission.OBSERVE_NETWORK_POLICY" /> <uses-permission android:name="android.permission.ACCESS_WIFI_STATE" /> <uses-permission android:name="android.permission.MANAGE_USERS" /> <uses-permission android:name="android.permission.INTERACT_ACROSS_USERS_FULL" /> diff --git a/services/tests/servicestests/test-apps/ConnTestApp/AndroidManifest.xml b/services/tests/servicestests/test-apps/ConnTestApp/AndroidManifest.xml index 909e9bb7bcd9..201cd05052ea 100644 --- a/services/tests/servicestests/test-apps/ConnTestApp/AndroidManifest.xml +++ b/services/tests/servicestests/test-apps/ConnTestApp/AndroidManifest.xml @@ -18,8 +18,7 @@ package="com.android.servicestests.apps.conntestapp"> <uses-permission android:name="android.permission.INTERNET" /> - <uses-permission android:name="android.permission.MANAGE_NETWORK_POLICY" /> - <uses-permission android:name="android.permission.CONNECTIVITY_INTERNAL" /> + <uses-permission android:name="android.permission.OBSERVE_NETWORK_POLICY" /> <application> <activity android:name=".ConnTestActivity" diff --git a/tests/net/AndroidManifest.xml b/tests/net/AndroidManifest.xml index dcacb6dd7b10..638b6d1d7b5a 100644 --- a/tests/net/AndroidManifest.xml +++ b/tests/net/AndroidManifest.xml @@ -32,7 +32,7 @@ <uses-permission android:name="android.permission.GET_DETAILED_TASKS" /> <uses-permission android:name="android.permission.MANAGE_NETWORK_POLICY" /> <uses-permission android:name="android.permission.READ_NETWORK_USAGE_HISTORY" /> - <uses-permission android:name="android.permission.CONNECTIVITY_INTERNAL" /> + <uses-permission android:name="android.permission.CONNECTIVITY_USE_RESTRICTED_NETWORKS" /> <uses-permission android:name="android.permission.ACCESS_WIFI_STATE" /> <uses-permission android:name="android.permission.MANAGE_USERS" /> <uses-permission android:name="android.permission.INTERACT_ACROSS_USERS_FULL" /> @@ -45,6 +45,8 @@ <uses-permission android:name="android.permission.MANAGE_ACTIVITY_STACKS" /> <uses-permission android:name="android.permission.INSTALL_PACKAGES" /> <uses-permission android:name="android.permission.NETWORK_STACK" /> + <uses-permission android:name="android.permission.OBSERVE_NETWORK_POLICY" /> + <uses-permission android:name="android.permission.NETWORK_FACTORY" /> <application> <uses-library android:name="android.test.runner" /> diff --git a/tests/net/java/com/android/server/connectivity/PermissionMonitorTest.java b/tests/net/java/com/android/server/connectivity/PermissionMonitorTest.java index 2738daaa53a8..39f849c340f7 100644 --- a/tests/net/java/com/android/server/connectivity/PermissionMonitorTest.java +++ b/tests/net/java/com/android/server/connectivity/PermissionMonitorTest.java @@ -265,6 +265,8 @@ public class PermissionMonitorTest { assertFalse(mPermissionMonitor.hasNetworkPermission(app)); app = systemPackageInfoWithPermissions(CONNECTIVITY_USE_RESTRICTED_NETWORKS); assertFalse(mPermissionMonitor.hasNetworkPermission(app)); + app = systemPackageInfoWithPermissions(CONNECTIVITY_INTERNAL); + assertFalse(mPermissionMonitor.hasNetworkPermission(app)); } @Test @@ -274,7 +276,7 @@ public class PermissionMonitorTest { PARTITION_SYSTEM, VERSION_P, MOCK_UID1, CHANGE_NETWORK_STATE)); assertTrue(hasRestrictedNetworkPermission( PARTITION_SYSTEM, VERSION_P, MOCK_UID1, NETWORK_STACK)); - assertTrue(hasRestrictedNetworkPermission( + assertFalse(hasRestrictedNetworkPermission( PARTITION_SYSTEM, VERSION_P, MOCK_UID1, CONNECTIVITY_INTERNAL)); assertTrue(hasRestrictedNetworkPermission( PARTITION_SYSTEM, VERSION_P, MOCK_UID1, CONNECTIVITY_USE_RESTRICTED_NETWORKS)); @@ -283,7 +285,7 @@ public class PermissionMonitorTest { assertFalse(hasRestrictedNetworkPermission(PARTITION_SYSTEM, VERSION_Q, MOCK_UID1)); assertFalse(hasRestrictedNetworkPermission( - PARTITION_SYSTEM, VERSION_Q, MOCK_UID1, CHANGE_WIFI_STATE)); + PARTITION_SYSTEM, VERSION_Q, MOCK_UID1, CONNECTIVITY_INTERNAL)); } @Test @@ -291,14 +293,14 @@ public class PermissionMonitorTest { doReturn(VERSION_P).when(mPermissionMonitor).getDeviceFirstSdkInt(); assertTrue(hasRestrictedNetworkPermission(PARTITION_SYSTEM, VERSION_P, SYSTEM_UID)); assertTrue(hasRestrictedNetworkPermission( - PARTITION_SYSTEM, VERSION_P, SYSTEM_UID, CHANGE_WIFI_STATE)); + PARTITION_SYSTEM, VERSION_P, SYSTEM_UID, CONNECTIVITY_INTERNAL)); assertTrue(hasRestrictedNetworkPermission( PARTITION_SYSTEM, VERSION_P, SYSTEM_UID, CONNECTIVITY_USE_RESTRICTED_NETWORKS)); doReturn(VERSION_Q).when(mPermissionMonitor).getDeviceFirstSdkInt(); assertFalse(hasRestrictedNetworkPermission(PARTITION_SYSTEM, VERSION_Q, SYSTEM_UID)); assertFalse(hasRestrictedNetworkPermission( - PARTITION_SYSTEM, VERSION_Q, SYSTEM_UID, CHANGE_WIFI_STATE)); + PARTITION_SYSTEM, VERSION_Q, SYSTEM_UID, CONNECTIVITY_INTERNAL)); assertTrue(hasRestrictedNetworkPermission( PARTITION_SYSTEM, VERSION_Q, SYSTEM_UID, CONNECTIVITY_USE_RESTRICTED_NETWORKS)); } @@ -319,7 +321,7 @@ public class PermissionMonitorTest { assertFalse(hasRestrictedNetworkPermission(PARTITION_VENDOR, VERSION_Q, MOCK_UID1)); assertFalse(hasRestrictedNetworkPermission( - PARTITION_VENDOR, VERSION_Q, MOCK_UID1, CHANGE_WIFI_STATE)); + PARTITION_VENDOR, VERSION_Q, MOCK_UID1, CONNECTIVITY_INTERNAL)); assertFalse(hasRestrictedNetworkPermission( PARTITION_VENDOR, VERSION_Q, MOCK_UID1, CHANGE_NETWORK_STATE)); } @@ -337,7 +339,7 @@ public class PermissionMonitorTest { public void testHasUseBackgroundNetworksPermission() throws Exception { assertFalse(mPermissionMonitor.hasUseBackgroundNetworksPermission(SYSTEM_UID)); assertBackgroundPermission(false, SYSTEM_PACKAGE1, SYSTEM_UID); - assertBackgroundPermission(false, SYSTEM_PACKAGE1, SYSTEM_UID, CHANGE_WIFI_STATE); + assertBackgroundPermission(false, SYSTEM_PACKAGE1, SYSTEM_UID, CONNECTIVITY_INTERNAL); assertBackgroundPermission(true, SYSTEM_PACKAGE1, SYSTEM_UID, CHANGE_NETWORK_STATE); assertBackgroundPermission(true, SYSTEM_PACKAGE1, SYSTEM_UID, NETWORK_STACK); @@ -348,8 +350,9 @@ public class PermissionMonitorTest { assertFalse(mPermissionMonitor.hasUseBackgroundNetworksPermission(MOCK_UID2)); assertBackgroundPermission(false, MOCK_PACKAGE2, MOCK_UID2); - assertBackgroundPermission(true, MOCK_PACKAGE2, MOCK_UID2, + assertBackgroundPermission(false, MOCK_PACKAGE2, MOCK_UID2, CONNECTIVITY_INTERNAL); + assertBackgroundPermission(true, MOCK_PACKAGE2, MOCK_UID2, NETWORK_STACK); } private class NetdMonitor { |