Clean up restrictions on network agent capabilities
This is a no-op change. Test: FrameworkNetTests Change-Id: I658e579bf49e1baf57a8aeaabc8d07d7d3293c56
This commit is contained in:
Chalard Jean
@@ -3348,15 +3348,8 @@ public class ConnectivityService extends IConnectivityManager.Stub
|
|||||||
|
|
||||||
switch (msg.what) {
|
switch (msg.what) {
|
||||||
case NetworkAgent.EVENT_NETWORK_CAPABILITIES_CHANGED: {
|
case NetworkAgent.EVENT_NETWORK_CAPABILITIES_CHANGED: {
|
||||||
NetworkCapabilities networkCapabilities = (NetworkCapabilities) arg.second;
|
final NetworkCapabilities networkCapabilities = new NetworkCapabilities(
|
||||||
if (networkCapabilities.hasConnectivityManagedCapability()) {
|
(NetworkCapabilities) arg.second);
|
||||||
Log.wtf(TAG, "BUG: " + nai + " has CS-managed capability.");
|
|
||||||
}
|
|
||||||
// Make sure the original object is not mutated. NetworkAgent normally
|
|
||||||
// makes a copy of the capabilities when sending the message through
|
|
||||||
// the Messenger, but if this ever changes, not making a defensive copy
|
|
||||||
// here will give attack vectors to clients using this code path.
|
|
||||||
networkCapabilities = new NetworkCapabilities(networkCapabilities);
|
|
||||||
processCapabilitiesFromAgent(nai, networkCapabilities);
|
processCapabilitiesFromAgent(nai, networkCapabilities);
|
||||||
updateCapabilities(nai.getCurrentScore(), nai, networkCapabilities);
|
updateCapabilities(nai.getCurrentScore(), nai, networkCapabilities);
|
||||||
break;
|
break;
|
||||||
@@ -6451,9 +6444,10 @@ public class ConnectivityService extends IConnectivityManager.Stub
|
|||||||
ensureRequestableCapabilities(networkCapabilities);
|
ensureRequestableCapabilities(networkCapabilities);
|
||||||
ensureSufficientPermissionsForRequest(networkCapabilities,
|
ensureSufficientPermissionsForRequest(networkCapabilities,
|
||||||
Binder.getCallingPid(), callingUid, callingPackageName);
|
Binder.getCallingPid(), callingUid, callingPackageName);
|
||||||
ensureValidNetworkSpecifier(networkCapabilities);
|
|
||||||
restrictRequestUidsForCallerAndSetRequestorInfo(networkCapabilities,
|
restrictRequestUidsForCallerAndSetRequestorInfo(networkCapabilities,
|
||||||
callingUid, callingPackageName);
|
callingUid, callingPackageName);
|
||||||
|
ensureValid(networkCapabilities);
|
||||||
|
|
||||||
NetworkRequest networkRequest = new NetworkRequest(networkCapabilities, TYPE_NONE,
|
NetworkRequest networkRequest = new NetworkRequest(networkCapabilities, TYPE_NONE,
|
||||||
nextNetworkRequestId(), NetworkRequest.Type.REQUEST);
|
nextNetworkRequestId(), NetworkRequest.Type.REQUEST);
|
||||||
NetworkRequestInfo nri = new NetworkRequestInfo(callingUid, networkRequest, operation,
|
NetworkRequestInfo nri = new NetworkRequestInfo(callingUid, networkRequest, operation,
|
||||||
@@ -7471,9 +7465,11 @@ public class ConnectivityService extends IConnectivityManager.Stub
|
|||||||
* Stores into |nai| any data coming from the agent that might also be written to the network's
|
* Stores into |nai| any data coming from the agent that might also be written to the network's
|
||||||
* NetworkCapabilities by ConnectivityService itself. This ensures that the data provided by the
|
* NetworkCapabilities by ConnectivityService itself. This ensures that the data provided by the
|
||||||
* agent is not lost when updateCapabilities is called.
|
* agent is not lost when updateCapabilities is called.
|
||||||
* This method should never alter the agent's NetworkCapabilities, only store data in |nai|.
|
|
||||||
*/
|
*/
|
||||||
private void processCapabilitiesFromAgent(NetworkAgentInfo nai, NetworkCapabilities nc) {
|
private void processCapabilitiesFromAgent(NetworkAgentInfo nai, NetworkCapabilities nc) {
|
||||||
|
if (nc.hasConnectivityManagedCapability()) {
|
||||||
|
Log.wtf(TAG, "BUG: " + nai + " has CS-managed capability.");
|
||||||
|
}
|
||||||
// Note: resetting the owner UID before storing the agent capabilities in NAI means that if
|
// Note: resetting the owner UID before storing the agent capabilities in NAI means that if
|
||||||
// the agent attempts to change the owner UID, then nai.declaredCapabilities will not
|
// the agent attempts to change the owner UID, then nai.declaredCapabilities will not
|
||||||
// actually be the same as the capabilities sent by the agent. Still, it is safer to reset
|
// actually be the same as the capabilities sent by the agent. Still, it is safer to reset
|
||||||
@@ -7484,9 +7480,7 @@ public class ConnectivityService extends IConnectivityManager.Stub
|
|||||||
nc.setOwnerUid(nai.networkCapabilities.getOwnerUid());
|
nc.setOwnerUid(nai.networkCapabilities.getOwnerUid());
|
||||||
}
|
}
|
||||||
nai.declaredCapabilities = new NetworkCapabilities(nc);
|
nai.declaredCapabilities = new NetworkCapabilities(nc);
|
||||||
if (nc.hasTransport(TRANSPORT_TEST)) {
|
NetworkAgentInfo.restrictCapabilitiesFromNetworkAgent(nc, nai.creatorUid);
|
||||||
nc.restrictCapabilitiesForTestNetwork(nai.creatorUid);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/** Modifies |newNc| based on the capabilities of |underlyingNetworks| and |agentCaps|. */
|
/** Modifies |newNc| based on the capabilities of |underlyingNetworks| and |agentCaps|. */
|
||||||
@@ -9847,7 +9841,7 @@ public class ConnectivityService extends IConnectivityManager.Stub
|
|||||||
android.Manifest.permission.NETWORK_STACK);
|
android.Manifest.permission.NETWORK_STACK);
|
||||||
final NetworkCapabilities nc = getNetworkCapabilitiesInternal(network);
|
final NetworkCapabilities nc = getNetworkCapabilitiesInternal(network);
|
||||||
if (!nc.hasTransport(TRANSPORT_TEST)) {
|
if (!nc.hasTransport(TRANSPORT_TEST)) {
|
||||||
throw new SecurityException("Data Stall simluation is only possible for test networks");
|
throw new SecurityException("Data Stall simulation is only possible for test networks");
|
||||||
}
|
}
|
||||||
|
|
||||||
final NetworkAgentInfo nai = getNetworkAgentInfoForNetwork(network);
|
final NetworkAgentInfo nai = getNetworkAgentInfoForNetwork(network);
|
||||||
|
|||||||
@@ -18,6 +18,7 @@ package com.android.server.connectivity;
|
|||||||
|
|
||||||
import static android.net.ConnectivityDiagnosticsManager.ConnectivityReport;
|
import static android.net.ConnectivityDiagnosticsManager.ConnectivityReport;
|
||||||
import static android.net.NetworkCapabilities.TRANSPORT_CELLULAR;
|
import static android.net.NetworkCapabilities.TRANSPORT_CELLULAR;
|
||||||
|
import static android.net.NetworkCapabilities.TRANSPORT_TEST;
|
||||||
import static android.net.NetworkCapabilities.transportNamesOf;
|
import static android.net.NetworkCapabilities.transportNamesOf;
|
||||||
|
|
||||||
import android.annotation.NonNull;
|
import android.annotation.NonNull;
|
||||||
@@ -1188,6 +1189,19 @@ public class NetworkAgentInfo implements Comparable<NetworkAgentInfo>, NetworkRa
|
|||||||
return mConnectivityReport;
|
return mConnectivityReport;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Make sure the NC from network agents don't contain stuff they shouldn't.
|
||||||
|
*
|
||||||
|
* @param nc the capabilities to sanitize
|
||||||
|
* @param creatorUid the UID of the process creating this network agent
|
||||||
|
*/
|
||||||
|
public static void restrictCapabilitiesFromNetworkAgent(@NonNull final NetworkCapabilities nc,
|
||||||
|
final int creatorUid) {
|
||||||
|
if (nc.hasTransport(TRANSPORT_TEST)) {
|
||||||
|
nc.restrictCapabilitiesForTestNetwork(creatorUid);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
// TODO: Print shorter members first and only print the boolean variable which value is true
|
// TODO: Print shorter members first and only print the boolean variable which value is true
|
||||||
// to improve readability.
|
// to improve readability.
|
||||||
public String toString() {
|
public String toString() {
|
||||||
|
|||||||
Reference in New Issue
Block a user